mirror of
				https://github.com/acidanthera/audk.git
				synced 2025-10-26 08:43:46 +01:00 
			
		
		
		
	SecurityPkg Variable: Reuse scratch data area(at the end of volatile variable store)
as serialization runtime buffer to reduce SMRAM consumption for SMM variable driver. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17059 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
		
							parent
							
								
									856236cad7
								
							
						
					
					
						commit
						ba9d087b8f
					
				| @ -55,14 +55,6 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; | |||||||
| //
 | //
 | ||||||
| VOID  *mHashCtx = NULL; | VOID  *mHashCtx = NULL; | ||||||
| 
 | 
 | ||||||
| //
 |  | ||||||
| // The serialization of the values of the VariableName, VendorGuid and Attributes
 |  | ||||||
| // parameters of the SetVariable() call and the TimeStamp component of the
 |  | ||||||
| // EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
 |  | ||||||
| // i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
 |  | ||||||
| //
 |  | ||||||
| UINT8 *mSerializationRuntimeBuffer = NULL; |  | ||||||
| 
 |  | ||||||
| //
 | //
 | ||||||
| // Requirement for different signature type which have been defined in UEFI spec.
 | // Requirement for different signature type which have been defined in UEFI spec.
 | ||||||
| // These data are used to peform SignatureList format check while setting PK/KEK variable.
 | // These data are used to peform SignatureList format check while setting PK/KEK variable.
 | ||||||
| @ -182,15 +174,6 @@ AutenticatedVariableServiceInitialize ( | |||||||
|     return EFI_OUT_OF_RESOURCES; |     return EFI_OUT_OF_RESOURCES; | ||||||
|   } |   } | ||||||
| 
 | 
 | ||||||
|   //
 |  | ||||||
|   // Prepare runtime buffer for serialized data of time-based authenticated
 |  | ||||||
|   // Variable, i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data).
 |  | ||||||
|   //
 |  | ||||||
|   mSerializationRuntimeBuffer = AllocateRuntimePool (PcdGet32 (PcdMaxVariableSize) + sizeof (EFI_GUID) + sizeof (UINT32) + sizeof (EFI_TIME)); |  | ||||||
|   if (mSerializationRuntimeBuffer == NULL) { |  | ||||||
|     return EFI_OUT_OF_RESOURCES; |  | ||||||
|   } |  | ||||||
| 
 |  | ||||||
|   //
 |   //
 | ||||||
|   // Check "AuthVarKeyDatabase" variable's existence.
 |   // Check "AuthVarKeyDatabase" variable's existence.
 | ||||||
|   // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
 |   // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
 | ||||||
| @ -2267,11 +2250,21 @@ VerifyTimeBasedPayload ( | |||||||
|   PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize; |   PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize; | ||||||
| 
 | 
 | ||||||
|   //
 |   //
 | ||||||
|   // Construct a buffer to fill with (VariableName, VendorGuid, Attributes, TimeStamp, Data).
 |   // Construct a serialization buffer of the values of the VariableName, VendorGuid and Attributes
 | ||||||
|  |   // parameters of the SetVariable() call and the TimeStamp component of the
 | ||||||
|  |   // EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
 | ||||||
|  |   // i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
 | ||||||
|   //
 |   //
 | ||||||
|   NewDataSize = PayloadSize + sizeof (EFI_TIME) + sizeof (UINT32) + |   NewDataSize = PayloadSize + sizeof (EFI_TIME) + sizeof (UINT32) + | ||||||
|                 sizeof (EFI_GUID) + StrSize (VariableName) - sizeof (CHAR16); |                 sizeof (EFI_GUID) + StrSize (VariableName) - sizeof (CHAR16); | ||||||
|   NewData = mSerializationRuntimeBuffer; |   //
 | ||||||
|  |   // Here is to reuse scratch data area(at the end of volatile variable store)
 | ||||||
|  |   // to reduce SMRAM consumption for SMM variable driver.
 | ||||||
|  |   // The scratch buffer is enough to hold the serialized data and safe to use,
 | ||||||
|  |   // because it will be used at here to do verification only first
 | ||||||
|  |   // and then used in UpdateVariable() for a time based auth variable set.
 | ||||||
|  |   //
 | ||||||
|  |   NewData = (UINT8 *) GetEndPointer ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)); | ||||||
| 
 | 
 | ||||||
|   Buffer = NewData; |   Buffer = NewData; | ||||||
|   Length = StrLen (VariableName) * sizeof (CHAR16); |   Length = StrLen (VariableName) * sizeof (CHAR16); | ||||||
|  | |||||||
| @ -351,6 +351,5 @@ extern UINT8  *mPubKeyStore; | |||||||
| extern UINT8  *mCertDbStore; | extern UINT8  *mCertDbStore; | ||||||
| extern UINT32 mPubKeyNumber; | extern UINT32 mPubKeyNumber; | ||||||
| extern VOID   *mHashCtx; | extern VOID   *mHashCtx; | ||||||
| extern UINT8  *mSerializationRuntimeBuffer; |  | ||||||
| 
 | 
 | ||||||
| #endif | #endif | ||||||
|  | |||||||
| @ -194,6 +194,23 @@ FindVariable ( | |||||||
|   IN  BOOLEAN                 IgnoreRtCheck |   IN  BOOLEAN                 IgnoreRtCheck | ||||||
|   ); |   ); | ||||||
| 
 | 
 | ||||||
|  | /**
 | ||||||
|  | 
 | ||||||
|  |   Gets the pointer to the end of the variable storage area. | ||||||
|  | 
 | ||||||
|  |   This function gets pointer to the end of the variable storage | ||||||
|  |   area, according to the input variable store header. | ||||||
|  | 
 | ||||||
|  |   @param VarStoreHeader  Pointer to the Variable Store Header. | ||||||
|  | 
 | ||||||
|  |   @return Pointer to the end of the variable storage area. | ||||||
|  | 
 | ||||||
|  | **/ | ||||||
|  | VARIABLE_HEADER * | ||||||
|  | GetEndPointer ( | ||||||
|  |   IN VARIABLE_STORE_HEADER       *VarStoreHeader | ||||||
|  |   ); | ||||||
|  | 
 | ||||||
| /**
 | /**
 | ||||||
| 
 | 
 | ||||||
|   This code gets the pointer to the variable data. |   This code gets the pointer to the variable data. | ||||||
|  | |||||||
| @ -247,7 +247,6 @@ VariableClassAddressChangeEvent ( | |||||||
|   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase); |   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase); | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal); |   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal); | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mHashCtx); |   EfiConvertPointer (0x0, (VOID **) &mHashCtx); | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mSerializationRuntimeBuffer); |  | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mNvVariableCache); |   EfiConvertPointer (0x0, (VOID **) &mNvVariableCache); | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mPubKeyStore); |   EfiConvertPointer (0x0, (VOID **) &mPubKeyStore); | ||||||
|   EfiConvertPointer (0x0, (VOID **) &mCertDbStore); |   EfiConvertPointer (0x0, (VOID **) &mCertDbStore); | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user