[PATCH v1 1/1] MdeModulePkg/BdsDxe: Update BdsEntry to use Variable Policy


Kenneth Lautner
 

From: Ken Lautner <klautner@microsoft.com>

Changed BdsEntry.c to use Variable Policy instead of Variable Lock
as Variable Lock will be Deprecated eventually

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>

Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/Universal/BdsDxe/Bds.h | 1 -
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf | 4 +++-
MdeModulePkg/Universal/BdsDxe/BdsEntry.c | 20 +++++++++++++++-----
3 files changed, 18 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Universal/BdsDxe/Bds.h b/MdeModulePkg/Universal/B=
dsDxe/Bds.h
index e7a9b5b4b7cb..84548041e861 100644
--- a/MdeModulePkg/Universal/BdsDxe/Bds.h
+++ b/MdeModulePkg/Universal/BdsDxe/Bds.h
@@ -17,7 +17,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
=0D
#include <Protocol/Bds.h>=0D
#include <Protocol/LoadedImage.h>=0D
-#include <Protocol/VariableLock.h>=0D
#include <Protocol/DeferredImageLoad.h>=0D
=0D
#include <Library/UefiDriverEntryPoint.h>=0D
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Univer=
sal/BdsDxe/BdsDxe.inf
index 9310b4dccb18..76ff6a0f5fc3 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+++ b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -50,6 +50,8 @@
BaseMemoryLib=0D
DebugLib=0D
UefiBootManagerLib=0D
+ VariablePolicyLib=0D
+ VariablePolicyHelperLib=0D
PlatformBootManagerLib=0D
PcdLib=0D
PrintLib=0D
@@ -77,7 +79,7 @@
[Protocols]=0D
gEfiBdsArchProtocolGuid ## PRODUCES=0D
gEfiSimpleTextInputExProtocolGuid ## CONSUMES=0D
- gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES=0D
+ gEdkiiVariablePolicyProtocolGuid ## SOMETIMES_CONSUMES=0D
gEfiDeferredImageLoadProtocolGuid ## CONSUMES=0D
=0D
[FeaturePcd]=0D
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Univer=
sal/BdsDxe/BdsEntry.c
index 83b773a2fa5f..13c10bdc5bf8 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Bds.h"=0D
#include "Language.h"=0D
#include "HwErrRecSupport.h"=0D
+#include <Library/VariablePolicyHelperLib.h>=0D
=0D
#define SET_BOOT_OPTION_SUPPORT_KEY_COUNT(a, c) { \=0D
(a) =3D ((a) & ~EFI_BOOT_OPTION_SUPPORT_COUNT) | (((c) << LowBitSet3=
2 (EFI_BOOT_OPTION_SUPPORT_COUNT)) & EFI_BOOT_OPTION_SUPPORT_COUNT); \=0D
@@ -670,7 +671,7 @@ BdsEntry (
EFI_STATUS Status;=0D
UINT32 BootOptionSupport;=0D
UINT16 BootTimeOut;=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;=0D
UINTN Index;=0D
EFI_BOOT_MANAGER_LOAD_OPTION LoadOption;=0D
UINT16 *BootNext;=0D
@@ -716,12 +717,21 @@ BdsEntry (
//=0D
// Mark the read-only variables if the Variable Lock protocol exists=0D
//=0D
- Status =3D gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (=
VOID **) &VariableLock);=0D
- DEBUG ((EFI_D_INFO, "[BdsDxe] Locate Variable Lock protocol - %r\n", Sta=
tus));=0D
+ Status =3D gBS->LocateProtocol(&gEdkiiVariablePolicyProtocolGuid, NULL, =
(VOID**)&VariablePolicy);=0D
+ DEBUG((DEBUG_INFO, "[BdsDxe] Locate Variable Policy protocol - %r\n", St=
atus));=0D
if (!EFI_ERROR (Status)) {=0D
for (Index =3D 0; Index < ARRAY_SIZE (mReadOnlyVariables); Index++) {=
=0D
- Status =3D VariableLock->RequestToLock (VariableLock, mReadOnlyVaria=
bles[Index], &gEfiGlobalVariableGuid);=0D
- ASSERT_EFI_ERROR (Status);=0D
+ Status =3D RegisterBasicVariablePolicy(=0D
+ VariablePolicy,=0D
+ &gEfiGlobalVariableGuid,=0D
+ mReadOnlyVariables[Index],=0D
+ VARIABLE_POLICY_NO_MIN_SIZE,=0D
+ VARIABLE_POLICY_NO_MAX_SIZE,=0D
+ VARIABLE_POLICY_NO_MUST_ATTR,=0D
+ VARIABLE_POLICY_NO_CANT_ATTR,=0D
+ VARIABLE_POLICY_TYPE_LOCK_NOW=0D
+ );=0D
+ ASSERT_EFI_ERROR(Status);=0D
}=0D
}=0D
=0D
--=20
2.31.1.windows.1


Kenneth Lautner
 

This needs more editorial changes so disregard for now and I'll resend it when it's better.  Sorry about that.


On Wed, Jun 16, 2021 at 10:35 AM Kenneth Lautner via groups.io <kenlautner3=gmail.com@groups.io> wrote:
From: Ken Lautner <klautner@...>

Changed BdsEntry.c to use Variable Policy instead of Variable Lock
as Variable Lock will be Deprecated eventually

Cc: Jian J Wang <jian.j.wang@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Zhichao Gao <zhichao.gao@...>
Cc: Ray Ni <ray.ni@...>
Signed-off-by: Kenneth Lautner <kenlautner3@...>

Fixed Library References

Quick revert

MdeModulePkg/BdsDxe: Fixed Library References

Fixed incorrect library reference in BdsEntry.c

Cc: Jian J Wang <jian.j.wang@...>
Cc: Hao A Wu <hao.a.wu@...>
Cc: Zhichao Gao <zhichao.gao@...>
Cc: Ray Ni <ray.ni@...>
Cc: Liming Gao <gaoliming@...>
Signed-off-by: Kenneth Lautner <kenlautner3@...>
---
 MdeModulePkg/Universal/BdsDxe/BdsDxe.inf |  4 +++-
 MdeModulePkg/Universal/BdsDxe/BdsEntry.c | 20 +++++++++++++++-----
 2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
index 9310b4dccb18..76ff6a0f5fc3 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+++ b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -50,6 +50,8 @@
   BaseMemoryLib
   DebugLib
   UefiBootManagerLib
+  VariablePolicyLib
+  VariablePolicyHelperLib
   PlatformBootManagerLib
   PcdLib
   PrintLib
@@ -77,7 +79,7 @@
 [Protocols]
   gEfiBdsArchProtocolGuid                       ## PRODUCES
   gEfiSimpleTextInputExProtocolGuid             ## CONSUMES
-  gEdkiiVariableLockProtocolGuid                ## SOMETIMES_CONSUMES
+  gEdkiiVariablePolicyProtocolGuid              ## SOMETIMES_CONSUMES
   gEfiDeferredImageLoadProtocolGuid             ## CONSUMES

 [FeaturePcd]
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
index 83b773a2fa5f..13c10bdc5bf8 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include "Bds.h"
 #include "Language.h"
 #include "HwErrRecSupport.h"
+#include <Library/VariablePolicyHelperLib.h>

 #define SET_BOOT_OPTION_SUPPORT_KEY_COUNT(a, c) {  \
       (a) = ((a) & ~EFI_BOOT_OPTION_SUPPORT_COUNT) | (((c) << LowBitSet32 (EFI_BOOT_OPTION_SUPPORT_COUNT)) & EFI_BOOT_OPTION_SUPPORT_COUNT); \
@@ -670,7 +671,7 @@ BdsEntry (
   EFI_STATUS                      Status;
   UINT32                          BootOptionSupport;
   UINT16                          BootTimeOut;
-  EDKII_VARIABLE_LOCK_PROTOCOL    *VariableLock;
+  EDKII_VARIABLE_POLICY_PROTOCOL  *VariablePolicy;
   UINTN                           Index;
   EFI_BOOT_MANAGER_LOAD_OPTION    LoadOption;
   UINT16                          *BootNext;
@@ -716,12 +717,21 @@ BdsEntry (
   //
   // Mark the read-only variables if the Variable Lock protocol exists
   //
-  Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **) &VariableLock);
-  DEBUG ((EFI_D_INFO, "[BdsDxe] Locate Variable Lock protocol - %r\n", Status));
+  Status = gBS->LocateProtocol(&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy);
+  DEBUG((DEBUG_INFO, "[BdsDxe] Locate Variable Policy protocol - %r\n", Status));
   if (!EFI_ERROR (Status)) {
     for (Index = 0; Index < ARRAY_SIZE (mReadOnlyVariables); Index++) {
-      Status = VariableLock->RequestToLock (VariableLock, mReadOnlyVariables[Index], &gEfiGlobalVariableGuid);
-      ASSERT_EFI_ERROR (Status);
+      Status = RegisterBasicVariablePolicy(
+                 VariablePolicy,
+                 &gEfiGlobalVariableGuid,
+                 mReadOnlyVariables[Index],
+                 VARIABLE_POLICY_NO_MIN_SIZE,
+                 VARIABLE_POLICY_NO_MAX_SIZE,
+                 VARIABLE_POLICY_NO_MUST_ATTR,
+                 VARIABLE_POLICY_NO_CANT_ATTR,
+                 VARIABLE_POLICY_TYPE_LOCK_NOW
+                 );
+      ASSERT_EFI_ERROR(Status);
     }
   }

--
2.31.1.windows.1



------------
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#76602): https://edk2.groups.io/g/devel/message/76602
Mute This Topic: https://groups.io/mt/83586104/6193780
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [kenlautner3@...]
------------



Kenneth Lautner
 

From: Ken Lautner <klautner@microsoft.com>

Changed BdsEntry.c to use Variable Policy instead of Variable Lock
as Variable Lock will be Deprecated eventually

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>

Fixed Library References

Quick revert

MdeModulePkg/BdsDxe: Fixed Library References

Fixed incorrect library reference in BdsEntry.c

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
---
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf | 4 +++-
MdeModulePkg/Universal/BdsDxe/BdsEntry.c | 20 +++++++++++++++-----
2 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Univer=
sal/BdsDxe/BdsDxe.inf
index 9310b4dccb18..76ff6a0f5fc3 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+++ b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -50,6 +50,8 @@
BaseMemoryLib=0D
DebugLib=0D
UefiBootManagerLib=0D
+ VariablePolicyLib=0D
+ VariablePolicyHelperLib=0D
PlatformBootManagerLib=0D
PcdLib=0D
PrintLib=0D
@@ -77,7 +79,7 @@
[Protocols]=0D
gEfiBdsArchProtocolGuid ## PRODUCES=0D
gEfiSimpleTextInputExProtocolGuid ## CONSUMES=0D
- gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES=0D
+ gEdkiiVariablePolicyProtocolGuid ## SOMETIMES_CONSUMES=0D
gEfiDeferredImageLoadProtocolGuid ## CONSUMES=0D
=0D
[FeaturePcd]=0D
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Univer=
sal/BdsDxe/BdsEntry.c
index 83b773a2fa5f..13c10bdc5bf8 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Bds.h"=0D
#include "Language.h"=0D
#include "HwErrRecSupport.h"=0D
+#include <Library/VariablePolicyHelperLib.h>=0D
=0D
#define SET_BOOT_OPTION_SUPPORT_KEY_COUNT(a, c) { \=0D
(a) =3D ((a) & ~EFI_BOOT_OPTION_SUPPORT_COUNT) | (((c) << LowBitSet3=
2 (EFI_BOOT_OPTION_SUPPORT_COUNT)) & EFI_BOOT_OPTION_SUPPORT_COUNT); \=0D
@@ -670,7 +671,7 @@ BdsEntry (
EFI_STATUS Status;=0D
UINT32 BootOptionSupport;=0D
UINT16 BootTimeOut;=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;=0D
UINTN Index;=0D
EFI_BOOT_MANAGER_LOAD_OPTION LoadOption;=0D
UINT16 *BootNext;=0D
@@ -716,12 +717,21 @@ BdsEntry (
//=0D
// Mark the read-only variables if the Variable Lock protocol exists=0D
//=0D
- Status =3D gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (=
VOID **) &VariableLock);=0D
- DEBUG ((EFI_D_INFO, "[BdsDxe] Locate Variable Lock protocol - %r\n", Sta=
tus));=0D
+ Status =3D gBS->LocateProtocol(&gEdkiiVariablePolicyProtocolGuid, NULL, =
(VOID**)&VariablePolicy);=0D
+ DEBUG((DEBUG_INFO, "[BdsDxe] Locate Variable Policy protocol - %r\n", St=
atus));=0D
if (!EFI_ERROR (Status)) {=0D
for (Index =3D 0; Index < ARRAY_SIZE (mReadOnlyVariables); Index++) {=
=0D
- Status =3D VariableLock->RequestToLock (VariableLock, mReadOnlyVaria=
bles[Index], &gEfiGlobalVariableGuid);=0D
- ASSERT_EFI_ERROR (Status);=0D
+ Status =3D RegisterBasicVariablePolicy(=0D
+ VariablePolicy,=0D
+ &gEfiGlobalVariableGuid,=0D
+ mReadOnlyVariables[Index],=0D
+ VARIABLE_POLICY_NO_MIN_SIZE,=0D
+ VARIABLE_POLICY_NO_MAX_SIZE,=0D
+ VARIABLE_POLICY_NO_MUST_ATTR,=0D
+ VARIABLE_POLICY_NO_CANT_ATTR,=0D
+ VARIABLE_POLICY_TYPE_LOCK_NOW=0D
+ );=0D
+ ASSERT_EFI_ERROR(Status);=0D
}=0D
}=0D
=0D
--=20
2.31.1.windows.1