SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf - third_party/edk2 - Git at Google

 ## @file
 #  Provides SMM authenticated variable service
 #
 #  This module installs SMM variable protocol into SMM protocol database,
 #  which can be used by SMM driver, and installs SMM variable protocol
 #  into BS protocol database, which can be used to notify the SMM Runtime
 #  Dxe driver that the SMM variable service is ready.
 #  This module should be used with SMM Runtime DXE module together. The
 #  SMM Runtime DXE module installs variable arch protocol and variable
 #  write arch protocol based on SMM variable module.
 #
 #  Caution: This module requires additional review when modified.
 #  This driver will have external input - variable data and communicate buffer in SMM mode.
 #  This external input must be validated carefully to avoid security issues such as
 #  buffer overflow or integer overflow.
 #    The whole SMM authentication variable design relies on the integrity of flash part and SMM.
 #  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
 #  may not be modified without authorization. If platform fails to protect these resources,
 #  the authentication service provided in this driver will be broken, and the behavior is undefined.
 #
 # Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
 # http://opensource.org/licenses/bsd-license.php
 # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #
 ##

 [Defines]
   INF_VERSION                    = 0x00010005
   BASE_NAME                      = VariableAuthSmm
   MODULE_UNI_FILE                = VariableAuthSmm.uni
   FILE_GUID                      = D34BDC5E-968A-40f5-A48C-E594F45AE211
   MODULE_TYPE                    = DXE_SMM_DRIVER
   VERSION_STRING                 = 1.0
   PI_SPECIFICATION_VERSION       = 0x0001000A
   ENTRY_POINT                    = VariableServiceInitialize

 #
 # The following information is for reference only and not required by the build tools.
 #
 #  VALID_ARCHITECTURES           = IA32 X64
 #


 [Sources]
   Reclaim.c
   Variable.c
   VariableSmm.c
   AuthService.c
   Variable.h
   AuthService.h
   LoadFenceSmm.c

 [Packages]
   MdePkg/MdePkg.dec
   MdeModulePkg/MdeModulePkg.dec
   CryptoPkg/CryptoPkg.dec
   SecurityPkg/SecurityPkg.dec

 [LibraryClasses]
   UefiDriverEntryPoint
   MemoryAllocationLib
   BaseLib
   SynchronizationLib
   UefiLib
   SmmServicesTableLib
   BaseMemoryLib
   DebugLib
   DxeServicesTableLib
   BaseCryptLib
   PlatformSecureLib
   HobLib
   SmmMemLib

 [Protocols]
   gEfiSmmFirmwareVolumeBlockProtocolGuid        ## CONSUMES

   ## PRODUCES
   ## UNDEFINED     # SmiHandlerRegister
   gEfiSmmVariableProtocolGuid

   ## CONSUMES
   ## NOTIFY
   gEfiSmmFaultTolerantWriteProtocolGuid
   gEfiSmmEndOfDxeProtocolGuid              ## NOTIFY

 [Guids]
   ## PRODUCES             ## GUID # Variable store header
   ## CONSUMES             ## GUID # Variable store header
   ## SOMETIMES_CONSUMES   ## HOB
   gEfiAuthenticatedVariableGuid

   ## SOMETIMES_CONSUMES   ## Variable:L"PlatformLang"
   ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"
   ## SOMETIMES_CONSUMES   ## Variable:L"Lang"
   ## SOMETIMES_PRODUCES   ## Variable:L"Lang"
   ## SOMETIMES_CONSUMES   ## Variable:L"HwErrRecSupport"
   ## CONSUMES             ## Variable:L"SetupMode"
   ## PRODUCES             ## Variable:L"SetupMode"
   ## SOMETIMES_CONSUMES   ## Variable:L"PK"
   ## SOMETIMES_CONSUMES   ## Variable:L"KEK"
   ## CONSUMES             ## Variable:L"SecureBoot"
   ## PRODUCES             ## Variable:L"SecureBoot"
   ## CONSUMES             ## Variable:L"SignatureSupport"
   ## PRODUCES             ## Variable:L"SignatureSupport"
   ## PRODUCES             ## Variable:L"VendorKeys"
   gEfiGlobalVariableGuid

   ## SOMETIMES_CONSUMES   ## Variable:L"DB"
   ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
   gEfiImageSecurityDatabaseGuid

   ## CONSUMES             ## Variable:L"SecureBootEnable"
   ## PRODUCES             ## Variable:L"SecureBootEnable"
   gEfiSecureBootEnableDisableGuid

   ## CONSUMES             ## Variable:L"CustomMode"
   ## PRODUCES             ## Variable:L"CustomMode"
   gEfiCustomModeEnableGuid

   ## CONSUMES             ## Variable:L"certdb"
   ## PRODUCES             ## Variable:L"certdb"
   gEfiCertDbGuid

   ## CONSUMES             ## Variable:L"VendorKeysNv"
   ## PRODUCES             ## Variable:L"VendorKeysNv"
   gEfiVendorKeysNvGuid

   gSmmVariableWriteGuid                    ## PRODUCES               ## GUID        # Install protocol
   gEfiCertTypeRsa2048Sha256Guid            ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
   gEfiCertPkcs7Guid                        ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the format of the CertData.
   gEfiCertX509Guid                         ## SOMETIMES_CONSUMES     ## GUID        # Unique ID for the type of the signature.
   gEfiSystemNvDataFvGuid                   ## CONSUMES               ## GUID
   gEfiHardwareErrorVariableGuid            ## SOMETIMES_CONSUMES     ## Variable:L"HwErrRec####"
   gEdkiiFaultTolerantWriteGuid             ## SOMETIMES_CONSUMES     ## HOB

 [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize       ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase       ## SOMETIMES_CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64     ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize                  ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize     ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize                ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize                 ## CONSUMES
   gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe   ## CONSUMES

 [FeaturePcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics        ## CONSUMES  # statistic the information of variable.
   gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate       ## CONSUMES  # Auto update PlatformLang/Lang

 [Depex]
   TRUE

 [UserExtensions.TianoCore."ExtraFiles"]
   VariableSmmExtra.uni
	## @file
	# Provides SMM authenticated variable service
	#
	# This module installs SMM variable protocol into SMM protocol database,
	# which can be used by SMM driver, and installs SMM variable protocol
	# into BS protocol database, which can be used to notify the SMM Runtime
	# Dxe driver that the SMM variable service is ready.
	# This module should be used with SMM Runtime DXE module together. The
	# SMM Runtime DXE module installs variable arch protocol and variable
	# write arch protocol based on SMM variable module.
	#
	# Caution: This module requires additional review when modified.
	# This driver will have external input - variable data and communicate buffer in SMM mode.
	# This external input must be validated carefully to avoid security issues such as
	# buffer overflow or integer overflow.
	# The whole SMM authentication variable design relies on the integrity of flash part and SMM.
	# which is assumed to be protected by platform. All variable code and metadata in flash/SMM Memory
	# may not be modified without authorization. If platform fails to protect these resources,
	# the authentication service provided in this driver will be broken, and the behavior is undefined.
	#
	# Copyright (c) 2010 - 2014, Intel Corporation. All rights reserved.<BR>
	# This program and the accompanying materials
	# are licensed and made available under the terms and conditions of the BSD License
	# which accompanies this distribution. The full text of the license may be found at
	# http://opensource.org/licenses/bsd-license.php
	# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
	# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
	#
	##

	[Defines]
	INF_VERSION = 0x00010005
	BASE_NAME = VariableAuthSmm
	MODULE_UNI_FILE = VariableAuthSmm.uni
	FILE_GUID = D34BDC5E-968A-40f5-A48C-E594F45AE211
	MODULE_TYPE = DXE_SMM_DRIVER
	VERSION_STRING = 1.0
	PI_SPECIFICATION_VERSION = 0x0001000A
	ENTRY_POINT = VariableServiceInitialize

	#
	# The following information is for reference only and not required by the build tools.
	#
	# VALID_ARCHITECTURES = IA32 X64
	#


	[Sources]
	Reclaim.c
	Variable.c
	VariableSmm.c
	AuthService.c
	Variable.h
	AuthService.h
	LoadFenceSmm.c

	[Packages]
	MdePkg/MdePkg.dec
	MdeModulePkg/MdeModulePkg.dec
	CryptoPkg/CryptoPkg.dec
	SecurityPkg/SecurityPkg.dec

	[LibraryClasses]
	UefiDriverEntryPoint
	MemoryAllocationLib
	BaseLib
	SynchronizationLib
	UefiLib
	SmmServicesTableLib
	BaseMemoryLib
	DebugLib
	DxeServicesTableLib
	BaseCryptLib
	PlatformSecureLib
	HobLib
	SmmMemLib

	[Protocols]
	gEfiSmmFirmwareVolumeBlockProtocolGuid ## CONSUMES

	## PRODUCES
	## UNDEFINED # SmiHandlerRegister
	gEfiSmmVariableProtocolGuid

	## CONSUMES
	## NOTIFY
	gEfiSmmFaultTolerantWriteProtocolGuid
	gEfiSmmEndOfDxeProtocolGuid ## NOTIFY

	[Guids]
	## PRODUCES ## GUID # Variable store header
	## CONSUMES ## GUID # Variable store header
	## SOMETIMES_CONSUMES ## HOB
	gEfiAuthenticatedVariableGuid

	## SOMETIMES_CONSUMES ## Variable:L"PlatformLang"
	## SOMETIMES_PRODUCES ## Variable:L"PlatformLang"
	## SOMETIMES_CONSUMES ## Variable:L"Lang"
	## SOMETIMES_PRODUCES ## Variable:L"Lang"
	## SOMETIMES_CONSUMES ## Variable:L"HwErrRecSupport"
	## CONSUMES ## Variable:L"SetupMode"
	## PRODUCES ## Variable:L"SetupMode"
	## SOMETIMES_CONSUMES ## Variable:L"PK"
	## SOMETIMES_CONSUMES ## Variable:L"KEK"
	## CONSUMES ## Variable:L"SecureBoot"
	## PRODUCES ## Variable:L"SecureBoot"
	## CONSUMES ## Variable:L"SignatureSupport"
	## PRODUCES ## Variable:L"SignatureSupport"
	## PRODUCES ## Variable:L"VendorKeys"
	gEfiGlobalVariableGuid

	## SOMETIMES_CONSUMES ## Variable:L"DB"
	## SOMETIMES_CONSUMES ## Variable:L"DBX"
	gEfiImageSecurityDatabaseGuid

	## CONSUMES ## Variable:L"SecureBootEnable"
	## PRODUCES ## Variable:L"SecureBootEnable"
	gEfiSecureBootEnableDisableGuid

	## CONSUMES ## Variable:L"CustomMode"
	## PRODUCES ## Variable:L"CustomMode"
	gEfiCustomModeEnableGuid

	## CONSUMES ## Variable:L"certdb"
	## PRODUCES ## Variable:L"certdb"
	gEfiCertDbGuid

	## CONSUMES ## Variable:L"VendorKeysNv"
	## PRODUCES ## Variable:L"VendorKeysNv"
	gEfiVendorKeysNvGuid

	gSmmVariableWriteGuid ## PRODUCES ## GUID # Install protocol
	gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.
	gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the format of the CertData.
	gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.
	gEfiSystemNvDataFvGuid ## CONSUMES ## GUID
	gEfiHardwareErrorVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"HwErrRec####"
	gEdkiiFaultTolerantWriteGuid ## SOMETIMES_CONSUMES ## HOB

	[Pcd]
	gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase ## SOMETIMES_CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableBase64 ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVariableSize ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdMaxHardwareErrorVariableSize ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdVariableStoreSize ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdHwErrStorageSize ## CONSUMES
	gEfiMdeModulePkgTokenSpaceGuid.PcdReclaimVariableSpaceAtEndOfDxe ## CONSUMES

	[FeaturePcd]
	gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES # statistic the information of variable.
	gEfiMdePkgTokenSpaceGuid.PcdUefiVariableDefaultLangDeprecate ## CONSUMES # Auto update PlatformLang/Lang

	[Depex]
	TRUE

	[UserExtensions.TianoCore."ExtraFiles"]
	VariableSmmExtra.uni