SecurityPkg: add null version of VariableKeyLib

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594 Add null version of VariableKeyLib instance. The full version should be provided by platforms which supports key generator. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Nishant C Mistry <nishant.c.mistry@intel.com> Signed-off-by: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Michael Kubacki <michael.kubacki@microsoft.com>
2020-03-12 13:44:41 +08:00 · 2020-03-12 13:44:41 +08:00 · 6e9bd495b3
parent d21c2cd082
commit 6e9bd495b3
3 changed files with 102 additions and 0 deletions
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
+++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c
@ -0,0 +1,67 @@
+/** @file
+  Null version of VariableKeyLib for build purpose. Don't use it in real product.
+
+Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+#include <Library/DebugLib.h>
+#include <Library/VariableKeyLib.h>
+
+/**
+  Retrieves the key for integrity and/or confidentiality of variables.
+
+  @param[out]     VariableKey         A pointer to pointer for the variable key buffer.
+  @param[in,out]  VariableKeySize     The size in bytes of the variable key.
+
+  @retval       EFI_SUCCESS             The variable key was returned.
+  @retval       EFI_DEVICE_ERROR        An error occurred while attempting to get the variable key.
+  @retval       EFI_ACCESS_DENIED       The function was invoked after locking the key interface.
+  @retval       EFI_UNSUPPORTED         The variable key is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+GetVariableKey (
+      OUT VOID    **VariableKey,
+  IN  OUT UINTN   *VariableKeySize
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Regenerates the variable key.
+
+  @retval       EFI_SUCCESS             The variable key was regenerated successfully.
+  @retval       EFI_DEVICE_ERROR        An error occurred while attempting to regenerate the key.
+  @retval       EFI_ACCESS_DENIED       The function was invoked after locking the key interface.
+  @retval       EFI_UNSUPPORTED         Key regeneration is not supported in the current boot configuration.
+**/
+EFI_STATUS
+EFIAPI
+RegenerateVariableKey (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
+/**
+  Locks the regenerate key interface.
+
+  @retval       EFI_SUCCESS             The key interface was locked successfully.
+  @retval       EFI_UNSUPPORTED         Locking the key interface is not supported in the current boot configuration.
+  @retval       Others                  An error occurred while attempting to lock the key interface.
+**/
+EFI_STATUS
+EFIAPI
+LockVariableKeyInterface (
+  VOID
+  )
+{
+  ASSERT (FALSE);
+  return EFI_UNSUPPORTED;
+}
+
--- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
+++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
@ -0,0 +1,33 @@
+## @file
+#  Provides Null version of VariableKeyLib for build only.
+#
+#  Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010029
+  BASE_NAME                      = VariableKeyLibNull
+  FILE_GUID                      = 2B640ED8-1E6A-4516-9F1D-25910E59BC4A
+  MODULE_TYPE                    = BASE
+  VERSION_STRING                 = 1.0
+  LIBRARY_CLASS                  = VariableKeyLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+#  VALID_ARCHITECTURES           = IA32 X64 Arm AArch64
+#
+
+[Sources]
+  VariableKeyLibNull.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+  BaseLib
+  DebugLib
+
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@ -64,6 +64,7 @@
  TcgStorageCoreLib|SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCoreLib.inf
  TcgStorageOpalLib|SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLib.inf
  ResetSystemLib|MdeModulePkg/Library/BaseResetSystemLibNull/BaseResetSystemLibNull.inf
+  VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
  RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf

 [LibraryClasses.ARM]
@ -221,6 +222,7 @@
  #
  # Variable Confidentiality & Integrity
  #
+  SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
  SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf

  #