Hi Min M, I tested it with Ovmf. I will try other compiler and provide you logs soon.
thanks, greg pt., 4 cze 2021 o 10:17 Xu, Min M <min.m...@intel.com> napisaĆ(a): > > Grzegorz > Have you built this feature with different tool chains, such as > VS2017/VS2019/GCC5? And test it in IA32/X64/AARCH64? > Would you post your test result in the mail? > Thanks much! > > > -----Original Message----- > > From: Grzegorz Bernacki <g...@semihalf.com> > > Sent: Tuesday, June 1, 2021 9:12 PM > > To: devel@edk2.groups.io > > Cc: l...@nuviainc.com; ardb+tianoc...@kernel.org; Samer.El-Haj- > > mahm...@arm.com; sunny.w...@arm.com; m...@semihalf.com; > > upstr...@semihalf.com; Yao, Jiewen <jiewen....@intel.com>; Wang, Jian J > > <jian.j.w...@intel.com>; Xu, Min M <min.m...@intel.com>; > > ler...@redhat.com; Grzegorz Bernacki <g...@semihalf.com> > > Subject: [PATCH v2 0/6] Secure Boot default keys > > > > This patchset adds support for initialization of default Secure Boot > > variables > > based on keys content embedded in flash binary. This feature is active only > > if > > Secure Boot is enabled and DEFAULT_KEY is defined. The patchset consist > > also application to enroll keys from default variables and secure boot menu > > change to allow user to reset key content to default values. > > Discussion on design can be found at: > > https://edk2.groups.io/g/rfc/topic/82139806#600 > > > > I also added patch for RPi4 which enables this feature for that platform. > > > > Changes since v1: > > - change names: > > SecBootVariableLib => SecureBootVariableLib > > SecBootDefaultKeysDxe => SecureBootDefaultKeysDxe > > SecEnrollDefaultKeysApp => EnrollFromDefaultKeysApp > > - change name of function CheckSetupMode to GetSetupMode > > - remove ShellPkg dependecy from EnrollFromDefaultKeysApp > > - rebase to master > > > > Grzegorz Bernacki (6): > > [edk2] > > SecurityPkg: Create library for setting Secure Boot variables. > > SecurityPkg: Create include file for default key content. > > SecurityPkg: Add SecureBootDefaultKeysDxe driver > > SecurityPkg: Add EnrollFromDefaultKeys application. > > SecurityPkg: Add new modules to Security package. > > SecurityPkg: Add option to reset secure boot keys. > > [edk2-platform] > > Platform/RaspberryPi: Enable default Secure Boot variables initialization > > > > SecurityPkg/SecurityPkg.dec > > | 14 + > > SecurityPkg/SecurityPkg.dsc > > | 5 + > > SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf > > | 47 + > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf > > | 79 ++ > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > Dxe.inf | 2 + > > > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.inf | 46 + > > SecurityPkg/Include/Library/SecureBootVariableLib.h > > | > > 252 +++++ > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > > NvData.h | 2 + > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig. > > vfr | 6 + > > SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c > > | 107 +++ > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c > > | 979 ++++++++++++++++++++ > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI > > mpl.c | 343 ++++--- > > > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.c | 69 ++ > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni > > | 16 + > > SecurityPkg/SecureBootDefaultKeys.fdf.inc > > | 62 ++ > > > > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigS > > trings.uni | 4 + > > > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.uni | 17 + > > 17 files changed, 1862 insertions(+), 188 deletions(-) create mode 100644 > > SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.inf > > create mode 100644 > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf > > create mode 100644 > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.inf > > create mode 100644 SecurityPkg/Include/Library/SecureBootVariableLib.h > > create mode 100644 > > SecurityPkg/EnrollFromDefaultKeysApp/EnrollFromDefaultKeysApp.c > > create mode 100644 > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c > > create mode 100644 > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.c > > create mode 100644 > > SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.uni > > create mode 100644 SecurityPkg/SecureBootDefaultKeys.fdf.inc > > create mode 100644 > > SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootD > > efaultKeysDxe.uni > > > > -- > > 2.25.1 > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#76114): https://edk2.groups.io/g/devel/message/76114 Mute This Topic: https://groups.io/mt/83232291/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
