UefiPayloadPkg: Enable Capsule On Disk support

Signed-off-by: Tim Crawford <tcrawford@system76.com>

BaseTools/Source/C/DevicePath/GNUmakefile

@@ -13,6 +13,14 @@ OBJECTS = DevicePath.o UefiDevicePathLib.o DevicePathFromText.o  DevicePathUtili
 
 include $(MAKEROOT)/Makefiles/app.makefile
 
+GCCVERSION = $(shell gcc -dumpversion | awk -F'.' '{print $$1}')
+ifneq ("$(GCCVERSION)", "5")
+ifneq ($(CXX), llvm)
+# gcc 12 trips over device path handling
+BUILD_CFLAGS += -Wno-error=stringop-overflow
+endif
+endif
+
 LIBS = -lCommon
 ifeq ($(CYGWIN), CYGWIN)
   LIBS += -L/lib/e2fsprogs -luuid

BaseTools/Source/C/GenFfs/GenFfs.c

@@ -542,7 +542,7 @@ GetAlignmentFromFile(char *InFile, UINT32 *Alignment)
   PeFileBuffer = (UINT8 *) malloc (PeFileSize);
   if (PeFileBuffer == NULL) {
     fclose (InFileHandle);
-    Error(NULL, 0, 4001, "Resource", "memory cannot be allocated  of %s", InFileHandle);
+    Error(NULL, 0, 4001, "Resource", "memory cannot be allocated for %s", InFile);
     return EFI_OUT_OF_RESOURCES;
   }
   fread (PeFileBuffer, sizeof (UINT8), PeFileSize, InFileHandle);

BaseTools/Source/C/GenSec/GenSec.c

@@ -1062,7 +1062,7 @@ GetAlignmentFromFile(char *InFile, UINT32 *Alignment)
   PeFileBuffer = (UINT8 *) malloc (PeFileSize);
   if (PeFileBuffer == NULL) {
     fclose (InFileHandle);
-    Error(NULL, 0, 4001, "Resource", "memory cannot be allocated  of %s", InFileHandle);
+    Error(NULL, 0, 4001, "Resource", "memory cannot be allocated for %s", InFile);
     return EFI_OUT_OF_RESOURCES;
   }
   fread (PeFileBuffer, sizeof (UINT8), PeFileSize, InFileHandle);

BaseTools/Source/C/LzmaCompress/Sdk/C/LzmaEnc.c

@@ -2825,12 +2825,13 @@ SRes LzmaEnc_CodeOneMemBlock(CLzmaEncHandle pp, BoolInt reInit,
 
   nowPos64 = p->nowPos64;
   RangeEnc_Init(&p->rc);
-  p->rc.outStream = &outStream.vt;
 
   if (desiredPackSize == 0)
     return SZ_ERROR_OUTPUT_EOF;
 
+  p->rc.outStream = &outStream.vt;
   res = LzmaEnc_CodeOneBlock(p, desiredPackSize, *unpackSize);
+  p->rc.outStream = NULL;
 
   *unpackSize = (UInt32)(p->nowPos64 - nowPos64);
   *destLen -= outStream.rem;

MdeModulePkg/Application/UiApp/FrontPage.c

@@ -247,6 +247,124 @@ UpdateFrontPageForm (
   HiiFreeOpCodeHandle (EndOpCodeHandle);
 }
 
+// FIXME: Copied from Device Manager; clean up
+void ShowSecureBootConfig(void)
+{
+    void *StartHandle;
+    void *EndHandle;
+    EFI_IFR_GUID_LABEL *StartLabel;
+    EFI_IFR_GUID_LABEL *EndLabel;
+    EFI_HII_HANDLE *HiiHandles;
+    EFI_HII_HANDLE HiiHandle = gFrontPagePrivate.HiiHandle;
+    UINTN Index;
+    EFI_STRING String;
+    EFI_STRING_ID Token;
+    EFI_STRING_ID TokenHelp;
+    EFI_IFR_FORM_SET *Buffer = NULL;
+    UINTN BufferSize = 0;
+    UINT8 ClassGuidNum;
+    EFI_GUID *ClassGuid;
+    UINTN TempSize = 0;
+    UINT8 *Ptr;
+    EFI_STATUS Status;
+    // XXX: Copied from SecureBootConfigDxe
+    EFI_GUID SecureBootConfigGuid = { 0x5daf50a5, 0xea81, 0x4de2, {0x8f, 0x9b, 0xca, 0xbd, 0xa9, 0xcf, 0x5c, 0x14}};
+
+    StartHandle = HiiAllocateOpCodeHandle();
+    ASSERT(StartHandle != NULL);
+
+    EndHandle = HiiAllocateOpCodeHandle();
+    ASSERT(EndHandle != NULL);
+
+    StartLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(StartHandle, &gEfiIfrTianoGuid, NULL, sizeof(*StartLabel));
+    StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+    StartLabel->Number = LABEL_DEVICES_LIST;
+
+    EndLabel = (EFI_IFR_GUID_LABEL *)HiiCreateGuidOpCode(EndHandle, &gEfiIfrTianoGuid, NULL, sizeof(*EndLabel));
+    EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
+    EndLabel->Number = LABEL_END;
+
+    // Get SecureBootConfig handle
+    HiiHandles = HiiGetHiiHandles(&SecureBootConfigGuid);
+    ASSERT(HiiHandles != NULL);
+
+    // Search for formset of each class type
+    for (Index = 0; HiiHandles[Index] != NULL; Index++) {
+        Status = HiiGetFormSetFromHiiHandle(HiiHandles[Index], &Buffer, &BufferSize);
+        if (EFI_ERROR(Status)) {
+            continue;
+        }
+
+        Ptr = (UINT8 *)Buffer;
+        while (TempSize < BufferSize) {
+            TempSize += ((EFI_IFR_OP_HEADER *)Ptr)->Length;
+            if (((EFI_IFR_OP_HEADER *)Ptr)->Length <= OFFSET_OF (EFI_IFR_FORM_SET, Flags)) {
+                Ptr += ((EFI_IFR_OP_HEADER *)Ptr)->Length;
+                continue;
+            }
+
+            ClassGuidNum = (UINT8)(((EFI_IFR_FORM_SET *)Ptr)->Flags & 0x3);
+            ClassGuid = (EFI_GUID *)(VOID *)(Ptr + sizeof(EFI_IFR_FORM_SET));
+            while (ClassGuidNum-- > 0) {
+                if (CompareGuid(&gEfiHiiPlatformSetupFormsetGuid, ClassGuid) == 0) {
+                    ClassGuid++;
+                    continue;
+                }
+
+                String = HiiGetString(HiiHandles[Index], ((EFI_IFR_FORM_SET *)Ptr)->FormSetTitle, NULL);
+                if (String == NULL) {
+                    String = HiiGetString(HiiHandle, STRING_TOKEN (STR_MISSING_STRING), NULL);
+                    ASSERT (String != NULL);
+                }
+
+                Token = HiiSetString(HiiHandle, 0, String, NULL);
+                FreePool(String);
+
+                String = HiiGetString(HiiHandles[Index], ((EFI_IFR_FORM_SET *)Ptr)->Help, NULL);
+                if (String == NULL) {
+                    String = HiiGetString(HiiHandle, STRING_TOKEN (STR_MISSING_STRING), NULL);
+                    ASSERT(String != NULL);
+                }
+
+                TokenHelp = HiiSetString(HiiHandle, 0, String, NULL);
+                FreePool(String);
+
+                HiiCreateGotoExOpCode(
+                    StartHandle,
+                    0,
+                    Token,
+                    TokenHelp,
+                    0,
+                    0,
+                    0,
+                    &SecureBootConfigGuid,
+                    0
+                );
+
+                break;
+            }
+
+            Ptr += ((EFI_IFR_OP_HEADER *)Ptr)->Length;
+        }
+
+        FreePool (Buffer);
+        Buffer     = NULL;
+        TempSize   = 0;
+        BufferSize = 0;
+    }
+
+    HiiUpdateForm(
+        HiiHandle,
+        &mFrontPageGuid,
+        FRONT_PAGE_FORM_ID,
+        StartHandle,
+        EndHandle
+    );
+
+    HiiFreeOpCodeHandle(StartHandle);
+    HiiFreeOpCodeHandle(EndHandle);
+}
+
 /**
   Initialize HII information for the FrontPage
 
@@ -305,6 +423,8 @@ InitializeFrontPage (
   //
   UpdateFrontPageForm();
 
+  ShowSecureBootConfig();
+
   return Status;
 }
 

MdeModulePkg/Application/UiApp/FrontPage.h

@@ -33,8 +33,10 @@ extern EFI_FORM_BROWSER2_PROTOCOL      *gFormBrowser2;
 // These are defined as the same with vfr file
 //
 #define FRONT_PAGE_FORM_ID             0x7600
+#define FIRMWARE_INFO_FORM_ID          0x7601
 
 #define LABEL_FRONTPAGE_INFORMATION    0x1000
+#define LABEL_DEVICES_LIST             0x2000
 #define LABEL_END                      0xffff
 
 #define FRONT_PAGE_FORMSET_GUID \

MdeModulePkg/Application/UiApp/FrontPageVfr.Vfr

@@ -13,6 +13,7 @@
 #define FIRMWARE_INFO_FORM_ID          0x7601
 
 #define LABEL_FRONTPAGE_INFORMATION    0x1000
+#define LABEL_DEVICES_LIST             0x2000
 #define LABEL_END                      0xffff
 
 formset
@@ -36,6 +37,12 @@ formset
     label LABEL_END;
 
     subtitle text = STRING_TOKEN(STR_EMPTY_STRING);
+
+    label LABEL_DEVICES_LIST;
+    label LABEL_END;
+
+    subtitle text = STRING_TOKEN(STR_EMPTY_STRING);
+
     goto FIRMWARE_INFO_FORM_ID,
       prompt = STRING_TOKEN(STR_FIRMWARE_INFO),
       help = STRING_TOKEN(STR_EMPTY_STRING);
@@ -56,6 +63,7 @@ formset
     subtitle text = STRING_TOKEN(STR_TPM_STATUS);
     subtitle text = STRING_TOKEN(STR_EMPTY_STRING);
     subtitle text = STRING_TOKEN(STR_ME_STATUS);
+    subtitle text = STRING_TOKEN(STR_EMPTY_STRING);
   endform;
 
 endformset;

MdeModulePkg/Application/UiApp/UiApp.inf

@@ -60,6 +60,7 @@
   gEfiIfrTianoGuid                              ## CONSUMES ## GUID (Extended IFR Guid Opcode)
   gEfiIfrFrontPageGuid                          ## CONSUMES ## GUID
   gEfiSmbiosTableGuid                           ## CONSUMES ## GUID
+  gEfiHiiPlatformSetupFormsetGuid               ## CONSUMES ## GUID
 
 [Protocols]
   gEfiSmbiosProtocolGuid                        ## CONSUMES

MdeModulePkg/Bus/Usb/UsbBusDxe/UsbUtility.c

@@ -285,7 +285,7 @@ UsbHcBulkTransfer (
   IN  UINT8                               DevSpeed,
   IN  UINTN                               MaxPacket,
   IN  UINT8                               BufferNum,
-  IN  OUT VOID                            *Data[EFI_USB_MAX_BULK_BUFFER_NUM],
+  IN  OUT VOID                            *Data[],
   IN  OUT UINTN                           *DataLength,
   IN  OUT UINT8                           *DataToggle,
   IN  UINTN                               TimeOut,

MdeModulePkg/Bus/Usb/UsbBusDxe/UsbUtility.h

@@ -149,7 +149,7 @@ UsbHcBulkTransfer (
   IN  UINT8                               DevSpeed,
   IN  UINTN                               MaxPacket,
   IN  UINT8                               BufferNum,
-  IN  OUT VOID                            *Data[EFI_USB_MAX_BULK_BUFFER_NUM],
+  IN  OUT VOID                            *Data[],
   IN  OUT UINTN                           *DataLength,
   IN  OUT UINT8                           *DataToggle,
   IN  UINTN                               TimeOut,

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr

@@ -1,10 +1,6 @@
-/** @file
-  VFR file used by the SecureBoot configuration component.
-
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-
-**/
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+// SPDX-FileCopyrightText: Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+// SPDX-FileCopyrightText: 2023 System76 <info@system76.com>
 
 #include "SecureBootConfigNvData.h"
 
@@ -19,34 +15,19 @@ formset
     name = SECUREBOOT_CONFIGURATION,
     guid = SECUREBOOT_CONFIG_FORM_SET_GUID;
 
-  //
-  // ##1 Form "Secure Boot Configuration"
-  //
   form formid = SECUREBOOT_CONFIGURATION_FORM_ID,
     title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
 
-    subtitle text = STRING_TOKEN(STR_NULL);
+    // FIXME: firmware-setup doesn't handle EFI_IFR_TEXT.
+    //text
+    //  help = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
+    //  text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
+    //  text = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
 
-    text
-      help   = STRING_TOKEN(STR_SECURE_BOOT_STATE_HELP),
-      text   = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT),
-        text   = STRING_TOKEN(STR_SECURE_BOOT_STATE_CONTENT);
+    subtitle text = STRING_TOKEN(STR_SECURE_BOOT_STATE_PROMPT);
 
-    //
-    // Display of Check Box: Attempt Secure Boot
-    //
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1 OR NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
-    checkbox varid = SECUREBOOT_CONFIGURATION.AttemptSecureBoot,
-          questionid = KEY_SECURE_BOOT_ENABLE,
-          prompt = STRING_TOKEN(STR_SECURE_BOOT_PROMPT),
-          help   = STRING_TOKEN(STR_SECURE_BOOT_HELP),
-          flags  = INTERACTIVE | RESET_REQUIRED,
-    endcheckbox;
-    endif;
-
-    //
-    // Display of Oneof: 'Secure Boot Mode'
-    //
+    // XXX: Needed for "Secure Boot status" string to update.
+    suppressif TRUE;
     oneof name = SecureBootMode,
       questionid = KEY_SECURE_BOOT_MODE,
       prompt = STRING_TOKEN(STR_SECURE_BOOT_MODE_PROMPT),
@@ -55,557 +36,97 @@ formset
       option text = STRING_TOKEN(STR_STANDARD_MODE),    value = SECURE_BOOT_MODE_STANDARD, flags = DEFAULT;
       option text = STRING_TOKEN(STR_CUSTOM_MODE),      value = SECURE_BOOT_MODE_CUSTOM,   flags = 0;
     endoneof;
+    endif;
 
