/** @file\r
+ EFI PEI Core Security services\r
\r
-Copyright (c) 2006, Intel Corporation \r
-All rights reserved. This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution. The full text of the license may be found at \r
-http://opensource.org/licenses/bsd-license.php \r
- \r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
-\r
-Module Name:\r
-\r
- Security.c\r
-\r
-Abstract:\r
+Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php\r
\r
- EFI PEI Core Security services\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
-#include <PeiMain.h>\r
+#include "PeiMain.h"\r
\r
-STATIC\r
-EFI_STATUS\r
-EFIAPI\r
-SecurityPpiNotifyCallback (\r
- IN EFI_PEI_SERVICES **PeiServices,\r
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
- IN VOID *Ppi\r
- );\r
\r
-static EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
+EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
&gEfiPeiSecurity2PpiGuid,\r
SecurityPpiNotifyCallback\r
};\r
\r
+/**\r
+ Initialize the security services.\r
+\r
+ @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
+ @param OldCoreData Pointer to the old core data.\r
+ NULL if being run in non-permament memory mode.\r
+\r
+**/\r
VOID\r
InitializeSecurityServices (\r
IN EFI_PEI_SERVICES **PeiServices,\r
IN PEI_CORE_INSTANCE *OldCoreData\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Initialize the security services.\r
-\r
-Arguments:\r
-\r
- PeiServices - The PEI core services table.\r
- OldCoreData - Pointer to the old core data.\r
- NULL if being run in non-permament memory mode.\r
-Returns:\r
-\r
- None\r
-\r
---*/\r
{\r
if (OldCoreData == NULL) {\r
PeiServicesNotifyPpi (&mNotifyList);\r
return;\r
}\r
\r
-STATIC\r
+/**\r
+\r
+ Provide a callback for when the security PPI is installed.\r
+ This routine will cache installed security PPI into PeiCore's private data.\r
+\r
+ @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
+ @param NotifyDescriptor The descriptor for the notification event.\r
+ @param Ppi Pointer to the PPI in question.\r
+\r
+ @return Always success\r
+\r
+**/\r
EFI_STATUS\r
EFIAPI\r
SecurityPpiNotifyCallback (\r
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
IN VOID *Ppi\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Provide a callback for when the security PPI is installed.\r
-\r
-Arguments:\r
-\r
- PeiServices - The PEI core services table.\r
- NotifyDescriptor - The descriptor for the notification event.\r
- Ppi - Pointer to the PPI in question.\r
-\r
-Returns:\r
-\r
- EFI_SUCCESS - The function is successfully processed.\r
-\r
---*/\r
{\r
PEI_CORE_INSTANCE *PrivateData;\r
\r
// Get PEI Core private data\r
//\r
PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
- \r
+\r
//\r
// If there isn't a security PPI installed, use the one from notification\r
//\r
return EFI_SUCCESS;\r
}\r
\r
+/**\r
+ Provide a callout to the security verification service.\r
+\r
+ @param PrivateData PeiCore's private data structure\r
+ @param VolumeHandle Handle of FV\r
+ @param FileHandle Handle of PEIM's ffs\r
+ @param AuthenticationStatus Authentication status\r
+\r
+ @retval EFI_SUCCESS Image is OK\r
+ @retval EFI_SECURITY_VIOLATION Image is illegal\r
+ @retval EFI_NOT_FOUND If security PPI is not installed.\r
+**/\r
EFI_STATUS\r
VerifyPeim (\r
IN PEI_CORE_INSTANCE *PrivateData,\r
IN EFI_PEI_FV_HANDLE VolumeHandle,\r
- IN EFI_PEI_FILE_HANDLE FileHandle\r
+ IN EFI_PEI_FILE_HANDLE FileHandle,\r
+ IN UINT32 AuthenticationStatus\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Provide a callout to the security verification service.\r
-\r
-Arguments:\r
-\r
- PeiServices - The PEI core services table.\r
- CurrentPeimAddress - Pointer to the Firmware File under investigation.\r
-\r
-Returns:\r
-\r
- EFI_SUCCESS - Image is OK\r
- EFI_SECURITY_VIOLATION - Image is illegal\r
-\r
---*/\r
{\r
EFI_STATUS Status;\r
- UINT32 AuthenticationStatus;\r
BOOLEAN DeferExection;\r
\r
- //\r
- // Set a default authentication state\r
- //\r
- AuthenticationStatus = 0;\r
-\r
+ Status = EFI_NOT_FOUND;\r
if (PrivateData->PrivateSecurityPpi == NULL) {\r
- Status = EFI_NOT_FOUND;\r
+ //\r
+ // Check AuthenticationStatus first.\r
+ //\r
+ if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
+ if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ }\r
+ }\r
} else {\r
//\r
// Check to see if the image is OK\r
//\r
Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
- (CONST EFI_PEI_SERVICES **) &PrivateData->PS,\r
+ (CONST EFI_PEI_SERVICES **) &PrivateData->Ps,\r
PrivateData->PrivateSecurityPpi,\r
AuthenticationStatus,\r
VolumeHandle,\r
}\r
\r
\r
+/**\r
+ Verify a Firmware volume.\r
+\r
+ @param CurrentFvAddress Pointer to the current Firmware Volume under consideration\r
+\r
+ @retval EFI_SUCCESS Firmware Volume is legal\r
+\r
+**/\r
EFI_STATUS\r
VerifyFv (\r
IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Verify a Firmware volume\r
-\r
-Arguments:\r
-\r
- CurrentFvAddress - Pointer to the current Firmware Volume under consideration\r
-\r
-Returns:\r
-\r
- EFI_SUCCESS - Firmware Volume is legal\r
- EFI_SECURITY_VIOLATION - Firmware Volume fails integrity test\r
-\r
---*/\r
{\r
//\r
// Right now just pass the test. Future can authenticate and/or check the\r