From 60c944c7d63978eee337f52af360ca5d807c11b6 Mon Sep 17 00:00:00 2001 From: "Dong, Guo" Date: Thu, 28 Aug 2014 05:31:09 +0000 Subject: SecurityPkg: INF/DEC file updates to EDK II packages 1. Usage information in INF file comment blocks are either incomplete or incorrect. This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes. The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo Reviewed-by: Gao, Liming git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524 --- .../RuntimeDxe/VariableRuntimeDxe.inf | 109 ++++++++++++++------- .../RuntimeDxe/VariableSmm.inf | 105 ++++++++++++++------ .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 50 +++++++--- 3 files changed, 180 insertions(+), 84 deletions(-) (limited to 'SecurityPkg/VariableAuthenticated/RuntimeDxe') diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf index 41e85c0156..593c906085 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf @@ -1,10 +1,13 @@ ## @file -# Component description file for Authenticated Variable module. +# Provides authenticated variable service +# +# This module installs variable arch protocol and variable write arch protocol to provide +# variable services: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -19,6 +22,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthRuntimeDxe + MODULE_UNI_FILE = VariableAuthRuntimeDxe.uni FILE_GUID = 2226F30F-3D5B-402d-9936-A97184EB4516 MODULE_TYPE = DXE_RUNTIME_DRIVER VERSION_STRING = 1.0 @@ -65,51 +69,82 @@ TpmMeasurementLib [Protocols] - gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES - gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES - gEfiFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES + gEfiFirmwareVolumeBlockProtocolGuid ## CONSUMES + ## CONSUMES + ## NOTIFY + gEfiFaultTolerantWriteProtocolGuid + gEfiVariableWriteArchProtocolGuid ## PRODUCES + gEfiVariableArchProtocolGuid ## PRODUCES + gEdkiiVariableLockProtocolGuid ## PRODUCES + [Guids] - gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event - gEfiCertTypeRsa2048Sha256Guid + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + ## SOMETIMES_PRODUCES ## SystemTable + gEfiAuthenticatedVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" + ## SOMETIMES_CONSUMES ## Variable:L"Lang" + ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## CONSUMES ## Variable:L"SecureBoot" + ## PRODUCES ## Variable:L"SecureBoot" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"VendorKeys" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid - gEfiCertX509Guid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid + + ## CONSUMES ## Variable:L"SecureBootEnable" + ## PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## CONSUMES ## Variable:L"CustomMode" + ## PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - gEfiVendorKeysNvGuid - gEfiSystemNvDataFvGuid ## CONSUMES + + ## CONSUMES ## Variable:L"certdb" + ## PRODUCES ## Variable:L"certdb" gEfiCertDbGuid - gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES - gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event - gEdkiiFaultTolerantWriteGuid ## CONSUMES + + ## CONSUMES ## Variable:L"VendorKeysNv" + ## PRODUCES ## Variable:L"VendorKeysNv" + gEfiVendorKeysNvGuid + + gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event + gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. + gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate. + gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + gEfiSystemNvDataFvGuid ## CONSUMES ## GUID + gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####" + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. - gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang [Depex] TRUE -# [Event] -# ## -# # Event will be signaled for VIRTUAL_ADDRESS_CHANGE event. -# # -# EVENT_TYPE_NOTIFY_SIGNAL ## PRODUCES -# -# - +[UserExtensions.TianoCore."ExtraFiles"] + VariableRuntimeDxeExtra.uni diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf index 0e3fc514b4..279a9248e2 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf @@ -1,18 +1,18 @@ ## @file -# Component description file for SMM Authenticated Variable module. +# Provides SMM authenticated variable service # # This module installs SMM variable protocol into SMM protocol database, # which can be used by SMM driver, and installs SMM variable protocol # into BS protocol database, which can be used to notify the SMM Runtime # Dxe driver that the SMM variable service is ready. # This module should be used with SMM Runtime DXE module together. The -# SMM Runtime DXE module would install variable arch protocol and variable +# SMM Runtime DXE module installs variable arch protocol and variable # write arch protocol based on SMM variable module. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data and communicate buffer in SMM mode. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -27,6 +27,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthSmm + MODULE_UNI_FILE = VariableAuthSmm.uni FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211 MODULE_TYPE = DXE_SMM_DRIVER VERSION_STRING = 1.0 @@ -69,43 +70,83 @@ HobLib [Protocols] - gEfiSmmFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmVariableProtocolGuid ## ALWAYS_PRODUCES - gEfiSmmFaultTolerantWriteProtocolGuid ## SOMETIMES_CONSUMES - gEfiSmmAccess2ProtocolGuid ## ALWAYS_CONSUMES - gEfiSmmEndOfDxeProtocolGuid ## ALWAYS_CONSUMES + gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES + gEfiSmmAccess2ProtocolGuid ## CONSUMES + + ## PRODUCES + ## UNDEFINED # SmiHandlerRegister + gEfiSmmVariableProtocolGuid + + ## CONSUMES + ## NOTIFY + gEfiSmmFaultTolerantWriteProtocolGuid + gEfiSmmEndOfDxeProtocolGuid ## NOTIFY [Guids] - gEfiAuthenticatedVariableGuid ## PRODUCES ## Configuration Table Guid - gEfiGlobalVariableGuid ## PRODUCES ## Variable Guid - gSmmVariableWriteGuid ## PRODUCES ## SMM Variable Write Guid - gEfiCertTypeRsa2048Sha256Guid + ## PRODUCES ## GUID # Variable store header + ## CONSUMES ## GUID # Variable store header + ## SOMETIMES_CONSUMES ## HOB + gEfiAuthenticatedVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"PlatformLang" + ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" + ## SOMETIMES_CONSUMES ## Variable:L"Lang" + ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport" + ## CONSUMES ## Variable:L"SetupMode" + ## PRODUCES ## Variable:L"SetupMode" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## CONSUMES ## Variable:L"SecureBoot" + ## PRODUCES ## Variable:L"SecureBoot" + ## CONSUMES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"SignatureSupport" + ## PRODUCES ## Variable:L"VendorKeys" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid - gEfiCertX509Guid - gEfiCertPkcs7Guid - gEfiCertRsa2048Guid + + ## CONSUMES ## Variable:L"SecureBootEnable" + ## PRODUCES ## Variable:L"SecureBootEnable" gEfiSecureBootEnableDisableGuid + + ## CONSUMES ## Variable:L"CustomMode" + ## PRODUCES ## Variable:L"CustomMode" gEfiCustomModeEnableGuid - gEfiVendorKeysNvGuid - gEfiSystemNvDataFvGuid ## CONSUMES + + ## CONSUMES ## Variable:L"certdb" + ## PRODUCES ## Variable:L"certdb" gEfiCertDbGuid - gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES - gEdkiiFaultTolerantWriteGuid ## CONSUMES + ## CONSUMES ## Variable:L"VendorKeysNv" + ## PRODUCES ## Variable:L"VendorKeysNv" + gEfiVendorKeysNvGuid + + gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol + gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData. + gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature. + gEfiSystemNvDataFvGuid ## CONSUMES ## GUID + gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####" + gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB + [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize - gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize - + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES + [FeaturePcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. - gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable. + gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang [Depex] TRUE - - + +[UserExtensions.TianoCore."ExtraFiles"] + VariableSmmExtra.uni \ No newline at end of file diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf index 5dd932d6d3..f0dfa89810 100644 --- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf @@ -1,14 +1,13 @@ ## @file -# Component description file for Authenticated Variable SmmRuntimeDxe module. +# Runtime DXE part corresponding to SMM authenticated variable module # -# This module is the Runtime DXE part correspond to SMM variable module. It -# installs variable arch protocol and variable write arch protocol and works -# with SMM variable module together. +# This module installs variable arch protocol and variable write arch protocol to provide +# variable service. This module need work together with SMM authenticated variable module. # # Caution: This module requires additional review when modified. # This driver will have external input - variable data. -# This external input must be validated carefully to avoid security issue like -# buffer overflow, integer overflow. +# This external input must be validated carefully to avoid security issues such as +# buffer overflow or integer overflow. # # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials @@ -23,6 +22,7 @@ [Defines] INF_VERSION = 0x00010005 BASE_NAME = VariableAuthSmmRuntimeDxe + MODULE_UNI_FILE = VariableAuthSmmRuntimeDxe.uni FILE_GUID = 067E2381-7234-4798-B49C-D5FECBFF6D07 MODULE_TYPE = DXE_RUNTIME_DRIVER VERSION_STRING = 1.0 @@ -57,21 +57,41 @@ TpmMeasurementLib [Protocols] - gEfiVariableWriteArchProtocolGuid ## ALWAYS_PRODUCES - gEfiVariableArchProtocolGuid ## ALWAYS_PRODUCES - gEfiSmmCommunicationProtocolGuid + gEfiVariableWriteArchProtocolGuid ## PRODUCES + gEfiVariableArchProtocolGuid ## PRODUCES + gEfiSmmCommunicationProtocolGuid ## CONSUMES + gEdkiiVariableLockProtocolGuid ## PRODUCES + + ## CONSUMES + ## NOTIFY + ## UNDEFINED # Used to do smm communication gEfiSmmVariableProtocolGuid - gEdkiiVariableLockProtocolGuid ## ALWAYS_PRODUCES [Guids] - gEfiEventVirtualAddressChangeGuid ## PRODUCES ## Event + gEfiEventVirtualAddressChangeGuid ## CONSUMES ## Event + gEfiEventExitBootServicesGuid ## CONSUMES ## Event + + ## CONSUMES ## UNDEFINED # Locate protocol + ## CONSUMES ## UNDEFINED # Protocol notify gSmmVariableWriteGuid + + + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" + gEfiGlobalVariableGuid + + ## SOMETIMES_CONSUMES ## Variable:L"DB" + ## SOMETIMES_CONSUMES ## Variable:L"DBX" gEfiImageSecurityDatabaseGuid [Pcd] - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize - gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase - + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES + gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## CONSUMES + [Depex] gEfiSmmCommunicationProtocolGuid + +[UserExtensions.TianoCore."ExtraFiles"] + VariableSmmRuntimeDxeExtra.uni -- cgit v1.2.3