From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 735AC780091 for ; Sun, 7 Apr 2024 03:52:57 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=C8s7Ao7ZIZ3M/l7C49IwxvVRYXBcU1Cv6c3BW5WrClU=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20240206; t=1712461976; v=1; b=toleeg2Z94QGgCCYLhCZ76939eM7Uu7I4CjeVRrkfzAk5mmomulgGp7E6G4/5x3kgW8PsGFl 57T+EqDdU9ufJzAn4mclfHp5TTtVEO2RI5rVymzG8OkIDV6GMzKOppKnDAKTy9ESaZn6lNx4IKq 2IyIp03S4DOJOkaMoHj7ASs28xRfgvE7gHuSVpPhewasmM221Lxh/IdWW45DNQMlwl6i6SH6ysz Jh1FkY4CLj7XcgzTIY8Ra0WSIs+cStC9UBkSoweKlcCHLTHIbg8uK1BcmR2C+gh+m2ZnV/Tp5VT nahF9YDIOJMJobJ5TMCBvBAQCPerTpfmVXUSH3CxDqXkA== X-Received: by 127.0.0.2 with SMTP id wYK2YY7687511xM7B36AeOT1; Sat, 06 Apr 2024 20:52:56 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.16]) by mx.groups.io with SMTP id smtpd.web11.62685.1712461975285161598 for ; Sat, 06 Apr 2024 20:52:55 -0700 X-CSE-ConnectionGUID: PjKY6MISReufgRW7kpL9mg== X-CSE-MsgGUID: B7ZoVZFeTw655Lu4mCZYeg== X-IronPort-AV: E=McAfee;i="6600,9927,11036"; a="7881111" X-IronPort-AV: E=Sophos;i="6.07,184,1708416000"; d="scan'208";a="7881111" X-Received: from fmviesa004.fm.intel.com ([10.60.135.144]) by orvoesa108.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 06 Apr 2024 20:52:55 -0700 X-CSE-ConnectionGUID: cVCWlWdPQw2ivCrlUFlhCw== X-CSE-MsgGUID: Rh28d6ZFSm2ObqtgPUu3nw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,184,1708416000"; d="scan'208";a="24174214" X-Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by fmviesa004.fm.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 06 Apr 2024 20:52:54 -0700 X-Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sat, 6 Apr 2024 20:52:54 -0700 X-Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sat, 6 Apr 2024 20:52:53 -0700 X-Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Sat, 6 Apr 2024 20:52:53 -0700 X-Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.169) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Sat, 6 Apr 2024 20:52:53 -0700 X-Received: from MW4SPRMB0084.namprd11.prod.outlook.com (2603:10b6:303:231::22) by PH0PR11MB7614.namprd11.prod.outlook.com (2603:10b6:510:28f::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7409.53; Sun, 7 Apr 2024 03:52:50 +0000 X-Received: from MW4SPRMB0084.namprd11.prod.outlook.com ([fe80::b82f:ae1c:4d81:35c6]) by MW4SPRMB0084.namprd11.prod.outlook.com ([fe80::b82f:ae1c:4d81:35c6%7]) with mapi id 15.20.7409.039; Sun, 7 Apr 2024 03:52:50 +0000 From: "Yao, Jiewen" To: "Bi, Dandan" , "Tan, Ming" , "devel@edk2.groups.io" CC: "Xu, Min M" , "POLUDOV, FELIX" Subject: Re: [edk2-devel] [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI according to UEFI spec Thread-Topic: [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI according to UEFI spec Thread-Index: AQHahNhOL26uWaLv2ECL18Sjg4sqhrFcFuKAgAAda0A= Date: Sun, 7 Apr 2024 03:52:50 +0000 Message-ID: References: <20240402083219.2293-1-ming.tan@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: MW4SPRMB0084:EE_|PH0PR11MB7614:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: +PRZYTOOWMGDEVGBdaII+oF5s6KCzLG960mvBWwaXQXoa/JS82GQ6ROVqUkHPB1dkDUJHigqTNiY4dPhpF7YF0r1n4jGfNRp+Ss09GupqSJcJ13vHAWEC/EQWDvvfRTavs/tmRpoSNpZDMCtGdXOjK7FaWJlD1eYpNq9L9zM31TdzSr9b6L9vibPcxHsmuO7AwFljpVCZOGK17vYZO4GpKHphVNEUpbwYVsmWTeBESX4yK8bJc4DUq7QvjSDnD5tCWlFWxdKFCve4qatZCo0scXqQQGGiqJEk0w0s+tnh7HrclZDu/FoSdzPfDAQqhBsg8gys+sdfPXOKZfqgg0BR7YWXCs1t5IfoHW5f/o6ukCdfpJtRJC022Poqj/DN9UpCrlLfijD8RBMu/aOGtp80c2Ha0fHs0B0HXQtmRD8Ktpx/CWCSZdVAmB1ViB8VP6MfojU+HwI2qD0cvXfTbkYxFALCSJyKamNylKyUnfeWXjsDMbRWscpYLc3x/TyD9GByu0CSiT4u9G8a2pxqAdsIbPRFS16HXVWYBLrgeyP5azJ98pPKQU+4dL+SHRnrMteRFlbkmaGa4/x8ID0iA3yAGR0Uxkrrd8snpTAiJhfQ500j4Xby4XC8mmnaTih5PiV x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?iAomj4UWeuMseNaJPEHco4LjKhHe+nokFaEVEM1PSxhEWwBHO9xopaoy2wDi?= =?us-ascii?Q?98teNZXFKPK/VfYFUwnio0Evq3h+YeOvLem/TFodpisrP1Ffgz8Pny5kW7kj?= =?us-ascii?Q?NpkVCZXvkhffb9Uh8HXUxSHnB+rwJ735B3QbqsWYbI4nPP6DUV86OILqRoyX?= =?us-ascii?Q?0SkpdME4p4RceNarp04Z54Zub3o3qEy444ZUpa+wq2et8aReqBjVkh2PvFXR?= =?us-ascii?Q?rkKs7ZvssyrunjourMkAZu+rjZd95E6G9Tg4M5c4xsc/lFLHnSCEJ53/5BY4?= =?us-ascii?Q?pl6/0XwwKVbKJNrBSyEb+3h2lUF20ynpCd3ImksFTBsK2RfJfJXbGFIH89G7?= =?us-ascii?Q?s6SoUKDt6WPP57+rlJnDU1btkOfctOjv3Rhyl2CYYbG6hS8tHDsCiiqG4m9k?= =?us-ascii?Q?F7aK1DQkGivWuMgeMyGvHiCbiojnUlMG0h5ObEZOHMBuQo6DILQ7/YRr3jZK?= =?us-ascii?Q?Ys5n0xT0a6myEhrQvSyX1LvEuFfh/UKHXJHkuVt2WJFN1lHihQvKRtB2DhqE?= =?us-ascii?Q?yA3VnCyJtUdxk8adGro6nbrd+H2vQ26iTw58buXcuvcVv1mJR/ATT40+k/RQ?= =?us-ascii?Q?o6nkbV+j9mg93/VM8yJYd7bz6LhuqCFr1aPO5wRis63vMrL7ysu4/DIoAXGA?= =?us-ascii?Q?BBq5gYoW923B4EI+tlbSAL52ralqWTJh9L36libkWnXQIxCH5/leGbzGY4Vk?= =?us-ascii?Q?PC6QJbZ7/xKhMjCL4b8hRukyfWJzAqzvrAsRM9anCEXYTrfDmRrE+TB0VzI/?= =?us-ascii?Q?vgTqBig2JCSBooQfLKkgD+0mad2zWGB+RRAZvqgy4Hykt0aUTfbTvDNnrZ6M?= =?us-ascii?Q?I4RyTNqIcVwHvWx0jbSj8KnCo0Hrq5QS+KyJrkcMyzbX2GwSDm12ZBFfJ8zs?= =?us-ascii?Q?S94+u8iz6NTDzmsxLWLVgUTeZI2oq8JM0wsXfh09Ecv2CV49/e5szkHHYIzO?= =?us-ascii?Q?R98zDvE87f77/0b3KFFEJj951AYEJ5dNke3BwruZtGy0VpJpWCUpPl9FJuUV?= =?us-ascii?Q?z68iM5Mh8JdSzJ6wFeJNsv3sAYyzk7M08f5AWBsYXolBvdwvMBfm7HNyYuGD?= =?us-ascii?Q?PysNkl/zyxl6BGYXdtpgOAXhTB3Jk42Lw27EEGcV0ypSxwkqBe1yeBnOjwAC?= =?us-ascii?Q?drFhr44qOl3Z6lFPv44QAfCZyehNapUzh9lEBp1OC5Ksl6cjbWFxEBSmI9uT?= =?us-ascii?Q?Ek4NDwbvzYDrmYzogqNN4obN8/gR6L9CPqk4KWXQUjxzp0022q7Cg7/SXYG+?= =?us-ascii?Q?Wgq/Ob5MK6QlKsw8cJOEeWUdM1LeRtU/bs+WnV+oRwMBzOITOieFxVm/ldht?= =?us-ascii?Q?ariAZA2bakwe3/FE2fuf8AUv7RwVrOGF63sS4ZjTvyroKqeNn0aSnEjJkAjq?= =?us-ascii?Q?7FFpC+U7BbBeWOT3yBvbCjqRWoTkXRuWyMNhevWliLvb7YrH6Y9oZ82ii+Cf?= =?us-ascii?Q?GHtaZP84j0wMr0snxzHsZwVq9vtUt8GEhYJy1TS+vITiuDPuEw8VFvI/tBoX?= =?us-ascii?Q?k91KjouSW5lDGjlKnyJYJ/eq7ioVEFk6HLfh2GPiHvMzCFeNPyT3OlSqQNct?= =?us-ascii?Q?ivvKzOebvdiYYkhY7LThvt6l2gDBxrolBi7nUHmF?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: MW4SPRMB0084.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 1c05a51f-3f7d-4b17-bd6b-08dc56b63218 X-MS-Exchange-CrossTenant-originalarrivaltime: 07 Apr 2024 03:52:50.4019 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: pXVjDsP2GdF7d++EyGSWZBSYc9Im4pdTayacL1W+Z6GYC59hDvnn6Ha5WppTBh4yxqzAbaKmyfu0R9+B58ruCw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB7614 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sat, 06 Apr 2024 20:52:55 -0700 Resent-From: jiewen.yao@intel.com Reply-To: devel@edk2.groups.io,jiewen.yao@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: ovSor1iMU9eubsbteRjOowGfx7686176AA= Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=toleeg2Z; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Thanks.https://github.com/tianocore/edk2/pull/5533 > -----Original Message----- > From: Bi, Dandan > Sent: Sunday, April 7, 2024 10:07 AM > To: Tan, Ming ; devel@edk2.groups.io > Cc: Xu, Min M ; Yao, Jiewen ; > POLUDOV, FELIX > Subject: RE: [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI accord= ing > to UEFI spec >=20 > Reviewed-by: Dandan Bi >=20 > -----Original Message----- > From: Tan, Ming > Sent: Tuesday, April 2, 2024 4:32 PM > To: devel@edk2.groups.io > Cc: Xu, Min M ; Yao, Jiewen ; B= i, > Dandan ; POLUDOV, FELIX > Subject: [PATCH v4] SecurityPkg/SecureBootConfigDxe: Update UI according = to > UEFI spec >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4713 >=20 > In UEFI_Spec_2_10_Aug29.pdf page 1694 section 35.5.4 for > EFI_BROWSER_ACTION_FORM_OPEN: > NOTE: EFI_FORM_BROWSER2_PROTOCOL.BrowserCallback() cannot be used > with this browser action because question values have not been retrieved = yet. >=20 > So should not call HiiGetBrowserData() and HiiSetBrowserData() in FORM_OP= EN > call back function. >=20 > Now call SecureBootExtractConfigFromVariable() and update > IfrNvData->ListCount to save the change to EFI variable, then HII use > IfrNvData->EFI > variable to control the UI. >=20 > Cc: Min Xu > Cc: Jiewen Yao > Cc: Dandan Bi > Cc: Felix Polyudov > Signed-off-by: Ming Tan > --- > PR: https://github.com/tianocore/edk2/pull/5411 >=20 > V4: Fix a Cc issue of miss a space. > V3: According to Dandan Bi's feedback, does not call > SecureBootExtractConfigFromVariable() at last, but call it as needed. > And add more code for update IfrNvData->ListCount. > V2: Change code style to pass uncrustify check. >=20 > .../SecureBootConfigImpl.c | 42 +++++++++++-------- > 1 file changed, 25 insertions(+), 17 deletions(-) >=20 > diff --git > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI= m > pl.c > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI= m > pl.c > index 2c11129526..6d4560c39b 100644 > --- > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI= m > pl.c > +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootCo > +++ nfigImpl.c > @@ -3366,6 +3366,8 @@ SecureBootExtractConfigFromVariable ( > ConfigData->FileEnrollType =3D UNKNOWN_FILE_TYPE; } + ConfigData- > >ListCount =3D Private->ListCount;+ // // If it is Physical Presence = User, set the > PhysicalPresent to true. //@@ -4541,12 +4543,13 @@ SecureBootCallback ( > EFI_HII_POPUP_PROTOCOL *HiiPopup; EFI_HII_POPUP_SELECTION > UserSelection; - Status =3D EFI_SUCCESS;- SecureBootEnable = =3D NULL;- > SecureBootMode =3D NULL;- SetupMode =3D NULL;- File = =3D NULL;- > EnrollKeyErrorCode =3D None_Error;+ Status =3D EFI_SUCCESS= ;+ > SecureBootEnable =3D NULL;+ SecureBootMode =3D NULL;+ SetupMo= de > =3D NULL;+ File =3D NULL;+ EnrollKeyErrorCode =3D Non= e_Error;+ > GetBrowserDataResult =3D FALSE; if ((This =3D=3D NULL) || (Value =3D= =3D NULL) || > (ActionRequest =3D=3D NULL)) { return EFI_INVALID_PARAMETER;@@ -4565,= 15 > +4568,12 @@ SecureBootCallback ( > return EFI_OUT_OF_RESOURCES; } - GetBrowserDataResult =3D > HiiGetBrowserData (&gSecureBootConfigFormSetGuid, > mSecureBootStorageName, BufferSize, (UINT8 *)IfrNvData);- if (Action = =3D=3D > EFI_BROWSER_ACTION_FORM_OPEN) { if (QuestionId =3D=3D > KEY_SECURE_BOOT_MODE) { // // Update secure boot strings when > opening this form //- Status =3D UpdateSecureBootString (Priva= te);- > SecureBootExtractConfigFromVariable (Private, IfrNvData);+ Status = =3D > UpdateSecureBootString (Private); mIsEnterSecureBootForm =3D TRUE; = } else > { //@@ -4587,23 +4587,22 @@ SecureBootCallback ( > (QuestionId =3D=3D KEY_SECURE_BOOT_DBT_OPTION)) > { CloseEnrolledFile (Private->FileContext);- } else if (Ques= tionId =3D=3D > KEY_SECURE_BOOT_DELETE_ALL_LIST) {- //- // Update ListCount= field in > varstore- // Button "Delete All Signature List" is- // enab= le when ListCount > is greater than 0.- //- IfrNvData->ListCount =3D Private->L= istCount; } } > goto EXIT; } + GetBrowserDataResult =3D HiiGetBrowserData > (&gSecureBootConfigFormSetGuid, mSecureBootStorageName, BufferSize, > (UINT8 *)IfrNvData);+ if (Action =3D=3D EFI_BROWSER_ACTION_RETRIEVE) > { Status =3D EFI_UNSUPPORTED; if (QuestionId =3D=3D KEY_SECURE_BO= OT_MODE) > { if (mIsEnterSecureBootForm) {+ if (GetBrowserDataResult) {= + > SecureBootExtractConfigFromVariable (Private, IfrNvData);+ }+ = Value- > >u8 =3D SECURE_BOOT_MODE_STANDARD; Status =3D EFI_SUCCESS; = }@@ - > 4764,6 +4763,8 @@ SecureBootCallback ( > L"Only Physical Presence User could delete PK in custom = mode!", > NULL );+ } else {+ SecureBootExtr= actConfigFromVariable > (Private, IfrNvData); } } }@@ -4827,6 +4828= ,7 @@ > SecureBootCallback ( > SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, > OPTION_SIGNATURE_LIST_QUESTION_ID );+ IfrNvData->ListCou= nt =3D > Private->ListCount; break; //@@ -4851,6 +4853,7 @@ > SecureBootCallback ( > SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, > OPTION_SIGNATURE_LIST_QUESTION_ID );+ IfrNvData->ListCou= nt =3D > Private->ListCount; break; //@@ -4875,6 +4878,7 @@ > SecureBootCallback ( > SECUREBOOT_DELETE_SIGNATURE_LIST_FORM, > OPTION_SIGNATURE_LIST_QUESTION_ID );+ IfrNvData->ListCou= nt =3D > Private->ListCount; break; case > SECUREBOOT_DELETE_SIGNATURE_FROM_DBT:@@ -4954,6 +4958,8 @@ > SecureBootCallback ( > L"Only supports DER-encoded X509 certificate, AUTH_2 format = data & > executable EFI image", NULL );+ } else {+ = IfrNvData- > >ListCount =3D Private->ListCount; } break;@@ -5005,6 +5= 011,8 @@ > SecureBootCallback ( > PromptString, NULL );+ } else= {+ > SecureBootExtractConfigFromVariable (Private, IfrNvData); } = break;-- > 2.31.1.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117473): https://edk2.groups.io/g/devel/message/117473 Mute This Topic: https://groups.io/mt/105284072/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-