From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.134])
 by mx.groups.io with SMTP id smtpd.web11.1545.1593674182231722306
 for <devel@edk2.groups.io>;
 Thu, 02 Jul 2020 00:16:22 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@microsoft.com header.s=selector2 header.b=EFB//LVJ;
 spf=pass (domain: microsoft.com, ip: 40.107.236.134, mailfrom: bret.barkelew@microsoft.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=ocqhEp+gVb1ymU+kHj2wE+IItTEVTeV6DrhqUXItdLxh7bsj1hb2SCEy9IfpLH0x3DJEL0XZOY4/7M3RZ7iEmIMYQ9U1+C1870TWJMFpqz299duTyExel41FGbkmdMKqmaRDlHJ/ItV+NFJq/05ckXhSBHW4srwodC4iijwU7VaUTIjGbkY6ZFAb6+nlnaDkhpXShQYWxY9WTICZDEsZTeRkVE+NlKn1cl1l0Wl0Irlel14bzewSujpnK6Vrqgqqsy4v5U3fd5+bN+jDEnM1MEtaSUev+0470FkD7MVHyyD/D58q+ndW2s6dOlr5q13wie0mp6aQ7UZGJek/qGbi/A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Qd9b9WT5GVklRDtbuVV2FTJKTyJ+gP1YLFNI17HsC2g=;
 b=CBBd6M167ka3t7Sz7JPm77ZNsJk6QMPhrxIZ6ysysWzGltGsqClPBZbaN7tBMfMTwB3zKJU3fJ80+/1+rBiosHSGG208atX1ZswnP+52/4TkkzXL9i9uZ7eem9TJXMqfAypc2xOREWrIw1y7yRL9RN4QjCIdvi+ftvm6DxG3242MUSb+uWM8LqyDXMdvpyixcuY355m9JCHpO5iPpo1k2g7GfXvgKvTBEBn8iwZyLEoJ3k7ZlA9XVUOr3ilFVWnSj8R+xT5DIIW5XzcgVFntsjZ1V7ZsjzfUu+Qd8OTNZ9VfdgGCXPSMEqDFOBFEPJ1Otyq6FKuHnzQ9J3fprdA0GA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=microsoft.com; dmarc=pass action=none
 header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=selector2;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=Qd9b9WT5GVklRDtbuVV2FTJKTyJ+gP1YLFNI17HsC2g=;
 b=EFB//LVJCgnSAgDuMpUga3KDnmNhRaIk9cumLxMJvbii7FAnbSupJiTpNPYSktzsEKb0Dtd2xTUCZwo8MjP17UpiIh3/hpFWCj12Ane4QV5otONzyPbKKIDNw52S6cv7LiR6/D8ogWst8tV9cUWCI3oiNB/GUTW5JBkhw/8jVeM=
Received: from CY4PR21MB0743.namprd21.prod.outlook.com (2603:10b6:903:b2::9)
 by CY4PR21MB0773.namprd21.prod.outlook.com (2603:10b6:903:b8::19) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3174.4; Thu, 2 Jul
 2020 07:16:13 +0000
Received: from CY4PR21MB0743.namprd21.prod.outlook.com
 ([fe80::f112:82fb:d4fd:f7dd]) by CY4PR21MB0743.namprd21.prod.outlook.com
 ([fe80::f112:82fb:d4fd:f7dd%12]) with mapi id 15.20.3174.012; Thu, 2 Jul 2020
 07:16:13 +0000
From: "Bret Barkelew" <bret.barkelew@microsoft.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>, "dandan.bi@intel.com"
	<dandan.bi@intel.com>, "bret@corthon.com" <bret@corthon.com>
CC: "Wang, Jian J" <jian.j.wang@intel.com>, "Wu, Hao A" <hao.a.wu@intel.com>,
	liming.gao <liming.gao@intel.com>
Subject: Re: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define the VariablePolicyLib
Thread-Topic: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define the
 VariablePolicyLib
Thread-Index: AQHWUBZoKnqVLI210UyrVOLIfp38sKjz4LoN
Date: Thu, 2 Jul 2020 07:16:13 +0000
Message-ID: 
 <CY4PR21MB074399EFFD54FE103EF7B5B8EF6D0@CY4PR21MB0743.namprd21.prod.outlook.com>
References: <20200623064104.1908-1-brbarkel@microsoft.com>
 <20200623064104.1908-3-brbarkel@microsoft.com>,<BN6PR11MB1393421389F91E0633D430BBEA6D0@BN6PR11MB1393.namprd11.prod.outlook.com>
In-Reply-To: 
 <BN6PR11MB1393421389F91E0633D430BBEA6D0@BN6PR11MB1393.namprd11.prod.outlook.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
msip_labels: 
 MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-07-02T07:14:40.0980358Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Privileged
authentication-results: edk2.groups.io; dkim=none (message not signed)
 header.d=none;edk2.groups.io; dmarc=none action=none
 header.from=microsoft.com;
x-originating-ip: [174.21.80.75]
x-ms-publictraffictype: Email
x-ms-office365-filtering-ht: Tenant
x-ms-office365-filtering-correlation-id: d3045e6c-1353-4a72-f890-08d81e57cd97
x-ms-traffictypediagnostic: CY4PR21MB0773:
x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr
x-microsoft-antispam-prvs: 
 <CY4PR21MB0773A039C0EB16E6D2D71C03EF6D0@CY4PR21MB0773.namprd21.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: 
 IAcVT9f++0c/2Pt8mjgRk21H65fPYsKnoz0qC/FihzPI1ttCcd1IpfG99sHOrMkcUO2HHykqognl4x4GP1iY6fWff8k3CLY4fQbEU/YBQiWze8stGBadXA7XTsPcPHGhmygE7Wh8HtbK4CqTOpiDM03sM1c09FJExwPCazSwMuQF2OLt6vAkByptDBS/cfmkTWcOSpxno73OqlONl/6v8rwVRBNVQgyZ5xyERD1rid623PQ5xCVgv0dfWG0M+kg1v7MwKfVajv06+1oMlG8yY0Yt0AZ7dj7xEDJ1/zDPJVpAG0IxVlZyh29C+ofp/QKWRHDuUfr1DEID7su8+itthi1ERYMhPAyxOe8r9lDUMT/iNbGLvXptiJyzZ06hNAQal5XTCLrjkh07djY0fxpW7VQZOqU69KKItxzfHWaffmYlNt/YEkFkNopgWtMK51ip
x-forefront-antispam-report: 
 CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR21MB0743.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(366004)(136003)(376002)(39860400002)(346002)(396003)(8676002)(2906002)(4326008)(66476007)(64756008)(66946007)(966005)(10290500003)(33656002)(110136005)(316002)(66556008)(76116006)(478600001)(54906003)(66446008)(52536014)(19627235002)(8990500004)(8936002)(9686003)(30864003)(5660300002)(83380400001)(55016002)(166002)(82950400001)(82960400001)(86362001)(26005)(71200400001)(186003)(6506007)(53546011)(7696005)(559001)(569008);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata: 
 6/HfAaEcrSguTstrRYu3O6lTOi6Y31axSK6NKXL4s+ZhJhe2L4Nj9qG5DWRImcEoG/GxTe1olMa+O4Z8aRpn44tX0aSHw8a6+cFrAqx4ftRlTPY33On36Enu2TqkDeBDf9wNwai6nVdpmFYUHWQiJe3cJJpOO1Y6ZiXojGi7aI5T0sxx8/MTDj0uSANiDEBFDfHz2iO1C2e4uke6P/yM3X62iDTSjbN4Tmf2gD2FyhkTLF8YODM28PG3H9mKIrCVA0D7dVCacUnpvu1mPosv71Ia9QNYh68KN4XekbGaYJbbAyDMWuaWBYoVfFYUzu2mGrgSVeStpHkMqtqS+tFpJwt5voWis2MY2/CEKv01iRJfUkmcTPcMHUImQf0gHEC5M3p267tvjtVqFotxq+29E/CKKOmp/HpMNX6D65ChQZmL9YmAcm/se0nYssPaEwQM1tu8kDDsPrmIl8mkd/K4vZMqBAamJdHRE8sV2jW4YXA=
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: microsoft.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CY4PR21MB0743.namprd21.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d3045e6c-1353-4a72-f890-08d81e57cd97
X-MS-Exchange-CrossTenant-originalarrivaltime: 02 Jul 2020 07:16:13.1562
 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: TUmFFBpwlvCbEVUC4Fkv+t93pOkJYOu3czRmUPge2QRTWWsbYChy14b8NI2mIHP+DkMKBrXJNE/f7Dq5HqWfjQ==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR21MB0773
Content-Language: en-US
Content-Type: multipart/alternative;
	boundary="_000_CY4PR21MB074399EFFD54FE103EF7B5B8EF6D0CY4PR21MB0743namp_"

--_000_CY4PR21MB074399EFFD54FE103EF7B5B8EF6D0CY4PR21MB0743namp_
Content-Type: text/plain; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

  1.  Done
  2.  Done
  3.  BestResult can=92t be anything but NULL if MatchPriority isn=92t ini=
tialized, so the second half of this will never be evaluated, but I see you=
r point. I=92ve added a default initialization for the variable.
  4.  Done

Thanks!

- Bret

From: Dandan Bi via groups.io<mailto:dandan.bi=3Dintel.com@groups.io>
Sent: Wednesday, July 1, 2020 7:13 PM
To: devel@edk2.groups.io<mailto:devel@edk2.groups.io>; bret@corthon.com<ma=
ilto:bret@corthon.com>
Cc: Wang, Jian J<mailto:jian.j.wang@intel.com>; Wu, Hao A<mailto:hao.a.wu@=
intel.com>; liming.gao<mailto:liming.gao@intel.com>
Subject: [EXTERNAL] Re: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define=
 the VariablePolicyLib

4 comments inline, please check.

Thanks,
Dandan
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Bret
> Barkelew
> Sent: Tuesday, June 23, 2020 2:41 PM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang@intel.com>; Wu, Hao A <hao.a.wu@intel.com>=
;
> Gao, Liming <liming.gao@intel.com>
> Subject: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define the
> VariablePolicyLib
>
> https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugz=
illa.tianocore.org%2Fshow_bug.cgi%3Fid%3D2522&amp;data=3D02%7C01%7Cbret.bar=
kelew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141af=
91ab2d7cd011db47%7C1%7C0%7C637292528218882209&amp;sdata=3Dcw75EiZAUXPo9iwbb=
kXrZwoLpuv1F7rHZIiDDHSToDA%3D&amp;reserved=3D0
>
> VariablePolicy is an updated interface to
> replace VarLock and VarCheckProtocol.
>
> Add the VariablePolicyLib library that implements
> the portable business logic for the VariablePolicy
> engine.
>
> Also add host-based CI test cases for the lib.
>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Bret Barkelew <brbarkel@microsoft.com>
> Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
> ---
>  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c
> |   46 +
>
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntimeDx
> e.c               |   85 +
>  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c
> |  816 +++++++
>
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePo
> licyUnitTest.c   | 2436 ++++++++++++++++++++
>  MdeModulePkg/Include/Library/VariablePolicyLib.h                       =
                  |
> 207 ++
>  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> |   44 +
>  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni
> |   12 +
>  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
> |   51 +
>
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePo
> licyUnitTest.inf |   40 +
>  MdeModulePkg/MdeModulePkg.dec                                          =
                  |    3 +
>  MdeModulePkg/MdeModulePkg.dsc                                          =
                  |    5 +
>  MdeModulePkg/Test/MdeModulePkgHostTest.dsc                             =
                  |
> 11 +
>  12 files changed, 3756 insertions(+)
>
> diff --git
> a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c
> new file mode 100644
> index 000000000000..ad2ee0b2fb8f
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.c
> @@ -0,0 +1,46 @@
> +/** @file -- VariablePolicyExtraInitNull.c
>
> +This file contains extra init and deinit routines that don't do anythin=
g
>
> +extra.
>
> +
>
> +Copyright (c) Microsoft Corporation.
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <Library/UefiRuntimeServicesTableLib.h>
>
> +
>
> +
>
> +/**
>
> +  An extra init hook that enables the RuntimeDxe library instance to
>
> +  register VirtualAddress change callbacks. Among other things.
>
> +
>
> +  @retval     EFI_SUCCESS   Everything is good. Continue with init.
>
> +  @retval     Others        Uh... don't continue.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +VariablePolicyExtraInit (
>
> +  VOID
>
> +  )
>
> +{
>
> +  // NULL implementation.
>
> +  return EFI_SUCCESS;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  An extra deinit hook that enables the RuntimeDxe library instance to
>
> +  register VirtualAddress change callbacks. Among other things.
>
> +
>
> +  @retval     EFI_SUCCESS   Everything is good. Continue with deinit.
>
> +  @retval     Others        Uh... don't continue.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +VariablePolicyExtraDeinit (
>
> +  VOID
>
> +  )
>
> +{
>
> +  // NULL implementation.
>
> +  return EFI_SUCCESS;
>
> +}
>
> diff --git
> a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntimeD
> xe.c
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntime
> Dxe.c
> new file mode 100644
> index 000000000000..3ca87048b14b
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntime
> Dxe.c
> @@ -0,0 +1,85 @@
> +/** @file -- VariablePolicyExtraInitRuntimeDxe.c
>
> +This file contains extra init and deinit routines that register and unr=
egister
>
> +VariableAddressChange callbacks.
>
> +
>
> +Copyright (c) Microsoft Corporation.
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <Library/UefiBootServicesTableLib.h>
>
> +#include <Library/UefiRuntimeServicesTableLib.h>
>
> +
>
> +extern EFI_GET_VARIABLE   mGetVariableHelper;
>
> +extern UINT8              *mPolicyTable;
>
> +STATIC BOOLEAN            mIsVirtualAddrConverted;
>
> +STATIC EFI_EVENT          mVariablePolicyLibVirtualAddressChangeEvent  =
=
=3D
> NULL;
>
> +
>
> +/**
>
> +  For the RuntimeDxe version of this lib, convert internal pointer addr=
esses
> to virtual addresses.
>
> +
>
> +  @param[in] Event      Event whose notification function is being invo=
ked.
>
> +  @param[in] Context    The pointer to the notification function's cont=
ext,
> which
>
> +                        is implementation-dependent.
>
> +**/
>
> +STATIC
>
> +VOID
>
> +EFIAPI
>
> +VariablePolicyLibVirtualAddressCallback (
>
> +  IN  EFI_EVENT   Event,
>
> +  IN  VOID        *Context
>
> +  )
>
> +{
>
> +  gRT->ConvertPointer (0, (VOID **)&mPolicyTable);
>
> +  gRT->ConvertPointer (0, (VOID **)&mGetVariableHelper);
>
> +  mIsVirtualAddrConverted =3D TRUE;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  An extra init hook that enables the RuntimeDxe library instance to
>
> +  register VirtualAddress change callbacks. Among other things.
>
> +
>
> +  @retval     EFI_SUCCESS   Everything is good. Continue with init.
>
> +  @retval     Others        Uh... don't continue.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +VariablePolicyExtraInit (
>
> +  VOID
>
> +  )
>
> +{
>
> +  return gBS->CreateEventEx (EVT_NOTIFY_SIGNAL,
>
> +                              TPL_NOTIFY,
>
> +                              VariablePolicyLibVirtualAddressCallback,
>
> +                              NULL,
>
> +                              &gEfiEventVirtualAddressChangeGuid,
>
> +                              &mVariablePolicyLibVirtualAddressChangeEv=
ent);
>
> +}
>
> +
>
> +
>
> +/**
>
> +  An extra deinit hook that enables the RuntimeDxe library instance to
>
> +  register VirtualAddress change callbacks. Among other things.
>
> +
>
> +  @retval     EFI_SUCCESS   Everything is good. Continue with deinit.
>
> +  @retval     Others        Uh... don't continue.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +VariablePolicyExtraDeinit (
>
> +  VOID
>
> +  )
>
> +{
>
> +  EFI_STATUS  Status;
>
> +
>
> +  Status =3D EFI_SUCCESS;
>
> +  if (mIsVirtualAddrConverted) {
>
> +    Status =3D gBS->CloseEvent
> (mVariablePolicyLibVirtualAddressChangeEvent);
>
> +  }
>
> +  else {
>
> +    Status =3D EFI_SUCCESS;
>
> +  }
>
> +
>
> +  return Status;
>
> +}
>
> diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c
> new file mode 100644
> index 000000000000..84c794adaed9
> --- /dev/null
> +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c
> @@ -0,0 +1,816 @@
> +/** @file -- VariablePolicyLib.c
>
> +Business logic for Variable Policy enforcement.
>
> +
>
> +Copyright (c) Microsoft Corporation.
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <Uefi.h>
>
> +
>
> +#include <Library/SafeIntLib.h>
>
> +#include <Library/MemoryAllocationLib.h>
>
> +#include <Library/BaseMemoryLib.h>
>
> +#include <Library/DebugLib.h>
>
> +#include <Library/PcdLib.h>
>
> +
>
> +#include <Protocol/VariablePolicy.h>
>
> +#include <Library/VariablePolicyLib.h>
>
> +
>
> +
>
> +// IMPORTANT NOTE: This library is currently rife with multiple return
> statements
>
> +//                 for error handling. A refactor should remove these a=
t some point.
>
> +
>
> +//
>
> +// This library was designed with advanced unit-test features.
>
> +// This define handles the configuration.
>
> +#ifdef INTERNAL_UNIT_TEST
>
> +#undef STATIC
>
> +#define STATIC    // Nothing...
>
> +#endif
>
> +
>
> +// An abstracted GetVariable interface that enables configuration
> regardless of the environment.
>
> +EFI_GET_VARIABLE            mGetVariableHelper =3D NULL;
>
> +
>
> +// Master switch to lock this entire interface. Does not stop enforceme=
nt,
>
> +// just prevents the configuration from being changed for the rest of t=
he
> boot.
>
> +STATIC  BOOLEAN             mInterfaceLocked =3D FALSE;
>
> +
>
> +// Master switch to disable the entire interface for a single boot.
>
> +// This will disable all policy enforcement for the duration of the boo=
t.
>
> +STATIC  BOOLEAN             mProtectionDisabled =3D FALSE;
>
> +
>
> +// Table to hold all the current policies.
>
> +UINT8                       *mPolicyTable =3D NULL;
>
> +STATIC  UINT32              mCurrentTableSize =3D 0;
>
> +STATIC  UINT32              mCurrentTableUsage =3D 0;
>
> +STATIC  UINT32              mCurrentTableCount =3D 0;
>
> +
>
> +#define POLICY_TABLE_STEP_SIZE        0x1000
>
> +
>
> +// NOTE: DO NOT USE THESE MACROS on any structure that has not been
> validated.
>
> +//       Current table data has already been sanitized.
>
> +#define GET_NEXT_POLICY(CurPolicy)
> (VARIABLE_POLICY_ENTRY*)((UINT8*)CurPolicy + CurPolicy->Size)
>
> +#define GET_POLICY_NAME(CurPolicy)    (CHAR16*)((UINTN)CurPolicy +
> CurPolicy->OffsetToName)
>
> +
>
> +#define MATCH_PRIORITY_EXACT    0
>
> +#define MATCH_PRIORITY_MAX      MATCH_PRIORITY_EXACT
>
> +#define MATCH_PRIORITY_MIN      MAX_UINT8
>
> +
>
> +// ExtraInit/ExtraDeinit functions allow RuntimeDxe to register
> VirtualAddress callbacks.
>
> +EFI_STATUS
>
> +VariablePolicyExtraInit (
>
> +  VOID
>
> +  );
>
> +
>
> +EFI_STATUS
>
> +VariablePolicyExtraDeinit (
>
> +  VOID
>
> +  );

1. [Dandan]: Please also add comments for above two functions.
Please also pay attention to the coding style issue in other files.

>
> +
>
> +
>
> +/**
>
> +  This helper function determines whether the structure of an incoming
> policy
>
> +  is valid and internally consistent.
>
> +
>
> +  @param[in]  NewPolicy     Pointer to the incoming policy structure.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE   Pointer is NULL, size is wrong, strings are empty=
, or
>
> +                      substructures overlap.
>
> +
>
> +**/
>
> +STATIC
>
> +BOOLEAN
>
> +IsValidVariablePolicyStructure (
>
> +  IN CONST VARIABLE_POLICY_ENTRY    *NewPolicy
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +  UINTN         EntryEnd;
>
> +  CHAR16        *CheckChar;
>
> +  UINTN         WildcardCount;
>
> +
>
> +  // Sanitize some quick values.
>
> +  if (NewPolicy =3D=3D NULL || NewPolicy->Size =3D=3D 0 ||
>
> +      // Structure size should be at least as long as the minumum struc=
ture and
> a NULL string.
>
> +      NewPolicy->Size < sizeof(VARIABLE_POLICY_ENTRY) ||
>
> +      // Check for the known revision.
>
> +      NewPolicy->Version !=3D VARIABLE_POLICY_ENTRY_REVISION) {
>
> +    return FALSE;
>
> +  }
>
> +
>
> +  // Calculate the theoretical end of the structure and make sure
>
> +  // that the structure can fit in memory.
>
> +  Status =3D SafeUintnAdd( (UINTN)NewPolicy, NewPolicy->Size, &EntryEnd=
 );
>
> +  if (EFI_ERROR( Status )) {
>
> +    return FALSE;
>
> +  }
>
> +
>
> +  // Check for a valid Max Size.
>
> +  if (NewPolicy->MaxSize =3D=3D 0) {
>
> +    return FALSE;
>
> +  }
>
> +
>
> +  // Check for the valid list of lock policies.
>
> +  if (NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_NO_LOCK &&
>
> +      NewPolicy->LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_NOW &&
>
> +      NewPolicy->LockPolicyType !=3D
> VARIABLE_POLICY_TYPE_LOCK_ON_CREATE &&
>
> +      NewPolicy->LockPolicyType !=3D
> VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE)
>
> +  {
>
> +    return FALSE;
>
> +  }
>
> +
>
> +  // If the policy type is VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE,
> make sure that the matching state variable Name
>
> +  // terminates before the OffsetToName for the matching policy variabl=
e
> Name.
>
> +  if (NewPolicy->LockPolicyType =3D=3D
> VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE) {
>
> +    // Adjust CheckChar to the offset of the LockPolicy->Name.
>
> +    Status =3D SafeUintnAdd( (UINTN)NewPolicy +
> sizeof(VARIABLE_POLICY_ENTRY),
>
> +                            sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY),
>
> +                            (UINTN*)&CheckChar );
>
> +    if (EFI_ERROR( Status ) || EntryEnd <=3D (UINTN)CheckChar) {
>
> +      return FALSE;
>
> +    }
>
> +    while (*CheckChar !=3D CHAR_NULL) {
>
> +      if (EntryEnd <=3D (UINTN)CheckChar) {
>
> +        return FALSE;
>
> +      }
>
> +      CheckChar++;
>
> +    }
>
> +    // At this point we should have either exeeded the structure or be
> pointing at the last char in LockPolicy->Name.
>
> +    // We should check to make sure that the policy Name comes
> immediately after this charcter.
>
> +    if ((UINTN)++CheckChar !=3D (UINTN)NewPolicy + NewPolicy-
> >OffsetToName) {
>
> +      return FALSE;
>
> +    }
>
> +  }
>
> +  // If the policy type is any other value, make sure that the LockPoli=
cy
> structure has a zero length.
>
> +  else {
>
> +    if (NewPolicy->OffsetToName !=3D sizeof(VARIABLE_POLICY_ENTRY)) {
>
> +      return FALSE;
>
> +    }
>
> +  }
>
> +
>
> +  // Check to make sure that the name has a terminating character
>
> +  // before the end of the structure.
>
> +  // We've already checked that the name is within the bounds of the
> structure.
>
> +  if (NewPolicy->Size !=3D NewPolicy->OffsetToName) {
>
> +    CheckChar =3D (CHAR16*)((UINTN)NewPolicy + NewPolicy-
> >OffsetToName);
>
> +    WildcardCount =3D 0;
>
> +    while (*CheckChar !=3D CHAR_NULL) {
>
> +      // Make sure there aren't excessive wildcards.
>
> +      if (*CheckChar =3D=3D '#') {
>
> +        WildcardCount++;
>
> +        if (WildcardCount > MATCH_PRIORITY_MIN) {
>
> +          return FALSE;
>
> +        }
>
> +      }
>
> +      // Make sure you're still within the bounds of the policy structu=
re.
>
> +      if (EntryEnd <=3D (UINTN)CheckChar) {
>
> +        return FALSE;
>
> +      }
>
> +      CheckChar++;
>
> +    }
>
> +
>
> +    // Finally, we should be pointed at the very last character in Name=
, so we
> should be right
>
> +    // up against the end of the structure.
>
> +    if ((UINTN)++CheckChar !=3D EntryEnd) {
>
> +      return FALSE;
>
> +    }
>
> +  }
>
> +
>
> +  return TRUE;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This helper function evaluates a policy and determines whether it mat=
ches
> the target
>
> +  variable. If matched, will also return a value corresponding to the p=
riority
> of the match.
>
> +
>
> +  The rules for "best match" are listed in the Variable Policy Spec.
>
> +  Perfect name matches will return 0.
>
> +  Single wildcard characters will return the number of wildcard charact=
ers.
>
> +  Full namespaces will return MAX_UINT8.
>
> +
>
> +  @param[in]  EvalEntry         Pointer to the policy entry being evalu=
ated.
>
> +  @param[in]  VariableName      Same as EFI_SET_VARIABLE.
>
> +  @param[in]  VendorGuid        Same as EFI_SET_VARIABLE.
>
> +  @param[out] MatchPriority     [Optional] On finding a match, this val=
ue
> contains the priority of the match.
>
> +                                Lower number =3D=3D higher priority. On=
ly valid if a match found.
>
> +
>
> +  @retval     TRUE          Current entry matches the target variable.
>
> +  @retval     FALSE         Current entry does not match at all.
>
> +
>
> +**/
>
> +STATIC
>
> +BOOLEAN
>
> +EvaluatePolicyMatch (
>
> +  IN CONST  VARIABLE_POLICY_ENTRY   *EvalEntry,
>
> +  IN CONST  CHAR16                  *VariableName,
>
> +  IN CONST  EFI_GUID                *VendorGuid,
>
> +  OUT       UINT8                   *MatchPriority    OPTIONAL
>
> +  )
>
> +{
>
> +  BOOLEAN     Result;
>
> +  CHAR16      *PolicyName;
>
> +  UINT8       CalculatedPriority;
>
> +  UINTN       Index;
>
> +
>
> +  Result =3D FALSE;
>
> +  CalculatedPriority =3D MATCH_PRIORITY_EXACT;
>
> +
>
> +  // Step 1: If the GUID doesn't match, we're done. No need to evaluate
> anything else.
>
> +  if (!CompareGuid( &EvalEntry->Namespace, VendorGuid )) {
>
> +    goto Exit;
>
> +  }
>
> +
>
> +  // If the GUID matches, check to see whether there is a Name associat=
ed
>
> +  // with the policy. If not, this policy matches the entire namespace.
>
> +  // Missing Name is indicated by size being equal to name.
>
> +  if (EvalEntry->Size =3D=3D EvalEntry->OffsetToName) {
>
> +    CalculatedPriority =3D MATCH_PRIORITY_MIN;
>
> +    Result =3D TRUE;
>
> +    goto Exit;
>
> +  }
>
> +
>
> +  // Now that we know the name exists, get it.
>
> +  PolicyName =3D GET_POLICY_NAME( EvalEntry );
>
> +
>
> +  // Evaluate the name against the policy name and check for a match.
>
> +  // Account for any wildcards.
>
> +  Index =3D 0;
>
> +  Result =3D TRUE;
>
> +  // Keep going until the end of both strings.
>
> +  while (PolicyName[Index] !=3D CHAR_NULL || VariableName[Index] !=3D
> CHAR_NULL) {
>
> +    // If we don't have a match...
>
> +    if (PolicyName[Index] !=3D VariableName[Index] || PolicyName[Index]=
 =3D=3D
> '#') {
>
> +      // If this is a numerical wildcard, we can consider
>
> +      // it a match if we alter the priority.
>
> +      if (PolicyName[Index] =3D=3D L'#' &&
>
> +          (L'0' <=3D VariableName[Index] && VariableName[Index] <=3D L'=
9')) {
>
> +        if (CalculatedPriority < MATCH_PRIORITY_MIN) {
>
> +          CalculatedPriority++;
>
> +        }
>
> +      }
>
> +      // Otherwise, not a match.
>
> +      else {
2. [Dandan]: About the coding style, could we make the" } " and "else {" a=
t the same line? Which is aligned with current edk2 style.
>
> +        Result =3D FALSE;
>
> +        goto Exit;
>
> +      }
>
> +    }
>
> +    Index++;
>
> +  }
>
> +
>
> +Exit:
>
> +  if (Result && MatchPriority !=3D NULL) {
>
> +    *MatchPriority =3D CalculatedPriority;
>
> +  }
>
> +  return Result;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This helper function walks the current policy table and returns a poi=
nter
>
> +  to the best match, if any are found. Leverages EvaluatePolicyMatch() =
to
>
> +  determine "best".
>
> +
>
> +  @param[in]  VariableName       Same as EFI_SET_VARIABLE.
>
> +  @param[in]  VendorGuid         Same as EFI_SET_VARIABLE.
>
> +  @param[out] ReturnPriority     [Optional] If pointer is provided, ret=
urn the
>
> +                                 priority of the match. Same as Evaluat=
ePolicyMatch().
>
> +                                 Only valid if a match is returned.
>
> +
>
> +  @retval     VARIABLE_POLICY_ENTRY*    Best match that was found.
>
> +  @retval     NULL                      No match was found.
>
> +
>
> +**/
>
> +STATIC
>
> +VARIABLE_POLICY_ENTRY*
>
> +GetBestPolicyMatch (
>
> +  IN CONST  CHAR16            *VariableName,
>
> +  IN CONST  EFI_GUID          *VendorGuid,
>
> +  OUT       UINT8             *ReturnPriority  OPTIONAL
>
> +  )
>
> +{
>
> +  VARIABLE_POLICY_ENTRY   *BestResult;
>
> +  VARIABLE_POLICY_ENTRY   *CurrentEntry;
>
> +  UINT8                   MatchPriority;
>
> +  UINT8                   CurrentPriority;
>
> +  UINTN                   Index;
>
> +
>
> +  BestResult =3D NULL;
>
> +
>
> +  // Walk all entries in the table, looking for matches.
>
> +  CurrentEntry =3D (VARIABLE_POLICY_ENTRY*)mPolicyTable;
>
> +  for (Index =3D 0; Index < mCurrentTableCount; Index++) {
>
> +    // Check for a match.
>
> +    if (EvaluatePolicyMatch( CurrentEntry, VariableName, VendorGuid,
> &CurrentPriority )) {
>
> +      // If match is better, take it.
>
> +      if (BestResult =3D=3D NULL || CurrentPriority < MatchPriority) {

3. [Dandan]: MatchPriority seems not be initialized but used here.

>
> +        BestResult =3D CurrentEntry;
>
> +        MatchPriority =3D CurrentPriority;
>
> +      }
>
> +
>
> +      // If you've hit the highest-priority match, can exit now.
>
> +      if (MatchPriority =3D=3D 0) {
>
> +        break;
>
> +      }
>
> +    }
>
> +
>
> +    // If we're still in the loop, move to the next entry.
>
> +    CurrentEntry =3D GET_NEXT_POLICY( CurrentEntry );
>
> +  }
>
> +
>
> +  // If a return priority was requested, return it.
>
> +  if (ReturnPriority !=3D NULL) {
>
> +    *ReturnPriority =3D MatchPriority;
>
> +  }
>
> +
>
> +  return BestResult;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function validates and registers a new policy with
>
> +  the policy enforcement engine.
>
> +
>
> +  @param[in]  NewPolicy     Pointer to the incoming policy structure.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_INVALID_PARAMETER   NewPolicy is NULL or is internall=
y
> inconsistent.
>
> +  @retval     EFI_ALREADY_STARTED     An identical matching policy alre=
ady
> exists.
>
> +  @retval     EFI_WRITE_PROTECTED     The interface has been locked unt=
il
> the next reboot.
>
> +  @retval     EFI_UNSUPPORTED         Policy enforcement has been disab=
led.
> No reason to add more policies.
>
> +  @retval     EFI_ABORTED             A calculation error has prevented=
 this
> function from completing.
>
> +  @retval     EFI_OUT_OF_RESOURCES    Cannot grow the table to hold any
> more policies.
>
> +  @retval     EFI_NOT_READY           Library has not yet been initiali=
zed.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +RegisterVariablePolicy (
>
> +  IN CONST VARIABLE_POLICY_ENTRY    *NewPolicy
>
> +  )
>
> +{
>
> +  EFI_STATUS                Status;
>
> +  VARIABLE_POLICY_ENTRY     *MatchPolicy;
>
> +  UINT8                     MatchPriority;
>
> +  UINT32                    NewSize;
>
> +  UINT8                     *NewTable;
>
> +
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return EFI_NOT_READY;
>
> +  }
>
> +  if (mInterfaceLocked) {
>
> +    return EFI_WRITE_PROTECTED;
>
> +  }
>
> +
>
> +  if (!IsValidVariablePolicyStructure( NewPolicy )) {
>
> +    return EFI_INVALID_PARAMETER;
>
> +  }
>
> +
>
> +  // Check to see whether an exact matching policy already exists.
>
> +  MatchPolicy =3D GetBestPolicyMatch( GET_POLICY_NAME( NewPolicy ),
>
> +                                    &NewPolicy->Namespace,
>
> +                                    &MatchPriority );
>
> +  if (MatchPolicy !=3D NULL && MatchPriority =3D=3D MATCH_PRIORITY_EXAC=
T) {
>
> +    return EFI_ALREADY_STARTED;
>
> +  }
>
> +
>
> +  // If none exists, create it.
>
> +  // If we need more space, allocate that now.
>
> +  Status =3D SafeUint32Add( mCurrentTableUsage, NewPolicy->Size,
> &NewSize );
>
> +  if (EFI_ERROR( Status )) {
>
> +    return EFI_ABORTED;
>
> +  }
>
> +  if (NewSize > mCurrentTableSize) {
>
> +    // Use NewSize to calculate the new table size in units of
> POLICY_TABLE_STEP_SIZE.
>
> +    NewSize =3D (NewSize % POLICY_TABLE_STEP_SIZE) > 0 ?
>
> +                (NewSize / POLICY_TABLE_STEP_SIZE) + 1 :
>
> +                (NewSize / POLICY_TABLE_STEP_SIZE);
>
> +    // Calculate the new table size in absolute bytes.
>
> +    Status =3D SafeUint32Mult( NewSize, POLICY_TABLE_STEP_SIZE,
> &NewSize );
>
> +    if (EFI_ERROR( Status )) {
>
> +      return EFI_ABORTED;
>
> +    }
>
> +
>
> +    // Reallocate and copy the table.
>
> +    NewTable =3D AllocatePool( NewSize );
>
> +    if (NewTable =3D=3D NULL) {
>
> +      return EFI_OUT_OF_RESOURCES;
>
> +    }
>
> +    CopyMem( NewTable, mPolicyTable, mCurrentTableUsage );
>
> +    mCurrentTableSize =3D NewSize;
>
> +    if (mPolicyTable !=3D NULL) {
>
> +      FreePool( mPolicyTable );
>
> +    }
>
> +    mPolicyTable =3D NewTable;
>
> +  }
>
> +  // Copy the policy into the table.
>
> +  CopyMem( mPolicyTable + mCurrentTableUsage, NewPolicy, NewPolicy-
> >Size );
>
> +  mCurrentTableUsage +=3D NewPolicy->Size;
>
> +  mCurrentTableCount +=3D 1;
>
> +
>
> +  // We're done here.
>
> +
>
> +  return EFI_SUCCESS;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function checks to see whether the parameters to SetVariable
> would
>
> +  be allowed according to the current variable policies.
>
> +
>
> +  @param[in]  VariableName       Same as EFI_SET_VARIABLE.
>
> +  @param[in]  VendorGuid         Same as EFI_SET_VARIABLE.
>
> +  @param[in]  Attributes         Same as EFI_SET_VARIABLE.
>
> +  @param[in]  DataSize           Same as EFI_SET_VARIABLE.
>
> +  @param[in]  Data               Same as EFI_SET_VARIABLE.
>
> +
>
> +  @retval     EFI_SUCCESS             A matching policy allows this upd=
ate.
>
> +  @retval     EFI_SUCCESS             There are currently no policies t=
hat restrict
> this update.
>
> +  @retval     EFI_SUCCESS             The protections have been disable=
 until the
> next reboot.
>
> +  @retval     EFI_WRITE_PROTECTED     Variable is currently locked.
>
> +  @retval     EFI_INVALID_PARAMETER   Attributes or size are invalid.
>
> +  @retval     EFI_ABORTED             A lock policy exists, but an erro=
r prevented
> evaluation.
>
> +  @retval     EFI_NOT_READY           Library has not been initialized.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +ValidateSetVariable (
>
> +  IN  CHAR16                       *VariableName,
>
> +  IN  EFI_GUID                     *VendorGuid,
>
> +  IN  UINT32                       Attributes,
>
> +  IN  UINTN                        DataSize,
>
> +  IN  VOID                         *Data
>
> +  )
>
> +{
>
> +  BOOLEAN                             IsDel;
>
> +  VARIABLE_POLICY_ENTRY               *ActivePolicy;
>
> +  EFI_STATUS                          Status;
>
> +  EFI_STATUS                          ReturnStatus;
>
> +  VARIABLE_LOCK_ON_VAR_STATE_POLICY   *StateVarPolicy;
>
> +  CHAR16                              *StateVarName;
>
> +  UINTN                               StateVarSize;
>
> +  UINT8                               StateVar;
>
> +
>
> +  ReturnStatus =3D EFI_SUCCESS;
>
> +
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    ReturnStatus =3D EFI_NOT_READY;
>
> +    goto Exit;
>
> +  }
>
> +
>
> +  // Bail if the protections are currently disabled.
>
> +  if (mProtectionDisabled) {
>
> +    ReturnStatus =3D EFI_SUCCESS;
>
> +    goto Exit;
>
> +  }
>
> +
>
> +  // Determine whether this is a delete operation.
>
> +  // If so, it will affect which tests are applied.
>
> +  if ((DataSize =3D=3D 0) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) =
=
=3D=3D 0))
> {
>
> +    IsDel =3D TRUE;
>
> +  }
>
> +  else {
>
> +    IsDel =3D FALSE;
>
> +  }
>
> +
>
> +  // Find an active policy if one exists.
>
> +  ActivePolicy =3D GetBestPolicyMatch( VariableName, VendorGuid, NULL )=
;
>
> +
>
> +  // If we have an active policy, check it against the incoming data.
>
> +  if (ActivePolicy !=3D NULL) {
>
> +    //
>
> +    // Only enforce size and attribute constraints when updating data, =
not
> deleting.
>
> +    if (!IsDel) {
>
> +      // Check for size constraints.
>
> +      if ((ActivePolicy->MinSize > 0 && DataSize < ActivePolicy->MinSiz=
e) ||
>
> +          (ActivePolicy->MaxSize > 0 && DataSize > ActivePolicy->MaxSiz=
e)) {
>
> +        ReturnStatus =3D EFI_INVALID_PARAMETER;
>
> +        DEBUG(( DEBUG_VERBOSE, "%a - Bad Size. 0x%X <> 0x%X-0x%X\n",
> __FUNCTION__,
>
> +                DataSize, ActivePolicy->MinSize, ActivePolicy->MaxSize =
));
>
> +        goto Exit;
>
> +      }
>
> +
>
> +      // Check for attribute constraints.
>
> +      if ((ActivePolicy->AttributesMustHave & Attributes) !=3D ActivePo=
licy-
> >AttributesMustHave ||
>
> +          (ActivePolicy->AttributesCantHave & Attributes) !=3D 0) {
>
> +        ReturnStatus =3D EFI_INVALID_PARAMETER;
>
> +        DEBUG(( DEBUG_VERBOSE, "%a - Bad Attributes. 0x%X <>
> 0x%X:0x%X\n", __FUNCTION__,
>
> +                Attributes, ActivePolicy->AttributesMustHave, ActivePol=
icy-
> >AttributesCantHave ));
>
> +        goto Exit;
>
> +      }
>
> +    }
>
> +
>
> +    //
>
> +    // Lock policy check.
>
> +    //
>
> +    // Check for immediate lock.
>
> +    if (ActivePolicy->LockPolicyType =3D=3D VARIABLE_POLICY_TYPE_LOCK_N=
OW)
> {
>
> +      ReturnStatus =3D EFI_WRITE_PROTECTED;
>
> +      goto Exit;
>
> +    }
>
> +    // Check for lock on create.
>
> +    else if (ActivePolicy->LockPolicyType =3D=3D
> VARIABLE_POLICY_TYPE_LOCK_ON_CREATE) {
>
> +      StateVarSize =3D 0;
>
> +      Status =3D mGetVariableHelper( VariableName,
>
> +                                   VendorGuid,
>
> +                                   NULL,
>
> +                                   &StateVarSize,
>
> +                                   NULL );
>
> +      if (Status =3D=3D EFI_BUFFER_TOO_SMALL) {
>
> +        ReturnStatus =3D EFI_WRITE_PROTECTED;
>
> +        goto Exit;
>
> +      }
>
> +    }
>
> +    // Check for lock on state variable.
>
> +    else if (ActivePolicy->LockPolicyType =3D=3D
> VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE) {
>
> +      StateVarPolicy =3D
> (VARIABLE_LOCK_ON_VAR_STATE_POLICY*)((UINT8*)ActivePolicy +
> sizeof(VARIABLE_POLICY_ENTRY));
>
> +      StateVarName =3D (CHAR16*)((UINT8*)StateVarPolicy +
> sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY));
>
> +      StateVarSize =3D sizeof(StateVar);
>
> +      Status =3D mGetVariableHelper( StateVarName,
>
> +                                   &StateVarPolicy->Namespace,
>
> +                                   NULL,
>
> +                                   &StateVarSize,
>
> +                                   &StateVar );
>
> +
>
> +      // If the variable was found, check the state. If matched, this v=
ariable is
> locked.
>
> +      if (!EFI_ERROR( Status )) {
>
> +        if (StateVar =3D=3D StateVarPolicy->Value) {
>
> +          ReturnStatus =3D EFI_WRITE_PROTECTED;
>
> +          goto Exit;
>
> +        }
>
> +      }
>
> +      // EFI_NOT_FOUND and EFI_BUFFER_TOO_SMALL indicate that the
> state doesn't match.
>
> +      else if (Status !=3D EFI_NOT_FOUND && Status !=3D
> EFI_BUFFER_TOO_SMALL) {
>
> +        // We don't know what happened, but it isn't good.
>
> +        ReturnStatus =3D EFI_ABORTED;
>
> +        goto Exit;
>
> +      }
>
> +    }
>
> +  }
>
> +
>
> +Exit:
>
> +  DEBUG(( DEBUG_VERBOSE, "%a - Variable (%g:%s) returning %r.\n",
> __FUNCTION__, VendorGuid, VariableName, ReturnStatus ));
>
> +  return ReturnStatus;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function disables the variable policy enforcement. If it's
>
> +  already been called once, will return EFI_ALREADY_STARTED.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_ALREADY_STARTED   Has already been called once this b=
oot.
>
> +  @retval     EFI_WRITE_PROTECTED   Interface has been locked until reb=
oot.
>
> +  @retval     EFI_WRITE_PROTECTED   Interface option is disabled by pla=
tform
> PCD.
>
> +  @retval     EFI_NOT_READY         Library has not yet been initialize=
d.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DisableVariablePolicy (
>
> +  VOID
>
> +  )
>
> +{
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return EFI_NOT_READY;
>
> +  }
>
> +  if (mProtectionDisabled) {
>
> +    return EFI_ALREADY_STARTED;
>
> +  }
>
> +  if (mInterfaceLocked) {
>
> +    return EFI_WRITE_PROTECTED;
>
> +  }
>
> +  if (!PcdGetBool (PcdAllowVariablePolicyEnforcementDisable)) {
>
> +    return EFI_WRITE_PROTECTED;
>
> +  }
>
> +  mProtectionDisabled =3D TRUE;
>
> +  return EFI_SUCCESS;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function will dump the entire contents of the variable polic=
y table.
>
> +
>
> +  Similar to GetVariable, the first call can be made with a 0 size and =
it will
> return
>
> +  the size of the buffer required to hold the entire table.
>
> +
>
> +  @param[out]     Policy  Pointer to the policy buffer. Can be NULL if =
Size is 0.
>
> +  @param[in,out]  Size    On input, the size of the output buffer. On o=
utput,
> the size
>
> +                          of the data returned.
>
> +
>
> +  @retval     EFI_SUCCESS             Policy data is in the output buff=
er and Size
> has been updated.
>
> +  @retval     EFI_INVALID_PARAMETER   Size is NULL, or Size is non-zero=
 and
> Policy is NULL.
>
> +  @retval     EFI_BUFFER_TOO_SMALL    Size is insufficient to hold poli=
cy. Size
> updated with required size.
>
> +  @retval     EFI_NOT_READY           Library has not yet been initiali=
zed.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DumpVariablePolicy (
>
> +  OUT     UINT8         *Policy,
>
> +  IN OUT  UINT32        *Size
>
> +  )
>
> +{
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return EFI_NOT_READY;
>
> +  }
>
> +
>
> +  // Check the parameters.
>
> +  if (Size =3D=3D NULL || (*Size > 0 && Policy =3D=3D NULL)) {
>
> +    return EFI_INVALID_PARAMETER;
>
> +  }
>
> +
>
> +  // Make sure the size is sufficient to hold the policy table.
>
> +  if (*Size < mCurrentTableUsage) {
>
> +    *Size =3D mCurrentTableUsage;
>
> +    return EFI_BUFFER_TOO_SMALL;
>
> +  }
>
> +
>
> +  // If we're still here, copy the table and bounce.
>
> +  CopyMem( Policy, mPolicyTable, mCurrentTableUsage );
>
> +  *Size =3D mCurrentTableUsage;
>
> +
>
> +  return EFI_SUCCESS;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function returns whether or not the policy engine is
>
> +  currently being enforced.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +  @retval     FALSE         Library has not yet been initialized.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyEnabled (
>
> +  VOID
>
> +  )
>
> +{
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return FALSE;
>
> +  }
>
> +  return !mProtectionDisabled;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function locks the interface so that no more policy updates
>
> +  can be performed or changes made to the enforcement until the next
> boot.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_NOT_READY   Library has not yet been initialized.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +LockVariablePolicy (
>
> +  VOID
>
> +  )
>
> +{
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return EFI_NOT_READY;
>
> +  }
>
> +  if (mInterfaceLocked) {
>
> +    return EFI_WRITE_PROTECTED;
>
> +  }
>
> +  mInterfaceLocked =3D TRUE;
>
> +  return EFI_SUCCESS;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This API function returns whether or not the policy interface is lock=
ed
>
> +  for the remainder of the boot.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +  @retval     FALSE         Library has not yet been initialized.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyInterfaceLocked (
>
> +  VOID
>
> +  )
>
> +{
>
> +  if (!IsVariablePolicyLibInitialized()) {
>
> +    return FALSE;
>
> +  }
>
> +  return mInterfaceLocked;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This helper function initializes the library and sets
>
> +  up any required internal structures or handlers.
>
> +
>
> +  Also registers the internal pointer for the GetVariable helper.
>
> +
>
> +  @param[in]  GetVariableHelper A function pointer matching the
> EFI_GET_VARIABLE prototype that will be used to
>
> +                  check policy criteria that involve the existence of o=
ther variables.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_ALREADY_STARTED   The initialize function has been ca=
lled
> more than once without a call to
>
> +                                    deinitialize.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +InitVariablePolicyLib (
>
> +  IN  EFI_GET_VARIABLE    GetVariableHelper
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +
>
> +  Status =3D EFI_SUCCESS;
>
> +  if (mGetVariableHelper !=3D NULL) {
>
> +    Status =3D EFI_ALREADY_STARTED;

4. [Dandan]: Could we return directly here?

>
> +  }
>
> +
>
> +  if (!EFI_ERROR( Status )) {
>
> +    Status =3D VariablePolicyExtraInit();
>
> +  }
>
> +
>
> +  if (!EFI_ERROR( Status )) {
>
> +    // Save an internal pointer to the GetVariableHelper.
>
> +    mGetVariableHelper =3D GetVariableHelper;
>
> +
>
> +    // Initialize the global state.
>
> +    mInterfaceLocked =3D FALSE;
>
> +    mProtectionDisabled =3D FALSE;
>
> +    mPolicyTable =3D NULL;
>
> +    mCurrentTableSize =3D 0;
>
> +    mCurrentTableUsage =3D 0;
>
> +    mCurrentTableCount =3D 0;
>
> +  }
>
> +
>
> +  return Status;
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This helper function returns whether or not the library is currently
> initialized.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyLibInitialized (
>
> +  VOID
>
> +  )
>
> +{
>
> +  return (mGetVariableHelper !=3D NULL);
>
> +}
>
> +
>
> +
>
> +/**
>
> +  This helper function tears down  the library.
>
> +
>
> +  Should generally only be used for test harnesses.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_NOT_READY     Deinitialize was called without first c=
alling
> initialize.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DeinitVariablePolicyLib (
>
> +  VOID
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +
>
> +  Status =3D EFI_SUCCESS;
>
> +
>
> +  if (mGetVariableHelper =3D=3D NULL) {
>
> +    Status =3D EFI_NOT_READY;
>
> +  }
>
> +
>
> +  if (!EFI_ERROR( Status )) {
>
> +    Status =3D VariablePolicyExtraDeinit();
>
> +  }
>
> +
>
> +  if (!EFI_ERROR( Status )) {
>
> +    mGetVariableHelper =3D NULL;
>
> +    mInterfaceLocked =3D FALSE;
>
> +    mProtectionDisabled =3D FALSE;
>
> +    mCurrentTableSize =3D 0;
>
> +    mCurrentTableUsage =3D 0;
>
> +    mCurrentTableCount =3D 0;
>
> +
>
> +    if (mPolicyTable !=3D NULL) {
>
> +      FreePool( mPolicyTable );
>
> +      mPolicyTable =3D NULL;
>
> +    }
>
> +  }
>
> +
>
> +  return Status;
>
> +}
>
> diff --git
> a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.c
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.c
> new file mode 100644
> index 000000000000..f133f2f30e36
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.c
> @@ -0,0 +1,2436 @@
> +/** @file -- VariablePolicyUnitTest.c
>
> +UnitTest for...
>
> +Business logic for Variable Policy enforcement.
>
> +
>
> +Copyright (c) Microsoft Corporation.
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <stdio.h>
>
> +#include <string.h>
>
> +#include <stdarg.h>
>
> +#include <stddef.h>
>
> +#include <setjmp.h>
>
> +#include <cmocka.h>
>
> +
>
> +#include <Uefi.h>
>
> +#include <Library/PrintLib.h>
>
> +#include <Library/DebugLib.h>
>
> +#include <Library/UnitTestLib.h>
>
> +#include <Library/BaseMemoryLib.h>
>
> +#include <Library/MemoryAllocationLib.h>
>
> +#include <Library/BaseLib.h>
>
> +
>
> +#include <Guid/VariableFormat.h>
>
> +
>
> +#include <Protocol/VariablePolicy.h>
>
> +#include <Library/VariablePolicyLib.h>
>
> +
>
> +// MU_CHANGE - Turn this off for now. Try to turn it back on with extra
> build options.
>
> +// #ifndef INTERNAL_UNIT_TEST
>
> +// #error Make sure to build thie with INTERNAL_UNIT_TEST enabled!
> Otherwise, some important tests may be skipped!
>
> +// #endif
>
> +
>
> +
>
> +#define UNIT_TEST_NAME        "UEFI Variable Policy UnitTest"
>
> +#define UNIT_TEST_VERSION     "0.5"
>
> +
>
> +///=3D=3D=3D TEST DATA
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +#pragma pack(push, 1)
>
> +typedef struct _SIMPLE_VARIABLE_POLICY_ENTRY {
>
> +  VARIABLE_POLICY_ENTRY     Header;
>
> +  CHAR16                    Name[];
>
> +} SIMPLE_VARIABLE_POLICY_ENTRY;
>
> +#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH  1001
> // 1000 characters + terminator.
>
> +#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE
> (EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH *
> sizeof(CHAR16))
>
> +typedef struct _EXPANDED_VARIABLE_POLICY_ENTRY {
>
> +  VARIABLE_POLICY_ENTRY               Header;
>
> +  VARIABLE_LOCK_ON_VAR_STATE_POLICY   StatePolicy;
>
> +  CHAR16
> StateName[EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH];
>
> +  CHAR16
> Name[EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH];
>
> +} EXPANDED_VARIABLE_POLICY_ENTRY;
>
> +#pragma pack(pop)
>
> +
>
> +// {F955BA2D-4A2C-480C-BFD1-3CC522610592}
>
> +#define TEST_GUID_1 { 0xf955ba2d, 0x4a2c, 0x480c, { 0xbf, 0xd1, 0x3c, 0=
xc5,
> 0x22, 0x61, 0x5, 0x92 } }
>
> +EFI_GUID    mTestGuid1 =3D TEST_GUID_1;
>
> +// {2DEA799E-5E73-43B9-870E-C945CE82AF3A}
>
> +#define TEST_GUID_2 { 0x2dea799e, 0x5e73, 0x43b9, { 0x87, 0xe, 0xc9, 0x=
45,
> 0xce, 0x82, 0xaf, 0x3a } }
>
> +EFI_GUID    mTestGuid2 =3D TEST_GUID_2;
>
> +// {698A2BFD-A616-482D-B88C-7100BD6682A9}
>
> +#define TEST_GUID_3 { 0x698a2bfd, 0xa616, 0x482d, { 0xb8, 0x8c, 0x71, 0=
x0,
> 0xbd, 0x66, 0x82, 0xa9 } }
>
> +EFI_GUID    mTestGuid3 =3D TEST_GUID_3;
>
> +
>
> +#define   TEST_VAR_1_NAME                 L"TestVar1"
>
> +#define   TEST_VAR_2_NAME                 L"TestVar2"
>
> +#define   TEST_VAR_3_NAME                 L"TestVar3"
>
> +
>
> +#define   TEST_POLICY_ATTRIBUTES_NULL     0
>
> +#define   TEST_POLICY_MIN_SIZE_NULL       0
>
> +#define   TEST_POLICY_MAX_SIZE_NULL       MAX_UINT32
>
> +
>
> +#define   TEST_POLICY_MIN_SIZE_10         10
>
> +#define   TEST_POLICY_MAX_SIZE_200        200
>
> +
>
> +#define TEST_300_HASHES_STRING
> L"##################################################"\
>
> +
> "##################################################"\
>
> +
> "##################################################"\
>
> +
> "##################################################"\
>
> +
> "##################################################"\
>
> +
> "##################################################"
>
> +
>
> +
>
> +///=3D=3D=3D HELPER FUNCTIONS
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +/**
>
> +  Helper function to initialize a VARIABLE_POLICY_ENTRY structure with =
a
> Name and StateName.
>
> +
>
> +  Takes care of all the messy packing.
>
> +
>
> +  @param[in,out]  Entry
>
> +  @param[in]      Name        [Optional]
>
> +  @param[in]      StateName   [Optional]
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +
>
> +**/
>
> +STATIC
>
> +BOOLEAN
>
> +InitExpVarPolicyStrings (
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY      *Entry,
>
> +  CHAR16                              *Name,      OPTIONAL
>
> +  CHAR16                              *StateName  OPTIONAL
>
> +  )
>
> +{
>
> +  UINTN     NameSize;
>
> +  UINTN     StateNameSize;
>
> +
>
> +  NameSize =3D Name =3D=3D NULL ? 0 : StrSize( Name );
>
> +  StateNameSize =3D StateName =3D=3D NULL ? 0 : StrSize( StateName );
>
> +
>
> +  if (NameSize > EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE ||
> NameSize > MAX_UINT16 ||
>
> +      StateNameSize >
> EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE || StateNameSize >
> MAX_UINT16) {
>
> +    return FALSE;
>
> +  }
>
> +
>
> +  Entry->Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY);
>
> +  if (StateName !=3D NULL) {
>
> +    Entry->Header.OffsetToName +=3D
> (UINT16)sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) +
> (UINT16)StateNameSize;
>
> +  }
>
> +  Entry->Header.Size =3D Entry->Header.OffsetToName + (UINT16)NameSize;
>
> +
>
> +  CopyMem( (UINT8*)Entry + Entry->Header.OffsetToName, Name,
> NameSize );
>
> +  if (StateName !=3D NULL) {
>
> +    CopyMem( (UINT8*)Entry + sizeof(VARIABLE_POLICY_ENTRY) +
> sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY), StateName,
> StateNameSize );
>
> +  }
>
> +
>
> +  return TRUE;
>
> +}
>
> +
>
> +/**
>
> +  Mocked version of GetVariable, for testing.
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +StubGetVariableNull (
>
> +  IN     CHAR16                      *VariableName,
>
> +  IN     EFI_GUID                    *VendorGuid,
>
> +  OUT    UINT32                      *Attributes,    OPTIONAL
>
> +  IN OUT UINTN                       *DataSize,
>
> +  OUT    VOID                        *Data           OPTIONAL
>
> +  )
>
> +{
>
> +  UINT32      MockedAttr;
>
> +  UINTN       MockedDataSize;
>
> +  VOID        *MockedData;
>
> +  EFI_STATUS  MockedReturn;
>
> +
>
> +  check_expected_ptr( VariableName );
>
> +  check_expected_ptr( VendorGuid );
>
> +  check_expected_ptr( DataSize );
>
> +
>
> +  MockedAttr =3D (UINT32)mock();
>
> +  MockedDataSize =3D (UINTN)mock();
>
> +  MockedData =3D (VOID*)mock();
>
> +  MockedReturn =3D (EFI_STATUS)mock();
>
> +
>
> +  if (Attributes !=3D NULL) {
>
> +    *Attributes =3D MockedAttr;
>
> +  }
>
> +  if (Data !=3D NULL && !EFI_ERROR(MockedReturn)) {
>
> +    CopyMem( Data, MockedData, MockedDataSize );
>
> +  }
>
> +
>
> +  *DataSize =3D MockedDataSize;
>
> +
>
> +  return MockedReturn;
>
> +}
>
> +
>
> +//
>
> +// Anything you think might be helpful that isn't a test itself.
>
> +//
>
> +
>
> +/**
>
> +  This is a common setup function that will ensure the library is alway=
s
> initialized
>
> +  with the stubbed GetVariable.
>
> +
>
> +  Not used by all test cases, but by most.
>
> +**/
>
> +STATIC
>
> +UNIT_TEST_STATUS
>
> +LibInitMocked (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  return EFI_ERROR(InitVariablePolicyLib( StubGetVariableNull )) ?
> UNIT_TEST_ERROR_PREREQUISITE_NOT_MET : UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Common cleanup function to make sure that the library is always de-
> initialized prior
>
> +  to the next test case.
>
> +*/
>
> +STATIC
>
> +VOID
>
> +LibCleanup (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  DeinitVariablePolicyLib();
>
> +}
>
> +
>
> +
>
> +///=3D=3D=3D TEST CASES
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +///=3D=3D=3D=3D=3D ARCHITECTURAL SUITE
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToInitAndDeinitTheLibrary (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +  Status =3D InitVariablePolicyLib( StubGetVariableNull );
>
> +  UT_ASSERT_NOT_EFI_ERROR( Status );
>
> +
>
> +  UT_ASSERT_TRUE( IsVariablePolicyLibInitialized() );
>
> +
>
> +  Status =3D DeinitVariablePolicyLib();
>
> +  UT_ASSERT_NOT_EFI_ERROR( Status );
>
> +
>
> +  UT_ASSERT_FALSE( IsVariablePolicyLibInitialized() );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldNotBeAbleToInitializeTheLibraryTwice (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +  Status =3D InitVariablePolicyLib( StubGetVariableNull );
>
> +  UT_ASSERT_NOT_EFI_ERROR( Status );
>
> +  Status =3D InitVariablePolicyLib( StubGetVariableNull );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( Status ) );
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldFailDeinitWithoutInit (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EFI_STATUS    Status;
>
> +  Status =3D DeinitVariablePolicyLib();
>
> +  UT_ASSERT_TRUE( EFI_ERROR( Status ) );
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ApiCommandsShouldNotRespondIfLibIsUninitialized (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  UINT8     DummyData[8];
>
> +  UINT32    DummyDataSize =3D sizeof(DummyData);
>
> +
>
> +  // This test should not start with an initialized library.
>
> +
>
> +  // Verify that all API commands fail.
>
> +  UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );
>
> +
> UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header )
> ) );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( DumpVariablePolicy( DummyData,
> &DummyDataSize ) ) );
>
> +  UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );
>
> +  UT_ASSERT_FALSE( IsVariablePolicyEnabled() );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                                 &mTestGuid1,
>
> +                                                 VARIABLE_ATTRIBUTE_NV_=
BS,
>
> +                                                 sizeof(DummyData),
>
> +                                                 DummyData ) ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +
>
> +///=3D=3D=3D=3D=3D INTERNAL FUNCTION SUITE
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +#ifdef INTERNAL_UNIT_TEST
>
> +
>
> +BOOLEAN
>
> +EvaluatePolicyMatch (
>
> +  IN CONST  VARIABLE_POLICY_ENTRY   *EvalEntry,
>
> +  IN CONST  CHAR16                  *VariableName,
>
> +  IN CONST  EFI_GUID                *VendorGuid,
>
> +  OUT       UINT8                   *MatchPriority    OPTIONAL
>
> +  );
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +PoliciesShouldMatchByNameAndGuid (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   MatchCheckPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  CHAR16        *CheckVar1Name =3D TEST_VAR_1_NAME;
>
> +  CHAR16        *CheckVar2Name =3D TEST_VAR_2_NAME;
>
> +
>
> +  // Make sure that a different name does not match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar2Name, &mTestGuid1, NULL ) );
>
> +
>
> +  // Make sure that a different GUID does not match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid2, NULL ) );
>
> +
>
> +  // Make sure that the same name and GUID match.
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, NULL ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +WildcardPoliciesShouldMatchDigits (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   MatchCheckPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wildcard#VarName##"),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    L"Wildcard#VarName##"
>
> +  };
>
> +  CHAR16        *CheckVar1Name =3D L"Wildcard1VarName12";
>
> +  CHAR16        *CheckVar2Name =3D L"Wildcard2VarName34";
>
> +  CHAR16        *CheckVarBName =3D L"WildcardBVarName56";
>
> +  CHAR16        *CheckVarHName =3D L"Wildcard#VarName56";
>
> +
>
> +  // Make sure that two different sets of wildcard numbers match.
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, NULL ) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar2Name, &mTestGuid1, NULL ) );
>
> +
>
> +  // Make sure that the non-number charaters don't match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVarBName, &mTestGuid1, NULL ) );
>
> +
>
> +  // Make sure that '#' signs don't match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVarHName, &mTestGuid1, NULL ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +WildcardPoliciesShouldMatchDigitsAdvanced (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   MatchCheckPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_300_HASHES_STRING),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_300_HASHES_STRING
>
> +  };
>
> +  CHAR16        *CheckShorterString =3D
> L"01234567890123456789012345678901234567890123456789";
>
> +  CHAR16        *CheckValidString =3D
> L"01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789";
>
> +  CHAR16        *CheckLongerString =3D
> L"01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789"\
>
> +
> "01234567890123456789012345678901234567890123456789";
>
> +  UINT8         MatchPriority;
>
> +
>
> +  // Make sure that the shorter and the longer do not match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckShorterString, &mTestGuid1, NULL ) );
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckLongerString, &mTestGuid1, NULL ) );
>
> +
>
> +  // Make sure that the valid one matches and has the expected priority=
.
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckValidString, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +WildcardPoliciesShouldMatchNamespaces (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  VARIABLE_POLICY_ENTRY   MatchCheckPolicy =3D {
>
> +    VARIABLE_POLICY_ENTRY_REVISION,
>
> +    sizeof(VARIABLE_POLICY_ENTRY),
>
> +    sizeof(VARIABLE_POLICY_ENTRY),
>
> +    TEST_GUID_1,
>
> +    TEST_POLICY_MIN_SIZE_NULL,
>
> +    TEST_POLICY_MAX_SIZE_NULL,
>
> +    TEST_POLICY_ATTRIBUTES_NULL,
>
> +    TEST_POLICY_ATTRIBUTES_NULL,
>
> +    VARIABLE_POLICY_TYPE_NO_LOCK
>
> +  };
>
> +  CHAR16        *CheckVar1Name =3D L"Wildcard1VarName12";
>
> +  CHAR16        *CheckVar2Name =3D L"Wildcard2VarName34";
>
> +  CHAR16        *CheckVarBName =3D L"WildcardBVarName56";
>
> +  CHAR16        *CheckVarHName =3D L"Wildcard#VarName56";
>
> +
>
> +  // Make sure that all names in the same namespace match.
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy,
> CheckVar1Name, &mTestGuid1, NULL ) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy,
> CheckVar2Name, &mTestGuid1, NULL ) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy,
> CheckVarBName, &mTestGuid1, NULL ) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy,
> CheckVarHName, &mTestGuid1, NULL ) );
>
> +
>
> +  // Make sure that different namespace doesn't match.
>
> +  UT_ASSERT_FALSE( EvaluatePolicyMatch( &MatchCheckPolicy,
> CheckVar1Name, &mTestGuid2, NULL ) );
>
> +
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +MatchPrioritiesShouldFollowRules (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   MatchCheckPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wildcard1VarName12"),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    L"Wildcard1VarName12"
>
> +  };
>
> +  CHAR16        CheckVar1Name[] =3D L"Wildcard1VarName12";
>
> +  CHAR16        MatchVar1Name[] =3D L"Wildcard1VarName12";
>
> +  CHAR16        MatchVar2Name[] =3D L"Wildcard#VarName12";
>
> +  CHAR16        MatchVar3Name[] =3D L"Wildcard#VarName#2";
>
> +  CHAR16        MatchVar4Name[] =3D L"Wildcard#VarName##";
>
> +  UINT8         MatchPriority;
>
> +
>
> +  // Check with a perfect match.
>
> +  CopyMem( &MatchCheckPolicy.Name, MatchVar1Name,
> sizeof(MatchVar1Name) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, 0 );
>
> +
>
> +  // Check with progressively lower priority matches.
>
> +  CopyMem( &MatchCheckPolicy.Name, MatchVar2Name,
> sizeof(MatchVar2Name) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, 1 );
>
> +  CopyMem( &MatchCheckPolicy.Name, MatchVar3Name,
> sizeof(MatchVar3Name) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, 2 );
>
> +  CopyMem( &MatchCheckPolicy.Name, MatchVar4Name,
> sizeof(MatchVar4Name) );
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, 3 );
>
> +
>
> +  // Check against the entire namespace.
>
> +  MatchCheckPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_ENTRY);
>
> +  UT_ASSERT_TRUE( EvaluatePolicyMatch( &MatchCheckPolicy.Header,
> CheckVar1Name, &mTestGuid1, &MatchPriority ) );
>
> +  UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +#endif // INTERNAL_UNIT_TEST
>
> +
>
> +
>
> +///=3D=3D=3D POLICY MANIPULATION SUITE
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldAllowNamespaceWildcards (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    L""
>
> +  };
>
> +
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldAllowStateVarsForNamespaces (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, NULL,
> TEST_VAR_2_NAME ) );
>
> +
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectNullPointers (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( NULL ),
> EFI_INVALID_PARAMETER );
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectBadRevisions (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +  ValidationPolicy.Header.Version =3D MAX_UINT32;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectBadSizes (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +  ValidationPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_ENTRY) - 2;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectBadOffsets (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +  // Check for an offset outside the size bounds.
>
> +  ValidationPolicy.Header.OffsetToName =3D ValidationPolicy.Header.Size=
 + 1;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Check for an offset inside the policy header.
>
> +  ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY=
)
> - 2;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Check for an offset inside the state policy header.
>
> +  ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_POLICY_ENTRY=
)
> + 2;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Check for a ridiculous offset.
>
> +  ValidationPolicy.Header.OffsetToName =3D MAX_UINT16;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectMissingStateStrings (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +  // Remove the state string and copy the Name into it's place.
>
> +  // Also adjust the offset.
>
> +  ValidationPolicy.Header.Size          =3D sizeof(VARIABLE_POLICY_ENTR=
Y) +
> sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) +
> sizeof(TEST_VAR_1_NAME);
>
> +  ValidationPolicy.Header.OffsetToName  =3D sizeof(VARIABLE_POLICY_ENTR=
Y)
> + sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY);
>
> +  CopyMem( (UINT8*)&ValidationPolicy +
> ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,
> sizeof(TEST_VAR_1_NAME) );
>
> +
>
> +  // Make sure that this structure fails.
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectStringsMissingNull (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +  // Removing the NULL from the Name should fail.
>
> +  ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size -
> sizeof(CHAR16);
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Removing the NULL from the State Name is a little trickier.
>
> +  // Copy the Name up one byte.
>
> +  ValidationPolicy.Header.OffsetToName =3D
> ValidationPolicy.Header.OffsetToName - sizeof(CHAR16);
>
> +  CopyMem( (UINT8*)&ValidationPolicy +
> ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,
> sizeof(TEST_VAR_1_NAME) );
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectMalformedStrings (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +  // Bisecting the NULL from the Name should fail.
>
> +  ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size - 1;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Bisecting the NULL from the State Name is a little trickier.
>
> +  // Copy the Name up one byte.
>
> +  ValidationPolicy.Header.OffsetToName =3D
> ValidationPolicy.Header.OffsetToName - 1;
>
> +  CopyMem( (UINT8*)&ValidationPolicy +
> ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,
> sizeof(TEST_VAR_1_NAME) );
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectUnpackedPolicies (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      1,            // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +  // Increase the size and move the Name out a bit.
>
> +  ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size +
> sizeof(CHAR16);
>
> +  ValidationPolicy.Header.OffsetToName =3D
> ValidationPolicy.Header.OffsetToName + sizeof(CHAR16);
>
> +  CopyMem( (UINT8*)&ValidationPolicy +
> ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,
> sizeof(TEST_VAR_1_NAME) );
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Reintialize without the state policy and try the same test.
>
> +  ValidationPolicy.Header.LockPolicyType =3D
> VARIABLE_POLICY_TYPE_NO_LOCK;
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, NULL ) );
>
> +  ValidationPolicy.Header.Size =3D ValidationPolicy.Header.Size +
> sizeof(CHAR16);
>
> +  ValidationPolicy.Header.OffsetToName =3D
> ValidationPolicy.Header.OffsetToName + sizeof(CHAR16);
>
> +  CopyMem( (UINT8*)&ValidationPolicy +
> ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,
> sizeof(TEST_VAR_1_NAME) );
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectInvalidNameCharacters (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  // EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +  //   {
>
> +  //     VARIABLE_POLICY_ENTRY_REVISION,
>
> +  //     0,    // Will be populated by init helper.
>
> +  //     0,    // Will be populated by init helper.
>
> +  //     TEST_GUID_1,
>
> +  //     TEST_POLICY_MIN_SIZE_NULL,
>
> +  //     TEST_POLICY_MAX_SIZE_NULL,
>
> +  //     TEST_POLICY_ATTRIBUTES_NULL,
>
> +  //     TEST_POLICY_ATTRIBUTES_NULL,
>
> +  //     VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +  //   },
>
> +  //   {
>
> +  //     TEST_GUID_2,
>
> +  //     1,            // Value
>
> +  //     0             // Padding
>
> +  //   },
>
> +  //   L"",
>
> +  //   L""
>
> +  // };
>
> +
>
> +  // Currently, there are no known invalid characters.
>
> +  // '#' in LockPolicy->Name are taken as literal.
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectBadPolicyConstraints (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +  // Make sure that invalid MAXes are rejected.
>
> +  ValidationPolicy.Header.MaxSize =3D 0;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectUnknownLockPolicies (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +  ValidationPolicy.Header.LockPolicyType =3D
> VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + 1;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +  ValidationPolicy.Header.LockPolicyType =3D
> VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + 1;
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectPolicesWithTooManyWildcards (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_300_HASHES_STRING),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_300_HASHES_STRING
>
> +  };
>
> +
>
> +  // 300 Hashes is currently larger than the possible maximum match pri=
ority.
>
> +  UT_ASSERT_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Header ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +RegisterShouldRejectDuplicatePolicies (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
> UT_ASSERT_STATUS_EQUAL( RegisterVariablePolicy( &ValidationPolicy.Head
> er ), EFI_ALREADY_STARTED );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +MinAndMaxSizePoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[TEST_POLICY_MAX_SIZE_200+1];
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    TEST_POLICY_MAX_SIZE_200+1,
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // With a policy, make sure that sizes outsize the target range fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    TEST_POLICY_MAX_SIZE_200+1,
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure that sizes outsize the target range fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    TEST_POLICY_MIN_SIZE_10-1,
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure a valid variable is still valid.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    TEST_POLICY_MIN_SIZE_10+1,
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +AttributeMustPoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      VARIABLE_ATTRIBUTE_NV_BS_RT,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    TEST_POLICY_ATTRIBUTES_NULL,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // With a policy, make sure that no attributes fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    TEST_POLICY_ATTRIBUTES_NULL,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure that some -- but not all -- attributes fa=
il.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure that all attributes pass.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS_RT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, make sure that all attributes -- plus some -- pass.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +AttributeCantPoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // With a policy, make sure that forbidden attributes fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +
> EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure that a mixture of attributes -- including=
 the
> forbidden -- fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  // With a policy, make sure that attributes without the forbidden pas=
s.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS_RT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +VariablesShouldBeDeletableRegardlessOfSize (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[TEST_POLICY_MAX_SIZE_200+1];
>
> +
>
> +  // Create a policy enforcing a minimum variable size.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Make sure that a normal set would fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    TEST_POLICY_MIN_SIZE_10-1,
>
> +                                    DummyData );
>
> +  UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_INVALID_PARAMETER );
>
> +
>
> +  // Now make sure that a delete would succeed.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    0,
>
> +                                    NULL );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +LockNowPoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_NOW
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // With a policy, make sure that writes immediately fail.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +LockOnCreatePoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_CREATE
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +  UINTN       ExpectedDataSize;
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Set consistent expectations on what the calls are looking for.
>
> +  expect_memory_count( StubGetVariableNull, VariableName,
> TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME), 2 );
>
> +  expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid1,
> sizeof(mTestGuid1), 2 );
>
> +  ExpectedDataSize =3D 0;
>
> +  expect_memory_count( StubGetVariableNull, DataSize,
> &ExpectedDataSize, sizeof(ExpectedDataSize), 2 );
>
> +
>
> +  // With a policy, make sure that writes still work, since the variabl=
e doesn't
> exist.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_FOUND );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, make sure that a call with an "existing" variable f=
ails.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 10 );                             /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );           /=
/
> Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +LockOnStatePoliciesShouldBeHonored (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      20,           // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +  UINT8       ValidationStateVar;
>
> +  UINTN       ExpectedDataSize;
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Set consistent expectations on what the calls are looking for.
>
> +  expect_memory_count( StubGetVariableNull, VariableName,
> TEST_VAR_2_NAME, sizeof(TEST_VAR_2_NAME), 5 );
>
> +  expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid2,
> sizeof(mTestGuid2), 5 );
>
> +  ExpectedDataSize =3D 1;
>
> +  expect_memory_count( StubGetVariableNull, DataSize,
> &ExpectedDataSize, sizeof(ExpectedDataSize), 5 );
>
> +
>
> +  // With a policy, make sure that writes still work, since the variabl=
e doesn't
> exist.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_FOUND );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, make sure that a state variable that's too large do=
esn't lock
> the variable.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 10 );                             /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );           /=
/
> Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, check a state variable with the wrong value.
>
> +  ValidationStateVar =3D 0;
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, sizeof(ValidationStateVar) );     /=
/ Size
>
> +  will_return( StubGetVariableNull, &ValidationStateVar );            /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_SUCCESS );                    /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, check a state variable with another wrong value.
>
> +  ValidationStateVar =3D 10;
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, sizeof(ValidationStateVar) );     /=
/ Size
>
> +  will_return( StubGetVariableNull, &ValidationStateVar );            /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_SUCCESS );                    /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, make sure that a call with a correct state variable=
 fails.
>
> +  ValidationStateVar =3D 20;
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, sizeof(ValidationStateVar) );     /=
/ Size
>
> +  will_return( StubGetVariableNull, &ValidationStateVar );            /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_SUCCESS );                    /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +LockOnStatePoliciesShouldApplyToNamespaces (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      20,           // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +  UINT8       ValidationStateVar;
>
> +  UINTN       ExpectedDataSize;
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy, NULL,
> TEST_VAR_2_NAME ) );
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Set consistent expectations on what the calls are looking for.
>
> +  expect_memory_count( StubGetVariableNull, VariableName,
> TEST_VAR_2_NAME, sizeof(TEST_VAR_2_NAME), 4 );
>
> +  expect_memory_count( StubGetVariableNull, VendorGuid, &mTestGuid2,
> sizeof(mTestGuid2), 4 );
>
> +  ExpectedDataSize =3D 1;
>
> +  expect_memory_count( StubGetVariableNull, DataSize,
> &ExpectedDataSize, sizeof(ExpectedDataSize), 4 );
>
> +
>
> +  // With a policy, make sure that writes still work, since the variabl=
e doesn't
> exist.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_FOUND );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_FOUND );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // With a policy, make sure that a call with a correct state variable=
 fails.
>
> +  ValidationStateVar =3D 20;
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, sizeof(ValidationStateVar) );     /=
/ Size
>
> +  will_return( StubGetVariableNull, &ValidationStateVar );            /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_SUCCESS );                    /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, sizeof(ValidationStateVar) );     /=
/ Size
>
> +  will_return( StubGetVariableNull, &ValidationStateVar );            /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_SUCCESS );                    /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +LockOnStateShouldHandleErrorsGracefully (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  EXPANDED_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      0,    // Will be populated by init helper.
>
> +      0,    // Will be populated by init helper.
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE
>
> +    },
>
> +    {
>
> +      TEST_GUID_2,
>
> +      20,           // Value
>
> +      0             // Padding
>
> +    },
>
> +    L"",
>
> +    L""
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[12];
>
> +  UT_ASSERT_TRUE( InitExpVarPolicyStrings( &ValidationPolicy,
> TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );
>
> +
>
> +
>
> +  // Without a policy, there should be no constraints on variable creat=
ion.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Set a policy to test against.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Configure the stub to not care about parameters. We're testing err=
ors.
>
> +  expect_any_always( StubGetVariableNull, VariableName );
>
> +  expect_any_always( StubGetVariableNull, VendorGuid );
>
> +  expect_any_always( StubGetVariableNull, DataSize );
>
> +
>
> +  // With a policy, make sure that writes still work, since the variabl=
e doesn't
> exist.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_FOUND );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Verify that state variables that are the wrong size won't lock the=
 variable.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );           /=
/
> Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Verify that unexpected errors default to locked.
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_UNSUPPORTED );                /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_NULL );    /=
/
> Attributes
>
> +  will_return( StubGetVariableNull, 0 );                              /=
/ Size
>
> +  will_return( StubGetVariableNull, NULL );                           /=
/ DataPtr
>
> +  will_return( StubGetVariableNull, EFI_NOT_READY );                  /=
/ Status
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +BestMatchPriorityShouldBeObeyed (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   ValidationPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(L"Wild12Card34Placeholder"=
),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    L"Wild12Card34Placeholder"
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[70];
>
> +  CHAR16      *PolicyName =3D (CHAR16*)((UINT8*)&ValidationPolicy +
> sizeof(VARIABLE_POLICY_ENTRY));
>
> +  UINTN       PolicyNameSize =3D sizeof(L"Wild12Card34Placeholder");
>
> +  CHAR16      *FourWildcards =3D L"Wild##Card##Placeholder";
>
> +  CHAR16      *ThreeWildcards =3D L"Wild##Card#4Placeholder";
>
> +  CHAR16      *TwoWildcards =3D L"Wild##Card34Placeholder";
>
> +  CHAR16      *OneWildcard =3D L"Wild#2Card34Placeholder";
>
> +  CHAR16      *NoWildcards =3D L"Wild12Card34Placeholder";
>
> +
>
> +  // Create all of the policies from least restrictive to most restrict=
ive.
>
> +  // NoWildcards should be the most restrictive.
>
> +  ValidationPolicy.Header.MaxSize =3D 60;
>
> +  ValidationPolicy.Header.Size =3D ValidationPolicy.Header.OffsetToName=
;
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +  ValidationPolicy.Header.Size +=3D (UINT16)PolicyNameSize;
>
> +  ValidationPolicy.Header.MaxSize =3D 50;
>
> +  CopyMem( PolicyName, FourWildcards, PolicyNameSize );
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +  ValidationPolicy.Header.MaxSize =3D 40;
>
> +  CopyMem( PolicyName, ThreeWildcards, PolicyNameSize );
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +  ValidationPolicy.Header.MaxSize =3D 30;
>
> +  CopyMem( PolicyName, TwoWildcards, PolicyNameSize );
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +  ValidationPolicy.Header.MaxSize =3D 20;
>
> +  CopyMem( PolicyName, OneWildcard, PolicyNameSize );
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +  ValidationPolicy.Header.MaxSize =3D 10;
>
> +  CopyMem( PolicyName, NoWildcards, PolicyNameSize );
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &ValidationPolicy.Hea
> der ) );
>
> +
>
> +  // Verify that variables only matching the namespace have the most
> flexible policy.
>
> +  PolicyCheck =3D ValidateSetVariable( L"ArbitraryName",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     65,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"ArbitraryName",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     55,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  // Verify that variables matching increasing characters get increasin=
g policy
> restrictions.
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card77Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     55,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card77Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     45,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card74Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     45,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card74Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     35,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     35,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild77Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     25,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild72Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     25,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild72Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     15,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild12Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     15,
>
> +                                     DummyData );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );
>
> +  PolicyCheck =3D ValidateSetVariable( L"Wild12Card34Placeholder",
>
> +                                     &mTestGuid1,
>
> +                                     VARIABLE_ATTRIBUTE_BS_RT_AT,
>
> +                                     5,
>
> +                                     DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +
>
> +///=3D=3D=3D POLICY UTILITY SUITE
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToLockInterface (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_NULL,
>
> +      TEST_POLICY_MAX_SIZE_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +
>
> +  // Make sure it's not already locked.
>
> +  UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );
>
> +  // Lock it.
>
> +  UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() );
>
> +  // Verify that it's locked.
>
> +  UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() );
>
> +
>
> +  // Verify that all state-changing commands fail.
>
> +  UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) );
>
> +  UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );
>
> +
> UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header )
> ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToDisablePolicyEnforcement (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT8       DummyData[TEST_POLICY_MIN_SIZE_10-1];
>
> +
>
> +  // Make sure that the policy enforcement is currently enabled.
>
> +  UT_ASSERT_TRUE( IsVariablePolicyEnabled() );
>
> +  // Add a policy before it's disabled.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) );
>
> +  // Disable the policy enforcement.
>
> +  UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );
>
> +  // Make sure that the policy enforcement is currently disabled.
>
> +  UT_ASSERT_FALSE( IsVariablePolicyEnabled() );
>
> +
>
> +  // Check to make sure that a policy violation still passes.
>
> +  PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,
>
> +                                    &mTestGuid1,
>
> +                                    VARIABLE_ATTRIBUTE_NV_BS,
>
> +                                    sizeof(DummyData),
>
> +                                    DummyData );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldNotBeAbleToDisablePoliciesTwice (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  // Make sure that the policy enforcement is currently enabled.
>
> +  UT_ASSERT_TRUE( IsVariablePolicyEnabled() );
>
> +  // Disable the policy enforcement.
>
> +  UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );
>
> +  // Make sure that the policy enforcement is currently disabled.
>
> +  UT_ASSERT_FALSE( IsVariablePolicyEnabled() );
>
> +  // Try to disable again and verify failure.
>
> +  UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToAddNewPoliciesAfterDisabled (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +
>
> +  // Make sure that the policy enforcement is currently enabled.
>
> +  UT_ASSERT_TRUE( IsVariablePolicyEnabled() );
>
> +  // Disable the policy enforcement.
>
> +  UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );
>
> +
>
> +  // Make sure that new policy creation still works, it just won't be e=
nforced.
>
> +  PolicyCheck =3D RegisterVariablePolicy( &TestPolicy.Header );
>
> +  UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToLockAfterDisabled (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  // Make sure that the policy enforcement is currently enabled.
>
> +  UT_ASSERT_TRUE( IsVariablePolicyEnabled() );
>
> +  // Disable the policy enforcement.
>
> +  UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );
>
> +
>
> +  // Make sure that we can lock in this state.
>
> +  UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );
>
> +  UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() );
>
> +  UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToDumpThePolicyTable (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT32      DumpSize;
>
> +  UINT32      BufferSize;
>
> +  VOID        *DumpBuffer;
>
> +
>
> +  // For good measure, test some parameter validation.
>
> +  UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, NULL ),
> EFI_INVALID_PARAMETER );
>
> +  DumpSize =3D 10;
>
> +  UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, &DumpSize ),
> EFI_INVALID_PARAMETER );
>
> +
>
> +  // Now for the actual test case.
>
> +
>
> +  // Allocate a buffer to hold the output.
>
> +  BufferSize =3D sizeof(VARIABLE_POLICY_ENTRY) +
> sizeof(TEST_VAR_1_NAME);
>
> +  DumpBuffer =3D AllocatePool( BufferSize );
>
> +  UT_ASSERT_NOT_EQUAL( DumpBuffer, NULL );
>
> +
>
> +  // Verify that the current table size is 0.
>
> +  DumpSize =3D BufferSize;
>
> +  UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,
> &DumpSize ) );
>
> +  UT_ASSERT_EQUAL( DumpSize, 0 );
>
> +
>
> +  // Now, set a new policy.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) );
>
> +
>
> +  // Make sure that the new return is non-zero and fails as expected.
>
> +  DumpSize =3D 0;
>
> +  PolicyCheck =3D DumpVariablePolicy( NULL, &DumpSize );
>
> +  UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL );
>
> +  UT_ASSERT_EQUAL( DumpSize, BufferSize );
>
> +
>
> +  // Now verify that we can fetch the dump.
>
> +  DumpSize =3D BufferSize;
>
> +  UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,
> &DumpSize ) );
>
> +  UT_ASSERT_EQUAL( DumpSize, BufferSize );
>
> +  UT_ASSERT_MEM_EQUAL( &TestPolicy, DumpBuffer, BufferSize );
>
> +
>
> +  // Always put away your toys.
>
> +  FreePool( DumpBuffer );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +/**
>
> +  Test Case
>
> +*/
>
> +UNIT_TEST_STATUS
>
> +EFIAPI
>
> +ShouldBeAbleToDumpThePolicyTableAfterDisabled (
>
> +  IN UNIT_TEST_CONTEXT      Context
>
> +  )
>
> +{
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_1_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_1,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_1_NAME
>
> +  };
>
> +  SIMPLE_VARIABLE_POLICY_ENTRY   TestPolicy2 =3D {
>
> +    {
>
> +      VARIABLE_POLICY_ENTRY_REVISION,
>
> +      sizeof(VARIABLE_POLICY_ENTRY) + sizeof(TEST_VAR_2_NAME),
>
> +      sizeof(VARIABLE_POLICY_ENTRY),
>
> +      TEST_GUID_2,
>
> +      TEST_POLICY_MIN_SIZE_10,
>
> +      TEST_POLICY_MAX_SIZE_200,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      TEST_POLICY_ATTRIBUTES_NULL,
>
> +      VARIABLE_POLICY_TYPE_NO_LOCK
>
> +    },
>
> +    TEST_VAR_2_NAME
>
> +  };
>
> +  EFI_STATUS  PolicyCheck;
>
> +  UINT32      DumpSize;
>
> +  VOID        *DumpBuffer;
>
> +
>
> +  DumpBuffer =3D NULL;
>
> +  DumpSize =3D 0;
>
> +
>
> +  // Register a new policy.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy.Header ) );
>
> +  // Make sure that we can dump the policy.
>
> +  PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &DumpSize );
>
> +  UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL );
>
> +  DumpBuffer =3D AllocatePool( DumpSize );
>
> +  UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,
> &DumpSize ) );
>
> +  UT_ASSERT_MEM_EQUAL( DumpBuffer, &TestPolicy, DumpSize );
>
> +
>
> +  // Clean up from this step.
>
> +  FreePool( DumpBuffer );
>
> +  DumpBuffer =3D NULL;
>
> +  DumpSize =3D 0;
>
> +
>
> +  // Now disable the engine.
>
> +  DisableVariablePolicy();
>
> +
>
> +  // Now register a new policy and make sure that both can be dumped.
>
> +
> UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &TestPolicy2.Header )
> );
>
> +  // Make sure that we can dump the policy.
>
> +  PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &DumpSize );
>
> +  UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL );
>
> +  DumpBuffer =3D AllocatePool( DumpSize );
>
> +  UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,
> &DumpSize ) );
>
> +
>
> +  // Finally, make sure that both policies are in the dump.
>
> +  UT_ASSERT_MEM_EQUAL( DumpBuffer, &TestPolicy,
> TestPolicy.Header.Size );
>
> +  UT_ASSERT_MEM_EQUAL( (UINT8*)DumpBuffer + TestPolicy.Header.Size,
>
> +                        &TestPolicy2,
>
> +                        TestPolicy2.Header.Size );
>
> +
>
> +  // Always put away your toys.
>
> +  FreePool( DumpBuffer );
>
> +
>
> +  return UNIT_TEST_PASSED;
>
> +}
>
> +
>
> +
>
> +///=3D=3D=3D TEST ENGINE
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> +
>
> +/**
>
> +  SampleUnitTestApp
>
> +
>
> +  @param[in] ImageHandle  The firmware allocated handle for the EFI ima=
ge.
>
> +  @param[in] SystemTable  A pointer to the EFI System Table.
>
> +
>
> +  @retval EFI_SUCCESS     The entry point executed successfully.
>
> +  @retval other           Some error occured when executing this entry =
point.
>
> +
>
> +**/
>
> +int
>
> +main (
>
> +  )
>
> +{
>
> +  EFI_STATUS                  Status;
>
> +  UNIT_TEST_FRAMEWORK_HANDLE  Framework =3D NULL;
>
> +  UNIT_TEST_SUITE_HANDLE      ArchTests;
>
> +  UNIT_TEST_SUITE_HANDLE      PolicyTests;
>
> +  UNIT_TEST_SUITE_HANDLE      UtilityTests;
>
> +#ifdef INTERNAL_UNIT_TEST
>
> +  UNIT_TEST_SUITE_HANDLE      InternalTests;
>
> +#endif // INTERNAL_UNIT_TEST
>
> +
>
> +  DEBUG(( DEBUG_INFO, "%a v%a\n", UNIT_TEST_NAME,
> UNIT_TEST_VERSION ));
>
> +
>
> +  //
>
> +  // Start setting up the test framework for running the tests.
>
> +  //
>
> +  Status =3D InitUnitTestFramework( &Framework, UNIT_TEST_NAME,
> gEfiCallerBaseName, UNIT_TEST_VERSION );
>
> +  if (EFI_ERROR( Status ))
>
> +  {
>
> +    DEBUG((DEBUG_ERROR, "Failed in InitUnitTestFramework. Status =3D %r=
\n",
> Status));
>
> +    goto EXIT;
>
> +  }
>
> +
>
> +
>
> +  //
>
> +  // Add all test suites and tests.
>
> +  //
>
> +  Status =3D CreateUnitTestSuite( &ArchTests, Framework, "Variable Poli=
cy
> Architectural Tests", "VarPolicy.Arch", NULL, NULL );
>
> +  if (EFI_ERROR( Status ))
>
> +  {
>
> +    DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for
> ArchTests\n"));
>
> +    Status =3D EFI_OUT_OF_RESOURCES;
>
> +    goto EXIT;
>
> +  }
>
> +  AddTestCase( ArchTests,
>
> +                "Deinitialization should fail if not previously initial=
ized",
> "VarPolicy.Arch.OnlyDeinit",
>
> +                ShouldFailDeinitWithoutInit, NULL, NULL, NULL );
>
> +  AddTestCase( ArchTests,
>
> +                "Initialization followed by deinitialization should suc=
ceed",
> "VarPolicy.Arch.InitDeinit",
>
> +                ShouldBeAbleToInitAndDeinitTheLibrary, NULL, NULL, NULL=
 );
>
> +  AddTestCase( ArchTests,
>
> +                "The initialization function fail if called twice witho=
ut a deinit",
> "VarPolicy.Arch.InitTwice",
>
> +                ShouldNotBeAbleToInitializeTheLibraryTwice, NULL, LibCl=
eanup,
> NULL );
>
> +  AddTestCase( ArchTests,
>
> +                "API functions should be unavailable until library is i=
nitialized",
> "VarPolicy.Arch.UninitApiOff",
>
> +                ApiCommandsShouldNotRespondIfLibIsUninitialized, NULL,
> LibCleanup, NULL );
>
> +
>
> +#ifdef INTERNAL_UNIT_TEST
>
> +  Status =3D CreateUnitTestSuite( &InternalTests, Framework, "Variable =
Policy
> Internal Tests", "VarPolicy.Internal", NULL, NULL );
>
> +  if (EFI_ERROR( Status ))
>
> +  {
>
> +    DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for
> InternalTests\n"));
>
> +    Status =3D EFI_OUT_OF_RESOURCES;
>
> +    goto EXIT;
>
> +  }
>
> +  AddTestCase( InternalTests,
>
> +                "Policy matching should use name and GUID",
> "VarPolicy.Internal.NameGuid",
>
> +                PoliciesShouldMatchByNameAndGuid, LibInitMocked, LibCle=
anup,
> NULL );
>
> +  AddTestCase( InternalTests,
>
> +                "# sign wildcards should match digits",
> "VarPolicy.Internal.WildDigits",
>
> +                WildcardPoliciesShouldMatchDigits, LibInitMocked, LibCl=
eanup,
> NULL );
>
> +  AddTestCase( InternalTests,
>
> +                "Digit wildcards should check edge cases",
> "VarPolicy.Internal.WildDigitsAdvanced",
>
> +                WildcardPoliciesShouldMatchDigitsAdvanced, LibInitMocke=
d,
> LibCleanup, NULL );
>
> +  AddTestCase( InternalTests,
>
> +                "Empty names should match an entire namespace",
> "VarPolicy.Internal.WildNamespace",
>
> +                WildcardPoliciesShouldMatchNamespaces, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( InternalTests,
>
> +                "Match priority should weight correctly based on wildca=
rds",
> "VarPolicy.Internal.Priorities",
>
> +                MatchPrioritiesShouldFollowRules, LibInitMocked, LibCle=
anup,
> NULL );
>
> +#endif // INTERNAL_UNIT_TEST
>
> +
>
> +  Status =3D CreateUnitTestSuite( &PolicyTests, Framework, "Variable Po=
licy
> Manipulation Tests", "VarPolicy.Policy", NULL, NULL );
>
> +  if (EFI_ERROR( Status ))
>
> +  {
>
> +    DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for
> PolicyTests\n"));
>
> +    Status =3D EFI_OUT_OF_RESOURCES;
>
> +    goto EXIT;
>
> +  }
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldAllowNamespaceWildcards",
> "VarPolicy.Policy.AllowNamespace",
>
> +                RegisterShouldAllowNamespaceWildcards, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldAllowStateVarsForNamespaces",
> "VarPolicy.Policy.AllowStateNamespace",
>
> +                RegisterShouldAllowStateVarsForNamespaces, LibInitMocke=
d,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectNullPointers", "VarPolicy.Policy.N=
ullPointers",
>
> +                RegisterShouldRejectNullPointers, LibInitMocked, LibCle=
anup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectBadRevisions",
> "VarPolicy.Policy.BadRevisions",
>
> +                RegisterShouldRejectBadRevisions, LibInitMocked, LibCle=
anup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectBadSizes", "VarPolicy.Policy.BadSi=
zes",
>
> +                RegisterShouldRejectBadSizes, LibInitMocked, LibCleanup=
, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectBadOffsets", "VarPolicy.Policy.Bad=
Offsets",
>
> +                RegisterShouldRejectBadOffsets, LibInitMocked, LibClean=
up, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectMissingStateStrings",
> "VarPolicy.Policy.MissingStateString",
>
> +                RegisterShouldRejectMissingStateStrings, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectStringsMissingNull",
> "VarPolicy.Policy.MissingNull",
>
> +                RegisterShouldRejectStringsMissingNull, LibInitMocked, =
LibCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectMalformedStrings",
> "VarPolicy.Policy.MalformedStrings",
>
> +                RegisterShouldRejectMalformedStrings, LibInitMocked, Li=
bCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectUnpackedPolicies",
> "VarPolicy.Policy.PolicyPacking",
>
> +                RegisterShouldRejectUnpackedPolicies, LibInitMocked, Li=
bCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectInvalidNameCharacters",
> "VarPolicy.Policy.InvalidCharacters",
>
> +                RegisterShouldRejectInvalidNameCharacters, LibInitMocke=
d,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectBadPolicyConstraints",
> "VarPolicy.Policy.BadConstraints",
>
> +                RegisterShouldRejectBadPolicyConstraints, LibInitMocked=
,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectUnknownLockPolicies",
> "VarPolicy.Policy.BadLocks",
>
> +                RegisterShouldRejectUnknownLockPolicies, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectPolicesWithTooManyWildcards",
> "VarPolicy.Policy.TooManyWildcards",
>
> +                RegisterShouldRejectPolicesWithTooManyWildcards, LibIni=
tMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "RegisterShouldRejectDuplicatePolicies",
> "VarPolicy.Policy.DuplicatePolicies",
>
> +                RegisterShouldRejectDuplicatePolicies, LibInitMocked, L=
ibCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "Variables that exceed min or max sizes should be rejec=
ted",
> "VarPolicy.Policy.MinMax",
>
> +                MinAndMaxSizePoliciesShouldBeHonored, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "AttributeMustPoliciesShouldBeHonored",
> "VarPolicy.Policy.AttrMust",
>
> +                AttributeMustPoliciesShouldBeHonored, LibInitMocked, Li=
bCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "AttributeCantPoliciesShouldBeHonored",
> "VarPolicy.Policy.AttrCant",
>
> +                AttributeCantPoliciesShouldBeHonored, LibInitMocked, Li=
bCleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "VariablesShouldBeDeletableRegardlessOfSize",
> "VarPolicy.Policy.DeleteIgnoreSize",
>
> +                VariablesShouldBeDeletableRegardlessOfSize, LibInitMock=
ed,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "LockNowPoliciesShouldBeHonored",
> "VarPolicy.Policy.VARIABLE_POLICY_TYPE_LOCK_NOW",
>
> +                LockNowPoliciesShouldBeHonored, LibInitMocked, LibClean=
up,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "LockOnCreatePoliciesShouldBeHonored",
> "VarPolicy.Policy.VARIABLE_POLICY_TYPE_LOCK_ON_CREATE",
>
> +                LockOnCreatePoliciesShouldBeHonored, LibInitMocked, Lib=
Cleanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "LockOnStatePoliciesShouldBeHonored",
> "VarPolicy.Policy.LockState",
>
> +                LockOnStatePoliciesShouldBeHonored, LibInitMocked, LibC=
leanup,
> NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "LockOnStatePoliciesShouldApplyToNamespaces",
> "VarPolicy.Policy.NamespaceLockState",
>
> +                LockOnStatePoliciesShouldApplyToNamespaces, LibInitMock=
ed,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "LockOnStateShouldHandleErrorsGracefully",
> "VarPolicy.Policy.LockStateErrors",
>
> +                LockOnStateShouldHandleErrorsGracefully, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( PolicyTests,
>
> +                "BestMatchPriorityShouldBeObeyed", "VarPolicy.Policy.Be=
stMatch",
>
> +                BestMatchPriorityShouldBeObeyed, LibInitMocked, LibClea=
nup,
> NULL );
>
> +
>
> +  Status =3D CreateUnitTestSuite( &UtilityTests, Framework, "Variable P=
olicy
> Utility Tests", "VarPolicy.Utility", NULL, NULL );
>
> +  if (EFI_ERROR( Status ))
>
> +  {
>
> +    DEBUG((DEBUG_ERROR, "Failed in CreateUnitTestSuite for
> UtilityTests\n"));
>
> +    Status =3D EFI_OUT_OF_RESOURCES;
>
> +    goto EXIT;
>
> +  }
>
> +  AddTestCase( UtilityTests,
>
> +                "API commands that change state should not respond afte=
r
> interface is locked", "VarPolicy.Utility.InterfaceLock",
>
> +                ShouldBeAbleToLockInterface, LibInitMocked, LibCleanup,=
 NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "All policies should pass once enforcement is disabled"=
,
> "VarPolicy.Utility.DisableEnforcement",
>
> +                ShouldBeAbleToDisablePolicyEnforcement, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "Disabling enforcement twice should produce an error",
> "VarPolicy.Utility.DisableEnforcementTwice",
>
> +                ShouldNotBeAbleToDisablePoliciesTwice, LibInitMocked,
> LibCleanup, NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "ShouldBeAbleToAddNewPoliciesAfterDisabled",
> "VarPolicy.Utility.AddAfterDisable",
>
> +                ShouldBeAbleToAddNewPoliciesAfterDisabled, LibInitMocke=
d,
> LibCleanup, NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "ShouldBeAbleToLockAfterDisabled",
> "VarPolicy.Utility.LockAfterDisable",
>
> +                ShouldBeAbleToLockAfterDisabled, LibInitMocked, LibClea=
nup,
> NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "Should be able to dump the policy table",
> "VarPolicy.Utility.DumpTable",
>
> +                ShouldBeAbleToDumpThePolicyTable, LibInitMocked, LibCle=
anup,
> NULL );
>
> +  AddTestCase( UtilityTests,
>
> +                "ShouldBeAbleToDumpThePolicyTableAfterDisabled",
> "VarPolicy.Utility.DumpTableAfterDisable",
>
> +                ShouldBeAbleToDumpThePolicyTableAfterDisabled, LibInitM=
ocked,
> LibCleanup, NULL );
>
> +
>
> +
>
> +  //
>
> +  // Execute the tests.
>
> +  //
>
> +  Status =3D RunAllTestSuites( Framework );
>
> +
>
> +EXIT:
>
> +  if (Framework !=3D NULL)
>
> +  {
>
> +    FreeUnitTestFramework( Framework );
>
> +  }
>
> +
>
> +  return Status;
>
> +}
>
> diff --git a/MdeModulePkg/Include/Library/VariablePolicyLib.h
> b/MdeModulePkg/Include/Library/VariablePolicyLib.h
> new file mode 100644
> index 000000000000..efd1840112ec
> --- /dev/null
> +++ b/MdeModulePkg/Include/Library/VariablePolicyLib.h
> @@ -0,0 +1,207 @@
> +/** @file -- VariablePolicyLib.h
>
> +Business logic for Variable Policy enforcement.
>
> +
>
> +Copyright (c) Microsoft Corporation.
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#ifndef _VARIABLE_POLICY_LIB_H_
>
> +#define _VARIABLE_POLICY_LIB_H_
>
> +
>
> +#include <Protocol/VariablePolicy.h>
>
> +
>
> +/**
>
> +  This API function validates and registers a new policy with
>
> +  the policy enforcement engine.
>
> +
>
> +  @param[in]  NewPolicy     Pointer to the incoming policy structure.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_INVALID_PARAMETER   NewPolicy is NULL or is internall=
y
> inconsistent.
>
> +  @retval     EFI_ALREADY_STARTED     An identical matching policy alre=
ady
> exists.
>
> +  @retval     EFI_WRITE_PROTECTED     The interface has been locked unt=
il
> the next reboot.
>
> +  @retval     EFI_UNSUPPORTED         Policy enforcement has been disab=
led.
> No reason to add more policies.
>
> +  @retval     EFI_ABORTED             A calculation error has prevented=
 this
> function from completing.
>
> +  @retval     EFI_OUT_OF_RESOURCES    Cannot grow the table to hold any
> more policies.
>
> +  @retval     EFI_NOT_READY           Library has not yet been initiali=
zed.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +RegisterVariablePolicy (
>
> +  IN CONST VARIABLE_POLICY_ENTRY    *NewPolicy
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function checks to see whether the parameters to SetVariable
> would
>
> +  be allowed according to the current variable policies.
>
> +
>
> +  @param[in]  VariableName       Same as EFI_SET_VARIABLE.
>
> +  @param[in]  VendorGuid         Same as EFI_SET_VARIABLE.
>
> +  @param[in]  Attributes         Same as EFI_SET_VARIABLE.
>
> +  @param[in]  DataSize           Same as EFI_SET_VARIABLE.
>
> +  @param[in]  Data               Same as EFI_SET_VARIABLE.
>
> +
>
> +  @retval     EFI_SUCCESS             A matching policy allows this upd=
ate.
>
> +  @retval     EFI_SUCCESS             There are currently no policies t=
hat restrict
> this update.
>
> +  @retval     EFI_SUCCESS             The protections have been disable=
 until the
> next reboot.
>
> +  @retval     EFI_WRITE_PROTECTED     Variable is currently locked.
>
> +  @retval     EFI_INVALID_PARAMETER   Attributes or size are invalid.
>
> +  @retval     EFI_ABORTED             A lock policy exists, but an erro=
r prevented
> evaluation.
>
> +  @retval     EFI_NOT_READY           Library has not been initialized.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +ValidateSetVariable (
>
> +  IN  CHAR16                       *VariableName,
>
> +  IN  EFI_GUID                     *VendorGuid,
>
> +  IN  UINT32                       Attributes,
>
> +  IN  UINTN                        DataSize,
>
> +  IN  VOID                         *Data
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function disables the variable policy enforcement. If it's
>
> +  already been called once, will return EFI_ALREADY_STARTED.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_ALREADY_STARTED   Has already been called once this b=
oot.
>
> +  @retval     EFI_WRITE_PROTECTED   Interface has been locked until reb=
oot.
>
> +  @retval     EFI_WRITE_PROTECTED   Interface option is disabled by pla=
tform
> PCD.
>
> +  @retval     EFI_NOT_READY   Library has not yet been initialized.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DisableVariablePolicy (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function will dump the entire contents of the variable polic=
y table.
>
> +
>
> +  Similar to GetVariable, the first call can be made with a 0 size and =
it will
> return
>
> +  the size of the buffer required to hold the entire table.
>
> +
>
> +  @param[out]     Policy  Pointer to the policy buffer. Can be NULL if =
Size is 0.
>
> +  @param[in,out]  Size    On input, the size of the output buffer. On o=
utput,
> the size
>
> +                          of the data returned.
>
> +
>
> +  @retval     EFI_SUCCESS             Policy data is in the output buff=
er and Size
> has been updated.
>
> +  @retval     EFI_INVALID_PARAMETER   Size is NULL, or Size is non-zero=
 and
> Policy is NULL.
>
> +  @retval     EFI_BUFFER_TOO_SMALL    Size is insufficient to hold poli=
cy. Size
> updated with required size.
>
> +  @retval     EFI_NOT_READY           Library has not yet been initiali=
zed.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DumpVariablePolicy (
>
> +  OUT     UINT8         *Policy,
>
> +  IN OUT  UINT32        *Size
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function returns whether or not the policy engine is
>
> +  currently being enforced.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +  @retval     FALSE         Library has not yet been initialized.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyEnabled (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function locks the interface so that no more policy updates
>
> +  can be performed or changes made to the enforcement until the next
> boot.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_NOT_READY   Library has not yet been initialized.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +LockVariablePolicy (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This API function returns whether or not the policy interface is lock=
ed
>
> +  for the remainder of the boot.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +  @retval     FALSE         Library has not yet been initialized.
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyInterfaceLocked (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This helper function initializes the library and sets
>
> +  up any required internal structures or handlers.
>
> +
>
> +  Also registers the internal pointer for the GetVariable helper.
>
> +
>
> +  @param[in]  GetVariableHelper A function pointer matching the
> EFI_GET_VARIABLE prototype that will be used to
>
> +                  check policy criteria that involve the existence of o=
ther variables.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_ALREADY_STARTED   The initialize function has been ca=
lled
> more than once without a call to
>
> +                                    deinitialize.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +InitVariablePolicyLib (
>
> +  IN  EFI_GET_VARIABLE    GetVariableHelper
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This helper function returns whether or not the library is currently
> initialized.
>
> +
>
> +  @retval     TRUE
>
> +  @retval     FALSE
>
> +
>
> +**/
>
> +BOOLEAN
>
> +EFIAPI
>
> +IsVariablePolicyLibInitialized (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +/**
>
> +  This helper function tears down  the library.
>
> +
>
> +  Should generally only be used for test harnesses.
>
> +
>
> +  @retval     EFI_SUCCESS
>
> +  @retval     EFI_NOT_READY     Deinitialize was called without first c=
alling
> initialize.
>
> +
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +DeinitVariablePolicyLib (
>
> +  VOID
>
> +  );
>
> +
>
> +
>
> +#endif // _VARIABLE_POLICY_LIB_H_
>
> diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.in=
f
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> new file mode 100644
> index 000000000000..f4a879d5382f
> --- /dev/null
> +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> @@ -0,0 +1,44 @@
> +## @file VariablePolicyLib.inf
>
> +# Business logic for Variable Policy enforcement.
>
> +#
>
> +##
>
> +# Copyright (c) Microsoft Corporation.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +##
>
> +
>
> +
>
> +[Defines]
>
> +  INF_VERSION         =3D 0x00010017
>
> +  BASE_NAME           =3D VariablePolicyLib
>
> +  FILE_GUID           =3D E9ECD342-159A-4F24-9FDF-65724027C594
>
> +  VERSION_STRING      =3D 1.0
>
> +  MODULE_TYPE         =3D DXE_DRIVER
>
> +  LIBRARY_CLASS       =3D VariablePolicyLib|DXE_DRIVER DXE_SMM_DRIVER
> MM_STANDALONE
>
> +
>
> +#
>
> +# The following information is for reference only and not required by t=
he
> build tools.
>
> +#
>
> +#  VALID_ARCHITECTURES           =3D ANY
>
> +#
>
> +
>
> +
>
> +[Sources]
>
> +  VariablePolicyLib.c
>
> +  VariablePolicyExtraInitNull.c
>
> +
>
> +
>
> +[Packages]
>
> +  MdePkg/MdePkg.dec
>
> +  MdeModulePkg/MdeModulePkg.dec
>
> +
>
> +
>
> +[LibraryClasses]
>
> +  DebugLib
>
> +  BaseMemoryLib
>
> +  MemoryAllocationLib
>
> +  SafeIntLib
>
> +  PcdLib
>
> +
>
> +
>
> +[Pcd]
>
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis
> able     ## CONSUMES
>
> diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.un=
i
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni
> new file mode 100644
> index 000000000000..2227ec427828
> --- /dev/null
> +++ b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni
> @@ -0,0 +1,12 @@
> +// /** @file
>
> +// VariablePolicyLib.uni
>
> +//
>
> +// Copyright (c) Microsoft Corporation.
>
> +// SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +//
>
> +// **/
>
> +
>
> +
>
> +#string STR_MODULE_ABSTRACT             #language en-US "Library contai=
ning
> the business logic for the VariablePolicy engine"
>
> +
>
> +#string STR_MODULE_DESCRIPTION          #language en-US "Library
> containing the business logic for the VariablePolicy engine"
>
> diff --git
> a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.in
> f
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.in
> f
> new file mode 100644
> index 000000000000..8b8365741864
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.in
> f
> @@ -0,0 +1,51 @@
> +## @file VariablePolicyLibRuntimeDxe.inf
>
> +# Business logic for Variable Policy enforcement.
>
> +# This instance is specifically for RuntimeDxe and contains
>
> +# extra routines to register for VirtualAddressChangeEvents.
>
> +#
>
> +# Copyright (c) Microsoft Corporation.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +##
>
> +
>
> +
>
> +[Defines]
>
> +  INF_VERSION         =3D 0x00010017
>
> +  BASE_NAME           =3D VariablePolicyLibRuntimeDxe
>
> +  FILE_GUID           =3D 205F7F0E-8EAC-4914-8390-1B90DD7E2A27
>
> +  VERSION_STRING      =3D 1.0
>
> +  MODULE_TYPE         =3D DXE_RUNTIME_DRIVER
>
> +  LIBRARY_CLASS       =3D VariablePolicyLib|DXE_RUNTIME_DRIVER
>
> +
>
> +#
>
> +# The following information is for reference only and not required by t=
he
> build tools.
>
> +#
>
> +#  VALID_ARCHITECTURES           =3D ANY
>
> +#
>
> +
>
> +
>
> +[Sources]
>
> +  VariablePolicyLib.c
>
> +  VariablePolicyExtraInitRuntimeDxe.c
>
> +
>
> +
>
> +[Packages]
>
> +  MdePkg/MdePkg.dec
>
> +  MdeModulePkg/MdeModulePkg.dec
>
> +
>
> +
>
> +[LibraryClasses]
>
> +  DebugLib
>
> +  BaseMemoryLib
>
> +  MemoryAllocationLib
>
> +  SafeIntLib
>
> +  UefiBootServicesTableLib
>
> +  UefiRuntimeServicesTableLib
>
> +  PcdLib
>
> +
>
> +
>
> +[Pcd]
>
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis
> able     ## CONSUMES
>
> +
>
> +
>
> +[Guids]
>
> +  gEfiEventVirtualAddressChangeGuid
>
> diff --git
> a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.inf
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.inf
> new file mode 100644
> index 000000000000..ccc04bb600d6
> --- /dev/null
> +++
> b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variable
> PolicyUnitTest.inf
> @@ -0,0 +1,40 @@
> +## @file VariablePolicyUnitTest.inf
>
> +# UnitTest for...
>
> +# Business logic for Variable Policy enforcement.
>
> +#
>
> +# Copyright (c) Microsoft Corporation.
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +##
>
> +
>
> +
>
> +[Defines]
>
> +  INF_VERSION                    =3D 0x00010006
>
> +  BASE_NAME                      =3D VariablePolicyUnitTest
>
> +  FILE_GUID                      =3D 1200A2E4-D756-418C-9768-528C2D181A=
98
>
> +  MODULE_TYPE                    =3D HOST_APPLICATION
>
> +  VERSION_STRING                 =3D 1.0
>
> +
>
> +#
>
> +# The following information is for reference only and not required by t=
he
> build tools.
>
> +#
>
> +#  VALID_ARCHITECTURES           =3D IA32 X64 ARM AARCH64
>
> +#
>
> +
>
> +[Sources]
>
> +  VariablePolicyUnitTest.c
>
> +
>
> +
>
> +[Packages]
>
> +  MdePkg/MdePkg.dec
>
> +  MdeModulePkg/MdeModulePkg.dec
>
> +  UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec
>
> +
>
> +
>
> +[LibraryClasses]
>
> +  BaseLib
>
> +  DebugLib
>
> +  UnitTestLib
>
> +  PrintLib
>
> +  VariablePolicyLib
>
> +  BaseMemoryLib
>
> +  MemoryAllocationLib
>
> diff --git a/MdeModulePkg/MdeModulePkg.dec
> b/MdeModulePkg/MdeModulePkg.dec
> index 05d8ad4931f9..0b58c14e4747 100644
> --- a/MdeModulePkg/MdeModulePkg.dec
> +++ b/MdeModulePkg/MdeModulePkg.dec
> @@ -31,6 +31,9 @@ [LibraryClasses]
>    ##  @libraryclass  Defines a set of methods to reset whole system.
>
>    ResetSystemLib|Include/Library/ResetSystemLib.h
>
>
>
> +  ##  @libraryclass  Business logic for storing and testing variable po=
licies
>
> +  VariablePolicyLib|Include/Library/VariablePolicyLib.h
>
> +
>
>    ##  @libraryclass  Defines a set of helper functions for resetting th=
e system.
>
>    ResetUtilityLib|Include/Library/ResetUtilityLib.h
>
>
>
> diff --git a/MdeModulePkg/MdeModulePkg.dsc
> b/MdeModulePkg/MdeModulePkg.dsc
> index 25aea3e2a481..14b6ed536962 100644
> --- a/MdeModulePkg/MdeModulePkg.dsc
> +++ b/MdeModulePkg/MdeModulePkg.dsc
> @@ -3,6 +3,7 @@
>  #
>
>  # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>
>
>  # Copyright (c) 2007 - 2019, Intel Corporation. All rights reserved.<BR=
>
>
> +# Copyright (c) Microsoft Corporation.
>
>  #
>
>  #    SPDX-License-Identifier: BSD-2-Clause-Patent
>
>  #
>
> @@ -58,6 +59,7 @@ [LibraryClasses]
>    DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
>
>
> DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTabl
> eLib.inf
>
>
> UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBoo
> tManagerLib.inf
>
> +
> VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
i
> b.inf
>
>    #
>
>    # Generic Modules
>
>    #
>
> @@ -129,6 +131,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>    DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
>
>
> LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.in
> f
>
>
> CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsule
> Lib.inf
>
> +
> VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
i
> bRuntimeDxe.inf
>
>
>
>  [LibraryClasses.common.SMM_CORE]
>
>    HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
>
> @@ -306,6 +309,8 @@ [Components]
>    MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
>
>
> MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull
> .inf
>
>    MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
>
> +  MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
>
> +
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
>
>    MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
>
>    MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.inf
>
>    MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.inf
>
> diff --git a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc
> b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc
> index 72a119db4568..095e613f1be1 100644
> --- a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc
> +++ b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc
> @@ -19,12 +19,23 @@ [Defines]
>
>
>  !include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc
>
>
>
> +[LibraryClasses]
>
> +  SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
>
> +
>
>  [Components]
>
>
> MdeModulePkg/Library/DxeResetSystemLib/UnitTest/MockUefiRuntimeSer
> vicesTableLib.inf
>
>
>
>    #
>
>    # Build MdeModulePkg HOST_APPLICATION Tests
>
>    #
>
> +
> MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/VariablePo
> licyUnitTest.inf {
>
> +    <LibraryClasses>
>
> +
> VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL=
i
> b.inf
>
> +
>
> +    <PcdsFixedAtBuild>
>
> +
> gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis
> able|TRUE
>
> +  }
>
> +
>
>
> MdeModulePkg/Library/DxeResetSystemLib/UnitTest/DxeResetSystemLibU
> nitTestHost.inf {
>
>      <LibraryClasses>
>
>
> ResetSystemLib|MdeModulePkg/Library/DxeResetSystemLib/DxeResetSyst
> emLib.inf
>
> --
> 2.26.2.windows.1.8.g01c50adf56.20200515075929
>
>
> -=3D-=3D-=3D-=3D-=3D-=3D
> Groups.io Links: You receive all messages sent to this group.
>
> View/Reply Online (#61588): https://nam06.safelinks.protection.outlook.c=
om/?url=3Dhttps%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Fmessage%2F61588&amp;da=
ta=3D02%7C01%7Cbret.barkelew%40microsoft.com%7C4ff781c598384282187708d81e2d=
8858%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637292528218892203&amp;sd=
ata=3DLU1JPSqqPVToubD2UJd8JT34dvLGJ6QSi7oA7s%2FyiqY%3D&amp;reserved=3D0
> Mute This Topic: https://nam06.safelinks.protection.outlook.com/?url=3Dh=
ttps%3A%2F%2Fgroups.io%2Fmt%2F75057697%2F1768738&amp;data=3D02%7C01%7Cbret.=
barkelew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f14=
1af91ab2d7cd011db47%7C1%7C0%7C637292528218892203&amp;sdata=3DY%2BAVPkeX7Clj=
7g0E0ENKDcJQwVksMtp%2FbZjBgDdz%2B1A%3D&amp;reserved=3D0
> Group Owner: devel+owner@edk2.groups.io
> Unsubscribe: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps=
%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Funsub&amp;data=3D02%7C01%7Cbret.barke=
lew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141af91=
ab2d7cd011db47%7C1%7C0%7C637292528218892203&amp;sdata=3DQzd%2FXa8ldydS45UAI=
yd7PaGORBzcESMWbNT1oUNEZm4%3D&amp;reserved=3D0  [dandan.bi@intel.com]
> -=3D-=3D-=3D-=3D-=3D-=3D





--_000_CY4PR21MB074399EFFD54FE103EF7B5B8EF6D0CY4PR21MB0743namp_
Content-Type: text/html; charset="Windows-1252"
Content-Transfer-Encoding: quoted-printable

<html xmlns:o=3D"urn:schemas-microsoft-com:office:office" xmlns:w=3D"urn:sc=
hemas-microsoft-com:office:word" xmlns:m=3D"http://schemas.microsoft.com/of=
fice/2004/12/omml" xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3DWindows-=
1252">
<meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:DengXian;
	panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:"\@DengXian";
	panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
	{mso-style-priority:34;
	margin-top:0in;
	margin-right:0in;
	margin-bottom:0in;
	margin-left:.5in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri",sans-serif;}
.MsoChpDefault
	{mso-style-type:export-only;}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
/* List Definitions */
@list l0
	{mso-list-id:2109110624;
	mso-list-type:hybrid;
	mso-list-template-ids:1461077592 -1 67698713 67698715 67698703 67698713 6=
7698715 67698703 67698713 67698715;}
@list l0:level1
	{mso-level-text:"%1\)";
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level2
	{mso-level-number-format:alpha-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level3
	{mso-level-number-format:roman-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:right;
	text-indent:-9.0pt;}
@list l0:level4
	{mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level5
	{mso-level-number-format:alpha-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level6
	{mso-level-number-format:roman-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:right;
	text-indent:-9.0pt;}
@list l0:level7
	{mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level8
	{mso-level-number-format:alpha-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:left;
	text-indent:-.25in;}
@list l0:level9
	{mso-level-number-format:roman-lower;
	mso-level-tab-stop:none;
	mso-level-number-position:right;
	text-indent:-9.0pt;}
ol
	{margin-bottom:0in;}
ul
	{margin-bottom:0in;}
--></style>
</head>
<body lang=3D"EN-US" link=3D"blue" vlink=3D"#954F72">
<div class=3D"WordSection1">
<ol style=3D"margin-top:0in" start=3D"1" type=3D"1">
<li class=3D"MsoListParagraph" style=3D"color:red;margin-left:0in;mso-list=
:l0 level1 lfo1">
Done<o:p></o:p></li><li class=3D"MsoListParagraph" style=3D"color:red;marg=
in-left:0in;mso-list:l0 level1 lfo1">
Done<o:p></o:p></li><li class=3D"MsoListParagraph" style=3D"color:red;marg=
in-left:0in;mso-list:l0 level1 lfo1">
BestResult can=92t be anything but NULL if MatchPriority isn=92t initializ=
ed, so the second half of this will never be evaluated, but I see your poin=
t. I=92ve added a default initialization for the variable.<o:p></o:p></li><=
li class=3D"MsoListParagraph" style=3D"color:red;margin-left:0in;mso-list:l=
0 level1 lfo1">
Done<o:p></o:p></li></ol>
<p class=3D"MsoNormal"><span style=3D"color:red"><o:p>&nbsp;</o:p></span><=
/p>
<p class=3D"MsoNormal"><span style=3D"color:red">Thanks!<o:p></o:p></span>=
</p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal">- Bret</p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<div style=3D"mso-element:para-border-div;border:none;border-top:solid #E1=
E1E1 1.0pt;padding:3.0pt 0in 0in 0in">
<p class=3D"MsoNormal" style=3D"border:none;padding:0in"><b>From: </b><a h=
ref=3D"mailto:dandan.bi=3Dintel.com@groups.io">Dandan Bi via groups.io</a><=
br>
<b>Sent: </b>Wednesday, July 1, 2020 7:13 PM<br>
<b>To: </b><a href=3D"mailto:devel@edk2.groups.io">devel@edk2.groups.io</a=
>; <a href=3D"mailto:bret@corthon.com">
bret@corthon.com</a><br>
<b>Cc: </b><a href=3D"mailto:jian.j.wang@intel.com">Wang, Jian J</a>; <a h=
ref=3D"mailto:hao.a.wu@intel.com">
Wu, Hao A</a>; <a href=3D"mailto:liming.gao@intel.com">liming.gao</a><br>
<b>Subject: </b>[EXTERNAL] Re: [edk2-devel] [PATCH v6 02/14] MdeModulePkg:=
 Define the VariablePolicyLib</p>
</div>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
<p class=3D"MsoNormal" style=3D"margin-bottom:12.0pt">4 comments inline, p=
lease check.<br>
<br>
Thanks,<br>
Dandan<br>
&gt; -----Original Message-----<br>
&gt; From: devel@edk2.groups.io &lt;devel@edk2.groups.io&gt; On Behalf Of =
Bret<br>
&gt; Barkelew<br>
&gt; Sent: Tuesday, June 23, 2020 2:41 PM<br>
&gt; To: devel@edk2.groups.io<br>
&gt; Cc: Wang, Jian J &lt;jian.j.wang@intel.com&gt;; Wu, Hao A &lt;hao.a.w=
u@intel.com&gt;;<br>
&gt; Gao, Liming &lt;liming.gao@intel.com&gt;<br>
&gt; Subject: [edk2-devel] [PATCH v6 02/14] MdeModulePkg: Define the<br>
&gt; VariablePolicyLib<br>
&gt; <br>
&gt; <a href=3D"https://nam06.safelinks.protection.outlook.com/?url=3Dhttp=
s%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2522&amp;amp;data=3D=
02%7C01%7Cbret.barkelew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%=
7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637292528218882209&amp;amp;sda=
ta=3Dcw75EiZAUXPo9iwbbkXrZwoLpuv1F7rHZIiDDHSToDA%3D&amp;amp;reserved=3D0">
https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugzil=
la.tianocore.org%2Fshow_bug.cgi%3Fid%3D2522&amp;amp;data=3D02%7C01%7Cbret.b=
arkelew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141=
af91ab2d7cd011db47%7C1%7C0%7C637292528218882209&amp;amp;sdata=3Dcw75EiZAUXP=
o9iwbbkXrZwoLpuv1F7rHZIiDDHSToDA%3D&amp;amp;reserved=3D0</a><br>
&gt; <br>
&gt; VariablePolicy is an updated interface to<br>
&gt; replace VarLock and VarCheckProtocol.<br>
&gt; <br>
&gt; Add the VariablePolicyLib library that implements<br>
&gt; the portable business logic for the VariablePolicy<br>
&gt; engine.<br>
&gt; <br>
&gt; Also add host-based CI test cases for the lib.<br>
&gt; <br>
&gt; Cc: Jian J Wang &lt;jian.j.wang@intel.com&gt;<br>
&gt; Cc: Hao A Wu &lt;hao.a.wu@intel.com&gt;<br>
&gt; Cc: Liming Gao &lt;liming.gao@intel.com&gt;<br>
&gt; Cc: Bret Barkelew &lt;brbarkel@microsoft.com&gt;<br>
&gt; Signed-off-by: Bret Barkelew &lt;brbarkel@microsoft.com&gt;<br>
&gt; ---<br>
&gt;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitN=
ull.c<br>
&gt; |&nbsp;&nbsp; 46 &#43;<br>
&gt; <br>
&gt; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRuntime=
Dx<br>
&gt; e.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp; 85 &#43;<br>
&gt;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c<br>
&gt; |&nbsp; 816 &#43;&#43;&#43;&#43;&#43;&#43;&#43;<br>
&gt; <br>
&gt; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl=
ePo<br>
&gt; licyUnitTest.c&nbsp;&nbsp; | 2436 &#43;&#43;&#43;&#43;&#43;&#43;&#43;=
&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;&#43;<br>
&gt;&nbsp; MdeModulePkg/Include/Library/VariablePolicyLib.h&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
 |<br>
&gt; 207 &#43;&#43;<br>
&gt;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf<br=
>
&gt; |&nbsp;&nbsp; 44 &#43;<br>
&gt;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni<br=
>
&gt; |&nbsp;&nbsp; 12 &#43;<br>
&gt;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntime=
Dxe.inf<br>
&gt; |&nbsp;&nbsp; 51 &#43;<br>
&gt; <br>
&gt; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl=
ePo<br>
&gt; licyUnitTest.inf |&nbsp;&nbsp; 40 &#43;<br>
&gt;&nbsp; MdeModulePkg/MdeModulePkg.dec&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; 3 &#43;<br>
&gt;&nbsp; MdeModulePkg/MdeModulePkg.dsc&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; |&nbsp;&nbsp;&nbsp; 5 &#43;<br>
&gt;&nbsp; MdeModulePkg/Test/MdeModulePkgHostTest.dsc&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; |<br>
&gt; 11 &#43;<br>
&gt;&nbsp; 12 files changed, 3756 insertions(&#43;)<br>
&gt; <br>
&gt; diff --git<br>
&gt; a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.=
c<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.=
c<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..ad2ee0b2fb8f<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43;<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitNull.=
c<br>
&gt; @@ -0,0 &#43;1,46 @@<br>
&gt; &#43;/** @file -- VariablePolicyExtraInitNull.c<br>
&gt; <br>
&gt; &#43;This file contains extra init and deinit routines that don't do =
anything<br>
&gt; <br>
&gt; &#43;extra.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/UefiRuntimeServicesTableLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; An extra init hook that enables the RuntimeDxe library in=
stance to<br>
&gt; <br>
&gt; &#43;&nbsp; register VirtualAddress change callbacks. Among other thi=
ngs.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp; E=
verything is good. Continue with init.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; Others&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; Uh... don't continue.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraInit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; // NULL implementation.<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; An extra deinit hook that enables the RuntimeDxe library =
instance to<br>
&gt; <br>
&gt; &#43;&nbsp; register VirtualAddress change callbacks. Among other thi=
ngs.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp; E=
verything is good. Continue with deinit.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; Others&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; Uh... don't continue.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraDeinit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; // NULL implementation.<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; diff --git<br>
&gt; a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRunti=
meD<br>
&gt; xe.c<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRunti=
me<br>
&gt; Dxe.c<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..3ca87048b14b<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43;<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyExtraInitRunti=
me<br>
&gt; Dxe.c<br>
&gt; @@ -0,0 &#43;1,85 @@<br>
&gt; &#43;/** @file -- VariablePolicyExtraInitRuntimeDxe.c<br>
&gt; <br>
&gt; &#43;This file contains extra init and deinit routines that register =
and unregister<br>
&gt; <br>
&gt; &#43;VariableAddressChange callbacks.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/UefiBootServicesTableLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/UefiRuntimeServicesTableLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;extern EFI_GET_VARIABLE&nbsp;&nbsp; mGetVariableHelper;<br>
&gt; <br>
&gt; &#43;extern UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; *mPolicyTable;<br>
&gt; <br>
&gt; &#43;STATIC BOOLEAN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp; mIsVirtualAddrConverted;<br>
&gt; <br>
&gt; &#43;STATIC EFI_EVENT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp; mVariablePolicyLibVirtualAddressChangeEvent&nbsp; =3D<br>
&gt; NULL;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; For the RuntimeDxe version of this lib, convert internal =
pointer addresses<br>
&gt; to virtual addresses.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in] Event&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Event whos=
e notification function is being invoked.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in] Context&nbsp;&nbsp;&nbsp; The pointer to the n=
otification function's context,<br>
&gt; which<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
is implementation-dependent.<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;VOID<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;VariablePolicyLibVirtualAddressCallback (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; EFI_EVENT&nbsp;&nbsp; Event,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *=
Context<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; gRT-&gt;ConvertPointer (0, (VOID **)&amp;mPolicyTable);<b=
r>
&gt; <br>
&gt; &#43;&nbsp; gRT-&gt;ConvertPointer (0, (VOID **)&amp;mGetVariableHelp=
er);<br>
&gt; <br>
&gt; &#43;&nbsp; mIsVirtualAddrConverted =3D TRUE;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; An extra init hook that enables the RuntimeDxe library in=
stance to<br>
&gt; <br>
&gt; &#43;&nbsp; register VirtualAddress change callbacks. Among other thi=
ngs.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp; E=
verything is good. Continue with init.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; Others&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; Uh... don't continue.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraInit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; return gBS-&gt;CreateEventEx (EVT_NOTIFY_SIGNAL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TPL_NOTIFY,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VariablePolicyLibVirtualAddressCallback=
,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;gEfiEventVirtualAddressChangeGuid,=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;mVariablePolicyLibVirtualAddressCh=
angeEvent);<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; An extra deinit hook that enables the RuntimeDxe library =
instance to<br>
&gt; <br>
&gt; &#43;&nbsp; register VirtualAddress change callbacks. Among other thi=
ngs.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp; E=
verything is good. Continue with deinit.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; Others&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; Uh... don't continue.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraDeinit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; Status;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;&nbsp; if (mIsVirtualAddrConverted) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D gBS-&gt;CloseEvent<br>
&gt; (mVariablePolicyLibVirtualAddressChangeEvent);<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; else {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return Status;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib=
.c<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..84c794adaed9<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLib.c<br>
&gt; @@ -0,0 &#43;1,816 @@<br>
&gt; &#43;/** @file -- VariablePolicyLib.c<br>
&gt; <br>
&gt; &#43;Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Uefi.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/SafeIntLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/MemoryAllocationLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/BaseMemoryLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/DebugLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/PcdLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Protocol/VariablePolicy.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/VariablePolicyLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// IMPORTANT NOTE: This library is currently rife with multiple =
return<br>
&gt; statements<br>
&gt; <br>
&gt; &#43;//&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; for error handling. A refactor should re=
move these at some point.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;//<br>
&gt; <br>
&gt; &#43;// This library was designed with advanced unit-test features.<b=
r>
&gt; <br>
&gt; &#43;// This define handles the configuration.<br>
&gt; <br>
&gt; &#43;#ifdef INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;#undef STATIC<br>
&gt; <br>
&gt; &#43;#define STATIC&nbsp;&nbsp;&nbsp; // Nothing...<br>
&gt; <br>
&gt; &#43;#endif<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// An abstracted GetVariable interface that enables configuratio=
n<br>
&gt; regardless of the environment.<br>
&gt; <br>
&gt; &#43;EFI_GET_VARIABLE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; mGetVariableHelper =3D NULL;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// Master switch to lock this entire interface. Does not stop en=
forcement,<br>
&gt; <br>
&gt; &#43;// just prevents the configuration from being changed for the re=
st of the<br>
&gt; boot.<br>
&gt; <br>
&gt; &#43;STATIC&nbsp; BOOLEAN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; mInterfaceLocked =3D FALSE;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// Master switch to disable the entire interface for a single bo=
ot.<br>
&gt; <br>
&gt; &#43;// This will disable all policy enforcement for the duration of =
the boot.<br>
&gt; <br>
&gt; &#43;STATIC&nbsp; BOOLEAN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; mProtectionDisabled =3D FALSE;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// Table to hold all the current policies.<br>
&gt; <br>
&gt; &#43;UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *=
mPolicyTable =3D NULL;<br>
&gt; <br>
&gt; &#43;STATIC&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; mCurrentTableSize =3D 0;<br>
&gt; <br>
&gt; &#43;STATIC&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; mCurrentTableUsage =3D 0;<br>
&gt; <br>
&gt; &#43;STATIC&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; mCurrentTableCount =3D 0;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define POLICY_TABLE_STEP_SIZE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp; 0x1000<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// NOTE: DO NOT USE THESE MACROS on any structure that has not b=
een<br>
&gt; validated.<br>
&gt; <br>
&gt; &#43;//&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Current table data has al=
ready been sanitized.<br>
&gt; <br>
&gt; &#43;#define GET_NEXT_POLICY(CurPolicy)<br>
&gt; (VARIABLE_POLICY_ENTRY*)((UINT8*)CurPolicy &#43; CurPolicy-&gt;Size)<=
br>
&gt; <br>
&gt; &#43;#define GET_POLICY_NAME(CurPolicy)&nbsp;&nbsp;&nbsp; (CHAR16*)((=
UINTN)CurPolicy &#43;<br>
&gt; CurPolicy-&gt;OffsetToName)<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define MATCH_PRIORITY_EXACT&nbsp;&nbsp;&nbsp; 0<br>
&gt; <br>
&gt; &#43;#define MATCH_PRIORITY_MAX&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MATCH_P=
RIORITY_EXACT<br>
&gt; <br>
&gt; &#43;#define MATCH_PRIORITY_MIN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MAX_UIN=
T8<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// ExtraInit/ExtraDeinit functions allow RuntimeDxe to register<=
br>
&gt; VirtualAddress callbacks.<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraInit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;VariablePolicyExtraDeinit (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
<br>
1. [Dandan]: Please also add comments for above two functions. <br>
Please also pay attention to the coding style issue in other files.<br>
<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function determines whether the structure of =
an incoming<br>
&gt; policy<br>
&gt; <br>
&gt; &#43;&nbsp; is valid and internally consistent.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; NewPolicy&nbsp;&nbsp;&nbsp;&nbsp; Pointe=
r to the incoming policy structure.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp; Pointer=
 is NULL, size is wrong, strings are empty, or<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; substructure=
s overlap.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;IsValidVariablePolicyStructure (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp; *NewPoli=
cy<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Ent=
ryEnd;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckCh=
ar;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Wil=
dcardCount;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Sanitize some quick values.<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewPolicy =3D=3D NULL || NewPolicy-&gt;Size =3D=3D 0 =
||<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Structure size should be at le=
ast as long as the minumum structure and<br>
&gt; a NULL string.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewPolicy-&gt;Size &lt; sizeof(VA=
RIABLE_POLICY_ENTRY) ||<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Check for the known revision.<=
br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewPolicy-&gt;Version !=3D VARIAB=
LE_POLICY_ENTRY_REVISION) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Calculate the theoretical end of the structure and mak=
e sure<br>
&gt; <br>
&gt; &#43;&nbsp; // that the structure can fit in memory.<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D SafeUintnAdd( (UINTN)NewPolicy, NewPolicy-&gt;=
Size, &amp;EntryEnd );<br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for a valid Max Size.<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewPolicy-&gt;MaxSize =3D=3D 0) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for the valid list of lock policies.<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewPolicy-&gt;LockPolicyType !=3D VARIABLE_POLICY_TYP=
E_NO_LOCK &amp;&amp;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewPolicy-&gt;LockPolicyType !=3D=
 VARIABLE_POLICY_TYPE_LOCK_NOW &amp;&amp;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewPolicy-&gt;LockPolicyType !=3D=
<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_CREATE &amp;&amp;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewPolicy-&gt;LockPolicyType !=3D=
<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE)<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If the policy type is VARIABLE_POLICY_TYPE_LOCK_ON_VAR=
_STATE,<br>
&gt; make sure that the matching state variable Name<br>
&gt; <br>
&gt; &#43;&nbsp; // terminates before the OffsetToName for the matching po=
licy variable<br>
&gt; Name.<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewPolicy-&gt;LockPolicyType =3D=3D<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Adjust CheckChar to the offset of the Lock=
Policy-&gt;Name.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D SafeUintnAdd( (UINTN)NewPolicy &#4=
3;<br>
&gt; sizeof(VARIABLE_POLICY_ENTRY),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; (UINTN*)&amp;CheckChar );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (EFI_ERROR( Status ) || EntryEnd &lt;=3D (=
UINTN)CheckChar) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; while (*CheckChar !=3D CHAR_NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (EntryEnd &lt;=3D (UINTN)Check=
Char) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CheckChar&#43;&#43;;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // At this point we should have either exeede=
d the structure or be<br>
&gt; pointing at the last char in LockPolicy-&gt;Name.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // We should check to make sure that the poli=
cy Name comes<br>
&gt; immediately after this charcter.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if ((UINTN)&#43;&#43;CheckChar !=3D (UINTN)Ne=
wPolicy &#43; NewPolicy-<br>
&gt; &gt;OffsetToName) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; // If the policy type is any other value, make sure that =
the LockPolicy<br>
&gt; structure has a zero length.<br>
&gt; <br>
&gt; &#43;&nbsp; else {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (NewPolicy-&gt;OffsetToName !=3D sizeof(VA=
RIABLE_POLICY_ENTRY)) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check to make sure that the name has a terminating cha=
racter<br>
&gt; <br>
&gt; &#43;&nbsp; // before the end of the structure.<br>
&gt; <br>
&gt; &#43;&nbsp; // We've already checked that the name is within the boun=
ds of the<br>
&gt; structure.<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewPolicy-&gt;Size !=3D NewPolicy-&gt;OffsetToName) {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CheckChar =3D (CHAR16*)((UINTN)NewPolicy &#43=
; NewPolicy-<br>
&gt; &gt;OffsetToName);<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; WildcardCount =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; while (*CheckChar !=3D CHAR_NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Make sure there aren't excessi=
ve wildcards.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (*CheckChar =3D=3D '#') {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; WildcardCount&#43;&#4=
3;;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (WildcardCount &gt=
; MATCH_PRIORITY_MIN) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FA=
LSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Make sure you're still within =
the bounds of the policy structure.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (EntryEnd &lt;=3D (UINTN)Check=
Char) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CheckChar&#43;&#43;;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Finally, we should be pointed at the very =
last character in Name, so we<br>
&gt; should be right<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // up against the end of the structure.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if ((UINTN)&#43;&#43;CheckChar !=3D EntryEnd)=
 {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return TRUE;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function evaluates a policy and determines wh=
ether it matches<br>
&gt; the target<br>
&gt; <br>
&gt; &#43;&nbsp; variable. If matched, will also return a value correspond=
ing to the priority<br>
&gt; of the match.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; The rules for &quot;best match&quot; are listed in the Va=
riable Policy Spec.<br>
&gt; <br>
&gt; &#43;&nbsp; Perfect name matches will return 0.<br>
&gt; <br>
&gt; &#43;&nbsp; Single wildcard characters will return the number of wild=
card characters.<br>
&gt; <br>
&gt; &#43;&nbsp; Full namespaces will return MAX_UINT8.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; EvalEntry&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp; Pointer to the policy entry being evaluated.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VariableName&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VendorGuid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[out] MatchPriority&nbsp;&nbsp;&nbsp;&nbsp; [Option=
al] On finding a match, this value<br>
&gt; contains the priority of the match.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Lower number =3D=3D higher =
priority. Only valid if a match found.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Current entry matches the target variable=
.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Current entry does not match at all.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EvaluatePolicyMatch (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp; *EvalEnt=
ry,<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *Variabl=
eName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; UINT8&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp; *MatchPriority&nbsp;&nbsp;&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; BOOLEAN&nbsp;&nbsp;&nbsp;&nbsp; Result;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *PolicyName;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CalculatedPrior=
ity;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Index;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Result =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; CalculatedPriority =3D MATCH_PRIORITY_EXACT;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Step 1: If the GUID doesn't match, we're done. No need=
 to evaluate<br>
&gt; anything else.<br>
&gt; <br>
&gt; &#43;&nbsp; if (!CompareGuid( &amp;EvalEntry-&gt;Namespace, VendorGui=
d )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If the GUID matches, check to see whether there is a N=
ame associated<br>
&gt; <br>
&gt; &#43;&nbsp; // with the policy. If not, this policy matches the entir=
e namespace.<br>
&gt; <br>
&gt; &#43;&nbsp; // Missing Name is indicated by size being equal to name.=
<br>
&gt; <br>
&gt; &#43;&nbsp; if (EvalEntry-&gt;Size =3D=3D EvalEntry-&gt;OffsetToName)=
 {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CalculatedPriority =3D MATCH_PRIORITY_MIN;<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Result =3D TRUE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now that we know the name exists, get it.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyName =3D GET_POLICY_NAME( EvalEntry );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Evaluate the name against the policy name and check fo=
r a match.<br>
&gt; <br>
&gt; &#43;&nbsp; // Account for any wildcards.<br>
&gt; <br>
&gt; &#43;&nbsp; Index =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; Result =3D TRUE;<br>
&gt; <br>
&gt; &#43;&nbsp; // Keep going until the end of both strings.<br>
&gt; <br>
&gt; &#43;&nbsp; while (PolicyName[Index] !=3D CHAR_NULL || VariableName[I=
ndex] !=3D<br>
&gt; CHAR_NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // If we don't have a match...<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (PolicyName[Index] !=3D VariableName[Index=
] || PolicyName[Index] =3D=3D<br>
&gt; '#') {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // If this is a numerical wildcar=
d, we can consider<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // it a match if we alter the pri=
ority.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (PolicyName[Index] =3D=3D L'#'=
 &amp;&amp;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (L'0' &lt=
;=3D VariableName[Index] &amp;&amp; VariableName[Index] &lt;=3D L'9')) {<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (CalculatedPriorit=
y &lt; MATCH_PRIORITY_MIN) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Calculate=
dPriority&#43;&#43;;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Otherwise, not a match.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; else {<br>
2. [Dandan]: About the coding style, could we make the&quot; } &quot; and =
&quot;else {&quot; at the same line? Which is aligned with current edk2 sty=
le.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Result =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Index&#43;&#43;;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Exit:<br>
&gt; <br>
&gt; &#43;&nbsp; if (Result &amp;&amp; MatchPriority !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; *MatchPriority =3D CalculatedPriority;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; return Result;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function walks the current policy table and r=
eturns a pointer<br>
&gt; <br>
&gt; &#43;&nbsp; to the best match, if any are found. Leverages EvaluatePo=
licyMatch() to<br>
&gt; <br>
&gt; &#43;&nbsp; determine &quot;best&quot;.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VariableName&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VendorGuid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[out] ReturnPriority&nbsp;&nbsp;&nbsp;&nbsp; [Optio=
nal] If pointer is provided, return the<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; priority of the match=
. Same as EvaluatePolicyMatch().<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Only valid if a match=
 is returned.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY*&nb=
sp;&nbsp;&nbsp; Best match that was found.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; NULL&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; No match was found.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;VARIABLE_POLICY_ENTRY*<br>
&gt; <br>
&gt; &#43;GetBestPolicyMatch (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *VariableName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; UINT8&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *ReturnPriorit=
y&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp; *BestResult;<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp; *CurrentEntry;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchPriority;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CurrentPriority;<b=
r>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Index;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; BestResult =3D NULL;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Walk all entries in the table, looking for matches.<br=
>
&gt; <br>
&gt; &#43;&nbsp; CurrentEntry =3D (VARIABLE_POLICY_ENTRY*)mPolicyTable;<br=
>
&gt; <br>
&gt; &#43;&nbsp; for (Index =3D 0; Index &lt; mCurrentTableCount; Index&#4=
3;&#43;) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Check for a match.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (EvaluatePolicyMatch( CurrentEntry, Variab=
leName, VendorGuid,<br>
&gt; &amp;CurrentPriority )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // If match is better, take it.<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (BestResult =3D=3D NULL || Cur=
rentPriority &lt; MatchPriority) {<br>
<br>
3. [Dandan]: MatchPriority seems not be initialized but used here.<br>
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; BestResult =3D Curren=
tEntry;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchPriority =3D Cur=
rentPriority;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // If you've hit the highest-prio=
rity match, can exit now.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (MatchPriority =3D=3D 0) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; break;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // If we're still in the loop, move to the ne=
xt entry.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CurrentEntry =3D GET_NEXT_POLICY( CurrentEntr=
y );<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If a return priority was requested, return it.<br>
&gt; <br>
&gt; &#43;&nbsp; if (ReturnPriority !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; *ReturnPriority =3D MatchPriority;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return BestResult;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function validates and registers a new policy wi=
th<br>
&gt; <br>
&gt; &#43;&nbsp; the policy enforcement engine.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; NewPolicy&nbsp;&nbsp;&nbsp;&nbsp; Pointe=
r to the incoming policy structure.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; NewPolicy is NULL or is internally<br>
&gt; inconsistent.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp;&nbsp;&nbsp; An identical matching policy already<br>
&gt; exists.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp;&nbsp;&nbsp; The interface has been locked until<br>
&gt; the next reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_UNSUPPORTED&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Policy enforcement has been disabled=
.<br>
&gt; No reason to add more policies.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ABORTED&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A calculation er=
ror has prevented this<br>
&gt; function from completing.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_OUT_OF_RESOURCES&nbsp=
;&nbsp;&nbsp; Cannot grow the table to hold any<br>
&gt; more policies.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been i=
nitialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp; *NewPoli=
cy<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp;&nbsp; *MatchPolic=
y;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchP=
riority;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NewSize;<br=
>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *NewTa=
ble;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (mInterfaceLocked) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsValidVariablePolicyStructure( NewPolicy )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_INVALID_PARAMETER;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check to see whether an exact matching policy already =
exists.<br>
&gt; <br>
&gt; &#43;&nbsp; MatchPolicy =3D GetBestPolicyMatch( GET_POLICY_NAME( NewP=
olicy ),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;NewPolicy-&gt;Namespace,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;MatchPriority );<br>
&gt; <br>
&gt; &#43;&nbsp; if (MatchPolicy !=3D NULL &amp;&amp; MatchPriority =3D=3D=
 MATCH_PRIORITY_EXACT) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_ALREADY_STARTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If none exists, create it.<br>
&gt; <br>
&gt; &#43;&nbsp; // If we need more space, allocate that now.<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D SafeUint32Add( mCurrentTableUsage, NewPolicy-&=
gt;Size,<br>
&gt; &amp;NewSize );<br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_ABORTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (NewSize &gt; mCurrentTableSize) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Use NewSize to calculate the new table siz=
e in units of<br>
&gt; POLICY_TABLE_STEP_SIZE.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; NewSize =3D (NewSize % POLICY_TABLE_STEP_SIZE=
) &gt; 0 ?<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; (NewSize / POLICY_TABLE_STEP_SIZE) &#43; 1 :<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; (NewSize / POLICY_TABLE_STEP_SIZE);<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Calculate the new table size in absolute b=
ytes.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D SafeUint32Mult( NewSize, POLICY_TA=
BLE_STEP_SIZE,<br>
&gt; &amp;NewSize );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return EFI_ABORTED;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Reallocate and copy the table.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; NewTable =3D AllocatePool( NewSize );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (NewTable =3D=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; return EFI_OUT_OF_RESOURCES;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CopyMem( NewTable, mPolicyTable, mCurrentTabl=
eUsage );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableSize =3D NewSize;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (mPolicyTable !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FreePool( mPolicyTable );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mPolicyTable =3D NewTable;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; // Copy the policy into the table.<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( mPolicyTable &#43; mCurrentTableUsage, NewPolicy=
, NewPolicy-<br>
&gt; &gt;Size );<br>
&gt; <br>
&gt; &#43;&nbsp; mCurrentTableUsage &#43;=3D NewPolicy-&gt;Size;<br>
&gt; <br>
&gt; &#43;&nbsp; mCurrentTableCount &#43;=3D 1;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // We're done here.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function checks to see whether the parameters to=
 SetVariable<br>
&gt; would<br>
&gt; <br>
&gt; &#43;&nbsp; be allowed according to the current variable policies.<br=
>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VariableName&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VendorGuid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; Attributes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; DataSize&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; Data&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A matching polic=
y allows this update.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; There are curren=
tly no policies that restrict<br>
&gt; this update.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The protections =
have been disable until the<br>
&gt; next reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp;&nbsp;&nbsp; Variable is currently locked.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; Attributes or size are invalid.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ABORTED&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A lock policy ex=
ists, but an error prevented<br>
&gt; evaluation.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not been initi=
alized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ValidateSetVariable (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp; *VariableName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp; Attributes,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; DataSize,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp; *Data<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; BOOLEAN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IsDel;<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *ActivePolicy;<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus;<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_LOCK_ON_VAR_STATE_POLICY&nbsp;&nbsp; *StateVarPo=
licy;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *StateVarName;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVarSize;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVar;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; ReturnStatus =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Bail if the protections are currently disabled.<br>
&gt; <br>
&gt; &#43;&nbsp; if (mProtectionDisabled) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Determine whether this is a delete operation.<br>
&gt; <br>
&gt; &#43;&nbsp; // If so, it will affect which tests are applied.<br>
&gt; <br>
&gt; &#43;&nbsp; if ((DataSize =3D=3D 0) &amp;&amp; ((Attributes &amp; EFI=
_VARIABLE_APPEND_WRITE) =3D=3D 0))<br>
&gt; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; IsDel =3D TRUE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; else {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; IsDel =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Find an active policy if one exists.<br>
&gt; <br>
&gt; &#43;&nbsp; ActivePolicy =3D GetBestPolicyMatch( VariableName, Vendor=
Guid, NULL );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If we have an active policy, check it against the inco=
ming data.<br>
&gt; <br>
&gt; &#43;&nbsp; if (ActivePolicy !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Only enforce size and attribute constraint=
s when updating data, not<br>
&gt; deleting.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (!IsDel) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Check for size constraints.<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((ActivePolicy-&gt;MinSize &gt=
; 0 &amp;&amp; DataSize &lt; ActivePolicy-&gt;MinSize) ||<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (ActivePo=
licy-&gt;MaxSize &gt; 0 &amp;&amp; DataSize &gt; ActivePolicy-&gt;MaxSize))=
 {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_=
INVALID_PARAMETER;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DEBUG(( DEBUG_VERBOSE=
, &quot;%a - Bad Size. 0x%X &lt;&gt; 0x%X-0x%X\n&quot;,<br>
&gt; __FUNCTION__,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; DataSize, ActivePolicy-&gt;MinSize, ActivePolicy=
-&gt;MaxSize ));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Check for attribute constraint=
s.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if ((ActivePolicy-&gt;AttributesM=
ustHave &amp; Attributes) !=3D ActivePolicy-<br>
&gt; &gt;AttributesMustHave ||<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; (ActivePo=
licy-&gt;AttributesCantHave &amp; Attributes) !=3D 0) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_=
INVALID_PARAMETER;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DEBUG(( DEBUG_VERBOSE=
, &quot;%a - Bad Attributes. 0x%X &lt;&gt;<br>
&gt; 0x%X:0x%X\n&quot;, __FUNCTION__,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; Attributes, ActivePolicy-&gt;AttributesMustHave,=
 ActivePolicy-<br>
&gt; &gt;AttributesCantHave ));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Lock policy check.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Check for immediate lock.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (ActivePolicy-&gt;LockPolicyType =3D=3D VA=
RIABLE_POLICY_TYPE_LOCK_NOW)<br>
&gt; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_WRITE_PROTEC=
TED;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Check for lock on create.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; else if (ActivePolicy-&gt;LockPolicyType =3D=
=3D<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_CREATE) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVarSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Status =3D mGetVariableHelper( Va=
riableName,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VendorGui=
d,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;Stat=
eVarSize,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NULL );<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (Status =3D=3D EFI_BUFFER_TOO_=
SMALL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_=
WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Check for lock on state variable.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; else if (ActivePolicy-&gt;LockPolicyType =3D=
=3D<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVarPolicy =3D<br>
&gt; (VARIABLE_LOCK_ON_VAR_STATE_POLICY*)((UINT8*)ActivePolicy &#43;<br>
&gt; sizeof(VARIABLE_POLICY_ENTRY));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVarName =3D (CHAR16*)((UINT8=
*)StateVarPolicy &#43;<br>
&gt; sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateVarSize =3D sizeof(StateVar)=
;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Status =3D mGetVariableHelper( St=
ateVarName,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;Stat=
eVarPolicy-&gt;Namespace,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;Stat=
eVarSize,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &amp;Stat=
eVar );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // If the variable was found, che=
ck the state. If matched, this variable is<br>
&gt; locked.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (!EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; if (StateVar =3D=3D S=
tateVarPolicy-&gt;Value) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnSta=
tus =3D EFI_WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit=
;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // EFI_NOT_FOUND and EFI_BUFFER_T=
OO_SMALL indicate that the<br>
&gt; state doesn't match.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; else if (Status !=3D EFI_NOT_FOUN=
D &amp;&amp; Status !=3D<br>
&gt; EFI_BUFFER_TOO_SMALL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // We don't know what=
 happened, but it isn't good.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ReturnStatus =3D EFI_=
ABORTED;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; goto Exit;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Exit:<br>
&gt; <br>
&gt; &#43;&nbsp; DEBUG(( DEBUG_VERBOSE, &quot;%a - Variable (%g:%s) return=
ing %r.\n&quot;,<br>
&gt; __FUNCTION__, VendorGuid, VariableName, ReturnStatus ));<br>
&gt; <br>
&gt; &#43;&nbsp; return ReturnStatus;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function disables the variable policy enforcemen=
t. If it's<br>
&gt; <br>
&gt; &#43;&nbsp; already been called once, will return EFI_ALREADY_STARTED=
.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp; Has already been called once this boot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp; Interface has been locked until reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp; Interface option is disabled by platform<br>
&gt; PCD.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been initialized.<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DisableVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (mProtectionDisabled) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_ALREADY_STARTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (mInterfaceLocked) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (!PcdGetBool (PcdAllowVariablePolicyEnforcementDisable=
)) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; mProtectionDisabled =3D TRUE;<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function will dump the entire contents of the va=
riable policy table.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Similar to GetVariable, the first call can be made with a=
 0 size and it will<br>
&gt; return<br>
&gt; <br>
&gt; &#43;&nbsp; the size of the buffer required to hold the entire table.=
<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[out]&nbsp;&nbsp;&nbsp;&nbsp; Policy&nbsp; Pointer =
to the policy buffer. Can be NULL if Size is 0.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in,out]&nbsp; Size&nbsp;&nbsp;&nbsp; On input, the=
 size of the output buffer. On output,<br>
&gt; the size<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp; of the data returned.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Policy data is i=
n the output buffer and Size<br>
&gt; has been updated.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; Size is NULL, or Size is non-zero and<br>
&gt; Policy is NULL.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_BUFFER_TOO_SMALL&nbsp=
;&nbsp;&nbsp; Size is insufficient to hold policy. Size<br>
&gt; updated with required size.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been i=
nitialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DumpVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp; *Policy,<br>
&gt; <br>
&gt; &#43;&nbsp; IN OUT&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp; *Size<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check the parameters.<br>
&gt; <br>
&gt; &#43;&nbsp; if (Size =3D=3D NULL || (*Size &gt; 0 &amp;&amp; Policy =
=3D=3D NULL)) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_INVALID_PARAMETER;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure the size is sufficient to hold the policy ta=
ble.<br>
&gt; <br>
&gt; &#43;&nbsp; if (*Size &lt; mCurrentTableUsage) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; *Size =3D mCurrentTableUsage;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_BUFFER_TOO_SMALL;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // If we're still here, copy the table and bounce.<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( Policy, mPolicyTable, mCurrentTableUsage );<br>
&gt; <br>
&gt; &#43;&nbsp; *Size =3D mCurrentTableUsage;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function returns whether or not the policy engin=
e is<br>
&gt; <br>
&gt; &#43;&nbsp; currently being enforced.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyEnabled (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; return !mProtectionDisabled;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function locks the interface so that no more pol=
icy updates<br>
&gt; <br>
&gt; &#43;&nbsp; can be performed or changes made to the enforcement until=
 the next<br>
&gt; boot.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
 Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (mInterfaceLocked) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return EFI_WRITE_PROTECTED;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; mInterfaceLocked =3D TRUE;<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function returns whether or not the policy inter=
face is locked<br>
&gt; <br>
&gt; &#43;&nbsp; for the remainder of the boot.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyInterfaceLocked (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; if (!IsVariablePolicyLibInitialized()) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; return mInterfaceLocked;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function initializes the library and sets<br>
&gt; <br>
&gt; &#43;&nbsp; up any required internal structures or handlers.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Also registers the internal pointer for the GetVariable h=
elper.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; GetVariableHelper A function pointer mat=
ching the<br>
&gt; EFI_GET_VARIABLE prototype that will be used to<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; check policy criteria that involve t=
he existence of other variables.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp; The initialize function has been called<br>
&gt; more than once without a call to<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dei=
nitialize.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;InitVariablePolicyLib (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; EFI_GET_VARIABLE&nbsp;&nbsp;&nbsp; GetVariableHe=
lper<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;&nbsp; if (mGetVariableHelper !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_ALREADY_STARTED;<br>
<br>
4. [Dandan]: Could we return directly here?<br>
<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D VariablePolicyExtraInit();<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Save an internal pointer to the GetVariabl=
eHelper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mGetVariableHelper =3D GetVariableHelper;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; // Initialize the global state.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mInterfaceLocked =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mProtectionDisabled =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mPolicyTable =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableUsage =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableCount =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return Status;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function returns whether or not the library i=
s currently<br>
&gt; initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyLibInitialized (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; return (mGetVariableHelper !=3D NULL);<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function tears down&nbsp; the library.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Should generally only be used for test harnesses.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp; Deinitialize was called without first calling<br>
&gt; initialize.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DeinitVariablePolicyLib (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D EFI_SUCCESS;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (mGetVariableHelper =3D=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_NOT_READY;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D VariablePolicyExtraDeinit();<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (!EFI_ERROR( Status )) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mGetVariableHelper =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mInterfaceLocked =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mProtectionDisabled =3D FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableUsage =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; mCurrentTableCount =3D 0;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; if (mPolicyTable !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FreePool( mPolicyTable );<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; mPolicyTable =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return Status;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; diff --git<br>
&gt; a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.c<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.c<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..f133f2f30e36<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43;<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.c<br>
&gt; @@ -0,0 &#43;1,2436 @@<br>
&gt; &#43;/** @file -- VariablePolicyUnitTest.c<br>
&gt; <br>
&gt; &#43;UnitTest for...<br>
&gt; <br>
&gt; &#43;Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;stdio.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;string.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;stdarg.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;stddef.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;setjmp.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;cmocka.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Uefi.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/PrintLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/DebugLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/UnitTestLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/BaseMemoryLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/MemoryAllocationLib.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/BaseLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Guid/VariableFormat.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Protocol/VariablePolicy.h&gt;<br>
&gt; <br>
&gt; &#43;#include &lt;Library/VariablePolicyLib.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// MU_CHANGE - Turn this off for now. Try to turn it back on wit=
h extra<br>
&gt; build options.<br>
&gt; <br>
&gt; &#43;// #ifndef INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;// #error Make sure to build thie with INTERNAL_UNIT_TEST enable=
d!<br>
&gt; Otherwise, some important tests may be skipped!<br>
&gt; <br>
&gt; &#43;// #endif<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define UNIT_TEST_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
 &quot;UEFI Variable Policy UnitTest&quot;<br>
&gt; <br>
&gt; &#43;#define UNIT_TEST_VERSION&nbsp;&nbsp;&nbsp;&nbsp; &quot;0.5&quot=
;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D TEST DATA<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#pragma pack(push, 1)<br>
&gt; <br>
&gt; &#43;typedef struct _SIMPLE_VARIABLE_POLICY_ENTRY {<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp;&nbsp; Header;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Name[];<br>
&gt; <br>
&gt; &#43;} SIMPLE_VARIABLE_POLICY_ENTRY;<br>
&gt; <br>
&gt; &#43;#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH&nbsp; 100=
1<br>
&gt; // 1000 characters &#43; terminator.<br>
&gt; <br>
&gt; &#43;#define EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE<br>
&gt; (EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH *<br>
&gt; sizeof(CHAR16))<br>
&gt; <br>
&gt; &#43;typedef struct _EXPANDED_VARIABLE_POLICY_ENTRY {<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Header;<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_LOCK_ON_VAR_STATE_POLICY&nbsp;&nbsp; StatePolicy=
;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16<br>
&gt; StateName[EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH];<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16<br>
&gt; Name[EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_LENGTH];<br>
&gt; <br>
&gt; &#43;} EXPANDED_VARIABLE_POLICY_ENTRY;<br>
&gt; <br>
&gt; &#43;#pragma pack(pop)<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;// {F955BA2D-4A2C-480C-BFD1-3CC522610592}<br>
&gt; <br>
&gt; &#43;#define TEST_GUID_1 { 0xf955ba2d, 0x4a2c, 0x480c, { 0xbf, 0xd1, =
0x3c, 0xc5,<br>
&gt; 0x22, 0x61, 0x5, 0x92 } }<br>
&gt; <br>
&gt; &#43;EFI_GUID&nbsp;&nbsp;&nbsp; mTestGuid1 =3D TEST_GUID_1;<br>
&gt; <br>
&gt; &#43;// {2DEA799E-5E73-43B9-870E-C945CE82AF3A}<br>
&gt; <br>
&gt; &#43;#define TEST_GUID_2 { 0x2dea799e, 0x5e73, 0x43b9, { 0x87, 0xe, 0=
xc9, 0x45,<br>
&gt; 0xce, 0x82, 0xaf, 0x3a } }<br>
&gt; <br>
&gt; &#43;EFI_GUID&nbsp;&nbsp;&nbsp; mTestGuid2 =3D TEST_GUID_2;<br>
&gt; <br>
&gt; &#43;// {698A2BFD-A616-482D-B88C-7100BD6682A9}<br>
&gt; <br>
&gt; &#43;#define TEST_GUID_3 { 0x698a2bfd, 0xa616, 0x482d, { 0xb8, 0x8c, =
0x71, 0x0,<br>
&gt; 0xbd, 0x66, 0x82, 0xa9 } }<br>
&gt; <br>
&gt; &#43;EFI_GUID&nbsp;&nbsp;&nbsp; mTestGuid3 =3D TEST_GUID_3;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_VAR_1_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; L&quot;=
TestVar1&quot;<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_VAR_2_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; L&quot;=
TestVar2&quot;<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_VAR_3_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; L&quot;=
TestVar3&quot;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL&nbsp;&nbsp;&nbsp=
;&nbsp; 0<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp; 0<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp; MAX_UINT32<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp; 10<br>
&gt; <br>
&gt; &#43;#define&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp; 200<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#define TEST_300_HASHES_STRING<br>
&gt; L&quot;##################################################&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;##################################################&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;##################################################&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;##################################################&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;##################################################&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;##################################################&quot;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D HELPER FUNCTIONS<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Helper function to initialize a VARIABLE_POLICY_ENTRY str=
ucture with a<br>
&gt; Name and StateName.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Takes care of all the messy packing.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in,out]&nbsp; Entry<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Name&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [Optional]<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateName&nbsp;&=
nbsp; [Optional]<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;InitExpVarPolicyStrings (<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp; *Entry,<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *Name,&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *StateName&nbsp; OPTIONAL<=
br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp; NameSize;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp; StateNameSize;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; NameSize =3D Name =3D=3D NULL ? 0 : StrSize( Name );<br>
&gt; <br>
&gt; &#43;&nbsp; StateNameSize =3D StateName =3D=3D NULL ? 0 : StrSize( St=
ateName );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (NameSize &gt; EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME=
_SIZE ||<br>
&gt; NameSize &gt; MAX_UINT16 ||<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; StateNameSize &gt;<br>
&gt; EXPANDED_VARIABLE_POLICY_ENTRY_VAR_NAME_SIZE || StateNameSize &gt;<br=
>
&gt; MAX_UINT16) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; return FALSE;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Entry-&gt;Header.OffsetToName =3D sizeof(VARIABLE_POLICY_=
ENTRY);<br>
&gt; <br>
&gt; &#43;&nbsp; if (StateName !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Entry-&gt;Header.OffsetToName &#43;=3D<br>
&gt; (UINT16)sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) &#43;<br>
&gt; (UINT16)StateNameSize;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; Entry-&gt;Header.Size =3D Entry-&gt;Header.OffsetToName &=
#43; (UINT16)NameSize;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)Entry &#43; Entry-&gt;Header.OffsetToNam=
e, Name,<br>
&gt; NameSize );<br>
&gt; <br>
&gt; &#43;&nbsp; if (StateName !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CopyMem( (UINT8*)Entry &#43; sizeof(VARIABLE_=
POLICY_ENTRY) &#43;<br>
&gt; sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY), StateName,<br>
&gt; StateNameSize );<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return TRUE;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Mocked version of GetVariable, for testing.<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;StubGetVariableNull (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp;&nbsp;&nbsp;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp; *VariableName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp;&nbsp;&nbsp;&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp; *Attributes,&nbsp;&nbsp;&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; IN OUT UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; *DataSize,<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *Data&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MockedAttr;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MockedDataSize;=
<br>
&gt; <br>
&gt; &#43;&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *MockedDat=
a;<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; MockedReturn;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; check_expected_ptr( VariableName );<br>
&gt; <br>
&gt; &#43;&nbsp; check_expected_ptr( VendorGuid );<br>
&gt; <br>
&gt; &#43;&nbsp; check_expected_ptr( DataSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; MockedAttr =3D (UINT32)mock();<br>
&gt; <br>
&gt; &#43;&nbsp; MockedDataSize =3D (UINTN)mock();<br>
&gt; <br>
&gt; &#43;&nbsp; MockedData =3D (VOID*)mock();<br>
&gt; <br>
&gt; &#43;&nbsp; MockedReturn =3D (EFI_STATUS)mock();<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; if (Attributes !=3D NULL) {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; *Attributes =3D MockedAttr;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; if (Data !=3D NULL &amp;&amp; !EFI_ERROR(MockedReturn)) {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; CopyMem( Data, MockedData, MockedDataSize );<=
br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; *DataSize =3D MockedDataSize;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return MockedReturn;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;//<br>
&gt; <br>
&gt; &#43;// Anything you think might be helpful that isn't a test itself.=
<br>
&gt; <br>
&gt; &#43;//<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This is a common setup function that will ensure the libr=
ary is always<br>
&gt; initialized<br>
&gt; <br>
&gt; &#43;&nbsp; with the stubbed GetVariable.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Not used by all test cases, but by most.<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;LibInitMocked (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; return EFI_ERROR(InitVariablePolicyLib( StubGetVariableNu=
ll )) ?<br>
&gt; UNIT_TEST_ERROR_PREREQUISITE_NOT_MET : UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Common cleanup function to make sure that the library is =
always de-<br>
&gt; initialized prior<br>
&gt; <br>
&gt; &#43;&nbsp; to the next test case.<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;STATIC<br>
&gt; <br>
&gt; &#43;VOID<br>
&gt; <br>
&gt; &#43;LibCleanup (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; DeinitVariablePolicyLib();<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D TEST CASES<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D=3D=3D ARCHITECTURAL SUITE<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToInitAndDeinitTheLibrary (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D InitVariablePolicyLib( StubGetVariableNull );<=
br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( Status );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyLibInitialized() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D DeinitVariablePolicyLib();<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( Status );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyLibInitialized() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldNotBeAbleToInitializeTheLibraryTwice (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D InitVariablePolicyLib( StubGetVariableNull );<=
br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( Status );<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D InitVariablePolicyLib( StubGetVariableNull );<=
br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( Status ) );<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldFailDeinitWithoutInit (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D DeinitVariablePolicyLib();<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( Status ) );<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ApiCommandsShouldNotRespondIfLibIsUninitialized (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp; DummyData[8];<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp; DummyDataSize =3D sizeof(DummyDa=
ta);<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // This test should not start with an initialized library=
.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that all API commands fail.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );<b=
r>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy.He=
ader )<br>
&gt; ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( DumpVariablePolicy( DummyData,=
<br>
&gt; &amp;DummyDataSize ) ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( ValidateSetVariable( TEST_VAR_=
1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
VARIABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
sizeof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
DummyData ) ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D=3D=3D INTERNAL FUNCTION SUITE<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#ifdef INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EvaluatePolicyMatch (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp; *EvalEnt=
ry,<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *Variabl=
eName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; UINT8&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp; *MatchPriority&nbsp;&nbsp;&nbsp; OPTIONAL<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;PoliciesShouldMatchByNameAndGuid (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; MatchCheckPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r1Name =3D TEST_VAR_1_NAME;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r2Name =3D TEST_VAR_2_NAME;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that a different name does not match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckVar2Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that a different GUID does not match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid2, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the same name and GUID match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;WildcardPoliciesShouldMatchDigits (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; MatchCheckPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(L&quot;Wildcard#VarName##&quot;),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;Wildcard#VarName##&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r1Name =3D L&quot;Wildcard1VarName12&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r2Name =3D L&quot;Wildcard2VarName34&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
rBName =3D L&quot;WildcardBVarName56&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
rHName =3D L&quot;Wildcard#VarName56&quot;;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that two different sets of wildcard numbers =
match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar2Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the non-number charaters don't match.<b=
r>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckVarBName, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that '#' signs don't match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckVarHName, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;WildcardPoliciesShouldMatchDigitsAdvanced (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; MatchCheckPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_300_HASHES_STRING),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_300_HASHES_STRING<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckSh=
orterString =3D<br>
&gt; L&quot;01234567890123456789012345678901234567890123456789&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
lidString =3D<br>
&gt; L&quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckLo=
ngerString =3D<br>
&gt; L&quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;\<br>
&gt; <br>
&gt; &#43;<br>
&gt; &quot;01234567890123456789012345678901234567890123456789&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Mat=
chPriority;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the shorter and the longer do not match=
.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckShorterString, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy.Header,<br>
&gt; CheckLongerString, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the valid one matches and has the expec=
ted priority.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckValidString, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;WildcardPoliciesShouldMatchNamespaces (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; VARIABLE_POLICY_ENTRY&nbsp;&nbsp; MatchCheckPolicy =3D {<=
br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r1Name =3D L&quot;Wildcard1VarName12&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
r2Name =3D L&quot;Wildcard2VarName34&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
rBName =3D L&quot;WildcardBVarName56&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *CheckVa=
rHName =3D L&quot;Wildcard#VarName56&quot;;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that all names in the same namespace match.<=
br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y,<br>
&gt; CheckVar2Name, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y,<br>
&gt; CheckVarBName, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y,<br>
&gt; CheckVarHName, &amp;mTestGuid1, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that different namespace doesn't match.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( EvaluatePolicyMatch( &amp;MatchCheckPoli=
cy,<br>
&gt; CheckVar1Name, &amp;mTestGuid2, NULL ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;MatchPrioritiesShouldFollowRules (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; MatchCheckPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(L&quot;Wildcard1VarName12&quot;),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;Wildcard1VarName12&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CheckVar=
1Name[] =3D L&quot;Wildcard1VarName12&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchVar=
1Name[] =3D L&quot;Wildcard1VarName12&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchVar=
2Name[] =3D L&quot;Wildcard#VarName12&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchVar=
3Name[] =3D L&quot;Wildcard#VarName#2&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; MatchVar=
4Name[] =3D L&quot;Wildcard#VarName##&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Mat=
chPriority;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check with a perfect match.<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( &amp;MatchCheckPolicy.Name, MatchVar1Name,<br>
&gt; sizeof(MatchVar1Name) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, 0 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check with progressively lower priority matches.<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( &amp;MatchCheckPolicy.Name, MatchVar2Name,<br>
&gt; sizeof(MatchVar2Name) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, 1 );<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( &amp;MatchCheckPolicy.Name, MatchVar3Name,<br>
&gt; sizeof(MatchVar3Name) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, 2 );<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( &amp;MatchCheckPolicy.Name, MatchVar4Name,<br>
&gt; sizeof(MatchVar4Name) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, 3 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check against the entire namespace.<br>
&gt; <br>
&gt; &#43;&nbsp; MatchCheckPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_E=
NTRY);<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EvaluatePolicyMatch( &amp;MatchCheckPolic=
y.Header,<br>
&gt; CheckVar1Name, &amp;mTestGuid1, &amp;MatchPriority ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( MatchPriority, MAX_UINT8 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#endif // INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D POLICY MANIPULATION SUITE<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldAllowNamespaceWildcards (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldAllowStateVarsForNamespaces (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy, NULL,<br>
&gt; TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectNullPointers (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( NULL ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectBadRevisions (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Version =3D MAX_UINT32;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectBadSizes (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D sizeof(VARIABLE_POLICY_E=
NTRY) - 2;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectBadOffsets (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for an offset outside the size bounds.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D ValidationPolicy=
.Header.Size &#43; 1;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for an offset inside the policy header.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_=
POLICY_ENTRY)<br>
&gt; - 2;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for an offset inside the state policy header.<br=
>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D sizeof(VARIABLE_=
POLICY_ENTRY)<br>
&gt; &#43; 2;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check for a ridiculous offset.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D MAX_UINT16;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectMissingStateStrings (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Remove the state string and copy the Name into it's pl=
ace.<br>
&gt; <br>
&gt; &#43;&nbsp; // Also adjust the offset.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp; =3D sizeof(VARIABLE_POLICY_ENTRY) &#43;<br>
&gt; sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY) &#43;<br>
&gt; sizeof(TEST_VAR_1_NAME);<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName&nbsp; =3D sizeof(VAR=
IABLE_POLICY_ENTRY)<br>
&gt; &#43; sizeof(VARIABLE_LOCK_ON_VAR_STATE_POLICY);<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,<br>
&gt; sizeof(TEST_VAR_1_NAME) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that this structure fails.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectStringsMissingNull (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Removing the NULL from the Name should fail.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D ValidationPolicy.Header.=
Size -<br>
&gt; sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Removing the NULL from the State Name is a little tric=
kier.<br>
&gt; <br>
&gt; &#43;&nbsp; // Copy the Name up one byte.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D<br>
&gt; ValidationPolicy.Header.OffsetToName - sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,<br>
&gt; sizeof(TEST_VAR_1_NAME) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectMalformedStrings (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Bisecting the NULL from the Name should fail.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D ValidationPolicy.Header.=
Size - 1;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Bisecting the NULL from the State Name is a little tri=
ckier.<br>
&gt; <br>
&gt; &#43;&nbsp; // Copy the Name up one byte.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D<br>
&gt; ValidationPolicy.Header.OffsetToName - 1;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,<br>
&gt; sizeof(TEST_VAR_1_NAME) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectUnpackedPolicies (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Increase the size and move the Name out a bit.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D ValidationPolicy.Header.=
Size &#43;<br>
&gt; sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D<br>
&gt; ValidationPolicy.Header.OffsetToName &#43; sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,<br>
&gt; sizeof(TEST_VAR_1_NAME) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Reintialize without the state policy and try the same =
test.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.LockPolicyType =3D<br>
&gt; VARIABLE_POLICY_TYPE_NO_LOCK;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, NULL ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D ValidationPolicy.Header.=
Size &#43;<br>
&gt; sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.OffsetToName =3D<br>
&gt; ValidationPolicy.Header.OffsetToName &#43; sizeof(CHAR16);<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( (UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; ValidationPolicy.Header.OffsetToName, TEST_VAR_1_NAME,<br>
&gt; sizeof(TEST_VAR_1_NAME) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectInvalidNameCharacters (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; // EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationP=
olicy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION=
,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will b=
e populated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will b=
e populated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<b=
r>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<b=
r>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_V=
AR_STATE<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; 1,&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp; //&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; // };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Currently, there are no known invalid characters.<br>
&gt; <br>
&gt; &#43;&nbsp; // '#' in LockPolicy-&gt;Name are taken as literal.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectBadPolicyConstraints (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that invalid MAXes are rejected.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectUnknownLockPolicies (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.LockPolicyType =3D<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE &#43; 1;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.LockPolicyType =3D<br>
&gt; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE &#43; 1;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectPolicesWithTooManyWildcards (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_300_HASHES_STRING),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_300_HASHES_STRING<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // 300 Hashes is currently larger than the possible maxim=
um match priority.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( RegisterVariablePolicy( &amp;ValidationP=
olicy.Header ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterShouldRejectDuplicatePolicies (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_STATUS_EQUAL( RegisterVariablePolicy( &amp;ValidationPolicy=
.Head<br>
&gt; er ), EFI_ALREADY_STARTED );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;MinAndMaxSizePoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[TEST_=
POLICY_MAX_SIZE_200&#43;1];<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_MAX_SIZE_200&#43;1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that sizes outsize the target=
 range fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_MAX_SIZE_200&#43;1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that sizes outsize the target=
 range fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_MIN_SIZE_10-1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure a valid variable is still val=
id.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_MIN_SIZE_10&#43;1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;AttributeMustPoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_ATTRIBUTE_NV_BS_RT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that no attributes fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that some -- but not all -- a=
ttributes fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that all attributes pass.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS_RT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that all attributes -- plus s=
ome -- pass.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;AttributeCantPoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; EFI_VARIABLE_TIME_BASED_AUTHENTIC=
ATED_WRITE_ACCESS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that forbidden attributes fai=
l.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;<br>
&gt; EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that a mixture of attributes =
-- including the<br>
&gt; forbidden -- fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that attributes without the f=
orbidden pass.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS_RT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;VariablesShouldBeDeletableRegardlessOfSize (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; EFI_VARIABLE_TIME_BASED_AUTHENTIC=
ATED_WRITE_ACCESS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[TEST_=
POLICY_MAX_SIZE_200&#43;1];<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Create a policy enforcing a minimum variable size.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that a normal set would fail.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TES=
T_POLICY_MIN_SIZE_10-1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_INVALID_PARAMETE=
R );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now make sure that a delete would succeed.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,<=
br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; NUL=
L );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockNowPoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_NOW<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that writes immediately fail.=
<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockOnCreatePoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_CREA=
TE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ExpectedDataSiz=
e;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set consistent expectations on what the calls are look=
ing for.<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VariableName,<b=
r>
&gt; TEST_VAR_1_NAME, sizeof(TEST_VAR_1_NAME), 2 );<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VendorGuid, &am=
p;mTestGuid1,<br>
&gt; sizeof(mTestGuid1), 2 );<br>
&gt; <br>
&gt; &#43;&nbsp; ExpectedDataSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, DataSize,<br>
&gt; &amp;ExpectedDataSize, sizeof(ExpectedDataSize), 2 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that writes still work, since=
 the variable doesn't<br>
&gt; exist.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_FOUND );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that a call with an &quot;exi=
sting&quot; variable fails.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 10 );&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
 // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; //<br>
&gt; Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockOnStatePoliciesShouldBeHonored (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 20,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ValidationState=
Var;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ExpectedDataSiz=
e;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set consistent expectations on what the calls are look=
ing for.<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VariableName,<b=
r>
&gt; TEST_VAR_2_NAME, sizeof(TEST_VAR_2_NAME), 5 );<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VendorGuid, &am=
p;mTestGuid2,<br>
&gt; sizeof(mTestGuid2), 5 );<br>
&gt; <br>
&gt; &#43;&nbsp; ExpectedDataSize =3D 1;<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, DataSize,<br>
&gt; &amp;ExpectedDataSize, sizeof(ExpectedDataSize), 5 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that writes still work, since=
 the variable doesn't<br>
&gt; exist.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_FOUND );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that a state variable that's =
too large doesn't lock<br>
&gt; the variable.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 10 );&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
 // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; //<br>
&gt; Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, check a state variable with the wrong v=
alue.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationStateVar =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, sizeof(ValidationStateV=
ar) );&nbsp;&nbsp;&nbsp;&nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, &amp;ValidationStateVar=
 );&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Da=
taPtr<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_SUCCESS );&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, check a state variable with another wro=
ng value.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationStateVar =3D 10;<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, sizeof(ValidationStateV=
ar) );&nbsp;&nbsp;&nbsp;&nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, &amp;ValidationStateVar=
 );&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Da=
taPtr<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_SUCCESS );&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that a call with a correct st=
ate variable fails.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationStateVar =3D 20;<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, sizeof(ValidationStateV=
ar) );&nbsp;&nbsp;&nbsp;&nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, &amp;ValidationStateVar=
 );&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Da=
taPtr<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_SUCCESS );&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockOnStatePoliciesShouldApplyToNamespaces (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 20,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ValidationState=
Var;<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; ExpectedDataSiz=
e;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy, NULL,<br>
&gt; TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set consistent expectations on what the calls are look=
ing for.<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VariableName,<b=
r>
&gt; TEST_VAR_2_NAME, sizeof(TEST_VAR_2_NAME), 4 );<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, VendorGuid, &am=
p;mTestGuid2,<br>
&gt; sizeof(mTestGuid2), 4 );<br>
&gt; <br>
&gt; &#43;&nbsp; ExpectedDataSize =3D 1;<br>
&gt; <br>
&gt; &#43;&nbsp; expect_memory_count( StubGetVariableNull, DataSize,<br>
&gt; &amp;ExpectedDataSize, sizeof(ExpectedDataSize), 4 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that writes still work, since=
 the variable doesn't<br>
&gt; exist.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_FOUND );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_FOUND );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that a call with a correct st=
ate variable fails.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationStateVar =3D 20;<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, sizeof(ValidationStateV=
ar) );&nbsp;&nbsp;&nbsp;&nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, &amp;ValidationStateVar=
 );&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Da=
taPtr<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_SUCCESS );&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, sizeof(ValidationStateV=
ar) );&nbsp;&nbsp;&nbsp;&nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, &amp;ValidationStateVar=
 );&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Da=
taPtr<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_SUCCESS );&nbsp;&nb=
sp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_3_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockOnStateShouldHandleErrorsGracefully (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EXPANDED_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPoli=
cy =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0,&nbsp;&nbsp;&nbsp; // Will be p=
opulated by init helper.<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_LOCK_ON_VAR_=
STATE<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 20,&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Value<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // Padding<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[12];<=
br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( InitExpVarPolicyStrings( &amp;ValidationP=
olicy,<br>
&gt; TEST_VAR_1_NAME, TEST_VAR_2_NAME ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Without a policy, there should be no constraints on va=
riable creation.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Set a policy to test against.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Configure the stub to not care about parameters. We're=
 testing errors.<br>
&gt; <br>
&gt; &#43;&nbsp; expect_any_always( StubGetVariableNull, VariableName );<b=
r>
&gt; <br>
&gt; &#43;&nbsp; expect_any_always( StubGetVariableNull, VendorGuid );<br>
&gt; <br>
&gt; &#43;&nbsp; expect_any_always( StubGetVariableNull, DataSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // With a policy, make sure that writes still work, since=
 the variable doesn't<br>
&gt; exist.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_FOUND );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that state variables that are the wrong size wo=
n't lock the variable.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_BUFFER_TOO_SMALL );=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; //<br>
&gt; Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that unexpected errors default to locked.<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_UNSUPPORTED );&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, TEST_POLICY_ATTRIBUTES_=
NULL );&nbsp;&nbsp;&nbsp; //<br>
&gt; Attributes<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, 0 );&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; // Size<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, NULL );&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; // DataPt=
r<br>
&gt; <br>
&gt; &#43;&nbsp; will_return( StubGetVariableNull, EFI_NOT_READY );&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; // Status<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;BestMatchPriorityShouldBeObeyed (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; ValidationPolicy=
 =3D {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(L&quot;Wild12Card34Placeholder&quot;),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; L&quot;Wild12Card34Placeholder&quot;<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[70];<=
br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *PolicyName =3D (CHA=
R16*)((UINT8*)&amp;ValidationPolicy &#43;<br>
&gt; sizeof(VARIABLE_POLICY_ENTRY));<br>
&gt; <br>
&gt; &#43;&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; PolicyNameSize =
=
=3D sizeof(L&quot;Wild12Card34Placeholder&quot;);<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *FourWildcards =3D L=
&quot;Wild##Card##Placeholder&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *ThreeWildcards =3D =
L&quot;Wild##Card#4Placeholder&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *TwoWildcards =3D L&=
quot;Wild##Card34Placeholder&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *OneWildcard =3D L&q=
uot;Wild#2Card34Placeholder&quot;;<br>
&gt; <br>
&gt; &#43;&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *NoWildcards =3D L&q=
uot;Wild12Card34Placeholder&quot;;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Create all of the policies from least restrictive to m=
ost restrictive.<br>
&gt; <br>
&gt; &#43;&nbsp; // NoWildcards should be the most restrictive.<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 60;<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size =3D ValidationPolicy.Header.=
OffsetToName;<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.Size &#43;=3D (UINT16)PolicyNameS=
ize;<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 50;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( PolicyName, FourWildcards, PolicyNameSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 40;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( PolicyName, ThreeWildcards, PolicyNameSize );<br=
>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 30;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( PolicyName, TwoWildcards, PolicyNameSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 20;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( PolicyName, OneWildcard, PolicyNameSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;&nbsp; ValidationPolicy.Header.MaxSize =3D 10;<br>
&gt; <br>
&gt; &#43;&nbsp; CopyMem( PolicyName, NoWildcards, PolicyNameSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;ValidationPolic=
y.Hea<br>
&gt; der ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that variables only matching the namespace have=
 the most<br>
&gt; flexible policy.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;ArbitraryName=
&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 65,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;ArbitraryName=
&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 55,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that variables matching increasing characters g=
et increasing policy<br>
&gt; restrictions.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card77P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 55,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card77P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 45,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card74P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 45,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card74P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 35,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 35,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild77Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 25,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild72Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 25,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild72Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 15,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild12Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 15,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( PolicyCheck ) );<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( L&quot;Wild12Card34P=
laceholder&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; &amp;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; VARIABLE_ATTRIBUTE_BS_RT_AT,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; 5,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; DummyData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D POLICY UTILITY SUITE<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToLockInterface (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure it's not already locked.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Lock it.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that it's locked.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that all state-changing commands fail.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( LockVariablePolicy() ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );<b=
r>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_TRUE( EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy.He=
ader )<br>
&gt; ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToDisablePolicyEnforcement (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DummyData[TEST_=
POLICY_MIN_SIZE_10-1];<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently ena=
bled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Add a policy before it's disabled.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy.Head=
er ) );<br>
&gt; <br>
&gt; &#43;&nbsp; // Disable the policy enforcement.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently dis=
abled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Check to make sure that a policy violation still passe=
s.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D ValidateSetVariable( TEST_VAR_1_NAME,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &am=
p;mTestGuid1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VAR=
IABLE_ATTRIBUTE_NV_BS,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; siz=
eof(DummyData),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Dum=
myData );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldNotBeAbleToDisablePoliciesTwice (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently ena=
bled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Disable the policy enforcement.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently dis=
abled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Try to disable again and verify failure.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( EFI_ERROR( DisableVariablePolicy() ) );<b=
r>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToAddNewPoliciesAfterDisabled (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently ena=
bled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Disable the policy enforcement.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that new policy creation still works, it jus=
t won't be enforced.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D RegisterVariablePolicy( &amp;TestPolicy.H=
eader );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( PolicyCheck );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToLockAfterDisabled (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the policy enforcement is currently ena=
bled.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyEnabled() );<br>
&gt; <br>
&gt; &#43;&nbsp; // Disable the policy enforcement.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DisableVariablePolicy() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that we can lock in this state.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_FALSE( IsVariablePolicyInterfaceLocked() );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( LockVariablePolicy() );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_TRUE( IsVariablePolicyInterfaceLocked() );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToDumpThePolicyTable (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DumpSize;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; BufferSize;<br>
&gt; <br>
&gt; &#43;&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *DumpBuffe=
r;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // For good measure, test some parameter validation.<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, NULL ),=
<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D 10;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( DumpVariablePolicy( NULL, &amp;Du=
mpSize ),<br>
&gt; EFI_INVALID_PARAMETER );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now for the actual test case.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Allocate a buffer to hold the output.<br>
&gt; <br>
&gt; &#43;&nbsp; BufferSize =3D sizeof(VARIABLE_POLICY_ENTRY) &#43;<br>
&gt; sizeof(TEST_VAR_1_NAME);<br>
&gt; <br>
&gt; &#43;&nbsp; DumpBuffer =3D AllocatePool( BufferSize );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EQUAL( DumpBuffer, NULL );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Verify that the current table size is 0.<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D BufferSize;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,<=
br>
&gt; &amp;DumpSize ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( DumpSize, 0 );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now, set a new policy.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy.Head=
er ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that the new return is non-zero and fails as=
 expected.<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D 0;<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D DumpVariablePolicy( NULL, &amp;DumpSize )=
;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL=
 );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( DumpSize, BufferSize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now verify that we can fetch the dump.<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D BufferSize;<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,<=
br>
&gt; &amp;DumpSize ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_EQUAL( DumpSize, BufferSize );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_MEM_EQUAL( &amp;TestPolicy, DumpBuffer, BufferS=
ize );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Always put away your toys.<br>
&gt; <br>
&gt; &#43;&nbsp; FreePool( DumpBuffer );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; Test Case<br>
&gt; <br>
&gt; &#43;*/<br>
&gt; <br>
&gt; &#43;UNIT_TEST_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ShouldBeAbleToDumpThePolicyTableAfterDisabled (<br>
&gt; <br>
&gt; &#43;&nbsp; IN UNIT_TEST_CONTEXT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Contex=
t<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy =3D {=
<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_1_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_1,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_1_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; SIMPLE_VARIABLE_POLICY_ENTRY&nbsp;&nbsp; TestPolicy2 =3D =
{<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_ENTRY_REVISION,<b=
r>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY) &#4=
3; sizeof(TEST_VAR_2_NAME),<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; sizeof(VARIABLE_POLICY_ENTRY),<br=
>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_GUID_2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MIN_SIZE_10,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_MAX_SIZE_200,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; TEST_POLICY_ATTRIBUTES_NULL,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; VARIABLE_POLICY_TYPE_NO_LOCK<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; },<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; TEST_VAR_2_NAME<br>
&gt; <br>
&gt; &#43;&nbsp; };<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp; PolicyCheck;<br>
&gt; <br>
&gt; &#43;&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DumpSize;<br>
&gt; <br>
&gt; &#43;&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; *DumpBuffe=
r;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; DumpBuffer =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D 0;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Register a new policy.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy.Head=
er ) );<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that we can dump the policy.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &amp;Dump=
Size );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL=
 );<br>
&gt; <br>
&gt; &#43;&nbsp; DumpBuffer =3D AllocatePool( DumpSize );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,<=
br>
&gt; &amp;DumpSize ) );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_MEM_EQUAL( DumpBuffer, &amp;TestPolicy, DumpSiz=
e );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Clean up from this step.<br>
&gt; <br>
&gt; &#43;&nbsp; FreePool( DumpBuffer );<br>
&gt; <br>
&gt; &#43;&nbsp; DumpBuffer =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp; DumpSize =3D 0;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now disable the engine.<br>
&gt; <br>
&gt; &#43;&nbsp; DisableVariablePolicy();<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Now register a new policy and make sure that both can =
be dumped.<br>
&gt; <br>
&gt; &#43;<br>
&gt; UT_ASSERT_NOT_EFI_ERROR( RegisterVariablePolicy( &amp;TestPolicy2.Hea=
der )<br>
&gt; );<br>
&gt; <br>
&gt; &#43;&nbsp; // Make sure that we can dump the policy.<br>
&gt; <br>
&gt; &#43;&nbsp; PolicyCheck =3D DumpVariablePolicy( DumpBuffer, &amp;Dump=
Size );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_STATUS_EQUAL( PolicyCheck, EFI_BUFFER_TOO_SMALL=
 );<br>
&gt; <br>
&gt; &#43;&nbsp; DumpBuffer =3D AllocatePool( DumpSize );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_NOT_EFI_ERROR( DumpVariablePolicy( DumpBuffer,<=
br>
&gt; &amp;DumpSize ) );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Finally, make sure that both policies are in the dump.=
<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_MEM_EQUAL( DumpBuffer, &amp;TestPolicy,<br>
&gt; TestPolicy.Header.Size );<br>
&gt; <br>
&gt; &#43;&nbsp; UT_ASSERT_MEM_EQUAL( (UINT8*)DumpBuffer &#43; TestPolicy.=
Header.Size,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
&amp;TestPolicy2,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =
TestPolicy2.Header.Size );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; // Always put away your toys.<br>
&gt; <br>
&gt; &#43;&nbsp; FreePool( DumpBuffer );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return UNIT_TEST_PASSED;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;///=3D=3D=3D TEST ENGINE<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br>
&gt; =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D<br=
>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; SampleUnitTestApp<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in] ImageHandle&nbsp; The firmware allocated handl=
e for the EFI image.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in] SystemTable&nbsp; A pointer to the EFI System =
Table.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval EFI_SUCCESS&nbsp;&nbsp;&nbsp;&nbsp; The entry poi=
nt executed successfully.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval other&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp; Some error occured when executing this entry point.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;int<br>
&gt; <br>
&gt; &#43;main (<br>
&gt; <br>
&gt; &#43;&nbsp; )<br>
&gt; <br>
&gt; &#43;{<br>
&gt; <br>
&gt; &#43;&nbsp; EFI_STATUS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Status;<br>
&gt; <br>
&gt; &#43;&nbsp; UNIT_TEST_FRAMEWORK_HANDLE&nbsp; Framework =3D NULL;<br>
&gt; <br>
&gt; &#43;&nbsp; UNIT_TEST_SUITE_HANDLE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Arch=
Tests;<br>
&gt; <br>
&gt; &#43;&nbsp; UNIT_TEST_SUITE_HANDLE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Poli=
cyTests;<br>
&gt; <br>
&gt; &#43;&nbsp; UNIT_TEST_SUITE_HANDLE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Util=
ityTests;<br>
&gt; <br>
&gt; &#43;#ifdef INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;&nbsp; UNIT_TEST_SUITE_HANDLE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Inte=
rnalTests;<br>
&gt; <br>
&gt; &#43;#endif // INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; DEBUG(( DEBUG_INFO, &quot;%a v%a\n&quot;, UNIT_TEST_NAME,=
<br>
&gt; UNIT_TEST_VERSION ));<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; // Start setting up the test framework for running the te=
sts.<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D InitUnitTestFramework( &amp;Framework, UNIT_TE=
ST_NAME,<br>
&gt; gEfiCallerBaseName, UNIT_TEST_VERSION );<br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status ))<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; DEBUG((DEBUG_ERROR, &quot;Failed in InitUnitT=
estFramework. Status =3D %r\n&quot;,<br>
&gt; Status));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto EXIT;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; // Add all test suites and tests.<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D CreateUnitTestSuite( &amp;ArchTests, Framework=
, &quot;Variable Policy<br>
&gt; Architectural Tests&quot;, &quot;VarPolicy.Arch&quot;, NULL, NULL );<=
br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status ))<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; DEBUG((DEBUG_ERROR, &quot;Failed in CreateUni=
tTestSuite for<br>
&gt; ArchTests\n&quot;));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_OUT_OF_RESOURCES;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto EXIT;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( ArchTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Deinitialization should fail if not previo=
usly initialized&quot;,<br>
&gt; &quot;VarPolicy.Arch.OnlyDeinit&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldFailDeinitWithoutInit, NULL, NULL, NULL );=
<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( ArchTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Initialization followed by deinitializatio=
n should succeed&quot;,<br>
&gt; &quot;VarPolicy.Arch.InitDeinit&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToInitAndDeinitTheLibrary, NULL, NUL=
L, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( ArchTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;The initialization function fail if called=
 twice without a deinit&quot;,<br>
&gt; &quot;VarPolicy.Arch.InitTwice&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldNotBeAbleToInitializeTheLibraryTwice, NULL=
, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( ArchTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;API functions should be unavailable until =
library is initialized&quot;,<br>
&gt; &quot;VarPolicy.Arch.UninitApiOff&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ApiCommandsShouldNotRespondIfLibIsUninitialized,=
 NULL,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#ifdef INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D CreateUnitTestSuite( &amp;InternalTests, Frame=
work, &quot;Variable Policy<br>
&gt; Internal Tests&quot;, &quot;VarPolicy.Internal&quot;, NULL, NULL );<b=
r>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status ))<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; DEBUG((DEBUG_ERROR, &quot;Failed in CreateUni=
tTestSuite for<br>
&gt; InternalTests\n&quot;));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_OUT_OF_RESOURCES;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto EXIT;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( InternalTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Policy matching should use name and GUID&q=
uot;,<br>
&gt; &quot;VarPolicy.Internal.NameGuid&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; PoliciesShouldMatchByNameAndGuid, LibInitMocked,=
 LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( InternalTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;# sign wildcards should match digits&quot;=
,<br>
&gt; &quot;VarPolicy.Internal.WildDigits&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; WildcardPoliciesShouldMatchDigits, LibInitMocked=
, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( InternalTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Digit wildcards should check edge cases&qu=
ot;,<br>
&gt; &quot;VarPolicy.Internal.WildDigitsAdvanced&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; WildcardPoliciesShouldMatchDigitsAdvanced, LibIn=
itMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( InternalTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Empty names should match an entire namespa=
ce&quot;,<br>
&gt; &quot;VarPolicy.Internal.WildNamespace&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; WildcardPoliciesShouldMatchNamespaces, LibInitMo=
cked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( InternalTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Match priority should weight correctly bas=
ed on wildcards&quot;,<br>
&gt; &quot;VarPolicy.Internal.Priorities&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; MatchPrioritiesShouldFollowRules, LibInitMocked,=
 LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;#endif // INTERNAL_UNIT_TEST<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D CreateUnitTestSuite( &amp;PolicyTests, Framewo=
rk, &quot;Variable Policy<br>
&gt; Manipulation Tests&quot;, &quot;VarPolicy.Policy&quot;, NULL, NULL );=
<br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status ))<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; DEBUG((DEBUG_ERROR, &quot;Failed in CreateUni=
tTestSuite for<br>
&gt; PolicyTests\n&quot;));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_OUT_OF_RESOURCES;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto EXIT;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldAllowNamespaceWildcards&quot=
;,<br>
&gt; &quot;VarPolicy.Policy.AllowNamespace&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldAllowNamespaceWildcards, LibInitMo=
cked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldAllowStateVarsForNamespaces&=
quot;,<br>
&gt; &quot;VarPolicy.Policy.AllowStateNamespace&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldAllowStateVarsForNamespaces, LibIn=
itMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectNullPointers&quot;, &q=
uot;VarPolicy.Policy.NullPointers&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectNullPointers, LibInitMocked,=
 LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectBadRevisions&quot;,<br=
>
&gt; &quot;VarPolicy.Policy.BadRevisions&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectBadRevisions, LibInitMocked,=
 LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectBadSizes&quot;, &quot;=
VarPolicy.Policy.BadSizes&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectBadSizes, LibInitMocked, Lib=
Cleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectBadOffsets&quot;, &quo=
t;VarPolicy.Policy.BadOffsets&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectBadOffsets, LibInitMocked, L=
ibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectMissingStateStrings&qu=
ot;,<br>
&gt; &quot;VarPolicy.Policy.MissingStateString&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectMissingStateStrings, LibInit=
Mocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectStringsMissingNull&quo=
t;,<br>
&gt; &quot;VarPolicy.Policy.MissingNull&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectStringsMissingNull, LibInitM=
ocked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectMalformedStrings&quot;=
,<br>
&gt; &quot;VarPolicy.Policy.MalformedStrings&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectMalformedStrings, LibInitMoc=
ked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectUnpackedPolicies&quot;=
,<br>
&gt; &quot;VarPolicy.Policy.PolicyPacking&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectUnpackedPolicies, LibInitMoc=
ked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectInvalidNameCharacters&=
quot;,<br>
&gt; &quot;VarPolicy.Policy.InvalidCharacters&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectInvalidNameCharacters, LibIn=
itMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectBadPolicyConstraints&q=
uot;,<br>
&gt; &quot;VarPolicy.Policy.BadConstraints&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectBadPolicyConstraints, LibIni=
tMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectUnknownLockPolicies&qu=
ot;,<br>
&gt; &quot;VarPolicy.Policy.BadLocks&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectUnknownLockPolicies, LibInit=
Mocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectPolicesWithTooManyWild=
cards&quot;,<br>
&gt; &quot;VarPolicy.Policy.TooManyWildcards&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectPolicesWithTooManyWildcards,=
 LibInitMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;RegisterShouldRejectDuplicatePolicies&quot=
;,<br>
&gt; &quot;VarPolicy.Policy.DuplicatePolicies&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; RegisterShouldRejectDuplicatePolicies, LibInitMo=
cked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Variables that exceed min or max sizes sho=
uld be rejected&quot;,<br>
&gt; &quot;VarPolicy.Policy.MinMax&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; MinAndMaxSizePoliciesShouldBeHonored, LibInitMoc=
ked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;AttributeMustPoliciesShouldBeHonored&quot;=
,<br>
&gt; &quot;VarPolicy.Policy.AttrMust&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; AttributeMustPoliciesShouldBeHonored, LibInitMoc=
ked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;AttributeCantPoliciesShouldBeHonored&quot;=
,<br>
&gt; &quot;VarPolicy.Policy.AttrCant&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; AttributeCantPoliciesShouldBeHonored, LibInitMoc=
ked, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;VariablesShouldBeDeletableRegardlessOfSize=
&quot;,<br>
&gt; &quot;VarPolicy.Policy.DeleteIgnoreSize&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; VariablesShouldBeDeletableRegardlessOfSize, LibI=
nitMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;LockNowPoliciesShouldBeHonored&quot;,<br>
&gt; &quot;VarPolicy.Policy.VARIABLE_POLICY_TYPE_LOCK_NOW&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; LockNowPoliciesShouldBeHonored, LibInitMocked, L=
ibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;LockOnCreatePoliciesShouldBeHonored&quot;,=
<br>
&gt; &quot;VarPolicy.Policy.VARIABLE_POLICY_TYPE_LOCK_ON_CREATE&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; LockOnCreatePoliciesShouldBeHonored, LibInitMock=
ed, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;LockOnStatePoliciesShouldBeHonored&quot;,<=
br>
&gt; &quot;VarPolicy.Policy.LockState&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; LockOnStatePoliciesShouldBeHonored, LibInitMocke=
d, LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;LockOnStatePoliciesShouldApplyToNamespaces=
&quot;,<br>
&gt; &quot;VarPolicy.Policy.NamespaceLockState&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; LockOnStatePoliciesShouldApplyToNamespaces, LibI=
nitMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;LockOnStateShouldHandleErrorsGracefully&qu=
ot;,<br>
&gt; &quot;VarPolicy.Policy.LockStateErrors&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; LockOnStateShouldHandleErrorsGracefully, LibInit=
Mocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( PolicyTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;BestMatchPriorityShouldBeObeyed&quot;, &qu=
ot;VarPolicy.Policy.BestMatch&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; BestMatchPriorityShouldBeObeyed, LibInitMocked, =
LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D CreateUnitTestSuite( &amp;UtilityTests, Framew=
ork, &quot;Variable Policy<br>
&gt; Utility Tests&quot;, &quot;VarPolicy.Utility&quot;, NULL, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; if (EFI_ERROR( Status ))<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; DEBUG((DEBUG_ERROR, &quot;Failed in CreateUni=
tTestSuite for<br>
&gt; UtilityTests\n&quot;));<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; Status =3D EFI_OUT_OF_RESOURCES;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; goto EXIT;<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;API commands that change state should not =
respond after<br>
&gt; interface is locked&quot;, &quot;VarPolicy.Utility.InterfaceLock&quot=
;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToLockInterface, LibInitMocked, LibC=
leanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;All policies should pass once enforcement =
is disabled&quot;,<br>
&gt; &quot;VarPolicy.Utility.DisableEnforcement&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToDisablePolicyEnforcement, LibInitM=
ocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Disabling enforcement twice should produce=
 an error&quot;,<br>
&gt; &quot;VarPolicy.Utility.DisableEnforcementTwice&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldNotBeAbleToDisablePoliciesTwice, LibInitMo=
cked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;ShouldBeAbleToAddNewPoliciesAfterDisabled&=
quot;,<br>
&gt; &quot;VarPolicy.Utility.AddAfterDisable&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToAddNewPoliciesAfterDisabled, LibIn=
itMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;ShouldBeAbleToLockAfterDisabled&quot;,<br>
&gt; &quot;VarPolicy.Utility.LockAfterDisable&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToLockAfterDisabled, LibInitMocked, =
LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;Should be able to dump the policy table&qu=
ot;,<br>
&gt; &quot;VarPolicy.Utility.DumpTable&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToDumpThePolicyTable, LibInitMocked,=
 LibCleanup,<br>
&gt; NULL );<br>
&gt; <br>
&gt; &#43;&nbsp; AddTestCase( UtilityTests,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; &quot;ShouldBeAbleToDumpThePolicyTableAfterDisab=
led&quot;,<br>
&gt; &quot;VarPolicy.Utility.DumpTableAfterDisable&quot;,<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp; ShouldBeAbleToDumpThePolicyTableAfterDisabled, L=
ibInitMocked,<br>
&gt; LibCleanup, NULL );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; // Execute the tests.<br>
&gt; <br>
&gt; &#43;&nbsp; //<br>
&gt; <br>
&gt; &#43;&nbsp; Status =3D RunAllTestSuites( Framework );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;EXIT:<br>
&gt; <br>
&gt; &#43;&nbsp; if (Framework !=3D NULL)<br>
&gt; <br>
&gt; &#43;&nbsp; {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; FreeUnitTestFramework( Framework );<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; return Status;<br>
&gt; <br>
&gt; &#43;}<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/Include/Library/VariablePolicyLib.h<br>
&gt; b/MdeModulePkg/Include/Library/VariablePolicyLib.h<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..efd1840112ec<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/Include/Library/VariablePolicyLib.h<br=
>
&gt; @@ -0,0 &#43;1,207 @@<br>
&gt; &#43;/** @file -- VariablePolicyLib.h<br>
&gt; <br>
&gt; &#43;Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#ifndef _VARIABLE_POLICY_LIB_H_<br>
&gt; <br>
&gt; &#43;#define _VARIABLE_POLICY_LIB_H_<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#include &lt;Protocol/VariablePolicy.h&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function validates and registers a new policy wi=
th<br>
&gt; <br>
&gt; &#43;&nbsp; the policy enforcement engine.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; NewPolicy&nbsp;&nbsp;&nbsp;&nbsp; Pointe=
r to the incoming policy structure.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; NewPolicy is NULL or is internally<br>
&gt; inconsistent.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp;&nbsp;&nbsp; An identical matching policy already<br>
&gt; exists.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp;&nbsp;&nbsp; The interface has been locked until<br>
&gt; the next reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_UNSUPPORTED&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Policy enforcement has been disabled=
.<br>
&gt; No reason to add more policies.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ABORTED&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A calculation er=
ror has prevented this<br>
&gt; function from completing.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_OUT_OF_RESOURCES&nbsp=
;&nbsp;&nbsp; Cannot grow the table to hold any<br>
&gt; more policies.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been i=
nitialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;RegisterVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; IN CONST VARIABLE_POLICY_ENTRY&nbsp;&nbsp;&nbsp; *NewPoli=
cy<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function checks to see whether the parameters to=
 SetVariable<br>
&gt; would<br>
&gt; <br>
&gt; &#43;&nbsp; be allowed according to the current variable policies.<br=
>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VariableName&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; VendorGuid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; Attributes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; DataSize&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; Data&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Same as EFI_SET_VARIABLE.<=
br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A matching polic=
y allows this update.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; There are curren=
tly no policies that restrict<br>
&gt; this update.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; The protections =
have been disable until the<br>
&gt; next reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp;&nbsp;&nbsp; Variable is currently locked.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; Attributes or size are invalid.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ABORTED&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; A lock policy ex=
ists, but an error prevented<br>
&gt; evaluation.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not been initi=
alized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;ValidateSetVariable (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; CHAR16&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp; *VariableName,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; EFI_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp; *VendorGuid,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp;&nbsp;&nbsp; Attributes,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; UINTN&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; DataSize,<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; VOID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp=
;&nbsp;&nbsp;&nbsp;&nbsp; *Data<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function disables the variable policy enforcemen=
t. If it's<br>
&gt; <br>
&gt; &#43;&nbsp; already been called once, will return EFI_ALREADY_STARTED=
.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp; Has already been called once this boot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp; Interface has been locked until reboot.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_WRITE_PROTECTED&nbsp;=
&nbsp; Interface option is disabled by platform<br>
&gt; PCD.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
 Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DisableVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function will dump the entire contents of the va=
riable policy table.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Similar to GetVariable, the first call can be made with a=
 0 size and it will<br>
&gt; return<br>
&gt; <br>
&gt; &#43;&nbsp; the size of the buffer required to hold the entire table.=
<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[out]&nbsp;&nbsp;&nbsp;&nbsp; Policy&nbsp; Pointer =
to the policy buffer. Can be NULL if Size is 0.<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in,out]&nbsp; Size&nbsp;&nbsp;&nbsp; On input, the=
 size of the output buffer. On output,<br>
&gt; the size<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp; of the data returned.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Policy data is i=
n the output buffer and Size<br>
&gt; has been updated.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_INVALID_PARAMETER&nbs=
p;&nbsp; Size is NULL, or Size is non-zero and<br>
&gt; Policy is NULL.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_BUFFER_TOO_SMALL&nbsp=
;&nbsp;&nbsp; Size is insufficient to hold policy. Size<br>
&gt; updated with required size.<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been i=
nitialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DumpVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; OUT&nbsp;&nbsp;&nbsp;&nbsp; UINT8&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp; *Policy,<br>
&gt; <br>
&gt; &#43;&nbsp; IN OUT&nbsp; UINT32&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n=
bsp; *Size<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function returns whether or not the policy engin=
e is<br>
&gt; <br>
&gt; &#43;&nbsp; currently being enforced.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyEnabled (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function locks the interface so that no more pol=
icy updates<br>
&gt; <br>
&gt; &#43;&nbsp; can be performed or changes made to the enforcement until=
 the next<br>
&gt; boot.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
 Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;LockVariablePolicy (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This API function returns whether or not the policy inter=
face is locked<br>
&gt; <br>
&gt; &#43;&nbsp; for the remainder of the boot.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE&nbsp;&nbsp;&nbsp;&n=
bsp;&nbsp;&nbsp;&nbsp;&nbsp; Library has not yet been initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyInterfaceLocked (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function initializes the library and sets<br>
&gt; <br>
&gt; &#43;&nbsp; up any required internal structures or handlers.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Also registers the internal pointer for the GetVariable h=
elper.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @param[in]&nbsp; GetVariableHelper A function pointer mat=
ching the<br>
&gt; EFI_GET_VARIABLE prototype that will be used to<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; check policy criteria that involve t=
he existence of other variables.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_ALREADY_STARTED&nbsp;=
&nbsp; The initialize function has been called<br>
&gt; more than once without a call to<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; dei=
nitialize.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;InitVariablePolicyLib (<br>
&gt; <br>
&gt; &#43;&nbsp; IN&nbsp; EFI_GET_VARIABLE&nbsp;&nbsp;&nbsp; GetVariableHe=
lper<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function returns whether or not the library i=
s currently<br>
&gt; initialized.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; FALSE<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;BOOLEAN<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;IsVariablePolicyLibInitialized (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;/**<br>
&gt; <br>
&gt; &#43;&nbsp; This helper function tears down&nbsp; the library.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; Should generally only be used for test harnesses.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_SUCCESS<br>
&gt; <br>
&gt; &#43;&nbsp; @retval&nbsp;&nbsp;&nbsp;&nbsp; EFI_NOT_READY&nbsp;&nbsp;=
&nbsp;&nbsp; Deinitialize was called without first calling<br>
&gt; initialize.<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;**/<br>
&gt; <br>
&gt; &#43;EFI_STATUS<br>
&gt; <br>
&gt; &#43;EFIAPI<br>
&gt; <br>
&gt; &#43;DeinitVariablePolicyLib (<br>
&gt; <br>
&gt; &#43;&nbsp; VOID<br>
&gt; <br>
&gt; &#43;&nbsp; );<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#endif // _VARIABLE_POLICY_LIB_H_<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib=
.inf<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..f4a879d5382f<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLib.inf<br>
&gt; @@ -0,0 &#43;1,44 @@<br>
&gt; &#43;## @file VariablePolicyLib.inf<br>
&gt; <br>
&gt; &#43;# Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;##<br>
&gt; <br>
&gt; &#43;# Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;# SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;##<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Defines]<br>
&gt; <br>
&gt; &#43;&nbsp; INF_VERSION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; =3D 0x00010017<br>
&gt; <br>
&gt; &#43;&nbsp; BASE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; =3D VariablePolicyLib<br>
&gt; <br>
&gt; &#43;&nbsp; FILE_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; =3D E9ECD342-159A-4F24-9FDF-65724027C594<br>
&gt; <br>
&gt; &#43;&nbsp; VERSION_STRING&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D 1.0<br>
&gt; <br>
&gt; &#43;&nbsp; MODULE_TYPE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; =3D DXE_DRIVER<br>
&gt; <br>
&gt; &#43;&nbsp; LIBRARY_CLASS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D Var=
iablePolicyLib|DXE_DRIVER DXE_SMM_DRIVER<br>
&gt; MM_STANDALONE<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;# The following information is for reference only and not requir=
ed by the<br>
&gt; build tools.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;#&nbsp; VALID_ARCHITECTURES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; =3D ANY<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Sources]<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyLib.c<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyExtraInitNull.c<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Packages]<br>
&gt; <br>
&gt; &#43;&nbsp; MdePkg/MdePkg.dec<br>
&gt; <br>
&gt; &#43;&nbsp; MdeModulePkg/MdeModulePkg.dec<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[LibraryClasses]<br>
&gt; <br>
&gt; &#43;&nbsp; DebugLib<br>
&gt; <br>
&gt; &#43;&nbsp; BaseMemoryLib<br>
&gt; <br>
&gt; &#43;&nbsp; MemoryAllocationLib<br>
&gt; <br>
&gt; &#43;&nbsp; SafeIntLib<br>
&gt; <br>
&gt; &#43;&nbsp; PcdLib<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Pcd]<br>
&gt; <br>
&gt; &#43;<br>
&gt; gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis<b=
r>
&gt; able&nbsp;&nbsp;&nbsp;&nbsp; ## CONSUMES<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib=
.uni<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.uni<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..2227ec427828<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLib.uni<br>
&gt; @@ -0,0 &#43;1,12 @@<br>
&gt; &#43;// /** @file<br>
&gt; <br>
&gt; &#43;// VariablePolicyLib.uni<br>
&gt; <br>
&gt; &#43;//<br>
&gt; <br>
&gt; &#43;// Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;// SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;//<br>
&gt; <br>
&gt; &#43;// **/<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#string STR_MODULE_ABSTRACT&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; #language en-US &quot;Library containin=
g<br>
&gt; the business logic for the VariablePolicy engine&quot;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#string STR_MODULE_DESCRIPTION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp; #language en-US &quot;Library<br>
&gt; containing the business logic for the VariablePolicy engine&quot;<br>
&gt; <br>
&gt; diff --git<br>
&gt; a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.=
in<br>
&gt; f<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.=
in<br>
&gt; f<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..8b8365741864<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43;<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.=
in<br>
&gt; f<br>
&gt; @@ -0,0 &#43;1,51 @@<br>
&gt; &#43;## @file VariablePolicyLibRuntimeDxe.inf<br>
&gt; <br>
&gt; &#43;# Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;# This instance is specifically for RuntimeDxe and contains<br>
&gt; <br>
&gt; &#43;# extra routines to register for VirtualAddressChangeEvents.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;# Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;# SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;##<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Defines]<br>
&gt; <br>
&gt; &#43;&nbsp; INF_VERSION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; =3D 0x00010017<br>
&gt; <br>
&gt; &#43;&nbsp; BASE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; =3D VariablePolicyLibRuntimeDxe<br>
&gt; <br>
&gt; &#43;&nbsp; FILE_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp; =3D 205F7F0E-8EAC-4914-8390-1B90DD7E2A27<br>
&gt; <br>
&gt; &#43;&nbsp; VERSION_STRING&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D 1.0<br>
&gt; <br>
&gt; &#43;&nbsp; MODULE_TYPE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p; =3D DXE_RUNTIME_DRIVER<br>
&gt; <br>
&gt; &#43;&nbsp; LIBRARY_CLASS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D Var=
iablePolicyLib|DXE_RUNTIME_DRIVER<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;# The following information is for reference only and not requir=
ed by the<br>
&gt; build tools.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;#&nbsp; VALID_ARCHITECTURES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; =3D ANY<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Sources]<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyLib.c<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyExtraInitRuntimeDxe.c<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Packages]<br>
&gt; <br>
&gt; &#43;&nbsp; MdePkg/MdePkg.dec<br>
&gt; <br>
&gt; &#43;&nbsp; MdeModulePkg/MdeModulePkg.dec<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[LibraryClasses]<br>
&gt; <br>
&gt; &#43;&nbsp; DebugLib<br>
&gt; <br>
&gt; &#43;&nbsp; BaseMemoryLib<br>
&gt; <br>
&gt; &#43;&nbsp; MemoryAllocationLib<br>
&gt; <br>
&gt; &#43;&nbsp; SafeIntLib<br>
&gt; <br>
&gt; &#43;&nbsp; UefiBootServicesTableLib<br>
&gt; <br>
&gt; &#43;&nbsp; UefiRuntimeServicesTableLib<br>
&gt; <br>
&gt; &#43;&nbsp; PcdLib<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Pcd]<br>
&gt; <br>
&gt; &#43;<br>
&gt; gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis<b=
r>
&gt; able&nbsp;&nbsp;&nbsp;&nbsp; ## CONSUMES<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Guids]<br>
&gt; <br>
&gt; &#43;&nbsp; gEfiEventVirtualAddressChangeGuid<br>
&gt; <br>
&gt; diff --git<br>
&gt; a/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.inf<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.inf<br>
&gt; new file mode 100644<br>
&gt; index 000000000000..ccc04bb600d6<br>
&gt; --- /dev/null<br>
&gt; &#43;&#43;&#43;<br>
&gt; b/MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Varia=
ble<br>
&gt; PolicyUnitTest.inf<br>
&gt; @@ -0,0 &#43;1,40 @@<br>
&gt; &#43;## @file VariablePolicyUnitTest.inf<br>
&gt; <br>
&gt; &#43;# UnitTest for...<br>
&gt; <br>
&gt; &#43;# Business logic for Variable Policy enforcement.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;# Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt; &#43;# SPDX-License-Identifier: BSD-2-Clause-Patent<br>
&gt; <br>
&gt; &#43;##<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Defines]<br>
&gt; <br>
&gt; &#43;&nbsp; INF_VERSION&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D 0x=
00010006<br>
&gt; <br>
&gt; &#43;&nbsp; BASE_NAME&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp; =3D VariablePolicyUnitTest<br>
&gt; <br>
&gt; &#43;&nbsp; FILE_GUID&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;=
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb=
sp; =3D 1200A2E4-D756-418C-9768-528C2D181A98<br>
&gt; <br>
&gt; &#43;&nbsp; MODULE_TYPE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbs=
p;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D HO=
ST_APPLICATION<br>
&gt; <br>
&gt; &#43;&nbsp; VERSION_STRING&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; =3D 1.0<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;# The following information is for reference only and not requir=
ed by the<br>
&gt; build tools.<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;#&nbsp; VALID_ARCHITECTURES&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&=
nbsp;&nbsp;&nbsp;&nbsp; =3D IA32 X64 ARM AARCH64<br>
&gt; <br>
&gt; &#43;#<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Sources]<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyUnitTest.c<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[Packages]<br>
&gt; <br>
&gt; &#43;&nbsp; MdePkg/MdePkg.dec<br>
&gt; <br>
&gt; &#43;&nbsp; MdeModulePkg/MdeModulePkg.dec<br>
&gt; <br>
&gt; &#43;&nbsp; UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;[LibraryClasses]<br>
&gt; <br>
&gt; &#43;&nbsp; BaseLib<br>
&gt; <br>
&gt; &#43;&nbsp; DebugLib<br>
&gt; <br>
&gt; &#43;&nbsp; UnitTestLib<br>
&gt; <br>
&gt; &#43;&nbsp; PrintLib<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyLib<br>
&gt; <br>
&gt; &#43;&nbsp; BaseMemoryLib<br>
&gt; <br>
&gt; &#43;&nbsp; MemoryAllocationLib<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/MdeModulePkg.dec<br>
&gt; b/MdeModulePkg/MdeModulePkg.dec<br>
&gt; index 05d8ad4931f9..0b58c14e4747 100644<br>
&gt; --- a/MdeModulePkg/MdeModulePkg.dec<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/MdeModulePkg.dec<br>
&gt; @@ -31,6 &#43;31,9 @@ [LibraryClasses]<br>
&gt;&nbsp;&nbsp;&nbsp; ##&nbsp; @libraryclass&nbsp; Defines a set of metho=
ds to reset whole system.<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; ResetSystemLib|Include/Library/ResetSystemLib.h<br>
&gt; <br>
&gt; <br>
&gt; <br>
&gt; &#43;&nbsp; ##&nbsp; @libraryclass&nbsp; Business logic for storing a=
nd testing variable policies<br>
&gt; <br>
&gt; &#43;&nbsp; VariablePolicyLib|Include/Library/VariablePolicyLib.h<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; ##&nbsp; @libraryclass&nbsp; Defines a set of helpe=
r functions for resetting the system.<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; ResetUtilityLib|Include/Library/ResetUtilityLib.h<b=
r>
&gt; <br>
&gt; <br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/MdeModulePkg.dsc<br>
&gt; b/MdeModulePkg/MdeModulePkg.dsc<br>
&gt; index 25aea3e2a481..14b6ed536962 100644<br>
&gt; --- a/MdeModulePkg/MdeModulePkg.dsc<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/MdeModulePkg.dsc<br>
&gt; @@ -3,6 &#43;3,7 @@<br>
&gt;&nbsp; #<br>
&gt; <br>
&gt;&nbsp; # (C) Copyright 2014 Hewlett-Packard Development Company, L.P.&=
lt;BR&gt;<br>
&gt; <br>
&gt;&nbsp; # Copyright (c) 2007 - 2019, Intel Corporation. All rights rese=
rved.&lt;BR&gt;<br>
&gt; <br>
&gt; &#43;# Copyright (c) Microsoft Corporation.<br>
&gt; <br>
&gt;&nbsp; #<br>
&gt; <br>
&gt;&nbsp; #&nbsp;&nbsp;&nbsp; SPDX-License-Identifier: BSD-2-Clause-Paten=
t<br>
&gt; <br>
&gt;&nbsp; #<br>
&gt; <br>
&gt; @@ -58,6 &#43;59,7 @@ [LibraryClasses]<br>
&gt;&nbsp;&nbsp;&nbsp; DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeSer=
vicesLib.inf<br>
&gt; <br>
&gt; <br>
&gt; DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTab=
l<br>
&gt; eLib.inf<br>
&gt; <br>
&gt; <br>
&gt; UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBoo<br=
>
&gt; tManagerLib.inf<br>
&gt; <br>
&gt; &#43;<br>
&gt; VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLi<br>
&gt; b.inf<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; #<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; # Generic Modules<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; #<br>
&gt; <br>
&gt; @@ -129,6 &#43;131,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]<br=
>
&gt;&nbsp;&nbsp;&nbsp; DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebu=
gLibConOut.inf<br>
&gt; <br>
&gt; <br>
&gt; LockBoxLib|MdeModulePkg/Library/SmmLockBoxLib/SmmLockBoxDxeLib.in<br>
&gt; f<br>
&gt; <br>
&gt; <br>
&gt; CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsule<br=
>
&gt; Lib.inf<br>
&gt; <br>
&gt; &#43;<br>
&gt; VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLi<br>
&gt; bRuntimeDxe.inf<br>
&gt; <br>
&gt; <br>
&gt; <br>
&gt;&nbsp; [LibraryClasses.common.SMM_CORE]<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf<br>
&gt; <br>
&gt; @@ -306,6 &#43;309,8 @@ [Components]<br>
&gt;&nbsp;&nbsp;&nbsp; MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf<br=
>
&gt; <br>
&gt; <br>
&gt; MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull<br>
&gt; .inf<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; MdeModulePkg/Library/AuthVariableLibNull/AuthVariab=
leLibNull.inf<br>
&gt; <br>
&gt; &#43;&nbsp; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.=
inf<br>
&gt; <br>
&gt; &#43;<br>
&gt; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.in=
f<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf<br=
>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; MdeModulePkg/Library/VarCheckHiiLib/VarCheckHiiLib.=
inf<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; MdeModulePkg/Library/VarCheckPcdLib/VarCheckPcdLib.=
inf<br>
&gt; <br>
&gt; diff --git a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc<br>
&gt; b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc<br>
&gt; index 72a119db4568..095e613f1be1 100644<br>
&gt; --- a/MdeModulePkg/Test/MdeModulePkgHostTest.dsc<br>
&gt; &#43;&#43;&#43; b/MdeModulePkg/Test/MdeModulePkgHostTest.dsc<br>
&gt; @@ -19,12 &#43;19,23 @@ [Defines]<br>
&gt; <br>
&gt; <br>
&gt;&nbsp; !include UnitTestFrameworkPkg/UnitTestFrameworkPkgHost.dsc.inc<=
br>
&gt; <br>
&gt; <br>
&gt; <br>
&gt; &#43;[LibraryClasses]<br>
&gt; <br>
&gt; &#43;&nbsp; SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.i=
nf<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt;&nbsp; [Components]<br>
&gt; <br>
&gt; <br>
&gt; MdeModulePkg/Library/DxeResetSystemLib/UnitTest/MockUefiRuntimeSer<br=
>
&gt; vicesTableLib.inf<br>
&gt; <br>
&gt; <br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; #<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; # Build MdeModulePkg HOST_APPLICATION Tests<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp; #<br>
&gt; <br>
&gt; &#43;<br>
&gt; MdeModulePkg/Library/VariablePolicyLib/VariablePolicyUnitTest/Variabl=
ePo<br>
&gt; licyUnitTest.inf {<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; &lt;LibraryClasses&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePoli=
cyLi<br>
&gt; b.inf<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; &#43;&nbsp;&nbsp;&nbsp; &lt;PcdsFixedAtBuild&gt;<br>
&gt; <br>
&gt; &#43;<br>
&gt; gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDis<b=
r>
&gt; able|TRUE<br>
&gt; <br>
&gt; &#43;&nbsp; }<br>
&gt; <br>
&gt; &#43;<br>
&gt; <br>
&gt; <br>
&gt; MdeModulePkg/Library/DxeResetSystemLib/UnitTest/DxeResetSystemLibU<br=
>
&gt; nitTestHost.inf {<br>
&gt; <br>
&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &lt;LibraryClasses&gt;<br>
&gt; <br>
&gt; <br>
&gt; ResetSystemLib|MdeModulePkg/Library/DxeResetSystemLib/DxeResetSyst<br=
>
&gt; emLib.inf<br>
&gt; <br>
&gt; --<br>
&gt; 2.26.2.windows.1.8.g01c50adf56.20200515075929<br>
&gt; <br>
&gt; <br>
&gt; -=3D-=3D-=3D-=3D-=3D-=3D<br>
&gt; Groups.io Links: You receive all messages sent to this group.<br>
&gt; <br>
&gt; View/Reply Online (#61588): <a href=3D"https://nam06.safelinks.protec=
tion.outlook.com/?url=3Dhttps%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Fmessage%=
2F61588&amp;amp;data=3D02%7C01%7Cbret.barkelew%40microsoft.com%7C4ff781c598=
384282187708d81e2d8858%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C6372925=
28218892203&amp;amp;sdata=3DLU1JPSqqPVToubD2UJd8JT34dvLGJ6QSi7oA7s%2FyiqY%3=
D&amp;amp;reserved=3D0">
https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fedk2.g=
roups.io%2Fg%2Fdevel%2Fmessage%2F61588&amp;amp;data=3D02%7C01%7Cbret.barkel=
ew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141af91a=
b2d7cd011db47%7C1%7C0%7C637292528218892203&amp;amp;sdata=3DLU1JPSqqPVToubD2=
UJd8JT34dvLGJ6QSi7oA7s%2FyiqY%3D&amp;amp;reserved=3D0</a><br>
&gt; Mute This Topic: <a href=3D"https://nam06.safelinks.protection.outloo=
k.com/?url=3Dhttps%3A%2F%2Fgroups.io%2Fmt%2F75057697%2F1768738&amp;amp;data=
=
=3D02%7C01%7Cbret.barkelew%40microsoft.com%7C4ff781c598384282187708d81e2d8=
858%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637292528218892203&amp;amp=
;sdata=3DY%2BAVPkeX7Clj7g0E0ENKDcJQwVksMtp%2FbZjBgDdz%2B1A%3D&amp;amp;reser=
ved=3D0">
https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgroups=
.io%2Fmt%2F75057697%2F1768738&amp;amp;data=3D02%7C01%7Cbret.barkelew%40micr=
osoft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141af91ab2d7cd011=
db47%7C1%7C0%7C637292528218892203&amp;amp;sdata=3DY%2BAVPkeX7Clj7g0E0ENKDcJ=
QwVksMtp%2FbZjBgDdz%2B1A%3D&amp;amp;reserved=3D0</a><br>
&gt; Group Owner: devel&#43;owner@edk2.groups.io<br>
&gt; Unsubscribe: <a href=3D"https://nam06.safelinks.protection.outlook.co=
m/?url=3Dhttps%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Funsub&amp;amp;data=3D02=
%7C01%7Cbret.barkelew%40microsoft.com%7C4ff781c598384282187708d81e2d8858%7C=
72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637292528218892203&amp;amp;sdata=
=
=3DQzd%2FXa8ldydS45UAIyd7PaGORBzcESMWbNT1oUNEZm4%3D&amp;amp;reserved=3D0">
https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fedk2.g=
roups.io%2Fg%2Fdevel%2Funsub&amp;amp;data=3D02%7C01%7Cbret.barkelew%40micro=
soft.com%7C4ff781c598384282187708d81e2d8858%7C72f988bf86f141af91ab2d7cd011d=
b47%7C1%7C0%7C637292528218892203&amp;amp;sdata=3DQzd%2FXa8ldydS45UAIyd7PaGO=
RBzcESMWbNT1oUNEZm4%3D&amp;amp;reserved=3D0</a>&nbsp;
 [dandan.bi@intel.com]<br>
&gt; -=3D-=3D-=3D-=3D-=3D-=3D<br>
<br>
<br>
<o:p></o:p></p>
<p class=3D"MsoNormal"><o:p>&nbsp;</o:p></p>
</div>
</body>
</html>

--_000_CY4PR21MB074399EFFD54FE103EF7B5B8EF6D0CY4PR21MB0743namp_--