]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
1. Remove “Force clear PK” feature in AuthVarialbe driver.
[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfig.vfr
1 /** @file
2 VFR file used by the SecureBoot configuration component.
3
4 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "SecureBootConfigNvData.h"
16
17 formset
18 guid = SECUREBOOT_CONFIG_FORM_SET_GUID,
19 title = STRING_TOKEN(STR_SECUREBOOT_TITLE),
20 help = STRING_TOKEN(STR_SECUREBOOT_HELP),
21 classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
22
23 varstore SECUREBOOT_CONFIGURATION,
24 varid = SECUREBOOT_CONFIGURATION_VARSTORE_ID,
25 name = SECUREBOOT_CONFIGURATION,
26 guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
27
28 //
29 // ##1 Form "Secure Boot Configuration"
30 //
31 form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
32 title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
33
34 subtitle text = STRING_TOKEN(STR_NULL);
35
36 //
37 // Define of Check Box: Attempt Secure Boot
38 //
39 suppressif TRUE;
40 checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot,
41 prompt = STRING_TOKEN(STR_NULL),
42 help = STRING_TOKEN(STR_NULL),
43 endcheckbox;
44 endif;
45
46 //
47 // Display of Check Box: Attempt Secure Boot
48 //
49 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
50 checkbox varid = SECUREBOOT_CONFIGURATION.SecureBootState,
51 questionid = KEY_SECURE_BOOT_ENABLE,
52 prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
53 help = STRING_TOKEN(STR_SECURE_BOOT_HELP),
54 flags = INTERACTIVE,
55 endcheckbox;
56 endif;
57
58 //
59 // Display of Oneof: 'Secure Boot Mode'
60 //
61 oneof varid = SECUREBOOT_CONFIGURATION.SecureBootMode,
62 questionid = KEY_SECURE_BOOT_MODE,
63 prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
64 help = STRING_TOKEN(STR_SECURE_BOOT_MODE_HELP),
65 flags = INTERACTIVE,
66 option text = STRING_TOKEN(STR_STANDARD_MODE), value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
67 option text = STRING_TOKEN(STR_CUSTOM_MODE), value = SECURE_BOOT_MODE_CUSTOM, flags = 0;
68 endoneof;
69
70 //
71 //
72 // Display of 'Current Secure Boot Mode'
73 //
74 suppressif ideqval SECUREBOOT_CONFIGURATION.SecureBootMode == SECURE_BOOT_MODE_STANDARD;
75 grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
76 goto FORMID_SECURE_BOOT_OPTION_FORM,
77 prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
78 help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
79 flags = INTERACTIVE,
80 key = KEY_SECURE_BOOT_OPTION;
81 endif;
82 endif;
83 endform;
84
85 //
86 // ##2 Form: 'Custom Secure Boot Options'
87 //
88 form formid = FORMID_SECURE_BOOT_OPTION_FORM,
89 title = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
90
91 subtitle text = STRING_TOKEN(STR_NULL);
92
93 goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
94 prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
95 help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
96 flags = INTERACTIVE,
97 key = KEY_SECURE_BOOT_PK_OPTION;
98
99 subtitle text = STRING_TOKEN(STR_NULL);
100
101 goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
102 prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
103 help = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
104 flags = INTERACTIVE,
105 key = KEY_SECURE_BOOT_KEK_OPTION;
106
107 subtitle text = STRING_TOKEN(STR_NULL);
108
109 goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
110 prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
111 help = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
112 flags = INTERACTIVE,
113 key = KEY_SECURE_BOOT_DB_OPTION;
114
115 subtitle text = STRING_TOKEN(STR_NULL);
116
117 goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
118 prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
119 help = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
120 flags = INTERACTIVE,
121 key = KEY_SECURE_BOOT_DBX_OPTION;
122
123 endform;
124
125 //
126 // ##3 Form: 'PK Options'
127 //
128 form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
129 title = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
130
131 subtitle text = STRING_TOKEN(STR_NULL);
132
133 //
134 // Define of Check Box: 'Delete PK'
135 //
136 suppressif TRUE;
137 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
138 prompt = STRING_TOKEN(STR_NULL),
139 help = STRING_TOKEN(STR_NULL),
140 endcheckbox;
141 endif;
142
143 grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
144 goto FORMID_ENROLL_PK_FORM,
145 prompt = STRING_TOKEN(STR_ENROLL_PK),
146 help = STRING_TOKEN(STR_ENROLL_PK_HELP),
147 flags = INTERACTIVE,
148 key = KEY_ENROLL_PK;
149 endif;
150
151 subtitle text = STRING_TOKEN(STR_NULL);
152
153 //
154 // Display of Check Box: 'Delete Pk'
155 //
156 grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
157 checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
158 questionid = KEY_SECURE_BOOT_DELETE_PK,
159 prompt = STRING_TOKEN(STR_DELETE_PK),
160 help = STRING_TOKEN(STR_DELETE_PK_HELP),
161 flags = INTERACTIVE,
162 endcheckbox;
163 endif;
164 endform;
165
166 //
167 // ##4 Form: 'Enroll PK'
168 //
169 form formid = FORMID_ENROLL_PK_FORM,
170 title = STRING_TOKEN(STR_ENROLL_PK);
171
172 subtitle text = STRING_TOKEN(STR_NULL);
173
174 goto FORM_FILE_EXPLORER_ID_PK,
175 prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
176 help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
177 flags = INTERACTIVE,
178 key = SECUREBOOT_ADD_PK_FILE_FORM_ID;
179 endform;
180
181 //
182 // ##5 Form: 'KEK Options'
183 //
184 form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
185 title = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
186
187 //
188 // Display of 'Enroll KEK'
189 //
190 goto FORMID_ENROLL_KEK_FORM,
191 prompt = STRING_TOKEN(STR_ENROLL_KEK),
192 help = STRING_TOKEN(STR_ENROLL_KEK_HELP),
193 flags = INTERACTIVE;
194
195 subtitle text = STRING_TOKEN(STR_NULL);
196
197 //
198 // Display of 'Delete KEK'
199 //
200 goto FORMID_DELETE_KEK_FORM,
201 prompt = STRING_TOKEN(STR_DELETE_KEK),
202 help = STRING_TOKEN(STR_DELETE_KEK_HELP),
203 flags = INTERACTIVE,
204 key = KEY_DELETE_KEK;
205
206 subtitle text = STRING_TOKEN(STR_NULL);
207 endform;
208
209 //
210 // ##6 Form: 'Enroll KEK'
211 //
212 form formid = FORMID_ENROLL_KEK_FORM,
213 title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
214
215 subtitle text = STRING_TOKEN(STR_NULL);
216
217 goto FORM_FILE_EXPLORER_ID_KEK,
218 prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
219 help = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
220 flags = INTERACTIVE,
221 key = FORMID_ENROLL_KEK_FORM;
222
223 subtitle text = STRING_TOKEN(STR_NULL);
224 label FORMID_ENROLL_KEK_FORM;
225 label LABEL_END;
226 subtitle text = STRING_TOKEN(STR_NULL);
227
228 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
229 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
230 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
231 flags = INTERACTIVE,
232 key = KEY_SECURE_BOOT_KEK_GUID,
233 minsize = SECURE_BOOT_GUID_SIZE,
234 maxsize = SECURE_BOOT_GUID_SIZE,
235 endstring;
236
237 subtitle text = STRING_TOKEN(STR_NULL);
238 subtitle text = STRING_TOKEN(STR_NULL);
239
240 goto FORMID_SECURE_BOOT_OPTION_FORM,
241 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
242 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
243 flags = INTERACTIVE,
244 key = KEY_VALUE_SAVE_AND_EXIT_KEK;
245
246 goto FORMID_SECURE_BOOT_OPTION_FORM,
247 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
248 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
249 flags = INTERACTIVE,
250 key = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
251
252 endform;
253
254 //
255 // ##7 Form: 'Delete KEK'
256 //
257 form formid = FORMID_DELETE_KEK_FORM,
258 title = STRING_TOKEN(STR_DELETE_KEK_TITLE);
259
260 label LABEL_KEK_DELETE;
261 label LABEL_END;
262
263 subtitle text = STRING_TOKEN(STR_NULL);
264
265 endform;
266
267 //
268 // ##8 Form: 'DB Options'
269 //
270 form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
271 title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
272
273 subtitle text = STRING_TOKEN(STR_NULL);
274
275 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
276 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
277 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
278 flags = 0;
279
280 subtitle text = STRING_TOKEN(STR_NULL);
281
282 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
283 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
284 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
285 flags = INTERACTIVE,
286 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
287
288 endform;
289
290 //
291 // ##9 Form: 'DBX Options'
292 //
293 form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
294 title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
295
296 subtitle text = STRING_TOKEN(STR_NULL);
297
298 goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
299 prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
300 help = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
301 flags = 0;
302
303 subtitle text = STRING_TOKEN(STR_NULL);
304
305 goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
306 prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
307 help = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
308 flags = INTERACTIVE,
309 key = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX;
310
311 endform;
312
313 //
314 // Form: 'Delete Signature' for DB Options.
315 //
316 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
317 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
318
319 label LABEL_DB_DELETE;
320 label LABEL_END;
321 subtitle text = STRING_TOKEN(STR_NULL);
322
323 endform;
324
325 //
326 // Form: 'Delete Signature' for DBX Options.
327 //
328 form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBX,
329 title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
330
331 label LABEL_DBX_DELETE;
332 label LABEL_END;
333 subtitle text = STRING_TOKEN(STR_NULL);
334
335 endform;
336
337 //
338 // Form: 'Enroll Signature' for DB options.
339 //
340 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
341 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
342
343 subtitle text = STRING_TOKEN(STR_NULL);
344
345 goto FORM_FILE_EXPLORER_ID_DB,
346 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
347 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
348 flags = INTERACTIVE,
349 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
350
351 subtitle text = STRING_TOKEN(STR_NULL);
352 label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
353 label LABEL_END;
354 subtitle text = STRING_TOKEN(STR_NULL);
355
356 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
357 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
358 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
359 flags = INTERACTIVE,
360 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
361 minsize = SECURE_BOOT_GUID_SIZE,
362 maxsize = SECURE_BOOT_GUID_SIZE,
363 endstring;
364
365 subtitle text = STRING_TOKEN(STR_NULL);
366 subtitle text = STRING_TOKEN(STR_NULL);
367
368 goto FORMID_SECURE_BOOT_OPTION_FORM,
369 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
370 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
371 flags = INTERACTIVE,
372 key = KEY_VALUE_SAVE_AND_EXIT_DB;
373
374 goto FORMID_SECURE_BOOT_OPTION_FORM,
375 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
376 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
377 flags = INTERACTIVE,
378 key = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
379
380 endform;
381
382 //
383 // Form: 'Enroll Signature' for DBX options.
384 //
385 form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
386 title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
387
388 subtitle text = STRING_TOKEN(STR_NULL);
389
390 goto FORM_FILE_EXPLORER_ID_DBX,
391 prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
392 help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
393 flags = INTERACTIVE,
394 key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
395
396 subtitle text = STRING_TOKEN(STR_NULL);
397 label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
398 label LABEL_END;
399 subtitle text = STRING_TOKEN(STR_NULL);
400
401 string varid = SECUREBOOT_CONFIGURATION.SignatureGuid,
402 prompt = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
403 help = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
404 flags = INTERACTIVE,
405 key = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
406 minsize = SECURE_BOOT_GUID_SIZE,
407 maxsize = SECURE_BOOT_GUID_SIZE,
408 endstring;
409
410 subtitle text = STRING_TOKEN(STR_NULL);
411 subtitle text = STRING_TOKEN(STR_NULL);
412
413 goto FORMID_SECURE_BOOT_OPTION_FORM,
414 prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
415 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
416 flags = INTERACTIVE,
417 key = KEY_VALUE_SAVE_AND_EXIT_DBX;
418
419 goto FORMID_SECURE_BOOT_OPTION_FORM,
420 prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
421 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
422 flags = INTERACTIVE,
423 key = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
424
425 endform;
426
427 //
428 // File Explorer for PK
429 //
430 form formid = FORM_FILE_EXPLORER_ID_PK,
431 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
432
433 label FORM_FILE_EXPLORER_ID;
434 label LABEL_END;
435 endform;
436
437 //
438 // File Explorer for KEK
439 //
440 form formid = FORM_FILE_EXPLORER_ID_KEK,
441 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
442
443 label FORM_FILE_EXPLORER_ID;
444 label LABEL_END;
445 endform;
446
447 //
448 // File Explorer for DB
449 //
450 form formid = FORM_FILE_EXPLORER_ID_DB,
451 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
452
453 label FORM_FILE_EXPLORER_ID;
454 label LABEL_END;
455 endform;
456
457 //
458 // File Explorer for DBX
459 //
460 form formid = FORM_FILE_EXPLORER_ID_DBX,
461 title = STRING_TOKEN(STR_FILE_EXPLORER_TITLE);
462
463 label FORM_FILE_EXPLORER_ID;
464 label LABEL_END;
465 endform;
466
467
468 //
469 // Enroll Pk from File Commit Form
470 //
471 form formid = SECUREBOOT_ADD_PK_FILE_FORM_ID,
472 title = STRING_TOKEN(STR_SAVE_PK_FILE);
473
474 label SECUREBOOT_ADD_PK_FILE_FORM_ID;
475 label LABEL_END;
476
477 subtitle text = STRING_TOKEN(STR_NULL);
478
479 text
480 help = STRING_TOKEN(STR_SAVE_AND_EXIT),
481 text = STRING_TOKEN(STR_SAVE_AND_EXIT),
482 text = STRING_TOKEN(STR_NULL),
483 flags = INTERACTIVE,
484 key = KEY_VALUE_SAVE_AND_EXIT_PK;
485
486 text
487 help = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
488 text = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
489 text = STRING_TOKEN(STR_NULL),
490 flags = INTERACTIVE,
491 key = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
492
493 endform;
494
495 endformset;
EFI Development Kit II mirror for PVE