From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web11.3204.1593656005693623379 for ; Wed, 01 Jul 2020 19:13:25 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=jdqpXnZN; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: dandan.bi@intel.com) IronPort-SDR: B4OnxZh6GGCLAFwqhujTbw3x1Aw/Za/coWRDm1rsvCCqda4giE10aa0JUc07NZuxboZBmdUZoh e2tBLn1Lby5g== X-IronPort-AV: E=McAfee;i="6000,8403,9669"; a="144938964" X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="144938964" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 01 Jul 2020 19:13:24 -0700 IronPort-SDR: NYjvKbOLKqkKeIB6R5JXBWo/q8Ek9mphdosNRCuzfrX/WvzQx9VzBMdnIJ9FqPQrmbRYxAR77a N5i+NpTM3jew== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,302,1589266800"; d="scan'208";a="295738406" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga002.jf.intel.com with ESMTP; 01 Jul 2020 19:13:24 -0700 Received: from FMSMSX110.amr.corp.intel.com (10.18.116.10) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 1 Jul 2020 19:13:23 -0700 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx110.amr.corp.intel.com (10.18.116.10) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 1 Jul 2020 19:13:23 -0700 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.104) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 1 Jul 2020 19:13:23 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nU3lfZaLLRchqAewOrA+ac3fQJGu0t41wfusknrIpsydTYiLp537thkq0NqeX8mGy/3jnjbUMXFbMmHrMzDFZgCLs+iq70gXYg+DG7p3ZH0NAARW2uaXveuyIMPK8l2mcLsb9ySIB/ICMwtOIqGu0KDwAcMPYsRjPmxUaLdzFmGq9/6H35araJQXkea2xJdQ2U2DNCbrbIw0dkEhIfilnc6wGEhyDHWrxlgh2SwuvAs5wE00TxBxbaPW+7d7SDmVVxYWh7vqofXTYcfY/23rBykOL/G5HR6ryXbDIYB8WRJnbYjzMeadrCnC82HN3pDKWkm+jZh9uO5mbgspm54pyg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Qamz4py4Ce6IKssDPjy6qIzOnRhSJCTNr64d5hblASk=; b=Myn3zkwfqqd4pFD2LuSDTUDgX49kGgzvjvJpkDhRD6lrJYWpdsOez9XTO70dM65XoCXZiOWI9GSP/BhwDZpnBu9miACYtZspYDuxyg1gPZdpCPtG25mLu8s5pR30FRTN/UFBxYuhA5UV/WqqLz262nc86RsJnkygOn/rdhfOPss2GZ9OtIIAvzD7UZcomt7wuMGsczFsvde5z3yNHWWgydH+CpUtmxo/lt5nbQjyYcyVJTSfzd465jegmVYCKt98bssmvzVGp9IjR/pFwFM0rR8VnnWIilRxN/8KSV/qaRZPsVevNK1SChq7ISYmmo4umVaZkohIzYfWB5ttsIHaUA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=Qamz4py4Ce6IKssDPjy6qIzOnRhSJCTNr64d5hblASk=; b=jdqpXnZNGNQkkIbKb8nTG4MjmTi8ggjqMpTntN/xZjsVgko8OfPPJcNBNayq4Nz6TfQa4P4AI5+LTbqsHJcFyz/aPZY0zk+o3K2nzFRKhEenQM2LUsm2uxPGZ+abbezcxAefDKdyyAU+5hrlssOHw1cOCADRUDeqIQUq966T5io= Received: from BN6PR11MB1393.namprd11.prod.outlook.com (2603:10b6:404:3c::12) by BN8PR11MB3812.namprd11.prod.outlook.com (2603:10b6:408:90::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.21; Thu, 2 Jul 2020 02:13:22 +0000 Received: from BN6PR11MB1393.namprd11.prod.outlook.com ([fe80::a1f4:15d6:9a79:de03]) by BN6PR11MB1393.namprd11.prod.outlook.com ([fe80::a1f4:15d6:9a79:de03%11]) with mapi id 15.20.3153.024; Thu, 2 Jul 2020 02:13:21 +0000 From: "Dandan Bi" To: "devel@edk2.groups.io" , "bret@corthon.com" CC: "Wang, Jian J" , "Wu, Hao A" , "Gao, Liming" Subject: Re: [edk2-devel] [PATCH v6 04/14] MdeModulePkg: Define the VarCheckPolicyLib and SMM interface Thread-Topic: [edk2-devel] [PATCH v6 04/14] MdeModulePkg: Define the VarCheckPolicyLib and SMM interface Thread-Index: AQHWSVAjdz2Yew4oVUqyUKEoP4gFwajzh3FQ Date: Thu, 2 Jul 2020 02:13:21 +0000 Message-ID: References: <20200623064104.1908-1-brbarkel@microsoft.com> <20200623064104.1908-5-brbarkel@microsoft.com> In-Reply-To: <20200623064104.1908-5-brbarkel@microsoft.