From 4bfb13d803f4d8efe544e0f2aa9cd712b8cb84b1 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Tue, 1 Oct 2013 11:58:52 +0800
Subject: [PATCH 37/74] Silence the functions of shim protocol
When grub2 invokes the functions of shim protocol in gfx mode,
OutputString in shim could distort the screen.
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
Conflicts:
shim.c
(modified by pjones to include some newer Prints that weren't there when
Gary did the initial work here.)
---
shim.c | 192 ++++++++++++++++++++++++++++++++++++++---------------------------
1 file changed, 114 insertions(+), 78 deletions(-)
diff --git a/shim.c b/shim.c
index f9fa606..69af766 100644
--- a/shim.c
+++ b/shim.c
@@ -59,6 +59,14 @@ static EFI_STATUS (EFIAPI *entry_point) (EFI_HANDLE image_handle, EFI_SYSTEM_TAB
static CHAR16 *second_stage;
static void *load_options;
static UINT32 load_options_size;
+static UINT8 in_protocol;
+
+#define perror(fmt, ...) ({ \
+ UINTN __perror_ret = 0; \
+ if (in_protocol) \
+ __perror_ret = Print((fmt), ##__VA_ARGS__); \
+ __perror_ret; \
+ })
EFI_GUID SHIM_LOCK_GUID = { 0x605dab50, 0xe046, 0x4300, {0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, 0x23} };
@@ -133,7 +141,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context,
#endif
if (context->NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_BASERELOC) {
- Print(L"Image has no relocation entry\n");
+ perror(L"Image has no relocation entry\n");
return EFI_UNSUPPORTED;
}
@@ -141,7 +149,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context,
RelocBaseEnd = ImageAddress(data, size, context->RelocDir->VirtualAddress + context->RelocDir->Size - 1);
if (!RelocBase || !RelocBaseEnd) {
- Print(L"Reloc table overflows binary\n");
+ perror(L"Reloc table overflows binary\n");
return EFI_UNSUPPORTED;
}
@@ -154,19 +162,19 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context,
Reloc = (UINT16 *) ((char *) RelocBase + sizeof (EFI_IMAGE_BASE_RELOCATION));
if ((RelocBase->SizeOfBlock == 0) || (RelocBase->SizeOfBlock > context->RelocDir->Size)) {
- Print(L"Reloc block size is invalid\n");
+ perror(L"Reloc block size is invalid\n");
return EFI_UNSUPPORTED;
}
RelocEnd = (UINT16 *) ((char *) RelocBase + RelocBase->SizeOfBlock);
if ((void *)RelocEnd < data || (void *)RelocEnd > ImageEnd) {
- Print(L"Reloc entry overflows binary\n");
+ perror(L"Reloc entry overflows binary\n");
return EFI_UNSUPPORTED;
}
FixupBase = ImageAddress(data, size, RelocBase->VirtualAddress);
if (!FixupBase) {
- Print(L"Invalid fixupbase\n");
+ perror(L"Invalid fixupbase\n");
return EFI_UNSUPPORTED;
}
@@ -215,7 +223,7 @@ static EFI_STATUS relocate_coff (PE_COFF_LOADER_IMAGE_CONTEXT *context,
break;
default:
- Print(L"Unknown relocation\n");
+ perror(L"Unknown relocation\n");
return EFI_UNSUPPORTED;
}
Reloc += 1;
@@ -478,7 +486,7 @@ static BOOLEAN secure_mode (void)
status = get_variable(L"SecureBoot", &Data, &len, global_var);
if (status != EFI_SUCCESS) {
- if (verbose)
+ if (verbose && !in_protocol)
console_notify(L"Secure boot not enabled");
return FALSE;
}
@@ -486,7 +494,7 @@ static BOOLEAN secure_mode (void)
FreePool(Data);
if (sb != 1) {
- if (verbose)
+ if (verbose && !in_protocol)
console_notify(L"Secure boot not enabled");
return FALSE;
}
@@ -499,7 +507,7 @@ static BOOLEAN secure_mode (void)
FreePool(Data);
if (setupmode == 1) {
- if (verbose)
+ if (verbose && !in_protocol)
console_notify(L"Platform is in setup mode");
return FALSE;
}
@@ -531,14 +539,14 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
unsigned int PEHdr_offset = 0;
if (datasize_in < 0) {
- Print(L"Invalid data size\n");
+ perror(L"Invalid data size\n");
return EFI_INVALID_PARAMETER;
}
size = datasize = (unsigned int)datasize_in;
if (datasize <= sizeof (*DosHdr) ||
DosHdr->e_magic != EFI_IMAGE_DOS_SIGNATURE) {
- Print(L"Invalid signature\n");
+ perror(L"Invalid signature\n");
return EFI_INVALID_PARAMETER;
}
PEHdr_offset = DosHdr->e_lfanew;
@@ -550,12 +558,12 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
sha1ctx = AllocatePool(sha1ctxsize);
if (!sha256ctx || !sha1ctx) {
- Print(L"Unable to allocate memory for hash context\n");
+ perror(L"Unable to allocate memory for hash context\n");
return EFI_OUT_OF_RESOURCES;
}
if (!Sha256Init(sha256ctx) || !Sha1Init(sha1ctx)) {
- Print(L"Unable to initialise hash\n");
+ perror(L"Unable to initialise hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -567,7 +575,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Update(sha256ctx, hashbase, hashsize)) ||
!(Sha1Update(sha1ctx, hashbase, hashsize))) {
- Print(L"Unable to generate hash\n");
+ perror(L"Unable to generate hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -579,7 +587,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Update(sha256ctx, hashbase, hashsize)) ||
!(Sha1Update(sha1ctx, hashbase, hashsize))) {
- Print(L"Unable to generate hash\n");
+ perror(L"Unable to generate hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -597,7 +605,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Update(sha256ctx, hashbase, hashsize)) ||
!(Sha1Update(sha1ctx, hashbase, hashsize))) {
- Print(L"Unable to generate hash\n");
+ perror(L"Unable to generate hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -621,14 +629,14 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
context->PEHdr->Pe32.FileHeader.SizeOfOptionalHeader +
(index * sizeof(*SectionPtr)));
if (!SectionPtr) {
- Print(L"Malformed section %d\n", index);
+ perror(L"Malformed section %d\n", index);
status = EFI_INVALID_PARAMETER;
goto done;
}
/* Validate section size is within image. */
if (SectionPtr->SizeOfRawData >
datasize - SumOfBytesHashed - SumOfSectionBytes) {
- Print(L"Malformed section %d size\n", index);
+ perror(L"Malformed section %d size\n", index);
status = EFI_INVALID_PARAMETER;
goto done;
}
@@ -637,7 +645,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * context->PEHdr->Pe32.FileHeader.NumberOfSections);
if (SectionHeader == NULL) {
- Print(L"Unable to allocate section header\n");
+ perror(L"Unable to allocate section header\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -669,7 +677,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
hashbase = ImageAddress(data, size, Section->PointerToRawData);
if (!hashbase) {
- Print(L"Malformed section header\n");
+ perror(L"Malformed section header\n");
status = EFI_INVALID_PARAMETER;
goto done;
}
@@ -677,7 +685,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
/* Verify hashsize within image. */
if (Section->SizeOfRawData >
datasize - Section->PointerToRawData) {
- Print(L"Malformed section raw size %d\n", index);
+ perror(L"Malformed section raw size %d\n", index);
status = EFI_INVALID_PARAMETER;
goto done;
}
@@ -685,7 +693,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Update(sha256ctx, hashbase, hashsize)) ||
!(Sha1Update(sha1ctx, hashbase, hashsize))) {
- Print(L"Unable to generate hash\n");
+ perror(L"Unable to generate hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -706,7 +714,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Update(sha256ctx, hashbase, hashsize)) ||
!(Sha1Update(sha1ctx, hashbase, hashsize))) {
- Print(L"Unable to generate hash\n");
+ perror(L"Unable to generate hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -714,7 +722,7 @@ static EFI_STATUS generate_hash (char *data, int datasize_in,
if (!(Sha256Final(sha256ctx, sha256hash)) ||
!(Sha1Final(sha1ctx, sha1hash))) {
- Print(L"Unable to finalise hash\n");
+ perror(L"Unable to finalise hash\n");
status = EFI_OUT_OF_RESOURCES;
goto done;
}
@@ -744,9 +752,9 @@ static EFI_STATUS verify_mok (void) {
shim_lock_guid, &attributes);
if (!EFI_ERROR(status) && attributes & EFI_VARIABLE_RUNTIME_ACCESS) {
- Print(L"MokList is compromised!\nErase all keys in MokList!\n");
+ perror(L"MokList is compromised!\nErase all keys in MokList!\n");
if (LibDeleteVariable(L"MokList", &shim_lock_guid) != EFI_SUCCESS) {
- Print(L"Failed to erase MokList\n");
+ perror(L"Failed to erase MokList\n");
return EFI_ACCESS_DENIED;
}
}
@@ -774,13 +782,13 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
context->SecDir->VirtualAddress);
if (!cert) {
- Print(L"Certificate located outside the image\n");
+ perror(L"Certificate located outside the image\n");
return EFI_INVALID_PARAMETER;
}
if (cert->Hdr.wCertificateType !=
WIN_CERT_TYPE_PKCS_SIGNED_DATA) {
- Print(L"Unsupported certificate type %x\n",
+ perror(L"Unsupported certificate type %x\n",
cert->Hdr.wCertificateType);
return EFI_UNSUPPORTED;
}
@@ -804,7 +812,7 @@ static EFI_STATUS verify_buffer (char *data, int datasize,
status = check_blacklist(cert, sha256hash, sha1hash);
if (status != EFI_SUCCESS) {
- Print(L"Binary is blacklisted\n");
+ perror(L"Binary is blacklisted\n");
return status;
}
@@ -857,7 +865,7 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
unsigned long HeaderWithoutDataDir, SectionHeaderOffset, OptHeaderSize;
if (datasize < sizeof(EFI_IMAGE_DOS_HEADER)) {
- Print(L"Invalid image\n");
+ perror(L"Invalid image\n");
return EFI_UNSUPPORTED;
}
@@ -877,7 +885,7 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
context->NumberOfSections = PEHdr->Pe32.FileHeader.NumberOfSections;
if (EFI_IMAGE_NUMBER_OF_DIRECTORY_ENTRIES < context->NumberOfRvaAndSizes) {
- Print(L"Image header too small\n");
+ perror(L"Image header too small\n");
return EFI_UNSUPPORTED;
}
@@ -885,7 +893,7 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
- sizeof (EFI_IMAGE_DATA_DIRECTORY) * EFI_IMAGE_NUMBER_OF_DIRECTORY_ENTRIES;
if (((UINT32)PEHdr->Pe32.FileHeader.SizeOfOptionalHeader - HeaderWithoutDataDir) !=
context->NumberOfRvaAndSizes * sizeof (EFI_IMAGE_DATA_DIRECTORY)) {
- Print(L"Image header overflows data directory\n");
+ perror(L"Image header overflows data directory\n");
return EFI_UNSUPPORTED;
}
@@ -895,28 +903,28 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
+ PEHdr->Pe32.FileHeader.SizeOfOptionalHeader;
if (((UINT32)context->ImageSize - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER
<= context->NumberOfSections) {
- Print(L"Image sections overflow image size\n");
+ perror(L"Image sections overflow image size\n");
return EFI_UNSUPPORTED;
}
if ((context->SizeOfHeaders - SectionHeaderOffset) / EFI_IMAGE_SIZEOF_SECTION_HEADER
< (UINT32)context->NumberOfSections) {
- Print(L"Image sections overflow section headers\n");
+ perror(L"Image sections overflow section headers\n");
return EFI_UNSUPPORTED;
}
if ((((UINT8 *)PEHdr - (UINT8 *)data) + sizeof(EFI_IMAGE_OPTIONAL_HEADER_UNION)) > datasize) {
- Print(L"Invalid image\n");
+ perror(L"Invalid image\n");
return EFI_UNSUPPORTED;
}
if (PEHdr->Te.Signature != EFI_IMAGE_NT_SIGNATURE) {
- Print(L"Unsupported image type\n");
+ perror(L"Unsupported image type\n");
return EFI_UNSUPPORTED;
}
if (PEHdr->Pe32.FileHeader.Characteristics & EFI_IMAGE_FILE_RELOCS_STRIPPED) {
- Print(L"Unsupported image - Relocations have been stripped\n");
+ perror(L"Unsupported image - Relocations have been stripped\n");
return EFI_UNSUPPORTED;
}
@@ -935,23 +943,24 @@ static EFI_STATUS read_header(void *data, unsigned int datasize,
context->FirstSection = (EFI_IMAGE_SECTION_HEADER *)((char *)PEHdr + PEHdr->Pe32.FileHeader.SizeOfOptionalHeader + sizeof(UINT32) + sizeof(EFI_IMAGE_FILE_HEADER));
if (context->ImageSize < context->SizeOfHeaders) {
- Print(L"Invalid image\n");
+ perror(L"Invalid image\n");
return EFI_UNSUPPORTED;
}
if ((unsigned long)((UINT8 *)context->SecDir - (UINT8 *)data) >
(datasize - sizeof(EFI_IMAGE_DATA_DIRECTORY))) {
- Print(L"Invalid image\n");
+ perror(L"Invalid image\n");
return EFI_UNSUPPORTED;
}
if (context->SecDir->VirtualAddress >= datasize) {
- Print(L"Malformed security header\n");
+ perror(L"Malformed security header\n");
return EFI_INVALID_PARAMETER;
}
return EFI_SUCCESS;
}
+
/*
* Once the image has been loaded it needs to be validated and relocated
*/
@@ -971,7 +980,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
*/
efi_status = read_header(data, datasize, &context);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to read header: %r\n", efi_status);
+ perror(L"Failed to read header: %r\n", efi_status);
return efi_status;
}
@@ -993,7 +1002,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
buffer = AllocatePool(context.ImageSize);
if (!buffer) {
- Print(L"Failed to allocate image buffer\n");
+ perror(L"Failed to allocate image buffer\n");
return EFI_OUT_OF_RESOURCES;
}
@@ -1013,13 +1022,13 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
end = ImageAddress (buffer, context.ImageSize, Section->VirtualAddress + size - 1);
if (!base || !end) {
- Print(L"Invalid section size\n");
+ perror(L"Invalid section size\n");
return EFI_UNSUPPORTED;
}
if (Section->VirtualAddress < context.SizeOfHeaders ||
Section->PointerToRawData < context.SizeOfHeaders) {
- Print(L"Section is inside image headers\n");
+ perror(L"Section is inside image headers\n");
return EFI_UNSUPPORTED;
}
@@ -1038,7 +1047,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
efi_status = relocate_coff(&context, buffer);
if (efi_status != EFI_SUCCESS) {
- Print(L"Relocation failed: %r\n", efi_status);
+ perror(L"Relocation failed: %r\n", efi_status);
FreePool(buffer);
return efi_status;
}
@@ -1056,7 +1065,7 @@ static EFI_STATUS handle_image (void *data, unsigned int datasize,
li->LoadOptionsSize = load_options_size;
if (!entry_point) {
- Print(L"Invalid entry point\n");
+ perror(L"Invalid entry point\n");
FreePool(buffer);
return EFI_UNSUPPORTED;
}
@@ -1079,7 +1088,7 @@ should_use_fallback(EFI_HANDLE image_handle)
rc = uefi_call_wrapper(BS->HandleProtocol, 3, image_handle,
&loaded_image_protocol, (void **)&li);
if (EFI_ERROR(rc)) {
- Print(L"Could not get image for bootx64.efi: %r\n", rc);
+ perror(L"Could not get image for bootx64.efi: %r\n", rc);
return 0;
}
@@ -1101,13 +1110,13 @@ should_use_fallback(EFI_HANDLE image_handle)
rc = uefi_call_wrapper(BS->HandleProtocol, 3, li->DeviceHandle,
&FileSystemProtocol, (void **)&fio);
if (EFI_ERROR(rc)) {
- Print(L"Could not get fio for li->DeviceHandle: %r\n", rc);
+ perror(L"Could not get fio for li->DeviceHandle: %r\n", rc);
return 0;
}
-
+
rc = uefi_call_wrapper(fio->OpenVolume, 2, fio, &vh);
if (EFI_ERROR(rc)) {
- Print(L"Could not open fio volume: %r\n", rc);
+ perror(L"Could not open fio volume: %r\n", rc);
return 0;
}
@@ -1185,7 +1194,7 @@ static EFI_STATUS generate_path(EFI_LOADED_IMAGE *li, CHAR16 *ImagePath,
*PathName = AllocatePool(StrSize(bootpath) + StrSize(ImagePath));
if (!*PathName) {
- Print(L"Failed to allocate path buffer\n");
+ perror(L"Failed to allocate path buffer\n");
efi_status = EFI_OUT_OF_RESOURCES;
goto error;
}
@@ -1226,14 +1235,14 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
(void **)&drive);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to find fs: %r\n", efi_status);
+ perror(L"Failed to find fs: %r\n", efi_status);
goto error;
}
efi_status = uefi_call_wrapper(drive->OpenVolume, 2, drive, &root);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to open fs: %r\n", efi_status);
+ perror(L"Failed to open fs: %r\n", efi_status);
goto error;
}
@@ -1244,14 +1253,14 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
EFI_FILE_MODE_READ, 0);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to open %s - %r\n", PathName, efi_status);
+ perror(L"Failed to open %s - %r\n", PathName, efi_status);
goto error;
}
fileinfo = AllocatePool(buffersize);
if (!fileinfo) {
- Print(L"Unable to allocate file info buffer\n");
+ perror(L"Unable to allocate file info buffer\n");
efi_status = EFI_OUT_OF_RESOURCES;
goto error;
}
@@ -1267,7 +1276,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
FreePool(fileinfo);
fileinfo = AllocatePool(buffersize);
if (!fileinfo) {
- Print(L"Unable to allocate file info buffer\n");
+ perror(L"Unable to allocate file info buffer\n");
efi_status = EFI_OUT_OF_RESOURCES;
goto error;
}
@@ -1277,7 +1286,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
}
if (efi_status != EFI_SUCCESS) {
- Print(L"Unable to get file info: %r\n", efi_status);
+ perror(L"Unable to get file info: %r\n", efi_status);
goto error;
}
@@ -1286,7 +1295,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
*data = AllocatePool(buffersize);
if (!*data) {
- Print(L"Unable to allocate file buffer\n");
+ perror(L"Unable to allocate file buffer\n");
efi_status = EFI_OUT_OF_RESOURCES;
goto error;
}
@@ -1305,7 +1314,7 @@ static EFI_STATUS load_image (EFI_LOADED_IMAGE *li, void **data,
}
if (efi_status != EFI_SUCCESS) {
- Print(L"Unexpected return from initial read: %r, buffersize %x\n", efi_status, buffersize);
+ perror(L"Unexpected return from initial read: %r, buffersize %x\n", efi_status, buffersize);
goto error;
}
@@ -1335,6 +1344,7 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size)
PE_COFF_LOADER_IMAGE_CONTEXT context;
loader_is_participating = 1;
+ in_protocol = 1;
if (!secure_mode())
return EFI_SUCCESS;
@@ -1342,9 +1352,35 @@ EFI_STATUS shim_verify (void *buffer, UINT32 size)
status = read_header(buffer, size, &context);
if (status != EFI_SUCCESS)
- return status;
+ goto done;
status = verify_buffer(buffer, size, &context);
+done:
+ in_protocol = 0;
+ return status;
+}
+
+static EFI_STATUS shim_hash (char *data, int datasize,
+ PE_COFF_LOADER_IMAGE_CONTEXT *context,
+ UINT8 *sha256hash, UINT8 *sha1hash)
+{
+ EFI_STATUS status;
+
+ in_protocol = 1;
+ status = generate_hash(data, datasize, context, sha256hash, sha1hash);
+ in_protocol = 0;
+
+ return status;
+}
+
+static EFI_STATUS shim_read_header(void *data, unsigned int datasize,
+ PE_COFF_LOADER_IMAGE_CONTEXT *context)
+{
+ EFI_STATUS status;
+
+ in_protocol = 1;
+ status = read_header(data, datasize, context);
+ in_protocol = 0;
return status;
}
@@ -1371,7 +1407,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath)
&loaded_image_protocol, (void **)&li);
if (efi_status != EFI_SUCCESS) {
- Print(L"Unable to init protocol\n");
+ perror(L"Unable to init protocol\n");
return efi_status;
}
@@ -1381,20 +1417,20 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath)
efi_status = generate_path(li, ImagePath, &PathName);
if (efi_status != EFI_SUCCESS) {
- Print(L"Unable to generate path %s: %r\n", ImagePath, efi_status);
+ perror(L"Unable to generate path %s: %r\n", ImagePath, efi_status);
goto done;
}
if (findNetboot(li->DeviceHandle)) {
efi_status = parseNetbootinfo(image_handle);
if (efi_status != EFI_SUCCESS) {
- Print(L"Netboot parsing failed: %r\n", efi_status);
+ perror(L"Netboot parsing failed: %r\n", efi_status);
return EFI_PROTOCOL_ERROR;
}
efi_status = FetchNetbootimage(image_handle, &sourcebuffer,
&sourcesize);
if (efi_status != EFI_SUCCESS) {
- Print(L"Unable to fetch TFTP image: %r\n", efi_status);
+ perror(L"Unable to fetch TFTP image: %r\n", efi_status);
return efi_status;
}
data = sourcebuffer;
@@ -1406,7 +1442,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath)
efi_status = load_image(li, &data, &datasize, PathName);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to load image %s: %r\n", PathName, efi_status);
+ perror(L"Failed to load image %s: %r\n", PathName, efi_status);
goto done;
}
}
@@ -1423,7 +1459,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath)
efi_status = handle_image(data, datasize, li);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to load image: %r\n", efi_status);
+ perror(L"Failed to load image: %r\n", efi_status);
CopyMem(li, &li_bak, sizeof(li_bak));
goto done;
}
@@ -1495,7 +1531,7 @@ EFI_STATUS mirror_mok_list()
;
FullData = AllocatePool(FullDataSize);
if (!FullData) {
- Print(L"Failed to allocate space for MokListRT\n");
+ perror(L"Failed to allocate space for MokListRT\n");
return EFI_OUT_OF_RESOURCES;
}
p = FullData;
@@ -1526,7 +1562,7 @@ EFI_STATUS mirror_mok_list()
| EFI_VARIABLE_RUNTIME_ACCESS,
FullDataSize, FullData);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to set MokListRT: %r\n", efi_status);
+ perror(L"Failed to set MokListRT: %r\n", efi_status);
}
return efi_status;
@@ -1567,7 +1603,7 @@ EFI_STATUS check_mok_request(EFI_HANDLE image_handle)
efi_status = start_image(image_handle, MOK_MANAGER);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to start MokManager: %r\n", efi_status);
+ perror(L"Failed to start MokManager: %r\n", efi_status);
return efi_status;
}
}
@@ -1601,9 +1637,9 @@ static EFI_STATUS check_mok_sb (void)
* modified by the OS
*/
if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) {
- Print(L"MokSBState is compromised! Clearing it\n");
+ perror(L"MokSBState is compromised! Clearing it\n");
if (LibDeleteVariable(L"MokSBState", &shim_lock_guid) != EFI_SUCCESS) {
- Print(L"Failed to erase MokSBState\n");
+ perror(L"Failed to erase MokSBState\n");
}
status = EFI_ACCESS_DENIED;
} else {
@@ -1642,9 +1678,9 @@ static EFI_STATUS check_mok_db (void)
* modified by the OS
*/
if (attributes & EFI_VARIABLE_RUNTIME_ACCESS) {
- Print(L"MokDBState is compromised! Clearing it\n");
+ perror(L"MokDBState is compromised! Clearing it\n");
if (LibDeleteVariable(L"MokDBState", &shim_lock_guid) != EFI_SUCCESS) {
- Print(L"Failed to erase MokDBState\n");
+ perror(L"Failed to erase MokDBState\n");
}
status = EFI_ACCESS_DENIED;
} else {
@@ -1674,7 +1710,7 @@ static EFI_STATUS mok_ignore_db()
| EFI_VARIABLE_RUNTIME_ACCESS,
DataSize, (void *)&Data);
if (efi_status != EFI_SUCCESS) {
- Print(L"Failed to set MokIgnoreDB: %r\n", efi_status);
+ perror(L"Failed to set MokIgnoreDB: %r\n", efi_status);
}
}
@@ -1702,7 +1738,7 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle)
status = uefi_call_wrapper(BS->HandleProtocol, 3, image_handle,
&LoadedImageProtocol, (void **) &li);
if (status != EFI_SUCCESS) {
- Print (L"Failed to get load options: %r\n", status);
+ perror (L"Failed to get load options: %r\n", status);
return status;
}
@@ -1746,7 +1782,7 @@ EFI_STATUS set_second_stage (EFI_HANDLE image_handle)
if (loader_len > 0) {
loader_str = AllocatePool((loader_len + 1) * sizeof(CHAR16));
if (!loader_str) {
- Print(L"Failed to allocate loader string\n");
+ perror(L"Failed to allocate loader string\n");
return EFI_OUT_OF_RESOURCES;
}
for (i = 0; i < loader_len; i++)
@@ -1825,8 +1861,8 @@ EFI_STATUS efi_main (EFI_HANDLE image_handle, EFI_SYSTEM_TABLE *passed_systab)
* call back in and use shim functions
*/
shim_lock_interface.Verify = shim_verify;
- shim_lock_interface.Hash = generate_hash;
- shim_lock_interface.Context = read_header;
+ shim_lock_interface.Hash = shim_hash;
+ shim_lock_interface.Context = shim_read_header;
systab = passed_systab;
--
1.9.3