From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.24587.1629941095056055338 for ; Wed, 25 Aug 2021 18:24:55 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=bUre4/9P; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10087"; a="204846092" X-IronPort-AV: E=Sophos;i="5.84,352,1620716400"; d="scan'208";a="204846092" Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 25 Aug 2021 18:24:53 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,352,1620716400"; d="scan'208";a="444381278" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by orsmga002.jf.intel.com with ESMTP; 25 Aug 2021 18:24:53 -0700 Received: from fmsmsx601.amr.corp.intel.com (10.18.126.81) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Wed, 25 Aug 2021 18:24:53 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx601.amr.corp.intel.com (10.18.126.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Wed, 25 Aug 2021 18:24:53 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.47) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Wed, 25 Aug 2021 18:24:52 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cLobGaP8HmuPsznUhKEXooCZjMzXQPDdQyocVj9x/mAJpP+D/5sSBYcx/1zAmYTCcl8A7NrIiSYnYxX5wXRqbZkoWVsNLycH0+z4b3ZOkwiH9xQZ96ba6LWI6iUe1NtGGZfDTma7tJoU3I+Xo6TzbQUwAC4fg+fhLByX69z412nZWsGDWtCVaau9p/T1xOZx1141HDb7zX/GwF/Zxm37P3+sOCBII1/eAvesIe2DRnfy3Dzg8nHiIfj1eUq+hXcjS4CFBDxNUJhpuLrX/8PxxbbrJx84yTOCpqQk+qehoRdSo3EvAL6RgkuySCNk0ym1JspfSHGVviGRgJL0cVtUMQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=icuEmeT5a2Xj6R8LDVoedl2DZmjQ7RkKX4CEjRY2Vh4=; b=Z+UTmkP7a5HuufVD77XDxxRIR1kTZF2nDAb4coP+b1ArqrY2x6TKvW8Ws7ybjOoTvuu47915l1/pBzfr+2O2wDyQLKCClpB1yrr98pn6QmVbYJe4PSIlqyN3JtIHgHT4SHPuIcZNwdRgXCvBxlfn6+ly5Ym/4BG3uArvX8hqZjDQRt0l4xlSsG54R7vFZXqUUcUg4jlaGTt/hqJG36RpnPVkHhLeRXK+vV+nP8dUdBj8jeW/BKE0TyBepoiTSPRB4IFHSEnd6E0obzYsGudq8PGb/JTIif1jfaFamlwWlMfqKpp0QpxNdhrzDii7WKgoufdsy+L2xgtJ5iFdNz5KTQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=icuEmeT5a2Xj6R8LDVoedl2DZmjQ7RkKX4CEjRY2Vh4=; b=bUre4/9PuumZFRwRdxI0Dlljfmclpe8OX6BmEkXLpMoZh2ha2rGdVI5OmWL1DQWdQ4JcPFya6BeeVsPcfvRnYAyET/TopVy/jBIOd0IuHVQ7W7/BF2IAb5lSLHqwG6c53mpTkQ2m09/cWX8L7URsMNwyEP3p+N5bfvDabhjL3LI= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB4871.namprd11.prod.outlook.com (2603:10b6:510:30::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Thu, 26 Aug 2021 01:24:51 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79%6]) with mapi id 15.20.4436.024; Thu, 26 Aug 2021 01:24:51 +0000 From: "Yao, Jiewen" To: "Zhang, Qi1" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Kumar, Rahul1" , "Ni, Ray" Subject: Re: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Topic: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Index: AQHXmI+9p73UZ+Jkfk2vk8+5olC8KKuFAR1A Date: Thu, 26 Aug 2021 01:24:51 +0000 Message-ID: References: <20210824022822.6121-1-qi1.zhang@intel.com> In-Reply-To: <20210824022822.6121-1-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 6b9e8556-0384-43f3-a0cc-08d968304d77 x-ms-traffictypediagnostic: PH0PR11MB4871: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: gIEiA9kpwj0cSRE5do/zwIhmhVC/trLnd8iICrQy/SWNeX33eY6X5g8CIkNqqG1wPXl1zbrcEi/N3F3wSockBRIet9PdOHzuUaJbDc4q93+QjbFuUs0kwotThyIU3Dj7Ig3mWg+J9pP9wJPYNikMkz8D1DI+6wYbotfcvCkHkvXPcADxTWEz0kNdwiKXelqLvtIhTB8bUITDwMT8G8eHhvN0sEsoM1txkH8h3ToWUVLidzipQdu2ZmUh1TFquDTSDFQ93hKQAcuu4a/S94scjeK5oGewU8x4SB7VY5uHnhweoXQBk0GlvbJKzjuY4bo1wkzFRAtxN1i2O2socEPqEJ+ctFOB4rBMAgdBFx7ghZ6lEJsfvoQVn0+/1PSSf6ila5vuRMDt4PZxZfT4pAcd9XR+cIoQpz3J6/yhmhPKrKmtUiPtnt9KPKKay3FdofQ+9Y6vnS7uSJRsfAnzqkgzu7AUp6oeCOWrueKWqvoFCZr+fgEtGsTmBTUkgQqsCeH7g0zRTqDe4d1naFv1NA9r5AkhYTmw6BnfIzFdjk+FWSiVPpJPb6xZGbVELMi15AducgB6iWYcWOS9gCxxyWerZQEWLwCcpFCrsNUl1LQYlZ32U7Atl0SH2QHXWP886V5Op9FyOBBM4l76DIgnrMPsAczg6DshDiwrOVmCGcChoXxdkZB98lksSAeeRnk9Su58w006TDmwLIAuhZPMaSufO3JFO+/eHAjWs3pISdpxEl0ujvdvz+2TzYR3AjdEg4Cjdfo2GyJWHSMKykf6/c1v6vt0vei1xLdcFSL20249IOyq/+H4XajdNaUwC0uJ12yN x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(396003)(366004)(136003)(39860400002)(346002)(71200400001)(52536014)(9686003)(38100700002)(53546011)(122000001)(66946007)(6506007)(107886003)(33656002)(110136005)(66476007)(76116006)(86362001)(5660300002)(2906002)(7696005)(19627235002)(8676002)(83380400001)(30864003)(55016002)(54906003)(316002)(478600001)(66446008)(66556008)(64756008)(4326008)(186003)(15650500001)(8936002)(966005)(26005)(38070700005)(579004)(559001)(44824005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?bP/PS7e9cZNPtqIShYZSSGmLDqT8gRfjJlWHirzHKM9DjFQyJdZ4MXiYT25a?= =?us-ascii?Q?gvnHhUc4MKplQ8kMFQ4k49ad7qq4MsLZ6TRG9ZUB9KpDkv5I43TCXNbibY3v?= =?us-ascii?Q?HHRWq+c6U0aP8KFqycEbbBPVz94cHvFlMluD0DoVHvNJyZPczLZKy4JxZd4Y?= =?us-ascii?Q?wC/efra16/SOI74mt9c7mogl1NSGumfKXdd9YiG4vUaHbu4GKC3MO47NHp6X?= =?us-ascii?Q?AtkCoooJ+3rSL+AHlMANYb39pI1vcAnMuIGemuJUjOoZ2eZrmT+mzJjnc5Yq?= =?us-ascii?Q?WVNkLUCdJuFxtiHcjom73IFKNpjERHR71+FKxKasss+nVdkwthxjcQcxoKM3?= =?us-ascii?Q?X5BT9W0VH2V1xvPBOvBz6nYfxnWcsETncBvQmgmOE0m3EqFSFzGBETP1TxO3?= =?us-ascii?Q?jVbjR13rtNcCZmVd3VfqbMf+4yinZXRwsv4D42O0PkCFaMNS6sLQReuYF8ca?= =?us-ascii?Q?Sm1N6mqQYPFp6y2usaGixHv2kMrYw+YZIqijciRuLExDJhZ9Fc5x9TKN0X4m?= =?us-ascii?Q?WM5XtapAysnZqWwuOwMiS+6XNNYtF/t07Bb7ri6XpJLa1E4M8UFI2XFtW++m?= =?us-ascii?Q?jg7jiTTs6CDX74CNacg2kYx2i1L/WTtmorY9dqQTEfoGTQYACiIt23Z3uLTj?= =?us-ascii?Q?BwLUhKshZHznf9bdOhao549UGM6+9q+K9M54WSs0Sp4PqG503VFmaS8LJwQE?= =?us-ascii?Q?JsP9ye0/C4jhI25ycNTS+rvR3z5wZyo9g5F+dAdSEhFJcojS7CgUs9K7zhzq?= =?us-ascii?Q?lKwL4oyQh/kMBP3LybAZ9UgbwrOVB2E3ZhQUltXlOL5luw+gYgcVJoddtHbf?= =?us-ascii?Q?QlDdYyZdlwYQO4fH46okHpa7PLh0oFB74qHr75cnaz4JXlpQS7I5ylcBBdfK?= =?us-ascii?Q?deXbSRZ8BzCQYnPbpr31fdz3f0RMMdQOcxerC1gXqP/46p8fBIb6A61cDesP?= =?us-ascii?Q?EcW3CrG+DEbypKlUBvQsZGdpZCeh//fX/aJRKS/t3eCiV2WA6Qa6oW/nniYv?= =?us-ascii?Q?dn4KiJ8MNS+YRsmkbO2imbn8iw8Ix07OVC1h+Fc9VCpTr9X4Lzgbn5mcs+Ck?= =?us-ascii?Q?M5QZQ98ovOFSeDkIUqGz91fkcg2tYkQ+XunxQolAKrjxGLqaIauFwrXcIZIB?= =?us-ascii?Q?o8gWUTJ7L1v90bnvJWtjfoLLiu9Igb2OU0DSinvis+qFg9xXr0HrDujDoFaU?= =?us-ascii?Q?TdoFhUN5A5u2Hk5nOcvqwnm99Wtw7rRQUj7iP3tLM+Jc5AMC0NLdnG4DSOkN?= =?us-ascii?Q?irMjpkBhKF5Na1SzrSVPploYOg+WzYjctOUNmcc0T6OUWnPvS0U0rIZbifsx?= =?us-ascii?Q?xzpq5q3ZqPO/R4rFl7zoLYyY?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 6b9e8556-0384-43f3-a0cc-08d968304d77 X-MS-Exchange-CrossTenant-originalarrivaltime: 26 Aug 2021 01:24:51.5258 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: N8XV8wYAGx1FYzj0LxYWorVOVxubHXXfme6Dj9TA9sXBIZm+ytLr5HMd7jlekervSish10B3iko3sm0s1Z6stA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4871 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen Yao > -----Original Message----- > From: Zhang, Qi1 > Sent: Tuesday, August 24, 2021 10:28 AM > To: devel@edk2.groups.io > Cc: Zhang, Qi1 ; Yao, Jiewen ; > Wang, Jian J ; Kumar, Rahul1 > ; Ni, Ray > Subject: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3583 >=20 > TcgMorLockSmm is only for secure MOR V1. > VariableSmm covers secure MOR V1 and V2. >=20 > Signed-off-by: Qi Zhang > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Qi Zhang > Cc: Rahul Kumar > Cc: Ray Ni > --- > SecurityPkg/SecurityPkg.dsc | 1 - > .../TcgMorLock.c | 191 ------------------ > .../TcgMorLock.h | 131 ------------ > .../TcgMorLock.uni | 16 -- > .../TcgMorLockExtra.uni | 14 -- > .../TcgMorLockSmm.c | 152 -------------- > .../TcgMorLockSmm.inf | 65 ------ > 7 files changed, 570 deletions(-) > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf >=20 > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc > index 64157e20f9..7898fe4282 100644 > --- a/SecurityPkg/SecurityPkg.dsc > +++ b/SecurityPkg/SecurityPkg.dsc > @@ -338,7 +338,6 @@ >=20 >=20 > [Components.IA32, Components.X64] >=20 >=20 >=20 > - SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf >=20 > SecurityPkg/Tcg/TcgSmm/TcgSmm.inf >=20 > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf >=20 > SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > deleted file mode 100644 > index aa230eeefa..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > +++ /dev/null > @@ -1,191 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver. >=20 > - >=20 > - This driver initializes MemoryOverwriteRequestControlLock variable. >=20 > - This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include "TcgMorLock.h" >=20 > - >=20 > -typedef struct { >=20 > - CHAR16 *VariableName; >=20 > - EFI_GUID *VendorGuid; >=20 > -} VARIABLE_TYPE; >=20 > - >=20 > -VARIABLE_TYPE mMorVariableType[] =3D { >=20 > - {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, > &gEfiMemoryOverwriteControlDataGuid}, >=20 > - {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, > &gEfiMemoryOverwriteRequestControlLockGuid}, >=20 > -}; >=20 > - >=20 > -/** >=20 > - Returns if this is MOR related variable. >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - >=20 > - @retval TRUE The variable is MOR related. >=20 > - @retval FALSE The variable is NOT MOR related. >=20 > -**/ >=20 > -BOOLEAN >=20 > -IsAnyMorVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid >=20 > - ) >=20 > -{ >=20 > - UINTN Index; >=20 > - >=20 > - for (Index =3D 0; Index < > sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) { >=20 > - if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) =3D= =3D 0) > && >=20 > - (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) = { >=20 > - return TRUE; >=20 > - } >=20 > - } >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Returns if this is MOR lock variable. >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - >=20 > - @retval TRUE The variable is MOR lock variable. >=20 > - @retval FALSE The variable is NOT MOR lock variable. >=20 > -**/ >=20 > -BOOLEAN >=20 > -IsMorLockVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid >=20 > - ) >=20 > -{ >=20 > - if ((StrCmp (VariableName, > MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) =3D=3D 0) && >=20 > - (CompareGuid (VendorGuid, > &gEfiMemoryOverwriteRequestControlLockGuid))) { >=20 > - return TRUE; >=20 > - } >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - This service is a checker handler for the UEFI Runtime Service SetVari= able() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -SetVariableCheckHandlerMor ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ) >=20 > -{ >=20 > - UINTN MorLockDataSize; >=20 > - BOOLEAN MorLock; >=20 > - EFI_STATUS Status; >=20 > - >=20 > - // >=20 > - // do not handle non-MOR variable >=20 > - // >=20 > - if (!IsAnyMorVariable (VariableName, VendorGuid)) { >=20 > - return EFI_SUCCESS; >=20 > - } >=20 > - >=20 > - MorLockDataSize =3D sizeof(MorLock); >=20 > - Status =3D InternalGetVariable ( >=20 > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, >=20 > - &gEfiMemoryOverwriteRequestControlLockGuid, >=20 > - NULL, >=20 > - &MorLockDataSize, >=20 > - &MorLock >=20 > - ); >=20 > - if (!EFI_ERROR (Status) && MorLock) { >=20 > - // >=20 > - // If lock, deny access >=20 > - // >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - >=20 > - // >=20 > - // Delete not OK >=20 > - // >=20 > - if ((DataSize !=3D sizeof(UINT8)) || (Data =3D=3D NULL) || (Attributes= =3D=3D 0)) { >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - >=20 > - // >=20 > - // check format >=20 > - // >=20 > - if (IsMorLockVariable(VariableName, VendorGuid)) { >=20 > - // >=20 > - // set to any other value not OK >=20 > - // >=20 > - if ((*(UINT8 *)Data !=3D 1) && (*(UINT8 *)Data !=3D 0)) { >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - } >=20 > - // >=20 > - // Or grant access >=20 > - // >=20 > - return EFI_SUCCESS; >=20 > -} >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle Image handle of this driver. >=20 > - @param[in] SystemTable A Pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS >=20 > - @return Others Some error occurs. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverInit ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINT8 Data; >=20 > - >=20 > - Data =3D 0; >=20 > - Status =3D InternalSetVariable ( >=20 > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, >=20 > - &gEfiMemoryOverwriteRequestControlLockGuid, >=20 > - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS > | EFI_VARIABLE_RUNTIME_ACCESS, >=20 > - 1, >=20 > - &Data >=20 > - ); >=20 > - return Status; >=20 > -} >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > deleted file mode 100644 > index 5a6658c158..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > +++ /dev/null > @@ -1,131 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver header file. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#ifndef _EFI_TCG_MOR_LOCK_H_ >=20 > -#define _EFI_TCG_MOR_LOCK_H_ >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service GetVariable(). >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize As input, point to the maximum size of return Dat= a-Buffer. >=20 > - As output, point to the actual size of the return= ed Data-Buffer. >=20 > - @param Data Point to return Data-Buffer. >=20 > - >=20 > - @retval EFI_SUCCESS The function completed successfully. >=20 > - @retval EFI_NOT_FOUND The variable was not found. >=20 > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the resu= lt. > DataSize has >=20 > - been updated with the size needed to c= omplete the request. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is NULL. >=20 > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. >=20 > - @retval EFI_INVALID_PARAMETER DataSize is NULL. >=20 > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data= is > NULL. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be retrieved du= e to a > hardware error. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved du= e to > an authentication failure. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalGetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - OUT UINT32 *Attributes OPTIONAL, >=20 > - IN OUT UINTN *DataSize, >=20 > - OUT VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service SetVariable() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalSetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - This service is a checker handler for the UEFI Runtime Service SetVari= able() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -SetVariableCheckHandlerMor ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle Image handle of this driver. >=20 > - @param[in] SystemTable A Pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS >=20 > - @return Others Some error occurs. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverInit ( >=20 > - VOID >=20 > - ); >=20 > - >=20 > -#endif >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > deleted file mode 100644 > index 711b37d866..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > +++ /dev/null > @@ -1,16 +0,0 @@ > -// /** @file >=20 > -// Initializes MemoryOverwriteRequestControlLock variable >=20 > -// >=20 > -// This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > -// >=20 > -// Copyright (c) 2015, Intel Corporation. All rights reserved.
>=20 > -// >=20 > -// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -// >=20 > -// **/ >=20 > - >=20 > - >=20 > -#string STR_MODULE_ABSTRACT #language en-US "Initializes > MemoryOverwriteRequestControlLock variable" >=20 > - >=20 > -#string STR_MODULE_DESCRIPTION #language en-US "This module wil= l > add Variable Hook and allow MemoryOverwriteRequestControlLock variable se= t > only once." >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > deleted file mode 100644 > index 2679c08c86..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > +++ /dev/null > @@ -1,14 +0,0 @@ > -// /** @file >=20 > -// TcgMorLock Localized Strings and Content >=20 > -// >=20 > -// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. >=20 > -// >=20 > -// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -// >=20 > -// **/ >=20 > - >=20 > -#string STR_PROPERTIES_MODULE_NAME >=20 > -#language en-US >=20 > -"TCG (Trusted Computing Group) MOR Lock" >=20 > - >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > deleted file mode 100644 > index 8c92317313..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > +++ /dev/null > @@ -1,152 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include "TcgMorLock.h" >=20 > - >=20 > -EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable; >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service GetVariable(). >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize As input, point to the maximum size of return Dat= a-Buffer. >=20 > - As output, point to the actual size of the return= ed Data-Buffer. >=20 > - @param Data Point to return Data-Buffer. >=20 > - >=20 > - @retval EFI_SUCCESS The function completed successfully. >=20 > - @retval EFI_NOT_FOUND The variable was not found. >=20 > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the resu= lt. > DataSize has >=20 > - been updated with the size needed to c= omplete the request. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is NULL. >=20 > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. >=20 > - @retval EFI_INVALID_PARAMETER DataSize is NULL. >=20 > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data= is > NULL. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be retrieved du= e to a > hardware error. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved du= e to > an authentication failure. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalGetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - OUT UINT32 *Attributes OPTIONAL, >=20 > - IN OUT UINTN *DataSize, >=20 > - OUT VOID *Data >=20 > - ) >=20 > -{ >=20 > - return mSmmVariable->SmmGetVariable ( >=20 > - VariableName, >=20 > - VendorGuid, >=20 > - Attributes, >=20 > - DataSize, >=20 > - Data >=20 > - ); >=20 > -} >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service SetVariable() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalSetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ) >=20 > -{ >=20 > - return mSmmVariable->SmmSetVariable ( >=20 > - VariableName, >=20 > - VendorGuid, >=20 > - Attributes, >=20 > - DataSize, >=20 > - Data >=20 > - ); >=20 > -} >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle The firmware allocated handle for the EFI im= age. >=20 > - @param[in] SystemTable A pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS EntryPoint runs successfully. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverEntryPointSmm ( >=20 > - IN EFI_HANDLE ImageHandle, >=20 > - IN EFI_SYSTEM_TABLE *SystemTable >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck; >=20 > - >=20 > - // >=20 > - // This driver link to Smm Variable driver >=20 > - // >=20 > - DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n")); >=20 > - >=20 > - Status =3D gSmst->SmmLocateProtocol ( >=20 > - &gEfiSmmVariableProtocolGuid, >=20 > - NULL, >=20 > - (VOID **) &mSmmVariable >=20 > - ); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - Status =3D gSmst->SmmLocateProtocol ( >=20 > - &gEdkiiSmmVarCheckProtocolGuid, >=20 > - NULL, >=20 > - (VOID **) &SmmVarCheck >=20 > - ); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - Status =3D MorLockDriverInit (); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - >=20 > - Status =3D SmmVarCheck->SmmRegisterSetVariableCheckHandler > (SetVariableCheckHandlerMor); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > deleted file mode 100644 > index 875c1e5f3a..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > +++ /dev/null > @@ -1,65 +0,0 @@ > -## @file >=20 > -# Initializes MemoryOverwriteRequestControlLock variable >=20 > -# >=20 > -# This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > -# >=20 > -# NOTE: This module only handles secure MOR V1 and is deprecated. >=20 > -# The secure MOR V2 is handled inside of variable driver. >=20 > -# >=20 > -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -# >=20 > -## >=20 > - >=20 > -[Defines] >=20 > - INF_VERSION =3D 0x00010005 >=20 > - BASE_NAME =3D TcgMorLockSmm >=20 > - MODULE_UNI_FILE =3D TcgMorLock.uni >=20 > - FILE_GUID =3D E2EA6F47-E678-47FA-8C1B-02A03E825C6= E >=20 > - MODULE_TYPE =3D DXE_SMM_DRIVER >=20 > - VERSION_STRING =3D 1.0 >=20 > - PI_SPECIFICATION_VERSION =3D 0x0001000A >=20 > - ENTRY_POINT =3D MorLockDriverEntryPointSmm >=20 > - >=20 > -# >=20 > -# The following information is for reference only and not required by th= e build > tools. >=20 > -# >=20 > -# VALID_ARCHITECTURES =3D IA32 X64 EBC >=20 > -# >=20 > - >=20 > -[Sources] >=20 > - TcgMorLock.h >=20 > - TcgMorLock.c >=20 > - TcgMorLockSmm.c >=20 > - >=20 > -[Packages] >=20 > - MdePkg/MdePkg.dec >=20 > - MdeModulePkg/MdeModulePkg.dec >=20 > - SecurityPkg/SecurityPkg.dec >=20 > - >=20 > -[LibraryClasses] >=20 > - UefiDriverEntryPoint >=20 > - SmmServicesTableLib >=20 > - DebugLib >=20 > - BaseLib >=20 > - BaseMemoryLib >=20 > - >=20 > -[Guids] >=20 > - ## SOMETIMES_CONSUMES ## > Variable:L"MemoryOverwriteRequestControl" >=20 > - gEfiMemoryOverwriteControlDataGuid >=20 > - >=20 > - ## SOMETIMES_CONSUMES ## > Variable:L"MemoryOverwriteRequestControlLock" >=20 > - ## PRODUCES ## Variable:L"MemoryOverwriteRequestControl= Lock" >=20 > - gEfiMemoryOverwriteRequestControlLockGuid >=20 > - >=20 > -[Protocols] >=20 > - gEdkiiSmmVarCheckProtocolGuid ## CONSUMES >=20 > - gEfiSmmVariableProtocolGuid ## CONSUMES >=20 > - >=20 > -[Depex] >=20 > - gEfiSmmVariableProtocolGuid AND >=20 > - gSmmVariableWriteGuid AND >=20 > - ( gEfiTcgProtocolGuid OR gEfiTcg2ProtocolGuid ) >=20 > - >=20 > -[UserExtensions.TianoCore."ExtraFiles"] >=20 > - TcgMorLockExtra.uni >=20 > -- > 2.26.2.windows.1