From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 2E4691A1E47 for ; Sun, 9 Oct 2016 04:58:50 -0700 (PDT) Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by orsmga101.jf.intel.com with ESMTP; 09 Oct 2016 04:58:50 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,466,1473145200"; d="scan'208";a="17748819" Received: from jyao1-mobl.ccr.corp.intel.com ([10.254.214.127]) by fmsmga005.fm.intel.com with ESMTP; 09 Oct 2016 04:58:47 -0700 From: Jiewen Yao To: edk2-devel@lists.01.org Cc: Michael D Kinney , Kelly Steele , Eric Dong , Ruiyu Ni , Feng Tian , Star Zeng , Liming Gao Date: Sun, 9 Oct 2016 19:58:32 +0800 Message-Id: <1476014313-11992-4-git-send-email-jiewen.yao@intel.com> X-Mailer: git-send-email 2.7.4.windows.1 In-Reply-To: <1476014313-11992-1-git-send-email-jiewen.yao@intel.com> References: <1476014313-11992-1-git-send-email-jiewen.yao@intel.com> Subject: [PATCH 3/4] QuarkPlatformPkg/Bds: Produce PcdTestKeyUsed. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 09 Oct 2016 11:58:50 -0000 Update BDS to produce PcdTestKeyUsed to indicate if there is any test key used in current BIOS, such as recovery key, or capsule update key. Then the generic UI may consume this PCD to show warning information. Cc: Michael D Kinney Cc: Kelly Steele Cc: Eric Dong Cc: Ruiyu Ni Cc: Feng Tian Cc: Star Zeng Cc: Liming Gao Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiewen Yao --- QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c | 11 +++++++++++ QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h | 5 +++++ QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf | 1 + 3 files changed, 17 insertions(+) diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c index 77c1efc..6fccf8d 100644 --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.c @@ -344,6 +344,7 @@ PlatformBootManagerAfterConsole ( ESRT_MANAGEMENT_PROTOCOL *EsrtManagement; VOID *Buffer; UINTN Size; + UINT64 TestKeyUsed; Status = gBS->LocateProtocol(&gEsrtManagementProtocolGuid, NULL, (VOID **)&EsrtManagement); if (EFI_ERROR(Status)) { @@ -416,10 +417,15 @@ PlatformBootManagerAfterConsole ( &Size ); if (!EFI_ERROR(Status)) { + TestKeyUsed = PcdGet64(PcdTestKeyUsed); if ((Size == PcdGetSize(PcdRsa2048Sha256PublicKeyBuffer)) && (CompareMem(Buffer, PcdGetPtr(PcdRsa2048Sha256PublicKeyBuffer), Size) == 0)) { Print(L"WARNING: Recovery Test Key is used.\n"); + TestKeyUsed |= TEST_KEY_USED_RECOVERY; + } else { + TestKeyUsed |= NO_TEST_KEY_USED_RECOVERY; } + PcdSet64S(PcdTestKeyUsed, TestKeyUsed); FreePool(Buffer); } Status = GetSectionFromAnyFv( @@ -430,10 +436,15 @@ PlatformBootManagerAfterConsole ( &Size ); if (!EFI_ERROR(Status)) { + TestKeyUsed = PcdGet64(PcdTestKeyUsed); if ((Size == PcdGetSize(PcdPkcs7CertBuffer)) && (CompareMem(Buffer, PcdGetPtr(PcdPkcs7CertBuffer), Size) == 0)) { Print(L"WARNING: Capsule Test Key is used.\n"); + TestKeyUsed |= TEST_KEY_USED_FIRMWARE_UPDATE; + } else { + TestKeyUsed |= NO_TEST_KEY_USED_FIRMWARE_UPDATE; } + PcdSet64S(PcdTestKeyUsed, TestKeyUsed); FreePool(Buffer); } diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h index 395f78b..7fffe77 100644 --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManager.h @@ -41,6 +41,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include +#define TEST_KEY_USED_RECOVERY (BIT0 + BIT32) +#define TEST_KEY_USED_FIRMWARE_UPDATE (BIT1 + BIT33) +#define NO_TEST_KEY_USED_RECOVERY (BIT32) +#define NO_TEST_KEY_USED_FIRMWARE_UPDATE (BIT33) + typedef struct { EFI_DEVICE_PATH_PROTOCOL *DevicePath; UINTN ConnectType; diff --git a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf index 09a01d3..eadf1fe 100644 --- a/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf +++ b/QuarkPlatformPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf @@ -82,4 +82,5 @@ gQuarkPlatformTokenSpaceGuid.PcdEdkiiPkcs7TestPublicKeyFileGuid gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer gEfiSecurityPkgTokenSpaceGuid.PcdPkcs7CertBuffer + gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed -- 2.7.4.windows.1