[edk2-devel] VariablePolicy support in StandaloneMM
Masahisa Kojima
masahisa.kojima at linaro.org
Wed Dec 2 08:57:43 UTC 2020
Hello All,
VariablePolicy was introduced in November.
When Developerbox(aarch64 platform) boots with UEFI secure boot enabled,
the following error appears.
Note that this platform supports UEFI secure boot using the standalone
MM framework.
--- StandaloneMM log ---
VariableLockRequestToLock - Failed to lock variable CapsuleMax! Not Ready
ASSERT_EFI_ERROR (Status = Not Ready)
ASSERT [VariableStandaloneMm]
/home/ubuntu/src/uefi/edk2/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableLockRequestToLock.c(64):
!EFI_ERROR (Status)
MmEntryPoint Done
---
In my check, this is simply because
MdeModulePkg/Library/VariablePolicyLib/VariablePolicyLib.c::InitVariablePolicyLib()
is not called.
InitVariablePolicyLib() is called from the following two files.
---
MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c: Status
= InitVariablePolicyLib( VariableServiceGetVariable );
MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c: Status =
InitVariablePolicyLib (VariableServiceGetVariable);
---
VariableDxe.c is not for MM_STANDALONE, so I tried to use
"VarCheckPolicyLib" as VarCheckLib,
but "VarCheckPolicyLib" requires
DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf and
DxeServicesLib.inf is not for MM_STANDALONE, I am stuck here.
Could you please take a look at this error?
Thanks,
Masahisa
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#68167): https://edk2.groups.io/g/devel/message/68167
Mute This Topic: https://groups.io/mt/78655646/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list