* [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
@ 2022-12-15 3:02 Wang, Jian J
2022-12-15 3:10 ` Yao, Jiewen
0 siblings, 1 reply; 5+ messages in thread
From: Wang, Jian J @ 2022-12-15 3:02 UTC (permalink / raw)
To: devel; +Cc: Jiewen Yao, Michael D Kinney, Nishant C Mistry, Judah Vang
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
There's no real usage of these two libraries. They're deprecated.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Cc: Judah Vang <judah.vang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
---
SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
.../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
.../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
.../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
SecurityPkg/SecurityPkg.dec | 8 ---
SecurityPkg/SecurityPkg.dsc | 4 --
8 files changed, 291 deletions(-)
delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
delete mode 100644 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
diff --git a/SecurityPkg/Include/Library/RpmcLib.h b/SecurityPkg/Include/Library/RpmcLib.h
deleted file mode 100644
index df4ba34ba8..0000000000
--- a/SecurityPkg/Include/Library/RpmcLib.h
+++ /dev/null
@@ -1,42 +0,0 @@
-/** @file
- Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#ifndef _RPMC_LIB_H_
-#define _RPMC_LIB_H_
-
-#include <Uefi/UefiBaseType.h>
-
-/**
- Requests the monotonic counter from the designated RPMC counter.
-
- @param[out] CounterValue A pointer to a buffer to store the RPMC value.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-RequestMonotonicCounter (
- OUT UINT32 *CounterValue
- );
-
-/**
- Increments the monotonic counter in the SPI flash device by 1.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-IncrementMonotonicCounter (
- VOID
- );
-
-#endif
diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h b/SecurityPkg/Include/Library/VariableKeyLib.h
deleted file mode 100644
index 561ebad09d..0000000000
--- a/SecurityPkg/Include/Library/VariableKeyLib.h
+++ /dev/null
@@ -1,59 +0,0 @@
-/** @file
- Public definitions for Variable Key Library.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#ifndef _VARIABLE_KEY_LIB_H_
-#define _VARIABLE_KEY_LIB_H_
-
-#include <Uefi/UefiBaseType.h>
-
-/**
- Retrieves the key for integrity and/or confidentiality of variables.
-
- @param[out] VariableKey A pointer to pointer for the variable key buffer.
- @param[in,out] VariableKeySize The size in bytes of the variable key.
-
- @retval EFI_SUCCESS The variable key was returned.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-GetVariableKey (
- OUT VOID **VariableKey,
- IN OUT UINTN *VariableKeySize
- );
-
-/**
- Regenerates the variable key.
-
- @retval EFI_SUCCESS The variable key was regenerated successfully.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-RegenerateVariableKey (
- VOID
- );
-
-/**
- Locks the regenerate key interface.
-
- @retval EFI_SUCCESS The key interface was locked successfully.
- @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration.
- @retval Others An error occurred while attempting to lock the key interface.
-**/
-EFI_STATUS
-EFIAPI
-LockVariableKeyInterface (
- VOID
- );
-
-#endif
diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
deleted file mode 100644
index 792e48250e..0000000000
--- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
+++ /dev/null
@@ -1,46 +0,0 @@
-/** @file
- NULL RpmcLib instance for build purpose.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-
-#include <Library/DebugLib.h>
-#include <Library/RpmcLib.h>
-
-/**
- Requests the monotonic counter from the designated RPMC counter.
-
- @param[out] CounterValue A pointer to a buffer to store the RPMC value.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-RequestMonotonicCounter (
- OUT UINT32 *CounterValue
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Increments the monotonic counter in the SPI flash device by 1.
-
- @retval EFI_SUCCESS The operation completed successfully.
- @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter.
- @retval EFI_UNSUPPORTED The operation is un-supported.
-**/
-EFI_STATUS
-EFIAPI
-IncrementMonotonicCounter (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
deleted file mode 100644
index 500edfa87d..0000000000
--- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
+++ /dev/null
@@ -1,33 +0,0 @@
-## @file
-# Provides Null version of RpmcLib for build purpose.
-#
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-# SPDX-License-Identifier: BSD-2-Clause-Patent
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010029
- BASE_NAME = RpmcLibNull
- FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
- MODULE_TYPE = BASE
- VERSION_STRING = 1.0
- LIBRARY_CLASS = RpmcLib
-
-#
-# The following information is for reference only and not required by the build tools.
-#
-# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
-#
-
-[Sources]
- RpmcLibNull.c
-
-[Packages]
- MdePkg/MdePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- BaseLib
- DebugLib
-
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
deleted file mode 100644
index a08def767b..0000000000
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
+++ /dev/null
@@ -1,66 +0,0 @@
-/** @file
- Null version of VariableKeyLib for build purpose. Don't use it in real product.
-
-Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
-#include <Library/DebugLib.h>
-#include <Library/VariableKeyLib.h>
-
-/**
- Retrieves the key for integrity and/or confidentiality of variables.
-
- @param[out] VariableKey A pointer to pointer for the variable key buffer.
- @param[in,out] VariableKeySize The size in bytes of the variable key.
-
- @retval EFI_SUCCESS The variable key was returned.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-GetVariableKey (
- OUT VOID **VariableKey,
- IN OUT UINTN *VariableKeySize
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Regenerates the variable key.
-
- @retval EFI_SUCCESS The variable key was regenerated successfully.
- @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key.
- @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface.
- @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration.
-**/
-EFI_STATUS
-EFIAPI
-RegenerateVariableKey (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
-
-/**
- Locks the regenerate key interface.
-
- @retval EFI_SUCCESS The key interface was locked successfully.
- @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration.
- @retval Others An error occurred while attempting to lock the key interface.
-**/
-EFI_STATUS
-EFIAPI
-LockVariableKeyInterface (
- VOID
- )
-{
- ASSERT (FALSE);
- return EFI_UNSUPPORTED;
-}
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
deleted file mode 100644
index ea74e38cf9..0000000000
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
+++ /dev/null
@@ -1,33 +0,0 @@
-## @file
-# Provides Null version of VariableKeyLib for build only.
-#
-# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
-# SPDX-License-Identifier: BSD-2-Clause-Patent
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010029
- BASE_NAME = VariableKeyLibNull
- FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
- MODULE_TYPE = BASE
- VERSION_STRING = 1.0
- LIBRARY_CLASS = VariableKeyLib
-
-#
-# The following information is for reference only and not required by the build tools.
-#
-# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
-#
-
-[Sources]
- VariableKeyLibNull.c
-
-[Packages]
- MdePkg/MdePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- BaseLib
- DebugLib
-
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 7ecf9565d9..358b3dc543 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -80,14 +80,6 @@
#
TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
- ## @libraryclass Provides interfaces to access RPMC device.
- #
- RpmcLib|Include/Library/RpmcLib.h
-
- ## @libraryclass Provides interfaces to access variable root key.
- #
- VariableKeyLib|Include/Library/VariableKeyLib.h
-
## @libraryclass Provides interfaces about firmware TPM measurement.
#
TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 30d911d8a1..2f679c87a9 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -68,8 +68,6 @@
TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLib.inf
TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLib.inf
ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
- VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
- RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
@@ -264,8 +262,6 @@
#
# Variable Confidentiality & Integrity
#
- SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
- SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionLibVarPolicy.inf
#
--
2.36.1.windows.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
2022-12-15 3:02 [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib Wang, Jian J
@ 2022-12-15 3:10 ` Yao, Jiewen
2022-12-15 18:27 ` Michael D Kinney
2022-12-21 1:51 ` Judah Vang
0 siblings, 2 replies; 5+ messages in thread
From: Yao, Jiewen @ 2022-12-15 3:10 UTC (permalink / raw)
To: Wang, Jian J, devel@edk2.groups.io
Cc: Kinney, Michael D, Mistry, Nishant C, Vang, Judah
Agree.
