From mboxrd@z Thu Jan 1 00:00:00 1970 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: hao.a.wu@intel.com) Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by groups.io with SMTP; Wed, 19 Jun 2019 01:19:47 -0700 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 19 Jun 2019 01:19:47 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.63,392,1557212400"; d="scan'208";a="335122938" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga005.jf.intel.com with ESMTP; 19 Jun 2019 01:19:46 -0700 Received: from fmsmsx118.amr.corp.intel.com (10.18.116.18) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 19 Jun 2019 01:19:46 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx118.amr.corp.intel.com (10.18.116.18) with Microsoft SMTP Server (TLS) id 14.3.439.0; Wed, 19 Jun 2019 01:19:46 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.185]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.225]) with mapi id 14.03.0439.000; Wed, 19 Jun 2019 16:19:44 +0800 From: "Wu, Hao A" To: "devel@edk2.groups.io" , "Wu, Hao A" , "Xu, Wei6" CC: "Wang, Jian J" , "Zhang, Chao B" Subject: Re: [edk2-devel][Patch v2 7/7] MdeModulePkg: Add Capsule On Disk APIs into CapsuleLib. Thread-Topic: [edk2-devel][Patch v2 7/7] MdeModulePkg: Add Capsule On Disk APIs into CapsuleLib. Thread-Index: AQHVG7VRiyPcLXupfkS1utpRRoJ/iaaWLwRggAv8DgCAAIlZwIAAA2Mw Date: Wed, 19 Jun 2019 08:19:43 +0000 Message-ID: References: <20190605154203.11012-1-wei6.xu@intel.com> <20190605154203.11012-8-wei6.xu@intel.com> <59B8EAB3797CDB4091332F0685A110ED50D9746F@SHSMSX104.ccr.corp.intel.com> In-Reply-To: Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: hao.a.wu@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Forgot to mention, please help to handle other comments in the first reply to the patch. Thanks in advance. Best Regards, Hao Wu > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of > Wu, Hao A > Sent: Wednesday, June 19, 2019 4:17 PM > To: Xu, Wei6; devel@edk2.groups.io > Cc: Wang, Jian J; Zhang, Chao B > Subject: Re: [edk2-devel][Patch v2 7/7] MdeModulePkg: Add Capsule On > Disk APIs into CapsuleLib. >=20 > > > > No, that's how it is designed. > > PcdCodRelocationDevPath is used by platform to specify a device to sto= re > > temp Cod relocation file. > > If this PCD is not available, it means that platform doesn't have a > requirement > > to store the file to a specific place. > > Then save the file to the device where the capsules are placed. > > >=20 > Got it. > I suggest to add comments to explicitly mention this in the codes. >=20 > > > > For Capsule On Disk, no capsule hob means the Cod temp relocations fil= e is > > corrupted, which also means current boot is insecure. > > Then force reset to re-apply normal boot platform secure policy. > > I will update the description. Do you have comments for it? > > >=20 > If the behavior change of the 'ProcessCapsules' API is covered during > design review process, then updating the comments is good to me. >=20 > Best Regards, > Hao Wu >=20 > > > > BR, > > Wei Xu >=20 >=20