mirror of
https://github.com/systemd/systemd
synced 2026-03-28 17:54:51 +01:00
Compare commits
No commits in common. "e7f46ee3ae1cc66a94b293957721d68dc09d7449" and "f62c5bd15203aa944d6bce7d03ab5bad6b0958a0" have entirely different histories.
e7f46ee3ae
...
f62c5bd152
165
src/basic/linux/if_arp.h
Normal file
165
src/basic/linux/if_arp.h
Normal file
@ -0,0 +1,165 @@
|
|||||||
|
/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
|
||||||
|
/*
|
||||||
|
* INET An implementation of the TCP/IP protocol suite for the LINUX
|
||||||
|
* operating system. INET is implemented using the BSD Socket
|
||||||
|
* interface as the means of communication with the user level.
|
||||||
|
*
|
||||||
|
* Global definitions for the ARP (RFC 826) protocol.
|
||||||
|
*
|
||||||
|
* Version: @(#)if_arp.h 1.0.1 04/16/93
|
||||||
|
*
|
||||||
|
* Authors: Original taken from Berkeley UNIX 4.3, (c) UCB 1986-1988
|
||||||
|
* Portions taken from the KA9Q/NOS (v2.00m PA0GRI) source.
|
||||||
|
* Ross Biro
|
||||||
|
* Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
|
||||||
|
* Florian La Roche,
|
||||||
|
* Jonathan Layes <layes@loran.com>
|
||||||
|
* Arnaldo Carvalho de Melo <acme@conectiva.com.br> ARPHRD_HWX25
|
||||||
|
*
|
||||||
|
* This program is free software; you can redistribute it and/or
|
||||||
|
* modify it under the terms of the GNU General Public License
|
||||||
|
* as published by the Free Software Foundation; either version
|
||||||
|
* 2 of the License, or (at your option) any later version.
|
||||||
|
*/
|
||||||
|
#ifndef _UAPI_LINUX_IF_ARP_H
|
||||||
|
#define _UAPI_LINUX_IF_ARP_H
|
||||||
|
|
||||||
|
#include <linux/netdevice.h>
|
||||||
|
|
||||||
|
/* ARP protocol HARDWARE identifiers. */
|
||||||
|
#define ARPHRD_NETROM 0 /* from KA9Q: NET/ROM pseudo */
|
||||||
|
#define ARPHRD_ETHER 1 /* Ethernet 10Mbps */
|
||||||
|
#define ARPHRD_EETHER 2 /* Experimental Ethernet */
|
||||||
|
#define ARPHRD_AX25 3 /* AX.25 Level 2 */
|
||||||
|
#define ARPHRD_PRONET 4 /* PROnet token ring */
|
||||||
|
#define ARPHRD_CHAOS 5 /* Chaosnet */
|
||||||
|
#define ARPHRD_IEEE802 6 /* IEEE 802.2 Ethernet/TR/TB */
|
||||||
|
#define ARPHRD_ARCNET 7 /* ARCnet */
|
||||||
|
#define ARPHRD_APPLETLK 8 /* APPLEtalk */
|
||||||
|
#define ARPHRD_DLCI 15 /* Frame Relay DLCI */
|
||||||
|
#define ARPHRD_ATM 19 /* ATM */
|
||||||
|
#define ARPHRD_METRICOM 23 /* Metricom STRIP (new IANA id) */
|
||||||
|
#define ARPHRD_IEEE1394 24 /* IEEE 1394 IPv4 - RFC 2734 */
|
||||||
|
#define ARPHRD_EUI64 27 /* EUI-64 */
|
||||||
|
#define ARPHRD_INFINIBAND 32 /* InfiniBand */
|
||||||
|
|
||||||
|
/* Dummy types for non ARP hardware */
|
||||||
|
#define ARPHRD_SLIP 256
|
||||||
|
#define ARPHRD_CSLIP 257
|
||||||
|
#define ARPHRD_SLIP6 258
|
||||||
|
#define ARPHRD_CSLIP6 259
|
||||||
|
#define ARPHRD_RSRVD 260 /* Notional KISS type */
|
||||||
|
#define ARPHRD_ADAPT 264
|
||||||
|
#define ARPHRD_ROSE 270
|
||||||
|
#define ARPHRD_X25 271 /* CCITT X.25 */
|
||||||
|
#define ARPHRD_HWX25 272 /* Boards with X.25 in firmware */
|
||||||
|
#define ARPHRD_CAN 280 /* Controller Area Network */
|
||||||
|
#define ARPHRD_MCTP 290
|
||||||
|
#define ARPHRD_PPP 512
|
||||||
|
#define ARPHRD_CISCO 513 /* Cisco HDLC */
|
||||||
|
#define ARPHRD_HDLC ARPHRD_CISCO
|
||||||
|
#define ARPHRD_LAPB 516 /* LAPB */
|
||||||
|
#define ARPHRD_DDCMP 517 /* Digital's DDCMP protocol */
|
||||||
|
#define ARPHRD_RAWHDLC 518 /* Raw HDLC */
|
||||||
|
#define ARPHRD_RAWIP 519 /* Raw IP */
|
||||||
|
|
||||||
|
#define ARPHRD_TUNNEL 768 /* IPIP tunnel */
|
||||||
|
#define ARPHRD_TUNNEL6 769 /* IP6IP6 tunnel */
|
||||||
|
#define ARPHRD_FRAD 770 /* Frame Relay Access Device */
|
||||||
|
#define ARPHRD_SKIP 771 /* SKIP vif */
|
||||||
|
#define ARPHRD_LOOPBACK 772 /* Loopback device */
|
||||||
|
#define ARPHRD_LOCALTLK 773 /* Localtalk device */
|
||||||
|
#define ARPHRD_FDDI 774 /* Fiber Distributed Data Interface */
|
||||||
|
#define ARPHRD_BIF 775 /* AP1000 BIF */
|
||||||
|
#define ARPHRD_SIT 776 /* sit0 device - IPv6-in-IPv4 */
|
||||||
|
#define ARPHRD_IPDDP 777 /* IP over DDP tunneller */
|
||||||
|
#define ARPHRD_IPGRE 778 /* GRE over IP */
|
||||||
|
#define ARPHRD_PIMREG 779 /* PIMSM register interface */
|
||||||
|
#define ARPHRD_HIPPI 780 /* High Performance Parallel Interface */
|
||||||
|
#define ARPHRD_ASH 781 /* Nexus 64Mbps Ash */
|
||||||
|
#define ARPHRD_ECONET 782 /* Acorn Econet */
|
||||||
|
#define ARPHRD_IRDA 783 /* Linux-IrDA */
|
||||||
|
/* ARP works differently on different FC media .. so */
|
||||||
|
#define ARPHRD_FCPP 784 /* Point to point fibrechannel */
|
||||||
|
#define ARPHRD_FCAL 785 /* Fibrechannel arbitrated loop */
|
||||||
|
#define ARPHRD_FCPL 786 /* Fibrechannel public loop */
|
||||||
|
#define ARPHRD_FCFABRIC 787 /* Fibrechannel fabric */
|
||||||
|
/* 787->799 reserved for fibrechannel media types */
|
||||||
|
#define ARPHRD_IEEE802_TR 800 /* Magic type ident for TR */
|
||||||
|
#define ARPHRD_IEEE80211 801 /* IEEE 802.11 */
|
||||||
|
#define ARPHRD_IEEE80211_PRISM 802 /* IEEE 802.11 + Prism2 header */
|
||||||
|
#define ARPHRD_IEEE80211_RADIOTAP 803 /* IEEE 802.11 + radiotap header */
|
||||||
|
#define ARPHRD_IEEE802154 804
|
||||||
|
#define ARPHRD_IEEE802154_MONITOR 805 /* IEEE 802.15.4 network monitor */
|
||||||
|
|
||||||
|
#define ARPHRD_PHONET 820 /* PhoNet media type */
|
||||||
|
#define ARPHRD_PHONET_PIPE 821 /* PhoNet pipe header */
|
||||||
|
#define ARPHRD_CAIF 822 /* CAIF media type */
|
||||||
|
#define ARPHRD_IP6GRE 823 /* GRE over IPv6 */
|
||||||
|
#define ARPHRD_NETLINK 824 /* Netlink header */
|
||||||
|
#define ARPHRD_6LOWPAN 825 /* IPv6 over LoWPAN */
|
||||||
|
#define ARPHRD_VSOCKMON 826 /* Vsock monitor header */
|
||||||
|
|
||||||
|
#define ARPHRD_VOID 0xFFFF /* Void type, nothing is known */
|
||||||
|
#define ARPHRD_NONE 0xFFFE /* zero header length */
|
||||||
|
|
||||||
|
/* ARP protocol opcodes. */
|
||||||
|
#define ARPOP_REQUEST 1 /* ARP request */
|
||||||
|
#define ARPOP_REPLY 2 /* ARP reply */
|
||||||
|
#define ARPOP_RREQUEST 3 /* RARP request */
|
||||||
|
#define ARPOP_RREPLY 4 /* RARP reply */
|
||||||
|
#define ARPOP_InREQUEST 8 /* InARP request */
|
||||||
|
#define ARPOP_InREPLY 9 /* InARP reply */
|
||||||
|
#define ARPOP_NAK 10 /* (ATM)ARP NAK */
|
||||||
|
|
||||||
|
|
||||||
|
/* ARP ioctl request. */
|
||||||
|
struct arpreq {
|
||||||
|
struct sockaddr arp_pa; /* protocol address */
|
||||||
|
struct sockaddr arp_ha; /* hardware address */
|
||||||
|
int arp_flags; /* flags */
|
||||||
|
struct sockaddr arp_netmask; /* netmask (only for proxy arps) */
|
||||||
|
char arp_dev[IFNAMSIZ];
|
||||||
|
};
|
||||||
|
|
||||||
|
struct arpreq_old {
|
||||||
|
struct sockaddr arp_pa; /* protocol address */
|
||||||
|
struct sockaddr arp_ha; /* hardware address */
|
||||||
|
int arp_flags; /* flags */
|
||||||
|
struct sockaddr arp_netmask; /* netmask (only for proxy arps) */
|
||||||
|
};
|
||||||
|
|
||||||
|
/* ARP Flag values. */
|
||||||
|
#define ATF_COM 0x02 /* completed entry (ha valid) */
|
||||||
|
#define ATF_PERM 0x04 /* permanent entry */
|
||||||
|
#define ATF_PUBL 0x08 /* publish entry */
|
||||||
|
#define ATF_USETRAILERS 0x10 /* has requested trailers */
|
||||||
|
#define ATF_NETMASK 0x20 /* want to use a netmask (only
|
||||||
|
for proxy entries) */
|
||||||
|
#define ATF_DONTPUB 0x40 /* don't answer this addresses */
|
||||||
|
|
||||||
|
/*
|
||||||
|
* This structure defines an ethernet arp header.
|
||||||
|
*/
|
||||||
|
|
||||||
|
struct arphdr {
|
||||||
|
__be16 ar_hrd; /* format of hardware address */
|
||||||
|
__be16 ar_pro; /* format of protocol address */
|
||||||
|
unsigned char ar_hln; /* length of hardware address */
|
||||||
|
unsigned char ar_pln; /* length of protocol address */
|
||||||
|
__be16 ar_op; /* ARP opcode (command) */
|
||||||
|
|
||||||
|
#if 0
|
||||||
|
/*
|
||||||
|
* Ethernet looks like this : This bit is variable sized however...
|
||||||
|
*/
|
||||||
|
unsigned char ar_sha[ETH_ALEN]; /* sender hardware address */
|
||||||
|
unsigned char ar_sip[4]; /* sender IP address */
|
||||||
|
unsigned char ar_tha[ETH_ALEN]; /* target hardware address */
|
||||||
|
unsigned char ar_tip[4]; /* target IP address */
|
||||||
|
#endif
|
||||||
|
|
||||||
|
};
|
||||||
|
|
||||||
|
|
||||||
|
#endif /* _UAPI_LINUX_IF_ARP_H */
|
||||||
@ -88,6 +88,7 @@ basic_sources = files('''
|
|||||||
linux/hdlc/ioctl.h
|
linux/hdlc/ioctl.h
|
||||||
linux/if.h
|
linux/if.h
|
||||||
linux/if_addr.h
|
linux/if_addr.h
|
||||||
|
linux/if_arp.h
|
||||||
linux/if_bonding.h
|
linux/if_bonding.h
|
||||||
linux/if_bridge.h
|
linux/if_bridge.h
|
||||||
linux/if_ether.h
|
linux/if_ether.h
|
||||||
|
|||||||
@ -912,11 +912,14 @@ static VOID config_add_entry(Config *config, ConfigEntry *entry) {
|
|||||||
assert(entry);
|
assert(entry);
|
||||||
|
|
||||||
if ((config->entry_count & 15) == 0) {
|
if ((config->entry_count & 15) == 0) {
|
||||||
UINTN i = config->entry_count + 16;
|
UINTN i;
|
||||||
config->entries = ReallocatePool(
|
|
||||||
config->entries,
|
i = config->entry_count + 16;
|
||||||
sizeof(VOID *) * config->entry_count,
|
if (config->entry_count == 0)
|
||||||
sizeof(VOID *) * i);
|
config->entries = AllocatePool(sizeof(VOID *) * i);
|
||||||
|
else
|
||||||
|
config->entries = ReallocatePool(config->entries,
|
||||||
|
sizeof(VOID *) * config->entry_count, sizeof(VOID *) * i);
|
||||||
}
|
}
|
||||||
config->entries[config->entry_count++] = entry;
|
config->entries[config->entry_count++] = entry;
|
||||||
}
|
}
|
||||||
@ -1489,7 +1492,7 @@ static VOID config_load_entries(
|
|||||||
EFI_FILE *root_dir,
|
EFI_FILE *root_dir,
|
||||||
CHAR16 *loaded_image_path) {
|
CHAR16 *loaded_image_path) {
|
||||||
|
|
||||||
_cleanup_(FileHandleClosep) EFI_FILE_HANDLE entries_dir = NULL;
|
EFI_FILE_HANDLE entries_dir;
|
||||||
EFI_STATUS err;
|
EFI_STATUS err;
|
||||||
|
|
||||||
assert(config);
|
assert(config);
|
||||||
@ -1498,34 +1501,34 @@ static VOID config_load_entries(
|
|||||||
assert(loaded_image_path);
|
assert(loaded_image_path);
|
||||||
|
|
||||||
err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &entries_dir, (CHAR16*) L"\\loader\\entries", EFI_FILE_MODE_READ, 0ULL);
|
err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &entries_dir, (CHAR16*) L"\\loader\\entries", EFI_FILE_MODE_READ, 0ULL);
|
||||||
if (EFI_ERROR(err))
|
if (!EFI_ERROR(err)) {
|
||||||
return;
|
for (;;) {
|
||||||
|
CHAR16 buf[256];
|
||||||
|
UINTN bufsize;
|
||||||
|
EFI_FILE_INFO *f;
|
||||||
|
_cleanup_freepool_ CHAR8 *content = NULL;
|
||||||
|
|
||||||
for (;;) {
|
bufsize = sizeof(buf);
|
||||||
CHAR16 buf[256];
|
err = uefi_call_wrapper(entries_dir->Read, 3, entries_dir, &bufsize, buf);
|
||||||
UINTN bufsize;
|
if (bufsize == 0 || EFI_ERROR(err))
|
||||||
EFI_FILE_INFO *f;
|
break;
|
||||||
_cleanup_freepool_ CHAR8 *content = NULL;
|
|
||||||
|
|
||||||
bufsize = sizeof(buf);
|
f = (EFI_FILE_INFO *) buf;
|
||||||
err = uefi_call_wrapper(entries_dir->Read, 3, entries_dir, &bufsize, buf);
|
if (f->FileName[0] == '.')
|
||||||
if (bufsize == 0 || EFI_ERROR(err))
|
continue;
|
||||||
break;
|
if (f->Attribute & EFI_FILE_DIRECTORY)
|
||||||
|
continue;
|
||||||
|
|
||||||
f = (EFI_FILE_INFO *) buf;
|
if (!endswith_no_case(f->FileName, L".conf"))
|
||||||
if (f->FileName[0] == '.')
|
continue;
|
||||||
continue;
|
if (startswith(f->FileName, L"auto-"))
|
||||||
if (f->Attribute & EFI_FILE_DIRECTORY)
|
continue;
|
||||||
continue;
|
|
||||||
|
|
||||||
if (!endswith_no_case(f->FileName, L".conf"))
|
err = file_read(entries_dir, f->FileName, 0, 0, &content, NULL);
|
||||||
continue;
|
if (!EFI_ERROR(err))
|
||||||
if (startswith(f->FileName, L"auto-"))
|
config_entry_add_from_file(config, device, root_dir, L"\\loader\\entries", f->FileName, content, loaded_image_path);
|
||||||
continue;
|
}
|
||||||
|
uefi_call_wrapper(entries_dir->Close, 1, entries_dir);
|
||||||
err = file_read(entries_dir, f->FileName, 0, 0, &content, NULL);
|
|
||||||
if (!EFI_ERROR(err))
|
|
||||||
config_entry_add_from_file(config, device, root_dir, L"\\loader\\entries", f->FileName, content, loaded_image_path);
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1977,7 +1980,7 @@ static VOID config_entry_add_linux(
|
|||||||
EFI_HANDLE *device,
|
EFI_HANDLE *device,
|
||||||
EFI_FILE *root_dir) {
|
EFI_FILE *root_dir) {
|
||||||
|
|
||||||
_cleanup_(FileHandleClosep) EFI_FILE_HANDLE linux_dir = NULL;
|
EFI_FILE_HANDLE linux_dir;
|
||||||
EFI_STATUS err;
|
EFI_STATUS err;
|
||||||
ConfigEntry *entry;
|
ConfigEntry *entry;
|
||||||
|
|
||||||
@ -2107,6 +2110,8 @@ static VOID config_entry_add_linux(
|
|||||||
FreePool(os_build_id);
|
FreePool(os_build_id);
|
||||||
FreePool(content);
|
FreePool(content);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uefi_call_wrapper(linux_dir->Close, 1, linux_dir);
|
||||||
}
|
}
|
||||||
|
|
||||||
#define XBOOTLDR_GUID \
|
#define XBOOTLDR_GUID \
|
||||||
|
|||||||
@ -7,102 +7,260 @@
|
|||||||
|
|
||||||
#include "macro-fundamental.h"
|
#include "macro-fundamental.h"
|
||||||
#include "measure.h"
|
#include "measure.h"
|
||||||
#include "missing_efi.h"
|
|
||||||
#include "util.h"
|
|
||||||
|
|
||||||
static EFI_STATUS tpm1_measure_to_pcr_and_event_log(
|
#define EFI_TCG_GUID \
|
||||||
const EFI_TCG *tcg,
|
&(const EFI_GUID) { 0xf541796d, 0xa62e, 0x4954, { 0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }
|
||||||
UINT32 pcrindex,
|
|
||||||
EFI_PHYSICAL_ADDRESS buffer,
|
|
||||||
UINTN buffer_size,
|
|
||||||
const CHAR16 *description) {
|
|
||||||
|
|
||||||
_cleanup_freepool_ TCG_PCR_EVENT *tcg_event = NULL;
|
typedef struct _TCG_VERSION {
|
||||||
EFI_PHYSICAL_ADDRESS event_log_last;
|
UINT8 Major;
|
||||||
UINT32 event_number = 1;
|
UINT8 Minor;
|
||||||
UINTN desc_len;
|
UINT8 RevMajor;
|
||||||
|
UINT8 RevMinor;
|
||||||
|
} TCG_VERSION;
|
||||||
|
|
||||||
assert(tcg);
|
typedef struct tdEFI_TCG2_VERSION {
|
||||||
assert(description);
|
UINT8 Major;
|
||||||
|
UINT8 Minor;
|
||||||
|
} EFI_TCG2_VERSION;
|
||||||
|
|
||||||
desc_len = StrSize(description);
|
typedef struct _TCG_BOOT_SERVICE_CAPABILITY {
|
||||||
tcg_event = AllocateZeroPool(OFFSETOF(TCG_PCR_EVENT, Event) + desc_len);
|
UINT8 Size;
|
||||||
if (!tcg_event)
|
struct _TCG_VERSION StructureVersion;
|
||||||
return EFI_OUT_OF_RESOURCES;
|
struct _TCG_VERSION ProtocolSpecVersion;
|
||||||
|
UINT8 HashAlgorithmBitmap;
|
||||||
|
BOOLEAN TPMPresentFlag;
|
||||||
|
BOOLEAN TPMDeactivatedFlag;
|
||||||
|
} TCG_BOOT_SERVICE_CAPABILITY;
|
||||||
|
|
||||||
*tcg_event = (TCG_PCR_EVENT) {
|
typedef struct tdTREE_BOOT_SERVICE_CAPABILITY {
|
||||||
.EventSize = desc_len,
|
UINT8 Size;
|
||||||
.PCRIndex = pcrindex,
|
EFI_TCG2_VERSION StructureVersion;
|
||||||
.EventType = EV_IPL,
|
EFI_TCG2_VERSION ProtocolVersion;
|
||||||
};
|
UINT32 HashAlgorithmBitmap;
|
||||||
CopyMem(tcg_event->Event, description, desc_len);
|
UINT32 SupportedEventLogs;
|
||||||
|
BOOLEAN TrEEPresentFlag;
|
||||||
|
UINT16 MaxCommandSize;
|
||||||
|
UINT16 MaxResponseSize;
|
||||||
|
UINT32 ManufacturerID;
|
||||||
|
} TREE_BOOT_SERVICE_CAPABILITY;
|
||||||
|
|
||||||
return uefi_call_wrapper(
|
typedef UINT32 TCG_ALGORITHM_ID;
|
||||||
tcg->HashLogExtendEvent, 7,
|
#define TCG_ALG_SHA 0x00000004 // The SHA1 algorithm
|
||||||
(EFI_TCG *) tcg,
|
|
||||||
buffer, buffer_size,
|
|
||||||
TCG_ALG_SHA,
|
|
||||||
tcg_event,
|
|
||||||
&event_number,
|
|
||||||
&event_log_last);
|
|
||||||
}
|
|
||||||
|
|
||||||
static EFI_STATUS tpm2_measure_to_pcr_and_event_log(
|
#define SHA1_DIGEST_SIZE 20
|
||||||
EFI_TCG2 *tcg,
|
|
||||||
UINT32 pcrindex,
|
|
||||||
EFI_PHYSICAL_ADDRESS buffer,
|
|
||||||
UINT64 buffer_size,
|
|
||||||
const CHAR16 *description) {
|
|
||||||
|
|
||||||
_cleanup_freepool_ EFI_TCG2_EVENT *tcg_event = NULL;
|
typedef struct _TCG_DIGEST {
|
||||||
UINTN desc_len;
|
UINT8 Digest[SHA1_DIGEST_SIZE];
|
||||||
|
} TCG_DIGEST;
|
||||||
|
|
||||||
assert(tcg);
|
#define EV_IPL 13
|
||||||
assert(description);
|
|
||||||
|
|
||||||
desc_len = StrSize(description);
|
typedef struct _TCG_PCR_EVENT {
|
||||||
tcg_event = AllocateZeroPool(OFFSETOF(EFI_TCG2_EVENT, Event) + desc_len);
|
UINT32 PCRIndex;
|
||||||
if (!tcg_event)
|
UINT32 EventType;
|
||||||
return EFI_OUT_OF_RESOURCES;
|
struct _TCG_DIGEST digest;
|
||||||
|
UINT32 EventSize;
|
||||||
|
UINT8 Event[1];
|
||||||
|
} TCG_PCR_EVENT;
|
||||||
|
|
||||||
*tcg_event = (EFI_TCG2_EVENT) {
|
INTERFACE_DECL(_EFI_TCG);
|
||||||
.Size = OFFSETOF(EFI_TCG2_EVENT, Event) + desc_len,
|
|
||||||
.Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER),
|
|
||||||
.Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION,
|
|
||||||
.Header.PCRIndex = pcrindex,
|
|
||||||
.Header.EventType = EV_IPL,
|
|
||||||
};
|
|
||||||
|
|
||||||
CopyMem(tcg_event->Event, description, desc_len);
|
typedef EFI_STATUS(EFIAPI * EFI_TCG_STATUS_CHECK) (IN struct _EFI_TCG * This,
|
||||||
|
OUT struct _TCG_BOOT_SERVICE_CAPABILITY * ProtocolCapability,
|
||||||
|
OUT UINT32 * TCGFeatureFlags,
|
||||||
|
OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
|
||||||
|
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
|
||||||
|
|
||||||
return uefi_call_wrapper(
|
typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_ALL) (IN struct _EFI_TCG * This,
|
||||||
tcg->HashLogExtendEvent, 5,
|
IN UINT8 * HashData,
|
||||||
tcg,
|
IN UINT64 HashDataLen,
|
||||||
0,
|
IN TCG_ALGORITHM_ID AlgorithmId,
|
||||||
buffer, buffer_size,
|
IN OUT UINT64 * HashedDataLen, IN OUT UINT8 ** HashedDataResult);
|
||||||
tcg_event);
|
|
||||||
}
|
|
||||||
|
|
||||||
static EFI_TCG *tcg1_interface_check(void) {
|
typedef EFI_STATUS(EFIAPI * EFI_TCG_LOG_EVENT) (IN struct _EFI_TCG * This,
|
||||||
EFI_PHYSICAL_ADDRESS event_log_location, event_log_last_entry;
|
IN struct _TCG_PCR_EVENT * TCGLogData,
|
||||||
TCG_BOOT_SERVICE_CAPABILITY capability = {
|
IN OUT UINT32 * EventNumber, IN UINT32 Flags);
|
||||||
.Size = sizeof(capability),
|
|
||||||
};
|
typedef EFI_STATUS(EFIAPI * EFI_TCG_PASS_THROUGH_TO_TPM) (IN struct _EFI_TCG * This,
|
||||||
|
IN UINT32 TpmInputParameterBlockSize,
|
||||||
|
IN UINT8 * TpmInputParameterBlock,
|
||||||
|
IN UINT32 TpmOutputParameterBlockSize,
|
||||||
|
IN UINT8 * TpmOutputParameterBlock);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_LOG_EXTEND_EVENT) (IN struct _EFI_TCG * This,
|
||||||
|
IN EFI_PHYSICAL_ADDRESS HashData,
|
||||||
|
IN UINT64 HashDataLen,
|
||||||
|
IN TCG_ALGORITHM_ID AlgorithmId,
|
||||||
|
IN struct _TCG_PCR_EVENT * TCGLogData,
|
||||||
|
IN OUT UINT32 * EventNumber,
|
||||||
|
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
|
||||||
|
|
||||||
|
typedef struct _EFI_TCG {
|
||||||
|
EFI_TCG_STATUS_CHECK StatusCheck;
|
||||||
|
EFI_TCG_HASH_ALL HashAll;
|
||||||
|
EFI_TCG_LOG_EVENT LogEvent;
|
||||||
|
EFI_TCG_PASS_THROUGH_TO_TPM PassThroughToTPM;
|
||||||
|
EFI_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
||||||
|
} EFI_TCG;
|
||||||
|
|
||||||
|
#define EFI_TCG2_GUID \
|
||||||
|
&(const EFI_GUID) { 0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }
|
||||||
|
|
||||||
|
typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;
|
||||||
|
|
||||||
|
typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;
|
||||||
|
typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;
|
||||||
|
typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;
|
||||||
|
|
||||||
|
typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
|
||||||
|
UINT8 Size;
|
||||||
|
EFI_TCG2_VERSION StructureVersion;
|
||||||
|
EFI_TCG2_VERSION ProtocolVersion;
|
||||||
|
EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
|
||||||
|
EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
|
||||||
|
BOOLEAN TPMPresentFlag;
|
||||||
|
UINT16 MaxCommandSize;
|
||||||
|
UINT16 MaxResponseSize;
|
||||||
|
UINT32 ManufacturerID;
|
||||||
|
UINT32 NumberOfPCRBanks;
|
||||||
|
EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
|
||||||
|
} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
|
||||||
|
|
||||||
|
#define EFI_TCG2_EVENT_HEADER_VERSION 1
|
||||||
|
|
||||||
|
typedef struct {
|
||||||
|
UINT32 HeaderSize;
|
||||||
|
UINT16 HeaderVersion;
|
||||||
|
UINT32 PCRIndex;
|
||||||
|
UINT32 EventType;
|
||||||
|
} _packed_ EFI_TCG2_EVENT_HEADER;
|
||||||
|
|
||||||
|
typedef struct tdEFI_TCG2_EVENT {
|
||||||
|
UINT32 Size;
|
||||||
|
EFI_TCG2_EVENT_HEADER Header;
|
||||||
|
UINT8 Event[1];
|
||||||
|
} _packed_ EFI_TCG2_EVENT;
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_CAPABILITY) (IN EFI_TCG2_PROTOCOL * This,
|
||||||
|
IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY * ProtocolCapability);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_EVENT_LOG) (IN EFI_TCG2_PROTOCOL * This,
|
||||||
|
IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
|
||||||
|
OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
|
||||||
|
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry,
|
||||||
|
OUT BOOLEAN * EventLogTruncated);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (IN EFI_TCG2_PROTOCOL * This,
|
||||||
|
IN UINT64 Flags,
|
||||||
|
IN EFI_PHYSICAL_ADDRESS DataToHash,
|
||||||
|
IN UINT64 DataToHashLen, IN EFI_TCG2_EVENT * EfiTcgEvent);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_SUBMIT_COMMAND) (IN EFI_TCG2_PROTOCOL * This,
|
||||||
|
IN UINT32 InputParameterBlockSize,
|
||||||
|
IN UINT8 * InputParameterBlock,
|
||||||
|
IN UINT32 OutputParameterBlockSize, IN UINT8 * OutputParameterBlock);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, OUT UINT32 * ActivePcrBanks);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, IN UINT32 ActivePcrBanks);
|
||||||
|
|
||||||
|
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This,
|
||||||
|
OUT UINT32 * OperationPresent, OUT UINT32 * Response);
|
||||||
|
|
||||||
|
typedef struct tdEFI_TCG2_PROTOCOL {
|
||||||
|
EFI_TCG2_GET_CAPABILITY GetCapability;
|
||||||
|
EFI_TCG2_GET_EVENT_LOG GetEventLog;
|
||||||
|
EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
||||||
|
EFI_TCG2_SUBMIT_COMMAND SubmitCommand;
|
||||||
|
EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;
|
||||||
|
EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;
|
||||||
|
EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;
|
||||||
|
} EFI_TCG2;
|
||||||
|
|
||||||
|
static EFI_STATUS tpm1_measure_to_pcr_and_event_log(const EFI_TCG *tcg, UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer,
|
||||||
|
UINTN buffer_size, const CHAR16 *description) {
|
||||||
|
EFI_STATUS status;
|
||||||
|
TCG_PCR_EVENT *tcg_event;
|
||||||
|
UINT32 event_number;
|
||||||
|
EFI_PHYSICAL_ADDRESS event_log_last;
|
||||||
|
UINTN desc_len;
|
||||||
|
|
||||||
|
assert(tcg);
|
||||||
|
assert(description);
|
||||||
|
|
||||||
|
desc_len = StrSize(description);
|
||||||
|
tcg_event = AllocateZeroPool(desc_len + sizeof(TCG_PCR_EVENT));
|
||||||
|
|
||||||
|
if (!tcg_event)
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
|
||||||
|
tcg_event->EventSize = desc_len;
|
||||||
|
CopyMem((VOID *) & tcg_event->Event[0], (VOID *) description, desc_len);
|
||||||
|
|
||||||
|
tcg_event->PCRIndex = pcrindex;
|
||||||
|
tcg_event->EventType = EV_IPL;
|
||||||
|
|
||||||
|
event_number = 1;
|
||||||
|
status = uefi_call_wrapper(tcg->HashLogExtendEvent, 7,
|
||||||
|
(EFI_TCG *) tcg, buffer, buffer_size, TCG_ALG_SHA, tcg_event, &event_number, &event_log_last);
|
||||||
|
|
||||||
|
if (EFI_ERROR(status))
|
||||||
|
return status;
|
||||||
|
|
||||||
|
uefi_call_wrapper(BS->FreePool, 1, tcg_event);
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
static EFI_STATUS tpm2_measure_to_pcr_and_event_log(const EFI_TCG2 *tcg, UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer,
|
||||||
|
UINT64 buffer_size, const CHAR16 *description) {
|
||||||
|
EFI_STATUS status;
|
||||||
|
EFI_TCG2_EVENT *tcg_event;
|
||||||
|
UINTN desc_len;
|
||||||
|
|
||||||
|
assert(tcg);
|
||||||
|
assert(description);
|
||||||
|
|
||||||
|
desc_len = StrSize(description);
|
||||||
|
tcg_event = AllocateZeroPool(sizeof(*tcg_event) - sizeof(tcg_event->Event) + desc_len);
|
||||||
|
|
||||||
|
if (!tcg_event)
|
||||||
|
return EFI_OUT_OF_RESOURCES;
|
||||||
|
|
||||||
|
tcg_event->Size = sizeof(*tcg_event) - sizeof(tcg_event->Event) + desc_len;
|
||||||
|
tcg_event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
|
||||||
|
tcg_event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
|
||||||
|
tcg_event->Header.PCRIndex = pcrindex;
|
||||||
|
tcg_event->Header.EventType = EV_IPL;
|
||||||
|
|
||||||
|
CopyMem((VOID *) tcg_event->Event, (VOID *) description, desc_len);
|
||||||
|
|
||||||
|
status = uefi_call_wrapper(tcg->HashLogExtendEvent, 5, (EFI_TCG2 *) tcg, 0, buffer, (UINT64) buffer_size, tcg_event);
|
||||||
|
|
||||||
|
uefi_call_wrapper(BS->FreePool, 1, tcg_event);
|
||||||
|
|
||||||
|
if (EFI_ERROR(status))
|
||||||
|
return status;
|
||||||
|
|
||||||
|
return EFI_SUCCESS;
|
||||||
|
}
|
||||||
|
|
||||||
|
static EFI_TCG * tcg1_interface_check(void) {
|
||||||
EFI_STATUS status;
|
EFI_STATUS status;
|
||||||
UINT32 features;
|
|
||||||
EFI_TCG *tcg;
|
EFI_TCG *tcg;
|
||||||
|
TCG_BOOT_SERVICE_CAPABILITY capability;
|
||||||
|
UINT32 features;
|
||||||
|
EFI_PHYSICAL_ADDRESS event_log_location;
|
||||||
|
EFI_PHYSICAL_ADDRESS event_log_last_entry;
|
||||||
|
|
||||||
status = LibLocateProtocol((EFI_GUID*) EFI_TCG_GUID, (void **) &tcg);
|
status = LibLocateProtocol((EFI_GUID*) EFI_TCG_GUID, (void **) &tcg);
|
||||||
|
|
||||||
if (EFI_ERROR(status))
|
if (EFI_ERROR(status))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
status = uefi_call_wrapper(
|
capability.Size = (UINT8) sizeof(capability);
|
||||||
tcg->StatusCheck, 5,
|
status = uefi_call_wrapper(tcg->StatusCheck, 5, tcg, &capability, &features, &event_log_location, &event_log_last_entry);
|
||||||
tcg,
|
|
||||||
&capability,
|
|
||||||
&features,
|
|
||||||
&event_log_location,
|
|
||||||
&event_log_last_entry);
|
|
||||||
if (EFI_ERROR(status))
|
if (EFI_ERROR(status))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
@ -116,24 +274,25 @@ static EFI_TCG *tcg1_interface_check(void) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
static EFI_TCG2 * tcg2_interface_check(void) {
|
static EFI_TCG2 * tcg2_interface_check(void) {
|
||||||
EFI_TCG2_BOOT_SERVICE_CAPABILITY capability = {
|
|
||||||
.Size = sizeof(capability),
|
|
||||||
};
|
|
||||||
EFI_STATUS status;
|
EFI_STATUS status;
|
||||||
EFI_TCG2 *tcg;
|
EFI_TCG2 *tcg;
|
||||||
|
EFI_TCG2_BOOT_SERVICE_CAPABILITY capability;
|
||||||
|
|
||||||
status = LibLocateProtocol((EFI_GUID*) EFI_TCG2_GUID, (void **) &tcg);
|
status = LibLocateProtocol((EFI_GUID*) EFI_TCG2_GUID, (void **) &tcg);
|
||||||
|
|
||||||
if (EFI_ERROR(status))
|
if (EFI_ERROR(status))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
capability.Size = (UINT8) sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);
|
||||||
status = uefi_call_wrapper(tcg->GetCapability, 2, tcg, &capability);
|
status = uefi_call_wrapper(tcg->GetCapability, 2, tcg, &capability);
|
||||||
|
|
||||||
if (EFI_ERROR(status))
|
if (EFI_ERROR(status))
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
if (capability.StructureVersion.Major == 1 &&
|
if (capability.StructureVersion.Major == 1 &&
|
||||||
capability.StructureVersion.Minor == 0) {
|
capability.StructureVersion.Minor == 0) {
|
||||||
TCG_BOOT_SERVICE_CAPABILITY *caps_1_0 =
|
TCG_BOOT_SERVICE_CAPABILITY *caps_1_0;
|
||||||
(TCG_BOOT_SERVICE_CAPABILITY*) &capability;
|
caps_1_0 = (TCG_BOOT_SERVICE_CAPABILITY *)&capability;
|
||||||
if (caps_1_0->TPMPresentFlag)
|
if (caps_1_0->TPMPresentFlag)
|
||||||
return tcg;
|
return tcg;
|
||||||
}
|
}
|
||||||
|
|||||||
@ -3,8 +3,6 @@
|
|||||||
|
|
||||||
#include <efi.h>
|
#include <efi.h>
|
||||||
|
|
||||||
#include "macro-fundamental.h"
|
|
||||||
|
|
||||||
#ifndef EFI_RNG_PROTOCOL_GUID
|
#ifndef EFI_RNG_PROTOCOL_GUID
|
||||||
|
|
||||||
#define EFI_RNG_PROTOCOL_GUID \
|
#define EFI_RNG_PROTOCOL_GUID \
|
||||||
@ -161,173 +159,4 @@ struct _EFI_DT_FIXUP_PROTOCOL {
|
|||||||
EFI_DT_FIXUP Fixup;
|
EFI_DT_FIXUP Fixup;
|
||||||
};
|
};
|
||||||
|
|
||||||
#define EFI_TCG_GUID \
|
|
||||||
&(const EFI_GUID) { 0xf541796d, 0xa62e, 0x4954, { 0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }
|
|
||||||
|
|
||||||
typedef struct _TCG_VERSION {
|
|
||||||
UINT8 Major;
|
|
||||||
UINT8 Minor;
|
|
||||||
UINT8 RevMajor;
|
|
||||||
UINT8 RevMinor;
|
|
||||||
} TCG_VERSION;
|
|
||||||
|
|
||||||
typedef struct tdEFI_TCG2_VERSION {
|
|
||||||
UINT8 Major;
|
|
||||||
UINT8 Minor;
|
|
||||||
} EFI_TCG2_VERSION;
|
|
||||||
|
|
||||||
typedef struct _TCG_BOOT_SERVICE_CAPABILITY {
|
|
||||||
UINT8 Size;
|
|
||||||
struct _TCG_VERSION StructureVersion;
|
|
||||||
struct _TCG_VERSION ProtocolSpecVersion;
|
|
||||||
UINT8 HashAlgorithmBitmap;
|
|
||||||
BOOLEAN TPMPresentFlag;
|
|
||||||
BOOLEAN TPMDeactivatedFlag;
|
|
||||||
} TCG_BOOT_SERVICE_CAPABILITY;
|
|
||||||
|
|
||||||
typedef struct tdTREE_BOOT_SERVICE_CAPABILITY {
|
|
||||||
UINT8 Size;
|
|
||||||
EFI_TCG2_VERSION StructureVersion;
|
|
||||||
EFI_TCG2_VERSION ProtocolVersion;
|
|
||||||
UINT32 HashAlgorithmBitmap;
|
|
||||||
UINT32 SupportedEventLogs;
|
|
||||||
BOOLEAN TrEEPresentFlag;
|
|
||||||
UINT16 MaxCommandSize;
|
|
||||||
UINT16 MaxResponseSize;
|
|
||||||
UINT32 ManufacturerID;
|
|
||||||
} TREE_BOOT_SERVICE_CAPABILITY;
|
|
||||||
|
|
||||||
typedef UINT32 TCG_ALGORITHM_ID;
|
|
||||||
#define TCG_ALG_SHA 0x00000004 // The SHA1 algorithm
|
|
||||||
|
|
||||||
#define SHA1_DIGEST_SIZE 20
|
|
||||||
|
|
||||||
typedef struct _TCG_DIGEST {
|
|
||||||
UINT8 Digest[SHA1_DIGEST_SIZE];
|
|
||||||
} TCG_DIGEST;
|
|
||||||
|
|
||||||
#define EV_IPL 13
|
|
||||||
|
|
||||||
typedef struct _TCG_PCR_EVENT {
|
|
||||||
UINT32 PCRIndex;
|
|
||||||
UINT32 EventType;
|
|
||||||
struct _TCG_DIGEST digest;
|
|
||||||
UINT32 EventSize;
|
|
||||||
UINT8 Event[1];
|
|
||||||
} TCG_PCR_EVENT;
|
|
||||||
|
|
||||||
INTERFACE_DECL(_EFI_TCG);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG_STATUS_CHECK) (IN struct _EFI_TCG * This,
|
|
||||||
OUT struct _TCG_BOOT_SERVICE_CAPABILITY * ProtocolCapability,
|
|
||||||
OUT UINT32 * TCGFeatureFlags,
|
|
||||||
OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
|
|
||||||
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_ALL) (IN struct _EFI_TCG * This,
|
|
||||||
IN UINT8 * HashData,
|
|
||||||
IN UINT64 HashDataLen,
|
|
||||||
IN TCG_ALGORITHM_ID AlgorithmId,
|
|
||||||
IN OUT UINT64 * HashedDataLen, IN OUT UINT8 ** HashedDataResult);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG_LOG_EVENT) (IN struct _EFI_TCG * This,
|
|
||||||
IN struct _TCG_PCR_EVENT * TCGLogData,
|
|
||||||
IN OUT UINT32 * EventNumber, IN UINT32 Flags);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG_PASS_THROUGH_TO_TPM) (IN struct _EFI_TCG * This,
|
|
||||||
IN UINT32 TpmInputParameterBlockSize,
|
|
||||||
IN UINT8 * TpmInputParameterBlock,
|
|
||||||
IN UINT32 TpmOutputParameterBlockSize,
|
|
||||||
IN UINT8 * TpmOutputParameterBlock);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_LOG_EXTEND_EVENT) (IN struct _EFI_TCG * This,
|
|
||||||
IN EFI_PHYSICAL_ADDRESS HashData,
|
|
||||||
IN UINT64 HashDataLen,
|
|
||||||
IN TCG_ALGORITHM_ID AlgorithmId,
|
|
||||||
IN struct _TCG_PCR_EVENT * TCGLogData,
|
|
||||||
IN OUT UINT32 * EventNumber,
|
|
||||||
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
|
|
||||||
|
|
||||||
typedef struct _EFI_TCG {
|
|
||||||
EFI_TCG_STATUS_CHECK StatusCheck;
|
|
||||||
EFI_TCG_HASH_ALL HashAll;
|
|
||||||
EFI_TCG_LOG_EVENT LogEvent;
|
|
||||||
EFI_TCG_PASS_THROUGH_TO_TPM PassThroughToTPM;
|
|
||||||
EFI_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
|
||||||
} EFI_TCG;
|
|
||||||
|
|
||||||
#define EFI_TCG2_GUID \
|
|
||||||
&(const EFI_GUID) { 0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }
|
|
||||||
|
|
||||||
typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;
|
|
||||||
|
|
||||||
typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;
|
|
||||||
typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;
|
|
||||||
typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;
|
|
||||||
|
|
||||||
typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
|
|
||||||
UINT8 Size;
|
|
||||||
EFI_TCG2_VERSION StructureVersion;
|
|
||||||
EFI_TCG2_VERSION ProtocolVersion;
|
|
||||||
EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
|
|
||||||
EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
|
|
||||||
BOOLEAN TPMPresentFlag;
|
|
||||||
UINT16 MaxCommandSize;
|
|
||||||
UINT16 MaxResponseSize;
|
|
||||||
UINT32 ManufacturerID;
|
|
||||||
UINT32 NumberOfPCRBanks;
|
|
||||||
EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
|
|
||||||
} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
|
|
||||||
|
|
||||||
#define EFI_TCG2_EVENT_HEADER_VERSION 1
|
|
||||||
|
|
||||||
typedef struct {
|
|
||||||
UINT32 HeaderSize;
|
|
||||||
UINT16 HeaderVersion;
|
|
||||||
UINT32 PCRIndex;
|
|
||||||
UINT32 EventType;
|
|
||||||
} _packed_ EFI_TCG2_EVENT_HEADER;
|
|
||||||
|
|
||||||
typedef struct tdEFI_TCG2_EVENT {
|
|
||||||
UINT32 Size;
|
|
||||||
EFI_TCG2_EVENT_HEADER Header;
|
|
||||||
UINT8 Event[1];
|
|
||||||
} _packed_ EFI_TCG2_EVENT;
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_CAPABILITY) (IN EFI_TCG2_PROTOCOL * This,
|
|
||||||
IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY * ProtocolCapability);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_EVENT_LOG) (IN EFI_TCG2_PROTOCOL * This,
|
|
||||||
IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
|
|
||||||
OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
|
|
||||||
OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry,
|
|
||||||
OUT BOOLEAN * EventLogTruncated);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (IN EFI_TCG2_PROTOCOL * This,
|
|
||||||
IN UINT64 Flags,
|
|
||||||
IN EFI_PHYSICAL_ADDRESS DataToHash,
|
|
||||||
IN UINT64 DataToHashLen, IN EFI_TCG2_EVENT * EfiTcgEvent);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_SUBMIT_COMMAND) (IN EFI_TCG2_PROTOCOL * This,
|
|
||||||
IN UINT32 InputParameterBlockSize,
|
|
||||||
IN UINT8 * InputParameterBlock,
|
|
||||||
IN UINT32 OutputParameterBlockSize, IN UINT8 * OutputParameterBlock);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, OUT UINT32 * ActivePcrBanks);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, IN UINT32 ActivePcrBanks);
|
|
||||||
|
|
||||||
typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This,
|
|
||||||
OUT UINT32 * OperationPresent, OUT UINT32 * Response);
|
|
||||||
|
|
||||||
typedef struct tdEFI_TCG2_PROTOCOL {
|
|
||||||
EFI_TCG2_GET_CAPABILITY GetCapability;
|
|
||||||
EFI_TCG2_GET_EVENT_LOG GetEventLog;
|
|
||||||
EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
|
||||||
EFI_TCG2_SUBMIT_COMMAND SubmitCommand;
|
|
||||||
EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;
|
|
||||||
EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;
|
|
||||||
EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;
|
|
||||||
} EFI_TCG2;
|
|
||||||
|
|
||||||
#endif
|
#endif
|
||||||
|
|||||||
@ -17,28 +17,17 @@ static const char __attribute__((used)) magic[] = "#### LoaderInfo: systemd-stub
|
|||||||
|
|
||||||
EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
||||||
EFI_LOADED_IMAGE *loaded_image;
|
EFI_LOADED_IMAGE *loaded_image;
|
||||||
|
const CHAR8 *sections[] = {
|
||||||
enum {
|
(CHAR8 *)".cmdline",
|
||||||
SECTION_CMDLINE,
|
(CHAR8 *)".linux",
|
||||||
SECTION_LINUX,
|
(CHAR8 *)".initrd",
|
||||||
SECTION_INITRD,
|
(CHAR8 *)".splash",
|
||||||
SECTION_SPLASH,
|
NULL
|
||||||
_SECTION_MAX,
|
|
||||||
};
|
};
|
||||||
|
UINTN addrs[ELEMENTSOF(sections)-1] = {};
|
||||||
const CHAR8* const sections[] = {
|
UINTN szs[ELEMENTSOF(sections)-1] = {};
|
||||||
[SECTION_CMDLINE] = (const CHAR8*) ".cmdline",
|
|
||||||
[SECTION_LINUX] = (const CHAR8*) ".linux",
|
|
||||||
[SECTION_INITRD] = (const CHAR8*) ".initrd",
|
|
||||||
[SECTION_SPLASH] = (const CHAR8*) ".splash",
|
|
||||||
NULL,
|
|
||||||
};
|
|
||||||
|
|
||||||
EFI_PHYSICAL_ADDRESS linux_base, initrd_base;
|
|
||||||
UINTN cmdline_len = 0, initrd_size;
|
|
||||||
UINTN addrs[_SECTION_MAX] = {};
|
|
||||||
UINTN szs[_SECTION_MAX] = {};
|
|
||||||
CHAR8 *cmdline = NULL;
|
CHAR8 *cmdline = NULL;
|
||||||
|
UINTN cmdline_len;
|
||||||
CHAR16 uuid[37];
|
CHAR16 uuid[37];
|
||||||
EFI_STATUS err;
|
EFI_STATUS err;
|
||||||
|
|
||||||
@ -49,14 +38,14 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
|||||||
if (EFI_ERROR(err))
|
if (EFI_ERROR(err))
|
||||||
return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err);
|
return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err);
|
||||||
|
|
||||||
err = pe_memory_locate_sections(loaded_image->ImageBase, (const CHAR8**) sections, addrs, szs);
|
err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, szs);
|
||||||
if (EFI_ERROR(err))
|
if (EFI_ERROR(err))
|
||||||
return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err);
|
return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err);
|
||||||
|
|
||||||
if (szs[SECTION_CMDLINE] > 0) {
|
if (szs[0] > 0)
|
||||||
cmdline = (CHAR8*) loaded_image->ImageBase + addrs[SECTION_CMDLINE];
|
cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0];
|
||||||
cmdline_len = szs[SECTION_CMDLINE];
|
|
||||||
}
|
cmdline_len = szs[0];
|
||||||
|
|
||||||
/* if we are not in secure boot mode, or none was provided, accept a custom command line and replace the built-in one */
|
/* if we are not in secure boot mode, or none was provided, accept a custom command line and replace the built-in one */
|
||||||
if ((!secure_boot_enabled() || cmdline_len == 0) && loaded_image->LoadOptionsSize > 0 &&
|
if ((!secure_boot_enabled() || cmdline_len == 0) && loaded_image->LoadOptionsSize > 0 &&
|
||||||
@ -120,15 +109,12 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
|
|||||||
if (efivar_get_raw(LOADER_GUID, L"StubInfo", NULL, NULL) != EFI_SUCCESS)
|
if (efivar_get_raw(LOADER_GUID, L"StubInfo", NULL, NULL) != EFI_SUCCESS)
|
||||||
efivar_set(LOADER_GUID, L"StubInfo", L"systemd-stub " GIT_VERSION, 0);
|
efivar_set(LOADER_GUID, L"StubInfo", L"systemd-stub " GIT_VERSION, 0);
|
||||||
|
|
||||||
if (szs[SECTION_SPLASH] > 0)
|
if (szs[3] > 0)
|
||||||
graphics_splash((UINT8*) (UINTN) loaded_image->ImageBase + addrs[SECTION_SPLASH], szs[SECTION_SPLASH], NULL);
|
graphics_splash((UINT8 *)((UINTN)loaded_image->ImageBase + addrs[3]), szs[3], NULL);
|
||||||
|
|
||||||
linux_base = (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->ImageBase + addrs[SECTION_LINUX];
|
err = linux_exec(image, cmdline, cmdline_len,
|
||||||
|
(UINTN)loaded_image->ImageBase + addrs[1],
|
||||||
initrd_size = szs[SECTION_INITRD];
|
(UINTN)loaded_image->ImageBase + addrs[2], szs[2]);
|
||||||
initrd_base = initrd_size != 0 ? (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->ImageBase + addrs[SECTION_INITRD] : 0;
|
|
||||||
|
|
||||||
err = linux_exec(image, cmdline, cmdline_len, linux_base, initrd_base, initrd_size);
|
|
||||||
|
|
||||||
graphics_mode(FALSE);
|
graphics_mode(FALSE);
|
||||||
return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err);
|
return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err);
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user