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
I will wait for 1 work week to see if there is any objection.
If anyone has concern, please let us know as soon as possible.
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Wang, Jian J <jian.j.wang@intel.com>
> Sent: Thursday, December 15, 2022 11:02 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Mistry, Nishant C
> <nishant.c.mistry@intel.com>; Vang, Judah <judah.vang@intel.com>
> Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
>
> There's no real usage of these two libraries. They're deprecated.
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
> Cc: Judah Vang <judah.vang@intel.com>
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> ---
> SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
> SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
> SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
> .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
> .../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
> .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
> SecurityPkg/SecurityPkg.dec | 8 ---
> SecurityPkg/SecurityPkg.dsc | 4 --
> 8 files changed, 291 deletions(-)
> delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
> delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
> delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> delete mode 100644
> SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> delete mode 100644
> SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
>
> diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> b/SecurityPkg/Include/Library/RpmcLib.h
> deleted file mode 100644
> index df4ba34ba8..0000000000
> --- a/SecurityPkg/Include/Library/RpmcLib.h
> +++ /dev/null
> @@ -1,42 +0,0 @@
> -/** @file
>
> - Public definitions for the Replay Protected Monotonic Counter (RPMC)
> Library.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#ifndef _RPMC_LIB_H_
>
> -#define _RPMC_LIB_H_
>
> -
>
> -#include <Uefi/UefiBaseType.h>
>
> -
>
> -/**
>
> - Requests the monotonic counter from the designated RPMC counter.
>
> -
>
> - @param[out] CounterValue A pointer to a buffer to store the RPMC
> value.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RequestMonotonicCounter (
>
> - OUT UINT32 *CounterValue
>
> - );
>
> -
>
> -/**
>
> - Increments the monotonic counter in the SPI flash device by 1.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -IncrementMonotonicCounter (
>
> - VOID
>
> - );
>
> -
>
> -#endif
>
> diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> b/SecurityPkg/Include/Library/VariableKeyLib.h
> deleted file mode 100644
> index 561ebad09d..0000000000
> --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> +++ /dev/null
> @@ -1,59 +0,0 @@
> -/** @file
>
> - Public definitions for Variable Key Library.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#ifndef _VARIABLE_KEY_LIB_H_
>
> -#define _VARIABLE_KEY_LIB_H_
>
> -
>
> -#include <Uefi/UefiBaseType.h>
>
> -
>
> -/**
>
> - Retrieves the key for integrity and/or confidentiality of variables.
>
> -
>
> - @param[out] VariableKey A pointer to pointer for the variable key
> buffer.
>
> - @param[in,out] VariableKeySize The size in bytes of the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was returned.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> get the variable key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED The variable key is not supported in the
> current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -GetVariableKey (
>
> - OUT VOID **VariableKey,
>
> - IN OUT UINTN *VariableKeySize
>
> - );
>
> -
>
> -/**
>
> - Regenerates the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was regenerated
> successfully.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> regenerate the key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> the current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RegenerateVariableKey (
>
> - VOID
>
> - );
>
> -
>
> -/**
>
> - Locks the regenerate key interface.
>
> -
>
> - @retval EFI_SUCCESS The key interface was locked successfully.
>
> - @retval EFI_UNSUPPORTED Locking the key interface is not
> supported in the current boot configuration.
>
> - @retval Others An error occurred while attempting to lock the
> key interface.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -LockVariableKeyInterface (
>
> - VOID
>
> - );
>
> -
>
> -#endif
>
> diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> deleted file mode 100644
> index 792e48250e..0000000000
> --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> +++ /dev/null
> @@ -1,46 +0,0 @@
> -/** @file
>
> - NULL RpmcLib instance for build purpose.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#include <Library/DebugLib.h>
>
> -#include <Library/RpmcLib.h>
>
> -
>
> -/**
>
> - Requests the monotonic counter from the designated RPMC counter.
>
> -
>
> - @param[out] CounterValue A pointer to a buffer to store the RPMC
> value.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RequestMonotonicCounter (
>
> - OUT UINT32 *CounterValue
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Increments the monotonic counter in the SPI flash device by 1.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -IncrementMonotonicCounter (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> deleted file mode 100644
> index 500edfa87d..0000000000
> --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -## @file
>
> -# Provides Null version of RpmcLib for build purpose.
>
> -#
>
> -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -#
>
> -##
>
> -
>
> -[Defines]
>
> - INF_VERSION = 0x00010029
>
> - BASE_NAME = RpmcLibNull
>
> - FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
>
> - MODULE_TYPE = BASE
>
> - VERSION_STRING = 1.0
>
> - LIBRARY_CLASS = RpmcLib
>
> -
>
> -#
>
> -# The following information is for reference only and not required by the
> build tools.
>
> -#
>
> -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
>
> -#
>
> -
>
> -[Sources]
>
> - RpmcLibNull.c
>
> -
>
> -[Packages]
>
> - MdePkg/MdePkg.dec
>
> - SecurityPkg/SecurityPkg.dec
>
> -
>
> -[LibraryClasses]
>
> - BaseLib
>
> - DebugLib
>
> -
>
> diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> deleted file mode 100644
> index a08def767b..0000000000
> --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> +++ /dev/null
> @@ -1,66 +0,0 @@
> -/** @file
>
> - Null version of VariableKeyLib for build purpose. Don't use it in real
> product.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -#include <Library/DebugLib.h>
>
> -#include <Library/VariableKeyLib.h>
>
> -
>
> -/**
>
> - Retrieves the key for integrity and/or confidentiality of variables.
>
> -
>
> - @param[out] VariableKey A pointer to pointer for the variable key
> buffer.
>
> - @param[in,out] VariableKeySize The size in bytes of the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was returned.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> get the variable key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED The variable key is not supported in the
> current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -GetVariableKey (
>
> - OUT VOID **VariableKey,
>
> - IN OUT UINTN *VariableKeySize
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Regenerates the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was regenerated
> successfully.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> regenerate the key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> the current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RegenerateVariableKey (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Locks the regenerate key interface.
>
> -
>
> - @retval EFI_SUCCESS The key interface was locked successfully.
>
> - @retval EFI_UNSUPPORTED Locking the key interface is not
> supported in the current boot configuration.
>
> - @retval Others An error occurred while attempting to lock the
> key interface.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -LockVariableKeyInterface (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> deleted file mode 100644
> index ea74e38cf9..0000000000
> --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -## @file
>
> -# Provides Null version of VariableKeyLib for build only.
>
> -#
>
> -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -#
>
> -##
>
> -
>
> -[Defines]
>
> - INF_VERSION = 0x00010029
>
> - BASE_NAME = VariableKeyLibNull
>
> - FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
>
> - MODULE_TYPE = BASE
>
> - VERSION_STRING = 1.0
>
> - LIBRARY_CLASS = VariableKeyLib
>
> -
>
> -#
>
> -# The following information is for reference only and not required by the
> build tools.
>
> -#
>
> -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
>
> -#
>
> -
>
> -[Sources]
>
> - VariableKeyLibNull.c
>
> -
>
> -[Packages]
>
> - MdePkg/MdePkg.dec
>
> - SecurityPkg/SecurityPkg.dec
>
> -
>
> -[LibraryClasses]
>
> - BaseLib
>
> - DebugLib
>
> -
>
> diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
> index 7ecf9565d9..358b3dc543 100644
> --- a/SecurityPkg/SecurityPkg.dec
> +++ b/SecurityPkg/SecurityPkg.dec
> @@ -80,14 +80,6 @@
> #
>
> TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
>
>
>
> - ## @libraryclass Provides interfaces to access RPMC device.
>
> - #
>
> - RpmcLib|Include/Library/RpmcLib.h
>
> -
>
> - ## @libraryclass Provides interfaces to access variable root key.
>
> - #
>
> - VariableKeyLib|Include/Library/VariableKeyLib.h
>
> -
>
> ## @libraryclass Provides interfaces about firmware TPM measurement.
>
> #
>
> TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
>
> diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> index 30d911d8a1..2f679c87a9 100644
> --- a/SecurityPkg/SecurityPkg.dsc
> +++ b/SecurityPkg/SecurityPkg.dsc
> @@ -68,8 +68,6 @@
>
> TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi
> b.inf
>
>
> TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi
> b.inf
>
>
> ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseReset
> SystemLibNull.inf
>
> -
> VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.in
> f
>
> - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
>
>
> TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventL
> ogRecordLib.inf
>
>
> MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnbloc
> kMemoryLibNull.inf
>
>
> SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo
> otVariableLib.inf
>
> @@ -264,8 +262,6 @@
> #
>
> # Variable Confidentiality & Integrity
>
> #
>
> - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
>
> - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
>
>
> SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionL
> ibVarPolicy.inf
>
>
>
> #
>
> --
> 2.36.1.windows.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
2022-12-15 3:10 ` Yao, Jiewen
@ 2022-12-15 18:27 ` Michael D Kinney
2022-12-21 5:58 ` Yao, Jiewen
2022-12-21 1:51 ` Judah Vang
1 sibling, 1 reply; 5+ messages in thread
From: Michael D Kinney @ 2022-12-15 18:27 UTC (permalink / raw)
To: Yao, Jiewen, Wang, Jian J, devel@edk2.groups.io,
Kinney, Michael D
Cc: Mistry, Nishant C, Vang, Judah
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
Mike
> -----Original Message-----
> From: Yao, Jiewen <jiewen.yao@intel.com>
> Sent: Wednesday, December 14, 2022 7:11 PM
> To: Wang, Jian J <jian.j.wang@intel.com>; devel@edk2.groups.io
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Mistry, Nishant C <nishant.c.mistry@intel.com>; Vang, Judah
> <judah.vang@intel.com>
> Subject: RE: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
>
> Agree.
> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
>
> I will wait for 1 work week to see if there is any objection.
> If anyone has concern, please let us know as soon as possible.
>
> Thank you
> Yao, Jiewen
>
> > -----Original Message-----
> > From: Wang, Jian J <jian.j.wang@intel.com>
> > Sent: Thursday, December 15, 2022 11:02 AM
> > To: devel@edk2.groups.io
> > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> > <michael.d.kinney@intel.com>; Mistry, Nishant C
> > <nishant.c.mistry@intel.com>; Vang, Judah <judah.vang@intel.com>
> > Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
> >
> > There's no real usage of these two libraries. They're deprecated.
> >
> > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
> > Cc: Judah Vang <judah.vang@intel.com>
> > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> > ---
> > SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
> > SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
> > SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
> > .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
> > .../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
> > .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
> > SecurityPkg/SecurityPkg.dec | 8 ---
> > SecurityPkg/SecurityPkg.dsc | 4 --
> > 8 files changed, 291 deletions(-)
> > delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
> > delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
> > delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > delete mode 100644
> > SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > delete mode 100644
> > SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> >
> > diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> > b/SecurityPkg/Include/Library/RpmcLib.h
> > deleted file mode 100644
> > index df4ba34ba8..0000000000
> > --- a/SecurityPkg/Include/Library/RpmcLib.h
> > +++ /dev/null
> > @@ -1,42 +0,0 @@
> > -/** @file
> >
> > - Public definitions for the Replay Protected Monotonic Counter (RPMC)
> > Library.
> >
> > -
> >
> > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -
> >
> > -**/
> >
> > -
> >
> > -#ifndef _RPMC_LIB_H_
> >
> > -#define _RPMC_LIB_H_
> >
> > -
> >
> > -#include <Uefi/UefiBaseType.h>
> >
> > -
> >
> > -/**
> >
> > - Requests the monotonic counter from the designated RPMC counter.
> >
> > -
> >
> > - @param[out] CounterValue A pointer to a buffer to store the RPMC
> > value.
> >
> > -
> >
> > - @retval EFI_SUCCESS The operation completed successfully.
> >
> > - @retval EFI_DEVICE_ERROR A device error occurred while
> > attempting to update the counter.
> >
> > - @retval EFI_UNSUPPORTED The operation is un-supported.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -RequestMonotonicCounter (
> >
> > - OUT UINT32 *CounterValue
> >
> > - );
> >
> > -
> >
> > -/**
> >
> > - Increments the monotonic counter in the SPI flash device by 1.
> >
> > -
> >
> > - @retval EFI_SUCCESS The operation completed successfully.
> >
> > - @retval EFI_DEVICE_ERROR A device error occurred while
> > attempting to update the counter.
> >
> > - @retval EFI_UNSUPPORTED The operation is un-supported.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -IncrementMonotonicCounter (
> >
> > - VOID
> >
> > - );
> >
> > -
> >
> > -#endif
> >
> > diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> > b/SecurityPkg/Include/Library/VariableKeyLib.h
> > deleted file mode 100644
> > index 561ebad09d..0000000000
> > --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> > +++ /dev/null
> > @@ -1,59 +0,0 @@
> > -/** @file
> >
> > - Public definitions for Variable Key Library.
> >
> > -
> >
> > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -
> >
> > -**/
> >
> > -
> >
> > -#ifndef _VARIABLE_KEY_LIB_H_
> >
> > -#define _VARIABLE_KEY_LIB_H_
> >
> > -
> >
> > -#include <Uefi/UefiBaseType.h>
> >
> > -
> >
> > -/**
> >
> > - Retrieves the key for integrity and/or confidentiality of variables.
> >
> > -
> >
> > - @param[out] VariableKey A pointer to pointer for the variable key
> > buffer.
> >
> > - @param[in,out] VariableKeySize The size in bytes of the variable key.
> >
> > -
> >
> > - @retval EFI_SUCCESS The variable key was returned.
> >
> > - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> > get the variable key.
> >
> > - @retval EFI_ACCESS_DENIED The function was invoked after locking
> > the key interface.
> >
> > - @retval EFI_UNSUPPORTED The variable key is not supported in the
> > current boot configuration.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -GetVariableKey (
> >
> > - OUT VOID **VariableKey,
> >
> > - IN OUT UINTN *VariableKeySize
> >
> > - );
> >
> > -
> >
> > -/**
> >
> > - Regenerates the variable key.
> >
> > -
> >
> > - @retval EFI_SUCCESS The variable key was regenerated
> > successfully.
> >
> > - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> > regenerate the key.
> >
> > - @retval EFI_ACCESS_DENIED The function was invoked after locking
> > the key interface.
> >
> > - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> > the current boot configuration.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -RegenerateVariableKey (
> >
> > - VOID
> >
> > - );
> >
> > -
> >
> > -/**
> >
> > - Locks the regenerate key interface.
> >
> > -
> >
> > - @retval EFI_SUCCESS The key interface was locked successfully.
> >
> > - @retval EFI_UNSUPPORTED Locking the key interface is not
> > supported in the current boot configuration.
> >
> > - @retval Others An error occurred while attempting to lock the
> > key interface.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -LockVariableKeyInterface (
> >
> > - VOID
> >
> > - );
> >
> > -
> >
> > -#endif
> >
> > diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > deleted file mode 100644
> > index 792e48250e..0000000000
> > --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > +++ /dev/null
> > @@ -1,46 +0,0 @@
> > -/** @file
> >
> > - NULL RpmcLib instance for build purpose.
> >
> > -
> >
> > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -
> >
> > -**/
> >
> > -
> >
> > -#include <Library/DebugLib.h>
> >
> > -#include <Library/RpmcLib.h>
> >
> > -
> >
> > -/**
> >
> > - Requests the monotonic counter from the designated RPMC counter.
> >
> > -
> >
> > - @param[out] CounterValue A pointer to a buffer to store the RPMC
> > value.
> >
> > -
> >
> > - @retval EFI_SUCCESS The operation completed successfully.
> >
> > - @retval EFI_DEVICE_ERROR A device error occurred while
> > attempting to update the counter.
> >
> > - @retval EFI_UNSUPPORTED The operation is un-supported.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -RequestMonotonicCounter (
> >
> > - OUT UINT32 *CounterValue
> >
> > - )
> >
> > -{
> >
> > - ASSERT (FALSE);
> >
> > - return EFI_UNSUPPORTED;
> >
> > -}
> >
> > -
> >
> > -/**
> >
> > - Increments the monotonic counter in the SPI flash device by 1.
> >
> > -
> >
> > - @retval EFI_SUCCESS The operation completed successfully.
> >
> > - @retval EFI_DEVICE_ERROR A device error occurred while
> > attempting to update the counter.
> >
> > - @retval EFI_UNSUPPORTED The operation is un-supported.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -IncrementMonotonicCounter (
> >
> > - VOID
> >
> > - )
> >
> > -{
> >
> > - ASSERT (FALSE);
> >
> > - return EFI_UNSUPPORTED;
> >
> > -}
> >
> > diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > deleted file mode 100644
> > index 500edfa87d..0000000000
> > --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > +++ /dev/null
> > @@ -1,33 +0,0 @@
> > -## @file
> >
> > -# Provides Null version of RpmcLib for build purpose.
> >
> > -#
> >
> > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -# SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -#
> >
> > -##
> >
> > -
> >
> > -[Defines]
> >
> > - INF_VERSION = 0x00010029
> >
> > - BASE_NAME = RpmcLibNull
> >
> > - FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
> >
> > - MODULE_TYPE = BASE
> >
> > - VERSION_STRING = 1.0
> >
> > - LIBRARY_CLASS = RpmcLib
> >
> > -
> >
> > -#
> >
> > -# The following information is for reference only and not required by the
> > build tools.
> >
> > -#
> >
> > -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
> >
> > -#
> >
> > -
> >
> > -[Sources]
> >
> > - RpmcLibNull.c
> >
> > -
> >
> > -[Packages]
> >
> > - MdePkg/MdePkg.dec
> >
> > - SecurityPkg/SecurityPkg.dec
> >
> > -
> >
> > -[LibraryClasses]
> >
> > - BaseLib
> >
> > - DebugLib
> >
> > -
> >
> > diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > deleted file mode 100644
> > index a08def767b..0000000000
> > --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > +++ /dev/null
> > @@ -1,66 +0,0 @@
> > -/** @file
> >
> > - Null version of VariableKeyLib for build purpose. Don't use it in real
> > product.
> >
> > -
> >
> > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -
> >
> > -**/
> >
> > -#include <Library/DebugLib.h>
> >
> > -#include <Library/VariableKeyLib.h>
> >
> > -
> >
> > -/**
> >
> > - Retrieves the key for integrity and/or confidentiality of variables.
> >
> > -
> >
> > - @param[out] VariableKey A pointer to pointer for the variable key
> > buffer.
> >
> > - @param[in,out] VariableKeySize The size in bytes of the variable key.
> >
> > -
> >
> > - @retval EFI_SUCCESS The variable key was returned.
> >
> > - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> > get the variable key.
> >
> > - @retval EFI_ACCESS_DENIED The function was invoked after locking
> > the key interface.
> >
> > - @retval EFI_UNSUPPORTED The variable key is not supported in the
> > current boot configuration.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -GetVariableKey (
> >
> > - OUT VOID **VariableKey,
> >
> > - IN OUT UINTN *VariableKeySize
> >
> > - )
> >
> > -{
> >
> > - ASSERT (FALSE);
> >
> > - return EFI_UNSUPPORTED;
> >
> > -}
> >
> > -
> >
> > -/**
> >
> > - Regenerates the variable key.
> >
> > -
> >
> > - @retval EFI_SUCCESS The variable key was regenerated
> > successfully.
> >
> > - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> > regenerate the key.
> >
> > - @retval EFI_ACCESS_DENIED The function was invoked after locking
> > the key interface.
> >
> > - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> > the current boot configuration.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -RegenerateVariableKey (
> >
> > - VOID
> >
> > - )
> >
> > -{
> >
> > - ASSERT (FALSE);
> >
> > - return EFI_UNSUPPORTED;
> >
> > -}
> >
> > -
> >
> > -/**
> >
> > - Locks the regenerate key interface.
> >
> > -
> >
> > - @retval EFI_SUCCESS The key interface was locked successfully.
> >
> > - @retval EFI_UNSUPPORTED Locking the key interface is not
> > supported in the current boot configuration.
> >
> > - @retval Others An error occurred while attempting to lock the
> > key interface.
> >
> > -**/
> >
> > -EFI_STATUS
> >
> > -EFIAPI
> >
> > -LockVariableKeyInterface (
> >
> > - VOID
> >
> > - )
> >
> > -{
> >
> > - ASSERT (FALSE);
> >
> > - return EFI_UNSUPPORTED;
> >
> > -}
> >
> > diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > deleted file mode 100644
> > index ea74e38cf9..0000000000
> > --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > +++ /dev/null
> > @@ -1,33 +0,0 @@
> > -## @file
> >
> > -# Provides Null version of VariableKeyLib for build only.
> >
> > -#
> >
> > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> >
> > -# SPDX-License-Identifier: BSD-2-Clause-Patent
> >
> > -#
> >
> > -##
> >
> > -
> >
> > -[Defines]
> >
> > - INF_VERSION = 0x00010029
> >
> > - BASE_NAME = VariableKeyLibNull
> >
> > - FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
> >
> > - MODULE_TYPE = BASE
> >
> > - VERSION_STRING = 1.0
> >
> > - LIBRARY_CLASS = VariableKeyLib
> >
> > -
> >
> > -#
> >
> > -# The following information is for reference only and not required by the
> > build tools.
> >
> > -#
> >
> > -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
> >
> > -#
> >
> > -
> >
> > -[Sources]
> >
> > - VariableKeyLibNull.c
> >
> > -
> >
> > -[Packages]
> >
> > - MdePkg/MdePkg.dec
> >
> > - SecurityPkg/SecurityPkg.dec
> >
> > -
> >
> > -[LibraryClasses]
> >
> > - BaseLib
> >
> > - DebugLib
> >
> > -
> >
> > diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
> > index 7ecf9565d9..358b3dc543 100644
> > --- a/SecurityPkg/SecurityPkg.dec
> > +++ b/SecurityPkg/SecurityPkg.dec
> > @@ -80,14 +80,6 @@
> > #
> >
> > TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
> >
> >
> >
> > - ## @libraryclass Provides interfaces to access RPMC device.
> >
> > - #
> >
> > - RpmcLib|Include/Library/RpmcLib.h
> >
> > -
> >
> > - ## @libraryclass Provides interfaces to access variable root key.
> >
> > - #
> >
> > - VariableKeyLib|Include/Library/VariableKeyLib.h
> >
> > -
> >
> > ## @libraryclass Provides interfaces about firmware TPM measurement.
> >
> > #
> >
> > TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
> >
> > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> > index 30d911d8a1..2f679c87a9 100644
> > --- a/SecurityPkg/SecurityPkg.dsc
> > +++ b/SecurityPkg/SecurityPkg.dsc
> > @@ -68,8 +68,6 @@
> >
> > TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi
> > b.inf
> >
> >
> > TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi
> > b.inf
> >
> >
> > ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseReset
> > SystemLibNull.inf
> >
> > -
> > VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.in
> > f
> >
> > - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> >
> >
> > TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventL
> > ogRecordLib.inf
> >
> >
> > MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnbloc
> > kMemoryLibNull.inf
> >
> >
> > SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo
> > otVariableLib.inf
> >
> > @@ -264,8 +262,6 @@
> > #
> >
> > # Variable Confidentiality & Integrity
> >
> > #
> >
> > - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> >
> > - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> >
> >
> > SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionL
> > ibVarPolicy.inf
> >
> >
> >
> > #
> >
> > --
> > 2.36.1.windows.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
2022-12-15 3:10 ` Yao, Jiewen
2022-12-15 18:27 ` Michael D Kinney
@ 2022-12-21 1:51 ` Judah Vang
1 sibling, 0 replies; 5+ messages in thread
From: Judah Vang @ 2022-12-21 1:51 UTC (permalink / raw)
To: Yao, Jiewen, Wang, Jian J, devel@edk2.groups.io
Cc: Kinney, Michael D, Mistry, Nishant C
I reviewed it and it looks good to me.
Judah
-----Original Message-----
From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Wednesday, December 14, 2022 7:11 PM
To: Wang, Jian J <jian.j.wang@intel.com>; devel@edk2.groups.io
Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Mistry, Nishant C <nishant.c.mistry@intel.com>; Vang, Judah <judah.vang@intel.com>
Subject: RE: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
Agree.
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
I will wait for 1 work week to see if there is any objection.
If anyone has concern, please let us know as soon as possible.
Thank you
Yao, Jiewen
> -----Original Message-----
> From: Wang, Jian J <jian.j.wang@intel.com>
> Sent: Thursday, December 15, 2022 11:02 AM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> <michael.d.kinney@intel.com>; Mistry, Nishant C
> <nishant.c.mistry@intel.com>; Vang, Judah <judah.vang@intel.com>
> Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
>
> There's no real usage of these two libraries. They're deprecated.
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
> Cc: Judah Vang <judah.vang@intel.com>
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> ---
> SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
> SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
> SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
> .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
> .../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
> .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
> SecurityPkg/SecurityPkg.dec | 8 ---
> SecurityPkg/SecurityPkg.dsc | 4 --
> 8 files changed, 291 deletions(-)
> delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
> delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
> delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> delete mode 100644
> SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> delete mode 100644
> SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
>
> diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> b/SecurityPkg/Include/Library/RpmcLib.h
> deleted file mode 100644
> index df4ba34ba8..0000000000
> --- a/SecurityPkg/Include/Library/RpmcLib.h
> +++ /dev/null
> @@ -1,42 +0,0 @@
> -/** @file
>
> - Public definitions for the Replay Protected Monotonic Counter
> (RPMC) Library.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#ifndef _RPMC_LIB_H_
>
> -#define _RPMC_LIB_H_
>
> -
>
> -#include <Uefi/UefiBaseType.h>
>
> -
>
> -/**
>
> - Requests the monotonic counter from the designated RPMC counter.
>
> -
>
> - @param[out] CounterValue A pointer to a buffer to store the RPMC
> value.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RequestMonotonicCounter (
>
> - OUT UINT32 *CounterValue
>
> - );
>
> -
>
> -/**
>
> - Increments the monotonic counter in the SPI flash device by 1.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -IncrementMonotonicCounter (
>
> - VOID
>
> - );
>
> -
>
> -#endif
>
> diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> b/SecurityPkg/Include/Library/VariableKeyLib.h
> deleted file mode 100644
> index 561ebad09d..0000000000
> --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> +++ /dev/null
> @@ -1,59 +0,0 @@
> -/** @file
>
> - Public definitions for Variable Key Library.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#ifndef _VARIABLE_KEY_LIB_H_
>
> -#define _VARIABLE_KEY_LIB_H_
>
> -
>
> -#include <Uefi/UefiBaseType.h>
>
> -
>
> -/**
>
> - Retrieves the key for integrity and/or confidentiality of variables.
>
> -
>
> - @param[out] VariableKey A pointer to pointer for the variable key
> buffer.
>
> - @param[in,out] VariableKeySize The size in bytes of the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was returned.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> get the variable key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED The variable key is not supported in the
> current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -GetVariableKey (
>
> - OUT VOID **VariableKey,
>
> - IN OUT UINTN *VariableKeySize
>
> - );
>
> -
>
> -/**
>
> - Regenerates the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was regenerated
> successfully.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> regenerate the key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> the current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RegenerateVariableKey (
>
> - VOID
>
> - );
>
> -
>
> -/**
>
> - Locks the regenerate key interface.
>
> -
>
> - @retval EFI_SUCCESS The key interface was locked successfully.
>
> - @retval EFI_UNSUPPORTED Locking the key interface is not
> supported in the current boot configuration.
>
> - @retval Others An error occurred while attempting to lock the
> key interface.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -LockVariableKeyInterface (
>
> - VOID
>
> - );
>
> -
>
> -#endif
>
> diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> deleted file mode 100644
> index 792e48250e..0000000000
> --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> +++ /dev/null
> @@ -1,46 +0,0 @@
> -/** @file
>
> - NULL RpmcLib instance for build purpose.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -
>
> -#include <Library/DebugLib.h>
>
> -#include <Library/RpmcLib.h>
>
> -
>
> -/**
>
> - Requests the monotonic counter from the designated RPMC counter.
>
> -
>
> - @param[out] CounterValue A pointer to a buffer to store the RPMC
> value.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RequestMonotonicCounter (
>
> - OUT UINT32 *CounterValue
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Increments the monotonic counter in the SPI flash device by 1.
>
> -
>
> - @retval EFI_SUCCESS The operation completed successfully.
>
> - @retval EFI_DEVICE_ERROR A device error occurred while
> attempting to update the counter.
>
> - @retval EFI_UNSUPPORTED The operation is un-supported.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -IncrementMonotonicCounter (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> deleted file mode 100644
> index 500edfa87d..0000000000
> --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -## @file
>
> -# Provides Null version of RpmcLib for build purpose.
>
> -#
>
> -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -#
>
> -##
>
> -
>
> -[Defines]
>
> - INF_VERSION = 0x00010029
>
> - BASE_NAME = RpmcLibNull
>
> - FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
>
> - MODULE_TYPE = BASE
>
> - VERSION_STRING = 1.0
>
> - LIBRARY_CLASS = RpmcLib
>
> -
>
> -#
>
> -# The following information is for reference only and not required by
> the build tools.
>
> -#
>
> -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
>
> -#
>
> -
>
> -[Sources]
>
> - RpmcLibNull.c
>
> -
>
> -[Packages]
>
> - MdePkg/MdePkg.dec
>
> - SecurityPkg/SecurityPkg.dec
>
> -
>
> -[LibraryClasses]
>
> - BaseLib
>
> - DebugLib
>
> -
>
> diff --git
> a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> deleted file mode 100644
> index a08def767b..0000000000
> --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> +++ /dev/null
> @@ -1,66 +0,0 @@
> -/** @file
>
> - Null version of VariableKeyLib for build purpose. Don't use it in
> real product.
>
> -
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -
>
> -**/
>
> -#include <Library/DebugLib.h>
>
> -#include <Library/VariableKeyLib.h>
>
> -
>
> -/**
>
> - Retrieves the key for integrity and/or confidentiality of variables.
>
> -
>
> - @param[out] VariableKey A pointer to pointer for the variable key
> buffer.
>
> - @param[in,out] VariableKeySize The size in bytes of the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was returned.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> get the variable key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED The variable key is not supported in the
> current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -GetVariableKey (
>
> - OUT VOID **VariableKey,
>
> - IN OUT UINTN *VariableKeySize
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Regenerates the variable key.
>
> -
>
> - @retval EFI_SUCCESS The variable key was regenerated
> successfully.
>
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> regenerate the key.
>
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
>
> - @retval EFI_UNSUPPORTED Key regeneration is not supported in
> the current boot configuration.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -RegenerateVariableKey (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> -
>
> -/**
>
> - Locks the regenerate key interface.
>
> -
>
> - @retval EFI_SUCCESS The key interface was locked successfully.
>
> - @retval EFI_UNSUPPORTED Locking the key interface is not
> supported in the current boot configuration.
>
> - @retval Others An error occurred while attempting to lock the
> key interface.
>
> -**/
>
> -EFI_STATUS
>
> -EFIAPI
>
> -LockVariableKeyInterface (
>
> - VOID
>
> - )
>
> -{
>
> - ASSERT (FALSE);
>
> - return EFI_UNSUPPORTED;
>
> -}
>
> diff --git
> a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> deleted file mode 100644
> index ea74e38cf9..0000000000
> --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> +++ /dev/null
> @@ -1,33 +0,0 @@
> -## @file
>
> -# Provides Null version of VariableKeyLib for build only.
>
> -#
>
> -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> -# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> -#
>
> -##
>
> -
>
> -[Defines]
>
> - INF_VERSION = 0x00010029
>
> - BASE_NAME = VariableKeyLibNull
>
> - FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
>
> - MODULE_TYPE = BASE
>
> - VERSION_STRING = 1.0
>
> - LIBRARY_CLASS = VariableKeyLib
>
> -
>
> -#
>
> -# The following information is for reference only and not required by
> the build tools.
>
> -#
>
> -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
>
> -#
>
> -
>
> -[Sources]
>
> - VariableKeyLibNull.c
>
> -
>
> -[Packages]
>
> - MdePkg/MdePkg.dec
>
> - SecurityPkg/SecurityPkg.dec
>
> -
>
> -[LibraryClasses]
>
> - BaseLib
>
> - DebugLib
>
> -
>
> diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
> index 7ecf9565d9..358b3dc543 100644
> --- a/SecurityPkg/SecurityPkg.dec
> +++ b/SecurityPkg/SecurityPkg.dec
> @@ -80,14 +80,6 @@
> #
>
> TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
>
>
>
> - ## @libraryclass Provides interfaces to access RPMC device.
>
> - #
>
> - RpmcLib|Include/Library/RpmcLib.h
>
> -
>
> - ## @libraryclass Provides interfaces to access variable root key.
>
> - #
>
> - VariableKeyLib|Include/Library/VariableKeyLib.h
>
> -
>
> ## @libraryclass Provides interfaces about firmware TPM measurement.
>
> #
>
> TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
>
> diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> index 30d911d8a1..2f679c87a9 100644
> --- a/SecurityPkg/SecurityPkg.dsc
> +++ b/SecurityPkg/SecurityPkg.dsc
> @@ -68,8 +68,6 @@
>
> TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCore
> TcgStorageCoreLib|Li
> b.inf
>
>
> TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpal
> TcgStorageOpalLib|Li
> b.inf
>
>
> ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseReset
> SystemLibNull.inf
>
> -
> VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNu
> VariableKeyLib|ll.in
> f
>
> - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
>
>
> TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEvent
> TcgEventLogRecordLib|L
> ogRecordLib.inf
>
>
> MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnbloc
> kMemoryLibNull.inf
>
>
> SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/Secure
> SecureBootVariableLib|Bo
> otVariableLib.inf
>
> @@ -264,8 +262,6 @@
> #
>
> # Variable Confidentiality & Integrity
>
> #
>
> - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
>
> - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
>
>
> SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtect
> ionL
> ibVarPolicy.inf
>
>
>
> #
>
> --
> 2.36.1.windows.1
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
2022-12-15 18:27 ` Michael D Kinney
@ 2022-12-21 5:58 ` Yao, Jiewen
0 siblings, 0 replies; 5+ messages in thread
From: Yao, Jiewen @ 2022-12-21 5:58 UTC (permalink / raw)
To: Kinney, Michael D, Wang, Jian J, devel@edk2.groups.io
Cc: Mistry, Nishant C, Vang, Judah
Merged https://github.com/tianocore/edk2/pull/3812
> -----Original Message-----
> From: Kinney, Michael D <michael.d.kinney@intel.com>
> Sent: Friday, December 16, 2022 2:28 AM
> To: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J
> <jian.j.wang@intel.com>; devel@edk2.groups.io; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Mistry, Nishant C <nishant.c.mistry@intel.com>; Vang, Judah
> <judah.vang@intel.com>
> Subject: RE: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
>
> Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
>
> Mike
>
> > -----Original Message-----
> > From: Yao, Jiewen <jiewen.yao@intel.com>
> > Sent: Wednesday, December 14, 2022 7:11 PM
> > To: Wang, Jian J <jian.j.wang@intel.com>; devel@edk2.groups.io
> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Mistry, Nishant C
> <nishant.c.mistry@intel.com>; Vang, Judah
> > <judah.vang@intel.com>
> > Subject: RE: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
> >
> > Agree.
> > Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
> >
> > I will wait for 1 work week to see if there is any objection.
> > If anyone has concern, please let us know as soon as possible.
> >
> > Thank you
> > Yao, Jiewen
> >
> > > -----Original Message-----
> > > From: Wang, Jian J <jian.j.wang@intel.com>
> > > Sent: Thursday, December 15, 2022 11:02 AM
> > > To: devel@edk2.groups.io
> > > Cc: Yao, Jiewen <jiewen.yao@intel.com>; Kinney, Michael D
> > > <michael.d.kinney@intel.com>; Mistry, Nishant C
> > > <nishant.c.mistry@intel.com>; Vang, Judah <judah.vang@intel.com>
> > > Subject: [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib
> > >
> > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
> > >
> > > There's no real usage of these two libraries. They're deprecated.
> > >
> > > Cc: Jiewen Yao <jiewen.yao@intel.com>
> > > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > > Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
> > > Cc: Judah Vang <judah.vang@intel.com>
> > > Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> > > ---
> > > SecurityPkg/Include/Library/RpmcLib.h | 42 ------------
> > > SecurityPkg/Include/Library/VariableKeyLib.h | 59 -----------------
> > > SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 46 -------------
> > > .../Library/RpmcLibNull/RpmcLibNull.inf | 33 ----------
> > > .../VariableKeyLibNull/VariableKeyLibNull.c | 66 -------------------
> > > .../VariableKeyLibNull/VariableKeyLibNull.inf | 33 ----------
> > > SecurityPkg/SecurityPkg.dec | 8 ---
> > > SecurityPkg/SecurityPkg.dsc | 4 --
> > > 8 files changed, 291 deletions(-)
> > > delete mode 100644 SecurityPkg/Include/Library/RpmcLib.h
> > > delete mode 100644 SecurityPkg/Include/Library/VariableKeyLib.h
> > > delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > > delete mode 100644 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > > delete mode 100644
> > > SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > > delete mode 100644
> > > SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > >
> > > diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> > > b/SecurityPkg/Include/Library/RpmcLib.h
> > > deleted file mode 100644
> > > index df4ba34ba8..0000000000
> > > --- a/SecurityPkg/Include/Library/RpmcLib.h
> > > +++ /dev/null
> > > @@ -1,42 +0,0 @@
> > > -/** @file
> > >
> > > - Public definitions for the Replay Protected Monotonic Counter (RPMC)
> > > Library.
> > >
> > > -
> > >
> > > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -
> > >
> > > -**/
> > >
> > > -
> > >
> > > -#ifndef _RPMC_LIB_H_
> > >
> > > -#define _RPMC_LIB_H_
> > >
> > > -
> > >
> > > -#include <Uefi/UefiBaseType.h>
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Requests the monotonic counter from the designated RPMC counter.
> > >
> > > -
> > >
> > > - @param[out] CounterValue A pointer to a buffer to store the
> RPMC
> > > value.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The operation completed successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR A device error occurred while
> > > attempting to update the counter.
> > >
> > > - @retval EFI_UNSUPPORTED The operation is un-supported.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -RequestMonotonicCounter (
> > >
> > > - OUT UINT32 *CounterValue
> > >
> > > - );
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Increments the monotonic counter in the SPI flash device by 1.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The operation completed successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR A device error occurred while
> > > attempting to update the counter.
> > >
> > > - @retval EFI_UNSUPPORTED The operation is un-supported.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -IncrementMonotonicCounter (
> > >
> > > - VOID
> > >
> > > - );
> > >
> > > -
> > >
> > > -#endif
> > >
> > > diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> > > b/SecurityPkg/Include/Library/VariableKeyLib.h
> > > deleted file mode 100644
> > > index 561ebad09d..0000000000
> > > --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> > > +++ /dev/null
> > > @@ -1,59 +0,0 @@
> > > -/** @file
> > >
> > > - Public definitions for Variable Key Library.
> > >
> > > -
> > >
> > > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -
> > >
> > > -**/
> > >
> > > -
> > >
> > > -#ifndef _VARIABLE_KEY_LIB_H_
> > >
> > > -#define _VARIABLE_KEY_LIB_H_
> > >
> > > -
> > >
> > > -#include <Uefi/UefiBaseType.h>
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Retrieves the key for integrity and/or confidentiality of variables.
> > >
> > > -
> > >
> > > - @param[out] VariableKey A pointer to pointer for the variable
> key
> > > buffer.
> > >
> > > - @param[in,out] VariableKeySize The size in bytes of the variable key.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The variable key was returned.
> > >
> > > - @retval EFI_DEVICE_ERROR An error occurred while attempting
> to
> > > get the variable key.
> > >
> > > - @retval EFI_ACCESS_DENIED The function was invoked after
> locking
> > > the key interface.
> > >
> > > - @retval EFI_UNSUPPORTED The variable key is not supported in
> the
> > > current boot configuration.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -GetVariableKey (
> > >
> > > - OUT VOID **VariableKey,
> > >
> > > - IN OUT UINTN *VariableKeySize
> > >
> > > - );
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Regenerates the variable key.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The variable key was regenerated
> > > successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR An error occurred while attempting
> to
> > > regenerate the key.
> > >
> > > - @retval EFI_ACCESS_DENIED The function was invoked after
> locking
> > > the key interface.
> > >
> > > - @retval EFI_UNSUPPORTED Key regeneration is not supported
> in
> > > the current boot configuration.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -RegenerateVariableKey (
> > >
> > > - VOID
> > >
> > > - );
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Locks the regenerate key interface.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The key interface was locked
> successfully.
> > >
> > > - @retval EFI_UNSUPPORTED Locking the key interface is not
> > > supported in the current boot configuration.
> > >
> > > - @retval Others An error occurred while attempting to lock
> the
> > > key interface.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -LockVariableKeyInterface (
> > >
> > > - VOID
> > >
> > > - );
> > >
> > > -
> > >
> > > -#endif
> > >
> > > diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > > b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > > deleted file mode 100644
> > > index 792e48250e..0000000000
> > > --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > > +++ /dev/null
> > > @@ -1,46 +0,0 @@
> > > -/** @file
> > >
> > > - NULL RpmcLib instance for build purpose.
> > >
> > > -
> > >
> > > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -
> > >
> > > -**/
> > >
> > > -
> > >
> > > -#include <Library/DebugLib.h>
> > >
> > > -#include <Library/RpmcLib.h>
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Requests the monotonic counter from the designated RPMC counter.
> > >
> > > -
> > >
> > > - @param[out] CounterValue A pointer to a buffer to store the
> RPMC
> > > value.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The operation completed successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR A device error occurred while
> > > attempting to update the counter.
> > >
> > > - @retval EFI_UNSUPPORTED The operation is un-supported.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -RequestMonotonicCounter (
> > >
> > > - OUT UINT32 *CounterValue
> > >
> > > - )
> > >
> > > -{
> > >
> > > - ASSERT (FALSE);
> > >
> > > - return EFI_UNSUPPORTED;
> > >
> > > -}
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Increments the monotonic counter in the SPI flash device by 1.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The operation completed successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR A device error occurred while
> > > attempting to update the counter.
> > >
> > > - @retval EFI_UNSUPPORTED The operation is un-supported.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -IncrementMonotonicCounter (
> > >
> > > - VOID
> > >
> > > - )
> > >
> > > -{
> > >
> > > - ASSERT (FALSE);
> > >
> > > - return EFI_UNSUPPORTED;
> > >
> > > -}
> > >
> > > diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > > b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > > deleted file mode 100644
> > > index 500edfa87d..0000000000
> > > --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > > +++ /dev/null
> > > @@ -1,33 +0,0 @@
> > > -## @file
> > >
> > > -# Provides Null version of RpmcLib for build purpose.
> > >
> > > -#
> > >
> > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -# SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -#
> > >
> > > -##
> > >
> > > -
> > >
> > > -[Defines]
> > >
> > > - INF_VERSION = 0x00010029
> > >
> > > - BASE_NAME = RpmcLibNull
> > >
> > > - FILE_GUID = FAE0BA22-92E2-4334-8F0F-96AFF9BAE360
> > >
> > > - MODULE_TYPE = BASE
> > >
> > > - VERSION_STRING = 1.0
> > >
> > > - LIBRARY_CLASS = RpmcLib
> > >
> > > -
> > >
> > > -#
> > >
> > > -# The following information is for reference only and not required by the
> > > build tools.
> > >
> > > -#
> > >
> > > -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
> > >
> > > -#
> > >
> > > -
> > >
> > > -[Sources]
> > >
> > > - RpmcLibNull.c
> > >
> > > -
> > >
> > > -[Packages]
> > >
> > > - MdePkg/MdePkg.dec
> > >
> > > - SecurityPkg/SecurityPkg.dec
> > >
> > > -
> > >
> > > -[LibraryClasses]
> > >
> > > - BaseLib
> > >
> > > - DebugLib
> > >
> > > -
> > >
> > > diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > > b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > > deleted file mode 100644
> > > index a08def767b..0000000000
> > > --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> > > +++ /dev/null
> > > @@ -1,66 +0,0 @@
> > > -/** @file
> > >
> > > - Null version of VariableKeyLib for build purpose. Don't use it in real
> > > product.
> > >
> > > -
> > >
> > > -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -
> > >
> > > -**/
> > >
> > > -#include <Library/DebugLib.h>
> > >
> > > -#include <Library/VariableKeyLib.h>
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Retrieves the key for integrity and/or confidentiality of variables.
> > >
> > > -
> > >
> > > - @param[out] VariableKey A pointer to pointer for the variable
> key
> > > buffer.
> > >
> > > - @param[in,out] VariableKeySize The size in bytes of the variable key.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The variable key was returned.
> > >
> > > - @retval EFI_DEVICE_ERROR An error occurred while attempting
> to
> > > get the variable key.
> > >
> > > - @retval EFI_ACCESS_DENIED The function was invoked after
> locking
> > > the key interface.
> > >
> > > - @retval EFI_UNSUPPORTED The variable key is not supported in
> the
> > > current boot configuration.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -GetVariableKey (
> > >
> > > - OUT VOID **VariableKey,
> > >
> > > - IN OUT UINTN *VariableKeySize
> > >
> > > - )
> > >
> > > -{
> > >
> > > - ASSERT (FALSE);
> > >
> > > - return EFI_UNSUPPORTED;
> > >
> > > -}
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Regenerates the variable key.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The variable key was regenerated
> > > successfully.
> > >
> > > - @retval EFI_DEVICE_ERROR An error occurred while attempting
> to
> > > regenerate the key.
> > >
> > > - @retval EFI_ACCESS_DENIED The function was invoked after
> locking
> > > the key interface.
> > >
> > > - @retval EFI_UNSUPPORTED Key regeneration is not supported
> in
> > > the current boot configuration.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -RegenerateVariableKey (
> > >
> > > - VOID
> > >
> > > - )
> > >
> > > -{
> > >
> > > - ASSERT (FALSE);
> > >
> > > - return EFI_UNSUPPORTED;
> > >
> > > -}
> > >
> > > -
> > >
> > > -/**
> > >
> > > - Locks the regenerate key interface.
> > >
> > > -
> > >
> > > - @retval EFI_SUCCESS The key interface was locked
> successfully.
> > >
> > > - @retval EFI_UNSUPPORTED Locking the key interface is not
> > > supported in the current boot configuration.
> > >
> > > - @retval Others An error occurred while attempting to lock
> the
> > > key interface.
> > >
> > > -**/
> > >
> > > -EFI_STATUS
> > >
> > > -EFIAPI
> > >
> > > -LockVariableKeyInterface (
> > >
> > > - VOID
> > >
> > > - )
> > >
> > > -{
> > >
> > > - ASSERT (FALSE);
> > >
> > > - return EFI_UNSUPPORTED;
> > >
> > > -}
> > >
> > > diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > > b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > > deleted file mode 100644
> > > index ea74e38cf9..0000000000
> > > --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > > +++ /dev/null
> > > @@ -1,33 +0,0 @@
> > > -## @file
> > >
> > > -# Provides Null version of VariableKeyLib for build only.
> > >
> > > -#
> > >
> > > -# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> > >
> > > -# SPDX-License-Identifier: BSD-2-Clause-Patent
> > >
> > > -#
> > >
> > > -##
> > >
> > > -
> > >
> > > -[Defines]
> > >
> > > - INF_VERSION = 0x00010029
> > >
> > > - BASE_NAME = VariableKeyLibNull
> > >
> > > - FILE_GUID = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
> > >
> > > - MODULE_TYPE = BASE
> > >
> > > - VERSION_STRING = 1.0
> > >
> > > - LIBRARY_CLASS = VariableKeyLib
> > >
> > > -
> > >
> > > -#
> > >
> > > -# The following information is for reference only and not required by the
> > > build tools.
> > >
> > > -#
> > >
> > > -# VALID_ARCHITECTURES = IA32 X64 Arm AArch64
> > >
> > > -#
> > >
> > > -
> > >
> > > -[Sources]
> > >
> > > - VariableKeyLibNull.c
> > >
> > > -
> > >
> > > -[Packages]
> > >
> > > - MdePkg/MdePkg.dec
> > >
> > > - SecurityPkg/SecurityPkg.dec
> > >
> > > -
> > >
> > > -[LibraryClasses]
> > >
> > > - BaseLib
> > >
> > > - DebugLib
> > >
> > > -
> > >
> > > diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
> > > index 7ecf9565d9..358b3dc543 100644
> > > --- a/SecurityPkg/SecurityPkg.dec
> > > +++ b/SecurityPkg/SecurityPkg.dec
> > > @@ -80,14 +80,6 @@
> > > #
> > >
> > > TcgStorageOpalLib|Include/Library/TcgStorageOpalLib.h
> > >
> > >
> > >
> > > - ## @libraryclass Provides interfaces to access RPMC device.
> > >
> > > - #
> > >
> > > - RpmcLib|Include/Library/RpmcLib.h
> > >
> > > -
> > >
> > > - ## @libraryclass Provides interfaces to access variable root key.
> > >
> > > - #
> > >
> > > - VariableKeyLib|Include/Library/VariableKeyLib.h
> > >
> > > -
> > >
> > > ## @libraryclass Provides interfaces about firmware TPM
> measurement.
> > >
> > > #
> > >
> > > TcgEventLogRecordLib|Include/Library/TcgEventLogRecordLib.h
> > >
> > > diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
> > > index 30d911d8a1..2f679c87a9 100644
> > > --- a/SecurityPkg/SecurityPkg.dsc
> > > +++ b/SecurityPkg/SecurityPkg.dsc
> > > @@ -68,8 +68,6 @@
> > >
> > >
> TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLi
> > > b.inf
> > >
> > >
> > >
> TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLi
> > > b.inf
> > >
> > >
> > >
> ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseReset
> > > SystemLibNull.inf
> > >
> > > -
> > >
> VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.in
> > > f
> > >
> > > - RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > >
> > >
> > >
> TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventL
> > > ogRecordLib.inf
> > >
> > >
> > >
> MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnbloc
> > > kMemoryLibNull.inf
> > >
> > >
> > >
> SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBo
> > > otVariableLib.inf
> > >
> > > @@ -264,8 +262,6 @@
> > > #
> > >
> > > # Variable Confidentiality & Integrity
> > >
> > > #
> > >
> > > - SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
> > >
> > > - SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
> > >
> > >
> > >
> SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionL
> > > ibVarPolicy.inf
> > >
> > >
> > >
> > > #
> > >
> > > --
> > > 2.36.1.windows.1
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-12-21 5:58 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-12-15 3:02 [PATCH] SecurityPkg: deprecate RpmcLib and VariableKeyLib Wang, Jian J
2022-12-15 3:10 ` Yao, Jiewen
2022-12-15 18:27 ` Michael D Kinney
2022-12-21 5:58 ` Yao, Jiewen
2022-12-21 1:51 ` Judah Vang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox