[edk2-devel] [Patch v2 12/28] SecurityPkg: Add new variable types and functions
Wang, Jian J
jian.j.wang at intel.com
Sun May 22 14:12:14 UTC 2022
Judah,
Patch 11 is a library instance of RpmcLib which relies on changes introduced in this patch (12).
You need to put this patch before patch 11.
Regards,
Jian
> -----Original Message-----
> From: Vang, Judah <judah.vang at intel.com>
> Sent: Saturday, April 30, 2022 2:04 AM
> To: devel at edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang at intel.com>; Yao, Jiewen <jiewen.yao at intel.com>;
> Mistry, Nishant C <nishant.c.mistry at intel.com>
> Subject: [Patch v2 12/28] SecurityPkg: Add new variable types and functions
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
>
> Add new variable encryption/decryption function prototypes.
> Add new variable digest structure. Add new Protected
> variable function prototypes. Update RPMC APIs to Add
> an index because there is could more than one counter.
>
> Cc: Jian J Wang <jian.j.wang at intel.com>
> Cc: Jiewen Yao <jiewen.yao at intel.com>
> Cc: Nishant C Mistry <nishant.c.mistry at intel.com>
> Signed-off-by: Jian J Wang <jian.j.wang at intel.com>
> Signed-off-by: Nishant C Mistry <nishant.c.mistry at intel.com>
> Signed-off-by: Judah Vang <judah.vang at intel.com>
> ---
> SecurityPkg/Include/Library/RpmcLib.h | 15 +++++---
> SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++-----------------
> 2 files changed, 16 insertions(+), 36 deletions(-)
>
> diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> b/SecurityPkg/Include/Library/RpmcLib.h
> index df4ba34ba8cf..cb71dfcd7e4d 100644
> --- a/SecurityPkg/Include/Library/RpmcLib.h
> +++ b/SecurityPkg/Include/Library/RpmcLib.h
> @@ -1,19 +1,23 @@
> /** @file
> Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
>
> -#ifndef _RPMC_LIB_H_
> -#define _RPMC_LIB_H_
> +#ifndef RPMC_LIB_H_
> +#define RPMC_LIB_H_
>
> #include <Uefi/UefiBaseType.h>
>
> +#define RPMC_COUNTER_1 0
> +#define RPMC_COUNTER_2 1
> +
> /**
> Requests the monotonic counter from the designated RPMC counter.
>
> + @param[in] CounterIndex The RPMC index
> @param[out] CounterValue A pointer to a buffer to store the RPMC
> value.
>
> @retval EFI_SUCCESS The operation completed successfully.
> @@ -23,12 +27,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> EFI_STATUS
> EFIAPI
> RequestMonotonicCounter (
> + IN UINT8 CounterIndex,
> OUT UINT32 *CounterValue
> );
>
> /**
> Increments the monotonic counter in the SPI flash device by 1.
>
> + @param[in] CounterIndex The RPMC index
> +
> @retval EFI_SUCCESS The operation completed successfully.
> @retval EFI_DEVICE_ERROR A device error occurred while attempting
> to update the counter.
> @retval EFI_UNSUPPORTED The operation is un-supported.
> @@ -36,7 +43,7 @@ RequestMonotonicCounter (
> EFI_STATUS
> EFIAPI
> IncrementMonotonicCounter (
> - VOID
> + IN UINT8 CounterIndex
> );
>
> #endif
> diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> b/SecurityPkg/Include/Library/VariableKeyLib.h
> index 561ebad09da2..6076c4d4731b 100644
> --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> +++ b/SecurityPkg/Include/Library/VariableKeyLib.h
> @@ -1,13 +1,13 @@
> /** @file
> Public definitions for Variable Key Library.
>
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
>
> -#ifndef _VARIABLE_KEY_LIB_H_
> -#define _VARIABLE_KEY_LIB_H_
> +#ifndef VARIABLE_KEY_LIB_H_
> +#define VARIABLE_KEY_LIB_H_
>
> #include <Uefi/UefiBaseType.h>
>
> @@ -25,35 +25,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> EFI_STATUS
> EFIAPI
> GetVariableKey (
> - OUT VOID **VariableKey,
> - IN OUT UINTN *VariableKeySize
> - );
> -
> -/**
> - Regenerates the variable key.
> -
> - @retval EFI_SUCCESS The variable key was regenerated successfully.
> - @retval EFI_DEVICE_ERROR An error occurred while attempting to
> regenerate the key.
> - @retval EFI_ACCESS_DENIED The function was invoked after locking
> the key interface.
> - @retval EFI_UNSUPPORTED Key regeneration is not supported in the
> current boot configuration.
> -**/
> -EFI_STATUS
> -EFIAPI
> -RegenerateVariableKey (
> - VOID
> - );
> -
> -/**
> - Locks the regenerate key interface.
> -
> - @retval EFI_SUCCESS The key interface was locked successfully.
> - @retval EFI_UNSUPPORTED Locking the key interface is not supported
> in the current boot configuration.
> - @retval Others An error occurred while attempting to lock the
> key interface.
> -**/
> -EFI_STATUS
> -EFIAPI
> -LockVariableKeyInterface (
> - VOID
> + OUT VOID *VariableKey,
> + IN UINTN VariableKeySize
> );
>
> #endif
> --
> 2.35.1.windows.2
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89935): https://edk2.groups.io/g/devel/message/89935
Mute This Topic: https://groups.io/mt/90781899/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list