diff options
| author | Yao, Jiewen <jiewen.yao@intel.com> | 2015-02-02 14:43:28 +0000 |
|---|---|---|
| committer | jyao1 <jyao1@Edk2> | 2015-02-02 14:43:28 +0000 |
| commit | 9054e55a22cb7408bd57f3c3f6c85c7fab930abb (patch) | |
| tree | 0578f88931a173782883b08193256da76b383994 /SecurityPkg/VariableAuthenticated | |
| parent | 842b1242d19225bb6d6146861d3418a5c9549175 (diff) | |
| download | edk2-9054e55a22cb7408bd57f3c3f6c85c7fab930abb.tar.gz edk2-9054e55a22cb7408bd57f3c3f6c85c7fab930abb.tar.bz2 edk2-9054e55a22cb7408bd57f3c3f6c85c7fab930abb.zip | |
Use SmmMemLib to check communication buffer.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Gao, Liming" <liming.gao@intel.com>
Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16695 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated')
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c | 86 | ||||
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf | 1 |
2 files changed, 4 insertions, 83 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c index 439a4fe20d..8c80a0064f 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c @@ -33,14 +33,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Protocol/SmmVarCheck.h>
#include <Library/SmmServicesTableLib.h>
+#include <Library/SmmMemLib.h>
#include <Guid/AuthenticatedVariableFormat.h>
#include <Guid/SmmVariableCommon.h>
#include "Variable.h"
-EFI_SMRAM_DESCRIPTOR *mSmramRanges;
-UINTN mSmramRangeCount;
-
extern VARIABLE_INFO_ENTRY *gVariableInfo;
EFI_HANDLE mSmmVariableHandle = NULL;
EFI_HANDLE mVariableHandle = NULL;
@@ -138,60 +136,6 @@ AtRuntime ( }
/**
- This function check if the address is in SMRAM.
-
- @param Buffer the buffer address to be checked.
- @param Length the buffer length to be checked.
-
- @retval TRUE this address is in SMRAM.
- @retval FALSE this address is NOT in SMRAM.
-**/
-BOOLEAN
-InternalIsAddressInSmram (
- IN EFI_PHYSICAL_ADDRESS Buffer,
- IN UINT64 Length
- )
-{
- UINTN Index;
-
- for (Index = 0; Index < mSmramRangeCount; Index ++) {
- if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
- ((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
- return TRUE;
- }
- }
-
- return FALSE;
-}
-
-/**
- This function check if the address refered by Buffer and Length is valid.
-
- @param Buffer the buffer address to be checked.
- @param Length the buffer length to be checked.
-
- @retval TRUE this address is valid.
- @retval FALSE this address is NOT valid.
-**/
-BOOLEAN
-InternalIsAddressValid (
- IN UINTN Buffer,
- IN UINTN Length
- )
-{
- if (Buffer > (MAX_ADDRESS - Length)) {
- //
- // Overflow happen
- //
- return FALSE;
- }
- if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
- return FALSE;
- }
- return TRUE;
-}
-
-/**
Initializes a basic mutual exclusion lock.
This function initializes a basic mutual exclusion lock to the released state
@@ -550,7 +494,7 @@ SmmVariableHandler ( return EFI_SUCCESS;
}
- if (!InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) {
+ if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS;
}
@@ -742,7 +686,7 @@ SmmVariableHandler ( // It is covered by previous CommBuffer check
//
- if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
+ if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n"));
Status = EFI_ACCESS_DENIED;
goto EXIT;
@@ -961,8 +905,6 @@ VariableServiceInitialize ( EFI_STATUS Status;
EFI_HANDLE VariableHandle;
VOID *SmmFtwRegistration;
- EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
- UINTN Size;
VOID *SmmEndOfDxeRegistration;
//
@@ -991,28 +933,6 @@ VariableServiceInitialize ( );
ASSERT_EFI_ERROR (Status);
- //
- // Get SMRAM information
- //
- Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
- ASSERT_EFI_ERROR (Status);
-
- Size = 0;
- Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
- ASSERT (Status == EFI_BUFFER_TOO_SMALL);
-
- Status = gSmst->SmmAllocatePool (
- EfiRuntimeServicesData,
- Size,
- (VOID **)&mSmramRanges
- );
- ASSERT_EFI_ERROR (Status);
-
- Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
- ASSERT_EFI_ERROR (Status);
-
- mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
-
mVariableBufferPayloadSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) +
OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - sizeof (VARIABLE_HEADER);
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index 317f13c2a4..d415bdef42 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -75,6 +75,7 @@ HobLib
PcdLib
DevicePathLib
+ SmmMemLib
[Protocols]
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
|