]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Clean up the code. Action statement should not have text two opcode.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 text
37 help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
38 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
39 text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
40
41 //
42 // Define of Check Box: Attempt Secure Boot
43 //
44 suppressif TRUE;
45 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
46 questionid = KEY_HIDE_SECURE_BOOT,
47 prompt = STRING_TOKEN(STR_NULL),
48 help = STRING_TOKEN(STR_NULL),
49 flags = INTERACTIVE,
50 endcheckbox;
51 endif;
52
53 //
54 // Display of Check Box: Attempt Secure Boot
55 //
56 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
57 checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
58 questionid = KEY_SECURE_BOOT_ENABLE,
59 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
60 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
61 flags = INTERACTIVE | RESET_REQUIRED,
62 endcheckbox;
63 endif;
64
65 //
66 // Display of Oneof: 'Secure Boot Mode'
67 //
68 disableif TRUE;
69 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
70 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
71 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
72 flags = INTERACTIVE,
73 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = 0;
74 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
75 endoneof;
76 endif;
77 oneof name = SecureBootMode,
78 questionid = KEY_SECURE_BOOT_MODE,
79 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
80 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
81 flags = INTERACTIVE | NUMERIC_SIZE_1,
82 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
83 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
84 endoneof;
85
86 //
87 //
88 // Display of 'Current Secure Boot Mode'
89 //
90 suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
91 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
92 goto FORMID_SECURE_BOOT_OPTION_FORM,
93 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
94 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
95 flags = INTERACTIVE,
96 key = KEY_SECURE_BOOT_OPTION;
97 endif;
98 endif;
99 endform;
100
101 //
102 // ##2 Form: 'Custom Secure Boot Options'
103 //
104 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
105 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
106
107 subtitle text = STRING_TOKEN(STR_NULL);
108
109 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
110 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
111 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
112 flags = INTERACTIVE,
113 key = KEY_SECURE_BOOT_PK_OPTION;
114
115 subtitle text = STRING_TOKEN(STR_NULL);
116
117 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
118 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
119 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
120 flags = INTERACTIVE,
121 key = KEY_SECURE_BOOT_KEK_OPTION;
122
123 subtitle text = STRING_TOKEN(STR_NULL);
124
125 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
126 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
127 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
128 flags = INTERACTIVE,
129 key = KEY_SECURE_BOOT_DB_OPTION;
130
131 subtitle text = STRING_TOKEN(STR_NULL);
132
133 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
134 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
135 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
136 flags = INTERACTIVE,
137 key = KEY_SECURE_BOOT_DBX_OPTION;
138
139 endform;
140
141 //
142 // ##3 Form: 'PK Options'
143 //
144 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
145 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
146
147 subtitle text = STRING_TOKEN(STR_NULL);
148
149 //
150 // Define of Check Box: 'Delete PK'
151 //
152 suppressif TRUE;
153 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
154 prompt = STRING_TOKEN(STR_NULL),
155 help = STRING_TOKEN(STR_NULL),
156 endcheckbox;
157 endif;
158
159 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
160 goto FORMID_ENROLL_PK_FORM,
161 prompt = STRING_TOKEN(STR_ENROLL_PK),
162 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
163 flags = INTERACTIVE,
164 key = KEY_ENROLL_PK;
165 endif;
166
167 subtitle text = STRING_TOKEN(STR_NULL);
168
169 //
170 // Display of Check Box: 'Delete Pk'
171 //
172 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
173 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
174 questionid = KEY_SECURE_BOOT_DELETE_PK,
175 prompt = STRING_TOKEN(STR_DELETE_PK),
176 help = STRING_TOKEN(STR_DELETE_PK_HELP),
177 flags = INTERACTIVE | RESET_REQUIRED,
178 endcheckbox;
179 endif;
180 endform;
181
182 //
183 // ##4 Form: 'Enroll PK'
184 //
185 form formid = FORMID_ENROLL_PK_FORM,
186 title = STRING_TOKEN(STR_ENROLL_PK);
187
188 subtitle text = STRING_TOKEN(STR_NULL);
189
190 goto FORM_FILE_EXPLORER_ID_PK,
191 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
192 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
193 flags = INTERACTIVE,
194 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
195 endform;
196
197 //
198 // ##5 Form: 'KEK Options'
199 //
200 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
201 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
202
203 //
204 // Display of 'Enroll KEK'
205 //
206 goto FORMID_ENROLL_KEK_FORM,
207 prompt = STRING_TOKEN(STR_ENROLL_KEK),
208 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
209 flags = INTERACTIVE;
210
211 subtitle text = STRING_TOKEN(STR_NULL);
212
213 //
214 // Display of 'Delete KEK'
215 //
216 goto FORMID_DELETE_KEK_FORM,
217 prompt = STRING_TOKEN(STR_DELETE_KEK),
218 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
219 flags = INTERACTIVE,
220 key = KEY_DELETE_KEK;
221
222 subtitle text = STRING_TOKEN(STR_NULL);
223 endform;
224
225 //
226 // ##6 Form: 'Enroll KEK'
227 //
228 form formid = FORMID_ENROLL_KEK_FORM,
229 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
230
231 subtitle text = STRING_TOKEN(STR_NULL);
232
233 goto FORM_FILE_EXPLORER_ID_KEK,
234 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
235 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
236 flags = INTERACTIVE,
237 key = FORMID_ENROLL_KEK_FORM;
238
239 subtitle text = STRING_TOKEN(STR_NULL);
240 label FORMID_ENROLL_KEK_FORM;
241 label LABEL_END;
242 subtitle text = STRING_TOKEN(STR_NULL);
243
244 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
245 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
246 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
247 flags = INTERACTIVE,
248 key = KEY_SECURE_BOOT_KEK_GUID,
249 minsize = SECURE_BOOT_GUID_SIZE,
250 maxsize = SECURE_BOOT_GUID_SIZE,
251 endstring;
252
253 subtitle text = STRING_TOKEN(STR_NULL);
254 subtitle text = STRING_TOKEN(STR_NULL);
255
256 goto FORMID_SECURE_BOOT_OPTION_FORM,
257 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
258 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
259 flags = INTERACTIVE,
260 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
261
262 goto FORMID_SECURE_BOOT_OPTION_FORM,
263 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
264 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
265 flags = INTERACTIVE,
266 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
267
268 endform;
269
270 //
271 // ##7 Form: 'Delete KEK'
272 //
273 form formid = FORMID_DELETE_KEK_FORM,
274 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
275
276 label LABEL_KEK_DELETE;
277 label LABEL_END;
278
279 subtitle text = STRING_TOKEN(STR_NULL);
280
281 endform;
282
283 //
284 // ##8 Form: 'DB Options'
285 //
286 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
287 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
288
289 subtitle text = STRING_TOKEN(STR_NULL);
290
291 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
292 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
293 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
294 flags = 0;
295
296 subtitle text = STRING_TOKEN(STR_NULL);
297
298 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
299 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
300 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
301 flags = INTERACTIVE,
302 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
303
304 endform;
305
306 //
307 // ##9 Form: 'DBX Options'
308 //
309 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
310 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
311
312 subtitle text = STRING_TOKEN(STR_NULL);
313
314 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
315 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
316 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
317 flags = 0;
318
319 subtitle text = STRING_TOKEN(STR_NULL);
320
321 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
322 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
323 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
324 flags = INTERACTIVE,
325 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
326
327 endform;
328
329 //
330 // Form: 'Delete Signature' for DB Options.
331 //
332 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
333 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
334
335 label LABEL_DB_DELETE;
336 label LABEL_END;
337 subtitle text = STRING_TOKEN(STR_NULL);
338
339 endform;
340
341 //
342 // Form: 'Delete Signature' for DBX Options.
343 //
344 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
345 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
346
347 label LABEL_DBX_DELETE;
348 label LABEL_END;
349 subtitle text = STRING_TOKEN(STR_NULL);
350
351 endform;
352
353 //
354 // Form: 'Enroll Signature' for DB options.
355 //
356 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
357 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
358
359 subtitle text = STRING_TOKEN(STR_NULL);
360
361 goto FORM_FILE_EXPLORER_ID_DB,
362 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
363 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
364 flags = INTERACTIVE,
365 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
366
367 subtitle text = STRING_TOKEN(STR_NULL);
368 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
369 label LABEL_END;
370 subtitle text = STRING_TOKEN(STR_NULL);
371
372 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
373 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
374 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
375 flags = INTERACTIVE,
376 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
377 minsize = SECURE_BOOT_GUID_SIZE,
378 maxsize = SECURE_BOOT_GUID_SIZE,
379 endstring;
380
381 subtitle text = STRING_TOKEN(STR_NULL);
382 subtitle text = STRING_TOKEN(STR_NULL);
383
384 goto FORMID_SECURE_BOOT_OPTION_FORM,
385 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
386 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
387 flags = INTERACTIVE,
388 key = KEY_VALUE_SAVE_AND_EXIT_DB;
389
390 goto FORMID_SECURE_BOOT_OPTION_FORM,
391 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
392 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
393 flags = INTERACTIVE,
394 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
395
396 endform;
397
398 //
399 // Form: 'Enroll Signature' for DBX options.
400 //
401 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
402 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
403
404 subtitle text = STRING_TOKEN(STR_NULL);
405
406 goto FORM_FILE_EXPLORER_ID_DBX,
407 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
408 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
409 flags = INTERACTIVE,
410 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
411
412 subtitle text = STRING_TOKEN(STR_NULL);
413 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
414 label LABEL_END;
415 subtitle text = STRING_TOKEN(STR_NULL);
416
417 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
418 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
419 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
420 flags = INTERACTIVE,
421 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
422 minsize = SECURE_BOOT_GUID_SIZE,
423 maxsize = SECURE_BOOT_GUID_SIZE,
424 endstring;
425
426 subtitle text = STRING_TOKEN(STR_NULL);
427 subtitle text = STRING_TOKEN(STR_NULL);
428
429 goto FORMID_SECURE_BOOT_OPTION_FORM,
430 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
431 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
432 flags = INTERACTIVE,
433 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
434
435 goto FORMID_SECURE_BOOT_OPTION_FORM,
436 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
437 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
438 flags = INTERACTIVE,
439 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
440
441 endform;
442
443 //
444 // File Explorer for PK
445 //
446 form formid = FORM_FILE_EXPLORER_ID_PK,
447 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
448
449 label FORM_FILE_EXPLORER_ID;
450 label LABEL_END;
451 endform;
452
453 //
454 // File Explorer for KEK
455 //
456 form formid = FORM_FILE_EXPLORER_ID_KEK,
457 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
458
459 label FORM_FILE_EXPLORER_ID;
460 label LABEL_END;
461 endform;
462
463 //
464 // File Explorer for DB
465 //
466 form formid = FORM_FILE_EXPLORER_ID_DB,
467 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
468
469 label FORM_FILE_EXPLORER_ID;
470 label LABEL_END;
471 endform;
472
473 //
474 // File Explorer for DBX
475 //
476 form formid = FORM_FILE_EXPLORER_ID_DBX,
477 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
478
479 label FORM_FILE_EXPLORER_ID;
480 label LABEL_END;
481 endform;
482
483
484 //
485 // Enroll Pk from File Commit Form
486 //
487 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
488 title = STRING_TOKEN(STR_SAVE_PK_FILE);
489
490 label SECUREBOOT_ADD_PK_FILE_FORM_ID;
491 label LABEL_END;
492
493 subtitle text = STRING_TOKEN(STR_NULL);
494
495 text
496 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
497 text = STRING_TOKEN(STR_SAVE_AND_EXIT),
498 flags = INTERACTIVE,
499 key = KEY_VALUE_SAVE_AND_EXIT_PK;
500
501 text
502 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
503 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
504 flags = INTERACTIVE,
505 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
506
507 endform;
508
509 endformset;
EFI Development Kit II mirror for PVE