[edk2-devel] [PATCH v1 7/8] OvmfPkg: GenericQemuLoadImageLib: Allow verifying fw_cfg command line
Dov Murik
dovmurik at linux.ibm.com
Tue May 25 05:31:15 UTC 2021
From: James Bottomley <jejb at linux.ibm.com>
Add optional hook which calls a verifier with the content of the fw_cfg
command line.
Cc: Laszlo Ersek <lersek at redhat.com>
Cc: Ard Biesheuvel <ardb+tianocore at kernel.org>
Cc: Jordan Justen <jordan.l.justen at intel.com>
Cc: Ashish Kalra <ashish.kalra at amd.com>
Cc: Brijesh Singh <brijesh.singh at amd.com>
Cc: Erdem Aktas <erdemaktas at google.com>
Cc: James Bottomley <jejb at linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Min Xu <min.m.xu at intel.com>
Cc: Tom Lendacky <thomas.lendacky at amd.com>
Signed-off-by: James Bottomley <jejb at linux.ibm.com>
---
OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c | 29 ++++++++++++++++++++
1 file changed, 29 insertions(+)
diff --git a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
index 114db7e8441f..d3067dae1425 100644
--- a/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
+++ b/OvmfPkg/Library/GenericQemuLoadImageLib/GenericQemuLoadImageLib.c
@@ -51,6 +51,28 @@ STATIC CONST KERNEL_VENMEDIA_FILE_DEVPATH mKernelDevicePath = {
}
};
+STATIC FW_CFG_VERIFIER mVerifier = NULL;
+
+/**
+ Register a verifier for the Firmware Configuration Filesystem to use
+
+ @param[in] Verifier The verifier to register
+
+ @retval EFI_SUCCESS The verifier was successfully registered
+**/
+EFI_STATUS
+EFIAPI
+RegisterFwCfgVerifier (
+ IN FW_CFG_VERIFIER Verifier
+ )
+{
+ if (mVerifier != NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
+ mVerifier = Verifier;
+ return EFI_SUCCESS;
+}
+
/**
Download the kernel, the initial ramdisk, and the kernel command line from
QEMU's fw_cfg. The kernel will be instructed via its command line to load
@@ -149,6 +171,13 @@ QemuLoadKernelImage (
goto FreeCommandLine;
}
+ if (mVerifier != NULL) {
+ Status = mVerifier (NULL, CommandLine, CommandLineSize);
+ if (EFI_ERROR (Status)) {
+ goto FreeCommandLine;
+ }
+ }
+
//
// Drop the terminating NUL, convert to UTF-16.
//
--
2.25.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#75574): https://edk2.groups.io/g/devel/message/75574
Mute This Topic: https://groups.io/mt/83074458/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list