VirtualBox

source: vbox/trunk/src/VBox/Devices/EFI/Firmware/MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxSmmLib.c@ 48731

Last change on this file since 48731 was 48674, checked in by vboxsync, 12 years ago

EFI: Export newly imported tinaocore UEFI sources to OSE.
  • Property svn:eol-style set to native
File size: 16.0 KB
Line 
1/** @file
2
3Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
4
5This program and the accompanying materials
6are licensed and made available under the terms and conditions
7of the BSD License which accompanies this distribution. The
8full text of the license may be found at
9http://opensource.org/licenses/bsd-license.php
10
11THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14**/
15
16#include <PiSmm.h>
17#include <Library/SmmServicesTableLib.h>
18#include <Library/BaseLib.h>
19#include <Library/BaseMemoryLib.h>
20#include <Library/LockBoxLib.h>
21#include <Library/DebugLib.h>
22#include <Guid/SmmLockBox.h>
23
24#include "SmmLockBoxLibPrivate.h"
25
26/**
27 We need handle this library carefully. Only one library instance will construct the environment.
28 Below 2 global variable can only be used in constructor. They should NOT be used in any other library functions.
29**/
30SMM_LOCK_BOX_CONTEXT mSmmLockBoxContext;
31LIST_ENTRY mLockBoxQueue = INITIALIZE_LIST_HEAD_VARIABLE (mLockBoxQueue);
32
33/**
34 This function return SmmLockBox context from SMST.
35
36 @return SmmLockBox context from SMST.
37**/
38SMM_LOCK_BOX_CONTEXT *
39InternalGetSmmLockBoxContext (
40 VOID
41 )
42{
43 UINTN Index;
44
45 //
46 // Check if gEfiSmmLockBoxCommunicationGuid is installed by someone
47 //
48 for (Index = 0; Index < gSmst->NumberOfTableEntries; Index++) {
49 if (CompareGuid (&gSmst->SmmConfigurationTable[Index].VendorGuid, &gEfiSmmLockBoxCommunicationGuid)) {
50 //
51 // Found. That means some other library instance is already run.
52 // No need to install again, just return.
53 //
54 return (SMM_LOCK_BOX_CONTEXT *)gSmst->SmmConfigurationTable[Index].VendorTable;
55 }
56 }
57
58 //
59 // Not found.
60 //
61 return NULL;
62}
63
64/**
65 Constructor for SmmLockBox library.
66 This is used to set SmmLockBox context, which will be used in PEI phase in S3 boot path later.
67
68 @param[in] ImageHandle Image handle of this driver.
69 @param[in] SystemTable A Pointer to the EFI System Table.
70
71 @retval EFI_SUCEESS
72 @return Others Some error occurs.
73**/
74EFI_STATUS
75EFIAPI
76SmmLockBoxSmmConstructuor (
77 IN EFI_HANDLE ImageHandle,
78 IN EFI_SYSTEM_TABLE *SystemTable
79 )
80{
81 EFI_STATUS Status;
82 SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;
83
84 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Enter\n"));
85
86 //
87 // Check if gEfiSmmLockBoxCommunicationGuid is installed by someone
88 //
89 SmmLockBoxContext = InternalGetSmmLockBoxContext ();
90 if (SmmLockBoxContext != NULL) {
91 //
92 // Find it. That means some other library instance is already run.
93 // No need to install again, just return.
94 //
95 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - already installed\n"));
96 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));
97 return EFI_SUCCESS;
98 }
99
100 //
101 // If no one install this, it means this is first instance. Install it.
102 //
103 if (sizeof(UINTN) == sizeof(UINT64)) {
104 mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_64;
105 } else {
106 mSmmLockBoxContext.Signature = SMM_LOCK_BOX_SIGNATURE_32;
107 }
108 mSmmLockBoxContext.LockBoxDataAddress = (EFI_PHYSICAL_ADDRESS)(UINTN)&mLockBoxQueue;
109
110 Status = gSmst->SmmInstallConfigurationTable (
111 gSmst,
112 &gEfiSmmLockBoxCommunicationGuid,
113 &mSmmLockBoxContext,
114 sizeof(mSmmLockBoxContext)
115 );
116 ASSERT_EFI_ERROR (Status);
117
118 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxContext - %x\n", (UINTN)&mSmmLockBoxContext));
119 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib LockBoxDataAddress - %x\n", (UINTN)&mLockBoxQueue));
120 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SmmLockBoxSmmConstructuor - Exit\n"));
121
122 return Status;
123}
124
125/**
126 This function return SmmLockBox queue address.
127
128 @return SmmLockBox queue address.
129**/
130LIST_ENTRY *
131InternalGetLockBoxQueue (
132 VOID
133 )
134{
135 SMM_LOCK_BOX_CONTEXT *SmmLockBoxContext;
136
137 SmmLockBoxContext = InternalGetSmmLockBoxContext ();
138 ASSERT (SmmLockBoxContext != NULL);
139 if (SmmLockBoxContext == NULL) {
140 return NULL;
141 }
142 return (LIST_ENTRY *)(UINTN)SmmLockBoxContext->LockBoxDataAddress;
143}
144
145/**
146 This function find LockBox by GUID.
147
148 @param Guid The guid to indentify the LockBox
149
150 @return LockBoxData
151**/
152SMM_LOCK_BOX_DATA *
153InternalFindLockBoxByGuid (
154 IN EFI_GUID *Guid
155 )
156{
157 LIST_ENTRY *Link;
158 SMM_LOCK_BOX_DATA *LockBox;
159 LIST_ENTRY *LockBoxQueue;
160
161 LockBoxQueue = InternalGetLockBoxQueue ();
162 ASSERT (LockBoxQueue != NULL);
163
164 for (Link = LockBoxQueue->ForwardLink;
165 Link != LockBoxQueue;
166 Link = Link->ForwardLink) {
167 LockBox = BASE_CR (
168 Link,
169 SMM_LOCK_BOX_DATA,
170 Link
171 );
172 if (CompareGuid (&LockBox->Guid, Guid)) {
173 return LockBox;
174 }
175 }
176 return NULL;
177}
178
179/**
180 This function will save confidential information to lockbox.
181
182 @param Guid the guid to identify the confidential information
183 @param Buffer the address of the confidential information
184 @param Length the length of the confidential information
185
186 @retval RETURN_SUCCESS the information is saved successfully.
187 @retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
188 @retval RETURN_ALREADY_STARTED the requested GUID already exist.
189 @retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
190 @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
191 @retval RETURN_NOT_STARTED it is too early to invoke this interface
192 @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
193**/
194RETURN_STATUS
195EFIAPI
196SaveLockBox (
197 IN GUID *Guid,
198 IN VOID *Buffer,
199 IN UINTN Length
200 )
201{
202 SMM_LOCK_BOX_DATA *LockBox;
203 EFI_PHYSICAL_ADDRESS SmramBuffer;
204 EFI_STATUS Status;
205 LIST_ENTRY *LockBoxQueue;
206
207 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Enter\n"));
208
209 //
210 // Basic check
211 //
212 if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
213 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
214 return EFI_INVALID_PARAMETER;
215 }
216
217 //
218 // Find LockBox
219 //
220 LockBox = InternalFindLockBoxByGuid (Guid);
221 if (LockBox != NULL) {
222 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_ALREADY_STARTED));
223 return EFI_ALREADY_STARTED;
224 }
225
226 //
227 // Allocate SMRAM buffer
228 //
229 Status = gSmst->SmmAllocatePages (
230 AllocateAnyPages,
231 EfiRuntimeServicesData,
232 EFI_SIZE_TO_PAGES (Length),
233 &SmramBuffer
234 );
235 ASSERT_EFI_ERROR (Status);
236 if (EFI_ERROR (Status)) {
237 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));
238 return EFI_OUT_OF_RESOURCES;
239 }
240
241 //
242 // Allocate LockBox
243 //
244 Status = gSmst->SmmAllocatePool (
245 EfiRuntimeServicesData,
246 sizeof(*LockBox),
247 (VOID **)&LockBox
248 );
249 ASSERT_EFI_ERROR (Status);
250 if (EFI_ERROR (Status)) {
251 gSmst->SmmFreePages (SmramBuffer, EFI_SIZE_TO_PAGES (Length));
252 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_OUT_OF_RESOURCES));
253 return EFI_OUT_OF_RESOURCES;
254 }
255
256 //
257 // Save data
258 //
259 CopyMem ((VOID *)(UINTN)SmramBuffer, (VOID *)(UINTN)Buffer, Length);
260
261 //
262 // Insert LockBox to queue
263 //
264 LockBox->Signature = SMM_LOCK_BOX_DATA_SIGNATURE;
265 CopyMem (&LockBox->Guid, Guid, sizeof(EFI_GUID));
266 LockBox->Buffer = (EFI_PHYSICAL_ADDRESS)(UINTN)Buffer;
267 LockBox->Length = (UINT64)Length;
268 LockBox->Attributes = 0;
269 LockBox->SmramBuffer = SmramBuffer;
270
271 LockBoxQueue = InternalGetLockBoxQueue ();
272 ASSERT (LockBoxQueue != NULL);
273 InsertTailList (LockBoxQueue, &LockBox->Link);
274
275 //
276 // Done
277 //
278 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SaveLockBox - Exit (%r)\n", EFI_SUCCESS));
279 return EFI_SUCCESS;
280}
281
282/**
283 This function will set lockbox attributes.
284
285 @param Guid the guid to identify the confidential information
286 @param Attributes the attributes of the lockbox
287
288 @retval RETURN_SUCCESS the information is saved successfully.
289 @retval RETURN_INVALID_PARAMETER attributes is invalid.
290 @retval RETURN_NOT_FOUND the requested GUID not found.
291 @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
292 @retval RETURN_NOT_STARTED it is too early to invoke this interface
293 @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
294**/
295RETURN_STATUS
296EFIAPI
297SetLockBoxAttributes (
298 IN GUID *Guid,
299 IN UINT64 Attributes
300 )
301{
302 SMM_LOCK_BOX_DATA *LockBox;
303
304 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Enter\n"));
305
306 //
307 // Basic check
308 //
309 if ((Guid == NULL) ||
310 ((Attributes & ~LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0)) {
311 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_INVALID_PARAMETER));
312 return EFI_INVALID_PARAMETER;
313 }
314
315 //
316 // Find LockBox
317 //
318 LockBox = InternalFindLockBoxByGuid (Guid);
319 if (LockBox == NULL) {
320 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_NOT_FOUND));
321 return EFI_NOT_FOUND;
322 }
323
324 //
325 // Update data
326 //
327 LockBox->Attributes = Attributes;
328
329 //
330 // Done
331 //
332 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib SetLockBoxAttributes - Exit (%r)\n", EFI_SUCCESS));
333 return EFI_SUCCESS;
334}
335
336/**
337 This function will update confidential information to lockbox.
338
339 @param Guid the guid to identify the original confidential information
340 @param Offset the offset of the original confidential information
341 @param Buffer the address of the updated confidential information
342 @param Length the length of the updated confidential information
343
344 @retval RETURN_SUCCESS the information is saved successfully.
345 @retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
346 @retval RETURN_NOT_FOUND the requested GUID not found.
347 @retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
348 @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
349 @retval RETURN_NOT_STARTED it is too early to invoke this interface
350 @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
351**/
352RETURN_STATUS
353EFIAPI
354UpdateLockBox (
355 IN GUID *Guid,
356 IN UINTN Offset,
357 IN VOID *Buffer,
358 IN UINTN Length
359 )
360{
361 SMM_LOCK_BOX_DATA *LockBox;
362
363 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Enter\n"));
364
365 //
366 // Basic check
367 //
368 if ((Guid == NULL) || (Buffer == NULL) || (Length == 0)) {
369 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
370 return EFI_INVALID_PARAMETER;
371 }
372
373 //
374 // Find LockBox
375 //
376 LockBox = InternalFindLockBoxByGuid (Guid);
377 if (LockBox == NULL) {
378 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_NOT_FOUND));
379 return EFI_NOT_FOUND;
380 }
381
382 //
383 // Update data
384 //
385 if (LockBox->Length < Offset + Length) {
386 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));
387 return EFI_BUFFER_TOO_SMALL;
388 }
389 CopyMem ((VOID *)((UINTN)LockBox->SmramBuffer + Offset), Buffer, Length);
390
391 //
392 // Done
393 //
394 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib UpdateLockBox - Exit (%r)\n", EFI_SUCCESS));
395 return EFI_SUCCESS;
396}
397
398/**
399 This function will restore confidential information from lockbox.
400
401 @param Guid the guid to identify the confidential information
402 @param Buffer the address of the restored confidential information
403 NULL means restored to original address, Length MUST be NULL at same time.
404 @param Length the length of the restored confidential information
405
406 @retval RETURN_SUCCESS the information is restored successfully.
407 @retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
408 @retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
409 LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
410 @retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
411 @retval RETURN_NOT_FOUND the requested GUID not found.
412 @retval RETURN_NOT_STARTED it is too early to invoke this interface
413 @retval RETURN_ACCESS_DENIED not allow to restore to the address
414 @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
415**/
416RETURN_STATUS
417EFIAPI
418RestoreLockBox (
419 IN GUID *Guid,
420 IN VOID *Buffer, OPTIONAL
421 IN OUT UINTN *Length OPTIONAL
422 )
423{
424 SMM_LOCK_BOX_DATA *LockBox;
425 VOID *RestoreBuffer;
426
427 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Enter\n"));
428
429 //
430 // Restore this, Buffer and Length MUST be both NULL or both non-NULL
431 //
432 if ((Guid == NULL) ||
433 ((Buffer == NULL) && (Length != NULL)) ||
434 ((Buffer != NULL) && (Length == NULL))) {
435 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_INVALID_PARAMETER));
436 return EFI_INVALID_PARAMETER;
437 }
438
439 //
440 // Find LockBox
441 //
442 LockBox = InternalFindLockBoxByGuid (Guid);
443 if (LockBox == NULL) {
444 //
445 // Not found
446 //
447 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_NOT_FOUND));
448 return EFI_NOT_FOUND;
449 }
450
451 //
452 // Set RestoreBuffer
453 //
454 if (Buffer != NULL) {
455 //
456 // restore to new buffer
457 //
458 RestoreBuffer = Buffer;
459 } else {
460 //
461 // restore to original buffer
462 //
463 if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) == 0) {
464 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_WRITE_PROTECTED));
465 return EFI_WRITE_PROTECTED;
466 }
467 RestoreBuffer = (VOID *)(UINTN)LockBox->Buffer;
468 }
469
470 //
471 // Set RestoreLength
472 //
473 if (Length != NULL) {
474 if (*Length < (UINTN)LockBox->Length) {
475 //
476 // Input buffer is too small to hold all data.
477 //
478 *Length = (UINTN)LockBox->Length;
479 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_BUFFER_TOO_SMALL));
480 return EFI_BUFFER_TOO_SMALL;
481 }
482 *Length = (UINTN)LockBox->Length;
483 }
484
485 //
486 // Restore data
487 //
488 CopyMem (RestoreBuffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);
489
490 //
491 // Done
492 //
493 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreLockBox - Exit (%r)\n", EFI_SUCCESS));
494 return EFI_SUCCESS;
495}
496
497/**
498 This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
499
500 @retval RETURN_SUCCESS the information is restored successfully.
501 @retval RETURN_NOT_STARTED it is too early to invoke this interface
502 @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
503**/
504RETURN_STATUS
505EFIAPI
506RestoreAllLockBoxInPlace (
507 VOID
508 )
509{
510 SMM_LOCK_BOX_DATA *LockBox;
511 LIST_ENTRY *Link;
512 LIST_ENTRY *LockBoxQueue;
513
514 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Enter\n"));
515
516 LockBoxQueue = InternalGetLockBoxQueue ();
517 ASSERT (LockBoxQueue != NULL);
518
519 //
520 // Restore all, Buffer and Length MUST be NULL
521 //
522 for (Link = LockBoxQueue->ForwardLink;
523 Link != LockBoxQueue;
524 Link = Link->ForwardLink) {
525 LockBox = BASE_CR (
526 Link,
527 SMM_LOCK_BOX_DATA,
528 Link
529 );
530 if ((LockBox->Attributes & LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE) != 0) {
531 //
532 // Restore data
533 //
534 CopyMem ((VOID *)(UINTN)LockBox->Buffer, (VOID *)(UINTN)LockBox->SmramBuffer, (UINTN)LockBox->Length);
535 }
536 }
537 //
538 // Done
539 //
540 DEBUG ((EFI_D_INFO, "SmmLockBoxSmmLib RestoreAllLockBoxInPlace - Exit (%r)\n", EFI_SUCCESS));
541 return EFI_SUCCESS;
542}
543
Note: See TracBrowser for help on using the repository browser.

© 2025 Oracle Support Privacy / Do Not Sell My Info Terms of Use Trademark Policy Automated Access Etiquette