///\r
/// Global database array for scratch\r
///\r
-UINT8 *mCertDbStore;\r
-UINT32 mMaxCertDbSize;\r
-UINT32 mPlatformMode;\r
-UINT8 mVendorKeyState;\r
+UINT8 *mCertDbStore;\r
+UINT32 mMaxCertDbSize;\r
+UINT32 mPlatformMode;\r
+UINT8 mVendorKeyState;\r
\r
-EFI_GUID mSignatureSupport[] = {EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID};\r
+EFI_GUID mSignatureSupport[] = { EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID };\r
\r
//\r
// Hash context pointer\r
//\r
VOID *mHashCtx = NULL;\r
\r
-VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = {\r
+VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = {\r
{\r
&gEfiSecureBootEnableDisableGuid,\r
EFI_SECURE_BOOT_ENABLE_NAME,\r
},\r
};\r
\r
-VOID **mAuthVarAddressPointer[9];\r
+VOID **mAuthVarAddressPointer[9];\r
\r
-AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn = NULL;\r
+AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn = NULL;\r
\r
/**\r
Initialization for authenticated variable services.\r
OUT AUTH_VAR_LIB_CONTEXT_OUT *AuthVarLibContextOut\r
)\r
{\r
- EFI_STATUS Status;\r
- UINT32 VarAttr;\r
- UINT8 *Data;\r
- UINTN DataSize;\r
- UINTN CtxSize;\r
- UINT8 SecureBootMode;\r
- UINT8 SecureBootEnable;\r
- UINT8 CustomMode;\r
- UINT32 ListSize;\r
+ EFI_STATUS Status;\r
+ UINT32 VarAttr;\r
+ UINT8 *Data;\r
+ UINTN DataSize;\r
+ UINTN CtxSize;\r
+ UINT8 SecureBootMode;\r
+ UINT8 SecureBootEnable;\r
+ UINT8 CustomMode;\r
+ UINT32 ListSize;\r
\r
if ((AuthVarLibContextIn == NULL) || (AuthVarLibContextOut == NULL)) {\r
return EFI_INVALID_PARAMETER;\r
//\r
// Initialize hash context.\r
//\r
- CtxSize = Sha256GetContextSize ();\r
- mHashCtx = AllocateRuntimePool (CtxSize);\r
+ CtxSize = Sha256GetContextSize ();\r
+ mHashCtx = AllocateRuntimePool (CtxSize);\r
if (mHashCtx == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
// Reserve runtime buffer for certificate database. The size excludes variable header and name size.\r
// Use EFI_CERT_DB_VOLATILE_NAME size since it is longer.\r
//\r
- mMaxCertDbSize = (UINT32) (mAuthVarLibContextIn->MaxAuthVariableSize - sizeof (EFI_CERT_DB_VOLATILE_NAME));\r
+ mMaxCertDbSize = (UINT32)(mAuthVarLibContextIn->MaxAuthVariableSize - sizeof (EFI_CERT_DB_VOLATILE_NAME));\r
mCertDbStore = AllocateRuntimePool (mMaxCertDbSize);\r
if (mCertDbStore == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
\r
- Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);\r
+ Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);\r
if (EFI_ERROR (Status)) {\r
DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME));\r
} else {\r
} else {\r
mPlatformMode = USER_MODE;\r
}\r
+\r
Status = AuthServiceInternalUpdateVariable (\r
EFI_SETUP_MODE_NAME,\r
&gEfiGlobalVariableGuid,\r
&mPlatformMode,\r
- sizeof(UINT8),\r
+ sizeof (UINT8),\r
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS\r
);\r
if (EFI_ERROR (Status)) {\r
//\r
// Create "SignatureSupport" variable with BS+RT attribute set.\r
//\r
- Status = AuthServiceInternalUpdateVariable (\r
- EFI_SIGNATURE_SUPPORT_NAME,\r
- &gEfiGlobalVariableGuid,\r
- mSignatureSupport,\r
- sizeof(mSignatureSupport),\r
- EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS\r
- );\r
+ Status = AuthServiceInternalUpdateVariable (\r
+ EFI_SIGNATURE_SUPPORT_NAME,\r
+ &gEfiGlobalVariableGuid,\r
+ mSignatureSupport,\r
+ sizeof (mSignatureSupport),\r
+ EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
// If "SecureBootEnable" variable is SECURE_BOOT_DISABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_DISABLE.\r
//\r
SecureBootEnable = SECURE_BOOT_DISABLE;\r
- Status = AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID **) &Data, &DataSize);\r
+ Status = AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID **)&Data, &DataSize);\r
if (!EFI_ERROR (Status)) {\r
- if (mPlatformMode == USER_MODE){\r
- SecureBootEnable = *(UINT8 *) Data;\r
+ if (mPlatformMode == USER_MODE) {\r
+ SecureBootEnable = *(UINT8 *)Data;\r
}\r
} else if (mPlatformMode == USER_MODE) {\r
//\r
// "SecureBootEnable" not exist, initialize it in USER_MODE.\r
//\r
SecureBootEnable = SECURE_BOOT_ENABLE;\r
- Status = AuthServiceInternalUpdateVariable (\r
- EFI_SECURE_BOOT_ENABLE_NAME,\r
- &gEfiSecureBootEnableDisableGuid,\r
- &SecureBootEnable,\r
- sizeof (UINT8),\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
- );\r
+ Status = AuthServiceInternalUpdateVariable (\r
+ EFI_SECURE_BOOT_ENABLE_NAME,\r
+ &gEfiSecureBootEnableDisableGuid,\r
+ &SecureBootEnable,\r
+ sizeof (UINT8),\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
//\r
// Create "SecureBoot" variable with BS+RT attribute set.\r
//\r
- if (SecureBootEnable == SECURE_BOOT_ENABLE && mPlatformMode == USER_MODE) {\r
+ if ((SecureBootEnable == SECURE_BOOT_ENABLE) && (mPlatformMode == USER_MODE)) {\r
SecureBootMode = SECURE_BOOT_MODE_ENABLE;\r
} else {\r
SecureBootMode = SECURE_BOOT_MODE_DISABLE;\r
}\r
+\r
Status = AuthServiceInternalUpdateVariable (\r
EFI_SECURE_BOOT_MODE_NAME,\r
&gEfiGlobalVariableGuid,\r
// Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.\r
//\r
CustomMode = STANDARD_SECURE_BOOT_MODE;\r
- Status = AuthServiceInternalUpdateVariable (\r
- EFI_CUSTOM_MODE_NAME,\r
- &gEfiCustomModeEnableGuid,\r
- &CustomMode,\r
- sizeof (UINT8),\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
- );\r
+ Status = AuthServiceInternalUpdateVariable (\r
+ EFI_CUSTOM_MODE_NAME,\r
+ &gEfiCustomModeEnableGuid,\r
+ &CustomMode,\r
+ sizeof (UINT8),\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
Status = AuthServiceInternalFindVariable (\r
EFI_CERT_DB_NAME,\r
&gEfiCertDbGuid,\r
- (VOID **) &Data,\r
+ (VOID **)&Data,\r
&DataSize\r
);\r
if (EFI_ERROR (Status)) {\r
//\r
// Clean up Certs to make certDB & Time based auth variable consistent\r
//\r
- Status = CleanCertsFromDb();\r
+ Status = CleanCertsFromDb ();\r
if (EFI_ERROR (Status)) {\r
DEBUG ((DEBUG_ERROR, "Clean up CertDB fail! Status %x\n", Status));\r
return Status;\r
//\r
// Check "VendorKeysNv" variable's existence and create "VendorKeys" variable accordingly.\r
//\r
- Status = AuthServiceInternalFindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME, &gEfiVendorKeysNvGuid, (VOID **) &Data, &DataSize);\r
+ Status = AuthServiceInternalFindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME, &gEfiVendorKeysNvGuid, (VOID **)&Data, &DataSize);\r
if (!EFI_ERROR (Status)) {\r
mVendorKeyState = *(UINT8 *)Data;\r
} else {\r
// "VendorKeysNv" not exist, initialize it in VENDOR_KEYS_VALID state.\r
//\r
mVendorKeyState = VENDOR_KEYS_VALID;\r
- Status = AuthServiceInternalUpdateVariable (\r
- EFI_VENDOR_KEYS_NV_VARIABLE_NAME,\r
- &gEfiVendorKeysNvGuid,\r
- &mVendorKeyState,\r
- sizeof (UINT8),\r
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS\r
- );\r
+ Status = AuthServiceInternalUpdateVariable (\r
+ EFI_VENDOR_KEYS_NV_VARIABLE_NAME,\r
+ &gEfiVendorKeysNvGuid,\r
+ &mVendorKeyState,\r
+ sizeof (UINT8),\r
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
\r
DEBUG ((DEBUG_INFO, "Variable %s is %x\n", EFI_VENDOR_KEYS_VARIABLE_NAME, mVendorKeyState));\r
\r
- AuthVarLibContextOut->StructVersion = AUTH_VAR_LIB_CONTEXT_OUT_STRUCT_VERSION;\r
- AuthVarLibContextOut->StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_OUT);\r
- AuthVarLibContextOut->AuthVarEntry = mAuthVarEntry;\r
- AuthVarLibContextOut->AuthVarEntryCount = ARRAY_SIZE (mAuthVarEntry);\r
- mAuthVarAddressPointer[0] = (VOID **) &mCertDbStore;\r
- mAuthVarAddressPointer[1] = (VOID **) &mHashCtx;\r
- mAuthVarAddressPointer[2] = (VOID **) &mAuthVarLibContextIn;\r
- mAuthVarAddressPointer[3] = (VOID **) &(mAuthVarLibContextIn->FindVariable),\r
- mAuthVarAddressPointer[4] = (VOID **) &(mAuthVarLibContextIn->FindNextVariable),\r
- mAuthVarAddressPointer[5] = (VOID **) &(mAuthVarLibContextIn->UpdateVariable),\r
- mAuthVarAddressPointer[6] = (VOID **) &(mAuthVarLibContextIn->GetScratchBuffer),\r
- mAuthVarAddressPointer[7] = (VOID **) &(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),\r
- mAuthVarAddressPointer[8] = (VOID **) &(mAuthVarLibContextIn->AtRuntime),\r
- AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;\r
+ AuthVarLibContextOut->StructVersion = AUTH_VAR_LIB_CONTEXT_OUT_STRUCT_VERSION;\r
+ AuthVarLibContextOut->StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_OUT);\r
+ AuthVarLibContextOut->AuthVarEntry = mAuthVarEntry;\r
+ AuthVarLibContextOut->AuthVarEntryCount = ARRAY_SIZE (mAuthVarEntry);\r
+ mAuthVarAddressPointer[0] = (VOID **)&mCertDbStore;\r
+ mAuthVarAddressPointer[1] = (VOID **)&mHashCtx;\r
+ mAuthVarAddressPointer[2] = (VOID **)&mAuthVarLibContextIn;\r
+ mAuthVarAddressPointer[3] = (VOID **)&(mAuthVarLibContextIn->FindVariable),\r
+ mAuthVarAddressPointer[4] = (VOID **)&(mAuthVarLibContextIn->FindNextVariable),\r
+ mAuthVarAddressPointer[5] = (VOID **)&(mAuthVarLibContextIn->UpdateVariable),\r
+ mAuthVarAddressPointer[6] = (VOID **)&(mAuthVarLibContextIn->GetScratchBuffer),\r
+ mAuthVarAddressPointer[7] = (VOID **)&(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),\r
+ mAuthVarAddressPointer[8] = (VOID **)&(mAuthVarLibContextIn->AtRuntime),\r
+ AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;\r
AuthVarLibContextOut->AddressPointerCount = ARRAY_SIZE (mAuthVarAddressPointer);\r
\r
return Status;\r
EFI_STATUS\r
EFIAPI\r
AuthVariableLibProcessVariable (\r
- IN CHAR16 *VariableName,\r
- IN EFI_GUID *VendorGuid,\r
- IN VOID *Data,\r
- IN UINTN DataSize,\r
- IN UINT32 Attributes\r
+ IN CHAR16 *VariableName,\r
+ IN EFI_GUID *VendorGuid,\r
+ IN VOID *Data,\r
+ IN UINTN DataSize,\r
+ IN UINT32 Attributes\r
)\r
{\r
- EFI_STATUS Status;\r
+ EFI_STATUS Status;\r
\r
- if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)){\r
+ if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)) {\r
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, TRUE);\r
} else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) {\r
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, FALSE);\r
((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) ||\r
(StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||\r
(StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0)\r
- )) {\r
+ ))\r
+ {\r
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, FALSE);\r
if (EFI_ERROR (Status)) {\r
Status = ProcessVarWithKek (VariableName, VendorGuid, Data, DataSize, Attributes);\r