tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg Variable: Consume the separated VarCheckLib 

Since the variable check service has be separated to VarCheckLib
from Variable driver, so update Variable driver to consume the
separated VarCheckLib.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18286 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Star Zeng 2015-08-25 03:01:56 +00:00 committed by lzeng14
parent 3b01413759
commit 8021f4c716
8 changed files with 108 additions and 1415 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
MdeModulePkg/MdeModulePkg.dsc
View File

@ -97,6 +97,7 @@
PlatformBootManagerLib|MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLibNull.inf
TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
[LibraryClasses.EBC.PEIM]
IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf
@ -277,6 +278,8 @@
MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLibNull.inf
MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf
@ -369,13 +372,19 @@
MdeModulePkg/Universal/EbcDxe/EbcDxe.inf
[Components.IA32, Components.X64, Components.Ebc]
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
}
MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariableRuntimeDxe.inf
[Components.IA32, Components.X64]
MdeModulePkg/Core/PiSmmCore/PiSmmIpl.inf
MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {
<LibraryClasses>
NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
}
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
MdeModulePkg/Library/SmmReportStatusCodeLib/SmmReportStatusCodeLib.inf
MdeModulePkg/Universal/StatusCodeHandler/Smm/StatusCodeHandlerSmm.inf

1119
MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c
View File

File diff suppressed because it is too large Load Diff

193
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
View File

@ -41,21 +41,16 @@ VARIABLE_STORE_HEADER *mNvVariableCache = NULL;
///
VARIABLE_INFO_ENTRY *gVariableInfo = NULL;
///
/// The list to store the variables which cannot be set after the EFI_END_OF_DXE_EVENT_GROUP_GUID
/// or EVT_GROUP_READY_TO_BOOT event.
///
LIST_ENTRY mLockedVariableList = INITIALIZE_LIST_HEAD_VARIABLE (mLockedVariableList);
///
/// The flag to indicate whether the platform has left the DXE phase of execution.
///
BOOLEAN mEndOfDxe = FALSE;
///
/// The flag to indicate whether the variable storage locking is enabled.
/// It indicates the var check request source.
/// In the implementation, DXE is regarded as untrusted, and SMM is trusted.
///
BOOLEAN mEnableLocking = TRUE;
VAR_CHECK_REQUEST_SOURCE mRequestSource = VarCheckFromUntrusted;
//
// It will record the current boot error flag before EndOfDxe.
@ -76,7 +71,7 @@ VARIABLE_ENTRY_PROPERTY mVariableEntryProperty[] = {
},
};
AUTH_VAR_LIB_CONTEXT_IN mContextIn = {
AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {
AUTH_VAR_LIB_CONTEXT_IN_STRUCT_VERSION,
//
// StructSize, TO BE FILLED
@ -94,7 +89,7 @@ AUTH_VAR_LIB_CONTEXT_IN mContextIn = {
VariableExLibAtRuntime,
};
AUTH_VAR_LIB_CONTEXT_OUT mContextOut;
AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;
/**
@ -878,7 +873,7 @@ IsUserVariable (
// then no need to check if the variable is user variable or not specially.
//
if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {
if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
return TRUE;
}
}
@ -910,7 +905,7 @@ CalculateCommonUserVariableTotalSize (
NextVariable = GetNextVariablePtr (Variable);
VariableSize = (UINTN) NextVariable - (UINTN) Variable;
if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
if (InternalVarCheckVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
//
// No property, it is user variable.
//
@ -932,12 +927,9 @@ InitializeVariableQuota (
VOID
)
{
STATIC BOOLEAN Initialized;
if (!mEndOfDxe || Initialized) {
if (!mEndOfDxe) {
return;
}
Initialized = TRUE;
InitializeVarErrorFlag ();
CalculateCommonUserVariableTotalSize ();
@ -2769,131 +2761,6 @@ Done:
return Status;
}
/**
Check if a Unicode character is a hexadecimal character.
This function checks if a Unicode character is a
hexadecimal character. The valid hexadecimal character is
L'0' to L'9', L'a' to L'f', or L'A' to L'F'.
@param Char The character to check against.
@retval TRUE If the Char is a hexadecmial character.
@retval FALSE If the Char is not a hexadecmial character.
**/
BOOLEAN
EFIAPI
IsHexaDecimalDigitCharacter (
IN CHAR16 Char
)
{
return (BOOLEAN) ((Char >= L'0' && Char <= L'9') || (Char >= L'A' && Char <= L'F') || (Char >= L'a' && Char <= L'f'));
}
/**
This code checks if variable is hardware error record variable or not.
According to UEFI spec, hardware error record variable should use the EFI_HARDWARE_ERROR_VARIABLE VendorGuid
and have the L"HwErrRec####" name convention, #### is a printed hex value and no 0x or h is included in the hex value.
@param VariableName Pointer to variable name.
@param VendorGuid Variable Vendor Guid.
@retval TRUE Variable is hardware error record variable.
@retval FALSE Variable is not hardware error record variable.
**/
BOOLEAN
EFIAPI
IsHwErrRecVariable (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
)
{
if (!CompareGuid (VendorGuid, &gEfiHardwareErrorVariableGuid) ||
(StrLen (VariableName) != StrLen (L"HwErrRec####")) ||
(StrnCmp(VariableName, L"HwErrRec", StrLen (L"HwErrRec")) != 0) ||
!IsHexaDecimalDigitCharacter (VariableName[0x8]) ||
!IsHexaDecimalDigitCharacter (VariableName[0x9]) ||
!IsHexaDecimalDigitCharacter (VariableName[0xA]) ||
!IsHexaDecimalDigitCharacter (VariableName[0xB])) {
return FALSE;
}
return TRUE;
}
/**
Mark a variable that will become read-only after leaving the DXE phase of execution.
@param[in] This The VARIABLE_LOCK_PROTOCOL instance.
@param[in] VariableName A pointer to the variable name that will be made read-only subsequently.
@param[in] VendorGuid A pointer to the vendor GUID that will be made read-only subsequently.
@retval EFI_SUCCESS The variable specified by the VariableName and the VendorGuid was marked
as pending to be read-only.
@retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
Or VariableName is an empty string.
@retval EFI_ACCESS_DENIED EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVENT_GROUP_READY_TO_BOOT has
already been signaled.
@retval EFI_OUT_OF_RESOURCES There is not enough resource to hold the lock request.
**/
EFI_STATUS
EFIAPI
VariableLockRequestToLock (
IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid
)
{
VARIABLE_ENTRY *Entry;
CHAR16 *Name;
LIST_ENTRY *Link;
VARIABLE_ENTRY *LockedEntry;
if (VariableName == NULL || VariableName[0] == 0 || VendorGuid == NULL) {
return EFI_INVALID_PARAMETER;
}
if (mEndOfDxe) {
return EFI_ACCESS_DENIED;
}
Entry = AllocateRuntimeZeroPool (sizeof (*Entry) + StrSize (VariableName));
if (Entry == NULL) {
return EFI_OUT_OF_RESOURCES;
}
DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s\n", VendorGuid, VariableName));
AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
for ( Link = GetFirstNode (&mLockedVariableList)
; !IsNull (&mLockedVariableList, Link)
; Link = GetNextNode (&mLockedVariableList, Link)
) {
LockedEntry = BASE_CR (Link, VARIABLE_ENTRY, Link);
Name = (CHAR16 *) ((UINTN) LockedEntry + sizeof (*LockedEntry));
if (CompareGuid (&LockedEntry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {
goto Done;
}
}
Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));
StrCpyS (Name, StrSize (VariableName)/sizeof(CHAR16), VariableName);
CopyGuid (&Entry->Guid, VendorGuid);
