| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Running Codeql on MdeModulePkg/Universal/Variable drivers results
in codeql errors stemming for the following two checks.
- cpp/comparison-with-wider-type
- cpp/overflow-buffer
- cpp/missing-null-test
Signed-off-by: Aaron Pop <aaronpop@microsoft.com>
Co-authored-by: Michael Kubacki <michael.kubacki@microsoft.com>
Co-authored-by: Taylor Beebe <tabeebe@microsoft.com>
Co-authored-by: pohanch <125842322+pohanch@users.noreply.github.com>
Co-authored-by: kenlautner <85201046+kenlautner@users.noreply.github.com>
Co-authored-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Co-authored-by: Sean Brogan <sean.brogan@microsoft.com>
Co-authored-by: Aaron <aaronpop@microsoft>
|
|
As MM cores start to support MM communciate v3. This change moves the
variable driver to use MM communicate v3 if it is available, otherwise the
driver will fallback to v2 to keep the same functionality.
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
|
|
functin -> function
Signed-off-by: Gao Qihang <gaoqihang@loongson.cn>
|
|
On a MM system, the main UEFI variable logic resides in MMRAM. In
that case, the variable policy logic in `VarCheckPolicyLib`, such as
`VarCheckPolicyLibStandaloneMm` is linked against the MM driver also
in that case `VariableStandaloneMm`.
The MM variable driver indicates its presence to the RT DXE driver
via `gEfiSmmVariableProtocolGuid` to indicate variable read support
is available from MM. This triggers installation of the variable
architectural protocol in DXE.
Today, variable policy is initialized by calling
`VariablePolicySmmDxeMain()` in `VariableSmmRuntimeInitialize()`. In
turn, this installs `gEdkiiVariablePolicyProtocolGuid`. Functions in
`gEdkiiVariablePolicyProtocolGuid` may trigger MMIs. However, it is
possible that the MM variable driver which is linked against the code
with the variable policy MMI handlers (i.e. `VarCheckPolicyLib`) is
not loaded yet.
Therefore, this change moves invocation of
`VariablePolicySmmDxeMain()` to `SmmVariableReady()` which is called
on installation of `gEfiSmmVariableProtocolGuid` indicating variable
MM services are ready. `gEdkiiVariablePolicyProtocolGuid` is still
installed prior to the variable architectural protocol being
installed.
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
|
|
If we search the codebase for &gEdkiiVariablePolicyProtocolGuid
we can find two drivers which install this policy:
VariableRuntimeDxe (installed in VariableDxe.c) and
VariableSmmRuntimeDxe (installed in VariablePolicySmmDxe.c).
The .inf file for VariableRuntimeDxe incorrectly lists the protocol
as CONSUMES in the comment, so change this to PRODUCES.
Signed-off-by: Mike Beaton <mjsbeaton@gmail.com>
|
|
In Standalone MM, there is no notification to MM drivers that variable
write is ready. Install gSmmVariableWriteGuid into MM handle database
for the notification.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
According to TCG's Platform Reset Attack Mitigation spec, the OS should
never create the MOR variable, only read and write it.
But some OSes (Fedora 24 and 25) don't follow the TCG's Platform Reset
Attack Mitigation spec and unintentionally create MOR variable.
The commit fda8f631edbbf3823760542a06f12bd60fd39181 added function
VariableHaveTcgProtocols() to check against Tcg/Tcg2 protocol to infer
whether the MOR variable is created by platform firmware or not. If not,
delete the variable created by OS and lock the variable to avoid OS to
create it.
But in VariableStandaloneMm, VariableHaveTcgProtocols() always returns
FALSE, it causes TCG MOR secure feature does not work in standalone MM
environment.
As Fedora 24 and 25 are EOL today, directly returns TRUE in the function
VariableHaveTcgProtocols() for VariableStandaloneMm, and rename the
function to VariableIsMorVariableLegitimate() to make it more obvious
what the narrow use-case is for which it exists.
