Since commit 35e242b698 ("MdePkg/BaseLib: rewrite Base64Decode()",
2019-07-16), Base64Decode() guarantees that DestinationSize is larger on
output than it was on input if RETURN_BUFFER_TOO_SMALL is returned. Clean
up the retval handling for the first Base64Decode() call in
EnrollDefaultKeys, which used to work around the ambiguity in the previous
Base64Decode() interface contract.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Philippe Mathieu-Daudé <philmd@redhat.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1981
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
For QA test and development, we may need to test Secure Boot with a
devel key instead of UEFI CA.
This commit adds an argument, "--no-default", to EnrollDefaultKeys.efi.
With the argument, the key from SMBIOS Type 11 will also be enrolled
into db. Besides, the keys in AuthData.c, i.e. Microsoft KEK CA,
Microsoft PCA, and Microsoft UEFI CA will be excluded, so the developer
can easily create a varstore template for a specific key.
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Signed-off-by: Gary Lin <glin@suse.com>
Message-Id: <20190516030834.12203-1-glin@suse.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
When building OvmfPkg/EnrollDefaultKeys for IA32 with gcc-4.8 for the
DEBUG target (and possibly under other build configurations too), the
compiler incorrectly reports,
> OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c: In function
> 'ShellAppMain':
> OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c:631:10: error:
> 'SizeOfPkKek1' may be used uninitialized in this function
> [-Werror=maybe-uninitialized]
> Status = EnrollListOfCerts (
> ^
> OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c:703:12: error: 'PkKek1'
> may be used uninitialized in this function [-Werror=maybe-uninitialized]
> FreePool (PkKek1);
> ^
> cc1: all warnings being treated as errors
Suppress this warning, in the style suggested under
<https://bugzilla.tianocore.org/show_bug.cgi?id=607>.
Reported-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Fixes: be9470b3c9
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Disconnect the certificate that is enrolled as both Platform Key and first
Key Exchange Key from Red Hat: expect the hypervisor to specify it, as
part of SMBIOS.
Example usage with QEMU:
* Generate self-signed X509 certificate:
openssl req \
-x509 \
-newkey rsa:2048 \
-outform PEM \
-keyout PkKek1.private.key \
-out PkKek1.pem
(where "PEM" simply means "DER + base64 + header + footer").
* Strip the header, footer, and newline characters; prepend the
application prefix:
sed \
-e 's/^-----BEGIN CERTIFICATE-----$/4e32566d-8e9e-4f52-81d3-5bb9715f9727:/' \
-e '/^-----END CERTIFICATE-----$/d' \
PkKek1.pem \
| tr -d '\n' \
> PkKek1.oemstr
* Pass the certificate to EnrollDefaultKeys with the following QEMU
option:
-smbios type=11,value="$(< PkKek1.oemstr)"
(Note: for the above option to work correctly, a QEMU version is needed
that includes commit 950c4e6c94b1 ("opts: don't silently truncate long
option values", 2018-05-09). The first upstream release with that commit
was v3.0.0.
Once <https://bugs.launchpad.net/qemu/+bug/1826200> is fixed, QEMU will
learn to read the file directly; passing the blob on the command will be
necessary no more.)
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
The entry point function of EnrollDefaultKeys finishes with a sanity
check, verifying the values of the Secure Boot-related "control"
variables. Add a diagram to explain why we expect the values we do.
While at it, write comments on the rest of the entry point function.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
The GetExact(), GetSettings(), PrintSettings(), and ShellAppMain()
functions lack leading comment blocks. Supply those.
While at it, make sure that every such comment block is preceded by two
blank lines.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
The GUID
77FA9ABD-0359-4D32-BD60-28F4E78F784B
is specified in MSDN, at
<https://msdn.microsoft.com/en-us/ie/dn932805(v=vs.94)>, therefore it
deserves an entry in the package DEC file, and a header file under
"Include/Guid".
(Arguably, this GUID declaration / definition could even live under
SecurityPkg, but the edk2 tradition has been to hoist GUIDs,
protocols/PPIs, and lib classes from OvmfPkg to a core package only when
dependent C code is added to the core package.)
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
A large portion of "EnrollDefaultKeys.c" is hex-encoded X509 certificates,
GUIDs, and signatures. These objects are constants, unlikely to see
changes anytime soon. Move them out of the way, to "AuthData.c", so we can
more easily work on functions in "EnrollDefaultKeys.c".
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
"EnrollDefaultKeys.c" defines three structure types: SINGLE_HEADER,
REPEATING_HEADER, and SETTINGS. The definitions are scattered over the C
file, and lack high-level summary comments.
Extract the structures to "EnrollDefaultKeys.h", and add the missing
comments.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
The GetExact(), GetSettings(), PrintSettings() functions are only called
from within "EnrollDefaultKeys.c", and none of them take variable
arguments. Drop their EFIAPI calling convention specifiers.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
According to the edk2 coding standards, "[w]hen all letters in an acronym
are capitalized, it makes the prior and subsequent words visually
difficult to distinguish".
Fix the spellings of three acronyms, accordingly:
- "KEK" (Key Exchange Key) should be written as "Kek", in "mMicrosoftKEK",
- "CA" (Certificate Authority) should be written as "Ca", in
"mMicrosoftUefiCA",
- "PCA" (Production Certificate Authority) should be written as "Pca", in
"mMicrosoftPCA".
Generate the changes with:
sed --regexp-extended --in-place \
--expression='s,\<mMicrosoftKEK\>,mMicrosoftKek,g' \
--expression='s,\<mMicrosoftUefiCA\>,mMicrosoftUefiCa,g' \
--expression='s,\<mMicrosoftPCA\>,mMicrosoftPca,g' \
OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
In edk2, we should start the names of module-global variables with "m".
Rename the "RedHatPkKek1", "MicrosoftKEK", "MicrosoftPCA",
"MicrosoftUefiCA" variables accordingly, with the following command:
sed --regexp-extended --in-place \
--expression='s,\<(RedHatPkKek1|Microsoft(KEK|PCA|UefiCA))\>,m\1,g' \
OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
In edk2, we should spell "#pragma pack(...)" with a space character in
front of the opening parenthesis. Fix up locations that suggest otherwise.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
Refresh the sentence that states the purpose of the application.
Extend the copyright notice to the year 2019.
Replace the 2-clause BSD License banner with the BSD-2-Clause-Patent SPDX
ID.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
Add the OvmfPkg/EnrollDefaultKeys shell application source as it is at the
"edk2-20190308git89910a39dcfd-2.el8" tag in RHEL8's downstream "edk2"
package.
Further patches in this series will replace Red Hat-specific bits in the
application, with a conduit to pass in parameters directly from the host
side, on both QEMU and Xen.
(Note: at the moment, Xen doesn't support Secure Boot, due to lacking a
standards-conformant variable driver stack. However, that could change
soon
<https://fosdem.org/2019/schedule/event/vai_implementing_uefi_variable_services_in_qemu/>,
and then this facility will become useful on Xen too.)
The use case for this application (including why it is only being added to
the DSC files) is explained in detail in
<https://bugzilla.tianocore.org/show_bug.cgi?id=1747#c0>.
Cc: Anthony Perard <anthony.perard@citrix.com>
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Jordan Justen <jordan.l.justen@intel.com>
Cc: Julien Grall <julien.grall@arm.com>
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=1747
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Gary Lin <glin@suse.com>
Laszlo Ersek
Gary Lin