diff options
Diffstat (limited to 'SecurityPkg/VariableAuthenticated')
6 files changed, 284 insertions, 128 deletions
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf index f6eece98d7..16caa30dad 100644 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf +++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/EsalVariableDxeSal.inf @@ -1,8 +1,10 @@ ## @file
-# Component description file for Extended SAL authentication variable
-# service module.
+# Provides authenticated variable service for IPF platform
#
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+# This module installs variable arch protocol and variable write arch protocol to provide
+# four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
+#
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +17,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = EsalVariableDxeSal
+ MODULE_UNI_FILE = EsalVariableDxeSal.uni
FILE_GUID = 14610837-4E97-4427-96E0-21D9B2956996
MODULE_TYPE = DXE_SAL_DRIVER
VERSION_STRING = 1.0
@@ -60,27 +63,43 @@ HobLib
[Protocols]
- gEfiFirmwareVolumeBlockProtocolGuid # PROTOCOL SOMETIMES_CONSUMED
- gEfiFaultTolerantWriteProtocolGuid # PROTOCOL SOMETIMES_CONSUMED
+ gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
+ gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES
[Guids]
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"
+ ## CONSUMES ## Variable:L"SetupMode"
+ ## PRODUCES ## Variable:L"SetupMode"
+ ## CONSUMES ## Variable:L"SignatureSupport"
+ ## PRODUCES ## Variable:L"SignatureSupport"
gEfiGlobalVariableGuid
+
+ ## PRODUCES ## GUID # Variable store header
+ ## CONSUMES ## GUID # Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
+ ## SOMETIMES_PRODUCES ## SystemTable
gEfiAuthenticatedVariableGuid
- gEfiEventVirtualAddressChangeGuid
- gEfiCertRsa2048Sha256Guid
+
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
+ gEfiCertRsa2048Sha256Guid ## CONSUMES ## GUID # Unique ID for the format of the CertType.
+
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"
gEfiImageSecurityDatabaseGuid
[Pcd.common]
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
-
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
+
[FeaturePcd.common]
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
[Depex]
- gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid
-
+ gEfiExtendedSalFvBlockServicesProtocolGuid AND gEfiFaultTolerantWriteProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ EsalVariableDxeSalExtra.uni
\ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf b/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf index 002bb04df4..fa0b5e9876 100644 --- a/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf +++ b/SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf @@ -1,5 +1,6 @@ ## @file
-# The component description for PEI variable driver.
+# Implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI
+# This module implements ReadOnly Variable Services required by PEIM and installs PEI ReadOnly Varaiable2 PPI.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
@@ -14,6 +15,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = PeiVariableAuth
+ MODULE_UNI_FILE = PeiVariableAuth.uni
FILE_GUID = B1F7AF2F-2807-478c-A893-2BF4DDD1F62B
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
@@ -44,24 +46,28 @@ PeiServicesLib
[Guids]
+ ## CONSUMES ## GUID # Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
gEfiAuthenticatedVariableGuid
+ ## SOMETIMES_PRODUCES ## HOB
+ ## SOMETIMES_CONSUMES ## HOB
gEfiVariableIndexTableGuid
- gEfiSystemNvDataFvGuid
- gEdkiiFaultTolerantWriteGuid
+ gEfiSystemNvDataFvGuid ## SOMETIMES_CONSUMES ## GUID
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
[Ppis]
- gEfiPeiReadOnlyVariable2PpiGuid ## PRODUCES
+ gEfiPeiReadOnlyVariable2PpiGuid ## PRODUCES
[Pcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
[Depex]
gEdkiiFaultTolerantWriteGuid
-#
-# [BootMode]
-# RECOVERY ## CONSUMES
-#
+# [BootMode]
+# RECOVERY_FULL ## SOMETIMES_CONSUMES
+[UserExtensions.TianoCore."ExtraFiles"]
+ PeiVariableExtra.uni
\ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf index 41e85c0156..593c906085 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf @@ -1,10 +1,13 @@ ## @file
-# Component description file for Authenticated Variable module.
+# Provides authenticated variable service
+#
+# This module installs variable arch protocol and variable write arch protocol to provide
+# variable services: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable data.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
@@ -19,6 +22,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = VariableAuthRuntimeDxe
+ MODULE_UNI_FILE = VariableAuthRuntimeDxe.uni
FILE_GUID = 2226F30F-3D5B-402d-9936-A97184EB4516
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
@@ -65,51 +69,82 @@ TpmMeasurementLib
[Protocols]
- gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
- gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES
- gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES
- gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES
- gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES
+ gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES
+ ## CONSUMES
+ ## NOTIFY
+ gEfiFaultTolerantWriteProtocolGuid
+ gEfiVariableWriteArchProtocolGuid ## PRODUCES
+ gEfiVariableArchProtocolGuid ## PRODUCES
+ gEdkiiVariableLockProtocolGuid ## PRODUCES
+
[Guids]
- gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
- gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
- gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
- gEfiCertTypeRsa2048Sha256Guid
+ ## PRODUCES ## GUID # Variable store header
+ ## CONSUMES ## GUID # Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
+ ## SOMETIMES_PRODUCES ## SystemTable
+ gEfiAuthenticatedVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"
+ ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
+ ## SOMETIMES_CONSUMES ## Variable:L"Lang"
+ ## SOMETIMES_PRODUCES ## Variable:L"Lang"
+ ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"
+ ## CONSUMES ## Variable:L"SetupMode"
+ ## PRODUCES ## Variable:L"SetupMode"
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"
+ ## CONSUMES ## Variable:L"SecureBoot"
+ ## PRODUCES ## Variable:L"SecureBoot"
+ ## CONSUMES ## Variable:L"SignatureSupport"
+ ## PRODUCES ## Variable:L"SignatureSupport"
+ ## PRODUCES ## Variable:L"VendorKeys"
+ gEfiGlobalVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"
gEfiImageSecurityDatabaseGuid
- gEfiCertX509Guid
- gEfiCertPkcs7Guid
- gEfiCertRsa2048Guid
+
+ ## CONSUMES ## Variable:L"SecureBootEnable"
+ ## PRODUCES ## Variable:L"SecureBootEnable"
gEfiSecureBootEnableDisableGuid
+
+ ## CONSUMES ## Variable:L"CustomMode"
+ ## PRODUCES ## Variable:L"CustomMode"
gEfiCustomModeEnableGuid
- gEfiVendorKeysNvGuid
- gEfiSystemNvDataFvGuid ## CONSUMES
+
+ ## CONSUMES ## Variable:L"certdb"
+ ## PRODUCES ## Variable:L"certdb"
gEfiCertDbGuid
- gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES
- gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
- gEdkiiFaultTolerantWriteGuid ## CONSUMES
+
+ ## CONSUMES ## Variable:L"VendorKeysNv"
+ ## PRODUCES ## Variable:L"VendorKeysNv"
+ gEfiVendorKeysNvGuid
+
+ gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
+ gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.
+ gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.
+ gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
+ gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
[Pcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
[FeaturePcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
- gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
+ gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
[Depex]
TRUE
-# [Event]
-# ##
-# # Event will be signaled for VIRTUAL_ADDRESS_CHANGE event.
-# #
-# EVENT_TYPE_NOTIFY_SIGNAL ## PRODUCES
-#
-#
-
+[UserExtensions.TianoCore."ExtraFiles"]
+ VariableRuntimeDxeExtra.uni
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index 0e3fc514b4..279a9248e2 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -1,18 +1,18 @@ ## @file
-# Component description file for SMM Authenticated Variable module.
+# Provides SMM authenticated variable service
#
# This module installs SMM variable protocol into SMM protocol database,
# which can be used by SMM driver, and installs SMM variable protocol
# into BS protocol database, which can be used to notify the SMM Runtime
# Dxe driver that the SMM variable service is ready.
# This module should be used with SMM Runtime DXE module together. The
-# SMM Runtime DXE module would install variable arch protocol and variable
+# SMM Runtime DXE module installs variable arch protocol and variable
# write arch protocol based on SMM variable module.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable data and communicate buffer in SMM mode.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
@@ -27,6 +27,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = VariableAuthSmm
+ MODULE_UNI_FILE = VariableAuthSmm.uni
FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211
MODULE_TYPE = DXE_SMM_DRIVER
VERSION_STRING = 1.0
@@ -69,43 +70,83 @@ HobLib
[Protocols]
- gEfiSmmFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSmmVariableProtocolGuid ## ALWAYS_PRODUCES
- gEfiSmmFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES
- gEfiSmmAccess2ProtocolGuid ## ALWAYS_CONSUMES
- gEfiSmmEndOfDxeProtocolGuid ## ALWAYS_CONSUMES
+ gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES
+ gEfiSmmAccess2ProtocolGuid ## CONSUMES
+
+ ## PRODUCES
+ ## UNDEFINED # SmiHandlerRegister
+ gEfiSmmVariableProtocolGuid
+
+ ## CONSUMES
+ ## NOTIFY
+ gEfiSmmFaultTolerantWriteProtocolGuid
+ gEfiSmmEndOfDxeProtocolGuid ## NOTIFY
[Guids]
- gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid
- gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
- gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid
- gEfiCertTypeRsa2048Sha256Guid
+ ## PRODUCES ## GUID # Variable store header
+ ## CONSUMES ## GUID # Variable store header
+ ## SOMETIMES_CONSUMES ## HOB
+ gEfiAuthenticatedVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"
+ ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
+ ## SOMETIMES_CONSUMES ## Variable:L"Lang"
+ ## SOMETIMES_PRODUCES ## Variable:L"Lang"
+ ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"
+ ## CONSUMES ## Variable:L"SetupMode"
+ ## PRODUCES ## Variable:L"SetupMode"
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"
+ ## CONSUMES ## Variable:L"SecureBoot"
+ ## PRODUCES ## Variable:L"SecureBoot"
+ ## CONSUMES ## Variable:L"SignatureSupport"
+ ## PRODUCES ## Variable:L"SignatureSupport"
+ ## PRODUCES ## Variable:L"VendorKeys"
+ gEfiGlobalVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"
gEfiImageSecurityDatabaseGuid
- gEfiCertX509Guid
- gEfiCertPkcs7Guid
- gEfiCertRsa2048Guid
+
+ ## CONSUMES ## Variable:L"SecureBootEnable"
+ ## PRODUCES ## Variable:L"SecureBootEnable"
gEfiSecureBootEnableDisableGuid
+
+ ## CONSUMES ## Variable:L"CustomMode"
+ ## PRODUCES ## Variable:L"CustomMode"
gEfiCustomModeEnableGuid
- gEfiVendorKeysNvGuid
- gEfiSystemNvDataFvGuid ## CONSUMES
+
+ ## CONSUMES ## Variable:L"certdb"
+ ## PRODUCES ## Variable:L"certdb"
gEfiCertDbGuid
- gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES
- gEdkiiFaultTolerantWriteGuid ## CONSUMES
+ ## CONSUMES ## Variable:L"VendorKeysNv"
+ ## PRODUCES ## Variable:L"VendorKeysNv"
+ gEfiVendorKeysNvGuid
+
+ gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol
+ gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.
+ gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.
+ gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
+ gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"
+ gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB
+
[Pcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize
-
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
+
[FeaturePcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
- gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
+ gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang
[Depex]
TRUE
-
-
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ VariableSmmExtra.uni
\ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf index 5dd932d6d3..f0dfa89810 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -1,14 +1,13 @@ ## @file
-# Component description file for Authenticated Variable SmmRuntimeDxe module.
+# Runtime DXE part corresponding to SMM authenticated variable module
#
-# This module is the Runtime DXE part correspond to SMM variable module. It
-# installs variable arch protocol and variable write arch protocol and works
-# with SMM variable module together.
+# This module installs variable arch protocol and variable write arch protocol to provide
+# variable service. This module need work together with SMM authenticated variable module.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable data.
-# This external input must be validated carefully to avoid security issue like
-# buffer overflow, integer overflow.
+# This external input must be validated carefully to avoid security issues such as
+# buffer overflow or integer overflow.
#
# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
@@ -23,6 +22,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = VariableAuthSmmRuntimeDxe
+ MODULE_UNI_FILE = VariableAuthSmmRuntimeDxe.uni
FILE_GUID = 067E2381-7234-4798-B49C-D5FECBFF6D07
MODULE_TYPE = DXE_RUNTIME_DRIVER
VERSION_STRING = 1.0
@@ -57,21 +57,41 @@ TpmMeasurementLib
[Protocols]
- gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES
- gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES
- gEfiSmmCommunicationProtocolGuid
+ gEfiVariableWriteArchProtocolGuid ## PRODUCES
+ gEfiVariableArchProtocolGuid ## PRODUCES
+ gEfiSmmCommunicationProtocolGuid ## CONSUMES
+ gEdkiiVariableLockProtocolGuid ## PRODUCES
+
+ ## CONSUMES
+ ## NOTIFY
+ ## UNDEFINED # Used to do smm communication
gEfiSmmVariableProtocolGuid
- gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES
[Guids]
- gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event
+ gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event
+ gEfiEventExitBootServicesGuid ## CONSUMES ## Event
+
+ ## CONSUMES ## UNDEFINED # Locate protocol
+ ## CONSUMES ## UNDEFINED # Protocol notify
gSmmVariableWriteGuid
+
+
+ ## SOMETIMES_CONSUMES ## Variable:L"PK"
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"
+ ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
+ gEfiGlobalVariableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"DB"
+ ## SOMETIMES_CONSUMES ## Variable:L"DBX"
gEfiImageSecurityDatabaseGuid
[Pcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize
- gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase
-
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
+ gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## CONSUMES
+
[Depex]
gEfiSmmCommunicationProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ VariableSmmRuntimeDxeExtra.uni
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf index 071ca30338..e6d21f5e69 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf @@ -1,7 +1,8 @@ ## @file
-# Component name for SecureBoot configuration module.
+# Provides the capbility to configure secure boot in a setup browser
+# By this module, user may change the content of DB, DBX, PK and KEK.
#
-# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -14,6 +15,7 @@ [Defines]
INF_VERSION = 0x00010005
BASE_NAME = SecureBootConfigDxe
+ MODULE_UNI_FILE = SecureBootConfigDxe.uni
FILE_GUID = F0E6A44F-7195-41c3-AC64-54F202CD0A21
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
@@ -57,31 +59,64 @@ DevicePathLib
[Guids]
- gEfiIfrTianoGuid
+ ## SOMETIMES_CONSUMES ## Variable:L"CustomMode"
+ ## SOMETIMES_PRODUCES ## Variable:L"CustomMode"
gEfiCustomModeEnableGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"SecureBootEnable"
+ ## SOMETIMES_PRODUCES ## Variable:L"SecureBootEnable"
gEfiSecureBootEnableDisableGuid
+
+ ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ gEfiCertRsa2048Guid
+
+ ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ gEfiCertX509Guid
+
+ ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ gEfiCertSha1Guid
+
+ ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
+ ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.
+ gEfiCertSha256Guid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"db"
+ ## SOMETIMES_PRODUCES ## Variable:L"db"
+ ## SOMETIMES_CONSUMES ## Variable:L"dbx"
+ ## SOMETIMES_PRODUCES ## Variable:L"dbx"
+ gEfiImageSecurityDatabaseGuid
+
+ ## SOMETIMES_CONSUMES ## Variable:L"SetupMode"
+ ## SOMETIMES_PRODUCES ## Variable:L"PK"
+ ## SOMETIMES_CONSUMES ## Variable:L"KEK"
+ ## SOMETIMES_PRODUCES ## Variable:L"KEK"
+ ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
+ gEfiGlobalVariableGuid
+
+ gEfiIfrTianoGuid ## PRODUCES ## GUID # HII opcode
+ ## PRODUCES ## HII
+ ## CONSUMES ## HII
gSecureBootConfigFormSetGuid
- gEfiCertPkcs7Guid
- gEfiCertRsa2048Guid ## CONSUMES
- gEfiCertX509Guid ## CONSUMES
- gEfiCertSha1Guid ## CONSUMES
- gEfiCertSha256Guid ## CONSUMES
- gEfiCertTypeRsa2048Sha256Guid ## CONSUMES
- gEfiImageSecurityDatabaseGuid ## CONSUMES
- gEfiFileSystemVolumeLabelInfoIdGuid ## CONSUMES
- gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid
- gEfiFileInfoGuid ## CONSUMES ## GUID
+ gEfiCertPkcs7Guid ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the certificate.
+ gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.
+ gEfiFileSystemVolumeLabelInfoIdGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
+ gEfiFileInfoGuid ## SOMETIMES_CONSUMES ## GUID # Indicate the information type
[Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
- gEfiHiiConfigRoutingProtocolGuid ## CONSUMES
- gEfiSimpleFileSystemProtocolGuid ## PROTOCOL CONSUMES
- gEfiLoadFileProtocolGuid ## PROTOCOL CONSUMES
- gEfiBlockIoProtocolGuid ## PROTOCOL CONSUMES
- gEfiDevicePathProtocolGuid ## PROTOCOL CONSUMES
+ gEfiDevicePathProtocolGuid ## PRODUCES
+ gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES
+ gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
[Depex]
gEfiHiiConfigRoutingProtocolGuid AND
gEfiHiiDatabaseProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ SecureBootConfigDxeExtra.uni
+
\ No newline at end of file |