X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;ds=sidebyside;f=SecurityPkg%2FVariableAuthenticated%2FRuntimeDxe%2FAuthService.h;h=56def50d5287aaefb15f25b99cd329ea813b35a7;hb=13af4ab06516eefb40fb985467141e09efe9c58b;hp=e7a9a1f556be0940f61dbf01c5474a0f94470b8f;hpb=785d84ead0d7bdba8214f445612eff6d169dea14;p=mirror_edk2.git

diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
index e7a9a1f556..56def50d52 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/AuthService.h
@@ -2,7 +2,17 @@
   The internal header file includes the common header files, defines
   internal structure and functions used by AuthService module.
 
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable data. It may be input in SMM mode.
+  This external input must be validated carefully to avoid security issue like
+  buffer overflow, integer overflow.
+  Variable attribute should also be checked to avoid authentication bypass.
+     The whole SMM authentication variable design relies on the integrity of flash part and SMM.
+  which is assumed to be protected by platform.  All variable code and metadata in flash/SMM Memory
+  may not be modified without authorization. If platform fails to protect these resources, 
+  the authentication service provided in this driver will be broken, and the behavior is undefined.
+
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -36,13 +46,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 /// "AuthVarKeyDatabase" variable for the Public Key store.
 ///
 #define AUTHVAR_KEYDB_NAME      L"AuthVarKeyDatabase"
-#define AUTHVAR_KEYDB_NAME_SIZE 38
 
 ///
-/// Max size of public key database, restricted by max individal EFI varible size, exclude variable header and name size.
+/// "certdb" variable stores the signer's certificates for non PK/KEK/DB/DBX
+/// variables with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set.
+/// 
 ///
-#define MAX_KEYDB_SIZE  (FixedPcdGet32 (PcdMaxVariableSize) - sizeof (VARIABLE_HEADER) - AUTHVAR_KEYDB_NAME_SIZE)
-#define MAX_KEY_NUM     (MAX_KEYDB_SIZE / EFI_CERT_TYPE_RSA2048_SIZE)
+#define EFI_CERT_DB_NAME        L"certdb"
 
 ///
 /// Struct to record signature requirement defined by UEFI spec.
@@ -129,13 +139,18 @@ UpdatePlatformMode (
 /**
   Initializes for authenticated varibale service.
 
+  @param[in] MaxAuthVariableSize    Reflect the overhead associated with the saving
+                                    of a single EFI authenticated variable with the exception
+                                    of the overhead associated with the length
+                                    of the string name of the EFI variable.
+
   @retval EFI_SUCCESS           Function successfully executed.
-  @retval EFI_OUT_OF_RESOURCES  Fail to allocate enough memory resource.
+  @retval EFI_OUT_OF_RESOURCES  Fail to allocate enough memory resources.
 
 **/
 EFI_STATUS
 AutenticatedVariableServiceInitialize (
-  VOID
+  IN UINTN      MaxAuthVariableSize
   );
 
 /**
@@ -242,20 +257,24 @@ ProcessVarWithKek (
   will be appended to the original EFI_SIGNATURE_LIST, duplicate EFI_SIGNATURE_DATA
   will be ignored.
 
-  @param[in, out]  Data            Pointer to original EFI_SIGNATURE_LIST.
-  @param[in]       DataSize        Size of Data buffer.
-  @param[in]       NewData         Pointer to new EFI_SIGNATURE_LIST to be appended.
-  @param[in]       NewDataSize     Size of NewData buffer.
+  @param[in, out]  Data             Pointer to original EFI_SIGNATURE_LIST.
+  @param[in]       DataSize         Size of Data buffer.
+  @param[in]       FreeBufSize      Size of free data buffer 
+  @param[in]       NewData          Pointer to new EFI_SIGNATURE_LIST to be appended.
+  @param[in]       NewDataSize      Size of NewData buffer.
+  @param[out]      MergedBufSize    Size of the merged buffer
 
-  @return Size of the merged buffer.
+  @return EFI_BUFFER_TOO_SMALL if input Data buffer overflowed
 
 **/
-UINTN
+EFI_STATUS
 AppendSignatureList (
   IN  OUT VOID            *Data,
   IN  UINTN               DataSize,
+  IN  UINTN               FreeBufSize,
   IN  VOID                *NewData,
-  IN  UINTN               NewDataSize
+  IN  UINTN               NewDataSize,
+  OUT UINTN               *MergedBufSize
   );
 
 /**
@@ -275,6 +294,24 @@ CompareTimeStamp (
   IN EFI_TIME               *SecondTime
   );
 
+/**
+  Delete matching signer's certificates when deleting common authenticated
+  variable by corresponding VariableName and VendorGuid from "certdb".
+
+  @param[in]  VariableName   Name of authenticated Variable.
+  @param[in]  VendorGuid     Vendor GUID of authenticated Variable.
+
+  @retval  EFI_INVALID_PARAMETER Any input parameter is invalid.
+  @retval  EFI_NOT_FOUND         Fail to find "certdb" or matching certs.
+  @retval  EFI_OUT_OF_RESOURCES  The operation is failed due to lack of resources.
+  @retval  EFI_SUCCESS           The operation is completed successfully.
+
+**/
+EFI_STATUS
+DeleteCertsFromDb (
+  IN     CHAR16           *VariableName,
+  IN     EFI_GUID         *VendorGuid
+  );
 
 /**
   Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
@@ -315,10 +352,9 @@ VerifyTimeBasedPayload (
   OUT    BOOLEAN                            *VarDel
   );
 
-extern UINT8  mPubKeyStore[MAX_KEYDB_SIZE];
+extern UINT8  *mPubKeyStore;
+extern UINT8  *mCertDbStore;
 extern UINT32 mPubKeyNumber;
 extern VOID   *mHashCtx;
-extern VOID   *mStorageArea;
-extern UINT8  *mSerializationRuntimeBuffer;
 
 #endif