[edk2-devel] [edk2-platforms PATCH v4 10/12] ARM Silicon and Platforms: add SecureBootVariableLib class resolution
Graeme Gregory
graeme at nuviainc.com
Wed Jun 30 13:26:39 UTC 2021
On Wed, Jun 30, 2021 at 02:34:10PM +0200, Grzegorz Bernacki wrote:
> The edk2 patch
> SecurityPkg: Create library for setting Secure Boot variables.
>
> removes generic functions from SecureBootConfigDxe and places
> them into SecureBootVariableLib. This patch adds SecureBootVariableLib
> mapping for each ARM platform which uses SecureBootConfigDxe.
>
For the SBSA Qemu bit
Reviewed-by: Graeme Gregory <graeme at nuviainc.com>
> Signed-off-by: Grzegorz Bernacki <gjb at semihalf.com>
> ---
> Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc | 1 +
> Platform/Qemu/SbsaQemu/SbsaQemu.dsc | 1 +
> Platform/RaspberryPi/RPi3/RPi3.dsc | 1 +
> Platform/RaspberryPi/RPi4/RPi4.dsc | 1 +
> Platform/Socionext/DeveloperBox/DeveloperBox.dsc | 4 ++++
> 5 files changed, 8 insertions(+)
>
> diff --git a/Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc b/Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc
> index fee7cfcc2d..60fdb244ba 100644
> --- a/Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc
> +++ b/Platform/ARM/VExpressPkg/ArmVExpress.dsc.inc
> @@ -129,6 +129,7 @@
> !if $(SECURE_BOOT_ENABLE) == TRUE
> TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
> AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
>
> # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
> PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> diff --git a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> index 11ce361cdb..b1c4030ec9 100644
> --- a/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> +++ b/Platform/Qemu/SbsaQemu/SbsaQemu.dsc
> @@ -156,6 +156,7 @@ DEFINE NETWORK_HTTP_BOOT_ENABLE = FALSE
> #
> TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
> AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
>
> # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
> PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> diff --git a/Platform/RaspberryPi/RPi3/RPi3.dsc b/Platform/RaspberryPi/RPi3/RPi3.dsc
> index 53825bcf62..73f7f2f8c3 100644
> --- a/Platform/RaspberryPi/RPi3/RPi3.dsc
> +++ b/Platform/RaspberryPi/RPi3/RPi3.dsc
> @@ -167,6 +167,7 @@
>
> # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
> PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
> !else
> TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
> AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
> diff --git a/Platform/RaspberryPi/RPi4/RPi4.dsc b/Platform/RaspberryPi/RPi4/RPi4.dsc
> index fd73c4d14b..d38fee8fb8 100644
> --- a/Platform/RaspberryPi/RPi4/RPi4.dsc
> +++ b/Platform/RaspberryPi/RPi4/RPi4.dsc
> @@ -164,6 +164,7 @@
> !if $(SECURE_BOOT_ENABLE) == TRUE
> TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
> AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
>
> # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
> PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
> diff --git a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> index 88454c1f90..41b7c3bced 100644
> --- a/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> +++ b/Platform/Socionext/DeveloperBox/DeveloperBox.dsc
> @@ -52,6 +52,10 @@
>
> MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf
>
> +!if $(SECURE_BOOT_ENABLE) == TRUE
> + SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
> +!endif
> +
> [LibraryClasses.common.SEC]
> PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
> BaseMemoryLib|MdePkg/Library/BaseMemoryLib/BaseMemoryLib.inf
> --
> 2.25.1
>
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#77369): https://edk2.groups.io/g/devel/message/77369
Mute This Topic: https://groups.io/mt/83891040/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list