From patchwork Mon Feb 12 10:31:20 2018 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Moorthy B S X-Patchwork-Id: 127986 Delivered-To: patch@linaro.org Received: by 10.46.124.24 with SMTP id x24csp3077679ljc; Mon, 12 Feb 2018 02:39:48 -0800 (PST) X-Google-Smtp-Source: AH8x226NTJzELUtWCJ/Yz152ostHom/RA8YpQRsyeM0TcAELEKx28gF2jEXEstbjsf9w1zxFk/cv X-Received: by 2002:a17:902:7848:: with SMTP id e8-v6mr10534430pln.386.1518431988736; Mon, 12 Feb 2018 02:39:48 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1518431988; cv=none; d=google.com; s=arc-20160816; b=CMAJT6VUKRd37o5IECxrAKXP1jsRhQ7WulY/Ee1LuPCoUOF8x3prg4fz4/FZhSRSAr 7trMA9BI0TBdA5w4yaPsVNcbkjarpcvLzqDXugwiUWNDNEE31Vv+754B6HOw04KrgIlv 5Qh9M/MXQaGotqT7Oqy4oz2oZMP/Y+91BacUjUJS5peR1WpRlFAnUE3djMjbuXhqpyNs +lVpu8/vuhlHlSdfu/Wy9senYtvoZ3yjJdJPPD5K7ARQ2ujgy4yuan9Dukmg1GnHYuFm TRhmCEE6Y2gqpGJrS7hYv9u9OFHR42qt7/KXs9EIN+T8rcuiiCSRdELDPJNn9JejhBzN BZew== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:content-transfer-encoding:mime-version:cc :list-subscribe:list-help:list-post:list-archive:list-unsubscribe :list-id:precedence:subject:references:in-reply-to:message-id:date :to:from:dkim-signature:delivered-to:arc-authentication-results; bh=Hc0HIg3MaUBzzrUulbVCBuIXdzsQ7s11+Bkn+JLnDus=; b=waFDFtISrOxP7Psn9cetUZN14fc3FW7cxAkGuBxdUpiHqGG3dMBRLzbA2sdCkx+X/J bveGHQ3MlA7eFTYZBWSHuxaFeKRgptWW58ypqaQJJrEj9VUljkNSWV+9oF9IlMiIcfrU tBEvr6oOImJjLeHVXCYxqdKtl8/D5ZDYJF5aI8iljsbOn8OaJ8QM0p0+iEUZ4scxosGh 1YF2W+E9s51MlYxC6tKOAHvqjNFMnKQi32cn/uD2EooU3YaoU+k3R3wT/QXXMZcWO3nE 2EUoI34cV/5SpQD/sfbA2M7AVQyqfXUPHiIReH+v6HuZOfvqL5NMvxesHwbcYjs7LO/a 6Vrw== ARC-Authentication-Results: i=1; mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=a7p/fqui; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from ml01.01.org (ml01.01.org. [198.145.21.10]) by mx.google.com with ESMTPS id a9si1921546pff.338.2018.02.12.02.39.48 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 12 Feb 2018 02:39:48 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) client-ip=198.145.21.10; Authentication-Results: mx.google.com; dkim=neutral (body hash did not verify) header.i=@linaro.org header.s=google header.b=a7p/fqui; spf=pass (google.com: best guess record for domain of edk2-devel-bounces@lists.01.org designates 198.145.21.10 as permitted sender) smtp.mailfrom=edk2-devel-bounces@lists.01.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id C17812237A4D8; Mon, 12 Feb 2018 02:33:54 -0800 (PST) X-Original-To: edk2-devel@lists.01.org Delivered-To: edk2-devel@lists.01.org Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=2607:f8b0:400e:c05::244; helo=mail-pg0-x244.google.com; envelope-from=moorthy.baskaravenkatraman-sambamoorthy@linaro.org; receiver=edk2-devel@lists.01.org Received: from mail-pg0-x244.google.com (mail-pg0-x244.google.com [IPv6:2607:f8b0:400e:c05::244]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3C4D722361E47 for ; Mon, 12 Feb 2018 02:26:13 -0800 (PST) Received: by mail-pg0-x244.google.com with SMTP id w17so7244080pgv.6 for ; Mon, 12 Feb 2018 02:32:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=z336l98BTZugkTZwtrgVsYjLPgyvi6/gLuCVez0ruRM=; b=a7p/fqui6KXp49rxkCyln++ElTh8kQdgUG3Kzpi1N0s4mIBEnjaVuAu6FtGQwIlZa+ 8bCUG+PuP3eKLFoqSUDa51RvVgiPavwYgcVOqcvMWtl0OQ3T8eR2wSc63Yc9pmmfO9uo FoxYsD8B5iwoLtKvmArPTdOf5ZA5V5SubvYGM= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=z336l98BTZugkTZwtrgVsYjLPgyvi6/gLuCVez0ruRM=; b=QvkP/zLeHy4udtLiS/Kh8JzcWwfYRdhw/9qFpdZw6nST5VZZt75U3WWnMpVUHgUYXT nlzlPTNchvMlv1LsfvrirVKX9+jCcsRDF0sHykV/+XQAeA7+U0L4oZPf7wuYeApN3C75 Xfpg2FzNORYcM5PrRmTwaW3g9iz9zC88GP6WsrZVhUcKAmx8Amwz4fQneCT++aSidkxQ 1AfuN1bEMV/t5Ayc3kQETNnJLe4HccpAqU2MyFZYIMBeMkobgPYkrSniV9Z3+QJsPm04 WqSthNilh2xdwx9Z5EG+PwFD9VIk81DbYp7MhX1NujuILDzAo3/aOr8JTBMKFL3h5gQs wB6Q== X-Gm-Message-State: APf1xPBiSZPPcmmjsPRGIt+ngniGYgfWKzdSJgG/KktQtMnxq9XooPdw pPeNHzU7o7ZE7XGzli9bjpctJ8rRXZ8= X-Received: by 10.99.1.206 with SMTP id 197mr99536pgb.179.1518431521926; Mon, 12 Feb 2018 02:32:01 -0800 (PST) Received: from localhost.localdomain ([220.225.120.129]) by smtp.gmail.com with ESMTPSA id s82sm32355780pfa.151.2018.02.12.02.32.00 (version=TLS1_2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Mon, 12 Feb 2018 02:32:01 -0800 (PST) From: Moorthy Baskaravenkatraman To: edk2-devel@lists.01.org Date: Mon, 12 Feb 2018 16:01:20 +0530 Message-Id: <20180212103122.10729-3-moorthy.baskaravenkatraman-sambamoorthy@linaro.org> X-Mailer: git-send-email 2.15.0 In-Reply-To: <20180212103122.10729-1-moorthy.baskaravenkatraman-sambamoorthy@linaro.org> References: <20180212103122.10729-1-moorthy.baskaravenkatraman-sambamoorthy@linaro.org> X-Mailman-Approved-At: Mon, 12 Feb 2018 02:33:53 -0800 Subject: [edk2] [PATCH v1 2/4] edk2-platforms:comcast: RDK secure boot Application X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ard Biesheuvel MIME-Version: 1.0 Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" From: Kalyan Nagabhirava Application will get file path of PK key and KEK keys using rdk.conf file, once keys are available, application will enable secure boot and validates the signed kernel Image. Cc: Ard Biesheuvel Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Moorthy Baskaravenkatraman --- Platform/Comcast/Application/SecureBoot/SecureBoot.inf | 43 ++++++++++++++++++++ Platform/Comcast/Application/SecureBoot/SecureBoot.c | 30 ++++++++++++++ 2 files changed, 73 insertions(+) -- 2.15.0 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.inf b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf new file mode 100644 index 000000000000..da0cd3b3b742 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.inf @@ -0,0 +1,43 @@ +# +# Copyright (c) 2014-2018, Linaro Limited. All rights reserved. +# Copyright (c) 2016-2017, Comcast. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + +################################################################################ +# +# Defines Section - statements that will be processed to create a Makefile. +# +################################################################################ + +[Defines] + INF_VERSION = 0x0001001A + BASE_NAME = RdkSecureLoader + FILE_GUID = b2c7930f-07ef-4305-ac4e-1ce2085a7031 + MODULE_TYPE = UEFI_APPLICATION + VERSION_STRING = 1.0 + ENTRY_POINT = SecureBootEntryPoint + +[Sources] + SecureBoot.c + +[Packages] + ArmPkg/ArmPkg.dec + EmbeddedPkg/EmbeddedPkg.dec + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + ShellPkg/ShellPkg.dec + SecurityPkg/SecurityPkg.dec + NetworkPkg/NetworkPkg.dec + Platform/Comcast/Library/RdkBootManagerLib/RdkBootManagerLib.dec + +[LibraryClasses] + RdkBootManagerLib + UefiApplicationEntryPoint diff --git a/Platform/Comcast/Application/SecureBoot/SecureBoot.c b/Platform/Comcast/Application/SecureBoot/SecureBoot.c new file mode 100644 index 000000000000..bea1e5888703 --- /dev/null +++ b/Platform/Comcast/Application/SecureBoot/SecureBoot.c @@ -0,0 +1,30 @@ +/* +# Copyright (c) 2014-2018, Linaro Limited. All rights reserved. +# +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# + */ +#include + +EFI_STATUS +EFIAPI +SecureBootEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + Status = RdkSecureBoot ( + ImageHandle, + SystemTable->BootServices + ); + + return Status; +}