diff options
| author | jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-07-19 20:47:28 +0000 |
|---|---|---|
| committer | jljusten <jljusten@6f19259b-4bc3-4df7-8a09-765794883524> | 2011-07-19 20:47:28 +0000 |
| commit | 1c837cd545b6b91c41f1fbebf84b54cb7ccf499e (patch) | |
| tree | 85bbf955e61e4e9c674a9a6f18e2ce89095681b0 /MdeModulePkg/Include | |
| parent | 9fba8e7d3dad15fdd624ed2f5d34942cca590f76 (diff) | |
MdeModulePkg: Add SMM LockBox
This includes:
* LockBox protocol definition
* LockBoxLib library interface definition
* SmmLockBox GUID
* LockBoxNullLib library implementation
* 2 SmmLockBoxLib library implementations
* SmmLockBox SMM driver
Signed-off-by: jljusten
Reviewed-by: mdkinney
Reviewed-by: geekboy15a
Reviewed-by: jyao1
Reviewed-by: lgao4
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12029 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg/Include')
| -rw-r--r-- | MdeModulePkg/Include/Guid/SmmLockBox.h | 73 | ||||
| -rw-r--r-- | MdeModulePkg/Include/Library/LockBoxLib.h | 133 | ||||
| -rw-r--r-- | MdeModulePkg/Include/Protocol/LockBox.h | 31 |
3 files changed, 237 insertions, 0 deletions
diff --git a/MdeModulePkg/Include/Guid/SmmLockBox.h b/MdeModulePkg/Include/Guid/SmmLockBox.h new file mode 100644 index 000000000..8422847c5 --- /dev/null +++ b/MdeModulePkg/Include/Guid/SmmLockBox.h @@ -0,0 +1,73 @@ +/** @file
+ SmmLockBox guid header file.
+
+Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the BSD License which accompanies this distribution. The
+full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _SMM_LOCK_BOX_GUID_H_
+#define _SMM_LOCK_BOX_GUID_H_
+
+#define EFI_SMM_LOCK_BOX_COMMUNICATION_GUID \
+ {0x2a3cfebd, 0x27e8, 0x4d0a, {0x8b, 0x79, 0xd6, 0x88, 0xc2, 0xa3, 0xe1, 0xc0}}
+
+//
+// Below data structure is used for communication between PEI/DXE to SMM.
+//
+
+#define EFI_SMM_LOCK_BOX_COMMAND_SAVE 0x1
+#define EFI_SMM_LOCK_BOX_COMMAND_UPDATE 0x2
+#define EFI_SMM_LOCK_BOX_COMMAND_RESTORE 0x3
+#define EFI_SMM_LOCK_BOX_COMMAND_SET_ATTRIBUTES 0x4
+#define EFI_SMM_LOCK_BOX_COMMAND_RESTORE_ALL_IN_PLACE 0x5
+
+typedef struct {
+ UINT32 Command;
+ UINT32 DataLength;
+ UINT64 ReturnStatus;
+} EFI_SMM_LOCK_BOX_PARAMETER_HEADER;
+
+typedef struct {
+ EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
+ GUID Guid;
+ PHYSICAL_ADDRESS Buffer;
+ UINT64 Length;
+} EFI_SMM_LOCK_BOX_PARAMETER_SAVE;
+
+typedef struct {
+ EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
+ GUID Guid;
+ UINT64 Offset;
+ PHYSICAL_ADDRESS Buffer;
+ UINT64 Length;
+} EFI_SMM_LOCK_BOX_PARAMETER_UPDATE;
+
+typedef struct {
+ EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
+ GUID Guid;
+ PHYSICAL_ADDRESS Buffer;
+ UINT64 Length;
+} EFI_SMM_LOCK_BOX_PARAMETER_RESTORE;
+
+typedef struct {
+ EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
+ GUID Guid;
+ UINT64 Attributes;
+} EFI_SMM_LOCK_BOX_PARAMETER_SET_ATTRIBUTES;
+
+typedef struct {
+ EFI_SMM_LOCK_BOX_PARAMETER_HEADER Header;
+} EFI_SMM_LOCK_BOX_PARAMETER_RESTORE_ALL_IN_PLACE;
+
+extern EFI_GUID gEfiSmmLockBoxCommunicationGuid;
+
+#endif
diff --git a/MdeModulePkg/Include/Library/LockBoxLib.h b/MdeModulePkg/Include/Library/LockBoxLib.h new file mode 100644 index 000000000..db7fd05de --- /dev/null +++ b/MdeModulePkg/Include/Library/LockBoxLib.h @@ -0,0 +1,133 @@ +/** @file
+ This library is only intended to be used by DXE modules that need save
+ confidential information to LockBox and get it by PEI modules in S3 phase.
+
+Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the BSD License which accompanies this distribution. The
+full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _LOCK_BOX_LIB_H_
+#define _LOCK_BOX_LIB_H_
+
+/**
+ This function will save confidential information to lockbox.
+
+ @param Guid the guid to identify the confidential information
+ @param Buffer the address of the confidential information
+ @param Length the length of the confidential information
+
+ @retval RETURN_SUCCESS the information is saved successfully.
+ @retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0
+ @retval RETURN_ALREADY_STARTED the requested GUID already exist.
+ @retval RETURN_OUT_OF_RESOURCES no enough resource to save the information.
+ @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
+ @retval RETURN_NOT_STARTED it is too early to invoke this interface
+ @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+SaveLockBox (
+ IN GUID *Guid,
+ IN VOID *Buffer,
+ IN UINTN Length
+ );
+
+/**
+ This function will set lockbox attributes.
+
+ @param Guid the guid to identify the confidential information
+ @param Attributes the attributes of the lockbox
+
+ @retval RETURN_SUCCESS the information is saved successfully.
+ @retval RETURN_INVALID_PARAMETER attributes is invalid.
+ @retval RETURN_NOT_FOUND the requested GUID not found.
+ @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
+ @retval RETURN_NOT_STARTED it is too early to invoke this interface
+ @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+SetLockBoxAttributes (
+ IN GUID *Guid,
+ IN UINT64 Attributes
+ );
+
+//
+// With this flag, this LockBox can be restored to this Buffer with RestoreAllLockBoxInPlace()
+//
+#define LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE BIT0
+
+/**
+ This function will update confidential information to lockbox.
+
+ @param Guid the guid to identify the original confidential information
+ @param Offset the offset of the original confidential information
+ @param Buffer the address of the updated confidential information
+ @param Length the length of the updated confidential information
+
+ @retval RETURN_SUCCESS the information is saved successfully.
+ @retval RETURN_INVALID_PARAMETER the Guid is NULL, or Buffer is NULL, or Length is 0.
+ @retval RETURN_NOT_FOUND the requested GUID not found.
+ @retval RETURN_BUFFER_TOO_SMALL the original buffer to too small to hold new information.
+ @retval RETURN_ACCESS_DENIED it is too late to invoke this interface
+ @retval RETURN_NOT_STARTED it is too early to invoke this interface
+ @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+UpdateLockBox (
+ IN GUID *Guid,
+ IN UINTN Offset,
+ IN VOID *Buffer,
+ IN UINTN Length
+ );
+
+/**
+ This function will restore confidential information from lockbox.
+
+ @param Guid the guid to identify the confidential information
+ @param Buffer the address of the restored confidential information
+ NULL means restored to original address, Length MUST be NULL at same time.
+ @param Length the length of the restored confidential information
+
+ @retval RETURN_SUCCESS the information is restored successfully.
+ @retval RETURN_INVALID_PARAMETER the Guid is NULL, or one of Buffer and Length is NULL.
+ @retval RETURN_WRITE_PROTECTED Buffer and Length are NULL, but the LockBox has no
+ LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
+ @retval RETURN_BUFFER_TOO_SMALL the Length is too small to hold the confidential information.
+ @retval RETURN_NOT_FOUND the requested GUID not found.
+ @retval RETURN_NOT_STARTED it is too early to invoke this interface
+ @retval RETURN_ACCESS_DENIED not allow to restore to the address
+ @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+RestoreLockBox (
+ IN GUID *Guid,
+ IN VOID *Buffer, OPTIONAL
+ IN OUT UINTN *Length OPTIONAL
+ );
+
+/**
+ This function will restore confidential information from all lockbox which have RestoreInPlace attribute.
+
+ @retval RETURN_SUCCESS the information is restored successfully.
+ @retval RETURN_NOT_STARTED it is too early to invoke this interface
+ @retval RETURN_UNSUPPORTED the service is not supported by implementaion.
+**/
+RETURN_STATUS
+EFIAPI
+RestoreAllLockBoxInPlace (
+ VOID
+ );
+
+#endif
diff --git a/MdeModulePkg/Include/Protocol/LockBox.h b/MdeModulePkg/Include/Protocol/LockBox.h new file mode 100644 index 000000000..a3533c536 --- /dev/null +++ b/MdeModulePkg/Include/Protocol/LockBox.h @@ -0,0 +1,31 @@ +/** @file
+ LockBox protocol header file.
+ This is used to resolve dependency problem. The LockBox implementation
+ install this to broadcast that LockBox API is ready. The driver who will
+ use LockBox at its ENTRYPOINT should add this dependency.
+
+Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the BSD License which accompanies this distribution. The
+full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _LOCK_BOX_PROTOCOL_H_
+#define _LOCK_BOX_PROTOCOL_H_
+
+///
+/// Global ID for the EFI LOCK BOX Protocol.
+///
+#define EFI_LOCK_BOX_PROTOCOL_GUID \
+ { 0xbd445d79, 0xb7ad, 0x4f04, { 0x9a, 0xd8, 0x29, 0xbd, 0x20, 0x40, 0xeb, 0x3c }}
+
+extern EFI_GUID gEfiLockBoxProtocolGuid;
+
+#endif
|