]>
Commit | Line | Data |
---|---|---|
ce2f5557 | 1 | /** @file\r |
bc2dfdbc | 2 | This driver produces Security2 and Security architectural protocol based on SecurityManagementLib.\r |
ce2f5557 | 3 | \r |
d1102dba LG |
4 | Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r |
5 | This program and the accompanying materials\r | |
6 | are licensed and made available under the terms and conditions of the BSD License\r | |
7 | which accompanies this distribution. The full text of the license may be found at\r | |
8 | http://opensource.org/licenses/bsd-license.php\r | |
9 | \r | |
10 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
11 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
ce2f5557 | 12 | \r |
13 | **/\r | |
14 | \r | |
15 | \r | |
109e9a61 LG |
16 | #include <Uefi.h>\r |
17 | #include <Protocol/Security.h>\r | |
bc2dfdbc | 18 | #include <Protocol/Security2.h>\r |
109e9a61 LG |
19 | #include <Library/DebugLib.h>\r |
20 | #include <Library/UefiBootServicesTableLib.h>\r | |
21 | #include <Library/UefiDriverEntryPoint.h>\r | |
cd98f305 | 22 | #include <Library/SecurityManagementLib.h>\r |
8be37a5c | 23 | #include "Defer3rdPartyImageLoad.h"\r |
ce2f5557 | 24 | \r |
25 | //\r | |
26 | // Handle for the Security Architectural Protocol instance produced by this driver\r | |
27 | //\r | |
28 | EFI_HANDLE mSecurityArchProtocolHandle = NULL;\r | |
29 | \r | |
ce2f5557 | 30 | /**\r |
d1102dba LG |
31 | The EFI_SECURITY_ARCH_PROTOCOL (SAP) is used to abstract platform-specific\r |
32 | policy from the DXE core response to an attempt to use a file that returns a\r | |
33 | given status for the authentication check from the section extraction protocol.\r | |
ce2f5557 | 34 | \r |
d1102dba LG |
35 | The possible responses in a given SAP implementation may include locking\r |
36 | flash upon failure to authenticate, attestation logging for all signed drivers,\r | |
37 | and other exception operations. The File parameter allows for possible logging\r | |
ce2f5557 | 38 | within the SAP of the driver.\r |
39 | \r | |
40 | If File is NULL, then EFI_INVALID_PARAMETER is returned.\r | |
41 | \r | |
d1102dba | 42 | If the file specified by File with an authentication status specified by\r |
ce2f5557 | 43 | AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.\r |
44 | \r | |
d1102dba LG |
45 | If the file specified by File with an authentication status specified by\r |
46 | AuthenticationStatus is not safe for the DXE Core to use under any circumstances,\r | |
ce2f5557 | 47 | then EFI_ACCESS_DENIED is returned.\r |
48 | \r | |
d1102dba LG |
49 | If the file specified by File with an authentication status specified by\r |
50 | AuthenticationStatus is not safe for the DXE Core to use right now, but it\r | |
51 | might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is\r | |
ce2f5557 | 52 | returned.\r |
53 | \r | |
54 | @param This The EFI_SECURITY_ARCH_PROTOCOL instance.\r | |
d1102dba | 55 | @param AuthenticationStatus\r |
ce2f5557 | 56 | This is the authentication type returned from the Section\r |
57 | Extraction protocol. See the Section Extraction Protocol\r | |
58 | Specification for details on this type.\r | |
59 | @param File This is a pointer to the device path of the file that is\r | |
60 | being dispatched. This will optionally be used for logging.\r | |
61 | \r | |
109e9a61 | 62 | @retval EFI_SUCCESS Do nothing and return success.\r |
5d69642d | 63 | @retval EFI_INVALID_PARAMETER File is NULL.\r |
ce2f5557 | 64 | **/\r |
65 | EFI_STATUS\r | |
66 | EFIAPI\r | |
67 | SecurityStubAuthenticateState (\r | |
c48d41d2 LG |
68 | IN CONST EFI_SECURITY_ARCH_PROTOCOL *This,\r |
69 | IN UINT32 AuthenticationStatus,\r | |
70 | IN CONST EFI_DEVICE_PATH_PROTOCOL *File\r | |
ce2f5557 | 71 | )\r |
72 | {\r | |
c9e88815 | 73 | EFI_STATUS Status;\r |
d1102dba LG |
74 | \r |
75 | Status = ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE,\r | |
76 | AuthenticationStatus,\r | |
bc2dfdbc | 77 | File,\r |
d1102dba LG |
78 | NULL,\r |
79 | 0,\r | |
bc2dfdbc LG |
80 | FALSE\r |
81 | );\r | |
c9e88815 LG |
82 | if (Status == EFI_SUCCESS) {\r |
83 | Status = ExecuteSecurityHandlers (AuthenticationStatus, File);\r | |
84 | }\r | |
d1102dba | 85 | \r |
c9e88815 | 86 | return Status;\r |
bc2dfdbc LG |
87 | }\r |
88 | \r | |
89 | /**\r | |
90 | The DXE Foundation uses this service to measure and/or verify a UEFI image.\r | |
91 | \r | |
92 | This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI\r | |
93 | Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation\r | |
94 | invokes the FileAuthentication() with a DevicePath and corresponding image in\r | |
95 | FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the\r | |
96 | appropriate PCR. The image verification logic will confirm the integrity and provenance of the\r | |
97 | image in FileBuffer of length FileSize . The origin of the image will be DevicePath in\r | |
98 | these cases.\r | |
99 | If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r | |
100 | in order to support the User Identification policy.\r | |
d1102dba | 101 | \r |
bc2dfdbc LG |
102 | @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r |
103 | @param File A pointer to the device path of the file that is\r | |
104 | being dispatched. This will optionally be used for logging.\r | |
105 | @param FileBuffer A pointer to the buffer with the UEFI file image.\r | |
106 | @param FileSize The size of the file.\r | |
107 | @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r | |
108 | FileAuthentication() is invoked not from the LoadImage(),\r | |
109 | BootPolicy must be set to FALSE.\r | |
d1102dba | 110 | \r |
bc2dfdbc LG |
111 | @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r |
112 | FileBuffer did authenticate, and the platform policy dictates\r | |
113 | that the DXE Foundation may use the file.\r | |
114 | @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r | |
115 | and non-NULL FileBuffer did authenticate, and the platform\r | |
116 | policy dictates that the DXE Foundation may execute the image in\r | |
117 | FileBuffer.\r | |
118 | @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r | |
119 | UEFI device drivers on the device path specified by DevicePath.\r | |
120 | @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not\r | |
121 | authenticate, and the platform policy dictates that the file should be\r | |
122 | placed in the untrusted state. The image has been added to the file\r | |
123 | execution table.\r | |
124 | @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r | |
125 | authenticate, and the platform policy dictates that the DXE\r | |
126 | Foundation many not use File.\r | |
127 | @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r | |
128 | permission to start UEFI device drivers on the device path specified\r | |
129 | by DevicePath.\r | |
130 | @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r | |
131 | drivers from the device path specified by DevicePath. The\r | |
132 | image has been added into the list of the deferred images.\r | |
133 | **/\r | |
134 | EFI_STATUS\r | |
135 | EFIAPI\r | |
136 | Security2StubAuthenticate (\r | |
137 | IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,\r | |
138 | IN CONST EFI_DEVICE_PATH_PROTOCOL *File,\r | |
139 | IN VOID *FileBuffer,\r | |
140 | IN UINTN FileSize,\r | |
141 | IN BOOLEAN BootPolicy\r | |
142 | )\r | |
143 | {\r | |
8be37a5c RN |
144 | EFI_STATUS Status;\r |
145 | \r | |
146 | if (FileBuffer != NULL) {\r | |
147 | Status = Defer3rdPartyImageLoad (File, BootPolicy);\r | |
148 | if (EFI_ERROR (Status)) {\r | |
149 | return Status;\r | |
150 | }\r | |
151 | }\r | |
152 | \r | |
d1102dba LG |
153 | return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE |\r |
154 | EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD |\r | |
bc2dfdbc | 155 | EFI_AUTH_OPERATION_MEASURE_IMAGE |\r |
d1102dba LG |
156 | EFI_AUTH_OPERATION_CONNECT_POLICY,\r |
157 | 0,\r | |
bc2dfdbc | 158 | File,\r |
d1102dba LG |
159 | FileBuffer,\r |
160 | FileSize,\r | |
bc2dfdbc LG |
161 | BootPolicy\r |
162 | );\r | |
ce2f5557 | 163 | }\r |
164 | \r | |
109e9a61 | 165 | //\r |
bc2dfdbc | 166 | // Security2 and Security Architectural Protocol instance produced by this driver\r |
109e9a61 | 167 | //\r |
d1102dba LG |
168 | EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = {\r |
169 | SecurityStubAuthenticateState\r | |
109e9a61 | 170 | };\r |
ce2f5557 | 171 | \r |
d1102dba LG |
172 | EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = {\r |
173 | Security2StubAuthenticate\r | |
bc2dfdbc LG |
174 | };\r |
175 | \r | |
ce2f5557 | 176 | /**\r |
bc2dfdbc | 177 | Installs Security2 and Security Architectural Protocol.\r |
ce2f5557 | 178 | \r |
109e9a61 LG |
179 | @param ImageHandle The image handle of this driver.\r |
180 | @param SystemTable A pointer to the EFI System Table.\r | |
d1102dba | 181 | \r |
5d69642d | 182 | @retval EFI_SUCCESS Install the sample Security Architectural Protocol successfully.\r |
ce2f5557 | 183 | \r |
184 | **/\r | |
185 | EFI_STATUS\r | |
186 | EFIAPI\r | |
187 | SecurityStubInitialize (\r | |
188 | IN EFI_HANDLE ImageHandle,\r | |
189 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
190 | )\r | |
191 | {\r | |
192 | EFI_STATUS Status;\r | |
193 | \r | |
194 | //\r | |
195 | // Make sure the Security Architectural Protocol is not already installed in the system\r | |
196 | //\r | |
bc2dfdbc | 197 | ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurity2ArchProtocolGuid);\r |
ce2f5557 | 198 | ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurityArchProtocolGuid);\r |
199 | \r | |
200 | //\r | |
201 | // Install the Security Architectural Protocol onto a new handle\r | |
202 | //\r | |
203 | Status = gBS->InstallMultipleProtocolInterfaces (\r | |
204 | &mSecurityArchProtocolHandle,\r | |
bc2dfdbc LG |
205 | &gEfiSecurity2ArchProtocolGuid,\r |
206 | &mSecurity2Stub,\r | |
ce2f5557 | 207 | &gEfiSecurityArchProtocolGuid,\r |
208 | &mSecurityStub,\r | |
209 | NULL\r | |
210 | );\r | |
211 | ASSERT_EFI_ERROR (Status);\r | |
212 | \r | |
8be37a5c RN |
213 | Defer3rdPartyImageLoadInitialize ();\r |
214 | \r | |
5d69642d | 215 | return EFI_SUCCESS;\r |
ce2f5557 | 216 | }\r |