sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg Variable: Reuse scratch data area(at the end of volatile variable store)

Browse Source 
as serialization runtime buffer to reduce SMRAM consumption for SMM variable driver.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Guo Dong <guo.dong@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17059 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Star Zeng
2015-03-17 06:41:40 +00:00
committed by lzeng14
parent 856236cad7
commit ba9d087b8f
4 changed files with 29 additions and 21 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
View File

@@ -55,14 +55,6 @@ CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
//
VOID *mHashCtx = NULL;
//
// The serialization of the values of the VariableName, VendorGuid and Attributes
// parameters of the SetVariable() call and the TimeStamp component of the
// EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
// i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
//
UINT8 *mSerializationRuntimeBuffer = NULL;
//
// Requirement for different signature type which have been defined in UEFI spec.
// These data are used to peform SignatureList format check while setting PK/KEK variable.
@@ -182,15 +174,6 @@ AutenticatedVariableServiceInitialize (
return EFI_OUT_OF_RESOURCES;
}
//
// Prepare runtime buffer for serialized data of time-based authenticated
// Variable, i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data).
//
mSerializationRuntimeBuffer = AllocateRuntimePool (PcdGet32 (PcdMaxVariableSize) + sizeof (EFI_GUID) + sizeof (UINT32) + sizeof (EFI_TIME));
if (mSerializationRuntimeBuffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
//
// Check "AuthVarKeyDatabase" variable's existence.
// If it doesn't exist, create a new one with initial value of 0 and EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS set.
@@ -2267,11 +2250,21 @@ VerifyTimeBasedPayload (
PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize;
//
// Construct a buffer to fill with (VariableName, VendorGuid, Attributes, TimeStamp, Data).
// Construct a serialization buffer of the values of the VariableName, VendorGuid and Attributes
// parameters of the SetVariable() call and the TimeStamp component of the
// EFI_VARIABLE_AUTHENTICATION_2 descriptor followed by the variable's new value
// i.e. (VariableName, VendorGuid, Attributes, TimeStamp, Data)
//
NewDataSize = PayloadSize + sizeof (EFI_TIME) + sizeof (UINT32) +
sizeof (EFI_GUID) + StrSize (VariableName) - sizeof (CHAR16);
NewData = mSerializationRuntimeBuffer;
//
// Here is to reuse scratch data area(at the end of volatile variable store)
// to reduce SMRAM consumption for SMM variable driver.
// The scratch buffer is enough to hold the serialized data and safe to use,
// because it will be used at here to do verification only first
// and then used in UpdateVariable() for a time based auth variable set.
//
NewData = (UINT8 *) GetEndPointer ((VARIABLE_STORE_HEADER *) ((UINTN) mVariableModuleGlobal->VariableGlobal.VolatileVariableBase));
Buffer = NewData;
Length = StrLen (VariableName) * sizeof (CHAR16);