]>
Commit | Line | Data |
---|---|---|
ce2f5557 | 1 | /** @file\r |
bc2dfdbc | 2 | This driver produces Security2 and Security architectural protocol based on SecurityManagementLib.\r |
cd98f305 | 3 | \r |
c9e88815 | 4 | Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>\r |
e5eed7d3 | 5 | This program and the accompanying materials \r |
ce2f5557 | 6 | are licensed and made available under the terms and conditions of the BSD License \r |
7 | which accompanies this distribution. The full text of the license may be found at \r | |
8 | http://opensource.org/licenses/bsd-license.php \r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r | |
12 | \r | |
13 | **/\r | |
14 | \r | |
15 | \r | |
109e9a61 LG |
16 | #include <Uefi.h>\r |
17 | #include <Protocol/Security.h>\r | |
bc2dfdbc | 18 | #include <Protocol/Security2.h>\r |
109e9a61 LG |
19 | #include <Library/DebugLib.h>\r |
20 | #include <Library/UefiBootServicesTableLib.h>\r | |
21 | #include <Library/UefiDriverEntryPoint.h>\r | |
cd98f305 | 22 | #include <Library/SecurityManagementLib.h>\r |
ce2f5557 | 23 | \r |
24 | //\r | |
25 | // Handle for the Security Architectural Protocol instance produced by this driver\r | |
26 | //\r | |
27 | EFI_HANDLE mSecurityArchProtocolHandle = NULL;\r | |
28 | \r | |
ce2f5557 | 29 | /**\r |
30 | The EFI_SECURITY_ARCH_PROTOCOL (SAP) is used to abstract platform-specific \r | |
31 | policy from the DXE core response to an attempt to use a file that returns a \r | |
32 | given status for the authentication check from the section extraction protocol. \r | |
33 | \r | |
34 | The possible responses in a given SAP implementation may include locking \r | |
35 | flash upon failure to authenticate, attestation logging for all signed drivers, \r | |
36 | and other exception operations. The File parameter allows for possible logging \r | |
37 | within the SAP of the driver.\r | |
38 | \r | |
39 | If File is NULL, then EFI_INVALID_PARAMETER is returned.\r | |
40 | \r | |
41 | If the file specified by File with an authentication status specified by \r | |
42 | AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.\r | |
43 | \r | |
44 | If the file specified by File with an authentication status specified by \r | |
45 | AuthenticationStatus is not safe for the DXE Core to use under any circumstances, \r | |
46 | then EFI_ACCESS_DENIED is returned.\r | |
47 | \r | |
48 | If the file specified by File with an authentication status specified by \r | |
49 | AuthenticationStatus is not safe for the DXE Core to use right now, but it \r | |
50 | might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is \r | |
51 | returned.\r | |
52 | \r | |
53 | @param This The EFI_SECURITY_ARCH_PROTOCOL instance.\r | |
54 | @param AuthenticationStatus \r | |
55 | This is the authentication type returned from the Section\r | |
56 | Extraction protocol. See the Section Extraction Protocol\r | |
57 | Specification for details on this type.\r | |
58 | @param File This is a pointer to the device path of the file that is\r | |
59 | being dispatched. This will optionally be used for logging.\r | |
60 | \r | |
109e9a61 | 61 | @retval EFI_SUCCESS Do nothing and return success.\r |
5d69642d | 62 | @retval EFI_INVALID_PARAMETER File is NULL.\r |
ce2f5557 | 63 | **/\r |
64 | EFI_STATUS\r | |
65 | EFIAPI\r | |
66 | SecurityStubAuthenticateState (\r | |
c48d41d2 LG |
67 | IN CONST EFI_SECURITY_ARCH_PROTOCOL *This,\r |
68 | IN UINT32 AuthenticationStatus,\r | |
69 | IN CONST EFI_DEVICE_PATH_PROTOCOL *File\r | |
ce2f5557 | 70 | )\r |
71 | {\r | |
c9e88815 LG |
72 | EFI_STATUS Status;\r |
73 | \r | |
74 | Status = ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE, \r | |
bc2dfdbc LG |
75 | AuthenticationStatus, \r |
76 | File,\r | |
77 | NULL, \r | |
78 | 0, \r | |
79 | FALSE\r | |
80 | );\r | |
c9e88815 LG |
81 | if (Status == EFI_SUCCESS) {\r |
82 | Status = ExecuteSecurityHandlers (AuthenticationStatus, File);\r | |
83 | }\r | |
84 | \r | |
85 | return Status;\r | |
bc2dfdbc LG |
86 | }\r |
87 | \r | |
88 | /**\r | |
89 | The DXE Foundation uses this service to measure and/or verify a UEFI image.\r | |
90 | \r | |
91 | This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI\r | |
92 | Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation\r | |
93 | invokes the FileAuthentication() with a DevicePath and corresponding image in\r | |
94 | FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the\r | |
95 | appropriate PCR. The image verification logic will confirm the integrity and provenance of the\r | |
96 | image in FileBuffer of length FileSize . The origin of the image will be DevicePath in\r | |
97 | these cases.\r | |
98 | If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r | |
99 | in order to support the User Identification policy.\r | |
100 | \r | |
101 | @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r | |
102 | @param File A pointer to the device path of the file that is\r | |
103 | being dispatched. This will optionally be used for logging.\r | |
104 | @param FileBuffer A pointer to the buffer with the UEFI file image.\r | |
105 | @param FileSize The size of the file.\r | |
106 | @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r | |
107 | FileAuthentication() is invoked not from the LoadImage(),\r | |
108 | BootPolicy must be set to FALSE.\r | |
109 | \r | |
110 | @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r | |
111 | FileBuffer did authenticate, and the platform policy dictates\r | |
112 | that the DXE Foundation may use the file.\r | |
113 | @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r | |
114 | and non-NULL FileBuffer did authenticate, and the platform\r | |
115 | policy dictates that the DXE Foundation may execute the image in\r | |
116 | FileBuffer.\r | |
117 | @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r | |
118 | UEFI device drivers on the device path specified by DevicePath.\r | |
119 | @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not\r | |
120 | authenticate, and the platform policy dictates that the file should be\r | |
121 | placed in the untrusted state. The image has been added to the file\r | |
122 | execution table.\r | |
123 | @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r | |
124 | authenticate, and the platform policy dictates that the DXE\r | |
125 | Foundation many not use File.\r | |
126 | @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r | |
127 | permission to start UEFI device drivers on the device path specified\r | |
128 | by DevicePath.\r | |
129 | @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r | |
130 | drivers from the device path specified by DevicePath. The\r | |
131 | image has been added into the list of the deferred images.\r | |
132 | **/\r | |
133 | EFI_STATUS\r | |
134 | EFIAPI\r | |
135 | Security2StubAuthenticate (\r | |
136 | IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,\r | |
137 | IN CONST EFI_DEVICE_PATH_PROTOCOL *File,\r | |
138 | IN VOID *FileBuffer,\r | |
139 | IN UINTN FileSize,\r | |
140 | IN BOOLEAN BootPolicy\r | |
141 | )\r | |
142 | {\r | |
143 | return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE | \r | |
144 | EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD | \r | |
145 | EFI_AUTH_OPERATION_MEASURE_IMAGE |\r | |
146 | EFI_AUTH_OPERATION_CONNECT_POLICY, \r | |
147 | 0, \r | |
148 | File,\r | |
149 | FileBuffer, \r | |
150 | FileSize, \r | |
151 | BootPolicy\r | |
152 | );\r | |
ce2f5557 | 153 | }\r |
154 | \r | |
109e9a61 | 155 | //\r |
bc2dfdbc | 156 | // Security2 and Security Architectural Protocol instance produced by this driver\r |
109e9a61 LG |
157 | //\r |
158 | EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = { \r | |
159 | SecurityStubAuthenticateState \r | |
160 | };\r | |
ce2f5557 | 161 | \r |
bc2dfdbc LG |
162 | EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = { \r |
163 | Security2StubAuthenticate \r | |
164 | };\r | |
165 | \r | |
ce2f5557 | 166 | /**\r |
bc2dfdbc | 167 | Installs Security2 and Security Architectural Protocol.\r |
ce2f5557 | 168 | \r |
109e9a61 LG |
169 | @param ImageHandle The image handle of this driver.\r |
170 | @param SystemTable A pointer to the EFI System Table.\r | |
ce2f5557 | 171 | \r |
5d69642d | 172 | @retval EFI_SUCCESS Install the sample Security Architectural Protocol successfully.\r |
ce2f5557 | 173 | \r |
174 | **/\r | |
175 | EFI_STATUS\r | |
176 | EFIAPI\r | |
177 | SecurityStubInitialize (\r | |
178 | IN EFI_HANDLE ImageHandle,\r | |
179 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
180 | )\r | |
181 | {\r | |
182 | EFI_STATUS Status;\r | |
183 | \r | |
184 | //\r | |
185 | // Make sure the Security Architectural Protocol is not already installed in the system\r | |
186 | //\r | |
bc2dfdbc | 187 | ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurity2ArchProtocolGuid);\r |
ce2f5557 | 188 | ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurityArchProtocolGuid);\r |
189 | \r | |
190 | //\r | |
191 | // Install the Security Architectural Protocol onto a new handle\r | |
192 | //\r | |
193 | Status = gBS->InstallMultipleProtocolInterfaces (\r | |
194 | &mSecurityArchProtocolHandle,\r | |
bc2dfdbc LG |
195 | &gEfiSecurity2ArchProtocolGuid,\r |
196 | &mSecurity2Stub,\r | |
ce2f5557 | 197 | &gEfiSecurityArchProtocolGuid,\r |
198 | &mSecurityStub,\r | |
199 | NULL\r | |
200 | );\r | |
201 | ASSERT_EFI_ERROR (Status);\r | |
202 | \r | |
5d69642d | 203 | return EFI_SUCCESS;\r |
ce2f5557 | 204 | }\r |