From: "Wu, Hao A" <hao.a.wu@intel.com>
To: "Kubacki, Michael A" <michael.a.kubacki@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Bi, Dandan" <dandan.bi@intel.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
"Dong, Eric" <eric.dong@intel.com>,
Laszlo Ersek <lersek@redhat.com>,
"Gao, Liming" <liming.gao@intel.com>,
"Kinney, Michael D" <michael.d.kinney@intel.com>,
"Ni, Ray" <ray.ni@intel.com>,
"Wang, Jian J" <jian.j.wang@intel.com>,
"Yao, Jiewen" <jiewen.yao@intel.com>
Subject: Re: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add local auth status in VariableParsing
Date: Wed, 16 Oct 2019 07:55:13 +0000 [thread overview]
Message-ID: <B80AF82E9BFB8E4FBD8C89DA810C6A093C948012@SHSMSX104.ccr.corp.intel.com> (raw)
In-Reply-To: <DM6PR11MB383484F4A7A0802D2A9108C8B59F0@DM6PR11MB3834.namprd11.prod.outlook.com>
> -----Original Message-----
> From: Kubacki, Michael A
> Sent: Friday, October 04, 2019 2:35 AM
> To: Wu, Hao A; devel@edk2.groups.io
> Cc: Bi, Dandan; Ard Biesheuvel; Dong, Eric; Laszlo Ersek; Gao, Liming; Kinney,
> Michael D; Ni, Ray; Wang, Jian J; Yao, Jiewen
> Subject: RE: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add local
> auth status in VariableParsing
>
> I will make the following changes in V3:
>
> > InitVariableParsing() seems an internal function, the 'EFIAPI' keyword can
> be
> > dropped. Please help to update the function definition in .C file as well.
>
> I will remove the EFIAPI keyword.
>
> > > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > index 1a57d7e1ba..53d797152c 100644
> > > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > @@ -3326,6 +3326,9 @@ InitNonVolatileVariableStore (
> > > mVariableModuleGlobal->MaxVariableSize = PcdGet32
> > > (PcdMaxVariableSize);
> > > mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32
> > > (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) :
> > > mVariableModuleGlobal->MaxVariableSize);
> > >
> > > + Status = InitVariableParsing (mVariableModuleGlobal-
> > > >VariableGlobal.AuthFormat);
> > > + ASSERT_EFI_ERROR (Status);
> > > +
> >
> >
> > After the above initialization, mVariableModuleGlobal-
> > >VariableGlobal.AuthFormat
> > will be changed temporarily within
> > ConvertNormalVarStorageToAuthVarStorage() if normal HOB variable store
> > will be converted to the auth format:
> >
> > VOID *
> > ConvertNormalVarStorageToAuthVarStorage (
> > VARIABLE_STORE_HEADER *NormalVarStorage
> > )
> > {
> > ...
> > //
> > // Set AuthFormat as FALSE for normal variable storage
> > //
> > mVariableModuleGlobal->VariableGlobal.AuthFormat = FALSE;
> > ...
> > //
> > // Restore AuthFormat
> > //
> > mVariableModuleGlobal->VariableGlobal.AuthFormat = TRUE;
> > return AuthVarStorage;
> > }
> >
> >
> > I think there will be issues in such converting, since I found that at least
> > GetVariableHeaderSize() and NameSizeOfVariable() get called during the
> > execution of ConvertNormalVarStorageToAuthVarStorage(). And they are
> > checking 'mAuthFormat' rather than 'mVariableModuleGlobal-
> > >VariableGlobal.AuthFormat'.
> >
> >
>
> You're right that will be a problem. I missed this temporary change in the
> value.
> I'm going to have all the functions dependent on authentication status in
> VariableParsing.c take it as a parameter and let the respective drivers linked
> against it maintain their own single copy of the authentication state.
I am really sorry for not raising this question until I saw the latest patch
series:
Is it possible to call the InitVariableParsing() function (maybe a rename for
the function for better understanding) for the temporary changes for
'mVariableModuleGlobal->VariableGlobal.AuthFormat' in function
ConvertNormalVarStorageToAuthVarStorage()?
In my opinion, doing so can avoid changing many function interfaces.
Best Regards,
Hao Wu
>
> > > //
> > > // Parse non-volatile variable data and get last variable offset.
> > > //
> > > @@ -3756,18 +3759,13 @@ VariableCommonInitialize (
> > >
> > > //
> > > // mVariableModuleGlobal->VariableGlobal.AuthFormat
> > > - // has been initialized in InitNonVolatileVariableStore().
> > > + // is initialized in InitNonVolatileVariableStore().
> > > //
> > > if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable
> > > format!\n"));
> > > - //
> > > - // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will
> > > initialize it.
> > > - //
> > > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> > > VariableGuid = &gEfiAuthenticatedVariableGuid;
> > > } else {
> > > DEBUG ((EFI_D_INFO, "Variable driver will work without auth
> > > variable support!\n"));
> > > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> >
> >
> > Not sure why the above changes belong to this patch.
> > Could you help to double confirm?
>
> This was used during testing and is not needed. I will remove it.
>
> Thanks,
> Michael
>
> > -----Original Message-----
> > From: Wu, Hao A <hao.a.wu@intel.com>
> > Sent: Thursday, October 3, 2019 1:04 AM
> > To: devel@edk2.groups.io; Kubacki, Michael A
> > <michael.a.kubacki@intel.com>
> > Cc: Bi, Dandan <dandan.bi@intel.com>; Ard Biesheuvel
> > <ard.biesheuvel@linaro.org>; Dong, Eric <eric.dong@intel.com>; Laszlo
> Ersek
> > <lersek@redhat.com>; Gao, Liming <liming.gao@intel.com>; Kinney,
> Michael
> > D <michael.d.kinney@intel.com>; Ni, Ray <ray.ni@intel.com>; Wang, Jian J
> > <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> > Subject: RE: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add
> local
> > auth status in VariableParsing
> >
> > Inline comments below:
> >
> >
> > > -----Original Message-----
> > > From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf
> Of
> > > Kubacki, Michael A
> > > Sent: Saturday, September 28, 2019 9:47 AM
> > > To: devel@edk2.groups.io
> > > Cc: Bi, Dandan; Ard Biesheuvel; Dong, Eric; Laszlo Ersek; Gao, Liming;
> > > Kinney, Michael D; Ni, Ray; Wang, Jian J; Wu, Hao A; Yao, Jiewen
> > > Subject: [edk2-devel] [PATCH V2 4/9] MdeModulePkg/Variable: Add local
> > > auth status in VariableParsing
> > >
> > > The file VariableParsing.c provides generic functionality related to
> > > parsing variable related structures and information. In order to
> > > calculate offsets for certain operations, the functions must know if
> > > authenticated variables are enabled as this increases the size of
> > > variable headers.
> > >
> > > This change removes linking against a global variable in an external
> > > file in favor of a statically scoped variable in VariableParsing.c
> > > Because this file is unaware of how the authenticated variable status
> > > is determined, the variable is set through a function interface
> > > invoked during variable driver initialization.
> > >
> > > Cc: Dandan Bi <dandan.bi@intel.com>
> > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> > > Cc: Eric Dong <eric.dong@intel.com>
> > > Cc: Laszlo Ersek <lersek@redhat.com>
> > > Cc: Liming Gao <liming.gao@intel.com>
> > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > Cc: Ray Ni <ray.ni@intel.com>
> > > Cc: Jian J Wang <jian.j.wang@intel.com>
> > > Cc: Hao A Wu <hao.a.wu@intel.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> > > ---
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h | 14
> > > +++++++++
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 10
> +++---
> > > MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 33
> > > ++++++++++++++++----
> > > 3 files changed, 45 insertions(+), 12 deletions(-)
> > >
> > > diff --git
> > > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > > index 6f2000f3ee..3eba590634 100644
> > > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > > +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
> > > @@ -308,4 +308,18 @@ UpdateVariableInfo (
> > > IN OUT VARIABLE_INFO_ENTRY **VariableInfo
> > > );
> > >
> > > +/**
> > > + Initializes context needed for variable parsing functions.
> > > +
> > > + @param[in] AuthFormat If true then indicates authenticated
> > > variables are supported
> > > +
> > > + @retval EFI_SUCCESS Initialized successfully
> > > + @retval Others An error occurred during initialization
> > > +**/
> > > +EFI_STATUS
> > > +EFIAPI
> > > +InitVariableParsing (
> >
> >
> > InitVariableParsing() seems an internal function, the 'EFIAPI' keyword can
> be
> > dropped. Please help to update the function definition in .C file as well.
