From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-lj1-f172.google.com (mail-lj1-f172.google.com [209.85.208.172]) by mx.groups.io with SMTP id smtpd.web08.4666.1625131267439253519 for ; Thu, 01 Jul 2021 02:21:07 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@semihalf-com.20150623.gappssmtp.com header.s=20150623 header.b=hqcqVS4t; spf=none, err=SPF record not found (domain: semihalf.com, ip: 209.85.208.172, mailfrom: gjb@semihalf.com) Received: by mail-lj1-f172.google.com with SMTP id h6so7463949ljl.8 for ; Thu, 01 Jul 2021 02:21:07 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=semihalf-com.20150623.gappssmtp.com; s=20150623; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=3WbBTV+nXYEELhbcMtPVzbAqDRt94J5zKS0RrM9D45o=; b=hqcqVS4tun2k+dxjZYf/w3CZFhiuAxGD7qQTOzISrbj7yaR339sDbMcHPfjp2oEluJ Xdx4D4L0iOv9CHvCqVjmOX8FLE99leOlOK78aad2V5Sfw4bcgUHn8jy/MU3HCeTZNUGi JgSeKryqH7zpUxI9YDnakENoqED5M24lDB2gprIlITYD7gLpunxpAG8cNTnZCfdiJ8H+ kaDTtDnYCsw4e47l7L1wBpRKjotK6AJstlK6SX20oGIYE9vjojjkjOS5i1b20V6f+qLj FLmYOeIX7ELQxpcUpyRfVy8/g4oqZeYVGoNvQEikJom3p8RfRWAddzuJB2KUCHgv0G9T K2mw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=3WbBTV+nXYEELhbcMtPVzbAqDRt94J5zKS0RrM9D45o=; b=rVgWzGlF/Wk9AwM2xOlenOqSj2nW9inJxrcKAd8FNOrXZ0wfkuDjrZMARxEpoiBej2 3xnwQLQlXBjnCCumBG22CZwyI9exJh5/aHylu8A9IwRa3WnbmwUVRF7mz1DUWUFSuAIG 4EwXGe2MsGlvxzh1AmZDKQh+B4IHe/61YAUjtBkgYEzMP6BmRfkj0PSFD6Mgq3nc+/ug T1i4lZSsbSJcHJOdDzF2qb1l3QCCxPeOuI2FbzTHneZKO5z6tqxwTMPJMeDFtWUAu/El YOPdeBd0WieXOk/EaXA7Z9DmNORQWXiootTSrTAhZ0W7tYrOBbcvsUIfTSdhEQcGXcSe lang== X-Gm-Message-State: AOAM532k9njjBTk+dhJ+V01Wcj7BXod9z/w+Vtv7GUpRjPObcQ9u/soj v1ydA/vTbWbsjGQj0AJUa1Twswoptuk0X8Qp X-Google-Smtp-Source: ABdhPJzEjd+OzO9X5pdLsLggXogfcZbXnMRYdfXuREZ4K+h2wyep8E/ENzgiGAhwphM+acnEVi90gQ== X-Received: by 2002:a05:651c:1312:: with SMTP id u18mr11601464lja.62.1625131265455; Thu, 01 Jul 2021 02:21:05 -0700 (PDT) Return-Path: Received: from gilgamesh.lab.semihalf.net ([83.142.187.85]) by smtp.gmail.com with ESMTPSA id g15sm2343205lfr.110.2021.07.01.02.21.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 01 Jul 2021 02:21:05 -0700 (PDT) From: "Grzegorz Bernacki" To: devel@edk2.groups.io Cc: leif@nuviainc.com, ardb+tianocore@kernel.org, Samer.El-Haj-Mahmoud@arm.com, sunny.Wang@arm.com, mw@semihalf.com, upstream@semihalf.com, jiewen.yao@intel.com, jian.j.wang@intel.com, min.m.xu@intel.com, lersek@redhat.com, sami.mujawar@arm.com, afish@apple.com, ray.ni@intel.com, jordan.l.justen@intel.com, rebecca@bsdio.com, grehan@freebsd.org, thomas.abraham@arm.com, chasel.chiu@intel.com, nathaniel.l.desimone@intel.com, gaoliming@byosoft.com.cn, eric.dong@intel.com, michael.d.kinney@intel.com, zailiang.sun@intel.com, yi.qian@intel.com, graeme@nuviainc.com, rad@semihalf.com, pete@akeo.ie, Grzegorz Bernacki Subject: [edk2-platforms PATCH v5 0/4] Secure Boot default keys Date: Thu, 1 Jul 2021 11:20:47 +0200 Message-Id: <20210701092051.1057606-1-gjb@semihalf.com> X-Mailer: git-send-email 2.29.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit This patchset is a consequence of "Secure Boot default keys" patchset in edk2. It adds SecureBootVariableLib class resolution for each platform which uses SecureBootConfigDxe and also enables Secure Boot variables initialization for RPi4. Previously these commits were part of edk2 patchset, but since number of commits increased in v5 version, it is now separate patchset. Changes related to both edk2 & edk-platform versions: Changes since v1: - change names: SecBootVariableLib => SecureBootVariableLib SecBootDefaultKeysDxe => SecureBootDefaultKeysDxe SecEnrollDefaultKeysApp => EnrollFromDefaultKeysApp - change name of function CheckSetupMode to GetSetupMode - remove ShellPkg dependecy from EnrollFromDefaultKeysApp - rebase to master Changes since v2: - fix coding style for functions headers in SecureBootVariableLib.h - add header to SecureBootDefaultKeys.fdf.inc - remove empty line spaces in SecureBootDefaultKeysDxe files - revert FAIL macro in EnrollFromDefaultKeysApp - remove functions duplicates and add SecureBootVariableLib to platforms which used it Changes since v3: - move SecureBootDefaultKeys.fdf.inc to ArmPlatformPkg - leave duplicate of CreateTimeBasedPayload in PlatformVarCleanupLib - fix typo in guid description Changes since v4: - reorder patches to make it bisectable - split commits related to more than one platform - move edk2-platform commits to separate patchset Grzegorz Bernacki (4): Intel Platforms: add SecureBootVariableLib class resolution ARM Silicon and Platforms: add SecureBootVariableLib class resolution RISC-V Platforms: add SecureBootVariableLib class resolution Platform/RaspberryPi: Enable default Secure Boot variables initialization Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc | 1 + Platform/Intel/MinPlatformPkg/Include/Dsc/CoreCommonLib.dsc | 1 + Platform/Intel/QuarkPlatformPkg/Quark.dsc | 1 + Platform/Intel/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc | 1 + Platform/Intel/Vlv2TbltDevicePkg/PlatformPkgX64.dsc | 3 ++- Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 1 + Platform/RaspberryPi/RPi3/RPi3.dsc | 1 + Platform/RaspberryPi/RPi4/RPi4.dsc | 4 ++++ Platform/SiFive/U5SeriesPkg/FreedomU500VC707Board/U500.dsc | 1 + Platform/SiFive/U5SeriesPkg/FreedomU540HiFiveUnleashedBoard/U540.dsc | 1 + Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 4 ++++ Platform/RaspberryPi/RPi4/RPi4.fdf | 2 ++ 12 files changed, 20 insertions(+), 1 deletion(-) -- 2.25.1