Security enhancement to SMM Base thunk drivers: Framework SMM drivers can't be loaded...

author rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>

Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)

committer rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>

Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)
author rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>
Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)
committer rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>
Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)
diff --git a/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.c b/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.c

index 033d93eff8d3a79792b3f1a3cb908a80446c22d6..e7976b9c0c795285aae357d22dd53c642e912dc1 100644 (file)
--- a/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.c
+++ b/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.c
@@ -32,6 +32,7 @@
  #include <Protocol/SmmCpuSaveState.h>\r
  #include <Protocol/MpService.h>\r
  #include <Protocol/LoadPe32Image.h>\r
  #include <Protocol/SmmCpuSaveState.h>\r
  #include <Protocol/MpService.h>\r
  #include <Protocol/LoadPe32Image.h>\r
+#include <Protocol/SmmReadyToLock.h>\r
  \r
  ///\r
  /// Structure for tracking paired information of registered Framework SMI handler\r
  \r
  ///\r
  /// Structure for tracking paired information of registered Framework SMI handler\r
@@ -67,6 +68,7 @@ EFI_GUID                           mEfiSmmCpuIoGuid = EFI_SMM_CPU_IO_GUID;
  EFI_SMM_BASE_HELPER_READY_PROTOCOL *mSmmBaseHelperReady;\r
  EFI_SMM_SYSTEM_TABLE               *mFrameworkSmst;\r
  UINTN                              mNumberOfProcessors;\r
  EFI_SMM_BASE_HELPER_READY_PROTOCOL *mSmmBaseHelperReady;\r
  EFI_SMM_SYSTEM_TABLE               *mFrameworkSmst;\r
  UINTN                              mNumberOfProcessors;\r
+BOOLEAN                            mLocked = FALSE;\r
  \r
  LIST_ENTRY mCallbackInfoListHead = INITIALIZE_LIST_HEAD_VARIABLE (mCallbackInfoListHead);\r
  \r
  \r
  LIST_ENTRY mCallbackInfoListHead = INITIALIZE_LIST_HEAD_VARIABLE (mCallbackInfoListHead);\r
  \r
@@ -272,7 +274,7 @@ Register (
  {\r
    EFI_STATUS Status;\r
  \r
  {\r
    EFI_STATUS Status;\r
  \r
-  if (FunctionData->Args.Register.LegacyIA32Binary) {\r
+  if (mLocked || FunctionData->Args.Register.LegacyIA32Binary) {\r
      Status = EFI_UNSUPPORTED;\r
    } else {\r
      Status = LoadImage (\r
      Status = EFI_UNSUPPORTED;\r
    } else {\r
      Status = LoadImage (\r
@@ -463,6 +465,11 @@ RegisterCallback (
  {\r
    CALLBACK_INFO  *Buffer;\r
  \r
  {\r
    CALLBACK_INFO  *Buffer;\r
  \r
+  if (mLocked) {\r
+    FunctionData->Status = EFI_UNSUPPORTED;\r
+    return;\r
+  }\r
+\r
    ///\r
    /// Note that MakeLast and FloatingPointSave options are not supported in PI SMM\r
    ///\r
    ///\r
    /// Note that MakeLast and FloatingPointSave options are not supported in PI SMM\r
    ///\r
@@ -512,11 +519,15 @@ HelperAllocatePool (
    IN OUT SMMBASE_FUNCTION_DATA *FunctionData\r
    )\r
  {\r
    IN OUT SMMBASE_FUNCTION_DATA *FunctionData\r
    )\r
  {\r
-  FunctionData->Status = gSmst->SmmAllocatePool (\r
-                                  FunctionData->Args.AllocatePool.PoolType,\r
-                                  FunctionData->Args.AllocatePool.Size,\r
-                                  FunctionData->Args.AllocatePool.Buffer\r
-                                  );\r
+  if (mLocked) {\r
+    FunctionData->Status =  EFI_UNSUPPORTED;\r
+  } else {\r
+    FunctionData->Status = gSmst->SmmAllocatePool (\r
+                                    FunctionData->Args.AllocatePool.PoolType,\r
+                                    FunctionData->Args.AllocatePool.Size,\r
+                                    FunctionData->Args.AllocatePool.Buffer\r
+                                    );\r
+  }\r
  }\r
  \r
  /** \r
  }\r
  \r
  /** \r
@@ -529,8 +540,12 @@ HelperFreePool (
    IN OUT SMMBASE_FUNCTION_DATA *FunctionData\r
    )\r
  {\r
    IN OUT SMMBASE_FUNCTION_DATA *FunctionData\r
    )\r
  {\r
-  FreePool (FunctionData->Args.FreePool.Buffer);\r
-  FunctionData->Status = EFI_SUCCESS;\r
+  if (mLocked) {\r
+    FunctionData->Status =  EFI_UNSUPPORTED;\r
+  } else {\r
+    FreePool (FunctionData->Args.FreePool.Buffer);\r
+    FunctionData->Status = EFI_SUCCESS;\r
+  }\r
  }\r
  \r
  /** \r
  }\r
  \r
  /** \r
@@ -633,6 +648,29 @@ SmmHandlerEntry (
    return EFI_SUCCESS;\r
  }\r
  \r
    return EFI_SUCCESS;\r
  }\r
  \r
+/**\r
+  Smm Ready To Lock event notification handler.\r
+\r
+  It sets a flag indicating that SMRAM has been locked.\r
+  \r
+  @param[in] Protocol   Points to the protocol's unique identifier.\r
+  @param[in] Interface  Points to the interface instance.\r
+  @param[in] Handle     The handle on which the interface was installed.\r
+\r
+  @retval EFI_SUCCESS   Notification handler runs successfully.\r
+ **/\r
+EFI_STATUS\r
+EFIAPI\r
+SmmReadyToLockEventNotify (\r
+  IN CONST EFI_GUID  *Protocol,\r
+  IN VOID            *Interface,\r
+  IN EFI_HANDLE      Handle\r
+  )\r
+{\r
+  mLocked = TRUE;\r
+  return EFI_SUCCESS;\r
+}\r
+\r
  /**\r
    Entry point function of the SMM Base Helper SMM driver.\r
  \r
  /**\r
    Entry point function of the SMM Base Helper SMM driver.\r
  \r
@@ -653,6 +691,7 @@ SmmBaseHelperMain (
    EFI_MP_SERVICES_PROTOCOL   *MpServices;\r
    EFI_HANDLE                 Handle;\r
    UINTN                      NumberOfEnabledProcessors;\r
    EFI_MP_SERVICES_PROTOCOL   *MpServices;\r
    EFI_HANDLE                 Handle;\r
    UINTN                      NumberOfEnabledProcessors;\r
+  VOID                       *Registration;\r
    \r
    Handle = NULL;\r
    ///\r
    \r
    Handle = NULL;\r
    ///\r
@@ -697,6 +736,16 @@ SmmBaseHelperMain (
    mSmmBaseHelperReady->FrameworkSmst = mFrameworkSmst;\r
    mSmmBaseHelperReady->ServiceEntry = SmmHandlerEntry;\r
  \r
    mSmmBaseHelperReady->FrameworkSmst = mFrameworkSmst;\r
    mSmmBaseHelperReady->ServiceEntry = SmmHandlerEntry;\r
  \r
+  //\r
+  // Register SMM Ready To Lock Protocol notification\r
+  //\r
+  Status = gSmst->SmmRegisterProtocolNotify (\r
+                    &gEfiSmmReadyToLockProtocolGuid,\r
+                    SmmReadyToLockEventNotify,\r
+                    &Registration\r
+                    );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
    ///\r
    /// Register SMM Base Helper services for SMM Base Thunk driver\r
    ///\r
    ///\r
    /// Register SMM Base Helper services for SMM Base Thunk driver\r
    ///\r
diff --git a/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.inf b/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.inf

index e4c0f42bd6dfec4fedcf6ed0f2b3bf4167d57e0c..88e7f0a588bdb41b333f022c5b0e203f019b037f 100644 (file)
--- a/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.inf
+++ b/EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.inf
@@ -59,6 +59,7 @@
    gEfiMpServiceProtocolGuid              # PROTOCOL ALWAYS_CONSUMED\r
    gEfiSmmCpuIo2ProtocolGuid              # PROTOCOL ALWAYS_CONSUMED\r
    gEfiLoadPeImageProtocolGuid            # PROTOCOL ALWAYS_CONSUMED\r
    gEfiMpServiceProtocolGuid              # PROTOCOL ALWAYS_CONSUMED\r
    gEfiSmmCpuIo2ProtocolGuid              # PROTOCOL ALWAYS_CONSUMED\r
    gEfiLoadPeImageProtocolGuid            # PROTOCOL ALWAYS_CONSUMED\r
+  gEfiSmmReadyToLockProtocolGuid         # PROTOCOL ALWAYS_CONSUMED\r
  \r
  [Depex]\r
    gEfiSmmCpuProtocolGuid AND\r
  \r
  [Depex]\r
    gEfiSmmCpuProtocolGuid AND\r
diff --git a/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.c b/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.c

index e470da0af034e92f9378a21e34d28cb535f4e1ad..4834036a6bef612e7d8d7c71fb39a891fa473e4f 100644 (file)
--- a/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.c
+++ b/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.c
@@ -44,6 +44,7 @@ EFI_HANDLE                         mSmmBaseHandle = NULL;
  EFI_SMM_BASE2_PROTOCOL             *mSmmBase2 = NULL;\r
  EFI_SMM_COMMUNICATION_PROTOCOL     *mSmmCommunication = NULL;\r
  EFI_SMM_BASE_HELPER_READY_PROTOCOL *mSmmBaseHelperReady = NULL;\r
  EFI_SMM_BASE2_PROTOCOL             *mSmmBase2 = NULL;\r
  EFI_SMM_COMMUNICATION_PROTOCOL     *mSmmCommunication = NULL;\r
  EFI_SMM_BASE_HELPER_READY_PROTOCOL *mSmmBaseHelperReady = NULL;\r
+BOOLEAN                            mAtRuntime = FALSE;\r
  \r
  /**\r
    Determine if in SMM mode.\r
  \r
  /**\r
    Determine if in SMM mode.\r
@@ -133,7 +134,7 @@ SmmBaseRegister (
    IN      BOOLEAN                   LegacyIA32Binary\r
    )\r
  {\r
    IN      BOOLEAN                   LegacyIA32Binary\r
    )\r
  {\r
-  if (LegacyIA32Binary) {\r
+  if (mAtRuntime || LegacyIA32Binary) {\r
      return EFI_UNSUPPORTED;\r
    }\r
  \r
      return EFI_UNSUPPORTED;\r
    }\r
  \r
@@ -166,6 +167,10 @@ SmmBaseUnregister (
    IN      EFI_HANDLE                ImageHandle\r
    )\r
  {\r
    IN      EFI_HANDLE                ImageHandle\r
    )\r
  {\r
+  if (mAtRuntime) {\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionUnregister;\r
    mCommunicationData.FunctionData.Args.UnRegister.ImageHandle = ImageHandle;\r
  \r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionUnregister;\r
    mCommunicationData.FunctionData.Args.UnRegister.ImageHandle = ImageHandle;\r
  \r
@@ -308,6 +313,10 @@ SmmBaseSmmAllocatePool (
    OUT     VOID                      **Buffer\r
    )\r
  {\r
    OUT     VOID                      **Buffer\r
    )\r
  {\r
+  if (mAtRuntime) {\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionAllocatePool;\r
    mCommunicationData.FunctionData.Args.AllocatePool.PoolType = PoolType;\r
    mCommunicationData.FunctionData.Args.AllocatePool.Size = Size;\r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionAllocatePool;\r
    mCommunicationData.FunctionData.Args.AllocatePool.PoolType = PoolType;\r
    mCommunicationData.FunctionData.Args.AllocatePool.Size = Size;\r
@@ -336,6 +345,10 @@ SmmBaseSmmFreePool (
    IN      VOID                      *Buffer\r
    )\r
  {\r
    IN      VOID                      *Buffer\r
    )\r
  {\r
+  if (mAtRuntime) {\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionFreePool;\r
    mCommunicationData.FunctionData.Args.FreePool.Buffer = Buffer;\r
  \r
    mCommunicationData.FunctionData.Function = SmmBaseFunctionFreePool;\r
    mCommunicationData.FunctionData.Args.FreePool.Buffer = Buffer;\r
  \r
@@ -408,6 +421,24 @@ EFI_SMM_BASE_PROTOCOL  mSmmBase = {
    SmmBaseGetSmstLocation\r
  };\r
  \r
    SmmBaseGetSmstLocation\r
  };\r
  \r
+/**\r
+  Notification function on Exit Boot Services Event.\r
+\r
+  This function sets a flag indicating it is in Runtime phase.\r
+\r
+  @param  Event        Event whose notification function is being invoked\r
+  @param  Context      Pointer to the notification function's context\r
+**/\r
+VOID\r
+EFIAPI\r
+SmmBaseExitBootServicesEventNotify (\r
+  IN EFI_EVENT  Event,\r
+  IN VOID       *Context\r
+  )\r
+{\r
+  mAtRuntime = TRUE;\r
+}\r
+\r
  /**\r
    Entry Point for SMM Base Protocol on SMM Base2 Protocol Thunk driver.\r
  \r
  /**\r
    Entry Point for SMM Base Protocol on SMM Base2 Protocol Thunk driver.\r
  \r
@@ -449,6 +480,19 @@ SmmBaseThunkMain (
    Status = gBS->LocateProtocol (&gEfiSmmBaseHelperReadyProtocolGuid, NULL, (VOID **) &mSmmBaseHelperReady);\r
    ASSERT_EFI_ERROR (Status);\r
  \r
    Status = gBS->LocateProtocol (&gEfiSmmBaseHelperReadyProtocolGuid, NULL, (VOID **) &mSmmBaseHelperReady);\r
    ASSERT_EFI_ERROR (Status);\r
  \r
+  //\r
+  // Create event notification on Exit Boot Services event.\r
+  //\r
+  Status = gBS->CreateEventEx (\r
+                  EVT_NOTIFY_SIGNAL,\r
+                  TPL_NOTIFY,\r
+                  SmmBaseExitBootServicesEventNotify,\r
+                  NULL,\r
+                  &gEfiEventExitBootServicesGuid,\r
+                  &Event\r
+                  );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
    //\r
    // Create event on SetVirtualAddressMap() to convert mSmmCommunication from a physical address to a virtual address\r
    //\r
    //\r
    // Create event on SetVirtualAddressMap() to convert mSmmCommunication from a physical address to a virtual address\r
    //\r
diff --git a/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.inf b/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.inf

index 976128165cfe50482200f56d37cbb3e58094a8cc..778c90cc3aaefd7401d843a5a79048bede053627 100644 (file)
--- a/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.inf
+++ b/EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.inf
@@ -44,6 +44,7 @@
  \r
  [Guids]\r
    gEfiEventVirtualAddressChangeGuid   # GUID ALWAYS_CONSUMED\r
  \r
  [Guids]\r
    gEfiEventVirtualAddressChangeGuid   # GUID ALWAYS_CONSUMED\r
+  gEfiEventExitBootServicesGuid       # GUID ALWAYS_CONSUMED\r
  \r
  [Protocols]\r
    gEfiSmmBase2ProtocolGuid            # PROTOCOL ALWAYS_CONSUMED\r
  \r
  [Protocols]\r
    gEfiSmmBase2ProtocolGuid            # PROTOCOL ALWAYS_CONSUMED\r
author	rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>
	Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)
committer	rsun3 <rsun3@6f19259b-4bc3-4df7-8a09-765794883524>
	Fri, 26 Mar 2010 08:41:06 +0000 (08:41 +0000)
EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.c		patch \| blob \| blame \| history
EdkCompatibilityPkg/Compatibility/SmmBaseHelper/SmmBaseHelper.inf		patch \| blob \| blame \| history
EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.c		patch \| blob \| blame \| history
EdkCompatibilityPkg/Compatibility/SmmBaseOnSmmBase2Thunk/SmmBaseOnSmmBase2Thunk.inf		patch \| blob \| blame \| history