From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web08.9612.1626090347249281584 for ; Mon, 12 Jul 2021 04:45:47 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=IK1XFdgN; spf=pass (domain: intel.com, ip: 192.55.52.151, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10042"; a="190345412" X-IronPort-AV: E=Sophos;i="5.84,232,1620716400"; d="scan'208";a="190345412" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 12 Jul 2021 04:45:46 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,232,1620716400"; d="scan'208";a="459151735" Received: from orsmsx605.amr.corp.intel.com ([10.22.229.18]) by orsmga008.jf.intel.com with ESMTP; 12 Jul 2021 04:45:45 -0700 Received: from orsmsx608.amr.corp.intel.com (10.22.229.21) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.4; Mon, 12 Jul 2021 04:45:45 -0700 Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx608.amr.corp.intel.com (10.22.229.21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Mon, 12 Jul 2021 04:45:44 -0700 Received: from NAM10-DM6-obe.outbound.protection.outlook.com (104.47.58.105) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Mon, 12 Jul 2021 04:45:43 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YQlwJWlAbaSonqABC9fWAS3pzAV1Uu9sp3qLdB9r4eveSdvZEPUCzEOLwikELnRwVuA5LGh+kgn0hWRlpoWlOmVvU12md71xubO0f5mh+4PQ07AJwnYA1i94Bj1cx7NJxu0ImlMUa0tKsnGOWsR136Wuyhm5b+u1gOE6Xf0BC0UNW160Ahm70lLyy+qat+3qrKNAVo4j83t3n3etuuE1jS4A9uvKzNHkDicXLvFCzN2fUL/sX+393eTwnAL+zwpOVni0gUzjGhS1EriozGEmXa6DBsnKkNYG9IT2z2fqwSRTm/YHNJG5lgR9ioCcq3hiWCGna9ZQEdMRKZ/0r4JTEw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9IUySubpTGL9aJYmxZNvYriElveg5u/9F7HkFt3RUcc=; b=E7LeRKC9eXgD9q7HEFRPUFPYQY5zS51DRwFhmixqSQcw9b0ntSzD58logImp3wcjRWLXdZCqPTnbzKCBwQxY8No8u6OWUGUm2bPfHffc5LRuEMPoXgIjr6g8rklsn0rKrNGHhXHJ0pQ9QDUnaL3xsPbCXK9zNpToZBbl+AlA4gHEUGR0tCMEZJ1x4ZltqC+0vNMuZR69g7YE2o8YvtJI/mmm5IMGHnrzhdeXaqXlx4V2txdyOx7odPTtGAB0xWIFWRwtAxrTeM4wddgCI54Gmdn0Y6xB0g72MfL66rY21DTnNKLzADAJBirSgFO2A/rzmYIgxnjirRcKhLvrMtvmcg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=9IUySubpTGL9aJYmxZNvYriElveg5u/9F7HkFt3RUcc=; b=IK1XFdgNZDH4xriLJ+AxCSIQgGmG+j/t48xPgT8SkMtykyGQTH4tl2XjU6xDkdGUwos4DgcJdHSEgp2vJZSf64VOf009tIpF5CEc9QMnOakwxT+JBNHiSu7dsv0dbCf3VJ4Ws2ojxb6bYZ43NQR3hS+8aJGoBJA2BO+ZXGomUKc= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB5015.namprd11.prod.outlook.com (2603:10b6:510:39::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4308.21; Mon, 12 Jul 2021 11:45:41 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::6c99:8170:1c3c:9121]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::6c99:8170:1c3c:9121%3]) with mapi id 15.20.4308.027; Mon, 12 Jul 2021 11:45:41 +0000 From: "Yao, Jiewen" To: Grzegorz Bernacki , "devel@edk2.groups.io" CC: "leif@nuviainc.com" , "ardb+tianocore@kernel.org" , Samer El-Haj-Mahmoud , Sunny Wang , "mw@semihalf.com" , "upstream@semihalf.com" , "Wang, Jian J" , "Xu, Min M" , "lersek@redhat.com" , Sami Mujawar , "afish@apple.com" , "Ni, Ray" , "Justen, Jordan L" , "rebecca@bsdio.com" , "grehan@freebsd.org" , Thomas