(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>\r
Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
+Copyright (c) Microsoft Corporation.\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
--*/\r
EFI_STATUS\r
+EFIAPI\r
SetSecureBootMode (\r
IN UINT8 SecureBootMode\r
);\r
pointer to NULL to wrap an empty payload.\r
On output, Pointer to the new payload date buffer allocated from pool,\r
it's caller's responsibility to free the memory when finish using it.\r
+ @param[in] Time Pointer to time information to created time based payload.\r
\r
@retval EFI_SUCCESS Create time based payload successfully.\r
@retval EFI_OUT_OF_RESOURCES There are not enough memory resources to create time based payload.\r
\r
--*/\r
EFI_STATUS\r
+EFIAPI\r
CreateTimeBasedPayload (\r
- IN OUT UINTN *DataSize,\r
- IN OUT UINT8 **Data\r
+ IN OUT UINTN *DataSize,\r
+ IN OUT UINT8 **Data,\r
+ IN EFI_TIME *Time\r
);\r
\r
/**\r
(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>\r
Copyright (c) 2021, ARM Ltd. All rights reserved.<BR>\r
Copyright (c) 2021, Semihalf All rights reserved.<BR>\r
+ Copyright (c) Microsoft Corporation.\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
**/\r
+#include <Uefi.h>\r
#include <Guid/GlobalVariable.h>\r
#include <Guid/AuthenticatedVariableFormat.h>\r
#include <Guid/ImageAuthentication.h>\r
#include <Library/SecureBootVariableLib.h>\r
#include "Library/DxeServicesLib.h"\r
\r
+// This time can be used when deleting variables, as it should be greater than any variable time.\r
+EFI_TIME mMaxTimestamp = {\r
+ 0xFFFF, // Year\r
+ 0xFF, // Month\r
+ 0xFF, // Day\r
+ 0xFF, // Hour\r
+ 0xFF, // Minute\r
+ 0xFF, // Second\r
+ 0x00,\r
+ 0x00000000, // Nanosecond\r
+ 0,\r
+ 0,\r
+ 0x00\r
+};\r
+\r
/** Creates EFI Signature List structure.\r
\r
@param[in] Data A pointer to signature data.\r
\r
@param[in] KeyFileGuid A pointer to to the FFS filename GUID\r
@param[out] SigListsSize A pointer to size of signature list\r
- @param[out] SigListOut a pointer to a callee-allocated buffer with signature lists\r
+ @param[out] SigListsOut a pointer to a callee-allocated buffer with signature lists\r
\r
@retval EFI_SUCCESS Create time based payload successfully.\r
@retval EFI_NOT_FOUND Section with key has not been found.\r
pointer to NULL to wrap an empty payload.\r
On output, Pointer to the new payload date buffer allocated from pool,\r
it's caller's responsibility to free the memory when finish using it.\r
+ @param[in] Time Pointer to time information to created time based payload.\r
\r
@retval EFI_SUCCESS Create time based payload successfully.\r
@retval EFI_OUT_OF_RESOURCES There are not enough memory resources to create time based payload.\r
@retval EFI_INVALID_PARAMETER The parameter is invalid.\r
@retval Others Unexpected error happens.\r
\r
-**/\r
+--*/\r
EFI_STATUS\r
+EFIAPI\r
CreateTimeBasedPayload (\r
- IN OUT UINTN *DataSize,\r
- IN OUT UINT8 **Data\r
+ IN OUT UINTN *DataSize,\r
+ IN OUT UINT8 **Data,\r
+ IN EFI_TIME *Time\r
)\r
{\r
- EFI_STATUS Status;\r
UINT8 *NewData;\r
UINT8 *Payload;\r
UINTN PayloadSize;\r
EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;\r
UINTN DescriptorSize;\r
- EFI_TIME Time;\r
\r
- if ((Data == NULL) || (DataSize == NULL)) {\r
+ if ((Data == NULL) || (DataSize == NULL) || (Time == NULL)) {\r
+ DEBUG ((DEBUG_ERROR, "%a(), invalid arg\n", __FUNCTION__));\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);\r
NewData = (UINT8 *)AllocateZeroPool (DescriptorSize + PayloadSize);\r
if (NewData == NULL) {\r
+ DEBUG ((DEBUG_ERROR, "%a() Out of resources.\n", __FUNCTION__));\r
return EFI_OUT_OF_RESOURCES;\r
}\r
\r
\r
DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *)(NewData);\r
\r
- ZeroMem (&Time, sizeof (EFI_TIME));\r
- Status = gRT->GetTime (&Time, NULL);\r
- if (EFI_ERROR (Status)) {\r
- FreePool (NewData);\r
- return Status;\r
- }\r
-\r
- Time.Pad1 = 0;\r
- Time.Nanosecond = 0;\r
- Time.TimeZone = 0;\r
- Time.Daylight = 0;\r
- Time.Pad2 = 0;\r
- CopyMem (&DescriptorData->TimeStamp, &Time, sizeof (EFI_TIME));\r
+ CopyMem (&DescriptorData->TimeStamp, Time, sizeof (EFI_TIME));\r
\r
DescriptorData->AuthInfo.Hdr.dwLength = OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);\r
DescriptorData->AuthInfo.Hdr.wRevision = 0x0200;\r
\r
if (Payload != NULL) {\r
FreePool (Payload);\r
+ Payload = NULL;\r
}\r
\r
*DataSize = DescriptorSize + PayloadSize;\r
\r
**/\r
EFI_STATUS\r
+EFIAPI\r
DeleteVariable (\r
IN CHAR16 *VariableName,\r
IN EFI_GUID *VendorGuid\r
Attr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS\r
| EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;\r
\r
- Status = CreateTimeBasedPayload (&DataSize, &Data);\r
+ Status = CreateTimeBasedPayload (&DataSize, &Data, &mMaxTimestamp);\r
if (EFI_ERROR (Status)) {\r
DEBUG ((DEBUG_ERROR, "Fail to create time-based data payload: %r", Status));\r
return Status;\r
\r
**/\r
EFI_STATUS\r
+EFIAPI\r
SetSecureBootMode (\r
IN UINT8 SecureBootMode\r
)\r
projects / mirror_edk2.git / commitdiff