#include <Uefi.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/LockBoxLib.h>
#include <Library/PcdLib.h>
#include <LockBoxLib.h>

Data Structures
struct	LOCK_BOX_ENTRY

Functions
RETURN_STATUS EFIAPI	LockBoxLibInitialize (VOID)

STATIC LOCK_BOX_ENTRY *EFIAPI	FindHeaderByGuid (IN CONST EFI_GUID *Guid)

RETURN_STATUS EFIAPI	SaveLockBox (IN GUID Guid, IN VOID Buffer, IN UINTN Length)

RETURN_STATUS EFIAPI	SetLockBoxAttributes (IN GUID *Guid, IN UINT64 Attributes)

RETURN_STATUS EFIAPI	UpdateLockBox (IN GUID Guid, IN UINTN Offset, IN VOID Buffer, IN UINTN Length)

RETURN_STATUS EFIAPI	RestoreLockBox (IN GUID Guid, IN VOID Buffer OPTIONAL, IN OUT UINTN *Length OPTIONAL)

RETURN_STATUS EFIAPI	RestoreAllLockBoxInPlace (VOID)

Variables
LOCK_BOX_GLOBAL *	mLockBoxGlobal = NULL

STATIC LOCK_BOX_ENTRY *	StartOfEntries = NULL

STATIC LOCK_BOX_ENTRY *	EndOfEntries = NULL

Detailed Description

Library implementing the LockBox interface for OVMF

SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file LockBoxLib.c.

Function Documentation

◆ FindHeaderByGuid()

STATIC LOCK_BOX_ENTRY *EFIAPI FindHeaderByGuid ( IN CONST EFI_GUID * Guid )

Find LockBox entry based on GUID.

Parameters

[in] Guid The GUID to search for.

Returns

Address of the LOCK_BOX_ENTRY found.

     If NULL, then the item was not found, and there is no space
     left to store a new item.

     If non-NULL and LOCK_BOX_ENTRY.Size == 0, then the item was not
     found, but a new item can be inserted at the returned location.

     If non-NULL and LOCK_BOX_ENTRY.Size > 0, then the item was found.

Definition at line 82 of file LockBoxLib.c.

◆ LockBoxLibInitialize()

RETURN_STATUS EFIAPI LockBoxLibInitialize ( VOID )

Definition at line 35 of file LockBoxLib.c.

◆ RestoreAllLockBoxInPlace()

RETURN_STATUS EFIAPI RestoreAllLockBoxInPlace ( VOID )

This function will restore confidential information from all lockbox which have RestoreInPlace attribute.

Return values

RETURN_SUCCESS	the information is restored successfully.
RETURN_NOT_STARTED	it is too early to invoke this interface
RETURN_UNSUPPORTED	the service is not supported by implementaion.

Definition at line 378 of file LockBoxLib.c.

◆ RestoreLockBox()

RETURN_STATUS EFIAPI RestoreLockBox	(	IN GUID *	Guid,
		IN VOID *Buffer	OPTIONAL,
		IN OUT UINTN *Length	OPTIONAL
	)

This function will restore confidential information from lockbox.

Parameters

Guid	the guid to identify the confidential information
Buffer	the address of the restored confidential information NULL means restored to original address, Length MUST be NULL at same time.
Length	the length of the restored confidential information

Return values

RETURN_SUCCESS	the information is restored successfully.
RETURN_INVALID_PARAMETER	the Guid is NULL, or one of Buffer and Length is NULL.
RETURN_WRITE_PROTECTED	Buffer and Length are NULL, but the LockBox has no LOCK_BOX_ATTRIBUTE_RESTORE_IN_PLACE attribute.
RETURN_BUFFER_TOO_SMALL	the Length is too small to hold the confidential information.
RETURN_NOT_FOUND	the requested GUID not found.
RETURN_NOT_STARTED	it is too early to invoke this interface
RETURN_ACCESS_DENIED	not allow to restore to the address
RETURN_UNSUPPORTED	the service is not supported by implementaion.

Definition at line 307 of file LockBoxLib.c.

◆ SaveLockBox()

RETURN_STATUS EFIAPI SaveLockBox	(	IN GUID *	Guid,
		IN VOID *	Buffer,
		IN UINTN	Length
	)

This function will save confidential information to lockbox.

Parameters

Guid	the guid to identify the confidential information
Buffer	the address of the confidential information
Length	the length of the confidential information

Return values

RETURN_SUCCESS	the information is saved successfully.
RETURN_INVALID_PARAMETER	the Guid is NULL, or Buffer is NULL, or Length is 0
RETURN_ALREADY_STARTED	the requested GUID already exist.
RETURN_OUT_OF_RESOURCES	no enough resource to save the information.
RETURN_ACCESS_DENIED	it is too late to invoke this interface
RETURN_NOT_STARTED	it is too early to invoke this interface
RETURN_UNSUPPORTED	the service is not supported by implementaion.

Definition at line 116 of file LockBoxLib.c.

◆ SetLockBoxAttributes()

RETURN_STATUS EFIAPI SetLockBoxAttributes	(	IN GUID *	Guid,
		IN UINT64	Attributes
	)

This function will set lockbox attributes.

Parameters

Guid	the guid to identify the confidential information
Attributes	the attributes of the lockbox

Return values

RETURN_SUCCESS	the information is saved successfully.
RETURN_INVALID_PARAMETER	attributes is invalid.
RETURN_NOT_FOUND	the requested GUID not found.
RETURN_ACCESS_DENIED	it is too late to invoke this interface
RETURN_NOT_STARTED	it is too early to invoke this interface
RETURN_UNSUPPORTED	the service is not supported by implementaion.

Definition at line 189 of file LockBoxLib.c.

◆ UpdateLockBox()

RETURN_STATUS EFIAPI UpdateLockBox	(	IN GUID *	Guid,
		IN UINTN	Offset,
		IN VOID *	Buffer,
		IN UINTN	Length
	)

This function will update confidential information to lockbox.

Parameters

Guid	the guid to identify the original confidential information
Offset	the offset of the original confidential information
Buffer	the address of the updated confidential information
Length	the length of the updated confidential information

Return values

RETURN_SUCCESS	the information is saved successfully.
RETURN_INVALID_PARAMETER	the Guid is NULL, or Buffer is NULL, or Length is 0.
RETURN_NOT_FOUND	the requested GUID not found.
RETURN_BUFFER_TOO_SMALL	for lockbox without attribute LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY, the original buffer to too small to hold new information.
RETURN_OUT_OF_RESOURCES	for lockbox with attribute LOCK_BOX_ATTRIBUTE_RESTORE_IN_S3_ONLY, no enough resource to save the information.
RETURN_ACCESS_DENIED	it is too late to invoke this interface
RETURN_NOT_STARTED	it is too early to invoke this interface
RETURN_UNSUPPORTED	the service is not supported by implementaion.

Definition at line 244 of file LockBoxLib.c.

Variable Documentation

◆ EndOfEntries

STATIC LOCK_BOX_ENTRY* EndOfEntries = NULL

Definition at line 31 of file LockBoxLib.c.

◆ mLockBoxGlobal

LOCK_BOX_GLOBAL* mLockBoxGlobal = NULL

Definition at line 29 of file LockBoxLib.c.

◆ StartOfEntries

STATIC LOCK_BOX_ENTRY* StartOfEntries = NULL

Definition at line 30 of file LockBoxLib.c.

Data Structures

Functions

Variables

Detailed Description

Function Documentation

◆ FindHeaderByGuid()

◆ LockBoxLibInitialize()

◆ RestoreAllLockBoxInPlace()

◆ RestoreLockBox()

◆ SaveLockBox()

◆ SetLockBoxAttributes()

◆ UpdateLockBox()

Variable Documentation

◆ EndOfEntries

◆ mLockBoxGlobal

◆ StartOfEntries