diff options
Diffstat (limited to 'MdeModulePkg')
7 files changed, 99 insertions, 1 deletions
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c new file mode 100644 index 0000000000..0f64ee093b --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceDxe.c @@ -0,0 +1,31 @@ +/** @file
+ Serialize operation on all load-from-memory instructions (DXE version).
+
+Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include "Variable.h"
+
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ )
+{
+ //
+ // Do nothing.
+ //
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c new file mode 100644 index 0000000000..4b0d7e3e95 --- /dev/null +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/LoadFenceSmm.c @@ -0,0 +1,30 @@ +/** @file
+ Serialize operation on all load-from-memory instructions (SMM version).
+
+Copyright (c) 2018, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <Library/BaseLib.h>
+#include "Variable.h"
+
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ )
+{
+ AsmLfence ();
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h index b98b8556a2..a324ad2365 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/PrivilegePolymorphic.h @@ -7,7 +7,7 @@ vs. non-privileged driver code.
Copyright (c) 2017, Red Hat, Inc.<BR>
- Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available
under the terms and conditions of the BSD License which accompanies this
@@ -84,4 +84,15 @@ SetVariableCheckHandlerMor ( IN VOID *Data
);
+/**
+ This service is consumed by the variable modules to perform a serializing
+ operation on all load-from-memory instructions that were issued prior to the
+ call of this function.
+
+**/
+VOID
+MemoryLoadFence (
+ VOID
+ );
+
#endif
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index 905e5e0499..93ac461f4d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -3196,6 +3196,12 @@ VariableServiceSetVariable ( ((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->AuthInfo.Hdr.dwLength < OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
return EFI_SECURITY_VIOLATION;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the above sanity check
+ // for the EFI_VARIABLE_AUTHENTICATION_2 descriptor has been completed
+ // before the execution of subsequent codes.
+ //
+ MemoryLoadFence ();
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
} else {
PayloadSize = DataSize;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf index e840fc9bff..42fbb5cfee 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -46,6 +46,7 @@ TcgMorLockDxe.c
VarCheck.c
VariableExLib.c
+ LoadFenceDxe.c
[Packages]
MdePkg/MdePkg.dec
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c index 8d73b6edee..d1875f1425 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c @@ -537,6 +537,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -631,6 +637,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (SmmVariableHeader->NameSize < sizeof (CHAR16) || SmmVariableHeader->Name[SmmVariableHeader->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
@@ -766,6 +778,12 @@ SmmVariableHandler ( goto EXIT;
}
+ //
+ // The MemoryLoadFence() call here is to ensure the previous range/content
+ // checks for the CommBuffer have been completed before the subsequent
+ // consumption of the CommBuffer content.
+ //
+ MemoryLoadFence ();
if (CommVariableProperty->NameSize < sizeof (CHAR16) || CommVariableProperty->Name[CommVariableProperty->NameSize/sizeof (CHAR16) - 1] != L'\0') {
//
// Make sure VariableName is A Null-terminated string.
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf index 69966f0d37..65c163795f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf @@ -54,6 +54,7 @@ PrivilegePolymorphic.h
VariableExLib.c
TcgMorLockSmm.c
+ LoadFenceSmm.c
[Packages]
MdePkg/MdePkg.dec
|