On Tue, Nov 20, 2018 at 11:00:49PM +0800, Ming Huang wrote:
On 11/20/2018 10:39 PM, Leif Lindholm wrote:
On Tue, Nov 20, 2018 at 10:29:57PM +0800, Ming Huang wrote:
And all Hisilicon platforms still use AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf regardless of Secure Boot setting.
So what problem does this patch solve? A runtime one?
This patch solve bug in FlashFvbDxe.
Yes, but what bug? What is the symptom? What _specific_ problem goes away by adding this patch? That information should have been in the original commit message. I have no information available to me as I now build -rc1 to suggest that this patch should be included.
The bug is that gEfiAuthenticatedVariableGuid should be used in FlashFvbDxe, not gEfiVariableGuid when enable secure boot.
OK, I will ask a third time: what _problem_ does this solve? What is the symptom? When someone uses the buggy firmware, what does not work for them? This information _always_ needs to be in the commit message.
This patch is using with series v1 patch 'Hisilicon/D06: Fix SBBR-SCT AuthVar issue' to fix the SCT issue: RT.SetVariable - Set Invalid Time Base Auth Variable – FAILURE; RT.SetVariable - Create one Time Base Auth Variable, the expect return status should be EFI_SUCCESS – FAILURE.
OK, but if we don't have authenticated variables (all the way to the hardware), then this is the correct behaviour? Making the test pass anyway is not the correct solution.
/ Leif