From a2f2c258d43f506b93b4a13a5c82d0200465df92 Mon Sep 17 00:00:00 2001 From: sfu5 Date: Fri, 12 Apr 2013 01:44:54 +0000 Subject: =?UTF-8?q?Update=20secure=20boot=20UI=20driver=20to=20handle=20?= =?UTF-8?q?=E2=80=9Creset=20to=20default=E2=80=9D=20hot=20key.=20Signed-of?= =?UTF-8?q?f-by:=20Fu=20Siyuan=20=20Reviewed-by:=20Ye?= =?UTF-8?q?=20Ting=20=20Reviewed-by:=20Yao=20Jiewen=20?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14257 6f19259b-4bc3-4df7-8a09-765794883524 --- .../SecureBootConfigDxe/SecureBootConfig.vfr | 2 + .../SecureBootConfigDxe/SecureBootConfigImpl.c | 44 +++++++++++++++++++++- .../SecureBootConfigDxe/SecureBootConfigNvData.h | 1 + 3 files changed, 46 insertions(+), 1 deletion(-) (limited to 'SecurityPkg/VariableAuthenticated') diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr index ae4b71bffd..656befbb44 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfig.vfr @@ -43,8 +43,10 @@ formset // suppressif TRUE; checkbox varid = SECUREBOOT_CONFIGURATION.HideSecureBoot, + questionid = KEY_HIDE_SECURE_BOOT, prompt = STRING_TOKEN(STR_NULL), help = STRING_TOKEN(STR_NULL), + flags = INTERACTIVE, endcheckbox; endif; diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c index 51da86b6fd..3084f3364e 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c @@ -2378,6 +2378,11 @@ SecureBootRouteConfig ( OUT EFI_STRING *Progress ) { + UINT8 *SecureBootEnable; + SECUREBOOT_CONFIGURATION IfrNvData; + UINTN BufferSize; + EFI_STATUS Status; + if (Configuration == NULL || Progress == NULL) { return EFI_INVALID_PARAMETER; } @@ -2387,6 +2392,31 @@ SecureBootRouteConfig ( return EFI_NOT_FOUND; } + BufferSize = sizeof (SECUREBOOT_CONFIGURATION); + Status = gHiiConfigRouting->ConfigToBlock ( + gHiiConfigRouting, + Configuration, + (UINT8 *)&IfrNvData, + &BufferSize, + Progress + ); + if (EFI_ERROR (Status)) { + return Status; + } + + // + // Store Buffer Storage back to EFI variable if needed + // + SecureBootEnable = NULL; + GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL); + if (NULL != SecureBootEnable) { + FreePool (SecureBootEnable); + Status = SaveSecureBootVariable (IfrNvData.AttemptSecureBoot); + if (EFI_ERROR (Status)) { + return Status; + } + } + *Progress = Configuration + StrLen (Configuration); return EFI_SUCCESS; } @@ -2445,7 +2475,8 @@ SecureBootCallback ( if ((Action != EFI_BROWSER_ACTION_CHANGED) && (Action != EFI_BROWSER_ACTION_CHANGING) && - (Action != EFI_BROWSER_ACTION_FORM_CLOSE)) { + (Action != EFI_BROWSER_ACTION_FORM_CLOSE) && + (Action != EFI_BROWSER_ACTION_DEFAULT_STANDARD)) { return EFI_UNSUPPORTED; } @@ -2733,6 +2764,17 @@ SecureBootCallback ( } break; } + } else if (Action == EFI_BROWSER_ACTION_DEFAULT_STANDARD) { + if (QuestionId == KEY_HIDE_SECURE_BOOT) { + GetVariable2 (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID**)&SecureBootEnable, NULL); + if (SecureBootEnable == NULL) { + IfrNvData->HideSecureBoot = TRUE; + } else { + FreePool (SecureBootEnable); + IfrNvData->HideSecureBoot = FALSE; + } + Value->b = IfrNvData->HideSecureBoot; + } } else if (Action == EFI_BROWSER_ACTION_FORM_CLOSE) { // // Force the platform back to Standard Mode once user leave the setup screen. diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h index ea43192900..c15869a625 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigNvData.h @@ -55,6 +55,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define KEY_VALUE_NO_SAVE_AND_EXIT_KEK 0x1009 #define KEY_VALUE_SAVE_AND_EXIT_DBX 0x100a #define KEY_VALUE_NO_SAVE_AND_EXIT_DBX 0x100b +#define KEY_HIDE_SECURE_BOOT 0x100c #define KEY_SECURE_BOOT_OPTION 0x1100 #define KEY_SECURE_BOOT_PK_OPTION 0x1101 -- cgit v1.2.3