[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootDefaultKeysDxe / SecureBootDefaultKeysDxe.c

/** @file\r
  This driver init default Secure Boot variables\r
\r
Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
Copyright (c) 2021, Ampere Computing LLC. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
#include <Guid/AuthenticatedVariableFormat.h>\r
#include <Guid/ImageAuthentication.h>\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <UefiSecureBoot.h>\r
#include <Library/SecureBootVariableLib.h>\r
#include <Library/SecureBootVariableProvisionLib.h>\r
\r
/**\r
  The entry point for SecureBootDefaultKeys driver.\r
\r
  @param[in]  ImageHandle        The image handle of the driver.\r
  @param[in]  SystemTable        The system table.\r
\r
  @retval EFI_SUCCESS            The secure default keys are initialized successfully.\r
  @retval EFI_UNSUPPORTED        One of the secure default keys already exists.\r
  @retval EFI_NOT_FOUND          One of the PK, KEK, or DB default keys is not found.\r
  @retval Others                 Fail to initialize the secure default keys.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecureBootDefaultKeysEntryPoint (\r
  IN EFI_HANDLE        ImageHandle,\r
  IN EFI_SYSTEM_TABLE  *SystemTable\r
  )\r
{\r
  EFI_STATUS  Status;\r
\r
  Status = SecureBootInitPKDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitKEKDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitDbDefault ();\r
  if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitDbtDefault ();\r
  if (Status == EFI_NOT_FOUND) {\r
    DEBUG ((DEBUG_INFO, "%a: dbtDefault not initialized\n", __FUNCTION__));\r
  } else if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbtDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  Status = SecureBootInitDbxDefault ();\r
  if (Status == EFI_NOT_FOUND) {\r
    DEBUG ((DEBUG_INFO, "%a: dbxDefault not initialized\n", __FUNCTION__));\r
  } else if (EFI_ERROR (Status)) {\r
    DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbxDefault: %r\n", __FUNCTION__, Status));\r
    return Status;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
94e06558 GB	1	/** @file\r
	2	This driver init default Secure Boot variables\r
	3	\r
	4	Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
	5	Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
22737996	6	Copyright (c) 2021, Ampere Computing LLC. All rights reserved.<BR>\r
94e06558 GB	7	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	8	\r
	9	**/\r
	10	#include <Guid/AuthenticatedVariableFormat.h>\r
	11	#include <Guid/ImageAuthentication.h>\r
	12	#include <Library/BaseLib.h>\r
	13	#include <Library/BaseMemoryLib.h>\r
	14	#include <Library/DebugLib.h>\r
	15	#include <Library/MemoryAllocationLib.h>\r
	16	#include <Library/UefiBootServicesTableLib.h>\r
	17	#include <Library/UefiRuntimeServicesTableLib.h>\r
d2a0f379	18	#include <UefiSecureBoot.h>\r
94e06558 GB	19	#include <Library/SecureBootVariableLib.h>\r
	20	#include <Library/SecureBootVariableProvisionLib.h>\r
	21	\r
	22	/**\r
	23	The entry point for SecureBootDefaultKeys driver.\r
	24	\r
	25	@param[in] ImageHandle The image handle of the driver.\r
	26	@param[in] SystemTable The system table.\r
	27	\r
22737996 NP	28	@retval EFI_SUCCESS The secure default keys are initialized successfully.\r
	29	@retval EFI_UNSUPPORTED One of the secure default keys already exists.\r
	30	@retval EFI_NOT_FOUND One of the PK, KEK, or DB default keys is not found.\r
	31	@retval Others Fail to initialize the secure default keys.\r
94e06558 GB	32	\r
	33	**/\r
	34	EFI_STATUS\r
	35	EFIAPI\r
	36	SecureBootDefaultKeysEntryPoint (\r
c411b485 MK	37	IN EFI_HANDLE ImageHandle,\r
c411b485 MK	38	IN EFI_SYSTEM_TABLE *SystemTable\r
94e06558 GB	39	)\r
	40	{\r
	41	EFI_STATUS Status;\r
	42	\r
	43	Status = SecureBootInitPKDefault ();\r
	44	if (EFI_ERROR (Status)) {\r
c411b485	45	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize PKDefault: %r\n", __FUNCTION__, Status));\r
94e06558 GB	46	return Status;\r
	47	}\r
	48	\r
	49	Status = SecureBootInitKEKDefault ();\r
	50	if (EFI_ERROR (Status)) {\r
	51	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize KEKDefault: %r\n", __FUNCTION__, Status));\r
	52	return Status;\r
	53	}\r
c411b485	54	\r
94e06558 GB	55	Status = SecureBootInitDbDefault ();\r
	56	if (EFI_ERROR (Status)) {\r
	57	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbDefault: %r\n", __FUNCTION__, Status));\r
	58	return Status;\r
	59	}\r
	60	\r
	61	Status = SecureBootInitDbtDefault ();\r
22737996	62	if (Status == EFI_NOT_FOUND) {\r
94e06558	63	DEBUG ((DEBUG_INFO, "%a: dbtDefault not initialized\n", __FUNCTION__));\r
22737996 NP	64	} else if (EFI_ERROR (Status)) {\r
	65	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbtDefault: %r\n", __FUNCTION__, Status));\r
	66	return Status;\r
94e06558 GB	67	}\r
	68	\r
	69	Status = SecureBootInitDbxDefault ();\r
22737996	70	if (Status == EFI_NOT_FOUND) {\r
94e06558	71	DEBUG ((DEBUG_INFO, "%a: dbxDefault not initialized\n", __FUNCTION__));\r
22737996 NP	72	} else if (EFI_ERROR (Status)) {\r
	73	DEBUG ((DEBUG_ERROR, "%a: Cannot initialize dbxDefault: %r\n", __FUNCTION__, Status));\r
	74	return Status;\r
94e06558 GB	75	}\r
94e06558 GB	76	\r
22737996	77	return EFI_SUCCESS;\r
94e06558	78	}\r