* [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib: implement standalone MM version
@ 2020-12-21 6:17 Masahisa Kojima
2020-12-22 1:24 ` 回复: [edk2-devel] " gaoliming
[not found] ` <1652E56923114B1A.24251@groups.io>
0 siblings, 2 replies; 3+ messages in thread
From: Masahisa Kojima @ 2020-12-21 6:17 UTC (permalink / raw)
To: devel
Cc: Masahisa Kojima, Jian J Wang, Hao A Wu, Liming Gao,
Ard Biesheuvel, Sami Mujawar, Jiewen Yao, Supreeth Venkatesh,
Bret Barkelew
This commit adds the VarCheckPolicyLib that will be able to
execute in the context of standalone MM.
Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
Co-authored-by: Kun Qin <kun.q@outlook.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
---
MdeModulePkg/MdeModulePkg.dsc | 1 +
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf | 5 +-
MdeModulePkg/Library/VarCheckPolicyLib/{VarCheckPolicyLib.inf => VarCheckPolicyLibStandaloneMm.inf} | 23 +++++----
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h | 42 ++++++++++++++++
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c | 14 +++---
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.c | 50 ++++++++++++++++++++
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c | 50 ++++++++++++++++++++
7 files changed, 166 insertions(+), 19 deletions(-)
diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc
index 90165ca443bf..6d4e361afd51 100644
--- a/MdeModulePkg/MdeModulePkg.dsc
+++ b/MdeModulePkg/MdeModulePkg.dsc
@@ -314,6 +314,7 @@ [Components]
MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
+ MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.inf
MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf
MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
index 077bcc8990ca..9af436d25f81 100644
--- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
@@ -13,11 +13,13 @@ [Defines]
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
- CONSTRUCTOR = VarCheckPolicyLibConstructor
+ CONSTRUCTOR = VarCheckPolicyLibTraditionalConstructor
[Sources]
VarCheckPolicyLib.c
+ VarCheckPolicyLibTraditional.c
+ VarCheckPolicyLib.h
[Packages]
@@ -29,7 +31,6 @@ [LibraryClasses]
BaseLib
DebugLib
BaseMemoryLib
- DxeServicesLib
MemoryAllocationLib
VarCheckLib
VariablePolicyLib
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.inf
similarity index 51%
copy from MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
copy to MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.inf
index 077bcc8990ca..ab427f189a3d 100644
--- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.inf
@@ -1,35 +1,41 @@
-## @file VarCheckPolicyLib.inf
+## @file VarCheckPolicyLibStandaloneMm.inf
# This is an instance of a VarCheck lib that leverages the business logic behind
# the VariablePolicy code to make its decisions.
#
-# Copyright (c) Microsoft Corporation.
+##
+# Copyright (c) Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
##
[Defines]
INF_VERSION = 0x00010005
- BASE_NAME = VarCheckPolicyLib
- FILE_GUID = 9C28A48F-C884-4B1F-8B95-DEF125448023
- MODULE_TYPE = DXE_RUNTIME_DRIVER
+ BASE_NAME = VarCheckPolicyLibStandaloneMm
+ FILE_GUID = 44B09E3D-5EDA-4673-ABCF-C8AE4560C8EC
+ MODULE_TYPE = MM_STANDALONE
+ PI_SPECIFICATION_VERSION = 0x00010032
VERSION_STRING = 1.0
- LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER
- CONSTRUCTOR = VarCheckPolicyLibConstructor
+ LIBRARY_CLASS = NULL|MM_STANDALONE
+ CONSTRUCTOR = VarCheckPolicyLibStandaloneConstructor
[Sources]
VarCheckPolicyLib.c
+ VarCheckPolicyLibStandaloneMm.c
+ VarCheckPolicyLib.h
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
+ StandaloneMmPkg/StandaloneMmPkg.dec
[LibraryClasses]
BaseLib
DebugLib
BaseMemoryLib
- DxeServicesLib
+ MemLib
MemoryAllocationLib
VarCheckLib
VariablePolicyLib
@@ -37,6 +43,5 @@ [LibraryClasses]
SafeIntLib
MmServicesTableLib
-
[Guids]
gVarCheckPolicyLibMmiHandlerGuid ## CONSUME ## Used to register for MM Communication events.
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
new file mode 100644
index 000000000000..2226c8a19fec
--- /dev/null
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
@@ -0,0 +1,42 @@
+/** @file -- VarCheckPolicyLib.h
+This internal header file defines the common interface of constructor for
+VarCheckPolicyLib.
+
+Copyright (c) Microsoft Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _VAR_CHECK_POLICY_LIB_H_
+#define _VAR_CHECK_POLICY_LIB_H_
+
+/**
+ Common constructor function of VarCheckPolicyLib to register VarCheck handler
+ and SW MMI handlers.
+
+ @retval EFI_SUCCESS The constructor executed correctly.
+
+**/
+EFI_STATUS
+EFIAPI
+VarCheckPolicyLibCommonConstructor (
+ VOID
+ );
+
+/**
+ This function is wrapper function to validate the buffer.
+
+ @param Buffer The buffer start address to be checked.
+ @param Length The buffer length to be checked.
+
+ @retval TRUE This buffer is valid per processor architecture and not overlap with SMRAM/MMRAM.
+ @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM/MMRAM.
+**/
+BOOLEAN
+EFIAPI
+VarCheckPolicyIsBufferOutsideValid (
+ IN EFI_PHYSICAL_ADDRESS Buffer,
+ IN UINT64 Length
+ );
+
+#endif // _VAR_CHECK_POLICY_LIB_H_
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
index 257aa9591303..14e1904e96d3 100644
--- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
@@ -12,7 +12,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/DebugLib.h>
#include <Library/SafeIntLib.h>
#include <Library/MmServicesTableLib.h>
-#include <Library/SmmMemLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
@@ -23,6 +22,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Guid/VarCheckPolicyMmi.h>
+#include "VarCheckPolicyLib.h"
+
//================================================
// As a VarCheck library, we're linked into the VariableServices
// and may not be able to call them indirectly. To get around this,
@@ -102,7 +103,8 @@ VarCheckPolicyLibMmiHandler (
// Make sure that the buffer does not overlap SMM.
// This should be covered by the SmiManage infrastructure, but just to be safe...
InternalCommBufferSize = *CommBufferSize;
- if (InternalCommBufferSize > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE || !SmmIsBufferOutsideSmmValid((UINTN)CommBuffer, (UINT64)InternalCommBufferSize)) {
+ if (InternalCommBufferSize > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE ||
+ !VarCheckPolicyIsBufferOutsideValid((UINTN)CommBuffer, (UINT64)InternalCommBufferSize)) {
DEBUG ((DEBUG_ERROR, "%a - Invalid CommBuffer supplied! 0x%016lX[0x%016lX]\n", __FUNCTION__, CommBuffer, InternalCommBufferSize));
return EFI_INVALID_PARAMETER;
}
@@ -305,17 +307,13 @@ VarCheckPolicyLibMmiHandler (
Constructor function of VarCheckPolicyLib to register VarCheck handler and
SW MMI handlers.
- @param[in] ImageHandle The firmware allocated handle for the EFI image.
- @param[in] SystemTable A pointer to the EFI System Table.
-
@retval EFI_SUCCESS The constructor executed correctly.
**/
EFI_STATUS
EFIAPI
-VarCheckPolicyLibConstructor (
- IN EFI_HANDLE ImageHandle,
- IN EFI_SYSTEM_TABLE *SystemTable
+VarCheckPolicyLibCommonConstructor (
+ VOID
)
{
EFI_STATUS Status;
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.c b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.c
new file mode 100644
index 000000000000..b283ced9d4e3
--- /dev/null
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm.c
@@ -0,0 +1,50 @@
+/** @file -- VarCheckPolicyLibStandaloneMm.c
+This is an instance of a VarCheck lib constructor for Standalone MM.
+
+Copyright (c) Microsoft Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/StandaloneMmMemLib.h>
+
+#include "VarCheckPolicyLib.h"
+
+/**
+ Standalone MM constructor function of VarCheckPolicyLib to invoke common
+ constructor routine.
+
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor executed correctly.
+
+**/
+EFI_STATUS
+EFIAPI
+VarCheckPolicyLibStandaloneConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_MM_SYSTEM_TABLE *SystemTable
+ )
+{
+ return VarCheckPolicyLibCommonConstructor ();
+}
+
+/**
+ This function is wrapper function to validate the buffer.
+
+ @param Buffer The buffer start address to be checked.
+ @param Length The buffer length to be checked.
+
+ @retval TRUE This buffer is valid per processor architectureand not overlap with MMRAM.
+ @retval FALSE This buffer is not valid per processor architecture or overlap with MMRAM.
+**/
+BOOLEAN
+EFIAPI
+VarCheckPolicyIsBufferOutsideValid (
+ IN EFI_PHYSICAL_ADDRESS Buffer,
+ IN UINT64 Length
+ )
+{
+ return MmIsBufferOutsideMmValid (Buffer, Length);
+}
diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
new file mode 100644
index 000000000000..f404aaaa470c
--- /dev/null
+++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
@@ -0,0 +1,50 @@
+/** @file -- VarCheckPolicyLibTraditional.c
+This is an instance of a VarCheck lib constructor for traditional SMM.
+
+Copyright (c) Microsoft Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Library/SmmMemLib.h>
+
+#include "VarCheckPolicyLib.h"
+
+/**
+ Traditional constructor function of VarCheckPolicyLib to invoke common
+ constructor routine.
+
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.
+ @param[in] SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS The constructor executed correctly.
+
+**/
+EFI_STATUS
+EFIAPI
+VarCheckPolicyLibTraditionalConstructor (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ return VarCheckPolicyLibCommonConstructor ();
+}
+
+/**
+ This function is wrapper function to validate the buffer.
+
+ @param Buffer The buffer start address to be checked.
+ @param Length The buffer length to be checked.
+
+ @retval TRUE This buffer is valid per processor architecture and not overlap with SMRAM.
+ @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+**/
+BOOLEAN
+EFIAPI
+VarCheckPolicyIsBufferOutsideValid (
+ IN EFI_PHYSICAL_ADDRESS Buffer,
+ IN UINT64 Length
+ )
+{
+ return SmmIsBufferOutsideSmmValid (Buffer, Length);
+}
--
2.17.1
^ permalink raw reply related [flat|nested] 3+ messages in thread
* 回复: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib: implement standalone MM version
2020-12-21 6:17 [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib: implement standalone MM version Masahisa Kojima
@ 2020-12-22 1:24 ` gaoliming
[not found] ` <1652E56923114B1A.24251@groups.io>
1 sibling, 0 replies; 3+ messages in thread
From: gaoliming @ 2020-12-22 1:24 UTC (permalink / raw)
To: devel, masahisa.kojima
Cc: 'Jian J Wang', 'Hao A Wu',
'Ard Biesheuvel', 'Sami Mujawar',
'Jiewen Yao', 'Supreeth Venkatesh',
'Bret Barkelew'
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
> -----邮件原件-----
> 发件人: bounce+27952+69300+4905953+8761045@groups.io
> <bounce+27952+69300+4905953+8761045@groups.io> 代表 Masahisa
> Kojima
> 发送时间: 2020年12月21日 14:18
> 收件人: devel@edk2.groups.io
> 抄送: Masahisa Kojima <masahisa.kojima@linaro.org>; Jian J Wang
> <jian.j.wang@intel.com>; Hao A Wu <hao.a.wu@intel.com>; Liming Gao
> <gaoliming@byosoft.com.cn>; Ard Biesheuvel <ard.biesheuvel@arm.com>;
> Sami Mujawar <sami.mujawar@arm.com>; Jiewen Yao
> <jiewen.yao@intel.com>; Supreeth Venkatesh
> <supreeth.venkatesh@arm.com>; Bret Barkelew
> <Bret.Barkelew@microsoft.com>
> 主题: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib:
> implement standalone MM version
>
> This commit adds the VarCheckPolicyLib that will be able to
> execute in the context of standalone MM.
>
> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> Co-authored-by: Kun Qin <kun.q@outlook.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Liming Gao <gaoliming@byosoft.com.cn>
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
> Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
> ---
> MdeModulePkg/MdeModulePkg.dsc
> | 1 +
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> | 5 +-
> MdeModulePkg/Library/VarCheckPolicyLib/{VarCheckPolicyLib.inf =>
> VarCheckPolicyLibStandaloneMm.inf} | 23 +++++----
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> | 42 ++++++++++++++++
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> | 14 +++---
>
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> .c | 50 ++++++++++++++++++++
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> | 50 ++++++++++++++++++++
> 7 files changed, 166 insertions(+), 19 deletions(-)
>
> diff --git a/MdeModulePkg/MdeModulePkg.dsc
> b/MdeModulePkg/MdeModulePkg.dsc
> index 90165ca443bf..6d4e361afd51 100644
> --- a/MdeModulePkg/MdeModulePkg.dsc
> +++ b/MdeModulePkg/MdeModulePkg.dsc
> @@ -314,6 +314,7 @@ [Components]
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
>
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> +
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> .inf
> MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf
> MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
> diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> index 077bcc8990ca..9af436d25f81 100644
> --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> @@ -13,11 +13,13 @@ [Defines]
> MODULE_TYPE = DXE_RUNTIME_DRIVER
> VERSION_STRING = 1.0
> LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER
> DXE_SMM_DRIVER
> - CONSTRUCTOR = VarCheckPolicyLibConstructor
> + CONSTRUCTOR =
> VarCheckPolicyLibTraditionalConstructor
>
>
> [Sources]
> VarCheckPolicyLib.c
> + VarCheckPolicyLibTraditional.c
> + VarCheckPolicyLib.h
>
>
> [Packages]
> @@ -29,7 +31,6 @@ [LibraryClasses]
> BaseLib
> DebugLib
> BaseMemoryLib
> - DxeServicesLib
> MemoryAllocationLib
> VarCheckLib
> VariablePolicyLib
> diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> m.inf
> similarity index 51%
> copy from MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> copy to
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> .inf
> index 077bcc8990ca..ab427f189a3d 100644
> --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> +++
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> m.inf
> @@ -1,35 +1,41 @@
> -## @file VarCheckPolicyLib.inf
> +## @file VarCheckPolicyLibStandaloneMm.inf
> # This is an instance of a VarCheck lib that leverages the business logic
> behind
> # the VariablePolicy code to make its decisions.
> #
> -# Copyright (c) Microsoft Corporation.
> +##
> +# Copyright (c) Microsoft Corporation. All rights reserved.
> # SPDX-License-Identifier: BSD-2-Clause-Patent
> +#
> ##
>
> [Defines]
> INF_VERSION = 0x00010005
> - BASE_NAME = VarCheckPolicyLib
> - FILE_GUID =
> 9C28A48F-C884-4B1F-8B95-DEF125448023
> - MODULE_TYPE = DXE_RUNTIME_DRIVER
> + BASE_NAME =
> VarCheckPolicyLibStandaloneMm
> + FILE_GUID =
> 44B09E3D-5EDA-4673-ABCF-C8AE4560C8EC
> + MODULE_TYPE = MM_STANDALONE
> + PI_SPECIFICATION_VERSION = 0x00010032
> VERSION_STRING = 1.0
> - LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER
> DXE_SMM_DRIVER
> - CONSTRUCTOR = VarCheckPolicyLibConstructor
> + LIBRARY_CLASS = NULL|MM_STANDALONE
> + CONSTRUCTOR =
> VarCheckPolicyLibStandaloneConstructor
>
>
> [Sources]
> VarCheckPolicyLib.c
> + VarCheckPolicyLibStandaloneMm.c
> + VarCheckPolicyLib.h
>
>
> [Packages]
> MdePkg/MdePkg.dec
> MdeModulePkg/MdeModulePkg.dec
> + StandaloneMmPkg/StandaloneMmPkg.dec
>
>
> [LibraryClasses]
> BaseLib
> DebugLib
> BaseMemoryLib
> - DxeServicesLib
> + MemLib
> MemoryAllocationLib
> VarCheckLib
> VariablePolicyLib
> @@ -37,6 +43,5 @@ [LibraryClasses]
> SafeIntLib
> MmServicesTableLib
>
> -
> [Guids]
> gVarCheckPolicyLibMmiHandlerGuid ## CONSUME ## Used to
> register for MM Communication events.
> diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> new file mode 100644
> index 000000000000..2226c8a19fec
> --- /dev/null
> +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> @@ -0,0 +1,42 @@
> +/** @file -- VarCheckPolicyLib.h
> +This internal header file defines the common interface of constructor for
> +VarCheckPolicyLib.
> +
> +Copyright (c) Microsoft Corporation. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef _VAR_CHECK_POLICY_LIB_H_
> +#define _VAR_CHECK_POLICY_LIB_H_
> +
> +/**
> + Common constructor function of VarCheckPolicyLib to register VarCheck
> handler
> + and SW MMI handlers.
> +
> + @retval EFI_SUCCESS The constructor executed correctly.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +VarCheckPolicyLibCommonConstructor (
> + VOID
> + );
> +
> +/**
> + This function is wrapper function to validate the buffer.
> +
> + @param Buffer The buffer start address to be checked.
> + @param Length The buffer length to be checked.
> +
> + @retval TRUE This buffer is valid per processor architecture and not
> overlap with SMRAM/MMRAM.
> + @retval FALSE This buffer is not valid per processor architecture or
> overlap with SMRAM/MMRAM.
> +**/
> +BOOLEAN
> +EFIAPI
> +VarCheckPolicyIsBufferOutsideValid (
> + IN EFI_PHYSICAL_ADDRESS Buffer,
> + IN UINT64 Length
> + );
> +
> +#endif // _VAR_CHECK_POLICY_LIB_H_
> diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> index 257aa9591303..14e1904e96d3 100644
> --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> @@ -12,7 +12,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> #include <Library/DebugLib.h>
> #include <Library/SafeIntLib.h>
> #include <Library/MmServicesTableLib.h>
> -#include <Library/SmmMemLib.h>
> #include <Library/BaseMemoryLib.h>
> #include <Library/MemoryAllocationLib.h>
>
> @@ -23,6 +22,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #include <Guid/VarCheckPolicyMmi.h>
>
> +#include "VarCheckPolicyLib.h"
> +
> //================================================
> // As a VarCheck library, we're linked into the VariableServices
> // and may not be able to call them indirectly. To get around this,
> @@ -102,7 +103,8 @@ VarCheckPolicyLibMmiHandler (
> // Make sure that the buffer does not overlap SMM.
> // This should be covered by the SmiManage infrastructure, but just to
be
> safe...
> InternalCommBufferSize = *CommBufferSize;
> - if (InternalCommBufferSize >
> VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE
> || !SmmIsBufferOutsideSmmValid((UINTN)CommBuffer,
> (UINT64)InternalCommBufferSize)) {
> + if (InternalCommBufferSize >
> VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE ||
> + !VarCheckPolicyIsBufferOutsideValid((UINTN)CommBuffer,
> (UINT64)InternalCommBufferSize)) {
> DEBUG ((DEBUG_ERROR, "%a - Invalid CommBuffer supplied!
> 0x%016lX[0x%016lX]\n", __FUNCTION__, CommBuffer,
> InternalCommBufferSize));
> return EFI_INVALID_PARAMETER;
> }
> @@ -305,17 +307,13 @@ VarCheckPolicyLibMmiHandler (
> Constructor function of VarCheckPolicyLib to register VarCheck handler
> and
> SW MMI handlers.
>
> - @param[in] ImageHandle The firmware allocated handle for the EFI
> image.
> - @param[in] SystemTable A pointer to the EFI System Table.
> -
> @retval EFI_SUCCESS The constructor executed correctly.
>
> **/
> EFI_STATUS
> EFIAPI
> -VarCheckPolicyLibConstructor (
> - IN EFI_HANDLE ImageHandle,
> - IN EFI_SYSTEM_TABLE *SystemTable
> +VarCheckPolicyLibCommonConstructor (
> + VOID
> )
> {
> EFI_STATUS Status;
> diff --git
> a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> m.c
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> m.c
> new file mode 100644
> index 000000000000..b283ced9d4e3
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> m.c
> @@ -0,0 +1,50 @@
> +/** @file -- VarCheckPolicyLibStandaloneMm.c
> +This is an instance of a VarCheck lib constructor for Standalone MM.
> +
> +Copyright (c) Microsoft Corporation. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/StandaloneMmMemLib.h>
> +
> +#include "VarCheckPolicyLib.h"
> +
> +/**
> + Standalone MM constructor function of VarCheckPolicyLib to invoke
> common
> + constructor routine.
> +
> + @param[in] ImageHandle The firmware allocated handle for the EFI
> image.
> + @param[in] SystemTable A pointer to the EFI System Table.
> +
> + @retval EFI_SUCCESS The constructor executed correctly.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +VarCheckPolicyLibStandaloneConstructor (
> + IN EFI_HANDLE ImageHandle,
> + IN EFI_MM_SYSTEM_TABLE *SystemTable
> + )
> +{
> + return VarCheckPolicyLibCommonConstructor ();
> +}
> +
> +/**
> + This function is wrapper function to validate the buffer.
> +
> + @param Buffer The buffer start address to be checked.
> + @param Length The buffer length to be checked.
> +
> + @retval TRUE This buffer is valid per processor architectureand not
> overlap with MMRAM.
> + @retval FALSE This buffer is not valid per processor architecture or
> overlap with MMRAM.
> +**/
> +BOOLEAN
> +EFIAPI
> +VarCheckPolicyIsBufferOutsideValid (
> + IN EFI_PHYSICAL_ADDRESS Buffer,
> + IN UINT64 Length
> + )
> +{
> + return MmIsBufferOutsideMmValid (Buffer, Length);
> +}
> diff --git
> a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> new file mode 100644
> index 000000000000..f404aaaa470c
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> @@ -0,0 +1,50 @@
> +/** @file -- VarCheckPolicyLibTraditional.c
> +This is an instance of a VarCheck lib constructor for traditional SMM.
> +
> +Copyright (c) Microsoft Corporation. All rights reserved.
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include <Library/SmmMemLib.h>
> +
> +#include "VarCheckPolicyLib.h"
> +
> +/**
> + Traditional constructor function of VarCheckPolicyLib to invoke common
> + constructor routine.
> +
> + @param[in] ImageHandle The firmware allocated handle for the EFI
> image.
> + @param[in] SystemTable A pointer to the EFI System Table.
> +
> + @retval EFI_SUCCESS The constructor executed correctly.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +VarCheckPolicyLibTraditionalConstructor (
> + IN EFI_HANDLE ImageHandle,
> + IN EFI_SYSTEM_TABLE *SystemTable
> + )
> +{
> + return VarCheckPolicyLibCommonConstructor ();
> +}
> +
> +/**
> + This function is wrapper function to validate the buffer.
> +
> + @param Buffer The buffer start address to be checked.
> + @param Length The buffer length to be checked.
> +
> + @retval TRUE This buffer is valid per processor architecture and not
> overlap with SMRAM.
> + @retval FALSE This buffer is not valid per processor architecture or
> overlap with SMRAM.
> +**/
> +BOOLEAN
> +EFIAPI
> +VarCheckPolicyIsBufferOutsideValid (
> + IN EFI_PHYSICAL_ADDRESS Buffer,
> + IN UINT64 Length
> + )
> +{
> + return SmmIsBufferOutsideSmmValid (Buffer, Length);
> +}
> --
> 2.17.1
>
>
>
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
* 回复: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib: implement standalone MM version
[not found] ` <1652E56923114B1A.24251@groups.io>
@ 2020-12-23 7:10 ` gaoliming
0 siblings, 0 replies; 3+ messages in thread
From: gaoliming @ 2020-12-23 7:10 UTC (permalink / raw)
To: devel, gaoliming, masahisa.kojima
Cc: 'Jian J Wang', 'Hao A Wu',
'Ard Biesheuvel', 'Sami Mujawar',
'Jiewen Yao', 'Supreeth Venkatesh',
'Bret Barkelew'
Create PR https://github.com/tianocore/edk2/pull/1270
Thanks
Liming
> -----邮件原件-----
> 发件人: bounce+27952+69354+4905953+8761045@groups.io
> <bounce+27952+69354+4905953+8761045@groups.io> 代表 gaoliming
> 发送时间: 2020年12月22日 9:24
> 收件人: devel@edk2.groups.io; masahisa.kojima@linaro.org
> 抄送: 'Jian J Wang' <jian.j.wang@intel.com>; 'Hao A Wu'
> <hao.a.wu@intel.com>; 'Ard Biesheuvel' <ard.biesheuvel@arm.com>; 'Sami
> Mujawar' <sami.mujawar@arm.com>; 'Jiewen Yao' <jiewen.yao@intel.com>;
> 'Supreeth Venkatesh' <supreeth.venkatesh@arm.com>; 'Bret Barkelew'
> <Bret.Barkelew@microsoft.com>
> 主题: 回复: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib:
> implement standalone MM version
>
> Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
>
> > -----邮件原件-----
> > 发件人: bounce+27952+69300+4905953+8761045@groups.io
> > <bounce+27952+69300+4905953+8761045@groups.io> 代表 Masahisa
> > Kojima
> > 发送时间: 2020年12月21日 14:18
> > 收件人: devel@edk2.groups.io
> > 抄送: Masahisa Kojima <masahisa.kojima@linaro.org>; Jian J Wang
> > <jian.j.wang@intel.com>; Hao A Wu <hao.a.wu@intel.com>; Liming Gao
> > <gaoliming@byosoft.com.cn>; Ard Biesheuvel <ard.biesheuvel@arm.com>;
> > Sami Mujawar <sami.mujawar@arm.com>; Jiewen Yao
> > <jiewen.yao@intel.com>; Supreeth Venkatesh
> > <supreeth.venkatesh@arm.com>; Bret Barkelew
> > <Bret.Barkelew@microsoft.com>
> > 主题: [edk2-devel] [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib:
> > implement standalone MM version
> >
> > This commit adds the VarCheckPolicyLib that will be able to
> > execute in the context of standalone MM.
> >
> > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> > Co-authored-by: Kun Qin <kun.q@outlook.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao A Wu <hao.a.wu@intel.com>
> > Cc: Liming Gao <gaoliming@byosoft.com.cn>
> > Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> > Cc: Sami Mujawar <sami.mujawar@arm.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Supreeth Venkatesh <supreeth.venkatesh@arm.com>
> > Cc: Bret Barkelew <Bret.Barkelew@microsoft.com>
> > ---
> > MdeModulePkg/MdeModulePkg.dsc
> > | 1 +
> > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > | 5 +-
> > MdeModulePkg/Library/VarCheckPolicyLib/{VarCheckPolicyLib.inf =>
> > VarCheckPolicyLibStandaloneMm.inf} | 23 +++++----
> > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> > | 42 ++++++++++++++++
> > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> > | 14 +++---
> >
> >
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> > .c | 50 ++++++++++++++++++++
> >
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> > | 50 ++++++++++++++++++++
> > 7 files changed, 166 insertions(+), 19 deletions(-)
> >
> > diff --git a/MdeModulePkg/MdeModulePkg.dsc
> > b/MdeModulePkg/MdeModulePkg.dsc
> > index 90165ca443bf..6d4e361afd51 100644
> > --- a/MdeModulePkg/MdeModulePkg.dsc
> > +++ b/MdeModulePkg/MdeModulePkg.dsc
> > @@ -314,6 +314,7 @@ [Components]
> > MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> >
> > MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
> > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > +
> >
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> > .inf
> > MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> > MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf
> > MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
> > diff --git
a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > index 077bcc8990ca..9af436d25f81 100644
> > --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > @@ -13,11 +13,13 @@ [Defines]
> > MODULE_TYPE = DXE_RUNTIME_DRIVER
> > VERSION_STRING = 1.0
> > LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER
> > DXE_SMM_DRIVER
> > - CONSTRUCTOR = VarCheckPolicyLibConstructor
> > + CONSTRUCTOR =
> > VarCheckPolicyLibTraditionalConstructor
> >
> >
> > [Sources]
> > VarCheckPolicyLib.c
> > + VarCheckPolicyLibTraditional.c
> > + VarCheckPolicyLib.h
> >
> >
> > [Packages]
> > @@ -29,7 +31,6 @@ [LibraryClasses]
> > BaseLib
> > DebugLib
> > BaseMemoryLib
> > - DxeServicesLib
> > MemoryAllocationLib
> > VarCheckLib
> > VariablePolicyLib
> > diff --git
a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> > m.inf
> > similarity index 51%
> > copy from MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > copy to
> >
> MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneMm
> > .inf
> > index 077bcc8990ca..ab427f189a3d 100644
> > --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf
> > +++
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> > m.inf
> > @@ -1,35 +1,41 @@
> > -## @file VarCheckPolicyLib.inf
> > +## @file VarCheckPolicyLibStandaloneMm.inf
> > # This is an instance of a VarCheck lib that leverages the business
logic
> > behind
> > # the VariablePolicy code to make its decisions.
> > #
> > -# Copyright (c) Microsoft Corporation.
> > +##
> > +# Copyright (c) Microsoft Corporation. All rights reserved.
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > +#
> > ##
> >
> > [Defines]
> > INF_VERSION = 0x00010005
> > - BASE_NAME = VarCheckPolicyLib
> > - FILE_GUID =
> > 9C28A48F-C884-4B1F-8B95-DEF125448023
> > - MODULE_TYPE = DXE_RUNTIME_DRIVER
> > + BASE_NAME =
> > VarCheckPolicyLibStandaloneMm
> > + FILE_GUID =
> > 44B09E3D-5EDA-4673-ABCF-C8AE4560C8EC
> > + MODULE_TYPE = MM_STANDALONE
> > + PI_SPECIFICATION_VERSION = 0x00010032
> > VERSION_STRING = 1.0
> > - LIBRARY_CLASS = NULL|DXE_RUNTIME_DRIVER
> > DXE_SMM_DRIVER
> > - CONSTRUCTOR = VarCheckPolicyLibConstructor
> > + LIBRARY_CLASS = NULL|MM_STANDALONE
> > + CONSTRUCTOR =
> > VarCheckPolicyLibStandaloneConstructor
> >
> >
> > [Sources]
> > VarCheckPolicyLib.c
> > + VarCheckPolicyLibStandaloneMm.c
> > + VarCheckPolicyLib.h
> >
> >
> > [Packages]
> > MdePkg/MdePkg.dec
> > MdeModulePkg/MdeModulePkg.dec
> > + StandaloneMmPkg/StandaloneMmPkg.dec
> >
> >
> > [LibraryClasses]
> > BaseLib
> > DebugLib
> > BaseMemoryLib
> > - DxeServicesLib
> > + MemLib
> > MemoryAllocationLib
> > VarCheckLib
> > VariablePolicyLib
> > @@ -37,6 +43,5 @@ [LibraryClasses]
> > SafeIntLib
> > MmServicesTableLib
> >
> > -
> > [Guids]
> > gVarCheckPolicyLibMmiHandlerGuid ## CONSUME ## Used to
> > register for MM Communication events.
> > diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> > new file mode 100644
> > index 000000000000..2226c8a19fec
> > --- /dev/null
> > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.h
> > @@ -0,0 +1,42 @@
> > +/** @file -- VarCheckPolicyLib.h
> > +This internal header file defines the common interface of constructor
for
> > +VarCheckPolicyLib.
> > +
> > +Copyright (c) Microsoft Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#ifndef _VAR_CHECK_POLICY_LIB_H_
> > +#define _VAR_CHECK_POLICY_LIB_H_
> > +
> > +/**
> > + Common constructor function of VarCheckPolicyLib to register VarCheck
> > handler
> > + and SW MMI handlers.
> > +
> > + @retval EFI_SUCCESS The constructor executed correctly.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +VarCheckPolicyLibCommonConstructor (
> > + VOID
> > + );
> > +
> > +/**
> > + This function is wrapper function to validate the buffer.
> > +
> > + @param Buffer The buffer start address to be checked.
> > + @param Length The buffer length to be checked.
> > +
> > + @retval TRUE This buffer is valid per processor architecture and not
> > overlap with SMRAM/MMRAM.
> > + @retval FALSE This buffer is not valid per processor architecture or
> > overlap with SMRAM/MMRAM.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +VarCheckPolicyIsBufferOutsideValid (
> > + IN EFI_PHYSICAL_ADDRESS Buffer,
> > + IN UINT64 Length
> > + );
> > +
> > +#endif // _VAR_CHECK_POLICY_LIB_H_
> > diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> > index 257aa9591303..14e1904e96d3 100644
> > --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c
> > @@ -12,7 +12,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > #include <Library/DebugLib.h>
> > #include <Library/SafeIntLib.h>
> > #include <Library/MmServicesTableLib.h>
> > -#include <Library/SmmMemLib.h>
> > #include <Library/BaseMemoryLib.h>
> > #include <Library/MemoryAllocationLib.h>
> >
> > @@ -23,6 +22,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #include <Guid/VarCheckPolicyMmi.h>
> >
> > +#include "VarCheckPolicyLib.h"
> > +
> > //================================================
> > // As a VarCheck library, we're linked into the VariableServices
> > // and may not be able to call them indirectly. To get around this,
> > @@ -102,7 +103,8 @@ VarCheckPolicyLibMmiHandler (
> > // Make sure that the buffer does not overlap SMM.
> > // This should be covered by the SmiManage infrastructure, but just
to
> be
> > safe...
> > InternalCommBufferSize = *CommBufferSize;
> > - if (InternalCommBufferSize >
> > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE
> > || !SmmIsBufferOutsideSmmValid((UINTN)CommBuffer,
> > (UINT64)InternalCommBufferSize)) {
> > + if (InternalCommBufferSize >
> > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE ||
> > + !VarCheckPolicyIsBufferOutsideValid((UINTN)CommBuffer,
> > (UINT64)InternalCommBufferSize)) {
> > DEBUG ((DEBUG_ERROR, "%a - Invalid CommBuffer supplied!
> > 0x%016lX[0x%016lX]\n", __FUNCTION__, CommBuffer,
> > InternalCommBufferSize));
> > return EFI_INVALID_PARAMETER;
> > }
> > @@ -305,17 +307,13 @@ VarCheckPolicyLibMmiHandler (
> > Constructor function of VarCheckPolicyLib to register VarCheck
handler
> > and
> > SW MMI handlers.
> >
> > - @param[in] ImageHandle The firmware allocated handle for the EFI
> > image.
> > - @param[in] SystemTable A pointer to the EFI System Table.
> > -
> > @retval EFI_SUCCESS The constructor executed correctly.
> >
> > **/
> > EFI_STATUS
> > EFIAPI
> > -VarCheckPolicyLibConstructor (
> > - IN EFI_HANDLE ImageHandle,
> > - IN EFI_SYSTEM_TABLE *SystemTable
> > +VarCheckPolicyLibCommonConstructor (
> > + VOID
> > )
> > {
> > EFI_STATUS Status;
> > diff --git
> >
> a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> > m.c
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> > m.c
> > new file mode 100644
> > index 000000000000..b283ced9d4e3
> > --- /dev/null
> > +++
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibStandaloneM
> > m.c
> > @@ -0,0 +1,50 @@
> > +/** @file -- VarCheckPolicyLibStandaloneMm.c
> > +This is an instance of a VarCheck lib constructor for Standalone MM.
> > +
> > +Copyright (c) Microsoft Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include <Library/StandaloneMmMemLib.h>
> > +
> > +#include "VarCheckPolicyLib.h"
> > +
> > +/**
> > + Standalone MM constructor function of VarCheckPolicyLib to invoke
> > common
> > + constructor routine.
> > +
> > + @param[in] ImageHandle The firmware allocated handle for the EFI
> > image.
> > + @param[in] SystemTable A pointer to the EFI System Table.
> > +
> > + @retval EFI_SUCCESS The constructor executed correctly.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +VarCheckPolicyLibStandaloneConstructor (
> > + IN EFI_HANDLE ImageHandle,
> > + IN EFI_MM_SYSTEM_TABLE *SystemTable
> > + )
> > +{
> > + return VarCheckPolicyLibCommonConstructor ();
> > +}
> > +
> > +/**
> > + This function is wrapper function to validate the buffer.
> > +
> > + @param Buffer The buffer start address to be checked.
> > + @param Length The buffer length to be checked.
> > +
> > + @retval TRUE This buffer is valid per processor architectureand not
> > overlap with MMRAM.
> > + @retval FALSE This buffer is not valid per processor architecture or
> > overlap with MMRAM.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +VarCheckPolicyIsBufferOutsideValid (
> > + IN EFI_PHYSICAL_ADDRESS Buffer,
> > + IN UINT64 Length
> > + )
> > +{
> > + return MmIsBufferOutsideMmValid (Buffer, Length);
> > +}
> > diff --git
> >
> a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> > new file mode 100644
> > index 000000000000..f404aaaa470c
> > --- /dev/null
> > +++
> >
> b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLibTraditional.c
> > @@ -0,0 +1,50 @@
> > +/** @file -- VarCheckPolicyLibTraditional.c
> > +This is an instance of a VarCheck lib constructor for traditional SMM.
> > +
> > +Copyright (c) Microsoft Corporation. All rights reserved.
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include <Library/SmmMemLib.h>
> > +
> > +#include "VarCheckPolicyLib.h"
> > +
> > +/**
> > + Traditional constructor function of VarCheckPolicyLib to invoke
common
> > + constructor routine.
> > +
> > + @param[in] ImageHandle The firmware allocated handle for the EFI
> > image.
> > + @param[in] SystemTable A pointer to the EFI System Table.
> > +
> > + @retval EFI_SUCCESS The constructor executed correctly.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +VarCheckPolicyLibTraditionalConstructor (
> > + IN EFI_HANDLE ImageHandle,
> > + IN EFI_SYSTEM_TABLE *SystemTable
> > + )
> > +{
> > + return VarCheckPolicyLibCommonConstructor ();
> > +}
> > +
> > +/**
> > + This function is wrapper function to validate the buffer.
> > +
> > + @param Buffer The buffer start address to be checked.
> > + @param Length The buffer length to be checked.
> > +
> > + @retval TRUE This buffer is valid per processor architecture and not
> > overlap with SMRAM.
> > + @retval FALSE This buffer is not valid per processor architecture or
> > overlap with SMRAM.
> > +**/
> > +BOOLEAN
> > +EFIAPI
> > +VarCheckPolicyIsBufferOutsideValid (
> > + IN EFI_PHYSICAL_ADDRESS Buffer,
> > + IN UINT64 Length
> > + )
> > +{
> > + return SmmIsBufferOutsideSmmValid (Buffer, Length);
> > +}
> > --
> > 2.17.1
> >
> >
> >
> >
> >
>
>
>
>
>
>
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2020-12-23 7:10 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-12-21 6:17 [PATCH v2 1/1] MdeModulePkg/VarCheckPolicyLib: implement standalone MM version Masahisa Kojima
2020-12-22 1:24 ` 回复: [edk2-devel] " gaoliming
[not found] ` <1652E56923114B1A.24251@groups.io>
2020-12-23 7:10 ` gaoliming
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox