* [PATCH V1 0/5] UEFI Variable SMI Reduction
@ 2019-09-26 4:50 Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
` (5 more replies)
0 siblings, 6 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
Overview
---------
This patch series reduces SMM usage when using VariableSmmRuntimeDxe with
VariableSmm. It does so by eliminating SMM usage for runtime service
GetVariable () and GetNextVariableName () invocations. Most UEFI variable
usage in typical systems after the variable store is initialized
(e.g. manufacturing boots) is due to GetVariable ( ) and
GetNextVariableName () not SetVariable (). GetVariable () calls can regularly
exceed 100 per boot while SetVariable () calls typically remain less than 10
per boot. By focusing on the common case, the majority of overhead associated
with SMM can be avoided while still using existing and proven code for
operations such as variable authentication that require an isolated execution
environment.
* Advantage: Reduces overall system SMM usage
* Disadvantage: Requires more Runtime data memory usage
Initial Performance Observations
---------------------------------
* With these proposed changes, an Intel Atom based SoC saw GetVariable ( )
time for an existing variable reduce from ~220us to ~5us.
Major Changes
--------------
1. Two UEFI variable caches will be maintained.
a. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used to serve
runtime service GetVariable () and GetNextVariableName () callers.
b. "SMM cache" - Maintained in VariableSmm to service SMM GetVariable ()
and GetNextVariableName () callers.
i. A cache in SMRAM is retained so SMM modules do not operate on data
outside SMRAM.
2. A new UEFI variable read and write flow will be used as described below.
At any given time, the two caches would be coherent. On a variable write, the
runtime cache is only updated after validation in SMM and, in the case of a
non-volatile UEFI variable, the variable must also be successfully written to
non-volatile storage.
Prior RFC Feedback Addressed
-----------------------------
RFC sent Sept. 5, 2019: https://edk2.groups.io/g/devel/message/46939
1. UEFI variable data retrieval from a ring 0 buffer
A common concern with this proposed set of changes is the potential security
threat presented by serving runtime services callers from a ring 0 memory
buffer of EfiRuntimeServicesData type. This conclusion was that this change
does not fundamentally alter the attack surface. The UEFI variable Runtime
Services are invoked from ring 0 and the data already travels through ring
0 buffers (such as the SMM communicate buffer) to reach the caller. Even
today if ring 0 is assumed to be malicious, the malicious code may keep one
AP in a loop to monitor the communication data, when the BSP gets an
(authenticated) variable. When the communication buffer is updated and the
status is set to EFI_SUCCESS, the AP may modify the communication buffer
contents such the tampered data is returned to the BSP caller. Or an
interrupt handler on the BSP may alter the communication buffer contents
before the data is returned to the caller. In summary, this was not found to
introduce any attack not possible today.
2. VarCheckLib impact
VarCheckLib plays a role in SetVariable () calls. This patch series only
changes GetVariable () behavior. Therefore, VarCheckLib is expected to
have no impact due to these changes.
Testing Performed
------------------
This code was tested with the master branch of edk2 on an Intel Kaby Lake U
Intel Whiskey Lake U reference validation platform. The set of tests performed
included:
1. Boot from S5 to Windows 10 OS with SMM variables enabled.
2. Boot from S5 to Ubuntu 18.04.1 LTS with SMM variable enabled.
3. Boot from S5 to EFI shell with DXE variables enabled.
4. Dump UEFI variable store at shell with dmpstore to verify contents.
5. Dump NvStorage FV from SPI flash after boot to verify contents written.
6. Dump UEFI variable statistics with VariableInfo at shell.
7. Boot with emulated variables enabled.
8. Cycles of adding and deleting a UEFI variable to verify cache results.
9. Set OsIndications to stop at FW UI to verify cache load of non-volatile
contents.
Why Keep SMM on Variable Writes
--------------------------------
* SMM provides a ubiquitous isolated execution environment in x86 for
authenticated UEFI variables.
* BIOS region SPI flash write restrictions to SMM in platforms today can
be retained.
Today's UEFI Variable Cache (for reference)
--------------------------------------------
* Maintained in SMRAM via VariableSmm.
* A "write-through" cache of variable data in the form of a UEFI variable
store.
* Non-volatile and volatile variables are maintained in separate buffers
(variable stores).
Runtime & SMM Cache Coherency
------------------------------
The non-volatile cache should always accurately reflect non-volatile storage
contents (done today) and the "SMM cache" and "Runtime cache" should always be
coherent on access. The runtime cache is updated by VariableSmm.
Updating both caches from within a SMM SetVariable () operation is fairly
straightforward but a race condition can occur if an SMI occurs during the
execution of runtime code reading from the runtime cache. To handle this case,
a runtime cache read lock is introduced that explicitly moves pending updates
from SMM to the runtime cache if an SMM update occurs while the runtime cache
is locked. Note that it is not expected a Runtime services call will interrupt
SMM processing since all CPU cores rendezvous in SMM.
New Key Elements for Coherence
-------------------------------
Runtime DXE (VariableSmmRuntimeDxe)
1. RuntimeCacheReadLock - A global lock used to lock read access to the
runtime cache.
2. RuntimeCachePendingUpdate - A global flag used to notify runtime code of a
pending cache update in SMM.
SMM (VariableSmm)
1. FlushRuntimeCachePendingUpdate SMI - A SW SMI handler that synchronizes
the runtime cache buffer with the SMM
cache buffer.
Proposed Runtime DXE Read Flow
-------------------------------
1. Wait for RuntimeCacheReadLock to be free
2. Acquire RuntimeCacheReadLock
3. If RuntimeCachePendingUpdate flag (rare) is set then:
3.a. Trigger FlushRuntimeCachePendingUpdate SMI
3.b. Verify RuntimeCachePendingUpdate flag is cleared
4. Perform read from RuntimeCache
5. Release RuntimeCacheReadLock
Proposed FlushRuntimeCachePendingUpdate SMI
--------------------------------------------
1. If RuntimeCachePendingUpdate flag is not set:
1.a. Return
2. Copy the data at RuntimeCachePendingOffset of RuntimeCachePendingLength to
RuntimeCache
3. Clear the RuntimeCachePendingUpdate flag
Proposed SMM Write Flow
------------------------
1. Perform variable authentication and non-volatile write. If either fail,
return an error to the caller.
2. If RuntimeCacheReadLock is set then:
2.a. Set RuntimeCachePendingUpdate flag
2.b. Update RuntimeCachePendingOffset and RuntimeCachePendingLength to
cover the a superset of the pending chunk (for simplicity, the
entire variable store is currently synchronized).
3. Else:
3.a. Update RuntimeCache
4. Update SmmCache
- Note: RT read cannot occur during SMI processing since all cores are
locked in SMM.
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
Michael Kubacki (5):
MdeModulePkg/Variable: Consolidate common parsing functions
MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
MdeModulePkg/Variable: Add RT GetVariable() cache support
MdeModulePkg/Variable: Add RT GetNextVariableName() cache support
MdeModulePkg/VariableSmm: Remove unused SMI handler functions
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 6 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 6 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 32 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 11 +
MdeModulePkg/Include/Guid/SmmVariableCommon.h | 33 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 158 +---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h | 25 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h | 342 ++++++++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h | 47 ++
MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 828 ++------------------
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c | 11 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c | 28 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 816 +++++++++++++++++++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c | 153 ++++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 213 +++--
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 726 +++++++++++++----
17 files changed, 2298 insertions(+), 1174 deletions(-)
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
--
2.16.2.windows.1
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
@ 2019-09-26 4:50 ` Kubacki, Michael A
2019-09-27 8:17 ` [edk2-devel] " Wu, Hao A
2019-09-26 4:50 ` [PATCH V1 2/5] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats Kubacki, Michael A
` (4 subsequent siblings)
5 siblings, 1 reply; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
This change moves the following functions into a dedicated file
so they may be used in other variable files as needed. Furthermore,
it reduces the overall size of the common Variable.c file.
* DataSizeOfVariable ()
* FindVariableEx ()
* GetEndPointer ()
* GetNextVariableEx ()
* GetNextVariablePtr ()
* GetStartPointer ()
* GetVariableDataOffset ()
* GetVariableDataPtr ()
* GetVariableHeaderSize ()
* GetVariableNamePtr ()
* GetVariableStoreStatus ()
* GetVendorGuidPtr ()
* IsAuthenticatedVariable ()
* IsValidVariableHeader ()
* NameSizeOfVariable ()
* SetDataSizeOfVariable ()
* SetNameSizeOfVariable ()
* UpdateVariableInfo ()
* VariableCompareTimeStampInternal ()
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 4 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 4 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 8 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 9 +
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 119 ---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h | 25 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h | 342 ++++++++
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 784 +------------------
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c | 11 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c | 28 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 816 ++++++++++++++++++++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 2 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 3 +-
13 files changed, 1273 insertions(+), 882 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 641376c9c5..08a5490787 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -36,6 +36,10 @@
Variable.c
VariableDxe.c
Variable.h
+ VariableNonVolatile.c
+ VariableNonVolatile.h
+ VariableParsing.c
+ VariableParsing.h
PrivilegePolymorphic.h
Measurement.c
TcgMorLockDxe.c
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index 0a160d269d..6dc2721b81 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -45,6 +45,10 @@
Variable.c
VariableTraditionalMm.c
VariableSmm.c
+ VariableNonVolatile.c
+ VariableNonVolatile.h
+ VariableParsing.c
+ VariableParsing.h
VarCheck.c
Variable.h
PrivilegePolymorphic.h
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
index 14894e6f13..1873b4fe43 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
@@ -13,7 +13,7 @@
# may not be modified without authorization. If platform fails to protect these resources,
# the authentication service provided in this driver will be broken, and the behavior is undefined.
#
-# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -39,6 +39,9 @@
VariableSmmRuntimeDxe.c
PrivilegePolymorphic.h
Measurement.c
+ Variable.h
+ VariableParsing.c
+ VariableParsing.h
[Packages]
MdePkg/MdePkg.dec
@@ -65,6 +68,9 @@
gEdkiiVariableLockProtocolGuid ## PRODUCES
gEdkiiVarCheckProtocolGuid ## PRODUCES
+[FeaturePcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES
+
[Guids]
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
gEfiEventExitBootServicesGuid ## CONSUMES ## Event
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
index 21bc81163b..ca9d23ce9f 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -45,6 +45,10 @@
Variable.c
VariableSmm.c
VariableStandaloneMm.c
+ VariableNonVolatile.c
+ VariableNonVolatile.h
+ VariableParsing.c
+ VariableParsing.h
VarCheck.c
Variable.h
PrivilegePolymorphic.h
@@ -99,6 +103,11 @@
## SOMETIMES_PRODUCES ## Variable:L"Lang"
gEfiGlobalVariableGuid
+ ## SOMETIMES_CONSUMES ## Variable:L"db"
+ ## SOMETIMES_CONSUMES ## Variable:L"dbx"
+ ## SOMETIMES_CONSUMES ## Variable:L"dbt"
+ gEfiImageSecurityDatabaseGuid
+
gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
gEfiMemoryOverwriteRequestControlLockGuid ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControlLock"
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
index 9eac43759f..fb574b2e32 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
@@ -179,89 +179,6 @@ FindVariable (
IN BOOLEAN IgnoreRtCheck
);
-/**
-
- Gets the pointer to the end of the variable storage area.
-
- This function gets pointer to the end of the variable storage
- area, according to the input variable store header.
-
- @param VarStoreHeader Pointer to the Variable Store Header.
-
- @return Pointer to the end of the variable storage area.
-
-**/
-VARIABLE_HEADER *
-GetEndPointer (
- IN VARIABLE_STORE_HEADER *VarStoreHeader
- );
-
-/**
- This code gets the size of variable header.
-
- @return Size of variable header in bytes in type UINTN.
-
-**/
-UINTN
-GetVariableHeaderSize (
- VOID
- );
-
-/**
-
- This code gets the pointer to the variable name.
-
- @param Variable Pointer to the Variable Header.
-
- @return Pointer to Variable Name which is Unicode encoding.
-
-**/
-CHAR16 *
-GetVariableNamePtr (
- IN VARIABLE_HEADER *Variable
- );
-
-/**
- This code gets the pointer to the variable guid.
-
- @param Variable Pointer to the Variable Header.
-
- @return A EFI_GUID* pointer to Vendor Guid.
-
-**/
-EFI_GUID *
-GetVendorGuidPtr (
- IN VARIABLE_HEADER *Variable
- );
-
-/**
-
- This code gets the pointer to the variable data.
-
- @param Variable Pointer to the Variable Header.
-
- @return Pointer to Variable Data.
-
-**/
-UINT8 *
-GetVariableDataPtr (
- IN VARIABLE_HEADER *Variable
- );
-
-/**
-
- This code gets the size of variable data.
-
- @param Variable Pointer to the Variable Header.
-
- @return Size of variable in bytes.
-
-**/
-UINTN
-DataSizeOfVariable (
- IN VARIABLE_HEADER *Variable
- );
-
/**
This function is to check if the remaining variable space is enough to set
all Variables from argument list successfully. The purpose of the check
@@ -450,17 +367,6 @@ ReclaimForOS(
VOID
);
-/**
- Get non-volatile maximum variable size.
-
- @return Non-volatile maximum variable size.
-
-**/
-UINTN
-GetNonVolatileMaxVariableSize (
- VOID
- );
-
/**
Get maximum variable size, covering both non-volatile and volatile variables.
@@ -546,31 +452,6 @@ VariableServiceGetVariable (
OUT VOID *Data OPTIONAL
);
-/**
- This code Finds the Next available variable.
-
- Caution: This function may receive untrusted input.
- This function may be invoked in SMM mode. This function will do basic validation, before parse the data.
-
- @param[in] VariableName Pointer to variable name.
- @param[in] VendorGuid Variable Vendor Guid.
- @param[out] VariablePtr Pointer to variable header address.
-
- @retval EFI_SUCCESS The function completed successfully.
- @retval EFI_NOT_FOUND The next variable was not found.
- @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while VendorGuid is NULL.
- @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and
- GUID of an existing variable.
-
-**/
-EFI_STATUS
-EFIAPI
-VariableServiceGetNextVariableInternal (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- OUT VARIABLE_HEADER **VariablePtr
- );
-
/**
This code Finds the Next available variable.
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
new file mode 100644
index 0000000000..82572262ef
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
@@ -0,0 +1,25 @@
+/** @file
+ Common variable non-volatile store routines.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _VARIABLE_NON_VOLATILE_H_
+#define _VARIABLE_NON_VOLATILE_H_
+
+#include "Variable.h"
+
+/**
+ Get non-volatile maximum variable size.
+
+ @return Non-volatile maximum variable size.
+
+**/
+UINTN
+GetNonVolatileMaxVariableSize (
+ VOID
+ );
+
+#endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
new file mode 100644
index 0000000000..bd617fca10
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
@@ -0,0 +1,342 @@
+/** @file
+ Common variable helper routines are shared by the DXE_RUNTIME variable
+ module and the DXE_SMM variable module.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _VARIABLE_PARSING_H_
+#define _VARIABLE_PARSING_H_
+
+#include <Guid/ImageAuthentication.h>
+#include "Variable.h"
+
+/**
+
+ This code checks if variable header is valid or not.
+
+ @param Variable Pointer to the Variable Header.
+ @param VariableStoreEnd Pointer to the Variable Store End.
+
+ @retval TRUE Variable header is valid.
+ @retval FALSE Variable header is not valid.
+
+**/
+BOOLEAN
+IsValidVariableHeader (
+ IN VARIABLE_HEADER *Variable,
+ IN VARIABLE_HEADER *VariableStoreEnd
+ );
+
+/**
+
+ This code gets the current status of Variable Store.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @retval EfiRaw Variable store status is raw.
+ @retval EfiValid Variable store status is valid.
+ @retval EfiInvalid Variable store status is invalid.
+
+**/
+VARIABLE_STORE_STATUS
+GetVariableStoreStatus (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ );
+
+/**
+ This code gets the size of variable header.
+
+ @return Size of variable header in bytes in type UINTN.
+
+**/
+UINTN
+GetVariableHeaderSize (
+ VOID
+ );
+
+/**
+
+ This code gets the size of name of variable.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return UINTN Size of variable in bytes.
+
+**/
+UINTN
+NameSizeOfVariable (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+ This code sets the size of name of variable.
+
+ @param[in] Variable Pointer to the Variable Header.
+ @param[in] NameSize Name size to set.
+
+**/
+VOID
+SetNameSizeOfVariable (
+ IN VARIABLE_HEADER *Variable,
+ IN UINTN NameSize
+ );
+
+/**
+
+ This code gets the size of variable data.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Size of variable in bytes.
+
+**/
+UINTN
+DataSizeOfVariable (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+ This code sets the size of variable data.
+
+ @param[in] Variable Pointer to the Variable Header.
+ @param[in] DataSize Data size to set.
+
+**/
+VOID
+SetDataSizeOfVariable (
+ IN VARIABLE_HEADER *Variable,
+ IN UINTN DataSize
+ );
+
+/**
+
+ This code gets the pointer to the variable name.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to Variable Name which is Unicode encoding.
+
+**/
+CHAR16 *
+GetVariableNamePtr (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+ This code gets the pointer to the variable guid.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return A EFI_GUID* pointer to Vendor Guid.
+
+**/
+EFI_GUID *
+GetVendorGuidPtr (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+
+ This code gets the pointer to the variable data.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to Variable Data.
+
+**/
+UINT8 *
+GetVariableDataPtr (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+ This code gets the variable data offset related to variable header.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Variable Data offset.
+
+**/
+UINTN
+GetVariableDataOffset (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+
+ This code gets the pointer to the next variable header.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to next variable header.
+
+**/
+VARIABLE_HEADER *
+GetNextVariablePtr (
+ IN VARIABLE_HEADER *Variable
+ );
+
+/**
+
+ Gets the pointer to the first variable header in given variable store area.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @return Pointer to the first variable header.
+
+**/
+VARIABLE_HEADER *
+GetStartPointer (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ );
+
+/**
+
+ Gets the pointer to the end of the variable storage area.
+
+ This function gets pointer to the end of the variable storage
+ area, according to the input variable store header.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @return Pointer to the end of the variable storage area.
+
+**/
+VARIABLE_HEADER *
+GetEndPointer (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ );
+
+/**
+ Returns if this is a variable that always requires authenticated writes.
+ There may be other scenarios that result in a variable not identified by the
+ function to also require authentication.
+
+ @param[in] VariableName Name of variable.
+ @param[in] VendorGuid Guid of variable.
+
+ @retval TRUE The variable always requires authenticated writes
+ @retval FALSE The variable may or may not require authenticated writes
+**/
+BOOLEAN
+IsAuthenticatedVariable (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
+ );
+
+/**
+ Compare two EFI_TIME data.
+
+
+ @param FirstTime A pointer to the first EFI_TIME data.
+ @param SecondTime A pointer to the second EFI_TIME data.
+
+ @retval TRUE The FirstTime is not later than the SecondTime.
+ @retval FALSE The FirstTime is later than the SecondTime.
+
+**/
+BOOLEAN
+VariableCompareTimeStampInternal (
+ IN EFI_TIME *FirstTime,
+ IN EFI_TIME *SecondTime
+ );
+
+/**
+ Find the variable in the specified variable store.
+
+ @param[in] VariableName Name of the variable to be found
+ @param[in] VendorGuid Vendor GUID to be found.
+ @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS attribute
+ check at runtime when searching variable.
+ @param[in, out] PtrTrack Variable Track Pointer structure that contains Variable Information.
+
+ @retval EFI_SUCCESS Variable found successfully
+ @retval EFI_NOT_FOUND Variable not found
+**/
+EFI_STATUS
+FindVariableEx (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN BOOLEAN IgnoreRtCheck,
+ IN OUT VARIABLE_POINTER_TRACK *PtrTrack
+ );
+
+/**
+ This code finds the next available variable.
+
+ Caution: This function may receive untrusted input.
+ This function may be invoked in SMM mode. This function will do basic validation, before parse the data.
+
+ @param[in] VariableName Pointer to variable name.
+ @param[in] VendorGuid Variable Vendor Guid.
+ @param[in] VariableStoreList A list of variable stores that should be used to get the next variable.
+ The maximum number of entries is the max value of VARIABLE_STORE_TYPE.
+ @param[out] VariablePtr Pointer to variable header address.
+
+ @retval EFI_SUCCESS The function completed successfully.
+ @retval EFI_NOT_FOUND The next variable was not found.
+ @retval EFI_INVALID_PARAMETER If VariableName is nt an empty string, while VendorGuid is NULL.
+ @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and
+ GUID of an existing variable.
+
+**/
+EFI_STATUS
+EFIAPI
+GetNextVariableEx (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VARIABLE_STORE_HEADER **VariableStoreList,
+ OUT VARIABLE_HEADER **VariablePtr
+ );
+
+/**
+ Routine used to track statistical information about variable usage.
+ The data is stored in the EFI system table so it can be accessed later.
+ VariableInfo.efi can dump out the table. Only Boot Services variable
+ accesses are tracked by this code. The PcdVariableCollectStatistics
+ build flag controls if this feature is enabled.
+
+ A read that hits in the cache will have Read and Cache true for
+ the transaction. Data is allocated by this routine, but never
+ freed.
+
+ @param[in] VariableName Name of the Variable to track.
+ @param[in] VendorGuid Guid of the Variable to track.
+ @param[in] Volatile TRUE if volatile FALSE if non-volatile.
+ @param[in] Read TRUE if GetVariable() was called.
+ @param[in] Write TRUE if SetVariable() was called.
+ @param[in] Delete TRUE if deleted via SetVariable().
+ @param[in] Cache TRUE for a cache hit.
+ @param[in,out] VariableInfo Pointer to a pointer of VARIABLE_INFO_ENTRY structures.
+
+**/
+VOID
+UpdateVariableInfo (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN BOOLEAN Volatile,
+ IN BOOLEAN Read,
+ IN BOOLEAN Write,
+ IN BOOLEAN Delete,
+ IN BOOLEAN Cache,
+ IN OUT VARIABLE_INFO_ENTRY **VariableInfo
+ );
+
+/**
+ Initializes context needed for variable helpers.
+
+ @param[in] AuthFormat If true then indicates authenticated variables are supported
+
+ @retval EFI_SUCCESS Initialized successfully
+ @retval Others An error occurred during initialization
+**/
+EFI_STATUS
+EFIAPI
+InitVariableHelpers (
+ IN BOOLEAN AuthFormat
+ );
+
+#endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index f32c9c2808..d14fecc830 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -23,6 +23,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "Variable.h"
+#include "VariableNonVolatile.h"
+#include "VariableParsing.h"
VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
@@ -92,131 +94,6 @@ AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {
AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;
-/**
- Routine used to track statistical information about variable usage.
- The data is stored in the EFI system table so it can be accessed later.
- VariableInfo.efi can dump out the table. Only Boot Services variable
- accesses are tracked by this code. The PcdVariableCollectStatistics
- build flag controls if this feature is enabled.
-
- A read that hits in the cache will have Read and Cache true for
- the transaction. Data is allocated by this routine, but never
- freed.
-
- @param[in] VariableName Name of the Variable to track.
- @param[in] VendorGuid Guid of the Variable to track.
- @param[in] Volatile TRUE if volatile FALSE if non-volatile.
- @param[in] Read TRUE if GetVariable() was called.
- @param[in] Write TRUE if SetVariable() was called.
- @param[in] Delete TRUE if deleted via SetVariable().
- @param[in] Cache TRUE for a cache hit.
-
-**/
-VOID
-UpdateVariableInfo (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN BOOLEAN Volatile,
- IN BOOLEAN Read,
- IN BOOLEAN Write,
- IN BOOLEAN Delete,
- IN BOOLEAN Cache
- )
-{
- VARIABLE_INFO_ENTRY *Entry;
-
- if (FeaturePcdGet (PcdVariableCollectStatistics)) {
-
- if (AtRuntime ()) {
- // Don't collect statistics at runtime.
- return;
- }
-
- if (gVariableInfo == NULL) {
- //
- // On the first call allocate a entry and place a pointer to it in
- // the EFI System Table.
- //
- gVariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
- ASSERT (gVariableInfo != NULL);
-
- CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
- gVariableInfo->Name = AllocateZeroPool (StrSize (VariableName));
- ASSERT (gVariableInfo->Name != NULL);
- StrCpyS (gVariableInfo->Name, StrSize(VariableName)/sizeof(CHAR16), VariableName);
- gVariableInfo->Volatile = Volatile;
- }
-
-
- for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) {
- if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
- if (StrCmp (VariableName, Entry->Name) == 0) {
- if (Read) {
- Entry->ReadCount++;
- }
- if (Write) {
- Entry->WriteCount++;
- }
- if (Delete) {
- Entry->DeleteCount++;
- }
- if (Cache) {
- Entry->CacheCount++;
- }
-
- return;
- }
- }
-
- if (Entry->Next == NULL) {
- //
- // If the entry is not in the table add it.
- // Next iteration of the loop will fill in the data.
- //
- Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
- ASSERT (Entry->Next != NULL);
-
- CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
- Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
- ASSERT (Entry->Next->Name != NULL);
- StrCpyS (Entry->Next->Name, StrSize(VariableName)/sizeof(CHAR16), VariableName);
- Entry->Next->Volatile = Volatile;
- }
-
- }
- }
-}
-
-
-/**
-
- This code checks if variable header is valid or not.
-
- @param Variable Pointer to the Variable Header.
- @param VariableStoreEnd Pointer to the Variable Store End.
-
- @retval TRUE Variable header is valid.
- @retval FALSE Variable header is not valid.
-
-**/
-BOOLEAN
-IsValidVariableHeader (
- IN VARIABLE_HEADER *Variable,
- IN VARIABLE_HEADER *VariableStoreEnd
- )
-{
- if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable->StartId != VARIABLE_DATA)) {
- //
- // Variable is NULL or has reached the end of variable store,
- // or the StartId is not correct.
- //
- return FALSE;
- }
-
- return TRUE;
-}
-
-
/**
This function writes data to the FWH at the correct LBA even if the LBAs
@@ -376,345 +253,6 @@ UpdateVariableStore (
return EFI_SUCCESS;
}
-
-/**
-
- This code gets the current status of Variable Store.
-
- @param VarStoreHeader Pointer to the Variable Store Header.
-
- @retval EfiRaw Variable store status is raw.
- @retval EfiValid Variable store status is valid.
- @retval EfiInvalid Variable store status is invalid.
-
-**/
-VARIABLE_STORE_STATUS
-GetVariableStoreStatus (
- IN VARIABLE_STORE_HEADER *VarStoreHeader
- )
-{
- if ((CompareGuid (&VarStoreHeader->Signature, &gEfiAuthenticatedVariableGuid) ||
- CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
- VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
- VarStoreHeader->State == VARIABLE_STORE_HEALTHY
- ) {
-
- return EfiValid;
- } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
- ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
- ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
- ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
- VarStoreHeader->Size == 0xffffffff &&
- VarStoreHeader->Format == 0xff &&
- VarStoreHeader->State == 0xff
- ) {
-
- return EfiRaw;
- } else {
- return EfiInvalid;
- }
-}
-
-/**
- This code gets the size of variable header.
-
- @return Size of variable header in bytes in type UINTN.
-
-**/
-UINTN
-GetVariableHeaderSize (
- VOID
- )
-{
- UINTN Value;
-
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
- } else {
- Value = sizeof (VARIABLE_HEADER);
- }
-
- return Value;
-}
-
-/**
-
- This code gets the size of name of variable.
-
- @param Variable Pointer to the Variable Header.
-
- @return UINTN Size of variable in bytes.
-
-**/
-UINTN
-NameSizeOfVariable (
- IN VARIABLE_HEADER *Variable
- )
-{
- AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
-
- AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- if (AuthVariable->State == (UINT8) (-1) ||
- AuthVariable->DataSize == (UINT32) (-1) ||
- AuthVariable->NameSize == (UINT32) (-1) ||
- AuthVariable->Attributes == (UINT32) (-1)) {
- return 0;
- }
- return (UINTN) AuthVariable->NameSize;
- } else {
- if (Variable->State == (UINT8) (-1) ||
- Variable->DataSize == (UINT32) (-1) ||
- Variable->NameSize == (UINT32) (-1) ||
- Variable->Attributes == (UINT32) (-1)) {
- return 0;
- }
- return (UINTN) Variable->NameSize;
- }
-}
-
-/**
- This code sets the size of name of variable.
-
- @param[in] Variable Pointer to the Variable Header.
- @param[in] NameSize Name size to set.
-
-**/
-VOID
-SetNameSizeOfVariable (
- IN VARIABLE_HEADER *Variable,
- IN UINTN NameSize
- )
-{
- AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
-
- AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- AuthVariable->NameSize = (UINT32) NameSize;
- } else {
- Variable->NameSize = (UINT32) NameSize;
- }
-}
-
-/**
-
- This code gets the size of variable data.
-
- @param Variable Pointer to the Variable Header.
-
- @return Size of variable in bytes.
-
-**/
-UINTN
-DataSizeOfVariable (
- IN VARIABLE_HEADER *Variable
- )
-{
- AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
-
- AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- if (AuthVariable->State == (UINT8) (-1) ||
- AuthVariable->DataSize == (UINT32) (-1) ||
- AuthVariable->NameSize == (UINT32) (-1) ||
- AuthVariable->Attributes == (UINT32) (-1)) {
- return 0;
- }
- return (UINTN) AuthVariable->DataSize;
- } else {
- if (Variable->State == (UINT8) (-1) ||
- Variable->DataSize == (UINT32) (-1) ||
- Variable->NameSize == (UINT32) (-1) ||
- Variable->Attributes == (UINT32) (-1)) {
- return 0;
- }
- return (UINTN) Variable->DataSize;
- }
-}
-
-/**
- This code sets the size of variable data.
-
- @param[in] Variable Pointer to the Variable Header.
- @param[in] DataSize Data size to set.
-
-**/
-VOID
-SetDataSizeOfVariable (
- IN VARIABLE_HEADER *Variable,
- IN UINTN DataSize
- )
-{
- AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
-
- AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- AuthVariable->DataSize = (UINT32) DataSize;
- } else {
- Variable->DataSize = (UINT32) DataSize;
- }
-}
-
-/**
-
- This code gets the pointer to the variable name.
-
- @param Variable Pointer to the Variable Header.
-
- @return Pointer to Variable Name which is Unicode encoding.
-
-**/
-CHAR16 *
-GetVariableNamePtr (
- IN VARIABLE_HEADER *Variable
- )
-{
- return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
-}
-
-/**
- This code gets the pointer to the variable guid.
-
- @param Variable Pointer to the Variable Header.
-
- @return A EFI_GUID* pointer to Vendor Guid.
-
-**/
-EFI_GUID *
-GetVendorGuidPtr (
- IN VARIABLE_HEADER *Variable
- )
-{
- AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
-
- AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
- if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
- return &AuthVariable->VendorGuid;
- } else {
- return &Variable->VendorGuid;
- }
-}
-
-/**
-
- This code gets the pointer to the variable data.
-
- @param Variable Pointer to the Variable Header.
-
- @return Pointer to Variable Data.
-
-**/
-UINT8 *
-GetVariableDataPtr (
- IN VARIABLE_HEADER *Variable
- )
-{
- UINTN Value;
-
- //
- // Be careful about pad size for alignment.
- //
- Value = (UINTN) GetVariableNamePtr (Variable);
- Value += NameSizeOfVariable (Variable);
- Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
-
- return (UINT8 *) Value;
-}
-
-/**
- This code gets the variable data offset related to variable header.
-
- @param Variable Pointer to the Variable Header.
-
- @return Variable Data offset.
-
-**/
-UINTN
-GetVariableDataOffset (
- IN VARIABLE_HEADER *Variable
- )
-{
- UINTN Value;
-
- //
- // Be careful about pad size for alignment
- //
- Value = GetVariableHeaderSize ();
- Value += NameSizeOfVariable (Variable);
- Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
-
- return Value;
-}
-
-/**
-
- This code gets the pointer to the next variable header.
-
- @param Variable Pointer to the Variable Header.
-
- @return Pointer to next variable header.
-
-**/
-VARIABLE_HEADER *
-GetNextVariablePtr (
- IN VARIABLE_HEADER *Variable
- )
-{
- UINTN Value;
-
- Value = (UINTN) GetVariableDataPtr (Variable);
- Value += DataSizeOfVariable (Variable);
- Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
-
- //
- // Be careful about pad size for alignment.
- //
- return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
-}
-
-/**
-
- Gets the pointer to the first variable header in given variable store area.
-
- @param VarStoreHeader Pointer to the Variable Store Header.
-
- @return Pointer to the first variable header.
-
-**/
-VARIABLE_HEADER *
-GetStartPointer (
- IN VARIABLE_STORE_HEADER *VarStoreHeader
- )
-{
- //
- // The start of variable store.
- //
- return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
-}
-
-/**
-
- Gets the pointer to the end of the variable storage area.
-
- This function gets pointer to the end of the variable storage
- area, according to the input variable store header.
-
- @param VarStoreHeader Pointer to the Variable Store Header.
-
- @return Pointer to the end of the variable storage area.
-
-**/
-VARIABLE_HEADER *
-GetEndPointer (
- IN VARIABLE_STORE_HEADER *VarStoreHeader
- )
-{
- //
- // The end of variable store
- //
- return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader + VarStoreHeader->Size);
-}
-
/**
Record variable error flag.
@@ -1228,75 +766,6 @@ Done:
return Status;
}
-/**
- Find the variable in the specified variable store.
-
- @param[in] VariableName Name of the variable to be found
- @param[in] VendorGuid Vendor GUID to be found.
- @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS attribute
- check at runtime when searching variable.
- @param[in, out] PtrTrack Variable Track Pointer structure that contains Variable Information.
-
- @retval EFI_SUCCESS Variable found successfully
- @retval EFI_NOT_FOUND Variable not found
-**/
-EFI_STATUS
-FindVariableEx (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN BOOLEAN IgnoreRtCheck,
- IN OUT VARIABLE_POINTER_TRACK *PtrTrack
- )
-{
- VARIABLE_HEADER *InDeletedVariable;
- VOID *Point;
-
- PtrTrack->InDeletedTransitionPtr = NULL;
-
- //
- // Find the variable by walk through HOB, volatile and non-volatile variable store.
- //
- InDeletedVariable = NULL;
-
- for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
- ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
- ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
- ) {
- if (PtrTrack->CurrPtr->State == VAR_ADDED ||
- PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
- ) {
- if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
- if (VariableName[0] == 0) {
- if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
- InDeletedVariable = PtrTrack->CurrPtr;
- } else {
- PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
- return EFI_SUCCESS;
- }
- } else {
- if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr))) {
- Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
-
- ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
- if (CompareMem (VariableName, Point, NameSizeOfVariable (PtrTrack->CurrPtr)) == 0) {
- if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
- InDeletedVariable = PtrTrack->CurrPtr;
- } else {
- PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
- return EFI_SUCCESS;
- }
- }
- }
- }
- }
- }
- }
-
- PtrTrack->CurrPtr = InDeletedVariable;
- return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
-}
-
-
/**
Finds variable in storage blocks of volatile and non-volatile storage areas.
@@ -2078,38 +1547,6 @@ AutoUpdateLangVariable (
}
}
-/**
- Compare two EFI_TIME data.
-
-
- @param FirstTime A pointer to the first EFI_TIME data.
- @param SecondTime A pointer to the second EFI_TIME data.
-
- @retval TRUE The FirstTime is not later than the SecondTime.
- @retval FALSE The FirstTime is later than the SecondTime.
-
-**/
-BOOLEAN
-VariableCompareTimeStampInternal (
- IN EFI_TIME *FirstTime,
- IN EFI_TIME *SecondTime
- )
-{
- if (FirstTime->Year != SecondTime->Year) {
- return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
- } else if (FirstTime->Month != SecondTime->Month) {
- return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
- } else if (FirstTime->Day != SecondTime->Day) {
- return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
- } else if (FirstTime->Hour != SecondTime->Hour) {
- return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
- } else if (FirstTime->Minute != SecondTime->Minute) {
- return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
- }
-
- return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
-}
-
/**
Update the variable region with Variable information. If EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is set,
index of associated public key is needed.
@@ -2205,7 +1642,7 @@ UpdateVariable (
// go to delete this variable in variable HOB and
// try to flush other variables from HOB to flash.
//
- UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, FALSE, TRUE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, FALSE, TRUE, FALSE, &gVariableInfo);
FlushHobVariableToFlash (VariableName, VendorGuid);
return EFI_SUCCESS;
}
@@ -2322,7 +1759,7 @@ UpdateVariable (
&State
);
if (!EFI_ERROR (Status)) {
- UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile, FALSE, FALSE, TRUE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile, FALSE, FALSE, TRUE, FALSE, &gVariableInfo);
if (!Variable->Volatile) {
CacheVariable->CurrPtr->State = State;
FlushHobVariableToFlash (VariableName, VendorGuid);
@@ -2341,7 +1778,7 @@ UpdateVariable (
//
// Variable content unchanged and no need to update timestamp, just return.
//
- UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile, FALSE, TRUE, FALSE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile, FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
Status = EFI_SUCCESS;
goto Done;
} else if ((CacheVariable->CurrPtr->State == VAR_ADDED) ||
@@ -2570,7 +2007,7 @@ UpdateVariable (
CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
CacheVariable->InDeletedTransitionPtr = NULL;
}
- UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE, FALSE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
FlushHobVariableToFlash (VariableName, VendorGuid);
} else {
if (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal->CommonUserVariableTotalSize) > mVariableModuleGlobal->CommonMaxUserVariableSpace)) {
@@ -2720,7 +2157,7 @@ UpdateVariable (
CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
CacheVariable->InDeletedTransitionPtr = NULL;
}
- UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE, FALSE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
}
goto Done;
}
@@ -2791,7 +2228,7 @@ UpdateVariable (
}
if (!EFI_ERROR (Status)) {
- UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE, FALSE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
if (!Volatile) {
FlushHobVariableToFlash (VariableName, VendorGuid);
}
@@ -2870,7 +2307,7 @@ VariableServiceGetVariable (
}
*DataSize = VarDataSize;
- UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE, FALSE, FALSE, FALSE);
+ UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE, FALSE, FALSE, FALSE, &gVariableInfo);
Status = EFI_SUCCESS;
goto Done;
@@ -2885,166 +2322,6 @@ Done:
return Status;
}
-/**
- This code Finds the Next available variable.
-
- Caution: This function may receive untrusted input.
- This function may be invoked in SMM mode. This function will do basic validation, before parse the data.
-
- @param[in] VariableName Pointer to variable name.
- @param[in] VendorGuid Variable Vendor Guid.
- @param[out] VariablePtr Pointer to variable header address.
-
- @retval EFI_SUCCESS The function completed successfully.
- @retval EFI_NOT_FOUND The next variable was not found.
- @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while VendorGuid is NULL.
- @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and
- GUID of an existing variable.
-
-**/
-EFI_STATUS
-EFIAPI
-VariableServiceGetNextVariableInternal (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- OUT VARIABLE_HEADER **VariablePtr
- )
-{
- VARIABLE_STORE_TYPE Type;
- VARIABLE_POINTER_TRACK Variable;
- VARIABLE_POINTER_TRACK VariableInHob;
- VARIABLE_POINTER_TRACK VariablePtrTrack;
- EFI_STATUS Status;
- VARIABLE_STORE_HEADER *VariableStoreHeader[VariableStoreTypeMax];
-
- Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
- if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
- //
- // For VariableName is an empty string, FindVariable() will try to find and return
- // the first qualified variable, and if FindVariable() returns error (EFI_NOT_FOUND)
- // as no any variable is found, still go to return the error (EFI_NOT_FOUND).
- //
- if (VariableName[0] != 0) {
- //
- // For VariableName is not an empty string, and FindVariable() returns error as
- // VariableName and VendorGuid are not a name and GUID of an existing variable,
- // there is no way to get next variable, follow spec to return EFI_INVALID_PARAMETER.
- //
- Status = EFI_INVALID_PARAMETER;
- }
- goto Done;
- }
-
- if (VariableName[0] != 0) {
- //
- // If variable name is not NULL, get next variable.
- //
- Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
- }
-
- //
- // 0: Volatile, 1: HOB, 2: Non-Volatile.
- // The index and attributes mapping must be kept in this order as FindVariable
- // makes use of this mapping to implement search algorithm.
- //
- VariableStoreHeader[VariableStoreTypeVolatile] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase;
- VariableStoreHeader[VariableStoreTypeHob] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
- VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
-
- while (TRUE) {
- //
- // Switch from Volatile to HOB, to Non-Volatile.
- //
- while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
- //
- // Find current storage index
- //
- for (Type = (VARIABLE_STORE_TYPE) 0; Type < VariableStoreTypeMax; Type++) {
- if ((VariableStoreHeader[Type] != NULL) && (Variable.StartPtr == GetStartPointer (VariableStoreHeader[Type]))) {
- break;
- }
- }
- ASSERT (Type < VariableStoreTypeMax);
- //
- // Switch to next storage
- //
- for (Type++; Type < VariableStoreTypeMax; Type++) {
- if (VariableStoreHeader[Type] != NULL) {
- break;
- }
- }
- //
- // Capture the case that
- // 1. current storage is the last one, or
- // 2. no further storage
- //
- if (Type == VariableStoreTypeMax) {
- Status = EFI_NOT_FOUND;
- goto Done;
- }
- Variable.StartPtr = GetStartPointer (VariableStoreHeader[Type]);
- Variable.EndPtr = GetEndPointer (VariableStoreHeader[Type]);
- Variable.CurrPtr = Variable.StartPtr;
- }
-
- //
- // Variable is found
- //
- if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
- if (!AtRuntime () || ((Variable.CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
- if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
- //
- // If it is a IN_DELETED_TRANSITION variable,
- // and there is also a same ADDED one at the same time,
- // don't return it.
- //
- VariablePtrTrack.StartPtr = Variable.StartPtr;
- VariablePtrTrack.EndPtr = Variable.EndPtr;
- Status = FindVariableEx (
- GetVariableNamePtr (Variable.CurrPtr),
- GetVendorGuidPtr (Variable.CurrPtr),
- FALSE,
- &VariablePtrTrack
- );
- if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State == VAR_ADDED) {
- Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
- continue;
- }
- }
-
- //
- // Don't return NV variable when HOB overrides it
- //
- if ((VariableStoreHeader[VariableStoreTypeHob] != NULL) && (VariableStoreHeader[VariableStoreTypeNv] != NULL) &&
- (Variable.StartPtr == GetStartPointer (VariableStoreHeader[VariableStoreTypeNv]))
- ) {
- VariableInHob.StartPtr = GetStartPointer (VariableStoreHeader[VariableStoreTypeHob]);
- VariableInHob.EndPtr = GetEndPointer (VariableStoreHeader[VariableStoreTypeHob]);
- Status = FindVariableEx (
- GetVariableNamePtr (Variable.CurrPtr),
- GetVendorGuidPtr (Variable.CurrPtr),
- FALSE,
- &VariableInHob
- );
- if (!EFI_ERROR (Status)) {
- Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
- continue;
- }
- }
-
- *VariablePtr = Variable.CurrPtr;
- Status = EFI_SUCCESS;
- goto Done;
- }
- }
-
- Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
- }
-
-Done:
- return Status;
-}
-
/**
This code Finds the Next available variable.
@@ -3082,6 +2359,7 @@ VariableServiceGetNextVariableName (
UINTN MaxLen;
UINTN VarNameSize;
VARIABLE_HEADER *VariablePtr;
+ VARIABLE_STORE_HEADER *VariableStoreHeader[VariableStoreTypeMax];
if (VariableNameSize == NULL || VariableName == NULL || VendorGuid == NULL) {
return EFI_INVALID_PARAMETER;
@@ -3101,7 +2379,16 @@ VariableServiceGetNextVariableName (
AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
- Status = VariableServiceGetNextVariableInternal (VariableName, VendorGuid, &VariablePtr);
+ //
+ // 0: Volatile, 1: HOB, 2: Non-Volatile.
