1 files changed, 26 insertions, 27 deletions
diff --git a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
index c13363d2..6065b1f7 100644
--- a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
+++ b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
@@ -1,6 +1,6 @@
-From 149b34de80e7f9f5331c285b862776cdd4b02ee3 Mon Sep 17 00:00:00 2001
+From b2099e7184d48a6d05c8713b6fd5dac0e2e70963 Mon Sep 17 00:00:00 2001
 From: Mikko Ylinen <mikko.ylinen@linux.intel.com>
-Date: Fri, 7 Apr 2017 12:06:14 +0300
+Date: Wed, 2 Mar 2022 10:55:35 +0800
 Subject: [PATCH] ovmf: RefkitTestCA: TEST UEFI SecureBoot
 This patch adds refkit-db.cer (via xxd -i) in OVMF's db
@@ -10,24 +10,20 @@ application. It's used for testing purposes only.
 Images signed with refkit-db keys are allowed to boot.
 Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com>
+Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
-[ Change location of key to AuthData.c ]
-Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
-%% original patch: 0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
 ---
- OvmfPkg/EnrollDefaultKeys/AuthData.c          | 68 +++++++++++++++++++
+ OvmfPkg/EnrollDefaultKeys/AuthData.c          | 69 +++++++++++++++++++
- OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c |  1 +
+ OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c |  3 +
 OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h |  2 +
- 3 files changed, 71 insertions(+)
+ 3 files changed, 74 insertions(+)
 diff --git a/OvmfPkg/EnrollDefaultKeys/AuthData.c b/OvmfPkg/EnrollDefaultKeys/AuthData.c
-index 3b4856a01f..7109766296 100644
+index 53ee7f7003..127131cd05 100644
 --- a/OvmfPkg/EnrollDefaultKeys/AuthData.c
 +++ b/OvmfPkg/EnrollDefaultKeys/AuthData.c
-@@ -398,6 +398,74 @@ CONST UINT8 mMicrosoftUefiCa[] = {
+@@ -395,6 +395,75 @@ CONST UINT8  mMicrosoftUefiCa[] = {
 
- CONST UINTN mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa;
+ CONST UINTN  mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa;
 
 +CONST UINT8 mRefkitTestCA[] = {
 +  0x30, 0x82, 0x02, 0xfb, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01,
@@ -97,32 +93,35 @@ index 3b4856a01f..7109766296 100644
 +};
 +
 +CONST UINTN mSizeOfRefkitTestCA = sizeof mRefkitTestCA;
- 
+
 //
 // The Microsoft.UefiSecureBootLogo.Tests.OutOfBoxConfirmDBXisPresent test case
+ // of the Secure Boot Logo Test in the Microsoft Hardware Certification Kit
 diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
-index f45cb799f7..fb1252e768 100644
+index 094e4c821b..0a7eef54dc 100644
 --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
 +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
-@@ -615,6 +615,7 @@ ShellAppMain (
+@@ -702,6 +702,9 @@ ShellAppMain (
-                &gEfiCertX509Guid,
+                mMicrosoftUefiCa,
-                mMicrosoftPca,    mSizeOfMicrosoftPca,    &gMicrosoftVendorGuid,
+                mSizeOfMicrosoftUefiCa,
-                mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid,
+                &gMicrosoftVendorGuid,
-+               mRefkitTestCA,    mSizeOfRefkitTestCA,    &gEfiCallerIdGuid,
+               mRefkitTestCA,
-                NULL);
+               mSizeOfRefkitTestCA,
+               &gEfiCallerIdGuid,
+                NULL
+                );
   }
-   if (EFI_ERROR (Status)) {
 diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
-index 8e61f0a77b..e3fa046f95 100644
+index 56da9c71d6..8de1dfe4e0 100644
 --- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
 +++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
-@@ -135,4 +135,6 @@ extern CONST UINTN mSizeOfMicrosoftUefiCa;
+@@ -133,4 +133,6 @@ extern CONST UINTN  mSizeOfMicrosoftUefiCa;
- extern CONST UINT8 mSha256OfDevNull[];
+ extern CONST UINT8  mSha256OfDevNull[];
- extern CONST UINTN mSizeOfSha256OfDevNull;
+ extern CONST UINTN  mSizeOfSha256OfDevNull;
 
 +extern CONST UINT8 mRefkitTestCA[];
 +extern CONST UINTN mSizeOfRefkitTestCA;
 #endif /* ENROLL_DEFAULT_KEYS_H_ */
 -- 
-2.21.0
+2.17.1

diff --git a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch index c13363d2..6065b1f7 100644 --- a/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch +++ b/recipes-core/ovmf/files/0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
@@ -1,6 +1,6 @@
1	From 149b34de80e7f9f5331c285b862776cdd4b02ee3 Mon Sep 17 00:00:00 2001	1	From b2099e7184d48a6d05c8713b6fd5dac0e2e70963 Mon Sep 17 00:00:00 2001
2	From: Mikko Ylinen <mikko.ylinen@linux.intel.com>	2	From: Mikko Ylinen <mikko.ylinen@linux.intel.com>
3	Date: Fri, 7 Apr 2017 12:06:14 +0300	3	Date: Wed, 2 Mar 2022 10:55:35 +0800
4	Subject: [PATCH] ovmf: RefkitTestCA: TEST UEFI SecureBoot	4	Subject: [PATCH] ovmf: RefkitTestCA: TEST UEFI SecureBoot
5		5
6	This patch adds refkit-db.cer (via xxd -i) in OVMF's db	6	This patch adds refkit-db.cer (via xxd -i) in OVMF's db
@@ -10,24 +10,20 @@ application. It's used for testing purposes only.
10	Images signed with refkit-db keys are allowed to boot.	10	Images signed with refkit-db keys are allowed to boot.
11		11
12	Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com>	12	Signed-off-by: Mikko Ylinen <mikko.ylinen@linux.intel.com>
13		13	Signed-off-by: Naveen Saini <naveen.kumar.saini@intel.com>
14	[ Change location of key to AuthData.c ]
15	Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
16
17	%% original patch: 0001-ovmf-RefkitTestCA-TEST-UEFI-SecureBoot.patch
18	---	14	---
19	OvmfPkg/EnrollDefaultKeys/AuthData.c \| 68 +++++++++++++++++++	15	OvmfPkg/EnrollDefaultKeys/AuthData.c \| 69 +++++++++++++++++++
20	OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c \| 1 +	16	OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c \| 3 +
21	OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h \| 2 +	17	OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h \| 2 +
22	3 files changed, 71 insertions(+)	18	3 files changed, 74 insertions(+)
23		19
24	diff --git a/OvmfPkg/EnrollDefaultKeys/AuthData.c b/OvmfPkg/EnrollDefaultKeys/AuthData.c	20	diff --git a/OvmfPkg/EnrollDefaultKeys/AuthData.c b/OvmfPkg/EnrollDefaultKeys/AuthData.c
25	index 3b4856a01f..7109766296 100644	21	index 53ee7f7003..127131cd05 100644
26	--- a/OvmfPkg/EnrollDefaultKeys/AuthData.c	22	--- a/OvmfPkg/EnrollDefaultKeys/AuthData.c
27	+++ b/OvmfPkg/EnrollDefaultKeys/AuthData.c	23	+++ b/OvmfPkg/EnrollDefaultKeys/AuthData.c
28	@@ -398,6 +398,74 @@ CONST UINT8 mMicrosoftUefiCa[] = {	24	@@ -395,6 +395,75 @@ CONST UINT8 mMicrosoftUefiCa[] = {
29		25
30	CONST UINTN mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa;	26	CONST UINTN mSizeOfMicrosoftUefiCa = sizeof mMicrosoftUefiCa;
31		27
32	+CONST UINT8 mRefkitTestCA[] = {	28	+CONST UINT8 mRefkitTestCA[] = {
33	+ 0x30, 0x82, 0x02, 0xfb, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01,	29	+ 0x30, 0x82, 0x02, 0xfb, 0x30, 0x82, 0x01, 0xe3, 0xa0, 0x03, 0x02, 0x01,
@@ -97,32 +93,35 @@ index 3b4856a01f..7109766296 100644
97	+};	93	+};
98	+	94	+
99	+CONST UINTN mSizeOfRefkitTestCA = sizeof mRefkitTestCA;	95	+CONST UINTN mSizeOfRefkitTestCA = sizeof mRefkitTestCA;
100		96	+
101	//	97	//
102	// The Microsoft.UefiSecureBootLogo.Tests.OutOfBoxConfirmDBXisPresent test case	98	// The Microsoft.UefiSecureBootLogo.Tests.OutOfBoxConfirmDBXisPresent test case
		99	// of the Secure Boot Logo Test in the Microsoft Hardware Certification Kit
103	diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c	100	diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
104	index f45cb799f7..fb1252e768 100644	101	index 094e4c821b..0a7eef54dc 100644
105	--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c	102	--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
106	+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c	103	+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.c
107	@@ -615,6 +615,7 @@ ShellAppMain (	104	@@ -702,6 +702,9 @@ ShellAppMain (
108	&gEfiCertX509Guid,	105	mMicrosoftUefiCa,
109	mMicrosoftPca, mSizeOfMicrosoftPca, &gMicrosoftVendorGuid,	106	mSizeOfMicrosoftUefiCa,
110	mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid,	107	&gMicrosoftVendorGuid,
111	+ mRefkitTestCA, mSizeOfRefkitTestCA, &gEfiCallerIdGuid,	108	+ mRefkitTestCA,
112	NULL);	109	+ mSizeOfRefkitTestCA,
		110	+ &gEfiCallerIdGuid,
		111	NULL
		112	);
113	}	113	}
114	if (EFI_ERROR (Status)) {
115	diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h	114	diff --git a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
116	index 8e61f0a77b..e3fa046f95 100644	115	index 56da9c71d6..8de1dfe4e0 100644
117	--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h	116	--- a/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
118	+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h	117	+++ b/OvmfPkg/EnrollDefaultKeys/EnrollDefaultKeys.h
119	@@ -135,4 +135,6 @@ extern CONST UINTN mSizeOfMicrosoftUefiCa;	118	@@ -133,4 +133,6 @@ extern CONST UINTN mSizeOfMicrosoftUefiCa;
120	extern CONST UINT8 mSha256OfDevNull[];	119	extern CONST UINT8 mSha256OfDevNull[];
121	extern CONST UINTN mSizeOfSha256OfDevNull;	120	extern CONST UINTN mSizeOfSha256OfDevNull;
122		121
123	+extern CONST UINT8 mRefkitTestCA[];	122	+extern CONST UINT8 mRefkitTestCA[];
124	+extern CONST UINTN mSizeOfRefkitTestCA;	123	+extern CONST UINTN mSizeOfRefkitTestCA;
125	#endif /* ENROLL_DEFAULT_KEYS_H_ */	124	#endif /* ENROLL_DEFAULT_KEYS_H_ */
126	--	125	--
127	2.21.0	126	2.17.1
128		127