1. Patchew
  2. EDK2
  3. [edk2-devel] [PATCH edk2-platforms 00/15] arm platform fixes triggered by VariablePolicy
  4. View patch

[edk2-devel] [PATCH edk2-platforms 14/15] Platform/SocioNext: add VariablePolicy resolutions

Leif Lindholm posted 15 patches 5 years, 2 months ago
[edk2-devel] [PATCH edk2-platforms 14/15] Platform/SocioNext: add VariablePolicy resolutions
Posted by Leif Lindholm 5 years, 2 months ago 
Add resolutions for
- VariablePolicyLib
- VariablePolicyHelperLib
- VariablePolicyLib (DXE_RUNTIME_DRIVER)
to DeveloperBox platform.

Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
Signed-off-by: Leif Lindholm <leif@nuviainc.com>
---
 Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
index a459079b1f26..c79792eef0aa 100644
--- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
+++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
@@ -127,6 +127,7 @@ [LibraryClasses.common.UEFI_APPLICATION]
   # UiApp dependencies
   FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
   DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
 
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
@@ -143,6 +144,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
 !if $(TARGET) != RELEASE
   DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
 !endif
+  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
 
 [LibraryClasses.ARM]
  ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
@@ -366,6 +368,7 @@ [Components.common]
       NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
       TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
       VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
+      VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
   }
 !else
   ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf {
-- 
2.20.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67960): https://edk2.groups.io/g/devel/message/67960
Mute This Topic: https://groups.io/mt/78498673/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH edk2-platforms 14/15] Platform/SocioNext: add VariablePolicy resolutions
Posted by Ard Biesheuvel 5 years, 2 months ago 
On 11/25/20 1:55 PM, Leif Lindholm wrote:
> Add resolutions for
> - VariablePolicyLib
> - VariablePolicyHelperLib
> - VariablePolicyLib (DXE_RUNTIME_DRIVER)
> to DeveloperBox platform.
> 
> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> Signed-off-by: Leif Lindholm <leif@nuviainc.com>

Does this unbreak the build of DeveloperBoxMm.dsc as well? If not, we 
should probably drop some of these into the .dsc.in file instead.

> ---
>   Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> index a459079b1f26..c79792eef0aa 100644
> --- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> +++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> @@ -127,6 +127,7 @@ [LibraryClasses.common.UEFI_APPLICATION]
>     # UiApp dependencies
>     FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
>     DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
> +  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
>   
>     ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
>     ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
> @@ -143,6 +144,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
>   !if $(TARGET) != RELEASE
>     DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
>   !endif
> +  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
>   
>   [LibraryClasses.ARM]
>    ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
> @@ -366,6 +368,7 @@ [Components.common]
>         NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
>         TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
>         VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> +      VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
>     }
>   !else
>     ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf {
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67964): https://edk2.groups.io/g/devel/message/67964
Mute This Topic: https://groups.io/mt/78498673/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH edk2-platforms 14/15] Platform/SocioNext: add VariablePolicy resolutions
Posted by Leif Lindholm 5 years, 2 months ago 
On Wed, Nov 25, 2020 at 14:11:00 +0100, Ard Biesheuvel wrote:
> On 11/25/20 1:55 PM, Leif Lindholm wrote:
> > Add resolutions for
> > - VariablePolicyLib
> > - VariablePolicyHelperLib
> > - VariablePolicyLib (DXE_RUNTIME_DRIVER)
> > to DeveloperBox platform.
> > 
> > Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
> > Signed-off-by: Leif Lindholm <leif@nuviainc.com>
> 
> Does this unbreak the build of DeveloperBoxMm.dsc as well?

No. I was unsure of that being pretty much our reference for secure
variable handling, just cargo culting a fix in place was the correct
course of action.

> If not, we should
> probably drop some of these into the .dsc.in file instead.

Unless the above is an issue, sure.

/
    Leif

> > ---
> >   Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 3 +++
> >   1 file changed, 3 insertions(+)
> > 
> > diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> > index a459079b1f26..c79792eef0aa 100644
> > --- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> > +++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> > @@ -127,6 +127,7 @@ [LibraryClasses.common.UEFI_APPLICATION]
> >     # UiApp dependencies
> >     FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
> >     DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
> > +  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.inf
> >     ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
> >     ShellCommandLib|ShellPkg/Library/UefiShellCommandLib/UefiShellCommandLib.inf
> > @@ -143,6 +144,7 @@ [LibraryClasses.common.DXE_RUNTIME_DRIVER]
> >   !if $(TARGET) != RELEASE
> >     DebugLib|MdePkg/Library/DxeRuntimeDebugLibSerialPort/DxeRuntimeDebugLibSerialPort.inf
> >   !endif
> > +  VariablePolicyLib|MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLibRuntimeDxe.inf
> >   [LibraryClasses.ARM]
> >    ArmSoftFloatLib|ArmPkg/Library/ArmSoftFloatLib/ArmSoftFloatLib.inf
> > @@ -366,6 +368,7 @@ [Components.common]
> >         NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
> >         TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
> >         VarCheckLib|MdeModulePkg/Library/VarCheckLib/VarCheckLib.inf
> > +      VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf
> >     }
> >   !else
> >     ArmPkg/Drivers/MmCommunicationDxe/MmCommunication.inf {
> > 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67969): https://edk2.groups.io/g/devel/message/67969
Mute This Topic: https://groups.io/mt/78498673/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH edk2-platforms 14/15] Platform/SocioNext: add VariablePolicy resolutions
Posted by Ard Biesheuvel 5 years, 2 months ago 
On 11/25/20 2:16 PM, Leif Lindholm wrote:
> On Wed, Nov 25, 2020 at 14:11:00 +0100, Ard Biesheuvel wrote:
>> On 11/25/20 1:55 PM, Leif Lindholm wrote:
>>> Add resolutions for
>>> - VariablePolicyLib
>>> - VariablePolicyHelperLib
>>> - VariablePolicyLib (DXE_RUNTIME_DRIVER)
>>> to DeveloperBox platform.
>>>
>>> Cc: Ard Biesheuvel <ard.biesheuvel@arm.com>
>>> Signed-off-by: Leif Lindholm <leif@nuviainc.com>
>>
>> Does this unbreak the build of DeveloperBoxMm.dsc as well?
> 
> No. I was unsure of that being pretty much our reference for secure
> variable handling, just cargo culting a fix in place was the correct
> course of action.
> 
>> If not, we should
>> probably drop some of these into the .dsc.in file instead.
> 
> Unless the above is an issue, sure.
> 

I double checked, and Platform/Socionext/DeveloperBox/DeveloperBoxMm.dsc 
is indeed broken as well, and it needs resolutions of both 
VariablePolicyLib and VariablePolicyHelperLib.

So adding those to [LibraryClasses] in 
Platform/Socionext/DeveloperBox/DeveloperBox.dsc.inc instead of 
elsewhere is probably the best approach here.

With that,

Acked-by: Ard Biesheuvel <ard.biesheuvel@arm.com>




-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67972): https://edk2.groups.io/g/devel/message/67972
Mute This Topic: https://groups.io/mt/78498673/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.