From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.92.23.61]) by mx.groups.io with SMTP id smtpd.web10.3077.1590101058775511276 for ; Thu, 21 May 2020 15:44:18 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@outlook.com header.s=selector1 header.b=CRtMSTEz; spf=pass (domain: outlook.com, ip: 40.92.23.61, mailfrom: michael.kubacki@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QYeHwO8aquRh8ZnoIqAsTG929yupAXusJUbWIA5WtPCOFPwbNC782XHhq9EzWriqPk813poKpe0P8/nCw7wWmJ7IheBbmL8dGHBR4FjG0iL3uMqssVswigFlzWgiuGxApF0bwgY4+ZhRKV8vWuYY1AF4Z6DaecYahwtjFX9AkwpVkkreo0eIFjfLhGVofR7M+H7M/DVlYlzeRgDckvQIy6tZaWeCb3xAUUYLTvjCrSavJbSlx3PZFZ6W9TVjgCD25kpDpTWQx6l1QdP+57KeA6V0bd8a3cgNDL99EF5perjltVeG1mIX7Jtu1AWt3g6vAQzublh4KXuwLMyMPlIKpQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DfFxx3DFomTCsIvLS0qt6Sk/0yOqkFjbauT80ccViiM=; b=EgHOcdfP3Fy2ODlHYWLr2goGzPdMv2MJmLsrCZFwGroy4BkRxuFrYjIW++BG78CuCmVOFglV96hVfgV++CBe1Yc9a0RE/DEAsYocv+98Fwu75JL6ywbZDyg/e77rHzkwvJ0POCWKPrlgK4o74kp/pt0/bMBx+i2PnZcx6ZTABELnxlVASRB+J2A6CmBSYLglKcI2F4wEBPv9JiBi+0CMcn4NG2zUJlMS/+0biVwFoFHS5Ec2SSY0bjkOfWp1CCYQPule8fM7tEJxsXSnecOU0cg6UKxPBkG6NNxme3fJ1UXNB+9ZPa5M3NwEz/te5orCauIxTdYIlUk5Pa5CCAQ0Qg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=outlook.com; dmarc=pass action=none header.from=outlook.com; dkim=pass header.d=outlook.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DfFxx3DFomTCsIvLS0qt6Sk/0yOqkFjbauT80ccViiM=; b=CRtMSTEzpFukjjDBgeqohT32rVVlJPR+fYh3m9EXpcyAitGtNGI3Jc5gaeG9qGq48wV1z4b02nK6uorwS+ZCoras9NuSMvtpHoRXJIeOlczreWALnvE9qdEsf3qPbZlmzZogiP8T8YqLU+JGn7BRs2IZmxi7IeIr34iLHd9fLB8BB3KlTr3mtmoG1MmeLcJxRGgPy/e6i+FQl4PmRK7I11m2HCQDQo3RWwpD3bn//Jv3/OmtzG5AZ5Fa4mtMorlLLL4HguyVZji6f5SkmYlCvmK7i70ty6qEhcR0v6wrDNx/5uQpQiIZp8r+bwTPoIx+bpCmBCaXiYXUHUyx/cidEw== Received: from MW2NAM12FT062.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc65::45) by MW2NAM12HT053.eop-nam12.prod.protection.outlook.com (2a01:111:e400:fc65::205) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.11; Thu, 21 May 2020 22:44:17 +0000 Received: from MWHPR07MB3440.namprd07.prod.outlook.com (2a01:111:e400:fc65::50) by MW2NAM12FT062.mail.protection.outlook.com (2a01:111:e400:fc65::370) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.11 via Frontend Transport; Thu, 21 May 2020 22:44:17 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:46A17D0954070B2EF759EC89454E998A4BE6272E5DF9FC95BE9D4E9D3BA5C27E;UpperCasedChecksum:9D8B9D16C5CE738A95DEE6BB9A8C1C668A5057244F95B79B0475C1FAC45BED38;SizeAsReceived:7846;Count:50 Received: from MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3]) by MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3%6]) with mapi id 15.20.3021.020; Thu, 21 May 2020 22:44:17 +0000 From: "Michael Kubacki" To: devel@edk2.groups.io CC: Jian J Wang , Hao A Wu , Liming Gao , Bret Barkelew Subject: [PATCH v3 03/14] MdeModulePkg: Define the VariablePolicyHelperLib Date: Thu, 21 May 2020 15:43:20 -0700 Message-ID: X-Mailer: git-send-email 2.16.3.windows.1 In-Reply-To: <20200521224331.15616-1-michael.kubacki@outlook.com> References: <20200521224331.15616-1-michael.kubacki@outlook.com> X-ClientProxiedBy: MWHPR12CA0071.namprd12.prod.outlook.com (2603:10b6:300:103::33) To MWHPR07MB3440.namprd07.prod.outlook.com (2603:10b6:301:69::28) Return-Path: michael.kubacki@outlook.com X-Microsoft-Original-Message-ID: <20200521224331.15616-4-michael.kubacki@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (2001:4898:80e8:1:2c94:8481:fffa:8ac5) by MWHPR12CA0071.namprd12.prod.outlook.com (2603:10b6:300:103::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23 via Frontend Transport; Thu, 21 May 2020 22:44:16 +0000 X-Mailer: git-send-email 2.16.3.windows.1 X-Microsoft-Original-Message-ID: <20200521224331.15616-4-michael.kubacki@outlook.com> X-TMN: [3djNiEmh4xUEfcuYWzapetukeCMh7AKtko1Emm7btwuD+d6Wbgs+6yXfzT5kgepL] X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 50 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: 8aa077ac-4001-47b4-1761-08d7fdd87e20 X-MS-TrafficTypeDiagnostic: MW2NAM12HT053: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: d0bclEwApeCysHTYOm35zH2+W9D0tjZtaKgcHvq3vFznSM9ljSkwXOCtN3UXNJKo3pt+QzF9diy4Qrl0dmvEXDG6FVxKtvJV9RETwrxsXAlDCiOSHCDwfz++GSmPI2PWUZERNi1m0w6QHrprMq+NG4VP/D5RiUPfUaiqzWsl28pL8mWFmVj+p8xDb1j7rA2DrXkcdt47q3PBLCeb7ahqztlJOiOOCADHp8TUJm4Ml9lXl1h/SjVFVEI+e2NHjUTk X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR07MB3440.namprd07.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:;DIR:OUT;SFP:1901; X-MS-Exchange-AntiSpam-MessageData: hvU9FGeSzwsjf/hIyuiJk5ta4t5sCcKK8fXPbhmCxijETfECFstuvkBGLYg+FDrhg7z24KElk6SPtbbPe9rC9pdwCKvWZg8SncJ4qYDTngoWxh3/72AOeUF3jXtvizLaRnQkWYHta4PAWMVDXDYUdklUoiqucov3rzNqDCYyOVv91gwdDYlnNa9u7q1yVmyEmvH6AIJ8vWI1aBbD4b+o5w== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8aa077ac-4001-47b4-1761-08d7fdd87e20 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2020 22:44:17.5205 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: MW2NAM12HT053 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain From: Bret Barkelew https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 VariablePolicy is an updated interface to replace VarLock and VarCheckProtocol. Add the VariablePolicyHelperLib library, containing several functions to help with the repetitive process of creating a correctly structured and packed VariablePolicy entry. Cc: Jian J Wang Cc: Hao A Wu Cc: Liming Gao Cc: Bret Barkelew Signed-off-by: Michael Kubacki --- MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.c |= 404 ++++++++++++++++++++ MdeModulePkg/Include/Library/VariablePolicyHelperLib.h |= 164 ++++++++ MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf |= 35 ++ MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.uni |= 12 + MdeModulePkg/MdeModulePkg.dec |= 5 + MdeModulePkg/MdeModulePkg.dsc |= 2 + 6 files changed, 622 insertions(+) diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.c b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelpe= rLib.c new file mode 100644 index 000000000000..73f43a543929 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.= c @@ -0,0 +1,404 @@ +/** @file -- VariablePolicyHelperLib.c +This library contains helper functions for marshalling and registering +new policies with the VariablePolicy infrastructure. + +This library is currently written against VariablePolicy revision 0x000100= 00. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include + +#include + +/** + This internal helper function populates the header structure, + all common fields, and takes care of fix-ups. + + NOTE: Only use this internally. Assumes correctly-sized buffers. + + @param[out] EntPtr Pointer to the buffer to be populated. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + +**/ +STATIC +VOID +PopulateCommonData ( + OUT VARIABLE_POLICY_ENTRY *EntPtr, + IN CONST EFI_GUID *Namespace, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ) +{ + EntPtr->Version =3D VARIABLE_POLICY_ENTRY_REVISION; + CopyGuid (&EntPtr->Namespace, Namespace); + EntPtr->MinSize =3D MinSize; + EntPtr->MaxSize =3D MaxSize; + EntPtr->AttributesMustHave =3D AttributesMustHave; + EntPtr->AttributesCantHave =3D AttributesCantHave; + EntPtr->LockPolicyType =3D LockPolicyType; + + // NOTE: As a heler, fix up MaxSize for compatibility with the old model= . + if (EntPtr->MaxSize =3D=3D 0) { + EntPtr->MaxSize =3D VARIABLE_POLICY_NO_MAX_SIZE; + } + + return; +} + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy that does not contain any sub-structures (such as + VARIABLE_LOCK_ON_VAR_STATE_POLICY). + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace is NULL. + @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basi= c structure. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateBasicVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ) +{ + UINTN TotalSize; + UINTN NameSize; + VARIABLE_POLICY_ENTRY *EntPtr; + CHAR16 *CopyName; + + // Check some initial invalid parameters for this function. + if (Namespace =3D=3D NULL || NewEntry =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + if (LockPolicyType !=3D VARIABLE_POLICY_TYPE_NO_LOCK && + LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_NOW && + LockPolicyType !=3D VARIABLE_POLICY_TYPE_LOCK_ON_CREATE) { + return EFI_INVALID_PARAMETER; + } + + // Now we've gotta determine the total size of the buffer required for + // the VariablePolicy structure. + TotalSize =3D sizeof (VARIABLE_POLICY_ENTRY); + if (Name !=3D NULL) { + NameSize =3D StrnSizeS (Name, MAX_UINT16); + TotalSize +=3D NameSize; + } + // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size. + ASSERT (TotalSize <=3D MAX_UINT16); + if (TotalSize > MAX_UINT16) { + return EFI_BUFFER_TOO_SMALL; + } + + // Allocate a buffer to hold all the data. We're on the home stretch. + *NewEntry =3D AllocatePool (TotalSize); + if (*NewEntry =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // If we're still here, we're basically done. + // Copy the data and GET... OUT.... + EntPtr =3D *NewEntry; + PopulateCommonData ( + EntPtr, + Namespace, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + LockPolicyType + ); + EntPtr->Size =3D (UINT16) TotalSize; // This is safe= because we've already checked. + EntPtr->OffsetToName =3D sizeof (VARIABLE_POLICY_ENTRY); + if (Name !=3D NULL) { + CopyName =3D (CHAR16 *) ((UINT8 *) EntPtr + EntPtr->OffsetToName); + CopyMem (CopyName, Name, NameSize); + } + + return EFI_SUCCESS; +} + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE. + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarSta= teName is NULL. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateVarStateVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN UINT8 VarStateValue, + IN CONST CHAR16 *VarStateName, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ) +{ + UINTN TotalSize; + UINTN NameSize; + UINTN VarStateNameSize; + VARIABLE_POLICY_ENTRY *EntPtr; + CHAR16 *CopyName; + VARIABLE_LOCK_ON_VAR_STATE_POLICY *CopyPolicy; + + // Check some initial invalid parameters for this function. + if (Namespace =3D=3D NULL || VarStateNamespace =3D=3D NULL || + VarStateName =3D=3D NULL || NewEntry =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Now we've gotta determine the total size of the buffer required for + // the VariablePolicy structure. + VarStateNameSize =3D StrnSizeS (VarStateName, MAX_UINT16); + TotalSize =3D sizeof (VARIABLE_POLICY_ENTRY) + + sizeof (VARIABLE_LOCK_ON_VAR_STATE_POLICY) + + VarStateNameSize; + if (Name !=3D NULL) { + NameSize =3D StrnSizeS (Name, MAX_UINT16); + TotalSize +=3D NameSize; + } + // Make sure the size fits within a VARIABLE_POLICY_ENTRY.Size. + ASSERT (TotalSize <=3D MAX_UINT16); + if (TotalSize > MAX_UINT16) { + return EFI_BUFFER_TOO_SMALL; + } + + // Allocate a buffer to hold all the data. We're on the home stretch. + *NewEntry =3D AllocatePool (TotalSize); + if (*NewEntry =3D=3D NULL) { + return EFI_OUT_OF_RESOURCES; + } + + // If we're still here, we're basically done. + // Copy the data and GET... OUT.... + EntPtr =3D *NewEntry; + PopulateCommonData ( + EntPtr, + Namespace, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + VARIABLE_POLICY_TYPE_LOCK_ON_VAR_STATE + ); + EntPtr->Size =3D (UINT16) TotalSize; // This is safe= because we've already checked. + EntPtr->OffsetToName =3D sizeof (VARIABLE_POLICY_ENTRY) + + sizeof (VARIABLE_LOCK_ON_VAR_STATE_POLICY)= + + (UINT16) VarStateNameSize; + + CopyPolicy =3D (VARIABLE_LOCK_ON_VAR_STATE_POLICY *) ((UINT8 *) EntPtr += sizeof (VARIABLE_POLICY_ENTRY)); + CopyName =3D (CHAR16 *) ((UINT8 *) CopyPolicy + sizeof (VARIABLE_LOCK_ON= _VAR_STATE_POLICY)); + CopyGuid (&CopyPolicy->Namespace, VarStateNamespace); + CopyPolicy->Value =3D VarStateValue; + CopyMem (CopyName, VarStateName, VarStateNameSize); + + if (Name !=3D NULL) { + CopyName =3D (CHAR16 *) ((UINT8 *) EntPtr + EntPtr->OffsetToName); + CopyMem (CopyName, Name, NameSize); + } + + return EFI_SUCCESS; +} + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariable= Policy() or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterBasicVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ) +{ + VARIABLE_POLICY_ENTRY *NewEntry; + EFI_STATUS Status; + + // Check the simple things. + if (VariablePolicy =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Create the new entry and make sure that everything worked. + NewEntry =3D NULL; + Status =3D CreateBasicVariablePolicy ( + Namespace, + Name, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + LockPolicyType, + &NewEntry + ); + + // If that was successful, attempt to register the new policy. + if (!EFI_ERROR (Status)) { + Status =3D VariablePolicy->RegisterVariablePolicy (NewEntry); + } + + // If we allocated the buffer, free the buffer. + if (NewEntry !=3D NULL) { + FreePool (NewEntry); + } + + return Status; +} + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariablePolicy()= or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterVarStateVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN CONST CHAR16 *VarStateName, + IN UINT8 VarStateValue + ) +{ + VARIABLE_POLICY_ENTRY *NewEntry; + EFI_STATUS Status; + + // Check the simple things. + if (VariablePolicy =3D=3D NULL) { + return EFI_INVALID_PARAMETER; + } + + // Create the new entry and make sure that everything worked. + NewEntry =3D NULL; + Status =3D CreateVarStateVariablePolicy ( + Namespace, + Name, + MinSize, + MaxSize, + AttributesMustHave, + AttributesCantHave, + VarStateNamespace, + VarStateValue, + VarStateName, + &NewEntry + ); + + // If that was successful, attempt to register the new policy. + if (!EFI_ERROR (Status)) { + Status =3D VariablePolicy->RegisterVariablePolicy (NewEntry); + } + + // If we allocated the buffer, free the buffer. + if (NewEntry !=3D NULL) { + FreePool (NewEntry); + } + + return Status; +} diff --git a/MdeModulePkg/Include/Library/VariablePolicyHelperLib.h b/MdeMo= dulePkg/Include/Library/VariablePolicyHelperLib.h new file mode 100644 index 000000000000..3b75e9786094 --- /dev/null +++ b/MdeModulePkg/Include/Library/VariablePolicyHelperLib.h @@ -0,0 +1,164 @@ +/** @file -- VariablePolicyHelperLib.h +This library contains helper functions for marshalling and registering +new policies with the VariablePolicy infrastructure. + +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ +#define _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ + +#include + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy that does not contain any sub-structures (such as + VARIABLE_LOCK_ON_VAR_STATE_POLICY). + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace is NULL. + @retval EFI_INVALID_PARAMETER LockPolicyType is invalid for a basi= c structure. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateBasicVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ); + + +/** + This helper function will allocate and populate a new VariablePolicy + structure for a policy with a lock type of VARIABLE_POLICY_TYPE_LOCK_ON_= VAR_STATE. + + NOTE: Caller will need to free structure once finished. + + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[out] NewEntry If successful, will be set to a pointer to the a= llocated buffer containing the + new policy. + + @retval EFI_SUCCESS Operation completed successfully and= structure is populated. + @retval EFI_INVALID_PARAMETER Namespace, VarStateNamespace, VarSta= teName is NULL. + @retval EFI_BUFFER_TOO_SMALL Finished structure would not fit in = UINT16 size. + @retval EFI_OUT_OF_RESOURCES Could not allocate sufficient space = for structure. + +**/ +EFI_STATUS +EFIAPI +CreateVarStateVariablePolicy ( + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN UINT8 VarStateValue, + IN CONST CHAR16 *VarStateName, + OUT VARIABLE_POLICY_ENTRY **NewEntry + ); + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] LockPolicyType LockPolicyType for the VariablePolicy. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariable= Policy() or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterBasicVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN UINT8 LockPolicyType + ); + + +/** + This helper function does everything that CreateBasicVariablePolicy() do= es, but also + uses the passed in protocol to register the policy with the infrastructu= re. + Does not return a buffer, does not require the caller to free anything. + + @param[in] VariablePolicy Pointer to a valid instance of the VariableP= olicy protocol. + @param[in] Namespace Pointer to an EFI_GUID for the target variable n= amespace that this policy will protect. + @param[in] Name [Optional] If provided, a pointer to the CHAR16 = array for the target variable name. + Otherwise, will create a policy that targets an = entire namespace. + @param[in] MinSize MinSize for the VariablePolicy. + @param[in] MaxSize MaxSize for the VariablePolicy. + @param[in] AttributesMustHave AttributesMustHave for the VariablePol= icy. + @param[in] AttributesCantHave AttributesCantHave for the VariablePol= icy. + @param[in] VarStateNamespace Pointer to the EFI_GUID for the VARIAB= LE_LOCK_ON_VAR_STATE_POLICY.Namespace. + @param[in] VarStateName Pointer to the CHAR16 array for the VA= RIABLE_LOCK_ON_VAR_STATE_POLICY.Name. + @param[in] VarStateValue Value for the VARIABLE_LOCK_ON_VAR_STA= TE_POLICY.Value. + + @retval EFI_INVALID_PARAMETER VariablePolicy pointer is NULL. + @retval EFI_STATUS Status returned by CreateBasicVariablePolicy()= or RegisterVariablePolicy(). + +**/ +EFI_STATUS +EFIAPI +RegisterVarStateVariablePolicy ( + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CONST EFI_GUID *Namespace, + IN CONST CHAR16 *Name OPTIONAL, + IN UINT32 MinSize, + IN UINT32 MaxSize, + IN UINT32 AttributesMustHave, + IN UINT32 AttributesCantHave, + IN CONST EFI_GUID *VarStateNamespace, + IN CONST CHAR16 *VarStateName, + IN UINT8 VarStateValue + ); + +#endif // _EDKII_VARIABLE_POLICY_HELPER_LIB_H_ diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.inf b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.inf new file mode 100644 index 000000000000..506abf580e94 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.= inf @@ -0,0 +1,35 @@ +## @file VariablePolicyHelperLib.inf +# This library contains helper functions for marshalling and registering +# new policies with the VariablePolicy infrastructure. +# +# This library is currently written against VariablePolicy revision 0x0001= 0000. +# +# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +## + + +[Defines] + INF_VERSION =3D 0x00010017 + BASE_NAME =3D VariablePolicyHelperLib + # MODULE_UNI_FILE =3D VariablePolicyHelperLib.uni + FILE_GUID =3D B3C2206B-FDD1-4AED-8352-FC5EC34C5630 + VERSION_STRING =3D 1.0 + MODULE_TYPE =3D BASE + LIBRARY_CLASS =3D VariablePolicyHelperLib + + +[Sources] + VariablePolicyHelperLib.c + + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + + +[LibraryClasses] + BaseLib + DebugLib + MemoryAllocationLib + BaseMemoryLib diff --git a/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.uni b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHel= perLib.uni new file mode 100644 index 000000000000..39cbf11a4ce9 --- /dev/null +++ b/MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.= uni @@ -0,0 +1,12 @@ +// /** @file +// VariablePolicyHelperLib.uni +// +// Copyright (c) Microsoft Corporation. +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Library containin= g helper functions for marshalling and registering new policies with the Va= riablePolicy infrastructure" + +#string STR_MODULE_DESCRIPTION #language en-US "Library containin= g helper functions for marshalling and registering new policies with the Va= riablePolicy infrastructure" diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 31339741b840..2db37bd8ea9e 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -149,6 +149,11 @@ [LibraryClasses] # DisplayUpdateProgressLib|Include/Library/DisplayUpdateProgressLib.h =20 + ## @libraryclass This library contains helper functions for marshallin= g and + # registering new policies with the VariablePolicy infrastructure. + # + VariablePolicyHelperLib|Include/Library/VariablePolicyHelperLib.h + [Guids] ## MdeModule package token space guid # Include/Guid/MdeModulePkgTokenSpace.h diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index 14b6ed536962..37795b9e4f58 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -99,6 +99,7 @@ [LibraryClasses] BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.i= nf SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf DisplayUpdateProgressLib|MdeModulePkg/Library/DisplayUpdateProgressLibGr= aphics/DisplayUpdateProgressLibGraphics.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf =20 [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf @@ -225,6 +226,7 @@ [Components] MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf MdeModulePkg/Library/BaseHobLibNull/BaseHobLibNull.inf MdeModulePkg/Library/BaseMemoryAllocationLibNull/BaseMemoryAllocationLib= Null.inf + MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf =20 MdeModulePkg/Bus/Pci/PciHostBridgeDxe/PciHostBridgeDxe.inf MdeModulePkg/Bus/Pci/PciSioSerialDxe/PciSioSerialDxe.inf --=20 2.16.3.windows.1