From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f180.google.com (mail-pg1-f180.google.com [209.85.215.180]) by mx.groups.io with SMTP id smtpd.web12.8355.1591167537094459431 for ; Tue, 02 Jun 2020 23:58:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@corthon-com.20150623.gappssmtp.com header.s=20150623 header.b=YVodJMG9; spf=none, err=permanent DNS error (domain: corthon.com, ip: 209.85.215.180, mailfrom: bret@corthon.com) Received: by mail-pg1-f180.google.com with SMTP id 185so1091072pgb.10 for ; Tue, 02 Jun 2020 23:58:57 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corthon-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=nAB2a01KvnWCJEum8tOoARpLrDbOmE+DXysIYBS6GCM=; b=YVodJMG9UTPhaeL9oQdpcps96cPYFm9UXUfVCPAIh8P9uuF1mhvM4eVpT38Vw790P0 l8DgJPt3Lzp/UD0cGBPU3jj8MaBMPQxx+Atf9zTJbnp005zwN5J+uYGRAM6ZqjEsIrll WWSbjQAdwQmqLdEcNojheoU0ck58ILnloRIep85fIn3UTKU9FellZFcrtzvd8Y4EC7HA 03ls0FIwU2rTYjWePJnc6jtlWTl6Qqyf7TV9i7t6fGyof5NmEvQb7xaAZgsBlsvmZAUX 9G5p/NIhLiC1eu5u9oT3QzKprrn8R0+5nX+5yesmIusp+zRuTEK9aVGAHG49hdzFm7E8 7/lQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=nAB2a01KvnWCJEum8tOoARpLrDbOmE+DXysIYBS6GCM=; b=ok/dL3unU/LSyz8XKip/+2PRiTMUIJnAgf7yISjNW/uaYuzyCx0xZ99d59WY+iFBw5 ObgE1oiZbd+Aw2OJYaJq5UW+hlNdxJ3YzavCVxuFghrQllSePgmIXae6tiQmqrT0Lorq lXxSLnXECyZ7XYeZ7jvFoF68nPXZjXVn0nWPa+fegMKWuT8VvyUFWQ7eaHuyieYM50iM nIr+pbhYlW/usBkoPP4Buln8RySNOgYt1KpQwJ4zUYBuJw1wES2T+d6kfNqFakb/7Tax xLzKpE5QwHk7IxCup/a6f0sSsyMQofh5UZlN/GqHyf8Qeb11pFcu/ZIrBjgOjUpOQtaI uPFQ== X-Gm-Message-State: AOAM531aeyHxPSO88xHUbkZ7GRqCJSloIIcPIpqr06zmLpCrxa/UsOcP mgP4KhWmM+CdwM3A7lxLfmmIQwd7MiA= X-Google-Smtp-Source: ABdhPJxfIFAPkLTU6/rJpo9qB8Iql+psW3TyobpsGh6QmIO0P/hTZ19Ca3eHRHtRDtEDauKfMcFTeQ== X-Received: by 2002:a63:7453:: with SMTP id e19mr27043103pgn.139.1591167536485; Tue, 02 Jun 2020 23:58:56 -0700 (PDT) Return-Path: Received: from localhost.localdomain ([71.212.144.72]) by smtp.gmail.com with ESMTPSA id y6sm1262003pjn.37.2020.06.02.23.58.55 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 02 Jun 2020 23:58:55 -0700 (PDT) From: Bret Barkelew X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel Subject: [PATCH v5 05/14] OvmfPkg: Add VariablePolicy engine to OvmfPkg platform Date: Tue, 2 Jun 2020 23:58:01 -0700 Message-Id: <20200603065810.806-6-brbarkel@microsoft.com> X-Mailer: git-send-email 2.26.2.windows.1.8.g01c50adf56.20200515075929 In-Reply-To: <20200603065810.806-1-brbarkel@microsoft.com> References: <20200603065810.806-1-brbarkel@microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 5 +++++ OvmfPkg/OvmfPkgIa32X64.dsc | 5 +++++ OvmfPkg/OvmfPkgX64.dsc | 5 +++++ OvmfPkg/OvmfXen.dsc | 4 ++++ 4 files changed, 19 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index d0df9cbbfb2b..95d13250252a 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -196,6 +197,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -334,6 +337,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -957,6 +961,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index b3ae62fee92b..25ee9da2e67d 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -200,6 +201,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -338,6 +341,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -972,6 +976,7 @@ [Components.X64] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index f7fe75ebf531..f8a4c02e495d 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -200,6 +201,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -338,6 +341,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -968,6 +972,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 3af0ee705407..8dac706fbab0 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -4,6 +4,7 @@ # Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D # Copyright (c) 2019, Citrix Systems, Inc.=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -182,6 +183,8 @@ [LibraryClasses] =0D AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -289,6 +292,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D --=20 2.26.2.windows.1.8.g01c50adf56.20200515075929