[edk2] [PATCH 03/20] MdeModulePkg: Move authenticated variable definition from SecurityPkg.

Star Zeng Thu, 25 Jun 2015 02:51:07 -0700

What to do:
1. Move authenticated variable definition from AuthenticatedVariableFormat.h
to VariableFormat.h with gEfiAuthenticatedVariableGuid and
AUTHENTICATED_VARIABLE_HEADER.


Why to do:
1. Share code.
We are moving forward to separate auth variable service from Auth Variable
driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
2. Remove code duplication and reduce maintenance effort.
After auth variable service separated from Auth Variable driver in SecurityPkg
to AuthVariableLib. The remaining code logic of Auth Variable driver in 
SecurityPkg
will be almost same with Variable driver in MdeModulePkg. We are going to
merge them.
3. gEfiAuthenticatedVariableGuid will be used by both merged Variable driver
and AuthVariableLib, AUTHENTICATED_VARIABLE_HEADER will be used by
merged Variable driver.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.z...@intel.com>
Reviewed-by: Jiewen Yao <jiewen....@intel.com>
Reviewed-by: Liming Gao <liming....@intel.com>
---
 MdeModulePkg/Include/Guid/VariableFormat.h | 50 +++++++++++++++++++++++++++++-
 MdeModulePkg/MdeModulePkg.dec              |  4 +++
 2 files changed, 53 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Include/Guid/VariableFormat.h 
b/MdeModulePkg/Include/Guid/VariableFormat.h
index a7902f1..c52eaf3 100644
--- a/MdeModulePkg/Include/Guid/VariableFormat.h
+++ b/MdeModulePkg/Include/Guid/VariableFormat.h
@@ -2,7 +2,7 @@
   The variable data structures are related to EDK II-specific implementation 
of UEFI variables.
   VariableFormat.h defines variable data headers and variable storage region 
headers.
 
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available 
under 
 the terms and conditions of the BSD License that accompanies this 
distribution.  
 The full text of the license may be found at
@@ -19,7 +19,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER 
EXPRESS OR IMPLIED.
 #define EFI_VARIABLE_GUID \
   { 0xddcf3616, 0x3275, 0x4164, { 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 
0x7d } }
 
+#define EFI_AUTHENTICATED_VARIABLE_GUID \
+  { 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 
0x92 } }
+
 extern EFI_GUID gEfiVariableGuid;
+extern EFI_GUID gEfiAuthenticatedVariableGuid;
 
 ///
 /// Alignment of variable name and data, according to the architecture:
@@ -60,6 +64,7 @@ typedef enum {
 #pragma pack(1)
 
 #define VARIABLE_STORE_SIGNATURE  EFI_VARIABLE_GUID
+#define AUTHENTICATED_VARIABLE_STORE_SIGNATURE  EFI_AUTHENTICATED_VARIABLE_GUID
 
 ///
 /// Variable Store Header Format and State.
@@ -136,6 +141,49 @@ typedef struct {
   EFI_GUID    VendorGuid;
 } VARIABLE_HEADER;
 
+///
+/// Single Authenticated Variable Data Header Structure.
+///
+typedef struct {
+  ///
+  /// Variable Data Start Flag.
+  ///
+  UINT16      StartId;
+  ///
+  /// Variable State defined above.
+  ///
+  UINT8       State;
+  UINT8       Reserved;
+  ///
+  /// Attributes of variable defined in UEFI specification.
+  ///
+  UINT32      Attributes;
+  ///
+  /// Associated monotonic count value against replay attack.
+  ///
+  UINT64      MonotonicCount;
+  ///
+  /// Associated TimeStamp value against replay attack.
+  ///
+  EFI_TIME    TimeStamp;
+  ///
+  /// Index of associated public key in database.
+  ///
+  UINT32      PubKeyIndex;
+  ///
+  /// Size of variable null-terminated Unicode string name.
+  ///
+  UINT32      NameSize;
+  ///
+  /// Size of the variable data without this header.
+  ///
+  UINT32      DataSize;
+  ///
+  /// A unique identifier for the vendor that produces and consumes this 
varaible.
+  ///
+  EFI_GUID    VendorGuid;
+} AUTHENTICATED_VARIABLE_HEADER;
+
 #pragma pack()
 
 typedef struct _VARIABLE_INFO_ENTRY  VARIABLE_INFO_ENTRY;
diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec
index e87e89a..12b77a6 100644
--- a/MdeModulePkg/MdeModulePkg.dec
+++ b/MdeModulePkg/MdeModulePkg.dec
@@ -172,6 +172,10 @@
   #  Include/Guid/VariableFormat.h
   gEfiVariableGuid           = { 0xddcf3616, 0x3275, 0x4164, { 0x98, 0xb6, 
0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d }}
 
+  ## Guid acted as the authenticated variable store header's signature, and to 
specify the variable list entries put in the EFI system table.
+  #  Include/Guid/AuthenticatedVariableFormat.h
+  gEfiAuthenticatedVariableGuid = { 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 
0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } }
+
   #  Include/Guid/VariableIndexTable.h
   gEfiVariableIndexTableGuid  = { 0x8cfdb8c8, 0xd6b2, 0x40f3, { 0x8e, 0x97, 
0x02, 0x30, 0x7c, 0xc9, 0x8b, 0x7c }}
 
-- 
1.9.5.msysgit.0


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

[edk2] [PATCH 03/20] MdeModulePkg: Move authenticated variable definition from SecurityPkg.

Reply via email to