MdeModulePkg/SecurityStubDxe: Report failure if image is load earlier
The 3rd party image should be loaded after EndOfDxe event signal and DxeSmmReadyToLock protocol installation. But non-SMM platform doesn't published DxeSmmReadyToLock protocol. So the SecurityStubDxe can only depend on EndOfDxe event. This patch enhances the SecurityStubDxe to listen on DxeSmmReadyToLock protocol installation and if any 3rd party image is loaded before DxeSmmReadyToLock, it reports failure. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Sunny Wang <sunnywang@hpe.com>
This commit is contained in:
@@ -15,16 +15,19 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
|
||||
#ifndef _DEFER_3RD_PARTY_IMAGE_LOAD_H_
|
||||
#define _DEFER_3RD_PARTY_IMAGE_LOAD_H_
|
||||
|
||||
#include <Uefi.h>
|
||||
#include <PiDxe.h>
|
||||
#include <Guid/EventGroup.h>
|
||||
#include <Protocol/DeferredImageLoad.h>
|
||||
#include <Protocol/FirmwareVolume2.h>
|
||||
#include <Protocol/DxeSmmReadyToLock.h>
|
||||
|
||||
#include <Library/UefiBootServicesTableLib.h>
|
||||
#include <Library/BaseMemoryLib.h>
|
||||
#include <Library/MemoryAllocationLib.h>
|
||||
#include <Library/DevicePathLib.h>
|
||||
#include <Library/DebugLib.h>
|
||||
#include <Library/UefiLib.h>
|
||||
#include <Library/ReportStatusCodeLib.h>
|
||||
|
||||
/**
|
||||
Returns information about a deferred image.
|
||||
|
Reference in New Issue
Block a user