From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com []) by mx.groups.io with SMTP id smtpd.web11.32483.1585208988652183387 for ; Thu, 26 Mar 2020 00:49:52 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: jian.j.wang@intel.com) IronPort-SDR: AoXu3Iu26rn6u7ep6mSk6I3UCsyoLenpN3NEpn/pc9WoKwDAhKb2dIBg/rfK7KXzbsx0XGcMcu CbHzr/KelZqQ== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Mar 2020 00:49:52 -0700 IronPort-SDR: faO4vTU0xuBG5UjhIhKq8uRgW95FmZ/fGZVyhVPXKZH1rAsSwWfqQgllhEpliaxjFWIDkjOs6j r2+59mEM8XMQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.72,307,1580803200"; d="scan'208";a="271080294" Received: from shwdeopensfp777.ccr.corp.intel.com ([10.239.158.78]) by fmsmga004.fm.intel.com with ESMTP; 26 Mar 2020 00:49:51 -0700 From: "Wang, Jian J" To: devel@edk2.groups.io Cc: Jiewen Yao , Chao Zhang , Nishant C Mistry Subject: [PATCH v5 3/3] SecurityPkg: add null version of VariableKeyLib Date: Thu, 26 Mar 2020 15:49:46 +0800 Message-Id: <20200326074946.1304-4-jian.j.wang@intel.com> X-Mailer: git-send-email 2.24.0.windows.2 In-Reply-To: <20200326074946.1304-1-jian.j.wang@intel.com> References: <20200326074946.1304-1-jian.j.wang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable > v5: change VariableRootKey to VariableKey REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2594 Add null version of VariableKeyLib instance. The full version should be provided by platforms which supports key generator. Cc: Jiewen Yao Cc: Chao Zhang Cc: Nishant C Mistry Signed-off-by: Jian J Wang --- .../VariableKeyLibNull/VariableKeyLibNull.c | 67 +++++++++++++++++++ .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 +++++++++ SecurityPkg/SecurityPkg.dsc | 2 + 3 files changed, 102 insertions(+) create mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.c create mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.inf diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/= SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c new file mode 100644 index 0000000000..3ddb37cabc --- /dev/null +++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c @@ -0,0 +1,67 @@ +/** @file=0D + Null version of VariableKeyLib for build purpose. Don't use it in real p= roduct.=0D +=0D +Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D +SPDX-License-Identifier: BSD-2-Clause-Patent=0D +=0D +**/=0D +#include =0D +#include =0D +=0D +/**=0D + Retrieves the key for integrity and/or confidentiality of variables.=0D +=0D + @param[out] VariableKey A pointer to pointer for the variabl= e key buffer.=0D + @param[in,out] VariableKeySize The size in bytes of the variable ke= y.=0D +=0D + @retval EFI_SUCCESS The variable key was returned.=0D + @retval EFI_DEVICE_ERROR An error occurred while attempting= to get the variable key.=0D + @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D + @retval EFI_UNSUPPORTED The variable key is not supported = in the current boot configuration.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +GetVariableKey (=0D + OUT VOID **VariableKey,=0D + IN OUT UINTN *VariableKeySize=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return EFI_UNSUPPORTED;=0D +}=0D +=0D +/**=0D + Regenerates the variable key.=0D +=0D + @retval EFI_SUCCESS The variable key was regenerated s= uccessfully.=0D + @retval EFI_DEVICE_ERROR An error occurred while attempting= to regenerate the key.=0D + @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D + @retval EFI_UNSUPPORTED Key regeneration is not supported = in the current boot configuration.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +RegenerateVariableKey (=0D + VOID=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return EFI_UNSUPPORTED;=0D +}=0D +=0D +/**=0D + Locks the regenerate key interface.=0D +=0D + @retval EFI_SUCCESS The key interface was locked succe= ssfully.=0D + @retval EFI_UNSUPPORTED Locking the key interface is not s= upported in the current boot configuration.=0D + @retval Others An error occurred while attempting= to lock the key interface.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +LockVariableKeyInterface (=0D + VOID=0D + )=0D +{=0D + ASSERT (FALSE);=0D + return EFI_UNSUPPORTED;=0D +}=0D +=0D diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf = b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf new file mode 100644 index 0000000000..ea74e38cf9 --- /dev/null +++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf @@ -0,0 +1,33 @@ +## @file=0D +# Provides Null version of VariableKeyLib for build only.=0D +#=0D +# Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D +# SPDX-License-Identifier: BSD-2-Clause-Patent=0D +#=0D +##=0D +=0D +[Defines]=0D + INF_VERSION =3D 0x00010029=0D + BASE_NAME =3D VariableKeyLibNull=0D + FILE_GUID =3D 2B640ED8-1E6A-4516-9F1D-25910E59BC4A= =0D + MODULE_TYPE =3D BASE=0D + VERSION_STRING =3D 1.0=0D + LIBRARY_CLASS =3D VariableKeyLib=0D +=0D +#=0D +# The following information is for reference only and not required by the = build tools.=0D +#=0D +# VALID_ARCHITECTURES =3D IA32 X64 Arm AArch64=0D +#=0D +=0D +[Sources]=0D + VariableKeyLibNull.c=0D +=0D +[Packages]=0D + MdePkg/MdePkg.dec=0D + SecurityPkg/SecurityPkg.dec=0D +=0D +[LibraryClasses]=0D + BaseLib=0D + DebugLib=0D +=0D diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 97e0e7ed6e..4b85f77b02 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -64,6 +64,7 @@ TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi= b.inf=0D TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi= b.inf=0D ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSyst= emLibNull.inf=0D + VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull= .inf=0D RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf=0D =0D [LibraryClasses.ARM]=0D @@ -221,6 +222,7 @@ #=0D # Variable Confidentiality & Integrity=0D #=0D + SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf=0D SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf=0D =0D #=0D --=20 2.24.0.windows.2