From 0ba0723c769f95d312835967c47e34e444fea368 Mon Sep 17 00:00:00 2001 From: kavsrf Date: Tue, 13 Jun 2017 17:19:47 +0300 Subject: solution of HP problem via DrverOrder and BML modified driver --- DcsBml/ComponentName.c | 136 +++++++++++++++++++++++++++++++++++++++++++++++++ DcsBml/ComponentName.h | 92 +++++++++++++++++++++++++++++++++ DcsBml/DcsBml.c | 108 ++++++++++++++++++++++++++++++++++++++- DcsBml/DcsBml.h | 65 +++++++++++++++++++++++ DcsBml/DcsBml.inf | 7 +++ 5 files changed, 407 insertions(+), 1 deletion(-) create mode 100644 DcsBml/ComponentName.c create mode 100644 DcsBml/ComponentName.h create mode 100644 DcsBml/DcsBml.h (limited to 'DcsBml') diff --git a/DcsBml/ComponentName.c b/DcsBml/ComponentName.c new file mode 100644 index 0000000..1971328 --- /dev/null +++ b/DcsBml/ComponentName.c @@ -0,0 +1,136 @@ +/** @file +This is DCS boot menu lock application + +Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov + +This program and the accompanying materials +are licensed and made available under the terms and conditions +of the GNU Lesser General Public License, version 3.0 (LGPL-3.0). + +The full text of the license may be found at +https://opensource.org/licenses/LGPL-3.0 +**/ + +#include "DcsBml.h" + +/// +/// Component Name Protocol instance +/// +GLOBAL_REMOVE_IF_UNREFERENCED +EFI_COMPONENT_NAME_PROTOCOL gDcsBmlComponentName = { + (EFI_COMPONENT_NAME_GET_DRIVER_NAME) DcsBmlComponentNameGetDriverName, + (EFI_COMPONENT_NAME_GET_CONTROLLER_NAME)DcsBmlComponentNameGetControllerName, + "eng" +}; + +/// +/// Component Name 2 Protocol instance +/// +GLOBAL_REMOVE_IF_UNREFERENCED +EFI_COMPONENT_NAME2_PROTOCOL gDcsBmlComponentName2 = { + DcsBmlComponentNameGetDriverName, + DcsBmlComponentNameGetControllerName, + "en" +}; + +/// +/// Table of driver names +/// +GLOBAL_REMOVE_IF_UNREFERENCED +EFI_UNICODE_STRING_TABLE mDcsBmlDriverNameTable[] = { + { "eng;en", (CHAR16 *)L"DcsBml" }, + { NULL, NULL } +}; + +/** + Retrieves a Unicode string that is the user-readable name of the EFI Driver. + + @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance. + @param Language A pointer to a three-character ISO 639-2 language identifier. + This is the language of the driver name that that the caller + is requesting, and it must match one of the languages specified + in SupportedLanguages. The number of languages supported by a + driver is up to the driver writer. + @param DriverName A pointer to the Unicode string to return. This Unicode string + is the name of the driver specified by This in the language + specified by Language. + + @retval EFI_SUCCESS The Unicode string for the Driver specified by This + and the language specified by Language was returned + in DriverName. + @retval EFI_INVALID_PARAMETER Language is NULL. + @retval EFI_INVALID_PARAMETER DriverName is NULL. + @retval EFI_UNSUPPORTED The driver specified by This does not support the + language specified by Language. + +**/ +EFI_STATUS +EFIAPI +DcsBmlComponentNameGetDriverName ( + IN EFI_COMPONENT_NAME2_PROTOCOL *This, + IN CHAR8 *Language, + OUT CHAR16 **DriverName + ) +{ + return LookupUnicodeString2 ( + Language, + This->SupportedLanguages, + mDcsBmlDriverNameTable, + DriverName, + (BOOLEAN)(This != &gDcsBmlComponentName2) + ); +} + +/** + Retrieves a Unicode string that is the user readable name of the controller + that is being managed by an EFI Driver. + + @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance. + @param ControllerHandle The handle of a controller that the driver specified by + This is managing. This handle specifies the controller + whose name is to be returned. + @param ChildHandle The handle of the child controller to retrieve the name + of. This is an optional parameter that may be NULL. It + will be NULL for device drivers. It will also be NULL + for a bus drivers that wish to retrieve the name of the + bus controller. It will not be NULL for a bus driver + that wishes to retrieve the name of a child controller. + @param Language A pointer to a three character ISO 639-2 language + identifier. This is the language of the controller name + that the caller is requesting, and it must match one + of the languages specified in SupportedLanguages. The + number of languages supported by a driver is up to the + driver writer. + @param ControllerName A pointer to the Unicode string to return. This Unicode + string is the name of the controller specified by + ControllerHandle and ChildHandle in the language specified + by Language, from the point of view of the driver specified + by This. + + @retval EFI_SUCCESS The Unicode string for the user-readable name in the + language specified by Language for the driver + specified by This was returned in DriverName. + @retval EFI_INVALID_PARAMETER ControllerHandle is NULL. + @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid EFI_HANDLE. + @retval EFI_INVALID_PARAMETER Language is NULL. + @retval EFI_INVALID_PARAMETER ControllerName is NULL. + @retval EFI_UNSUPPORTED The driver specified by This is not currently managing + the controller specified by ControllerHandle and + ChildHandle. + @retval EFI_UNSUPPORTED The driver specified by This does not support the + language specified by Language. + +**/ +EFI_STATUS +EFIAPI +DcsBmlComponentNameGetControllerName ( + IN EFI_COMPONENT_NAME2_PROTOCOL *This, + IN EFI_HANDLE ControllerHandle, + IN EFI_HANDLE ChildHandle OPTIONAL, + IN CHAR8 *Language, + OUT CHAR16 **ControllerName + ) +{ + EFI_STATUS Status = EFI_SUCCESS; + return Status; +} diff --git a/DcsBml/ComponentName.h b/DcsBml/ComponentName.h new file mode 100644 index 0000000..8813300 --- /dev/null +++ b/DcsBml/ComponentName.h @@ -0,0 +1,92 @@ +/** @file +This is DCS boot menu lock application + +Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov + +This program and the accompanying materials +are licensed and made available under the terms and conditions +of the GNU Lesser General Public License, version 3.0 (LGPL-3.0). + +The full text of the license may be found at +https://opensource.org/licenses/LGPL-3.0 +**/ + +/** + Retrieves a Unicode string that is the user-readable name of the EFI Driver. + + @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance. + @param Language A pointer to a three-character ISO 639-2 language identifier. + This is the language of the driver name that that the caller + is requesting, and it must match one of the languages specified + in SupportedLanguages. The number of languages supported by a + driver is up to the driver writer. + @param DriverName A pointer to the Unicode string to return. This Unicode string + is the name of the driver specified by This in the language + specified by Language. + + @retval EFI_SUCCESS The Unicode string for the Driver specified by This + and the language specified by Language was returned + in DriverName. + @retval EFI_INVALID_PARAMETER Language is NULL. + @retval EFI_INVALID_PARAMETER DriverName is NULL. + @retval EFI_UNSUPPORTED The driver specified by This does not support the + language specified by Language. + +**/ +EFI_STATUS +EFIAPI +DcsBmlComponentNameGetDriverName ( + IN EFI_COMPONENT_NAME2_PROTOCOL *This, + IN CHAR8 *Language, + OUT CHAR16 **DriverName + ); + +/** + Retrieves a Unicode string that is the user readable name of the controller + that is being managed by an EFI Driver. + + @param This A pointer to the EFI_COMPONENT_NAME_PROTOCOL instance. + @param ControllerHandle The handle of a controller that the driver specified by + This is managing. This handle specifies the controller + whose name is to be returned. + @param ChildHandle The handle of the child controller to retrieve the name + of. This is an optional parameter that may be NULL. It + will be NULL for device drivers. It will also be NULL + for a bus drivers that wish to retrieve the name of the + bus controller. It will not be NULL for a bus driver + that wishes to retrieve the name of a child controller. + @param Language A pointer to a three character ISO 639-2 language + identifier. This is the language of the controller name + that the caller is requesting, and it must match one + of the languages specified in SupportedLanguages. The + number of languages supported by a driver is up to the + driver writer. + @param ControllerName A pointer to the Unicode string to return. This Unicode + string is the name of the controller specified by + ControllerHandle and ChildHandle in the language specified + by Language, from the point of view of the driver specified + by This. + + @retval EFI_SUCCESS The Unicode string for the user-readable name in the + language specified by Language for the driver + specified by This was returned in DriverName. + @retval EFI_INVALID_PARAMETER ControllerHandle is NULL. + @retval EFI_INVALID_PARAMETER ChildHandle is not NULL and it is not a valid EFI_HANDLE. + @retval EFI_INVALID_PARAMETER Language is NULL. + @retval EFI_INVALID_PARAMETER ControllerName is NULL. + @retval EFI_UNSUPPORTED The driver specified by This is not currently managing + the controller specified by ControllerHandle and + ChildHandle. + @retval EFI_UNSUPPORTED The driver specified by This does not support the + language specified by Language. + +**/ +EFI_STATUS +EFIAPI +DcsBmlComponentNameGetControllerName ( + IN EFI_COMPONENT_NAME2_PROTOCOL *This, + IN EFI_HANDLE ControllerHandle, + IN EFI_HANDLE ChildHandle OPTIONAL, + IN CHAR8 *Language, + OUT CHAR16 **ControllerName + ); diff --git a/DcsBml/DcsBml.c b/DcsBml/DcsBml.c index 3376936..f5aaf3a 100644 --- a/DcsBml/DcsBml.c +++ b/DcsBml/DcsBml.c @@ -13,18 +13,27 @@ https://opensource.org/licenses/LGPL-3.0 #include #include +#include #include #include #include #include +#include + +#include +#include "DcsBml.h" + +////////////////////////////////////////////////////////////////////////// +// Runtime data to lock +////////////////////////////////////////////////////////////////////////// typedef struct _BML_GLOBALS { UINT64 Signature; UINTN size; } BML_GLOBALS, *PBML_GLOBALS; STATIC PBML_GLOBALS gBmlData = NULL; -STATIC BOOLEAN BootMenuLocked = TRUE; +STATIC BOOLEAN BootMenuLocked = FALSE; EFI_EVENT mBmlVirtualAddrChangeEvent; EFI_SET_VARIABLE orgSetVariable = NULL; @@ -71,6 +80,65 @@ BmlVirtualNotifyEvent( return; } +////////////////////////////////////////////////////////////////////////// +// DcsBml protocol to control lock in BS mode +////////////////////////////////////////////////////////////////////////// +CHAR16* sDcsBootEfi = L"EFI\\VeraCrypt\\DcsBoot.efi"; +CHAR16* sDcsBootEfiDesc = L"VeraCrypt(DCS) loader"; + +GUID gEfiDcsBmlProtocolGuid = EFI_DCSBML_INTERFACE_PROTOCOL_GUID; +EFI_DCSBML_PROTOCOL gEfiDcsBmlProtocol = { + BootMenuLock +}; + +EFI_STATUS +BootMenuLock( + IN EFI_DCSBML_PROTOCOL *This, + IN BOOLEAN Lock + ) { + BootMenuLocked = Lock; + return EFI_SUCCESS; +} + +////////////////////////////////////////////////////////////////////////// +// Driver +////////////////////////////////////////////////////////////////////////// + +/** +Unloads an image. + +@param ImageHandle Handle that identifies the image to be unloaded. + +@retval EFI_SUCCESS The image has been unloaded. +@retval EFI_INVALID_PARAMETER ImageHandle is not a valid image handle. + +**/ +EFI_STATUS +EFIAPI +DcsBmlUnload( + IN EFI_HANDLE ImageHandle + ) +{ + EFI_STATUS res; + + res = EFI_SUCCESS; + // + // Uninstall Driver Supported EFI Version Protocol onto ImageHandle + // + res = gBS->UninstallMultipleProtocolInterfaces( + ImageHandle, + &gEfiDcsBmlProtocolGuid, &gEfiDcsBmlProtocol, + NULL + ); + + if (EFI_ERROR(res)) { + return res; + } + // Clean up + return EFI_SUCCESS; +} + + /** The actual entry point for the application. @@ -89,7 +157,27 @@ DcsBmlMain( ) { EFI_STATUS res; + // Check multiple execution of DcsBml + if (!EFI_ERROR(InitBml())) { + return EFI_ACCESS_DENIED; + } + + // + // Install DcsBml protocol onto ImageHandle + // + res = gBS->InstallMultipleProtocolInterfaces( + &ImageHandle, + &gEfiDcsBmlProtocolGuid, &gEfiDcsBmlProtocol, + NULL + ); + ASSERT_EFI_ERROR(res); + + if (EFI_ERROR(res)) { + Print(L"Install protocol %r\n", res); + return res; + } + // runtime lock res = gBS->AllocatePool( EfiRuntimeServicesData, (UINTN) sizeof(BML_GLOBALS), @@ -120,5 +208,23 @@ DcsBmlMain( orgSetVariable = gST->RuntimeServices->SetVariable; gST->RuntimeServices->SetVariable = BmlSetVaribale; + + // select boot next + { + UINT16 DcsBootNum = 0x0DC5B; + UINTN len; + UINT32 attr; + CHAR16* tmp = NULL; + res = EfiGetVar(L"BootDC5B", &gEfiGlobalVariableGuid, &tmp, &len, &attr); + if (EFI_ERROR(res)) { + InitFS(); + res = BootMenuItemCreate(L"BootDC5B", sDcsBootEfiDesc, gFileRootHandle, sDcsBootEfi, TRUE); + res = BootOrderInsert(L"BootOrder", 0, 0x0DC5B); + } + res = EfiSetVar(L"BootNext", &gEfiGlobalVariableGuid, &DcsBootNum, sizeof(DcsBootNum), EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS); + MEM_FREE(tmp); + } + + // Prepare BootDC5B return EFI_SUCCESS; } diff --git a/DcsBml/DcsBml.h b/DcsBml/DcsBml.h new file mode 100644 index 0000000..df639fc --- /dev/null +++ b/DcsBml/DcsBml.h @@ -0,0 +1,65 @@ +/** @file +This is DCS boot menu lock application + +Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov + +This program and the accompanying materials +are licensed and made available under the terms and conditions +of the GNU Lesser General Public License, version 3.0 (LGPL-3.0). + +The full text of the license may be found at +https://opensource.org/licenses/LGPL-3.0 +**/ + +#ifndef __EFI_DCSBML_H__ +#define __EFI_DCSBML_H__ + +#include + +// +// Libraries +// +#include +#include +#include +#include +#include +#include +#include + +// +// UEFI Driver Model Protocols +// +#include +#include + +// +// Consumed Protocols +// + +// +// Produced Protocols +// +#include + + +// +// Protocol instances +// +extern EFI_COMPONENT_NAME2_PROTOCOL gDcsBmlComponentName2; +extern EFI_COMPONENT_NAME_PROTOCOL gDcsBmlComponentName; +extern EFI_DCSBML_PROTOCOL gEfiDcsBmlProtocol; + +// +// Include files with function prototypes +// +#include "ComponentName.h" + +EFI_STATUS +BootMenuLock( + IN EFI_DCSBML_PROTOCOL *This, + IN BOOLEAN Lock + ); + + +#endif diff --git a/DcsBml/DcsBml.inf b/DcsBml/DcsBml.inf index 10bdfda..f0b3109 100644 --- a/DcsBml/DcsBml.inf +++ b/DcsBml/DcsBml.inf @@ -28,6 +28,9 @@ [Sources] DcsBml.c + DcsBml.h + ComponentName.c + ComponentName.h [Packages] MdePkg/MdePkg.dec @@ -41,14 +44,18 @@ UefiLib UefiRuntimeLib UefiBootServicesTableLib + CommonLib [Guids] gEfiGlobalVariableGuid gEfiDcsVariableGuid gEfiEventVirtualAddressChangeGuid + gEfiFileInfoGuid [Protocols] gEfiBlockIoProtocolGuid + gEfiComponentName2ProtocolGuid + gEfiComponentNameProtocolGuid [BuildOptions.IA32] RELEASE_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs -- cgit v1.2.3