[edk2-devel] [PATCH] MdeModulePkg/Variable: SCT run AuthVar_conf is failed

Sunny Wang Sunny.Wang at arm.com
Thu Jul 14 14:59:29 UTC 2022 

Ah.. good catch. I was not aware that EFI_VARIABLE_ATTRIBUTES_MASK doesn't include EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS bit.
Thanks for fixing the issue, JunX1 Li and xueshengfeng.
Moreover, I assumed that you haven't got Edhaya's and Samer's review, right? If so, you should use "Cc:" instead of "Reviewed-by:" in your commit message.

The code change looks good to me.
Reviewed-by: Sunny Wang <sunny.wang at arm.com>

-----Original Message-----
From: xueshengfeng <xueshengfeng at byosoft.com.cn>
Sent: 04 July 2022 11:00
To: devel at edk2.groups.io
Cc: gaoliming at byosoft.com.cn; G Edhaya Chandran <Edhaya.Chandran at arm.com>; Samer El-Haj-Mahmoud <Samer.El-Haj-Mahmoud at arm.com>; Sunny Wang <Sunny.Wang at arm.com>; Lijun10x <junx1.li at intel.com>
Subject: [PATCH] MdeModulePkg/Variable: SCT run AuthVar_conf is failed

From: Lijun10x <junx1.li at intel.com>

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3969

Attr are EFI_VARIABLE_NON_VOLATILE|VARIABLE_AUTHENTICATED_WRITE_ACCESS,
will return EFI_INVALID_PARAMETER.
Added one case, only when one attribute is EFI_VARIABLE_NON_VOLATILE
will EFI_INVALID_PARAMETER be returned.
If attr are EFI_VARIABLE_NON_VOLATILE|VARIABLE_AUTHENTICATED_WRITE_ACCESS
will return EFI_UNSUPPORTED.
In the UEFI2.7 spec, there is a description as below:
EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS is deprecated and should not be
used. Platforms should return EFI_UNSUPPORTED if a caller to
SetVariable() specifies this attribute.

Signed-off-by: JunX1 Li <junx1.li at intel.com>
Reviewed-by: Liming Gao <gaoliming at byosoft.com.cn>
Reviewed-by: G Edhaya Chandran <edhaya.chandran at arm.com>
Reviewed-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud at arm.com>
Reviewed-by: Sunny Wang <sunny.wang at arm.com>
---
 MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
index 6c1a3440ac..14c176887a 100644
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c
@@ -2676,7 +2676,11 @@ VariableServiceSetVariable (
     //
     // Only EFI_VARIABLE_NON_VOLATILE attribute is invalid
     //
-    return EFI_INVALID_PARAMETER;
+    if ((Attributes & EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS) != 0) {
+      return EFI_UNSUPPORTED;
+    } else {
+      return EFI_INVALID_PARAMETER;
+    }
   } else if ((Attributes & VARIABLE_ATTRIBUTE_AT_AW) != 0) {
     if (!mVariableModuleGlobal->VariableGlobal.AuthSupport) {
       //
--
2.26.2.windows.1


IMPORTANT NOTICE: The contents of this email and any attachments are confidential and may also be privileged. If you are not the intended recipient, please notify the sender immediately and do not disclose the contents to any other person, use it for any purpose, or store or copy the information in any medium. Thank you.


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#91352): https://edk2.groups.io/g/devel/message/91352
Mute This Topic: https://groups.io/mt/92188170/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list