public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Wu, Hao A" <hao.a.wu@intel.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
	"Kubacki, Michael A" <michael.a.kubacki@intel.com>
Cc: "Bi, Dandan" <dandan.bi@intel.com>,
	Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	"Dong, Eric" <eric.dong@intel.com>,
	Laszlo Ersek <lersek@redhat.com>,
	"Gao, Liming" <liming.gao@intel.com>,
	"Kinney, Michael D" <michael.d.kinney@intel.com>,
	"Ni, Ray" <ray.ni@intel.com>,
	"Wang, Jian J" <jian.j.wang@intel.com>,
	"Yao, Jiewen" <jiewen.yao@intel.com>
Subject: Re: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add local auth status in VariableParsing
Date: Thu, 3 Oct 2019 08:04:05 +0000	[thread overview]
Message-ID: <B80AF82E9BFB8E4FBD8C89DA810C6A093C940D51@SHSMSX104.ccr.corp.intel.com> (raw)
In-Reply-To: <20190928014717.31372-5-michael.a.kubacki@intel.com>

Inline comments below:


> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Kubacki, Michael A
> Sent: Saturday, September 28, 2019 9:47 AM
> To: devel@edk2.groups.io
> Cc: Bi, Dandan; Ard Biesheuvel; Dong, Eric; Laszlo Ersek; Gao, Liming; Kinney,
> Michael D; Ni, Ray; Wang, Jian J; Wu, Hao A; Yao, Jiewen
> Subject: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add local
> auth status in VariableParsing
> 
> The file VariableParsing.c provides generic functionality related
> to parsing variable related structures and information. In order to
> calculate offsets for certain operations, the functions must know if
> authenticated variables are enabled as this increases the size of
> variable headers.
> 
> This change removes linking against a global variable in an external file
> in favor of a statically scoped variable in VariableParsing.c Because this
> file is unaware of how the authenticated variable status is determined, the
> variable is set through a function interface invoked during variable driver
> initialization.
> 
> Cc: Dandan Bi <dandan.bi@intel.com>
> Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> ---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h | 14
> +++++++++
>  MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c        | 10 +++---
>  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 33
> ++++++++++++++++----
>  3 files changed, 45 insertions(+), 12 deletions(-)
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> index 6f2000f3ee..3eba590634 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> @@ -308,4 +308,18 @@ UpdateVariableInfo (
>    IN OUT VARIABLE_INFO_ENTRY  **VariableInfo
>    );
> 
> +/**
> +  Initializes context needed for variable parsing functions.
> +
> +  @param[in]       AuthFormat          If true then indicates authenticated
> variables are supported
> +
> +  @retval          EFI_SUCCESS         Initialized successfully
> +  @retval          Others              An error occurred during initialization
> +**/
> +EFI_STATUS
> +EFIAPI
> +InitVariableParsing (


InitVariableParsing() seems an internal function, the 'EFIAPI' keyword can be
dropped. Please help to update the function definition in .C file as well.


> +  IN  BOOLEAN   AuthFormat
> +  );
> +
>  #endif
> diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> index 1a57d7e1ba..53d797152c 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> @@ -3326,6 +3326,9 @@ InitNonVolatileVariableStore (
>    mVariableModuleGlobal->MaxVariableSize = PcdGet32
> (PcdMaxVariableSize);
>    mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32
> (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) :
> mVariableModuleGlobal->MaxVariableSize);
> 
> +  Status = InitVariableParsing (mVariableModuleGlobal-
> >VariableGlobal.AuthFormat);
> +  ASSERT_EFI_ERROR (Status);
> +


After the above initialization, mVariableModuleGlobal->VariableGlobal.AuthFormat
will be changed temporarily within ConvertNormalVarStorageToAuthVarStorage() if
normal HOB variable store will be converted to the auth format:

VOID *
ConvertNormalVarStorageToAuthVarStorage (
  VARIABLE_STORE_HEADER *NormalVarStorage
  )
{
  ...
  //
  // Set AuthFormat as FALSE for normal variable storage
  //
  mVariableModuleGlobal->VariableGlobal.AuthFormat = FALSE;
  ...
  //
  // Restore AuthFormat
  //
  mVariableModuleGlobal->VariableGlobal.AuthFormat = TRUE;
  return AuthVarStorage;
}


I think there will be issues in such converting, since I found that at least
GetVariableHeaderSize() and NameSizeOfVariable() get called during the
execution of ConvertNormalVarStorageToAuthVarStorage(). And they are checking
'mAuthFormat' rather than 'mVariableModuleGlobal->VariableGlobal.AuthFormat'.


>    //
>    // Parse non-volatile variable data and get last variable offset.
>    //
> @@ -3756,18 +3759,13 @@ VariableCommonInitialize (
> 
>    //
>    // mVariableModuleGlobal->VariableGlobal.AuthFormat
> -  // has been initialized in InitNonVolatileVariableStore().
> +  // is initialized in InitNonVolatileVariableStore().
>    //
>    if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
>      DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable
> format!\n"));
> -    //
> -    // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will
> initialize it.
> -    //
> -    mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
>      VariableGuid = &gEfiAuthenticatedVariableGuid;
>    } else {
>      DEBUG ((EFI_D_INFO, "Variable driver will work without auth variable
> support!\n"));
> -    mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;


Not sure why the above changes belong to this patch.
Could you help to double confirm?

Best Regards,
Hao Wu


>      VariableGuid = &gEfiVariableGuid;
>    }
> 
> diff --git
> a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> index 394195342d..0a47f6d10d 100644
> --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> @@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  #include "VariableParsing.h"
> 
> +STATIC  BOOLEAN   mAuthFormat;
> +
>  /**
> 
>    This code checks if variable header is valid or not.
> @@ -88,7 +90,7 @@ GetVariableHeaderSize (
>  {
>    UINTN Value;
> 
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
>    } else {
>      Value = sizeof (VARIABLE_HEADER);
> @@ -114,7 +116,7 @@ NameSizeOfVariable (
>    AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> 
>    AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      if (AuthVariable->State == (UINT8) (-1) ||
>         AuthVariable->DataSize == (UINT32) (-1) ||
>         AuthVariable->NameSize == (UINT32) (-1) ||
> @@ -149,7 +151,7 @@ SetNameSizeOfVariable (
>    AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> 
>    AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      AuthVariable->NameSize = (UINT32) NameSize;
>    } else {
>      Variable->NameSize = (UINT32) NameSize;
> @@ -173,7 +175,7 @@ DataSizeOfVariable (
>    AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> 
>    AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      if (AuthVariable->State == (UINT8) (-1) ||
>         AuthVariable->DataSize == (UINT32) (-1) ||
>         AuthVariable->NameSize == (UINT32) (-1) ||
> @@ -208,7 +210,7 @@ SetDataSizeOfVariable (
>    AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> 
>    AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      AuthVariable->DataSize = (UINT32) DataSize;
>    } else {
>      Variable->DataSize = (UINT32) DataSize;
> @@ -248,7 +250,7 @@ GetVendorGuidPtr (
>    AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> 
>    AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> -  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> +  if (mAuthFormat) {
>      return &AuthVariable->VendorGuid;
>    } else {
>      return &Variable->VendorGuid;
> @@ -746,3 +748,22 @@ UpdateVariableInfo (
>      }
>    }
>  }
> +
> +/**
> +  Initializes context needed for variable parsing functions.
> +
> +  @param[in]       AuthFormat          If true then indicates authenticated
> variables are supported
> +
> +  @retval          EFI_SUCCESS         Initialized successfully
> +  @retval          Others              An error occurred during initialization
> +**/
> +EFI_STATUS
> +EFIAPI
> +InitVariableParsing (
> +  IN  BOOLEAN   AuthFormat
> +  )
> +{
> +  mAuthFormat = AuthFormat;
> +
> +  return EFI_SUCCESS;
> +}
> --
> 2.16.2.windows.1
> 
> 
> 


  reply	other threads:[~2019-10-03  8:04 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-28  1:47 [PATCH V2 0/9] UEFI Variable SMI Reduction Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 1/9] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
2019-10-03  8:03   ` Wu, Hao A
2019-10-03 17:35     ` Kubacki, Michael A
2019-10-08  2:11       ` Wu, Hao A
2019-10-08 21:53         ` Kubacki, Michael A
2019-10-08  6:07   ` Wang, Jian J
2019-10-08 22:00     ` Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 2/9] MdeModulePkg/Variable: Parameterize GetNextVariableEx() store list Kubacki, Michael A
2019-10-03  8:03   ` Wu, Hao A
2019-10-03 18:04     ` Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 3/9] MdeModulePkg/Variable: Parameterize VARIABLE_INFO_ENTRY buffer Kubacki, Michael A
2019-10-03  8:03   ` Wu, Hao A
2019-10-03 18:05     ` Kubacki, Michael A
2019-10-08  2:11       ` [edk2-devel] " Wu, Hao A
2019-10-08 21:49         ` Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 4/9] MdeModulePkg/Variable: Add local auth status in VariableParsing Kubacki, Michael A
2019-10-03  8:04   ` Wu, Hao A [this message]
2019-10-03 18:35     ` [edk2-devel] " Kubacki, Michael A
2019-10-16  7:55       ` Wu, Hao A
2019-10-16 16:37         ` Kubacki, Michael A
2019-10-17  1:00           ` Wu, Hao A
2019-09-28  1:47 ` [PATCH V2 5/9] MdeModulePkg/Variable: Add a file for NV variable functions Kubacki, Michael A
2019-10-03  8:04   ` Wu, Hao A
2019-10-03 18:43     ` Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 6/9] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats Kubacki, Michael A
2019-10-03  8:04   ` Wu, Hao A
2019-09-28  1:47 ` [PATCH V2 7/9] MdeModulePkg/Variable: Add RT GetVariable() cache support Kubacki, Michael A
2019-10-03  8:04   ` Wu, Hao A
2019-10-03 11:00     ` Laszlo Ersek
2019-10-03 20:53       ` Kubacki, Michael A
2019-10-03 21:53     ` Kubacki, Michael A
2019-10-03 22:01       ` Michael D Kinney
2019-10-03 23:31         ` Kubacki, Michael A
2019-10-04  6:50           ` Laszlo Ersek
2019-10-04 16:48             ` Kubacki, Michael A
2019-10-04  6:38       ` Laszlo Ersek
2019-10-04 16:48         ` Kubacki, Michael A
2019-10-08  2:12       ` Wu, Hao A
2019-09-28  1:47 ` [PATCH V2 8/9] MdeModulePkg/Variable: Add RT GetNextVariableName() " Kubacki, Michael A
2019-10-03  8:04   ` Wu, Hao A
2019-10-03 18:52     ` Kubacki, Michael A
2019-10-03 18:59       ` [edk2-devel] " Andrew Fish
2019-10-03 20:12         ` Kubacki, Michael A
2019-09-28  1:47 ` [PATCH V2 9/9] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Kubacki, Michael A

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=B80AF82E9BFB8E4FBD8C89DA810C6A093C940D51@SHSMSX104.ccr.corp.intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox