From: "Masahisa Kojima" <masahisa.kojima@linaro.org>
To: edk2-devel-groups-io <devel@edk2.groups.io>
Cc: Bret.Barkelew@microsoft.com, jian.j.wang@intel.com,
hao.a.wu@intel.com, gaoliming@byosoft.com.cn,
Ard Biesheuvel <ard.biesheuvel@arm.com>,
Sami Mujawar <sami.mujawar@arm.com>,
jiewen.yao@intel.com
Subject: VariablePolicy support in StandaloneMM
Date: Wed, 2 Dec 2020 17:57:43 +0900 [thread overview]
Message-ID: <CADQ0-X_+fUnWri-X9C5f8mDugUaQJ-2BwmTUh+hLakAUhYp6HQ@mail.gmail.com> (raw)
Hello All,
VariablePolicy was introduced in November.
When Developerbox(aarch64 platform) boots with UEFI secure boot enabled,
the following error appears.
Note that this platform supports UEFI secure boot using the standalone
MM framework.
--- StandaloneMM log ---
VariableLockRequestToLock - Failed to lock variable CapsuleMax! Not Ready
ASSERT_EFI_ERROR (Status = Not Ready)
ASSERT [VariableStandaloneMm]
/home/ubuntu/src/uefi/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c(64):
!EFI_ERROR (Status)
MmEntryPoint Done
---
In my check, this is simply because
MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c::InitVariablePolicyLib()
is not called.
InitVariablePolicyLib() is called from the following two files.
---
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c: Status
= InitVariablePolicyLib( VariableServiceGetVariable );
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c: Status =
InitVariablePolicyLib (VariableServiceGetVariable);
---
VariableDxe.c is not for MM_STANDALONE, so I tried to use
"VarCheckPolicyLib" as VarCheckLib,
but "VarCheckPolicyLib" requires
DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf and
DxeServicesLib.inf is not for MM_STANDALONE, I am stuck here.
Could you please take a look at this error?
Thanks,
Masahisa
next reply other threads:[~2020-12-02 8:57 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-02 8:57 Masahisa Kojima [this message]
2020-12-02 9:02 ` VariablePolicy support in StandaloneMM Ard Biesheuvel
2020-12-02 9:41 ` 回复: " gaoliming
2020-12-02 12:06 ` Yao, Jiewen
2020-12-03 9:14 ` Laszlo Ersek
2020-12-03 21:58 ` [edk2-devel] " Kun Qin
2020-12-14 6:14 ` Masahisa Kojima
2020-12-14 22:20 ` Kun Qin
2020-12-16 11:53 ` Masahisa Kojima
2020-12-16 17:52 ` Kun Qin
2020-12-17 1:10 ` 回复: " gaoliming
2020-12-17 1:56 ` Masahisa Kojima
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CADQ0-X_+fUnWri-X9C5f8mDugUaQJ-2BwmTUh+hLakAUhYp6HQ@mail.gmail.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox