Mallicious code may use SmmFaultTolerantWriteHandler() to update some flash area directly, like Variable region, so return EFI_ACCESS_DENIED after End Of Dxe in SmmFaultTolerantWriteHandler().

And add code to prevent InfoSize overflow.

Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14312 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
lzeng14
2013-04-24 09:33:48 +00:00
parent 7aa54c140c
commit f07268bd0f
3 changed files with 63 additions and 5 deletions

View File

@@ -1,8 +1,11 @@
## @file
# This module is the Runtime DXE part corresponding to SMM Fault Tolerant Write (FTW) module.
# This module is the DXE part corresponding to SMM Fault Tolerant Write (FTW) module.
# It installs FTW protocol and works with SMM FTW module together.
# The FTW protocol will not work after End Of Dxe because it will be not safe to expose
# the related operations in SMM handler in SMM FTW module. You can use the FTW protocol
# before End Of Dxe or use FaultTolerantWriteDxe module instead if you really want to.
#
# Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License