-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Lockbox #5609
base: master
Are you sure you want to change the base?
Lockbox #5609
Conversation
6ffe6e0
to
72efda4
Compare
|
72efda4
to
ee7f09d
Compare
@@ -38,6 +38,7 @@ | |||
MmServicesTableLib | |||
BaseLib | |||
DebugLib | |||
StandaloneMmDriverEntryPoint |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why a lib needs to depend on DriverEntryPoint?
#include <Protocol/LockBox.h> | ||
#include <Guid/SmmLockBox.h> | ||
|
||
extern BOOLEAN mLocked; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel "extern BOOLEAN mLocked" is not needed.
ee7f09d
to
2934b80
Compare
|
The LockBox Dependency DXE Driver is designed for use with standalone mm where gBS are not accessible to indicates that LockBox API is ready for use. For DXE drivers use lockbox APIs via a communication mechanism triggering an SMI, it's must to have the corresponding SMI handler pre-installed for interrupt management. To ensure orderly operations and proper notification, besides specified the guid in the [Depex] section of the .inf file. The installation of smi handler, along with the LockBox protocol marked by gEfiLockBoxProtocolGuid, must be informed to the DXE driver. This protocol installation signifies to the DXE driver that the LockBox API is ready for use. Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
The Lockbox Driver allows sensitive data to be securely stored in a designated area, thus protected against unauthorized access. This patch does not introduce any functional modifications. It refactors the existing logic into a common component to facilitates the integration of the Standalone MM Lockbox Driver in an upcoming patch Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
The Lockbox Driver allows sensitive data to be securely stored in a designated area, thus protected against unauthorized access. This patch adds a Standalone MM Lockbox Driver with main modifications: 1. Separating shared code between the Standalone MM driver and the DXE MM Driver. 2. Utilizing services from the SMM Services Table (gSmst) as opposed to relying on Boot Services. Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Signed-off-by: Yuanhao Xie <yuanhao.xie@intel.com>
2934b80
to
b01f26f
Compare
|
No description provided.