UefiPayloadPkg: Add Secure Boot support

Cc: Guo Dong <guo.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Maurice Ma <maurice.ma@intel.com>
Cc: Benjamin You <benjamin.you@intel.com>
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Change-Id: I4f44e29bc967b7d2208193e21aeeef8b96afcc69

SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.c

@@ -19,6 +19,7 @@
 #include <Library/UefiRuntimeServicesTableLib.h>
 #include <Library/SecureBootVariableLib.h>
 #include <Library/SecureBootVariableProvisionLib.h>
+#include <Library/DxeServicesLib.h>
 
 /**
   Enroll a key/certificate based on a default variable.
@@ -117,6 +118,7 @@ SecureBootInitPKDefault (
   }
 
   if (EFI_ERROR (Status) && (Status != EFI_NOT_FOUND)) {
+    DEBUG ((DEBUG_INFO, "Variable %s read error.\n", EFI_PK_DEFAULT_VARIABLE_NAME));
     return Status;
   }
 
@@ -264,10 +266,10 @@ SecureBootInitDbxDefault (
   IN VOID
   )
 {
-  EFI_SIGNATURE_LIST  *EfiSig;
+  UINTN               Size;
-  UINTN               SigListsSize;
   EFI_STATUS          Status;
-  UINT8               *Data;
+  UINT8              *Data;
+  VOID               *Buffer;
   UINTN               DataSize;
 
   //
@@ -289,7 +291,13 @@ SecureBootInitDbxDefault (
   //
   DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
 
-  Status = SecureBootFetchData (&gDefaultdbxFileGuid, &SigListsSize, &EfiSig);
+  Status = GetSectionFromAnyFv (
+             &gDefaultdbxFileGuid,
+             EFI_SECTION_RAW,
+             0,
+             &Buffer,
+             &Size
+             );
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_INFO, "Content for %s not found\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
     return Status;
@@ -299,15 +307,13 @@ SecureBootInitDbxDefault (
                   EFI_DBX_DEFAULT_VARIABLE_NAME,
                   &gEfiGlobalVariableGuid,
                   EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS,
-                  SigListsSize,
+                  Size,
-                  (VOID *)EfiSig
+                  (VOID *)Buffer
                   );
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
   }
 
-  FreePool (EfiSig);
-
   return Status;
 }
 

UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.c

@@ -0,0 +1,410 @@
+/** @file
+   Enroll default PK, KEK, DB and DBX
+
+   Copyright (C) 2014, Red Hat, Inc.
+
+   This program and the accompanying materials are licensed and made available
+   under the terms and conditions of the BSD License which accompanies this
+   distribution. The full text of the license may be found at
+   http://opensource.org/licenses/bsd-license.
+
+   THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT
+   WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+ **/
+
+#include <Guid/AuthenticatedVariableFormat.h>
+#include <Guid/GlobalVariable.h>
+#include <Guid/ImageAuthentication.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiRuntimeServicesTableLib.h>
+#include <Library/DxeServicesLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiLib.h>
+#include <Library/SecureBootVariableProvisionLib.h>
+#include <Library/SecureBootVariableLib.h>
+
+STATIC
+EFI_STATUS
+EFIAPI
+GetExact (
+  IN CHAR16    *VariableName,
+  IN EFI_GUID  *VendorGuid,
+  OUT VOID     *Data,
+  IN UINTN     DataSize,
+  IN BOOLEAN   AllowMissing
+  )
+{
+  UINTN       Size;
+  EFI_STATUS  Status;
+
+  Size   = DataSize;
+  Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &Size, Data);
+  if (EFI_ERROR (Status)) {
+    if ((Status == EFI_NOT_FOUND) && AllowMissing) {
+      ZeroMem (Data, DataSize);
+      return EFI_SUCCESS;
+    }
+
+    DEBUG ((
+      EFI_D_ERROR,
+      "SecureBootSetup: GetVariable(\"%s\", %g): %r\n",
+      VariableName,
+      VendorGuid,
+      Status
+      ));
+    return Status;
+  }
+
+  if (Size != DataSize) {
+    DEBUG ((
+      EFI_D_INFO,
+      "SecureBootSetup: GetVariable(\"%s\", %g): expected size 0x%Lx, "
+      "got 0x%Lx\n",
+      VariableName,
+      VendorGuid,
+      (UINT64)DataSize,
+      (UINT64)Size
+      ));
+    return EFI_PROTOCOL_ERROR;
+  }
+
+  return EFI_SUCCESS;
+}
+
+typedef struct {
+  UINT8    SetupMode;
+  UINT8    SecureBoot;
+  UINT8    SecureBootEnable;
+  UINT8    CustomMode;
+  UINT8    VendorKeys;
+} SETTINGS;
+
+STATIC
+EFI_STATUS
+EFIAPI
+GetSettings (
+  OUT SETTINGS  *Settings,
+  BOOLEAN       AllowMissing
+  )
+{
+  EFI_STATUS  Status;
+
+  ZeroMem (Settings, sizeof (SETTINGS));
+
+  Status = GetExact (
+             EFI_SETUP_MODE_NAME,
+             &gEfiGlobalVariableGuid,
+             &Settings->SetupMode,
+             sizeof Settings->SetupMode,
+             AllowMissing
+             );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  Status = GetExact (
+             EFI_SECURE_BOOT_MODE_NAME,
+             &gEfiGlobalVariableGuid,
+             &Settings->SecureBoot,
+             sizeof Settings->SecureBoot,
+             AllowMissing
+             );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  Status = GetExact (
+             EFI_SECURE_BOOT_ENABLE_NAME,
+             &gEfiSecureBootEnableDisableGuid,
+             &Settings->SecureBootEnable,
+             sizeof Settings->SecureBootEnable,
+             AllowMissing
+             );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  Status = GetExact (
+             EFI_CUSTOM_MODE_NAME,
+             &gEfiCustomModeEnableGuid,
+             &Settings->CustomMode,
+             sizeof Settings->CustomMode,
+             AllowMissing
+             );
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  Status = GetExact (
+             EFI_VENDOR_KEYS_VARIABLE_NAME,
+             &gEfiGlobalVariableGuid,
+             &Settings->VendorKeys,
+             sizeof Settings->VendorKeys,
+             AllowMissing
+             );
+  return Status;
+}
+
+STATIC
+VOID
+EFIAPI
+PrintSettings (
+  IN CONST SETTINGS  *Settings
+  )
+{
+  DEBUG ((
+    EFI_D_INFO,
+    "SecureBootSetup: SetupMode=%d SecureBoot=%d SecureBootEnable=%d "
+    "CustomMode=%d VendorKeys=%d\n",
+    Settings->SetupMode,
+    Settings->SecureBoot,
+    Settings->SecureBootEnable,
+    Settings->CustomMode,
+    Settings->VendorKeys
+    ));
+}
+
+/**
+  Install SecureBoot certificates once the VariableDriver is running.
+
+  @param[in]  Event     Event whose notification function is being invoked
+  @param[in]  Context   Pointer to the notification function's context
+**/
+VOID
+EFIAPI
+InstallSecureBootHook (
+  IN EFI_EVENT  Event,
+  IN VOID       *Context
+  )
+{
+  EFI_STATUS  Status;
+  VOID        *Protocol;
+  SETTINGS    Settings;
+
+  Status = gBS->LocateProtocol (&gEfiVariableWriteArchProtocolGuid, NULL, (VOID **)&Protocol);
+  if (EFI_ERROR (Status)) {
+    return;
+  }
+
+  Status = GetSettings (&Settings, TRUE);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((EFI_D_ERROR, "SecureBootSetup: Failed to get current settings\n"));
+    return;
+  }
+
+  if (Settings.SetupMode != SETUP_MODE) {
+    DEBUG ((EFI_D_ERROR, "SecureBootSetup: already in User Mode\n"));
+    return;
+  }
+
+  if (Settings.SecureBootEnable != SECURE_BOOT_MODE_ENABLE) {
+    DEBUG ((EFI_D_ERROR, "SecureBootSetup: SecureBootEnable is disabled.\n"));
+    return;
+  }
+
+  PrintSettings (&Settings);
+
+  if (Settings.CustomMode != CUSTOM_SECURE_BOOT_MODE) {
+    Settings.CustomMode = CUSTOM_SECURE_BOOT_MODE;
+    Status              = gRT->SetVariable (
+                                 EFI_CUSTOM_MODE_NAME,
+                                 &gEfiCustomModeEnableGuid,
+                                 (EFI_VARIABLE_NON_VOLATILE |
+                                  EFI_VARIABLE_BOOTSERVICE_ACCESS),
+                                 sizeof Settings.CustomMode,
+                                 &Settings.CustomMode
+                                 );
+    if (EFI_ERROR (Status)) {
+      DEBUG ((
+        EFI_D_ERROR,
+        "SecureBootSetup: SetVariable(\"%s\", %g): %r\n",
+        EFI_CUSTOM_MODE_NAME,
+        &gEfiCustomModeEnableGuid,
+        Status
+        ));
+      ASSERT_EFI_ERROR (Status);
+    }
+  }
+
+  // Enroll all the keys from default variables
+  Status = EnrollDbFromDefault ();
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Cannot enroll db: %r\n", Status));
+    goto error;
+  }
+
+  Status = EnrollDbxFromDefault ();
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Cannot enroll dbx: %r\n", Status));
+  }
+
+  Status = EnrollDbtFromDefault ();
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Cannot enroll dbt: %r\n", Status));
+  }
+
+  Status = EnrollKEKFromDefault ();
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Cannot enroll KEK: %r\n", Status));
+    goto cleardbs;
+  }
+
+  Status = EnrollPKFromDefault ();
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "Cannot enroll PK: %r\n", Status));
+    goto clearKEK;
+  }
+
+  Status = SetSecureBootMode (STANDARD_SECURE_BOOT_MODE);
+  if (EFI_ERROR (Status)) {
+    DEBUG ((
+      DEBUG_ERROR,
+      "Cannot set CustomMode to STANDARD_SECURE_BOOT_MODE\n"
+      "Please do it manually, otherwise system can be easily compromised\n"
+      ));
+  }
+
+  // FIXME: Force SecureBoot to ON. The AuthService will do this if authenticated variables
+  // are supported, which aren't as the SMM handler isn't able to verify them.
+
+  Settings.SecureBootEnable = SECURE_BOOT_ENABLE;
+  Status                    = gRT->SetVariable (
+                                     EFI_SECURE_BOOT_ENABLE_NAME,
+                                     &gEfiSecureBootEnableDisableGuid,
+                                     EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+                                     sizeof Settings.SecureBootEnable,
+                                     &Settings.SecureBootEnable
+                                     );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((
+      EFI_D_ERROR,
+      "SecureBootSetup: SetVariable(\"%s\", %g): %r\n",
+      EFI_SECURE_BOOT_ENABLE_NAME,
+      &gEfiSecureBootEnableDisableGuid,
+      Status
+      ));
+    ASSERT_EFI_ERROR (Status);
+  }
+
+  Settings.SecureBoot = SECURE_BOOT_ENABLE;
+  Status              = gRT->SetVariable (
+                               EFI_SECURE_BOOT_MODE_NAME,
+                               &gEfiGlobalVariableGuid,
+                               EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+                               sizeof Settings.SecureBoot,
+                               &Settings.SecureBoot
+                               );
+  if (EFI_ERROR (Status)) {
+    DEBUG ((
+      EFI_D_ERROR,
+      "SecureBootSetup: SetVariable(\"%s\", %g): %r\n",
+      EFI_SECURE_BOOT_MODE_NAME,
+      &gEfiGlobalVariableGuid,
+      Status
+      ));
+    ASSERT_EFI_ERROR (Status);
+  }
+
+  Status = GetSettings (&Settings, FALSE);
+  ASSERT_EFI_ERROR (Status);
+
+  //
+  // Final sanity check:
+  //
+  //                                 [SetupMode]
+  //                        (read-only, standardized by UEFI)
+  //                                /                \_
+  //                               0               1, default
+  //                              /                    \_
+  //                      PK enrolled                   no PK enrolled yet,
+  //              (this is called "User Mode")          PK enrollment possible
+  //                             |
+  //                             |
+  //                     [SecureBootEnable]
+  //         (read-write, edk2-specific, boot service only)
+  //                /                           \_
+  //               0                         1, default
+  //              /                               \_
+  //       [SecureBoot]=0                     [SecureBoot]=1
+  // (read-only, standardized by UEFI)  (read-only, standardized by UEFI)
+  //     images are not verified         images are verified, platform is
+  //                                      operating in Secure Boot mode
+  //                                                 |
+  //                                                 |
+  //                                           [CustomMode]
+  //                          (read-write, edk2-specific, boot service only)
+  //                                /                           \_
+  //                          0, default                         1
+  //                              /                               \_
+  //                      PK, KEK, db, dbx                PK, KEK, db, dbx
+  //                    updates are verified          updates are not verified
+  //
+
+  PrintSettings (&Settings);
+
+  if ((Settings.SetupMode != 0) || (Settings.SecureBoot != 1) ||
+      (Settings.SecureBootEnable != 1) || (Settings.CustomMode != 0) ||
+      (Settings.VendorKeys != 0))
+  {
+    DEBUG ((EFI_D_ERROR, "SecureBootSetup: disabled\n"));
+    return;
+  }
+
+  DEBUG ((EFI_D_INFO, "SecureBootSetup: SecureBoot enabled\n"));
+  return;
+
+clearKEK:
+  DeleteKEK ();
+
+cleardbs:
+  DeleteDbt ();
+  DeleteDbx ();
+  DeleteDb ();
+
+error:
+  if (SetSecureBootMode (STANDARD_SECURE_BOOT_MODE) != EFI_SUCCESS) {
+    DEBUG ((DEBUG_ERROR, "Cannot set mode to Secure: %r\n", Status));
+  }
+
+  DEBUG ((EFI_D_ERROR, "SecureBootSetup: disabled\n"));
+}
+
+EFI_STATUS
+EFIAPI
+DriverEntry (
+  IN EFI_HANDLE        ImageHandle,
+  IN EFI_SYSTEM_TABLE  *SystemTable
+  )
+{
+  EFI_STATUS  Status;
+
+  VOID  *TcgProtocol;
+  VOID  *Registration;
+
+  Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
+  if (!EFI_ERROR (Status)) {
+    DEBUG ((
+      EFI_D_ERROR,
+      "SecureBootSetup: Started too late."
+      "TPM is already running!\n"
+      ));
+    return EFI_DEVICE_ERROR;
+  }
+
+  //
+  // Create event callback, because we need access variable on SecureBootPolicyVariable
+  // We should use VariableWriteArch instead of VariableArch, because Variable driver
+  // may update SecureBoot value based on last setting.
+  //
+  EfiCreateProtocolNotifyEvent (
+    &gEfiVariableWriteArchProtocolGuid,
+    TPL_CALLBACK,
+    InstallSecureBootHook,
+    NULL,
+    &Registration
+    );
+
+  return EFI_SUCCESS;
+}

UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.inf

@@ -0,0 +1,56 @@
+## @file
+# This file handels SecureBoot setup.
+#
+#  Copyright (c) 2013 - 2019, Intel Corporation. All rights reserved.<BR>
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+#
+##
+
+[Defines]
+  INF_VERSION                    = 0x00010005
+  BASE_NAME                      = SecureBootSetup
+  MODULE_UNI_FILE                = SecureBootSetup.uni
+  FILE_GUID                      = 14693BD4-D114-4177-979E-37F279BAD620
+  MODULE_TYPE                    = DXE_DRIVER
+  VERSION_STRING                 = 0.1
+  ENTRY_POINT                    = DriverEntry
+
+#
+#  VALID_ARCHITECTURES           = IA32 X64
+#
+
+[Sources]
+  SecureBootSetup.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  MdeModulePkg/MdeModulePkg.dec
+  SecurityPkg/SecurityPkg.dec
+
+[Guids]
+  gEfiCertPkcs7Guid
+  gEfiCertX509Guid
+  gEfiCustomModeEnableGuid
+  gEfiGlobalVariableGuid
+  gEfiImageSecurityDatabaseGuid
+  gEfiSecureBootEnableDisableGuid
+
+[LibraryClasses]
+  BaseMemoryLib
+  DebugLib
+  MemoryAllocationLib
+  UefiRuntimeServicesTableLib
+  UefiDriverEntryPoint
+  DxeServicesLib
+  UefiBootServicesTableLib
+  SecureBootVariableProvisionLib
+  SecureBootVariableLib
+
+[Protocols]
+  gEfiTcgProtocolGuid                                ## CONSUMES
+  gEfiVariableWriteArchProtocolGuid                  ## CONSUMES
+
+[Depex]
+  TRUE

UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.uni

@@ -0,0 +1,21 @@
+// /** @file
+// Provides authenticated variable service for IPF platform
+//
+// This module installs variable arch protocol and variable write arch protocol to provide
+// four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo.
+//
+// Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT             #language en-US "Provides authenticated variable service for IPF platform"
+
+#string STR_MODULE_DESCRIPTION          #language en-US "This module installs variable arch protocol and variable write arch protocol to provide four EFI_RUNTIME_SERVICES: SetVariable, GetVariable, GetNextVariableName and QueryVariableInfo."

UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetupExtra.uni

@@ -0,0 +1,17 @@
+// /** @file
+// EsalVariableDxeSal Localized Strings and Content
+//
+// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+#string STR_PROPERTIES_MODULE_NAME
+#language en-US
+"9elements Secure Boot DXE"

UefiPayloadPkg/UefiPayloadPkg.dsc

@@ -99,6 +99,11 @@
   #
   DEFINE SHELL_TYPE                   = BUILD_SHELL
 
+  #
+  # Security options:
+  #
+  DEFINE SECURE_BOOT_ENABLE           = FALSE
+
   #
   # EMU:      UEFI payload with EMU variable
   # SPI:      UEFI payload with SPI NV variable support
@@ -186,6 +191,10 @@
   CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf
   SafeIntLib|MdePkg/Library/BaseSafeIntLib/BaseSafeIntLib.inf
   DxeHobListLib|UefiPayloadPkg/Library/DxeHobListLib/DxeHobListLib.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  SecureBootVariableLib|SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.inf
+  SecureBootVariableProvisionLib|SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.inf
+!endif
   BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
   TlsLib|CryptoPkg/Library/TlsLib/TlsLib.inf
   IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
@@ -272,7 +281,6 @@
   DebugLib|MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf
   LockBoxLib|MdeModulePkg/Library/LockBoxNullLib/LockBoxNullLib.inf
   FileExplorerLib|MdeModulePkg/Library/FileExplorerLib/FileExplorerLib.inf
-  AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
 !if $(VARIABLE_SUPPORT) == "EMU"
   TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf
 !elseif $(VARIABLE_SUPPORT) == "SMMSTORE"
@@ -291,6 +299,9 @@
   VmgExitLib|UefiCpuPkg/Library/VmgExitLibNull/VmgExitLibNull.inf
   ReportStatusCodeLib|MdeModulePkg/Library/DxeReportStatusCodeLib/DxeReportStatusCodeLib.inf
 
