]>
Commit | Line | Data |
---|---|---|
b92b1209 LG |
1 | /** @file\r |
2 | Security2 Architectural Protocol as defined in PI Specification1.2.1 VOLUME 2 DXE\r | |
3 | \r | |
4 | Abstracts security-specific functions from the DXE Foundation of UEFI Image Verification,\r | |
5 | Trusted Computing Group (TCG) measured boot, and User Identity policy for image loading and\r | |
6 | consoles. This protocol must be produced by a boot service or runtime DXE driver.\r | |
9095d37b | 7 | \r |
b92b1209 LG |
8 | This protocol is optional and must be published prior to the EFI_SECURITY_ARCH_PROTOCOL.\r |
9 | As a result, the same driver must publish both of these interfaces.\r | |
9095d37b | 10 | \r |
b92b1209 LG |
11 | When both Security and Security2 Architectural Protocols are published, LoadImage must use\r |
12 | them in accordance with the following rules:\r | |
13 | The Security2 protocol must be used on every image being loaded.\r | |
9095d37b | 14 | The Security protocol must be used after the Securiy2 protocol and only on images that\r |
b92b1209 LG |
15 | have been read using Firmware Volume protocol.\r |
16 | \r | |
17 | When only Security architectural protocol is published, LoadImage must use it on every image\r | |
18 | being loaded.\r | |
19 | \r | |
9095d37b LG |
20 | Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>\r |
21 | This program and the accompanying materials\r | |
22 | are licensed and made available under the terms and conditions of the BSD License\r | |
23 | which accompanies this distribution. The full text of the license may be found at\r | |
24 | http://opensource.org/licenses/bsd-license.php\r | |
b92b1209 | 25 | \r |
9095d37b LG |
26 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r |
27 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
b92b1209 LG |
28 | \r |
29 | **/\r | |
30 | \r | |
31 | #ifndef __ARCH_PROTOCOL_SECURITY2_H__\r | |
32 | #define __ARCH_PROTOCOL_SECURITY2_H__\r | |
33 | \r | |
34 | ///\r | |
35 | /// Global ID for the Security2 Code Architectural Protocol\r | |
36 | ///\r | |
37 | #define EFI_SECURITY2_ARCH_PROTOCOL_GUID \\r | |
38 | { 0x94ab2f58, 0x1438, 0x4ef1, {0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }\r | |
9095d37b | 39 | \r |
b92b1209 LG |
40 | typedef struct _EFI_SECURITY2_ARCH_PROTOCOL EFI_SECURITY2_ARCH_PROTOCOL;\r |
41 | \r | |
42 | /**\r | |
43 | The DXE Foundation uses this service to measure and/or verify a UEFI image.\r | |
44 | \r | |
45 | This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI\r | |
46 | Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation\r | |
47 | invokes the FileAuthentication() with a DevicePath and corresponding image in\r | |
48 | FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the\r | |
49 | appropriate PCR. The image verification logic will confirm the integrity and provenance of the\r | |
50 | image in FileBuffer of length FileSize . The origin of the image will be DevicePath in\r | |
51 | these cases.\r | |
52 | If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r | |
53 | in order to support the User Identification policy.\r | |
9095d37b | 54 | \r |
b92b1209 LG |
55 | @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r |
56 | @param File A pointer to the device path of the file that is\r | |
57 | being dispatched. This will optionally be used for logging.\r | |
58 | @param FileBuffer A pointer to the buffer with the UEFI file image.\r | |
59 | @param FileSize The size of the file.\r | |
60 | @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r | |
61 | FileAuthentication() is invoked not from the LoadImage(),\r | |
62 | BootPolicy must be set to FALSE.\r | |
9095d37b | 63 | \r |
b92b1209 LG |
64 | @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r |
65 | FileBuffer did authenticate, and the platform policy dictates\r | |
66 | that the DXE Foundation may use the file.\r | |
67 | @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r | |
68 | and non-NULL FileBuffer did authenticate, and the platform\r | |
69 | policy dictates that the DXE Foundation may execute the image in\r | |
70 | FileBuffer.\r | |
71 | @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r | |
72 | UEFI device drivers on the device path specified by DevicePath.\r | |
73 | @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not\r | |
74 | authenticate, and the platform policy dictates that the file should be\r | |
75 | placed in the untrusted state. The image has been added to the file\r | |
76 | execution table.\r | |
77 | @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r | |
78 | authenticate, and the platform policy dictates that the DXE\r | |
79 | Foundation may not use File.\r | |
80 | @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r | |
81 | permission to start UEFI device drivers on the device path specified\r | |
82 | by DevicePath.\r | |
83 | @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r | |
84 | drivers from the device path specified by DevicePath. The\r | |
85 | image has been added into the list of the deferred images.\r | |
86 | **/\r | |
9095d37b | 87 | typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (\r |
b92b1209 LG |
88 | IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,\r |
89 | IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,\r | |
90 | IN VOID *FileBuffer,\r | |
91 | IN UINTN FileSize,\r | |
92 | IN BOOLEAN BootPolicy\r | |
93 | );\r | |
94 | \r | |
95 | ///\r | |
96 | /// The EFI_SECURITY2_ARCH_PROTOCOL is used to abstract platform-specific policy from the\r | |
97 | /// DXE Foundation. This includes measuring the PE/COFF image prior to invoking, comparing the\r | |
98 | /// image against a policy (whether a white-list/black-list of public image verification keys\r | |
99 | /// or registered hashes).\r | |
100 | ///\r | |
101 | struct _EFI_SECURITY2_ARCH_PROTOCOL {\r | |
102 | EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;\r | |
103 | };\r | |
104 | \r | |
105 | extern EFI_GUID gEfiSecurity2ArchProtocolGuid;\r | |
106 | \r | |
107 | #endif\r |