[PATCH 1/7] OvmfPkg/EmuVariableFvbRuntimeDxe: always format an auth varstore header

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Laszlo Ersek <lersek@redhat.com>
To: edk2-devel-01 <edk2-devel@lists.01.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Subject: [PATCH 1/7] OvmfPkg/EmuVariableFvbRuntimeDxe: always format an auth varstore header
Date: Fri,  5 May 2017 23:02:52 +0200	[thread overview]
Message-ID: <20170505210258.28141-2-lersek@redhat.com> (raw)
In-Reply-To: <20170505210258.28141-1-lersek@redhat.com>

In this patch, we extend commit d92eaabefbe0 ("OvmfPkg: simplify
VARIABLE_STORE_HEADER generation", 2016-02-05) to
EmuVariableFvbRuntimeDxe.

This is the difference between FvAndVarTemplate and
FvAndAuthenticatedVarTemplate:

> --- non-auth    2017-05-05 22:32:06.001512283 +0200
> +++ auth        2017-05-05 22:32:18.841364882 +0200
> @@ -1,7 +1,7 @@
>    //
> -  // Templates for standard (non-authenticated) variable FV header
> +  // Templates for authenticated variable FV header
>    //
> -  STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndVarTemplate = {
> +  STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndAuthenticatedVarTemplate = {
>      { // EFI_FIRMWARE_VOLUME_HEADER FvHdr;
>        // UINT8                     ZeroVector[16];
>        { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
> @@ -34,7 +34,7 @@
>        EFI_FVH_REVISION,
>
>        // EFI_FV_BLOCK_MAP_ENTRY    BlockMap[1];
> -      {
> +      {
>          {
>            2, // UINT32 NumBlocks;
>            EMU_FVB_BLOCK_SIZE  // UINT32 Length;
> @@ -44,8 +44,8 @@
>      // EFI_FV_BLOCK_MAP_ENTRY     EndBlockMap;
>      { 0, 0 }, // End of block map
>      { // VARIABLE_STORE_HEADER      VarHdr;
> -      // EFI_GUID  Signature;
> -      EFI_VARIABLE_GUID,
> +        // EFI_GUID  Signature;     // need authenticated variables for secure boot
> +        EFI_AUTHENTICATED_VARIABLE_GUID,
>
>        // UINT32  Size;
>        (

After this change, using "-bios", the variable driver logs:

- with the SB feature enabled:
> Variable driver will work with auth variable format!
> Variable driver will work with auth variable support!

- with the SB feature disabled:
> Variable driver will work with auth variable format!
> Variable driver will continue to work without auth variable support!

Cc: Jordan Justen <jordan.l.justen@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf |  3 -
 OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c   | 79 ++------------------
 2 files changed, 5 insertions(+), 77 deletions(-)

diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
index 4d4827decb52..69b3c9972a76 100644
--- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
+++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.inf
@@ -68,9 +68,6 @@ [Pcd]
   gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageFtwSpareBase
   gEfiMdeModulePkgTokenSpaceGuid.PcdEmuVariableNvStoreReserved
 
-[FeaturePcd]
-  gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable
-
 [Depex]
   TRUE
 
