From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-1.mimecast.com (us-smtp-delivery-1.mimecast.com [207.211.31.81]) by mx.groups.io with SMTP id smtpd.web10.21291.1590179376864140197 for ; Fri, 22 May 2020 13:29:37 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=CHbP5VlS; spf=pass (domain: redhat.com, ip: 207.211.31.81, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1590179376; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=H3flZUI0r4mg6TdauZkGRMiJy5x+/k/vAvLhyD9U04U=; b=CHbP5VlStDXET3GU/OUW4he68ckak8a7l36/Rt8qvx4JjVfGWQmDQ58yOzNecx0hFvZgeW muyarEpi6iGgJ1KKAgnaftNQciH8cnE0/qM8LgtAkqugBVVX17lB/f9KzMgLSe0uI5oRd9 eItWTYim+myFnJKUALQv4L6quYZ2nRY= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-491-zvW_im4EPzW-4JlFmVPiTw-1; Fri, 22 May 2020 16:29:27 -0400 X-MC-Unique: zvW_im4EPzW-4JlFmVPiTw-1 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id F01EF835B41; Fri, 22 May 2020 20:29:25 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-112-40.ams2.redhat.com [10.36.112.40]) by smtp.corp.redhat.com (Postfix) with ESMTP id A36551057FDA; Fri, 22 May 2020 20:29:23 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v3 09/14] MdeModulePkg: Connect VariablePolicy business logic to VariableServices To: devel@edk2.groups.io, michael.kubacki@outlook.com, Bret Barkelew Cc: Jian J Wang , Hao A Wu , Liming Gao , "Ard Biesheuvel (ARM address)" References: <20200521224331.15616-1-michael.kubacki@outlook.com> From: "Laszlo Ersek" Message-ID: <60564f19-e606-bc30-c09a-b2da57b9e10d@redhat.com> Date: Fri, 22 May 2020 22:29:22 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit Hello, (+Ard) this patch does not apply (with "master" being at 74f90d38c446). Because: On 05/22/20 00:43, Michael Kubacki wrote: > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > index 592862773390..1b18ce655522 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > @@ -14,6 +14,7 @@ > # the authentication service provided in this driver will be broken, and the behavior is undefined. > # > # Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.
> +# Copyright (c) Microsoft Corporation.
> # SPDX-License-Identifier: BSD-2-Clause-Patent > # > ## > @@ -42,6 +43,7 @@ [Sources] > VariableParsing.c > VariableParsing.h > Variable.h > + VariablePolicySmmDxe.c > > [Packages] > MdePkg/MdePkg.dec > @@ -56,22 +58,29 @@ [LibraryClasses] > DxeServicesTableLib > UefiDriverEntryPoint > TpmMeasurementLib > + SafeIntLib > + PcdLib > > [Protocols] > gEfiVariableWriteArchProtocolGuid ## PRODUCES > gEfiVariableArchProtocolGuid ## PRODUCES > gEfiSmmCommunicationProtocolGuid ## CONSUMES > + gEfiMmCommunicationProtocolGuid ## CONSUMES The context no longer matches here. This context has most recently been modified by commit be4e0cfbad6b ("MdeModulePkg/VariableSmmRuntimeDxe: switch to MM communicate 2", 2020-05-12): $ git show be4e0cfbad6b -- \ MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf Output: > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > index 592862773390..01564e4c5068 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > @@ -60,7 +60,7 @@ [LibraryClasses] > [Protocols] > gEfiVariableWriteArchProtocolGuid ## PRODUCES > gEfiVariableArchProtocolGuid ## PRODUCES > - gEfiSmmCommunicationProtocolGuid ## CONSUMES > + gEfiMmCommunication2ProtocolGuid ## CONSUMES > ## CONSUMES > ## NOTIFY > ## UNDEFINED # Used to do smm communication > @@ -100,7 +100,7 @@ [Guids] > gEfiImageSecurityDatabaseGuid > > [Depex] > - gEfiSmmCommunicationProtocolGuid > + gEfiMmCommunication2ProtocolGuid > > [UserExtensions.TianoCore."ExtraFiles"] > VariableSmmRuntimeDxeExtra.uni And, because of the Depex change in that commit (gEfiSmmCommunicationProtocolGuid -> gEfiMmCommunication2ProtocolGuid), the last (4th) hunk of the present patch also fails to apply: > ## CONSUMES > ## NOTIFY > ## UNDEFINED # Used to do smm communication > gEfiSmmVariableProtocolGuid > gEdkiiVariableLockProtocolGuid ## PRODUCES > gEdkiiVarCheckProtocolGuid ## PRODUCES > + gEdkiiVariablePolicyProtocolGuid ## PRODUCES > > [FeaturePcd] > gEfiMdeModulePkgTokenSpaceGuid.PcdEnableVariableRuntimeCache ## CONSUMES > gEfiMdeModulePkgTokenSpaceGuid.PcdVariableCollectStatistics ## CONSUMES > > +[Pcd] > + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable ## CONSUMES > + > [Guids] > ## PRODUCES ## GUID # Signature of Variable store header > ## CONSUMES ## GUID # Signature of Variable store header > @@ -99,6 +108,8 @@ [Guids] > ## SOMETIMES_CONSUMES ## Variable:L"dbt" > gEfiImageSecurityDatabaseGuid > > + gVarCheckPolicyLibMmiHandlerGuid > + > [Depex] > gEfiSmmCommunicationProtocolGuid > > See the obsolete depex context above. Ard had sent a heads-up about this under v2: http://mid.mail-archive.com/b968f054-8917-6c16-e5ff-9976d192d398@arm.com https://edk2.groups.io/g/devel/message/59259 Please rebase this series to "master" and repost it. (Of course I suggest waiting some more for v3 feedback; for example I plan to review the v3 ArmVirtPkg and OvmfPkg patches.) Thanks! Laszlo