mirror of https://github.com/acidanthera/audk.git
OvmfPkg: QemuFlashFvbServicesRuntimeDxe: adhere to -D SMM_REQUIRE
When the user requires "security" by passing -D SMM_REQUIRE, and consequently by setting PcdSmmSmramRequire, enforce flash-based variables. Furthermore, add two ASSERT()s to catch if the wrong module were pulled into the build. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19063 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
parent
79397dbd2e
commit
b963ec494c
|
@ -85,6 +85,8 @@
|
|||
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
|
||||
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable
|
||||
|
||||
[FeaturePcd]
|
||||
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
|
||||
|
||||
[Depex]
|
||||
TRUE
|
||||
|
|
|
@ -84,6 +84,8 @@
|
|||
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
|
||||
gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable
|
||||
|
||||
[FeaturePcd]
|
||||
gUefiOvmfPkgTokenSpaceGuid.PcdSmmSmramRequire
|
||||
|
||||
[Depex]
|
||||
TRUE
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
#include <Guid/EventGroup.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Library/DevicePathLib.h>
|
||||
#include <Library/PcdLib.h>
|
||||
#include <Library/UefiBootServicesTableLib.h>
|
||||
#include <Library/UefiRuntimeLib.h>
|
||||
#include <Protocol/DevicePath.h>
|
||||
|
@ -34,6 +35,8 @@ InstallProtocolInterfaces (
|
|||
EFI_HANDLE FwbHandle;
|
||||
EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *OldFwbInterface;
|
||||
|
||||
ASSERT (!FeaturePcdGet (PcdSmmSmramRequire));
|
||||
|
||||
//
|
||||
// Find a handle with a matching device path that has supports FW Block
|
||||
// protocol
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
**/
|
||||
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Library/PcdLib.h>
|
||||
#include <Library/SmmServicesTableLib.h>
|
||||
#include <Protocol/DevicePath.h>
|
||||
#include <Protocol/SmmFirmwareVolumeBlock.h>
|
||||
|
@ -29,6 +30,8 @@ InstallProtocolInterfaces (
|
|||
EFI_HANDLE FvbHandle;
|
||||
EFI_STATUS Status;
|
||||
|
||||
ASSERT (FeaturePcdGet (PcdSmmSmramRequire));
|
||||
|
||||
//
|
||||
// There is no SMM service that can install multiple protocols in the SMM
|
||||
// protocol database in one go.
|
||||
|
|
|
@ -245,6 +245,7 @@ QemuFlashInitialize (
|
|||
mFdBlockCount = PcdGet32 (PcdOvmfFirmwareFdSize) / mFdBlockSize;
|
||||
|
||||
if (!QemuFlashDetected ()) {
|
||||
ASSERT (!FeaturePcdGet (PcdSmmSmramRequire));
|
||||
return EFI_WRITE_PROTECTED;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue