[edk2-devel] [Patch v2 12/28] SecurityPkg: Add new variable types and functions

Wang, Jian J jian.j.wang at intel.com
Sun May 22 14:12:14 UTC 2022 

Judah,

Patch 11 is a library instance of RpmcLib which relies on changes introduced in this patch (12).
You need to put this patch before patch 11.

Regards,
Jian

> -----Original Message-----
> From: Vang, Judah <judah.vang at intel.com>
> Sent: Saturday, April 30, 2022 2:04 AM
> To: devel at edk2.groups.io
> Cc: Wang, Jian J <jian.j.wang at intel.com>; Yao, Jiewen <jiewen.yao at intel.com>;
> Mistry, Nishant C <nishant.c.mistry at intel.com>
> Subject: [Patch v2 12/28] SecurityPkg: Add new variable types and functions
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
> 
> Add new variable encryption/decryption function prototypes.
> Add new variable digest structure. Add new Protected
> variable function prototypes. Update RPMC APIs to Add
> an index because there is could more than one counter.
> 
> Cc: Jian J Wang <jian.j.wang at intel.com>
> Cc: Jiewen Yao <jiewen.yao at intel.com>
> Cc: Nishant C Mistry <nishant.c.mistry at intel.com>
> Signed-off-by: Jian J Wang <jian.j.wang at intel.com>
> Signed-off-by: Nishant C Mistry <nishant.c.mistry at intel.com>
> Signed-off-by: Judah Vang <judah.vang at intel.com>
> ---
>  SecurityPkg/Include/Library/RpmcLib.h        | 15 +++++---
>  SecurityPkg/Include/Library/VariableKeyLib.h | 37 +++-----------------
>  2 files changed, 16 insertions(+), 36 deletions(-)
> 
> diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> b/SecurityPkg/Include/Library/RpmcLib.h
> index df4ba34ba8cf..cb71dfcd7e4d 100644
> --- a/SecurityPkg/Include/Library/RpmcLib.h
> +++ b/SecurityPkg/Include/Library/RpmcLib.h
> @@ -1,19 +1,23 @@
>  /** @file
>    Public definitions for the Replay Protected Monotonic Counter (RPMC) Library.
> 
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> 
> -#ifndef _RPMC_LIB_H_
> -#define _RPMC_LIB_H_
> +#ifndef RPMC_LIB_H_
> +#define RPMC_LIB_H_
> 
>  #include <Uefi/UefiBaseType.h>
> 
> +#define RPMC_COUNTER_1  0
> +#define RPMC_COUNTER_2  1
> +
>  /**
>    Requests the monotonic counter from the designated RPMC counter.
> 
> +  @param[in]    CounterIndex            The RPMC index
>    @param[out]   CounterValue            A pointer to a buffer to store the RPMC
> value.
> 
>    @retval       EFI_SUCCESS             The operation completed successfully.
> @@ -23,12 +27,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  EFI_STATUS
>  EFIAPI
>  RequestMonotonicCounter (
> +  IN  UINT8   CounterIndex,
>    OUT UINT32  *CounterValue
>    );
> 
>  /**
>    Increments the monotonic counter in the SPI flash device by 1.
> 
> +  @param[in]    CounterIndex            The RPMC index
> +
>    @retval       EFI_SUCCESS             The operation completed successfully.
>    @retval       EFI_DEVICE_ERROR        A device error occurred while attempting
> to update the counter.
>    @retval       EFI_UNSUPPORTED         The operation is un-supported.
> @@ -36,7 +43,7 @@ RequestMonotonicCounter (
>  EFI_STATUS
>  EFIAPI
>  IncrementMonotonicCounter (
> -  VOID
> +  IN  UINT8  CounterIndex
>    );
> 
>  #endif
> diff --git a/SecurityPkg/Include/Library/VariableKeyLib.h
> b/SecurityPkg/Include/Library/VariableKeyLib.h
> index 561ebad09da2..6076c4d4731b 100644
> --- a/SecurityPkg/Include/Library/VariableKeyLib.h
> +++ b/SecurityPkg/Include/Library/VariableKeyLib.h
> @@ -1,13 +1,13 @@
>  /** @file
>    Public definitions for Variable Key Library.
> 
> -Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) 2020 - 2022, Intel Corporation. All rights reserved.<BR>
>  SPDX-License-Identifier: BSD-2-Clause-Patent
> 
>  **/
> 
> -#ifndef _VARIABLE_KEY_LIB_H_
> -#define _VARIABLE_KEY_LIB_H_
> +#ifndef VARIABLE_KEY_LIB_H_
> +#define VARIABLE_KEY_LIB_H_
> 
>  #include <Uefi/UefiBaseType.h>
> 
> @@ -25,35 +25,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>  EFI_STATUS
>  EFIAPI
>  GetVariableKey (
> -  OUT VOID       **VariableKey,
> -  IN  OUT UINTN  *VariableKeySize
> -  );
> -
> -/**
> -  Regenerates the variable key.
> -
> -  @retval       EFI_SUCCESS             The variable key was regenerated successfully.
> -  @retval       EFI_DEVICE_ERROR        An error occurred while attempting to
> regenerate the key.
> -  @retval       EFI_ACCESS_DENIED       The function was invoked after locking
> the key interface.
> -  @retval       EFI_UNSUPPORTED         Key regeneration is not supported in the
> current boot configuration.
> -**/
> -EFI_STATUS
> -EFIAPI
> -RegenerateVariableKey (
> -  VOID
> -  );
> -
> -/**
> -  Locks the regenerate key interface.
> -
> -  @retval       EFI_SUCCESS             The key interface was locked successfully.
> -  @retval       EFI_UNSUPPORTED         Locking the key interface is not supported
> in the current boot configuration.
> -  @retval       Others                  An error occurred while attempting to lock the
> key interface.
> -**/
> -EFI_STATUS
> -EFIAPI
> -LockVariableKeyInterface (
> -  VOID
> +  OUT VOID   *VariableKey,
> +  IN  UINTN  VariableKeySize
>    );
> 
>  #endif
> --
> 2.35.1.windows.2



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#89935): https://edk2.groups.io/g/devel/message/89935
Mute This Topic: https://groups.io/mt/90781899/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list