MdeModulePkg/Variable/RuntimeDxe: move SecureBootHook() decl to new header

If the platform supports SMM, a gRT->SetVariable() call at boot time
results in the following call tree to SecureBootHook():

  RuntimeServiceSetVariable()      [VariableSmmRuntimeDxe.c, unprivileged]
    SmmVariableHandler()           [VariableSmm.c,             PRIVILEGED]
      VariableServiceSetVariable() [Variable.c,                PRIVILEGED]
        SecureBootHook()           [VariableSmm.c,             PRIVILEGED]
          //
          // do nothing
          //
    SecureBootHook()               [Measurement.c,           unprivileged]
      //
      // measure variable if it
      // is related to SB policy
      //

And if the platform does not support SMM:

  VariableServiceSetVariable()     [Variable.c,              unprivileged]
    SecureBootHook()               [Measurement.c,           unprivileged]
      //
      // measure variable if it
      // is related to SB policy
      //

In other words, the measurement always happens outside of SMM.

Because there are two implementations of the SecureBootHook() API, one
that is called from SMM and does nothing, and another that is called
outside of SMM and measures variables, the function declaration should be
in a header file. This way the compiler can enforce that the function
declaration and all function definitions match.

"Variable.h" is used for "including common header files, defining internal
structures and functions used by Variable modules". Technically, we could
declare SecureBootHook() in "Variable.h". However, "Measurement.c" and
"VariableSmmRuntimeDxe.c" themselves do not include "Variable.h", and that
is likely intentional -- "Variable.h" exposes so much of the privileged
variable implementation that it is likely excluded from these C source
files on purpose.

Therefore introduce a new header file called "PrivilegePolymorphic.h".
"Variable.h" includes this header (so that all C source files that have
been allowed to see the variable internals learn about the new
SecureBootHook() declaration immediately). In "Measurement.c" and
"VariableSmmRuntimeDxe.c", include *only* the new header.

This change cleans up commit fa0737a839d0 ("MdeModulePkg Variable: Merge
from Auth Variable driver in SecurityPkg", 2015-07-01).

Cc: Eric Dong <eric.dong@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Ladi Prosek <lprosek@redhat.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Ladi Prosek <lprosek@redhat.com>

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
index a8ed51495e2a82ddf0127dfc6d92826bd4dc5eb8..6acc167224ba8838e482b7bde0df97a8e44dbc9b 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
@@ -24,6 +24,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/BaseLib.h>\r
 #include <Library/TpmMeasurementLib.h>\r
 \r
+#include "PrivilegePolymorphic.h"\r
+\r
 typedef struct {\r
   CHAR16                                 *VariableName;\r
   EFI_GUID                               *VendorGuid;\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
new file mode 100644 (file)
index 0000000..0aa0d4f
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h
@@ -0,0 +1,38 @@
+/** @file\r
+  Polymorphic functions that are called from both the privileged driver (i.e.,\r
+  the DXE_SMM variable module) and the non-privileged drivers (i.e., one or\r
+  both of the DXE_RUNTIME variable modules).\r
+\r
+  Each of these functions has two implementations, appropriate for privileged\r
+  vs. non-privileged driver code.\r
+\r
+  Copyright (c) 2017, Red Hat, Inc.<BR>\r
+  Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>\r
+\r
+  This program and the accompanying materials are licensed and made available\r
+  under the terms and conditions of the BSD License which accompanies this\r
+  distribution.  The full text of the license may be found at\r
+  http://opensource.org/licenses/bsd-license.php\r
+\r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT\r
+  WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+**/\r
+#ifndef _PRIVILEGE_POLYMORPHIC_H_\r
+#define _PRIVILEGE_POLYMORPHIC_H_\r
+\r
+#include <Uefi/UefiBaseType.h>\r
+\r
+/**\r
+  SecureBoot Hook for auth variable update.\r
+\r
+  @param[in] VariableName                 Name of Variable to be found.\r
+  @param[in] VendorGuid                   Variable vendor GUID.\r
+**/\r
+VOID\r
+EFIAPI\r
+SecureBootHook (\r
+  IN CHAR16                                 *VariableName,\r
+  IN EFI_GUID                               *VendorGuid\r
+  );\r
+\r
+#endif\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 71a6fd20936401d45c616df0e56facd42b1e2c84..28e4ac8f3819d4ea1582ce747b71275574484444 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -97,20 +97,6 @@ AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {
 \r
 AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;\r
 \r
-/**\r
-\r
-  SecureBoot Hook for auth variable update.\r
-\r
-  @param[in] VariableName                 Name of Variable to be found.\r
-  @param[in] VendorGuid                   Variable vendor GUID.\r
-**/\r
-VOID\r
-EFIAPI\r
-SecureBootHook (\r
-  IN CHAR16                                 *VariableName,\r
-  IN EFI_GUID                               *VendorGuid\r
-  );\r
-\r
 /**\r
   Initialization for MOR Lock Control.\r
 \r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
index 8b1b1332b3da881206ebaf9e229cfb56b0038d1b..ec9b9849ec099b0261558d066e3ad8c751affe9c 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
@@ -44,6 +44,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Guid/FaultTolerantWrite.h>\r
 #include <Guid/VarErrorFlag.h>\r
 \r
+#include "PrivilegePolymorphic.h"\r
+\r
 #define EFI_VARIABLE_ATTRIBUTES_MASK (EFI_VARIABLE_NON_VOLATILE | \\r
                                       EFI_VARIABLE_BOOTSERVICE_ACCESS | \\r
                                       EFI_VARIABLE_RUNTIME_ACCESS | \\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index bc24a251c894731022a2cd809b9f970de9ee6ad6..e840fc9bff40fd69f6901b87301a5cb4706bfd65 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -41,6 +41,7 @@
   Variable.c\r
   VariableDxe.c\r
   Variable.h\r
+  PrivilegePolymorphic.h\r
   Measurement.c\r
   TcgMorLockDxe.c\r
   VarCheck.c\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index ccfb6fc740c1c0be0c8bb2412f1208eac1f4979d..4041643665792f777e43538a30ba4a61991ed0fe 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -51,6 +51,7 @@
   VariableSmm.c\r
   VarCheck.c\r
   Variable.h\r
+  PrivilegePolymorphic.h\r
   VariableExLib.c\r
   TcgMorLockSmm.c\r
 \r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index e209d54755ef1bec8f1b47ffa2b20f0533b1915d..85d655dc19ff684a18f95aa6b5dbfe02b3889c47 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -44,6 +44,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Guid/EventGroup.h>\r
 #include <Guid/SmmVariableCommon.h>\r
 \r
+#include "PrivilegePolymorphic.h"\r
+\r
 EFI_HANDLE                       mHandle                    = NULL;\r
 EFI_SMM_VARIABLE_PROTOCOL       *mSmmVariable               = NULL;\r
 EFI_EVENT                        mVirtualAddressChangeEvent = NULL;\r
@@ -56,20 +58,6 @@ EFI_LOCK                         mVariableServicesLock;
 EDKII_VARIABLE_LOCK_PROTOCOL     mVariableLock;\r
 EDKII_VAR_CHECK_PROTOCOL         mVarCheck;\r
 \r
-/**\r
-  SecureBoot Hook for SetVariable.\r
-\r
-  @param[in] VariableName                 Name of Variable to be found.\r
-  @param[in] VendorGuid                   Variable vendor GUID.\r
-\r
-**/\r
-VOID\r
-EFIAPI\r
-SecureBootHook (\r
-  IN CHAR16                                 *VariableName,\r
-  IN EFI_GUID                               *VendorGuid\r
-  );\r
-\r
 /**\r
   Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc).\r
   Record their initial State when variable write service is ready.\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
index 9975f5ae1d6e9be5844f0689a2019aade5fcae7f..bd73f7ac29f2c325b43c7fd6c47ef46486b4dd8d 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
@@ -42,6 +42,7 @@
 \r
 [Sources]\r
   VariableSmmRuntimeDxe.c\r
+  PrivilegePolymorphic.h\r
   Measurement.c\r
 \r
 [Packages]\r