From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM10-BN7-obe.outbound.protection.outlook.com (NAM10-BN7-obe.outbound.protection.outlook.com [40.107.92.94]) by mx.groups.io with SMTP id smtpd.web10.2536.1592379285777991422 for ; Wed, 17 Jun 2020 00:34:46 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=iXc5YH+6; spf=pass (domain: microsoft.com, ip: 40.107.92.94, mailfrom: bret.barkelew@microsoft.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=W3Fo3UO1r7sk9qIeX4i6hvgbGkLUQTr2WX0BLaWqctEPv3Nn/Vyvv0QsLMYy2W4F57zETaeeRnnYUliOou5npKKNYlNCpRluzgIkVWvjDMk/5vytm7tmMtTGsUvBx8BUvmf8fGCYJw4BEGTTqhtt3rP6nUToYD1MX33MlQDuaca0pwR/o/WQygNOVPXOkOnK2Vv32fR8ue8zYDRowx9yUy8jV0nH4MTodCQBvIlOQKEIOg3Pno9gHl573+Gm6jwmXvN7XfKrcrW6z9ZZTaInAl+2Ut+xMJBTw4UR6gXdN35BU4exwMR6kIf/RCTjMYR0BOmFcJsd9YbD+IfFtW8UVg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eG0VfWVGNFggzeXkGqUSuIl7/kxquK1C5HO4ZuQD3dY=; b=m+JOaXS764bdp+ZxxC5/C8XKmkhzNYwSnIrbrT1Dpxh7c587stulPoezwMgAtu1M+ZvzjTbGUWr7aU1fp9SfTi8VsTrS+ZfrsBxyMN6bmGfbPwF7VwXEpApYtuUKl/CB7vGDXVy1oOysDFUboYAfZyWBv4PS5fjFHdcrxfL5GP4TY1KzDwFayNyd9TG3N+0chuH5YKCPjmIECFX1b9sdy/npeiLPT+9usA9aYA4J+QPtZfd3HhI9XWC1jnzrg7cadmZUou7txirXTuoD4NqEknVEg1gXMnaJPYmsTzshyl7i+LyDyu8rKNRSKJtkUPCXCkvvBSxOof8HoLUn5e+Qog== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=eG0VfWVGNFggzeXkGqUSuIl7/kxquK1C5HO4ZuQD3dY=; b=iXc5YH+6Yce7jZht0/Bww7n9/jmbw+iRvvt2mxKKwd6nwwIxxei+fExZfFabY18MHUBuA4p+vWhFKHrmQDOMmZms0zWw317xG/ydtxTj9XGa/LGJYhLDlfAV6fWTno0lLDPjLyYanabLQ7aKu4SWP/EseO9NROBADq5Vi+/MU5g= Received: from CY4PR21MB0743.namprd21.prod.outlook.com (2603:10b6:903:b2::9) by CY4PR2101MB0865.namprd21.prod.outlook.com (2603:10b6:910:8a::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.9; Wed, 17 Jun 2020 07:34:44 +0000 Received: from CY4PR21MB0743.namprd21.prod.outlook.com ([fe80::4ef:d9e:62c:f319]) by CY4PR21MB0743.namprd21.prod.outlook.com ([fe80::f112:82fb:d4fd:f7dd%10]) with mapi id 15.20.3131.009; Wed, 17 Jun 2020 07:34:44 +0000 From: "Bret Barkelew" To: "devel@edk2.groups.io" , "bret@corthon.com" CC: "Yao, Jiewen" , Jian J Wang , Chao Zhang Subject: Re: [EXTERNAL] [edk2-devel] [PATCH v5 11/14] SecurityPkg: Allow VariablePolicy state to delete authenticated variables Thread-Topic: [EXTERNAL] [edk2-devel] [PATCH v5 11/14] SecurityPkg: Allow VariablePolicy state to delete authenticated variables Thread-Index: AQHWOYyvogVuV+jst0urSs26qjxDMqjcgG0q Date: Wed, 17 Jun 2020 07:34:44 +0000 Message-ID: References: <20200603065810.806-1-brbarkel@microsoft.com>,<20200603065810.806-12-brbarkel@microsoft.com> In-Reply-To: <20200603065810.806-12-brbarkel@microsoft.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-06-17T07:34:41.778Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [71.212.143.8] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 91a0fcd6-e367-4932-a65b-08d81290e792 x-ms-traffictypediagnostic: CY4PR2101MB0865: x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:8273; x-forefront-prvs: 04371797A5 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: ezMrXHLfu9V5CE52uKWBp9KXBquaXksVdsVxJaRmF4/HSvFFue4UKBxPFaNviuDwKDHPB6kbiTJYidT0yam5FnNZd+2nqwQaq0pJTNozSZNKfuCs/LmkNvmS2iSMY1BKjOtCzTpVJnciUvCtOT+i7XGmYeOuDe8rd05wlH9HjcUO01lTvMya5NmuqeXFRJP4mXYp+9ASewS0gHjA/MDZeje7QNwASsz0sfvswLyPF7Yv1mBRvVrvbVaOAT21J5jVHZA34YRuEPK6dpWzjar65quZSedyCTxz/87xZs0f5I+oTmwMJhlwQpuBb7pO1sH2t8wMR0TTGN6b8WoNkl/cGuDirGnMwr9epFeEhuMI6m1UXLE6WnC7FVjuL0vbn3/J1ZiGZ0fu79T9Z0uTlvvDcw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR21MB0743.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(396003)(366004)(376002)(39860400002)(346002)(136003)(91956017)(76116006)(66446008)(66946007)(64756008)(66476007)(66556008)(82950400001)(82960400001)(5660300002)(166002)(7696005)(52536014)(110136005)(54906003)(33656002)(71200400001)(83380400001)(966005)(478600001)(2906002)(53546011)(8676002)(8990500004)(26005)(15650500001)(10290500003)(55016002)(186003)(4326008)(6506007)(8936002)(9686003)(316002)(19627405001)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: yNHhwDvmmbwqlwd+nq76p9YLtDypZVw1An5cZygOb2a6kiKABWl/JiaRhdlfqjUMRQQZiLq4mG6nzQpqv9F0h4ySNlLeu3LXk+7wXkizE8kXxh7WeqpUx+1xHkjUm0QBxxwRo05HHnWLbrIPI7KcrbHbu1YrYn768eOvyDPt8JknqCFDGDH3BfvZfJGoE9vA7Kez5HunsNGYcMAIAa+Qzy7JCn4kGiAxvqf6pFquAkj8pqGPOAiiG79j9tvttx4rPQ/zkzQYSTLuWcF3beKXAaaMI1tFUNZ9g2Qa9i3qb5l2puVoGvHCjLz0QQ9oH1T+FATlxYjt+NyPCFkaL1D5yUYcdIzYmHkgWK60wSZUU823aMja9jKxlcUQ20+fekuex9rTiwQ5HjSS6H8NkkMwMExReSA2rXvKNrAOPoQfbuVMRhDgiPDlVZqfo3K7DYJ5pfC4vliNWnc5s6o7TPQ6zYwz74E2a6yCG2m/gDufUWQ= x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR21MB0743.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 91a0fcd6-e367-4932-a65b-08d81290e792 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Jun 2020 07:34:44.1643 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: tSMHF5gNs9zUO128YWiiORvBL3Nm+XSewlCwUVdRR+Eo50yv9TFnCQZAopeT3g/AImQ1VJRWvMS5r9lomGzSBQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR2101MB0865 Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0743BF3C971F9C59B0400C0AEF9A0CY4PR21MB0743namp_" --_000_CY4PR21MB0743BF3C971F9C59B0400C0AEF9A0CY4PR21MB0743namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Bump. This specific patch needs Reviews. - Bret ________________________________ From: devel@edk2.groups.io on behalf of Bret Barkele= w via groups.io Sent: Tuesday, June 2, 2020 11:58 PM To: devel@edk2.groups.io Cc: Yao, Jiewen ; Jian J Wang = ; Chao Zhang Subject: [EXTERNAL] [edk2-devel] [PATCH v5 11/14] SecurityPkg: Allow Variab= lePolicy state to delete authenticated variables https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugzill= a.tianocore.org%2Fshow_bug.cgi%3Fid%3D2522&data=3D02%7C01%7CBret.Barkel= ew%40microsoft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af91a= b2d7cd011db47%7C1%7C0%7C637267747454210698&sdata=3D10egANvpHPv6bNbdaNyL= 4%2F3tOk9eG03HUKCADhQix68%3D&reserved=3D0 Causes AuthService to check IsVariablePolicyEnabled() before enforcing write protections to allow variable deletion when policy engine is disabled. Only allows deletion, not modification. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Bret Barkelew Signed-off-by: Bret Barkelew --- SecurityPkg/Library/AuthVariableLib/AuthService.c | 22 +++++++++++++= +++---- SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf | 2 ++ 2 files changed, 20 insertions(+), 4 deletions(-) diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c index 2f60331f2c04..aca9a5620c28 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -19,12 +19,16 @@ to verify the signature. Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include "AuthServiceInternal.h" +#include +#include + // // Public Exponent of RSA Key. // @@ -217,9 +221,12 @@ NeedPhysicallyPresent( IN EFI_GUID *VendorGuid ) { - if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrC= mp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) - || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (Va= riableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { - return TRUE; + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (IsVariablePolicyEnabled()) { + if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (St= rCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0)) + || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (= VariableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) { + return TRUE; + } } return FALSE; @@ -842,7 +849,8 @@ ProcessVariable ( &OrgVariableInfo ); - if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && UserPhysicalPresent()) { + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attri= butes, Data, DataSize, Attributes) && (UserPhysicalPresent() || !IsVariable= PolicyEnabled())) { // // Allow the delete operation of common authenticated variable(AT or A= W) at user physical presence. // @@ -1960,6 +1968,12 @@ VerifyTimeBasedPayload ( CopyMem (Buffer, PayloadPtr, PayloadSize); + // If the VariablePolicy engine is disabled, allow deletion of any authe= nticated variables. + if (PayloadSize =3D=3D 0 && (Attributes & EFI_VARIABLE_APPEND_WRITE) =3D= =3D 0 && !IsVariablePolicyEnabled()) { + VerifyStatus =3D TRUE; + goto Exit; + } + if (AuthVarType =3D=3D AuthVarTypePk) { // // Verify that the signature has been made with the current Platform K= ey (no chaining for PK). diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/Secu= rityPkg/Library/AuthVariableLib/AuthVariableLib.inf index 8d4ce14df494..8eadeebcebd7 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -3,6 +3,7 @@ # # Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
# Copyright (c) 2018, ARM Limited. All rights reserved.
+# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -41,6 +42,7 @@ [LibraryClasses] MemoryAllocationLib BaseCryptLib PlatformSecureLib + VariablePolicyLib [Guids] ## CONSUMES ## Variable:L"SetupMode" -- 2.26.2.windows.1.8.g01c50adf56.20200515075929 -=3D-=3D-=3D-=3D-=3D-=3D Groups.io Links: You receive all messages sent to this group. View/Reply Online (#60637): https://nam06.safelinks.protection.outlook.com/= ?url=3Dhttps%3A%2F%2Fedk2.groups.io%2Fg%2Fdevel%2Fmessage%2F60637&data= =3D02%7C01%7CBret.Barkelew%40microsoft.com%7C2d4a699617424da6381f08d807a3d0= 94%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637267747454210698&sdat= a=3D%2BAYYshrhsUe22N%2Bq29KTBwBSfPZ%2BKMI%2BHfXnlAC1UDA%3D&reserved=3D0 Mute This Topic: https://nam06.safelinks.protection.outlook.com/?url=3Dhttp= s%3A%2F%2Fgroups.io%2Fmt%2F74646426%2F1822150&data=3D02%7C01%7CBret.Bar= kelew%40microsoft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af= 91ab2d7cd011db47%7C1%7C0%7C637267747454210698&sdata=3DmKJ2mIwadixEeJXSP= litdokFxojYhLgituGitz5Y%2FKQ%3D&reserved=3D0 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A= %2F%2Fedk2.groups.io%2Fg%2Fdevel%2Funsub&data=3D02%7C01%7CBret.Barkelew= %40microsoft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af91ab2= d7cd011db47%7C1%7C0%7C637267747454210698&sdata=3DtAo%2FXEtUjmykPq%2BZgx= 5USuiQdkQyX7pMaTQ%2FMaUCfuE%3D&reserved=3D0 [brbarkel@microsoft.com] -=3D-=3D-=3D-=3D-=3D-=3D --_000_CY4PR21MB0743BF3C971F9C59B0400C0AEF9A0CY4PR21MB0743namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable
Bump. This specif= ic patch needs Reviews.

- Bret


From: devel@edk2.groups.io = <devel@edk2.groups.io> on behalf of Bret Barkelew via groups.io <b= ret=3Dcorthon.com@groups.io>
Sent: Tuesday, June 2, 2020 11:58 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Yao, Jiewen <jiewen.yao@intel.com>; Jian J Wang <jian.j= .wang@intel.com>; Chao Zhang <chao.b.zhang@intel.com>
Subject: [EXTERNAL] [edk2-devel] [PATCH v5 11/14] SecurityPkg: Allow= VariablePolicy state to delete authenticated variables
 
https://nam06.safelinks.protection.outlook.com/?url=3Dh= ttps%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2522&amp;data= =3D02%7C01%7CBret.Barkelew%40microsoft.com%7C2d4a699617424da6381f08d807a3d0= 94%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637267747454210698&amp;= sdata=3D10egANvpHPv6bNbdaNyL4%2F3tOk9eG03HUKCADhQix68%3D&amp;reserved= =3D0

Causes AuthService to check
IsVariablePolicyEnabled() before enforcing
write protections to allow variable deletion
when policy engine is disabled.

Only allows deletion, not modification.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
---
 SecurityPkg/Library/AuthVariableLib/AuthService.c   &n= bsp;   | 22 ++++++++++= 3;+++++----
 SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf |  2 = 3;+
 2 files changed, 20 insertions(+), 4 deletions(-)

diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPk= g/Library/AuthVariableLib/AuthService.c
index 2f60331f2c04..aca9a5620c28 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthService.c
+++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c
@@ -19,12 +19,16 @@
   to verify the signature.

 

 Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<= ;BR>

+Copyright (c) Microsoft Corporation.

 SPDX-License-Identifier: BSD-2-Clause-Patent

 

 **/

 

 #include "AuthServiceInternal.h"

 

+#include <Protocol/VariablePolicy.h>

+#include <Library/VariablePolicyLib.h>

+

 //

 // Public Exponent of RSA Key.

 //

@@ -217,9 +221,12 @@ NeedPhysicallyPresent(
   IN     EFI_GUID    &nb= sp;  *VendorGuid

   )

 {

-  if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid)= && (StrCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) =3D=3D 0))<= br>
-    || (CompareGuid (VendorGuid, &gEfiCustomModeEnableG= uid) && (StrCmp (VariableName, EFI_CUSTOM_MODE_NAME) =3D=3D 0))) {<= br>
-    return TRUE;

+  // If the VariablePolicy engine is disabled, allow deletion of = any authenticated variables.

+  if (IsVariablePolicyEnabled()) {

+    if ((CompareGuid (VendorGuid, &gEfiSecureBootEn= ableDisableGuid) && (StrCmp (VariableName, EFI_SECURE_BOOT_ENABLE_N= AME) =3D=3D 0))

+      || (CompareGuid (VendorGuid, &gEfiC= ustomModeEnableGuid) && (StrCmp (VariableName, EFI_CUSTOM_MODE_NAME= ) =3D=3D 0))) {

+      return TRUE;

+    }

   }

 

   return FALSE;

@@ -842,7 +849,8 @@ ProcessVariable (
            &nb= sp; &OrgVariableInfo

            &nb= sp; );

 

-  if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVaria= bleInfo.Attributes, Data, DataSize, Attributes) && UserPhysicalPres= ent()) {

+  // If the VariablePolicy engine is disabled, allow deletion of = any authenticated variables.

+  if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgV= ariableInfo.Attributes, Data, DataSize, Attributes) && (UserPhysica= lPresent() || !IsVariablePolicyEnabled())) {

     //

     // Allow the delete operation of common authentica= ted variable(AT or AW) at user physical presence.

     //

@@ -1960,6 +1968,12 @@ VerifyTimeBasedPayload (
 

   CopyMem (Buffer, PayloadPtr, PayloadSize);

 

+  // If the VariablePolicy engine is disabled, allow deletion of = any authenticated variables.

+  if (PayloadSize =3D=3D 0 && (Attributes & EFI_VARIA= BLE_APPEND_WRITE) =3D=3D 0 && !IsVariablePolicyEnabled()) {

+    VerifyStatus =3D TRUE;

+    goto Exit;

+  }

+

   if (AuthVarType =3D=3D AuthVarTypePk) {

     //

     // Verify that the signature has been made with th= e current Platform Key (no chaining for PK).

diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf b/Secu= rityPkg/Library/AuthVariableLib/AuthVariableLib.inf
index 8d4ce14df494..8eadeebcebd7 100644
--- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf @@ -3,6 +3,7 @@
 #

 #  Copyright (c) 2015 - 2016, Intel Corporation. All rights rese= rved.<BR>

 #  Copyright (c) 2018, ARM Limited. All rights reserved.<BR&g= t;

+#  Copyright (c) Microsoft Corporation.

 #

 #  SPDX-License-Identifier: BSD-2-Clause-Patent

 #

@@ -41,6 +42,7 @@ [LibraryClasses]
   MemoryAllocationLib

   BaseCryptLib

   PlatformSecureLib

+  VariablePolicyLib

 

 [Guids]

   ## CONSUMES        &nb= sp;   ## Variable:L"SetupMode"

--
2.26.2.windows.1.8.g01c50adf56.20200515075929


-=3D-=3D-=3D-=3D-=3D-=3D
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#60637): https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fedk2.gr= oups.io%2Fg%2Fdevel%2Fmessage%2F60637&amp;data=3D02%7C01%7CBret.Barkele= w%40microsoft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af91ab= 2d7cd011db47%7C1%7C0%7C637267747454210698&amp;sdata=3D%2BAYYshrhsUe22N%= 2Bq29KTBwBSfPZ%2BKMI%2BHfXnlAC1UDA%3D&amp;reserved=3D0
Mute This Topic: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fgroups.= io%2Fmt%2F74646426%2F1822150&amp;data=3D02%7C01%7CBret.Barkelew%40micro= soft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af91ab2d7cd011d= b47%7C1%7C0%7C637267747454210698&amp;sdata=3DmKJ2mIwadixEeJXSPlitdokFxo= jYhLgituGitz5Y%2FKQ%3D&amp;reserved=3D0
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fedk2.gr= oups.io%2Fg%2Fdevel%2Funsub&amp;data=3D02%7C01%7CBret.Barkelew%40micros= oft.com%7C2d4a699617424da6381f08d807a3d094%7C72f988bf86f141af91ab2d7cd011db= 47%7C1%7C0%7C637267747454210698&amp;sdata=3DtAo%2FXEtUjmykPq%2BZgx5USui= QdkQyX7pMaTQ%2FMaUCfuE%3D&amp;reserved=3D0  [brbarkel@microsoft.com]
-=3D-=3D-=3D-=3D-=3D-=3D

--_000_CY4PR21MB0743BF3C971F9C59B0400C0AEF9A0CY4PR21MB0743namp_--