diff --git a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h index 899a149d3a..4b1d97b895 100644 --- a/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h +++ b/MfciPkg/Include/Library/MfciDeviceIdSupportLib.h @@ -8,48 +8,45 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/ -#ifndef __MFCI_DEVICE_ID_SUPPORT_LIB_H__ -#define __MFCI_DEVICE_ID_SUPPORT_LIB_H__ +#ifndef MFCI_DEVICE_ID_SUPPORT_LIB_H_ +#define MFCI_DEVICE_ID_SUPPORT_LIB_H_ #include -// define a generic function prototype shared by all library functions - /** - * Get a device-unique targeting value - * - * @param[out] String Device targeting value, a UTF-16 little endian string. - * Includes a wide NULL terminator. - * Refer to MfciPkg/Include/MfciVariables.h for more details. - * - * @param[out] StringSize (OPTIONAL) String size in bytes including the wide NULL terminator. - * NULL may be supplied if the size is not requested (it is NULL terminated after all) - * - * It is the callers responsibility to free the String buffer returned using FreePool() - * - * @return EFI_STATUS - * - * @retval EFI_UNSUPPORTED Likely using the NULL library instance - * @retval EFI_SUCCESS Successfully retrieved the string and length - */ - + Function pointer definition to get a device-unique targeting value. + It is the callers responsibility to free the String buffer returned using FreePool(). + + @param[out] String Device targeting value, a UTF-16 little endian string. + Includes a wide NULL terminator. + Refer to MfciPkg/Include/MfciVariables.h for more details. + @param[out] StringSize (OPTIONAL) String size in bytes including the wide NULL terminator. + NULL may be supplied if the size is not requested (it is NULL terminated after all) + + @retval EFI_UNSUPPORTED Likely using the NULL library instance. + @retval EFI_SUCCESS Successfully retrieved the string and length. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the string. + @retval EFI_INVALID_PARAMETER The String is NULL. +**/ typedef EFI_STATUS (EFIAPI *MFCI_DEVICE_ID_FN)( OUT CHAR16 **String, - OUT UINTN *StringSize + OUT UINTN *StringSize OPTIONAL ); /** - * Get the Manufacturer Name - * - * @param[out] Manufacturer - * @param[out] ManufacturerSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns Manufacturer Name of the device and string size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Manufacturer The Manufacturer string to be returned. + @param[out] ManufacturerSize The size of the Manufacturer string. + + @retval EFI_SUCCESS The Manufacturer string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Manufacturer is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the Manufacturer string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetManufacturer ( @@ -58,16 +55,17 @@ MfciIdSupportGetManufacturer ( ); /** - * - * Get the Product Name - * - * @param[out] ProductName - * @param[out] ProductNameSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Product Name string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] ProductName The ProductName string to be returned. + @param[out] ProductNameSize The size of the ProductName string. + + @retval EFI_SUCCESS The ProductName string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The ProductName is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the ProductName string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetProductName ( @@ -76,15 +74,17 @@ MfciIdSupportGetProductName ( ); /** - * Get the SerialNumber - * - * @param[out] SerialNumber - * @param[out] SerialNumberSize - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the SerialNumber string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] SerialNumber + @param[out] SerialNumberSize + + @retval EFI_SUCCESS The ProductName string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The ProductName is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the ProductName string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetSerialNumber ( @@ -93,15 +93,17 @@ MfciIdSupportGetSerialNumber ( ); /** - * Get OEM1 - * - * @param[out] Oem1 - * @param[out] Oem1Size - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Oem1 string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Oem1 The OEM1 string to be returned. + @param[out] Oem1Size The size of the OEM1 string. + + @retval EFI_SUCCESS The OEM1 string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Oem1 is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the OEM1 string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetOem1 ( @@ -110,15 +112,17 @@ MfciIdSupportGetOem1 ( ); /** - * Get OEM2 - * - * @param[out] Oem2 - * @param[out] Oem2Size - * - * It is the callers responsibility to free the buffer returned using FreePool() - * - * @return EFI_STATUS - */ + Function that returns the Oem2 string and size upon on return. + It is the callers responsibility to free the buffer returned using FreePool(). + + @param[out] Oem2 The OEM2 string to be returned. + @param[out] Oem2Size The size of the OEM2 string. + + @retval EFI_SUCCESS The OEM2 string was successfully returned. + @retval EFI_UNSUPPORTED The function is not supported. + @retval EFI_INVALID_PARAMETER The Oem2 is NULL. + @retval EFI_OUT_OF_RESOURCES There is not enough memory to allocate the OEM2 string. +**/ EFI_STATUS EFIAPI MfciIdSupportGetOem2 ( @@ -126,9 +130,9 @@ MfciIdSupportGetOem2 ( OUT UINTN *Oem2Size OPTIONAL ); -/** - * the following helps iterate over the functions and set the corresponding target variable names - */ +// +// The following helps iterate over the functions and set the corresponding target variable names. +// // define a structure that pairs up the function pointer with the UEFI variable name typedef struct { @@ -138,12 +142,7 @@ typedef struct { // populate the array of structures that pair up the functions with variable names #define MFCI_TARGET_VAR_COUNT 5 -STATIC CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { - { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, - { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, - { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, - { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, - { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } -}; - -#endif //__MFCI_DEVICE_ID_SUPPORT_LIB_H__ + +extern CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT]; + +#endif //MFCI_DEVICE_ID_SUPPORT_LIB_H_ diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c index 55cb0fa7cd..1e3c4c5b16 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.c @@ -13,6 +13,8 @@ #include #include +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { 0 }; + /** * Get the Manufacturer Name * diff --git a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c index 2f9bda21d7..cff1ce67b1 100644 --- a/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c +++ b/MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.c @@ -21,6 +21,15 @@ #define ID_NOT_FOUND "Not Found" +// populate the array of structures that pair up the functions with variable names +CONST MFCI_DEVICE_ID_FN_TO_VAR_NAME_MAP gDeviceIdFnToTargetVarNameMap[MFCI_TARGET_VAR_COUNT] = { + { MfciIdSupportGetManufacturer, MFCI_MANUFACTURER_VARIABLE_NAME }, + { MfciIdSupportGetProductName, MFCI_PRODUCT_VARIABLE_NAME }, + { MfciIdSupportGetSerialNumber, MFCI_SERIALNUMBER_VARIABLE_NAME }, + { MfciIdSupportGetOem1, MFCI_OEM_01_VARIABLE_NAME }, + { MfciIdSupportGetOem2, MFCI_OEM_02_VARIABLE_NAME } +}; + // Note: This protocol will guarantee to be met by the Depex and located at the // constructor of this library, thus no null-pointer check in library code flow. EFI_SMBIOS_PROTOCOL *mSmbiosProtocol; diff --git a/MfciPkg/MfciDxe/MfciTargeting.c b/MfciPkg/MfciDxe/MfciTargeting.c index bef28b1f75..95082e6d41 100644 --- a/MfciPkg/MfciDxe/MfciTargeting.c +++ b/MfciPkg/MfciDxe/MfciTargeting.c @@ -21,6 +21,29 @@ #include "MfciDxe.h" +/** + The strings of the names in the MFCI Policy name/value pairs +**/ +CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN] = { + L"Target\\Manufacturer", + L"Target\\Product", + L"Target\\SerialNumber", + L"Target\\OEM_01", + L"Target\\OEM_02", + L"Target\\Nonce", // this is nonce targeted by the binary policy blob + L"UEFI\\Policy" +}; + +CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { + MFCI_MANUFACTURER_VARIABLE_NAME, + MFCI_PRODUCT_VARIABLE_NAME, + MFCI_SERIALNUMBER_VARIABLE_NAME, + MFCI_OEM_01_VARIABLE_NAME, + MFCI_OEM_02_VARIABLE_NAME + // the platform has 2 nonce variables, one for verifying the current policy, another for verifying a next policy + // this complexity is handled elsewhere +}; + STATIC EFI_STATUS GetOemField ( diff --git a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c index 7e9c53170b..4ffa756ca5 100644 --- a/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c +++ b/MfciPkg/MfciDxe/Test/MfciMultipleCertsHostTest.c @@ -45,6 +45,8 @@ #define UNIT_TEST_NAME "Mfci Multiple Certificates Host Test" #define UNIT_TEST_VERSION "0.1" +CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { 0 }; + BOOLEAN EFIAPI GetRandomNumber64 ( diff --git a/MfciPkg/Private/MfciPolicyFields.h b/MfciPkg/Private/MfciPolicyFields.h index f2f2d1018b..07b4e237fe 100644 --- a/MfciPkg/Private/MfciPolicyFields.h +++ b/MfciPkg/Private/MfciPolicyFields.h @@ -46,28 +46,13 @@ typedef enum { /** The strings of the names in the MFCI Policy name/value pairs **/ -STATIC CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN] = { - L"Target\\Manufacturer", - L"Target\\Product", - L"Target\\SerialNumber", - L"Target\\OEM_01", - L"Target\\OEM_02", - L"Target\\Nonce", // this is nonce targeted by the binary policy blob - L"UEFI\\Policy" -}; +extern CONST CHAR16 gPolicyBlobFieldName[MFCI_POLICY_FIELD_COUNT][MFCI_POLICY_FIELD_MAX_LEN]; /** A helper that maps static MFCI Policy targeting fields to their corresponding UEFI variable names **/ #define TARGET_POLICY_COUNT 5 -STATIC CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH] = { - MFCI_MANUFACTURER_VARIABLE_NAME, - MFCI_PRODUCT_VARIABLE_NAME, - MFCI_SERIALNUMBER_VARIABLE_NAME, - MFCI_OEM_01_VARIABLE_NAME, - MFCI_OEM_02_VARIABLE_NAME - // the platform has 2 nonce variables, one for verifying the current policy, another for verifying a next policy - // this complexity is handled elsewhere -}; + +extern CONST CHAR16 gPolicyTargetFieldVarNames[TARGET_POLICY_COUNT][MFCI_VAR_NAME_MAX_LENGTH]; #endif //__MFCI_POLICY_FIELDS_H__ diff --git a/MfciPkg/UnitTests/MfciPkgHostTest.dsc b/MfciPkg/UnitTests/MfciPkgHostTest.dsc index 79dad3acba..bbcf53761d 100644 --- a/MfciPkg/UnitTests/MfciPkgHostTest.dsc +++ b/MfciPkg/UnitTests/MfciPkgHostTest.dsc @@ -49,7 +49,7 @@ [LibraryClasses] MfciPolicyParsingLib|MfciPkg/Private/Library/MfciPolicyParsingLibNull/MfciPolicyParsingLibNull.inf - MfciDeviceIdSupportLib|MfciPkg/Library/MfciDeviceIdSupportLibNull/MfciDeviceIdSupportLibNull.inf + MfciDeviceIdSupportLib|MfciPkg/Library/MfciDeviceIdSupportLibSmbios/MfciDeviceIdSupportLibSmbios.inf VariablePolicyHelperLib|MdeModulePkg/Library/VariablePolicyHelperLib/VariablePolicyHelperLib.inf UefiLib|MdePkg/Library/UefiLib/UefiLib.inf UefiBootServicesTableLib|MdePkg/Library/UefiBootServicesTableLib/UefiBootServicesTableLib.inf diff --git a/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf b/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf index 9e0bf7dfd8..b467a392ae 100644 --- a/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf +++ b/MfciPkg/UnitTests/MfciPolicyParsingUnitTest/MfciPolicyParsingUnitTestApp.inf @@ -21,12 +21,16 @@ [Sources] MfciPolicyParsingUnitTestApp.c + ../../MfciDxe/MfciTargeting.c [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec MfciPkg/MfciPkg.dec +[Guids] + gMfciVendorGuid ## CONSUMES + [Pcd] gMfciPkgTokenSpaceGuid.PcdMfciPkcs7CertBufferXdr ## CONSUMES gMfciPkgTokenSpaceGuid.PcdMfciPkcs7RequiredLeafEKU ## CONSUMES