At the moment, the EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL is only installed if S3 is enabled -- at the end of SaveS3BootScript().
While a runtime OS is never booted with SMM unlocked (because the SMM IPL locks down SMM as a last resort: > SMM IPL! DXE SMM Ready To Lock Protocol not installed before Ready To > Boot signal > SmmInstallProtocolInterface: [EfiSmmReadyToLockProtocol] 0 > Patch page table start ... > Patch page table done! > SMM IPL locked SMRAM window ), we shouldn't allow UEFI drivers and applications either to mess with SMM just because S3 is disabled. So install EFI_DXE_SMM_READY_TO_LOCK_PROTOCOL in PlatformBdsInit() unconditionally. Cc: Feng Tian <feng.t...@intel.com> Cc: Jiewen Yao <jiewen....@intel.com> Cc: Jordan Justen <jordan.l.jus...@intel.com> Cc: Ruiyu Ni <ruiyu...@intel.com> Cc: Star Zeng <star.z...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Laszlo Ersek <ler...@redhat.com> --- OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c | 29 +++++++++++--------- 1 file changed, 16 insertions(+), 13 deletions(-) diff --git a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c index b22f2a74a9d8..8354f31ac2fe 100644 --- a/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c +++ b/OvmfPkg/Library/PlatformBdsLib/BdsPlatform.c @@ -122,12 +122,15 @@ Arguments: Returns: None. --*/ { + EFI_HANDLE Handle; + EFI_STATUS Status; + DEBUG ((EFI_D_INFO, "PlatformBdsInit\n")); InstallDevicePathCallback (); VisitAllInstancesOfProtocol (&gEfiPciRootBridgeIoProtocolGuid, ConnectRootBridge, NULL); @@ -144,17 +147,26 @@ Returns: // earlier, hence we can't signal End-of-Dxe earlier. // EfiEventGroupSignal (&gEfiEndOfDxeEventGroupGuid); if (QemuFwCfgS3Enabled ()) { // - // Save the boot script too. Note that this requires/includes emitting the - // DxeSmmReadyToLock event, which in turn locks down SMM. + // Save the boot script too. Note that this will require us to emit the + // DxeSmmReadyToLock event just below, which in turn locks down SMM. // SaveS3BootScript (); } + + // + // Prevent further changes to LockBoxes or SMRAM. + // + Handle = NULL; + Status = gBS->InstallProtocolInterface (&Handle, + &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE, + NULL); + ASSERT_EFI_ERROR (Status); } EFI_STATUS EFIAPI ConnectRootBridge ( @@ -1203,26 +1215,23 @@ Returns: } /** Save the S3 boot script. - Note that we trigger DxeSmmReadyToLock here -- otherwise the script wouldn't - be saved actually. Triggering this protocol installation event in turn locks - down SMM, so no further changes to LockBoxes or SMRAM are possible - afterwards. + Note that DxeSmmReadyToLock must be signaled after this function returns; + otherwise the script wouldn't be saved actually. **/ STATIC VOID SaveS3BootScript ( VOID ) { EFI_STATUS Status; EFI_S3_SAVE_STATE_PROTOCOL *BootScript; - EFI_HANDLE Handle; STATIC CONST UINT8 Info[] = { 0xDE, 0xAD, 0xBE, 0xEF }; Status = gBS->LocateProtocol (&gEfiS3SaveStateProtocolGuid, NULL, (VOID **) &BootScript); ASSERT_EFI_ERROR (Status); @@ -1232,18 +1241,12 @@ SaveS3BootScript ( // than storing just a pointer to runtime or NVS storage. // Status = BootScript->Write(BootScript, EFI_BOOT_SCRIPT_INFORMATION_OPCODE, (UINT32) sizeof Info, (EFI_PHYSICAL_ADDRESS)(UINTN) &Info); ASSERT_EFI_ERROR (Status); - - Handle = NULL; - Status = gBS->InstallProtocolInterface (&Handle, - &gEfiDxeSmmReadyToLockProtocolGuid, EFI_NATIVE_INTERFACE, - NULL); - ASSERT_EFI_ERROR (Status); } VOID EFIAPI PlatformBdsPolicyBehavior ( -- 1.8.3.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel