From patchwork Wed Oct 26 10:43:40 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 618801 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp309673pvb; Wed, 26 Oct 2022 03:43:14 -0700 (PDT) X-Google-Smtp-Source: AMsMyM7zlULbIm3qzz/OR+IdW1yD9b59uNnn7gTHmT4JNhRnRwuYcAmhK33pMLQvxePnJkWv92Cz X-Received: by 2002:a17:907:60d3:b0:78d:f874:3267 with SMTP id hv19-20020a17090760d300b0078df8743267mr36595501ejc.409.1666780993869; Wed, 26 Oct 2022 03:43:13 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666780993; cv=none; d=google.com; s=arc-20160816; b=Z08pZ6Inf8S4PZ3TNzCKmXkHpt10SqncnVh3FV1w5ZO6+zxVM22jWqHWm/aERroy6Y jZ0nFnC1loXqwtES4dc1KXny10R5cG+nTFdy7H6XKPBT0ku/amIQhYC0th7CdO9BGv76 jomTe+3hweVMbM8tg6SAG9RJj+2FaDjJLVB0Ixv64xxIXmLr6ynRsnsNHrcWF6dWDlH2 Ay4KTHLLaaMK9JffdTPjyolcVaLRk4YSPwp/8hK8y27t0TPYpDXit3lBq4w2Kh7Q96pc LOQjxD/V5lkOCshI1kYVOGQMg8slMP4r91nHxTxOpZ/dfY5mm6aIIirTyRHGyDLEDvq9 G6/w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=; b=ubINlLBbXFKkFLp13AOi1nbyFBjyxNV+YF74kfEGLH/xty1OLTPxHGRZbAdw7j+6bX 9YulrJQQfJF6zIIqDrYhn4kyHH2GGi4kFfjdAxoLNvPHdE1q4j+fY3nH95D0GPtQtC/s fSF6/aGRCd7R6whGb14QXgGm+YPlBZp10BeTbhOYfDYPgCD+Xq9BrF+lGZ8n+7LOGsbM JFOEZDdeYS8B1Ju0H8cRxsnhdSilRTyhfc8GweQMkdd3QltDZhX3CZz2AkJPuPwRyLHe JgJ1oTQq2Orr85r/xvoqVefPQW5ohVfvAivywkcPH9lnzRPKS32zZ6lFlYq9h/3rMDyT j48g== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=mn0R6jBy; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id x4-20020a1709060a4400b0078dcbd7d244si4559681ejf.376.2022.10.26.03.43.13 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 03:43:13 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=mn0R6jBy; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C076184FC0; Wed, 26 Oct 2022 12:43:12 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="mn0R6jBy"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id AF91A85028; Wed, 26 Oct 2022 12:43:10 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x529.google.com (mail-pg1-x529.google.com [IPv6:2607:f8b0:4864:20::529]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id ECE5B84F9E for ; Wed, 26 Oct 2022 12:43:06 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pg1-x529.google.com with SMTP id 128so14396569pga.1 for ; Wed, 26 Oct 2022 03:43:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=; b=mn0R6jByb78dxy0s67DZOy2db75USYO29hOhYcqeLsv5/hk9ubSOWLY/BOI79sWa9n TIubgVj5X3TAN1FrXJGXLleOf1a99WcTFxw4SNPVUAvujLjBqvGOM6tw+fwm+OhWElYW SJ6vs2P/pFqqPfMkGvlmyApPuUvW9HnM8FwJDc+ODy1UENBLLZ8u/4zsPbQGZnPWcSuE M2EwfaerZ2s+oxk8O0XvLXvo+16sefcYEaCmNVuHCKARyISrl+elXkcf+IDXCqwiKiCu V6obwUluzsaIT58/DRMi8O4xGlhlih7mokfww4EPAMDV8N0hq0EzcGagGhVdbipjdaHU G96A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=; b=sKuuicBoRxzYCHJLHGhbA7pPXhlLnXD21hZQpQr9zPRf81zXaGu5IJp4XIVN+bE1n3 SXzVX0CW5Zx4+mDw1EdIn5TTxa60Xf4P/rr3l+mgIvyEilkKR60feFsdqPfpjVnx8r3B veJpZ5fTbngQNDW2sSCxfAOAMTBO7rqB6dSq5a+wnsE67HpcopSCox9Q/TpdVxHUfY9W mXzjgxhu3ZONHLey5QeW7MO55ShEhjkjzx1+eyHS1ssTZvwFY90pKaTAuzXDMbFsBwKX 8FyZ7pWU49BzXTs7Udrp3XH0lqBhNXr6DIrIdPAzcxA9XGmqg+96cEknA+n+k97Do3CQ urSw== X-Gm-Message-State: ACrzQf0xE94tHwKtcVyHdiEHScP5ran5+H6AjfqWe6TkOt6oBXFD+rS4 2c6LO54a3j7P4gcTwSaKH05D13AloIINKg== X-Received: by 2002:a63:f608:0:b0:46f:1b5:8474 with SMTP id m8-20020a63f608000000b0046f01b58474mr13889910pgh.377.1666780985060; Wed, 26 Oct 2022 03:43:05 -0700 (PDT) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id b3-20020a1709027e0300b00186881e1feasm2637078plm.112.2022.10.26.03.43.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 26 Oct 2022 03:43:04 -0700 (PDT) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Etienne Carriere , Masahisa Kojima Subject: [PATCH v6 0/5] eficonfig: add UEFI Secure Boot key maintenance interface Date: Wed, 26 Oct 2022 19:43:40 +0900 Message-Id: <20221026104345.28714-1-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This series adds the UEFI Secure Boot key maintenance interface to the eficonfig command. User can enroll and delete the PK, KEK, db and dbx. Source code can be cloned with: $ git clone https://git.linaro.org/people/masahisa.kojima/u-boot.git -b kojima/eficonfig_sbkey_v6 Masahisa Kojima (5): eficonfig: refactor eficonfig_select_file_handler() eficonfig: expose append entry function eficonfig: refactor change boot order implementation eficonfig: add UEFI Secure Boot Key enrollment interface eficonfig: add "Show/Delete Signature Database" menu entry cmd/Makefile | 5 + cmd/eficonfig.c | 177 +++-- cmd/eficonfig_sbkey.c | 727 ++++++++++++++++++ include/efi_config.h | 10 + .../py/tests/test_eficonfig/test_eficonfig.py | 1 + 5 files changed, 835 insertions(+), 85 deletions(-) create mode 100644 cmd/eficonfig_sbkey.c