From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-1.mimecast.com (us-smtp-1.mimecast.com [205.139.110.120]) by mx.groups.io with SMTP id smtpd.web11.12345.1592318846025223292 for ; Tue, 16 Jun 2020 07:47:26 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=esJHxaeI; spf=pass (domain: redhat.com, ip: 205.139.110.120, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1592318845; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MsiKeW7GjtAEwN+5Nz0DrF6mF51P1+LCUKUQVN6zQz0=; b=esJHxaeIS815gQNxeBbce+WtT5yoFaaEwM9Ty0lv3yDlzR9ygTRan4yYW+5ZYuHjG627N4 94HrHtyDen/d+9G7pCmo4KnC01xkn34PtTJNbfbjp8tSuyZ79oa02Abg7eZyBGSp9GOVrB kkooITbWQ10FBYTqt2SIFQZplCO9+60= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-248-xF70SfzuNpyPfzNsnuwIcQ-1; Tue, 16 Jun 2020 10:47:23 -0400 X-MC-Unique: xF70SfzuNpyPfzNsnuwIcQ-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id EB23E10059B1; Tue, 16 Jun 2020 14:47:21 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-113-248.ams2.redhat.com [10.36.113.248]) by smtp.corp.redhat.com (Postfix) with ESMTP id 901D519C71; Tue, 16 Jun 2020 14:47:20 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH 4/5] SecurityPkg: Remove DXE_SMM_DRIVER support for some libraries To: devel@edk2.groups.io, zhiguang.liu@intel.com Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Min Xu References: <20200616090434.1201-1-zhiguang.liu@intel.com> <20200616090434.1201-4-zhiguang.liu@intel.com> From: "Laszlo Ersek" Message-ID: <257abcb8-6025-835a-fac9-837367ce2985@redhat.com> Date: Tue, 16 Jun 2020 16:47:19 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20200616090434.1201-4-zhiguang.liu@intel.com> X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit On 06/16/20 11:04, Zhiguang Liu wrote: > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2317 > Remove DXE_SMM_DRIVER support for some libraries because they > have the risks of leaking data from SMM mode to non-SMM mode. > > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Chao Zhang > Signed-off-by: Zhiguang Liu > --- > SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf > index 1e1a639857..9494d04b1d 100644 > --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf > +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf > @@ -20,7 +20,7 @@ > FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6 > MODULE_TYPE = DXE_DRIVER > VERSION_STRING = 1.0 > - LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER > + LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER UEFI_APPLICATION UEFI_DRIVER > CONSTRUCTOR = DxeImageVerificationLibConstructor > > # > "Min Xu " is missing from the CC list, according to "BaseTools/Scripts/GetMaintainer.py" (fixing that now). thanks Laszlo