From 539e26a97e79e6f655dd36bc4e22c1f5847292be Mon Sep 17 00:00:00 2001 From: jief Date: Mon, 8 Jan 2024 23:13:37 +0100 Subject: [PATCH] Fix compilation of secureboot. Compile, but doesn't link yet. --- rEFIt_UEFI/Platform/BdsConnect.h | 126 +++++++++++++++++++++++++++ rEFIt_UEFI/entry_scan/entry_scan.h | 2 +- rEFIt_UEFI/entry_scan/secureboot.cpp | 51 +++++------ rEFIt_UEFI/entry_scan/securemenu.cpp | 34 +++----- rEFIt_UEFI/entry_scan/securevars.cpp | 4 +- 5 files changed, 167 insertions(+), 50 deletions(-) create mode 100644 rEFIt_UEFI/Platform/BdsConnect.h diff --git a/rEFIt_UEFI/Platform/BdsConnect.h b/rEFIt_UEFI/Platform/BdsConnect.h new file mode 100644 index 000000000..ca0cf8cf8 --- /dev/null +++ b/rEFIt_UEFI/Platform/BdsConnect.h @@ -0,0 +1,126 @@ +/** @file + BDS Lib functions which relate with connect the device + +Copyright (c) 2004 - 2008, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef PLATFORM_BDSCONNECT_H_ +#define PLATFORM_BDSCONNECT_H_ + + +#include // Only use angled for Platform, else, xcode project won't compile +//#include "../include/Handle.h" +//#include "../Platform/Settings.h" + + +/** + This function will create all handles associate with every device + path node. If the handle associate with one device path node can not + be created success, then still give one chance to do the dispatch, + which load the missing drivers if possible. + + @param DevicePathToConnect The device path which will be connected, it can be + a multi-instance device path + + @retval EFI_SUCCESS All handles associate with every device path node + have been created + @retval EFI_OUT_OF_RESOURCES There is no resource to create new handles + @retval EFI_NOT_FOUND Create the handle associate with one device path + node failed + +**/ +EFI_STATUS +EFIAPI +BdsLibConnectDevicePath ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePathToConnect + ); + +/** + This function will connect all current system handles recursively. + + gBS->ConnectController() service is invoked for each handle exist in system handler buffer. + If the handle is bus type handler, all childrens also will be connected recursively + by gBS->ConnectController(). + + @retval EFI_SUCCESS All handles and it's child handle have been connected + @retval EFI_STATUS Error status returned by of gBS->LocateHandleBuffer(). + +**/ +EFI_STATUS +EFIAPI +BdsLibConnectAllEfi ( + void + ); + +/** + This function will disconnect all current system handles. + + gBS->DisconnectController() is invoked for each handle exists in system handle buffer. + If handle is a bus type handle, all childrens also are disconnected recursively by + gBS->DisconnectController(). + + @retval EFI_SUCCESS All handles have been disconnected + @retval EFI_STATUS Error status returned by of gBS->LocateHandleBuffer(). + +**/ +EFI_STATUS +EFIAPI +BdsLibDisconnectAllEfi ( + void + ); + +EFI_STATUS ScanDeviceHandles(EFI_HANDLE ControllerHandle, + UINTN *HandleCount, + EFI_HANDLE **HandleBuffer, + UINT32 **HandleType); + + + +EFI_STATUS BdsLibConnectMostlyAllEfi(); + + +/** + Connects all drivers to all controllers. + This function make sure all the current system driver will manage + the corresponding controllers if have. And at the same time, make + sure all the system controllers have driver to manage it if have. + +**/ +void +EFIAPI +BdsLibConnectAllDriversToAllControllers ( + void + ); + + +/** + Connect the specific Usb device which match the short form device path, + and whose bus is determined by Host Controller (Uhci or Ehci). + + @param HostControllerPI Uhci (0x00) or Ehci (0x20) or Both uhci and ehci + (0xFF) + @param RemainingDevicePath a short-form device path that starts with the first + element being a USB WWID or a USB Class device + path + + @return EFI_INVALID_PARAMETER RemainingDevicePath is NULL pointer. + RemainingDevicePath is not a USB device path. + Invalid HostControllerPI type. + @return EFI_SUCCESS Success to connect USB device + @return EFI_NOT_FOUND Fail to find handle for USB controller to connect. + +**/ +EFI_STATUS +EFIAPI +BdsLibConnectUsbDevByShortFormDP( + IN UINT8 HostControllerPI, + IN EFI_DEVICE_PATH_PROTOCOL *RemainingDevicePath + ); diff --git a/rEFIt_UEFI/entry_scan/entry_scan.h b/rEFIt_UEFI/entry_scan/entry_scan.h index 4c04e14ef..4d9aa0f5d 100644 --- a/rEFIt_UEFI/entry_scan/entry_scan.h +++ b/rEFIt_UEFI/entry_scan/entry_scan.h @@ -111,7 +111,7 @@ void *GetSignatureDatabase(const wchar_t* DatabaseName, const EFI_GUID& DatabaseGuid, OUT UINTN * DatabaseSize); EFI_STATUS SetSignatureDatabase(const wchar_t* DatabaseName, - const EFI_GUID& DatabaseGuid, + const GUID& DatabaseGuid, IN void * Database, IN UINTN DatabaseSize); diff --git a/rEFIt_UEFI/entry_scan/secureboot.cpp b/rEFIt_UEFI/entry_scan/secureboot.cpp index b7cd2d6ab..5a7c1d315 100644 --- a/rEFIt_UEFI/entry_scan/secureboot.cpp +++ b/rEFIt_UEFI/entry_scan/secureboot.cpp @@ -222,7 +222,7 @@ STATIC XBool EFIAPI PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationStatus, IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath) { - CHAR16 *DevicePathStr; + XStringW DevicePathStr; UINTN Index; if ((AuthenticationStatus == NULL) || (DevicePath == NULL)) { return false; @@ -235,13 +235,13 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt case SECURE_BOOT_POLICY_WHITELIST: // Check the white list for this image - DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr == NULL) { + DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.isEmpty() ) { return false; } for (Index = 0; Index < gSettings.Boot.SecureBootWhiteList.size(); ++Index) { - if ((gSettings.Boot.SecureBootWhiteList[Index].notEmpty()) && - (StriStr(DevicePathStr, gSettings.Boot.SecureBootWhiteList[Index].wc_str()) != NULL)) { + if ( gSettings.Boot.SecureBootWhiteList[Index].notEmpty() && + DevicePathStr.contains(gSettings.Boot.SecureBootWhiteList[Index]) ) { // White listed *AuthenticationStatus = EFI_SUCCESS; return true; @@ -251,13 +251,13 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt case SECURE_BOOT_POLICY_BLACKLIST: // Check the black list for this image - DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr == NULL) { + DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.isEmpty() ) { return false; } for (Index = 0; Index < gSettings.Boot.SecureBootBlackList.size(); ++Index) { - if ((gSettings.Boot.SecureBootBlackList[Index].notEmpty()) && - (StriStr(DevicePathStr, gSettings.Boot.SecureBootBlackList[Index].wc_str()) != NULL)) { + if ( gSettings.Boot.SecureBootBlackList[Index].notEmpty() && + DevicePathStr.contains(gSettings.Boot.SecureBootBlackList[Index]) ) { // Black listed return true; } @@ -266,22 +266,22 @@ PrecheckSecureBootPolicy(IN OUT EFI_STATUS *AuthenticationSt return true; case SECURE_BOOT_POLICY_USER: - DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr == NULL) { + DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.isEmpty() ) { return false; } // Check the black list for this image for (Index = 0; Index < gSettings.Boot.SecureBootBlackList.size(); ++Index) { - if ((gSettings.Boot.SecureBootBlackList[Index].notEmpty()) && - (StriStr(DevicePathStr, gSettings.Boot.SecureBootBlackList[Index].wc_str()) != NULL)) { + if ( gSettings.Boot.SecureBootBlackList[Index].notEmpty() && + DevicePathStr.contains(gSettings.Boot.SecureBootBlackList[Index]) ) { // Black listed return true; } } // Check the white list for this image for (Index = 0; Index < gSettings.Boot.SecureBootWhiteList.size(); ++Index) { - if ((gSettings.Boot.SecureBootWhiteList[Index].notEmpty()) && - (StriStr(DevicePathStr, gSettings.Boot.SecureBootWhiteList[Index].wc_str()) != NULL)) { + if ( gSettings.Boot.SecureBootWhiteList[Index].notEmpty() && + DevicePathStr.contains(gSettings.Boot.SecureBootWhiteList[Index]) ) { // White listed *AuthenticationStatus = EFI_SUCCESS; return true; @@ -360,10 +360,9 @@ InternalFileAuthentication(IN CONST EFI_SECURITY_ARCH_PROTOCOL *This, } } if (EFI_ERROR(Status)) { - CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr) { - DBG("VerifySecureBootImage(1): %s %ls\n", efiStrError(Status), DevicePathStr); - FreePool(DevicePathStr); + XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.notEmpty() ) { + DBG("VerifySecureBootImage(1): %s %ls\n", efiStrError(Status), DevicePathStr.wc_str()); } } return Status; @@ -387,10 +386,9 @@ Internal2FileAuthentication(IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This, } } if (EFI_ERROR(Status)) { - CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr) { - DBG("VerifySecureBootImage(2): %s %ls\n", efiStrError(Status), DevicePathStr); - FreePool(DevicePathStr); + XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.notEmpty() ) { + DBG("VerifySecureBootImage(2): %s %ls\n", efiStrError(Status), DevicePathStr.wc_str()); } } return Status; @@ -406,10 +404,9 @@ EFI_STATUS VerifySecureBootImage(IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath) } } if (EFI_ERROR(Status)) { - CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr) { - DBG("VerifySecureBootImage: %s %ls\n", efiStrError(Status), DevicePathStr); - FreePool(DevicePathStr); + XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( DevicePathStr.notEmpty() ) { + DBG("VerifySecureBootImage: %s %ls\n", efiStrError(Status), DevicePathStr.wc_str()); } } return Status; diff --git a/rEFIt_UEFI/entry_scan/securemenu.cpp b/rEFIt_UEFI/entry_scan/securemenu.cpp index 5d68968b1..f74578c45 100644 --- a/rEFIt_UEFI/entry_scan/securemenu.cpp +++ b/rEFIt_UEFI/entry_scan/securemenu.cpp @@ -165,7 +165,7 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi { EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable = NULL; EFI_IMAGE_EXECUTION_INFO *ImageExeInfo; - CHAR16 *FDP; + XStringW FDP; UINT8 *Ptr; UINTN Index; // Check parameters @@ -182,8 +182,8 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi return NULL; } // Get device path string - FDP = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (FDP == NULL) { + FDP = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if ( FDP.isEmpty() ) { return NULL; } // Get the execution information @@ -205,20 +205,16 @@ STATIC void *FindImageSignatureDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *Devi Offset += sizeof(CHAR16); } while (*Name++); // Compare the device paths - Name = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)Offset); - if (Name) { - if (StrCmp(FDP, Name) == 0) { + XStringW Name2 = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)Offset); + if (Name2.notEmpty()) { + if ( FDP == Name2 ) { // Get the signature list and size Offset += GetDevicePathSize((EFI_DEVICE_PATH_PROTOCOL *)Offset); *DatabaseSize = (ImageExeInfo->InfoSize - (Offset - Ptr)); - FreePool(Name); - FreePool(FDP); return Offset; } - FreePool(Name); } } - FreePool(FDP); // Not found return NULL; } @@ -279,17 +275,16 @@ EFI_STATUS AppendImageToAuthorizedDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL *De } } if (ErrorString.notEmpty()) { - CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr != NULL) { + XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if (DevicePathStr.notEmpty()) { XStringW FileDevicePathStr = FileDevicePathFileToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); if (FileDevicePathStr.notEmpty()) { - XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr, FileDevicePathStr.wc_str()); + XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str(), FileDevicePathStr.wc_str()); AlertMessage(L"Insert Image Authentication"_XSW, Str); } else { - XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr); + XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str()); AlertMessage(L"Insert Image Authentication"_XSW, Str); } - FreePool(DevicePathStr); } else { AlertMessage(L"Insert Image Authentication"_XSW, ErrorString); } @@ -353,17 +348,16 @@ EFI_STATUS RemoveImageFromAuthorizedDatabase(IN CONST EFI_DEVICE_PATH_PROTOCOL * } } if (ErrorString.notEmpty()) { - CHAR16 *DevicePathStr = FileDevicePathToStr((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); - if (DevicePathStr != NULL) { + XStringW DevicePathStr = FileDevicePathToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); + if (DevicePathStr.notEmpty()) { XStringW FileDevicePathStr = FileDevicePathFileToXStringW((EFI_DEVICE_PATH_PROTOCOL *)DevicePath); if (FileDevicePathStr.notEmpty()) { - XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr, FileDevicePathStr.wc_str()); + XStringW Str = SWPrintf("%ls\n%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str(), FileDevicePathStr.wc_str()); AlertMessage(L"Remove Image Authentication"_XSW, Str); } else { - XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr); + XStringW Str = SWPrintf("%ls\n%ls", ErrorString.wc_str(), DevicePathStr.wc_str()); AlertMessage(L"Remove Image Authentication"_XSW, Str); } - FreePool(DevicePathStr); } else { AlertMessage(L"Remove Image Authentication"_XSW, ErrorString); } diff --git a/rEFIt_UEFI/entry_scan/securevars.cpp b/rEFIt_UEFI/entry_scan/securevars.cpp index 8c0f152e4..1488d179d 100644 --- a/rEFIt_UEFI/entry_scan/securevars.cpp +++ b/rEFIt_UEFI/entry_scan/securevars.cpp @@ -372,7 +372,7 @@ STATIC EFI_STATUS GetUTCTime(OUT EFI_TIME *Timestamp) } // Write signed variable -EFI_STATUS SetSignedVariable(IN CHAR16 *DatabaseName, +EFI_STATUS SetSignedVariable(const wchar_t* DatabaseName, const EFI_GUID& DatabaseGuid, IN UINT32 Attributes, IN void *Database, @@ -501,7 +501,7 @@ EFI_STATUS SetSignedVariable(IN CHAR16 *DatabaseName, } // Write signature database -EFI_STATUS SetSignatureDatabase(IN CHAR16 *DatabaseName, +EFI_STATUS SetSignatureDatabase(const wchar_t* DatabaseName, const EFI_GUID& DatabaseGuid, IN void *Database, IN UINTN DatabaseSize)