From nobody Tue Feb 10 11:23:31 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of groups.io designates
 66.175.222.108 as permitted sender) client-ip=66.175.222.108;
 envelope-from=bounce+27952+78507+1787277+3901457@groups.io;
 helo=mail02.groups.io;
Authentication-Results: mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+78507+1787277+3901457@groups.io
ARC-Seal: i=1; a=rsa-sha256; t=1627901232; cv=none;
	d=zohomail.com; s=zohoarc;
	b=Cej1Qf2yhMB0piM7QISP7MUyEvAfHPFPdyCATDICut21OHZy1SD1Ar5V+g27u9IQAubXcNRSI6Y8bbp0GWK+FAZSlToGjiIEikwix2IwXRrLXxyCPMFdrhrjsjQgrUyosxiH4rfxhOfh5eSz1keihTV8VVs2wCXEg0yIcbBsnk4=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1627901232;
 h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To;
	bh=uItniSzrxIwHYQQKePF+PxU5EXuagUhk8I4CayjmMJA=;
	b=n2MyhYlHaFwh2aqUbJVKSlAub0eoD5ALxMYmpb+Xi701NYfxIka4uxkW/DV6tx30fDUZwS3dzOhlXv7qRQjtItpKTCef5Y02GjMWEKiOvAiEs1Htc6xIivsSwDkAhdGD3t7rjUdfAMHQRO6eOmpQx24x6Rv++6+HK1gduMr3vU4=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass;
	spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as
 permitted sender)  smtp.mailfrom=bounce+27952+78507+1787277+3901457@groups.io
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by
 mx.zohomail.com
	with SMTPS id 1627901232636717.3149358125048;
 Mon, 2 Aug 2021 03:47:12 -0700 (PDT)
Return-Path: <bounce+27952+78507+1787277+3901457@groups.io>
X-Received: by 127.0.0.2 with SMTP id 6eVqYY1788612x3ZqVo8jkXA;
 Mon, 02 Aug 2021 03:47:12 -0700
X-Received: from mail-lf1-f53.google.com (mail-lf1-f53.google.com
 [209.85.167.53])
 by mx.groups.io with SMTP id smtpd.web10.18276.1627901231509880635
 for <devel@edk2.groups.io>;
 Mon, 02 Aug 2021 03:47:11 -0700
X-Received: by mail-lf1-f53.google.com with SMTP id t9so19926499lfc.6
        for <devel@edk2.groups.io>; Mon, 02 Aug 2021 03:47:11 -0700 (PDT)
X-Gm-Message-State: ekUQ6nYqP7ZxFhmpCKsQ5IFSx1787277AA=
X-Google-Smtp-Source: 
 ABdhPJyZLpW7cui39N9hC9MWapNGQYjwCXzTcRp/20sm/3ITc9JJ56Db318Jnb1XuWJlPGF8Y+kFbg==
X-Received: by 2002:a19:6407:: with SMTP id y7mr12734650lfb.594.1627901229721;
        Mon, 02 Aug 2021 03:47:09 -0700 (PDT)
X-Received: from gilgamesh.lab.semihalf.net ([83.142.187.85])
        by smtp.gmail.com with ESMTPSA id
 t27sm570174lfl.302.2021.08.02.03.47.08
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 02 Aug 2021 03:47:09 -0700 (PDT)
From: "Grzegorz Bernacki" <gjb@semihalf.com>
To: devel@edk2.groups.io
Cc: leif@nuviainc.com,
	ardb+tianocore@kernel.org,
	Samer.El-Haj-Mahmoud@arm.com,
	sunny.Wang@arm.com,
	mw@semihalf.com,
	upstream@semihalf.com,
	jiewen.yao@intel.com,
	jian.j.wang@intel.com,
	min.m.xu@intel.com,
	lersek@redhat.com,
	sami.mujawar@arm.com,
	afish@apple.com,
	ray.ni@intel.com,
	jordan.l.justen@intel.com,
	rebecca@bsdio.com,
	grehan@freebsd.org,
	thomas.abraham@arm.com,
	chasel.chiu@intel.com,
	nathaniel.l.desimone@intel.com,
	gaoliming@byosoft.com.cn,
	eric.dong@intel.com,
	michael.d.kinney@intel.com,
	zailiang.sun@intel.com,
	yi.qian@intel.com,
	graeme@nuviainc.com,
	rad@semihalf.com,
	pete@akeo.ie,
	Grzegorz Bernacki <gjb@semihalf.com>,
	Sunny Wang <sunny.wang@arm.com>
Subject: [edk2-devel] [PATCH v8 07/11] ArmPlatformPkg: Create include file for
 default key content.
Date: Mon,  2 Aug 2021 12:46:29 +0200
Message-Id: <20210802104633.2833333-8-gjb@semihalf.com>
In-Reply-To: <20210802104633.2833333-1-gjb@semihalf.com>
References: <20210802104633.2833333-1-gjb@semihalf.com>
MIME-Version: 1.0
Precedence: Bulk
List-Unsubscribe: <mailto:devel+unsubscribe@edk2.groups.io>
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,gjb@semihalf.com
Content-Transfer-Encoding: quoted-printable
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io;
 q=dns/txt; s=20140610; t=1627901232;
 bh=nG4rr/Fh89nUhSpLWmQUHRtlIDIBf+fIOo09CMWjJUM=;
 h=Cc:Date:From:Reply-To:Subject:To;
 b=TmhkDYeAaQD5tV31g4YZopOYjl5tegUIvBRcEvnKu8MHU6FHfRNXquak/zO2/iSgcIi
 N2miNJMmJpnwtjJz9y5BtT0Y/cSluTiorMDbMfv0k2w+p2tOGxXKnvQ6sR6LqesGgIZsq
 /TO9ex21E50GUrv6pnOM+BdC5ab1Vr78cok=
X-ZohoMail-DKIM: pass (identity @groups.io)
X-ZM-MESSAGEID: 1627901232941100001
Content-Type: text/plain; charset="utf-8"

This commits add file which can be included by platform Flash
Description File. It allows to specify certificate files, which
will be embedded into binary file. The content of these files
can be used to initialize Secure Boot default keys and databases.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
---
 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc | 70 ++++++++++++++++++++
 1 file changed, 70 insertions(+)
 create mode 100644 ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc

diff --git a/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc b/ArmPlatformPkg/=
SecureBootDefaultKeys.fdf.inc
new file mode 100644
index 0000000000..bf4f2d42de
--- /dev/null
+++ b/ArmPlatformPkg/SecureBootDefaultKeys.fdf.inc
@@ -0,0 +1,70 @@
+## @file
+# FDF include file which allows to embed Secure Boot keys
+#
+#  Copyright (c) 2021, ARM Limited. All rights reserved.
+#  Copyright (c) 2021, Semihalf. All rights reserved.
+#
+#  SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+
+!if $(DEFAULT_KEYS) =3D=3D TRUE
+  FILE FREEFORM =3D 85254ea7-4759-4fc4-82d4-5eed5fb0a4a0 {
+  !ifdef $(PK_DEFAULT_FILE)
+    SECTION RAW =3D $(PK_DEFAULT_FILE)
+  !endif
+    SECTION UI =3D "PK Default"
+  }
+
+  FILE FREEFORM =3D 6f64916e-9f7a-4c35-b952-cd041efb05a3 {
+  !ifdef $(KEK_DEFAULT_FILE1)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE1)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE2)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE2)
+  !endif
+  !ifdef $(KEK_DEFAULT_FILE3)
+    SECTION RAW =3D $(KEK_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "KEK Default"
+  }
+
+  FILE FREEFORM =3D c491d352-7623-4843-accc-2791a7574421 {
+  !ifdef $(DB_DEFAULT_FILE1)
+    SECTION RAW =3D $(DB_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE2)
+    SECTION RAW =3D $(DB_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DB_DEFAULT_FILE3)
+    SECTION RAW =3D $(DB_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DB Default"
+  }
+
+  FILE FREEFORM =3D 36c513ee-a338-4976-a0fb-6ddba3dafe87 {
+  !ifdef $(DBT_DEFAULT_FILE1)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE2)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBT_DEFAULT_FILE3)
+    SECTION RAW =3D $(DBT_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DBT Default"
+  }
+
+  FILE FREEFORM =3D 5740766a-718e-4dc0-9935-c36f7d3f884f {
+  !ifdef $(DBX_DEFAULT_FILE1)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE1)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE2)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE2)
+  !endif
+  !ifdef $(DBX_DEFAULT_FILE3)
+    SECTION RAW =3D $(DBX_DEFAULT_FILE3)
+  !endif
+    SECTION UI =3D "DBX Default"
+  }
+
+!endif
--=20
2.25.1



-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#78507): https://edk2.groups.io/g/devel/message/78507
Mute This Topic: https://groups.io/mt/84608361/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-