From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web08.8267.1630071861182566492 for ; Fri, 27 Aug 2021 06:44:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=nmGjAWk/; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10088"; a="214833184" X-IronPort-AV: E=Sophos;i="5.84,356,1620716400"; d="scan'208";a="214833184" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 27 Aug 2021 06:44:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,356,1620716400"; d="scan'208";a="528315774" Received: from orsmsx604.amr.corp.intel.com ([10.22.229.17]) by FMSMGA003.fm.intel.com with ESMTP; 27 Aug 2021 06:44:19 -0700 Received: from orsmsx601.amr.corp.intel.com (10.22.229.14) by ORSMSX604.amr.corp.intel.com (10.22.229.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Fri, 27 Aug 2021 06:44:19 -0700 Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Fri, 27 Aug 2021 06:44:19 -0700 Received: from NAM10-MW2-obe.outbound.protection.outlook.com (104.47.55.108) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Fri, 27 Aug 2021 06:44:19 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=VaGniRvvFESBuRKxE4+u6YjYR8okMJF9IqpE48fA6getFwEXU+QvZNIjQgyry8Y2h8zWz/tTHahlv5nASHhSjGmY46Df5UFlD1w0aBCeyebL71gOkbIxzePv/N969nghWicakU+RElDzTz3GbvpebfzZ7NC6hLXEUebJxjjBWghAqhlGzPZ0mvcrwTzv/uhgAjS3dmhmLHJB7r2ouL61Nd3rujO4Y6V4gZ4QlxB2BKfqpUta/7y9Ad8zAJZBfSYGlfsodvbzKdpYf47staAca1fo3que1fM/bMfJvXZMu7zqU3ZT5c2GRSac+9tQv9VLOIbDr7GLSFJGj3l2LANFqw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GFCQTOu60gVtQhCJ5mJaQOTubGJx0mTZYFie3Eg9gU0=; b=M2en0vb47Eu4gD9xs8PzAUoOINrU96ureyHwlHHxcIb9hj+JLXHatV6z5TPd12t0eI1roUt58zEjeeLnxOOy6SXTOaKl/KDNaUVl/KuJAYX9epa4SPk6gYraZB1D3c6OjfTlNJG8qqI2jN7lbZf+ucEwdq/TkwxzVf272Fq1ikmPH0n8WEzuuWe7cCz3HJatcsIe17Ubfs5DLdGvbwZ/X5r1vAdbj76G4QfaCHKvXusY9nV7nZOu6xNMcRr0mKg/oHZpKone8IENg0oveXkUVZioFcVjhbO8WrRhKa6Ja2+MmMiF5vhraqcT697OydBCBJh+L/YsIPi4vnmRxrr1UQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=GFCQTOu60gVtQhCJ5mJaQOTubGJx0mTZYFie3Eg9gU0=; b=nmGjAWk/UH02d5FJ7Evmn6jIKEf2n6MkU40lEauWrwU4qqxIgXfVHiGofGxThuUbvcVHsE49YLnzhh/79eojgbH+AOJvIYvPRE6o154jGnPsBRTecp37fyJwBdTsZX4XQRKjX8ImLhRY7cZ9H4Uy0/i6eN8bEyZlYYL57BDYsUY= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5029.namprd11.prod.outlook.com (2603:10b6:510:30::15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4436.19; Fri, 27 Aug 2021 13:44:18 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79%6]) with mapi id 15.20.4436.024; Fri, 27 Aug 2021 13:44:18 +0000 From: "Yao, Jiewen" To: "Zhang, Qi1" , "devel@edk2.groups.io" CC: "Wang, Jian J" , "Kumar, Rahul1" , "Ni, Ray" Subject: Re: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Topic: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver Thread-Index: AQHXmI+9p73UZ+Jkfk2vk8+5olC8KKuHYfsQ Date: Fri, 27 Aug 2021 13:44:17 +0000 Message-ID: References: <20210824022822.6121-1-qi1.zhang@intel.com> In-Reply-To: <20210824022822.6121-1-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 934f7340-b1db-4157-f7dc-08d96960c44b x-ms-traffictypediagnostic: PH0PR11MB5029: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: w0uwwlcHojfe9xgqZyz5Akg/g3BTIWW/nVxg3Vc3XzfCsRjD85StHqYX/bJYf19g+Y8NbGeZxN3sS3PtXPq71nUzfoev88mUBK3cg4/7VrbuV8SL1EaIFcLKbeh/6M20cvQZ0qDM2+ytoYfJGZI46lJ18/DOYWvAK6JpGo9z0O7Mw+7LCiqlG1/QFY0PC6LaIq0YSORF/zpPZg5hoo2gll0AJ5kQwVnI7stw0ZnjZg5WoYAxZclQG8jjCbehKm5RjhsScKOIJf6QIk4wvo6aLftXkicy+KYU15RLqoXOR1sIW5fmInP0AAwN1QGYBYn/zCYgOWTHIu/8ife6zCOoLZh9VklqdQ13wCcwqP+gtvVTqwu5/Lw0bhMgMmyLl/FaHa8YXvNmA3LtlC1asK/TbvMn3CwNbSCTlblIG6oQwMPFS1dOY8ENQAHCmRHLVGjSmMfh7cuvJdev8CKsj9Bvbl5gVAZ5A/CdXcuapQEWiERB3WDdZUg/BbN/pkg6NQwrVm0hAL/eD6YQ6S9G0iDn76lazBFo5c+HvI90+em9XM+/v5HpC6PIxCjIGipHGttpzP71stOhv5kWTrYmBR/61zGUPmdDkpy/yb8a4YPl56yNdodgEFX2nlKjzOjVRQQ+D9GXYTmD/hezSOQPTmQZhzirNjN78qAoARO6Xapqtcv7lNurnqQT5RfyqT3Wvf0JoEL4ZTbos7sES8fYi6aPYZtAmK3ZWFL9nCSEDn++LC6mxAwGute+8eWRHVuj4w8iqmJdPnRHekfzalZX9e+3RT5q3v8qmHfzAsEJVJ3ajaRQe6TtKyQjTVfasOSrOtqKKOYMYlItUh4+xjSX+108FZDm/idZQtdj/QzvsWQQH80= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(366004)(107886003)(55016002)(30864003)(966005)(110136005)(86362001)(66476007)(54906003)(7696005)(5660300002)(76116006)(53546011)(19627235002)(38070700005)(33656002)(26005)(8676002)(316002)(66556008)(9686003)(66446008)(8936002)(6506007)(508600001)(66946007)(71200400001)(83380400001)(122000001)(64756008)(38100700002)(15650500001)(2906002)(52536014)(4326008)(186003)(579004)(559001)(44824005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?KarUaEPPMA0w8rdWNo6ItIaVua7cGkzEXRtC/HxxjoB7/5HLe6mbL1zdYZgE?= =?us-ascii?Q?ZNIPasnssl5EYPe8rcVyuKSNQj4W1pq8nktw8CYY2AhOeSo072/04lFcH0bX?= =?us-ascii?Q?Px8R0sc4Jhw3F/ZwwhvkoHZhtUKQa7DqSgVAUaat3R28/MPkkt/PH7PDA1yz?= =?us-ascii?Q?n7fgivqO449XtiMWsc86FaKUxQj8iCwmx7EIBaKDpNu6FUHGDYynVIWpLK3J?= =?us-ascii?Q?wIXq0M7zCUT4OBG6ODhFEHq6hgZGkZdPfcs6tv8ueevmT2KgQrU1qC2s6Y37?= =?us-ascii?Q?UmFbTDl7WRAthQeDOHUk89zYl9O/Wq05gOr8KIixdCqgVfb7FgcbCttb3vad?= =?us-ascii?Q?QFFjQXKeDHtILqTzx5HiEtWIkh2kWmPbJIiMFLZBozQegEWy/jP6Sk9GxjyD?= =?us-ascii?Q?qgc2+yhctJdzhwugr2bup9NGPVi9zV1EAeMuDKpXiWlqDyRT+lCQPlZQ513Q?= =?us-ascii?Q?JbJioiRlWR96oqGqVfrzI32Y4IeTQarMIBv8vfJ6758+w1she9OTyL0UBUYZ?= =?us-ascii?Q?eIkTI4P2s6uHwLM1RRYiZlMTDkC2EOmizHnq4lAY3jZcZV8ngBVgX/sWxVhq?= =?us-ascii?Q?R6/b9Jv8ICqjGuhgox+ApTizh1VizMbppwqIm+J61AMuHVkm+qcrBBIMaMKb?= =?us-ascii?Q?V7xmwutlP/gXey8WR6FwAWLRjcx/4Qe+cVKNtiP6XJcx4vOs7Fcl4gqoTcuH?= =?us-ascii?Q?rl4zFGPBHHLNM6P7TZ1qYs+lMJ2C7ZxFZ4s1BcqTV1fkA8M4lP7czIEuY2ih?= =?us-ascii?Q?oriSPVYKnmUV8dXohcBe006n6v0MhmeOwU3PRlgq59Ut+sYpMkD7XP6yuFPM?= =?us-ascii?Q?Z2ty910kuwBCkToYnqk85shGd9egsn/Fg7NxsB9pD+uwDvxHV7aSIa2AkuMb?= =?us-ascii?Q?GOQ2Hys1VJEn1TaDMTQ8yU5C/7sFsGiz0ADMwfJbBXJYsB/oOJp0fU/UtR2r?= =?us-ascii?Q?Pydhdi0wpNL8se1OpMci3JkJC6Eq8yGTvB2TNTTyGQCGIJi4T4RCTizEkxuJ?= =?us-ascii?Q?T53TiwKnxO0c5p1hePpe6iRQ7S+opZ0ra8308596NMtHJ6x81JbG3L7sRiXf?= =?us-ascii?Q?SbDTq5zy26h1/svFfi9wU/TE7RmAEy/lrVihWiht3l0g2MN6Zwgnsl01Rrl4?= =?us-ascii?Q?bm+6Zvn6SScswpn3h8pXbzlu9GC+elA8ybp1iGpyNN0xPpUXBtap07IgwPAd?= =?us-ascii?Q?ISSLdYEOuZ6QPjQojxSb57bCiTqJTgtSZwpYmfpq04VVNar9trb/1PNerrlu?= =?us-ascii?Q?Elu11esWnTaw4cW405RmRShec9oxPxO4wIdbhX8k0HicIDZEqDQJHQUDS04r?= =?us-ascii?Q?xAiab3A1BBBiWGkGXFvsKkfZ?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 934f7340-b1db-4157-f7dc-08d96960c44b X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Aug 2021 13:44:17.8863 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ZygCeMi0ZDCiOkMQpuWlU955ENnPbT6Jux8oYldaiT3BONS0QmLrI7IMUiiHWkzTcmM71AcIi14iOIDonUFyjw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5029 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi This patch failed in CI - https://github.com/tianocore/edk2/pull/1922 Please take a look and submit patch again. > -----Original Message----- > From: Zhang, Qi1 > Sent: Tuesday, August 24, 2021 10:28 AM > To: devel@edk2.groups.io > Cc: Zhang, Qi1 ; Yao, Jiewen ; > Wang, Jian J ; Kumar, Rahul1 > ; Ni, Ray > Subject: [PATCH] SecurityPkg/Tcg: remove TcgMorLockSmm driver >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3583 >=20 > TcgMorLockSmm is only for secure MOR V1. > VariableSmm covers secure MOR V1 and V2. >=20 > Signed-off-by: Qi Zhang > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Qi Zhang > Cc: Rahul Kumar > Cc: Ray Ni > --- > SecurityPkg/SecurityPkg.dsc | 1 - > .../TcgMorLock.c | 191 ------------------ > .../TcgMorLock.h | 131 ------------ > .../TcgMorLock.uni | 16 -- > .../TcgMorLockExtra.uni | 14 -- > .../TcgMorLockSmm.c | 152 -------------- > .../TcgMorLockSmm.inf | 65 ------ > 7 files changed, 570 deletions(-) > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > delete mode 100644 > SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf >=20 > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc > index 64157e20f9..7898fe4282 100644 > --- a/SecurityPkg/SecurityPkg.dsc > +++ b/SecurityPkg/SecurityPkg.dsc > @@ -338,7 +338,6 @@ >=20 >=20 > [Components.IA32, Components.X64] >=20 >=20 >=20 > - SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf >=20 > SecurityPkg/Tcg/TcgSmm/TcgSmm.inf >=20 > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf >=20 > SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > deleted file mode 100644 > index aa230eeefa..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c > +++ /dev/null > @@ -1,191 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver. >=20 > - >=20 > - This driver initializes MemoryOverwriteRequestControlLock variable. >=20 > - This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include "TcgMorLock.h" >=20 > - >=20 > -typedef struct { >=20 > - CHAR16 *VariableName; >=20 > - EFI_GUID *VendorGuid; >=20 > -} VARIABLE_TYPE; >=20 > - >=20 > -VARIABLE_TYPE mMorVariableType[] =3D { >=20 > - {MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, > &gEfiMemoryOverwriteControlDataGuid}, >=20 > - {MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, > &gEfiMemoryOverwriteRequestControlLockGuid}, >=20 > -}; >=20 > - >=20 > -/** >=20 > - Returns if this is MOR related variable. >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - >=20 > - @retval TRUE The variable is MOR related. >=20 > - @retval FALSE The variable is NOT MOR related. >=20 > -**/ >=20 > -BOOLEAN >=20 > -IsAnyMorVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid >=20 > - ) >=20 > -{ >=20 > - UINTN Index; >=20 > - >=20 > - for (Index =3D 0; Index < > sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) { >=20 > - if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) =3D= =3D 0) > && >=20 > - (CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) = { >=20 > - return TRUE; >=20 > - } >=20 > - } >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - Returns if this is MOR lock variable. >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - >=20 > - @retval TRUE The variable is MOR lock variable. >=20 > - @retval FALSE The variable is NOT MOR lock variable. >=20 > -**/ >=20 > -BOOLEAN >=20 > -IsMorLockVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid >=20 > - ) >=20 > -{ >=20 > - if ((StrCmp (VariableName, > MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) =3D=3D 0) && >=20 > - (CompareGuid (VendorGuid, > &gEfiMemoryOverwriteRequestControlLockGuid))) { >=20 > - return TRUE; >=20 > - } >=20 > - return FALSE; >=20 > -} >=20 > - >=20 > -/** >=20 > - This service is a checker handler for the UEFI Runtime Service SetVari= able() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -SetVariableCheckHandlerMor ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ) >=20 > -{ >=20 > - UINTN MorLockDataSize; >=20 > - BOOLEAN MorLock; >=20 > - EFI_STATUS Status; >=20 > - >=20 > - // >=20 > - // do not handle non-MOR variable >=20 > - // >=20 > - if (!IsAnyMorVariable (VariableName, VendorGuid)) { >=20 > - return EFI_SUCCESS; >=20 > - } >=20 > - >=20 > - MorLockDataSize =3D sizeof(MorLock); >=20 > - Status =3D InternalGetVariable ( >=20 > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, >=20 > - &gEfiMemoryOverwriteRequestControlLockGuid, >=20 > - NULL, >=20 > - &MorLockDataSize, >=20 > - &MorLock >=20 > - ); >=20 > - if (!EFI_ERROR (Status) && MorLock) { >=20 > - // >=20 > - // If lock, deny access >=20 > - // >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - >=20 > - // >=20 > - // Delete not OK >=20 > - // >=20 > - if ((DataSize !=3D sizeof(UINT8)) || (Data =3D=3D NULL) || (Attributes= =3D=3D 0)) { >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - >=20 > - // >=20 > - // check format >=20 > - // >=20 > - if (IsMorLockVariable(VariableName, VendorGuid)) { >=20 > - // >=20 > - // set to any other value not OK >=20 > - // >=20 > - if ((*(UINT8 *)Data !=3D 1) && (*(UINT8 *)Data !=3D 0)) { >=20 > - return EFI_INVALID_PARAMETER; >=20 > - } >=20 > - } >=20 > - // >=20 > - // Or grant access >=20 > - // >=20 > - return EFI_SUCCESS; >=20 > -} >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle Image handle of this driver. >=20 > - @param[in] SystemTable A Pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS >=20 > - @return Others Some error occurs. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverInit ( >=20 > - VOID >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - UINT8 Data; >=20 > - >=20 > - Data =3D 0; >=20 > - Status =3D InternalSetVariable ( >=20 > - MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, >=20 > - &gEfiMemoryOverwriteRequestControlLockGuid, >=20 > - EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS > | EFI_VARIABLE_RUNTIME_ACCESS, >=20 > - 1, >=20 > - &Data >=20 > - ); >=20 > - return Status; >=20 > -} >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > deleted file mode 100644 > index 5a6658c158..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h > +++ /dev/null > @@ -1,131 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver header file. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#ifndef _EFI_TCG_MOR_LOCK_H_ >=20 > -#define _EFI_TCG_MOR_LOCK_H_ >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service GetVariable(). >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize As input, point to the maximum size of return Dat= a-Buffer. >=20 > - As output, point to the actual size of the return= ed Data-Buffer. >=20 > - @param Data Point to return Data-Buffer. >=20 > - >=20 > - @retval EFI_SUCCESS The function completed successfully. >=20 > - @retval EFI_NOT_FOUND The variable was not found. >=20 > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the resu= lt. > DataSize has >=20 > - been updated with the size needed to c= omplete the request. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is NULL. >=20 > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. >=20 > - @retval EFI_INVALID_PARAMETER DataSize is NULL. >=20 > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data= is > NULL. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be retrieved du= e to a > hardware error. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved du= e to > an authentication failure. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalGetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - OUT UINT32 *Attributes OPTIONAL, >=20 > - IN OUT UINTN *DataSize, >=20 > - OUT VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service SetVariable() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalSetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - This service is a checker handler for the UEFI Runtime Service SetVari= able() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -SetVariableCheckHandlerMor ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ); >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle Image handle of this driver. >=20 > - @param[in] SystemTable A Pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS >=20 > - @return Others Some error occurs. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverInit ( >=20 > - VOID >=20 > - ); >=20 > - >=20 > -#endif >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > deleted file mode 100644 > index 711b37d866..0000000000 > --- a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.uni > +++ /dev/null > @@ -1,16 +0,0 @@ > -// /** @file >=20 > -// Initializes MemoryOverwriteRequestControlLock variable >=20 > -// >=20 > -// This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > -// >=20 > -// Copyright (c) 2015, Intel Corporation. All rights reserved.
>=20 > -// >=20 > -// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -// >=20 > -// **/ >=20 > - >=20 > - >=20 > -#string STR_MODULE_ABSTRACT #language en-US "Initializes > MemoryOverwriteRequestControlLock variable" >=20 > - >=20 > -#string STR_MODULE_DESCRIPTION #language en-US "This module wil= l > add Variable Hook and allow MemoryOverwriteRequestControlLock variable se= t > only once." >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > deleted file mode 100644 > index 2679c08c86..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni > +++ /dev/null > @@ -1,14 +0,0 @@ > -// /** @file >=20 > -// TcgMorLock Localized Strings and Content >=20 > -// >=20 > -// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. >=20 > -// >=20 > -// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -// >=20 > -// **/ >=20 > - >=20 > -#string STR_PROPERTIES_MODULE_NAME >=20 > -#language en-US >=20 > -"TCG (Trusted Computing Group) MOR Lock" >=20 > - >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > deleted file mode 100644 > index 8c92317313..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c > +++ /dev/null > @@ -1,152 +0,0 @@ > -/** @file >=20 > - TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper. >=20 > - >=20 > -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > - >=20 > -**/ >=20 > - >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include >=20 > -#include "TcgMorLock.h" >=20 > - >=20 > -EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable; >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service GetVariable(). >=20 > - >=20 > - @param VariableName the name of the vendor's variable, it's a Null- > Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize As input, point to the maximum size of return Dat= a-Buffer. >=20 > - As output, point to the actual size of the return= ed Data-Buffer. >=20 > - @param Data Point to return Data-Buffer. >=20 > - >=20 > - @retval EFI_SUCCESS The function completed successfully. >=20 > - @retval EFI_NOT_FOUND The variable was not found. >=20 > - @retval EFI_BUFFER_TOO_SMALL The DataSize is too small for the resu= lt. > DataSize has >=20 > - been updated with the size needed to c= omplete the request. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is NULL. >=20 > - @retval EFI_INVALID_PARAMETER VendorGuid is NULL. >=20 > - @retval EFI_INVALID_PARAMETER DataSize is NULL. >=20 > - @retval EFI_INVALID_PARAMETER The DataSize is not too small and Data= is > NULL. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be retrieved du= e to a > hardware error. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be retrieved du= e to > an authentication failure. >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalGetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - OUT UINT32 *Attributes OPTIONAL, >=20 > - IN OUT UINTN *DataSize, >=20 > - OUT VOID *Data >=20 > - ) >=20 > -{ >=20 > - return mSmmVariable->SmmGetVariable ( >=20 > - VariableName, >=20 > - VendorGuid, >=20 > - Attributes, >=20 > - DataSize, >=20 > - Data >=20 > - ); >=20 > -} >=20 > - >=20 > -/** >=20 > - This service is a wrapper for the UEFI Runtime Service SetVariable() >=20 > - >=20 > - @param VariableName the name of the vendor's variable, as a >=20 > - Null-Terminated Unicode String >=20 > - @param VendorGuid Unify identifier for vendor. >=20 > - @param Attributes Point to memory location to return the attributes= of > variable. If the point >=20 > - is NULL, the parameter would be ignored. >=20 > - @param DataSize The size in bytes of Data-Buffer. >=20 > - @param Data Point to the content of the variable. >=20 > - >=20 > - @retval EFI_SUCCESS The firmware has successfully stored t= he variable > and its data as >=20 > - defined by the Attributes. >=20 > - @retval EFI_INVALID_PARAMETER An invalid combination of attribute bi= ts > was supplied, or the >=20 > - DataSize exceeds the maximum allowed. >=20 > - @retval EFI_INVALID_PARAMETER VariableName is an empty Unicode strin= g. >=20 > - @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hol= d > the variable and its data. >=20 > - @retval EFI_DEVICE_ERROR The variable could not be saved due to= a > hardware failure. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question is read-only. >=20 > - @retval EFI_WRITE_PROTECTED The variable in question cannot be del= eted. >=20 > - @retval EFI_SECURITY_VIOLATION The variable could not be written due = to > EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS >=20 > - set but the AuthInfo does NOT pass the= validation check > carried >=20 > - out by the firmware. >=20 > - @retval EFI_NOT_FOUND The variable trying to be updated or d= eleted > was not found. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -InternalSetVariable ( >=20 > - IN CHAR16 *VariableName, >=20 > - IN EFI_GUID *VendorGuid, >=20 > - IN UINT32 Attributes, >=20 > - IN UINTN DataSize, >=20 > - IN VOID *Data >=20 > - ) >=20 > -{ >=20 > - return mSmmVariable->SmmSetVariable ( >=20 > - VariableName, >=20 > - VendorGuid, >=20 > - Attributes, >=20 > - DataSize, >=20 > - Data >=20 > - ); >=20 > -} >=20 > - >=20 > -/** >=20 > - Entry Point for MOR Lock Control driver. >=20 > - >=20 > - @param[in] ImageHandle The firmware allocated handle for the EFI im= age. >=20 > - @param[in] SystemTable A pointer to the EFI System Table. >=20 > - >=20 > - @retval EFI_SUCCESS EntryPoint runs successfully. >=20 > - >=20 > -**/ >=20 > -EFI_STATUS >=20 > -EFIAPI >=20 > -MorLockDriverEntryPointSmm ( >=20 > - IN EFI_HANDLE ImageHandle, >=20 > - IN EFI_SYSTEM_TABLE *SystemTable >=20 > - ) >=20 > -{ >=20 > - EFI_STATUS Status; >=20 > - EDKII_SMM_VAR_CHECK_PROTOCOL *SmmVarCheck; >=20 > - >=20 > - // >=20 > - // This driver link to Smm Variable driver >=20 > - // >=20 > - DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n")); >=20 > - >=20 > - Status =3D gSmst->SmmLocateProtocol ( >=20 > - &gEfiSmmVariableProtocolGuid, >=20 > - NULL, >=20 > - (VOID **) &mSmmVariable >=20 > - ); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - Status =3D gSmst->SmmLocateProtocol ( >=20 > - &gEdkiiSmmVarCheckProtocolGuid, >=20 > - NULL, >=20 > - (VOID **) &SmmVarCheck >=20 > - ); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - Status =3D MorLockDriverInit (); >=20 > - if (EFI_ERROR (Status)) { >=20 > - return Status; >=20 > - } >=20 > - >=20 > - Status =3D SmmVarCheck->SmmRegisterSetVariableCheckHandler > (SetVariableCheckHandlerMor); >=20 > - ASSERT_EFI_ERROR (Status); >=20 > - >=20 > - return Status; >=20 > -} >=20 > - >=20 > diff --git > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > b/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > deleted file mode 100644 > index 875c1e5f3a..0000000000 > --- > a/SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf > +++ /dev/null > @@ -1,65 +0,0 @@ > -## @file >=20 > -# Initializes MemoryOverwriteRequestControlLock variable >=20 > -# >=20 > -# This module will add Variable Hook and allow > MemoryOverwriteRequestControlLock variable set only once. >=20 > -# >=20 > -# NOTE: This module only handles secure MOR V1 and is deprecated. >=20 > -# The secure MOR V2 is handled inside of variable driver. >=20 > -# >=20 > -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
>=20 > -# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > -# >=20 > -## >=20 > - >=20 > -[Defines] >=20 > - INF_VERSION =3D 0x00010005 >=20 > - BASE_NAME =3D TcgMorLockSmm >=20 > - MODULE_UNI_FILE =3D TcgMorLock.uni >=20 > - FILE_GUID =3D E2EA6F47-E678-47FA-8C1B-02A03E825C6= E >=20 > - MODULE_TYPE =3D DXE_SMM_DRIVER >=20 > - VERSION_STRING =3D 1.0 >=20 > - PI_SPECIFICATION_VERSION =3D 0x0001000A >=20 > - ENTRY_POINT =3D MorLockDriverEntryPointSmm >=20 > - >=20 > -# >=20 > -# The following information is for reference only and not required by th= e build > tools. >=20 > -# >=20 > -# VALID_ARCHITECTURES =3D IA32 X64 EBC >=20 > -# >=20 > - >=20 > -[Sources] >=20 > - TcgMorLock.h >=20 > - TcgMorLock.c >=20 > - TcgMorLockSmm.c >=20 > - >=20 > -[Packages] >=20 > - MdePkg/MdePkg.dec >=20 > - MdeModulePkg/MdeModulePkg.dec >=20 > - SecurityPkg/SecurityPkg.dec >=20 > - >=20 > -[LibraryClasses] >=20 > - UefiDriverEntryPoint >=20 > - SmmServicesTableLib >=20 > - DebugLib >=20 > - BaseLib >=20 > - BaseMemoryLib >=20 > - >=20 > -[Guids] >=20 > - ## SOMETIMES_CONSUMES ## > Variable:L"MemoryOverwriteRequestControl" >=20 > - gEfiMemoryOverwriteControlDataGuid >=20 > - >=20 > - ## SOMETIMES_CONSUMES ## > Variable:L"MemoryOverwriteRequestControlLock" >=20 > - ## PRODUCES ## Variable:L"MemoryOverwriteRequestControl= Lock" >=20 > - gEfiMemoryOverwriteRequestControlLockGuid >=20 > - >=20 > -[Protocols] >=20 > - gEdkiiSmmVarCheckProtocolGuid ## CONSUMES >=20 > - gEfiSmmVariableProtocolGuid ## CONSUMES >=20 > - >=20 > -[Depex] >=20 > - gEfiSmmVariableProtocolGuid AND >=20 > - gSmmVariableWriteGuid AND >=20 > - ( gEfiTcgProtocolGuid OR gEfiTcg2ProtocolGuid ) >=20 > - >=20 > -[UserExtensions.TianoCore."ExtraFiles"] >=20 > - TcgMorLockExtra.uni >=20 > -- > 2.26.2.windows.1