public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [edk2-devel][PATCH] FmpDevicePkg/FmpDxe: Use new Variable Lock interface
@ 2021-10-18  5:14 jie.yang
  2021-10-19  1:47 ` 回复: " gaoliming
  0 siblings, 1 reply; 6+ messages in thread
From: jie.yang @ 2021-10-18  5:14 UTC (permalink / raw)
  To: devel; +Cc: gaoliming, michael.d.kinney, guomin.jiang, wei6.xu, yangjie

From: yangjie <jie.yang@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3655

The code in FmpDevicePkg called the deprecated interface 
VariableLockRequestToLock. So I changed the code in 
FmpDevicePkg using RegisterBasicVariablePolicy, 
instead of the deprecated interface.

Signed-off-by: Yang Jie <jie.yang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
---
 FmpDevicePkg/FmpDevicePkg.dsc         |  1 +
 FmpDevicePkg/FmpDxe/FmpDxe.h          |  4 +-
 FmpDevicePkg/FmpDxe/FmpDxe.inf        |  5 ++-
 FmpDevicePkg/FmpDxe/VariableSupport.c | 65 +++++++++++++--------------
 4 files changed, 37 insertions(+), 38 deletions(-)

diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc
index b420f52a08..7b1af285dd 100644
--- a/FmpDevicePkg/FmpDevicePkg.dsc
+++ b/FmpDevicePkg/FmpDevicePkg.dsc
@@ -53,6 +53,7 @@
   DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf
   DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 !ifdef CONTINUOUS_INTEGRATION
   BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
 !else
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.h b/FmpDevicePkg/FmpDxe/FmpDxe.h
index 1177b1828e..4d94a925b6 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.h
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.h
@@ -4,7 +4,7 @@
   information provided through PCDs and libraries.
 
   Copyright (c) Microsoft Corporation.<BR>
-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -33,11 +33,11 @@
 #include <Library/FmpDependencyDeviceLib.h>
 #include <Protocol/FirmwareManagement.h>
 #include <Protocol/FirmwareManagementProgress.h>
-#include <Protocol/VariableLock.h>
 #include <Guid/SystemResourceTable.h>
 #include <Guid/EventGroup.h>
 #include <LastAttemptStatus.h>
 #include <FmpLastAttemptStatus.h>
+#include <Library/VariablePolicyHelperLib.h>
 
 #define VERSION_STRING_NOT_SUPPORTED  L"VERSION STRING NOT SUPPORTED"
 #define VERSION_STRING_NOT_AVAILABLE  L"VERSION STRING NOT AVAILABLE"
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf
index eeb904a091..1c296388b0 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.inf
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf
@@ -4,7 +4,7 @@
 #  information provided through PCDs and libraries.
 #
 #  Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
-#  Copyright (c) 2018 - 2020, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 ##
@@ -55,14 +55,15 @@
   FmpDependencyLib
   FmpDependencyCheckLib
   FmpDependencyDeviceLib
+  VariablePolicyHelperLib
 
 [Guids]
   gEfiEndOfDxeEventGroupGuid
 
 [Protocols]
-  gEdkiiVariableLockProtocolGuid                ## CONSUMES
   gEfiFirmwareManagementProtocolGuid            ## PRODUCES
   gEdkiiFirmwareManagementProgressProtocolGuid  ## PRODUCES
+  gEdkiiVariablePolicyProtocolGuid              ## CONSUMES
 
 [Pcd]
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable              ## CONSUMES
diff --git a/FmpDevicePkg/FmpDxe/VariableSupport.c b/FmpDevicePkg/FmpDxe/VariableSupport.c
index 86dd5b203b..a1bd949b09 100644
--- a/FmpDevicePkg/FmpDxe/VariableSupport.c
+++ b/FmpDevicePkg/FmpDxe/VariableSupport.c
@@ -3,7 +3,7 @@
   firmware updates.
 
   Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -730,28 +730,29 @@ static
 EFI_STATUS
 LockFmpVariable (
   IN EFI_STATUS                    PreviousStatus,
-  IN EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock,
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy,
   IN CHAR16                        *VariableName
   )
 {
   EFI_STATUS  Status;
 
-  Status = VariableLock->RequestToLock (
-                           VariableLock,
-                           VariableName,
-                           &gEfiCallerIdGuid
-                           );
-  if (!EFI_ERROR (Status)) {
-    return PreviousStatus;
+  // If success, go ahead and set the policies to protect the target variables.
+  Status = RegisterBasicVariablePolicy (VariablePolicy,
+                                        &gEfiCallerIdGuid,
+                                        VariableName,
+                                        VARIABLE_POLICY_NO_MIN_SIZE,
+                                        VARIABLE_POLICY_NO_MAX_SIZE,
+                                        VARIABLE_POLICY_NO_MUST_ATTR,
+                                        VARIABLE_POLICY_NO_CANT_ATTR,
+                                        VARIABLE_POLICY_TYPE_LOCK_NOW);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",
+            mImageIdName,
+            &gEfiCallerIdGuid,
+            VariableName,
+            Status
+           ));
   }
-
-  DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",
-    mImageIdName,
-    &gEfiCallerIdGuid,
-    VariableName,
-    Status
-    ));
-
   if (EFI_ERROR (PreviousStatus)) {
     return PreviousStatus;
   }
@@ -773,26 +774,22 @@ LockAllFmpVariables (
   FIRMWARE_MANAGEMENT_PRIVATE_DATA  *Private
   )
 {
-  EFI_STATUS                    Status;
-  EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock;
-
-  VariableLock = NULL;
-  Status = gBS->LocateProtocol (
-                  &gEdkiiVariableLockProtocolGuid,
-                  NULL,
-                  (VOID **)&VariableLock
-                  );
-  if (EFI_ERROR (Status) || VariableLock == NULL) {
-    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to locate Variable Lock Protocol (%r).\n", mImageIdName, Status));
-    return EFI_UNSUPPORTED;
+  EFI_STATUS                        Status;
+  EDKII_VARIABLE_POLICY_PROTOCOL    *VariablePolicy;
+
+  // Locate the VariablePolicy protocol.
+  Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "FmpDxe %a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status));
+    return Status;
   }
 
   Status = EFI_SUCCESS;
-  Status = LockFmpVariable (Status, VariableLock, Private->VersionVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LsvVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptStatusVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptVersionVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->FmpStateVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->VersionVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LsvVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptStatusVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptVersionVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->FmpStateVariableName);
 
   return Status;
 }
-- 
2.26.2.windows.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [edk2-devel][PATCH] FmpDevicePkg/FmpDxe: Use new Variable Lock interface
@ 2021-10-18  5:51 Xu, Wei6
  0 siblings, 0 replies; 6+ messages in thread
From: Xu, Wei6 @ 2021-10-18  5:51 UTC (permalink / raw)
  To: devel; +Cc: yangjie, Liming Gao, Michael D Kinney, Guomin Jiang

From: yangjie <jie.yang@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3655

The code in FmpDevicePkg called the deprecated interface 
VariableLockRequestToLock. So I changed the code in 
FmpDevicePkg using RegisterBasicVariablePolicy, 
instead of the deprecated interface.

Signed-off-by: Yang Jie <jie.yang@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Wei6 Xu <wei6.xu@intel.com>
---
 FmpDevicePkg/FmpDevicePkg.dsc         |  1 +
 FmpDevicePkg/FmpDxe/FmpDxe.h          |  4 +-
 FmpDevicePkg/FmpDxe/FmpDxe.inf        |  5 ++-
 FmpDevicePkg/FmpDxe/VariableSupport.c | 65 +++++++++++++--------------
 4 files changed, 37 insertions(+), 38 deletions(-)

diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc
index b420f52a08..7b1af285dd 100644
--- a/FmpDevicePkg/FmpDevicePkg.dsc
+++ b/FmpDevicePkg/FmpDevicePkg.dsc
@@ -53,6 +53,7 @@
   DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf
   DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
 !ifdef CONTINUOUS_INTEGRATION
   BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf
 !else
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.h b/FmpDevicePkg/FmpDxe/FmpDxe.h
index 1177b1828e..4d94a925b6 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.h
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.h
@@ -4,7 +4,7 @@
   information provided through PCDs and libraries.
 
   Copyright (c) Microsoft Corporation.<BR>
-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -33,11 +33,11 @@
 #include <Library/FmpDependencyDeviceLib.h>
 #include <Protocol/FirmwareManagement.h>
 #include <Protocol/FirmwareManagementProgress.h>
-#include <Protocol/VariableLock.h>
 #include <Guid/SystemResourceTable.h>
 #include <Guid/EventGroup.h>
 #include <LastAttemptStatus.h>
 #include <FmpLastAttemptStatus.h>
+#include <Library/VariablePolicyHelperLib.h>
 
 #define VERSION_STRING_NOT_SUPPORTED  L"VERSION STRING NOT SUPPORTED"
 #define VERSION_STRING_NOT_AVAILABLE  L"VERSION STRING NOT AVAILABLE"
diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf
index eeb904a091..1c296388b0 100644
--- a/FmpDevicePkg/FmpDxe/FmpDxe.inf
+++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf
@@ -4,7 +4,7 @@
 #  information provided through PCDs and libraries.
 #
 #  Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
-#  Copyright (c) 2018 - 2020, Intel Corporation. All rights reserved.<BR>
+#  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 #
 #  SPDX-License-Identifier: BSD-2-Clause-Patent
 ##
@@ -55,14 +55,15 @@
   FmpDependencyLib
   FmpDependencyCheckLib
   FmpDependencyDeviceLib
+  VariablePolicyHelperLib
 
 [Guids]
   gEfiEndOfDxeEventGroupGuid
 
 [Protocols]
-  gEdkiiVariableLockProtocolGuid                ## CONSUMES
   gEfiFirmwareManagementProtocolGuid            ## PRODUCES
   gEdkiiFirmwareManagementProgressProtocolGuid  ## PRODUCES
+  gEdkiiVariablePolicyProtocolGuid              ## CONSUMES
 
 [Pcd]
   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable              ## CONSUMES
diff --git a/FmpDevicePkg/FmpDxe/VariableSupport.c b/FmpDevicePkg/FmpDxe/VariableSupport.c
index 86dd5b203b..a1bd949b09 100644
--- a/FmpDevicePkg/FmpDxe/VariableSupport.c
+++ b/FmpDevicePkg/FmpDxe/VariableSupport.c
@@ -3,7 +3,7 @@
   firmware updates.
 
   Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>
-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>
 
   SPDX-License-Identifier: BSD-2-Clause-Patent
 
@@ -730,28 +730,29 @@ static
 EFI_STATUS
 LockFmpVariable (
   IN EFI_STATUS                    PreviousStatus,
-  IN EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock,
+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy,
   IN CHAR16                        *VariableName
   )
 {
   EFI_STATUS  Status;
 
-  Status = VariableLock->RequestToLock (
-                           VariableLock,
-                           VariableName,
-                           &gEfiCallerIdGuid
-                           );
-  if (!EFI_ERROR (Status)) {
-    return PreviousStatus;
+  // If success, go ahead and set the policies to protect the target variables.
+  Status = RegisterBasicVariablePolicy (VariablePolicy,
+                                        &gEfiCallerIdGuid,
+                                        VariableName,
+                                        VARIABLE_POLICY_NO_MIN_SIZE,
+                                        VARIABLE_POLICY_NO_MAX_SIZE,
+                                        VARIABLE_POLICY_NO_MUST_ATTR,
+                                        VARIABLE_POLICY_NO_CANT_ATTR,
+                                        VARIABLE_POLICY_TYPE_LOCK_NOW);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",
+            mImageIdName,
+            &gEfiCallerIdGuid,
+            VariableName,
+            Status
+           ));
   }
-
-  DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",
-    mImageIdName,
-    &gEfiCallerIdGuid,
-    VariableName,
-    Status
-    ));
-
   if (EFI_ERROR (PreviousStatus)) {
     return PreviousStatus;
   }
@@ -773,26 +774,22 @@ LockAllFmpVariables (
   FIRMWARE_MANAGEMENT_PRIVATE_DATA  *Private
   )
 {
-  EFI_STATUS                    Status;
-  EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock;
-
-  VariableLock = NULL;
-  Status = gBS->LocateProtocol (
-                  &gEdkiiVariableLockProtocolGuid,
-                  NULL,
-                  (VOID **)&VariableLock
-                  );
-  if (EFI_ERROR (Status) || VariableLock == NULL) {
-    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to locate Variable Lock Protocol (%r).\n", mImageIdName, Status));
-    return EFI_UNSUPPORTED;
+  EFI_STATUS                        Status;
+  EDKII_VARIABLE_POLICY_PROTOCOL    *VariablePolicy;
+
+  // Locate the VariablePolicy protocol.
+  Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "FmpDxe %a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status));
+    return Status;
   }
 
   Status = EFI_SUCCESS;
-  Status = LockFmpVariable (Status, VariableLock, Private->VersionVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LsvVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptStatusVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptVersionVariableName);
-  Status = LockFmpVariable (Status, VariableLock, Private->FmpStateVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->VersionVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LsvVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptStatusVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptVersionVariableName);
+  Status = LockFmpVariable (Status, VariablePolicy, Private->FmpStateVariableName);
 
   return Status;
 }
-- 
2.26.2.windows.1


^ permalink raw reply related	[flat|nested] 6+ messages in thread
* [edk2-devel][PATCH] FmpDevicePkg/FmpDxe: Use new Variable Lock interface
@ 2021-10-18  4:26 Yang, Jie
  0 siblings, 0 replies; 6+ messages in thread
From: Yang, Jie @ 2021-10-18  4:26 UTC (permalink / raw)
  To: devel@edk2.groups.io; +Cc: Yang, Jie

[-- Attachment #1: Type: text/plain, Size: 7433 bytes --]

From: yangjie <jie.yang@intel.com<mailto:jie.yang@intel.com>>



REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3655



The code in FmpDevicePkg called the deprecated interface VariableLockRequestToLock. So I changed the code in FmpDevicePkg using RegisterBasicVariablePolicy, instead of the deprecated interface.



Signed-off-by: Yang Jie <jie.yang@intel.com<mailto:jie.yang@intel.com>>

---

FmpDevicePkg/FmpDevicePkg.dsc         |  1 +

FmpDevicePkg/FmpDxe/FmpDxe.h          |  4 +-

FmpDevicePkg/FmpDxe/FmpDxe.inf        |  5 ++-

FmpDevicePkg/FmpDxe/VariableSupport.c | 65 +++++++++++++--------------

4 files changed, 37 insertions(+), 38 deletions(-)



diff --git a/FmpDevicePkg/FmpDevicePkg.dsc b/FmpDevicePkg/FmpDevicePkg.dsc index b420f52a08..7b1af285dd 100644

--- a/FmpDevicePkg/FmpDevicePkg.dsc

+++ b/FmpDevicePkg/FmpDevicePkg.dsc

@@ -53,6 +53,7 @@

   DebugLib|MdePkg/Library/UefiDebugLibStdErr/UefiDebugLibStdErr.inf   DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf !ifdef CONTINUOUS_INTEGRATION   BaseCryptLib|CryptoPkg/Library/BaseCryptLibNull/BaseCryptLibNull.inf !elsediff --git a/FmpDevicePkg/FmpDxe/FmpDxe.h b/FmpDevicePkg/FmpDxe/FmpDxe.h

index 1177b1828e..4d94a925b6 100644

--- a/FmpDevicePkg/FmpDxe/FmpDxe.h

+++ b/FmpDevicePkg/FmpDxe/FmpDxe.h

@@ -4,7 +4,7 @@

   information provided through PCDs and libraries.    Copyright (c) Microsoft Corporation.<BR>-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>    SPDX-License-Identifier: BSD-2-Clause-Patent @@ -33,11 +33,11 @@

#include <Library/FmpDependencyDeviceLib.h> #include <Protocol/FirmwareManagement.h> #include <Protocol/FirmwareManagementProgress.h>-#include <Protocol/VariableLock.h> #include <Guid/SystemResourceTable.h> #include <Guid/EventGroup.h> #include <LastAttemptStatus.h> #include <FmpLastAttemptStatus.h>+#include <Library/VariablePolicyHelperLib.h>  #define VERSION_STRING_NOT_SUPPORTED  L"VERSION STRING NOT SUPPORTED" #define VERSION_STRING_NOT_AVAILABLE  L"VERSION STRING NOT AVAILABLE"diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf index eeb904a091..1c296388b0 100644

--- a/FmpDevicePkg/FmpDxe/FmpDxe.inf

+++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf

@@ -4,7 +4,7 @@

#  information provided through PCDs and libraries. # #  Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>-#  Copyright (c) 2018 - 2020, Intel Corporation. All rights reserved.<BR>+#  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR> # #  SPDX-License-Identifier: BSD-2-Clause-Patent ##@@ -55,14 +55,15 @@

   FmpDependencyLib   FmpDependencyCheckLib   FmpDependencyDeviceLib+  VariablePolicyHelperLib  [Guids]   gEfiEndOfDxeEventGroupGuid  [Protocols]-  gEdkiiVariableLockProtocolGuid                ## CONSUMES   gEfiFirmwareManagementProtocolGuid            ## PRODUCES   gEdkiiFirmwareManagementProgressProtocolGuid  ## PRODUCES+  gEdkiiVariablePolicyProtocolGuid              ## CONSUMES  [Pcd]   gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable              ## CONSUMESdiff --git a/FmpDevicePkg/FmpDxe/VariableSupport.c b/FmpDevicePkg/FmpDxe/VariableSupport.c

index 86dd5b203b..a1bd949b09 100644

--- a/FmpDevicePkg/FmpDxe/VariableSupport.c

+++ b/FmpDevicePkg/FmpDxe/VariableSupport.c

@@ -3,7 +3,7 @@

   firmware updates.    Copyright (c) 2016, Microsoft Corporation. All rights reserved.<BR>-  Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.<BR>+  Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.<BR>    SPDX-License-Identifier: BSD-2-Clause-Patent @@ -730,28 +730,29 @@ static

EFI_STATUS LockFmpVariable (   IN EFI_STATUS                    PreviousStatus,-  IN EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock,+  EDKII_VARIABLE_POLICY_PROTOCOL   *VariablePolicy,   IN CHAR16                        *VariableName   ) {   EFI_STATUS  Status; -  Status = VariableLock->RequestToLock (-                           VariableLock,-                           VariableName,-                           &gEfiCallerIdGuid-                           );-  if (!EFI_ERROR (Status)) {-    return PreviousStatus;+  // If success, go ahead and set the policies to protect the target variables.+  Status = RegisterBasicVariablePolicy (VariablePolicy,+                                        &gEfiCallerIdGuid,+                                        VariableName,+                                        VARIABLE_POLICY_NO_MIN_SIZE,+                                        VARIABLE_POLICY_NO_MAX_SIZE,+                                        VARIABLE_POLICY_NO_MUST_ATTR,+                                        VARIABLE_POLICY_NO_CANT_ATTR,+                                        VARIABLE_POLICY_TYPE_LOCK_NOW);+  if (EFI_ERROR (Status)) {+    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",+            mImageIdName,+            &gEfiCallerIdGuid,+            VariableName,+            Status+           ));   }--  DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s.  Status = %r\n",-    mImageIdName,-    &gEfiCallerIdGuid,-    VariableName,-    Status-    ));-   if (EFI_ERROR (PreviousStatus)) {     return PreviousStatus;   }@@ -773,26 +774,22 @@ LockAllFmpVariables (

   FIRMWARE_MANAGEMENT_PRIVATE_DATA  *Private   ) {-  EFI_STATUS                    Status;-  EDKII_VARIABLE_LOCK_PROTOCOL  *VariableLock;--  VariableLock = NULL;-  Status = gBS->LocateProtocol (-                  &gEdkiiVariableLockProtocolGuid,-                  NULL,-                  (VOID **)&VariableLock-                  );-  if (EFI_ERROR (Status) || VariableLock == NULL) {-    DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to locate Variable Lock Protocol (%r).\n", mImageIdName, Status));-    return EFI_UNSUPPORTED;+  EFI_STATUS                        Status;+  EDKII_VARIABLE_POLICY_PROTOCOL    *VariablePolicy;++  // Locate the VariablePolicy protocol.+  Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy );+  if (EFI_ERROR (Status)) {+    DEBUG ((DEBUG_ERROR, "FmpDxe %a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status));+    return Status;   }    Status = EFI_SUCCESS;-  Status = LockFmpVariable (Status, VariableLock, Private->VersionVariableName);-  Status = LockFmpVariable (Status, VariableLock, Private->LsvVariableName);-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptStatusVariableName);-  Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptVersionVariableName);-  Status = LockFmpVariable (Status, VariableLock, Private->FmpStateVariableName);+  Status = LockFmpVariable (Status, VariablePolicy, Private->VersionVariableName);+  Status = LockFmpVariable (Status, VariablePolicy, Private->LsvVariableName);+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptStatusVariableName);+  Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptVersionVariableName);+  Status = LockFmpVariable (Status, VariablePolicy, Private->FmpStateVariableName);    return Status; }--

2.26.2.windows.1


[-- Attachment #2: Type: text/html, Size: 15389 bytes --]

^ permalink raw reply	[flat|nested] 6+ messages in thread

end of thread, other threads:[~2021-10-19  2:38 UTC | newest]

Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2021-10-18  5:14 [edk2-devel][PATCH] FmpDevicePkg/FmpDxe: Use new Variable Lock interface jie.yang
2021-10-19  1:47 ` 回复: " gaoliming
2021-10-19  2:05   ` Xu, Wei6
2021-10-19  2:38     ` Yang Jie
  -- strict thread matches above, loose matches on Subject: below --
2021-10-18  5:51 Xu, Wei6
2021-10-18  4:26 Yang, Jie

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox