[edk2-devel] [PATCH v5 00/19] UEFI variable protection

Judah Vang posted 19 patches 1 year, 4 months ago
Failed in applying to current master (apply log)
MdeModulePkg/MdeModulePkg.dec                                                                                 |   13 +-
SecurityPkg/SecurityPkg.dec                                                                                   |   43 +-
MdeModulePkg/MdeModulePkg.dsc                                                                                 |   20 +-
MdeModulePkg/Test/MdeModulePkgHostTest.dsc                                                                    |    8 +
SecurityPkg/SecurityPkg.dsc                                                                                   |   13 +-
MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf                                    |   34 +
MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf                                                 |   79 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf |   36 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf                                   |  151 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf                                          |  153 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf                                |  119 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf                                 |  143 +
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf                                           |   43 +
SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf                                   |   34 +
SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf                                          |   64 +
SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf                                          |   68 +
SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf                                          |   67 +
SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf                                   |   62 +
SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf                                                         |   36 +
MdeModulePkg/Include/Guid/ProtectedVariable.h                                                                 |   22 +
MdeModulePkg/Include/Library/AuthVariableLib.h                                                                |    4 +-
MdeModulePkg/Include/Library/EncryptionVariableLib.h                                                          |  165 +
MdeModulePkg/Include/Library/ProtectedVariableLib.h                                                           |  607 +++
MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h                                                      |  225 ++
MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h                                               |  309 ++
MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h                                                 |  116 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h                                   |  158 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h                                               |  948 +++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h                                    |   67 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h                                        |  424 ++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h                                   |   51 +
MdePkg/Include/Ppi/ReadOnlyVariable2.h                                                                        |    4 +-
SecurityPkg/Include/Library/RpmcLib.h                                                                         |   15 +-
SecurityPkg/Include/Library/VariableKeyLib.h                                                                  |   37 +-
SecurityPkg/Include/Ppi/KeyServicePpi.h                                                                       |   57 +
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h                                                |   49 +
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h                                          |  589 +++
MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c                                             |  336 ++
MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c                                                      |  628 +++
MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c                                               |  941 +++++
MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c                                                 |  307 ++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c                                            |  343 ++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c                                                |  504 +++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c   |  607 +++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c                                  |   27 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c                                  |   26 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c                                          |  153 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c                                          |  569 +++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c                                               |  101 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c                                               | 4037 ++++++++++++++++++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c                                            |  670 ++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c                                          |  417 ++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c                              |   96 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c                                    |  537 +++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c                                        | 1110 ++++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c                                   |  575 +++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c                                   |  158 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c                                            | 1268 ++++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c                                  | 1895 +++++++++
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c                                   |   89 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c                                  |  130 +
SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c                                                |  734 ++++
SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c                                            |   92 +
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c                                            | 2103 ++++++++++
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c                                               |  163 +
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c                                               | 1327 +++++++
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c                                               |  209 +
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c                                      |  967 +++++
SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c                                        |  233 ++
SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c                                                                 |    8 +-
SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c                                                           |   59 +
SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c                                                   |    8 +-
MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni                                                 |   16 +
MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni                                            |   14 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni                                   |   22 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni                              |   14 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni                                          |   27 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni                                     |   14 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni                                |   23 +
MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni                           |   14 +
80 files changed, 26556 insertions(+), 48 deletions(-)
create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf
create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf
create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h
create mode 100644 MdeModulePkg/Include/Library/EncryptionVariableLib.h
create mode 100644 MdeModulePkg/Include/Library/ProtectedVariableLib.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h
create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h
create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h
create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c
create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c
create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c
create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni
create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni
[edk2-devel] [PATCH v5 00/19] UEFI variable protection
Posted by Judah Vang 1 year, 4 months ago
Patch 07 - Add PEI Variable Protection into a new directory and leave the
existing PEI Variable unchanged.

Patch 08 - Add RuntimeDxe Variable Protection into a new directory and
keep existing Variable for RuntimeDxe unchanged.

Patch 09 - Add reference to new Protected Variable libs.

Patch 16 - Applied code review comments by adding PEIM to library class

Patch 18 - Applied code review comments by removing unused API.

Notes:
The CryptoPkg changes are now being tracked separately.
Patches 21 on is no longer needed due to reorganization of the new
protected variable modules.

Judah Vang (19):
  MdePkg: Add reference to new Ppi Guid
  MdeModulePkg: Update AUTH_VARIABLE_INFO struct
  MdeModulePkg: Add new ProtectedVariable GUIDs
  MdeModulePkg: Add new include files
  MdeModulePkg: Add new GUID for Variable Store Info
  MdeModulePkg: Add Null ProtectedVariable Library
  MdeModulePkg: Add new Variable functionality
  MdeModulePkg: Add support for Protected Variables
  MdeModulePkg: Reference Null ProtectedVariableLib
  SecurityPkg: Add new GUIDs for
  SecurityPkg: Add new KeyService types and defines
  SecurityPkg: Add new variable types and functions
  SecurityPkg: Update RPMC APIs with index
  SecurityPkg: Fix GetVariableKey API
  SecurityPkg: Add null encryption variable libs
  SecurityPkg: Add VariableKey library function
  SecurityPkg: Add EncryptionVariable lib with AES
  SecurityPkg: Add Protected Variable Services
  SecurityPkg: Add references to new *.inf files

 MdeModulePkg/MdeModulePkg.dec                                                                                 |   13 +-
 SecurityPkg/SecurityPkg.dec                                                                                   |   43 +-
 MdeModulePkg/MdeModulePkg.dsc                                                                                 |   20 +-
 MdeModulePkg/Test/MdeModulePkgHostTest.dsc                                                                    |    8 +
 SecurityPkg/SecurityPkg.dsc                                                                                   |   13 +-
 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf                                    |   34 +
 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf                                                 |   79 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf |   36 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf                                   |  151 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf                                          |  153 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf                                |  119 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf                                 |  143 +
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf                                           |   43 +
 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf                                   |   34 +
 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf                                          |   64 +
 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf                                          |   68 +
 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf                                          |   67 +
 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf                                   |   62 +
 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf                                                         |   36 +
 MdeModulePkg/Include/Guid/ProtectedVariable.h                                                                 |   22 +
 MdeModulePkg/Include/Library/AuthVariableLib.h                                                                |    4 +-
 MdeModulePkg/Include/Library/EncryptionVariableLib.h                                                          |  165 +
 MdeModulePkg/Include/Library/ProtectedVariableLib.h                                                           |  607 +++
 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h                                                      |  225 ++
 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h                                               |  309 ++
 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h                                                 |  116 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h                                   |  158 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h                                               |  948 +++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h                                    |   67 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h                                        |  424 ++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h                                   |   51 +
 MdePkg/Include/Ppi/ReadOnlyVariable2.h                                                                        |    4 +-
 SecurityPkg/Include/Library/RpmcLib.h                                                                         |   15 +-
 SecurityPkg/Include/Library/VariableKeyLib.h                                                                  |   37 +-
 SecurityPkg/Include/Ppi/KeyServicePpi.h                                                                       |   57 +
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h                                                |   49 +
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h                                          |  589 +++
 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c                                             |  336 ++
 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c                                                      |  628 +++
 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c                                               |  941 +++++
 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c                                                 |  307 ++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c                                            |  343 ++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c                                                |  504 +++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c   |  607 +++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c                                  |   27 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c                                  |   26 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c                                          |  153 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c                                          |  569 +++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c                                               |  101 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c                                               | 4037 ++++++++++++++++++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c                                            |  670 ++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c                                          |  417 ++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c                              |   96 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c                                    |  537 +++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c                                        | 1110 ++++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c                                   |  575 +++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c                                   |  158 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c                                            | 1268 ++++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c                                  | 1895 +++++++++
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c                                   |   89 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c                                  |  130 +
 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c                                                |  734 ++++
 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c                                            |   92 +
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c                                            | 2103 ++++++++++
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c                                               |  163 +
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c                                               | 1327 +++++++
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c                                               |  209 +
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c                                      |  967 +++++
 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c                                        |  233 ++
 SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c                                                                 |    8 +-
 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c                                                           |   59 +
 SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c                                                   |    8 +-
 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni                                                 |   16 +
 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni                                            |   14 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni                                   |   22 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni                              |   14 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni                                          |   27 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni                                     |   14 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni                                |   23 +
 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni                           |   14 +
 80 files changed, 26556 insertions(+), 48 deletions(-)
 create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf
 create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
 create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf
 create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
 create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h
 create mode 100644 MdeModulePkg/Include/Library/EncryptionVariableLib.h
 create mode 100644 MdeModulePkg/Include/Library/ProtectedVariableLib.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h
 create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h
 create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h
 create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c
 create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
 create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c
 create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c
 create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni
 create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni

-- 
2.35.1.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#95981): https://edk2.groups.io/g/devel/message/95981
Mute This Topic: https://groups.io/mt/94840817/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH v5 00/19] UEFI variable protection
Posted by Yao, Jiewen 1 year, 3 months ago
Hi
Since this is a big feature in SecurityPkg and MdeModulePkg, I proposal to add *dedicated reviewer(s)* to support the maintenance work in EDKII.

Something like:

===============
MdeModulePkg: Protected Variable
F: MdeModulePkg/Universal/Variable/Protected/
F: <Please list all newly added file>
R: <Please give the reviewer name>


SecurityPkg: Protected Variable
F: SecurityPkg/Library/ProtectedVariableLib/
F: <Please list all newly added file>
R: <Please give the reviewer name>

===============

Please follow the style at https://github.com/tianocore/edk2/blob/master/Maintainers.txt

Thank you
Yao, Jiewen


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Judah
> Vang
> Sent: Sunday, November 6, 2022 3:35 PM
> To: devel@edk2.groups.io
> Subject: [edk2-devel] [PATCH v5 00/19] UEFI variable protection
> 
> Patch 07 - Add PEI Variable Protection into a new directory and leave the
> existing PEI Variable unchanged.
> 
> Patch 08 - Add RuntimeDxe Variable Protection into a new directory and
> keep existing Variable for RuntimeDxe unchanged.
> 
> Patch 09 - Add reference to new Protected Variable libs.
> 
> Patch 16 - Applied code review comments by adding PEIM to library class
> 
> Patch 18 - Applied code review comments by removing unused API.
> 
> Notes:
> The CryptoPkg changes are now being tracked separately.
> Patches 21 on is no longer needed due to reorganization of the new
> protected variable modules.
> 
> Judah Vang (19):
>   MdePkg: Add reference to new Ppi Guid
>   MdeModulePkg: Update AUTH_VARIABLE_INFO struct
>   MdeModulePkg: Add new ProtectedVariable GUIDs
>   MdeModulePkg: Add new include files
>   MdeModulePkg: Add new GUID for Variable Store Info
>   MdeModulePkg: Add Null ProtectedVariable Library
>   MdeModulePkg: Add new Variable functionality
>   MdeModulePkg: Add support for Protected Variables
>   MdeModulePkg: Reference Null ProtectedVariableLib
>   SecurityPkg: Add new GUIDs for
>   SecurityPkg: Add new KeyService types and defines
>   SecurityPkg: Add new variable types and functions
>   SecurityPkg: Update RPMC APIs with index
>   SecurityPkg: Fix GetVariableKey API
>   SecurityPkg: Add null encryption variable libs
>   SecurityPkg: Add VariableKey library function
>   SecurityPkg: Add EncryptionVariable lib with AES
>   SecurityPkg: Add Protected Variable Services
>   SecurityPkg: Add references to new *.inf files
> 
>  MdeModulePkg/MdeModulePkg.dec
> |   13 +-
>  SecurityPkg/SecurityPkg.dec
> |   43 +-
>  MdeModulePkg/MdeModulePkg.dsc
> |   20 +-
>  MdeModulePkg/Test/MdeModulePkgHostTest.dsc
> |    8 +
>  SecurityPkg/SecurityPkg.dsc
> |   13 +-
> 
> MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull
> .inf                                    |   34 +
>  MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf
> |   79 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni
> tTest/VariableLockRequestToLockUnitTest.inf |   36 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxe.inf                                   |  151 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i
> nf                                          |  153 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.inf                                |  119 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal
> oneMm.inf                                 |  143 +
>  SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
> |   43 +
> 
> SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in
> f                                   |   34 +
>  SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
> |   64 +
>  SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf
> |   68 +
>  SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf
> |   67 +
> 
> SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi
> b.inf                                   |   62 +
>  SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
> |   36 +
>  MdeModulePkg/Include/Guid/ProtectedVariable.h
> |   22 +
>  MdeModulePkg/Include/Library/AuthVariableLib.h
> |    4 +-
>  MdeModulePkg/Include/Library/EncryptionVariableLib.h
> |  165 +
>  MdeModulePkg/Include/Library/ProtectedVariableLib.h
> |  607 +++
>  MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h
> |  225 ++
>  MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h
> |  309 ++
>  MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h
> |  116 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym
> orphic.h                                   |  158 +
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h
> |  948 +++++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol
> atile.h                                    |   67 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing
> .h                                        |  424 ++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eCache.h                                   |   51 +
>  MdePkg/Include/Ppi/ReadOnlyVariable2.h
> |    4 +-
>  SecurityPkg/Include/Library/RpmcLib.h
> |   15 +-
>  SecurityPkg/Include/Library/VariableKeyLib.h
> |   37 +-
>  SecurityPkg/Include/Ppi/KeyServicePpi.h
> |   57 +
>  SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
> |   49 +
>  SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h
> |  589 +++
>  MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
> |  336 ++
>  MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c
> |  628 +++
>  MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c
> |  941 +++++
>  MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c
> |  307 ++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c
> |  343 ++
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c
> |  504 +++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni
> tTest/VariableLockRequestToLockUnitTest.c   |  607 +++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar
> rierDxe.c                                  |   27 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar
> rierSmm.c                                  |   26 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe
> .c                                          |  153 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm
> m.c                                          |  569 +++
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c
> |  101 +
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c
> | 4037 ++++++++++++++++++++
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c
> |  670 ++++
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c
> |  417 ++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe
> questToLock.c                              |   96 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol
> atile.c                                    |  537 +++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing
> .c                                        | 1110 ++++++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS
> mmDxe.c                                   |  575 +++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eCache.c                                   |  158 +
>  MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c
> | 1268 ++++++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.c                                  | 1895 +++++++++
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal
> oneMm.c                                   |   89 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi
> onalMm.c                                  |  130 +
>  SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
> |  734 ++++
>  SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
> |   92 +
>  SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c
> | 2103 ++++++++++
>  SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c
> |  163 +
>  SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c
> | 1327 +++++++
>  SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c
> |  209 +
> 
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm
> on.c                                      |  967 +++++
> 
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c
> |  233 ++
>  SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> |    8 +-
>  SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
> |   59 +
>  SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
> |    8 +-
>  MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni
> |   16 +
>  MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni
> |   14 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxe.uni                                   |   22 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxeExtra.uni                              |   14 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u
> ni                                          |   27 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx
> tra.uni                                     |   14 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.uni                                |   23 +
> 
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxeExtra.uni                           |   14 +
>  80 files changed, 26556 insertions(+), 48 deletions(-)
>  create mode 100644
> MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull
> .inf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni
> tTest/VariableLockRequestToLockUnitTest.inf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxe.inf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i
> nf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.inf
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal
> oneMm.inf
>  create mode 100644
> SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf
>  create mode 100644
> SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in
> f
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi
> b.inf
>  create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf
>  create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h
>  create mode 100644
> MdeModulePkg/Include/Library/EncryptionVariableLib.h
>  create mode 100644
> MdeModulePkg/Include/Library/ProtectedVariableLib.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym
> orphic.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol
> atile.h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing
> .h
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eCache.h
>  create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h
>  create mode 100644
> SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h
>  create mode 100644
> MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni
> tTest/VariableLockRequestToLockUnitTest.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar
> rierDxe.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar
> rierSmm.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe
> .c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm
> m.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe
> questToLock.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol
> atile.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing
> .c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS
> mmDxe.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eCache.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal
> oneMm.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi
> onalMm.c
>  create mode 100644
> SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c
>  create mode 100644
> SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm
> on.c
>  create mode 100644
> SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c
>  create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxe.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim
> eDxeExtra.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u
> ni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx
> tra.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxe.uni
>  create mode 100644
> MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR
> untimeDxeExtra.uni
> 
> --
> 2.35.1.windows.2
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#97170): https://edk2.groups.io/g/devel/message/97170
Mute This Topic: https://groups.io/mt/94840817/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-