From nobody Mon Feb  9 18:44:01 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12
 as permitted sender) client-ip=66.175.222.12;
 envelope-from=bounce+27952+65507+1787277+3901457@groups.io;
 helo=web01.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)  smtp.mailfrom=bounce+27952+65507+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1600841404; cv=none;
	d=zohomail.com; s=zohoarc;
	b=YpQ052XWyoHpsDM5XloHxvboXIBM5oEZG2xr8LMqnIvvajw7G4CZMCRWiv4yNy2jIrvZ7OUmWzTDo5pR9x7gzdTRJ3gFFG9gWZ/7GPzknJVA2XxyhRzArSue22/mPY3aR5gWFgxBpa3FDFaJnIVoAXnJECn5kT5xIsRo0Hb0D2s=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1600841404;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=p1Z3FA5f3lL9tGwrhmAfuiCR4sRPXCC9NKB0mUaokNM=;
	b=HJEIKlBA8+BB8vpFnS0egCY8MfOUqg5BNgcfFslf67ea1+HU6SFlkNts1z3S8BYpLISlodqhQFsHw6Us9sSuO8i5UEtOkYbPBC6yptWuzShQ7+LgByipK/XOXARoVEhIt0iGe+276fHVGYrNpKwM3APkgTBi+6D1+1Ry8KVs10w=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as
 permitted sender)  smtp.mailfrom=bounce+27952+65507+1787277+3901457@groups.io
Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by
 mx.zohomail.com
	with SMTPS id 1600841404310915.2500606616882;
 Tue, 22 Sep 2020 23:10:04 -0700 (PDT)
Return-Path: <bounce+27952+65507+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 0eaFYY1788612xlpCREebgxi;
 Tue, 22 Sep 2020 23:10:03 -0700
X-Received: from mail-pg1-f170.google.com (mail-pg1-f170.google.com
 [209.85.215.170])
 by mx.groups.io with SMTP id smtpd.web10.6784.1600841403469554657
 for <devel@edk2.groups.io>;
 Tue, 22 Sep 2020 23:10:03 -0700
X-Received: by mail-pg1-f170.google.com with SMTP id y14so3660373pgf.12
        for <devel@edk2.groups.io>; Tue, 22 Sep 2020 23:10:03 -0700 (PDT)
X-Gm-Message-State: jTmex3nYgSFsR37d7hupCFhqx1787277AA=
X-Google-Smtp-Source: 
 ABdhPJx+c3e3QyT+2YK9rbM9X4QzZdPmyYw/waTSZqfX85o4/DPiucbnYyg8SMUbLCtXo3fGzWtvxA==
X-Received: by 2002:a62:7ad0:0:b029:13e:d13d:a12f with SMTP id
 v199-20020a627ad00000b029013ed13da12fmr7233688pfc.23.1600841402672;
        Tue, 22 Sep 2020 23:10:02 -0700 (PDT)
X-Received: from localhost.localdomain (174-21-140-128.tukw.qwest.net.
 [174.21.140.128])
        by smtp.gmail.com with ESMTPSA id
 x4sm16960498pff.57.2020.09.22.23.10.01
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 22 Sep 2020 23:10:01 -0700 (PDT)
From: "Bret Barkelew" <bret@corthon.com>
X-Google-Original-From: Bret Barkelew <bret.barkelew@microsoft.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
	Hao A Wu <hao.a.wu@intel.com>,
	Liming Gao <liming.gao@intel.com>,
	Bret Barkelew <brbarkel@microsoft.com>,
	Dandan Bi <dandan.bi@intel.com>
Subject: [edk2-devel] [PATCH v8 13/14] MdeModulePkg: Drop VarLock from
 RuntimeDxe variable driver
Date: Tue, 22 Sep 2020 23:07:47 -0700
Message-Id: <20200923060748.3795-14-bret.barkelew@microsoft.com>
In-Reply-To: <20200923060748.3795-1-bret.barkelew@microsoft.com>
References: <20200923060748.3795-1-bret.barkelew@microsoft.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <https://edk2.groups.io/g/devel/unsub>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,bret@corthon.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1600841403;
 bh=rwBcFG/54m2jntqVAUZ/gsQp3i9j8/AhBVS63qnTQk8=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=hw2V+v0wgXyb4Bdzo2Vb0w5GxPfTrFRLvuhYdgj41mngIyipR5mPdvtGu8VUXq4K5xs
 Qtf6xkjBramY8PSw6vSU3+/okGb4LoYq6Pt70AmPbEjfyKo0mW83Zv3gxdjG5VT64QmMj
 Dgeq/BFleHT9fAl7ZAAkuMs9HKpmHaeOA/0=
X-ZohoMail-DKIM: pass (identity @groups.io)
Content-Type: text/plain; charset="utf-8"

From: Bret Barkelew <brbarkel@microsoft.com>

https://bugzilla.tianocore.org/show_bug.cgi?id=3D2522

Now that everything should be moved to
VariablePolicy, drop support for the
deprecated VarLock SMI interface and
associated functions from variable RuntimeDxe.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c                  | 4=
9 +-------------
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c | 7=
1 ++++++++++++++++++++
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf      |  =
1 +
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf             |  =
1 +
 MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf    |  =
1 +
 5 files changed, 75 insertions(+), 48 deletions(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c b/MdeMod=
ulePkg/Universal/Variable/RuntimeDxe/VarCheck.c
index f15219df5eb8..486d85b022e1 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VarCheck.c
@@ -3,60 +3,13 @@
   and variable lock protocol based on VarCheckLib.
=20
 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent
=20
 **/
=20
 #include "Variable.h"
=20
-/**
-  Mark a variable that will become read-only after leaving the DXE phase o=
f execution.
-  Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTO=
COL is allowed.
-
-  @param[in] This          The VARIABLE_LOCK_PROTOCOL instance.
-  @param[in] VariableName  A pointer to the variable name that will be mad=
e read-only subsequently.
-  @param[in] VendorGuid    A pointer to the vendor GUID that will be made =
read-only subsequently.
-
-  @retval EFI_SUCCESS           The variable specified by the VariableName=
 and the VendorGuid was marked
-                                as pending to be read-only.
-  @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
-                                Or VariableName is an empty string.
-  @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVE=
NT_GROUP_READY_TO_BOOT has
-                                already been signaled.
-  @retval EFI_OUT_OF_RESOURCES  There is not enough resource to hold the l=
ock request.
-**/
-EFI_STATUS
-EFIAPI
-VariableLockRequestToLock (
-  IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
-  IN       CHAR16                       *VariableName,
-  IN       EFI_GUID                     *VendorGuid
-  )
-{
-  EFI_STATUS                    Status;
-  VAR_CHECK_VARIABLE_PROPERTY   Property;
-
-  AcquireLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab=
leServicesLock);
-
-  Status =3D VarCheckLibVariablePropertyGet (VariableName, VendorGuid, &Pr=
operty);
-  if (!EFI_ERROR (Status)) {
-    Property.Property |=3D VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
-  } else {
-    Property.Revision =3D VAR_CHECK_VARIABLE_PROPERTY_REVISION;
-    Property.Property =3D VAR_CHECK_VARIABLE_PROPERTY_READ_ONLY;
-    Property.Attributes =3D 0;
-    Property.MinSize =3D 1;
-    Property.MaxSize =3D MAX_UINTN;
-  }
-  Status =3D VarCheckLibVariablePropertySet (VariableName, VendorGuid, &Pr=
operty);
-
-  DEBUG ((EFI_D_INFO, "[Variable] Lock: %g:%s %r\n", VendorGuid, VariableN=
ame, Status));
-
-  ReleaseLockOnlyAtBootTime (&mVariableModuleGlobal->VariableGlobal.Variab=
leServicesLock);
-
-  return Status;
-}
-
 /**
   Register SetVariable check handler.
=20
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequest=
ToLock.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestTo=
Lock.c
new file mode 100644
index 000000000000..4aa854aaf260
--- /dev/null
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c
@@ -0,0 +1,71 @@
+/** @file -- VariableLockRequestToLock.c
+Temporary location of the RequestToLock shim code while
+projects are moved to VariablePolicy. Should be removed when deprecated.
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <Uefi.h>
+
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+
+#include <Protocol/VariableLock.h>
+
+#include <Protocol/VariablePolicy.h>
+#include <Library/VariablePolicyLib.h>
+#include <Library/VariablePolicyHelperLib.h>
+
+
+/**
+  DEPRECATED. THIS IS ONLY HERE AS A CONVENIENCE WHILE PORTING.
+  Mark a variable that will become read-only after leaving the DXE phase o=
f execution.
+  Write request coming from SMM environment through EFI_SMM_VARIABLE_PROTO=
COL is allowed.
+
+  @param[in] This          The VARIABLE_LOCK_PROTOCOL instance.
+  @param[in] VariableName  A pointer to the variable name that will be mad=
e read-only subsequently.
+  @param[in] VendorGuid    A pointer to the vendor GUID that will be made =
read-only subsequently.
+
+  @retval EFI_SUCCESS           The variable specified by the VariableName=
 and the VendorGuid was marked
+                                as pending to be read-only.
+  @retval EFI_INVALID_PARAMETER VariableName or VendorGuid is NULL.
+                                Or VariableName is an empty string.
+  @retval EFI_ACCESS_DENIED     EFI_END_OF_DXE_EVENT_GROUP_GUID or EFI_EVE=
NT_GROUP_READY_TO_BOOT has
+                                already been signaled.
+  @retval EFI_OUT_OF_RESOURCES  There is not enough resource to hold the l=
ock request.
+**/
+EFI_STATUS
+EFIAPI
+VariableLockRequestToLock (
+  IN CONST EDKII_VARIABLE_LOCK_PROTOCOL *This,
+  IN       CHAR16                       *VariableName,
+  IN       EFI_GUID                     *VendorGuid
+  )
+{
+  EFI_STATUS              Status;
+  VARIABLE_POLICY_ENTRY   *NewPolicy;
+
+  NewPolicy =3D NULL;
+  Status =3D CreateBasicVariablePolicy( VendorGuid,
+                                      VariableName,
+                                      VARIABLE_POLICY_NO_MIN_SIZE,
+                                      VARIABLE_POLICY_NO_MAX_SIZE,
+                                      VARIABLE_POLICY_NO_MUST_ATTR,
+                                      VARIABLE_POLICY_NO_CANT_ATTR,
+                                      VARIABLE_POLICY_TYPE_LOCK_NOW,
+                                      &NewPolicy );
+  if (!EFI_ERROR( Status )) {
+    Status =3D RegisterVariablePolicy( NewPolicy );
+  }
+  if (EFI_ERROR( Status )) {
+    DEBUG(( DEBUG_ERROR, "%a - Failed to lock variable %s! %r\n", __FUNCTI=
ON__, VariableName, Status ));
+    ASSERT_EFI_ERROR( Status );
+  }
+  if (NewPolicy !=3D NULL) {
+    FreePool( NewPolicy );
+  }
+
+  return Status;
+}
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.=
inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 8debc560e6dc..c9434df631ee 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -49,6 +49,7 @@ [Sources]
   VarCheck.c
   VariableExLib.c
   SpeculationBarrierDxe.c
+  VariableLockRequestToLock.c
=20
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf b/M=
deModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
index bbc8d2080193..eaa97a01c6e5 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmm.inf
@@ -58,6 +58,7 @@ [Sources]
   VariableExLib.c
   TcgMorLockSmm.c
   SpeculationBarrierSmm.c
+  VariableLockRequestToLock.c
=20
 [Packages]
   MdePkg/MdePkg.dec
diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneM=
m.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
index 62f2f9252f43..fada0bf3c57f 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableStandaloneMm.inf
@@ -58,6 +58,7 @@ [Sources]
   VariableExLib.c
   TcgMorLockSmm.c
   SpeculationBarrierSmm.c
+  VariableLockRequestToLock.c
=20
 [Packages]
   MdePkg/MdePkg.dec
--=20
2.28.0.windows.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#65507): https://edk2.groups.io/g/devel/message/65507
Mute This Topic: https://groups.io/mt/77029633/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-