From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=209.132.183.28; helo=mx1.redhat.com; envelope-from=lersek@redhat.com; receiver=edk2-devel@lists.01.org Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8B27A21A1099D for ; Mon, 27 Nov 2017 04:58:45 -0800 (PST) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 0F2673DBEE; Mon, 27 Nov 2017 13:03:07 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-120-232.rdu2.redhat.com [10.10.120.232]) by smtp.corp.redhat.com (Postfix) with ESMTP id CC77B6198C; Mon, 27 Nov 2017 13:03:05 +0000 (UTC) To: Leif Lindholm , kalyan-nagabhirava Cc: edk2-devel@lists.01.org, ard.biesheuvel@linaro.org, mark.gregotski@linaro.org References: <20171121105336.26699-1-kalyankumar.nagabhirava@linaro.org> <20171126152206.yhb7gvofp4ne6f62@bivouac.eciton.net> From: Laszlo Ersek Message-ID: Date: Mon, 27 Nov 2017 14:02:32 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: <20171126152206.yhb7gvofp4ne6f62@bivouac.eciton.net> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.30]); Mon, 27 Nov 2017 13:03:07 +0000 (UTC) Subject: Re: [PATCH] [edk2-platforms]:Enabling Secure boot feature support on hikey platfrom X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 27 Nov 2017 12:58:45 -0000 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit On 11/26/17 16:22, Leif Lindholm wrote: > (Adding Laszlo to cc based on a single comment I make below.) > > On Tue, Nov 21, 2017 at 04:23:36PM +0530, kalyan-nagabhirava wrote: >> [Guids.common] >> gHiKeyTokenSpaceGuid = { 0x91148425, 0xcdd2, 0x4830, { 0x8b, 0xd0, 0xc6, 0x1c, 0x6d, 0xea, 0x36, 0x21 } } >> + gHwTokenSpaceGuid = { 0x99999999, 0x74c5, 0x4043, { 0xb4, 0x17, 0xa3, 0x22, 0x38, 0x14, 0xce, 0x76 } } > > This very much looks like a not properly generated GUID. > GUIDs must always be generated using an RFC4122-compliant algorithm. > I generally recommend using > https://www.guidgenerator.com/online-guid-generator.aspx. I just run "uuidgen" in a terminal window. >> +EFI_STATUS >> +EFIAPI >> +FvbSetAttributes( >> + IN CONST EFI_FIRMWARE_VOLUME_BLOCK2_PROTOCOL *This, >> + IN OUT EFI_FVB_ATTRIBUTES_2 *Attributes >> + ) >> +{ >> + DEBUG ((DEBUG_BLKIO, "FvbSetAttributes(0x%X) is not supported\n",*Attributes)); >> + return EFI_UNSUPPORTED; > > As per my (very) recent comment to Marcin, I do not believe returning > EFI_UNSUPPORTED is a valid thing to do here. Which to me suggests the > implementation of FvbGetAttributes is also incorrect. > > Laszlo - what's your take on this in conjunction with PI 1.6 section > 3.4.2? OvmfPkg does something very similar in > EmuVariableFvbRuntimeDxe/Fvb.c. I guess you are right. The particular OvmfPkg code that you mention is likely also spec-breaking. FWIW, in the OVMF flash driver that actually uses pflash, namely OvmfPkg/QemuFlashFvbServicesRuntimeDxe/FwBlockService.c the FvbSetVolumeAttributes() function appears both appropriate for the spec and generic enough to copy elsewhere. Thanks Laszlo