Mallicious code may use SmmFaultTolerantWriteHandler() to update some flash area directly, like Variable region, so return EFI_ACCESS_DENIED after End Of Dxe in SmmFaultTolerantWriteHandler().
And add code to prevent InfoSize overflow. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14312 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -4,7 +4,7 @@
|
||||
# depends on the full functionality SMM FVB protocol that support read, write/erase
|
||||
# flash access.
|
||||
#
|
||||
# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
|
||||
# Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
|
||||
#
|
||||
# This program and the accompanying materials
|
||||
# are licensed and made available under the terms and conditions of the BSD License
|
||||
@@ -59,6 +59,7 @@
|
||||
gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
|
||||
gEfiSmmFaultTolerantWriteProtocolGuid ## PRODUCES
|
||||
gEfiSmmAccess2ProtocolGuid ## CONSUMES
|
||||
gEfiSmmEndOfDxeProtocolGuid ## CONSUMES
|
||||
|
||||
[FeaturePcd]
|
||||
gEfiMdeModulePkgTokenSpaceGuid.PcdFullFtwServiceEnable
|
||||
|
Reference in New Issue
Block a user