From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <kalyankumar.nagabhirava@linaro.org>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=2607:f8b0:400e:c00::241; helo=mail-pf0-x241.google.com;
 envelope-from=kalyankumar.nagabhirava@linaro.org;
 receiver=edk2-devel@lists.01.org 
Received: from mail-pf0-x241.google.com (mail-pf0-x241.google.com
 [IPv6:2607:f8b0:400e:c00::241])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 0C423222A54FC
 for <edk2-devel@lists.01.org>; Sun,  7 Jan 2018 21:40:45 -0800 (PST)
Received: by mail-pf0-x241.google.com with SMTP id y5so1373973pff.13
 for <edk2-devel@lists.01.org>; Sun, 07 Jan 2018 21:45:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google;
 h=from:to:cc:subject:date:message-id:in-reply-to:references;
 bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=;
 b=P6V3mX9moj/crvaxx9T3Onv4yEXh+qrwKqlIQg+zz4a4A4x/Vm7GX9KGhNq46DUZzp
 z+/4+y8fo8plcUioxh7OiKocTATWGOGUhVa6vdEnxLLCxo/lj5WDC1ymfpPeTeLXGfxx
 beCv4CM3g28MvhX62Pc90khnPAZn0I7HvOwXI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
 :references;
 bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=;
 b=VXmwu5H8TOkTXU4HoAaGZwRaMwDethZE0f/2erjCrJro/DdnkW+1FYzV5n6bl5Z6+H
 7UPsQ+/fKMbIUUHE5qCEreSIAB8Ya4WV8qeCYwyejFopnNDUBnUsaZxpG10AkXa7h0uC
 KxGvg/JRkxIUMfr7LC0hHcw3gAGv0tCZyLdrDy+OytPxSgyv/WEuSU7LSzOMP+Br8KkQ
 s6h3OVfjvfrJFaqdr8cnRyhdC+hSiOimHkXP9VXqaoAvatn3bloHm/zXp7wNHYqWWDlF
 I0WqQ9o+BzdXYQMZX0nA7dnG6SAmXGFc8d5BTh1Q+/NMJFwznicQBIAxmwppGOXHWFiW
 EBLA==
X-Gm-Message-State: AKGB3mIizFhkrCzUMxCQfykvR4ZYEXG9+xCjt9moq0XX1w0ny2rTcGsc
 hSwpuYe1MlZi/WNmNMVE1QCibPRLkQ8=
X-Google-Smtp-Source: ACJfBouQKjUPCOh7B0fXXHiF0QOqUWY7kl3IhbF5sUJ7yoHfm3l31skAX/BJoXmiRRrw9xmEu+6pLQ==
X-Received: by 10.98.182.4 with SMTP id j4mr9726723pff.220.1515390354763;
 Sun, 07 Jan 2018 21:45:54 -0800 (PST)
Received: from localhost.localdomain ([220.225.120.129])
 by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.52
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128);
 Sun, 07 Jan 2018 21:45:53 -0800 (PST)
From: kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org>
To: edk2-devel@lists.01.org
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Date: Mon,  8 Jan 2018 11:15:12 +0530
Message-Id: <20180108054513.2279-4-kalyankumar.nagabhirava@linaro.org>
X-Mailer: git-send-email 2.15.0
In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org>
References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org>
Subject: [PATCH v1 3/4] edk2-platforms:comcast: RDK secure boot Application
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 08 Jan 2018 05:40:46 -0000

Application will get file path of   PK key and KEK key using rdk.conf file, once keys are
Available, application will enable secure boot and validates the signed kernel Image.

Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org>
---
 Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 57 ++++++++++++++++++++
 Platform/Comcast/Application/SecureBoot/SecureBoot.c   | 30 +++++++++++
 2 files changed, 87 insertions(+)

diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf
new file mode 100644
index 000000000000..e7a3bb3afbb6
--- /dev/null
+++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf
@@ -0,0 +1,57 @@
+#
+#  Copyright (c) 2016-2017, Linaro Limited. All rights reserved.
+#  Copyright (c) 2016-2017, comcast . All rights reserved.
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+
+################################################################################
+#
+# Defines Section - statements that will be processed to create a Makefile.
+#
+################################################################################
+
+[Defines]
+  INF_VERSION     = 0x00010006
+  BASE_NAME       = RdkSecureLoader
+  FILE_GUID       = b2c7930f-07ef-4305-ac4e-1ce2085a7031
+  MODULE_TYPE     = UEFI_APPLICATION
+  VERSION_STRING  = 1.0
+  ENTRY_POINT     = SecureBootEntryPoint
+
+[Sources]
+  SecureBoot.c
+
+[Packages]
+  ArmPkg/ArmPkg.dec
+  ArmPlatformPkg/ArmPlatformPkg.dec
+  EmbeddedPkg/EmbeddedPkg.dec
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  ShellPkg/ShellPkg.dec
+  SecurityPkg/SecurityPkg.dec
+  CryptoPkg/CryptoPkg.dec
+  NetworkPkg/NetworkPkg.dec
+  Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec
+
+[Guids]
+  gEfiCertX509Guid
+  gEfiCertPkcs7Guid
+  gEfiCustomModeEnableGuid
+  gEfiImageSecurityDatabaseGuid
+  gFdtTableGuid
+  gRdkGlobalVariableGuid
+
+[LibraryClasses]
+  RdkBootManagerLib
+  UefiApplicationEntryPoint
+
+[Protocols]
+  gEfiBlockIoProtocolGuid
+  gEfiDevicePathToTextProtocolGuid
diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c
new file mode 100644
index 000000000000..51ac75835fd0
--- /dev/null
+++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c
@@ -0,0 +1,30 @@
+/*
+#  Copyright (c) 2016-2017, Linaro Limited. All rights reserved.
+#
+#  This program and the accompanying materials
+#  are licensed and made available under the terms and conditions of the BSD License
+#  which accompanies this distribution.  The full text of the license may be found at
+#  http://opensource.org/licenses/bsd-license.php
+#
+#  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+#  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+ */
+#include <RdkBootManagerLib.h>
+
+EFI_STATUS
+EFIAPI
+SecureBootEntryPoint (
+  IN EFI_HANDLE        ImageHandle,
+  IN EFI_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS Status;
+
+  Status = RdkSecureBoot (
+    ImageHandle,
+    SystemTable->BootServices
+  );
+
+  return Status;
+}
-- 
2.15.0