Branch: refs/heads/master
Home: https://github.com/tianocore/edk2
Commit: d92eaabefbe0667bdd15c28c8e1fcd92a12fa97c
https://github.com/tianocore/edk2/commit/d92eaabefbe0667bdd15c28c8e1fcd92a12fa97c
Author: Laszlo Ersek <[email protected]>
Date: 2016-02-15 (Mon, 15 Feb 2016)
Changed paths:
M OvmfPkg/VarStore.fdf.inc
Log Message:
-----------
OvmfPkg: simplify VARIABLE_STORE_HEADER generation
Before the merger of the authenticated and non-authenticated variable
drivers (commit fa0737a839d0), we had to match the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc" to SECURE_BOOT_ENABLE, because the opposite
GUID would cause either driver to fail an assertion. The header structures
for individual variables residing in the varstore were different
(VARIABLE_HEADER vs. AUTHENTICATED_VARIABLE_HEADER), and each driver could
only handle its own, so this GUID enforcement was necessary.
Since the unification of the variable driver however, it treats (a)
variable store format, and (b) AuthVariableLib instance as independent
characteristics; it can always manipulate variable stores with both header
types. All variations boot now; the difference is whether authenticated
variables, and special variables computed from them (like SecureBoot) are
supported at runtime:
variable store non-auth auth and SB
header GUID AuthVariableLib variables variables
-- --------------------- ------------------- -> --------- -----------
1 Variable SecurityPkg/... supported unsupported
2 Variable AuthVariableLibNull supported unsupported
3 AuthenticatedVariable SecurityPkg/... supported supported
4 AuthenticatedVariable AuthVariableLibNull supported unsupported
At the moment, SECURE_BOOT_ENABLE selects between cases #2 (FALSE) and #3
(TRUE). That is, it controls both the varstore header GUID in
"OvmfPkg/VarStore.fdf.inc", and the AuthVariableLib resolution in the DSC
files.
Exploiting the unified driver's flexibility, we can simplify
"OvmfPkg/VarStore.fdf.inc" by picking the AuthenticatedVariable GUID as a
constant, and letting SECURE_BOOT_ENABLE control only the AuthVariableLib
resolution. This amounts to SECURE_BOOT_ENABLE choosing between cases #3
(TRUE) and #4 (FALSE), with identical results as before.
Cc: Jordan Justen <[email protected]>
Cc: Star Zeng <[email protected]>
Ref: http://thread.gmane.org/gmane.comp.bios.edk2.devel/7319/focus=7344
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Laszlo Ersek <[email protected]>
Reviewed-by: Jordan Justen <[email protected]>
Reviewed-by: Star Zeng <[email protected]>
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=272487151&iu=/4140
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
