From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 by mx.groups.io with SMTP id smtpd.web11.8538.1632794987813496793
 for <devel@edk2.groups.io>;
 Mon, 27 Sep 2021 19:09:48 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: hao.shi@intel.com)
X-IronPort-AV: E=McAfee;i="6200,9189,10120"; a="310150986"
X-IronPort-AV: E=Sophos;i="5.85,328,1624345200"; 
   d="scan'208";a="310150986"
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
  by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2021 19:09:46 -0700
X-IronPort-AV: E=Sophos;i="5.85,328,1624345200"; 
   d="scan'208";a="553725591"
Received: from hshi1-mobl.ccr.corp.intel.com ([10.238.8.237])
  by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Sep 2021 19:09:45 -0700
From: "Shi, Hao" <hao.shi@intel.com>
To: devel@edk2.groups.io
Cc: Hao Shi <hao.shi@intel.com>,
	Dandan Bi <dandan.bi@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>
Subject: [PATCH] UserAuthFeaturePkg/UserAuthenticationDxeSmm: The SMI to handle the user authentication should be unregister before booting to OS
Date: Tue, 28 Sep 2021 10:09:15 +0800
Message-Id: <20210928020915.790-1-hao.shi@intel.com>
X-Mailer: git-send-email 2.33.0.windows.2
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3648

Register SmmExitBootServices and SmmLegacyBoot callback function to unregister this handler.

Signed-off-by: Hao Shi <hao.shi@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
---
 .../UserAuthenticationSmm.c                   | 39 +++++++++++++++++--
 .../UserAuthenticationSmm.inf                 |  2 +
 2 files changed, 38 insertions(+), 3 deletions(-)

diff --git a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
index 07e834eb..3d66010b 100644
--- a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
+++ b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.c
@@ -13,6 +13,7 @@ UINTN                           mAdminPasswordTryCount = 0;
 
 BOOLEAN                         mNeedReVerify = TRUE;
 BOOLEAN                         mPasswordVerified = FALSE;
+EFI_HANDLE                      mSmmHandle = NULL;
 
 /**
   Verify if the password is correct.
@@ -612,6 +613,30 @@ EXIT:
   return EFI_SUCCESS;
 }
 
+/**
+  Performs Exit Boot Services UserAuthentication actions
+
+  @param[in] Protocol   Points to the protocol's unique identifier.
+  @param[in] Interface  Points to the interface instance.
+  @param[in] Handle     The handle on which the interface was installed.
+
+  @retval EFI_SUCCESS   Notification runs successfully.
+**/
+EFI_STATUS
+EFIAPI
+UaExitBootServices (
+  IN CONST EFI_GUID     *Protocol,
+  IN VOID               *Interface,
+  IN EFI_HANDLE         Handle
+  )
+{
+  DEBUG ((DEBUG_INFO, "Unregister User Authentication Smi\n"));
+
+  gSmst->SmiHandlerUnRegister(mSmmHandle);
+
+  return EFI_SUCCESS;
+}
+
 /**
   Main entry for this driver.
 
@@ -629,10 +654,11 @@ PasswordSmmInit (
   )
 {
   EFI_STATUS                            Status;
-  EFI_HANDLE                            SmmHandle;
   EDKII_VARIABLE_LOCK_PROTOCOL          *VariableLock;
   CHAR16                                PasswordHistoryName[sizeof(USER_AUTHENTICATION_VAR_NAME)/sizeof(CHAR16) + 5];
   UINTN                                 Index;
+  EFI_EVENT                             ExitBootServicesEvent;
+  EFI_EVENT                             LegacyBootEvent;
 
   ASSERT (PASSWORD_HASH_SIZE == SHA256_DIGEST_SIZE);
   ASSERT (PASSWORD_HISTORY_CHECK_COUNT < 0xFFFF);
@@ -657,13 +683,20 @@ PasswordSmmInit (
     ASSERT_EFI_ERROR (Status);
   }
 
-  SmmHandle = NULL;
-  Status    = gSmst->SmiHandlerRegister (SmmPasswordHandler, &gUserAuthenticationGuid, &SmmHandle);
+  Status = gSmst->SmiHandlerRegister (SmmPasswordHandler, &gUserAuthenticationGuid, &mSmmHandle);
   ASSERT_EFI_ERROR (Status);
   if (EFI_ERROR (Status)) {
     return Status;
   }
 
+  //
+  // Register for SmmExitBootServices and SmmLegacyBoot notification.
+  //
+  Status = gSmst->SmmRegisterProtocolNotify (&gEdkiiSmmExitBootServicesProtocolGuid, UaExitBootServices, &ExitBootServicesEvent);
+  ASSERT_EFI_ERROR (Status);
+  Status = gSmst->SmmRegisterProtocolNotify (&gEdkiiSmmLegacyBootProtocolGuid, UaExitBootServices, &LegacyBootEvent);
+  ASSERT_EFI_ERROR (Status);
+
   if (IsPasswordCleared()) {
     DEBUG ((DEBUG_INFO, "IsPasswordCleared\n"));
     SavePasswordToVariable (&gUserAuthenticationGuid, NULL, 0);
diff --git a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.inf b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.inf
index 0b33b194..d73a2fe2 100644
--- a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.inf
+++ b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDxeSmm/UserAuthenticationSmm.inf
@@ -48,6 +48,8 @@
 [Protocols]
   gEdkiiVariableLockProtocolGuid                ## CONSUMES
   gEfiSmmVariableProtocolGuid                   ## CONSUMES
+  gEdkiiSmmExitBootServicesProtocolGuid         ## CONSUMES
+  gEdkiiSmmLegacyBootProtocolGuid               ## CONSUMES
 
 [Depex]
   gEfiSmmVariableProtocolGuid AND gEfiVariableWriteArchProtocolGuid
-- 
2.31.1.windows.1