From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web09.934.1630133085072076025 for ; Fri, 27 Aug 2021 23:44:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=V2boMH2I; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: qi1.zhang@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10089"; a="197633857" X-IronPort-AV: E=Sophos;i="5.84,358,1620716400"; d="scan'208";a="197633857" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 23:44:43 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,358,1620716400"; d="scan'208";a="528824482" Received: from fmsmsx601.amr.corp.intel.com ([10.18.126.81]) by FMSMGA003.fm.intel.com with ESMTP; 27 Aug 2021 23:44:43 -0700 Received: from fmsmsx608.amr.corp.intel.com (10.18.126.88) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Fri, 27 Aug 2021 23:44:43 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx608.amr.corp.intel.com (10.18.126.88) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Fri, 27 Aug 2021 23:44:43 -0700 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.105) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Fri, 27 Aug 2021 23:44:43 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=fXODr/MSQhOx7VBs9z6Tti09u3d7u4qxQsg4LfSJh0FJzXFghYhbh1kgCKFsyFuQG8FQLn5KiBISEi8ZuJgYB2eQtqi5M3jAGM0v+bS/ahG29ORaxOPTORyew4mB402IRreUoipD7zFhIWnpJiaCiqZzqf9jgE3XvsZreDVAEayFtVM2jyGveMEpYmvG6u549pM2rz8Jp0lfAknmdtLocsmap4j+Zk3tEyevRUxJ//+SLVElbAyPKLsFZX3Oe68q2Bej8QL4kit62pJoddf2QJfRQAqZo2VWp41WbvneiQts/bLr28SE/yN542s0RBDxqn9v05gytKz+XBD9PmE6gg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mL6er+/x9g7gKuxVOp4N5Uzf0ymAJ9NAAZ+TE2X0AyE=; b=m44eGo3Kn0oNHcpiJZgndmpuBs7qLHpcLhUH00+tDKd8+SM+z3eEJl5EysTLR8jb/kMRqj7HjTzzck9t4gTlF7mtwKIM7Af20+Au361PdQy15y4pVe18188Xi86P7x08+3+BSSEcSjjdLGTJPSqd6FbLPI2f6aM8RCXy/Y8Dfsqf9enwxUWsT8KgKSe/pGiwRzynU24Cd/mreIzyUwAYAWVcZlj1xhE3Gkald4JJ9PVVjJLnydfeGOAfmHTmG9a/vgOUyKOG+vuJSX/KnorG4Zm5fCl4R6orVGQ7AIHTPX+GB52Nk/joOCGZikui0fxbTi+6ylj3rZegrcCGzdAMIw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=mL6er+/x9g7gKuxVOp4N5Uzf0ymAJ9NAAZ+TE2X0AyE=; b=V2boMH2Iaj2U29/s9+B/Xezn5SsfpQSMc713RCg9nm0MhnXwHRLXGBbXVbmllIC64KUZUQN6fiY2VXf1pIDP5CqxI+DlZ+wzy1jQxIlSPY+BQZ2dhChHK0J3gq9W0+pdSYXqwlxWc5UNnba6UHf0hTbI0kyMC8w6gZsObSgiM88= Received: from DM8PR11MB5750.namprd11.prod.outlook.com (2603:10b6:8:11::17) by DM5PR11MB1611.namprd11.prod.outlook.com (2603:10b6:4:9::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.22; Sat, 28 Aug 2021 06:44:41 +0000 Received: from DM8PR11MB5750.namprd11.prod.outlook.com ([fe80::a4e8:3195:7e90:43f2]) by DM8PR11MB5750.namprd11.prod.outlook.com ([fe80::a4e8:3195:7e90:43f2%3]) with mapi id 15.20.4457.023; Sat, 28 Aug 2021 06:44:41 +0000 From: "Qi Zhang" To: "Yao, Jiewen" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Kumar, Rahul1" , "Ni, Ray" Subject: Re: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Topic: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Index: AQHXmI+9osDYsRW8IU6SLdQ5/F78oauHYiKAgAEcmvA= Date: Sat, 28 Aug 2021 06:44:41 +0000 Message-ID: References: <20210824022822.6121-1-qi1.zhang@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 12ce0dc4-ec1e-4d3c-694f-08d969ef5022 x-ms-traffictypediagnostic: DM5PR11MB1611: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: VLQq0jpQJCoJvYJ/sVEv8MCGM3C4xN9OmwMYwZJf56mDQvfiQZQpG11895nno9cGyVm5QXqb9cwwYqXO+Zer6kdiIlYERlj+6PqvhwD87OgdVmvn4LUMjvNh9AIeG4QpPZsz5gvBAqyQ1XxCkrnmVNsYvKjvdTqA3UYW6bBG4PinUAtFRWbHc7OJlgHDwilDDbmmT/zOXQAknHtudF1PVs/vHdCkWJPmbXVTmV/PeasszYnReFM02ZgyYJuf+vFzfdDUf9a3ZbnPmqvLkHy4At05iVIEdbUnR9iNAFC/+e6QuY0CaijZy43GSR8pbNL9QlAvZB1cN93R3+oa20aoNq415DPNpSsvDUlnyIsCnbGxi9nAsbjkw6MMuZFhS++U1KxYa5ziHWBZsbxCZU7SHmt5lfXtansTtj09H8+Gqxeo4Loh9wQAKWcpyEQ6j85oIsIQo5BqziBRSfGr4LSIQ+zDPhH6ZhxZdTpNaxDFIxWieTQZavU6qSu+rexSwXTtzvSs1p2qOvYAoujpjSubV+EjUzHycknmffaVIQ0bRMnu7JiyqlyEntn9js1+Rp6FPeisU5xZjESH2/a1M9J9wFYV2N92bN913TyHoOuGnjVizUr6P/h0glg1+F9jtsJuikxLnBoqnzP69uRWrNIiMjC8lC3BLlZkZvQezpfzQKUtfoEtwcHn77ADfs8SYiw8YZ83JcNfwJbV64nEQVO+pSjgbkRiGb12vpG5OUbo/Hrhu/j46PlWxXIbjwj3PX2yEIQbtzZpGu8mQNajr2l02o69R7z3+SRvdSAjTiugHdZv4ltiO8+axMAREboqb0DoSA+GpmalZtklbO7qOcHmkcXotmxuaFz3pHUFYcl4nM8= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM8PR11MB5750.