From: Laszlo Ersek <lersek@redhat.com>
To: Leif Lindholm <leif.lindholm@linaro.org>,
kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org>
Cc: edk2-devel@lists.01.org, ard.biesheuvel@linaro.org,
mark.gregotski@linaro.org
Subject: Re: [PATCH] [edk2-platforms]:Enabling Secure boot feature support on hikey platfrom
Date: Mon, 27 Nov 2017 14:02:32 +0100 [thread overview]
Message-ID: <f61e3e29-6621-2031-cf97-882364d9f826@redhat.com> (raw)
In-Reply-To: <20171126152206.yhb7gvofp4ne6f62@bivouac.eciton.net>
On 11/26/17 16:22, Leif Lindholm wrote:
> (Adding Laszlo to cc based on a single comment I make below.)
>
> On Tue, Nov 21, 2017 at 04:23:36PM +0530, kalyan-nagabhirava wrote:
>> [Guids.common]
>> gHiKeyTokenSpaceGuid = { 0x91148425, 0xcdd2, 0x4830, { 0x8b, 0xd0, 0xc6, 0x1c, 0x6d, 0xea, 0x36, 0x21 } }
>> + gHwTokenSpaceGuid = { 0x99999999, 0x74c5, 0x4043, { 0xb4, 0x17, 0xa3, 0x22, 0x38, 0x14, 0xce, 0x76 } }
>
> This very much looks like a not properly generated GUID.
> GUIDs must always be generated using an RFC4122-compliant algorithm.
> I generally recommend using
> https://www.guidgenerator.com/online-guid-generator.aspx.
I just run "uuidgen" in a terminal window.
>> +EFI_STATUS
>> +EFIAPI
>> +FvbSetAttributes(
>> + IN CONST EFI_FIRMWARE_VOLUME_BLOCK2_PROTOCOL *This,
>> + IN OUT EFI_FVB_ATTRIBUTES_2 *Attributes
>> + )
>> +{
>> + DEBUG ((DEBUG_BLKIO, "FvbSetAttributes(0x%X) is not supported\n",*Attributes));
>> + return EFI_UNSUPPORTED;
>
> As per my (very) recent comment to Marcin, I do not believe returning
> EFI_UNSUPPORTED is a valid thing to do here. Which to me suggests the
> implementation of FvbGetAttributes is also incorrect.
>
> Laszlo - what's your take on this in conjunction with PI 1.6 section
> 3.4.2? OvmfPkg does something very similar in
> EmuVariableFvbRuntimeDxe/Fvb.c.
I guess you are right. The particular OvmfPkg code that you mention is
likely also spec-breaking.
FWIW, in the OVMF flash driver that actually uses pflash, namely
OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockService.c
the FvbSetVolumeAttributes() function appears both appropriate for the
spec and generic enough to copy elsewhere.
Thanks
Laszlo
next prev parent reply other threads:[~2017-11-27 12:58 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-11-21 10:53 [PATCH] [edk2-platforms]:Enabling Secure boot feature support on hikey platfrom kalyan-nagabhirava
2017-11-26 15:22 ` Leif Lindholm
2017-11-27 13:02 ` Laszlo Ersek [this message]
2017-11-27 16:57 ` Leif Lindholm
2017-11-28 7:35 ` Kalyan Nagabhirava
2017-11-28 12:37 ` Leif Lindholm
2017-11-28 13:01 ` Kalyan Nagabhirava
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=f61e3e29-6621-2031-cf97-882364d9f826@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox