From 84d2070aef8440819168f7f5736319d375a03447 Mon Sep 17 00:00:00 2001 From: Laszlo Ersek Date: Wed, 27 Apr 2016 18:01:02 +0200 Subject: OvmfPkg: PlatformBdsLib: lock down SMM regardless of S3 At the moment, the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is only installed if S3 is enabled -- at the end of SaveS3BootScript(). While a runtime OS is never booted with SMM unlocked (because the SMM IPL locks down SMM as a last resort: > SMM IPL! DXE SMM Ready To Lock Protocol not installed before Ready To > Boot signal > SmmInstallProtocolInterface: [EfiSmmReadyToLockProtocol] 0 > Patch page table start ... > Patch page table done! > SMM IPL locked SMRAM window ), we shouldn't allow UEFI drivers and applications either to mess with SMM just because S3 is disabled. So install EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL in PlatformBdsInit() unconditionally. Cc: Feng Tian Cc: Jiewen Yao Cc: Jordan Justen Cc: Ruiyu Ni Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek Acked-by: Star Zeng Reviewed-by: Jordan Justen --- OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c | 29 +++++++++++++++------------- 1 file changed, 16 insertions(+), 13 deletions(-) (limited to 'OvmfPkg/Library') diff --git a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c index b22f2a74a9..8354f31ac2 100644 --- a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c @@ -125,6 +125,9 @@ Returns: --*/ { + EFI_HANDLE Handle; + EFI_STATUS Status; + DEBUG ((EFI_D_INFO, "PlatformBdsInit\n")); InstallDevicePathCallback (); @@ -147,11 +150,20 @@ Returns: if (QemuFwCfgS3Enabled ()) { // - // Save the boot script too. Note that this requires/includes emitting the - // DxeSmmReadyToLock event, which in turn locks down SMM. + // Save the boot script too. Note that this will require us to emit the + // DxeSmmReadyToLock event just below, which in turn locks down SMM. // SaveS3BootScript (); } + + // + // Prevent further changes to LockBoxes or SMRAM. + // + Handle = NULL; + Status = gBS->InstallProtocolInterface (&Handle, + &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE, + NULL); + ASSERT_EFI_ERROR (Status); } @@ -1206,10 +1218,8 @@ Returns: /** Save the S3 boot script. - Note that we trigger DxeSmmReadyToLock here -- otherwise the script wouldn't - be saved actually. Triggering this protocol installation event in turn locks - down SMM, so no further changes to LockBoxes or SMRAM are possible - afterwards. + Note that DxeSmmReadyToLock must be signaled after this function returns; + otherwise the script wouldn't be saved actually. **/ STATIC VOID @@ -1219,7 +1229,6 @@ SaveS3BootScript ( { EFI_STATUS Status; EFI_S3_SAVE_STATE_PROTOCOL *BootScript; - EFI_HANDLE Handle; STATIC CONST UINT8 Info[] = { 0xDE, 0xAD, 0xBE, 0xEF }; Status = gBS->LocateProtocol (&gEfiS3SaveStateProtocolGuid, NULL, @@ -1235,12 +1244,6 @@ SaveS3BootScript ( (UINT32) sizeof Info, (EFI_PHYSICAL_ADDRESS)(UINTN) &Info); ASSERT_EFI_ERROR (Status); - - Handle = NULL; - Status = gBS->InstallProtocolInterface (&Handle, - &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE, - NULL); - ASSERT_EFI_ERROR (Status); } -- cgit v1.2.3