]>
Commit | Line | Data |
---|---|---|
608fcadc DH |
1 | /* EFI signature/key/certificate list parser |
2 | * | |
3 | * Copyright (C) 2012, 2016 Red Hat, Inc. All Rights Reserved. | |
4 | * Written by David Howells (dhowells@redhat.com) | |
5 | * | |
6 | * This program is free software; you can redistribute it and/or | |
7 | * modify it under the terms of the GNU General Public Licence | |
8 | * as published by the Free Software Foundation; either version | |
9 | * 2 of the Licence, or (at your option) any later version. | |
10 | */ | |
11 | ||
12 | #define pr_fmt(fmt) "EFI: "fmt | |
13 | #include <linux/module.h> | |
14 | #include <linux/printk.h> | |
15 | #include <linux/err.h> | |
16 | #include <linux/efi.h> | |
17 | ||
18 | /** | |
19 | * parse_efi_signature_list - Parse an EFI signature list for certificates | |
20 | * @source: The source of the key | |
21 | * @data: The data blob to parse | |
22 | * @size: The size of the data blob | |
23 | * @get_handler_for_guid: Get the handler func for the sig type (or NULL) | |
24 | * | |
25 | * Parse an EFI signature list looking for elements of interest. A list is | |
26 | * made up of a series of sublists, where all the elements in a sublist are of | |
27 | * the same type, but sublists can be of different types. | |
28 | * | |
29 | * For each sublist encountered, the @get_handler_for_guid function is called | |
30 | * with the type specifier GUID and returns either a pointer to a function to | |
31 | * handle elements of that type or NULL if the type is not of interest. | |
32 | * | |
33 | * If the sublist is of interest, each element is passed to the handler | |
34 | * function in turn. | |
35 | * | |
36 | * Error EBADMSG is returned if the list doesn't parse correctly and 0 is | |
37 | * returned if the list was parsed correctly. No error can be returned from | |
38 | * the @get_handler_for_guid function or the element handler function it | |
39 | * returns. | |
40 | */ | |
41 | int __init parse_efi_signature_list( | |
42 | const char *source, | |
43 | const void *data, size_t size, | |
44 | efi_element_handler_t (*get_handler_for_guid)(const efi_guid_t *)) | |
45 | { | |
46 | efi_element_handler_t handler; | |
47 | unsigned offs = 0; | |
48 | ||
49 | pr_devel("-->%s(,%zu)\n", __func__, size); | |
50 | ||
51 | while (size > 0) { | |
52 | const efi_signature_data_t *elem; | |
53 | efi_signature_list_t list; | |
54 | size_t lsize, esize, hsize, elsize; | |
55 | ||
56 | if (size < sizeof(list)) | |
57 | return -EBADMSG; | |
58 | ||
59 | memcpy(&list, data, sizeof(list)); | |
60 | pr_devel("LIST[%04x] guid=%pUl ls=%x hs=%x ss=%x\n", | |
61 | offs, | |
62 | list.signature_type.b, list.signature_list_size, | |
63 | list.signature_header_size, list.signature_size); | |
64 | ||
65 | lsize = list.signature_list_size; | |
66 | hsize = list.signature_header_size; | |
67 | esize = list.signature_size; | |
68 | elsize = lsize - sizeof(list) - hsize; | |
69 | ||
70 | if (lsize > size) { | |
71 | pr_devel("<--%s() = -EBADMSG [overrun @%x]\n", | |
72 | __func__, offs); | |
73 | return -EBADMSG; | |
74 | } | |
75 | ||
76 | if (lsize < sizeof(list) || | |
77 | lsize - sizeof(list) < hsize || | |
78 | esize < sizeof(*elem) || | |
79 | elsize < esize || | |
80 | elsize % esize != 0) { | |
81 | pr_devel("- bad size combo @%x\n", offs); | |
82 | return -EBADMSG; | |
83 | } | |
84 | ||
85 | handler = get_handler_for_guid(&list.signature_type); | |
86 | if (!handler) { | |
87 | data += lsize; | |
88 | size -= lsize; | |
89 | offs += lsize; | |
90 | continue; | |
91 | } | |
92 | ||
93 | data += sizeof(list) + hsize; | |
94 | size -= sizeof(list) + hsize; | |
95 | offs += sizeof(list) + hsize; | |
96 | ||
97 | for (; elsize > 0; elsize -= esize) { | |
98 | elem = data; | |
99 | ||
100 | pr_devel("ELEM[%04x]\n", offs); | |
101 | handler(source, | |
102 | &elem->signature_data, | |
103 | esize - sizeof(*elem)); | |
104 | ||
105 | data += esize; | |
106 | size -= esize; | |
107 | offs += esize; | |
108 | } | |
109 | } | |
110 | ||
111 | return 0; | |
112 | } |