From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 51353D8002E for ; Tue, 27 Feb 2024 02:59:22 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=qt0cXAampul5g8ufFjz02RhWobmYZQWfwijAohnwTqY=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1709002760; v=1; b=ZOxOwjQEial+U8Y3KBQAhB29syjQBBC1WZWl6JVrAXDZr6xGj4Z0lE0hxi1BH8AbPmNKJd0C Dy5pfrCx6vFNmZAkhodfCsA8cO/hyGD91PHRAbuvurbVzgxUd6Ht0rQ1Agx0RPgoFDi5tuv6cy7 ApVl2Bj/Yv32LUsgN1KEvQJ8= X-Received: by 127.0.0.2 with SMTP id SOEPYY7687511xjYhofcdyce; Mon, 26 Feb 2024 18:59:20 -0800 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.15]) by mx.groups.io with SMTP id smtpd.web10.4475.1709002759913538922 for ; Mon, 26 Feb 2024 18:59:20 -0800 X-IronPort-AV: E=McAfee;i="6600,9927,10996"; a="3491235" X-IronPort-AV: E=Sophos;i="6.06,187,1705392000"; d="scan'208";a="3491235" X-Received: from fmviesa002.fm.intel.com ([10.60.135.142]) by fmvoesa109.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 26 Feb 2024 18:59:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.06,187,1705392000"; d="scan'208";a="30056959" X-Received: from mingtan1-desk1.ccr.corp.intel.com ([10.239.133.46]) by fmviesa002.fm.intel.com with ESMTP; 26 Feb 2024 18:59:17 -0800 From: "Tan, Ming" To: devel@edk2.groups.io Cc: Min Xu , Jiewen Yao Subject: [edk2-devel] [PATCH v2] SecurityPkg/SecureBootConfigDxe: Update UI according to UEFI spec Date: Tue, 27 Feb 2024 10:59:09 +0800 Message-Id: <20240227025909.10259-1-ming.tan@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,ming.tan@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: V3Eib4yDYJFMIjTYEshfAxX8x7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=ZOxOwjQE; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4713 In UEFI_Spec_2_10_Aug29.pdf page 1694 section 35.5.4 for EFI_BROWSER_ACTION_FORM_OPEN: NOTE: EFI_FORM_BROWSER2_PROTOCOL.BrowserCallback() cannot be used with this browser action because question values have not been retrieved yet. So should not call HiiGetBrowserData() and HiiSetBrowserData() in FORM_OPEN call back function. Now call SecureBootExtractConfigFromVariable() to save the change to EFI variable, then HII use EFI variable to control the UI. Cc: Min Xu Cc: Jiewen Yao Signed-off-by: Ming Tan --- V2: Change code style to pass uncrustify check. .../SecureBootConfigImpl.c | 37 ++++++++++--------- 1 file changed, 20 insertions(+), 17 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo= otConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/Secu= reBootConfigImpl.c index 2c11129526..e2e61d1e07 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi= gImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi= gImpl.c @@ -3366,6 +3366,8 @@ SecureBootExtractConfigFromVariable ( ConfigData->FileEnrollType =3D UNKNOWN_FILE_TYPE;=0D }=0D =0D + ConfigData->ListCount =3D Private->ListCount;=0D +=0D //=0D // If it is Physical Presence User, set the PhysicalPresent to true.=0D //=0D @@ -4541,12 +4543,13 @@ SecureBootCallback ( EFI_HII_POPUP_PROTOCOL *HiiPopup;=0D EFI_HII_POPUP_SELECTION UserSelection;=0D =0D - Status =3D EFI_SUCCESS;=0D - SecureBootEnable =3D NULL;=0D - SecureBootMode =3D NULL;=0D - SetupMode =3D NULL;=0D - File =3D NULL;=0D - EnrollKeyErrorCode =3D None_Error;=0D + Status =3D EFI_SUCCESS;=0D + SecureBootEnable =3D NULL;=0D + SecureBootMode =3D NULL;=0D + SetupMode =3D NULL;=0D + File =3D NULL;=0D + EnrollKeyErrorCode =3D None_Error;=0D + GetBrowserDataResult =3D FALSE;=0D =0D if ((This =3D=3D NULL) || (Value =3D=3D NULL) || (ActionRequest =3D=3D N= ULL)) {=0D return EFI_INVALID_PARAMETER;=0D @@ -4565,15 +4568,12 @@ SecureBootCallback ( return EFI_OUT_OF_RESOURCES;=0D }=0D =0D - GetBrowserDataResult =3D HiiGetBrowserData (&gSecureBootConfigFormSetGui= d, mSecureBootStorageName, BufferSize, (UINT8 *)IfrNvData);=0D -=0D if (Action =3D=3D EFI_BROWSER_ACTION_FORM_OPEN) {=0D if (QuestionId =3D=3D KEY_SECURE_BOOT_MODE) {=0D //=0D // Update secure boot strings when opening this form=0D //=0D - Status =3D UpdateSecureBootString (Private);=0D - SecureBootExtractConfigFromVariable (Private, IfrNvData);=0D + Status =3D UpdateSecureBootString (Private);=0D mIsEnterSecureBootForm =3D TRUE;=0D } else {=0D //=0D @@ -4587,23 +4587,22 @@ SecureBootCallback ( (QuestionId =3D=3D KEY_SECURE_BOOT_DBT_OPTION))=0D {=0D CloseEnrolledFile (Private->FileContext);=0D - } else if (QuestionId =3D=3D KEY_SECURE_BOOT_DELETE_ALL_LIST) {=0D - //=0D - // Update ListCount field in varstore=0D - // Button "Delete All Signature List" is=0D - // enable when ListCount is greater than 0.=0D - //=0D - IfrNvData->ListCount =3D Private->ListCount;=0D }=0D }=0D =0D goto EXIT;=0D }=0D =0D + GetBrowserDataResult =3D HiiGetBrowserData (&gSecureBootConfigFormSetGui= d, mSecureBootStorageName, BufferSize, (UINT8 *)IfrNvData);=0D +=0D if (Action =3D=3D EFI_BROWSER_ACTION_RETRIEVE) {=0D Status =3D EFI_UNSUPPORTED;=0D if (QuestionId =3D=3D KEY_SECURE_BOOT_MODE) {=0D if (mIsEnterSecureBootForm) {=0D + if (GetBrowserDataResult) {=0D + SecureBootExtractConfigFromVariable (Private, IfrNvData);=0D + }=0D +=0D Value->u8 =3D SECURE_BOOT_MODE_STANDARD;=0D Status =3D EFI_SUCCESS;=0D }=0D @@ -5179,6 +5178,10 @@ SecureBootCallback ( }=0D }=0D =0D + if (GetBrowserDataResult) {=0D + SecureBootExtractConfigFromVariable (Private, IfrNvData);=0D + }=0D +=0D EXIT:=0D =0D if (!EFI_ERROR (Status) && GetBrowserDataResult) {=0D --=20 2.31.1.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#115998): https://edk2.groups.io/g/devel/message/115998 Mute This Topic: https://groups.io/mt/104596915/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-