boot: Use proper security arch protocol names

This is how the Platform Intregration Specification defines these.

diff --git a/src/boot/efi/missing_efi.h b/src/boot/efi/missing_efi.h
index 4e80acca5632a220763d3efcc7166cd977cf713c..f9169248ec4db323e516418ebc5815e8eb16b8c0 100644 (file)
--- a/src/boot/efi/missing_efi.h
+++ b/src/boot/efi/missing_efi.h
@@ -309,43 +309,36 @@ typedef struct tdEFI_TCG2_PROTOCOL {
         {0x5568e427, 0x68fc, 0x4f3d, {0xac, 0x74, 0xca, 0x55, 0x52, 0x31, 0xcc, 0x68} }
 
 /* UEFI Platform Initialization (Vol2: DXE) */
-#ifndef SECURITY_PROTOCOL_GUID
+#ifndef EFI_SECURITY_ARCH_PROTOCOL_GUID
 
-#define SECURITY_PROTOCOL_GUID \
-        &(const EFI_GUID) { 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
-#define SECURITY_PROTOCOL2_GUID \
-        &(const EFI_GUID) { 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
+#define EFI_SECURITY_ARCH_PROTOCOL_GUID \
+        { 0xa46423e3, 0x4617, 0x49f1, { 0xb9, 0xff, 0xd1, 0xbf, 0xa9, 0x11, 0x58, 0x39 } }
+#define EFI_SECURITY2_ARCH_PROTOCOL_GUID \
+        { 0x94ab2f58, 0x1438, 0x4ef1, { 0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }
 
-struct _EFI_SECURITY2_PROTOCOL;
-struct _EFI_SECURITY_PROTOCOL;
-struct _EFI_DEVICE_PATH_PROTOCOL;
+typedef struct EFI_SECURITY_ARCH_PROTOCOL EFI_SECURITY_ARCH_PROTOCOL;
+typedef struct EFI_SECURITY2_ARCH_PROTOCOL EFI_SECURITY2_ARCH_PROTOCOL;
 
-typedef struct _EFI_SECURITY2_PROTOCOL EFI_SECURITY2_PROTOCOL;
-typedef struct _EFI_SECURITY_PROTOCOL EFI_SECURITY_PROTOCOL;
-typedef struct _EFI_DEVICE_PATH_PROTOCOL EFI_DEVICE_PATH_PROTOCOL;
+typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE)(
+                const EFI_SECURITY_ARCH_PROTOCOL *This,
+                uint32_t AuthenticationStatus,
+                const EFI_DEVICE_PATH *File);
 
-typedef EFI_STATUS (EFIAPI *EFI_SECURITY_FILE_AUTHENTICATION_STATE) (
-        const EFI_SECURITY_PROTOCOL *This,
-        UINT32 AuthenticationStatus,
-        const EFI_DEVICE_PATH_PROTOCOL *File
-);
+struct EFI_SECURITY_ARCH_PROTOCOL {
+        EFI_SECURITY_FILE_AUTHENTICATION_STATE FileAuthenticationState;
+};
 
-typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (
-        const EFI_SECURITY2_PROTOCOL *This,
-        const EFI_DEVICE_PATH_PROTOCOL *DevicePath,
-        VOID *FileBuffer,
-        UINTN FileSize,
-        BOOLEAN  BootPolicy
-);
+typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION)(
+                const EFI_SECURITY2_ARCH_PROTOCOL *This,
+                const EFI_DEVICE_PATH *DevicePath,
+                void *FileBuffer,
+                UINTN FileSize,
+                BOOLEAN BootPolicy);
 
-struct _EFI_SECURITY2_PROTOCOL {
+struct EFI_SECURITY2_ARCH_PROTOCOL {
         EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;
 };
 
-struct _EFI_SECURITY_PROTOCOL {
-        EFI_SECURITY_FILE_AUTHENTICATION_STATE  FileAuthenticationState;
-};
-
 #endif
 
 #ifndef EFI_CONSOLE_CONTROL_GUID

diff --git a/src/boot/efi/shim.c b/src/boot/efi/shim.c
index 8b0407857e9d1b34f0184085ed91de0840ad58ec..79c89c067e8b5fff45ab0dbf3e5e572e33e139ae 100644 (file)
--- a/src/boot/efi/shim.c
+++ b/src/boot/efi/shim.c
@@ -69,9 +69,12 @@ static EFI_SECURITY2_FILE_AUTHENTICATION es2fa = NULL;
  * the SB failure code seems to vary from one implementation to another, and I
  * don't want to interfere with that at this time.
  */
-static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PROTOCOL *this,
-                                                          const EFI_DEVICE_PATH_PROTOCOL *device_path,
-                                                          void *file_buffer, UINTN file_size, BOOLEAN boot_policy) {
+static EFIAPI EFI_STATUS security2_policy_authentication(
+                const EFI_SECURITY2_ARCH_PROTOCOL *this,
+                const EFI_DEVICE_PATH *device_path,
+                void *file_buffer,
+                UINTN file_size,
+                BOOLEAN boot_policy) {
         EFI_STATUS err;
 
         assert(this);
@@ -99,8 +102,10 @@ static EFIAPI EFI_STATUS security2_policy_authentication (const EFI_SECURITY2_PR
  * authentication failure, be it EFI_ACCESS_DENIED, EFI_SECURITY_VIOLATION, or something
  * else. (This seems to vary between implementations.)
  */
-static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROTOCOL *this, uint32_t authentication_status,
-                                                         const EFI_DEVICE_PATH_PROTOCOL *device_path_const) {
+static EFIAPI EFI_STATUS security_policy_authentication(
+                const EFI_SECURITY_ARCH_PROTOCOL *this,
+                uint32_t authentication_status,
+                const EFI_DEVICE_PATH *device_path_const) {
         EFI_STATUS err;
         _cleanup_free_ char16_t *dev_path_str = NULL;
         EFI_HANDLE h;
@@ -138,8 +143,8 @@ static EFIAPI EFI_STATUS security_policy_authentication (const EFI_SECURITY_PROT
 }
 
 EFI_STATUS security_policy_install(void) {
-        EFI_SECURITY_PROTOCOL *security_protocol;
-        EFI_SECURITY2_PROTOCOL *security2_protocol = NULL;
+        EFI_SECURITY_ARCH_PROTOCOL *security_protocol;
+        EFI_SECURITY2_ARCH_PROTOCOL *security2_protocol = NULL;
         EFI_STATUS err;
 
         /* Already Installed */
@@ -151,9 +156,9 @@ EFI_STATUS security_policy_install(void) {
          * to fail, since SECURITY2 was introduced in PI 1.2.1.
          * Use security2_protocol == NULL as indicator.
          */
-        BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL2_GUID, NULL, (void**) &security2_protocol);
+        BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY2_ARCH_PROTOCOL_GUID, NULL, (void **) &security2_protocol);
 
-        err = BS->LocateProtocol((EFI_GUID*) SECURITY_PROTOCOL_GUID, NULL, (void**) &security_protocol);
+        err = BS->LocateProtocol(&(EFI_GUID) EFI_SECURITY_ARCH_PROTOCOL_GUID, NULL, (void**) &security_protocol);
          /* This one is mandatory, so there's a serious problem */
         if (err != EFI_SUCCESS)
                 return err;