devel@edk2.groups.io | [PATCH v5 00/19] UEFI variable protection

Home Messages Hashtags Subgroups Calendar

Date Date 1 - 3 of 3

[PATCH v5 00/19] UEFI variable protection

Yao, Jiewen #97172 Hey I notice that there is duplicated code in variable driver (MdeModulePkg/Universal/Variable/Protected/ and MdeModulePkg/Universal/Variable/). That is not the best idea and it adds maintenance burden. I am not sure if the feature is ready for EDKII. Another option is to create ProtectedVariablePkg in https://github.com/tianocore/edk2-platforms/tree/master/Features/Intel, and put code there. It can merge back from edk2-platforms to edk2, after we finalize the Variable driver interface and avoid code duplication. Thank you Yao, Jiewen toggle quoted message Show quoted text -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, Jiewen Sent: Friday, December 9, 2022 4:04 PM To: devel@edk2.groups.io; Vang, Judah <judah.vang@...> Cc: Yao, Jiewen <jiewen.yao@...>; Kinney, Michael D <michael.d.kinney@...>; Wang, Jian J <jian.j.wang@...> Subject: Re: [edk2-devel] [PATCH v5 00/19] UEFI variable protection Hi Since this is a big feature in SecurityPkg and MdeModulePkg, I proposal to add dedicated reviewer(s) to support the maintenance work in EDKII. Something like: =============== MdeModulePkg: Protected Variable F: MdeModulePkg/Universal/Variable/Protected/ F: <Please list all newly added file> R: <Please give the reviewer name> SecurityPkg: Protected Variable F: SecurityPkg/Library/ProtectedVariableLib/ F: <Please list all newly added file> R: <Please give the reviewer name> =============== Please follow the style at https://github.com/tianocore/edk2/blob/master/Maintainers.txt Thank you Yao, Jiewen -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Judah Vang Sent: Sunday, November 6, 2022 3:35 PM To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v5 00/19] UEFI variable protection Patch 07 - Add PEI Variable Protection into a new directory and leave the existing PEI Variable unchanged. Patch 08 - Add RuntimeDxe Variable Protection into a new directory and keep existing Variable for RuntimeDxe unchanged. Patch 09 - Add reference to new Protected Variable libs. Patch 16 - Applied code review comments by adding PEIM to library class Patch 18 - Applied code review comments by removing unused API. Notes: The CryptoPkg changes are now being tracked separately. Patches 21 on is no longer needed due to reorganization of the new protected variable modules. Judah Vang (19): MdePkg: Add reference to new Ppi Guid MdeModulePkg: Update AUTH_VARIABLE_INFO struct MdeModulePkg: Add new ProtectedVariable GUIDs MdeModulePkg: Add new include files MdeModulePkg: Add new GUID for Variable Store Info MdeModulePkg: Add Null ProtectedVariable Library MdeModulePkg: Add new Variable functionality MdeModulePkg: Add support for Protected Variables MdeModulePkg: Reference Null ProtectedVariableLib SecurityPkg: Add new GUIDs for SecurityPkg: Add new KeyService types and defines SecurityPkg: Add new variable types and functions SecurityPkg: Update RPMC APIs with index SecurityPkg: Fix GetVariableKey API SecurityPkg: Add null encryption variable libs SecurityPkg: Add VariableKey library function SecurityPkg: Add EncryptionVariable lib with AES SecurityPkg: Add Protected Variable Services SecurityPkg: Add references to new *.inf files MdeModulePkg/MdeModulePkg.dec \| 13 +- SecurityPkg/SecurityPkg.dec \| 43 +- MdeModulePkg/MdeModulePkg.dsc \| 20 +- MdeModulePkg/Test/MdeModulePkgHostTest.dsc \| 8 + SecurityPkg/SecurityPkg.dsc \| 13 +- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull .inf \| 34 + MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf \| 79 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.inf \| 36 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.inf \| 151 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i nf \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.inf \| 119 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.inf \| 143 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf \| 43 + SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in f \| 34 + SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf \| 64 + SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf \| 68 + SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf \| 67 + SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi b.inf \| 62 + SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf \| 36 + MdeModulePkg/Include/Guid/ProtectedVariable.h \| 22 + MdeModulePkg/Include/Library/AuthVariableLib.h \| 4 +- MdeModulePkg/Include/Library/EncryptionVariableLib.h \| 165 + MdeModulePkg/Include/Library/ProtectedVariableLib.h \| 607 +++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h \| 225 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h \| 309 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h \| 116 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym orphic.h \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h \| 948 +++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.h \| 67 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .h \| 424 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.h \| 51 + MdePkg/Include/Ppi/ReadOnlyVariable2.h \| 4 +- SecurityPkg/Include/Library/RpmcLib.h \| 15 +- SecurityPkg/Include/Library/VariableKeyLib.h \| 37 +- SecurityPkg/Include/Ppi/KeyServicePpi.h \| 57 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h \| 49 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h \| 589 +++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c \| 336 ++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c \| 628 +++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c \| 941 +++++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c \| 307 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c \| 343 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c \| 504 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.c \| 607 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierDxe.c \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierSmm.c \| 26 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe .c \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm m.c \| 569 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c \| 101 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c \| 4037 ++++++++++++++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c \| 670 ++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c \| 417 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe questToLock.c \| 96 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.c \| 537 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .c \| 1110 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS mmDxe.c \| 575 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.c \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c \| 1268 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.c \| 1895 +++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.c \| 89 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi onalMm.c \| 130 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c \| 734 ++++ SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c \| 92 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c \| 2103 ++++++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c \| 163 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c \| 1327 +++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c \| 209 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm on.c \| 967 +++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c \| 233 ++ SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c \| 8 +- SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c \| 59 + SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c \| 8 +- MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni \| 16 + MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.uni \| 22 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxeExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u ni \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx tra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.uni \| 23 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxeExtra.uni \| 14 + 80 files changed, 26556 insertions(+), 48 deletions(-) create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull .inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i nf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in f create mode 100644 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi b.inf create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h create mode 100644 MdeModulePkg/Include/Library/EncryptionVariableLib.h create mode 100644 MdeModulePkg/Include/Library/ProtectedVariableLib.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym orphic.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.h create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe .c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm m.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe questToLock.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS mmDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi onalMm.c create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm on.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxeExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u ni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx tra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxeExtra.uni -- 2.35.1.windows.2
More All Messages By This Member
Yao, Jiewen #97170 Hi Since this is a big feature in SecurityPkg and MdeModulePkg, I proposal to add dedicated reviewer(s) to support the maintenance work in EDKII. Something like: =============== MdeModulePkg: Protected Variable F: MdeModulePkg/Universal/Variable/Protected/ F: <Please list all newly added file> R: <Please give the reviewer name> SecurityPkg: Protected Variable F: SecurityPkg/Library/ProtectedVariableLib/ F: <Please list all newly added file> R: <Please give the reviewer name> =============== Please follow the style at https://github.com/tianocore/edk2/blob/master/Maintainers.txt Thank you Yao, Jiewen toggle quoted message Show quoted text -----Original Message----- From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Judah Vang Sent: Sunday, November 6, 2022 3:35 PM To: devel@edk2.groups.io Subject: [edk2-devel] [PATCH v5 00/19] UEFI variable protection Patch 07 - Add PEI Variable Protection into a new directory and leave the existing PEI Variable unchanged. Patch 08 - Add RuntimeDxe Variable Protection into a new directory and keep existing Variable for RuntimeDxe unchanged. Patch 09 - Add reference to new Protected Variable libs. Patch 16 - Applied code review comments by adding PEIM to library class Patch 18 - Applied code review comments by removing unused API. Notes: The CryptoPkg changes are now being tracked separately. Patches 21 on is no longer needed due to reorganization of the new protected variable modules. Judah Vang (19): MdePkg: Add reference to new Ppi Guid MdeModulePkg: Update AUTH_VARIABLE_INFO struct MdeModulePkg: Add new ProtectedVariable GUIDs MdeModulePkg: Add new include files MdeModulePkg: Add new GUID for Variable Store Info MdeModulePkg: Add Null ProtectedVariable Library MdeModulePkg: Add new Variable functionality MdeModulePkg: Add support for Protected Variables MdeModulePkg: Reference Null ProtectedVariableLib SecurityPkg: Add new GUIDs for SecurityPkg: Add new KeyService types and defines SecurityPkg: Add new variable types and functions SecurityPkg: Update RPMC APIs with index SecurityPkg: Fix GetVariableKey API SecurityPkg: Add null encryption variable libs SecurityPkg: Add VariableKey library function SecurityPkg: Add EncryptionVariable lib with AES SecurityPkg: Add Protected Variable Services SecurityPkg: Add references to new *.inf files MdeModulePkg/MdeModulePkg.dec \| 13 +- SecurityPkg/SecurityPkg.dec \| 43 +- MdeModulePkg/MdeModulePkg.dsc \| 20 +- MdeModulePkg/Test/MdeModulePkgHostTest.dsc \| 8 + SecurityPkg/SecurityPkg.dsc \| 13 +- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull .inf \| 34 + MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf \| 79 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.inf \| 36 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.inf \| 151 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i nf \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.inf \| 119 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.inf \| 143 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf \| 43 + SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in f \| 34 + SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf \| 64 + SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf \| 68 + SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf \| 67 + SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi b.inf \| 62 + SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf \| 36 + MdeModulePkg/Include/Guid/ProtectedVariable.h \| 22 + MdeModulePkg/Include/Library/AuthVariableLib.h \| 4 +- MdeModulePkg/Include/Library/EncryptionVariableLib.h \| 165 + MdeModulePkg/Include/Library/ProtectedVariableLib.h \| 607 +++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h \| 225 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h \| 309 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h \| 116 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym orphic.h \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h \| 948 +++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.h \| 67 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .h \| 424 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.h \| 51 + MdePkg/Include/Ppi/ReadOnlyVariable2.h \| 4 +- SecurityPkg/Include/Library/RpmcLib.h \| 15 +- SecurityPkg/Include/Library/VariableKeyLib.h \| 37 +- SecurityPkg/Include/Ppi/KeyServicePpi.h \| 57 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h \| 49 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h \| 589 +++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c \| 336 ++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c \| 628 +++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c \| 941 +++++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c \| 307 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c \| 343 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c \| 504 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.c \| 607 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierDxe.c \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierSmm.c \| 26 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe .c \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm m.c \| 569 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c \| 101 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c \| 4037 ++++++++++++++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c \| 670 ++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c \| 417 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe questToLock.c \| 96 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.c \| 537 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .c \| 1110 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS mmDxe.c \| 575 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.c \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c \| 1268 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.c \| 1895 +++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.c \| 89 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi onalMm.c \| 130 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c \| 734 ++++ SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c \| 92 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c \| 2103 ++++++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c \| 163 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c \| 1327 +++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c \| 209 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm on.c \| 967 +++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c \| 233 ++ SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c \| 8 +- SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c \| 59 + SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c \| 8 +- MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni \| 16 + MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.uni \| 22 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxeExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u ni \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx tra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.uni \| 23 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxeExtra.uni \| 14 + 80 files changed, 26556 insertions(+), 48 deletions(-) create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull .inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.i nf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.in f create mode 100644 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLi b.inf create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h create mode 100644 MdeModulePkg/Include/Library/EncryptionVariableLib.h create mode 100644 MdeModulePkg/Include/Library/ProtectedVariableLib.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolym orphic.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.h create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUni tTest/VariableLockRequestToLockUnitTest.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBar rierSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe .c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSm m.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRe questToLock.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVol atile.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing .c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicyS mmDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eCache.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandal oneMm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditi onalMm.c create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeComm on.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntim eDxeExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.u ni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmEx tra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmR untimeDxeExtra.uni -- 2.35.1.windows.2
More All Messages By This Member
Judah Vang #95981 Patch 07 - Add PEI Variable Protection into a new directory and leave the existing PEI Variable unchanged. Patch 08 - Add RuntimeDxe Variable Protection into a new directory and keep existing Variable for RuntimeDxe unchanged. Patch 09 - Add reference to new Protected Variable libs. Patch 16 - Applied code review comments by adding PEIM to library class Patch 18 - Applied code review comments by removing unused API. Notes: The CryptoPkg changes are now being tracked separately. Patches 21 on is no longer needed due to reorganization of the new protected variable modules. Judah Vang (19): MdePkg: Add reference to new Ppi Guid MdeModulePkg: Update AUTH_VARIABLE_INFO struct MdeModulePkg: Add new ProtectedVariable GUIDs MdeModulePkg: Add new include files MdeModulePkg: Add new GUID for Variable Store Info MdeModulePkg: Add Null ProtectedVariable Library MdeModulePkg: Add new Variable functionality MdeModulePkg: Add support for Protected Variables MdeModulePkg: Reference Null ProtectedVariableLib SecurityPkg: Add new GUIDs for SecurityPkg: Add new KeyService types and defines SecurityPkg: Add new variable types and functions SecurityPkg: Update RPMC APIs with index SecurityPkg: Fix GetVariableKey API SecurityPkg: Add null encryption variable libs SecurityPkg: Add VariableKey library function SecurityPkg: Add EncryptionVariable lib with AES SecurityPkg: Add Protected Variable Services SecurityPkg: Add references to new *.inf files MdeModulePkg/MdeModulePkg.dec \| 13 +- SecurityPkg/SecurityPkg.dec \| 43 +- MdeModulePkg/MdeModulePkg.dsc \| 20 +- MdeModulePkg/Test/MdeModulePkgHostTest.dsc \| 8 + SecurityPkg/SecurityPkg.dsc \| 13 +- MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf \| 34 + MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf \| 79 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf \| 36 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf \| 151 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf \| 119 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf \| 143 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf \| 43 + SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf \| 34 + SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf \| 64 + SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf \| 68 + SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf \| 67 + SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf \| 62 + SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf \| 36 + MdeModulePkg/Include/Guid/ProtectedVariable.h \| 22 + MdeModulePkg/Include/Library/AuthVariableLib.h \| 4 +- MdeModulePkg/Include/Library/EncryptionVariableLib.h \| 165 + MdeModulePkg/Include/Library/ProtectedVariableLib.h \| 607 +++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h \| 225 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h \| 309 ++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h \| 116 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h \| 948 +++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h \| 67 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h \| 424 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h \| 51 + MdePkg/Include/Ppi/ReadOnlyVariable2.h \| 4 +- SecurityPkg/Include/Library/RpmcLib.h \| 15 +- SecurityPkg/Include/Library/VariableKeyLib.h \| 37 +- SecurityPkg/Include/Ppi/KeyServicePpi.h \| 57 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h \| 49 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h \| 589 +++ MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c \| 336 ++ MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c \| 628 +++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c \| 941 +++++ MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c \| 307 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c \| 343 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c \| 504 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c \| 607 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c \| 26 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c \| 153 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c \| 569 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c \| 101 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c \| 4037 ++++++++++++++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c \| 670 ++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c \| 417 ++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c \| 96 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c \| 537 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c \| 1110 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c \| 575 +++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c \| 158 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c \| 1268 ++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c \| 1895 +++++++++ MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c \| 89 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c \| 130 + SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c \| 734 ++++ SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c \| 92 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c \| 2103 ++++++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c \| 163 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c \| 1327 +++++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c \| 209 + SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c \| 967 +++++ SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c \| 233 ++ SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c \| 8 +- SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c \| 59 + SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c \| 8 +- MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni \| 16 + MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni \| 22 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni \| 27 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni \| 14 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni \| 23 + MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni \| 14 + 80 files changed, 26556 insertions(+), 48 deletions(-) create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariableLibNull.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariablePei.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.inf create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariableLib.inf create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariableLibNull.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/DxeProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/PeiProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/ProtectedVariableLib/SmmRuntimeProtectedVariableLib.inf create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.inf create mode 100644 MdeModulePkg/Include/Guid/ProtectedVariable.h create mode 100644 MdeModulePkg/Include/Library/EncryptionVariableLib.h create mode 100644 MdeModulePkg/Include/Library/ProtectedVariableLib.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/PrivilegePolymorphic.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.h create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.h create mode 100644 SecurityPkg/Include/Ppi/KeyServicePpi.h create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.h create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableInternal.h create mode 100644 MdeModulePkg/Library/ProtectedVariableLibNull/ProtectedVariable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableParsing.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/VariableStore.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Measurement.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Reclaim.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/RuntimeDxeUnitTest/VariableLockRequestToLockUnitTest.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/SpeculationBarrierSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/TcgMorLockSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VarCheck.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/Variable.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableExLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableLockRequestToLock.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableNonVolatile.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableParsing.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariablePolicySmmDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeCache.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableStandaloneMm.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableTraditionalMm.c create mode 100644 SecurityPkg/Library/EncryptionVariableLib/EncryptionVariable.c create mode 100644 SecurityPkg/Library/EncryptionVariableLibNull/EncryptionVariable.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableCommon.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableDxe.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariablePei.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmm.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmDxeCommon.c create mode 100644 SecurityPkg/Library/ProtectedVariableLib/ProtectedVariableSmmRuntime.c create mode 100644 SecurityPkg/Library/VariableKeyLib/VariableKeyLib.c create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariable.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/Pei/PeiVariableExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableRuntimeDxeExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmm.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmExtra.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxe.uni create mode 100644 MdeModulePkg/Universal/Variable/Protected/RuntimeDxe/VariableSmmRuntimeDxeExtra.uni -- 2.35.1.windows.2
More All Messages By This Member

1 - 3 of 3

1

Previous Topic Next Topic

Home Hashtags Subgroups Calendar About Features Pricing Updates Terms Help Twitter