From patchwork Sun Nov 20 00:21:12 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 627126 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp964685pvb; Sat, 19 Nov 2022 16:22:00 -0800 (PST) X-Google-Smtp-Source: AA0mqf7ucol96hC0zcW6NXAVZ9pCYXCeRBOojuXe/UcMmTm1d/iBExIKIqptMm6/nwBPEJS9AFcK X-Received: by 2002:ab0:2812:0:b0:418:c9ac:5a90 with SMTP id w18-20020ab02812000000b00418c9ac5a90mr223659uap.12.1668903720158; Sat, 19 Nov 2022 16:22:00 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1668903720; cv=none; d=google.com; s=arc-20160816; b=UCgD2jWaHkdQh8vbvt7EPMwgJlK1XUuJcKM7rlDZMXobv7RTuOxzTF8NXkIpGyZqck Ndt1lwsIu/jxpAcAX1owAU+8MCz0NW0N3xgVATly1NQscwlFQCWHx0exbbRjPkxiTuYL DNy0VUj1e2l6rI47X6uqWM0fRGdHYZHqGo6eJQMRB7dT28CaGBNY5crosHafetIdHOWM uT1TCTgLsbU0j1d6NDJ5vDrp2Gp0X+z5eyFWvQnlXRUslsOidKGZ75/CwOOdfYOtrAHT 5GwWZQySjvA55CNwgQuuUQnDrdjO+Cyu+JWiOq/hiPumwPt6DfGegWsFmY7h7dyzT1r5 whww== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to :from:dkim-signature; bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=; b=BoQKUPSYoRiK0bUGwacp6ml5VhA8pjScYfLvrflin3irnGtEQCdpKbr4RmrBu/QiB9 66Qgso+D+ugb0XwNZBbRAlpqKmrfm8KmwUz6rndimxKLqTwvq7hB45DySKiRlUuvzMrX Q5Tdjz9jaB9rIzl+nJ4Y/AJwpLx70yB89SNgFNUZ6aO52tBvg2Ji68ZM7qq6oJ02ct5t jATkOObIj9M3+F32k6+SGUqLjQgFRnn5Gq3VLYpNv/PvDV0rncZ2ohuZB8dYdSnGEcUR IA/cT4VwnfOmiQxhLOafHOEqnd5fN7lMr/GxGKPkDe+CWO9//0+a3xDLnfB8TT/+AjJs vU6w== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uzuP1CS3; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id q11-20020a67d78b000000b003aa3cd01ccdsi1285935vsj.405.2022.11.19.16.21.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 19 Nov 2022 16:22:00 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=uzuP1CS3; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2676F84BCD; Sun, 20 Nov 2022 01:21:54 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="uzuP1CS3"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 11917849C0; Sun, 20 Nov 2022 01:21:52 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com [IPv6:2607:f8b0:4864:20::102c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id C7BC6830E2 for ; Sun, 20 Nov 2022 01:21:48 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pj1-x102c.google.com with SMTP id l22-20020a17090a3f1600b00212fbbcfb78so11407757pjc.3 for ; Sat, 19 Nov 2022 16:21:48 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=; b=uzuP1CS3a/R1L1D/SZ0hm/kRA5sPfav91mrRIAOBS/QB67e9Y6IaO65hzoqlzHHrwV KEN9brP+AKLZwHRPSK8EUqgTIIAeVO5hj6gcdth4HmljJ3bQfAAslkkNGa9GPSzSgCWD akzKDTrH8yE6I1XaCMuqQIrwBUuEMROSZ72gh4V4OEOICkPA8Mn1RD8B0asMHtrgGZ0P Z5HUwi7bwASzmi34pN7ahmLvDv1qblJohNrhiUCZKYT6uJ0g9hI+cRazL+osf9q6Ja0+ LroCoPatjWX2CN2J2GsrGoHxqyIvRt1vaaUwRKYUvIVGMVDQjTC0eoU9+x0LK8sqKNTT 1DTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=; b=f5Le/I5AgpGdkJHS/CnmgdiGh3PZnTKC7YtwN22mi7p1CAS87OY30nJLIvlD2OIjmk QdPntx7SU+Qlr7/abU8W6s39Iws3TuwzXUPsFLUMt27zfP58Acgs4Ju3FjFn9Cp5Z2sg xtLpdRA6la1veMIjK1QSjwj5imR6agRQh9xq72z3ti/xzIaLYDBZVG2G2xkp1jtlkqzc FWHUQLzOoyPrivh6ObF07M3s//ZIbbjb5w7YZEfoUQOHTRG9c7reF1aJKy5tCnZVsftm 53dVKiZbkAT4+j21Ci4kcPpMJ+5YZ2gPJl32MUweTpKAA89DPTVMBh63EW+w18I67v9T E+Yg== X-Gm-Message-State: ANoB5pmmUC3odTUN2QXQqJm6E74mPPSHKkIXW5tyhdBePFs4pjvoantO edFN56f5f+dHXpCBZrjqfbFaEc0ZzOzRlA== X-Received: by 2002:a17:902:cf02:b0:186:c372:72d6 with SMTP id i2-20020a170902cf0200b00186c37272d6mr5839014plg.25.1668903706755; Sat, 19 Nov 2022 16:21:46 -0800 (PST) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id d12-20020a170902654c00b00168dadc7354sm1859431pln.78.2022.11.19.16.21.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 19 Nov 2022 16:21:45 -0800 (PST) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Etienne Carriere , Masahisa Kojima Subject: [PATCH v10 0/7] eficonfig: add UEFI Secure Boot key maintenance interface Date: Sun, 20 Nov 2022 09:21:12 +0900 Message-Id: <20221120002119.23683-1-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This series adds the UEFI Secure Boot key maintenance interface to the eficonfig command. User can enroll PK, KEK, db and dbx. Source code can be cloned with: $ git clone https://git.linaro.org/people/masahisa.kojima/u-boot.git -b kojima/eficonfig_sbkey_v10 [major changes] -rebase to v2023.01-rc1 Masahisa Kojima (7): eficonfig: refactor file selection handling eficonfig: expose append entry function eficonfig: refactor change boot order implementation eficonfig: expose eficonfig_create_device_path() eficonfig: use protocol interface for file selection eficonfig: add UEFI Secure Boot Key enrollment interface eficonfig: add "Show Signature Database" menu entry cmd/Makefile | 5 + cmd/eficonfig.c | 234 ++++---- cmd/eficonfig_sbkey.c | 498 ++++++++++++++++++ include/efi_config.h | 13 +- .../py/tests/test_eficonfig/test_eficonfig.py | 1 + 5 files changed, 632 insertions(+), 119 deletions(-) create mode 100644 cmd/eficonfig_sbkey.c