[mirror_edk2.git] / OvmfPkg / EnrollDefaultKeys / EnrollDefaultKeys.c

/** @file\r
  Enroll default PK, KEK, db, dbx.\r
\r
  Copyright (C) 2014-2019, Red Hat, Inc.\r
\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
**/\r
#include <Guid/AuthenticatedVariableFormat.h>    // gEfiCustomModeEnableGuid\r
#include <Guid/GlobalVariable.h>                 // EFI_SETUP_MODE_NAME\r
#include <Guid/ImageAuthentication.h>            // EFI_IMAGE_SECURITY_DATABASE\r
#include <Guid/MicrosoftVendor.h>                // gMicrosoftVendorGuid\r
#include <Library/BaseMemoryLib.h>               // CopyGuid()\r
#include <Library/DebugLib.h>                    // ASSERT()\r
#include <Library/MemoryAllocationLib.h>         // FreePool()\r
#include <Library/ShellCEntryLib.h>              // ShellAppMain()\r
#include <Library/UefiLib.h>                     // AsciiPrint()\r
#include <Library/UefiRuntimeServicesTableLib.h> // gRT\r
\r
#include "EnrollDefaultKeys.h"\r
\r
\r
/**\r
  Enroll a set of certificates in a global variable, overwriting it.\r
\r
  The variable will be rewritten with NV+BS+RT+AT attributes.\r
\r
  @param[in] VariableName  The name of the variable to overwrite.\r
\r
  @param[in] VendorGuid    The namespace (ie. vendor GUID) of the variable to\r
                           overwrite.\r
\r
  @param[in] CertType      The GUID determining the type of all the\r
                           certificates in the set that is passed in. For\r
                           example, gEfiCertX509Guid stands for DER-encoded\r
                           X.509 certificates, while gEfiCertSha256Guid stands\r
                           for SHA256 image hashes.\r
\r
  @param[in] ...           A list of\r
\r
                             IN CONST UINT8    *Cert,\r
                             IN UINTN          CertSize,\r
                             IN CONST EFI_GUID *OwnerGuid\r
\r
                           triplets. If the first component of a triplet is\r
                           NULL, then the other two components are not\r
                           accessed, and processing is terminated. The list of\r
                           certificates is enrolled in the variable specified,\r
                           overwriting it. The OwnerGuid component identifies\r
                           the agent installing the certificate.\r
\r
  @retval EFI_INVALID_PARAMETER  The triplet list is empty (ie. the first Cert\r
                                 value is NULL), or one of the CertSize values\r
                                 is 0, or one of the CertSize values would\r
                                 overflow the accumulated UINT32 data size.\r
\r
  @retval EFI_OUT_OF_RESOURCES   Out of memory while formatting variable\r
                                 payload.\r
\r
  @retval EFI_SUCCESS            Enrollment successful; the variable has been\r
                                 overwritten (or created).\r
\r
  @return                        Error codes from gRT->GetTime() and\r
                                 gRT->SetVariable().\r
**/\r
STATIC\r
EFI_STATUS\r
EFIAPI\r
EnrollListOfCerts (\r
  IN CHAR16   *VariableName,\r
  IN EFI_GUID *VendorGuid,\r
  IN EFI_GUID *CertType,\r
  ...\r
  )\r
{\r
  UINTN            DataSize;\r
  SINGLE_HEADER    *SingleHeader;\r
  REPEATING_HEADER *RepeatingHeader;\r
  VA_LIST          Marker;\r
  CONST UINT8      *Cert;\r
  EFI_STATUS       Status;\r
  UINT8            *Data;\r
  UINT8            *Position;\r
\r
  Status = EFI_SUCCESS;\r
\r
  //\r
  // compute total size first, for UINT32 range check, and allocation\r
  //\r
  DataSize = sizeof *SingleHeader;\r
  VA_START (Marker, CertType);\r
  for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
       Cert != NULL;\r
       Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
    UINTN          CertSize;\r
\r
    CertSize = VA_ARG (Marker, UINTN);\r
    (VOID)VA_ARG (Marker, CONST EFI_GUID *);\r
\r
    if (CertSize == 0 ||\r
        CertSize > MAX_UINT32 - sizeof *RepeatingHeader ||\r
        DataSize > MAX_UINT32 - sizeof *RepeatingHeader - CertSize) {\r
      Status = EFI_INVALID_PARAMETER;\r
      break;\r
    }\r
    DataSize += sizeof *RepeatingHeader + CertSize;\r
  }\r
  VA_END (Marker);\r
\r
  if (DataSize == sizeof *SingleHeader) {\r
    Status = EFI_INVALID_PARAMETER;\r
  }\r
  if (EFI_ERROR (Status)) {\r
    goto Out;\r
  }\r
\r
  Data = AllocatePool (DataSize);\r
  if (Data == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Out;\r
  }\r
\r
  Position = Data;\r
\r
  SingleHeader = (SINGLE_HEADER *)Position;\r
  Status = gRT->GetTime (&SingleHeader->TimeStamp, NULL);\r
  if (EFI_ERROR (Status)) {\r
    goto FreeData;\r
  }\r
  SingleHeader->TimeStamp.Pad1       = 0;\r
  SingleHeader->TimeStamp.Nanosecond = 0;\r
  SingleHeader->TimeStamp.TimeZone   = 0;\r
  SingleHeader->TimeStamp.Daylight   = 0;\r
  SingleHeader->TimeStamp.Pad2       = 0;\r
#if 0\r
  SingleHeader->dwLength         = DataSize - sizeof SingleHeader->TimeStamp;\r
#else\r
  //\r
  // This looks like a bug in edk2. According to the UEFI specification,\r
  // dwLength is "The length of the entire certificate, including the length of\r
  // the header, in bytes". That shouldn't stop right after CertType -- it\r
  // should include everything below it.\r
  //\r
  SingleHeader->dwLength         = sizeof *SingleHeader\r
                                     - sizeof SingleHeader->TimeStamp;\r
#endif\r
  SingleHeader->wRevision        = 0x0200;\r
  SingleHeader->wCertificateType = WIN_CERT_TYPE_EFI_GUID;\r
  CopyGuid (&SingleHeader->CertType, &gEfiCertPkcs7Guid);\r
  Position += sizeof *SingleHeader;\r
\r
  VA_START (Marker, CertType);\r
  for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
       Cert != NULL;\r
       Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
    UINTN            CertSize;\r
    CONST EFI_GUID   *OwnerGuid;\r
\r
    CertSize  = VA_ARG (Marker, UINTN);\r
    OwnerGuid = VA_ARG (Marker, CONST EFI_GUID *);\r
\r
    RepeatingHeader = (REPEATING_HEADER *)Position;\r
    CopyGuid (&RepeatingHeader->SignatureType, CertType);\r
    RepeatingHeader->SignatureListSize   =\r
      (UINT32)(sizeof *RepeatingHeader + CertSize);\r
    RepeatingHeader->SignatureHeaderSize = 0;\r
    RepeatingHeader->SignatureSize       =\r
      (UINT32)(sizeof RepeatingHeader->SignatureOwner + CertSize);\r
    CopyGuid (&RepeatingHeader->SignatureOwner, OwnerGuid);\r
    Position += sizeof *RepeatingHeader;\r
\r
    CopyMem (Position, Cert, CertSize);\r
    Position += CertSize;\r
  }\r
  VA_END (Marker);\r
\r
  ASSERT (Data + DataSize == Position);\r
\r
  Status = gRT->SetVariable (VariableName, VendorGuid,\r
                  (EFI_VARIABLE_NON_VOLATILE |\r
                   EFI_VARIABLE_BOOTSERVICE_ACCESS |\r
                   EFI_VARIABLE_RUNTIME_ACCESS |\r
                   EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS),\r
                  DataSize, Data);\r
\r
FreeData:\r
  FreePool (Data);\r
\r
Out:\r
  if (EFI_ERROR (Status)) {\r
    AsciiPrint ("error: %a(\"%s\", %g): %r\n", __FUNCTION__, VariableName,\r
      VendorGuid, Status);\r
  }\r
  return Status;\r
}\r
\r
\r
/**\r
  Read a UEFI variable into a caller-allocated buffer, enforcing an exact size.\r
\r
  @param[in] VariableName  The name of the variable to read; passed to\r
                           gRT->GetVariable().\r
\r
  @param[in] VendorGuid    The vendor (namespace) GUID of the variable to read;\r
                           passed to gRT->GetVariable().\r
\r
  @param[out] Data         The caller-allocated buffer that is supposed to\r
                           receive the variable's contents. On error, the\r
                           contents of Data are indeterminate.\r
