Updating the Microsoft License [Rebase & FF]

Readme.md

@@ -25,7 +25,6 @@ to see one example on how to easily integrate these binaries into your
 platform. The EDKII build system even supports easily appending to the default
 values suggested by Microsoft!
 
-
 This is just one suggested way of consuming the binary objects. There are of
 course plenty of others, such as storing them as a Freeform Ffs file in an
 FV.
@@ -115,3 +114,56 @@ For each file in the toml file, the script supports the following entries:
    Included in the readme if provided
 3. `sha1 (Optional<str>)`: The sha1 hash of the file. Included in the readme
    if provided.
+
+## License
+
+Terms of Use for Microsoft Secure Boot Objects ("Secure Boot Objects")
+
+By downloading the Secure Boot Objects, you agree to the following terms.
+If you do not accept them, do not download or use the Secure Boot Objects.
+
+These terms do not provide you with any legal rights to any intellectual
+property in any Microsoft product.
+
+You may copy and use the Secure Boot Objects for your internal, reference
+purposes and to design, develop, and test your software, firmware or hardware,
+as applicable; and you may distribute the Secure Boot Objects to end users
+solely as part of the distribution of an operating system software product, or
+as part of the distribution of updates to an operating system software product;
+and you may distribute the Secure Boot Objects to end users or through your
+distribution channels solely as embodied in a firmware product or hardware
+product that embodies nontrivial additional functionality. Without limiting the
+foregoing, copying or reproduction of the Secure Boot Objects to any other
+server or location for further reproduction or redistribution on a standalone
+basis is expressly prohibited.
+
+If you are engaged in the business of developing and commercializing hardware
+products that include the UEFI standard
+(available at <https://uefi.org/specifications>), you may copy and use the Secure
+Boot Objects for your internal, reference purposes and to design, develop, and
+test your software; and you may distribute the Secure Boot Objects end users
+solely as part of the distribution of an operating system software product, or
+as part of the distribution of updates to an operating system software product.
+Without limiting the foregoing, copying or reproduction of the Secure Boot
+Objects to any other server or location for further reproduction or
+redistribution on a standalone basis is expressly prohibited.
+The Secure Boot Objects are provided “as-is.” The information contained in the
+Secure Boot Objects may change without notice.  Microsoft does not represent
+that the Secure Boot Objects is error free and you bear the entire risk of
+using it.  NEITHER MICROSOFT NOR UEFI MAKES ANY WARRANTIES, EXPRESS OR IMPLIED,
+WITH RESPECT TO THE SECURE BOOT OBJECTS, AND MICROSOFT AND UEFI EACH EXPRESSLY
+DISCLAIMS ALL OTHER EXPRESS, IMPLIED, OR STATUTORY WARRANTIES.  THIS INCLUDES
+THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
+NON-INFRINGEMENT.
+
+TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL MICROSOFT
+OR UEFI BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
+DAMAGES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THE USE OR DISTRIBUTION
+OF THE SECURE BOOT OBJECTS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION.
+
+YOU AGREE TO RELEASE MICROSOFT (INCLUDING ITS AFFLIATES, CONTRACTORS, AGENTS,
+EMPLOYEES, LICENSEES AND ASSIGNEES) AND UEFI (INCLUDING ITS AFFILIATES,
+CONTRACTORS, AGENTS, EMPLOYEES, LICENSEES AND SUCCESSORS) FROM ANY AND ALL
+CLAIMS OR LIABILITY ARISING OUT OF YOUR USE OR DISTRIBUTION OF THE SECURE
+BOOT OBJECTS AND ANY RELATED INFORMATION.

keystore/keystore.toml

@@ -13,7 +13,6 @@ help = "Contains the Microsoft PK to enable signature database updates and binar
 
 [[DefaultPk.files]]
 path = "keystore/Pk/WindowsOEMDevicesPK.der"
-url = "<TODO: Update when there is a public URL>"
 sha1 = 0x3D8660C0CB2D57B189C3D7995572A552F75E48B5
 
 ############################

scripts/secure_boot_default_keys.py

@@ -281,6 +281,63 @@ def create_readme(keystore: dict, arch: str) -> str:
                 continue
             if file_dict.get("url", None) is not None:
                 readme += f"* <{file_dict['url']}>\n"
+
+    readme += "\n---\n\n"
+
+    readme += """## License
+
+Terms of Use for Microsoft Secure Boot Objects ("Secure Boot Objects")
+
+By downloading the Secure Boot Objects, you agree to the following terms.
+If you do not accept them, do not download or use the Secure Boot Objects.
+
+These terms do not provide you with any legal rights to any intellectual
+property in any Microsoft product.
+
+You may copy and use the Secure Boot Objects for your internal, reference
+purposes and to design, develop, and test your software, firmware or hardware,
+as applicable; and you may distribute the Secure Boot Objects to end users
+solely as part of the distribution of an operating system software product, or
+as part of the distribution of updates to an operating system software product;
+and you may distribute the Secure Boot Objects to end users or through your
+distribution channels solely as embodied in a firmware product or hardware
+product that embodies nontrivial additional functionality. Without limiting the
+foregoing, copying or reproduction of the Secure Boot Objects to any other
+server or location for further reproduction or redistribution on a standalone
+basis is expressly prohibited.
+
+If you are engaged in the business of developing and commercializing hardware
+products that include the UEFI standard
+(available at https://uefi.org/specifications), you may copy and use the Secure
+Boot Objects for your internal, reference purposes and to design, develop, and
+test your software; and you may distribute the Secure Boot Objects end users
+solely as part of the distribution of an operating system software product, or
+as part of the distribution of updates to an operating system software product.
+Without limiting the foregoing, copying or reproduction of the Secure Boot
+Objects to any other server or location for further reproduction or
+redistribution on a standalone basis is expressly prohibited.
+The Secure Boot Objects are provided “as-is.” The information contained in the
+Secure Boot Objects may change without notice.  Microsoft does not represent
+that the Secure Boot Objects is error free and you bear the entire risk of
+using it.  NEITHER MICROSOFT NOR UEFI MAKES ANY WARRANTIES, EXPRESS OR IMPLIED,
+WITH RESPECT TO THE SECURE BOOT OBJECTS, AND MICROSOFT AND UEFI EACH EXPRESSLY
+DISCLAIMS ALL OTHER EXPRESS, IMPLIED, OR STATUTORY WARRANTIES.  THIS INCLUDES
+THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, TITLE AND
+NON-INFRINGEMENT.
+TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, IN NO EVENT SHALL MICROSOFT
+OR UEFI BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
+DAMAGES WHATSOEVER ARISING OUT OF OR IN CONNECTION WITH THE USE OR DISTRIBUTION
+OF THE SECURE BOOT OBJECTS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR
+OTHER TORTIOUS ACTION.
+
+YOU AGREE TO RELEASE MICROSOFT (INCLUDING ITS AFFLIATES, CONTRACTORS, AGENTS,
+EMPLOYEES, LICENSEES AND ASSIGNEES) AND UEFI (INCLUDING ITS AFFILIATES,
+CONTRACTORS, AGENTS, EMPLOYEES, LICENSEES AND SUCCESSORS) FROM ANY AND ALL
+CLAIMS OR LIABILITY ARISING OUT OF YOUR USE OR DISTRIBUTION OF THE SECURE
+BOOT OBJECTS AND ANY RELATED INFORMATION.""" # noqa: E501
+
+    readme += "\n"
+
     return bytes(readme, "utf-8")
 
 def main() -> int: