Securitypkg/hddpassword: Update HddPasswordDxeInit to use Variable Policy

author Linus Liu <linus.liu@intel.com>

Mon, 8 May 2023 04:20:51 +0000 (12:20 +0800)

committer mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>

Mon, 8 May 2023 11:39:32 +0000 (11:39 +0000)
author Linus Liu <linus.liu@intel.com>
Mon, 8 May 2023 04:20:51 +0000 (12:20 +0800)
committer mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Mon, 8 May 2023 11:39:32 +0000 (11:39 +0000)
diff --git a/SecurityPkg/HddPassword/HddPasswordDxe.c b/SecurityPkg/HddPassword/HddPasswordDxe.c

index 55dfb25886fc4e8066bf759353ff90c4d5388ac2..6f36b5a0a28bec902c86cae335b6d99d7acf544e 100644 (file)
--- a/SecurityPkg/HddPassword/HddPasswordDxe.c
+++ b/SecurityPkg/HddPassword/HddPasswordDxe.c
@@ -9,6 +9,7 @@
  **/\r
  \r
  #include "HddPasswordDxe.h"\r
+#include <Library/VariablePolicyHelperLib.h>\r
  \r
  EFI_GUID    mHddPasswordVendorGuid          = HDD_PASSWORD_CONFIG_GUID;\r
  CHAR16      mHddPasswordVendorStorageName[] = L"HDD_PASSWORD_CONFIG";\r
@@ -2818,11 +2819,11 @@ HddPasswordDxeInit (
    IN EFI_SYSTEM_TABLE  *SystemTable\r
    )\r
  {\r
-  EFI_STATUS                     Status;\r
-  HDD_PASSWORD_DXE_PRIVATE_DATA  *Private;\r
-  VOID                           *Registration;\r
-  EFI_EVENT                      EndOfDxeEvent;\r
-  EDKII_VARIABLE_LOCK_PROTOCOL   *VariableLock;\r
+  EFI_STATUS                      Status;\r
+  HDD_PASSWORD_DXE_PRIVATE_DATA   *Private;\r
+  VOID                            *Registration;\r
+  EFI_EVENT                       EndOfDxeEvent;\r
+  EDKII_VARIABLE_POLICY_PROTOCOL  *VariablePolicy;\r
  \r
    Private = NULL;\r
  \r
@@ -2858,13 +2859,18 @@ HddPasswordDxeInit (
    //\r
    // Make HDD_PASSWORD_VARIABLE_NAME variable read-only.\r
    //\r
-  Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLock);\r
+  Status = gBS->LocateProtocol (&gEdkiiVariablePolicyProtocolGuid, NULL, (VOID **)&VariablePolicy);\r
    if (!EFI_ERROR (Status)) {\r
-    Status = VariableLock->RequestToLock (\r
-                             VariableLock,\r
-                             HDD_PASSWORD_VARIABLE_NAME,\r
-                             &mHddPasswordVendorGuid\r
-                             );\r
+    Status = RegisterBasicVariablePolicy (\r
+               VariablePolicy,\r
+               &mHddPasswordVendorGuid,\r
+               HDD_PASSWORD_VARIABLE_NAME,\r
+               VARIABLE_POLICY_NO_MIN_SIZE,\r
+               VARIABLE_POLICY_NO_MAX_SIZE,\r
+               VARIABLE_POLICY_NO_MUST_ATTR,\r
+               VARIABLE_POLICY_NO_CANT_ATTR,\r
+               VARIABLE_POLICY_TYPE_LOCK_NOW\r
+               );\r
      DEBUG ((DEBUG_INFO, "%a(): Lock %s variable (%r)\n", __func__, HDD_PASSWORD_VARIABLE_NAME, Status));\r
      ASSERT_EFI_ERROR (Status);\r
    }\r
diff --git a/SecurityPkg/HddPassword/HddPasswordDxe.h b/SecurityPkg/HddPassword/HddPasswordDxe.h

index 231533e737a95ffd63906f5ef8372b83911be353..049a2087944c14ede38974415ff9c158fc95cc45 100644 (file)
--- a/SecurityPkg/HddPassword/HddPasswordDxe.h
+++ b/SecurityPkg/HddPassword/HddPasswordDxe.h
@@ -17,7 +17,6 @@
  #include <Protocol/AtaPassThru.h>\r
  #include <Protocol/PciIo.h>\r
  #include <Protocol/HiiConfigAccess.h>\r
-#include <Protocol/VariableLock.h>\r
  \r
  #include <Guid/MdeModuleHii.h>\r
  #include <Guid/EventGroup.h>\r
diff --git a/SecurityPkg/HddPassword/HddPasswordDxe.inf b/SecurityPkg/HddPassword/HddPasswordDxe.inf

index 06e8755ffcc6601d134c91fcd10ba0e2442fd9e4..2c0ebbcc78cab94e8ae9b5dd7dfcbcbd90a55873 100644 (file)
--- a/SecurityPkg/HddPassword/HddPasswordDxe.inf
+++ b/SecurityPkg/HddPassword/HddPasswordDxe.inf
@@ -50,6 +50,7 @@
    PrintLib\r
    UefiLib\r
    LockBoxLib\r
+  VariablePolicyHelperLib\r
    S3BootScriptLib\r
    PciLib\r
    BaseCryptLib\r
@@ -63,7 +64,7 @@
    gEfiHiiConfigAccessProtocolGuid               ## PRODUCES\r
    gEfiAtaPassThruProtocolGuid                   ## CONSUMES\r
    gEfiPciIoProtocolGuid                         ## CONSUMES\r
-  gEdkiiVariableLockProtocolGuid                ## CONSUMES\r
+  gEdkiiVariablePolicyProtocolGuid              ## CONSUMES\r
  \r
  [Pcd]\r
    gEfiSecurityPkgTokenSpaceGuid.PcdSkipHddPasswordPrompt  ## CONSUMES\r
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc

index 3bad5375c01afe89a582aeab391411ff5f9ff816..3c62205162cee2e13338b9c2e8fdc4f77d954a73 100644 (file)
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -74,6 +74,7 @@
    PlatformPKProtectionLib|SecurityPkg/Library/PlatformPKProtectionLibVarPolicy/PlatformPKProtectionLibVarPolicy.inf\r
    SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf\r
    TdxLib|MdePkg/Library/TdxLib/TdxLib.inf\r
+  VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf\r
  \r
  [LibraryClasses.ARM, LibraryClasses.AARCH64]\r
    #\r
author	Linus Liu <linus.liu@intel.com>
	Mon, 8 May 2023 04:20:51 +0000 (12:20 +0800)
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
	Mon, 8 May 2023 11:39:32 +0000 (11:39 +0000)
SecurityPkg/HddPassword/HddPasswordDxe.c		patch \| blob \| blame \| history
SecurityPkg/HddPassword/HddPasswordDxe.h		patch \| blob \| blame \| history
SecurityPkg/HddPassword/HddPasswordDxe.inf		patch \| blob \| blame \| history
SecurityPkg/SecurityPkg.dsc		patch \| blob \| blame \| history