diff options
Diffstat (limited to 'EfiGuardDxe')
| -rw-r--r-- | EfiGuardDxe/EfiGuardDxe.c | 7 | ||||
| -rw-r--r-- | EfiGuardDxe/EfiGuardDxe.vcxproj | 2 | ||||
| -rw-r--r-- | EfiGuardDxe/PatchNtoskrnl.c | 2 | ||||
| -rw-r--r-- | EfiGuardDxe/util.c | 6 |
4 files changed, 12 insertions, 5 deletions
diff --git a/EfiGuardDxe/EfiGuardDxe.c b/EfiGuardDxe/EfiGuardDxe.c index ed9968c..74dbf37 100644 --- a/EfiGuardDxe/EfiGuardDxe.c +++ b/EfiGuardDxe/EfiGuardDxe.c @@ -156,7 +156,7 @@ HookedLoadImage( // We only have a filename to go on at this point. We will determine the final 'is this bootmgfw.efi?' status after the image has been loaded CONST BOOLEAN MaybeBootmgfw = ImagePath != NULL - ? StriStr(ImagePath, L"bootmgfw.efi") != NULL || StriStr(ImagePath, L"bootx64.efi") != NULL + ? StriStr(ImagePath, L"bootmgfw.efi") != NULL || StriStr(ImagePath, L"Bootmgfw_ms.vc") != NULL || StriStr(ImagePath, L"bootx64.efi") != NULL : FALSE; CONST BOOLEAN IsBoot = (MaybeBootmgfw || (BootPolicy == TRUE && SourceBuffer == NULL)); @@ -245,6 +245,11 @@ HookedSetVariable( // We should not be hooking the runtime table after ExitBootServices() unless this is the selected DSE bypass method ASSERT(!gEfiAtRuntime || (gDriverConfig.DseBypassMethod == DSE_DISABLE_SETVARIABLE_HOOK && gBootmgfwHandle != NULL)); + if (StrCmp(VariableName, L"SecureBoot") == 0) + { + return EFI_WRITE_PROTECTED; + } + // Do we have a match for the variable name and vendor GUID? if (gEfiAtRuntime && gEfiGoneVirtual && VariableName != NULL && VariableName[0] != CHAR_NULL && VendorGuid != NULL && diff --git a/EfiGuardDxe/EfiGuardDxe.vcxproj b/EfiGuardDxe/EfiGuardDxe.vcxproj index e6cc52c..19db278 100644 --- a/EfiGuardDxe/EfiGuardDxe.vcxproj +++ b/EfiGuardDxe/EfiGuardDxe.vcxproj @@ -19,6 +19,8 @@ <WholeProgramOptimization>true</WholeProgramOptimization> <CharacterSet>Unicode</CharacterSet> <SpectreMitigation>false</SpectreMitigation> + <VcpkgEnabled>false</VcpkgEnabled> + <EnableStdModules>false</EnableStdModules> </PropertyGroup> <Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> <Import Project="$(SolutionDir)\EfiGuard.props" /> diff --git a/EfiGuardDxe/PatchNtoskrnl.c b/EfiGuardDxe/PatchNtoskrnl.c index fb0e2fc..2e2d20e 100644 --- a/EfiGuardDxe/PatchNtoskrnl.c +++ b/EfiGuardDxe/PatchNtoskrnl.c @@ -296,7 +296,7 @@ DisablePatchGuard( #ifndef EAC_COMPAT_MODE // Search for callers of KiMcaDeferredRecoveryService (only exists on Windows >= 8.1) UINT8* KiMcaDeferredRecoveryServiceCallers[2]; - ZeroMem(KiMcaDeferredRecoveryServiceCallers, sizeof(KiMcaDeferredRecoveryServiceCallers)); + ZeroMem((VOID*)KiMcaDeferredRecoveryServiceCallers, sizeof(KiMcaDeferredRecoveryServiceCallers)); if (BuildNumber >= 9600) { StartRva = TextSection->VirtualAddress; diff --git a/EfiGuardDxe/util.c b/EfiGuardDxe/util.c index db8b499..78424e5 100644 --- a/EfiGuardDxe/util.c +++ b/EfiGuardDxe/util.c @@ -279,7 +279,7 @@ WaitForKey( { UINTN Index = 0; if (Tpl <= TPL_APPLICATION) - gBS->WaitForEvent(1, gTextInputEx != NULL ? gTextInputEx->WaitForKeyEx : &gST->ConIn->WaitForKey, &Index); + gBS->WaitForEvent(1, (VOID**)(gTextInputEx != NULL ? gTextInputEx->WaitForKeyEx : gST->ConIn->WaitForKey), &Index); else RtlStall(1); // WaitForEvent() unavailable, burn CPU @@ -539,8 +539,8 @@ BacktrackToFunctionStart( if (High >= Low) { - // If the function entry specifies indirection, get the address of the master function entry - if ((FunctionEntry->u.UnwindData & RUNTIME_FUNCTION_INDIRECT) != 0) + // If the function entry specifies indirection, get the address of its master function entry + while ((FunctionEntry->u.UnwindData & RUNTIME_FUNCTION_INDIRECT) != 0) { FunctionEntry = (PIMAGE_RUNTIME_FUNCTION_ENTRY)(FunctionEntry->u.UnwindData + ImageBase - 1); } |