From: Jian J Wang <jian.j.wang@intel.com>
Date: Thu, 12 Mar 2020 05:44:41 +0000 (+0800)
Subject: SecurityPkg: add null version of VariableKeyLib
X-Git-Tag: edk2-stable202005~280
X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=6e9bd495b38e05ece5f53872df62d66052f29bb6

SecurityPkg: add null version of VariableKeyLib

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

Add null version of VariableKeyLib instance. The full version should be
provided by platforms which supports key generator.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
---

diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
new file mode 100644
index 0000000000..3ddb37cabc
--- /dev/null
+++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
@@ -0,0 +1,67 @@
+/** @file
+  Null version of VariableKeyLib for build purpose. Don't use it in real product.
+
+Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include <Library/DebugLib.h>
+#include <Library/VariableKeyLib.h>
+
+/**
+  Retrieves the key for integrity and/or confidentiality of variables.
+
+  @param[out]     VariableKey         A pointer to pointer for the variable key buffer.
+  @param[in,out]  VariableKeySize     The size in bytes of the variable key.
+
+  @retval       EFI_SUCCESS             The variable key was returned.
+  @retval       EFI_DEVICE_ERROR        An error occurred while attempting to get the variable key.
+  @retval       EFI_ACCESS_DENIED       The function was invoked after locking the key interface.
+  @retval       EFI_UNSUPPORTED         The variable key is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+GetVariableKey (
+      OUT VOID    **VariableKey,
+  IN  OUT UINTN   *VariableKeySize
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Regenerates the variable key.
+
+  @retval       EFI_SUCCESS             The variable key was regenerated successfully.
+  @retval       EFI_DEVICE_ERROR        An error occurred while attempting to regenerate the key.
+  @retval       EFI_ACCESS_DENIED       The function was invoked after locking the key interface.
+  @retval       EFI_UNSUPPORTED         Key regeneration is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+RegenerateVariableKey (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Locks the regenerate key interface.
+
+  @retval       EFI_SUCCESS             The key interface was locked successfully.
+  @retval       EFI_UNSUPPORTED         Locking the key interface is not supported in the current boot configuration.
+  @retval       Others                  An error occurred while attempting to lock the key interface.
+**/
+EFI_STATUS
+EFIAPI
+LockVariableKeyInterface (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
new file mode 100644
index 0000000000..ea74e38cf9
--- /dev/null
+++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
@@ -0,0 +1,33 @@
+## @file
+#  Provides Null version of VariableKeyLib for build only.
+#
+#  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010029
+  BASE_NAME                      = VariableKeyLibNull
+  FILE_GUID                      = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = VariableKeyLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 Arm AArch64
+#
+
+[Sources]
+  VariableKeyLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  DebugLib
+
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 97e0e7ed6e..4b85f77b02 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -64,6 +64,7 @@
   TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLib.inf
   TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLib.inf
   ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
+  VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
   RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
 
 [LibraryClasses.ARM]
@@ -221,6 +222,7 @@
   #
   # Variable Confidentiality & Integrity
   #
+  SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
   SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
 
   #