]>
Commit | Line | Data |
---|---|---|
e5544398 | 1 | /** @file\r |
d7132512 | 2 | This file declares Pei Security2 PPI.\r |
e5544398 | 3 | \r |
9095d37b LG |
4 | This PPI is installed by some platform PEIM that abstracts the security\r |
5 | policy to the PEI Foundation, namely the case of a PEIM's authentication\r | |
d7132512 LG |
6 | state being returned during the PEI section extraction process.\r |
7 | \r | |
9095d37b | 8 | Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r |
9344f092 | 9 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
e5544398 | 10 | \r |
e5544398 | 11 | @par Revision Reference:\r |
0047820e | 12 | This PPI is introduced in PI Version 1.0.\r |
e5544398 | 13 | \r |
14 | **/\r | |
15 | \r | |
16 | #ifndef __SECURITY2_PPI_H__\r | |
17 | #define __SECURITY2_PPI_H__\r | |
18 | \r | |
19 | #define EFI_PEI_SECURITY2_PPI_GUID \\r | |
20 | { 0xdcd0be23, 0x9586, 0x40f4, { 0xb6, 0x43, 0x6, 0x52, 0x2c, 0xed, 0x4e, 0xde } }\r | |
21 | \r | |
22 | \r | |
53f2d96e | 23 | typedef struct _EFI_PEI_SECURITY2_PPI EFI_PEI_SECURITY2_PPI;\r |
e5544398 | 24 | \r |
25 | /**\r | |
9095d37b | 26 | Allows the platform builder to implement a security policy\r |
d7132512 LG |
27 | in response to varying file authentication states.\r |
28 | \r | |
e5544398 | 29 | This service is published by some platform PEIM. The purpose of\r |
30 | this service is to expose a given platform's policy-based\r | |
31 | response to the PEI Foundation. For example, if there is a PEIM\r | |
32 | in a GUIDed encapsulation section and the extraction of the PEI\r | |
33 | file section yields an authentication failure, there is no a\r | |
34 | priori policy in the PEI Foundation. Specifically, this\r | |
35 | situation leads to the question whether PEIMs that are either\r | |
36 | not in GUIDed sections or are in sections whose authentication\r | |
13c38031 | 37 | fails should still be executed.\r |
38 | \r | |
39 | @param PeiServices An indirect pointer to the PEI Services\r | |
40 | Table published by the PEI Foundation.\r | |
41 | @param This Interface pointer that implements the\r | |
42 | particular EFI_PEI_SECURITY2_PPI instance.\r | |
43 | @param AuthenticationStatus Authentication status of the file.\r | |
9319d2c2 | 44 | xx00 Image was not signed.\r |
9095d37b | 45 | xxx1 Platform security policy override.\r |
9319d2c2 LG |
46 | Assumes same meaning as 0010 (the image was signed, the\r |
47 | signature was tested, and the signature passed authentication test).\r | |
9095d37b | 48 | 0010 Image was signed, the signature was tested,\r |
9319d2c2 LG |
49 | and the signature passed authentication test.\r |
50 | 0110 Image was signed and the signature was not tested.\r | |
9095d37b | 51 | 1010 Image was signed, the signature was tested,\r |
9319d2c2 | 52 | and the signature failed the authentication test.\r |
13c38031 | 53 | @param FvHandle Handle of the volume in which the file\r |
54 | resides. This allows different policies\r | |
55 | depending on different firmware volumes.\r | |
56 | @param FileHandle Handle of the file under review.\r | |
57 | @param DeferExecution Pointer to a variable that alerts the\r | |
58 | PEI Foundation to defer execution of a\r | |
59 | PEIM.\r | |
60 | \r | |
61 | @retval EFI_SUCCESS The service performed its action successfully.\r | |
62 | @retval EFI_SECURITY_VIOLATION The object cannot be trusted.\r | |
e5544398 | 63 | \r |
64 | **/\r | |
65 | typedef\r | |
66 | EFI_STATUS\r | |
8b13229b | 67 | (EFIAPI *EFI_PEI_SECURITY_AUTHENTICATION_STATE)(\r |
e5544398 | 68 | IN CONST EFI_PEI_SERVICES **PeiServices,\r |
69 | IN CONST EFI_PEI_SECURITY2_PPI *This,\r | |
13c38031 | 70 | IN UINT32 AuthenticationStatus,\r |
71 | IN EFI_PEI_FV_HANDLE FvHandle,\r | |
c7935105 | 72 | IN EFI_PEI_FILE_HANDLE FileHandle,\r |
e5544398 | 73 | IN OUT BOOLEAN *DeferExecution\r |
74 | );\r | |
75 | \r | |
13c38031 | 76 | ///\r |
77 | /// This PPI is a means by which the platform builder can indicate\r | |
78 | /// a response to a PEIM's authentication state. This can be in\r | |
79 | /// the form of a requirement for the PEI Foundation to skip a\r | |
80 | /// module using the DeferExecution Boolean output in the\r | |
81 | /// AuthenticationState() member function. Alternately, the\r | |
82 | /// Security PPI can invoke something like a cryptographic PPI\r | |
83 | /// that hashes the PEIM contents to log attestations, for which\r | |
84 | /// the FileHandle parameter in AuthenticationState() will be\r | |
85 | /// useful. If this PPI does not exist, PEIMs will be considered\r | |
86 | /// trusted.\r | |
87 | ///\r | |
e5544398 | 88 | struct _EFI_PEI_SECURITY2_PPI {\r |
89 | EFI_PEI_SECURITY_AUTHENTICATION_STATE AuthenticationState;\r | |
90 | };\r | |
91 | \r | |
92 | \r | |
93 | extern EFI_GUID gEfiPeiSecurity2PpiGuid;\r | |
94 | \r | |
95 | #endif\r |