[mirror_edk2.git] / SecurityPkg / VariableAuthenticated / SecureBootConfigDxe / SecureBootConfigImpl.h

/** @file\r
  The header file of HII Config Access protocol implementation of SecureBoot\r
  configuration module.\r
\r
Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#ifndef __SECUREBOOT_CONFIG_IMPL_H__\r
#define __SECUREBOOT_CONFIG_IMPL_H__\r
\r
#include <Uefi.h>\r
\r
#include <Protocol/HiiConfigAccess.h>\r
#include <Protocol/HiiConfigRouting.h>\r
#include <Protocol/SimpleFileSystem.h>\r
#include <Protocol/BlockIo.h>\r
#include <Protocol/DevicePath.h>\r
#include <Protocol/DebugPort.h>\r
#include <Protocol/LoadFile.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/UefiHiiServicesLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/HiiLib.h>\r
#include <Library/DevicePathLib.h>\r
#include <Library/PrintLib.h>\r
#include <Library/PlatformSecureLib.h>\r
#include <Library/BaseCryptLib.h>\r
#include <Library/FileExplorerLib.h>\r
#include <Library/PeCoffLib.h>\r
\r
#include <Guid/MdeModuleHii.h>\r
#include <Guid/AuthenticatedVariableFormat.h>\r
#include <Guid/FileSystemVolumeLabelInfo.h>\r
#include <Guid/ImageAuthentication.h>\r
#include <Guid/FileInfo.h>\r
#include <Guid/WinCertificate.h>\r
\r
#include "SecureBootConfigNvData.h"\r
\r
//\r
// Tool generated IFR binary data and String package data\r
//\r
extern  UINT8  SecureBootConfigBin[];\r
extern  UINT8  SecureBootConfigDxeStrings[];\r
\r
//\r
// Shared IFR form update data\r
//\r
extern  VOID                *mStartOpCodeHandle;\r
extern  VOID                *mEndOpCodeHandle;\r
extern  EFI_IFR_GUID_LABEL  *mStartLabel;\r
extern  EFI_IFR_GUID_LABEL  *mEndLabel;\r
\r
#define MAX_CHAR         480\r
#define TWO_BYTE_ENCODE  0x82\r
#define BUFFER_MAX_SIZE  100\r
\r
//\r
// SHA-256 digest size in bytes\r
//\r
#define SHA256_DIGEST_SIZE  32\r
//\r
// SHA-384 digest size in bytes\r
//\r
#define SHA384_DIGEST_SIZE  48\r
//\r
// SHA-512 digest size in bytes\r
//\r
#define SHA512_DIGEST_SIZE  64\r
\r
//\r
// Set max digest size as SHA512 Output (64 bytes) by far\r
//\r
#define MAX_DIGEST_SIZE  SHA512_DIGEST_SIZE\r
\r
#define WIN_CERT_UEFI_RSA2048_SIZE  256\r
\r
//\r
// Support hash types\r
//\r
#define HASHALG_SHA224  0x00000000\r
#define HASHALG_SHA256  0x00000001\r
#define HASHALG_SHA384  0x00000002\r
#define HASHALG_SHA512  0x00000003\r
#define HASHALG_RAW     0x00000004\r
#define HASHALG_MAX     0x00000004\r
\r
//\r
// Certificate public key minimum size (bytes)\r
//\r
#define CER_PUBKEY_MIN_SIZE  256\r
\r
//\r
// Types of errors may occur during certificate enrollment.\r
//\r
typedef enum {\r
  None_Error = 0,\r
  //\r
  // Unsupported_type indicates the certificate type is not supported.\r
  //\r
  Unsupported_Type,\r
  //\r
  // Unqualified_key indicates the key strength of certificate is not\r
  // strong enough.\r
  //\r
  Unqualified_Key,\r
  Enroll_Error_Max\r
} ENROLL_KEY_ERROR;\r
\r
typedef struct {\r
  UINTN         Signature;\r
  LIST_ENTRY    Head;\r
  UINTN         MenuNumber;\r
} SECUREBOOT_MENU_OPTION;\r
\r
typedef struct {\r
  EFI_FILE_HANDLE    FHandle;\r
  UINT16             *FileName;\r
  UINT8              FileType;\r
} SECUREBOOT_FILE_CONTEXT;\r
\r
#define SECUREBOOT_FREE_NON_NULL(Pointer)   \\r
  do {                                      \\r
    if ((Pointer) != NULL) {                \\r
      FreePool((Pointer));                  \\r
      (Pointer) = NULL;                     \\r
    }                                       \\r
  } while (FALSE)\r
\r
#define SECUREBOOT_FREE_NON_OPCODE(Handle)  \\r
  do{                                       \\r
    if ((Handle) != NULL) {                 \\r
      HiiFreeOpCodeHandle((Handle));        \\r
    }                                       \\r
  } while (FALSE)\r
\r
#define SIGNATURE_DATA_COUNTS(List)         \\r
  (((List)->SignatureListSize - sizeof(EFI_SIGNATURE_LIST) - (List)->SignatureHeaderSize) / (List)->SignatureSize)\r
\r
//\r
// We define another format of 5th directory entry: security directory\r
//\r
typedef struct {\r
  UINT32    Offset;                 // Offset of certificate\r
  UINT32    SizeOfCert;             // size of certificate appended\r
} EFI_IMAGE_SECURITY_DATA_DIRECTORY;\r
\r
typedef enum {\r
  ImageType_IA32,\r
  ImageType_X64\r
} IMAGE_TYPE;\r
\r
///\r
/// HII specific Vendor Device Path definition.\r
///\r
typedef struct {\r
  VENDOR_DEVICE_PATH          VendorDevicePath;\r
  EFI_DEVICE_PATH_PROTOCOL    End;\r
} HII_VENDOR_DEVICE_PATH;\r
\r
typedef enum {\r
  Variable_DB,\r
  Variable_DBX,\r
  Variable_DBT,\r
  Variable_MAX\r
} CURRENT_VARIABLE_NAME;\r
\r
typedef enum {\r
  Delete_Signature_List_All,\r
  Delete_Signature_List_One,\r
  Delete_Signature_Data\r
} SIGNATURE_DELETE_TYPE;\r
\r
typedef struct {\r
  UINTN                             Signature;\r
\r
  EFI_HII_CONFIG_ACCESS_PROTOCOL    ConfigAccess;\r
  EFI_HII_HANDLE                    HiiHandle;\r
  EFI_HANDLE                        DriverHandle;\r
\r
  SECUREBOOT_FILE_CONTEXT           *FileContext;\r
\r
  EFI_GUID                          *SignatureGUID;\r
\r
  CURRENT_VARIABLE_NAME             VariableName;     // The variable name we are processing.\r
  UINT32                            ListCount;        // Record current variable has how many signature list.\r
  UINTN                             ListIndex;        // Record which signature list is processing.\r
  BOOLEAN                           *CheckArray;      // Record which signature data checked.\r
} SECUREBOOT_CONFIG_PRIVATE_DATA;\r
\r
extern SECUREBOOT_CONFIG_PRIVATE_DATA  mSecureBootConfigPrivateDateTemplate;\r
extern SECUREBOOT_CONFIG_PRIVATE_DATA  *gSecureBootPrivateData;\r
\r
#define SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE  SIGNATURE_32 ('S', 'E', 'C', 'B')\r
#define SECUREBOOT_CONFIG_PRIVATE_FROM_THIS(a)  CR (a, SECUREBOOT_CONFIG_PRIVATE_DATA, ConfigAccess, SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE)\r
\r
//\r
// Cryptographic Key Information\r
//\r
#pragma pack(1)\r
typedef struct _CPL_KEY_INFO {\r
  UINT32    KeyLengthInBits;        // Key Length In Bits\r
  UINT32    BlockSize;              // Operation Block Size in Bytes\r
  UINT32    CipherBlockSize;        // Output Cipher Block Size in Bytes\r
  UINT32    KeyType;                // Key Type\r
  UINT32    CipherMode;             // Cipher Mode for Symmetric Algorithm\r
  UINT32    Flags;                  // Additional Key Property Flags\r
} CPL_KEY_INFO;\r
#pragma pack()\r
\r
/**\r
  Retrieves the size, in bytes, of the context buffer required for hash operations.\r
\r
  @return  The size, in bytes, of the context buffer required for hash operations.\r
\r
**/\r
typedef\r
EFI_STATUS\r
(EFIAPI *HASH_GET_CONTEXT_SIZE)(\r
  VOID\r
  );\r
\r
/**\r
  Initializes user-supplied memory pointed by HashContext as hash context for\r
  subsequent use.\r
\r
  If HashContext is NULL, then ASSERT().\r
\r
  @param[in, out]  HashContext  Pointer to  Context being initialized.\r
\r
  @retval TRUE   HASH context initialization succeeded.\r
  @retval FALSE  HASH context initialization failed.\r
\r
**/\r
typedef\r
BOOLEAN\r
(EFIAPI *HASH_INIT)(\r
  IN OUT  VOID  *HashContext\r
  );\r
\r
/**\r
  Performs digest on a data buffer of the specified length. This function can\r
  be called multiple times to compute the digest of long or discontinuous data streams.\r
\r
  If HashContext is NULL, then ASSERT().\r
\r
  @param[in, out]  HashContext  Pointer to the MD5 context.\r
  @param[in]       Data        Pointer to the buffer containing the data to be hashed.\r
  @param[in]       DataLength  Length of Data buffer in bytes.\r
\r
  @retval TRUE   HASH data digest succeeded.\r
  @retval FALSE  Invalid HASH context. After HashFinal function has been called, the\r
                 HASH context cannot be reused.\r
\r
**/\r
typedef\r
BOOLEAN\r
(EFIAPI *HASH_UPDATE)(\r
  IN OUT  VOID        *HashContext,\r
  IN      CONST VOID  *Data,\r
  IN      UINTN       DataLength\r
  );\r
\r
/**\r
  Completes hash computation and retrieves the digest value into the specified\r
  memory. After this function has been called, the context cannot be used again.\r
\r
  If HashContext is NULL, then ASSERT().\r
  If HashValue is NULL, then ASSERT().\r
\r
  @param[in, out]  HashContext  Pointer to the MD5 context\r
  @param[out]      HashValue   Pointer to a buffer that receives the HASH digest\r
                               value (16 bytes).\r
\r
  @retval TRUE   HASH digest computation succeeded.\r
  @retval FALSE  HASH digest computation failed.\r
\r
**/\r
typedef\r
BOOLEAN\r
(EFIAPI *HASH_FINAL)(\r
  IN OUT  VOID   *HashContext,\r
  OUT     UINT8  *HashValue\r
  );\r
\r
//\r
// Hash Algorithm Table\r
//\r
typedef struct {\r
  CHAR16                   *Name;           ///< Name for Hash Algorithm\r
  UINTN                    DigestLength;    ///< Digest Length\r
  UINT8                    *OidValue;       ///< Hash Algorithm OID ASN.1 Value\r
  UINTN                    OidLength;       ///< Length of Hash OID Value\r
  HASH_GET_CONTEXT_SIZE    GetContextSize;  ///< Pointer to Hash GetContentSize function\r
  HASH_INIT                HashInit;        ///< Pointer to Hash Init function\r
  HASH_UPDATE              HashUpdate;      ///< Pointer to Hash Update function\r
  HASH_FINAL               HashFinal;       ///< Pointer to Hash Final function\r
} HASH_TABLE;\r
\r
typedef struct {\r
  WIN_CERTIFICATE    Hdr;\r
  UINT8              CertData[1];\r
} WIN_CERTIFICATE_EFI_PKCS;\r
\r
/**\r
  This function publish the SecureBoot configuration Form.\r
\r
  @param[in, out]  PrivateData   Points to SecureBoot configuration private data.\r
\r
  @retval EFI_SUCCESS            HII Form is installed successfully.\r
  @retval EFI_OUT_OF_RESOURCES   Not enough resource for HII Form installation.\r
  @retval Others                 Other errors as indicated.\r
\r
**/\r
EFI_STATUS\r
InstallSecureBootConfigForm (\r
  IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA  *PrivateData\r
  );\r
\r
/**\r
  This function removes SecureBoot configuration Form.\r
\r
  @param[in, out]  PrivateData   Points to SecureBoot configuration private data.\r
\r
**/\r
VOID\r
UninstallSecureBootConfigForm (\r
  IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA  *PrivateData\r
  );\r
\r
/**\r
  This function allows a caller to extract the current configuration for one\r
  or more named elements from the target driver.\r
\r
  @param[in]   This              Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
  @param[in]   Request           A null-terminated Unicode string in\r
                                 <ConfigRequest> format.\r
  @param[out]  Progress          On return, points to a character in the Request\r
                                 string. Points to the string's null terminator if\r
                                 request was successful. Points to the most recent\r
                                 '&' before the first failing name/value pair (or\r
                                 the beginning of the string if the failure is in\r
                                 the first name/value pair) if the request was not\r
                                 successful.\r
  @param[out]  Results           A null-terminated Unicode string in\r
                                 <ConfigAltResp> format which has all values filled\r
                                 in for the names in the Request string. String to\r
                                 be allocated by the called function.\r
\r
  @retval EFI_SUCCESS            The Results is filled with the requested values.\r
  @retval EFI_OUT_OF_RESOURCES   Not enough memory to store the results.\r
  @retval EFI_INVALID_PARAMETER  Request is illegal syntax, or unknown name.\r
  @retval EFI_NOT_FOUND          Routing data doesn't match any storage in this\r
                                 driver.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecureBootExtractConfig (\r
  IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN CONST EFI_STRING                      Request,\r
  OUT EFI_STRING                           *Progress,\r
  OUT EFI_STRING                           *Results\r
  );\r
\r
/**\r
  This function processes the results of changes in configuration.\r
\r
  @param[in]  This               Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
  @param[in]  Configuration      A null-terminated Unicode string in <ConfigResp>\r
                                 format.\r
  @param[out] Progress           A pointer to a string filled in with the offset of\r
                                 the most recent '&' before the first failing\r
                                 name/value pair (or the beginning of the string if\r
                                 the failure is in the first name/value pair) or\r
                                 the terminating NULL if all was successful.\r
\r
  @retval EFI_SUCCESS            The Results is processed successfully.\r
  @retval EFI_INVALID_PARAMETER  Configuration is NULL.\r
  @retval EFI_NOT_FOUND          Routing data doesn't match any storage in this\r
                                 driver.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecureBootRouteConfig (\r
  IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN CONST EFI_STRING                      Configuration,\r
  OUT EFI_STRING                           *Progress\r
  );\r
\r
/**\r
  This function processes the results of changes in configuration.\r
\r
  @param[in]  This               Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
  @param[in]  Action             Specifies the type of action taken by the browser.\r
  @param[in]  QuestionId         A unique value which is sent to the original\r
                                 exporting driver so that it can identify the type\r
                                 of data to expect.\r
  @param[in]  Type               The type of value for the question.\r
  @param[in]  Value              A pointer to the data being sent to the original\r
                                 exporting driver.\r
  @param[out] ActionRequest      On return, points to the action requested by the\r
                                 callback function.\r
\r
  @retval EFI_SUCCESS            The callback successfully handled the action.\r
  @retval EFI_OUT_OF_RESOURCES   Not enough storage is available to hold the\r
                                 variable and its data.\r
  @retval EFI_DEVICE_ERROR       The variable could not be saved.\r
  @retval EFI_UNSUPPORTED        The specified Action is not supported by the\r
                                 callback.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecureBootCallback (\r
  IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL  *This,\r
  IN     EFI_BROWSER_ACTION                Action,\r
  IN     EFI_QUESTION_ID                   QuestionId,\r
  IN     UINT8                             Type,\r
  IN     EFI_IFR_TYPE_VALUE                *Value,\r
  OUT EFI_BROWSER_ACTION_REQUEST           *ActionRequest\r
  );\r
\r
/**\r
  This function converts an input device structure to a Unicode string.\r
\r
  @param[in] DevPath                  A pointer to the device path structure.\r
\r
  @return A new allocated Unicode string that represents the device path.\r
\r
**/\r
CHAR16 *\r
EFIAPI\r
DevicePathToStr (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *DevPath\r
  );\r
\r
/**\r
  Clean up the dynamic opcode at label and form specified by both LabelId.\r
\r
  @param[in] LabelId         It is both the Form ID and Label ID for opcode deletion.\r
  @param[in] PrivateData     Module private data.\r
\r
**/\r
VOID\r
CleanUpPage (\r
  IN UINT16                          LabelId,\r
  IN SECUREBOOT_CONFIG_PRIVATE_DATA  *PrivateData\r
  );\r
\r
/**\r
  Read file content into BufferPtr, the size of the allocate buffer\r
  is *FileSize plus AdditionAllocateSize.\r
\r
  @param[in]       FileHandle            The file to be read.\r
  @param[in, out]  BufferPtr             Pointers to the pointer of allocated buffer.\r
  @param[out]      FileSize              Size of input file\r
  @param[in]       AdditionAllocateSize   Addition size the buffer need to be allocated.\r
                                         In case the buffer need to contain others besides the file content.\r
\r
  @retval   EFI_SUCCESS                  The file was read into the buffer.\r
  @retval   EFI_INVALID_PARAMETER        A parameter was invalid.\r
  @retval   EFI_OUT_OF_RESOURCES         A memory allocation failed.\r
  @retval   others                       Unexpected error.\r
\r
**/\r
EFI_STATUS\r
ReadFileContent (\r
  IN      EFI_FILE_HANDLE  FileHandle,\r
  IN OUT  VOID             **BufferPtr,\r
  OUT  UINTN               *FileSize,\r
  IN      UINTN            AdditionAllocateSize\r
  );\r
\r
/**\r
  Close an open file handle.\r
\r
  @param[in] FileHandle           The file handle to close.\r
\r
**/\r
VOID\r
CloseFile (\r
  IN EFI_FILE_HANDLE  FileHandle\r
  );\r
\r
/**\r
  Converts a nonnegative integer to an octet string of a specified length.\r
\r
  @param[in]   Integer          Pointer to the nonnegative integer to be converted\r
  @param[in]   IntSizeInWords   Length of integer buffer in words\r
  @param[out]  OctetString      Converted octet string of the specified length\r
  @param[in]   OSSizeInBytes    Intended length of resulting octet string in bytes\r
\r
Returns:\r
\r
  @retval   EFI_SUCCESS            Data conversion successfully\r
  @retval   EFI_BUFFER_TOOL_SMALL  Buffer is too small for output string\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
Int2OctStr (\r
  IN     CONST UINTN  *Integer,\r
  IN     UINTN        IntSizeInWords,\r
  OUT UINT8           *OctetString,\r
  IN     UINTN        OSSizeInBytes\r
  );\r
\r
/**\r
  Worker function that prints an EFI_GUID into specified Buffer.\r
\r
  @param[in]     Guid          Pointer to GUID to print.\r
  @param[in]     Buffer        Buffer to print Guid into.\r
  @param[in]     BufferSize    Size of Buffer.\r
\r
  @retval    Number of characters printed.\r
\r
**/\r
UINTN\r
GuidToString (\r
  IN  EFI_GUID  *Guid,\r
  IN  CHAR16    *Buffer,\r
  IN  UINTN     BufferSize\r
  );\r
\r
/**\r
  Update the PK form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdatePKFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  );\r
\r
/**\r
  Update the KEK form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdateKEKFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  );\r
\r
/**\r
  Update the DB form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdateDBFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  );\r
\r
/**\r
  Update the DBX form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdateDBXFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  );\r
\r
/**\r
  Update the DBT form base on the input file path info.\r
\r
  @param FilePath    Point to the file path.\r
\r
  @retval TRUE   Exit caller function.\r
  @retval FALSE  Not exit caller function.\r
**/\r
BOOLEAN\r
EFIAPI\r
UpdateDBTFromFile (\r
  IN EFI_DEVICE_PATH_PROTOCOL  *FilePath\r
  );\r
\r
#endif\r
Commit	Line	Data
beda2356	1	/** @file\r
	2	The header file of HII Config Access protocol implementation of SecureBoot\r
	3	configuration module.\r
	4	\r
c035e373	5	Copyright (c) 2011 - 2017, Intel Corporation. All rights reserved.<BR>\r
289b714b	6	SPDX-License-Identifier: BSD-2-Clause-Patent\r
beda2356	7	\r
	8	**/\r
	9	\r
	10	#ifndef __SECUREBOOT_CONFIG_IMPL_H__\r
	11	#define __SECUREBOOT_CONFIG_IMPL_H__\r
	12	\r
	13	#include <Uefi.h>\r
	14	\r
	15	#include <Protocol/HiiConfigAccess.h>\r
	16	#include <Protocol/HiiConfigRouting.h>\r
ecc722ad	17	#include <Protocol/SimpleFileSystem.h>\r
	18	#include <Protocol/BlockIo.h>\r
	19	#include <Protocol/DevicePath.h>\r
ecc722ad	20	#include <Protocol/DebugPort.h>\r
ecc722ad	21	#include <Protocol/LoadFile.h>\r
beda2356	22	\r
	23	#include <Library/BaseLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/DebugLib.h>\r
	26	#include <Library/MemoryAllocationLib.h>\r
	27	#include <Library/UefiBootServicesTableLib.h>\r
	28	#include <Library/UefiRuntimeServicesTableLib.h>\r
	29	#include <Library/UefiHiiServicesLib.h>\r
	30	#include <Library/UefiLib.h>\r
	31	#include <Library/HiiLib.h>\r
	32	#include <Library/DevicePathLib.h>\r
bc0c99b3	33	#include <Library/PrintLib.h>\r
ecc722ad	34	#include <Library/PlatformSecureLib.h>\r
ecc722ad	35	#include <Library/BaseCryptLib.h>\r
762d8ddb	36	#include <Library/FileExplorerLib.h>\r
5e9dfc67	37	#include <Library/PeCoffLib.h>\r
762d8ddb	38	\r
beda2356	39	#include <Guid/MdeModuleHii.h>\r
beda2356	40	#include <Guid/AuthenticatedVariableFormat.h>\r
ecc722ad	41	#include <Guid/FileSystemVolumeLabelInfo.h>\r
	42	#include <Guid/ImageAuthentication.h>\r
	43	#include <Guid/FileInfo.h>\r
4de754e1	44	#include <Guid/WinCertificate.h>\r
beda2356	45	\r
	46	#include "SecureBootConfigNvData.h"\r
	47	\r
	48	//\r
	49	// Tool generated IFR binary data and String package data\r
	50	//\r
c411b485 MK	51	extern UINT8 SecureBootConfigBin[];\r
c411b485 MK	52	extern UINT8 SecureBootConfigDxeStrings[];\r
ecc722ad	53	\r
	54	//\r
	55	// Shared IFR form update data\r
	56	//\r
c411b485 MK	57	extern VOID *mStartOpCodeHandle;\r
	58	extern VOID *mEndOpCodeHandle;\r
	59	extern EFI_IFR_GUID_LABEL *mStartLabel;\r
	60	extern EFI_IFR_GUID_LABEL *mEndLabel;\r
ecc722ad	61	\r
c411b485 MK	62	#define MAX_CHAR 480\r
	63	#define TWO_BYTE_ENCODE 0x82\r
	64	#define BUFFER_MAX_SIZE 100\r
c035e373	65	\r
ecc722ad	66	//\r
	67	// SHA-256 digest size in bytes\r
	68	//\r
	69	#define SHA256_DIGEST_SIZE 32\r
	70	//\r
20333c6d	71	// SHA-384 digest size in bytes\r
ecc722ad	72	//\r
20333c6d QL	73	#define SHA384_DIGEST_SIZE 48\r
	74	//\r
	75	// SHA-512 digest size in bytes\r
	76	//\r
	77	#define SHA512_DIGEST_SIZE 64\r
	78	\r
	79	//\r
	80	// Set max digest size as SHA512 Output (64 bytes) by far\r
	81	//\r
c411b485	82	#define MAX_DIGEST_SIZE SHA512_DIGEST_SIZE\r
ecc722ad	83	\r
c411b485	84	#define WIN_CERT_UEFI_RSA2048_SIZE 256\r
ecc722ad	85	\r
	86	//\r
	87	// Support hash types\r
	88	//\r
c411b485 MK	89	#define HASHALG_SHA224 0x00000000\r
	90	#define HASHALG_SHA256 0x00000001\r
	91	#define HASHALG_SHA384 0x00000002\r
	92	#define HASHALG_SHA512 0x00000003\r
	93	#define HASHALG_RAW 0x00000004\r
	94	#define HASHALG_MAX 0x00000004\r
ecc722ad	95	\r
5396354b JG	96	//\r
	97	// Certificate public key minimum size (bytes)\r
	98	//\r
c411b485	99	#define CER_PUBKEY_MIN_SIZE 256\r
5396354b JG	100	\r
	101	//\r
	102	// Types of errors may occur during certificate enrollment.\r
	103	//\r
	104	typedef enum {\r
	105	None_Error = 0,\r
	106	//\r
	107	// Unsupported_type indicates the certificate type is not supported.\r
	108	//\r
	109	Unsupported_Type,\r
	110	//\r
	111	// Unqualified_key indicates the key strength of certificate is not\r
	112	// strong enough.\r
	113	//\r
	114	Unqualified_Key,\r
	115	Enroll_Error_Max\r
c411b485	116	} ENROLL_KEY_ERROR;\r
ecc722ad	117	\r
ecc722ad	118	typedef struct {\r
c411b485 MK	119	UINTN Signature;\r
	120	LIST_ENTRY Head;\r
	121	UINTN MenuNumber;\r
ecc722ad	122	} SECUREBOOT_MENU_OPTION;\r
ecc722ad	123	\r
ecc722ad	124	typedef struct {\r
c411b485 MK	125	EFI_FILE_HANDLE FHandle;\r
	126	UINT16 *FileName;\r
	127	UINT8 FileType;\r
ecc722ad	128	} SECUREBOOT_FILE_CONTEXT;\r
ecc722ad	129	\r
85974aef	130	#define SECUREBOOT_FREE_NON_NULL(Pointer) \\r
	131	do { \\r
	132	if ((Pointer) != NULL) { \\r
	133	FreePool((Pointer)); \\r
	134	(Pointer) = NULL; \\r
	135	} \\r
	136	} while (FALSE)\r
	137	\r
	138	#define SECUREBOOT_FREE_NON_OPCODE(Handle) \\r
	139	do{ \\r
	140	if ((Handle) != NULL) { \\r
	141	HiiFreeOpCodeHandle((Handle)); \\r
	142	} \\r
	143	} while (FALSE)\r
	144	\r
	145	#define SIGNATURE_DATA_COUNTS(List) \\r
	146	(((List)->SignatureListSize - sizeof(EFI_SIGNATURE_LIST) - (List)->SignatureHeaderSize) / (List)->SignatureSize)\r
ecc722ad	147	\r
	148	//\r
	149	// We define another format of 5th directory entry: security directory\r
	150	//\r
	151	typedef struct {\r
c411b485 MK	152	UINT32 Offset; // Offset of certificate\r
c411b485 MK	153	UINT32 SizeOfCert; // size of certificate appended\r
ecc722ad	154	} EFI_IMAGE_SECURITY_DATA_DIRECTORY;\r
ecc722ad	155	\r
c411b485	156	typedef enum {\r
ecc722ad	157	ImageType_IA32,\r
	158	ImageType_X64\r
	159	} IMAGE_TYPE;\r
beda2356	160	\r
	161	///\r
	162	/// HII specific Vendor Device Path definition.\r
	163	///\r
	164	typedef struct {\r
c411b485 MK	165	VENDOR_DEVICE_PATH VendorDevicePath;\r
c411b485 MK	166	EFI_DEVICE_PATH_PROTOCOL End;\r
beda2356	167	} HII_VENDOR_DEVICE_PATH;\r
beda2356	168	\r
85974aef	169	typedef enum {\r
0085d619	170	Variable_DB,\r
	171	Variable_DBX,\r
	172	Variable_DBT,\r
	173	Variable_MAX\r
85974aef	174	} CURRENT_VARIABLE_NAME;\r
	175	\r
	176	typedef enum {\r
0085d619	177	Delete_Signature_List_All,\r
	178	Delete_Signature_List_One,\r
	179	Delete_Signature_Data\r
c411b485	180	} SIGNATURE_DELETE_TYPE;\r
85974aef	181	\r
beda2356	182	typedef struct {\r
	183	UINTN Signature;\r
	184	\r
	185	EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;\r
	186	EFI_HII_HANDLE HiiHandle;\r
	187	EFI_HANDLE DriverHandle;\r
	188	\r
ecc722ad	189	SECUREBOOT_FILE_CONTEXT *FileContext;\r
	190	\r
	191	EFI_GUID *SignatureGUID;\r
85974aef	192	\r
	193	CURRENT_VARIABLE_NAME VariableName; // The variable name we are processing.\r
	194	UINT32 ListCount; // Record current variable has how many signature list.\r
	195	UINTN ListIndex; // Record which signature list is processing.\r
d6b926e7	196	BOOLEAN *CheckArray; // Record which signature data checked.\r
beda2356	197	} SECUREBOOT_CONFIG_PRIVATE_DATA;\r
beda2356	198	\r
c411b485 MK	199	extern SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate;\r
c411b485 MK	200	extern SECUREBOOT_CONFIG_PRIVATE_DATA *gSecureBootPrivateData;\r
beda2356	201	\r
c411b485	202	#define SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('S', 'E', 'C', 'B')\r
bc0c99b3	203	#define SECUREBOOT_CONFIG_PRIVATE_FROM_THIS(a) CR (a, SECUREBOOT_CONFIG_PRIVATE_DATA, ConfigAccess, SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE)\r
bc0c99b3	204	\r
ecc722ad	205	//\r
d6b926e7	206	// Cryptographic Key Information\r
ecc722ad	207	//\r
1413b8e9	208	#pragma pack(1)\r
ecc722ad	209	typedef struct _CPL_KEY_INFO {\r
c411b485 MK	210	UINT32 KeyLengthInBits; // Key Length In Bits\r
	211	UINT32 BlockSize; // Operation Block Size in Bytes\r
	212	UINT32 CipherBlockSize; // Output Cipher Block Size in Bytes\r
	213	UINT32 KeyType; // Key Type\r
	214	UINT32 CipherMode; // Cipher Mode for Symmetric Algorithm\r
	215	UINT32 Flags; // Additional Key Property Flags\r
ecc722ad	216	} CPL_KEY_INFO;\r
1413b8e9	217	#pragma pack()\r
ecc722ad	218	\r
ecc722ad	219	/**\r
	220	Retrieves the size, in bytes, of the context buffer required for hash operations.\r
	221	\r
	222	@return The size, in bytes, of the context buffer required for hash operations.\r
	223	\r
	224	**/\r
	225	typedef\r
	226	EFI_STATUS\r
	227	(EFIAPI *HASH_GET_CONTEXT_SIZE)(\r
	228	VOID\r
	229	);\r
	230	\r
	231	/**\r
	232	Initializes user-supplied memory pointed by HashContext as hash context for\r
	233	subsequent use.\r
	234	\r
	235	If HashContext is NULL, then ASSERT().\r
	236	\r
	237	@param[in, out] HashContext Pointer to Context being initialized.\r
	238	\r
	239	@retval TRUE HASH context initialization succeeded.\r
	240	@retval FALSE HASH context initialization failed.\r
	241	\r
	242	**/\r
	243	typedef\r
	244	BOOLEAN\r
	245	(EFIAPI *HASH_INIT)(\r
	246	IN OUT VOID *HashContext\r
	247	);\r
	248	\r
ecc722ad	249	/**\r
	250	Performs digest on a data buffer of the specified length. This function can\r
	251	be called multiple times to compute the digest of long or discontinuous data streams.\r
	252	\r
	253	If HashContext is NULL, then ASSERT().\r
	254	\r
	255	@param[in, out] HashContext Pointer to the MD5 context.\r
	256	@param[in] Data Pointer to the buffer containing the data to be hashed.\r
	257	@param[in] DataLength Length of Data buffer in bytes.\r
	258	\r
	259	@retval TRUE HASH data digest succeeded.\r
	260	@retval FALSE Invalid HASH context. After HashFinal function has been called, the\r
	261	HASH context cannot be reused.\r
	262	\r
	263	**/\r
	264	typedef\r
	265	BOOLEAN\r
	266	(EFIAPI *HASH_UPDATE)(\r
	267	IN OUT VOID *HashContext,\r
	268	IN CONST VOID *Data,\r
	269	IN UINTN DataLength\r
	270	);\r
	271	\r
	272	/**\r
	273	Completes hash computation and retrieves the digest value into the specified\r
	274	memory. After this function has been called, the context cannot be used again.\r
	275	\r
	276	If HashContext is NULL, then ASSERT().\r
	277	If HashValue is NULL, then ASSERT().\r
	278	\r
	279	@param[in, out] HashContext Pointer to the MD5 context\r
	280	@param[out] HashValue Pointer to a buffer that receives the HASH digest\r
	281	value (16 bytes).\r
	282	\r
	283	@retval TRUE HASH digest computation succeeded.\r
	284	@retval FALSE HASH digest computation failed.\r
	285	\r
	286	**/\r
	287	typedef\r
	288	BOOLEAN\r
	289	(EFIAPI *HASH_FINAL)(\r
	290	IN OUT VOID *HashContext,\r
	291	OUT UINT8 *HashValue\r
	292	);\r
	293	\r
	294	//\r
	295	// Hash Algorithm Table\r
	296	//\r
	297	typedef struct {\r
	298	CHAR16 *Name; ///< Name for Hash Algorithm\r
	299	UINTN DigestLength; ///< Digest Length\r
20333c6d	300	UINT8 *OidValue; ///< Hash Algorithm OID ASN.1 Value\r
ecc722ad	301	UINTN OidLength; ///< Length of Hash OID Value\r
	302	HASH_GET_CONTEXT_SIZE GetContextSize; ///< Pointer to Hash GetContentSize function\r
	303	HASH_INIT HashInit; ///< Pointer to Hash Init function\r
	304	HASH_UPDATE HashUpdate; ///< Pointer to Hash Update function\r
	305	HASH_FINAL HashFinal; ///< Pointer to Hash Final function\r
	306	} HASH_TABLE;\r
	307	\r
	308	typedef struct {\r
c411b485 MK	309	WIN_CERTIFICATE Hdr;\r
c411b485 MK	310	UINT8 CertData[1];\r
ecc722ad	311	} WIN_CERTIFICATE_EFI_PKCS;\r
ecc722ad	312	\r
beda2356	313	/**\r
	314	This function publish the SecureBoot configuration Form.\r
	315	\r
	316	@param[in, out] PrivateData Points to SecureBoot configuration private data.\r
	317	\r
ecc722ad	318	@retval EFI_SUCCESS HII Form is installed successfully.\r
beda2356	319	@retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.\r
	320	@retval Others Other errors as indicated.\r
	321	\r
	322	**/\r
	323	EFI_STATUS\r
	324	InstallSecureBootConfigForm (\r
	325	IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData\r
	326	);\r
	327	\r
	328	/**\r
	329	This function removes SecureBoot configuration Form.\r
	330	\r
	331	@param[in, out] PrivateData Points to SecureBoot configuration private data.\r
	332	\r
	333	**/\r
beda2356	334	VOID\r
beda2356	335	UninstallSecureBootConfigForm (\r
c411b485	336	IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData\r
beda2356	337	);\r
	338	\r
	339	/**\r
	340	This function allows a caller to extract the current configuration for one\r
	341	or more named elements from the target driver.\r
	342	\r
	343	@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
	344	@param[in] Request A null-terminated Unicode string in\r
	345	<ConfigRequest> format.\r
	346	@param[out] Progress On return, points to a character in the Request\r
	347	string. Points to the string's null terminator if\r
	348	request was successful. Points to the most recent\r
	349	'&' before the first failing name/value pair (or\r
	350	the beginning of the string if the failure is in\r
	351	the first name/value pair) if the request was not\r
	352	successful.\r
	353	@param[out] Results A null-terminated Unicode string in\r
	354	<ConfigAltResp> format which has all values filled\r
	355	in for the names in the Request string. String to\r
	356	be allocated by the called function.\r
	357	\r
	358	@retval EFI_SUCCESS The Results is filled with the requested values.\r
	359	@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.\r
	360	@retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.\r
	361	@retval EFI_NOT_FOUND Routing data doesn't match any storage in this\r
	362	driver.\r
	363	\r
	364	**/\r
	365	EFI_STATUS\r
	366	EFIAPI\r
	367	SecureBootExtractConfig (\r
c411b485 MK	368	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
	369	IN CONST EFI_STRING Request,\r
	370	OUT EFI_STRING *Progress,\r
	371	OUT EFI_STRING *Results\r
beda2356	372	);\r
	373	\r
	374	/**\r
	375	This function processes the results of changes in configuration.\r
	376	\r
	377	@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
	378	@param[in] Configuration A null-terminated Unicode string in <ConfigResp>\r
	379	format.\r
	380	@param[out] Progress A pointer to a string filled in with the offset of\r
	381	the most recent '&' before the first failing\r
	382	name/value pair (or the beginning of the string if\r
	383	the failure is in the first name/value pair) or\r
	384	the terminating NULL if all was successful.\r
	385	\r
	386	@retval EFI_SUCCESS The Results is processed successfully.\r
	387	@retval EFI_INVALID_PARAMETER Configuration is NULL.\r
	388	@retval EFI_NOT_FOUND Routing data doesn't match any storage in this\r
	389	driver.\r
	390	\r
	391	**/\r
	392	EFI_STATUS\r
	393	EFIAPI\r
	394	SecureBootRouteConfig (\r
c411b485 MK	395	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
	396	IN CONST EFI_STRING Configuration,\r
	397	OUT EFI_STRING *Progress\r
beda2356	398	);\r
	399	\r
	400	/**\r
	401	This function processes the results of changes in configuration.\r
	402	\r
	403	@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.\r
	404	@param[in] Action Specifies the type of action taken by the browser.\r
	405	@param[in] QuestionId A unique value which is sent to the original\r
	406	exporting driver so that it can identify the type\r
	407	of data to expect.\r
	408	@param[in] Type The type of value for the question.\r
	409	@param[in] Value A pointer to the data being sent to the original\r
	410	exporting driver.\r
	411	@param[out] ActionRequest On return, points to the action requested by the\r
	412	callback function.\r
	413	\r
	414	@retval EFI_SUCCESS The callback successfully handled the action.\r
	415	@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the\r
	416	variable and its data.\r
	417	@retval EFI_DEVICE_ERROR The variable could not be saved.\r
	418	@retval EFI_UNSUPPORTED The specified Action is not supported by the\r
	419	callback.\r
	420	\r
	421	**/\r
	422	EFI_STATUS\r
	423	EFIAPI\r
	424	SecureBootCallback (\r
c411b485 MK	425	IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,\r
	426	IN EFI_BROWSER_ACTION Action,\r
	427	IN EFI_QUESTION_ID QuestionId,\r
	428	IN UINT8 Type,\r
	429	IN EFI_IFR_TYPE_VALUE *Value,\r
	430	OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest\r
beda2356	431	);\r
beda2356	432	\r
ecc722ad	433	/**\r
	434	This function converts an input device structure to a Unicode string.\r
	435	\r
	436	@param[in] DevPath A pointer to the device path structure.\r
	437	\r
	438	@return A new allocated Unicode string that represents the device path.\r
	439	\r
	440	**/\r
	441	CHAR16 *\r
	442	EFIAPI\r
	443	DevicePathToStr (\r
c411b485	444	IN EFI_DEVICE_PATH_PROTOCOL *DevPath\r
ecc722ad	445	);\r
ecc722ad	446	\r
ecc722ad	447	/**\r
20333c6d	448	Clean up the dynamic opcode at label and form specified by both LabelId.\r
ecc722ad	449	\r
	450	@param[in] LabelId It is both the Form ID and Label ID for opcode deletion.\r
	451	@param[in] PrivateData Module private data.\r
	452	\r
	453	**/\r
	454	VOID\r
	455	CleanUpPage (\r
c411b485 MK	456	IN UINT16 LabelId,\r
c411b485 MK	457	IN SECUREBOOT_CONFIG_PRIVATE_DATA *PrivateData\r
ecc722ad	458	);\r
ecc722ad	459	\r
ecc722ad	460	/**\r
20333c6d	461	Read file content into BufferPtr, the size of the allocate buffer\r
d6b926e7	462	is *FileSize plus AdditionAllocateSize.\r
ecc722ad	463	\r
	464	@param[in] FileHandle The file to be read.\r
	465	@param[in, out] BufferPtr Pointers to the pointer of allocated buffer.\r
	466	@param[out] FileSize Size of input file\r
d6b926e7	467	@param[in] AdditionAllocateSize Addition size the buffer need to be allocated.\r
ecc722ad	468	In case the buffer need to contain others besides the file content.\r
20333c6d	469	\r
ecc722ad	470	@retval EFI_SUCCESS The file was read into the buffer.\r
	471	@retval EFI_INVALID_PARAMETER A parameter was invalid.\r
	472	@retval EFI_OUT_OF_RESOURCES A memory allocation failed.\r
	473	@retval others Unexpected error.\r
	474	\r
	475	**/\r
	476	EFI_STATUS\r
	477	ReadFileContent (\r
c411b485 MK	478	IN EFI_FILE_HANDLE FileHandle,\r
	479	IN OUT VOID **BufferPtr,\r
	480	OUT UINTN *FileSize,\r
	481	IN UINTN AdditionAllocateSize\r
ecc722ad	482	);\r
ecc722ad	483	\r
ecc722ad	484	/**\r
	485	Close an open file handle.\r
	486	\r
	487	@param[in] FileHandle The file handle to close.\r
20333c6d	488	\r
ecc722ad	489	**/\r
	490	VOID\r
	491	CloseFile (\r
c411b485	492	IN EFI_FILE_HANDLE FileHandle\r
ecc722ad	493	);\r
ecc722ad	494	\r
ecc722ad	495	/**\r
	496	Converts a nonnegative integer to an octet string of a specified length.\r
	497	\r
	498	@param[in] Integer Pointer to the nonnegative integer to be converted\r
	499	@param[in] IntSizeInWords Length of integer buffer in words\r
20333c6d	500	@param[out] OctetString Converted octet string of the specified length\r
ecc722ad	501	@param[in] OSSizeInBytes Intended length of resulting octet string in bytes\r
	502	\r
	503	Returns:\r
	504	\r
	505	@retval EFI_SUCCESS Data conversion successfully\r
	506	@retval EFI_BUFFER_TOOL_SMALL Buffer is too small for output string\r
	507	\r
	508	**/\r
	509	EFI_STATUS\r
	510	EFIAPI\r
	511	Int2OctStr (\r
c411b485 MK	512	IN CONST UINTN *Integer,\r
	513	IN UINTN IntSizeInWords,\r
	514	OUT UINT8 *OctetString,\r
	515	IN UINTN OSSizeInBytes\r
ecc722ad	516	);\r
ecc722ad	517	\r
ecc722ad	518	/**\r
	519	Worker function that prints an EFI_GUID into specified Buffer.\r
	520	\r
	521	@param[in] Guid Pointer to GUID to print.\r
	522	@param[in] Buffer Buffer to print Guid into.\r
	523	@param[in] BufferSize Size of Buffer.\r
20333c6d	524	\r
ecc722ad	525	@retval Number of characters printed.\r
	526	\r
	527	**/\r
	528	UINTN\r
	529	GuidToString (\r
	530	IN EFI_GUID *Guid,\r
	531	IN CHAR16 *Buffer,\r
	532	IN UINTN BufferSize\r
	533	);\r
	534	\r
762d8ddb DB	535	/**\r
	536	Update the PK form base on the input file path info.\r
	537	\r
	538	@param FilePath Point to the file path.\r
	539	\r
	540	@retval TRUE Exit caller function.\r
	541	@retval FALSE Not exit caller function.\r
	542	**/\r
	543	BOOLEAN\r
bac308be	544	EFIAPI\r
762d8ddb	545	UpdatePKFromFile (\r
c411b485	546	IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
762d8ddb DB	547	);\r
	548	\r
	549	/**\r
	550	Update the KEK form base on the input file path info.\r
	551	\r
	552	@param FilePath Point to the file path.\r
	553	\r
	554	@retval TRUE Exit caller function.\r
	555	@retval FALSE Not exit caller function.\r
	556	**/\r
	557	BOOLEAN\r
bac308be	558	EFIAPI\r
762d8ddb	559	UpdateKEKFromFile (\r
c411b485	560	IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
762d8ddb DB	561	);\r
	562	\r
	563	/**\r
	564	Update the DB form base on the input file path info.\r
	565	\r
	566	@param FilePath Point to the file path.\r
	567	\r
	568	@retval TRUE Exit caller function.\r
	569	@retval FALSE Not exit caller function.\r
	570	**/\r
	571	BOOLEAN\r
bac308be	572	EFIAPI\r
762d8ddb	573	UpdateDBFromFile (\r
c411b485	574	IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
762d8ddb DB	575	);\r
	576	\r
	577	/**\r
	578	Update the DBX form base on the input file path info.\r
	579	\r
	580	@param FilePath Point to the file path.\r
	581	\r
	582	@retval TRUE Exit caller function.\r
	583	@retval FALSE Not exit caller function.\r
	584	**/\r
	585	BOOLEAN\r
bac308be	586	EFIAPI\r
762d8ddb	587	UpdateDBXFromFile (\r
c411b485	588	IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
762d8ddb DB	589	);\r
	590	\r
	591	/**\r
	592	Update the DBT form base on the input file path info.\r
	593	\r
	594	@param FilePath Point to the file path.\r
	595	\r
	596	@retval TRUE Exit caller function.\r
	597	@retval FALSE Not exit caller function.\r
	598	**/\r
	599	BOOLEAN\r
bac308be	600	EFIAPI\r
762d8ddb	601	UpdateDBTFromFile (\r
c411b485	602	IN EFI_DEVICE_PATH_PROTOCOL *FilePath\r
762d8ddb DB	603	);\r
762d8ddb DB	604	\r
2e728930	605	#endif\r