[mirror_edk2.git] / MdeModulePkg / Core / Pei / Security / Security.c

/** @file\r
  EFI PEI Core Security services\r
\r
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include "PeiMain.h"\r
\r
\r
EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
   EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
   &gEfiPeiSecurity2PpiGuid,\r
   SecurityPpiNotifyCallback\r
};\r
\r
/**\r
  Initialize the security services.\r
\r
  @param PeiServices     An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
  @param OldCoreData     Pointer to the old core data.\r
                         NULL if being run in non-permanent memory mode.\r
\r
**/\r
VOID\r
InitializeSecurityServices (\r
  IN EFI_PEI_SERVICES  **PeiServices,\r
  IN PEI_CORE_INSTANCE *OldCoreData\r
  )\r
{\r
  if (OldCoreData == NULL) {\r
    PeiServicesNotifyPpi (&mNotifyList);\r
  }\r
  return;\r
}\r
\r
/**\r
\r
  Provide a callback for when the security PPI is installed.\r
  This routine will cache installed security PPI into PeiCore's private data.\r
\r
  @param PeiServices        An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
  @param NotifyDescriptor   The descriptor for the notification event.\r
  @param Ppi                Pointer to the PPI in question.\r
\r
  @return Always success\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
SecurityPpiNotifyCallback (\r
  IN EFI_PEI_SERVICES           **PeiServices,\r
  IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,\r
  IN VOID                       *Ppi\r
  )\r
{\r
  PEI_CORE_INSTANCE                       *PrivateData;\r
\r
  //\r
  // Get PEI Core private data\r
  //\r
  PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
\r
  //\r
  // If there isn't a security PPI installed, use the one from notification\r
  //\r
  if (PrivateData->PrivateSecurityPpi == NULL) {\r
    PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;\r
  }\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Provide a callout to the security verification service.\r
\r
  @param PrivateData     PeiCore's private data structure\r
  @param VolumeHandle    Handle of FV\r
  @param FileHandle      Handle of PEIM's FFS\r
  @param AuthenticationStatus Authentication status\r
\r
  @retval EFI_SUCCESS              Image is OK\r
  @retval EFI_SECURITY_VIOLATION   Image is illegal\r
  @retval EFI_NOT_FOUND            If security PPI is not installed.\r
**/\r
EFI_STATUS\r
VerifyPeim (\r
  IN PEI_CORE_INSTANCE      *PrivateData,\r
  IN EFI_PEI_FV_HANDLE      VolumeHandle,\r
  IN EFI_PEI_FILE_HANDLE    FileHandle,\r
  IN UINT32                 AuthenticationStatus\r
  )\r
{\r
  EFI_STATUS                      Status;\r
  BOOLEAN                         DeferExecution;\r
\r
  Status = EFI_NOT_FOUND;\r
  if (PrivateData->PrivateSecurityPpi == NULL) {\r
    //\r
    // Check AuthenticationStatus first.\r
    //\r
    if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
      if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
        Status = EFI_SECURITY_VIOLATION;\r
      }\r
    }\r
  } else {\r
    //\r
    // Check to see if the image is OK\r
    //\r
    Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
                                                (CONST EFI_PEI_SERVICES **) &PrivateData->Ps,\r
                                                PrivateData->PrivateSecurityPpi,\r
                                                AuthenticationStatus,\r
                                                VolumeHandle,\r
                                                FileHandle,\r
                                                &DeferExecution\r
                                                );\r
    if (DeferExecution) {\r
      Status = EFI_SECURITY_VIOLATION;\r
    }\r
  }\r
  return Status;\r
}\r
\r
\r
/**\r
  Verify a Firmware volume.\r
\r
  @param CurrentFvAddress   Pointer to the current Firmware Volume under consideration\r
\r
  @retval EFI_SUCCESS       Firmware Volume is legal\r
\r
**/\r
EFI_STATUS\r
VerifyFv (\r
  IN EFI_FIRMWARE_VOLUME_HEADER  *CurrentFvAddress\r
  )\r
{\r
  //\r
  // Right now just pass the test.  Future can authenticate and/or check the\r
  // FV-header or other metric for goodness of binary.\r
  //\r
  return EFI_SUCCESS;\r
}\r
Commit	Line	Data
615c6dd0	1	/** @file\r
b1f6a7c6	2	EFI PEI Core Security services\r
d1102dba	3	\r
d39d1260	4	Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
9d510e61	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
192f6d4c	6	\r
b1f6a7c6	7	**/\r
192f6d4c	8	\r
0d516397	9	#include "PeiMain.h"\r
192f6d4c	10	\r
192f6d4c	11	\r
fe1e36e5	12	EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
192f6d4c	13	EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH \| EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
b0d803fe	14	&gEfiPeiSecurity2PpiGuid,\r
192f6d4c	15	SecurityPpiNotifyCallback\r
	16	};\r
	17	\r
b1f6a7c6	18	/**\r
192f6d4c	19	Initialize the security services.\r
192f6d4c	20	\r
dc857d56	21	@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
40f26b8f	22	@param OldCoreData Pointer to the old core data.\r
d39d1260	23	NULL if being run in non-permanent memory mode.\r
192f6d4c	24	\r
b1f6a7c6	25	**/\r
	26	VOID\r
	27	InitializeSecurityServices (\r
	28	IN EFI_PEI_SERVICES **PeiServices,\r
	29	IN PEI_CORE_INSTANCE *OldCoreData\r
	30	)\r
192f6d4c	31	{\r
	32	if (OldCoreData == NULL) {\r
	33	PeiServicesNotifyPpi (&mNotifyList);\r
	34	}\r
	35	return;\r
	36	}\r
	37	\r
b1f6a7c6	38	/**\r
	39	\r
	40	Provide a callback for when the security PPI is installed.\r
82b8c8df	41	This routine will cache installed security PPI into PeiCore's private data.\r
d1102dba	42	\r
dc857d56	43	@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
	44	@param NotifyDescriptor The descriptor for the notification event.\r
	45	@param Ppi Pointer to the PPI in question.\r
b1f6a7c6	46	\r
	47	@return Always success\r
	48	\r
	49	**/\r
192f6d4c	50	EFI_STATUS\r
	51	EFIAPI\r
	52	SecurityPpiNotifyCallback (\r
	53	IN EFI_PEI_SERVICES **PeiServices,\r
	54	IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
	55	IN VOID *Ppi\r
	56	)\r
192f6d4c	57	{\r
	58	PEI_CORE_INSTANCE *PrivateData;\r
	59	\r
	60	//\r
	61	// Get PEI Core private data\r
	62	//\r
	63	PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
d1102dba	64	\r
192f6d4c	65	//\r
	66	// If there isn't a security PPI installed, use the one from notification\r
	67	//\r
	68	if (PrivateData->PrivateSecurityPpi == NULL) {\r
b0d803fe	69	PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;\r
192f6d4c	70	}\r
	71	return EFI_SUCCESS;\r
	72	}\r
	73	\r
b1f6a7c6	74	/**\r
192f6d4c	75	Provide a callout to the security verification service.\r
192f6d4c	76	\r
b1f6a7c6	77	@param PrivateData PeiCore's private data structure\r
b1f6a7c6	78	@param VolumeHandle Handle of FV\r
d39d1260	79	@param FileHandle Handle of PEIM's FFS\r
c7935105	80	@param AuthenticationStatus Authentication status\r
192f6d4c	81	\r
b1f6a7c6	82	@retval EFI_SUCCESS Image is OK\r
b1f6a7c6	83	@retval EFI_SECURITY_VIOLATION Image is illegal\r
82b8c8df	84	@retval EFI_NOT_FOUND If security PPI is not installed.\r
b1f6a7c6	85	**/\r
	86	EFI_STATUS\r
	87	VerifyPeim (\r
	88	IN PEI_CORE_INSTANCE *PrivateData,\r
	89	IN EFI_PEI_FV_HANDLE VolumeHandle,\r
c7935105 SZ	90	IN EFI_PEI_FILE_HANDLE FileHandle,\r
c7935105 SZ	91	IN UINT32 AuthenticationStatus\r
b1f6a7c6	92	)\r
192f6d4c	93	{\r
192f6d4c	94	EFI_STATUS Status;\r
d39d1260	95	BOOLEAN DeferExecution;\r
192f6d4c	96	\r
9d8de12c	97	Status = EFI_NOT_FOUND;\r
192f6d4c	98	if (PrivateData->PrivateSecurityPpi == NULL) {\r
9d8de12c LG	99	//\r
	100	// Check AuthenticationStatus first.\r
	101	//\r
	102	if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
	103	if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED \| EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
	104	Status = EFI_SECURITY_VIOLATION;\r
	105	}\r
	106	}\r
192f6d4c	107	} else {\r
	108	//\r
	109	// Check to see if the image is OK\r
	110	//\r
	111	Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
4140a663	112	(CONST EFI_PEI_SERVICES **) &PrivateData->Ps,\r
192f6d4c	113	PrivateData->PrivateSecurityPpi,\r
192f6d4c	114	AuthenticationStatus,\r
b0d803fe	115	VolumeHandle,\r
b0d803fe	116	FileHandle,\r
d39d1260	117	&DeferExecution\r
192f6d4c	118	);\r
d39d1260	119	if (DeferExecution) {\r
192f6d4c	120	Status = EFI_SECURITY_VIOLATION;\r
	121	}\r
	122	}\r
	123	return Status;\r
	124	}\r
	125	\r
	126	\r
b1f6a7c6	127	/**\r
	128	Verify a Firmware volume.\r
	129	\r
82b8c8df	130	@param CurrentFvAddress Pointer to the current Firmware Volume under consideration\r
b1f6a7c6	131	\r
82b8c8df	132	@retval EFI_SUCCESS Firmware Volume is legal\r
b1f6a7c6	133	\r
b1f6a7c6	134	**/\r
192f6d4c	135	EFI_STATUS\r
	136	VerifyFv (\r
	137	IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress\r
	138	)\r
192f6d4c	139	{\r
	140	//\r
	141	// Right now just pass the test. Future can authenticate and/or check the\r
	142	// FV-header or other metric for goodness of binary.\r
	143	//\r
	144	return EFI_SUCCESS;\r
	145	}\r