+ // The index and attributes mapping must be kept in this order as FindVariable
+ // makes use of this mapping to implement search algorithm.
+ //
+ VariableStoreHeader[VariableStoreTypeVolatile] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase;
+ VariableStoreHeader[VariableStoreTypeHob] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
+ VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
+
+ Status = GetNextVariableEx (VariableName, VendorGuid, VariableStoreHeader, &VariablePtr);
if (!EFI_ERROR (Status)) {
VarNameSize = NameSizeOfVariable (VariablePtr);
ASSERT (VarNameSize != 0);
@@ -3720,25 +3007,6 @@ ReclaimForOS(
}
}
-/**
- Get non-volatile maximum variable size.
-
- @return Non-volatile maximum variable size.
-
-**/
-UINTN
-GetNonVolatileMaxVariableSize (
- VOID
- )
-{
- if (PcdGet32 (PcdHwErrStorageSize) != 0) {
- return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize)),
- PcdGet32 (PcdMaxHardwareErrorVariableSize));
- } else {
- return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize));
- }
-}
-
/**
Get maximum variable size, covering both non-volatile and volatile variables.
@@ -4024,7 +3292,7 @@ InitNonVolatileVariableStore (
return Status;
}
mVariableModuleGlobal->VariableGlobal.EmuNvMode = TRUE;
- DEBUG ((DEBUG_INFO, "Variable driver will work at emulated non-volatile variable mode!\n"));
+ DEBUG ((DEBUG_INFO, "Variable driver will work in emulated non-volatile variable mode!\n"));
} else {
Status = InitRealNonVolatileVariableStore (&VariableStoreBase);
if (EFI_ERROR (Status)) {
@@ -4040,6 +3308,9 @@ InitNonVolatileVariableStore (
mVariableModuleGlobal->MaxVariableSize = PcdGet32 (PcdMaxVariableSize);
mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32 (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) : mVariableModuleGlobal->MaxVariableSize);
+ Status = InitVariableHelpers (mVariableModuleGlobal->VariableGlobal.AuthFormat);
+ ASSERT_EFI_ERROR (Status);
+
//
// Parse non-volatile variable data and get last variable offset.
//
@@ -4470,18 +3741,13 @@ VariableCommonInitialize (
//
// mVariableModuleGlobal->VariableGlobal.AuthFormat
- // has been initialized in InitNonVolatileVariableStore().
+ // is initialized in InitNonVolatileVariableStore().
//
if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable format!\n"));
- //
- // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will initialize it.
- //
- mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
VariableGuid = &gEfiAuthenticatedVariableGuid;
} else {
DEBUG ((EFI_D_INFO, "Variable driver will work without auth variable support!\n"));
- mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
VariableGuid = &gEfiVariableGuid;
}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
index cb6fcebe2d..232d9ffe25 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
@@ -1,12 +1,13 @@
/** @file
Provides variable driver extended services.
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "Variable.h"
+#include "VariableParsing.h"
/**
Finds variable in storage blocks of volatile and non-volatile storage areas.
@@ -97,10 +98,16 @@ VariableExLibFindNextVariable (
EFI_STATUS Status;
VARIABLE_HEADER *VariablePtr;
AUTHENTICATED_VARIABLE_HEADER *AuthVariablePtr;
+ VARIABLE_STORE_HEADER *VariableStoreHeader[VariableStoreTypeMax];
- Status = VariableServiceGetNextVariableInternal (
+ VariableStoreHeader[VariableStoreTypeVolatile] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase;
+ VariableStoreHeader[VariableStoreTypeHob] = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
+ VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
+
+ Status = GetNextVariableEx (
VariableName,
VendorGuid,
+ VariableStoreHeader,
&VariablePtr
);
if (EFI_ERROR (Status)) {
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
new file mode 100644
index 0000000000..b1b6d8282f
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
@@ -0,0 +1,28 @@
+/** @file
+ Common variable non-volatile store routines.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "VariableNonVolatile.h"
+
+/**
+ Get non-volatile maximum variable size.
+
+ @return Non-volatile maximum variable size.
+
+**/
+UINTN
+GetNonVolatileMaxVariableSize (
+ VOID
+ )
+{
+ if (PcdGet32 (PcdHwErrStorageSize) != 0) {
+ return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize)),
+ PcdGet32 (PcdMaxHardwareErrorVariableSize));
+ } else {
+ return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxAuthVariableSize));
+ }
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
new file mode 100644
index 0000000000..d448e5a264
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
@@ -0,0 +1,816 @@
+/** @file
+ The common variable helper routines shared by the DXE_RUNTIME variable
+ module and the DXE_SMM variable module.
+
+ Caution: This module requires additional review when modified.
+ This driver will have external input - variable data. They may be input in SMM mode.
+ This external input must be validated carefully to avoid security issue like
+ buffer overflow, integer overflow.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "VariableParsing.h"
+
+typedef struct {
+ CONST CHAR16 *VariableName;
+ EFI_GUID *VendorGuid;
+} VARIABLE_TYPE;
+
+VARIABLE_TYPE mAlwaysAuthenticatedVariables[] = {
+ {EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid},
+ {EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid},
+ {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid},
+ {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},
+ {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},
+ {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid},
+};
+
+STATIC BOOLEAN mAuthFormat;
+
+/**
+
+ This code checks if variable header is valid or not.
+
+ @param Variable Pointer to the Variable Header.
+ @param VariableStoreEnd Pointer to the Variable Store End.
+
+ @retval TRUE Variable header is valid.
+ @retval FALSE Variable header is not valid.
+
+**/
+BOOLEAN
+IsValidVariableHeader (
+ IN VARIABLE_HEADER *Variable,
+ IN VARIABLE_HEADER *VariableStoreEnd
+ )
+{
+ if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable->StartId != VARIABLE_DATA)) {
+ //
+ // Variable is NULL or has reached the end of variable store,
+ // or the StartId is not correct.
+ //
+ return FALSE;
+ }
+
+ return TRUE;
+}
+
+/**
+
+ This code gets the current status of Variable Store.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @retval EfiRaw Variable store status is raw.
+ @retval EfiValid Variable store status is valid.
+ @retval EfiInvalid Variable store status is invalid.
+
+**/
+VARIABLE_STORE_STATUS
+GetVariableStoreStatus (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ )
+{
+ if ((CompareGuid (&VarStoreHeader->Signature, &gEfiAuthenticatedVariableGuid) ||
+ CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
+ VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
+ VarStoreHeader->State == VARIABLE_STORE_HEALTHY
+ ) {
+
+ return EfiValid;
+ } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
+ ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
+ ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
+ ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
+ VarStoreHeader->Size == 0xffffffff &&
+ VarStoreHeader->Format == 0xff &&
+ VarStoreHeader->State == 0xff
+ ) {
+
+ return EfiRaw;
+ } else {
+ return EfiInvalid;
+ }
+}
+
+/**
+ This code gets the size of variable header.
+
+ @return Size of variable header in bytes in type UINTN.
+
+**/
+UINTN
+GetVariableHeaderSize (
+ VOID
+ )
+{
+ UINTN Value;
+
+ if (mAuthFormat) {
+ Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
+ } else {
+ Value = sizeof (VARIABLE_HEADER);
+ }
+
+ return Value;
+}
+
+/**
+
+ This code gets the size of name of variable.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return UINTN Size of variable in bytes.
+
+**/
+UINTN
+NameSizeOfVariable (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
+
+ AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
+ if (mAuthFormat) {
+ if (AuthVariable->State == (UINT8) (-1) ||
+ AuthVariable->DataSize == (UINT32) (-1) ||
+ AuthVariable->NameSize == (UINT32) (-1) ||
+ AuthVariable->Attributes == (UINT32) (-1)) {
+ return 0;
+ }
+ return (UINTN) AuthVariable->NameSize;
+ } else {
+ if (Variable->State == (UINT8) (-1) ||
+ Variable->DataSize == (UINT32) (-1) ||
+ Variable->NameSize == (UINT32) (-1) ||
+ Variable->Attributes == (UINT32) (-1)) {
+ return 0;
+ }
+ return (UINTN) Variable->NameSize;
+ }
+}
+
+/**
+ This code sets the size of name of variable.
+
+ @param[in] Variable Pointer to the Variable Header.
+ @param[in] NameSize Name size to set.
+
+**/
+VOID
+SetNameSizeOfVariable (
+ IN VARIABLE_HEADER *Variable,
+ IN UINTN NameSize
+ )
+{
+ AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
+
+ AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
+ if (mAuthFormat) {
+ AuthVariable->NameSize = (UINT32) NameSize;
+ } else {
+ Variable->NameSize = (UINT32) NameSize;
+ }
+}
+
+/**
+
+ This code gets the size of variable data.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Size of variable in bytes.
+
+**/
+UINTN
+DataSizeOfVariable (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
+
+ AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
+ if (mAuthFormat) {
+ if (AuthVariable->State == (UINT8) (-1) ||
+ AuthVariable->DataSize == (UINT32) (-1) ||
+ AuthVariable->NameSize == (UINT32) (-1) ||
+ AuthVariable->Attributes == (UINT32) (-1)) {
+ return 0;
+ }
+ return (UINTN) AuthVariable->DataSize;
+ } else {
+ if (Variable->State == (UINT8) (-1) ||
+ Variable->DataSize == (UINT32) (-1) ||
+ Variable->NameSize == (UINT32) (-1) ||
+ Variable->Attributes == (UINT32) (-1)) {
+ return 0;
+ }
+ return (UINTN) Variable->DataSize;
+ }
+}
+
+/**
+ This code sets the size of variable data.
+
+ @param[in] Variable Pointer to the Variable Header.
+ @param[in] DataSize Data size to set.
+
+**/
+VOID
+SetDataSizeOfVariable (
+ IN VARIABLE_HEADER *Variable,
+ IN UINTN DataSize
+ )
+{
+ AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
+
+ AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
+ if (mAuthFormat) {
+ AuthVariable->DataSize = (UINT32) DataSize;
+ } else {
+ Variable->DataSize = (UINT32) DataSize;
+ }
+}
+
+/**
+
+ This code gets the pointer to the variable name.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to Variable Name which is Unicode encoding.
+
+**/
+CHAR16 *
+GetVariableNamePtr (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
+}
+
+/**
+ This code gets the pointer to the variable guid.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return A EFI_GUID* pointer to Vendor Guid.
+
+**/
+EFI_GUID *
+GetVendorGuidPtr (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
+
+ AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
+ if (mAuthFormat) {
+ return &AuthVariable->VendorGuid;
+ } else {
+ return &Variable->VendorGuid;
+ }
+}
+
+/**
+
+ This code gets the pointer to the variable data.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to Variable Data.
+
+**/
+UINT8 *
+GetVariableDataPtr (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ UINTN Value;
+
+ //
+ // Be careful about pad size for alignment.
+ //
+ Value = (UINTN) GetVariableNamePtr (Variable);
+ Value += NameSizeOfVariable (Variable);
+ Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
+
+ return (UINT8 *) Value;
+}
+
+/**
+ This code gets the variable data offset related to variable header.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Variable Data offset.
+
+**/
+UINTN
+GetVariableDataOffset (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ UINTN Value;
+
+ //
+ // Be careful about pad size for alignment
+ //
+ Value = GetVariableHeaderSize ();
+ Value += NameSizeOfVariable (Variable);
+ Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
+
+ return Value;
+}
+
+/**
+
+ This code gets the pointer to the next variable header.
+
+ @param Variable Pointer to the Variable Header.
+
+ @return Pointer to next variable header.
+
+**/
+VARIABLE_HEADER *
+GetNextVariablePtr (
+ IN VARIABLE_HEADER *Variable
+ )
+{
+ UINTN Value;
+
+ Value = (UINTN) GetVariableDataPtr (Variable);
+ Value += DataSizeOfVariable (Variable);
+ Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
+
+ //
+ // Be careful about pad size for alignment.
+ //
+ return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
+}
+
+/**
+
+ Gets the pointer to the first variable header in given variable store area.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @return Pointer to the first variable header.
+
+**/
+VARIABLE_HEADER *
+GetStartPointer (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ )
+{
+ //
+ // The end of variable store.
+ //
+ return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
+}
+
+/**
+
+ Gets the pointer to the end of the variable storage area.
+
+ This function gets pointer to the end of the variable storage
+ area, according to the input variable store header.
+
+ @param VarStoreHeader Pointer to the Variable Store Header.
+
+ @return Pointer to the end of the variable storage area.
+
+**/
+VARIABLE_HEADER *
+GetEndPointer (
+ IN VARIABLE_STORE_HEADER *VarStoreHeader
+ )
+{
+ //
+ // The end of variable store
+ //
+ return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader + VarStoreHeader->Size);
+}
+
+/**
+ Returns if this is a variable that always requires authenticated writes.
+ There may be other scenarios that result in a variable not identified by the
+ function to also require authentication.
+
+ @param[in] VariableName Name of variable.
+ @param[in] VendorGuid Guid of variable.
+
+ @retval TRUE The variable always requires authenticated writes
+ @retval FALSE The variable may or may not require authenticated writes
+**/
+BOOLEAN
+IsAuthenticatedVariable (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
+ )
+{
+ UINTN Index;
+
+ for (Index = 0; Index < sizeof (mAlwaysAuthenticatedVariables) / sizeof (mAlwaysAuthenticatedVariables[0]); Index++) {
+ if ((StrCmp (VariableName, mAlwaysAuthenticatedVariables[Index].VariableName) == 0) &&
+ (CompareGuid (VendorGuid, mAlwaysAuthenticatedVariables[Index].VendorGuid))) {
+ return TRUE;
+ }
+ }
+ return FALSE;
+}
+
+/**
+ Compare two EFI_TIME data.
+
+
+ @param FirstTime A pointer to the first EFI_TIME data.
+ @param SecondTime A pointer to the second EFI_TIME data.
+
+ @retval TRUE The FirstTime is not later than the SecondTime.
+ @retval FALSE The FirstTime is later than the SecondTime.
+
+**/
+BOOLEAN
+VariableCompareTimeStampInternal (
+ IN EFI_TIME *FirstTime,
+ IN EFI_TIME *SecondTime
+ )
+{
+ if (FirstTime->Year != SecondTime->Year) {
+ return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
+ } else if (FirstTime->Month != SecondTime->Month) {
+ return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
+ } else if (FirstTime->Day != SecondTime->Day) {
+ return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
+ } else if (FirstTime->Hour != SecondTime->Hour) {
+ return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
+ } else if (FirstTime->Minute != SecondTime->Minute) {
+ return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
+ }
+
+ return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
+}
+
+/**
+ Find the variable in the specified variable store.
+
+ @param[in] VariableName Name of the variable to be found
+ @param[in] VendorGuid Vendor GUID to be found.
+ @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS attribute
+ check at runtime when searching variable.
+ @param[in, out] PtrTrack Variable Track Pointer structure that contains Variable Information.
+
+ @retval EFI_SUCCESS Variable found successfully
+ @retval EFI_NOT_FOUND Variable not found
+**/
+EFI_STATUS
+FindVariableEx (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN BOOLEAN IgnoreRtCheck,
+ IN OUT VARIABLE_POINTER_TRACK *PtrTrack
+ )
+{
+ VARIABLE_HEADER *InDeletedVariable;
+ VOID *Point;
+
+ PtrTrack->InDeletedTransitionPtr = NULL;
+
+ //
+ // Find the variable by walk through HOB, volatile and non-volatile variable store.
+ //
+ InDeletedVariable = NULL;
+
+ for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
+ ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
+ ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
+ ) {
+ if (PtrTrack->CurrPtr->State == VAR_ADDED ||
+ PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
+ ) {
+ if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
+ if (VariableName[0] == 0) {
+ if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
+ InDeletedVariable = PtrTrack->CurrPtr;
+ } else {
+ PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
+ return EFI_SUCCESS;
+ }
+ } else {
+ if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr))) {
+ Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
+
+ ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
+ if (CompareMem (VariableName, Point, NameSizeOfVariable (PtrTrack->CurrPtr)) == 0) {
+ if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
+ InDeletedVariable = PtrTrack->CurrPtr;
+ } else {
+ PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
+ return EFI_SUCCESS;
+ }
+ }
+ }
+ }
+ }
+ }
+ }
+
+ PtrTrack->CurrPtr = InDeletedVariable;
+ return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
+}
+
+/**
+ This code finds the next available variable.
+
+ Caution: This function may receive untrusted input.
+ This function may be invoked in SMM mode. This function will do basic validation, before parse the data.
+
+ @param[in] VariableName Pointer to variable name.
+ @param[in] VendorGuid Variable Vendor Guid.
+ @param[in] VariableStoreList A list of variable stores that should be used to get the next variable.
+ The maximum number of entries is the max value of VARIABLE_STORE_TYPE.
+ @param[out] VariablePtr Pointer to variable header address.
+
+ @retval EFI_SUCCESS The function completed successfully.
+ @retval EFI_NOT_FOUND The next variable was not found.
+ @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while VendorGuid is NULL.
+ @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and
+ GUID of an existing variable.
+
+**/
+EFI_STATUS
+EFIAPI
+GetNextVariableEx (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VARIABLE_STORE_HEADER **VariableStoreList,
+ OUT VARIABLE_HEADER **VariablePtr
+ )
+{
+ EFI_STATUS Status;
+ VARIABLE_STORE_TYPE StoreType;
+ VARIABLE_POINTER_TRACK Variable;
+ VARIABLE_POINTER_TRACK VariableInHob;
+ VARIABLE_POINTER_TRACK VariablePtrTrack;
+
+ Status = EFI_NOT_FOUND;
+
+ if (VariableStoreList == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ // Check if the variable exists in the given variable store list
+ for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType < VariableStoreTypeMax; StoreType++) {
+ if (VariableStoreList[StoreType] == NULL) {
+ continue;
+ }
+
+ Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
+ Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
+ Variable.Volatile = (BOOLEAN) (StoreType == VariableStoreTypeVolatile);
+
+ Status = FindVariableEx (VariableName, VendorGuid, FALSE, &Variable);
+ if (!EFI_ERROR (Status)) {
+ break;
+ }
+ }
+
+ if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
+ //
+ // For VariableName is an empty string, FindVariable() will try to find and return
+ // the first qualified variable, and if FindVariable() returns error (EFI_NOT_FOUND)
+ // as no any variable is found, still go to return the error (EFI_NOT_FOUND).
+ //
+ if (VariableName[0] != 0) {
+ //
+ // For VariableName is not an empty string, and FindVariable() returns error as
+ // VariableName and VendorGuid are not a name and GUID of an existing variable,
+ // there is no way to get next variable, follow spec to return EFI_INVALID_PARAMETER.
+ //
+ Status = EFI_INVALID_PARAMETER;
+ }
+ goto Done;
+ }
+
+ if (VariableName[0] != 0) {
+ //
+ // If variable name is not empty, get next variable.
+ //
+ Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+ }
+
+ while (TRUE) {
+ //
+ // Switch to the next variable store if needed
+ //
+ while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
+ //
+ // Find current storage index
+ //
+ for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType < VariableStoreTypeMax; StoreType++) {
+ if ((VariableStoreList[StoreType] != NULL) && (Variable.StartPtr == GetStartPointer (VariableStoreList[StoreType]))) {
+ break;
+ }
+ }
+ ASSERT (StoreType < VariableStoreTypeMax);
+ //
+ // Switch to next storage
+ //
+ for (StoreType++; StoreType < VariableStoreTypeMax; StoreType++) {
+ if (VariableStoreList[StoreType] != NULL) {
+ break;
+ }
+ }
+ //
+ // Capture the case that
+ // 1. current storage is the last one, or
+ // 2. no further storage
+ //
+ if (StoreType == VariableStoreTypeMax) {
+ Status = EFI_NOT_FOUND;
+ goto Done;
+ }
+ Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
+ Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
+ Variable.CurrPtr = Variable.StartPtr;
+ }
+
+ //
+ // Variable is found
+ //
+ if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
+ if (!AtRuntime () || ((Variable.CurrPtr->Attributes & EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
+ if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
+ //
+ // If it is a IN_DELETED_TRANSITION variable,
+ // and there is also a same ADDED one at the same time,
+ // don't return it.
+ //
+ VariablePtrTrack.StartPtr = Variable.StartPtr;
+ VariablePtrTrack.EndPtr = Variable.EndPtr;
+ Status = FindVariableEx (
+ GetVariableNamePtr (Variable.CurrPtr),
+ GetVendorGuidPtr (Variable.CurrPtr),
+ FALSE,
+ &VariablePtrTrack
+ );
+ if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State == VAR_ADDED) {
+ Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+ continue;
+ }
+ }
+
+ //
+ // Don't return NV variable when HOB overrides it
+ //
+ if ((VariableStoreList[VariableStoreTypeHob] != NULL) && (VariableStoreList[VariableStoreTypeNv] != NULL) &&
+ (Variable.StartPtr == GetStartPointer (VariableStoreList[VariableStoreTypeNv]))
+ ) {
+ VariableInHob.StartPtr = GetStartPointer (VariableStoreList[VariableStoreTypeHob]);
+ VariableInHob.EndPtr = GetEndPointer (VariableStoreList[VariableStoreTypeHob]);
+ Status = FindVariableEx (
+ GetVariableNamePtr (Variable.CurrPtr),
+ GetVendorGuidPtr (Variable.CurrPtr),
+ FALSE,
+ &VariableInHob
+ );
+ if (!EFI_ERROR (Status)) {
+ Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+ continue;
+ }
+ }
+
+ *VariablePtr = Variable.CurrPtr;
+ Status = EFI_SUCCESS;
+ goto Done;
+ }
+ }
+
+ Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+ }
+
+Done:
+ return Status;
+}
+
+/**
+ Routine used to track statistical information about variable usage.
+ The data is stored in the EFI system table so it can be accessed later.
+ VariableInfo.efi can dump out the table. Only Boot Services variable
+ accesses are tracked by this code. The PcdVariableCollectStatistics
+ build flag controls if this feature is enabled.
+
+ A read that hits in the cache will have Read and Cache true for
+ the transaction. Data is allocated by this routine, but never
+ freed.
+
+ @param[in] VariableName Name of the Variable to track.
+ @param[in] VendorGuid Guid of the Variable to track.
+ @param[in] Volatile TRUE if volatile FALSE if non-volatile.
+ @param[in] Read TRUE if GetVariable() was called.
+ @param[in] Write TRUE if SetVariable() was called.
+ @param[in] Delete TRUE if deleted via SetVariable().
+ @param[in] Cache TRUE for a cache hit.
+ @param[in,out] VariableInfo Pointer to a pointer of VARIABLE_INFO_ENTRY structures.
+
+**/
+VOID
+UpdateVariableInfo (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN BOOLEAN Volatile,
+ IN BOOLEAN Read,
+ IN BOOLEAN Write,
+ IN BOOLEAN Delete,
+ IN BOOLEAN Cache,
+ IN OUT VARIABLE_INFO_ENTRY **VariableInfo
+ )
+{
+ VARIABLE_INFO_ENTRY *Entry;
+
+ if (FeaturePcdGet (PcdVariableCollectStatistics)) {
+ if (VariableName == NULL || VendorGuid == NULL || VariableInfo == NULL) {
+ return;
+ }
+ if (AtRuntime ()) {
+ // Don't collect statistics at runtime.
+ return;
+ }
+
+ if (*VariableInfo == NULL) {
+ //
+ // On the first call allocate a entry and place a pointer to it in
+ // the EFI System Table.
+ //
+ *VariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
+ ASSERT (*VariableInfo != NULL);
+
+ CopyGuid (&(*VariableInfo)->VendorGuid, VendorGuid);
+ (*VariableInfo)->Name = AllocateZeroPool (StrSize (VariableName));
+ ASSERT ((*VariableInfo)->Name != NULL);
+ StrCpyS ((*VariableInfo)->Name, StrSize(VariableName)/sizeof(CHAR16), VariableName);
+ (*VariableInfo)->Volatile = Volatile;
+ }
+
+
+ for (Entry = (*VariableInfo); Entry != NULL; Entry = Entry->Next) {
+ if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
+ if (StrCmp (VariableName, Entry->Name) == 0) {
+ if (Read) {
+ Entry->ReadCount++;
+ }
+ if (Write) {
+ Entry->WriteCount++;
+ }
+ if (Delete) {
+ Entry->DeleteCount++;
+ }
+ if (Cache) {
+ Entry->CacheCount++;
+ }
+
+ return;
+ }
+ }
+
+ if (Entry->Next == NULL) {
+ //
+ // If the entry is not in the table add it.
+ // Next iteration of the loop will fill in the data.
+ //
+ Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
+ ASSERT (Entry->Next != NULL);
+
+ CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
+ Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
+ ASSERT (Entry->Next->Name != NULL);
+ StrCpyS (Entry->Next->Name, StrSize(VariableName)/sizeof(CHAR16), VariableName);
+ Entry->Next->Volatile = Volatile;
+ }
+ }
+ }
+}
+
+/**
+ Initializes context needed for variable helpers.
+
+ @param[in] AuthFormat If true then indicates authenticated variables are supported
+
+ @retval EFI_SUCCESS Initialized successfully
+ @retval Others An error occurred during initialization
+**/
+EFI_STATUS
+EFIAPI
+InitVariableHelpers (
+ IN BOOLEAN AuthFormat
+ )
+{
+ mAuthFormat = AuthFormat;
+
+ return EFI_SUCCESS;
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index ec463d063e..bda531d104 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -30,6 +30,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Guid/SmmVariableCommon.h>
#include "Variable.h"
+#include "VariableNonVolatile.h"
+#include "VariableParsing.h"
BOOLEAN mAtRuntime = FALSE;
UINT8 *mVariableBufferPayload = NULL;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 0a1888e5ef..5bf90039d6 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -13,7 +13,7 @@
InitCommunicateBuffer() is really function to check the variable data size.
-Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -39,6 +39,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Guid/SmmVariableCommon.h>
#include "PrivilegePolymorphic.h"
+#include "VariableParsing.h"
EFI_HANDLE mHandle = NULL;
EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable = NULL;
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH V1 2/5] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
@ 2019-09-26 4:50 ` Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 3/5] MdeModulePkg/Variable: Add RT GetVariable() cache support Kubacki, Michael A
` (3 subsequent siblings)
5 siblings, 0 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
The current VariableInfo application only checks for variable
statistics from SMM if the variable information entries are
not present in the UEFI System Configuration table as published
by the DXE UEFI variable driver (VariableRuntimeDxe).
This change first checks for variable information entries in the
UEFI System Configuration but always checks for entries in SMM
as well. If the SMM variable driver is not present, an instance of
EFI_SMM_VARIABLE_PROTOCOL will not be found and the search for
SMM variable statistics will be aborted (an SW SMI to get variable
statistics will not be triggered).
In the case variable statistics are provided by both a Runtime DXE
driver (e.g. VariableSmmRuntimeDxe) and a SMM driver (VariableSmm),
this change will clearly identify statistics from each respective
driver.
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 ++++++++++----------
1 file changed, 18 insertions(+), 19 deletions(-)
diff --git a/MdeModulePkg/Application/VariableInfo/VariableInfo.c b/MdeModulePkg/Application/VariableInfo/VariableInfo.c
index f213471e9a..c04ba18213 100644
--- a/MdeModulePkg/Application/VariableInfo/VariableInfo.c
+++ b/MdeModulePkg/Application/VariableInfo/VariableInfo.c
@@ -3,7 +3,7 @@
this utility will print out the statistics information. You can use console
redirection to capture the data.
- Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -126,7 +126,7 @@ PrintInfoFromSmm (
ASSERT (CommBuffer != NULL);
ZeroMem (CommBuffer, RealCommSize);
- Print (L"Non-Volatile SMM Variables:\n");
+ Print (L"SMM Driver Non-Volatile Variables:\n");
do {
CommSize = RealCommSize;
Status = GetVariableStatisticsData (CommBuffer, &CommSize);
@@ -155,7 +155,7 @@ PrintInfoFromSmm (
}
} while (TRUE);
- Print (L"Volatile SMM Variables:\n");
+ Print (L"SMM Driver Volatile Variables:\n");
ZeroMem (CommBuffer, RealCommSize);
do {
CommSize = RealCommSize;
@@ -207,24 +207,18 @@ UefiMain (
IN EFI_SYSTEM_TABLE *SystemTable
)
{
- EFI_STATUS Status;
+ EFI_STATUS RuntimeDxeStatus;
+ EFI_STATUS SmmStatus;
VARIABLE_INFO_ENTRY *VariableInfo;
VARIABLE_INFO_ENTRY *Entry;
- Status = EfiGetSystemConfigurationTable (&gEfiVariableGuid, (VOID **)&Entry);
- if (EFI_ERROR (Status) || (Entry == NULL)) {
- Status = EfiGetSystemConfigurationTable (&gEfiAuthenticatedVariableGuid, (VOID **)&Entry);
+ RuntimeDxeStatus = EfiGetSystemConfigurationTable (&gEfiVariableGuid, (VOID **) &Entry);
+ if (EFI_ERROR (RuntimeDxeStatus) || (Entry == NULL)) {
+ RuntimeDxeStatus = EfiGetSystemConfigurationTable (&gEfiAuthenticatedVariableGuid, (VOID **) &Entry);
}
- if (EFI_ERROR (Status) || (Entry == NULL)) {
- Status = PrintInfoFromSmm ();
- if (!EFI_ERROR (Status)) {
- return Status;
- }
- }
-
- if (!EFI_ERROR (Status) && (Entry != NULL)) {
- Print (L"Non-Volatile EFI Variables:\n");
+ if (!EFI_ERROR (RuntimeDxeStatus) && (Entry != NULL)) {
+ Print (L"Runtime DXE Driver Non-Volatile EFI Variables:\n");
VariableInfo = Entry;
do {
if (!VariableInfo->Volatile) {
@@ -242,7 +236,7 @@ UefiMain (
VariableInfo = VariableInfo->Next;
} while (VariableInfo != NULL);
- Print (L"Volatile EFI Variables:\n");
+ Print (L"Runtime DXE Driver Volatile EFI Variables:\n");
VariableInfo = Entry;
do {
if (VariableInfo->Volatile) {
@@ -258,14 +252,19 @@ UefiMain (
}
VariableInfo = VariableInfo->Next;
} while (VariableInfo != NULL);
+ }
- } else {
+ SmmStatus = PrintInfoFromSmm ();
+
+ if (EFI_ERROR (RuntimeDxeStatus) && EFI_ERROR (SmmStatus)) {
Print (L"Warning: Variable Dxe/Smm driver doesn't enable the feature of statistical information!\n");
Print (L"If you want to see this info, please:\n");
Print (L" 1. Set PcdVariableCollectStatistics as TRUE\n");
Print (L" 2. Rebuild Variable Dxe/Smm driver\n");
Print (L" 3. Run \"VariableInfo\" cmd again\n");
+
+ return EFI_NOT_FOUND;
}
- return Status;
+ return EFI_SUCCESS;
}
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH V1 3/5] MdeModulePkg/Variable: Add RT GetVariable() cache support
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 2/5] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats Kubacki, Michael A
@ 2019-09-26 4:50 ` Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 4/5] MdeModulePkg/Variable: Add RT GetNextVariableName() " Kubacki, Michael A
` (2 subsequent siblings)
5 siblings, 0 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
This change reduces SMIs for GetVariable () by maintaining a
UEFI variable cache in Runtime DXE in addition to the pre-
existing cache in SMRAM. When the Runtime Service GetVariable()
is invoked, a Runtime DXE cache is used instead of triggering an
SMI to VariableSmm. This can improve overall system performance
by servicing variable read requests without rendezvousing all
cores into SMM.
The following are important points regarding this change.
1. All of the non-volatile storage contents are loaded into the
cache upon driver load. This one time load operation from storage
is preferred as opposed to building the cache on demand. An on-
demand cache would require a fallback SMI to load data into the
cache as variables are requested.
2. SetVariable () requests will continue to always trigger an SMI.
This occurs regardless of whether the variable is volatile or
non-volatile.
3. Both volatile and non-volatile variables are cached in a runtime
buffer. As is the case in the current EDK II variable driver, they
continue to be cached in separate buffers.
4. The cache in Runtime DXE and SMM are intended to be exact copies
of one another. All SMM variable accesses only return data from the
SMM cache. The runtime caches are only updated after the variable I/O
operation is successful in SMM. The runtime caches are only updated
from SMM.
5. Synchronization mechanisms are in place to ensure the runtime cache
content integrity with the SMM cache. These may result in updates to
runtime cache that are the same in content but different in offset and
size from updates to the SMM cache.
When using SMM variables, two caches will now be present.
1. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used to service
Runtime Services GetVariable () and GetNextVariableName () callers.
2. "SMM Cache" - Maintained in VariableSmm to service SMM GetVariable ()
and GetNextVariableName () callers.
a. This cache is retained so SMM modules do not operate on data outside
SMRAM.
It is possible to view UEFI variable read and write statistics by setting
the gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics FeaturePcd
to TRUE and using the VariableInfo UEFI application in MdeModulePkg to dump
variable statistics to the console. By doing so, a user can view the number
of GetVariable () hits from the Runtime DXE variable driver (Runtime Cache
hits) and the SMM variable driver (SMM Cache hits). SMM Cache hits for
GetVariable () will occur when SMM modules invoke GetVariable ().
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 2 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 2 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 24 +
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 2 +
MdeModulePkg/Include/Guid/SmmVariableCommon.h | 29 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 39 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h | 47 ++
MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 44 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c | 153 +++++
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 114 +++-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 605 +++++++++++++++++---
11 files changed, 958 insertions(+), 103 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 08a5490787..ceea5d1ff9 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -40,6 +40,8 @@
VariableNonVolatile.h
VariableParsing.c
VariableParsing.h
+ VariableRuntimeCache.c
+ VariableRuntimeCache.h
PrivilegePolymorphic.h
Measurement.c
TcgMorLockDxe.c
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index 6dc2721b81..bc3033588d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -49,6 +49,8 @@
VariableNonVolatile.h
VariableParsing.c
VariableParsing.h
+ VariableRuntimeCache.c
+ VariableRuntimeCache.h
VarCheck.c
Variable.h
PrivilegePolymorphic.h
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
index 1873b4fe43..8c075c9132 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
@@ -42,6 +42,8 @@
Variable.h
VariableParsing.c
VariableParsing.h
+ VariableRuntimeCache.c
+ VariableRuntimeCache.h
[Packages]
MdePkg/MdePkg.dec
@@ -52,6 +54,7 @@
BaseLib
UefiBootServicesTableLib
DebugLib
+ TimerLib
UefiRuntimeLib
DxeServicesTableLib
UefiDriverEntryPoint
@@ -68,10 +71,29 @@
gEdkiiVariableLockProtocolGuid ## PRODUCES
gEdkiiVarCheckProtocolGuid ## PRODUCES
+[Pcd]
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxAuthVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxUserNvVariableSpaceSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdBoottimeReservedNvVariableSpaceSize ## CONSUMES
+
[FeaturePcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES
[Guids]
+ ## PRODUCES ## GUID # Signature of Variable store header
+ ## CONSUMES ## GUID # Signature of Variable store header
+ ## SOMETIMES_PRODUCES ## SystemTable
+ gEfiAuthenticatedVariableGuid
+
+ ## PRODUCES ## GUID # Signature of Variable store header
+ ## CONSUMES ## GUID # Signature of Variable store header
+ ## SOMETIMES_PRODUCES ## SystemTable
+ gEfiVariableGuid
+
gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
gEfiEventExitBootServicesGuid ## CONSUMES ## Event
## CONSUMES ## GUID # Locate protocol
@@ -88,6 +110,8 @@
## SOMETIMES_CONSUMES ## Variable:L"dbt"
gEfiImageSecurityDatabaseGuid
+ gEdkiiPiSmmCommunicationRegionTableGuid ## SOMETIMES_CONSUMES ## SystemTable
+
[Depex]
gEfiSmmCommunicationProtocolGuid
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
index ca9d23ce9f..95c5310c0b 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -49,6 +49,8 @@
VariableNonVolatile.h
VariableParsing.c
VariableParsing.h
+ VariableRuntimeCache.c
+ VariableRuntimeCache.h
VarCheck.c
Variable.h
PrivilegePolymorphic.h
diff --git a/MdeModulePkg/Include/Guid/SmmVariableCommon.h b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
index c527a59891..ceef44dfd2 100644
--- a/MdeModulePkg/Include/Guid/SmmVariableCommon.h
+++ b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
@@ -1,7 +1,7 @@
/** @file
The file defined some common structures used for communicating between SMM variable module and SMM variable wrapper module.
-Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2011 - 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -9,6 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#ifndef _SMM_VARIABLE_COMMON_H_
#define _SMM_VARIABLE_COMMON_H_
+#include <Guid/VariableFormat.h>
#include <Protocol/VarCheck.h>
#define EFI_SMM_VARIABLE_WRITE_GUID \
@@ -66,6 +67,16 @@ typedef struct {
#define SMM_VARIABLE_FUNCTION_VAR_CHECK_VARIABLE_PROPERTY_GET 10
#define SMM_VARIABLE_FUNCTION_GET_PAYLOAD_SIZE 11
+//
+// The payload for this function is SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT
+//
+#define SMM_VARIABLE_FUNCTION_INIT_RUNTIME_VARIABLE_CACHE_CONTEXT 12
+
+#define SMM_VARIABLE_FUNCTION_SYNC_RUNTIME_CACHE 13
+//
+// The payload for this function is SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO
+//
+#define SMM_VARIABLE_FUNCTION_GET_RUNTIME_CACHE_INFO 14
///
/// Size of SMM communicate header, without including the payload.
@@ -120,4 +131,20 @@ typedef struct {
UINTN VariablePayloadSize;
} SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE;
+typedef struct {
+ BOOLEAN *ReadLock;
+ BOOLEAN *PendingUpdate;
+ BOOLEAN *HobFlushComplete;
+ VARIABLE_STORE_HEADER *RuntimeHobCache;
+ VARIABLE_STORE_HEADER *RuntimeNvCache;
+ VARIABLE_STORE_HEADER *RuntimeVolatileCache;
+} SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT;
+
+typedef struct {
+ UINTN TotalHobStorageSize;
+ UINTN TotalNvStorageSize;
+ UINTN TotalVolatileStorageSize;
+ BOOLEAN AuthenticatedVariableUsage;
+} SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO;
+
#endif // _SMM_VARIABLE_COMMON_H_
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
index fb574b2e32..b9723c0250 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
@@ -57,6 +57,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
///
#define ISO_639_2_ENTRY_SIZE 3
+///
+/// The timeout to in 10us units to wait for the
+/// variable runtime cache read lock to be acquired.
+///
+#define VARIABLE_RT_CACHE_READ_LOCK_TIMEOUT 200000
+
typedef enum {
VariableStoreTypeVolatile,
VariableStoreTypeHob,
@@ -64,6 +70,21 @@ typedef enum {
VariableStoreTypeMax
} VARIABLE_STORE_TYPE;
+typedef struct {
+ UINT32 PendingUpdateOffset;
+ UINT32 PendingUpdateLength;
+ VARIABLE_STORE_HEADER *Store;
+} VARIABLE_RUNTIME_CACHE;
+
+typedef struct {
+ BOOLEAN *ReadLock;
+ BOOLEAN *PendingUpdate;
+ BOOLEAN *HobFlushComplete;
+ VARIABLE_RUNTIME_CACHE VariableRuntimeHobCache;
+ VARIABLE_RUNTIME_CACHE VariableRuntimeNvCache;
+ VARIABLE_RUNTIME_CACHE VariableRuntimeVolatileCache;
+} VARIABLE_RUNTIME_CACHE_CONTEXT;
+
typedef struct {
VARIABLE_HEADER *CurrPtr;
//
@@ -79,14 +100,16 @@ typedef struct {
} VARIABLE_POINTER_TRACK;
typedef struct {
- EFI_PHYSICAL_ADDRESS HobVariableBase;
- EFI_PHYSICAL_ADDRESS VolatileVariableBase;
- EFI_PHYSICAL_ADDRESS NonVolatileVariableBase;
- EFI_LOCK VariableServicesLock;
- UINT32 ReentrantState;
- BOOLEAN AuthFormat;
- BOOLEAN AuthSupport;
- BOOLEAN EmuNvMode;
+ EFI_PHYSICAL_ADDRESS HobVariableBase;
+ EFI_PHYSICAL_ADDRESS HobVariableBackupBase;
+ EFI_PHYSICAL_ADDRESS VolatileVariableBase;
+ EFI_PHYSICAL_ADDRESS NonVolatileVariableBase;
+ VARIABLE_RUNTIME_CACHE_CONTEXT VariableRuntimeCacheContext;
+ EFI_LOCK VariableServicesLock;
+ UINT32 ReentrantState;
+ BOOLEAN AuthFormat;
+ BOOLEAN AuthSupport;
+ BOOLEAN EmuNvMode;
} VARIABLE_GLOBAL;
typedef struct {
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
new file mode 100644
index 0000000000..09b83eb215
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
@@ -0,0 +1,47 @@
+/** @file
+ The common variable volatile store routines shared by the DXE_RUNTIME variable
+ module and the DXE_SMM variable module.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _VARIABLE_RUNTIME_CACHE_H_
+#define _VARIABLE_RUNTIME_CACHE_H_
+
+#include "Variable.h"
+
+/**
+ Copies any pending updates to runtime variable caches.
+
+ @retval EFI_UNSUPPORTED The volatile store to be updated is not initialized properly.
+ @retval EFI_SUCCESS The volatile store was updated successfully.
+
+**/
+EFI_STATUS
+SynchronizeRuntimeVariableCacheEx (
+ VOID
+ );
+
+/**
+ Synchronizes the runtime variable caches with all pending updates outside runtime.
+
+ Ensures all conditions are met to maintain coherency for runtime cache updates.
+
+ @param[in] VariableRuntimeCache Variable runtime cache structure for the runtime cache being synchronized.
+ @param[in] Offset Offset in bytes to apply the update.
+ @param[in] Length Length of data in bytes of the update.
+
+ @retval EFI_UNSUPPORTED The volatile store to be updated is not initialized properly.
+ @retval EFI_SUCCESS The volatile store was updated successfully.
+
+**/
+EFI_STATUS
+SynchronizeRuntimeVariableCache (
+ IN VARIABLE_RUNTIME_CACHE *VariableRuntimeCache,
+ IN UINTN Offset,
+ IN UINTN Length
+ );
+
+#endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index d14fecc830..ca2118d69f 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -25,6 +25,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Variable.h"
#include "VariableNonVolatile.h"
#include "VariableParsing.h"
+#include "VariableRuntimeCache.h"
VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
@@ -332,6 +333,12 @@ RecordVarErrorFlag (
// Update the data in NV cache.
//
*VarErrFlag = TempFlag;
+ Status = SynchronizeRuntimeVariableCache (
+ &mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache,
+ (UINTN) VarErrFlag - (UINTN) mNvVariableCache + (UINTN) mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,
+ sizeof (TempFlag)
+ );
+ ASSERT_EFI_ERROR (Status);
}
}
}
@@ -755,12 +762,24 @@ Reclaim (
Done:
if (IsVolatile || mVariableModuleGlobal->VariableGlobal.EmuNvMode) {
+ Status = SynchronizeRuntimeVariableCache (
+ &mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache,
+ 0,
+ VariableStoreHeader->Size
+ );
+ ASSERT_EFI_ERROR (Status);
FreePool (ValidBuffer);
} else {
//
// For NV variable reclaim, we use mNvVariableCache as the buffer, so copy the data back.
//
- CopyMem (mNvVariableCache, (UINT8 *)(UINTN)VariableBase, VariableStoreHeader->Size);
+ CopyMem (mNvVariableCache, (UINT8 *) (UINTN) VariableBase, VariableStoreHeader->Size);
+ Status = SynchronizeRuntimeVariableCache (
+ &(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache),
+ 0,
+ VariableStoreHeader->Size
+ );
+ ASSERT_EFI_ERROR (Status);
}
return Status;
@@ -1592,6 +1611,7 @@ UpdateVariable (
VARIABLE_POINTER_TRACK *Variable;
VARIABLE_POINTER_TRACK NvVariable;
VARIABLE_STORE_HEADER *VariableStoreHeader;
+ VARIABLE_RUNTIME_CACHE *VolatileCacheInstance;
UINT8 *BufferForMerge;
UINTN MergedBufSize;
BOOLEAN DataReady;
@@ -2235,6 +2255,21 @@ UpdateVariable (
}
Done:
+ if (!EFI_ERROR (Status)) {
+ if (Variable->Volatile) {
+ VolatileCacheInstance = &(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache);
+ } else {
+ VolatileCacheInstance = &(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache);
+ }
+
+ Status = SynchronizeRuntimeVariableCache (
+ VolatileCacheInstance,
+ 0,
+ VolatileCacheInstance->Store->Size
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
return Status;
}
@@ -3409,6 +3444,12 @@ FlushHobVariableToFlash (
ErrorFlag = TRUE;
}
}
+ Status = SynchronizeRuntimeVariableCache (
+ &mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache,
+ 0,
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.Store->Size
+ );
+ ASSERT_EFI_ERROR (Status);
if (ErrorFlag) {
//
// We still have HOB variable(s) not flushed in flash.
@@ -3419,6 +3460,7 @@ FlushHobVariableToFlash (
// All HOB variables have been flushed in flash.
//
DEBUG ((EFI_D_INFO, "Variable driver: all HOB variables have been flushed in flash.\n"));
+ *(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.HobFlushComplete) = TRUE;
if (!AtRuntime ()) {
FreePool ((VOID *) VariableStoreHeader);
}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
new file mode 100644
index 0000000000..2642d9b000
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
@@ -0,0 +1,153 @@
+/** @file
+ The common variable volatile store routines shared by the DXE_RUNTIME variable
+ module and the DXE_SMM variable module.
+
+ Caution: This module requires additional review when modified.
+ This driver will have external input - variable data. They may be input in SMM mode.
+ This external input must be validated carefully to avoid security issue like
+ buffer overflow, integer overflow.
+
+Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "VariableParsing.h"
+#include "VariableRuntimeCache.h"
+
+extern VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
+extern VARIABLE_STORE_HEADER *mNvVariableCache;
+
+/**
+ Copies any pending updates to runtime variable caches.
+
+ @retval EFI_UNSUPPORTED The volatile store to be updated is not initialized properly.
+ @retval EFI_SUCCESS The volatile store was updated successfully.
+
+**/
+EFI_STATUS
+SynchronizeRuntimeVariableCacheEx (
+ VOID
+ )
+{
+ if (
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.Store == NULL ||
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.Store == NULL ||
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate == NULL
+ ) {
+ return EFI_UNSUPPORTED;
+ }
+
+ if (*(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate)) {
+ if (
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.Store != NULL &&
+ mVariableModuleGlobal->VariableGlobal.HobVariableBase > 0
+ ) {
+ CopyMem (
+ (VOID *) (
+ ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.Store) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.PendingUpdateOffset
+ ),
+ (VOID *) (
+ ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.PendingUpdateOffset
+ ),
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.PendingUpdateLength
+ );
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.PendingUpdateLength = 0;
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeHobCache.PendingUpdateOffset = 0;
+ }
+
+ CopyMem (
+ (VOID *) (
+ ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.Store) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.PendingUpdateOffset
+ ),
+ (VOID *) (
+ ((UINT8 *) (UINTN) mNvVariableCache) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.PendingUpdateOffset
+ ),
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.PendingUpdateLength
+ );
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.PendingUpdateLength = 0;
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeNvCache.PendingUpdateOffset = 0;
+
+ CopyMem (
+ (VOID *) (
+ ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.Store) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.PendingUpdateOffset
+ ),
+ (VOID *) (
+ ((UINT8 *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase) +
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.PendingUpdateOffset
+ ),
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.PendingUpdateLength
+ );
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.PendingUpdateLength = 0;
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.VariableRuntimeVolatileCache.PendingUpdateOffset = 0;
+ *(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate) = FALSE;
+ }
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Synchronizes the runtime variable caches with all pending updates outside runtime.
+
+ Ensures all conditions are met to maintain coherency for runtime cache updates.
+
+ @param[in] VariableRuntimeCache Variable runtime cache structure for the runtime cache being synchronized.
+ @param[in] Offset Offset in bytes to apply the update.
+ @param[in] Length Length of data in bytes of the update.
+
+ @retval EFI_UNSUPPORTED The volatile store to be updated is not initialized properly.
+ @retval EFI_SUCCESS The volatile store was updated successfully.
+
+**/
+EFI_STATUS
+SynchronizeRuntimeVariableCache (
+ IN VARIABLE_RUNTIME_CACHE *VariableRuntimeCache,
+ IN UINTN Offset,
+ IN UINTN Length
+ )
+{
+ if (VariableRuntimeCache == NULL) {
+ return EFI_INVALID_PARAMETER;
+ } else if (VariableRuntimeCache->Store == NULL) {
+ // Runtime cache is not available yet at this point,
+ // Return EFI_SUCCESS instead of EFI_NOT_AVAILABLE_YET to let it progress
+ return EFI_SUCCESS;
+ }
+
+ if (
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate == NULL ||
+ mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.ReadLock == NULL
+ ) {
+ return EFI_UNSUPPORTED;
+ }
+
+ if (
+ *(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate) &&
+ VariableRuntimeCache->PendingUpdateLength > 0
+ ) {
+ VariableRuntimeCache->PendingUpdateLength =
+ (UINT32) (
+ MAX (
+ (UINTN) (VariableRuntimeCache->PendingUpdateOffset + VariableRuntimeCache->PendingUpdateLength),
+ Offset + Length
+ ) - MIN ((UINTN) VariableRuntimeCache->PendingUpdateOffset, Offset)
+ );
+ VariableRuntimeCache->PendingUpdateOffset =
+ (UINT32) MIN ((UINTN) VariableRuntimeCache->PendingUpdateOffset, Offset);
+ } else {
+ VariableRuntimeCache->PendingUpdateLength = (UINT32) Length;
+ VariableRuntimeCache->PendingUpdateOffset = (UINT32) Offset;
+ }
+ *(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.PendingUpdate) = TRUE;
+
+ if (*(mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext.ReadLock) == FALSE) {
+ return SynchronizeRuntimeVariableCacheEx ();
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index bda531d104..1cb6092582 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -32,6 +32,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Variable.h"
#include "VariableNonVolatile.h"
#include "VariableParsing.h"
+#include "VariableRuntimeCache.h"
+
+extern VARIABLE_STORE_HEADER *mNvVariableCache;
BOOLEAN mAtRuntime = FALSE;
UINT8 *mVariableBufferPayload = NULL;
@@ -452,25 +455,29 @@ SmmVariableGetStatistics (
EFI_STATUS
EFIAPI
SmmVariableHandler (
- IN EFI_HANDLE DispatchHandle,
- IN CONST VOID *RegisterContext,
- IN OUT VOID *CommBuffer,
- IN OUT UINTN *CommBufferSize
+ IN EFI_HANDLE DispatchHandle,
+ IN CONST VOID *RegisterContext,
+ IN OUT VOID *CommBuffer,
+ IN OUT UINTN *CommBufferSize
)
{
- EFI_STATUS Status;
- SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
- SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
- SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;
- SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;
- SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE *GetPayloadSize;
- VARIABLE_INFO_ENTRY *VariableInfo;
- SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE *VariableToLock;
- SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY *CommVariableProperty;
- UINTN InfoSize;
- UINTN NameBufferSize;
- UINTN CommBufferPayloadSize;
- UINTN TempCommBufferSize;
+ EFI_STATUS Status;
+ SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
+ SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
+ SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;
+ SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;
+ SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE *GetPayloadSize;
+ SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *RuntimeVariableCacheContext;
+ SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO *GetRuntimeCacheInfo;
+ SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE *VariableToLock;
+ SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY *CommVariableProperty;
+ VARIABLE_INFO_ENTRY *VariableInfo;
+ VARIABLE_RUNTIME_CACHE_CONTEXT *VariableCacheContext;
+ VARIABLE_STORE_HEADER *VariableCache;
+ UINTN InfoSize;
+ UINTN NameBufferSize;
+ UINTN CommBufferPayloadSize;
+ UINTN TempCommBufferSize;
//
// If input is invalid, stop processing this SMI
@@ -790,6 +797,79 @@ SmmVariableHandler (
);
CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize);
break;
+ case SMM_VARIABLE_FUNCTION_INIT_RUNTIME_VARIABLE_CACHE_CONTEXT:
+ if (CommBufferPayloadSize < sizeof (SMM_VARIABLE_FUNCTION_INIT_RUNTIME_VARIABLE_CACHE_CONTEXT)) {
+ DEBUG ((DEBUG_ERROR, "InitRuntimeVariableCacheContext: SMM communication buffer size invalid!\n"));
+ } else if (mEndOfDxe) {
+ DEBUG ((DEBUG_ERROR, "InitRuntimeVariableCacheContext: Cannot init context after end of DXE!\n"));
+ } else {
+ RuntimeVariableCacheContext = (SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *) SmmVariableFunctionHeader->Data;
+ VariableCacheContext = &mVariableModuleGlobal->VariableGlobal.VariableRuntimeCacheContext;
+
+ ASSERT (RuntimeVariableCacheContext->RuntimeVolatileCache != NULL);
+ ASSERT (RuntimeVariableCacheContext->RuntimeNvCache != NULL);
+ ASSERT (RuntimeVariableCacheContext->PendingUpdate != NULL);
+ ASSERT (RuntimeVariableCacheContext->ReadLock != NULL);
+ ASSERT (RuntimeVariableCacheContext->HobFlushComplete != NULL);
+
+ VariableCacheContext->VariableRuntimeHobCache.Store = RuntimeVariableCacheContext->RuntimeHobCache;
+ VariableCacheContext->VariableRuntimeVolatileCache.Store = RuntimeVariableCacheContext->RuntimeVolatileCache;
+ VariableCacheContext->VariableRuntimeNvCache.Store = RuntimeVariableCacheContext->RuntimeNvCache;
+ VariableCacheContext->PendingUpdate = RuntimeVariableCacheContext->PendingUpdate;
+ VariableCacheContext->ReadLock = RuntimeVariableCacheContext->ReadLock;
+ VariableCacheContext->HobFlushComplete = RuntimeVariableCacheContext->HobFlushComplete;
+
+ // Set up the intial pending request since the RT cache needs to be in sync with SMM cache
+ if (mVariableModuleGlobal->VariableGlobal.HobVariableBase == 0) {
+ VariableCacheContext->VariableRuntimeHobCache.PendingUpdateOffset = 0;
+ VariableCacheContext->VariableRuntimeHobCache.PendingUpdateLength = 0;
+ } else {
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
+ VariableCacheContext->VariableRuntimeHobCache.PendingUpdateOffset = 0;
+ VariableCacheContext->VariableRuntimeHobCache.PendingUpdateLength = (UINT32) ((UINTN) GetEndPointer (VariableCache) - (UINTN) VariableCache);
+ CopyGuid (&(VariableCacheContext->VariableRuntimeHobCache.Store->Signature), &(VariableCache->Signature));
+ }
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase;
+ VariableCacheContext->VariableRuntimeVolatileCache.PendingUpdateOffset = 0;
+ VariableCacheContext->VariableRuntimeVolatileCache.PendingUpdateLength = (UINT32) ((UINTN) GetEndPointer (VariableCache) - (UINTN) VariableCache);
+ CopyGuid (&(VariableCacheContext->VariableRuntimeVolatileCache.Store->Signature), &(VariableCache->Signature));
+
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mNvVariableCache;
+ VariableCacheContext->VariableRuntimeNvCache.PendingUpdateOffset = 0;
+ VariableCacheContext->VariableRuntimeNvCache.PendingUpdateLength = (UINT32) ((UINTN) GetEndPointer (VariableCache) - (UINTN) VariableCache);
+ CopyGuid (&(VariableCacheContext->VariableRuntimeNvCache.Store->Signature), &(VariableCache->Signature));
+
+ *(VariableCacheContext->PendingUpdate) = TRUE;
+ *(VariableCacheContext->ReadLock) = FALSE;
+ *(VariableCacheContext->HobFlushComplete) = FALSE;
+ }
+ Status = EFI_SUCCESS;
+ break;
+ case SMM_VARIABLE_FUNCTION_SYNC_RUNTIME_CACHE:
+ Status = SynchronizeRuntimeVariableCacheEx ();
+ break;
+ case SMM_VARIABLE_FUNCTION_GET_RUNTIME_CACHE_INFO:
+ if (CommBufferPayloadSize < sizeof (SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO)) {
+ DEBUG ((DEBUG_ERROR, "GetRuntimeCacheInfo: SMM communication buffer size invalid!\n"));
+ return EFI_SUCCESS;
+ }
+ GetRuntimeCacheInfo = (SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO *) SmmVariableFunctionHeader->Data;
+
+ if (mVariableModuleGlobal->VariableGlobal.HobVariableBase > 0) {
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
+ GetRuntimeCacheInfo->TotalHobStorageSize = VariableCache->Size;
+ } else {
+ GetRuntimeCacheInfo->TotalHobStorageSize = 0;
+ }
+
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase;
+ GetRuntimeCacheInfo->TotalVolatileStorageSize = VariableCache->Size;
+ VariableCache = (VARIABLE_STORE_HEADER *) (UINTN) mNvVariableCache;
+ GetRuntimeCacheInfo->TotalNvStorageSize = (UINTN) VariableCache->Size;
+ GetRuntimeCacheInfo->AuthenticatedVariableUsage = mVariableModuleGlobal->VariableGlobal.AuthFormat;
+
+ Status = EFI_SUCCESS;
+ break;
default:
Status = EFI_UNSUPPORTED;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 5bf90039d6..237908e5a2 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -32,10 +32,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/UefiRuntimeLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
+#include <Library/TimerLib.h>
#include <Library/UefiLib.h>
#include <Library/BaseLib.h>
#include <Guid/EventGroup.h>
+#include <Guid/PiSmmCommunicationRegionTable.h>
#include <Guid/SmmVariableCommon.h>
#include "PrivilegePolymorphic.h"
@@ -47,8 +49,19 @@ EFI_EVENT mVirtualAddressChangeEvent = NULL;
EFI_SMM_COMMUNICATION_PROTOCOL *mSmmCommunication = NULL;
UINT8 *mVariableBuffer = NULL;
UINT8 *mVariableBufferPhysical = NULL;
+VARIABLE_INFO_ENTRY *mVariableInfo = NULL;
+VARIABLE_STORE_HEADER *mVariableRuntimeHobCacheBuffer = NULL;
+VARIABLE_STORE_HEADER *mVariableRuntimeNvCacheBuffer = NULL;
+VARIABLE_STORE_HEADER *mVariableRuntimeVolatileCacheBuffer = NULL;
UINTN mVariableBufferSize;
+UINTN mVariableRuntimeHobCacheBufferSize;
+UINTN mVariableRuntimeNvCacheBufferSize;
+UINTN mVariableRuntimeVolatileCacheBufferSize;
UINTN mVariableBufferPayloadSize;
+BOOLEAN mVariableRuntimeCachePendingUpdate;
+BOOLEAN mVariableRuntimeCacheReadLock;
+BOOLEAN mVariableAuthFormat;
+BOOLEAN mHobFlushComplete;
EFI_LOCK mVariableServicesLock;
EDKII_VARIABLE_LOCK_PROTOCOL mVariableLock;
EDKII_VAR_CHECK_PROTOCOL mVarCheck;
@@ -108,6 +121,73 @@ ReleaseLockOnlyAtBootTime (
}
}
+/**
+ Return TRUE if ExitBootServices () has been called.
+
+ @retval TRUE If ExitBootServices () has been called.
+**/
+BOOLEAN
+AtRuntime (
+ VOID
+ )
+{
+ return EfiAtRuntime ();
+}
+
+/**
+ Initialize the variable cache buffer as an empty variable store.
+
+ @param[out] VariableCacheBuffer A pointer to pointer of a cache variable store.
+ @param[in,out] TotalVariableCacheSize On input, the minimum size needed for the UEFI variable store cache
+ buffer that is allocated. On output, the actual size of the buffer allocated.
+ If TotalVariableCacheSize is zero, a buffer will not be allocated and the
+ function will return with EFI_SUCCESS.
+
+ @retval EFI_SUCCESS The variable cache was allocated and initialized successfully.
+ @retval EFI_INVALID_PARAMETER A given pointer is NULL or an invalid variable store size was specified.
+ @retval EFI_OUT_OF_RESOURCES Insufficient resources are available to allocate the variable store cache buffer.
+
+**/
+EFI_STATUS
+EFIAPI
+InitVariableCache (
+ OUT VARIABLE_STORE_HEADER **VariableCacheBuffer,
+ IN OUT UINTN *TotalVariableCacheSize
+ )
+{
+ VARIABLE_STORE_HEADER *VariableCacheStorePtr;
+
+ if (TotalVariableCacheSize == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+ if (*TotalVariableCacheSize == 0) {
+ return EFI_SUCCESS;
+ }
+ if (VariableCacheBuffer == NULL || *TotalVariableCacheSize < sizeof (VARIABLE_STORE_HEADER)) {
+ return EFI_INVALID_PARAMETER;
+ }
+ *TotalVariableCacheSize = ALIGN_VALUE (*TotalVariableCacheSize, sizeof (UINT32));
+
+ //
+ // Allocate NV Storage Cache and initialize it to all 1's (like an erased FV)
+ //
+ *VariableCacheBuffer = (VARIABLE_STORE_HEADER *) AllocateRuntimePages (
+ EFI_SIZE_TO_PAGES (*TotalVariableCacheSize)
+ );
+ if (*VariableCacheBuffer == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+ VariableCacheStorePtr = *VariableCacheBuffer;
+ SetMem32 ((VOID *) VariableCacheStorePtr, *TotalVariableCacheSize, (UINT32) 0xFFFFFFFF);
+
+ ZeroMem ((VOID *) VariableCacheStorePtr, sizeof (VARIABLE_STORE_HEADER));
+ VariableCacheStorePtr->Size = (UINT32) *TotalVariableCacheSize;
+ VariableCacheStorePtr->Format = VARIABLE_STORE_FORMATTED;
+ VariableCacheStorePtr->State = VARIABLE_STORE_HEALTHY;
+
+ return EFI_SUCCESS;
+}
+
/**
Initialize the communicate buffer using DataSize and Function.
@@ -154,6 +234,69 @@ InitCommunicateBuffer (
}
+/**
+ Gets a SMM communicate buffer from the EDKII_PI_SMM_COMMUNICATION_REGION_TABLE installed as an entry in the UEFI
+ system configuration table. A generic SMM communication buffer DXE driver may install the table or a custom table
+ may be installed by a platform-specific driver.
+
+ The communicate size is: SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE +
+ DataSize.
+
+ @param[in,out] CommBufferSize On input, the minimum size needed for the communication buffer.
+ On output, the SMM buffer size available at CommBuffer.
+ @param[out] CommBuffer A pointer to an SMM communication buffer pointer.
+
+ @retval EFI_SUCCESS The communication buffer was found successfully.
+ @retval EFI_INVALID_PARAMETER A given pointer is NULL or the CommBufferSize is zero.
+ @retval EFI_NOT_FOUND The EDKII_PI_SMM_COMMUNICATION_REGION_TABLE was not found.
+ @retval EFI_OUT_OF_RESOURCES A valid SMM communicate buffer for the requested size is not available.
+
+**/
+EFI_STATUS
+GetCommunicateBuffer (
+ IN OUT UINTN *CommBufferSize,
+ OUT UINT8 **CommBuffer
+ )
+{
+ EFI_STATUS Status;
+ EDKII_PI_SMM_COMMUNICATION_REGION_TABLE *PiSmmCommunicationRegionTable;
+ EFI_MEMORY_DESCRIPTOR *Entry;
+ UINTN EntrySize;
+ UINT32 Index;
+
+ if (CommBuffer == NULL || CommBufferSize == NULL || *CommBufferSize == 0) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ Status = EfiGetSystemConfigurationTable (
+ &gEdkiiPiSmmCommunicationRegionTableGuid,
+ (VOID **) &PiSmmCommunicationRegionTable
+ );
+ if (EFI_ERROR (Status) || PiSmmCommunicationRegionTable == NULL) {
+ return EFI_NOT_FOUND;
+ }
+
+ Entry = (EFI_MEMORY_DESCRIPTOR *) (PiSmmCommunicationRegionTable + 1);
+ EntrySize = 0;
+ for (Index = 0; Index < PiSmmCommunicationRegionTable->NumberOfEntries; Index++) {
+ if (Entry->Type == EfiConventionalMemory) {
+ EntrySize = EFI_PAGES_TO_SIZE ((UINTN) Entry->NumberOfPages);
+ if (EntrySize >= *CommBufferSize) {
+ break;
+ }
+ }
+ Entry = (EFI_MEMORY_DESCRIPTOR *) ((UINT8 *) Entry + PiSmmCommunicationRegionTable->DescriptorSize);
+ }
+
+ if (Index < PiSmmCommunicationRegionTable->NumberOfEntries) {
+ *CommBufferSize = EntrySize;
+ *CommBuffer = (UINT8 *) (UINTN) Entry->PhysicalStart;
+ return EFI_SUCCESS;
+ }
+
+ return EFI_OUT_OF_RESOURCES;
+}
+
/**
Send the data in communicate buffer to SMM.
@@ -425,6 +568,171 @@ Done:
return Status;
}
+/**
+ Signals SMM to synchronize any pending variable updates with the runtime cache(s).
+
+**/
+VOID
+EFIAPI
+SyncRuntimeCache (
+ VOID
+ )
+{
+ //
+ // Init the communicate buffer. The buffer data size is:
+ // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE.
+ //
+ InitCommunicateBuffer (NULL, 0, SMM_VARIABLE_FUNCTION_SYNC_RUNTIME_CACHE);
+
+ //
+ // Send data to SMM.
+ //
+ SendCommunicateBuffer (0);
+}
+
+/**
+ Check whether a SMI must be triggered to retrieve pending cache updates.
+
+ If the variable HOB was finished being flushed since the last check for a runtime cache update, this function
+ will prevent the HOB cache from being used for future runtime cache hits.
+
+**/
+VOID
+EFIAPI
+CheckForRuntimeCacheSync (
+ VOID
+ )
+{
+ if (mVariableRuntimeCachePendingUpdate) {
+ SyncRuntimeCache ();
+ }
+ ASSERT (!mVariableRuntimeCachePendingUpdate);
+
+ //
+ // The HOB variable data may have finished being flushed in the runtime cache sync update
+ //
+ if (mHobFlushComplete && mVariableRuntimeHobCacheBuffer != NULL) {
+ if (!AtRuntime ()) {
+ FreePool (mVariableRuntimeHobCacheBuffer);
+ }
+ mVariableRuntimeHobCacheBuffer = NULL;
+ }
+}
+
+/**
+ This code finds variable in a volatile memory store.
+
+ Caution: This function may receive untrusted input.
+ The data size is external input, so this function will validate it carefully to avoid buffer overflow.
+
+ @param[in] VariableName Name of Variable to be found.
+ @param[in] VendorGuid Variable vendor GUID.
+ @param[out] Attributes Attribute value of the variable found.
+ @param[in, out] DataSize Size of Data found. If size is less than the
+ data, this value contains the required size.
+ @param[out] Data Data pointer.
+
+ @retval EFI_SUCCESS Found the specified variable.
+ @retval EFI_INVALID_PARAMETER Invalid parameter.
+ @retval EFI_NOT_FOUND The specified variable could not be found.
+
+**/
+EFI_STATUS
+EFIAPI
+FindVariableInRuntimeCache (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ OUT UINT32 *Attributes OPTIONAL,
+ IN OUT UINTN *DataSize,
+ OUT VOID *Data OPTIONAL
+ )
+{
+ EFI_STATUS Status;
+ UINTN DelayIndex;
+ UINTN TempDataSize;
+ VARIABLE_POINTER_TRACK RtPtrTrack;
+ VARIABLE_STORE_TYPE StoreType;
+ VARIABLE_STORE_HEADER *VariableStoreList[VariableStoreTypeMax];
+
+ Status = EFI_NOT_FOUND;
+
+ if (VariableName == NULL || VendorGuid == NULL || DataSize == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ for (DelayIndex = 0; mVariableRuntimeCacheReadLock && DelayIndex < VARIABLE_RT_CACHE_READ_LOCK_TIMEOUT; DelayIndex++) {
+ MicroSecondDelay (10);
+ }
+ if (DelayIndex < VARIABLE_RT_CACHE_READ_LOCK_TIMEOUT) {
+ ASSERT (!mVariableRuntimeCacheReadLock);
+
+ mVariableRuntimeCacheReadLock = TRUE;
+ CheckForRuntimeCacheSync ();
+
+ if (!mVariableRuntimeCachePendingUpdate) {
+ //
+ // 0: Volatile, 1: HOB, 2: Non-Volatile.
+ // The index and attributes mapping must be kept in this order as FindVariable
+ // makes use of this mapping to implement search algorithm.
+ //
+ VariableStoreList[VariableStoreTypeVolatile] = mVariableRuntimeVolatileCacheBuffer;
+ VariableStoreList[VariableStoreTypeHob] = mVariableRuntimeHobCacheBuffer;
+ VariableStoreList[VariableStoreTypeNv] = mVariableRuntimeNvCacheBuffer;
+
+ for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType < VariableStoreTypeMax; StoreType++) {
+ if (VariableStoreList[StoreType] == NULL) {
+ continue;
+ }
+
+ RtPtrTrack.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
+ RtPtrTrack.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
+ RtPtrTrack.Volatile = (BOOLEAN) (StoreType == VariableStoreTypeVolatile);
+
+ Status = FindVariableEx (VariableName, VendorGuid, FALSE, &RtPtrTrack);
+ if (!EFI_ERROR (Status)) {
+ break;
+ }
+ }
+
+ if (!EFI_ERROR (Status)) {
+ //
+ // Get data size
+ //
+ TempDataSize = DataSizeOfVariable (RtPtrTrack.CurrPtr);
+ ASSERT (TempDataSize != 0);
+
+ if (*DataSize >= TempDataSize) {
+ if (Data == NULL) {
+ Status = EFI_INVALID_PARAMETER;
+ goto Done;
+ }
+
+ CopyMem (Data, GetVariableDataPtr (RtPtrTrack.CurrPtr), TempDataSize);
+ if (Attributes != NULL) {
+ *Attributes = RtPtrTrack.CurrPtr->Attributes;
+ }
+
+ *DataSize = TempDataSize;
+
+ UpdateVariableInfo (VariableName, VendorGuid, RtPtrTrack.Volatile, TRUE, FALSE, FALSE, TRUE, &mVariableInfo);
+
+ Status = EFI_SUCCESS;
+ goto Done;
+ } else {
+ *DataSize = TempDataSize;
+ Status = EFI_BUFFER_TOO_SMALL;
+ goto Done;
+ }
+ }
+ }
+ }
+
+Done:
+ mVariableRuntimeCacheReadLock = FALSE;
+
+ return Status;
+}
+
/**
This code finds variable in storage blocks (Volatile or Non-Volatile).
@@ -455,91 +763,21 @@ RuntimeServiceGetVariable (
)
{
EFI_STATUS Status;
- UINTN PayloadSize;
- SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
- UINTN TempDataSize;
- UINTN VariableNameSize;
if (VariableName == NULL || VendorGuid == NULL || DataSize == NULL) {
return EFI_INVALID_PARAMETER;
}
-
- TempDataSize = *DataSize;
- VariableNameSize = StrSize (VariableName);
- SmmVariableHeader = NULL;
-
- //
- // If VariableName exceeds SMM payload limit. Return failure
- //
- if (VariableNameSize > mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
- return EFI_INVALID_PARAMETER;
- }
-
- AcquireLockOnlyAtBootTime(&mVariableServicesLock);
-
- //
- // Init the communicate buffer. The buffer data size is:
- // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
- //
- if (TempDataSize > mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) - VariableNameSize) {
- //
- // If output data buffer exceed SMM payload limit. Trim output buffer to SMM payload size
- //
- TempDataSize = mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) - VariableNameSize;
- }
- PayloadSize = OFFSET_OF (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + VariableNameSize + TempDataSize;
-
- Status = InitCommunicateBuffer ((VOID **)&SmmVariableHeader, PayloadSize, SMM_VARIABLE_FUNCTION_GET_VARIABLE);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- ASSERT (SmmVariableHeader != NULL);
-
- CopyGuid (&SmmVariableHeader->Guid, VendorGuid);
- SmmVariableHeader->DataSize = TempDataSize;
- SmmVariableHeader->NameSize = VariableNameSize;
- if (Attributes == NULL) {
- SmmVariableHeader->Attributes = 0;
- } else {
- SmmVariableHeader->Attributes = *Attributes;
- }
- CopyMem (SmmVariableHeader->Name, VariableName, SmmVariableHeader->NameSize);
-
- //
- // Send data to SMM.
- //
- Status = SendCommunicateBuffer (PayloadSize);
-
- //
- // Get data from SMM.
- //
- if (Status == EFI_SUCCESS || Status == EFI_BUFFER_TOO_SMALL) {
- //
- // SMM CommBuffer DataSize can be a trimed value
- // Only update DataSize when needed
- //
- *DataSize = SmmVariableHeader->DataSize;
- }
- if (Attributes != NULL) {
- *Attributes = SmmVariableHeader->Attributes;
- }
-
- if (EFI_ERROR (Status)) {
- goto Done;
- }
-
- if (Data != NULL) {
- CopyMem (Data, (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize, SmmVariableHeader->DataSize);
- } else {
- Status = EFI_INVALID_PARAMETER;
+ if (VariableName[0] == 0) {
+ return EFI_NOT_FOUND;
}
-Done:
+ AcquireLockOnlyAtBootTime (&mVariableServicesLock);
+ Status = FindVariableInRuntimeCache (VariableName, VendorGuid, Attributes, DataSize, Data);
ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
+
return Status;
}
-
/**
This code Finds the Next available variable.
@@ -871,6 +1109,17 @@ OnReadyToBoot (
//
SendCommunicateBuffer (0);
+ //
+ // Install the system configuration table for variable info data captured
+ //
+ if (FeaturePcdGet (PcdVariableCollectStatistics)) {
+ if (mVariableAuthFormat) {
+ gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, mVariableInfo);
+ } else {
+ gBS->InstallConfigurationTable (&gEfiVariableGuid, mVariableInfo);
+ }
+ }
+
gBS->CloseEvent (Event);
}
@@ -894,6 +1143,9 @@ VariableAddressChangeEvent (
{
EfiConvertPointer (0x0, (VOID **) &mVariableBuffer);
EfiConvertPointer (0x0, (VOID **) &mSmmCommunication);
+ EfiConvertPointer (0x0, (VOID **) &mVariableRuntimeHobCacheBuffer);
+ EfiConvertPointer (0x0, (VOID **) &mVariableRuntimeNvCacheBuffer);
+ EfiConvertPointer (0x0, (VOID **) &mVariableRuntimeVolatileCacheBuffer);
}
/**
@@ -970,6 +1222,173 @@ Done:
return Status;
}
+/**
+ This code gets information needed from SMM for runtime cache initialization.
+
+ @param[out] TotalHobStorageSize Output pointer for the total HOB storage size in bytes.
+ @param[out] TotalNvStorageSize Output pointer for the total non-volatile storage size in bytes.
+ @param[out] TotalVolatileStorageSize Output pointer for the total volatile storage size in bytes.
+ @param[out] AuthenticatedVariableUsage Output pointer that indicates if authenticated variables are to be used.
+
+ @retval EFI_SUCCESS Retrieved the size successfully.
+ @retval EFI_INVALID_PARAMETER TotalNvStorageSize parameter is NULL.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate a CommBuffer.
+ @retval Others Could not retrieve the size successfully.;
+
+**/
+EFI_STATUS
+EFIAPI
+GetRuntimeCacheInfo (
+ OUT UINTN *TotalHobStorageSize,
+ OUT UINTN *TotalNvStorageSize,
+ OUT UINTN *TotalVolatileStorageSize,
+ OUT BOOLEAN *AuthenticatedVariableUsage
+ )
+{
+ EFI_STATUS Status;
+ SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO *SmmGetRuntimeCacheInfo;
+ EFI_SMM_COMMUNICATE_HEADER *SmmCommunicateHeader;
+ SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
+ UINTN CommSize;
+ UINTN CommBufferSize;
+ UINT8 *CommBuffer;
+
+ SmmGetRuntimeCacheInfo = NULL;
+ CommBuffer = NULL;
+
+ if (TotalHobStorageSize == NULL || TotalNvStorageSize == NULL || TotalVolatileStorageSize == NULL || AuthenticatedVariableUsage == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ AcquireLockOnlyAtBootTime (&mVariableServicesLock);
+
+ CommSize = SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + sizeof (SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO);
+ CommBufferSize = CommSize;
+ Status = GetCommunicateBuffer (&CommBufferSize, &CommBuffer);
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
+ if (CommBuffer == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+ ZeroMem (CommBuffer, CommBufferSize);
+
+ SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) CommBuffer;
+ CopyGuid (&SmmCommunicateHeader->HeaderGuid, &gEfiSmmVariableProtocolGuid);
+ SmmCommunicateHeader->MessageLength = SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + sizeof (SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO);
+
+ SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *) SmmCommunicateHeader->Data;
+ SmmVariableFunctionHeader->Function = SMM_VARIABLE_FUNCTION_GET_RUNTIME_CACHE_INFO;
+ SmmGetRuntimeCacheInfo = (SMM_VARIABLE_COMMUNICATE_GET_RUNTIME_CACHE_INFO *) SmmVariableFunctionHeader->Data;
+
+ //
+ // Send data to SMM.
+ //
+ Status = mSmmCommunication->Communicate (mSmmCommunication, CommBuffer, &CommSize);
+ ASSERT_EFI_ERROR (Status);
+ if (CommSize <= SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {
+ Status = EFI_BAD_BUFFER_SIZE;
+ goto Done;
+ }
+
+ Status = SmmVariableFunctionHeader->ReturnStatus;
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
+
+ //
+ // Get data from SMM.
+ //
+ *TotalHobStorageSize = SmmGetRuntimeCacheInfo->TotalHobStorageSize;
+ *TotalNvStorageSize = SmmGetRuntimeCacheInfo->TotalNvStorageSize;
+ *TotalVolatileStorageSize = SmmGetRuntimeCacheInfo->TotalVolatileStorageSize;
+ *AuthenticatedVariableUsage = SmmGetRuntimeCacheInfo->AuthenticatedVariableUsage;
+
+Done:
+ ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
+ return Status;
+}
+
+/**
+ Sends the runtime variable cache context information to SMM.
+
+ @retval EFI_SUCCESS Retrieved the size successfully.
+ @retval EFI_INVALID_PARAMETER TotalNvStorageSize parameter is NULL.
+ @retval EFI_OUT_OF_RESOURCES Could not allocate a CommBuffer.
+ @retval Others Could not retrieve the size successfully.;
+
+**/
+EFI_STATUS
+EFIAPI
+SendRuntimeVariableCacheContextToSmm (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *SmmRuntimeVarCacheContext;
+ EFI_SMM_COMMUNICATE_HEADER *SmmCommunicateHeader;
+ SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
+ UINTN CommSize;
+ UINTN CommBufferSize;
+ UINT8 *CommBuffer;
+
+ SmmRuntimeVarCacheContext = NULL;
+ CommBuffer = NULL;
+
+ AcquireLockOnlyAtBootTime (&mVariableServicesLock);
+
+ //
+ // Init the communicate buffer. The buffer data size is:
+ // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + sizeof (SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT);
+ //
+ CommSize = SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + sizeof (SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT);
+ CommBufferSize = CommSize;
+ Status = GetCommunicateBuffer (&CommBufferSize, &CommBuffer);
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
+ if (CommBuffer == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+ ZeroMem (CommBuffer, CommBufferSize);
+
+ SmmCommunicateHeader = (EFI_SMM_COMMUNICATE_HEADER *) CommBuffer;
+ CopyGuid (&SmmCommunicateHeader->HeaderGuid, &gEfiSmmVariableProtocolGuid);
+ SmmCommunicateHeader->MessageLength = SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + sizeof (SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT);
+
+ SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *) SmmCommunicateHeader->Data;
+ SmmVariableFunctionHeader->Function = SMM_VARIABLE_FUNCTION_INIT_RUNTIME_VARIABLE_CACHE_CONTEXT;
+ SmmRuntimeVarCacheContext = (SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *) SmmVariableFunctionHeader->Data;
+
+ SmmRuntimeVarCacheContext->RuntimeHobCache = mVariableRuntimeHobCacheBuffer;
+ SmmRuntimeVarCacheContext->RuntimeVolatileCache = mVariableRuntimeVolatileCacheBuffer;
+ SmmRuntimeVarCacheContext->RuntimeNvCache = mVariableRuntimeNvCacheBuffer;
+ SmmRuntimeVarCacheContext->PendingUpdate = &mVariableRuntimeCachePendingUpdate;
+ SmmRuntimeVarCacheContext->ReadLock = &mVariableRuntimeCacheReadLock;
+ SmmRuntimeVarCacheContext->HobFlushComplete = &mHobFlushComplete;
+
+ //
+ // Send data to SMM.
+ //
+ Status = mSmmCommunication->Communicate (mSmmCommunication, CommBuffer, &CommSize);
+ ASSERT_EFI_ERROR (Status);
+ if (CommSize <= SMM_VARIABLE_COMMUNICATE_HEADER_SIZE) {
+ Status = EFI_BAD_BUFFER_SIZE;
+ goto Done;
+ }
+
+ Status = SmmVariableFunctionHeader->ReturnStatus;
+ if (EFI_ERROR (Status)) {
+ goto Done;
+ }
+
+Done:
+ ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
+ return Status;
+}
+
/**
Initialize variable service and install Variable Architectural protocol.
@@ -986,7 +1405,7 @@ SmmVariableReady (
{
EFI_STATUS Status;
- Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mSmmVariable);
+ Status = gBS->LocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **) &mSmmVariable);
if (EFI_ERROR (Status)) {
return;
}
@@ -1008,6 +1427,40 @@ SmmVariableReady (
//
mVariableBufferPhysical = mVariableBuffer;
+ //
+ // Allocate runtime variable cache memory buffers.
+ //
+ Status = GetRuntimeCacheInfo (
+ &mVariableRuntimeHobCacheBufferSize,
+ &mVariableRuntimeNvCacheBufferSize,
+ &mVariableRuntimeVolatileCacheBufferSize,
+ &mVariableAuthFormat
+ );
+ if (!EFI_ERROR (Status)) {
+ Status = InitVariableCache (&mVariableRuntimeHobCacheBuffer, &mVariableRuntimeHobCacheBufferSize);
+ if (!EFI_ERROR (Status)) {
+ Status = InitVariableCache (&mVariableRuntimeNvCacheBuffer, &mVariableRuntimeNvCacheBufferSize);
+ if (!EFI_ERROR (Status)) {
+ Status = InitVariableCache (&mVariableRuntimeVolatileCacheBuffer, &mVariableRuntimeVolatileCacheBufferSize);
+ if (!EFI_ERROR (Status)) {
+ Status = InitVariableHelpers (mVariableAuthFormat);
+ ASSERT_EFI_ERROR (Status);
+
+ Status = SendRuntimeVariableCacheContextToSmm ();
+ if (!EFI_ERROR (Status)) {
+ SyncRuntimeCache ();
+ }
+ }
+ }
+ }
+ if (EFI_ERROR (Status)) {
+ mVariableRuntimeHobCacheBuffer = NULL;
+ mVariableRuntimeNvCacheBuffer = NULL;
+ mVariableRuntimeVolatileCacheBuffer = NULL;
+ }
+ }
+ ASSERT_EFI_ERROR (Status);
+
gRT->GetVariable = RuntimeServiceGetVariable;
gRT->GetNextVariableName = RuntimeServiceGetNextVariableName;
gRT->SetVariable = RuntimeServiceSetVariable;
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH V1 4/5] MdeModulePkg/Variable: Add RT GetNextVariableName() cache support
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
` (2 preceding siblings ...)
2019-09-26 4:50 ` [PATCH V1 3/5] MdeModulePkg/Variable: Add RT GetVariable() cache support Kubacki, Michael A
@ 2019-09-26 4:50 ` Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 5/5] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Kubacki, Michael A
2019-09-26 18:23 ` [PATCH V1 0/5] UEFI Variable SMI Reduction Laszlo Ersek
5 siblings, 0 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
https://bugzilla.tianocore.org/show_bug.cgi?id=2220
This change implements the Runtime Service GetNextVariableName()
using the Runtime Cache in VariableSmmRuntimeDxe. Runtime Service
calls to GetNextVariableName() will no longer trigger a SW SMI.
Overall system performance and stability will be improved by
eliminating an SMI for these calls as they typically result in a
relatively large number of invocations to retrieve all variable
names in all variable stores present.
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 118 +++++++++-----------
1 file changed, 50 insertions(+), 68 deletions(-)
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 237908e5a2..ff3c390a7d 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -799,87 +799,69 @@ RuntimeServiceGetNextVariableName (
IN OUT EFI_GUID *VendorGuid
)
{
- EFI_STATUS Status;
- UINTN PayloadSize;
- SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *SmmGetNextVariableName;
- UINTN OutVariableNameSize;
- UINTN InVariableNameSize;
+ EFI_STATUS Status;
+ UINTN DelayIndex;
+ UINTN MaxLen;
+ UINTN VarNameSize;
+ VARIABLE_HEADER *VariablePtr;
+ VARIABLE_STORE_HEADER *VariableStoreHeader[VariableStoreTypeMax];
+
+ Status = EFI_NOT_FOUND;
if (VariableNameSize == NULL || VariableName == NULL || VendorGuid == NULL) {
return EFI_INVALID_PARAMETER;
}
- OutVariableNameSize = *VariableNameSize;
- InVariableNameSize = StrSize (VariableName);
- SmmGetNextVariableName = NULL;
-
//
- // If input string exceeds SMM payload limit. Return failure
+ // Calculate the possible maximum length of name string, including the Null terminator.
//
- if (InVariableNameSize > mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
+ MaxLen = *VariableNameSize / sizeof (CHAR16);
+ if ((MaxLen == 0) || (StrnLenS (VariableName, MaxLen) == MaxLen)) {
+ //
+ // Null-terminator is not found in the first VariableNameSize bytes of the input VariableName buffer,
+ // follow spec to return EFI_INVALID_PARAMETER.
+ //
return EFI_INVALID_PARAMETER;
}
- AcquireLockOnlyAtBootTime(&mVariableServicesLock);
+ AcquireLockOnlyAtBootTime (&mVariableServicesLock);
- //
- // Init the communicate buffer. The buffer data size is:
- // SMM_COMMUNICATE_HEADER_SIZE + SMM_VARIABLE_COMMUNICATE_HEADER_SIZE + PayloadSize.
- //
- if (OutVariableNameSize > mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
- //
- // If output buffer exceed SMM payload limit. Trim output buffer to SMM payload size
- //
- OutVariableNameSize = mVariableBufferPayloadSize - OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name);
+ for (DelayIndex = 0; mVariableRuntimeCacheReadLock && DelayIndex < VARIABLE_RT_CACHE_READ_LOCK_TIMEOUT; DelayIndex++) {
+ MicroSecondDelay (10);
}
- //
- // Payload should be Guid + NameSize + MAX of Input & Output buffer
- //
- PayloadSize = OFFSET_OF (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name) + MAX (OutVariableNameSize, InVariableNameSize);
-
- Status = InitCommunicateBuffer ((VOID **)&SmmGetNextVariableName, PayloadSize, SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- ASSERT (SmmGetNextVariableName != NULL);
-
- //
- // SMM comm buffer->NameSize is buffer size for return string
- //
- SmmGetNextVariableName->NameSize = OutVariableNameSize;
-
- CopyGuid (&SmmGetNextVariableName->Guid, VendorGuid);
- //
- // Copy whole string
- //
- CopyMem (SmmGetNextVariableName->Name, VariableName, InVariableNameSize);
- if (OutVariableNameSize > InVariableNameSize) {
- ZeroMem ((UINT8 *) SmmGetNextVariableName->Name + InVariableNameSize, OutVariableNameSize - InVariableNameSize);
- }
-
- //
- // Send data to SMM
- //
- Status = SendCommunicateBuffer (PayloadSize);
-
- //
- // Get data from SMM.
- //
- if (Status == EFI_SUCCESS || Status == EFI_BUFFER_TOO_SMALL) {
- //
- // SMM CommBuffer NameSize can be a trimed value
- // Only update VariableNameSize when needed
- //
- *VariableNameSize = SmmGetNextVariableName->NameSize;
- }
- if (EFI_ERROR (Status)) {
- goto Done;
+ if (DelayIndex < VARIABLE_RT_CACHE_READ_LOCK_TIMEOUT) {
+ ASSERT (!mVariableRuntimeCacheReadLock);
+
+ CheckForRuntimeCacheSync ();
+ mVariableRuntimeCacheReadLock = TRUE;
+
+ if (!mVariableRuntimeCachePendingUpdate) {
+ //
+ // 0: Volatile, 1: HOB, 2: Non-Volatile.
+ // The index and attributes mapping must be kept in this order as FindVariable
+ // makes use of this mapping to implement search algorithm.
+ //
+ VariableStoreHeader[VariableStoreTypeVolatile] = mVariableRuntimeVolatileCacheBuffer;
+ VariableStoreHeader[VariableStoreTypeHob] = mVariableRuntimeHobCacheBuffer;
+ VariableStoreHeader[VariableStoreTypeNv] = mVariableRuntimeNvCacheBuffer;
+
+ Status = GetNextVariableEx (VariableName, VendorGuid, VariableStoreHeader, &VariablePtr);
+ if (!EFI_ERROR (Status)) {
+ VarNameSize = NameSizeOfVariable (VariablePtr);
+ ASSERT (VarNameSize != 0);
+ if (VarNameSize <= *VariableNameSize) {
+ CopyMem (VariableName, GetVariableNamePtr (VariablePtr), VarNameSize);
+ CopyMem (VendorGuid, GetVendorGuidPtr (VariablePtr), sizeof (EFI_GUID));
+ Status = EFI_SUCCESS;
+ } else {
+ Status = EFI_BUFFER_TOO_SMALL;
+ }
+
+ *VariableNameSize = VarNameSize;
+ }
+ }
}
-
- CopyGuid (VendorGuid, &SmmGetNextVariableName->Guid);
- CopyMem (VariableName, SmmGetNextVariableName->Name, SmmGetNextVariableName->NameSize);
-
-Done:
+ mVariableRuntimeCacheReadLock = FALSE;
ReleaseLockOnlyAtBootTime (&mVariableServicesLock);
return Status;
}
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH V1 5/5] MdeModulePkg/VariableSmm: Remove unused SMI handler functions
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
` (3 preceding siblings ...)
2019-09-26 4:50 ` [PATCH V1 4/5] MdeModulePkg/Variable: Add RT GetNextVariableName() " Kubacki, Michael A
@ 2019-09-26 4:50 ` Kubacki, Michael A
2019-09-26 18:23 ` [PATCH V1 0/5] UEFI Variable SMI Reduction Laszlo Ersek
5 siblings, 0 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 4:50 UTC (permalink / raw)
To: devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Laszlo Ersek, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
Since Runtime Services GetVariable() and GetNextVariableName() no longer
trigger a SW SMI, this change removes the code for handling those requests
from VariableSmm.c.
The following SMM communicate functions are removed from
SmmVariableHandler():
1. SMM_VARIABLE_FUNCTION_GET_VARIABLE
2. SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME
The function numbers are retained so any calls to those functions from
previously built drivers will return EFI_UNSUPPORTED.
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
MdeModulePkg/Include/Guid/SmmVariableCommon.h | 4 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 101 --------------------
2 files changed, 1 insertion(+), 104 deletions(-)
diff --git a/MdeModulePkg/Include/Guid/SmmVariableCommon.h b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
index ceef44dfd2..6a73d1e21a 100644
--- a/MdeModulePkg/Include/Guid/SmmVariableCommon.h
+++ b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
@@ -106,7 +106,7 @@ typedef struct {
EFI_GUID Guid;
UINTN NameSize; // Return name buffer size
CHAR16 Name[1];
-} SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME;
+} SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE;
///
/// This structure is used to communicate with SMI handler by QueryVariableInfo.
@@ -118,8 +118,6 @@ typedef struct {
UINT32 Attributes;
} SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO;
-typedef SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE;
-
typedef struct {
EFI_GUID Guid;
UINTN NameSize;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 1cb6092582..72448ddb46 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -464,7 +464,6 @@ SmmVariableHandler (
EFI_STATUS Status;
SMM_VARIABLE_COMMUNICATE_HEADER *SmmVariableFunctionHeader;
SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
- SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;
SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;
SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE *GetPayloadSize;
SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT *RuntimeVariableCacheContext;
@@ -475,7 +474,6 @@ SmmVariableHandler (
VARIABLE_RUNTIME_CACHE_CONTEXT *VariableCacheContext;
VARIABLE_STORE_HEADER *VariableCache;
UINTN InfoSize;
- UINTN NameBufferSize;
UINTN CommBufferPayloadSize;
UINTN TempCommBufferSize;
@@ -505,105 +503,6 @@ SmmVariableHandler (
SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
switch (SmmVariableFunctionHeader->Function) {
- case SMM_VARIABLE_FUNCTION_GET_VARIABLE:
- if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
- DEBUG ((EFI_D_ERROR, "GetVariable: SMM communication buffer size invalid!\n"));
- return EFI_SUCCESS;
- }
- //
- // Copy the input communicate buffer payload to pre-allocated SMM variable buffer payload.
- //
- CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data, CommBufferPayloadSize);
- SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *) mVariableBufferPayload;
- if (((UINTN)(~0) - SmmVariableHeader->DataSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) ||
- ((UINTN)(~0) - SmmVariableHeader->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) + SmmVariableHeader->DataSize)) {
- //
- // Prevent InfoSize overflow happen
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
- InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)
- + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize;
-
- //
- // SMRAM range check already covered before
- //
- if (InfoSize > CommBufferPayloadSize) {
- DEBUG ((EFI_D_ERROR, "GetVariable: Data size exceed communication buffer size limit!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- //
- // The VariableSpeculationBarrier() call here is to ensure the previous
- // range/content checks for the CommBuffer have been completed before the
- // subsequent consumption of the CommBuffer content.
- //
- VariableSpeculationBarrier ();
- if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
- //
- // Make sure VariableName is A Null-terminated string.
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- Status = VariableServiceGetVariable (
- SmmVariableHeader->Name,
- &SmmVariableHeader->Guid,
- &SmmVariableHeader->Attributes,
- &SmmVariableHeader->DataSize,
- (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize
- );
- CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize);
- break;
-
- case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME:
- if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
- DEBUG ((EFI_D_ERROR, "GetNextVariableName: SMM communication buffer size invalid!\n"));
- return EFI_SUCCESS;
- }
- //
- // Copy the input communicate buffer payload to pre-allocated SMM variable buffer payload.
- //
- CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data, CommBufferPayloadSize);
- GetNextVariableName = (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *) mVariableBufferPayload;
- if ((UINTN)(~0) - GetNextVariableName->NameSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
- //
- // Prevent InfoSize overflow happen
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
- InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name) + GetNextVariableName->NameSize;
-
- //
- // SMRAM range check already covered before
- //
- if (InfoSize > CommBufferPayloadSize) {
- DEBUG ((EFI_D_ERROR, "GetNextVariableName: Data size exceed communication buffer size limit!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- NameBufferSize = CommBufferPayloadSize - OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name);
- if (NameBufferSize < sizeof (CHAR16) || GetNextVariableName->Name[NameBufferSize/sizeof (CHAR16) - 1] != L'\0') {
- //
- // Make sure input VariableName is A Null-terminated string.
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- Status = VariableServiceGetNextVariableName (
- &GetNextVariableName->NameSize,
- GetNextVariableName->Name,
- &GetNextVariableName->Guid
- );
- CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload, CommBufferPayloadSize);
- break;
-
case SMM_VARIABLE_FUNCTION_SET_VARIABLE:
if (CommBufferPayloadSize < OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
DEBUG ((EFI_D_ERROR, "SetVariable: SMM communication buffer size invalid!\n"));
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
` (4 preceding siblings ...)
2019-09-26 4:50 ` [PATCH V1 5/5] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Kubacki, Michael A
@ 2019-09-26 18:23 ` Laszlo Ersek
2019-09-26 20:29 ` Kubacki, Michael A
5 siblings, 1 reply; 13+ messages in thread
From: Laszlo Ersek @ 2019-09-26 18:23 UTC (permalink / raw)
To: Michael Kubacki, devel
Cc: Dandan Bi, Ard Biesheuvel, Eric Dong, Liming Gao,
Michael D Kinney, Ray Ni, Jian J Wang, Hao A Wu, Jiewen Yao
Hello Michael,
On 09/26/19 06:50, Michael Kubacki wrote:
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
>
> Overview
> ---------
> This patch series reduces SMM usage when using VariableSmmRuntimeDxe with
> VariableSmm. It does so by eliminating SMM usage for runtime service
> GetVariable () and GetNextVariableName () invocations. Most UEFI variable
> usage in typical systems after the variable store is initialized
> (e.g. manufacturing boots) is due to GetVariable ( ) and
> GetNextVariableName () not SetVariable (). GetVariable () calls can regularly
> exceed 100 per boot while SetVariable () calls typically remain less than 10
> per boot. By focusing on the common case, the majority of overhead associated
> with SMM can be avoided while still using existing and proven code for
> operations such as variable authentication that require an isolated execution
> environment.
>
> * Advantage: Reduces overall system SMM usage
> * Disadvantage: Requires more Runtime data memory usage
In a perfect world, I would carefully scrutinize this patch set, and
respond with comments. In the real world, I have hardly enough time to
read the blurb :/ So I'll have to defer to the other reviewers on this
patch.
I'd like to spell out another "disadvantage" however. Admittedly it's
quite a corner case.
The disadvantage in my case is that, by eliminating SMM from variable
*reads*, OVMF will lose its simplest method to exercise the SMM driver
stack. Namely, right now, if you boot OVMF (built with -D SMM_REQUIRE),
and at root prompt in the Linux guest, you run:
# taskset -c 0 efibootmgr
# taskset -c 1 efibootmgr
then you very easily test the SMM machinery (through Boot####,
BootOrder, BootNext variable *reads*).
In addition, the "taskset" commands above force the guest Linux kernel
to initiate the GetVariable runtime service call -- and therefore
entering SMM -- on CPU#0 (BSP) vs. CPU#1 (AP).
This difference (that is, BSP vs. AP being used for the runtime service
call) used to expose *extreme* timing and stability differences in the
edk2 SMM stack, dependent on the SMI delivery method used.
To this day, the above two commands remain part of our stock
regression-tests for the health of the SMM stack -- the commands are
executed in the guest OS both after normal boot, and after S3 resume.
https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with-QEMU,-KVM-and-libvirt#uefi-variable-access-test
Therefore, would it be possible to make the feature dependent on a new
FeaturePCD?
Or, if that would complicate the code too much, perhaps new module INF
files could be introduced (library instances, or even drivers) that a
platform could choose to select in DSC files, perhaps dependent on a -D
build flag. There could be a set of INF files for the current behavior,
and another set of INF files for the "read cache" behavior. And the
related C source files would not have to be littered with
if (FeaturePcdGet (...)) {
//
// read cache
//
} else {
//
// traditional behavior
//
}
Of course, with the read cache feature, SMM entry could still be forced
in OVMF through non-volatile variable *writes* -- but writes are not
without side-effects on the varstore, and they depend on extra
conditions relative to reads.
You mention "SMM cache" below, and I'm not entirely clear when exactly
that would be used, in favor of the "runtime cache". It seems that the
"SMM cache" would primarily serve SMM callers. If the FeaturePCD could
be used for forcing the use of "SMM cache" for the normal GetVariable
runtime service too, I think that might cover my use case. I don't need
GetVariable to access flash, i.e. caching per se is fine; I'd just need
GetVariable to continue exercising the SMM stack *in OVMF* -- even if
that path is slower than desirable, for physical platforms.
Thanks!
Laszlo
> Initial Performance Observations
> ---------------------------------
> * With these proposed changes, an Intel Atom based SoC saw GetVariable ( )
> time for an existing variable reduce from ~220us to ~5us.
>
> Major Changes
> --------------
> 1. Two UEFI variable caches will be maintained.
> a. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used to serve
> runtime service GetVariable () and GetNextVariableName () callers.
> b. "SMM cache" - Maintained in VariableSmm to service SMM GetVariable ()
> and GetNextVariableName () callers.
> i. A cache in SMRAM is retained so SMM modules do not operate on data
> outside SMRAM.
> 2. A new UEFI variable read and write flow will be used as described below.
>
> At any given time, the two caches would be coherent. On a variable write, the
> runtime cache is only updated after validation in SMM and, in the case of a
> non-volatile UEFI variable, the variable must also be successfully written to
> non-volatile storage.
>
> Prior RFC Feedback Addressed
> -----------------------------
> RFC sent Sept. 5, 2019: https://edk2.groups.io/g/devel/message/46939
>
> 1. UEFI variable data retrieval from a ring 0 buffer
>
> A common concern with this proposed set of changes is the potential security
> threat presented by serving runtime services callers from a ring 0 memory
> buffer of EfiRuntimeServicesData type. This conclusion was that this change
> does not fundamentally alter the attack surface. The UEFI variable Runtime
> Services are invoked from ring 0 and the data already travels through ring
> 0 buffers (such as the SMM communicate buffer) to reach the caller. Even
> today if ring 0 is assumed to be malicious, the malicious code may keep one
> AP in a loop to monitor the communication data, when the BSP gets an
> (authenticated) variable. When the communication buffer is updated and the
> status is set to EFI_SUCCESS, the AP may modify the communication buffer
> contents such the tampered data is returned to the BSP caller. Or an
> interrupt handler on the BSP may alter the communication buffer contents
> before the data is returned to the caller. In summary, this was not found to
> introduce any attack not possible today.
>
> 2. VarCheckLib impact
>
> VarCheckLib plays a role in SetVariable () calls. This patch series only
> changes GetVariable () behavior. Therefore, VarCheckLib is expected to
> have no impact due to these changes.
>
> Testing Performed
> ------------------
> This code was tested with the master branch of edk2 on an Intel Kaby Lake U
> Intel Whiskey Lake U reference validation platform. The set of tests performed
> included:
>
> 1. Boot from S5 to Windows 10 OS with SMM variables enabled.
> 2. Boot from S5 to Ubuntu 18.04.1 LTS with SMM variable enabled.
> 3. Boot from S5 to EFI shell with DXE variables enabled.
> 4. Dump UEFI variable store at shell with dmpstore to verify contents.
> 5. Dump NvStorage FV from SPI flash after boot to verify contents written.
> 6. Dump UEFI variable statistics with VariableInfo at shell.
> 7. Boot with emulated variables enabled.
> 8. Cycles of adding and deleting a UEFI variable to verify cache results.
> 9. Set OsIndications to stop at FW UI to verify cache load of non-volatile
> contents.
>
> Why Keep SMM on Variable Writes
> --------------------------------
> * SMM provides a ubiquitous isolated execution environment in x86 for
> authenticated UEFI variables.
> * BIOS region SPI flash write restrictions to SMM in platforms today can
> be retained.
>
> Today's UEFI Variable Cache (for reference)
> --------------------------------------------
> * Maintained in SMRAM via VariableSmm.
> * A "write-through" cache of variable data in the form of a UEFI variable
> store.
> * Non-volatile and volatile variables are maintained in separate buffers
> (variable stores).
>
> Runtime & SMM Cache Coherency
> ------------------------------
> The non-volatile cache should always accurately reflect non-volatile storage
> contents (done today) and the "SMM cache" and "Runtime cache" should always be
> coherent on access. The runtime cache is updated by VariableSmm.
>
> Updating both caches from within a SMM SetVariable () operation is fairly
> straightforward but a race condition can occur if an SMI occurs during the
> execution of runtime code reading from the runtime cache. To handle this case,
> a runtime cache read lock is introduced that explicitly moves pending updates
> from SMM to the runtime cache if an SMM update occurs while the runtime cache
> is locked. Note that it is not expected a Runtime services call will interrupt
> SMM processing since all CPU cores rendezvous in SMM.
>
> New Key Elements for Coherence
> -------------------------------
> Runtime DXE (VariableSmmRuntimeDxe)
> 1. RuntimeCacheReadLock - A global lock used to lock read access to the
> runtime cache.
> 2. RuntimeCachePendingUpdate - A global flag used to notify runtime code of a
> pending cache update in SMM.
>
> SMM (VariableSmm)
> 1. FlushRuntimeCachePendingUpdate SMI - A SW SMI handler that synchronizes
> the runtime cache buffer with the SMM
> cache buffer.
>
> Proposed Runtime DXE Read Flow
> -------------------------------
> 1. Wait for RuntimeCacheReadLock to be free
> 2. Acquire RuntimeCacheReadLock
> 3. If RuntimeCachePendingUpdate flag (rare) is set then:
> 3.a. Trigger FlushRuntimeCachePendingUpdate SMI
> 3.b. Verify RuntimeCachePendingUpdate flag is cleared
> 4. Perform read from RuntimeCache
> 5. Release RuntimeCacheReadLock
>
> Proposed FlushRuntimeCachePendingUpdate SMI
> --------------------------------------------
> 1. If RuntimeCachePendingUpdate flag is not set:
> 1.a. Return
> 2. Copy the data at RuntimeCachePendingOffset of RuntimeCachePendingLength to
> RuntimeCache
> 3. Clear the RuntimeCachePendingUpdate flag
>
> Proposed SMM Write Flow
> ------------------------
> 1. Perform variable authentication and non-volatile write. If either fail,
> return an error to the caller.
> 2. If RuntimeCacheReadLock is set then:
> 2.a. Set RuntimeCachePendingUpdate flag
> 2.b. Update RuntimeCachePendingOffset and RuntimeCachePendingLength to
> cover the a superset of the pending chunk (for simplicity, the
> entire variable store is currently synchronized).
> 3. Else:
> 3.a. Update RuntimeCache
> 4. Update SmmCache
> - Note: RT read cannot occur during SMI processing since all cores are
> locked in SMM.
>
> Cc: Dandan Bi <dandan.bi@intel.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
>
> Michael Kubacki (5):
> MdeModulePkg/Variable: Consolidate common parsing functions
> MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
> MdeModulePkg/Variable: Add RT GetVariable() cache support
> MdeModulePkg/Variable: Add RT GetNextVariableName() cache support
> MdeModulePkg/VariableSmm: Remove unused SMI handler functions
>
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf | 6 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 6 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 32 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf | 11 +
> MdeModulePkg/Include/Guid/SmmVariableCommon.h | 33 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 158 +---
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h | 25 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h | 342 ++++++++
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h | 47 ++
> MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 828 ++------------------
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c | 11 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c | 28 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 816 +++++++++++++++++++
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c | 153 ++++
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 213 +++--
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 726 +++++++++++++----
> 17 files changed, 2298 insertions(+), 1174 deletions(-)
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
2019-09-26 18:23 ` [PATCH V1 0/5] UEFI Variable SMI Reduction Laszlo Ersek
@ 2019-09-26 20:29 ` Kubacki, Michael A
2019-09-26 22:35 ` Kubacki, Michael A
0 siblings, 1 reply; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 20:29 UTC (permalink / raw)
To: Laszlo Ersek, devel@edk2.groups.io
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Wu, Hao A, Yao, Jiewen
Hi Laszlo,
In short, it would not complicate the code beyond a reasonable level to support the runtime cache with a FeaturePCD.
I had considered this but dismissed it with lack of a practical use case (which you provided) that could justify adding another configuration option to the variable driver. The SMM communication buffer preparation code and SMI handler code for GetVariable () and GetNextVariableName () would have to be added back which I'd prefer eliminating maintenance of if possible.
The SMM cache is used to serve SMM callers.
Do others have an opinion or suggestion? If not, I'll proceed with adding a FeaturePCD.
Thanks,
Michael
> -----Original Message-----
> From: Laszlo Ersek <lersek@redhat.com>
> Sent: Thursday, September 26, 2019 11:24 AM
> To: Kubacki, Michael A <michael.a.kubacki@intel.com>;
> devel@edk2.groups.io
> Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Gao, Liming
> <liming.gao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>;
> Ni, Ray <ray.ni@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao
> A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
>
> Hello Michael,
>
> On 09/26/19 06:50, Michael Kubacki wrote:
> > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
> >
> > Overview
> > ---------
> > This patch series reduces SMM usage when using
> VariableSmmRuntimeDxe
> > with VariableSmm. It does so by eliminating SMM usage for runtime
> > service GetVariable () and GetNextVariableName () invocations. Most
> > UEFI variable usage in typical systems after the variable store is
> > initialized (e.g. manufacturing boots) is due to GetVariable ( ) and
> > GetNextVariableName () not SetVariable (). GetVariable () calls can
> > regularly exceed 100 per boot while SetVariable () calls typically
> > remain less than 10 per boot. By focusing on the common case, the
> > majority of overhead associated with SMM can be avoided while still
> > using existing and proven code for operations such as variable
> > authentication that require an isolated execution environment.
> >
> > * Advantage: Reduces overall system SMM usage
> > * Disadvantage: Requires more Runtime data memory usage
>
> In a perfect world, I would carefully scrutinize this patch set, and respond
> with comments. In the real world, I have hardly enough time to read the
> blurb :/ So I'll have to defer to the other reviewers on this patch.
>
> I'd like to spell out another "disadvantage" however. Admittedly it's quite a
> corner case.
>
> The disadvantage in my case is that, by eliminating SMM from variable
> *reads*, OVMF will lose its simplest method to exercise the SMM driver
> stack. Namely, right now, if you boot OVMF (built with -D SMM_REQUIRE),
> and at root prompt in the Linux guest, you run:
>
> # taskset -c 0 efibootmgr
> # taskset -c 1 efibootmgr
>
> then you very easily test the SMM machinery (through Boot####,
> BootOrder, BootNext variable *reads*).
>
> In addition, the "taskset" commands above force the guest Linux kernel to
> initiate the GetVariable runtime service call -- and therefore entering SMM --
> on CPU#0 (BSP) vs. CPU#1 (AP).
>
> This difference (that is, BSP vs. AP being used for the runtime service
> call) used to expose *extreme* timing and stability differences in the
> edk2 SMM stack, dependent on the SMI delivery method used.
>
> To this day, the above two commands remain part of our stock regression-
> tests for the health of the SMM stack -- the commands are executed in the
> guest OS both after normal boot, and after S3 resume.
>
> https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with-
> QEMU,-KVM-and-libvirt#uefi-variable-access-test
>
> Therefore, would it be possible to make the feature dependent on a new
> FeaturePCD?
>
> Or, if that would complicate the code too much, perhaps new module INF
> files could be introduced (library instances, or even drivers) that a platform
> could choose to select in DSC files, perhaps dependent on a -D build flag.
> There could be a set of INF files for the current behavior, and another set of
> INF files for the "read cache" behavior. And the related C source files would
> not have to be littered with
>
> if (FeaturePcdGet (...)) {
> //
> // read cache
> //
> } else {
> //
> // traditional behavior
> //
> }
>
> Of course, with the read cache feature, SMM entry could still be forced in
> OVMF through non-volatile variable *writes* -- but writes are not without
> side-effects on the varstore, and they depend on extra conditions relative to
> reads.
>
> You mention "SMM cache" below, and I'm not entirely clear when exactly
> that would be used, in favor of the "runtime cache". It seems that the "SMM
> cache" would primarily serve SMM callers. If the FeaturePCD could be used
> for forcing the use of "SMM cache" for the normal GetVariable runtime
> service too, I think that might cover my use case. I don't need GetVariable to
> access flash, i.e. caching per se is fine; I'd just need GetVariable to continue
> exercising the SMM stack *in OVMF* -- even if that path is slower than
> desirable, for physical platforms.
>
> Thanks!
> Laszlo
>
> > Initial Performance Observations
> > ---------------------------------
> > * With these proposed changes, an Intel Atom based SoC saw GetVariable
> ( )
> > time for an existing variable reduce from ~220us to ~5us.
> >
> > Major Changes
> > --------------
> > 1. Two UEFI variable caches will be maintained.
> > a. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used to
> serve
> > runtime service GetVariable () and GetNextVariableName () callers.
> > b. "SMM cache" - Maintained in VariableSmm to service SMM
> GetVariable ()
> > and GetNextVariableName () callers.
> > i. A cache in SMRAM is retained so SMM modules do not operate on
> data
> > outside SMRAM.
> > 2. A new UEFI variable read and write flow will be used as described below.
> >
> > At any given time, the two caches would be coherent. On a variable
> > write, the runtime cache is only updated after validation in SMM and,
> > in the case of a non-volatile UEFI variable, the variable must also be
> > successfully written to non-volatile storage.
> >
> > Prior RFC Feedback Addressed
> > -----------------------------
> > RFC sent Sept. 5, 2019: https://edk2.groups.io/g/devel/message/46939
> >
> > 1. UEFI variable data retrieval from a ring 0 buffer
> >
> > A common concern with this proposed set of changes is the potential
> security
> > threat presented by serving runtime services callers from a ring 0 memory
> > buffer of EfiRuntimeServicesData type. This conclusion was that this
> change
> > does not fundamentally alter the attack surface. The UEFI variable
> Runtime
> > Services are invoked from ring 0 and the data already travels through ring
> > 0 buffers (such as the SMM communicate buffer) to reach the caller. Even
> > today if ring 0 is assumed to be malicious, the malicious code may keep
> one
> > AP in a loop to monitor the communication data, when the BSP gets an
> > (authenticated) variable. When the communication buffer is updated and
> the
> > status is set to EFI_SUCCESS, the AP may modify the communication
> buffer
> > contents such the tampered data is returned to the BSP caller. Or an
> > interrupt handler on the BSP may alter the communication buffer
> contents
> > before the data is returned to the caller. In summary, this was not found
> to
> > introduce any attack not possible today.
> >
> > 2. VarCheckLib impact
> >
> > VarCheckLib plays a role in SetVariable () calls. This patch series only
> > changes GetVariable () behavior. Therefore, VarCheckLib is expected to
> > have no impact due to these changes.
> >
> > Testing Performed
> > ------------------
> > This code was tested with the master branch of edk2 on an Intel Kaby
> > Lake U Intel Whiskey Lake U reference validation platform. The set of
> > tests performed
> > included:
> >
> > 1. Boot from S5 to Windows 10 OS with SMM variables enabled.
> > 2. Boot from S5 to Ubuntu 18.04.1 LTS with SMM variable enabled.
> > 3. Boot from S5 to EFI shell with DXE variables enabled.
> > 4. Dump UEFI variable store at shell with dmpstore to verify contents.
> > 5. Dump NvStorage FV from SPI flash after boot to verify contents written.
> > 6. Dump UEFI variable statistics with VariableInfo at shell.
> > 7. Boot with emulated variables enabled.
> > 8. Cycles of adding and deleting a UEFI variable to verify cache results.
> > 9. Set OsIndications to stop at FW UI to verify cache load of non-volatile
> > contents.
> >
> > Why Keep SMM on Variable Writes
> > --------------------------------
> > * SMM provides a ubiquitous isolated execution environment in x86 for
> > authenticated UEFI variables.
> > * BIOS region SPI flash write restrictions to SMM in platforms today can
> > be retained.
> >
> > Today's UEFI Variable Cache (for reference)
> > --------------------------------------------
> > * Maintained in SMRAM via VariableSmm.
> > * A "write-through" cache of variable data in the form of a UEFI variable
> > store.
> > * Non-volatile and volatile variables are maintained in separate buffers
> > (variable stores).
> >
> > Runtime & SMM Cache Coherency
> > ------------------------------
> > The non-volatile cache should always accurately reflect non-volatile
> > storage contents (done today) and the "SMM cache" and "Runtime cache"
> > should always be coherent on access. The runtime cache is updated by
> VariableSmm.
> >
> > Updating both caches from within a SMM SetVariable () operation is
> > fairly straightforward but a race condition can occur if an SMI occurs
> > during the execution of runtime code reading from the runtime cache.
> > To handle this case, a runtime cache read lock is introduced that
> > explicitly moves pending updates from SMM to the runtime cache if an
> > SMM update occurs while the runtime cache is locked. Note that it is
> > not expected a Runtime services call will interrupt SMM processing since all
> CPU cores rendezvous in SMM.
> >
> > New Key Elements for Coherence
> > -------------------------------
> > Runtime DXE (VariableSmmRuntimeDxe)
> > 1. RuntimeCacheReadLock - A global lock used to lock read access to the
> > runtime cache.
> > 2. RuntimeCachePendingUpdate - A global flag used to notify runtime code
> of a
> > pending cache update in SMM.
> >
> > SMM (VariableSmm)
> > 1. FlushRuntimeCachePendingUpdate SMI - A SW SMI handler that
> synchronizes
> > the runtime cache buffer with the SMM
> > cache buffer.
> >
> > Proposed Runtime DXE Read Flow
> > -------------------------------
> > 1. Wait for RuntimeCacheReadLock to be free 2. Acquire
> > RuntimeCacheReadLock 3. If RuntimeCachePendingUpdate flag (rare) is
> > set then:
> > 3.a. Trigger FlushRuntimeCachePendingUpdate SMI
> > 3.b. Verify RuntimeCachePendingUpdate flag is cleared 4. Perform
> > read from RuntimeCache 5. Release RuntimeCacheReadLock
> >
> > Proposed FlushRuntimeCachePendingUpdate SMI
> > --------------------------------------------
> > 1. If RuntimeCachePendingUpdate flag is not set:
> > 1.a. Return
> > 2. Copy the data at RuntimeCachePendingOffset of
> RuntimeCachePendingLength to
> > RuntimeCache
> > 3. Clear the RuntimeCachePendingUpdate flag
> >
> > Proposed SMM Write Flow
> > ------------------------
> > 1. Perform variable authentication and non-volatile write. If either fail,
> > return an error to the caller.
> > 2. If RuntimeCacheReadLock is set then:
> > 2.a. Set RuntimeCachePendingUpdate flag
> > 2.b. Update RuntimeCachePendingOffset and
> RuntimeCachePendingLength to
> > cover the a superset of the pending chunk (for simplicity, the
> > entire variable store is currently synchronized).
> > 3. Else:
> > 3.a. Update RuntimeCache
> > 4. Update SmmCache
> > - Note: RT read cannot occur during SMI processing since all cores are
> > locked in SMM.
> >
> > Cc: Dandan Bi <dandan.bi@intel.com>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Cc: Eric Dong <eric.dong@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao A Wu <hao.a.wu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> >
> > Michael Kubacki (5):
> > MdeModulePkg/Variable: Consolidate common parsing functions
> > MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
> > MdeModulePkg/Variable: Add RT GetVariable() cache support
> > MdeModulePkg/Variable: Add RT GetNextVariableName() cache support
> > MdeModulePkg/VariableSmm: Remove unused SMI handler functions
> >
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> | 6 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf |
> 6 +
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
> nf
> > | 32 +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> | 11 +
> > MdeModulePkg/Include/Guid/SmmVariableCommon.h | 33 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 158
> +---
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> | 25 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h |
> 342 ++++++++
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
> | 47 ++
> > MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 828
> ++------------------
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c |
> 11 +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> | 28 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c |
> 816 +++++++++++++++++++
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
> | 153 ++++
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c |
> 213 +++--
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
> c | 726 +++++++++++++----
> > 17 files changed, 2298 insertions(+), 1174 deletions(-) create mode
> > 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > create mode 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > create mode 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
> > create mode 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > create mode 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > create mode 100644
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
> >
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
2019-09-26 20:29 ` Kubacki, Michael A
@ 2019-09-26 22:35 ` Kubacki, Michael A
2019-09-30 22:43 ` Laszlo Ersek
0 siblings, 1 reply; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-26 22:35 UTC (permalink / raw)
To: Laszlo Ersek, devel@edk2.groups.io
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Wu, Hao A, Yao, Jiewen
After thinking a bit more, this test is based on a side effect of implementation. I'd prefer to avoid this being the sole cause of additional complexity in an already complex driver. Are one of these two options acceptable?
1. Use the Runtime Services QueryVariableInfo () API
In this patch series, this is still implemented to trigger an SMI as invocations occur very rarely outside mainstream GetVariable () and GetNextVariableName () usage so performance is not a major concern. This allows it to continue to use the validated path to the converged implementation in Variable.c
2. Include a SMM driver in OVMF specifically for exercising the edk2 SMM flow.
A SMM driver in OVMF (included if SMM_REQUIRE is TRUE) could register a handler that simply returns or has something like a fixed 1ms delay.
Thanks,
Michael
> -----Original Message-----
> From: Kubacki, Michael A
> Sent: Thursday, September 26, 2019 1:29 PM
> To: Laszlo Ersek <lersek@redhat.com>; devel@edk2.groups.io
> Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Gao, Liming
> <liming.gao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>;
> Ni, Ray <ray.ni@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao
> A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: RE: [PATCH V1 0/5] UEFI Variable SMI Reduction
>
> Hi Laszlo,
>
> In short, it would not complicate the code beyond a reasonable level to
> support the runtime cache with a FeaturePCD.
>
> I had considered this but dismissed it with lack of a practical use case (which
> you provided) that could justify adding another configuration option to the
> variable driver. The SMM communication buffer preparation code and SMI
> handler code for GetVariable () and GetNextVariableName () would have to
> be added back which I'd prefer eliminating maintenance of if possible.
>
> The SMM cache is used to serve SMM callers.
>
> Do others have an opinion or suggestion? If not, I'll proceed with adding a
> FeaturePCD.
>
> Thanks,
> Michael
>
> > -----Original Message-----
> > From: Laszlo Ersek <lersek@redhat.com>
> > Sent: Thursday, September 26, 2019 11:24 AM
> > To: Kubacki, Michael A <michael.a.kubacki@intel.com>;
> > devel@edk2.groups.io
> > Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
> > <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Gao,
> > Liming <liming.gao@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Ni, Ray <ray.ni@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Yao, Jiewen
> > <jiewen.yao@intel.com>
> > Subject: Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
> >
> > Hello Michael,
> >
> > On 09/26/19 06:50, Michael Kubacki wrote:
> > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
> > >
> > > Overview
> > > ---------
> > > This patch series reduces SMM usage when using
> > VariableSmmRuntimeDxe
> > > with VariableSmm. It does so by eliminating SMM usage for runtime
> > > service GetVariable () and GetNextVariableName () invocations. Most
> > > UEFI variable usage in typical systems after the variable store is
> > > initialized (e.g. manufacturing boots) is due to GetVariable ( ) and
> > > GetNextVariableName () not SetVariable (). GetVariable () calls can
> > > regularly exceed 100 per boot while SetVariable () calls typically
> > > remain less than 10 per boot. By focusing on the common case, the
> > > majority of overhead associated with SMM can be avoided while still
> > > using existing and proven code for operations such as variable
> > > authentication that require an isolated execution environment.
> > >
> > > * Advantage: Reduces overall system SMM usage
> > > * Disadvantage: Requires more Runtime data memory usage
> >
> > In a perfect world, I would carefully scrutinize this patch set, and
> > respond with comments. In the real world, I have hardly enough time to
> > read the blurb :/ So I'll have to defer to the other reviewers on this patch.
> >
> > I'd like to spell out another "disadvantage" however. Admittedly it's
> > quite a corner case.
> >
> > The disadvantage in my case is that, by eliminating SMM from variable
> > *reads*, OVMF will lose its simplest method to exercise the SMM driver
> > stack. Namely, right now, if you boot OVMF (built with -D
> > SMM_REQUIRE), and at root prompt in the Linux guest, you run:
> >
> > # taskset -c 0 efibootmgr
> > # taskset -c 1 efibootmgr
> >
> > then you very easily test the SMM machinery (through Boot####,
> > BootOrder, BootNext variable *reads*).
> >
> > In addition, the "taskset" commands above force the guest Linux kernel
> > to initiate the GetVariable runtime service call -- and therefore
> > entering SMM -- on CPU#0 (BSP) vs. CPU#1 (AP).
> >
> > This difference (that is, BSP vs. AP being used for the runtime
> > service
> > call) used to expose *extreme* timing and stability differences in the
> > edk2 SMM stack, dependent on the SMI delivery method used.
> >
> > To this day, the above two commands remain part of our stock
> > regression- tests for the health of the SMM stack -- the commands are
> > executed in the guest OS both after normal boot, and after S3 resume.
> >
> > https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with
> > - QEMU,-KVM-and-libvirt#uefi-variable-access-test
> >
> > Therefore, would it be possible to make the feature dependent on a new
> > FeaturePCD?
> >
> > Or, if that would complicate the code too much, perhaps new module INF
> > files could be introduced (library instances, or even drivers) that a
> > platform could choose to select in DSC files, perhaps dependent on a -D
> build flag.
> > There could be a set of INF files for the current behavior, and
> > another set of INF files for the "read cache" behavior. And the
> > related C source files would not have to be littered with
> >
> > if (FeaturePcdGet (...)) {
> > //
> > // read cache
> > //
> > } else {
> > //
> > // traditional behavior
> > //
> > }
> >
> > Of course, with the read cache feature, SMM entry could still be
> > forced in OVMF through non-volatile variable *writes* -- but writes
> > are not without side-effects on the varstore, and they depend on extra
> > conditions relative to reads.
> >
> > You mention "SMM cache" below, and I'm not entirely clear when exactly
> > that would be used, in favor of the "runtime cache". It seems that the
> > "SMM cache" would primarily serve SMM callers. If the FeaturePCD could
> > be used for forcing the use of "SMM cache" for the normal GetVariable
> > runtime service too, I think that might cover my use case. I don't
> > need GetVariable to access flash, i.e. caching per se is fine; I'd
> > just need GetVariable to continue exercising the SMM stack *in OVMF*
> > -- even if that path is slower than desirable, for physical platforms.
> >
> > Thanks!
> > Laszlo
> >
> > > Initial Performance Observations
> > > ---------------------------------
> > > * With these proposed changes, an Intel Atom based SoC saw
> > > GetVariable
> > ( )
> > > time for an existing variable reduce from ~220us to ~5us.
> > >
> > > Major Changes
> > > --------------
> > > 1. Two UEFI variable caches will be maintained.
> > > a. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used
> > > to
> > serve
> > > runtime service GetVariable () and GetNextVariableName () callers.
> > > b. "SMM cache" - Maintained in VariableSmm to service SMM
> > GetVariable ()
> > > and GetNextVariableName () callers.
> > > i. A cache in SMRAM is retained so SMM modules do not
> > > operate on
> > data
> > > outside SMRAM.
> > > 2. A new UEFI variable read and write flow will be used as described
> below.
> > >
> > > At any given time, the two caches would be coherent. On a variable
> > > write, the runtime cache is only updated after validation in SMM
> > > and, in the case of a non-volatile UEFI variable, the variable must
> > > also be successfully written to non-volatile storage.
> > >
> > > Prior RFC Feedback Addressed
> > > -----------------------------
> > > RFC sent Sept. 5, 2019: https://edk2.groups.io/g/devel/message/46939
> > >
> > > 1. UEFI variable data retrieval from a ring 0 buffer
> > >
> > > A common concern with this proposed set of changes is the
> > > potential
> > security
> > > threat presented by serving runtime services callers from a ring 0
> memory
> > > buffer of EfiRuntimeServicesData type. This conclusion was that
> > > this
> > change
> > > does not fundamentally alter the attack surface. The UEFI
> > > variable
> > Runtime
> > > Services are invoked from ring 0 and the data already travels through
> ring
> > > 0 buffers (such as the SMM communicate buffer) to reach the caller.
> Even
> > > today if ring 0 is assumed to be malicious, the malicious code
> > > may keep
> > one
> > > AP in a loop to monitor the communication data, when the BSP gets an
> > > (authenticated) variable. When the communication buffer is
> > > updated and
> > the
> > > status is set to EFI_SUCCESS, the AP may modify the communication
> > buffer
> > > contents such the tampered data is returned to the BSP caller. Or an
> > > interrupt handler on the BSP may alter the communication buffer
> > contents
> > > before the data is returned to the caller. In summary, this was
> > > not found
> > to
> > > introduce any attack not possible today.
> > >
> > > 2. VarCheckLib impact
> > >
> > > VarCheckLib plays a role in SetVariable () calls. This patch series only
> > > changes GetVariable () behavior. Therefore, VarCheckLib is expected to
> > > have no impact due to these changes.
> > >
> > > Testing Performed
> > > ------------------
> > > This code was tested with the master branch of edk2 on an Intel Kaby
> > > Lake U Intel Whiskey Lake U reference validation platform. The set
> > > of tests performed
> > > included:
> > >
> > > 1. Boot from S5 to Windows 10 OS with SMM variables enabled.
> > > 2. Boot from S5 to Ubuntu 18.04.1 LTS with SMM variable enabled.
> > > 3. Boot from S5 to EFI shell with DXE variables enabled.
> > > 4. Dump UEFI variable store at shell with dmpstore to verify contents.
> > > 5. Dump NvStorage FV from SPI flash after boot to verify contents
> written.
> > > 6. Dump UEFI variable statistics with VariableInfo at shell.
> > > 7. Boot with emulated variables enabled.
> > > 8. Cycles of adding and deleting a UEFI variable to verify cache results.
> > > 9. Set OsIndications to stop at FW UI to verify cache load of non-volatile
> > > contents.
> > >
> > > Why Keep SMM on Variable Writes
> > > --------------------------------
> > > * SMM provides a ubiquitous isolated execution environment in x86 for
> > > authenticated UEFI variables.
> > > * BIOS region SPI flash write restrictions to SMM in platforms today can
> > > be retained.
> > >
> > > Today's UEFI Variable Cache (for reference)
> > > --------------------------------------------
> > > * Maintained in SMRAM via VariableSmm.
> > > * A "write-through" cache of variable data in the form of a UEFI variable
> > > store.
> > > * Non-volatile and volatile variables are maintained in separate buffers
> > > (variable stores).
> > >
> > > Runtime & SMM Cache Coherency
> > > ------------------------------
> > > The non-volatile cache should always accurately reflect non-volatile
> > > storage contents (done today) and the "SMM cache" and "Runtime
> cache"
> > > should always be coherent on access. The runtime cache is updated by
> > VariableSmm.
> > >
> > > Updating both caches from within a SMM SetVariable () operation is
> > > fairly straightforward but a race condition can occur if an SMI
> > > occurs during the execution of runtime code reading from the runtime
> cache.
> > > To handle this case, a runtime cache read lock is introduced that
> > > explicitly moves pending updates from SMM to the runtime cache if an
> > > SMM update occurs while the runtime cache is locked. Note that it is
> > > not expected a Runtime services call will interrupt SMM processing
> > > since all
> > CPU cores rendezvous in SMM.
> > >
> > > New Key Elements for Coherence
> > > -------------------------------
> > > Runtime DXE (VariableSmmRuntimeDxe)
> > > 1. RuntimeCacheReadLock - A global lock used to lock read access to the
> > > runtime cache.
> > > 2. RuntimeCachePendingUpdate - A global flag used to notify runtime
> > > code
> > of a
> > > pending cache update in SMM.
> > >
> > > SMM (VariableSmm)
> > > 1. FlushRuntimeCachePendingUpdate SMI - A SW SMI handler that
> > synchronizes
> > > the runtime cache buffer with the SMM
> > > cache buffer.
> > >
> > > Proposed Runtime DXE Read Flow
> > > -------------------------------
> > > 1. Wait for RuntimeCacheReadLock to be free 2. Acquire
> > > RuntimeCacheReadLock 3. If RuntimeCachePendingUpdate flag (rare) is
> > > set then:
> > > 3.a. Trigger FlushRuntimeCachePendingUpdate SMI
> > > 3.b. Verify RuntimeCachePendingUpdate flag is cleared 4.
> > > Perform read from RuntimeCache 5. Release RuntimeCacheReadLock
> > >
> > > Proposed FlushRuntimeCachePendingUpdate SMI
> > > --------------------------------------------
> > > 1. If RuntimeCachePendingUpdate flag is not set:
> > > 1.a. Return
> > > 2. Copy the data at RuntimeCachePendingOffset of
> > RuntimeCachePendingLength to
> > > RuntimeCache
> > > 3. Clear the RuntimeCachePendingUpdate flag
> > >
> > > Proposed SMM Write Flow
> > > ------------------------
> > > 1. Perform variable authentication and non-volatile write. If either fail,
> > > return an error to the caller.
> > > 2. If RuntimeCacheReadLock is set then:
> > > 2.a. Set RuntimeCachePendingUpdate flag
> > > 2.b. Update RuntimeCachePendingOffset and
> > RuntimeCachePendingLength to
> > > cover the a superset of the pending chunk (for simplicity, the
> > > entire variable store is currently synchronized).
> > > 3. Else:
> > > 3.a. Update RuntimeCache
> > > 4. Update SmmCache
> > > - Note: RT read cannot occur during SMI processing since all cores are
> > > locked in SMM.
> > >
> > > Cc: Dandan Bi <dandan.bi@intel.com>
> > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > Cc: Eric Dong <eric.dong@intel.com>
> > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > Cc: Liming Gao <liming.gao@intel.com>
> > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > Cc: Ray Ni <ray.ni@intel.com>
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Hao A Wu <hao.a.wu@intel.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> > >
> > > Michael Kubacki (5):
> > > MdeModulePkg/Variable: Consolidate common parsing functions
> > > MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
> > > MdeModulePkg/Variable: Add RT GetVariable() cache support
> > > MdeModulePkg/Variable: Add RT GetNextVariableName() cache
> support
> > > MdeModulePkg/VariableSmm: Remove unused SMI handler functions
> > >
> > >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > | 6 +
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> |
> > 6 +
> > >
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
> > nf
> > > | 32 +-
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> > | 11 +
> > > MdeModulePkg/Include/Guid/SmmVariableCommon.h | 33
> +-
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h |
> 158
> > +---
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > | 25 +
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> |
> > 342 ++++++++
> > >
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
> > | 47 ++
> > > MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 +-
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 828
> > ++------------------
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c |
> > 11 +-
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > | 28 +
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c |
> > 816 +++++++++++++++++++
> > >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
> > | 153 ++++
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c |
> > 213 +++--
> > >
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
> > c | 726 +++++++++++++----
> > > 17 files changed, 2298 insertions(+), 1174 deletions(-) create
> > > mode
> > > 100644
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > > create mode 100644
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > > create mode 100644
> > >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
> > > create mode 100644
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > > create mode 100644
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > > create mode 100644
> > >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
> > >
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions
2019-09-26 4:50 ` [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
@ 2019-09-27 8:17 ` Wu, Hao A
2019-09-27 17:31 ` Kubacki, Michael A
0 siblings, 1 reply; 13+ messages in thread
From: Wu, Hao A @ 2019-09-27 8:17 UTC (permalink / raw)
To: devel@edk2.groups.io, Kubacki, Michael A
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Laszlo Ersek, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Yao, Jiewen
> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Kubacki, Michael A
> Sent: Thursday, September 26, 2019 12:51 PM
> To: devel@edk2.groups.io
> Cc: Bi, Dandan; Ard Biesheuvel; Dong, Eric; Laszlo Ersek; Gao, Liming; Kinney,
> Michael D; Ni, Ray; Wang, Jian J; Wu, Hao A; Yao, Jiewen
> Subject: [edk2-devel] [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate
> common parsing functions
>
> This change moves the following functions into a dedicated file
> so they may be used in other variable files as needed. Furthermore,
> it reduces the overall size of the common Variable.c file.
>
> * DataSizeOfVariable ()
> * FindVariableEx ()
> * GetEndPointer ()
> * GetNextVariableEx ()
> * GetNextVariablePtr ()
> * GetStartPointer ()
> * GetVariableDataOffset ()
> * GetVariableDataPtr ()
> * GetVariableHeaderSize ()
> * GetVariableNamePtr ()
> * GetVariableStoreStatus ()
> * GetVendorGuidPtr ()
> * IsAuthenticatedVariable ()
> * IsValidVariableHeader ()
> * NameSizeOfVariable ()
> * SetDataSizeOfVariable ()
> * SetNameSizeOfVariable ()
> * UpdateVariableInfo ()
> * VariableCompareTimeStampInternal ()
Hello,
Some thoughts for this patch:
(Sorry for not being able to going through the whole series, and please grant
more time for the review of other patches.)
0. I would suggest this patch only changing the location for functions.
Modifications that might have functional impact need be separated to other
independent patches.
1. For UpdateVariableInfo(), I think it is still possible for file
VariableParsing.c to reference 'gVariableInfo'. The additional input parameter
can be drop, in my opinion.
2. It would be better for the removal of VariableServiceGetNextVariableInternal()
to be a separate patch.
3. Maybe the introduce of InitVariableHelpers() can be separated to another patch.
Also, I think variable 'mVariableModuleGlobal' can be referred in file
VariableParsing.c.
Is the intention of adding InitVariableHelpers() to reduce code length
from:
if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
to:
if (mAuthFormat) {
4. I am confused for the changes made in:
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
Originally, for VariableSmmRuntimeDxe.inf, the source code file includes:
[Sources]
VariableSmmRuntimeDxe.c
PrivilegePolymorphic.h
Measurement.c
The proposed patch only adds the below header inclusion:
#include "VariableParsing.h"
to file VariableSmmRuntimeDxe.c, which has no functional impact in my opinion.
Could you help to check whether changes made for VariableSmmRuntimeDxe is needed?
Best Regards,
Hao Wu
>
> Cc: Dandan Bi <dandan.bi@intel.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> ---
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> | 4 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf | 4
> +
>
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
> nf | 8 +-
>
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> | 9 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 119 ---
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h |
> 25 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h |
> 342 ++++++++
> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 784 +--
> ----------------
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c | 11
> +-
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c |
> 28 +
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c |
> 816 ++++++++++++++++++++
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 2
> +
>
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
> c | 3 +-
> 13 files changed, 1273 insertions(+), 882 deletions(-)
>
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> index 641376c9c5..08a5490787 100644
> ---
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> @@ -36,6 +36,10 @@
> Variable.c
> VariableDxe.c
> Variable.h
> + VariableNonVolatile.c
> + VariableNonVolatile.h
> + VariableParsing.c
> + VariableParsing.h
> PrivilegePolymorphic.h
> Measurement.c
> TcgMorLockDxe.c
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> index 0a160d269d..6dc2721b81 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> @@ -45,6 +45,10 @@
> Variable.c
> VariableTraditionalMm.c
> VariableSmm.c
> + VariableNonVolatile.c
> + VariableNonVolatile.h
> + VariableParsing.c
> + VariableParsing.h
> VarCheck.c
> Variable.h
> PrivilegePolymorphic.h
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.inf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.inf
> index 14894e6f13..1873b4fe43 100644
> ---
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.inf
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.inf
> @@ -13,7 +13,7 @@
> # may not be modified without authorization. If platform fails to protect
> these resources,
> # the authentication service provided in this driver will be broken, and the
> behavior is undefined.
> #
> -# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> # SPDX-License-Identifier: BSD-2-Clause-Patent
> #
> ##
> @@ -39,6 +39,9 @@
> VariableSmmRuntimeDxe.c
> PrivilegePolymorphic.h
> Measurement.c
> + Variable.h
> + VariableParsing.c
> + VariableParsing.h
>
> [Packages]
> MdePkg/MdePkg.dec
> @@ -65,6 +68,9 @@
> gEdkiiVariableLockProtocolGuid ## PRODUCES
> gEdkiiVarCheckProtocolGuid ## PRODUCES
>
> +[FeaturePcd]
> + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ##
> CONSUMES
> +
> [Guids]
> gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
> gEfiEventExitBootServicesGuid ## CONSUMES ## Event
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.i
> nf
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.
> inf
> index 21bc81163b..ca9d23ce9f 100644
> ---
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.i
> nf
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.
> inf
> @@ -45,6 +45,10 @@
> Variable.c
> VariableSmm.c
> VariableStandaloneMm.c
> + VariableNonVolatile.c
> + VariableNonVolatile.h
> + VariableParsing.c
> + VariableParsing.h
> VarCheck.c
> Variable.h
> PrivilegePolymorphic.h
> @@ -99,6 +103,11 @@
> ## SOMETIMES_PRODUCES ## Variable:L"Lang"
> gEfiGlobalVariableGuid
>
> + ## SOMETIMES_CONSUMES ## Variable:L"db"
> + ## SOMETIMES_CONSUMES ## Variable:L"dbx"
> + ## SOMETIMES_CONSUMES ## Variable:L"dbt"
> + gEfiImageSecurityDatabaseGuid
> +
> gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES
> ## Variable:L"MemoryOverwriteRequestControl"
> gEfiMemoryOverwriteRequestControlLockGuid ##
> SOMETIMES_PRODUCES ##
> Variable:L"MemoryOverwriteRequestControlLock"
>
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> index 9eac43759f..fb574b2e32 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> @@ -179,89 +179,6 @@ FindVariable (
> IN BOOLEAN IgnoreRtCheck
> );
>
> -/**
> -
> - Gets the pointer to the end of the variable storage area.
> -
> - This function gets pointer to the end of the variable storage
> - area, according to the input variable store header.
> -
> - @param VarStoreHeader Pointer to the Variable Store Header.
> -
> - @return Pointer to the end of the variable storage area.
> -
> -**/
> -VARIABLE_HEADER *
> -GetEndPointer (
> - IN VARIABLE_STORE_HEADER *VarStoreHeader
> - );
> -
> -/**
> - This code gets the size of variable header.
> -
> - @return Size of variable header in bytes in type UINTN.
> -
> -**/
> -UINTN
> -GetVariableHeaderSize (
> - VOID
> - );
> -
> -/**
> -
> - This code gets the pointer to the variable name.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Pointer to Variable Name which is Unicode encoding.
> -
> -**/
> -CHAR16 *
> -GetVariableNamePtr (
> - IN VARIABLE_HEADER *Variable
> - );
> -
> -/**
> - This code gets the pointer to the variable guid.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return A EFI_GUID* pointer to Vendor Guid.
> -
> -**/
> -EFI_GUID *
> -GetVendorGuidPtr (
> - IN VARIABLE_HEADER *Variable
> - );
> -
> -/**
> -
> - This code gets the pointer to the variable data.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Pointer to Variable Data.
> -
> -**/
> -UINT8 *
> -GetVariableDataPtr (
> - IN VARIABLE_HEADER *Variable
> - );
> -
> -/**
> -
> - This code gets the size of variable data.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Size of variable in bytes.
> -
> -**/
> -UINTN
> -DataSizeOfVariable (
> - IN VARIABLE_HEADER *Variable
> - );
> -
> /**
> This function is to check if the remaining variable space is enough to set
> all Variables from argument list successfully. The purpose of the check
> @@ -450,17 +367,6 @@ ReclaimForOS(
> VOID
> );
>
> -/**
> - Get non-volatile maximum variable size.
> -
> - @return Non-volatile maximum variable size.
> -
> -**/
> -UINTN
> -GetNonVolatileMaxVariableSize (
> - VOID
> - );
> -
> /**
> Get maximum variable size, covering both non-volatile and volatile variables.
>
> @@ -546,31 +452,6 @@ VariableServiceGetVariable (
> OUT VOID *Data OPTIONAL
> );
>
> -/**
> - This code Finds the Next available variable.
> -
> - Caution: This function may receive untrusted input.
> - This function may be invoked in SMM mode. This function will do basic
> validation, before parse the data.
> -
> - @param[in] VariableName Pointer to variable name.
> - @param[in] VendorGuid Variable Vendor Guid.
> - @param[out] VariablePtr Pointer to variable header address.
> -
> - @retval EFI_SUCCESS The function completed successfully.
> - @retval EFI_NOT_FOUND The next variable was not found.
> - @retval EFI_INVALID_PARAMETER If VariableName is not an empty string,
> while VendorGuid is NULL.
> - @retval EFI_INVALID_PARAMETER The input values of VariableName and
> VendorGuid are not a name and
> - GUID of an existing variable.
> -
> -**/
> -EFI_STATUS
> -EFIAPI
> -VariableServiceGetNextVariableInternal (
> - IN CHAR16 *VariableName,
> - IN EFI_GUID *VendorGuid,
> - OUT VARIABLE_HEADER **VariablePtr
> - );
> -
> /**
>
> This code Finds the Next available variable.
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> new file mode 100644
> index 0000000000..82572262ef
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> @@ -0,0 +1,25 @@
> +/** @file
> + Common variable non-volatile store routines.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef _VARIABLE_NON_VOLATILE_H_
> +#define _VARIABLE_NON_VOLATILE_H_
> +
> +#include "Variable.h"
> +
> +/**
> + Get non-volatile maximum variable size.
> +
> + @return Non-volatile maximum variable size.
> +
> +**/
> +UINTN
> +GetNonVolatileMaxVariableSize (
> + VOID
> + );
> +
> +#endif
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> new file mode 100644
> index 0000000000..bd617fca10
> --- /dev/null
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> @@ -0,0 +1,342 @@
> +/** @file
> + Common variable helper routines are shared by the DXE_RUNTIME
> variable
> + module and the DXE_SMM variable module.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#ifndef _VARIABLE_PARSING_H_
> +#define _VARIABLE_PARSING_H_
> +
> +#include <Guid/ImageAuthentication.h>
> +#include "Variable.h"
> +
> +/**
> +
> + This code checks if variable header is valid or not.
> +
> + @param Variable Pointer to the Variable Header.
> + @param VariableStoreEnd Pointer to the Variable Store End.
> +
> + @retval TRUE Variable header is valid.
> + @retval FALSE Variable header is not valid.
> +
> +**/
> +BOOLEAN
> +IsValidVariableHeader (
> + IN VARIABLE_HEADER *Variable,
> + IN VARIABLE_HEADER *VariableStoreEnd
> + );
> +
> +/**
> +
> + This code gets the current status of Variable Store.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @retval EfiRaw Variable store status is raw.
> + @retval EfiValid Variable store status is valid.
> + @retval EfiInvalid Variable store status is invalid.
> +
> +**/
> +VARIABLE_STORE_STATUS
> +GetVariableStoreStatus (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + );
> +
> +/**
> + This code gets the size of variable header.
> +
> + @return Size of variable header in bytes in type UINTN.
> +
> +**/
> +UINTN
> +GetVariableHeaderSize (
> + VOID
> + );
> +
> +/**
> +
> + This code gets the size of name of variable.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return UINTN Size of variable in bytes.
> +
> +**/
> +UINTN
> +NameSizeOfVariable (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> + This code sets the size of name of variable.
> +
> + @param[in] Variable Pointer to the Variable Header.
> + @param[in] NameSize Name size to set.
> +
> +**/
> +VOID
> +SetNameSizeOfVariable (
> + IN VARIABLE_HEADER *Variable,
> + IN UINTN NameSize
> + );
> +
> +/**
> +
> + This code gets the size of variable data.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Size of variable in bytes.
> +
> +**/
> +UINTN
> +DataSizeOfVariable (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> + This code sets the size of variable data.
> +
> + @param[in] Variable Pointer to the Variable Header.
> + @param[in] DataSize Data size to set.
> +
> +**/
> +VOID
> +SetDataSizeOfVariable (
> + IN VARIABLE_HEADER *Variable,
> + IN UINTN DataSize
> + );
> +
> +/**
> +
> + This code gets the pointer to the variable name.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to Variable Name which is Unicode encoding.
> +
> +**/
> +CHAR16 *
> +GetVariableNamePtr (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> + This code gets the pointer to the variable guid.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return A EFI_GUID* pointer to Vendor Guid.
> +
> +**/
> +EFI_GUID *
> +GetVendorGuidPtr (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> +
> + This code gets the pointer to the variable data.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to Variable Data.
> +
> +**/
> +UINT8 *
> +GetVariableDataPtr (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> + This code gets the variable data offset related to variable header.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Variable Data offset.
> +
> +**/
> +UINTN
> +GetVariableDataOffset (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> +
> + This code gets the pointer to the next variable header.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to next variable header.
> +
> +**/
> +VARIABLE_HEADER *
> +GetNextVariablePtr (
> + IN VARIABLE_HEADER *Variable
> + );
> +
> +/**
> +
> + Gets the pointer to the first variable header in given variable store area.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @return Pointer to the first variable header.
> +
> +**/
> +VARIABLE_HEADER *
> +GetStartPointer (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + );
> +
> +/**
> +
> + Gets the pointer to the end of the variable storage area.
> +
> + This function gets pointer to the end of the variable storage
> + area, according to the input variable store header.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @return Pointer to the end of the variable storage area.
> +
> +**/
> +VARIABLE_HEADER *
> +GetEndPointer (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + );
> +
> +/**
> + Returns if this is a variable that always requires authenticated writes.
> + There may be other scenarios that result in a variable not identified by the
> + function to also require authentication.
> +
> + @param[in] VariableName Name of variable.
> + @param[in] VendorGuid Guid of variable.
> +
> + @retval TRUE The variable always requires authenticated writes
> + @retval FALSE The variable may or may not require authenticated
> writes
> +**/
> +BOOLEAN
> +IsAuthenticatedVariable (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid
> + );
> +
> +/**
> + Compare two EFI_TIME data.
> +
> +
> + @param FirstTime A pointer to the first EFI_TIME data.
> + @param SecondTime A pointer to the second EFI_TIME data.
> +
> + @retval TRUE The FirstTime is not later than the SecondTime.
> + @retval FALSE The FirstTime is later than the SecondTime.
> +
> +**/
> +BOOLEAN
> +VariableCompareTimeStampInternal (
> + IN EFI_TIME *FirstTime,
> + IN EFI_TIME *SecondTime
> + );
> +
> +/**
> + Find the variable in the specified variable store.
> +
> + @param[in] VariableName Name of the variable to be found
> + @param[in] VendorGuid Vendor GUID to be found.
> + @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS
> attribute
> + check at runtime when searching variable.
> + @param[in, out] PtrTrack Variable Track Pointer structure that
> contains Variable Information.
> +
> + @retval EFI_SUCCESS Variable found successfully
> + @retval EFI_NOT_FOUND Variable not found
> +**/
> +EFI_STATUS
> +FindVariableEx (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN BOOLEAN IgnoreRtCheck,
> + IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> + );
> +
> +/**
> + This code finds the next available variable.
> +
> + Caution: This function may receive untrusted input.
> + This function may be invoked in SMM mode. This function will do basic
> validation, before parse the data.
> +
> + @param[in] VariableName Pointer to variable name.
> + @param[in] VendorGuid Variable Vendor Guid.
> + @param[in] VariableStoreList A list of variable stores that should be used
> to get the next variable.
> + The maximum number of entries is the max value of
> VARIABLE_STORE_TYPE.
> + @param[out] VariablePtr Pointer to variable header address.
> +
> + @retval EFI_SUCCESS The function completed successfully.
> + @retval EFI_NOT_FOUND The next variable was not found.
> + @retval EFI_INVALID_PARAMETER If VariableName is nt an empty string,
> while VendorGuid is NULL.
> + @retval EFI_INVALID_PARAMETER The input values of VariableName and
> VendorGuid are not a name and
> + GUID of an existing variable.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +GetNextVariableEx (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN VARIABLE_STORE_HEADER **VariableStoreList,
> + OUT VARIABLE_HEADER **VariablePtr
> + );
> +
> +/**
> + Routine used to track statistical information about variable usage.
> + The data is stored in the EFI system table so it can be accessed later.
> + VariableInfo.efi can dump out the table. Only Boot Services variable
> + accesses are tracked by this code. The PcdVariableCollectStatistics
> + build flag controls if this feature is enabled.
> +
> + A read that hits in the cache will have Read and Cache true for
> + the transaction. Data is allocated by this routine, but never
> + freed.
> +
> + @param[in] VariableName Name of the Variable to track.
> + @param[in] VendorGuid Guid of the Variable to track.
> + @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> + @param[in] Read TRUE if GetVariable() was called.
> + @param[in] Write TRUE if SetVariable() was called.
> + @param[in] Delete TRUE if deleted via SetVariable().
> + @param[in] Cache TRUE for a cache hit.
> + @param[in,out] VariableInfo Pointer to a pointer of
> VARIABLE_INFO_ENTRY structures.
> +
> +**/
> +VOID
> +UpdateVariableInfo (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN BOOLEAN Volatile,
> + IN BOOLEAN Read,
> + IN BOOLEAN Write,
> + IN BOOLEAN Delete,
> + IN BOOLEAN Cache,
> + IN OUT VARIABLE_INFO_ENTRY **VariableInfo
> + );
> +
> +/**
> + Initializes context needed for variable helpers.
> +
> + @param[in] AuthFormat If true then indicates authenticated
> variables are supported
> +
> + @retval EFI_SUCCESS Initialized successfully
> + @retval Others An error occurred during initialization
> +**/
> +EFI_STATUS
> +EFIAPI
> +InitVariableHelpers (
> + IN BOOLEAN AuthFormat
> + );
> +
> +#endif
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> index f32c9c2808..d14fecc830 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> @@ -23,6 +23,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> **/
>
> #include "Variable.h"
> +#include "VariableNonVolatile.h"
> +#include "VariableParsing.h"
>
> VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
>
> @@ -92,131 +94,6 @@ AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {
>
> AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;
>
> -/**
> - Routine used to track statistical information about variable usage.
> - The data is stored in the EFI system table so it can be accessed later.
> - VariableInfo.efi can dump out the table. Only Boot Services variable
> - accesses are tracked by this code. The PcdVariableCollectStatistics
> - build flag controls if this feature is enabled.
> -
> - A read that hits in the cache will have Read and Cache true for
> - the transaction. Data is allocated by this routine, but never
> - freed.
> -
> - @param[in] VariableName Name of the Variable to track.
> - @param[in] VendorGuid Guid of the Variable to track.
> - @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> - @param[in] Read TRUE if GetVariable() was called.
> - @param[in] Write TRUE if SetVariable() was called.
> - @param[in] Delete TRUE if deleted via SetVariable().
> - @param[in] Cache TRUE for a cache hit.
> -
> -**/
> -VOID
> -UpdateVariableInfo (
> - IN CHAR16 *VariableName,
> - IN EFI_GUID *VendorGuid,
> - IN BOOLEAN Volatile,
> - IN BOOLEAN Read,
> - IN BOOLEAN Write,
> - IN BOOLEAN Delete,
> - IN BOOLEAN Cache
> - )
> -{
> - VARIABLE_INFO_ENTRY *Entry;
> -
> - if (FeaturePcdGet (PcdVariableCollectStatistics)) {
> -
> - if (AtRuntime ()) {
> - // Don't collect statistics at runtime.
> - return;
> - }
> -
> - if (gVariableInfo == NULL) {
> - //
> - // On the first call allocate a entry and place a pointer to it in
> - // the EFI System Table.
> - //
> - gVariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> - ASSERT (gVariableInfo != NULL);
> -
> - CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
> - gVariableInfo->Name = AllocateZeroPool (StrSize (VariableName));
> - ASSERT (gVariableInfo->Name != NULL);
> - StrCpyS (gVariableInfo->Name, StrSize(VariableName)/sizeof(CHAR16),
> VariableName);
> - gVariableInfo->Volatile = Volatile;
> - }
> -
> -
> - for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) {
> - if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
> - if (StrCmp (VariableName, Entry->Name) == 0) {
> - if (Read) {
> - Entry->ReadCount++;
> - }
> - if (Write) {
> - Entry->WriteCount++;
> - }
> - if (Delete) {
> - Entry->DeleteCount++;
> - }
> - if (Cache) {
> - Entry->CacheCount++;
> - }
> -
> - return;
> - }
> - }
> -
> - if (Entry->Next == NULL) {
> - //
> - // If the entry is not in the table add it.
> - // Next iteration of the loop will fill in the data.
> - //
> - Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> - ASSERT (Entry->Next != NULL);
> -
> - CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
> - Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
> - ASSERT (Entry->Next->Name != NULL);
> - StrCpyS (Entry->Next->Name, StrSize(VariableName)/sizeof(CHAR16),
> VariableName);
> - Entry->Next->Volatile = Volatile;
> - }
> -
> - }
> - }
> -}
> -
> -
> -/**
> -
> - This code checks if variable header is valid or not.
> -
> - @param Variable Pointer to the Variable Header.
> - @param VariableStoreEnd Pointer to the Variable Store End.
> -
> - @retval TRUE Variable header is valid.
> - @retval FALSE Variable header is not valid.
> -
> -**/
> -BOOLEAN
> -IsValidVariableHeader (
> - IN VARIABLE_HEADER *Variable,
> - IN VARIABLE_HEADER *VariableStoreEnd
> - )
> -{
> - if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable-
> >StartId != VARIABLE_DATA)) {
> - //
> - // Variable is NULL or has reached the end of variable store,
> - // or the StartId is not correct.
> - //
> - return FALSE;
> - }
> -
> - return TRUE;
> -}
> -
> -
> /**
>
> This function writes data to the FWH at the correct LBA even if the LBAs
> @@ -376,345 +253,6 @@ UpdateVariableStore (
> return EFI_SUCCESS;
> }
>
> -
> -/**
> -
> - This code gets the current status of Variable Store.
> -
> - @param VarStoreHeader Pointer to the Variable Store Header.
> -
> - @retval EfiRaw Variable store status is raw.
> - @retval EfiValid Variable store status is valid.
> - @retval EfiInvalid Variable store status is invalid.
> -
> -**/
> -VARIABLE_STORE_STATUS
> -GetVariableStoreStatus (
> - IN VARIABLE_STORE_HEADER *VarStoreHeader
> - )
> -{
> - if ((CompareGuid (&VarStoreHeader->Signature,
> &gEfiAuthenticatedVariableGuid) ||
> - CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
> - VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
> - VarStoreHeader->State == VARIABLE_STORE_HEALTHY
> - ) {
> -
> - return EfiValid;
> - } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
> - ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
> - ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
> - ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
> - VarStoreHeader->Size == 0xffffffff &&
> - VarStoreHeader->Format == 0xff &&
> - VarStoreHeader->State == 0xff
> - ) {
> -
> - return EfiRaw;
> - } else {
> - return EfiInvalid;
> - }
> -}
> -
> -/**
> - This code gets the size of variable header.
> -
> - @return Size of variable header in bytes in type UINTN.
> -
> -**/
> -UINTN
> -GetVariableHeaderSize (
> - VOID
> - )
> -{
> - UINTN Value;
> -
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
> - } else {
> - Value = sizeof (VARIABLE_HEADER);
> - }
> -
> - return Value;
> -}
> -
> -/**
> -
> - This code gets the size of name of variable.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return UINTN Size of variable in bytes.
> -
> -**/
> -UINTN
> -NameSizeOfVariable (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> -
> - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - if (AuthVariable->State == (UINT8) (-1) ||
> - AuthVariable->DataSize == (UINT32) (-1) ||
> - AuthVariable->NameSize == (UINT32) (-1) ||
> - AuthVariable->Attributes == (UINT32) (-1)) {
> - return 0;
> - }
> - return (UINTN) AuthVariable->NameSize;
> - } else {
> - if (Variable->State == (UINT8) (-1) ||
> - Variable->DataSize == (UINT32) (-1) ||
> - Variable->NameSize == (UINT32) (-1) ||
> - Variable->Attributes == (UINT32) (-1)) {
> - return 0;
> - }
> - return (UINTN) Variable->NameSize;
> - }
> -}
> -
> -/**
> - This code sets the size of name of variable.
> -
> - @param[in] Variable Pointer to the Variable Header.
> - @param[in] NameSize Name size to set.
> -
> -**/
> -VOID
> -SetNameSizeOfVariable (
> - IN VARIABLE_HEADER *Variable,
> - IN UINTN NameSize
> - )
> -{
> - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> -
> - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - AuthVariable->NameSize = (UINT32) NameSize;
> - } else {
> - Variable->NameSize = (UINT32) NameSize;
> - }
> -}
> -
> -/**
> -
> - This code gets the size of variable data.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Size of variable in bytes.
> -
> -**/
> -UINTN
> -DataSizeOfVariable (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> -
> - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - if (AuthVariable->State == (UINT8) (-1) ||
> - AuthVariable->DataSize == (UINT32) (-1) ||
> - AuthVariable->NameSize == (UINT32) (-1) ||
> - AuthVariable->Attributes == (UINT32) (-1)) {
> - return 0;
> - }
> - return (UINTN) AuthVariable->DataSize;
> - } else {
> - if (Variable->State == (UINT8) (-1) ||
> - Variable->DataSize == (UINT32) (-1) ||
> - Variable->NameSize == (UINT32) (-1) ||
> - Variable->Attributes == (UINT32) (-1)) {
> - return 0;
> - }
> - return (UINTN) Variable->DataSize;
> - }
> -}
> -
> -/**
> - This code sets the size of variable data.
> -
> - @param[in] Variable Pointer to the Variable Header.
> - @param[in] DataSize Data size to set.
> -
> -**/
> -VOID
> -SetDataSizeOfVariable (
> - IN VARIABLE_HEADER *Variable,
> - IN UINTN DataSize
> - )
> -{
> - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> -
> - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - AuthVariable->DataSize = (UINT32) DataSize;
> - } else {
> - Variable->DataSize = (UINT32) DataSize;
> - }
> -}
> -
> -/**
> -
> - This code gets the pointer to the variable name.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Pointer to Variable Name which is Unicode encoding.
> -
> -**/
> -CHAR16 *
> -GetVariableNamePtr (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
> -}
> -
> -/**
> - This code gets the pointer to the variable guid.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return A EFI_GUID* pointer to Vendor Guid.
> -
> -**/
> -EFI_GUID *
> -GetVendorGuidPtr (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> -
> - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> - return &AuthVariable->VendorGuid;
> - } else {
> - return &Variable->VendorGuid;
> - }
> -}
> -
> -/**
> -
> - This code gets the pointer to the variable data.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Pointer to Variable Data.
> -
> -**/
> -UINT8 *
> -GetVariableDataPtr (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - UINTN Value;
> -
> - //
> - // Be careful about pad size for alignment.
> - //
> - Value = (UINTN) GetVariableNamePtr (Variable);
> - Value += NameSizeOfVariable (Variable);
> - Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> -
> - return (UINT8 *) Value;
> -}
> -
> -/**
> - This code gets the variable data offset related to variable header.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Variable Data offset.
> -
> -**/
> -UINTN
> -GetVariableDataOffset (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - UINTN Value;
> -
> - //
> - // Be careful about pad size for alignment
> - //
> - Value = GetVariableHeaderSize ();
> - Value += NameSizeOfVariable (Variable);
> - Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> -
> - return Value;
> -}
> -
> -/**
> -
> - This code gets the pointer to the next variable header.
> -
> - @param Variable Pointer to the Variable Header.
> -
> - @return Pointer to next variable header.
> -
> -**/
> -VARIABLE_HEADER *
> -GetNextVariablePtr (
> - IN VARIABLE_HEADER *Variable
> - )
> -{
> - UINTN Value;
> -
> - Value = (UINTN) GetVariableDataPtr (Variable);
> - Value += DataSizeOfVariable (Variable);
> - Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
> -
> - //
> - // Be careful about pad size for alignment.
> - //
> - return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
> -}
> -
> -/**
> -
> - Gets the pointer to the first variable header in given variable store area.
> -
> - @param VarStoreHeader Pointer to the Variable Store Header.
> -
> - @return Pointer to the first variable header.
> -
> -**/
> -VARIABLE_HEADER *
> -GetStartPointer (
> - IN VARIABLE_STORE_HEADER *VarStoreHeader
> - )
> -{
> - //
> - // The start of variable store.
> - //
> - return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
> -}
> -
> -/**
> -
> - Gets the pointer to the end of the variable storage area.
> -
> - This function gets pointer to the end of the variable storage
> - area, according to the input variable store header.
> -
> - @param VarStoreHeader Pointer to the Variable Store Header.
> -
> - @return Pointer to the end of the variable storage area.
> -
> -**/
> -VARIABLE_HEADER *
> -GetEndPointer (
> - IN VARIABLE_STORE_HEADER *VarStoreHeader
> - )
> -{
> - //
> - // The end of variable store
> - //
> - return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader +
> VarStoreHeader->Size);
> -}
> -
> /**
> Record variable error flag.
>
> @@ -1228,75 +766,6 @@ Done:
> return Status;
> }
>
> -/**
> - Find the variable in the specified variable store.
> -
> - @param[in] VariableName Name of the variable to be found
> - @param[in] VendorGuid Vendor GUID to be found.
> - @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS
> attribute
> - check at runtime when searching variable.
> - @param[in, out] PtrTrack Variable Track Pointer structure that
> contains Variable Information.
> -
> - @retval EFI_SUCCESS Variable found successfully
> - @retval EFI_NOT_FOUND Variable not found
> -**/
> -EFI_STATUS
> -FindVariableEx (
> - IN CHAR16 *VariableName,
> - IN EFI_GUID *VendorGuid,
> - IN BOOLEAN IgnoreRtCheck,
> - IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> - )
> -{
> - VARIABLE_HEADER *InDeletedVariable;
> - VOID *Point;
> -
> - PtrTrack->InDeletedTransitionPtr = NULL;
> -
> - //
> - // Find the variable by walk through HOB, volatile and non-volatile variable
> store.
> - //
> - InDeletedVariable = NULL;
> -
> - for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
> - ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
> - ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
> - ) {
> - if (PtrTrack->CurrPtr->State == VAR_ADDED ||
> - PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)
> - ) {
> - if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes &
> EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> - if (VariableName[0] == 0) {
> - if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> - InDeletedVariable = PtrTrack->CurrPtr;
> - } else {
> - PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> - return EFI_SUCCESS;
> - }
> - } else {
> - if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr)))
> {
> - Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
> -
> - ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
> - if (CompareMem (VariableName, Point, NameSizeOfVariable
> (PtrTrack->CurrPtr)) == 0) {
> - if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> - InDeletedVariable = PtrTrack->CurrPtr;
> - } else {
> - PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> - return EFI_SUCCESS;
> - }
> - }
> - }
> - }
> - }
> - }
> - }
> -
> - PtrTrack->CurrPtr = InDeletedVariable;
> - return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
> -}
> -
> -
> /**
> Finds variable in storage blocks of volatile and non-volatile storage areas.
>
> @@ -2078,38 +1547,6 @@ AutoUpdateLangVariable (
> }
> }
>
> -/**
> - Compare two EFI_TIME data.
> -
> -
> - @param FirstTime A pointer to the first EFI_TIME data.
> - @param SecondTime A pointer to the second EFI_TIME data.
> -
> - @retval TRUE The FirstTime is not later than the SecondTime.
> - @retval FALSE The FirstTime is later than the SecondTime.
> -
> -**/
> -BOOLEAN
> -VariableCompareTimeStampInternal (
> - IN EFI_TIME *FirstTime,
> - IN EFI_TIME *SecondTime
> - )
> -{
> - if (FirstTime->Year != SecondTime->Year) {
> - return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
> - } else if (FirstTime->Month != SecondTime->Month) {
> - return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
> - } else if (FirstTime->Day != SecondTime->Day) {
> - return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
> - } else if (FirstTime->Hour != SecondTime->Hour) {
> - return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
> - } else if (FirstTime->Minute != SecondTime->Minute) {
> - return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
> - }
> -
> - return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
> -}
> -
> /**
> Update the variable region with Variable information. If
> EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is set,
> index of associated public key is needed.
> @@ -2205,7 +1642,7 @@ UpdateVariable (
> // go to delete this variable in variable HOB and
> // try to flush other variables from HOB to flash.
> //
> - UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, FALSE,
> TRUE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, FALSE,
> TRUE, FALSE, &gVariableInfo);
> FlushHobVariableToFlash (VariableName, VendorGuid);
> return EFI_SUCCESS;
> }
> @@ -2322,7 +1759,7 @@ UpdateVariable (
> &State
> );
> if (!EFI_ERROR (Status)) {
> - UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> FALSE, FALSE, TRUE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> FALSE, FALSE, TRUE, FALSE, &gVariableInfo);
> if (!Variable->Volatile) {
> CacheVariable->CurrPtr->State = State;
> FlushHobVariableToFlash (VariableName, VendorGuid);
> @@ -2341,7 +1778,7 @@ UpdateVariable (
> //
> // Variable content unchanged and no need to update timestamp, just
> return.
> //
> - UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> FALSE, TRUE, FALSE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
> Status = EFI_SUCCESS;
> goto Done;
> } else if ((CacheVariable->CurrPtr->State == VAR_ADDED) ||
> @@ -2570,7 +2007,7 @@ UpdateVariable (
> CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN)
> CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable-
> >StartPtr));
> CacheVariable->InDeletedTransitionPtr = NULL;
> }
> - UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE,
> FALSE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE,
> FALSE, FALSE, &gVariableInfo);
> FlushHobVariableToFlash (VariableName, VendorGuid);
> } else {
> if (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal-
> >CommonUserVariableTotalSize) > mVariableModuleGlobal-
> >CommonMaxUserVariableSpace)) {
> @@ -2720,7 +2157,7 @@ UpdateVariable (
> CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN)
> CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable-
> >StartPtr));
> CacheVariable->InDeletedTransitionPtr = NULL;
> }
> - UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE,
> FALSE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE,
> FALSE, FALSE, &gVariableInfo);
> }
> goto Done;
> }
> @@ -2791,7 +2228,7 @@ UpdateVariable (
> }
>
> if (!EFI_ERROR (Status)) {
> - UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE,
> FALSE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE,
> FALSE, FALSE, &gVariableInfo);
> if (!Volatile) {
> FlushHobVariableToFlash (VariableName, VendorGuid);
> }
> @@ -2870,7 +2307,7 @@ VariableServiceGetVariable (
> }
>
> *DataSize = VarDataSize;
> - UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE,
> FALSE, FALSE, FALSE);
> + UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile, TRUE,
> FALSE, FALSE, FALSE, &gVariableInfo);
>
> Status = EFI_SUCCESS;
> goto Done;
> @@ -2885,166 +2322,6 @@ Done:
> return Status;
> }
>
> -/**
> - This code Finds the Next available variable.
> -
> - Caution: This function may receive untrusted input.
> - This function may be invoked in SMM mode. This function will do basic
> validation, before parse the data.
> -
> - @param[in] VariableName Pointer to variable name.
> - @param[in] VendorGuid Variable Vendor Guid.
> - @param[out] VariablePtr Pointer to variable header address.
> -
> - @retval EFI_SUCCESS The function completed successfully.
> - @retval EFI_NOT_FOUND The next variable was not found.
> - @retval EFI_INVALID_PARAMETER If VariableName is not an empty string,
> while VendorGuid is NULL.
> - @retval EFI_INVALID_PARAMETER The input values of VariableName and
> VendorGuid are not a name and
> - GUID of an existing variable.
> -
> -**/
> -EFI_STATUS
> -EFIAPI
> -VariableServiceGetNextVariableInternal (
> - IN CHAR16 *VariableName,
> - IN EFI_GUID *VendorGuid,
> - OUT VARIABLE_HEADER **VariablePtr
> - )
> -{
> - VARIABLE_STORE_TYPE Type;
> - VARIABLE_POINTER_TRACK Variable;
> - VARIABLE_POINTER_TRACK VariableInHob;
> - VARIABLE_POINTER_TRACK VariablePtrTrack;
> - EFI_STATUS Status;
> - VARIABLE_STORE_HEADER *VariableStoreHeader[VariableStoreTypeMax];
> -
> - Status = FindVariable (VariableName, VendorGuid, &Variable,
> &mVariableModuleGlobal->VariableGlobal, FALSE);
> - if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
> - //
> - // For VariableName is an empty string, FindVariable() will try to find and
> return
> - // the first qualified variable, and if FindVariable() returns error
> (EFI_NOT_FOUND)
> - // as no any variable is found, still go to return the error
> (EFI_NOT_FOUND).
> - //
> - if (VariableName[0] != 0) {
> - //
> - // For VariableName is not an empty string, and FindVariable() returns
> error as
> - // VariableName and VendorGuid are not a name and GUID of an existing
> variable,
> - // there is no way to get next variable, follow spec to return
> EFI_INVALID_PARAMETER.
> - //
> - Status = EFI_INVALID_PARAMETER;
> - }
> - goto Done;
> - }
> -
> - if (VariableName[0] != 0) {
> - //
> - // If variable name is not NULL, get next variable.
> - //
> - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> - }
> -
> - //
> - // 0: Volatile, 1: HOB, 2: Non-Volatile.
> - // The index and attributes mapping must be kept in this order as
> FindVariable
> - // makes use of this mapping to implement search algorithm.
> - //
> - VariableStoreHeader[VariableStoreTypeVolatile] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.VolatileVariableBase;
> - VariableStoreHeader[VariableStoreTypeHob] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.HobVariableBase;
> - VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> -
> - while (TRUE) {
> - //
> - // Switch from Volatile to HOB, to Non-Volatile.
> - //
> - while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
> - //
> - // Find current storage index
> - //
> - for (Type = (VARIABLE_STORE_TYPE) 0; Type < VariableStoreTypeMax;
> Type++) {
> - if ((VariableStoreHeader[Type] != NULL) && (Variable.StartPtr ==
> GetStartPointer (VariableStoreHeader[Type]))) {
> - break;
> - }
> - }
> - ASSERT (Type < VariableStoreTypeMax);
> - //
> - // Switch to next storage
> - //
> - for (Type++; Type < VariableStoreTypeMax; Type++) {
> - if (VariableStoreHeader[Type] != NULL) {
> - break;
> - }
> - }
> - //
> - // Capture the case that
> - // 1. current storage is the last one, or
> - // 2. no further storage
> - //
> - if (Type == VariableStoreTypeMax) {
> - Status = EFI_NOT_FOUND;
> - goto Done;
> - }
> - Variable.StartPtr = GetStartPointer (VariableStoreHeader[Type]);
> - Variable.EndPtr = GetEndPointer (VariableStoreHeader[Type]);
> - Variable.CurrPtr = Variable.StartPtr;
> - }
> -
> - //
> - // Variable is found
> - //
> - if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State ==
> (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
> - if (!AtRuntime () || ((Variable.CurrPtr->Attributes &
> EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> - if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> - //
> - // If it is a IN_DELETED_TRANSITION variable,
> - // and there is also a same ADDED one at the same time,
> - // don't return it.
