From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mail-pf1-f170.google.com (mail-pf1-f170.google.com [209.85.210.170])
 by mx.groups.io with SMTP id smtpd.web10.37164.1598594026117236881
 for <devel@edk2.groups.io>;
 Thu, 27 Aug 2020 22:53:46 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@corthon-com.20150623.gappssmtp.com header.s=20150623 header.b=N8AY2Yuv;
 spf=none, err=permanent DNS error (domain: corthon.com, ip: 209.85.210.170, mailfrom: bret@corthon.com)
Received: by mail-pf1-f170.google.com with SMTP id t9so96632pfq.8
        for <devel@edk2.groups.io>; Thu, 27 Aug 2020 22:53:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=corthon-com.20150623.gappssmtp.com; s=20150623;
        h=from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=2AIWIKIfOnslmQVhHDMtHZcfTuJUj4IYeYU9Z3ng+EQ=;
        b=N8AY2Yuv6uHgqS+a2CxUau8X8nzSpK61srywS8d65Gx9jqTVXMyQd0u6/uq92x7896
         wAyJNbxHDSTdSVQ591ynVcNQq7lqJ+IRgbbAg6JsmeWGt12AdIezW1MRF1ZTx0uK3TGo
         MnKyBq0huKuBD4PZdueyGC1qGYi6+bPCutxQg+EGcu3H06jKSLvdDY3FRvDZ3if6pfgs
         lOeo/h0EbePOTdDAl4DeFId3WmLuw9/C3mjQwDiQeRIrS0/jzrwgiiComWJELc8VntzI
         jZm04+FdL9CubSer+rtJYUYsMTnRwfA11LDASbnUkoSmp47pUiifR8e393kBt/GGdCrz
         FEeA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
         :content-transfer-encoding;
        bh=2AIWIKIfOnslmQVhHDMtHZcfTuJUj4IYeYU9Z3ng+EQ=;
        b=kGQ3h+zK978tQ/weytRDlX6xD+wtB2bw4rc7B0sfdQoVrOP5ahuFn5H/w6BtyjcFN3
         ++bHwQ5xu2IK+SuFVts5KpZPngAll8E2OqCwvIi0zmm+FYHP6nri2BVLtfVNCf/PsmUY
         Kwr8bMNXANlEQr+dyWw2ecifPYw7dOYhrbSll5EodVuzMQmHzs2mXRGZSa6kFqNI9tKE
         ITGZfkLrw895HEaFznovrEFbfMVc9lGvFLW0TAJ+rTLb+0x1r4OqW17bbzzBmvgLgme7
         XNqB6Nnscn3LrKQE+Qgx9HElKGoexar7/47lRLQCGj48TodP+aFefyi48JWGftX9i4Oc
         KJFA==
X-Gm-Message-State: AOAM532vGPfoAz57v42NTcKZy7IwlAB9S0IXpl/uIqk0z1XnkFt4DfJE
	yyO1X4ZjDjVlsKbmK8nXmReZSujsYqOOp30xB2E=
X-Google-Smtp-Source: ABdhPJxdeU3HOzW5K+JAqGWNVrrbuGOhoomQqouQDSElWoWjqXE4Nz6O3b9Y+4ddJMmcQ9Iwk/ZNnQ==
X-Received: by 2002:a63:7e42:: with SMTP id o2mr58540pgn.260.1598594025325;
        Thu, 27 Aug 2020 22:53:45 -0700 (PDT)
Return-Path: <bret@corthon.com>
Received: from localhost.localdomain (174-21-132-206.tukw.qwest.net. [174.21.132.206])
        by smtp.gmail.com with ESMTPSA id np4sm82238pjb.4.2020.08.27.22.53.44
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 27 Aug 2020 22:53:44 -0700 (PDT)
From: "Bret Barkelew" <bret@corthon.com>
X-Google-Original-From: Bret Barkelew <brbarkel@microsoft.com>
To: devel@edk2.groups.io
Cc: Jordan Justen <jordan.l.justen@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	Ard Biesheuvel <ard.biesheuvel@arm.com>
Subject: [PATCH v7 05/14] OvmfPkg: Add VariablePolicy engine to OvmfPkg platform
Date: Thu, 27 Aug 2020 22:53:15 -0700
Message-Id: <20200828055324.1713-6-brbarkel@microsoft.com>
X-Mailer: git-send-email 2.28.0.windows.1
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522

Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 OvmfPkg/OvmfPkgIa32.dsc    | 5 +++++
 OvmfPkg/OvmfPkgIa32X64.dsc | 5 +++++
 OvmfPkg/OvmfPkgX64.dsc     | 5 +++++
 OvmfPkg/OvmfXen.dsc        | 4 ++++
 4 files changed, 19 insertions(+)

diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc
index 133a9a93c071..f9867167b070 100644
--- a/OvmfPkg/OvmfPkgIa32.dsc
+++ b/OvmfPkg/OvmfPkgIa32.dsc
@@ -3,6 +3,7 @@
 #=0D
 #  Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>=
=0D
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>=0D
+#  Copyright (c) Microsoft Corporation.=0D
 #=0D
 #  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -197,6 +198,8 @@ [LibraryClasses]
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib=
Null.inf=0D
 !endif=0D
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ib.inf=0D
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var=
iablePolicyHelperLib.inf=0D
 =0D
 =0D
   #=0D
@@ -336,6 +339,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf=
=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ibRuntimeDxe.inf=0D
 =0D
 [LibraryClasses.common.UEFI_DRIVER]=0D
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D
@@ -963,6 +967,7 @@ [Components]
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D
     <LibraryClasses>=0D
       NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D
+      NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D
   }=0D
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D
 =0D
diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc
index 338c38db29b5..440b60c758d3 100644
--- a/OvmfPkg/OvmfPkgIa32X64.dsc
+++ b/OvmfPkg/OvmfPkgIa32X64.dsc
@@ -3,6 +3,7 @@
 #=0D
 #  Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>=
=0D
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>=0D
+#  Copyright (c) Microsoft Corporation.=0D
 #=0D
 #  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -201,6 +202,8 @@ [LibraryClasses]
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib=
Null.inf=0D
 !endif=0D
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ib.inf=0D
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var=
iablePolicyHelperLib.inf=0D
 =0D
 =0D
   #=0D
@@ -340,6 +343,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf=
=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ibRuntimeDxe.inf=0D
 =0D
 [LibraryClasses.common.UEFI_DRIVER]=0D
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D
@@ -978,6 +982,7 @@ [Components.X64]
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D
     <LibraryClasses>=0D
       NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D
+      NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D
   }=0D
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D
 =0D
diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index b80710fbdca4..3098f5b48f65 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -3,6 +3,7 @@
 #=0D
 #  Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>=
=0D
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>=0D
+#  Copyright (c) Microsoft Corporation.=0D
 #=0D
 #  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -201,6 +202,8 @@ [LibraryClasses]
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib=
Null.inf=0D
 !endif=0D
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ib.inf=0D
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var=
iablePolicyHelperLib.inf=0D
 =0D
 =0D
   #=0D
@@ -340,6 +343,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf=
=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ibRuntimeDxe.inf=0D
 =0D
 [LibraryClasses.common.UEFI_DRIVER]=0D
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D
@@ -974,6 +978,7 @@ [Components]
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D
     <LibraryClasses>=0D
       NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D
+      NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D
   }=0D
   MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D
 =0D
diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc
index 37b63a874067..1b1857fb74fd 100644
--- a/OvmfPkg/OvmfXen.dsc
+++ b/OvmfPkg/OvmfXen.dsc
@@ -4,6 +4,7 @@
 #  Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>=
=0D
 #  (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>=0D
 #  Copyright (c) 2019, Citrix Systems, Inc.=0D
+#  Copyright (c) Microsoft Corporation.=0D
 #=0D
 #  SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -182,6 +183,8 @@ [LibraryClasses]
 =0D
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib=
Null.inf=0D
   VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ib.inf=0D
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var=
iablePolicyHelperLib.inf=0D
 =0D
 =0D
   #=0D
@@ -290,6 +293,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D
   PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf=
=0D
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
ibRuntimeDxe.inf=0D
 =0D
 [LibraryClasses.common.UEFI_DRIVER]=0D
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D
--=20
2.28.0.windows.1