]>
Commit | Line | Data |
---|---|---|
e5544398 | 1 | /** @file\r |
d7132512 | 2 | This file declares Pei Security2 PPI.\r |
e5544398 | 3 | \r |
9095d37b LG |
4 | This PPI is installed by some platform PEIM that abstracts the security\r |
5 | policy to the PEI Foundation, namely the case of a PEIM's authentication\r | |
d7132512 LG |
6 | state being returned during the PEI section extraction process.\r |
7 | \r | |
9095d37b | 8 | Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r |
9344f092 | 9 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
e5544398 | 10 | \r |
e5544398 | 11 | @par Revision Reference:\r |
0047820e | 12 | This PPI is introduced in PI Version 1.0.\r |
e5544398 | 13 | \r |
14 | **/\r | |
15 | \r | |
16 | #ifndef __SECURITY2_PPI_H__\r | |
17 | #define __SECURITY2_PPI_H__\r | |
18 | \r | |
19 | #define EFI_PEI_SECURITY2_PPI_GUID \\r | |
20 | { 0xdcd0be23, 0x9586, 0x40f4, { 0xb6, 0x43, 0x6, 0x52, 0x2c, 0xed, 0x4e, 0xde } }\r | |
21 | \r | |
2f88bd3a | 22 | typedef struct _EFI_PEI_SECURITY2_PPI EFI_PEI_SECURITY2_PPI;\r |
e5544398 | 23 | \r |
24 | /**\r | |
9095d37b | 25 | Allows the platform builder to implement a security policy\r |
d7132512 LG |
26 | in response to varying file authentication states.\r |
27 | \r | |
e5544398 | 28 | This service is published by some platform PEIM. The purpose of\r |
29 | this service is to expose a given platform's policy-based\r | |
30 | response to the PEI Foundation. For example, if there is a PEIM\r | |
31 | in a GUIDed encapsulation section and the extraction of the PEI\r | |
32 | file section yields an authentication failure, there is no a\r | |
33 | priori policy in the PEI Foundation. Specifically, this\r | |
34 | situation leads to the question whether PEIMs that are either\r | |
35 | not in GUIDed sections or are in sections whose authentication\r | |
13c38031 | 36 | fails should still be executed.\r |
37 | \r | |
38 | @param PeiServices An indirect pointer to the PEI Services\r | |
39 | Table published by the PEI Foundation.\r | |
40 | @param This Interface pointer that implements the\r | |
41 | particular EFI_PEI_SECURITY2_PPI instance.\r | |
42 | @param AuthenticationStatus Authentication status of the file.\r | |
9319d2c2 | 43 | xx00 Image was not signed.\r |
9095d37b | 44 | xxx1 Platform security policy override.\r |
9319d2c2 LG |
45 | Assumes same meaning as 0010 (the image was signed, the\r |
46 | signature was tested, and the signature passed authentication test).\r | |
9095d37b | 47 | 0010 Image was signed, the signature was tested,\r |
9319d2c2 LG |
48 | and the signature passed authentication test.\r |
49 | 0110 Image was signed and the signature was not tested.\r | |
9095d37b | 50 | 1010 Image was signed, the signature was tested,\r |
9319d2c2 | 51 | and the signature failed the authentication test.\r |
13c38031 | 52 | @param FvHandle Handle of the volume in which the file\r |
53 | resides. This allows different policies\r | |
54 | depending on different firmware volumes.\r | |
55 | @param FileHandle Handle of the file under review.\r | |
56 | @param DeferExecution Pointer to a variable that alerts the\r | |
57 | PEI Foundation to defer execution of a\r | |
58 | PEIM.\r | |
59 | \r | |
60 | @retval EFI_SUCCESS The service performed its action successfully.\r | |
61 | @retval EFI_SECURITY_VIOLATION The object cannot be trusted.\r | |
e5544398 | 62 | \r |
63 | **/\r | |
64 | typedef\r | |
65 | EFI_STATUS\r | |
8b13229b | 66 | (EFIAPI *EFI_PEI_SECURITY_AUTHENTICATION_STATE)(\r |
e5544398 | 67 | IN CONST EFI_PEI_SERVICES **PeiServices,\r |
68 | IN CONST EFI_PEI_SECURITY2_PPI *This,\r | |
13c38031 | 69 | IN UINT32 AuthenticationStatus,\r |
70 | IN EFI_PEI_FV_HANDLE FvHandle,\r | |
c7935105 | 71 | IN EFI_PEI_FILE_HANDLE FileHandle,\r |
e5544398 | 72 | IN OUT BOOLEAN *DeferExecution\r |
2f88bd3a | 73 | );\r |
e5544398 | 74 | \r |
13c38031 | 75 | ///\r |
76 | /// This PPI is a means by which the platform builder can indicate\r | |
77 | /// a response to a PEIM's authentication state. This can be in\r | |
78 | /// the form of a requirement for the PEI Foundation to skip a\r | |
79 | /// module using the DeferExecution Boolean output in the\r | |
80 | /// AuthenticationState() member function. Alternately, the\r | |
81 | /// Security PPI can invoke something like a cryptographic PPI\r | |
82 | /// that hashes the PEIM contents to log attestations, for which\r | |
83 | /// the FileHandle parameter in AuthenticationState() will be\r | |
84 | /// useful. If this PPI does not exist, PEIMs will be considered\r | |
85 | /// trusted.\r | |
86 | ///\r | |
e5544398 | 87 | struct _EFI_PEI_SECURITY2_PPI {\r |
2f88bd3a | 88 | EFI_PEI_SECURITY_AUTHENTICATION_STATE AuthenticationState;\r |
e5544398 | 89 | };\r |
90 | \r | |
2f88bd3a | 91 | extern EFI_GUID gEfiPeiSecurity2PpiGuid;\r |
e5544398 | 92 | \r |
93 | #endif\r |