From: "Wang, Jian J" <jian.j.wang@intel.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
Michael D Kinney <michael.d.kinney@intel.com>,
Nishant C Mistry <nishant.c.mistry@intel.com>,
Judah Vang <judah.vang@intel.com>
Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
Date: Thu, 15 Dec 2022 11:02:23 +0800 [thread overview]
Message-ID: <20221215030223.899-1-jian.j.wang@intel.com> (raw)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
There's no real usage of these two libraries. They're deprecated.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Cc: Judah Vang <judah.vang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
.../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
.../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
.../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
SecurityPkg/SecurityPkg.dec | 8 ---
SecurityPkg/SecurityPkg.dsc | 4 --
8 files changed, 291 deletions(-)
delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
diff --git a/SecurityPkg/Include/Library/RpmcLib.h b/SecurityPkg/Include/Library/RpmcLib.h
deleted file mode 100644
index df4ba34ba8..0000000000
--- a/SecurityPkg/Include/Library/RpmcLib.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/** @file
- Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#ifndef _RPMC_LIB_H_
-#define _RPMC_LIB_H_
-
-#include <Uefi/UefiBaseType.h>
-
-/**
- Requests the monotonic counter from the designated RPMC counter.
-
- @param[out] CounterValue A pointer to a buffer to store the RPMC value.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-RequestMonotonicCounter (
- OUT UINT32 *CounterValue
- );
-
-/**
- Increments the monotonic counter in the SPI flash device by 1.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-IncrementMonotonicCounter (
- VOID
- );
-
-#endif
diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h b/SecurityPkg/Include/Library/VariableKeyLib.h
deleted file mode 100644
index 561ebad09d..0000000000
--- a/SecurityPkg/Include/Library/VariableKeyLib.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/** @file
- Public definitions for Variable Key Library.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#ifndef _VARIABLE_KEY_LIB_H_
-#define _VARIABLE_KEY_LIB_H_
-
-#include <Uefi/UefiBaseType.h>
-
-/**
- Retrieves the key for integrity and/or confidentiality of variables.
-
- @param[out] VariableKey A pointer to pointer for the variable key buffer.
- @param[in,out] VariableKeySize The size in bytes of the variable key.
-
- @retval EFI_SUCCESS The variable key was returned.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-GetVariableKey (
- OUT VOID **VariableKey,
- IN OUT UINTN *VariableKeySize
- );
-
-/**
- Regenerates the variable key.
-
- @retval EFI_SUCCESS The variable key was regenerated successfully.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-RegenerateVariableKey (
- VOID
- );
-
-/**
- Locks the regenerate key interface.
-
- @retval EFI_SUCCESS The key interface was locked successfully.
- @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration.
- @retval Others An error occurred while attempting to lock the key interface.
-**/
-EFI_STATUS
-EFIAPI
-LockVariableKeyInterface (
- VOID
- );
-
-#endif
diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
deleted file mode 100644
index 792e48250e..0000000000
--- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/** @file
- NULL RpmcLib instance for build purpose.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include <Library/DebugLib.h>
-#include <Library/RpmcLib.h>
-
-/**
- Requests the monotonic counter from the designated RPMC counter.
-
- @param[out] CounterValue A pointer to a buffer to store the RPMC value.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-RequestMonotonicCounter (
- OUT UINT32 *CounterValue
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Increments the monotonic counter in the SPI flash device by 1.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-IncrementMonotonicCounter (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
deleted file mode 100644
index 500edfa87d..0000000000
--- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
+++ /dev/null
@@ -1,33 +0,0 @@
-## @file
-# Provides Null version of RpmcLib for build purpose.
-#
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-# SPDX-License-Identifier: BSD-2-Clause-Patent
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010029
- BASE_NAME = RpmcLibNull
- FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
- MODULE_TYPE = BASE
- VERSION_STRING = 1.0
- LIBRARY_CLASS = RpmcLib
-
-#
-# The following information is for reference only and not required by the build tools.
-#
-# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
-#
-
-[Sources]
- RpmcLibNull.c
-
-[Packages]
- MdePkg/MdePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- BaseLib
- DebugLib
-
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
deleted file mode 100644
index a08def767b..0000000000
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/** @file
- Null version of VariableKeyLib for build purpose. Don't use it in real product.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-#include <Library/DebugLib.h>
-#include <Library/VariableKeyLib.h>
-
-/**
- Retrieves the key for integrity and/or confidentiality of variables.
-
- @param[out] VariableKey A pointer to pointer for the variable key buffer.
- @param[in,out] VariableKeySize The size in bytes of the variable key.
-
- @retval EFI_SUCCESS The variable key was returned.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-GetVariableKey (
- OUT VOID **VariableKey,
- IN OUT UINTN *VariableKeySize
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Regenerates the variable key.
-
- @retval EFI_SUCCESS The variable key was regenerated successfully.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-RegenerateVariableKey (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Locks the regenerate key interface.
-
- @retval EFI_SUCCESS The key interface was locked successfully.
- @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration.
- @retval Others An error occurred while attempting to lock the key interface.
-**/
-EFI_STATUS
-EFIAPI
-LockVariableKeyInterface (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
deleted file mode 100644
index ea74e38cf9..0000000000
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
+++ /dev/null
@@ -1,33 +0,0 @@
-## @file
-# Provides Null version of VariableKeyLib for build only.
-#
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-# SPDX-License-Identifier: BSD-2-Clause-Patent
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010029
- BASE_NAME = VariableKeyLibNull
- FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
- MODULE_TYPE = BASE
- VERSION_STRING = 1.0
- LIBRARY_CLASS = VariableKeyLib
-
-#
-# The following information is for reference only and not required by the build tools.
-#
-# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
-#
-
-[Sources]
- VariableKeyLibNull.c
-
-[Packages]
- MdePkg/MdePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- BaseLib
- DebugLib
-
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 7ecf9565d9..358b3dc543 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -80,14 +80,6 @@
#
TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
- ## @libraryclass Provides interfaces to access RPMC device.
- #
- RpmcLib|Include/Library/RpmcLib.h
-
- ## @libraryclass Provides interfaces to access variable root key.
- #
- VariableKeyLib|Include/Library/VariableKeyLib.h
-
## @libraryclass Provides interfaces about firmware TPM measurement.
#
TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 30d911d8a1..2f679c87a9 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -68,8 +68,6 @@
TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLib.inf
TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLib.inf
ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
- VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
- RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
@@ -264,8 +262,6 @@
#
# Variable Confidentiality & Integrity
#
- SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionLibVarPolicy.inf
#
--
2.36.1.windows.1
next reply other threads:[~2022-12-15 3:02 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-12-15 3:02 Wang, Jian J [this message]
2022-12-15 3:10 ` [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib Yao, Jiewen
2022-12-15 18:27 ` Michael D Kinney
2022-12-21 5:58 ` Yao, Jiewen
2022-12-21 1:51 ` Judah Vang
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20221215030223.899-1-jian.j.wang@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox