diff mbox

[edk2,3/3] OvmfPkg: PlatformBdsLib: lock down SMM regardless of S3

Message ID 1461784849-30809-4-git-send-email-lersek@redhat.com
State New
Headers show

Commit Message

Laszlo Ersek April 27, 2016, 7:20 p.m. UTC 
At the moment, the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is only installed if
S3 is enabled -- at the end of SaveS3BootScript().

While a runtime OS is never booted with SMM unlocked (because the SMM IPL
locks down SMM as a last resort:

> SMM IPL!  DXE SMM Ready To Lock Protocol not installed before Ready To

> Boot signal

> SmmInstallProtocolInterface: [EfiSmmReadyToLockProtocol] 0

> Patch page table start ...

> Patch page table done!

> SMM IPL locked SMRAM window


), we shouldn't allow UEFI drivers and applications either to mess with
SMM just because S3 is disabled. So install
EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL in PlatformBdsInit() unconditionally.

Cc: Feng Tian <feng.tian@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>

---
 OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c | 29 +++++++++++---------
 1 file changed, 16 insertions(+), 13 deletions(-)

-- 
1.8.3.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
diff mbox

Patch

diff --git a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c
index b22f2a74a9d8..8354f31ac2fe 100644
--- a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c
@@ -122,12 +122,15 @@  Arguments:
 Returns:
 
   None.
 
 --*/
 {
+  EFI_HANDLE Handle;
+  EFI_STATUS Status;
+
   DEBUG ((EFI_D_INFO, "PlatformBdsInit\n"));
   InstallDevicePathCallback ();
 
   VisitAllInstancesOfProtocol (&gEfiPciRootBridgeIoProtocolGuid,
     ConnectRootBridge, NULL);
 
@@ -144,17 +147,26 @@  Returns:
   // earlier, hence we can't signal End-of-Dxe earlier.
   //
   EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid);
 
   if (QemuFwCfgS3Enabled ()) {
     //
-    // Save the boot script too. Note that this requires/includes emitting the
-    // DxeSmmReadyToLock event, which in turn locks down SMM.
+    // Save the boot script too. Note that this will require us to emit the
+    // DxeSmmReadyToLock event just below, which in turn locks down SMM.
     //
     SaveS3BootScript ();
   }
+
+  //
+  // Prevent further changes to LockBoxes or SMRAM.
+  //
+  Handle = NULL;
+  Status = gBS->InstallProtocolInterface (&Handle,
+                  &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE,
+                  NULL);
+  ASSERT_EFI_ERROR (Status);
 }
 
 
 EFI_STATUS
 EFIAPI
 ConnectRootBridge (
@@ -1203,26 +1215,23 @@  Returns:
 }
 
 
 /**
   Save the S3 boot script.
 
-  Note that we trigger DxeSmmReadyToLock here -- otherwise the script wouldn't
-  be saved actually. Triggering this protocol installation event in turn locks
-  down SMM, so no further changes to LockBoxes or SMRAM are possible
-  afterwards.
+  Note that DxeSmmReadyToLock must be signaled after this function returns;
+  otherwise the script wouldn't be saved actually.
 **/
 STATIC
 VOID
 SaveS3BootScript (
   VOID
   )
 {
   EFI_STATUS                 Status;
   EFI_S3_SAVE_STATE_PROTOCOL *BootScript;
-  EFI_HANDLE                 Handle;
   STATIC CONST UINT8         Info[] = { 0xDE, 0xAD, 0xBE, 0xEF };
 
   Status = gBS->LocateProtocol (&gEfiS3SaveStateProtocolGuid, NULL,
                   (VOID **) &BootScript);
   ASSERT_EFI_ERROR (Status);
 
@@ -1232,18 +1241,12 @@  SaveS3BootScript (
   // than storing just a pointer to runtime or NVS storage.
   //
   Status = BootScript->Write(BootScript, EFI_BOOT_SCRIPT_INFORMATION_OPCODE,
                          (UINT32) sizeof Info,
                          (EFI_PHYSICAL_ADDRESS)(UINTN) &Info);
   ASSERT_EFI_ERROR (Status);
-
-  Handle = NULL;
-  Status = gBS->InstallProtocolInterface (&Handle,
-                  &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE,
-                  NULL);
-  ASSERT_EFI_ERROR (Status);
 }
 
 
 VOID
 EFIAPI
 PlatformBdsPolicyBehavior (