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(346002)(376002)(136003)(396003)(366004)(66446008)(2906002)(66476007)(64756008)(76116006)(38070700005)(9686003)(66946007)(33656002)(4326008)(38100700002)(966005)(66556008)(478600001)(110136005)(8936002)(54906003)(19627235002)(316002)(5660300002)(71200400001)(8676002)(55016002)(86362001)(186003)(83380400001)(15650500001)(26005)(7696005)(107886003)(52536014)(122000001)(6506007)(53546011)(30864003)(559001)(579004)(44824005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?aFc9hSOurKOsD3Jt5BupAuJp6fiE3lttnQWmawA6pSEZjEWOC8lMHtQnCIbA?= =?us-ascii?Q?mCwI1gzjkpkfC6Z0JA1HHlC80kwRvQ+gAwdGYO2xZ6vjrQIdn4cYBxazqcC2?= =?us-ascii?Q?lIH9N9LZP9SxlS34qfK3m/wVf6ytbIpjQa+awzLU8+4OQWP1py0oGan/ZJyK?= =?us-ascii?Q?2RWInNdKWCC8eZJMyIILmnWHwrb9lrqBlIOVfV6pn6h8UPfEU0oRvB6pDRvj?= =?us-ascii?Q?2RlU8tQ9XIqffMD6zeK7oJKuNHxYFzT6gzNFeLnshARet8X/M3/CwVWAndpT?= =?us-ascii?Q?i8FfxIzt8mcVj18Tq3OFuedc17MsJcTLhQTImOnbCpdzURwHl5Grq4ScD/s+?= =?us-ascii?Q?g6Jru12I5HM7N8c/xIJrwdWdTGFDFpUer/9CBENR5sq/978Covv0Fdrfesnq?= =?us-ascii?Q?Kiz2d19fxjpcB2t3HxhcFHizewmBB7P4QkuOvCoZU2aK7GaGO7tlWifLi4xq?= =?us-ascii?Q?D9CaMgFbo2kHtitv++fjwfBAiFhrOV6MJLZzpoBhjoi2YQ3bF6yLaqMeSFVl?= =?us-ascii?Q?xXfsrwERJb3+ikzLoaPIL/YS9bFJG5iZRZ8jjra24mjvBDLe9ufM5bNmH9bT?= =?us-ascii?Q?G5SAp8k5tQI9pdlt6/IJ4etwrlWG5c+YOjtdIG5lVjmSdaUekhl1BOhc8hk7?= =?us-ascii?Q?xxZS2jZFPn2fce9pCSDS8cGyJK2oAAoARwPff58t1rme5aSDiet0yTOl6Es6?= =?us-ascii?Q?GIF754gsoq8LxGzm0D8SNeNeZHqjhjbWVsK3i4NdDjCZb5G23exHrUqYElgF?= =?us-ascii?Q?DQ5XashHtiBLV2HIkvjBohpJxwUST4WAn+sATUKRxCdLCz3/uwl5WInmyLqn?= =?us-ascii?Q?tUF/HYWsA8lg2jJIeI5JGrSj/FJ1esCm6ythVAHatHM/F29gxf6cen/5kDEJ?= =?us-ascii?Q?UZT8otciCRbp/79xI0IwCuZhvtNO+2L/VZ7NrUtrFpHM9tbiqH/afim3z+oc?= =?us-ascii?Q?RVKL/oHnRlqSEtHRcg0mOG4v82yH9uAWRBlHWkkeQwbmq5v+oWWVOaGdM+Z8?= =?us-ascii?Q?YvRhEW/FkZ5IjagfQSX7NzsOLzcfvzytmRxYAwT0+KL0TTEyD+eT3KlVJZ3/?= =?us-ascii?Q?fTvV103k0cqD/IZ8G8KkO+cdl8ll+yL8Gq/B5eAM97CcXBP494IglxHL8PDL?= =?us-ascii?Q?6zeTMsjec13WIBYeEazNMzm3CKojIORK9aH4BWozWnzZM+kTb/JBe9Gedmu4?= =?us-ascii?Q?sudcU0GAmRYpoIUwNc7o4ldTATZl9p2h9jvbD4CZWerhYM2Zv0kI9ieW4K83?= =?us-ascii?Q?dT63P4LsLpvRGoT5S+1UNyI/HqKo5JW0Vj1C24+/sBVoJiWGMywUHsqE5xY2?= =?us-ascii?Q?UeJY+iSBspyVczeDB2YJZMMl?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM8PR11MB5750.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 12ce0dc4-ec1e-4d3c-694f-08d969ef5022 X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Aug 2021 06:44:41.1511 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: abg23vKLdyGHM/24LykJi5aHBMki7vYiSFVOJhjCZKFbkVt4qYaKUmM/WP1OylNFHcqdcDRHAGpJOHQYQLNfhA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM5PR11MB1611 Return-Path: qi1.zhang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I created a new PR and pass CI. https://github.com/tianocore/edk2/pull/1924 Thanks! Qi Zhang > -----Original Message----- > From: Yao, Jiewen > Sent: Friday, August 27, 2021 9:44 PM > To: Zhang, Qi1 ; devel@edk2.groups.io > Cc: Wang, Jian J ; Kumar, Rahul1 > ; Ni, Ray > Subject: RE: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver >=20 > Hi > This patch failed in CI - https://github.com/tianocore/edk2/pull/1922 >=20 > Please take a look and submit patch again. >=20 > > -----Original Message----- > > From: Zhang, Qi1 > > Sent: Tuesday, August 24, 2021 10:28 AM > > To: devel@edk2.groups.io > > Cc: Zhang, Qi1 ; Yao, Jiewen > > ; Wang, Jian J ; Kumar, > > Rahul1 ; Ni, Ray > > Subject: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3583 > > > > TcgMorLockSmm is only for secure MOR V1. > > VariableSmm covers secure MOR V1 and V2. > > > > Signed-off-by: Qi Zhang > > Cc: Jiewen Yao > > Cc: Jian J Wang > > Cc: Qi Zhang > > Cc: Rahul Kumar > > Cc: Ray Ni > > --- > > SecurityPkg/SecurityPkg.dsc | 1 - > > .../TcgMorLock.c | 191 ------------------ > > .../TcgMorLock.h | 131 ------------ > > .../TcgMorLock.uni | 16 -- > > .../TcgMorLockExtra.uni | 14 -- > > .../TcgMorLockSmm.c | 152 -------------- > > .../TcgMorLockSmm.inf | 65 ------ > > 7 files changed, 570 deletions(-) > > delete mode 100644 > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > > delete mode 100644 > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > > delete mode 100644 > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > > delete mode 100644 > > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > > delete mode 100644 > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > > delete mode 100644 > > > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > > > > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc > > index 64157e20f9..7898fe4282 100644 > > --- a/SecurityPkg/SecurityPkg.dsc > > +++ b/SecurityPkg/SecurityPkg.dsc > > @@ -338,7 +338,6 @@ > > > > > > [Components.IA32, Components.X64] > > > > > > > > - > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > > > > SecurityPkg/Tcg/TcgSmm/TcgSmm.inf > > > > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf > > > > SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf > > > > diff --git > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > > deleted file mode 100644 > > index aa230eeefa..0000000000 > > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > > +++ /dev/null > > @@ -1,191 +0,0 @@ > > -/** @file > > > > - TCG MOR (Memory Overwrite Request) Lock Control Driver. > > > > - > > > > - This driver initializes MemoryOverwriteRequestControlLock variable. > > > > - This module will add Variable Hook and allow > > MemoryOverwriteRequestControlLock variable set only once. > > > > - > > > > -Copyright (c) 2015 - 2018, Intel Corporation. All rights > > reserved.
> > > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > > > - > > > > -**/ > > > > - > > > > -#include > > > > -#include > > > > -#include > > > > -#include > > > > -#include > > > > -#include > > > > -#include "TcgMorLock.h" > > > > - > > > > -typedef struct { > > > > - CHAR16 *VariableName; > > > > - EFI_GUID *VendorGuid; > > > > -} VARIABLE_TYPE; > > > > - > > > > -VARIABLE_TYPE mMorVariableType[] =3D { > > > > - {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, > > &gEfiMemoryOverwriteControlDataGuid}, > > > > - {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, > > &gEfiMemoryOverwriteRequestControlLockGuid}, > > > > -}; > > > > - > > > > -/** > > > > - Returns if this is MOR related variable. > > > > - > > > > - @param VariableName the name of the vendor's variable, it's a > > Null- Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - > > > > - @retval TRUE The variable is MOR related. > > > > - @retval FALSE The variable is NOT MOR related. > > > > -**/ > > > > -BOOLEAN > > > > -IsAnyMorVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid > > > > - ) > > > > -{ > > > > - UINTN Index; > > > > - > > > > - for (Index =3D 0; Index < > > sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) { > > > > - if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) > =3D=3D 0) > > && > > > > - (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))= ) > { > > > > - return TRUE; > > > > - } > > > > - } > > > > - return FALSE; > > > > -} > > > > - > > > > -/** > > > > - Returns if this is MOR lock variable. > > > > - > > > > - @param VariableName the name of the vendor's variable, it's a > > Null- Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - > > > > - @retval TRUE The variable is MOR lock variable. > > > > - @retval FALSE The variable is NOT MOR lock variable. > > > > -**/ > > > > -BOOLEAN > > > > -IsMorLockVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid > > > > - ) > > > > -{ > > > > - if ((StrCmp (VariableName, > > MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) =3D=3D 0) && > > > > - (CompareGuid (VendorGuid, > > &gEfiMemoryOverwriteRequestControlLockGuid))) { > > > > - return TRUE; > > > > - } > > > > - return FALSE; > > > > -} > > > > - > > > > -/** > > > > - This service is a checker handler for the UEFI Runtime Service > > SetVariable() > > > > - > > > > - @param VariableName the name of the vendor's variable, as a > > > > - Null-Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize The size in bytes of Data-Buffer. > > > > - @param Data Point to the content of the variable. > > > > - > > > > - @retval EFI_SUCCESS The firmware has successfully stored= the > variable > > and its data as > > > > - defined by the Attributes. > > > > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute > > bits was supplied, or the > > > > - DataSize exceeds the maximum allowed= . > > > > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode > string. > > > > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to > hold > > the variable and its data. > > > > - @retval EFI_DEVICE_ERROR The variable could not be saved due = to a > > hardware failure. > > > > - @retval EFI_WRITE_PROTECTED The variable in question is read-onl= y. > > > > - @retval EFI_WRITE_PROTECTED The variable in question cannot be > deleted. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be written > > due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS > > > > - set but the AuthInfo does NOT pass t= he validation check > > carried > > > > - out by the firmware. > > > > - @retval EFI_NOT_FOUND The variable trying to be updated or > deleted > > was not found. > > > > - > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -SetVariableCheckHandlerMor ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - IN UINT32 Attributes, > > > > - IN UINTN DataSize, > > > > - IN VOID *Data > > > > - ) > > > > -{ > > > > - UINTN MorLockDataSize; > > > > - BOOLEAN MorLock; > > > > - EFI_STATUS Status; > > > > - > > > > - // > > > > - // do not handle non-MOR variable > > > > - // > > > > - if (!IsAnyMorVariable (VariableName, VendorGuid)) { > > > > - return EFI_SUCCESS; > > > > - } > > > > - > > > > - MorLockDataSize =3D sizeof(MorLock); > > > > - Status =3D InternalGetVariable ( > > > > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, > > > > - &gEfiMemoryOverwriteRequestControlLockGuid, > > > > - NULL, > > > > - &MorLockDataSize, > > > > - &MorLock > > > > - ); > > > > - if (!EFI_ERROR (Status) && MorLock) { > > > > - // > > > > - // If lock, deny access > > > > - // > > > > - return EFI_INVALID_PARAMETER; > > > > - } > > > > - > > > > - // > > > > - // Delete not OK > > > > - // > > > > - if ((DataSize !=3D sizeof(UINT8)) || (Data =3D=3D NULL) || (Attribut= es =3D=3D > > 0)) { > > > > - return EFI_INVALID_PARAMETER; > > > > - } > > > > - > > > > - // > > > > - // check format > > > > - // > > > > - if (IsMorLockVariable(VariableName, VendorGuid)) { > > > > - // > > > > - // set to any other value not OK > > > > - // > > > > - if ((*(UINT8 *)Data !=3D 1) && (*(UINT8 *)Data !=3D 0)) { > > > > - return EFI_INVALID_PARAMETER; > > > > - } > > > > - } > > > > - // > > > > - // Or grant access > > > > - // > > > > - return EFI_SUCCESS; > > > > -} > > > > - > > > > -/** > > > > - Entry Point for MOR Lock Control driver. > > > > - > > > > - @param[in] ImageHandle Image handle of this driver. > > > > - @param[in] SystemTable A Pointer to the EFI System Table. > > > > - > > > > - @retval EFI_SUCCESS > > > > - @return Others Some error occurs. > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -MorLockDriverInit ( > > > > - VOID > > > > - ) > > > > -{ > > > > - EFI_STATUS Status; > > > > - UINT8 Data; > > > > - > > > > - Data =3D 0; > > > > - Status =3D InternalSetVariable ( > > > > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, > > > > - &gEfiMemoryOverwriteRequestControlLockGuid, > > > > - EFI_VARIABLE_NON_VOLATILE | > EFI_VARIABLE_BOOTSERVICE_ACCESS > > | EFI_VARIABLE_RUNTIME_ACCESS, > > > > - 1, > > > > - &Data > > > > - ); > > > > - return Status; > > > > -} > > > > diff --git > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > > deleted file mode 100644 > > index 5a6658c158..0000000000 > > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > > +++ /dev/null > > @@ -1,131 +0,0 @@ > > -/** @file > > > > - TCG MOR (Memory Overwrite Request) Lock Control Driver header file. > > > > - > > > > -Copyright (c) 2015 - 2018, Intel Corporation. All rights > > reserved.
> > > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > > > - > > > > -**/ > > > > - > > > > -#ifndef _EFI_TCG_MOR_LOCK_H_ > > > > -#define _EFI_TCG_MOR_LOCK_H_ > > > > - > > > > -/** > > > > - This service is a wrapper for the UEFI Runtime Service GetVariable()= . > > > > - > > > > - @param VariableName the name of the vendor's variable, it's a > > Null- Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize As input, point to the maximum size of return D= ata- > Buffer. > > > > - As output, point to the actual size of the retu= rned Data-Buffer. > > > > - @param Data Point to return Data-Buffer. > > > > - > > > > - @retval EFI_SUCCESS The function completed successfully. > > > > - @retval EFI_NOT_FOUND The variable was not found. > > > > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the > result. > > DataSize has > > > > - been updated with the size needed to= complete the > request. > > > > - @retval EFI_INVALID_PARAMETER VariableName is NULL. > > > > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. > > > > - @retval EFI_INVALID_PARAMETER DataSize is NULL. > > > > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and > > Data is NULL. > > > > - @retval EFI_DEVICE_ERROR The variable could not be retrieved = due > to a > > hardware error. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved > > due to an authentication failure. > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -InternalGetVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - OUT UINT32 *Attributes OPTIONAL, > > > > - IN OUT UINTN *DataSize, > > > > - OUT VOID *Data > > > > - ); > > > > - > > > > -/** > > > > - This service is a wrapper for the UEFI Runtime Service > > SetVariable() > > > > - > > > > - @param VariableName the name of the vendor's variable, as a > > > > - Null-Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize The size in bytes of Data-Buffer. > > > > - @param Data Point to the content of the variable. > > > > - > > > > - @retval EFI_SUCCESS The firmware has successfully stored= the > variable > > and its data as > > > > - defined by the Attributes. > > > > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute > > bits was supplied, or the > > > > - DataSize exceeds the maximum allowed= . > > > > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode > string. > > > > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to > hold > > the variable and its data. > > > > - @retval EFI_DEVICE_ERROR The variable could not be saved due = to a > > hardware failure. > > > > - @retval EFI_WRITE_PROTECTED The variable in question is read-onl= y. > > > > - @retval EFI_WRITE_PROTECTED The variable in question cannot be > deleted. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be written > > due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS > > > > - set but the AuthInfo does NOT pass t= he validation check > > carried > > > > - out by the firmware. > > > > - @retval EFI_NOT_FOUND The variable trying to be updated or > deleted > > was not found. > > > > - > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -InternalSetVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - IN UINT32 Attributes, > > > > - IN UINTN DataSize, > > > > - IN VOID *Data > > > > - ); > > > > - > > > > -/** > > > > - This service is a checker handler for the UEFI Runtime Service > > SetVariable() > > > > - > > > > - @param VariableName the name of the vendor's variable, as a > > > > - Null-Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize The size in bytes of Data-Buffer. > > > > - @param Data Point to the content of the variable. > > > > - > > > > - @retval EFI_SUCCESS The firmware has successfully stored= the > variable > > and its data as > > > > - defined by the Attributes. > > > > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute > > bits was supplied, or the > > > > - DataSize exceeds the maximum allowed= . > > > > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode > string. > > > > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to > hold > > the variable and its data. > > > > - @retval EFI_DEVICE_ERROR The variable could not be saved due = to a > > hardware failure. > > > > - @retval EFI_WRITE_PROTECTED The variable in question is read-onl= y. > > > > - @retval EFI_WRITE_PROTECTED The variable in question cannot be > deleted. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be written > > due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS > > > > - set but the AuthInfo does NOT pass t= he validation check > > carried > > > > - out by the firmware. > > > > - @retval EFI_NOT_FOUND The variable trying to be updated or > deleted > > was not found. > > > > - > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -SetVariableCheckHandlerMor ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - IN UINT32 Attributes, > > > > - IN UINTN DataSize, > > > > - IN VOID *Data > > > > - ); > > > > - > > > > -/** > > > > - Entry Point for MOR Lock Control driver. > > > > - > > > > - @param[in] ImageHandle Image handle of this driver. > > > > - @param[in] SystemTable A Pointer to the EFI System Table. > > > > - > > > > - @retval EFI_SUCCESS > > > > - @return Others Some error occurs. > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -MorLockDriverInit ( > > > > - VOID > > > > - ); > > > > - > > > > -#endif > > > > diff --git > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > > deleted file mode 100644 > > index 711b37d866..0000000000 > > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > > +++ /dev/null > > @@ -1,16 +0,0 @@ > > -// /** @file > > > > -// Initializes MemoryOverwriteRequestControlLock variable > > > > -// > > > > -// This module will add Variable Hook and allow > > MemoryOverwriteRequestControlLock variable set only once. > > > > -// > > > > -// Copyright (c) 2015, Intel Corporation. All rights reserved.
> > > > -// > > > > -// SPDX-License-Identifier: BSD-2-Clause-Patent > > > > -// > > > > -// **/ > > > > - > > > > - > > > > -#string STR_MODULE_ABSTRACT #language en-US "Initializes > > MemoryOverwriteRequestControlLock variable" > > > > - > > > > -#string STR_MODULE_DESCRIPTION #language en-US "This module > will > > add Variable Hook and allow MemoryOverwriteRequestControlLock > variable > > set only once." > > > > - > > > > diff --git > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.u > n > > i > > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra. > un > > i > > deleted file mode 100644 > > index 2679c08c86..0000000000 > > --- > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.u > n > > i > > +++ /dev/null > > @@ -1,14 +0,0 @@ > > -// /** @file > > > > -// TcgMorLock Localized Strings and Content > > > > -// > > > > -// Copyright (c) 2015 - 2018, Intel Corporation. All rights > > reserved.
> > > > -// > > > > -// SPDX-License-Identifier: BSD-2-Clause-Patent > > > > -// > > > > -// **/ > > > > - > > > > -#string STR_PROPERTIES_MODULE_NAME > > > > -#language en-US > > > > -"TCG (Trusted Computing Group) MOR Lock" > > > > - > > > > - > > > > diff --git > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > > deleted file mode 100644 > > index 8c92317313..0000000000 > > --- > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > > +++ /dev/null > > @@ -1,152 +0,0 @@ > > -/** @file > > > > - TCG MOR (Memory Overwrite Request) Lock Control Driver SMM > wrapper. > > > > - > > > > -Copyright (c) 2015 - 2018, Intel Corporation. All rights > > reserved.
> > > > -SPDX-License-Identifier: BSD-2-Clause-Patent > > > > - > > > > -**/ > > > > - > > > > -#include > > > > -#include > > > > -#include > > > > -#include > > > > -#include > > > > -#include "TcgMorLock.h" > > > > - > > > > -EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable; > > > > - > > > > -/** > > > > - This service is a wrapper for the UEFI Runtime Service GetVariable()= . > > > > - > > > > - @param VariableName the name of the vendor's variable, it's a > > Null- Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize As input, point to the maximum size of return D= ata- > Buffer. > > > > - As output, point to the actual size of the retu= rned Data-Buffer. > > > > - @param Data Point to return Data-Buffer. > > > > - > > > > - @retval EFI_SUCCESS The function completed successfully. > > > > - @retval EFI_NOT_FOUND The variable was not found. > > > > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the > result. > > DataSize has > > > > - been updated with the size needed to= complete the > request. > > > > - @retval EFI_INVALID_PARAMETER VariableName is NULL. > > > > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. > > > > - @retval EFI_INVALID_PARAMETER DataSize is NULL. > > > > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and > > Data is NULL. > > > > - @retval EFI_DEVICE_ERROR The variable could not be retrieved = due > to a > > hardware error. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved > > due to an authentication failure. > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -InternalGetVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - OUT UINT32 *Attributes OPTIONAL, > > > > - IN OUT UINTN *DataSize, > > > > - OUT VOID *Data > > > > - ) > > > > -{ > > > > - return mSmmVariable->SmmGetVariable ( > > > > - VariableName, > > > > - VendorGuid, > > > > - Attributes, > > > > - DataSize, > > > > - Data > > > > - ); > > > > -} > > > > - > > > > -/** > > > > - This service is a wrapper for the UEFI Runtime Service > > SetVariable() > > > > - > > > > - @param VariableName the name of the vendor's variable, as a > > > > - Null-Terminated Unicode String > > > > - @param VendorGuid Unify identifier for vendor. > > > > - @param Attributes Point to memory location to return the attribut= es of > > variable. If the point > > > > - is NULL, the parameter would be ignored. > > > > - @param DataSize The size in bytes of Data-Buffer. > > > > - @param Data Point to the content of the variable. > > > > - > > > > - @retval EFI_SUCCESS The firmware has successfully stored= the > variable > > and its data as > > > > - defined by the Attributes. > > > > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute > > bits was supplied, or the > > > > - DataSize exceeds the maximum allowed= . > > > > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode > string. > > > > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to > hold > > the variable and its data. > > > > - @retval EFI_DEVICE_ERROR The variable could not be saved due = to a > > hardware failure. > > > > - @retval EFI_WRITE_PROTECTED The variable in question is read-onl= y. > > > > - @retval EFI_WRITE_PROTECTED The variable in question cannot be > deleted. > > > > - @retval EFI_SECURITY_VIOLATION The variable could not be written > > due to EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS > > > > - set but the AuthInfo does NOT pass t= he validation check > > carried > > > > - out by the firmware. > > > > - @retval EFI_NOT_FOUND The variable trying to be updated or > deleted > > was not found. > > > > - > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -InternalSetVariable ( > > > > - IN CHAR16 *VariableName, > > > > - IN EFI_GUID *VendorGuid, > > > > - IN UINT32 Attributes, > > > > - IN UINTN DataSize, > > > > - IN VOID *Data > > > > - ) > > > > -{ > > > > - return mSmmVariable->SmmSetVariable ( > > > > - VariableName, > > > > - VendorGuid, > > > > - Attributes, > > > > - DataSize, > > > > - Data > > > > - ); > > > > -} > > > > - > > > > -/** > > > > - Entry Point for MOR Lock Control driver. > > > > - > > > > - @param[in] ImageHandle The firmware allocated handle for the EFI > image. > > > > - @param[in] SystemTable A pointer to the EFI System Table. > > > > - > > > > - @retval EFI_SUCCESS EntryPoint runs successfully. > > > > - > > > > -**/ > > > > -EFI_STATUS > > > > -EFIAPI > > > > -MorLockDriverEntryPointSmm ( > > > > - IN EFI_HANDLE ImageHandle, > > > > - IN EFI_SYSTEM_TABLE *SystemTable > > > > - ) > > > > -{ > > > > - EFI_STATUS Status; > > > > - EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck; > > > > - > > > > - // > > > > - // This driver link to Smm Variable driver > > > > - // > > > > - DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n")); > > > > - > > > > - Status =3D gSmst->SmmLocateProtocol ( > > > > - &gEfiSmmVariableProtocolGuid, > > > > - NULL, > > > > - (VOID **) &mSmmVariable > > > > - ); > > > > - ASSERT_EFI_ERROR (Status); > > > > - > > > > - Status =3D gSmst->SmmLocateProtocol ( > > > > - &gEdkiiSmmVarCheckProtocolGuid, > > > > - NULL, > > > > - (VOID **) &SmmVarCheck > > > > - ); > > > > - ASSERT_EFI_ERROR (Status); > > > > - > > > > - Status =3D MorLockDriverInit (); > > > > - if (EFI_ERROR (Status)) { > > > > - return Status; > > > > - } > > > > - > > > > - Status =3D SmmVarCheck->SmmRegisterSetVariableCheckHandler > > (SetVariableCheckHandlerMor); > > > > - ASSERT_EFI_ERROR (Status); > > > > - > > > > - return Status; > > > > -} > > > > - > > > > diff --git > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.i > nf > > > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.i > nf > > deleted file mode 100644 > > index 875c1e5f3a..0000000000 > > --- > > > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.i > nf > > +++ /dev/null > > @@ -1,65 +0,0 @@ > > -## @file > > > > -# Initializes MemoryOverwriteRequestControlLock variable > > > > -# > > > > -# This module will add Variable Hook and allow > > MemoryOverwriteRequestControlLock variable set only once. > > > > -# > > > > -# NOTE: This module only handles secure MOR V1 and is deprecated. > > > > -# The secure MOR V2 is handled inside of variable driver. > > > > -# > > > > -# Copyright (c) 2015 - 2018, Intel Corporation. All rights > > reserved.
> > > > -# SPDX-License-Identifier: BSD-2-Clause-Patent > > > > -# > > > > -## > > > > - > > > > -[Defines] > > > > - INF_VERSION =3D 0x00010005 > > > > - BASE_NAME =3D TcgMorLockSmm > > > > - MODULE_UNI_FILE =3D TcgMorLock.uni > > > > - FILE_GUID =3D E2EA6F47-E678-47FA-8C1B-02A03E825= C6E > > > > - MODULE_TYPE =3D DXE_SMM_DRIVER > > > > - VERSION_STRING =3D 1.0 > > > > - PI_SPECIFICATION_VERSION =3D 0x0001000A > > > > - ENTRY_POINT =3D MorLockDriverEntryPointSmm > > > > - > > > > -# > > > > -# The following information is for reference only and not required by > > the build tools. > > > > -# > > > > -# VALID_ARCHITECTURES =3D IA32 X64 EBC > > > > -# > > > > - > > > > -[Sources] > > > > - TcgMorLock.h > > > > - TcgMorLock.c > > > > - TcgMorLockSmm.c > > > > - > > > > -[Packages] > > > > - MdePkg/MdePkg.dec > > > > - MdeModulePkg/MdeModulePkg.dec > > > > - SecurityPkg/SecurityPkg.dec > > > > - > > > > -[LibraryClasses] > > > > - UefiDriverEntryPoint > > > > - SmmServicesTableLib > > > > - DebugLib > > > > - BaseLib > > > > - BaseMemoryLib > > > > - > > > > -[Guids] > > > > - ## SOMETIMES_CONSUMES ## > > Variable:L"MemoryOverwriteRequestControl" > > > > - gEfiMemoryOverwriteControlDataGuid > > > > - > > > > - ## SOMETIMES_CONSUMES ## > > Variable:L"MemoryOverwriteRequestControlLock" > > > > - ## PRODUCES ## > Variable:L"MemoryOverwriteRequestControlLock" > > > > - gEfiMemoryOverwriteRequestControlLockGuid > > > > - > > > > -[Protocols] > > > > - gEdkiiSmmVarCheckProtocolGuid ## CONSUMES > > > > - gEfiSmmVariableProtocolGuid ## CONSUMES > > > > - > > > > -[Depex] > > > > - gEfiSmmVariableProtocolGuid AND > > > > - gSmmVariableWriteGuid AND > > > > - ( gEfiTcgProtocolGuid OR gEfiTcg2ProtocolGuid ) > > > > - > > > > -[UserExtensions.TianoCore."ExtraFiles"] > > > > - TcgMorLockExtra.uni > > > > -- > > 2.26.2.windows.1