mirror of https://github.com/acidanthera/audk.git
MdeModulePkg: Add SMM LockBox
This includes: * LockBox protocol definition * LockBoxLib library interface definition * SmmLockBox GUID * LockBoxNullLib library implementation * 2 SmmLockBoxLib library implementations * SmmLockBox SMM driver Signed-off-by: jljusten Reviewed-by: mdkinney Reviewed-by: geekboy15a Reviewed-by: jyao1 Reviewed-by: lgao4 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12029 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
parent
9fba8e7d3d
commit
1c837cd545
|
@ -0,0 +1,73 @@
|
|||
/** @file
|
||||
SmmLockBox guid header file.
|
||||
|
||||
Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#ifndef _SMM_LOCK_BOX_GUID_H_
|
||||
#define _SMM_LOCK_BOX_GUID_H_
|
||||
|
||||
#define EFI_SMM_LOCK_BOX_COMMUNICATION_GUID \
|
||||
{0x2a3cfebd, 0x27e8, 0x4d0a, {0x8b, 0x79, 0xd6, 0x88, 0xc2, 0xa3, 0xe1, 0xc0}}
|
||||
|
||||
//
|
||||
// Below data structure is used for communication between PEI/DXE to SMM.
|
||||
//
|
||||
|
||||
#define EFI_SMM_LOCK_BOX_COMMAND_SAVE 0x1
|
||||
#define EFI_SMM_LOCK_BOX_COMMAND_UPDATE 0x2
|
||||
#define EFI_SMM_LOCK_BOX_COMMAND_RESTORE 0x3
|
||||
#define EFI_SMM_LOCK_BOX_COMMAND_SET_ATTRIBUTES 0x4
|
||||
#define EFI_SMM_LOCK_BOX_COMMAND_RESTORE_ALL_IN_PLACE 0x5
|
||||
|
||||
typedef struct {
|
||||
UINT32 Command;
|
||||
UINT32 DataLength;
|
||||
UINT64 ReturnStatus;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_HEADER;
|
||||
|
||||
typedef struct {
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
|
||||
GUID Guid;
|
||||
PHYSICAL_ADDRESS Buffer;
|
||||
UINT64 Length;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_SAVE;
|
||||
|
||||
typedef struct {
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
|
||||
GUID Guid;
|
||||
UINT64 Offset;
|
||||
PHYSICAL_ADDRESS Buffer;
|
||||
UINT64 Length;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_UPDATE;
|
||||
|
||||
typedef struct {
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
|
||||
GUID Guid;
|
||||
PHYSICAL_ADDRESS Buffer;
|
||||
UINT64 Length;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_RESTORE;
|
||||
|
||||
typedef struct {
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
|
||||
GUID Guid;
|
||||
UINT64 Attributes;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES;
|
||||
|
||||
typedef struct {
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
|
||||
} EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE;
|
||||
|
||||
extern EFI_GUID gEfiSmmLockBoxCommunicationGuid;
|
||||
|
||||
#endif
|
|
@ -0,0 +1,133 @@
|
|||
/** @file
|
||||
This library is only intended to be used by DXE modules that need save
|
||||
confidential information to LockBox and get it by PEI modules in S3 phase.
|
||||
|
||||
Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#ifndef _LOCK_BOX_LIB_H_
|
||||
#define _LOCK_BOX_LIB_H_
|
||||
|
||||
/**
|
||||
This function will save confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the confidential information
|
||||
@param Length the length of the confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
|
||||
@retval RETURN_ALREADY_STARTED the requested GUID already exist.
|
||||
@retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SaveLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
);
|
||||
|
||||
/**
|
||||
This function will set lockbox attributes.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Attributes the attributes of the lockbox
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER attributes is invalid.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SetLockBoxAttributes (
|
||||
IN GUID *Guid,
|
||||
IN UINT64 Attributes
|
||||
);
|
||||
|
||||
//
|
||||
// With this flag, this LockBox can be restored to this Buffer with RestoreAllLockBoxInPlace()
|
||||
//
|
||||
#define LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE BIT0
|
||||
|
||||
/**
|
||||
This function will update confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the original confidential information
|
||||
@param Offset the offset of the original confidential information
|
||||
@param Buffer the address of the updated confidential information
|
||||
@param Length the length of the updated confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
UpdateLockBox (
|
||||
IN GUID *Guid,
|
||||
IN UINTN Offset,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
);
|
||||
|
||||
/**
|
||||
This function will restore confidential information from lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the restored confidential information
|
||||
NULL means restored to original address, Length MUST be NULL at same time.
|
||||
@param Length the length of the restored confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
|
||||
@retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
|
||||
LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_ACCESS_DENIED not allow to restore to the address
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer, OPTIONAL
|
||||
IN OUT UINTN *Length OPTIONAL
|
||||
);
|
||||
|
||||
/**
|
||||
This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreAllLockBoxInPlace (
|
||||
VOID
|
||||
);
|
||||
|
||||
#endif
|
|
@ -0,0 +1,31 @@
|
|||
/** @file
|
||||
LockBox protocol header file.
|
||||
This is used to resolve dependency problem. The LockBox implementation
|
||||
install this to broadcast that LockBox API is ready. The driver who will
|
||||
use LockBox at its ENTRYPOINT should add this dependency.
|
||||
|
||||
Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#ifndef _LOCK_BOX_PROTOCOL_H_
|
||||
#define _LOCK_BOX_PROTOCOL_H_
|
||||
|
||||
///
|
||||
/// Global ID for the EFI LOCK BOX Protocol.
|
||||
///
|
||||
#define EFI_LOCK_BOX_PROTOCOL_GUID \
|
||||
{ 0xbd445d79, 0xb7ad, 0x4f04, { 0x9a, 0xd8, 0x29, 0xbd, 0x20, 0x40, 0xeb, 0x3c }}
|
||||
|
||||
extern EFI_GUID gEfiLockBoxProtocolGuid;
|
||||
|
||||
#endif
|
|
@ -0,0 +1,139 @@
|
|||
/** @file
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <Uefi.h>
|
||||
#include <Library/DebugLib.h>
|
||||
|
||||
/**
|
||||
This function will save confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the confidential information
|
||||
@param Length the length of the confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
|
||||
@retval RETURN_ALREADY_STARTED the requested GUID already exist.
|
||||
@retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SaveLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
return RETURN_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will set lockbox attributes.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Attributes the attributes of the lockbox
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER attributes is invalid.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SetLockBoxAttributes (
|
||||
IN GUID *Guid,
|
||||
IN UINT64 Attributes
|
||||
)
|
||||
{
|
||||
return RETURN_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will update confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the original confidential information
|
||||
@param Offset the offset of the original confidential information
|
||||
@param Buffer the address of the updated confidential information
|
||||
@param Length the length of the updated confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
UpdateLockBox (
|
||||
IN GUID *Guid,
|
||||
IN UINTN Offset,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
return RETURN_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the restored confidential information
|
||||
NULL means restored to original address, Length MUST be NULL at same time.
|
||||
@param Length the length of the restored confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
|
||||
@retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
|
||||
LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_ACCESS_DENIED not allow to restore to the address
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer, OPTIONAL
|
||||
IN OUT UINTN *Length OPTIONAL
|
||||
)
|
||||
{
|
||||
return RETURN_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreAllLockBoxInPlace (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
return RETURN_SUCCESS;
|
||||
}
|
|
@ -0,0 +1,41 @@
|
|||
## @file
|
||||
# Component description file for LockBox library.
|
||||
#
|
||||
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions
|
||||
# of the BSD License which accompanies this distribution. The
|
||||
# full text of the license may be found at
|
||||
# http://opensource.org/licenses/bsd-license.php
|
||||
#
|
||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#
|
||||
##
|
||||
|
||||
[Defines]
|
||||
INF_VERSION = 0x00010005
|
||||
BASE_NAME = LockBoxNullLib
|
||||
FILE_GUID = 0BA38EBD-E190-4df7-8EC4-0A6E2B43772D
|
||||
MODULE_TYPE = BASE
|
||||
VERSION_STRING = 1.0
|
||||
LIBRARY_CLASS = LockBoxLib|PEIM DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_DRIVER UEFI_APPLICATION DXE_SMM_DRIVER
|
||||
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
# VALID_ARCHITECTURES = IA32 X64
|
||||
#
|
||||
|
||||
[Sources]
|
||||
LockBoxNullLib.c
|
||||
|
||||
[Packages]
|
||||
MdePkg/MdePkg.dec
|
||||
MdeModulePkg/MdeModulePkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
BaseLib
|
||||
|
|
@ -0,0 +1,455 @@
|
|||
/** @file
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <PiDxe.h>
|
||||
#include <Library/UefiBootServicesTableLib.h>
|
||||
#include <Library/UefiRuntimeServicesTableLib.h>
|
||||
#include <Library/BaseLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
#include <Library/LockBoxLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Protocol/SmmCommunication.h>
|
||||
#include <Guid/SmmLockBox.h>
|
||||
|
||||
#include "SmmLockBoxLibPrivate.h"
|
||||
|
||||
/**
|
||||
This function will save confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the confidential information
|
||||
@param Length the length of the confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
|
||||
@retval RETURN_ALREADY_STARTED the requested GUID already exist.
|
||||
@retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SaveLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_SMM_COMMUNICATION_PROTOCOL *SmmCommunication;
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_SAVE *LockBoxParameterSave;
|
||||
EFI_SMM_COMMUNICATE_HEADER *CommHeader;
|
||||
UINT8 CommBuffer[sizeof(EFI_GUID) + sizeof(UINTN) + sizeof(EFI_SMM_LOCK_BOX_PARAMETER_SAVE)];
|
||||
UINTN CommSize;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib SaveLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Get needed resource
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiSmmCommunicationProtocolGuid,
|
||||
NULL,
|
||||
(VOID **)&SmmCommunication
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_NOT_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Prepare parameter
|
||||
//
|
||||
CommHeader = (EFI_SMM_COMMUNICATE_HEADER *)&CommBuffer[0];
|
||||
CopyMem (&CommHeader->HeaderGuid, &gEfiSmmLockBoxCommunicationGuid, sizeof(gEfiSmmLockBoxCommunicationGuid));
|
||||
CommHeader->MessageLength = sizeof(*LockBoxParameterSave);
|
||||
|
||||
LockBoxParameterSave = (EFI_SMM_LOCK_BOX_PARAMETER_SAVE *)&CommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)];
|
||||
LockBoxParameterSave->Header.Command = EFI_SMM_LOCK_BOX_COMMAND_SAVE;
|
||||
LockBoxParameterSave->Header.DataLength = sizeof(*LockBoxParameterSave);
|
||||
LockBoxParameterSave->Header.ReturnStatus = (UINT64)-1;
|
||||
CopyMem (&LockBoxParameterSave->Guid, Guid, sizeof(*Guid));
|
||||
LockBoxParameterSave->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;
|
||||
LockBoxParameterSave->Length = (UINT64)Length;
|
||||
|
||||
//
|
||||
// Send command
|
||||
//
|
||||
CommSize = sizeof(CommBuffer);
|
||||
Status = SmmCommunication->Communicate (
|
||||
SmmCommunication,
|
||||
&CommBuffer[0],
|
||||
&CommSize
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = (EFI_STATUS)LockBoxParameterSave->Header.ReturnStatus;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib SaveLockBox - Exit (%r)\n", Status));
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will set lockbox attributes.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Attributes the attributes of the lockbox
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER attributes is invalid.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SetLockBoxAttributes (
|
||||
IN GUID *Guid,
|
||||
IN UINT64 Attributes
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_SMM_COMMUNICATION_PROTOCOL *SmmCommunication;
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES *LockBoxParameterSetAttributes;
|
||||
EFI_SMM_COMMUNICATE_HEADER *CommHeader;
|
||||
UINT8 CommBuffer[sizeof(EFI_GUID) + sizeof(UINTN) + sizeof(EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES)];
|
||||
UINTN CommSize;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib SetLockBoxAttributes - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) ||
|
||||
((Attributes & ~LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0)) {
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Get needed resource
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiSmmCommunicationProtocolGuid,
|
||||
NULL,
|
||||
(VOID **)&SmmCommunication
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_NOT_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Prepare parameter
|
||||
//
|
||||
CommHeader = (EFI_SMM_COMMUNICATE_HEADER *)&CommBuffer[0];
|
||||
CopyMem (&CommHeader->HeaderGuid, &gEfiSmmLockBoxCommunicationGuid, sizeof(gEfiSmmLockBoxCommunicationGuid));
|
||||
CommHeader->MessageLength = sizeof(*LockBoxParameterSetAttributes);
|
||||
|
||||
LockBoxParameterSetAttributes = (EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES *)&CommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)];
|
||||
LockBoxParameterSetAttributes->Header.Command = EFI_SMM_LOCK_BOX_COMMAND_SET_ATTRIBUTES;
|
||||
LockBoxParameterSetAttributes->Header.DataLength = sizeof(*LockBoxParameterSetAttributes);
|
||||
LockBoxParameterSetAttributes->Header.ReturnStatus = (UINT64)-1;
|
||||
CopyMem (&LockBoxParameterSetAttributes->Guid, Guid, sizeof(*Guid));
|
||||
LockBoxParameterSetAttributes->Attributes = (UINT64)Attributes;
|
||||
|
||||
//
|
||||
// Send command
|
||||
//
|
||||
CommSize = sizeof(CommBuffer);
|
||||
Status = SmmCommunication->Communicate (
|
||||
SmmCommunication,
|
||||
&CommBuffer[0],
|
||||
&CommSize
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = (EFI_STATUS)LockBoxParameterSetAttributes->Header.ReturnStatus;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib SetLockBoxAttributes - Exit (%r)\n", Status));
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will update confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the original confidential information
|
||||
@param Offset the offset of the original confidential information
|
||||
@param Buffer the address of the updated confidential information
|
||||
@param Length the length of the updated confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
UpdateLockBox (
|
||||
IN GUID *Guid,
|
||||
IN UINTN Offset,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_SMM_COMMUNICATION_PROTOCOL *SmmCommunication;
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_UPDATE *LockBoxParameterUpdate;
|
||||
EFI_SMM_COMMUNICATE_HEADER *CommHeader;
|
||||
UINT8 CommBuffer[sizeof(EFI_GUID) + sizeof(UINTN) + sizeof(EFI_SMM_LOCK_BOX_PARAMETER_UPDATE)];
|
||||
UINTN CommSize;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib UpdateLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Get needed resource
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiSmmCommunicationProtocolGuid,
|
||||
NULL,
|
||||
(VOID **)&SmmCommunication
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_NOT_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Prepare parameter
|
||||
//
|
||||
CommHeader = (EFI_SMM_COMMUNICATE_HEADER *)&CommBuffer[0];
|
||||
CopyMem (&CommHeader->HeaderGuid, &gEfiSmmLockBoxCommunicationGuid, sizeof(gEfiSmmLockBoxCommunicationGuid));
|
||||
CommHeader->MessageLength = sizeof(*LockBoxParameterUpdate);
|
||||
|
||||
LockBoxParameterUpdate = (EFI_SMM_LOCK_BOX_PARAMETER_UPDATE *)(UINTN)&CommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)];
|
||||
LockBoxParameterUpdate->Header.Command = EFI_SMM_LOCK_BOX_COMMAND_UPDATE;
|
||||
LockBoxParameterUpdate->Header.DataLength = sizeof(*LockBoxParameterUpdate);
|
||||
LockBoxParameterUpdate->Header.ReturnStatus = (UINT64)-1;
|
||||
CopyMem (&LockBoxParameterUpdate->Guid, Guid, sizeof(*Guid));
|
||||
LockBoxParameterUpdate->Offset = (UINT64)Offset;
|
||||
LockBoxParameterUpdate->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;
|
||||
LockBoxParameterUpdate->Length = (UINT64)Length;
|
||||
|
||||
//
|
||||
// Send command
|
||||
//
|
||||
CommSize = sizeof(CommBuffer);
|
||||
Status = SmmCommunication->Communicate (
|
||||
SmmCommunication,
|
||||
&CommBuffer[0],
|
||||
&CommSize
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = (EFI_STATUS)LockBoxParameterUpdate->Header.ReturnStatus;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib UpdateLockBox - Exit (%r)\n", Status));
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the restored confidential information
|
||||
NULL means restored to original address, Length MUST be NULL at same time.
|
||||
@param Length the length of the restored confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
|
||||
@retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
|
||||
LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_ACCESS_DENIED not allow to restore to the address
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer, OPTIONAL
|
||||
IN OUT UINTN *Length OPTIONAL
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_SMM_COMMUNICATION_PROTOCOL *SmmCommunication;
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_RESTORE *LockBoxParameterRestore;
|
||||
EFI_SMM_COMMUNICATE_HEADER *CommHeader;
|
||||
UINT8 CommBuffer[sizeof(EFI_GUID) + sizeof(UINTN) + sizeof(EFI_SMM_LOCK_BOX_PARAMETER_RESTORE)];
|
||||
UINTN CommSize;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib RestoreLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) ||
|
||||
((Buffer == NULL) && (Length != NULL)) ||
|
||||
((Buffer != NULL) && (Length == NULL))) {
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Get needed resource
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiSmmCommunicationProtocolGuid,
|
||||
NULL,
|
||||
(VOID **)&SmmCommunication
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_NOT_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Prepare parameter
|
||||
//
|
||||
CommHeader = (EFI_SMM_COMMUNICATE_HEADER *)&CommBuffer[0];
|
||||
CopyMem (&CommHeader->HeaderGuid, &gEfiSmmLockBoxCommunicationGuid, sizeof(gEfiSmmLockBoxCommunicationGuid));
|
||||
CommHeader->MessageLength = sizeof(*LockBoxParameterRestore);
|
||||
|
||||
LockBoxParameterRestore = (EFI_SMM_LOCK_BOX_PARAMETER_RESTORE *)&CommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)];
|
||||
LockBoxParameterRestore->Header.Command = EFI_SMM_LOCK_BOX_COMMAND_RESTORE;
|
||||
LockBoxParameterRestore->Header.DataLength = sizeof(*LockBoxParameterRestore);
|
||||
LockBoxParameterRestore->Header.ReturnStatus = (UINT64)-1;
|
||||
CopyMem (&LockBoxParameterRestore->Guid, Guid, sizeof(*Guid));
|
||||
LockBoxParameterRestore->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;
|
||||
if (Length != NULL) {
|
||||
LockBoxParameterRestore->Length = (EFI_PHYSICAL_ADDRESS)*Length;
|
||||
} else {
|
||||
LockBoxParameterRestore->Length = 0;
|
||||
}
|
||||
|
||||
//
|
||||
// Send command
|
||||
//
|
||||
CommSize = sizeof(CommBuffer);
|
||||
Status = SmmCommunication->Communicate (
|
||||
SmmCommunication,
|
||||
&CommBuffer[0],
|
||||
&CommSize
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
if (Length != NULL) {
|
||||
*Length = (UINTN)LockBoxParameterRestore->Length;
|
||||
}
|
||||
|
||||
Status = (EFI_STATUS)LockBoxParameterRestore->Header.ReturnStatus;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib RestoreLockBox - Exit (%r)\n", Status));
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreAllLockBoxInPlace (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_SMM_COMMUNICATION_PROTOCOL *SmmCommunication;
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE *LockBoxParameterRestoreAllInPlace;
|
||||
EFI_SMM_COMMUNICATE_HEADER *CommHeader;
|
||||
UINT8 CommBuffer[sizeof(EFI_GUID) + sizeof(UINTN) + sizeof(EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE)];
|
||||
UINTN CommSize;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib RestoreAllLockBoxInPlace - Enter\n"));
|
||||
|
||||
//
|
||||
// Get needed resource
|
||||
//
|
||||
Status = gBS->LocateProtocol (
|
||||
&gEfiSmmCommunicationProtocolGuid,
|
||||
NULL,
|
||||
(VOID **)&SmmCommunication
|
||||
);
|
||||
if (EFI_ERROR (Status)) {
|
||||
return EFI_NOT_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Prepare parameter
|
||||
//
|
||||
CommHeader = (EFI_SMM_COMMUNICATE_HEADER *)&CommBuffer[0];
|
||||
CopyMem (&CommHeader->HeaderGuid, &gEfiSmmLockBoxCommunicationGuid, sizeof(gEfiSmmLockBoxCommunicationGuid));
|
||||
CommHeader->MessageLength = sizeof(*LockBoxParameterRestoreAllInPlace);
|
||||
|
||||
LockBoxParameterRestoreAllInPlace = (EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE *)&CommBuffer[OFFSET_OF (EFI_SMM_COMMUNICATE_HEADER, Data)];
|
||||
LockBoxParameterRestoreAllInPlace->Header.Command = EFI_SMM_LOCK_BOX_COMMAND_RESTORE_ALL_IN_PLACE;
|
||||
LockBoxParameterRestoreAllInPlace->Header.DataLength = sizeof(*LockBoxParameterRestoreAllInPlace);
|
||||
LockBoxParameterRestoreAllInPlace->Header.ReturnStatus = (UINT64)-1;
|
||||
|
||||
//
|
||||
// Send command
|
||||
//
|
||||
CommSize = sizeof(CommBuffer);
|
||||
Status = SmmCommunication->Communicate (
|
||||
SmmCommunication,
|
||||
&CommBuffer[0],
|
||||
&CommSize
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = (EFI_STATUS)LockBoxParameterRestoreAllInPlace->Header.ReturnStatus;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxDxeLib RestoreAllLockBoxInPlace - Exit (%r)\n", Status));
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
return Status;
|
||||
}
|
||||
|
|
@ -0,0 +1,50 @@
|
|||
## @file
|
||||
# Component description file for LockBox library.
|
||||
#
|
||||
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions
|
||||
# of the BSD License which accompanies this distribution. The
|
||||
# full text of the license may be found at
|
||||
# http://opensource.org/licenses/bsd-license.php
|
||||
#
|
||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#
|
||||
##
|
||||
|
||||
[Defines]
|
||||
INF_VERSION = 0x00010005
|
||||
BASE_NAME = SmmLockBoxDxeLib
|
||||
FILE_GUID = 4A0054B4-3CA8-4e1b-9339-9B58D5FBB7D2
|
||||
MODULE_TYPE = DXE_DRIVER
|
||||
VERSION_STRING = 1.0
|
||||
LIBRARY_CLASS = LockBoxLib|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_DRIVER UEFI_APPLICATION
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
# VALID_ARCHITECTURES = IA32 X64
|
||||
#
|
||||
|
||||
[Sources]
|
||||
SmmLockBoxDxeLib.c
|
||||
SmmLockBoxLibPrivate.h
|
||||
|
||||
[Packages]
|
||||
MdePkg/MdePkg.dec
|
||||
MdeModulePkg/MdeModulePkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
UefiBootServicesTableLib
|
||||
UefiRuntimeServicesTableLib
|
||||
BaseLib
|
||||
BaseMemoryLib
|
||||
DebugLib
|
||||
|
||||
[Guids]
|
||||
gEfiSmmLockBoxCommunicationGuid ## CONSUMED
|
||||
|
||||
[Protocols]
|
||||
gEfiSmmCommunicationProtocolGuid ## CONSUMED
|
|
@ -0,0 +1,54 @@
|
|||
/** @file
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#ifndef _SMM_LOCK_BOX_LIB_PRIVATE_H_
|
||||
#define _SMM_LOCK_BOX_LIB_PRIVATE_H_
|
||||
|
||||
#include <Uefi.h>
|
||||
|
||||
#pragma pack(push, 1)
|
||||
|
||||
//
|
||||
// Below data structure is used for lockbox registration in SMST
|
||||
//
|
||||
|
||||
#define SMM_LOCK_BOX_SIGNATURE_32 SIGNATURE_64 ('L','O','C','K','B','_','3','2')
|
||||
#define SMM_LOCK_BOX_SIGNATURE_64 SIGNATURE_64 ('L','O','C','K','B','_','6','4')
|
||||
|
||||
typedef struct {
|
||||
UINT64 Signature;
|
||||
EFI_PHYSICAL_ADDRESS LockBoxDataAddress;
|
||||
} SMM_LOCK_BOX_CONTEXT;
|
||||
|
||||
//
|
||||
// Below data structure is used for lockbox management
|
||||
//
|
||||
|
||||
#define SMM_LOCK_BOX_DATA_SIGNATURE SIGNATURE_64 ('L','O','C','K','B','O','X','D')
|
||||
|
||||
typedef struct {
|
||||
UINT64 Signature;
|
||||
EFI_GUID Guid;
|
||||
EFI_PHYSICAL_ADDRESS Buffer;
|
||||
UINT64 Length;
|
||||
UINT64 Attributes;
|
||||
EFI_PHYSICAL_ADDRESS SmramBuffer;
|
||||
LIST_ENTRY Link;
|
||||
} SMM_LOCK_BOX_DATA;
|
||||
|
||||
#pragma pack(pop)
|
||||
|
||||
#endif
|
||||
|
|
@ -0,0 +1,542 @@
|
|||
/** @file
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <PiSmm.h>
|
||||
#include <Library/SmmServicesTableLib.h>
|
||||
#include <Library/BaseLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
#include <Library/LockBoxLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Guid/SmmLockBox.h>
|
||||
|
||||
#include "SmmLockBoxLibPrivate.h"
|
||||
|
||||
/**
|
||||
We need handle this library carefully. Only one library instance will construct the environment.
|
||||
Below 2 global variable can only be used in constructor. They should NOT be used in any other library functions.
|
||||
**/
|
||||
SMM_LOCK_BOX_CONTEXT mSmmLockBoxContext;
|
||||
LIST_ENTRY mLockBoxQueue = INITIALIZE_LIST_HEAD_VARIABLE (mLockBoxQueue);
|
||||
|
||||
/**
|
||||
This function return SmmLockBox context from SMST.
|
||||
|
||||
@return SmmLockBox context from SMST.
|
||||
**/
|
||||
SMM_LOCK_BOX_CONTEXT *
|
||||
InternalGetSmmLockBoxContext (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
|
||||
//
|
||||
// Check if gEfiSmmLockBoxCommunicationGuid is installed by someone
|
||||
//
|
||||
for (Index = 0; Index < gSmst->NumberOfTableEntries; Index++) {
|
||||
if (CompareGuid (&gSmst->SmmConfigurationTable[Index].VendorGuid, &gEfiSmmLockBoxCommunicationGuid)) {
|
||||
//
|
||||
// Found. That means some other library instance is already run.
|
||||
// No need to install again, just return.
|
||||
//
|
||||
return (SMM_LOCK_BOX_CONTEXT *)gSmst->SmmConfigurationTable[Index].VendorTable;
|
||||
}
|
||||
}
|
||||
|
||||
//
|
||||
// Not found.
|
||||
//
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/**
|
||||
Constructor for SmmLockBox library.
|
||||
This is used to set SmmLockBox context, which will be used in PEI phase in S3 boot path later.
|
||||
|
||||
@param[in] ImageHandle Image handle of this driver.
|
||||
@param[in] SystemTable A Pointer to the EFI System Table.
|
||||
|
||||
@retval EFI_SUCEESS
|
||||
@return Others Some error occurs.
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SmmLockBoxSmmConstructuor (
|
||||
IN EFI_HANDLE ImageHandle,
|
||||
IN EFI_SYSTEM_TABLE *SystemTable
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Enter\n"));
|
||||
|
||||
//
|
||||
// Check if gEfiSmmLockBoxCommunicationGuid is installed by someone
|
||||
//
|
||||
SmmLockBoxContext = InternalGetSmmLockBoxContext ();
|
||||
if (SmmLockBoxContext != NULL) {
|
||||
//
|
||||
// Find it. That means some other library instance is already run.
|
||||
// No need to install again, just return.
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - already installed\n"));
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
//
|
||||
// If no one install this, it means this is first instance. Install it.
|
||||
//
|
||||
if (sizeof(UINTN) == sizeof(UINT64)) {
|
||||
mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_64;
|
||||
} else {
|
||||
mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_32;
|
||||
}
|
||||
mSmmLockBoxContext.LockBoxDataAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)&mLockBoxQueue;
|
||||
|
||||
Status = gSmst->SmmInstallConfigurationTable (
|
||||
gSmst,
|
||||
&gEfiSmmLockBoxCommunicationGuid,
|
||||
&mSmmLockBoxContext,
|
||||
sizeof(mSmmLockBoxContext)
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - %x\n", (UINTN)&mSmmLockBoxContext));
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib LockBoxDataAddress - %x\n", (UINTN)&mLockBoxQueue));
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));
|
||||
|
||||
return Status;
|
||||
}
|
||||
|
||||
/**
|
||||
This function return SmmLockBox queue address.
|
||||
|
||||
@return SmmLockBox queue address.
|
||||
**/
|
||||
LIST_ENTRY *
|
||||
InternalGetLockBoxQueue (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;
|
||||
|
||||
SmmLockBoxContext = InternalGetSmmLockBoxContext ();
|
||||
ASSERT (SmmLockBoxContext != NULL);
|
||||
if (SmmLockBoxContext == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
return (LIST_ENTRY *)(UINTN)SmmLockBoxContext->LockBoxDataAddress;
|
||||
}
|
||||
|
||||
/**
|
||||
This function find LockBox by GUID.
|
||||
|
||||
@param Guid The guid to indentify the LockBox
|
||||
|
||||
@return LockBoxData
|
||||
**/
|
||||
SMM_LOCK_BOX_DATA *
|
||||
InternalFindLockBoxByGuid (
|
||||
IN EFI_GUID *Guid
|
||||
)
|
||||
{
|
||||
LIST_ENTRY *Link;
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
LIST_ENTRY *LockBoxQueue;
|
||||
|
||||
LockBoxQueue = InternalGetLockBoxQueue ();
|
||||
ASSERT (LockBoxQueue != NULL);
|
||||
|
||||
for (Link = LockBoxQueue->ForwardLink;
|
||||
Link != LockBoxQueue;
|
||||
Link = Link->ForwardLink) {
|
||||
LockBox = BASE_CR (
|
||||
Link,
|
||||
SMM_LOCK_BOX_DATA,
|
||||
Link
|
||||
);
|
||||
if (CompareGuid (&LockBox->Guid, Guid)) {
|
||||
return LockBox;
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will save confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the confidential information
|
||||
@param Length the length of the confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
|
||||
@retval RETURN_ALREADY_STARTED the requested GUID already exist.
|
||||
@retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SaveLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
EFI_PHYSICAL_ADDRESS SmramBuffer;
|
||||
EFI_STATUS Status;
|
||||
LIST_ENTRY *LockBoxQueue;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Find LockBox
|
||||
//
|
||||
LockBox = InternalFindLockBoxByGuid (Guid);
|
||||
if (LockBox != NULL) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_ALREADY_STARTED));
|
||||
return EFI_ALREADY_STARTED;
|
||||
}
|
||||
|
||||
//
|
||||
// Allocate SMRAM buffer
|
||||
//
|
||||
Status = gSmst->SmmAllocatePages (
|
||||
AllocateAnyPages,
|
||||
EfiRuntimeServicesData,
|
||||
EFI_SIZE_TO_PAGES (Length),
|
||||
&SmramBuffer
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
if (EFI_ERROR (Status)) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));
|
||||
return EFI_OUT_OF_RESOURCES;
|
||||
}
|
||||
|
||||
//
|
||||
// Allocate LockBox
|
||||
//
|
||||
Status = gSmst->SmmAllocatePool (
|
||||
EfiRuntimeServicesData,
|
||||
sizeof(*LockBox),
|
||||
(VOID **)&LockBox
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
if (EFI_ERROR (Status)) {
|
||||
gSmst->SmmFreePages (SmramBuffer, EFI_SIZE_TO_PAGES (Length));
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));
|
||||
return EFI_OUT_OF_RESOURCES;
|
||||
}
|
||||
|
||||
//
|
||||
// Save data
|
||||
//
|
||||
CopyMem ((VOID *)(UINTN)SmramBuffer, (VOID *)(UINTN)Buffer, Length);
|
||||
|
||||
//
|
||||
// Insert LockBox to queue
|
||||
//
|
||||
LockBox->Signature = SMM_LOCK_BOX_DATA_SIGNATURE;
|
||||
CopyMem (&LockBox->Guid, Guid, sizeof(EFI_GUID));
|
||||
LockBox->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;
|
||||
LockBox->Length = (UINT64)Length;
|
||||
LockBox->SmramBuffer = SmramBuffer;
|
||||
|
||||
LockBoxQueue = InternalGetLockBoxQueue ();
|
||||
ASSERT (LockBoxQueue != NULL);
|
||||
InsertTailList (LockBoxQueue, &LockBox->Link);
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_SUCCESS));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will set lockbox attributes.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Attributes the attributes of the lockbox
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER attributes is invalid.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
SetLockBoxAttributes (
|
||||
IN GUID *Guid,
|
||||
IN UINT64 Attributes
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) ||
|
||||
((Attributes & ~LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0)) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_INVALID_PARAMETER));
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Find LockBox
|
||||
//
|
||||
LockBox = InternalFindLockBoxByGuid (Guid);
|
||||
if (LockBox == NULL) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_NOT_FOUND));
|
||||
return EFI_NOT_FOUND;
|
||||
}
|
||||
|
||||
//
|
||||
// Update data
|
||||
//
|
||||
LockBox->Attributes = Attributes;
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_SUCCESS));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will update confidential information to lockbox.
|
||||
|
||||
@param Guid the guid to identify the original confidential information
|
||||
@param Offset the offset of the original confidential information
|
||||
@param Buffer the address of the updated confidential information
|
||||
@param Length the length of the updated confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is saved successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
|
||||
@retval RETURN_ACCESS_DENIED it is too late to invoke this interface
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
UpdateLockBox (
|
||||
IN GUID *Guid,
|
||||
IN UINTN Offset,
|
||||
IN VOID *Buffer,
|
||||
IN UINTN Length
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Basic check
|
||||
//
|
||||
if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Find LockBox
|
||||
//
|
||||
LockBox = InternalFindLockBoxByGuid (Guid);
|
||||
if (LockBox == NULL) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_NOT_FOUND));
|
||||
return EFI_NOT_FOUND;
|
||||
}
|
||||
|
||||
//
|
||||
// Update data
|
||||
//
|
||||
if (LockBox->Length < Offset + Length) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));
|
||||
return EFI_BUFFER_TOO_SMALL;
|
||||
}
|
||||
CopyMem ((VOID *)((UINTN)LockBox->SmramBuffer + Offset), Buffer, Length);
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_SUCCESS));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from lockbox.
|
||||
|
||||
@param Guid the guid to identify the confidential information
|
||||
@param Buffer the address of the restored confidential information
|
||||
NULL means restored to original address, Length MUST be NULL at same time.
|
||||
@param Length the length of the restored confidential information
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
|
||||
@retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
|
||||
LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
|
||||
@retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
|
||||
@retval RETURN_NOT_FOUND the requested GUID not found.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_ACCESS_DENIED not allow to restore to the address
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreLockBox (
|
||||
IN GUID *Guid,
|
||||
IN VOID *Buffer, OPTIONAL
|
||||
IN OUT UINTN *Length OPTIONAL
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
VOID *RestoreBuffer;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Enter\n"));
|
||||
|
||||
//
|
||||
// Restore this, Buffer and Length MUST be both NULL or both non-NULL
|
||||
//
|
||||
if ((Guid == NULL) ||
|
||||
((Buffer == NULL) && (Length != NULL)) ||
|
||||
((Buffer != NULL) && (Length == NULL))) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
|
||||
return EFI_INVALID_PARAMETER;
|
||||
}
|
||||
|
||||
//
|
||||
// Find LockBox
|
||||
//
|
||||
LockBox = InternalFindLockBoxByGuid (Guid);
|
||||
if (LockBox == NULL) {
|
||||
//
|
||||
// Not found
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_NOT_FOUND));
|
||||
return EFI_NOT_FOUND;
|
||||
}
|
||||
|
||||
//
|
||||
// Set RestoreBuffer
|
||||
//
|
||||
if (Buffer != NULL) {
|
||||
//
|
||||
// restore to new buffer
|
||||
//
|
||||
RestoreBuffer = Buffer;
|
||||
} else {
|
||||
//
|
||||
// restore to original buffer
|
||||
//
|
||||
if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) == 0) {
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_WRITE_PROTECTED));
|
||||
return EFI_WRITE_PROTECTED;
|
||||
}
|
||||
RestoreBuffer = (VOID *)(UINTN)LockBox->Buffer;
|
||||
}
|
||||
|
||||
//
|
||||
// Set RestoreLength
|
||||
//
|
||||
if (Length != NULL) {
|
||||
if (*Length < (UINTN)LockBox->Length) {
|
||||
//
|
||||
// Input buffer is too small to hold all data.
|
||||
//
|
||||
*Length = (UINTN)LockBox->Length;
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));
|
||||
return EFI_BUFFER_TOO_SMALL;
|
||||
}
|
||||
*Length = (UINTN)LockBox->Length;
|
||||
}
|
||||
|
||||
//
|
||||
// Restore data
|
||||
//
|
||||
CopyMem (RestoreBuffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);
|
||||
|
||||
//
|
||||
// Done
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_SUCCESS));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
|
||||
|
||||
@retval RETURN_SUCCESS the information is restored successfully.
|
||||
@retval RETURN_NOT_STARTED it is too early to invoke this interface
|
||||
@retval RETURN_UNSUPPORTED the service is not supported by implementaion.
|
||||
**/
|
||||
RETURN_STATUS
|
||||
EFIAPI
|
||||
RestoreAllLockBoxInPlace (
|
||||
VOID
|
||||
)
|
||||
{
|
||||
SMM_LOCK_BOX_DATA *LockBox;
|
||||
LIST_ENTRY *Link;
|
||||
LIST_ENTRY *LockBoxQueue;
|
||||
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Enter\n"));
|
||||
|
||||
LockBoxQueue = InternalGetLockBoxQueue ();
|
||||
ASSERT (LockBoxQueue != NULL);
|
||||
|
||||
//
|
||||
// Restore all, Buffer and Length MUST be NULL
|
||||
//
|
||||
for (Link = LockBoxQueue->ForwardLink;
|
||||
Link != LockBoxQueue;
|
||||
Link = Link->ForwardLink) {
|
||||
LockBox = BASE_CR (
|
||||
Link,
|
||||
SMM_LOCK_BOX_DATA,
|
||||
Link
|
||||
);
|
||||
if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0) {
|
||||
//
|
||||
// Restore data
|
||||
//
|
||||
CopyMem ((VOID *)(UINTN)LockBox->Buffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);
|
||||
}
|
||||
}
|
||||
//
|
||||
// Done
|
||||
//
|
||||
DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Exit (%r)\n", EFI_SUCCESS));
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
|
@ -0,0 +1,46 @@
|
|||
## @file
|
||||
# Component description file for LockBox library.
|
||||
#
|
||||
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions
|
||||
# of the BSD License which accompanies this distribution. The
|
||||
# full text of the license may be found at
|
||||
# http://opensource.org/licenses/bsd-license.php
|
||||
#
|
||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#
|
||||
##
|
||||
|
||||
[Defines]
|
||||
INF_VERSION = 0x00010005
|
||||
BASE_NAME = SmmLockBoxSmmLib
|
||||
FILE_GUID = E04894D6-290D-4171-A362-0ACFD939F3C8
|
||||
MODULE_TYPE = DXE_SMM_DRIVER
|
||||
VERSION_STRING = 1.0
|
||||
LIBRARY_CLASS = LockBoxLib|DXE_SMM_DRIVER
|
||||
CONSTRUCTOR = SmmLockBoxSmmConstructuor
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
# VALID_ARCHITECTURES = IA32 X64
|
||||
#
|
||||
|
||||
[Sources]
|
||||
SmmLockBoxSmmLib.c
|
||||
SmmLockBoxLibPrivate.h
|
||||
|
||||
[Packages]
|
||||
MdePkg/MdePkg.dec
|
||||
MdeModulePkg/MdeModulePkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
SmmServicesTableLib
|
||||
BaseLib
|
||||
DebugLib
|
||||
|
||||
[Guids]
|
||||
gEfiSmmLockBoxCommunicationGuid ## COMSUMED
|
|
@ -185,6 +185,9 @@
|
|||
## Include/Guid/RecoveryDevice.h
|
||||
gRecoveryOnDataCdGuid = { 0x5CAC0099, 0x0DC9, 0x48E5, { 0x80, 0x68, 0xBB, 0x95, 0xF5, 0x40, 0x0A, 0x9F }}
|
||||
|
||||
## Include/Guid/SmmLockBox.h
|
||||
gEfiSmmLockBoxCommunicationGuid = { 0x2a3cfebd, 0x27e8, 0x4d0a, { 0x8b, 0x79, 0xd6, 0x88, 0xc2, 0xa3, 0xe1, 0xc0 }}
|
||||
|
||||
[Ppis]
|
||||
## Include/Ppi/AtaController.h
|
||||
gPeiAtaControllerPpiGuid = { 0xa45e60d1, 0xc719, 0x44aa, { 0xb0, 0x7a, 0xaa, 0x77, 0x7f, 0x85, 0x90, 0x6d }}
|
||||
|
@ -255,6 +258,10 @@
|
|||
## This protocol allows the error level mask for DEBUG() macros to be adjusted for DXE Phase modules
|
||||
# Include/Guid/DebugMask.h
|
||||
gEfiDebugMaskProtocolGuid = { 0x4c8a2451, 0xc207, 0x405b, {0x96, 0x94, 0x99, 0xea, 0x13, 0x25, 0x13, 0x41} }
|
||||
|
||||
## Include/Protocol/LockBox.h
|
||||
gEfiLockBoxProtocolGuid = { 0xbd445d79, 0xb7ad, 0x4f04, { 0x9a, 0xd8, 0x29, 0xbd, 0x20, 0x40, 0xeb, 0x3c }}
|
||||
|
||||
[PcdsFeatureFlag]
|
||||
## Indicate whether platform can support update capsule across a system reset
|
||||
gEfiMdeModulePkgTokenSpaceGuid.PcdSupportUpdateCapsuleReset|FALSE|BOOLEAN|0x0001001d
|
||||
|
|
|
@ -107,12 +107,14 @@
|
|||
|
||||
[LibraryClasses.common.DXE_DRIVER]
|
||||
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
|
||||
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||
|
||||
[LibraryClasses.common.DXE_RUNTIME_DRIVER]
|
||||
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||
DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
|
||||
|
||||
[LibraryClasses.common.SMM_CORE]
|
||||
MemoryAllocationLib|MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
|
||||
|
@ -123,11 +125,13 @@
|
|||
DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||
MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
|
||||
SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
|
||||
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
|
||||
|
||||
[LibraryClasses.common.UEFI_DRIVER]
|
||||
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||
MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
|
||||
DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
|
||||
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
|
||||
|
||||
[LibraryClasses.common.UEFI_APPLICATION]
|
||||
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
|
||||
|
@ -232,6 +236,8 @@
|
|||
MdeModulePkg/Library/BaseSerialPortLib16550/BaseSerialPortLib16550.inf
|
||||
MdeModulePkg/Library/BasePlatformHookLibNull/BasePlatformHookLibNull.inf
|
||||
MdeModulePkg/Library/DxeDebugPrintErrorLevelLib/DxeDebugPrintErrorLevelLib.inf
|
||||
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.inf
|
||||
MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
|
||||
|
||||
MdeModulePkg/Universal/CapsulePei/CapsulePei.inf
|
||||
MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
|
||||
|
@ -309,6 +315,7 @@
|
|||
MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf
|
||||
MdeModulePkg/Universal/StatusCodeHandler/Smm/StatusCodeHandlerSmm.inf
|
||||
MdeModulePkg/Universal/ReportStatusCodeRouter/Smm/ReportStatusCodeRouterSmm.inf
|
||||
MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf
|
||||
MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.inf
|
||||
MdeModulePkg/Library/SmmPerformanceLib/SmmPerformanceLib.inf
|
||||
MdeModulePkg/Library/DxeSmmPerformanceLib/DxeSmmPerformanceLib.inf
|
||||
|
|
|
@ -0,0 +1,373 @@
|
|||
/** @file
|
||||
|
||||
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions
|
||||
of the BSD License which accompanies this distribution. The
|
||||
full text of the license may be found at
|
||||
http://opensource.org/licenses/bsd-license.php
|
||||
|
||||
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
|
||||
**/
|
||||
|
||||
#include <PiSmm.h>
|
||||
#include <Library/UefiDriverEntryPoint.h>
|
||||
#include <Library/UefiBootServicesTableLib.h>
|
||||
#include <Library/UefiRuntimeServicesTableLib.h>
|
||||
#include <Library/SmmServicesTableLib.h>
|
||||
#include <Library/BaseLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Library/LockBoxLib.h>
|
||||
#include <Protocol/SmmReadyToLock.h>
|
||||
#include <Protocol/SmmCommunication.h>
|
||||
#include <Protocol/SmmAccess2.h>
|
||||
#include <Protocol/LockBox.h>
|
||||
#include <Guid/SmmLockBox.h>
|
||||
|
||||
BOOLEAN mLocked = FALSE;
|
||||
|
||||
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
|
||||
UINTN mSmramRangeCount;
|
||||
|
||||
/**
|
||||
This function check if the address is in SMRAM.
|
||||
|
||||
@param Buffer the buffer address to be checked.
|
||||
@param Length the buffer length to be checked.
|
||||
|
||||
@retval TRUE this address is in SMRAM.
|
||||
@retval FALSE this address is NOT in SMRAM.
|
||||
**/
|
||||
BOOLEAN
|
||||
IsAddressInSmram (
|
||||
IN EFI_PHYSICAL_ADDRESS Buffer,
|
||||
IN UINT64 Length
|
||||
)
|
||||
{
|
||||
UINTN Index;
|
||||
|
||||
for (Index = 0; Index < mSmramRangeCount; Index ++) {
|
||||
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
|
||||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
|
||||
return TRUE;
|
||||
}
|
||||
}
|
||||
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for SMM lock box save.
|
||||
|
||||
@param LockBoxParameterSave parameter of lock box save
|
||||
**/
|
||||
VOID
|
||||
SmmLockBoxSave (
|
||||
IN EFI_SMM_LOCK_BOX_PARAMETER_SAVE *LockBoxParameterSave
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
|
||||
//
|
||||
// Sanity check
|
||||
//
|
||||
if (mLocked) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox Locked!\n"));
|
||||
LockBoxParameterSave->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Save data
|
||||
//
|
||||
Status = SaveLockBox (
|
||||
&LockBoxParameterSave->Guid,
|
||||
(VOID *)(UINTN)LockBoxParameterSave->Buffer,
|
||||
(UINTN)LockBoxParameterSave->Length
|
||||
);
|
||||
LockBoxParameterSave->Header.ReturnStatus = (UINT64)Status;
|
||||
return ;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for SMM lock box set attributes.
|
||||
|
||||
@param LockBoxParameterSetAttributes parameter of lock box set attributes
|
||||
**/
|
||||
VOID
|
||||
SmmLockBoxSetAttributes (
|
||||
IN EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES *LockBoxParameterSetAttributes
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
|
||||
//
|
||||
// Sanity check
|
||||
//
|
||||
if (mLocked) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox Locked!\n"));
|
||||
LockBoxParameterSetAttributes->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Update data
|
||||
//
|
||||
Status = SetLockBoxAttributes (
|
||||
&LockBoxParameterSetAttributes->Guid,
|
||||
LockBoxParameterSetAttributes->Attributes
|
||||
);
|
||||
LockBoxParameterSetAttributes->Header.ReturnStatus = (UINT64)Status;
|
||||
return ;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for SMM lock box update.
|
||||
|
||||
@param LockBoxParameterUpdate parameter of lock box update
|
||||
**/
|
||||
VOID
|
||||
SmmLockBoxUpdate (
|
||||
IN EFI_SMM_LOCK_BOX_PARAMETER_UPDATE *LockBoxParameterUpdate
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
|
||||
//
|
||||
// Sanity check
|
||||
//
|
||||
if (mLocked) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox Locked!\n"));
|
||||
LockBoxParameterUpdate->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Update data
|
||||
//
|
||||
Status = UpdateLockBox (
|
||||
&LockBoxParameterUpdate->Guid,
|
||||
(UINTN)LockBoxParameterUpdate->Offset,
|
||||
(VOID *)(UINTN)LockBoxParameterUpdate->Buffer,
|
||||
(UINTN)LockBoxParameterUpdate->Length
|
||||
);
|
||||
LockBoxParameterUpdate->Header.ReturnStatus = (UINT64)Status;
|
||||
return ;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for SMM lock box restore.
|
||||
|
||||
@param LockBoxParameterRestore parameter of lock box restore
|
||||
**/
|
||||
VOID
|
||||
SmmLockBoxRestore (
|
||||
IN EFI_SMM_LOCK_BOX_PARAMETER_RESTORE *LockBoxParameterRestore
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
|
||||
//
|
||||
// Sanity check
|
||||
//
|
||||
if (IsAddressInSmram (LockBoxParameterRestore->Buffer, LockBoxParameterRestore->Length)) {
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox Restore address in SMRAM!\n"));
|
||||
LockBoxParameterRestore->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
|
||||
return ;
|
||||
}
|
||||
|
||||
//
|
||||
// Restore data
|
||||
//
|
||||
Status = RestoreLockBox (
|
||||
&LockBoxParameterRestore->Guid,
|
||||
(VOID *)(UINTN)LockBoxParameterRestore->Buffer,
|
||||
(UINTN *)&LockBoxParameterRestore->Length
|
||||
);
|
||||
LockBoxParameterRestore->Header.ReturnStatus = (UINT64)Status;
|
||||
return ;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for SMM lock box restore all in place.
|
||||
|
||||
@param LockBoxParameterRestoreAllInPlace parameter of lock box restore all in place
|
||||
**/
|
||||
VOID
|
||||
SmmLockBoxRestoreAllInPlace (
|
||||
IN EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE *LockBoxParameterRestoreAllInPlace
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
|
||||
Status = RestoreAllLockBoxInPlace ();
|
||||
LockBoxParameterRestoreAllInPlace->Header.ReturnStatus = (UINT64)Status;
|
||||
return ;
|
||||
}
|
||||
|
||||
/**
|
||||
Dispatch function for a Software SMI handler.
|
||||
|
||||
@param DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().
|
||||
@param Context Points to an optional handler context which was specified when the
|
||||
handler was registered.
|
||||
@param CommBuffer A pointer to a collection of data in memory that will
|
||||
be conveyed from a non-SMM environment into an SMM environment.
|
||||
@param CommBufferSize The size of the CommBuffer.
|
||||
|
||||
@retval EFI_SUCCESS Command is handled successfully.
