From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web12.2810.1634092796672658524 for ; Tue, 12 Oct 2021 19:39:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=TUuU/4Hs; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: dandan.bi@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10135"; a="250741433" X-IronPort-AV: E=Sophos;i="5.85,369,1624345200"; d="scan'208";a="250741433" Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Oct 2021 19:39:56 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.85,369,1624345200"; d="scan'208";a="626177199" Received: from fmsmsx602.amr.corp.intel.com ([10.18.126.82]) by fmsmga001.fm.intel.com with ESMTP; 12 Oct 2021 19:39:56 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Tue, 12 Oct 2021 19:39:55 -0700 Received: from fmsmsx602.amr.corp.intel.com (10.18.126.82) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Tue, 12 Oct 2021 19:39:55 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx602.amr.corp.intel.com (10.18.126.82) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Tue, 12 Oct 2021 19:39:55 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.176) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Tue, 12 Oct 2021 19:39:55 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Yp6L9d4u59icKVw1P0e2nKvR/CUX9WI0frkIv7Ff4yB0NqQipX5F2ZzvGpHyJlBRlzFU7IQ+0K/UP5cBD2hDzsN4rDWBQ1UQ5lpFbdZPWZ17apDGn94w7XlYmStlPdnGvuBrUAGa+Jd7HuRBx330PXRCjnW7FmaPMdq7ZfYrOfX8kapsWsyQSckG+/9bx/J/uEpvg5RWtLaahUiJtAf10Fe16sb5aTTfJspTTeEedaJvC/FEvBi1I8xIVUAV6wGroCtWfsvbxBKZ+iaXhZWIJV8F3vvFnlBYj/0OBKE5H0IG74xyLBHLREAVsgWysoivwj9XHRa8G65Ckb1k4esNjg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=YMY9lZaZZwDnrY9lNFrtnzfFwEuiccMWWaWrx4Hk3AU=; b=APqKwJrAmtPdxN+0kx3PVNuRXQkBv7O0BgbON3Oz4eHbphU+Fvg3b+J+TqpyZ4oRMqTxQzz+RIxgki6+qeOdAnOVIfdA/v/YkLIdC71F+9SsaMhKhwm6oeid+mGghPhu618uUldEUuFXxfuwWjso7uAq5WMuyQ83BQEgvhbtxnY6uI/roxQBsxngy13AaoG3d6BSD6IIwBFe0LrzH5A4xfjXee/QVnYivY7ffAy0w06H4rOTrWBavT8n5ufOlZyPZ+gtDxHL7O4ZQh1VJQHOl2RyoJYZyaw/05lPkE905WFVU62oJC/KtXM1O49W9+u44kKhw23TtKndsJ1eKI6PBw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=YMY9lZaZZwDnrY9lNFrtnzfFwEuiccMWWaWrx4Hk3AU=; b=TUuU/4HsWPM4HjObqOFqtK1l0CIutZbXUsS8VbRUkGAz8UovXJWnvmcKWXGR9REcqPsHmUnLJfWKT/I85POxJz2zQJt1tO1wTunKqeqUAu/73LKZLdtahy3xA2Z7D7e5XwJkl4GvDEuQ0D5rXg9sMmRRFYq4WOqlcrE2WR8L9jw= Received: from DM4PR11MB5453.namprd11.prod.outlook.com (2603:10b6:5:398::15) by DM6PR11MB3612.namprd11.prod.outlook.com (2603:10b6:5:13b::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4587.22; Wed, 13 Oct 2021 02:39:53 +0000 Received: from DM4PR11MB5453.namprd11.prod.outlook.com ([fe80::ed4c:25e0:281e:da52]) by DM4PR11MB5453.namprd11.prod.outlook.com ([fe80::ed4c:25e0:281e:da52%2]) with mapi id 15.20.4587.026; Wed, 13 Oct 2021 02:39:53 +0000 From: "Dandan Bi" To: "Shi, Hao" , "devel@edk2.groups.io" CC: Liming Gao Subject: Re: [PATCH] UserAuthFeaturePkg/UserAuthenticationDxeSmm: The SMI to handle the user authentication should be unregister before booting to OS Thread-Topic: [PATCH] UserAuthFeaturePkg/UserAuthenticationDxeSmm: The SMI to handle the user authentication should be unregister before booting to OS Thread-Index: AQHXtA3s2DWfYjyWBUutSScFTGZzpKvIY6DAgAfrQ9A= Date: Wed, 13 Oct 2021 02:39:53 +0000 Message-ID: References: <20210928020915.790-1-hao.shi@intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 8cb223f5-74e2-4092-3d35-08d98df2bcc5 x-ms-traffictypediagnostic: DM6PR11MB3612: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:2449; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: /q2Mfk78/6jNQuoqVuClYd39uxGH/ER9M6BEeu2EJ6GrucXOAwE55rLAN+e6MHBFZKw/Cqwgh8rxndv36kr3prpjkA3MR4lF71K+V8dsRqQMHqDq2As4EhbC8my4uXjDG0Y0CTXzHux+9t8hKisgUM/T8/FrlgOOCc9rMLlZyPNA1/yF6/X5wH1OZpyvB+4HeIuMamSf1hLCeq/2+xOVmC0fW/xKBeg7wHeWhCT/z7kdEe6dzMWl2+Zq3kvSv86ZQ500q8VLpd0LZE7OU64tQSY+lXSMkq9v4zmKMz6siiVvGoURCN4Euy4tD6rrKND8CWXO1aNp6XU5ujyLj8iFv5FhysNTtPuxoM+ahv6/0xNDc3Znp0rPNucbkpgMaOt1fhfHbyahohBvfiFJkykqds5duYKj4kttYqYDitJS82u7tDzcdk3Ry+11cYsY75mDhqQdu+CjjAtGXiuU1Wl7Jjkr38QrWp0dtuwlfuM6iVWCtnnz8J80jncL+pkfsfaRQ9qoxLMAILPMPMcrTZmz4LmcKMfahYT/bGjfiPB2gFDP0EdVtXF4cHvAmP5Uqa9CaqGPc8GWVGVe/jwslQHeCL7tN+ZSXgf2xw65Snqp58WePMU+OE6Qa+8uwh90yeLQoNjY/Gf6Yu22DBQrQINJT6kds6WaKzv5zwFzqBYZ65xbZJQrd6O0bKZ5GfnXcqFEwuJCV6EOsXJifhvcvHiTwKCfci2DIjJECR47ScoVGj/7WS+uAMJ0ljl4x3HBH4P8ETfOhDrK8Jc42o8AfWCHAhUy8z33N4R7SPNScZ+TX5A4vBzOsMDVZ8SAi1iN657iQocmUGFOLVxJEDEf3x2Cyw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM4PR11MB5453.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(5660300002)(8676002)(71200400001)(66446008)(2906002)(76116006)(55016002)(86362001)(66476007)(110136005)(64756008)(7696005)(66556008)(9686003)(66946007)(316002)(4326008)(122000001)(6506007)(186003)(33656002)(52536014)(26005)(82960400001)(508600001)(38100700002)(53546011)(8936002)(966005)(83380400001)(38070700005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?eNk95jPWQOfL4m2pINKUMfnabK6swxXqep9zSh5k6/XRiaLl0JeuaI2Fe8M3?= =?us-ascii?Q?galcvNEG/LrJob8CRxSWjsTC/+jHaWz99LJ5fJw0XhBTS02m3qd2hnp+rZY2?= =?us-ascii?Q?8TtY6U2GcmaKNv8E2JSoE5g8Mn7uhjQmij89D+AWssojNk6dsu9yzHq4Q0aZ?= =?us-ascii?Q?+8fHaX9mCjRyay736fddT7LgvyoKzHRi/iqm1h86aXWuh0lp9Y64sSVSkq0k?= =?us-ascii?Q?3NI2ecsx8Bt8PbcMMsIfm1pKHsx30jim4XNT75neqCQ/X7ZvjpkgC0QMUXBV?= =?us-ascii?Q?1MxIfF6tBrUg7XoMFt7nW3dBAUpAjN0tIOdgYO6rvJT0+8iLkFw8FYPJO/bU?= =?us-ascii?Q?hXeOmiHuPTfd6ZTm9xpZmQ+/K+96u9j3kxAMeNMoDQUmAnT3EPeCWnKsa+/A?= =?us-ascii?Q?bDJPmEDcNZxRf/MmlL6yZVq7rVjKJexnOLh49C1n4UONk3qN5r/PaGnc6n5W?= =?us-ascii?Q?eCArXvyQ51uefq6q/+hF770UZtB12V/WVzrleRAf0WY6ZuRZrB+I1UiCNKNr?= =?us-ascii?Q?rJhodxndUwrb+4pxrJHhx8vHYbP7lslILUrd4e826cIcsa8pIbwecZgnwmuU?= =?us-ascii?Q?L15aGBoUB1dSmi63e+bETFo3iRz0m+x7XgvsKeVjcEEZ7SXGVX4ce5bslhTc?= =?us-ascii?Q?JvMhPpl0rY/jiLwjiIeOwGTSfIvvXtOkb/vVLpb+CVGqBbQpH7Dr1JBYFIuK?= =?us-ascii?Q?BXIJzlBMwvlpmkosSBRwBrY3z9ZDTwKBQFxAUwMTjxMd3NCRrsJNrvBDmYCv?= =?us-ascii?Q?pLAbDDymPpH6eeUDDT3x8BXvKAQ7uU+dWgzsPg5bdSpbsv1OSiseSYLzJezN?= =?us-ascii?Q?PNtClqfBOVNO5bjKNzMllOquQaC/qMqr2pgNohVgg9icjxObT8Gk9U84OPjo?= =?us-ascii?Q?gNK0ibHUzImAwfJ/RgcKajaHFThEL6QFyBIvuJzly74qTVDHR9NBTAoVN+Dn?= =?us-ascii?Q?wq597E531raQXSByVXz/gl+lzFZETeYQhOwtHRyDcQXFdYzleBIV4vRd75iO?= =?us-ascii?Q?/0JLRxZ/TfpqxqO3tg7jAzAlLRnU0f7tOjD8io+YWNk9IkURKIs9teN7XXL/?= =?us-ascii?Q?/saIyOd7jQlaGHcWc28J4RgdCuo8EzYynsJ5XOfhAjuJBMYEbcBwo2Q67BMe?= =?us-ascii?Q?t4SRuwvvfxABJqWCDlqYws/ZPO4FEcqhdCY4imuBZvRolAn9LdN4/aEC7CWt?= =?us-ascii?Q?Y+gkx1WotXddS11rUlhWwcVEU79cVRlc1iev9NgoJnP37OQippdVunt9llvz?= =?us-ascii?Q?ewA1tJVSr3UQQyPWf3/NlJQOTLEmQJvLrvXOddciN419ojdHDkN6FUIezltK?= =?us-ascii?Q?zruj/waRvZNheq4O/tgl9kRS?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM4PR11MB5453.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8cb223f5-74e2-4092-3d35-08d98df2bcc5 X-MS-Exchange-CrossTenant-originalarrivaltime: 13 Oct 2021 02:39:53.7414 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: gVmAHID1tbr53+jvkMWhhPSBWoFe/3VyML82E/6s4B/HENLKgGzyrt2GhG4tCxrQSJQ743F0x3nL8bfWXAqcUw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3612 Return-Path: dandan.bi@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Patch is submitted via commit 23ca68c23dd600973e961de4368abacf4db8c5c0 https://github.com/tianocore/edk2-platforms/commit/23ca68c23dd600973e961de4= 368abacf4db8c5c0 Thanks, Dandan > -----Original Message----- > From: Bi, Dandan > Sent: Friday, October 8, 2021 9:44 AM > To: Shi, Hao ; devel@edk2.groups.io > Cc: Liming Gao > Subject: RE: [PATCH] UserAuthFeaturePkg/UserAuthenticationDxeSmm: The > SMI to handle the user authentication should be unregister before booting= to OS >=20 > Reviewed-by: Dandan Bi >=20 >=20 >=20 > Thanks, > Dandan >=20 > > -----Original Message----- > > From: Shi, Hao > > Sent: Tuesday, September 28, 2021 10:09 AM > > To: devel@edk2.groups.io > > Cc: Shi, Hao ; Bi, Dandan ; > > Liming Gao > > Subject: [PATCH] UserAuthFeaturePkg/UserAuthenticationDxeSmm: The SMI > > to handle the user authentication should be unregister before booting > > to OS > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3648 > > > > Register SmmExitBootServices and SmmLegacyBoot callback function to > > unregister this handler. > > > > Signed-off-by: Hao Shi > > Cc: Dandan Bi > > Cc: Liming Gao > > --- > > .../UserAuthenticationSmm.c | 39 +++++++++++++++++-- > > .../UserAuthenticationSmm.inf | 2 + > > 2 files changed, 38 insertions(+), 3 deletions(-) > > > > diff --git > > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.c > > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.c > > index 07e834eb..3d66010b 100644 > > --- > > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.c > > +++ > > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthentication > > +++ DxeSmm/UserAuthenticationSmm.c > > @@ -13,6 +13,7 @@ UINTN mAdminPasswordTryCoun= t =3D 0; > > > > BOOLEAN mNeedReVerify =3D TRUE; > > BOOLEAN mPasswordVerified =3D FALSE; > > +EFI_HANDLE mSmmHandle =3D NULL; > > > > /** > > Verify if the password is correct. > > @@ -612,6 +613,30 @@ EXIT: > > return EFI_SUCCESS; > > } > > > > +/** > > + Performs Exit Boot Services UserAuthentication actions > > + > > + @param[in] Protocol Points to the protocol's unique identifier. > > + @param[in] Interface Points to the interface instance. > > + @param[in] Handle The handle on which the interface was installe= d. > > + > > + @retval EFI_SUCCESS Notification runs successfully. > > +**/ > > +EFI_STATUS > > +EFIAPI > > +UaExitBootServices ( > > + IN CONST EFI_GUID *Protocol, > > + IN VOID *Interface, > > + IN EFI_HANDLE Handle > > + ) > > +{ > > + DEBUG ((DEBUG_INFO, "Unregister User Authentication Smi\n")); > > + > > + gSmst->SmiHandlerUnRegister(mSmmHandle); > > + > > + return EFI_SUCCESS; > > +} > > + > > /** > > Main entry for this driver. > > > > @@ -629,10 +654,11 @@ PasswordSmmInit ( > > ) > > { > > EFI_STATUS Status; > > - EFI_HANDLE SmmHandle; > > EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock; > > CHAR16 > > PasswordHistoryName[sizeof(USER_AUTHENTICATION_VAR_NAME)/sizeof( > > CHAR16) + 5]; > > UINTN Index; > > + EFI_EVENT ExitBootServicesEvent; > > + EFI_EVENT LegacyBootEvent; > > > > ASSERT (PASSWORD_HASH_SIZE =3D=3D SHA256_DIGEST_SIZE); > > ASSERT (PASSWORD_HISTORY_CHECK_COUNT < 0xFFFF); @@ -657,13 > > +683,20 @@ PasswordSmmInit ( > > ASSERT_EFI_ERROR (Status); > > } > > > > - SmmHandle =3D NULL; > > - Status =3D gSmst->SmiHandlerRegister (SmmPasswordHandler, > > &gUserAuthenticationGuid, &SmmHandle); > > + Status =3D gSmst->SmiHandlerRegister (SmmPasswordHandler, > > + &gUserAuthenticationGuid, &mSmmHandle); > > ASSERT_EFI_ERROR (Status); > > if (EFI_ERROR (Status)) { > > return Status; > > } > > > > + // > > + // Register for SmmExitBootServices and SmmLegacyBoot notification. > > + // > > + Status =3D gSmst->SmmRegisterProtocolNotify > > + (&gEdkiiSmmExitBootServicesProtocolGuid, UaExitBootServices, > > + &ExitBootServicesEvent); ASSERT_EFI_ERROR (Status); Status =3D > > + gSmst->SmmRegisterProtocolNotify (&gEdkiiSmmLegacyBootProtocolGuid, > > + UaExitBootServices, &LegacyBootEvent); ASSERT_EFI_ERROR (Status); > > + > > if (IsPasswordCleared()) { > > DEBUG ((DEBUG_INFO, "IsPasswordCleared\n")); > > SavePasswordToVariable (&gUserAuthenticationGuid, NULL, 0); diff > > --git > > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.inf > > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.inf > > index 0b33b194..d73a2fe2 100644 > > --- > > a/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthenticationDx > > eSmm/UserAuthenticationSmm.inf > > +++ > > b/Features/Intel/UserInterface/UserAuthFeaturePkg/UserAuthentication > > +++ DxeSmm/UserAuthenticationSmm.inf > > @@ -48,6 +48,8 @@ > > [Protocols] > > gEdkiiVariableLockProtocolGuid ## CONSUMES > > gEfiSmmVariableProtocolGuid ## CONSUMES > > + gEdkiiSmmExitBootServicesProtocolGuid ## CONSUMES > > + gEdkiiSmmLegacyBootProtocolGuid ## CONSUMES > > > > [Depex] > > gEfiSmmVariableProtocolGuid AND gEfiVariableWriteArchProtocolGuid > > -- > > 2.31.1.windows.1