From nobody Sat Sep 21 00:56:13 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+79734+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79734+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1629772111; cv=none; d=zohomail.com; s=zohoarc; b=JCFlQWuiYlUUV4T52CWFCs1155mntgMdBE4Q45S3rNPImODklMK9OeSoR/TN09oi7tII1SyfuS8SOpcHsuaM6RdDAEbxXZY8NnIn5ekppxGMrnosDWYh/mNYo+oQzFXQfJ4EYlCs/dv8ssuuNVqjGibcGeXUaiDos1nFU5S5i4k= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1629772111; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=BVyw8FH8Bi6jWAX+S0xIcsIww7hZXYwt9YTefF+fFb8=; b=d1TosirVVqez0RbhWfS6I2yIjQDe+9//JffzJJwF0SRPnmMleyDs4vrzs42fjtXBqKIh0SDWWeAyM0GVrol/WY/2dC12Qz1xNIhwJOZO59Q9hP+JSfs3FsO4XR8DVvmLF+jAy3j9H28b+I0JmNNHVifUgeEFlE4DLbr/v2/3oSI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+79734+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1629772111500234.58165577274508; Mon, 23 Aug 2021 19:28:31 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id GCF7YY1788612xKT7evw8i3l; Mon, 23 Aug 2021 19:28:31 -0700 X-Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web08.34010.1629772109632762108 for ; Mon, 23 Aug 2021 19:28:30 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10085"; a="216942534" X-IronPort-AV: E=Sophos;i="5.84,346,1620716400"; d="scan'208";a="216942534" X-Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2021 19:28:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,346,1620716400"; d="scan'208";a="685050781" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.130]) by fmsmga005.fm.intel.com with ESMTP; 23 Aug 2021 19:28:26 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Rahul Kumar , Ray Ni Subject: [edk2-devel] [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Date: Tue, 24 Aug 2021 10:28:22 +0800 Message-Id: <20210824022822.6121-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: HheVIR7FVfp32zzVCYOtzbmKx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1629772111; bh=EtJaXQEomeOlOkCFbOuiSdRYn3UsVcuNrGhoEJFmh9s=; h=Cc:Date:From:Reply-To:Subject:To; b=kbS43L/xKDPg8hakkYL9mZXMG6MBAGXIgLFJCtZh65Ed/0Bcx2DZo2Wc3COSb5FsVzW GmOPvxlrofkjj/3W8tAdGeHMddG8XMzLGbe3ibX8jd0PuGjqh23MULTEsj3+d+CHoTeor jIi6M3u77xqICGWS4xA6yghvu93MX4k7y+o= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1629772112531100001 Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3583 TcgMorLockSmm is only for secure MOR V1. VariableSmm covers secure MOR V1 and V2. Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Cc: Ray Ni Reviewed-by: Jiewen Yao --- SecurityPkg/SecurityPkg.dsc | 1 - .../TcgMorLock.c | 191 ------------------ .../TcgMorLock.h | 131 ------------ .../TcgMorLock.uni | 16 -- .../TcgMorLockExtra.uni | 14 -- .../TcgMorLockSmm.c | 152 -------------- .../TcgMorLockSmm.inf | 65 ------ 7 files changed, 570 deletions(-) delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.c delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.h delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.uni delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockExtra.uni delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockSmm.c delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockSmm.inf diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 64157e20f9..7898fe4282 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -338,7 +338,6 @@ =20 [Components.IA32, Components.X64] =20 - SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf SecurityPkg/Tcg/TcgSmm/TcgSmm.inf SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c= b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c deleted file mode 100644 index aa230eeefa..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c +++ /dev/null @@ -1,191 +0,0 @@ -/** @file - TCG MOR (Memory Overwrite Request) Lock Control Driver. - - This driver initializes MemoryOverwriteRequestControlLock variable. - This module will add Variable Hook and allow MemoryOverwriteRequestContr= olLock variable set only once. - -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include -#include -#include -#include -#include -#include "TcgMorLock.h" - -typedef struct { - CHAR16 *VariableName; - EFI_GUID *VendorGuid; -} VARIABLE_TYPE; - -VARIABLE_TYPE mMorVariableType[] =3D { - {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, &gEfiMemoryOverwriteContro= lDataGuid}, - {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteReques= tControlLockGuid}, -}; - -/** - Returns if this is MOR related variable. - - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String - @param VendorGuid Unify identifier for vendor. - - @retval TRUE The variable is MOR related. - @retval FALSE The variable is NOT MOR related. -**/ -BOOLEAN -IsAnyMorVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid - ) -{ - UINTN Index; - - for (Index =3D 0; Index < sizeof(mMorVariableType)/sizeof(mMorVariableTy= pe[0]); Index++) { - if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) =3D= =3D 0) && - (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) { - return TRUE; - } - } - return FALSE; -} - -/** - Returns if this is MOR lock variable. - - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String - @param VendorGuid Unify identifier for vendor. - - @retval TRUE The variable is MOR lock variable. - @retval FALSE The variable is NOT MOR lock variable. -**/ -BOOLEAN -IsMorLockVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid - ) -{ - if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) = =3D=3D 0) && - (CompareGuid (VendorGuid, &gEfiMemoryOverwriteRequestControlLockGuid= ))) { - return TRUE; - } - return FALSE; -} - -/** - This service is a checker handler for the UEFI Runtime Service SetVariab= le() - - @param VariableName the name of the vendor's variable, as a - Null-Terminated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize The size in bytes of Data-Buffer. - @param Data Point to the content of the variable. - - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed. - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS - set but the AuthInfo does NOT pass the v= alidation check carried - out by the firmware. - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found. - -**/ -EFI_STATUS -EFIAPI -SetVariableCheckHandlerMor ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data - ) -{ - UINTN MorLockDataSize; - BOOLEAN MorLock; - EFI_STATUS Status; - - // - // do not handle non-MOR variable - // - if (!IsAnyMorVariable (VariableName, VendorGuid)) { - return EFI_SUCCESS; - } - - MorLockDataSize =3D sizeof(MorLock); - Status =3D InternalGetVariable ( - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, - &gEfiMemoryOverwriteRequestControlLockGuid, - NULL, - &MorLockDataSize, - &MorLock - ); - if (!EFI_ERROR (Status) && MorLock) { - // - // If lock, deny access - // - return EFI_INVALID_PARAMETER; - } - - // - // Delete not OK - // - if ((DataSize !=3D sizeof(UINT8)) || (Data =3D=3D NULL) || (Attributes = =3D=3D 0)) { - return EFI_INVALID_PARAMETER; - } - - // - // check format - // - if (IsMorLockVariable(VariableName, VendorGuid)) { - // - // set to any other value not OK - // - if ((*(UINT8 *)Data !=3D 1) && (*(UINT8 *)Data !=3D 0)) { - return EFI_INVALID_PARAMETER; - } - } - // - // Or grant access - // - return EFI_SUCCESS; -} - -/** - Entry Point for MOR Lock Control driver. - - @param[in] ImageHandle Image handle of this driver. - @param[in] SystemTable A Pointer to the EFI System Table. - - @retval EFI_SUCCESS - @return Others Some error occurs. -**/ -EFI_STATUS -EFIAPI -MorLockDriverInit ( - VOID - ) -{ - EFI_STATUS Status; - UINT8 Data; - - Data =3D 0; - Status =3D InternalSetVariable ( - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, - &gEfiMemoryOverwriteRequestControlLockGuid, - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |= EFI_VARIABLE_RUNTIME_ACCESS, - 1, - &Data - ); - return Status; -} diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h= b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h deleted file mode 100644 index 5a6658c158..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h +++ /dev/null @@ -1,131 +0,0 @@ -/** @file - TCG MOR (Memory Overwrite Request) Lock Control Driver header file. - -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#ifndef _EFI_TCG_MOR_LOCK_H_ -#define _EFI_TCG_MOR_LOCK_H_ - -/** - This service is a wrapper for the UEFI Runtime Service GetVariable(). - - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize As input, point to the maximum size of return Data-= Buffer. - As output, point to the actual size of the returned= Data-Buffer. - @param Data Point to return Data-Buffer. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The variable was not found. - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result= . DataSize has - been updated with the size needed to com= plete the request. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_INVALID_PARAMETER DataSize is NULL. - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data i= s NULL. - @retval EFI_DEVICE_ERROR The variable could not be retrieved due = to a hardware error. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due = to an authentication failure. -**/ -EFI_STATUS -EFIAPI -InternalGetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT UINT32 *Attributes OPTIONAL, - IN OUT UINTN *DataSize, - OUT VOID *Data - ); - -/** - This service is a wrapper for the UEFI Runtime Service SetVariable() - - @param VariableName the name of the vendor's variable, as a - Null-Terminated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize The size in bytes of Data-Buffer. - @param Data Point to the content of the variable. - - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed. - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS - set but the AuthInfo does NOT pass the v= alidation check carried - out by the firmware. - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found. - -**/ -EFI_STATUS -EFIAPI -InternalSetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data - ); - -/** - This service is a checker handler for the UEFI Runtime Service SetVariab= le() - - @param VariableName the name of the vendor's variable, as a - Null-Terminated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize The size in bytes of Data-Buffer. - @param Data Point to the content of the variable. - - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed. - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS - set but the AuthInfo does NOT pass the v= alidation check carried - out by the firmware. - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found. - -**/ -EFI_STATUS -EFIAPI -SetVariableCheckHandlerMor ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data - ); - -/** - Entry Point for MOR Lock Control driver. - - @param[in] ImageHandle Image handle of this driver. - @param[in] SystemTable A Pointer to the EFI System Table. - - @retval EFI_SUCCESS - @return Others Some error occurs. -**/ -EFI_STATUS -EFIAPI -MorLockDriverInit ( - VOID - ); - -#endif diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.u= ni b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni deleted file mode 100644 index 711b37d866..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni +++ /dev/null @@ -1,16 +0,0 @@ -// /** @file -// Initializes MemoryOverwriteRequestControlLock variable -// -// This module will add Variable Hook and allow MemoryOverwriteRequestCont= rolLock variable set only once. -// -// Copyright (c) 2015, Intel Corporation. All rights reserved.
-// -// SPDX-License-Identifier: BSD-2-Clause-Patent -// -// **/ - - -#string STR_MODULE_ABSTRACT #language en-US "Initializes Memor= yOverwriteRequestControlLock variable" - -#string STR_MODULE_DESCRIPTION #language en-US "This module will = add Variable Hook and allow MemoryOverwriteRequestControlLock variable set = only once." - diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockEx= tra.uni b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra= .uni deleted file mode 100644 index 2679c08c86..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni +++ /dev/null @@ -1,14 +0,0 @@ -// /** @file -// TcgMorLock Localized Strings and Content -// -// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
-// -// SPDX-License-Identifier: BSD-2-Clause-Patent -// -// **/ - -#string STR_PROPERTIES_MODULE_NAME -#language en-US -"TCG (Trusted Computing Group) MOR Lock" - - diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSm= m.c b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c deleted file mode 100644 index 8c92317313..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c +++ /dev/null @@ -1,152 +0,0 @@ -/** @file - TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper. - -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include -#include -#include -#include -#include "TcgMorLock.h" - -EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable; - -/** - This service is a wrapper for the UEFI Runtime Service GetVariable(). - - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize As input, point to the maximum size of return Data-= Buffer. - As output, point to the actual size of the returned= Data-Buffer. - @param Data Point to return Data-Buffer. - - @retval EFI_SUCCESS The function completed successfully. - @retval EFI_NOT_FOUND The variable was not found. - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result= . DataSize has - been updated with the size needed to com= plete the request. - @retval EFI_INVALID_PARAMETER VariableName is NULL. - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. - @retval EFI_INVALID_PARAMETER DataSize is NULL. - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data i= s NULL. - @retval EFI_DEVICE_ERROR The variable could not be retrieved due = to a hardware error. - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due = to an authentication failure. -**/ -EFI_STATUS -EFIAPI -InternalGetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - OUT UINT32 *Attributes OPTIONAL, - IN OUT UINTN *DataSize, - OUT VOID *Data - ) -{ - return mSmmVariable->SmmGetVariable ( - VariableName, - VendorGuid, - Attributes, - DataSize, - Data - ); -} - -/** - This service is a wrapper for the UEFI Runtime Service SetVariable() - - @param VariableName the name of the vendor's variable, as a - Null-Terminated Unicode String - @param VendorGuid Unify identifier for vendor. - @param Attributes Point to memory location to return the attributes o= f variable. If the point - is NULL, the parameter would be ignored. - @param DataSize The size in bytes of Data-Buffer. - @param Data Point to the content of the variable. - - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as - defined by the Attributes. - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the - DataSize exceeds the maximum allowed. - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string. - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data. - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure. - @retval EFI_WRITE_PROTECTED The variable in question is read-only. - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed. - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS - set but the AuthInfo does NOT pass the v= alidation check carried - out by the firmware. - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found. - -**/ -EFI_STATUS -EFIAPI -InternalSetVariable ( - IN CHAR16 *VariableName, - IN EFI_GUID *VendorGuid, - IN UINT32 Attributes, - IN UINTN DataSize, - IN VOID *Data - ) -{ - return mSmmVariable->SmmSetVariable ( - VariableName, - VendorGuid, - Attributes, - DataSize, - Data - ); -} - -/** - Entry Point for MOR Lock Control driver. - - @param[in] ImageHandle The firmware allocated handle for the EFI imag= e. - @param[in] SystemTable A pointer to the EFI System Table. - - @retval EFI_SUCCESS EntryPoint runs successfully. - -**/ -EFI_STATUS -EFIAPI -MorLockDriverEntryPointSmm ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ) -{ - EFI_STATUS Status; - EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck; - - // - // This driver link to Smm Variable driver - // - DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n")); - - Status =3D gSmst->SmmLocateProtocol ( - &gEfiSmmVariableProtocolGuid, - NULL, - (VOID **) &mSmmVariable - ); - ASSERT_EFI_ERROR (Status); - - Status =3D gSmst->SmmLocateProtocol ( - &gEdkiiSmmVarCheckProtocolGuid, - NULL, - (VOID **) &SmmVarCheck - ); - ASSERT_EFI_ERROR (Status); - - Status =3D MorLockDriverInit (); - if (EFI_ERROR (Status)) { - return Status; - } - - Status =3D SmmVarCheck->SmmRegisterSetVariableCheckHandler (SetVariableC= heckHandlerMor); - ASSERT_EFI_ERROR (Status); - - return Status; -} - diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSm= m.inf b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf deleted file mode 100644 index 875c1e5f3a..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf +++ /dev/null @@ -1,65 +0,0 @@ -## @file -# Initializes MemoryOverwriteRequestControlLock variable -# -# This module will add Variable Hook and allow MemoryOverwriteRequestCont= rolLock variable set only once. -# -# NOTE: This module only handles secure MOR V1 and is deprecated. -# The secure MOR V2 is handled inside of variable driver. -# -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
-# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Defines] - INF_VERSION =3D 0x00010005 - BASE_NAME =3D TcgMorLockSmm - MODULE_UNI_FILE =3D TcgMorLock.uni - FILE_GUID =3D E2EA6F47-E678-47FA-8C1B-02A03E825C6E - MODULE_TYPE =3D DXE_SMM_DRIVER - VERSION_STRING =3D 1.0 - PI_SPECIFICATION_VERSION =3D 0x0001000A - ENTRY_POINT =3D MorLockDriverEntryPointSmm - -# -# The following information is for reference only and not required by the = build tools. -# -# VALID_ARCHITECTURES =3D IA32 X64 EBC -# - -[Sources] - TcgMorLock.h - TcgMorLock.c - TcgMorLockSmm.c - -[Packages] - MdePkg/MdePkg.dec - MdeModulePkg/MdeModulePkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - UefiDriverEntryPoint - SmmServicesTableLib - DebugLib - BaseLib - BaseMemoryLib - -[Guids] - ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" - gEfiMemoryOverwriteControlDataGuid - - ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControlLo= ck" - ## PRODUCES ## Variable:L"MemoryOverwriteRequestControlLo= ck" - gEfiMemoryOverwriteRequestControlLockGuid - -[Protocols] - gEdkiiSmmVarCheckProtocolGuid ## CONSUMES - gEfiSmmVariableProtocolGuid ## CONSUMES - -[Depex] - gEfiSmmVariableProtocolGuid AND - gSmmVariableWriteGuid AND - ( gEfiTcgProtocolGuid OR gEfiTcg2ProtocolGuid ) - -[UserExtensions.TianoCore."ExtraFiles"] - TcgMorLockExtra.uni --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#79734): https://edk2.groups.io/g/devel/message/79734 Mute This Topic: https://groups.io/mt/85102356/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-