From 4cecd19a44dca3b02f8cf7359420b6271518e7dc Mon Sep 17 00:00:00 2001 From: chenc2 Date: Fri, 29 Jun 2018 11:33:44 +0800 Subject: [PATCH] SecurityPkg: Removing ipf which is no longer supported from edk2. Removing rules for Ipf sources file: * Remove the source file which path with "ipf" and also listed in [Sources.IPF] section of INF file. * Remove the source file which listed in [Components.IPF] section of DSC file and not listed in any other [Components] section. * Remove the embedded Ipf code for MDE_CPU_IPF. Removing rules for Inf file: * Remove IPF from VALID_ARCHITECTURES comments. * Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section. * Remove the INF which only listed in [Components.IPF] section in DSC. * Remove statements from [BuildOptions] that provide IPF specific flags. * Remove any IPF sepcific sections. Removing rules for Dec file: * Remove [Includes.IPF] section from Dec. Removing rules for Dsc file: * Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC. * Remove any IPF specific sections. * Remove statements from [BuildOptions] that provide IPF specific flags. Cc: Chao Zhang Cc: Jiewen Yao Cc: Michael D Kinney Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chen A Chen Reviewed-by: Chao B Zhang --- SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf | 2 +- .../DxeImageAuthenticationStatusLib.inf | 4 +- .../DxeImageVerificationLib.inf | 6 +- ...xeRsa2048Sha256GuidedSectionExtractLib.inf | 4 +- .../DxeTcg2PhysicalPresenceLib.inf | 4 +- .../DxeTcgPhysicalPresenceLib.inf | 4 +- .../DxeTpm2MeasureBootLib.inf | 4 +- .../DxeTpmMeasureBootLib.inf | 4 +- .../DxeTpmMeasurementLib.inf | 4 +- .../FmpAuthenticationLibPkcs7.inf | 4 +- .../FmpAuthenticationLibRsa2048Sha256.inf | 2 +- .../HashInstanceLibSha1.inf | 4 +- .../HashInstanceLibSha256.inf | 4 +- .../HashLibBaseCryptoRouterDxe.inf | 4 +- .../HashLibBaseCryptoRouterPei.inf | 2 +- .../Library/HashLibTpm2/HashLibTpm2.inf | 2 +- ...eiRsa2048Sha256GuidedSectionExtractLib.inf | 2 +- .../PeiTcg2PhysicalPresenceLib.inf | 2 +- .../PlatformSecureLibNull.inf | 2 +- .../SmmTcg2PhysicalPresenceLib.inf | 2 +- .../Tcg2PpVendorLibNull.inf | 2 +- .../TcgPpVendorLibNull/TcgPpVendorLibNull.inf | 2 +- .../Tpm12CommandLib/Tpm12CommandLib.inf | 4 +- .../Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf | 2 +- .../Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf | 4 +- .../Library/Tpm2CommandLib/Tpm2CommandLib.inf | 4 +- .../Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf | 2 +- .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf | 2 +- .../Tpm2DeviceLibRouterDxe.inf | 4 +- .../Tpm2DeviceLibRouterPei.inf | 2 +- .../Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf | 4 +- SecurityPkg/Library/TpmCommLib/TpmCommLib.inf | 2 +- SecurityPkg/SecurityPkg.dsc | 16 +- .../Tcg/MemoryOverwriteControl/TcgMor.inf | 4 +- .../TcgMorLockSmm.inf | 4 +- .../Tcg/Opal/OpalPassword/OpalPasswordDxe.inf | 2 +- .../PhysicalPresencePei.inf | 2 +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf | 2 +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 2 +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 2 +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 4 +- SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf | 2 +- SecurityPkg/Tcg/TcgDxe/TcgDxe.inf | 2 +- SecurityPkg/Tcg/TcgPei/TcgPei.inf | 2 +- .../EsalVariableDxeSal/AuthService.c | 886 ----- .../EsalVariableDxeSal/AuthService.h | 151 - .../EsalVariableDxeSal/EsalVariableDxeSal.inf | 105 - .../EsalVariableDxeSal/EsalVariableDxeSal.uni | 22 - .../EsalVariableDxeSalExtra.uni | 19 - .../EsalVariableDxeSal/InitVariable.c | 247 -- .../EsalVariableDxeSal/Reclaim.c | 262 -- .../EsalVariableDxeSal/Variable.c | 3257 ----------------- .../EsalVariableDxeSal/Variable.h | 505 --- .../SecureBootConfigDxe.inf | 4 +- 54 files changed, 69 insertions(+), 5533 deletions(-) delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.uni delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSalExtra.uni delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/InitVariable.c delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Reclaim.c delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c delete mode 100644 SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.h diff --git a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf index ffc0efc4d8..35bf66f44d 100644 --- a/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf +++ b/SecurityPkg/Hash2DxeCrypto/Hash2DxeCrypto.inf @@ -27,7 +27,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources.common] diff --git a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf index 6c826a9cbf..f72bd1f4d2 100644 --- a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf +++ b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.inf @@ -20,13 +20,13 @@ FILE_GUID = EB92D1DE-7C36-4680-BB88-A67E96049F72 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeImageAuthenticationStatusLibConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf index 3430b6ea9d..7f09c629ad 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf @@ -8,7 +8,7 @@ # This external input must be validated carefully to avoid security issues such as # buffer overflow or integer overflow. # -# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -25,13 +25,13 @@ FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeImageVerificationLibConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf index cbb553c0bf..5931d6c339 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.inf @@ -22,14 +22,14 @@ FILE_GUID = 0AD6C423-4732-4cf3-9CE3-0A5416D634A5 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL|DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = NULL|DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeRsa2048Sha256GuidedSectionExtractLibConstructor MODULE_UNI_FILE = DxeRsa2048Sha256GuidedSectionExtractLib.uni # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf index d74f000203..18aa1b40cb 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf @@ -25,12 +25,12 @@ FILE_GUID = 7E507A86-DE8B-4AD3-BC4C-0498389098D3 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf index bf7e16ccb7..148a14fc2e 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf @@ -26,13 +26,13 @@ FILE_GUID = EBC43A46-34AC-4F07-A7F5-A5394619361C MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = TcgPhysicalPresenceLibConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf index e5aaba2407..22eaced5fa 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf @@ -29,13 +29,13 @@ FILE_GUID = 778CE4F4-36BD-4ae7-B8F0-10B420B0D174 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeTpm2MeasureBootLibConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf index a2c5847747..ee4bcb87ff 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf @@ -26,13 +26,13 @@ FILE_GUID = 6C60C7D0-922A-4b7c-87D7-E503EDD73BBF MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = DxeTpmMeasureBootLibConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf index 17527ba025..f6dfc1e086 100644 --- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf +++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf @@ -20,13 +20,13 @@ FILE_GUID = 30930D10-AF5B-4abf-80E6-EB4FFC0AE9D1 MODULE_TYPE = UEFI_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER MODULE_UNI_FILE = DxeTpmMeasurementLib.uni # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf index 215b3cbecd..9b14a61bb0 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf +++ b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf @@ -3,7 +3,7 @@ # # Instance of FmpAuthentication Library for DXE/PEI post memory phase. # -# Copyright (c) 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf index cdd22429c2..8633319e56 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf +++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf index 588c5f1ac4..83413c62e5 100644 --- a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf +++ b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf @@ -3,7 +3,7 @@ # # This library can be registered to BaseCrypto router, to serve as hash engine. # -# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf index a4b2ccf9e2..bedc15df02 100644 --- a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf +++ b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf @@ -3,7 +3,7 @@ # # This library can be registered to BaseCrypto router, to serve as hash engine. # -# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf index 4e9ce56c69..2aaa5a1112 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf @@ -22,13 +22,13 @@ FILE_GUID = 158DC712-F15A-44dc-93BB-1675045BE066 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = HashLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = HashLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER CONSTRUCTOR = HashLibBaseCryptoRouterDxeConstructor # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf index 20824ce75e..1463db9e6b 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf @@ -28,7 +28,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf index db97d4547d..e74a56ffd0 100644 --- a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf +++ b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.inf @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf index d11d7309f9..da7ac38d0a 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.inf @@ -29,7 +29,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf index adcbceedb3..ef00579b42 100644 --- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf @@ -25,7 +25,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf index 2f2ea4fc25..979a33705d 100644 --- a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf +++ b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf @@ -29,7 +29,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf index dd46e0ec21..acbc357256 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf @@ -30,7 +30,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf index 0a1588a908..1dd6681a7e 100644 --- a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf +++ b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf @@ -23,7 +23,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf index db1abb4c53..caedcd0883 100644 --- a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf +++ b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf @@ -23,7 +23,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf b/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf index f5dbb721b8..e95b390df5 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf @@ -3,7 +3,7 @@ # # This library is used by other modules to send TPM 1.2 command. # -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -25,7 +25,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf index 949493cae8..52c52ef0a0 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf @@ -27,7 +27,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf index 25b7260f72..72f513dfee 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf +++ b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf @@ -21,12 +21,12 @@ FILE_GUID = 4D8B77D9-E923-48f8-B070-4053D78B7E56 MODULE_TYPE = BASE VERSION_STRING = 1.0 - LIBRARY_CLASS = Tpm12DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = Tpm12DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf b/SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf index 481a878671..bf7f585209 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf @@ -3,7 +3,7 @@ # # This library is used by other modules to send TPM 2.0 command. # -# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -25,7 +25,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf index b41c6cbd2d..b6867bc4ff 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf @@ -32,7 +32,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf index b418e7380b..14e5e2e0f5 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf @@ -28,7 +28,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf index 26684f9864..eaee48dc41 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf @@ -22,12 +22,12 @@ FILE_GUID = C3D69D87-5200-4aab-A6DB-2569BA1A92FC MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf index 877cf95bc1..7bd0f96b22 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf @@ -27,7 +27,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf index cffc4afb4d..2a16c899cc 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf @@ -21,12 +21,12 @@ FILE_GUID = A1B0B230-67DC-431E-A94A-A96AF1EBE637 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 - LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf b/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf index 9ca66d1805..c67efaa6c2 100644 --- a/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf +++ b/SecurityPkg/Library/TpmCommLib/TpmCommLib.inf @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 9f1a91e5a9..12994439f0 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -19,7 +19,7 @@ PLATFORM_VERSION = 0.98 DSC_SPECIFICATION = 0x00010005 OUTPUT_DIRECTORY = Build/SecurityPkg - SUPPORTED_ARCHITECTURES = IA32|IPF|X64|EBC|ARM|AARCH64 + SUPPORTED_ARCHITECTURES = IA32|X64|EBC|ARM|AARCH64 BUILD_TARGETS = DEBUG|RELEASE|NOOPT SKUID_IDENTIFIER = DEFAULT @@ -116,13 +116,6 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf -[LibraryClasses.IPF.DXE_SAL_DRIVER] - ExtendedSalLib|MdePkg/Library/DxeRuntimeExtendedSalLib/DxeRuntimeExtendedSalLib.inf - BaseCryptLib|CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf - HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf - Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf - Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf - [LibraryClasses.common.DXE_SMM_DRIVER] HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf @@ -203,10 +196,10 @@ SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.inf SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.inf -[Components.IA32, Components.X64, Components.IPF, Components.ARM, Components.AARCH64] +[Components.IA32, Components.X64, Components.ARM, Components.AARCH64] SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf -[Components.IA32, Components.X64, Components.IPF] +[Components.IA32, Components.X64] # SecurityPkg/UserIdentification/PwdCredentialProviderDxe/PwdCredentialProviderDxe.inf # SecurityPkg/UserIdentification/UsbCredentialProviderDxe/UsbCredentialProviderDxe.inf SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -281,9 +274,6 @@ SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordPei.inf -[Components.IPF] - SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf - [BuildOptions] MSFT:*_*_IA32_DLINK_FLAGS = /ALIGN:256 INTEL:*_*_IA32_DLINK_FLAGS = /ALIGN:256 diff --git a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf index a131342bb6..6f9a77b868 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf +++ b/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf @@ -5,7 +5,7 @@ # TPer Reset for those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL # at EndOfDxe. # -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -28,7 +28,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf index 1623bd03bb..d233ccdbdb 100644 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf +++ b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf @@ -6,7 +6,7 @@ # NOTE: This module only handles secure MOR V1 and is deprecated. # The secure MOR V2 is handled inside of variable driver. # -# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -29,7 +29,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf b/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf index 0ac550a728..0a82f30959 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalPasswordDxe.inf @@ -25,7 +25,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf b/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf index f4c0e059e7..d725c4f21e 100644 --- a/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf +++ b/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf @@ -29,7 +29,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf index 2343ab49aa..bb7a52192c 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -25,7 +25,7 @@ UNLOAD_IMAGE = Tcg2ConfigDriverUnload # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf index 0d151ba019..a0136bc0c5 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf @@ -24,7 +24,7 @@ ENTRY_POINT = Tcg2ConfigPeimEntryPoint # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # # [BootMode] # S3_RESUME ## SOMETIMES_CONSUMES diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf index 2bc45bddf5..b875ab7e01 100644 --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf @@ -36,7 +36,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf index a4aae1488f..9608f9ae7e 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -8,7 +8,7 @@ # # This module will initialize TPM device, measure reported FVs and BIOS version. # -# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
# Copyright (c) 2017, Microsoft Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License @@ -31,7 +31,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # # [BootMode] # S3_RESUME ## SOMETIMES_CONSUMES diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf index 22ff80aae2..179426978c 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf @@ -23,7 +23,7 @@ UNLOAD_IMAGE = TcgConfigDriverUnload # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf b/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf index 320f55210a..fee8dafc23 100644 --- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf +++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf @@ -24,7 +24,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF +# VALID_ARCHITECTURES = IA32 X64 # [Sources] diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/TcgPei.inf index 2573cd37d7..0252511391 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -26,7 +26,7 @@ # # The following information is for reference only and not required by the build tools. # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # # [BootMode] # S3_RESUME ## SOMETIMES_CONSUMES diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c deleted file mode 100644 index 87994587da..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.c +++ /dev/null @@ -1,886 +0,0 @@ -/** @file - Implement authentication services for the authenticated variable - service in UEFI2.2. - -Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "Variable.h" -#include "AuthService.h" - -/// -/// Global database array for scratch -/// -UINT32 mPubKeyNumber; -UINT32 mPlatformMode; -EFI_GUID mSignatureSupport[SIGSUPPORT_NUM] = {EFI_CERT_RSA2048_SHA256_GUID, EFI_CERT_RSA2048_SHA1_GUID}; -// -// Public Exponent of RSA Key. -// -CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; - -/** - Initializes for authenticated varibale service. - - @retval EFI_SUCCESS The function successfully executed. - @retval EFI_OUT_OF_RESOURCES Failed to allocate enough memory resources. - -**/ -EFI_STATUS -AutenticatedVariableServiceInitialize ( - VOID - ) -{ - EFI_STATUS Status; - VARIABLE_POINTER_TRACK Variable; - UINT8 VarValue; - UINT32 VarAttr; - UINTN DataSize; - UINTN CtxSize; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN Valid; - - ZeroMem (&VariableHeader, sizeof (AUTHENTICATED_VARIABLE_HEADER)); - - mVariableModuleGlobal->AuthenticatedVariableGuid[Physical] = &gEfiAuthenticatedVariableGuid; - mVariableModuleGlobal->CertRsa2048Sha256Guid[Physical] = &gEfiCertRsa2048Sha256Guid; - mVariableModuleGlobal->ImageSecurityDatabaseGuid[Physical] = &gEfiImageSecurityDatabaseGuid; - - // - // Initialize hash context. - // - CtxSize = Sha256GetContextSize (); - mVariableModuleGlobal->HashContext[Physical] = AllocateRuntimePool (CtxSize); - ASSERT (mVariableModuleGlobal->HashContext[Physical] != NULL); - // - // Check "AuthVarKeyDatabase" variable's existence. - // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - // - Status = FindVariable ( - mVariableModuleGlobal->VariableName[Physical][VAR_AUTH_KEY_DB], - &gEfiAuthenticatedVariableGuid, - &Variable, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance - ); - - if (Variable.CurrPtr == 0x0) { - VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; - VarValue = 0; - mPubKeyNumber = 0; - Status = UpdateVariable ( - mVariableModuleGlobal->VariableName[Physical][VAR_AUTH_KEY_DB], - &gEfiAuthenticatedVariableGuid, - &VarValue, - sizeof(UINT8), - VarAttr, - 0, - 0, - FALSE, - mVariableModuleGlobal, - &Variable - ); - if (EFI_ERROR (Status)) { - return Status; - } - } else { - // - // Load database in global variable for cache. - // - Valid = IsValidVariableHeader ( - Variable.CurrPtr, - Variable.Volatile, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance, - &VariableHeader - ); - ASSERT (Valid); - - DataSize = DataSizeOfVariable (&VariableHeader); - ASSERT (DataSize <= MAX_KEYDB_SIZE); - GetVariableDataPtr ( - Variable.CurrPtr, - Variable.Volatile, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance, - (CHAR16 *) mVariableModuleGlobal->PubKeyStore - ); - - mPubKeyNumber = (UINT32) (DataSize / EFI_CERT_TYPE_RSA2048_SIZE); - } - // - // Check "SetupMode" variable's existence. - // If it doesn't exist, check PK database's existence to determine the value. - // Then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - // - Status = FindVariable ( - mVariableModuleGlobal->VariableName[Physical][VAR_SETUP_MODE], - &gEfiGlobalVariableGuid, - &Variable, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance - ); - - if (Variable.CurrPtr == 0x0) { - Status = FindVariable ( - mVariableModuleGlobal->VariableName[Physical][VAR_PLATFORM_KEY], - &gEfiGlobalVariableGuid, - &Variable, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance - ); - if (Variable.CurrPtr == 0x0) { - mPlatformMode = SETUP_MODE; - } else { - mPlatformMode = USER_MODE; - } - - VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; - Status = UpdateVariable ( - mVariableModuleGlobal->VariableName[Physical][VAR_SETUP_MODE], - &gEfiGlobalVariableGuid, - &mPlatformMode, - sizeof(UINT8), - VarAttr, - 0, - 0, - FALSE, - mVariableModuleGlobal, - &Variable - ); - if (EFI_ERROR (Status)) { - return Status; - } - } else { - GetVariableDataPtr ( - Variable.CurrPtr, - Variable.Volatile, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance, - (CHAR16 *) &mPlatformMode - ); - } - // - // Check "SignatureSupport" variable's existence. - // If it doesn't exist, then create a new one with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - // - Status = FindVariable ( - EFI_SIGNATURE_SUPPORT_NAME, - &gEfiGlobalVariableGuid, - &Variable, - &mVariableModuleGlobal->VariableGlobal[Physical], - mVariableModuleGlobal->FvbInstance - ); - - if (Variable.CurrPtr == 0x0) { - VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; - Status = UpdateVariable ( - EFI_SIGNATURE_SUPPORT_NAME, - &gEfiGlobalVariableGuid, - mSignatureSupport, - SIGSUPPORT_NUM * sizeof(EFI_GUID), - VarAttr, - 0, - 0, - FALSE, - mVariableModuleGlobal, - &Variable - ); - } - - return Status; -} - -/** - Add public key in store and return its index. - - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] PubKey The input pointer to Public Key data. - - @return The index of new added item. - -**/ -UINT32 -AddPubKeyInStore ( - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN UINT8 *PubKey - ) -{ - EFI_STATUS Status; - BOOLEAN IsFound; - UINT32 Index; - VARIABLE_POINTER_TRACK Variable; - UINT8 *Ptr; - - if (PubKey == NULL) { - return 0; - } - - Status = FindVariable ( - Global->VariableName[VirtualMode][VAR_AUTH_KEY_DB], - Global->AuthenticatedVariableGuid[VirtualMode], - &Variable, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance - ); - ASSERT_EFI_ERROR (Status); - // - // Check whether the public key entry does exist. - // - IsFound = FALSE; - for (Ptr = Global->PubKeyStore, Index = 1; Index <= mPubKeyNumber; Index++) { - if (CompareMem (Ptr, PubKey, EFI_CERT_TYPE_RSA2048_SIZE) == 0) { - IsFound = TRUE; - break; - } - Ptr += EFI_CERT_TYPE_RSA2048_SIZE; - } - - if (!IsFound) { - // - // Add public key in database. - // - if (mPubKeyNumber == MAX_KEY_NUM) { - // - // Notes: Database is full, need enhancement here, currently just return 0. - // - return 0; - } - - CopyMem (Global->PubKeyStore + mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE, PubKey, EFI_CERT_TYPE_RSA2048_SIZE); - Index = ++mPubKeyNumber; - // - // Update public key database variable. - // - Status = UpdateVariable ( - Global->VariableName[VirtualMode][VAR_AUTH_KEY_DB], - Global->AuthenticatedVariableGuid[VirtualMode], - Global->PubKeyStore, - mPubKeyNumber * EFI_CERT_TYPE_RSA2048_SIZE, - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, - 0, - 0, - VirtualMode, - Global, - &Variable - ); - ASSERT_EFI_ERROR (Status); - } - - return Index; -} - -/** - Verify data payload with AuthInfo in EFI_CERT_TYPE_RSA2048_SHA256 type. - Follow the steps in UEFI2.2. - - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Data The pointer to data with AuthInfo. - @param[in] DataSize The size of Data. - @param[in] PubKey The public key used for verification. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_SECURITY_VIOLATION Authentication failed. - @retval EFI_SUCCESS Authentication successful. - -**/ -EFI_STATUS -VerifyDataPayload ( - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN UINT8 *Data, - IN UINTN DataSize, - IN UINT8 *PubKey - ) -{ - BOOLEAN Status; - EFI_VARIABLE_AUTHENTICATION *CertData; - EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock; - UINT8 Digest[SHA256_DIGEST_SIZE]; - VOID *Rsa; - VOID *HashContext; - - Rsa = NULL; - CertData = NULL; - CertBlock = NULL; - - if (Data == NULL || PubKey == NULL) { - return EFI_INVALID_PARAMETER; - } - - CertData = (EFI_VARIABLE_AUTHENTICATION *) Data; - CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) (CertData->AuthInfo.CertData); - - // - // wCertificateType should be WIN_CERT_TYPE_EFI_GUID. - // Cert type should be EFI_CERT_TYPE_RSA2048_SHA256. - // - if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) || - !CompareGuid (&CertData->AuthInfo.CertType, Global->CertRsa2048Sha256Guid[VirtualMode]) - ) { - // - // Invalid AuthInfo type, return EFI_SECURITY_VIOLATION. - // - return EFI_SECURITY_VIOLATION; - } - - // - // Hash data payload with SHA256. - // - ZeroMem (Digest, SHA256_DIGEST_SIZE); - HashContext = Global->HashContext[VirtualMode]; - Status = Sha256Init (HashContext); - if (!Status) { - goto Done; - } - Status = Sha256Update (HashContext, Data + AUTHINFO_SIZE, (UINTN) (DataSize - AUTHINFO_SIZE)); - if (!Status) { - goto Done; - } - // - // Hash Monotonic Count. - // - Status = Sha256Update (HashContext, &CertData->MonotonicCount, sizeof (UINT64)); - if (!Status) { - goto Done; - } - Status = Sha256Final (HashContext, Digest); - if (!Status) { - goto Done; - } - // - // Generate & Initialize RSA Context. - // - Rsa = RsaNew (); - ASSERT (Rsa != NULL); - // - // Set RSA Key Components. - // NOTE: Only N and E are needed to be set as RSA public key for signature verification. - // - Status = RsaSetKey (Rsa, RsaKeyN, PubKey, EFI_CERT_TYPE_RSA2048_SIZE); - if (!Status) { - goto Done; - } - Status = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE)); - if (!Status) { - goto Done; - } - // - // Verify the signature. - // - Status = RsaPkcs1Verify ( - Rsa, - Digest, - SHA256_DIGEST_SIZE, - CertBlock->Signature, - EFI_CERT_TYPE_RSA2048_SHA256_SIZE - ); - -Done: - if (Rsa != NULL) { - RsaFree (Rsa); - } - if (Status) { - return EFI_SUCCESS; - } else { - return EFI_SECURITY_VIOLATION; - } -} - - -/** - Update platform mode. - - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Mode SETUP_MODE or USER_MODE. - -**/ -VOID -UpdatePlatformMode ( - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN UINT32 Mode - ) -{ - EFI_STATUS Status; - VARIABLE_POINTER_TRACK Variable; - UINT32 VarAttr; - - Status = FindVariable ( - Global->VariableName[VirtualMode][VAR_SETUP_MODE], - Global->GlobalVariableGuid[VirtualMode], - &Variable, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance - ); - ASSERT_EFI_ERROR (Status); - - mPlatformMode = Mode; - VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; - Status = UpdateVariable ( - Global->VariableName[VirtualMode][VAR_SETUP_MODE], - Global->GlobalVariableGuid[VirtualMode], - &mPlatformMode, - sizeof(UINT8), - VarAttr, - 0, - 0, - VirtualMode, - Global, - &Variable - ); - ASSERT_EFI_ERROR (Status); -} - -/** - Process variable with platform key for verification. - - @param[in] VariableName The name of Variable to be found. - @param[in] VendorGuid The variable vendor GUID. - @param[in] Data The data pointer. - @param[in] DataSize The size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - @param[in] IsPk Indicates whether to process pk. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable passed validation successfully. - -**/ -EFI_STATUS -ProcessVarWithPk ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL, - IN BOOLEAN IsPk - ) -{ - EFI_STATUS Status; - VARIABLE_POINTER_TRACK PkVariable; - EFI_SIGNATURE_LIST *OldPkList; - EFI_SIGNATURE_DATA *OldPkData; - EFI_VARIABLE_AUTHENTICATION *CertData; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN Valid; - - OldPkList = NULL; - ZeroMem (&VariableHeader, sizeof (AUTHENTICATED_VARIABLE_HEADER)); - - if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) { - // - // PK and KEK should set EFI_VARIABLE_NON_VOLATILE attribute. - // - return EFI_INVALID_PARAMETER; - } - - if (mPlatformMode == USER_MODE) { - if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) { - // - // In user mode, PK and KEK should set EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute. - // - return EFI_INVALID_PARAMETER; - } - - CertData = (EFI_VARIABLE_AUTHENTICATION *) Data; - - if (Variable->CurrPtr != 0x0) { - Valid = IsValidVariableHeader ( - Variable->CurrPtr, - Variable->Volatile, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance, - &VariableHeader - ); - ASSERT (Valid); - - if (CertData->MonotonicCount <= VariableHeader.MonotonicCount) { - // - // Monotonic count check fail, suspicious replay attack, return EFI_SECURITY_VIOLATION. - // - return EFI_SECURITY_VIOLATION; - } - } - // - // Get platform key from variable. - // - Status = FindVariable ( - Global->VariableName[VirtualMode][VAR_PLATFORM_KEY], - Global->GlobalVariableGuid[VirtualMode], - &PkVariable, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance - ); - ASSERT_EFI_ERROR (Status); - - ZeroMem (Global->KeyList, MAX_KEYDB_SIZE); - GetVariableDataPtr ( - PkVariable.CurrPtr, - PkVariable.Volatile, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance, - (CHAR16 *) Global->KeyList - ); - - OldPkList = (EFI_SIGNATURE_LIST *) Global->KeyList; - OldPkData = (EFI_SIGNATURE_DATA *) ((UINT8 *) OldPkList + sizeof (EFI_SIGNATURE_LIST) + OldPkList->SignatureHeaderSize); - Status = VerifyDataPayload (VirtualMode, Global, Data, DataSize, OldPkData->SignatureData); - if (!EFI_ERROR (Status)) { - Status = UpdateVariable ( - VariableName, - VendorGuid, - (UINT8*)Data + AUTHINFO_SIZE, - DataSize - AUTHINFO_SIZE, - Attributes, - 0, - CertData->MonotonicCount, - VirtualMode, - Global, - Variable - ); - - if (!EFI_ERROR (Status)) { - // - // If delete PK in user mode, need change to setup mode. - // - if ((DataSize == AUTHINFO_SIZE) && IsPk) { - UpdatePlatformMode (VirtualMode, Global, SETUP_MODE); - } - } - } - } else { - Status = UpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes, 0, 0, VirtualMode, Global, Variable); - // - // If enroll PK in setup mode, need change to user mode. - // - if ((DataSize != 0) && IsPk) { - UpdatePlatformMode (VirtualMode, Global, USER_MODE); - } - } - - return Status; -} - -/** - Process variable with key exchange key for verification. - - @param[in] VariableName The name of Variable to be found. - @param[in] VendorGuid The variable vendor GUID. - @param[in] Data The data pointer. - @param[in] DataSize The size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_SECURITY_VIOLATION The variable did NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable passed validation successfully. - -**/ -EFI_STATUS -ProcessVarWithKek ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL - ) -{ - EFI_STATUS Status; - VARIABLE_POINTER_TRACK KekVariable; - EFI_SIGNATURE_LIST *KekList; - EFI_SIGNATURE_DATA *KekItem; - UINT32 KekCount; - EFI_VARIABLE_AUTHENTICATION *CertData; - EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock; - BOOLEAN IsFound; - UINT32 Index; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN Valid; - - KekList = NULL; - ZeroMem (&VariableHeader, sizeof (AUTHENTICATED_VARIABLE_HEADER)); - - if (mPlatformMode == USER_MODE) { - if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) { - // - // In user mode, should set EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute. - // - return EFI_INVALID_PARAMETER; - } - - CertData = (EFI_VARIABLE_AUTHENTICATION *) Data; - CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) (CertData->AuthInfo.CertData); - if (Variable->CurrPtr != 0x0) { - Valid = IsValidVariableHeader ( - Variable->CurrPtr, - Variable->Volatile, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance, - &VariableHeader - ); - ASSERT (Valid); - - if (CertData->MonotonicCount <= VariableHeader.MonotonicCount) { - // - // Monotonic count check fail, suspicious replay attack, return EFI_SECURITY_VIOLATION. - // - return EFI_SECURITY_VIOLATION; - } - } - // - // Get KEK database from variable. - // - Status = FindVariable ( - Global->VariableName[VirtualMode][VAR_KEY_EXCHANGE_KEY], - Global->GlobalVariableGuid[VirtualMode], - &KekVariable, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance - ); - ASSERT_EFI_ERROR (Status); - - ZeroMem (Global->KeyList, MAX_KEYDB_SIZE); - GetVariableDataPtr ( - KekVariable.CurrPtr, - KekVariable.Volatile, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance, - (CHAR16 *) Global->KeyList - ); - // - // Enumerate all Kek items in this list to verify the variable certificate data. - // If anyone is authenticated successfully, it means the variable is correct! - // - KekList = (EFI_SIGNATURE_LIST *) Global->KeyList; - IsFound = FALSE; - KekCount = (KekList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - KekList->SignatureHeaderSize) / KekList->SignatureSize; - KekItem = (EFI_SIGNATURE_DATA *) ((UINT8 *) KekList + sizeof (EFI_SIGNATURE_LIST) + KekList->SignatureHeaderSize); - for (Index = 0; Index < KekCount; Index++) { - if (CompareMem (KekItem->SignatureData, CertBlock->PublicKey, EFI_CERT_TYPE_RSA2048_SIZE) == 0) { - IsFound = TRUE; - break; - } - KekItem = (EFI_SIGNATURE_DATA *) ((UINT8 *) KekItem + KekList->SignatureSize); - } - - if (!IsFound) { - return EFI_SECURITY_VIOLATION; - } - - Status = VerifyDataPayload (VirtualMode, Global, Data, DataSize, CertBlock->PublicKey); - if (!EFI_ERROR (Status)) { - Status = UpdateVariable ( - VariableName, - VendorGuid, - (UINT8*)Data + AUTHINFO_SIZE, - DataSize - AUTHINFO_SIZE, - Attributes, - 0, - CertData->MonotonicCount, - VirtualMode, - Global, - Variable - ); - } - } else { - // - // If in setup mode, no authentication needed. - // - Status = UpdateVariable ( - VariableName, - VendorGuid, - Data, - DataSize, - Attributes, - 0, - 0, - VirtualMode, - Global, - Variable - ); - } - - return Status; -} - -/** - Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, and return the index of associated public key. - - @param[in] Data The data pointer. - @param[in] DataSize The size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - @param[out] KeyIndex The output index of corresponding public key in database. - @param[out] MonotonicCount The output value of corresponding Monotonic Count. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_WRITE_PROTECTED The variable is write-protected and needs authentication with - EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS - set, but the AuthInfo does NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable is not write-protected, or passed validation successfully. - -**/ -EFI_STATUS -VerifyVariable ( - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL, - OUT UINT32 *KeyIndex OPTIONAL, - OUT UINT64 *MonotonicCount OPTIONAL - ) -{ - EFI_STATUS Status; - BOOLEAN IsDeletion; - BOOLEAN IsFirstTime; - UINT8 *PubKey; - EFI_VARIABLE_AUTHENTICATION *CertData; - EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN Valid; - - CertData = NULL; - CertBlock = NULL; - PubKey = NULL; - IsDeletion = FALSE; - Valid = FALSE; - - if (KeyIndex != NULL) { - *KeyIndex = 0; - } - // - // Determine if first time SetVariable with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS. - // - ZeroMem (&VariableHeader, sizeof (AUTHENTICATED_VARIABLE_HEADER)); - if (Variable->CurrPtr != 0x0) { - Valid = IsValidVariableHeader ( - Variable->CurrPtr, - Variable->Volatile, - &Global->VariableGlobal[VirtualMode], - Global->FvbInstance, - &VariableHeader - ); - ASSERT (Valid); - } - - if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { - if (KeyIndex == NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // Determine current operation type. - // - if (DataSize == AUTHINFO_SIZE) { - IsDeletion = TRUE; - } - // - // Determine whether this is the first time with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - // - if (Variable->CurrPtr == 0x0) { - IsFirstTime = TRUE; - } else if (Valid &&(VariableHeader.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == 0) { - IsFirstTime = TRUE; - } else { - *KeyIndex = VariableHeader.PubKeyIndex; - IsFirstTime = FALSE; - } - } else if (Valid && (VariableHeader.Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { - // - // If the variable is already write-protected, it always needs authentication before update. - // - return EFI_WRITE_PROTECTED; - } else { - // - // If without EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS, set and attributes collision. - // That means it is not authenticated variable, just return EFI_SUCCESS. - // - return EFI_SUCCESS; - } - - // - // Get PubKey and check Monotonic Count value corresponding to the variable. - // - CertData = (EFI_VARIABLE_AUTHENTICATION *) Data; - CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) (CertData->AuthInfo.CertData); - PubKey = CertBlock->PublicKey; - - if (MonotonicCount != NULL) { - // - // Update Monotonic Count value. - // - *MonotonicCount = CertData->MonotonicCount; - } - - if (!IsFirstTime) { - // - // Check input PubKey. - // - if (CompareMem (PubKey, Global->PubKeyStore + (*KeyIndex - 1) * EFI_CERT_TYPE_RSA2048_SIZE, EFI_CERT_TYPE_RSA2048_SIZE) != 0) { - return EFI_SECURITY_VIOLATION; - } - // - // Compare the current monotonic count and ensure that it is greater than the last SetVariable - // operation with the EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS attribute set. - // - if (CertData->MonotonicCount <= VariableHeader.MonotonicCount) { - // - // Monotonic count check fail, suspicious replay attack, return EFI_SECURITY_VIOLATION. - // - return EFI_SECURITY_VIOLATION; - } - } - // - // Verify the certificate in Data payload. - // - Status = VerifyDataPayload (VirtualMode, Global, Data, DataSize, PubKey); - if (!EFI_ERROR (Status)) { - // - // Now, the signature has been verified! - // - if (IsFirstTime && !IsDeletion) { - // - // Update public key database variable if need and return the index. - // - *KeyIndex = AddPubKeyInStore (VirtualMode, Global, PubKey); - } - } - - return Status; -} - diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h deleted file mode 100644 index 9df3020116..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/AuthService.h +++ /dev/null @@ -1,151 +0,0 @@ -/** @file - The internal header file includes the common header files, defines - internal structure and functions used by AuthService module. - -Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#ifndef _AUTHSERVICE_H_ -#define _AUTHSERVICE_H_ - -#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256 -#define EFI_CERT_TYPE_RSA2048_SIZE 256 - -/// -/// Size of AuthInfo prior to the data payload -/// -#define AUTHINFO_SIZE (((UINTN)(((EFI_VARIABLE_AUTHENTICATION *) 0)->AuthInfo.CertData)) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256)) - -/// -/// Item number of support signature types. -/// -#define SIGSUPPORT_NUM 2 - -/** - Process variable with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set, and return the index of associated public key. - - @param[in] Data The data pointer. - @param[in] DataSize The size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - @param[out] KeyIndex The output index of corresponding public key in database. - @param[out] MonotonicCount The output value of corresponding Monotonic Count. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_WRITE_PROTECTED The variable is write-protected and needs authentication with - EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set. - @retval EFI_SECURITY_VIOLATION The variable is with EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS - set, but the AuthInfo does NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable is not write-protected, or passed validation successfully. - -**/ -EFI_STATUS -VerifyVariable ( - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL, - OUT UINT32 *KeyIndex OPTIONAL, - OUT UINT64 *MonotonicCount OPTIONAL - ); - -/** - Initializes for authenticated varibale service. - - @retval EFI_SUCCESS The function successfully executed. - @retval EFI_OUT_OF_RESOURCES Failed to allocate enough memory resources. - -**/ -EFI_STATUS -AutenticatedVariableServiceInitialize ( - VOID - ); - -/** - Initializes for cryptlib service before use, include register algrithm and allocate scratch. - -**/ -VOID -CryptLibraryInitialize ( - VOID - ); - -/** - Process variable with platform key for verification. - - @param[in] VariableName The name of Variable to be found. - @param[in] VendorGuid Variable vendor GUID. - @param[in] Data The data pointer. - @param[in] DataSize The size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - @param[in] IsPk Indicates whether to process pk. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable passed validation successfully. - -**/ -EFI_STATUS -ProcessVarWithPk ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL, - IN BOOLEAN IsPk - ); - -/** - Process variable with key exchange key for verification. - - @param[in] VariableName The name of Variable to be found. - @param[in] VendorGuid The variable vendor GUID. - @param[in] Data The data pointer. - @param[in] DataSize Size of Data found. If size is less than the - data, this value contains the required size. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - @param[in] Attributes The attribute value of the variable. - - @retval EFI_INVALID_PARAMETER Invalid parameter. - @retval EFI_SECURITY_VIOLATION The variable does NOT pass the validation - check carried out by the firmware. - @retval EFI_SUCCESS The variable passed validation successfully. - -**/ -EFI_STATUS -ProcessVarWithKek ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable, - IN UINT32 Attributes OPTIONAL - ); - -#endif diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf deleted file mode 100644 index fcfda3d452..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf +++ /dev/null @@ -1,105 +0,0 @@ -## @file -# Provides authenticated variable service for IPF platform -# -# This module installs variable arch protocol and variable write arch protocol to provide -# four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. -# -# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BSD License -# which accompanies this distribution. The full text of the license may be found at -# http://opensource.org/licenses/bsd-license.php -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = EsalVariableDxeSal - MODULE_UNI_FILE = EsalVariableDxeSal.uni - FILE_GUID = 14610837-4E97-4427-96E0-21D9B2956996 - MODULE_TYPE = DXE_SAL_DRIVER - VERSION_STRING = 1.0 - - ENTRY_POINT = VariableServiceInitialize - -# -# The following information is for reference only and not required by the build tools. -# -# VALID_ARCHITECTURES = IPF -# -# VIRTUAL_ADDRESS_MAP_CALLBACK = VariableClassAddressChangeEvent -# - -[Sources.common] - InitVariable.c - Reclaim.c - Variable.c - Variable.h - AuthService.c - AuthService.h - -[Packages] - MdePkg/MdePkg.dec - MdeModulePkg/MdeModulePkg.dec - CryptoPkg/CryptoPkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - MemoryAllocationLib - BaseLib - SynchronizationLib - UefiLib - UefiBootServicesTableLib - BaseMemoryLib - DebugLib - UefiRuntimeLib - DxeServicesTableLib - UefiDriverEntryPoint - PcdLib - ExtendedSalLib - BaseCryptLib - HobLib - -[Protocols] - gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - -[Guids] - ## SOMETIMES_CONSUMES ## Variable:L"PK" - ## CONSUMES ## Variable:L"SetupMode" - ## PRODUCES ## Variable:L"SetupMode" - ## CONSUMES ## Variable:L"SignatureSupport" - ## PRODUCES ## Variable:L"SignatureSupport" - gEfiGlobalVariableGuid - - ## PRODUCES ## GUID # Variable store header - ## CONSUMES ## GUID # Variable store header - ## SOMETIMES_CONSUMES ## HOB - ## SOMETIMES_PRODUCES ## SystemTable - gEfiAuthenticatedVariableGuid - - gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event - gEfiCertRsa2048Sha256Guid ## CONSUMES ## GUID # Unique ID for the format of the CertType. - - ## SOMETIMES_CONSUMES ## Variable:L"DB" - ## SOMETIMES_CONSUMES ## Variable:L"DBX" - gEfiImageSecurityDatabaseGuid - -[Pcd.common] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES - -[FeaturePcd.common] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. - -[Depex] - gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid - -[UserExtensions.TianoCore."ExtraFiles"] - EsalVariableDxeSalExtra.uni diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.uni b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.uni deleted file mode 100644 index 08588fc10d..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.uni +++ /dev/null @@ -1,22 +0,0 @@ -// /** @file -// Provides authenticated variable service for IPF platform -// -// This module installs variable arch protocol and variable write arch protocol to provide -// four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. -// -// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
-// -// This program and the accompanying materials -// are licensed and made available under the terms and conditions of the BSD License -// which accompanies this distribution. The full text of the license may be found at -// http://opensource.org/licenses/bsd-license.php -// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -// -// **/ - - -#string STR_MODULE_ABSTRACT #language en-US "Provides authenticated variable service for IPF platform" - -#string STR_MODULE_DESCRIPTION #language en-US "This module installs variable arch protocol and variable write arch protocol to provide four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo." - diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSalExtra.uni b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSalExtra.uni deleted file mode 100644 index 6b3342c806..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSalExtra.uni +++ /dev/null @@ -1,19 +0,0 @@ -// /** @file -// EsalVariableDxeSal Localized Strings and Content -// -// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
-// -// This program and the accompanying materials -// are licensed and made available under the terms and conditions of the BSD License -// which accompanies this distribution. The full text of the license may be found at -// http://opensource.org/licenses/bsd-license.php -// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -// -// **/ - -#string STR_PROPERTIES_MODULE_NAME -#language en-US -"Esal Authenticated Variable DXE" - - diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/InitVariable.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/InitVariable.c deleted file mode 100644 index a9e739dd25..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/InitVariable.c +++ /dev/null @@ -1,247 +0,0 @@ -/** @file - Entrypoint of Extended SAL variable service module. - -Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "Variable.h" -#include "AuthService.h" - -// -// Don't use module globals after the SetVirtualAddress map is signaled -// -EFI_EVENT mEfiVirtualNotifyEvent; - -/** - Common entry for Extended SAL Variable Services Class. - - This is the common entry of all functions of Extended SAL Variable Services Class. - - @param[in] FunctionId The Function ID of member function in Extended SAL Variable Services Class. - @param[in] Arg2 The 2nd parameter for SAL procedure call. - @param[in] Arg3 The 3rd parameter for SAL procedure call. - @param[in] Arg4 The 4th parameter for SAL procedure call. - @param[in] Arg5 The 5th parameter for SAL procedure call. - @param[in] Arg6 The 6th parameter for SAL procedure call. - @param[in] Arg7 The 7th parameter for SAL procedure call. - @param[in] Arg8 The 8th parameter for SAL procedure call. - @param[in] VirtualMode The current calling mode for this function. - @param[in] Global The context of this Extended SAL Variable Services Class call. - - @return The register of SAL. - -**/ -SAL_RETURN_REGS -EFIAPI -EsalVariableCommonEntry ( - IN UINT64 FunctionId, - IN UINT64 Arg2, - IN UINT64 Arg3, - IN UINT64 Arg4, - IN UINT64 Arg5, - IN UINT64 Arg6, - IN UINT64 Arg7, - IN UINT64 Arg8, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - SAL_RETURN_REGS ReturnVal; - - ReturnVal.r9 = 0; - ReturnVal.r10 = 0; - ReturnVal.r11 = 0; - - switch (FunctionId) { - case EsalGetVariableFunctionId: - ReturnVal.Status = EsalGetVariable ( - (CHAR16 *) Arg2, - (EFI_GUID *) Arg3, - (UINT32 *) Arg4, - (UINTN *) Arg5, - (VOID *) Arg6, - VirtualMode, - Global - ); - return ReturnVal; - - case EsalGetNextVariableNameFunctionId: - ReturnVal.Status = EsalGetNextVariableName ( - (UINTN *) Arg2, - (CHAR16 *) Arg3, - (EFI_GUID *) Arg4, - VirtualMode, - Global - ); - return ReturnVal; - - case EsalSetVariableFunctionId: - ReturnVal.Status = EsalSetVariable ( - (CHAR16 *) Arg2, - (EFI_GUID *) Arg3, - (UINT32) Arg4, - (UINTN) Arg5, - (VOID *) Arg6, - VirtualMode, - Global - ); - return ReturnVal; - - case EsalQueryVariableInfoFunctionId: - ReturnVal.Status = EsalQueryVariableInfo ( - (UINT32) Arg2, - (UINT64 *) Arg3, - (UINT64 *) Arg4, - (UINT64 *) Arg5, - VirtualMode, - Global - ); - return ReturnVal; - - default: - ReturnVal.Status = EFI_SAL_INVALID_ARGUMENT; - return ReturnVal; - } -} - -/** - Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE. - - This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. - It convers pointer to new virtual address. - - @param[in] Event The event whose notification function is being invoked. - @param[in] Context The pointer to the notification function's context. - -**/ -VOID -EFIAPI -VariableClassAddressChangeEvent ( - IN EFI_EVENT Event, - IN VOID *Context - ) -{ - UINTN Index; - - CopyMem ( - &mVariableModuleGlobal->VariableGlobal[Virtual], - &mVariableModuleGlobal->VariableGlobal[Physical], - sizeof (VARIABLE_GLOBAL) - ); - - EfiConvertPointer ( - 0x0, - (VOID **) &mVariableModuleGlobal->VariableGlobal[Virtual].NonVolatileVariableBase - ); - EfiConvertPointer ( - 0x0, - (VOID **) &mVariableModuleGlobal->VariableGlobal[Virtual].VolatileVariableBase - ); - - mVariableModuleGlobal->PlatformLangCodes[Virtual] = mVariableModuleGlobal->PlatformLangCodes[Physical]; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLangCodes[Virtual]); - - mVariableModuleGlobal->LangCodes[Virtual] = mVariableModuleGlobal->LangCodes[Physical]; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->LangCodes[Virtual]); - - mVariableModuleGlobal->PlatformLang[Virtual] = mVariableModuleGlobal->PlatformLang[Physical]; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLang[Virtual]); - - CopyMem ( - mVariableModuleGlobal->VariableName[Virtual], - mVariableModuleGlobal->VariableName[Physical], - sizeof (mVariableModuleGlobal->VariableName[Physical]) - ); - for (Index = 0; Index < NUM_VAR_NAME; Index++) { - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableName[Virtual][Index]); - } - - mVariableModuleGlobal->GlobalVariableGuid[Virtual] = &gEfiGlobalVariableGuid; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->GlobalVariableGuid[Virtual]); - - mVariableModuleGlobal->AuthenticatedVariableGuid[Virtual] = &gEfiAuthenticatedVariableGuid; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->AuthenticatedVariableGuid[Virtual]); - - mVariableModuleGlobal->CertRsa2048Sha256Guid[Virtual] = &gEfiCertRsa2048Sha256Guid; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->CertRsa2048Sha256Guid[Virtual]); - - mVariableModuleGlobal->ImageSecurityDatabaseGuid[Virtual] = &gEfiImageSecurityDatabaseGuid; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->ImageSecurityDatabaseGuid[Virtual]); - - mVariableModuleGlobal->HashContext[Virtual] = mVariableModuleGlobal->HashContext[Physical]; - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->HashContext[Virtual]); -} - -/** - Entry point of Extended SAL Variable service module. - - This function is the entry point of Extended SAL Variable service module. - It registers all functions of Extended SAL Variable class, initializes - variable store for non-volatile and volatile variables, and registers - notification function for EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. - - @param[in] ImageHandle The Image handle of this driver. - @param[in] SystemTable The pointer of EFI_SYSTEM_TABLE. - - @retval EFI_SUCCESS Extended SAL Variable Services Class successfully registered. - -**/ -EFI_STATUS -EFIAPI -VariableServiceInitialize ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ) -{ - EFI_STATUS Status; - - Status = gBS->CreateEventEx ( - EVT_NOTIFY_SIGNAL, - TPL_NOTIFY, - VariableClassAddressChangeEvent, - NULL, - &gEfiEventVirtualAddressChangeGuid, - &mEfiVirtualNotifyEvent - ); - - ASSERT_EFI_ERROR (Status); - - Status = VariableCommonInitialize (ImageHandle, SystemTable); - ASSERT_EFI_ERROR (Status); - - // - // Authenticated variable initialize - // - Status = AutenticatedVariableServiceInitialize (); - ASSERT_EFI_ERROR (Status); - - FlushHob2Nv (); - - // - // Register All the Functions with Extended SAL Variable Services Class - // - RegisterEsalClass ( - EFI_EXTENDED_SAL_VARIABLE_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_VARIABLE_SERVICES_PROTOCOL_GUID_HI, - mVariableModuleGlobal, - EsalVariableCommonEntry, - EsalGetVariableFunctionId, - EsalVariableCommonEntry, - EsalGetNextVariableNameFunctionId, - EsalVariableCommonEntry, - EsalSetVariableFunctionId, - EsalVariableCommonEntry, - EsalQueryVariableInfoFunctionId, - NULL - ); - - return EFI_SUCCESS; -} diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Reclaim.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Reclaim.c deleted file mode 100644 index 898974cba5..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Reclaim.c +++ /dev/null @@ -1,262 +0,0 @@ -/** @file - Handles non-volatile variable store garbage collection, using FTW - (Fault Tolerant Write) protocol. - -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "Variable.h" - -/** - Gets firmware volume block handle by given address. - - This function gets firmware volume block handle whose - address range contains the parameter Address. - - @param[in] Address Address which should be contained - by returned FVB handle. - @param[out] FvbHandle Pointer to FVB handle for output. - - @retval EFI_SUCCESS FVB handle successfully returned. - @retval EFI_NOT_FOUND Failed to find FVB handle by address. - -**/ -EFI_STATUS -GetFvbHandleByAddress ( - IN EFI_PHYSICAL_ADDRESS Address, - OUT EFI_HANDLE *FvbHandle - ) -{ - EFI_STATUS Status; - EFI_HANDLE *HandleBuffer; - UINTN HandleCount; - UINTN Index; - EFI_PHYSICAL_ADDRESS FvbBaseAddress; - EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *Fvb; - EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader; - - *FvbHandle = NULL; - // - // Locate all handles with Firmware Volume Block protocol - // - Status = gBS->LocateHandleBuffer ( - ByProtocol, - &gEfiFirmwareVolumeBlockProtocolGuid, - NULL, - &HandleCount, - &HandleBuffer - ); - if (EFI_ERROR (Status)) { - return EFI_NOT_FOUND; - } - // - // Traverse all the handles, searching for the one containing parameter Address - // - for (Index = 0; Index < HandleCount; Index += 1) { - Status = gBS->HandleProtocol ( - HandleBuffer[Index], - &gEfiFirmwareVolumeBlockProtocolGuid, - (VOID **) &Fvb - ); - if (EFI_ERROR (Status)) { - Status = EFI_NOT_FOUND; - break; - } - // - // Checks if the address range of this handle contains parameter Address - // - Status = Fvb->GetPhysicalAddress (Fvb, &FvbBaseAddress); - if (EFI_ERROR (Status)) { - continue; - } - - FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN) FvbBaseAddress); - if ((Address >= FvbBaseAddress) && (Address <= (FvbBaseAddress + FwVolHeader->FvLength))) { - *FvbHandle = HandleBuffer[Index]; - Status = EFI_SUCCESS; - break; - } - } - - FreePool (HandleBuffer); - return Status; -} - -/** - Gets LBA of block and offset by given address. - - This function gets the Logical Block Address (LBA) of firmware - volume block containing the given address, and the offset of - address on the block. - - @param[in] Address Address which should be contained - by returned FVB handle. - @param[out] Lba The pointer to LBA for output. - @param[out] Offset The pointer to offset for output. - - @retval EFI_SUCCESS LBA and offset successfully returned. - @retval EFI_NOT_FOUND Failed to find FVB handle by address. - @retval EFI_ABORTED Failed to find valid LBA and offset. - -**/ -EFI_STATUS -GetLbaAndOffsetByAddress ( - IN EFI_PHYSICAL_ADDRESS Address, - OUT EFI_LBA *Lba, - OUT UINTN *Offset - ) -{ - EFI_STATUS Status; - EFI_HANDLE FvbHandle; - EFI_PHYSICAL_ADDRESS FvbBaseAddress; - EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *Fvb; - EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader; - EFI_FV_BLOCK_MAP_ENTRY *FvbMapEntry; - UINT32 LbaIndex; - - *Lba = (EFI_LBA) (-1); - *Offset = 0; - - // - // Gets firmware volume block handle by given address. - // - Status = GetFvbHandleByAddress (Address, &FvbHandle); - if (EFI_ERROR (Status)) { - return Status; - } - - Status = gBS->HandleProtocol ( - FvbHandle, - &gEfiFirmwareVolumeBlockProtocolGuid, - (VOID **) &Fvb - ); - if (EFI_ERROR (Status)) { - return Status; - } - // - // Get the Base Address of FV - // - Status = Fvb->GetPhysicalAddress (Fvb, &FvbBaseAddress); - if (EFI_ERROR (Status)) { - return Status; - } - - FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN) FvbBaseAddress); - - // - // Get the (LBA, Offset) of Address - // - if ((Address >= FvbBaseAddress) && (Address <= (FvbBaseAddress + FwVolHeader->FvLength))) { - if ((FwVolHeader->FvLength) > (FwVolHeader->HeaderLength)) { - // - // BUGBUG: Assume one FV has one type of BlockLength - // - FvbMapEntry = &FwVolHeader->BlockMap[0]; - for (LbaIndex = 1; LbaIndex <= FvbMapEntry->NumBlocks; LbaIndex += 1) { - if (Address < (FvbBaseAddress + FvbMapEntry->Length * LbaIndex)) { - // - // Found the (Lba, Offset) - // - *Lba = LbaIndex - 1; - *Offset = (UINTN) (Address - (FvbBaseAddress + FvbMapEntry->Length * (LbaIndex - 1))); - return EFI_SUCCESS; - } - } - } - } - - return EFI_ABORTED; -} - -/** - Writes a buffer to variable storage space. - - This function writes a buffer to variable storage space into firmware - volume block device. The destination is specified by parameter - VariableBase. Fault Tolerant Write protocol is used for writing. - - @param[in] VariableBase The base address of the variable to write. - @param[in] Buffer Points to the data buffer. - @param[in] BufferSize The number of bytes of the data Buffer. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND Fail to locate Fault Tolerant Write protocol. - @retval Other The function could not complete successfully. - -**/ -EFI_STATUS -FtwVariableSpace ( - IN EFI_PHYSICAL_ADDRESS VariableBase, - IN UINT8 *Buffer, - IN UINTN BufferSize - ) -{ - EFI_STATUS Status; - EFI_HANDLE FvbHandle; - EFI_LBA VarLba; - UINTN VarOffset; - UINT8 *FtwBuffer; - UINTN FtwBufferSize; - EFI_FAULT_TOLERANT_WRITE_PROTOCOL *FtwProtocol; - - // - // Locate Fault Tolerant Write protocol - // - Status = gBS->LocateProtocol ( - &gEfiFaultTolerantWriteProtocolGuid, - NULL, - (VOID **) &FtwProtocol - ); - if (EFI_ERROR (Status)) { - return EFI_NOT_FOUND; - } - // - // Gets firmware volume block handle by VariableBase. - // - Status = GetFvbHandleByAddress (VariableBase, &FvbHandle); - if (EFI_ERROR (Status)) { - return Status; - } - // - // Gets LBA of block and offset by VariableBase. - // - Status = GetLbaAndOffsetByAddress (VariableBase, &VarLba, &VarOffset); - if (EFI_ERROR (Status)) { - return EFI_ABORTED; - } - // - // Prepare for the variable data - // - FtwBufferSize = ((VARIABLE_STORE_HEADER *) ((UINTN) VariableBase))->Size; - FtwBuffer = AllocatePool (FtwBufferSize); - if (FtwBuffer == NULL) { - return EFI_OUT_OF_RESOURCES; - } - - SetMem (FtwBuffer, FtwBufferSize, (UINT8) 0xff); - CopyMem (FtwBuffer, Buffer, BufferSize); - - // - // FTW write record - // - Status = FtwProtocol->Write ( - FtwProtocol, - VarLba, // LBA - VarOffset, // Offset - FtwBufferSize, // NumBytes, - NULL, - FvbHandle, - FtwBuffer - ); - - FreePool (FtwBuffer); - return Status; -} diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c deleted file mode 100644 index b8a0af4b5c..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c +++ /dev/null @@ -1,3257 +0,0 @@ -/** @file - The implementation of Extended SAL variable services. - -Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "Variable.h" -#include "AuthService.h" - -// -// Don't use module globals after the SetVirtualAddress map is signaled -// -ESAL_VARIABLE_GLOBAL *mVariableModuleGlobal; -CHAR16 *mVariableName[NUM_VAR_NAME] = { - L"PlatformLangCodes", - L"LangCodes", - L"PlatformLang", - L"Lang", - L"HwErrRec", - AUTHVAR_KEYDB_NAME, - EFI_SETUP_MODE_NAME, - EFI_PLATFORM_KEY_NAME, - EFI_KEY_EXCHANGE_KEY_NAME -}; - -GLOBAL_REMOVE_IF_UNREFERENCED VARIABLE_INFO_ENTRY *gVariableInfo = NULL; - -// -// The current Hii implementation accesses this variable a larg # of times on every boot. -// Other common variables are only accessed a single time. This is why this cache algorithm -// only targets a single variable. Probably to get an performance improvement out of -// a Cache you would need a cache that improves the search performance for a variable. -// -VARIABLE_CACHE_ENTRY mVariableCache[] = { - { - &gEfiGlobalVariableGuid, - L"Lang", - 0x00000000, - 0x00, - NULL - }, - { - &gEfiGlobalVariableGuid, - L"PlatformLang", - 0x00000000, - 0x00, - NULL - } -}; - -/** - Acquires lock only at boot time. Simply returns at runtime. - - This is a temperary function which will be removed when - EfiAcquireLock() in UefiLib can handle the call in UEFI - Runtimer driver in RT phase. - It calls EfiAcquireLock() at boot time, and simply returns - at runtime. - - @param[in] Lock A pointer to the lock to acquire. - -**/ -VOID -AcquireLockOnlyAtBootTime ( - IN EFI_LOCK *Lock - ) -{ - if (!EfiAtRuntime ()) { - EfiAcquireLock (Lock); - } -} - -/** - Releases lock only at boot time. Simply returns at runtime. - - This is a temperary function which will be removed when - EfiReleaseLock() in UefiLib can handle the call in UEFI - Runtimer driver in RT phase. - It calls EfiReleaseLock() at boot time, and simply returns - at runtime - - @param[in] Lock A pointer to the lock to release. - -**/ -VOID -ReleaseLockOnlyAtBootTime ( - IN EFI_LOCK *Lock - ) -{ - if (!EfiAtRuntime ()) { - EfiReleaseLock (Lock); - } -} - -/** - Reads/Writes variable storage, volatile or non-volatile. - - This function reads or writes volatile or non-volatile variable stroage. - For volatile storage, it performs memory copy. - For non-volatile storage, it accesses data on firmware storage. Data - area to access can span multiple firmware blocks. - - @param[in] Write TRUE - Write variable store. - FALSE - Read variable store. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Instance Instance of FV Block services. - @param[in] StartAddress Start address of data to access. - @param[in] DataSize Size of data to access. - @param[in, out] Buffer For write, pointer to the buffer from which data is written. - For read, pointer to the buffer to hold the data read. - - @retval EFI_SUCCESS Variable store successfully accessed. - @retval EFI_INVALID_PARAMETER Data area to access exceeds valid variable storage. - -**/ -EFI_STATUS -AccessVariableStore ( - IN BOOLEAN Write, - IN VARIABLE_GLOBAL *Global, - IN BOOLEAN Volatile, - IN UINTN Instance, - IN EFI_PHYSICAL_ADDRESS StartAddress, - IN UINT32 DataSize, - IN OUT VOID *Buffer - ) -{ - EFI_FV_BLOCK_MAP_ENTRY *PtrBlockMapEntry; - UINTN BlockIndex; - UINTN LinearOffset; - UINTN CurrWriteSize; - UINTN CurrWritePtr; - UINT8 *CurrBuffer; - EFI_LBA LbaNumber; - UINTN Size; - EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader; - VARIABLE_STORE_HEADER *VolatileBase; - EFI_PHYSICAL_ADDRESS FvVolHdr; - EFI_STATUS Status; - VARIABLE_STORE_HEADER *VariableStoreHeader; - - FvVolHdr = 0; - FwVolHeader = NULL; - - if (Volatile) { - // - // If data is volatile, simply calculate the data pointer and copy memory. - // Data pointer should point to the actual address where data is to be - // accessed. - // - VolatileBase = (VARIABLE_STORE_HEADER *) ((UINTN) Global->VolatileVariableBase); - - if ((StartAddress + DataSize) > ((UINTN) ((UINT8 *) VolatileBase + VolatileBase->Size))) { - return EFI_INVALID_PARAMETER; - } - - // - // For volatile variable, a simple memory copy is enough. - // - if (Write) { - CopyMem ((VOID *) StartAddress, Buffer, DataSize); - } else { - CopyMem (Buffer, (VOID *) StartAddress, DataSize); - } - - return EFI_SUCCESS; - } - - // - // If data is non-volatile, calculate firmware volume header and data pointer. - // - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - GetPhysicalAddressFunctionId, - Instance, - (UINT64) &FvVolHdr, - 0, - 0, - 0, - 0, - 0 - ).Status; - ASSERT_EFI_ERROR (Status); - - FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN) FvVolHdr); - ASSERT (FwVolHeader != NULL); - VariableStoreHeader = (VARIABLE_STORE_HEADER *)(FwVolHeader + 1); - - if ((StartAddress + DataSize) > ((EFI_PHYSICAL_ADDRESS) (UINTN) ((CHAR8 *)VariableStoreHeader + VariableStoreHeader->Size))) { - return EFI_INVALID_PARAMETER; - } - - LinearOffset = (UINTN) FwVolHeader; - CurrWritePtr = StartAddress; - CurrWriteSize = DataSize; - CurrBuffer = Buffer; - LbaNumber = 0; - - if (CurrWritePtr < LinearOffset) { - return EFI_INVALID_PARAMETER; - } - - // - // Traverse data blocks of this firmware storage to find the one where CurrWritePtr locates - // - for (PtrBlockMapEntry = FwVolHeader->BlockMap; PtrBlockMapEntry->NumBlocks != 0; PtrBlockMapEntry++) { - for (BlockIndex = 0; BlockIndex < PtrBlockMapEntry->NumBlocks; BlockIndex++) { - if ((CurrWritePtr >= LinearOffset) && (CurrWritePtr < LinearOffset + PtrBlockMapEntry->Length)) { - // - // Check to see if the data area to access spans multiple blocks. - // - if ((CurrWritePtr + CurrWriteSize) <= (LinearOffset + PtrBlockMapEntry->Length)) { - // - // If data area to access is contained in one block, just access and return. - // - if (Write) { - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - WriteFunctionId, - Instance, - LbaNumber, - (CurrWritePtr - LinearOffset), - (UINT64) &CurrWriteSize, - (UINT64) CurrBuffer, - 0, - 0 - ).Status; - } else { - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - ReadFunctionId, - Instance, - LbaNumber, - (CurrWritePtr - LinearOffset), - (UINT64) &CurrWriteSize, - (UINT64) CurrBuffer, - 0, - 0 - ).Status; - } - return Status; - } else { - // - // If data area to access spans multiple blocks, access this one and adjust for the next one. - // - Size = (UINT32) (LinearOffset + PtrBlockMapEntry->Length - CurrWritePtr); - if (Write) { - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - WriteFunctionId, - Instance, - LbaNumber, - (CurrWritePtr - LinearOffset), - (UINT64) &Size, - (UINT64) CurrBuffer, - 0, - 0 - ).Status; - } else { - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - ReadFunctionId, - Instance, - LbaNumber, - (CurrWritePtr - LinearOffset), - (UINT64) &Size, - (UINT64) CurrBuffer, - 0, - 0 - ).Status; - } - if (EFI_ERROR (Status)) { - return Status; - } - // - // Adjust for the remaining data. - // - CurrWritePtr = LinearOffset + PtrBlockMapEntry->Length; - CurrBuffer = CurrBuffer + Size; - CurrWriteSize = CurrWriteSize - Size; - } - } - - LinearOffset += PtrBlockMapEntry->Length; - LbaNumber++; - } - } - - return EFI_SUCCESS; -} - -/** - Retrieves header of volatile or non-volatile variable stroage. - - @param[in] VarStoreAddress Start address of variable storage. - @param[in] Volatile TRUE - Variable storage is volatile. - FALSE - Variable storage is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VarStoreHeader Pointer to VARIABLE_STORE_HEADER for output. - -**/ -VOID -GetVarStoreHeader ( - IN EFI_PHYSICAL_ADDRESS VarStoreAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT VARIABLE_STORE_HEADER *VarStoreHeader - ) -{ - EFI_STATUS Status; - - Status = AccessVariableStore ( - FALSE, - Global, - Volatile, - Instance, - VarStoreAddress, - sizeof (VARIABLE_STORE_HEADER), - VarStoreHeader - ); - ASSERT_EFI_ERROR (Status); -} - -/** - Checks variable header. - - This function checks if variable header is valid or not. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VariableHeader Pointer to AUTHENTICATED_VARIABLE_HEADER for output. - - @retval TRUE Variable header is valid. - @retval FALSE Variable header is not valid. - -**/ -BOOLEAN -IsValidVariableHeader ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT AUTHENTICATED_VARIABLE_HEADER *VariableHeader OPTIONAL - ) -{ - EFI_STATUS Status; - AUTHENTICATED_VARIABLE_HEADER LocalVariableHeader; - - Status = AccessVariableStore ( - FALSE, - Global, - Volatile, - Instance, - VariableAddress, - sizeof (AUTHENTICATED_VARIABLE_HEADER), - &LocalVariableHeader - ); - - if (EFI_ERROR (Status) || LocalVariableHeader.StartId != VARIABLE_DATA) { - return FALSE; - } - - if (VariableHeader != NULL) { - CopyMem (VariableHeader, &LocalVariableHeader, sizeof (AUTHENTICATED_VARIABLE_HEADER)); - } - - return TRUE; -} - -/** - Gets status of variable store. - - This function gets the current status of variable store. - - @param[in] VarStoreHeader Pointer to header of variable store. - - @retval EfiRaw Variable store status is raw. - @retval EfiValid Variable store status is valid. - @retval EfiInvalid Variable store status is invalid. - -**/ -VARIABLE_STORE_STATUS -GetVariableStoreStatus ( - IN VARIABLE_STORE_HEADER *VarStoreHeader - ) -{ - - if (CompareGuid (&VarStoreHeader->Signature, &gEfiAuthenticatedVariableGuid) && - VarStoreHeader->Format == VARIABLE_STORE_FORMATTED && - VarStoreHeader->State == VARIABLE_STORE_HEALTHY - ) { - - return EfiValid; - } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff && - ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff && - ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff && - ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff && - VarStoreHeader->Size == 0xffffffff && - VarStoreHeader->Format == 0xff && - VarStoreHeader->State == 0xff - ) { - - return EfiRaw; - } else { - return EfiInvalid; - } -} - -/** - Gets the size of variable name. - - This function gets the size of variable name. - The variable is specified by its variable header. - If variable header contains raw data, just return 0. - - @param[in] Variable Pointer to the variable header. - - @return Size of variable name in bytes. - -**/ -UINTN -NameSizeOfVariable ( - IN AUTHENTICATED_VARIABLE_HEADER *Variable - ) -{ - if (Variable->State == (UINT8) (-1) || - Variable->DataSize == (UINT32) -1 || - Variable->NameSize == (UINT32) -1 || - Variable->Attributes == (UINT32) -1) { - return 0; - } - return (UINTN) Variable->NameSize; -} - -/** - Gets the size of variable data area. - - This function gets the size of variable data area. - The variable is specified by its variable header. - If variable header contains raw data, just return 0. - - @param[in] Variable Pointer to the variable header. - - @return Size of variable data area in bytes. - -**/ -UINTN -DataSizeOfVariable ( - IN AUTHENTICATED_VARIABLE_HEADER *Variable - ) -{ - if (Variable->State == (UINT8) -1 || - Variable->DataSize == (UINT32) -1 || - Variable->NameSize == (UINT32) -1 || - Variable->Attributes == (UINT32) -1) { - return 0; - } - return (UINTN) Variable->DataSize; -} - -/** - Gets the pointer to variable name. - - This function gets the pointer to variable name. - The variable is specified by its variable header. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VariableName Buffer to hold variable name for output. - -**/ -VOID -GetVariableNamePtr ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT CHAR16 *VariableName - ) -{ - EFI_STATUS Status; - EFI_PHYSICAL_ADDRESS Address; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN IsValid; - - IsValid = IsValidVariableHeader (VariableAddress, Volatile, Global, Instance, &VariableHeader); - ASSERT (IsValid); - - // - // Name area follows variable header. - // - Address = VariableAddress + sizeof (AUTHENTICATED_VARIABLE_HEADER); - - Status = AccessVariableStore ( - FALSE, - Global, - Volatile, - Instance, - Address, - VariableHeader.NameSize, - VariableName - ); - ASSERT_EFI_ERROR (Status); -} - -/** - Gets the pointer to variable data area. - - This function gets the pointer to variable data area. - The variable is specified by its variable header. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VariableData Buffer to hold variable data for output. - -**/ -VOID -GetVariableDataPtr ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT CHAR16 *VariableData - ) -{ - EFI_STATUS Status; - EFI_PHYSICAL_ADDRESS Address; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN IsValid; - - IsValid = IsValidVariableHeader (VariableAddress, Volatile, Global, Instance, &VariableHeader); - ASSERT (IsValid); - - // - // Data area follows variable name. - // Be careful about pad size for alignment - // - Address = VariableAddress + sizeof (AUTHENTICATED_VARIABLE_HEADER); - Address += NameSizeOfVariable (&VariableHeader); - Address += GET_PAD_SIZE (NameSizeOfVariable (&VariableHeader)); - - Status = AccessVariableStore ( - FALSE, - Global, - Volatile, - Instance, - Address, - VariableHeader.DataSize, - VariableData - ); - ASSERT_EFI_ERROR (Status); -} - - -/** - Gets the pointer to the next variable header. - - This function gets the pointer to the next variable header. - The variable is specified by its variable header. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - - @return Pointer to the next variable header. - NULL if variable header is invalid. - -**/ -EFI_PHYSICAL_ADDRESS -GetNextVariablePtr ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance - ) -{ - EFI_PHYSICAL_ADDRESS Address; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - - if (!IsValidVariableHeader (VariableAddress, Volatile, Global, Instance, &VariableHeader)) { - return 0x0; - } - - // - // Header of next variable follows data area of this variable - // - Address = VariableAddress + sizeof (AUTHENTICATED_VARIABLE_HEADER); - Address += NameSizeOfVariable (&VariableHeader); - Address += GET_PAD_SIZE (NameSizeOfVariable (&VariableHeader)); - Address += DataSizeOfVariable (&VariableHeader); - Address += GET_PAD_SIZE (DataSizeOfVariable (&VariableHeader)); - - // - // Be careful about pad size for alignment - // - return HEADER_ALIGN (Address); -} - -/** - Gets the pointer to the first variable header in given variable store area. - - This function gets the pointer to the first variable header in given variable - store area. The variable store area is given by its start address. - - @param[in] VarStoreHeaderAddress Pointer to the header of variable store area. - - @return Pointer to the first variable header. - -**/ -EFI_PHYSICAL_ADDRESS -GetStartPointer ( - IN EFI_PHYSICAL_ADDRESS VarStoreHeaderAddress - ) -{ - return HEADER_ALIGN (VarStoreHeaderAddress + sizeof (VARIABLE_STORE_HEADER)); -} - -/** - Gets the pointer to the end of given variable store area. - - This function gets the pointer to the end of given variable store area. - The variable store area is given by its start address. - - @param[in] VarStoreHeaderAddress Pointer to the header of variable store area. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - - @return Pointer to the end of given variable store area. - -**/ -EFI_PHYSICAL_ADDRESS -GetEndPointer ( - IN EFI_PHYSICAL_ADDRESS VarStoreHeaderAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance - ) -{ - EFI_STATUS Status; - VARIABLE_STORE_HEADER VariableStoreHeader; - - Status = AccessVariableStore ( - FALSE, - Global, - Volatile, - Instance, - VarStoreHeaderAddress, - sizeof (VARIABLE_STORE_HEADER), - &VariableStoreHeader - ); - - ASSERT_EFI_ERROR (Status); - return HEADER_ALIGN (VarStoreHeaderAddress + VariableStoreHeader.Size); -} - -/** - Updates variable info entry in EFI system table for statistical information. - - Routine used to track statistical information about variable usage. - The data is stored in the EFI system table so it can be accessed later. - VariableInfo.efi can dump out the table. Only Boot Services variable - accesses are tracked by this code. The PcdVariableCollectStatistics - build flag controls if this feature is enabled. - A read that hits in the cache will have Read and Cache true for - the transaction. Data is allocated by this routine, but never - freed. - - @param[in] VariableName Name of the Variable to track. - @param[in] VendorGuid Guid of the Variable to track. - @param[in] Volatile TRUE if volatile FALSE if non-volatile. - @param[in] Read TRUE if GetVariable() was called. - @param[in] Write TRUE if SetVariable() was called. - @param[in] Delete TRUE if deleted via SetVariable(). - @param[in] Cache TRUE for a cache hit. - -**/ -VOID -UpdateVariableInfo ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN BOOLEAN Volatile, - IN BOOLEAN Read, - IN BOOLEAN Write, - IN BOOLEAN Delete, - IN BOOLEAN Cache - ) -{ - VARIABLE_INFO_ENTRY *Entry; - - if (FeaturePcdGet (PcdVariableCollectStatistics)) { - - if (EfiAtRuntime ()) { - // - // Don't collect statistics at runtime - // - return; - } - - if (gVariableInfo == NULL) { - // - // on the first call allocate a entry and place a pointer to it in - // the EFI System Table - // - gVariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY)); - ASSERT (gVariableInfo != NULL); - - CopyGuid (&gVariableInfo->VendorGuid, VendorGuid); - gVariableInfo->Name = AllocatePool (StrSize (VariableName)); - ASSERT (gVariableInfo->Name != NULL); - StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName); - gVariableInfo->Volatile = Volatile; - - gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, gVariableInfo); - } - - - for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) { - if (CompareGuid (VendorGuid, &Entry->VendorGuid)) { - if (StrCmp (VariableName, Entry->Name) == 0) { - // - // Find the entry matching both variable name and vender GUID, - // and update counters for all types. - // - if (Read) { - Entry->ReadCount++; - } - if (Write) { - Entry->WriteCount++; - } - if (Delete) { - Entry->DeleteCount++; - } - if (Cache) { - Entry->CacheCount++; - } - - return; - } - } - - if (Entry->Next == NULL) { - // - // If the entry is not in the table add it. - // Next iteration of the loop will fill in the data - // - Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY)); - ASSERT (Entry->Next != NULL); - - CopyGuid (&Entry->Next->VendorGuid, VendorGuid); - Entry->Next->Name = AllocatePool (StrSize (VariableName)); - ASSERT (Entry->Next->Name != NULL); - StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName); - Entry->Next->Volatile = Volatile; - } - - } - } -} - -/** - Updates variable in cache. - - This function searches the variable cache. If the variable to set exists in the cache, - it updates the variable in cache. It has the same parameters with UEFI SetVariable() - service. - - @param[in] VariableName A Null-terminated Unicode string that is the name of the vendor's - variable. Each VariableName is unique for each VendorGuid. - @param[in] VendorGuid A unique identifier for the vendor. - @param[in] Attributes Attributes bitmask to set for the variable. - @param[in] DataSize The size in bytes of the Data buffer. A size of zero causes the - variable to be deleted. - @param[in] Data The contents for the variable. - -**/ -VOID -UpdateVariableCache ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data - ) -{ - VARIABLE_CACHE_ENTRY *Entry; - UINTN Index; - - if (EfiAtRuntime ()) { - // - // Don't use the cache at runtime - // - return; - } - - // - // Searches cache for the variable to update. If it exists, update it. - // - for (Index = 0, Entry = mVariableCache; Index < sizeof (mVariableCache)/sizeof (VARIABLE_CACHE_ENTRY); Index++, Entry++) { - if (CompareGuid (VendorGuid, Entry->Guid)) { - if (StrCmp (VariableName, Entry->Name) == 0) { - Entry->Attributes = Attributes; - if (DataSize == 0) { - // - // If DataSize is 0, delete the variable. - // - if (Entry->DataSize != 0) { - FreePool (Entry->Data); - } - Entry->DataSize = DataSize; - } else if (DataSize == Entry->DataSize) { - // - // If size of data does not change, simply copy data - // - CopyMem (Entry->Data, Data, DataSize); - } else { - // - // If size of data changes, allocate pool and copy data. - // - Entry->Data = AllocatePool (DataSize); - ASSERT (Entry->Data != NULL); - Entry->DataSize = DataSize; - CopyMem (Entry->Data, Data, DataSize); - } - } - } - } -} - - -/** - Search the cache to check if the variable is in it. - - This function searches the variable cache. If the variable to find exists, return its data - and attributes. - - @param[in] VariableName A Null-terminated Unicode string that is the name of the vendor's - variable. Each VariableName is unique for each VendorGuid. - @param[in] VendorGuid A unique identifier for the vendor - @param[out] Attributes Pointer to the attributes bitmask of the variable for output. - @param[in, out] DataSize On input, size of the buffer of Data. - On output, size of the variable's data. - @param[out] Data Pointer to the data buffer for output. - - @retval EFI_SUCCESS VariableGuid & VariableName data was returned. - @retval EFI_NOT_FOUND No matching variable found in cache. - @retval EFI_BUFFER_TOO_SMALL *DataSize is smaller than size of the variable's data to return. - -**/ -EFI_STATUS -FindVariableInCache ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT UINT32 *Attributes OPTIONAL, - IN OUT UINTN *DataSize, - OUT VOID *Data - ) -{ - VARIABLE_CACHE_ENTRY *Entry; - UINTN Index; - - if (EfiAtRuntime ()) { - // - // Don't use the cache at runtime - // - return EFI_NOT_FOUND; - } - - // - // Searches cache for the variable - // - for (Index = 0, Entry = mVariableCache; Index < sizeof (mVariableCache)/sizeof (VARIABLE_CACHE_ENTRY); Index++, Entry++) { - if (CompareGuid (VendorGuid, Entry->Guid)) { - if (StrCmp (VariableName, Entry->Name) == 0) { - if (Entry->DataSize == 0) { - // - // Variable has been deleted so return EFI_NOT_FOUND - // - return EFI_NOT_FOUND; - } else if (Entry->DataSize > *DataSize) { - // - // If buffer is too small, return the size needed and EFI_BUFFER_TOO_SMALL - // - *DataSize = Entry->DataSize; - return EFI_BUFFER_TOO_SMALL; - } else { - // - // If buffer is large enough, return the data - // - *DataSize = Entry->DataSize; - CopyMem (Data, Entry->Data, Entry->DataSize); - // - // If Attributes is not NULL, return the variable's attribute. - // - if (Attributes != NULL) { - *Attributes = Entry->Attributes; - } - return EFI_SUCCESS; - } - } - } - } - - return EFI_NOT_FOUND; -} - -/** - Finds variable in volatile and non-volatile storage areas. - - This code finds variable in volatile and non-volatile storage areas. - If VariableName is an empty string, then we just return the first - qualified variable without comparing VariableName and VendorGuid. - Otherwise, VariableName and VendorGuid are compared. - - @param[in] VariableName Name of the variable to be found. - @param[in] VendorGuid Vendor GUID to be found. - @param[out] PtrTrack VARIABLE_POINTER_TRACK structure for output, - including the range searched and the target position. - @param[in] Global Pointer to VARIABLE_GLOBAL structure, including - base of volatile variable storage area, base of - NV variable storage area, and a lock. - @param[in] Instance Instance of FV Block services. - - @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while - VendorGuid is NULL. - @retval EFI_SUCCESS Variable successfully found. - @retval EFI_INVALID_PARAMETER Variable not found. - -**/ -EFI_STATUS -FindVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT VARIABLE_POINTER_TRACK *PtrTrack, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance - ) -{ - EFI_PHYSICAL_ADDRESS Variable[2]; - EFI_PHYSICAL_ADDRESS InDeletedVariable; - EFI_PHYSICAL_ADDRESS VariableStoreHeader[2]; - UINTN InDeletedStorageIndex; - UINTN Index; - CHAR16 LocalVariableName[MAX_NAME_SIZE]; - BOOLEAN Volatile; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - - // - // 0: Volatile, 1: Non-Volatile - // The index and attributes mapping must be kept in this order as RuntimeServiceGetNextVariableName - // make use of this mapping to implement search algorithme. - // - VariableStoreHeader[0] = Global->VolatileVariableBase; - VariableStoreHeader[1] = Global->NonVolatileVariableBase; - - // - // Start Pointers for the variable. - // Actual Data Pointer where data can be written. - // - Variable[0] = GetStartPointer (VariableStoreHeader[0]); - Variable[1] = GetStartPointer (VariableStoreHeader[1]); - - if (VariableName[0] != 0 && VendorGuid == NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // Find the variable by walk through volatile and then non-volatile variable store - // - InDeletedVariable = 0x0; - InDeletedStorageIndex = 0; - Volatile = TRUE; - for (Index = 0; Index < 2; Index++) { - if (Index == 1) { - Volatile = FALSE; - } - while (IsValidVariableHeader (Variable[Index], Volatile, Global, Instance, &VariableHeader)) { - if (VariableHeader.State == VAR_ADDED || - VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED) - ) { - if (!EfiAtRuntime () || ((VariableHeader.Attributes & EFI_VARIABLE_RUNTIME_ACCESS) != 0)) { - if (VariableName[0] == 0) { - // - // If VariableName is an empty string, then we just find the first qualified variable - // without comparing VariableName and VendorGuid - // - if (VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { - // - // If variable is in delete transition, record it. - // - InDeletedVariable = Variable[Index]; - InDeletedStorageIndex = Index; - } else { - // - // If variable is not in delete transition, return it. - // - PtrTrack->StartPtr = GetStartPointer (VariableStoreHeader[Index]); - PtrTrack->EndPtr = GetEndPointer (VariableStoreHeader[Index], Volatile, Global, Instance); - PtrTrack->CurrPtr = Variable[Index]; - PtrTrack->Volatile = Volatile; - - return EFI_SUCCESS; - } - } else { - // - // If VariableName is not an empty string, then VariableName and VendorGuid are compared. - // - if (CompareGuid (VendorGuid, &VariableHeader.VendorGuid)) { - GetVariableNamePtr ( - Variable[Index], - Volatile, - Global, - Instance, - LocalVariableName - ); - - ASSERT (NameSizeOfVariable (&VariableHeader) != 0); - if (CompareMem (VariableName, LocalVariableName, NameSizeOfVariable (&VariableHeader)) == 0) { - if (VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { - // - // If variable is in delete transition, record it. - // We will use if only no VAR_ADDED variable is found. - // - InDeletedVariable = Variable[Index]; - InDeletedStorageIndex = Index; - } else { - // - // If variable is not in delete transition, return it. - // - PtrTrack->StartPtr = GetStartPointer (VariableStoreHeader[Index]); - PtrTrack->EndPtr = GetEndPointer (VariableStoreHeader[Index], Volatile, Global, Instance); - PtrTrack->CurrPtr = Variable[Index]; - PtrTrack->Volatile = Volatile; - - return EFI_SUCCESS; - } - } - } - } - } - } - - Variable[Index] = GetNextVariablePtr ( - Variable[Index], - Volatile, - Global, - Instance - ); - } - if (InDeletedVariable != 0x0) { - // - // If no VAR_ADDED variable is found, and only variable in delete transition, then use this one. - // - PtrTrack->StartPtr = GetStartPointer (VariableStoreHeader[InDeletedStorageIndex]); - PtrTrack->EndPtr = GetEndPointer ( - VariableStoreHeader[InDeletedStorageIndex], - (BOOLEAN)(InDeletedStorageIndex == 0), - Global, - Instance - ); - PtrTrack->CurrPtr = InDeletedVariable; - PtrTrack->Volatile = (BOOLEAN)(InDeletedStorageIndex == 0); - return EFI_SUCCESS; - } - } - PtrTrack->CurrPtr = 0x0; - return EFI_NOT_FOUND; -} - -/** - Variable store garbage collection and reclaim operation. - - @param[in] VariableBase Base address of variable store area. - @param[out] LastVariableOffset Offset of last variable. - @param[in] IsVolatile The variable store is volatile or not, - if it is non-volatile, need FTW. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - @param[in] UpdatingVariable Pointer to header of the variable that is being updated. - - @retval EFI_SUCCESS Variable store successfully reclaimed. - @retval EFI_OUT_OF_RESOURCES Fail to allocate memory buffer to hold all valid variables. - -**/ -EFI_STATUS -Reclaim ( - IN EFI_PHYSICAL_ADDRESS VariableBase, - OUT UINTN *LastVariableOffset, - IN BOOLEAN IsVolatile, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN EFI_PHYSICAL_ADDRESS UpdatingVariable - ) -{ - EFI_PHYSICAL_ADDRESS Variable; - EFI_PHYSICAL_ADDRESS AddedVariable; - EFI_PHYSICAL_ADDRESS NextVariable; - EFI_PHYSICAL_ADDRESS NextAddedVariable; - VARIABLE_STORE_HEADER VariableStoreHeader; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - AUTHENTICATED_VARIABLE_HEADER AddedVariableHeader; - CHAR16 VariableName[MAX_NAME_SIZE]; - CHAR16 AddedVariableName[MAX_NAME_SIZE]; - UINT8 *ValidBuffer; - UINTN MaximumBufferSize; - UINTN VariableSize; - UINTN NameSize; - UINT8 *CurrPtr; - BOOLEAN FoundAdded; - EFI_STATUS Status; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - GetVarStoreHeader (VariableBase, IsVolatile, VariableGlobal, Instance, &VariableStoreHeader); - // - // recaluate the total size of Common/HwErr type variables in non-volatile area. - // - if (!IsVolatile) { - Global->CommonVariableTotalSize = 0; - Global->HwErrVariableTotalSize = 0; - } - - // - // Calculate the size of buffer needed to gather all valid variables - // - Variable = GetStartPointer (VariableBase); - MaximumBufferSize = sizeof (VARIABLE_STORE_HEADER); - - while (IsValidVariableHeader (Variable, IsVolatile, VariableGlobal, Instance, &VariableHeader)) { - NextVariable = GetNextVariablePtr (Variable, IsVolatile, VariableGlobal, Instance); - // - // Collect VAR_ADDED variables, and variables in delete transition status. - // - if (VariableHeader.State == VAR_ADDED || - VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED) - ) { - VariableSize = NextVariable - Variable; - MaximumBufferSize += VariableSize; - } - - Variable = NextVariable; - } - - // - // Reserve the 1 Bytes with Oxff to identify the - // end of the variable buffer. - // - MaximumBufferSize += 1; - ValidBuffer = AllocatePool (MaximumBufferSize); - if (ValidBuffer == NULL) { - return EFI_OUT_OF_RESOURCES; - } - - SetMem (ValidBuffer, MaximumBufferSize, 0xff); - - // - // Copy variable store header - // - CopyMem (ValidBuffer, &VariableStoreHeader, sizeof (VARIABLE_STORE_HEADER)); - CurrPtr = (UINT8 *) GetStartPointer ((EFI_PHYSICAL_ADDRESS) ValidBuffer); - - // - // Reinstall all ADDED variables - // - Variable = GetStartPointer (VariableBase); - while (IsValidVariableHeader (Variable, IsVolatile, VariableGlobal, Instance, &VariableHeader)) { - NextVariable = GetNextVariablePtr (Variable, IsVolatile, VariableGlobal, Instance); - if (VariableHeader.State == VAR_ADDED) { - VariableSize = NextVariable - Variable; - CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize); - CurrPtr += VariableSize; - if ((!IsVolatile) && ((((AUTHENTICATED_VARIABLE_HEADER*)Variable)->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - Global->HwErrVariableTotalSize += VariableSize; - } else if ((!IsVolatile) && ((((AUTHENTICATED_VARIABLE_HEADER*)Variable)->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - Global->CommonVariableTotalSize += VariableSize; - } - } - Variable = NextVariable; - } - // - // Reinstall in delete transition variables - // - Variable = GetStartPointer (VariableBase); - while (IsValidVariableHeader (Variable, IsVolatile, VariableGlobal, Instance, &VariableHeader)) { - NextVariable = GetNextVariablePtr (Variable, IsVolatile, VariableGlobal, Instance); - if (VariableHeader.State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) { - - // - // Buffer has cached all ADDED variable. - // Per IN_DELETED variable, we have to guarantee that - // no ADDED one in previous buffer. - // - FoundAdded = FALSE; - AddedVariable = GetStartPointer ((EFI_PHYSICAL_ADDRESS) ValidBuffer); - while (IsValidVariableHeader (AddedVariable, IsVolatile, VariableGlobal, Instance, &AddedVariableHeader)) { - NextAddedVariable = GetNextVariablePtr (AddedVariable, IsVolatile, VariableGlobal, Instance); - NameSize = NameSizeOfVariable (&AddedVariableHeader); - if (CompareGuid (&AddedVariableHeader.VendorGuid, &VariableHeader.VendorGuid) && - NameSize == NameSizeOfVariable (&VariableHeader) - ) { - GetVariableNamePtr (Variable, IsVolatile, VariableGlobal, Instance, VariableName); - GetVariableNamePtr (AddedVariable, IsVolatile, VariableGlobal, Instance, AddedVariableName); - if (CompareMem (VariableName, AddedVariableName, NameSize) == 0) { - // - // If ADDED variable with the same name and vender GUID has been reinstalled, - // then discard this IN_DELETED copy. - // - FoundAdded = TRUE; - break; - } - } - AddedVariable = NextAddedVariable; - } - // - // Add IN_DELETE variables that have not been added to buffer - // - if (!FoundAdded) { - VariableSize = NextVariable - Variable; - CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize); - if (Variable != UpdatingVariable) { - // - // Make this IN_DELETE instance valid if: - // 1. No valid instance of this variable exists. - // 2. It is not the variable that is going to be updated. - // - ((AUTHENTICATED_VARIABLE_HEADER *) CurrPtr)->State = VAR_ADDED; - } - CurrPtr += VariableSize; - if ((!IsVolatile) && ((((AUTHENTICATED_VARIABLE_HEADER*)Variable)->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - Global->HwErrVariableTotalSize += VariableSize; - } else if ((!IsVolatile) && ((((AUTHENTICATED_VARIABLE_HEADER*)Variable)->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - Global->CommonVariableTotalSize += VariableSize; - } - } - } - Variable = NextVariable; - } - - if (IsVolatile) { - // - // If volatile variable store, just copy valid buffer - // - SetMem ((UINT8 *) (UINTN) VariableBase, VariableStoreHeader.Size, 0xff); - CopyMem ((UINT8 *) (UINTN) VariableBase, ValidBuffer, (UINTN) (CurrPtr - (UINT8 *) ValidBuffer)); - Status = EFI_SUCCESS; - } else { - // - // If non-volatile variable store, perform FTW here. - // Write ValidBuffer to destination specified by VariableBase. - // - Status = FtwVariableSpace ( - VariableBase, - ValidBuffer, - (UINTN) (CurrPtr - (UINT8 *) ValidBuffer) - ); - } - if (!EFI_ERROR (Status)) { - *LastVariableOffset = (UINTN) (CurrPtr - (UINT8 *) ValidBuffer); - } else { - *LastVariableOffset = 0; - } - - FreePool (ValidBuffer); - - return Status; -} - -/** - Get index from supported language codes according to language string. - - This code is used to get corresponding index in supported language codes. It can handle - RFC4646 and ISO639 language tags. - In ISO639 language tags, take 3-characters as a delimitation to find matched string and calculate the index. - In RFC4646 language tags, take semicolon as a delimitation to find matched string and calculate the index. - - For example: - SupportedLang = "engfraengfra" - Lang = "eng" - Iso639Language = TRUE - The return value is "0". - Another example: - SupportedLang = "en;fr;en-US;fr-FR" - Lang = "fr-FR" - Iso639Language = FALSE - The return value is "3". - - @param[in] SupportedLang Platform supported language codes. - @param[in] Lang Configured language. - @param[in] Iso639Language A bool value to signify if the handler is operated on ISO639 or RFC4646. - - @return The index of language in the language codes. - -**/ -UINTN -GetIndexFromSupportedLangCodes( - IN CHAR8 *SupportedLang, - IN CHAR8 *Lang, - IN BOOLEAN Iso639Language - ) -{ - UINTN Index; - UINTN CompareLength; - UINTN LanguageLength; - - if (Iso639Language) { - CompareLength = ISO_639_2_ENTRY_SIZE; - for (Index = 0; Index < AsciiStrLen (SupportedLang); Index += CompareLength) { - if (AsciiStrnCmp (Lang, SupportedLang + Index, CompareLength) == 0) { - // - // Successfully find the index of Lang string in SupportedLang string. - // - Index = Index / CompareLength; - return Index; - } - } - ASSERT (FALSE); - return 0; - } else { - // - // Compare RFC4646 language code - // - Index = 0; - for (LanguageLength = 0; Lang[LanguageLength] != '\0'; LanguageLength++); - - for (Index = 0; *SupportedLang != '\0'; Index++, SupportedLang += CompareLength) { - // - // Skip ';' characters in SupportedLang - // - for (; *SupportedLang != '\0' && *SupportedLang == ';'; SupportedLang++); - // - // Determine the length of the next language code in SupportedLang - // - for (CompareLength = 0; SupportedLang[CompareLength] != '\0' && SupportedLang[CompareLength] != ';'; CompareLength++); - - if ((CompareLength == LanguageLength) && - (AsciiStrnCmp (Lang, SupportedLang, CompareLength) == 0)) { - // - // Successfully find the index of Lang string in SupportedLang string. - // - return Index; - } - } - ASSERT (FALSE); - return 0; - } -} - -/** - Get language string from supported language codes according to index. - - This code is used to get corresponding language string in supported language codes. It can handle - RFC4646 and ISO639 language tags. - In ISO639 language tags, take 3-characters as a delimitation. Find language string according to the index. - In RFC4646 language tags, take semicolon as a delimitation. Find language string according to the index. - - For example: - SupportedLang = "engfraengfra" - Index = "1" - Iso639Language = TRUE - The return value is "fra". - Another example: - SupportedLang = "en;fr;en-US;fr-FR" - Index = "1" - Iso639Language = FALSE - The return value is "fr". - - @param[in] SupportedLang Platform supported language codes. - @param[in] Index the index in supported language codes. - @param[in] Iso639Language A bool value to signify if the handler is operated on ISO639 or RFC4646. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @return The language string in the language codes. - -**/ -CHAR8 * -GetLangFromSupportedLangCodes ( - IN CHAR8 *SupportedLang, - IN UINTN Index, - IN BOOLEAN Iso639Language, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - UINTN SubIndex; - UINTN CompareLength; - CHAR8 *Supported; - - SubIndex = 0; - Supported = SupportedLang; - if (Iso639Language) { - // - // according to the index of Lang string in SupportedLang string to get the language. - // As this code will be invoked in RUNTIME, therefore there is not memory allocate/free operation. - // In driver entry, it pre-allocates a runtime attribute memory to accommodate this string. - // - CompareLength = ISO_639_2_ENTRY_SIZE; - Global->Lang[CompareLength] = '\0'; - return CopyMem (Global->Lang, SupportedLang + Index * CompareLength, CompareLength); - - } else { - while (TRUE) { - // - // take semicolon as delimitation, sequentially traverse supported language codes. - // - for (CompareLength = 0; *Supported != ';' && *Supported != '\0'; CompareLength++) { - Supported++; - } - if ((*Supported == '\0') && (SubIndex != Index)) { - // - // Have completed the traverse, but not find corrsponding string. - // This case is not allowed to happen. - // - ASSERT(FALSE); - return NULL; - } - if (SubIndex == Index) { - // - // according to the index of Lang string in SupportedLang string to get the language. - // As this code will be invoked in RUNTIME, therefore there is not memory allocate/free operation. - // In driver entry, it pre-allocates a runtime attribute memory to accommodate this string. - // - Global->PlatformLang[VirtualMode][CompareLength] = '\0'; - return CopyMem (Global->PlatformLang[VirtualMode], Supported - CompareLength, CompareLength); - } - SubIndex++; - - // - // Skip ';' characters in Supported - // - for (; *Supported != '\0' && *Supported == ';'; Supported++); - } - } -} - -/** - Returns a pointer to an allocated buffer that contains the best matching language - from a set of supported languages. - - This function supports both ISO 639-2 and RFC 4646 language codes, but language - code types may not be mixed in a single call to this function. This function - supports a variable argument list that allows the caller to pass in a prioritized - list of language codes to test against all the language codes in SupportedLanguages. - - If SupportedLanguages is NULL, then ASSERT(). - - @param[in] SupportedLanguages A pointer to a Null-terminated ASCII string that - contains a set of language codes in the format - specified by Iso639Language. - @param[in] Iso639Language If TRUE, then all language codes are assumed to be - in ISO 639-2 format. If FALSE, then all language - codes are assumed to be in RFC 4646 language format. - @param[in] VirtualMode Current calling mode for this function. - @param[in] ... A variable argument list that contains pointers to - Null-terminated ASCII strings that contain one or more - language codes in the format specified by Iso639Language. - The first language code from each of these language - code lists is used to determine if it is an exact or - close match to any of the language codes in - SupportedLanguages. Close matches only apply to RFC 4646 - language codes, and the matching algorithm from RFC 4647 - is used to determine if a close match is present. If - an exact or close match is found, then the matching - language code from SupportedLanguages is returned. If - no matches are found, then the next variable argument - parameter is evaluated. The variable argument list - is terminated by a NULL. - - @retval NULL The best matching language could not be found in SupportedLanguages. - @retval NULL There are not enough resources available to return the best matching - language. - @retval Other A pointer to a Null-terminated ASCII string that is the best matching - language in SupportedLanguages. - -**/ -CHAR8 * -VariableGetBestLanguage ( - IN CONST CHAR8 *SupportedLanguages, - IN BOOLEAN Iso639Language, - IN BOOLEAN VirtualMode, - ... - ) -{ - VA_LIST Args; - CHAR8 *Language; - UINTN CompareLength; - UINTN LanguageLength; - CONST CHAR8 *Supported; - CHAR8 *Buffer; - - ASSERT (SupportedLanguages != NULL); - - VA_START (Args, VirtualMode); - while ((Language = VA_ARG (Args, CHAR8 *)) != NULL) { - // - // Default to ISO 639-2 mode - // - CompareLength = 3; - LanguageLength = MIN (3, AsciiStrLen (Language)); - - // - // If in RFC 4646 mode, then determine the length of the first RFC 4646 language code in Language - // - if (!Iso639Language) { - for (LanguageLength = 0; Language[LanguageLength] != 0 && Language[LanguageLength] != ';'; LanguageLength++); - } - - // - // Trim back the length of Language used until it is empty - // - while (LanguageLength > 0) { - // - // Loop through all language codes in SupportedLanguages - // - for (Supported = SupportedLanguages; *Supported != '\0'; Supported += CompareLength) { - // - // In RFC 4646 mode, then Loop through all language codes in SupportedLanguages - // - if (!Iso639Language) { - // - // Skip ';' characters in Supported - // - for (; *Supported != '\0' && *Supported == ';'; Supported++); - // - // Determine the length of the next language code in Supported - // - for (CompareLength = 0; Supported[CompareLength] != 0 && Supported[CompareLength] != ';'; CompareLength++); - // - // If Language is longer than the Supported, then skip to the next language - // - if (LanguageLength > CompareLength) { - continue; - } - } - // - // See if the first LanguageLength characters in Supported match Language - // - if (AsciiStrnCmp (Supported, Language, LanguageLength) == 0) { - VA_END (Args); - - Buffer = Iso639Language ? mVariableModuleGlobal->Lang : mVariableModuleGlobal->PlatformLang[VirtualMode]; - Buffer[CompareLength] = '\0'; - return CopyMem (Buffer, Supported, CompareLength); - } - } - - if (Iso639Language) { - // - // If ISO 639 mode, then each language can only be tested once - // - LanguageLength = 0; - } else { - // - // If RFC 4646 mode, then trim Language from the right to the next '-' character - // - for (LanguageLength--; LanguageLength > 0 && Language[LanguageLength] != '-'; LanguageLength--); - } - } - } - VA_END (Args); - - // - // No matches were found - // - return NULL; -} - -/** - Hook the operations in PlatformLangCodes, LangCodes, PlatformLang and Lang. - - When setting Lang/LangCodes, simultaneously update PlatformLang/PlatformLangCodes. - According to UEFI spec, PlatformLangCodes/LangCodes are only set once in firmware initialization, - and are read-only. Therefore, in variable driver, only store the original value for other use. - - @param[in] VariableName Name of variable. - @param[in] Data Variable data. - @param[in] DataSize Size of data. 0 means delete. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - -**/ -VOID -AutoUpdateLangVariable( - IN CHAR16 *VariableName, - IN VOID *Data, - IN UINTN DataSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - EFI_STATUS Status; - CHAR8 *BestPlatformLang; - CHAR8 *BestLang; - UINTN Index; - UINT32 Attributes; - VARIABLE_POINTER_TRACK Variable; - BOOLEAN SetLanguageCodes; - CHAR16 **PredefinedVariableName; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - // - // Don't do updates for delete operation - // - if (DataSize == 0) { - return; - } - - SetLanguageCodes = FALSE; - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - - PredefinedVariableName = &Global->VariableName[VirtualMode][0]; - if (StrCmp (VariableName, PredefinedVariableName[VAR_PLATFORM_LANG_CODES]) == 0) { - // - // PlatformLangCodes is a volatile variable, so it can not be updated at runtime. - // - if (EfiAtRuntime ()) { - return; - } - - SetLanguageCodes = TRUE; - - // - // According to UEFI spec, PlatformLangCodes is only set once in firmware initialization, and is read-only - // Therefore, in variable driver, only store the original value for other use. - // - if (Global->PlatformLangCodes[VirtualMode] != NULL) { - FreePool (Global->PlatformLangCodes[VirtualMode]); - } - Global->PlatformLangCodes[VirtualMode] = AllocateRuntimeCopyPool (DataSize, Data); - ASSERT (Global->PlatformLangCodes[VirtualMode] != NULL); - - // - // PlatformLang holds a single language from PlatformLangCodes, - // so the size of PlatformLangCodes is enough for the PlatformLang. - // - if (Global->PlatformLang[VirtualMode] != NULL) { - FreePool (Global->PlatformLang[VirtualMode]); - } - Global->PlatformLang[VirtualMode] = AllocateRuntimePool (DataSize); - ASSERT (Global->PlatformLang[VirtualMode] != NULL); - - } else if (StrCmp (VariableName, PredefinedVariableName[VAR_LANG_CODES]) == 0) { - // - // LangCodes is a volatile variable, so it can not be updated at runtime. - // - if (EfiAtRuntime ()) { - return; - } - - SetLanguageCodes = TRUE; - - // - // According to UEFI spec, LangCodes is only set once in firmware initialization, and is read-only - // Therefore, in variable driver, only store the original value for other use. - // - if (Global->LangCodes[VirtualMode] != NULL) { - FreePool (Global->LangCodes[VirtualMode]); - } - Global->LangCodes[VirtualMode] = AllocateRuntimeCopyPool (DataSize, Data); - ASSERT (Global->LangCodes[VirtualMode] != NULL); - } - - if (SetLanguageCodes - && (Global->PlatformLangCodes[VirtualMode] != NULL) - && (Global->LangCodes[VirtualMode] != NULL)) { - // - // Update Lang if PlatformLang is already set - // Update PlatformLang if Lang is already set - // - Status = FindVariable (PredefinedVariableName[VAR_PLATFORM_LANG], Global->GlobalVariableGuid[VirtualMode], &Variable, VariableGlobal, Instance); - if (!EFI_ERROR (Status)) { - // - // Update Lang - // - VariableName = PredefinedVariableName[VAR_PLATFORM_LANG]; - } else { - Status = FindVariable (PredefinedVariableName[VAR_LANG], Global->GlobalVariableGuid[VirtualMode], &Variable, VariableGlobal, Instance); - if (!EFI_ERROR (Status)) { - // - // Update PlatformLang - // - VariableName = PredefinedVariableName[VAR_LANG]; - } else { - // - // Neither PlatformLang nor Lang is set, directly return - // - return; - } - } - Data = (VOID *) GetEndPointer (VariableGlobal->VolatileVariableBase, TRUE, VariableGlobal, Instance); - GetVariableDataPtr ((EFI_PHYSICAL_ADDRESS) Variable.CurrPtr, Variable.Volatile, VariableGlobal, Instance, (CHAR16 *) Data); - - Status = AccessVariableStore ( - FALSE, - VariableGlobal, - Variable.Volatile, - Instance, - (UINTN) &(((AUTHENTICATED_VARIABLE_HEADER *)Variable.CurrPtr)->DataSize), - sizeof (DataSize), - &DataSize - ); - ASSERT_EFI_ERROR (Status); - } - - // - // According to UEFI spec, "Lang" and "PlatformLang" is NV|BS|RT attributions. - // - Attributes = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS; - - if (StrCmp (VariableName, PredefinedVariableName[VAR_PLATFORM_LANG]) == 0) { - // - // Update Lang when PlatformLangCodes/LangCodes were set. - // - if ((Global->PlatformLangCodes[VirtualMode] != NULL) && (Global->LangCodes[VirtualMode] != NULL)) { - // - // When setting PlatformLang, firstly get most matched language string from supported language codes. - // - BestPlatformLang = VariableGetBestLanguage (Global->PlatformLangCodes[VirtualMode], FALSE, VirtualMode, Data, NULL); - if (BestPlatformLang != NULL) { - // - // Get the corresponding index in language codes. - // - Index = GetIndexFromSupportedLangCodes (Global->PlatformLangCodes[VirtualMode], BestPlatformLang, FALSE); - - // - // Get the corresponding ISO639 language tag according to RFC4646 language tag. - // - BestLang = GetLangFromSupportedLangCodes (Global->LangCodes[VirtualMode], Index, TRUE, VirtualMode, Global); - - // - // Successfully convert PlatformLang to Lang, and set the BestLang value into Lang variable simultaneously. - // - FindVariable (PredefinedVariableName[VAR_LANG], Global->GlobalVariableGuid[VirtualMode], &Variable, VariableGlobal, Instance); - - Status = UpdateVariable ( - PredefinedVariableName[VAR_LANG], - Global->GlobalVariableGuid[VirtualMode], - BestLang, - ISO_639_2_ENTRY_SIZE + 1, - Attributes, - 0, - 0, - VirtualMode, - Global, - &Variable - ); - - DEBUG ((EFI_D_INFO, "Variable Driver Auto Update PlatformLang, PlatformLang:%a, Lang:%a\n", BestPlatformLang, BestLang)); - - ASSERT_EFI_ERROR (Status); - } - } - - } else if (StrCmp (VariableName, PredefinedVariableName[VAR_LANG]) == 0) { - // - // Update PlatformLang when PlatformLangCodes/LangCodes were set. - // - if ((Global->PlatformLangCodes[VirtualMode] != NULL) && (Global->LangCodes[VirtualMode] != NULL)) { - // - // When setting Lang, firstly get most matched language string from supported language codes. - // - BestLang = VariableGetBestLanguage (Global->LangCodes[VirtualMode], TRUE, VirtualMode, Data, NULL); - if (BestLang != NULL) { - // - // Get the corresponding index in language codes. - // - Index = GetIndexFromSupportedLangCodes (Global->LangCodes[VirtualMode], BestLang, TRUE); - - // - // Get the corresponding RFC4646 language tag according to ISO639 language tag. - // - BestPlatformLang = GetLangFromSupportedLangCodes (Global->PlatformLangCodes[VirtualMode], Index, FALSE, VirtualMode, Global); - - // - // Successfully convert Lang to PlatformLang, and set the BestPlatformLang value into PlatformLang variable simultaneously. - // - FindVariable (PredefinedVariableName[VAR_PLATFORM_LANG], Global->GlobalVariableGuid[VirtualMode], &Variable, VariableGlobal, Instance); - - Status = UpdateVariable ( - PredefinedVariableName[VAR_PLATFORM_LANG], - Global->GlobalVariableGuid[VirtualMode], - BestPlatformLang, - AsciiStrSize (BestPlatformLang), - Attributes, - 0, - 0, - VirtualMode, - Global, - &Variable - ); - - DEBUG ((EFI_D_INFO, "Variable Driver Auto Update Lang, Lang:%a, PlatformLang:%a\n", BestLang, BestPlatformLang)); - ASSERT_EFI_ERROR (Status); - } - } - } -} - -/** - Update the variable region with Variable information. These are the same - arguments as the EFI Variable services. - - @param[in] VariableName Name of variable. - @param[in] VendorGuid Guid of variable. - @param[in] Data Variable data. - @param[in] DataSize Size of data. 0 means delete. - @param[in] Attributes Attributes of the variable. - @param[in] KeyIndex Index of associated public key. - @param[in] MonotonicCount Value of associated monotonic count. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - - @retval EFI_SUCCESS The update operation is success. - @retval EFI_OUT_OF_RESOURCES Variable region is full, can not write other data into this region. - -**/ -EFI_STATUS -EFIAPI -UpdateVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN UINT32 Attributes OPTIONAL, - IN UINT32 KeyIndex OPTIONAL, - IN UINT64 MonotonicCount OPTIONAL, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable - ) -{ - EFI_STATUS Status; - AUTHENTICATED_VARIABLE_HEADER *NextVariable; - UINTN VarNameOffset; - UINTN VarDataOffset; - UINTN VarNameSize; - UINTN VarSize; - BOOLEAN Volatile; - UINT8 State; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - AUTHENTICATED_VARIABLE_HEADER *NextVariableHeader; - BOOLEAN Valid; - BOOLEAN Reclaimed; - VARIABLE_STORE_HEADER VariableStoreHeader; - UINTN ScratchSize; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - Reclaimed = FALSE; - - if (Variable->CurrPtr != 0) { - - Valid = IsValidVariableHeader (Variable->CurrPtr, Variable->Volatile, VariableGlobal, Instance, &VariableHeader); - if (!Valid) { - Status = EFI_NOT_FOUND; - goto Done; - } - - // - // Update/Delete existing variable - // - Volatile = Variable->Volatile; - - if (EfiAtRuntime ()) { - // - // If EfiAtRuntime and the variable is Volatile and Runtime Access, - // the volatile is ReadOnly, and SetVariable should be aborted and - // return EFI_WRITE_PROTECTED. - // - if (Variable->Volatile) { - Status = EFI_WRITE_PROTECTED; - goto Done; - } - // - // Only variable have NV attribute can be updated/deleted in Runtime - // - if ((VariableHeader.Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) { - Status = EFI_INVALID_PARAMETER; - goto Done; - } - } - // - // Setting a data variable with no access, or zero DataSize attributes - // specified causes it to be deleted. - // - if (DataSize == 0 || (Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == 0) { - State = VariableHeader.State; - State &= VAR_DELETED; - - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - Variable->Volatile, - Instance, - (UINTN) &(((AUTHENTICATED_VARIABLE_HEADER *)Variable->CurrPtr)->State), - sizeof (UINT8), - &State - ); - if (!EFI_ERROR (Status)) { - UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, FALSE, TRUE, FALSE); - UpdateVariableCache (VariableName, VendorGuid, Attributes, DataSize, Data); - } - goto Done; - } - // - // Logic comes here to update variable. - // If the variable is marked valid and the same data has been passed in - // then return to the caller immediately. - // - if (DataSizeOfVariable (&VariableHeader) == DataSize) { - NextVariable = (AUTHENTICATED_VARIABLE_HEADER *)GetEndPointer (VariableGlobal->VolatileVariableBase, TRUE, VariableGlobal, Instance); - GetVariableDataPtr (Variable->CurrPtr, Variable->Volatile, VariableGlobal, Instance, (CHAR16 *) NextVariable); - if (CompareMem (Data, (VOID *) NextVariable, DataSize) == 0) { - UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE, FALSE, FALSE); - Status = EFI_SUCCESS; - goto Done; - } - } - if ((VariableHeader.State == VAR_ADDED) || - (VariableHeader.State == (VAR_ADDED & VAR_IN_DELETED_TRANSITION))) { - // - // If new data is different from the old one, mark the old one as VAR_IN_DELETED_TRANSITION. - // It will be deleted if new variable is successfully written. - // - State = VariableHeader.State; - State &= VAR_IN_DELETED_TRANSITION; - - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - Variable->Volatile, - Instance, - (UINTN) &(((AUTHENTICATED_VARIABLE_HEADER *)Variable->CurrPtr)->State), - sizeof (UINT8), - &State - ); - if (EFI_ERROR (Status)) { - goto Done; - } - } - } else { - // - // Create a new variable - // - - // - // Make sure we are trying to create a new variable. - // Setting a data variable with no access, or zero DataSize attributes means to delete it. - // - if (DataSize == 0 || (Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == 0) { - Status = EFI_NOT_FOUND; - goto Done; - } - - // - // Only variable have NV|RT attribute can be created in Runtime - // - if (EfiAtRuntime () && - (((Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0) || ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0))) { - Status = EFI_INVALID_PARAMETER; - goto Done; - } - } - - // - // Function part - create a new variable and copy the data. - // Both update a variable and create a variable will come here. - // - // Tricky part: Use scratch data area at the end of volatile variable store - // as a temporary storage. - // - NextVariable = (AUTHENTICATED_VARIABLE_HEADER *)GetEndPointer (VariableGlobal->VolatileVariableBase, TRUE, VariableGlobal, Instance); - ScratchSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)); - NextVariableHeader = (AUTHENTICATED_VARIABLE_HEADER *) NextVariable; - - SetMem (NextVariableHeader, ScratchSize, 0xff); - - NextVariableHeader->StartId = VARIABLE_DATA; - NextVariableHeader->Attributes = Attributes; - NextVariableHeader->PubKeyIndex = KeyIndex; - NextVariableHeader->MonotonicCount = MonotonicCount; - NextVariableHeader->Reserved = 0; - VarNameOffset = sizeof (AUTHENTICATED_VARIABLE_HEADER); - VarNameSize = StrSize (VariableName); - CopyMem ( - (UINT8 *) ((UINTN)NextVariable + VarNameOffset), - VariableName, - VarNameSize - ); - VarDataOffset = VarNameOffset + VarNameSize + GET_PAD_SIZE (VarNameSize); - CopyMem ( - (UINT8 *) ((UINTN)NextVariable + VarDataOffset), - Data, - DataSize - ); - CopyMem (&NextVariableHeader->VendorGuid, VendorGuid, sizeof (EFI_GUID)); - // - // There will be pad bytes after Data, the NextVariable->NameSize and - // NextVariable->DataSize should not include pad size so that variable - // service can get actual size in GetVariable. - // - NextVariableHeader->NameSize = (UINT32)VarNameSize; - NextVariableHeader->DataSize = (UINT32)DataSize; - - // - // The actual size of the variable that stores in storage should - // include pad size. - // - VarSize = VarDataOffset + DataSize + GET_PAD_SIZE (DataSize); - if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) { - // - // Create a nonvolatile variable - // - Volatile = FALSE; - - GetVarStoreHeader (VariableGlobal->NonVolatileVariableBase, FALSE, VariableGlobal, Instance, &VariableStoreHeader); - if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0) - && ((HEADER_ALIGN (VarSize) + Global->HwErrVariableTotalSize) > PcdGet32(PcdHwErrStorageSize))) - || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0) - && ((HEADER_ALIGN (VarSize) + Global->CommonVariableTotalSize) > VariableStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize)))) { - if (EfiAtRuntime ()) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - // - // Perform garbage collection & reclaim operation - // - Status = Reclaim (VariableGlobal->NonVolatileVariableBase, &(Global->NonVolatileLastVariableOffset), FALSE, VirtualMode, Global, Variable->CurrPtr); - if (EFI_ERROR (Status)) { - goto Done; - } - - Reclaimed = TRUE; - // - // If still no enough space, return out of resources - // - if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0) - && ((HEADER_ALIGN (VarSize) + Global->HwErrVariableTotalSize) > PcdGet32(PcdHwErrStorageSize))) - || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0) - && ((HEADER_ALIGN (VarSize) + Global->CommonVariableTotalSize) > VariableStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize)))) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - } - // - // Four steps - // 1. Write variable header - // 2. Set variable state to header valid - // 3. Write variable data - // 4. Set variable state to valid - // - // - // Step 1: - // - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - FALSE, - Instance, - VariableGlobal->NonVolatileVariableBase + Global->NonVolatileLastVariableOffset, - sizeof (AUTHENTICATED_VARIABLE_HEADER), - (UINT8 *) NextVariable - ); - - if (EFI_ERROR (Status)) { - goto Done; - } - - // - // Step 2: - // - NextVariableHeader->State = VAR_HEADER_VALID_ONLY; - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - FALSE, - Instance, - VariableGlobal->NonVolatileVariableBase + Global->NonVolatileLastVariableOffset, - sizeof (AUTHENTICATED_VARIABLE_HEADER), - (UINT8 *) NextVariable - ); - - if (EFI_ERROR (Status)) { - goto Done; - } - // - // Step 3: - // - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - FALSE, - Instance, - VariableGlobal->NonVolatileVariableBase + Global->NonVolatileLastVariableOffset + sizeof (AUTHENTICATED_VARIABLE_HEADER), - (UINT32) VarSize - sizeof (AUTHENTICATED_VARIABLE_HEADER), - (UINT8 *) NextVariable + sizeof (AUTHENTICATED_VARIABLE_HEADER) - ); - - if (EFI_ERROR (Status)) { - goto Done; - } - // - // Step 4: - // - NextVariableHeader->State = VAR_ADDED; - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - FALSE, - Instance, - VariableGlobal->NonVolatileVariableBase + Global->NonVolatileLastVariableOffset, - sizeof (AUTHENTICATED_VARIABLE_HEADER), - (UINT8 *) NextVariable - ); - - if (EFI_ERROR (Status)) { - goto Done; - } - - Global->NonVolatileLastVariableOffset += HEADER_ALIGN (VarSize); - - if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0) { - Global->HwErrVariableTotalSize += HEADER_ALIGN (VarSize); - } else { - Global->CommonVariableTotalSize += HEADER_ALIGN (VarSize); - } - } else { - // - // Create a volatile variable - // - Volatile = TRUE; - - if ((UINT32) (HEADER_ALIGN(VarSize) + Global->VolatileLastVariableOffset) > - ((VARIABLE_STORE_HEADER *) ((UINTN) (VariableGlobal->VolatileVariableBase)))->Size) { - // - // Perform garbage collection & reclaim operation - // - Status = Reclaim (VariableGlobal->VolatileVariableBase, &Global->VolatileLastVariableOffset, TRUE, VirtualMode, Global, Variable->CurrPtr); - if (EFI_ERROR (Status)) { - goto Done; - } - // - // If still no enough space, return out of resources - // - if ((UINT32) (HEADER_ALIGN (VarSize) + Global->VolatileLastVariableOffset) > - ((VARIABLE_STORE_HEADER *) ((UINTN) (VariableGlobal->VolatileVariableBase)))->Size - ) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - Reclaimed = TRUE; - } - - NextVariableHeader->State = VAR_ADDED; - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - TRUE, - Instance, - VariableGlobal->VolatileVariableBase + Global->VolatileLastVariableOffset, - (UINT32) VarSize, - (UINT8 *) NextVariable - ); - - if (EFI_ERROR (Status)) { - goto Done; - } - - Global->VolatileLastVariableOffset += HEADER_ALIGN (VarSize); - } - // - // Mark the old variable as deleted - // If storage has just been reclaimed, the old variable marked as VAR_IN_DELETED_TRANSITION - // has already been eliminated, so no need to delete it. - // - if (!Reclaimed && !EFI_ERROR (Status) && Variable->CurrPtr != 0) { - State = ((AUTHENTICATED_VARIABLE_HEADER *)Variable->CurrPtr)->State; - State &= VAR_DELETED; - - Status = AccessVariableStore ( - TRUE, - VariableGlobal, - Variable->Volatile, - Instance, - (UINTN) &(((AUTHENTICATED_VARIABLE_HEADER *)Variable->CurrPtr)->State), - sizeof (UINT8), - &State - ); - } - - if (!EFI_ERROR (Status)) { - UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE, FALSE, FALSE); - UpdateVariableCache (VariableName, VendorGuid, Attributes, DataSize, Data); - } - -Done: - return Status; -} - -/** - Implements EsalGetVariable function of Extended SAL Variable Services Class. - - This function implements EsalGetVariable function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service GetVariable(). - - @param[in] VariableName A Null-terminated Unicode string that is the name of - the vendor's variable. - @param[in] VendorGuid A unique identifier for the vendor. - @param[out] Attributes If not NULL, a pointer to the memory location to return the - attributes bitmask for the variable. - @param[in, out] DataSize Size of Data found. If size is less than the - data, this value contains the required size. - @param[out] Data On input, the size in bytes of the return Data buffer. - On output, the size of data returned in Data. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The variable was not found. - @retval EFI_BUFFER_TOO_SMALL DataSize is too small for the result. DataSize has - been updated with the size needed to complete the request. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_INVALID_PARAMETER DataSize is NULL. - @retval EFI_INVALID_PARAMETER DataSize is not too small and Data is NULL. - @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure. - -**/ -EFI_STATUS -EFIAPI -EsalGetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT UINT32 *Attributes OPTIONAL, - IN OUT UINTN *DataSize, - OUT VOID *Data, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - VARIABLE_POINTER_TRACK Variable; - UINTN VarDataSize; - EFI_STATUS Status; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - BOOLEAN Valid; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - if (VariableName == NULL || VendorGuid == NULL || DataSize == NULL) { - return EFI_INVALID_PARAMETER; - } - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - AcquireLockOnlyAtBootTime(&VariableGlobal->VariableServicesLock); - - // - // Check if this variable exists in cache. - // - Status = FindVariableInCache (VariableName, VendorGuid, Attributes, DataSize, Data); - if ((Status == EFI_BUFFER_TOO_SMALL) || (Status == EFI_SUCCESS)){ - // - // If variable exists in cache, just update statistical information for it and finish. - // Here UpdateVariableInfo() has already retrieved data & attributes for output. - // - UpdateVariableInfo (VariableName, VendorGuid, FALSE, TRUE, FALSE, FALSE, TRUE); - goto Done; - } - // - // If variable does not exist in cache, search for it in variable storage area. - // - Status = FindVariable (VariableName, VendorGuid, &Variable, VariableGlobal, Instance); - if (Variable.CurrPtr == 0x0 || EFI_ERROR (Status)) { - // - // If it cannot be found in variable storage area, goto Done. - // - goto Done; - } - - Valid = IsValidVariableHeader (Variable.CurrPtr, Variable.Volatile, VariableGlobal, Instance, &VariableHeader); - if (!Valid) { - Status = EFI_NOT_FOUND; - goto Done; - } - // - // If variable exists, but not in cache, get its data and attributes, update - // statistical information, and update cache. - // - VarDataSize = DataSizeOfVariable (&VariableHeader); - ASSERT (VarDataSize != 0); - - if (*DataSize >= VarDataSize) { - if (Data == NULL) { - Status = EFI_INVALID_PARAMETER; - goto Done; - } - - GetVariableDataPtr ( - Variable.CurrPtr, - Variable.Volatile, - VariableGlobal, - Instance, - Data - ); - if (Attributes != NULL) { - *Attributes = VariableHeader.Attributes; - } - - *DataSize = VarDataSize; - UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE, FALSE, FALSE, FALSE); - UpdateVariableCache (VariableName, VendorGuid, VariableHeader.Attributes, VarDataSize, Data); - - Status = EFI_SUCCESS; - goto Done; - } else { - // - // If DataSize is too small for the result, return EFI_BUFFER_TOO_SMALL. - // - *DataSize = VarDataSize; - Status = EFI_BUFFER_TOO_SMALL; - goto Done; - } - -Done: - ReleaseLockOnlyAtBootTime (&VariableGlobal->VariableServicesLock); - return Status; -} - -/** - Implements EsalGetNextVariableName function of Extended SAL Variable Services Class. - - This function implements EsalGetNextVariableName function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service GetNextVariableName(). - - @param[in, out] VariableNameSize Size of the variable - @param[in, out] VariableName On input, supplies the last VariableName that was returned by GetNextVariableName(). - On output, returns the Null-terminated Unicode string of the current variable. - @param[in, out] VendorGuid On input, supplies the last VendorGuid that was returned by GetNextVariableName(). - On output, returns the VendorGuid of the current variable. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The next variable was not found. - @retval EFI_BUFFER_TOO_SMALL VariableNameSize is too small for the result. - VariableNameSize has been updated with the size needed to complete the request. - @retval EFI_INVALID_PARAMETER VariableNameSize is NULL. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_DEVICE_ERROR The variable name could not be retrieved due to a hardware error. - -**/ -EFI_STATUS -EFIAPI -EsalGetNextVariableName ( - IN OUT UINTN *VariableNameSize, - IN OUT CHAR16 *VariableName, - IN OUT EFI_GUID *VendorGuid, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - VARIABLE_POINTER_TRACK Variable; - UINTN VarNameSize; - EFI_STATUS Status; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - if (VariableNameSize == NULL || VariableName == NULL || VendorGuid == NULL) { - return EFI_INVALID_PARAMETER; - } - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - AcquireLockOnlyAtBootTime(&VariableGlobal->VariableServicesLock); - - Status = FindVariable (VariableName, VendorGuid, &Variable, VariableGlobal, Instance); - // - // If the variable does not exist, goto Done and return. - // - if (Variable.CurrPtr == 0x0 || EFI_ERROR (Status)) { - goto Done; - } - - if (VariableName[0] != 0) { - // - // If variable name is not NULL, get next variable - // - Variable.CurrPtr = GetNextVariablePtr ( - Variable.CurrPtr, - Variable.Volatile, - VariableGlobal, - Instance - ); - } - - while (TRUE) { - if (Variable.CurrPtr >= Variable.EndPtr || Variable.CurrPtr == 0x0) { - // - // If fail to find a variable in current area, reverse the volatile attribute of area to search. - // - Variable.Volatile = (BOOLEAN) (Variable.Volatile ^ ((BOOLEAN) 0x1)); - // - // Here we depend on the searching sequence of FindVariable(). - // It first searches volatile area, then NV area. - // So if the volatile attribute after switching is non-volatile, it means that we have finished searching volatile area, - // and EFI_NOT_FOUND is returnd. - // Otherwise, it means that we have finished searchig non-volatile area, and we will continue to search volatile area. - // - if (!Variable.Volatile) { - Variable.StartPtr = GetStartPointer (VariableGlobal->NonVolatileVariableBase); - Variable.EndPtr = GetEndPointer (VariableGlobal->NonVolatileVariableBase, FALSE, VariableGlobal, Instance); - } else { - Status = EFI_NOT_FOUND; - goto Done; - } - - Variable.CurrPtr = Variable.StartPtr; - if (!IsValidVariableHeader (Variable.CurrPtr, Variable.Volatile, VariableGlobal, Instance, NULL)) { - continue; - } - } - // - // Variable is found - // - if (IsValidVariableHeader (Variable.CurrPtr, Variable.Volatile, VariableGlobal, Instance, &VariableHeader)) { - if ((VariableHeader.State == VAR_ADDED) && - (!(EfiAtRuntime () && ((VariableHeader.Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0)))) { - VarNameSize = NameSizeOfVariable (&VariableHeader); - ASSERT (VarNameSize != 0); - - if (VarNameSize <= *VariableNameSize) { - GetVariableNamePtr ( - Variable.CurrPtr, - Variable.Volatile, - VariableGlobal, - Instance, - VariableName - ); - CopyMem ( - VendorGuid, - &VariableHeader.VendorGuid, - sizeof (EFI_GUID) - ); - Status = EFI_SUCCESS; - } else { - Status = EFI_BUFFER_TOO_SMALL; - } - - *VariableNameSize = VarNameSize; - goto Done; - } - } - - Variable.CurrPtr = GetNextVariablePtr ( - Variable.CurrPtr, - Variable.Volatile, - VariableGlobal, - Instance - ); - } - -Done: - ReleaseLockOnlyAtBootTime (&VariableGlobal->VariableServicesLock); - return Status; -} - -/** - Implements EsalSetVariable function of Extended SAL Variable Services Class. - - This function implements EsalSetVariable function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service SetVariable(). - - @param[in] VariableName A Null-terminated Unicode string that is the name of the vendor's - variable. Each VariableName is unique for each - VendorGuid. VariableName must contain 1 or more - Unicode characters. If VariableName is an empty Unicode - string, then EFI_INVALID_PARAMETER is returned. - @param[in] VendorGuid A unique identifier for the vendor. - @param[in] Attributes Attributes bitmask to set for the variable. - @param[in] DataSize The size in bytes of the Data buffer. A size of zero causes the - variable to be deleted. - @param[in] Data The contents for the variable. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure. - @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. - -**/ -EFI_STATUS -EFIAPI -EsalSetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - VARIABLE_POINTER_TRACK Variable; - EFI_STATUS Status; - EFI_PHYSICAL_ADDRESS NextVariable; - EFI_PHYSICAL_ADDRESS Point; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - UINT32 KeyIndex; - UINT64 MonotonicCount; - UINTN PayloadSize; - - // - // Check input parameters - // - if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) { - return EFI_INVALID_PARAMETER; - } - - if (DataSize != 0 && Data == NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // EFI_VARIABLE_RUNTIME_ACCESS bit cannot be set without EFI_VARIABLE_BOOTSERVICE_ACCESS bit. - // - if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { - return EFI_INVALID_PARAMETER; - } - - if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) == EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) { - if (DataSize < AUTHINFO_SIZE) { - // - // Try to write Authencated Variable without AuthInfo - // - return EFI_SECURITY_VIOLATION; - } - PayloadSize = DataSize - AUTHINFO_SIZE; - } else { - PayloadSize = DataSize; - } - - - if ((UINTN)(~0) - PayloadSize < StrSize(VariableName)){ - // - // Prevent whole variable size overflow - // - return EFI_INVALID_PARAMETER; - } - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { - // - // For variable for hardware error record, the size of the VariableName, including the Unicode Null - // in bytes plus the DataSize is limited to maximum size of PcdGet32(PcdMaxHardwareErrorVariableSize) bytes. - // - if (StrSize (VariableName) + PayloadSize > PcdGet32(PcdMaxHardwareErrorVariableSize) - sizeof (AUTHENTICATED_VARIABLE_HEADER)) { - return EFI_INVALID_PARAMETER; - } - // - // According to UEFI spec, HARDWARE_ERROR_RECORD variable name convention should be L"HwErrRecXXXX" - // - if (StrnCmp (VariableName, \ - Global->VariableName[VirtualMode][VAR_HW_ERR_REC], \ - StrLen(Global->VariableName[VirtualMode][VAR_HW_ERR_REC])) != 0) { - return EFI_INVALID_PARAMETER; - } - } else { - // - // For variable not for hardware error record, the size of the VariableName, including the - // Unicode Null in bytes plus the DataSize is limited to maximum size of PcdGet32(PcdMaxVariableSize) bytes. - // - if (StrSize (VariableName) + PayloadSize > PcdGet32(PcdMaxVariableSize) - sizeof (AUTHENTICATED_VARIABLE_HEADER)) { - return EFI_INVALID_PARAMETER; - } - } - - AcquireLockOnlyAtBootTime(&VariableGlobal->VariableServicesLock); - - // - // Consider reentrant in MCA/INIT/NMI. It needs be reupdated; - // - if (InterlockedIncrement (&Global->ReentrantState) > 1) { - Point = VariableGlobal->NonVolatileVariableBase;; - // - // Parse non-volatile variable data and get last variable offset - // - NextVariable = GetStartPointer (Point); - while (IsValidVariableHeader (NextVariable, FALSE, VariableGlobal, Instance, NULL)) { - NextVariable = GetNextVariablePtr (NextVariable, FALSE, VariableGlobal, Instance); - } - Global->NonVolatileLastVariableOffset = NextVariable - Point; - } - - // - // Check whether the input variable exists - // - - Status = FindVariable (VariableName, VendorGuid, &Variable, VariableGlobal, Instance); - - // - // Hook the operation of setting PlatformLangCodes/PlatformLang and LangCodes/Lang - // - AutoUpdateLangVariable (VariableName, Data, PayloadSize, VirtualMode, Global); - - // - // Process PK, KEK, Sigdb seperately - // - if (CompareGuid (VendorGuid, Global->GlobalVariableGuid[VirtualMode]) && (StrCmp (VariableName, Global->VariableName[VirtualMode][VAR_PLATFORM_KEY]) == 0)) { - Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, VirtualMode, Global, &Variable, Attributes, TRUE); - } else if (CompareGuid (VendorGuid, Global->GlobalVariableGuid[VirtualMode]) && (StrCmp (VariableName, Global->VariableName[VirtualMode][VAR_KEY_EXCHANGE_KEY]) == 0)) { - Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, VirtualMode, Global, &Variable, Attributes, FALSE); - } else if (CompareGuid (VendorGuid, Global->ImageSecurityDatabaseGuid[VirtualMode])) { - Status = ProcessVarWithKek (VariableName, VendorGuid, Data, DataSize, VirtualMode, Global, &Variable, Attributes); - } else { - Status = VerifyVariable (Data, DataSize, VirtualMode, Global, &Variable, Attributes, &KeyIndex, &MonotonicCount); - if (!EFI_ERROR(Status)) { - // - // Verification pass - // - if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) { - // - // Cut the certificate size before set - // - Status = UpdateVariable ( - VariableName, - VendorGuid, - (UINT8*)Data + AUTHINFO_SIZE, - DataSize - AUTHINFO_SIZE, - Attributes, - KeyIndex, - MonotonicCount, - VirtualMode, - Global, - &Variable - ); - } else { - // - // Update variable as usual - // - Status = UpdateVariable ( - VariableName, - VendorGuid, - Data, - DataSize, - Attributes, - 0, - 0, - VirtualMode, - Global, - &Variable - ); - } - } - } - - InterlockedDecrement (&Global->ReentrantState); - ReleaseLockOnlyAtBootTime (&VariableGlobal->VariableServicesLock); - return Status; -} - -/** - Implements EsalQueryVariableInfo function of Extended SAL Variable Services Class. - - This function implements EsalQueryVariableInfo function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service QueryVariableInfo(). - - @param[in] Attributes Attributes bitmask to specify the type of variables - on which to return information. - @param[out] MaximumVariableStorageSize On output the maximum size of the storage space available for - the EFI variables associated with the attributes specified. - @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI - variables associated with the attributes specified. - @param[out] MaximumVariableSize Returns the maximum size of an individual EFI variable - associated with the attributes specified. - @param[in] VirtualMode Current calling mode for this function - @param[in] Global Context of this Extended SAL Variable Services Class call - - @retval EFI_SUCCESS Valid answer returned. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied. - @retval EFI_UNSUPPORTED The attribute is not supported on this platform, and the - MaximumVariableStorageSize, RemainingVariableStorageSize, - MaximumVariableSize are undefined. -**/ -EFI_STATUS -EFIAPI -EsalQueryVariableInfo ( - IN UINT32 Attributes, - OUT UINT64 *MaximumVariableStorageSize, - OUT UINT64 *RemainingVariableStorageSize, - OUT UINT64 *MaximumVariableSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ) -{ - EFI_PHYSICAL_ADDRESS Variable; - EFI_PHYSICAL_ADDRESS NextVariable; - UINT64 VariableSize; - EFI_PHYSICAL_ADDRESS VariableStoreHeaderAddress; - BOOLEAN Volatile; - VARIABLE_STORE_HEADER VarStoreHeader; - AUTHENTICATED_VARIABLE_HEADER VariableHeader; - UINT64 CommonVariableTotalSize; - UINT64 HwErrVariableTotalSize; - VARIABLE_GLOBAL *VariableGlobal; - UINT32 Instance; - - CommonVariableTotalSize = 0; - HwErrVariableTotalSize = 0; - - if(MaximumVariableStorageSize == NULL || RemainingVariableStorageSize == NULL || MaximumVariableSize == NULL || Attributes == 0) { - return EFI_INVALID_PARAMETER; - } - - if((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == 0) { - // - // Make sure the Attributes combination is supported by the platform. - // - return EFI_UNSUPPORTED; - } else if ((Attributes & (EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS)) == EFI_VARIABLE_RUNTIME_ACCESS) { - // - // Make sure if runtime bit is set, boot service bit is set also. - // - return EFI_INVALID_PARAMETER; - } else if (EfiAtRuntime () && ((Attributes & EFI_VARIABLE_RUNTIME_ACCESS) == 0)) { - // - // Make sure RT Attribute is set if we are in Runtime phase. - // - return EFI_INVALID_PARAMETER; - } else if ((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { - // - // Make sure Hw Attribute is set with NV. - // - return EFI_INVALID_PARAMETER; - } - - VariableGlobal = &Global->VariableGlobal[VirtualMode]; - Instance = Global->FvbInstance; - - AcquireLockOnlyAtBootTime(&VariableGlobal->VariableServicesLock); - - if((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) { - // - // Query is Volatile related. - // - Volatile = TRUE; - VariableStoreHeaderAddress = VariableGlobal->VolatileVariableBase; - } else { - // - // Query is Non-Volatile related. - // - Volatile = FALSE; - VariableStoreHeaderAddress = VariableGlobal->NonVolatileVariableBase; - } - - // - // Now let's fill *MaximumVariableStorageSize *RemainingVariableStorageSize - // with the storage size (excluding the storage header size). - // - GetVarStoreHeader (VariableStoreHeaderAddress, Volatile, VariableGlobal, Instance, &VarStoreHeader); - - *MaximumVariableStorageSize = VarStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER); - - // Harware error record variable needs larger size. - // - if ((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - *MaximumVariableStorageSize = PcdGet32(PcdHwErrStorageSize); - *MaximumVariableSize = PcdGet32(PcdMaxHardwareErrorVariableSize) - sizeof (AUTHENTICATED_VARIABLE_HEADER); - } else { - if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) { - ASSERT (PcdGet32(PcdHwErrStorageSize) < VarStoreHeader.Size); - *MaximumVariableStorageSize = VarStoreHeader.Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize); - } - - // - // Let *MaximumVariableSize be PcdGet32(PcdMaxVariableSize) with the exception of the variable header size. - // - *MaximumVariableSize = PcdGet32(PcdMaxVariableSize) - sizeof (AUTHENTICATED_VARIABLE_HEADER); - } - - // - // Point to the starting address of the variables. - // - Variable = GetStartPointer (VariableStoreHeaderAddress); - - // - // Now walk through the related variable store. - // - while (IsValidVariableHeader (Variable, Volatile, VariableGlobal, Instance, &VariableHeader) && - (Variable < GetEndPointer (VariableStoreHeaderAddress, Volatile, VariableGlobal, Instance))) { - NextVariable = GetNextVariablePtr (Variable, Volatile, VariableGlobal, Instance); - VariableSize = NextVariable - Variable; - - if (EfiAtRuntime ()) { - // - // we don't take the state of the variables in mind - // when calculating RemainingVariableStorageSize, - // since the space occupied by variables not marked with - // VAR_ADDED is not allowed to be reclaimed in Runtime. - // - if ((VariableHeader.Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { - HwErrVariableTotalSize += VariableSize; - } else { - CommonVariableTotalSize += VariableSize; - } - } else { - // - // Only care about Variables with State VAR_ADDED,because - // the space not marked as VAR_ADDED is reclaimable now. - // - if (VariableHeader.State == VAR_ADDED) { - if ((VariableHeader.Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) { - HwErrVariableTotalSize += VariableSize; - } else { - CommonVariableTotalSize += VariableSize; - } - } - } - - // - // Go to the next one - // - Variable = NextVariable; - } - - if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD){ - *RemainingVariableStorageSize = *MaximumVariableStorageSize - HwErrVariableTotalSize; - }else { - *RemainingVariableStorageSize = *MaximumVariableStorageSize - CommonVariableTotalSize; - } - - if (*RemainingVariableStorageSize < sizeof (AUTHENTICATED_VARIABLE_HEADER)) { - *MaximumVariableSize = 0; - } else if ((*RemainingVariableStorageSize - sizeof (AUTHENTICATED_VARIABLE_HEADER)) < *MaximumVariableSize) { - *MaximumVariableSize = *RemainingVariableStorageSize - sizeof (AUTHENTICATED_VARIABLE_HEADER); - } - - ReleaseLockOnlyAtBootTime (&VariableGlobal->VariableServicesLock); - return EFI_SUCCESS; -} - -/** - Notification function of EVT_GROUP_READY_TO_BOOT event group. - - This is a notification function registered on EVT_GROUP_READY_TO_BOOT event group. - When the Boot Manager is about to load and execute a boot option, it reclaims variable - storage if free size is below the threshold. - - @param[in] Event Event whose notification function is being invoked. - @param[in] Context Pointer to the notification function's context. - -**/ -VOID -EFIAPI -ReclaimForOS( - IN EFI_EVENT Event, - IN VOID *Context - ) -{ - UINT32 VarSize; - EFI_STATUS Status; - UINTN CommonVariableSpace; - UINTN RemainingCommonVariableSpace; - UINTN RemainingHwErrVariableSpace; - - VarSize = ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase))->Size; - Status = EFI_SUCCESS; - // - //Allowable max size of common variable storage space - // - CommonVariableSpace = VarSize - sizeof (VARIABLE_STORE_HEADER) - PcdGet32(PcdHwErrStorageSize); - - RemainingCommonVariableSpace = CommonVariableSpace - mVariableModuleGlobal->CommonVariableTotalSize; - - RemainingHwErrVariableSpace = PcdGet32 (PcdHwErrStorageSize) - mVariableModuleGlobal->HwErrVariableTotalSize; - // - // If the free area is below a threshold, then performs reclaim operation. - // - if ((RemainingCommonVariableSpace < PcdGet32 (PcdMaxVariableSize)) - || ((PcdGet32 (PcdHwErrStorageSize) != 0) && - (RemainingHwErrVariableSpace < PcdGet32 (PcdMaxHardwareErrorVariableSize)))){ - Status = Reclaim ( - mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase, - &mVariableModuleGlobal->NonVolatileLastVariableOffset, - FALSE, - Physical, - mVariableModuleGlobal, - 0x0 - ); - ASSERT_EFI_ERROR (Status); - } -} - -/** - Flush the HOB variable to NV variable storage. -**/ -VOID -FlushHob2Nv ( - VOID - ) -{ - EFI_STATUS Status; - VOID *GuidHob; - VARIABLE_STORE_HEADER *VariableStoreHeader; - AUTHENTICATED_VARIABLE_HEADER *VariableHeader; - // - // Get HOB variable store. - // - GuidHob = GetFirstGuidHob (&gEfiAuthenticatedVariableGuid); - if (GuidHob != NULL) { - VariableStoreHeader = (VARIABLE_STORE_HEADER *) GET_GUID_HOB_DATA (GuidHob); - if (CompareGuid (&VariableStoreHeader->Signature, &gEfiAuthenticatedVariableGuid) && - (VariableStoreHeader->Format == VARIABLE_STORE_FORMATTED) && - (VariableStoreHeader->State == VARIABLE_STORE_HEALTHY) - ) { - DEBUG ((EFI_D_INFO, "HOB Variable Store appears to be valid.\n")); - // - // Flush the HOB variable to NV Variable storage. - // - for ( VariableHeader = (AUTHENTICATED_VARIABLE_HEADER *) HEADER_ALIGN (VariableStoreHeader + 1) - ; (VariableHeader < (AUTHENTICATED_VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VariableStoreHeader + VariableStoreHeader->Size) - && - (VariableHeader->StartId == VARIABLE_DATA)) - ; VariableHeader = (AUTHENTICATED_VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) (VariableHeader + 1) - + VariableHeader->NameSize + GET_PAD_SIZE (VariableHeader->NameSize) - + VariableHeader->DataSize + GET_PAD_SIZE (VariableHeader->DataSize) - ) - ) { - ASSERT (VariableHeader->State == VAR_ADDED); - ASSERT ((VariableHeader->Attributes & EFI_VARIABLE_NON_VOLATILE) != 0); - Status = EsalSetVariable ( - (CHAR16 *) (VariableHeader + 1), - &VariableHeader->VendorGuid, - VariableHeader->Attributes, - VariableHeader->DataSize, - (UINT8 *) (VariableHeader + 1) + VariableHeader->NameSize + GET_PAD_SIZE (VariableHeader->NameSize), - Physical, - mVariableModuleGlobal - ); - ASSERT_EFI_ERROR (Status); - } - } - } -} - -/** - Initializes variable store area for non-volatile and volatile variable. - - This function allocates and initializes memory space for global context of ESAL - variable service and variable store area for non-volatile and volatile variable. - - @param[in] ImageHandle The Image handle of this driver. - @param[in] SystemTable The pointer of EFI_SYSTEM_TABLE. - - @retval EFI_SUCCESS Function successfully executed. - @retval EFI_OUT_OF_RESOURCES Fail to allocate enough memory resource. - -**/ -EFI_STATUS -VariableCommonInitialize ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ) -{ - EFI_STATUS Status; - EFI_FIRMWARE_VOLUME_HEADER *FwVolHeader; - EFI_PHYSICAL_ADDRESS CurrPtr; - VARIABLE_STORE_HEADER *VolatileVariableStore; - VARIABLE_STORE_HEADER *VariableStoreHeader; - EFI_PHYSICAL_ADDRESS Variable; - EFI_PHYSICAL_ADDRESS NextVariable; - UINTN VariableSize; - UINT32 Instance; - EFI_PHYSICAL_ADDRESS FvVolHdr; - EFI_PHYSICAL_ADDRESS TempVariableStoreHeader; - EFI_GCD_MEMORY_SPACE_DESCRIPTOR GcdDescriptor; - UINT64 BaseAddress; - UINT64 Length; - UINTN Index; - UINT8 Data; - EFI_PHYSICAL_ADDRESS VariableStoreBase; - UINT64 VariableStoreLength; - EFI_EVENT ReadyToBootEvent; - UINTN ScratchSize; - - // - // Allocate memory for mVariableModuleGlobal - // - mVariableModuleGlobal = AllocateRuntimeZeroPool (sizeof (ESAL_VARIABLE_GLOBAL)); - if (mVariableModuleGlobal == NULL) { - return EFI_OUT_OF_RESOURCES; - } - - mVariableModuleGlobal->GlobalVariableGuid[Physical] = &gEfiGlobalVariableGuid; - CopyMem ( - mVariableModuleGlobal->VariableName[Physical], - mVariableName, - sizeof (mVariableName) - ); - - EfiInitializeLock(&mVariableModuleGlobal->VariableGlobal[Physical].VariableServicesLock, TPL_NOTIFY); - - // - // Note that in EdkII variable driver implementation, Hardware Error Record type variable - // is stored with common variable in the same NV region. So the platform integrator should - // ensure that the value of PcdHwErrStorageSize is less than or equal to the value of - // PcdFlashNvStorageVariableSize. - // - ASSERT (PcdGet32(PcdHwErrStorageSize) <= PcdGet32 (PcdFlashNvStorageVariableSize)); - - // - // Allocate memory for volatile variable store - // - ScratchSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)); - VolatileVariableStore = AllocateRuntimePool (PcdGet32 (PcdVariableStoreSize) + ScratchSize); - if (VolatileVariableStore == NULL) { - FreePool (mVariableModuleGlobal); - return EFI_OUT_OF_RESOURCES; - } - - SetMem (VolatileVariableStore, PcdGet32 (PcdVariableStoreSize) + ScratchSize, 0xff); - - // - // Variable Specific Data - // - mVariableModuleGlobal->VariableGlobal[Physical].VolatileVariableBase = (EFI_PHYSICAL_ADDRESS) (UINTN) VolatileVariableStore; - mVariableModuleGlobal->VolatileLastVariableOffset = (UINTN) GetStartPointer ((EFI_PHYSICAL_ADDRESS) VolatileVariableStore) - (UINTN) VolatileVariableStore; - - CopyGuid (&VolatileVariableStore->Signature, &gEfiAuthenticatedVariableGuid); - VolatileVariableStore->Size = PcdGet32 (PcdVariableStoreSize); - VolatileVariableStore->Format = VARIABLE_STORE_FORMATTED; - VolatileVariableStore->State = VARIABLE_STORE_HEALTHY; - VolatileVariableStore->Reserved = 0; - VolatileVariableStore->Reserved1 = 0; - - // - // Get non volatile varaible store - // - TempVariableStoreHeader = (UINT64) PcdGet32 (PcdFlashNvStorageVariableBase); - VariableStoreBase = TempVariableStoreHeader + \ - (((EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) (TempVariableStoreHeader)) -> HeaderLength); - VariableStoreLength = (UINT64) PcdGet32 (PcdFlashNvStorageVariableSize) - \ - (((EFI_FIRMWARE_VOLUME_HEADER *) (UINTN) (TempVariableStoreHeader)) -> HeaderLength); - // - // Mark the variable storage region of the FLASH as RUNTIME - // - BaseAddress = VariableStoreBase & (~EFI_PAGE_MASK); - Length = VariableStoreLength + (VariableStoreBase - BaseAddress); - Length = (Length + EFI_PAGE_SIZE - 1) & (~EFI_PAGE_MASK); - - Status = gDS->GetMemorySpaceDescriptor (BaseAddress, &GcdDescriptor); - if (EFI_ERROR (Status)) { - goto Done; - } - - Status = gDS->SetMemorySpaceAttributes ( - BaseAddress, - Length, - GcdDescriptor.Attributes | EFI_MEMORY_RUNTIME - ); - if (EFI_ERROR (Status)) { - goto Done; - } - // - // Get address of non volatile variable store base. - // - mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase = VariableStoreBase; - - // - // Check Integrity - // - // - // Find the Correct Instance of the FV Block Service. - // - Instance = 0; - CurrPtr = mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase; - - do { - FvVolHdr = 0; - Status = (EFI_STATUS) EsalCall ( - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_LO, - EFI_EXTENDED_SAL_FV_BLOCK_SERVICES_PROTOCOL_GUID_HI, - GetPhysicalAddressFunctionId, - Instance, - (UINT64) &FvVolHdr, - 0, - 0, - 0, - 0, - 0 - ).Status; - if (EFI_ERROR (Status)) { - break; - } - FwVolHeader = (EFI_FIRMWARE_VOLUME_HEADER *) ((UINTN) FvVolHdr); - ASSERT (FwVolHeader != NULL); - if (CurrPtr >= (EFI_PHYSICAL_ADDRESS) FwVolHeader && - CurrPtr < ((EFI_PHYSICAL_ADDRESS) FwVolHeader + FwVolHeader->FvLength)) { - mVariableModuleGlobal->FvbInstance = Instance; - break; - } - - Instance++; - } while (Status == EFI_SUCCESS); - - VariableStoreHeader = (VARIABLE_STORE_HEADER *) CurrPtr; - if (GetVariableStoreStatus (VariableStoreHeader) == EfiValid) { - if (~VariableStoreHeader->Size == 0) { - Status = AccessVariableStore ( - TRUE, - &mVariableModuleGlobal->VariableGlobal[Physical], - FALSE, - mVariableModuleGlobal->FvbInstance, - (UINTN) &VariableStoreHeader->Size, - sizeof (UINT32), - (UINT8 *) &VariableStoreLength - ); - // - // As Variables are stored in NV storage, which are slow devices,such as flash. - // Variable operation may skip checking variable program result to improve performance, - // We can assume Variable program is OK through some check point. - // Variable Store Size Setting should be the first Variable write operation, - // We can assume all Read/Write is OK if we can set Variable store size successfully. - // If write fail, we will assert here. - // - ASSERT(VariableStoreHeader->Size == VariableStoreLength); - - if (EFI_ERROR (Status)) { - goto Done; - } - } - - mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase = (EFI_PHYSICAL_ADDRESS) ((UINTN) CurrPtr); - // - // Parse non-volatile variable data and get last variable offset. - // - Variable = GetStartPointer (CurrPtr); - Status = EFI_SUCCESS; - - while (IsValidVariableHeader (Variable, FALSE, &(mVariableModuleGlobal->VariableGlobal[Physical]), Instance, NULL)) { - NextVariable = GetNextVariablePtr ( - Variable, - FALSE, - &(mVariableModuleGlobal->VariableGlobal[Physical]), - Instance - ); - VariableSize = NextVariable - Variable; - if ((((AUTHENTICATED_VARIABLE_HEADER *)Variable)->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) { - mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize; - } else { - mVariableModuleGlobal->CommonVariableTotalSize += VariableSize; - } - - Variable = NextVariable; - } - - mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) Variable - (UINTN) CurrPtr; - - // - // Check if the free area is really free. - // - for (Index = mVariableModuleGlobal->NonVolatileLastVariableOffset; Index < VariableStoreHeader->Size; Index++) { - Data = ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase)[Index]; - if (Data != 0xff) { - // - // There must be something wrong in variable store, do reclaim operation. - // - Status = Reclaim ( - mVariableModuleGlobal->VariableGlobal[Physical].NonVolatileVariableBase, - &mVariableModuleGlobal->NonVolatileLastVariableOffset, - FALSE, - Physical, - mVariableModuleGlobal, - 0x0 - ); - if (EFI_ERROR (Status)) { - goto Done; - } - break; - } - } - - // - // Register the event handling function to reclaim variable for OS usage. - // - Status = EfiCreateEventReadyToBootEx ( - TPL_NOTIFY, - ReclaimForOS, - NULL, - &ReadyToBootEvent - ); - } else { - Status = EFI_VOLUME_CORRUPTED; - DEBUG((EFI_D_ERROR, "Variable Store header is corrupted\n")); - } - -Done: - if (EFI_ERROR (Status)) { - FreePool (mVariableModuleGlobal); - FreePool (VolatileVariableStore); - } - - return Status; -} diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.h b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.h deleted file mode 100644 index 76d4ac552a..0000000000 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.h +++ /dev/null @@ -1,505 +0,0 @@ -/** @file - Internal header file for Extended SAL variable service module. - -Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#ifndef _VARIABLE_H_ -#define _VARIABLE_H_ - -#include - -#include -#include -#include -#include -#include -#include - -#include -#include -#include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#define MAX_NAME_SIZE 0x100 -#define NUM_VAR_NAME 9 // Number of pre-defined variable name to be referenced -#define VAR_PLATFORM_LANG_CODES 0 // Index of "PlatformLangCodes" variable -#define VAR_LANG_CODES 1 // Index of "LangCodes" variable -#define VAR_PLATFORM_LANG 2 // Index of "PlatformLang" variable -#define VAR_LANG 3 // Index of "Lang" variable -#define VAR_HW_ERR_REC 4 // Index of "HwErrRecXXXX" variable -#define VAR_AUTH_KEY_DB 5 // Index of "AuthVarKeyDatabase" variable -#define VAR_SETUP_MODE 6 // Index of "SetupMode" variable -#define VAR_PLATFORM_KEY 7 // Index of "PK" variable -#define VAR_KEY_EXCHANGE_KEY 8 // Index of "KEK" variable - -/// -/// "AuthVarKeyDatabase" variable for the Public Key store. -/// -#define AUTHVAR_KEYDB_NAME L"AuthVarKeyDatabase" -#define AUTHVAR_KEYDB_NAME_SIZE 38 - -/// -/// The maximum size of the public key database, restricted by maximum individal EFI -/// varible size, and excluding the variable header and name size. -/// -#define MAX_KEYDB_SIZE (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (AUTHENTICATED_VARIABLE_HEADER) - AUTHVAR_KEYDB_NAME_SIZE) -#define MAX_KEY_NUM (MAX_KEYDB_SIZE / EFI_CERT_TYPE_RSA2048_SIZE) - -/// -/// The size of a 3 character ISO639 language code. -/// -#define ISO_639_2_ENTRY_SIZE 3 - -typedef enum { - Physical, - Virtual -} VARIABLE_POINTER_TYPE; - -typedef struct { - EFI_PHYSICAL_ADDRESS CurrPtr; - EFI_PHYSICAL_ADDRESS EndPtr; - EFI_PHYSICAL_ADDRESS StartPtr; - BOOLEAN Volatile; -} VARIABLE_POINTER_TRACK; - -typedef struct { - EFI_PHYSICAL_ADDRESS VolatileVariableBase; - EFI_PHYSICAL_ADDRESS NonVolatileVariableBase; - EFI_LOCK VariableServicesLock; -} VARIABLE_GLOBAL; - -typedef struct { - VARIABLE_GLOBAL VariableGlobal[2]; - CHAR16 *VariableName[2][NUM_VAR_NAME]; - EFI_GUID *GlobalVariableGuid[2]; - UINTN VolatileLastVariableOffset; - UINTN NonVolatileLastVariableOffset; - UINTN CommonVariableTotalSize; - UINTN HwErrVariableTotalSize; - CHAR8 *PlatformLangCodes[2]; - CHAR8 *LangCodes[2]; - CHAR8 *PlatformLang[2]; - CHAR8 Lang[ISO_639_2_ENTRY_SIZE + 1]; - UINT32 FvbInstance; - UINT32 ReentrantState; - EFI_GUID *AuthenticatedVariableGuid[2]; - EFI_GUID *CertRsa2048Sha256Guid[2]; - EFI_GUID *ImageSecurityDatabaseGuid[2]; - VOID *HashContext[2]; // Hash context pointer - UINT8 KeyList[MAX_KEYDB_SIZE]; // Cached Platform Key list - UINT8 PubKeyStore[MAX_KEYDB_SIZE]; // Cached Public Key list -} ESAL_VARIABLE_GLOBAL; - -typedef struct { - EFI_GUID *Guid; - CHAR16 *Name; - UINT32 Attributes; - UINTN DataSize; - VOID *Data; -} VARIABLE_CACHE_ENTRY; - - -extern ESAL_VARIABLE_GLOBAL *mVariableModuleGlobal; - -// -// Functions -// - -/** - Initializes variable store area for non-volatile and volatile variable. - - This function allocates and initializes memory space for global context of ESAL - variable service and variable store area for non-volatile and volatile variable. - - @param[in] ImageHandle The Image handle of this driver. - @param[in] SystemTable The pointer of EFI_SYSTEM_TABLE. - - @retval EFI_SUCCESS Function successfully executed. - @retval EFI_OUT_OF_RESOURCES Failed to allocate enough memory resource. - -**/ -EFI_STATUS -VariableCommonInitialize ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ); - -/** - Entry point of Extended SAL Variable service module. - - This function is the entry point of Extended SAL Variable service module. - It registers all functions of Extended SAL Variable class, initializes - variable store for non-volatile and volatile variables, and registers - notification function for EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. - - @param[in] ImageHandle The Image handle of this driver. - @param[in] SystemTable The pointer of EFI_SYSTEM_TABLE. - - @retval EFI_SUCCESS Extended SAL Variable Services Class successfully registered. - -**/ -EFI_STATUS -EFIAPI -VariableServiceInitialize ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ); - -/** - Notification function of EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE. - - This is a notification function registered on EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. - It convers pointer to new virtual address. - - @param[in] Event The event whose notification function is being invoked. - @param[in] Context The pointer to the notification function's context. - -**/ -VOID -EFIAPI -VariableClassAddressChangeEvent ( - IN EFI_EVENT Event, - IN VOID *Context - ); - -/** - Implements EsalGetVariable function of Extended SAL Variable Services Class. - - This function implements EsalGetVariable function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service GetVariable(). - - @param[in] VariableName A Null-terminated Unicode string that is the name of - the vendor's variable. - @param[in] VendorGuid A unique identifier for the vendor. - @param[out] Attributes If not NULL, a pointer to the memory location to return the - attributes bitmask for the variable. - @param[in, out] DataSize Size of Data found. If size is less than the - data, this value contains the required size. - @param[out] Data On input, the size in bytes of the return Data buffer. - On output, the size of data returned in Data. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The variable was not found. - @retval EFI_BUFFER_TOO_SMALL DataSize is too small for the result. DataSize has - been updated with the size needed to complete the request. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_INVALID_PARAMETER DataSize is NULL. - @retval EFI_INVALID_PARAMETER DataSize is not too small and Data is NULL. - @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure. - -**/ -EFI_STATUS -EFIAPI -EsalGetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT UINT32 *Attributes OPTIONAL, - IN OUT UINTN *DataSize, - OUT VOID *Data, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ); - -/** - Implements EsalGetNextVariableName function of Extended SAL Variable Services Class. - - This function implements EsalGetNextVariableName function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service GetNextVariableName(). - - @param[in, out] VariableNameSize Size of the variable - @param[in, out] VariableName On input, supplies the last VariableName that was returned by GetNextVariableName(). - On output, returns the Null-terminated Unicode string of the current variable. - @param[in, out] VendorGuid On input, supplies the last VendorGuid that was returned by GetNextVariableName(). - On output, returns the VendorGuid of the current variable. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The next variable was not found. - @retval EFI_BUFFER_TOO_SMALL VariableNameSize is too small for the result. - VariableNameSize has been updated with the size needed to complete the request. - @retval EFI_INVALID_PARAMETER VariableNameSize is NULL. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_DEVICE_ERROR The variable name could not be retrieved due to a hardware error. - -**/ -EFI_STATUS -EFIAPI -EsalGetNextVariableName ( - IN OUT UINTN *VariableNameSize, - IN OUT CHAR16 *VariableName, - IN OUT EFI_GUID *VendorGuid, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ); - -/** - Implements EsalSetVariable function of Extended SAL Variable Services Class. - - This function implements EsalSetVariable function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service SetVariable(). - - @param[in] VariableName A Null-terminated Unicode string that is the name of the vendor's - variable. Each VariableName is unique for each - VendorGuid. VariableName must contain 1 or more - Unicode characters. If VariableName is an empty Unicode - string, then EFI_INVALID_PARAMETER is returned. - @param[in] VendorGuid A unique identifier for the vendor. - @param[in] Attributes Attributes bitmask to set for the variable. - @param[in] DataSize The size in bytes of the Data buffer. A size of zero causes the - variable to be deleted. - @param[in] Data The contents for the variable. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - - @retval EFI_SUCCESS The firmware has successfully stored the variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be deleted. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due to an authentication failure. - @retval EFI_NOT_FOUND The variable trying to be updated or deleted was not found. - -**/ -EFI_STATUS -EFIAPI -EsalSetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ); - -/** - Implements EsalQueryVariableInfo function of Extended SAL Variable Services Class. - - This function implements EsalQueryVariableInfo function of Extended SAL Variable Services Class. - It is equivalent in functionality to the EFI Runtime Service QueryVariableInfo(). - - @param[in] Attributes Attributes bitmask to specify the type of variables - on which to return information. - @param[out] MaximumVariableStorageSize On output the maximum size of the storage space available for - the EFI variables associated with the attributes specified. - @param[out] RemainingVariableStorageSize Returns the remaining size of the storage space available for EFI - variables associated with the attributes specified. - @param[out] MaximumVariableSize Returns the maximum size of an individual EFI variable - associated with the attributes specified. - @param[in] VirtualMode Current calling mode for this function - @param[in] Global Context of this Extended SAL Variable Services Class call - - @retval EFI_SUCCESS Valid answer returned. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits was supplied. - @retval EFI_UNSUPPORTED The attribute is not supported on this platform, and the - MaximumVariableStorageSize, RemainingVariableStorageSize, - MaximumVariableSize are undefined. -**/ -EFI_STATUS -EFIAPI -EsalQueryVariableInfo ( - IN UINT32 Attributes, - OUT UINT64 *MaximumVariableStorageSize, - OUT UINT64 *RemainingVariableStorageSize, - OUT UINT64 *MaximumVariableSize, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global - ); - -/** - Writes a buffer to variable storage space. - - This function writes a buffer to variable storage space into firmware - volume block device. The destination is specified by parameter - VariableBase. Fault Tolerant Write protocol is used for writing. - - @param[in] VariableBase The base address of the variable to write. - @param[in] Buffer Points to the data buffer. - @param[in] BufferSize The number of bytes of the data Buffer. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND Fail to locate Fault Tolerant Write protocol. - @retval Other The function could not complete successfully. - -**/ -EFI_STATUS -FtwVariableSpace ( - IN EFI_PHYSICAL_ADDRESS VariableBase, - IN UINT8 *Buffer, - IN UINTN BufferSize - ); - -/** - Finds variable in volatile and non-volatile storage areas. - - This code finds variable in volatile and non-volatile storage areas. - If VariableName is an empty string, then we just return the first - qualified variable without comparing VariableName and VendorGuid. - Otherwise, VariableName and VendorGuid are compared. - - @param[in] VariableName Name of the variable to be found. - @param[in] VendorGuid Vendor GUID to be found. - @param[out] PtrTrack VARIABLE_POINTER_TRACK structure for output, - including the range searched and the target position. - @param[in] Global Pointer to VARIABLE_GLOBAL structure, including - base of volatile variable storage area, base of - NV variable storage area, and a lock. - @param[in] Instance Instance of FV Block services. - - @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while - VendorGuid is NULL. - @retval EFI_SUCCESS Variable successfully found. - @retval EFI_INVALID_PARAMETER Variable not found. - -**/ -EFI_STATUS -FindVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT VARIABLE_POINTER_TRACK *PtrTrack, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance - ); - -/** - Gets the pointer to variable data area. - - This function gets the pointer to variable data area. - The variable is specified by its variable header. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VariableData Buffer to hold variable data for output. - -**/ -VOID -GetVariableDataPtr ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT CHAR16 *VariableData - ); - -/** - Gets the size of variable data area. - - This function gets the size of variable data area. - The variable is specified by its variable header. - If variable header contains raw data, just return 0. - - @param[in] Variable Pointer to the variable header. - - @return Size of variable data area in bytes. - -**/ -UINTN -DataSizeOfVariable ( - IN AUTHENTICATED_VARIABLE_HEADER *Variable - ); - -/** - Update the variable region with Variable information. These are the same - arguments as the EFI Variable services. - - @param[in] VariableName Name of variable. - @param[in] VendorGuid Guid of variable. - @param[in] Data Variable data. - @param[in] DataSize Size of data. 0 means delete. - @param[in] Attributes Attributes of the variable. - @param[in] KeyIndex Index of associated public key. - @param[in] MonotonicCount Value of associated monotonic count. - @param[in] VirtualMode Current calling mode for this function. - @param[in] Global Context of this Extended SAL Variable Services Class call. - @param[in] Variable The variable information which is used to keep track of variable usage. - - @retval EFI_SUCCESS The update operation is success. - @retval EFI_OUT_OF_RESOURCES Variable region is full, can not write other data into this region. - -**/ -EFI_STATUS -EFIAPI -UpdateVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN VOID *Data, - IN UINTN DataSize, - IN UINT32 Attributes OPTIONAL, - IN UINT32 KeyIndex OPTIONAL, - IN UINT64 MonotonicCount OPTIONAL, - IN BOOLEAN VirtualMode, - IN ESAL_VARIABLE_GLOBAL *Global, - IN VARIABLE_POINTER_TRACK *Variable - ); - -/** - Checks variable header. - - This function checks if variable header is valid or not. - - @param[in] VariableAddress Start address of variable header. - @param[in] Volatile TRUE - Variable is volatile. - FALSE - Variable is non-volatile. - @param[in] Global Pointer to VARAIBLE_GLOBAL structure. - @param[in] Instance Instance of FV Block services. - @param[out] VariableHeader Pointer to AUTHENTICATED_VARIABLE_HEADER for output. - - @retval TRUE Variable header is valid. - @retval FALSE Variable header is not valid. - -**/ -BOOLEAN -IsValidVariableHeader ( - IN EFI_PHYSICAL_ADDRESS VariableAddress, - IN BOOLEAN Volatile, - IN VARIABLE_GLOBAL *Global, - IN UINTN Instance, - OUT AUTHENTICATED_VARIABLE_HEADER *VariableHeader OPTIONAL - ); - -/** - Flush the HOB variable to NV variable storage. -**/ -VOID -FlushHob2Nv ( - VOID - ); - -#endif diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf index fa7c39d6e5..487fc8cda9 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -2,7 +2,7 @@ # Provides the capbility to configure secure boot in a setup browser # By this module, user may change the content of DB, DBX, PK and KEK. # -# Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -23,7 +23,7 @@ UNLOAD_IMAGE = SecureBootConfigDriverUnload # -# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# VALID_ARCHITECTURES = IA32 X64 EBC # [Sources] -- 2.39.2