From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web10.124087.1671073348670631659 for ; Wed, 14 Dec 2022 19:02:28 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=eG8/844K; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: jian.j.wang@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1671073348; x=1702609348; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=2tR3BXfP2UJ3+FsxavEeq8c0pzIx4/gbv5DhOjAvj50=; b=eG8/844KOXstlFrwwjxPGu+TBtYo/q0SzQT94SfFfaKLtShpvFrU1I0M qUvJBdw8WqkUUB+ogoH6rAJVLuRSh0HVyuAaL7em2i80m0sjfSQFz5ssv 0e0HSbQO80LepbnmTT84h1lqEPq77KzvN+4Celz8Jk5JaxybDlp5tNQNw 9z7KGcngC6Z17WRwkm6TLbvbDzaLjnjb6yw5hC2EgK85vle69O8+/VvlK c6RemURMdEh6/MlBR571l4U045BtFll5yy6XSi0DXbwUxIcOhHzv1Uvu9 2Y8aFtnM9s9lV0rXl7D/+LY+PoWpYKdYiEpGvLZoxXW69xe/T1QV7D3V5 Q==; X-IronPort-AV: E=McAfee;i="6500,9779,10561"; a="298247364" X-IronPort-AV: E=Sophos;i="5.96,246,1665471600"; d="scan'208";a="298247364" Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Dec 2022 19:02:28 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10561"; a="756163619" X-IronPort-AV: E=Sophos;i="5.96,246,1665471600"; d="scan'208";a="756163619" Received: from shwdeopensfp777.ccr.corp.intel.com ([10.239.158.70]) by fmsmga002.fm.intel.com with ESMTP; 14 Dec 2022 19:02:26 -0800 From: "Wang, Jian J" To: devel@edk2.groups.io Cc: Jiewen Yao , Michael D Kinney , Nishant C Mistry , Judah Vang Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib Date: Thu, 15 Dec 2022 11:02:23 +0800 Message-Id: <20221215030223.899-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.31.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2594 There's no real usage of these two libraries. They're deprecated. Cc: Jiewen Yao Cc: Michael D Kinney Cc: Nishant C Mistry Cc: Judah Vang Signed-off-by: Jian J Wang --- SecurityPkg/Include/Library/RpmcLib.h | 42 ------------ SecurityPkg/Include/Library/VariableKeyLib.h | 59 ----------------- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 ------------- .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ---------- .../VariableKeyLibNull/VariableKeyLibNull.c | 66 ------------------- .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ---------- SecurityPkg/SecurityPkg.dec | 8 --- SecurityPkg/SecurityPkg.dsc | 4 -- 8 files changed, 291 deletions(-) delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.c delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu= ll.inf diff --git a/SecurityPkg/Include/Library/RpmcLib.h b/SecurityPkg/Include/Li= brary/RpmcLib.h deleted file mode 100644 index df4ba34ba8..0000000000 --- a/SecurityPkg/Include/Library/RpmcLib.h +++ /dev/null @@ -1,42 +0,0 @@ -/** @file=0D - Public definitions for the Replay Protected Monotonic Counter (RPMC) Lib= rary.=0D -=0D -Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#ifndef _RPMC_LIB_H_=0D -#define _RPMC_LIB_H_=0D -=0D -#include =0D -=0D -/**=0D - Requests the monotonic counter from the designated RPMC counter.=0D -=0D - @param[out] CounterValue A pointer to a buffer to store the= RPMC value.=0D -=0D - @retval EFI_SUCCESS The operation completed successful= ly.=0D - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter.=0D - @retval EFI_UNSUPPORTED The operation is un-supported.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -RequestMonotonicCounter (=0D - OUT UINT32 *CounterValue=0D - );=0D -=0D -/**=0D - Increments the monotonic counter in the SPI flash device by 1.=0D -=0D - @retval EFI_SUCCESS The operation completed successful= ly.=0D - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter.=0D - @retval EFI_UNSUPPORTED The operation is un-supported.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -IncrementMonotonicCounter (=0D - VOID=0D - );=0D -=0D -#endif=0D diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h b/SecurityPkg/Inc= lude/Library/VariableKeyLib.h deleted file mode 100644 index 561ebad09d..0000000000 --- a/SecurityPkg/Include/Library/VariableKeyLib.h +++ /dev/null @@ -1,59 +0,0 @@ -/** @file=0D - Public definitions for Variable Key Library.=0D -=0D -Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#ifndef _VARIABLE_KEY_LIB_H_=0D -#define _VARIABLE_KEY_LIB_H_=0D -=0D -#include =0D -=0D -/**=0D - Retrieves the key for integrity and/or confidentiality of variables.=0D -=0D - @param[out] VariableKey A pointer to pointer for the variabl= e key buffer.=0D - @param[in,out] VariableKeySize The size in bytes of the variable ke= y.=0D -=0D - @retval EFI_SUCCESS The variable key was returned.=0D - @retval EFI_DEVICE_ERROR An error occurred while attempting= to get the variable key.=0D - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D - @retval EFI_UNSUPPORTED The variable key is not supported = in the current boot configuration.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -GetVariableKey (=0D - OUT VOID **VariableKey,=0D - IN OUT UINTN *VariableKeySize=0D - );=0D -=0D -/**=0D - Regenerates the variable key.=0D -=0D - @retval EFI_SUCCESS The variable key was regenerated s= uccessfully.=0D - @retval EFI_DEVICE_ERROR An error occurred while attempting= to regenerate the key.=0D - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D - @retval EFI_UNSUPPORTED Key regeneration is not supported = in the current boot configuration.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -RegenerateVariableKey (=0D - VOID=0D - );=0D -=0D -/**=0D - Locks the regenerate key interface.=0D -=0D - @retval EFI_SUCCESS The key interface was locked succe= ssfully.=0D - @retval EFI_UNSUPPORTED Locking the key interface is not s= upported in the current boot configuration.=0D - @retval Others An error occurred while attempting= to lock the key interface.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -LockVariableKeyInterface (=0D - VOID=0D - );=0D -=0D -#endif=0D diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Li= brary/RpmcLibNull/RpmcLibNull.c deleted file mode 100644 index 792e48250e..0000000000 --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c +++ /dev/null @@ -1,46 +0,0 @@ -/** @file=0D - NULL RpmcLib instance for build purpose.=0D -=0D -Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -=0D -#include =0D -#include =0D -=0D -/**=0D - Requests the monotonic counter from the designated RPMC counter.=0D -=0D - @param[out] CounterValue A pointer to a buffer to store the= RPMC value.=0D -=0D - @retval EFI_SUCCESS The operation completed successful= ly.=0D - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter.=0D - @retval EFI_UNSUPPORTED The operation is un-supported.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -RequestMonotonicCounter (=0D - OUT UINT32 *CounterValue=0D - )=0D -{=0D - ASSERT (FALSE);=0D - return EFI_UNSUPPORTED;=0D -}=0D -=0D -/**=0D - Increments the monotonic counter in the SPI flash device by 1.=0D -=0D - @retval EFI_SUCCESS The operation completed successful= ly.=0D - @retval EFI_DEVICE_ERROR A device error occurred while atte= mpting to update the counter.=0D - @retval EFI_UNSUPPORTED The operation is un-supported.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -IncrementMonotonicCounter (=0D - VOID=0D - )=0D -{=0D - ASSERT (FALSE);=0D - return EFI_UNSUPPORTED;=0D -}=0D diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf b/SecurityPkg/= Library/RpmcLibNull/RpmcLibNull.inf deleted file mode 100644 index 500edfa87d..0000000000 --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf +++ /dev/null @@ -1,33 +0,0 @@ -## @file=0D -# Provides Null version of RpmcLib for build purpose.=0D -#=0D -# Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -# SPDX-License-Identifier: BSD-2-Clause-Patent=0D -#=0D -##=0D -=0D -[Defines]=0D - INF_VERSION =3D 0x00010029=0D - BASE_NAME =3D RpmcLibNull=0D - FILE_GUID =3D FAE0BA22-92E2-4334-8F0F-96AFF9BAE360= =0D - MODULE_TYPE =3D BASE=0D - VERSION_STRING =3D 1.0=0D - LIBRARY_CLASS =3D RpmcLib=0D -=0D -#=0D -# The following information is for reference only and not required by the = build tools.=0D -#=0D -# VALID_ARCHITECTURES =3D IA32 X64 Arm AArch64=0D -#=0D -=0D -[Sources]=0D - RpmcLibNull.c=0D -=0D -[Packages]=0D - MdePkg/MdePkg.dec=0D - SecurityPkg/SecurityPkg.dec=0D -=0D -[LibraryClasses]=0D - BaseLib=0D - DebugLib=0D -=0D diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/= SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c deleted file mode 100644 index a08def767b..0000000000 --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c +++ /dev/null @@ -1,66 +0,0 @@ -/** @file=0D - Null version of VariableKeyLib for build purpose. Don't use it in real p= roduct.=0D -=0D -Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -SPDX-License-Identifier: BSD-2-Clause-Patent=0D -=0D -**/=0D -#include =0D -#include =0D -=0D -/**=0D - Retrieves the key for integrity and/or confidentiality of variables.=0D -=0D - @param[out] VariableKey A pointer to pointer for the variabl= e key buffer.=0D - @param[in,out] VariableKeySize The size in bytes of the variable ke= y.=0D -=0D - @retval EFI_SUCCESS The variable key was returned.=0D - @retval EFI_DEVICE_ERROR An error occurred while attempting= to get the variable key.=0D - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D - @retval EFI_UNSUPPORTED The variable key is not supported = in the current boot configuration.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -GetVariableKey (=0D - OUT VOID **VariableKey,=0D - IN OUT UINTN *VariableKeySize=0D - )=0D -{=0D - ASSERT (FALSE);=0D - return EFI_UNSUPPORTED;=0D -}=0D -=0D -/**=0D - Regenerates the variable key.=0D -=0D - @retval EFI_SUCCESS The variable key was regenerated s= uccessfully.=0D - @retval EFI_DEVICE_ERROR An error occurred while attempting= to regenerate the key.=0D - @retval EFI_ACCESS_DENIED The function was invoked after loc= king the key interface.=0D - @retval EFI_UNSUPPORTED Key regeneration is not supported = in the current boot configuration.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -RegenerateVariableKey (=0D - VOID=0D - )=0D -{=0D - ASSERT (FALSE);=0D - return EFI_UNSUPPORTED;=0D -}=0D -=0D -/**=0D - Locks the regenerate key interface.=0D -=0D - @retval EFI_SUCCESS The key interface was locked succe= ssfully.=0D - @retval EFI_UNSUPPORTED Locking the key interface is not s= upported in the current boot configuration.=0D - @retval Others An error occurred while attempting= to lock the key interface.=0D -**/=0D -EFI_STATUS=0D -EFIAPI=0D -LockVariableKeyInterface (=0D - VOID=0D - )=0D -{=0D - ASSERT (FALSE);=0D - return EFI_UNSUPPORTED;=0D -}=0D diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf = b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf deleted file mode 100644 index ea74e38cf9..0000000000 --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf +++ /dev/null @@ -1,33 +0,0 @@ -## @file=0D -# Provides Null version of VariableKeyLib for build only.=0D -#=0D -# Copyright (c) 2020, Intel Corporation. All rights reserved.
=0D -# SPDX-License-Identifier: BSD-2-Clause-Patent=0D -#=0D -##=0D -=0D -[Defines]=0D - INF_VERSION =3D 0x00010029=0D - BASE_NAME =3D VariableKeyLibNull=0D - FILE_GUID =3D 2B640ED8-1E6A-4516-9F1D-25910E59BC4A= =0D - MODULE_TYPE =3D BASE=0D - VERSION_STRING =3D 1.0=0D - LIBRARY_CLASS =3D VariableKeyLib=0D -=0D -#=0D -# The following information is for reference only and not required by the = build tools.=0D -#=0D -# VALID_ARCHITECTURES =3D IA32 X64 Arm AArch64=0D -#=0D -=0D -[Sources]=0D - VariableKeyLibNull.c=0D -=0D -[Packages]=0D - MdePkg/MdePkg.dec=0D - SecurityPkg/SecurityPkg.dec=0D -=0D -[LibraryClasses]=0D - BaseLib=0D - DebugLib=0D -=0D diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 7ecf9565d9..358b3dc543 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -80,14 +80,6 @@ #=0D TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h=0D =0D - ## @libraryclass Provides interfaces to access RPMC device.=0D - #=0D - RpmcLib|Include/Library/RpmcLib.h=0D -=0D - ## @libraryclass Provides interfaces to access variable root key.=0D - #=0D - VariableKeyLib|Include/Library/VariableKeyLib.h=0D -=0D ## @libraryclass Provides interfaces about firmware TPM measurement.=0D #=0D TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h=0D diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 30d911d8a1..2f679c87a9 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -68,8 +68,6 @@ TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi= b.inf=0D TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi= b.inf=0D ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSyst= emLibNull.inf=0D - VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull= .inf=0D - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf=0D TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLo= gRecordLib.inf=0D MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibN= ull.inf=0D SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo= otVariableLib.inf=0D @@ -264,8 +262,6 @@ #=0D # Variable Confidentiality & Integrity=0D #=0D - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf=0D - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf=0D SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectio= nLibVarPolicy.inf=0D =0D #=0D --=20 2.36.1.windows.1