diff options
| author | raywu <raywu0301@gmail.com> | 2018-06-15 00:00:50 +0800 |
|---|---|---|
| committer | raywu <raywu0301@gmail.com> | 2018-06-15 00:00:50 +0800 |
| commit | b7c51c9cf4864df6aabb99a1ae843becd577237c (patch) | |
| tree | eebe9b0d0ca03062955223097e57da84dd618b9a /Core/EM/BootScriptHide | |
| download | zprj-b7c51c9cf4864df6aabb99a1ae843becd577237c.tar.xz | |
Diffstat (limited to 'Core/EM/BootScriptHide')
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHide.chm | bin | 0 -> 99316 bytes | |||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHide.cif | 16 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHide.mak | 124 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHide.sdl | 50 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHideDxe.c | 126 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHideDxe.dxs | 33 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHidePei.c | 266 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHidePei.dxs | 35 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHideSmm.c | 388 | ||||
| -rw-r--r-- | Core/EM/BootScriptHide/BootScriptHideSmm.dxs | 35 |
10 files changed, 1073 insertions, 0 deletions
diff --git a/Core/EM/BootScriptHide/BootScriptHide.chm b/Core/EM/BootScriptHide/BootScriptHide.chm Binary files differnew file mode 100644 index 0000000..ea8c2de --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHide.chm diff --git a/Core/EM/BootScriptHide/BootScriptHide.cif b/Core/EM/BootScriptHide/BootScriptHide.cif new file mode 100644 index 0000000..9ee7799 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHide.cif @@ -0,0 +1,16 @@ +<component> + name = "Boot Script Hide" + category = eModule + LocalRoot = "Core\EM\BootScriptHide" + RefName = "BootScriptHide" +[files] +"BootScriptHide.sdl" +"BootScriptHide.mak" +"BootScriptHide.chm" +"BootScriptHideDxe.c" +"BootScriptHideDxe.dxs" +"BootScriptHidePei.c" +"BootScriptHidePei.dxs" +"BootScriptHideSmm.c" +"BootScriptHideSmm.dxs" +<endComponent> diff --git a/Core/EM/BootScriptHide/BootScriptHide.mak b/Core/EM/BootScriptHide/BootScriptHide.mak new file mode 100644 index 0000000..f303c94 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHide.mak @@ -0,0 +1,124 @@ +#//********************************************************************** +#//********************************************************************** +#//** ** +#//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +#//** ** +#//** All Rights Reserved. ** +#//** ** +#//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +#//** ** +#//** Phone: (770)-246-8600 ** +#//** ** +#//********************************************************************** +#//********************************************************************** + +#************************************************************************ +# $Header: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHide.mak 1 9/10/14 6:31p Aaronp $ +# +# $Date: 9/10/14 6:31p $ +# +#************************************************************************ +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHide.mak $ +# +# 1 9/10/14 6:31p Aaronp +# First addition of BootScriptHide emodule. +#************************************************************************ + +#<AMI_FHDR_START> +#----------------------------------------------------------------------- +# Name: BootScriptHide.mak +# +# Description: Make file for the Boot Script Hide emodule +# +#----------------------------------------------------------------------- +#<AMI_FHDR_END> +all : BootScriptHideDxe BootScriptHidePei BootScriptHideSmm + +$(BUILD_DIR)\BootScriptHide.mak : $(BOOT_SCRIPT_HIDE_DIR)\BootScriptHide.cif $(BUILD_RULES) + $(CIF2MAK) $(BOOT_SCRIPT_HIDE_DIR)\BootScriptHide.cif $(CIF2MAK_DEFAULTS) + +BootScriptHideDxe : $(BUILD_DIR)\BootScriptHide.mak BootScriptHideDxeBin + +HIDE_BOOT_SCRIPT_DXE_OBJECTS = $(BUILD_DIR)\$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHideDxe.obj + +### DXE ### +BootScriptHideDxeBin : $(AMIDXELIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\BootScriptHide.mak all\ + NAME=BootScriptHideDxe\ + MAKEFILE=$(BUILD_DIR)\BootScriptHide.mak \ + BUILD_DIR=$(BUILD_DIR)\ + OBJECTS="$(HIDE_BOOT_SCRIPT_DXE_OBJECTS)" \ + GUID=A570F393-B0F5-44A4-8550-61600597B409 \ + ENTRY_POINT=BootScriptHideDxeEntryPoint \ + TYPE=BS_DRIVER \ + DEPEX1=$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHideDxe.DXS \ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX \ + COMPRESS=0 + + +### PEI ### +!IF "$(x64_BUILD)"=="1" +HIDE_BOOT_SCRIPT_PEI_OBJECTS = $(BUILD_DIR)\IA32\$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHidePei.obj +!ELSE +HIDE_BOOT_SCRIPT_PEI_OBJECTS = $(BUILD_DIR)\$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHidePei.obj +!ENDIF + +BootScriptHidePei : $(AMIPEILIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\BootScriptHide.mak all\ + NAME=BootScriptHidePei\ + MAKEFILE=$(BUILD_DIR)\BootScriptHide.mak \ +!IF "$(x64_BUILD)"=="1" + BUILD_DIR=$(BUILD_DIR)\IA32\ +!ELSE + BUILD_DIR=$(BUILD_DIR)\ +!ENDIF + OBJECTS="$(HIDE_BOOT_SCRIPT_PEI_OBJECTS)" \ + GUID=9B8A0C3A-5186-4B55-89F4-CAFDE613DAB1 \ + "MY_INCLUDES=/I$(ACPI_DIR)" \ + ENTRY_POINT=BootScriptHidePeiEntryPoint \ + TYPE=PEIM \ + DEPEX1=$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHidePei.DXS \ + DEPEX1_TYPE=EFI_SECTION_PEI_DEPEX \ + COMPRESS=0 + +### SMM ### +!IF $(PI_SPECIFICATION_VERSION) < 0x0001000A +!ERROR BotoScriptHide requires PI 1.1 or higher +!ENDIF + +BootScriptHideSmm : $(BUILD_DIR)\BootScriptHide.mak BootScriptHideSmmBin + +HIDE_BOOT_SCRIPT_SMM_OBJECTS = $(BUILD_DIR)\$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHideSmm.obj + +BootScriptHideSmmBin : $(AMIDXELIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\BootScriptHide.mak all\ + NAME=BootScriptHideSmm\ + MAKEFILE=$(BUILD_DIR)\BootScriptHide.mak \ + BUILD_DIR=$(BUILD_DIR)\ + OBJECTS="$(HIDE_BOOT_SCRIPT_SMM_OBJECTS)" \ + GUID=70B8BACB-0B26-4048-A6F8-03A6AF2C5029 \ + "MY_INCLUDES=/I$(ACPI_DIR)" \ + ENTRY_POINT=BootScriptHideSmmEntryPoint \ + TYPE=SMM_DRIVER \ + DEPEX1=$(BOOT_SCRIPT_HIDE_DIR)\BootScriptHideSmm.dxs \ + DEPEX1_TYPE=EFI_SECTION_SMM_DEPEX \ + COMPRESS=0 + +#//********************************************************************** +#//********************************************************************** +#//** ** +#//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +#//** ** +#//** All Rights Reserved. ** +#//** ** +#//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +#//** ** +#//** Phone: (770)-246-8600 ** +#//** ** +#//********************************************************************** +#//**********************************************************************
\ No newline at end of file diff --git a/Core/EM/BootScriptHide/BootScriptHide.sdl b/Core/EM/BootScriptHide/BootScriptHide.sdl new file mode 100644 index 0000000..fd50191 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHide.sdl @@ -0,0 +1,50 @@ +TOKEN + Name = "BootScriptHide_SUPPORT" + Value = "1" + Help = "Main switch to enable BootScriptHide support in Project" + TokenType = Boolean + Master = Yes +End + +PATH + Name = "BOOT_SCRIPT_HIDE_DIR" +End + +MODULE + Help = "Includes BootScriptHide.mak to Project" + File = "BootScriptHide.mak" +End + +TOKEN + Name = "BOOT_SCRIPT_SAVE_SW_SMI_VALUE" + Value = "0xD6" + Help = "SW SMI value used to trigger boot script saving to SMM" + TokenType = Integer + TargetH = Yes +End + +TOKEN + Name = "BOOT_SCRIPT_RESTORE_SW_SMI_VALUE" + Value = "0xD7" + Help = "SW SMI value used to trigger boot script restoring from SMM" + TokenType = Integer + TargetH = Yes +End + +ELINK + Name = "$(BUILD_DIR)\BootScriptHidePei.ffs" + Parent = "FV_BB" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\BootScriptHideSmm.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\BootScriptHideDxe.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End diff --git a/Core/EM/BootScriptHide/BootScriptHideDxe.c b/Core/EM/BootScriptHide/BootScriptHideDxe.c new file mode 100644 index 0000000..39f15ca --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHideDxe.c @@ -0,0 +1,126 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHideDxe.c 1 9/10/14 6:31p Aaronp $ +// +// $Revision: 1 $ +// +// $Date: 9/10/14 6:31p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHideDxe.c $ +// +// 1 9/10/14 6:31p Aaronp +// First addition of BootScriptHide emodule. +//********************************************************************** + +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootScriptHideDxe.c +// +// Description: Source file for the DXE driver. This file contains the +// code to trigger the SWSMI that will save the boot scripts +// into SMM. Depending on the boot path, either a legacy +// boot event or an Exit Boot Services notification will +// notify the trigger function +// +//<AMI_FHDR_END> +//********************************************************************** + +#include <AmiDxeLib.h> +#include <Token.h> +#include <Protocol/SmmControl2.h> + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: GenerateSaveBootScriptSwSmi +// +// Description: Callback function called when either Exit Boot Services is called, +// or a legacy boot event is raised. This function will use the +// SmmControl protocol to trigger a SWSMI. +// +// Input: +// IN EFI_EVENT Event - Event that caused this function to be called +// IN VOID *Context - Context for the event that triggered this function +// +// Output: +// None +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +VOID GenerateSaveBootScriptSwSmi ( + IN EFI_EVENT Event, IN VOID *Context +){ + static BOOLEAN BootScriptSaved = FALSE; + EFI_STATUS Status; + EFI_SMM_CONTROL2_PROTOCOL *SmmControl; + UINT8 SwSmiValue = BOOT_SCRIPT_SAVE_SW_SMI_VALUE; + + if (BootScriptSaved){ + pBS->CloseEvent(Event); + return; + } + Status = pBS->LocateProtocol (&gEfiSmmControl2ProtocolGuid, NULL, (VOID **)&SmmControl); + if (EFI_ERROR(Status)) return; + SmmControl->Trigger (SmmControl, &SwSmiValue, NULL, FALSE, 0); + BootScriptSaved = TRUE; + pBS->CloseEvent(Event); +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: BootScriptHideDxeEntryPoint +// +// Description: Entry point for the DXE driver. Entry point will register a +// legacy boot event notification function, and a Exit Boot Services +// event handler. The same function is called for the legacy boot +// event and the exit boot services notification function. +// +// Input: +// IN EFI_HANDLE ImageHandle - The handle that corresponds this this loaded DXE driver +// IN EFI_SYSTEM_TABLE *SystemTable - Pointer to the EFI System Table +// +// Output: +// EFI_STATUS The return status of this function +// +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI BootScriptHideDxeEntryPoint(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable){ + EFI_EVENT Event; + + InitAmiLib(ImageHandle,SystemTable); + // We're using TPL_NOTIFY here (as oppose to TPL_CALLBACK) to make sure our callback is called prior to NVRAM driver callback. + // Otherwise we may be unable to read boot time variable in our SMI handler. + CreateLegacyBootEvent(TPL_NOTIFY, &GenerateSaveBootScriptSwSmi, NULL, &Event); + pBS->CreateEvent( + EVT_SIGNAL_EXIT_BOOT_SERVICES,TPL_NOTIFY, + &GenerateSaveBootScriptSwSmi, NULL, &Event + ); + return EFI_SUCCESS; +} +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//**********************************************************************
\ No newline at end of file diff --git a/Core/EM/BootScriptHide/BootScriptHideDxe.dxs b/Core/EM/BootScriptHide/BootScriptHideDxe.dxs new file mode 100644 index 0000000..904733c --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHideDxe.dxs @@ -0,0 +1,33 @@ +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** +#include "token.h" + + +DEPENDENCY_START + TRUE +DEPENDENCY_END + +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** diff --git a/Core/EM/BootScriptHide/BootScriptHidePei.c b/Core/EM/BootScriptHide/BootScriptHidePei.c new file mode 100644 index 0000000..9b2c820 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHidePei.c @@ -0,0 +1,266 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2016, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHidePei.c 3 5/24/16 4:28p Robert $ +// +// $Revision: 3 $ +// +// $Date: 5/24/16 4:28p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHidePei.c $ +// +// 3 5/24/16 4:28p Robert +// [TAG] EIP268161 +// [Category] Improvement +// [Description] updated copyrights +// +// 2 5/20/16 12:10p Robert +// [TAG] EIP268161 +// [Category] Improvement +// [Description] Update BootScriptHide to comply with Security +// Vulnerability related to saving other memory regions at the same time +// as the boot scripts +// +// 1 9/10/14 6:31p Aaronp +// First addition of BootScriptHide emodule. +//********************************************************************** + +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootScriptHidePei.c +// +// Description: Source file for the PEI driver. This file contains the +// code to trigger the SWSMI that will restore the boot +// scripts into regular memory from inside of SMM. +// +//<AMI_FHDR_END> +//********************************************************************** + +#include <AmiPeiLib.h> +#include <Token.h> +#include <AcpiS3.h> +#include <Ppi/SmmControl.h> +#include <Ppi/S3Resume2.h> + +typedef struct{ + EFI_PEI_S3_RESUME2_PPI Ppi; + EFI_PEI_S3_RESUME2_PPI *OriginalPpi; +} S3_RESUME2_PRIVATE; + +//PPI to be installed +EFI_PEI_PPI_DESCRIPTOR S3ResumePpiListTemplate = { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gEfiPeiS3Resume2PpiGuid, + NULL +}; + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: TriggerSwSmi +// +// Description: Function that attempts to trigger a SWSMI to restore the boot +// script tables from SMM memory into regular system memory. This +// function is called only when the system is resuming from S3. +// +// Input: +// IN EFI_PEI_SERVICES **PeiServices - Pointer to the PEI services table +// +// Output: +// EFI_STATUS - The status of attempting to trigger a SWSMI +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS TriggerSwSmi(IN EFI_PEI_SERVICES **PeiServices){ + EFI_STATUS Status; + PEI_SMM_CONTROL_PPI *SmmControl; + INT8 SmiCommand; + UINTN Size; + + // Trigger boot script restoring SMI + + // What's the best method of SW SMI generation in PEI? + // We're sticking with SmmControl PPI. + // If it's not available in your project, replace the code below... + Status = (*PeiServices)->LocatePpi( + PeiServices, &gPeiSmmControlPpiGuid, 0, NULL, (VOID **)&SmmControl + ); + if (EFI_ERROR (Status)){ + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: ERROR: SmmControl PPI not found. Can't restore the boot script.\n")); + PEI_TRACE((TRACE_ALWAYS,PeiServices,"If PPI is not available in the project, replace code of the TriggerSwSmi function in BootScriptHidePei.c with the chipset specific SW SMI trigerring code.\n")); + PEI_TRACE((TRACE_ALWAYS,PeiServices," NOTE: Simple write to 0xB2 may not work. You may have to enable SW SMI in one of the SB registers.\n")); + PEI_TRACE((TRACE_ALWAYS,PeiServices," If SW SMI generation succeeds, you should see \"Boot script has been restored\" debug message.\n")); + ASSERT_PEI_ERROR(PeiServices,EFI_ABORTED); + return Status; + } + SmiCommand = BOOT_SCRIPT_RESTORE_SW_SMI_VALUE; + Size = sizeof(SmiCommand); + Status = SmmControl->Trigger(PeiServices, SmmControl, &SmiCommand, &Size, FALSE, 0); + if (EFI_ERROR (Status)){ + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: ERROR: SmmControl->Trigger failed with status %r. Can't restore the boot script.\n",Status)); + ASSERT_PEI_ERROR(PeiServices,EFI_ABORTED); + return Status; + } + return EFI_SUCCESS; +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: ErrorHandler +// +// Description: Function called when the system encounters an error while +// trying to restore the boot scripts into regular system memory. +// If this function is called, it is because there is an error +// in the system, and S3 resume cannot be completed +// +// Input: +// IN EFI_PEI_SERVICES **PeiServices - Pointer to the PEI services table +// +// Output: +// None +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +VOID ErrorHandler(IN EFI_PEI_SERVICES **PeiServices){ + // If something went wrong and we were unable to restore the boot script, system is vulnerable. + // One one to go back to safety is to issue a system reset, which will change boot path from S3 resume to a normal boot. + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Couldn't restore the boot script. Resetting...\n")); + (*PeiServices)->ResetSystem(PeiServices); + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Couldn't reset. Dead-looping...\n")); + ASSERT_PEI_ERROR(PeiServices,EFI_ABORTED); + EFI_DEADLOOP(); +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: S3RestoreConfig2 +// +// Description: This function can be considered a hook. This function is used to replace the +// S3Resume PPI's RestoreConfig function. The original S3Resume PPI's RestoreConfig +// is saved, and is called at the end of this function. This function will be +// attempt to trigger the SWSMI to restore the boot script tables into regular +// system memory. +// +// Input: +// IN EFI_PEI_S3_RESUME2_PPI *This - Pointer to the S3 resume PPI. +// +// Output: +// EFI_STATUS Status - the status of attempting to restore the configuration +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI S3RestoreConfig2(IN EFI_PEI_S3_RESUME2_PPI *This){ + const CHAR16 AcpiGlobalVariable[] = ACPI_GLOBAL_VARIABLE; + const EFI_GUID EfiAcpiVariableGuid = EFI_ACPI_VARIABLE_GUID; + EFI_STATUS Status; + S3_RESUME2_PRIVATE *S3Resume2Ppi = (S3_RESUME2_PRIVATE*)This; + EFI_PEI_SERVICES **PeiServices = GetPeiServicesTablePointer(); + ACPI_VARIABLE_SET *AcpiVariableSet; + UINTN VariableSize = sizeof(AcpiVariableSet); + EFI_PHYSICAL_ADDRESS AcpiReservedMemoryBase; + + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Successfully trapped S3RestoreConfig2 call.\n")); + + Status = PeiGetVariable(PeiServices,AcpiGlobalVariable,&EfiAcpiVariableGuid,NULL,&VariableSize, &AcpiVariableSet); + if (EFI_ERROR (Status)){ + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Can't read variable %S. Status = %r.\n", AcpiGlobalVariable, Status)); + ErrorHandler(PeiServices); + } + // We are using AcpiReservedMemoryBase field as a communication mail box between this PEIM + // and boot script restoring SMI handler. + // We are setting the field to BOOT_SCRIPT_SAVE_SW_SMI_VALUE and SMI handler if succeeds sets it to BOOT_SCRIPT_RESTORE_SW_SMI_VALUE. + // Preserve original AcpiReservedMemoryBase value to restore it once we are done. + AcpiReservedMemoryBase = AcpiVariableSet->AcpiReservedMemoryBase; + AcpiVariableSet->AcpiReservedMemoryBase = ~(AcpiVariableSet->AcpiReservedMemoryBase); + Status = TriggerSwSmi(GetPeiServicesTablePointer()); + if (EFI_ERROR (Status)) ErrorHandler(PeiServices); + if (AcpiVariableSet->AcpiReservedMemoryBase != BOOT_SCRIPT_RESTORE_SW_SMI_VALUE){ + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Something went wrong. SW SMI handler failed to restore the boot script.\n")); + ErrorHandler(PeiServices); + } + + // Restore original AcpiReservedMemoryBase value. + AcpiVariableSet->AcpiReservedMemoryBase = AcpiReservedMemoryBase; + + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Calling original S3RestoreConfig2\n")); + return S3Resume2Ppi->OriginalPpi->S3RestoreConfig2(S3Resume2Ppi->OriginalPpi); +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: BootScriptHidePeiEntryPoint +// +// Description: Module entry point for the BootScripeHidePei module. This module +// does nothing if the system is not in the S3 resume path. +// If the system is in the S3 resume path, then the module will use the +// installed S3Resume PPI to populate a new copy of the S3Resume PPI that +// will contain the S3RestoreConfig2 function instead of the original S3RestoreConfig2 function. +// +// +// Input: +// IN EFI_PEI_FILE_HANDLE FileHandle - The file handle associated with this PEIM +// IN EFI_PEI_SERVICES **PeiServices - Pointer to the PEI Services table +// +// Output: +// EFI_STATUS Status - the status of registering the callbacks and hooking the S3ResumePpi functions +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI BootScriptHidePeiEntryPoint (IN EFI_PEI_FILE_HANDLE FileHandle, IN EFI_PEI_SERVICES **PeiServices){ + + EFI_STATUS Status; + EFI_BOOT_MODE BootMode; + EFI_PEI_PPI_DESCRIPTOR *S3ResumePpiList; + S3_RESUME2_PRIVATE *S3Resume2Ppi; + EFI_PEI_S3_RESUME2_PPI *OriginalS3Resume2Ppi; + EFI_PEI_PPI_DESCRIPTOR *OrignalS3Resume2PpiDescriptor; + + Status = (*PeiServices)->GetBootMode( PeiServices, &BootMode ); + if ( EFI_ERROR(Status) || BootMode != BOOT_ON_S3_RESUME) return EFI_UNSUPPORTED; + // We can't trigger SW SMI just yet because we can't be sure that it will work. + // Perhaps SMM initialization is yet to be done by other PEIMs. + // We need to delay SW SMI generation to a latter point. + // One one to do it is S3Resume2 PPI hijacking. + Status = (*PeiServices)->LocatePpi( + PeiServices, &gEfiPeiS3Resume2PpiGuid, 0, &OrignalS3Resume2PpiDescriptor, (VOID **)&OriginalS3Resume2Ppi + ); + if ( EFI_ERROR(Status) ) return Status; + + Status = (*PeiServices)->AllocatePool(PeiServices, sizeof(S3ResumePpiListTemplate)+sizeof(*S3Resume2Ppi), &S3ResumePpiList); + if (EFI_ERROR(Status)) return Status; + *S3ResumePpiList=S3ResumePpiListTemplate; + S3Resume2Ppi = (S3_RESUME2_PRIVATE*)(S3ResumePpiList+1); + S3Resume2Ppi->Ppi.S3RestoreConfig2 = S3RestoreConfig2; + S3ResumePpiList->Ppi = &S3Resume2Ppi->Ppi; + S3Resume2Ppi->OriginalPpi = OriginalS3Resume2Ppi; + + Status = (*PeiServices)->ReInstallPpi(PeiServices,OrignalS3Resume2PpiDescriptor,S3ResumePpiList); + if (EFI_ERROR(Status)){ + PEI_TRACE((TRACE_ALWAYS,PeiServices,"BootScriptHide: Can't replace S3Resume2 PPI.\n")); + ErrorHandler(PeiServices); + } + return Status; +} +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2016, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//**********************************************************************
\ No newline at end of file diff --git a/Core/EM/BootScriptHide/BootScriptHidePei.dxs b/Core/EM/BootScriptHide/BootScriptHidePei.dxs new file mode 100644 index 0000000..419a304 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHidePei.dxs @@ -0,0 +1,35 @@ +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** +#include "token.h" +#include <PEI.h> +#include <Ppi\S3Resume2.h> +DEPENDENCY_START + EFI_PEI_PERMANENT_MEMORY_INSTALLED_PPI AND + EFI_PEI_MASTER_BOOT_MODE_PEIM_PPI AND + EFI_PEI_S3_RESUME2_PPI_GUID +DEPENDENCY_END + +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** diff --git a/Core/EM/BootScriptHide/BootScriptHideSmm.c b/Core/EM/BootScriptHide/BootScriptHideSmm.c new file mode 100644 index 0000000..71fff54 --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHideSmm.c @@ -0,0 +1,388 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2016, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHideSmm.c 4 5/24/16 4:28p Robert $ +// +// $Revision: 4 $ +// +// $Date: 5/24/16 4:28p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/BootScriptHide/BootScriptHideSmm.c $ +// +// 4 5/24/16 4:28p Robert +// [TAG] EIP268161 +// [Category] Improvement +// [Description] Update copyrights +// +// 3 5/20/16 12:11p Robert +// [TAG] EIP268161 +// [Category] Improvement +// [Description] Update BootScriptHide to comply with Security +// Vulnerability related to saving other memory regions at the same time +// as the boot scripts +// +// 2 11/03/14 3:31p Aaronp +// Improved buffer validation and error detection. +// - IsBufferInSmram is replaced with IsBadBuffer that delas with memory +// range +// - BootScriptSaved flag is added to signal that saved boot script +// buffer is valid +// +// 1 9/10/14 6:31p Aaronp +// First addition of BootScriptHide emodule. +//********************************************************************** + +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootScriptHideSmm.c +// +// Description: Source file for the SMM driver. Contains the code that is +// signalled when it is time to save/restore the boot script +// tables +// +//<AMI_FHDR_END> +//********************************************************************** + +#include <AmiDxeLib.h> +#include <Token.h> +#include <AcpiS3.h> +#include <BootScriptCommon.h> +#include <Protocol/SmmSwDispatch2.h> +#include <Protocol/SmmAccess2.h> + +#if PI_SPECIFICATION_VERSION < 0x0001000A +#error This module requires PI 1.1 or higher +#endif + +/// Maximum size of the boot script tables +#define MAX_BOOT_SCRIPT_TABLE_SIZE 0x100000 // 1MB + +// The definitions below are from BootScriptPrivate.h, but we don't want to include private ACPI headers here. +/// Structure copied out of BootScriptPrivate.h +typedef struct { + UINT32 UniqueIndex; ///< Index of this entry + UINT32 Length; ///< Length of this entry +} BOOT_SCRIPT_INFO_STRUCTURE; + +/// Structure copied out of BootScriptPrivate.h +typedef struct { + UINT16 Type; ///< Type of this boot script entry + EFI_PHYSICAL_ADDRESS EntryPoint; ///< Entry point of the code to be dispatched. +} BOOT_SCRIPT_DISPATCH; + +/// Opcode that signals the current entry is the last entry in the boot script tables +#define TABLE_END_OP_CODE 0xff +// End of BootScriptPrivate.h content + +EFI_SMRAM_DESCRIPTOR *SmramRanges; +UINTN SmramRangeCount; + +UINTN BootScriptTableSize = 0; +VOID *SmmBootScriptBuffer = NULL; +ACPI_VARIABLE_SET *AcpiVariableSet = NULL; +EFI_PHYSICAL_ADDRESS SmmAcpiReserveMemoryBase; +UINT32 SmmAcpiReserveMemorySize; +EFI_PHYSICAL_ADDRESS SmmAcpiFacsTable[3]; +EFI_PHYSICAL_ADDRESS SmmBootScriptTable; +BOOLEAN AcpiVariableSetValuesCorrupted; +BOOLEAN BootScriptSaved = FALSE; + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: IsBadBuffer +// +// Description: Function that verifies that the passed address is not contained +// in the region of memory occupied by the SMM code. +// +// Input: +// IN VOID* Buffer - Address to check against the SMM memory region +// IN UINTN BufferSize - Size of the buffer to check against the Smm Memory Region +// +// Output: +// BOOLEAN +// TRUE - The address is part of the SMRAM region +// FALSE - The address is not part of the SMRAM region +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +BOOLEAN IsBadBuffer (IN VOID *Buffer, IN UINTN BufferSize){ + UINTN i; + UINTN BufferAddress = (UINTN)Buffer; + + if (BufferAddress + BufferSize < BufferAddress) return TRUE; // overflow + for (i = 0; i < SmramRangeCount; i ++) { + if ( BufferAddress >= SmramRanges[i].CpuStart + && BufferAddress < SmramRanges[i].CpuStart + SmramRanges[i].PhysicalSize + ) return TRUE; // Buffer starts in SMRAM + if ( BufferAddress < SmramRanges[i].CpuStart + && BufferAddress+BufferSize > SmramRanges[i].CpuStart + ) return TRUE; // Buffer overlaps with SMRAM + } + + return FALSE; +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: GetBootScriptTableLength +// +// Description: Using the passed BootScriptTablePointer, go through the +// entries and determine the total size of the Boot Script +// table. +// +// Input: +// VOID *BootScriptTablePtr - Pointer to the boot script tables +// +// Output: +// UINTN The total size of the boot script tables +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +UINTN GetBootScriptTableLength(VOID *BootScriptTablePtr){ + BOOT_SCRIPT_INFO_STRUCTURE* BootScriptTable = BootScriptTablePtr; + UINT8 Type; + UINTN Size = 0; + do{ + Type = *(UINT8*)(BootScriptTable + 1); + if (Type == TABLE_END_OP_CODE){ + // The OpCode size comes from BootScriptTable->Length. + // However, info structure of the End OpCode for some reason comes with the invalid Length. + // That is why we have to calculate OpCode size differently. + Size += sizeof(BOOT_SCRIPT_INFO_STRUCTURE) + 2; // 2 is sizeof(BOOT_SCRIPT_TABLE_END); + break; + } + // The dispatch OpCodes are dangerous. If function being dispatching is not in ROM, it can be modified by OS agent. + // On one hand, we can't allow dispatching of non-ROM function. + // On the other hand, we can't simply skip the function because it might be doing something important. + // We're just giving up (not saving the script). + // Our companion PEIM will detect that boot script has not been saved and restored and will reset the system. + if (Type == EFI_BOOT_SCRIPT_DISPATCH_OPCODE || Type == EFI_BOOT_SCRIPT_DISPATCH_2_OPCODE){ + // The entry point is a 64-bit value, but we ignore the upper four bytes because: + // 1) AMI boot script implementation launches dispatch function in 32-bit mode and ignores the upper 4 bytes. + // 2) Due to a type casting bug in some projects, the upper 4 bytes are occasionally filled with F's. + UINT32 EntryPoint = (UINT32)((BOOT_SCRIPT_DISPATCH*)(BootScriptTable + 1))->EntryPoint; + if (EntryPoint < 0xFFFFFFFF - FLASH_SIZE +1){ + TRACE((TRACE_ALWAYS, + "BootScriptHide: ERROR: Boot script dispatch opcode with the Entry Point(%lX) outside of the ROM is found.\n" + "It's illegal to call non-ROM functions in the boot script.\n" + "Fix your project by searching for %s in the code and reviewing origin of the functions being dispatched.\n", + EntryPoint, + (Type == EFI_BOOT_SCRIPT_DISPATCH_OPCODE) + ? "\"EFI_BOOT_SCRIPT_DISPATCH_OPCODE\" or \"BOOT_SCRIPT_DISPATCH_MACRO\"" + : "\"EFI_BOOT_SCRIPT_DISPATCH_2_OPCODE\" or \"BOOT_SCRIPT_S3_DISPATCH_MACRO\" or \"BOOT_SCRIPT_S3_DISPATCH_2_MACRO\"" + )); + ASSERT_EFI_ERROR(EFI_INVALID_PARAMETER); + return 0; + } + } + if (BootScriptTable->Length == 0 || BootScriptTable->Length > MAX_BOOT_SCRIPT_TABLE_SIZE) return 0; + Size += BootScriptTable->Length; + if (Size > MAX_BOOT_SCRIPT_TABLE_SIZE) return 0; + BootScriptTable = (BOOT_SCRIPT_INFO_STRUCTURE*)((UINT8*)BootScriptTable + BootScriptTable->Length); + }while(TRUE); + return Size; +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: SaveBootScriptHandle +// +// Description: SMM Dispatch handler to save the Boot Scripts from regular system +// memory into SMRAM. +// +// Input: +// IN EFI_HANDLE DispatchHandle - Dispatch handle for this handler +// IN CONST VOID *Context OPTIONAL - Context for this dispatch +// IN VOID *CommBuffer OPTIONAL - Pointer to the buffer containing communication data +// IN UINTN *CommBufferSize OPTIONAL - Pointer to the size of this communication buffer +// +// Output: +// EFI_STATUS +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI SaveBootScriptHandle( + IN EFI_HANDLE DispatchHandle, + IN CONST VOID *Context OPTIONAL, + IN OUT VOID *CommBuffer OPTIONAL, + IN OUT UINTN *CommBufferSize OPTIONAL +){ + static BOOLEAN BootScriptSaveProcessed = FALSE; + const CHAR16 AcpiGlobalVariable[] = ACPI_GLOBAL_VARIABLE; + const EFI_GUID EfiAcpiVariableGuid = EFI_ACPI_VARIABLE_GUID; + EFI_STATUS Status; + UINTN VariableSize = sizeof(AcpiVariableSet); + UINT8* BootScriptTable; + + if (BootScriptSaveProcessed) return EFI_SUCCESS; + // We are setting the flag early intentionally. + // We want to make sure the handle is executed once + // (even if failed to save the script due to errors). + BootScriptSaveProcessed = TRUE; + + Status = pRS->GetVariable( + (CHAR16*)AcpiGlobalVariable, (EFI_GUID*)&EfiAcpiVariableGuid, + NULL,&VariableSize, &AcpiVariableSet + ); + if (EFI_ERROR(Status)) return Status; + BootScriptTable = (UINT8*)(UINTN)AcpiVariableSet->AcpiBootScriptTable; + if (IsBadBuffer(BootScriptTable,0)) return EFI_NOT_FOUND; + BootScriptTableSize = GetBootScriptTableLength(BootScriptTable); + if ( BootScriptTableSize==0 + || IsBadBuffer(BootScriptTable,BootScriptTableSize) + ) return EFI_NOT_FOUND; + + Status = pSmst->SmmAllocatePool (EfiRuntimeServicesData, BootScriptTableSize, &SmmBootScriptBuffer); + if (EFI_ERROR(Status)) return Status; + MemCpy(SmmBootScriptBuffer, BootScriptTable, BootScriptTableSize); + TRACE((TRACE_ALWAYS,"BootScriptHide: Boot script has been saved. Address: %X; Size :%X\n",BootScriptTable,BootScriptTableSize)); + + SmmBootScriptTable = AcpiVariableSet->AcpiBootScriptTable; + SmmAcpiReserveMemoryBase = AcpiVariableSet->AcpiReservedMemoryBase; + SmmAcpiReserveMemorySize = AcpiVariableSet->AcpiReservedMemorySize; + MemCpy(SmmAcpiFacsTable, AcpiVariableSet->AcpiFacsTable, sizeof(EFI_PHYSICAL_ADDRESS)*3); + + BootScriptSaved = TRUE; + return EFI_SUCCESS; +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: RestoreBootScriptHandle +// +// Description: SMM Dispatch handler to restore the Boot Scripts from SMRAM +// to the regular system memory +// +// Input: +// IN EFI_HANDLE DispatchHandle - Handle of the +// IN CONST VOID *Context OPTIONAL - Context for this dispatch +// IN VOID *CommBuffer OPTIONAL - Pointer to the buffer containing communication data +// IN UINTN *CommBufferSize OPTIONAL - Pointer to the size of this communication buffer +// +// Output: +// EFI_STATUS +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI RestoreBootScriptHandle( + IN EFI_HANDLE DispatchHandle, + IN CONST VOID *Context OPTIONAL, + IN OUT VOID *CommBuffer OPTIONAL, + IN OUT UINTN *CommBufferSize OPTIONAL +){ + UINT8* BootScriptTable; + + if ( !BootScriptSaved ) + return EFI_NOT_FOUND; + + // We are using AcpiReservedMemoryBase field as a communication mail box between this SMI handler + // and companion PEIM that triggers SW SMI on S3 resume boot path. + // The PEIM bitwise NOTs the value, and this handler sets it to BOOT_SCRIPT_RESTORE_SW_SMI_VALUE if boot script has been restored. + // The values for AcpiReservedMemorySize, BootScriptTable, and AcpiFacsTable are also verified to be the same as the previous boot. + if ((AcpiVariableSet->AcpiReservedMemoryBase != (~SmmAcpiReserveMemoryBase)) || + (AcpiVariableSet->AcpiReservedMemorySize != SmmAcpiReserveMemorySize)) + return EFI_NOT_FOUND; + + // If FACS entries are not correct, replace the pointers with known saved values and continue + if (MemCmp(SmmAcpiFacsTable, AcpiVariableSet->AcpiFacsTable, sizeof(EFI_PHYSICAL_ADDRESS)*3)) + MemCpy(AcpiVariableSet->AcpiFacsTable, SmmAcpiFacsTable, sizeof(EFI_PHYSICAL_ADDRESS)*3); + + // verify that the Boot Script is correct. If not update it to the correct value + if (AcpiVariableSet->AcpiBootScriptTable != SmmBootScriptTable) + AcpiVariableSet->AcpiBootScriptTable = SmmBootScriptTable; + + // Now verify the Boot Script Table + BootScriptTable = (UINT8*)(UINTN)AcpiVariableSet->AcpiBootScriptTable; + // verify that the BootScript buffer location is outside of SMM Memory + if ( IsBadBuffer(BootScriptTable,BootScriptTableSize) ) + return EFI_NOT_FOUND; +#ifdef EFI_DEBUG + //Let's see if boot script has actually been changed + if (MemCmp(BootScriptTable, SmmBootScriptBuffer, BootScriptTableSize)) + TRACE((TRACE_ALWAYS,"BootScriptHide: The boot script has been changed.\n")); + else + TRACE((TRACE_ALWAYS,"BootScriptHide: The boot script hasn't been changed.\n")); +#endif + MemCpy(BootScriptTable, SmmBootScriptBuffer, BootScriptTableSize); + TRACE((TRACE_ALWAYS,"BootScriptHide: Boot script has been restored. Address: %X; Size :%X\n",BootScriptTable,BootScriptTableSize)); + AcpiVariableSet->AcpiReservedMemoryBase = BOOT_SCRIPT_RESTORE_SW_SMI_VALUE; + return EFI_SUCCESS; +} + +//<AMI_PHDR_START> +//---------------------------------------------------------------------------- +// Procedure: BootScriptHideSmmEntryPoint +// +// Description: SMM driver entry point. This entry point will register SWSMI dispatch +// handlers to deal with the save and restore SWSMIs. +// +// Input: +// IN EFI_HANDLE ImageHandle - The handle that corresponds this this loaded SMM driver +// IN EFI_SYSTEM_TABLE *SystemTable - Pointer to the EFI System Table +// +// Output: +// EFI_STATUS +//---------------------------------------------------------------------------- +//<AMI_PHDR_END> +EFI_STATUS EFIAPI BootScriptHideSmmEntryPoint(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable){ + EFI_STATUS Status; + EFI_SMM_SW_DISPATCH2_PROTOCOL *SwDispatch; + EFI_HANDLE Handle; + EFI_SMM_SW_REGISTER_CONTEXT Context; + EFI_SMM_ACCESS2_PROTOCOL *SmmAccess; + UINTN Size; + + InitAmiSmmLibPi(ImageHandle,SystemTable); + + // Get SMRAM information + Status = pBS->LocateProtocol (&gEfiSmmAccess2ProtocolGuid, NULL, (VOID **)&SmmAccess); + if (EFI_ERROR(Status)) return Status; + + Size = 0; + Status = SmmAccess->GetCapabilities (SmmAccess, &Size, NULL); + if (Status != EFI_BUFFER_TOO_SMALL) return Status; + Status = pSmst->SmmAllocatePool (EfiRuntimeServicesData, Size, (VOID **)&SmramRanges); + if (EFI_ERROR(Status)) return Status; + Status = SmmAccess->GetCapabilities (SmmAccess, &Size, SmramRanges); + if (EFI_ERROR(Status)) return Status; + SmramRangeCount = Size / sizeof (EFI_SMRAM_DESCRIPTOR); + + // Register SW SMI handlers + Status = pSmst->SmmLocateProtocol(&gEfiSmmSwDispatch2ProtocolGuid, NULL, &SwDispatch); + if (EFI_ERROR(Status)) return Status; + + // Save Boot Script + Context.SwSmiInputValue = BOOT_SCRIPT_SAVE_SW_SMI_VALUE; + Status = SwDispatch->Register(SwDispatch, SaveBootScriptHandle, &Context, &Handle); + if (EFI_ERROR(Status)) return Status; + // restore Boot Script + Context.SwSmiInputValue = BOOT_SCRIPT_RESTORE_SW_SMI_VALUE; + Status = SwDispatch->Register(SwDispatch, RestoreBootScriptHandle, &Context, &Handle); + if (EFI_ERROR(Status)) return Status; + + return EFI_SUCCESS; +} +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2016, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Core/EM/BootScriptHide/BootScriptHideSmm.dxs b/Core/EM/BootScriptHide/BootScriptHideSmm.dxs new file mode 100644 index 0000000..ba5953f --- /dev/null +++ b/Core/EM/BootScriptHide/BootScriptHideSmm.dxs @@ -0,0 +1,35 @@ +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** +#include "token.h" +#include <Protocol\SmmBase2.h> +#include <Protocol\SmmSwDispatch2.h> + +DEPENDENCY_START + EFI_SMM_BASE2_PROTOCOL_GUID AND + EFI_SMM_SW_DISPATCH2_PROTOCOL_GUID +DEPENDENCY_END + +//**************************************************************************** +//**************************************************************************** +//** ** +//** (C)Copyright 1985-2014, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Norcross, GA 30093 ** +//** ** +//** Phone (770)-246-8600 ** +//** ** +//**************************************************************************** +//**************************************************************************** |