From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from NAM04-SN1-obe.outbound.protection.outlook.com (NAM04-SN1-obe.outbound.protection.outlook.com [40.92.11.16])
 by mx.groups.io with SMTP id smtpd.web10.10551.1589304043608091295
 for <devel@edk2.groups.io>;
 Tue, 12 May 2020 10:20:43 -0700
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@outlook.com header.s=selector1 header.b=AR8idQO7;
 spf=pass (domain: outlook.com, ip: 40.92.11.16, mailfrom: michael.kubacki@outlook.com)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
 b=gAaCYkUV61LoWkeOvI7x0iUJYv989UzIOSP2CxZrps8iGW1XYPW7u8dFo3W/ldTDTbF2fhw/FyeYYQAK0mL2zClRWPr5ZmrhBp6dlHa3O1AgeT5Iu7MwHiG2+NESM4r7FGgRTQlCMUadszA5VVTKFww0rzhzypI8B41fXrodx9X4dMJhuZyVrUlDMEUOutlDhJrtGlUqoKrZDJrd0ZA/8RdNF/LGotxh+8eQ6PkGK2QyCPFSq5fYOMf6gSUKaHnsJRLDoeo0qTOO40MsCpW0JPnQMgJCIZtDJxrtmmnBhIMhvKd9G5ipYSaY3skCOlhWao8QZ+79UzgHROsDnno0Yw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector9901;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=xn4JJ3Du57T4OeiA/TZ5x/kANiSTqPznj9UhwwvI0W4=;
 b=OsSW2O8oXU5iYL3Y7UHiqqlHS1ZxyXC0yujtKym01B11NLHm2niz9rOq4KsZsMPvr3Vd2kG8ep8cjuce7ceTn7T2nHaUYkTy9fNO1PIGKflr3QoX5ejc3pol/BAfogKuAx2GUxUWW8JtevpQQNKGJco5idD/3zwMKK3AFfIpsrHhhN9WpFipZYeCgFa+lALDyPmQQwEPwoS/Qfq45GaMHnIeBQ8tvz6+WbT1LTXhsS9xm7wkEa6M8Dzf2U4VaGx0nxapDGO66ASlFchCMYxtIFw50E5JUT2z7iVFMRGxiSzMDyB60urFWSJq50jg4FvKxFq5BPdZjr37/yaBLZv11g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=outlook.com; dmarc=pass action=none header.from=outlook.com;
 dkim=pass header.d=outlook.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com;
 s=selector1;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
 bh=xn4JJ3Du57T4OeiA/TZ5x/kANiSTqPznj9UhwwvI0W4=;
 b=AR8idQO7XHcn56Sx/Xi04iBoJrwYcjJ3JZWyJ4V7eZO/HJaPLOglU5DY3k7Pv+VziujXIikpGwuQa8akiyK9vFfkJ+CQd5q/vEfP0l1j5VumnvUtacA4K/KBkjyxYigGwJlwH5uKMExLDqDt3wckCMy9SqVYThVp3+izEchj3vykmP8Hsqw6NTFUOsltvV70BZL3YOHN3j++RqC4RbZsuzUzAM1igrjoWd3RZ7fGZXjcUmi2v2dyw2vVSJeX0428BAc0A95hAu9NsSvSR/2TmKoTV1OoGVWj0uPfZqelHGA90CCsThBt4WhAGQZIFcHChosRcFdvesqcy3uQQCYnfw==
Received: from SN1NAM04FT011.eop-NAM04.prod.protection.outlook.com
 (10.152.88.57) by SN1NAM04HT072.eop-NAM04.prod.protection.outlook.com
 (10.152.88.216) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.27; Tue, 12 May
 2020 17:20:42 +0000
Received: from MWHPR07MB3440.namprd07.prod.outlook.com
 (2a01:111:e400:7e4c::40) by SN1NAM04FT011.mail.protection.outlook.com
 (2a01:111:e400:7e4c::104) with Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2979.27 via Frontend
 Transport; Tue, 12 May 2020 17:20:42 +0000
X-IncomingTopHeaderMarker: 
 OriginalChecksum:3004830E3E940ACA61913347CAD3EE175221CC63A2EA791F5BF0514976838ED4;UpperCasedChecksum:14285A211C2A2212125EB13743502106964B70D0E56969C5665DCB1610ABC6A0;SizeAsReceived:9650;Count:50
Received: from MWHPR07MB3440.namprd07.prod.outlook.com
 ([fe80::bcc9:271b:20db:52e3]) by MWHPR07MB3440.namprd07.prod.outlook.com
 ([fe80::bcc9:271b:20db:52e3%6]) with mapi id 15.20.2979.033; Tue, 12 May 2020
 17:20:42 +0000
Subject: Re: [edk2-devel] [PATCH v2 00/12] Add the VariablePolicy feature
To: Laszlo Ersek <lersek@redhat.com>, devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>, Chao Zhang <chao.b.zhang@intel.com>,
 Jian J Wang <jian.j.wang@intel.com>, Hao A Wu <hao.a.wu@intel.com>,
 Liming Gao <liming.gao@intel.com>, Jordan Justen
 <jordan.l.justen@intel.com>, Ard Biesheuvel <ard.biesheuvel@arm.com>,
 Andrew Fish <afish@apple.com>, Ray Ni <ray.ni@intel.com>,
 Anthony Perard <anthony.perard@citrix.com>, Julien Grall <julien@xen.org>,
 Maurice Ma <maurice.ma@intel.com>, Guo Dong <guo.dong@intel.com>,
 Benjamin You <benjamin.you@intel.com>
References: <MWHPR07MB3440F5CB92F0D7DCF94AA14FE9BE0@MWHPR07MB3440.namprd07.prod.outlook.com>
 <11a89bca-ea96-9ba0-2177-e995b98e6943@redhat.com>
 <6d21e1a2-f0e7-35a0-7c2e-7798d21f86e9@redhat.com>
 <8b7785a4-2b11-f5f8-ed23-65b672e4f9c4@redhat.com>
From: "Michael Kubacki" <michael.kubacki@outlook.com>
Message-ID: 
 <MWHPR07MB3440283F053FE5D96DB47728E9BE0@MWHPR07MB3440.namprd07.prod.outlook.com>
Date: Tue, 12 May 2020 10:20:41 -0700
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101
 Thunderbird/68.8.0
In-Reply-To: <8b7785a4-2b11-f5f8-ed23-65b672e4f9c4@redhat.com>
X-ClientProxiedBy: MWHPR19CA0069.namprd19.prod.outlook.com
 (2603:10b6:300:94::31) To MWHPR07MB3440.namprd07.prod.outlook.com
 (2603:10b6:301:69::28)
Return-Path: michael.kubacki@outlook.com
X-Microsoft-Original-Message-ID: 
 <434eaba5-1706-ef89-b0ac-03683535add9@outlook.com>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [IPv6:2001:4898:d8:39:925:94f3:de95:dcdc] (2001:4898:80e8:7:8946:94f3:de95:dcdc) by MWHPR19CA0069.namprd19.prod.outlook.com (2603:10b6:300:94::31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3000.20 via Frontend Transport; Tue, 12 May 2020 17:20:41 +0000
X-Microsoft-Original-Message-ID: 
 <434eaba5-1706-ef89-b0ac-03683535add9@outlook.com>
X-TMN: [uIHjuP7f46p+sGYjZgkRD1K4MJ25MesYTH3blhYcDqAZHCNKOGvwbNu0Je2nzz65]
X-MS-PublicTrafficType: Email
X-IncomingHeaderCount: 50
X-EOPAttributedMessage: 0
X-MS-Office365-Filtering-Correlation-Id: 8df29d2e-2533-4d8f-6b82-08d7f698cc2e
X-MS-TrafficTypeDiagnostic: SN1NAM04HT072:
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 
	mIFXCsEONMhUEEaqOztPJGgwovJqsUmJEF2tA7aIaQmnRbyZADQsikhBpjMPe/mTE3dXC2EQr1i2KbHC/rhw1Fq3LZHg2hKSgVk1UOWep3a/SKb1IOWzOTiBaLmCoVv3rcZI/qZRWeUzVxLk1qTu7nSggGy+yBqUTBq6IH9lTLmkVeOm7yJk1BpIVFAyZkX5hPV05mZZo2DHPwSBIW+SGWREegYYvvb7Oe7HvRzbylFcEE5OP5tcIeHoLr9s+GYD
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR07MB3440.namprd07.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:;DIR:OUT;SFP:1901;
X-MS-Exchange-AntiSpam-MessageData: 
	D2TpdSuDN7+jLjcGJctj0MfVlyaUet9Ol6gglGxQZW+0SEJOmKCHNqP51O+kWX9fZ/uECF7wmtkSA1LWhCbpdAp5jo7c2OdXq5A6XZjrOTlv0SF1hFBIbpO0Wc93pN6HhIa8+RyJRI7a1aPRIhc5jD3yLl32aJ7XPofhcc2gsncgGOPoBhJsBbhbKfMgZtMXXPfnbwESY4W6wF5Ro1DGgg==
X-OriginatorOrg: outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 8df29d2e-2533-4d8f-6b82-08d7f698cc2e
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 May 2020 17:20:41.9769
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 
	00000000-0000-0000-0000-000000000000
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN1NAM04HT072
Content-Type: text/plain; charset=utf-8; format=flowed
Content-Language: en-US
Content-Transfer-Encoding: 7bit

While most of the feedback in the series is relevant for the author 
(Bret), this is a change I will make for the patches I generate.

Thanks,
Michael

On 5/12/2020 5:37 AM, Laszlo Ersek wrote:
> On 05/12/20 14:15, Laszlo Ersek wrote:
>> On 05/12/20 13:52, Laszlo Ersek wrote:
>>> On 05/12/20 08:46, Michael Kubacki wrote:
>>>> From: Michael Kubacki <michael.kubacki@microsoft.com>
>>>>
>>>> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2522
>>>>
>>>> The 12 patches in this series add the VariablePolicy feature to the
>>>> core, deprecate Edk2VarLock (while adding a compatibility layer to
>>>> reduce code churn), and integrate the VariablePolicy libraries and
>>>> protocols into Variable Services.
>>>>
>>>> Since the integration requires multiple changes, including adding
>>>> libraries, a protocol, an SMI communication handler, and
>>>> VariableServices integration, the patches are broken up by
>>>> individual library additions and then a final integration.
>>>> Security-sensitive changes like bypassing Authenticated Variable
>>>> enforcement are also broken out into individual patches so that
>>>> attention can be called directly to them.
> 
> (4) Can you please run SetupGit.py in your edk2 clone, for the future?
> 
> It will mark the DEC, DSC, etc "ini-style" files with the "diff=ini"
> attribute. Furthermore, it will set the "xfuncname" knob for the
> "diff=ini"-marked files.
> 
> As a result, when you format a patch that modifies e.g. a DSC file, the
> "@@" hunk headers will display the section being modified. For example:
> 
>> @@ -492,6 +496,9 @@ [PcdsFixedAtBuild]
>>     gEfiMdeModulePkgTokenSpaceGuid.PcdMaxVolatileVariableSize|0x40000
>>   !endif
>>
>> +  # Optional: Omit if VariablePolicy should be always-on.
>> +  gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable|TRUE
>> +
>>     gEfiMdeModulePkgTokenSpaceGuid.PcdVpdBaseAddress|0x0
>>
>>     gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x07
> 
> Note that the "@@" hunk header now states "[PcdsFixedAtBuild]". It tells
> me as a reviewer about the access method of the PCD that was chosen for
> OvmfPkg.
> 
> Such hunk headers improve reviewer throughput quite a bit.
> 
> Thanks,
> Laszlo
>