REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3699
The code in MdeModulePkg\Library\DxeCapsuleLibFmp call the deprecated=20
interface VariableLockRequestToLock.c. So I changed the code in
FmpDevicePkg using RegisterBasicVariablePolicy, instead of the=20
deprecated interface.

Signed-off-by: Yang Jie <jie.yang@...>
Cc: Guomin Jiang <guomin.jiang@...>
Cc: Liming Gao <gaoliming@...>
Cc: Jian J Wang <jian.j.wang@...>
---
.../DxeCapsuleLibFmp/DxeCapsuleLib.inf | 5 +-
.../DxeCapsuleLibFmp/DxeCapsuleReportLib.c | 88 +++++++++++++------
2 files changed, 63 insertions(+), 30 deletions(-)

diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf b/MdeM=
odulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
index 05de4299fb..9212c81d68 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
@@ -3,7 +3,7 @@
#=0D
# Capsule library instance for DXE_DRIVER module types.=0D
#=0D
-# Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>=
=0D
+# Copyright (c) 2016 - 2021, Intel Corporation. All rights reserved.<BR>=
=0D
# SPDX-License-Identifier: BSD-2-Clause-Patent=0D
#=0D
##=0D
@@ -51,6 +51,7 @@
DisplayUpdateProgressLib=0D
FileHandleLib=0D
UefiBootManagerLib=0D
+ VariablePolicyHelperLib=0D
=0D
[Pcd]=0D
gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleMax =
## CONSUMES=0D
@@ -71,11 +72,11 @@
[Protocols]=0D
gEsrtManagementProtocolGuid ## CONSUMES=0D
gEfiFirmwareManagementProtocolGuid ## CONSUMES=0D
- gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES=0D
gEdkiiFirmwareManagementProgressProtocolGuid ## SOMETIMES_CONSUMES=0D
gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES=0D
gEfiBlockIoProtocolGuid ## CONSUMES=0D
gEfiDiskIoProtocolGuid ## CONSUMES=0D
+ gEdkiiVariablePolicyProtocolGuid ## CONSUMES=0D
=0D
[Guids]=0D
gEfiFmpCapsuleGuid ## SOMETIMES_CONSUMES ## GUID=0D
diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c b/=
MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
index 0ec5f20676..c4faa0b41f 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleReportLib.c
@@ -1,14 +1,13 @@
/** @file=0D
DXE capsule report related function.=0D
=0D
- Copyright (c) 2016 - 2019, Intel Corporation. All rights reserved.<BR>=0D
+ Copyright (c) 2016 - 2021, Intel Corporation. All rights reserved.<BR>=0D
SPDX-License-Identifier: BSD-2-Clause-Patent=0D
=0D
**/=0D
=0D
#include <PiDxe.h>=0D
#include <Protocol/FirmwareManagement.h>=0D
-#include <Protocol/VariableLock.h>=0D
#include <Guid/CapsuleReport.h>=0D
#include <Guid/FmpCapsule.h>=0D
#include <Guid/CapsuleVendor.h>=0D
@@ -26,6 +25,7 @@
#include <Library/ReportStatusCodeLib.h>=0D
#include <Library/DevicePathLib.h>=0D
#include <Library/CapsuleLib.h>=0D
+#include <Library/VariablePolicyHelperLib.h>=0D
=0D
#include <IndustryStandard/WindowsUxCapsule.h>=0D
=0D
@@ -94,6 +94,39 @@ GetNewCapsuleResultIndex (
return CurrentIndex + 1;=0D
}=0D
=0D
+/**=0D
+ Lock Variable by variable policy=0D
+=0D
+ @param[in] VariableGuid The Guid of the variable to be locked=0D
+ @param[in] VariableName The name of the variable to be locked=0D
+ @param[in] VariablePolicy The pointer of variable lock policy=0D
+**/=0D
+VOID LockVaraible (=0D
+ IN CONST EFI_GUID VariableGuid,=0D
+ IN CHAR16 *VariableName,=0D
+ IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy=0D
+ )=0D
+{=0D
+ EFI_STATUS Status;=0D
+=0D
+ // Set the policies to protect the target variables=0D
+ Status =3D RegisterBasicVariablePolicy (VariablePolicy,=0D
+ &VariableGuid,=0D
+ VariableName,=0D
+ VARIABLE_POLICY_NO_MIN_SIZE,=0D
+ VARIABLE_POLICY_NO_MAX_SIZE,=0D
+ VARIABLE_POLICY_NO_MUST_ATTR,=0D
+ VARIABLE_POLICY_NO_CANT_ATTR,=0D
+ VARIABLE_POLICY_TYPE_LOCK_NOW);=0D
+ if (EFI_ERROR (Status)) {=0D
+ DEBUG ((DEBUG_ERROR, "DxeCapsuleLibFmp: Failed to lock variable %g %s.=
Status =3D %r\n",=0D
+ &VariableGuid,=0D
+ VariableName,=0D
+ Status));=0D
+ ASSERT_EFI_ERROR (Status);=0D
+ }=0D
+}=0D
+=0D
/**=0D
Write a new capsule status variable.=0D
=0D
@@ -269,16 +302,18 @@ RecordFmpCapsuleStatusVariable (
=0D
/**=0D
Initialize CapsuleMax variables.=0D
+=0D
+ @param[in] VariablePolicy The pointer of variable lock policy=0D
**/=0D
VOID=0D
InitCapsuleMaxVariable (=0D
- VOID=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy=0D
)=0D
{=0D
EFI_STATUS Status;=0D
UINTN Size;=0D
CHAR16 CapsuleMaxStr[sizeof("Capsule####")];=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
+ //EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
=0D
UnicodeSPrint(=0D
CapsuleMaxStr,=0D
@@ -297,25 +332,22 @@ InitCapsuleMaxVariable (
);=0D
if (!EFI_ERROR(Status)) {=0D
// Lock it per UEFI spec.=0D
- Status =3D gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, =
(VOID **)&VariableLock);=0D
- if (!EFI_ERROR(Status)) {=0D
- Status =3D VariableLock->RequestToLock(VariableLock, L"CapsuleMax", =
&gEfiCapsuleReportGuid);=0D
- ASSERT_EFI_ERROR(Status);=0D
- }=0D
+ LockVaraible (gEfiCapsuleReportGuid, L"CapsuleMax", VariablePolicy);=0D
}=0D
}=0D
=0D
/**=0D
Initialize CapsuleLast variables.=0D
+=0D
+ @param[in] VariablePolicy The pointer of variable lock policy=0D
**/=0D
VOID=0D
InitCapsuleLastVariable (=0D
- VOID=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy=0D
)=0D
{=0D
EFI_STATUS Status;=0D
EFI_BOOT_MODE BootMode;=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
VOID *CapsuleResult;=0D
UINTN Size;=0D
CHAR16 CapsuleLastStr[sizeof("Capsule####")];=
=0D
@@ -372,11 +404,7 @@ InitCapsuleLastVariable (
}=0D
=0D
// Lock it in normal boot path per UEFI spec.=0D
- Status =3D gBS->LocateProtocol(&gEdkiiVariableLockProtocolGuid, NULL, =
(VOID **)&VariableLock);=0D
- if (!EFI_ERROR(Status)) {=0D
- Status =3D VariableLock->RequestToLock(VariableLock, L"CapsuleLast",=
&gEfiCapsuleReportGuid);=0D
- ASSERT_EFI_ERROR(Status);=0D
- }=0D
+ LockVaraible (gEfiCapsuleReportGuid, L"CapsuleLast", VariablePolicy);=
=0D
}=0D
}=0D
=0D
@@ -430,26 +458,21 @@ InitCapsuleUpdateVariable (
=0D
/**=0D
Initialize capsule relocation info variable.=0D
+=0D
+ @param[in] VariablePolicy The pointer of variable lock policy=0D
**/=0D
VOID=0D
InitCapsuleRelocationInfo (=0D
- VOID=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy=0D
)=0D
{=0D
- EFI_STATUS Status;=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
-=0D
CoDClearCapsuleRelocationInfo();=0D
=0D
//=0D
// Unlock Capsule On Disk relocation Info variable only when Capsule On =
Disk flag is enabled=0D
//=0D
if (!CoDCheckCapsuleOnDiskFlag()) {=0D
- Status =3D gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL,=
(VOID **) &VariableLock);=0D
- if (!EFI_ERROR (Status)) {=0D
- Status =3D VariableLock->RequestToLock (VariableLock, COD_RELOCATION=
_INFO_VAR_NAME, &gEfiCapsuleVendorGuid);=0D
- ASSERT_EFI_ERROR (Status);=0D
- }=0D
+ LockVaraible (gEfiCapsuleVendorGuid, COD_RELOCATION_INFO_VAR_NAME, Var=
iablePolicy);=0D
}=0D
}=0D
=0D
@@ -461,10 +484,19 @@ InitCapsuleVariable (
VOID=0D
)=0D
{=0D
+ EFI_STATUS Status;=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;=0D
+=0D
+ // Locate the VariablePolicy protocol=0D
+ Status =3D gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL,=
(VOID**)&VariablePolicy);=0D
+ if (EFI_ERROR (Status)) {=0D
+ DEBUG ((DEBUG_ERROR, "DxeCapsuleReportLib %a - Could not locate Variab=
lePolicy protocol! %r\n", __FUNCTION__, Status));=0D
+ ASSERT_EFI_ERROR (Status);=0D
+ }=0D
InitCapsuleUpdateVariable();=0D
- InitCapsuleMaxVariable();=0D
- InitCapsuleLastVariable();=0D
- InitCapsuleRelocationInfo();=0D
+ InitCapsuleMaxVariable (VariablePolicy);=0D
+ InitCapsuleLastVariable (VariablePolicy);=0D
+ InitCapsuleRelocationInfo (VariablePolicy);=0D
=0D
//=0D
// No need to clear L"Capsule####", because OS/APP should refer L"Capsul=
eLast"=0D
--=20
2.26.2.windows.1