diff options
| author | Star Zeng <star.zeng@intel.com> | 2013-07-03 09:09:42 +0000 |
|---|---|---|
| committer | lzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524> | 2013-07-03 09:09:42 +0000 |
| commit | 039a40aa3b4eefbb4a149da4977ab3ef6c483a0f (patch) | |
| tree | fbb49cb35f0c0d737daf0a84371ba243ed49d1e9 /SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf | |
| parent | 3e02ebb2bbe0fd4da880511b1f35951e1c4b8404 (diff) | |
| download | edk2-platforms-039a40aa3b4eefbb4a149da4977ab3ef6c483a0f.tar.xz | |
SecurityPkg: Variable drivers robustly handle crashes during Reclaim().
PEI variable implementation checks only the variable header signature for validity. This does not seem robust if system crash occurred during previous Reclaim() operation. If the crash occurred while FTW was rewriting the variable FV, the signature could be valid even though the rest of the FV isn't valid.
Solution: PEI variable and early phase(before FTW protocol ready) of DXE variable can check the FTW last write status provided by FaultTolerantWritePei and determine if all or partial variable data has been backed up in spare block, and then use the backed up data.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14455 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf')
| -rw-r--r-- | SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index a9a10976eb..4180309c7f 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -14,7 +14,7 @@ # This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2010 - 2012, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2010 - 2013, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -89,6 +89,7 @@ gEfiSystemNvDataFvGuid ## CONSUMES
gEfiCertDbGuid
gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES
+ gEdkiiFaultTolerantWriteGuid ## CONSUMES
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
|