[edk2-devel] [GSoC proposal] Secure Image Loader
Michael Brown
mcb30 at ipxe.org
Thu Apr 8 22:42:40 UTC 2021
On 08/04/2021 22:07, Marvin Häuser wrote:
> PE is not a moving target, but EDK II is. The fact that even old and proven code sometimes needs maintanance is evidental from the proposal and its so far positive feedback. I'm not ready to duplicate code, I'd rather take the utilities out of the current scope and discuss ways to consume MdePkg libraries later. In fact, I want to reduce code duplication as a "free benefit" from the changes, especially image hashing.
>
> I know it takes time, but I think it will be worth it. We have been debugging and fuzztesting our EDK II packages in userland for a while, and found it to be a great help. I hope you will agree. :)
In case any of it happens to be helpful:
https://github.com/ipxe/efikit
is a proof-of-concept build of portions of EDK2 (specifically, several
of the MdePkg libraries) as cross-platform libraries that can be linked
against by standard Linux, Windows, or Mac userspace applications.
It's quite satisfying to be able to use
#include <Library/DevicePathLib.h>
...
size_t len = UefiDevicePathLibGetDevicePathSize ( path );
from otherwise perfectly normal-looking userspace C code.
It uses GNU autotools, so just download
https://github.com/ipxe/efikit/releases/download/v0.3/efikit-0.3.tar.gz
and run the standard:
./configure
make
Totally undocumented (for now), but if you're curious then good places
to dig in are probably
https://github.com/ipxe/efikit/blob/master/src/Makefile.am#L186-L237
https://github.com/ipxe/efikit/blob/master/src/libefidevpath.c#L187-L215
Michael
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#73885): https://edk2.groups.io/g/devel/message/73885
Mute This Topic: https://groups.io/mt/81853302/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list