d5aef955b917e1afc2a76b68f91154aa77e0e12c |
|
08-Dec-2016 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg VariableSmm: Check InfoSize correctly REF: https://bugzilla.tianocore.org/show_bug.cgi?id=290 Current SmmVariableGetStatistics() in VariableSmm.c is always checking input InfoSize against the first variable info, it is incorrect. For instance, there are three variables. BootOrder Boot0000 Boot0001 If the input InfoEntry is holding the second variable info (Boot0000) and InfoSize is sizeof (VARIABLE_INFO_ENTRY) + StrSize (L"Boot0000"), current code will return EFI_BUFFER_TOO_SMALL, but it should return the third variable info (Boot0001). This patch is to refine the code logic. Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
62016c1e898434a0326f658912b1e7e0a9c5575e |
|
09-Dec-2016 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg VariableSmm: Do not need check CommBufferSize buffer Current code in SmmVariableHandler() checks CommBufferSize buffer to make sure it points to outside SMRAM in "case SMM_VARIABLE_FUNCTION_GET_STATISTICS". But after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd, CommBufferSize buffer points to SMRAM that was used by SMM core to cache CommSize from SmmCommunication protocol, then the check will fail definitely and GET_STATISTICS feature breaks. In fact, do not need check CommBufferSize buffer at all even before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd. Before eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd, CommBufferSize buffer pointed to gSmmCorePrivate->BufferSize that is outside SMRAM, the check will success definitely; after eaae7b33b1cf6b9f21db1636f219c2b6a8d88afd, CommBufferSize buffer points to local variable BufferSize (in SMRAM) in SmmEntryPoint(), the check is not needed definitely. The patch is to remove the check. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jeff Fan <jeff.fan@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
0a18956d54cfe70b736b029c62ce53f29b903745 |
|
19-Oct-2016 |
Gary Lin <glin@suse.com> |
MdeModulePkg/Universal: Fix typos in comments - stardard -> standard - doule -> double - defalut -> default - Pacakge -> Package - globa -> global - responsiblity -> responsibility - outputed -> outputted - specifiecd -> specified - Resuts -> Results - the a -> a - suported -> supported - assocated -> associated - TURE -> TRUE - successfull -> successfully - excute -> execute - reseting -> resetting - Retrive -> Retrieve - funciton -> function - paramter -> parameter - dependecy -> dependency - boundry -> boundary - permenantly -> permanently Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Gary Lin <glin@suse.com> Reviewed-by: Feng Tian <feng.tian@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com>
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
39cde03cc5efd67c11dc75cd5ba5e8ccf55c5594 |
|
30-Aug-2016 |
Hao Wu <hao.a.wu@intel.com> |
MdeModulePkg: Use IsZeroGuid API for zero GUID checking Instead of comparing a GUID with gZeroGuid via the CompareGuid API, the commit uses the IsZeroGuid API to check if the given GUID is a zero GUID. Cc: Feng Tian <feng.tian@intel.com> Cc: Star Zeng <star.zeng@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Feng Tian <feng.tian@Intel.com>
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
8021f4c716cfd9fae0ac6d4a0a9bee2dbcf13d29 |
|
25-Aug-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg Variable: Consume the separated VarCheckLib Since the variable check service has be separated to VarCheckLib from Variable driver, so update Variable driver to consume the separated VarCheckLib. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18286 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
c64816c652a07f8cd78a35dc1941f43152d1784a |
|
07-Jul-2015 |
Hao Wu <hao.a.wu@intel.com> |
MdeModulePkg: Remove mZeroGuid definition in Universal/Variable/RuntimeDxe MdeModulePkg has defined gZeroGuid in 'Guid/ZeroGuid.h', therefore, the mZeroGuid defined in Universal/Variable/RuntimeDxe is redundant. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17840 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
fa0737a839d070be2a53016a16abba29502b2510 |
|
01-Jul-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg Variable: Merge from Auth Variable driver in SecurityPkg What to do: 1. Merge from Auth Variable driver in SecurityPkg to Variable drive in MdeModulePkg. Then the merged Variable driver in MdeModulePkg will link to AuthVariableLib and TpmMeasurementLib. AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg could be used for non auth variable support. AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg may be used for auth variable support. Why to do: 1. Remove code duplication and reduce maintenance effort. After auth variable service separated from Auth Variable driver in SecurityPkg to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg will be almost same with Variable driver in MdeModulePkg. Now it is to merge them. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17765 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
b4e09b0f628dcf85128787de5ed0275430ccaf33 |
|
05-Feb-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg: Cleanup gEfiSmmAccess2ProtocolGuid reference. As the drivers and library do not reference gEfiSmmAccess2ProtocolGuid explicitly now after SmmMemLib introduced. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16760 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
842b1242d19225bb6d6146861d3418a5c9549175 |
|
02-Feb-2015 |
Yao, Jiewen <jiewen.yao@intel.com> |
Use SmmMemLib to check communication buffer. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Gao, Liming" <liming.gao@intel.com> Reviewed-by: "Fan, Jeff" <jeff.fan@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16694 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
0fb5e515f2f338c25679e2129ef81c4d230649b9 |
|
02-Feb-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg Variable: Introduce PcdReclaimVariableSpaceAtEndOfDxe for trying to reclaim variable space at EndOfDxe. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16687 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
4edb18663fef14ef4c54f985a21d3faacec5d499 |
|
27-Jan-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg Variable: Implement variable quota management. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16669 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
efb01a104d58942a27aa83643a910b6e76fb7bf8 |
|
05-Jan-2015 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg Variable: Implement VarCheck PROTOCOL and follow UEFI spec to check UEFI defined variables. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16579 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
2c4b18e09590e50c95b95fd485144d00b3b7f39f |
|
11-Jul-2013 |
Star Zeng <star.zeng@intel.com> |
MdeModulePkg: Add the alignment check for FTW spare area address and length, and add the check for PcdFlashNvStorageVariableSize <= PcdFlashNvStorageFtwSpareSize. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14463 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
164a9b6752a63fca7d91ca0dcf84c0b4aa7a243d |
|
21-May-2013 |
lzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524> |
Fix the TOCTOU issue of CommBufferSize itself for SMM communicate handler input. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14379 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
51547bb879f66d3b4e46d69c112047d39dc234cc |
|
20-May-2013 |
niruiyu <niruiyu@6f19259b-4bc3-4df7-8a09-765794883524> |
Remove the complex buffer since the _LOCK_VARIABLE won't be allowed after leaving DXE phase. Add the variable name size check in the RequestToLock wrapper. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14377 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
ff8438477f2dcea28149514de25368ac0b2c02ee |
|
17-May-2013 |
niruiyu <niruiyu@6f19259b-4bc3-4df7-8a09-765794883524> |
Add EDKII_VARIABLE_LOCK_PROTOCOL and the implementation in MdeModulePkg variable drivers. Add code in BdsDxe driver to call the protocol to mark the read-only variables defined in the UEFI Spec. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Guo Dong <guo.dong@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14372 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
5e5bb2a9baefcd2f231696ea94576dab5565fbfb |
|
07-May-2013 |
lzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524> |
1. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm. 3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
9d00d20ed40fb56d8b5a8e1a3f7ae3e491ceaf94 |
|
25-Apr-2013 |
lzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524> |
1. Use the check IsAddressValid() to prevent SMM communication buffer overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 2. Refine the debug message. 3. Add check to make sure the input VariableName is A Null-terminated string. 4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
d17c4eac5625e40fa3715aee14286f45797b3999 |
|
19-Apr-2013 |
czhang46 <czhang46@6f19259b-4bc3-4df7-8a09-765794883524> |
Fix a potential SMM memory dump issue. If pass communication buffer with DataBuffer to SMM SetVariable which is big enough to cover SMM range. Then GetVariable can dump SMM memory contents. Add more range check for SetVariable Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14292 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
3f5c168fa8bdff5e4acfbf547eb9d0dcbb5dd534 |
|
12-Dec-2012 |
lzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524> |
Use SMM_VARIABLE_COMMUNICATE_HEADER_SIZE instead of OFFSET_OF (SMM_VARIABLE_COMMUNICATE_HEADER, Data). Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ting Ye <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13993 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
d294b9a4b7ec9cbf96bf8975d9d0ca04386f8e3a |
|
12-Sep-2012 |
erictian <erictian@6f19259b-4bc3-4df7-8a09-765794883524> |
MdeModulePkg/VariableSmm: Fix a VariableSmm bug when reading variable with size 0. Signed-off-by: Tian, Feng <feng.tian@intel.com> Reviewed-by: Zhang, Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13725 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
876ac39540251437b69809fbea4fc8ed3bee57ca |
|
17-Jul-2012 |
sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> |
Return EFI_UNSUPPORTED if READY_TO_BOOT function is invoked at SMM runtime. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13535 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
eb96e4f281dd7c5b07979e3b3ae9bd67c93e9362 |
|
17-Jul-2012 |
sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524> |
Fix a buffer overflow bug in VariableSmm driver. Signed-off-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Dong Guo <guo.dong@intel.com> Reviewed-by: Zhang, Chao <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13534 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
2445a70e62e5dd9678bfd29bed15e22343871803 |
|
13-Jul-2012 |
czhang46 <czhang46@6f19259b-4bc3-4df7-8a09-765794883524> |
Add SMRAM range check to variable SMM SMI handler. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Fu, Siyuan<siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13530 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
d00ed85e0ab212b988458b2fe98f20cb295637ad |
|
28-Feb-2011 |
gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> |
Puts SMM variable common definitions in SmmVariableCommon.h. Fixed a bug that SMM_VARIABLE_COMMUNICATE_VARIABLE_INFO_ENTRY was misused as SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11339 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
5c7fa429411d336f7c8cafa43b0f7cc879f107dd |
|
11-Dec-2010 |
gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> |
Add typecast to remove warning with ICC. VariableSmm.inf: Remove SmmLib git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11156 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|
8a2d49964e371b1715beb3225fde47edfcaa51ca |
|
10-Dec-2010 |
gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> |
Add SMM Variable implementation. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11151 6f19259b-4bc3-4df7-8a09-765794883524
/device/linaro/bootloader/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
|