From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c00::241; helo=mail-pf0-x241.google.com; envelope-from=kalyankumar.nagabhirava@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pf0-x241.google.com (mail-pf0-x241.google.com [IPv6:2607:f8b0:400e:c00::241]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 0C423222A54FC for ; Sun, 7 Jan 2018 21:40:45 -0800 (PST) Received: by mail-pf0-x241.google.com with SMTP id y5so1373973pff.13 for ; Sun, 07 Jan 2018 21:45:55 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=; b=P6V3mX9moj/crvaxx9T3Onv4yEXh+qrwKqlIQg+zz4a4A4x/Vm7GX9KGhNq46DUZzp z+/4+y8fo8plcUioxh7OiKocTATWGOGUhVa6vdEnxLLCxo/lj5WDC1ymfpPeTeLXGfxx beCv4CM3g28MvhX62Pc90khnPAZn0I7HvOwXI= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=0eTMizm4Vzk0pq10+sVpL9r5aqVb1saz1mpKjAuy6cw=; b=VXmwu5H8TOkTXU4HoAaGZwRaMwDethZE0f/2erjCrJro/DdnkW+1FYzV5n6bl5Z6+H 7UPsQ+/fKMbIUUHE5qCEreSIAB8Ya4WV8qeCYwyejFopnNDUBnUsaZxpG10AkXa7h0uC KxGvg/JRkxIUMfr7LC0hHcw3gAGv0tCZyLdrDy+OytPxSgyv/WEuSU7LSzOMP+Br8KkQ s6h3OVfjvfrJFaqdr8cnRyhdC+hSiOimHkXP9VXqaoAvatn3bloHm/zXp7wNHYqWWDlF I0WqQ9o+BzdXYQMZX0nA7dnG6SAmXGFc8d5BTh1Q+/NMJFwznicQBIAxmwppGOXHWFiW EBLA== X-Gm-Message-State: AKGB3mIizFhkrCzUMxCQfykvR4ZYEXG9+xCjt9moq0XX1w0ny2rTcGsc hSwpuYe1MlZi/WNmNMVE1QCibPRLkQ8= X-Google-Smtp-Source: ACJfBouQKjUPCOh7B0fXXHiF0QOqUWY7kl3IhbF5sUJ7yoHfm3l31skAX/BJoXmiRRrw9xmEu+6pLQ== X-Received: by 10.98.182.4 with SMTP id j4mr9726723pff.220.1515390354763; Sun, 07 Jan 2018 21:45:54 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id f188sm4348648pfc.22.2018.01.07.21.45.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Sun, 07 Jan 2018 21:45:53 -0800 (PST) From: kalyan-nagabhirava To: edk2-devel@lists.01.org Cc: Ard Biesheuvel Date: Mon, 8 Jan 2018 11:15:12 +0530 Message-Id: <20180108054513.2279-4-kalyankumar.nagabhirava@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> References: <20180108054513.2279-1-kalyankumar.nagabhirava@linaro.org> Subject: [PATCH v1 3/4] edk2-platforms:comcast: RDK secure boot Application X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 08 Jan 2018 05:40:46 -0000 Application will get file path of PK key and KEK key using rdk.conf file, once keys are Available, application will enable secure boot and validates the signed kernel Image. Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava --- Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 57 ++++++++++++++++++++ Platform/Comcast/Application/SecureBoot/SecureBoot.c | 30 +++++++++++ 2 files changed, 87 insertions(+) diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf new file mode 100644 index 000000000000..e7a3bb3afbb6 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf @@ -0,0 +1,57 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkSecureLoader + FILE_GUID = b2c7930f-07ef-4305-ac4e-1ce2085a7031 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = SecureBootEntryPoint + +[Sources] + SecureBoot.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + gRdkGlobalVariableGuid + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c new file mode 100644 index 000000000000..51ac75835fd0 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c @@ -0,0 +1,30 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include + +EFI_STATUS +EFIAPI +SecureBootEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkSecureBoot ( + ImageHandle, + SystemTable->BootServices + ); + + return Status; +} -- 2.15.0