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
|
|
VariableSmmIsBufferOutsideSmmValid function is to check the buffer
is outside SMM or not. This patch fix the issue that always return
true for MM.
Meanwhile, this patch renames VariableSmmIsBufferOutsideSmmValid
to VariableSmmIsNonPrimaryBufferValid.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
Add a new function (VariableSmmIsPrimaryBufferValid) to check
Primary Buffer valid or not.
original function (VariableSmmIsBufferOutsideSmmValid) is used to
check the buffer outside MMRAM.
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Hongbin1 Zhang <hongbin1.zhang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
Cc: Dun Tan <dun.tan@intel.com>
Cc: Yuanhao Xie <yuanhao.xie@intel.com>
|
|
Add global variable mVariableRtCacheInfo to save the
content in gEdkiiVariableRuntimeCacheInfoHobGuid. With
this new global variable, 7 global variables can be
removed.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Refine the code logic in InitVariableCache().
In this commit, three times calling of
InitVariableCache() for different type cache are
merged into one calling. This commit is to make
the code looks cleaner and doesn't change any
code functionality.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Remove the usage of PcdEnableVariableRuntimeCache. We can
use the existence of gEdkiiVariableRuntimeCacheInfoHobGuid
to indicate if variable runtime cache is enabled or not.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Consume gEdkiiVariableRuntimeCacheInfoHobGuid in
VariableSmmRuntimeDxe driver to initialize the following
variable cache related buffer:
*mVariableRuntimeHobCacheBuffer
*mVariableRuntimeNvCacheBuffer
*mVariableRuntimeVolatileCacheBuffer
*mVariableRuntimeCachePendingUpdate
*mVariableRuntimeCacheReadLock
*mHobFlushComplete
The code to to allocate
and unblock the buffer for
different type cache in VariableSmmRuntimeDxe is also
removed in this commit.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Remove unneed FreePages() for RuntimeHobCacheBuffer which is
allocated in PEI phase.
So the global variable mVariableRuntimeHobCacheBufferSize
also can be removed.
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Remove the two unnecessary global variables and
replace them by two local variables:
mVariableRuntimeNvCacheBufferSize
mVariableRuntimeVolatileCacheBufferSize
Signed-off-by: Dun Tan <dun.tan@intel.com>
|
|
Emit a DEBUG_WARN message if there is not enough flash space left to
write/update a variable. This condition is currently not logged
appropriately in all cases, given that full variable store can easily
render the system unbootable.
This new message helps identifying this condition.
Signed-off-by: Oliver Steffen <osteffen@redhat.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Gerd Hoffmann <kraxel@redhat.com>
|
|
Add EV_EFI_SPDM_DEVICE_POLICY support for MeasureVariable.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
|
RuntimeDxe is used to back the runtime services time functions,
so align the description of the function return values with the
defined values for these services as described in UEFI Spec 2.10.
REF: UEFI spec 2.10 section 8 Services ? Runtime Services
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Suqiang Ren <suqiangx.ren@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=4597
When creating a new variable, skip marking VAR_HEADER_VALID_ONLY so that
variable header + data update can be merged into one flash write. This
will greatly reduce the time taken for updating a variable and thus
increase performance. Removing VAR_HEADER_VALID_ONLY marking doesn't
have any function impact since it's not used by current code to detect
variable header + data corruption.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Gao Cheng <gao.cheng@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
Introduces two new APIs to EDKII_VARIABLE_POLICY_PROTOCOL:
1. GetVariablePolicyInfo()
2. GetLockOnVariableStateVariablePolicyInfo()
These allow a caller to retrieve policy information associated with
a UEFI variable given the variable name and vendor GUID.
GetVariablePolicyInfo() - Returns the variable policy applied to the
UEFI variable. If the variable policy is applied toward an individual
UEFI variable, that name can optionally be returned.
GetLockOnVariableStateVariablePolicyInfo() - Returns the Lock on
Variable State policy applied to the UEFI variable. If the Lock on
Variable State policy is applied to a specific variable name, that
name can optionally be returned.
These functions can be useful for a variety of purposes such as
auditing, testing, and functional flows.
Also fixed some variable name typos in code touched by the changes.
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Message-Id: <20231030203112.736-2-mikuback@linux.microsoft.com>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4410
Inside TcgMorLockSmm.c, the SetVariableCheckHandlerMorLock() function
contains a scenario to prevent a possible dictionary attack on the MorLock
Key in accordance with the TCG Platform Reset Mitigation Spec v1.10.
The mechanism to prevent this attack must also change the MorLock Variable
Value to 0x01 to indicate Locked Without Key.
ASSERT_EFI_ERROR is added for error visibility since SetMorLockVariable
returns a status code
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Abhi Singh <Abhi.Singh@arm.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
__FUNCTION__ is a pre-standard extension that gcc and Visual C++ among
others support, while __func__ was standardized in C99.
Since it's more standard, replace __FUNCTION__ with __func__ throughout
MdeModulePkg.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
|
|
Update MdeModulePkg host-based unit test INF files to only list
VALID_ARCHITECTURES of IA32 and X64 to align with all other
host-based unit test INF files. The UnitTestFrameworkPkg only
provides build support of host-based unit tests to OS applications
for IA32 and X64.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4341
Commit 21320ef66989 broke some tests in the AuthVar_Conf test
in edk2-test. There are 2 testcases that invoke SetVariable
with the following attribute value:
(EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS)
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and the UEFI spec
says this should return EFI_UNSUPPORTED.
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Sunny Wang <Sunny.Wang@arm.com>
Signed-off-by: Stuart Yoder <stuart.yoder@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3479
Updates VariableRuntimeDxe, VariableSmm, and VariableStandaloneMm
to acquire variable flash information from the Variable Flash
Information library.
Note: This introduces a dependency on VariableFlashInfoLib in these
modules. Therefore, a platform building the variable modules must
specify an instance of VariableFlashInfoLib in their platform build.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3709
In EDKII implementation of variable policy, the DXE runtime agent would
communicate to MM to disable, register or query policies. However, these
operations populate the value of MessageLength that includes communicate
header to include MM communicate header, which mismatches with the
description of PI specification.
This fix will correct the MessageLength field calculation to exclude
the size of MM_COMMUNICATE_HEADER.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Kun Qin <kuqin12@gmail.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
Only EFI_VARIABLE_NON_VOLATILE attribute is an invalid combination
of attribute bits, so update the variable driver to return
EFI_INVALID_PARAMETER so that we can prevent the invalid variable
being created.
This change also fixes the SCT failure below:
- RT.QueryVariableInfo - With being an invalid combination -- FAILURE
For details, please check the threads below:
- https://edk2.groups.io/g/devel/topic/86486174
- https://edk2.groups.io/g/devel/message/82466
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Cc: G Edhaya Chandran <edhaya.chandran@arm.com>
Cc: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@arm.com>
Signed-off-by: Sunny Wang <sunny.wang@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
Apply uncrustify changes to .c/.h files in the MdeModulePkg package
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3767
Update use of DEBUG_CODE(Expression) if Expression is a complex code
block with if/while/for/case statements that use {}.
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3760
Update all use of ', OPTIONAL' to ' OPTIONAL,' for function params.
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3739
Update all use of EFI_D_* defines in DEBUG() macros to DEBUG_* defines.
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
When using will_return() on a pointer value, it must be
cast to UINTN to be compatible with 32-bit GCC builds.
This uses the same approach in samples provided in the
UnitTestFramworkPkg when passing pointer values to
UT_ASSERT_EQUAL().
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
|
|
Commit a18a9bde36d2 ("MdeModulePkg/Variable/RuntimeDxe: Restore Variable
Lock Protocol behavior", 2020-12-15), for bug 3111, added two such sets of
debug messages that:
(a) are relevant for developers,
(b) yet should not necessarily poke end-users, because no functionality
suffers in practice.
Both message sets are in function VariableLockRequestToLock(): the first
is a generic interface deprecation warning; the second is the
double-locking situation, which we permit for compatibility (return status
EFI_SUCCESS).
Both message sets should be emitted with the DEBUG_WARN mask, not the most
serious DEBUG_ERROR mask. On some platforms, the serial console carries
both terminal traffic, and grave (DEBUG_ERROR-only) log messages. On such
platforms, both message sets may be perceived as a nuisance by end-users,
as there is nothing they can do, and there's nothing they *should* do --
in practice, nothing malfunctions.
(Such a platform is ArmVirtQemu, built with "-D
DEBUG_PRINT_ERROR_LEVEL=0x80000000".)
Cc: Bret Barkelew <bret.barkelew@microsoft.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3410
Fixes: a18a9bde36d2ffc12df29cdced1efa1f8f9f2021
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20210521204037.11980-1-lersek@redhat.com>
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
This changes added usage of MmUnblockMemoryLib to explicitly request
runtime cache regions(and its indicators) to be accessible from MM
environment when PcdEnableVariableRuntimeCache is enabled. It will bring
in compatibility with architectures that supports full memory blockage
inside MM.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Message-Id: <MWHPR06MB31026EA41F28F2CE12B68574F3969@MWHPR06MB3102.namprd06.prod.outlook.com>
|
|
Instead of running StMM in SPM, OP-TEE creates a new secure partition,
which emulates SPM and isolates StMM from the rest of the Trusted
Applications (TAs). We can then compile StMM as an FD image and run it
in OP-TEE. With the addition of a new RPMB driver, we can leverage OP-TEE
and store variables to an RPMB device.
Since EDK2 upper layers expect byte addressable code, for the RPMB to
work, we need to allocate memory and sync it with the hardware on
read/writes. Since DynamicPCDs are not supported in that context we
can only use PatchablePCDs. So let's switch them to Pcd instead of
FixedPcd and accomodate the new driver. While at it, move the rest
of the variables under Pcd section, instead of FixedPcd -- this is in
line with how the variables are defined in the other Variable
modules.
Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=3111
Add host based unit tests for the multiple lock case using Variable Lock
Protocol, Variable Policy Protocol, and mixes of Variable Lock Protocol
and Variable Policy Protocol.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Bret Barkelew <Bret.Barkelew@microsoft.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=3111
The VariableLock shim currently fails if called twice because the
underlying Variable Policy engine returns an error if a policy is set
on an existing variable.
This breaks existing code which expect it to silently pass if a variable
is locked multiple times (because it should "be locked").
Refactor the shim to confirm that the variable is indeed locked and then
change the error to EFI_SUCCESS and generate a DEBUG_ERROR message so
the duplicate lock can be reported in a debug log and removed.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Bret Barkelew <Bret.Barkelew@microsoft.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=2522
Now that everything should be moved to
VariablePolicy, drop support for the
deprecated VarLock SMI interface and
associated functions from variable RuntimeDxe.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=2522
These were previously using VarLock, which is
being deprecated.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=2522
TcgMorLockSmm provides special protections for
the TCG MOR variables. This will check
IsVariablePolicyEnabled() before enforcing
them to allow variable deletion when policy
engine is disabled.
Only allows deletion, not modification.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
|
|
https://bugzilla.tianocore.org/show_bug.cgi?id=2522
VariablePolicy is an updated interface to
replace VarLock and VarCheckProtocol.
Add connective code to publish the VariablePolicy protocol
and wire it to either the SMM communication interface
or directly into the VariablePolicyLib business logic.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
|
|
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2844
Update Reclaim() to return the error status from the reclaim
operation and not the status of SynchronizeRuntimeVariableCache()
that can be EFI_SUCCESS even through the status from reclaim
is an error. Without this change, the return status from
SetVariable() can be EFI_SUCCESS even though the variable was
not actually set. This occurs if the variable store is full
and a Reclaim() is invoked to free up space and even after all
possible space is freed, there is still not enough room for
the variable being set. This condition should return
EFI_OUT_OF_RESOURCES.
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
|
Switch to the new MM communicate 2 protocol which supports both
traditional and standalone MM.
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@arm.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2062
The UEFI specification v2.8 Errata A Section 8.2 "GetVariable()"
"Attributes" parameter description states:
"If not NULL, a pointer to the memory location to return the
attributes bitmask for the variable. See 'Related Definitions.'
If not NULL, then Attributes is set on output both when
EFI_SUCCESS and when EFI_BUFFER_TOO_SMALL is returned."
The attributes were previously only returned from the implementation
in Variable.c on EFI_SUCCESS. They are now returned on EFI_SUCCESS or
EFI_BUFFER_TOO_SMALL according to spec.
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2457
This commit fixes an offset calculation that is used to write the
VarErrorFlag UEFI variable to the UEFI variable runtime cache.
Currently a physical address is used instead of an offset. This
commit changes the offset to zero with a length of the entire
non-volatile variable store so the entire non-volatile variable
store buffer in SMRAM (with the variable update modification) is
copied to the runtime variable cache. This follows the same pattern
used in other SynchronizeRuntimeVariableCache () calls for
consistency.
* Observable symptom: An exception in SMM will most likely occur
due to the invalid memory reference when the VarErrorFlag variable
is written. The variable is most commonly written when the UEFI
variable store is full.
* The issue only occurs when the variable runtime cache is enabled
by the following PCD being set to TRUE:
gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache
Fixes: aab3b9b9a1e5e1f3fa966fb1667fc3e6c47e7706
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Turner <michael.turner@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
|
Commit aab3b9b9a1e5 ("MdeModulePkg/Variable: Add RT GetVariable() cache
support", 2019-11-05) added "VariableParsing.h" to
"VariableSmmRuntimeDxe.inf".
"VariableParsing.h" includes "Variable.h", so the "build" utility is right
to warn us that "Variable.h" should be listed in [Sources] too.
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael Kubacki <michael.a.kubacki@intel.com>
Fixes: aab3b9b9a1e5e1f3fa966fb1667fc3e6c47e7706
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2364
Fixes a new build warning in VS2012 introduced in f8ff4cca7c.
This patch initializes the local variable "RtPtrTrack" in
FindVariableInRuntimeCache ().
This ensures the pointers in the structure are initialized
in the case no variable stores exist in the list of variable
stores.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2364
Fixes a new build warning in VS2012 introduced in f8ff4cca7c.
This patch initializes the local variable "Variable" in
VariableServiceGetNextVariableInternal ().
This ensures the pointers in the structure are initialized
in the case no variable stores exist in the list of variable
stores.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
|
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2333
During a SetVariable () invocation, UpdateVariable () is called.
UpdateVariable () contains logic to determine whether a volatile or
non-volatile UEFI variable was set so the corresponding runtime
cache can be updated to reflect the change. The current logic simply
evaluates Variable->Volatile to determine which runtime cache should
be updated.
The problem is Variable->Volatile does not always reflect whether a
volatile variable is being set. Variable->Volatile is set to TRUE
only in the case a pre-existing variable is found in the volatile
variable store. Therefore, the value is FALSE when a new volatile
variable is written.
This change updates the logic to take this into account. If a new
variable is written successfully, the Attributes will accurately
reflect whether the variable is non-volatile. If a pre-existing
variable is modified, the Volatile field will reflect the type of
variable (Attributes are not reliable; e.g. 0x0 indicates deletion).
* Observable symptom: A volatile variable that was set successfully
might return EFI_NOT_FOUND when the variable should be found.
* The issue is a regression introduced to the variable services only
when the variable runtime cache is enabled by the following PCD
being set to TRUE:
gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache
* The issue was implemented in commit aab3b9b9a1 but the PCD was not
set to TRUE by default enabling the issue until commit e07b7d024a.
Fixes: aab3b9b9a1e5e1f3fa966fb1667fc3e6c47e7706
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
|
