mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-12-23 17:34:00 +03:00
boot: Use proper security arch protocol names
This is how the Platform Intregration Specification defines these.
This commit is contained in:
parent
dcde6ae165
commit
0e3c374e8c
@ -309,41 +309,34 @@ typedef struct tdEFI_TCG2_PROTOCOL {
|
||||
{0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68} }
|
||||
|
||||
/* UEFI Platform Initialization (Vol2: DXE) */
|
||||
#ifndef SECURITY_PROTOCOL_GUID
|
||||
#ifndef EFI_SECURITY_ARCH_PROTOCOL_GUID
|
||||
|
||||
#define SECURITY_PROTOCOL_GUID \
|
||||
&(const EFI_GUID) { 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
|
||||
#define SECURITY_PROTOCOL2_GUID \
|
||||
&(const EFI_GUID) { 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
|
||||
#define EFI_SECURITY_ARCH_PROTOCOL_GUID \
|
||||
{ 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
|
||||
#define EFI_SECURITY2_ARCH_PROTOCOL_GUID \
|
||||
{ 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
|
||||
|
||||
struct _EFI_SECURITY2_PROTOCOL;
|
||||
struct _EFI_SECURITY_PROTOCOL;
|
||||
struct _EFI_DEVICE_PATH_PROTOCOL;
|
||||
typedef struct EFI_SECURITY_ARCH_PROTOCOL EFI_SECURITY_ARCH_PROTOCOL;
|
||||
typedef struct EFI_SECURITY2_ARCH_PROTOCOL EFI_SECURITY2_ARCH_PROTOCOL;
|
||||
|
||||
typedef struct _EFI_SECURITY2_PROTOCOL EFI_SECURITY2_PROTOCOL;
|
||||
typedef struct _EFI_SECURITY_PROTOCOL EFI_SECURITY_PROTOCOL;
|
||||
typedef struct _EFI_DEVICE_PATH_PROTOCOL EFI_DEVICE_PATH_PROTOCOL;
|
||||
typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE)(
|
||||
const EFI_SECURITY_ARCH_PROTOCOL *This,
|
||||
uint32_t AuthenticationStatus,
|
||||
const EFI_DEVICE_PATH *File);
|
||||
|
||||
typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE) (
|
||||
const EFI_SECURITY_PROTOCOL *This,
|
||||
UINT32 AuthenticationStatus,
|
||||
const EFI_DEVICE_PATH_PROTOCOL *File
|
||||
);
|
||||
|
||||
typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (
|
||||
const EFI_SECURITY2_PROTOCOL *This,
|
||||
const EFI_DEVICE_PATH_PROTOCOL *DevicePath,
|
||||
VOID *FileBuffer,
|
||||
UINTN FileSize,
|
||||
BOOLEAN BootPolicy
|
||||
);
|
||||
|
||||
struct _EFI_SECURITY2_PROTOCOL {
|
||||
EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
|
||||
struct EFI_SECURITY_ARCH_PROTOCOL {
|
||||
EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
|
||||
};
|
||||
|
||||
struct _EFI_SECURITY_PROTOCOL {
|
||||
EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
|
||||
typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION)(
|
||||
const EFI_SECURITY2_ARCH_PROTOCOL *This,
|
||||
const EFI_DEVICE_PATH *DevicePath,
|
||||
void *FileBuffer,
|
||||
UINTN FileSize,
|
||||
BOOLEAN BootPolicy);
|
||||
|
||||
struct EFI_SECURITY2_ARCH_PROTOCOL {
|
||||
EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
|
||||
};
|
||||
|
||||
#endif
|
||||
|
@ -69,9 +69,12 @@ static EFI_SECURITY2_FILE_AUTHENTICATION es2fa = NULL;
|
||||
* the SB failure code seems to vary from one implementation to another, and I
|
||||
* don't want to interfere with that at this time.
|
||||
*/
|
||||
static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PROTOCOL *this,
|
||||
const EFI_DEVICE_PATH_PROTOCOL *device_path,
|
||||
void *file_buffer, UINTN file_size, BOOLEAN boot_policy) {
|
||||
static EFIAPI EFI_STATUS security2_policy_authentication(
|
||||
const EFI_SECURITY2_ARCH_PROTOCOL *this,
|
||||
const EFI_DEVICE_PATH *device_path,
|
||||
void *file_buffer,
|
||||
UINTN file_size,
|
||||
BOOLEAN boot_policy) {
|
||||
EFI_STATUS err;
|
||||
|
||||
assert(this);
|
||||
@ -99,8 +102,10 @@ static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PR
|
||||
* authentication failure, be it EFI_ACCESS_DENIED, EFI_SECURITY_VIOLATION, or something
|
||||
* else. (This seems to vary between implementations.)
|
||||
*/
|
||||
static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROTOCOL *this, uint32_t authentication_status,
|
||||
const EFI_DEVICE_PATH_PROTOCOL *device_path_const) {
|
||||
static EFIAPI EFI_STATUS security_policy_authentication(
|
||||
const EFI_SECURITY_ARCH_PROTOCOL *this,
|
||||
uint32_t authentication_status,
|
||||
const EFI_DEVICE_PATH *device_path_const) {
|
||||
EFI_STATUS err;
|
||||
_cleanup_free_ char16_t *dev_path_str = NULL;
|
||||
EFI_HANDLE h;
|
||||
@ -138,8 +143,8 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
|
||||
}
|
||||
|
||||
EFI_STATUS security_policy_install(void) {
|
||||
EFI_SECURITY_PROTOCOL *security_protocol;
|
||||
EFI_SECURITY2_PROTOCOL *security2_protocol = NULL;
|
||||
EFI_SECURITY_ARCH_PROTOCOL *security_protocol;
|
||||
EFI_SECURITY2_ARCH_PROTOCOL *security2_protocol = NULL;
|
||||
EFI_STATUS err;
|
||||
|
||||
/* Already Installed */
|
||||
@ -151,9 +156,9 @@ EFI_STATUS security_policy_install(void) {
|
||||
* to fail, since SECURITY2 was introduced in PI 1.2.1.
|
||||
* Use security2_protocol == NULL as indicator.
|
||||
*/
|
||||
BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL2_GUID, NULL, (void**) &security2_protocol);
|
||||
BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, NULL, (void **) &security2_protocol);
|
||||
|
||||
err = BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL_GUID, NULL, (void**) &security_protocol);
|
||||
err = BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, NULL, (void**) &security_protocol);
|
||||
/* This one is mandatory, so there's a serious problem */
|
||||
if (err != EFI_SUCCESS)
|
||||
return err;
|
||||
|
Loading…
Reference in New Issue
Block a user