From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web08.34010.1629772109632762108 for ; Mon, 23 Aug 2021 19:28:30 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: qi1.zhang@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10085"; a="216942534" X-IronPort-AV: E=Sophos;i="5.84,346,1620716400"; d="scan'208";a="216942534" Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 23 Aug 2021 19:28:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,346,1620716400"; d="scan'208";a="685050781" Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.157.130]) by fmsmga005.fm.intel.com with ESMTP; 23 Aug 2021 19:28:26 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Qi Zhang , Jiewen Yao , Jian J Wang , Rahul Kumar , Ray Ni Subject: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Date: Tue, 24 Aug 2021 10:28:22 +0800 Message-Id: <20210824022822.6121-1-qi1.zhang@intel.com> X-Mailer: git-send-email 2.26.2.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3583 TcgMorLockSmm is only for secure MOR V1. VariableSmm covers secure MOR V1 and V2. Signed-off-by: Qi Zhang Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Cc: Ray Ni --- SecurityPkg/SecurityPkg.dsc | 1 - .../TcgMorLock.c | 191 ------------------ .../TcgMorLock.h | 131 ------------ .../TcgMorLock.uni | 16 -- .../TcgMorLockExtra.uni | 14 -- .../TcgMorLockSmm.c | 152 -------------- .../TcgMorLockSmm.inf | 65 ------ 7 files changed, 570 deletions(-) delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.c delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.h delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLock.uni delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockExtra.uni delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockSmm.c delete mode 100644 SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMo= rLockSmm.inf diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 64157e20f9..7898fe4282 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -338,7 +338,6 @@ =0D [Components.IA32, Components.X64]=0D =0D - SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf=0D SecurityPkg/Tcg/TcgSmm/TcgSmm.inf=0D SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf=0D SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c= b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c deleted file mode 100644 index aa230eeefa..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c +++ /dev/null @@ -1,191 +0,0 @@ -/** @file=0D - TCG MOR (Memory Overwrite Request) Lock Control Driver.=0D -=0D - This driver initializes MemoryOverwriteRequestControlLock variable.=0D - This module will add Variable Hook and allow MemoryOverwriteRequestContr= olLock variable set only once.=0D -=0D -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#include =0D -#include =0D -#include =0D -#include =0D -#include =0D -#include =0D -#include "TcgMorLock.h"=0D -=0D -typedef struct {=0D - CHAR16 *VariableName;=0D - EFI_GUID *VendorGuid;=0D -} VARIABLE_TYPE;=0D -=0D -VARIABLE_TYPE mMorVariableType[] =3D {=0D - {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, &gEfiMemoryOverwriteContro= lDataGuid},=0D - {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteReques= tControlLockGuid},=0D -};=0D -=0D -/**=0D - Returns if this is MOR related variable.=0D -=0D - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D -=0D - @retval TRUE The variable is MOR related.=0D - @retval FALSE The variable is NOT MOR related.=0D -**/=0D -BOOLEAN=0D -IsAnyMorVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid=0D - )=0D -{=0D - UINTN Index;=0D -=0D - for (Index =3D 0; Index < sizeof(mMorVariableType)/sizeof(mMorVariableTy= pe[0]); Index++) {=0D - if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) =3D= =3D 0) &&=0D - (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {= =0D - return TRUE;=0D - }=0D - }=0D - return FALSE;=0D -}=0D -=0D -/**=0D - Returns if this is MOR lock variable.=0D -=0D - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D -=0D - @retval TRUE The variable is MOR lock variable.=0D - @retval FALSE The variable is NOT MOR lock variable.=0D -**/=0D -BOOLEAN=0D -IsMorLockVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid=0D - )=0D -{=0D - if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) = =3D=3D 0) &&=0D - (CompareGuid (VendorGuid, &gEfiMemoryOverwriteRequestControlLockGuid= ))) {=0D - return TRUE;=0D - }=0D - return FALSE;=0D -}=0D -=0D -/**=0D - This service is a checker handler for the UEFI Runtime Service SetVariab= le()=0D -=0D - @param VariableName the name of the vendor's variable, as a=0D - Null-Terminated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize The size in bytes of Data-Buffer.=0D - @param Data Point to the content of the variable.=0D -=0D - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as=0D - defined by the Attributes.=0D - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the=0D - DataSize exceeds the maximum allowed.=0D - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.= =0D - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data.=0D - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure.=0D - @retval EFI_WRITE_PROTECTED The variable in question is read-only.=0D - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS=0D - set but the AuthInfo does NOT pass the v= alidation check carried=0D - out by the firmware.=0D - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -SetVariableCheckHandlerMor (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - IN UINT32 Attributes,=0D - IN UINTN DataSize,=0D - IN VOID *Data=0D - )=0D -{=0D - UINTN MorLockDataSize;=0D - BOOLEAN MorLock;=0D - EFI_STATUS Status;=0D -=0D - //=0D - // do not handle non-MOR variable=0D - //=0D - if (!IsAnyMorVariable (VariableName, VendorGuid)) {=0D - return EFI_SUCCESS;=0D - }=0D -=0D - MorLockDataSize =3D sizeof(MorLock);=0D - Status =3D InternalGetVariable (=0D - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,=0D - &gEfiMemoryOverwriteRequestControlLockGuid,=0D - NULL,=0D - &MorLockDataSize,=0D - &MorLock=0D - );=0D - if (!EFI_ERROR (Status) && MorLock) {=0D - //=0D - // If lock, deny access=0D - //=0D - return EFI_INVALID_PARAMETER;=0D - }=0D -=0D - //=0D - // Delete not OK=0D - //=0D - if ((DataSize !=3D sizeof(UINT8)) || (Data =3D=3D NULL) || (Attributes = =3D=3D 0)) {=0D - return EFI_INVALID_PARAMETER;=0D - }=0D -=0D - //=0D - // check format=0D - //=0D - if (IsMorLockVariable(VariableName, VendorGuid)) {=0D - //=0D - // set to any other value not OK=0D - //=0D - if ((*(UINT8 *)Data !=3D 1) && (*(UINT8 *)Data !=3D 0)) {=0D - return EFI_INVALID_PARAMETER;=0D - }=0D - }=0D - //=0D - // Or grant access=0D - //=0D - return EFI_SUCCESS;=0D -}=0D -=0D -/**=0D - Entry Point for MOR Lock Control driver.=0D -=0D - @param[in] ImageHandle Image handle of this driver.=0D - @param[in] SystemTable A Pointer to the EFI System Table.=0D -=0D - @retval EFI_SUCCESS=0D - @return Others Some error occurs.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -MorLockDriverInit (=0D - VOID=0D - )=0D -{=0D - EFI_STATUS Status;=0D - UINT8 Data;=0D -=0D - Data =3D 0;=0D - Status =3D InternalSetVariable (=0D - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,=0D - &gEfiMemoryOverwriteRequestControlLockGuid,=0D - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS |= EFI_VARIABLE_RUNTIME_ACCESS,=0D - 1,=0D - &Data=0D - );=0D - return Status;=0D -}=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h= b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h deleted file mode 100644 index 5a6658c158..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h +++ /dev/null @@ -1,131 +0,0 @@ -/** @file=0D - TCG MOR (Memory Overwrite Request) Lock Control Driver header file.=0D -=0D -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#ifndef _EFI_TCG_MOR_LOCK_H_=0D -#define _EFI_TCG_MOR_LOCK_H_=0D -=0D -/**=0D - This service is a wrapper for the UEFI Runtime Service GetVariable().=0D -=0D - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize As input, point to the maximum size of return Data-= Buffer.=0D - As output, point to the actual size of the returned= Data-Buffer.=0D - @param Data Point to return Data-Buffer.