Implement Customized Secure Boot feature accordingt to Mantis 1263. Patch includes Customized Secure Boot Mode transition, Secure Boot UI update and ImageVerificationLib logic update in AuditMode.
https://mantis.uefi.org/mantis/view.php?id=1263 Zhang, Chao B (2): SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition. Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management. Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table. https://mantis.uefi.org/mantis/view.php?id=1263 SecurityPkg: SecureBootConfigDxe: SecureBoot UI for Customized SecureBoot Mode Add SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. User can do secure boot mode transition through UI. https://mantis.uefi.org/mantis/view.php?id=1263 SecurityPkg/Library/AuthVariableLib/AuthService.c | 1404 +++++++++++++++++--- .../Library/AuthVariableLib/AuthServiceInternal.h | 73 + .../Library/AuthVariableLib/AuthVariableLib.c | 110 +- .../Library/AuthVariableLib/AuthVariableLib.inf | 4 + .../DxeImageVerificationLib.c | 670 +++++++++- .../SecureBootConfigDxe/SecureBootConfig.vfr | 77 +- .../SecureBootConfigDxe/SecureBootConfigImpl.c | 432 +++++- .../SecureBootConfigDxe/SecureBootConfigNvData.h | 11 +- .../SecureBootConfigStrings.uni | Bin 13086 -> 14876 bytes 9 files changed, 2399 insertions(+), 382 deletions(-) -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
