SecurityPkg: SecureBootConfigDxe: SecureBoot UI for Customized SecureBoot Mode
Add SecureBoot UI support for Customized SecureBoot Mode transition according to Mantis 1263. User can do secure boot mode transition through UI. https://mantis.uefi.org/mantis/view.php?id=1263 Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Zeng Star <star.zeng@intel.com> Reviewed-by: Long Qin <qin.long@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19134 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
@@ -1,7 +1,7 @@
|
||||
/** @file
|
||||
VFR file used by the SecureBoot configuration component.
|
||||
|
||||
Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
|
||||
This program and the accompanying materials
|
||||
are licensed and made available under the terms and conditions of the BSD License
|
||||
which accompanies this distribution. The full text of the license may be found at
|
||||
@@ -33,6 +33,14 @@ formset
|
||||
|
||||
subtitle text = STRING_TOKEN(STR_NULL);
|
||||
|
||||
//
|
||||
// Display current secure boot mode(one of SetupMode/AuditMode/UserMode/DeployedMode)
|
||||
//
|
||||
text
|
||||
help = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_HELP),
|
||||
text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_PROMPT),
|
||||
text = STRING_TOKEN(STR_CUR_SECURE_BOOT_MODE_CONTENT);
|
||||
|
||||
text
|
||||
help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
|
||||
text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
|
||||
@@ -84,18 +92,18 @@ formset
|
||||
endoneof;
|
||||
|
||||
//
|
||||
//
|
||||
// Display of 'Current Secure Boot Mode'
|
||||
// Display PK include page
|
||||
//
|
||||
suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
|
||||
grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
|
||||
goto FORMID_SECURE_BOOT_OPTION_FORM,
|
||||
prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
|
||||
help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
|
||||
flags = INTERACTIVE,
|
||||
key = KEY_SECURE_BOOT_OPTION;
|
||||
endif;
|
||||
grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
|
||||
goto FORMID_SECURE_BOOT_OPTION_FORM,
|
||||
prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
|
||||
help = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
|
||||
flags = INTERACTIVE,
|
||||
key = KEY_SECURE_BOOT_OPTION;
|
||||
endif;
|
||||
endif;
|
||||
|
||||
endform;
|
||||
|
||||
//
|
||||
@@ -106,6 +114,55 @@ formset
|
||||
|
||||
subtitle text = STRING_TOKEN(STR_NULL);
|
||||
|
||||
//
|
||||
// Display of SetupMode/UserMode/AuditMode/DeployedMode transition
|
||||
//
|
||||
disableif TRUE;
|
||||
oneof varid = SECUREBOOT_CONFIGURATION.TransSecureBootMode,
|
||||
prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),
|
||||
help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),
|
||||
flags = INTERACTIVE,
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE
|
||||
OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND
|
||||
ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);
|
||||
option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;
|
||||
option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;
|
||||
option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;
|
||||
option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;
|
||||
endif
|
||||
option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = 4, flags = 0;
|
||||
endoneof;
|
||||
endif;
|
||||
oneof name = TransSecureBootMode,
|
||||
questionid = KEY_TRANS_SECURE_BOOT_MODE,
|
||||
prompt = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_PROMPT),
|
||||
help = STRING_TOKEN(STR_TRANS_SECURE_BOOT_MODE_HELP),
|
||||
flags = INTERACTIVE | NUMERIC_SIZE_1,
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE
|
||||
OR (ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE AND
|
||||
ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 0);
|
||||
option text = STRING_TOKEN(STR_USER_MODE), value = SECURE_BOOT_MODE_USER_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_AUDIT_MODE;
|
||||
option text = STRING_TOKEN(STR_SETUP_MODE), value = SECURE_BOOT_MODE_SETUP_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_DEPLOYED_MODE;
|
||||
option text = STRING_TOKEN(STR_AUDIT_MODE), value = SECURE_BOOT_MODE_AUDIT_MODE, flags = 0;
|
||||
endif
|
||||
suppressif ideqval SECUREBOOT_CONFIGURATION.CurSecureBootMode == SECURE_BOOT_MODE_SETUP_MODE;
|
||||
option text = STRING_TOKEN(STR_DEPLOYED_MODE), value = SECURE_BOOT_MODE_DEPLOYED_MODE, flags = 0;
|
||||
endif
|
||||
|
||||
endoneof;
|
||||
|
||||
subtitle text = STRING_TOKEN(STR_NULL);
|
||||
|
||||
goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
|
||||
prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
|
||||
help = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
|
||||
|
Reference in New Issue
Block a user