AppleEfiSignTool.c

Go to the documentation of this file.

 
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/OcMachoLib.h>
#include <Library/OcPeCoffExtLib.h>
#include <Library/OcStringLib.h>
#include <Library/PcdLib.h>
 
#include <UserFile.h>
 
#define  APPLE_EFI_SIGN_TOOL_VERSION  "1.1"
 
typedef enum {
  PE_ARCH_32,
  PE_ARCH_64,
  PE_ARCH_ANY
} PE_IMAGE_ARCH;
 
STATIC
VOID
PrintHelp (
  VOID
  )
{
  DEBUG ((
    DEBUG_ERROR,
    "AppleEfiSignTool v%a – Tool for verifying Apple EFI binaries\n",
    APPLE_EFI_SIGN_TOOL_VERSION
    ));
  DEBUG ((DEBUG_ERROR, "Supports PE and Fat binaries.\n"));
  DEBUG ((DEBUG_ERROR, "Displays signing info. Displays APFS info if image is APFS driver.\n"));
  DEBUG ((DEBUG_ERROR, "Also shows PE COFF image fixups when -f is specified.\n"));
 
  DEBUG ((DEBUG_ERROR, "\nUsage: ./AppleEfiSignTool [-f] <path/to/image>\n"));
  DEBUG ((DEBUG_ERROR, " -f force FixupAppleEfiImages quirk\n"));
 
  DEBUG ((DEBUG_ERROR, "\nExample: ./AppleEfiSignTool path/to/apfs.efi\n"));
}
 
STATIC
INT32
VerifySignatureAndApfs (
  IN  OUT  UINT8          *Image,
  IN       UINT32         ImageSize,
  IN OUT   BOOLEAN        *IsFat,
  IN       BOOLEAN        ForceFixup,
  IN       PE_IMAGE_ARCH  Arch
  )
{
  EFI_STATUS                    Status;
  EFI_STATUS                    ApfsStatus;
  UINT32                        OrgImageSize;
  CONST CHAR8                   *Slice;
  PE_COFF_LOADER_IMAGE_CONTEXT  Context;
  RETURN_STATUS                 ContextStatus;
  APFS_DRIVER_VERSION           *DriverVersion;
 
  Status       = EFI_SUCCESS;
  OrgImageSize = ImageSize;
 
  if (Arch == PE_ARCH_32) {
    Status = FatFilterArchitecture32 (&Image, &ImageSize);
    Slice  = "32-bit";
  } else if (Arch == PE_ARCH_64) {
    Status = FatFilterArchitecture64 (&Image, &ImageSize);
    Slice  = "64-bit";
  } else {
    Slice = "raw";
  }
 
  if (EFI_ERROR (Status)) {
    return 0;
  }
 
  if ((OrgImageSize == ImageSize) && (Arch != PE_ARCH_ANY)) {
    return 0;
  }
 
  if (OrgImageSize != ImageSize) {
    *IsFat = TRUE;
  }
 
  DEBUG ((DEBUG_ERROR, "SIGN: Discovered %a slice\n", Slice));
  OrgImageSize = ImageSize;
 
  if (ForceFixup) {
    ContextStatus = RETURN_VOLUME_CORRUPTED;
  } else {
    ContextStatus = PeCoffInitializeContext (
                      &Context,
                      Image,
                      ImageSize,
                      UefiImageOriginUserImage
                      );
  }
 
  if (ContextStatus == RETURN_VOLUME_CORRUPTED) {
    DEBUG ((DEBUG_ERROR, "SIGN: %r - Trying again using FixupAppleEfiImages quirk\n", ContextStatus));
    ContextStatus = OcPeCoffFixupInitializeContext (
                      &Context,
                      Image,
                      ImageSize,
                      FALSE
                      );
  }
 
  if (EFI_ERROR (ContextStatus)) {
    Status = EFI_UNSUPPORTED;
  } else {
    Status = InternalPeCoffVerifyAppleSignatureFromContext (
               &Context,
               &ImageSize
               );
  }
 
  DEBUG ((
    DEBUG_ERROR,
    "SIGN: Signature check (%u -> %u) - %r\n",
    OrgImageSize,
    ImageSize,
    Status
    ));
 
  if (!EFI_ERROR (ContextStatus)) {
    ApfsStatus = InternalPeCoffGetApfsDriverVersionFromContext (&Context, ImageSize, &DriverVersion);
 
    if (!EFI_ERROR (ApfsStatus)) {
      DEBUG ((
        DEBUG_ERROR,
        "SIGN: Got APFS %Lu (%-16a %-16a)\n",
        DriverVersion->Version,
        DriverVersion->Date,
        DriverVersion->Time
        ));
    }
  }
 
  if (EFI_ERROR (Status)) {
    return EXIT_FAILURE;
  }
 
  return 0;
}
 
int
ENTRY_POINT (
  int   argc,
  char  *argv[]
  )
{
  CONST CHAR8  *ImageFileName;
  UINT32       ImageSize;
  UINT8        *ImageFileBuffer;
  BOOLEAN      IsFat;
  BOOLEAN      ForceFixup;
  INT32        RetVal;
 
  //
  // Enable PCD debug logging.
  //
  PcdGet32 (PcdFixedDebugPrintErrorLevel) |= DEBUG_INFO;
  PcdGet32 (PcdDebugPrintErrorLevel)      |= DEBUG_INFO;
 
  //
  // Match PcdImageProtectionPolicy defined in OpenCore.dsc.
  // Apple images (supplied by user) may be not 4KBi aligned.
  //
  PcdGet32 (PcdImageProtectionPolicy) = 0x03;
 
  //
  // Process args or print usage.
  //
  if (argc == 2) {
    ForceFixup    = FALSE;
    ImageFileName = argv[1];
  } else if ((argc == 3) && (AsciiStrCmp ("-f", argv[1]) == 0)) {
    ForceFixup    = TRUE;
    ImageFileName = argv[2];
  } else {
    PrintHelp ();
    return EXIT_FAILURE;
  }
 
  ImageFileBuffer = UserReadFile (ImageFileName, &ImageSize);
  if (ImageFileBuffer == NULL) {
    DEBUG ((DEBUG_ERROR, "Failed to read %a\n", ImageFileName));
    return EXIT_FAILURE;
  }
 
  IsFat   = FALSE;
  RetVal  = EXIT_SUCCESS;
  RetVal |= VerifySignatureAndApfs (ImageFileBuffer, ImageSize, &IsFat, ForceFixup, PE_ARCH_32);
  if (IsFat) {
    DEBUG ((DEBUG_ERROR, "\n"));
  }
 
  RetVal |= VerifySignatureAndApfs (ImageFileBuffer, ImageSize, &IsFat, ForceFixup, PE_ARCH_64);
  if (!IsFat) {
    RetVal |= VerifySignatureAndApfs (ImageFileBuffer, ImageSize, &IsFat, ForceFixup, PE_ARCH_ANY);
  }
 
  FreePool (ImageFileBuffer);
 
  return RetVal;
}
 
int
LLVMFuzzerTestOneInput (
  const uint8_t  *Data,
  size_t         Size
  )
{
 #if 0
  APFS_DRIVER_VERSION  *DriverVersion;
  EFI_STATUS           Status;
  volatile UINTN       Walker;
  UINTN                Index;
 
  Status = PeCoffGetApfsDriverVersion ((UINT8 *)Data, (UINT32)Size, &DriverVersion);
  if (!EFI_ERROR (Status)) {
    Walker = 0;
    for (Index = 0; Index < sizeof (*DriverVersion); ++Index) {
      Walker += ((UINT8 *)DriverVersion)[Index];
    }
  }
 
 #endif
 
  VOID    *Copy;
  UINT32  NewSize;
 
  if ((Size > 0) && (Size <= 1024*1024*1024)) {
    Copy = AllocatePool (Size);
    if (Copy != NULL) {
      CopyMem (Copy, Data, Size);
 
      NewSize = (UINT32)Size;
      PeCoffVerifyAppleSignature (Copy, &NewSize);
      FreePool (Copy);
    }
  }
 
  return 0;
}