\r
  @param[in] DataSize      The size in bytes that the caller requires the UEFI\r
                           variable to have. The caller is responsible for\r
                           providing room for DataSize bytes in Data.\r
\r
  @param[in] AllowMissing  If FALSE, the variable is required to exist. If\r
                           TRUE, the variable is permitted to be missing.\r
\r
  @retval EFI_SUCCESS           The UEFI variable exists, has the required size\r
                                (DataSize), and has been read into Data.\r
\r
  @retval EFI_SUCCESS           The UEFI variable doesn't exist, and\r
                                AllowMissing is TRUE. DataSize bytes in Data\r
                                have been zeroed out.\r
\r
  @retval EFI_NOT_FOUND         The UEFI variable doesn't exist, and\r
                                AllowMissing is FALSE.\r
\r
  @retval EFI_BUFFER_TOO_SMALL  The UEFI variable exists, but its size is\r
                                greater than DataSize.\r
\r
  @retval EFI_PROTOCOL_ERROR    The UEFI variable exists, but its size is\r
                                smaller than DataSize.\r
\r
  @return                       Error codes propagated from gRT->GetVariable().\r
**/\r
STATIC\r
EFI_STATUS\r
GetExact (\r
  IN CHAR16   *VariableName,\r
  IN EFI_GUID *VendorGuid,\r
  OUT VOID    *Data,\r
  IN UINTN    DataSize,\r
  IN BOOLEAN  AllowMissing\r
  )\r
{\r
  UINTN      Size;\r
  EFI_STATUS Status;\r
\r
  Size = DataSize;\r
  Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &Size, Data);\r
  if (EFI_ERROR (Status)) {\r
    if (Status == EFI_NOT_FOUND && AllowMissing) {\r
      ZeroMem (Data, DataSize);\r
      return EFI_SUCCESS;\r
    }\r
\r
    AsciiPrint ("error: GetVariable(\"%s\", %g): %r\n", VariableName,\r
      VendorGuid, Status);\r
    return Status;\r
  }\r
\r
  if (Size != DataSize) {\r
    AsciiPrint ("error: GetVariable(\"%s\", %g): expected size 0x%Lx, "\r
      "got 0x%Lx\n", VariableName, VendorGuid, (UINT64)DataSize, (UINT64)Size);\r
    return EFI_PROTOCOL_ERROR;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
\r
/**\r
  Populate a SETTINGS structure from the underlying UEFI variables.\r
\r
  The following UEFI variables are standard variables:\r
  - L"SetupMode"  (EFI_SETUP_MODE_NAME)\r
  - L"SecureBoot" (EFI_SECURE_BOOT_MODE_NAME)\r
  - L"VendorKeys" (EFI_VENDOR_KEYS_VARIABLE_NAME)\r
\r
  The following UEFI variables are edk2 extensions:\r
  - L"SecureBootEnable" (EFI_SECURE_BOOT_ENABLE_NAME)\r
  - L"CustomMode"       (EFI_CUSTOM_MODE_NAME)\r
\r
  The L"SecureBootEnable" UEFI variable is permitted to be missing, in which\r
  case the corresponding field in the SETTINGS object will be zeroed out. The\r
  rest of the covered UEFI variables are required to exist; otherwise, the\r
  function will fail.\r
\r
  @param[out] Settings  The SETTINGS object to fill.\r
\r
  @retval EFI_SUCCESS  Settings has been populated.\r
\r
  @return              Error codes propagated from the GetExact() function. The\r
                       contents of Settings are indeterminate.\r
**/\r
STATIC\r
EFI_STATUS\r
GetSettings (\r
  OUT SETTINGS *Settings\r
  )\r
{\r
  EFI_STATUS Status;\r
\r
  Status = GetExact (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid,\r
             &Settings->SetupMode, sizeof Settings->SetupMode, FALSE);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  Status = GetExact (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid,\r
             &Settings->SecureBoot, sizeof Settings->SecureBoot, FALSE);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  Status = GetExact (EFI_SECURE_BOOT_ENABLE_NAME,\r
             &gEfiSecureBootEnableDisableGuid, &Settings->SecureBootEnable,\r
             sizeof Settings->SecureBootEnable, TRUE);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  Status = GetExact (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
