diff options
author | Divneil Rai Wadhawan <divneil.r.wadhawan@intel.com> | 2020-09-16 17:23:51 +0530 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-09-18 11:53:29 +0000 |
commit | 7faece69854cbcc593643182581b5d7f99b7dab6 (patch) | |
tree | a6e3e6466b34a09d67b0f7a34e0b53ffa86f94f7 /EmulatorPkg/EmulatorPkg.fdf | |
parent | 698d3d7726232694018d437279dd4166e462deb7 (diff) | |
download | edk2-7faece69854cbcc593643182581b5d7f99b7dab6.tar.gz edk2-7faece69854cbcc593643182581b5d7f99b7dab6.tar.bz2 edk2-7faece69854cbcc593643182581b5d7f99b7dab6.zip |
EmulatorPkg: Enable support for Secure Boot
SECURE_BOOT_ENABLE feature flag is introduced to enable Secure Boot.
The following gets enabled with this patch:
* Secure Boot Menu in "Device Manager" for enrolling keys
* Storage space for Authenticated Variables
* Authenticated execution of 3rd party images
Signed-off-by: Divneil Rai Wadhawan <divneil.r.wadhawan@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Diffstat (limited to 'EmulatorPkg/EmulatorPkg.fdf')
-rw-r--r-- | EmulatorPkg/EmulatorPkg.fdf | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/EmulatorPkg/EmulatorPkg.fdf b/EmulatorPkg/EmulatorPkg.fdf index 295f6f1db8..b256aa9397 100644 --- a/EmulatorPkg/EmulatorPkg.fdf +++ b/EmulatorPkg/EmulatorPkg.fdf @@ -46,10 +46,17 @@ DATA = { # Blockmap[1]: End
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
## This is the VARIABLE_STORE_HEADER
+!if $(SECURE_BOOT_ENABLE) == FALSE
#Signature: gEfiVariableGuid =
# { 0xddcf3616, 0x3275, 0x4164, { 0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d }}
0x16, 0x36, 0xcf, 0xdd, 0x75, 0x32, 0x64, 0x41,
0x98, 0xb6, 0xfe, 0x85, 0x70, 0x7f, 0xfe, 0x7d,
+!else
+ # Signature: gEfiAuthenticatedVariableGuid =
+ # { 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 }}
+ 0x78, 0x2c, 0xf3, 0xaa, 0x7b, 0x94, 0x9a, 0x43,
+ 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92,
+!endif
#Size: 0xc000 (gEfiMdeModulePkgTokenSpaceGuid.PcdFlashNvStorageVariableSize) - 0x48 (size of EFI_FIRMWARE_VOLUME_HEADER) = 0xBFB8
# This can speed up the Variable Dispatch a bit.
0xB8, 0xBF, 0x00, 0x00,
@@ -187,6 +194,13 @@ INF MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf INF MdeModulePkg/Universal/DriverSampleDxe/DriverSampleDxe.inf
#
+# Secure Boot Key Enroll
+#
+!if $(SECURE_BOOT_ENABLE) == TRUE
+INF SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+!endif
+
+#
# Network stack drivers
#
!if $(NETWORK_SUPPORT)
|