[edk2-devel] Secure Boot verification

[edk2-devel] Secure Boot verification

[xpahos via groups.io]

[-- Attachment #1: Type: text/plain, Size: 1395 bytes --]

Hello,

I found a presentation from https://uefi.org/sites/default/files/resources/Understanding%20UEFI%20Testing%20Webinar_Final_1.30.pdf that briefly mentions UEFI SCT. As I see here https://github.com/tianocore/edk2-test/blob/3605beb86128ba31ae2719f9251c2fb22f6e588e/uefi-sct/Doc/TestCaseSpec/04_Services_Runtime_Services_Test.md the SecureBootState test can be used to test Secure Boot behaviour. But I can't find any tests for this in the source tree. Maybe I'm looking in the wrong place?
I would like to be able to verify Secure Boot behaviour in pre-commit tests. Now I'm thinking about implementing such a feature, but in a slightly different way. I think I need to add the code to the main edk2 branch, because it becomes impossible to verify the correct behaviour when Secure Boot requires a signed binary and the binary has an incorrect signature because the EFI application will simply not be able to boot and return some result/log it. Maybe there is some out-of-the-box solution and I'm doing something wrong?


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#121033): https://edk2.groups.io/g/devel/message/121033
Mute This Topic: https://groups.io/mt/110733213/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-



[-- Attachment #2: Type: text/html, Size: 1857 bytes --]