From nobody Mon Feb  9 20:13:07 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+77775+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+77775+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1626265829; cv=none;
	d=zohomail.com; s=zohoarc;
	b=m+CPjYzNGhVWK2Lv2vPTHga/GmE+AysDD10i2vAPitOT3Z0vVrsOsrFMV3RXOYr5LOKMfFj+4HLXeWDD+kuuWeNJdNNxC8sNBwe90GWhKplBS7WLCqBlQ6gw29TASGFLRmB48jEuTro4PoFgliTovND4O0IptFqZTGvTUzSwjrE=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1626265829;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=cIp8YEnQi0saoAUKxJtnGanSlbbBHBL3q8rCFZUARoY=;
	b=a2+Vtlj5/qi/yFRO/Glry1WSacsGpeaNXAZiLkgm7NuB6TOvZaUfjUJCL+WmSI+8GF72OiryDt+eJ3GdJ6siiKGLf71RHIqKJqIR/M7we1guM/18pf3H/X//1xyV5oXccqHdypVWWgmkcO9D+wCicD1E674Xw+BAo50QkkHntD0=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+77775+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1626265829340151.55445541217352;
 Wed, 14 Jul 2021 05:30:29 -0700 (PDT)
Return-Path: <bounce+27952+77775+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 7oMEYY1788612xh6cfq78Gxq;
 Wed, 14 Jul 2021 05:30:27 -0700
X-Received: from mail-lf1-f45.google.com (mail-lf1-f45.google.com
 [209.85.167.45])
 by mx.groups.io with SMTP id smtpd.web08.5957.1626265826146611864
 for <devel@edk2.groups.io>;
 Wed, 14 Jul 2021 05:30:26 -0700
X-Received: by mail-lf1-f45.google.com with SMTP id n14so3281366lfu.8
        for <devel@edk2.groups.io>; Wed, 14 Jul 2021 05:30:25 -0700 (PDT)
X-Gm-Message-State: qlLjZ5cxcUbmd6R9Xtt4j6HXx1787277AA=
X-Google-Smtp-Source: 
 ABdhPJyLjT2ZTpetBmwyGBSYvqw95fj0TLgqLuksf5Qt9FoaavA3hHSNNIvzOJ/vLmPf9+SUd+f0sQ==
X-Received: by 2002:a05:6512:3e21:: with SMTP id
 i33mr344478lfv.32.1626265824283;
        Wed, 14 Jul 2021 05:30:24 -0700 (PDT)
X-Received: from gilgamesh.lab.semihalf.net ([83.142.187.85])
        by smtp.gmail.com with ESMTPSA id j2sm224846ljc.49.2021.07.14.05.30.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Wed, 14 Jul 2021 05:30:23 -0700 (PDT)
From: "Grzegorz Bernacki" <gjb@semihalf.com>
To: devel@edk2.groups.io
Cc: leif@nuviainc.com,
	ardb+tianocore@kernel.org,
	Samer.El-Haj-Mahmoud@arm.com,
	sunny.Wang@arm.com,
	mw@semihalf.com,
	upstream@semihalf.com,
	jiewen.yao@intel.com,
	jian.j.wang@intel.com,
	min.m.xu@intel.com,
	lersek@redhat.com,
	sami.mujawar@arm.com,
	afish@apple.com,
	ray.ni@intel.com,
	jordan.l.justen@intel.com,
	rebecca@bsdio.com,
	grehan@freebsd.org,
	thomas.abraham@arm.com,
	chasel.chiu@intel.com,
	nathaniel.l.desimone@intel.com,
	gaoliming@byosoft.com.cn,
	eric.dong@intel.com,
	michael.d.kinney@intel.com,
	zailiang.sun@intel.com,
	yi.qian@intel.com,
	graeme@nuviainc.com,
	rad@semihalf.com,
	pete@akeo.ie,
	Grzegorz Bernacki <gjb@semihalf.com>,
	Sunny Wang <sunny.wang@arm.com>
Subject: [edk2-devel] [PATCH v6 07/11] ArmPlatformPkg: Create include file for
 default key content.
Date: Wed, 14 Jul 2021 14:29:48 +0200
Message-Id: <20210714122952.1340890-8-gjb@semihalf.com>
In-Reply-To: <20210714122952.1340890-1-gjb@semihalf.com>
References: <20210714122952.1340890-1-gjb@semihalf.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,gjb@semihalf.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1626265827;
 bh=j7jzxeOAsjOrDWylWzhdJWOqlfAkETzRw9WUp070sl4=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=l7NItwbHyILISXJDV+FtpXMjaWFkMp7TEaCYq4TOl0Xi+xrUCxsYsFcS51S0ifr6TXa
 HnUU8+ePv4vtaviaASVfN6XAkibmmGKUzTFzDjECUsp3sMjjMAcmhKqN8WUN080EMlvNK
 8W5nMqjXdS3XZjUyHMJlwq5BvG1QYZ7kNJs=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1626265829978100001
Content-Type: text/plain; charset="utf-8"

This commits add file which can be included by platform Flash
Description File. It allows to specify certificate files, which
will be embedded into binary file. The content of these files
can be used to initialize Secure Boot default keys and databases.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
---
 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc | 70 ++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc

diff --git a/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc b/ArmPlatformPkg/=
SecureBootDefaultKeys.fdf.inc
new file mode 100644
index 0000000000..bf4f2d42de
--- /dev/null
+++ b/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
@@ -0,0 +1,70 @@
+## @file
+# FDF include file which allows to embed Secure Boot keys
+#
+#  Copyright (c) 2021, ARM Limited. All rights reserved.
+#  Copyright (c) 2021, Semihalf. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+
+!if $(DEFAULT_KEYS) =3D=3D TRUE
+  FILE FREEFORM =3D 85254ea7-4759-4fc4-82d4-5eed5fb0a4a0 {
+  !ifdef $(PK_DEFAULT_FILE)
+    SECTION RAW =3D $(PK_DEFAULT_FILE)
+  !endif
+    SECTION UI =3D "PK Default"
+  }
+
+  FILE FREEFORM =3D 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
+  !ifdef $(KEK_DEFAULT_FILE1)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE1)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE2)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE2)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE3)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "KEK Default"
+  }
+
+  FILE FREEFORM =3D c491d352-7623-4843-accc-2791a7574421 {
+  !ifdef $(DB_DEFAULT_FILE1)
+    SECTION RAW =3D $(DB_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE2)
+    SECTION RAW =3D $(DB_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE3)
+    SECTION RAW =3D $(DB_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DB Default"
+  }
+
+  FILE FREEFORM =3D 36c513ee-a338-4976-a0fb-6ddba3dafe87 {
+  !ifdef $(DBT_DEFAULT_FILE1)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE2)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE3)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DBT Default"
+  }
+
+  FILE FREEFORM =3D 5740766a-718e-4dc0-9935-c36f7d3f884f {
+  !ifdef $(DBX_DEFAULT_FILE1)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE2)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE3)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DBX Default"
+  }
+
+!endif
--=20
2.25.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#77775): https://edk2.groups.io/g/devel/message/77775
Mute This Topic: https://groups.io/mt/84200223/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-