Add comment for modules which have external input.

[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / RuntimeDxe / VariableSmm.inf

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
index 01bda726d022a0f00ef241f5b5d54e4d8d31f8d6..a6343dbbbdef0f500060fa70e75bf406b809e170 100644 (file)
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
@@ -2,14 +2,19 @@
 #  Component description file for SMM Authenticated Variable module.\r
 #\r
 #  This module installs SMM variable protocol into SMM protocol database,\r
-#  which can be used by SMM driver, and installs SMM variable protocol \r
+#  which can be used by SMM driver, and installs SMM variable protocol\r
 #  into BS protocol database, which can be used to notify the SMM Runtime\r
 #  Dxe driver that the SMM variable service is ready.\r
-#  This module should be used with SMM Runtime DXE module together. The \r
-#  SMM Runtime DXE module would install variable arch protocol and variable \r
+#  This module should be used with SMM Runtime DXE module together. The\r
+#  SMM Runtime DXE module would install variable arch protocol and variable\r
 #  write arch protocol based on SMM variable module.\r
 #\r
-# Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+#  Caution: This module requires additional review when modified.\r
+#  This driver will have external input - variable data and communicate buffer in SMM mode.\r
+#  This external input must be validated carefully to avoid security issue like\r
+#  buffer overflow, integer overflow.\r
+#\r
+# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>\r
 # This program and the accompanying materials\r
 # are licensed and made available under the terms and conditions of the BSD License\r
 # which accompanies this distribution. The full text of the license may be found at\r
@@ -60,7 +65,7 @@
   DebugLib\r
   DxeServicesTableLib\r
   BaseCryptLib\r
-  PlatformSecureLib  \r
+  PlatformSecureLib\r
   HobLib\r
 \r
 [Protocols]\r
@@ -69,14 +74,19 @@
   gEfiSmmFaultTolerantWriteProtocolGuid         ## SOMETIMES_CONSUMES\r
 \r
 [Guids]\r
-  gEfiAuthenticatedVariableGuid                 ## PRODUCES ## Configuration Table Guid \r
+  gEfiAuthenticatedVariableGuid                 ## PRODUCES ## Configuration Table Guid\r
   gEfiGlobalVariableGuid                        ## PRODUCES ## Variable Guid\r
-  gSmmVariableWriteGuid                         ## PRODUCES ## SMM Variable Write Guid \r
-  gEfiCertRsa2048Sha256Guid\r
+  gSmmVariableWriteGuid                         ## PRODUCES ## SMM Variable Write Guid\r
+  gEfiCertTypeRsa2048Sha256Guid\r
   gEfiImageSecurityDatabaseGuid\r
   gEfiCertX509Guid\r
   gEfiCertPkcs7Guid\r
-  gEfiCertRsa2048Guid  \r
+  gEfiCertRsa2048Guid\r
+  gEfiSecureBootEnableDisableGuid\r
+  gEfiCustomModeEnableGuid\r
+  gEfiSystemNvDataFvGuid                        ## CONSUMES\r
+  gEfiCertDbGuid\r
+  gEfiHardwareErrorVariableGuid                 ## SOMETIMES_CONSUMES\r
 \r
 [Pcd]\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize\r
@@ -86,12 +96,11 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize  \r
-  \r
+\r
 [FeaturePcd]\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics  ## SOMETIME_CONSUMES (statistic the information of variable.)\r
 \r
 [Depex]\r
-  TRUE \r
+  TRUE\r
+\r
 \r
-    \r