From 89ed4a7d1fc1e1164c9f4ad2f0f8a3d1c0f7d90e Mon Sep 17 00:00:00 2001 From: Peter Jones Date: Mon, 3 Feb 2020 13:47:08 -0500 Subject: [PATCH 81/86] Add the beginnings of our security library. Signed-off-by: Peter Jones --- src/Android.mk | 5 ++++- src/Makefile | 20 +++++++++++++++----- src/efisec.h | 15 +++++++++++++++ src/efisec.pc.in | 11 +++++++++++ src/include/efivar/efisec.h | 17 +++++++++++++++++ src/libefisec.map.in | 7 +++++++ src/sec.c | 16 ++++++++++++++++ 7 files changed, 85 insertions(+), 6 deletions(-) create mode 100644 src/efisec.h create mode 100644 src/efisec.pc.in create mode 100644 src/include/efivar/efisec.h create mode 100644 src/libefisec.map.in create mode 100644 src/sec.c diff --git a/src/Android.mk b/src/Android.mk index f6af87c51ac..5a06137aa21 100644 --- a/src/Android.mk +++ b/src/Android.mk @@ -46,9 +46,12 @@ LIBEFIVAR_SOURCES := \ lib.c \ vars.c +LIBEFISEC_SOURCES := \ + sec.c + include $(LOCAL_PATH)/include/version.mk -LOCAL_SRC_FILES := $(LIBEFIBOOT_SOURCES) $(LIBEFIVAR_SOURCES) +LOCAL_SRC_FILES := $(LIBEFIBOOT_SOURCES) $(LIBEFIVAR_SOURCES) $(LIBEFISEC_SOURCES) LOCAL_CFLAGS := -D_FILE_OFFSET_BITS=64 -D_GNU_SOURCE -std=gnu11 -DLIBEFIVAR_VERSION=$(VERSION) -Wno-missing-field-initializers LOCAL_C_INCLUDES := $(LOCAL_PATH)/include LOCAL_EXPORT_C_INCLUDE_DIRS := $(LOCAL_C_INCLUDES) $(LOCAL_C_INCLUDES)/efivar $(local-generated-sources-dir) diff --git a/src/Makefile b/src/Makefile index b0ef8ec29a5..883e058facf 100644 --- a/src/Makefile +++ b/src/Makefile @@ -5,14 +5,16 @@ include $(TOPDIR)/src/include/version.mk include $(TOPDIR)/src/include/rules.mk include $(TOPDIR)/src/include/defaults.mk -LIBTARGETS=libefivar.so libefiboot.so -STATICLIBTARGETS=libefivar.a libefiboot.a +LIBTARGETS=libefivar.so libefiboot.so libefisec.so +STATICLIBTARGETS=libefivar.a libefiboot.a libefisec.a BINTARGETS=efivar STATICBINTARGETS=efivar-static -PCTARGETS=efivar.pc efiboot.pc +PCTARGETS=efivar.pc efiboot.pc efisec.pc TARGETS=$(LIBTARGETS) $(BINTARGETS) $(PCTARGETS) STATICTARGETS=$(STATICLIBTARGETS) $(STATICBINTARGETS) +LIBEFISEC_SOURCES = sec.c +LIBEFISEC_OBJECTS = $(patsubst %.c,%.o,$(LIBEFISEC_SOURCES)) LIBEFIBOOT_SOURCES = crc32.c creator.c disk.c gpt.c loadopt.c path-helpers.c \ linux.c $(sort $(wildcard linux-*.c)) LIBEFIBOOT_OBJECTS = $(patsubst %.c,%.o,$(LIBEFIBOOT_SOURCES)) @@ -23,8 +25,9 @@ LIBEFIVAR_OBJECTS = $(patsubst %.S,%.o,$(patsubst %.c,%.o,$(LIBEFIVAR_SOURCES))) EFIVAR_SOURCES = efivar.c GENERATED_SOURCES = include/efivar/efivar-guids.h guid-symbols.c MAKEGUIDS_SOURCES = makeguids.c guid.c -ALL_SOURCES=$(LIBEFIBOOT_SOURCES) $(LIBEFIVAR_SOURCES) $(MAKEGUIDS_SOURCES) \ - $(sort $(wildcard include/efivar/*.h)) $(GENERATED_SOURCES) $(EFIVAR_SOURCES) +ALL_SOURCES=$(LIBEFISEC_SOURCES) $(LIBEFIBOOT_SOURCES) $(LIBEFIVAR_SOURCES) \ + $(MAKEGUIDS_SOURCES) $(GENERATED_SOURCES) $(EFIVAR_SOURCES) \ + $(sort $(wildcard include/efivar/*.h)) $(call deps-of,$(ALL_SOURCES)) : | deps -include $(call deps-of,$(ALL_SOURCES)) @@ -86,6 +89,12 @@ libefiboot.so : | libefiboot.map libefivar.so libefiboot.so : LIBS=efivar libefiboot.so : MAP=libefiboot.map +libefisec.a : $(patsubst %.o,%.static.o,$(LIBEFISEC_OBJECTS)) + +libefisec.so : $(LIBEFISEC_OBJECTS) +libefisec.so : | libefisec.map +libefisec.so : MAP=libefisec.map + deps : $(ALL_SOURCES) @$(MAKE) -f $(SRCDIR)/include/deps.mk deps SOURCES="$(ALL_SOURCES)" @@ -116,6 +125,7 @@ test : all .PHONY: test deps abiclean abixml .SECONDARY : libefivar.so.1.$(VERSION) libefivar.so.1 .SECONDARY : libefiboot.so.1.$(VERSION) libefiboot.so.1 +.SECONDARY : libefisec.so.1.$(VERSION) libefisec.so.1 .SECONDARY : include/efivar/efivar-guids.h guid-symbols.c .INTERMEDIATE : guids.bin names.bin .PRECIOUS : guid-symbols.o makeguids diff --git a/src/efisec.h b/src/efisec.h new file mode 100644 index 00000000000..15d0f6d10e2 --- /dev/null +++ b/src/efisec.h @@ -0,0 +1,15 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * efisec.h + * Copyright 2018 Peter Jones + */ + +#ifndef PRIVATE_EFISEC_H_ +#define PRIVATE_EFISEC_H_ + +#include "efivar.h" +#include + +#endif /* !PRIVATE_EFISEC_H_ */ + +// vim:fenc=utf-8:tw=75:noet diff --git a/src/efisec.pc.in b/src/efisec.pc.in new file mode 100644 index 00000000000..d3d75aac509 --- /dev/null +++ b/src/efisec.pc.in @@ -0,0 +1,11 @@ +prefix=@@PREFIX@@ +exec_prefix=@@EXEC_PREFIX@@ +libdir=@@LIBDIR@@ +includedir=@@INCLUDEDIR@@ + +Name: efisec +Description: UEFI Security Features +Version: @@VERSION@@ +Libs: -L${libdir} -lefivar -lefisec +Libs.private: -ldl +Cflags: -I${includedir}/efivar diff --git a/src/include/efivar/efisec.h b/src/include/efivar/efisec.h new file mode 100644 index 00000000000..0ee5abe8bfd --- /dev/null +++ b/src/include/efivar/efisec.h @@ -0,0 +1,17 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * libefisec - library for the manipulation of EFI boot variables + * Copyright 2020 Peter M. Jones + * Copyright 2020 Red Hat, Inc. + */ +#ifndef EFISEC_H +#define EFISEC_H 1 + +#include + +extern uint32_t efi_get_libefisec_version(void) + __attribute__((__visibility__("default"))); + +#endif /* EFISEC_H */ + +// vim:fenc=utf-8:tw=75:noet diff --git a/src/libefisec.map.in b/src/libefisec.map.in new file mode 100644 index 00000000000..2e732cf1d9b --- /dev/null +++ b/src/libefisec.map.in @@ -0,0 +1,7 @@ +libefisec.so.0 { + local: *; +}; + +LIBEFISEC_1.38 { + global: efi_get_libefisec_version; +} libefisec.so.0; diff --git a/src/sec.c b/src/sec.c new file mode 100644 index 00000000000..6b6a70bb784 --- /dev/null +++ b/src/sec.c @@ -0,0 +1,16 @@ +// SPDX-License-Identifier: LGPL-2.1-or-later +/* + * sec.c + * Copyright 2020 Peter Jones + * + */ + +#include "efivar.h" + +uint32_t PUBLIC +efi_get_libefisec_version(void) +{ + return LIBEFIVAR_VERSION; +} + +// vim:fenc=utf-8:tw=75:noet -- 2.24.1