]> git.proxmox.com Git - mirror_edk2.git/commitdiff
projects / mirror_edk2.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 79397db)
OvmfPkg: QemuFlashFvbServicesRuntimeDxe: adhere to -D SMM_REQUIRE
authorLaszlo Ersek <lersek@redhat.com>
Mon, 30 Nov 2015 18:48:54 +0000 (18:48 +0000)
committerlersek <lersek@Edk2>
Mon, 30 Nov 2015 18:48:54 +0000 (18:48 +0000)
When the user requires "security" by passing -D SMM_REQUIRE, and
consequently by setting PcdSmmSmramRequire, enforce flash-based variables.

Furthermore, add two ASSERT()s to catch if the wrong module were pulled
into the build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19063 6f19259b-4bc3-4df7-8a09-765794883524

OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf patch | blob | blame | history
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf patch | blob | blame | history
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c patch | blob | blame | history
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceSmm.c patch | blob | blame | history
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c patch | blob | blame | history

diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
index ea8413fcfd366d06242b51bfa1f92b2f68e6f5b9..c0dda75bf75f9a8d281e4d21c97c08bc81bdc70b 100644 (file)
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesRuntimeDxe.inf
@@ -85,6 +85,8 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable\r
 \r
+[FeaturePcd]\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire\r
 \r
 [Depex]\r
   TRUE\r
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
index 6af0649f8683edfed2e946444bf342336e4d032e..ba2d3679a46daf5aea28b166f41a8e2e2744d68c 100644 (file)
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FvbServicesSmm.inf
@@ -84,6 +84,8 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable\r
 \r
+[FeaturePcd]\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire\r
 \r
 [Depex]\r
   TRUE\r
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c
index c11f598b5a6b4559424e93c717563cb8233537ae..63b308658e36b4ef91f1e098f01e504c965fead7 100644 (file)
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceDxe.c
@@ -17,6 +17,7 @@
 #include <Guid/EventGroup.h>\r
 #include <Library/DebugLib.h>\r
 #include <Library/DevicePathLib.h>\r
+#include <Library/PcdLib.h>\r
 #include <Library/UefiBootServicesTableLib.h>\r
 #include <Library/UefiRuntimeLib.h>\r
 #include <Protocol/DevicePath.h>\r
@@ -34,6 +35,8 @@ InstallProtocolInterfaces (
   EFI_HANDLE                         FwbHandle;\r
   EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *OldFwbInterface;\r
 \r
+  ASSERT (!FeaturePcdGet (PcdSmmSmramRequire));\r
+\r
   //\r
   // Find a handle with a matching device path that has supports FW Block\r
   // protocol\r
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceSmm.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceSmm.c
index e77129e03b090dde84463523fbcc587c77bb4807..e0617f2503a2ac1d3875580d6852bf2d0b37bb13 100644 (file)
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceSmm.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockServiceSmm.c
@@ -15,6 +15,7 @@
 **/\r
 \r
 #include <Library/DebugLib.h>\r
+#include <Library/PcdLib.h>\r
 #include <Library/SmmServicesTableLib.h>\r
 #include <Protocol/DevicePath.h>\r
 #include <Protocol/SmmFirmwareVolumeBlock.h>\r
@@ -29,6 +30,8 @@ InstallProtocolInterfaces (
   EFI_HANDLE FvbHandle;\r
   EFI_STATUS Status;\r
 \r
+  ASSERT (FeaturePcdGet (PcdSmmSmramRequire));\r
+\r
   //\r
   // There is no SMM service that can install multiple protocols in the SMM\r
   // protocol database in one go.\r
diff --git a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c
index 28bcb135aedf6367400abbac03b3680185e03dd9..5677b5ee119ca11f1e8322962e8d3408652ff814 100644 (file)
--- a/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c
+++ b/OvmfPkg/QemuFlashFvbServicesRuntimeDxe/QemuFlash.c
@@ -245,6 +245,7 @@ QemuFlashInitialize (
   mFdBlockCount = PcdGet32 (PcdOvmfFirmwareFdSize) / mFdBlockSize;\r
 \r
   if (!QemuFlashDetected ()) {\r
+    ASSERT (!FeaturePcdGet (PcdSmmSmramRequire));\r
     return EFI_WRITE_PROTECTED;\r
   }\r
 \r
EFI Development Kit II mirror for PVE