tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added secure boot in CSM module entrypoint, if UEFI secure boot is enabled, CSM module cannot be started. 

Signed-off-by: Li Elvin <elvin.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13537 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
li-elvin 2012-07-17 09:25:26 +00:00
parent 05a643f91d
commit 0f8b02980e
3 changed files with 18 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBios.c
View File

@ -695,6 +695,7 @@ LegacyBiosInstall (
UINT32 MemorySize; UINT32 MemorySize;
EFI_GCD_MEMORY_SPACE_DESCRIPTOR Descriptor; EFI_GCD_MEMORY_SPACE_DESCRIPTOR Descriptor;
UINT64 Length; UINT64 Length;
UINT8 *SecureBoot;
// //
// Load this driver's image to memory // Load this driver's image to memory
@ -704,6 +705,20 @@ LegacyBiosInstall (
return Status; return Status;
} }
//
// When UEFI Secure Boot is enabled, CSM module will not start any more.
//
SecureBoot = NULL;
GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBoot, NULL);
if ((SecureBoot != NULL) && (*SecureBoot == SECURE_BOOT_MODE_ENABLE)) {
FreePool (SecureBoot);
return EFI_SECURITY_VIOLATION;
}
if (SecureBoot != NULL) {
FreePool (SecureBoot);
}
Private = &mPrivateData; Private = &mPrivateData;
ZeroMem (Private, sizeof (LEGACY_BIOS_INSTANCE)); ZeroMem (Private, sizeof (LEGACY_BIOS_INSTANCE));

4
IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosDxe.inf
View File

@ -3,7 +3,7 @@
# #
# This driver installs Legacy Bios Protocol to support CSM module work in EFI system. # This driver installs Legacy Bios Protocol to support CSM module work in EFI system.
# #
# Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions # are licensed and made available under the terms and conditions
@ -142,5 +142,5 @@
gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdHighPmmMemorySize gEfiIntelFrameworkModulePkgTokenSpaceGuid.PcdHighPmmMemorySize
[Depex] [Depex]
gEfiLegacyRegion2ProtocolGuid AND gEfiLegacyInterruptProtocolGuid AND gEfiLegacyBiosPlatformProtocolGuid AND gEfiLegacy8259ProtocolGuid AND gEfiGenericMemTestProtocolGuid AND gEfiCpuArchProtocolGuid AND gEfiTimerArchProtocolGuid gEfiLegacyRegion2ProtocolGuid AND gEfiLegacyInterruptProtocolGuid AND gEfiLegacyBiosPlatformProtocolGuid AND gEfiLegacy8259ProtocolGuid AND gEfiGenericMemTestProtocolGuid AND gEfiCpuArchProtocolGuid AND gEfiTimerArchProtocolGuid AND gEfiVariableWriteArchProtocolGuid

1
IntelFrameworkModulePkg/Csm/LegacyBiosDxe/LegacyBiosInterface.h
View File

@ -24,6 +24,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Guid/DxeServices.h> #include <Guid/DxeServices.h>
#include <Guid/LegacyBios.h> #include <Guid/LegacyBios.h>
#include <Guid/StatusCodeDataTypeId.h> #include <Guid/StatusCodeDataTypeId.h>
#include <Guid/ImageAuthentication.h>
#include <Protocol/BlockIo.h> #include <Protocol/BlockIo.h>
#include <Protocol/LoadedImage.h> #include <Protocol/LoadedImage.h>