## @file\r
-# Component description file for Authenticated Variable SmmRuntimeDxe module.\r
+# Runtime DXE part corresponding to SMM authenticated variable module\r
#\r
-# This module is the Runtime DXE part correspond to SMM variable module. It \r
-# installs variable arch protocol and variable write arch protocol and works \r
-# with SMM variable module together. \r
+# This module installs variable arch protocol and variable write arch protocol to provide \r
+# variable service. This module need work together with SMM authenticated variable module. \r
#\r
-# Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
+# Caution: This module requires additional review when modified.\r
+# This driver will have external input - variable data.\r
+# This external input must be validated carefully to avoid security issues such as \r
+# buffer overflow or integer overflow.\r
+# The whole SMM authentication variable design relies on the integrity of flash part and SMM.\r
+# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory\r
+# may not be modified without authorization. If platform fails to protect these resources, \r
+# the authentication service provided in this driver will be broken, and the behavior is undefined.\r
+#\r
+# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
# This program and the accompanying materials\r
# are licensed and made available under the terms and conditions of the BSD License\r
# which accompanies this distribution. The full text of the license may be found at\r
\r
[Defines]\r
INF_VERSION = 0x00010005\r
- BASE_NAME = VariableSmmRuntimeDxe\r
+ BASE_NAME = VariableAuthSmmRuntimeDxe\r
+ MODULE_UNI_FILE = VariableAuthSmmRuntimeDxe.uni\r
FILE_GUID = 067E2381-7234-4798-B49C-D5FECBFF6D07\r
MODULE_TYPE = DXE_RUNTIME_DRIVER\r
VERSION_STRING = 1.0\r
\r
[Sources]\r
VariableSmmRuntimeDxe.c\r
+ Measurement.c\r
\r
[Packages]\r
MdePkg/MdePkg.dec\r
DxeServicesTableLib\r
UefiDriverEntryPoint\r
PcdLib \r
+ TpmMeasurementLib\r
\r
[Protocols]\r
- gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES\r
- gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES \r
- gEfiSmmCommunicationProtocolGuid\r
+ gEfiVariableWriteArchProtocolGuid ## PRODUCES\r
+ gEfiVariableArchProtocolGuid ## PRODUCES\r
+ gEfiSmmCommunicationProtocolGuid ## CONSUMES\r
+ gEdkiiVariableLockProtocolGuid ## PRODUCES\r
+\r
+ ## CONSUMES\r
+ ## NOTIFY\r
+ ## UNDEFINED # Used to do smm communication\r
gEfiSmmVariableProtocolGuid\r
+ gEdkiiVarCheckProtocolGuid ## PRODUCES\r
\r
[Guids]\r
- gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event\r
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event\r
+ gEfiEventExitBootServicesGuid ## CONSUMES ## Event\r
+ \r
+ ## CONSUMES ## UNDEFINED # Locate protocol\r
+ ## CONSUMES ## UNDEFINED # Protocol notify\r
gSmmVariableWriteGuid\r
+ \r
\r
-[Pcd]\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize\r
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase\r
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"\r
+ gEfiGlobalVariableGuid\r
\r
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"\r
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"\r
+ gEfiImageSecurityDatabaseGuid\r
+\r
+[Pcd]\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES\r
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES\r
+\r
[Depex]\r
gEfiSmmCommunicationProtocolGuid\r
+\r
+[UserExtensions.TianoCore."ExtraFiles"]\r
+ VariableSmmRuntimeDxeExtra.uni\r