// Try to find the DevicePath in BootOption\r
//\r
UnicodeSPrint (StrTemp, sizeof (StrTemp), L"Boot%04x", Index);\r
- GetEfiGlobalVariable2 (StrTemp, &OptionBuffer, NULL);\r
+ GetEfiGlobalVariable2 (StrTemp, (VOID**)&OptionBuffer, NULL);\r
if (OptionBuffer == NULL) {\r
continue;\r
}\r
logging.\r
@param[in] FileBuffer File buffer matches the input file device path.\r
@param[in] FileSize Size of File buffer matches the input file device path.\r
-\r
- @retval EFI_SUCCESS The file specified by File did authenticate, and the\r
- platform policy dictates that the DXE Core may use File.\r
- @retval EFI_INVALID_PARAMETER File is NULL.\r
- @retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and\r
- the platform policy dictates that File should be placed\r
- in the untrusted state. A file may be promoted from\r
- the untrusted to the trusted state at a future time\r
- with a call to the Trust() DXE Service.\r
- @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and\r
- the platform policy dictates that File should not be\r
- used for any purpose.\r
+ @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service.\r
+\r
+ @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r
+ UEFI device drivers on the device path specified by DevicePath.\r
+ @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r
+ FileBuffer did authenticate, and the platform policy dictates\r
+ that the DXE Foundation may use the file.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r
+ permission to start UEFI device drivers on the device path specified\r
+ by DevicePath.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r
+ drivers from the device path specified by DevicePath. The\r
+ image has been added into the list of the deferred images.\r
+ @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r
+ authenticate, and the platform policy dictates that the DXE\r
+ Foundation many not use File.\r
\r
**/\r
EFI_STATUS\r
IN UINT32 AuthenticationStatus,\r
IN CONST EFI_DEVICE_PATH_PROTOCOL *File,\r
IN VOID *FileBuffer,\r
- IN UINTN FileSize\r
+ IN UINTN FileSize,\r
+ IN BOOLEAN BootPolicy\r
)\r
-\r
{\r
EFI_STATUS Status;\r
EFI_USER_PROFILE_HANDLE CurrentUser;\r
UINT32 Policy;\r
UINT32 FileType;\r
\r
+ //\r
+ // Ignore if File is NULL.\r
+ //\r
if (File == NULL) {\r
- return EFI_INVALID_PARAMETER;\r
+ return EFI_SUCCESS;\r
}\r
\r
//\r
//\r
if (!VerifyDevicePath (File)) {\r
DEBUG ((EFI_D_ERROR, "[Security] The image is forbidden to load!\n"));\r
- return EFI_ACCESS_DENIED;\r
+ return EFI_SECURITY_VIOLATION;\r
}\r
return EFI_SUCCESS;\r
}\r
}\r
\r
DEBUG ((EFI_D_ERROR, "[Security] No user identified, the image is deferred to load!\n"));\r
- PutDefferedImageInfo (File, NULL, 0);\r
+ PutDefferedImageInfo (File, FileBuffer, FileSize);\r
\r
//\r
// Install the Deferred Image Load Protocol onto a new handle.\r
&Registration\r
);\r
\r
- return RegisterSecurityHandler (\r
+ return RegisterSecurity2Handler (\r
DxeDeferImageLoadHandler,\r
EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD \r
); \r
projects / mirror_edk2.git / blobdiff