OvmfPkg/PlatformBootManagerLib: add PcdBootRestrictToFirmware

Add new PCD PcdBootRestrictToFirmware.  When set to TRUE restrict
boot options to EFI applications embedded into the firmware image.

Behavior should be identical to the PlatformBootManagerLibGrub
library variant.

Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>

diff --git a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
index 3b7dc53e9f868963c093e3f0f9c204394a3557f9..8dc2bbf973710719a21b0c6a77f84da5d0ce5044 100644 (file)
--- a/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
+++ b/OvmfPkg/Library/PlatformBootManagerLib/BdsPlatform.c
@@ -290,6 +290,46 @@ RemoveStaleFvFileOptions (
   EfiBootManagerFreeLoadOptions (BootOptions, BootOptionCount);\r
 }\r
 \r
+VOID\r
+RestrictBootOptionsToFirmware (\r
+  VOID\r
+  )\r
+{\r
+  EFI_BOOT_MANAGER_LOAD_OPTION  *BootOptions;\r
+  UINTN                         BootOptionCount;\r
+  UINTN                         Index;\r
+\r
+  BootOptions = EfiBootManagerGetLoadOptions (\r
+                  &BootOptionCount,\r
+                  LoadOptionTypeBoot\r
+                  );\r
+\r
+  for (Index = 0; Index < BootOptionCount; ++Index) {\r
+    EFI_DEVICE_PATH_PROTOCOL  *Node1;\r
+\r
+    //\r
+    // If the device path starts with Fv(...),\r
+    // then keep the boot option.\r
+    //\r
+    Node1 = BootOptions[Index].FilePath;\r
+    if (((DevicePathType (Node1) == MEDIA_DEVICE_PATH) &&\r
+         (DevicePathSubType (Node1) == MEDIA_PIWG_FW_VOL_DP)))\r
+    {\r
+      continue;\r
+    }\r
+\r
+    //\r
+    // Delete the boot option.\r
+    //\r
+    EfiBootManagerDeleteLoadOptionVariable (\r
+      BootOptions[Index].OptionNumber,\r
+      LoadOptionTypeBoot\r
+      );\r
+  }\r
+\r
+  EfiBootManagerFreeLoadOptions (BootOptions, BootOptionCount);\r
+}\r
+\r
 VOID\r
 PlatformRegisterOptionsAndKeys (\r
   VOID\r
@@ -485,7 +525,9 @@ PlatformBootManagerBeforeConsole (
     Status\r
     ));\r
 \r
-  PlatformRegisterOptionsAndKeys ();\r
+  if (!FeaturePcdGet (PcdBootRestrictToFirmware)) {\r
+    PlatformRegisterOptionsAndKeys ();\r
+  }\r
 \r
   //\r
   // Install both VIRTIO_DEVICE_PROTOCOL and (dependent) EFI_RNG_PROTOCOL\r
@@ -1754,9 +1796,12 @@ PlatformBootManagerAfterConsole (
   //\r
   // Perform some platform specific connect sequence\r
   //\r
-  PlatformBdsConnectSequence ();\r
-\r
-  EfiBootManagerRefreshAllBootOption ();\r
+  if (FeaturePcdGet (PcdBootRestrictToFirmware)) {\r
+    RestrictBootOptionsToFirmware ();\r
+  } else {\r
+    PlatformBdsConnectSequence ();\r
+    EfiBootManagerRefreshAllBootOption ();\r
+  }\r
 \r
   //\r
   // Register UEFI Shell\r
@@ -1767,6 +1812,15 @@ PlatformBootManagerAfterConsole (
     LOAD_OPTION_ACTIVE\r
     );\r
 \r
+  //\r
+  // Register Grub\r
+  //\r
+  PlatformRegisterFvBootOption (\r
+    &gGrubFileGuid,\r
+    L"Grub Bootloader",\r
+    LOAD_OPTION_ACTIVE\r
+    );\r
+\r
   RemoveStaleFvFileOptions ();\r
   SetBootOrderFromQemu ();\r
 \r
@@ -1935,6 +1989,14 @@ PlatformBootManagerUnableToBoot (
   EFI_BOOT_MANAGER_LOAD_OPTION  BootManagerMenu;\r
   UINTN                         Index;\r
 \r
+  if (FeaturePcdGet (PcdBootRestrictToFirmware)) {\r
+    AsciiPrint (\r
+      "%a: No bootable option was found.\n",\r
+      gEfiCallerBaseName\r
+      );\r
+    CpuDeadLoop ();\r
+  }\r
+\r
   //\r
   // BootManagerMenu doesn't contain the correct information when return status\r
   // is EFI_NOT_FOUND.\r

diff --git a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
index c249a3cf1e35b0c85c8767ffa7eb47b485b1e2c4..6b396eac7daf7068b6e76d12f96795ea66acca5f 100644 (file)
--- a/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
+++ b/OvmfPkg/Library/PlatformBootManagerLib/PlatformBootManagerLib.inf
@@ -61,6 +61,7 @@
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfHostBridgePciDevId\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware\r
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiS3Enable\r
   gEfiMdePkgTokenSpaceGuid.PcdPlatformBootTimeOut\r
   gEfiMdePkgTokenSpaceGuid.PcdUartDefaultBaudRate         ## CONSUMES\r
@@ -84,3 +85,4 @@
   gEfiGlobalVariableGuid\r
   gRootBridgesConnectedEventGroupGuid\r
   gUefiShellFileGuid\r
+  gGrubFileGuid\r

diff --git a/OvmfPkg/OvmfPkg.dec b/OvmfPkg/OvmfPkg.dec
index 03ae29e7b034fb7e44c7474c0008a38886e27544..cc5a4ceead251249d77fdf80c2c09763c497f139 100644 (file)
--- a/OvmfPkg/OvmfPkg.dec
+++ b/OvmfPkg/OvmfPkg.dec
@@ -422,6 +422,9 @@
   #  check to decide whether to abort dispatch of the driver it is linked into.\r
   gUefiOvmfPkgTokenSpaceGuid.PcdEntryPointOverrideFwCfgVarName|""|VOID*|0x68\r
 \r
+  ## Restrict boot to EFI applications in firmware volumes.\r
+  gUefiOvmfPkgTokenSpaceGuid.PcdBootRestrictToFirmware|FALSE|BOOLEAN|0x6c\r
+\r
 [PcdsDynamic, PcdsDynamicEx]\r
   gUefiOvmfPkgTokenSpaceGuid.PcdEmuVariableEvent|0|UINT64|2\r
   gUefiOvmfPkgTokenSpaceGuid.PcdOvmfFlashVariablesEnable|FALSE|BOOLEAN|0x10\r