[edk2-devel] [PATCH v7 07/11] ArmPlatformPkg: Create include file for default key content.

Fri Jul 30 10:23:22 UTC 2021

This commits add file which can be included by platform Flash
Description File. It allows to specify certificate files, which
will be embedded into binary file. The content of these files
can be used to initialize Secure Boot default keys and databases.

Signed-off-by: Grzegorz Bernacki <gjb at semihalf.com>
Reviewed-by: Sunny Wang <sunny.wang at arm.com>
---
 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc | 70 ++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc

diff --git a/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc b/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
new file mode 100644
index 0000000000..bf4f2d42de
--- /dev/null
+++ b/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
@@ -0,0 +1,70 @@
+## @file
+# FDF include file which allows to embed Secure Boot keys
+#
+#  Copyright (c) 2021, ARM Limited. All rights reserved.
+#  Copyright (c) 2021, Semihalf. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+
+!if $(DEFAULT_KEYS) == TRUE
+  FILE FREEFORM = 85254ea7-4759-4fc4-82d4-5eed5fb0a4a0 {
+  !ifdef $(PK_DEFAULT_FILE)
+    SECTION RAW = $(PK_DEFAULT_FILE)
+  !endif
+    SECTION UI = "PK Default"
+  }
+
+  FILE FREEFORM = 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
+  !ifdef $(KEK_DEFAULT_FILE1)
+    SECTION RAW = $(KEK_DEFAULT_FILE1)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE2)
+    SECTION RAW = $(KEK_DEFAULT_FILE2)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE3)
+    SECTION RAW = $(KEK_DEFAULT_FILE3)
+  !endif
+    SECTION UI = "KEK Default"
+  }
+
+  FILE FREEFORM = c491d352-7623-4843-accc-2791a7574421 {
+  !ifdef $(DB_DEFAULT_FILE1)
+    SECTION RAW = $(DB_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE2)
+    SECTION RAW = $(DB_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE3)
+    SECTION RAW = $(DB_DEFAULT_FILE3)
+  !endif
+    SECTION UI = "DB Default"
+  }
+
+  FILE FREEFORM = 36c513ee-a338-4976-a0fb-6ddba3dafe87 {
+  !ifdef $(DBT_DEFAULT_FILE1)
+    SECTION RAW = $(DBT_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE2)
+    SECTION RAW = $(DBT_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE3)
+    SECTION RAW = $(DBT_DEFAULT_FILE3)
+  !endif
+    SECTION UI = "DBT Default"
+  }
+
+  FILE FREEFORM = 5740766a-718e-4dc0-9935-c36f7d3f884f {
+  !ifdef $(DBX_DEFAULT_FILE1)
+    SECTION RAW = $(DBX_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE2)
+    SECTION RAW = $(DBX_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE3)
+    SECTION RAW = $(DBX_DEFAULT_FILE3)
+  !endif
+    SECTION UI = "DBX Default"
+  }
+
+!endif
-- 
2.25.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78430): https://edk2.groups.io/g/devel/message/78430
Mute This Topic: https://groups.io/mt/84547399/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-



