X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FTcg%2FOpal%2FOpalPasswordSmm%2FOpalPasswordSmm.c;h=b7e2d552d5c2f25dd0e3ccecdc450e2779925d5b;hp=57d10a17b77a42d60c44be990371e58697ace3d7;hb=009264f5cf0fa0009ff96f307eaac88860a998a8;hpb=83681c74f07978adbb621a467fe391ae901e2515 diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c b/SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c index 57d10a17b7..b7e2d552d5 100644 --- a/SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c +++ b/SecurityPkg/Tcg/Opal/OpalPasswordSmm/OpalPasswordSmm.c @@ -61,6 +61,9 @@ VOID *mBuffer = NULL; // DMA can not read/write Data to smram, s // NVME NVME_CONTEXT mNvmeContext; +EFI_GCD_MEMORY_SPACE_DESCRIPTOR *mGcdMemSpace = NULL; +UINTN mNumberOfDescriptors = 0; + /** Add new bridge node or nvme device info to the device list. @@ -592,6 +595,44 @@ S3SleepEntryCallBack ( return Status; } +/** + OpalPassword Notification for SMM EndOfDxe protocol. + + @param[in] Protocol Points to the protocol's unique identifier. + @param[in] Interface Points to the interface instance. + @param[in] Handle The handle on which the interface was installed. + + @retval EFI_SUCCESS Notification runs successfully. +**/ +EFI_STATUS +EFIAPI +OpalPasswordEndOfDxeNotification ( + IN CONST EFI_GUID *Protocol, + IN VOID *Interface, + IN EFI_HANDLE Handle + ) +{ + UINTN NumberOfDescriptors; + EFI_GCD_MEMORY_SPACE_DESCRIPTOR *MemSpaceMap; + EFI_STATUS Status; + + Status = gDS->GetMemorySpaceMap (&NumberOfDescriptors, &MemSpaceMap); + if (EFI_ERROR (Status)) { + return Status; + } + + mGcdMemSpace = AllocateCopyPool (NumberOfDescriptors * sizeof (EFI_GCD_MEMORY_SPACE_DESCRIPTOR), MemSpaceMap); + if (EFI_ERROR (Status)) { + gBS->FreePool (MemSpaceMap); + return Status; + } + + mNumberOfDescriptors = NumberOfDescriptors; + gBS->FreePool (MemSpaceMap); + + return EFI_SUCCESS; +} + /** Main entry for this driver. @@ -618,6 +659,7 @@ OpalPasswordSmmInit ( EFI_SMM_VARIABLE_PROTOCOL *SmmVariable; OPAL_EXTRA_INFO_VAR OpalExtraInfo; UINTN DataSize; + EFI_EVENT EndOfDxeEvent; EFI_PHYSICAL_ADDRESS Address; mBuffer = NULL; @@ -726,6 +768,15 @@ OpalPasswordSmmInit ( // mSwSmiValue = (UINT8) Context.SwSmiInputValue; + // + // Create event to record GCD descriptors at end of dxe for judging AHCI/NVMe PCI Bar + // is in MMIO space to avoid attack. + // + Status = gSmst->SmmRegisterProtocolNotify (&gEfiSmmEndOfDxeProtocolGuid, OpalPasswordEndOfDxeNotification, &EndOfDxeEvent); + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "OpalPasswordSmm: Register SmmEndOfDxe fail, Status: %r\n", Status)); + goto EXIT; + } Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&SmmVariable); if (!EFI_ERROR (Status)) { DataSize = sizeof (OPAL_EXTRA_INFO_VAR);