From patchwork Wed Nov  9 03:28:59 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 622913
Delivered-To: patch@linaro.org
Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp16622pvb;
 Tue, 8 Nov 2022 19:27:49 -0800 (PST)
X-Google-Smtp-Source: AMsMyM7FxJkHlscnQaPP8/kgELtq82mjjr4as2nrQcsnyl/rVJrV6p4psDt8SEZ8gClgbjTJh/j8
X-Received: by 2002:a17:907:a07a:b0:7ad:88f8:7ed9 with SMTP id
 ia26-20020a170907a07a00b007ad88f87ed9mr53740124ejc.579.1667964468925;
 Tue, 08 Nov 2022 19:27:48 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1667964468; cv=none;
 d=google.com; s=arc-20160816;
 b=hSlP9jiZfeXPKGu5scY5WIQcpPx4ZdVB2sALk7bDrdDSSR03vKrM11b2kcpw7iDYWp
 uGuHM5sSLFqBimtBjSzujZ4u1t7p834YoM8EDS6kTblsFbmENrPCYtI5RMIiSthOj5UU
 BZZpekr2Gu2pf8N0LdCmiTVZiFe7n9L6GsWxqgsURupam4lPkBZIUh7vOS7rhKOlULrY
 db9+PcoRYWIG5S+VBp7Y9XqXwTdVlT+RuEfEFud4D0Z2yKSplZfaveub7s+E+vEpDreP
 r9ZUa1GHh6zN68mlwTx5WluAx08SXMj3F+FWQbYujYj7nCjRiU/qqumZHdT2H1i/dz0O
 3BRw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to
 :from:dkim-signature;
 bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=;
 b=Qx+11E46WFiH0c9/9yS6PAPjxwCLqKqDBcucQJQAY36htdZKE6SLxERh06llsaXxOK
 AcRQyJG88enLsz/0ZJHInQ7JKXVrLRoXAlNjeEc70TAhgvS0P4qiiQ7TPHoxlKFLC6XI
 FWelAQ/ZMnfpob1tTFWsPQC7sWUm49W7twgDNecN8TSG0M2BMRGEE1ilPsK1wu/9kZNG
 3+kJHsa09dlk0TUDsPzWIUCSYIcRsvv6xfm9yJCnNY6GLIDY2VHIZ8mO8JIx8fb6OuwE
 yQHQ9PE5l9NM2/yGDNGVXjjEBOuOPxK4t2vmJOcnPSnwtYYQFTFAtcbie4hdZ7pkj1q1
 vB9A==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="L/zDO9bm";
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61])
 by mx.google.com with ESMTPS id
 eb14-20020a0564020d0e00b004632b914eb5si17402345edb.351.2022.11.08.19.27.48
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 08 Nov 2022 19:27:48 -0800 (PST)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b="L/zDO9bm";
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; 
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id AAE9184EF6;
 Wed,  9 Nov 2022 04:27:38 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.b="L/zDO9bm";
 dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 8E7BB84EEF; Wed,  9 Nov 2022 04:27:33 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
 autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pj1-x102a.google.com (mail-pj1-x102a.google.com
 [IPv6:2607:f8b0:4864:20::102a])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id 4140684EC9
 for <u-boot@lists.denx.de>; Wed,  9 Nov 2022 04:27:27 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pj1-x102a.google.com with SMTP id
 d13-20020a17090a3b0d00b00213519dfe4aso706738pjc.2
 for <u-boot@lists.denx.de>; Tue, 08 Nov 2022 19:27:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=;
 b=L/zDO9bm2C4r+bWLnB7fsC6tWyG2PdO9zYggFvhC/hGvLu3jDa6HNJZPwR6jFcnzxm
 B0CMIWGMv4yoF4y73nZ1Gmkuk2UcA7xvgNKRLuAZsOvkn7H4msmCRDlIaWq+slx8qrQn
 RPDSBrZQIJUuqTBNwNCdG8/pYuNxo5MSP82Y/qwgLRau3ggsA0VzYY9jmr35dZUHouz7
 VGuqp9NKM2BtylznAAwtbxlLJ+ylgBmz+s0XZcCnA1CIj3+BzJIWNCI2ttbO17nCSjhn
 4SODVW/wH3f2tebXMIPm/ON4wqsBcMFP2V89hHYXR4mUQL71xvtcVPLutxQLXW9YvPh4
 hFhQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=U6AT/qJSrw4Ih5bCSRUqwgaN2GQKsMGh0CxjO1qz/Jc=;
 b=5ONZI3zfSGEsos7Iqj+shg2NPPmAf5UwDgr6ZYNBENurNSiPRvWJSp6kOTy66tN0m2
 qyDBC1L31HjVIaPwQX7GH30dtxQ9rXZcuBQ+EZS0XwaxIjsE90JsKhwDk74qTRraqzwM
 09flZfVYXnnaJp8xGQHLHZco7VvDH+11i05vtHzj/ne7jz2apwsVDa3dVa2G660Neiil
 7kskTC2oHw/MqIdPtU5j4LdZx/HmhPp89pMalglGl5ZgScgUhYJ+VGhl3Pr+W7IFuFi/
 oyxgDUUPtBl/XTP+0BpSH3ORPMLXnifiqiW77Cq4LTye4mz4zuMGOTYwCTnnpAn2xRo2
 CpmQ==
X-Gm-Message-State: ACrzQf2qwz//iuAOLA77Iji7Mwwf3vhyPDTtUfz30J4FHvM699XO5EeZ
 cuUlcMcuxrVIziyua6vqlO74TpXlUDEE6g==
X-Received: by 2002:a17:902:ab1c:b0:17e:c0f0:96a4 with SMTP id
 ik28-20020a170902ab1c00b0017ec0f096a4mr1144893plb.80.1667964445167;
 Tue, 08 Nov 2022 19:27:25 -0800 (PST)
Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1])
 by smtp.gmail.com with ESMTPSA id
 l10-20020a170903120a00b00177faf558b5sm7742103plh.250.2022.11.08.19.27.22
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 08 Nov 2022 19:27:24 -0800 (PST)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>,
 Takahiro Akashi <takahiro.akashi@linaro.org>,
 Etienne Carriere <etienne.carriere@linaro.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>
Subject: [PATCH v6 0/5] eficonfig: add UEFI Secure Boot key maintenance
 interface
Date: Wed,  9 Nov 2022 12:28:59 +0900
Message-Id: <20221109032904.5361-1-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.17.1
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

This series adds the UEFI Secure Boot key maintenance interface
to the eficonfig command.
User can enroll and delete the PK, KEK, db and dbx.

Source code can be cloned with:
$ git clone https://git.linaro.org/people/masahisa.kojima/u-boot.git -b kojima/eficonfig_sbkey_v6

Masahisa Kojima (5):
  eficonfig: refactor eficonfig_select_file_handler()
  eficonfig: expose append entry function
  eficonfig: refactor change boot order implementation
  eficonfig: add UEFI Secure Boot Key enrollment interface
  eficonfig: add "Show/Delete Signature Database" menu entry

 cmd/Makefile                                  |   5 +
 cmd/eficonfig.c                               | 177 +++--
 cmd/eficonfig_sbkey.c                         | 727 ++++++++++++++++++
 include/efi_config.h                          |  10 +
 .../py/tests/test_eficonfig/test_eficonfig.py |   1 +
 5 files changed, 835 insertions(+), 85 deletions(-)
 create mode 100644 cmd/eficonfig_sbkey.c