diff options
Diffstat (limited to 'MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c')
| -rw-r--r-- | MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c | 208 |
1 files changed, 110 insertions, 98 deletions
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c index e50edb4ffc..da90f4fc6a 100644 --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c @@ -24,29 +24,27 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "VarCheckPolicyLib.h"
-//================================================
+// ================================================
// As a VarCheck library, we're linked into the VariableServices
// and may not be able to call them indirectly. To get around this,
// use the internal GetVariable function to query the variable store.
-//================================================
+// ================================================
EFI_STATUS
EFIAPI
VariableServiceGetVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- OUT UINT32 *Attributes OPTIONAL,
- IN OUT UINTN *DataSize,
- OUT VOID *Data
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ OUT UINT32 *Attributes OPTIONAL,
+ IN OUT UINTN *DataSize,
+ OUT VOID *Data
);
-
-UINT8 mSecurityEvalBuffer[VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE];
+UINT8 mSecurityEvalBuffer[VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE];
// Pagination Cache Variables
-UINT8 *mPaginationCache = NULL;
-UINTN mPaginationCacheSize = 0;
-UINT32 mCurrentPaginationCommand = 0;
-
+UINT8 *mPaginationCache = NULL;
+UINTN mPaginationCacheSize = 0;
+UINT32 mCurrentPaginationCommand = 0;
/**
MM Communication Handler to recieve commands from the DXE protocol for
@@ -68,27 +66,27 @@ STATIC EFI_STATUS
EFIAPI
VarCheckPolicyLibMmiHandler (
- IN EFI_HANDLE DispatchHandle,
- IN CONST VOID *RegisterContext,
- IN OUT VOID *CommBuffer,
- IN OUT UINTN *CommBufferSize
+ IN EFI_HANDLE DispatchHandle,
+ IN CONST VOID *RegisterContext,
+ IN OUT VOID *CommBuffer,
+ IN OUT UINTN *CommBufferSize
)
{
- UINTN InternalCommBufferSize;
- VOID *InternalCommBuffer;
- EFI_STATUS Status;
- EFI_STATUS SubCommandStatus;
- VAR_CHECK_POLICY_COMM_HEADER *PolicyCommmHeader;
- VAR_CHECK_POLICY_COMM_HEADER *InternalPolicyCommmHeader;
- VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *IsEnabledParams;
- VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsIn;
- VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsOut;
- UINT8 *DumpInputBuffer;
- UINT8 *DumpOutputBuffer;
- UINTN DumpTotalPages;
- VARIABLE_POLICY_ENTRY *PolicyEntry;
- UINTN ExpectedSize;
- UINT32 TempSize;
+ UINTN InternalCommBufferSize;
+ VOID *InternalCommBuffer;
+ EFI_STATUS Status;
+ EFI_STATUS SubCommandStatus;
+ VAR_CHECK_POLICY_COMM_HEADER *PolicyCommmHeader;
+ VAR_CHECK_POLICY_COMM_HEADER *InternalPolicyCommmHeader;
+ VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *IsEnabledParams;
+ VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsIn;
+ VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParamsOut;
+ UINT8 *DumpInputBuffer;
+ UINT8 *DumpOutputBuffer;
+ UINTN DumpTotalPages;
+ VARIABLE_POLICY_ENTRY *PolicyEntry;
+ UINTN ExpectedSize;
+ UINT32 TempSize;
Status = EFI_SUCCESS;
@@ -96,22 +94,25 @@ VarCheckPolicyLibMmiHandler ( // Validate some input parameters.
//
// If either of the pointers are NULL, we can't proceed.
- if (CommBuffer == NULL || CommBufferSize == NULL) {
- DEBUG(( DEBUG_INFO, "%a - Invalid comm buffer pointers!\n", __FUNCTION__ ));
+ if ((CommBuffer == NULL) || (CommBufferSize == NULL)) {
+ DEBUG ((DEBUG_INFO, "%a - Invalid comm buffer pointers!\n", __FUNCTION__));
return EFI_INVALID_PARAMETER;
}
+
// Make sure that the buffer does not overlap SMM.
// This should be covered by the SmiManage infrastructure, but just to be safe...
InternalCommBufferSize = *CommBufferSize;
- if (InternalCommBufferSize > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE ||
- !VarCheckPolicyIsBufferOutsideValid((UINTN)CommBuffer, (UINT64)InternalCommBufferSize)) {
+ if ((InternalCommBufferSize > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE) ||
+ !VarCheckPolicyIsBufferOutsideValid ((UINTN)CommBuffer, (UINT64)InternalCommBufferSize))
+ {
DEBUG ((DEBUG_ERROR, "%a - Invalid CommBuffer supplied! 0x%016lX[0x%016lX]\n", __FUNCTION__, CommBuffer, InternalCommBufferSize));
return EFI_INVALID_PARAMETER;
}
+
// If the size does not meet a minimum threshold, we cannot proceed.
- ExpectedSize = sizeof(VAR_CHECK_POLICY_COMM_HEADER);
+ ExpectedSize = sizeof (VAR_CHECK_POLICY_COMM_HEADER);
if (InternalCommBufferSize < ExpectedSize) {
- DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize ));
+ DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize));
return EFI_INVALID_PARAMETER;
}
@@ -120,13 +121,14 @@ VarCheckPolicyLibMmiHandler ( // without worrying about TOCTOU.
//
InternalCommBuffer = &mSecurityEvalBuffer[0];
- CopyMem(InternalCommBuffer, CommBuffer, InternalCommBufferSize);
- PolicyCommmHeader = CommBuffer;
+ CopyMem (InternalCommBuffer, CommBuffer, InternalCommBufferSize);
+ PolicyCommmHeader = CommBuffer;
InternalPolicyCommmHeader = InternalCommBuffer;
// Check the revision and the signature of the comm header.
- if (InternalPolicyCommmHeader->Signature != VAR_CHECK_POLICY_COMM_SIG ||
- InternalPolicyCommmHeader->Revision != VAR_CHECK_POLICY_COMM_REVISION) {
- DEBUG(( DEBUG_INFO, "%a - Signature or revision are incorrect!\n", __FUNCTION__ ));
+ if ((InternalPolicyCommmHeader->Signature != VAR_CHECK_POLICY_COMM_SIG) ||
+ (InternalPolicyCommmHeader->Revision != VAR_CHECK_POLICY_COMM_REVISION))
+ {
+ DEBUG ((DEBUG_INFO, "%a - Signature or revision are incorrect!\n", __FUNCTION__));
// We have verified the buffer is not null and have enough size to hold Result field.
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
return EFI_SUCCESS;
@@ -134,10 +136,10 @@ VarCheckPolicyLibMmiHandler ( // If we're in the middle of a paginated dump and any other command is sent,
// pagination cache must be cleared.
- if (mPaginationCache != NULL && InternalPolicyCommmHeader->Command != mCurrentPaginationCommand) {
+ if ((mPaginationCache != NULL) && (InternalPolicyCommmHeader->Command != mCurrentPaginationCommand)) {
FreePool (mPaginationCache);
- mPaginationCache = NULL;
- mPaginationCacheSize = 0;
+ mPaginationCache = NULL;
+ mPaginationCacheSize = 0;
mCurrentPaginationCommand = 0;
}
@@ -145,65 +147,66 @@ VarCheckPolicyLibMmiHandler ( // Now we can process the command as it was sent.
//
PolicyCommmHeader->Result = EFI_ABORTED; // Set a default return for incomplete commands.
- switch(InternalPolicyCommmHeader->Command) {
+ switch (InternalPolicyCommmHeader->Command) {
case VAR_CHECK_POLICY_COMMAND_DISABLE:
- PolicyCommmHeader->Result = DisableVariablePolicy();
+ PolicyCommmHeader->Result = DisableVariablePolicy ();
break;
case VAR_CHECK_POLICY_COMMAND_IS_ENABLED:
// Make sure that we're dealing with a reasonable size.
// This add should be safe because these are fixed sizes so far.
- ExpectedSize += sizeof(VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS);
+ ExpectedSize += sizeof (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS);
if (InternalCommBufferSize < ExpectedSize) {
- DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize ));
+ DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
break;
}
// Now that we know we've got a valid size, we can fill in the rest of the data.
- IsEnabledParams = (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS*)((UINT8*)CommBuffer + sizeof(VAR_CHECK_POLICY_COMM_HEADER));
- IsEnabledParams->State = IsVariablePolicyEnabled();
+ IsEnabledParams = (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *)((UINT8 *)CommBuffer + sizeof (VAR_CHECK_POLICY_COMM_HEADER));
+ IsEnabledParams->State = IsVariablePolicyEnabled ();
PolicyCommmHeader->Result = EFI_SUCCESS;
break;
case VAR_CHECK_POLICY_COMMAND_REGISTER:
// Make sure that we're dealing with a reasonable size.
// This add should be safe because these are fixed sizes so far.
- ExpectedSize += sizeof(VARIABLE_POLICY_ENTRY);
+ ExpectedSize += sizeof (VARIABLE_POLICY_ENTRY);
if (InternalCommBufferSize < ExpectedSize) {
- DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize ));
+ DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
break;
}
// At the very least, we can assume that we're working with a valid policy entry.
// Time to compare its internal size.
- PolicyEntry = (VARIABLE_POLICY_ENTRY*)((UINT8*)InternalCommBuffer + sizeof(VAR_CHECK_POLICY_COMM_HEADER));
- if (PolicyEntry->Version != VARIABLE_POLICY_ENTRY_REVISION ||
- PolicyEntry->Size < sizeof(VARIABLE_POLICY_ENTRY) ||
- EFI_ERROR(SafeUintnAdd(sizeof(VAR_CHECK_POLICY_COMM_HEADER), PolicyEntry->Size, &ExpectedSize)) ||
- InternalCommBufferSize < ExpectedSize) {
- DEBUG(( DEBUG_INFO, "%a - Bad policy entry contents!\n", __FUNCTION__ ));
+ PolicyEntry = (VARIABLE_POLICY_ENTRY *)((UINT8 *)InternalCommBuffer + sizeof (VAR_CHECK_POLICY_COMM_HEADER));
+ if ((PolicyEntry->Version != VARIABLE_POLICY_ENTRY_REVISION) ||
+ (PolicyEntry->Size < sizeof (VARIABLE_POLICY_ENTRY)) ||
+ EFI_ERROR (SafeUintnAdd (sizeof (VAR_CHECK_POLICY_COMM_HEADER), PolicyEntry->Size, &ExpectedSize)) ||
+ (InternalCommBufferSize < ExpectedSize))
+ {
+ DEBUG ((DEBUG_INFO, "%a - Bad policy entry contents!\n", __FUNCTION__));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
break;
}
- PolicyCommmHeader->Result = RegisterVariablePolicy( PolicyEntry );
+ PolicyCommmHeader->Result = RegisterVariablePolicy (PolicyEntry);
break;
case VAR_CHECK_POLICY_COMMAND_DUMP:
// Make sure that we're dealing with a reasonable size.
// This add should be safe because these are fixed sizes so far.
- ExpectedSize += sizeof(VAR_CHECK_POLICY_COMM_DUMP_PARAMS) + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
+ ExpectedSize += sizeof (VAR_CHECK_POLICY_COMM_DUMP_PARAMS) + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
if (InternalCommBufferSize < ExpectedSize) {
- DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize ));
+ DEBUG ((DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", __FUNCTION__, InternalCommBufferSize, ExpectedSize));
PolicyCommmHeader->Result = EFI_INVALID_PARAMETER;
break;
}
// Now that we know we've got a valid size, we can fill in the rest of the data.
- DumpParamsIn = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS*)(InternalPolicyCommmHeader + 1);
- DumpParamsOut = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS*)(PolicyCommmHeader + 1);
+ DumpParamsIn = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(InternalPolicyCommmHeader + 1);
+ DumpParamsOut = (VAR_CHECK_POLICY_COMM_DUMP_PARAMS *)(PolicyCommmHeader + 1);
// If we're requesting the first page, initialize the cache and get the sizes.
if (DumpParamsIn->PageRequested == 0) {
@@ -214,15 +217,15 @@ VarCheckPolicyLibMmiHandler ( // Determine what the required size is going to be.
DumpParamsOut->TotalSize = 0;
- DumpParamsOut->PageSize = 0;
- DumpParamsOut->HasMore = FALSE;
- TempSize = 0;
- SubCommandStatus = DumpVariablePolicy (NULL, &TempSize);
- if (SubCommandStatus == EFI_BUFFER_TOO_SMALL && TempSize > 0) {
+ DumpParamsOut->PageSize = 0;
+ DumpParamsOut->HasMore = FALSE;
+ TempSize = 0;
+ SubCommandStatus = DumpVariablePolicy (NULL, &TempSize);
+ if ((SubCommandStatus == EFI_BUFFER_TOO_SMALL) && (TempSize > 0)) {
mCurrentPaginationCommand = VAR_CHECK_POLICY_COMMAND_DUMP;
- mPaginationCacheSize = TempSize;
- DumpParamsOut->TotalSize = TempSize;
- mPaginationCache = AllocatePool (mPaginationCacheSize);
+ mPaginationCacheSize = TempSize;
+ DumpParamsOut->TotalSize = TempSize;
+ mPaginationCache = AllocatePool (mPaginationCacheSize);
if (mPaginationCache == NULL) {
SubCommandStatus = EFI_OUT_OF_RESOURCES;
}
@@ -234,39 +237,41 @@ VarCheckPolicyLibMmiHandler ( }
// Populate the remaining fields and we can boogie.
- if (!EFI_ERROR (SubCommandStatus) && mPaginationCache != NULL) {
+ if (!EFI_ERROR (SubCommandStatus) && (mPaginationCache != NULL)) {
DumpParamsOut->HasMore = TRUE;
}
} else if (mPaginationCache != NULL) {
DumpParamsOut->TotalSize = (UINT32)mPaginationCacheSize;
- DumpOutputBuffer = (UINT8*)(DumpParamsOut + 1);
+ DumpOutputBuffer = (UINT8 *)(DumpParamsOut + 1);
// Make sure that we don't over-index the cache.
DumpTotalPages = mPaginationCacheSize / VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
if (mPaginationCacheSize % VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE != 0) {
DumpTotalPages++;
}
+
if (DumpParamsIn->PageRequested > DumpTotalPages) {
SubCommandStatus = EFI_INVALID_PARAMETER;
} else {
// Figure out how far into the page cache we need to go for our next page.
// We know the blind subtraction won't be bad because we already checked for page 0.
DumpInputBuffer = &mPaginationCache[VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE * (DumpParamsIn->PageRequested - 1)];
- TempSize = VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
+ TempSize = VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
// If we're getting the last page, adjust the PageSize.
if (DumpParamsIn->PageRequested == DumpTotalPages) {
TempSize = mPaginationCacheSize % VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE;
}
+
CopyMem (DumpOutputBuffer, DumpInputBuffer, TempSize);
DumpParamsOut->PageSize = TempSize;
// If we just got the last page, settle up the cache.
if (DumpParamsIn->PageRequested == DumpTotalPages) {
DumpParamsOut->HasMore = FALSE;
FreePool (mPaginationCache);
- mPaginationCache = NULL;
- mPaginationCacheSize = 0;
+ mPaginationCache = NULL;
+ mPaginationCacheSize = 0;
mCurrentPaginationCommand = 0;
- // Otherwise, we could do more here.
+ // Otherwise, we could do more here.
} else {
DumpParamsOut->HasMore = TRUE;
}
@@ -274,12 +279,13 @@ VarCheckPolicyLibMmiHandler ( // If we made it this far, we're basically good.
SubCommandStatus = EFI_SUCCESS;
}
- // If we've requested any other page than 0 and the cache is empty, we must have timed out.
+
+ // If we've requested any other page than 0 and the cache is empty, we must have timed out.
} else {
DumpParamsOut->TotalSize = 0;
- DumpParamsOut->PageSize = 0;
- DumpParamsOut->HasMore = FALSE;
- SubCommandStatus = EFI_TIMEOUT;
+ DumpParamsOut->PageSize = 0;
+ DumpParamsOut->HasMore = FALSE;
+ SubCommandStatus = EFI_TIMEOUT;
}
// There's currently no use for this, but it shouldn't be hard to implement.
@@ -287,23 +293,27 @@ VarCheckPolicyLibMmiHandler ( break;
case VAR_CHECK_POLICY_COMMAND_LOCK:
- PolicyCommmHeader->Result = LockVariablePolicy();
+ PolicyCommmHeader->Result = LockVariablePolicy ();
break;
default:
// Mark unknown requested command as EFI_UNSUPPORTED.
- DEBUG(( DEBUG_INFO, "%a - Invalid command requested! %d\n", __FUNCTION__, PolicyCommmHeader->Command ));
+ DEBUG ((DEBUG_INFO, "%a - Invalid command requested! %d\n", __FUNCTION__, PolicyCommmHeader->Command));
PolicyCommmHeader->Result = EFI_UNSUPPORTED;
break;
}
- DEBUG(( DEBUG_VERBOSE, "%a - Command %d returning %r.\n", __FUNCTION__,
- PolicyCommmHeader->Command, PolicyCommmHeader->Result ));
+ DEBUG ((
+ DEBUG_VERBOSE,
+ "%a - Command %d returning %r.\n",
+ __FUNCTION__,
+ PolicyCommmHeader->Command,
+ PolicyCommmHeader->Result
+ ));
return Status;
}
-
/**
Constructor function of VarCheckPolicyLib to register VarCheck handler and
SW MMI handlers.
@@ -317,28 +327,30 @@ VarCheckPolicyLibCommonConstructor ( VOID
)
{
- EFI_STATUS Status;
- EFI_HANDLE DiscardedHandle;
+ EFI_STATUS Status;
+ EFI_HANDLE DiscardedHandle;
// Initialize the business logic with the internal GetVariable handler.
- Status = InitVariablePolicyLib( VariableServiceGetVariable );
+ Status = InitVariablePolicyLib (VariableServiceGetVariable);
// Only proceed with init if the business logic could be initialized.
- if (!EFI_ERROR( Status )) {
+ if (!EFI_ERROR (Status)) {
// Register the VarCheck handler for SetVariable filtering.
// Forward the check to the business logic of the library.
- VarCheckLibRegisterSetVariableCheckHandler( ValidateSetVariable );
+ VarCheckLibRegisterSetVariableCheckHandler (ValidateSetVariable);
// Register the MMI handlers for receiving policy commands.
DiscardedHandle = NULL;
- Status = gMmst->MmiHandlerRegister( VarCheckPolicyLibMmiHandler,
- &gVarCheckPolicyLibMmiHandlerGuid,
- &DiscardedHandle );
+ Status = gMmst->MmiHandlerRegister (
+ VarCheckPolicyLibMmiHandler,
+ &gVarCheckPolicyLibMmiHandlerGuid,
+ &DiscardedHandle
+ );
}
// Otherwise, there's not much we can do.
else {
- DEBUG(( DEBUG_ERROR, "%a - Cannot Initialize VariablePolicyLib! %r\n", __FUNCTION__, Status ));
- ASSERT_EFI_ERROR( Status );
+ DEBUG ((DEBUG_ERROR, "%a - Cannot Initialize VariablePolicyLib! %r\n", __FUNCTION__, Status));
+ ASSERT_EFI_ERROR (Status);
}
return Status;
|