[PATCH v1 1/1] MdeModulePkg/BdsDxe: Update BdsEntry to use Variable Policy


Laszlo Ersek
 

On 06/21/21 21:59, Kenneth Lautner wrote:
From: Ken Lautner <klautner@microsoft.com>

Changed BdsEntry.c to use Variable Policy instead of Variable Lock
as Variable Lock will be Deprecated eventually

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>

Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/Universal/BdsDxe/Bds.h | 1 -
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf | 3 ++-
MdeModulePkg/Universal/BdsDxe/BdsEntry.c | 20 +++++++++++++++-----
3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Universal/BdsDxe/Bds.h b/MdeModulePkg/Universal/BdsDxe/Bds.h
index e7a9b5b4b7cb..84548041e861 100644
--- a/MdeModulePkg/Universal/BdsDxe/Bds.h
+++ b/MdeModulePkg/Universal/BdsDxe/Bds.h
@@ -17,7 +17,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent

#include <Protocol/Bds.h>
#include <Protocol/LoadedImage.h>
-#include <Protocol/VariableLock.h>
#include <Protocol/DeferredImageLoad.h>

#include <Library/UefiDriverEntryPoint.h>
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
index 9310b4dccb18..5bac635def93 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+++ b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -50,6 +50,7 @@
BaseMemoryLib
DebugLib
UefiBootManagerLib
+ VariablePolicyHelperLib
PlatformBootManagerLib
PcdLib
PrintLib
@@ -77,7 +78,7 @@
[Protocols]
gEfiBdsArchProtocolGuid ## PRODUCES
gEfiSimpleTextInputExProtocolGuid ## CONSUMES
- gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES
+ gEdkiiVariablePolicyProtocolGuid ## SOMETIMES_CONSUMES
gEfiDeferredImageLoadProtocolGuid ## CONSUMES

[FeaturePcd]
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
index 83b773a2fa5f..13c10bdc5bf8 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Bds.h"
#include "Language.h"
#include "HwErrRecSupport.h"
+#include <Library/VariablePolicyHelperLib.h>

#define SET_BOOT_OPTION_SUPPORT_KEY_COUNT(a, c) { \
(a) = ((a) & ~EFI_BOOT_OPTION_SUPPORT_COUNT) | (((c) << LowBitSet32 (EFI_BOOT_OPTION_SUPPORT_COUNT)) & EFI_BOOT_OPTION_SUPPORT_COUNT); \
@@ -670,7 +671,7 @@ BdsEntry (
EFI_STATUS Status;
UINT32 BootOptionSupport;
UINT16 BootTimeOut;
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;
UINTN Index;
EFI_BOOT_MANAGER_LOAD_OPTION LoadOption;
UINT16 *BootNext;
@@ -716,12 +717,21 @@ BdsEntry (
//
// Mark the read-only variables if the Variable Lock protocol exists
//
- Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **) &VariableLock);
- DEBUG ((EFI_D_INFO, "[BdsDxe] Locate Variable Lock protocol - %r\n", Status));
+ Status = gBS->LocateProtocol(&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy);
+ DEBUG((DEBUG_INFO, "[BdsDxe] Locate Variable Policy protocol - %r\n", Status));
if (!EFI_ERROR (Status)) {
for (Index = 0; Index < ARRAY_SIZE (mReadOnlyVariables); Index++) {
- Status = VariableLock->RequestToLock (VariableLock, mReadOnlyVariables[Index], &gEfiGlobalVariableGuid);
- ASSERT_EFI_ERROR (Status);
+ Status = RegisterBasicVariablePolicy(
+ VariablePolicy,
+ &gEfiGlobalVariableGuid,
+ mReadOnlyVariables[Index],
+ VARIABLE_POLICY_NO_MIN_SIZE,
+ VARIABLE_POLICY_NO_MAX_SIZE,
+ VARIABLE_POLICY_NO_MUST_ATTR,
+ VARIABLE_POLICY_NO_CANT_ATTR,
+ VARIABLE_POLICY_TYPE_LOCK_NOW
+ );
+ ASSERT_EFI_ERROR(Status);
}
}

We should have a TianoCore BZ ticket for this change; please reference
the ticket in the commit message.

(No need to repost just for this; I think whoever merges the patch
should please update the commit message.)

Thanks
Laszlo


Kenneth Lautner
 

From: Ken Lautner <klautner@microsoft.com>

Changed BdsEntry.c to use Variable Policy instead of Variable Lock
as Variable Lock will be Deprecated eventually

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Zhichao Gao <zhichao.gao@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>

Signed-off-by: Kenneth Lautner <kenlautner3@gmail.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
MdeModulePkg/Universal/BdsDxe/Bds.h | 1 -
MdeModulePkg/Universal/BdsDxe/BdsDxe.inf | 3 ++-
MdeModulePkg/Universal/BdsDxe/BdsEntry.c | 20 +++++++++++++++-----
3 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/MdeModulePkg/Universal/BdsDxe/Bds.h b/MdeModulePkg/Universal/B=
dsDxe/Bds.h
index e7a9b5b4b7cb..84548041e861 100644
--- a/MdeModulePkg/Universal/BdsDxe/Bds.h
+++ b/MdeModulePkg/Universal/BdsDxe/Bds.h
@@ -17,7 +17,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
=0D
#include <Protocol/Bds.h>=0D
#include <Protocol/LoadedImage.h>=0D
-#include <Protocol/VariableLock.h>=0D
#include <Protocol/DeferredImageLoad.h>=0D
=0D
#include <Library/UefiDriverEntryPoint.h>=0D
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf b/MdeModulePkg/Univer=
sal/BdsDxe/BdsDxe.inf
index 9310b4dccb18..5bac635def93 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
+++ b/MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -50,6 +50,7 @@
BaseMemoryLib=0D
DebugLib=0D
UefiBootManagerLib=0D
+ VariablePolicyHelperLib=0D
PlatformBootManagerLib=0D
PcdLib=0D
PrintLib=0D
@@ -77,7 +78,7 @@
[Protocols]=0D
gEfiBdsArchProtocolGuid ## PRODUCES=0D
gEfiSimpleTextInputExProtocolGuid ## CONSUMES=0D
- gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES=0D
+ gEdkiiVariablePolicyProtocolGuid ## SOMETIMES_CONSUMES=0D
gEfiDeferredImageLoadProtocolGuid ## CONSUMES=0D
=0D
[FeaturePcd]=0D
diff --git a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c b/MdeModulePkg/Univer=
sal/BdsDxe/BdsEntry.c
index 83b773a2fa5f..13c10bdc5bf8 100644
--- a/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
+++ b/MdeModulePkg/Universal/BdsDxe/BdsEntry.c
@@ -15,6 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Bds.h"=0D
#include "Language.h"=0D
#include "HwErrRecSupport.h"=0D
+#include <Library/VariablePolicyHelperLib.h>=0D
=0D
#define SET_BOOT_OPTION_SUPPORT_KEY_COUNT(a, c) { \=0D
(a) =3D ((a) & ~EFI_BOOT_OPTION_SUPPORT_COUNT) | (((c) << LowBitSet3=
2 (EFI_BOOT_OPTION_SUPPORT_COUNT)) & EFI_BOOT_OPTION_SUPPORT_COUNT); \=0D
@@ -670,7 +671,7 @@ BdsEntry (
EFI_STATUS Status;=0D
UINT32 BootOptionSupport;=0D
UINT16 BootTimeOut;=0D
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock;=0D
+ EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy;=0D
UINTN Index;=0D
EFI_BOOT_MANAGER_LOAD_OPTION LoadOption;=0D
UINT16 *BootNext;=0D
@@ -716,12 +717,21 @@ BdsEntry (
//=0D
// Mark the read-only variables if the Variable Lock protocol exists=0D
//=0D
- Status =3D gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (=
VOID **) &VariableLock);=0D
- DEBUG ((EFI_D_INFO, "[BdsDxe] Locate Variable Lock protocol - %r\n", Sta=
tus));=0D
+ Status =3D gBS->LocateProtocol(&gEdkiiVariablePolicyProtocolGuid, NULL, =
(VOID**)&VariablePolicy);=0D
+ DEBUG((DEBUG_INFO, "[BdsDxe] Locate Variable Policy protocol - %r\n", St=
atus));=0D
if (!EFI_ERROR (Status)) {=0D
for (Index =3D 0; Index < ARRAY_SIZE (mReadOnlyVariables); Index++) {=
=0D
- Status =3D VariableLock->RequestToLock (VariableLock, mReadOnlyVaria=
bles[Index], &gEfiGlobalVariableGuid);=0D
- ASSERT_EFI_ERROR (Status);=0D
+ Status =3D RegisterBasicVariablePolicy(=0D
+ VariablePolicy,=0D
+ &gEfiGlobalVariableGuid,=0D
+ mReadOnlyVariables[Index],=0D
+ VARIABLE_POLICY_NO_MIN_SIZE,=0D
+ VARIABLE_POLICY_NO_MAX_SIZE,=0D
+ VARIABLE_POLICY_NO_MUST_ATTR,=0D
+ VARIABLE_POLICY_NO_CANT_ATTR,=0D
+ VARIABLE_POLICY_TYPE_LOCK_NOW=0D
+ );=0D
+ ASSERT_EFI_ERROR(Status);=0D
}=0D
}=0D
=0D
--=20
2.31.1.windows.1