From f424470f69ce8811766b1118fc801238f2242596 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Thu, 11 Mar 2021 22:16:41 +0100 Subject: [PATCH 4/4] MdeModulePkg/VariableRuntimeDxe: populate FVB_ADDRESS_LIST When the SetVirtualAddressMap() handler runs, and we convert (among other things) the GetPhysicalAddress() FVB member function pointer, stash both the physical and the virtual addresses of this member function, in FVB_ADDRESS_LIST. Signed-off-by: Laszlo Ersek --- MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2 ++ MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 2 ++ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c | 36 ++++++++++++++++++-- 3 files changed, 38 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index c9434df631ee..e4cc49692f2d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -120,14 +120,16 @@ [Guids] gEdkiiVarErrorFlagGuid ## SOMETIMES_CONSUMES ## Variable:L"db" ## SOMETIMES_CONSUMES ## Variable:L"dbx" ## SOMETIMES_CONSUMES ## Variable:L"dbt" gEfiImageSecurityDatabaseGuid + gEdkiiFvbAddressListGuid + [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize ## CONSUMES diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h index 0b2bb6ae6648..77c390586d35 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h @@ -33,14 +33,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include #include #include #include #include +#include #include "PrivilegePolymorphic.h" #define NV_STORAGE_VARIABLE_BASE (EFI_PHYSICAL_ADDRESS) \ (PcdGet64 (PcdFlashNvStorageVariableBase64) != 0 ? \ PcdGet64 (PcdFlashNvStorageVariableBase64) : \ PcdGet32 (PcdFlashNvStorageVariableBase)) @@ -693,14 +694,15 @@ extern VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal; extern EFI_FIRMWARE_VOLUME_HEADER *mNvFvHeaderCache; extern VARIABLE_STORE_HEADER *mNvVariableCache; extern VARIABLE_INFO_ENTRY *gVariableInfo; extern BOOLEAN mEndOfDxe; extern VAR_CHECK_REQUEST_SOURCE mRequestSource; extern AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut; +extern FVB_ADDRESS_LIST *mFvbAddressList; /** Finds variable in storage blocks of volatile and non-volatile storage areas. This code finds variable in storage blocks of volatile and non-volatile storage areas. If VariableName is an empty string, then we just return the first qualified variable without comparing VariableName and VendorGuid. diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c index 0fca0bb2a9b5..b7a33e3a348d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c @@ -32,14 +32,15 @@ EDKII_VARIABLE_POLICY_PROTOCOL mVariablePolicyProtocol = { EDKII_VARIABL ProtocolIsVariablePolicyEnabled, RegisterVariablePolicy, DumpVariablePolicy, LockVariablePolicy }; EDKII_VAR_CHECK_PROTOCOL mVarCheck = { VarCheckRegisterSetVariableCheckHandler, VarCheckVariablePropertySet, VarCheckVariablePropertyGet }; +FVB_ADDRESS_LIST *mFvbAddressList; /** Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc). Record their initial State when variable write service is ready. **/ VOID @@ -240,26 +241,49 @@ GetFvbCountAndBuffer ( VOID EFIAPI VariableClassAddressChangeEvent ( IN EFI_EVENT Event, IN VOID *Context ) { - UINTN Index; + UINT64 OwnerSignature; + FVB_ADDRESS_LIST_ENTRY *Entry; + UINTN Index; + + OwnerSignature = SIGNATURE_64 ('V', 'A', 'R', 'I', 'A', 'B', 'L', 'E'); + Entry = mFvbAddressList->Entry + mFvbAddressList->Next; if (mVariableModuleGlobal->FvbInstance != NULL) { + VOID *Pointer; + EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetBlockSize); - EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetPhysicalAddress); + + Pointer = (VOID *)(UINTN)mVariableModuleGlobal->FvbInstance->GetPhysicalAddress; + Entry->OwnerSignature = OwnerSignature; + Entry->Address = (UINTN)Pointer; + ++Entry; + + EfiConvertPointer (0x0, &Pointer); + mVariableModuleGlobal->FvbInstance->GetPhysicalAddress = + (EFI_FVB_GET_PHYSICAL_ADDRESS)(UINTN)Pointer; + + Entry->OwnerSignature = OwnerSignature; + Entry->Address = (UINTN)Pointer; + ++Entry; + EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetAttributes); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->SetAttributes); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->Read); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->Write); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->EraseBlocks); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance); } + + mFvbAddressList->Next = Entry - mFvbAddressList->Entry; + EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLangCodes); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->LangCodes); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLang); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.VolatileVariableBase); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase); EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal); @@ -528,18 +552,26 @@ ProtocolIsVariablePolicyEnabled ( EFI_STATUS EFIAPI VariableServiceInitialize ( IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable ) { + VOID *Hob; + FVB_ADDRESS_LIST_PTR *FvbAddressListPtrHobData; EFI_STATUS Status; EFI_EVENT ReadyToBootEvent; EFI_EVENT EndOfDxeEvent; + Hob = GetFirstGuidHob (&gEdkiiFvbAddressListGuid); + ASSERT (Hob != NULL); + FvbAddressListPtrHobData = GET_GUID_HOB_DATA (Hob); + mFvbAddressList = (VOID*)(UINTN)*FvbAddressListPtrHobData; + ASSERT (mFvbAddressList->Signature == FVB_ADDRESS_LIST_SIGNATURE); + Status = VariableCommonInitialize (); ASSERT_EFI_ERROR (Status); Status = gBS->InstallMultipleProtocolInterfaces ( &mHandle, &gEdkiiVariableLockProtocolGuid, &mVariableLock, -- 2.19.1.3.g30247aa5d201