From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: michael.a.kubacki@intel.com) Received: from mga02.intel.com (mga02.intel.com []) by groups.io with SMTP; Wed, 25 Sep 2019 21:51:21 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Sep 2019 21:51:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.64,550,1559545200"; d="scan'208";a="191570779" Received: from makuback-desk1.amr.corp.intel.com ([10.7.159.162]) by orsmga003.jf.intel.com with ESMTP; 25 Sep 2019 21:51:21 -0700 From: "Kubacki, Michael A" To: devel@edk2.groups.io Cc: Dandan Bi , Ard Biesheuvel , Eric Dong , Laszlo Ersek , Liming Gao , Michael D Kinney , Ray Ni , Jian J Wang , Hao A Wu , Jiewen Yao Subject: [PATCH V1 5/5] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Date: Wed, 25 Sep 2019 21:50:46 -0700 Message-Id: <20190926045046.34592-6-michael.a.kubacki@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20190926045046.34592-1-michael.a.kubacki@intel.com> References: <20190926045046.34592-1-michael.a.kubacki@intel.com> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220 Since Runtime Services GetVariable() and GetNextVariableName() no longer trigger a SW SMI, this change removes the code for handling those requests from VariableSmm.c. The following SMM communicate functions are removed from SmmVariableHandler(): 1. SMM_VARIABLE_FUNCTION_GET_VARIABLE 2. SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME The function numbers are retained so any calls to those functions from previously built drivers will return EFI_UNSUPPORTED. Cc: Dandan Bi Cc: Ard Biesheuvel Cc: Eric Dong Cc: Laszlo Ersek Cc: Liming Gao Cc: Michael D Kinney Cc: Ray Ni Cc: Jian J Wang Cc: Hao A Wu Cc: Jiewen Yao Signed-off-by: Michael Kubacki --- MdeModulePkg/Include/Guid/SmmVariableCommon.h | 4 +- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 101 -------------------- 2 files changed, 1 insertion(+), 104 deletions(-) diff --git a/MdeModulePkg/Include/Guid/SmmVariableCommon.h b/MdeModulePkg/Include/Guid/SmmVariableCommon.h index ceef44dfd2..6a73d1e21a 100644 --- a/MdeModulePkg/Include/Guid/SmmVariableCommon.h +++ b/MdeModulePkg/Include/Guid/SmmVariableCommon.h @@ -106,7 +106,7 @@ typedef struct { EFI_GUID Guid; UINTN NameSize; // Return name buffer size CHAR16 Name[1]; -} SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME; +} SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE; /// /// This structure is used to communicate with SMI handler by QueryVariableInfo. @@ -118,8 +118,6 @@ typedef struct { UINT32 Attributes; } SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO; -typedef SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE; - typedef struct { EFI_GUID Guid; UINTN NameSize; diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index 1cb6092582..72448ddb46 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -464,7 +464,6 @@ SmmVariableHandler ( EFI_STATUS Status; SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader; SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader; - SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName; SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo; SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE *GetPayloadSize; SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *RuntimeVariableCacheContext; @@ -475,7 +474,6 @@ SmmVariableHandler ( VARIABLE_RUNTIME_CACHE_CONTEXT *VariableCacheContext; VARIABLE_STORE_HEADER *VariableCache; UINTN InfoSize; - UINTN NameBufferSize; UINTN CommBufferPayloadSize; UINTN TempCommBufferSize; @@ -505,105 +503,6 @@ SmmVariableHandler ( SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer; switch (SmmVariableFunctionHeader->Function) { - case SMM_VARIABLE_FUNCTION_GET_VARIABLE: - if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) { - DEBUG ((EFI_D_ERROR, "GetVariable: SMM communication buffer size invalid!\n")); - return EFI_SUCCESS; - } - // - // Copy the input communicate buffer payload to pre-allocated SMM variable buffer payload. - // - CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data, CommBufferPayloadSize); - SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) mVariableBufferPayload; - if (((UINTN)(~0) - SmmVariableHeader->DataSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) || - ((UINTN)(~0) - SmmVariableHeader->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + SmmVariableHeader->DataSize)) { - // - // Prevent InfoSize overflow happen - // - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) - + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize; - - // - // SMRAM range check already covered before - // - if (InfoSize > CommBufferPayloadSize) { - DEBUG ((EFI_D_ERROR, "GetVariable: Data size exceed communication buffer size limit!\n")); - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - - // - // The VariableSpeculationBarrier() call here is to ensure the previous - // range/content checks for the CommBuffer have been completed before the - // subsequent consumption of the CommBuffer content. - // - VariableSpeculationBarrier (); - if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') { - // - // Make sure VariableName is A Null-terminated string. - // - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - - Status = VariableServiceGetVariable ( - SmmVariableHeader->Name, - &SmmVariableHeader->Guid, - &SmmVariableHeader->Attributes, - &SmmVariableHeader->DataSize, - (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize - ); - CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize); - break; - - case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME: - if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) { - DEBUG ((EFI_D_ERROR, "GetNextVariableName: SMM communication buffer size invalid!\n")); - return EFI_SUCCESS; - } - // - // Copy the input communicate buffer payload to pre-allocated SMM variable buffer payload. - // - CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data, CommBufferPayloadSize); - GetNextVariableName = (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *) mVariableBufferPayload; - if ((UINTN)(~0) - GetNextVariableName->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) { - // - // Prevent InfoSize overflow happen - // - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name) + GetNextVariableName->NameSize; - - // - // SMRAM range check already covered before - // - if (InfoSize > CommBufferPayloadSize) { - DEBUG ((EFI_D_ERROR, "GetNextVariableName: Data size exceed communication buffer size limit!\n")); - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - - NameBufferSize = CommBufferPayloadSize - OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name); - if (NameBufferSize < sizeof (CHAR16) || GetNextVariableName->Name[NameBufferSize/sizeof (CHAR16) - 1] != L'\0') { - // - // Make sure input VariableName is A Null-terminated string. - // - Status = EFI_ACCESS_DENIED; - goto EXIT; - } - - Status = VariableServiceGetNextVariableName ( - &GetNextVariableName->NameSize, - GetNextVariableName->Name, - &GetNextVariableName->Guid - ); - CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize); - break; - case SMM_VARIABLE_FUNCTION_SET_VARIABLE: if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) { DEBUG ((EFI_D_ERROR, "SetVariable: SMM communication buffer size invalid!\n")); -- 2.16.2.windows.1