Re: [edk2] [patch V2 3/3] MdeModulePkg: Add MorLock to variable driver.

Zhang, Chao B Mon, 18 Jan 2016 00:00:15 -0800

Reviewed-by: Chao Zhang <chao.b.zh...@intel.com>





Thanks & Best regards
Chao Zhang


-----Original Message-----
From: Yao, Jiewen 
Sent: Monday, January 18, 2016 2:52 PM
To: edk2-de...@ml01.01.org
Cc: Yao, Jiewen; Zhang, Chao B; Zeng, Star
Subject: [patch V2 3/3] MdeModulePkg: Add MorLock to variable driver.

This patch adds MorLock function to Variable main function.
It also updates corresponding INF file to pass build.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen....@intel.com>
Cc: "Zhang, Chao B" <chao.b.zh...@intel.com>
Cc: "Zeng, Star" <star.z...@intel.com>
---
 .../Universal/Variable/RuntimeDxe/Variable.c       | 60 +++++++++++++++++++++-
 .../Variable/RuntimeDxe/VariableRuntimeDxe.inf     |  6 ++-
 .../Universal/Variable/RuntimeDxe/VariableSmm.inf  |  6 ++-
 3 files changed, 69 insertions(+), 3 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 2dc3038..5e39d44 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -16,7 +16,7 @@
   VariableServiceSetVariable() should also check authenticate data to avoid 
buffer overflow,
   integer overflow. It should also check attribute to avoid authentication 
bypass.
 
-Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>  This program 
and the accompanying materials  are licensed and made available under the terms 
and conditions of the BSD License @@ -112,6 +112,43 @@ SecureBootHook (
   );
 
 /**
+  Initialization for MOR Lock Control.
+
+  @retval EFI_SUCEESS     MorLock initialization success.
+  @return Others          Some error occurs.
+**/
+EFI_STATUS
+MorLockInit (
+  VOID
+  );
+
+/**
+  This service is an MOR/MorLock checker handler for the SetVariable().
+
+  @param  VariableName the name of the vendor's variable, as a
+                       Null-Terminated Unicode String
+  @param  VendorGuid   Unify identifier for vendor.
+  @param  Attributes   Point to memory location to return the attributes of 
variable. If the point
+                       is NULL, the parameter would be ignored.
+  @param  DataSize     The size in bytes of Data-Buffer.
+  @param  Data         Point to the content of the variable.
+
+  @retval  EFI_SUCCESS            The MOR/MorLock check pass, and Variable 
driver can store the variable data.
+  @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or 
attributes is not allowed for MOR variable.
+  @retval  EFI_ACCESS_DENIED      The MOR/MorLock is locked.
+  @retval  EFI_ALREADY_STARTED    The MorLock variable is handled inside this 
function.
+                                  Variable driver can just return EFI_SUCCESS.
+**/
+EFI_STATUS
+SetVariableCheckHandlerMor (
+  IN CHAR16     *VariableName,
+  IN EFI_GUID   *VendorGuid,
+  IN UINT32     Attributes,
+  IN UINTN      DataSize,
+  IN VOID       *Data
+  );
+
+/**
   Routine used to track statistical information about variable usage.
   The data is stored in the EFI system table so it can be accessed later.
   VariableInfo.efi can dump out the table. Only Boot Services variable @@ 
-3192,6 +3229,21 @@ VariableServiceSetVariable (
     }
   }
 
+  //
+  // Special Handling for MOR Lock variable.
+  //
+  Status = SetVariableCheckHandlerMor (VariableName, VendorGuid, 
+ Attributes, PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize));  
if (Status == EFI_ALREADY_STARTED) {
+    //
+    // EFI_ALREADY_STARTED means the SetVariable() action is handled inside of 
SetVariableCheckHandlerMor().
+    // Variable driver can just return SUCCESS.
+    //
+    return EFI_SUCCESS;
+  }
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
   Status = VarCheckLibSetVariableCheck (VariableName, VendorGuid, Attributes, 
PayloadSize, (VOID *) ((UINTN) Data + DataSize - PayloadSize), mRequestSource);
   if (EFI_ERROR (Status)) {
     return Status;
@@ -3966,6 +4018,12 @@ VariableWriteServiceInitialize (
   }
 
   ReleaseLockOnlyAtBootTime 
(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
+
+  //
+  // Initialize MOR Lock variable.
+  //
+  MorLockInit ();
+
   return Status;
 }
 
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 62c1568..da9b8bb 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -9,7 +9,7 @@
 #  This external input must be validated carefully to avoid security issues 
such as  #  buffer overflow or integer overflow.
 #
-# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2016, Intel Corporation. All rights 
+reserved.<BR>
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution. The full text of the license may be found at @@ 
-42,6 +42,7 @@
   VariableDxe.c
   Variable.h
   Measurement.c
+  TcgMorLockDxe.c
   VarCheck.c
   VariableExLib.c
 
@@ -95,6 +96,9 @@
   ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
   gEfiGlobalVariableGuid
 
+  gEfiMemoryOverwriteControlDataGuid            ## PRODUCES   ## 
Variable:L"MemoryOverwriteRequestControl"
+  gEfiMemoryOverwriteRequestControlLockGuid     ## CONSUMES   ## 
Variable:L"MemoryOverwriteRequestControlLock"
+
   gEfiEventVirtualAddressChangeGuid             ## CONSUMES             ## 
Event
   gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
   gEfiEndOfDxeEventGroupGuid                    ## CONSUMES             ## 
Event
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf 
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index efcd317..19f85c8 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -18,7 +18,7 @@
 #  may not be modified without authorization. If platform fails to protect 
these resources,  #  the authentication service provided in this driver will be 
broken, and the behavior is undefined.
 #
-# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2016, Intel Corporation. All rights 
+reserved.<BR>
 # This program and the accompanying materials  # are licensed and made 
available under the terms and conditions of the BSD License  # which 
accompanies this distribution. The full text of the license may be found at @@ 
-52,6 +52,7 @@
   VarCheck.c
   Variable.h
   VariableExLib.c
+  TcgMorLockSmm.c
 
 [Packages]
   MdePkg/MdePkg.dec
@@ -103,6 +104,9 @@
   ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
   gEfiGlobalVariableGuid
 
+  gEfiMemoryOverwriteControlDataGuid            ## PRODUCES   ## 
Variable:L"MemoryOverwriteRequestControl"
+  gEfiMemoryOverwriteRequestControlLockGuid     ## CONSUMES   ## 
Variable:L"MemoryOverwriteRequestControlLock"
+
   gSmmVariableWriteGuid                         ## PRODUCES             ## 
GUID # Install protocol
   gEfiSystemNvDataFvGuid                        ## CONSUMES             ## GUID
   gEdkiiFaultTolerantWriteGuid                  ## SOMETIMES_CONSUMES   ## HOB
--
1.9.5.msysgit.0

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Re: [edk2] [patch V2 3/3] MdeModulePkg: Add MorLock to variable driver.

Reply via email to