From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web10.11378.1626098475845466598 for ; Mon, 12 Jul 2021 07:01:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=o0YtkzTV; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10042"; a="209801768" X-IronPort-AV: E=Sophos;i="5.84,234,1620716400"; d="scan'208";a="209801768" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jul 2021 07:01:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,234,1620716400"; d="scan'208";a="492076108" Received: from fmsmsx605.amr.corp.intel.com ([10.18.126.85]) by FMSMGA003.fm.intel.com with ESMTP; 12 Jul 2021 07:01:12 -0700 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Mon, 12 Jul 2021 07:01:12 -0700 Received: from fmsedg602.ED.cps.intel.com (10.1.192.136) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4 via Frontend Transport; Mon, 12 Jul 2021 07:01:12 -0700 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.45) by edgegateway.intel.com (192.55.55.71) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Mon, 12 Jul 2021 07:01:12 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=LQYixP2t4LGYs/E6Do9KNeNBO5Nf+fRUXDrVdRi94VzIT9B0LIe5rX+5xTYJCwRTiO9iSbo1KQQ13ZGZxbZOYuNOOlyYAbZ7wb33rQZL6sID6EcgqlM/9PPMlw9zM9N4x1ldl2t/LHJxN3vmE2nhHA/v4YEx77yv1bb5ZGRQHPOu4NxDatrowUuQnuvZxVMdg2DdFX77mkqEaMdQjM9sgCX3K9aBGInyzpwpOJ7GFFbNfaU/UDPZ02h7++demcfMh4at12/dmXM9q9QcNE02i8Z+OnUz3+b79fNVD7j6CC+Y9aHw+zyErgVwaqTwylTINJqlnaeFFZYGkgQ9tayl8A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NKF/X/UUM+d8Ai62qIbqgmH9/JQJOTODJDNG95E+jcM=; b=lfzihTEOQo//MlmhaApOl5wZT+rP9Nrrwo1SEQgjoZX0bt9g9C7WJy4VVoa7fgX8XwtYCtcNK4OM/ftTxTpno+4p+mHWLEUrxLD2DCXa6zzHYYEXhJNN3cbgagiTEcvgqMkIA559ZxbjzkumRDUM47rrRhW1rBQVwK13wEJ/BupZPy3PBWAuXNJXeFHmRUTDsjztENUTj2UW0MhY4WKLOAy4ZzTxIiRdwpzIuWc8LCld50+M8YycjCFGPEfseBK2q71qeah5EnkuLtQpZMZCyZr3o6l08ojYEgsEiZStTKdA2Id75XwLO5g368xCV+3HRkdsP8QFI/UtG7tnbFqKow== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=NKF/X/UUM+d8Ai62qIbqgmH9/JQJOTODJDNG95E+jcM=; b=o0YtkzTVZDxTI4fDCwEg4UL5OHyBECyRcmk86xXtbZbLfKKKyUK9rLfFAJCVby7DZnvjkUGtF8BDWC4NcYjoi7lwC2crWPWgP7aWZxmxfPi1d/F4y2EZXuDPND15DxFA+QiwCGdHuqc48ENBLuMXhZGyaTeJajh/ZQSgqjxHRds= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5112.namprd11.prod.outlook.com (2603:10b6:510:3b::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.25; Mon, 12 Jul 2021 14:01:10 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::6c99:8170:1c3c:9121]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::6c99:8170:1c3c:9121%3]) with mapi id 15.20.4308.027; Mon, 12 Jul 2021 14:01:10 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "Yao, Jiewen" , Grzegorz Bernacki CC: "leif@nuviainc.com" , "ardb+tianocore@kernel.org" , Samer El-Haj-Mahmoud , Sunny Wang , "mw@semihalf.com" , "upstream@semihalf.com" , "Wang, Jian J" , "Xu, Min M" , "lersek@redhat.com" , Sami Mujawar , "afish@apple.com" , "Ni, Ray" , "Justen, Jordan L" , "rebecca@bsdio.com" , "grehan@freebsd.org" , Thomas Abraham , "Chiu, Chasel" , "Desimone, Nathaniel L" , "gaoliming@byosoft.com.cn" , "Dong, Eric" , "Kinney, Michael D" , "Sun, Zailiang" , "Qian, Yi" , "graeme@nuviainc.com" , "rad@semihalf.com" , "pete@akeo.ie" Subject: Re: [edk2-devel] [PATCH v5 05/10] SecurityPkg: Remove duplicated functions from SecureBootConfigDxe. Thread-Topic: [edk2-devel] [PATCH v5 05/10] SecurityPkg: Remove duplicated functions from SecureBootConfigDxe. Thread-Index: AQHXdxN9TgENfzjcT0yjp1dxxnsL7as/Xnpg Date: Mon, 12 Jul 2021 14:01:10 +0000 Message-ID: References: <20210701091758.1057485-1-gjb@semihalf.com> <20210701091758.1057485-6-gjb@semihalf.com> <1691088E46D0B29B.19753@groups.io> In-Reply-To: <1691088E46D0B29B.19753@groups.io> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b3f0e014-8bb4-40fb-1e19-08d9453d80e8 x-ms-traffictypediagnostic: PH0PR11MB5112: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:27; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: yLa99FsluucHEkeO07qSJ//zRo1s4kFy+hrPiq79pqgf1DN+Ol58v+A9VuvtZ60iywZ7WwTIzyd6QFByLJAalizjqfcFDdGl7K9gBPZN8dnTRuT08rTw625zm6YpTGkanglGyj1SvzBbXfYGAtOj54snKJX6I2FL8DMubBZiP0qGMO/gJnwLpwD0KdQUehcjxrEFo6O1HVQWOgd6TstdUrj5JusPqKEPrARRFCbdDpBN4Kc62IGSalZfgbaAplo08sNLaaVh4SZpkkT4PhrdlDUMfoL9GjSGbTQ0GI5AeXVjzqkAX1PI8DdQ88tPHG5+q06BaJa5YIAvogUt4OT1AiQFt5TYlMrbfxctjeYAz/aLtc4NuOQGXH/ClQ4rbMDyeU3ZAm4M8iKVFHpAPD+N+ybOc1Xhp9hK/A8g63iTrh+YfJvmnXhe9jU3e9zcz6RF0sWqjNvPdaQJIfdQDoJ3agiWyEm51uqv10oXqZscxxmGGSlvvSLjSOkucwK66NnBMibt0ag+O/l8a+arod9CMixYHMzONjkuZx+dfKWFIrfuMNk+ThggTJ99h3xCmpuPd+Y/FUM6dH+c6xlL1a1URWowu4LYCBqu4KrF5rCmxeQqOGYHpqWvjblKTehhWni2M2epsU569Q3Rd4HVdQ5TYwMwa1znf0Ll/0ZN1jQ4H59z/iDkFigR74VkmVbjJVAd6nwURDr+S8ZkhB1jG3W5jf0TI4giseJM1OdErl5iWu6wdzEze60ZtVSgBj+Pms6mcvkFarKq7Vs9asgU9IR+sA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(376002)(39860400002)(136003)(346002)(366004)(396003)(38100700002)(9686003)(55016002)(4326008)(5660300002)(52536014)(83380400001)(122000001)(54906003)(7696005)(86362001)(110136005)(316002)(64756008)(66556008)(66446008)(8676002)(76116006)(2906002)(8936002)(66476007)(6506007)(15650500001)(26005)(33656002)(7416002)(71200400001)(966005)(53546011)(66946007)(186003)(478600001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?cgH4MtYSVn8v4vS5cPCZ8HRhPO0snLZHP01oaLo9ZiR/9Ku1uNEas/aoGpdx?= =?us-ascii?Q?3amYsRPhA1eZkNIxSzdbW8/P55Q6pkH/TiG7Cg6DjKCbVbuFy95eunBUSyXI?= =?us-ascii?Q?2CIUKUI0mymWG8oo1dv9hy3l+dJGgF+b4DPcUbN1Pvbf9myRFf05bdIA+EGM?= =?us-ascii?Q?Od8SeYJ3KAXLYraNe0EuOURuS76Rb9kBF9UY53XoUyP4JS2GQV7/m2EJ7Cjp?= =?us-ascii?Q?8+jVSiZ7g7iQH0Bd8kWNUmihSWjt/sAk6RqXzE+R4+zRkdItTYVEVsmaY264?= =?us-ascii?Q?+z7XwiIxNLb+J53bu4oOweX21/keg2uhoavqU20Jc5TiYvLZt8nYtHgPH1og?= =?us-ascii?Q?u3+81KPb2RNn/pF8yyLoz3cnX2LvGQeKVda0NGXQQfBUM3hFp9d0SSS2nKIw?= =?us-ascii?Q?FTPrvrZsqthSE2ViSTM9ET5r6xF+VXP+3LLUuaHS2/7tHzuVNWBvkqb4z1bf?= =?us-ascii?Q?aJX2OFvfxTuBAprzmYYU/clN6HDLoluH1HD3Ui1LsbtKq9NpSWWMpaq5E5QZ?= =?us-ascii?Q?tZK8OveQP736KTJ0i7Om+XNTeJ0gsXLXYifJdVBd0uYOqZMCwc65HxYxip2/?= =?us-ascii?Q?pJYXXpfXf4SSb5ChVlp42Kgaja99XeFBmwyEk8VpD3zqx/QRmg3ZqmkOiwAQ?= =?us-ascii?Q?js0gLBWY1i+LlPIRQs5aU5LqN1QxRw1d+YEW1XLySGqYpF+GSbVq25AQQu8T?= =?us-ascii?Q?z9bB30NJKMY1E/36C7N62GwosjUK47R26o3NS4Otnn0K99qt+4bTTx9rve29?= =?us-ascii?Q?QSc31qEEhDHedxb7Yh7avDJ4gPEdHa5L+49gktseUZC6xfPsDZ7aMUcZeOFc?= =?us-ascii?Q?Y4eqnPAyv9Z8AdlUz6BF06WiJ/VZzG8RaVAIRtYnmfqdzvPgl3ExavHaiYbF?= =?us-ascii?Q?YtKZ6PclXBhDSCdOcfrxNOP1xr8IjCGF+3q98jPNM8Y+h0/Pl3YkYnYGZass?= =?us-ascii?Q?dHFSHF3W2LYh0JhKJs4LvUKFgpLbtmmWXn6Q4sa+W8cYbuj2jK5BEbKV/9rE?= =?us-ascii?Q?BTtPFbOswtNkDhuooykw/qcMXe0f0oWvja59eqGLKe6f7XO8nBvwu/cNmiTb?= =?us-ascii?Q?XuzFiOp/GBstdeofFcojYRDKzoQrQttuiTHeLW66O7y1rnUchu8lfKYkRH+N?= =?us-ascii?Q?SU4Pjfll6aNVl3R0r+ff7+wmn84ftC6VSAVpv34CPFWrjVFMjIVkI7A6rVFg?= =?us-ascii?Q?bTleUqRQTxbTknk7QNlwsYo7JTk6+FIw2VBW5eI3xgM8L2hgG6PJmBaX78Bp?= =?us-ascii?Q?sE7EuThWcfbeVgQcffAFcnDMm/hj/6NnMwWQZMGw59ctk4WNRZGme+DpgnKI?= =?us-ascii?Q?dpM1WMJv41wKQN/Rl/yCSJkc?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b3f0e014-8bb4-40fb-1e19-08d9453d80e8 X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jul 2021 14:01:10.6060 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: jHHh/mpvEkPBNwQ8dW2W2tUQ6SS6vEwkqqr76mYSeNd11qazFWS9h/7mFdFmcobugleMd3Xn7AvSmJr19Quegg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5112 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Sorry. My mistake. It should be Reviewed-by: Jiewen Yao > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Yao, Jiew= en > Sent: Monday, July 12, 2021 7:46 PM > To: Grzegorz Bernacki ; devel@edk2.groups.io > Cc: leif@nuviainc.com; ardb+tianocore@kernel.org; Samer El-Haj-Mahmoud > ; Sunny Wang ; > mw@semihalf.com; upstream@semihalf.com; Wang, Jian J > ; Xu, Min M ; > lersek@redhat.com; Sami Mujawar ; > afish@apple.com; Ni, Ray ; Justen, Jordan L > ; rebecca@bsdio.com; grehan@freebsd.org; > Thomas Abraham ; Chiu, Chasel > ; Desimone, Nathaniel L > ; gaoliming@byosoft.com.cn; Dong, Eric > ; Kinney, Michael D ; S= un, > Zailiang ; Qian, Yi ; > graeme@nuviainc.com; rad@semihalf.com; pete@akeo.ie > Subject: Re: [edk2-devel] [PATCH v5 05/10] SecurityPkg: Remove duplicate= d > functions from SecureBootConfigDxe. >=20 > Signed-off-by: Jiewen Yao >=20 > > -----Original Message----- > > From: Grzegorz Bernacki > > Sent: Thursday, July 1, 2021 5:18 PM > > To: devel@edk2.groups.io > > Cc: leif@nuviainc.com; ardb+tianocore@kernel.org; Samer El-Haj-Mahmoud > > ; Sunny Wang ; > > mw@semihalf.com; upstream@semihalf.com; Yao, Jiewen > > ; Wang, Jian J ; Xu, Min = M > > ; lersek@redhat.com; Sami Mujawar > > ; afish@apple.com; Ni, Ray ; > > Justen, Jordan L ; rebecca@bsdio.com; > > grehan@freebsd.org; Thomas Abraham ; Chiu, > > Chasel ; Desimone, Nathaniel L > > ; gaoliming@byosoft.com.cn; Dong, Eric > > ; Kinney, Michael D ; > Sun, > > Zailiang ; Qian, Yi ; > > graeme@nuviainc.com; rad@semihalf.com; pete@akeo.ie; Grzegorz Bernacki > > > > Subject: [PATCH v5 05/10] SecurityPkg: Remove duplicated functions fro= m > > SecureBootConfigDxe. > > > > This commit removes functions which were added > > to SecureBootVariableLib. It also adds dependecy > > on that library. > > > > Signed-off-by: Grzegorz Bernacki > > --- > > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx > > e.inf | 1 + > > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigIm > > pl.c | 189 +------------------- > > 2 files changed, 2 insertions(+), 188 deletions(-) > > > > diff --git > > > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > Dxe.inf > > > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > Dxe.inf > > index 573efa6379..30d9cd8025 100644 > > --- > > > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > Dxe.inf > > +++ > > > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > Dxe.inf > > @@ -54,6 +54,7 @@ > > DevicePathLib > > FileExplorerLib > > PeCoffLib > > + SecureBootVariableLib > > > > [Guids] > > ## SOMETIMES_CONSUMES ## Variable:L"CustomMode" > > diff --git > > > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig= I > > mpl.c > > > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig= I > > mpl.c > > index e82bfe7757..67e5e594ed 100644 > > --- > > > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig= I > > mpl.c > > +++ > > > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig= I > > mpl.c > > @@ -9,6 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > > > > #include "SecureBootConfigImpl.h" > > #include > > +#include > > > > CHAR16 mSecureBootStorageName[] =3D > > L"SECUREBOOT_CONFIGURATION"; > > > > @@ -237,168 +238,6 @@ SaveSecureBootVariable ( > > return Status; > > } > > > > -/** > > - Create a time based data payload by concatenating the > > EFI_VARIABLE_AUTHENTICATION_2 > > - descriptor with the input data. NO authentication is required in th= is function. > > - > > - @param[in, out] DataSize On input, the size of Data buffer = in bytes. > > - On output, the size of data return= ed in Data > > - buffer in bytes. > > - @param[in, out] Data On input, Pointer to data buffer t= o be wrapped > or > > - pointer to NULL to wrap an empty p= ayload. > > - On output, Pointer to the new payl= oad date buffer > allocated > > from pool, > > - it's caller's responsibility to fr= ee the memory when finish > > using it. > > - > > - @retval EFI_SUCCESS Create time based payload successf= ully. > > - @retval EFI_OUT_OF_RESOURCES There are not enough memory > resources > > to create time based payload. > > - @retval EFI_INVALID_PARAMETER The parameter is invalid. > > - @retval Others Unexpected error happens. > > - > > -**/ > > -EFI_STATUS > > -CreateTimeBasedPayload ( > > - IN OUT UINTN *DataSize, > > - IN OUT UINT8 **Data > > - ) > > -{ > > - EFI_STATUS Status; > > - UINT8 *NewData; > > - UINT8 *Payload; > > - UINTN PayloadSize; > > - EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData; > > - UINTN DescriptorSize; > > - EFI_TIME Time; > > - > > - if (Data =3D=3D NULL || DataSize =3D=3D NULL) { > > - return EFI_INVALID_PARAMETER; > > - } > > - > > - // > > - // In Setup mode or Custom mode, the variable does not need to be s= igned > but > > the > > - // parameters to the SetVariable() call still need to be prepared a= s > > authenticated > > - // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor > > without certificate > > - // data in it. > > - // > > - Payload =3D *Data; > > - PayloadSize =3D *DataSize; > > - > > - DescriptorSize =3D OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, > AuthInfo) > > + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData); > > - NewData =3D (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize= ); > > - if (NewData =3D=3D NULL) { > > - return EFI_OUT_OF_RESOURCES; > > - } > > - > > - if ((Payload !=3D NULL) && (PayloadSize !=3D 0)) { > > - CopyMem (NewData + DescriptorSize, Payload, PayloadSize); > > - } > > - > > - DescriptorData =3D (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData); > > - > > - ZeroMem (&Time, sizeof (EFI_TIME)); > > - Status =3D gRT->GetTime (&Time, NULL); > > - if (EFI_ERROR (Status)) { > > - FreePool(NewData); > > - return Status; > > - } > > - Time.Pad1 =3D 0; > > - Time.Nanosecond =3D 0; > > - Time.TimeZone =3D 0; > > - Time.Daylight =3D 0; > > - Time.Pad2 =3D 0; > > - CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME)); > > - > > - DescriptorData->AuthInfo.Hdr.dwLength =3D OFFSET_OF > > (WIN_CERTIFICATE_UEFI_GUID, CertData); > > - DescriptorData->AuthInfo.Hdr.wRevision =3D 0x0200; > > - DescriptorData->AuthInfo.Hdr.wCertificateType =3D > WIN_CERT_TYPE_EFI_GUID; > > - CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid); > > - > > - if (Payload !=3D NULL) { > > - FreePool(Payload); > > - } > > - > > - *DataSize =3D DescriptorSize + PayloadSize; > > - *Data =3D NewData; > > - return EFI_SUCCESS; > > -} > > - > > -/** > > - Internal helper function to delete a Variable given its name and GU= ID, NO > > authentication > > - required. > > - > > - @param[in] VariableName Name of the Variable. > > - @param[in] VendorGuid GUID of the Variable. > > - > > - @retval EFI_SUCCESS Variable deleted successfully. > > - @retval Others The driver failed to start the dev= ice. > > - > > -**/ > > -EFI_STATUS > > -DeleteVariable ( > > - IN CHAR16 *VariableName, > > - IN EFI_GUID *VendorGuid > > - ) > > -{ > > - EFI_STATUS Status; > > - VOID* Variable; > > - UINT8 *Data; > > - UINTN DataSize; > > - UINT32 Attr; > > - > > - GetVariable2 (VariableName, VendorGuid, &Variable, NULL); > > - if (Variable =3D=3D NULL) { > > - return EFI_SUCCESS; > > - } > > - FreePool (Variable); > > - > > - Data =3D NULL; > > - DataSize =3D 0; > > - Attr =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCES= S > | > > EFI_VARIABLE_BOOTSERVICE_ACCESS > > - | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS; > > - > > - Status =3D CreateTimeBasedPayload (&DataSize, &Data); > > - if (EFI_ERROR (Status)) { > > - DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r"= , > Status)); > > - return Status; > > - } > > - > > - Status =3D gRT->SetVariable ( > > - VariableName, > > - VendorGuid, > > - Attr, > > - DataSize, > > - Data > > - ); > > - if (Data !=3D NULL) { > > - FreePool (Data); > > - } > > - return Status; > > -} > > - > > -/** > > - > > - Set the platform secure boot mode into "Custom" or "Standard" mode. > > - > > - @param[in] SecureBootMode New secure boot mode: > > STANDARD_SECURE_BOOT_MODE or > > - CUSTOM_SECURE_BOOT_MODE. > > - > > - @return EFI_SUCCESS The platform has switched to the= special > mode > > successfully. > > - @return other Fail to operate the secure boot = mode. > > - > > -**/ > > -EFI_STATUS > > -SetSecureBootMode ( > > - IN UINT8 SecureBootMode > > - ) > > -{ > > - return gRT->SetVariable ( > > - EFI_CUSTOM_MODE_NAME, > > - &gEfiCustomModeEnableGuid, > > - EFI_VARIABLE_NON_VOLATILE | > > EFI_VARIABLE_BOOTSERVICE_ACCESS, > > - sizeof (UINT8), > > - &SecureBootMode > > - ); > > -} > > - > > /** > > This code checks if the encode type and key strength of X.509 > > certificate is qualified. > > @@ -646,32 +485,6 @@ ON_EXIT: > > return Status; > > } > > > > -/** > > - Remove the PK variable. > > - > > - @retval EFI_SUCCESS Delete PK successfully. > > - @retval Others Could not allow to delete PK. > > - > > -**/ > > -EFI_STATUS > > -DeletePlatformKey ( > > - VOID > > -) > > -{ > > - EFI_STATUS Status; > > - > > - Status =3D SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE); > > - if (EFI_ERROR (Status)) { > > - return Status; > > - } > > - > > - Status =3D DeleteVariable ( > > - EFI_PLATFORM_KEY_NAME, > > - &gEfiGlobalVariableGuid > > - ); > > - return Status; > > -} > > - > > /** > > Enroll a new KEK item from public key storing file (*.pbk). > > > > -- > > 2.25.1 >=20 >=20 >=20 >=20 >=20