summaryrefslogtreecommitdiff
path: root/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
AgeCommit message (Collapse)Author
2013-05-20Add the EDKII_VARIABLE_LOCK_PROTOCOL implementation in SecurityPkg variable ↵niruiyu
drivers. Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com> Reviewed-by: Star Zeng <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14378 6f19259b-4bc3-4df7-8a09-765794883524
2013-05-071. Fix TOCTOU issue in VariableSmm, FtwSmm, FpdtSmm, SmmCorePerformance SMM ↵lzeng14
handler. For VariableSmm, pre-allocate a mVariableBufferPayload buffer with mVariableBufferPayloadSize(match with mVariableBufferPayloadSize in VariableSmmRuntimeDxe) to hold communicate buffer payload to avoid TOCTOU issue. 2. Add check to ensure CommBufferPayloadSize not exceed mVariableBufferPayloadSize or is enough to hold function structure in VariableSmm and FtwSmm. 3. Align FtwGetLastWrite() in FaultTolerantWriteSmmDxe.c to FtwGetLastWrite() in FaultTolerantWrite.c. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14325 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-251. Use the check IsAddressValid() to prevent SMM communication buffer ↵lzeng14
overflow in SmmVariable, FtwSmm, FpdtSmm, SmmCorePerformance and SmmBaseHelper, and add check to prevent InfoSize overflows in SmmVariableHandler. 2. Refine the debug message. 3. Add check to make sure the input VariableName is A Null-terminated string. 4. Use local variable to hold StrSize (VariableName) to avoid duplicated StrSize calculation. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14317 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-22Fix potential overflow for SetVariable interfaceczhang46
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Guo Dong <dong.guo@intel.com> Reviewed-by : Siyuan Fu <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14305 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-15Fix SMM Variable driver stack GetVariable return INVALID_PARAMETER when ↵czhang46
DataSize is bigger than SMM communication buffer. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14276 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-12Update SMM variable DXE driver GetNextVariable interface to comply with UEFI ↵czhang46
spec VariableNameSize is the returned buffer size. GetNextVariable should behavior correct if it is bigger than SMM communication buffer or less than string size of VariableName. Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by : Dong Guo <guo.dong@intel.com> Reviewed-by : Fu Siyuan <siyuan.fu@intel.com> Reviewed-by : Zeng Star <star.zeng@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14258 6f19259b-4bc3-4df7-8a09-765794883524
2013-04-08If DataSize or VariableNameSize is near MAX_ADDRESS, this can cause the ↵lzeng14
computed PayLoadSize to overflow to a small value and pass the check in InitCommunicateBuffer(). To protect against this vulnerability, check DataSize and VariableNameSize to make sure PayloadSize doesn't overflow. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14252 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-15Fix the issue that RuntimeServiceQueryVariableInfo() in ↵lzeng14
VariableSmmRuntimeDxe always return EFI_SUCCESS. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14050 6f19259b-4bc3-4df7-8a09-765794883524
2013-01-08Add the TPL raise/restore code for VariableSmmRuntimeDxe to avoid variable ↵lzeng14
services reentry. Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14038 6f19259b-4bc3-4df7-8a09-765794883524
2012-07-09Include read data buffer in CommBufferSize when calculate the buffer size.ydong10
Signed-off-by: Eric Dong <eric.dong@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13512 6f19259b-4bc3-4df7-8a09-765794883524
2012-06-12Add comment for modules which have external input.jyao1
signed-off-by: jiewen.yao@intel.com reviewed-by: guo.dong@intel.com reviewed-by: ting.ye@intel.com reviewed-by: liming.gao@intel.com reviewed-by: elvin.li@intel.com git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13446 6f19259b-4bc3-4df7-8a09-765794883524
2011-09-02Add security package to repository.gdong1
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12261 6f19259b-4bc3-4df7-8a09-765794883524
generated by cgit v1.2.3 (git 2.25.1) at 2024-09-04 07:22:02 +0000