MdePkg: SmmMemLib: Added New Interface for Communicate Buffer Validation

Current MMI handlers would leverage SmmIsBufferOutsideSmmValid interface to validate the incoming communicate buffer. However, if/when SMM core would like to improve security level by copying the communicate buffer into TSEG before dispatching, these handlers will fail due to these changes. This change added new interface for traditional MM handlers to validate incoming communicate buffer, which should pave way for MM core to copy incoming buffer into TSEG prior to handler dispatching. The current implementation will remain to use SmmIsBufferOutsideSmmValid till Core has such functionality. The interface should be used and only used for validating communicate buffer upon dispatching. For other memory region validity check, handlers should still use SmmIsBufferOutsideSmmValid.
microsoft · May 4, 2023 · 43e13ba · 43e13ba
1 parent 5966623
commit 43e13ba
Show file tree

Hide file tree

Showing 2 changed files with 35 additions and 0 deletions.
diff --git a/MdePkg/Include/Library/SmmMemLib.h b/MdePkg/Include/Library/SmmMemLib.h
@@ -129,4 +129,20 @@ SmmSetMem (
   IN UINT8  Value
   );
 
+/**
+  This function should be used for MMI handlers to check if the communicate buffer is valid.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This communicate buffer is valid per processor architecture.
+  @retval FALSE This communicate buffer is not valid per processor architecture.
+**/
+BOOLEAN
+EFIAPI
+SmmCommBufferValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  );
+
 #endif
diff --git a/MdePkg/Library/SmmMemLib/SmmMemLib.c b/MdePkg/Library/SmmMemLib/SmmMemLib.c
@@ -591,6 +591,25 @@ SmmLibInternalReadyToLockNotify (
   return EFI_SUCCESS;
 }
 
+/**
+  This function should be used for MMI handlers to check if the communicate buffer is valid.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This communicate buffer is valid per processor architecture.
+  @retval FALSE This communicate buffer is not valid per processor architecture.
+**/
+BOOLEAN
+EFIAPI
+SmmCommBufferValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return SmmIsBufferOutsideSmmValid (Buffer, Length);
+}
+
 /**
   The constructor function initializes the Smm Mem library