From 90dda7823e82d305a3a58dfaac914bb3a1612a2c Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 10:23:16 -0700 Subject: [PATCH 1/7] Fxing up the comment --- .../Include/Library/MfciDeviceIdSupportLib.h | 162 ++++++++---------- MfciPkg/MfciDxe/MfciDxe.c | 21 +++ 2 files changed, 94 insertions(+), 89 deletions(-) diff --git a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h index 899a149d3a..b0b95dc42e 100644 --- a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h +++ b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h @@ -8,48 +8,45 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/ -#ifndef __MFCI_DEVICE_ID_SUPPORT_LIB_H__ -#define __MFCI_DEVICE_ID_SUPPORT_LIB_H__ +#ifndef MFCI_DEVICE_ID_SUPPORT_LIB_H_ +#define MFCI_DEVICE_ID_SUPPORT_LIB_H_ #include -// define a generic function prototype shared by all library functions - /** - * Get a device-unique targeting value - * - * @param[out] String Device targeting value, a UTF-16 little endian string. - * Includes a wide NULL terminator. - * Refer to MfciPkg/Include/MfciVariables.h for more details. - * - * @param[out] StringSize (OPTIONAL) String size in bytes including the wide NULL terminator. - * NULL may be supplied if the size is not requested (it is NULL terminated after all) - * - * It is the callers responsibility to free the String buffer returned using FreePool() - * - * @return EFI_STATUS - * - * @retval EFI_UNSUPPORTED Likely using the NULL library instance - * @retval EFI_SUCCESS Successfully retrieved the string and length - */ - + Function pointer definition to get a device-unique targeting value. + It is the callers responsibility to free the String buffer returned using FreePool(). + + @param[out] String Device targeting value, a UTF-16 little endian string. + Includes a wide NULL terminator. + Refer to MfciPkg/Include/MfciVariables.h for more details. + @param[out] StringSize (OPTIONAL) String size in bytes including the wide NULL terminator. + NULL may be supplied if the size is not requested (it is NULL terminated after all) + + @retval EFI_UNSUPPORTED Likely using the NULL library instance. + @retval EFI_SUCCESS Successfully retrieved the string and length. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the string. + @retval EFI_INVALID_PARAMETER The String is NULL. +**/ typedef EFI_STATUS (EFIAPI *MFCI_DEVICE_ID_FN)( OUT CHAR16 **String, - OUT UINTN *StringSize + OUT UINTN *StringSize OPTIONAL ); /** - * Get the Manufacturer Name - * - * @param[out] Manufacturer - * @param[out] ManufacturerSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns Manufacturer Name of the device and string size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Manufacturer The Manufacturer string to be returned. + @param[out] ManufacturerSize The size of the Manufacturer string. + + @retval EFI_SUCCESS The Manufacturer string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Manufacturer is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the Manufacturer string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetManufacturer ( @@ -58,16 +55,17 @@ MfciIdSupportGetManufacturer ( ); /** - * - * Get the Product Name - * - * @param[out] ProductName - * @param[out] ProductNameSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Product Name string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] ProductName The ProductName string to be returned. + @param[out] ProductNameSize The size of the ProductName string. + + @retval EFI_SUCCESS The ProductName string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The ProductName is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the ProductName string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetProductName ( @@ -76,15 +74,17 @@ MfciIdSupportGetProductName ( ); /** - * Get the SerialNumber - * - * @param[out] SerialNumber - * @param[out] SerialNumberSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the SerialNumber string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] SerialNumber + @param[out] SerialNumberSize + + @retval EFI_SUCCESS The ProductName string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The ProductName is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the ProductName string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetSerialNumber ( @@ -93,15 +93,17 @@ MfciIdSupportGetSerialNumber ( ); /** - * Get OEM1 - * - * @param[out] Oem1 - * @param[out] Oem1Size - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Oem1 string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Oem1 The OEM1 string to be returned. + @param[out] Oem1Size The size of the OEM1 string. + + @retval EFI_SUCCESS The OEM1 string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Oem1 is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the OEM1 string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetOem1 ( @@ -110,15 +112,17 @@ MfciIdSupportGetOem1 ( ); /** - * Get OEM2 - * - * @param[out] Oem2 - * @param[out] Oem2Size - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Oem2 string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Oem2 The OEM2 string to be returned. + @param[out] Oem2Size The size of the OEM2 string. + + @retval EFI_SUCCESS The OEM2 string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Oem2 is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the OEM2 string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetOem2 ( @@ -126,24 +130,4 @@ MfciIdSupportGetOem2 ( OUT UINTN *Oem2Size OPTIONAL ); -/** - * the following helps iterate over the functions and set the corresponding target variable names - */ - -// define a structure that pairs up the function pointer with the UEFI variable name -typedef struct { - MFCI_DEVICE_ID_FN DeviceIdFn; - CHAR16 *DeviceIdVarName; -} MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP; - -// populate the array of structures that pair up the functions with variable names -#define MFCI_TARGET_VAR_COUNT 5 -STATIC CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { - { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, - { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, - { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, - { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, - { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } -}; - -#endif //__MFCI_DEVICE_ID_SUPPORT_LIB_H__ +#endif //MFCI_DEVICE_ID_SUPPORT_LIB_H_ diff --git a/MfciPkg/MfciDxe/MfciDxe.c b/MfciPkg/MfciDxe/MfciDxe.c index cebd8d796a..a3b0b815d4 100644 --- a/MfciPkg/MfciDxe/MfciDxe.c +++ b/MfciPkg/MfciDxe/MfciDxe.c @@ -31,6 +31,27 @@ #include "MfciDxe.h" +/** + * the following helps iterate over the functions and set the corresponding target variable names + */ + +// define a structure that pairs up the function pointer with the UEFI variable name +typedef struct { + MFCI_DEVICE_ID_FN DeviceIdFn; + CHAR16 *DeviceIdVarName; +} MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP; + +// populate the array of structures that pair up the functions with variable names +#define MFCI_TARGET_VAR_COUNT 5 + +STATIC CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { + { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, + { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, + { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, + { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, + { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } +}; + MFCI_POLICY_TYPE mCurrentPolicy; BOOLEAN mVarPolicyRegistered; From 9bb9aaa92bb813206885bcb50c5cfcf602d705c1 Mon Sep 17 00:00:00 2001 From: kuqin12 <42554914+kuqin12@users.noreply.github.com> Date: Fri, 26 Apr 2024 13:21:08 -0700 Subject: [PATCH 2/7] Update MfciPkg/MfciDxe/MfciDxe.c Co-authored-by: Michael Kubacki --- MfciPkg/MfciDxe/MfciDxe.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/MfciPkg/MfciDxe/MfciDxe.c b/MfciPkg/MfciDxe/MfciDxe.c index a3b0b815d4..3b05d72f8c 100644 --- a/MfciPkg/MfciDxe/MfciDxe.c +++ b/MfciPkg/MfciDxe/MfciDxe.c @@ -31,9 +31,9 @@ #include "MfciDxe.h" -/** - * the following helps iterate over the functions and set the corresponding target variable names - */ +// +// The following helps iterate over the functions and set the corresponding target variable names. +// // define a structure that pairs up the function pointer with the UEFI variable name typedef struct { From fc31c0d4dbeaae0f23ccdccdabb97478326d2a9a Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 13:25:17 -0700 Subject: [PATCH 3/7] This should do better? --- .../Include/Library/MfciDeviceIdSupportLib.h | 12 +++++++++++ .../MfciDeviceIdSupportLibNull.c | 2 ++ .../MfciDeviceIdSupportLibSmbios.c | 8 +++++++ MfciPkg/MfciDxe/MfciDxe.c | 21 ------------------- 4 files changed, 22 insertions(+), 21 deletions(-) diff --git a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h index b0b95dc42e..859364120f 100644 --- a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h +++ b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h @@ -130,4 +130,16 @@ MfciIdSupportGetOem2 ( OUT UINTN *Oem2Size OPTIONAL ); +// +// The following helps iterate over the functions and set the corresponding target variable names. +// + +// define a structure that pairs up the function pointer with the UEFI variable name +typedef struct { + MFCI_DEVICE_ID_FN DeviceIdFn; + CHAR16 *DeviceIdVarName; +} MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP; + +extern CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[]; + #endif //MFCI_DEVICE_ID_SUPPORT_LIB_H_ diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c index 55cb0fa7cd..7bb3492166 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c @@ -13,6 +13,8 @@ #include #include +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[]; + /** * Get the Manufacturer Name * diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c index 2f9bda21d7..70def36c84 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c @@ -21,6 +21,14 @@ #define ID_NOT_FOUND "Not Found" +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[] = { + { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, + { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, + { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, + { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, + { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } +}; + // Note: This protocol will guarantee to be met by the Depex and located at the // constructor of this library, thus no null-pointer check in library code flow. EFI_SMBIOS_PROTOCOL *mSmbiosProtocol; diff --git a/MfciPkg/MfciDxe/MfciDxe.c b/MfciPkg/MfciDxe/MfciDxe.c index 3b05d72f8c..cebd8d796a 100644 --- a/MfciPkg/MfciDxe/MfciDxe.c +++ b/MfciPkg/MfciDxe/MfciDxe.c @@ -31,27 +31,6 @@ #include "MfciDxe.h" -// -// The following helps iterate over the functions and set the corresponding target variable names. -// - -// define a structure that pairs up the function pointer with the UEFI variable name -typedef struct { - MFCI_DEVICE_ID_FN DeviceIdFn; - CHAR16 *DeviceIdVarName; -} MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP; - -// populate the array of structures that pair up the functions with variable names -#define MFCI_TARGET_VAR_COUNT 5 - -STATIC CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { - { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, - { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, - { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, - { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, - { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } -}; - MFCI_POLICY_TYPE mCurrentPolicy; BOOLEAN mVarPolicyRegistered; From d6543fbf69b05bb45f24aafc7d6e8b7fefb794cb Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 13:27:08 -0700 Subject: [PATCH 4/7] Now add back the comment --- .../MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c | 1 + 1 file changed, 1 insertion(+) diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c index 70def36c84..0fd6319b96 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c @@ -21,6 +21,7 @@ #define ID_NOT_FOUND "Not Found" +// populate the array of structures that pair up the functions with variable names CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[] = { { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, From 1b7b83ef19ad95e1df541fe6191fe20dc7cf01a1 Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 14:01:29 -0700 Subject: [PATCH 5/7] Fixing the build with more variables --- MfciPkg/Include/Library/MfciDeviceIdSupportLib.h | 5 ++++- .../MfciDeviceIdSupportLibNull.c | 2 +- .../MfciDeviceIdSupportLibSmbios.c | 2 +- MfciPkg/MfciDxe/MfciTargeting.c | 10 ++++++++++ MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf | 1 + MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf | 7 +++++++ MfciPkg/Private/MfciPolicyFields.h | 11 ++--------- 7 files changed, 26 insertions(+), 12 deletions(-) diff --git a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h index 859364120f..4b1d97b895 100644 --- a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h +++ b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h @@ -140,6 +140,9 @@ typedef struct { CHAR16 *DeviceIdVarName; } MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP; -extern CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[]; +// populate the array of structures that pair up the functions with variable names +#define MFCI_TARGET_VAR_COUNT 5 + +extern CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT]; #endif //MFCI_DEVICE_ID_SUPPORT_LIB_H_ diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c index 7bb3492166..1e3c4c5b16 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c @@ -13,7 +13,7 @@ #include #include -CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[]; +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { 0 }; /** * Get the Manufacturer Name diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c index 0fd6319b96..cff1ce67b1 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c @@ -22,7 +22,7 @@ #define ID_NOT_FOUND "Not Found" // populate the array of structures that pair up the functions with variable names -CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[] = { +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, diff --git a/MfciPkg/MfciDxe/MfciTargeting.c b/MfciPkg/MfciDxe/MfciTargeting.c index bef28b1f75..b2618f029d 100644 --- a/MfciPkg/MfciDxe/MfciTargeting.c +++ b/MfciPkg/MfciDxe/MfciTargeting.c @@ -21,6 +21,16 @@ #include "MfciDxe.h" +CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { + MFCI_MANUFACTURER_VARIABLE_NAME, + MFCI_PRODUCT_VARIABLE_NAME, + MFCI_SERIALNUMBER_VARIABLE_NAME, + MFCI_OEM_01_VARIABLE_NAME, + MFCI_OEM_02_VARIABLE_NAME + // the platform has 2 nonce variables, one for verifying the current policy, another for verifying a next policy + // this complexity is handled elsewhere +}; + STATIC EFI_STATUS GetOemField ( diff --git a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf index b76095aa1d..804f5f3282 100644 --- a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf +++ b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf @@ -20,6 +20,7 @@ [Sources] MfciMultipleCertsHostTest.c ../MfciDxe.c + ../MfciTargeting.c [Packages] MdePkg/MdePkg.dec diff --git a/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf b/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf index 722b900db2..73ca084e1b 100644 --- a/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf +++ b/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf @@ -18,12 +18,15 @@ [Sources] MfciTargetingHostTest.c + ../MfciDxe.c ../MfciTargeting.c ../../Private/Library/MfciPolicyParsingLib/MfciPolicyParsingLib.c [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec + MsCorePkg/MsCorePkg.dec + PcBdsPkg/PcBdsPkg.dec MfciPkg/MfciPkg.dec CryptoPkg/CryptoPkg.dec UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec @@ -50,3 +53,7 @@ [Guids] gMfciVendorGuid ## CONSUMES + gMuVarPolicyDxePhaseGuid ## CONSUMES + gMuVarPolicyWriteOnceStateVarGuid ## CONSUMES + gMfciPolicyChangeResetGuid ## CONSUMES + gMsStartOfBdsNotifyGuid ## CONSUMES diff --git a/MfciPkg/Private/MfciPolicyFields.h b/MfciPkg/Private/MfciPolicyFields.h index f2f2d1018b..deba381296 100644 --- a/MfciPkg/Private/MfciPolicyFields.h +++ b/MfciPkg/Private/MfciPolicyFields.h @@ -60,14 +60,7 @@ STATIC CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_F A helper that maps static MFCI Policy targeting fields to their corresponding UEFI variable names **/ #define TARGET_POLICY_COUNT 5 -STATIC CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { - MFCI_MANUFACTURER_VARIABLE_NAME, - MFCI_PRODUCT_VARIABLE_NAME, - MFCI_SERIALNUMBER_VARIABLE_NAME, - MFCI_OEM_01_VARIABLE_NAME, - MFCI_OEM_02_VARIABLE_NAME - // the platform has 2 nonce variables, one for verifying the current policy, another for verifying a next policy - // this complexity is handled elsewhere -}; + +extern CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH]; #endif //__MFCI_POLICY_FIELDS_H__ From b7f481c2a2d8f398422a909df1e0f7b12f35691f Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 14:13:42 -0700 Subject: [PATCH 6/7] Revert some junk changes --- MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c | 2 ++ MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf | 1 - MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf | 7 ------- MfciPkg/UnitTests/MfciPkgHostTest.dsc | 2 +- 4 files changed, 3 insertions(+), 9 deletions(-) diff --git a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c index 7e9c53170b..4ffa756ca5 100644 --- a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c +++ b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c @@ -45,6 +45,8 @@ #define UNIT_TEST_NAME "Mfci Multiple Certificates Host Test" #define UNIT_TEST_VERSION "0.1" +CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { 0 }; + BOOLEAN EFIAPI GetRandomNumber64 ( diff --git a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf index 804f5f3282..b76095aa1d 100644 --- a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf +++ b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.inf @@ -20,7 +20,6 @@ [Sources] MfciMultipleCertsHostTest.c ../MfciDxe.c - ../MfciTargeting.c [Packages] MdePkg/MdePkg.dec diff --git a/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf b/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf index 73ca084e1b..722b900db2 100644 --- a/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf +++ b/MfciPkg/MfciDxe/Test/MfciTargetingHostTest.inf @@ -18,15 +18,12 @@ [Sources] MfciTargetingHostTest.c - ../MfciDxe.c ../MfciTargeting.c ../../Private/Library/MfciPolicyParsingLib/MfciPolicyParsingLib.c [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec - MsCorePkg/MsCorePkg.dec - PcBdsPkg/PcBdsPkg.dec MfciPkg/MfciPkg.dec CryptoPkg/CryptoPkg.dec UnitTestFrameworkPkg/UnitTestFrameworkPkg.dec @@ -53,7 +50,3 @@ [Guids] gMfciVendorGuid ## CONSUMES - gMuVarPolicyDxePhaseGuid ## CONSUMES - gMuVarPolicyWriteOnceStateVarGuid ## CONSUMES - gMfciPolicyChangeResetGuid ## CONSUMES - gMsStartOfBdsNotifyGuid ## CONSUMES diff --git a/MfciPkg/UnitTests/MfciPkgHostTest.dsc b/MfciPkg/UnitTests/MfciPkgHostTest.dsc index 79dad3acba..bbcf53761d 100644 --- a/MfciPkg/UnitTests/MfciPkgHostTest.dsc +++ b/MfciPkg/UnitTests/MfciPkgHostTest.dsc @@ -49,7 +49,7 @@ [LibraryClasses] MfciPolicyParsingLib|MfciPkg/Private/Library/MfciPolicyParsingLibNull/MfciPolicyParsingLibNull.inf - MfciDeviceIdSupportLib|MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.inf + MfciDeviceIdSupportLib|MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf From 04ae0ce7ee697616aff25cce4501e91c6fd10a42 Mon Sep 17 00:00:00 2001 From: Kun Qin Date: Fri, 26 Apr 2024 14:31:03 -0700 Subject: [PATCH 7/7] Fixed the rogues? --- MfciPkg/MfciDxe/MfciTargeting.c | 13 +++++++++++++ MfciPkg/Private/MfciPolicyFields.h | 10 +--------- .../MfciPolicyParsingUnitTestApp.inf | 4 ++++ 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/MfciPkg/MfciDxe/MfciTargeting.c b/MfciPkg/MfciDxe/MfciTargeting.c index b2618f029d..95082e6d41 100644 --- a/MfciPkg/MfciDxe/MfciTargeting.c +++ b/MfciPkg/MfciDxe/MfciTargeting.c @@ -21,6 +21,19 @@ #include "MfciDxe.h" +/** + The strings of the names in the MFCI Policy name/value pairs +**/ +CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN] = { + L"Target\\Manufacturer", + L"Target\\Product", + L"Target\\SerialNumber", + L"Target\\OEM_01", + L"Target\\OEM_02", + L"Target\\Nonce", // this is nonce targeted by the binary policy blob + L"UEFI\\Policy" +}; + CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { MFCI_MANUFACTURER_VARIABLE_NAME, MFCI_PRODUCT_VARIABLE_NAME, diff --git a/MfciPkg/Private/MfciPolicyFields.h b/MfciPkg/Private/MfciPolicyFields.h index deba381296..07b4e237fe 100644 --- a/MfciPkg/Private/MfciPolicyFields.h +++ b/MfciPkg/Private/MfciPolicyFields.h @@ -46,15 +46,7 @@ typedef enum { /** The strings of the names in the MFCI Policy name/value pairs **/ -STATIC CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN] = { - L"Target\\Manufacturer", - L"Target\\Product", - L"Target\\SerialNumber", - L"Target\\OEM_01", - L"Target\\OEM_02", - L"Target\\Nonce", // this is nonce targeted by the binary policy blob - L"UEFI\\Policy" -}; +extern CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN]; /** A helper that maps static MFCI Policy targeting fields to their corresponding UEFI variable names diff --git a/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf b/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf index 9e0bf7dfd8..b467a392ae 100644 --- a/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf +++ b/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf @@ -21,12 +21,16 @@ [Sources] MfciPolicyParsingUnitTestApp.c + ../../MfciDxe/MfciTargeting.c [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec MfciPkg/MfciPkg.dec +[Guids] + gMfciVendorGuid ## CONSUMES + [Pcd] gMfciPkgTokenSpaceGuid.PcdMfciPkcs7CertBufferXdr ## CONSUMES gMfciPkgTokenSpaceGuid.PcdMfciPkcs7RequiredLeafEKU ## CONSUMES