-    //
-    // Display of 'Current Secure Boot Mode'
-    //
-    suppressif questionref(SecureBootMode) == SECURE_BOOT_MODE_STANDARD;
-    grayoutif NOT ideqval SECUREBOOT_CONFIGURATION.PhysicalPresent == 1;
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_OPTION;
+    suppressif ideqval SECUREBOOT_CONFIGURATION.AttemptSecureBoot == 0;
+      goto FORMID_SECURE_BOOT_DISABLE,
+        prompt = STRING_TOKEN(STR_SECURE_BOOT_DISABLE_PROMPT),
+        help = STRING_TOKEN(STR_NULL);
     endif;
+    suppressif ideqval SECUREBOOT_CONFIGURATION.AttemptSecureBoot == 1;
+      goto FORMID_SECURE_BOOT_ENABLE,
+        prompt = STRING_TOKEN(STR_SECURE_BOOT_ENABLE_PROMPT),
+        help = STRING_TOKEN(STR_NULL);
     endif;
 
+    subtitle text = STRING_TOKEN(STR_NULL);
+
+    goto FORMID_DELETE_KEYS,
+      prompt = STRING_TOKEN(STR_DELETE_KEYS_PROMPT),
+      help = STRING_TOKEN(STR_NULL);
+
+    goto FORMID_RESTORE_KEYS,
+      prompt = STRING_TOKEN(STR_RESTORE_KEYS_PROMPT),
+      help = STRING_TOKEN(STR_NULL);
+
+  endform;
+
+  form formid = FORMID_SECURE_BOOT_ENABLE,
+    title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
+
+    subtitle text = STRING_TOKEN(STR_ENABLE_NOTICE);
+    subtitle text = STRING_TOKEN(STR_NULL);
+
     text
-      help   = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS_HELP),
-      text   = STRING_TOKEN(STR_SECURE_RESET_TO_DEFAULTS),
+      help = STRING_TOKEN(STR_NULL),
+      text = STRING_TOKEN(STR_ENABLE_SELECTION),
       flags = INTERACTIVE,
-      key    = KEY_SECURE_BOOT_RESET_TO_DEFAULT;
+      key = KEY_SECURE_BOOT_STATE_ENABLE;
 
+    goto SECUREBOOT_CONFIGURATION_FORM_ID,
+      prompt = STRING_TOKEN(STR_CANCEL),
+      help = STRING_TOKEN(STR_NULL);
   endform;
 
-  //
-  // ##2 Form: 'Custom Secure Boot Options'
-  //
-  form formid = FORMID_SECURE_BOOT_OPTION_FORM,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_OPTION_TITLE);
+  form formid = FORMID_SECURE_BOOT_DISABLE,
+    title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
 
+    subtitle text = STRING_TOKEN(STR_DISABLE_NOTICE);
     subtitle text = STRING_TOKEN(STR_NULL);
 
-    goto FORMID_SECURE_BOOT_PK_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_PK_OPTION;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_KEK_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_KEK_OPTION;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_DB_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_DB_OPTION;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_DBX_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_DBX_OPTION;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_DBT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION),
-         help   = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_SECURE_BOOT_DBT_OPTION;
-
-  endform;
-
-  //
-  // ##3 Form: 'PK Options'
-  //
-  form formid = FORMID_SECURE_BOOT_PK_OPTION_FORM,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_PK_OPTION);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    //
-    // Display of 'Enroll PK'
-    //
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.HasPk == 1;
-    goto FORMID_ENROLL_PK_FORM,
-         prompt = STRING_TOKEN(STR_ENROLL_PK),
-         help   = STRING_TOKEN(STR_ENROLL_PK_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_ENROLL_PK;
-    endif;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    //
-    // Display of Check Box: 'Delete Pk'
-    //
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.HideSecureBoot == 1;
-    checkbox varid = SECUREBOOT_CONFIGURATION.DeletePk,
-          questionid = KEY_SECURE_BOOT_DELETE_PK,
-          prompt = STRING_TOKEN(STR_DELETE_PK),
-          help   = STRING_TOKEN(STR_DELETE_PK_HELP),
-          flags  = INTERACTIVE | RESET_REQUIRED,
-    endcheckbox;
-    endif;
-  endform;
-
-  //
-  // ##4 Form: 'Enroll PK'
-  //
-  form formid = FORMID_ENROLL_PK_FORM,
-    title  = STRING_TOKEN(STR_ENROLL_PK);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_ENROLL_PK_FORM,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
-         help = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_PK_FILE),
-         flags = INTERACTIVE,
-         key = FORMID_ENROLL_PK_FORM;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    label FORMID_ENROLL_PK_FORM;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-      prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-      help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-      flags  = INTERACTIVE| RESET_REQUIRED,
-      key    = KEY_VALUE_SAVE_AND_EXIT_PK;
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-      prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-      help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-      flags  = INTERACTIVE,
-      key    = KEY_VALUE_NO_SAVE_AND_EXIT_PK;
-
-  endform;
-
-  //
-  // ##5 Form: 'KEK Options'
-  //
-  form formid = FORMID_SECURE_BOOT_KEK_OPTION_FORM,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_KEK_OPTION);
-
-    //
-    // Display of 'Enroll KEK'
-    //
-    goto FORMID_ENROLL_KEK_FORM,
-         prompt = STRING_TOKEN(STR_ENROLL_KEK),
-         help   = STRING_TOKEN(STR_ENROLL_KEK_HELP),
-         flags  = INTERACTIVE;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    //
-    // Display of 'Delete KEK'
-    //
-    goto FORMID_DELETE_KEK_FORM,
-         prompt = STRING_TOKEN(STR_DELETE_KEK),
-         help   = STRING_TOKEN(STR_DELETE_KEK_HELP),
-         flags  = INTERACTIVE,
-         key    = KEY_DELETE_KEK;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-  endform;
-
-  //
-  // ##6 Form: 'Enroll KEK'
-  //
-  form formid = FORMID_ENROLL_KEK_FORM,
-    title = STRING_TOKEN(STR_ENROLL_KEK_TITLE);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_ENROLL_KEK_FORM,
-         prompt = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE),
-         help   = STRING_TOKEN(STR_FORM_ENROLL_KEK_FROM_FILE_TITLE_HELP),
-         flags  = INTERACTIVE,
-         key    = FORMID_ENROLL_KEK_FORM;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    label FORMID_ENROLL_KEK_FORM;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    string  varid   = SECUREBOOT_CONFIGURATION.SignatureGuid,
-            prompt  = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
-            help    = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
-            flags   = INTERACTIVE,
-            key     = KEY_SECURE_BOOT_KEK_GUID,
-            minsize = SECURE_BOOT_GUID_SIZE,
-            maxsize = SECURE_BOOT_GUID_SIZE,
-    endstring;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-      prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-      help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-      flags  = INTERACTIVE,
-      key    = KEY_VALUE_SAVE_AND_EXIT_KEK;
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-      prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-      help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-      flags  = INTERACTIVE,
-      key    = KEY_VALUE_NO_SAVE_AND_EXIT_KEK;
-
-  endform;
-
-  //
-  // ##7 Form: 'Delete KEK'
-  //
-  form formid = FORMID_DELETE_KEK_FORM,
-    title  = STRING_TOKEN(STR_DELETE_KEK_TITLE);
-
-    label LABEL_KEK_DELETE;
-    label LABEL_END;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-  endform;
-
-  //
-  // ##8 Form: 'DB Options'
-  //
-  form formid = FORMID_SECURE_BOOT_DB_OPTION_FORM,
-    title = STRING_TOKEN(STR_SECURE_BOOT_DB_OPTION);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    flags  = 0;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    flags  = INTERACTIVE,
-    key    = SECUREBOOT_DELETE_SIGNATURE_FROM_DB;
-
-  endform;
-
-  //
-  // ##9 Form: 'DBX Options'
-  //
-  form formid = FORMID_SECURE_BOOT_DBX_OPTION_FORM,
-    title = STRING_TOKEN(STR_SECURE_BOOT_DBX_OPTION);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    flags  = 0;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    flags  = INTERACTIVE,
-    key    = KEY_VALUE_FROM_DBX_TO_LIST_FORM;
-
-  endform;
-
-  //
-  // ##9 Form: 'DBT Options'
-  //
-  form formid = FORMID_SECURE_BOOT_DBT_OPTION_FORM,
-    title = STRING_TOKEN(STR_SECURE_BOOT_DBT_OPTION);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_ENROLL_SIGNATURE),
-    flags  = 0;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
-    prompt = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    help   = STRING_TOKEN (STR_SECURE_BOOT_DELETE_SIGNATURE),
-    flags  = INTERACTIVE,
-    key    = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT;
-
-  endform;
-
-  //
-  // Form: 'Delete Signature' for DB Options.
-  //
-  form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DB,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
-
-    label LABEL_DB_DELETE;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-  endform;
-
-  //
-  // Form: Display Signature List.
-  //
-  form formid = SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_DELETE_LIST_FORM);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.ListCount == 0;
-      label LABEL_DELETE_ALL_LIST_BUTTON;
-      //
-      // Will create a goto button dynamically here.
-      //
-      label LABEL_END;
-   endif;
-
-   subtitle text = STRING_TOKEN(STR_NULL);
-   label LABEL_SIGNATURE_LIST_START;
-   label LABEL_END;
-   subtitle text = STRING_TOKEN(STR_NULL);
-
-  endform;
-
-  //
-  // Form: Display Signature Data.
-  //
-  form formid = SECUREBOOT_DELETE_SIGNATURE_DATA_FORM,
-    title = STRING_TOKEN(STR_SECURE_BOOT_DELETE_DATA_FORM);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
-      prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA),
-      help   = STRING_TOKEN(STR_SECURE_BOOT_DELETE_ALL_DATA_HELP),
-      flags  = INTERACTIVE,
-      key    = KEY_SECURE_BOOT_DELETE_ALL_DATA;
-
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.CheckedDataCount == 0;
-      goto SECUREBOOT_DELETE_SIGNATURE_LIST_FORM,
-        prompt = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA),
-        help   = STRING_TOKEN(STR_SECURE_BOOT_DELETE_CHECK_DATA_HELP),
-        flags  = INTERACTIVE,
-        key    = KEY_SECURE_BOOT_DELETE_CHECK_DATA;
-    endif;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    label LABEL_SIGNATURE_DATA_START;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-  endform;
-
-
-  //
-  // Form: 'Delete Signature' for DBT Options.
-  //
-  form formid = SECUREBOOT_DELETE_SIGNATURE_FROM_DBT,
-    title  = STRING_TOKEN(STR_SECURE_BOOT_DELETE_SIGNATURE);
-
-    label LABEL_DBT_DELETE;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-  endform;
-
-  //
-  // Form: 'Enroll Signature' for DB options.
-  //
-  form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
-    title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DB,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
-         help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
-         flags = INTERACTIVE,
-         key = SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    label SECUREBOOT_ENROLL_SIGNATURE_TO_DB;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    string  varid   = SECUREBOOT_CONFIGURATION.SignatureGuid,
-            prompt  = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
-            help    = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
-            flags   = INTERACTIVE,
-            key     = KEY_SECURE_BOOT_SIGNATURE_GUID_DB,
-            minsize = SECURE_BOOT_GUID_SIZE,
-            maxsize = SECURE_BOOT_GUID_SIZE,
-    endstring;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_SAVE_AND_EXIT_DB;
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_NO_SAVE_AND_EXIT_DB;
-
-  endform;
-
-  //
-  // Form: 'Enroll Signature' for DBX options.
-  //
-  form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
-    title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBX,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
-         help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
-         flags = INTERACTIVE,
-         key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
-
-    label SECUREBOOT_ENROLL_SIGNATURE_TO_DBX;
-    label LABEL_END;
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    grayoutif ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
-      string  varid   = SECUREBOOT_CONFIGURATION.SignatureGuid,
-              prompt  = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
-              help    = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
-              flags   = INTERACTIVE,
-              key     = KEY_SECURE_BOOT_SIGNATURE_GUID_DBX,
-              minsize = SECURE_BOOT_GUID_SIZE,
-              maxsize = SECURE_BOOT_GUID_SIZE,
-      endstring;
-    endif;
-
-    disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 1;
-      oneof name = X509SignatureFormatInDbx,
-            varid       = SECUREBOOT_CONFIGURATION.CertificateFormat,
-            prompt      = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),
-            help        = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_HELP),
-            option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA256), value = 0x1, flags = DEFAULT;
-            option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA384), value = 0x2, flags = 0;
-            option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_SHA512), value = 0x3, flags = 0;
-            option text = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_RAW), value = 0x4, flags = 0;
-      endoneof;
-    endif;
-
-    disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 2;
     text
-        help   = STRING_TOKEN(STR_DBX_PE_IMAGE_FORMAT_HELP),          // Help string
-        text   = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),     // Prompt string
-        text   = STRING_TOKEN(STR_DBX_PE_FORMAT_SHA256);              // PE image type
-    endif;
-
-    disableif NOT ideqval SECUREBOOT_CONFIGURATION.FileEnrollType == 3;
-      text
-        help   = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT_HELP),            // Help string
-        text   = STRING_TOKEN(STR_DBX_CERTIFICATE_FORMAT_PROMPT),     // Prompt string
-        text   = STRING_TOKEN(STR_DBX_AUTH_2_FORMAT);                 // AUTH_2 image type
-    endif;
-
-    suppressif ideqval SECUREBOOT_CONFIGURATION.CertificateFormat == 4;
-        checkbox varid  = SECUREBOOT_CONFIGURATION.AlwaysRevocation,
-               prompt = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_PROMPT),
-               help   = STRING_TOKEN(STR_ALWAYS_CERTIFICATE_REVOCATION_HELP),
+      help = STRING_TOKEN(STR_NULL),
+      text = STRING_TOKEN(STR_DISABLE_SELECTION),
       flags = INTERACTIVE,
-        endcheckbox;
-
-        suppressif ideqval SECUREBOOT_CONFIGURATION.AlwaysRevocation == 1;
-            date  varid  = SECUREBOOT_CONFIGURATION.RevocationDate,
-                  prompt = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_PROMPT),
-                  help   = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_DATE_HELP),
-                  flags  = STORAGE_NORMAL,
-            enddate;
-
-            time varid   = SECUREBOOT_CONFIGURATION.RevocationTime,
-                 prompt  = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_PROMPT),
-                 help    = STRING_TOKEN(STR_CERTIFICATE_REVOCATION_TIME_HELP),
-                 flags   = STORAGE_NORMAL,
-            endtime;
-        endif;
-    endif;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_SAVE_AND_EXIT_DBX;
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_NO_SAVE_AND_EXIT_DBX;
+      key = KEY_SECURE_BOOT_STATE_DISABLE;
 
+    goto SECUREBOOT_CONFIGURATION_FORM_ID,
+      prompt = STRING_TOKEN(STR_CANCEL),
+      help = STRING_TOKEN(STR_NULL);
   endform;
 
-  //
-  // Form: 'Enroll Signature' for DBT options.
-  //
-  form formid = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
-    title = STRING_TOKEN(STR_SECURE_BOOT_ENROLL_SIGNATURE);
+  form formid = FORMID_DELETE_KEYS,
+    title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
 
+    subtitle text = STRING_TOKEN(STR_DELETE_KEYS_NOTICE);
     subtitle text = STRING_TOKEN(STR_NULL);
 
-    goto SECUREBOOT_ENROLL_SIGNATURE_TO_DBT,
-         prompt = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
-         help = STRING_TOKEN(STR_SECURE_BOOT_ADD_SIGNATURE_FILE),
+    text
+      help = STRING_TOKEN(STR_NULL),
+      text = STRING_TOKEN(STR_DELETE_KEYS_SELECTION),
       flags = INTERACTIVE,
-         key = SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
+      key = KEY_SECURE_BOOT_DELETE_PK;
 
-    subtitle text = STRING_TOKEN(STR_NULL);
-    label SECUREBOOT_ENROLL_SIGNATURE_TO_DBT;
-    label LABEL_END;
+    goto SECUREBOOT_CONFIGURATION_FORM_ID,
+      prompt = STRING_TOKEN(STR_CANCEL),
+      help = STRING_TOKEN(STR_NULL);
+  endform;
+
+  form formid = FORMID_RESTORE_KEYS,
+    title = STRING_TOKEN(STR_SECUREBOOT_TITLE);
+
+    subtitle text = STRING_TOKEN(STR_RESTORE_KEYS_NOTICE);
     subtitle text = STRING_TOKEN(STR_NULL);
 
-    string  varid   = SECUREBOOT_CONFIGURATION.SignatureGuid,
-            prompt  = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID),
-            help    = STRING_TOKEN(STR_SECURE_BOOT_SIGNATURE_GUID_HELP),
+    text
+      help = STRING_TOKEN(STR_NULL),
+      text = STRING_TOKEN(STR_RESTORE_KEYS_SELECTION),
       flags = INTERACTIVE,
-            key     = KEY_SECURE_BOOT_SIGNATURE_GUID_DBT,
-            minsize = SECURE_BOOT_GUID_SIZE,
-            maxsize = SECURE_BOOT_GUID_SIZE,
-    endstring;
-
-    subtitle text = STRING_TOKEN(STR_NULL);
-    subtitle text = STRING_TOKEN(STR_NULL);
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_SAVE_AND_EXIT_DBT;
-
-    goto FORMID_SECURE_BOOT_OPTION_FORM,
-         prompt = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         help   = STRING_TOKEN(STR_NO_SAVE_AND_EXIT),
-         flags  = INTERACTIVE,
-         key    = KEY_VALUE_NO_SAVE_AND_EXIT_DBT;
+      key = KEY_RESTORE_KEYS;
 
+    goto SECUREBOOT_CONFIGURATION_FORM_ID,
+      prompt = STRING_TOKEN(STR_CANCEL),
+      help = STRING_TOKEN(STR_NULL);
   endform;
 
 endformset;

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c

@@ -3142,9 +3142,9 @@ UpdateSecureBootString(
   }
 
   if (*SecureBoot == SECURE_BOOT_MODE_ENABLE) {
-    HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Enabled", NULL);
+    HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_PROMPT), L"Secure Boot state: Enabled", NULL);
   } else {
-    HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_CONTENT), L"Disabled", NULL);
+    HiiSetString (Private->HiiHandle, STRING_TOKEN (STR_SECURE_BOOT_STATE_PROMPT), L"Secure Boot state: Disabled", NULL);
   }
 
   FreePool(SecureBoot);
@@ -4324,7 +4324,7 @@ SecureBootCallback (
   UINT8                           *SecureBootEnable;
   UINT8                           *Pk;
   UINT8                           *SecureBootMode;
-  UINT8                           *SetupMode;
+  //UINT8                           *SetupMode;
   CHAR16                          PromptString[100];
   EFI_DEVICE_PATH_PROTOCOL        *File;
   UINTN                           NameLength;
@@ -4332,13 +4332,11 @@ SecureBootCallback (
   SECUREBOOT_CONFIG_PRIVATE_DATA  *PrivateData;
   BOOLEAN                         GetBrowserDataResult;
   ENROLL_KEY_ERROR                EnrollKeyErrorCode;
-  EFI_HII_POPUP_PROTOCOL          *HiiPopup;
-  EFI_HII_POPUP_SELECTION         UserSelection;
 
   Status             = EFI_SUCCESS;
   SecureBootEnable   = NULL;
   SecureBootMode     = NULL;
-  SetupMode          = NULL;
+  //SetupMode          = NULL;
   File               = NULL;
   EnrollKeyErrorCode = None_Error;
 
@@ -4414,27 +4412,14 @@ SecureBootCallback (
   if (Action == EFI_BROWSER_ACTION_CHANGING) {
 
     switch (QuestionId) {
-    case KEY_SECURE_BOOT_ENABLE:
+    //case KEY_SECURE_BOOT_ENABLE:
+    case KEY_SECURE_BOOT_STATE_ENABLE:
       GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
-      if (NULL != SecureBootEnable) {
-        FreePool (SecureBootEnable);
-        if (EFI_ERROR (SaveSecureBootVariable (Value->u8))) {
-          CreatePopUp (
-            EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
-            &Key,
-            L"Only Physical Presence User could disable secure boot!",
-            NULL
-            );
-          Status = EFI_UNSUPPORTED;
-        } else {
-          CreatePopUp (
-            EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
-            &Key,
-            L"Configuration changed, please reset the platform to take effect!",
-            NULL
-            );
-        }
-      }
+      Status = SaveSecureBootVariable(1);
+      break;
+    case KEY_SECURE_BOOT_STATE_DISABLE:
+      GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL);
+      Status = SaveSecureBootVariable(0);
       break;
 
     case KEY_SECURE_BOOT_KEK_OPTION:
@@ -4534,26 +4519,7 @@ SecureBootCallback (
       break;
 
     case KEY_SECURE_BOOT_DELETE_PK:
-      if (Value->u8) {
-        CreatePopUp (
-          EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
-          &Key,
-          L"Are you sure you want to delete PK? Secure boot will be disabled!",
-          L"Press 'Y' to delete PK and exit, 'N' to discard change and return",
-          NULL
-          );
-        if (Key.UnicodeChar == 'y' || Key.UnicodeChar == 'Y') {
       Status = DeletePlatformKey();
-          if (EFI_ERROR (Status)) {
-            CreatePopUp (
-              EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE,
-              &Key,
-              L"Only Physical Presence User could delete PK in custom mode!",
-              NULL
-              );
-          }
-        }
-      }
       break;
 
     case KEY_DELETE_KEK:
@@ -4850,8 +4816,12 @@ SecureBootCallback (
     }
   } else if (Action == EFI_BROWSER_ACTION_CHANGED) {
     switch (QuestionId) {
-    case KEY_SECURE_BOOT_ENABLE:
+    //case KEY_SECURE_BOOT_ENABLE:
+    case KEY_SECURE_BOOT_STATE_ENABLE:
+    case KEY_SECURE_BOOT_STATE_DISABLE:
       *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
+      // XXX: Is this safe?
+      gRT->ResetSystem(EfiResetCold, Status, 0, NULL);
       break;
     case KEY_SECURE_BOOT_MODE:
       mIsEnterSecureBootForm = FALSE;
@@ -4870,45 +4840,33 @@ SecureBootCallback (
       *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
       break;
     case KEY_SECURE_BOOT_DELETE_PK:
-      GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
-      if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
-        IfrNvData->DeletePk = TRUE;
-        IfrNvData->HasPk    = FALSE;
-        *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
-      } else  {
-        IfrNvData->DeletePk = FALSE;
-        IfrNvData->HasPk    = TRUE;
-        *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
-      }
-      if (SetupMode != NULL) {
-        FreePool (SetupMode);
-      }
+      //GetVariable2 (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid, (VOID**)&SetupMode, NULL);
+      //if (SetupMode == NULL || (*SetupMode) == SETUP_MODE) {
+      //  IfrNvData->DeletePk = TRUE;
+      //  IfrNvData->HasPk    = FALSE;
+      //  *ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
+      //} else  {
+      //  IfrNvData->DeletePk = FALSE;
+      //  IfrNvData->HasPk    = TRUE;
+      //  *ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
+      //}
+      //if (SetupMode != NULL) {
+      //  FreePool (SetupMode);
+      //}
+      // XXX: Is this safe?
+      gRT->ResetSystem(EfiResetCold, Status, 0, NULL);
       break;
-    case KEY_SECURE_BOOT_RESET_TO_DEFAULT:
-    {
-      Status = gBS->LocateProtocol (&gEfiHiiPopupProtocolGuid, NULL, (VOID **) &HiiPopup);
-      if (EFI_ERROR (Status)) {
-        return Status;
-      }
-      Status = HiiPopup->CreatePopup (
-                           HiiPopup,
-                           EfiHiiPopupStyleInfo,
-                           EfiHiiPopupTypeYesNo,
-                           Private->HiiHandle,
-                           STRING_TOKEN (STR_RESET_TO_DEFAULTS_POPUP),
-                           &UserSelection
-                           );
-      if (UserSelection == EfiHiiPopupSelectionYes) {
+    //case KEY_SECURE_BOOT_RESET_TO_DEFAULT:
+    case KEY_RESTORE_KEYS:
       Status = KeyEnrollReset();
-      }
-      //
       // Update secure boot strings after key reset
-      //
       if (Status == EFI_SUCCESS) {
         Status = UpdateSecureBootString(Private);
         SecureBootExtractConfigFromVariable(Private, IfrNvData);
+        // XXX: Is this safe?
+        gRT->ResetSystem(EfiResetCold, Status, 0, NULL);
       }
-    }
+      break;
     default:
       break;
     }

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h

@@ -119,6 +119,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #define PE_IMAGE_FILE_TYPE                    2
 #define AUTHENTICATION_2_FILE_TYPE            3
 
+#define FORMID_SECURE_BOOT_ENABLE           0x101
+#define FORMID_SECURE_BOOT_DISABLE          0x102
+#define FORMID_DELETE_KEYS                  0x103
+#define FORMID_RESTORE_KEYS                 0x104
+#define KEY_SECURE_BOOT_STATE_ENABLE        0x1120
+#define KEY_SECURE_BOOT_STATE_DISABLE       0x1121
+#define KEY_DELETE_KEYS                     0x1122
+#define KEY_RESTORE_KEYS                    0x1123
+
 //
 // Nv Data structure referenced by IFR
 //

SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigStrings.uni

@@ -138,3 +138,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #string STR_SIGNATURE_DATA_HELP_FORMAT_TIME       #language en-US "Revocation Time:\n%s"
 
 #string STR_SIGNATURE_DELETE_ALL_CONFIRM          #language en-US "Press 'Y' to delete all signature List."
+
+#string STR_SECURE_BOOT_ENABLE_PROMPT           #language en-US "Enable Secure Boot"
+#string STR_SECURE_BOOT_DISABLE_PROMPT          #language en-US "Disable Secure Boot"
+#string STR_DELETE_KEYS_PROMPT                  #language en-US "Delete System76 and Microsoft keys (Use your own)"
+#string STR_RESTORE_KEYS_PROMPT                 #language en-US "Restore System76 and Microsoft keys"
+
+#string STR_ENABLE_NOTICE               #language en-US "An operating system that includes Secure Boot support is required.\r\nDisable Secure Boot if your operating system does not boot."
+#string STR_ENABLE_SELECTION            #language en-US "Enable Secure Boot and reboot"
+#string STR_DISABLE_NOTICE              #language en-US "Disabling Secure Boot allows non-verified operating systems to boot\r\nand may disable some operating system security features."
+#string STR_DISABLE_SELECTION           #language en-US "Disable Secure Boot and reboot"
+#string STR_DELETE_KEYS_NOTICE          #language en-US "System and Microsoft keys will be deleted. Enroll custom keys from your\r\noperating system. Check your OS documentation for details. To facilitate\nsetup, Secure Boot is disabled until you manually activate it."
+#string STR_DELETE_KEYS_SELECTION       #language en-US "Delete System76 and Microsoft keys and restart"
+#string STR_RESTORE_KEYS_NOTICE         #language en-US "Restoring System76 and Microsoft keys will remove any custom keys you\r\nhave installed and may make your OS unbootable. Disable Secure Boot if\nyour operating system does not boot."
+#string STR_RESTORE_KEYS_SELECTION      #language en-US "Restore System76 and Microsoft keys and restart"
+#string STR_CANCEL                      #language en-US "Cancel"

System76Pkg/Ec/Fmp/EcFmp.dsc

@@ -0,0 +1,21 @@
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: 2023 System76, Inc.
+
+FmpDevicePkg/FmpDxe/FmpDxe.inf {
+  <Defines>
+    FILE_GUID = $(EC_FMP_ESRT_GUID)
+  <PcdsFixedAtBuild>
+    gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceImageIdName|L"System76 EC"
+    gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceBuildTimeLowestSupportedVersion|0
+    gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressWatchdogTimeInSeconds|0
+    gFmpDevicePkgTokenSpaceGuid.PcdFmpDeviceProgressColor|0x00FBB86C
+  <LibraryClasses>
+    FmpPayloadHeaderLib|FmpDevicePkg/Library/FmpPayloadHeaderLibV1/FmpPayloadHeaderLibV1.inf
+    FmpAuthenticationLib|MdeModulePkg/Library/FmpAuthenticationLibNull/FmpAuthenticationLibNull.inf
+    FmpDependencyLib|FmpDevicePkg/Library/FmpDependencyLib/FmpDependencyLib.inf
+    FmpDependencyCheckLib|FmpDevicePkg/Library/FmpDependencyCheckLibNull/FmpDependencyCheckLibNull.inf
+    FmpDependencyDeviceLib|FmpDevicePkg/Library/FmpDependencyDeviceLibNull/FmpDependencyDeviceLibNull.inf
+    CapsuleUpdatePolicyLib|FmpDevicePkg/Library/CapsuleUpdatePolicyLibNull/CapsuleUpdatePolicyLibNull.inf
+
+    FmpDeviceLib|System76Pkg/Ec/Fmp/EcFmpLib.inf
+}

System76Pkg/Ec/Fmp/EcFmpLib.c

@@ -0,0 +1,241 @@
+// SPDX-License-Identifier: MPL-2.0
+// SPDX-FileCopyrightText: 2023 System76, Inc.
+
+#include <Guid/SystemResourceTable.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/FmpDeviceLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <LastAttemptStatus.h>
+
+#define US_PER_MS 1000
+
+EFI_STATUS
+EFIAPI
+RegisterFmpInstaller(
+    IN FMP_DEVICE_LIB_REGISTER_FMP_INSTALLER FmpInstaller
+) {
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+RegisterFmpUninstaller(
+    IN FMP_DEVICE_LIB_REGISTER_FMP_UNINSTALLER FmpUninstaller
+) {
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceSetContext(
+    IN EFI_HANDLE Handle,
+    IN OUT VOID **Context
+) {
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetSize(
+    OUT UINTN *Size
+) {
+    if (!Size)
+        return EFI_INVALID_PARAMETER;
+
+    // TODO
+    *Size = 128 * 1024;
+    return EFI_SUCCESS;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetImageTypeIdGuidPtr(
+    OUT EFI_GUID **Guid
+) {
+    if (!Guid)
+        return EFI_INVALID_PARAMETER;
+
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetAttributes(
+    OUT UINT64 *Supported,
+    OUT UINT64 *Setting
+) {
+    if (!Supported || !Setting)
+        return EFI_INVALID_PARAMETER;
+
+    *Supported = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE
+        | IMAGE_ATTRIBUTE_RESET_REQUIRED
+        | IMAGE_ATTRIBUTE_IN_USE;
+
+    *Setting = IMAGE_ATTRIBUTE_IMAGE_UPDATABLE
+        | IMAGE_ATTRIBUTE_RESET_REQUIRED
+        | IMAGE_ATTRIBUTE_IN_USE;
+
+    return EFI_SUCCESS;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetLowestSupportedVersion(
+    OUT UINT32 *LowestSupportedVersion
+) {
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetVersionString(
+    OUT CHAR16 **VersionString
+) {
+    if (!VersionString)
+        return EFI_INVALID_PARAMETER;
+
+    // TODO
+    *VersionString = AllocatePool(sizeof(L"0.3"));
+    if (!(*VersionString))
+        return EFI_OUT_OF_RESOURCES;
+
+    CopyMem(VersionString, L"0.3", sizeof(L"0.3"));
+
+    //*VersionString = NULL;
+    return EFI_SUCCESS;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetVersion(
+    OUT UINT32 *Version
+) {
+    if (!Version)
+        return EFI_INVALID_PARAMETER;
+
+    // TODO
+    *Version = 3;
+    return EFI_SUCCESS;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetHardwareInstance(
+    OUT UINT64 *HardwareInstance
+) {
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceGetImage(
+    OUT VOID *Image,
+    IN OUT UINTN *ImageSize
+) {
+    // TODO
+    return EFI_UNSUPPORTED;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceCheckImageWithStatus(
+    IN CONST VOID *Image,
+    IN UINTN ImageSize,
+    OUT UINT32 *ImageUpdatable,
+    OUT UINT32 *LastAttemptStatus
+) {
+    if (!LastAttemptStatus)
+        return EFI_INVALID_PARAMETER;
+
+    *LastAttemptStatus = LAST_ATTEMPT_STATUS_DEVICE_LIBRARY_MIN_ERROR_CODE_VALUE;
+
+    if (!ImageUpdatable  || !Image)
+        return EFI_INVALID_PARAMETER;
+
+    // TODO:
+    *LastAttemptStatus = LAST_ATTEMPT_STATUS_SUCCESS;
+    return EFI_SUCCESS;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceCheckImage(
+    IN CONST VOID *Image,
+    IN UINTN ImageSize,
+    OUT UINT32 *ImageUpdatable
+) {
+    UINT32 LastAttemptStatus;
+
+    return FmpDeviceCheckImageWithStatus(Image, ImageSize, ImageUpdatable, &LastAttemptStatus);
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceSetImageWithStatus (
+    IN CONST VOID *Image,
+    IN UINTN ImageSize,
+    IN CONST VOID *VendorCode, OPTIONAL
+    IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OPTIONAL
+    IN UINT32 CapsuleFwVersion,
+    OUT CHAR16 **AbortReason,
+    OUT UINT32 *LastAttemptStatus
+) {
+    // TODO
+    EFI_STATUS Status = EFI_SUCCESS;
+    UINT32 Updateable = 0;
+
+    Status = FmpDeviceCheckImageWithStatus(Image, ImageSize, &Updateable, LastAttemptStatus);
+    if (EFI_ERROR(Status)) {
+        goto cleanup;
+    }
+
+    if (Updateable != IMAGE_UPDATABLE_VALID) {
+        Status = EFI_ABORTED;
+        goto cleanup;
+    }
+
+    if (Progress == NULL) {
+        Status = EFI_INVALID_PARAMETER;
+        goto cleanup;
+    }
+
+    gBS->Stall (3000 * US_PER_MS);
+    Progress(15);
+    gBS->Stall (2000 * US_PER_MS);
+
+    for (int p = 20; p < 100; p++) {
+        gBS->Stall (100 * US_PER_MS);
+        Progress (p);
+    }
+
+cleanup:
+    if (EFI_ERROR (Status)) {
+      *LastAttemptStatus = LAST_ATTEMPT_STATUS_DEVICE_LIBRARY_MIN_ERROR_CODE_VALUE;
+    }
+
+    return Status;
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceSetImage(
+    IN CONST VOID *Image,
+    IN UINTN ImageSize,
+    IN CONST VOID *VendorCode, OPTIONAL
+    IN EFI_FIRMWARE_MANAGEMENT_UPDATE_IMAGE_PROGRESS Progress, OPTIONAL
+    IN UINT32 CapsuleFwVersion,
+    OUT CHAR16 **AbortReason
+) {
+    UINT32 LastAttemptStatus;
+
+    return FmpDeviceSetImageWithStatus(Image, ImageSize, VendorCode, Progress, CapsuleFwVersion, AbortReason, &LastAttemptStatus);
+}
+
+EFI_STATUS
+EFIAPI
+FmpDeviceLock(
+    VOID
+) {
+    return EFI_UNSUPPORTED;
+}

System76Pkg/Ec/Fmp/EcFmpLib.inf

@@ -0,0 +1,20 @@
+# SPDX-License-Identifier: MPL-2.0
+# SPDX-FileCopyrightText: 2023 System76, Inc.
+
+[Defines]
+  INF_VERSION = 1.27
+  BASE_NAME = EcFmpLib
+  FILE_GUID = 760B7155-99F7-4E8E-8C07-D38A75F54C54
+  MODULE_TYPE = DXE_DRIVER
+  VERSION_STRING = 0.1
+  LIBRARY_CLASS = FmpDeviceLib|DXE_DRIVER
+
+[Sources]
+  EcFmpLib.c
+
+[Packages]
+  MdePkg/MdePkg.dec
+  FmpDevicePkg/FmpDevicePkg.dec
+
+[LibraryClasses]
+  UefiBootServicesTableLib

UefiPayloadPkg/Library/PlatformBootManagerLib/PlatformBootManager.c

@@ -192,6 +192,14 @@ PlatformBootManagerBeforeConsole (
   PlatformConsoleInit ();
 }
 
+// GUID for System76 security driver
+EFI_GUID SYSTEM76_SECURITY_PROTOCOL_GUID = {0x764247c4, 0xa859, 0x4a6b, {0xb5, 0x00, 0xed, 0x5d, 0x7a, 0x70, 0x7d, 0xd4}};
+
+typedef struct  {
+  // Run System76 security driver, will return true if we should boot immediately
+  BOOLEAN (EFIAPI *Run)();
+} SYSTEM76_SECURITY_PROTOCOL;
+
 /**
   Do the platform specific action after the console is connected.
 
@@ -210,6 +218,8 @@ PlatformBootManagerAfterConsole (
 {
   EFI_GRAPHICS_OUTPUT_BLT_PIXEL  Black;
   EFI_GRAPHICS_OUTPUT_BLT_PIXEL  White;
+  EFI_STATUS Status;
+  SYSTEM76_SECURITY_PROTOCOL * system76_security;
 
   if (mUniversalPayloadPlatformBootManagerOverrideInstance != NULL){
     mUniversalPayloadPlatformBootManagerOverrideInstance->AfterConsole();
@@ -249,6 +259,16 @@ PlatformBootManagerAfterConsole (
 
   // Inject boot logo into BGRT table
   AddBGRT();
+
+  // If System76 security driver is installed
+  Status = gBS->LocateProtocol (&SYSTEM76_SECURITY_PROTOCOL_GUID, NULL, (VOID **) &system76_security);
+  if (!EFI_ERROR(Status)) {
+      // Run System76 security driver
+      if (system76_security->Run ()) {
+          // Skip boot timeout if requested
+          PcdSet16S (PcdPlatformBootTimeOut, 0);
+      }
+  }
 }
 
 /**

UefiPayloadPkg/UefiPayloadPkg.dsc

@@ -112,6 +112,9 @@
   DEFINE SECURE_BOOT_ENABLE           = FALSE
   DEFINE TPM_ENABLE                   = FALSE
 
+  # FMP
+  DEFINE EC_FMP_ESRT_GUID = 76FFAC81-FDE6-464D-A6D9-84BDD9EE522D
+
 [BuildOptions]
   *_*_*_CC_FLAGS                 = -D DISABLE_NEW_DEPRECATED_INTERFACES
   GCC:*_UNIXGCC_*_CC_FLAGS       = -DMDEPKG_NDEBUG
@@ -206,13 +209,16 @@
   UefiUsbLib|MdePkg/Library/UefiUsbLib/UefiUsbLib.inf
   UefiScsiLib|MdePkg/Library/UefiScsiLib/UefiScsiLib.inf
   OemHookStatusCodeLib|MdeModulePkg/Library/OemHookStatusCodeLibNull/OemHookStatusCodeLibNull.inf
-  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
   SecurityManagementLib|MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
   UefiBootManagerLib|MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf
   BootLogoLib|MdeModulePkg/Library/BootLogoLib/BootLogoLib.inf
   CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
   FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
 
+  # FMP Capsule
+  BmpSupportLib|MdeModulePkg/Library/BaseBmpSupportLib/BaseBmpSupportLib.inf
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
+
   #
   # CPU
   #
@@ -346,6 +352,9 @@
   Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
 !endif
 
+  # FMP Capsule
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeCapsuleLib.inf
+
 [LibraryClasses.common.DXE_RUNTIME_DRIVER]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
@@ -364,6 +373,9 @@
   AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
 !endif
 
+  # FMP Capsule
+  CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibFmp/DxeRuntimeCapsuleLib.inf
+
 [LibraryClasses.common.UEFI_DRIVER,LibraryClasses.common.UEFI_APPLICATION]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
   MemoryAllocationLib|MdePkg/Library/UefiMemoryAllocationLib/UefiMemoryAllocationLib.inf
@@ -402,6 +414,10 @@
   # Disable MTRR programming
   gUefiCpuPkgTokenSpaceGuid.PcdCpuDisableMtrrProgramming|TRUE
 
+  # Enable Capsule On Disk support
+  # NOTE: Capsule in RAM is enabled, so UpdateCapsule will still be called
+  gEfiMdeModulePkgTokenSpaceGuid.PcdCapsuleOnDiskSupport|TRUE
+
 [PcdsPatchableInModule.common]
   gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
   gEfiMdePkgTokenSpaceGuid.PcdReportStatusCodePropertyMask|0x7
@@ -563,7 +579,6 @@
   MdeModulePkg/Universal/Metronome/Metronome.inf
   MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
   MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
-  MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
   MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
 !if $(DISABLE_RESET_SYSTEM) == FALSE
   MdeModulePkg/Universal/ResetSystemRuntimeDxe/ResetSystemRuntimeDxe.inf
@@ -706,6 +721,14 @@
   }
 !endif
 
+  #
+  # Firmware update
+  #
+  MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf
+  MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+
+  !include System76Pkg/Ec/Fmp/EcFmp.dsc
+
   #------------------------------
   #  Build the shell
   #------------------------------

UefiPayloadPkg/UefiPayloadPkg.fdf

@@ -113,7 +113,6 @@ INF PcAtChipsetPkg/HpetTimerDxe/HpetTimerDxe.inf
 INF MdeModulePkg/Universal/Metronome/Metronome.inf
 INF MdeModulePkg/Universal/WatchdogTimerDxe/WatchdogTimer.inf
 INF MdeModulePkg/Core/RuntimeDxe/RuntimeDxe.inf
-INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
 INF MdeModulePkg/Universal/MonotonicCounterRuntimeDxe/MonotonicCounterRuntimeDxe.inf
 
 !if $(DISABLE_RESET_SYSTEM) == FALSE
@@ -260,11 +259,13 @@ INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
   }
 
   FILE FREEFORM = 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
-    SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/kek.crt
+    SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/kek-system76.crt
+    SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/kek-microsoft.crt
     SECTION UI = "KEK Default"
   }
 
   FILE FREEFORM = c491d352-7623-4843-accc-2791a7574421 {
+    SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/db-system76.crt
     SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/db-1.crt
     SECTION RAW = UefiPayloadPkg/SecureBootEnrollDefaultKeys/keys/db-2.crt
     SECTION UI = "DB Default"
@@ -276,6 +277,13 @@ INF SecurityPkg/RandomNumberGenerator/RngDxe/RngDxe.inf
   }
 !endif
 
+#
+# Firmware update
+#
+INF MdeModulePkg/Universal/EsrtFmpDxe/EsrtFmpDxe.inf
+INF MdeModulePkg/Universal/CapsuleRuntimeDxe/CapsuleRuntimeDxe.inf
+INF FILE_GUID = $(EC_FMP_ESRT_GUID) FmpDevicePkg/FmpDxe/FmpDxe.inf
+
 #
 # Shell
 #