InsertTailList (&mLockedVariableList, &Entry->Link);
Done:
ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
return EFI_SUCCESS;
}
/**
This code finds variable in storage blocks (Volatile or Non-Volatile).
@ -3211,9 +3078,6 @@ VariableServiceSetVariable (
VARIABLE_HEADER *NextVariable;
EFI_PHYSICAL_ADDRESS Point;
UINTN PayloadSize;
LIST_ENTRY *Link;
VARIABLE_ENTRY *Entry;
CHAR16 *Name;
//
// Check input parameters.
@ -3301,9 +3165,6 @@ VariableServiceSetVariable (
if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ()) {
return EFI_INVALID_PARAMETER;
}
if (!IsHwErrRecVariable(VariableName, VendorGuid)) {
return EFI_INVALID_PARAMETER;
}
} else {
//
// The size of the VariableName, including the Unicode Null in bytes plus
@ -3320,7 +3181,7 @@ VariableServiceSetVariable (
}
}
Status = InternalVarCheckSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));
Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
if (EFI_ERROR (Status)) {
return Status;
}
@ -3342,24 +3203,6 @@ VariableServiceSetVariable (
mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) Point;
}
if (mEndOfDxe && mEnableLocking) {
//
// Treat the variables listed in the forbidden variable list as read-only after leaving DXE phase.
//
for ( Link = GetFirstNode (&mLockedVariableList)
; !IsNull (&mLockedVariableList, Link)
; Link = GetNextNode (&mLockedVariableList, Link)
) {
Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);
Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));
if (CompareGuid (&Entry->Guid, VendorGuid) && (StrCmp (Name, VariableName) == 0)) {
Status = EFI_WRITE_PROTECTED;
DEBUG ((EFI_D_INFO, "[Variable]: Changing readonly variable after leaving DXE phase - %g:%s\n", VendorGuid, VariableName));
goto Done;
}
}
}
//
// Check whether the input variable is already existed.
//
@ -4064,21 +3907,21 @@ VariableWriteServiceInitialize (
FlushHobVariableToFlash (NULL, NULL);
Status = EFI_SUCCESS;
ZeroMem (&mContextOut, sizeof (mContextOut));
ZeroMem (&mAuthContextOut, sizeof (mAuthContextOut));
if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
//
// Authenticated variable initialize.
//
mContextIn.StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_IN);
mContextIn.MaxAuthVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();
Status = AuthVariableLibInitialize (&mContextIn, &mContextOut);
mAuthContextIn.StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_IN);
mAuthContextIn.MaxAuthVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();
Status = AuthVariableLibInitialize (&mAuthContextIn, &mAuthContextOut);
if (!EFI_ERROR (Status)) {
DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable support!\n"));
mVariableModuleGlobal->VariableGlobal.AuthSupport = TRUE;
if (mContextOut.AuthVarEntry != NULL) {
for (Index = 0; Index < mContextOut.AuthVarEntryCount; Index++) {
VariableEntry = &mContextOut.AuthVarEntry[Index];
Status = InternalVarCheckVariablePropertySet (
if (mAuthContextOut.AuthVarEntry != NULL) {
for (Index = 0; Index < mAuthContextOut.AuthVarEntryCount; Index++) {
VariableEntry = &mAuthContextOut.AuthVarEntry[Index];
Status = VarCheckLibVariablePropertySet (
VariableEntry->Name,
VariableEntry->Guid,
&VariableEntry->VariableProperty
@ -4097,7 +3940,7 @@ VariableWriteServiceInitialize (
if (!EFI_ERROR (Status)) {
for (Index = 0; Index < sizeof (mVariableEntryProperty) / sizeof (mVariableEntryProperty[0]); Index++) {
VariableEntry = &mVariableEntryProperty[Index];
Status = InternalVarCheckVariablePropertySet (VariableEntry->Name, VariableEntry->Guid, &VariableEntry->VariableProperty);
Status = VarCheckLibVariablePropertySet (VariableEntry->Name, VariableEntry->Guid, &VariableEntry->VariableProperty);
ASSERT_EFI_ERROR (Status);
}
}

97
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
View File

@ -36,13 +36,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/SynchronizationLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/AuthVariableLib.h>
#include <Library/VarCheckLib.h>
#include <Guid/GlobalVariable.h>
#include <Guid/EventGroup.h>
#include <Guid/VariableFormat.h>
#include <Guid/ImageAuthentication.h>
#include <Guid/SystemNvDataGuid.h>
#include <Guid/FaultTolerantWrite.h>
#include <Guid/HardwareErrorVariable.h>
#include <Guid/VarErrorFlag.h>
#define EFI_VARIABLE_ATTRIBUTES_MASK (EFI_VARIABLE_NON_VOLATILE | \
@ -109,12 +108,6 @@ typedef struct {
EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbInstance;
} VARIABLE_MODULE_GLOBAL;
typedef struct {
LIST_ENTRY Link;
EFI_GUID Guid;
//CHAR16 *Name;
} VARIABLE_ENTRY;
/**
Flush the HOB variable to flash.
@ -702,53 +695,6 @@ VariableLockRequestToLock (
IN EFI_GUID *VendorGuid
);
/**
Check if a Unicode character is a hexadecimal character.
This function checks if a Unicode character is a
hexadecimal character. The valid hexadecimal character is
L'0' to L'9', L'a' to L'f', or L'A' to L'F'.
@param Char The character to check against.
@retval TRUE If the Char is a hexadecmial character.
@retval FALSE If the Char is not a hexadecmial character.
**/
BOOLEAN
EFIAPI
IsHexaDecimalDigitCharacter (
IN CHAR16 Char
);
/**
Internal SetVariable check.
@param[in] VariableName Name of Variable to set.
@param[in] VendorGuid Variable vendor GUID.
@param[in] Attributes Attribute value of the variable.
@param[in] DataSize Size of Data to set.
@param[in] Data Data pointer.
@retval EFI_SUCCESS The SetVariable check result was success.
@retval EFI_INVALID_PARAMETER An invalid combination of attribute bits, name, and GUID were supplied,
or the DataSize exceeds the minimum or maximum allowed,
or the Data value is not following UEFI spec for UEFI defined variables.
@retval EFI_WRITE_PROTECTED The variable in question is read-only.
@retval Others The return status from check handler.
**/
EFI_STATUS
EFIAPI
InternalVarCheckSetVariableCheck (
IN CHAR16 *VariableName,
IN EFI_GUID *VendorGuid,
IN UINT32 Attributes,
IN UINTN DataSize,
IN VOID *Data
);
/**
Register SetVariable check handler.
@ -769,45 +715,6 @@ VarCheckRegisterSetVariableCheckHandler (
IN VAR_CHECK_SET_VARIABLE_CHECK_HANDLER Handler
);
/**
Internal variable property get.
@param[in] Name Pointer to the variable name.
@param[in] Guid Pointer to the vendor GUID.
@param[out] VariableProperty Pointer to the output variable property.
@retval EFI_SUCCESS The property of variable specified by the Name and Guid was got successfully.
@retval EFI_NOT_FOUND The property of variable specified by the Name and Guid was not found.
**/
EFI_STATUS
EFIAPI
InternalVarCheckVariablePropertyGet (
IN CHAR16 *Name,
IN EFI_GUID *Guid,
OUT VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
);
/**
Internal variable property set.
@param[in] Name Pointer to the variable name.
@param[in] Guid Pointer to the vendor GUID.
@param[in] VariableProperty Pointer to the input variable property.
@retval EFI_SUCCESS The property of variable specified by the Name and Guid was set successfully.
@retval EFI_OUT_OF_RESOURCES There is not enough resource for the variable property set request.
**/
EFI_STATUS
EFIAPI
InternalVarCheckVariablePropertySet (
IN CHAR16 *Name,
IN EFI_GUID *Guid,
IN VAR_CHECK_VARIABLE_PROPERTY *VariableProperty
);
/**
Variable property set.
@ -862,7 +769,7 @@ InitializeVariableQuota (
extern VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
extern AUTH_VAR_LIB_CONTEXT_OUT mContextOut;
extern AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;
/**
Finds variable in storage blocks of volatile and non-volatile storage areas.

