diff options
author | Jan Bobek <jbobek@nvidia.com> | 2023-01-21 06:58:35 +0800 |
---|---|---|
committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2023-02-04 11:53:59 +0000 |
commit | cc18c503e03e64860e3587f7aa54b6beccd41fb2 (patch) | |
tree | 6da107bc389932b85deb89b85659b9effaab012b /SecurityPkg/Tcg | |
parent | f6e4824533be5e4951b17e1938e4fb53bf66b7a5 (diff) | |
download | edk2-cc18c503e03e64860e3587f7aa54b6beccd41fb2.tar.gz edk2-cc18c503e03e64860e3587f7aa54b6beccd41fb2.tar.bz2 edk2-cc18c503e03e64860e3587f7aa54b6beccd41fb2.zip |
SecurityPkg: don't require PK to be self-signed by default
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506
Change the default value of PcdRequireSelfSignedPk to FALSE in
accordance with UEFI spec, which states that PK need not be
self-signed when enrolling in setup mode.
Note that this relaxes the legacy behavior, which required the PK to
be self-signed in this case.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Jan Bobek <jbobek@nvidia.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'SecurityPkg/Tcg')
0 files changed, 0 insertions, 0 deletions