Home | History | Annotate | Download | only in RuntimeDxe 
      1 /** @file
      2   TCG MOR (Memory Overwrite Request) Lock Control support (DXE version).
      3 
      4   This module clears MemoryOverwriteRequestControlLock variable to indicate
      5   MOR lock control unsupported.
      6 
      7 Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
      8 This program and the accompanying materials
      9 are licensed and made available under the terms and conditions of the BSD License
     10 which accompanies this distribution.  The full text of the license may be found at
     11 http://opensource.org/licenses/bsd-license.php
     12 
     13 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     14 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     15 
     16 **/
     17 
     18 #include <PiDxe.h>
     19 #include <Guid/MemoryOverwriteControl.h>
     20 #include <IndustryStandard/MemoryOverwriteRequestControlLock.h>
     21 #include <Library/DebugLib.h>
     22 #include <Library/BaseLib.h>
     23 #include <Library/BaseMemoryLib.h>
     24 #include "Variable.h"
     25 
     26 extern EDKII_VARIABLE_LOCK_PROTOCOL     mVariableLock;
     27 
     28 /**
     29   This service is an MOR/MorLock checker handler for the SetVariable().
     30 
     31   @param  VariableName the name of the vendor's variable, as a
     32                        Null-Terminated Unicode String
     33   @param  VendorGuid   Unify identifier for vendor.
     34   @param  Attributes   Point to memory location to return the attributes of variable. If the point
     35                        is NULL, the parameter would be ignored.
     36   @param  DataSize     The size in bytes of Data-Buffer.
     37   @param  Data         Point to the content of the variable.
     38 
     39   @retval  EFI_SUCCESS            The MOR/MorLock check pass, and Variable driver can store the variable data.
     40   @retval  EFI_INVALID_PARAMETER  The MOR/MorLock data or data size or attributes is not allowed for MOR variable.
     41   @retval  EFI_ACCESS_DENIED      The MOR/MorLock is locked.
     42   @retval  EFI_ALREADY_STARTED    The MorLock variable is handled inside this function.
     43                                   Variable driver can just return EFI_SUCCESS.
     44 **/
     45 EFI_STATUS
     46 SetVariableCheckHandlerMor (
     47   IN CHAR16     *VariableName,
     48   IN EFI_GUID   *VendorGuid,
     49   IN UINT32     Attributes,
     50   IN UINTN      DataSize,
     51   IN VOID       *Data
     52   )
     53 {
     54   //
     55   // Just let it pass. No need provide protection for DXE version.
     56   //
     57   return EFI_SUCCESS;
     58 }
     59 
     60 /**
     61   Initialization for MOR Lock Control.
     62 
     63   @retval EFI_SUCEESS     MorLock initialization success.
     64   @return Others          Some error occurs.
     65 **/
     66 EFI_STATUS
     67 MorLockInit (
     68   VOID
     69   )
     70 {
     71   //
     72   // Always clear variable to report unsupported to OS.
     73   // The reason is that the DXE version is not proper to provide *protection*.
     74   // BIOS should use SMM version variable driver to provide such capability.
     75   //
     76   VariableServiceSetVariable (
     77     MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME,
     78     &gEfiMemoryOverwriteRequestControlLockGuid,
     79     EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
     80     0,
     81     NULL
     82     );
     83 
     84   //
     85   // Need set this variable to be read-only to prevent other module set it.
     86   //
     87   VariableLockRequestToLock (&mVariableLock, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME, &gEfiMemoryOverwriteRequestControlLockGuid);
     88   return EFI_SUCCESS;
     89 }
     90