SecurityPkg Variable: Implement VarCheck PROTOCOL

and follow UEFI spec to check UEFI defined variables. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16580 6f19259b-4bc3-4df7-8a09-765794883524
author: Star Zeng <star.zeng@intel.com> 2015-01-05 03:42:17 +0000
committer: lzeng14 <lzeng14@Edk2> 2015-01-05 03:42:17 +0000
commit: 17409b7aad2b8c4afc55fae1c368f44cb463d35a (patch)
tree: 8f895daa8b1b38afa824b9dfc6d14a7aea440931 /SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
parent: efb01a104d58942a27aa83643a910b6e76fb7bf8 (diff)
download: edk2-platforms-17409b7aad2b8c4afc55fae1c368f44cb463d35a.tar.xz
1 files changed, 24 insertions, 17 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
index 9d9d6abc52..a1352510eb 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
@@ -3,7 +3,7 @@
   and volatile storage space and install variable architecture protocol.
 
 Copyright (C) 2013, Red Hat, Inc.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -23,8 +23,14 @@ EFI_HANDLE                     mHandle                    = NULL;
 EFI_EVENT                      mVirtualAddressChangeEvent = NULL;
 EFI_EVENT                      mFtwRegistration           = NULL;
 extern LIST_ENTRY              mLockedVariableList;
+extern LIST_ENTRY              mVarCheckVariableList;
+extern UINT32                  mNumberOfHandler;
+extern VAR_CHECK_SET_VARIABLE_CHECK_HANDLER *mHandlerTable;
 extern BOOLEAN                 mEndOfDxe;
 EDKII_VARIABLE_LOCK_PROTOCOL   mVariableLock              = { VariableLockRequestToLock };
+EDKII_VAR_CHECK_PROTOCOL       mVarCheck                  = { VarCheckRegisterSetVariableCheckHandler,
+                                                              VarCheckVariablePropertySet,
+                                                              VarCheckVariablePropertyGet };
 
 /**
   Return TRUE if ExitBootServices () has been called.
@@ -222,9 +228,8 @@ VariableClassAddressChangeEvent (
   IN VOID                                 *Context
   )
 {
-  LIST_ENTRY     *Link;
-  VARIABLE_ENTRY *Entry;
   EFI_STATUS     Status;
+  UINTN          Index;
 
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetBlockSize);
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->FvbInstance->GetPhysicalAddress);
@@ -239,29 +244,23 @@ VariableClassAddressChangeEvent (
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->PlatformLang);
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase);
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.VolatileVariableBase);
+  EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal->VariableGlobal.HobVariableBase);
   EfiConvertPointer (0x0, (VOID **) &mVariableModuleGlobal);
   EfiConvertPointer (0x0, (VOID **) &mHashCtx);
   EfiConvertPointer (0x0, (VOID **) &mSerializationRuntimeBuffer);
   EfiConvertPointer (0x0, (VOID **) &mNvVariableCache);
   EfiConvertPointer (0x0, (VOID **) &mPubKeyStore);
   EfiConvertPointer (0x0, (VOID **) &mCertDbStore);
-
-  //
-  // in the list of locked variables, convert the name pointers first
-  //
-  for ( Link = GetFirstNode (&mLockedVariableList)
-      ; !IsNull (&mLockedVariableList, Link)
-      ; Link = GetNextNode (&mLockedVariableList, Link)
-      ) {
-    Entry = BASE_CR (Link, VARIABLE_ENTRY, Link);
-    Status = EfiConvertPointer (0x0, (VOID **) &Entry->Name);
-    ASSERT_EFI_ERROR (Status);
+  EfiConvertPointer (0x0, (VOID **) &mHandlerTable);
+  for (Index = 0; Index < mNumberOfHandler; Index++) {
+    EfiConvertPointer (0x0, (VOID **) &mHandlerTable[Index]);
   }
-  //
-  // second, convert the list itself using UefiRuntimeLib
-  //
+
   Status = EfiConvertList (0x0, &mLockedVariableList);
   ASSERT_EFI_ERROR (Status);
+
+  Status = EfiConvertList (0x0, &mVarCheckVariableList);
+  ASSERT_EFI_ERROR (Status);
 }
 
 
@@ -447,6 +446,14 @@ VariableServiceInitialize (
                   );
   ASSERT_EFI_ERROR (Status);
 
+  Status = gBS->InstallMultipleProtocolInterfaces (
+                  &mHandle,
+                  &gEdkiiVarCheckProtocolGuid,
+                  &mVarCheck,
+                  NULL
+                  );
+  ASSERT_EFI_ERROR (Status);
+
   SystemTable->RuntimeServices->GetVariable         = VariableServiceGetVariable;
   SystemTable->RuntimeServices->GetNextVariableName = VariableServiceGetNextVariableName;
   SystemTable->RuntimeServices->SetVariable         = VariableServiceSetVariable;
author	Star Zeng <star.zeng@intel.com>	2015-01-05 03:42:17 +0000
committer	lzeng14 <lzeng14@Edk2>	2015-01-05 03:42:17 +0000
commit	17409b7aad2b8c4afc55fae1c368f44cb463d35a (patch)
tree	8f895daa8b1b38afa824b9dfc6d14a7aea440931 /SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
parent	efb01a104d58942a27aa83643a910b6e76fb7bf8 (diff)
download	edk2-platforms-17409b7aad2b8c4afc55fae1c368f44cb463d35a.tar.xz