Skip to content
体验新版
项目
组织
正在加载...
登录
切换导航
打开侧边栏
btwise
OpenCorePKG_MOD
提交
616505ca
O
OpenCorePKG_MOD
项目概览
btwise
/
OpenCorePKG_MOD
通知
26
Star
0
Fork
0
代码
文件
提交
分支
Tags
贡献者
分支图
Diff
Issue
0
列表
看板
标记
里程碑
合并请求
0
Wiki
0
Wiki
分析
仓库
DevOps
项目成员
Pages
O
OpenCorePKG_MOD
项目概览
项目概览
详情
发布
仓库
仓库
文件
提交
分支
标签
贡献者
分支图
比较
Issue
0
Issue
0
列表
看板
标记
里程碑
合并请求
0
合并请求
0
Pages
分析
分析
仓库分析
DevOps
Wiki
0
Wiki
成员
成员
收起侧边栏
关闭侧边栏
动态
分支图
创建新Issue
提交
Issue看板
体验新版 GitCode,发现更多精彩内容 >>
提交
616505ca
编写于
4月 24, 2020
作者:
V
vit9696
浏览文件
操作
浏览文件
下载
电子邮件补丁
差异文件
OcBootManagementLib: Added experimental `BootProtect` `Security` option
closes acidanthera/bugtracker#859
上级
da1577b2
变更
16
显示空白变更内容
内联
并排
Showing
16 changed file
with
325 addition
and
96 deletion
+325
-96
Changelog.md
Changelog.md
+1
-0
Docs/Configuration.pdf
Docs/Configuration.pdf
+0
-0
Docs/Configuration.tex
Docs/Configuration.tex
+29
-0
Docs/Differences/Differences.pdf
Docs/Differences/Differences.pdf
+0
-0
Docs/Differences/Differences.tex
Docs/Differences/Differences.tex
+36
-2
Docs/Sample.plist
Docs/Sample.plist
+2
-0
Docs/SampleFull.plist
Docs/SampleFull.plist
+2
-0
Include/Library/OcBootManagementLib.h
Include/Library/OcBootManagementLib.h
+22
-0
Include/Library/OcConfigurationLib.h
Include/Library/OcConfigurationLib.h
+1
-0
Include/OpenCore.h
Include/OpenCore.h
+2
-0
Library/OcBootManagementLib/BootArguments.c
Library/OcBootManagementLib/BootArguments.c
+1
-1
Library/OcBootManagementLib/BootEntryInfo.c
Library/OcBootManagementLib/BootEntryInfo.c
+3
-3
Library/OcBootManagementLib/DefaultEntryChoice.c
Library/OcBootManagementLib/DefaultEntryChoice.c
+198
-73
Library/OcConfigurationLib/OcConfigurationLib.c
Library/OcConfigurationLib/OcConfigurationLib.c
+1
-0
Platform/OpenCore/OpenCoreMisc.c
Platform/OpenCore/OpenCoreMisc.c
+24
-14
macbuild.tool
macbuild.tool
+3
-3
未找到文件。
Changelog.md
浏览文件 @
616505ca
...
...
@@ -17,6 +17,7 @@ OpenCore Changelog
-
Added
`AppleRtcRam`
protocol implementation
-
Renamed
`Protocols`
to
`ProtocolOverrides`
for clarity
-
Added ResetSystem tool to allow shutdown/reset actions in the menu
-
Added experimental
`BootProtect`
`Security`
option
#### v0.5.7
-
Added TimeMachine detection to picker
...
...
Docs/Configuration.pdf
浏览文件 @
616505ca
无法预览此类型文件
Docs/Configuration.tex
浏览文件 @
616505ca
...
...
@@ -2537,6 +2537,35 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-log |
NVRAM and RTC, which despite being removed as soon as OpenCore starts, may be
considered a security risk and thus is optional.
\item
\texttt
{
BootProtect
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
string
}
\\
\textbf
{
Failsafe
}
:
\texttt
{
None
}
\\
\textbf
{
Description
}
: Attempt to provide bootloader persistence.
Valid values:
\begin{itemize}
\tightlist
\item
\texttt
{
None
}
--- do nothing.
\item
\texttt
{
Bootstrap
}
--- create or update top-priority
\texttt
{
\textbackslash
EFI
\textbackslash
OC
\textbackslash
Bootstrap
\textbackslash
Bootstrap.efi
}
boot option (
\texttt
{
Boot9696
}
) in UEFI variable storage at bootloader startup. For this option
to work
\texttt
{
RequestBootVarRouting
}
is required to be enabled.
\end{itemize}
This option provides integration with third-party operating system installation and upgrade
at the times they overwrite
\texttt
{
\textbackslash
EFI
\textbackslash
BOOT
\textbackslash
BOOTx64.efi
}
file. By creating a custom option in
\texttt
{
Bootstrap
}
mode this file path becomes no longer
used for bootstraping OpenCore.
\emph
{
Note 1
}
: Some firmewares may have broken NVRAM, no boot option support, or various other
incompatibilities of any kind. While unlikely, the use of this option may even cause boot failure.
Use at your own risk on boards known to be compatible.
\emph
{
Note 2
}
: Be warned that NVRAM reset will also erase the boot option created in
\texttt
{
Bootstrap
}
mode.
\item
\texttt
{
ExposeSensitiveData
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
\\
...
...
Docs/Differences/Differences.pdf
浏览文件 @
616505ca
无法预览此类型文件
Docs/Differences/Differences.tex
浏览文件 @
616505ca
\documentclass
[]
{
article
}
%DIF LATEXDIFF DIFFERENCE FILE
%DIF DEL PreviousConfiguration.tex Tue Apr 7 19:32:13 2020
%DIF ADD ../Configuration.tex
Mon Apr 20 13:11:07
2020
%DIF ADD ../Configuration.tex
Fri Apr 24 00:55:25
2020
\usepackage
{
lmodern
}
\usepackage
{
amssymb,amsmath
}
...
...
@@ -2602,7 +2602,41 @@ nvram 4D1FDA02-38C7-4A6A-9CC6-4BCCA8B30102:boot-log |
considered a security risk and thus is optional.
\item
\texttt
{
ExposeSensitiveData
}
\\
\DIFaddbegin
\texttt
{
\DIFadd
{
BootProtect
}}
\\
\textbf
{
\DIFadd
{
Type
}}
\DIFadd
{
:
}
\texttt
{
\DIFadd
{
plist
\
string
}}
\\
\textbf
{
\DIFadd
{
Failsafe
}}
\DIFadd
{
:
}
\texttt
{
\DIFadd
{
None
}}
\\
\textbf
{
\DIFadd
{
Description
}}
\DIFadd
{
: Attempt to provide bootloader persistence.
}
\DIFadd
{
Valid values:
}
\begin{itemize}
\tightlist
\item
\texttt
{
\DIFadd
{
None
}}
\DIFadd
{
--- do nothing.
}
\item
\texttt
{
\DIFadd
{
Bootstrap
}}
\DIFadd
{
--- create or update top-priority
}
\texttt
{
\DIFadd
{
\textbackslash
EFI
\textbackslash
OC
\textbackslash
Bootstrap
\textbackslash
Bootstrap.efi
}}
\DIFadd
{
boot option (
}
\texttt
{
\DIFadd
{
Boot9696
}}
\DIFadd
{
) in UEFI variable storage at bootloader startup. For this option
to work
}
\texttt
{
\DIFadd
{
RequestBootVarRouting
}}
\DIFadd
{
is required to be enabled.
}
\end{itemize}
\DIFadd
{
This option provides integration with third-party operating system installation and upgrade
at the times they overwrite
}
\texttt
{
\DIFadd
{
\textbackslash
EFI
\textbackslash
BOOT
\textbackslash
BOOTx64.efi
}}
\DIFadd
{
file. By creating a custom option in
}
\texttt
{
\DIFadd
{
Bootstrap
}}
\DIFadd
{
mode this file path becomes no longer
used for bootstraping OpenCore.
}
\emph
{
\DIFadd
{
Note 1
}}
\DIFadd
{
: Some firmewares may have broken NVRAM, no boot option support, or various other
incompatibilities of any kind. While unlikely, the use of this option may even cause boot failure.
Use at your own risk on boards known to be compatible.
}
\emph
{
\DIFadd
{
Note 2
}}
\DIFadd
{
: Be warned that NVRAM reset will also erase the boot option created in
}
\texttt
{
\DIFadd
{
Bootstrap
}}
\DIFadd
{
mode.
}
\item
\DIFaddend
\texttt
{
ExposeSensitiveData
}
\\
\textbf
{
Type
}
:
\texttt
{
plist
\
integer
}
\\
\textbf
{
Failsafe
}
:
\texttt
{
0x6
}
\\
\textbf
{
Description
}
: Sensitive data exposure bitmask (sum) to operating system.
...
...
Docs/Sample.plist
浏览文件 @
616505ca
...
...
@@ -610,6 +610,8 @@
<false/>
<key>
AuthRestart
</key>
<false/>
<key>
BootProtect
</key>
<string>
None
</string>
<key>
ExposeSensitiveData
</key>
<integer>
6
</integer>
<key>
HaltLevel
</key>
...
...
Docs/SampleFull.plist
浏览文件 @
616505ca
...
...
@@ -610,6 +610,8 @@
<false/>
<key>
AuthRestart
</key>
<false/>
<key>
BootProtect
</key>
<string>
None
</string>
<key>
ExposeSensitiveData
</key>
<integer>
6
</integer>
<key>
HaltLevel
</key>
...
...
Include/Library/OcBootManagementLib.h
浏览文件 @
616505ca
...
...
@@ -100,6 +100,12 @@ typedef UINT32 OC_BOOT_ENTRY_TYPE;
#define OC_BOOT_RESET_NVRAM BIT7
#define OC_BOOT_SYSTEM (OC_BOOT_RESET_NVRAM)
/**
Default boot option numbers.
**/
#define OC_BOOT_OPTION 0x9696
#define OC_BOOT_OPTION_VARIABLE_NAME L"Boot9696"
/**
Picker mode.
**/
...
...
@@ -1099,4 +1105,20 @@ OcToggleVoiceOver (
IN
UINT32
File
OPTIONAL
);
/**
Register top-most priority boot option.
@param[in] OptionName Option name to create.
@param[in] DeviceHandle Device handle of the file system.
@param[in] FilePath Bootloader path.
@retval EFI_SUCCESS on success.
**/
EFI_STATUS
OcRegisterBootOption
(
IN
CONST
CHAR16
*
OptionName
,
IN
EFI_HANDLE
DeviceHandle
,
IN
CONST
CHAR16
*
FilePath
);
#endif // OC_BOOT_MANAGEMENT_LIB_H
Include/Library/OcConfigurationLib.h
浏览文件 @
616505ca
...
...
@@ -305,6 +305,7 @@ typedef enum {
}
OCS_VAULT_MODE
;
#define OC_MISC_SECURITY_FIELDS(_, __) \
_(OC_STRING , BootProtect , , OC_STRING_CONSTR ("None", _, __), OC_DESTR (OC_STRING) ) \
_(OC_STRING , Vault , , OC_STRING_CONSTR ("Secure", _, __), OC_DESTR (OC_STRING) ) \
_(UINT32 , ScanPolicy , , OC_SCAN_DEFAULT_POLICY , ()) \
_(BOOLEAN , AllowNvramReset , , FALSE , ()) \
...
...
Include/OpenCore.h
浏览文件 @
616505ca
...
...
@@ -45,6 +45,8 @@
#error "Unknown target definition"
#endif
#define OPEN_CORE_BOOTSTRAP_PATH L"EFI\\OC\\Bootsrap\\Bootstrap.efi"
#define OPEN_CORE_DRIVER_PATH L"EFI\\OC\\OpenCore.efi"
#define OPEN_CORE_ROOT_PATH L"EFI\\OC"
...
...
Library/OcBootManagementLib/BootArguments.c
浏览文件 @
616505ca
...
...
@@ -159,7 +159,7 @@ OcAppendArgumentToCmd (
// Account for extra space.
//
if
(
Len
+
(
Len
>
0
?
1
:
0
)
+
ArgumentLength
>=
BOOT_LINE_LENGTH
)
{
DEBUG
((
DEBUG_INFO
,
"OCB
M
: boot-args are invalid, ignoring
\n
"
));
DEBUG
((
DEBUG_INFO
,
"OCB: boot-args are invalid, ignoring
\n
"
));
return
FALSE
;
}
...
...
Library/OcBootManagementLib/BootEntryInfo.c
浏览文件 @
616505ca
...
...
@@ -50,7 +50,7 @@ InternalGetAppleDiskLabel (
}
UnicodeSPrint
(
DiskLabelPath
,
DiskLabelPathSize
,
L"%s%s"
,
BootDirectoryName
,
LabelFilename
);
DEBUG
((
DEBUG_INFO
,
"OCB
M
: Trying to get label from %s
\n
"
,
DiskLabelPath
));
DEBUG
((
DEBUG_INFO
,
"OCB: Trying to get label from %s
\n
"
,
DiskLabelPath
));
AsciiDiskLabel
=
(
CHAR8
*
)
ReadFile
(
FileSystem
,
DiskLabelPath
,
&
DiskLabelLength
,
OC_MAX_VOLUME_LABEL_SIZE
);
FreePool
(
DiskLabelPath
);
...
...
@@ -88,7 +88,7 @@ InternalGetAppleImage (
}
UnicodeSPrint
(
ImagePath
,
ImagePathSize
,
L"%s%s"
,
DirectoryName
,
LabelFilename
);
DEBUG
((
DEBUG_INFO
,
"OCB
M
: Trying to get image from %s
\n
"
,
ImagePath
));
DEBUG
((
DEBUG_INFO
,
"OCB: Trying to get image from %s
\n
"
,
ImagePath
));
*
ImageData
=
ReadFile
(
FileSystem
,
ImagePath
,
DataSize
,
BASE_16MB
);
...
...
@@ -315,7 +315,7 @@ InternalGetRecoveryOsBooter (
DEBUG_CODE_BEGIN
();
DevicePathText
=
ConvertDevicePathToText
(
*
FilePath
,
FALSE
,
FALSE
);
if
(
DevicePathText
!=
NULL
)
{
DEBUG
((
DEBUG_INFO
,
"OCB
M
: Got recovery dp %s
\n
"
,
DevicePathText
));
DEBUG
((
DEBUG_INFO
,
"OCB: Got recovery dp %s
\n
"
,
DevicePathText
));
FreePool
(
DevicePathText
);
}
DEBUG_CODE_END
();
...
...
Library/OcBootManagementLib/DefaultEntryChoice.c
浏览文件 @
616505ca
...
...
@@ -20,6 +20,7 @@
#include <Guid/OcVariables.h>
#include <Protocol/LoadedImage.h>
#include <Protocol/OcFirmwareRuntime.h>
#include <Protocol/SimpleFileSystem.h>
#include <Library/BaseMemoryLib.h>
...
...
@@ -998,94 +999,225 @@ OcSetDefaultBootEntry (
return
Status
;
}
#if 0
STATIC
VOID
InternalReportLoadOption (
IN EFI_DEVICE_PATH_PROTOCOL *DevicePath,
IN EFI_GUID *BootGuid
EFI_STATUS
InternalRegisterBootOption
(
IN
CONST
CHAR16
*
OptionName
,
IN
EFI_HANDLE
DeviceHandle
,
IN
CONST
CHAR16
*
FilePath
)
{
EFI_STATUS
Status
;
EFI_LOAD_OPTION
*
Option
;
UINTN
OptionNameSize
;
UINTN
DevicePathSize
;
UINTN LoadOptionSize;
EFI_LOAD_OPTION *LoadOption;
UINT16 LoadOptionNo;
EFI_LOAD_OPTION *CurrLoadOption;
CONST CHAR16 *LoadOptionName;
UINTN LoadOptionNameSize;
UINTN CurrLoadOptionSize;
UINTN
OptionSize
;
EFI_DEVICE_PATH_PROTOCOL
*
DevicePath
;
EFI_DEVICE_PATH_PROTOCOL
*
CurrDevicePath
;
UINTN
Index
;
UINT16
*
BootOrder
;
UINTN
BootOrderSize
;
UINT32
BootOrderAttributes
;
UINT16
NewBootOrder
;
BOOLEAN
CurrOptionValid
;
//
// Always report valid option in BootCurrent.
// Unless done there is no way for Windows to properly hibernate.
//
Status
=
gBS
->
HandleProtocol
(
DeviceHandle
,
&
gEfiDevicePathProtocolGuid
,
(
VOID
**
)
&
DevicePath
);
if
(
EFI_ERROR
(
Status
))
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to obtain device path for boot option - %r
\n
"
,
Status
));
return
Status
;
}
DevicePath
=
AppendFileNameDevicePath
(
DevicePath
,
(
CHAR16
*
)
FilePath
);
if
(
DevicePath
==
NULL
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to append %s loader path for boot option - %r
\n
"
,
FilePath
));
return
EFI_OUT_OF_RESOURCES
;
}
CurrDevicePath
=
InternalGetBootOptionData
(
OC_BOOT_OPTION
,
&
gEfiGlobalVariableGuid
,
NULL
,
NULL
,
NULL
);
if
(
CurrDevicePath
!=
NULL
)
{
CurrOptionValid
=
IsDevicePathEqual
(
DevicePath
,
CurrDevicePath
);
FreePool
(
CurrDevicePath
);
}
else
{
CurrOptionValid
=
FALSE
;
}
LoadOptionName = L"OC Boot";
LoadOptionNameSize = L_STR_SIZE (L"OC Boot");
DEBUG
((
DEBUG_INFO
,
"OCB: Have existing option %d, valid %d
\n
"
,
CurrDevicePath
!=
NULL
,
CurrOptionValid
));
if
(
!
CurrOptionValid
)
{
OptionNameSize
=
StrSize
(
OptionName
);
DevicePathSize
=
GetDevicePathSize
(
DevicePath
);
LoadOptionSize = sizeof (EFI_LOAD_OPTION) + Load
OptionNameSize + DevicePathSize;
OptionSize
=
sizeof
(
EFI_LOAD_OPTION
)
+
OptionNameSize
+
DevicePathSize
;
LoadOption = AllocatePool (LoadOptionSize);
if (LoadOption == NULL) {
DEBUG ((DEBUG_INFO, "OCB: Failed to allocate BootFFFF (%u)\n", (UINT32) LoadOptionSize));
return;
DEBUG
((
DEBUG_INFO
,
"OCB: Creating boot option %s of %u bytes
\n
"
,
OptionName
,
(
UINT32
)
OptionSize
));
Option
=
AllocatePool
(
OptionSize
);
if
(
Option
==
NULL
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to allocate boot option (%u)
\n
"
,
(
UINT32
)
OptionSize
));
FreePool
(
DevicePath
);
return
EFI_OUT_OF_RESOURCES
;
}
LoadOption->Attributes = LOAD_OPTION_HIDDEN
;
Load
Option->FilePathListLength = (UINT16) DevicePathSize;
CopyMem (LoadOption + 1, LoadOptionName, Load
OptionNameSize);
CopyMem ((UINT8 *) (LoadOption + 1) + Load
OptionNameSize, DevicePath, DevicePathSize);
Option
->
Attributes
=
LOAD_OPTION_ACTIVE
|
LOAD_OPTION_CATEGORY_BOOT
;
Option
->
FilePathListLength
=
(
UINT16
)
DevicePathSize
;
CopyMem
(
Option
+
1
,
OptionName
,
OptionNameSize
);
CopyMem
((
UINT8
*
)
(
Option
+
1
)
+
OptionNameSize
,
DevicePath
,
DevicePathSize
);
CurrLoadOption = NULL;
CurrLoadOptionSize = 0;
Status = GetVariable2 (
L"BootFFFF",
BootGuid,
(VOID **) &CurrLoadOption,
&CurrLoadOptionSize
Status
=
gRT
->
SetVariable
(
OC_BOOT_OPTION_VARIABLE_NAME
,
&
gEfiGlobalVariableGuid
,
EFI_VARIABLE_BOOTSERVICE_ACCESS
|
EFI_VARIABLE_RUNTIME_ACCESS
|
EFI_VARIABLE_NON_VOLATILE
,
OptionSize
,
Option
);
FreePool
(
Option
);
FreePool
(
DevicePath
);
if
(
EFI_ERROR
(
Status
))
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to store boot option - %r
\n
"
,
Status
));
return
Status
;
}
}
BootOrderSize
=
0
;
Status
=
gRT
->
GetVariable
(
EFI_BOOT_ORDER_VARIABLE_NAME
,
&
gEfiGlobalVariableGuid
,
&
BootOrderAttributes
,
&
BootOrderSize
,
NULL
);
if (EFI_ERROR (Status)
|| CurrLoadOptionSize != LoadOptionSize
|| CompareMem (CurrLoadOption, LoadOption, LoadOptionSize) != 0) {
DEBUG
((
DEBUG_INFO
,
"OCB: Overwriting BootFFFF (%r/%u)\n",
Status,
(UINT32) CurrLoadOptionSize,
(UINT32) LoadOptionSize
"OCB: Have existing order of size %u - %r
\n
"
,
(
UINT32
)
BootOrderSize
,
Status
));
gRT->SetVariable (
L"BootFFFF",
BootGuid,
if
(
Status
==
EFI_BUFFER_TOO_SMALL
&&
BootOrderSize
>
0
&&
BootOrderSize
%
sizeof
(
UINT16
)
==
0
)
{
BootOrder
=
AllocatePool
(
BootOrderSize
+
sizeof
(
UINT16
));
if
(
BootOrder
==
NULL
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to allocate boot order
\n
"
));
return
EFI_OUT_OF_RESOURCES
;
}
Status
=
gRT
->
GetVariable
(
EFI_BOOT_ORDER_VARIABLE_NAME
,
&
gEfiGlobalVariableGuid
,
&
BootOrderAttributes
,
&
BootOrderSize
,
(
VOID
*
)
(
BootOrder
+
1
)
);
if
(
EFI_ERROR
(
Status
)
||
BootOrderSize
==
0
||
BootOrderSize
%
sizeof
(
UINT16
)
!=
0
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Failed to obtain boot order %u - %r
\n
"
,
(
UINT32
)
BootOrderSize
,
Status
));
if
(
!
EFI_ERROR
(
Status
))
{
FreePool
(
BootOrder
);
}
return
EFI_OUT_OF_RESOURCES
;
}
if
(
BootOrder
[
1
]
==
OC_BOOT_OPTION
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Boot order has first option as the default option
\n
"
));
FreePool
(
BootOrder
);
return
EFI_SUCCESS
;
}
BootOrder
[
0
]
=
OC_BOOT_OPTION
;
Index
=
1
;
while
(
Index
<=
BootOrderSize
/
sizeof
(
UINT16
))
{
if
(
BootOrder
[
Index
]
==
OC_BOOT_OPTION
)
{
DEBUG
((
DEBUG_INFO
,
"OCB: Moving boot option to the front from %u position
\n
"
,
(
UINT32
)
Index
));
CopyMem
(
&
BootOrder
[
Index
],
&
BootOrder
[
Index
+
1
],
BootOrderSize
-
Index
*
sizeof
(
UINT16
)
);
BootOrderSize
-=
sizeof
(
UINT16
);
}
else
{
++
Index
;
}
}
Status
=
gRT
->
SetVariable
(
EFI_BOOT_ORDER_VARIABLE_NAME
,
&
gEfiGlobalVariableGuid
,
EFI_VARIABLE_BOOTSERVICE_ACCESS
|
EFI_VARIABLE_RUNTIME_ACCESS
|
EFI_VARIABLE_NON_VOLATILE
,
LoadOptionSize
,
LoadOption
BootOrderSize
+
sizeof
(
UINT16
)
,
BootOrder
);
FreePool
(
BootOrder
);
}
else
{
DEBUG ((DEBUG_INFO, "OCB: Accepting same BootFFFF\n"));
NewBootOrder
=
OC_BOOT_OPTION
;
Status
=
gRT
->
SetVariable
(
EFI_BOOT_ORDER_VARIABLE_NAME
,
&
gEfiGlobalVariableGuid
,
EFI_VARIABLE_BOOTSERVICE_ACCESS
|
EFI_VARIABLE_RUNTIME_ACCESS
|
EFI_VARIABLE_NON_VOLATILE
,
sizeof
(
UINT16
),
&
NewBootOrder
);
}
if (CurrLoadOption != NULL) {
FreePool (CurrLoadOption);
DEBUG
((
DEBUG_INFO
,
"OCB: Wrote new boot order with boot option - %r
\n
"
,
Status
));
return
EFI_SUCCESS
;
}
EFI_STATUS
OcRegisterBootOption
(
IN
CONST
CHAR16
*
OptionName
,
IN
EFI_HANDLE
DeviceHandle
,
IN
CONST
CHAR16
*
FilePath
)
{
EFI_STATUS
Status
;
OC_FIRMWARE_RUNTIME_PROTOCOL
*
FwRuntime
;
OC_FWRT_CONFIG
Config
;
Status
=
gBS
->
LocateProtocol
(
&
gOcFirmwareRuntimeProtocolGuid
,
NULL
,
(
VOID
**
)
&
FwRuntime
);
if
(
!
EFI_ERROR
(
Status
)
&&
FwRuntime
->
Revision
==
OC_FIRMWARE_RUNTIME_REVISION
)
{
ZeroMem
(
&
Config
,
sizeof
(
Config
));
FwRuntime
->
SetOverride
(
&
Config
);
DEBUG
((
DEBUG_INFO
,
"OCB: Found FW NVRAM, full access %d
\n
"
,
Config
.
BootVariableRedirect
));
}
else
{
FwRuntime
=
NULL
;
DEBUG
((
DEBUG_INFO
,
"OCB: Missing FW NVRAM, going on...
\n
"
));
}
FreePool (LoadOption);
LoadOptionNo = 0xFFFF;
gRT->SetVariable (
L"BootCurrent",
BootGuid,
EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (LoadOptionNo),
&LoadOptionNo
Status
=
InternalRegisterBootOption
(
OptionName
,
DeviceHandle
,
FilePath
);
if
(
FwRuntime
!=
NULL
)
{
FwRuntime
->
SetOverride
(
NULL
);
}
return
Status
;
}
#endif
EFI_STATUS
InternalLoadBootEntry
(
...
...
@@ -1193,13 +1325,6 @@ InternalLoadBootEntry (
}
if
(
!
EFI_ERROR
(
Status
))
{
#if 0
InternalReportLoadOption (
DevicePath,
Context->CustomBootGuid ? &gOcVendorVariableGuid : &gEfiGlobalVariableGuid
);
#endif
OptionalStatus
=
gBS
->
HandleProtocol
(
*
EntryHandle
,
&
gEfiLoadedImageProtocolGuid
,
...
...
Library/OcConfigurationLib/OcConfigurationLib.c
浏览文件 @
616505ca
...
...
@@ -354,6 +354,7 @@ mMiscConfigurationSecuritySchema[] = {
OC_SCHEMA_BOOLEAN_IN
(
"AllowNvramReset"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
AllowNvramReset
),
OC_SCHEMA_BOOLEAN_IN
(
"AllowSetDefault"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
AllowSetDefault
),
OC_SCHEMA_BOOLEAN_IN
(
"AuthRestart"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
AuthRestart
),
OC_SCHEMA_STRING_IN
(
"BootProtect"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
BootProtect
),
OC_SCHEMA_BOOLEAN_IN
(
"EnablePassword"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
EnablePassword
),
OC_SCHEMA_INTEGER_IN
(
"ExposeSensitiveData"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
ExposeSensitiveData
),
OC_SCHEMA_INTEGER_IN
(
"HaltLevel"
,
OC_GLOBAL_CONFIG
,
Misc
.
Security
.
HaltLevel
),
...
...
Platform/OpenCore/OpenCoreMisc.c
浏览文件 @
616505ca
...
...
@@ -450,28 +450,38 @@ OcMiscLateInit (
{
EFI_STATUS
Status
;
EFI_STATUS
HibernateStatus
;
CONST
CHAR8
*
BootProtect
;
CONST
CHAR8
*
HibernateMode
;
UINT32
HibernateMask
;
EFI_HANDLE
OcHandle
;
if
((
Config
->
Misc
.
Security
.
ExposeSensitiveData
&
OCS_EXPOSE_BOOT_PATH
)
!=
0
)
{
OcStoreLoadPath
(
LoadPath
);
}
Status
=
EFI_SUCCESS
;
if
(
LoadHandle
!=
NULL
)
{
*
LoadHandle
=
NULL
;
//
// Do not disclose self entry unless asked.
//
if
(
LoadPath
!=
NULL
&&
Config
->
Misc
.
Boot
.
HideSelf
)
{
OcHandle
=
NULL
;
if
(
LoadPath
!=
NULL
)
{
Status
=
gBS
->
LocateDevicePath
(
&
gEfiSimpleFileSystemProtocolGuid
,
&
LoadPath
,
Load
Handle
&
Oc
Handle
);
DEBUG
((
DEBUG_INFO
,
"OC: LoadHandle is %p - %r
\n
"
,
*
LoadHandle
,
Status
));
}
else
{
Status
=
EFI_UNSUPPORTED
;
}
BootProtect
=
OC_BLOB_GET
(
&
Config
->
Misc
.
Security
.
BootProtect
);
DEBUG
((
DEBUG_INFO
,
"OC: LoadHandle %p with BootProtect in %a mode - %r
\n
"
,
OcHandle
,
BootProtect
,
Status
));
if
(
OcHandle
!=
NULL
&&
AsciiStrCmp
(
BootProtect
,
"Bootstrap"
)
==
0
)
{
OcRegisterBootOption
(
L"OpenCore"
,
OcHandle
,
OPEN_CORE_BOOTSTRAP_PATH
);
}
//
// Do not disclose self entry unless asked.
//
if
(
LoadHandle
!=
NULL
&&
Config
->
Misc
.
Boot
.
HideSelf
)
{
*
LoadHandle
=
OcHandle
;
}
HibernateMode
=
OC_BLOB_GET
(
&
Config
->
Misc
.
Boot
.
HibernateMode
);
...
...
macbuild.tool
浏览文件 @
616505ca
...
...
@@ -14,13 +14,12 @@ package() {
selfdir
=
$(
pwd
)
pushd
"
$1
"
||
exit
1
rm
-rf
tmp
||
exit
1
mkdir
-p
tmp/EFI
||
exit
1
mkdir
-p
tmp/EFI/OC
||
exit
1
mkdir
-p
tmp/EFI/BOOT
||
exit
1
mkdir
-p
tmp/EFI/OC/ACPI
||
exit
1
mkdir
-p
tmp/EFI/OC/Bootstrap
||
exit
1
mkdir
-p
tmp/EFI/OC/Drivers
||
exit
1
mkdir
-p
tmp/EFI/OC/Kexts
||
exit
1
mkdir
-p
tmp/EFI/OC/Tools
||
exit
1
mkdir
-p
tmp/EFI/BOOT
||
exit
1
mkdir
-p
tmp/EFI/OC/Resources/Audio
||
exit
1
mkdir
-p
tmp/EFI/OC/Resources/Font
||
exit
1
mkdir
-p
tmp/EFI/OC/Resources/Image
||
exit
1
...
...
@@ -29,6 +28,7 @@ package() {
mkdir
-p
tmp/Utilities
||
exit
1
cp
BootKicker.efi tmp/EFI/OC/Tools/
||
exit
1
cp
BOOTx64.efi tmp/EFI/BOOT/
||
exit
1
cp
BOOTx64.efi tmp/EFI/OC/Bootstrap/Bootstrap.efi
||
exit
1
cp
ChipTune.efi tmp/EFI/OC/Tools/
||
exit
1
cp
CleanNvram.efi tmp/EFI/OC/Tools/
||
exit
1
cp
GopStop.efi tmp/EFI/OC/Tools/
||
exit
1
...
...
编辑
预览
Markdown
is supported
0%
请重试
或
添加新附件
.
添加附件
取消
You are about to add
0
people
to the discussion. Proceed with caution.
先完成此消息的编辑!
取消
想要评论请
注册
或
登录