48
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
View File

@ -21,11 +21,9 @@ extern VARIABLE_INFO_ENTRY *gVariableInfo;
EFI_HANDLE mHandle = NULL;
EFI_EVENT mVirtualAddressChangeEvent = NULL;
EFI_EVENT mFtwRegistration = NULL;
extern LIST_ENTRY mLockedVariableList;
extern LIST_ENTRY mVarCheckVariableList;
extern UINT32 mNumberOfHandler;
extern VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *mHandlerTable;
extern BOOLEAN mEndOfDxe;
VOID ***mVarCheckAddressPointer = NULL;
UINTN mVarCheckAddressPointerCount = 0;
EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock = { VariableLockRequestToLock };
EDKII_VAR_CHECK_PROTOCOL mVarCheck = { VarCheckRegisterSetVariableCheckHandler,
VarCheckVariablePropertySet,
@ -227,7 +225,6 @@ VariableClassAddressChangeEvent (
IN VOID *Context
)
{
EFI_STATUS Status;
UINTN Index;
EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetBlockSize);
@ -246,20 +243,16 @@ VariableClassAddressChangeEvent (
EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase);
EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal);
EfiConvertPointer (0x0, (VOID **) &mNvVariableCache);
EfiConvertPointer (0x0, (VOID **) &mHandlerTable);
for (Index = 0; Index < mNumberOfHandler; Index++) {
EfiConvertPointer (0x0, (VOID **) &mHandlerTable[Index]);
if (mAuthContextOut.AddressPointer != NULL) {
for (Index = 0; Index < mAuthContextOut.AddressPointerCount; Index++) {
EfiConvertPointer (0x0, (VOID **) mAuthContextOut.AddressPointer[Index]);
}
}
Status = EfiConvertList (0x0, &mLockedVariableList);
ASSERT_EFI_ERROR (Status);
Status = EfiConvertList (0x0, &mVarCheckVariableList);
ASSERT_EFI_ERROR (Status);
if (mContextOut.AddressPointer != NULL) {
for (Index = 0; Index < mContextOut.AddressPointerCount; Index++) {
EfiConvertPointer (0x0, (VOID **) mContextOut.AddressPointer[Index]);
if (mVarCheckAddressPointer != NULL) {
for (Index = 0; Index < mVarCheckAddressPointerCount; Index++) {
EfiConvertPointer (0x0, (VOID **) mVarCheckAddressPointer[Index]);
}
}
}
@ -283,14 +276,17 @@ OnReadyToBoot (
VOID *Context
)
{
//
// Set the End Of DXE bit in case the EFI_END_OF_DXE_EVENT_GROUP_GUID event is not signaled.
//
mEndOfDxe = TRUE;
//
// The initialization for variable quota.
//
InitializeVariableQuota ();
if (!mEndOfDxe) {
//
// Set the End Of DXE bit in case the EFI_END_OF_DXE_EVENT_GROUP_GUID event is not signaled.
//
mEndOfDxe = TRUE;
mVarCheckAddressPointer = VarCheckLibInitializeAtEndOfDxe (&mVarCheckAddressPointerCount);
//
// The initialization for variable quota.
//
InitializeVariableQuota ();
}
ReclaimForOS ();
if (FeaturePcdGet (PcdVariableCollectStatistics)) {
if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
@ -319,7 +315,9 @@ OnEndOfDxe (
VOID *Context
)
{
DEBUG ((EFI_D_INFO, "[Variable]END_OF_DXE is signaled\n"));
mEndOfDxe = TRUE;
mVarCheckAddressPointer = VarCheckLibInitializeAtEndOfDxe (&mVarCheckAddressPointerCount);
//
// The initialization for variable quota.
//

15
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
View File

@ -62,9 +62,9 @@
UefiDriverEntryPoint
PcdLib
HobLib
DevicePathLib
TpmMeasurementLib
AuthVariableLib
VarCheckLib
[Protocols]
gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES
@ -93,23 +93,10 @@
## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
## SOMETIMES_CONSUMES ## Variable:L"Lang"
## SOMETIMES_PRODUCES ## Variable:L"Lang"
## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"
## SOMETIMES_CONSUMES ## Variable:L"SetupMode"
## SOMETIMES_CONSUMES ## Variable:L"PK"
## SOMETIMES_CONSUMES ## Variable:L"KEK"
## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
## SOMETIMES_CONSUMES ## Variable:L"SignatureSupport"
## SOMETIMES_CONSUMES ## Variable:L"VendorKeys"
gEfiGlobalVariableGuid
## SOMETIMES_CONSUMES ## Variable:L"DB"
## SOMETIMES_CONSUMES ## Variable:L"DBX"
## SOMETIMES_CONSUMES ## Variable:L"DBT"
gEfiImageSecurityDatabaseGuid
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"
gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
gEdkiiVarErrorFlagGuid ## CONSUMES ## GUID

23
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
View File

@ -45,7 +45,7 @@ BOOLEAN mAtRuntime = F
UINT8 *mVariableBufferPayload = NULL;
UINTN mVariableBufferPayloadSize;
extern BOOLEAN mEndOfDxe;
extern BOOLEAN mEnableLocking;
extern VAR_CHECK_REQUEST_SOURCE mRequestSource;
/**
SecureBoot Hook for SetVariable.
@ -97,7 +97,7 @@ SmmVariableSetVariable (
//
// Disable write protection when the calling SetVariable() through EFI_SMM_VARIABLE_PROTOCOL.
//
mEnableLocking = FALSE;
mRequestSource = VarCheckFromTrusted;
Status = VariableServiceSetVariable (
VariableName,
VendorGuid,
@ -105,7 +105,7 @@ SmmVariableSetVariable (
DataSize,
Data
);
mEnableLocking = TRUE;
mRequestSource = VarCheckFromUntrusted;
return Status;
}
@ -666,15 +666,18 @@ SmmVariableHandler (
break;
case SMM_VARIABLE_FUNCTION_READY_TO_BOOT:
mEndOfDxe = TRUE;
//
// The initialization for variable quota.
//
InitializeVariableQuota ();
if (AtRuntime()) {
Status = EFI_UNSUPPORTED;
break;
}
if (!mEndOfDxe) {
mEndOfDxe = TRUE;
VarCheckLibInitializeAtEndOfDxe (NULL);
//
// The initialization for variable quota.
//
InitializeVariableQuota ();
}
ReclaimForOS ();
Status = EFI_SUCCESS;
break;
@ -800,8 +803,9 @@ SmmEndOfDxeCallback (
IN EFI_HANDLE Handle
)
{
DEBUG ((EFI_D_INFO, "[Variable]END_OF_DXE is signaled\n"));
DEBUG ((EFI_D_INFO, "[Variable]SMM_END_OF_DXE is signaled\n"));
mEndOfDxe = TRUE;
VarCheckLibInitializeAtEndOfDxe (NULL);
//
// The initialization for variable quota.
//
@ -809,6 +813,7 @@ SmmEndOfDxeCallback (
if (PcdGetBool (PcdReclaimVariableSpaceAtEndOfDxe)) {
ReclaimForOS ();
}
return EFI_SUCCESS;
}

15
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
View File

@ -69,9 +69,9 @@
DxeServicesTableLib
HobLib
PcdLib
DevicePathLib
SmmMemLib
AuthVariableLib
VarCheckLib
[Protocols]
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
@ -101,23 +101,10 @@
## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
## SOMETIMES_CONSUMES ## Variable:L"Lang"
## SOMETIMES_PRODUCES ## Variable:L"Lang"
## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"
## SOMETIMES_CONSUMES ## Variable:L"SetupMode"
## SOMETIMES_CONSUMES ## Variable:L"PK"
## SOMETIMES_CONSUMES ## Variable:L"KEK"
## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
## SOMETIMES_CONSUMES ## Variable:L"SignatureSupport"
## SOMETIMES_CONSUMES ## Variable:L"VendorKeys"
gEfiGlobalVariableGuid
## SOMETIMES_CONSUMES ## Variable:L"DB"
## SOMETIMES_CONSUMES ## Variable:L"DBX"
## SOMETIMES_CONSUMES ## Variable:L"DBT"
gEfiImageSecurityDatabaseGuid
gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol
gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"
gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
gEdkiiVarErrorFlagGuid ## CONSUMES ## GUID
gZeroGuid ## SOMETIMES_CONSUMES ## GUID