Laszlo Ersek 84d2070aef OvmfPkg: PlatformBdsLib: lock down SMM regardless of S3 ... At the moment, the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is only installed if S3 is enabled -- at the end of SaveS3BootScript(). While a runtime OS is never booted with SMM unlocked (because the SMM IPL locks down SMM as a last resort: > SMM IPL! DXE SMM Ready To Lock Protocol not installed before Ready To > Boot signal > SmmInstallProtocolInterface: [EfiSmmReadyToLockProtocol] 0 > Patch page table start ... > Patch page table done! > SMM IPL locked SMRAM window ), we shouldn't allow UEFI drivers and applications either to mess with SMM just because S3 is disabled. So install EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL in PlatformBdsInit() unconditionally. Cc: Feng Tian <feng.tian@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jordan Justen <jordan.l.justen@intel.com> Cc: Ruiyu Ni <ruiyu.ni@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <lersek@redhat.com> Acked-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jordan Justen <jordan.l.justen@intel.com>		2016-04-28 19:35:29 +02:00
..
BdsPlatform.c	OvmfPkg: PlatformBdsLib: lock down SMM regardless of S3	2016-04-28 19:35:29 +02:00
BdsPlatform.h	OvmfPkg: install DxeSmmReadyToLock in PlatformBdsLib	2015-07-26 08:02:24 +00:00
PlatformBdsLib.inf	OvmfPkg: PlatformBdsLib: signal gRootBridgesConnectedEventGroupGuid	2016-03-23 17:38:12 +01:00
PlatformData.c	OvmfPkg: PlatformBdsLib: connect all PCI root buses	2015-07-14 12:01:52 +00:00
QemuKernel.c	OvmfPkg/PlatformBdsLib: Signal ReadyToBoot before booting QEMU kernel	2015-02-17 00:05:36 +00:00