Drop bundled copy of linux/if_arp.h

As far as I can see, we use this to get a list of ARPHRD_* defines (used in
particular for Type= in .link files). If we drop our copy, and build against
old kernel headers, the user will have a shorter list of types available.  This
seems OK, and I don't think it's worth carrying our own version of this file
just to have newest possible entries.

7c5b9952c4f6e2b72f90edbe439982528b7cf223 recently updated this file, but we'd
have to update it every time the kernel adds new entries. But if we look at
the failure carefully:

src/basic/arphrd-from-name.gperf:65:16: error: ‘ARPHRD_MCTP’ undeclared (first use in this function); did you mean ‘ARPHRD_FCPP’?
   65 | MCTP, ARPHRD_MCTP
      |                ^~
      |                ARPHRD_FCPP

we see that the list we were generating was from the system headers, so it was
only as good as the system headers anyway, without the newer entries in our
bundled copy, if there were any. So let's make things simpler by always using
system headers.

And if somebody wants to fix things so that we always have the newest list,
then we should just generate and store the converted list, not the full header.

src/basic/linux/if_arp.h

@@ -1,165 +0,0 @@
-/* SPDX-License-Identifier: GPL-2.0+ WITH Linux-syscall-note */
-/*
- * INET		An implementation of the TCP/IP protocol suite for the LINUX
- *		operating system.  INET is implemented using the  BSD Socket
- *		interface as the means of communication with the user level.
- *
- *		Global definitions for the ARP (RFC 826) protocol.
- *
- * Version:	@(#)if_arp.h	1.0.1	04/16/93
- *
- * Authors:	Original taken from Berkeley UNIX 4.3, (c) UCB 1986-1988
- *		Portions taken from the KA9Q/NOS (v2.00m PA0GRI) source.
- *		Ross Biro
- *		Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG>
- *		Florian La Roche,
- *		Jonathan Layes <layes@loran.com>
- *		Arnaldo Carvalho de Melo <acme@conectiva.com.br> ARPHRD_HWX25
- *
- *		This program is free software; you can redistribute it and/or
- *		modify it under the terms of the GNU General Public License
- *		as published by the Free Software Foundation; either version
- *		2 of the License, or (at your option) any later version.
- */
-#ifndef _UAPI_LINUX_IF_ARP_H
-#define _UAPI_LINUX_IF_ARP_H
-
-#include <linux/netdevice.h>
-
-/* ARP protocol HARDWARE identifiers. */
-#define ARPHRD_NETROM	0		/* from KA9Q: NET/ROM pseudo	*/
-#define ARPHRD_ETHER 	1		/* Ethernet 10Mbps		*/
-#define	ARPHRD_EETHER	2		/* Experimental Ethernet	*/
-#define	ARPHRD_AX25	3		/* AX.25 Level 2		*/
-#define	ARPHRD_PRONET	4		/* PROnet token ring		*/
-#define	ARPHRD_CHAOS	5		/* Chaosnet			*/
-#define	ARPHRD_IEEE802	6		/* IEEE 802.2 Ethernet/TR/TB	*/
-#define	ARPHRD_ARCNET	7		/* ARCnet			*/
-#define	ARPHRD_APPLETLK	8		/* APPLEtalk			*/
-#define ARPHRD_DLCI	15		/* Frame Relay DLCI		*/
-#define ARPHRD_ATM	19		/* ATM 				*/
-#define ARPHRD_METRICOM	23		/* Metricom STRIP (new IANA id)	*/
-#define	ARPHRD_IEEE1394	24		/* IEEE 1394 IPv4 - RFC 2734	*/
-#define ARPHRD_EUI64	27		/* EUI-64                       */
-#define ARPHRD_INFINIBAND 32		/* InfiniBand			*/
-
-/* Dummy types for non ARP hardware */
-#define ARPHRD_SLIP	256
-#define ARPHRD_CSLIP	257
-#define ARPHRD_SLIP6	258
-#define ARPHRD_CSLIP6	259
-#define ARPHRD_RSRVD	260		/* Notional KISS type 		*/
-#define ARPHRD_ADAPT	264
-#define ARPHRD_ROSE	270
-#define ARPHRD_X25	271		/* CCITT X.25			*/
-#define ARPHRD_HWX25	272		/* Boards with X.25 in firmware	*/
-#define ARPHRD_CAN	280		/* Controller Area Network      */
-#define ARPHRD_MCTP	290
-#define ARPHRD_PPP	512
-#define ARPHRD_CISCO	513		/* Cisco HDLC	 		*/
-#define ARPHRD_HDLC	ARPHRD_CISCO
-#define ARPHRD_LAPB	516		/* LAPB				*/
-#define ARPHRD_DDCMP    517		/* Digital's DDCMP protocol     */
-#define ARPHRD_RAWHDLC	518		/* Raw HDLC			*/
-#define ARPHRD_RAWIP    519		/* Raw IP                       */
-
-#define ARPHRD_TUNNEL	768		/* IPIP tunnel			*/
-#define ARPHRD_TUNNEL6	769		/* IP6IP6 tunnel       		*/
-#define ARPHRD_FRAD	770             /* Frame Relay Access Device    */
-#define ARPHRD_SKIP	771		/* SKIP vif			*/
-#define ARPHRD_LOOPBACK	772		/* Loopback device		*/
-#define ARPHRD_LOCALTLK 773		/* Localtalk device		*/
-#define ARPHRD_FDDI	774		/* Fiber Distributed Data Interface */
-#define ARPHRD_BIF      775             /* AP1000 BIF                   */
-#define ARPHRD_SIT	776		/* sit0 device - IPv6-in-IPv4	*/
-#define ARPHRD_IPDDP	777		/* IP over DDP tunneller	*/
-#define ARPHRD_IPGRE	778		/* GRE over IP			*/
-#define ARPHRD_PIMREG	779		/* PIMSM register interface	*/
-#define ARPHRD_HIPPI	780		/* High Performance Parallel Interface */
-#define ARPHRD_ASH	781		/* Nexus 64Mbps Ash		*/
-#define ARPHRD_ECONET	782		/* Acorn Econet			*/
-#define ARPHRD_IRDA 	783		/* Linux-IrDA			*/
-/* ARP works differently on different FC media .. so  */
-#define ARPHRD_FCPP	784		/* Point to point fibrechannel	*/
-#define ARPHRD_FCAL	785		/* Fibrechannel arbitrated loop */
-#define ARPHRD_FCPL	786		/* Fibrechannel public loop	*/
-#define ARPHRD_FCFABRIC	787		/* Fibrechannel fabric		*/
-	/* 787->799 reserved for fibrechannel media types */
-#define ARPHRD_IEEE802_TR 800		/* Magic type ident for TR	*/
-#define ARPHRD_IEEE80211 801		/* IEEE 802.11			*/
-#define ARPHRD_IEEE80211_PRISM 802	/* IEEE 802.11 + Prism2 header  */
-#define ARPHRD_IEEE80211_RADIOTAP 803	/* IEEE 802.11 + radiotap header */
-#define ARPHRD_IEEE802154	  804
-#define ARPHRD_IEEE802154_MONITOR 805	/* IEEE 802.15.4 network monitor */
-
-#define ARPHRD_PHONET	820		/* PhoNet media type		*/
-#define ARPHRD_PHONET_PIPE 821		/* PhoNet pipe header		*/
-#define ARPHRD_CAIF	822		/* CAIF media type		*/
-#define ARPHRD_IP6GRE	823		/* GRE over IPv6		*/
-#define ARPHRD_NETLINK	824		/* Netlink header		*/
-#define ARPHRD_6LOWPAN	825		/* IPv6 over LoWPAN             */
-#define ARPHRD_VSOCKMON	826		/* Vsock monitor header		*/
-
-#define ARPHRD_VOID	  0xFFFF	/* Void type, nothing is known */
-#define ARPHRD_NONE	  0xFFFE	/* zero header length */
-
-/* ARP protocol opcodes. */
-#define	ARPOP_REQUEST	1		/* ARP request			*/
-#define	ARPOP_REPLY	2		/* ARP reply			*/
-#define	ARPOP_RREQUEST	3		/* RARP request			*/
-#define	ARPOP_RREPLY	4		/* RARP reply			*/
-#define	ARPOP_InREQUEST	8		/* InARP request		*/
-#define	ARPOP_InREPLY	9		/* InARP reply			*/
-#define	ARPOP_NAK	10		/* (ATM)ARP NAK			*/
-
-
-/* ARP ioctl request. */
-struct arpreq {
-	struct sockaddr	arp_pa;		/* protocol address		 */
-	struct sockaddr	arp_ha;		/* hardware address		 */
-	int		arp_flags;	/* flags			 */
-	struct sockaddr arp_netmask;    /* netmask (only for proxy arps) */
-	char		arp_dev[IFNAMSIZ];
-};
-
-struct arpreq_old {
-	struct sockaddr	arp_pa;		/* protocol address		 */
-	struct sockaddr	arp_ha;		/* hardware address		 */
-	int		arp_flags;	/* flags			 */
-	struct sockaddr	arp_netmask;    /* netmask (only for proxy arps) */
-};
-
-/* ARP Flag values. */
-#define ATF_COM		0x02		/* completed entry (ha valid)	*/
-#define	ATF_PERM	0x04		/* permanent entry		*/
-#define	ATF_PUBL	0x08		/* publish entry		*/
-#define	ATF_USETRAILERS	0x10		/* has requested trailers	*/
-#define ATF_NETMASK     0x20            /* want to use a netmask (only
-					   for proxy entries) */
-#define ATF_DONTPUB	0x40		/* don't answer this addresses	*/
-
-/*
- *	This structure defines an ethernet arp header.
- */
-
-struct arphdr {
-	__be16		ar_hrd;		/* format of hardware address	*/
-	__be16		ar_pro;		/* format of protocol address	*/
-	unsigned char	ar_hln;		/* length of hardware address	*/
-	unsigned char	ar_pln;		/* length of protocol address	*/
-	__be16		ar_op;		/* ARP opcode (command)		*/
-
-#if 0
-	 /*
-	  *	 Ethernet looks like this : This bit is variable sized however...
-	  */
-	unsigned char		ar_sha[ETH_ALEN];	/* sender hardware address	*/
-	unsigned char		ar_sip[4];		/* sender IP address		*/
-	unsigned char		ar_tha[ETH_ALEN];	/* target hardware address	*/
-	unsigned char		ar_tip[4];		/* target IP address		*/
-#endif
-
-};
-
-
-#endif /* _UAPI_LINUX_IF_ARP_H */

src/basic/meson.build

@@ -88,7 +88,6 @@ basic_sources = files('''
         linux/hdlc/ioctl.h
         linux/if.h
         linux/if_addr.h
-        linux/if_arp.h
         linux/if_bonding.h
         linux/if_bridge.h
         linux/if_ether.h

src/boot/efi/boot.c

@@ -912,14 +912,11 @@ static VOID config_add_entry(Config *config, ConfigEntry *entry) {
         assert(entry);
 
         if ((config->entry_count & 15) == 0) {
-                UINTN i;
+                UINTN i = config->entry_count + 16;
-
+                config->entries = ReallocatePool(
-                i = config->entry_count + 16;
+                                config->entries,
-                if (config->entry_count == 0)
+                                sizeof(VOID *) * config->entry_count,
-                        config->entries = AllocatePool(sizeof(VOID *) * i);
+                                sizeof(VOID *) * i);
-                else
-                        config->entries = ReallocatePool(config->entries,
-                                                         sizeof(VOID *) * config->entry_count, sizeof(VOID *) * i);
         }
         config->entries[config->entry_count++] = entry;
 }
@@ -1492,7 +1489,7 @@ static VOID config_load_entries(
                 EFI_FILE *root_dir,
                 CHAR16 *loaded_image_path) {
 
-        EFI_FILE_HANDLE entries_dir;
+        _cleanup_(FileHandleClosep) EFI_FILE_HANDLE entries_dir = NULL;
         EFI_STATUS err;
 
         assert(config);
@@ -1501,7 +1498,9 @@ static VOID config_load_entries(
         assert(loaded_image_path);
 
         err = uefi_call_wrapper(root_dir->Open, 5, root_dir, &entries_dir, (CHAR16*) L"\\loader\\entries", EFI_FILE_MODE_READ, 0ULL);
-        if (!EFI_ERROR(err)) {
+        if (EFI_ERROR(err))
+                return;
+
         for (;;) {
                 CHAR16 buf[256];
                 UINTN bufsize;
@@ -1528,8 +1527,6 @@ static VOID config_load_entries(
                 if (!EFI_ERROR(err))
                         config_entry_add_from_file(config, device, root_dir, L"\\loader\\entries", f->FileName, content, loaded_image_path);
         }
-                uefi_call_wrapper(entries_dir->Close, 1, entries_dir);
-        }
 }
 
 static INTN config_entry_compare(ConfigEntry *a, ConfigEntry *b) {
@@ -1980,7 +1977,7 @@ static VOID config_entry_add_linux(
                 EFI_HANDLE *device,
                 EFI_FILE *root_dir) {
 
-        EFI_FILE_HANDLE linux_dir;
+        _cleanup_(FileHandleClosep) EFI_FILE_HANDLE linux_dir = NULL;
         EFI_STATUS err;
         ConfigEntry *entry;
 
@@ -2110,8 +2107,6 @@ static VOID config_entry_add_linux(
                 FreePool(os_build_id);
                 FreePool(content);
         }
-
-        uefi_call_wrapper(linux_dir->Close, 1, linux_dir);
 }
 
 #define XBOOTLDR_GUID \

src/boot/efi/measure.c

@@ -7,260 +7,102 @@
 
 #include "macro-fundamental.h"
 #include "measure.h"
+#include "missing_efi.h"
+#include "util.h"
 
-#define EFI_TCG_GUID \
+static EFI_STATUS tpm1_measure_to_pcr_and_event_log(
-        &(const EFI_GUID) { 0xf541796d, 0xa62e, 0x4954, { 0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }
+                const EFI_TCG *tcg,
+                UINT32 pcrindex,
+                EFI_PHYSICAL_ADDRESS buffer,
+                UINTN buffer_size,
+                const CHAR16 *description) {
 
-typedef struct _TCG_VERSION {
+        _cleanup_freepool_ TCG_PCR_EVENT *tcg_event = NULL;
-        UINT8 Major;
-        UINT8 Minor;
-        UINT8 RevMajor;
-        UINT8 RevMinor;
-} TCG_VERSION;
-
-typedef struct tdEFI_TCG2_VERSION {
-        UINT8 Major;
-        UINT8 Minor;
-} EFI_TCG2_VERSION;
-
-typedef struct _TCG_BOOT_SERVICE_CAPABILITY {
-        UINT8 Size;
-        struct _TCG_VERSION StructureVersion;
-        struct _TCG_VERSION ProtocolSpecVersion;
-        UINT8 HashAlgorithmBitmap;
-        BOOLEAN TPMPresentFlag;
-        BOOLEAN TPMDeactivatedFlag;
-} TCG_BOOT_SERVICE_CAPABILITY;
-
-typedef struct tdTREE_BOOT_SERVICE_CAPABILITY {
-        UINT8 Size;
-        EFI_TCG2_VERSION StructureVersion;
-        EFI_TCG2_VERSION ProtocolVersion;
-        UINT32 HashAlgorithmBitmap;
-        UINT32 SupportedEventLogs;
-        BOOLEAN TrEEPresentFlag;
-        UINT16 MaxCommandSize;
-        UINT16 MaxResponseSize;
-        UINT32 ManufacturerID;
-} TREE_BOOT_SERVICE_CAPABILITY;
-
-typedef UINT32 TCG_ALGORITHM_ID;
-#define TCG_ALG_SHA 0x00000004  // The SHA1 algorithm
-
-#define SHA1_DIGEST_SIZE 20
-
-typedef struct _TCG_DIGEST {
-        UINT8 Digest[SHA1_DIGEST_SIZE];
-} TCG_DIGEST;
-
-#define EV_IPL 13
-
-typedef struct _TCG_PCR_EVENT {
-        UINT32 PCRIndex;
-        UINT32 EventType;
-        struct _TCG_DIGEST digest;
-        UINT32 EventSize;
-        UINT8 Event[1];
-} TCG_PCR_EVENT;
-
-INTERFACE_DECL(_EFI_TCG);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG_STATUS_CHECK) (IN struct _EFI_TCG * This,
-                                                   OUT struct _TCG_BOOT_SERVICE_CAPABILITY * ProtocolCapability,
-                                                   OUT UINT32 * TCGFeatureFlags,
-                                                   OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
-                                                   OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_ALL) (IN struct _EFI_TCG * This,
-                                               IN UINT8 * HashData,
-                                               IN UINT64 HashDataLen,
-                                               IN TCG_ALGORITHM_ID AlgorithmId,
-                                               IN OUT UINT64 * HashedDataLen, IN OUT UINT8 ** HashedDataResult);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG_LOG_EVENT) (IN struct _EFI_TCG * This,
-                                                IN struct _TCG_PCR_EVENT * TCGLogData,
-                                                IN OUT UINT32 * EventNumber, IN UINT32 Flags);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG_PASS_THROUGH_TO_TPM) (IN struct _EFI_TCG * This,
-                                                          IN UINT32 TpmInputParameterBlockSize,
-                                                          IN UINT8 * TpmInputParameterBlock,
-                                                          IN UINT32 TpmOutputParameterBlockSize,
-                                                          IN UINT8 * TpmOutputParameterBlock);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_LOG_EXTEND_EVENT) (IN struct _EFI_TCG * This,
-                                                            IN EFI_PHYSICAL_ADDRESS HashData,
-                                                            IN UINT64 HashDataLen,
-                                                            IN TCG_ALGORITHM_ID AlgorithmId,
-                                                            IN struct _TCG_PCR_EVENT * TCGLogData,
-                                                            IN OUT UINT32 * EventNumber,
-                                                            OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
-
-typedef struct _EFI_TCG {
-        EFI_TCG_STATUS_CHECK StatusCheck;
-        EFI_TCG_HASH_ALL HashAll;
-        EFI_TCG_LOG_EVENT LogEvent;
-        EFI_TCG_PASS_THROUGH_TO_TPM PassThroughToTPM;
-        EFI_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
-} EFI_TCG;
-
-#define EFI_TCG2_GUID \
-        &(const EFI_GUID) { 0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }
-
-typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;
-
-typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;
-typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;
-typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;
-
-typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
-        UINT8 Size;
-        EFI_TCG2_VERSION StructureVersion;
-        EFI_TCG2_VERSION ProtocolVersion;
-        EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
-        EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
-        BOOLEAN TPMPresentFlag;
-        UINT16 MaxCommandSize;
-        UINT16 MaxResponseSize;
-        UINT32 ManufacturerID;
-        UINT32 NumberOfPCRBanks;
-        EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
-} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
-
-#define EFI_TCG2_EVENT_HEADER_VERSION  1
-
-typedef struct {
-        UINT32 HeaderSize;
-        UINT16 HeaderVersion;
-        UINT32 PCRIndex;
-        UINT32 EventType;
-} _packed_ EFI_TCG2_EVENT_HEADER;
-
-typedef struct tdEFI_TCG2_EVENT {
-        UINT32 Size;
-        EFI_TCG2_EVENT_HEADER Header;
-        UINT8 Event[1];
-} _packed_ EFI_TCG2_EVENT;
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_CAPABILITY) (IN EFI_TCG2_PROTOCOL * This,
-                                                      IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY * ProtocolCapability);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_EVENT_LOG) (IN EFI_TCG2_PROTOCOL * This,
-                                                     IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
-                                                     OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
-                                                     OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry,
-                                                     OUT BOOLEAN * EventLogTruncated);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (IN EFI_TCG2_PROTOCOL * This,
-                                                             IN UINT64 Flags,
-                                                             IN EFI_PHYSICAL_ADDRESS DataToHash,
-                                                             IN UINT64 DataToHashLen, IN EFI_TCG2_EVENT * EfiTcgEvent);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_SUBMIT_COMMAND) (IN EFI_TCG2_PROTOCOL * This,
-                                                      IN UINT32 InputParameterBlockSize,
-                                                      IN UINT8 * InputParameterBlock,
-                                                      IN UINT32 OutputParameterBlockSize, IN UINT8 * OutputParameterBlock);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, OUT UINT32 * ActivePcrBanks);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, IN UINT32 ActivePcrBanks);
-
-typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This,
-                                                                          OUT UINT32 * OperationPresent, OUT UINT32 * Response);
-
-typedef struct tdEFI_TCG2_PROTOCOL {
-        EFI_TCG2_GET_CAPABILITY GetCapability;
-        EFI_TCG2_GET_EVENT_LOG GetEventLog;
-        EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
-        EFI_TCG2_SUBMIT_COMMAND SubmitCommand;
-        EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;
-        EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;
-        EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;
-} EFI_TCG2;
-
-static EFI_STATUS tpm1_measure_to_pcr_and_event_log(const EFI_TCG *tcg, UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer,
-                                                    UINTN buffer_size, const CHAR16 *description) {
-        EFI_STATUS status;
-        TCG_PCR_EVENT *tcg_event;
-        UINT32 event_number;
         EFI_PHYSICAL_ADDRESS event_log_last;
+        UINT32 event_number = 1;
         UINTN desc_len;
 
         assert(tcg);
         assert(description);
 
         desc_len = StrSize(description);
-        tcg_event = AllocateZeroPool(desc_len + sizeof(TCG_PCR_EVENT));
+        tcg_event = AllocateZeroPool(OFFSETOF(TCG_PCR_EVENT, Event) + desc_len);
-
         if (!tcg_event)
                 return EFI_OUT_OF_RESOURCES;
 
-        tcg_event->EventSize = desc_len;
+        *tcg_event = (TCG_PCR_EVENT) {
-        CopyMem((VOID *) & tcg_event->Event[0], (VOID *) description, desc_len);
+                .EventSize = desc_len,
+                .PCRIndex = pcrindex,
+                .EventType = EV_IPL,
+        };
+        CopyMem(tcg_event->Event, description, desc_len);
 
-        tcg_event->PCRIndex = pcrindex;
+        return uefi_call_wrapper(
-        tcg_event->EventType = EV_IPL;
+                        tcg->HashLogExtendEvent, 7,
-
+                        (EFI_TCG *) tcg,
-        event_number = 1;
+                        buffer, buffer_size,
-        status = uefi_call_wrapper(tcg->HashLogExtendEvent, 7,
+                        TCG_ALG_SHA,
-                                   (EFI_TCG *) tcg, buffer, buffer_size, TCG_ALG_SHA, tcg_event, &event_number, &event_log_last);
+                        tcg_event,
-
+                        &event_number,
-        if (EFI_ERROR(status))
+                        &event_log_last);
-                return status;
-
-        uefi_call_wrapper(BS->FreePool, 1, tcg_event);
-
-        return EFI_SUCCESS;
 }
 
-static EFI_STATUS tpm2_measure_to_pcr_and_event_log(const EFI_TCG2 *tcg, UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer,
+static EFI_STATUS tpm2_measure_to_pcr_and_event_log(
-                                                    UINT64 buffer_size, const CHAR16 *description) {
+                EFI_TCG2 *tcg,
-        EFI_STATUS status;
+                UINT32 pcrindex,
-        EFI_TCG2_EVENT *tcg_event;
+                EFI_PHYSICAL_ADDRESS buffer,
+                UINT64 buffer_size,
+                const CHAR16 *description) {
+
+        _cleanup_freepool_ EFI_TCG2_EVENT *tcg_event = NULL;
         UINTN desc_len;
 
         assert(tcg);
         assert(description);
 
         desc_len = StrSize(description);
-        tcg_event = AllocateZeroPool(sizeof(*tcg_event) - sizeof(tcg_event->Event) + desc_len);
+        tcg_event = AllocateZeroPool(OFFSETOF(EFI_TCG2_EVENT, Event) + desc_len);
-
         if (!tcg_event)
                 return EFI_OUT_OF_RESOURCES;
 
-        tcg_event->Size = sizeof(*tcg_event) - sizeof(tcg_event->Event) + desc_len;
+        *tcg_event = (EFI_TCG2_EVENT) {
-        tcg_event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
+                .Size = OFFSETOF(EFI_TCG2_EVENT, Event) + desc_len,
-        tcg_event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
+                .Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER),
-        tcg_event->Header.PCRIndex = pcrindex;
+                .Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION,
-        tcg_event->Header.EventType = EV_IPL;
+                .Header.PCRIndex = pcrindex,
+                .Header.EventType = EV_IPL,
+        };
 
-        CopyMem((VOID *) tcg_event->Event, (VOID *) description, desc_len);
+        CopyMem(tcg_event->Event, description, desc_len);
 
-        status = uefi_call_wrapper(tcg->HashLogExtendEvent, 5, (EFI_TCG2 *) tcg, 0, buffer, (UINT64) buffer_size, tcg_event);
+        return uefi_call_wrapper(
-
+                        tcg->HashLogExtendEvent, 5,
-        uefi_call_wrapper(BS->FreePool, 1, tcg_event);
+                        tcg,
-
+                        0,
-        if (EFI_ERROR(status))
+                        buffer, buffer_size,
-                return status;
+                        tcg_event);
-
-        return EFI_SUCCESS;
 }
 
-static EFI_TCG * tcg1_interface_check(void) {
+static EFI_TCG *tcg1_interface_check(void) {
+        EFI_PHYSICAL_ADDRESS event_log_location, event_log_last_entry;
+        TCG_BOOT_SERVICE_CAPABILITY capability = {
+                .Size = sizeof(capability),
+        };
         EFI_STATUS status;
-        EFI_TCG *tcg;
-        TCG_BOOT_SERVICE_CAPABILITY capability;
         UINT32 features;
-        EFI_PHYSICAL_ADDRESS event_log_location;
+        EFI_TCG *tcg;
-        EFI_PHYSICAL_ADDRESS event_log_last_entry;
 
         status = LibLocateProtocol((EFI_GUID*) EFI_TCG_GUID, (void **) &tcg);
-
         if (EFI_ERROR(status))
                 return NULL;
 
-        capability.Size = (UINT8) sizeof(capability);
+        status = uefi_call_wrapper(
-        status = uefi_call_wrapper(tcg->StatusCheck, 5, tcg, &capability, &features, &event_log_location, &event_log_last_entry);
+                        tcg->StatusCheck, 5,
-
+                        tcg,
+                        &capability,
+                        &features,
+                        &event_log_location,
+                        &event_log_last_entry);
         if (EFI_ERROR(status))
                 return NULL;
 
@@ -274,25 +116,24 @@ static EFI_TCG * tcg1_interface_check(void) {
 }
 
 static EFI_TCG2 * tcg2_interface_check(void) {
+        EFI_TCG2_BOOT_SERVICE_CAPABILITY capability = {
+                .Size = sizeof(capability),
+        };
         EFI_STATUS status;
         EFI_TCG2 *tcg;
-        EFI_TCG2_BOOT_SERVICE_CAPABILITY capability;
 
         status = LibLocateProtocol((EFI_GUID*) EFI_TCG2_GUID, (void **) &tcg);
-
         if (EFI_ERROR(status))
                 return NULL;
 
-        capability.Size = (UINT8) sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);
         status = uefi_call_wrapper(tcg->GetCapability, 2, tcg, &capability);
-
         if (EFI_ERROR(status))
                 return NULL;
 
         if (capability.StructureVersion.Major == 1 &&
             capability.StructureVersion.Minor == 0) {
-                TCG_BOOT_SERVICE_CAPABILITY *caps_1_0;
+                TCG_BOOT_SERVICE_CAPABILITY *caps_1_0 =
-                caps_1_0 = (TCG_BOOT_SERVICE_CAPABILITY *)&capability;
+                        (TCG_BOOT_SERVICE_CAPABILITY*) &capability;
                 if (caps_1_0->TPMPresentFlag)
                         return tcg;
         }

src/boot/efi/missing_efi.h

@@ -3,6 +3,8 @@
 
 #include <efi.h>
 
+#include "macro-fundamental.h"
+
 #ifndef EFI_RNG_PROTOCOL_GUID
 
 #define EFI_RNG_PROTOCOL_GUID                                           \
@@ -159,4 +161,173 @@ struct _EFI_DT_FIXUP_PROTOCOL {
         EFI_DT_FIXUP   Fixup;
 };
 
+#define EFI_TCG_GUID \
+        &(const EFI_GUID) { 0xf541796d, 0xa62e, 0x4954, { 0xa7, 0x75, 0x95, 0x84, 0xf6, 0x1b, 0x9c, 0xdd } }
+
+typedef struct _TCG_VERSION {
+        UINT8 Major;
+        UINT8 Minor;
+        UINT8 RevMajor;
+        UINT8 RevMinor;
+} TCG_VERSION;
+
+typedef struct tdEFI_TCG2_VERSION {
+        UINT8 Major;
+        UINT8 Minor;
+} EFI_TCG2_VERSION;
+
+typedef struct _TCG_BOOT_SERVICE_CAPABILITY {
+        UINT8 Size;
+        struct _TCG_VERSION StructureVersion;
+        struct _TCG_VERSION ProtocolSpecVersion;
+        UINT8 HashAlgorithmBitmap;
+        BOOLEAN TPMPresentFlag;
+        BOOLEAN TPMDeactivatedFlag;
+} TCG_BOOT_SERVICE_CAPABILITY;
+
+typedef struct tdTREE_BOOT_SERVICE_CAPABILITY {
+        UINT8 Size;
+        EFI_TCG2_VERSION StructureVersion;
+        EFI_TCG2_VERSION ProtocolVersion;
+        UINT32 HashAlgorithmBitmap;
+        UINT32 SupportedEventLogs;
+        BOOLEAN TrEEPresentFlag;
+        UINT16 MaxCommandSize;
+        UINT16 MaxResponseSize;
+        UINT32 ManufacturerID;
+} TREE_BOOT_SERVICE_CAPABILITY;
+
+typedef UINT32 TCG_ALGORITHM_ID;
+#define TCG_ALG_SHA 0x00000004  // The SHA1 algorithm
+
+#define SHA1_DIGEST_SIZE 20
+
+typedef struct _TCG_DIGEST {
+        UINT8 Digest[SHA1_DIGEST_SIZE];
+} TCG_DIGEST;
+
+#define EV_IPL 13
+
+typedef struct _TCG_PCR_EVENT {
+        UINT32 PCRIndex;
+        UINT32 EventType;
+        struct _TCG_DIGEST digest;
+        UINT32 EventSize;
+        UINT8 Event[1];
+} TCG_PCR_EVENT;
+
+INTERFACE_DECL(_EFI_TCG);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG_STATUS_CHECK) (IN struct _EFI_TCG * This,
+                                                   OUT struct _TCG_BOOT_SERVICE_CAPABILITY * ProtocolCapability,
+                                                   OUT UINT32 * TCGFeatureFlags,
+                                                   OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
+                                                   OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_ALL) (IN struct _EFI_TCG * This,
+                                               IN UINT8 * HashData,
+                                               IN UINT64 HashDataLen,
+                                               IN TCG_ALGORITHM_ID AlgorithmId,
+                                               IN OUT UINT64 * HashedDataLen, IN OUT UINT8 ** HashedDataResult);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG_LOG_EVENT) (IN struct _EFI_TCG * This,
+                                                IN struct _TCG_PCR_EVENT * TCGLogData,
+                                                IN OUT UINT32 * EventNumber, IN UINT32 Flags);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG_PASS_THROUGH_TO_TPM) (IN struct _EFI_TCG * This,
+                                                          IN UINT32 TpmInputParameterBlockSize,
+                                                          IN UINT8 * TpmInputParameterBlock,
+                                                          IN UINT32 TpmOutputParameterBlockSize,
+                                                          IN UINT8 * TpmOutputParameterBlock);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG_HASH_LOG_EXTEND_EVENT) (IN struct _EFI_TCG * This,
+                                                            IN EFI_PHYSICAL_ADDRESS HashData,
+                                                            IN UINT64 HashDataLen,
+                                                            IN TCG_ALGORITHM_ID AlgorithmId,
+                                                            IN struct _TCG_PCR_EVENT * TCGLogData,
+                                                            IN OUT UINT32 * EventNumber,
+                                                            OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry);
+
+typedef struct _EFI_TCG {
+        EFI_TCG_STATUS_CHECK StatusCheck;
+        EFI_TCG_HASH_ALL HashAll;
+        EFI_TCG_LOG_EVENT LogEvent;
+        EFI_TCG_PASS_THROUGH_TO_TPM PassThroughToTPM;
+        EFI_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
+} EFI_TCG;
+
+#define EFI_TCG2_GUID \
+        &(const EFI_GUID) { 0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f } }
+
+typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;
+
+typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;
+typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;
+typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;
+
+typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
+        UINT8 Size;
+        EFI_TCG2_VERSION StructureVersion;
+        EFI_TCG2_VERSION ProtocolVersion;
+        EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
+        EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
+        BOOLEAN TPMPresentFlag;
+        UINT16 MaxCommandSize;
+        UINT16 MaxResponseSize;
+        UINT32 ManufacturerID;
+        UINT32 NumberOfPCRBanks;
+        EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
+} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
+
+#define EFI_TCG2_EVENT_HEADER_VERSION  1
+
+typedef struct {
+        UINT32 HeaderSize;
+        UINT16 HeaderVersion;
+        UINT32 PCRIndex;
+        UINT32 EventType;
+} _packed_ EFI_TCG2_EVENT_HEADER;
+
+typedef struct tdEFI_TCG2_EVENT {
+        UINT32 Size;
+        EFI_TCG2_EVENT_HEADER Header;
+        UINT8 Event[1];
+} _packed_ EFI_TCG2_EVENT;
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_CAPABILITY) (IN EFI_TCG2_PROTOCOL * This,
+                                                      IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY * ProtocolCapability);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_EVENT_LOG) (IN EFI_TCG2_PROTOCOL * This,
+                                                     IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
+                                                     OUT EFI_PHYSICAL_ADDRESS * EventLogLocation,
+                                                     OUT EFI_PHYSICAL_ADDRESS * EventLogLastEntry,
+                                                     OUT BOOLEAN * EventLogTruncated);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (IN EFI_TCG2_PROTOCOL * This,
+                                                             IN UINT64 Flags,
+                                                             IN EFI_PHYSICAL_ADDRESS DataToHash,
+                                                             IN UINT64 DataToHashLen, IN EFI_TCG2_EVENT * EfiTcgEvent);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_SUBMIT_COMMAND) (IN EFI_TCG2_PROTOCOL * This,
+                                                      IN UINT32 InputParameterBlockSize,
+                                                      IN UINT8 * InputParameterBlock,
+                                                      IN UINT32 OutputParameterBlockSize, IN UINT8 * OutputParameterBlock);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, OUT UINT32 * ActivePcrBanks);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This, IN UINT32 ActivePcrBanks);
+
+typedef EFI_STATUS(EFIAPI * EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (IN EFI_TCG2_PROTOCOL * This,
+                                                                          OUT UINT32 * OperationPresent, OUT UINT32 * Response);
+
+typedef struct tdEFI_TCG2_PROTOCOL {
+        EFI_TCG2_GET_CAPABILITY GetCapability;
+        EFI_TCG2_GET_EVENT_LOG GetEventLog;
+        EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
+        EFI_TCG2_SUBMIT_COMMAND SubmitCommand;
+        EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;
+        EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;
+        EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;
+} EFI_TCG2;
+
 #endif

src/boot/efi/stub.c

@@ -17,17 +17,28 @@ static const char __attribute__((used)) magic[] = "#### LoaderInfo: systemd-stub
 
 EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
         EFI_LOADED_IMAGE *loaded_image;
-        const CHAR8 *sections[] = {
+
-                (CHAR8 *)".cmdline",
+        enum {
-                (CHAR8 *)".linux",
+                SECTION_CMDLINE,
-                (CHAR8 *)".initrd",
+                SECTION_LINUX,
-                (CHAR8 *)".splash",
+                SECTION_INITRD,
-                NULL
+                SECTION_SPLASH,
+                _SECTION_MAX,
         };
-        UINTN addrs[ELEMENTSOF(sections)-1] = {};
+
-        UINTN szs[ELEMENTSOF(sections)-1] = {};
+        const CHAR8* const sections[] = {
+                [SECTION_CMDLINE] = (const CHAR8*) ".cmdline",
+                [SECTION_LINUX]   = (const CHAR8*) ".linux",
+                [SECTION_INITRD]  = (const CHAR8*) ".initrd",
+                [SECTION_SPLASH]  = (const CHAR8*) ".splash",
+                NULL,
+        };
+
+        EFI_PHYSICAL_ADDRESS linux_base, initrd_base;
+        UINTN cmdline_len = 0, initrd_size;
+        UINTN addrs[_SECTION_MAX] = {};
+        UINTN szs[_SECTION_MAX] = {};
         CHAR8 *cmdline = NULL;
-        UINTN cmdline_len;
         CHAR16 uuid[37];
         EFI_STATUS err;
 
@@ -38,14 +49,14 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
         if (EFI_ERROR(err))
                 return log_error_status_stall(err, L"Error getting a LoadedImageProtocol handle: %r", err);
 
-        err = pe_memory_locate_sections(loaded_image->ImageBase, sections, addrs, szs);
+        err = pe_memory_locate_sections(loaded_image->ImageBase, (const CHAR8**) sections, addrs, szs);
         if (EFI_ERROR(err))
                 return log_error_status_stall(err, L"Unable to locate embedded .linux section: %r", err);
 
-        if (szs[0] > 0)
+        if (szs[SECTION_CMDLINE] > 0) {
-                cmdline = (CHAR8 *)(loaded_image->ImageBase) + addrs[0];
+                cmdline = (CHAR8*) loaded_image->ImageBase + addrs[SECTION_CMDLINE];
-
+                cmdline_len = szs[SECTION_CMDLINE];
-        cmdline_len = szs[0];
+        }
 
         /* if we are not in secure boot mode, or none was provided, accept a custom command line and replace the built-in one */
         if ((!secure_boot_enabled() || cmdline_len == 0) && loaded_image->LoadOptionsSize > 0 &&
@@ -109,12 +120,15 @@ EFI_STATUS efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *sys_table) {
         if (efivar_get_raw(LOADER_GUID, L"StubInfo", NULL, NULL) != EFI_SUCCESS)
                 efivar_set(LOADER_GUID, L"StubInfo", L"systemd-stub " GIT_VERSION, 0);
 
-        if (szs[3] > 0)
+        if (szs[SECTION_SPLASH] > 0)
-                graphics_splash((UINT8 *)((UINTN)loaded_image->ImageBase + addrs[3]), szs[3], NULL);
+                graphics_splash((UINT8*) (UINTN) loaded_image->ImageBase + addrs[SECTION_SPLASH], szs[SECTION_SPLASH], NULL);
 
-        err = linux_exec(image, cmdline, cmdline_len,
+        linux_base = (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->ImageBase + addrs[SECTION_LINUX];
-                         (UINTN)loaded_image->ImageBase + addrs[1],
+
-                         (UINTN)loaded_image->ImageBase + addrs[2], szs[2]);
+        initrd_size = szs[SECTION_INITRD];
+        initrd_base = initrd_size != 0 ? (EFI_PHYSICAL_ADDRESS) (UINTN) loaded_image->ImageBase + addrs[SECTION_INITRD] : 0;
+
+        err = linux_exec(image, cmdline, cmdline_len, linux_base, initrd_base, initrd_size);
 
         graphics_mode(FALSE);
         return log_error_status_stall(err, L"Execution of embedded linux image failed: %r", err);