From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from EUR04-VI1-obe.outbound.protection.outlook.com (EUR04-VI1-obe.outbound.protection.outlook.com [40.107.8.70]) by mx.groups.io with SMTP id smtpd.web11.999.1593620796808862695 for ; Wed, 01 Jul 2020 09:26:37 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@mellanox.com header.s=selector1 header.b=EbeD+U90; spf=pass (domain: mellanox.com, ip: 40.107.8.70, mailfrom: lsun@mellanox.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Spr+L2KIxc+y4aga+gUAPQx3kAQtb058C1qd0InRjMJ9uA2pCEV4wt0d+Jp/2NgLLEWvIUjR7a8hnaYo2lVk7XkYZQYSVzqOcoH3oEhyfde5qhZ172BwChE7WE9I67JO8yrtQHnHvdOXg+ScznNHs18X2sc64owUwFdYPVW0vuUh1KM1GVIUrjFpj0juCvu31ntxpBdNboY+CU7czFFb+RIvxeM1s1TgSgs/OMtx/4Zd0JLwvfdHU6+vA9C6oxZBRZB3PA/T/scPVv8eibfS2G6fsJP3T3hM9nW3oX8khO2dSAPR+caWnJpHWZyV5X6tS0nFCH8TFxuqc/Hl69yWYQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8U2Adg3LPQT+8R2GIunraHxffGui6ILlTDAakvkjH6o=; b=ezzf8d3RtPNwotwBsBwrM8Wwt16loMM+4fxXIwi+oDJViMlx0oLfjgMT0RZIXHrmP6PZ1lHhFAxYQFIRxboNCc+l1DNs4IHcUYMEyFUMQOuJKWTjwTF9u88jFwE8dDHUcECEMZQr6UFJvPuHg+CQCAuvuklqqw2zzPms9n8qJQWKLTHsyjX/3eQpKXj9a60CmaWS4pn2JZpq6BkxBN1CcyEFCoOCH0jZfI+efHzu++8Lpw6Mcn6sJ/nN1XoPpaCHVwGH4O0hEmx/rnFZEU8034eu0bk18CwWCzsMtRfOeB0XWUfu/8SzFuu4/PYIs3W2xLfimAt1yJZ6cf3ifR4K+Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=mellanox.com; dmarc=pass action=none header.from=mellanox.com; dkim=pass header.d=mellanox.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=Mellanox.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=8U2Adg3LPQT+8R2GIunraHxffGui6ILlTDAakvkjH6o=; b=EbeD+U90axAE7aAM3ys4hGBGMKzp6L7frkSyRQnmcFpAAlQsE1Egumi1wiuWRWnRaYLgiLrB4EAnQh+y1TosDbH0XVlujaDTXOx5bib7hOGpLqnHHDny43jQBowqIwooJHCBah3BaI5jwaspaNSNJrQkXa2FebJLN/HnOjJUGks= Received: from DB6PR05MB3223.eurprd05.prod.outlook.com (2603:10a6:6:20::21) by DB6PR05MB4679.eurprd05.prod.outlook.com (2603:10a6:6:4b::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3153.20; Wed, 1 Jul 2020 16:26:33 +0000 Received: from DB6PR05MB3223.eurprd05.prod.outlook.com ([fe80::3878:38d1:7487:f23a]) by DB6PR05MB3223.eurprd05.prod.outlook.com ([fe80::3878:38d1:7487:f23a%3]) with mapi id 15.20.3131.030; Wed, 1 Jul 2020 16:26:32 +0000 From: "Liming Sun" To: "Jiang, Guomin" , "devel@edk2.groups.io" , "Xu, Wei6" , "Gao, Liming" , "Kinney, Michael D" CC: Sean Brogan Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule verification with secure boot keys Thread-Topic: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule verification with secure boot keys Thread-Index: AQHWRmHfzsoxRpvKo0Kc2JNYV1wdaaju+xgAgAGNuZCAAEu5AIAAVYtAgADN/ICAAOY3wA== Date: Wed, 1 Jul 2020 16:26:32 +0000 Message-ID: References: <5b42e8e089fb961766c639b733284413ccf03272.1592587621.git.lsun@mellanox.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=mellanox.com; x-originating-ip: [173.76.169.242] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 02d3f086-fb05-4cd3-53f0-08d81ddb8469 x-ms-traffictypediagnostic: DB6PR05MB4679: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4303; x-forefront-prvs: 04519BA941 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 5HrIQIhg2+LlpJ7dtWVeQyugKKwM3WIc9Mqq4xKQC1QuLgRAxxKx3AiK4k08Ar1UHmpt3bepzPCQB9IflMLI7B9yjGZMApd5thAKGWweWySGLiWSeda/i6LWQfKzpGH1xyUXjDFuGLF5EJ9bcbvNUf/sCLcTcsOvmWvcfHNKjr/Hr9GvmOYfTDXaUPRwVRUiPpZvh56dU2Sm6cC5jpUtWHnOdQWbOoiILHUKIU43MgoAgxUoVi2W1tGJQNNh1Wn2uVklchq0No/09pK/rgOtHTF4wO5ZWtySoL954cLzEQMYzduTsk6juy+B2JGaBsOIC49VkBiVUppAYCuiz3HF/6ickXuc5I0Yxjr2O8rYCVy0yZ3RaA6WfDWNfh5d+1SUgGQyYkbvb5+DrIADYxzI6w== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB6PR05MB3223.eurprd05.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(346002)(396003)(366004)(376002)(136003)(39860400002)(71200400001)(66556008)(55016002)(8936002)(2906002)(8676002)(9686003)(5660300002)(52536014)(15650500001)(83080400001)(30864003)(4326008)(966005)(110136005)(316002)(45080400002)(26005)(66446008)(64756008)(66476007)(76116006)(33656002)(83380400001)(66946007)(86362001)(7696005)(53546011)(6506007)(478600001)(19627235002)(186003);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata: f3J5Uhgggb7ild73jDOyelNZ6gNvxWk8V1+9BZfpEtFcm2AetwaG53cW5pm3nV0G8hQGFIMthr5UtEwsfPjtCrS3wVF9+1NcNSmKvOiIe34VfZ+n9uJ3KDxOlLop//w14HtTf1PtFIJvSj8ycLZAubh8t0odGp0quhHwXud/hi87OrNBznvL3OsMLQtRrnDotDB5sgtvuefnglfHKcyVoXNdE9fEnLmvP3bjWjtgMXffBW/qZWJMcPUstFAdDDT7R3VbzjNUvGYgE6Mw5loQ9fleOXmdncSX3yVtoEZSURTl0ksFhgpu7H+e9En8T1MY1HkEsn6Pw/TJVPv+xP+xu+wZSE/HMV/suZQNNJ6GZMaDWCjb0DujU/aKM1alxFWZxxdJjIp9or6qig9XZptN1HP9laby++HwnOZ9sDb3assdYpcWA3PKTNBXFgg/gXN5eMS0rLEzePb0k7SsTjYE2gvgSpDE7P2Onoq6xAzMpAbRDxPlT3QYkBSKbitdFL6R x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-OriginatorOrg: Mellanox.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DB6PR05MB3223.eurprd05.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 02d3f086-fb05-4cd3-53f0-08d81ddb8469 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2020 16:26:32.7504 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: a652971c-7d2e-4d9b-a6a4-d149256f461b X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: AtYRxo/paYReKffuZLLMGO4s6f6BxEVrO9hmj/SNKu8SKD5QKvypipcqYbp57lE35nW+axE24Adqm2B9nV0wkw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR05MB4679 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable >> But if your customer indeed want it, you can add it to your customizatio= n code. Thanks. Yes, this is a behavior customer expects. This change just tries t= o provide a handy way to enroll initial keys.=20 So the initial keys could be carried in the capsule itself.=20 It also has "PcdFmpDeviceAllowSecureBootKeys" disabled by default, so it b= ehaves the same as before. We'll try to use customization code instead as suggested. Thanks, Liming > -----Original Message----- > From: Jiang, Guomin > Sent: Tuesday, June 30, 2020 8:56 PM > To: Liming Sun ; devel@edk2.groups.io; Xu, Wei6 ; Gao, Liming ; > Kinney, Michael D > Cc: Sean Brogan > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule verifica= tion with secure boot keys >=20 > I want to ask your one question: are you sure that every mother board wh= ich deliver to customer will enable the secure boot mode? >=20 > I just emphasize that I want to make sure that the device firmware come = from the device vendor. >=20 > Thanks for your effort, the patch is good, I just think it is not suitab= le for common solution. >=20 > But if your customer indeed want it, you can add it to your customizatio= n code. >=20 > Thanks > Guomin >=20 > > -----Original Message----- > > From: Liming Sun > > Sent: Tuesday, June 30, 2020 8:47 PM > > To: devel@edk2.groups.io; Jiang, Guomin ; Xu, > > Wei6 ; Gao, Liming ; Kinney, > > Michael D > > Cc: Sean Brogan > > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > verification with secure boot keys > > > > Thanks Guomin. > > > > I still have one question. Let's assume we're the device vendor and we= let > > customer to enroll their keys. Once the keys are enrolled, the device = will be > > in secure boot mode. Are you saying that the end user could "have the = ability > > to enroll their DB without too many effort" even after the secure boot= has > > been enabled already? > > > > Please correct me if I misunderstood it. > > > > - Liming > > > > > -----Original Message----- > > > From: devel@edk2.groups.io On Behalf Of > > Guomin > > > Jiang via groups.io > > > Sent: Tuesday, June 30, 2020 3:33 AM > > > To: devel@edk2.groups.io; Liming Sun ; Xu, Wei6 > > > ; Gao, Liming ; Kinney, > > > Michael D > > > Cc: Sean Brogan > > > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > verification with secure boot keys > > > > > > Liming, > > > > > > The end user have the ability to enroll their DB without too many ef= fort. > > > > > > And I think some end user also have the ability to get insecure firm= ware > > which not from the device vendor. > > > > > > I suggest that tell the device vendor that it is critical that set t= he > > PcdFmpDevicePkcs7CertBufferXdr rather than decrease the security. > > > > > > Best Regards > > > Guomin > > > > > > > -----Original Message----- > > > > From: devel@edk2.groups.io On Behalf Of > > > > Liming Sun > > > > Sent: Tuesday, June 30, 2020 11:33 AM > > > > To: Jiang, Guomin ; devel@edk2.groups.io; > > > > Xu, > > > > Wei6 ; Gao, Liming ; > > > > Kinney, Michael D > > > > Cc: Sean Brogan > > > > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > > verification with secure boot keys > > > > > > > > Thanks Guomin for the comments! > > > > > > > > Below is the main scenario for the proposed change: > > > > > > > > - Device Manufacturer provides the devices with UEFI preinstalled = in > > > > non- secure state and no hard-coded keys ( > > PcdFmpDevicePkcs7CertBufferXdr). > > > > > > > > - Customer (not End-User) enrolls their own keys in trusted > > > > environment before delivering to End User. > > > > This capsule approach can be used for large deployment without > > > > involving any private keys. > > > > > > > > Yes, I do agree that once it's delivered to End User it won't be > > > > considered secure. > > > > > > > > Thanks, > > > > Liming > > > > > > > > > -----Original Message----- > > > > > From: Jiang, Guomin > > > > > Sent: Sunday, June 28, 2020 11:18 PM > > > > > To: devel@edk2.groups.io; Liming Sun ; Xu, We= i6 > > > > > ; Gao, Liming ; Kinney, > > > > > Michael D > > > > > Cc: Sean Brogan > > > > > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > > > verification with secure boot keys > > > > > > > > > > I think it have some vulnerability, the case as below. > > > > > > > > > > 1. Untrusted End User enroll the new DB key -> sign the untruste= d > > > > > device firmware -> flash the untrusted device firmware -> the > > > > > system will > > > > become unsafe. > > > > > > > > > > I think the end user is untrusted and we need to make sure only > > > > > few person > > > > can have the privilege. > > > > > > > > > > Best Regards > > > > > Guomin > > > > > > > > > > > -----Original Message----- > > > > > > From: devel@edk2.groups.io On Behalf Of > > > > > > Liming Sun > > > > > > Sent: Saturday, June 20, 2020 1:48 AM > > > > > > To: Xu, Wei6 ; Gao, Liming > > > > > > ; Kinney, Michael D > > > > > > > > > > > > Cc: Liming Sun ; devel@edk2.groups.io; Sean > > > > > > Brogan > > > > > > Subject: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > > > > verification with secure boot keys > > > > > > > > > > > > This commit enhances the FmpDevicePkg package to optionally > > > > > > verify capsule with the secure boot keys when > > > > > > PcdFmpDevicePkcs7CertBufferXdr is not set and the new PCD > > > > > > variable PcdFmpDeviceAllowSecureBootKeys is configured. Below = is > > > > > > the check > > > > logic: > > > > > > - Pass if verified with PK key, or PK key not set yet; > > > > > > - Deny if verified with the DBX keys; > > > > > > - Verified it against the DB keys; > > > > > > > > > > > > One purpose for this change is to auto-deploy the UEFI secure > > > > > > boot keys with UEFI capsule. Initially it's done in trusted en= vironment. > > > > > > Once secure boot is enabled, the same keys will be used to > > > > > > verify the signed capsules as well for further updates. > > > > > > > > > > > > Signed-off-by: Liming Sun > > > > > > --- > > > > > > FmpDevicePkg/FmpDevicePkg.dec | 6 +++ > > > > > > FmpDevicePkg/FmpDxe/FmpDxe.c | 109 > > > > > > ++++++++++++++++++++++++++++++++++++-- > > > > > > FmpDevicePkg/FmpDxe/FmpDxe.h | 1 + > > > > > > FmpDevicePkg/FmpDxe/FmpDxe.inf | 3 ++ > > > > > > FmpDevicePkg/FmpDxe/FmpDxeLib.inf | 1 + > > > > > > 5 files changed, 117 insertions(+), 3 deletions(-) > > > > > > > > > > > > diff --git a/FmpDevicePkg/FmpDevicePkg.dec > > > > > > b/FmpDevicePkg/FmpDevicePkg.dec index cab63f5..3aeb89c 100644 > > > > > > --- a/FmpDevicePkg/FmpDevicePkg.dec > > > > > > +++ b/FmpDevicePkg/FmpDevicePkg.dec > > > > > > @@ -126,6 +126,12 @@ > > > > > > # @Prompt Firmware Device Image Type ID > > > > > > > > > > > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid|{0}|VOID > > > > > > *|0x40000010 > > > > > > > > > > > > + ## This option is used to verify the capsule using secure > > > > > > + boot keys if the # PcdFmpDevicePkcs7CertBufferXdr is not > > configured. > > > > > > + In such case, the check # will pass if secure boot hasn't > > > > > > + been enabled > > > > yet. > > > > > > + # @A flag to tell whether to use secure boot keys when > > > > > > PcdFmpDevicePkcs7CertBufferXdr is not set. > > > > > > + > > > > > > + > > > > > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys|0x0| > > > > > > UINT8| > > > > > > + 0x40000012 > > > > > > + > > > > > > [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, > > > > PcdsDynamicEx] > > > > > > ## One or more PKCS7 certificates used to verify a firmware > > > > > > device > > > > capsule > > > > > > # update image. Encoded using the Variable-Length Opaque > > > > > > Data format of RFC diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.c index 5884177..6f82aee 100644 > > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > > @@ -682,6 +682,102 @@ GetAllHeaderSize ( > > > > > > return CalculatedSize; > > > > > > } > > > > > > > > > > > > +EFI_STATUS > > > > > > +CheckTheImageWithSecureBootVariable ( > > > > > > + IN CONST CHAR16 *Name, > > > > > > + IN CONST EFI_GUID *Guid, > > > > > > + IN CONST VOID *Image, > > > > > > + IN UINTN ImageSize > > > > > > + ) > > > > > > +{ > > > > > > + EFI_STATUS Status; > > > > > > + VOID *Data; > > > > > > + UINTN Length; > > > > > > + EFI_SIGNATURE_LIST *CertList; > > > > > > + EFI_SIGNATURE_DATA *CertData; > > > > > > + UINTN CertCount; > > > > > > + UINTN Index; > > > > > > + > > > > > > + Status =3D GetVariable2 (Name, Guid, &Data, &Length); if > > > > > > + (EFI_ERROR > > > > > > + (Status)) { > > > > > > + return EFI_NOT_FOUND; > > > > > > + } > > > > > > + > > > > > > + CertList =3D (EFI_SIGNATURE_LIST *) Data; while ((Length >= 0) > > > > > > + && (Length >=3D CertList->SignatureListSize)) { > > > > > > + if (CompareGuid (&CertList->SignatureType, &gEfiCertX509G= uid)) > > { > > > > > > + CertData =3D (EFI_SIGNATURE_DATA *) ((UINT8 *) CertLis= t + > > > > > > + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHead= erSize); > > > > > > + CertCount =3D (CertList->SignatureListSize - sizeof > > > > > > + (EFI_SIGNATURE_LIST) > > > > - > > > > > > + CertList->SignatureHeaderSize) / > > > > > > + CertList->SignatureSize; > > > > > > + > > > > > > + for (Index =3D 0; Index < CertCount; Index++) { > > > > > > + Status =3D AuthenticateFmpImage ( > > > > > > + (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image= , > > > > > > + ImageSize, > > > > > > + CertData->SignatureData, > > > > > > + CertList->SignatureSize - sizeof (EFI_GUID= ) > > > > > > + ); > > > > > > + if (!EFI_ERROR (Status)) > > > > > > + goto Done; > > > > > > + > > > > > > + CertData =3D (EFI_SIGNATURE_DATA *) ((UINT8 *) CertDa= ta + > > > > > > + CertList- > > > > > > >SignatureSize); > > > > > > + } > > > > > > + } > > > > > > + > > > > > > + Length -=3D CertList->SignatureListSize; > > > > > > + CertList =3D (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + > > > > > > + CertList->SignatureListSize); } > > > > > > + > > > > > > +Done: > > > > > > + FreePool (Data); > > > > > > + return Status; > > > > > > +} > > > > > > + > > > > > > +EFI_STATUS > > > > > > +CheckTheImageWithSecureBootKeys ( > > > > > > + IN CONST VOID *Image, > > > > > > + IN UINTN ImageSize > > > > > > + ) > > > > > > +{ > > > > > > + EFI_STATUS Status; > > > > > > + > > > > > > + // PK check. > > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > > + EFI_PLATFORM_KEY_NAME, > > > > > > + &gEfiGlobalVariableGuid, > > > > > > + Image, > > > > > > + ImageSize > > > > > > + ); > > > > > > + if (!EFI_ERROR (Status) || Status =3D=3D EFI_NOT_FOUND) { > > > > > > + // Return SUCCESS if verified by PK key or PK key not con= figured. > > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Verified capsule with PK > > key.\n")); > > > > > > + return EFI_SUCCESS; > > > > > > + } > > > > > > + > > > > > > + // DBX check. > > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > > + EFI_IMAGE_SECURITY_DATABASE1, > > > > > > + &gEfiImageSecurityDatabaseGuid, > > > > > > + Image, > > > > > > + ImageSize > > > > > > + ); > > > > > > + if (!EFI_ERROR (Status)) { > > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Reject capsule with DBX > > key.\n")); > > > > > > + return EFI_SECURITY_VIOLATION; } > > > > > > + > > > > > > + // DB check. > > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Verify capsule with DB > > > > > > +key.\n")); > > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > > + EFI_IMAGE_SECURITY_DATABASE, > > > > > > + &gEfiImageSecurityDatabaseGuid, > > > > > > + Image, > > > > > > + ImageSize > > > > > > + ); > > > > > > + return Status; > > > > > > +} > > > > > > + > > > > > > /** > > > > > > Checks if the firmware image is valid for the device. > > > > > > > > > > > > @@ -728,6 +824,7 @@ CheckTheImage ( > > > > > > UINT8 *PublicKeyDataXdrEnd; > > > > > > EFI_FIRMWARE_IMAGE_DEP *Dependencies; > > > > > > UINT32 DependenciesSize; > > > > > > + UINT8 AllowSecureBootKeys; > > > > > > > > > > > > Status =3D EFI_SUCCESS; > > > > > > RawSize =3D 0; > > > > > > @@ -782,9 +879,15 @@ CheckTheImage ( > > > > > > PublicKeyDataXdr =3D PcdGetPtr > > (PcdFmpDevicePkcs7CertBufferXdr); > > > > > > PublicKeyDataXdrEnd =3D PublicKeyDataXdr + PcdGetSize > > > > > > (PcdFmpDevicePkcs7CertBufferXdr); > > > > > > > > > > > > - if (PublicKeyDataXdr =3D=3D NULL || (PublicKeyDataXdr =3D= =3D > > > > > > PublicKeyDataXdrEnd)) { > > > > > > - DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Invalid certificate, sk= ipping > > it.\n", > > > > > > mImageIdName)); > > > > > > - Status =3D EFI_ABORTED; > > > > > > + if (PublicKeyDataXdr =3D=3D NULL || (PublicKeyDataXdrEnd - > > > > > > + PublicKeyDataXdr > > > > > > < sizeof (UINT32))) { > > > > > > + AllowSecureBootKeys =3D PcdGet8 > > > > (PcdFmpDeviceAllowSecureBootKeys); > > > > > > + if (AllowSecureBootKeys) { > > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Use secure boot certs.\n")= ); > > > > > > + Status =3D CheckTheImageWithSecureBootKeys (Image, > > ImageSize); > > > > > > + } else { > > > > > > + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Invalid certificate, > > > > > > + skipping > > > > > > it.\n", mImageIdName)); > > > > > > + Status =3D EFI_ABORTED; > > > > > > + } > > > > > > } else { > > > > > > // > > > > > > // Try each key from PcdFmpDevicePkcs7CertBufferXdr diff > > > > > > --git a/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > index > > > > > > 30754de..72a6ce6 100644 > > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > > @@ -34,6 +34,7 @@ > > > > > > #include #include > > > > > > > > > > > > #include > > > > > > +#include > > > > > > #include #include > > > > > > > > > > > > > > > > > > diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.inf index eeb904a..60b02d4 > > 100644 > > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > > @@ -58,6 +58,8 @@ > > > > > > > > > > > > [Guids] > > > > > > gEfiEndOfDxeEventGroupGuid > > > > > > + gEfiCertX509Guid > > > > > > + gEfiImageSecurityDatabaseGuid > > > > > > > > > > > > [Protocols] > > > > > > gEdkiiVariableLockProtocolGuid ## CONSUMES > > > > > > @@ -74,6 +76,7 @@ > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr > > > > > > ## CONSUMES > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest > > > > > > ## CONSUMES > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid > > > > > > ## CONSUMES > > > > > > + > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys > > > > > > ## CONSUMES > > > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed > > ## > > > > > > SOMETIMES_PRODUCES > > > > > > > > > > > > [Depex] > > > > > > diff --git a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > > b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > > index 9a93b5e..1308cae 100644 > > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > > @@ -74,6 +74,7 @@ > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr > > > > > > ## CONSUMES > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest > > > > > > ## CONSUMES > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid > > > > > > ## CONSUMES > > > > > > + > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys > > > > > > ## CONSUMES > > > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed > > ## > > > > > > SOMETIMES_PRODUCES > > > > > > > > > > > > [Depex] > > > > > > -- > > > > > > 1.8.3.1 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >=20