SecurityPkg: AuthVariableLib: Customized SecureBoot Mode transition.

Implement Customized SecureBoot Mode transition logic according to Mantis 1263, including AuditMode/DeployedMode/PK update management.
  Also implement image verification logic in AuditMode. Image Certificate & Hash are recorded to EFI Image Execution Table.
  https://mantis.uefi.org/mantis/view.php?id=1263

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Zeng Star <star.zeng@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19133 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Chao Zhang
2015-12-07 06:20:02 +00:00
committed by czhang46
parent af9af05bec
commit 4fc08e8d68
5 changed files with 1913 additions and 269 deletions

View File

@@ -85,6 +85,10 @@
## PRODUCES ## Variable:L"AuthVarKeyDatabase"
gEfiAuthenticatedVariableGuid
## CONSUMES ## Variable:L"SecureBootMode"
## PRODUCES ## Variable:L"SecureBootMode"
gEdkiiSecureBootModeGuid
gEfiCertTypeRsa2048Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.
gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.
gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.