+[LibraryClasses.common]
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+
 [LibraryClasses.common.SEC]
   HobLib|UefiPayloadPkg/Library/PayloadEntryHobLib/HobLib.inf
   PcdLib|MdePkg/Library/BasePcdLibNull/BasePcdLibNull.inf
@@ -311,6 +322,18 @@
 !if $(PERFORMANCE_MEASUREMENT_ENABLE)
   PerformanceLib|MdeModulePkg/Library/DxeCorePerformanceLib/DxeCorePerformanceLib.inf
 !endif
+  SmbusLib|MdePkg/Library/DxeSmbusLib/DxeSmbusLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+  # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
+  PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
+!else
+  AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
+!endif
 
 [LibraryClasses.common.DXE_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
@@ -325,6 +348,17 @@
 !if $(PERFORMANCE_MEASUREMENT_ENABLE)
   PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf
 !endif
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+  # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
+  PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
+!else
+  AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
+!endif
 
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
@@ -334,6 +368,19 @@
 !if $(PERFORMANCE_MEASUREMENT_ENABLE)
   PerformanceLib|MdeModulePkg/Library/DxePerformanceLib/DxePerformanceLib.inf
 !endif
+  SmbusLib|MdePkg/Library/DxeSmbusLib/DxeSmbusLib.inf
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLibCrypto.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+  RngLib|MdePkg/Library/BaseRngLibTimerLib/BaseRngLibTimerLib.inf
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  AuthVariableLib|SecurityPkg/Library/AuthVariableLib/AuthVariableLib.inf
+  # re-use the UserPhysicalPresent() dummy implementation from the ovmf tree
+  PlatformSecureLib|OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.inf
+!else
+  AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
+!endif
 
 [LibraryClasses.common.UEFI_DRIVER,LibraryClasses.common.UEFI_APPLICATION]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
@@ -573,7 +620,19 @@
   # Components that produce the architectural protocols
   #
 !if $(SECURITY_STUB_ENABLE) == TRUE
-  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
+  MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
+    <LibraryClasses>
+!if $(SECURE_BOOT_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+!endif
+  }
+
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+  SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
+  UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.inf
+!endif
+
 !endif
   UefiCpuPkg/CpuDxe/CpuDxe.inf
   MdeModulePkg/Universal/BdsDxe/BdsDxe.inf
@@ -598,7 +657,10 @@
 !endif
   PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
 !if $(EMU_VARIABLE_ENABLE) == TRUE
-  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+  MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf {
+    <LibraryClasses>
+      NULL|MdeModulePkg/Library/VarCheckUefiLib/VarCheckUefiLib.inf
+  }
 !endif
   #
   # Following are the DXE drivers

UefiPayloadPkg/UefiPayloadPkg.fdf

@@ -61,7 +61,6 @@ FILE FV_IMAGE = 4E35FD93-9C72-4c15-8C4B-E77F1DB2D793 {
 }
 
 ################################################################################
-
 [FV.DXEFV]
 FvNameGuid         = 8063C21A-8E58-4576-95CE-089E87975D23
 BlockSize          = $(FD_BLOCK_SIZE)
@@ -89,6 +88,11 @@ APRIORI DXE {
   INF  MdeModulePkg/Universal/ReportStatusCodeRouter/RuntimeDxe/ReportStatusCodeRouterRuntimeDxe.inf
   INF  MdeModulePkg/Universal/StatusCodeHandler/RuntimeDxe/StatusCodeHandlerRuntimeDxe.inf
   INF  UefiPayloadPkg/BlSupportDxe/BlSupportDxe.inf
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  INF  PcAtChipsetPkg/PcatRealTimeClockRuntimeDxe/PcatRealTimeClockRuntimeDxe.inf
+  INF  SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf # After SMBusConfigLoader and PcatRealTimeClockRuntimeDxe, before Tcg2Dxe
+  INF  UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.inf
+!endif
 }
 
 #
@@ -272,6 +276,19 @@ INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
   !include NetworkPkg/Network.fdf.inc
 !endif
 
+#
+# Security
+#
+!if $(SECURE_BOOT_ENABLE) == TRUE
+  INF  SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf
+  INF  SecurityPkg/VariableAuthenticated/SecureBootDefaultKeysDxe/SecureBootDefaultKeysDxe.inf
+  INF  UefiPayloadPkg/SecureBootEnrollDefaultKeys/SecureBootSetup.inf
+
+  FILE FREEFORM = PCD(gUefiPayloadPkgTokenSpaceGuid.PcdNvsDataFile) {
+    SECTION RAW = UefiVariableBinary/SECUREBOOT.Fv
+  }
+!endif
+
 #
 # Shell
 #
@@ -415,3 +432,17 @@ INF ShellPkg/Application/Shell/Shell.inf
     UI        STRING="Enter Setup"
     VERSION   STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
   }
+
+[RULE.COMMON.USER_DEFINED]
+  FILE FREEFORM = $(NAMED_GUID) {
+    RAW BIN                |.crt
+    RAW BIN                |.bin
+  }
+
+[RULE.COMMON.USER_DEFINED.BINARY]
+  FILE FREEFORM = $(NAMED_GUID) {
+    RAW BIN                |.crt
+    RAW BIN                |.bin
+    UI       STRING="$(MODULE_NAME)" Optional
+  }
+

UefiVariableBinary/UefiVariableBinary.dsc

@@ -0,0 +1,20 @@
+## @file
+# Secure Boot Variable File
+#
+# Builds a firmware volume to contain Secure Boot keys
+#
+# Copyright (c) 2021, Star Labs Online Limited. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+[Defines]
+  PLATFORM_NAME                  = SecureBoot
+  PLATFORM_GUID                  = 1035eeff-543e-4abb-ac7e-bcd68cb530f8
+  PLATFORM_VERSION               = 0.1
+  OUTPUT_DIRECTORY               = Build/UefiVariableBinary
+  SUPPORTED_ARCHITECTURES        = IA32|X64
+  BUILD_TARGETS                  = DEBUG|RELEASE|NOOPT
+  SKUID_IDENTIFIER               = DEFAULT
+  FLASH_DEFINITION               = UefiVariableBinary/UefiVariableBinary.fdf
+
+

UefiVariableBinary/UefiVariableBinary.fdf

@@ -0,0 +1,31 @@
+## @file
+# FDF include file which allows to embed Secure Boot keys
+#
+#  Copyright (c) 2021, Star Labs Online Limited. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+[Defines]
+DEFINE FD_SIZE     = 0x00850000
+DEFINE NUM_BLOCKS  = 0x850
+
+[FV.SecureBoot]
+FILE FREEFORM = 85254ea7-4759-4fc4-82d4-5eed5fb0a4a0 {
+  SECTION RAW = UefiVariableBinary/keys/pk.crt
+  SECTION UI  = "PK Default"
+}
+
+FILE FREEFORM = 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
+  SECTION RAW = UefiVariableBinary/keys/MicCorKEKCA2011_2011-06-24.crt
+  SECTION UI  = "KEK Default"
+}
+
+FILE FREEFORM = c491d352-7623-4843-accc-2791a7574421 {
+  SECTION RAW = UefiVariableBinary/keys/MicWinProPCA2011_2011-10-19.crt
+  SECTION UI  = "DB Default"
+}
+
+FILE FREEFORM = 5740766a-718e-4dc0-9935-c36f7d3f884f {
+  SECTION RAW = UefiVariableBinary/keys/dbxupdate_x64.bin
+  SECTION UI  = "DBX Default"
+}

UefiVariableBinary/keys/README

@@ -0,0 +1,8 @@
+# PK certificate generation
+
+* Do not save private key for re-usage.
+* Generate a RSA 2048 / SHA256 x509 certificate
+* Exponent should be 65537
+* Microsoft certificates can be found here: https://docs.microsoft.com/en-us/windows-hardware/manufacture/desktop/windows-secure-boot-key-creation-and-management-guidance
+
+openssl req -outform DER -newkey rsa:2048 -keyout /dev/null -passout file:<(head -c 40 /dev/urandom) -x509 -days 365 -out pk.crt