[mirror_edk2.git] / MdeModulePkg / Core / Pei / Security / Security.c

/** @file\r
  EFI PEI Core Security services\r
\r
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "PeiMain.h"\r
\r
EFI_PEI_NOTIFY_DESCRIPTOR  mNotifyList = {\r
  EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
  &gEfiPeiSecurity2PpiGuid,\r
  SecurityPpiNotifyCallback\r
};\r
\r
/**\r
  Initialize the security services.\r
\r
  @param PeiServices     An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
  @param OldCoreData     Pointer to the old core data.\r
                         NULL if being run in non-permanent memory mode.\r
\r
**/\r
VOID\r
InitializeSecurityServices (\r
  IN EFI_PEI_SERVICES   **PeiServices,\r
  IN PEI_CORE_INSTANCE  *OldCoreData\r
  )\r
{\r
  if (OldCoreData == NULL) {\r
    PeiServicesNotifyPpi (&mNotifyList);\r
  }\r
\r
  return;\r
}\r
\r
/**\r
\r
  Provide a callback for when the security PPI is installed.\r
  This routine will cache installed security PPI into PeiCore's private data.\r
\r
  @param PeiServices        An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
  @param NotifyDescriptor   The descriptor for the notification event.\r
  @param Ppi                Pointer to the PPI in question.\r
\r
  @return Always success\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecurityPpiNotifyCallback (\r
  IN EFI_PEI_SERVICES           **PeiServices,\r
  IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,\r
  IN VOID                       *Ppi\r
  )\r
{\r
  PEI_CORE_INSTANCE  *PrivateData;\r
\r
  //\r
  // Get PEI Core private data\r
  //\r
  PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
\r
  //\r
  // If there isn't a security PPI installed, use the one from notification\r
  //\r
  if (PrivateData->PrivateSecurityPpi == NULL) {\r
    PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Provide a callout to the security verification service.\r
\r
  @param PrivateData     PeiCore's private data structure\r
  @param VolumeHandle    Handle of FV\r
  @param FileHandle      Handle of PEIM's FFS\r
  @param AuthenticationStatus Authentication status\r
\r
  @retval EFI_SUCCESS              Image is OK\r
  @retval EFI_SECURITY_VIOLATION   Image is illegal\r
  @retval EFI_NOT_FOUND            If security PPI is not installed.\r
**/\r
EFI_STATUS\r
VerifyPeim (\r
  IN PEI_CORE_INSTANCE    *PrivateData,\r
  IN EFI_PEI_FV_HANDLE    VolumeHandle,\r
  IN EFI_PEI_FILE_HANDLE  FileHandle,\r
  IN UINT32               AuthenticationStatus\r
  )\r
{\r
  EFI_STATUS  Status;\r
  BOOLEAN     DeferExecution;\r
\r
  Status = EFI_NOT_FOUND;\r
  if (PrivateData->PrivateSecurityPpi == NULL) {\r
    //\r
    // Check AuthenticationStatus first.\r
    //\r
    if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
      if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
        Status = EFI_SECURITY_VIOLATION;\r
      }\r
    }\r
  } else {\r
    //\r
    // Check to see if the image is OK\r
    //\r
    Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
                                                (CONST EFI_PEI_SERVICES **)&PrivateData->Ps,\r
                                                PrivateData->PrivateSecurityPpi,\r
                                                AuthenticationStatus,\r
                                                VolumeHandle,\r
                                                FileHandle,\r
                                                &DeferExecution\r
                                                );\r
    if (DeferExecution) {\r
      Status = EFI_SECURITY_VIOLATION;\r
    }\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
  Verify a Firmware volume.\r
\r
  @param CurrentFvAddress   Pointer to the current Firmware Volume under consideration\r
\r
  @retval EFI_SUCCESS       Firmware Volume is legal\r
\r
**/\r
EFI_STATUS\r
VerifyFv (\r
  IN EFI_FIRMWARE_VOLUME_HEADER  *CurrentFvAddress\r
  )\r
{\r
  //\r
  // Right now just pass the test.  Future can authenticate and/or check the\r
  // FV-header or other metric for goodness of binary.\r
  //\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
615c6dd0	1	/** @file\r
b1f6a7c6	2	EFI PEI Core Security services\r
d1102dba	3	\r
d39d1260	4	Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
9d510e61	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
192f6d4c	6	\r
b1f6a7c6	7	**/\r
192f6d4c	8	\r
0d516397	9	#include "PeiMain.h"\r
192f6d4c	10	\r
1436aea4 MK	11	EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
	12	EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH \| EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
	13	&gEfiPeiSecurity2PpiGuid,\r
	14	SecurityPpiNotifyCallback\r
192f6d4c	15	};\r
192f6d4c	16	\r
b1f6a7c6	17	/**\r
192f6d4c	18	Initialize the security services.\r
192f6d4c	19	\r
dc857d56	20	@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
40f26b8f	21	@param OldCoreData Pointer to the old core data.\r
d39d1260	22	NULL if being run in non-permanent memory mode.\r
192f6d4c	23	\r
b1f6a7c6	24	**/\r
	25	VOID\r
	26	InitializeSecurityServices (\r
1436aea4 MK	27	IN EFI_PEI_SERVICES **PeiServices,\r
1436aea4 MK	28	IN PEI_CORE_INSTANCE *OldCoreData\r
b1f6a7c6	29	)\r
192f6d4c	30	{\r
	31	if (OldCoreData == NULL) {\r
	32	PeiServicesNotifyPpi (&mNotifyList);\r
	33	}\r
1436aea4	34	\r
192f6d4c	35	return;\r
	36	}\r
	37	\r
b1f6a7c6	38	/**\r
	39	\r
	40	Provide a callback for when the security PPI is installed.\r
82b8c8df	41	This routine will cache installed security PPI into PeiCore's private data.\r
d1102dba	42	\r
dc857d56	43	@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
	44	@param NotifyDescriptor The descriptor for the notification event.\r
	45	@param Ppi Pointer to the PPI in question.\r
b1f6a7c6	46	\r
	47	@return Always success\r
	48	\r
	49	**/\r
192f6d4c	50	EFI_STATUS\r
	51	EFIAPI\r
	52	SecurityPpiNotifyCallback (\r
	53	IN EFI_PEI_SERVICES **PeiServices,\r
	54	IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
	55	IN VOID *Ppi\r
	56	)\r
192f6d4c	57	{\r
1436aea4	58	PEI_CORE_INSTANCE *PrivateData;\r
192f6d4c	59	\r
	60	//\r
	61	// Get PEI Core private data\r
	62	//\r
	63	PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
d1102dba	64	\r
192f6d4c	65	//\r
	66	// If there isn't a security PPI installed, use the one from notification\r
	67	//\r
	68	if (PrivateData->PrivateSecurityPpi == NULL) {\r
b0d803fe	69	PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;\r
192f6d4c	70	}\r
1436aea4	71	\r
192f6d4c	72	return EFI_SUCCESS;\r
	73	}\r
	74	\r
b1f6a7c6	75	/**\r
192f6d4c	76	Provide a callout to the security verification service.\r
192f6d4c	77	\r
b1f6a7c6	78	@param PrivateData PeiCore's private data structure\r
b1f6a7c6	79	@param VolumeHandle Handle of FV\r
d39d1260	80	@param FileHandle Handle of PEIM's FFS\r
c7935105	81	@param AuthenticationStatus Authentication status\r
192f6d4c	82	\r
b1f6a7c6	83	@retval EFI_SUCCESS Image is OK\r
b1f6a7c6	84	@retval EFI_SECURITY_VIOLATION Image is illegal\r
82b8c8df	85	@retval EFI_NOT_FOUND If security PPI is not installed.\r
b1f6a7c6	86	**/\r
	87	EFI_STATUS\r
	88	VerifyPeim (\r
1436aea4 MK	89	IN PEI_CORE_INSTANCE *PrivateData,\r
	90	IN EFI_PEI_FV_HANDLE VolumeHandle,\r
	91	IN EFI_PEI_FILE_HANDLE FileHandle,\r
	92	IN UINT32 AuthenticationStatus\r
b1f6a7c6	93	)\r
192f6d4c	94	{\r
1436aea4 MK	95	EFI_STATUS Status;\r
1436aea4 MK	96	BOOLEAN DeferExecution;\r
192f6d4c	97	\r
9d8de12c	98	Status = EFI_NOT_FOUND;\r
192f6d4c	99	if (PrivateData->PrivateSecurityPpi == NULL) {\r
9d8de12c LG	100	//\r
	101	// Check AuthenticationStatus first.\r
	102	//\r
	103	if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
	104	if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED \| EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
	105	Status = EFI_SECURITY_VIOLATION;\r
	106	}\r
	107	}\r
192f6d4c	108	} else {\r
	109	//\r
	110	// Check to see if the image is OK\r
	111	//\r
	112	Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
1436aea4	113	(CONST EFI_PEI_SERVICES **)&PrivateData->Ps,\r
192f6d4c	114	PrivateData->PrivateSecurityPpi,\r
192f6d4c	115	AuthenticationStatus,\r
b0d803fe	116	VolumeHandle,\r
b0d803fe	117	FileHandle,\r
d39d1260	118	&DeferExecution\r
192f6d4c	119	);\r
d39d1260	120	if (DeferExecution) {\r
192f6d4c	121	Status = EFI_SECURITY_VIOLATION;\r
	122	}\r
	123	}\r
1436aea4	124	\r
192f6d4c	125	return Status;\r
	126	}\r
	127	\r
b1f6a7c6	128	/**\r
	129	Verify a Firmware volume.\r
	130	\r
82b8c8df	131	@param CurrentFvAddress Pointer to the current Firmware Volume under consideration\r
b1f6a7c6	132	\r
82b8c8df	133	@retval EFI_SUCCESS Firmware Volume is legal\r
b1f6a7c6	134	\r
b1f6a7c6	135	**/\r
192f6d4c	136	EFI_STATUS\r
	137	VerifyFv (\r
	138	IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress\r
	139	)\r
192f6d4c	140	{\r
	141	//\r
	142	// Right now just pass the test. Future can authenticate and/or check the\r
	143	// FV-header or other metric for goodness of binary.\r
	144	//\r
	145	return EFI_SUCCESS;\r
	146	}\r