=0D -=0D - @retval EFI_SUCCESS The function completed successfully.=0D - @retval EFI_NOT_FOUND The variable was not found.=0D - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result= . DataSize has=0D - been updated with the size needed to com= plete the request.=0D - @retval EFI_INVALID_PARAMETER VariableName is NULL.=0D - @retval EFI_INVALID_PARAMETER VendorGuid is NULL.=0D - @retval EFI_INVALID_PARAMETER DataSize is NULL.=0D - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data i= s NULL.=0D - @retval EFI_DEVICE_ERROR The variable could not be retrieved due = to a hardware error.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due = to an authentication failure.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -InternalGetVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - OUT UINT32 *Attributes OPTIONAL,=0D - IN OUT UINTN *DataSize,=0D - OUT VOID *Data=0D - );=0D -=0D -/**=0D - This service is a wrapper for the UEFI Runtime Service SetVariable()=0D -=0D - @param VariableName the name of the vendor's variable, as a=0D - Null-Terminated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize The size in bytes of Data-Buffer.=0D - @param Data Point to the content of the variable.=0D -=0D - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as=0D - defined by the Attributes.=0D - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the=0D - DataSize exceeds the maximum allowed.=0D - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.= =0D - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data.=0D - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure.=0D - @retval EFI_WRITE_PROTECTED The variable in question is read-only.=0D - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS=0D - set but the AuthInfo does NOT pass the v= alidation check carried=0D - out by the firmware.=0D - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -InternalSetVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - IN UINT32 Attributes,=0D - IN UINTN DataSize,=0D - IN VOID *Data=0D - );=0D -=0D -/**=0D - This service is a checker handler for the UEFI Runtime Service SetVariab= le()=0D -=0D - @param VariableName the name of the vendor's variable, as a=0D - Null-Terminated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize The size in bytes of Data-Buffer.=0D - @param Data Point to the content of the variable.=0D -=0D - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as=0D - defined by the Attributes.=0D - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the=0D - DataSize exceeds the maximum allowed.=0D - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.= =0D - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data.=0D - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure.=0D - @retval EFI_WRITE_PROTECTED The variable in question is read-only.=0D - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS=0D - set but the AuthInfo does NOT pass the v= alidation check carried=0D - out by the firmware.=0D - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -SetVariableCheckHandlerMor (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - IN UINT32 Attributes,=0D - IN UINTN DataSize,=0D - IN VOID *Data=0D - );=0D -=0D -/**=0D - Entry Point for MOR Lock Control driver.=0D -=0D - @param[in] ImageHandle Image handle of this driver.=0D - @param[in] SystemTable A Pointer to the EFI System Table.=0D -=0D - @retval EFI_SUCCESS=0D - @return Others Some error occurs.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -MorLockDriverInit (=0D - VOID=0D - );=0D -=0D -#endif=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.u= ni b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni deleted file mode 100644 index 711b37d866..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni +++ /dev/null @@ -1,16 +0,0 @@ -// /** @file=0D -// Initializes MemoryOverwriteRequestControlLock variable=0D -//=0D -// This module will add Variable Hook and allow MemoryOverwriteRequestCont= rolLock variable set only once.=0D -//=0D -// Copyright (c) 2015, Intel Corporation. All rights reserved.
