]> git.proxmox.com Git - mirror_edk2.git/commit - SecurityPkg/SecurityPkg.dec
projects / mirror_edk2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: f6e4824) | patch
SecurityPkg: don't require PK to be self-signed by default
authorJan Bobek <jbobek@nvidia.com>
Fri, 20 Jan 2023 22:58:35 +0000 (06:58 +0800)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Sat, 4 Feb 2023 11:53:59 +0000 (11:53 +0000)
commitcc18c503e03e64860e3587f7aa54b6beccd41fb2
tree6da107bc389932b85deb89b85659b9effaab012btree
parentf6e4824533be5e4951b17e1938e4fb53bf66b7a5commit | diff
SecurityPkg: don't require PK to be self-signed by default

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506

Change the default value of PcdRequireSelfSignedPk to FALSE in
accordance with UEFI spec, which states that PK need not be
self-signed when enrolling in setup mode.

Note that this relaxes the legacy behavior, which required the PK to
be self-signed in this case.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Jan Bobek <jbobek@nvidia.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
SecurityPkg/SecurityPkg.dec diff | blob | blame | history
EFI Development Kit II mirror for PVE