From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pg1-f178.google.com (mail-pg1-f178.google.com [209.85.215.178]) by mx.groups.io with SMTP id smtpd.web12.6837.1600841333000669050 for ; Tue, 22 Sep 2020 23:08:53 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@corthon-com.20150623.gappssmtp.com header.s=20150623 header.b=Gx1hRKuu; spf=none, err=permanent DNS error (domain: corthon.com, ip: 209.85.215.178, mailfrom: bret@corthon.com) Received: by mail-pg1-f178.google.com with SMTP id y1so13725229pgk.8 for ; Tue, 22 Sep 2020 23:08:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corthon-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=unf24g3xcAwvjskhA7KhPZk0qMkgdSAsfr9hggUbwk8=; b=Gx1hRKuuxrApxJZaDSnU9NGfMIoMbA3cGxOsfy3hhXzHoDplmhvC8LkaJ255Ft8k9H JfcyEckNAiUZiXbC+r0YemR+PHIm0A+KBGkOjlBykG2LxAEJMjP2vY0nSObTAoSxSPqw rwt3yB6zi+RO2wwtRK969c1rpQwuQXLOjsweibk2Kv7a483/M+Zx3ipF6F/bCnMGoyiJ iwaP/pTv9I1sbIaoIWxjz/wcOsqO1ED5KrEelpq0+8ImyR96omQmXRzxp8VdCGpClAcE Mn4hQDm8WH238VRDzilXUd+ok1aned1H0WajI5dHH0/Xn1H41lK8FgxpzQ2CjMlIlnf9 eu7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=unf24g3xcAwvjskhA7KhPZk0qMkgdSAsfr9hggUbwk8=; b=TDk6e7Pih7OLSTWAzYOeE4V19t7fgO2JZeLjxBqI0DPdP+Uk6d/F6YYzEbuqM82trU mwRFfZJJUu9G4MrgXFSzD0GnHCOPa6phnn2Y7MnAeFNjsuoz57H1Tp4VVB1HShNx8UfR Z+HlyMbZNABmHu5WBu2qA8qiLsEvGuf/c/UHewFtll8976JNB3O28qyyosweF/edb/5O 8ZlbJ3QlOFytEypUUsEX7T2lnMBsTTSz0LzNLTCqSeqFAGo06JjMQa4GmveDQ2CZiQRL x/cQLO/sGCd4vjYSTHrELt5CkYMKSY43xhl63LuK7Qplr9GOxmZU1VDpDP1A8/fmoMD7 w3Xw== X-Gm-Message-State: AOAM532LOTO4pXLItAl2v8BPcIa1CtBNQWHT2EChMEgN8yY/g/8bZm6B Cs0Z5godRQzBPBFiZqpyoJmL9ABzjbxyT6ET X-Google-Smtp-Source: ABdhPJxPT9VPseRgQA70IekK3WXBNeKe487IFkn+uZVkZQn5ALKND9aSPBzoZCWpVo1q+aci51sPIw== X-Received: by 2002:aa7:9157:0:b029:142:2501:3984 with SMTP id 23-20020aa791570000b029014225013984mr7436654pfi.73.1600841332024; Tue, 22 Sep 2020 23:08:52 -0700 (PDT) Return-Path: Received: from localhost.localdomain (174-21-140-128.tukw.qwest.net. [174.21.140.128]) by smtp.gmail.com with ESMTPSA id x4sm16960498pff.57.2020.09.22.23.08.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 22 Sep 2020 23:08:51 -0700 (PDT) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Bret Barkelew Subject: [PATCH v8 05/14] OvmfPkg: Add VariablePolicy engine to OvmfPkg platform Date: Tue, 22 Sep 2020 23:07:39 -0700 Message-Id: <20200923060748.3795-6-bret.barkelew@microsoft.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20200923060748.3795-1-bret.barkelew@microsoft.com> References: <20200923060748.3795-1-bret.barkelew@microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Bret Barkelew https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 5 +++++ OvmfPkg/OvmfPkgIa32X64.dsc | 5 +++++ OvmfPkg/OvmfPkgX64.dsc | 5 +++++ OvmfPkg/OvmfXen.dsc | 4 ++++ 4 files changed, 19 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index fa18adeb5c5a..e1d0d4f8ff13 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -198,6 +199,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -337,6 +340,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -964,6 +968,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 7456a154168d..1c3b654f4df8 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -202,6 +203,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -341,6 +344,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -979,6 +983,7 @@ [Components.X64] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 5bda143fd14d..37da38240c9d 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -202,6 +203,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -341,6 +344,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -975,6 +979,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index e562abd7175d..c9d636a8542a 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -4,6 +4,7 @@ # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D # Copyright (c) 2019, Citrix Systems, Inc.=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -183,6 +184,8 @@ [LibraryClasses] =0D AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -291,6 +294,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D --=20 2.28.0.windows.1