From: "Laszlo Ersek" <lersek@redhat.com>
To: devel@edk2.groups.io, michael.kubacki@outlook.com
Cc: Jiewen Yao <jiewen.yao@intel.com>,
Chao Zhang <chao.b.zhang@intel.com>,
Jian J Wang <jian.j.wang@intel.com>,
Hao A Wu <hao.a.wu@intel.com>, Liming Gao <liming.gao@intel.com>,
Jordan Justen <jordan.l.justen@intel.com>,
Ard Biesheuvel <ard.biesheuvel@arm.com>,
Andrew Fish <afish@apple.com>, Ray Ni <ray.ni@intel.com>,
Anthony Perard <anthony.perard@citrix.com>,
Julien Grall <julien@xen.org>, Maurice Ma <maurice.ma@intel.com>,
Guo Dong <guo.dong@intel.com>,
Benjamin You <benjamin.you@intel.com>
Subject: Re: [edk2-devel] [PATCH v2 00/12] Add the VariablePolicy feature
Date: Tue, 12 May 2020 14:37:39 +0200 [thread overview]
Message-ID: <8b7785a4-2b11-f5f8-ed23-65b672e4f9c4@redhat.com> (raw)
In-Reply-To: <6d21e1a2-f0e7-35a0-7c2e-7798d21f86e9@redhat.com>
On 05/12/20 14:15, Laszlo Ersek wrote:
> On 05/12/20 13:52, Laszlo Ersek wrote:
>> On 05/12/20 08:46, Michael Kubacki wrote:
>>> From: Michael Kubacki <michael.kubacki@microsoft.com>
>>>
>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2522
>>>
>>> The 12 patches in this series add the VariablePolicy feature to the
>>> core, deprecate Edk2VarLock (while adding a compatibility layer to
>>> reduce code churn), and integrate the VariablePolicy libraries and
>>> protocols into Variable Services.
>>>
>>> Since the integration requires multiple changes, including adding
>>> libraries, a protocol, an SMI communication handler, and
>>> VariableServices integration, the patches are broken up by
>>> individual library additions and then a final integration.
>>> Security-sensitive changes like bypassing Authenticated Variable
>>> enforcement are also broken out into individual patches so that
>>> attention can be called directly to them.
(4) Can you please run SetupGit.py in your edk2 clone, for the future?
It will mark the DEC, DSC, etc "ini-style" files with the "diff=ini"
attribute. Furthermore, it will set the "xfuncname" knob for the
"diff=ini"-marked files.
As a result, when you format a patch that modifies e.g. a DSC file, the
"@@" hunk headers will display the section being modified. For example:
> @@ -492,6 +496,9 @@ [PcdsFixedAtBuild]
> gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000
> !endif
>
> + # Optional: Omit if VariablePolicy should be always-on.
> + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable|TRUE
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
>
> gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
Note that the "@@" hunk header now states "[PcdsFixedAtBuild]". It tells
me as a reviewer about the access method of the PCD that was chosen for
OvmfPkg.
Such hunk headers improve reviewer throughput quite a bit.
Thanks,
Laszlo
next prev parent reply other threads:[~2020-05-12 12:37 UTC|newest]
Thread overview: 10+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-12 6:46 [PATCH v2 00/12] Add the VariablePolicy feature Michael Kubacki
2020-05-12 9:30 ` Ard Biesheuvel
2020-05-12 11:52 ` [edk2-devel] " Laszlo Ersek
2020-05-12 12:15 ` Laszlo Ersek
2020-05-12 12:37 ` Laszlo Ersek [this message]
2020-05-12 17:20 ` Michael Kubacki
2020-05-12 13:47 ` Liming Gao
2020-05-13 5:18 ` [EXTERNAL] " Bret Barkelew
2020-05-13 15:18 ` Ma, Maurice
2020-05-13 15:25 ` Bret Barkelew
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=8b7785a4-2b11-f5f8-ed23-65b672e4f9c4@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox