From 60c944c7d63978eee337f52af360ca5d807c11b6 Mon Sep 17 00:00:00 2001 From: "Dong, Guo" Date: Thu, 28 Aug 2014 05:31:09 +0000 Subject: SecurityPkg: INF/DEC file updates to EDK II packages 1. Usage information in INF file comment blocks are either incomplete or incorrect. This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes. The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo Reviewed-by: Gao, Liming git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524 --- .../EsalVariableDxeSal/EsalVariableDxeSal.inf | 53 ++++++---- .../VariableAuthenticated/Pei/VariablePei.inf | 24 +++-- .../RuntimeDxe/VariableRuntimeDxe.inf | 109 ++++++++++++++------- .../RuntimeDxe/VariableSmm.inf | 105 ++++++++++++++------ .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 50 +++++++--- .../SecureBootConfigDxe/SecureBootConfigDxe.inf | 71 ++++++++++---- 6 files changed, 284 insertions(+), 128 deletions(-) (limited to 'SecurityPkg/VariableAuthenticated') diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf index f6eece98d7..16caa30dad 100644 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf +++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf @@ -1,8 +1,10 @@ ## @file -# Component description file for Extended SAL authentication variable -# service module. +# Provides authenticated variable service for IPF platform # -# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+# This module installs variable arch protocol and variable write arch protocol to provide +# four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. +# +# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -15,6 +17,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = EsalVariableDxeSal + MODULE_UNI_FILE = EsalVariableDxeSal.uni FILE_GUID = 14610837-4E97-4427-96E0-21D9B2956996 MODULE_TYPE = DXE_SAL_DRIVER VERSION_STRING = 1.0 @@ -60,27 +63,43 @@ HobLib [Protocols] - gEfiFirmwareVolumeBlockProtocolGuid # PROTOCOL SOMETIMES_CONSUMED - gEfiFaultTolerantWriteProtocolGuid # PROTOCOL SOMETIMES_CONSUMED + gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES + gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES [Guids] + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" gEfiGlobalVariableGuid + + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + ## SOMETIMES_PRODUCES ## SystemTable gEfiAuthenticatedVariableGuid - gEfiEventVirtualAddressChangeGuid - gEfiCertRsa2048Sha256Guid + + gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event + gEfiCertRsa2048Sha256Guid ## CONSUMES ## GUID # Unique ID for the format of the CertType. + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid [Pcd.common] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize - + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES + [FeaturePcd.common] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. [Depex] - gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid - + gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid + +[UserExtensions.TianoCore."ExtraFiles"] + EsalVariableDxeSalExtra.uni \ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf b/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf index 002bb04df4..fa0b5e9876 100644 --- a/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf +++ b/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf @@ -1,5 +1,6 @@ ## @file -# The component description for PEI variable driver. +# Implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI +# This module implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI. # # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -14,6 +15,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = PeiVariableAuth + MODULE_UNI_FILE = PeiVariableAuth.uni FILE_GUID = B1F7AF2F-2807-478c-A893-2BF4DDD1F62B MODULE_TYPE = PEIM VERSION_STRING = 1.0 @@ -44,24 +46,28 @@ PeiServicesLib [Guids] + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB gEfiAuthenticatedVariableGuid + ## SOMETIMES_PRODUCES ## HOB + ## SOMETIMES_CONSUMES ## HOB gEfiVariableIndexTableGuid - gEfiSystemNvDataFvGuid - gEdkiiFaultTolerantWriteGuid + gEfiSystemNvDataFvGuid ## SOMETIMES_CONSUMES ## GUID + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB [Ppis] - gEfiPeiReadOnlyVariable2PpiGuid ## PRODUCES + gEfiPeiReadOnlyVariable2PpiGuid ## PRODUCES [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES [Depex] gEdkiiFaultTolerantWriteGuid -# -# [BootMode] -# RECOVERY ## CONSUMES -# +# [BootMode] +# RECOVERY_FULL ## SOMETIMES_CONSUMES +[UserExtensions.TianoCore."ExtraFiles"] + PeiVariableExtra.uni \ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf index 41e85c0156..593c906085 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf @@ -1,10 +1,13 @@ ## @file -# Component description file for Authenticated Variable module. +# Provides authenticated variable service +# +# This module installs variable arch protocol and variable write arch protocol to provide +# variable services: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -19,6 +22,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthRuntimeDxe + MODULE_UNI_FILE = VariableAuthRuntimeDxe.uni FILE_GUID = 2226F30F-3D5B-402d-9936-A97184EB4516 MODULE_TYPE = DXE_RUNTIME_DRIVER VERSION_STRING = 1.0 @@ -65,51 +69,82 @@ TpmMeasurementLib [Protocols] - gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES - gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES - gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES + gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES + ## CONSUMES + ## NOTIFY + gEfiFaultTolerantWriteProtocolGuid + gEfiVariableWriteArchProtocolGuid ## PRODUCES + gEfiVariableArchProtocolGuid ## PRODUCES + gEdkiiVariableLockProtocolGuid ## PRODUCES + [Guids] - gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event - gEfiCertTypeRsa2048Sha256Guid + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + ## SOMETIMES_PRODUCES ## SystemTable + gEfiAuthenticatedVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" + ## SOMETIMES_CONSUMES ## Variable:L"Lang" + ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## CONSUMES ## Variable:L"SecureBoot" + ## PRODUCES ## Variable:L"SecureBoot" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"VendorKeys" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid - gEfiCertX509Guid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid + + ## CONSUMES ## Variable:L"SecureBootEnable" + ## PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## CONSUMES ## Variable:L"CustomMode" + ## PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - gEfiVendorKeysNvGuid - gEfiSystemNvDataFvGuid ## CONSUMES + + ## CONSUMES ## Variable:L"certdb" + ## PRODUCES ## Variable:L"certdb" gEfiCertDbGuid - gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES - gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event - gEdkiiFaultTolerantWriteGuid ## CONSUMES + + ## CONSUMES ## Variable:L"VendorKeysNv" + ## PRODUCES ## Variable:L"VendorKeysNv" + gEfiVendorKeysNvGuid + + gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event + gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. + gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. + gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + gEfiSystemNvDataFvGuid ## CONSUMES ## GUID + gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####" + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. - gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang [Depex] TRUE -# [Event] -# ## -# # Event will be signaled for VIRTUAL_ADDRESS_CHANGE event. -# # -# EVENT_TYPE_NOTIFY_SIGNAL ## PRODUCES -# -# - +[UserExtensions.TianoCore."ExtraFiles"] + VariableRuntimeDxeExtra.uni diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index 0e3fc514b4..279a9248e2 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -1,18 +1,18 @@ ## @file -# Component description file for SMM Authenticated Variable module. +# Provides SMM authenticated variable service # # This module installs SMM variable protocol into SMM protocol database, # which can be used by SMM driver, and installs SMM variable protocol # into BS protocol database, which can be used to notify the SMM Runtime # Dxe driver that the SMM variable service is ready. # This module should be used with SMM Runtime DXE module together. The -# SMM Runtime DXE module would install variable arch protocol and variable +# SMM Runtime DXE module installs variable arch protocol and variable # write arch protocol based on SMM variable module. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data and communicate buffer in SMM mode. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -27,6 +27,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthSmm + MODULE_UNI_FILE = VariableAuthSmm.uni FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211 MODULE_TYPE = DXE_SMM_DRIVER VERSION_STRING = 1.0 @@ -69,43 +70,83 @@ HobLib [Protocols] - gEfiSmmFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmVariableProtocolGuid ## ALWAYS_PRODUCES - gEfiSmmFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmAccess2ProtocolGuid ## ALWAYS_CONSUMES - gEfiSmmEndOfDxeProtocolGuid ## ALWAYS_CONSUMES + gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES + gEfiSmmAccess2ProtocolGuid ## CONSUMES + + ## PRODUCES + ## UNDEFINED # SmiHandlerRegister + gEfiSmmVariableProtocolGuid + + ## CONSUMES + ## NOTIFY + gEfiSmmFaultTolerantWriteProtocolGuid + gEfiSmmEndOfDxeProtocolGuid ## NOTIFY [Guids] - gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid - gEfiCertTypeRsa2048Sha256Guid + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + gEfiAuthenticatedVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" + ## SOMETIMES_CONSUMES ## Variable:L"Lang" + ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## CONSUMES ## Variable:L"SecureBoot" + ## PRODUCES ## Variable:L"SecureBoot" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"VendorKeys" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid - gEfiCertX509Guid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid + + ## CONSUMES ## Variable:L"SecureBootEnable" + ## PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## CONSUMES ## Variable:L"CustomMode" + ## PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - gEfiVendorKeysNvGuid - gEfiSystemNvDataFvGuid ## CONSUMES + + ## CONSUMES ## Variable:L"certdb" + ## PRODUCES ## Variable:L"certdb" gEfiCertDbGuid - gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES - gEdkiiFaultTolerantWriteGuid ## CONSUMES + ## CONSUMES ## Variable:L"VendorKeysNv" + ## PRODUCES ## Variable:L"VendorKeysNv" + gEfiVendorKeysNvGuid + + gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + gEfiSystemNvDataFvGuid ## CONSUMES ## GUID + gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####" + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB + [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize - + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES + [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. - gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang [Depex] TRUE - - + +[UserExtensions.TianoCore."ExtraFiles"] + VariableSmmExtra.uni \ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf index 5dd932d6d3..f0dfa89810 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -1,14 +1,13 @@ ## @file -# Component description file for Authenticated Variable SmmRuntimeDxe module. +# Runtime DXE part corresponding to SMM authenticated variable module # -# This module is the Runtime DXE part correspond to SMM variable module. It -# installs variable arch protocol and variable write arch protocol and works -# with SMM variable module together. +# This module installs variable arch protocol and variable write arch protocol to provide +# variable service. This module need work together with SMM authenticated variable module. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -23,6 +22,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthSmmRuntimeDxe + MODULE_UNI_FILE = VariableAuthSmmRuntimeDxe.uni FILE_GUID = 067E2381-7234-4798-B49C-D5FECBFF6D07 MODULE_TYPE = DXE_RUNTIME_DRIVER VERSION_STRING = 1.0 @@ -57,21 +57,41 @@ TpmMeasurementLib [Protocols] - gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES - gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES - gEfiSmmCommunicationProtocolGuid + gEfiVariableWriteArchProtocolGuid ## PRODUCES + gEfiVariableArchProtocolGuid ## PRODUCES + gEfiSmmCommunicationProtocolGuid ## CONSUMES + gEdkiiVariableLockProtocolGuid ## PRODUCES + + ## CONSUMES + ## NOTIFY + ## UNDEFINED # Used to do smm communication gEfiSmmVariableProtocolGuid - gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES [Guids] - gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event + gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event + gEfiEventExitBootServicesGuid ## CONSUMES ## Event + + ## CONSUMES ## UNDEFINED # Locate protocol + ## CONSUMES ## UNDEFINED # Protocol notify gSmmVariableWriteGuid + + + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## CONSUMES + [Depex] gEfiSmmCommunicationProtocolGuid + +[UserExtensions.TianoCore."ExtraFiles"] + VariableSmmRuntimeDxeExtra.uni diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf index 071ca30338..e6d21f5e69 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -1,7 +1,8 @@ ## @file -# Component name for SecureBoot configuration module. +# Provides the capbility to configure secure boot in a setup browser +# By this module, user may change the content of DB, DBX, PK and KEK. # -# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -14,6 +15,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = SecureBootConfigDxe + MODULE_UNI_FILE = SecureBootConfigDxe.uni FILE_GUID = F0E6A44F-7195-41c3-AC64-54F202CD0A21 MODULE_TYPE = DXE_DRIVER VERSION_STRING = 1.0 @@ -57,31 +59,64 @@ DevicePathLib [Guids] - gEfiIfrTianoGuid + ## SOMETIMES_CONSUMES ## Variable:L"CustomMode" + ## SOMETIMES_PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"SecureBootEnable" + ## SOMETIMES_PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + gEfiCertRsa2048Guid + + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + gEfiCertX509Guid + + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + gEfiCertSha1Guid + + ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature. + gEfiCertSha256Guid + + ## SOMETIMES_CONSUMES ## Variable:L"db" + ## SOMETIMES_PRODUCES ## Variable:L"db" + ## SOMETIMES_CONSUMES ## Variable:L"dbx" + ## SOMETIMES_PRODUCES ## Variable:L"dbx" + gEfiImageSecurityDatabaseGuid + + ## SOMETIMES_CONSUMES ## Variable:L"SetupMode" + ## SOMETIMES_PRODUCES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## SOMETIMES_PRODUCES ## Variable:L"KEK" + ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" + gEfiGlobalVariableGuid + + gEfiIfrTianoGuid ## PRODUCES ## GUID # HII opcode + ## PRODUCES ## HII + ## CONSUMES ## HII gSecureBootConfigFormSetGuid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid ## CONSUMES - gEfiCertX509Guid ## CONSUMES - gEfiCertSha1Guid ## CONSUMES - gEfiCertSha256Guid ## CONSUMES - gEfiCertTypeRsa2048Sha256Guid ## CONSUMES - gEfiImageSecurityDatabaseGuid ## CONSUMES - gEfiFileSystemVolumeLabelInfoIdGuid ## CONSUMES - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gEfiFileInfoGuid ## CONSUMES ## GUID + gEfiCertPkcs7Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate. + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. + gEfiFileSystemVolumeLabelInfoIdGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type + gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type [Protocols] gEfiHiiConfigAccessProtocolGuid ## PRODUCES - gEfiHiiConfigRoutingProtocolGuid ## CONSUMES - gEfiSimpleFileSystemProtocolGuid ## PROTOCOL CONSUMES - gEfiLoadFileProtocolGuid ## PROTOCOL CONSUMES - gEfiBlockIoProtocolGuid ## PROTOCOL CONSUMES - gEfiDevicePathProtocolGuid ## PROTOCOL CONSUMES + gEfiDevicePathProtocolGuid ## PRODUCES + gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES + gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES [Depex] gEfiHiiConfigRoutingProtocolGuid AND gEfiHiiDatabaseProtocolGuid AND gEfiVariableArchProtocolGuid AND gEfiVariableWriteArchProtocolGuid + +[UserExtensions.TianoCore."ExtraFiles"] + SecureBootConfigDxeExtra.uni + \ No newline at end of file -- cgit v1.2.3