/** @file\r
This includes some definitions introduced in UEFI that will be used in both PEI and DXE phases.\r
\r
- Copyright (c) 2006, Intel Corporation \r
- All rights reserved. This program and the accompanying materials \r
- are licensed and made available under the terms and conditions of the BSD License \r
- which accompanies this distribution. The full text of the license may be found at \r
- http://opensource.org/licenses/bsd-license.php \r
-\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials are licensed and made available under \r
+the terms and conditions of the BSD License that accompanies this distribution. \r
+The full text of the license may be found at\r
+http://opensource.org/licenses/bsd-license.php. \r
+ \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
\r
**/\r
\r
#ifndef __UEFI_MULTIPHASE_H__\r
#define __UEFI_MULTIPHASE_H__\r
\r
-#include <ProcessorBind.h>\r
-\r
+#include <Guid/WinCertificate.h>\r
///\r
/// Enumeration of memory types introduced in UEFI.\r
/// \r
typedef enum {\r
+ ///\r
+ /// Not used.\r
+ ///\r
EfiReservedMemoryType,\r
+ ///\r
+ /// The code portions of a loaded application. \r
+ /// (Note that UEFI OS loaders are UEFI applications.)\r
+ ///\r
EfiLoaderCode,\r
+ ///\r
+ /// The data portions of a loaded application and the default data allocation\r
+ /// type used by an application to allocate pool memory.\r
+ ///\r
EfiLoaderData,\r
+ ///\r
+ /// The code portions of a loaded Boot Services Driver.\r
+ ///\r
EfiBootServicesCode,\r
+ ///\r
+ /// The data portions of a loaded Boot Serves Driver, and the default data\r
+ /// allocation type used by a Boot Services Driver to allocate pool memory.\r
+ ///\r
EfiBootServicesData,\r
+ ///\r
+ /// The code portions of a loaded Runtime Services Driver.\r
+ ///\r
EfiRuntimeServicesCode,\r
+ ///\r
+ /// The data portions of a loaded Runtime Services Driver and the default\r
+ /// data allocation type used by a Runtime Services Driver to allocate pool memory.\r
+ ///\r
EfiRuntimeServicesData,\r
+ ///\r
+ /// Free (unallocated) memory.\r
+ ///\r
EfiConventionalMemory,\r
+ ///\r
+ /// Memory in which errors have been detected.\r
+ ///\r
EfiUnusableMemory,\r
+ ///\r
+ /// Memory that holds the ACPI tables.\r
+ ///\r
EfiACPIReclaimMemory,\r
+ ///\r
+ /// Address space reserved for use by the firmware.\r
+ ///\r
EfiACPIMemoryNVS,\r
+ ///\r
+ /// Used by system firmware to request that a memory-mapped IO region\r
+ /// be mapped by the OS to a virtual address so it can be accessed by EFI runtime services.\r
+ ///\r
EfiMemoryMappedIO,\r
+ ///\r
+ /// System memory-mapped IO region that is used to translate memory\r
+ /// cycles to IO cycles by the processor.\r
+ ///\r
EfiMemoryMappedIOPortSpace,\r
+ ///\r
+ /// Address space reserved by the firmware for code that is part of the processor.\r
+ ///\r
EfiPalCode,\r
EfiMaxMemoryType\r
} EFI_MEMORY_TYPE;\r
\r
-\r
///\r
/// Data structure that precedes all of the standard EFI table types.\r
/// \r
typedef struct {\r
+ ///\r
+ /// A 64-bit signature that identifies the type of table that follows.\r
+ /// Unique signatures have been generated for the EFI System Table,\r
+ /// the EFI Boot Services Table, and the EFI Runtime Services Table.\r
+ ///\r
UINT64 Signature;\r
+ ///\r
+ /// The revision of the EFI Specification to which this table\r
+ /// conforms. The upper 16 bits of this field contain the major\r
+ /// revision value, and the lower 16 bits contain the minor revision\r
+ /// value. The minor revision values are limited to the range of 00..99.\r
+ ///\r
UINT32 Revision;\r
+ ///\r
+ /// The size, in bytes, of the entire table including the EFI_TABLE_HEADER.\r
+ ///\r
UINT32 HeaderSize;\r
+ ///\r
+ /// The 32-bit CRC for the entire table. This value is computed by\r
+ /// setting this field to 0, and computing the 32-bit CRC for HeaderSize bytes.\r
+ ///\r
UINT32 CRC32;\r
+ ///\r
+ /// Reserved field that must be set to 0.\r
+ ///\r
UINT32 Reserved;\r
} EFI_TABLE_HEADER;\r
\r
/// \r
#define EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS 0x00000010\r
\r
-//\r
-// _WIN_CERTIFICATE.wCertificateType\r
-// \r
-#define WIN_CERT_TYPE_EFI_PKCS115 0x0EF0\r
-#define WIN_CERT_TYPE_EFI_GUID 0x0EF1\r
-\r
-/**\r
- \r
- The WIN_CERTIFICATE structure is part of the PE/COFF\r
- specification and has the following definition:\r
-\r
- @param dwLength The length of the entire certificate,\r
- including the length of the header, in\r
- bytes.\r
-\r
- @param wRevision The revision level of the WIN_CERTIFICATE\r
- structure. The current revision level is\r
- 0x0200.\r
-\r
- @param wCertificateType The certificate type. See\r
- WIN_CERT_TYPE_xxx for the UEFI\r
- certificate types. The UEFI\r
- specification reserves the range of\r
- certificate type values from 0x0EF0\r
- to 0x0EFF.\r
-\r
- @param bCertificate The actual certificate. The format of\r
- the certificate depends on\r
- wCertificateType. The format of the UEFI\r
- certificates is defined below.\r
-\r
-\r
-**/\r
-typedef struct _WIN_CERTIFICATE {\r
- UINT32 dwLength;\r
- UINT16 wRevision;\r
- UINT16 wCertificateType;\r
- //UINT8 bCertificate[ANYSIZE_ARRAY];\r
-} WIN_CERTIFICATE;\r
-\r
-///\r
-/// WIN_CERTIFICATE_UEFI_GUID.CertType\r
-/// \r
-#define EFI_CERT_TYPE_RSA2048_SHA256_GUID \\r
- {0xa7717414, 0xc616, 0x4977, {0x94, 0x20, 0x84, 0x47, 0x12, 0xa7, 0x35, 0xbf } }\r
-\r
-///\r
-/// WIN_CERTIFICATE_UEFI_GUID.CertData\r
-/// \r
-typedef struct _EFI_CERT_BLOCK_RSA_2048_SHA256 {\r
- UINT32 HashType;\r
- UINT8 PublicKey[256];\r
- UINT8 Signature[256];\r
-} EFI_CERT_BLOCK_RSA_2048_SHA256;\r
-\r
-\r
-/**\r
- \r
- @param Hdr This is the standard WIN_CERTIFICATE header, where\r
- wCertificateType is set to\r
- WIN_CERT_TYPE_UEFI_GUID.\r
-\r
- @param CertType This is the unique id which determines the\r
- format of the CertData. In this case, the\r
- value is EFI_CERT_TYPE_RSA2048_SHA256_GUID.\r
-\r
- @param CertData This is the certificate data. The format of\r
- the data is determined by the CertType. In\r
- this case the value is\r
- EFI_CERT_BLOCK_RSA_2048_SHA256.\r
-\r
-**/\r
-typedef struct _WIN_CERTIFICATE_UEFI_GUID {\r
- WIN_CERTIFICATE Hdr;\r
- EFI_GUID CertType;\r
- // UINT8 CertData[ANYSIZE_ARRAY];\r
-} WIN_CERTIFICATE_UEFI_GUID;\r
-\r
-\r
-/**\r
- \r
- Certificate which encapsulates the RSASSA_PKCS1-v1_5 digital\r
- signature.\r
- \r
- The WIN_CERTIFICATE_UEFI_PKCS1_15 structure is derived from\r
- WIN_CERTIFICATE and encapsulate the information needed to \r
- implement the RSASSA-PKCS1-v1_5 digital signature algorithm as \r
- specified in RFC2437. \r
- \r
- @param Hdr This is the standard WIN_CERTIFICATE header, where\r
- wCertificateType is set to\r
- WIN_CERT_TYPE_UEFI_PKCS1_15.\r
- \r
- @param HashAlgorithm This is the hashing algorithm which was\r
- performed on the UEFI executable when\r
- creating the digital signature. It is\r
- one of the enumerated values pre-defined\r
- in Section 26.4.1. See\r
- EFI_HASH_ALGORITHM_x.\r
- \r
- @param Signature This is the actual digital signature. The\r
- size of the signature is the same size as\r
- the key (1024-bit key is 128 bytes) and can\r
- be determined by subtracting the length of\r
- the other parts of this header from the\r
- total length of the certificate as found in\r
- Hdr.dwLength.\r
-\r
-**/\r
-typedef struct _WIN_CERTIFICATE_EFI_PKCS1_15 {\r
- WIN_CERTIFICATE Hdr;\r
- EFI_GUID HashAlgorithm;\r
- // UINT8 Signature[ANYSIZE_ARRAY];\r
-} WIN_CERTIFICATE_EFI_PKCS1_15;\r
-\r
-\r
-/**\r
- \r
- AuthInfo is a WIN_CERTIFICATE using the wCertificateType\r
- WIN_CERTIFICATE_UEFI_GUID and the CertType\r
- EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies\r
- authenticated access, then the Data buffer should begin with an\r
- authentication descriptor prior to the data payload and DataSize\r
- should reflect the the data.and descriptor size. The caller\r
- shall digest the Monotonic Count value and the associated data\r
- for the variable update using the SHA-256 1-way hash algorithm.\r
- The ensuing the 32-byte digest will be signed using the private\r
- key associated w/ the public/private 2048-bit RSA key-pair. The\r
- WIN_CERTIFICATE shall be used to describe the signature of the\r
- Variable data *Data. In addition, the signature will also\r
- include the MonotonicCount value to guard against replay attacks\r
- \r
- @param MonotonicCount Included in the signature of\r
- AuthInfo.Used to ensure freshness/no\r
- replay. Incremented during each\r
- "Write" access.\r
- \r
- @param AuthInfo Provides the authorization for the variable\r
- access. It is a signature across the\r
- variable data and the Monotonic Count\r
- value. Caller uses Private key that is\r
- associated with a public key that has been\r
- provisioned via the key exchange.\r
-\r
-**/\r
+/// \r
+/// AuthInfo is a WIN_CERTIFICATE using the wCertificateType\r
+/// WIN_CERTIFICATE_UEFI_GUID and the CertType\r
+/// EFI_CERT_TYPE_RSA2048_SHA256. If the attribute specifies\r
+/// authenticated access, then the Data buffer should begin with an\r
+/// authentication descriptor prior to the data payload and DataSize\r
+/// should reflect the the data.and descriptor size. The caller\r
+/// shall digest the Monotonic Count value and the associated data\r
+/// for the variable update using the SHA-256 1-way hash algorithm.\r
+/// The ensuing the 32-byte digest will be signed using the private\r
+/// key associated w/ the public/private 2048-bit RSA key-pair. The\r
+/// WIN_CERTIFICATE shall be used to describe the signature of the\r
+/// Variable data *Data. In addition, the signature will also\r
+/// include the MonotonicCount value to guard against replay attacks.\r
+/// \r
typedef struct {\r
+ ///\r
+ /// Included in the signature of \r
+ /// AuthInfo.Used to ensure freshness/no\r
+ /// replay. Incremented during each \r
+ /// "Write" access. \r
+ /// \r
UINT64 MonotonicCount;\r
+ ///\r
+ /// Provides the authorization for the variable \r
+ /// access. It is a signature across the \r
+ /// variable data and the Monotonic Count \r
+ /// value. Caller uses Private key that is \r
+ /// associated with a public key that has been \r
+ /// provisioned via the key exchange. \r
+ ///\r
WIN_CERTIFICATE_UEFI_GUID AuthInfo;\r
} EFI_VARIABLE_AUTHENTICATION;\r
\r