From: Kun Qin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3910 This change is in pair with the previous SecureBootVariableLib, which removes the explicit invocation

From: kuqin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3911 This change updated the interfaces provided by SecureBootVariableLib. The new additions provided

From: kuqin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3910 This change removes the interface of SecureBootFetchData, and replaced it with

From: Kun Qin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3909 This change updated the interface of 'CreateTimeBasedPayload' by requiring the caller to provide a

From: Kun Qin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3911 This patch provides an abstracted interface for platform to implement PK variable related protection

From: Kun Qin <kuqin@...> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3910 This change added certificate and payload structures that can be consumed by SecureBootVariableLib and

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3909 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911 This is a follow-up of a

From: Min M Xu <min.m.xu@...> SECURE_BOOT_FEATURE_ENABLED is the build-flag defined when secure boot is enabled. Currently this flag is used in below lib: - OvmfPkg/PlatformPei -

From: Min M Xu <min.m.xu@...> Set PcdEmuVariableNvStoreReserved with the value in PlatformInfoHob. It is the address of the EmuVariableNvStore reserved in Pei-less startup. Cc: James Bottomley

From: Min M Xu <min.m.xu@...> OvmfPkg/Library/NvVarsFileLib allows loading variables into emulated varstore from a on-disk NvVars file. We can't allow that when secure boot is active. So

From: Min M Xu <min.m.xu@...> EmuVariableNvStore is reserved and init with below 2 functions defined in PlatformInitLib: - PlatformReserveEmuVariableNvStore -

From: Min M Xu <min.m.xu@...> ReserveEmuVariableNvStore is updated with below 2 functions defined in PlatformInitLib: - PlatformReserveEmuVariableNvStore -

From: Min M Xu <min.m.xu@...> There are 3 functions added for EmuVariableNvStore: - PlatformReserveEmuVariableNvStore - PlatformInitEmuVariableNvStore -

From: Min M Xu <min.m.xu@...> TdxValidateCfv is used to validate the integrity of FlashNvVarStore (PcdOvmfFlashNvStorageVariableBase) and it is not Tdx specific. So it will be moved to

From: Min M Xu <min.m.xu@...> AllocateRuntimePages is used to allocate one or more 4KB pages of type EfiRuntimeServicesData. Cc: Ard Biesheuvel <ardb+tianocore@...> Cc: Abner Chang

Secure-Boot related variables include the PK/KEK/DB/DBX and they are stored in NvVarStore (OVMF_VARS.fd). When lauching with -pflash, QEMU/OVMF will use emulated flash, and fully support UEFI

Ah my bad. I forgot sending below patch in the series. fec80e84db 2022-06-22 EmbeddedPkg: Add AllocateRuntimePages in PrePiMemoryAllocationLib [Min M Xu] It is in

Acked-by: Michael Kubacki <michael.kubacki@...>

Update check for enough space to occur prior to alignment offset. This prevents cases where EfiFreeMemoryTop < EfiFreeMemoryBottom. Signed-off-by: Jeff Brasen <jbrasen@...> ---

I am facing the issue during the build of Kuno meta image after python update from python3.6.9 to python 3.9.13. I am attaching the screenshot. Please help me to resolve this issue. Thank