From b87fc6b140772ba3017de311c7063c259424264c Mon Sep 17 00:00:00 2001 From: Alex Date: Mon, 15 Aug 2016 17:11:31 +0200 Subject: First public release. Used by VeraCrypt 1.18. --- DcsBml/DcsBml.c | 124 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ DcsBml/DcsBml.inf | 67 +++++++++++++++++++++++++++++ 2 files changed, 191 insertions(+) create mode 100644 DcsBml/DcsBml.c create mode 100644 DcsBml/DcsBml.inf (limited to 'DcsBml') diff --git a/DcsBml/DcsBml.c b/DcsBml/DcsBml.c new file mode 100644 index 0000000..3376936 --- /dev/null +++ b/DcsBml/DcsBml.c @@ -0,0 +1,124 @@ +/** @file + This is DCS boot menu lock application + +Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov + +This program and the accompanying materials +are licensed and made available under the terms and conditions +of the GNU Lesser General Public License, version 3.0 (LGPL-3.0). + +The full text of the license may be found at +https://opensource.org/licenses/LGPL-3.0 +**/ + +#include +#include +#include +#include +#include +#include + +typedef struct _BML_GLOBALS { + UINT64 Signature; + UINTN size; +} BML_GLOBALS, *PBML_GLOBALS; + +STATIC PBML_GLOBALS gBmlData = NULL; +STATIC BOOLEAN BootMenuLocked = TRUE; +EFI_EVENT mBmlVirtualAddrChangeEvent; +EFI_SET_VARIABLE orgSetVariable = NULL; + +EFI_STATUS +BmlSetVaribale( + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + IN UINT32 Attributes, + IN UINTN DataSize, + IN VOID *Data + ) { + // DcsBoot remove? + if (VariableName != NULL && StrStr(VariableName, L"BootDC5B") == VariableName && DataSize == 0) { + BootMenuLocked = FALSE; + } + + if (BootMenuLocked) { + // Block all Boot* + if (VariableName != NULL && StrStr(VariableName, L"Boot") == VariableName) { + return EFI_ACCESS_DENIED; + } + } + return orgSetVariable(VariableName, VendorGuid, Attributes, DataSize, Data); +} + +/** +Fixup internal data so that EFI can be call in virtual mode. +Call the passed in Child Notify event and convert any pointers in +lib to virtual mode. + +@param[in] Event The Event that is being processed +@param[in] Context Event Context +**/ + +VOID +EFIAPI +BmlVirtualNotifyEvent( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EfiConvertPointer(0x0, (VOID**)&gBmlData); + EfiConvertPointer(0x0, (VOID**)&orgSetVariable); + return; +} + +/** +The actual entry point for the application. + +@param[in] ImageHandle The firmware allocated handle for the EFI image. +@param[in] SystemTable A pointer to the EFI System Table. + +@retval EFI_SUCCESS The entry point executed successfully. +@retval other Some error occur when executing this entry point. + +**/ +EFI_STATUS +EFIAPI +DcsBmlMain( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS res; + + res = gBS->AllocatePool( + EfiRuntimeServicesData, + (UINTN) sizeof(BML_GLOBALS), + (VOID**)&gBmlData + ); + + if (EFI_ERROR(res)) { + Print(L"Allocate runtime globals %r\n", res); + return res; + } + + // + // Register for the virtual address change event + // + res = gBS->CreateEventEx( + EVT_NOTIFY_SIGNAL, + TPL_NOTIFY, + BmlVirtualNotifyEvent, + NULL, + &gEfiEventVirtualAddressChangeGuid, + &mBmlVirtualAddrChangeEvent + ); + + if (EFI_ERROR(res)) { + Print(L"Register notify %r\n", res); + return res; + } + + orgSetVariable = gST->RuntimeServices->SetVariable; + gST->RuntimeServices->SetVariable = BmlSetVaribale; + return EFI_SUCCESS; +} diff --git a/DcsBml/DcsBml.inf b/DcsBml/DcsBml.inf new file mode 100644 index 0000000..10bdfda --- /dev/null +++ b/DcsBml/DcsBml.inf @@ -0,0 +1,67 @@ +## @file +# This is DCS boot loader application +# +# Copyright (c) 2016. Disk Cryptography Services for EFI (DCS), Alex Kolotnikov +# Copyright (c) 2016. VeraCrypt, Mounir IDRASSI +# +# This program and the accompanying materials are licensed and made available +# under the terms and conditions of the GNU Lesser General Public License, version 3.0 (LGPL-3.0). +# +# The full text of the license may be found at +# https://opensource.org/licenses/LGPL-3.0 +# +## + +[Defines] + INF_VERSION = 0x00010006 + BASE_NAME = DcsBml + FILE_GUID = E0A7843A-828F-4EDC-AC55-75FE3255ABA5 + MODULE_TYPE = DXE_RUNTIME_DRIVER + VERSION_STRING = 1.0 + ENTRY_POINT = DcsBmlMain + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# + +[Sources] + DcsBml.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + DcsPkg/DcsPkg.dec + +[LibraryClasses] + BaseLib + MemoryAllocationLib + UefiDriverEntryPoint + UefiLib + UefiRuntimeLib + UefiBootServicesTableLib + +[Guids] + gEfiGlobalVariableGuid + gEfiDcsVariableGuid + gEfiEventVirtualAddressChangeGuid + +[Protocols] + gEfiBlockIoProtocolGuid + +[BuildOptions.IA32] +RELEASE_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs +DEBUG_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs +NOOPT_VS2010x86_IA32_CC_FLAGS = /arch:IA32 /FAcs + +RELEASE_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs +DEBUG_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs +NOOPT_VS2015x86_IA32_CC_FLAGS = /arch:IA32 /FAcs + +[FeaturePcd] + +[Pcd] + +[Depex] + TRUE -- cgit v1.2.3