mirror of
				https://github.com/acidanthera/audk.git
				synced 2025-10-25 17:23:53 +02:00 
			
		
		
		
	SecurityPkg Variable: Reuse scratch data area(at the end of volatile variable store)
as serialization runtime buffer to reduce SMRAM consumption for SMM variable driver. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17059 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
		
							parent
							
								
									856236cad7
								
							
						
					
					
						commit
						ba9d087b8f
					
				| @ -55,14 +55,6 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 }; | ||||
| //
 | ||||
| VOID  *mHashCtx = NULL; | ||||
| 
 | ||||
| //
 | ||||
| // The serialization of the values of the VariableName, VendorGuid and Attributes
 | ||||
| // parameters of the SetVariable() call and the TimeStamp component of the
 | ||||
| // EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
 | ||||
| // i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
 | ||||
| //
 | ||||
| UINT8 *mSerializationRuntimeBuffer = NULL; | ||||
| 
 | ||||
| //
 | ||||
| // Requirement for different signature type which have been defined in UEFI spec.
 | ||||
| // These data are used to peform SignatureList format check while setting PK/KEK variable.
 | ||||
| @ -182,15 +174,6 @@ AutenticatedVariableServiceInitialize ( | ||||
|     return EFI_OUT_OF_RESOURCES; | ||||
|   } | ||||
| 
 | ||||
|   //
 | ||||
|   // Prepare runtime buffer for serialized data of time-based authenticated
 | ||||
|   // Variable, i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data).
 | ||||
|   //
 | ||||
|   mSerializationRuntimeBuffer = AllocateRuntimePool (PcdGet32 (PcdMaxVariableSize) + sizeof (EFI_GUID) + sizeof (UINT32) + sizeof (EFI_TIME)); | ||||
|   if (mSerializationRuntimeBuffer == NULL) { | ||||
|     return EFI_OUT_OF_RESOURCES; | ||||
|   } | ||||
| 
 | ||||
|   //
 | ||||
|   // Check "AuthVarKeyDatabase" variable's existence.
 | ||||
|   // If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
 | ||||
| @ -2267,11 +2250,21 @@ VerifyTimeBasedPayload ( | ||||
|   PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize; | ||||
| 
 | ||||
|   //
 | ||||
|   // Construct a buffer to fill with (VariableName, VendorGuid, Attributes, TimeStamp, Data).
 | ||||
|   // Construct a serialization buffer of the values of the VariableName, VendorGuid and Attributes
 | ||||
|   // parameters of the SetVariable() call and the TimeStamp component of the
 | ||||
|   // EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
 | ||||
|   // i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
 | ||||
|   //
 | ||||
|   NewDataSize = PayloadSize + sizeof (EFI_TIME) + sizeof (UINT32) + | ||||
|                 sizeof (EFI_GUID) + StrSize (VariableName) - sizeof (CHAR16); | ||||
|   NewData = mSerializationRuntimeBuffer; | ||||
|   //
 | ||||
|   // Here is to reuse scratch data area(at the end of volatile variable store)
 | ||||
|   // to reduce SMRAM consumption for SMM variable driver.
 | ||||
|   // The scratch buffer is enough to hold the serialized data and safe to use,
 | ||||
|   // because it will be used at here to do verification only first
 | ||||
|   // and then used in UpdateVariable() for a time based auth variable set.
 | ||||
|   //
 | ||||
|   NewData = (UINT8 *) GetEndPointer ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)); | ||||
| 
 | ||||
|   Buffer = NewData; | ||||
|   Length = StrLen (VariableName) * sizeof (CHAR16); | ||||
|  | ||||
| @ -351,6 +351,5 @@ extern UINT8  *mPubKeyStore; | ||||
| extern UINT8  *mCertDbStore; | ||||
| extern UINT32 mPubKeyNumber; | ||||
| extern VOID   *mHashCtx; | ||||
| extern UINT8  *mSerializationRuntimeBuffer; | ||||
| 
 | ||||
| #endif | ||||
|  | ||||
| @ -194,6 +194,23 @@ FindVariable ( | ||||
|   IN  BOOLEAN                 IgnoreRtCheck | ||||
|   ); | ||||
| 
 | ||||
| /**
 | ||||
| 
 | ||||
|   Gets the pointer to the end of the variable storage area. | ||||
| 
 | ||||
|   This function gets pointer to the end of the variable storage | ||||
|   area, according to the input variable store header. | ||||
| 
 | ||||
|   @param VarStoreHeader  Pointer to the Variable Store Header. | ||||
| 
 | ||||
|   @return Pointer to the end of the variable storage area. | ||||
| 
 | ||||
| **/ | ||||
| VARIABLE_HEADER * | ||||
| GetEndPointer ( | ||||
|   IN VARIABLE_STORE_HEADER       *VarStoreHeader | ||||
|   ); | ||||
| 
 | ||||
| /**
 | ||||
| 
 | ||||
|   This code gets the pointer to the variable data. | ||||
|  | ||||
| @ -247,7 +247,6 @@ VariableClassAddressChangeEvent ( | ||||
|   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mHashCtx); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mSerializationRuntimeBuffer); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mNvVariableCache); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mPubKeyStore); | ||||
|   EfiConvertPointer (0x0, (VOID **) &mCertDbStore); | ||||
|  | ||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user