[edk2-devel] [PATCH V6 04/10] MdeModulePkg/Variable: Parameterize auth status in VariableParsing

Kubacki, Michael A posted 10 patches 5 weeks ago

[edk2-devel] [PATCH V6 04/10] MdeModulePkg/Variable: Parameterize auth status in VariableParsing

Posted by Kubacki, Michael A 5 weeks ago
The file VariableParsing.c provides generic functionality related
to parsing variable related structures and information. In order to
calculate offsets for certain operations, the functions must know if
authenticated variables are enabled as this increases the size of
variable headers.

This change removes linking against a global variable in an external file
in favor of passing the authenticated variable status as a parameter to
the variable parsing functions.

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h |  82 +++++--
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c        | 258 ++++++++++++++------
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c   |  15 +-
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c | 146 +++++++----
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c     |   5 +-
 5 files changed, 339 insertions(+), 167 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
index 1777ce0e69..92a729d140 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.h
@@ -49,53 +49,65 @@ GetVariableStoreStatus (
 /**
   This code gets the size of variable header.
 
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
+
   @return Size of variable header in bytes in type UINTN.
 
 **/
 UINTN
 GetVariableHeaderSize (
-  VOID
+  IN  BOOLEAN   AuthFormat
   );
 
 /**
 
   This code gets the size of name of variable.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in]  Variable      Pointer to the variable header.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
   @return UINTN          Size of variable in bytes.
 
 **/
 UINTN
 NameSizeOfVariable (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
   This code sets the size of name of variable.
 
-  @param[in] Variable   Pointer to the Variable Header.
-  @param[in] NameSize   Name size to set.
+  @param[in]  Variable      Pointer to the Variable Header.
+  @param[in]  NameSize      Name size to set.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
 **/
 VOID
 SetNameSizeOfVariable (
   IN VARIABLE_HEADER    *Variable,
-  IN UINTN              NameSize
+  IN UINTN              NameSize,
+  IN BOOLEAN            AuthFormat
   );
 
 /**
 
   This code gets the size of variable data.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in]  Variable      Pointer to the Variable Header.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
   @return Size of variable in bytes.
 
 **/
 UINTN
 DataSizeOfVariable (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
@@ -103,80 +115,98 @@ DataSizeOfVariable (
 
   @param[in] Variable   Pointer to the Variable Header.
   @param[in] DataSize   Data size to set.
+  @param[in] AuthFormat TRUE indicates authenticated variables are used.
+                        FALSE indicates authenticated variables are not used.
 
 **/
 VOID
 SetDataSizeOfVariable (
-  IN VARIABLE_HEADER    *Variable,
-  IN UINTN              DataSize
+  IN  VARIABLE_HEADER   *Variable,
+  IN  UINTN             DataSize,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
 
   This code gets the pointer to the variable name.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to Variable Name which is Unicode encoding.
 
 **/
 CHAR16 *
 GetVariableNamePtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
   This code gets the pointer to the variable guid.
 
-  @param Variable   Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return A EFI_GUID* pointer to Vendor Guid.
 
 **/
 EFI_GUID *
 GetVendorGuidPtr (
-  IN VARIABLE_HEADER    *Variable
+  IN  VARIABLE_HEADER    *Variable,
+  IN  BOOLEAN            AuthFormat
   );
 
 /**
 
   This code gets the pointer to the variable data.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to Variable Data.
 
 **/
 UINT8 *
 GetVariableDataPtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER    *Variable,
+  IN  BOOLEAN            AuthFormat
   );
 
 /**
   This code gets the variable data offset related to variable header.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Variable Data offset.
 
 **/
 UINTN
 GetVariableDataOffset (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
 
   This code gets the pointer to the next variable header.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to next variable header.
 
 **/
 VARIABLE_HEADER *
 GetNextVariablePtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   );
 
 /**
@@ -235,6 +265,8 @@ VariableCompareTimeStampInternal (
   @param[in]       IgnoreRtCheck       Ignore EFI_VARIABLE_RUNTIME_ACCESS attribute
                                        check at runtime when searching variable.
   @param[in, out]  PtrTrack            Variable Track Pointer structure that contains Variable Information.
+  @param[in]       AuthFormat          TRUE indicates authenticated variables are used.
+                                       FALSE indicates authenticated variables are not used.
 
   @retval          EFI_SUCCESS         Variable found successfully
   @retval          EFI_NOT_FOUND       Variable not found
@@ -244,7 +276,8 @@ FindVariableEx (
   IN     CHAR16                  *VariableName,
   IN     EFI_GUID                *VendorGuid,
   IN     BOOLEAN                 IgnoreRtCheck,
-  IN OUT VARIABLE_POINTER_TRACK  *PtrTrack
+  IN OUT VARIABLE_POINTER_TRACK  *PtrTrack,
+  IN     BOOLEAN                 AuthFormat
   );
 
 /**
@@ -258,10 +291,12 @@ FindVariableEx (
   @param[in]  VariableStoreList A list of variable stores that should be used to get the next variable.
                                 The maximum number of entries is the max value of VARIABLE_STORE_TYPE.
   @param[out] VariablePtr       Pointer to variable header address.
+  @param[in]  AuthFormat        TRUE indicates authenticated variables are used.
+                                FALSE indicates authenticated variables are not used.
 
   @retval EFI_SUCCESS           The function completed successfully.
   @retval EFI_NOT_FOUND         The next variable was not found.
-  @retval EFI_INVALID_PARAMETER If VariableName is nt an empty string, while VendorGuid is NULL.
+  @retval EFI_INVALID_PARAMETER If VariableName is not an empty string, while VendorGuid is NULL.
   @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and
                                 GUID of an existing variable.
 
@@ -272,7 +307,8 @@ VariableServiceGetNextVariableInternal (
   IN  CHAR16                *VariableName,
   IN  EFI_GUID              *VendorGuid,
   IN  VARIABLE_STORE_HEADER **VariableStoreList,
-  OUT VARIABLE_HEADER       **VariablePtr
+  OUT VARIABLE_HEADER       **VariablePtr,
+  IN  BOOLEAN               AuthFormat
   );
 
 /**
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 5cc12c2ae0..2e32905dfe 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -311,7 +311,7 @@ RecordVarErrorFlag (
              FALSE
              );
   if (!EFI_ERROR (Status)) {
-    VarErrFlag = (VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr);
+    VarErrFlag = (VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
     TempFlag = *VarErrFlag;
     TempFlag &= Flag;
     if (TempFlag == *VarErrFlag) {
@@ -369,7 +369,7 @@ InitializeVarErrorFlag (
              FALSE
              );
   if (!EFI_ERROR (Status)) {
-    VarErrFlag = *((VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr));
+    VarErrFlag = *((VAR_ERROR_FLAG *) GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat));
     if (VarErrFlag == Flag) {
       return;
     }
@@ -410,7 +410,11 @@ IsUserVariable (
   // then no need to check if the variable is user variable or not specially.
   //
   if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {
-    if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
+    if (VarCheckLibVariablePropertyGet (
+          GetVariableNamePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+          GetVendorGuidPtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+          &Property
+          ) == EFI_NOT_FOUND) {
       return TRUE;
     }
   }
@@ -439,10 +443,14 @@ CalculateCommonUserVariableTotalSize (
   if (mEndOfDxe && (mVariableModuleGlobal->CommonMaxUserVariableSpace != mVariableModuleGlobal->CommonVariableSpace)) {
     Variable = GetStartPointer (mNvVariableCache);
     while (IsValidVariableHeader (Variable, GetEndPointer (mNvVariableCache))) {
-      NextVariable = GetNextVariablePtr (Variable);
+      NextVariable = GetNextVariablePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat);
       VariableSize = (UINTN) NextVariable - (UINTN) Variable;
       if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) != EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
-        if (VarCheckLibVariablePropertyGet (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &Property) == EFI_NOT_FOUND) {
+        if (VarCheckLibVariablePropertyGet (
+              GetVariableNamePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+              GetVendorGuidPtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+              &Property
+              ) == EFI_NOT_FOUND) {
           //
           // No property, it is user variable.
           //
@@ -518,7 +526,9 @@ Reclaim (
   UINTN                 HwErrVariableTotalSize;
   VARIABLE_HEADER       *UpdatingVariable;
   VARIABLE_HEADER       *UpdatingInDeletedTransition;
+  BOOLEAN               AuthFormat;
 
+  AuthFormat = mVariableModuleGlobal->VariableGlobal.AuthFormat;
   UpdatingVariable = NULL;
   UpdatingInDeletedTransition = NULL;
   if (UpdatingPtrTrack != NULL) {
@@ -540,7 +550,7 @@ Reclaim (
     MaximumBufferSize = sizeof (VARIABLE_STORE_HEADER);
 
     while (IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))) {
-      NextVariable = GetNextVariablePtr (Variable);
+      NextVariable = GetNextVariablePtr (Variable, AuthFormat);
       if ((Variable->State == VAR_ADDED || Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) &&
           Variable != UpdatingVariable &&
           Variable != UpdatingInDeletedTransition
@@ -590,7 +600,7 @@ Reclaim (
   //
   Variable = GetStartPointer (VariableStoreHeader);
   while (IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))) {
-    NextVariable = GetNextVariablePtr (Variable);
+    NextVariable = GetNextVariablePtr (Variable, AuthFormat);
     if (Variable != UpdatingVariable && Variable->State == VAR_ADDED) {
       VariableSize = (UINTN) NextVariable - (UINTN) Variable;
       CopyMem (CurrPtr, (UINT8 *) Variable, VariableSize);
@@ -612,7 +622,7 @@ Reclaim (
   //
   Variable = GetStartPointer (VariableStoreHeader);
   while (IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))) {
-    NextVariable = GetNextVariablePtr (Variable);
+    NextVariable = GetNextVariablePtr (Variable, AuthFormat);
     if (Variable != UpdatingVariable && Variable != UpdatingInDeletedTransition && Variable->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
 
       //
@@ -624,13 +634,14 @@ Reclaim (
       FoundAdded = FALSE;
       AddedVariable = GetStartPointer ((VARIABLE_STORE_HEADER *) ValidBuffer);
       while (IsValidVariableHeader (AddedVariable, GetEndPointer ((VARIABLE_STORE_HEADER *) ValidBuffer))) {
-        NextAddedVariable = GetNextVariablePtr (AddedVariable);
-        NameSize = NameSizeOfVariable (AddedVariable);
-        if (CompareGuid (GetVendorGuidPtr (AddedVariable), GetVendorGuidPtr (Variable)) &&
-            NameSize == NameSizeOfVariable (Variable)
-           ) {
-          Point0 = (VOID *) GetVariableNamePtr (AddedVariable);
-          Point1 = (VOID *) GetVariableNamePtr (Variable);
+        NextAddedVariable = GetNextVariablePtr (AddedVariable, AuthFormat);
+        NameSize = NameSizeOfVariable (AddedVariable, AuthFormat);
+        if (CompareGuid (
+              GetVendorGuidPtr (AddedVariable, AuthFormat),
+              GetVendorGuidPtr (Variable, AuthFormat)
+            ) && NameSize == NameSizeOfVariable (Variable, AuthFormat)) {
+          Point0 = (VOID *) GetVariableNamePtr (AddedVariable, AuthFormat);
+          Point1 = (VOID *) GetVariableNamePtr (Variable, AuthFormat);
           if (CompareMem (Point0, Point1, NameSize) == 0) {
             FoundAdded = TRUE;
             break;
@@ -735,7 +746,7 @@ Reclaim (
       mVariableModuleGlobal->CommonUserVariableTotalSize = 0;
       Variable = GetStartPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase);
       while (IsValidVariableHeader (Variable, GetEndPointer ((VARIABLE_STORE_HEADER *)(UINTN)VariableBase))) {
-        NextVariable = GetNextVariablePtr (Variable);
+        NextVariable = GetNextVariablePtr (Variable, AuthFormat);
         VariableSize = (UINTN) NextVariable - (UINTN) Variable;
         if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
           mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize;
@@ -829,7 +840,13 @@ FindVariable (
     PtrTrack->EndPtr   = GetEndPointer   (VariableStoreHeader[Type]);
     PtrTrack->Volatile = (BOOLEAN) (Type == VariableStoreTypeVolatile);
 
-    Status = FindVariableEx (VariableName, VendorGuid, IgnoreRtCheck, PtrTrack);
+    Status =  FindVariableEx (
+                VariableName,
+                VendorGuid,
+                IgnoreRtCheck,
+                PtrTrack,
+                mVariableModuleGlobal->VariableGlobal.AuthFormat
+                );
     if (!EFI_ERROR (Status)) {
       return Status;
     }
@@ -1199,7 +1216,11 @@ CheckRemainingSpaceForConsistencyInternal (
     VarNameSize += GET_PAD_SIZE (VarNameSize);
     VarDataSize  = VariableEntry->VariableSize;
     VarDataSize += GET_PAD_SIZE (VarDataSize);
-    VariableEntry->VariableSize = HEADER_ALIGN (GetVariableHeaderSize () + VarNameSize + VarDataSize);
+    VariableEntry->VariableSize = HEADER_ALIGN (
+                                    GetVariableHeaderSize (
+                                      mVariableModuleGlobal->VariableGlobal.AuthFormat
+                                      ) + VarNameSize + VarDataSize
+                                    );
 
     TotalNeededSize += VariableEntry->VariableSize;
     VariableEntry = VA_ARG (Args, VARIABLE_ENTRY_CONSISTENCY *);
@@ -1232,13 +1253,14 @@ CheckRemainingSpaceForConsistencyInternal (
                VariableEntry->Name,
                VariableEntry->Guid,
                FALSE,
-               &VariablePtrTrack
+               &VariablePtrTrack,
+               mVariableModuleGlobal->VariableGlobal.AuthFormat
                );
     if (!EFI_ERROR (Status)) {
       //
       // Get size of Variable[Index].
       //
-      NextVariable = GetNextVariablePtr (VariablePtrTrack.CurrPtr);
+      NextVariable = GetNextVariablePtr (VariablePtrTrack.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
       OriginalVarSize = (UINTN) NextVariable - (UINTN) VariablePtrTrack.CurrPtr;
       //
       // Add the original size of Variable[Index] to remaining variable storage size.
@@ -1410,8 +1432,8 @@ AutoUpdateLangVariable (
       // Update Lang
       //
       VariableName = EFI_PLATFORM_LANG_VARIABLE_NAME;
-      Data         = GetVariableDataPtr (Variable.CurrPtr);
-      DataSize     = DataSizeOfVariable (Variable.CurrPtr);
+      Data         = GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+      DataSize     = DataSizeOfVariable (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
     } else {
       Status = FindVariable (EFI_LANG_VARIABLE_NAME, &gEfiGlobalVariableGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE);
       if (!EFI_ERROR (Status)) {
@@ -1419,8 +1441,8 @@ AutoUpdateLangVariable (
         // Update PlatformLang
         //
         VariableName = EFI_LANG_VARIABLE_NAME;
-        Data         = GetVariableDataPtr (Variable.CurrPtr);
-        DataSize     = DataSizeOfVariable (Variable.CurrPtr);
+        Data         = GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+        DataSize     = DataSizeOfVariable (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
       } else {
         //
         // Neither PlatformLang nor Lang is set, directly return
@@ -1598,6 +1620,7 @@ UpdateVariable (
   BOOLEAN                             IsCommonVariable;
   BOOLEAN                             IsCommonUserVariable;
   AUTHENTICATED_VARIABLE_HEADER       *AuthVariable;
+  BOOLEAN                             AuthFormat;
 
   if (mVariableModuleGlobal->FvbInstance == NULL && !mVariableModuleGlobal->VariableGlobal.EmuNvMode) {
     //
@@ -1619,6 +1642,8 @@ UpdateVariable (
     }
   }
 
+  AuthFormat = mVariableModuleGlobal->VariableGlobal.AuthFormat;
+
   //
   // Check if CacheVariable points to the variable in variable HOB.
   // If yes, let CacheVariable points to the variable in NV variable cache.
@@ -1630,7 +1655,7 @@ UpdateVariable (
     CacheVariable->StartPtr = GetStartPointer (mNvVariableCache);
     CacheVariable->EndPtr   = GetEndPointer   (mNvVariableCache);
     CacheVariable->Volatile = FALSE;
-    Status = FindVariableEx (VariableName, VendorGuid, FALSE, CacheVariable);
+    Status = FindVariableEx (VariableName, VendorGuid, FALSE, CacheVariable, AuthFormat);
     if (CacheVariable->CurrPtr == NULL || EFI_ERROR (Status)) {
       //
       // There is no matched variable in NV variable cache.
@@ -1770,8 +1795,8 @@ UpdateVariable (
     // If the variable is marked valid, and the same data has been passed in,
     // then return to the caller immediately.
     //
-    if (DataSizeOfVariable (CacheVariable->CurrPtr) == DataSize &&
-        (CompareMem (Data, GetVariableDataPtr (CacheVariable->CurrPtr), DataSize) == 0) &&
+    if (DataSizeOfVariable (CacheVariable->CurrPtr, AuthFormat) == DataSize &&
+        (CompareMem (Data, GetVariableDataPtr (CacheVariable->CurrPtr, AuthFormat), DataSize) == 0) &&
         ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) &&
         (TimeStamp == NULL)) {
       //
@@ -1791,9 +1816,13 @@ UpdateVariable (
         // NOTE: From 0 to DataOffset of NextVariable is reserved for Variable Header and Name.
         // From DataOffset of NextVariable is to save the existing variable data.
         //
-        DataOffset = GetVariableDataOffset (CacheVariable->CurrPtr);
+        DataOffset = GetVariableDataOffset (CacheVariable->CurrPtr, AuthFormat);
         BufferForMerge = (UINT8 *) ((UINTN) NextVariable + DataOffset);
-        CopyMem (BufferForMerge, (UINT8 *) ((UINTN) CacheVariable->CurrPtr + DataOffset), DataSizeOfVariable (CacheVariable->CurrPtr));
+        CopyMem (
+          BufferForMerge,
+          (UINT8 *) ((UINTN) CacheVariable->CurrPtr + DataOffset),
+          DataSizeOfVariable (CacheVariable->CurrPtr, AuthFormat)
+          );
 
         //
         // Set Max Auth/Non-Volatile/Volatile Variable Data Size as default MaxDataSize.
@@ -1814,15 +1843,22 @@ UpdateVariable (
           MaxDataSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - DataOffset;
         }
 
-        if (DataSizeOfVariable (CacheVariable->CurrPtr) + DataSize > MaxDataSize) {
+        if (DataSizeOfVariable (CacheVariable->CurrPtr, AuthFormat) + DataSize > MaxDataSize) {
           //
           // Existing data size + new data size exceed maximum variable size limitation.
           //
           Status = EFI_INVALID_PARAMETER;
           goto Done;
         }
-        CopyMem ((UINT8*) ((UINTN) BufferForMerge + DataSizeOfVariable (CacheVariable->CurrPtr)), Data, DataSize);
-        MergedBufSize = DataSizeOfVariable (CacheVariable->CurrPtr) + DataSize;
+        CopyMem (
+          (UINT8*) (
+            (UINTN) BufferForMerge + DataSizeOfVariable (CacheVariable->CurrPtr, AuthFormat)
+            ),
+          Data,
+          DataSize
+          );
+        MergedBufSize = DataSizeOfVariable (CacheVariable->CurrPtr, AuthFormat) +
+                          DataSize;
 
         //
         // BufferForMerge(from DataOffset of NextVariable) has included the merged existing and new data.
@@ -1925,7 +1961,7 @@ UpdateVariable (
   //
   NextVariable->Attributes  = Attributes & (~EFI_VARIABLE_APPEND_WRITE);
 
-  VarNameOffset                 = GetVariableHeaderSize ();
+  VarNameOffset                 = GetVariableHeaderSize (AuthFormat);
   VarNameSize                   = StrSize (VariableName);
   CopyMem (
     (UINT8 *) ((UINTN) NextVariable + VarNameOffset),
@@ -1946,14 +1982,18 @@ UpdateVariable (
       );
   }
 
-  CopyMem (GetVendorGuidPtr (NextVariable), VendorGuid, sizeof (EFI_GUID));
+  CopyMem (
+    GetVendorGuidPtr (NextVariable, AuthFormat),
+    VendorGuid,
+    sizeof (EFI_GUID)
+    );
   //
   // There will be pad bytes after Data, the NextVariable->NameSize and
   // NextVariable->DataSize should not include pad size so that variable
   // service can get actual size in GetVariable.
   //
-  SetNameSizeOfVariable (NextVariable, VarNameSize);
-  SetDataSizeOfVariable (NextVariable, DataSize);
+  SetNameSizeOfVariable (NextVariable, VarNameSize, AuthFormat);
+  SetDataSizeOfVariable (NextVariable, DataSize, AuthFormat);
 
