From patchwork Mon Oct 24 04:47:57 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 617831 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp2482931pvb; Sun, 23 Oct 2022 21:47:42 -0700 (PDT) X-Google-Smtp-Source: AMsMyM79UZZJLpw4TOdAAVTxE+LUmWx/99Erg3pcnuVxkn2qxneRtlBdkeLMTV/7ku34RMKyK+gR X-Received: by 2002:a17:907:7214:b0:791:a4cf:5bb7 with SMTP id dr20-20020a170907721400b00791a4cf5bb7mr22159625ejc.576.1666586861939; Sun, 23 Oct 2022 21:47:41 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666586861; cv=none; d=google.com; s=arc-20160816; b=YMwfrwI32HyOMsSwweWbxZtKm0982MVkpAl1f04IkDvoiWiHUe7EZgS9zon70A13mI e3R3pz3P6fjGWubtImamsBJMyLZBNfRwQYwPpnQqjor6ZZbE5/0x8s4mgiFvqOX0P3H5 l+Wh2Elwo9oY3hKDISZ0+JyFjq+/5GMjvWbyQO5GPiIRNsKoAmRFDUKhTBwUqR6XCvuJ w0CWrPRGq0R463rgM+sOtUS7wVAZz+PT3TKHELKI07qfE10YTduCwttrwG47U6WdNzH9 IS+cXss4ZyyweB07fJWoX1ICU+uSpmnkvk3XqXzsCcsxdzyw9C3ran55IIRrQo9PUFXL e9TA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=meTVYy3zLIwy8TIZhVNRa7X2Tf/6ZwE+AfBrw+8GOrg=; b=j7LYf888NKlR8NAC5i/ST37ehyQ5nGmpPVFpapYR075K+9PyySNbkz0UE1lHpDzQFw plEn6mmtVWZfh8xOukabYiZKJ4UUYnowhymkwcTPXbb+/B6aXQx6e01YKDlOBwZo6OQr GKRvF8JtEXoNHXNSS1kuPfIdGJqYO0653DSIOGLXoi0LEMKz2btTGHwtDtkJc/rxRe9B VayNySgiIQqkWUPXKHI5qqorp7+cngpmhUyIo1jww6GtZHRxfVbiPc1JseRiwGNfsbJz 4GRO8+MlsU3XWeex8B1TUdev0geAL1KX/c/m7Jc9sxad5xrR2lyOwRfet43kVU4Qr+Ne 4uLg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=w+MoftNc; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id nb26-20020a1709071c9a00b0078ed891fef3si17582165ejc.440.2022.10.23.21.47.41 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Oct 2022 21:47:41 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=w+MoftNc; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 5D93F84EA8; Mon, 24 Oct 2022 06:47:38 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="w+MoftNc"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3C6EF84225; Mon, 24 Oct 2022 06:47:37 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 24CAB84225 for ; Mon, 24 Oct 2022 06:47:34 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pg1-x52f.google.com with SMTP id 128so7798927pga.1 for ; Sun, 23 Oct 2022 21:47:34 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=meTVYy3zLIwy8TIZhVNRa7X2Tf/6ZwE+AfBrw+8GOrg=; b=w+MoftNcf9+KCHi1sCa4ORnLwK9ANML8Xzinx+bHMeykbZIOdnfp/zYTSdmNprS5Pk S3AUi1qtONpxMqmXS40pDqjrnogv9qzPUJIbEmoNdNB0Juatg61D6pd0fLCSS5h+404h av7hZ/PH6nx5Wu4Miiu6vV/zL5oRMjfe6Xubp6P9W1zbCQpwcHipcYdSzg854BpmsUtY IlIntyVU/VKzWUVh8ULQDWCjxhnzBia0wA5MhWutDmyrGTH9aaZ18xubRL5W00BdvN+E 4TZTZftqLBmX3SYDj8W1iAWpcUAo+Pey3ac26yn3U2uthLnUSoon7nh9NwLSG2nZe8YN 9Low== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=meTVYy3zLIwy8TIZhVNRa7X2Tf/6ZwE+AfBrw+8GOrg=; b=xJFN5nporUC/Aogg2gW+pAfy3zyxT2c7Lg4XMvRKeoVYfF+H8iyrU4V00FS+EAQlSL ilbp/a4Qz/etPeQL/oWUYNJipS9FV+9WUVYJUZokhrz7bl8PaJ4LZiE/HU6sr61ty1rb yPrH2+1WlhQps8sOlnc9ZZPQglTYGPW1adAWb6QR6nn/2A6GupsTfqkgr30GLSnLJc6I dlPv3pskbjxkvlNJu51M5Ua8JRmQGlRXQ75zlSEbP5XVFr3yKOrZ5xX3wUav7lF+r1bX 8mCvkmwRDNqqQBbD2uz7lKouoldP6CwcfyE16KEPtM88tbczPP47wAPLTFfoPWrBvnhB gnlw== X-Gm-Message-State: ACrzQf2LVXaGOZisrM1dLTr28KSa6AgfF5NJhZkZspxOWxz7WtPalRFD GLtnwVJw9FA8G1aD8HJdy7UfSLFWFfFS8A== X-Received: by 2002:a63:5c08:0:b0:46e:e211:5694 with SMTP id q8-20020a635c08000000b0046ee2115694mr7766500pgb.441.1666586852046; Sun, 23 Oct 2022 21:47:32 -0700 (PDT) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id i72-20020a62874b000000b0056b932f3280sm3213979pfe.103.2022.10.23.21.47.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Oct 2022 21:47:31 -0700 (PDT) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v4 0/7] eficonfig: add UEFI Secure Boot key maintenance interface Date: Mon, 24 Oct 2022 13:47:57 +0900 Message-Id: <20221024044804.3351-1-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This series adds the UEFI Secure Boot key maintenance interface to the eficonfig command. User can enroll and delete the PK, KEK, db and dbx. Source code can be cloned with: $ git clone https://git.linaro.org/people/masahisa.kojima/u-boot.git -b kojima/eficonfig_sbkey_v4 I'm aware of Simon's refactoring for common/menu.c, but this series is based on the current U-Boot/master. [Major Changes] - add menu entry accessor with '&' followed by title - add CONFIG_EFI_MM_COMM_TEE dependency Masahisa Kojima (7): eficonfig: refactor eficonfig_select_file_handler() eficonfig: expose append entry function eficonfig: add direct menu entry access mode eficonfig: add direct menu entry access in change boot order eficonfig: add UEFI Secure Boot Key enrollment interface eficonfig: add "Show/Delete Signature Database" menu entry test/py: eficonfig: use direct menu entry access mode cmd/Makefile | 5 + cmd/eficonfig.c | 331 ++++++-- cmd/eficonfig_sbkey.c | 751 ++++++++++++++++++ common/menu.c | 3 + include/efi_config.h | 13 + include/menu.h | 1 + .../py/tests/test_eficonfig/test_eficonfig.py | 178 ++--- 7 files changed, 1089 insertions(+), 193 deletions(-) create mode 100644 cmd/eficonfig_sbkey.c