[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootDefaultKeysDxe / SecureBootDefaultKeysDxe.c

/** @file\r
  This driver init default Secure Boot variables\r
\r
Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
Copyright (c) 2021, Ampere Computing LLC. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
#include <Guid/AuthenticatedVariableFormat.h>\r
#include <Guid/ImageAuthentication.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/SecureBootVariableLib.h>\r
#include <Library/SecureBootVariableProvisionLib.h>\r
\r
/**\r
  The entry point for SecureBootDefaultKeys driver.\r
\r
  @param[in]  ImageHandle        The image handle of the driver.\r
  @param[in]  SystemTable        The system table.\r
\r
  @retval EFI_SUCCESS            The secure default keys are initialized successfully.\r
  @retval EFI_UNSUPPORTED        One of the secure default keys already exists.\r
  @retval EFI_NOT_FOUND          One of the PK, KEK, or DB default keys is not found.\r
  @retval Others                 Fail to initialize the secure default keys.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecureBootDefaultKeysEntryPoint (\r
  IN EFI_HANDLE          ImageHandle,\r
  IN EFI_SYSTEM_TABLE    *SystemTable\r
  )\r
{\r
  EFI_STATUS  Status;\r
\r
  Status = SecureBootInitPKDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG((DEBUG_ERROR, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitKEKDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
  Status = SecureBootInitDbDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitDbtDefault ();\r
  if (Status == EFI_NOT_FOUND) {\r
    DEBUG ((DEBUG_INFO, "%a: dbtDefault not initialized\n", __FUNCTION__));\r
  } else if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbtDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitDbxDefault ();\r
  if (Status == EFI_NOT_FOUND) {\r
    DEBUG ((DEBUG_INFO, "%a: dbxDefault not initialized\n", __FUNCTION__));\r
  } else if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbxDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
94e06558 GB	1	/** @file\r
	2	This driver init default Secure Boot variables\r
	3	\r
	4	Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
	5	Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
22737996	6	Copyright (c) 2021, Ampere Computing LLC. All rights reserved.<BR>\r
94e06558 GB	7	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	8	\r
	9	**/\r
	10	#include <Guid/AuthenticatedVariableFormat.h>\r
	11	#include <Guid/ImageAuthentication.h>\r
	12	#include <Library/BaseLib.h>\r
	13	#include <Library/BaseMemoryLib.h>\r
	14	#include <Library/DebugLib.h>\r
	15	#include <Library/MemoryAllocationLib.h>\r
	16	#include <Library/UefiBootServicesTableLib.h>\r
	17	#include <Library/UefiRuntimeServicesTableLib.h>\r
	18	#include <Library/SecureBootVariableLib.h>\r
	19	#include <Library/SecureBootVariableProvisionLib.h>\r
	20	\r
	21	/**\r
	22	The entry point for SecureBootDefaultKeys driver.\r
	23	\r
	24	@param[in] ImageHandle The image handle of the driver.\r
	25	@param[in] SystemTable The system table.\r
	26	\r
22737996 NP	27	@retval EFI_SUCCESS The secure default keys are initialized successfully.\r
	28	@retval EFI_UNSUPPORTED One of the secure default keys already exists.\r
	29	@retval EFI_NOT_FOUND One of the PK, KEK, or DB default keys is not found.\r
	30	@retval Others Fail to initialize the secure default keys.\r
94e06558 GB	31	\r
	32	**/\r
	33	EFI_STATUS\r
	34	EFIAPI\r
	35	SecureBootDefaultKeysEntryPoint (\r
	36	IN EFI_HANDLE ImageHandle,\r
	37	IN EFI_SYSTEM_TABLE *SystemTable\r
	38	)\r
	39	{\r
	40	EFI_STATUS Status;\r
	41	\r
	42	Status = SecureBootInitPKDefault ();\r
	43	if (EFI_ERROR (Status)) {\r
	44	DEBUG((DEBUG_ERROR, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__, Status));\r
	45	return Status;\r
	46	}\r
	47	\r
	48	Status = SecureBootInitKEKDefault ();\r
	49	if (EFI_ERROR (Status)) {\r
	50	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__, Status));\r
	51	return Status;\r
	52	}\r
	53	Status = SecureBootInitDbDefault ();\r
	54	if (EFI_ERROR (Status)) {\r
	55	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__, Status));\r
	56	return Status;\r
	57	}\r
	58	\r
	59	Status = SecureBootInitDbtDefault ();\r
22737996	60	if (Status == EFI_NOT_FOUND) {\r
94e06558	61	DEBUG ((DEBUG_INFO, "%a: dbtDefault not initialized\n", __FUNCTION__));\r
22737996 NP	62	} else if (EFI_ERROR (Status)) {\r
	63	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbtDefault: %r\n", __FUNCTION__, Status));\r
	64	return Status;\r
94e06558 GB	65	}\r
	66	\r
	67	Status = SecureBootInitDbxDefault ();\r
22737996	68	if (Status == EFI_NOT_FOUND) {\r
94e06558	69	DEBUG ((DEBUG_INFO, "%a: dbxDefault not initialized\n", __FUNCTION__));\r
22737996 NP	70	} else if (EFI_ERROR (Status)) {\r
	71	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbxDefault: %r\n", __FUNCTION__, Status));\r
	72	return Status;\r
94e06558 GB	73	}\r
94e06558 GB	74	\r
22737996	75	return EFI_SUCCESS;\r
94e06558	76	}\r