mirror of
https://git.proxmox.com/git/efi-boot-shim
synced 2025-07-27 15:47:12 +00:00
Try to actually make debug printing look reasonable.
Signed-off-by: Peter Jones <pjones@redhat.com>
This commit is contained in:
Peter Jones
parent
53a318f52e
commit
880f9de412
@ -20,8 +20,6 @@ console_alertbox(CHAR16 **title);
|
|||||||
void
|
void
|
||||||
console_notify(CHAR16 *string);
|
console_notify(CHAR16 *string);
|
||||||
void
|
void
|
||||||
console_notify_ascii(CHAR8 *string);
|
|
||||||
void
|
|
||||||
console_reset(void);
|
console_reset(void);
|
||||||
#define NOSEL 0x7fffffff
|
#define NOSEL 0x7fffffff
|
||||||
|
|
||||||
@ -66,5 +64,25 @@ struct _EFI_CONSOLE_CONTROL_PROTOCOL {
|
|||||||
};
|
};
|
||||||
|
|
||||||
extern VOID setup_console (int text);
|
extern VOID setup_console (int text);
|
||||||
|
extern VOID setup_verbosity(VOID);
|
||||||
|
extern UINT8 verbose;
|
||||||
|
#define dprint(fmt, ...) ({ \
|
||||||
|
UINTN __dprint_ret = 0; \
|
||||||
|
if (verbose) \
|
||||||
|
__dprint_ret = Print((fmt), ##__VA_ARGS__); \
|
||||||
|
__dprint_ret; \
|
||||||
|
})
|
||||||
|
#define dprinta(fmt, ...) ({ \
|
||||||
|
UINTN __dprinta_ret = 0; \
|
||||||
|
if (verbose) { \
|
||||||
|
UINTN __dprinta_i; \
|
||||||
|
CHAR16 *__dprinta_str = AllocateZeroPool((strlena(fmt) + 1) * 2); \
|
||||||
|
for (__dprinta_i = 0; fmt[__dprinta_i] != '\0'; __dprinta_i++) \
|
||||||
|
__dprinta_str[__dprinta_i] = fmt[__dprinta_i]; \
|
||||||
|
__dprinta_ret = Print((__dprinta_str), ##__VA_ARGS__); \
|
||||||
|
FreePool(__dprinta_str); \
|
||||||
|
} \
|
||||||
|
__dprinta_ret; \
|
||||||
|
})
|
||||||
|
|
||||||
#endif /* _SHIM_LIB_CONSOLE_H */
|
#endif /* _SHIM_LIB_CONSOLE_H */
|
||||||
|
|||||||
@ -8,6 +8,7 @@
|
|||||||
#include <efi/efilib.h>
|
#include <efi/efilib.h>
|
||||||
|
|
||||||
#include <console.h>
|
#include <console.h>
|
||||||
|
#include <variables.h>
|
||||||
#include <errors.h>
|
#include <errors.h>
|
||||||
|
|
||||||
static int min(int a, int b)
|
static int min(int a, int b)
|
||||||
@ -312,20 +313,6 @@ console_notify(CHAR16 *string)
|
|||||||
console_alertbox(str_arr);
|
console_alertbox(str_arr);
|
||||||
}
|
}
|
||||||
|
|
||||||
void
|
|
||||||
console_notify_ascii(CHAR8 *string)
|
|
||||||
{
|
|
||||||
CHAR16 *str = AllocateZeroPool((strlena(string) + 1) * 2);
|
|
||||||
int i, j;
|
|
||||||
|
|
||||||
if (!str)
|
|
||||||
return;
|
|
||||||
|
|
||||||
for (i = 0, j = 1; string[i] != '\0'; i++, j+=2)
|
|
||||||
str[j] = string[i];
|
|
||||||
console_notify(str);
|
|
||||||
}
|
|
||||||
|
|
||||||
#define ARRAY_SIZE(a) (sizeof (a) / sizeof ((a)[0]))
|
#define ARRAY_SIZE(a) (sizeof (a) / sizeof ((a)[0]))
|
||||||
|
|
||||||
/* Copy of gnu-efi-3.0 with the added secure boot strings */
|
/* Copy of gnu-efi-3.0 with the added secure boot strings */
|
||||||
@ -416,6 +403,24 @@ console_reset(void)
|
|||||||
uefi_call_wrapper(co->ClearScreen, 1, co);
|
uefi_call_wrapper(co->ClearScreen, 1, co);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
UINT8 verbose;
|
||||||
|
|
||||||
|
VOID
|
||||||
|
setup_verbosity(VOID)
|
||||||
|
{
|
||||||
|
EFI_STATUS status;
|
||||||
|
EFI_GUID global_var = EFI_GLOBAL_VARIABLE;
|
||||||
|
UINT8 verbose_check;
|
||||||
|
UINTN verbose_check_size;
|
||||||
|
|
||||||
|
verbose_check_size = 1;
|
||||||
|
status = get_variable(L"SHIM_VERBOSE", (void *)&verbose_check,
|
||||||
|
&verbose_check_size, global_var);
|
||||||
|
verbose = 0;
|
||||||
|
if (!EFI_ERROR(status))
|
||||||
|
verbose = verbose_check;
|
||||||
|
}
|
||||||
|
|
||||||
VOID setup_console (int text)
|
VOID setup_console (int text)
|
||||||
{
|
{
|
||||||
EFI_STATUS status;
|
EFI_STATUS status;
|
||||||
|
|||||||
32
shim.c
32
shim.c
@ -59,7 +59,6 @@ static EFI_STATUS (EFIAPI *entry_point) (EFI_HANDLE image_handle, EFI_SYSTEM_TAB
|
|||||||
static CHAR16 *second_stage;
|
static CHAR16 *second_stage;
|
||||||
static void *load_options;
|
static void *load_options;
|
||||||
static UINT32 load_options_size;
|
static UINT32 load_options_size;
|
||||||
static UINT8 verbose;
|
|
||||||
|
|
||||||
EFI_GUID SHIM_LOCK_GUID = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };
|
EFI_GUID SHIM_LOCK_GUID = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };
|
||||||
|
|
||||||
@ -731,12 +730,8 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
|
|||||||
* databases
|
* databases
|
||||||
*/
|
*/
|
||||||
status = check_whitelist(cert, sha256hash, sha1hash);
|
status = check_whitelist(cert, sha256hash, sha1hash);
|
||||||
|
if (status == EFI_SUCCESS)
|
||||||
if (status == EFI_SUCCESS) {
|
|
||||||
if (verbose)
|
|
||||||
console_notify(L"Binary is whitelisted\n");
|
|
||||||
return status;
|
return status;
|
||||||
}
|
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check against the shim build key
|
* Check against the shim build key
|
||||||
@ -746,8 +741,6 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
|
|||||||
shim_cert, sizeof(shim_cert), sha256hash,
|
shim_cert, sizeof(shim_cert), sha256hash,
|
||||||
SHA256_DIGEST_SIZE)) {
|
SHA256_DIGEST_SIZE)) {
|
||||||
status = EFI_SUCCESS;
|
status = EFI_SUCCESS;
|
||||||
if (verbose)
|
|
||||||
console_notify(L"Binary is verified by the vendor certificate\n");
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -760,12 +753,9 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
|
|||||||
vendor_cert, vendor_cert_size, sha256hash,
|
vendor_cert, vendor_cert_size, sha256hash,
|
||||||
SHA256_DIGEST_SIZE)) {
|
SHA256_DIGEST_SIZE)) {
|
||||||
status = EFI_SUCCESS;
|
status = EFI_SUCCESS;
|
||||||
if (verbose)
|
|
||||||
console_notify(L"Binary is verified by the vendor certificate\n");
|
|
||||||
return status;
|
return status;
|
||||||
}
|
}
|
||||||
|
|
||||||
Print(L"Invalid signature\n");
|
|
||||||
status = EFI_ACCESS_DENIED;
|
status = EFI_ACCESS_DENIED;
|
||||||
|
|
||||||
return status;
|
return status;
|
||||||
@ -896,9 +886,12 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
|
|||||||
if (secure_mode ()) {
|
if (secure_mode ()) {
|
||||||
efi_status = verify_buffer(data, datasize, &context);
|
efi_status = verify_buffer(data, datasize, &context);
|
||||||
|
|
||||||
if (efi_status != EFI_SUCCESS) {
|
if (EFI_ERROR(efi_status)) {
|
||||||
Print(L"Verification failed\n");
|
console_error(L"Verification failed", efi_status);
|
||||||
return efi_status;
|
return efi_status;
|
||||||
|
} else {
|
||||||
|
if (verbose)
|
||||||
|
console_notify(L"Verification succeeded");
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -1681,9 +1674,6 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab)
|
|||||||
static SHIM_LOCK shim_lock_interface;
|
static SHIM_LOCK shim_lock_interface;
|
||||||
EFI_HANDLE handle = NULL;
|
EFI_HANDLE handle = NULL;
|
||||||
EFI_STATUS efi_status;
|
EFI_STATUS efi_status;
|
||||||
UINT8 verbose_check;
|
|
||||||
UINTN verbose_check_size;
|
|
||||||
EFI_GUID global_var = EFI_GLOBAL_VARIABLE;
|
|
||||||
|
|
||||||
verification_method = VERIFIED_BY_NOTHING;
|
verification_method = VERIFIED_BY_NOTHING;
|
||||||
|
|
||||||
@ -1708,15 +1698,9 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab)
|
|||||||
InitializeLib(image_handle, systab);
|
InitializeLib(image_handle, systab);
|
||||||
|
|
||||||
setup_console(1);
|
setup_console(1);
|
||||||
|
setup_verbosity();
|
||||||
|
|
||||||
verbose_check_size = 1;
|
dprinta(shim_version);
|
||||||
efi_status = get_variable(L"SHIM_VERBOSE", (void *)&verbose_check,
|
|
||||||
&verbose_check_size, global_var);
|
|
||||||
if (!EFI_ERROR(efi_status))
|
|
||||||
verbose = verbose_check;
|
|
||||||
|
|
||||||
if (verbose)
|
|
||||||
console_notify_ascii(shim_version);
|
|
||||||
|
|
||||||
/* Set the second stage loader */
|
/* Set the second stage loader */
|
||||||
set_second_stage (image_handle);
|
set_second_stage (image_handle);
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user