1 /** @file 2 Polymorphic functions that are called from both the privileged driver (i.e., 3 the DXE_SMM variable module) and the non-privileged drivers (i.e., one or 4 both of the DXE_RUNTIME variable modules). 5 6 Each of these functions has two implementations, appropriate for privileged 7 vs. non-privileged driver code. 8 9 Copyright (c) 2017, Red Hat, Inc.<BR> 10 Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR> 11 12 SPDX-License-Identifier: BSD-2-Clause-Patent 13 **/ 14 #ifndef _PRIVILEGE_POLYMORPHIC_H_ 15 #define _PRIVILEGE_POLYMORPHIC_H_ 16 17 #include <Uefi/UefiBaseType.h> 18 19 /** 20 SecureBoot Hook for auth variable update. 21 22 @param[in] VariableName Name of Variable to be found. 23 @param[in] VendorGuid Variable vendor GUID. 24 **/ 25 VOID 26 EFIAPI 27 SecureBootHook ( 28 IN CHAR16 *VariableName, 29 IN EFI_GUID *VendorGuid 30 ); 31 32 /** 33 Initialization for MOR Control Lock. 34 35 @retval EFI_SUCCESS MorLock initialization success. 36 @return Others Some error occurs. 37 **/ 38 EFI_STATUS 39 MorLockInit ( 40 VOID 41 ); 42 43 /** 44 Delayed initialization for MOR Control Lock at EndOfDxe. 45 46 This function performs any operations queued by MorLockInit(). 47 **/ 48 VOID 49 MorLockInitAtEndOfDxe ( 50 VOID 51 ); 52 53 /** 54 This service is an MOR/MorLock checker handler for the SetVariable(). 55 56 @param[in] VariableName the name of the vendor's variable, as a 57 Null-Terminated Unicode String 58 @param[in] VendorGuid Unify identifier for vendor. 59 @param[in] Attributes Attributes bitmask to set for the variable. 60 @param[in] DataSize The size in bytes of Data-Buffer. 61 @param[in] Data Point to the content of the variable. 62 63 @retval EFI_SUCCESS The MOR/MorLock check pass, and Variable 64 driver can store the variable data. 65 @retval EFI_INVALID_PARAMETER The MOR/MorLock data or data size or 66 attributes is not allowed for MOR variable. 67 @retval EFI_ACCESS_DENIED The MOR/MorLock is locked. 68 @retval EFI_ALREADY_STARTED The MorLock variable is handled inside this 69 function. Variable driver can just return 70 EFI_SUCCESS. 71 **/ 72 EFI_STATUS 73 SetVariableCheckHandlerMor ( 74 IN CHAR16 *VariableName, 75 IN EFI_GUID *VendorGuid, 76 IN UINT32 Attributes, 77 IN UINTN DataSize, 78 IN VOID *Data 79 ); 80 81 /** 82 This service is consumed by the variable modules to place a barrier to stop 83 speculative execution. 84 85 Ensures that no later instruction will execute speculatively, until all prior 86 instructions have completed. 87 88 **/ 89 VOID 90 VariableSpeculationBarrier ( 91 VOID 92 ); 93 94 /** 95 Notify the system that the SMM variable driver is ready. 96 **/ 97 VOID 98 VariableNotifySmmReady ( 99 VOID 100 ); 101 102 /** 103 Notify the system that the SMM variable write driver is ready. 104 **/ 105 VOID 106 VariableNotifySmmWriteReady ( 107 VOID 108 ); 109 110 /** 111 Variable Driver main entry point. The Variable driver places the 4 EFI 112 runtime services in the EFI System Table and installs arch protocols 113 for variable read and write services being available. It also registers 114 a notification function for an EVT_SIGNAL_VIRTUAL_ADDRESS_CHANGE event. 115 116 @retval EFI_SUCCESS Variable service successfully initialized. 117 **/ 118 EFI_STATUS 119 EFIAPI 120 MmVariableServiceInitialize ( 121 VOID 122 ); 123 124 /** 125 This function checks if the buffer is valid per processor architecture and 126 does not overlap with SMRAM. 127 128 @param Buffer The buffer start address to be checked. 129 @param Length The buffer length to be checked. 130 131 @retval TRUE This buffer is valid per processor architecture and does not 132 overlap with SMRAM. 133 @retval FALSE This buffer is not valid per processor architecture or overlaps 134 with SMRAM. 135 **/ 136 BOOLEAN 137 VariableSmmIsBufferOutsideSmmValid ( 138 IN EFI_PHYSICAL_ADDRESS Buffer, 139 IN UINT64 Length 140 ); 141 142 /** 143 Whether the TCG or TCG2 protocols are installed in the UEFI protocol database. 144 This information is used by the MorLock code to infer whether an existing 145 MOR variable is legitimate or not. 146 147 @retval TRUE Either the TCG or TCG2 protocol is installed in the UEFI 148 protocol database 149 @retval FALSE Neither the TCG nor the TCG2 protocol is installed in the UEFI 150 protocol database 151 **/ 152 BOOLEAN 153 VariableHaveTcgProtocols ( 154 VOID 155 ); 156 157 #endif 158