diff --git a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c
index dec6d4af50df..7a6d3153ec8c 100644
--- a/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c
+++ b/OvmfPkg/EmuVariableFvbRuntimeDxe/Fvb.c
@@ -626,75 +626,6 @@ InitializeFvAndVariableStoreHeaders (
   )
 {
   //
-  // Templates for standard (non-authenticated) variable FV header
-  //
-  STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndVarTemplate = {
-    { // EFI_FIRMWARE_VOLUME_HEADER FvHdr;
-      // UINT8                     ZeroVector[16];
-      { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 },
-
-      // EFI_GUID                  FileSystemGuid;
-      EFI_SYSTEM_NV_DATA_FV_GUID,
-
-      // UINT64                    FvLength;
-      EMU_FVB_SIZE,
-
-      // UINT32                    Signature;
-      EFI_FVH_SIGNATURE,
-
-      // EFI_FVB_ATTRIBUTES_2      Attributes;
-      0x4feff,
-
-      // UINT16                    HeaderLength;
-      EMU_FV_HEADER_LENGTH,
-
-      // UINT16                    Checksum;
-      0,
-
-      // UINT16                    ExtHeaderOffset;
-      0,
-
-      // UINT8                     Reserved[1];
-      {0},
-
-      // UINT8                     Revision;
-      EFI_FVH_REVISION,
-
-      // EFI_FV_BLOCK_MAP_ENTRY    BlockMap[1];
-      { 
-        {
-          2, // UINT32 NumBlocks;
-          EMU_FVB_BLOCK_SIZE  // UINT32 Length;
-        }
-      }
-    },
-    // EFI_FV_BLOCK_MAP_ENTRY     EndBlockMap;
-    { 0, 0 }, // End of block map
-    { // VARIABLE_STORE_HEADER      VarHdr;
-      // EFI_GUID  Signature;
-      EFI_VARIABLE_GUID,
-
-      // UINT32  Size;
-      (
-        FixedPcdGet32 (PcdVariableStoreSize) -
-        OFFSET_OF (FVB_FV_HDR_AND_VARS_TEMPLATE, VarHdr)
-      ),
-
-      // UINT8   Format;
-      VARIABLE_STORE_FORMATTED,
-
-      // UINT8   State;
-      VARIABLE_STORE_HEALTHY,
-
-      // UINT16  Reserved;
-      0,
-
-      // UINT32  Reserved1;
-      0
-    }
-  };
-
-  //
   // Templates for authenticated variable FV header
   //
   STATIC FVB_FV_HDR_AND_VARS_TEMPLATE FvAndAuthenticatedVarTemplate = {
@@ -768,11 +699,11 @@ InitializeFvAndVariableStoreHeaders (
   //
   // Copy the template structure into the location
   //
-  if (FeaturePcdGet (PcdSecureBootEnable) == FALSE) {
-    CopyMem (Ptr, (VOID*)&FvAndVarTemplate, sizeof (FvAndVarTemplate));
-  } else {
-    CopyMem (Ptr, (VOID*)&FvAndAuthenticatedVarTemplate, sizeof (FvAndAuthenticatedVarTemplate));
-  }
+  CopyMem (
+    Ptr,
+    &FvAndAuthenticatedVarTemplate,
+    sizeof FvAndAuthenticatedVarTemplate
+    );
 
   //
   // Update the checksum for the FV header
-- 
2.9.3

next prev parent reply	other threads:[~2017-05-05 21:03 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-05-05 21:02 [PATCH 0/7] OvmfPkg: small cleanups and tweaks Laszlo Ersek
2017-05-05 21:02 ` Laszlo Ersek [this message]
2017-05-05 21:02 ` [PATCH 2/7] OvmfPkg: remove gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootEnable Laszlo Ersek
2017-05-05 21:02 ` [PATCH 3/7] OvmfPkg/PlatformPei: remove unused PcdVariableStoreSize dependency Laszlo Ersek
2017-05-05 21:02 ` [PATCH 4/7] OvmfPkg: sync PcdVariableStoreSize with PcdFlashNvStorageVariableSize Laszlo Ersek
2017-05-05 21:02 ` [PATCH 5/7] OvmfPkg/PlatformPei: don't allocate reserved mem varstore if SMM_REQUIRE Laszlo Ersek
2017-05-15 18:09   ` Jordan Justen
2017-05-18  8:16     ` Laszlo Ersek
2017-05-05 21:02 ` [PATCH 6/7] OvmfPkg: resolve PcdLib for all PEIMs individually Laszlo Ersek
2017-05-05 21:02 ` [PATCH 7/7] OvmfPkg: resolve PcdLib for PEIMs to PeiPcdLib by default Laszlo Ersek
2017-05-12  9:05 ` [PATCH 0/7] OvmfPkg: small cleanups and tweaks Gary Lin

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:4d4827decb5 dfblob:69b3c9972a7 dfblob:dec6d4af50d
dfblob:7a6d3153ec8 )
 OR (
bs:"[PATCH 1/7] OvmfPkg/EmuVariableFvbRuntimeDxe: always format an auth varstore header" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20170505210258.28141-2-lersek@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox