From 2f6f3329add328103cb0654b71d7b814dc0c9759 Mon Sep 17 00:00:00 2001 From: Yang Jie Date: Tue, 19 Oct 2021 11:11:04 +0800 Subject: FmpDevicePkg/FmpDxe: Use new Variable Lock interface REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3655 The code in FmpDevicePkg call the deprecated interface VariableLockRequestToLockc. So I changed the code in FmpDevicePkg using RegisterBasicVariablePolicy, instead of the deprecated interface. Signed-off-by: Yang Jie Cc: Liming Gao Cc: Michael D Kinney Cc: Guomin Jiang Cc: Wei6 Xu Reviewed-by: Liming Gao Reviewed-by: Wei6 Xu --- FmpDevicePkg/FmpDxe/FmpDxe.h | 4 +- FmpDevicePkg/FmpDxe/FmpDxe.inf | 5 ++- FmpDevicePkg/FmpDxe/VariableSupport.c | 69 +++++++++++++++++------------------ 3 files changed, 38 insertions(+), 40 deletions(-) (limited to 'FmpDevicePkg/FmpDxe') diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.h b/FmpDevicePkg/FmpDxe/FmpDxe.h index 1177b1828e..4d94a925b6 100644 --- a/FmpDevicePkg/FmpDxe/FmpDxe.h +++ b/FmpDevicePkg/FmpDxe/FmpDxe.h @@ -4,7 +4,7 @@ information provided through PCDs and libraries. Copyright (c) Microsoft Corporation.
- Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.
+ Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -33,11 +33,11 @@ #include #include #include -#include #include #include #include #include +#include #define VERSION_STRING_NOT_SUPPORTED L"VERSION STRING NOT SUPPORTED" #define VERSION_STRING_NOT_AVAILABLE L"VERSION STRING NOT AVAILABLE" diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf b/FmpDevicePkg/FmpDxe/FmpDxe.inf index eeb904a091..1c296388b0 100644 --- a/FmpDevicePkg/FmpDxe/FmpDxe.inf +++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf @@ -4,7 +4,7 @@ # information provided through PCDs and libraries. # # Copyright (c) 2016, Microsoft Corporation. All rights reserved.
-# Copyright (c) 2018 - 2020, Intel Corporation. All rights reserved.
+# Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.
# # SPDX-License-Identifier: BSD-2-Clause-Patent ## @@ -55,14 +55,15 @@ FmpDependencyLib FmpDependencyCheckLib FmpDependencyDeviceLib + VariablePolicyHelperLib [Guids] gEfiEndOfDxeEventGroupGuid [Protocols] - gEdkiiVariableLockProtocolGuid ## CONSUMES gEfiFirmwareManagementProtocolGuid ## PRODUCES gEdkiiFirmwareManagementProgressProtocolGuid ## PRODUCES + gEdkiiVariablePolicyProtocolGuid ## CONSUMES [Pcd] gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceStorageAccessEnable ## CONSUMES diff --git a/FmpDevicePkg/FmpDxe/VariableSupport.c b/FmpDevicePkg/FmpDxe/VariableSupport.c index 86dd5b203b..c4b72a2ff9 100644 --- a/FmpDevicePkg/FmpDxe/VariableSupport.c +++ b/FmpDevicePkg/FmpDxe/VariableSupport.c @@ -3,7 +3,7 @@ firmware updates. Copyright (c) 2016, Microsoft Corporation. All rights reserved.
- Copyright (c) 2018 - 2019, Intel Corporation. All rights reserved.
+ Copyright (c) 2018 - 2021, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -729,29 +729,30 @@ SetLastAttemptVersionInVariable ( static EFI_STATUS LockFmpVariable ( - IN EFI_STATUS PreviousStatus, - IN EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock, - IN CHAR16 *VariableName + IN EFI_STATUS PreviousStatus, + IN EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy, + IN CHAR16 *VariableName ) { EFI_STATUS Status; - Status = VariableLock->RequestToLock ( - VariableLock, - VariableName, - &gEfiCallerIdGuid - ); - if (!EFI_ERROR (Status)) { - return PreviousStatus; + // If success, go ahead and set the policies to protect the target variables. + Status = RegisterBasicVariablePolicy (VariablePolicy, + &gEfiCallerIdGuid, + VariableName, + VARIABLE_POLICY_NO_MIN_SIZE, + VARIABLE_POLICY_NO_MAX_SIZE, + VARIABLE_POLICY_NO_MUST_ATTR, + VARIABLE_POLICY_NO_CANT_ATTR, + VARIABLE_POLICY_TYPE_LOCK_NOW); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s. Status = %r\n", + mImageIdName, + &gEfiCallerIdGuid, + VariableName, + Status + )); } - - DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to lock variable %g %s. Status = %r\n", - mImageIdName, - &gEfiCallerIdGuid, - VariableName, - Status - )); - if (EFI_ERROR (PreviousStatus)) { return PreviousStatus; } @@ -773,26 +774,22 @@ LockAllFmpVariables ( FIRMWARE_MANAGEMENT_PRIVATE_DATA *Private ) { - EFI_STATUS Status; - EDKII_VARIABLE_LOCK_PROTOCOL *VariableLock; - - VariableLock = NULL; - Status = gBS->LocateProtocol ( - &gEdkiiVariableLockProtocolGuid, - NULL, - (VOID **)&VariableLock - ); - if (EFI_ERROR (Status) || VariableLock == NULL) { - DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Failed to locate Variable Lock Protocol (%r).\n", mImageIdName, Status)); - return EFI_UNSUPPORTED; + EFI_STATUS Status; + EDKII_VARIABLE_POLICY_PROTOCOL *VariablePolicy; + + // Locate the VariablePolicy protocol. + Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID**)&VariablePolicy ); + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "FmpDxe %a - Could not locate VariablePolicy protocol! %r\n", __FUNCTION__, Status)); + return Status; } Status = EFI_SUCCESS; - Status = LockFmpVariable (Status, VariableLock, Private->VersionVariableName); - Status = LockFmpVariable (Status, VariableLock, Private->LsvVariableName); - Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptStatusVariableName); - Status = LockFmpVariable (Status, VariableLock, Private->LastAttemptVersionVariableName); - Status = LockFmpVariable (Status, VariableLock, Private->FmpStateVariableName); + Status = LockFmpVariable (Status, VariablePolicy, Private->VersionVariableName); + Status = LockFmpVariable (Status, VariablePolicy, Private->LsvVariableName); + Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptStatusVariableName); + Status = LockFmpVariable (Status, VariablePolicy, Private->LastAttemptVersionVariableName); + Status = LockFmpVariable (Status, VariablePolicy, Private->FmpStateVariableName); return Status; } -- cgit v1.2.3