From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web12.7905.1656479866616791849 for ; Tue, 28 Jun 2022 22:17:46 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=hQIN3Noo; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: min.m.xu@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1656479866; x=1688015866; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=A28LdLjKWY/bKBT+DlUIveZEXffTdwuI+zo/7KFJMSg=; b=hQIN3NooI51q5X9mOCHgBcCTPkudbAYkTWG+CdcagDd1W6rj1nmlKeZB aj6jRdASggXpPg0f11978TLI9f7b7ilHfJVQfDJQt8qzfZrUrVx+hXFVs PwODz4Mrl4H/JIPOePCRjvDSdEYwdclWaeMinNcILh2o33KBY1Ip+NT3y XlsILlwSnrCGGWxaDY/9RR0kL6dD+Jzbym8i/Qwm6y+p24kDolxPBrash BWPNWSVLChtsw9XvL99CNiTStDiUIDzrmyJ5inLKGi1qDDTFerdJYNcl9 1E/I2x3qV+dofpV84E7/mWKsl9C0G/vBWb9mqspRc+ZIeNg/iBHl15rKD A==; X-IronPort-AV: E=McAfee;i="6400,9594,10392"; a="368238029" X-IronPort-AV: E=Sophos;i="5.92,230,1650956400"; d="scan'208";a="368238029" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 28 Jun 2022 22:17:46 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.92,230,1650956400"; d="scan'208";a="617439521" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by orsmga008.jf.intel.com with ESMTP; 28 Jun 2022 22:17:46 -0700 Received: from fmsmsx603.amr.corp.intel.com (10.18.126.83) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27; Tue, 28 Jun 2022 22:17:45 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2308.27 via Frontend Transport; Tue, 28 Jun 2022 22:17:45 -0700 Received: from NAM02-DM3-obe.outbound.protection.outlook.com (104.47.56.46) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2308.27; Tue, 28 Jun 2022 22:17:44 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=RdQ4OzxaLV3tTnY2GFzHikuWnzHeCVIjc1JNyaUFd3JjZWqxlFJ/8sHD0Grs6cEdsE9WCRwQ+cpbXtb0BWEi/zEyOj87mfICI5hhQ/66cAlnT16frCdOCRTXpg63LbSMl2mKSszQzo6xur8y7gBxK0zSf/FQS1Dm9uxA+UJtYO6HnhFc7ZdcNS8Gsra0tTYqmK7Q3DG8gzxSKNyAsfYB3a9JcrVYOFluUmv3jCmakWI/CfrXvo45OiRQ5B/is5mS/Z98rhEHRJvQ5cDW+H8GCroU3vREO7odj7B9vJtp7UlLBxEfPj9yzAlVYxJLvAoPYqm/84L9fOQMiuUOEXkQ0g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=k8VzgOhJ6X3GClKkyDCcMIjAR8Z85585yESyuk5i1sk=; b=AECKutsjKXOaAM6l53YkNuVinUIZDngpBnMbMpX62563G0EkzNbol1z4gE2H4gHlopJLU5vVTOZpybHfOdxz1+fYZbsU71pXQwUtmj7x2ZdoEKsAXFoDlqBdw+OoNHER5tb9EyrCdD6KARzYW9teFbeEQ22PgT02IRdGIGwnhBgWjxrLjNEPty6s9wM6h5kOZztl6FLmQrjf933nAIcmDJhK3oDTmUa0HgM5xjVQ15gZ7gfKtDCLnhPgfMQnI7eOqGbBgpqX3IP4Yls97sebNPtJWdDf6XuzwGSwEvjkLenrtrNYnW9ekFBQU6Abr0N7bRKk8WbZAqOipYWSlEYsQw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5064.namprd11.prod.outlook.com (2603:10b6:510:3b::15) by CY4PR1101MB2119.namprd11.prod.outlook.com (2603:10b6:910:20::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5373.18; Wed, 29 Jun 2022 05:17:36 +0000 Received: from PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148]) by PH0PR11MB5064.namprd11.prod.outlook.com ([fe80::a0ea:2e53:9c0e:9148%4]) with mapi id 15.20.5395.014; Wed, 29 Jun 2022 05:17:36 +0000 From: "Min Xu" To: "devel@edk2.groups.io" , "kraxel@redhat.com" CC: "Aktas, Erdem" , James Bottomley , "Yao, Jiewen" , Tom Lendacky Subject: Re: [edk2-devel] [PATCH V2 5/8] OvmfPkg/PlatformPei: Update ReserveEmuVariableNvStore Thread-Topic: [edk2-devel] [PATCH V2 5/8] OvmfPkg/PlatformPei: Update ReserveEmuVariableNvStore Thread-Index: AQHYiQm62yT0t85YlE2sMuEsOMbsgq1i+ngAgALiUmA= Date: Wed, 29 Jun 2022 05:17:36 +0000 Message-ID: References: <93072b2c22fbd173b6732baaf0dee9d22a3e5db8.1656210686.git.min.m.xu@intel.com> <20220627091416.7jun2rh4wy4e54h5@sirius.home.kraxel.org> In-Reply-To: <20220627091416.7jun2rh4wy4e54h5@sirius.home.kraxel.org> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-reaction: no-action dlp-version: 11.6.500.17 authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 225a2645-8f5f-4a3e-bfb0-08da598eae24 x-ms-traffictypediagnostic: CY4PR1101MB2119:EE_ x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: IfLSws2+F+GytSRRQBXWbsJsiKBCkYdw0lUAwMZj6rTLe3vH1NkJcOpOI6US+EgiBmPsUJuNZxYDpNGGJUVn1vYFQeb+L6EAcKOdtbie0w9NdKLKC1yDnM5hZfSqgjpx0bzmGdUugRWtCIOB6in/c/p0QEGiEHyEDbouI9MXy1Zzz4WoNkQoUNGdQg0ZRHF0yeo/UYkBcs4EOA7JbgGjoxPfUx8rqvE6T5Q1izw+QtehsG1sp/cr4g2bMDC7aa7KQ1ukNFBSpEwEoMlgx7BSHi5Nc/TA6VZX7UmWM+YNnxaC3U8rASD/sNtP2P0QrWF5LVaOe5xRECq+ozj9qQPygz2uNl5oGyzxvap3SRX5bob9awMHRfiR09gYUv30Zqc2xW1CzwmacD/ntGkInHoZFqGjee0tZdO8DCxz0DKMeEZx1PafewztZRgmFOi9cyUzMG5uhJyw6DpyyDB24n8vDljpxHf9/ob7AnOYouA99rvgEFDXN9Ex9aPUOXHAaU5EkOKS2FI9MnmZlZlLn+KIpxb9R/CAwPCIgcHFfUMfsQxwGx7ugP99w3psTnr7yuJ3sN8XTI/BTq2Jqx4k5O6Bgc6w3hssK0RbHV9glvSNzoQxBP8FR8c8LCsMPkzk/dVk0D6UOvbt86EXHVxJ6YRh1d+O1OXoEX+Ehlic81wkiEv8Ai2N7xOSX9ButlksvQ/CCT4i4P3SKJgl8xfsZhCPqNORSt0K2Q8KMC5gyIW9p03p8Os+nfIj9HW5eOPwDgB5rQUUOlTlGMJs3/es03kSmUFerFFxGsipNz7ISGDeWys= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5064.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230016)(6029001)(366004)(39860400002)(376002)(396003)(136003)(346002)(55016003)(33656002)(4326008)(54906003)(86362001)(110136005)(186003)(8936002)(26005)(2906002)(66446008)(478600001)(6506007)(9686003)(38070700005)(82960400001)(66476007)(52536014)(66946007)(7696005)(8676002)(71200400001)(64756008)(66556008)(41300700001)(83380400001)(122000001)(316002)(4744005)(5660300002)(38100700002)(76116006)(15650500001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?mcpR9+mlFZ9gAbwZlmEgEnoe9vrDgOnSaqswQkyC+GZl8gvLt1npzPsyeXrp?= =?us-ascii?Q?bIRMSqI0q44eT/ip9w3OlJX1J5fC63mRabtlfW2RV/ymdFBUg/1pZckRKc3g?= =?us-ascii?Q?RAPyE/cqhR/ieh11vUNs4ZpPPIf/Cs/FaBFLam7MTabwnllnBexjL6wNFHLQ?= =?us-ascii?Q?Fp4aXVNkKUFh6rnanjHS8f90yE4yWaw9ChndSADUoFlPfb4iQCx7vnnQoxf2?= =?us-ascii?Q?Tu2kcKxc0Wf7xgCzdL0MyYcfUhrUlxPZaFF7tZ41eSuw3ZTfa2X7RmwGta+G?= =?us-ascii?Q?GmZ4HK4pO44LAGAU+044C6eWC8BlAOAPflhXiB97jekzXRyo4aa1YcOAmDvm?= =?us-ascii?Q?RMukIxjmpuxQbzu6fD6eDZp9w8jAZxNbcEkg48uaxBGbhapjoNv7zaLbqf/I?= =?us-ascii?Q?lMlHyaEHxV7IPAtODJaig363b6746fA2OinZVnbzbwaaWB928hu/UBaPDQgo?= =?us-ascii?Q?CNoSVKEV4r4KbjgWNrzcu+EMvcrEm2CDL/zQYIBG8vfQ3d25Be1up1WZs+tB?= =?us-ascii?Q?GhWIl0b0kGr6TxE4JOluaSpiOMrE/I+J4mS3cF69K5qf8vdslc9Bl4hWMr4u?= =?us-ascii?Q?hGu8iFSsh/MVqzAjkTE5CiA4A1vajVx5Xjl71dbqVMZIiQcI3A9tH7ty8k25?= =?us-ascii?Q?QLMXlSjnupzuCEE3ejuf7F+lpGMaLldAanseV2Bk5xEBNe0T1W01Vpm4brCI?= =?us-ascii?Q?ZUhcaWX21Kka951xrQqkHLSSGagKjhyoXtMBZK8Jaa74cvhoLuD8pn4qZMOx?= =?us-ascii?Q?GonmoQS9tnE7OCYrvmm6y3MSJvjC5JgF5SjXiRblD++NeHDgLb3SEC0gXmhE?= =?us-ascii?Q?KLFSZCgwKYfG5R0ZBnBR+67fBHI60b3GhmaZdQ3vQRL7YJs3IU6lmUKWG8dV?= =?us-ascii?Q?sdZktbhl/mP7p7tbERN/SLHPO9/X6j6Ei9Zc1hYIGgfDw/RFFB71H3FJ6Oj2?= =?us-ascii?Q?UTAJIX/5QBX1N857oEO/cOy96/1TFCmSZ6jZQfMJGl4dV4DOQD/5IElEZdht?= =?us-ascii?Q?Tv7sMgEi0hAh0oOfltQ8LFlT8Pn9nkq0LqwaL6TRclyaOhAAaRvNKQ3wpA1Z?= =?us-ascii?Q?zCZCfjcgrxG0pAyGxpmKpO+oC5A8aIs3MNOpV0mIFphN6s3gtkv0rwabb4pp?= =?us-ascii?Q?xcOfcFbI7nCQd7Df8aps2MO+WbL4DXKF1YtzHlfl1JrI2vx312vS1n9xE3nh?= =?us-ascii?Q?MwgEW4Kv8Iss3TFCEt8SNMGmZamHTrX5xzRQidYuAg5MwF11ldo0W7ViR1bG?= =?us-ascii?Q?vTjbqAxA/C4TUDQgySa3SyYnRAiIErxqwKfV/BvmKJwXvCulMf0sdQhZNgTR?= =?us-ascii?Q?zLfvMyXODurYXjhrdLhWMBdv7xvG6zWUB2076vKWH3MycVT1WLudlF0uAuO5?= =?us-ascii?Q?v2fPIJRe/dij0qZqA2pALH2wQvu38pTzULkpmyfeIaD7LacLPI3yRnvqu4ii?= =?us-ascii?Q?YtQ0CmddtaXcxIE3KBVHFSLXhUz6zZDAaeS4A7Ha2wZOd+YvbiBqDn0UZWrZ?= =?us-ascii?Q?ajgDrsntZh0sncQH5oLgpEcRM04cojz+rm4EVu6kt+UZJwpGBfSQ36853uGL?= =?us-ascii?Q?tEvrzTqUazPY16PWaI37ix1e79y0ztwCvT/VIpWD?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5064.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 225a2645-8f5f-4a3e-bfb0-08da598eae24 X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Jun 2022 05:17:36.7905 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: SEvM1+44bZUJO74dMfIGHAQyWBb3OnPlFPeW0z8Cb9n6XUwHkumzrcs7saHNxcRrDwWq4YvB+JixORS6O0X0zA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR1101MB2119 Return-Path: min.m.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable On June 27, 2022 5:14 PM, Gerd Hoffmann wrote: > > + #ifdef SECURE_BOOT_FEATURE_ENABLED > > + PlatformInitEmuVariableNvStore ((VOID *)(UINTN)VariableStore); > > + #endif >=20 > OvmfPkg/Library/NvVarsFileLib/ allows loading variables into emulated > varstore from a on-disk NvVars file. We can't allow that when secure boo= t is > active. I think we need a simliar check there. Shortcutting the > ConnectNvVarsToFileSystem() function with a >=20 > #ifdef SECURE_BOOT_FEATURE_ENABLED > return EFI_NOT_SUPPORTED; > #endif >=20 > should do the trick I think. >=20 A good suggestion. It will be updated in the next version. Thanks Min