MdeModulePkg: Add SMM LockBox

This includes:
* LockBox protocol definition
* LockBoxLib library interface definition
* SmmLockBox GUID
* LockBoxNullLib library implementation
* 2 SmmLockBoxLib library implementations
* SmmLockBox SMM driver

Signed-off-by: jljusten
Reviewed-by: mdkinney
Reviewed-by: geekboy15a
Reviewed-by: jyao1
Reviewed-by: lgao4

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12029 6f19259b-4bc3-4df7-8a09-765794883524

MdeModulePkg/Include/Library/LockBoxLib.h

@@ -0,0 +1,133 @@
+/** @file
+  This library is only intended to be used by DXE modules that need save
+  confidential information to LockBox and get it by PEI modules in S3 phase.
+
+Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the BSD License which accompanies this distribution.  The
+full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _LOCK_BOX_LIB_H_
+#define _LOCK_BOX_LIB_H_
+
+/**
+  This function will save confidential information to lockbox.
+
+  @param Guid       the guid to identify the confidential information
+  @param Buffer     the address of the confidential information
+  @param Length     the length of the confidential information
+
+  @retval RETURN_SUCCESS            the information is saved successfully.
+  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or Buffer is NULL, or Length is 0
+  @retval RETURN_ALREADY_STARTED    the requested GUID already exist.
+  @retval RETURN_OUT_OF_RESOURCES   no enough resource to save the information.
+  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface
+  @retval RETURN_NOT_STARTED        it is too early to invoke this interface
+  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+SaveLockBox (
+  IN  GUID                        *Guid,
+  IN  VOID                        *Buffer,
+  IN  UINTN                       Length
+  );
+
+/**
+  This function will set lockbox attributes.
+
+  @param Guid       the guid to identify the confidential information
+  @param Attributes the attributes of the lockbox
+
+  @retval RETURN_SUCCESS            the information is saved successfully.
+  @retval RETURN_INVALID_PARAMETER  attributes is invalid.
+  @retval RETURN_NOT_FOUND          the requested GUID not found.
+  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface
+  @retval RETURN_NOT_STARTED        it is too early to invoke this interface
+  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+SetLockBoxAttributes (
+  IN  GUID                        *Guid,
+  IN  UINT64                      Attributes
+  );
+
+//
+// With this flag, this LockBox can be restored to this Buffer with RestoreAllLockBoxInPlace()
+//
+#define LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE  BIT0
+
+/**
+  This function will update confidential information to lockbox.
+
+  @param Guid   the guid to identify the original confidential information
+  @param Offset the offset of the original confidential information
+  @param Buffer the address of the updated confidential information
+  @param Length the length of the updated confidential information
+
+  @retval RETURN_SUCCESS            the information is saved successfully.
+  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or Buffer is NULL, or Length is 0.
+  @retval RETURN_NOT_FOUND          the requested GUID not found.
+  @retval RETURN_BUFFER_TOO_SMALL   the original buffer to too small to hold new information.
+  @retval RETURN_ACCESS_DENIED      it is too late to invoke this interface
+  @retval RETURN_NOT_STARTED        it is too early to invoke this interface
+  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+UpdateLockBox (
+  IN  GUID                        *Guid,
+  IN  UINTN                       Offset,
+  IN  VOID                        *Buffer,
+  IN  UINTN                       Length
+  );
+
+/**
+  This function will restore confidential information from lockbox.
+
+  @param Guid   the guid to identify the confidential information
+  @param Buffer the address of the restored confidential information
+                NULL means restored to original address, Length MUST be NULL at same time.
+  @param Length the length of the restored confidential information
+
+  @retval RETURN_SUCCESS            the information is restored successfully.
+  @retval RETURN_INVALID_PARAMETER  the Guid is NULL, or one of Buffer and Length is NULL.
+  @retval RETURN_WRITE_PROTECTED    Buffer and Length are NULL, but the LockBox has no 
+                                    LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
+  @retval RETURN_BUFFER_TOO_SMALL   the Length is too small to hold the confidential information.
+  @retval RETURN_NOT_FOUND          the requested GUID not found.
+  @retval RETURN_NOT_STARTED        it is too early to invoke this interface
+  @retval RETURN_ACCESS_DENIED      not allow to restore to the address
+  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+RestoreLockBox (
+  IN  GUID                        *Guid,
+  IN  VOID                        *Buffer, OPTIONAL
+  IN  OUT UINTN                   *Length  OPTIONAL
+  );
+
+/**
+  This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
+
+  @retval RETURN_SUCCESS            the information is restored successfully.
+  @retval RETURN_NOT_STARTED        it is too early to invoke this interface
+  @retval RETURN_UNSUPPORTED        the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+RestoreAllLockBoxInPlace (
+  VOID
+  );
+
+#endif