diff options
| author | Alex <kavsrf@gmail.com> | 2016-08-15 17:11:31 +0200 |
|---|---|---|
| committer | Mounir IDRASSI <mounir.idrassi@idrix.fr> | 2016-08-15 17:14:26 +0200 |
| commit | b87fc6b140772ba3017de311c7063c259424264c (patch) | |
| tree | 41ad139e7469380704361ae757a155464e8b68e3 /DcsBml | |
| parent | 68ea2f72cfe6a9b34212ced97882e488c73c8f1d (diff) | |
| download | VeraCrypt-DCS-b87fc6b140772ba3017de311c7063c259424264c.tar.gz VeraCrypt-DCS-b87fc6b140772ba3017de311c7063c259424264c.zip | |
First public release. Used by VeraCrypt 1.18.VeraCrypt_1.18_PreRelease
Diffstat (limited to 'DcsBml')
| -rw-r--r-- | DcsBml/DcsBml.c | 124 | ||||
| -rw-r--r-- | DcsBml/DcsBml.inf | 67 |
2 files changed, 191 insertions, 0 deletions
diff --git a/DcsBml/DcsBml.c b/DcsBml/DcsBml.c new file mode 100644 index 0000000..3376936 --- /dev/null +++ b/DcsBml/DcsBml.c @@ -0,0 +1,124 @@ +/** @file
+ This is DCS boot menu lock application
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#include <Uefi.h>
+#include <Guid/EventGroup.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiRuntimeLib.h>
+#include <Library/BaseLib.h>
+#include <Library/UefiLib.h>
+
+typedef struct _BML_GLOBALS {
+ UINT64 Signature;
+ UINTN size;
+} BML_GLOBALS, *PBML_GLOBALS;
+
+STATIC PBML_GLOBALS gBmlData = NULL;
+STATIC BOOLEAN BootMenuLocked = TRUE;
+EFI_EVENT mBmlVirtualAddrChangeEvent;
+EFI_SET_VARIABLE orgSetVariable = NULL;
+
+EFI_STATUS
+BmlSetVaribale(
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT32 Attributes,
+ IN UINTN DataSize,
+ IN VOID *Data
+ ) {
+ // DcsBoot remove?
+ if (VariableName != NULL && StrStr(VariableName, L"BootDC5B") == VariableName && DataSize == 0) {
+ BootMenuLocked = FALSE;
+ }
+
+ if (BootMenuLocked) {
+ // Block all Boot*
+ if (VariableName != NULL && StrStr(VariableName, L"Boot") == VariableName) {
+ return EFI_ACCESS_DENIED;
+ }
+ }
+ return orgSetVariable(VariableName, VendorGuid, Attributes, DataSize, Data);
+}
+
+/**
+Fixup internal data so that EFI can be call in virtual mode.
+Call the passed in Child Notify event and convert any pointers in
+lib to virtual mode.
+
+@param[in] Event The Event that is being processed
+@param[in] Context Event Context
+**/
+
+VOID
+EFIAPI
+BmlVirtualNotifyEvent(
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EfiConvertPointer(0x0, (VOID**)&gBmlData);
+ EfiConvertPointer(0x0, (VOID**)&orgSetVariable);
+ return;
+}
+
+/**
+The actual entry point for the application.
+
+@param[in] ImageHandle The firmware allocated handle for the EFI image.
+@param[in] SystemTable A pointer to the EFI System Table.
+
+@retval EFI_SUCCESS The entry point executed successfully.
+@retval other Some error occur when executing this entry point.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlMain(
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS res;
+
+ res = gBS->AllocatePool(
+ EfiRuntimeServicesData,
+ (UINTN) sizeof(BML_GLOBALS),
+ (VOID**)&gBmlData
+ );
+
+ if (EFI_ERROR(res)) {
+ Print(L"Allocate runtime globals %r\n", res);
+ return res;
+ }
+
+ //
+ // Register for the virtual address change event
+ //
+ res = gBS->CreateEventEx(
+ EVT_NOTIFY_SIGNAL,
+ TPL_NOTIFY,
+ BmlVirtualNotifyEvent,
+ NULL,
+ &gEfiEventVirtualAddressChangeGuid,
+ &mBmlVirtualAddrChangeEvent
+ );
+
+ if (EFI_ERROR(res)) {
+ Print(L"Register notify %r\n", res);
+ return res;
+ }
+
+ orgSetVariable = gST->RuntimeServices->SetVariable;
+ gST->RuntimeServices->SetVariable = BmlSetVaribale;
+ return EFI_SUCCESS;
+}
diff --git a/DcsBml/DcsBml.inf b/DcsBml/DcsBml.inf new file mode 100644 index 0000000..10bdfda --- /dev/null +++ b/DcsBml/DcsBml.inf @@ -0,0 +1,67 @@ +## @file
+# This is DCS boot loader application
+#
+# Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+# Copyright (c) 2016. VeraCrypt, Mounir IDRASSI
+#
+# This program and the accompanying materials are licensed and made available
+# under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+#
+# The full text of the license may be found at
+# https://opensource.org/licenses/LGPL-3.0
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010006
+ BASE_NAME = DcsBml
+ FILE_GUID = E0A7843A-828F-4EDC-AC55-75FE3255ABA5
+ MODULE_TYPE = DXE_RUNTIME_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = DcsBmlMain
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ DcsBml.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+ DcsPkg/DcsPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ MemoryAllocationLib
+ UefiDriverEntryPoint
+ UefiLib
+ UefiRuntimeLib
+ UefiBootServicesTableLib
+
+[Guids]
+ gEfiGlobalVariableGuid
+ gEfiDcsVariableGuid
+ gEfiEventVirtualAddressChangeGuid
+
+[Protocols]
+ gEfiBlockIoProtocolGuid
+
+[BuildOptions.IA32]
+RELEASE_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+DEBUG_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+NOOPT_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+
+RELEASE_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+DEBUG_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+NOOPT_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
+
+[FeaturePcd]
+
+[Pcd]
+
+[Depex]
+ TRUE
|