Abraham , "Chiu, Chasel" , "Desimone, Nathaniel L" , "gaoliming@byosoft.com.cn" , "Dong, Eric" , "Kinney, Michael D" , "Sun, Zailiang" , "Qian, Yi" , "graeme@nuviainc.com" , "rad@semihalf.com" , "pete@akeo.ie" Subject: Re: [PATCH v5 05/10] SecurityPkg: Remove duplicated functions from SecureBootConfigDxe. Thread-Topic: [PATCH v5 05/10] SecurityPkg: Remove duplicated functions from SecureBootConfigDxe. Thread-Index: AQHXdxNxAxBm90FBmUKB72cs5Rt+tg== Date: Mon, 12 Jul 2021 11:45:41 +0000 Message-ID: References: <20210701091758.1057485-1-gjb@semihalf.com> <20210701091758.1057485-6-gjb@semihalf.com> In-Reply-To: <20210701091758.1057485-6-gjb@semihalf.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: semihalf.com; dkim=none (message not signed) header.d=none;semihalf.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 99797402-417d-4b72-cabb-08d9452a9395 x-ms-traffictypediagnostic: PH0PR11MB5015: x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:46; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: zJYSVRinXJB1+jFb9ylAYs62i9o9TJD1Ebf/bQ515JJFvVR9iz1QZ8xwaZXFSiULm7jJIGAXitA+I6QR1UmEyIhepgllmqKi/qT4P4tQdpLXG8Amj1B1hpPWjnx4i+xgepPOWkYwVH+Ld/moLpRFlFrkiHlZfQxBJBXvCLHhQEoqOuOTrAZnDqh+9zfiNsmnukEbyYfz0L6kqiLtXkYw9Old5SewSIobuG7sWmQ3/rOsn/gTIkwgKDD1L3AfTlHSGXniOrGwIJQk3qheHxRPsbRJsiTaqtFvH60FR/yU7U3BEzh17ilX4hNClxHoDC86dVKRKCjDoSTc9QYJ0qMGt8xJY+zENnbvWF9246a6/PoHrkrCYfSQClK0WDa0VT5EUKQ75VUPC5ovbMusnUuJzD3VRMcxC8xMmG2B3D7mFh+AB1jtSODs4LaJZyL4qUQCiNJn2wFgl1abOY4t4gHYUwn0SrkNiObihZOEsJzxT/lbhkRiljG0dffeRbjMLZ4IZU+uvM5/7NFAK27ZYPyVQPJ8KImDz7ZyE6Ke1HJCzIioBudwi4EXzttfyhcazOmGKeVZ9r5LBu24I/jfF4Ntd2xlCxfyUVvLMwwnRHxAHyo1Arq3dndUylbRNqYbkMD+7dxfkPwVo25fkx9kJcZ7Bg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(376002)(366004)(136003)(39860400002)(346002)(478600001)(15650500001)(7696005)(86362001)(52536014)(71200400001)(8936002)(66946007)(64756008)(38100700002)(33656002)(66476007)(66556008)(110136005)(54906003)(316002)(53546011)(6506007)(4326008)(186003)(76116006)(122000001)(66446008)(5660300002)(9686003)(55016002)(26005)(2906002)(83380400001)(7416002)(8676002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?XghDwqUKMdft5FWlMGhN5i1/ePfbXoK6A0YA2BNYqYW45Tn51DRcLnTD6tdW?= =?us-ascii?Q?KkHRxq/rBIQtv80WJksZy8wmeGdUc/3xFGUwT/Q3oW1if6NueujFYLhMPkJD?= =?us-ascii?Q?Au+AJzrsMQyE6NywCGBvrHCfvI/BuQpbEou7OfIuc0syEu1i44D04h8A17kp?= =?us-ascii?Q?S+KCJaG7DNHNJQENnxOlNDOpah6OhUtWa6v9GjKy+dajzcENw2NSoYAguPDz?= =?us-ascii?Q?zWzjAO7ERqSRXSXRvtvmdmi1Ns6zNh6evBqHQGSCVuU3rFqi37pPoa9bfOqO?= =?us-ascii?Q?mRdMv4Is8lVwIQIuuYsS4dJvNcG7RB9kbLAmo7ubkT3eVUGjFq388y9XarNY?= =?us-ascii?Q?IgfTgV4X/XYcg9E3LaBpgVm+QnnXH69Aa9jXIHJOLBVau1DG1j+shpZQeSA+?= =?us-ascii?Q?U4Lcr/Gi54UFY2SZhxf2iHQdoWWpqWFDtlp9R4xxgeVk2gAxUokdF35uzrSK?= =?us-ascii?Q?WZdCCM6Q2GSw6RJbuTENpc8yZjL8eD0GD9WvPm663YI4ROc90j9yYY5pbLlS?= =?us-ascii?Q?a7oXGj5RpeuRR2+Vxhr06j3tae0MFufZoUCFfv4GIi+EWT5UGEybGxyW6J7K?= =?us-ascii?Q?7TQfJCDV694u+j1qvHzWiJHAdk/BrAccrT43Je2alWdGAza2flkqi82B5/Mu?= =?us-ascii?Q?gdtFZDToIgI9re2RMdGgdRM2/9O52uMFvL8uA7FnjR/EwVzRJzXujfKBTf0h?= =?us-ascii?Q?pSYQ2vXZ9w8QjsXaZKH2J0BbTvpaZ2MTU8tC/jWvrTNS6L5MjS9CDhBF11T3?= =?us-ascii?Q?ASNmJMkry3AJGz447j6o32YHK0T69E34h97Viieff8+Bo8GF7DV+ZPTwrt3W?= =?us-ascii?Q?6l9dGEQ614i7WWKSDYBJvJAal8F8WpRIRt9vAjwVxzooJLXawwpFrEbYvozL?= =?us-ascii?Q?lpIE/HUBoJvgZXxxyVYzhgPwcGY4aK8g43sXqudVHrpPg2ptsWmio1B3r6Xn?= =?us-ascii?Q?V0fQuLHS+BmQHwywKsc5TdxZ+x3XpLxfngDoWOuimrzx6pAfiwE5aGKmtT0R?= =?us-ascii?Q?6/n3G0MXu097CkbJ+f+7eMTXPCRssV7CfHjwOQ+pdx0Av1tlYWAVHQs1EJnA?= =?us-ascii?Q?2gYMd/Ld7AlQBxw57d1JdiAxHRoDskv3FikBC0idqzTlY+osXfq32uYZ3ElN?= =?us-ascii?Q?sGoXgwSJ6aN5LX63rE1/eRaO0exUoaqR3c55jH/iK+x+glID89OPaO5mNLFl?= =?us-ascii?Q?3lsVwxI7Di1+tQhvkmFLg+oIHBTv1zqKWbMDqnxy6NnCgfVT65lVbOTNvlnb?= =?us-ascii?Q?QVfklxTi9HbgNyEerd53zAhOXtuJvag7aMcKYNDcUtuAWBTlkM+oiMMYO9XC?= =?us-ascii?Q?WFRCRlf6vGVqSGSwuhfHhBZa?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 99797402-417d-4b72-cabb-08d9452a9395 X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Jul 2021 11:45:41.4943 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: 8s2Y8euGKV6+rOjK6Uc+TmMezdCL4xuwOGUjaoDcW0CEgnoywfrlvzmVzVHk+028YeHdHnZfVKfdyBmlcZUm+Q== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB5015 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Signed-off-by: Jiewen Yao > -----Original Message----- > From: Grzegorz Bernacki > Sent: Thursday, July 1, 2021 5:18 PM > To: devel@edk2.groups.io > Cc: leif@nuviainc.com; ardb+tianocore@kernel.org; Samer El-Haj-Mahmoud > ; Sunny Wang ; > mw@semihalf.com; upstream@semihalf.com; Yao, Jiewen > ; Wang, Jian J ; Xu, Min M > ; lersek@redhat.com; Sami Mujawar > ; afish@apple.com; Ni, Ray ; > Justen, Jordan L ; rebecca@bsdio.com; > grehan@freebsd.org; Thomas Abraham ; Chiu, > Chasel ; Desimone, Nathaniel L > ; gaoliming@byosoft.com.cn; Dong, Eric > ; Kinney, Michael D ; Su= n, > Zailiang ; Qian, Yi ; > graeme@nuviainc.com; rad@semihalf.com; pete@akeo.ie; Grzegorz Bernacki > > Subject: [PATCH v5 05/10] SecurityPkg: Remove duplicated functions from > SecureBootConfigDxe. >=20 > This commit removes functions which were added > to SecureBootVariableLib. It also adds dependecy > on that library. >=20 > Signed-off-by: Grzegorz Bernacki > --- >=20 > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDx > e.inf | 1 + >=20 > SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigIm > pl.c | 189 +------------------- > 2 files changed, 2 insertions(+), 188 deletions(-) >=20 > diff --git > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > Dxe.inf > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > Dxe.inf > index 573efa6379..30d9cd8025 100644 > --- > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > Dxe.inf > +++ > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig > Dxe.inf > @@ -54,6 +54,7 @@ > DevicePathLib > FileExplorerLib > PeCoffLib > + SecureBootVariableLib >=20 > [Guids] > ## SOMETIMES_CONSUMES ## Variable:L"CustomMode" > diff --git > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI > mpl.c > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI > mpl.c > index e82bfe7757..67e5e594ed 100644 > --- > a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI > mpl.c > +++ > b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigI > mpl.c > @@ -9,6 +9,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > #include "SecureBootConfigImpl.h" > #include > +#include >=20 > CHAR16 mSecureBootStorageName[] =3D > L"SECUREBOOT_CONFIGURATION"; >=20 > @@ -237,168 +238,6 @@ SaveSecureBootVariable ( > return Status; > } >=20 > -/** > - Create a time based data payload by concatenating the > EFI_VARIABLE_AUTHENTICATION_2 > - descriptor with the input data. NO authentication is required in this = function. > - > - @param[in, out] DataSize On input, the size of Data buffer in = bytes. > - On output, the size of data returned = in Data > - buffer in bytes. > - @param[in, out] Data On input, Pointer to data buffer to b= e wrapped or > - pointer to NULL to wrap an empty payl= oad. > - On output, Pointer to the new payload= date buffer allocated > from pool, > - it's caller's responsibility to free = the memory when finish > using it. > - > - @retval EFI_SUCCESS Create time based payload successfull= y. > - @retval EFI_OUT_OF_RESOURCES There are not enough memory resources > to create time based payload. > - @retval EFI_INVALID_PARAMETER The parameter is invalid. > - @retval Others Unexpected error happens. > - > -**/ > -EFI_STATUS > -CreateTimeBasedPayload ( > - IN OUT UINTN *DataSize, > - IN OUT UINT8 **Data > - ) > -{ > - EFI_STATUS Status; > - UINT8 *NewData; > - UINT8 *Payload; > - UINTN PayloadSize; > - EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData; > - UINTN DescriptorSize; > - EFI_TIME Time; > - > - if (Data =3D=3D NULL || DataSize =3D=3D NULL) { > - return EFI_INVALID_PARAMETER; > - } > - > - // > - // In Setup mode or Custom mode, the variable does not need to be sign= ed but > the > - // parameters to the SetVariable() call still need to be prepared as > authenticated > - // variable. So we create EFI_VARIABLE_AUTHENTICATED_2 descriptor > without certificate > - // data in it. > - // > - Payload =3D *Data; > - PayloadSize =3D *DataSize; > - > - DescriptorSize =3D OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthIn= fo) > + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData); > - NewData =3D (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize); > - if (NewData =3D=3D NULL) { > - return EFI_OUT_OF_RESOURCES; > - } > - > - if ((Payload !=3D NULL) && (PayloadSize !=3D 0)) { > - CopyMem (NewData + DescriptorSize, Payload, PayloadSize); > - } > - > - DescriptorData =3D (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData); > - > - ZeroMem (&Time, sizeof (EFI_TIME)); > - Status =3D gRT->GetTime (&Time, NULL); > - if (EFI_ERROR (Status)) { > - FreePool(NewData); > - return Status; > - } > - Time.Pad1 =3D 0; > - Time.Nanosecond =3D 0; > - Time.TimeZone =3D 0; > - Time.Daylight =3D 0; > - Time.Pad2 =3D 0; > - CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME)); > - > - DescriptorData->AuthInfo.Hdr.dwLength =3D OFFSET_OF > (WIN_CERTIFICATE_UEFI_GUID, CertData); > - DescriptorData->AuthInfo.Hdr.wRevision =3D 0x0200; > - DescriptorData->AuthInfo.Hdr.wCertificateType =3D WIN_CERT_TYPE_EFI_GU= ID; > - CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid); > - > - if (Payload !=3D NULL) { > - FreePool(Payload); > - } > - > - *DataSize =3D DescriptorSize + PayloadSize; > - *Data =3D NewData; > - return EFI_SUCCESS; > -} > - > -/** > - Internal helper function to delete a Variable given its name and GUID,= NO > authentication > - required. > - > - @param[in] VariableName Name of the Variable. > - @param[in] VendorGuid GUID of the Variable. > - > - @retval EFI_SUCCESS Variable deleted successfully. > - @retval Others The driver failed to start the device= . > - > -**/ > -EFI_STATUS > -DeleteVariable ( > - IN CHAR16 *VariableName, > - IN EFI_GUID *VendorGuid > - ) > -{ > - EFI_STATUS Status; > - VOID* Variable; > - UINT8 *Data; > - UINTN DataSize; > - UINT32 Attr; > - > - GetVariable2 (VariableName, VendorGuid, &Variable, NULL); > - if (Variable =3D=3D NULL) { > - return EFI_SUCCESS; > - } > - FreePool (Variable); > - > - Data =3D NULL; > - DataSize =3D 0; > - Attr =3D EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | > EFI_VARIABLE_BOOTSERVICE_ACCESS > - | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS; > - > - Status =3D CreateTimeBasedPayload (&DataSize, &Data); > - if (EFI_ERROR (Status)) { > - DEBUG ((EFI_D_ERROR, "Fail to create time-based data payload: %r", S= tatus)); > - return Status; > - } > - > - Status =3D gRT->SetVariable ( > - VariableName, > - VendorGuid, > - Attr, > - DataSize, > - Data > - ); > - if (Data !=3D NULL) { > - FreePool (Data); > - } > - return Status; > -} > - > -/** > - > - Set the platform secure boot mode into "Custom" or "Standard" mode. > - > - @param[in] SecureBootMode New secure boot mode: > STANDARD_SECURE_BOOT_MODE or > - CUSTOM_SECURE_BOOT_MODE. > - > - @return EFI_SUCCESS The platform has switched to the sp= ecial mode > successfully. > - @return other Fail to operate the secure boot mod= e. > - > -**/ > -EFI_STATUS > -SetSecureBootMode ( > - IN UINT8 SecureBootMode > - ) > -{ > - return gRT->SetVariable ( > - EFI_CUSTOM_MODE_NAME, > - &gEfiCustomModeEnableGuid, > - EFI_VARIABLE_NON_VOLATILE | > EFI_VARIABLE_BOOTSERVICE_ACCESS, > - sizeof (UINT8), > - &SecureBootMode > - ); > -} > - > /** > This code checks if the encode type and key strength of X.509 > certificate is qualified. > @@ -646,32 +485,6 @@ ON_EXIT: > return Status; > } >=20 > -/** > - Remove the PK variable. > - > - @retval EFI_SUCCESS Delete PK successfully. > - @retval Others Could not allow to delete PK. > - > -**/ > -EFI_STATUS > -DeletePlatformKey ( > - VOID > -) > -{ > - EFI_STATUS Status; > - > - Status =3D SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE); > - if (EFI_ERROR (Status)) { > - return Status; > - } > - > - Status =3D DeleteVariable ( > - EFI_PLATFORM_KEY_NAME, > - &gEfiGlobalVariableGuid > - ); > - return Status; > -} > - > /** > Enroll a new KEK item from public key storing file (*.pbk). >=20 > -- > 2.25.1