From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web11.8104.1670573026968465291 for ; Fri, 09 Dec 2022 00:03:47 -0800 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=JN0B4vmQ; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: jiewen.yao@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1670573027; x=1702109027; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=JskKyldsFYtWjCy+cvfp6I09UYC3j2kx60lEBBrmERQ=; b=JN0B4vmQm0IolFk7GnmtCbNywC/U92YQaK63yFe4tE0kprOuMzyhg7sp QAOHYfIZ61FE93xhvXfly6h+9ZNdVkBp08/ZSivntC0ckPzszGMHGrNIK xsU1UtILWsUQ8SiXYZPIL8Rd+BqfEN+WpXpMGa+ZXxzv/ESdXeUvJTS6V /aArg1DlJsLv5gUTdkcwuGzukty3OiKcOikCif1zWiX34LrCDzmuEEzK7 bgpNm8AYg7oPJEt0+zkLgpWbsOoeofCyfJEU2Bo9GKshAIHNAezlEkp5e 4tWVJrFzg0HjL1OxAE8ia3A1YArKyZ18BKtJH5Ty1EGPbVNKRk4uUdKG3 g==; X-IronPort-AV: E=McAfee;i="6500,9779,10555"; a="403662637" X-IronPort-AV: E=Sophos;i="5.96,230,1665471600"; d="scan'208";a="403662637" Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 09 Dec 2022 00:03:45 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6500,9779,10555"; a="771788434" X-IronPort-AV: E=Sophos;i="5.96,230,1665471600"; d="scan'208";a="771788434" Received: from orsmsx602.amr.corp.intel.com ([10.22.229.15]) by orsmga004.jf.intel.com with ESMTP; 09 Dec 2022 00:03:45 -0800 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX602.amr.corp.intel.com (10.22.229.15) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16; Fri, 9 Dec 2022 00:03:44 -0800 Received: from orsedg603.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.16 via Frontend Transport; Fri, 9 Dec 2022 00:03:44 -0800 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (104.47.66.49) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.16; Fri, 9 Dec 2022 00:03:44 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=A7LqUxUwqk4SgfRE5MgYL/H4CzdtCv+PCUY2luu7q7vwY8NjLiVHN+6JxPIdhB/tnTRmWKU6cRZ0lyvL9LRVVqQo1ZoQsKYc+/zz11cpc7iE5GPQz/llxcdCeJyCxfBzyc10KL3yJllx4e/eqPdu8pMMWezc4n5ZJMiSSgXmbaOpQO9jTSIcM4K6msebJVzibuGsQQla5MMcu2FXdarKdD/egxYyuzBcbxWPoUKcN4Dcj0nbRhO7xHeE2xxaMDUJbW8RcZVL60ppUvese0Se0cifG3+sibDQMWxNVibshdtbs9C7asuZm3oNYjE8r2Rfs0pmQ81FZA0CyZM7Cj3dfA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JtZQW2XmdjJq3NL5j/iZ34F2FIlQyWF/GAC+Afxt610=; b=Q/eP+44kgbtRSpJq5yiyqVW6K5GclFvAL1eopNLEvC5lTKzyNsoqxlZMz2CInwZ62l8vOp847/L+0ZY9lbtXMMqcNAaP8c+anUw2NqVj+DfxT+uD2KydT0k+FWzJFsPLsG0RODwQEgYcHILHe4lDJxg1mkCR6ld6kAvjvXXhopb+lx2xCVCAuzmIUzQzxqlnrN6cs9dDWbXe2idzVJGL/eOVgtR3T2A8TwMSkp2sVEzpk5LpNawTRrNIeltKASdruJlFY3WBKISiSmOTwJ5K5MYDW6Cp+WAhk9QYrPHMXVIYaCQv819lr6jSf334pDbAfgvpMjQbDoObA9r1QPG8ZA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none Received: from PH0PR11MB5879.namprd11.prod.outlook.com (2603:10b6:510:142::5) by SJ2PR11MB7645.namprd11.prod.outlook.com (2603:10b6:a03:4c3::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5880.14; Fri, 9 Dec 2022 08:03:43 +0000 Received: from PH0PR11MB5879.namprd11.prod.outlook.com ([fe80::dfc:656b:a06b:72f]) by PH0PR11MB5879.namprd11.prod.outlook.com ([fe80::dfc:656b:a06b:72f%3]) with mapi id 15.20.5880.016; Fri, 9 Dec 2022 08:03:43 +0000 From: "Yao, Jiewen" To: "devel@edk2.groups.io" , "Vang, Judah" CC: "Yao, Jiewen" , "Kinney, Michael D" , "Wang, Jian J" Subject: Re: [edk2-devel] [PATCH v5 00/19] UEFI variable protection Thread-Topic: [edk2-devel] [PATCH v5 00/19] UEFI variable protection Thread-Index: AQHY8brNAKo3EOTVBUSRu6Q35cJSgq5lZEdg Date: Fri, 9 Dec 2022 08:03:42 +0000 Message-ID: References: <20221106073509.3071-1-judah.vang@intel.com> In-Reply-To: <20221106073509.3071-1-judah.vang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5879:EE_|SJ2PR11MB7645:EE_ x-ms-office365-filtering-correlation-id: d4d7612b-5add-4add-0aed-08dad9bbe3c7 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: LvKZeLZ9uP69L/tWE9bKUsdFwlZr+kxQS59Y9iTyX0MY+o8ABLpd9tBXv664tDq2SIbHF5f0lEEz203/0vnYjjQFg2mGmsZdhQpX52mYMNTDaRCnFSjbTFXNSquKF/8EF07UrGUh+mQA3Vuob39OneUstz/ThybNfeLzcx4CBnwa/l84fQ1Nf392Z73tdHrqYO1ck0eKCk/JJxuLFDDYusO5vi3EKgDgGxDaEt/JuS9sI5QNcVFBJpdcTfU9I//MsYtImHOCZZWla4zxmhiFOs6MQq+dFACgLpVBQ2XN2TagHuH3Yjb4YdxYrsfB+U8PvF0xMzinListvk4y05hZqHhgAoKiZv5EjD1lWlFlMm9F1ChZhZN4HBSgyte+Ieq04i+0+FQJl8Qzy3s6fWtmaCHgK/9U5yaIaF5LweaiziY2fUdhzpOzx9arVRhy5AjcY+1ov5aCqedN2RJPiefqJW75vQO7ugUT0TkZ40ChkA6paCE8tIR6vlBZWlmAJcPTPMormxmnLMowuIzouoPeTQRhw/yCEvvhh4IgOBNs5CSjwzO9MTTZpdGoIOO6PxUugz/dlzoCDApIWyJmkCagRqVgK7Kb0DNEv6bLuypIoP92MxpI4+Aj9Wp8WB5tqqXUouHZVJsCvOMPdKc6ug+dkGg4ujG2hS5gXe9X97h2Z9R5y5mopvgQuIpfAqOT3+PYmPEQFhCkkMygH9pNb7R9wX3LrA8hUvsJH80ClEqQhGqzn8FmF8ZerZnjnKf01AN4ltJY2Dyr5r7QGweGNpaUHw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB5879.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(39860400002)(136003)(376002)(366004)(346002)(396003)(451199015)(6636002)(54906003)(110136005)(64756008)(9686003)(26005)(316002)(66446008)(8936002)(41300700001)(5660300002)(186003)(83380400001)(52536014)(8676002)(66476007)(19627235002)(76116006)(86362001)(2906002)(66946007)(66556008)(478600001)(30864003)(55016003)(82960400001)(107886003)(38070700005)(966005)(53546011)(33656002)(71200400001)(122000001)(6506007)(7696005)(38100700002)(66899015)(4326008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?MJm6XDztTDflcacCalP7bWGOO9M1qVLxA66QKgthXuOotV0jUcenmWr7eOnN?= =?us-ascii?Q?GffDB1QapkgntgYTUJZP+3m51cILzGpH0UT7IVJwqS6+hjQ9NT1XBYgF71z5?= =?us-ascii?Q?XGA0qMsf5rCTjH96tmQT9Y3fjwPBugTSL4fbg0hKmqLOC+SpoEYiLumzEo0D?= =?us-ascii?Q?xWOwxUIZpjpmFyZiiIcoP0jDAG67xs33a4XYBT3vQHtyaN1szwTXwfWHDcL+?= =?us-ascii?Q?ygEF50qJd1DUTZDLsqoZYvGM96E0nwndpXBbZluJnbCUjM7csYVfSJ1bK8yw?= =?us-ascii?Q?15qCjwZvjKl7AdTQLdVZ+CopHKaMcbIndZYrYiLhZ6u04fBHgO44ISLZ+WT1?= =?us-ascii?Q?WIZZcBwXhqSv+K6n0YoQhV59uVh4pozQPVmD8qFThxWCwFIFp36WYinly7Xb?= =?us-ascii?Q?0HB4hVLQ6ociddNJx2ogfizEdR7UZ1GByeiv+iTtEcdozIpn/HQcisHMnerY?= =?us-ascii?Q?R7+kcGRSqaVBee8S8wx6ME0d26vd3d+4sGRd0n7G4Ks7ztQsYslVokBiRm0t?= =?us-ascii?Q?ItB8iMmUW50tRa5PL1+nukIa5kYsGmwOSCMjf1IUm9XAyMVCFvMHRHH2ctAW?= =?us-ascii?Q?DXccrcc5mlqn0mNz+s5+wsPtw/1ej4lfrrs0Tx20GamIBcsQ7jNts9nePaQy?= =?us-ascii?Q?H52B70vDOG8wsQcXP791m5jLLap6tU/x685tp1ZXvryWw7N6Kn7UTZJWMYPL?= =?us-ascii?Q?NGTIlmlw0HxTfPOqp6k/z6LrFK3pEPCteIkt7qjNetSMOaNl18Io+funiS0H?= =?us-ascii?Q?zWEcAXhO1Pnjd83zTokoXErRWBRDc7eZT7UQc+eUSUMS9NSiaDQGHDN2I0bm?= =?us-ascii?Q?L3MfJsXTlllW1qWxXTSq/FyR3d3muklIzLoMAKUmx1nohGFtaRdBYZb0oqyd?= =?us-ascii?Q?8vsMXOt2AOU7dUQeedTXU9b/lPGQ7mTe5n4Cw7/O1e8hT2WPt+3T/SARnRUR?= =?us-ascii?Q?I+weLwBhaKDuhUuUfiVwD3E2hG1ySzyFVcXgyL4UJZnJSOr4H/c5FjUQye0o?= =?us-ascii?Q?BWqgN3R5xYxFiaX3iV1C84ovnqKRQnEndDzrjhpn60SWDIf3KCvKLplaY/XL?= =?us-ascii?Q?lLWTiivOftd3dXPzjez8vue9voPvbR5SC5zRwhZQvOHwmB3Ko2ybjw/Afim/?= =?us-ascii?Q?dXc1iM5P7HPOY2u2OhM9Tt4fZMH72fVG7LnCmFBh8q0tQixhP7MacGRc1X4o?= =?us-ascii?Q?V6oS3FDzs3jzaS23JixC9vixWHhc8gDAGY3DGF4J8AKyxtpk5//mHDlHJba+?= =?us-ascii?Q?R/yt8U/IM6vfiSrnWabk9jhmiMvPxvp9Jk7m6VU+T2rsLCr6V/VSB9HNpYSu?= =?us-ascii?Q?N9+jWPgZ4DecMClhDGutEl7djOvLb2WlMnI8um9NxlgTCCp8kgnPsxqRQrQ9?= =?us-ascii?Q?y5NbZkJucH9U0tF5fYcQQsRZBn7ZT/vgJb/u00M+Hkh1/Z4nIwGCDZY9wtN4?= =?us-ascii?Q?IqkFsVCNpQlvpAfPTQpidqaSpHv/HnM09zMp6g/6P6UmVe62HcnUZSfKibRs?= =?us-ascii?Q?vV1/xyxZ9o+1Y0HwKwQa9tF6YOrggCYMwtAKFbHPlxGfyviQ7BkVmx3YZv5T?= =?us-ascii?Q?A7L2Yzxn/yWmZn8kZpGrw6O1QQ2X+l3T2SHFkqY5?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5879.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d4d7612b-5add-4add-0aed-08dad9bbe3c7 X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Dec 2022 08:03:42.9462 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: PKBCvyydSQ7LJam2pxdy0Zc4W7Z5WFM2rEyrevToZzbzlZxO2FrfZNfCj7PNeEeYmAV4yWB/17ldtRGDP9KBgw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ2PR11MB7645 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Since this is a big feature in SecurityPkg and MdeModulePkg, I proposal to = add *dedicated reviewer(s)* to support the maintenance work in EDKII. Something like: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D MdeModulePkg: Protected Variable F: MdeModulePkg/Universal/Variable/Protected/ F: R: SecurityPkg: Protected Variable F: SecurityPkg/Library/ProtectedVariableLib/ F: R: =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D Please follow the style at https://github.com/tianocore/edk2/blob/master/Ma= intainers.txt Thank you Yao, Jiewen > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Judah > Vang > Sent: Sunday, November 6, 2022 3:35 PM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH v5 00/19] UEFI variable protection >=20 > Patch 07 - Add PEI Variable Protection into a new directory and leave the > existing PEI Variable unchanged. >=20 > Patch 08 - Add RuntimeDxe Variable Protection into a new directory and > keep existing Variable for RuntimeDxe unchanged. >=20 > Patch 09 - Add reference to new Protected Variable libs. >=20 > Patch 16 - Applied code review comments by adding PEIM to library class >=20 > Patch 18 - Applied code review comments by removing unused API. >=20 > Notes: > The CryptoPkg changes are now being tracked separately. > Patches 21 on is no longer needed due to reorganization of the new > protected variable modules. >=20 > Judah Vang (19): > MdePkg: Add reference to new Ppi Guid > MdeModulePkg: Update AUTH_VARIABLE_INFO struct > MdeModulePkg: Add new ProtectedVariable GUIDs > MdeModulePkg: Add new include files > MdeModulePkg: Add new GUID for Variable Store Info > MdeModulePkg: Add Null ProtectedVariable Library > MdeModulePkg: Add new Variable functionality > MdeModulePkg: Add support for Protected Variables > MdeModulePkg: Reference Null ProtectedVariableLib > SecurityPkg: Add new GUIDs for > SecurityPkg: Add new KeyService types and defines > SecurityPkg: Add new variable types and functions > SecurityPkg: Update RPMC APIs with index > SecurityPkg: Fix GetVariableKey API > SecurityPkg: Add null encryption variable libs > SecurityPkg: Add VariableKey library function > SecurityPkg: Add EncryptionVariable lib with AES > SecurityPkg: Add Protected Variable Services > SecurityPkg: Add references to new *.inf files >=20 > MdeModulePkg/MdeModulePkg.dec > | 13 +- > SecurityPkg/SecurityPkg.dec > | 43 +- > MdeModulePkg/MdeModulePkg.dsc > | 20 +- > MdeModulePkg/Test/MdeModulePkgHostTest.dsc > | 8 + > SecurityPkg/SecurityPkg.dsc > | 13 +- >=20 > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull > .inf | 34 + > MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf > | 79 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni > tTest/VariableLockRequestToLockUnitTest.inf | 36 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxe.inf | 151 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i > nf | 153 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.inf | 119 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal > oneMm.inf | 143 + > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf > | 43 + >=20 > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.i= n > f | 34 + > SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf > | 64 + > SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf > | 68 + > SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf > | 67 + >=20 > SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi > b.inf | 62 + > SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf > | 36 + > MdeModulePkg/Include/Guid/ProtectedVariable.h > | 22 + > MdeModulePkg/Include/Library/AuthVariableLib.h > | 4 +- > MdeModulePkg/Include/Library/EncryptionVariableLib.h > | 165 + > MdeModulePkg/Include/Library/ProtectedVariableLib.h > | 607 +++ > MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h > | 225 ++ > MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h > | 309 ++ > MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h > | 116 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym > orphic.h | 158 + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h > | 948 +++++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol > atile.h | 67 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing > .h | 424 ++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eCache.h | 51 + > MdePkg/Include/Ppi/ReadOnlyVariable2.h > | 4 +- > SecurityPkg/Include/Library/RpmcLib.h > | 15 +- > SecurityPkg/Include/Library/VariableKeyLib.h > | 37 +- > SecurityPkg/Include/Ppi/KeyServicePpi.h > | 57 + > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h > | 49 + > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h > | 589 +++ > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c > | 336 ++ > MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c > | 628 +++ > MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c > | 941 +++++ > MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c > | 307 ++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c > | 343 ++ > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c > | 504 +++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni > tTest/VariableLockRequestToLockUnitTest.c | 607 +++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar > rierDxe.c | 27 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar > rierSmm.c | 26 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe > .c | 153 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm > m.c | 569 +++ > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c > | 101 + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c > | 4037 ++++++++++++++++++++ > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c > | 670 ++++ > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c > | 417 ++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe > questToLock.c | 96 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol > atile.c | 537 +++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing > .c | 1110 ++++++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS > mmDxe.c | 575 +++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eCache.c | 158 + > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c > | 1268 ++++++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.c | 1895 +++++++++ >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal > oneMm.c | 89 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi > onalMm.c | 130 + > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c > | 734 ++++ > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > | 92 + > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c > | 2103 ++++++++++ > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c > | 163 + > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c > | 1327 +++++++ > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c > | 209 + >=20 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm > on.c | 967 +++++ >=20 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c > | 233 ++ > SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c > | 8 +- > SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c > | 59 + > SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c > | 8 +- > MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni > | 16 + > MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni > | 14 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxe.uni | 22 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxeExtra.uni | 14 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u > ni | 27 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx > tra.uni | 14 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.uni | 23 + >=20 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxeExtra.uni | 14 + > 80 files changed, 26556 insertions(+), 48 deletions(-) > create mode 100644 > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull > .inf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni > tTest/VariableLockRequestToLockUnitTest.inf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxe.inf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i > nf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.inf > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal > oneMm.inf > create mode 100644 > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf > create mode 100644 > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.i= n > f > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi > b.inf > create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf > create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h > create mode 100644 > MdeModulePkg/Include/Library/EncryptionVariableLib.h > create mode 100644 > MdeModulePkg/Include/Library/ProtectedVariableLib.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym > orphic.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol > atile.h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing > .h > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eCache.h > create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h > create mode 100644 > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h > create mode 100644 > MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni > tTest/VariableLockRequestToLockUnitTest.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar > rierDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar > rierSmm.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe > .c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm > m.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe > questToLock.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol > atile.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing > .c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS > mmDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eCache.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal > oneMm.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi > onalMm.c > create mode 100644 > SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c > create mode 100644 > SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm > on.c > create mode 100644 > SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c > create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxe.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim > eDxeExtra.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u > ni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx > tra.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxe.uni > create mode 100644 > MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR > untimeDxeExtra.uni >=20 > -- > 2.35.1.windows.2 >=20 >=20 >=20 >=20 >=20