Ok, miss understanding. " > Nt32Pkg: Link AuthVariableLib for following merged variable driver > deploy. > OvmfPkg: Link AuthVariableLib for following merged variable driver > deploy. For these two, do you think the commit message could be improved similar to my EmulatorPkg suggestion? "
In fact, I enhanced the commit message content to be similar with EmulatorPkg, but not the subject line. " AuthVariableLib and TpmMeasurementLib library classes are now linked with MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf to optionally support secure variables. For Nt32Pkg, link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg when SECURE_BOOT_ENABLE = TRUE, and link AuthVariableLibNull and TpmMeasurementLibNull in MdeModulePkg when SECURE_BOOT_ENABLE = FALSE. " EmulatorPkg only need one patch to link NULL instances, but other Nt32Pkg and OvmfPkg need to have the second patch to use merged variable driver, so I keep the subject line, especially I want to emphasize "for following merged variable driver". And I also added notes in cover letter of V3 patchset "According to the feedback from Laszlo Ersek <ler...@redhat.com>, Ard Biesheuvel <ard.biesheu...@linaro.org> and Jordan Justen <jordan.l.jus...@intel.com>, update the patches for ArmVirtPkg and update some commit messages for some platform packages.". Anyway, do you need to update the committed commit log to remove your r-b(in SVN commit log, I know it could not be into github). Thanks, Star -----Original Message----- From: Justen, Jordan L Sent: Wednesday, July 1, 2015 3:10 PM To: edk2-devel@lists.sourceforge.net; Zeng, Star; edk2-devel@lists.sourceforge.net Subject: Re: [edk2] [PATCH V4 08/21] Nt32Pkg: Link AuthVariableLib for following merged variable driver deploy On 2015-06-30 02:01:24, Star Zeng wrote: > AuthVariableLib and TpmMeasurementLib library classes are now linked > with MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > to optionally support secure variables. > > For Nt32Pkg, > link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg when > SECURE_BOOT_ENABLE = TRUE, and link AuthVariableLibNull and > TpmMeasurementLibNull in MdeModulePkg when SECURE_BOOT_ENABLE = FALSE. > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Star Zeng <star.z...@intel.com> > Reviewed-by: Ruiyu Ni <ruiyu...@intel.com> > Reviewed-by: Jordan Justen <jordan.l.jus...@intel.com> I didn't actually give my r-b for patch 8 or 9. (I wanted to see how the commit message was re-worded first.) But, if you fix the subject line of these patches to be more like patch 10, then you can keep my r-b on them. Oh ... I see you already committed the patches. -Jordan > --- > Nt32Pkg/Nt32Pkg.dsc | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index > b0d3fbf..2344d9a 100644 > --- a/Nt32Pkg/Nt32Pkg.dsc > +++ b/Nt32Pkg/Nt32Pkg.dsc > @@ -136,6 +136,10 @@ [LibraryClasses] > IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf > OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf > > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasu > rementLib.inf > + > +AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.i > +nf > +!else > + > +TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasu > +rementLibNull.inf > + > +AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariable > +LibNull.inf > !endif > > [LibraryClasses.common.USER_DEFINED] > -- > 1.9.5.msysgit.0 > > > ---------------------------------------------------------------------- > -------- Don't Limit Your Business. Reach for the Cloud. > GigeNET's Cloud Solutions provide you with the tools and support that > you need to offload your IT needs and focus on growing your business. > Configured For All Businesses. Start Your Cloud Today. > https://www.gigenetcloud.com/ > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/edk2-devel
--- Begin Message ---According to the feedback from Laszlo Ersek <ler...@redhat.com>, Ard Biesheuvel <ard.biesheu...@linaro.org> and Jordan Justen <jordan.l.jus...@intel.com>, update the patches for ArmVirtPkg and update some commit messages for some platform packages. For your easy review, the forked code is at g...@github.com:lzeng14/edk2.git branch SeparateAuthVariableServiceV3. What to do: 1. Move TpmMeasurementLib LibraryClass from SecurityPkg to MdeModulePkg. 2. Implement a NULL TpmMeasurementLib library instance in MdeModulePkg. 3. Move authenticated variable definition from AuthenticatedVariableFormat.h to VariableFormat.h. 4. Merge VariableInfo in SecurityPkg to VariableInfo in MdeModulePkg. 5. Merge from VariablePei in SecurityPkg to VariablePei in MdeModulePkg. 6. Add AuthVariableLib LibraryClass definitions in MdeModulePkg. 7. Implement a NULL AuthVariableLib library instance in MdeModulePkg. 8. Implement AuthVariableLib library instance in SecurityPkg. 9. Merge from Auth Variable driver in SecurityPkg to Variable drive in MdeModulePkg. 10. Update platform package to use the merged Variable driver. Why to do: 1. Share code. We are moving forward to separate auth variable service from Auth Variable driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit and be used by different implementation of Auth Variable drivers. 2. Remove code duplication and reduce maintenance effort. 2.1. After auth variable service separated from Auth Variable driver in SecurityPkg to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg will be almost same with Variable driver in MdeModulePkg. We are going to merge them. 2.2. The functionality of VariableInfo in SecurityPkg has covered VariableInfo in MdeModulePkg. 2.3. The code logic of VariablePei in SecurityPkg is same with VariablePei in MdeModulePkg. 3. TpmMeasurementLib is consumed by Auth Variable driver in SecurityPkg now, as Auth Variable driver in SecurityPkg will be merged to Variable driver in MdeModulePkg, so the library class also needs to be moved to MdeModulePkg. 4. gEfiAuthenticatedVariableGuid will be used by both merged Variable driver and AuthVariableLib, AUTHENTICATED_VARIABLE_HEADER will be used by merged Variable driver. What test done: Nt32: Boot with SECURE_BOOT_ENABLE = TRUE or FALSE, enable secure boot with SECURE_BOOT_ENABLE = TRUE. OVMF: Boot with SECURE_BOOT_ENABLE = TRUE or FALSE, enable secure boot with SECURE_BOOT_ENABLE = TRUE. By Laszlo Ersek <ler...@redhat.com>, build -a X64 -p OvmfPkg/OvmfPkgX64.dsc -D SECURE_BOOT_ENABLE -t GCC48 -b DEBUG It booted all fine and the guest kernel confirmed secure boot was enabled Vlv2TbltDevice: Boot and enable secure boot with SECURE_BOOT_ENABLE = TRUE. ArmVirtQumu: Built and run both with SECURE_BOOT_ENABLE = TRUE and SECURE_BOOT_ENABLE, and both seem to work fine by Ard Biesheuvel <ard.biesheu...@linaro.org>. What is the impact to platform: 1. Only platform dsc and fdf need to be updated except the change in ArmPlatformPkg.dec and NorFlashAuthenticatedDxe.inf to remove gVariableAuthenticatedRuntimeDxeFileGuid and use gVariableRuntimeDxeFileGuid. Star Zeng (25): MdeModulePkg PlatDriOverrideDxe: Remove unneeded VARIABLE_HEADER reference MdeModulePkg: Move TpmMeasurementLib LibraryClass from SecurityPkg MdeModulePkg: Move authenticated variable definition from SecurityPkg MdeModulePkg VariableInfo: Merge from VariableInfo in SecurityPkg MdeModulePkg VariablePei: Merge from VariablePei in SecurityPkg MdeModulePkg: Add AuthVariableLib LibraryClass SecurityPkg: Implement AuthVariableLib library instance Nt32Pkg: Link AuthVariableLib for following merged variable driver deploy OvmfPkg: Link AuthVariableLib for following merged variable driver deploy EmulatorPkg: Add TpmMeasurementLib and AuthVariableLib library mapping ArmPlatformPkg: Add TpmMeasurementLib and AuthVariableLib library mapping ArmVirtPkg: Link AuthVariableLib for following merged variable driver deploy Vlv2TbltDevicePkg: Link AuthVariableLib for following merged variable driver deploy MdeModulePkg Variable: Merge from Auth Variable driver in SecurityPkg Nt32Pkg: Use the merged Variable driver OvmfPkg: Use the merged Variable driver ArmPlatformPkg: Use the merged Variable driver ArmVirtPkg: Cleanup redundant library class resolution of Variable modules ArmVirtPkg: Use the merged Variable driver Vlv2TbltDevicePkg: Use the merged Variable driver SecurityPkg: Move TpmMeasurementLib LibraryClass to MdeModulePkg SecurityPkg VariableInfo: Delete it SecurityPkg VariablePei: Delete it SecurityPkg Variable: Delete Auth Variable driver SecurityPkg: Move authenticated variable definition to MdeModulePkg ArmPlatformPkg/ArmJunoPkg/ArmJuno.dsc | 7 +- ArmPlatformPkg/ArmPlatformPkg.dec | 5 +- .../ArmRealViewEbPkg/ArmRealViewEb-RTSM-A8.dsc | 7 +- .../ArmRealViewEbPkg/ArmRealViewEb-RTSM-A9x2.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-CTA15-A7.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-CTA9x4.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-RTSM-A15.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-RTSM-A15_MPCore.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-RTSM-A9x4.dsc | 7 +- .../ArmVExpressPkg/ArmVExpress-RTSM-AEMv8Ax4.dsc | 7 +- .../NorFlashDxe/NorFlashAuthenticatedDxe.inf | 5 +- ArmVirtPkg/ArmVirt.dsc.inc | 5 + ArmVirtPkg/ArmVirtQemu.dsc | 15 +- ArmVirtPkg/ArmVirtQemu.fdf | 9 +- EmulatorPkg/EmulatorPkg.dsc | 4 +- .../Application/VariableInfo/VariableInfo.c | 209 +- .../Application/VariableInfo/VariableInfo.inf | 25 +- .../Application/VariableInfo/VariableInfo.uni | Bin 2430 -> 2904 bytes MdeModulePkg/Include/Guid/SmmVariableCommon.h | 8 +- MdeModulePkg/Include/Guid/VariableFormat.h | 68 +- MdeModulePkg/Include/Library/AuthVariableLib.h | 261 ++ MdeModulePkg/Include/Library/TpmMeasurementLib.h | 44 + MdeModulePkg/Include/Protocol/VarCheck.h | 6 + .../AuthVariableLibNull/AuthVariableLibNull.c | 78 + .../AuthVariableLibNull/AuthVariableLibNull.inf | 40 + .../AuthVariableLibNull/AuthVariableLibNull.uni | Bin 0 -> 1710 bytes .../TpmMeasurementLibNull/TpmMeasurementLibNull.c | 45 + .../TpmMeasurementLibNull.inf | 34 + .../TpmMeasurementLibNull.uni | Bin 0 -> 1654 bytes MdeModulePkg/MdeModulePkg.dec | 12 + MdeModulePkg/MdeModulePkg.dsc | 4 + .../PlatformDriOverrideDxe/PlatDriOverrideLib.c | 3 +- .../Universal/Variable/Pei/PeiVariable.uni | Bin 2130 -> 2182 bytes MdeModulePkg/Universal/Variable/Pei/Variable.c | 194 +- MdeModulePkg/Universal/Variable/Pei/Variable.h | 4 +- .../Universal/Variable/Pei/VariablePei.inf | 9 +- .../Universal/Variable/RuntimeDxe/Measurement.c | 255 ++ .../Universal/Variable/RuntimeDxe/Reclaim.c | 5 +- .../Universal/Variable/RuntimeDxe/VarCheck.c | 234 +- .../Universal/Variable/RuntimeDxe/Variable.c | 1152 ++++-- .../Universal/Variable/RuntimeDxe/Variable.h | 455 ++- .../Universal/Variable/RuntimeDxe/VariableDxe.c | 83 +- .../Universal/Variable/RuntimeDxe/VariableExLib.c | 256 ++ .../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 48 +- .../Variable/RuntimeDxe/VariableRuntimeDxe.uni | Bin 2588 -> 3150 bytes .../Universal/Variable/RuntimeDxe/VariableSmm.c | 77 +- .../Universal/Variable/RuntimeDxe/VariableSmm.inf | 61 +- .../Universal/Variable/RuntimeDxe/VariableSmm.uni | Bin 3746 -> 4454 bytes .../Variable/RuntimeDxe/VariableSmmExtra.uni | Bin 1348 -> 1332 bytes .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 130 +- .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 43 +- Nt32Pkg/Nt32Pkg.dsc | 12 +- Nt32Pkg/Nt32Pkg.fdf | 8 +- OvmfPkg/OvmfPkgIa32.dsc | 9 +- OvmfPkg/OvmfPkgIa32.fdf | 6 +- OvmfPkg/OvmfPkgIa32X64.dsc | 9 +- OvmfPkg/OvmfPkgIa32X64.fdf | 6 +- OvmfPkg/OvmfPkgX64.dsc | 9 +- OvmfPkg/OvmfPkgX64.fdf | 6 +- .../Application/VariableInfo/VariableInfo.c | 265 -- .../Application/VariableInfo/VariableInfo.inf | 63 - .../Application/VariableInfo/VariableInfo.uni | Bin 2902 -> 0 bytes .../Application/VariableInfo/VariableInfoExtra.uni | Bin 1360 -> 0 bytes .../Include/Guid/AuthenticatedVariableFormat.h | 184 +- SecurityPkg/Include/Library/TpmMeasurementLib.h | 44 - SecurityPkg/Library/AuthVariableLib/AuthService.c | 2432 ++++++++++++ .../Library/AuthVariableLib/AuthServiceInternal.h | 411 ++ .../Library/AuthVariableLib/AuthVariableLib.c | 460 +++ .../Library/AuthVariableLib/AuthVariableLib.inf | 86 + .../Library/AuthVariableLib/AuthVariableLib.uni | Bin 0 -> 1670 bytes .../DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf | 5 +- SecurityPkg/SecurityPkg.dec | 10 +- SecurityPkg/SecurityPkg.dsc | 9 +- .../EsalVariableDxeSal/AuthService.c | 42 +- .../EsalVariableDxeSal/Variable.c | 220 +- .../EsalVariableDxeSal/Variable.h | 18 +- .../VariableAuthenticated/Pei/PeiVariableAuth.uni | Bin 2170 -> 0 bytes .../VariableAuthenticated/Pei/PeiVariableExtra.uni | Bin 1348 -> 0 bytes SecurityPkg/VariableAuthenticated/Pei/Variable.c | 1087 ----- SecurityPkg/VariableAuthenticated/Pei/Variable.h | 148 - .../VariableAuthenticated/Pei/VariablePei.inf | 73 - .../VariableAuthenticated/RuntimeDxe/AuthService.c | 2532 ------------ .../VariableAuthenticated/RuntimeDxe/AuthService.h | 360 -- .../VariableAuthenticated/RuntimeDxe/Measurement.c | 255 -- .../VariableAuthenticated/RuntimeDxe/Reclaim.c | 161 - .../VariableAuthenticated/RuntimeDxe/VarCheck.c | 1264 ------ .../VariableAuthenticated/RuntimeDxe/Variable.c | 4170 -------------------- .../VariableAuthenticated/RuntimeDxe/Variable.h | 842 ---- .../RuntimeDxe/VariableAuthRuntimeDxe.uni | Bin 3204 -> 0 bytes .../RuntimeDxe/VariableAuthSmm.uni | Bin 4488 -> 0 bytes .../RuntimeDxe/VariableAuthSmmRuntimeDxe.uni | Bin 3320 -> 0 bytes .../VariableAuthenticated/RuntimeDxe/VariableDxe.c | 530 --- .../RuntimeDxe/VariableRuntimeDxe.inf | 158 - .../RuntimeDxe/VariableRuntimeDxeExtra.uni | Bin 1376 -> 0 bytes .../VariableAuthenticated/RuntimeDxe/VariableSmm.c | 988 ----- .../RuntimeDxe/VariableSmm.inf | 165 - .../RuntimeDxe/VariableSmmExtra.uni | Bin 1332 -> 0 bytes .../RuntimeDxe/VariableSmmRuntimeDxe.c | 1118 ------ .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 102 - .../RuntimeDxe/VariableSmmRuntimeDxeExtra.uni | Bin 1390 -> 0 bytes Vlv2TbltDevicePkg/PlatformPkg.fdf | 14 +- Vlv2TbltDevicePkg/PlatformPkgGcc.fdf | 14 +- Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc | 32 +- Vlv2TbltDevicePkg/PlatformPkgIA32.dsc | 32 +- Vlv2TbltDevicePkg/PlatformPkgX64.dsc | 32 +- 106 files changed, 6879 insertions(+), 15468 deletions(-) create mode 100644 MdeModulePkg/Include/Library/AuthVariableLib.h create mode 100644 MdeModulePkg/Include/Library/TpmMeasurementLib.h create mode 100644 MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.c create mode 100644 MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf create mode 100644 MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.uni create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.uni create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.c delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.inf delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.uni delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfoExtra.uni delete mode 100644 SecurityPkg/Include/Library/TpmMeasurementLib.h create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthService.c create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.uni delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/PeiVariableAuth.uni delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/PeiVariableExtra.uni delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/Variable.c delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/Variable.h delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Measurement.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Reclaim.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthRuntimeDxe.uni delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthSmm.uni delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthSmmRuntimeDxe.uni delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxeExtra.uni delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmExtra.uni delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni -- 1.9.5.msysgit.0 ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
--- End Message ---
------------------------------------------------------------------------------ Don't Limit Your Business. Reach for the Cloud. GigeNET's Cloud Solutions provide you with the tools and support that you need to offload your IT needs and focus on growing your business. Configured For All Businesses. Start Your Cloud Today. https://www.gigenetcloud.com/
_______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel