From: Jiewen Yao <jiewen.yao@intel.com>
To: edk2-devel@lists.01.org
Cc: Michael D Kinney <michael.d.kinney@intel.com>,
Kelly Steele <kelly.steele@intel.com>,
Eric Dong <eric.dong@intel.com>, Ruiyu Ni <ruiyu.ni@intel.com>,
Feng Tian <feng.tian@intel.com>, Star Zeng <star.zeng@intel.com>,
Liming Gao <liming.gao@intel.com>
Subject: [PATCH 3/4] QuarkPlatformPkg/Bds: Produce PcdTestKeyUsed.
Date: Sun, 9 Oct 2016 19:58:32 +0800 [thread overview]
Message-ID: <1476014313-11992-4-git-send-email-jiewen.yao@intel.com> (raw)
In-Reply-To: <1476014313-11992-1-git-send-email-jiewen.yao@intel.com>
Update BDS to produce PcdTestKeyUsed to indicate if there is any
test key used in current BIOS, such as recovery key,
or capsule update key.
Then the generic UI may consume this PCD to show warning information.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Kelly Steele <kelly.steele@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 11 +++++++++++
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 5 +++++
QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 +
3 files changed, 17 insertions(+)
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
index 77c1efc..6fccf8d 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c
@@ -344,6 +344,7 @@ PlatformBootManagerAfterConsole (
ESRT_MANAGEMENT_PROTOCOL *EsrtManagement;
VOID *Buffer;
UINTN Size;
+ UINT64 TestKeyUsed;
Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtManagement);
if (EFI_ERROR(Status)) {
@@ -416,10 +417,15 @@ PlatformBootManagerAfterConsole (
&Size
);
if (!EFI_ERROR(Status)) {
+ TestKeyUsed = PcdGet64(PcdTestKeyUsed);
if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) &&
(CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) {
Print(L"WARNING: Recovery Test Key is used.\n");
+ TestKeyUsed |= TEST_KEY_USED_RECOVERY;
+ } else {
+ TestKeyUsed |= NO_TEST_KEY_USED_RECOVERY;
}
+ PcdSet64S(PcdTestKeyUsed, TestKeyUsed);
FreePool(Buffer);
}
Status = GetSectionFromAnyFv(
@@ -430,10 +436,15 @@ PlatformBootManagerAfterConsole (
&Size
);
if (!EFI_ERROR(Status)) {
+ TestKeyUsed = PcdGet64(PcdTestKeyUsed);
if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) &&
(CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) {
Print(L"WARNING: Capsule Test Key is used.\n");
+ TestKeyUsed |= TEST_KEY_USED_FIRMWARE_UPDATE;
+ } else {
+ TestKeyUsed |= NO_TEST_KEY_USED_FIRMWARE_UPDATE;
}
+ PcdSet64S(PcdTestKeyUsed, TestKeyUsed);
FreePool(Buffer);
}
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
index 395f78b..7fffe77 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h
@@ -41,6 +41,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/CapsuleLib.h>
#include <Library/DxeServicesLib.h>
+#define TEST_KEY_USED_RECOVERY (BIT0 + BIT32)
+#define TEST_KEY_USED_FIRMWARE_UPDATE (BIT1 + BIT33)
+#define NO_TEST_KEY_USED_RECOVERY (BIT32)
+#define NO_TEST_KEY_USED_FIRMWARE_UPDATE (BIT33)
+
typedef struct {
EFI_DEVICE_PATH_PROTOCOL *DevicePath;
UINTN ConnectType;
diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index 09a01d3..eadf1fe 100644
--- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -82,4 +82,5 @@
gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer
gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer
+ gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed
--
2.7.4.windows.1
next prev parent reply other threads:[~2016-10-09 11:58 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-09 11:58 [PATCH 0/4] Show test key info on front page Jiewen Yao
2016-10-09 11:58 ` [PATCH 1/4] MdeModulePkg/dec: Add PcdTestKeyUsed PCD Jiewen Yao
2016-10-09 11:58 ` [PATCH 2/4] MdeModulePkg/UiApp: Show test key warning info in FrontPage Jiewen Yao
2016-10-10 1:28 ` Dong, Eric
2016-10-10 3:49 ` Yao, Jiewen
2016-10-09 11:58 ` Jiewen Yao [this message]
2016-10-09 11:58 ` [PATCH 4/4] Vlv2TbleDevicePkg/Bds: Produce PcdTestKeyUsed Jiewen Yao
2016-10-10 1:19 ` Wei, David
2016-10-09 17:25 ` [PATCH 0/4] Show test key info on front page Kinney, Michael D
2016-10-10 3:43 ` Yao, Jiewen
2016-10-10 2:14 ` Gao, Liming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1476014313-11992-4-git-send-email-jiewen.yao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox