From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2a00:1450:400c:c09::244; helo=mail-wm0-x244.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-wm0-x244.google.com (mail-wm0-x244.google.com [IPv6:2a00:1450:400c:c09::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id A26232034A798 for ; Mon, 27 Nov 2017 23:31:14 -0800 (PST) Received: by mail-wm0-x244.google.com with SMTP id b189so38726500wmd.0 for ; Mon, 27 Nov 2017 23:35:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=hSWvCl5S5Z3IWOC1IP3tBVuIn9vmBnhv9AN9xjfhYXE=; b=WbkFYVXmz3VDayVwFv0blCAZ+SPxMSdv/d9k9ju8G9g2pTshRwyC34+qX0a3EJXUX3 DT8x2GKjsCYVQtETDMc6fC+Bd8RsCjgiLiEiQhn2rx0WFviCjIDPq/B6gbpaLVq5TsuL ZQaX63tgFzE7sQuZJ3iZBPpoaqTsBjcHgD2IY= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=hSWvCl5S5Z3IWOC1IP3tBVuIn9vmBnhv9AN9xjfhYXE=; b=ReJ/SoErV+bkcEqNpi3TC8WFbEiQoDjFkxk3KIEjVPb4a/tDXcTRTech3rYqlIHb+D FY8GOAYpX5KD337sLSjbTYZWgDYeBQkqIoYyqcMKZEOkSQz/PEh/2cEjXvu/dM1EkzVY IzhqRYFUJbf6OCo2dXjLQHa4qWkEEA9FQhjyej+B/hzdZF3GYMiW/uyvLXJUR8Oc/ytx u1wMIhJxyVm2/SeZfb7lhcpjJs0IEXbmefOS2pCSCYZxt6ojUt3HZVIEZtnglqZrsDQG 6aYZij0Tyf46TH0pY4LMQz0So36+JbJA/NgqkWs2n3QaSymQons2978ByhIvYBbeyx0S coZg== X-Gm-Message-State: AJaThX7PdZWOoF4bADGaITcFz/LF44ME0MOW+q/0Qc4nLmL7lnoe64zG mkGFQ/sTXIaXubLNoVQH+Mxt7ct+IwDHXHbv8nGtcK2g6/E= X-Google-Smtp-Source: AGs4zMbckIK6n3WtVtxnQk3OaruRlPjwaUimhp1mtx7MM0/iX2BhMO05dNPkwM/0/Awj+I2t0a3azf2G7+w2RSMW+aY= X-Received: by 10.80.152.229 with SMTP id j92mr1367663edb.279.1511854536088; Mon, 27 Nov 2017 23:35:36 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.184.113 with HTTP; Mon, 27 Nov 2017 23:35:35 -0800 (PST) In-Reply-To: <20171127165736.drp63cy7vdxc2sak@bivouac.eciton.net> References: <20171121105336.26699-1-kalyankumar.nagabhirava@linaro.org> <20171126152206.yhb7gvofp4ne6f62@bivouac.eciton.net> <20171127165736.drp63cy7vdxc2sak@bivouac.eciton.net> From: Kalyan Nagabhirava Date: Tue, 28 Nov 2017 13:05:35 +0530 Message-ID: To: Leif Lindholm Cc: Laszlo Ersek , edk2-devel@lists.01.org, Ard Biesheuvel , Mark Gregotski , Marcin Wojtas X-Content-Filtered-By: Mailman/MimeDel 2.1.22 Subject: Re: [PATCH] [edk2-platforms]:Enabling Secure boot feature support on hikey platfrom X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 28 Nov 2017 07:31:14 -0000 Content-Type: text/plain; charset="UTF-8" HI Leif, we didn't implemented enabling USB host and Secure boot support on Hikey , we just took the code from openplatfrompkg (hikey branch) , we have implemented secureboot and DRI -disaster recovery image (HTTP image download) application and tested on HIkey platform , so for that purpose we are trying to upstream the hikey code. but hikey platform code looks in bad shape (as per ard and your comments) ,so we are planning to upstream only our application code which is independent of platform. Regards, kalyan. On 27 November 2017 at 22:27, Leif Lindholm wrote: > On Mon, Nov 27, 2017 at 02:02:32PM +0100, Laszlo Ersek wrote: > > On 11/26/17 16:22, Leif Lindholm wrote: > > > (Adding Laszlo to cc based on a single comment I make below.) > > > > > > On Tue, Nov 21, 2017 at 04:23:36PM +0530, kalyan-nagabhirava wrote: > > > > >> [Guids.common] > > >> gHiKeyTokenSpaceGuid = { 0x91148425, 0xcdd2, 0x4830, { > 0x8b, 0xd0, 0xc6, 0x1c, 0x6d, 0xea, 0x36, 0x21 } } > > >> + gHwTokenSpaceGuid = { 0x99999999, 0x74c5, 0x4043, { > 0xb4, 0x17, 0xa3, 0x22, 0x38, 0x14, 0xce, 0x76 } } > > > > > > This very much looks like a not properly generated GUID. > > > GUIDs must always be generated using an RFC4122-compliant algorithm. > > > I generally recommend using > > > https://www.guidgenerator.com/online-guid-generator.aspx. > > > > I just run "uuidgen" in a terminal window. > > Yeah, I just prefer pointing to someone that does not require > installing anything, or requires specific operating systems. > > > >> +EFI_STATUS > > >> +EFIAPI > > >> +FvbSetAttributes( > > >> + IN CONST EFI_FIRMWARE_VOLUME_BLOCK2_PROTOCOL *This, > > >> + IN OUT EFI_FVB_ATTRIBUTES_2 *Attributes > > >> + ) > > >> +{ > > >> + DEBUG ((DEBUG_BLKIO, "FvbSetAttributes(0x%X) is not > supported\n",*Attributes)); > > >> + return EFI_UNSUPPORTED; > > > > > > As per my (very) recent comment to Marcin, I do not believe returning > > > EFI_UNSUPPORTED is a valid thing to do here. Which to me suggests the > > > implementation of FvbGetAttributes is also incorrect. > > > > > > Laszlo - what's your take on this in conjunction with PI 1.6 section > > > 3.4.2? OvmfPkg does something very similar in > > > EmuVariableFvbRuntimeDxe/Fvb.c. > > > > I guess you are right. The particular OvmfPkg code that you mention is > > likely also spec-breaking. > > > > FWIW, in the OVMF flash driver that actually uses pflash, namely > > > > OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockService.c > > > > the FvbSetVolumeAttributes() function appears both appropriate for the > > spec and generic enough to copy elsewhere. > > Yes, that looks good, thanks! > > Marcin, Kalyan - please have a look at that implementation for > inspiration. > > / > Leif > -- regards, kalyan.