summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/include/ipxe/efi/efi_blacklist.h13
-rw-r--r--src/include/ipxe/errfile.h1
-rw-r--r--src/interface/efi/efi_blacklist.c237
-rw-r--r--src/interface/efi/efiprefix.c6
4 files changed, 257 insertions, 0 deletions
diff --git a/src/include/ipxe/efi/efi_blacklist.h b/src/include/ipxe/efi/efi_blacklist.h
new file mode 100644
index 00000000..c5a5a61d
--- /dev/null
+++ b/src/include/ipxe/efi/efi_blacklist.h
@@ -0,0 +1,13 @@
+#ifndef _IPXE_EFI_BLACKLIST_H
+#define _IPXE_EFI_BLACKLIST_H
+
+/** @file
+ *
+ * EFI driver blacklist
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+extern void efi_unload_blacklist ( void );
+
+#endif /* _IPXE_EFI_BLACKLIST_H */
diff --git a/src/include/ipxe/errfile.h b/src/include/ipxe/errfile.h
index 596491a1..ce67fc66 100644
--- a/src/include/ipxe/errfile.h
+++ b/src/include/ipxe/errfile.h
@@ -375,6 +375,7 @@ FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
#define ERRFILE_cert_cmd ( ERRFILE_OTHER | 0x004f0000 )
#define ERRFILE_acpi_settings ( ERRFILE_OTHER | 0x00500000 )
#define ERRFILE_ntlm ( ERRFILE_OTHER | 0x00510000 )
+#define ERRFILE_efi_blacklist ( ERRFILE_OTHER | 0x00520000 )
/** @} */
diff --git a/src/interface/efi/efi_blacklist.c b/src/interface/efi/efi_blacklist.c
new file mode 100644
index 00000000..292b28e8
--- /dev/null
+++ b/src/interface/efi/efi_blacklist.c
@@ -0,0 +1,237 @@
+/*
+ * Copyright (C) 2019 Michael Brown <mbrown@fensystems.co.uk>.
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU General Public License as
+ * published by the Free Software Foundation; either version 2 of the
+ * License, or any later version.
+ *
+ * This program is distributed in the hope that it will be useful, but
+ * WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ * 02110-1301, USA.
+ */
+
+FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
+
+#include <stddef.h>
+#include <string.h>
+#include <errno.h>
+#include <ipxe/settings.h>
+#include <ipxe/efi/efi.h>
+#include <ipxe/efi/Protocol/DriverBinding.h>
+#include <ipxe/efi/Protocol/LoadedImage.h>
+#include <ipxe/efi/Protocol/ComponentName.h>
+#include <ipxe/efi/efi_blacklist.h>
+
+/** @file
+ *
+ * EFI driver blacklist
+ *
+ */
+
+/** A blacklisted driver */
+struct efi_blacklist {
+ /** Name */
+ const char *name;
+ /**
+ * Check if driver is blacklisted
+ *
+ * @v binding Driver binding protocol
+ * @v loaded Loaded image protocol
+ * @v wtf Component name protocol, if present
+ * @ret blacklisted Driver is the blacklisted driver
+ */
+ int ( * blacklist ) ( EFI_DRIVER_BINDING_PROTOCOL *binding,
+ EFI_LOADED_IMAGE_PROTOCOL *loaded,
+ EFI_COMPONENT_NAME_PROTOCOL *wtf );
+};
+
+/**
+ * Blacklist Dell Ip4ConfigDxe driver
+ *
+ * @v binding Driver binding protocol
+ * @v loaded Loaded image protocol
+ * @v wtf Component name protocol, if present
+ * @ret blacklisted Driver is the blacklisted driver
+ */
+static int
+efi_blacklist_dell_ip4config ( EFI_DRIVER_BINDING_PROTOCOL *binding __unused,
+ EFI_LOADED_IMAGE_PROTOCOL *loaded __unused,
+ EFI_COMPONENT_NAME_PROTOCOL *wtf ) {
+ static const CHAR16 ip4cfg[] = L"IP4 CONFIG Network Service Driver";
+ static const char dell[] = "Dell Inc.";
+ char manufacturer[ sizeof ( dell ) ];
+ CHAR16 *name;
+
+ /* Check driver name */
+ if ( ! wtf )
+ return 0;
+ if ( wtf->GetDriverName ( wtf, "eng", &name ) != 0 )
+ return 0;
+ if ( memcmp ( name, ip4cfg, sizeof ( ip4cfg ) ) != 0 )
+ return 0;
+
+ /* Check manufacturer */
+ fetch_string_setting ( NULL, &manufacturer_setting, manufacturer,
+ sizeof ( manufacturer ) );
+ if ( strcmp ( manufacturer, dell ) != 0 )
+ return 0;
+
+ return 1;
+}
+
+/** Blacklisted drivers */
+static struct efi_blacklist efi_blacklists[] = {
+ {
+ .name = "Dell Ip4Config",
+ .blacklist = efi_blacklist_dell_ip4config,
+ },
+};
+
+/**
+ * Find driver blacklisting, if any
+ *
+ * @v driver Driver binding handle
+ * @ret blacklist Driver blacklisting, or NULL
+ * @ret rc Return status code
+ */
+static int efi_blacklist ( EFI_HANDLE driver,
+ struct efi_blacklist **blacklist ) {
+ EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
+ union {
+ EFI_DRIVER_BINDING_PROTOCOL *binding;
+ void *interface;
+ } binding;
+ union {
+ EFI_LOADED_IMAGE_PROTOCOL *loaded;
+ void *interface;
+ } loaded;
+ union {
+ EFI_COMPONENT_NAME_PROTOCOL *wtf;
+ void *interface;
+ } wtf;
+ unsigned int i;
+ EFI_HANDLE image;
+ EFI_STATUS efirc;
+ int rc;
+
+ DBGC2 ( &efi_blacklists, "EFIBL checking %s\n",
+ efi_handle_name ( driver ) );
+
+ /* Mark as not blacklisted */
+ *blacklist = NULL;
+
+ /* Open driver binding protocol */
+ if ( ( efirc = bs->OpenProtocol (
+ driver, &efi_driver_binding_protocol_guid,
+ &binding.interface, efi_image_handle, driver,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL ) ) != 0 ) {
+ rc = -EEFI ( efirc );
+ DBGC ( driver, "EFIBL %s could not open driver binding "
+ "protocol: %s\n", efi_handle_name ( driver ),
+ strerror ( rc ) );
+ goto err_binding;
+ }
+ image = binding.binding->ImageHandle;
+
+ /* Open loaded image protocol */
+ if ( ( efirc = bs->OpenProtocol (
+ image, &efi_loaded_image_protocol_guid,
+ &loaded.interface, efi_image_handle, image,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL ) ) != 0 ) {
+ rc = -EEFI ( efirc );
+ DBGC ( driver, "EFIBL %s could not open",
+ efi_handle_name ( driver ) );
+ DBGC ( driver, " %s loaded image protocol: %s\n",
+ efi_handle_name ( image ), strerror ( rc ) );
+ goto err_loaded;
+ }
+
+ /* Open component name protocol, if present*/
+ if ( ( efirc = bs->OpenProtocol (
+ driver, &efi_component_name_protocol_guid,
+ &wtf.interface, efi_image_handle, driver,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL ) ) != 0 ) {
+ /* Ignore failure; is not required to be present */
+ wtf.interface = NULL;
+ }
+
+ /* Check blacklistings */
+ for ( i = 0 ; i < ( sizeof ( efi_blacklists ) /
+ sizeof ( efi_blacklists[0] ) ) ; i++ ) {
+ if ( efi_blacklists[i].blacklist ( binding.binding,
+ loaded.loaded, wtf.wtf ) ) {
+ *blacklist = &efi_blacklists[i];
+ break;
+ }
+ }
+
+ /* Success */
+ rc = 0;
+
+ /* Close protocols */
+ if ( wtf.wtf ) {
+ bs->CloseProtocol ( driver, &efi_component_name_protocol_guid,
+ efi_image_handle, driver );
+ }
+ bs->CloseProtocol ( image, &efi_loaded_image_protocol_guid,
+ efi_image_handle, image );
+ err_loaded:
+ bs->CloseProtocol ( driver, &efi_driver_binding_protocol_guid,
+ efi_image_handle, driver );
+ err_binding:
+ return rc;
+}
+
+/**
+ * Unload any blacklisted drivers
+ *
+ */
+void efi_unload_blacklist ( void ) {
+ EFI_BOOT_SERVICES *bs = efi_systab->BootServices;
+ struct efi_blacklist *blacklist;
+ EFI_HANDLE *drivers;
+ EFI_HANDLE driver;
+ UINTN num_drivers;
+ unsigned int i;
+ EFI_STATUS efirc;
+ int rc;
+
+ /* Locate all driver binding protocol handles */
+ if ( ( efirc = bs->LocateHandleBuffer (
+ ByProtocol, &efi_driver_binding_protocol_guid,
+ NULL, &num_drivers, &drivers ) ) != 0 ) {
+ rc = -EEFI ( efirc );
+ DBGC ( &efi_blacklists, "EFIBL could not list all drivers: "
+ "%s\n", strerror ( rc ) );
+ return;
+ }
+
+ /* Unload any blacklisted drivers */
+ for ( i = 0 ; i < num_drivers ; i++ ) {
+ driver = drivers[i];
+ if ( ( rc = efi_blacklist ( driver, &blacklist ) ) != 0 ) {
+ DBGC ( driver, "EFIBL could not determine "
+ "blacklisting for %s: %s\n",
+ efi_handle_name ( driver ), strerror ( rc ) );
+ continue;
+ }
+ if ( ! blacklist )
+ continue;
+ DBGC ( driver, "EFIBL unloading %s (%s)\n",
+ efi_handle_name ( driver ), blacklist->name );
+ if ( ( efirc = bs->UnloadImage ( driver ) ) != 0 ) {
+ DBGC ( driver, "EFIBL could not unload %s: %s\n",
+ efi_handle_name ( driver ), strerror ( rc ) );
+ }
+ }
+
+ /* Free handle list */
+ bs->FreePool ( drivers );
+}
diff --git a/src/interface/efi/efiprefix.c b/src/interface/efi/efiprefix.c
index 18b931e6..de3572c7 100644
--- a/src/interface/efi/efiprefix.c
+++ b/src/interface/efi/efiprefix.c
@@ -27,6 +27,7 @@ FILE_LICENCE ( GPL2_OR_LATER );
#include <ipxe/efi/efi_snp.h>
#include <ipxe/efi/efi_autoboot.h>
#include <ipxe/efi/efi_watchdog.h>
+#include <ipxe/efi/efi_blacklist.h>
/**
* EFI entry point
@@ -75,6 +76,10 @@ EFI_STATUS EFIAPI _efi_start ( EFI_HANDLE image_handle,
*/
static int efi_probe ( struct root_device *rootdev __unused ) {
+ /* Unloaded any blacklisted drivers */
+ efi_unload_blacklist();
+
+ /* Connect our drivers */
return efi_driver_connect_all();
}
@@ -85,6 +90,7 @@ static int efi_probe ( struct root_device *rootdev __unused ) {
*/
static void efi_remove ( struct root_device *rootdev __unused ) {
+ /* Disconnect our drivers */
efi_driver_disconnect_all();
}