[build] Mark core files as permitted for UEFI Secure Boot

Mark all files used in a standard build of bin-x86_64-efi/snponly.efi
as permitted for UEFI Secure Boot.  These files represent the core
functionality of iPXE that is guaranteed to have been included in
every binary that was previously subject to a security review and
signed by Microsoft.  It is therefore legitimate to assume that at
least these files have already been reviewed to the required standard
multiple times.

Signed-off-by: Michael Brown <mcb30@ipxe.org>

src/arch/x86/core/cpuid.c

@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <string.h>
 #include <errno.h>

src/arch/x86/core/x86_string.c

@@ -28,6 +28,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <string.h>
 #include <config/defaults.h>

src/arch/x86/core/x86_tcpip.c

@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /** @file
  *

src/arch/x86/hci/commands/cpuid_cmd.c

@@ -22,6 +22,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <stdint.h>
 #include <stdio.h>

src/arch/x86/include/bits/acpi.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/rsdp.h>
 

src/arch/x86/include/bits/endian.h

@@ -2,6 +2,7 @@
 #define _BITS_ENDIAN_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #define __BYTE_ORDER __LITTLE_ENDIAN
 

src/arch/x86/include/bits/errfile.h

@@ -2,6 +2,7 @@
 #define _BITS_ERRFILE_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * @addtogroup errfile Error file identifiers

src/arch/x86/include/bits/io.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /** Page shift */
 #define PAGE_SHIFT 12

src/arch/x86/include/bits/iomap.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/iomap_pages.h>
 

src/arch/x86/include/bits/memmap.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/int15.h>
 

src/arch/x86/include/bits/nap.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/bios_nap.h>
 

src/arch/x86/include/bits/pci_io.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/pcibios.h>
 #include <ipxe/pcidirect.h>

src/arch/x86/include/bits/reboot.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/bios_reboot.h>
 

src/arch/x86/include/bits/sanboot.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/bios_sanboot.h>
 

src/arch/x86/include/bits/smbios.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/bios_smbios.h>
 

src/arch/x86/include/bits/string.h

@@ -25,6 +25,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /** @file
  *

src/arch/x86/include/bits/tcpip.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 extern uint16_t tcpip_continue_chksum ( uint16_t partial, const void *data,
 					size_t len );

src/arch/x86/include/bits/time.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/rtc_time.h>
 

src/arch/x86/include/ipxe/bios_nap.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef NAP_PCBIOS
 #define NAP_PREFIX_pcbios

src/arch/x86/include/ipxe/bios_reboot.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef REBOOT_PCBIOS
 #define REBOOT_PREFIX_pcbios

src/arch/x86/include/ipxe/bios_sanboot.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef SANBOOT_PCBIOS
 #define SANBOOT_PREFIX_pcbios

src/arch/x86/include/ipxe/bios_smbios.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef SMBIOS_PCBIOS
 #define SMBIOS_PREFIX_pcbios

src/arch/x86/include/ipxe/cpuid.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <stdint.h>
 

src/arch/x86/include/ipxe/int15.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef MEMMAP_INT15
 #define MEMMAP_PREFIX_int15

src/arch/x86/include/ipxe/iomap_pages.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef IOMAP_PAGES
 #define IOMAP_PREFIX_pages

src/arch/x86/include/ipxe/pcibios.h

@@ -10,6 +10,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef PCIAPI_PCBIOS
 #define PCIAPI_PREFIX_pcbios

src/arch/x86/include/ipxe/pcidirect.h

@@ -2,6 +2,7 @@
 #define _PCIDIRECT_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <stdint.h>
 #include <ipxe/io.h>

src/arch/x86/include/ipxe/rsdp.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef ACPI_RSDP
 #define ACPI_PREFIX_rsdp

src/arch/x86/include/ipxe/rtc_time.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef TIME_RTC
 #define TIME_PREFIX_rtc

src/arch/x86/include/ipxe/x86_io.h

@@ -16,6 +16,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #ifdef IOAPI_X86
 #define IOAPI_PREFIX_x86

src/arch/x86_64/include/bits/byteswap.h

@@ -10,6 +10,7 @@
 #include <stdint.h>
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 static inline __attribute__ (( always_inline, const )) uint16_t
 __bswap_variable_16 ( uint16_t x ) {

src/arch/x86_64/include/bits/compiler.h

@@ -2,6 +2,7 @@
 #define _BITS_COMPILER_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /** Dummy relocation type */
 #define RELOC_TYPE_NONE R_X86_64_NONE

src/arch/x86_64/include/bits/profile.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <stdint.h>
 

src/arch/x86_64/include/bits/stdint.h

@@ -2,6 +2,7 @@
 #define _BITS_STDINT_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 typedef __SIZE_TYPE__		size_t;
 typedef signed long		ssize_t;

src/arch/x86_64/include/bits/strings.h

@@ -2,6 +2,7 @@
 #define _BITS_STRINGS_H
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /**
  * Find first (i.e. least significant) set bit

src/arch/x86_64/include/ipxe/efi/dhcparch.h

@@ -8,6 +8,7 @@
  */
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 #include <ipxe/dhcp.h>
 

src/arch/x86_64/include/limits.h

@@ -2,6 +2,7 @@
 #define LIMITS_H	1
 
 FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+FILE_SECBOOT ( PERMITTED );
 
 /* Number of bits in a `char' */
 #define CHAR_BIT	8