> - //
> - VariablePtrTrack.StartPtr = Variable.StartPtr;
> - VariablePtrTrack.EndPtr = Variable.EndPtr;
> - Status = FindVariableEx (
> - GetVariableNamePtr (Variable.CurrPtr),
> - GetVendorGuidPtr (Variable.CurrPtr),
> - FALSE,
> - &VariablePtrTrack
> - );
> - if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State ==
> VAR_ADDED) {
> - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> - continue;
> - }
> - }
> -
> - //
> - // Don't return NV variable when HOB overrides it
> - //
> - if ((VariableStoreHeader[VariableStoreTypeHob] != NULL) &&
> (VariableStoreHeader[VariableStoreTypeNv] != NULL) &&
> - (Variable.StartPtr == GetStartPointer
> (VariableStoreHeader[VariableStoreTypeNv]))
> - ) {
> - VariableInHob.StartPtr = GetStartPointer
> (VariableStoreHeader[VariableStoreTypeHob]);
> - VariableInHob.EndPtr = GetEndPointer
> (VariableStoreHeader[VariableStoreTypeHob]);
> - Status = FindVariableEx (
> - GetVariableNamePtr (Variable.CurrPtr),
> - GetVendorGuidPtr (Variable.CurrPtr),
> - FALSE,
> - &VariableInHob
> - );
> - if (!EFI_ERROR (Status)) {
> - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> - continue;
> - }
> - }
> -
> - *VariablePtr = Variable.CurrPtr;
> - Status = EFI_SUCCESS;
> - goto Done;
> - }
> - }
> -
> - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> - }
> -
> -Done:
> - return Status;
> -}
> -
> /**
>
> This code Finds the Next available variable.
> @@ -3082,6 +2359,7 @@ VariableServiceGetNextVariableName (
> UINTN MaxLen;
> UINTN VarNameSize;
> VARIABLE_HEADER *VariablePtr;
> + VARIABLE_STORE_HEADER
> *VariableStoreHeader[VariableStoreTypeMax];
>
> if (VariableNameSize == NULL || VariableName == NULL || VendorGuid ==
> NULL) {
> return EFI_INVALID_PARAMETER;
> @@ -3101,7 +2379,16 @@ VariableServiceGetNextVariableName (
>
> AcquireLockOnlyAtBootTime(&mVariableModuleGlobal-
> >VariableGlobal.VariableServicesLock);
>
> - Status = VariableServiceGetNextVariableInternal (VariableName,
> VendorGuid, &VariablePtr);
> + //
> + // 0: Volatile, 1: HOB, 2: Non-Volatile.
> + // The index and attributes mapping must be kept in this order as
> FindVariable
> + // makes use of this mapping to implement search algorithm.
> + //
> + VariableStoreHeader[VariableStoreTypeVolatile] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.VolatileVariableBase;
> + VariableStoreHeader[VariableStoreTypeHob] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.HobVariableBase;
> + VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> +
> + Status = GetNextVariableEx (VariableName, VendorGuid,
> VariableStoreHeader, &VariablePtr);
> if (!EFI_ERROR (Status)) {
> VarNameSize = NameSizeOfVariable (VariablePtr);
> ASSERT (VarNameSize != 0);
> @@ -3720,25 +3007,6 @@ ReclaimForOS(
> }
> }
>
> -/**
> - Get non-volatile maximum variable size.
> -
> - @return Non-volatile maximum variable size.
> -
> -**/
> -UINTN
> -GetNonVolatileMaxVariableSize (
> - VOID
> - )
> -{
> - if (PcdGet32 (PcdHwErrStorageSize) != 0) {
> - return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> (PcdMaxAuthVariableSize)),
> - PcdGet32 (PcdMaxHardwareErrorVariableSize));
> - } else {
> - return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> (PcdMaxAuthVariableSize));
> - }
> -}
> -
> /**
> Get maximum variable size, covering both non-volatile and volatile variables.
>
> @@ -4024,7 +3292,7 @@ InitNonVolatileVariableStore (
> return Status;
> }
> mVariableModuleGlobal->VariableGlobal.EmuNvMode = TRUE;
> - DEBUG ((DEBUG_INFO, "Variable driver will work at emulated non-volatile
> variable mode!\n"));
> + DEBUG ((DEBUG_INFO, "Variable driver will work in emulated non-
> volatile variable mode!\n"));
> } else {
> Status = InitRealNonVolatileVariableStore (&VariableStoreBase);
> if (EFI_ERROR (Status)) {
> @@ -4040,6 +3308,9 @@ InitNonVolatileVariableStore (
> mVariableModuleGlobal->MaxVariableSize = PcdGet32
> (PcdMaxVariableSize);
> mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32
> (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) :
> mVariableModuleGlobal->MaxVariableSize);
>
> + Status = InitVariableHelpers (mVariableModuleGlobal-
> >VariableGlobal.AuthFormat);
> + ASSERT_EFI_ERROR (Status);
> +
> //
> // Parse non-volatile variable data and get last variable offset.
> //
> @@ -4470,18 +3741,13 @@ VariableCommonInitialize (
>
> //
> // mVariableModuleGlobal->VariableGlobal.AuthFormat
> - // has been initialized in InitNonVolatileVariableStore().
> + // is initialized in InitNonVolatileVariableStore().
> //
> if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable
> format!\n"));
> - //
> - // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will
> initialize it.
> - //
> - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> VariableGuid = &gEfiAuthenticatedVariableGuid;
> } else {
> DEBUG ((EFI_D_INFO, "Variable driver will work without auth variable
> support!\n"));
> - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> VariableGuid = &gEfiVariableGuid;
> }
>
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> index cb6fcebe2d..232d9ffe25 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> @@ -1,12 +1,13 @@
> /** @file
> Provides variable driver extended services.
>
> -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
>
> #include "Variable.h"
> +#include "VariableParsing.h"
>
> /**
> Finds variable in storage blocks of volatile and non-volatile storage areas.
> @@ -97,10 +98,16 @@ VariableExLibFindNextVariable (
> EFI_STATUS Status;
> VARIABLE_HEADER *VariablePtr;
> AUTHENTICATED_VARIABLE_HEADER *AuthVariablePtr;
> + VARIABLE_STORE_HEADER
> *VariableStoreHeader[VariableStoreTypeMax];
>
> - Status = VariableServiceGetNextVariableInternal (
> + VariableStoreHeader[VariableStoreTypeVolatile] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.VolatileVariableBase;
> + VariableStoreHeader[VariableStoreTypeHob] =
> (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> >VariableGlobal.HobVariableBase;
> + VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> +
> + Status = GetNextVariableEx (
> VariableName,
> VendorGuid,
> + VariableStoreHeader,
> &VariablePtr
> );
> if (EFI_ERROR (Status)) {
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> new file mode 100644
> index 0000000000..b1b6d8282f
> --- /dev/null
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> @@ -0,0 +1,28 @@
> +/** @file
> + Common variable non-volatile store routines.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "VariableNonVolatile.h"
> +
> +/**
> + Get non-volatile maximum variable size.
> +
> + @return Non-volatile maximum variable size.
> +
> +**/
> +UINTN
> +GetNonVolatileMaxVariableSize (
> + VOID
> + )
> +{
> + if (PcdGet32 (PcdHwErrStorageSize) != 0) {
> + return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> (PcdMaxAuthVariableSize)),
> + PcdGet32 (PcdMaxHardwareErrorVariableSize));
> + } else {
> + return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> (PcdMaxAuthVariableSize));
> + }
> +}
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> new file mode 100644
> index 0000000000..d448e5a264
> --- /dev/null
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> @@ -0,0 +1,816 @@
> +/** @file
> + The common variable helper routines shared by the DXE_RUNTIME
> variable
> + module and the DXE_SMM variable module.
> +
> + Caution: This module requires additional review when modified.
> + This driver will have external input - variable data. They may be input in
> SMM mode.
> + This external input must be validated carefully to avoid security issue like
> + buffer overflow, integer overflow.
> +
> +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
> +
> +**/
> +
> +#include "VariableParsing.h"
> +
> +typedef struct {
> + CONST CHAR16 *VariableName;
> + EFI_GUID *VendorGuid;
> +} VARIABLE_TYPE;
> +
> +VARIABLE_TYPE mAlwaysAuthenticatedVariables[] = {
> + {EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid},
> + {EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid},
> + {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid},
> + {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},
> + {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},
> + {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid},
> +};
> +
> +STATIC BOOLEAN mAuthFormat;
> +
> +/**
> +
> + This code checks if variable header is valid or not.
> +
> + @param Variable Pointer to the Variable Header.
> + @param VariableStoreEnd Pointer to the Variable Store End.
> +
> + @retval TRUE Variable header is valid.
> + @retval FALSE Variable header is not valid.
> +
> +**/
> +BOOLEAN
> +IsValidVariableHeader (
> + IN VARIABLE_HEADER *Variable,
> + IN VARIABLE_HEADER *VariableStoreEnd
> + )
> +{
> + if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable-
> >StartId != VARIABLE_DATA)) {
> + //
> + // Variable is NULL or has reached the end of variable store,
> + // or the StartId is not correct.
> + //
> + return FALSE;
> + }
> +
> + return TRUE;
> +}
> +
> +/**
> +
> + This code gets the current status of Variable Store.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @retval EfiRaw Variable store status is raw.
> + @retval EfiValid Variable store status is valid.
> + @retval EfiInvalid Variable store status is invalid.
> +
> +**/
> +VARIABLE_STORE_STATUS
> +GetVariableStoreStatus (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + )
> +{
> + if ((CompareGuid (&VarStoreHeader->Signature,
> &gEfiAuthenticatedVariableGuid) ||
> + CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
> + VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
> + VarStoreHeader->State == VARIABLE_STORE_HEALTHY
> + ) {
> +
> + return EfiValid;
> + } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
> + ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
> + ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
> + ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
> + VarStoreHeader->Size == 0xffffffff &&
> + VarStoreHeader->Format == 0xff &&
> + VarStoreHeader->State == 0xff
> + ) {
> +
> + return EfiRaw;
> + } else {
> + return EfiInvalid;
> + }
> +}
> +
> +/**
> + This code gets the size of variable header.
> +
> + @return Size of variable header in bytes in type UINTN.
> +
> +**/
> +UINTN
> +GetVariableHeaderSize (
> + VOID
> + )
> +{
> + UINTN Value;
> +
> + if (mAuthFormat) {
> + Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
> + } else {
> + Value = sizeof (VARIABLE_HEADER);
> + }
> +
> + return Value;
> +}
> +
> +/**
> +
> + This code gets the size of name of variable.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return UINTN Size of variable in bytes.
> +
> +**/
> +UINTN
> +NameSizeOfVariable (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> +
> + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> + if (mAuthFormat) {
> + if (AuthVariable->State == (UINT8) (-1) ||
> + AuthVariable->DataSize == (UINT32) (-1) ||
> + AuthVariable->NameSize == (UINT32) (-1) ||
> + AuthVariable->Attributes == (UINT32) (-1)) {
> + return 0;
> + }
> + return (UINTN) AuthVariable->NameSize;
> + } else {
> + if (Variable->State == (UINT8) (-1) ||
> + Variable->DataSize == (UINT32) (-1) ||
> + Variable->NameSize == (UINT32) (-1) ||
> + Variable->Attributes == (UINT32) (-1)) {
> + return 0;
> + }
> + return (UINTN) Variable->NameSize;
> + }
> +}
> +
> +/**
> + This code sets the size of name of variable.
> +
> + @param[in] Variable Pointer to the Variable Header.
> + @param[in] NameSize Name size to set.
> +
> +**/
> +VOID
> +SetNameSizeOfVariable (
> + IN VARIABLE_HEADER *Variable,
> + IN UINTN NameSize
> + )
> +{
> + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> +
> + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> + if (mAuthFormat) {
> + AuthVariable->NameSize = (UINT32) NameSize;
> + } else {
> + Variable->NameSize = (UINT32) NameSize;
> + }
> +}
> +
> +/**
> +
> + This code gets the size of variable data.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Size of variable in bytes.
> +
> +**/
> +UINTN
> +DataSizeOfVariable (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> +
> + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> + if (mAuthFormat) {
> + if (AuthVariable->State == (UINT8) (-1) ||
> + AuthVariable->DataSize == (UINT32) (-1) ||
> + AuthVariable->NameSize == (UINT32) (-1) ||
> + AuthVariable->Attributes == (UINT32) (-1)) {
> + return 0;
> + }
> + return (UINTN) AuthVariable->DataSize;
> + } else {
> + if (Variable->State == (UINT8) (-1) ||
> + Variable->DataSize == (UINT32) (-1) ||
> + Variable->NameSize == (UINT32) (-1) ||
> + Variable->Attributes == (UINT32) (-1)) {
> + return 0;
> + }
> + return (UINTN) Variable->DataSize;
> + }
> +}
> +
> +/**
> + This code sets the size of variable data.
> +
> + @param[in] Variable Pointer to the Variable Header.
> + @param[in] DataSize Data size to set.
> +
> +**/
> +VOID
> +SetDataSizeOfVariable (
> + IN VARIABLE_HEADER *Variable,
> + IN UINTN DataSize
> + )
> +{
> + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> +
> + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> + if (mAuthFormat) {
> + AuthVariable->DataSize = (UINT32) DataSize;
> + } else {
> + Variable->DataSize = (UINT32) DataSize;
> + }
> +}
> +
> +/**
> +
> + This code gets the pointer to the variable name.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to Variable Name which is Unicode encoding.
> +
> +**/
> +CHAR16 *
> +GetVariableNamePtr (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
> +}
> +
> +/**
> + This code gets the pointer to the variable guid.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return A EFI_GUID* pointer to Vendor Guid.
> +
> +**/
> +EFI_GUID *
> +GetVendorGuidPtr (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> +
> + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> + if (mAuthFormat) {
> + return &AuthVariable->VendorGuid;
> + } else {
> + return &Variable->VendorGuid;
> + }
> +}
> +
> +/**
> +
> + This code gets the pointer to the variable data.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to Variable Data.
> +
> +**/
> +UINT8 *
> +GetVariableDataPtr (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + UINTN Value;
> +
> + //
> + // Be careful about pad size for alignment.
> + //
> + Value = (UINTN) GetVariableNamePtr (Variable);
> + Value += NameSizeOfVariable (Variable);
> + Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> +
> + return (UINT8 *) Value;
> +}
> +
> +/**
> + This code gets the variable data offset related to variable header.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Variable Data offset.
> +
> +**/
> +UINTN
> +GetVariableDataOffset (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + UINTN Value;
> +
> + //
> + // Be careful about pad size for alignment
> + //
> + Value = GetVariableHeaderSize ();
> + Value += NameSizeOfVariable (Variable);
> + Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> +
> + return Value;
> +}
> +
> +/**
> +
> + This code gets the pointer to the next variable header.
> +
> + @param Variable Pointer to the Variable Header.
> +
> + @return Pointer to next variable header.
> +
> +**/
> +VARIABLE_HEADER *
> +GetNextVariablePtr (
> + IN VARIABLE_HEADER *Variable
> + )
> +{
> + UINTN Value;
> +
> + Value = (UINTN) GetVariableDataPtr (Variable);
> + Value += DataSizeOfVariable (Variable);
> + Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
> +
> + //
> + // Be careful about pad size for alignment.
> + //
> + return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
> +}
> +
> +/**
> +
> + Gets the pointer to the first variable header in given variable store area.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @return Pointer to the first variable header.
> +
> +**/
> +VARIABLE_HEADER *
> +GetStartPointer (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + )
> +{
> + //
> + // The end of variable store.
> + //
> + return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
> +}
> +
> +/**
> +
> + Gets the pointer to the end of the variable storage area.
> +
> + This function gets pointer to the end of the variable storage
> + area, according to the input variable store header.
> +
> + @param VarStoreHeader Pointer to the Variable Store Header.
> +
> + @return Pointer to the end of the variable storage area.
> +
> +**/
> +VARIABLE_HEADER *
> +GetEndPointer (
> + IN VARIABLE_STORE_HEADER *VarStoreHeader
> + )
> +{
> + //
> + // The end of variable store
> + //
> + return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader +
> VarStoreHeader->Size);
> +}
> +
> +/**
> + Returns if this is a variable that always requires authenticated writes.
> + There may be other scenarios that result in a variable not identified by the
> + function to also require authentication.
> +
> + @param[in] VariableName Name of variable.
> + @param[in] VendorGuid Guid of variable.
> +
> + @retval TRUE The variable always requires authenticated writes
> + @retval FALSE The variable may or may not require authenticated
> writes
> +**/
> +BOOLEAN
> +IsAuthenticatedVariable (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid
> + )
> +{
> + UINTN Index;
> +
> + for (Index = 0; Index < sizeof (mAlwaysAuthenticatedVariables) / sizeof
> (mAlwaysAuthenticatedVariables[0]); Index++) {
> + if ((StrCmp (VariableName,
> mAlwaysAuthenticatedVariables[Index].VariableName) == 0) &&
> + (CompareGuid (VendorGuid,
> mAlwaysAuthenticatedVariables[Index].VendorGuid))) {
> + return TRUE;
> + }
> + }
> + return FALSE;
> +}
> +
> +/**
> + Compare two EFI_TIME data.
> +
> +
> + @param FirstTime A pointer to the first EFI_TIME data.
> + @param SecondTime A pointer to the second EFI_TIME data.
> +
> + @retval TRUE The FirstTime is not later than the SecondTime.
> + @retval FALSE The FirstTime is later than the SecondTime.
> +
> +**/
> +BOOLEAN
> +VariableCompareTimeStampInternal (
> + IN EFI_TIME *FirstTime,
> + IN EFI_TIME *SecondTime
> + )
> +{
> + if (FirstTime->Year != SecondTime->Year) {
> + return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
> + } else if (FirstTime->Month != SecondTime->Month) {
> + return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
> + } else if (FirstTime->Day != SecondTime->Day) {
> + return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
> + } else if (FirstTime->Hour != SecondTime->Hour) {
> + return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
> + } else if (FirstTime->Minute != SecondTime->Minute) {
> + return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
> + }
> +
> + return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
> +}
> +
> +/**
> + Find the variable in the specified variable store.
> +
> + @param[in] VariableName Name of the variable to be found
> + @param[in] VendorGuid Vendor GUID to be found.
> + @param[in] IgnoreRtCheck Ignore EFI_VARIABLE_RUNTIME_ACCESS
> attribute
> + check at runtime when searching variable.
> + @param[in, out] PtrTrack Variable Track Pointer structure that
> contains Variable Information.
> +
> + @retval EFI_SUCCESS Variable found successfully
> + @retval EFI_NOT_FOUND Variable not found
> +**/
> +EFI_STATUS
> +FindVariableEx (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN BOOLEAN IgnoreRtCheck,
> + IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> + )
> +{
> + VARIABLE_HEADER *InDeletedVariable;
> + VOID *Point;
> +
> + PtrTrack->InDeletedTransitionPtr = NULL;
> +
> + //
> + // Find the variable by walk through HOB, volatile and non-volatile variable
> store.
> + //
> + InDeletedVariable = NULL;
> +
> + for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
> + ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
> + ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
> + ) {
> + if (PtrTrack->CurrPtr->State == VAR_ADDED ||
> + PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)
> + ) {
> + if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes &
> EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> + if (VariableName[0] == 0) {
> + if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> + InDeletedVariable = PtrTrack->CurrPtr;
> + } else {
> + PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> + return EFI_SUCCESS;
> + }
> + } else {
> + if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr)))
> {
> + Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
> +
> + ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
> + if (CompareMem (VariableName, Point, NameSizeOfVariable
> (PtrTrack->CurrPtr)) == 0) {
> + if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> + InDeletedVariable = PtrTrack->CurrPtr;
> + } else {
> + PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> + return EFI_SUCCESS;
> + }
> + }
> + }
> + }
> + }
> + }
> + }
> +
> + PtrTrack->CurrPtr = InDeletedVariable;
> + return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
> +}
> +
> +/**
> + This code finds the next available variable.
> +
> + Caution: This function may receive untrusted input.
> + This function may be invoked in SMM mode. This function will do basic
> validation, before parse the data.
> +
> + @param[in] VariableName Pointer to variable name.
> + @param[in] VendorGuid Variable Vendor Guid.
> + @param[in] VariableStoreList A list of variable stores that should be used
> to get the next variable.
> + The maximum number of entries is the max value of
> VARIABLE_STORE_TYPE.
> + @param[out] VariablePtr Pointer to variable header address.
> +
> + @retval EFI_SUCCESS The function completed successfully.
> + @retval EFI_NOT_FOUND The next variable was not found.
> + @retval EFI_INVALID_PARAMETER If VariableName is not an empty string,
> while VendorGuid is NULL.
> + @retval EFI_INVALID_PARAMETER The input values of VariableName and
> VendorGuid are not a name and
> + GUID of an existing variable.
> +
> +**/
> +EFI_STATUS
> +EFIAPI
> +GetNextVariableEx (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN VARIABLE_STORE_HEADER **VariableStoreList,
> + OUT VARIABLE_HEADER **VariablePtr
> + )
> +{
> + EFI_STATUS Status;
> + VARIABLE_STORE_TYPE StoreType;
> + VARIABLE_POINTER_TRACK Variable;
> + VARIABLE_POINTER_TRACK VariableInHob;
> + VARIABLE_POINTER_TRACK VariablePtrTrack;
> +
> + Status = EFI_NOT_FOUND;
> +
> + if (VariableStoreList == NULL) {
> + return EFI_INVALID_PARAMETER;
> + }
> +
> + // Check if the variable exists in the given variable store list
> + for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType <
> VariableStoreTypeMax; StoreType++) {
> + if (VariableStoreList[StoreType] == NULL) {
> + continue;
> + }
> +
> + Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
> + Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
> + Variable.Volatile = (BOOLEAN) (StoreType == VariableStoreTypeVolatile);
> +
> + Status = FindVariableEx (VariableName, VendorGuid, FALSE, &Variable);
> + if (!EFI_ERROR (Status)) {
> + break;
> + }
> + }
> +
> + if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
> + //
> + // For VariableName is an empty string, FindVariable() will try to find and
> return
> + // the first qualified variable, and if FindVariable() returns error
> (EFI_NOT_FOUND)
> + // as no any variable is found, still go to return the error
> (EFI_NOT_FOUND).
> + //
> + if (VariableName[0] != 0) {
> + //
> + // For VariableName is not an empty string, and FindVariable() returns
> error as
> + // VariableName and VendorGuid are not a name and GUID of an
> existing variable,
> + // there is no way to get next variable, follow spec to return
> EFI_INVALID_PARAMETER.
> + //
> + Status = EFI_INVALID_PARAMETER;
> + }
> + goto Done;
> + }
> +
> + if (VariableName[0] != 0) {
> + //
> + // If variable name is not empty, get next variable.
> + //
> + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> + }
> +
> + while (TRUE) {
> + //
> + // Switch to the next variable store if needed
> + //
> + while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
> + //
> + // Find current storage index
> + //
> + for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType <
> VariableStoreTypeMax; StoreType++) {
> + if ((VariableStoreList[StoreType] != NULL) && (Variable.StartPtr ==
> GetStartPointer (VariableStoreList[StoreType]))) {
> + break;
> + }
> + }
> + ASSERT (StoreType < VariableStoreTypeMax);
> + //
> + // Switch to next storage
> + //
> + for (StoreType++; StoreType < VariableStoreTypeMax; StoreType++) {
> + if (VariableStoreList[StoreType] != NULL) {
> + break;
> + }
> + }
> + //
> + // Capture the case that
> + // 1. current storage is the last one, or
> + // 2. no further storage
> + //
> + if (StoreType == VariableStoreTypeMax) {
> + Status = EFI_NOT_FOUND;
> + goto Done;
> + }
> + Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
> + Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
> + Variable.CurrPtr = Variable.StartPtr;
> + }
> +
> + //
> + // Variable is found
> + //
> + if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State ==
> (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
> + if (!AtRuntime () || ((Variable.CurrPtr->Attributes &
> EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> + if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> VAR_ADDED)) {
> + //
> + // If it is a IN_DELETED_TRANSITION variable,
> + // and there is also a same ADDED one at the same time,
> + // don't return it.
> + //
> + VariablePtrTrack.StartPtr = Variable.StartPtr;
> + VariablePtrTrack.EndPtr = Variable.EndPtr;
> + Status = FindVariableEx (
> + GetVariableNamePtr (Variable.CurrPtr),
> + GetVendorGuidPtr (Variable.CurrPtr),
> + FALSE,
> + &VariablePtrTrack
> + );
> + if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State ==
> VAR_ADDED) {
> + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> + continue;
> + }
> + }
> +
> + //
> + // Don't return NV variable when HOB overrides it
> + //
> + if ((VariableStoreList[VariableStoreTypeHob] != NULL) &&
> (VariableStoreList[VariableStoreTypeNv] != NULL) &&
> + (Variable.StartPtr == GetStartPointer
> (VariableStoreList[VariableStoreTypeNv]))
> + ) {
> + VariableInHob.StartPtr = GetStartPointer
> (VariableStoreList[VariableStoreTypeHob]);
> + VariableInHob.EndPtr = GetEndPointer
> (VariableStoreList[VariableStoreTypeHob]);
> + Status = FindVariableEx (
> + GetVariableNamePtr (Variable.CurrPtr),
> + GetVendorGuidPtr (Variable.CurrPtr),
> + FALSE,
> + &VariableInHob
> + );
> + if (!EFI_ERROR (Status)) {
> + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> + continue;
> + }
> + }
> +
> + *VariablePtr = Variable.CurrPtr;
> + Status = EFI_SUCCESS;
> + goto Done;
> + }
> + }
> +
> + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> + }
> +
> +Done:
> + return Status;
> +}
> +
> +/**
> + Routine used to track statistical information about variable usage.
> + The data is stored in the EFI system table so it can be accessed later.
> + VariableInfo.efi can dump out the table. Only Boot Services variable
> + accesses are tracked by this code. The PcdVariableCollectStatistics
> + build flag controls if this feature is enabled.
> +
> + A read that hits in the cache will have Read and Cache true for
> + the transaction. Data is allocated by this routine, but never
> + freed.
> +
> + @param[in] VariableName Name of the Variable to track.
> + @param[in] VendorGuid Guid of the Variable to track.
> + @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> + @param[in] Read TRUE if GetVariable() was called.
> + @param[in] Write TRUE if SetVariable() was called.
> + @param[in] Delete TRUE if deleted via SetVariable().
> + @param[in] Cache TRUE for a cache hit.
> + @param[in,out] VariableInfo Pointer to a pointer of
> VARIABLE_INFO_ENTRY structures.
> +
> +**/
> +VOID
> +UpdateVariableInfo (
> + IN CHAR16 *VariableName,
> + IN EFI_GUID *VendorGuid,
> + IN BOOLEAN Volatile,
> + IN BOOLEAN Read,
> + IN BOOLEAN Write,
> + IN BOOLEAN Delete,
> + IN BOOLEAN Cache,
> + IN OUT VARIABLE_INFO_ENTRY **VariableInfo
> + )
> +{
> + VARIABLE_INFO_ENTRY *Entry;
> +
> + if (FeaturePcdGet (PcdVariableCollectStatistics)) {
> + if (VariableName == NULL || VendorGuid == NULL || VariableInfo ==
> NULL) {
> + return;
> + }
> + if (AtRuntime ()) {
> + // Don't collect statistics at runtime.
> + return;
> + }
> +
> + if (*VariableInfo == NULL) {
> + //
> + // On the first call allocate a entry and place a pointer to it in
> + // the EFI System Table.
> + //
> + *VariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> + ASSERT (*VariableInfo != NULL);
> +
> + CopyGuid (&(*VariableInfo)->VendorGuid, VendorGuid);
> + (*VariableInfo)->Name = AllocateZeroPool (StrSize (VariableName));
> + ASSERT ((*VariableInfo)->Name != NULL);
> + StrCpyS ((*VariableInfo)->Name, StrSize(VariableName)/sizeof(CHAR16),
> VariableName);
> + (*VariableInfo)->Volatile = Volatile;
> + }
> +
> +
> + for (Entry = (*VariableInfo); Entry != NULL; Entry = Entry->Next) {
> + if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
> + if (StrCmp (VariableName, Entry->Name) == 0) {
> + if (Read) {
> + Entry->ReadCount++;
> + }
> + if (Write) {
> + Entry->WriteCount++;
> + }
> + if (Delete) {
> + Entry->DeleteCount++;
> + }
> + if (Cache) {
> + Entry->CacheCount++;
> + }
> +
> + return;
> + }
> + }
> +
> + if (Entry->Next == NULL) {
> + //
> + // If the entry is not in the table add it.
> + // Next iteration of the loop will fill in the data.
> + //
> + Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> + ASSERT (Entry->Next != NULL);
> +
> + CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
> + Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
> + ASSERT (Entry->Next->Name != NULL);
> + StrCpyS (Entry->Next->Name, StrSize(VariableName)/sizeof(CHAR16),
> VariableName);
> + Entry->Next->Volatile = Volatile;
> + }
> + }
> + }
> +}
> +
> +/**
> + Initializes context needed for variable helpers.
> +
> + @param[in] AuthFormat If true then indicates authenticated
> variables are supported
> +
> + @retval EFI_SUCCESS Initialized successfully
> + @retval Others An error occurred during initialization
> +**/
> +EFI_STATUS
> +EFIAPI
> +InitVariableHelpers (
> + IN BOOLEAN AuthFormat
> + )
> +{
> + mAuthFormat = AuthFormat;
> +
> + return EFI_SUCCESS;
> +}
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> index ec463d063e..bda531d104 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> @@ -30,6 +30,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>
> #include <Guid/SmmVariableCommon.h>
> #include "Variable.h"
> +#include "VariableNonVolatile.h"
> +#include "VariableParsing.h"
>
> BOOLEAN mAtRuntime = FALSE;
> UINT8 *mVariableBufferPayload = NULL;
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.c
> index 0a1888e5ef..5bf90039d6 100644
> ---
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.c
> +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> e.c
> @@ -13,7 +13,7 @@
>
> InitCommunicateBuffer() is really function to check the variable data size.
>
> -Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -39,6 +39,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> #include <Guid/SmmVariableCommon.h>
>
> #include "PrivilegePolymorphic.h"
> +#include "VariableParsing.h"
>
> EFI_HANDLE mHandle = NULL;
> EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable = NULL;
> --
> 2.16.2.windows.1
>
>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [edk2-devel] [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions
2019-09-27 8:17 ` [edk2-devel] " Wu, Hao A
@ 2019-09-27 17:31 ` Kubacki, Michael A
0 siblings, 0 replies; 13+ messages in thread
From: Kubacki, Michael A @ 2019-09-27 17:31 UTC (permalink / raw)
To: Wu, Hao A, devel@edk2.groups.io
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Laszlo Ersek, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Yao, Jiewen
Hi Hao,
Thanks for the feedback. I left my replies inline.
Thanks,
Michael
> -----Original Message-----
> From: Wu, Hao A <hao.a.wu@intel.com>
> Sent: Friday, September 27, 2019 1:18 AM
> To: devel@edk2.groups.io; Kubacki, Michael A
> <michael.a.kubacki@intel.com>
> Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Laszlo Ersek
> <lersek@redhat.com>; Gao, Liming <liming.gao@intel.com>; Kinney, Michael
> D <michael.d.kinney@intel.com>; Ni, Ray <ray.ni@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: RE: [edk2-devel] [PATCH V1 1/5] MdeModulePkg/Variable:
> Consolidate common parsing functions
>
> > -----Original Message-----
> > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> > Kubacki, Michael A
> > Sent: Thursday, September 26, 2019 12:51 PM
> > To: devel@edk2.groups.io
> > Cc: Bi, Dandan; Ard Biesheuvel; Dong, Eric; Laszlo Ersek; Gao, Liming;
> Kinney,
> > Michael D; Ni, Ray; Wang, Jian J; Wu, Hao A; Yao, Jiewen
> > Subject: [edk2-devel] [PATCH V1 1/5] MdeModulePkg/Variable:
> Consolidate
> > common parsing functions
> >
> > This change moves the following functions into a dedicated file
> > so they may be used in other variable files as needed. Furthermore,
> > it reduces the overall size of the common Variable.c file.
> >
> > * DataSizeOfVariable ()
> > * FindVariableEx ()
> > * GetEndPointer ()
> > * GetNextVariableEx ()
> > * GetNextVariablePtr ()
> > * GetStartPointer ()
> > * GetVariableDataOffset ()
> > * GetVariableDataPtr ()
> > * GetVariableHeaderSize ()
> > * GetVariableNamePtr ()
> > * GetVariableStoreStatus ()
> > * GetVendorGuidPtr ()
> > * IsAuthenticatedVariable ()
> > * IsValidVariableHeader ()
> > * NameSizeOfVariable ()
> > * SetDataSizeOfVariable ()
> > * SetNameSizeOfVariable ()
> > * UpdateVariableInfo ()
> > * VariableCompareTimeStampInternal ()
>
>
> Hello,
>
> Some thoughts for this patch:
> (Sorry for not being able to going through the whole series, and please grant
> more time for the review of other patches.)
>
> 0. I would suggest this patch only changing the location for functions.
> Modifications that might have functional impact need be separated to other
> independent patches.
>
I agree this should be a 2-step process. I will break this patch into a patch that simply
moves the functions and then others that make functional updates in a granular fashion.
> 1. For UpdateVariableInfo(), I think it is still possible for file
> VariableParsing.c to reference 'gVariableInfo'. The additional input
> parameter
> can be drop, in my opinion.
>
That is true. This decision was made because I had a preference to describing
required inputs in the function interface and not rely upon link-time binding
with global variables in different drivers (VariableSmmRuntimeDxe and
VariableSmm).
Do you feel strongly this should be changed?
> 2. It would be better for the removal of
> VariableServiceGetNextVariableInternal()
> to be a separate patch.
>
Sure. I can add this as a new patch after patch #1 in this series. I think this is related
to your comment #0.
It was moved to VariableParsing.c and renamed to
GetNextVariableNameEx () since it is available outside the scope of the file.
> 3. Maybe the introduce of InitVariableHelpers() can be separated to another
> patch.
> Also, I think variable 'mVariableModuleGlobal' can be referred in file
> VariableParsing.c.
>
> Is the intention of adding InitVariableHelpers() to reduce code length
> from:
> if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> to:
> if (mAuthFormat) {
>
mVariableModuleGlobal is available to other translation units in the same module
as Variable.c.
VariableParsing.c provides a more generic set of functionality that is available to
modules that do not link against Variable.c. For example, VariableSmmRuntimeDxe.
The driver that ultimately reads from flash and can access the variable store signature
to determine whether authenticated variables are being used is the SMM driver. This
information is given to the Runtime DXE driver through the
SMM_VARIABLE_FUNCTION_GET_RUNTIME_CACHE_INFO SMI during initialization
which is then passed to InitVariableHelpers () so the functions have the authenticated
variable status available regardless of which driver the files is linked against.
Also, I will change the name from InitVariableHelpers () to InitVariableParsing () in
the next patch.
> 4. I am confused for the changes made in:
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
> c
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
> nf
>
> Originally, for VariableSmmRuntimeDxe.inf, the source code file includes:
> [Sources]
> VariableSmmRuntimeDxe.c
> PrivilegePolymorphic.h
> Measurement.c
>
> The proposed patch only adds the below header inclusion:
> #include "VariableParsing.h"
> to file VariableSmmRuntimeDxe.c, which has no functional impact in my
> opinion.
>
> Could you help to check whether changes made for
> VariableSmmRuntimeDxe is needed?
>
You're right that the changes do not cause a functional impact in this patch and
that they are not needed in the patch. They are needed in patch #3 when to assist
with runtime cache variable operations in the file.
I will move the header file inclusion to the patch when the runtime cache changes are
Introduced.
> Best Regards,
> Hao Wu
>
>
> >
> > Cc: Dandan Bi <dandan.bi@intel.com>
> > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > Cc: Eric Dong <eric.dong@intel.com>
> > Cc: Laszlo Ersek <lersek@redhat.com>
> > Cc: Liming Gao <liming.gao@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao A Wu <hao.a.wu@intel.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> > ---
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > | 4 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf |
> 4
> > +
> >
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
> > nf | 8 +-
> >
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
> > | 9 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h | 119 -
> --
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> |
> > 25 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h |
> > 342 ++++++++
> > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 784
> +--
> > ----------------
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c |
> 11
> > +-
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> |
> > 28 +
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c |
> > 816 ++++++++++++++++++++
> > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c |
> 2
> > +
> >
> >
> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
> > c | 3 +-
> > 13 files changed, 1273 insertions(+), 882 deletions(-)
> >
> > diff --git
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > index 641376c9c5..08a5490787 100644
> > ---
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > +++
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> > @@ -36,6 +36,10 @@
> > Variable.c
> > VariableDxe.c
> > Variable.h
> > + VariableNonVolatile.c
> > + VariableNonVolatile.h
> > + VariableParsing.c
> > + VariableParsing.h
> > PrivilegePolymorphic.h
> > Measurement.c
> > TcgMorLockDxe.c
> > diff --git
> > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> > index 0a160d269d..6dc2721b81 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
> > @@ -45,6 +45,10 @@
> > Variable.c
> > VariableTraditionalMm.c
> > VariableSmm.c
> > + VariableNonVolatile.c
> > + VariableNonVolatile.h
> > + VariableParsing.c
> > + VariableParsing.h
> > VarCheck.c
> > Variable.h
> > PrivilegePolymorphic.h
> > diff --git
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.inf
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.inf
> > index 14894e6f13..1873b4fe43 100644
> > ---
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.inf
> > +++
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.inf
> > @@ -13,7 +13,7 @@
> > # may not be modified without authorization. If platform fails to protect
> > these resources,
> > # the authentication service provided in this driver will be broken, and the
> > behavior is undefined.
> > #
> > -# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
> > +# Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> > # SPDX-License-Identifier: BSD-2-Clause-Patent
> > #
> > ##
> > @@ -39,6 +39,9 @@
> > VariableSmmRuntimeDxe.c
> > PrivilegePolymorphic.h
> > Measurement.c
> > + Variable.h
> > + VariableParsing.c
> > + VariableParsing.h
> >
> > [Packages]
> > MdePkg/MdePkg.dec
> > @@ -65,6 +68,9 @@
> > gEdkiiVariableLockProtocolGuid ## PRODUCES
> > gEdkiiVarCheckProtocolGuid ## PRODUCES
> >
> > +[FeaturePcd]
> > + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics
> ##
> > CONSUMES
> > +
> > [Guids]
> > gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
> > gEfiEventExitBootServicesGuid ## CONSUMES ## Event
> > diff --git
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.i
> > nf
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.
> > inf
> > index 21bc81163b..ca9d23ce9f 100644
> > ---
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.i
> > nf
> > +++
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.
> > inf
> > @@ -45,6 +45,10 @@
> > Variable.c
> > VariableSmm.c
> > VariableStandaloneMm.c
> > + VariableNonVolatile.c
> > + VariableNonVolatile.h
> > + VariableParsing.c
> > + VariableParsing.h
> > VarCheck.c
> > Variable.h
> > PrivilegePolymorphic.h
> > @@ -99,6 +103,11 @@
> > ## SOMETIMES_PRODUCES ## Variable:L"Lang"
> > gEfiGlobalVariableGuid
> >
> > + ## SOMETIMES_CONSUMES ## Variable:L"db"
> > + ## SOMETIMES_CONSUMES ## Variable:L"dbx"
> > + ## SOMETIMES_CONSUMES ## Variable:L"dbt"
> > + gEfiImageSecurityDatabaseGuid
> > +
> > gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES
> > ## Variable:L"MemoryOverwriteRequestControl"
> > gEfiMemoryOverwriteRequestControlLockGuid ##
> > SOMETIMES_PRODUCES ##
> > Variable:L"MemoryOverwriteRequestControlLock"
> >
> > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> > index 9eac43759f..fb574b2e32 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h
> > @@ -179,89 +179,6 @@ FindVariable (
> > IN BOOLEAN IgnoreRtCheck
> > );
> >
> > -/**
> > -
> > - Gets the pointer to the end of the variable storage area.
> > -
> > - This function gets pointer to the end of the variable storage
> > - area, according to the input variable store header.
> > -
> > - @param VarStoreHeader Pointer to the Variable Store Header.
> > -
> > - @return Pointer to the end of the variable storage area.
> > -
> > -**/
> > -VARIABLE_HEADER *
> > -GetEndPointer (
> > - IN VARIABLE_STORE_HEADER *VarStoreHeader
> > - );
> > -
> > -/**
> > - This code gets the size of variable header.
> > -
> > - @return Size of variable header in bytes in type UINTN.
> > -
> > -**/
> > -UINTN
> > -GetVariableHeaderSize (
> > - VOID
> > - );
> > -
> > -/**
> > -
> > - This code gets the pointer to the variable name.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Pointer to Variable Name which is Unicode encoding.
> > -
> > -**/
> > -CHAR16 *
> > -GetVariableNamePtr (
> > - IN VARIABLE_HEADER *Variable
> > - );
> > -
> > -/**
> > - This code gets the pointer to the variable guid.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return A EFI_GUID* pointer to Vendor Guid.
> > -
> > -**/
> > -EFI_GUID *
> > -GetVendorGuidPtr (
> > - IN VARIABLE_HEADER *Variable
> > - );
> > -
> > -/**
> > -
> > - This code gets the pointer to the variable data.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Pointer to Variable Data.
> > -
> > -**/
> > -UINT8 *
> > -GetVariableDataPtr (
> > - IN VARIABLE_HEADER *Variable
> > - );
> > -
> > -/**
> > -
> > - This code gets the size of variable data.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Size of variable in bytes.
> > -
> > -**/
> > -UINTN
> > -DataSizeOfVariable (
> > - IN VARIABLE_HEADER *Variable
> > - );
> > -
> > /**
> > This function is to check if the remaining variable space is enough to set
> > all Variables from argument list successfully. The purpose of the check
> > @@ -450,17 +367,6 @@ ReclaimForOS(
> > VOID
> > );
> >
> > -/**
> > - Get non-volatile maximum variable size.
> > -
> > - @return Non-volatile maximum variable size.
> > -
> > -**/
> > -UINTN
> > -GetNonVolatileMaxVariableSize (
> > - VOID
> > - );
> > -
> > /**
> > Get maximum variable size, covering both non-volatile and volatile
> variables.
> >
> > @@ -546,31 +452,6 @@ VariableServiceGetVariable (
> > OUT VOID *Data OPTIONAL
> > );
> >
> > -/**
> > - This code Finds the Next available variable.
> > -
> > - Caution: This function may receive untrusted input.
> > - This function may be invoked in SMM mode. This function will do basic
> > validation, before parse the data.
> > -
> > - @param[in] VariableName Pointer to variable name.
> > - @param[in] VendorGuid Variable Vendor Guid.
> > - @param[out] VariablePtr Pointer to variable header address.
> > -
> > - @retval EFI_SUCCESS The function completed successfully.
> > - @retval EFI_NOT_FOUND The next variable was not found.
> > - @retval EFI_INVALID_PARAMETER If VariableName is not an empty
> string,
> > while VendorGuid is NULL.
> > - @retval EFI_INVALID_PARAMETER The input values of VariableName and
> > VendorGuid are not a name and
> > - GUID of an existing variable.
> > -
> > -**/
> > -EFI_STATUS
> > -EFIAPI
> > -VariableServiceGetNextVariableInternal (
> > - IN CHAR16 *VariableName,
> > - IN EFI_GUID *VendorGuid,
> > - OUT VARIABLE_HEADER **VariablePtr
> > - );
> > -
> > /**
> >
> > This code Finds the Next available variable.
> > diff --git
> > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > new file mode 100644
> > index 0000000000..82572262ef
> > --- /dev/null
> > +++
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
> > @@ -0,0 +1,25 @@
> > +/** @file
> > + Common variable non-volatile store routines.
> > +
> > +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#ifndef _VARIABLE_NON_VOLATILE_H_
> > +#define _VARIABLE_NON_VOLATILE_H_
> > +
> > +#include "Variable.h"
> > +
> > +/**
> > + Get non-volatile maximum variable size.
> > +
> > + @return Non-volatile maximum variable size.
> > +
> > +**/
> > +UINTN
> > +GetNonVolatileMaxVariableSize (
> > + VOID
> > + );
> > +
> > +#endif
> > diff --git
> > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > new file mode 100644
> > index 0000000000..bd617fca10
> > --- /dev/null
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > @@ -0,0 +1,342 @@
> > +/** @file
> > + Common variable helper routines are shared by the DXE_RUNTIME
> > variable
> > + module and the DXE_SMM variable module.
> > +
> > +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#ifndef _VARIABLE_PARSING_H_
> > +#define _VARIABLE_PARSING_H_
> > +
> > +#include <Guid/ImageAuthentication.h>
> > +#include "Variable.h"
> > +
> > +/**
> > +
> > + This code checks if variable header is valid or not.
> > +
> > + @param Variable Pointer to the Variable Header.
> > + @param VariableStoreEnd Pointer to the Variable Store End.
> > +
> > + @retval TRUE Variable header is valid.
> > + @retval FALSE Variable header is not valid.
> > +
> > +**/
> > +BOOLEAN
> > +IsValidVariableHeader (
> > + IN VARIABLE_HEADER *Variable,
> > + IN VARIABLE_HEADER *VariableStoreEnd
> > + );
> > +
> > +/**
> > +
> > + This code gets the current status of Variable Store.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @retval EfiRaw Variable store status is raw.
> > + @retval EfiValid Variable store status is valid.
> > + @retval EfiInvalid Variable store status is invalid.
> > +
> > +**/
> > +VARIABLE_STORE_STATUS
> > +GetVariableStoreStatus (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + );
> > +
> > +/**
> > + This code gets the size of variable header.
> > +
> > + @return Size of variable header in bytes in type UINTN.
> > +
> > +**/
> > +UINTN
> > +GetVariableHeaderSize (
> > + VOID
> > + );
> > +
> > +/**
> > +
> > + This code gets the size of name of variable.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return UINTN Size of variable in bytes.
> > +
> > +**/
> > +UINTN
> > +NameSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > + This code sets the size of name of variable.
> > +
> > + @param[in] Variable Pointer to the Variable Header.
> > + @param[in] NameSize Name size to set.
> > +
> > +**/
> > +VOID
> > +SetNameSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable,
> > + IN UINTN NameSize
> > + );
> > +
> > +/**
> > +
> > + This code gets the size of variable data.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Size of variable in bytes.
> > +
> > +**/
> > +UINTN
> > +DataSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > + This code sets the size of variable data.
> > +
> > + @param[in] Variable Pointer to the Variable Header.
> > + @param[in] DataSize Data size to set.
> > +
> > +**/
> > +VOID
> > +SetDataSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable,
> > + IN UINTN DataSize
> > + );
> > +
> > +/**
> > +
> > + This code gets the pointer to the variable name.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to Variable Name which is Unicode encoding.
> > +
> > +**/
> > +CHAR16 *
> > +GetVariableNamePtr (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > + This code gets the pointer to the variable guid.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return A EFI_GUID* pointer to Vendor Guid.
> > +
> > +**/
> > +EFI_GUID *
> > +GetVendorGuidPtr (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > +
> > + This code gets the pointer to the variable data.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to Variable Data.
> > +
> > +**/
> > +UINT8 *
> > +GetVariableDataPtr (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > + This code gets the variable data offset related to variable header.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Variable Data offset.
> > +
> > +**/
> > +UINTN
> > +GetVariableDataOffset (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > +
> > + This code gets the pointer to the next variable header.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to next variable header.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetNextVariablePtr (
> > + IN VARIABLE_HEADER *Variable
> > + );
> > +
> > +/**
> > +
> > + Gets the pointer to the first variable header in given variable store area.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @return Pointer to the first variable header.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetStartPointer (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + );
> > +
> > +/**
> > +
> > + Gets the pointer to the end of the variable storage area.
> > +
> > + This function gets pointer to the end of the variable storage
> > + area, according to the input variable store header.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @return Pointer to the end of the variable storage area.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetEndPointer (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + );
> > +
> > +/**
> > + Returns if this is a variable that always requires authenticated writes.
> > + There may be other scenarios that result in a variable not identified by
> the
> > + function to also require authentication.
> > +
> > + @param[in] VariableName Name of variable.
> > + @param[in] VendorGuid Guid of variable.
> > +
> > + @retval TRUE The variable always requires authenticated writes
> > + @retval FALSE The variable may or may not require authenticated
> > writes
> > +**/
> > +BOOLEAN
> > +IsAuthenticatedVariable (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid
> > + );
> > +
> > +/**
> > + Compare two EFI_TIME data.
> > +
> > +
> > + @param FirstTime A pointer to the first EFI_TIME data.
> > + @param SecondTime A pointer to the second EFI_TIME data.
> > +
> > + @retval TRUE The FirstTime is not later than the SecondTime.
> > + @retval FALSE The FirstTime is later than the SecondTime.
> > +
> > +**/
> > +BOOLEAN
> > +VariableCompareTimeStampInternal (
> > + IN EFI_TIME *FirstTime,
> > + IN EFI_TIME *SecondTime
> > + );
> > +
> > +/**
> > + Find the variable in the specified variable store.
> > +
> > + @param[in] VariableName Name of the variable to be found
> > + @param[in] VendorGuid Vendor GUID to be found.
> > + @param[in] IgnoreRtCheck Ignore
> EFI_VARIABLE_RUNTIME_ACCESS
> > attribute
> > + check at runtime when searching variable.
> > + @param[in, out] PtrTrack Variable Track Pointer structure that
> > contains Variable Information.
> > +
> > + @retval EFI_SUCCESS Variable found successfully
> > + @retval EFI_NOT_FOUND Variable not found
> > +**/
> > +EFI_STATUS
> > +FindVariableEx (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN BOOLEAN IgnoreRtCheck,
> > + IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> > + );
> > +
> > +/**
> > + This code finds the next available variable.
> > +
> > + Caution: This function may receive untrusted input.
> > + This function may be invoked in SMM mode. This function will do basic
> > validation, before parse the data.
> > +
> > + @param[in] VariableName Pointer to variable name.
> > + @param[in] VendorGuid Variable Vendor Guid.
> > + @param[in] VariableStoreList A list of variable stores that should be
> used
> > to get the next variable.
> > + The maximum number of entries is the max value of
> > VARIABLE_STORE_TYPE.
> > + @param[out] VariablePtr Pointer to variable header address.
> > +
> > + @retval EFI_SUCCESS The function completed successfully.
> > + @retval EFI_NOT_FOUND The next variable was not found.
> > + @retval EFI_INVALID_PARAMETER If VariableName is nt an empty string,
> > while VendorGuid is NULL.
> > + @retval EFI_INVALID_PARAMETER The input values of VariableName
> and
> > VendorGuid are not a name and
> > + GUID of an existing variable.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +GetNextVariableEx (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN VARIABLE_STORE_HEADER **VariableStoreList,
> > + OUT VARIABLE_HEADER **VariablePtr
> > + );
> > +
> > +/**
> > + Routine used to track statistical information about variable usage.
> > + The data is stored in the EFI system table so it can be accessed later.
> > + VariableInfo.efi can dump out the table. Only Boot Services variable
> > + accesses are tracked by this code. The PcdVariableCollectStatistics
> > + build flag controls if this feature is enabled.
> > +
> > + A read that hits in the cache will have Read and Cache true for
> > + the transaction. Data is allocated by this routine, but never
> > + freed.
> > +
> > + @param[in] VariableName Name of the Variable to track.
> > + @param[in] VendorGuid Guid of the Variable to track.
> > + @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> > + @param[in] Read TRUE if GetVariable() was called.
> > + @param[in] Write TRUE if SetVariable() was called.
> > + @param[in] Delete TRUE if deleted via SetVariable().
> > + @param[in] Cache TRUE for a cache hit.
> > + @param[in,out] VariableInfo Pointer to a pointer of
> > VARIABLE_INFO_ENTRY structures.
> > +
> > +**/
> > +VOID
> > +UpdateVariableInfo (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN BOOLEAN Volatile,
> > + IN BOOLEAN Read,
> > + IN BOOLEAN Write,
> > + IN BOOLEAN Delete,
> > + IN BOOLEAN Cache,
> > + IN OUT VARIABLE_INFO_ENTRY **VariableInfo
> > + );
> > +
> > +/**
> > + Initializes context needed for variable helpers.
> > +
> > + @param[in] AuthFormat If true then indicates authenticated
> > variables are supported
> > +
> > + @retval EFI_SUCCESS Initialized successfully
> > + @retval Others An error occurred during initialization
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +InitVariableHelpers (
> > + IN BOOLEAN AuthFormat
> > + );
> > +
> > +#endif
> > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > index f32c9c2808..d14fecc830 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > @@ -23,6 +23,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > **/
> >
> > #include "Variable.h"
> > +#include "VariableNonVolatile.h"
> > +#include "VariableParsing.h"
> >
> > VARIABLE_MODULE_GLOBAL *mVariableModuleGlobal;
> >
> > @@ -92,131 +94,6 @@ AUTH_VAR_LIB_CONTEXT_IN mAuthContextIn = {
> >
> > AUTH_VAR_LIB_CONTEXT_OUT mAuthContextOut;
> >
> > -/**
> > - Routine used to track statistical information about variable usage.
> > - The data is stored in the EFI system table so it can be accessed later.
> > - VariableInfo.efi can dump out the table. Only Boot Services variable
> > - accesses are tracked by this code. The PcdVariableCollectStatistics
> > - build flag controls if this feature is enabled.
> > -
> > - A read that hits in the cache will have Read and Cache true for
> > - the transaction. Data is allocated by this routine, but never
> > - freed.
> > -
> > - @param[in] VariableName Name of the Variable to track.
> > - @param[in] VendorGuid Guid of the Variable to track.
> > - @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> > - @param[in] Read TRUE if GetVariable() was called.
> > - @param[in] Write TRUE if SetVariable() was called.
> > - @param[in] Delete TRUE if deleted via SetVariable().
> > - @param[in] Cache TRUE for a cache hit.
> > -
> > -**/
> > -VOID
> > -UpdateVariableInfo (
> > - IN CHAR16 *VariableName,
> > - IN EFI_GUID *VendorGuid,
> > - IN BOOLEAN Volatile,
> > - IN BOOLEAN Read,
> > - IN BOOLEAN Write,
> > - IN BOOLEAN Delete,
> > - IN BOOLEAN Cache
> > - )
> > -{
> > - VARIABLE_INFO_ENTRY *Entry;
> > -
> > - if (FeaturePcdGet (PcdVariableCollectStatistics)) {
> > -
> > - if (AtRuntime ()) {
> > - // Don't collect statistics at runtime.
> > - return;
> > - }
> > -
> > - if (gVariableInfo == NULL) {
> > - //
> > - // On the first call allocate a entry and place a pointer to it in
> > - // the EFI System Table.
> > - //
> > - gVariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> > - ASSERT (gVariableInfo != NULL);
> > -
> > - CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
> > - gVariableInfo->Name = AllocateZeroPool (StrSize (VariableName));
> > - ASSERT (gVariableInfo->Name != NULL);
> > - StrCpyS (gVariableInfo->Name, StrSize(VariableName)/sizeof(CHAR16),
> > VariableName);
> > - gVariableInfo->Volatile = Volatile;
> > - }
> > -
> > -
> > - for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) {
> > - if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
> > - if (StrCmp (VariableName, Entry->Name) == 0) {
> > - if (Read) {
> > - Entry->ReadCount++;
> > - }
> > - if (Write) {
> > - Entry->WriteCount++;
> > - }
> > - if (Delete) {
> > - Entry->DeleteCount++;
> > - }
> > - if (Cache) {
> > - Entry->CacheCount++;
> > - }
> > -
> > - return;
> > - }
> > - }
> > -
> > - if (Entry->Next == NULL) {
> > - //
> > - // If the entry is not in the table add it.
> > - // Next iteration of the loop will fill in the data.
> > - //
> > - Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> > - ASSERT (Entry->Next != NULL);
> > -
> > - CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
> > - Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
> > - ASSERT (Entry->Next->Name != NULL);
> > - StrCpyS (Entry->Next->Name, StrSize(VariableName)/sizeof(CHAR16),
> > VariableName);
> > - Entry->Next->Volatile = Volatile;
> > - }
> > -
> > - }
> > - }
> > -}
> > -
> > -
> > -/**
> > -
> > - This code checks if variable header is valid or not.
> > -
> > - @param Variable Pointer to the Variable Header.
> > - @param VariableStoreEnd Pointer to the Variable Store End.
> > -
> > - @retval TRUE Variable header is valid.
> > - @retval FALSE Variable header is not valid.
> > -
> > -**/
> > -BOOLEAN
> > -IsValidVariableHeader (
> > - IN VARIABLE_HEADER *Variable,
> > - IN VARIABLE_HEADER *VariableStoreEnd
> > - )
> > -{
> > - if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable-
> > >StartId != VARIABLE_DATA)) {
> > - //
> > - // Variable is NULL or has reached the end of variable store,
> > - // or the StartId is not correct.
> > - //
> > - return FALSE;
> > - }
> > -
> > - return TRUE;
> > -}
> > -
> > -
> > /**
> >
> > This function writes data to the FWH at the correct LBA even if the LBAs
> > @@ -376,345 +253,6 @@ UpdateVariableStore (
> > return EFI_SUCCESS;
> > }
> >
> > -
> > -/**
> > -
> > - This code gets the current status of Variable Store.
> > -
> > - @param VarStoreHeader Pointer to the Variable Store Header.
> > -
> > - @retval EfiRaw Variable store status is raw.
> > - @retval EfiValid Variable store status is valid.
> > - @retval EfiInvalid Variable store status is invalid.
> > -
> > -**/
> > -VARIABLE_STORE_STATUS
> > -GetVariableStoreStatus (
> > - IN VARIABLE_STORE_HEADER *VarStoreHeader
> > - )
> > -{
> > - if ((CompareGuid (&VarStoreHeader->Signature,
> > &gEfiAuthenticatedVariableGuid) ||
> > - CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
> > - VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
> > - VarStoreHeader->State == VARIABLE_STORE_HEALTHY
> > - ) {
> > -
> > - return EfiValid;
> > - } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
> > - ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
> > - ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
> > - ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
> > - VarStoreHeader->Size == 0xffffffff &&
> > - VarStoreHeader->Format == 0xff &&
> > - VarStoreHeader->State == 0xff
> > - ) {
> > -
> > - return EfiRaw;
> > - } else {
> > - return EfiInvalid;
> > - }
> > -}
> > -
> > -/**
> > - This code gets the size of variable header.
> > -
> > - @return Size of variable header in bytes in type UINTN.
> > -
> > -**/
> > -UINTN
> > -GetVariableHeaderSize (
> > - VOID
> > - )
> > -{
> > - UINTN Value;
> > -
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
> > - } else {
> > - Value = sizeof (VARIABLE_HEADER);
> > - }
> > -
> > - return Value;
> > -}
> > -
> > -/**
> > -
> > - This code gets the size of name of variable.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return UINTN Size of variable in bytes.
> > -
> > -**/
> > -UINTN
> > -NameSizeOfVariable (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > -
> > - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - if (AuthVariable->State == (UINT8) (-1) ||
> > - AuthVariable->DataSize == (UINT32) (-1) ||
> > - AuthVariable->NameSize == (UINT32) (-1) ||
> > - AuthVariable->Attributes == (UINT32) (-1)) {
> > - return 0;
> > - }
> > - return (UINTN) AuthVariable->NameSize;
> > - } else {
> > - if (Variable->State == (UINT8) (-1) ||
> > - Variable->DataSize == (UINT32) (-1) ||
> > - Variable->NameSize == (UINT32) (-1) ||
> > - Variable->Attributes == (UINT32) (-1)) {
> > - return 0;
> > - }
> > - return (UINTN) Variable->NameSize;
> > - }
> > -}
> > -
> > -/**
> > - This code sets the size of name of variable.
> > -
> > - @param[in] Variable Pointer to the Variable Header.
> > - @param[in] NameSize Name size to set.
> > -
> > -**/
> > -VOID
> > -SetNameSizeOfVariable (
> > - IN VARIABLE_HEADER *Variable,
> > - IN UINTN NameSize
> > - )
> > -{
> > - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > -
> > - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - AuthVariable->NameSize = (UINT32) NameSize;
> > - } else {
> > - Variable->NameSize = (UINT32) NameSize;
> > - }
> > -}
> > -
> > -/**
> > -
> > - This code gets the size of variable data.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Size of variable in bytes.
> > -
> > -**/
> > -UINTN
> > -DataSizeOfVariable (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > -
> > - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - if (AuthVariable->State == (UINT8) (-1) ||
> > - AuthVariable->DataSize == (UINT32) (-1) ||
> > - AuthVariable->NameSize == (UINT32) (-1) ||
> > - AuthVariable->Attributes == (UINT32) (-1)) {
> > - return 0;
> > - }
> > - return (UINTN) AuthVariable->DataSize;
> > - } else {
> > - if (Variable->State == (UINT8) (-1) ||
> > - Variable->DataSize == (UINT32) (-1) ||
> > - Variable->NameSize == (UINT32) (-1) ||
> > - Variable->Attributes == (UINT32) (-1)) {
> > - return 0;
> > - }
> > - return (UINTN) Variable->DataSize;
> > - }
> > -}
> > -
> > -/**
> > - This code sets the size of variable data.
> > -
> > - @param[in] Variable Pointer to the Variable Header.
> > - @param[in] DataSize Data size to set.
> > -
> > -**/
> > -VOID
> > -SetDataSizeOfVariable (
> > - IN VARIABLE_HEADER *Variable,
> > - IN UINTN DataSize
> > - )
> > -{
> > - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > -
> > - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - AuthVariable->DataSize = (UINT32) DataSize;
> > - } else {
> > - Variable->DataSize = (UINT32) DataSize;
> > - }
> > -}
> > -
> > -/**
> > -
> > - This code gets the pointer to the variable name.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Pointer to Variable Name which is Unicode encoding.
> > -
> > -**/
> > -CHAR16 *
> > -GetVariableNamePtr (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
> > -}
> > -
> > -/**
> > - This code gets the pointer to the variable guid.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return A EFI_GUID* pointer to Vendor Guid.
> > -
> > -**/
> > -EFI_GUID *
> > -GetVendorGuidPtr (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > -
> > - AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > - return &AuthVariable->VendorGuid;
> > - } else {
> > - return &Variable->VendorGuid;
> > - }
> > -}
> > -
> > -/**
> > -
> > - This code gets the pointer to the variable data.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Pointer to Variable Data.
> > -
> > -**/
> > -UINT8 *
> > -GetVariableDataPtr (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - UINTN Value;
> > -
> > - //
> > - // Be careful about pad size for alignment.
> > - //
> > - Value = (UINTN) GetVariableNamePtr (Variable);
> > - Value += NameSizeOfVariable (Variable);
> > - Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> > -
> > - return (UINT8 *) Value;
> > -}
> > -
> > -/**
> > - This code gets the variable data offset related to variable header.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Variable Data offset.
> > -
> > -**/
> > -UINTN
> > -GetVariableDataOffset (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - UINTN Value;
> > -
> > - //
> > - // Be careful about pad size for alignment
> > - //
> > - Value = GetVariableHeaderSize ();
> > - Value += NameSizeOfVariable (Variable);
> > - Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> > -
> > - return Value;
> > -}
> > -
> > -/**
> > -
> > - This code gets the pointer to the next variable header.
> > -
> > - @param Variable Pointer to the Variable Header.
> > -
> > - @return Pointer to next variable header.
> > -
> > -**/
> > -VARIABLE_HEADER *
> > -GetNextVariablePtr (
> > - IN VARIABLE_HEADER *Variable
> > - )
> > -{
> > - UINTN Value;
> > -
> > - Value = (UINTN) GetVariableDataPtr (Variable);
> > - Value += DataSizeOfVariable (Variable);
> > - Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
> > -
> > - //
> > - // Be careful about pad size for alignment.
> > - //
> > - return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
> > -}
> > -
> > -/**
> > -
> > - Gets the pointer to the first variable header in given variable store area.
> > -
> > - @param VarStoreHeader Pointer to the Variable Store Header.
> > -
> > - @return Pointer to the first variable header.
> > -
> > -**/
> > -VARIABLE_HEADER *
> > -GetStartPointer (
> > - IN VARIABLE_STORE_HEADER *VarStoreHeader
> > - )
> > -{
> > - //
> > - // The start of variable store.
> > - //
> > - return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
> > -}
> > -
> > -/**
> > -
> > - Gets the pointer to the end of the variable storage area.
> > -
> > - This function gets pointer to the end of the variable storage
> > - area, according to the input variable store header.
> > -
> > - @param VarStoreHeader Pointer to the Variable Store Header.
> > -
> > - @return Pointer to the end of the variable storage area.
> > -
> > -**/
> > -VARIABLE_HEADER *
> > -GetEndPointer (
> > - IN VARIABLE_STORE_HEADER *VarStoreHeader
> > - )
> > -{
> > - //
> > - // The end of variable store
> > - //
> > - return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader
> +
> > VarStoreHeader->Size);
> > -}
> > -
> > /**
> > Record variable error flag.
> >
> > @@ -1228,75 +766,6 @@ Done:
> > return Status;
> > }
> >
> > -/**
> > - Find the variable in the specified variable store.
> > -
> > - @param[in] VariableName Name of the variable to be found
> > - @param[in] VendorGuid Vendor GUID to be found.
> > - @param[in] IgnoreRtCheck Ignore
> EFI_VARIABLE_RUNTIME_ACCESS
> > attribute
> > - check at runtime when searching variable.
> > - @param[in, out] PtrTrack Variable Track Pointer structure that
> > contains Variable Information.
> > -
> > - @retval EFI_SUCCESS Variable found successfully
> > - @retval EFI_NOT_FOUND Variable not found
> > -**/
> > -EFI_STATUS
> > -FindVariableEx (
> > - IN CHAR16 *VariableName,
> > - IN EFI_GUID *VendorGuid,
> > - IN BOOLEAN IgnoreRtCheck,
> > - IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> > - )
> > -{
> > - VARIABLE_HEADER *InDeletedVariable;
> > - VOID *Point;
> > -
> > - PtrTrack->InDeletedTransitionPtr = NULL;
> > -
> > - //
> > - // Find the variable by walk through HOB, volatile and non-volatile
> variable
> > store.
> > - //
> > - InDeletedVariable = NULL;
> > -
> > - for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
> > - ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
> > - ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
> > - ) {
> > - if (PtrTrack->CurrPtr->State == VAR_ADDED ||
> > - PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)
> > - ) {
> > - if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes &
> > EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> > - if (VariableName[0] == 0) {
> > - if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > - InDeletedVariable = PtrTrack->CurrPtr;
> > - } else {
> > - PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> > - return EFI_SUCCESS;
> > - }
> > - } else {
> > - if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack-
> >CurrPtr)))
> > {
> > - Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
> > -
> > - ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
> > - if (CompareMem (VariableName, Point, NameSizeOfVariable
> > (PtrTrack->CurrPtr)) == 0) {
> > - if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > - InDeletedVariable = PtrTrack->CurrPtr;
> > - } else {
> > - PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> > - return EFI_SUCCESS;
> > - }
> > - }
> > - }
> > - }
> > - }
> > - }
> > - }
> > -
> > - PtrTrack->CurrPtr = InDeletedVariable;
> > - return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
> > -}
> > -
> > -
> > /**
> > Finds variable in storage blocks of volatile and non-volatile storage areas.
> >
> > @@ -2078,38 +1547,6 @@ AutoUpdateLangVariable (
> > }
> > }
> >
> > -/**
> > - Compare two EFI_TIME data.
> > -
> > -
> > - @param FirstTime A pointer to the first EFI_TIME data.
> > - @param SecondTime A pointer to the second EFI_TIME data.
> > -
> > - @retval TRUE The FirstTime is not later than the SecondTime.
> > - @retval FALSE The FirstTime is later than the SecondTime.
> > -
> > -**/
> > -BOOLEAN
> > -VariableCompareTimeStampInternal (
> > - IN EFI_TIME *FirstTime,
> > - IN EFI_TIME *SecondTime
> > - )
> > -{
> > - if (FirstTime->Year != SecondTime->Year) {
> > - return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
> > - } else if (FirstTime->Month != SecondTime->Month) {
> > - return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
> > - } else if (FirstTime->Day != SecondTime->Day) {
> > - return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
> > - } else if (FirstTime->Hour != SecondTime->Hour) {
> > - return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
> > - } else if (FirstTime->Minute != SecondTime->Minute) {
> > - return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
> > - }
> > -
> > - return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
> > -}
> > -
> > /**
> > Update the variable region with Variable information. If
> > EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is set,
> > index of associated public key is needed.
> > @@ -2205,7 +1642,7 @@ UpdateVariable (
> > // go to delete this variable in variable HOB and
> > // try to flush other variables from HOB to flash.
> > //
> > - UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE,
> FALSE,
> > TRUE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE,
> FALSE,
> > TRUE, FALSE, &gVariableInfo);
> > FlushHobVariableToFlash (VariableName, VendorGuid);
> > return EFI_SUCCESS;
> > }
> > @@ -2322,7 +1759,7 @@ UpdateVariable (
> > &State
> > );
> > if (!EFI_ERROR (Status)) {
> > - UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> > FALSE, FALSE, TRUE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> > FALSE, FALSE, TRUE, FALSE, &gVariableInfo);
> > if (!Variable->Volatile) {
> > CacheVariable->CurrPtr->State = State;
> > FlushHobVariableToFlash (VariableName, VendorGuid);
> > @@ -2341,7 +1778,7 @@ UpdateVariable (
> > //
> > // Variable content unchanged and no need to update timestamp, just
> > return.
> > //
> > - UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> > FALSE, TRUE, FALSE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, Variable->Volatile,
> > FALSE, TRUE, FALSE, FALSE, &gVariableInfo);
> > Status = EFI_SUCCESS;
> > goto Done;
> > } else if ((CacheVariable->CurrPtr->State == VAR_ADDED) ||
> > @@ -2570,7 +2007,7 @@ UpdateVariable (
> > CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN)
> > CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable-
> > >StartPtr));
> > CacheVariable->InDeletedTransitionPtr = NULL;
> > }
> > - UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE,
> > FALSE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE,
> > FALSE, FALSE, &gVariableInfo);
> > FlushHobVariableToFlash (VariableName, VendorGuid);
> > } else {
> > if (IsCommonUserVariable && ((VarSize + mVariableModuleGlobal-
> > >CommonUserVariableTotalSize) > mVariableModuleGlobal-
> > >CommonMaxUserVariableSpace)) {
> > @@ -2720,7 +2157,7 @@ UpdateVariable (
> > CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN)
> > CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable-
> > >StartPtr));
> > CacheVariable->InDeletedTransitionPtr = NULL;
> > }
> > - UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE,
> > FALSE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE,
> > FALSE, FALSE, &gVariableInfo);
> > }
> > goto Done;
> > }
> > @@ -2791,7 +2228,7 @@ UpdateVariable (
> > }
> >
> > if (!EFI_ERROR (Status)) {
> > - UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE,
> > FALSE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, Volatile, FALSE, TRUE,
> > FALSE, FALSE, &gVariableInfo);
> > if (!Volatile) {
> > FlushHobVariableToFlash (VariableName, VendorGuid);
> > }
> > @@ -2870,7 +2307,7 @@ VariableServiceGetVariable (
> > }
> >
> > *DataSize = VarDataSize;
> > - UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile,
> TRUE,
> > FALSE, FALSE, FALSE);
> > + UpdateVariableInfo (VariableName, VendorGuid, Variable.Volatile,
> TRUE,
> > FALSE, FALSE, FALSE, &gVariableInfo);
> >
> > Status = EFI_SUCCESS;
> > goto Done;
> > @@ -2885,166 +2322,6 @@ Done:
> > return Status;
> > }
> >
> > -/**
> > - This code Finds the Next available variable.
> > -
> > - Caution: This function may receive untrusted input.
> > - This function may be invoked in SMM mode. This function will do basic
> > validation, before parse the data.
> > -
> > - @param[in] VariableName Pointer to variable name.
> > - @param[in] VendorGuid Variable Vendor Guid.
> > - @param[out] VariablePtr Pointer to variable header address.
> > -
> > - @retval EFI_SUCCESS The function completed successfully.
> > - @retval EFI_NOT_FOUND The next variable was not found.
> > - @retval EFI_INVALID_PARAMETER If VariableName is not an empty
> string,
> > while VendorGuid is NULL.
> > - @retval EFI_INVALID_PARAMETER The input values of VariableName and
> > VendorGuid are not a name and
> > - GUID of an existing variable.
> > -
> > -**/
> > -EFI_STATUS
> > -EFIAPI
> > -VariableServiceGetNextVariableInternal (
> > - IN CHAR16 *VariableName,
> > - IN EFI_GUID *VendorGuid,
> > - OUT VARIABLE_HEADER **VariablePtr
> > - )
> > -{
> > - VARIABLE_STORE_TYPE Type;
> > - VARIABLE_POINTER_TRACK Variable;
> > - VARIABLE_POINTER_TRACK VariableInHob;
> > - VARIABLE_POINTER_TRACK VariablePtrTrack;
> > - EFI_STATUS Status;
> > - VARIABLE_STORE_HEADER
> *VariableStoreHeader[VariableStoreTypeMax];
> > -
> > - Status = FindVariable (VariableName, VendorGuid, &Variable,
> > &mVariableModuleGlobal->VariableGlobal, FALSE);
> > - if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
> > - //
> > - // For VariableName is an empty string, FindVariable() will try to find and
> > return
> > - // the first qualified variable, and if FindVariable() returns error
> > (EFI_NOT_FOUND)
> > - // as no any variable is found, still go to return the error
> > (EFI_NOT_FOUND).
> > - //
> > - if (VariableName[0] != 0) {
> > - //
> > - // For VariableName is not an empty string, and FindVariable() returns
> > error as
> > - // VariableName and VendorGuid are not a name and GUID of an
> existing
> > variable,
> > - // there is no way to get next variable, follow spec to return
> > EFI_INVALID_PARAMETER.
> > - //
> > - Status = EFI_INVALID_PARAMETER;
> > - }
> > - goto Done;
> > - }
> > -
> > - if (VariableName[0] != 0) {
> > - //
> > - // If variable name is not NULL, get next variable.
> > - //
> > - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > - }
> > -
> > - //
> > - // 0: Volatile, 1: HOB, 2: Non-Volatile.
> > - // The index and attributes mapping must be kept in this order as
> > FindVariable
> > - // makes use of this mapping to implement search algorithm.
> > - //
> > - VariableStoreHeader[VariableStoreTypeVolatile] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.VolatileVariableBase;
> > - VariableStoreHeader[VariableStoreTypeHob] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.HobVariableBase;
> > - VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> > -
> > - while (TRUE) {
> > - //
> > - // Switch from Volatile to HOB, to Non-Volatile.
> > - //
> > - while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
> > - //
> > - // Find current storage index
> > - //
> > - for (Type = (VARIABLE_STORE_TYPE) 0; Type < VariableStoreTypeMax;
> > Type++) {
> > - if ((VariableStoreHeader[Type] != NULL) && (Variable.StartPtr ==
> > GetStartPointer (VariableStoreHeader[Type]))) {
> > - break;
> > - }
> > - }
> > - ASSERT (Type < VariableStoreTypeMax);
> > - //
> > - // Switch to next storage
> > - //
> > - for (Type++; Type < VariableStoreTypeMax; Type++) {
> > - if (VariableStoreHeader[Type] != NULL) {
> > - break;
> > - }
> > - }
> > - //
> > - // Capture the case that
> > - // 1. current storage is the last one, or
> > - // 2. no further storage
> > - //
> > - if (Type == VariableStoreTypeMax) {
> > - Status = EFI_NOT_FOUND;
> > - goto Done;
> > - }
> > - Variable.StartPtr = GetStartPointer (VariableStoreHeader[Type]);
> > - Variable.EndPtr = GetEndPointer (VariableStoreHeader[Type]);
> > - Variable.CurrPtr = Variable.StartPtr;
> > - }
> > -
> > - //
> > - // Variable is found
> > - //
> > - if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State ==
> > (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
> > - if (!AtRuntime () || ((Variable.CurrPtr->Attributes &
> > EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> > - if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > - //
> > - // If it is a IN_DELETED_TRANSITION variable,
> > - // and there is also a same ADDED one at the same time,
> > - // don't return it.
> > - //
> > - VariablePtrTrack.StartPtr = Variable.StartPtr;
> > - VariablePtrTrack.EndPtr = Variable.EndPtr;
> > - Status = FindVariableEx (
> > - GetVariableNamePtr (Variable.CurrPtr),
> > - GetVendorGuidPtr (Variable.CurrPtr),
> > - FALSE,
> > - &VariablePtrTrack
> > - );
> > - if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State ==
> > VAR_ADDED) {
> > - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > - continue;
> > - }
> > - }
> > -
> > - //
> > - // Don't return NV variable when HOB overrides it
> > - //
> > - if ((VariableStoreHeader[VariableStoreTypeHob] != NULL) &&
> > (VariableStoreHeader[VariableStoreTypeNv] != NULL) &&
> > - (Variable.StartPtr == GetStartPointer
> > (VariableStoreHeader[VariableStoreTypeNv]))
> > - ) {
> > - VariableInHob.StartPtr = GetStartPointer
> > (VariableStoreHeader[VariableStoreTypeHob]);
> > - VariableInHob.EndPtr = GetEndPointer
> > (VariableStoreHeader[VariableStoreTypeHob]);
> > - Status = FindVariableEx (
> > - GetVariableNamePtr (Variable.CurrPtr),
> > - GetVendorGuidPtr (Variable.CurrPtr),
> > - FALSE,
> > - &VariableInHob
> > - );
> > - if (!EFI_ERROR (Status)) {
> > - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > - continue;
> > - }
> > - }
> > -
> > - *VariablePtr = Variable.CurrPtr;
> > - Status = EFI_SUCCESS;
> > - goto Done;
> > - }
> > - }
> > -
> > - Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > - }
> > -
> > -Done:
> > - return Status;
> > -}
> > -
> > /**
> >
> > This code Finds the Next available variable.
> > @@ -3082,6 +2359,7 @@ VariableServiceGetNextVariableName (
> > UINTN MaxLen;
> > UINTN VarNameSize;
> > VARIABLE_HEADER *VariablePtr;
> > + VARIABLE_STORE_HEADER
> > *VariableStoreHeader[VariableStoreTypeMax];
> >
> > if (VariableNameSize == NULL || VariableName == NULL || VendorGuid
> ==
> > NULL) {
> > return EFI_INVALID_PARAMETER;
> > @@ -3101,7 +2379,16 @@ VariableServiceGetNextVariableName (
> >
> > AcquireLockOnlyAtBootTime(&mVariableModuleGlobal-
> > >VariableGlobal.VariableServicesLock);
> >
> > - Status = VariableServiceGetNextVariableInternal (VariableName,
> > VendorGuid, &VariablePtr);
> > + //
> > + // 0: Volatile, 1: HOB, 2: Non-Volatile.
> > + // The index and attributes mapping must be kept in this order as
> > FindVariable
> > + // makes use of this mapping to implement search algorithm.
> > + //
> > + VariableStoreHeader[VariableStoreTypeVolatile] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.VolatileVariableBase;
> > + VariableStoreHeader[VariableStoreTypeHob] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.HobVariableBase;
> > + VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> > +
> > + Status = GetNextVariableEx (VariableName, VendorGuid,
> > VariableStoreHeader, &VariablePtr);
> > if (!EFI_ERROR (Status)) {
> > VarNameSize = NameSizeOfVariable (VariablePtr);
> > ASSERT (VarNameSize != 0);
> > @@ -3720,25 +3007,6 @@ ReclaimForOS(
> > }
> > }
> >
> > -/**
> > - Get non-volatile maximum variable size.
> > -
> > - @return Non-volatile maximum variable size.
> > -
> > -**/
> > -UINTN
> > -GetNonVolatileMaxVariableSize (
> > - VOID
> > - )
> > -{
> > - if (PcdGet32 (PcdHwErrStorageSize) != 0) {
> > - return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> > (PcdMaxAuthVariableSize)),
> > - PcdGet32 (PcdMaxHardwareErrorVariableSize));
> > - } else {
> > - return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> > (PcdMaxAuthVariableSize));
> > - }
> > -}
> > -
> > /**
> > Get maximum variable size, covering both non-volatile and volatile
> variables.
> >
> > @@ -4024,7 +3292,7 @@ InitNonVolatileVariableStore (
> > return Status;
> > }
> > mVariableModuleGlobal->VariableGlobal.EmuNvMode = TRUE;
> > - DEBUG ((DEBUG_INFO, "Variable driver will work at emulated non-
> volatile
> > variable mode!\n"));
> > + DEBUG ((DEBUG_INFO, "Variable driver will work in emulated non-
> > volatile variable mode!\n"));
> > } else {
> > Status = InitRealNonVolatileVariableStore (&VariableStoreBase);
> > if (EFI_ERROR (Status)) {
> > @@ -4040,6 +3308,9 @@ InitNonVolatileVariableStore (
> > mVariableModuleGlobal->MaxVariableSize = PcdGet32
> > (PcdMaxVariableSize);
> > mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32
> > (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) :
> > mVariableModuleGlobal->MaxVariableSize);
> >
> > + Status = InitVariableHelpers (mVariableModuleGlobal-
> > >VariableGlobal.AuthFormat);
> > + ASSERT_EFI_ERROR (Status);
> > +
> > //
> > // Parse non-volatile variable data and get last variable offset.
> > //
> > @@ -4470,18 +3741,13 @@ VariableCommonInitialize (
> >
> > //
> > // mVariableModuleGlobal->VariableGlobal.AuthFormat
> > - // has been initialized in InitNonVolatileVariableStore().
> > + // is initialized in InitNonVolatileVariableStore().
> > //
> > if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable
> > format!\n"));
> > - //
> > - // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will
> > initialize it.
> > - //
> > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> > VariableGuid = &gEfiAuthenticatedVariableGuid;
> > } else {
> > DEBUG ((EFI_D_INFO, "Variable driver will work without auth variable
> > support!\n"));
> > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> > VariableGuid = &gEfiVariableGuid;
> > }
> >
> > diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> > index cb6fcebe2d..232d9ffe25 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
> > @@ -1,12 +1,13 @@
> > /** @file
> > Provides variable driver extended services.
> >
> > -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
> > +Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > **/
> >
> > #include "Variable.h"
> > +#include "VariableParsing.h"
> >
> > /**
> > Finds variable in storage blocks of volatile and non-volatile storage areas.
> > @@ -97,10 +98,16 @@ VariableExLibFindNextVariable (
> > EFI_STATUS Status;
> > VARIABLE_HEADER *VariablePtr;
> > AUTHENTICATED_VARIABLE_HEADER *AuthVariablePtr;
> > + VARIABLE_STORE_HEADER
> > *VariableStoreHeader[VariableStoreTypeMax];
> >
> > - Status = VariableServiceGetNextVariableInternal (
> > + VariableStoreHeader[VariableStoreTypeVolatile] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.VolatileVariableBase;
> > + VariableStoreHeader[VariableStoreTypeHob] =
> > (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal-
> > >VariableGlobal.HobVariableBase;
> > + VariableStoreHeader[VariableStoreTypeNv] = mNvVariableCache;
> > +
> > + Status = GetNextVariableEx (
> > VariableName,
> > VendorGuid,
> > + VariableStoreHeader,
> > &VariablePtr
> > );
> > if (EFI_ERROR (Status)) {
> > diff --git
> > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > new file mode 100644
> > index 0000000000..b1b6d8282f
> > --- /dev/null
> > +++
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
> > @@ -0,0 +1,28 @@
> > +/** @file
> > + Common variable non-volatile store routines.
> > +
> > +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include "VariableNonVolatile.h"
> > +
> > +/**
> > + Get non-volatile maximum variable size.
> > +
> > + @return Non-volatile maximum variable size.
> > +
> > +**/
> > +UINTN
> > +GetNonVolatileMaxVariableSize (
> > + VOID
> > + )
> > +{
> > + if (PcdGet32 (PcdHwErrStorageSize) != 0) {
> > + return MAX (MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> > (PcdMaxAuthVariableSize)),
> > + PcdGet32 (PcdMaxHardwareErrorVariableSize));
> > + } else {
> > + return MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32
> > (PcdMaxAuthVariableSize));
> > + }
> > +}
> > diff --git
> > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > new file mode 100644
> > index 0000000000..d448e5a264
> > --- /dev/null
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > @@ -0,0 +1,816 @@
> > +/** @file
> > + The common variable helper routines shared by the DXE_RUNTIME
> > variable
> > + module and the DXE_SMM variable module.
> > +
> > + Caution: This module requires additional review when modified.
> > + This driver will have external input - variable data. They may be input in
> > SMM mode.
> > + This external input must be validated carefully to avoid security issue like
> > + buffer overflow, integer overflow.
> > +
> > +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
> > +SPDX-License-Identifier: BSD-2-Clause-Patent
> > +
> > +**/
> > +
> > +#include "VariableParsing.h"
> > +
> > +typedef struct {
> > + CONST CHAR16 *VariableName;
> > + EFI_GUID *VendorGuid;
> > +} VARIABLE_TYPE;
> > +
> > +VARIABLE_TYPE mAlwaysAuthenticatedVariables[] = {
> > + {EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid},
> > + {EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid},
> > + {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid},
> > + {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},
> > + {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},
> > + {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid},
> > +};
> > +
> > +STATIC BOOLEAN mAuthFormat;
> > +
> > +/**
> > +
> > + This code checks if variable header is valid or not.
> > +
> > + @param Variable Pointer to the Variable Header.
> > + @param VariableStoreEnd Pointer to the Variable Store End.
> > +
> > + @retval TRUE Variable header is valid.
> > + @retval FALSE Variable header is not valid.
> > +
> > +**/
> > +BOOLEAN
> > +IsValidVariableHeader (
> > + IN VARIABLE_HEADER *Variable,
> > + IN VARIABLE_HEADER *VariableStoreEnd
> > + )
> > +{
> > + if ((Variable == NULL) || (Variable >= VariableStoreEnd) || (Variable-
> > >StartId != VARIABLE_DATA)) {
> > + //
> > + // Variable is NULL or has reached the end of variable store,
> > + // or the StartId is not correct.
> > + //
> > + return FALSE;
> > + }
> > +
> > + return TRUE;
> > +}
> > +
> > +/**
> > +
> > + This code gets the current status of Variable Store.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @retval EfiRaw Variable store status is raw.
> > + @retval EfiValid Variable store status is valid.
> > + @retval EfiInvalid Variable store status is invalid.
> > +
> > +**/
> > +VARIABLE_STORE_STATUS
> > +GetVariableStoreStatus (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + )
> > +{
> > + if ((CompareGuid (&VarStoreHeader->Signature,
> > &gEfiAuthenticatedVariableGuid) ||
> > + CompareGuid (&VarStoreHeader->Signature, &gEfiVariableGuid)) &&
> > + VarStoreHeader->Format == VARIABLE_STORE_FORMATTED &&
> > + VarStoreHeader->State == VARIABLE_STORE_HEALTHY
> > + ) {
> > +
> > + return EfiValid;
> > + } else if (((UINT32 *)(&VarStoreHeader->Signature))[0] == 0xffffffff &&
> > + ((UINT32 *)(&VarStoreHeader->Signature))[1] == 0xffffffff &&
> > + ((UINT32 *)(&VarStoreHeader->Signature))[2] == 0xffffffff &&
> > + ((UINT32 *)(&VarStoreHeader->Signature))[3] == 0xffffffff &&
> > + VarStoreHeader->Size == 0xffffffff &&
> > + VarStoreHeader->Format == 0xff &&
> > + VarStoreHeader->State == 0xff
> > + ) {
> > +
> > + return EfiRaw;
> > + } else {
> > + return EfiInvalid;
> > + }
> > +}
> > +
> > +/**
> > + This code gets the size of variable header.
