From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web12.11367.1593564977976874577 for ; Tue, 30 Jun 2020 17:56:18 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=vHyLOTCs; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: guomin.jiang@intel.com) IronPort-SDR: G4/VqXfYGJBxluPj/TqUdGuMN6M5CJAojfQhirWOYTpQ1o5EcAlDfcRWjaywwcnbIWoE6eFSWL F9NECCdYTylQ== X-IronPort-AV: E=McAfee;i="6000,8403,9668"; a="143904492" X-IronPort-AV: E=Sophos;i="5.75,298,1589266800"; d="scan'208";a="143904492" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 30 Jun 2020 17:56:16 -0700 IronPort-SDR: Q/pboTSZP2GQoGVOl+plwakTee1c6REIIYX3N4eTl5GoJ5HayvyuQpp6ens1u53JTWa7/hyaFv MtVQJ8zAGWJA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,298,1589266800"; d="scan'208";a="312528451" Received: from fmsmsx606.amr.corp.intel.com ([10.18.126.86]) by orsmga008.jf.intel.com with ESMTP; 30 Jun 2020 17:56:16 -0700 Received: from fmsmsx606.amr.corp.intel.com (10.18.126.86) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 30 Jun 2020 17:56:15 -0700 Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by fmsmsx606.amr.corp.intel.com (10.18.126.86) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 30 Jun 2020 17:56:15 -0700 Received: from FMSEDG001.ED.cps.intel.com (10.1.192.133) by FMSMSX155.amr.corp.intel.com (10.18.116.71) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 30 Jun 2020 17:56:15 -0700 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (104.47.37.59) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 30 Jun 2020 17:56:15 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=jZ0RwvSmCUjk883AMF7Vu9E8qQPrVXMCw1UMtTcHUrLdRfuugFeYy46PRVMaUOXWfI2+WNiQwzX1kjT3Rt1pxBoOvCXCPys14LSFHgrcRgKA/NRqW5geJgubevu0Ad9MaLEmnu/fJatYiL/DLeav5qDKRw68K2JRrfw3mHDExTSxmyvJsGcNeZ7eAtP4Mf0/EOSo2mEUdYPURWFpaViwaqtz9w2tVblF2bYdJoQSpgC1JXxgFN6x3JgYrlJ+Ffx86KTC7VKKNHXje9ksTUlJACZNQnHFxxUYxgolHWGIem5nug8lqJzlxFoCNu35mmLj1ZRku1kaaJs1Ksf2O/5ilA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=epdnj3Lzb/p/7tebkzr3cOusv+4gQsTT4UGbE2T7E/s=; b=YzNCuHyLGcyqhDJ+h6wSCTrAPYTFQchurBhZP74iihW8jpl9cYRnhGqXSUpEj8vSHhCxG9LVXYYvrrL2rRtnvMGuyFbldFELwOTR423PG/Iv5lGXeUnLy1v6yuGn2FY/JXv0vHrbzZfGhsdqRphiHch00W6RsPXJmCQHFbPszCJJhx8lp9Epr+Y6XBQpQ+z++K0JHjbXdN6MI5pAg8nTMkpPHSJ8V6aP/HHt6jpHjwNFnoXQOvlzvGDsGBC+8Nh9ImZohpKGEZL80lASgNZccEgR68qFKJk6fLYo8iZm+YDYDN9DorO8n0neCmWJPikwFBVKQzZ77pQ8mAXNFLae5A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=epdnj3Lzb/p/7tebkzr3cOusv+4gQsTT4UGbE2T7E/s=; b=vHyLOTCsWeqxLeO8BpWJKYI06oRS5rzE/dXOyKFSS4tdnOP4WskVsSdfHe0YEmKn3f/Iv5OJYPaV2PoA34sZo4j/inWZEkGSvGMHjwD6WjfqmINuoHJQIB8XimUlRbSdXD8aQcNBuu25iC4tZBNb9QQB2mhgoS3RRnUE8KFpSgM= Received: from DM6PR11MB2955.namprd11.prod.outlook.com (2603:10b6:5:65::31) by DM6PR11MB3689.namprd11.prod.outlook.com (2603:10b6:5:143::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3131.20; Wed, 1 Jul 2020 00:56:14 +0000 Received: from DM6PR11MB2955.namprd11.prod.outlook.com ([fe80::e916:c766:fc41:b51d]) by DM6PR11MB2955.namprd11.prod.outlook.com ([fe80::e916:c766:fc41:b51d%5]) with mapi id 15.20.3131.027; Wed, 1 Jul 2020 00:56:14 +0000 From: "Guomin Jiang" To: Liming Sun , "devel@edk2.groups.io" , "Xu, Wei6" , "Gao, Liming" , "Kinney, Michael D" CC: Sean Brogan Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule verification with secure boot keys Thread-Topic: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule verification with secure boot keys Thread-Index: AQHWRmLn4qcSWkWl3EKmf7xe2byxn6ju+QaQgAGYoICAAEGHYIAAWSwAgADGtCA= Date: Wed, 1 Jul 2020 00:56:13 +0000 Message-ID: References: <5b42e8e089fb961766c639b733284413ccf03272.1592587621.git.lsun@mellanox.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.2.0.6 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: mellanox.com; dkim=none (message not signed) header.d=none;mellanox.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.102.204.38] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 54381107-25cd-40c0-64a3-08d81d598dc6 x-ms-traffictypediagnostic: DM6PR11MB3689: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4303; x-forefront-prvs: 04519BA941 x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: Hb/xUt3CH6MKV47iY+8AXsHfH6L2j75A6GsICOUwqXbm1AnMykXrpozbLtPP5xRwkyFfYOIyVUFk6TrkoJUDN8R85JLrEqSz2oyDOJcP6F8UFBBSXHq47Dmx6+Cfita/s2p3v/WYIRTgrsRQEOISNYkla6XstjiT6ECQrjevH6XA+hd0jrwJCJCP2QMgf1FIkltD7fxAjsHbT3Iss7ME7yQy9q7Tzlw14Nvq+xNiAtEoKTKbJpSZoUeeZXBvDsftXlL83ukkgwaBaqY1CYQF4/pTQcGAl6j67pxQa+QgmbrWPXqij31uIPtnOtUyR6JYQo/ZrBEbAgc0/XZHOHDcVIkI2IzC8TP/AiZJIJpkmnR+RkeWEQ7TnxOVKciM3qUvyig0OjHZXb0zL3UST5zzmQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM6PR11MB2955.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(396003)(376002)(366004)(39860400002)(346002)(136003)(55016002)(186003)(6636002)(110136005)(8676002)(15650500001)(478600001)(45080400002)(8936002)(966005)(7696005)(6506007)(53546011)(26005)(2906002)(4326008)(316002)(19627235002)(5660300002)(76116006)(52536014)(9686003)(83380400001)(83080400001)(33656002)(66946007)(64756008)(30864003)(66446008)(66556008)(66476007)(71200400001)(86362001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: u53AlK0mhwxEJH1Y/HXywlfAf/CahC7O7hG/es9Y3IC1ZRGgoW9H3w4D8yQv2CDdxJZJbpA554jby0RsgFMh0nwwU6JSYFo6Nm5cyfV1U9aryCo3oICCABH8RE7/7aXQtUxMA+JuFGfvq7bcBj2/UFLjKT3XLS39OhVZuYgVUCCOviKQES7gx4dXPtMSARsIcyvnm7CAS32eaumRun2kTlXVzw23EuWvqCpiNd+1mWg6+/8VLWtTcCU6k+X8uyFx7yncm/1kxrX65OiZAo3vK1vTbO7Iur7/ns2yQjQLJliyu2vN41/ZwsybMXnrtikjTa8n9Tb7ecSBtB2cM0WK9PI4qfbGk8jJkqUYYwCgCAcAR5rddA1YKF7Ma7mXtnWfRa/ZWkkcysYYLjf9gT6gi8tTZegEF7WQfTJUcxNNq6ZptBV/i0cgyr6fh5v4h7kWGOrGGMHI00K4K1eHGNq0VwOZ+uR/clwRV60ms5iMwwmw0MqFc/VmIGwmdX4xJzmT MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM6PR11MB2955.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 54381107-25cd-40c0-64a3-08d81d598dc6 X-MS-Exchange-CrossTenant-originalarrivaltime: 01 Jul 2020 00:56:14.0129 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: UAgc6/NYZtUnBt/uOpONjGdc2j3pZ8teyOInwuEnxGQYPZTgiyTV3NGpRfhL2/nw33EN47Z3kpwchGAkiruiXg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB3689 Return-Path: guomin.jiang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I want to ask your one question: are you sure that every mother board which= deliver to customer will enable the secure boot mode? I just emphasize that I want to make sure that the device firmware come fr= om the device vendor. Thanks for your effort, the patch is good, I just think it is not suitable= for common solution. But if your customer indeed want it, you can add it to your customization = code. Thanks Guomin > -----Original Message----- > From: Liming Sun > Sent: Tuesday, June 30, 2020 8:47 PM > To: devel@edk2.groups.io; Jiang, Guomin ; Xu, > Wei6 ; Gao, Liming ; Kinney, > Michael D > Cc: Sean Brogan > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > verification with secure boot keys >=20 > Thanks Guomin. >=20 > I still have one question. Let's assume we're the device vendor and we l= et > customer to enroll their keys. Once the keys are enrolled, the device wi= ll be > in secure boot mode. Are you saying that the end user could "have the ab= ility > to enroll their DB without too many effort" even after the secure boot h= as > been enabled already? >=20 > Please correct me if I misunderstood it. >=20 > - Liming >=20 > > -----Original Message----- > > From: devel@edk2.groups.io On Behalf Of > Guomin > > Jiang via groups.io > > Sent: Tuesday, June 30, 2020 3:33 AM > > To: devel@edk2.groups.io; Liming Sun ; Xu, Wei6 > > ; Gao, Liming ; Kinney, > > Michael D > > Cc: Sean Brogan > > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > verification with secure boot keys > > > > Liming, > > > > The end user have the ability to enroll their DB without too many effo= rt. > > > > And I think some end user also have the ability to get insecure firmwa= re > which not from the device vendor. > > > > I suggest that tell the device vendor that it is critical that set the > PcdFmpDevicePkcs7CertBufferXdr rather than decrease the security. > > > > Best Regards > > Guomin > > > > > -----Original Message----- > > > From: devel@edk2.groups.io On Behalf Of > > > Liming Sun > > > Sent: Tuesday, June 30, 2020 11:33 AM > > > To: Jiang, Guomin ; devel@edk2.groups.io; > > > Xu, > > > Wei6 ; Gao, Liming ; > > > Kinney, Michael D > > > Cc: Sean Brogan > > > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > verification with secure boot keys > > > > > > Thanks Guomin for the comments! > > > > > > Below is the main scenario for the proposed change: > > > > > > - Device Manufacturer provides the devices with UEFI preinstalled in > > > non- secure state and no hard-coded keys ( > PcdFmpDevicePkcs7CertBufferXdr). > > > > > > - Customer (not End-User) enrolls their own keys in trusted > > > environment before delivering to End User. > > > This capsule approach can be used for large deployment without > > > involving any private keys. > > > > > > Yes, I do agree that once it's delivered to End User it won't be > > > considered secure. > > > > > > Thanks, > > > Liming > > > > > > > -----Original Message----- > > > > From: Jiang, Guomin > > > > Sent: Sunday, June 28, 2020 11:18 PM > > > > To: devel@edk2.groups.io; Liming Sun ; Xu, Wei6 > > > > ; Gao, Liming ; Kinney, > > > > Michael D > > > > Cc: Sean Brogan > > > > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > > verification with secure boot keys > > > > > > > > I think it have some vulnerability, the case as below. > > > > > > > > 1. Untrusted End User enroll the new DB key -> sign the untrusted > > > > device firmware -> flash the untrusted device firmware -> the > > > > system will > > > become unsafe. > > > > > > > > I think the end user is untrusted and we need to make sure only > > > > few person > > > can have the privilege. > > > > > > > > Best Regards > > > > Guomin > > > > > > > > > -----Original Message----- > > > > > From: devel@edk2.groups.io On Behalf Of > > > > > Liming Sun > > > > > Sent: Saturday, June 20, 2020 1:48 AM > > > > > To: Xu, Wei6 ; Gao, Liming > > > > > ; Kinney, Michael D > > > > > > > > > > Cc: Liming Sun ; devel@edk2.groups.io; Sean > > > > > Brogan > > > > > Subject: [edk2-devel] [PATCH] FmpDevicePkg: Enhance capsule > > > > > verification with secure boot keys > > > > > > > > > > This commit enhances the FmpDevicePkg package to optionally > > > > > verify capsule with the secure boot keys when > > > > > PcdFmpDevicePkcs7CertBufferXdr is not set and the new PCD > > > > > variable PcdFmpDeviceAllowSecureBootKeys is configured. Below is > > > > > the check > > > logic: > > > > > - Pass if verified with PK key, or PK key not set yet; > > > > > - Deny if verified with the DBX keys; > > > > > - Verified it against the DB keys; > > > > > > > > > > One purpose for this change is to auto-deploy the UEFI secure > > > > > boot keys with UEFI capsule. Initially it's done in trusted envi= ronment. > > > > > Once secure boot is enabled, the same keys will be used to > > > > > verify the signed capsules as well for further updates. > > > > > > > > > > Signed-off-by: Liming Sun > > > > > --- > > > > > FmpDevicePkg/FmpDevicePkg.dec | 6 +++ > > > > > FmpDevicePkg/FmpDxe/FmpDxe.c | 109 > > > > > ++++++++++++++++++++++++++++++++++++-- > > > > > FmpDevicePkg/FmpDxe/FmpDxe.h | 1 + > > > > > FmpDevicePkg/FmpDxe/FmpDxe.inf | 3 ++ > > > > > FmpDevicePkg/FmpDxe/FmpDxeLib.inf | 1 + > > > > > 5 files changed, 117 insertions(+), 3 deletions(-) > > > > > > > > > > diff --git a/FmpDevicePkg/FmpDevicePkg.dec > > > > > b/FmpDevicePkg/FmpDevicePkg.dec index cab63f5..3aeb89c 100644 > > > > > --- a/FmpDevicePkg/FmpDevicePkg.dec > > > > > +++ b/FmpDevicePkg/FmpDevicePkg.dec > > > > > @@ -126,6 +126,12 @@ > > > > > # @Prompt Firmware Device Image Type ID > > > > > > > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid|{0}|VOID > > > > > *|0x40000010 > > > > > > > > > > + ## This option is used to verify the capsule using secure > > > > > + boot keys if the # PcdFmpDevicePkcs7CertBufferXdr is not > configured. > > > > > + In such case, the check # will pass if secure boot hasn't > > > > > + been enabled > > > yet. > > > > > + # @A flag to tell whether to use secure boot keys when > > > > > PcdFmpDevicePkcs7CertBufferXdr is not set. > > > > > + > > > > > + > > > > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys|0x0| > > > > > UINT8| > > > > > + 0x40000012 > > > > > + > > > > > [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, > > > PcdsDynamicEx] > > > > > ## One or more PKCS7 certificates used to verify a firmware > > > > > device > > > capsule > > > > > # update image. Encoded using the Variable-Length Opaque > > > > > Data format of RFC diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.c index 5884177..6f82aee 100644 > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.c > > > > > @@ -682,6 +682,102 @@ GetAllHeaderSize ( > > > > > return CalculatedSize; > > > > > } > > > > > > > > > > +EFI_STATUS > > > > > +CheckTheImageWithSecureBootVariable ( > > > > > + IN CONST CHAR16 *Name, > > > > > + IN CONST EFI_GUID *Guid, > > > > > + IN CONST VOID *Image, > > > > > + IN UINTN ImageSize > > > > > + ) > > > > > +{ > > > > > + EFI_STATUS Status; > > > > > + VOID *Data; > > > > > + UINTN Length; > > > > > + EFI_SIGNATURE_LIST *CertList; > > > > > + EFI_SIGNATURE_DATA *CertData; > > > > > + UINTN CertCount; > > > > > + UINTN Index; > > > > > + > > > > > + Status =3D GetVariable2 (Name, Guid, &Data, &Length); if > > > > > + (EFI_ERROR > > > > > + (Status)) { > > > > > + return EFI_NOT_FOUND; > > > > > + } > > > > > + > > > > > + CertList =3D (EFI_SIGNATURE_LIST *) Data; while ((Length > 0= ) > > > > > + && (Length >=3D CertList->SignatureListSize)) { > > > > > + if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Gui= d)) > { > > > > > + CertData =3D (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList = + > > > > > + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeader= Size); > > > > > + CertCount =3D (CertList->SignatureListSize - sizeof > > > > > + (EFI_SIGNATURE_LIST) > > > - > > > > > + CertList->SignatureHeaderSize) / > > > > > + CertList->SignatureSize; > > > > > + > > > > > + for (Index =3D 0; Index < CertCount; Index++) { > > > > > + Status =3D AuthenticateFmpImage ( > > > > > + (EFI_FIRMWARE_IMAGE_AUTHENTICATION *)Image, > > > > > + ImageSize, > > > > > + CertData->SignatureData, > > > > > + CertList->SignatureSize - sizeof (EFI_GUID) > > > > > + ); > > > > > + if (!EFI_ERROR (Status)) > > > > > + goto Done; > > > > > + > > > > > + CertData =3D (EFI_SIGNATURE_DATA *) ((UINT8 *) CertData= + > > > > > + CertList- > > > > > >SignatureSize); > > > > > + } > > > > > + } > > > > > + > > > > > + Length -=3D CertList->SignatureListSize; > > > > > + CertList =3D (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + > > > > > + CertList->SignatureListSize); } > > > > > + > > > > > +Done: > > > > > + FreePool (Data); > > > > > + return Status; > > > > > +} > > > > > + > > > > > +EFI_STATUS > > > > > +CheckTheImageWithSecureBootKeys ( > > > > > + IN CONST VOID *Image, > > > > > + IN UINTN ImageSize > > > > > + ) > > > > > +{ > > > > > + EFI_STATUS Status; > > > > > + > > > > > + // PK check. > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > + EFI_PLATFORM_KEY_NAME, > > > > > + &gEfiGlobalVariableGuid, > > > > > + Image, > > > > > + ImageSize > > > > > + ); > > > > > + if (!EFI_ERROR (Status) || Status =3D=3D EFI_NOT_FOUND) { > > > > > + // Return SUCCESS if verified by PK key or PK key not confi= gured. > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Verified capsule with PK > key.\n")); > > > > > + return EFI_SUCCESS; > > > > > + } > > > > > + > > > > > + // DBX check. > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > + EFI_IMAGE_SECURITY_DATABASE1, > > > > > + &gEfiImageSecurityDatabaseGuid, > > > > > + Image, > > > > > + ImageSize > > > > > + ); > > > > > + if (!EFI_ERROR (Status)) { > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Reject capsule with DBX > key.\n")); > > > > > + return EFI_SECURITY_VIOLATION; } > > > > > + > > > > > + // DB check. > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Verify capsule with DB > > > > > +key.\n")); > > > > > + Status =3D CheckTheImageWithSecureBootVariable( > > > > > + EFI_IMAGE_SECURITY_DATABASE, > > > > > + &gEfiImageSecurityDatabaseGuid, > > > > > + Image, > > > > > + ImageSize > > > > > + ); > > > > > + return Status; > > > > > +} > > > > > + > > > > > /** > > > > > Checks if the firmware image is valid for the device. > > > > > > > > > > @@ -728,6 +824,7 @@ CheckTheImage ( > > > > > UINT8 *PublicKeyDataXdrEnd; > > > > > EFI_FIRMWARE_IMAGE_DEP *Dependencies; > > > > > UINT32 DependenciesSize; > > > > > + UINT8 AllowSecureBootKeys; > > > > > > > > > > Status =3D EFI_SUCCESS; > > > > > RawSize =3D 0; > > > > > @@ -782,9 +879,15 @@ CheckTheImage ( > > > > > PublicKeyDataXdr =3D PcdGetPtr > (PcdFmpDevicePkcs7CertBufferXdr); > > > > > PublicKeyDataXdrEnd =3D PublicKeyDataXdr + PcdGetSize > > > > > (PcdFmpDevicePkcs7CertBufferXdr); > > > > > > > > > > - if (PublicKeyDataXdr =3D=3D NULL || (PublicKeyDataXdr =3D=3D > > > > > PublicKeyDataXdrEnd)) { > > > > > - DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Invalid certificate, skip= ping > it.\n", > > > > > mImageIdName)); > > > > > - Status =3D EFI_ABORTED; > > > > > + if (PublicKeyDataXdr =3D=3D NULL || (PublicKeyDataXdrEnd - > > > > > + PublicKeyDataXdr > > > > > < sizeof (UINT32))) { > > > > > + AllowSecureBootKeys =3D PcdGet8 > > > (PcdFmpDeviceAllowSecureBootKeys); > > > > > + if (AllowSecureBootKeys) { > > > > > + DEBUG ((DEBUG_INFO, "FmpDxe: Use secure boot certs.\n")); > > > > > + Status =3D CheckTheImageWithSecureBootKeys (Image, > ImageSize); > > > > > + } else { > > > > > + DEBUG ((DEBUG_ERROR, "FmpDxe(%s): Invalid certificate, > > > > > + skipping > > > > > it.\n", mImageIdName)); > > > > > + Status =3D EFI_ABORTED; > > > > > + } > > > > > } else { > > > > > // > > > > > // Try each key from PcdFmpDevicePkcs7CertBufferXdr diff > > > > > --git a/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.h > > > index > > > > > 30754de..72a6ce6 100644 > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.h > > > > > @@ -34,6 +34,7 @@ > > > > > #include #include > > > > > > > > > > #include > > > > > +#include > > > > > #include #include > > > > > > > > > > > > > > > diff --git a/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > b/FmpDevicePkg/FmpDxe/FmpDxe.inf index eeb904a..60b02d4 > 100644 > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxe.inf > > > > > @@ -58,6 +58,8 @@ > > > > > > > > > > [Guids] > > > > > gEfiEndOfDxeEventGroupGuid > > > > > + gEfiCertX509Guid > > > > > + gEfiImageSecurityDatabaseGuid > > > > > > > > > > [Protocols] > > > > > gEdkiiVariableLockProtocolGuid ## CONSUMES > > > > > @@ -74,6 +76,7 @@ > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr > > > > > ## CONSUMES > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest > > > > > ## CONSUMES > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid > > > > > ## CONSUMES > > > > > + > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys > > > > > ## CONSUMES > > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed > ## > > > > > SOMETIMES_PRODUCES > > > > > > > > > > [Depex] > > > > > diff --git a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > index 9a93b5e..1308cae 100644 > > > > > --- a/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > +++ b/FmpDevicePkg/FmpDxe/FmpDxeLib.inf > > > > > @@ -74,6 +74,7 @@ > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDevicePkcs7CertBufferXdr > > > > > ## CONSUMES > > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceTestKeySha256Digest > > > > > ## CONSUMES > > > > > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageTypeIdGuid > > > > > ## CONSUMES > > > > > + > gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceAllowSecureBootKeys > > > > > ## CONSUMES > > > > > gEfiMdeModulePkgTokenSpaceGuid.PcdTestKeyUsed > ## > > > > > SOMETIMES_PRODUCES > > > > > > > > > > [Depex] > > > > > -- > > > > > 1.8.3.1 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >=20