   //
   // The actual size of the variable that stores in storage should
@@ -2036,7 +2076,7 @@ UpdateVariable (
                  TRUE,
                  Fvb,
                  mVariableModuleGlobal->NonVolatileLastVariableOffset,
-                 (UINT32) GetVariableHeaderSize (),
+                 (UINT32) GetVariableHeaderSize (AuthFormat),
                  (UINT8 *) NextVariable
                  );
 
@@ -2069,9 +2109,9 @@ UpdateVariable (
                  FALSE,
                  TRUE,
                  Fvb,
-                 mVariableModuleGlobal->NonVolatileLastVariableOffset + GetVariableHeaderSize (),
-                 (UINT32) (VarSize - GetVariableHeaderSize ()),
-                 (UINT8 *) NextVariable + GetVariableHeaderSize ()
+                 mVariableModuleGlobal->NonVolatileLastVariableOffset + GetVariableHeaderSize (AuthFormat),
+                 (UINT32) (VarSize - GetVariableHeaderSize (AuthFormat)),
+                 (UINT8 *) NextVariable + GetVariableHeaderSize (AuthFormat)
                  );
 
       if (EFI_ERROR (Status)) {
@@ -2291,7 +2331,7 @@ VariableServiceGetVariable (
   //
   // Get data size
   //
-  VarDataSize = DataSizeOfVariable (Variable.CurrPtr);
+  VarDataSize = DataSizeOfVariable (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
   ASSERT (VarDataSize != 0);
 
   if (*DataSize >= VarDataSize) {
@@ -2300,7 +2340,7 @@ VariableServiceGetVariable (
       goto Done;
     }
 
-    CopyMem (Data, GetVariableDataPtr (Variable.CurrPtr), VarDataSize);
+    CopyMem (Data, GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat), VarDataSize);
     if (Attributes != NULL) {
       *Attributes = Variable.CurrPtr->Attributes;
     }
@@ -2357,6 +2397,7 @@ VariableServiceGetNextVariableName (
   EFI_STATUS              Status;
   UINTN                   MaxLen;
   UINTN                   VarNameSize;
+  BOOLEAN                 AuthFormat;
   VARIABLE_HEADER         *VariablePtr;
   VARIABLE_STORE_HEADER   *VariableStoreHeader[VariableStoreTypeMax];
 
@@ -2364,6 +2405,8 @@ VariableServiceGetNextVariableName (
     return EFI_INVALID_PARAMETER;
   }
 
+  AuthFormat = mVariableModuleGlobal->VariableGlobal.AuthFormat;
+
   //
   // Calculate the possible maximum length of name string, including the Null terminator.
   //
@@ -2387,13 +2430,27 @@ VariableServiceGetNextVariableName (
   VariableStoreHeader[VariableStoreTypeHob]      = (VARIABLE_STORE_HEADER *) (UINTN) mVariableModuleGlobal->VariableGlobal.HobVariableBase;
   VariableStoreHeader[VariableStoreTypeNv]       = mNvVariableCache;
 
-  Status = VariableServiceGetNextVariableInternal (VariableName, VendorGuid, VariableStoreHeader, &VariablePtr);
+  Status =  VariableServiceGetNextVariableInternal (
+              VariableName,
+              VendorGuid,
+              VariableStoreHeader,
+              &VariablePtr,
+              AuthFormat
+              );
   if (!EFI_ERROR (Status)) {
-    VarNameSize = NameSizeOfVariable (VariablePtr);
+    VarNameSize = NameSizeOfVariable (VariablePtr, AuthFormat);
     ASSERT (VarNameSize != 0);
     if (VarNameSize <= *VariableNameSize) {
-      CopyMem (VariableName, GetVariableNamePtr (VariablePtr), VarNameSize);
-      CopyMem (VendorGuid, GetVendorGuidPtr (VariablePtr), sizeof (EFI_GUID));
+      CopyMem (
+        VariableName,
+        GetVariableNamePtr (VariablePtr, AuthFormat),
+        VarNameSize
+        );
+      CopyMem (
+        VendorGuid,
+        GetVendorGuidPtr (VariablePtr, AuthFormat),
+        sizeof (EFI_GUID)
+        );
       Status = EFI_SUCCESS;
     } else {
       Status = EFI_BUFFER_TOO_SMALL;
@@ -2446,6 +2503,9 @@ VariableServiceSetVariable (
   VARIABLE_HEADER                     *NextVariable;
   EFI_PHYSICAL_ADDRESS                Point;
   UINTN                               PayloadSize;
+  BOOLEAN                             AuthFormat;
+
+  AuthFormat = mVariableModuleGlobal->VariableGlobal.AuthFormat;
 
   //
   // Check input parameters.
@@ -2544,7 +2604,8 @@ VariableServiceSetVariable (
   //  bytes for HwErrRec#### variable.
   //
   if ((Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
-    if (StrSize (VariableName) + PayloadSize > PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ()) {
+    if (StrSize (VariableName) + PayloadSize >
+        PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize (AuthFormat)) {
       return EFI_INVALID_PARAMETER;
     }
   } else {
@@ -2553,7 +2614,9 @@ VariableServiceSetVariable (
     //  the DataSize is limited to maximum size of Max(Auth|Volatile)VariableSize bytes.
     //
     if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {
-      if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ()) {
+      if (StrSize (VariableName) + PayloadSize >
+          mVariableModuleGlobal->MaxAuthVariableSize -
+          GetVariableHeaderSize (AuthFormat)) {
         DEBUG ((DEBUG_ERROR,
           "%a: Failed to set variable '%s' with Guid %g\n",
           __FUNCTION__, VariableName, VendorGuid));
@@ -2562,12 +2625,13 @@ VariableServiceSetVariable (
           "MaxAuthVariableSize(0x%x) - HeaderSize(0x%x)\n",
           StrSize (VariableName), PayloadSize,
           mVariableModuleGlobal->MaxAuthVariableSize,
-          GetVariableHeaderSize ()
+          GetVariableHeaderSize (AuthFormat)
           ));
         return EFI_INVALID_PARAMETER;
       }
     } else if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {
-      if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxVariableSize - GetVariableHeaderSize ()) {
+      if (StrSize (VariableName) + PayloadSize >
+          mVariableModuleGlobal->MaxVariableSize - GetVariableHeaderSize (AuthFormat)) {
         DEBUG ((DEBUG_ERROR,
           "%a: Failed to set variable '%s' with Guid %g\n",
           __FUNCTION__, VariableName, VendorGuid));
@@ -2576,12 +2640,13 @@ VariableServiceSetVariable (
           "MaxVariableSize(0x%x) - HeaderSize(0x%x)\n",
           StrSize (VariableName), PayloadSize,
           mVariableModuleGlobal->MaxVariableSize,
-          GetVariableHeaderSize ()
+          GetVariableHeaderSize (AuthFormat)
           ));
         return EFI_INVALID_PARAMETER;
       }
     } else {
-      if (StrSize (VariableName) + PayloadSize > mVariableModuleGlobal->MaxVolatileVariableSize - GetVariableHeaderSize ()) {
+      if (StrSize (VariableName) + PayloadSize >
+          mVariableModuleGlobal->MaxVolatileVariableSize - GetVariableHeaderSize (AuthFormat)) {
         DEBUG ((DEBUG_ERROR,
           "%a: Failed to set variable '%s' with Guid %g\n",
           __FUNCTION__, VariableName, VendorGuid));
@@ -2590,7 +2655,7 @@ VariableServiceSetVariable (
           "MaxVolatileVariableSize(0x%x) - HeaderSize(0x%x)\n",
           StrSize (VariableName), PayloadSize,
           mVariableModuleGlobal->MaxVolatileVariableSize,
-          GetVariableHeaderSize ()
+          GetVariableHeaderSize (AuthFormat)
           ));
         return EFI_INVALID_PARAMETER;
       }
@@ -2629,7 +2694,7 @@ VariableServiceSetVariable (
     //
     NextVariable  = GetStartPointer ((VARIABLE_STORE_HEADER *) (UINTN) Point);
     while (IsValidVariableHeader (NextVariable, GetEndPointer ((VARIABLE_STORE_HEADER *) (UINTN) Point))) {
-      NextVariable = GetNextVariablePtr (NextVariable);
+      NextVariable = GetNextVariablePtr (NextVariable, AuthFormat);
     }
     mVariableModuleGlobal->NonVolatileLastVariableOffset = (UINTN) NextVariable - (UINTN) Point;
   }
@@ -2754,7 +2819,8 @@ VariableServiceQueryVariableInfoInternal (
   //
   if ((Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
     *MaximumVariableStorageSize = PcdGet32 (PcdHwErrStorageSize);
-    *MaximumVariableSize = PcdGet32 (PcdMaxHardwareErrorVariableSize) - GetVariableHeaderSize ();
+    *MaximumVariableSize =  PcdGet32 (PcdMaxHardwareErrorVariableSize) -
+                              GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
   } else {
     if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {
       if (AtRuntime ()) {
@@ -2768,11 +2834,14 @@ VariableServiceQueryVariableInfoInternal (
     // Let *MaximumVariableSize be Max(Auth|Volatile)VariableSize with the exception of the variable header size.
     //
     if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {
-      *MaximumVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();
+      *MaximumVariableSize =  mVariableModuleGlobal->MaxAuthVariableSize -
+                                GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
     } else if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {
-      *MaximumVariableSize = mVariableModuleGlobal->MaxVariableSize - GetVariableHeaderSize ();
+      *MaximumVariableSize =  mVariableModuleGlobal->MaxVariableSize -
+                                GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
     } else {
-      *MaximumVariableSize = mVariableModuleGlobal->MaxVolatileVariableSize - GetVariableHeaderSize ();
+      *MaximumVariableSize =   mVariableModuleGlobal->MaxVolatileVariableSize -
+                                GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
     }
   }
 
@@ -2785,7 +2854,7 @@ VariableServiceQueryVariableInfoInternal (
   // Now walk through the related variable store.
   //
   while (IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))) {
-    NextVariable = GetNextVariablePtr (Variable);
+    NextVariable = GetNextVariablePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat);
     VariableSize = (UINT64) (UINTN) NextVariable - (UINT64) (UINTN) Variable;
 
     if (AtRuntime ()) {
@@ -2820,10 +2889,11 @@ VariableServiceQueryVariableInfoInternal (
         VariablePtrTrack.StartPtr = GetStartPointer (VariableStoreHeader);
         VariablePtrTrack.EndPtr   = GetEndPointer   (VariableStoreHeader);
         Status = FindVariableEx (
-                   GetVariableNamePtr (Variable),
-                   GetVendorGuidPtr (Variable),
+                   GetVariableNamePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+                   GetVendorGuidPtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat),
                    FALSE,
-                   &VariablePtrTrack
+                   &VariablePtrTrack,
+                   mVariableModuleGlobal->VariableGlobal.AuthFormat
                    );
         if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State != VAR_ADDED) {
           if ((Variable->Attributes & EFI_VARIABLE_HARDWARE_ERROR_RECORD) == EFI_VARIABLE_HARDWARE_ERROR_RECORD) {
@@ -2851,10 +2921,13 @@ VariableServiceQueryVariableInfoInternal (
     }
   }
 
-  if (*RemainingVariableStorageSize < GetVariableHeaderSize ()) {
+  if (*RemainingVariableStorageSize < GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat)) {
     *MaximumVariableSize = 0;
-  } else if ((*RemainingVariableStorageSize - GetVariableHeaderSize ()) < *MaximumVariableSize) {
-    *MaximumVariableSize = *RemainingVariableStorageSize - GetVariableHeaderSize ();
+  } else if ((*RemainingVariableStorageSize - GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat)) <
+              *MaximumVariableSize
+              ) {
+    *MaximumVariableSize = *RemainingVariableStorageSize -
+                             GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
   }
 
   return EFI_SUCCESS;
@@ -3331,7 +3404,7 @@ InitNonVolatileVariableStore (
   //
   Variable  = GetStartPointer (mNvVariableCache);
   while (IsValidVariableHeader (Variable, GetEndPointer (mNvVariableCache))) {
-    NextVariable = GetNextVariablePtr (Variable);
+    NextVariable = GetNextVariablePtr (Variable, mVariableModuleGlobal->VariableGlobal.AuthFormat);
     VariableSize = (UINTN) NextVariable - (UINTN) Variable;
     if ((Variable->Attributes & (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) == (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_HARDWARE_ERROR_RECORD)) {
       mVariableModuleGlobal->HwErrVariableTotalSize += VariableSize;
@@ -3365,8 +3438,10 @@ FlushHobVariableToFlash (
   VOID                          *VariableData;
   VARIABLE_POINTER_TRACK        VariablePtrTrack;
   BOOLEAN                       ErrorFlag;
+  BOOLEAN                       AuthFormat;
 
   ErrorFlag = FALSE;
+  AuthFormat = mVariableModuleGlobal->VariableGlobal.AuthFormat;
 
   //
   // Flush the HOB variable to flash.
@@ -3379,7 +3454,7 @@ FlushHobVariableToFlash (
     mVariableModuleGlobal->VariableGlobal.HobVariableBase = 0;
     for ( Variable = GetStartPointer (VariableStoreHeader)
         ; IsValidVariableHeader (Variable, GetEndPointer (VariableStoreHeader))
-        ; Variable = GetNextVariablePtr (Variable)
+        ; Variable = GetNextVariablePtr (Variable, AuthFormat)
         ) {
       if (Variable->State != VAR_ADDED) {
         //
@@ -3389,22 +3464,33 @@ FlushHobVariableToFlash (
       }
       ASSERT ((Variable->Attributes & EFI_VARIABLE_NON_VOLATILE) != 0);
       if (VendorGuid == NULL || VariableName == NULL ||
-          !CompareGuid (VendorGuid, GetVendorGuidPtr (Variable)) ||
-          StrCmp (VariableName, GetVariableNamePtr (Variable)) != 0) {
-        VariableData = GetVariableDataPtr (Variable);
-        FindVariable (GetVariableNamePtr (Variable), GetVendorGuidPtr (Variable), &VariablePtrTrack, &mVariableModuleGlobal->VariableGlobal, FALSE);
+          !CompareGuid (VendorGuid, GetVendorGuidPtr (Variable, AuthFormat)) ||
+          StrCmp (VariableName, GetVariableNamePtr (Variable, AuthFormat)) != 0) {
+        VariableData = GetVariableDataPtr (Variable, AuthFormat);
+        FindVariable (
+          GetVariableNamePtr (Variable, AuthFormat),
+          GetVendorGuidPtr (Variable, AuthFormat),
+          &VariablePtrTrack,
+          &mVariableModuleGlobal->VariableGlobal, FALSE
+          );
         Status = UpdateVariable (
-                   GetVariableNamePtr (Variable),
-                   GetVendorGuidPtr (Variable),
+                   GetVariableNamePtr (Variable, AuthFormat),
+                   GetVendorGuidPtr (Variable, AuthFormat),
                    VariableData,
-                   DataSizeOfVariable (Variable),
+                   DataSizeOfVariable (Variable, AuthFormat),
                    Variable->Attributes,
                    0,
                    0,
                    &VariablePtrTrack,
                    NULL
                  );
-        DEBUG ((EFI_D_INFO, "Variable driver flush the HOB variable to flash: %g %s %r\n", GetVendorGuidPtr (Variable), GetVariableNamePtr (Variable), Status));
+        DEBUG ((
+          DEBUG_INFO,
+          "Variable driver flush the HOB variable to flash: %g %s %r\n",
+          GetVendorGuidPtr (Variable, AuthFormat),
+          GetVariableNamePtr (Variable, AuthFormat),
+          Status
+          ));
       } else {
         //
         // The updated or deleted variable is matched with this HOB variable.
@@ -3418,7 +3504,12 @@ FlushHobVariableToFlash (
         // If set variable successful, or the updated or deleted variable is matched with the HOB variable,
         // set the HOB variable to DELETED state in local.
         //
-        DEBUG ((EFI_D_INFO, "Variable driver set the HOB variable to DELETED state in local: %g %s\n", GetVendorGuidPtr (Variable), GetVariableNamePtr (Variable)));
+        DEBUG ((
+          DEBUG_INFO,
+          "Variable driver set the HOB variable to DELETED state in local: %g %s\n",
+          GetVendorGuidPtr (Variable, AuthFormat),
+          GetVariableNamePtr (Variable, AuthFormat)
+          ));
         Variable->State &= VAR_DELETED;
       } else {
         ErrorFlag = TRUE;
@@ -3495,7 +3586,8 @@ VariableWriteServiceInitialize (
     // Authenticated variable initialize.
     //
     mAuthContextIn.StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_IN);
-    mAuthContextIn.MaxAuthVariableSize = mVariableModuleGlobal->MaxAuthVariableSize - GetVariableHeaderSize ();
+    mAuthContextIn.MaxAuthVariableSize =  mVariableModuleGlobal->MaxAuthVariableSize -
+                                            GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
     Status = AuthVariableLibInitialize (&mAuthContextIn, &mAuthContextOut);
     if (!EFI_ERROR (Status)) {
       DEBUG ((EFI_D_INFO, "Variable driver will work with auth variable support!\n"));
@@ -3574,7 +3666,7 @@ ConvertNormalVarStorageToAuthVarStorage (
       AuthVarStroageSize += StartPtr->NameSize + GET_PAD_SIZE (StartPtr->NameSize);
       AuthVarStroageSize += StartPtr->DataSize + GET_PAD_SIZE (StartPtr->DataSize);
     }
-    StartPtr  = GetNextVariablePtr (StartPtr);
+    StartPtr  = GetNextVariablePtr (StartPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
   }
 
   //
@@ -3608,18 +3700,22 @@ ConvertNormalVarStorageToAuthVarStorage (
       // Copy Variable Name
       //
       NextPtr = (UINT8 *) (AuthStartPtr + 1);
-      CopyMem (NextPtr, GetVariableNamePtr (StartPtr), AuthStartPtr->NameSize);
+      CopyMem (
+        NextPtr,
+        GetVariableNamePtr (StartPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat),
+        AuthStartPtr->NameSize
+        );
       //
       // Copy Variable Data
       //
       NextPtr = NextPtr + AuthStartPtr->NameSize + GET_PAD_SIZE (AuthStartPtr->NameSize);
-      CopyMem (NextPtr, GetVariableDataPtr (StartPtr), AuthStartPtr->DataSize);
+      CopyMem (NextPtr, GetVariableDataPtr (StartPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat), AuthStartPtr->DataSize);
       //
       // Go to next variable
       //
       AuthStartPtr = (AUTHENTICATED_VARIABLE_HEADER *) (NextPtr + AuthStartPtr->DataSize + GET_PAD_SIZE (AuthStartPtr->DataSize));
     }
-    StartPtr = GetNextVariablePtr (StartPtr);
+    StartPtr = GetNextVariablePtr (StartPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
   }
   //
   // Update Auth Storage Header
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
index c787ddba5b..e865a089d1 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableExLib.c
@@ -56,8 +56,8 @@ VariableExLibFindVariable (
     return Status;
   }
 
-  AuthVariableInfo->DataSize        = DataSizeOfVariable (Variable.CurrPtr);
-  AuthVariableInfo->Data            = GetVariableDataPtr (Variable.CurrPtr);
+  AuthVariableInfo->DataSize        = DataSizeOfVariable (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+  AuthVariableInfo->Data            = GetVariableDataPtr (Variable.CurrPtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
   AuthVariableInfo->Attributes      = Variable.CurrPtr->Attributes;
   if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
     AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable.CurrPtr;
@@ -108,7 +108,8 @@ VariableExLibFindNextVariable (
              VariableName,
              VendorGuid,
              VariableStoreHeader,
-             &VariablePtr
+             &VariablePtr,
+             mVariableModuleGlobal->VariableGlobal.AuthFormat
              );
   if (EFI_ERROR (Status)) {
     AuthVariableInfo->VariableName = NULL;
@@ -122,10 +123,10 @@ VariableExLibFindNextVariable (
     return Status;
   }
 
-  AuthVariableInfo->VariableName    = GetVariableNamePtr (VariablePtr);
-  AuthVariableInfo->VendorGuid      = GetVendorGuidPtr (VariablePtr);
-  AuthVariableInfo->DataSize        = DataSizeOfVariable (VariablePtr);
-  AuthVariableInfo->Data            = GetVariableDataPtr (VariablePtr);
+  AuthVariableInfo->VariableName    = GetVariableNamePtr (VariablePtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+  AuthVariableInfo->VendorGuid      = GetVendorGuidPtr (VariablePtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+  AuthVariableInfo->DataSize        = DataSizeOfVariable (VariablePtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
+  AuthVariableInfo->Data            = GetVariableDataPtr (VariablePtr, mVariableModuleGlobal->VariableGlobal.AuthFormat);
   AuthVariableInfo->Attributes      = VariablePtr->Attributes;
   if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
     AuthVariablePtr = (AUTHENTICATED_VARIABLE_HEADER *) VariablePtr;
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
index 870c9e3742..d458f1c608 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableParsing.c
@@ -78,17 +78,20 @@ GetVariableStoreStatus (
 /**
   This code gets the size of variable header.
 
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
+
   @return Size of variable header in bytes in type UINTN.
 
 **/
 UINTN
 GetVariableHeaderSize (
-  VOID
+  IN  BOOLEAN   AuthFormat
   )
 {
   UINTN Value;
 
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     Value = sizeof (AUTHENTICATED_VARIABLE_HEADER);
   } else {
     Value = sizeof (VARIABLE_HEADER);
@@ -101,20 +104,23 @@ GetVariableHeaderSize (
 
   This code gets the size of name of variable.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in]  Variable      Pointer to the variable header.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
   @return UINTN          Size of variable in bytes.
 
 **/
 UINTN
 NameSizeOfVariable (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   )
 {
   AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
 
   AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     if (AuthVariable->State == (UINT8) (-1) ||
        AuthVariable->DataSize == (UINT32) (-1) ||
        AuthVariable->NameSize == (UINT32) (-1) ||
@@ -136,20 +142,23 @@ NameSizeOfVariable (
 /**
   This code sets the size of name of variable.
 
-  @param[in] Variable   Pointer to the Variable Header.
-  @param[in] NameSize   Name size to set.
+  @param[in]  Variable      Pointer to the Variable Header.
+  @param[in]  NameSize      Name size to set.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
 **/
 VOID
 SetNameSizeOfVariable (
   IN VARIABLE_HEADER    *Variable,
-  IN UINTN              NameSize
+  IN UINTN              NameSize,
+  IN BOOLEAN            AuthFormat
   )
 {
   AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
 
   AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     AuthVariable->NameSize = (UINT32) NameSize;
   } else {
     Variable->NameSize = (UINT32) NameSize;
@@ -160,20 +169,23 @@ SetNameSizeOfVariable (
 
   This code gets the size of variable data.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in]  Variable      Pointer to the Variable Header.
+  @param[in]  AuthFormat    TRUE indicates authenticated variables are used.
+                            FALSE indicates authenticated variables are not used.
 
   @return Size of variable in bytes.
 
 **/
 UINTN
 DataSizeOfVariable (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   )
 {
   AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
 
   AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     if (AuthVariable->State == (UINT8) (-1) ||
        AuthVariable->DataSize == (UINT32) (-1) ||
        AuthVariable->NameSize == (UINT32) (-1) ||
@@ -197,18 +209,21 @@ DataSizeOfVariable (
 
   @param[in] Variable   Pointer to the Variable Header.
   @param[in] DataSize   Data size to set.
+  @param[in] AuthFormat TRUE indicates authenticated variables are used.
+                        FALSE indicates authenticated variables are not used.
 
 **/
 VOID
 SetDataSizeOfVariable (
-  IN VARIABLE_HEADER    *Variable,
-  IN UINTN              DataSize
+  IN  VARIABLE_HEADER   *Variable,
+  IN  UINTN             DataSize,
+  IN  BOOLEAN           AuthFormat
   )
 {
   AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
 
   AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     AuthVariable->DataSize = (UINT32) DataSize;
   } else {
     Variable->DataSize = (UINT32) DataSize;
@@ -219,36 +234,42 @@ SetDataSizeOfVariable (
 
   This code gets the pointer to the variable name.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to Variable Name which is Unicode encoding.
 
 **/
 CHAR16 *
 GetVariableNamePtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   )
 {
-  return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize ());
+  return (CHAR16 *) ((UINTN) Variable + GetVariableHeaderSize (AuthFormat));
 }
 
 /**
   This code gets the pointer to the variable guid.
 
-  @param Variable   Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return A EFI_GUID* pointer to Vendor Guid.
 
 **/
 EFI_GUID *
 GetVendorGuidPtr (
-  IN VARIABLE_HEADER    *Variable
+  IN  VARIABLE_HEADER    *Variable,
+  IN  BOOLEAN            AuthFormat
   )
 {
   AUTHENTICATED_VARIABLE_HEADER *AuthVariable;
 
   AuthVariable = (AUTHENTICATED_VARIABLE_HEADER *) Variable;
-  if (mVariableModuleGlobal->VariableGlobal.AuthFormat) {
+  if (AuthFormat) {
     return &AuthVariable->VendorGuid;
   } else {
     return &Variable->VendorGuid;
@@ -259,14 +280,17 @@ GetVendorGuidPtr (
 
   This code gets the pointer to the variable data.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to Variable Data.
 
 **/
 UINT8 *
 GetVariableDataPtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER    *Variable,
+  IN  BOOLEAN            AuthFormat
   )
 {
   UINTN Value;
@@ -274,9 +298,9 @@ GetVariableDataPtr (
   //
   // Be careful about pad size for alignment.
   //
-  Value =  (UINTN) GetVariableNamePtr (Variable);
-  Value += NameSizeOfVariable (Variable);
-  Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
+  Value =  (UINTN) GetVariableNamePtr (Variable, AuthFormat);
+  Value += NameSizeOfVariable (Variable, AuthFormat);
+  Value += GET_PAD_SIZE (NameSizeOfVariable (Variable, AuthFormat));
 
   return (UINT8 *) Value;
 }
@@ -284,14 +308,17 @@ GetVariableDataPtr (
 /**
   This code gets the variable data offset related to variable header.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Variable Data offset.
 
 **/
 UINTN
 GetVariableDataOffset (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   )
 {
   UINTN Value;
@@ -299,9 +326,9 @@ GetVariableDataOffset (
   //
   // Be careful about pad size for alignment
   //
-  Value = GetVariableHeaderSize ();
-  Value += NameSizeOfVariable (Variable);
-  Value += GET_PAD_SIZE (NameSizeOfVariable (Variable));
+  Value = GetVariableHeaderSize (AuthFormat);
+  Value += NameSizeOfVariable (Variable, AuthFormat);
+  Value += GET_PAD_SIZE (NameSizeOfVariable (Variable, AuthFormat));
 
   return Value;
 }
@@ -310,21 +337,24 @@ GetVariableDataOffset (
 
   This code gets the pointer to the next variable header.
 
-  @param Variable        Pointer to the Variable Header.
+  @param[in] Variable     Pointer to the Variable Header.
+  @param[in] AuthFormat   TRUE indicates authenticated variables are used.
+                          FALSE indicates authenticated variables are not used.
 
   @return Pointer to next variable header.
 
 **/
 VARIABLE_HEADER *
 GetNextVariablePtr (
-  IN  VARIABLE_HEADER   *Variable
+  IN  VARIABLE_HEADER   *Variable,
+  IN  BOOLEAN           AuthFormat
   )
 {
   UINTN Value;
 
-  Value =  (UINTN) GetVariableDataPtr (Variable);
-  Value += DataSizeOfVariable (Variable);
-  Value += GET_PAD_SIZE (DataSizeOfVariable (Variable));
+  Value =  (UINTN) GetVariableDataPtr (Variable, AuthFormat);
+  Value += DataSizeOfVariable (Variable, AuthFormat);
+  Value += GET_PAD_SIZE (DataSizeOfVariable (Variable, AuthFormat));
 
   //
   // Be careful about pad size for alignment.
@@ -415,6 +445,8 @@ VariableCompareTimeStampInternal (
   @param[in]       IgnoreRtCheck       Ignore EFI_VARIABLE_RUNTIME_ACCESS attribute
                                        check at runtime when searching variable.
   @param[in, out]  PtrTrack            Variable Track Pointer structure that contains Variable Information.
+  @param[in]       AuthFormat          TRUE indicates authenticated variables are used.
+                                       FALSE indicates authenticated variables are not used.
 
   @retval          EFI_SUCCESS         Variable found successfully
   @retval          EFI_NOT_FOUND       Variable not found
@@ -424,7 +456,8 @@ FindVariableEx (
   IN     CHAR16                  *VariableName,
   IN     EFI_GUID                *VendorGuid,
   IN     BOOLEAN                 IgnoreRtCheck,
-  IN OUT VARIABLE_POINTER_TRACK  *PtrTrack
+  IN OUT VARIABLE_POINTER_TRACK  *PtrTrack,
+  IN     BOOLEAN                 AuthFormat
   )
 {
   VARIABLE_HEADER                *InDeletedVariable;
@@ -439,7 +472,7 @@ FindVariableEx (
 
   for ( PtrTrack->CurrPtr = PtrTrack->StartPtr
       ; IsValidVariableHeader (PtrTrack->CurrPtr, PtrTrack->EndPtr)
-      ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr)
+      ; PtrTrack->CurrPtr = GetNextVariablePtr (PtrTrack->CurrPtr, AuthFormat)
       ) {
     if (PtrTrack->CurrPtr->State == VAR_ADDED ||
         PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)
@@ -453,11 +486,11 @@ FindVariableEx (
             return EFI_SUCCESS;
           }
         } else {
-          if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr))) {
-            Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr);
+          if (CompareGuid (VendorGuid, GetVendorGuidPtr (PtrTrack->CurrPtr, AuthFormat))) {
+            Point = (VOID *) GetVariableNamePtr (PtrTrack->CurrPtr, AuthFormat);
 
-            ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr) != 0);
-            if (CompareMem (VariableName, Point, NameSizeOfVariable (PtrTrack->CurrPtr)) == 0) {
+            ASSERT (NameSizeOfVariable (PtrTrack->CurrPtr, AuthFormat) != 0);
+            if (CompareMem (VariableName, Point, NameSizeOfVariable (PtrTrack->CurrPtr, AuthFormat)) == 0) {
               if (PtrTrack->CurrPtr->State == (VAR_IN_DELETED_TRANSITION & VAR_ADDED)) {
                 InDeletedVariable     = PtrTrack->CurrPtr;
               } else {
@@ -486,6 +519,8 @@ FindVariableEx (
   @param[in]  VariableStoreList A list of variable stores that should be used to get the next variable.
                                 The maximum number of entries is the max value of VARIABLE_STORE_TYPE.
   @param[out] VariablePtr       Pointer to variable header address.
+  @param[in]  AuthFormat        TRUE indicates authenticated variables are used.
+                                FALSE indicates authenticated variables are not used.
 
   @retval EFI_SUCCESS           The function completed successfully.
   @retval EFI_NOT_FOUND         The next variable was not found.
@@ -500,7 +535,8 @@ VariableServiceGetNextVariableInternal (
   IN  CHAR16                *VariableName,
   IN  EFI_GUID              *VendorGuid,
   IN  VARIABLE_STORE_HEADER **VariableStoreList,
-  OUT VARIABLE_HEADER       **VariablePtr
+  OUT VARIABLE_HEADER       **VariablePtr,
+  IN  BOOLEAN               AuthFormat
   )
 {
   EFI_STATUS              Status;
@@ -525,7 +561,7 @@ VariableServiceGetNextVariableInternal (
     Variable.EndPtr   = GetEndPointer   (VariableStoreList[StoreType]);
     Variable.Volatile = (BOOLEAN) (StoreType == VariableStoreTypeVolatile);
 
-    Status = FindVariableEx (VariableName, VendorGuid, FALSE, &Variable);
+    Status = FindVariableEx (VariableName, VendorGuid, FALSE, &Variable, AuthFormat);
     if (!EFI_ERROR (Status)) {
       break;
     }
@@ -552,7 +588,7 @@ VariableServiceGetNextVariableInternal (
     //
     // If variable name is not empty, get next variable.
     //
-    Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+    Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr, AuthFormat);
   }
 
   while (TRUE) {
@@ -605,13 +641,14 @@ VariableServiceGetNextVariableInternal (
           VariablePtrTrack.StartPtr = Variable.StartPtr;
           VariablePtrTrack.EndPtr = Variable.EndPtr;
           Status = FindVariableEx (
-                     GetVariableNamePtr (Variable.CurrPtr),
-                     GetVendorGuidPtr (Variable.CurrPtr),
+                     GetVariableNamePtr (Variable.CurrPtr, AuthFormat),
+                     GetVendorGuidPtr (Variable.CurrPtr, AuthFormat),
                      FALSE,
-                     &VariablePtrTrack
+                     &VariablePtrTrack,
+                     AuthFormat
                      );
           if (!EFI_ERROR (Status) && VariablePtrTrack.CurrPtr->State == VAR_ADDED) {
-            Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+            Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr, AuthFormat);
             continue;
           }
         }
@@ -625,13 +662,14 @@ VariableServiceGetNextVariableInternal (
           VariableInHob.StartPtr = GetStartPointer (VariableStoreList[VariableStoreTypeHob]);
           VariableInHob.EndPtr   = GetEndPointer   (VariableStoreList[VariableStoreTypeHob]);
           Status = FindVariableEx (
-                     GetVariableNamePtr (Variable.CurrPtr),
-                     GetVendorGuidPtr (Variable.CurrPtr),
+                     GetVariableNamePtr (Variable.CurrPtr, AuthFormat),
+                     GetVendorGuidPtr (Variable.CurrPtr, AuthFormat),
                      FALSE,
-                     &VariableInHob
+                     &VariableInHob,
+                     AuthFormat
                      );
           if (!EFI_ERROR (Status)) {
-            Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+            Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr, AuthFormat);
             continue;
           }
         }
@@ -642,7 +680,7 @@ VariableServiceGetNextVariableInternal (
       }
     }
 
-    Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr);
+    Variable.CurrPtr = GetNextVariablePtr (Variable.CurrPtr, AuthFormat);
   }
 
 Done:
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
index ce409f22a3..5e24bc4a62 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.c
@@ -975,8 +975,9 @@ MmVariableServiceInitialize (
                     );
   ASSERT_EFI_ERROR (Status);
 
-  mVariableBufferPayloadSize = GetMaxVariableSize () +
-                               OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) - GetVariableHeaderSize ();
+  mVariableBufferPayloadSize =  GetMaxVariableSize () +
+                                  OFFSET_OF (SMM_VARIABLE_COMMUNICATE_VAR_CHECK_VARIABLE_PROPERTY, Name) -
+                                  GetVariableHeaderSize (mVariableModuleGlobal->VariableGlobal.AuthFormat);
 
   Status = gMmst->MmAllocatePool (
                     EfiRuntimeServicesData,
-- 
2.16.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49725): https://edk2.groups.io/g/devel/message/49725
Mute This Topic: https://groups.io/mt/40103019/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-