[PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

* [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported
@ 2023-07-10 10:05 sunceping
  2023-07-10 10:36 ` [edk2-devel] " Gerd Hoffmann
  0 siblings, 1 reply; 4+ messages in thread
From: sunceping @ 2023-07-10 10:05 UTC (permalink / raw)
  To: devel
  Cc: sunceping, Erdem Aktas, James Bottomley, Jiewen Yao,
	Gerd Hoffmann, Min Xu, Tom Lendacky, Michael Roth

SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f), but the
PeilessStartupLib was not updated with PcdSecureBootSupported, that made
SecureBoot no longer work in IntelTdxX64.

Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with
PcdSecureBootSupported in PeilessStartupLib.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Michael Roth <michael.roth@amd.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
---
 OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c      | 6 +++---
 OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf | 1 +
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
index 164aa2d619..1632a23177 100644
--- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
+++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartup.c
@@ -82,9 +82,9 @@ InitializePlatform (
 
   VariableStore                                  = PlatformReserveEmuVariableNvStore ();
   PlatformInfoHob->PcdEmuVariableNvStoreReserved = (UINT64)(UINTN)VariableStore;
- #ifdef SECURE_BOOT_FEATURE_ENABLED
-  PlatformInitEmuVariableNvStore (VariableStore);
- #endif
+  if (FeaturePcdGet (PcdSecureBootSupported)) {
+    PlatformInitEmuVariableNvStore (VariableStore);
+  }
 
   if (TdIsEnabled ()) {
     PlatformTdxPublishRamRegions ();
diff --git a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
index 7719b5031d..585d504637 100644
--- a/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
+++ b/OvmfPkg/Library/PeilessStartupLib/PeilessStartupLib.inf
@@ -83,3 +83,4 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdNullPointerDetectionPropertyMask    ## CONSUMES
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvBase
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfDxeMemFvSize
+  gUefiOvmfPkgTokenSpaceGuid.PcdSecureBootSupported
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 4+ messages in thread

* Re: [edk2-devel] [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported
  2023-07-10 10:05 [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported sunceping
@ 2023-07-10 10:36 ` Gerd Hoffmann
  2023-07-17  1:55   ` Yao, Jiewen
  0 siblings, 1 reply; 4+ messages in thread
From: Gerd Hoffmann @ 2023-07-10 10:36 UTC (permalink / raw)
  To: devel, cepingx.sun
  Cc: Erdem Aktas, James Bottomley, Jiewen Yao, Min Xu, Tom Lendacky,
	Michael Roth

On Mon, Jul 10, 2023 at 06:05:39PM +0800, sunceping wrote:
> SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f), but the
> PeilessStartupLib was not updated with PcdSecureBootSupported, that made
> SecureBoot no longer work in IntelTdxX64.
> 
> Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with
> PcdSecureBootSupported in PeilessStartupLib.
> 
> Cc: Erdem Aktas <erdemaktas@google.com>
> Cc: James Bottomley <jejb@linux.ibm.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Cc: Min Xu <min.m.xu@intel.com>
> Cc: Tom Lendacky <thomas.lendacky@amd.com>
> Cc: Michael Roth <michael.roth@amd.com>
> Signed-off-by: Ceping Sun <cepingx.sun@intel.com>

Acked-by: Gerd Hoffmann <kraxel@redhat.com>


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [edk2-devel] [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported
  2023-07-10 10:36 ` [edk2-devel] " Gerd Hoffmann
@ 2023-07-17  1:55   ` Yao, Jiewen
  2023-07-17 20:22     ` Erdem Aktas via groups.io
  0 siblings, 1 reply; 4+ messages in thread
From: Yao, Jiewen @ 2023-07-17  1:55 UTC (permalink / raw)
  To: devel@edk2.groups.io, kraxel@redhat.com, Sun, CepingX
  Cc: Aktas, Erdem, James Bottomley, Xu, Min M, Tom Lendacky,
	Michael Roth

Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>

> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> Hoffmann
> Sent: Monday, July 10, 2023 6:36 PM
> To: devel@edk2.groups.io; Sun, CepingX <cepingx.sun@intel.com>
> Cc: Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M
> <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Michael
> Roth <michael.roth@amd.com>
> Subject: Re: [edk2-devel] [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with
> PcdSecureBootSupported
> 
> On Mon, Jul 10, 2023 at 06:05:39PM +0800, sunceping wrote:
> > SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f),
> but the
> > PeilessStartupLib was not updated with PcdSecureBootSupported, that made
> > SecureBoot no longer work in IntelTdxX64.
> >
> > Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with
> > PcdSecureBootSupported in PeilessStartupLib.
> >
> > Cc: Erdem Aktas <erdemaktas@google.com>
> > Cc: James Bottomley <jejb@linux.ibm.com>
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > Cc: Min Xu <min.m.xu@intel.com>
> > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > Cc: Michael Roth <michael.roth@amd.com>
> > Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
> 
> Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> 
> 
> 
> 
> 


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [edk2-devel] [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported
  2023-07-17  1:55   ` Yao, Jiewen
@ 2023-07-17 20:22     ` Erdem Aktas via groups.io
  0 siblings, 0 replies; 4+ messages in thread
From: Erdem Aktas via groups.io @ 2023-07-17 20:22 UTC (permalink / raw)
  To: Yao, Jiewen
  Cc: devel@edk2.groups.io, kraxel@redhat.com, Sun, CepingX,
	James Bottomley, Xu, Min M, Tom Lendacky, Michael Roth

Reviewed-by: Erdem Aktas <erdemaktas@google.com>


On Sun, Jul 16, 2023 at 6:55 PM Yao, Jiewen <jiewen.yao@intel.com> wrote:
>
> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
>
> > -----Original Message-----
> > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Gerd
> > Hoffmann
> > Sent: Monday, July 10, 2023 6:36 PM
> > To: devel@edk2.groups.io; Sun, CepingX <cepingx.sun@intel.com>
> > Cc: Aktas, Erdem <erdemaktas@google.com>; James Bottomley
> > <jejb@linux.ibm.com>; Yao, Jiewen <jiewen.yao@intel.com>; Xu, Min M
> > <min.m.xu@intel.com>; Tom Lendacky <thomas.lendacky@amd.com>; Michael
> > Roth <michael.roth@amd.com>
> > Subject: Re: [edk2-devel] [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with
> > PcdSecureBootSupported
> >
> > On Mon, Jul 10, 2023 at 06:05:39PM +0800, sunceping wrote:
> > > SECURE_BOOT_FEATURE_ENABLED was dropped by the commit(92da8a154f),
> > but the
> > > PeilessStartupLib was not updated with PcdSecureBootSupported, that made
> > > SecureBoot no longer work in IntelTdxX64.
> > >
> > > Fix this by replacing SECURE_BOOT_FEATURE_ENABLED with
> > > PcdSecureBootSupported in PeilessStartupLib.
> > >
> > > Cc: Erdem Aktas <erdemaktas@google.com>
> > > Cc: James Bottomley <jejb@linux.ibm.com>
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Gerd Hoffmann <kraxel@redhat.com>
> > > Cc: Min Xu <min.m.xu@intel.com>
> > > Cc: Tom Lendacky <thomas.lendacky@amd.com>
> > > Cc: Michael Roth <michael.roth@amd.com>
> > > Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
> >
> > Acked-by: Gerd Hoffmann <kraxel@redhat.com>
> >
> >
> >
> > 
> >
>


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#106971): https://edk2.groups.io/g/devel/message/106971
Mute This Topic: https://groups.io/mt/100054785/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2023-07-17 20:22 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-10 10:05 [PATCH V1] OvmfPkg/PeilessStartupLib: Updated with PcdSecureBootSupported sunceping
2023-07-10 10:36 ` [edk2-devel] " Gerd Hoffmann
2023-07-17  1:55   ` Yao, Jiewen
2023-07-17 20:22     ` Erdem Aktas via groups.io

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox