summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJan Janssen <medhefgo@web.de>2022-09-21 12:39:46 +0200
committerJan Janssen <medhefgo@web.de>2022-10-17 14:47:42 +0200
commit0e3c374e8c0dbf3586fa9ac0262c953585456201 (patch)
tree74cbd450e2aca9f6be483fa42c92bf892abf04f1
parentdcde6ae16551d126f8cd0c3fb9851bb11ac1b938 (diff)
downloadsystemd-0e3c374e8c0dbf3586fa9ac0262c953585456201.tar.gz
boot: Use proper security arch protocol names
This is how the Platform Intregration Specification defines these.
-rw-r--r--src/boot/efi/missing_efi.h49
-rw-r--r--src/boot/efi/shim.c23
2 files changed, 35 insertions, 37 deletions
diff --git a/src/boot/efi/missing_efi.h b/src/boot/efi/missing_efi.h
index 4e80acca56..f9169248ec 100644
--- a/src/boot/efi/missing_efi.h
+++ b/src/boot/efi/missing_efi.h
@@ -309,43 +309,36 @@ typedef struct tdEFI_TCG2_PROTOCOL {
{0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68} }
/* UEFI Platform Initialization (Vol2: DXE) */
-#ifndef SECURITY_PROTOCOL_GUID
+#ifndef EFI_SECURITY_ARCH_PROTOCOL_GUID
-#define SECURITY_PROTOCOL_GUID \
- &(const EFI_GUID) { 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
-#define SECURITY_PROTOCOL2_GUID \
- &(const EFI_GUID) { 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
+#define EFI_SECURITY_ARCH_PROTOCOL_GUID \
+ { 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
+#define EFI_SECURITY2_ARCH_PROTOCOL_GUID \
+ { 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
-struct _EFI_SECURITY2_PROTOCOL;
-struct _EFI_SECURITY_PROTOCOL;
-struct _EFI_DEVICE_PATH_PROTOCOL;
+typedef struct EFI_SECURITY_ARCH_PROTOCOL EFI_SECURITY_ARCH_PROTOCOL;
+typedef struct EFI_SECURITY2_ARCH_PROTOCOL EFI_SECURITY2_ARCH_PROTOCOL;
-typedef struct _EFI_SECURITY2_PROTOCOL EFI_SECURITY2_PROTOCOL;
-typedef struct _EFI_SECURITY_PROTOCOL EFI_SECURITY_PROTOCOL;
-typedef struct _EFI_DEVICE_PATH_PROTOCOL EFI_DEVICE_PATH_PROTOCOL;
+typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE)(
+ const EFI_SECURITY_ARCH_PROTOCOL *This,
+ uint32_t AuthenticationStatus,
+ const EFI_DEVICE_PATH *File);
-typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE) (
- const EFI_SECURITY_PROTOCOL *This,
- UINT32 AuthenticationStatus,
- const EFI_DEVICE_PATH_PROTOCOL *File
-);
+struct EFI_SECURITY_ARCH_PROTOCOL {
+ EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
+};
-typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (
- const EFI_SECURITY2_PROTOCOL *This,
- const EFI_DEVICE_PATH_PROTOCOL *DevicePath,
- VOID *FileBuffer,
- UINTN FileSize,
- BOOLEAN BootPolicy
-);
+typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION)(
+ const EFI_SECURITY2_ARCH_PROTOCOL *This,
+ const EFI_DEVICE_PATH *DevicePath,
+ void *FileBuffer,
+ UINTN FileSize,
+ BOOLEAN BootPolicy);
-struct _EFI_SECURITY2_PROTOCOL {
+struct EFI_SECURITY2_ARCH_PROTOCOL {
EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
};
-struct _EFI_SECURITY_PROTOCOL {
- EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
-};
-
#endif
#ifndef EFI_CONSOLE_CONTROL_GUID
diff --git a/src/boot/efi/shim.c b/src/boot/efi/shim.c
index 8b0407857e..79c89c067e 100644
--- a/src/boot/efi/shim.c
+++ b/src/boot/efi/shim.c
@@ -69,9 +69,12 @@ static EFI_SECURITY2_FILE_AUTHENTICATION es2fa = NULL;
* the SB failure code seems to vary from one implementation to another, and I
* don't want to interfere with that at this time.
*/
-static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PROTOCOL *this,
- const EFI_DEVICE_PATH_PROTOCOL *device_path,
- void *file_buffer, UINTN file_size, BOOLEAN boot_policy) {
+static EFIAPI EFI_STATUS security2_policy_authentication(
+ const EFI_SECURITY2_ARCH_PROTOCOL *this,
+ const EFI_DEVICE_PATH *device_path,
+ void *file_buffer,
+ UINTN file_size,
+ BOOLEAN boot_policy) {
EFI_STATUS err;
assert(this);
@@ -99,8 +102,10 @@ static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PR
* authentication failure, be it EFI_ACCESS_DENIED, EFI_SECURITY_VIOLATION, or something
* else. (This seems to vary between implementations.)
*/
-static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROTOCOL *this, uint32_t authentication_status,
- const EFI_DEVICE_PATH_PROTOCOL *device_path_const) {
+static EFIAPI EFI_STATUS security_policy_authentication(
+ const EFI_SECURITY_ARCH_PROTOCOL *this,
+ uint32_t authentication_status,
+ const EFI_DEVICE_PATH *device_path_const) {
EFI_STATUS err;
_cleanup_free_ char16_t *dev_path_str = NULL;
EFI_HANDLE h;
@@ -138,8 +143,8 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
}
EFI_STATUS security_policy_install(void) {
- EFI_SECURITY_PROTOCOL *security_protocol;
- EFI_SECURITY2_PROTOCOL *security2_protocol = NULL;
+ EFI_SECURITY_ARCH_PROTOCOL *security_protocol;
+ EFI_SECURITY2_ARCH_PROTOCOL *security2_protocol = NULL;
EFI_STATUS err;
/* Already Installed */
@@ -151,9 +156,9 @@ EFI_STATUS security_policy_install(void) {
* to fail, since SECURITY2 was introduced in PI 1.2.1.
* Use security2_protocol == NULL as indicator.
*/
- BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL2_GUID, NULL, (void**) &security2_protocol);
+ BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, NULL, (void **) &security2_protocol);
- err = BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL_GUID, NULL, (void**) &security_protocol);
+ err = BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, NULL, (void**) &security_protocol);
/* This one is mandatory, so there's a serious problem */
if (err != EFI_SUCCESS)
return err;