summaryrefslogtreecommitdiff
path: root/SecurityPkg
diff options
context:
space:
mode:
authorStar Zeng <star.zeng@intel.com>2013-11-04 03:13:54 +0000
committerlzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524>2013-11-04 03:13:54 +0000
commit7baf3c69c5c24cc03de51561cfc4ba94da3e5359 (patch)
treecd0c4d1e1e18b6bc039095201aaa997c9cd920e4 /SecurityPkg
parentd1226e25d1ba5e131ec44c0038d7a3333dd9d146 (diff)
downloadedk2-topics-7baf3c69c5c24cc03de51561cfc4ba94da3e5359.tar.gz
MdeModulePkg and SecurityPkg Variable: Enhance code to use the new variable data instead of old variable data when variable reclaim.
It can fix the potential failure to return EFI_OUT_OF_RESOURCES of the second variable set of large variable. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14822 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
-rw-r--r--SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c3
-rw-r--r--SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c194
-rw-r--r--SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h10
3 files changed, 104 insertions, 103 deletions
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
index 8e9135709c..90a5d51a9e 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
@@ -531,7 +531,8 @@ AddPubKeyInStore (
&mVariableModuleGlobal->NonVolatileLastVariableOffset,
FALSE,
NULL,
- TRUE,
+ NULL,
+ 0,
TRUE
);
if (EFI_ERROR (Status)) {
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
index a0419f080d..534f6a8c8f 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
@@ -731,11 +731,12 @@ PubKeyStoreFilter (
@param[in] IsVolatile The variable store is volatile or not;
if it is non-volatile, need FTW.
@param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure.
+ @param[in] NewVariable Pointer to new variable.
+ @param[in] NewVariableSize New variable size.
@param[in] ReclaimPubKeyStore Reclaim for public key database or not.
- @param[in] ReclaimAnyway If TRUE, do reclaim anyway.
@return EFI_SUCCESS Reclaim operation has finished successfully.
- @return EFI_OUT_OF_RESOURCES No enough memory resources.
+ @return EFI_OUT_OF_RESOURCES No enough memory resources or variable space.
@return EFI_DEVICE_ERROR The public key database doesn't exist.
@return Others Unexpect error happened during reclaim operation.
@@ -746,8 +747,9 @@ Reclaim (
OUT UINTN *LastVariableOffset,
IN BOOLEAN IsVolatile,
IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack,
- IN BOOLEAN ReclaimPubKeyStore,
- IN BOOLEAN ReclaimAnyway
+ IN VARIABLE_HEADER *NewVariable,
+ IN UINTN NewVariableSize,
+ IN BOOLEAN ReclaimPubKeyStore
)
{
VARIABLE_HEADER *Variable;
@@ -758,31 +760,28 @@ Reclaim (
UINT8 *ValidBuffer;
UINTN MaximumBufferSize;
UINTN VariableSize;
- UINTN VariableNameSize;
- UINTN UpdatingVariableNameSize;
UINTN NameSize;
UINT8 *CurrPtr;
VOID *Point0;
VOID *Point1;
BOOLEAN FoundAdded;
EFI_STATUS Status;
- CHAR16 *VariableNamePtr;
- CHAR16 *UpdatingVariableNamePtr;
UINTN CommonVariableTotalSize;
UINTN HwErrVariableTotalSize;
UINT32 *NewPubKeyIndex;
UINT8 *NewPubKeyStore;
UINT32 NewPubKeySize;
VARIABLE_HEADER *PubKeyHeader;
- BOOLEAN NeedDoReclaim;
VARIABLE_HEADER *UpdatingVariable;
+ VARIABLE_HEADER *UpdatingInDeletedTransition;
UpdatingVariable = NULL;
+ UpdatingInDeletedTransition = NULL;
if (UpdatingPtrTrack != NULL) {
UpdatingVariable = UpdatingPtrTrack->CurrPtr;
+ UpdatingInDeletedTransition = UpdatingPtrTrack->InDeletedTransitionPtr;
}
- NeedDoReclaim = FALSE;
VariableStoreHeader = (VARIABLE_STORE_HEADER *) ((UINTN) VariableBase);
CommonVariableTotalSize = 0;
@@ -800,21 +799,22 @@ Reclaim (
while (IsValidVariableHeader (Variable)) {
NextVariable = GetNextVariablePtr (Variable);
- if (Variable->State == VAR_ADDED ||
- Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
+ if ((Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) &&
+ Variable != UpdatingVariable &&
+ Variable != UpdatingInDeletedTransition
) {
VariableSize = (UINTN) NextVariable - (UINTN) Variable;
MaximumBufferSize += VariableSize;
- } else {
- NeedDoReclaim = TRUE;
}
Variable = NextVariable;
}
- if (!ReclaimAnyway && !NeedDoReclaim) {
- DEBUG ((EFI_D_INFO, "Variable driver: no DELETED variable found, so no variable space could be reclaimed.\n"));
- return EFI_SUCCESS;
+ if (NewVariable != NULL) {
+ //
+ // Add the new variable size.
+ //
+ MaximumBufferSize += NewVariableSize;
}
//
@@ -836,6 +836,7 @@ Reclaim (
CurrPtr = (UINT8 *) GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer);
if (ReclaimPubKeyStore) {
+ ASSERT (IsVolatile == FALSE);
//
// Trim the PubKeyStore and get new PubKeyIndex.
//
@@ -872,9 +873,9 @@ Reclaim (
CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize);
((VARIABLE_HEADER*) CurrPtr)->PubKeyIndex = NewPubKeyIndex[Variable->PubKeyIndex];
CurrPtr += VariableSize;
- if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
+ if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
HwErrVariableTotalSize += VariableSize;
- } else if ((!IsVolatile) && ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
+ } else if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
CommonVariableTotalSize += VariableSize;
}
}
@@ -905,25 +906,7 @@ Reclaim (
Variable = GetStartPointer (VariableStoreHeader);
while (IsValidVariableHeader (Variable)) {
NextVariable = GetNextVariablePtr (Variable);
- if (Variable->State == VAR_ADDED) {
- if (UpdatingVariable != NULL) {
- if (UpdatingVariable == Variable) {
- Variable = NextVariable;
- continue;
- }
-
- VariableNameSize = NameSizeOfVariable(Variable);
- UpdatingVariableNameSize = NameSizeOfVariable(UpdatingVariable);
-
- VariableNamePtr = GetVariableNamePtr (Variable);
- UpdatingVariableNamePtr = GetVariableNamePtr (UpdatingVariable);
- if (CompareGuid (&Variable->VendorGuid, &UpdatingVariable->VendorGuid) &&
- VariableNameSize == UpdatingVariableNameSize &&
- CompareMem (VariableNamePtr, UpdatingVariableNamePtr, VariableNameSize) == 0 ) {
- Variable = NextVariable;
- continue;
- }
- }
+ if (Variable != UpdatingVariable && Variable->State == VAR_ADDED) {
VariableSize = (UINTN) NextVariable - (UINTN) Variable;
CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize);
CurrPtr += VariableSize;
@@ -937,28 +920,12 @@ Reclaim (
}
//
- // Reinstall the variable being updated if it is not NULL.
- //
- if (UpdatingVariable != NULL) {
- VariableSize = (UINTN)(GetNextVariablePtr (UpdatingVariable)) - (UINTN)UpdatingVariable;
- CopyMem (CurrPtr, (UINT8 *) UpdatingVariable, VariableSize);
- UpdatingPtrTrack->CurrPtr = (VARIABLE_HEADER *)((UINTN)UpdatingPtrTrack->StartPtr + ((UINTN)CurrPtr - (UINTN)GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer)));
- UpdatingPtrTrack->InDeletedTransitionPtr = NULL;
- CurrPtr += VariableSize;
- if ((!IsVolatile) && ((UpdatingVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
- HwErrVariableTotalSize += VariableSize;
- } else if ((!IsVolatile) && ((UpdatingVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
- CommonVariableTotalSize += VariableSize;
- }
- }
-
- //
// Reinstall all in delete transition variables.
//
- Variable = GetStartPointer (VariableStoreHeader);
+ Variable = GetStartPointer (VariableStoreHeader);
while (IsValidVariableHeader (Variable)) {
NextVariable = GetNextVariablePtr (Variable);
- if (Variable != UpdatingVariable && Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
+ if (Variable != UpdatingVariable && Variable != UpdatingInDeletedTransition && Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
//
// Buffer has cached all ADDED variable.
@@ -1001,6 +968,42 @@ Reclaim (
Variable = NextVariable;
}
+
+ //
+ // Install the new variable if it is not NULL.
+ //
+ if (NewVariable != NULL) {
+ if ((UINTN) (CurrPtr - ValidBuffer) + NewVariableSize > VariableStoreHeader->Size) {
+ //
+ // No enough space to store the new variable.
+ //
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+ if (!IsVolatile) {
+ if ((NewVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
+ HwErrVariableTotalSize += NewVariableSize;
+ } else if ((NewVariable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
+ CommonVariableTotalSize += NewVariableSize;
+ }
+ if ((HwErrVariableTotalSize > PcdGet32 (PcdHwErrStorageSize)) ||
+ (CommonVariableTotalSize > VariableStoreHeader->Size - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize))) {
+ //
+ // No enough space to store the new variable by NV or NV+HR attribute.
+ //
+ Status = EFI_OUT_OF_RESOURCES;
+ goto Done;
+ }
+ }
+
+ CopyMem (CurrPtr, (UINT8 *) NewVariable, NewVariableSize);
+ ((VARIABLE_HEADER *) CurrPtr)->State = VAR_ADDED;
+ if (UpdatingVariable != NULL) {
+ UpdatingPtrTrack->CurrPtr = (VARIABLE_HEADER *)((UINTN)UpdatingPtrTrack->StartPtr + ((UINTN)CurrPtr - (UINTN)GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer)));
+ UpdatingPtrTrack->InDeletedTransitionPtr = NULL;
+ }
+ CurrPtr += NewVariableSize;
+ }
}
if (IsVolatile) {
@@ -1008,7 +1011,7 @@ Reclaim (
// If volatile variable store, just copy valid buffer.
//
SetMem ((UINT8 *) (UINTN) VariableBase, VariableStoreHeader->Size, 0xff);
- CopyMem ((UINT8 *) (UINTN) VariableBase, ValidBuffer, (UINTN) (CurrPtr - (UINT8 *) ValidBuffer));
+ CopyMem ((UINT8 *) (UINTN) VariableBase, ValidBuffer, (UINTN) (CurrPtr - ValidBuffer));
Status = EFI_SUCCESS;
} else {
//
@@ -1017,12 +1020,12 @@ Reclaim (
Status = FtwVariableSpace (
VariableBase,
ValidBuffer,
- (UINTN) (CurrPtr - (UINT8 *) ValidBuffer)
+ (UINTN) (CurrPtr - ValidBuffer)
);
CopyMem (mNvVariableCache, (CHAR8 *)(UINTN)VariableBase, VariableStoreHeader->Size);
}
if (!EFI_ERROR (Status)) {
- *LastVariableOffset = (UINTN) (CurrPtr - (UINT8 *) ValidBuffer);
+ *LastVariableOffset = (UINTN) (CurrPtr - ValidBuffer);
if (!IsVolatile) {
mVariableModuleGlobal->HwErrVariableTotalSize = HwErrVariableTotalSize;
mVariableModuleGlobal->CommonVariableTotalSize = CommonVariableTotalSize;
@@ -1049,7 +1052,8 @@ Reclaim (
if (NewPubKeyIndex != NULL) {
FreePool (NewPubKeyIndex);
}
-
+
+Done:
FreePool (ValidBuffer);
return Status;
@@ -2101,33 +2105,29 @@ UpdateVariable (
goto Done;
}
//
- // Perform garbage collection & reclaim operation.
+ // Perform garbage collection & reclaim operation, and integrate the new variable at the same time.
//
Status = Reclaim (
mVariableModuleGlobal->VariableGlobal.NonVolatileVariableBase,
&mVariableModuleGlobal->NonVolatileLastVariableOffset,
FALSE,
Variable,
- FALSE,
+ NextVariable,
+ HEADER_ALIGN (VarSize),
FALSE
);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- //
- // If still no enough space, return out of resources.
- //
- if ((((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != 0)
- && ((VarSize + mVariableModuleGlobal->HwErrVariableTotalSize) > PcdGet32 (PcdHwErrStorageSize)))
- || (((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == 0)
- && ((VarSize + mVariableModuleGlobal->CommonVariableTotalSize) > NonVolatileVarableStoreSize - sizeof (VARIABLE_STORE_HEADER) - PcdGet32 (PcdHwErrStorageSize)))) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
- if (Variable->CurrPtr != NULL) {
- CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
- CacheVariable->InDeletedTransitionPtr = NULL;
+ if (!EFI_ERROR (Status)) {
+ //
+ // The new variable has been integrated successfully during reclaiming.
+ //
+ if (Variable->CurrPtr != NULL) {
+ CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
+ CacheVariable->InDeletedTransitionPtr = NULL;
+ }
+ UpdateVariableInfo (VariableName, VendorGuid, FALSE, FALSE, TRUE, FALSE, FALSE);
+ FlushHobVariableToFlash (VariableName, VendorGuid);
}
+ goto Done;
}
//
// Four steps
@@ -2225,32 +2225,28 @@ UpdateVariable (
if ((UINT32) (VarSize + mVariableModuleGlobal->VolatileLastVariableOffset) >
((VARIABLE_STORE_HEADER *) ((UINTN) (mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)))->Size) {
//
- // Perform garbage collection & reclaim operation.
+ // Perform garbage collection & reclaim operation, and integrate the new variable at the same time.
//
Status = Reclaim (
mVariableModuleGlobal->VariableGlobal.VolatileVariableBase,
&mVariableModuleGlobal->VolatileLastVariableOffset,
TRUE,
Variable,
- FALSE,
+ NextVariable,
+ HEADER_ALIGN (VarSize),
FALSE
);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- //
- // If still no enough space, return out of resources.
- //
- if ((UINT32) (VarSize + mVariableModuleGlobal->VolatileLastVariableOffset) >
- ((VARIABLE_STORE_HEADER *) ((UINTN) (mVariableModuleGlobal->VariableGlobal.VolatileVariableBase)))->Size
- ) {
- Status = EFI_OUT_OF_RESOURCES;
- goto Done;
- }
- if (Variable->CurrPtr != NULL) {
- CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
- CacheVariable->InDeletedTransitionPtr = NULL;
+ if (!EFI_ERROR (Status)) {
+ //
+ // The new variable has been integrated successfully during reclaiming.
+ //
+ if (Variable->CurrPtr != NULL) {
+ CacheVariable->CurrPtr = (VARIABLE_HEADER *)((UINTN) CacheVariable->StartPtr + ((UINTN) Variable->CurrPtr - (UINTN) Variable->StartPtr));
+ CacheVariable->InDeletedTransitionPtr = NULL;
+ }
+ UpdateVariableInfo (VariableName, VendorGuid, TRUE, FALSE, TRUE, FALSE, FALSE);
}
+ goto Done;
}
NextVariable->State = VAR_ADDED;
@@ -3207,7 +3203,8 @@ ReclaimForOS(
&mVariableModuleGlobal->NonVolatileLastVariableOffset,
FALSE,
NULL,
- FALSE,
+ NULL,
+ 0,
FALSE
);
ASSERT_EFI_ERROR (Status);
@@ -3478,8 +3475,9 @@ VariableWriteServiceInitialize (
&mVariableModuleGlobal->NonVolatileLastVariableOffset,
FALSE,
NULL,
- FALSE,
- TRUE
+ NULL,
+ 0,
+ FALSE
);
if (EFI_ERROR (Status)) {
return Status;
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
index 9991dfe321..1cea45e507 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
@@ -402,11 +402,12 @@ VariableCommonInitialize (
@param[in] IsVolatile The variable store is volatile or not;
if it is non-volatile, need FTW.
@param[in, out] UpdatingPtrTrack Pointer to updating variable pointer track structure.
+ @param[in] NewVariable Pointer to new variable.
+ @param[in] NewVariableSize New variable size.
@param[in] ReclaimPubKeyStore Reclaim for public key database or not.
- @param[in] ReclaimAnyway If TRUE, do reclaim anyway.
@return EFI_SUCCESS Reclaim operation has finished successfully.
- @return EFI_OUT_OF_RESOURCES No enough memory resources.
+ @return EFI_OUT_OF_RESOURCES No enough memory resources or variable space.
@return EFI_DEVICE_ERROR The public key database doesn't exist.
@return Others Unexpect error happened during reclaim operation.
@@ -417,8 +418,9 @@ Reclaim (
OUT UINTN *LastVariableOffset,
IN BOOLEAN IsVolatile,
IN OUT VARIABLE_POINTER_TRACK *UpdatingPtrTrack,
- IN BOOLEAN ReclaimPubKeyStore,
- IN BOOLEAN ReclaimAnyway
+ IN VARIABLE_HEADER *NewVariable,
+ IN UINTN NewVariableSize,
+ IN BOOLEAN ReclaimPubKeyStore
);
/**