From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-pf1-f179.google.com (mail-pf1-f179.google.com [209.85.210.179]) by mx.groups.io with SMTP id smtpd.web10.7935.1604904396985487292 for ; Sun, 08 Nov 2020 22:46:37 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@corthon-com.20150623.gappssmtp.com header.s=20150623 header.b=oe2bgLFi; spf=none, err=permanent DNS error (domain: corthon.com, ip: 209.85.210.179, mailfrom: bret@corthon.com) Received: by mail-pf1-f179.google.com with SMTP id a18so7010457pfl.3 for ; Sun, 08 Nov 2020 22:46:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=corthon-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=YJeg3mLmC8XuULE14WIQjj+cE751C/vaV4FkWKmKv58=; b=oe2bgLFiGBBMUcPtz5TRNI44NdgNolI52WcMdocPJQS0sjUDUFmSuKjBIDlVohRSEo vcskS/N1ys6+OH6edPvAnomDs+ut5L9TatKJ0gY33W8a4r7jrfEuRLZUCA7+oo7vOqWi kYADzTJ0UAY/sxO3uG6f+/WURfw0VGsY8V5cb+UOc8AolbN0knk2K2TXEbTLdsu53+08 v8d2HTsBX1hMtKbVSScjO82vKBEDvKNVGFikGQ1DEHkL2u9DWNVnRl3lL+3jaKit9/Uk Q/xARu5mK5JI244uoys4bncsMtLBlgMmbstOlo8tI4dS2YpOCXjE3ZlLYAilYlt2S7gy kZlA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=YJeg3mLmC8XuULE14WIQjj+cE751C/vaV4FkWKmKv58=; b=EkEXfPhpzs9hzTTLZlClQ5T8uIEHKSST+pMyhyvhv8X7kfmC3qw5R61gZ9hU69u/J3 gRASuhmBVnqPnIqVIS5NYtVLE4R0oaFVgeKGO+4/1H4fyislPahAswmVZk4WpzVRXdpw Ic1r/JbUxnU3Y3xT8R+t7cfWKtuw83EibGpQWB653590dB58S1rKtkMkDyEITt5viPjJ zjvBoOSi3do1yVv5csJUL3oyT8ycmxZj8mEGgS9BubLdSI6u3nXCS1dHp4jCAxZBsKxo l3iIvb2XswPKLEcPHWTue1SVa0CIJwHel68X88wU+m6jshrG8rZtOWnrc0MkzoCWA0GD bdRg== X-Gm-Message-State: AOAM532Iuvcatu1sy1lsCix/EVKk210py/0jX6ivmPfJQJgHlySvgEPX FwY2ayo69X1VmOhIcl2/8XV5BaJ4wa/Ff7zT X-Google-Smtp-Source: ABdhPJziR5ENACDICbqhK+QKhwAiksr6mi57hwOdg9qdXuPaKrcMPQE3FvAvJAc8qKhiXsK56DsLEw== X-Received: by 2002:a62:2a81:0:b029:18c:310f:74fe with SMTP id q123-20020a622a810000b029018c310f74femr386814pfq.50.1604904396254; Sun, 08 Nov 2020 22:46:36 -0800 (PST) Return-Path: Received: from localhost.localdomain ([71.212.128.184]) by smtp.gmail.com with ESMTPSA id s145sm10215111pfs.187.2020.11.08.22.46.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 08 Nov 2020 22:46:35 -0800 (PST) From: "Bret Barkelew" X-Google-Original-From: Bret Barkelew To: devel@edk2.groups.io Cc: Jordan Justen , Laszlo Ersek , Ard Biesheuvel , Bret Barkelew Subject: [PATCH v9 05/13] OvmfPkg: Add VariablePolicy engine to OvmfPkg platform Date: Sun, 8 Nov 2020 22:45:14 -0800 Message-Id: <20201109064522.919-6-bret.barkelew@microsoft.com> X-Mailer: git-send-email 2.28.0.windows.1 In-Reply-To: <20201109064522.919-1-bret.barkelew@microsoft.com> References: <20201109064522.919-1-bret.barkelew@microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Bret Barkelew https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Bret Barkelew Signed-off-by: Bret Barkelew Reviewed-by: Laszlo Ersek --- OvmfPkg/OvmfPkgIa32.dsc | 5 +++++ OvmfPkg/OvmfPkgIa32X64.dsc | 5 +++++ OvmfPkg/OvmfPkgX64.dsc | 5 +++++ OvmfPkg/OvmfXen.dsc | 4 ++++ 4 files changed, 19 insertions(+) diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc index 58d9f292f9ac..8a45a95d51d5 100644 --- a/OvmfPkg/OvmfPkgIa32.dsc +++ b/OvmfPkg/OvmfPkgIa32.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -198,6 +199,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -337,6 +340,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -968,6 +972,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc index 3551f9710a6c..2ce5c2681d26 100644 --- a/OvmfPkg/OvmfPkgIa32X64.dsc +++ b/OvmfPkg/OvmfPkgIa32X64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -202,6 +203,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -341,6 +344,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -983,6 +987,7 @@ [Components.X64] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc index 7a8bdb8a8697..66fb264149fc 100644 --- a/OvmfPkg/OvmfPkgX64.dsc +++ b/OvmfPkg/OvmfPkgX64.dsc @@ -3,6 +3,7 @@ #=0D # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -202,6 +203,8 @@ [LibraryClasses] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D !endif=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -341,6 +344,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D @@ -979,6 +983,7 @@ [Components] MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf {=0D =0D NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf=0D + NULL|MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.inf=0D }=0D MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf=0D =0D diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc index 34c9de19dfba..26c29e083948 100644 --- a/OvmfPkg/OvmfXen.dsc +++ b/OvmfPkg/OvmfXen.dsc @@ -4,6 +4,7 @@ # Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
= =0D # (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D # Copyright (c) 2019, Citrix Systems, Inc.=0D +# Copyright (c) Microsoft Corporation.=0D #=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -183,6 +184,8 @@ [LibraryClasses] =0D AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf=0D VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf=0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf=0D + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf=0D =0D =0D #=0D @@ -291,6 +294,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf=0D PciLib|OvmfPkg/Library/DxePciLibI440FxQ35/DxePciLibI440FxQ35.inf=0D QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf= =0D + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf=0D =0D [LibraryClasses.common.UEFI_DRIVER]=0D PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf=0D --=20 2.28.0.windows.1