             &Settings->CustomMode, sizeof Settings->CustomMode, FALSE);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
\r
  Status = GetExact (EFI_VENDOR_KEYS_VARIABLE_NAME, &gEfiGlobalVariableGuid,\r
             &Settings->VendorKeys, sizeof Settings->VendorKeys, FALSE);\r
  return Status;\r
}\r
\r
\r
/**\r
  Print the contents of a SETTINGS structure to the UEFI console.\r
\r
  @param[in] Settings  The SETTINGS object to print the contents of.\r
**/\r
STATIC\r
VOID\r
PrintSettings (\r
  IN CONST SETTINGS *Settings\r
  )\r
{\r
  AsciiPrint ("info: SetupMode=%d SecureBoot=%d SecureBootEnable=%d "\r
    "CustomMode=%d VendorKeys=%d\n", Settings->SetupMode, Settings->SecureBoot,\r
    Settings->SecureBootEnable, Settings->CustomMode, Settings->VendorKeys);\r
}\r
\r
\r
/**\r
  Entry point function of this shell application.\r
**/\r
INTN\r
EFIAPI\r
ShellAppMain (\r
  IN UINTN  Argc,\r
  IN CHAR16 **Argv\r
  )\r
{\r
  EFI_STATUS Status;\r
  SETTINGS   Settings;\r
\r
  Status = GetSettings (&Settings);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
  PrintSettings (&Settings);\r
\r
  if (Settings.SetupMode != 1) {\r
    AsciiPrint ("error: already in User Mode\n");\r
    return 1;\r
  }\r
\r
  if (Settings.CustomMode != CUSTOM_SECURE_BOOT_MODE) {\r
    Settings.CustomMode = CUSTOM_SECURE_BOOT_MODE;\r
    Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
                    (EFI_VARIABLE_NON_VOLATILE |\r
                     EFI_VARIABLE_BOOTSERVICE_ACCESS),\r
                    sizeof Settings.CustomMode, &Settings.CustomMode);\r
    if (EFI_ERROR (Status)) {\r
      AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
        &gEfiCustomModeEnableGuid, Status);\r
      return 1;\r
    }\r
  }\r
\r
  Status = EnrollListOfCerts (\r
             EFI_IMAGE_SECURITY_DATABASE,\r
             &gEfiImageSecurityDatabaseGuid,\r
             &gEfiCertX509Guid,\r
             mMicrosoftPca,    mSizeOfMicrosoftPca,    &gMicrosoftVendorGuid,\r
             mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid,\r
             NULL);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
\r
  Status = EnrollListOfCerts (\r
             EFI_IMAGE_SECURITY_DATABASE1,\r
             &gEfiImageSecurityDatabaseGuid,\r
             &gEfiCertSha256Guid,\r
             mSha256OfDevNull, mSizeOfSha256OfDevNull, &gEfiCallerIdGuid,\r
             NULL);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
\r
  Status = EnrollListOfCerts (\r
             EFI_KEY_EXCHANGE_KEY_NAME,\r
             &gEfiGlobalVariableGuid,\r
             &gEfiCertX509Guid,\r
             mRedHatPkKek1, mSizeOfRedHatPkKek1, &gEfiCallerIdGuid,\r
             mMicrosoftKek, mSizeOfMicrosoftKek, &gMicrosoftVendorGuid,\r
             NULL);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
\r
  Status = EnrollListOfCerts (\r
             EFI_PLATFORM_KEY_NAME,\r
             &gEfiGlobalVariableGuid,\r
             &gEfiCertX509Guid,\r
             mRedHatPkKek1, mSizeOfRedHatPkKek1, &gEfiGlobalVariableGuid,\r
             NULL);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
\r
  Settings.CustomMode = STANDARD_SECURE_BOOT_MODE;\r
  Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
                  EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
                  sizeof Settings.CustomMode, &Settings.CustomMode);\r
  if (EFI_ERROR (Status)) {\r
    AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
      &gEfiCustomModeEnableGuid, Status);\r
    return 1;\r
  }\r
\r
  Status = GetSettings (&Settings);\r
  if (EFI_ERROR (Status)) {\r
    return 1;\r
  }\r
  PrintSettings (&Settings);\r
\r
  if (Settings.SetupMode != 0 || Settings.SecureBoot != 1 ||\r
      Settings.SecureBootEnable != 1 || Settings.CustomMode != 0 ||\r
      Settings.VendorKeys != 0) {\r
    AsciiPrint ("error: unexpected\n");\r
    return 1;\r
  }\r
\r
  AsciiPrint ("info: success\n");\r
  return 0;\r
}\r
Commit	Line	Data
b1163623	1	/** @file\r
3defea06	2	Enroll default PK, KEK, db, dbx.\r
b1163623	3	\r
3defea06	4	Copyright (C) 2014-2019, Red Hat, Inc.\r
b1163623	5	\r
3defea06	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
b1163623 LE	7	**/\r
	8	#include <Guid/AuthenticatedVariableFormat.h> // gEfiCustomModeEnableGuid\r
	9	#include <Guid/GlobalVariable.h> // EFI_SETUP_MODE_NAME\r
	10	#include <Guid/ImageAuthentication.h> // EFI_IMAGE_SECURITY_DATABASE\r
7eeaa758	11	#include <Guid/MicrosoftVendor.h> // gMicrosoftVendorGuid\r
b1163623 LE	12	#include <Library/BaseMemoryLib.h> // CopyGuid()\r
	13	#include <Library/DebugLib.h> // ASSERT()\r
	14	#include <Library/MemoryAllocationLib.h> // FreePool()\r
	15	#include <Library/ShellCEntryLib.h> // ShellAppMain()\r
	16	#include <Library/UefiLib.h> // AsciiPrint()\r
	17	#include <Library/UefiRuntimeServicesTableLib.h> // gRT\r
	18	\r
1c9418fc LE	19	#include "EnrollDefaultKeys.h"\r
1c9418fc LE	20	\r
86bf2672	21	\r
b1163623 LE	22	/**\r
	23	Enroll a set of certificates in a global variable, overwriting it.\r
	24	\r
	25	The variable will be rewritten with NV+BS+RT+AT attributes.\r
	26	\r
	27	@param[in] VariableName The name of the variable to overwrite.\r
	28	\r
	29	@param[in] VendorGuid The namespace (ie. vendor GUID) of the variable to\r
	30	overwrite.\r
	31	\r
	32	@param[in] CertType The GUID determining the type of all the\r
	33	certificates in the set that is passed in. For\r
	34	example, gEfiCertX509Guid stands for DER-encoded\r
	35	X.509 certificates, while gEfiCertSha256Guid stands\r
	36	for SHA256 image hashes.\r
	37	\r
	38	@param[in] ... A list of\r
	39	\r
	40	IN CONST UINT8 *Cert,\r
	41	IN UINTN CertSize,\r
	42	IN CONST EFI_GUID *OwnerGuid\r
	43	\r
	44	triplets. If the first component of a triplet is\r
	45	NULL, then the other two components are not\r
	46	accessed, and processing is terminated. The list of\r
	47	certificates is enrolled in the variable specified,\r
	48	overwriting it. The OwnerGuid component identifies\r
	49	the agent installing the certificate.\r
	50	\r
	51	@retval EFI_INVALID_PARAMETER The triplet list is empty (ie. the first Cert\r
	52	value is NULL), or one of the CertSize values\r
	53	is 0, or one of the CertSize values would\r
	54	overflow the accumulated UINT32 data size.\r
	55	\r
	56	@retval EFI_OUT_OF_RESOURCES Out of memory while formatting variable\r
	57	payload.\r
	58	\r
	59	@retval EFI_SUCCESS Enrollment successful; the variable has been\r
	60	overwritten (or created).\r
	61	\r
	62	@return Error codes from gRT->GetTime() and\r
	63	gRT->SetVariable().\r
	64	**/\r
	65	STATIC\r
	66	EFI_STATUS\r
	67	EFIAPI\r
	68	EnrollListOfCerts (\r
	69	IN CHAR16 *VariableName,\r
	70	IN EFI_GUID *VendorGuid,\r
	71	IN EFI_GUID *CertType,\r
	72	...\r
	73	)\r
	74	{\r
	75	UINTN DataSize;\r
	76	SINGLE_HEADER *SingleHeader;\r
	77	REPEATING_HEADER *RepeatingHeader;\r
	78	VA_LIST Marker;\r
	79	CONST UINT8 *Cert;\r
	80	EFI_STATUS Status;\r
	81	UINT8 *Data;\r
	82	UINT8 *Position;\r
	83	\r
	84	Status = EFI_SUCCESS;\r
	85	\r
86	//\r
87	// compute total size first, for UINT32 range check, and allocation\r
88	//\r
89	DataSize = sizeof *SingleHeader;\r
90	VA_START (Marker, CertType);\r
91	for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
92	Cert != NULL;\r
93	Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
94	UINTN CertSize;\r
95	\r
96	CertSize = VA_ARG (Marker, UINTN);\r
97	(VOID)VA_ARG (Marker, CONST EFI_GUID *);\r
98	\r
99	if (CertSize == 0 \|\|\r
100	CertSize > MAX_UINT32 - sizeof *RepeatingHeader \|\|\r
101	DataSize > MAX_UINT32 - sizeof *RepeatingHeader - CertSize) {\r
102	Status = EFI_INVALID_PARAMETER;\r
103	break;\r
104	}\r
105	DataSize += sizeof *RepeatingHeader + CertSize;\r
106	}\r
107	VA_END (Marker);\r
108	\r
109	if (DataSize == sizeof *SingleHeader) {\r
110	Status = EFI_INVALID_PARAMETER;\r
111	}\r
112	if (EFI_ERROR (Status)) {\r
113	goto Out;\r
114	}\r
115	\r
116	Data = AllocatePool (DataSize);\r
117	if (Data == NULL) {\r
118	Status = EFI_OUT_OF_RESOURCES;\r
119	goto Out;\r
120	}\r
121	\r
122	Position = Data;\r
123	\r
124	SingleHeader = (SINGLE_HEADER *)Position;\r
125	Status = gRT->GetTime (&SingleHeader->TimeStamp, NULL);\r
126	if (EFI_ERROR (Status)) {\r
127	goto FreeData;\r
128	}\r
129	SingleHeader->TimeStamp.Pad1 = 0;\r
130	SingleHeader->TimeStamp.Nanosecond = 0;\r
131	SingleHeader->TimeStamp.TimeZone = 0;\r
132	SingleHeader->TimeStamp.Daylight = 0;\r
133	SingleHeader->TimeStamp.Pad2 = 0;\r
134	#if 0\r
135	SingleHeader->dwLength = DataSize - sizeof SingleHeader->TimeStamp;\r
136	#else\r
137	//\r
138	// This looks like a bug in edk2. According to the UEFI specification,\r
139	// dwLength is "The length of the entire certificate, including the length of\r
140	// the header, in bytes". That shouldn't stop right after CertType -- it\r
141	// should include everything below it.\r
142	//\r
143	SingleHeader->dwLength = sizeof *SingleHeader\r
144	- sizeof SingleHeader->TimeStamp;\r
145	#endif\r
146	SingleHeader->wRevision = 0x0200;\r
147	SingleHeader->wCertificateType = WIN_CERT_TYPE_EFI_GUID;\r
148	CopyGuid (&SingleHeader->CertType, &gEfiCertPkcs7Guid);\r
149	Position += sizeof *SingleHeader;\r
150	\r
151	VA_START (Marker, CertType);\r
152	for (Cert = VA_ARG (Marker, CONST UINT8 *);\r
153	Cert != NULL;\r
154	Cert = VA_ARG (Marker, CONST UINT8 *)) {\r
155	UINTN CertSize;\r
156	CONST EFI_GUID *OwnerGuid;\r
157	\r
158	CertSize = VA_ARG (Marker, UINTN);\r
159	OwnerGuid = VA_ARG (Marker, CONST EFI_GUID *);\r
160	\r
161	RepeatingHeader = (REPEATING_HEADER *)Position;\r
162	CopyGuid (&RepeatingHeader->SignatureType, CertType);\r
163	RepeatingHeader->SignatureListSize =\r
164	(UINT32)(sizeof *RepeatingHeader + CertSize);\r
165	RepeatingHeader->SignatureHeaderSize = 0;\r
166	RepeatingHeader->SignatureSize =\r
167	(UINT32)(sizeof RepeatingHeader->SignatureOwner + CertSize);\r
168	CopyGuid (&RepeatingHeader->SignatureOwner, OwnerGuid);\r
169	Position += sizeof *RepeatingHeader;\r
170	\r
171	CopyMem (Position, Cert, CertSize);\r
172	Position += CertSize;\r
173	}\r
174	VA_END (Marker);\r
175	\r
176	ASSERT (Data + DataSize == Position);\r
177	\r
178	Status = gRT->SetVariable (VariableName, VendorGuid,\r
179	(EFI_VARIABLE_NON_VOLATILE \|\r
180	EFI_VARIABLE_BOOTSERVICE_ACCESS \|\r
181	EFI_VARIABLE_RUNTIME_ACCESS \|\r
182	EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS),\r
183	DataSize, Data);\r
184	\r
185	FreeData:\r
186	FreePool (Data);\r
187	\r
188	Out:\r
189	if (EFI_ERROR (Status)) {\r
190	AsciiPrint ("error: %a(\"%s\", %g): %r\n", __FUNCTION__, VariableName,\r
191	VendorGuid, Status);\r
192	}\r
193	return Status;\r
194	}\r
195	\r
196	\r
86bf2672 LE	197	/**\r
	198	Read a UEFI variable into a caller-allocated buffer, enforcing an exact size.\r
	199	\r
	200	@param[in] VariableName The name of the variable to read; passed to\r
	201	gRT->GetVariable().\r
	202	\r
	203	@param[in] VendorGuid The vendor (namespace) GUID of the variable to read;\r
	204	passed to gRT->GetVariable().\r
	205	\r
	206	@param[out] Data The caller-allocated buffer that is supposed to\r
	207	receive the variable's contents. On error, the\r
	208	contents of Data are indeterminate.\r
	209	\r
	210	@param[in] DataSize The size in bytes that the caller requires the UEFI\r
	211	variable to have. The caller is responsible for\r
	212	providing room for DataSize bytes in Data.\r
	213	\r
	214	@param[in] AllowMissing If FALSE, the variable is required to exist. If\r
	215	TRUE, the variable is permitted to be missing.\r
	216	\r
	217	@retval EFI_SUCCESS The UEFI variable exists, has the required size\r
	218	(DataSize), and has been read into Data.\r
	219	\r
	220	@retval EFI_SUCCESS The UEFI variable doesn't exist, and\r
	221	AllowMissing is TRUE. DataSize bytes in Data\r
	222	have been zeroed out.\r
	223	\r
	224	@retval EFI_NOT_FOUND The UEFI variable doesn't exist, and\r
	225	AllowMissing is FALSE.\r
	226	\r
	227	@retval EFI_BUFFER_TOO_SMALL The UEFI variable exists, but its size is\r
	228	greater than DataSize.\r
	229	\r
	230	@retval EFI_PROTOCOL_ERROR The UEFI variable exists, but its size is\r
	231	smaller than DataSize.\r
	232	\r
	233	@return Error codes propagated from gRT->GetVariable().\r
	234	**/\r
b1163623 LE	235	STATIC\r
b1163623 LE	236	EFI_STATUS\r
b1163623 LE	237	GetExact (\r
	238	IN CHAR16 *VariableName,\r
	239	IN EFI_GUID *VendorGuid,\r
	240	OUT VOID *Data,\r
	241	IN UINTN DataSize,\r
	242	IN BOOLEAN AllowMissing\r
	243	)\r
	244	{\r
	245	UINTN Size;\r
	246	EFI_STATUS Status;\r
	247	\r
	248	Size = DataSize;\r
	249	Status = gRT->GetVariable (VariableName, VendorGuid, NULL, &Size, Data);\r
	250	if (EFI_ERROR (Status)) {\r
	251	if (Status == EFI_NOT_FOUND && AllowMissing) {\r
	252	ZeroMem (Data, DataSize);\r
	253	return EFI_SUCCESS;\r
	254	}\r
	255	\r
	256	AsciiPrint ("error: GetVariable(\"%s\", %g): %r\n", VariableName,\r
	257	VendorGuid, Status);\r
	258	return Status;\r
	259	}\r
	260	\r
	261	if (Size != DataSize) {\r
	262	AsciiPrint ("error: GetVariable(\"%s\", %g): expected size 0x%Lx, "\r
	263	"got 0x%Lx\n", VariableName, VendorGuid, (UINT64)DataSize, (UINT64)Size);\r
	264	return EFI_PROTOCOL_ERROR;\r
	265	}\r
	266	\r
	267	return EFI_SUCCESS;\r
	268	}\r
	269	\r
86bf2672 LE	270	\r
	271	/**\r
	272	Populate a SETTINGS structure from the underlying UEFI variables.\r
	273	\r
	274	The following UEFI variables are standard variables:\r
	275	- L"SetupMode" (EFI_SETUP_MODE_NAME)\r
	276	- L"SecureBoot" (EFI_SECURE_BOOT_MODE_NAME)\r
	277	- L"VendorKeys" (EFI_VENDOR_KEYS_VARIABLE_NAME)\r
	278	\r
	279	The following UEFI variables are edk2 extensions:\r
	280	- L"SecureBootEnable" (EFI_SECURE_BOOT_ENABLE_NAME)\r
	281	- L"CustomMode" (EFI_CUSTOM_MODE_NAME)\r
	282	\r
	283	The L"SecureBootEnable" UEFI variable is permitted to be missing, in which\r
	284	case the corresponding field in the SETTINGS object will be zeroed out. The\r
	285	rest of the covered UEFI variables are required to exist; otherwise, the\r
	286	function will fail.\r
	287	\r
	288	@param[out] Settings The SETTINGS object to fill.\r
	289	\r
	290	@retval EFI_SUCCESS Settings has been populated.\r
	291	\r
	292	@return Error codes propagated from the GetExact() function. The\r
	293	contents of Settings are indeterminate.\r
	294	**/\r
b1163623 LE	295	STATIC\r
b1163623 LE	296	EFI_STATUS\r
b1163623 LE	297	GetSettings (\r
	298	OUT SETTINGS *Settings\r
	299	)\r
	300	{\r
	301	EFI_STATUS Status;\r
	302	\r
	303	Status = GetExact (EFI_SETUP_MODE_NAME, &gEfiGlobalVariableGuid,\r
	304	&Settings->SetupMode, sizeof Settings->SetupMode, FALSE);\r
	305	if (EFI_ERROR (Status)) {\r
	306	return Status;\r
	307	}\r
	308	\r
	309	Status = GetExact (EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid,\r
	310	&Settings->SecureBoot, sizeof Settings->SecureBoot, FALSE);\r
	311	if (EFI_ERROR (Status)) {\r
	312	return Status;\r
	313	}\r
	314	\r
	315	Status = GetExact (EFI_SECURE_BOOT_ENABLE_NAME,\r
	316	&gEfiSecureBootEnableDisableGuid, &Settings->SecureBootEnable,\r
	317	sizeof Settings->SecureBootEnable, TRUE);\r
	318	if (EFI_ERROR (Status)) {\r
	319	return Status;\r
	320	}\r
	321	\r
	322	Status = GetExact (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
	323	&Settings->CustomMode, sizeof Settings->CustomMode, FALSE);\r
	324	if (EFI_ERROR (Status)) {\r
	325	return Status;\r
	326	}\r
	327	\r
	328	Status = GetExact (EFI_VENDOR_KEYS_VARIABLE_NAME, &gEfiGlobalVariableGuid,\r
	329	&Settings->VendorKeys, sizeof Settings->VendorKeys, FALSE);\r
	330	return Status;\r
	331	}\r
	332	\r
86bf2672 LE	333	\r
	334	/**\r
	335	Print the contents of a SETTINGS structure to the UEFI console.\r
	336	\r
	337	@param[in] Settings The SETTINGS object to print the contents of.\r
	338	**/\r
b1163623 LE	339	STATIC\r
b1163623 LE	340	VOID\r
b1163623 LE	341	PrintSettings (\r
	342	IN CONST SETTINGS *Settings\r
	343	)\r
	344	{\r
	345	AsciiPrint ("info: SetupMode=%d SecureBoot=%d SecureBootEnable=%d "\r
	346	"CustomMode=%d VendorKeys=%d\n", Settings->SetupMode, Settings->SecureBoot,\r
	347	Settings->SecureBootEnable, Settings->CustomMode, Settings->VendorKeys);\r
	348	}\r
	349	\r
	350	\r
86bf2672 LE	351	/**\r
	352	Entry point function of this shell application.\r
	353	**/\r
b1163623 LE	354	INTN\r
	355	EFIAPI\r
	356	ShellAppMain (\r
	357	IN UINTN Argc,\r
	358	IN CHAR16 **Argv\r
	359	)\r
	360	{\r
	361	EFI_STATUS Status;\r
	362	SETTINGS Settings;\r
	363	\r
	364	Status = GetSettings (&Settings);\r
	365	if (EFI_ERROR (Status)) {\r
	366	return 1;\r
	367	}\r
	368	PrintSettings (&Settings);\r
	369	\r
	370	if (Settings.SetupMode != 1) {\r
	371	AsciiPrint ("error: already in User Mode\n");\r
	372	return 1;\r
	373	}\r
	374	\r
	375	if (Settings.CustomMode != CUSTOM_SECURE_BOOT_MODE) {\r
	376	Settings.CustomMode = CUSTOM_SECURE_BOOT_MODE;\r
	377	Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
	378	(EFI_VARIABLE_NON_VOLATILE \|\r
	379	EFI_VARIABLE_BOOTSERVICE_ACCESS),\r
	380	sizeof Settings.CustomMode, &Settings.CustomMode);\r
	381	if (EFI_ERROR (Status)) {\r
	382	AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
	383	&gEfiCustomModeEnableGuid, Status);\r
	384	return 1;\r
	385	}\r
	386	}\r
	387	\r
	388	Status = EnrollListOfCerts (\r
	389	EFI_IMAGE_SECURITY_DATABASE,\r
	390	&gEfiImageSecurityDatabaseGuid,\r
	391	&gEfiCertX509Guid,\r
7eeaa758 LE	392	mMicrosoftPca, mSizeOfMicrosoftPca, &gMicrosoftVendorGuid,\r
7eeaa758 LE	393	mMicrosoftUefiCa, mSizeOfMicrosoftUefiCa, &gMicrosoftVendorGuid,\r
b1163623 LE	394	NULL);\r
	395	if (EFI_ERROR (Status)) {\r
	396	return 1;\r
	397	}\r
	398	\r
	399	Status = EnrollListOfCerts (\r
	400	EFI_IMAGE_SECURITY_DATABASE1,\r
	401	&gEfiImageSecurityDatabaseGuid,\r
	402	&gEfiCertSha256Guid,\r
a79b115a	403	mSha256OfDevNull, mSizeOfSha256OfDevNull, &gEfiCallerIdGuid,\r
b1163623 LE	404	NULL);\r
	405	if (EFI_ERROR (Status)) {\r
	406	return 1;\r
	407	}\r
	408	\r
	409	Status = EnrollListOfCerts (\r
	410	EFI_KEY_EXCHANGE_KEY_NAME,\r
	411	&gEfiGlobalVariableGuid,\r
	412	&gEfiCertX509Guid,\r
a79b115a	413	mRedHatPkKek1, mSizeOfRedHatPkKek1, &gEfiCallerIdGuid,\r
7eeaa758	414	mMicrosoftKek, mSizeOfMicrosoftKek, &gMicrosoftVendorGuid,\r
b1163623 LE	415	NULL);\r
	416	if (EFI_ERROR (Status)) {\r
	417	return 1;\r
	418	}\r
	419	\r
	420	Status = EnrollListOfCerts (\r
	421	EFI_PLATFORM_KEY_NAME,\r
	422	&gEfiGlobalVariableGuid,\r
	423	&gEfiCertX509Guid,\r
a79b115a	424	mRedHatPkKek1, mSizeOfRedHatPkKek1, &gEfiGlobalVariableGuid,\r
b1163623 LE	425	NULL);\r
	426	if (EFI_ERROR (Status)) {\r
	427	return 1;\r
	428	}\r
	429	\r
	430	Settings.CustomMode = STANDARD_SECURE_BOOT_MODE;\r
	431	Status = gRT->SetVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid,\r
	432	EFI_VARIABLE_NON_VOLATILE \| EFI_VARIABLE_BOOTSERVICE_ACCESS,\r
	433	sizeof Settings.CustomMode, &Settings.CustomMode);\r
	434	if (EFI_ERROR (Status)) {\r
	435	AsciiPrint ("error: SetVariable(\"%s\", %g): %r\n", EFI_CUSTOM_MODE_NAME,\r
	436	&gEfiCustomModeEnableGuid, Status);\r
	437	return 1;\r
	438	}\r
	439	\r
	440	Status = GetSettings (&Settings);\r
	441	if (EFI_ERROR (Status)) {\r
	442	return 1;\r
	443	}\r
	444	PrintSettings (&Settings);\r
	445	\r
	446	if (Settings.SetupMode != 0 \|\| Settings.SecureBoot != 1 \|\|\r
	447	Settings.SecureBootEnable != 1 \|\| Settings.CustomMode != 0 \|\|\r
	448	Settings.VendorKeys != 0) {\r
	449	AsciiPrint ("error: unexpected\n");\r
	450	return 1;\r
	451	}\r
	452	\r
	453	AsciiPrint ("info: success\n");\r
	454	return 0;\r
	455	}\r