> > +
> > + @return Size of variable header in bytes in type UINTN.
> > +
> > +**/
> > +UINTN
> > +GetVariableHeaderSize (
> > + VOID
> > + )
> > +{
> > + UINTN Value;
> > +
> > + if (mAuthFormat) {
> > + Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
> > + } else {
> > + Value = sizeof (VARIABLE_HEADER);
> > + }
> > +
> > + return Value;
> > +}
> > +
> > +/**
> > +
> > + This code gets the size of name of variable.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return UINTN Size of variable in bytes.
> > +
> > +**/
> > +UINTN
> > +NameSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > +
> > + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > + if (mAuthFormat) {
> > + if (AuthVariable->State == (UINT8) (-1) ||
> > + AuthVariable->DataSize == (UINT32) (-1) ||
> > + AuthVariable->NameSize == (UINT32) (-1) ||
> > + AuthVariable->Attributes == (UINT32) (-1)) {
> > + return 0;
> > + }
> > + return (UINTN) AuthVariable->NameSize;
> > + } else {
> > + if (Variable->State == (UINT8) (-1) ||
> > + Variable->DataSize == (UINT32) (-1) ||
> > + Variable->NameSize == (UINT32) (-1) ||
> > + Variable->Attributes == (UINT32) (-1)) {
> > + return 0;
> > + }
> > + return (UINTN) Variable->NameSize;
> > + }
> > +}
> > +
> > +/**
> > + This code sets the size of name of variable.
> > +
> > + @param[in] Variable Pointer to the Variable Header.
> > + @param[in] NameSize Name size to set.
> > +
> > +**/
> > +VOID
> > +SetNameSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable,
> > + IN UINTN NameSize
> > + )
> > +{
> > + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > +
> > + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > + if (mAuthFormat) {
> > + AuthVariable->NameSize = (UINT32) NameSize;
> > + } else {
> > + Variable->NameSize = (UINT32) NameSize;
> > + }
> > +}
> > +
> > +/**
> > +
> > + This code gets the size of variable data.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Size of variable in bytes.
> > +
> > +**/
> > +UINTN
> > +DataSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > +
> > + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > + if (mAuthFormat) {
> > + if (AuthVariable->State == (UINT8) (-1) ||
> > + AuthVariable->DataSize == (UINT32) (-1) ||
> > + AuthVariable->NameSize == (UINT32) (-1) ||
> > + AuthVariable->Attributes == (UINT32) (-1)) {
> > + return 0;
> > + }
> > + return (UINTN) AuthVariable->DataSize;
> > + } else {
> > + if (Variable->State == (UINT8) (-1) ||
> > + Variable->DataSize == (UINT32) (-1) ||
> > + Variable->NameSize == (UINT32) (-1) ||
> > + Variable->Attributes == (UINT32) (-1)) {
> > + return 0;
> > + }
> > + return (UINTN) Variable->DataSize;
> > + }
> > +}
> > +
> > +/**
> > + This code sets the size of variable data.
> > +
> > + @param[in] Variable Pointer to the Variable Header.
> > + @param[in] DataSize Data size to set.
> > +
> > +**/
> > +VOID
> > +SetDataSizeOfVariable (
> > + IN VARIABLE_HEADER *Variable,
> > + IN UINTN DataSize
> > + )
> > +{
> > + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > +
> > + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > + if (mAuthFormat) {
> > + AuthVariable->DataSize = (UINT32) DataSize;
> > + } else {
> > + Variable->DataSize = (UINT32) DataSize;
> > + }
> > +}
> > +
> > +/**
> > +
> > + This code gets the pointer to the variable name.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to Variable Name which is Unicode encoding.
> > +
> > +**/
> > +CHAR16 *
> > +GetVariableNamePtr (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
> > +}
> > +
> > +/**
> > + This code gets the pointer to the variable guid.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return A EFI_GUID* pointer to Vendor Guid.
> > +
> > +**/
> > +EFI_GUID *
> > +GetVendorGuidPtr (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > +
> > + AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > + if (mAuthFormat) {
> > + return &AuthVariable->VendorGuid;
> > + } else {
> > + return &Variable->VendorGuid;
> > + }
> > +}
> > +
> > +/**
> > +
> > + This code gets the pointer to the variable data.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to Variable Data.
> > +
> > +**/
> > +UINT8 *
> > +GetVariableDataPtr (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + UINTN Value;
> > +
> > + //
> > + // Be careful about pad size for alignment.
> > + //
> > + Value = (UINTN) GetVariableNamePtr (Variable);
> > + Value += NameSizeOfVariable (Variable);
> > + Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> > +
> > + return (UINT8 *) Value;
> > +}
> > +
> > +/**
> > + This code gets the variable data offset related to variable header.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Variable Data offset.
> > +
> > +**/
> > +UINTN
> > +GetVariableDataOffset (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + UINTN Value;
> > +
> > + //
> > + // Be careful about pad size for alignment
> > + //
> > + Value = GetVariableHeaderSize ();
> > + Value += NameSizeOfVariable (Variable);
> > + Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
> > +
> > + return Value;
> > +}
> > +
> > +/**
> > +
> > + This code gets the pointer to the next variable header.
> > +
> > + @param Variable Pointer to the Variable Header.
> > +
> > + @return Pointer to next variable header.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetNextVariablePtr (
> > + IN VARIABLE_HEADER *Variable
> > + )
> > +{
> > + UINTN Value;
> > +
> > + Value = (UINTN) GetVariableDataPtr (Variable);
> > + Value += DataSizeOfVariable (Variable);
> > + Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
> > +
> > + //
> > + // Be careful about pad size for alignment.
> > + //
> > + return (VARIABLE_HEADER *) HEADER_ALIGN (Value);
> > +}
> > +
> > +/**
> > +
> > + Gets the pointer to the first variable header in given variable store area.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @return Pointer to the first variable header.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetStartPointer (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + )
> > +{
> > + //
> > + // The end of variable store.
> > + //
> > + return (VARIABLE_HEADER *) HEADER_ALIGN (VarStoreHeader + 1);
> > +}
> > +
> > +/**
> > +
> > + Gets the pointer to the end of the variable storage area.
> > +
> > + This function gets pointer to the end of the variable storage
> > + area, according to the input variable store header.
> > +
> > + @param VarStoreHeader Pointer to the Variable Store Header.
> > +
> > + @return Pointer to the end of the variable storage area.
> > +
> > +**/
> > +VARIABLE_HEADER *
> > +GetEndPointer (
> > + IN VARIABLE_STORE_HEADER *VarStoreHeader
> > + )
> > +{
> > + //
> > + // The end of variable store
> > + //
> > + return (VARIABLE_HEADER *) HEADER_ALIGN ((UINTN) VarStoreHeader
> +
> > VarStoreHeader->Size);
> > +}
> > +
> > +/**
> > + Returns if this is a variable that always requires authenticated writes.
> > + There may be other scenarios that result in a variable not identified by
> the
> > + function to also require authentication.
> > +
> > + @param[in] VariableName Name of variable.
> > + @param[in] VendorGuid Guid of variable.
> > +
> > + @retval TRUE The variable always requires authenticated writes
> > + @retval FALSE The variable may or may not require authenticated
> > writes
> > +**/
> > +BOOLEAN
> > +IsAuthenticatedVariable (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid
> > + )
> > +{
> > + UINTN Index;
> > +
> > + for (Index = 0; Index < sizeof (mAlwaysAuthenticatedVariables) / sizeof
> > (mAlwaysAuthenticatedVariables[0]); Index++) {
> > + if ((StrCmp (VariableName,
> > mAlwaysAuthenticatedVariables[Index].VariableName) == 0) &&
> > + (CompareGuid (VendorGuid,
> > mAlwaysAuthenticatedVariables[Index].VendorGuid))) {
> > + return TRUE;
> > + }
> > + }
> > + return FALSE;
> > +}
> > +
> > +/**
> > + Compare two EFI_TIME data.
> > +
> > +
> > + @param FirstTime A pointer to the first EFI_TIME data.
> > + @param SecondTime A pointer to the second EFI_TIME data.
> > +
> > + @retval TRUE The FirstTime is not later than the SecondTime.
> > + @retval FALSE The FirstTime is later than the SecondTime.
> > +
> > +**/
> > +BOOLEAN
> > +VariableCompareTimeStampInternal (
> > + IN EFI_TIME *FirstTime,
> > + IN EFI_TIME *SecondTime
> > + )
> > +{
> > + if (FirstTime->Year != SecondTime->Year) {
> > + return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
> > + } else if (FirstTime->Month != SecondTime->Month) {
> > + return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
> > + } else if (FirstTime->Day != SecondTime->Day) {
> > + return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
> > + } else if (FirstTime->Hour != SecondTime->Hour) {
> > + return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
> > + } else if (FirstTime->Minute != SecondTime->Minute) {
> > + return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
> > + }
> > +
> > + return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
> > +}
> > +
> > +/**
> > + Find the variable in the specified variable store.
> > +
> > + @param[in] VariableName Name of the variable to be found
> > + @param[in] VendorGuid Vendor GUID to be found.
> > + @param[in] IgnoreRtCheck Ignore
> EFI_VARIABLE_RUNTIME_ACCESS
> > attribute
> > + check at runtime when searching variable.
> > + @param[in, out] PtrTrack Variable Track Pointer structure that
> > contains Variable Information.
> > +
> > + @retval EFI_SUCCESS Variable found successfully
> > + @retval EFI_NOT_FOUND Variable not found
> > +**/
> > +EFI_STATUS
> > +FindVariableEx (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN BOOLEAN IgnoreRtCheck,
> > + IN OUT VARIABLE_POINTER_TRACK *PtrTrack
> > + )
> > +{
> > + VARIABLE_HEADER *InDeletedVariable;
> > + VOID *Point;
> > +
> > + PtrTrack->InDeletedTransitionPtr = NULL;
> > +
> > + //
> > + // Find the variable by walk through HOB, volatile and non-volatile
> variable
> > store.
> > + //
> > + InDeletedVariable = NULL;
> > +
> > + for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
> > + ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
> > + ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
> > + ) {
> > + if (PtrTrack->CurrPtr->State == VAR_ADDED ||
> > + PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)
> > + ) {
> > + if (IgnoreRtCheck || !AtRuntime () || ((PtrTrack->CurrPtr->Attributes
> &
> > EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> > + if (VariableName[0] == 0) {
> > + if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > + InDeletedVariable = PtrTrack->CurrPtr;
> > + } else {
> > + PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> > + return EFI_SUCCESS;
> > + }
> > + } else {
> > + if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack-
> >CurrPtr)))
> > {
> > + Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
> > +
> > + ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
> > + if (CompareMem (VariableName, Point, NameSizeOfVariable
> > (PtrTrack->CurrPtr)) == 0) {
> > + if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > + InDeletedVariable = PtrTrack->CurrPtr;
> > + } else {
> > + PtrTrack->InDeletedTransitionPtr = InDeletedVariable;
> > + return EFI_SUCCESS;
> > + }
> > + }
> > + }
> > + }
> > + }
> > + }
> > + }
> > +
> > + PtrTrack->CurrPtr = InDeletedVariable;
> > + return (PtrTrack->CurrPtr == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS;
> > +}
> > +
> > +/**
> > + This code finds the next available variable.
> > +
> > + Caution: This function may receive untrusted input.
> > + This function may be invoked in SMM mode. This function will do basic
> > validation, before parse the data.
> > +
> > + @param[in] VariableName Pointer to variable name.
> > + @param[in] VendorGuid Variable Vendor Guid.
> > + @param[in] VariableStoreList A list of variable stores that should be
> used
> > to get the next variable.
> > + The maximum number of entries is the max value of
> > VARIABLE_STORE_TYPE.
> > + @param[out] VariablePtr Pointer to variable header address.
> > +
> > + @retval EFI_SUCCESS The function completed successfully.
> > + @retval EFI_NOT_FOUND The next variable was not found.
> > + @retval EFI_INVALID_PARAMETER If VariableName is not an empty
> string,
> > while VendorGuid is NULL.
> > + @retval EFI_INVALID_PARAMETER The input values of VariableName
> and
> > VendorGuid are not a name and
> > + GUID of an existing variable.
> > +
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +GetNextVariableEx (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN VARIABLE_STORE_HEADER **VariableStoreList,
> > + OUT VARIABLE_HEADER **VariablePtr
> > + )
> > +{
> > + EFI_STATUS Status;
> > + VARIABLE_STORE_TYPE StoreType;
> > + VARIABLE_POINTER_TRACK Variable;
> > + VARIABLE_POINTER_TRACK VariableInHob;
> > + VARIABLE_POINTER_TRACK VariablePtrTrack;
> > +
> > + Status = EFI_NOT_FOUND;
> > +
> > + if (VariableStoreList == NULL) {
> > + return EFI_INVALID_PARAMETER;
> > + }
> > +
> > + // Check if the variable exists in the given variable store list
> > + for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType <
> > VariableStoreTypeMax; StoreType++) {
> > + if (VariableStoreList[StoreType] == NULL) {
> > + continue;
> > + }
> > +
> > + Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
> > + Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
> > + Variable.Volatile = (BOOLEAN) (StoreType ==
> VariableStoreTypeVolatile);
> > +
> > + Status = FindVariableEx (VariableName, VendorGuid, FALSE, &Variable);
> > + if (!EFI_ERROR (Status)) {
> > + break;
> > + }
> > + }
> > +
> > + if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) {
> > + //
> > + // For VariableName is an empty string, FindVariable() will try to find
> and
> > return
> > + // the first qualified variable, and if FindVariable() returns error
> > (EFI_NOT_FOUND)
> > + // as no any variable is found, still go to return the error
> > (EFI_NOT_FOUND).
> > + //
> > + if (VariableName[0] != 0) {
> > + //
> > + // For VariableName is not an empty string, and FindVariable() returns
> > error as
> > + // VariableName and VendorGuid are not a name and GUID of an
> > existing variable,
> > + // there is no way to get next variable, follow spec to return
> > EFI_INVALID_PARAMETER.
> > + //
> > + Status = EFI_INVALID_PARAMETER;
> > + }
> > + goto Done;
> > + }
> > +
> > + if (VariableName[0] != 0) {
> > + //
> > + // If variable name is not empty, get next variable.
> > + //
> > + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > + }
> > +
> > + while (TRUE) {
> > + //
> > + // Switch to the next variable store if needed
> > + //
> > + while (!IsValidVariableHeader (Variable.CurrPtr, Variable.EndPtr)) {
> > + //
> > + // Find current storage index
> > + //
> > + for (StoreType = (VARIABLE_STORE_TYPE) 0; StoreType <
> > VariableStoreTypeMax; StoreType++) {
> > + if ((VariableStoreList[StoreType] != NULL) && (Variable.StartPtr ==
> > GetStartPointer (VariableStoreList[StoreType]))) {
> > + break;
> > + }
> > + }
> > + ASSERT (StoreType < VariableStoreTypeMax);
> > + //
> > + // Switch to next storage
> > + //
> > + for (StoreType++; StoreType < VariableStoreTypeMax; StoreType++) {
> > + if (VariableStoreList[StoreType] != NULL) {
> > + break;
> > + }
> > + }
> > + //
> > + // Capture the case that
> > + // 1. current storage is the last one, or
> > + // 2. no further storage
> > + //
> > + if (StoreType == VariableStoreTypeMax) {
> > + Status = EFI_NOT_FOUND;
> > + goto Done;
> > + }
> > + Variable.StartPtr = GetStartPointer (VariableStoreList[StoreType]);
> > + Variable.EndPtr = GetEndPointer (VariableStoreList[StoreType]);
> > + Variable.CurrPtr = Variable.StartPtr;
> > + }
> > +
> > + //
> > + // Variable is found
> > + //
> > + if (Variable.CurrPtr->State == VAR_ADDED || Variable.CurrPtr->State
> ==
> > (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
> > + if (!AtRuntime () || ((Variable.CurrPtr->Attributes &
> > EFI_VARIABLE_RUNTIME_ACCESS) != 0)) {
> > + if (Variable.CurrPtr->State == (VAR_IN_DELETED_TRANSITION &
> > VAR_ADDED)) {
> > + //
> > + // If it is a IN_DELETED_TRANSITION variable,
> > + // and there is also a same ADDED one at the same time,
> > + // don't return it.
> > + //
> > + VariablePtrTrack.StartPtr = Variable.StartPtr;
> > + VariablePtrTrack.EndPtr = Variable.EndPtr;
> > + Status = FindVariableEx (
> > + GetVariableNamePtr (Variable.CurrPtr),
> > + GetVendorGuidPtr (Variable.CurrPtr),
> > + FALSE,
> > + &VariablePtrTrack
> > + );
> > + if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State ==
> > VAR_ADDED) {
> > + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > + continue;
> > + }
> > + }
> > +
> > + //
> > + // Don't return NV variable when HOB overrides it
> > + //
> > + if ((VariableStoreList[VariableStoreTypeHob] != NULL) &&
> > (VariableStoreList[VariableStoreTypeNv] != NULL) &&
> > + (Variable.StartPtr == GetStartPointer
> > (VariableStoreList[VariableStoreTypeNv]))
> > + ) {
> > + VariableInHob.StartPtr = GetStartPointer
> > (VariableStoreList[VariableStoreTypeHob]);
> > + VariableInHob.EndPtr = GetEndPointer
> > (VariableStoreList[VariableStoreTypeHob]);
> > + Status = FindVariableEx (
> > + GetVariableNamePtr (Variable.CurrPtr),
> > + GetVendorGuidPtr (Variable.CurrPtr),
> > + FALSE,
> > + &VariableInHob
> > + );
> > + if (!EFI_ERROR (Status)) {
> > + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > + continue;
> > + }
> > + }
> > +
> > + *VariablePtr = Variable.CurrPtr;
> > + Status = EFI_SUCCESS;
> > + goto Done;
> > + }
> > + }
> > +
> > + Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
> > + }
> > +
> > +Done:
> > + return Status;
> > +}
> > +
> > +/**
> > + Routine used to track statistical information about variable usage.
> > + The data is stored in the EFI system table so it can be accessed later.
> > + VariableInfo.efi can dump out the table. Only Boot Services variable
> > + accesses are tracked by this code. The PcdVariableCollectStatistics
> > + build flag controls if this feature is enabled.
> > +
> > + A read that hits in the cache will have Read and Cache true for
> > + the transaction. Data is allocated by this routine, but never
> > + freed.
> > +
> > + @param[in] VariableName Name of the Variable to track.
> > + @param[in] VendorGuid Guid of the Variable to track.
> > + @param[in] Volatile TRUE if volatile FALSE if non-volatile.
> > + @param[in] Read TRUE if GetVariable() was called.
> > + @param[in] Write TRUE if SetVariable() was called.
> > + @param[in] Delete TRUE if deleted via SetVariable().
> > + @param[in] Cache TRUE for a cache hit.
> > + @param[in,out] VariableInfo Pointer to a pointer of
> > VARIABLE_INFO_ENTRY structures.
> > +
> > +**/
> > +VOID
> > +UpdateVariableInfo (
> > + IN CHAR16 *VariableName,
> > + IN EFI_GUID *VendorGuid,
> > + IN BOOLEAN Volatile,
> > + IN BOOLEAN Read,
> > + IN BOOLEAN Write,
> > + IN BOOLEAN Delete,
> > + IN BOOLEAN Cache,
> > + IN OUT VARIABLE_INFO_ENTRY **VariableInfo
> > + )
> > +{
> > + VARIABLE_INFO_ENTRY *Entry;
> > +
> > + if (FeaturePcdGet (PcdVariableCollectStatistics)) {
> > + if (VariableName == NULL || VendorGuid == NULL || VariableInfo ==
> > NULL) {
> > + return;
> > + }
> > + if (AtRuntime ()) {
> > + // Don't collect statistics at runtime.
> > + return;
> > + }
> > +
> > + if (*VariableInfo == NULL) {
> > + //
> > + // On the first call allocate a entry and place a pointer to it in
> > + // the EFI System Table.
> > + //
> > + *VariableInfo = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> > + ASSERT (*VariableInfo != NULL);
> > +
> > + CopyGuid (&(*VariableInfo)->VendorGuid, VendorGuid);
> > + (*VariableInfo)->Name = AllocateZeroPool (StrSize (VariableName));
> > + ASSERT ((*VariableInfo)->Name != NULL);
> > + StrCpyS ((*VariableInfo)->Name,
> StrSize(VariableName)/sizeof(CHAR16),
> > VariableName);
> > + (*VariableInfo)->Volatile = Volatile;
> > + }
> > +
> > +
> > + for (Entry = (*VariableInfo); Entry != NULL; Entry = Entry->Next) {
> > + if (CompareGuid (VendorGuid, &Entry->VendorGuid)) {
> > + if (StrCmp (VariableName, Entry->Name) == 0) {
> > + if (Read) {
> > + Entry->ReadCount++;
> > + }
> > + if (Write) {
> > + Entry->WriteCount++;
> > + }
> > + if (Delete) {
> > + Entry->DeleteCount++;
> > + }
> > + if (Cache) {
> > + Entry->CacheCount++;
> > + }
> > +
> > + return;
> > + }
> > + }
> > +
> > + if (Entry->Next == NULL) {
> > + //
> > + // If the entry is not in the table add it.
> > + // Next iteration of the loop will fill in the data.
> > + //
> > + Entry->Next = AllocateZeroPool (sizeof (VARIABLE_INFO_ENTRY));
> > + ASSERT (Entry->Next != NULL);
> > +
> > + CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
> > + Entry->Next->Name = AllocateZeroPool (StrSize (VariableName));
> > + ASSERT (Entry->Next->Name != NULL);
> > + StrCpyS (Entry->Next->Name,
> StrSize(VariableName)/sizeof(CHAR16),
> > VariableName);
> > + Entry->Next->Volatile = Volatile;
> > + }
> > + }
> > + }
> > +}
> > +
> > +/**
> > + Initializes context needed for variable helpers.
> > +
> > + @param[in] AuthFormat If true then indicates authenticated
> > variables are supported
> > +
> > + @retval EFI_SUCCESS Initialized successfully
> > + @retval Others An error occurred during initialization
> > +**/
> > +EFI_STATUS
> > +EFIAPI
> > +InitVariableHelpers (
> > + IN BOOLEAN AuthFormat
> > + )
> > +{
> > + mAuthFormat = AuthFormat;
> > +
> > + return EFI_SUCCESS;
> > +}
> > diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> > index ec463d063e..bda531d104 100644
> > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
> > @@ -30,6 +30,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > #include <Guid/SmmVariableCommon.h>
> > #include "Variable.h"
> > +#include "VariableNonVolatile.h"
> > +#include "VariableParsing.h"
> >
> > BOOLEAN mAtRuntime = FALSE;
> > UINT8 *mVariableBufferPayload = NULL;
> > diff --git
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.c
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.c
> > index 0a1888e5ef..5bf90039d6 100644
> > ---
> >
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.c
> > +++
> >
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDx
> > e.c
> > @@ -13,7 +13,7 @@
> >
> > InitCommunicateBuffer() is really function to check the variable data size.
> >
> > -Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
> > +Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
> > SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > **/
> > @@ -39,6 +39,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > #include <Guid/SmmVariableCommon.h>
> >
> > #include "PrivilegePolymorphic.h"
> > +#include "VariableParsing.h"
> >
> > EFI_HANDLE mHandle = NULL;
> > EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable = NULL;
> > --
> > 2.16.2.windows.1
> >
> >
> >
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
2019-09-26 22:35 ` Kubacki, Michael A
@ 2019-09-30 22:43 ` Laszlo Ersek
2019-09-30 22:47 ` Laszlo Ersek
0 siblings, 1 reply; 13+ messages in thread
From: Laszlo Ersek @ 2019-09-30 22:43 UTC (permalink / raw)
To: Kubacki, Michael A, devel@edk2.groups.io
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Wu, Hao A, Yao, Jiewen
On 09/27/19 00:35, Kubacki, Michael A wrote:
> After thinking a bit more, this test is based on a side effect of implementation. I'd prefer to avoid this being the sole cause of additional complexity in an already complex driver. Are one of these two options acceptable?
>
> 1. Use the Runtime Services QueryVariableInfo () API
>
> In this patch series, this is still implemented to trigger an SMI as invocations occur very rarely outside mainstream GetVariable () and GetNextVariableName () usage so performance is not a major concern. This allows it to continue to use the validated path to the converged implementation in Variable.c
QueryVariableInfo() is not exposed to Linux userspace in any practical way.
The Firmware Test Suite contains a dedicated test case for that runtime
service:
https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo
which can be invoked from the root prompt.
However, the userspace app depends on the efi_test module
(CONFIG_EFI_TEST), which is not built in Fedora (not even in the debug
kernel).
Building the kernel module specifically for the test is very messy,
especially if the running kernel was signed, and booted with Secure Boot
enabled. (It won't just accept any hand-build module.)
I'll ask the Fedora kernel maintainers if they can set CONFIG_EFI_TEST
to "m".
> 2. Include a SMM driver in OVMF specifically for exercising the edk2 SMM flow.
>
> A SMM driver in OVMF (included if SMM_REQUIRE is TRUE) could register a handler that simply returns or has something like a fixed 1ms delay.
Invoking this service from Linux userspace looks even more difficult
than QueryVariableInfo().
Thanks
Laszlo
>> -----Original Message-----
>> From: Kubacki, Michael A
>> Sent: Thursday, September 26, 2019 1:29 PM
>> To: Laszlo Ersek <lersek@redhat.com>; devel@edk2.groups.io
>> Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
>> <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Gao, Liming
>> <liming.gao@intel.com>; Kinney, Michael D <michael.d.kinney@intel.com>;
>> Ni, Ray <ray.ni@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao
>> A <hao.a.wu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
>> Subject: RE: [PATCH V1 0/5] UEFI Variable SMI Reduction
>>
>> Hi Laszlo,
>>
>> In short, it would not complicate the code beyond a reasonable level to
>> support the runtime cache with a FeaturePCD.
>>
>> I had considered this but dismissed it with lack of a practical use case (which
>> you provided) that could justify adding another configuration option to the
>> variable driver. The SMM communication buffer preparation code and SMI
>> handler code for GetVariable () and GetNextVariableName () would have to
>> be added back which I'd prefer eliminating maintenance of if possible.
>>
>> The SMM cache is used to serve SMM callers.
>>
>> Do others have an opinion or suggestion? If not, I'll proceed with adding a
>> FeaturePCD.
>>
>> Thanks,
>> Michael
>>
>>> -----Original Message-----
>>> From: Laszlo Ersek <lersek@redhat.com>
>>> Sent: Thursday, September 26, 2019 11:24 AM
>>> To: Kubacki, Michael A <michael.a.kubacki@intel.com>;
>>> devel@edk2.groups.io
>>> Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
>>> <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Gao,
>>> Liming <liming.gao@intel.com>; Kinney, Michael D
>>> <michael.d.kinney@intel.com>; Ni, Ray <ray.ni@intel.com>; Wang, Jian J
>>> <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>; Yao, Jiewen
>>> <jiewen.yao@intel.com>
>>> Subject: Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
>>>
>>> Hello Michael,
>>>
>>> On 09/26/19 06:50, Michael Kubacki wrote:
>>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
>>>>
>>>> Overview
>>>> ---------
>>>> This patch series reduces SMM usage when using
>>> VariableSmmRuntimeDxe
>>>> with VariableSmm. It does so by eliminating SMM usage for runtime
>>>> service GetVariable () and GetNextVariableName () invocations. Most
>>>> UEFI variable usage in typical systems after the variable store is
>>>> initialized (e.g. manufacturing boots) is due to GetVariable ( ) and
>>>> GetNextVariableName () not SetVariable (). GetVariable () calls can
>>>> regularly exceed 100 per boot while SetVariable () calls typically
>>>> remain less than 10 per boot. By focusing on the common case, the
>>>> majority of overhead associated with SMM can be avoided while still
>>>> using existing and proven code for operations such as variable
>>>> authentication that require an isolated execution environment.
>>>>
>>>> * Advantage: Reduces overall system SMM usage
>>>> * Disadvantage: Requires more Runtime data memory usage
>>>
>>> In a perfect world, I would carefully scrutinize this patch set, and
>>> respond with comments. In the real world, I have hardly enough time to
>>> read the blurb :/ So I'll have to defer to the other reviewers on this patch.
>>>
>>> I'd like to spell out another "disadvantage" however. Admittedly it's
>>> quite a corner case.
>>>
>>> The disadvantage in my case is that, by eliminating SMM from variable
>>> *reads*, OVMF will lose its simplest method to exercise the SMM driver
>>> stack. Namely, right now, if you boot OVMF (built with -D
>>> SMM_REQUIRE), and at root prompt in the Linux guest, you run:
>>>
>>> # taskset -c 0 efibootmgr
>>> # taskset -c 1 efibootmgr
>>>
>>> then you very easily test the SMM machinery (through Boot####,
>>> BootOrder, BootNext variable *reads*).
>>>
>>> In addition, the "taskset" commands above force the guest Linux kernel
>>> to initiate the GetVariable runtime service call -- and therefore
>>> entering SMM -- on CPU#0 (BSP) vs. CPU#1 (AP).
>>>
>>> This difference (that is, BSP vs. AP being used for the runtime
>>> service
>>> call) used to expose *extreme* timing and stability differences in the
>>> edk2 SMM stack, dependent on the SMI delivery method used.
>>>
>>> To this day, the above two commands remain part of our stock
>>> regression- tests for the health of the SMM stack -- the commands are
>>> executed in the guest OS both after normal boot, and after S3 resume.
>>>
>>> https://github.com/tianocore/tianocore.github.io/wiki/Testing-SMM-with
>>> - QEMU,-KVM-and-libvirt#uefi-variable-access-test
>>>
>>> Therefore, would it be possible to make the feature dependent on a new
>>> FeaturePCD?
>>>
>>> Or, if that would complicate the code too much, perhaps new module INF
>>> files could be introduced (library instances, or even drivers) that a
>>> platform could choose to select in DSC files, perhaps dependent on a -D
>> build flag.
>>> There could be a set of INF files for the current behavior, and
>>> another set of INF files for the "read cache" behavior. And the
>>> related C source files would not have to be littered with
>>>
>>> if (FeaturePcdGet (...)) {
>>> //
>>> // read cache
>>> //
>>> } else {
>>> //
>>> // traditional behavior
>>> //
>>> }
>>>
>>> Of course, with the read cache feature, SMM entry could still be
>>> forced in OVMF through non-volatile variable *writes* -- but writes
>>> are not without side-effects on the varstore, and they depend on extra
>>> conditions relative to reads.
>>>
>>> You mention "SMM cache" below, and I'm not entirely clear when exactly
>>> that would be used, in favor of the "runtime cache". It seems that the
>>> "SMM cache" would primarily serve SMM callers. If the FeaturePCD could
>>> be used for forcing the use of "SMM cache" for the normal GetVariable
>>> runtime service too, I think that might cover my use case. I don't
>>> need GetVariable to access flash, i.e. caching per se is fine; I'd
>>> just need GetVariable to continue exercising the SMM stack *in OVMF*
>>> -- even if that path is slower than desirable, for physical platforms.
>>>
>>> Thanks!
>>> Laszlo
>>>
>>>> Initial Performance Observations
>>>> ---------------------------------
>>>> * With these proposed changes, an Intel Atom based SoC saw
>>>> GetVariable
>>> ( )
>>>> time for an existing variable reduce from ~220us to ~5us.
>>>>
>>>> Major Changes
>>>> --------------
>>>> 1. Two UEFI variable caches will be maintained.
>>>> a. "Runtime Cache" - Maintained in VariableSmmRuntimeDxe. Used
>>>> to
>>> serve
>>>> runtime service GetVariable () and GetNextVariableName () callers.
>>>> b. "SMM cache" - Maintained in VariableSmm to service SMM
>>> GetVariable ()
>>>> and GetNextVariableName () callers.
>>>> i. A cache in SMRAM is retained so SMM modules do not
>>>> operate on
>>> data
>>>> outside SMRAM.
>>>> 2. A new UEFI variable read and write flow will be used as described
>> below.
>>>>
>>>> At any given time, the two caches would be coherent. On a variable
>>>> write, the runtime cache is only updated after validation in SMM
>>>> and, in the case of a non-volatile UEFI variable, the variable must
>>>> also be successfully written to non-volatile storage.
>>>>
>>>> Prior RFC Feedback Addressed
>>>> -----------------------------
>>>> RFC sent Sept. 5, 2019: https://edk2.groups.io/g/devel/message/46939
>>>>
>>>> 1. UEFI variable data retrieval from a ring 0 buffer
>>>>
>>>> A common concern with this proposed set of changes is the
>>>> potential
>>> security
>>>> threat presented by serving runtime services callers from a ring 0
>> memory
>>>> buffer of EfiRuntimeServicesData type. This conclusion was that
>>>> this
>>> change
>>>> does not fundamentally alter the attack surface. The UEFI
>>>> variable
>>> Runtime
>>>> Services are invoked from ring 0 and the data already travels through
>> ring
>>>> 0 buffers (such as the SMM communicate buffer) to reach the caller.
>> Even
>>>> today if ring 0 is assumed to be malicious, the malicious code
>>>> may keep
>>> one
>>>> AP in a loop to monitor the communication data, when the BSP gets an
>>>> (authenticated) variable. When the communication buffer is
>>>> updated and
>>> the
>>>> status is set to EFI_SUCCESS, the AP may modify the communication
>>> buffer
>>>> contents such the tampered data is returned to the BSP caller. Or an
>>>> interrupt handler on the BSP may alter the communication buffer
>>> contents
>>>> before the data is returned to the caller. In summary, this was
>>>> not found
>>> to
>>>> introduce any attack not possible today.
>>>>
>>>> 2. VarCheckLib impact
>>>>
>>>> VarCheckLib plays a role in SetVariable () calls. This patch series only
>>>> changes GetVariable () behavior. Therefore, VarCheckLib is expected to
>>>> have no impact due to these changes.
>>>>
>>>> Testing Performed
>>>> ------------------
>>>> This code was tested with the master branch of edk2 on an Intel Kaby
>>>> Lake U Intel Whiskey Lake U reference validation platform. The set
>>>> of tests performed
>>>> included:
>>>>
>>>> 1. Boot from S5 to Windows 10 OS with SMM variables enabled.
>>>> 2. Boot from S5 to Ubuntu 18.04.1 LTS with SMM variable enabled.
>>>> 3. Boot from S5 to EFI shell with DXE variables enabled.
>>>> 4. Dump UEFI variable store at shell with dmpstore to verify contents.
>>>> 5. Dump NvStorage FV from SPI flash after boot to verify contents
>> written.
>>>> 6. Dump UEFI variable statistics with VariableInfo at shell.
>>>> 7. Boot with emulated variables enabled.
>>>> 8. Cycles of adding and deleting a UEFI variable to verify cache results.
>>>> 9. Set OsIndications to stop at FW UI to verify cache load of non-volatile
>>>> contents.
>>>>
>>>> Why Keep SMM on Variable Writes
>>>> --------------------------------
>>>> * SMM provides a ubiquitous isolated execution environment in x86 for
>>>> authenticated UEFI variables.
>>>> * BIOS region SPI flash write restrictions to SMM in platforms today can
>>>> be retained.
>>>>
>>>> Today's UEFI Variable Cache (for reference)
>>>> --------------------------------------------
>>>> * Maintained in SMRAM via VariableSmm.
>>>> * A "write-through" cache of variable data in the form of a UEFI variable
>>>> store.
>>>> * Non-volatile and volatile variables are maintained in separate buffers
>>>> (variable stores).
>>>>
>>>> Runtime & SMM Cache Coherency
>>>> ------------------------------
>>>> The non-volatile cache should always accurately reflect non-volatile
>>>> storage contents (done today) and the "SMM cache" and "Runtime
>> cache"
>>>> should always be coherent on access. The runtime cache is updated by
>>> VariableSmm.
>>>>
>>>> Updating both caches from within a SMM SetVariable () operation is
>>>> fairly straightforward but a race condition can occur if an SMI
>>>> occurs during the execution of runtime code reading from the runtime
>> cache.
>>>> To handle this case, a runtime cache read lock is introduced that
>>>> explicitly moves pending updates from SMM to the runtime cache if an
>>>> SMM update occurs while the runtime cache is locked. Note that it is
>>>> not expected a Runtime services call will interrupt SMM processing
>>>> since all
>>> CPU cores rendezvous in SMM.
>>>>
>>>> New Key Elements for Coherence
>>>> -------------------------------
>>>> Runtime DXE (VariableSmmRuntimeDxe)
>>>> 1. RuntimeCacheReadLock - A global lock used to lock read access to the
>>>> runtime cache.
>>>> 2. RuntimeCachePendingUpdate - A global flag used to notify runtime
>>>> code
>>> of a
>>>> pending cache update in SMM.
>>>>
>>>> SMM (VariableSmm)
>>>> 1. FlushRuntimeCachePendingUpdate SMI - A SW SMI handler that
>>> synchronizes
>>>> the runtime cache buffer with the SMM
>>>> cache buffer.
>>>>
>>>> Proposed Runtime DXE Read Flow
>>>> -------------------------------
>>>> 1. Wait for RuntimeCacheReadLock to be free 2. Acquire
>>>> RuntimeCacheReadLock 3. If RuntimeCachePendingUpdate flag (rare) is
>>>> set then:
>>>> 3.a. Trigger FlushRuntimeCachePendingUpdate SMI
>>>> 3.b. Verify RuntimeCachePendingUpdate flag is cleared 4.
>>>> Perform read from RuntimeCache 5. Release RuntimeCacheReadLock
>>>>
>>>> Proposed FlushRuntimeCachePendingUpdate SMI
>>>> --------------------------------------------
>>>> 1. If RuntimeCachePendingUpdate flag is not set:
>>>> 1.a. Return
>>>> 2. Copy the data at RuntimeCachePendingOffset of
>>> RuntimeCachePendingLength to
>>>> RuntimeCache
>>>> 3. Clear the RuntimeCachePendingUpdate flag
>>>>
>>>> Proposed SMM Write Flow
>>>> ------------------------
>>>> 1. Perform variable authentication and non-volatile write. If either fail,
>>>> return an error to the caller.
>>>> 2. If RuntimeCacheReadLock is set then:
>>>> 2.a. Set RuntimeCachePendingUpdate flag
>>>> 2.b. Update RuntimeCachePendingOffset and
>>> RuntimeCachePendingLength to
>>>> cover the a superset of the pending chunk (for simplicity, the
>>>> entire variable store is currently synchronized).
>>>> 3. Else:
>>>> 3.a. Update RuntimeCache
>>>> 4. Update SmmCache
>>>> - Note: RT read cannot occur during SMI processing since all cores are
>>>> locked in SMM.
>>>>
>>>> Cc: Dandan Bi <dandan.bi@intel.com>
>>>> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
>>>> Cc: Eric Dong <eric.dong@intel.com>
>>>> Cc: Laszlo Ersek <lersek@redhat.com>
>>>> Cc: Liming Gao <liming.gao@intel.com>
>>>> Cc: Michael D Kinney <michael.d.kinney@intel.com>
>>>> Cc: Ray Ni <ray.ni@intel.com>
>>>> Cc: Jian J Wang <jian.j.wang@intel.com>
>>>> Cc: Hao A Wu <hao.a.wu@intel.com>
>>>> Cc: Jiewen Yao <jiewen.yao@intel.com>
>>>> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
>>>>
>>>> Michael Kubacki (5):
>>>> MdeModulePkg/Variable: Consolidate common parsing functions
>>>> MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats
>>>> MdeModulePkg/Variable: Add RT GetVariable() cache support
>>>> MdeModulePkg/Variable: Add RT GetNextVariableName() cache
>> support
>>>> MdeModulePkg/VariableSmm: Remove unused SMI handler functions
>>>>
>>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
>>> | 6 +
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
>> |
>>> 6 +
>>>>
>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i
>>> nf
>>>> | 32 +-
>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
>>> | 11 +
>>>> MdeModulePkg/Include/Guid/SmmVariableCommon.h | 33
>> +-
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.h |
>> 158
>>> +---
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
>>> | 25 +
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
>> |
>>> 342 ++++++++
>>>>
>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
>>> | 47 ++
>>>> MdeModulePkg/Application/VariableInfo/VariableInfo.c | 37 +-
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 828
>>> ++------------------
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c |
>>> 11 +-
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
>>> | 28 +
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c |
>>> 816 +++++++++++++++++++
>>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
>>> | 153 ++++
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c |
>>> 213 +++--
>>>>
>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.
>>> c | 726 +++++++++++++----
>>>> 17 files changed, 2298 insertions(+), 1174 deletions(-) create
>>>> mode
>>>> 100644
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.h
>>>> create mode 100644
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
>>>> create mode 100644
>>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.h
>>>> create mode 100644
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableNonVolatile.c
>>>> create mode 100644
>>>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
>>>> create mode 100644
>>>>
>> MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeCache.c
>>>>
>
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: [PATCH V1 0/5] UEFI Variable SMI Reduction
2019-09-30 22:43 ` Laszlo Ersek
@ 2019-09-30 22:47 ` Laszlo Ersek
0 siblings, 0 replies; 13+ messages in thread
From: Laszlo Ersek @ 2019-09-30 22:47 UTC (permalink / raw)
To: Kubacki, Michael A, devel@edk2.groups.io
Cc: Bi, Dandan, Ard Biesheuvel, Dong, Eric, Gao, Liming,
Kinney, Michael D, Ni, Ray, Wang, Jian J, Wu, Hao A, Yao, Jiewen
On 10/01/19 00:43, Laszlo Ersek wrote:
> On 09/27/19 00:35, Kubacki, Michael A wrote:
>> After thinking a bit more, this test is based on a side effect of implementation. I'd prefer to avoid this being the sole cause of additional complexity in an already complex driver. Are one of these two options acceptable?
>>
>> 1. Use the Runtime Services QueryVariableInfo () API
>>
>> In this patch series, this is still implemented to trigger an SMI as invocations occur very rarely outside mainstream GetVariable () and GetNextVariableName () usage so performance is not a major concern. This allows it to continue to use the validated path to the converged implementation in Variable.c
>
> QueryVariableInfo() is not exposed to Linux userspace in any practical way.
>
> The Firmware Test Suite contains a dedicated test case for that runtime
> service:
>
> https://wiki.ubuntu.com/FirmwareTestSuite/Reference/uefivarinfo
>
> which can be invoked from the root prompt.
>
> However, the userspace app depends on the efi_test module
> (CONFIG_EFI_TEST), which is not built in Fedora (not even in the debug
> kernel).
>
> Building the kernel module specifically for the test is very messy,
> especially if the running kernel was signed, and booted with Secure Boot
> enabled. (It won't just accept any hand-build module.)
>
> I'll ask the Fedora kernel maintainers if they can set CONFIG_EFI_TEST
> to "m".
NB, using QueryVariableInfo() for testing would still rely on an
implementation detail, namely that QueryVariableInfo() is allowed (for
now) to enter SMM.
But what if that changes again?
Thanks
Laszlo
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2019-09-30 22:47 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-09-26 4:50 [PATCH V1 0/5] UEFI Variable SMI Reduction Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 1/5] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
2019-09-27 8:17 ` [edk2-devel] " Wu, Hao A
2019-09-27 17:31 ` Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 2/5] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 3/5] MdeModulePkg/Variable: Add RT GetVariable() cache support Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 4/5] MdeModulePkg/Variable: Add RT GetNextVariableName() " Kubacki, Michael A
2019-09-26 4:50 ` [PATCH V1 5/5] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Kubacki, Michael A
2019-09-26 18:23 ` [PATCH V1 0/5] UEFI Variable SMI Reduction Laszlo Ersek
2019-09-26 20:29 ` Kubacki, Michael A
2019-09-26 22:35 ` Kubacki, Michael A
2019-09-30 22:43 ` Laszlo Ersek
2019-09-30 22:47 ` Laszlo Ersek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox