From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 8FAB47803CD for ; Mon, 9 Oct 2023 07:48:00 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=nfM4rXCo/sVbCxCMxZgLaNMFCKO8765AZi2x88mp8fo=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:Cc:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1696837679; v=1; b=WAnrw80Y45He+jcH7MzVECb0AStAEaGEOYzXHmuCGJTf39chN4Y5KywsJG3lgahsXmxQJ2CY tYbVH2TQ8mRQVfYabEBZjPUUtxeA3nl3m/A8WqKprWn8SWbOYniLGjlqZbHgSPT0SjZay29eXZk otIulo1MPGYf88M0xjGQ8KBw= X-Received: by 127.0.0.2 with SMTP id ortZYY7687511xGZkFI4EKRK; Mon, 09 Oct 2023 00:47:59 -0700 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web11.56041.1696837678458015711 for ; Mon, 09 Oct 2023 00:47:58 -0700 X-Received: from mimecast-mx02.redhat.com (mx-ext.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-654-7BKd_eirM1ir5UB0lbSqQQ-1; Mon, 09 Oct 2023 03:47:54 -0400 X-MC-Unique: 7BKd_eirM1ir5UB0lbSqQQ-1 X-Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.rdu2.redhat.com [10.11.54.7]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id B44E429ABA05; Mon, 9 Oct 2023 07:47:53 +0000 (UTC) X-Received: from [10.39.192.114] (unknown [10.39.192.114]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 8C098140EBB7; Mon, 9 Oct 2023 07:47:51 +0000 (UTC) Message-ID: Date: Mon, 9 Oct 2023 09:47:50 +0200 MIME-Version: 1.0 Subject: Re: [edk2-devel] [PATCH v5 10/28] OvmfPkg: Add Memory Protection Library Definitions to Platforms To: devel@edk2.groups.io, taylor.d.beebe@gmail.com Cc: Ard Biesheuvel , Jiewen Yao , Jordan Justen , Gerd Hoffmann , Rebecca Cran , Peter Grehan , =?UTF-8?Q?Corvin_K=c3=b6hne?= , Jianyong Wu , Anatol Belski , Anthony Perard , Julien Grall References: <20231009000742.1792-1-taylor.d.beebe@gmail.com> <20231009000742.1792-11-taylor.d.beebe@gmail.com> From: "Laszlo Ersek" In-Reply-To: <20231009000742.1792-11-taylor.d.beebe@gmail.com> X-Scanned-By: MIMEDefang 3.1 on 10.11.54.7 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 5nALAMy3sKX4Ik04rU6Be45Jx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=WAnrw80Y; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On 10/9/23 02:07, Taylor Beebe wrote: > Add library classes for SetMemoryProtectionsLib and > GetMemoryProtectionsLib to OvmfPkg platfomrs. > > Signed-off-by: Taylor Beebe > Cc: Ard Biesheuvel > Cc: Jiewen Yao > Cc: Jordan Justen > Cc: Gerd Hoffmann > Cc: Rebecca Cran > Cc: Peter Grehan > Cc: Corvin Köhne > Cc: Jianyong Wu > Cc: Anatol Belski > Cc: Anthony Perard > Cc: Julien Grall > --- > OvmfPkg/AmdSev/AmdSevX64.dsc | 1 + > OvmfPkg/Bhyve/BhyveX64.dsc | 1 + > OvmfPkg/CloudHv/CloudHvX64.dsc | 1 + > OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc | 15 +++++++++++++++ > OvmfPkg/IntelTdx/IntelTdxX64.dsc | 2 ++ > OvmfPkg/Microvm/MicrovmX64.dsc | 2 ++ > OvmfPkg/OvmfPkgIa32.dsc | 1 + > OvmfPkg/OvmfPkgIa32X64.dsc | 1 + > OvmfPkg/OvmfPkgX64.dsc | 1 + > OvmfPkg/OvmfXen.dsc | 2 ++ > OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc | 2 ++ > 11 files changed, 29 insertions(+) > > diff --git a/OvmfPkg/AmdSev/AmdSevX64.dsc b/OvmfPkg/AmdSev/AmdSevX64.dsc > index 302c90e7c2b4..b67b50b833b9 100644 > --- a/OvmfPkg/AmdSev/AmdSevX64.dsc > +++ b/OvmfPkg/AmdSev/AmdSevX64.dsc > @@ -203,6 +203,7 @@ [LibraryClasses] > S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/Bhyve/BhyveX64.dsc b/OvmfPkg/Bhyve/BhyveX64.dsc > index 6693342c5f6e..5af5831196f6 100644 > --- a/OvmfPkg/Bhyve/BhyveX64.dsc > +++ b/OvmfPkg/Bhyve/BhyveX64.dsc > @@ -229,6 +229,7 @@ [LibraryClasses] > XenPlatformLib|OvmfPkg/Library/XenPlatformLib/XenPlatformLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/CloudHv/CloudHvX64.dsc b/OvmfPkg/CloudHv/CloudHvX64.dsc > index 35942e02df93..c550ebcd659e 100644 > --- a/OvmfPkg/CloudHv/CloudHvX64.dsc > +++ b/OvmfPkg/CloudHv/CloudHvX64.dsc > @@ -239,6 +239,7 @@ [LibraryClasses] > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc b/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > new file mode 100644 > index 000000000000..049fdef3f0c1 > --- /dev/null > +++ b/OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > @@ -0,0 +1,15 @@ > +## > +# SPDX-License-Identifier: BSD-2-Clause-Patent > +## > + > +# > +# Memory Protection Libraries > +# > +[LibraryClasses.common] > + SetMemoryProtectionsLib|MdeModulePkg/Library/SetMemoryProtectionsLib/SetMemoryProtectionsLib.inf > + > +[LibraryClasses.common.SMM_CORE, LibraryClasses.common.DXE_SMM_DRIVER, LibraryClasses.common.MM_CORE_STANDALONE, LibraryClasses.common.MM_STANDALONE] > + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/MmGetMemoryProtectionsLib.inf > + > +[LibraryClasses.common.DXE_CORE, LibraryClasses.common.DXE_DRIVER, LibraryClasses.common.UEFI_APPLICATION, LibraryClasses.common.UEFI_DRIVER] > + GetMemoryProtectionsLib|MdeModulePkg/Library/GetMemoryProtectionsLib/DxeGetMemoryProtectionsLib.inf > diff --git a/OvmfPkg/IntelTdx/IntelTdxX64.dsc b/OvmfPkg/IntelTdx/IntelTdxX64.dsc > index 182ec3705dd3..a3370f45940c 100644 > --- a/OvmfPkg/IntelTdx/IntelTdxX64.dsc > +++ b/OvmfPkg/IntelTdx/IntelTdxX64.dsc > @@ -211,6 +211,8 @@ [LibraryClasses] > Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf > TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf > > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > + > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf > diff --git a/OvmfPkg/Microvm/MicrovmX64.dsc b/OvmfPkg/Microvm/MicrovmX64.dsc > index 0f26f2a9a97d..da5a4862bfdc 100644 > --- a/OvmfPkg/Microvm/MicrovmX64.dsc > +++ b/OvmfPkg/Microvm/MicrovmX64.dsc > @@ -238,6 +238,8 @@ [LibraryClasses] > Tcg2PhysicalPresenceLib|OvmfPkg/Library/Tcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLib.inf > TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf > > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > + > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > CcExitLib|OvmfPkg/Library/CcExitLib/CcExitLib.inf > diff --git a/OvmfPkg/OvmfPkgIa32.dsc b/OvmfPkg/OvmfPkgIa32.dsc > index fcd3a3fda5f2..d4d14b69ef1d 100644 > --- a/OvmfPkg/OvmfPkgIa32.dsc > +++ b/OvmfPkg/OvmfPkgIa32.dsc > @@ -246,6 +246,7 @@ [LibraryClasses] > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/OvmfPkgIa32X64.dsc b/OvmfPkg/OvmfPkgIa32X64.dsc > index d0ae0b996d66..674010323df1 100644 > --- a/OvmfPkg/OvmfPkgIa32X64.dsc > +++ b/OvmfPkg/OvmfPkgIa32X64.dsc > @@ -251,6 +251,7 @@ [LibraryClasses] > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc > index a6811eee557e..08b70d76d292 100644 > --- a/OvmfPkg/OvmfPkgX64.dsc > +++ b/OvmfPkg/OvmfPkgX64.dsc > @@ -267,6 +267,7 @@ [LibraryClasses] > OrderedCollectionLib|MdePkg/Library/BaseOrderedCollectionRedBlackTreeLib/BaseOrderedCollectionRedBlackTreeLib.inf > > !include OvmfPkg/Include/Dsc/OvmfTpmLibs.dsc.inc > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > diff --git a/OvmfPkg/OvmfXen.dsc b/OvmfPkg/OvmfXen.dsc > index ccd3a873c714..d80e20a151d7 100644 > --- a/OvmfPkg/OvmfXen.dsc > +++ b/OvmfPkg/OvmfXen.dsc > @@ -231,6 +231,8 @@ [LibraryClasses] > DebugLib|OvmfPkg/Library/PlatformDebugLibIoPort/PlatformDebugLibIoPort.inf > !endif > > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > + > [LibraryClasses.common] > BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf > CcExitLib|UefiCpuPkg/Library/CcExitLibNull/CcExitLibNull.inf > diff --git a/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc b/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc > index 34b2037824f1..dd25a34796e5 100644 > --- a/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc > +++ b/OvmfPkg/RiscVVirt/RiscVVirtQemu.dsc > @@ -112,6 +112,8 @@ [LibraryClasses.common] > TpmPlatformHierarchyLib|SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLibNull/PeiDxeTpmPlatformHierarchyLib.inf > !endif > > +!include OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc > + > [LibraryClasses.common.DXE_DRIVER] > AcpiPlatformLib|OvmfPkg/Library/AcpiPlatformLib/DxeAcpiPlatformLib.inf > ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf I'm unconvinced that a new DSC include file buys us much in this case. But, I'm not dead-set against it; if other reviewers like this approach, then I'm fine. However, the new file "OvmfPkg/Include/Dsc/MemoryProtectionLibraries.dsc.inc" includes neither a top-level @file comment (bad, but not critical), nor a Copyright notice (which *is* critical). In fact, none of the dsc.inc files under OvmfPkg/Include/Dsc have copyright notices, and some of the fdf.inc files under /OvmfPkg/Include/Fdf lack them too. That's a serious bug IMO that goes back to the introduction of those include files. At least don't perpetuate that mistake here, please. The EccCheck CI plugin actually enforces copyright notices in metafiles. We have at least two reasons why ECC has not been catching these copyright notice problems: - EccCheck is disabled for OvmfPkg (not surprisingly: ECC also makes a lot of invalid / inane complaints) - I *think* ECC does not recognize "*.dsc.inc", "*.fdf.inc", etc as metafiles. Laszlo -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#109441): https://edk2.groups.io/g/devel/message/109441 Mute This Topic: https://groups.io/mt/101843352/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-