From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 9D32FAC10FF for ; Thu, 4 Apr 2024 15:21:19 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=VDe75n70MMUnoeof96lApn6myQZmt38swmLG0aKjSLA=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1712244078; v=1; b=eU+6axR8PBanfSAb034JToJnvIn2DYmYxKI6Lriofq7gQa8mrd+8CoLRKGYXplSRb/+an24k drne3mBeGDqYuUj4QNqoBJX22E69RY6HmIlFTBhl4SeXEcjuynBSzi3roXUNaszulGn2mdlU2ms 2aTQB6kiC9iIMkO/BRXQ6/X+rBYZ6ydQCf1qwyMsTT2df3jeM4vw01a9+I5EE2bHTxXSlWyYUMI 9QfsXs719srHMcCU0W0OD8qtUtEe2+OPFQgFPB6eSTHKn2GhKhvpYyWjM4xtgGw1PdQJAlX8PEJ ASIlfU+NnCiI+WB55AdCRoAHUnGbNtj32BGWzmE/kFZYA== X-Received: by 127.0.0.2 with SMTP id Bs8bYY7687511xUaykxfVClG; Thu, 04 Apr 2024 08:21:18 -0700 X-Received: from NAM11-CO1-obe.outbound.protection.outlook.com (NAM11-CO1-obe.outbound.protection.outlook.com [40.107.220.110]) by mx.groups.io with SMTP id smtpd.web10.41105.1712244077377012821 for ; Thu, 04 Apr 2024 08:21:17 -0700 X-Received: from BN0PR10MB4981.namprd10.prod.outlook.com (2603:10b6:408:12d::16) by DS0PR10MB7128.namprd10.prod.outlook.com (2603:10b6:8:dd::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.46; Thu, 4 Apr 2024 15:21:08 +0000 X-Received: from BN0PR10MB4981.namprd10.prod.outlook.com ([fe80::48eb:e11b:26b1:4083]) by BN0PR10MB4981.namprd10.prod.outlook.com ([fe80::48eb:e11b:26b1:4083%6]) with mapi id 15.20.7409.042; Thu, 4 Apr 2024 15:21:08 +0000 From: "Felix Polyudov via groups.io" To: Ming Tan , "devel@edk2.groups.io" CC: Min Xu , Jiewen Yao , Dandan Bi Subject: Re: [edk2-devel] [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI according to UEFI spec Thread-Topic: [EXTERNAL] [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI according to UEFI spec Thread-Index: AQHahNhNmDG4zoZZMk2xUgSlObyVULFYPUJA Date: Thu, 4 Apr 2024 15:21:08 +0000 Message-ID: References: <20240402083219.2293-1-ming.tan@intel.com> In-Reply-To: <20240402083219.2293-1-ming.tan@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: BN0PR10MB4981:EE_|DS0PR10MB7128:EE_ x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: XKaA/KX+hz2m8Ht/+rv7E6JJ7rqqPeV8PJi7fYa3B3Vr+lJ4/n0EZ0CIzrOUeUku/nzrhlOvTFCCUgF2U6Ngdv3W8jsYLvrIFK6HCQyT5k+zq3UDkQv4CFQNQsZt5I1g43yKxvcupyvGg0D4wohasriOQoNDLkC0aUuYPqBoshMgwB8o/LPzHVbeVTO/D1wFW0KlRIA2Z6lmDCLDokzN7uRR/kNjXjGC7JoS3l8KHKVPNVhQO+e/yBDpOXKjTcIX0pYMKDmhzIVOKGrxVIQx/jphBMsmx1LBpt3AV3QxQ5jqMLzHGZYzZmKEMomEDqhuHTAvpcmsOm6RNGKR6OGAJrH8YRd9iihHosw9avtmMIXQVYqdHYLv8nSwjeyMwuEc20ys6RbpRpEv18wh4DVfEcl/lr1L8RGEj02u0+wWnaCrM/y0OWk/iiFV1ZDRZJ//bqsRcTLOU3WRuX3AQioAAgSsrsi43MPKm9ud+zxPpuRdcxZzsAI9r1mHD9qQlvVkJnnREGWhon+tyYFLmXQhg6JFhFrvNkIE8/wRySf3wF5S6VCdQBiTbnt3OE2c+KJRAwHTzjA7ootKev19VDGhZoM0vgaYOBFp1C2ahO8L/ZU= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?lwHFB8pD9asU3rseQRE9iWe9ruVUoRtA8w/s+pOdY9pseP0rG5DDAOBKsvZY?= =?us-ascii?Q?9lx2UpdsYcn0uHhyV2fGZb3rCdu2thqpdf42zxLre4vAFpszZghp6icwAe7L?= =?us-ascii?Q?jb6k/lgHe11O3aN0B1Is7CK9Jnp0/HlXaIHuChlflfWZoraydjdDlG9onA6i?= =?us-ascii?Q?2kl2qWxoJxVZGwyTvvGvVS5fOPF59zXNKR3LYxdZQJapDq5OyK+OCUbvnjdH?= =?us-ascii?Q?n/Kbbm4I2JtY1DO9EvzPiRkZgWxpT/MrMda6ufwp0huSuyVa7itu9JJUJPfs?= =?us-ascii?Q?HLSXfPsMoGfB2Cz8RFfCETEHo8rv+gs5T3t3NCVqBHUgdD7pqnf0hVg7I5r/?= =?us-ascii?Q?B+7N5m0DpZCaJU0AGEX/JxZmG9QiqVlw75Jcpu3sTfgu37R8kwTheqsQw4eS?= =?us-ascii?Q?yJnYNUg0/hT2seji15AkCxxImNrEENMYQFWpFrZzxGSi8K2isQTLc0UKsinn?= =?us-ascii?Q?zJcNEvBzT4S5rTKLZqLMcp+bJnvvs3b3NkyP+QqwTsUQd7N2Btm2v0K05hVf?= =?us-ascii?Q?ZsbYTRZh3sVyb8xqahkx/1UYvoZ533G/Dj3COBGUUVt5/iii8EsRP5auOUKP?= =?us-ascii?Q?9fvdWx2sE9buYLvwbqEUW+xuXKogL8KMbJAenVfuOMG1mOPCfcgtuo5xudlz?= =?us-ascii?Q?An4OWQ2g/P6i4vSpvB7pRWZTAlmVydFabnGsSiqMpezFwr7USLCgpZD4x+Ev?= =?us-ascii?Q?pK8dHY9Pe+fBG2IdsCgJeuqhl+BFMJaPMlbCZtuTdKF/xjekKEh4U+KJ/aKs?= =?us-ascii?Q?dSv0nekXxlHuke5UHPRpDh3SMnsuOst2KK6YAaxU0pS/Kpa/VprTAEcNBn0O?= =?us-ascii?Q?mDiLiyPB1wP4W8DGsxGB94pusYN6R7GO9dH93yKQ6bh/Fq5ONCmZT6ruUYB5?= =?us-ascii?Q?SklnLBirwaecsofcNtHQaxSpIj7SIL4DmO/kUXAu24PROw7EUPeWmg0/fLRh?= =?us-ascii?Q?ghPAqaLYFB4noL+UZi2Bsv0PuE/tIHQEeVuzwQYlI4RK7S1ZSV/r6Rcu1idD?= =?us-ascii?Q?aisudYlQEwwBD9QcaP6bKpxhhc7D7Jvqr5imh6uW97ZgYWhnpqy90z8vXPaW?= =?us-ascii?Q?1UDsyCsJwAmZDHXbhrcYL71KdsPZfqhQuhsoeKR+1gKsfBL0GL6zSEZuT0g/?= =?us-ascii?Q?76JLhNMBt1VCor8VK2lxREmoc9wK0mhDq4j7MZoKFfXr6fWU+9ixwRmjG6wI?= =?us-ascii?Q?uxQtOgXuBldKrP1k9tLTw1KHZTfJmd1CpSw1M7WzWKdgyXhXnK9J42jJhvPM?= =?us-ascii?Q?r0pBBlp3pobh4DWQ8wR3GmbUcX1nkC44aL0jgmems9366LvI0e0FVsMrWD0d?= =?us-ascii?Q?S17Mh+LsgK+6lu9muJ2wBP0DWtC/0bcfHdhnGeJY7lx4WIBKiAAd5iK1nepb?= =?us-ascii?Q?Y5poSgKET4O4GGw6fJlOEsDW5CYO9jEMlcSp34DTtNMC5evRdLfh3ROHUrUX?= =?us-ascii?Q?+/YevRtsaTPLL9Y70EpPUpeoi+NPgQMFa/sCV0uxhGaOm2cngevjs9aJsPAS?= =?us-ascii?Q?ziTbzAeaFHPQbLz9gD3scDqQQc+5iXTGsyLRoKTHnedV63uLsa9p9t1lU1RX?= =?us-ascii?Q?Yp2NMsV2LKcK7ogtld8=3D?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BN0PR10MB4981.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 29aeee3e-8ce2-43e9-0fb0-08dc54bada3d X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Apr 2024 15:21:08.1760 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: j863WOy5VCutUBL5l9vYZyjaYYjlICWWf0wqzt+zZupq2fWS+gYnzjSWnHjuHyhf X-MS-Exchange-Transport-CrossTenantHeadersStamped: DS0PR10MB7128 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Thu, 04 Apr 2024 08:21:17 -0700 Resent-From: felixp@ami.com Reply-To: devel@edk2.groups.io,felixp@ami.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: GtYrlu0JoF9hZW9KySxyxJNwx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=eU+6axR8; dmarc=pass (policy=none) header.from=groups.io; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Reviewed-by: Felix Polyudov -----Original Message----- From: Ming Tan Sent: Tuesday, April 2, 2024 4:32 AM To: devel@edk2.groups.io Cc: Min Xu ; Jiewen Yao ; Dandan = Bi ; Felix Polyudov Subject: [EXTERNAL] [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI a= ccording to UEFI spec **CAUTION: The e-mail below is from an external source. Please exercise cau= tion before opening attachments, clicking links, or following guidance.** REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4713 In UEFI_Spec_2_10_Aug29.pdf page 1694 section 35.5.4 for EFI_BROWSER_ACTION_FORM_OPEN: NOTE: EFI_FORM_BROWSER2_PROTOCOL.BrowserCallback() cannot be used with this= browser action because question values have not been retrieved yet. So should not call HiiGetBrowserData() and HiiSetBrowserData() in FORM_OPEN= call back function. Now call SecureBootExtractConfigFromVariable() and update IfrNvData->ListCount to save the change to EFI variable, then HII use IfrNvData->EFI variable to control the UI. Cc: Min Xu Cc: Jiewen Yao Cc: Dandan Bi Cc: Felix Polyudov Signed-off-by: Ming Tan --- PR: https://github.com/tianocore/edk2/pull/5411 V4: Fix a Cc issue of miss a space. V3: According to Dandan Bi's feedback, does not call SecureBootExtractCon= figFromVariable() at last, but call it as needed. And add more code for update IfrNvData->ListCount. V2: Change code style to pass uncrustify check. .../SecureBootConfigImpl.c | 42 +++++++++++-------- 1 file changed, 25 insertions(+), 17 deletions(-) diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBo= otConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/Secu= reBootConfigImpl.c index 2c11129526..6d4560c39b 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfi= gImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo +++ nfigImpl.c @@ -3366,6 +3366,8 @@ SecureBootExtractConfigFromVariable ( ConfigData->FileEnrollType =3D UNKNOWN_FILE_TYPE; } + ConfigData->ListCount =3D Private->ListCount; + // // If it is Physical Presence User, set the PhysicalPresent to true. // @@ -4541,12 +4543,13 @@ SecureBootCallback ( EFI_HII_POPUP_PROTOCOL *HiiPopup; EFI_HII_POPUP_SELECTION UserSelection; - Status =3D EFI_SUCCESS; - SecureBootEnable =3D NULL; - SecureBootMode =3D NULL; - SetupMode =3D NULL; - File =3D NULL; - EnrollKeyErrorCode =3D None_Error; + Status =3D EFI_SUCCESS; + SecureBootEnable =3D NULL; + SecureBootMode =3D NULL; + SetupMode =3D NULL; + File =3D NULL; + EnrollKeyErrorCode =3D None_Error; + GetBrowserDataResult =3D FALSE; if ((This =3D=3D NULL) || (Value =3D=3D NULL) || (ActionRequest =3D=3D N= ULL)) { return EFI_INVALID_PARAMETER; @@ -4565,15 +4568,12 @@ SecureBootCallback ( return EFI_OUT_OF_RESOURCES; } - GetBrowserDataResult =3D HiiGetBrowserData (&gSecureBootConfigFormSetGui= d, mSecureBootStorageName, BufferSize, (UINT8 *)IfrNvData); - if (Action =3D=3D EFI_BROWSER_ACTION_FORM_OPEN) { if (QuestionId =3D=3D KEY_SECURE_BOOT_MODE) { // // Update secure boot strings when opening this form // - Status =3D UpdateSecureBootString (Private); - SecureBootExtractConfigFromVariable (Private, IfrNvData); + Status =3D UpdateSecureBootString (Private); mIsEnterSecureBootForm =3D TRUE; } else { // @@ -4587,23 +4587,22 @@ SecureBootCallback ( (QuestionId =3D=3D KEY_SECURE_BOOT_DBT_OPTION)) { CloseEnrolledFile (Private->FileContext); - } else if (QuestionId =3D=3D KEY_SECURE_BOOT_DELETE_ALL_LIST) { - // - // Update ListCount field in varstore - // Button "Delete All Signature List" is - // enable when ListCount is greater than 0. - // - IfrNvData->ListCount =3D Private->ListCount; } } goto EXIT; } + GetBrowserDataResult =3D HiiGetBrowserData + (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, + (UINT8 *)IfrNvData); + if (Action =3D=3D EFI_BROWSER_ACTION_RETRIEVE) { Status =3D EFI_UNSUPPORTED; if (QuestionId =3D=3D KEY_SECURE_BOOT_MODE) { if (mIsEnterSecureBootForm) { + if (GetBrowserDataResult) { + SecureBootExtractConfigFromVariable (Private, IfrNvData); + } + Value->u8 =3D SECURE_BOOT_MODE_STANDARD; Status =3D EFI_SUCCESS; } @@ -4764,6 +4763,8 @@ SecureBootCallback ( L"Only Physical Presence User could delete PK in custom mo= de!", NULL ); + } else { + SecureBootExtractConfigFromVariable (Private, IfrNvData); } } } @@ -4827,6 +4828,7 @@ SecureBootCallback ( SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, OPTION_SIGNATURE_LIST_QUESTION_ID ); + IfrNvData->ListCount =3D Private->ListCount; break; // @@ -4851,6 +4853,7 @@ SecureBootCallback ( SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, OPTION_SIGNATURE_LIST_QUESTION_ID ); + IfrNvData->ListCount =3D Private->ListCount; break; // @@ -4875,6 +4878,7 @@ SecureBootCallback ( SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, OPTION_SIGNATURE_LIST_QUESTION_ID ); + IfrNvData->ListCount =3D Private->ListCount; break; case SECUREBOOT_DELETE_SIGNATURE_FROM_DBT: @@ -4954,6 +4958,8 @@ SecureBootCallback ( L"Only supports DER-encoded X509 certificate, AUTH_2 format da= ta & executable EFI image", NULL ); + } else { + IfrNvData->ListCount =3D Private->ListCount; } break; @@ -5005,6 +5011,8 @@ SecureBootCallback ( PromptString, NULL ); + } else { + SecureBootExtractConfigFromVariable (Private, IfrNvData); } break; -- 2.31.1.windows.1 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= . -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117439): https://edk2.groups.io/g/devel/message/117439 Mute This Topic: https://groups.io/mt/105284072/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-