Virtualization
/
edk2
mirror of https://gitlab.com/qemu-project/edk2.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Use SmmMemLib to check communication buffer. 

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Gao, Liming" <liming.gao@intel.com>
Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16694 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Yao, Jiewen 2015-02-02 14:42:22 +00:00 committed by jyao1
parent d425764e3f
commit 842b1242d1
19 changed files with 109 additions and 573 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

87
MdeModulePkg/Core/PiSmmCore/PiSmmCore.c
View File

@ -85,11 +85,6 @@ SMM_CORE_SMI_HANDLERS mSmmCoreSmiHandlers[] = {
UINTN mFullSmramRangeCount; UINTN mFullSmramRangeCount;
EFI_SMRAM_DESCRIPTOR *mFullSmramRanges; EFI_SMRAM_DESCRIPTOR *mFullSmramRanges;
//
// Maximum support address used to check input CommunicationBuffer
//
UINTN mMaximumSupportAddress = 0;
/** /**
Place holder function until all the SMM System Table Service are available. Place holder function until all the SMM System Table Service are available.
@ -279,76 +274,6 @@ SmmEndOfDxeHandler (
return Status; return Status;
} }
/**
Caculate and save the maximum support address.
**/
VOID
CaculateMaximumSupportAddress (
VOID
)
{
VOID *Hob;
UINT32 RegEax;
UINT8 PhysicalAddressBits;
//
// Get physical address bits supported.
//
Hob = GetFirstHob (EFI_HOB_TYPE_CPU);
if (Hob != NULL) {
PhysicalAddressBits = ((EFI_HOB_CPU *) Hob)->SizeOfMemorySpace;
} else {
AsmCpuid (0x80000000, &RegEax, NULL, NULL, NULL);
if (RegEax >= 0x80000008) {
AsmCpuid (0x80000008, &RegEax, NULL, NULL, NULL);
PhysicalAddressBits = (UINT8) RegEax;
} else {
PhysicalAddressBits = 36;
}
}
//
// IA-32e paging translates 48-bit linear addresses to 52-bit physical addresses.
//
ASSERT (PhysicalAddressBits <= 52);
if (PhysicalAddressBits > 48) {
PhysicalAddressBits = 48;
}
//
// Save the maximum support address in one global variable
//
mMaximumSupportAddress = (UINTN) (LShiftU64 (1, PhysicalAddressBits) - 1);
DEBUG ((EFI_D_INFO, "mMaximumSupportAddress = 0x%lx\n", mMaximumSupportAddress));
}
/**
Check if input buffer is in valid address scope or not.
@param[in] Pointer Pointer to the input buffer.
@param[in] BufferSize Input buffer size in bytes.
@retval TRUE The input buffer is in valid address scope.
@retval FALSE The input buffer is not in valid address scope.
**/
BOOLEAN
IsValidPointer (
IN VOID *Pointer,
IN UINTN BufferSize
)
{
if ((UINTN) Pointer > mMaximumSupportAddress) {
return FALSE;
}
if (BufferSize > (mMaximumSupportAddress - (UINTN) Pointer)) {
return FALSE;
}
return TRUE;
}
/** /**
The main entry point to SMM Foundation. The main entry point to SMM Foundation.
@ -398,7 +323,7 @@ SmmEntryPoint (
// //
// Synchronous SMI for SMM Core or request from Communicate protocol // Synchronous SMI for SMM Core or request from Communicate protocol
// //
if (!IsValidPointer (gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)gSmmCorePrivate->CommunicationBuffer, gSmmCorePrivate->BufferSize)) {
// //
// If CommunicationBuffer is not in valid address scope, return EFI_INVALID_PARAMETER // If CommunicationBuffer is not in valid address scope, return EFI_INVALID_PARAMETER
// //
@ -484,9 +409,10 @@ SmmMain (
gSmmCorePrivate->SmmEntryPoint = SmmEntryPoint; gSmmCorePrivate->SmmEntryPoint = SmmEntryPoint;
// //
// Initialize memory service using free SMRAM // No need to initialize memory service.
// It is done in constructor of PiSmmCoreMemoryAllocationLib(),
// so that the library linked with PiSmmCore can use AllocatePool() in constuctor.
// //
SmmInitializeMemoryServices (gSmmCorePrivate->SmramRangeCount, gSmmCorePrivate->SmramRanges);
SmramProfileInit (); SmramProfileInit ();
@ -512,10 +438,5 @@ SmmMain (
RegisterSmramProfileHandler (); RegisterSmramProfileHandler ();
//
// Caculate and save maximum support address used in SmmEntryPoint().
//
CaculateMaximumSupportAddress ();
return EFI_SUCCESS; return EFI_SUCCESS;
} }

1
MdeModulePkg/Core/PiSmmCore/PiSmmCore.h
View File

@ -51,6 +51,7 @@
#include <Library/PerformanceLib.h> #include <Library/PerformanceLib.h>
#include <Library/TimerLib.h> #include <Library/TimerLib.h>
#include <Library/HobLib.h> #include <Library/HobLib.h>
#include <Library/SmmMemLib.h>
#include "PiSmmCorePrivateData.h" #include "PiSmmCorePrivateData.h"

3
MdeModulePkg/Core/PiSmmCore/PiSmmCore.inf
View File

@ -1,7 +1,7 @@
## @file ## @file
# This module provide an SMM CIS compliant implementation of SMM Core. # This module provide an SMM CIS compliant implementation of SMM Core.
# #
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
@ -60,6 +60,7 @@
PerformanceLib PerformanceLib
TimerLib TimerLib
HobLib HobLib
SmmMemLib
[Protocols] [Protocols]
gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRegister gEfiDxeSmmReadyToLockProtocolGuid ## UNDEFINED # SmiHandlerRegister

61
MdeModulePkg/Core/PiSmmCore/SmramProfileRecord.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
Support routines for SMRAM profile. Support routines for SMRAM profile.
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR> Copyright (c) 2014 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -1175,61 +1175,6 @@ SmramProfileReadyToLock (
//////////////////// ////////////////////
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
InternalIsAddressInSmram (
IN PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mFullSmramRangeCount; Index ++) {
if (((Buffer >= mFullSmramRanges[Index].CpuStart) && (Buffer < mFullSmramRanges[Index].CpuStart + mFullSmramRanges[Index].PhysicalSize)) ||
((mFullSmramRanges[Index].CpuStart >= Buffer) && (mFullSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
InternalIsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (InternalIsAddressInSmram ((PHYSICAL_ADDRESS) Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Get SMRAM profile data size. Get SMRAM profile data size.
@ -1485,7 +1430,7 @@ SmramProfileHandlerGetData (
// //
// Sanity check // Sanity check
// //
if (!InternalIsAddressValid ((UINTN) SmramProfileGetData.ProfileBuffer, (UINTN) ProfileSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN) SmramProfileGetData.ProfileBuffer, (UINTN) ProfileSize)) {
DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetData: SMM ProfileBuffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmramProfileHandlerGetData: SMM ProfileBuffer in SMRAM or overflow!\n"));
SmramProfileParameterGetData->ProfileSize = ProfileSize; SmramProfileParameterGetData->ProfileSize = ProfileSize;
SmramProfileParameterGetData->Header.ReturnStatus = (UINT64) (INT64) (INTN) EFI_ACCESS_DENIED; SmramProfileParameterGetData->Header.ReturnStatus = (UINT64) (INT64) (INTN) EFI_ACCESS_DENIED;
@ -1610,7 +1555,7 @@ SmramProfileHandler (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (mSmramReadyToLock && !InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (mSmramReadyToLock && !SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmramProfileHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }

27
MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/MemoryAllocationLib.c
View File

@ -1,7 +1,7 @@
/** @file /** @file
Support routines for memory allocation routines based on SMM Core internal functions. Support routines for memory allocation routines based on SMM Core internal functions.
Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR> Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -936,3 +936,28 @@ FreePool (
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
} }
/**
The constructor function calls SmmInitializeMemoryServices to initialize memory in SMRAM.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
**/
EFI_STATUS
EFIAPI
PiSmmCoreMemoryAllocationLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
SMM_CORE_PRIVATE_DATA *SmmCorePrivate;
SmmCorePrivate = (SMM_CORE_PRIVATE_DATA *)ImageHandle;
//
// Initialize memory service using free SMRAM
//
SmmInitializeMemoryServices (SmmCorePrivate->SmramRangeCount, SmmCorePrivate->SmramRanges);
return EFI_SUCCESS;
}

5
MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
View File

@ -4,7 +4,7 @@
# for memory allocation instead of using SMM System Table servces in an indirect way. # for memory allocation instead of using SMM System Table servces in an indirect way.
# It is assumed that this library instance must be linked with SMM Cre in this package. # It is assumed that this library instance must be linked with SMM Cre in this package.
# #
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
@ -24,7 +24,8 @@
VERSION_STRING = 1.0 VERSION_STRING = 1.0
PI_SPECIFICATION_VERSION = 0x0001000A PI_SPECIFICATION_VERSION = 0x0001000A
LIBRARY_CLASS = MemoryAllocationLib|SMM_CORE LIBRARY_CLASS = MemoryAllocationLib|SMM_CORE
CONSTRUCTOR = PiSmmCoreMemoryAllocationLibConstructor
# #
# The following information is for reference only and not required by the build tools. # The following information is for reference only and not required by the build tools.
# #

35
MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationServices.h
View File

@ -4,7 +4,7 @@
This header file borrows the PiSmmCore Memory Allocation services as the primitive This header file borrows the PiSmmCore Memory Allocation services as the primitive
for memory allocation. for memory allocation.
Copyright (c) 2008 - 2010, Intel Corporation. All rights reserved.<BR> Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -18,6 +18,39 @@
#ifndef _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_ #ifndef _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_
#define _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_ #define _PI_SMM_CORE_MEMORY_ALLOCATION_SERVICES_H_
typedef struct {
UINTN Signature;
///
/// The ImageHandle passed into the entry point of the SMM IPL. This ImageHandle
/// is used by the SMM Core to fill in the ParentImageHandle field of the Loaded
/// Image Protocol for each SMM Driver that is dispatched by the SMM Core.
///
EFI_HANDLE SmmIplImageHandle;
///
/// The number of SMRAM ranges passed from the SMM IPL to the SMM Core. The SMM
/// Core uses these ranges of SMRAM to initialize the SMM Core memory manager.
///
UINTN SmramRangeCount;
///
/// A table of SMRAM ranges passed from the SMM IPL to the SMM Core. The SMM
/// Core uses these ranges of SMRAM to initialize the SMM Core memory manager.
///
EFI_SMRAM_DESCRIPTOR *SmramRanges;
} SMM_CORE_PRIVATE_DATA;
/**
Called to initialize the memory service.
@param SmramRangeCount Number of SMRAM Regions
@param SmramRanges Pointer to SMRAM Descriptors
**/
VOID
SmmInitializeMemoryServices (
IN UINTN SmramRangeCount,
IN EFI_SMRAM_DESCRIPTOR *SmramRanges
);
/** /**
Allocates pages from the memory map. Allocates pages from the memory map.

92
MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.c
View File

@ -16,7 +16,7 @@
SmmPerformanceHandlerEx(), SmmPerformanceHandler() will receive untrusted input and do basic validation. SmmPerformanceHandlerEx(), SmmPerformanceHandler() will receive untrusted input and do basic validation.
Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -51,9 +51,6 @@ BOOLEAN mPerformanceMeasurementEnabled;
SPIN_LOCK mSmmPerfLock; SPIN_LOCK mSmmPerfLock;
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
UINTN mSmramRangeCount;
// //
// Interfaces for SMM Performance Protocol. // Interfaces for SMM Performance Protocol.
// //
@ -450,60 +447,6 @@ GetGauge (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
IsAddressInSmram (
IN EFI_PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mSmramRangeCount; Index ++) {
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
IsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (IsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Communication service SMI Handler entry. Communication service SMI Handler entry.
@ -560,7 +503,7 @@ SmmPerformanceHandlerEx (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (!IsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM communcation data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM communcation data buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -587,7 +530,7 @@ SmmPerformanceHandlerEx (
// Sanity check // Sanity check
// //
DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY_EX); DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY_EX);
if (!IsAddressValid ((UINTN)GaugeDataEx, DataSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)GaugeDataEx, DataSize)) {
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM Performance Data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmPerformanceHandlerEx: SMM Performance Data buffer in SMRAM or overflow!\n"));
Status = EFI_ACCESS_DENIED; Status = EFI_ACCESS_DENIED;
break; break;
@ -669,7 +612,7 @@ SmmPerformanceHandler (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (!IsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM communcation data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM communcation data buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -696,7 +639,7 @@ SmmPerformanceHandler (
// Sanity check // Sanity check
// //
DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY); DataSize = NumberOfEntries * sizeof(GAUGE_DATA_ENTRY);
if (!IsAddressValid ((UINTN)GaugeData, DataSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)GaugeData, DataSize)) {
DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM Performance Data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmPerformanceHandler: SMM Performance Data buffer in SMRAM or overflow!\n"));
Status = EFI_ACCESS_DENIED; Status = EFI_ACCESS_DENIED;
break; break;
@ -741,9 +684,6 @@ InitializeSmmCorePerformanceLib (
{ {
EFI_STATUS Status; EFI_STATUS Status;
EFI_HANDLE Handle; EFI_HANDLE Handle;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
UINTN Size;
// //
// Initialize spin lock // Initialize spin lock
@ -755,28 +695,6 @@ InitializeSmmCorePerformanceLib (
mGaugeData = AllocateZeroPool (sizeof (GAUGE_DATA_HEADER) + (sizeof (GAUGE_DATA_ENTRY_EX) * mMaxGaugeRecords)); mGaugeData = AllocateZeroPool (sizeof (GAUGE_DATA_HEADER) + (sizeof (GAUGE_DATA_ENTRY_EX) * mMaxGaugeRecords));
ASSERT (mGaugeData != NULL); ASSERT (mGaugeData != NULL);
//
// Get SMRAM information
//
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
ASSERT_EFI_ERROR (Status);
Size = 0;
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
Status = gSmst->SmmAllocatePool (
EfiRuntimeServicesData,
Size,
(VOID **)&mSmramRanges
);
ASSERT_EFI_ERROR (Status);
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
ASSERT_EFI_ERROR (Status);
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
// //
// Install the protocol interfaces. // Install the protocol interfaces.
// //

3
MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLib.inf
View File

@ -8,7 +8,7 @@
# This library is mainly used by SMM Core to start performance logging to ensure that # This library is mainly used by SMM Core to start performance logging to ensure that
# SMM Performance and PerformanceEx Protocol are installed at the very beginning of SMM phase. # SMM Performance and PerformanceEx Protocol are installed at the very beginning of SMM phase.
# #
# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
@ -56,6 +56,7 @@
DebugLib DebugLib
SynchronizationLib SynchronizationLib
SmmServicesTableLib SmmServicesTableLib
SmmMemLib
[Protocols] [Protocols]
gEfiSmmBase2ProtocolGuid ## CONSUMES gEfiSmmBase2ProtocolGuid ## CONSUMES

3
MdeModulePkg/Library/SmmCorePerformanceLib/SmmCorePerformanceLibInternal.h
View File

@ -4,7 +4,7 @@
This header file holds the prototypes of the SMM Performance and PerformanceEx Protocol published by this This header file holds the prototypes of the SMM Performance and PerformanceEx Protocol published by this
library instance at its constructor. library instance at its constructor.
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -32,6 +32,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/UefiBootServicesTableLib.h> #include <Library/UefiBootServicesTableLib.h>
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Library/SynchronizationLib.h> #include <Library/SynchronizationLib.h>
#include <Library/SmmMemLib.h>
#include <Protocol/SmmBase2.h> #include <Protocol/SmmBase2.h>
#include <Protocol/SmmAccess2.h> #include <Protocol/SmmAccess2.h>

4
MdeModulePkg/MdeModulePkg.dsc
View File

@ -2,7 +2,7 @@
# EFI/PI Reference Module Package for All Architectures # EFI/PI Reference Module Package for All Architectures
# #
# (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR> # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
# Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
@ -128,6 +128,7 @@
MemoryAllocationLib|MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf MemoryAllocationLib|MdeModulePkg/Library/PiSmmCoreMemoryAllocationLib/PiSmmCoreMemoryAllocationLib.inf
SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf SmmServicesTableLib|MdeModulePkg/Library/PiSmmCoreSmmServicesTableLib/PiSmmCoreSmmServicesTableLib.inf
SmmCorePlatformHookLib|MdeModulePkg/Library/SmmCorePlatformHookLibNull/SmmCorePlatformHookLibNull.inf SmmCorePlatformHookLib|MdeModulePkg/Library/SmmCorePlatformHookLibNull/SmmCorePlatformHookLibNull.inf
SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
[LibraryClasses.common.DXE_SMM_DRIVER] [LibraryClasses.common.DXE_SMM_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -135,6 +136,7 @@
MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf MemoryAllocationLib|MdePkg/Library/SmmMemoryAllocationLib/SmmMemoryAllocationLib.inf
SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf SmmServicesTableLib|MdePkg/Library/SmmServicesTableLib/SmmServicesTableLib.inf
LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.inf
SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
[LibraryClasses.common.UEFI_DRIVER] [LibraryClasses.common.UEFI_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf

87
MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTableSmm/FirmwarePerformanceSmm.c
View File

@ -11,7 +11,7 @@
FpdtSmiHandler() will receive untrusted input and do basic validation. FpdtSmiHandler() will receive untrusted input and do basic validation.
Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR> Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -39,6 +39,7 @@
#include <Library/MemoryAllocationLib.h> #include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h> #include <Library/UefiBootServicesTableLib.h>
#include <Library/SynchronizationLib.h> #include <Library/SynchronizationLib.h>
#include <Library/SmmMemLib.h>
#define EXTENSION_RECORD_SIZE 0x1000 #define EXTENSION_RECORD_SIZE 0x1000
@ -49,8 +50,6 @@ UINT32 mBootRecordSize = 0;
UINT32 mBootRecordMaxSize = 0; UINT32 mBootRecordMaxSize = 0;
UINT8 *mBootRecordBuffer = NULL; UINT8 *mBootRecordBuffer = NULL;
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
UINTN mSmramRangeCount;
SPIN_LOCK mSmmFpdtLock; SPIN_LOCK mSmmFpdtLock;
BOOLEAN mSmramIsOutOfResource = FALSE; BOOLEAN mSmramIsOutOfResource = FALSE;
@ -177,60 +176,6 @@ FpdtStatusCodeListenerSmm (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
InternalIsAddressInSmram (
IN EFI_PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mSmramRangeCount; Index ++) {
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
InternalIsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Communication service SMI Handler entry. Communication service SMI Handler entry.
@ -283,7 +228,7 @@ FpdtSmiHandler (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (!InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM communication data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM communication data buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -309,7 +254,7 @@ FpdtSmiHandler (
// Sanity check // Sanity check
// //
SmmCommData->BootRecordSize = mBootRecordSize; SmmCommData->BootRecordSize = mBootRecordSize;
if (!InternalIsAddressValid ((UINTN)BootRecordData, mBootRecordSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)BootRecordData, mBootRecordSize)) {
DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM Data buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "FpdtSmiHandler: SMM Data buffer in SMRAM or overflow!\n"));
Status = EFI_ACCESS_DENIED; Status = EFI_ACCESS_DENIED;
break; break;
@ -350,8 +295,6 @@ FirmwarePerformanceSmmEntryPoint (
{ {
EFI_STATUS Status; EFI_STATUS Status;
EFI_HANDLE Handle; EFI_HANDLE Handle;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
UINTN Size;
// //
// Initialize spin lock // Initialize spin lock
@ -374,28 +317,6 @@ FirmwarePerformanceSmmEntryPoint (
Status = mRscHandlerProtocol->Register (FpdtStatusCodeListenerSmm); Status = mRscHandlerProtocol->Register (FpdtStatusCodeListenerSmm);
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
//
// Get SMRAM information
//
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
ASSERT_EFI_ERROR (Status);
Size = 0;
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
Status = gSmst->SmmAllocatePool (
EfiRuntimeServicesData,
Size,
(VOID **)&mSmramRanges
);
ASSERT_EFI_ERROR (Status);
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
ASSERT_EFI_ERROR (Status);
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
// //
// Register SMI handler. // Register SMI handler.
// //

3
MdeModulePkg/Universal/Acpi/FirmwarePerformanceDataTableSmm/FirmwarePerformanceSmm.inf
View File

@ -4,7 +4,7 @@
# This module registers report status code listener to collect performance data # This module registers report status code listener to collect performance data
# for SMM boot performance records and S3 Suspend Performance Record. # for SMM boot performance records and S3 Suspend Performance Record.
# #
# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
@ -50,6 +50,7 @@
MemoryAllocationLib MemoryAllocationLib
UefiBootServicesTableLib UefiBootServicesTableLib
SynchronizationLib SynchronizationLib
SmmMemLib
[Protocols] [Protocols]
gEfiSmmRscHandlerProtocolGuid ## CONSUMES gEfiSmmRscHandlerProtocolGuid ## CONSUMES

85
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.c
View File

@ -43,7 +43,7 @@
Caution: This module requires additional review when modified. Caution: This module requires additional review when modified.
This driver need to make sure the CommBuffer is not in the SMRAM range. This driver need to make sure the CommBuffer is not in the SMRAM range.
Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -56,6 +56,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <PiSmm.h> #include <PiSmm.h>
#include <Library/SmmServicesTableLib.h> #include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
#include <Protocol/SmmSwapAddressRange.h> #include <Protocol/SmmSwapAddressRange.h>
#include "FaultTolerantWrite.h" #include "FaultTolerantWrite.h"
#include "FaultTolerantWriteSmmCommon.h" #include "FaultTolerantWriteSmmCommon.h"
@ -64,68 +65,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
EFI_EVENT mFvbRegistration = NULL; EFI_EVENT mFvbRegistration = NULL;
EFI_FTW_DEVICE *mFtwDevice = NULL; EFI_FTW_DEVICE *mFtwDevice = NULL;
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
UINTN mSmramRangeCount;
/// ///
/// The flag to indicate whether the platform has left the DXE phase of execution. /// The flag to indicate whether the platform has left the DXE phase of execution.
/// ///
BOOLEAN mEndOfDxe = FALSE; BOOLEAN mEndOfDxe = FALSE;
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
InternalIsAddressInSmram (
IN EFI_PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mSmramRangeCount; Index ++) {
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
InternalIsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Retrive the SMM FVB protocol interface by HANDLE. Retrive the SMM FVB protocol interface by HANDLE.
@ -391,7 +336,7 @@ SmmFaultTolerantWriteHandler (
} }
CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE; CommBufferPayloadSize = TempCommBufferSize - SMM_FTW_COMMUNICATE_HEADER_SIZE;
if (!InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmFtwHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -670,8 +615,6 @@ SmmFaultTolerantWriteInitialize (
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
UINTN Size;
VOID *SmmEndOfDxeRegistration; VOID *SmmEndOfDxeRegistration;
// //
@ -682,28 +625,6 @@ SmmFaultTolerantWriteInitialize (
return Status; return Status;
} }
//
// Get SMRAM information
//
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
ASSERT_EFI_ERROR (Status);
Size = 0;
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
Status = gSmst->SmmAllocatePool (
EfiRuntimeServicesData,
Size,
(VOID **)&mSmramRanges
);
ASSERT_EFI_ERROR (Status);
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
ASSERT_EFI_ERROR (Status);
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
// //
// Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function. // Register EFI_SMM_END_OF_DXE_PROTOCOL_GUID notify function.
// //

3
MdeModulePkg/Universal/FaultTolerantWriteDxe/FaultTolerantWriteSmm.inf
View File

@ -6,7 +6,7 @@
# depends on the full functionality SMM FVB protocol that support read, write/erase # depends on the full functionality SMM FVB protocol that support read, write/erase
# flash access. # flash access.
# #
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
@ -54,6 +54,7 @@
UefiLib UefiLib
PcdLib PcdLib
ReportStatusCodeLib ReportStatusCodeLib
SmmMemLib
[Guids] [Guids]
# #

93
MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.c
View File

@ -9,7 +9,7 @@
SmmLockBoxHandler(), SmmLockBoxRestore(), SmmLockBoxUpdate(), SmmLockBoxSave() SmmLockBoxHandler(), SmmLockBoxRestore(), SmmLockBoxUpdate(), SmmLockBoxSave()
will receive untrusted input and do basic validation. will receive untrusted input and do basic validation.
Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions are licensed and made available under the terms and conditions
@ -30,7 +30,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/BaseLib.h> #include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h> #include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h> #include <Library/DebugLib.h>
#include <Library/SmmMemLib.h>
#include <Library/LockBoxLib.h> #include <Library/LockBoxLib.h>
#include <Protocol/SmmReadyToLock.h> #include <Protocol/SmmReadyToLock.h>
#include <Protocol/SmmCommunication.h> #include <Protocol/SmmCommunication.h>
#include <Protocol/SmmAccess2.h> #include <Protocol/SmmAccess2.h>
@ -39,63 +41,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
BOOLEAN mLocked = FALSE; BOOLEAN mLocked = FALSE;
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
UINTN mSmramRangeCount;
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
IsAddressInSmram (
IN EFI_PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mSmramRangeCount; Index ++) {
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
IsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (IsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Dispatch function for SMM lock box save. Dispatch function for SMM lock box save.
@ -127,7 +72,7 @@ SmmLockBoxSave (
// //
// Sanity check // Sanity check
// //
if (!IsAddressValid ((UINTN)TempLockBoxParameterSave.Buffer, (UINTN)TempLockBoxParameterSave.Length)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)TempLockBoxParameterSave.Buffer, (UINTN)TempLockBoxParameterSave.Length)) {
DEBUG ((EFI_D_ERROR, "SmmLockBox Save address in SMRAM or buffer overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmLockBox Save address in SMRAM or buffer overflow!\n"));
LockBoxParameterSave->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED; LockBoxParameterSave->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
return ; return ;
@ -211,7 +156,7 @@ SmmLockBoxUpdate (
// //
// Sanity check // Sanity check
// //
if (!IsAddressValid ((UINTN)TempLockBoxParameterUpdate.Buffer, (UINTN)TempLockBoxParameterUpdate.Length)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)TempLockBoxParameterUpdate.Buffer, (UINTN)TempLockBoxParameterUpdate.Length)) {
DEBUG ((EFI_D_ERROR, "SmmLockBox Update address in SMRAM or buffer overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmLockBox Update address in SMRAM or buffer overflow!\n"));
LockBoxParameterUpdate->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED; LockBoxParameterUpdate->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
return ; return ;
@ -252,7 +197,7 @@ SmmLockBoxRestore (
// //
// Sanity check // Sanity check
// //
if (!IsAddressValid ((UINTN)TempLockBoxParameterRestore.Buffer, (UINTN)TempLockBoxParameterRestore.Length)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)TempLockBoxParameterRestore.Buffer, (UINTN)TempLockBoxParameterRestore.Length)) {
DEBUG ((EFI_D_ERROR, "SmmLockBox Restore address in SMRAM or buffer overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmLockBox Restore address in SMRAM or buffer overflow!\n"));
LockBoxParameterRestore->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED; LockBoxParameterRestore->Header.ReturnStatus = (UINT64)EFI_ACCESS_DENIED;
return ; return ;
@ -341,7 +286,7 @@ SmmLockBoxHandler (
DEBUG ((EFI_D_ERROR, "SmmLockBox Command Buffer Size invalid!\n")); DEBUG ((EFI_D_ERROR, "SmmLockBox Command Buffer Size invalid!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (!IsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmLockBox Command Buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmLockBox Command Buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -444,30 +389,6 @@ SmmLockBoxEntryPoint (
EFI_STATUS Status; EFI_STATUS Status;
EFI_HANDLE DispatchHandle; EFI_HANDLE DispatchHandle;
VOID *Registration; VOID *Registration;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
UINTN Size;
//
// Get SMRAM information
//
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
ASSERT_EFI_ERROR (Status);
Size = 0;
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
Status = gSmst->SmmAllocatePool (
EfiRuntimeServicesData,
Size,
(VOID **)&mSmramRanges
);
ASSERT_EFI_ERROR (Status);
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
ASSERT_EFI_ERROR (Status);
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
// //
// Register LockBox communication handler // Register LockBox communication handler

3
MdeModulePkg/Universal/LockBox/SmmLockBox/SmmLockBox.inf
View File

@ -6,7 +6,7 @@
# This external input must be validated carefully to avoid security issue like # This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow. # buffer overflow, integer overflow.
# #
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
# #
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions # are licensed and made available under the terms and conditions
@ -50,6 +50,7 @@
BaseMemoryLib BaseMemoryLib
DebugLib DebugLib
LockBoxLib LockBoxLib
SmmMemLib
[Guids] [Guids]
gEfiSmmLockBoxCommunicationGuid ## PRODUCES ## GUID # SmiHandlerRegister gEfiSmmLockBoxCommunicationGuid ## PRODUCES ## GUID # SmiHandlerRegister

86
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
View File

@ -33,14 +33,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Protocol/SmmVarCheck.h> #include <Protocol/SmmVarCheck.h>
#include <Library/SmmServicesTableLib.h> #include <Library/SmmServicesTableLib.h>
#include <Library/SmmMemLib.h>
#include <Guid/VariableFormat.h> #include <Guid/VariableFormat.h>
#include <Guid/SmmVariableCommon.h> #include <Guid/SmmVariableCommon.h>
#include "Variable.h" #include "Variable.h"
EFI_SMRAM_DESCRIPTOR *mSmramRanges;
UINTN mSmramRangeCount;
extern VARIABLE_INFO_ENTRY *gVariableInfo; extern VARIABLE_INFO_ENTRY *gVariableInfo;
EFI_HANDLE mSmmVariableHandle = NULL; EFI_HANDLE mSmmVariableHandle = NULL;
EFI_HANDLE mVariableHandle = NULL; EFI_HANDLE mVariableHandle = NULL;
@ -120,60 +118,6 @@ AtRuntime (
return mAtRuntime; return mAtRuntime;
} }
/**
This function check if the address is in SMRAM.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is in SMRAM.
@retval FALSE this address is NOT in SMRAM.
**/
BOOLEAN
InternalIsAddressInSmram (
IN EFI_PHYSICAL_ADDRESS Buffer,
IN UINT64 Length
)
{
UINTN Index;
for (Index = 0; Index < mSmramRangeCount; Index ++) {
if (((Buffer >= mSmramRanges[Index].CpuStart) && (Buffer < mSmramRanges[Index].CpuStart + mSmramRanges[Index].PhysicalSize)) ||
((mSmramRanges[Index].CpuStart >= Buffer) && (mSmramRanges[Index].CpuStart < Buffer + Length))) {
return TRUE;
}
}
return FALSE;
}
/**
This function check if the address refered by Buffer and Length is valid.
@param Buffer the buffer address to be checked.
@param Length the buffer length to be checked.
@retval TRUE this address is valid.
@retval FALSE this address is NOT valid.
**/
BOOLEAN
InternalIsAddressValid (
IN UINTN Buffer,
IN UINTN Length
)
{
if (Buffer > (MAX_ADDRESS - Length)) {
//
// Overflow happen
//
return FALSE;
}
if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)Buffer, (UINT64)Length)) {
return FALSE;
}
return TRUE;
}
/** /**
Initializes a basic mutual exclusion lock. Initializes a basic mutual exclusion lock.
@ -528,7 +472,7 @@ SmmVariableHandler (
return EFI_SUCCESS; return EFI_SUCCESS;
} }
if (!InternalIsAddressValid ((UINTN)CommBuffer, TempCommBufferSize)) { if (!SmmIsBufferOutsideSmmValid ((UINTN)CommBuffer, TempCommBufferSize)) {
DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n")); DEBUG ((EFI_D_ERROR, "SmmVariableHandler: SMM communication buffer in SMRAM or overflow!\n"));
return EFI_SUCCESS; return EFI_SUCCESS;
} }
@ -719,7 +663,7 @@ SmmVariableHandler (
// It is covered by previous CommBuffer check // It is covered by previous CommBuffer check
// //
if (InternalIsAddressInSmram ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) { if (!SmmIsBufferOutsideSmmValid ((EFI_PHYSICAL_ADDRESS)(UINTN)CommBufferSize, sizeof(UINTN))) {
DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n")); DEBUG ((EFI_D_ERROR, "GetStatistics: SMM communication buffer in SMRAM!\n"));
Status = EFI_ACCESS_DENIED; Status = EFI_ACCESS_DENIED;
goto EXIT; goto EXIT;
@ -937,8 +881,6 @@ VariableServiceInitialize (
EFI_STATUS Status; EFI_STATUS Status;
EFI_HANDLE VariableHandle; EFI_HANDLE VariableHandle;
VOID *SmmFtwRegistration; VOID *SmmFtwRegistration;
EFI_SMM_ACCESS2_PROTOCOL *SmmAccess;
UINTN Size;
VOID *SmmEndOfDxeRegistration; VOID *SmmEndOfDxeRegistration;
// //
@ -967,28 +909,6 @@ VariableServiceInitialize (
); );
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);
//
// Get SMRAM information
//
Status = gBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess);
ASSERT_EFI_ERROR (Status);
Size = 0;
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL);
ASSERT (Status == EFI_BUFFER_TOO_SMALL);
Status = gSmst->SmmAllocatePool (
EfiRuntimeServicesData,
Size,
(VOID **)&mSmramRanges
);
ASSERT_EFI_ERROR (Status);
Status = SmmAccess->GetCapabilities (SmmAccess, &Size, mSmramRanges);
ASSERT_EFI_ERROR (Status);
mSmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR);
mVariableBufferPayloadSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) + mVariableBufferPayloadSize = MAX (PcdGet32 (PcdMaxVariableSize), PcdGet32 (PcdMaxHardwareErrorVariableSize)) +
OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - sizeof (VARIABLE_HEADER); OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - sizeof (VARIABLE_HEADER);

1
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
View File

@ -64,6 +64,7 @@
HobLib HobLib
PcdLib PcdLib
DevicePathLib DevicePathLib
SmmMemLib
[Protocols] [Protocols]
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES