From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail05.groups.io (mail05.groups.io [45.79.224.7]) by spool.mail.gandi.net (Postfix) with ESMTPS id 30D34740041 for ; Fri, 21 Jun 2024 08:03:36 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=fhUBEmyuw+4FskJtLrKTnQUdxU+Gpw6Z6ZfOkKiyHOA=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:Accept-Language:msip_labels:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20240206; t=1718957016; v=1; b=2v5ku3LucT1lv6X603ykqxzpi5oLkKLI4J8WIVmaQfs7nwSBZTout6ssUODQVRwPEwSEdA4X j1BZ1wIkRNEJdrptmWqKn8SQMLIE4hATLUaQBwBHnEmGL4EAMBoLXVRM9CmAXysLZPvTE03vq+O TDg9SfohalxskSkalx/qOjLjtYRXuHEsQPA261p617KRAgTgRuAGjxOKFKneGaIyvnM0teqF8F9 YbGB8ISQYxTuF3pJB8wF/kcn0KDY+6gyfJEMbfCQWaoH5VqHEyrIuAiI5ePOOVQFzVQ0/7z+wYM XYjePCedrHjmOACkt6v/3p6oGA1Hz5nfR/Z0GuFSgnuqA== X-Received: by 127.0.0.2 with SMTP id 3ksUYY7687511xS1sPktIrMS; Fri, 21 Jun 2024 01:03:35 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.12]) by mx.groups.io with SMTP id smtpd.web10.68154.1718957014772023671 for ; Fri, 21 Jun 2024 01:03:34 -0700 X-CSE-ConnectionGUID: YNTokpXGRKuF8ZwQQcelRw== X-CSE-MsgGUID: gbrdHTdESjmLQZL5Xf17IQ== X-IronPort-AV: E=McAfee;i="6700,10204,11109"; a="19861457" X-IronPort-AV: E=Sophos;i="6.08,254,1712646000"; d="scan'208,217";a="19861457" X-Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by fmvoesa106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jun 2024 01:03:34 -0700 X-CSE-ConnectionGUID: uBzWog1TRgO1z6HdvHbE7g== X-CSE-MsgGUID: TwXdv2NQSiyQ2aw+gkstCg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.08,254,1712646000"; d="scan'208,217";a="47037183" X-Received: from orsmsx601.amr.corp.intel.com ([10.22.229.14]) by fmviesa004.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 21 Jun 2024 01:03:34 -0700 X-Received: from orsmsx602.amr.corp.intel.com (10.22.229.15) by ORSMSX601.amr.corp.intel.com (10.22.229.14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39; Fri, 21 Jun 2024 01:03:33 -0700 X-Received: from ORSEDG602.ED.cps.intel.com (10.7.248.7) by orsmsx602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.39 via Frontend Transport; Fri, 21 Jun 2024 01:03:33 -0700 X-Received: from NAM10-BN7-obe.outbound.protection.outlook.com (104.47.70.48) by edgegateway.intel.com (134.134.137.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Fri, 21 Jun 2024 01:03:33 -0700 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com (2603:10b6:208:470::14) by PH0PR11MB7712.namprd11.prod.outlook.com (2603:10b6:510:290::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7698.20; Fri, 21 Jun 2024 08:03:30 +0000 X-Received: from MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::41a4:c775:32e6:76a8]) by MN6PR11MB8244.namprd11.prod.outlook.com ([fe80::41a4:c775:32e6:76a8%5]) with mapi id 15.20.7698.020; Fri, 21 Jun 2024 08:03:30 +0000 From: "Ni, Ray" To: Ard Biesheuvel CC: "devel@edk2.groups.io" , "Yao, Jiewen" , "Ni, Ray" , "Xu, Wei6" Subject: [edk2-devel] Regarding MOR Secure feature Thread-Topic: Regarding MOR Secure feature Thread-Index: AQHaw62EtpleLzvEK0K+Pih0pELKfw== Date: Fri, 21 Jun 2024 08:03:30 +0000 Message-ID: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MN6PR11MB8244:EE_|PH0PR11MB7712:EE_ x-ms-office365-filtering-correlation-id: b25cb808-63be-4714-4e8d-08dc91c8a390 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: =?iso-8859-1?Q?dq55sp3CDZOZgMM9XAybe2knJMXkuZMKa0xCRKPy5zUGUH9v5yF+jJ+rTk?= =?iso-8859-1?Q?yO/dBJ9T/cDpQHFwaAi9i7CBGMRYUc7MQjAkEHabHaNiRse/xO3G2iYrJt?= =?iso-8859-1?Q?Sw2nIf8iEiAe+FsKa21zAlsUj8VMUwEPKY20arUK4lEMhYpQZkE2ASr9uJ?= =?iso-8859-1?Q?GpUrvKm1Dju0G2Xyu0USd2o9NlB947Y07xRWEEP43Yq6h/gE3d58Al6dwu?= =?iso-8859-1?Q?yki1X5gNDb/331NzvdWomSZBWPLKe2LfMQHmDkvdrFF3XDPhEjB2Q9vUxP?= =?iso-8859-1?Q?DnKP+khk3ST6aehV3vxLyerReeWoyEty7X25Nkvb1q5o7L8zn0c4oRxzLl?= =?iso-8859-1?Q?KQyP+kqPq9iu+k1BGISO+MpXUoYa8nA04OK+wq7l8UgJwYh2IZjmsAtmoP?= =?iso-8859-1?Q?FEjqvL3tFRHub3BSo1ZguZWgxg9dJGLOkz3sqUzOXGjMc20516zzZyPp21?= =?iso-8859-1?Q?ZDOleuKB24e06mjtIob8ZE1rnRtu8ZGV3XnXwZxuNuW6m5J5brw/xVbtxb?= =?iso-8859-1?Q?4lsuxTILJrvS5SQqCjROAKa46i+DG1m3pTkfz6qqi4/GlehDicmH/eVyAx?= =?iso-8859-1?Q?sZ0i2Vpg4RD+/efaYggTNwO6/nhNVGTsaNMcOp5oftPgVQQZOJUG5BvYwB?= =?iso-8859-1?Q?QTFNodCSBtdi96FDhraRm1ZlKZ/1OhUZphXkhO1E3loZBSYbteOyNiRS5i?= =?iso-8859-1?Q?QZ9Ge1c2NnHoUIx7DMuZrL3TGaTl0tSWZOIskzYBKdiNCkBzNgbbiCsNix?= =?iso-8859-1?Q?l99pTCFBxICOD+g1aC9Xh78hfq2YvyaeWXZdMKeOtOgi8c2NRoxL5awf2r?= =?iso-8859-1?Q?Mz/KfJEPvoD68oTh0nqIBsntZrK9T0vHa+9Toa88n/RnuQjHdsQyOnHQd2?= =?iso-8859-1?Q?x6LgGXUzi7NxN/73WDAtCHSFNnktAmbvN+WOQmB9bmQ6RWcETJkqAQlVCF?= =?iso-8859-1?Q?BumH9xUvw0YIMbNUIt0TupL06s7jFdyKcMH3n2dRsxsxBGrcqtqZEQqKvR?= =?iso-8859-1?Q?bgPHnNmwt4tnLXvQDhfv4dCtZmzboNaDEWpawnB9jwiKoEQmnWDUW7PnSG?= =?iso-8859-1?Q?KzK4Ghe2FigIo2eCGwg8meNwGNAAAcs8aKwbkAno2M2uybxALqob8qn7EP?= =?iso-8859-1?Q?HzyVVYOkdjaRDd0JtOyQCg0cm/ASajqgUAeK0vM3odWvqpfHfMXZemo3V8?= =?iso-8859-1?Q?O6HNNnmIQBSGBtQniCeIKENOujaceoy6AHjLnubkml2Ahm5YgmEeyzpAV3?= =?iso-8859-1?Q?xl01j0eZPdBxPvbcU9cj3mCOxT7Hxj/8IApcX8JmiT6p5LQuOLYA5YNUgH?= =?iso-8859-1?Q?cAjSzPqQBilYpaIjpSVGSKGqndV33awoNZ+2lDVkyKKRbMMN+YQUnWOfCR?= =?iso-8859-1?Q?RBwCPjeaLt?= x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?e8atz6UdhJ6H6jRiWYGrNKsOXt6klm44EnRW0A8zZlfceaaH82ui4kjYmD?= =?iso-8859-1?Q?Lcs7FLUfkA4I1aemX4Iwfs06DdmH6vhGuH34F4ydHH4qO2cCYY2Ij5VRPp?= =?iso-8859-1?Q?88aehjwG6QSjIH4iMwDOF7lagZ9u1JtcauUpQLQ83R9ELTGXcy33Z+lE4I?= =?iso-8859-1?Q?aG+NGhznnuI8vMc8wK0bPGqtdDtu7RJeqzMRVlm8sHu5KCKraBNwRJpFiy?= =?iso-8859-1?Q?52G+HOVGXfCRs8sd8kzv/FcF4iETunbfK/jG2adPWQYBSbjsMC5DCzytid?= =?iso-8859-1?Q?uAbEDbD91GVBZNKs4gVOG+4jEM8wHM+OQFCts/BguPQMHxDs26Zj6R5DR7?= =?iso-8859-1?Q?ocBdbeBtOhRbZUhUFsPppeU4Kbt+Z0DsMaErLBGgHj9ARJ6kWx/2lYPmOE?= =?iso-8859-1?Q?VHby772M0WcouRda4Jggr2U/CpAMDQEurNjr7zaKguuUjrykOtnUDVsFCG?= =?iso-8859-1?Q?mbPNe3iEl2d2/9g2V1+/0woE+2qURUUOW3wjr6usRi+EsCz9mrAYWNstL9?= =?iso-8859-1?Q?tPaB1GZzaS7372GJU9Dfa+DWQY6E1YQsYqwQAcUkwbfaOCSIk6ih5dqU1A?= =?iso-8859-1?Q?NnGpJViLHk2ta9Z+FOom1fENTPgqpa/8qYEpRSYEuXlZW8zP+KwCbQ5IyG?= =?iso-8859-1?Q?t8Tvv+EU750n/GjqocF349BDE7vmWsru/3ngixTvmWU7ypbCwUjH5hJtBP?= =?iso-8859-1?Q?7Nud93yJvy4qpwG8PPev+nmro5t0IJh/A0LyYw22g7NejbNer8txkd7QlU?= =?iso-8859-1?Q?uicPTm/k+RpdXbX4ymB4ziD+n5BW0TTtG1+KL8rRsqp+XCBE6d/d1TvbIz?= =?iso-8859-1?Q?D88+N3gCag6Jbg/V9vLKP69zb09fZ9Zh403MoAYCn+7J6oGPqujPDqen2e?= =?iso-8859-1?Q?7iuyXcf/AhYA8jzQt2PCGU2mWgMxrrIdaDEK2zYCMzFFya9O9wzec/jR4t?= =?iso-8859-1?Q?/8t9aX75kstMs7M0+Ihg3jnVGkG81xsEmkUfGuSwgm1O5plReqRf3cNjQH?= =?iso-8859-1?Q?5hkaU+aWE/fjuXccHAAAOG5BDw5BruvI14mkRy8iIrF+YrynVGS7U7Ck+6?= =?iso-8859-1?Q?3aub3pws3N5zbMDsfT36qGV4KrSgy8JEN+0nPqh8jc4y3tAEwtzL+bmtZH?= =?iso-8859-1?Q?8eBowjNEDL1kbsOCBbDJzGuOPNnMNhhXKQ04lyELq7RF8mID63VsuOS8Uf?= =?iso-8859-1?Q?3/6yQwsbYW1wXs/sAl4ZM3Qtq133Nugn0lFj5pr1xQ/DXniQYsfDCPrESZ?= =?iso-8859-1?Q?2IicxvpusUiROx+xdhkqyMZBnC9q1CNhuRhuYi4q8GEqiiEXWCK+QKtDtG?= =?iso-8859-1?Q?XrTfUSxNJ7gYkGQWwWnabfIp5Dri99hNWu4sjARq0FkiAtTYNQnBYQFc+z?= =?iso-8859-1?Q?dLLa0rGOXqcCtKNV+5pak6dkoanu16t82dPu7xLJlzjtdz2FH+HWkeKEhf?= =?iso-8859-1?Q?usYPau+AooQoBPOupyWhDxq8vRfSsxX5bXmKzVOybaEey4Hdi+iLYn8isi?= =?iso-8859-1?Q?dNil2Mmh5WMDsxp3XCLjNauyImrI2BVZylh3YkIynrVUmsXvYx83RiJB7w?= =?iso-8859-1?Q?qstgOcbzEG+YggPlBj7n0Sue9rh75ScQzTQkf0LL/EOMgAVAR27tGzx8Zh?= =?iso-8859-1?Q?2QdTeyMX+iwe0=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MN6PR11MB8244.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b25cb808-63be-4714-4e8d-08dc91c8a390 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jun 2024 08:03:30.3132 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: BiZTmwpuf/+8BcUuyDlAy/tQ0xXUL5uHbEGTjzoLEwKKwa5yr1EsqWFNh0o6ure6QcslNdc4Ar/QnteRnHRcXQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB7712 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Fri, 21 Jun 2024 01:03:35 -0700 Resent-From: ray.ni@intel.com Reply-To: devel@edk2.groups.io,ray.ni@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: Qauh1a0WrYyCvucdN53nUhBzx7686176AA= Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_MN6PR11MB8244F791431530375AFAAC6A8CC92MN6PR11MB8244namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=2v5ku3Lu; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.7 as permitted sender) smtp.mailfrom=bounce@groups.io --_000_MN6PR11MB8244F791431530375AFAAC6A8CC92MN6PR11MB8244namp_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Ard, 7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/co= mmit/fda8f631edbbf3823760542a06f12bd60fd39181) to support some OS kernels t= hat incorrectly "create" the MOR variable. The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bu= g.cgi?id=3D1498159).= It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are= all EOL today. Fedora 26 has the correct implementation that does NOT "cre= ate" the MOR variable. The implementation is done by you here (https://lore= .kernel.org/all/20170825155019.6740-2-ard.biesheuvel@linaro.org/T/#u). 5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProt= ocols() returns FALSE always in the standalone MM version. (Commit: https:/= /github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b56916) As a result, MorLock variable is not created. It causes a bug that the BIOS= does not report the MOR Secure feature to OS. My questions are: 1. can we revert Laszlo's commit? As the bug that commit fixes only exists in = Fedora 24/25 which are all EOL today. 2. why is the MOR secure bug not found in ARM platform? I think you are the best person to answer the questions because you not onl= y fixed the kernel, but also know details on the ARM standalone MM. I am so happy with that:) Thanks, Ray -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#119666): https://edk2.groups.io/g/devel/message/119666 Mute This Topic: https://groups.io/mt/106795434/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_000_MN6PR11MB8244F791431530375AFAAC6A8CC92MN6PR11MB8244namp_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Ard,

7 years ago, Laszlo added this commit (https://github.com/tianocore/edk2/commit/fda8f631edbbf382= 3760542a06f12bd60fd39181) to support some OS kernels that incorrectly "create" the MOR variable.
The OS kernel bug is captured in this bugzilla (bugzilla.redhat.com/show_bug.cgi?id=3D1498= 159). It seems to me the OS kernel bugs only exist in Fedora 24 and 25 which are all EOL today. Fedora 26 has the = correct implementation that does NOT "create" the MOR variable. T= he implementation is done by you here (https://lore.kernel.org/all/20170825155019.6740-2-ar= d.biesheuvel@linaro.org/T/#u).

5 years ago, you added StandaloneMm variable driver and VariableHaveTcgProt= ocols() returns FALSE always in the standalone MM version. (Commit: http= s://github.com/tianocore/edk2/commit/a855f63e2fdd990837391b0e61e78b3f06b569= 16)
As a result, MorLock variable is not created. It causes a bug that the BIOS= does not report the MOR Secure feature to OS.

My questions are:
  1. can we revert Laszlo's commit? As the bug that commit fixes only exists in = Fedora 24/25 which are all EOL today.
  2. why is the MOR secure bug not found in ARM platform?

I think you are the best person to answer the questions because you not onl= y fixed the kernel, but also know details on the ARM standalone MM.
I am so happy with that:)

Thanks,
Ray
_._,_._,_
Groups.io Links:

=20 You receive all messages sent to this group. =20 =20

View/Reply Online (#119666) | =20 | Mute= This Topic | New Topic
Your Subscriptio= n | Contact Group Owner | Unsubscribe [rebecca@openfw.io]

_._,_._,_
--_000_MN6PR11MB8244F791431530375AFAAC6A8CC92MN6PR11MB8244namp_--