> >
> >
> > > + IN BOOLEAN AuthFormat
> > > + );
> > > +
> > > #endif
> > > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > index 1a57d7e1ba..53d797152c 100644
> > > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
> > > @@ -3326,6 +3326,9 @@ InitNonVolatileVariableStore (
> > > mVariableModuleGlobal->MaxVariableSize = PcdGet32
> > > (PcdMaxVariableSize);
> > > mVariableModuleGlobal->MaxAuthVariableSize = ((PcdGet32
> > > (PcdMaxAuthVariableSize) != 0) ? PcdGet32 (PcdMaxAuthVariableSize) :
> > > mVariableModuleGlobal->MaxVariableSize);
> > >
> > > + Status = InitVariableParsing (mVariableModuleGlobal-
> > > >VariableGlobal.AuthFormat);
> > > + ASSERT_EFI_ERROR (Status);
> > > +
> >
> >
> > After the above initialization, mVariableModuleGlobal-
> > >VariableGlobal.AuthFormat
> > will be changed temporarily within
> > ConvertNormalVarStorageToAuthVarStorage() if normal HOB variable store
> > will be converted to the auth format:
> >
> > VOID *
> > ConvertNormalVarStorageToAuthVarStorage (
> > VARIABLE_STORE_HEADER *NormalVarStorage
> > )
> > {
> > ...
> > //
> > // Set AuthFormat as FALSE for normal variable storage
> > //
> > mVariableModuleGlobal->VariableGlobal.AuthFormat = FALSE;
> > ...
> > //
> > // Restore AuthFormat
> > //
> > mVariableModuleGlobal->VariableGlobal.AuthFormat = TRUE;
> > return AuthVarStorage;
> > }
> >
> >
> > I think there will be issues in such converting, since I found that at least
> > GetVariableHeaderSize() and NameSizeOfVariable() get called during the
> > execution of ConvertNormalVarStorageToAuthVarStorage(). And they are
> > checking 'mAuthFormat' rather than 'mVariableModuleGlobal-
> > >VariableGlobal.AuthFormat'.
> >
> >
> > > //
> > > // Parse non-volatile variable data and get last variable offset.
> > > //
> > > @@ -3756,18 +3759,13 @@ VariableCommonInitialize (
> > >
> > > //
> > > // mVariableModuleGlobal->VariableGlobal.AuthFormat
> > > - // has been initialized in InitNonVolatileVariableStore().
> > > + // is initialized in InitNonVolatileVariableStore().
> > > //
> > > if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable
> > > format!\n"));
> > > - //
> > > - // Set AuthSupport to FALSE first, VariableWriteServiceInitialize() will
> > > initialize it.
> > > - //
> > > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> > > VariableGuid = &gEfiAuthenticatedVariableGuid;
> > > } else {
> > > DEBUG ((EFI_D_INFO, "Variable driver will work without auth
> > > variable support!\n"));
> > > - mVariableModuleGlobal->VariableGlobal.AuthSupport = FALSE;
> >
> >
> > Not sure why the above changes belong to this patch.
> > Could you help to double confirm?
> >
> > Best Regards,
> > Hao Wu
> >
> >
> > > VariableGuid = &gEfiVariableGuid;
> > > }
> > >
> > > diff --git
> > > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > > index 394195342d..0a47f6d10d 100644
> > > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > > +++
> b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
> > > @@ -9,6 +9,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > #include "VariableParsing.h"
> > >
> > > +STATIC BOOLEAN mAuthFormat;
> > > +
> > > /**
> > >
> > > This code checks if variable header is valid or not.
> > > @@ -88,7 +90,7 @@ GetVariableHeaderSize ( {
> > > UINTN Value;
> > >
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
> > > } else {
> > > Value = sizeof (VARIABLE_HEADER); @@ -114,7 +116,7 @@
> > > NameSizeOfVariable (
> > > AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > >
> > > AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > if (AuthVariable->State == (UINT8) (-1) ||
> > > AuthVariable->DataSize == (UINT32) (-1) ||
> > > AuthVariable->NameSize == (UINT32) (-1) || @@ -149,7 +151,7 @@
> > > SetNameSizeOfVariable (
> > > AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > >
> > > AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > AuthVariable->NameSize = (UINT32) NameSize;
> > > } else {
> > > Variable->NameSize = (UINT32) NameSize; @@ -173,7 +175,7 @@
> > > DataSizeOfVariable (
> > > AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > >
> > > AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > if (AuthVariable->State == (UINT8) (-1) ||
> > > AuthVariable->DataSize == (UINT32) (-1) ||
> > > AuthVariable->NameSize == (UINT32) (-1) || @@ -208,7 +210,7 @@
> > > SetDataSizeOfVariable (
> > > AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > >
> > > AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > AuthVariable->DataSize = (UINT32) DataSize;
> > > } else {
> > > Variable->DataSize = (UINT32) DataSize; @@ -248,7 +250,7 @@
> > > GetVendorGuidPtr (
> > > AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
> > >
> > > AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
> > > - if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
> > > + if (mAuthFormat) {
> > > return &AuthVariable->VendorGuid;
> > > } else {
> > > return &Variable->VendorGuid;
> > > @@ -746,3 +748,22 @@ UpdateVariableInfo (
> > > }
> > > }
> > > }
> > > +
> > > +/**
> > > + Initializes context needed for variable parsing functions.
> > > +
> > > + @param[in] AuthFormat If true then indicates authenticated
> > > variables are supported
> > > +
> > > + @retval EFI_SUCCESS Initialized successfully
> > > + @retval Others An error occurred during initialization
> > > +**/
> > > +EFI_STATUS
> > > +EFIAPI
> > > +InitVariableParsing (
> > > + IN BOOLEAN AuthFormat
> > > + )
> > > +{
> > > + mAuthFormat = AuthFormat;
> > > +
> > > + return EFI_SUCCESS;
> > > +}
> > > --
> > > 2.16.2.windows.1
> > >
> > >
> > >
> >
>
next prev parent reply other threads:[~2019-10-16 7:55 UTC|newest]
Thread overview: 45+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-09-28 1:47 [PATCH V2 0/9] UEFI Variable SMI Reduction Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 1/9] MdeModulePkg/Variable: Consolidate common parsing functions Kubacki, Michael A
2019-10-03 8:03 ` Wu, Hao A
2019-10-03 17:35 ` Kubacki, Michael A
2019-10-08 2:11 ` Wu, Hao A
2019-10-08 21:53 ` Kubacki, Michael A
2019-10-08 6:07 ` Wang, Jian J
2019-10-08 22:00 ` Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 2/9] MdeModulePkg/Variable: Parameterize GetNextVariableEx() store list Kubacki, Michael A
2019-10-03 8:03 ` Wu, Hao A
2019-10-03 18:04 ` Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 3/9] MdeModulePkg/Variable: Parameterize VARIABLE_INFO_ENTRY buffer Kubacki, Michael A
2019-10-03 8:03 ` Wu, Hao A
2019-10-03 18:05 ` Kubacki, Michael A
2019-10-08 2:11 ` [edk2-devel] " Wu, Hao A
2019-10-08 21:49 ` Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 4/9] MdeModulePkg/Variable: Add local auth status in VariableParsing Kubacki, Michael A
2019-10-03 8:04 ` [edk2-devel] " Wu, Hao A
2019-10-03 18:35 ` Kubacki, Michael A
2019-10-16 7:55 ` Wu, Hao A [this message]
2019-10-16 16:37 ` Kubacki, Michael A
2019-10-17 1:00 ` Wu, Hao A
2019-09-28 1:47 ` [PATCH V2 5/9] MdeModulePkg/Variable: Add a file for NV variable functions Kubacki, Michael A
2019-10-03 8:04 ` Wu, Hao A
2019-10-03 18:43 ` Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 6/9] MdeModulePkg VariableInfo: Always consider RT DXE and SMM stats Kubacki, Michael A
2019-10-03 8:04 ` Wu, Hao A
2019-09-28 1:47 ` [PATCH V2 7/9] MdeModulePkg/Variable: Add RT GetVariable() cache support Kubacki, Michael A
2019-10-03 8:04 ` Wu, Hao A
2019-10-03 11:00 ` Laszlo Ersek
2019-10-03 20:53 ` Kubacki, Michael A
2019-10-03 21:53 ` Kubacki, Michael A
2019-10-03 22:01 ` Michael D Kinney
2019-10-03 23:31 ` Kubacki, Michael A
2019-10-04 6:50 ` Laszlo Ersek
2019-10-04 16:48 ` Kubacki, Michael A
2019-10-04 6:38 ` Laszlo Ersek
2019-10-04 16:48 ` Kubacki, Michael A
2019-10-08 2:12 ` Wu, Hao A
2019-09-28 1:47 ` [PATCH V2 8/9] MdeModulePkg/Variable: Add RT GetNextVariableName() " Kubacki, Michael A
2019-10-03 8:04 ` Wu, Hao A
2019-10-03 18:52 ` Kubacki, Michael A
2019-10-03 18:59 ` [edk2-devel] " Andrew Fish
2019-10-03 20:12 ` Kubacki, Michael A
2019-09-28 1:47 ` [PATCH V2 9/9] MdeModulePkg/VariableSmm: Remove unused SMI handler functions Kubacki, Michael A
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=B80AF82E9BFB8E4FBD8C89DA810C6A093C948012@SHSMSX104.ccr.corp.intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox