-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathPreLoader.c
More file actions
93 lines (74 loc) · 1.85 KB
/
PreLoader.c
File metadata and controls
93 lines (74 loc) · 1.85 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
/*
* Copyright 2012 <James.Bottomley@HansenPartnership.com>
*
* see COPYING file
*
*/
#include <efi.h>
#include <efilib.h>
#include <console.h>
#include <errors.h>
#include <guid.h>
#include <security_policy.h>
#include <execute.h>
#ifdef AARCH64
CHAR16* loader = L"yams_grubaa64.efi";
#elif ARM
CHAR16* loader = L"yams_grubarm.efi";
#elif X86_64
CHAR16* loader = L"yams_grubx64.efi";
#else
CHAR16* loader = L"yams_grubia32.efi";
#endif
EFI_STATUS
efi_main (EFI_HANDLE image, EFI_SYSTEM_TABLE *systab)
{
EFI_STATUS status;
UINT8 SecureBoot;
UINTN DataSize = sizeof(SecureBoot);
InitializeLib(image, systab);
console_reset();
status = RT->GetVariable(L"SecureBoot",
&GV_GUID, NULL, &DataSize, &SecureBoot);
if (status != EFI_SUCCESS) {
Print(L"Not a Secure Boot Platform %d\n", status);
goto override;
}
if (!SecureBoot) {
Print(L"Secure Boot Disabled\n");
goto override;
}
status = security_policy_install(security_policy_mok_override,
security_policy_mok_allow,
security_policy_mok_deny);
if (status != EFI_SUCCESS) {
console_error(L"Failed to install override security policy",
status);
/* Don't die, just try to execute without security policy */
goto override;
}
status = execute(image, loader);
if (status == EFI_SUCCESS)
goto out;
if (status != EFI_SECURITY_VIOLATION && status != EFI_ACCESS_DENIED) {
CHAR16 buf[256];
StrCpy(buf, L"Failed to start ");
StrCat(buf, loader);
console_error(buf, status);
goto out;
}
out:
status = security_policy_uninstall();
if (status != EFI_SUCCESS)
console_error(L"Failed to uninstall security policy. Platform needs rebooting", status);
return status;
override:
status = execute(image, loader);
if (status != EFI_SUCCESS) {
CHAR16 buf[256];
StrCpy(buf, L"Failed to start ");
StrCat(buf, loader);
console_error(buf, status);
}
return status;
}