iPXE
shim_cmd.c
Go to the documentation of this file.
1/*
2 * Copyright (C) 2023 Michael Brown <mbrown@fensystems.co.uk>.
3 *
4 * This program is free software; you can redistribute it and/or
5 * modify it under the terms of the GNU General Public License as
6 * published by the Free Software Foundation; either version 2 of the
7 * License, or any later version.
8 *
9 * This program is distributed in the hope that it will be useful, but
10 * WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12 * General Public License for more details.
13 *
14 * You should have received a copy of the GNU General Public License
15 * along with this program; if not, write to the Free Software
16 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
17 * 02110-1301, USA.
18 *
19 * You can also choose to distribute this program under the terms of
20 * the Unmodified Binary Distribution Licence (as given in the file
21 * COPYING.UBDL), provided that you have satisfied its requirements.
22 */
23
24FILE_LICENCE ( GPL2_OR_LATER_OR_UBDL );
25FILE_SECBOOT ( PERMITTED );
26
27#include <getopt.h>
28#include <ipxe/command.h>
29#include <ipxe/parseopt.h>
30#include <ipxe/efi/efi_image.h>
31#include <usr/imgmgmt.h>
32#include <usr/shimmgmt.h>
33
34/** @file
35 *
36 * EFI shim command
37 *
38 */
39
40/* Exist as a dummy command on non-EFI platforms */
41#ifdef PLATFORM_efi
42#define shim_dummy 0
43#else
44#define shim_dummy 1
45#endif
46
47/** "shim" options */
49 /** Download timeout */
50 unsigned long timeout;
51 /** Require third party loader */
53 /** Allow PXE base code protocol */
55 /** Allow SBAT variable access */
57};
58
59/** "shim" option list */
60static struct option_descriptor shim_opts[] = {
61 OPTION_DESC ( "timeout", 't', required_argument,
63 OPTION_DESC ( "require-loader", 'l', no_argument,
64 struct shim_options, require_loader, parse_flag ),
65 OPTION_DESC ( "allow-pxe", 'p', no_argument,
66 struct shim_options, allow_pxe, parse_flag ),
67 OPTION_DESC ( "allow-sbat", 's', no_argument,
68 struct shim_options, allow_sbat, parse_flag ),
69};
70
71/** "shim" command descriptor */
73 COMMAND_DESC ( struct shim_options, shim_opts, 0, 1, NULL );
74
75/**
76 * The "shim" command
77 *
78 * @v argc Argument count
79 * @v argv Argument list
80 * @ret rc Return status code
81 */
82static int shim_exec ( int argc, char **argv ) {
83 struct shim_options opts;
84 struct image *image = NULL;
85 struct image *kernel;
86 char *name_uri;
87 int download;
88 int rc;
89
90 /* Do absolutely nothing if this is a non-EFI platform */
91 if ( shim_dummy ) {
92 rc = 0;
93 goto err_dummy;
94 }
95
96 /* Parse options */
97 if ( ( rc = parse_options ( argc, argv, &shim_cmd, &opts ) ) != 0 )
98 goto err_parse;
99
100 /* Decide whether or not to download images */
102 download = ( ! ( kernel && efi_can_load ( kernel ) ) );
103
104 /* Parse name/URI string */
105 name_uri = argv[optind];
106
107 /* Acquire image, if applicable */
108 if ( download && name_uri &&
109 ( ( rc = imgacquire ( name_uri, opts.timeout,
110 &image ) ) != 0 ) ) {
111 goto err_image;
112 }
113
114 /* (Un)register as shim */
115 if ( ( rc = shim ( image, opts.require_loader, opts.allow_pxe,
116 opts.allow_sbat ) ) != 0 )
117 goto err_shim;
118
119 err_shim:
120 err_image:
121 err_parse:
122 err_dummy:
123 return rc;
124}
125
126/** Shim commands */
#define NULL
NULL pointer (VOID *)
Definition Base.h:322
struct arbelprm_rc_send_wqe rc
Definition arbel.h:3
static union @024010030001061367220137227263210031030210157031 opts
"cert<xxx>" option list
#define COMMAND(name, exec)
Definition command.h:27
void timeout(int)
EFI images.
static int efi_can_load(struct image *image)
Check if EFI image can be loaded directly.
Definition efi_image.h:23
uint32_t kernel
Kernel version (numeric)
Definition ena.h:9
int optind
Current option index.
Definition getopt.c:52
Parse command-line options.
@ required_argument
Option requires an argument.
Definition getopt.h:19
@ no_argument
Option does not take an argument.
Definition getopt.h:17
#define FILE_LICENCE(_licence)
Declare a particular licence as applying to a file.
Definition compiler.h:896
#define FILE_SECBOOT(_status)
Declare a file's UEFI Secure Boot permission status.
Definition compiler.h:926
struct image * find_image_tag(struct image_tag *tag)
Find image by tag.
Definition image.c:393
struct image_tag selected_image
int imgacquire(const char *name_uri, unsigned long timeout, struct image **image)
Acquire an image.
Definition imgmgmt.c:143
Image management.
int parse_flag(char *text __unused, int *flag)
Parse flag.
Definition parseopt.c:227
int parse_timeout(char *text, unsigned long *value)
Parse timeout value (in ms)
Definition parseopt.c:115
int parse_options(int argc, char **argv, struct command_descriptor *cmd, void *opts)
Parse command-line options.
Definition parseopt.c:485
Command line option parsing.
#define COMMAND_DESC(_struct, _options, _min_args, _max_args, _usage)
Construct command descriptor.
Definition parseopt.h:109
#define OPTION_DESC(_longopt, _shortopt, _has_arg, _struct, _field, _parse)
Construct option descriptor.
Definition parseopt.h:68
#define shim_dummy
Definition shim_cmd.c:44
static struct command_descriptor shim_cmd
"shim" command descriptor
Definition shim_cmd.c:72
static int shim_exec(int argc, char **argv)
The "shim" command.
Definition shim_cmd.c:82
static struct option_descriptor shim_opts[]
"shim" option list
Definition shim_cmd.c:60
int shim(struct image *image, int require_loader, int allow_pxe, int allow_sbat)
Set shim image.
Definition shimmgmt.c:46
EFI shim management.
A command descriptor.
Definition parseopt.h:78
An executable image.
Definition image.h:24
A command-line option descriptor.
Definition parseopt.h:24
"shim" options
Definition shim_cmd.c:48
int allow_sbat
Allow SBAT variable access.
Definition shim_cmd.c:56
int allow_pxe
Allow PXE base code protocol.
Definition shim_cmd.c:54
unsigned long timeout
Download timeout.
Definition shim_cmd.c:50
int require_loader
Require third party loader.
Definition shim_cmd.c:52