|
||||
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SmmLockBoxHandler (
|
||||
IN EFI_HANDLE DispatchHandle,
|
||||
IN CONST VOID *Context OPTIONAL,
|
||||
IN OUT VOID *CommBuffer OPTIONAL,
|
||||
IN OUT UINTN *CommBufferSize OPTIONAL
|
||||
)
|
||||
{
|
||||
EFI_SMM_LOCK_BOX_PARAMETER_HEADER *LockBoxParameterHeader;
|
||||
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox SmmLockBoxHandler Enter\n"));
|
||||
|
||||
LockBoxParameterHeader = (EFI_SMM_LOCK_BOX_PARAMETER_HEADER *)((UINTN)CommBuffer);
|
||||
|
||||
LockBoxParameterHeader->ReturnStatus = (UINT64)-1;
|
||||
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox LockBoxParameterHeader - %x\n", (UINTN)LockBoxParameterHeader));
|
||||
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox Command - %x\n", (UINTN)LockBoxParameterHeader->Command));
|
||||
|
||||
switch (LockBoxParameterHeader->Command) {
|
||||
case EFI_SMM_LOCK_BOX_COMMAND_SAVE:
|
||||
SmmLockBoxSave ((EFI_SMM_LOCK_BOX_PARAMETER_SAVE *)(UINTN)LockBoxParameterHeader);
|
||||
break;
|
||||
case EFI_SMM_LOCK_BOX_COMMAND_UPDATE:
|
||||
SmmLockBoxUpdate ((EFI_SMM_LOCK_BOX_PARAMETER_UPDATE *)(UINTN)LockBoxParameterHeader);
|
||||
break;
|
||||
case EFI_SMM_LOCK_BOX_COMMAND_RESTORE:
|
||||
SmmLockBoxRestore ((EFI_SMM_LOCK_BOX_PARAMETER_RESTORE *)(UINTN)LockBoxParameterHeader);
|
||||
break;
|
||||
case EFI_SMM_LOCK_BOX_COMMAND_SET_ATTRIBUTES:
|
||||
SmmLockBoxSetAttributes ((EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES *)(UINTN)LockBoxParameterHeader);
|
||||
break;
|
||||
case EFI_SMM_LOCK_BOX_COMMAND_RESTORE_ALL_IN_PLACE:
|
||||
SmmLockBoxRestoreAllInPlace ((EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE *)(UINTN)LockBoxParameterHeader);
|
||||
break;
|
||||
default:
|
||||
break;
|
||||
}
|
||||
|
||||
LockBoxParameterHeader->Command = (UINT32)-1;
|
||||
|
||||
DEBUG ((EFI_D_ERROR, "SmmLockBox SmmLockBoxHandler Exit\n"));
|
||||
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
Smm Ready To Lock event notification handler.
|
||||
|
||||
It sets a flag indicating that SMRAM has been locked.
|
||||
|
||||
@param[in] Protocol Points to the protocol's unique identifier.
|
||||
@param[in] Interface Points to the interface instance.
|
||||
@param[in] Handle The handle on which the interface was installed.
|
||||
|
||||
@retval EFI_SUCCESS Notification handler runs successfully.
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SmmReadyToLockEventNotify (
|
||||
IN CONST EFI_GUID *Protocol,
|
||||
IN VOID *Interface,
|
||||
IN EFI_HANDLE Handle
|
||||
)
|
||||
{
|
||||
mLocked = TRUE;
|
||||
return EFI_SUCCESS;
|
||||
}
|
||||
|
||||
/**
|
||||
Entry Point for LockBox SMM driver.
|
||||
|
||||
@param[in] ImageHandle Image handle of this driver.
|
||||
@param[in] SystemTable A Pointer to the EFI System Table.
|
||||
|
||||
@retval EFI_SUCEESS
|
||||
@return Others Some error occurs.
|
||||
**/
|
||||
EFI_STATUS
|
||||
EFIAPI
|
||||
SmmLockBoxEntryPoint (
|
||||
IN EFI_HANDLE ImageHandle,
|
||||
IN EFI_SYSTEM_TABLE *SystemTable
|
||||
)
|
||||
{
|
||||
EFI_STATUS Status;
|
||||
EFI_HANDLE DispatchHandle;
|
||||
VOID *Registration;
|
||||
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
|
||||
UINTN Size;
|
||||
|
||||
//
|
||||
// Get SMRAM information
|
||||
//
|
||||
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Size = 0;
|
||||
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
|
||||
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
|
||||
|
||||
Status = gSmst->SmmAllocatePool (
|
||||
EfiRuntimeServicesData,
|
||||
Size,
|
||||
(VOID **)&mSmramRanges
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
|
||||
|
||||
//
|
||||
// Register LockBox communication handler
|
||||
//
|
||||
Status = gSmst->SmiHandlerRegister (
|
||||
SmmLockBoxHandler,
|
||||
&gEfiSmmLockBoxCommunicationGuid,
|
||||
&DispatchHandle
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
//
|
||||
// Register SMM Ready To Lock Protocol notification
|
||||
//
|
||||
Status = gSmst->SmmRegisterProtocolNotify (
|
||||
&gEfiSmmReadyToLockProtocolGuid,
|
||||
SmmReadyToLockEventNotify,
|
||||
&Registration
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
//
|
||||
// Install NULL to DXE data base as notify
|
||||
//
|
||||
ImageHandle = NULL;
|
||||
Status = gBS->InstallProtocolInterface (
|
||||
&ImageHandle,
|
||||
&gEfiLockBoxProtocolGuid,
|
||||
EFI_NATIVE_INTERFACE,
|
||||
NULL
|
||||
);
|
||||
ASSERT_EFI_ERROR (Status);
|
||||
|
||||
return Status;
|
||||
}
|
|
@ -0,0 +1,59 @@
|
|||
## @file
|
||||
# Component description file for LockBox SMM driver.
|
||||
#
|
||||
# Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions
|
||||
# of the BSD License which accompanies this distribution. The
|
||||
# full text of the license may be found at
|
||||
# http://opensource.org/licenses/bsd-license.php
|
||||
#
|
||||
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
|
||||
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#
|
||||
##
|
||||
|
||||
[Defines]
|
||||
INF_VERSION = 0x00010005
|
||||
BASE_NAME = SmmLockBox
|
||||
FILE_GUID = 33FB3535-F15E-4c17-B303-5EB94595ECB6
|
||||
MODULE_TYPE = DXE_SMM_DRIVER
|
||||
VERSION_STRING = 1.0
|
||||
PI_SPECIFICATION_VERSION = 0x0001000A
|
||||
ENTRY_POINT = SmmLockBoxEntryPoint
|
||||
|
||||
#
|
||||
# The following information is for reference only and not required by the build tools.
|
||||
#
|
||||
# VALID_ARCHITECTURES = IA32 X64
|
||||
#
|
||||
|
||||
[Sources]
|
||||
SmmLockBox.c
|
||||
|
||||
[Packages]
|
||||
MdePkg/MdePkg.dec
|
||||
MdeModulePkg/MdeModulePkg.dec
|
||||
|
||||
[LibraryClasses]
|
||||
UefiDriverEntryPoint
|
||||
UefiBootServicesTableLib
|
||||
UefiRuntimeServicesTableLib
|
||||
SmmServicesTableLib
|
||||
BaseLib
|
||||
BaseMemoryLib
|
||||
DebugLib
|
||||
LockBoxLib
|
||||
|
||||
[Guids]
|
||||
gEfiSmmLockBoxCommunicationGuid ## PRODUCED
|
||||
|
||||
[Protocols]
|
||||
gEfiSmmReadyToLockProtocolGuid ## CONSUMED
|
||||
gEfiSmmAccess2ProtocolGuid ## CONSUMED
|
||||
gEfiLockBoxProtocolGuid ## PRODUCED
|
||||
|
||||
[Depex]
|
||||
gEfiSmmSwDispatch2ProtocolGuid
|
||||
|
Loading…
Reference in New Issue