Check if the DevicePath is valid

Author: supdrewin

src/proto/loaded_image.rs

@@ -4,7 +4,7 @@ use crate::{
     data_types::FromSliceWithNulError,
     proto::{device_path::DevicePath, Protocol},
     table::boot::MemoryType,
-    unsafe_guid, CStr16, Char16, Handle, Status,
+    unsafe_guid, CStr16, Handle, Status,
 };
 use core::{ffi::c_void, mem, slice};
 
@@ -55,21 +55,18 @@ impl LoadedImage {
         self.device_handle
     }
 
-    /// Return a NULL-terminated Path string including directory and file names.
+    /// Get a reference to the `file_path`.
     ///
-    /// `file_path` is a pointer to the file path portion specific to DeviceHandle
-    /// that the EFI Image was loaded from. It will be empty if the image is loaded
-    /// from a buffer and the `file_path` is `None`.
+    /// Return `None` if the pointer to the file path portion specific to
+    /// DeviceHandle that the EFI Image was loaded from is null.
     ///
-    /// # Safety
+    /// To get the path name from the `file_path`, the following should be
+    /// checked to find out if the `DevicePath` is valid:
     ///
-    /// The callers should guarantee the image is loaded from file. If the image
-    /// is loaded from a buffer, make sure not passing an incorrect `DevicePath`,
-    /// which may case an undefined behavior.
-    pub unsafe fn file_path(&self) -> &CStr16 {
-        // path name follows the DevicePathHeader.
-        let path_name = self.file_path.offset(1);
-        CStr16::from_ptr(path_name.cast::<Char16>())
+    /// - The DeviceType should be `MEDIA (0x04)`
+    /// - The DeviceSubType should be `MEDIA_FILE_PATH (0x04)`
+    pub fn file_path(&self) -> Option<&DevicePath> {
+        unsafe { self.file_path.as_ref() }
     }
 
     /// Get the load options of the image as a [`&CStr16`].

src/table/boot.rs

@@ -4,7 +4,14 @@ use super::Header;
 use crate::data_types::Align;
 use crate::proto::{device_path::DevicePath, Protocol};
 #[cfg(feature = "exts")]
-use crate::proto::{loaded_image::LoadedImage, media::fs::SimpleFileSystem};
+use crate::{
+    proto::{
+        device_path::{DeviceSubType, DeviceType},
+        loaded_image::LoadedImage,
+        media::fs::SimpleFileSystem,
+    },
+    CStr16,
+};
 use crate::{Char16, Event, Guid, Handle, Result, Status};
 #[cfg(feature = "exts")]
 use alloc_api::vec::Vec;
@@ -993,6 +1000,41 @@ impl BootServices {
             OpenProtocolAttributes::Exclusive,
         )
     }
+
+    /// Get a NULL-terminated Path string the given image was loaded from.
+    ///
+    /// Note the path string will be empty if the image was loaded from a
+    /// buffer instead of a path, and the path wasn't set.
+    pub fn get_image_file_path(&self, image_handle: Handle) -> Result<&CStr16> {
+        let loaded_image = self.open_protocol::<LoadedImage>(
+            OpenProtocolParams {
+                handle: image_handle,
+                agent: image_handle,
+                controller: None,
+            },
+            OpenProtocolAttributes::Exclusive,
+        )?;
+        let loaded_image = unsafe { &*loaded_image.interface.get() };
+
+        // If the file_path is None, it means the operation isn't supported.
+        let file_path = loaded_image.file_path().ok_or(Status::UNSUPPORTED)?;
+
+        // check if the type of `file_path` is correct
+        if let (DeviceType::MEDIA, DeviceSubType::MEDIA_FILE_PATH) =
+            (file_path.device_type(), file_path.sub_type())
+        {
+            let file_path = file_path as *const DevicePath;
+
+            unsafe {
+                // path name follows by the `DevicePathHeader`
+                let path_name = file_path.offset(1).cast();
+                Ok(CStr16::from_ptr(path_name))
+            }
+        } else {
+            // incorrect type, return `UNSUPPORTED`
+            Err(Status::UNSUPPORTED.into())
+        }
+    }
 }
 
 impl super::Table for BootServices {