From patchwork Sun Nov 20 00:21:12 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Masahisa Kojima <masahisa.kojima@linaro.org>
X-Patchwork-Id: 627126
Delivered-To: patch@linaro.org
Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp964685pvb; 
 Sat, 19 Nov 2022 16:22:00 -0800 (PST)
X-Google-Smtp-Source: AA0mqf7ucol96hC0zcW6NXAVZ9pCYXCeRBOojuXe/UcMmTm1d/iBExIKIqptMm6/nwBPEJS9AFcK
X-Received: by 2002:ab0:2812:0:b0:418:c9ac:5a90 with SMTP id
 w18-20020ab02812000000b00418c9ac5a90mr223659uap.12.1668903720158;
 Sat, 19 Nov 2022 16:22:00 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1668903720; cv=none;
 d=google.com; s=arc-20160816;
 b=UCgD2jWaHkdQh8vbvt7EPMwgJlK1XUuJcKM7rlDZMXobv7RTuOxzTF8NXkIpGyZqck
 Ndt1lwsIu/jxpAcAX1owAU+8MCz0NW0N3xgVATly1NQscwlFQCWHx0exbbRjPkxiTuYL
 DNy0VUj1e2l6rI47X6uqWM0fRGdHYZHqGo6eJQMRB7dT28CaGBNY5crosHafetIdHOWM
 uT1TCTgLsbU0j1d6NDJ5vDrp2Gp0X+z5eyFWvQnlXRUslsOidKGZ75/CwOOdfYOtrAHT
 5GwWZQySjvA55CNwgQuuUQnDrdjO+Cyu+JWiOq/hiPumwPt6DfGegWsFmY7h7dyzT1r5
 whww==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
 h=sender:errors-to:list-subscribe:list-help:list-post:list-archive
 :list-unsubscribe:list-id:precedence:message-id:date:subject:cc:to
 :from:dkim-signature;
 bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=;
 b=BoQKUPSYoRiK0bUGwacp6ml5VhA8pjScYfLvrflin3irnGtEQCdpKbr4RmrBu/QiB9
 66Qgso+D+ugb0XwNZBbRAlpqKmrfm8KmwUz6rndimxKLqTwvq7hB45DySKiRlUuvzMrX
 Q5Tdjz9jaB9rIzl+nJ4Y/AJwpLx70yB89SNgFNUZ6aO52tBvg2Ji68ZM7qq6oJ02ct5t
 jATkOObIj9M3+F32k6+SGUqLjQgFRnn5Gq3VLYpNv/PvDV0rncZ2ohuZB8dYdSnGEcUR
 IA/cT4VwnfOmiQxhLOafHOEqnd5fN7lMr/GxGKPkDe+CWO9//0+a3xDLnfB8TT/+AjJs
 vU6w==
ARC-Authentication-Results: i=1; mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=uzuP1CS3;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Return-Path: <u-boot-bounces@lists.denx.de>
Received: from phobos.denx.de (phobos.denx.de.
 [2a01:238:438b:c500:173d:9f52:ddab:ee01])
 by mx.google.com with ESMTPS id
 q11-20020a67d78b000000b003aa3cd01ccdsi1285935vsj.405.2022.11.19.16.21.59
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 19 Nov 2022 16:22:00 -0800 (PST)
Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de
 designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01;
Authentication-Results: mx.google.com;
 dkim=pass header.i=@linaro.org header.s=google header.b=uzuP1CS3;
 spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates
 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender)
 smtp.mailfrom=u-boot-bounces@lists.denx.de;
 dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org
Received: from h2850616.stratoserver.net (localhost [IPv6:::1])
 by phobos.denx.de (Postfix) with ESMTP id 2676F84BCD;
 Sun, 20 Nov 2022 01:21:54 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de
Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key;
 unprotected) header.d=linaro.org header.i=@linaro.org header.b="uzuP1CS3";
 dkim-atps=neutral
Received: by phobos.denx.de (Postfix, from userid 109)
 id 11917849C0; Sun, 20 Nov 2022 01:21:52 +0100 (CET)
X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de
X-Spam-Level: 
X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS
 autolearn=ham autolearn_force=no version=3.4.2
Received: from mail-pj1-x102c.google.com (mail-pj1-x102c.google.com
 [IPv6:2607:f8b0:4864:20::102c])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))
 (No client certificate requested)
 by phobos.denx.de (Postfix) with ESMTPS id C7BC6830E2
 for <u-boot@lists.denx.de>; Sun, 20 Nov 2022 01:21:48 +0100 (CET)
Authentication-Results: phobos.denx.de;
 dmarc=pass (p=none dis=none) header.from=linaro.org
Authentication-Results: phobos.denx.de;
 spf=pass smtp.mailfrom=masahisa.kojima@linaro.org
Received: by mail-pj1-x102c.google.com with SMTP id
 l22-20020a17090a3f1600b00212fbbcfb78so11407757pjc.3
 for <u-boot@lists.denx.de>; Sat, 19 Nov 2022 16:21:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; 
 h=message-id:date:subject:cc:to:from:from:to:cc:subject:date
 :message-id:reply-to;
 bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=;
 b=uzuP1CS3a/R1L1D/SZ0hm/kRA5sPfav91mrRIAOBS/QB67e9Y6IaO65hzoqlzHHrwV
 KEN9brP+AKLZwHRPSK8EUqgTIIAeVO5hj6gcdth4HmljJ3bQfAAslkkNGa9GPSzSgCWD
 akzKDTrH8yE6I1XaCMuqQIrwBUuEMROSZ72gh4V4OEOICkPA8Mn1RD8B0asMHtrgGZ0P
 Z5HUwi7bwASzmi34pN7ahmLvDv1qblJohNrhiUCZKYT6uJ0g9hI+cRazL+osf9q6Ja0+
 LroCoPatjWX2CN2J2GsrGoHxqyIvRt1vaaUwRKYUvIVGMVDQjTC0eoU9+x0LK8sqKNTT
 1DTg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112;
 h=message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc
 :subject:date:message-id:reply-to;
 bh=Jd50svD2JNnYFclb95mmgiX7794mH4OEByq5ZhZVK/g=;
 b=f5Le/I5AgpGdkJHS/CnmgdiGh3PZnTKC7YtwN22mi7p1CAS87OY30nJLIvlD2OIjmk
 QdPntx7SU+Qlr7/abU8W6s39Iws3TuwzXUPsFLUMt27zfP58Acgs4Ju3FjFn9Cp5Z2sg
 xtLpdRA6la1veMIjK1QSjwj5imR6agRQh9xq72z3ti/xzIaLYDBZVG2G2xkp1jtlkqzc
 FWHUQLzOoyPrivh6ObF07M3s//ZIbbjb5w7YZEfoUQOHTRG9c7reF1aJKy5tCnZVsftm
 53dVKiZbkAT4+j21Ci4kcPpMJ+5YZ2gPJl32MUweTpKAA89DPTVMBh63EW+w18I67v9T
 E+Yg==
X-Gm-Message-State: ANoB5pmmUC3odTUN2QXQqJm6E74mPPSHKkIXW5tyhdBePFs4pjvoantO
 edFN56f5f+dHXpCBZrjqfbFaEc0ZzOzRlA==
X-Received: by 2002:a17:902:cf02:b0:186:c372:72d6 with SMTP id
 i2-20020a170902cf0200b00186c37272d6mr5839014plg.25.1668903706755;
 Sat, 19 Nov 2022 16:21:46 -0800 (PST)
Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1])
 by smtp.gmail.com with ESMTPSA id
 d12-20020a170902654c00b00168dadc7354sm1859431pln.78.2022.11.19.16.21.44
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Sat, 19 Nov 2022 16:21:45 -0800 (PST)
From: Masahisa Kojima <masahisa.kojima@linaro.org>
To: u-boot@lists.denx.de
Cc: Heinrich Schuchardt <xypron.glpk@gmx.de>,
 Ilias Apalodimas <ilias.apalodimas@linaro.org>,
 Simon Glass <sjg@chromium.org>,
 Takahiro Akashi <takahiro.akashi@linaro.org>,
 Etienne Carriere <etienne.carriere@linaro.org>,
 Masahisa Kojima <masahisa.kojima@linaro.org>
Subject: [PATCH v10 0/7] eficonfig: add UEFI Secure Boot key maintenance
 interface
Date: Sun, 20 Nov 2022 09:21:12 +0900
Message-Id: <20221120002119.23683-1-masahisa.kojima@linaro.org>
X-Mailer: git-send-email 2.17.1
X-BeenThere: u-boot@lists.denx.de
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: U-Boot discussion <u-boot.lists.denx.de>
List-Unsubscribe: <https://lists.denx.de/options/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>
List-Archive: <https://lists.denx.de/pipermail/u-boot/>
List-Post: <mailto:u-boot@lists.denx.de>
List-Help: <mailto:u-boot-request@lists.denx.de?subject=help>
List-Subscribe: <https://lists.denx.de/listinfo/u-boot>,
 <mailto:u-boot-request@lists.denx.de?subject=subscribe>
Errors-To: u-boot-bounces@lists.denx.de
Sender: "U-Boot" <u-boot-bounces@lists.denx.de>
X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de
X-Virus-Status: Clean

This series adds the UEFI Secure Boot key maintenance interface
to the eficonfig command.
User can enroll PK, KEK, db and dbx.

Source code can be cloned with:
$ git clone https://git.linaro.org/people/masahisa.kojima/u-boot.git -b kojima/eficonfig_sbkey_v10

[major changes]
-rebase to v2023.01-rc1

Masahisa Kojima (7):
  eficonfig: refactor file selection handling
  eficonfig: expose append entry function
  eficonfig: refactor change boot order implementation
  eficonfig: expose eficonfig_create_device_path()
  eficonfig: use protocol interface for file selection
  eficonfig: add UEFI Secure Boot Key enrollment interface
  eficonfig: add "Show Signature Database" menu entry

 cmd/Makefile                                  |   5 +
 cmd/eficonfig.c                               | 234 ++++----
 cmd/eficonfig_sbkey.c                         | 498 ++++++++++++++++++
 include/efi_config.h                          |  13 +-
 .../py/tests/test_eficonfig/test_eficonfig.py |   1 +
 5 files changed, 632 insertions(+), 119 deletions(-)
 create mode 100644 cmd/eficonfig_sbkey.c