diff options
7 files changed, 98 insertions, 0 deletions
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c new file mode 100644 index 0000000000..0f64ee093b --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c @@ -0,0 +1,31 @@ +/** @file
+ Serialize operation on all load-from-memory instructions (DXE version).
+
+Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Variable.h"
+
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ )
+{
+ //
+ // Do nothing.
+ //
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c new file mode 100644 index 0000000000..4b0d7e3e95 --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c @@ -0,0 +1,30 @@ +/** @file
+ Serialize operation on all load-from-memory instructions (SMM version).
+
+Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include "Variable.h"
+
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ )
+{
+ AsmLfence ();
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index c5ca70b714..f6b4dc471f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3201,6 +3201,12 @@ VariableServiceSetVariable ( ((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->AuthInfo.Hdr.dwLength < OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
return EFI_SECURITY_VIOLATION;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the above sanity check
+ // for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
+ // before the execution of subsequent codes.
+ //
+ MemoryLoadFence ();
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
} else {
PayloadSize = DataSize;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h index 55df13191b..0b2a1a8887 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h @@ -899,4 +899,15 @@ VariableExLibAtRuntime ( VOID
);
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ );
+
#endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index bc24a251c8..83c2b615e5 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -45,6 +45,7 @@ TcgMorLockDxe.c
VarCheck.c
VariableExLib.c
+ LoadFenceDxe.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index 2184634f35..1e359bde4f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -537,6 +537,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -631,6 +637,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -765,6 +777,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf index ccfb6fc740..f3559fe49d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf @@ -53,6 +53,7 @@ Variable.h
VariableExLib.c
TcgMorLockSmm.c
+ LoadFenceSmm.c
[Packages]
MdePkg/MdePkg.dec
|