| Message ID | 20180108054513.2279-4-kalyankumar.nagabhirava@linaro.org |
|---|---|
| State | New |
| Headers | show |
| Series | edk2-platforms:Comcast:Rdk Qemu platform for RDK UEFI applications | expand |
On 8 January 2018 at 05:45, kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org> wrote: > Application will get file path of PK key and KEK key using rdk.conf file, once keys are > Available, application will enable secure boot and validates the signed kernel Image. > > Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org> > --- > Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 57 ++++++++++++++++++++ > Platform/Comcast/Application/SecureBoot/SecureBoot.c | 30 +++++++++++ > 2 files changed, 87 insertions(+) > > diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf > new file mode 100644 > index 000000000000..e7a3bb3afbb6 > --- /dev/null > +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf > @@ -0,0 +1,57 @@ > +# > +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. Bump the year? > +# Copyright (c) 2016-2017, comcast . All rights reserved. > +# > +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the BSD License > +# which accompanies this distribution. The full text of the license may be found at > +# http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +# > + > +################################################################################ > +# > +# Defines Section - statements that will be processed to create a Makefile. > +# > +################################################################################ > + > +[Defines] > + INF_VERSION = 0x00010006 please use 0x0001001A for new files > + BASE_NAME = RdkSecureLoader > + FILE_GUID = b2c7930f-07ef-4305-ac4e-1ce2085a7031 > + MODULE_TYPE = UEFI_APPLICATION > + VERSION_STRING = 1.0 > + ENTRY_POINT = SecureBootEntryPoint > + > +[Sources] > + SecureBoot.c > + > +[Packages] > + ArmPkg/ArmPkg.dec > + ArmPlatformPkg/ArmPlatformPkg.dec > + EmbeddedPkg/EmbeddedPkg.dec > + MdePkg/MdePkg.dec > + MdeModulePkg/MdeModulePkg.dec > + ShellPkg/ShellPkg.dec > + SecurityPkg/SecurityPkg.dec > + CryptoPkg/CryptoPkg.dec > + NetworkPkg/NetworkPkg.dec > + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec > + Do you really use all of these? > +[Guids] > + gEfiCertX509Guid > + gEfiCertPkcs7Guid > + gEfiCustomModeEnableGuid > + gEfiImageSecurityDatabaseGuid > + gFdtTableGuid > + gRdkGlobalVariableGuid > + > +[LibraryClasses] > + RdkBootManagerLib > + UefiApplicationEntryPoint > + > +[Protocols] > + gEfiBlockIoProtocolGuid > + gEfiDevicePathToTextProtocolGuid > diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c > new file mode 100644 > index 000000000000..51ac75835fd0 > --- /dev/null > +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c > @@ -0,0 +1,30 @@ > +/* > +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. > +# > +# This program and the accompanying materials > +# are licensed and made available under the terms and conditions of the BSD License > +# which accompanies this distribution. The full text of the license may be found at > +# http://opensource.org/licenses/bsd-license.php > +# > +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, > +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. > +# > + */ > +#include <RdkBootManagerLib.h> > + > +EFI_STATUS > +EFIAPI > +SecureBootEntryPoint ( > + IN EFI_HANDLE ImageHandle, > + IN EFI_SYSTEM_TABLE *SystemTable > + ) > +{ > + EFI_STATUS Status; > + > + Status = RdkSecureBoot ( > + ImageHandle, > + SystemTable->BootServices > + ); > + > + return Status; > +} > -- > 2.15.0 > _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf new file mode 100644 index 000000000000..e7a3bb3afbb6 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf @@ -0,0 +1,57 @@ +# +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, comcast . All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = RdkSecureLoader + FILE_GUID = b2c7930f-07ef-4305-ac4e-1ce2085a7031 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = SecureBootEntryPoint + +[Sources] + SecureBoot.c + +[Packages] + ArmPkg/ArmPkg.dec + ArmPlatformPkg/ArmPlatformPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + CryptoPkg/CryptoPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[Guids] + gEfiCertX509Guid + gEfiCertPkcs7Guid + gEfiCustomModeEnableGuid + gEfiImageSecurityDatabaseGuid + gFdtTableGuid + gRdkGlobalVariableGuid + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint + +[Protocols] + gEfiBlockIoProtocolGuid + gEfiDevicePathToTextProtocolGuid diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c new file mode 100644 index 000000000000..51ac75835fd0 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c @@ -0,0 +1,30 @@ +/* +# Copyright (c) 2016-2017, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include <RdkBootManagerLib.h> + +EFI_STATUS +EFIAPI +SecureBootEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkSecureBoot ( + ImageHandle, + SystemTable->BootServices + ); + + return Status; +}
Application will get file path of PK key and KEK key using rdk.conf file, once keys are Available, application will enable secure boot and validates the signed kernel Image. Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: kalyan-nagabhirava <kalyankumar.nagabhirava@linaro.org> --- Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 57 ++++++++++++++++++++ Platform/Comcast/Application/SecureBoot/SecureBoot.c | 30 +++++++++++ 2 files changed, 87 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel