Fix compilation of secureboot. Compile, but doesn't link yet.

This commit is contained in:
jief 2024-01-08 23:13:37 +01:00
parent 4ff4e37644
commit 539e26a97e
5 changed files with 167 additions and 50 deletions

View File

@ -0,0 +1,126 @@
/** @file
BDS Lib functions which relate with connect the device
Copyright (c) 2004 - 2008, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef PLATFORM_BDSCONNECT_H_
#define PLATFORM_BDSCONNECT_H_
#include <Platform.h> // Only use angled for Platform, else, xcode project won't compile
//#include "../include/Handle.h"
//#include "../Platform/Settings.h"
/**
This function will create all handles associate with every device
path node. If the handle associate with one device path node can not
be created success, then still give one chance to do the dispatch,
which load the missing drivers if possible.
@param DevicePathToConnect The device path which will be connected, it can be
a multi-instance device path
@retval EFI_SUCCESS All handles associate with every device path node
have been created
@retval EFI_OUT_OF_RESOURCES There is no resource to create new handles
@retval EFI_NOT_FOUND Create the handle associate with one device path
node failed
**/
EFI_STATUS
EFIAPI
BdsLibConnectDevicePath (
IN EFI_DEVICE_PATH_PROTOCOL *DevicePathToConnect
);
/**
This function will connect all current system handles recursively.
gBS->ConnectController() service is invoked for each handle exist in system handler buffer.
If the handle is bus type handler, all childrens also will be connected recursively
by gBS->ConnectController().
@retval EFI_SUCCESS All handles and it's child handle have been connected
@retval EFI_STATUS Error status returned by of gBS->LocateHandleBuffer().
**/
EFI_STATUS
EFIAPI
BdsLibConnectAllEfi (
void
);
/**
This function will disconnect all current system handles.
gBS->DisconnectController() is invoked for each handle exists in system handle buffer.
If handle is a bus type handle, all childrens also are disconnected recursively by
gBS->DisconnectController().
@retval EFI_SUCCESS All handles have been disconnected
@retval EFI_STATUS Error status returned by of gBS->LocateHandleBuffer().
**/
EFI_STATUS
EFIAPI
BdsLibDisconnectAllEfi (
void
);
EFI_STATUS ScanDeviceHandles(EFI_HANDLE ControllerHandle,
UINTN *HandleCount,
EFI_HANDLE **HandleBuffer,
UINT32 **HandleType);
EFI_STATUS BdsLibConnectMostlyAllEfi();
/**
Connects all drivers to all controllers.
This function make sure all the current system driver will manage
the corresponding controllers if have. And at the same time, make
sure all the system controllers have driver to manage it if have.
**/
void
EFIAPI
BdsLibConnectAllDriversToAllControllers (
void
);
/**
Connect the specific Usb device which match the short form device path,
and whose bus is determined by Host Controller (Uhci or Ehci).
@param HostControllerPI Uhci (0x00) or Ehci (0x20) or Both uhci and ehci
(0xFF)
@param RemainingDevicePath a short-form device path that starts with the first
element being a USB WWID or a USB Class device
path
@return EFI_INVALID_PARAMETER RemainingDevicePath is NULL pointer.
RemainingDevicePath is not a USB device path.
Invalid HostControllerPI type.
@return EFI_SUCCESS Success to connect USB device
@return EFI_NOT_FOUND Fail to find handle for USB controller to connect.
**/
EFI_STATUS
EFIAPI
BdsLibConnectUsbDevByShortFormDP(
IN UINT8 HostControllerPI,
IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath
);

View File

@ -111,7 +111,7 @@ void *GetSignatureDatabase(const wchar_t* DatabaseName,
const EFI_GUID& DatabaseGuid,
OUT UINTN * DatabaseSize);
EFI_STATUS SetSignatureDatabase(const wchar_t* DatabaseName,
const EFI_GUID& DatabaseGuid,
const GUID& DatabaseGuid,
IN void * Database,
IN UINTN DatabaseSize);

View File

@ -222,7 +222,7 @@ STATIC XBool EFIAPI
PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationStatus,
IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath)
{
CHAR16 *DevicePathStr;
XStringW DevicePathStr;
UINTN Index;
if ((AuthenticationStatus == NULL) || (DevicePath == NULL)) {
return false;
@ -235,13 +235,13 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt
case SECURE_BOOT_POLICY_WHITELIST:
// Check the white list for this image
DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr == NULL) {
DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.isEmpty() ) {
return false;
}
for (Index = 0; Index < gSettings.Boot.SecureBootWhiteList.size(); ++Index) {
if ((gSettings.Boot.SecureBootWhiteList[Index].notEmpty()) &&
(StriStr(DevicePathStr, gSettings.Boot.SecureBootWhiteList[Index].wc_str()) != NULL)) {
if ( gSettings.Boot.SecureBootWhiteList[Index].notEmpty() &&
DevicePathStr.contains(gSettings.Boot.SecureBootWhiteList[Index]) ) {
// White listed
*AuthenticationStatus = EFI_SUCCESS;
return true;
@ -251,13 +251,13 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt
case SECURE_BOOT_POLICY_BLACKLIST:
// Check the black list for this image
DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr == NULL) {
DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.isEmpty() ) {
return false;
}
for (Index = 0; Index < gSettings.Boot.SecureBootBlackList.size(); ++Index) {
if ((gSettings.Boot.SecureBootBlackList[Index].notEmpty()) &&
(StriStr(DevicePathStr, gSettings.Boot.SecureBootBlackList[Index].wc_str()) != NULL)) {
if ( gSettings.Boot.SecureBootBlackList[Index].notEmpty() &&
DevicePathStr.contains(gSettings.Boot.SecureBootBlackList[Index]) ) {
// Black listed
return true;
}
@ -266,22 +266,22 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt
return true;
case SECURE_BOOT_POLICY_USER:
DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr == NULL) {
DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.isEmpty() ) {
return false;
}
// Check the black list for this image
for (Index = 0; Index < gSettings.Boot.SecureBootBlackList.size(); ++Index) {
if ((gSettings.Boot.SecureBootBlackList[Index].notEmpty()) &&
(StriStr(DevicePathStr, gSettings.Boot.SecureBootBlackList[Index].wc_str()) != NULL)) {
if ( gSettings.Boot.SecureBootBlackList[Index].notEmpty() &&
DevicePathStr.contains(gSettings.Boot.SecureBootBlackList[Index]) ) {
// Black listed
return true;
}
}
// Check the white list for this image
for (Index = 0; Index < gSettings.Boot.SecureBootWhiteList.size(); ++Index) {
if ((gSettings.Boot.SecureBootWhiteList[Index].notEmpty()) &&
(StriStr(DevicePathStr, gSettings.Boot.SecureBootWhiteList[Index].wc_str()) != NULL)) {
if ( gSettings.Boot.SecureBootWhiteList[Index].notEmpty() &&
DevicePathStr.contains(gSettings.Boot.SecureBootWhiteList[Index]) ) {
// White listed
*AuthenticationStatus = EFI_SUCCESS;
return true;
@ -360,10 +360,9 @@ InternalFileAuthentication(IN CONST EFI_SECURITY_ARCH_PROTOCOL *This,
}
}
if (EFI_ERROR(Status)) {
CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr) {
DBG("VerifySecureBootImage(1): %s %ls\n", efiStrError(Status), DevicePathStr);
FreePool(DevicePathStr);
XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.notEmpty() ) {
DBG("VerifySecureBootImage(1): %s %ls\n", efiStrError(Status), DevicePathStr.wc_str());
}
}
return Status;
@ -387,10 +386,9 @@ Internal2FileAuthentication(IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,
}
}
if (EFI_ERROR(Status)) {
CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr) {
DBG("VerifySecureBootImage(2): %s %ls\n", efiStrError(Status), DevicePathStr);
FreePool(DevicePathStr);
XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.notEmpty() ) {
DBG("VerifySecureBootImage(2): %s %ls\n", efiStrError(Status), DevicePathStr.wc_str());
}
}
return Status;
@ -406,10 +404,9 @@ EFI_STATUS VerifySecureBootImage(IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath)
}
}
if (EFI_ERROR(Status)) {
CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr) {
DBG("VerifySecureBootImage: %s %ls\n", efiStrError(Status), DevicePathStr);
FreePool(DevicePathStr);
XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( DevicePathStr.notEmpty() ) {
DBG("VerifySecureBootImage: %s %ls\n", efiStrError(Status), DevicePathStr.wc_str());
}
}
return Status;

View File

@ -165,7 +165,7 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi
{
EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable = NULL;
EFI_IMAGE_EXECUTION_INFO *ImageExeInfo;
CHAR16 *FDP;
XStringW FDP;
UINT8 *Ptr;
UINTN Index;
// Check parameters
@ -182,8 +182,8 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi
return NULL;
}
// Get device path string
FDP = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (FDP == NULL) {
FDP = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if ( FDP.isEmpty() ) {
return NULL;
}
// Get the execution information
@ -205,20 +205,16 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi
Offset += sizeof(CHAR16);
} while (*Name++);
// Compare the device paths
Name = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)Offset);
if (Name) {
if (StrCmp(FDP, Name) == 0) {
XStringW Name2 = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)Offset);
if (Name2.notEmpty()) {
if ( FDP == Name2 ) {
// Get the signature list and size
Offset += GetDevicePathSize((EFI_DEVICE_PATH_PROTOCOL *)Offset);
*DatabaseSize = (ImageExeInfo->InfoSize - (Offset - Ptr));
FreePool(Name);
FreePool(FDP);
return Offset;
}
FreePool(Name);
}
}
FreePool(FDP);
// Not found
return NULL;
}
@ -279,17 +275,16 @@ EFI_STATUS AppendImageToAuthorizedDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *De
}
}
if (ErrorString.notEmpty()) {
CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr != NULL) {
XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr.notEmpty()) {
XStringW FileDevicePathStr = FileDevicePathFileToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (FileDevicePathStr.notEmpty()) {
XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr, FileDevicePathStr.wc_str());
XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str(), FileDevicePathStr.wc_str());
AlertMessage(L"Insert Image Authentication"_XSW, Str);
} else {
XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr);
XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str());
AlertMessage(L"Insert Image Authentication"_XSW, Str);
}
FreePool(DevicePathStr);
} else {
AlertMessage(L"Insert Image Authentication"_XSW, ErrorString);
}
@ -353,17 +348,16 @@ EFI_STATUS RemoveImageFromAuthorizedDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *
}
}
if (ErrorString.notEmpty()) {
CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr != NULL) {
XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (DevicePathStr.notEmpty()) {
XStringW FileDevicePathStr = FileDevicePathFileToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath);
if (FileDevicePathStr.notEmpty()) {
XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr, FileDevicePathStr.wc_str());
XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str(), FileDevicePathStr.wc_str());
AlertMessage(L"Remove Image Authentication"_XSW, Str);
} else {
XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr);
XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str());
AlertMessage(L"Remove Image Authentication"_XSW, Str);
}
FreePool(DevicePathStr);
} else {
AlertMessage(L"Remove Image Authentication"_XSW, ErrorString);
}

View File

@ -372,7 +372,7 @@ STATIC EFI_STATUS GetUTCTime(OUT EFI_TIME *Timestamp)
}
// Write signed variable
EFI_STATUS SetSignedVariable(IN CHAR16 *DatabaseName,
EFI_STATUS SetSignedVariable(const wchar_t* DatabaseName,
const EFI_GUID& DatabaseGuid,
IN UINT32 Attributes,
IN void *Database,
@ -501,7 +501,7 @@ EFI_STATUS SetSignedVariable(IN CHAR16 *DatabaseName,
}
// Write signature database
EFI_STATUS SetSignatureDatabase(IN CHAR16 *DatabaseName,
EFI_STATUS SetSignatureDatabase(const wchar_t* DatabaseName,
const EFI_GUID& DatabaseGuid,
IN void *Database,
IN UINTN DatabaseSize)