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.102.204.38] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: fe4e8789-6031-499b-68b6-08d81e2d7e9e x-ms-traffictypediagnostic: BN8PR11MB3812: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 0452022BE1 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: RZr59SIUMIPCCVDYJmg5JaIDzGOiPYsI1zSOz71w66sWL5sIGRNm9Na4WLhusFMzWTVF+L9MmEcpcguBlxhaFLH3LwW1y94vbr3UkpGP2LE+XYNqaM+RSi/O3IvfPvqgrVvLNX8UFWVhJIMlH1FYd0GoKT4SrddIQNNINFMviFOAWzSMi0St5d8LwADChDAAfU+EF4Hxyzr0q2ygadiFM+9H3T19z98WFU97b7296l22V/vEML6LrzVZ55QNwEZMoVoz88V/CJlvYbattWBaRw1zfuC+ZCUaJQAQHOW4mhW1G5UI4/sbaOvlSr5niTVC2JTEaJdsDnfi1br8cOKzOeIZuvpKZeotT1c4q+n1WfxJzIw5M2myJKy6RyAOu7/iMZ0VSWZxmK98dkOI4eb8iQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN6PR11MB1393.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(366004)(136003)(39860400002)(396003)(346002)(376002)(76116006)(8936002)(316002)(966005)(55016002)(30864003)(110136005)(33656002)(9686003)(4326008)(107886003)(19627235002)(54906003)(8676002)(83380400001)(2906002)(66946007)(45080400002)(66556008)(64756008)(478600001)(66476007)(86362001)(66446008)(71200400001)(53546011)(6506007)(186003)(5660300002)(7696005)(52536014)(26005)(559001)(579004);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: 7m9ASc8/j9DS1Q+9R0zltnxUJKsa773ve+Q1f3hqsY9CqaUcdzXvfGaAaE9nGBkYJKo0D/e3re4mEb+Mrst7ctChHPc9rDloZAsq1GPZQi9E4BLXyGkLOVpjotFjSLmmyQTO7CtTe97fd/LSJYDkScTqB6mrjTmn5OcqIDHoAlMOQ5uhNgOrn9rlqJp5igzP8+1V8rlIbl+w2Sra7OAEgGGMYck1ntUmIqYwxv9k/Fk9NmXS4oDm1UHu8Q1X3O8qyxGoUookK/W7EKwkgZg/zmivw9Nn32/H3eHDnj0LlHwYEbbBeWV/5HZEBGw4u0aJZPax+yYcTHP78qun0yVPrCXk0TPGKyLd1x9sYLLKrvsxQwvbJKBJJdHkowKeTImV2K7vdpVTHEZ5Zuy5iWsLPZFSvgf1xojfAp8XBIl/nh+7q/PlG1LtCHjRscnpKFBu30O/F/VFYeJGcehlP545+Hvx190DXmThCXDMkF5op1F1nZ+s7r3PtHLQM06D3Huy MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN6PR11MB1393.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: fe4e8789-6031-499b-68b6-08d81e2d7e9e X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jul 2020 02:13:21.8937 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: d++22YRSyXB8+A7lzlY28ZiElnoaiYnar1KVYasixeWxRQwXtq1QKUH1sN0vqeY0zHJ6E1cazahZMXkUgIrqmA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN8PR11MB3812 Return-Path: dandan.bi@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable 1 comment inline, please check. Thanks, Dandan > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Bret > Barkelew > Sent: Tuesday, June 23, 2020 2:41 PM > To: devel@edk2.groups.io > Cc: Wang, Jian J ; Wu, Hao A ; > Gao, Liming > Subject: [edk2-devel] [PATCH v6 04/14] MdeModulePkg: Define the > VarCheckPolicyLib and SMM interface >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 >=20 > VariablePolicy is an updated interface to > replace VarLock and VarCheckProtocol. >=20 > This is an instance of a VarCheckLib that is backed by the > VariablePolicyLib business logic. It also publishes the SMM > calling interface for messages from the DXE protocol. >=20 > Cc: Jian J Wang > Cc: Hao A Wu > Cc: Liming Gao > Cc: Bret Barkelew > Signed-off-by: Bret Barkelew > --- > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c | 320 > ++++++++++++++++++++ > MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h | 54 ++++ > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf | 42 +++ > MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni | 12 + > MdeModulePkg/MdeModulePkg.dec | 4 + > MdeModulePkg/MdeModulePkg.dsc | 2 + > 6 files changed, 434 insertions(+) >=20 > diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c > new file mode 100644 > index 000000000000..b64fc5f45332 > --- /dev/null > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c > @@ -0,0 +1,320 @@ > +/** @file -- VarCheckPolicyLib.c >=20 > +This is an instance of a VarCheck lib that leverages the business logic = behind 1.[Dandan]: This should be a NULL class library, not an instance of VarChec= k Lib. >=20 > +the VariablePolicy code to make its decisions. >=20 > + >=20 > +Copyright (c) Microsoft Corporation. >=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > + >=20 > +#include >=20 > + >=20 > +#include >=20 > +#include >=20 > + >=20 > +#include >=20 > + >=20 > +//=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > +// As a VarCheck library, we're linked into the VariableServices >=20 > +// and may not be able to call them indirectly. To get around this, >=20 > +// use the internal GetVariable function to query the variable store. >=20 > +//=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +VariableServiceGetVariable ( >=20 > + IN CHAR16 *VariableName, >=20 > + IN EFI_GUID *VendorGuid, >=20 > + OUT UINT32 *Attributes OPTIONAL, >=20 > + IN OUT UINTN *DataSize, >=20 > + OUT VOID *Data >=20 > + ); >=20 > + >=20 > + >=20 > +/** >=20 > + MM Communication Handler to recieve commands from the DXE protocol > for >=20 > + Variable Policies. This communication channel is used to register new > policies >=20 > + and poll and toggle the enforcement of variable policies. >=20 > + >=20 > + @param[in] DispatchHandle All parameters standard to MM > communications convention. >=20 > + @param[in] RegisterContext All parameters standard to MM > communications convention. >=20 > + @param[in,out] CommBuffer All parameters standard to MM > communications convention. >=20 > + @param[in,out] CommBufferSize All parameters standard to MM > communications convention. >=20 > + >=20 > + @retval EFI_SUCCESS >=20 > + @retval EFI_INVALID_PARAMETER CommBuffer or CommBufferSize is > null pointer. >=20 > + @retval EFI_INVALID_PARAMETER CommBuffer size is wrong. >=20 > + @retval EFI_INVALID_PARAMETER Revision or signature don't match. >=20 > + >=20 > +**/ >=20 > +STATIC >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +VarCheckPolicyLibMmiHandler ( >=20 > + IN EFI_HANDLE DispatchHandle, >=20 > + IN CONST VOID *RegisterContext, >=20 > + IN OUT VOID *CommBuffer, >=20 > + IN OUT UINTN *CommBufferSize >=20 > + ) >=20 > +{ >=20 > + EFI_STATUS Status; >=20 > + EFI_STATUS SubCommandStatus; >=20 > + VAR_CHECK_POLICY_COMM_HEADER *PolicyCommmHeader; >=20 > + VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS *IsEnabledParams; >=20 > + VAR_CHECK_POLICY_COMM_DUMP_PARAMS *DumpParams; >=20 > + UINT8 *DumpInputBuffer; >=20 > + UINT8 *DumpOutputBuffer; >=20 > + UINTN DumpTotalPages; >=20 > + VARIABLE_POLICY_ENTRY *PolicyEntry; >=20 > + UINTN ExpectedSize; >=20 > + // Pagination Cache Variables >=20 > + static UINT8 *PaginationCache =3D NULL; >=20 > + static UINTN PaginationCacheSize =3D 0; >=20 > + static UINT32 CurrentPaginationCommand =3D= 0; >=20 > + >=20 > + Status =3D EFI_SUCCESS; >=20 > + >=20 > + // >=20 > + // Validate some input parameters. >=20 > + // >=20 > + // If either of the pointers are NULL, we can't proceed. >=20 > + if (CommBuffer =3D=3D NULL || CommBufferSize =3D=3D NULL) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Invalid comm buffer pointers!\n", > __FUNCTION__ )); >=20 > + return EFI_INVALID_PARAMETER; >=20 > + } >=20 > + // If the size does not meet a minimum threshold, we cannot proceed. >=20 > + ExpectedSize =3D sizeof(VAR_CHECK_POLICY_COMM_HEADER); >=20 > + if (*CommBufferSize < ExpectedSize) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", > __FUNCTION__, *CommBufferSize, ExpectedSize )); >=20 > + return EFI_INVALID_PARAMETER; >=20 > + } >=20 > + // Check the revision and the signature of the comm header. >=20 > + PolicyCommmHeader =3D CommBuffer; >=20 > + if (PolicyCommmHeader->Signature !=3D VAR_CHECK_POLICY_COMM_SIG > || >=20 > + PolicyCommmHeader->Revision !=3D > VAR_CHECK_POLICY_COMM_REVISION) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Signature or revision are incorrect!\n", > __FUNCTION__ )); >=20 > + // We have verified the buffer is not null and have enough size to h= old > Result field. >=20 > + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; >=20 > + return EFI_SUCCESS; >=20 > + } >=20 > + >=20 > + // If we're in the middle of a paginated dump and any other command is > sent, >=20 > + // pagination cache must be cleared. >=20 > + if (PaginationCache !=3D NULL && PolicyCommmHeader->Command !=3D > CurrentPaginationCommand) { >=20 > + FreePool (PaginationCache); >=20 > + PaginationCache =3D NULL; >=20 > + PaginationCacheSize =3D 0; >=20 > + CurrentPaginationCommand =3D 0; >=20 > + } >=20 > + >=20 > + // >=20 > + // Now we can process the command as it was sent. >=20 > + // >=20 > + PolicyCommmHeader->Result =3D EFI_ABORTED; // Set a default return = for > incomplete commands. >=20 > + switch(PolicyCommmHeader->Command) { >=20 > + case VAR_CHECK_POLICY_COMMAND_DISABLE: >=20 > + PolicyCommmHeader->Result =3D DisableVariablePolicy(); >=20 > + break; >=20 > + >=20 > + case VAR_CHECK_POLICY_COMMAND_IS_ENABLED: >=20 > + // Make sure that we're dealing with a reasonable size. >=20 > + // This add should be safe because these are fixed sizes so far. >=20 > + ExpectedSize +=3D > sizeof(VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS); >=20 > + if (*CommBufferSize < ExpectedSize) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", > __FUNCTION__, *CommBufferSize, ExpectedSize )); >=20 > + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; >=20 > + break; >=20 > + } >=20 > + >=20 > + // Now that we know we've got a valid size, we can fill in the res= t of the > data. >=20 > + IsEnabledParams =3D > (VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS*)((UINT8*)CommBuff > er + sizeof(VAR_CHECK_POLICY_COMM_HEADER)); >=20 > + IsEnabledParams->State =3D IsVariablePolicyEnabled(); >=20 > + PolicyCommmHeader->Result =3D EFI_SUCCESS; >=20 > + break; >=20 > + >=20 > + case VAR_CHECK_POLICY_COMMAND_REGISTER: >=20 > + // Make sure that we're dealing with a reasonable size. >=20 > + // This add should be safe because these are fixed sizes so far. >=20 > + ExpectedSize +=3D sizeof(VARIABLE_POLICY_ENTRY); >=20 > + if (*CommBufferSize < ExpectedSize) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", > __FUNCTION__, *CommBufferSize, ExpectedSize )); >=20 > + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; >=20 > + break; >=20 > + } >=20 > + >=20 > + // At the very least, we can assume that we're working with a vali= d policy > entry. >=20 > + // Time to compare its internal size. >=20 > + PolicyEntry =3D (VARIABLE_POLICY_ENTRY*)((UINT8*)CommBuffer + > sizeof(VAR_CHECK_POLICY_COMM_HEADER)); >=20 > + if (PolicyEntry->Version !=3D VARIABLE_POLICY_ENTRY_REVISION || >=20 > + PolicyEntry->Size < sizeof(VARIABLE_POLICY_ENTRY) || >=20 > + > EFI_ERROR(SafeUintnAdd(sizeof(VAR_CHECK_POLICY_COMM_HEADER), > PolicyEntry->Size, &ExpectedSize)) || >=20 > + *CommBufferSize < ExpectedSize) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Bad policy entry contents!\n", > __FUNCTION__ )); >=20 > + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; >=20 > + break; >=20 > + } >=20 > + >=20 > + PolicyCommmHeader->Result =3D RegisterVariablePolicy( PolicyEntry = ); >=20 > + break; >=20 > + >=20 > + case VAR_CHECK_POLICY_COMMAND_DUMP: >=20 > + // Make sure that we're dealing with a reasonable size. >=20 > + // This add should be safe because these are fixed sizes so far. >=20 > + ExpectedSize +=3D sizeof(VAR_CHECK_POLICY_COMM_DUMP_PARAMS) > + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE; >=20 > + if (*CommBufferSize < ExpectedSize) { >=20 > + DEBUG(( DEBUG_INFO, "%a - Bad comm buffer size! %d < %d\n", > __FUNCTION__, *CommBufferSize, ExpectedSize )); >=20 > + PolicyCommmHeader->Result =3D EFI_INVALID_PARAMETER; >=20 > + break; >=20 > + } >=20 > + >=20 > + // Now that we know we've got a valid size, we can fill in the res= t of the > data. >=20 > + DumpParams =3D > (VAR_CHECK_POLICY_COMM_DUMP_PARAMS*)(PolicyCommmHeader + 1); >=20 > + >=20 > + // If we're requesting the first page, initialize the cache and ge= t the sizes. >=20 > + if (DumpParams->PageRequested =3D=3D 0) { >=20 > + if (PaginationCache !=3D NULL) { >=20 > + FreePool (PaginationCache); >=20 > + PaginationCache =3D NULL; >=20 > + } >=20 > + >=20 > + // Determine what the required size is going to be. >=20 > + DumpParams->TotalSize =3D 0; >=20 > + DumpParams->PageSize =3D 0; >=20 > + DumpParams->HasMore =3D FALSE; >=20 > + SubCommandStatus =3D DumpVariablePolicy (NULL, &DumpParams- > >TotalSize); >=20 > + if (SubCommandStatus =3D=3D EFI_BUFFER_TOO_SMALL && DumpParams- > >TotalSize > 0) { >=20 > + CurrentPaginationCommand =3D > VAR_CHECK_POLICY_COMMAND_DUMP; >=20 > + PaginationCacheSize =3D DumpParams->TotalSize; >=20 > + PaginationCache =3D AllocatePool (PaginationCacheSize); >=20 > + if (PaginationCache =3D=3D NULL) { >=20 > + SubCommandStatus =3D EFI_OUT_OF_RESOURCES; >=20 > + } >=20 > + } >=20 > + >=20 > + // If we've allocated our pagination cache, we're good to cache. >=20 > + if (PaginationCache !=3D NULL) { >=20 > + SubCommandStatus =3D DumpVariablePolicy (PaginationCache, > &DumpParams->TotalSize); >=20 > + } >=20 > + >=20 > + // Populate the remaining fields and we can boogie. >=20 > + if (!EFI_ERROR (SubCommandStatus) && PaginationCache !=3D NULL) = { >=20 > + DumpParams->HasMore =3D TRUE; >=20 > + } >=20 > + } >=20 > + else if (PaginationCache !=3D NULL) { >=20 > + DumpParams->TotalSize =3D (UINT32)PaginationCacheSize; >=20 > + DumpParams->PageSize =3D > VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE; >=20 > + DumpOutputBuffer =3D (UINT8*)(DumpParams + 1); >=20 > + >=20 > + // Make sure that we don't over-index the cache. >=20 > + DumpTotalPages =3D PaginationCacheSize / DumpParams->PageSize; >=20 > + if (PaginationCacheSize % DumpParams->PageSize) DumpTotalPages++= ; >=20 > + if (DumpParams->PageRequested > DumpTotalPages) { >=20 > + SubCommandStatus =3D EFI_INVALID_PARAMETER; >=20 > + } >=20 > + else { >=20 > + // Figure out how far into the page cache we need to go for ou= r next > page. >=20 > + // We know the blind subtraction won't be bad because we alrea= dy > checked for page 0. >=20 > + DumpInputBuffer =3D &PaginationCache[DumpParams->PageSize * > (DumpParams->PageRequested - 1)]; >=20 > + // If we're getting the last page, adjust the PageSize. >=20 > + if (DumpParams->PageRequested =3D=3D DumpTotalPages) { >=20 > + DumpParams->PageSize =3D PaginationCacheSize % DumpParams- > >PageSize; >=20 > + } >=20 > + CopyMem (DumpOutputBuffer, DumpInputBuffer, DumpParams- > >PageSize); >=20 > + // If we just got the last page, settle up the cache. >=20 > + if (DumpParams->PageRequested =3D=3D DumpTotalPages) { >=20 > + DumpParams->HasMore =3D FALSE; >=20 > + FreePool (PaginationCache); >=20 > + PaginationCache =3D NULL; >=20 > + PaginationCacheSize =3D 0; >=20 > + CurrentPaginationCommand =3D 0; >=20 > + } >=20 > + // Otherwise, we could do more here. >=20 > + else { >=20 > + DumpParams->HasMore =3D TRUE; >=20 > + } >=20 > + >=20 > + // If we made it this far, we're basically good. >=20 > + SubCommandStatus =3D EFI_SUCCESS; >=20 > + } >=20 > + } >=20 > + // If we've requested any other page than 0 and the cache is empty= , we > must have timed out. >=20 > + else { >=20 > + DumpParams->TotalSize =3D 0; >=20 > + DumpParams->PageSize =3D 0; >=20 > + DumpParams->HasMore =3D FALSE; >=20 > + SubCommandStatus =3D EFI_TIMEOUT; >=20 > + } >=20 > + >=20 > + // There's currently no use for this, but it shouldn't be hard to = implement. >=20 > + PolicyCommmHeader->Result =3D SubCommandStatus; >=20 > + break; >=20 > + >=20 > + case VAR_CHECK_POLICY_COMMAND_LOCK: >=20 > + PolicyCommmHeader->Result =3D LockVariablePolicy(); >=20 > + break; >=20 > + >=20 > + default: >=20 > + // Mark unknown requested command as EFI_UNSUPPORTED. >=20 > + DEBUG(( DEBUG_INFO, "%a - Invalid command requested! %d\n", > __FUNCTION__, PolicyCommmHeader->Command )); >=20 > + PolicyCommmHeader->Result =3D EFI_UNSUPPORTED; >=20 > + break; >=20 > + } >=20 > + >=20 > + DEBUG(( DEBUG_VERBOSE, "%a - Command %d returning %r.\n", > __FUNCTION__, >=20 > + PolicyCommmHeader->Command, PolicyCommmHeader->Result )); >=20 > + >=20 > + return Status; >=20 > +} >=20 > + >=20 > + >=20 > +/** >=20 > + Constructor function of VarCheckPolicyLib to register VarCheck handler > and >=20 > + SW MMI handlers. >=20 > + >=20 > + @param[in] ImageHandle The firmware allocated handle for the EFI > image. >=20 > + @param[in] SystemTable A pointer to the EFI System Table. >=20 > + >=20 > + @retval EFI_SUCCESS The constructor executed correctly. >=20 > + >=20 > +**/ >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +VarCheckPolicyLibConstructor ( >=20 > + IN EFI_HANDLE ImageHandle, >=20 > + IN EFI_SYSTEM_TABLE *SystemTable >=20 > + ) >=20 > +{ >=20 > + EFI_STATUS Status; >=20 > + EFI_HANDLE DiscardedHandle; >=20 > + >=20 > + // Initialize the business logic with the internal GetVariable handler= . >=20 > + Status =3D InitVariablePolicyLib( VariableServiceGetVariable ); >=20 > + >=20 > + // Only proceed with init if the business logic could be initialized. >=20 > + if (!EFI_ERROR( Status )) { >=20 > + // Register the VarCheck handler for SetVariable filtering. >=20 > + // Forward the check to the business logic of the library. >=20 > + VarCheckLibRegisterSetVariableCheckHandler( ValidateSetVariable ); >=20 > + >=20 > + // Register the MMI handlers for receiving policy commands. >=20 > + DiscardedHandle =3D NULL; >=20 > + Status =3D gMmst->MmiHandlerRegister( VarCheckPolicyLibMmiHandler, >=20 > + &gVarCheckPolicyLibMmiHandlerGui= d, >=20 > + &DiscardedHandle ); >=20 > + } >=20 > + // Otherwise, there's not much we can do. >=20 > + else { >=20 > + DEBUG(( DEBUG_ERROR, "%a - Cannot Initialize VariablePolicyLib! %r\n= ", > __FUNCTION__, Status )); >=20 > + ASSERT_EFI_ERROR( Status ); >=20 > + } >=20 > + >=20 > + return Status; >=20 > +} >=20 > diff --git a/MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h > b/MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h > new file mode 100644 > index 000000000000..77bcc62f3ccf > --- /dev/null > +++ b/MdeModulePkg/Include/Guid/VarCheckPolicyMmi.h > @@ -0,0 +1,54 @@ > +/** @file -- VarCheckPolicyMmiCommon.h >=20 > +This header contains communication definitions that are shared between > DXE >=20 > +and the MM component of VarCheckPolicy. >=20 > + >=20 > +Copyright (c) Microsoft Corporation. >=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +**/ >=20 > + >=20 > +#ifndef _VAR_CHECK_POLICY_MMI_COMMON_H_ >=20 > +#define _VAR_CHECK_POLICY_MMI_COMMON_H_ >=20 > + >=20 > +#define VAR_CHECK_POLICY_COMM_SIG SIGNATURE_32('V', 'C', 'P', 'C= ') >=20 > +#define VAR_CHECK_POLICY_COMM_REVISION 1 >=20 > + >=20 > +#pragma pack(push, 1) >=20 > + >=20 > +typedef struct _VAR_CHECK_POLICY_COMM_HEADER { >=20 > + UINT32 Signature; >=20 > + UINT32 Revision; >=20 > + UINT32 Command; >=20 > + EFI_STATUS Result; >=20 > +} VAR_CHECK_POLICY_COMM_HEADER; >=20 > + >=20 > +typedef struct _VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS { >=20 > + BOOLEAN State; >=20 > +} VAR_CHECK_POLICY_COMM_IS_ENABLED_PARAMS; >=20 > + >=20 > +typedef struct _VAR_CHECK_POLICY_COMM_DUMP_PARAMS { >=20 > + UINT32 PageRequested; >=20 > + UINT32 TotalSize; >=20 > + UINT32 PageSize; >=20 > + BOOLEAN HasMore; >=20 > +} VAR_CHECK_POLICY_COMM_DUMP_PARAMS; >=20 > + >=20 > +#pragma pack(pop) >=20 > + >=20 > +// Make sure that we will hold at least the headers. >=20 > +#define VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE > MAX((OFFSET_OF(EFI_MM_COMMUNICATE_HEADER, Data) + sizeof > (VAR_CHECK_POLICY_COMM_HEADER) + EFI_PAGES_TO_SIZE(1)), > EFI_PAGES_TO_SIZE(4)) >=20 > +#define VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE > (VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE - \ >=20 > + (OFFSET_OF(EFI_MM_CO= MMUNICATE_HEADER, > Data) + \ >=20 > + sizeof(VAR_CHECK_P= OLICY_COMM_HEADER) + \ >=20 > + > sizeof(VAR_CHECK_POLICY_COMM_DUMP_PARAMS))) >=20 > +STATIC_ASSERT ( >=20 > + VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE < > VAR_CHECK_POLICY_MM_COMM_BUFFER_SIZE, >=20 > + "an integer underflow may have occurred calculating > VAR_CHECK_POLICY_MM_DUMP_BUFFER_SIZE" >=20 > + ); >=20 > + >=20 > +#define VAR_CHECK_POLICY_COMMAND_DISABLE 0x0001 >=20 > +#define VAR_CHECK_POLICY_COMMAND_IS_ENABLED 0x0002 >=20 > +#define VAR_CHECK_POLICY_COMMAND_REGISTER 0x0003 >=20 > +#define VAR_CHECK_POLICY_COMMAND_DUMP 0x0004 >=20 > +#define VAR_CHECK_POLICY_COMMAND_LOCK 0x0005 >=20 > + >=20 > +#endif // _VAR_CHECK_POLICY_MMI_COMMON_H_ >=20 > diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf > new file mode 100644 > index 000000000000..077bcc8990ca > --- /dev/null > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf > @@ -0,0 +1,42 @@ > +## @file VarCheckPolicyLib.inf >=20 > +# This is an instance of a VarCheck lib that leverages the business logi= c > behind >=20 > +# the VariablePolicy code to make its decisions. >=20 > +# >=20 > +# Copyright (c) Microsoft Corporation. >=20 > +# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +## >=20 > + >=20 > +[Defines] >=20 > + INF_VERSION =3D 0x00010005 >=20 > + BASE_NAME =3D VarCheckPolicyLib >=20 > + FILE_GUID =3D 9C28A48F-C884-4B1F-8B95-DEF12544802= 3 >=20 > + MODULE_TYPE =3D DXE_RUNTIME_DRIVER >=20 > + VERSION_STRING =3D 1.0 >=20 > + LIBRARY_CLASS =3D NULL|DXE_RUNTIME_DRIVER > DXE_SMM_DRIVER >=20 > + CONSTRUCTOR =3D VarCheckPolicyLibConstructor >=20 > + >=20 > + >=20 > +[Sources] >=20 > + VarCheckPolicyLib.c >=20 > + >=20 > + >=20 > +[Packages] >=20 > + MdePkg/MdePkg.dec >=20 > + MdeModulePkg/MdeModulePkg.dec >=20 > + >=20 > + >=20 > +[LibraryClasses] >=20 > + BaseLib >=20 > + DebugLib >=20 > + BaseMemoryLib >=20 > + DxeServicesLib >=20 > + MemoryAllocationLib >=20 > + VarCheckLib >=20 > + VariablePolicyLib >=20 > + VariablePolicyHelperLib >=20 > + SafeIntLib >=20 > + MmServicesTableLib >=20 > + >=20 > + >=20 > +[Guids] >=20 > + gVarCheckPolicyLibMmiHandlerGuid ## CONSUME ## Used to register > for MM Communication events. >=20 > diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni > b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni > new file mode 100644 > index 000000000000..eedeeed15d31 > --- /dev/null > +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.uni > @@ -0,0 +1,12 @@ > +// /** @file >=20 > +// VarCheckPolicyLib.uni >=20 > +// >=20 > +// Copyright (c) Microsoft Corporation. >=20 > +// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +// >=20 > +// **/ >=20 > + >=20 > + >=20 > +#string STR_MODULE_ABSTRACT #language en-US "NULL library > implementation that conforms to the VarCheck interface to allow > VariablePolicy engine to enforce policies" >=20 > + >=20 > +#string STR_MODULE_DESCRIPTION #language en-US "NULL library > implementation that conforms to the VarCheck interface to allow > VariablePolicy engine to enforce policies" >=20 > diff --git a/MdeModulePkg/MdeModulePkg.dec > b/MdeModulePkg/MdeModulePkg.dec > index b21cd78c8787..9a3c9fe642d3 100644 > --- a/MdeModulePkg/MdeModulePkg.dec > +++ b/MdeModulePkg/MdeModulePkg.dec > @@ -385,6 +385,10 @@ [Guids] > ## Include/Guid/EndofS3Resume.h >=20 > gEdkiiEndOfS3ResumeGuid =3D { 0x96f5296d, 0x05f7, 0x4f3c, {0x84, 0x67,= 0xe4, > 0x56, 0x89, 0x0e, 0x0c, 0xb5 } } >=20 >=20 >=20 > + ## Used (similar to Variable Services) to communicate policies to the > enforcement engine. >=20 > + # {DA1B0D11-D1A7-46C4-9DC9-F3714875C6EB} >=20 > + gVarCheckPolicyLibMmiHandlerGuid =3D { 0xda1b0d11, 0xd1a7, 0x46c4, > { 0x9d, 0xc9, 0xf3, 0x71, 0x48, 0x75, 0xc6, 0xeb }} >=20 > + >=20 > ## Include/Guid/S3SmmInitDone.h >=20 > gEdkiiS3SmmInitDoneGuid =3D { 0x8f9d4825, 0x797d, 0x48fc, { 0x84, 0x71= , > 0x84, 0x50, 0x25, 0x79, 0x2e, 0xf6 } } >=20 >=20 >=20 > diff --git a/MdeModulePkg/MdeModulePkg.dsc > b/MdeModulePkg/MdeModulePkg.dsc > index 37795b9e4f58..f0a75a3b337b 100644 > --- a/MdeModulePkg/MdeModulePkg.dsc > +++ b/MdeModulePkg/MdeModulePkg.dsc > @@ -313,6 +313,7 @@ [Components] > MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf >=20 > MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf >=20 > MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf >=20 > + MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf >=20 > MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf >=20 > MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf >=20 > MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf >=20 > @@ -458,6 +459,7 @@ [Components.IA32, Components.X64] > MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf >=20 > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf { >=20 > >=20 > + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf >=20 > NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf >=20 > NULL|MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf >=20 > NULL|MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf >=20 > -- > 2.26.2.windows.1.8.g01c50adf56.20200515075929 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. >=20 > View/Reply Online (#61590): https://edk2.groups.io/g/devel/message/61590 > Mute This Topic: https://groups.io/mt/75057699/1768738 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [dandan.bi@intel.com] > -=3D-=3D-=3D-=3D-=3D-=3D