=0D -//=0D -// SPDX-License-Identifier: BSD-2-Clause-Patent=0D -//=0D -// **/=0D -=0D -=0D -#string STR_MODULE_ABSTRACT #language en-US "Initializes Memor= yOverwriteRequestControlLock variable"=0D -=0D -#string STR_MODULE_DESCRIPTION #language en-US "This module will = add Variable Hook and allow MemoryOverwriteRequestControlLock variable set = only once."=0D -=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockEx= tra.uni b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra= .uni deleted file mode 100644 index 2679c08c86..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni +++ /dev/null @@ -1,14 +0,0 @@ -// /** @file=0D -// TcgMorLock Localized Strings and Content=0D -//=0D -// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
= =0D -//=0D -// SPDX-License-Identifier: BSD-2-Clause-Patent=0D -//=0D -// **/=0D -=0D -#string STR_PROPERTIES_MODULE_NAME=0D -#language en-US=0D -"TCG (Trusted Computing Group) MOR Lock"=0D -=0D -=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSm= m.c b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c deleted file mode 100644 index 8c92317313..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c +++ /dev/null @@ -1,152 +0,0 @@ -/** @file=0D - TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper.=0D -=0D -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#include =0D -#include =0D -#include =0D -#include =0D -#include =0D -#include "TcgMorLock.h"=0D -=0D -EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable;=0D -=0D -/**=0D - This service is a wrapper for the UEFI Runtime Service GetVariable().=0D -=0D - @param VariableName the name of the vendor's variable, it's a Null-Term= inated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize As input, point to the maximum size of return Data-= Buffer.=0D - As output, point to the actual size of the returned= Data-Buffer.=0D - @param Data Point to return Data-Buffer.=0D -=0D - @retval EFI_SUCCESS The function completed successfully.=0D - @retval EFI_NOT_FOUND The variable was not found.=0D - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the result= . DataSize has=0D - been updated with the size needed to com= plete the request.=0D - @retval EFI_INVALID_PARAMETER VariableName is NULL.=0D - @retval EFI_INVALID_PARAMETER VendorGuid is NULL.=0D - @retval EFI_INVALID_PARAMETER DataSize is NULL.=0D - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data i= s NULL.=0D - @retval EFI_DEVICE_ERROR The variable could not be retrieved due = to a hardware error.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved due = to an authentication failure.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -InternalGetVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - OUT UINT32 *Attributes OPTIONAL,=0D - IN OUT UINTN *DataSize,=0D - OUT VOID *Data=0D - )=0D -{=0D - return mSmmVariable->SmmGetVariable (=0D - VariableName,=0D - VendorGuid,=0D - Attributes,=0D - DataSize,=0D - Data=0D - );=0D -}=0D -=0D -/**=0D - This service is a wrapper for the UEFI Runtime Service SetVariable()=0D -=0D - @param VariableName the name of the vendor's variable, as a=0D - Null-Terminated Unicode String=0D - @param VendorGuid Unify identifier for vendor.=0D - @param Attributes Point to memory location to return the attributes o= f variable. If the point=0D - is NULL, the parameter would be ignored.=0D - @param DataSize The size in bytes of Data-Buffer.=0D - @param Data Point to the content of the variable.=0D -=0D - @retval EFI_SUCCESS The firmware has successfully stored the= variable and its data as=0D - defined by the Attributes.=0D - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bits= was supplied, or the=0D - DataSize exceeds the maximum allowed.=0D - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode string.= =0D - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold = the variable and its data.=0D - @retval EFI_DEVICE_ERROR The variable could not be saved due to a= hardware failure.=0D - @retval EFI_WRITE_PROTECTED The variable in question is read-only.=0D - @retval EFI_WRITE_PROTECTED The variable in question cannot be delet= ed.=0D - @retval EFI_SECURITY_VIOLATION The variable could not be written due to= EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS=0D - set but the AuthInfo does NOT pass the v= alidation check carried=0D - out by the firmware.=0D - @retval EFI_NOT_FOUND The variable trying to be updated or del= eted was not found.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -InternalSetVariable (=0D - IN CHAR16 *VariableName,=0D - IN EFI_GUID *VendorGuid,=0D - IN UINT32 Attributes,=0D - IN UINTN DataSize,=0D - IN VOID *Data=0D - )=0D -{=0D - return mSmmVariable->SmmSetVariable (=0D - VariableName,=0D - VendorGuid,=0D - Attributes,=0D - DataSize,=0D - Data=0D - );=0D -}=0D -=0D -/**=0D - Entry Point for MOR Lock Control driver.=0D -=0D - @param[in] ImageHandle The firmware allocated handle for the EFI imag= e.=0D - @param[in] SystemTable A pointer to the EFI System Table.=0D -=0D - @retval EFI_SUCCESS EntryPoint runs successfully.=0D -=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -MorLockDriverEntryPointSmm (=0D - IN EFI_HANDLE ImageHandle,=0D - IN EFI_SYSTEM_TABLE *SystemTable=0D - )=0D -{=0D - EFI_STATUS Status;=0D - EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck;=0D -=0D - //=0D - // This driver link to Smm Variable driver=0D - //=0D - DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n"));=0D -=0D - Status =3D gSmst->SmmLocateProtocol (=0D - &gEfiSmmVariableProtocolGuid,=0D - NULL,=0D - (VOID **) &mSmmVariable=0D - );=0D - ASSERT_EFI_ERROR (Status);=0D -=0D - Status =3D gSmst->SmmLocateProtocol (=0D - &gEdkiiSmmVarCheckProtocolGuid,=0D - NULL,=0D - (VOID **) &SmmVarCheck=0D - );=0D - ASSERT_EFI_ERROR (Status);=0D -=0D - Status =3D MorLockDriverInit ();=0D - if (EFI_ERROR (Status)) {=0D - return Status;=0D - }=0D -=0D - Status =3D SmmVarCheck->SmmRegisterSetVariableCheckHandler (SetVariableC= heckHandlerMor);=0D - ASSERT_EFI_ERROR (Status);=0D -=0D - return Status;=0D -}=0D -=0D diff --git a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSm= m.inf b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf deleted file mode 100644 index 875c1e5f3a..0000000000 --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf +++ /dev/null @@ -1,65 +0,0 @@ -## @file=0D -# Initializes MemoryOverwriteRequestControlLock variable=0D -#=0D -# This module will add Variable Hook and allow MemoryOverwriteRequestCont= rolLock variable set only once.=0D -#=0D -# NOTE: This module only handles secure MOR V1 and is deprecated.=0D -# The secure MOR V2 is handled inside of variable driver.=0D -#=0D -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D -# SPDX-License-Identifier: BSD-2-Clause-Patent=0D -#=0D -##=0D -=0D -[Defines]=0D - INF_VERSION =3D 0x00010005=0D - BASE_NAME =3D TcgMorLockSmm=0D - MODULE_UNI_FILE =3D TcgMorLock.uni=0D - FILE_GUID =3D E2EA6F47-E678-47FA-8C1B-02A03E825C6E= =0D - MODULE_TYPE =3D DXE_SMM_DRIVER=0D - VERSION_STRING =3D 1.0=0D - PI_SPECIFICATION_VERSION =3D 0x0001000A=0D - ENTRY_POINT =3D MorLockDriverEntryPointSmm=0D -=0D -#=0D -# The following information is for reference only and not required by the = build tools.=0D -#=0D -# VALID_ARCHITECTURES =3D IA32 X64 EBC=0D -#=0D -=0D -[Sources]=0D - TcgMorLock.h=0D - TcgMorLock.c=0D - TcgMorLockSmm.c=0D -=0D -[Packages]=0D - MdePkg/MdePkg.dec=0D - MdeModulePkg/MdeModulePkg.dec=0D - SecurityPkg/SecurityPkg.dec=0D -=0D -[LibraryClasses]=0D - UefiDriverEntryPoint=0D - SmmServicesTableLib=0D - DebugLib=0D - BaseLib=0D - BaseMemoryLib=0D -=0D -[Guids]=0D - ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"= =0D - gEfiMemoryOverwriteControlDataGuid=0D -=0D - ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControlLo= ck"=0D - ## PRODUCES ## Variable:L"MemoryOverwriteRequestControlLo= ck"=0D - gEfiMemoryOverwriteRequestControlLockGuid=0D -=0D -[Protocols]=0D - gEdkiiSmmVarCheckProtocolGuid ## CONSUMES=0D - gEfiSmmVariableProtocolGuid ## CONSUMES=0D -=0D -[Depex]=0D - gEfiSmmVariableProtocolGuid AND=0D - gSmmVariableWriteGuid AND=0D - ( gEfiTcgProtocolGuid OR gEfiTcg2ProtocolGuid )=0D -=0D -[UserExtensions.TianoCore."ExtraFiles"]=0D - TcgMorLockExtra.uni=0D --=20 2.26.2.windows.1