2 HII Config Access protocol implementation of SecureBoot configuration module.
4 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include "SecureBootConfigImpl.h"
17 CHAR16 mSecureBootStorageName
[] = L
"SECUREBOOT_CONFIGURATION";
19 SECUREBOOT_CONFIG_PRIVATE_DATA mSecureBootConfigPrivateDateTemplate
= {
20 SECUREBOOT_CONFIG_PRIVATE_DATA_SIGNATURE
,
22 SecureBootExtractConfig
,
23 SecureBootRouteConfig
,
28 HII_VENDOR_DEVICE_PATH mSecureBootHiiVendorDevicePath
= {
34 (UINT8
) (sizeof (VENDOR_DEVICE_PATH
)),
35 (UINT8
) ((sizeof (VENDOR_DEVICE_PATH
)) >> 8)
38 SECUREBOOT_CONFIG_FORM_SET_GUID
42 END_ENTIRE_DEVICE_PATH_SUBTYPE
,
44 (UINT8
) (END_DEVICE_PATH_LENGTH
),
45 (UINT8
) ((END_DEVICE_PATH_LENGTH
) >> 8)
51 Save Secure Boot option to variable space.
53 @param[in] VarValue The option of Secure Boot.
55 @retval EFI_SUCCESS The operation is finished successfully.
56 @retval Others Other errors as indicated.
60 SaveSecureBootVariable (
66 Status
= gRT
->SetVariable (
67 EFI_SECURE_BOOT_ENABLE_NAME
,
68 &gEfiSecureBootEnableDisableGuid
,
69 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
,
73 if (EFI_ERROR (Status
)) {
76 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
81 This function allows a caller to extract the current configuration for one
82 or more named elements from the target driver.
84 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
85 @param[in] Request A null-terminated Unicode string in
86 <ConfigRequest> format.
87 @param[out] Progress On return, points to a character in the Request
88 string. Points to the string's null terminator if
89 request was successful. Points to the most recent
90 '&' before the first failing name/value pair (or
91 the beginning of the string if the failure is in
92 the first name/value pair) if the request was not
94 @param[out] Results A null-terminated Unicode string in
95 <ConfigAltResp> format which has all values filled
96 in for the names in the Request string. String to
97 be allocated by the called function.
99 @retval EFI_SUCCESS The Results is filled with the requested values.
100 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
101 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
102 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
108 SecureBootExtractConfig (
109 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
110 IN CONST EFI_STRING Request
,
111 OUT EFI_STRING
*Progress
,
112 OUT EFI_STRING
*Results
118 SECUREBOOT_CONFIGURATION Configuration
;
120 EFI_STRING ConfigRequest
;
121 EFI_STRING ConfigRequestHdr
;
122 UINT8
*SecureBootEnable
;
123 SECUREBOOT_CONFIG_PRIVATE_DATA
*PrivateData
;
124 BOOLEAN AllocatedRequest
;
126 if (Progress
== NULL
|| Results
== NULL
) {
127 return EFI_INVALID_PARAMETER
;
129 AllocatedRequest
= FALSE
;
130 ConfigRequestHdr
= NULL
;
131 ConfigRequest
= NULL
;
134 ZeroMem (&Configuration
, sizeof (Configuration
));
135 PrivateData
= SECUREBOOT_CONFIG_PRIVATE_FROM_THIS (This
);
138 if ((Request
!= NULL
) && !HiiIsConfigHdrMatch (Request
, &gSecureBootConfigFormSetGuid
, mSecureBootStorageName
)) {
139 return EFI_NOT_FOUND
;
144 // Get the SecureBoot Variable
146 SecureBootEnable
= GetVariable (EFI_SECURE_BOOT_ENABLE_NAME
, &gEfiSecureBootEnableDisableGuid
);
149 // If the SecureBoot Variable doesn't exist, hide the SecureBoot Enable/Disable
152 if (SecureBootEnable
== NULL
) {
153 Configuration
.HideSecureBoot
= TRUE
;
155 Configuration
.HideSecureBoot
= FALSE
;
156 Configuration
.SecureBootState
= *SecureBootEnable
;
159 BufferSize
= sizeof (SECUREBOOT_CONFIGURATION
);
160 ConfigRequest
= Request
;
161 if ((Request
== NULL
) || (StrStr (Request
, L
"OFFSET") == NULL
)) {
163 // Request is set to NULL or OFFSET is NULL, construct full request string.
167 // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
168 // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
170 ConfigRequestHdr
= HiiConstructConfigHdr (&gSecureBootConfigFormSetGuid
, mSecureBootStorageName
, PrivateData
->DriverHandle
);
171 Size
= (StrLen (ConfigRequestHdr
) + 32 + 1) * sizeof (CHAR16
);
172 ConfigRequest
= AllocateZeroPool (Size
);
173 ASSERT (ConfigRequest
!= NULL
);
174 AllocatedRequest
= TRUE
;
175 UnicodeSPrint (ConfigRequest
, Size
, L
"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr
, (UINT64
)BufferSize
);
176 FreePool (ConfigRequestHdr
);
177 ConfigRequestHdr
= NULL
;
180 Status
= gHiiConfigRouting
->BlockToConfig (
183 (UINT8
*) &Configuration
,
190 // Free the allocated config request string.
192 if (AllocatedRequest
) {
193 FreePool (ConfigRequest
);
197 // Set Progress string to the original request string.
199 if (Request
== NULL
) {
201 } else if (StrStr (Request
, L
"OFFSET") == NULL
) {
202 *Progress
= Request
+ StrLen (Request
);
209 This function processes the results of changes in configuration.
211 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
212 @param[in] Configuration A null-terminated Unicode string in <ConfigResp>
214 @param[out] Progress A pointer to a string filled in with the offset of
215 the most recent '&' before the first failing
216 name/value pair (or the beginning of the string if
217 the failure is in the first name/value pair) or
218 the terminating NULL if all was successful.
220 @retval EFI_SUCCESS The Results is processed successfully.
221 @retval EFI_INVALID_PARAMETER Configuration is NULL.
222 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
228 SecureBootRouteConfig (
229 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
230 IN CONST EFI_STRING Configuration
,
231 OUT EFI_STRING
*Progress
236 SECUREBOOT_CONFIGURATION SecureBootConfiguration
;
237 UINT8
*SecureBootEnable
;
240 if (Configuration
== NULL
|| Progress
== NULL
) {
241 return EFI_INVALID_PARAMETER
;
244 *Progress
= Configuration
;
245 if (!HiiIsConfigHdrMatch (Configuration
, &gSecureBootConfigFormSetGuid
, mSecureBootStorageName
)) {
246 return EFI_NOT_FOUND
;
250 // Convert <ConfigResp> to buffer data by helper function ConfigToBlock()
252 BufferSize
= sizeof (SECUREBOOT_CONFIGURATION
);
253 Status
= gHiiConfigRouting
->ConfigToBlock (
256 (UINT8
*) &SecureBootConfiguration
,
260 if (EFI_ERROR (Status
)) {
264 SecureBootEnable
= GetVariable (EFI_SECURE_BOOT_ENABLE_NAME
, &gEfiSecureBootEnableDisableGuid
);
265 if (SecureBootEnable
== NULL
) {
269 if ((*SecureBootEnable
) != SecureBootConfiguration
.SecureBootState
) {
271 // If the configure is changed, update the SecureBoot Variable.
273 SaveSecureBootVariable (SecureBootConfiguration
.SecureBootState
);
279 This function processes the results of changes in configuration.
281 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
282 @param[in] Action Specifies the type of action taken by the browser.
283 @param[in] QuestionId A unique value which is sent to the original
284 exporting driver so that it can identify the type
286 @param[in] Type The type of value for the question.
287 @param[in] Value A pointer to the data being sent to the original
289 @param[out] ActionRequest On return, points to the action requested by the
292 @retval EFI_SUCCESS The callback successfully handled the action.
293 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
294 variable and its data.
295 @retval EFI_DEVICE_ERROR The variable could not be saved.
296 @retval EFI_UNSUPPORTED The specified Action is not supported by the
303 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL
*This
,
304 IN EFI_BROWSER_ACTION Action
,
305 IN EFI_QUESTION_ID QuestionId
,
307 IN EFI_IFR_TYPE_VALUE
*Value
,
308 OUT EFI_BROWSER_ACTION_REQUEST
*ActionRequest
311 BOOLEAN SecureBootEnable
;
313 if ((This
== NULL
) || (Value
== NULL
) || (ActionRequest
== NULL
)) {
314 return EFI_INVALID_PARAMETER
;
317 if ((Action
!= EFI_BROWSER_ACTION_CHANGING
) || (QuestionId
!= KEY_SECURE_BOOT_ENABLE
)) {
318 return EFI_UNSUPPORTED
;
321 if (NULL
== GetVariable (EFI_SECURE_BOOT_ENABLE_NAME
, &gEfiSecureBootEnableDisableGuid
)) {
325 SecureBootEnable
= Value
->u8
;
326 SaveSecureBootVariable (Value
->u8
);
332 This function publish the SecureBoot configuration Form.
334 @param[in, out] PrivateData Points to SecureBoot configuration private data.
336 @retval EFI_SUCCESS HII Form is installed for this network device.
337 @retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.
338 @retval Others Other errors as indicated.
342 InstallSecureBootConfigForm (
343 IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA
*PrivateData
347 EFI_HII_HANDLE HiiHandle
;
348 EFI_HANDLE DriverHandle
;
350 EFI_HII_CONFIG_ACCESS_PROTOCOL
*ConfigAccess
;
353 ConfigAccess
= &PrivateData
->ConfigAccess
;
354 Status
= gBS
->InstallMultipleProtocolInterfaces (
356 &gEfiDevicePathProtocolGuid
,
357 &mSecureBootHiiVendorDevicePath
,
358 &gEfiHiiConfigAccessProtocolGuid
,
362 if (EFI_ERROR (Status
)) {
366 PrivateData
->DriverHandle
= DriverHandle
;
369 // Publish the HII package list
371 HiiHandle
= HiiAddPackages (
372 &gSecureBootConfigFormSetGuid
,
374 SecureBootConfigDxeStrings
,
378 if (HiiHandle
== NULL
) {
379 gBS
->UninstallMultipleProtocolInterfaces (
381 &gEfiDevicePathProtocolGuid
,
382 &mSecureBootHiiVendorDevicePath
,
383 &gEfiHiiConfigAccessProtocolGuid
,
388 return EFI_OUT_OF_RESOURCES
;
391 PrivateData
->HiiHandle
= HiiHandle
;
396 This function removes SecureBoot configuration Form.
398 @param[in, out] PrivateData Points to SecureBoot configuration private data.
402 UninstallSecureBootConfigForm (
403 IN OUT SECUREBOOT_CONFIG_PRIVATE_DATA
*PrivateData
407 // Uninstall HII package list
409 if (PrivateData
->HiiHandle
!= NULL
) {
410 HiiRemovePackages (PrivateData
->HiiHandle
);
411 PrivateData
->HiiHandle
= NULL
;
415 // Uninstall HII Config Access Protocol
417 if (PrivateData
->DriverHandle
!= NULL
) {
418 gBS
->UninstallMultipleProtocolInterfaces (
419 PrivateData
->DriverHandle
,
420 &gEfiDevicePathProtocolGuid
,
421 &mSecureBootHiiVendorDevicePath
,
422 &gEfiHiiConfigAccessProtocolGuid
,
423 &PrivateData
->ConfigAccess
,
426 PrivateData
->DriverHandle
= NULL
;
429 FreePool (PrivateData
);