microsoft / mu_feature_config

Project Mu - Feature Repo - UEFI User Config and Management Support
https://microsoft.github.io/mu/
Other
21 stars 28 forks source link

Support xml hash check #421

Closed kanechen66 closed 2 days ago

kanechen66 commented 2 weeks ago

Description

Currently, there is no version check btwn loaded xml and bios. To prevent user loading the wrong xml for BIOS running on SUT. This PR makes the below changes.

  1. Calc all xml node hash during bios build and put the hash/guid/var_name in generated header.

  2. BIOS can uses this guid and hash saves to a varialbe call

  3. When configeditor loads an xml file, it calc the hash of loaded xml file and tries to find the xml hash from bios variable and then compare the hash.

  4. if the hash in bios and loaded xml is different, it will show a warning message to user image

For details on how to complete these options and their meaning refer to CONTRIBUTING.md.

How This Was Tested

Tested on BIOS with variable contains hash and make sure the warning msg will pop upt when the hash is different

Integration Instructions

To have warning msg for hash mismatch, platform BIOS include SetupDataPkg/SetupDataDxe/SchemaXmlHashDriver/SchemaXmlHash.inf so that it will set variable with xml hash

os-d commented 2 weeks ago

@kanechen66 thanks for putting up this PR. I think this should be both marked as impacting functionality (this is a new feature) and a breaking change (a config blob that previously could be written to a system now cannot be)

kanechen66 commented 2 weeks ago

looks like the pipeline won't gen ConfigProfilesGenerated.h include the hash and variable name/guid so the pipeline fails.

Will need to find another way to fix this. any suggestion is welcome:) thank you https://github.com/microsoft/mu_feature_config/actions/runs/11816021825/job/32918447961?pr=421#step:24:29 image