commit 0a86f762d60c81752f19a9a89e308acebb58a4b0
author Julian Hall <julian.hall@arm.com> Mon Nov 08 13:31:23 2021 +0000
committer Gyorgy Szing <Gyorgy.Szing@arm.com> Fri Nov 26 05:05:42 2021 +0100
tree 0898f244ede86a5c406e93dc1707fb00cb114ed7
parent a119934f5c0529f6bf882903df84dd6c2c0ec66f

Extend SMM Variable function support

Extends base SMM Variable functions to support EDK2 specific
functions for setting and getting variable check properties and
for getting the maximum payload size. Includes the checking
of constraints specified by variable check properties. Component
and service level tests are extended to cover the new
functionality.

Signed-off-by: Julian Hall <julian.hall@arm.com>
Change-Id: I9a48908caf2b72d490270a32e2e7ad618b7b6707

components/service/smm_variable/backend/variable_checker.c

diff --git a/components/service/smm_variable/backend/variable_checker.c b/components/service/smm_variable/backend/variable_checker.c
new file mode 100644
index 0000000..81a41d0
--- /dev/null
+++ b/components/service/smm_variable/backend/variable_checker.c
@@ -0,0 +1,66 @@
+/*
+ * Copyright (c) 2021, Arm Limited. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ *
+ */
+
+#include "variable_checker.h"
+
+efi_status_t variable_checker_set_constraints(
+	struct variable_constraints *constraints,
+	bool is_update,
+	const VAR_CHECK_VARIABLE_PROPERTY *check_var_property)
+{
+	/* Sanity check input parameters */
+	if (check_var_property->Revision != VAR_CHECK_VARIABLE_PROPERTY_REVISION)
+		return EFI_INVALID_PARAMETER;
+
+	if (check_var_property->MinSize > check_var_property->MaxSize)
+		return EFI_INVALID_PARAMETER;
+
+	/* Check for an attempt to undo previously set access constraints */
+	if (is_update) {
+
+		if ((constraints->property & VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY) &&
+			!(check_var_property->Property & VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY))
+			return EFI_INVALID_PARAMETER;
+	}
+
+	/* New check constraints accepted */
+	constraints->revision = check_var_property->Revision;
+	constraints->attributes = check_var_property->Attributes;
+	constraints->property = check_var_property->Property;
+	constraints->min_size = check_var_property->MinSize;
+	constraints->max_size = check_var_property->MaxSize;
+
+	return EFI_SUCCESS;
+}
+
+void variable_checker_get_constraints(
+	const struct variable_constraints *constraints,
+	VAR_CHECK_VARIABLE_PROPERTY *check_var_property)
+{
+	check_var_property->Revision = constraints->revision;
+	check_var_property->Attributes = constraints->attributes;
+	check_var_property->Property = constraints->property;
+	check_var_property->MinSize = constraints->min_size;
+	check_var_property->MaxSize = constraints->max_size;
+}
+
+efi_status_t variable_checker_check_on_set(
+	const struct variable_constraints *constraints,
+	uint32_t attributes,
+	size_t data_size)
+{
+	if (constraints->property & VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY)
+		return EFI_WRITE_PROTECTED;
+
+	if (data_size < constraints->min_size)
+		return EFI_INVALID_PARAMETER;
+
+	if (data_size > constraints->max_size)
+		return EFI_INVALID_PARAMETER;
+
+	return EFI_SUCCESS;
+}