sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg: PlatformPKProtectionLib: Added PK protection interface

Browse Source 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911

This patch provides an abstracted interface for platform to implement PK
variable related protection interface, which is designed to be used when
PK variable is about to be changed by UEFI firmware.

This change also provided a variable policy based library implementation
to accomodate platforms that supports variable policy for variable
protections.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
This commit is contained in:
Kun Qin
2022-04-11 15:07:34 -07:00
committed by mergify[bot]
parent 134fbd552c
commit d6bee54c45
5 changed files with 125 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
SecurityPkg/SecurityPkg.dec
View File

@@ -99,6 +99,11 @@
## @libraryclass Provides support to enroll Secure Boot keys.
#
SecureBootVariableProvisionLib|Include/Library/SecureBootVariableProvisionLib.h
## @libraryclass Provides support to manage variable 'PK' related protections.
#
PlatformPKProtectionLib|Include/Library/PlatformPKProtectionLib.h
[Guids]
## Security package token space guid.
# Include/Guid/SecurityPkgTokenSpace.h