Ok, miss understanding.
"
> Nt32Pkg: Link AuthVariableLib for following merged variable driver
> deploy.
> OvmfPkg: Link AuthVariableLib for following merged variable driver
> deploy.
For these two, do you think the commit message could be improved similar to my
EmulatorPkg suggestion?
"
In fact, I enhanced the commit message content to be similar with EmulatorPkg,
but not the subject line.
"
AuthVariableLib and TpmMeasurementLib library classes are now linked
with MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
to optionally support secure variables.
For Nt32Pkg,
link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg when
SECURE_BOOT_ENABLE = TRUE, and link AuthVariableLibNull and
TpmMeasurementLibNull in MdeModulePkg when SECURE_BOOT_ENABLE = FALSE.
"
EmulatorPkg only need one patch to link NULL instances, but other Nt32Pkg and
OvmfPkg need to have the second patch to use merged variable driver, so I keep
the subject line, especially I want to emphasize "for following merged variable
driver".
And I also added notes in cover letter of V3 patchset "According to the
feedback from Laszlo Ersek <ler...@redhat.com>, Ard Biesheuvel
<ard.biesheu...@linaro.org> and Jordan Justen <jordan.l.jus...@intel.com>,
update the patches for ArmVirtPkg and update some commit messages for some
platform packages.".
Anyway, do you need to update the committed commit log to remove your r-b(in
SVN commit log, I know it could not be into github).
Thanks,
Star
-----Original Message-----
From: Justen, Jordan L
Sent: Wednesday, July 1, 2015 3:10 PM
To: edk2-devel@lists.sourceforge.net; Zeng, Star;
edk2-devel@lists.sourceforge.net
Subject: Re: [edk2] [PATCH V4 08/21] Nt32Pkg: Link AuthVariableLib for
following merged variable driver deploy
On 2015-06-30 02:01:24, Star Zeng wrote:
> AuthVariableLib and TpmMeasurementLib library classes are now linked
> with MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
> to optionally support secure variables.
>
> For Nt32Pkg,
> link AuthVariableLib and DxeTpmMeasurementLib in SecurityPkg when
> SECURE_BOOT_ENABLE = TRUE, and link AuthVariableLibNull and
> TpmMeasurementLibNull in MdeModulePkg when SECURE_BOOT_ENABLE = FALSE.
>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Star Zeng <star.z...@intel.com>
> Reviewed-by: Ruiyu Ni <ruiyu...@intel.com>
> Reviewed-by: Jordan Justen <jordan.l.jus...@intel.com>
I didn't actually give my r-b for patch 8 or 9. (I wanted to see how the commit
message was re-worded first.)
But, if you fix the subject line of these patches to be more like patch 10,
then you can keep my r-b on them.
Oh ... I see you already committed the patches.
-Jordan
> ---
> Nt32Pkg/Nt32Pkg.dsc | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/Nt32Pkg/Nt32Pkg.dsc b/Nt32Pkg/Nt32Pkg.dsc index
> b0d3fbf..2344d9a 100644
> --- a/Nt32Pkg/Nt32Pkg.dsc
> +++ b/Nt32Pkg/Nt32Pkg.dsc
> @@ -136,6 +136,10 @@ [LibraryClasses]
> IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
> OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
>
> TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasu
> rementLib.inf
> +
> +AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.i
> +nf
> +!else
> +
> +TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasu
> +rementLibNull.inf
> +
> +AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariable
> +LibNull.inf
> !endif
>
> [LibraryClasses.common.USER_DEFINED]
> --
> 1.9.5.msysgit.0
>
>
> ----------------------------------------------------------------------
> -------- Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/edk2-devel
--- Begin Message ---
According to the feedback from Laszlo Ersek <ler...@redhat.com>,
Ard Biesheuvel <ard.biesheu...@linaro.org> and
Jordan Justen <jordan.l.jus...@intel.com>, update the patches for ArmVirtPkg
and update some commit messages for some platform packages.
For your easy review,
the forked code is at g...@github.com:lzeng14/edk2.git branch
SeparateAuthVariableServiceV3.
What to do:
1. Move TpmMeasurementLib LibraryClass from SecurityPkg to MdeModulePkg.
2. Implement a NULL TpmMeasurementLib library instance in MdeModulePkg.
3. Move authenticated variable definition from AuthenticatedVariableFormat.h to
VariableFormat.h.
4. Merge VariableInfo in SecurityPkg to VariableInfo in MdeModulePkg.
5. Merge from VariablePei in SecurityPkg to VariablePei in MdeModulePkg.
6. Add AuthVariableLib LibraryClass definitions in MdeModulePkg.
7. Implement a NULL AuthVariableLib library instance in MdeModulePkg.
8. Implement AuthVariableLib library instance in SecurityPkg.
9. Merge from Auth Variable driver in SecurityPkg to Variable drive in
MdeModulePkg.
10. Update platform package to use the merged Variable driver.
Why to do:
1. Share code.
We are moving forward to separate auth variable service from Auth Variable
driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit
and be used by different implementation of Auth Variable drivers.
2. Remove code duplication and reduce maintenance effort.
2.1. After auth variable service separated from Auth Variable driver in
SecurityPkg
to AuthVariableLib. The remaining code logic of Auth Variable driver in
SecurityPkg
will be almost same with Variable driver in MdeModulePkg. We are going to
merge them.
2.2. The functionality of VariableInfo in SecurityPkg has covered VariableInfo
in MdeModulePkg.
2.3. The code logic of VariablePei in SecurityPkg is same with VariablePei
in MdeModulePkg.
3. TpmMeasurementLib is consumed by Auth Variable driver in SecurityPkg now,
as Auth Variable driver in SecurityPkg will be merged to Variable driver in
MdeModulePkg, so the library class also needs to be moved to MdeModulePkg.
4. gEfiAuthenticatedVariableGuid will be used by both merged Variable driver
and AuthVariableLib, AUTHENTICATED_VARIABLE_HEADER will be used by
merged Variable driver.
What test done:
Nt32: Boot with SECURE_BOOT_ENABLE = TRUE or FALSE, enable secure boot with
SECURE_BOOT_ENABLE = TRUE.
OVMF: Boot with SECURE_BOOT_ENABLE = TRUE or FALSE, enable secure boot with
SECURE_BOOT_ENABLE = TRUE.
By Laszlo Ersek <ler...@redhat.com>,
build -a X64 -p OvmfPkg/OvmfPkgX64.dsc -D SECURE_BOOT_ENABLE -t GCC48 -b
DEBUG
It booted all fine and the guest kernel confirmed secure boot was enabled
Vlv2TbltDevice: Boot and enable secure boot with SECURE_BOOT_ENABLE = TRUE.
ArmVirtQumu: Built and run both with SECURE_BOOT_ENABLE = TRUE and
SECURE_BOOT_ENABLE,
and both seem to work fine by Ard Biesheuvel
<ard.biesheu...@linaro.org>.
What is the impact to platform:
1. Only platform dsc and fdf need to be updated except the change in
ArmPlatformPkg.dec and NorFlashAuthenticatedDxe.inf to remove
gVariableAuthenticatedRuntimeDxeFileGuid and use gVariableRuntimeDxeFileGuid.
Star Zeng (25):
MdeModulePkg PlatDriOverrideDxe: Remove unneeded VARIABLE_HEADER
reference
MdeModulePkg: Move TpmMeasurementLib LibraryClass from SecurityPkg
MdeModulePkg: Move authenticated variable definition from SecurityPkg
MdeModulePkg VariableInfo: Merge from VariableInfo in SecurityPkg
MdeModulePkg VariablePei: Merge from VariablePei in SecurityPkg
MdeModulePkg: Add AuthVariableLib LibraryClass
SecurityPkg: Implement AuthVariableLib library instance
Nt32Pkg: Link AuthVariableLib for following merged variable driver
deploy
OvmfPkg: Link AuthVariableLib for following merged variable driver
deploy
EmulatorPkg: Add TpmMeasurementLib and AuthVariableLib library mapping
ArmPlatformPkg: Add TpmMeasurementLib and AuthVariableLib library
mapping
ArmVirtPkg: Link AuthVariableLib for following merged variable driver
deploy
Vlv2TbltDevicePkg: Link AuthVariableLib for following merged variable
driver deploy
MdeModulePkg Variable: Merge from Auth Variable driver in SecurityPkg
Nt32Pkg: Use the merged Variable driver
OvmfPkg: Use the merged Variable driver
ArmPlatformPkg: Use the merged Variable driver
ArmVirtPkg: Cleanup redundant library class resolution of Variable
modules
ArmVirtPkg: Use the merged Variable driver
Vlv2TbltDevicePkg: Use the merged Variable driver
SecurityPkg: Move TpmMeasurementLib LibraryClass to MdeModulePkg
SecurityPkg VariableInfo: Delete it
SecurityPkg VariablePei: Delete it
SecurityPkg Variable: Delete Auth Variable driver
SecurityPkg: Move authenticated variable definition to MdeModulePkg
ArmPlatformPkg/ArmJunoPkg/ArmJuno.dsc | 7 +-
ArmPlatformPkg/ArmPlatformPkg.dec | 5 +-
.../ArmRealViewEbPkg/ArmRealViewEb-RTSM-A8.dsc | 7 +-
.../ArmRealViewEbPkg/ArmRealViewEb-RTSM-A9x2.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-CTA15-A7.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-CTA9x4.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-FVP-AArch64.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-RTSM-A15.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-RTSM-A15_MPCore.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-RTSM-A9x4.dsc | 7 +-
.../ArmVExpressPkg/ArmVExpress-RTSM-AEMv8Ax4.dsc | 7 +-
.../NorFlashDxe/NorFlashAuthenticatedDxe.inf | 5 +-
ArmVirtPkg/ArmVirt.dsc.inc | 5 +
ArmVirtPkg/ArmVirtQemu.dsc | 15 +-
ArmVirtPkg/ArmVirtQemu.fdf | 9 +-
EmulatorPkg/EmulatorPkg.dsc | 4 +-
.../Application/VariableInfo/VariableInfo.c | 209 +-
.../Application/VariableInfo/VariableInfo.inf | 25 +-
.../Application/VariableInfo/VariableInfo.uni | Bin 2430 -> 2904 bytes
MdeModulePkg/Include/Guid/SmmVariableCommon.h | 8 +-
MdeModulePkg/Include/Guid/VariableFormat.h | 68 +-
MdeModulePkg/Include/Library/AuthVariableLib.h | 261 ++
MdeModulePkg/Include/Library/TpmMeasurementLib.h | 44 +
MdeModulePkg/Include/Protocol/VarCheck.h | 6 +
.../AuthVariableLibNull/AuthVariableLibNull.c | 78 +
.../AuthVariableLibNull/AuthVariableLibNull.inf | 40 +
.../AuthVariableLibNull/AuthVariableLibNull.uni | Bin 0 -> 1710 bytes
.../TpmMeasurementLibNull/TpmMeasurementLibNull.c | 45 +
.../TpmMeasurementLibNull.inf | 34 +
.../TpmMeasurementLibNull.uni | Bin 0 -> 1654 bytes
MdeModulePkg/MdeModulePkg.dec | 12 +
MdeModulePkg/MdeModulePkg.dsc | 4 +
.../PlatformDriOverrideDxe/PlatDriOverrideLib.c | 3 +-
.../Universal/Variable/Pei/PeiVariable.uni | Bin 2130 -> 2182 bytes
MdeModulePkg/Universal/Variable/Pei/Variable.c | 194 +-
MdeModulePkg/Universal/Variable/Pei/Variable.h | 4 +-
.../Universal/Variable/Pei/VariablePei.inf | 9 +-
.../Universal/Variable/RuntimeDxe/Measurement.c | 255 ++
.../Universal/Variable/RuntimeDxe/Reclaim.c | 5 +-
.../Universal/Variable/RuntimeDxe/VarCheck.c | 234 +-
.../Universal/Variable/RuntimeDxe/Variable.c | 1152 ++++--
.../Universal/Variable/RuntimeDxe/Variable.h | 455 ++-
.../Universal/Variable/RuntimeDxe/VariableDxe.c | 83 +-
.../Universal/Variable/RuntimeDxe/VariableExLib.c | 256 ++
.../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 48 +-
.../Variable/RuntimeDxe/VariableRuntimeDxe.uni | Bin 2588 -> 3150 bytes
.../Universal/Variable/RuntimeDxe/VariableSmm.c | 77 +-
.../Universal/Variable/RuntimeDxe/VariableSmm.inf | 61 +-
.../Universal/Variable/RuntimeDxe/VariableSmm.uni | Bin 3746 -> 4454 bytes
.../Variable/RuntimeDxe/VariableSmmExtra.uni | Bin 1348 -> 1332 bytes
.../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 130 +-
.../Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 43 +-
Nt32Pkg/Nt32Pkg.dsc | 12 +-
Nt32Pkg/Nt32Pkg.fdf | 8 +-
OvmfPkg/OvmfPkgIa32.dsc | 9 +-
OvmfPkg/OvmfPkgIa32.fdf | 6 +-
OvmfPkg/OvmfPkgIa32X64.dsc | 9 +-
OvmfPkg/OvmfPkgIa32X64.fdf | 6 +-
OvmfPkg/OvmfPkgX64.dsc | 9 +-
OvmfPkg/OvmfPkgX64.fdf | 6 +-
.../Application/VariableInfo/VariableInfo.c | 265 --
.../Application/VariableInfo/VariableInfo.inf | 63 -
.../Application/VariableInfo/VariableInfo.uni | Bin 2902 -> 0 bytes
.../Application/VariableInfo/VariableInfoExtra.uni | Bin 1360 -> 0 bytes
.../Include/Guid/AuthenticatedVariableFormat.h | 184 +-
SecurityPkg/Include/Library/TpmMeasurementLib.h | 44 -
SecurityPkg/Library/AuthVariableLib/AuthService.c | 2432 ++++++++++++
.../Library/AuthVariableLib/AuthServiceInternal.h | 411 ++
.../Library/AuthVariableLib/AuthVariableLib.c | 460 +++
.../Library/AuthVariableLib/AuthVariableLib.inf | 86 +
.../Library/AuthVariableLib/AuthVariableLib.uni | Bin 0 -> 1670 bytes
.../DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf | 5 +-
SecurityPkg/SecurityPkg.dec | 10 +-
SecurityPkg/SecurityPkg.dsc | 9 +-
.../EsalVariableDxeSal/AuthService.c | 42 +-
.../EsalVariableDxeSal/Variable.c | 220 +-
.../EsalVariableDxeSal/Variable.h | 18 +-
.../VariableAuthenticated/Pei/PeiVariableAuth.uni | Bin 2170 -> 0 bytes
.../VariableAuthenticated/Pei/PeiVariableExtra.uni | Bin 1348 -> 0 bytes
SecurityPkg/VariableAuthenticated/Pei/Variable.c | 1087 -----
SecurityPkg/VariableAuthenticated/Pei/Variable.h | 148 -
.../VariableAuthenticated/Pei/VariablePei.inf | 73 -
.../VariableAuthenticated/RuntimeDxe/AuthService.c | 2532 ------------
.../VariableAuthenticated/RuntimeDxe/AuthService.h | 360 --
.../VariableAuthenticated/RuntimeDxe/Measurement.c | 255 --
.../VariableAuthenticated/RuntimeDxe/Reclaim.c | 161 -
.../VariableAuthenticated/RuntimeDxe/VarCheck.c | 1264 ------
.../VariableAuthenticated/RuntimeDxe/Variable.c | 4170 --------------------
.../VariableAuthenticated/RuntimeDxe/Variable.h | 842 ----
.../RuntimeDxe/VariableAuthRuntimeDxe.uni | Bin 3204 -> 0 bytes
.../RuntimeDxe/VariableAuthSmm.uni | Bin 4488 -> 0 bytes
.../RuntimeDxe/VariableAuthSmmRuntimeDxe.uni | Bin 3320 -> 0 bytes
.../VariableAuthenticated/RuntimeDxe/VariableDxe.c | 530 ---
.../RuntimeDxe/VariableRuntimeDxe.inf | 158 -
.../RuntimeDxe/VariableRuntimeDxeExtra.uni | Bin 1376 -> 0 bytes
.../VariableAuthenticated/RuntimeDxe/VariableSmm.c | 988 -----
.../RuntimeDxe/VariableSmm.inf | 165 -
.../RuntimeDxe/VariableSmmExtra.uni | Bin 1332 -> 0 bytes
.../RuntimeDxe/VariableSmmRuntimeDxe.c | 1118 ------
.../RuntimeDxe/VariableSmmRuntimeDxe.inf | 102 -
.../RuntimeDxe/VariableSmmRuntimeDxeExtra.uni | Bin 1390 -> 0 bytes
Vlv2TbltDevicePkg/PlatformPkg.fdf | 14 +-
Vlv2TbltDevicePkg/PlatformPkgGcc.fdf | 14 +-
Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc | 32 +-
Vlv2TbltDevicePkg/PlatformPkgIA32.dsc | 32 +-
Vlv2TbltDevicePkg/PlatformPkgX64.dsc | 32 +-
106 files changed, 6879 insertions(+), 15468 deletions(-)
create mode 100644 MdeModulePkg/Include/Library/AuthVariableLib.h
create mode 100644 MdeModulePkg/Include/Library/TpmMeasurementLib.h
create mode 100644
MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.c
create mode 100644
MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
create mode 100644
MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.uni
create mode 100644
MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c
create mode 100644
MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
create mode 100644
MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.uni
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
create mode 100644 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.c
delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.inf
delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfo.uni
delete mode 100644 SecurityPkg/Application/VariableInfo/VariableInfoExtra.uni
delete mode 100644 SecurityPkg/Include/Library/TpmMeasurementLib.h
create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthService.c
create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h
create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c
create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
create mode 100644 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.uni
delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/PeiVariableAuth.uni
delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/PeiVariableExtra.uni
delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/Variable.c
delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/Variable.h
delete mode 100644 SecurityPkg/VariableAuthenticated/Pei/VariablePei.inf
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Measurement.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Reclaim.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.h
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthRuntimeDxe.uni
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthSmm.uni
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableAuthSmmRuntimeDxe.uni
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableDxe.c
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxe.inf
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableRuntimeDxeExtra.uni
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.c
delete mode 100644 SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmm.inf
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmExtra.uni
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.c
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxe.inf
delete mode 100644
SecurityPkg/VariableAuthenticated/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni
--
1.9.5.msysgit.0
------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors
network devices and physical & virtual servers, alerts via email & sms
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
--- End Message ---
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
