[mirror_edk2.git] / MdePkg / Include / Ppi / Security2.h

/** @file\r
  This file declares Pei Security2 PPI.\r
\r
  This PPI is installed by some platform PEIM that abstracts the security\r
  policy to the PEI Foundation, namely the case of a PEIM's authentication\r
  state being returned during the PEI section extraction process.\r
\r
  Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
  SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
  @par Revision Reference:\r
  This PPI is introduced in PI Version 1.0.\r
\r
**/\r
\r
#ifndef __SECURITY2_PPI_H__\r
#define __SECURITY2_PPI_H__\r
\r
#define EFI_PEI_SECURITY2_PPI_GUID \\r
  { 0xdcd0be23, 0x9586, 0x40f4, { 0xb6, 0x43, 0x6, 0x52, 0x2c, 0xed, 0x4e, 0xde } }\r
\r
typedef struct _EFI_PEI_SECURITY2_PPI EFI_PEI_SECURITY2_PPI;\r
\r
/**\r
  Allows the platform builder to implement a security policy\r
  in response to varying file authentication states.\r
\r
  This service is published by some platform PEIM. The purpose of\r
  this service is to expose a given platform's policy-based\r
  response to the PEI Foundation. For example, if there is a PEIM\r
  in a GUIDed encapsulation section and the extraction of the PEI\r
  file section yields an authentication failure, there is no a\r
  priori policy in the PEI Foundation. Specifically, this\r
  situation leads to the question whether PEIMs that are either\r
  not in GUIDed sections or are in sections whose authentication\r
  fails should still be executed.\r
\r
  @param PeiServices             An indirect pointer to the PEI Services\r
                                 Table published by the PEI Foundation.\r
  @param This                    Interface pointer that implements the\r
                                 particular EFI_PEI_SECURITY2_PPI instance.\r
  @param AuthenticationStatus    Authentication status of the file.\r
                                 xx00 Image was not signed.\r
                                 xxx1 Platform security policy override.\r
                                      Assumes same meaning as 0010 (the image was signed, the\r
                                      signature was tested, and the signature passed authentication test).\r
                                 0010 Image was signed, the signature was tested,\r
                                      and the signature passed authentication test.\r
                                 0110 Image was signed and the signature was not tested.\r
                                 1010 Image was signed, the signature was tested,\r
                                      and the signature failed the authentication test.\r
  @param FvHandle                Handle of the volume in which the file\r
                                 resides. This allows different policies\r
                                 depending on different firmware volumes.\r
  @param FileHandle              Handle of the file under review.\r
  @param DeferExecution          Pointer to a variable that alerts the\r
                                 PEI Foundation to defer execution of a\r
                                 PEIM.\r
\r
  @retval EFI_SUCCESS            The service performed its action successfully.\r
  @retval EFI_SECURITY_VIOLATION The object cannot be trusted.\r
\r
**/\r
typedef\r
EFI_STATUS\r
(EFIAPI *EFI_PEI_SECURITY_AUTHENTICATION_STATE)(\r
  IN CONST  EFI_PEI_SERVICES      **PeiServices,\r
  IN CONST  EFI_PEI_SECURITY2_PPI *This,\r
  IN UINT32                       AuthenticationStatus,\r
  IN EFI_PEI_FV_HANDLE            FvHandle,\r
  IN EFI_PEI_FILE_HANDLE          FileHandle,\r
  IN OUT    BOOLEAN               *DeferExecution\r
  );\r
\r
///\r
/// This PPI is a means by which the platform builder can indicate\r
/// a response to a PEIM's authentication state. This can be in\r
/// the form of a requirement for the PEI Foundation to skip a\r
/// module using the DeferExecution Boolean output in the\r
/// AuthenticationState() member function. Alternately, the\r
/// Security PPI can invoke something like a cryptographic PPI\r
/// that hashes the PEIM contents to log attestations, for which\r
/// the FileHandle parameter in AuthenticationState() will be\r
/// useful. If this PPI does not exist, PEIMs will be considered\r
/// trusted.\r
///\r
struct _EFI_PEI_SECURITY2_PPI {\r
  EFI_PEI_SECURITY_AUTHENTICATION_STATE    AuthenticationState;\r
};\r
\r
extern EFI_GUID  gEfiPeiSecurity2PpiGuid;\r
\r
#endif\r
Commit	Line	Data
e5544398	1	/** @file\r
d7132512	2	This file declares Pei Security2 PPI.\r
e5544398	3	\r
9095d37b LG	4	This PPI is installed by some platform PEIM that abstracts the security\r
9095d37b LG	5	policy to the PEI Foundation, namely the case of a PEIM's authentication\r
d7132512 LG	6	state being returned during the PEI section extraction process.\r
d7132512 LG	7	\r
9095d37b	8	Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
9344f092	9	SPDX-License-Identifier: BSD-2-Clause-Patent\r
e5544398	10	\r
e5544398	11	@par Revision Reference:\r
0047820e	12	This PPI is introduced in PI Version 1.0.\r
e5544398	13	\r
	14	**/\r
	15	\r
	16	#ifndef __SECURITY2_PPI_H__\r
	17	#define __SECURITY2_PPI_H__\r
	18	\r
	19	#define EFI_PEI_SECURITY2_PPI_GUID \\r
	20	{ 0xdcd0be23, 0x9586, 0x40f4, { 0xb6, 0x43, 0x6, 0x52, 0x2c, 0xed, 0x4e, 0xde } }\r
	21	\r
2f88bd3a	22	typedef struct _EFI_PEI_SECURITY2_PPI EFI_PEI_SECURITY2_PPI;\r
e5544398	23	\r
e5544398	24	/**\r
9095d37b	25	Allows the platform builder to implement a security policy\r
d7132512 LG	26	in response to varying file authentication states.\r
d7132512 LG	27	\r
e5544398	28	This service is published by some platform PEIM. The purpose of\r
	29	this service is to expose a given platform's policy-based\r
	30	response to the PEI Foundation. For example, if there is a PEIM\r
	31	in a GUIDed encapsulation section and the extraction of the PEI\r
	32	file section yields an authentication failure, there is no a\r
	33	priori policy in the PEI Foundation. Specifically, this\r
	34	situation leads to the question whether PEIMs that are either\r
	35	not in GUIDed sections or are in sections whose authentication\r
13c38031	36	fails should still be executed.\r
	37	\r
	38	@param PeiServices An indirect pointer to the PEI Services\r
	39	Table published by the PEI Foundation.\r
	40	@param This Interface pointer that implements the\r
	41	particular EFI_PEI_SECURITY2_PPI instance.\r
	42	@param AuthenticationStatus Authentication status of the file.\r
9319d2c2	43	xx00 Image was not signed.\r
9095d37b	44	xxx1 Platform security policy override.\r
9319d2c2 LG	45	Assumes same meaning as 0010 (the image was signed, the\r
9319d2c2 LG	46	signature was tested, and the signature passed authentication test).\r
9095d37b	47	0010 Image was signed, the signature was tested,\r
9319d2c2 LG	48	and the signature passed authentication test.\r
9319d2c2 LG	49	0110 Image was signed and the signature was not tested.\r
9095d37b	50	1010 Image was signed, the signature was tested,\r
9319d2c2	51	and the signature failed the authentication test.\r
13c38031	52	@param FvHandle Handle of the volume in which the file\r
	53	resides. This allows different policies\r
	54	depending on different firmware volumes.\r
	55	@param FileHandle Handle of the file under review.\r
	56	@param DeferExecution Pointer to a variable that alerts the\r
	57	PEI Foundation to defer execution of a\r
	58	PEIM.\r
	59	\r
	60	@retval EFI_SUCCESS The service performed its action successfully.\r
	61	@retval EFI_SECURITY_VIOLATION The object cannot be trusted.\r
e5544398	62	\r
	63	**/\r
	64	typedef\r
	65	EFI_STATUS\r
8b13229b	66	(EFIAPI *EFI_PEI_SECURITY_AUTHENTICATION_STATE)(\r
e5544398	67	IN CONST EFI_PEI_SERVICES **PeiServices,\r
e5544398	68	IN CONST EFI_PEI_SECURITY2_PPI *This,\r
13c38031	69	IN UINT32 AuthenticationStatus,\r
13c38031	70	IN EFI_PEI_FV_HANDLE FvHandle,\r
c7935105	71	IN EFI_PEI_FILE_HANDLE FileHandle,\r
e5544398	72	IN OUT BOOLEAN *DeferExecution\r
2f88bd3a	73	);\r
e5544398	74	\r
13c38031	75	///\r
	76	/// This PPI is a means by which the platform builder can indicate\r
	77	/// a response to a PEIM's authentication state. This can be in\r
	78	/// the form of a requirement for the PEI Foundation to skip a\r
	79	/// module using the DeferExecution Boolean output in the\r
	80	/// AuthenticationState() member function. Alternately, the\r
	81	/// Security PPI can invoke something like a cryptographic PPI\r
	82	/// that hashes the PEIM contents to log attestations, for which\r
	83	/// the FileHandle parameter in AuthenticationState() will be\r
	84	/// useful. If this PPI does not exist, PEIMs will be considered\r
	85	/// trusted.\r
	86	///\r
e5544398	87	struct _EFI_PEI_SECURITY2_PPI {\r
2f88bd3a	88	EFI_PEI_SECURITY_AUTHENTICATION_STATE AuthenticationState;\r
e5544398	89	};\r
e5544398	90	\r
2f88bd3a	91	extern EFI_GUID gEfiPeiSecurity2PpiGuid;\r
e5544398	92	\r
e5544398	93	#endif\r