diff options
Diffstat (limited to 'DcsBml')
-rw-r--r-- | DcsBml/ComponentName.c | 136 | ||||
-rw-r--r-- | DcsBml/ComponentName.h | 92 | ||||
-rw-r--r-- | DcsBml/DcsBml.c | 108 | ||||
-rw-r--r-- | DcsBml/DcsBml.h | 65 | ||||
-rw-r--r-- | DcsBml/DcsBml.inf | 7 |
5 files changed, 407 insertions, 1 deletions
diff --git a/DcsBml/ComponentName.c b/DcsBml/ComponentName.c new file mode 100644 index 0000000..1971328 --- /dev/null +++ b/DcsBml/ComponentName.c @@ -0,0 +1,136 @@ +/** @file
+This is DCS boot menu lock application
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#include "DcsBml.h"
+
+///
+/// Component Name Protocol instance
+///
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_COMPONENT_NAME_PROTOCOL gDcsBmlComponentName = {
+ (EFI_COMPONENT_NAME_GET_DRIVER_NAME) DcsBmlComponentNameGetDriverName,
+ (EFI_COMPONENT_NAME_GET_CONTROLLER_NAME)DcsBmlComponentNameGetControllerName,
+ "eng"
+};
+
+///
+/// Component Name 2 Protocol instance
+///
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_COMPONENT_NAME2_PROTOCOL gDcsBmlComponentName2 = {
+ DcsBmlComponentNameGetDriverName,
+ DcsBmlComponentNameGetControllerName,
+ "en"
+};
+
+///
+/// Table of driver names
+///
+GLOBAL_REMOVE_IF_UNREFERENCED
+EFI_UNICODE_STRING_TABLE mDcsBmlDriverNameTable[] = {
+ { "eng;en", (CHAR16 *)L"DcsBml" },
+ { NULL, NULL }
+};
+
+/**
+ Retrieves a Unicode string that is the user-readable name of the EFI Driver.
+
+ @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param Language A pointer to a three-character ISO 639-2 language identifier.
+ This is the language of the driver name that that the caller
+ is requesting, and it must match one of the languages specified
+ in SupportedLanguages. The number of languages supported by a
+ driver is up to the driver writer.
+ @param DriverName A pointer to the Unicode string to return. This Unicode string
+ is the name of the driver specified by This in the language
+ specified by Language.
+
+ @retval EFI_SUCCESS The Unicode string for the Driver specified by This
+ and the language specified by Language was returned
+ in DriverName.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER DriverName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support the
+ language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlComponentNameGetDriverName (
+ IN EFI_COMPONENT_NAME2_PROTOCOL *This,
+ IN CHAR8 *Language,
+ OUT CHAR16 **DriverName
+ )
+{
+ return LookupUnicodeString2 (
+ Language,
+ This->SupportedLanguages,
+ mDcsBmlDriverNameTable,
+ DriverName,
+ (BOOLEAN)(This != &gDcsBmlComponentName2)
+ );
+}
+
+/**
+ Retrieves a Unicode string that is the user readable name of the controller
+ that is being managed by an EFI Driver.
+
+ @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param ControllerHandle The handle of a controller that the driver specified by
+ This is managing. This handle specifies the controller
+ whose name is to be returned.
+ @param ChildHandle The handle of the child controller to retrieve the name
+ of. This is an optional parameter that may be NULL. It
+ will be NULL for device drivers. It will also be NULL
+ for a bus drivers that wish to retrieve the name of the
+ bus controller. It will not be NULL for a bus driver
+ that wishes to retrieve the name of a child controller.
+ @param Language A pointer to a three character ISO 639-2 language
+ identifier. This is the language of the controller name
+ that the caller is requesting, and it must match one
+ of the languages specified in SupportedLanguages. The
+ number of languages supported by a driver is up to the
+ driver writer.
+ @param ControllerName A pointer to the Unicode string to return. This Unicode
+ string is the name of the controller specified by
+ ControllerHandle and ChildHandle in the language specified
+ by Language, from the point of view of the driver specified
+ by This.
+
+ @retval EFI_SUCCESS The Unicode string for the user-readable name in the
+ language specified by Language for the driver
+ specified by This was returned in DriverName.
+ @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
+ @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid EFI_HANDLE.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER ControllerName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This is not currently managing
+ the controller specified by ControllerHandle and
+ ChildHandle.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support the
+ language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlComponentNameGetControllerName (
+ IN EFI_COMPONENT_NAME2_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_HANDLE ChildHandle OPTIONAL,
+ IN CHAR8 *Language,
+ OUT CHAR16 **ControllerName
+ )
+{
+ EFI_STATUS Status = EFI_SUCCESS;
+ return Status;
+}
diff --git a/DcsBml/ComponentName.h b/DcsBml/ComponentName.h new file mode 100644 index 0000000..8813300 --- /dev/null +++ b/DcsBml/ComponentName.h @@ -0,0 +1,92 @@ +/** @file
+This is DCS boot menu lock application
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+/**
+ Retrieves a Unicode string that is the user-readable name of the EFI Driver.
+
+ @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param Language A pointer to a three-character ISO 639-2 language identifier.
+ This is the language of the driver name that that the caller
+ is requesting, and it must match one of the languages specified
+ in SupportedLanguages. The number of languages supported by a
+ driver is up to the driver writer.
+ @param DriverName A pointer to the Unicode string to return. This Unicode string
+ is the name of the driver specified by This in the language
+ specified by Language.
+
+ @retval EFI_SUCCESS The Unicode string for the Driver specified by This
+ and the language specified by Language was returned
+ in DriverName.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER DriverName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support the
+ language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlComponentNameGetDriverName (
+ IN EFI_COMPONENT_NAME2_PROTOCOL *This,
+ IN CHAR8 *Language,
+ OUT CHAR16 **DriverName
+ );
+
+/**
+ Retrieves a Unicode string that is the user readable name of the controller
+ that is being managed by an EFI Driver.
+
+ @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance.
+ @param ControllerHandle The handle of a controller that the driver specified by
+ This is managing. This handle specifies the controller
+ whose name is to be returned.
+ @param ChildHandle The handle of the child controller to retrieve the name
+ of. This is an optional parameter that may be NULL. It
+ will be NULL for device drivers. It will also be NULL
+ for a bus drivers that wish to retrieve the name of the
+ bus controller. It will not be NULL for a bus driver
+ that wishes to retrieve the name of a child controller.
+ @param Language A pointer to a three character ISO 639-2 language
+ identifier. This is the language of the controller name
+ that the caller is requesting, and it must match one
+ of the languages specified in SupportedLanguages. The
+ number of languages supported by a driver is up to the
+ driver writer.
+ @param ControllerName A pointer to the Unicode string to return. This Unicode
+ string is the name of the controller specified by
+ ControllerHandle and ChildHandle in the language specified
+ by Language, from the point of view of the driver specified
+ by This.
+
+ @retval EFI_SUCCESS The Unicode string for the user-readable name in the
+ language specified by Language for the driver
+ specified by This was returned in DriverName.
+ @retval EFI_INVALID_PARAMETER ControllerHandle is NULL.
+ @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid EFI_HANDLE.
+ @retval EFI_INVALID_PARAMETER Language is NULL.
+ @retval EFI_INVALID_PARAMETER ControllerName is NULL.
+ @retval EFI_UNSUPPORTED The driver specified by This is not currently managing
+ the controller specified by ControllerHandle and
+ ChildHandle.
+ @retval EFI_UNSUPPORTED The driver specified by This does not support the
+ language specified by Language.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlComponentNameGetControllerName (
+ IN EFI_COMPONENT_NAME2_PROTOCOL *This,
+ IN EFI_HANDLE ControllerHandle,
+ IN EFI_HANDLE ChildHandle OPTIONAL,
+ IN CHAR8 *Language,
+ OUT CHAR16 **ControllerName
+ );
diff --git a/DcsBml/DcsBml.c b/DcsBml/DcsBml.c index 3376936..f5aaf3a 100644 --- a/DcsBml/DcsBml.c +++ b/DcsBml/DcsBml.c @@ -13,18 +13,27 @@ https://opensource.org/licenses/LGPL-3.0 #include <Uefi.h>
#include <Guid/EventGroup.h>
+#include <Guid/GlobalVariable.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeLib.h>
#include <Library/BaseLib.h>
#include <Library/UefiLib.h>
+#include <Library/CommonLib.h>
+
+#include <Protocol/DcsBmlProto.h>
+#include "DcsBml.h"
+
+//////////////////////////////////////////////////////////////////////////
+// Runtime data to lock
+//////////////////////////////////////////////////////////////////////////
typedef struct _BML_GLOBALS {
UINT64 Signature;
UINTN size;
} BML_GLOBALS, *PBML_GLOBALS;
STATIC PBML_GLOBALS gBmlData = NULL;
-STATIC BOOLEAN BootMenuLocked = TRUE;
+STATIC BOOLEAN BootMenuLocked = FALSE;
EFI_EVENT mBmlVirtualAddrChangeEvent;
EFI_SET_VARIABLE orgSetVariable = NULL;
@@ -71,6 +80,65 @@ BmlVirtualNotifyEvent( return;
}
+//////////////////////////////////////////////////////////////////////////
+// DcsBml protocol to control lock in BS mode
+//////////////////////////////////////////////////////////////////////////
+CHAR16* sDcsBootEfi = L"EFI\\VeraCrypt\\DcsBoot.efi";
+CHAR16* sDcsBootEfiDesc = L"VeraCrypt(DCS) loader";
+
+GUID gEfiDcsBmlProtocolGuid = EFI_DCSBML_INTERFACE_PROTOCOL_GUID;
+EFI_DCSBML_PROTOCOL gEfiDcsBmlProtocol = {
+ BootMenuLock
+};
+
+EFI_STATUS
+BootMenuLock(
+ IN EFI_DCSBML_PROTOCOL *This,
+ IN BOOLEAN Lock
+ ) {
+ BootMenuLocked = Lock;
+ return EFI_SUCCESS;
+}
+
+//////////////////////////////////////////////////////////////////////////
+// Driver
+//////////////////////////////////////////////////////////////////////////
+
+/**
+Unloads an image.
+
+@param ImageHandle Handle that identifies the image to be unloaded.
+
+@retval EFI_SUCCESS The image has been unloaded.
+@retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle.
+
+**/
+EFI_STATUS
+EFIAPI
+DcsBmlUnload(
+ IN EFI_HANDLE ImageHandle
+ )
+{
+ EFI_STATUS res;
+
+ res = EFI_SUCCESS;
+ //
+ // Uninstall Driver Supported EFI Version Protocol onto ImageHandle
+ //
+ res = gBS->UninstallMultipleProtocolInterfaces(
+ ImageHandle,
+ &gEfiDcsBmlProtocolGuid, &gEfiDcsBmlProtocol,
+ NULL
+ );
+
+ if (EFI_ERROR(res)) {
+ return res;
+ }
+ // Clean up
+ return EFI_SUCCESS;
+}
+
+
/**
The actual entry point for the application.
@@ -89,7 +157,27 @@ DcsBmlMain( )
{
EFI_STATUS res;
+ // Check multiple execution of DcsBml
+ if (!EFI_ERROR(InitBml())) {
+ return EFI_ACCESS_DENIED;
+ }
+
+ //
+ // Install DcsBml protocol onto ImageHandle
+ //
+ res = gBS->InstallMultipleProtocolInterfaces(
+ &ImageHandle,
+ &gEfiDcsBmlProtocolGuid, &gEfiDcsBmlProtocol,
+ NULL
+ );
+ ASSERT_EFI_ERROR(res);
+
+ if (EFI_ERROR(res)) {
+ Print(L"Install protocol %r\n", res);
+ return res;
+ }
+ // runtime lock
res = gBS->AllocatePool(
EfiRuntimeServicesData,
(UINTN) sizeof(BML_GLOBALS),
@@ -120,5 +208,23 @@ DcsBmlMain( orgSetVariable = gST->RuntimeServices->SetVariable;
gST->RuntimeServices->SetVariable = BmlSetVaribale;
+
+ // select boot next
+ {
+ UINT16 DcsBootNum = 0x0DC5B;
+ UINTN len;
+ UINT32 attr;
+ CHAR16* tmp = NULL;
+ res = EfiGetVar(L"BootDC5B", &gEfiGlobalVariableGuid, &tmp, &len, &attr);
+ if (EFI_ERROR(res)) {
+ InitFS();
+ res = BootMenuItemCreate(L"BootDC5B", sDcsBootEfiDesc, gFileRootHandle, sDcsBootEfi, TRUE);
+ res = BootOrderInsert(L"BootOrder", 0, 0x0DC5B);
+ }
+ res = EfiSetVar(L"BootNext", &gEfiGlobalVariableGuid, &DcsBootNum, sizeof(DcsBootNum), EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS);
+ MEM_FREE(tmp);
+ }
+
+ // Prepare BootDC5B
return EFI_SUCCESS;
}
diff --git a/DcsBml/DcsBml.h b/DcsBml/DcsBml.h new file mode 100644 index 0000000..df639fc --- /dev/null +++ b/DcsBml/DcsBml.h @@ -0,0 +1,65 @@ +/** @file
+This is DCS boot menu lock application
+
+Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov
+
+This program and the accompanying materials
+are licensed and made available under the terms and conditions
+of the GNU Lesser General Public License, version 3.0 (LGPL-3.0).
+
+The full text of the license may be found at
+https://opensource.org/licenses/LGPL-3.0
+**/
+
+#ifndef __EFI_DCSBML_H__
+#define __EFI_DCSBML_H__
+
+#include <Uefi.h>
+
+//
+// Libraries
+//
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/BaseLib.h>
+#include <Library/UefiLib.h>
+#include <Library/DevicePathLib.h>
+#include <Library/DebugLib.h>
+
+//
+// UEFI Driver Model Protocols
+//
+#include <Protocol/ComponentName2.h>
+#include <Protocol/ComponentName.h>
+
+//
+// Consumed Protocols
+//
+
+//
+// Produced Protocols
+//
+#include <Protocol/DcsBmlProto.h>
+
+
+//
+// Protocol instances
+//
+extern EFI_COMPONENT_NAME2_PROTOCOL gDcsBmlComponentName2;
+extern EFI_COMPONENT_NAME_PROTOCOL gDcsBmlComponentName;
+extern EFI_DCSBML_PROTOCOL gEfiDcsBmlProtocol;
+
+//
+// Include files with function prototypes
+//
+#include "ComponentName.h"
+
+EFI_STATUS
+BootMenuLock(
+ IN EFI_DCSBML_PROTOCOL *This,
+ IN BOOLEAN Lock
+ );
+
+
+#endif
diff --git a/DcsBml/DcsBml.inf b/DcsBml/DcsBml.inf index 10bdfda..f0b3109 100644 --- a/DcsBml/DcsBml.inf +++ b/DcsBml/DcsBml.inf @@ -28,6 +28,9 @@ [Sources]
DcsBml.c
+ DcsBml.h
+ ComponentName.c
+ ComponentName.h
[Packages]
MdePkg/MdePkg.dec
@@ -41,14 +44,18 @@ UefiLib
UefiRuntimeLib
UefiBootServicesTableLib
+ CommonLib
[Guids]
gEfiGlobalVariableGuid
gEfiDcsVariableGuid
gEfiEventVirtualAddressChangeGuid
+ gEfiFileInfoGuid
[Protocols]
gEfiBlockIoProtocolGuid
+ gEfiComponentName2ProtocolGuid
+ gEfiComponentNameProtocolGuid
[BuildOptions.IA32]
RELEASE_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs
|