REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2220
Since Runtime Services GetVariable() and GetNextVariableName() no longer
trigger a SW SMI, this change removes the code for handling those requests
from VariableSmm.c.
The following SMM communicate functions are removed from
SmmVariableHandler():
1. SMM_VARIABLE_FUNCTION_GET_VARIABLE
2. SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME
The function numbers are retained so any calls to those functions from
previously built drivers will return EFI_UNSUPPORTED.
Cc: Dandan Bi <dandan...@intel.com>
Cc: Ard Biesheuvel <ard.biesheu...@linaro.org>
Cc: Eric Dong <eric.d...@intel.com>
Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Liming Gao <liming....@intel.com>
Cc: Michael D Kinney <michael.d.kin...@intel.com>
Cc: Ray Ni <ray...@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Hao A Wu <hao.a...@intel.com>
Cc: Jiewen Yao <jiewen....@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kuba...@intel.com>
---
MdeModulePkg/Include/Guid/SmmVariableCommon.h | 4 +-
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c | 101
--------------------
2 files changed, 1 insertion(+), 104 deletions(-)
diff --git a/MdeModulePkg/Include/Guid/SmmVariableCommon.h
b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
index ceef44dfd2..6a73d1e21a 100644
--- a/MdeModulePkg/Include/Guid/SmmVariableCommon.h
+++ b/MdeModulePkg/Include/Guid/SmmVariableCommon.h
@@ -106,7 +106,7 @@ typedef struct {
EFI_GUID Guid;
UINTN NameSize; // Return name buffer size
CHAR16 Name[1];
-} SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME;
+} SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE;
///
/// This structure is used to communicate with SMI handler by
QueryVariableInfo.
@@ -118,8 +118,6 @@ typedef struct {
UINT32 Attributes;
} SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO;
-typedef SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
SMM_VARIABLE_COMMUNICATE_LOCK_VARIABLE;
-
typedef struct {
EFI_GUID Guid;
UINTN NameSize;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index 8d767f75ac..8ba167f889 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -463,7 +463,6 @@ SmmVariableHandler (
EFI_STATUS Status;
SMM_VARIABLE_COMMUNICATE_HEADER
*SmmVariableFunctionHeader;
SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *SmmVariableHeader;
- SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME *GetNextVariableName;
SMM_VARIABLE_COMMUNICATE_QUERY_VARIABLE_INFO *QueryVariableInfo;
SMM_VARIABLE_COMMUNICATE_GET_PAYLOAD_SIZE *GetPayloadSize;
SMM_VARIABLE_COMMUNICATE_RUNTIME_VARIABLE_CACHE_CONTEXT
*RuntimeVariableCacheContext;
@@ -474,7 +473,6 @@ SmmVariableHandler (
VARIABLE_RUNTIME_CACHE_CONTEXT
*VariableCacheContext;
VARIABLE_STORE_HEADER *VariableCache;
UINTN InfoSize;
- UINTN NameBufferSize;
UINTN
CommBufferPayloadSize;
UINTN TempCommBufferSize;
@@ -504,105 +502,6 @@ SmmVariableHandler (
SmmVariableFunctionHeader = (SMM_VARIABLE_COMMUNICATE_HEADER *)CommBuffer;
switch (SmmVariableFunctionHeader->Function) {
- case SMM_VARIABLE_FUNCTION_GET_VARIABLE:
- if (CommBufferPayloadSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
- DEBUG ((EFI_D_ERROR, "GetVariable: SMM communication buffer size
invalid!\n"));
- return EFI_SUCCESS;
- }
- //
- // Copy the input communicate buffer payload to pre-allocated SMM
variable buffer payload.
- //
- CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data,
CommBufferPayloadSize);
- SmmVariableHeader = (SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE *)
mVariableBufferPayload;
- if (((UINTN)(~0) - SmmVariableHeader->DataSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) ||
- ((UINTN)(~0) - SmmVariableHeader->NameSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name) +
SmmVariableHeader->DataSize)) {
- //
- // Prevent InfoSize overflow happen
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
- InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)
- + SmmVariableHeader->DataSize + SmmVariableHeader->NameSize;
-
- //
- // SMRAM range check already covered before
- //
- if (InfoSize > CommBufferPayloadSize) {
- DEBUG ((EFI_D_ERROR, "GetVariable: Data size exceed communication
buffer size limit!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- //
- // The VariableSpeculationBarrier() call here is to ensure the previous
- // range/content checks for the CommBuffer have been completed before the
- // subsequent consumption of the CommBuffer content.
- //
- VariableSpeculationBarrier ();
- if (SmmVariableHeader->NameSize < sizeof (CHAR16) ||
SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] !=
L'\0') {
- //
- // Make sure VariableName is A Null-terminated string.
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- Status = VariableServiceGetVariable (
- SmmVariableHeader->Name,
- &SmmVariableHeader->Guid,
- &SmmVariableHeader->Attributes,
- &SmmVariableHeader->DataSize,
- (UINT8 *)SmmVariableHeader->Name + SmmVariableHeader->NameSize
- );
- CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload,
CommBufferPayloadSize);
- break;
-
- case SMM_VARIABLE_FUNCTION_GET_NEXT_VARIABLE_NAME:
- if (CommBufferPayloadSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
- DEBUG ((EFI_D_ERROR, "GetNextVariableName: SMM communication buffer
size invalid!\n"));
- return EFI_SUCCESS;
- }
- //
- // Copy the input communicate buffer payload to pre-allocated SMM
variable buffer payload.
- //
- CopyMem (mVariableBufferPayload, SmmVariableFunctionHeader->Data,
CommBufferPayloadSize);
- GetNextVariableName = (SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME
*) mVariableBufferPayload;
- if ((UINTN)(~0) - GetNextVariableName->NameSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name)) {
- //
- // Prevent InfoSize overflow happen
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
- InfoSize = OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME,
Name) + GetNextVariableName->NameSize;
-
- //
- // SMRAM range check already covered before
- //
- if (InfoSize > CommBufferPayloadSize) {
- DEBUG ((EFI_D_ERROR, "GetNextVariableName: Data size exceed
communication buffer size limit!\n"));
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- NameBufferSize = CommBufferPayloadSize -
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_GET_NEXT_VARIABLE_NAME, Name);
- if (NameBufferSize < sizeof (CHAR16) ||
GetNextVariableName->Name[NameBufferSize/sizeof (CHAR16) - 1] != L'\0') {
- //
- // Make sure input VariableName is A Null-terminated string.
- //
- Status = EFI_ACCESS_DENIED;
- goto EXIT;
- }
-
- Status = VariableServiceGetNextVariableName (
- &GetNextVariableName->NameSize,
- GetNextVariableName->Name,
- &GetNextVariableName->Guid
- );
- CopyMem (SmmVariableFunctionHeader->Data, mVariableBufferPayload,
CommBufferPayloadSize);
- break;
-
case SMM_VARIABLE_FUNCTION_SET_VARIABLE:
if (CommBufferPayloadSize <
OFFSET_OF(SMM_VARIABLE_COMMUNICATE_ACCESS_VARIABLE, Name)) {
DEBUG ((EFI_D_ERROR, "SetVariable: SMM communication buffer size
invalid!\n"));
--
2.16.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#48244): https://edk2.groups.io/g/devel/message/48244
Mute This Topic: https://groups.io/mt/34318595/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
