From nobody Tue Feb 10 04:16:43 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+76463+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+76463+1787277+3901457@groups.io ARC-Seal: i=1; a=rsa-sha256; t=1623663836; cv=none; d=zohomail.com; s=zohoarc; b=gfi5wN2AvAWyMeyOqip+lHQPa+FsAPUQBzJDcl3PfDXC+02AghbMIESOOa0gvqiZfk1UE30vKgZTIl0I0d/XP60y3ef52Ur7duVqkL810jv6UNwvEpIzR1NYQGAaj146PVmnrJ5loOOW6p7MFZPs/9h8ZE6td88OHpK/PDUcBqw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1623663836; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=yYtPNEHpY03HUQyWrQtq1NdPXMQw5wCslocq50vqVEs=; b=KS/yqTwDzvLqKmRRa5BajXLcfri9DrldzGw/XakrBXhbzgvGaJWggFkTQIQwTsR29+AW9dZSzZ/dcOLQ4aaYJNR/vPd9La0E1R0c9QSNbDV0eZVeVzK2k1jIrMA6+1zFWOOKR2UGllR1lN6LdRUcxy0V+Nyhe5xzRDUaCZl/7MM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+76463+1787277+3901457@groups.io Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1623663836008637.657265728425; Mon, 14 Jun 2021 02:43:56 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id UBUbYY1788612xLtsLnPVQyE; Mon, 14 Jun 2021 02:43:54 -0700 X-Received: from mail-lj1-f170.google.com (mail-lj1-f170.google.com [209.85.208.170]) by mx.groups.io with SMTP id smtpd.web08.27554.1623663831594854818 for ; Mon, 14 Jun 2021 02:43:52 -0700 X-Received: by mail-lj1-f170.google.com with SMTP id x14so19275210ljp.7 for ; Mon, 14 Jun 2021 02:43:51 -0700 (PDT) X-Gm-Message-State: k3EZB2mNN9VGvpCrsRDeqzbbx1787277AA= X-Google-Smtp-Source: ABdhPJzhnABvBlugGKKFmFIpQj89aeEVJc8mSCCSWWOJLsZRDOgjr+6kHAK4XdJmjmNaRf2t26cFdg== X-Received: by 2002:a2e:9788:: with SMTP id y8mr12220162lji.100.1623663829640; Mon, 14 Jun 2021 02:43:49 -0700 (PDT) X-Received: from gilgamesh.lab.semihalf.net ([83.142.187.85]) by smtp.gmail.com with ESMTPSA id c32sm367777lfv.30.2021.06.14.02.43.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 14 Jun 2021 02:43:49 -0700 (PDT) From: "Grzegorz Bernacki" To: devel@edk2.groups.io Cc: leif@nuviainc.com, ardb+tianocore@kernel.org, Samer.El-Haj-Mahmoud@arm.com, sunny.Wang@arm.com, mw@semihalf.com, upstream@semihalf.com, jiewen.yao@intel.com, jian.j.wang@intel.com, min.m.xu@intel.com, lersek@redhat.com, sami.mujawar@arm.com, afish@apple.com, ray.ni@intel.com, jordan.l.justen@intel.com, rebecca@bsdio.com, grehan@freebsd.org, thomas.abraham@arm.com, chasel.chiu@intel.com, nathaniel.l.desimone@intel.com, gaoliming@byosoft.com.cn, eric.dong@intel.com, michael.d.kinney@intel.com, zailiang.sun@intel.com, yi.qian@intel.com, graeme@nuviainc.com, rad@semihalf.com, pete@akeo.ie, Grzegorz Bernacki Subject: [edk2-devel] [PATCH v3 8/8] MdeModulePkg: Use SecureBootVariableLib in PlatformVarCleanupLib. Date: Mon, 14 Jun 2021 11:43:08 +0200 Message-Id: <20210614094308.2314345-11-gjb@semihalf.com> In-Reply-To: <20210614094308.2314345-1-gjb@semihalf.com> References: <20210614094308.2314345-1-gjb@semihalf.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,gjb@semihalf.com Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1623663834; bh=q64xhfjENX11ZzKgaiBR57foTvQ96LdAm4Hm1hQ4c44=; h=Cc:Date:From:Reply-To:Subject:To; b=mhP6Wz/cq2yVJPEiSUfUp4HCEehCYk3jfAxT4qAzcYEUw5Fyvxcyxej2vj+v+ljCXHP EKZpyD0uVGHqPfWIQ18lsNUxgEHW2hMmzpY6MnZo8WVCi6k0Lcd7AnWjFleVyCrWUjZOT iykqPv1kECSprCKHB42DAyAPafOBOcU7KZc= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" This commits removes CreateTimeBasedPayload() function from PlatformVarCleanupLib and uses exactly the same function from SecureBootVariableLib. Signed-off-by: Grzegorz Bernacki --- MdeModulePkg/Library/PlatformVarCleanupLib/PlatformVarCleanupLib.inf | 2 + MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanup.h | 1 + MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanupLib.c | 84 = -------------------- 3 files changed, 3 insertions(+), 84 deletions(-) diff --git a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatformVarCleanupL= ib.inf b/MdeModulePkg/Library/PlatformVarCleanupLib/PlatformVarCleanupLib.i= nf index 8d5db826a0..493d03e1d8 100644 --- a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatformVarCleanupLib.inf +++ b/MdeModulePkg/Library/PlatformVarCleanupLib/PlatformVarCleanupLib.inf @@ -34,6 +34,7 @@ [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec =20 [LibraryClasses] UefiBootServicesTableLib @@ -44,6 +45,7 @@ PrintLib MemoryAllocationLib HiiLib + SecureBootVariableLib =20 [Guids] gEfiIfrTianoGuid ## SOMETIMES_PRODUCES ## GUID diff --git a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanup.h b/= MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanup.h index c809a7086b..94fbc7d2a4 100644 --- a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanup.h +++ b/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanup.h @@ -18,6 +18,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include diff --git a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanupLib.c= b/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanupLib.c index 3875d614bb..204f1e00ad 100644 --- a/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanupLib.c +++ b/MdeModulePkg/Library/PlatformVarCleanupLib/PlatVarCleanupLib.c @@ -319,90 +319,6 @@ DestroyUserVariableNode ( } } =20 -/** - Create a time based data payload by concatenating the EFI_VARIABLE_AUTHE= NTICATION_2 - descriptor with the input data. NO authentication is required in this fu= nction. - - @param[in, out] DataSize On input, the size of Data buffer in b= ytes. - On output, the size of data returned i= n Data - buffer in bytes. - @param[in, out] Data On input, Pointer to data buffer to be= wrapped or - pointer to NULL to wrap an empty paylo= ad. - On output, Pointer to the new payload = date buffer allocated from pool, - it's caller's responsibility to free t= he memory after using it. - - @retval EFI_SUCCESS Create time based payload successfully. - @retval EFI_OUT_OF_RESOURCES There are not enough memory resourses = to create time based payload. - @retval EFI_INVALID_PARAMETER The parameter is invalid. - @retval Others Unexpected error happens. - -**/ -EFI_STATUS -CreateTimeBasedPayload ( - IN OUT UINTN *DataSize, - IN OUT UINT8 **Data - ) -{ - EFI_STATUS Status; - UINT8 *NewData; - UINT8 *Payload; - UINTN PayloadSize; - EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData; - UINTN DescriptorSize; - EFI_TIME Time; - - if (Data =3D=3D NULL || DataSize =3D=3D NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // At user physical presence, the variable does not need to be signed bu= t the - // parameters to the SetVariable() call still need to be prepared as aut= henticated - // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor withou= t certificate - // data in it. - // - Payload =3D *Data; - PayloadSize =3D *DataSize; - - DescriptorSize =3D OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) += OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData); - NewData =3D (UINT8 *) AllocateZeroPool (DescriptorSize + PayloadSize); - if (NewData =3D=3D NULL) { - return EFI_OUT_OF_RESOURCES; - } - - if ((Payload !=3D NULL) && (PayloadSize !=3D 0)) { - CopyMem (NewData + DescriptorSize, Payload, PayloadSize); - } - - DescriptorData =3D (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData); - - ZeroMem (&Time, sizeof (EFI_TIME)); - Status =3D gRT->GetTime (&Time, NULL); - if (EFI_ERROR (Status)) { - FreePool (NewData); - return Status; - } - Time.Pad1 =3D 0; - Time.Nanosecond =3D 0; - Time.TimeZone =3D 0; - Time.Daylight =3D 0; - Time.Pad2 =3D 0; - CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME)); - - DescriptorData->AuthInfo.Hdr.dwLength =3D OFFSET_OF (WIN_CERTIFI= CATE_UEFI_GUID, CertData); - DescriptorData->AuthInfo.Hdr.wRevision =3D 0x0200; - DescriptorData->AuthInfo.Hdr.wCertificateType =3D WIN_CERT_TYPE_EFI_GUID; - CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid); - - if (Payload !=3D NULL) { - FreePool (Payload); - } - - *DataSize =3D DescriptorSize + PayloadSize; - *Data =3D NewData; - return EFI_SUCCESS; -} - /** Create a counter based data payload by concatenating the EFI_VARIABLE_AU= THENTICATION descriptor with the input data. NO authentication is required in this fu= nction. --=20 2.25.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#76463): https://edk2.groups.io/g/devel/message/76463 Mute This Topic: https://groups.io/mt/83526324/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-