From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM02-SN1-obe.outbound.protection.outlook.com (NAM02-SN1-obe.outbound.protection.outlook.com [40.92.5.29]) by mx.groups.io with SMTP id smtpd.web11.3109.1590101079649887802 for ; Thu, 21 May 2020 15:44:39 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@outlook.com header.s=selector1 header.b=gIhvymvA; spf=pass (domain: outlook.com, ip: 40.92.5.29, mailfrom: michael.kubacki@outlook.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=H8yuZSZ+ZDAzHqYA70LIDbPmISL8KEjelLuuaKnC4SpMePHeDHxE6O1UjfUJ1ln+hyzl6eiRWa/UafDr7y548m9llzxMbR0RFnKHY3HZuNkGHkA6zkyaTgGor6Vr41wKCThruf6iMKt+MHGTNHzwsr0Hw2Kgjyz3KDrt0b3tMCRjONzFWx4Ji6aOFYCV1lIMcPWqiJvWsubxB7WbPAYKCdHpEYtYCg0qlTC8TUl1wnlo7B6SrhLtVTTD50Jy3D2OxxtMFrZhrfLQgBxJ0O4BLyBLqfxRbcFzn0Ddln2jNd6YrcDK4ww2CRJzfHWDG2Blzlf1INWY6xCun66eSVmSDQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gILhZxOILBYpZ8EYtaZWmwAdqgicGUVD7yqXB8o+lNU=; b=ZQHMTx+ygZFPL8+7i85Z1LXB1WOICsexfynUE8sqfF4xuQkiRGjxkgKr8Kp89f2hV61HyaA1SNWBrFGCfkrw81xwKYJsKLKAwHgtlptU1TAx8yo5ULWHLWtzpdm5g8qb0S6Ti3WOIInOctkWKb+G+isgUzawMZEcU3aJNoI/YlkovDie4JPeMX+ozroX6+l/iS8usAVpWPEcp0F8dV868aYe2OAd8csBvOMieOrV10MJJD0Ch7G3znUXyXaaQSHHo7A5QfIEJgV22c4QzcXTRnh5jdY2mA6JJuK5N1581+Vx4maVeGmXCPP3jOS6GKCOuooMQBetOFZITGKCbflyWw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=outlook.com; dmarc=pass action=none header.from=outlook.com; dkim=pass header.d=outlook.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=outlook.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=gILhZxOILBYpZ8EYtaZWmwAdqgicGUVD7yqXB8o+lNU=; b=gIhvymvAEdIm3ia9Su6EThERA2ZSFtWn20t4T89EnhpXduKrF+zhHITgE9IeykaVdEelgY7F5lUaShRx4PT8p9fwJJvHAKFwii60Nc2LQUMO01C8asXCOdJ2cINxAp2LLbS43ikSo2uNJZmpy0mcg3JNtX5hG7LTCoZzpdB+XP0sf1Ih+19yEgZLw8VnPB2PwzHp+/X50rPGnvRrBGpu5HX/ZXKXPKSOIHAhTSX+Fpr1RpXDatbomL7bBkfzWfpEHcwqKqZGUJuPupHRWByMNQCn3eOZFKerVmxCcqittcyfFyHtD8KBsS9kjUJfa/mVRTcnTku7Cz+XqjiIQa8tzw== Received: from CY1NAM02FT003.eop-nam02.prod.protection.outlook.com (10.152.74.55) by CY1NAM02HT265.eop-nam02.prod.protection.outlook.com (10.152.75.55) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23; Thu, 21 May 2020 22:44:38 +0000 Received: from MWHPR07MB3440.namprd07.prod.outlook.com (2a01:111:e400:7e45::53) by CY1NAM02FT003.mail.protection.outlook.com (2a01:111:e400:7e45::151) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23 via Frontend Transport; Thu, 21 May 2020 22:44:38 +0000 X-IncomingTopHeaderMarker: OriginalChecksum:84E53927336986C9167608628EAC1C7AB2E2BEEC68D247AF073D44C0C1484342;UpperCasedChecksum:42840EAD9A18D60AB2CCEBE7BC17A2CE042FFA115BA66655DAA8C77E862BA9C5;SizeAsReceived:7882;Count:50 Received: from MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3]) by MWHPR07MB3440.namprd07.prod.outlook.com ([fe80::bcc9:271b:20db:52e3%6]) with mapi id 15.20.3021.020; Thu, 21 May 2020 22:44:38 +0000 From: "Michael Kubacki" To: devel@edk2.groups.io CC: Laszlo Ersek , Ard Biesheuvel , Leif Lindholm , Bret Barkelew Subject: [PATCH v3 07/14] ArmVirtPkg: Add VariablePolicy engine to ArmVirtPkg platform Date: Thu, 21 May 2020 15:43:24 -0700 Message-ID: X-Mailer: git-send-email 2.16.3.windows.1 In-Reply-To: <20200521224331.15616-1-michael.kubacki@outlook.com> References: <20200521224331.15616-1-michael.kubacki@outlook.com> X-ClientProxiedBy: MWHPR12CA0071.namprd12.prod.outlook.com (2603:10b6:300:103::33) To MWHPR07MB3440.namprd07.prod.outlook.com (2603:10b6:301:69::28) Return-Path: michael.kubacki@outlook.com X-Microsoft-Original-Message-ID: <20200521224331.15616-8-michael.kubacki@outlook.com> MIME-Version: 1.0 X-MS-Exchange-MessageSentRepresentingType: 1 Received: from localhost.localdomain (2001:4898:80e8:1:2c94:8481:fffa:8ac5) by MWHPR12CA0071.namprd12.prod.outlook.com (2603:10b6:300:103::33) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3021.23 via Frontend Transport; Thu, 21 May 2020 22:44:37 +0000 X-Mailer: git-send-email 2.16.3.windows.1 X-Microsoft-Original-Message-ID: <20200521224331.15616-8-michael.kubacki@outlook.com> X-TMN: [d7AQkHB+ymOMmq3Q7EJhLhwsASt/5WMmarX2lwlP+xQGRiZ6T0JTZpZ4W6mW8aW9] X-MS-PublicTrafficType: Email X-IncomingHeaderCount: 50 X-EOPAttributedMessage: 0 X-MS-Office365-Filtering-Correlation-Id: 8164ce4e-415e-4a77-9834-08d7fdd88aa9 X-MS-TrafficTypeDiagnostic: CY1NAM02HT265: X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: J61p9MSgOP4n62Ab2rQ41ankdALAfHOFsZ6CYLScHIJrf2ympvqPVJkp3KFHNeE9PuMOq+QvJk0iBrLQmc8PHb/vIWgChfu52FVg9olE7FRiFvCTAX9UuzeKCN6FxjipBseV9R+HWewXh5EgzQFrHtvOLEWothzGJR3TI0kc7AhaUPAoZ5TOTXw8PFni7AuANb6XGqTWOP2e6rGipebR0JIzp1VXP+kIQFiRshcdzVEH6kdbP5lwCXdwo/prtOwQ X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:0;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR07MB3440.namprd07.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:;DIR:OUT;SFP:1901; X-MS-Exchange-AntiSpam-MessageData: uG3h9YEoX6VQU8ZW2rejh1HFsUchnYlLKUk30viKEUBYhsKRi0IsbArke3xBE5r6FWx1eDTb0cTzk0ACuaKfNHj9OmPyDtgQoOGsBMEuGvqZgV8ygm1mpwgf5//6zZWQb6a2CauPIFhtxpCjw7v7BvRDOWimaCN/MgknEr5klxQi/dfnTY1Odowd0m1CmsuL06R+HPE1XV5gWFmGxh/atg== X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 8164ce4e-415e-4a77-9834-08d7fdd88aa9 X-MS-Exchange-CrossTenant-OriginalArrivalTime: 21 May 2020 22:44:38.0816 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-FromEntityHeader: Internet X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1NAM02HT265 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain From: Bret Barkelew https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522 Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Leif Lindholm Cc: Bret Barkelew Signed-off-by: Michael Kubacki --- ArmVirtPkg/ArmVirt.dsc.inc | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/ArmVirtPkg/ArmVirt.dsc.inc b/ArmVirtPkg/ArmVirt.dsc.inc index cf44fc73890b..ee965e72b075 100644 --- a/ArmVirtPkg/ArmVirt.dsc.inc +++ b/ArmVirtPkg/ArmVirt.dsc.inc @@ -2,6 +2,7 @@ # Copyright (c) 2011-2015, ARM Limited. All rights reserved. # Copyright (c) 2014, Linaro Limited. All rights reserved. # Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. +# Copyright (c) Microsoft Corporation. # # SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -173,6 +174,8 @@ [LibraryClasses.common] AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLib= Null.inf !endif VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ib.inf + VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/Var= iablePolicyHelperLib.inf UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManag= erLib.inf =20 ReportStatusCodeLib|MdePkg/Library/BaseReportStatusCodeLibNull/BaseRepor= tStatusCodeLibNull.inf @@ -246,6 +249,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER] !if $(TARGET) !=3D RELEASE DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibS= erialPort.inf !endif + VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyL= ibRuntimeDxe.inf =20 !if $(SECURE_BOOT_ENABLE) =3D=3D TRUE BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf @@ -301,6 +305,9 @@ [PcdsFixedAtBuild.common] gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask|0x2f !endif =20 + # Optional: Omit if VariablePolicy should be always-on. + gEfiMdeModulePkgTokenSpaceGuid.PcdAllowVariablePolicyEnforcementDisable|= TRUE + # DEBUG_INIT 0x00000001 // Initialization # DEBUG_WARN 0x00000002 // Warnings # DEBUG_LOAD 0x00000004 // Load events --=20 2.16.3.windows.1