2 This driver init default Secure Boot variables
4 Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>
5 Copyright (c) 2021, Semihalf All rights reserved.<BR>
6 Copyright (c) 2021, Ampere Computing LLC. All rights reserved.<BR>
7 SPDX-License-Identifier: BSD-2-Clause-Patent
10 #include <Guid/AuthenticatedVariableFormat.h>
11 #include <Guid/ImageAuthentication.h>
12 #include <Library/BaseLib.h>
13 #include <Library/BaseMemoryLib.h>
14 #include <Library/DebugLib.h>
15 #include <Library/MemoryAllocationLib.h>
16 #include <Library/UefiBootServicesTableLib.h>
17 #include <Library/UefiRuntimeServicesTableLib.h>
18 #include <UefiSecureBoot.h>
19 #include <Library/SecureBootVariableLib.h>
20 #include <Library/SecureBootVariableProvisionLib.h>
23 The entry point for SecureBootDefaultKeys driver.
25 @param[in] ImageHandle The image handle of the driver.
26 @param[in] SystemTable The system table.
28 @retval EFI_SUCCESS The secure default keys are initialized successfully.
29 @retval EFI_UNSUPPORTED One of the secure default keys already exists.
30 @retval EFI_NOT_FOUND One of the PK, KEK, or DB default keys is not found.
31 @retval Others Fail to initialize the secure default keys.
36 SecureBootDefaultKeysEntryPoint (
37 IN EFI_HANDLE ImageHandle
,
38 IN EFI_SYSTEM_TABLE
*SystemTable
43 Status
= SecureBootInitPKDefault ();
44 if (EFI_ERROR (Status
)) {
45 DEBUG ((DEBUG_ERROR
, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__
, Status
));
49 Status
= SecureBootInitKEKDefault ();
50 if (EFI_ERROR (Status
)) {
51 DEBUG ((DEBUG_ERROR
, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__
, Status
));
55 Status
= SecureBootInitDbDefault ();
56 if (EFI_ERROR (Status
)) {
57 DEBUG ((DEBUG_ERROR
, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__
, Status
));
61 Status
= SecureBootInitDbtDefault ();
62 if (Status
== EFI_NOT_FOUND
) {
63 DEBUG ((DEBUG_INFO
, "%a: dbtDefault not initialized\n", __FUNCTION__
));
64 } else if (EFI_ERROR (Status
)) {
65 DEBUG ((DEBUG_ERROR
, "%a: Cannot initialize dbtDefault: %r\n", __FUNCTION__
, Status
));
69 Status
= SecureBootInitDbxDefault ();
70 if (Status
== EFI_NOT_FOUND
) {
71 DEBUG ((DEBUG_INFO
, "%a: dbxDefault not initialized\n", __FUNCTION__
));
72 } else if (EFI_ERROR (Status
)) {
73 DEBUG ((DEBUG_ERROR
, "%a: Cannot initialize dbxDefault: %r\n", __FUNCTION__
, Status
));