]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | ## @file\r |
60c944c7 DG |
2 | # Provides security service of image verification\r |
3 | #\r | |
4 | # This library hooks LoadImage() API to verify every image by the verification policy.\r | |
0c18794e | 5 | #\r |
dc204d5a JY |
6 | # Caution: This module requires additional review when modified.\r |
7 | # This library will have external input - PE/COFF image.\r | |
60c944c7 DG |
8 | # This external input must be validated carefully to avoid security issues such as\r |
9 | # buffer overflow or integer overflow.\r | |
dc204d5a | 10 | #\r |
60c944c7 | 11 | # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r |
0c18794e | 12 | # This program and the accompanying materials\r |
13 | # are licensed and made available under the terms and conditions of the BSD License\r | |
14 | # which accompanies this distribution. The full text of the license may be found at\r | |
15 | # http://opensource.org/licenses/bsd-license.php\r | |
16 | # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r | |
17 | # WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
18 | #\r | |
19 | ##\r | |
20 | \r | |
21 | [Defines]\r | |
22 | INF_VERSION = 0x00010005\r | |
60c944c7 DG |
23 | BASE_NAME = DxeImageVerificationLib\r |
24 | MODULE_UNI_FILE = DxeImageVerificationLib.uni\r | |
0c18794e | 25 | FILE_GUID = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6\r |
26 | MODULE_TYPE = DXE_DRIVER\r | |
27 | VERSION_STRING = 1.0\r | |
20333c6d | 28 | LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER\r |
0c18794e | 29 | CONSTRUCTOR = DxeImageVerificationLibConstructor\r |
30 | \r | |
31 | #\r | |
32 | # The following information is for reference only and not required by the build tools.\r | |
33 | #\r | |
34 | # VALID_ARCHITECTURES = IA32 X64 IPF EBC\r | |
35 | #\r | |
36 | \r | |
37 | [Sources]\r | |
38 | DxeImageVerificationLib.c\r | |
39 | DxeImageVerificationLib.h\r | |
c1d93242 | 40 | Measurement.c\r |
0c18794e | 41 | \r |
42 | [Packages]\r | |
43 | MdePkg/MdePkg.dec\r | |
44 | MdeModulePkg/MdeModulePkg.dec\r | |
45 | CryptoPkg/CryptoPkg.dec\r | |
46 | SecurityPkg/SecurityPkg.dec\r | |
47 | \r | |
48 | [LibraryClasses]\r | |
49 | MemoryAllocationLib\r | |
50 | BaseLib\r | |
51 | UefiLib\r | |
52 | UefiBootServicesTableLib\r | |
53 | UefiRuntimeServicesTableLib\r | |
54 | BaseMemoryLib\r | |
55 | DebugLib\r | |
56 | DevicePathLib\r | |
57 | BaseCryptLib\r | |
58 | SecurityManagementLib\r | |
28186d45 | 59 | PeCoffLib\r |
c1d93242 | 60 | TpmMeasurementLib\r |
0c18794e | 61 | \r |
62 | [Protocols]\r | |
60c944c7 DG |
63 | gEfiFirmwareVolume2ProtocolGuid ## SOMETIMES_CONSUMES\r |
64 | gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES\r | |
65 | gEfiSimpleFileSystemProtocolGuid ## SOMETIMES_CONSUMES\r | |
66 | \r | |
0c18794e | 67 | [Guids]\r |
60c944c7 DG |
68 | ## SOMETIMES_CONSUMES ## Variable:L"DB"\r |
69 | ## SOMETIMES_CONSUMES ## Variable:L"DBX"\r | |
20333c6d | 70 | ## SOMETIMES_CONSUMES ## Variable:L"DBT"\r |
60c944c7 DG |
71 | ## PRODUCES ## SystemTable\r |
72 | ## CONSUMES ## SystemTable\r | |
0c18794e | 73 | gEfiImageSecurityDatabaseGuid\r |
60c944c7 DG |
74 | \r |
75 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
76 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
0c18794e | 77 | gEfiCertSha1Guid\r |
20333c6d | 78 | \r |
60c944c7 DG |
79 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
80 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
0c18794e | 81 | gEfiCertSha256Guid\r |
60c944c7 | 82 | \r |
20333c6d QL |
83 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
84 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
85 | gEfiCertSha384Guid\r | |
86 | \r | |
87 | ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
88 | ## SOMETIMES_PRODUCES ## GUID # Unique ID for the type of the signature.\r | |
89 | gEfiCertSha512Guid\r | |
90 | \r | |
60c944c7 | 91 | gEfiCertX509Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
20333c6d QL |
92 | gEfiCertX509Sha256Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r |
93 | gEfiCertX509Sha384Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
94 | gEfiCertX509Sha512Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the signature.\r | |
60c944c7 | 95 | gEfiCertPkcs7Guid ## SOMETIMES_CONSUMES ## GUID # Unique ID for the type of the certificate.\r |
20333c6d | 96 | \r |
0c18794e | 97 | [Pcd]\r |
60c944c7 DG |
98 | gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy ## SOMETIMES_CONSUMES\r |
99 | gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r | |
100 | gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy ## SOMETIMES_CONSUMES\r |