On Tue, Nov 20, 2018 at 11:00:49PM +0800, Ming Huang wrote:
> On 11/20/2018 10:39 PM, Leif Lindholm wrote:
> > On Tue, Nov 20, 2018 at 10:29:57PM +0800, Ming Huang wrote:
> >>>>> And all Hisilicon platforms still use
> >>>>> AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
> >>>>> regardless of Secure Boot setting.
> >>>>>
> >>>>> So what problem does this patch solve? A runtime one?
> >>>>
> >>>> This patch solve bug in FlashFvbDxe.
> >>>
> >>> Yes, but what bug? What is the symptom? What _specific_ problem goes
> >>> away by adding this patch? That information should have been in the
> >>> original commit message. I have no information available to me as I
> >>> now build -rc1 to suggest that this patch should be included.
> >>
> >> The bug is that gEfiAuthenticatedVariableGuid should be used in
> >> FlashFvbDxe,
> >> not gEfiVariableGuid when enable secure boot.
> >
> > OK, I will ask a third time: what _problem_ does this solve?
> > What is the symptom?
> > When someone uses the buggy firmware, what does not work for them?
> > This information _always_ needs to be in the commit message.
>
> This patch is using with series v1 patch 'Hisilicon/D06: Fix SBBR-SCT AuthVar
> issue'
> to fix the SCT issue:
> RT.SetVariable - Set Invalid Time Base Auth Variable – FAILURE;
> RT.SetVariable - Create one Time Base Auth Variable, the expect return
> status should be EFI_SUCCESS – FAILURE.
OK, but if we don't have authenticated variables (all the way to the
hardware), then this is the correct behaviour? Making the test pass
anyway is not the correct solution.
/
Leif
_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel
