[mirror_edk2.git] / OvmfPkg / IntelTdx / TdTcg2Dxe / MeasureBootPeCoff.c

/** @file\r
  This module implements measuring PeCoff image for Tcg2 Protocol.\r
\r
  Caution: This file requires additional review when modified.\r
  This driver will have external input - PE/COFF image.\r
  This external input must be validated carefully to avoid security issue like\r
  buffer overflow, integer overflow.\r
\r
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <PiDxe.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/DevicePathLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/PeCoffLib.h>\r
#include <Library/HashLib.h>\r
\r
UINTN  mTcg2DxeImageSize = 0;\r
\r
/**\r
  Reads contents of a PE/COFF image in memory buffer.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
  read is within the image buffer.\r
\r
  @param  FileHandle      Pointer to the file handle to read the PE/COFF image.\r
  @param  FileOffset      Offset into the PE/COFF image to begin the read operation.\r
  @param  ReadSize        On input, the size in bytes of the requested read operation.\r
                          On output, the number of bytes actually read.\r
  @param  Buffer          Output buffer that contains the data read from the PE/COFF image.\r
\r
  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size\r
**/\r
EFI_STATUS\r
EFIAPI\r
Tcg2DxeImageRead (\r
  IN     VOID   *FileHandle,\r
  IN     UINTN  FileOffset,\r
  IN OUT UINTN  *ReadSize,\r
  OUT    VOID   *Buffer\r
  )\r
{\r
  UINTN  EndPosition;\r
\r
  if ((FileHandle == NULL) || (ReadSize == NULL) || (Buffer == NULL)) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  EndPosition = FileOffset + *ReadSize;\r
  if (EndPosition > mTcg2DxeImageSize) {\r
    *ReadSize = (UINT32)(mTcg2DxeImageSize - FileOffset);\r
  }\r
\r
  if (FileOffset >= mTcg2DxeImageSize) {\r
    *ReadSize = 0;\r
  }\r
\r
  CopyMem (Buffer, (UINT8 *)((UINTN)FileHandle + FileOffset), *ReadSize);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Measure PE image into TPM log based on the authenticode image hashing in\r
  PE/COFF Specification 8.0 Appendix A.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will validate its data structure\r
  within this image buffer before use.\r
\r
  Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
\r
  @param[in]  RtmrIndex      Rtmr index\r
  @param[in]  ImageAddress   Start address of image buffer.\r
  @param[in]  ImageSize      Image size\r
  @param[out] DigestList     Digest list of this image.\r
\r
  @retval EFI_SUCCESS            Successfully measure image.\r
  @retval EFI_OUT_OF_RESOURCES   No enough resource to measure image.\r
  @retval other error value\r
**/\r
EFI_STATUS\r
MeasurePeImageAndExtend (\r
  IN  UINT32                RtmrIndex,\r
  IN  EFI_PHYSICAL_ADDRESS  ImageAddress,\r
  IN  UINTN                 ImageSize,\r
  OUT TPML_DIGEST_VALUES    *DigestList\r
  )\r
{\r
  EFI_STATUS                           Status;\r
  EFI_IMAGE_DOS_HEADER                 *DosHdr;\r
  UINT32                               PeCoffHeaderOffset;\r
  EFI_IMAGE_SECTION_HEADER             *Section;\r
  UINT8                                *HashBase;\r
  UINTN                                HashSize;\r
  UINTN                                SumOfBytesHashed;\r
  EFI_IMAGE_SECTION_HEADER             *SectionHeader;\r
  UINTN                                Index;\r
  UINTN                                Pos;\r
  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr;\r
  UINT32                               NumberOfRvaAndSizes;\r
  UINT32                               CertSize;\r
  HASH_HANDLE                          HashHandle;\r
  PE_COFF_LOADER_IMAGE_CONTEXT         ImageContext;\r
\r
  HashHandle = 0xFFFFFFFF; // Know bad value\r
\r
  Status        = EFI_UNSUPPORTED;\r
  SectionHeader = NULL;\r
\r
  //\r
  // Check PE/COFF image\r
  //\r
  ZeroMem (&ImageContext, sizeof (ImageContext));\r
  ImageContext.Handle    = (VOID *)(UINTN)ImageAddress;\r
  mTcg2DxeImageSize      = ImageSize;\r
  ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)Tcg2DxeImageRead;\r
\r
  //\r
  // Get information about the image being loaded\r
  //\r
  Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
  if (EFI_ERROR (Status)) {\r
    //\r
    // The information can't be got from the invalid PeImage\r
    //\r
    DEBUG ((DEBUG_INFO, "Tcg2Dxe: PeImage invalid. Cannot retrieve image information.\n"));\r
    goto Finish;\r
  }\r
\r
  DosHdr             = (EFI_IMAGE_DOS_HEADER *)(UINTN)ImageAddress;\r
  PeCoffHeaderOffset = 0;\r
  if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
    PeCoffHeaderOffset = DosHdr->e_lfanew;\r
  }\r
\r
  Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *)(UINTN)ImageAddress + PeCoffHeaderOffset);\r
  if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
    Status = EFI_UNSUPPORTED;\r
    goto Finish;\r
  }\r
\r
  //\r
  // PE/COFF Image Measurement\r
  //\r
  //    NOTE: The following codes/steps are based upon the authenticode image hashing in\r
  //      PE/COFF Specification 8.0 Appendix A.\r
  //\r
  //\r
\r
  // 1.  Load the image header into memory.\r
\r
  // 2.  Initialize a SHA hash context.\r
\r
  Status = HashStart (&HashHandle);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
  //\r
  // Measuring PE/COFF Image Header;\r
  // But CheckSum field and SECURITY data directory (certificate) are excluded\r
  //\r
\r
  //\r
  // 3.  Calculate the distance from the base of the image header to the image checksum address.\r
  // 4.  Hash the image header from its base to beginning of the image checksum.\r
  //\r
  HashBase = (UINT8 *)(UINTN)ImageAddress;\r
  if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize            = (UINTN)(&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize            = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
  }\r
\r
  Status = HashUpdate (HashHandle, HashBase, HashSize);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
  //\r
  // 5.  Skip over the image checksum (it occupies a single ULONG).\r
  //\r
  if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
    //\r
    // 6.  Since there is no Cert Directory in optional header, hash everything\r
    //     from the end of the checksum to the end of image header.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset.\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset.\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
  } else {\r
    //\r
    // 7.  Hash everything from the end of the checksum to the start of the Cert Directory.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
    }\r
\r
    if (HashSize != 0) {\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
\r
    //\r
    // 8.  Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
    // 9.  Hash everything from the end of the Cert Directory to the end of image header.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //\r
      HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
  }\r
\r
  //\r
  // 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
  //\r
  if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
  }\r
\r
  //\r
  // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
  //     structures in the image. The 'NumberOfSections' field of the image\r
  //     header indicates how big the table should be. Do not include any\r
  //     IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
  //\r
  SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);\r
  if (SectionHeader == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Finish;\r
  }\r
\r
  //\r
  // 12.  Using the 'PointerToRawData' in the referenced section headers as\r
  //      a key, arrange the elements in the table in ascending order. In other\r
  //      words, sort the section headers according to the disk-file offset of\r
  //      the section.\r
  //\r
  Section = (EFI_IMAGE_SECTION_HEADER *)(\r
                                         (UINT8 *)(UINTN)ImageAddress +\r
                                         PeCoffHeaderOffset +\r
                                         sizeof (UINT32) +\r
                                         sizeof (EFI_IMAGE_FILE_HEADER) +\r
                                         Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
                                         );\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Pos = Index;\r
    while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
      CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));\r
      Pos--;\r
    }\r
\r
    CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));\r
    Section += 1;\r
  }\r
\r
  //\r
  // 13.  Walk through the sorted table, bring the corresponding section\r
  //      into memory, and hash the entire section (using the 'SizeOfRawData'\r
  //      field in the section header to determine the amount of data to hash).\r
  // 14.  Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
  // 15.  Repeat steps 13 and 14 for all the sections in the sorted table.\r
  //\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Section = (EFI_IMAGE_SECTION_HEADER *)&SectionHeader[Index];\r
    if (Section->SizeOfRawData == 0) {\r
      continue;\r
    }\r
\r
    HashBase = (UINT8 *)(UINTN)ImageAddress + Section->PointerToRawData;\r
    HashSize = (UINTN)Section->SizeOfRawData;\r
\r
    Status = HashUpdate (HashHandle, HashBase, HashSize);\r
    if (EFI_ERROR (Status)) {\r
      goto Finish;\r
    }\r
\r
    SumOfBytesHashed += HashSize;\r
  }\r
\r
  //\r
  // 16.  If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
  //      data in the file that needs to be added to the hash. This data begins\r
  //      at file offset SUM_OF_BYTES_HASHED and its length is:\r
  //             FileSize  -  (CertDirectory->Size)\r
  //\r
  if (ImageSize > SumOfBytesHashed) {\r
    HashBase = (UINT8 *)(UINTN)ImageAddress + SumOfBytesHashed;\r
\r
    if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
      CertSize = 0;\r
    } else {\r
      if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
        //\r
        // Use PE32 offset.\r
        //\r
        CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      } else {\r
        //\r
        // Use PE32+ offset.\r
        //\r
        CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      }\r
    }\r
\r
    if (ImageSize > CertSize + SumOfBytesHashed) {\r
      HashSize = (UINTN)(ImageSize - CertSize - SumOfBytesHashed);\r
\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    } else if (ImageSize < CertSize + SumOfBytesHashed) {\r
      Status = EFI_UNSUPPORTED;\r
      goto Finish;\r
    }\r
  }\r
\r
  //\r
  // 17.  Finalize the SHA hash.\r
  //\r
  Status = HashCompleteAndExtend (HashHandle, RtmrIndex, NULL, 0, DigestList);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
Finish:\r
  if (SectionHeader != NULL) {\r
    FreePool (SectionHeader);\r
  }\r
\r
  return Status;\r
}\r
Commit	Line	Data
57a6ee34 MX	1	/** @file\r
	2	This module implements measuring PeCoff image for Tcg2 Protocol.\r
	3	\r
	4	Caution: This file requires additional review when modified.\r
	5	This driver will have external input - PE/COFF image.\r
	6	This external input must be validated carefully to avoid security issue like\r
	7	buffer overflow, integer overflow.\r
	8	\r
	9	Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
	10	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	11	\r
	12	**/\r
	13	\r
	14	#include <PiDxe.h>\r
	15	\r
	16	#include <Library/BaseLib.h>\r
	17	#include <Library/DebugLib.h>\r
	18	#include <Library/BaseMemoryLib.h>\r
	19	#include <Library/MemoryAllocationLib.h>\r
	20	#include <Library/DevicePathLib.h>\r
	21	#include <Library/UefiBootServicesTableLib.h>\r
	22	#include <Library/PeCoffLib.h>\r
	23	#include <Library/HashLib.h>\r
	24	\r
	25	UINTN mTcg2DxeImageSize = 0;\r
	26	\r
	27	/**\r
	28	Reads contents of a PE/COFF image in memory buffer.\r
	29	\r
	30	Caution: This function may receive untrusted input.\r
	31	PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
	32	read is within the image buffer.\r
	33	\r
	34	@param FileHandle Pointer to the file handle to read the PE/COFF image.\r
	35	@param FileOffset Offset into the PE/COFF image to begin the read operation.\r
	36	@param ReadSize On input, the size in bytes of the requested read operation.\r
	37	On output, the number of bytes actually read.\r
	38	@param Buffer Output buffer that contains the data read from the PE/COFF image.\r
	39	\r
	40	@retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size\r
	41	**/\r
	42	EFI_STATUS\r
	43	EFIAPI\r
	44	Tcg2DxeImageRead (\r
	45	IN VOID *FileHandle,\r
	46	IN UINTN FileOffset,\r
	47	IN OUT UINTN *ReadSize,\r
	48	OUT VOID *Buffer\r
	49	)\r
	50	{\r
	51	UINTN EndPosition;\r
	52	\r
	53	if ((FileHandle == NULL) \|\| (ReadSize == NULL) \|\| (Buffer == NULL)) {\r
	54	return EFI_INVALID_PARAMETER;\r
	55	}\r
	56	\r
	57	if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
	58	return EFI_INVALID_PARAMETER;\r
	59	}\r
	60	\r
	61	EndPosition = FileOffset + *ReadSize;\r
	62	if (EndPosition > mTcg2DxeImageSize) {\r
	63	*ReadSize = (UINT32)(mTcg2DxeImageSize - FileOffset);\r
	64	}\r
65	\r
66	if (FileOffset >= mTcg2DxeImageSize) {\r
67	*ReadSize = 0;\r
68	}\r
69	\r
70	CopyMem (Buffer, (UINT8 )((UINTN)FileHandle + FileOffset), ReadSize);\r
71	\r
72	return EFI_SUCCESS;\r
73	}\r
74	\r
75	/**\r
76	Measure PE image into TPM log based on the authenticode image hashing in\r
77	PE/COFF Specification 8.0 Appendix A.\r
78	\r
79	Caution: This function may receive untrusted input.\r
80	PE/COFF image is external input, so this function will validate its data structure\r
81	within this image buffer before use.\r
82	\r
83	Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
84	\r
85	@param[in] RtmrIndex Rtmr index\r
86	@param[in] ImageAddress Start address of image buffer.\r
87	@param[in] ImageSize Image size\r
88	@param[out] DigestList Digest list of this image.\r
89	\r
90	@retval EFI_SUCCESS Successfully measure image.\r
91	@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.\r
92	@retval other error value\r
93	**/\r
94	EFI_STATUS\r
95	MeasurePeImageAndExtend (\r
96	IN UINT32 RtmrIndex,\r
97	IN EFI_PHYSICAL_ADDRESS ImageAddress,\r
98	IN UINTN ImageSize,\r
99	OUT TPML_DIGEST_VALUES *DigestList\r
100	)\r
101	{\r
102	EFI_STATUS Status;\r
103	EFI_IMAGE_DOS_HEADER *DosHdr;\r
104	UINT32 PeCoffHeaderOffset;\r
105	EFI_IMAGE_SECTION_HEADER *Section;\r
106	UINT8 *HashBase;\r
107	UINTN HashSize;\r
108	UINTN SumOfBytesHashed;\r
109	EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
110	UINTN Index;\r
111	UINTN Pos;\r
112	EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;\r
113	UINT32 NumberOfRvaAndSizes;\r
114	UINT32 CertSize;\r
115	HASH_HANDLE HashHandle;\r
116	PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
117	\r
118	HashHandle = 0xFFFFFFFF; // Know bad value\r
119	\r
120	Status = EFI_UNSUPPORTED;\r
121	SectionHeader = NULL;\r
122	\r
123	//\r
124	// Check PE/COFF image\r
125	//\r
126	ZeroMem (&ImageContext, sizeof (ImageContext));\r
127	ImageContext.Handle = (VOID *)(UINTN)ImageAddress;\r
128	mTcg2DxeImageSize = ImageSize;\r
129	ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)Tcg2DxeImageRead;\r
130	\r
131	//\r
132	// Get information about the image being loaded\r
133	//\r
134	Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
135	if (EFI_ERROR (Status)) {\r
136	//\r
137	// The information can't be got from the invalid PeImage\r
138	//\r
139	DEBUG ((DEBUG_INFO, "Tcg2Dxe: PeImage invalid. Cannot retrieve image information.\n"));\r
140	goto Finish;\r
141	}\r
142	\r
143	DosHdr = (EFI_IMAGE_DOS_HEADER *)(UINTN)ImageAddress;\r
144	PeCoffHeaderOffset = 0;\r
145	if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
146	PeCoffHeaderOffset = DosHdr->e_lfanew;\r
147	}\r
148	\r
149	Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 )((UINT8 )(UINTN)ImageAddress + PeCoffHeaderOffset);\r
150	if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
151	Status = EFI_UNSUPPORTED;\r
152	goto Finish;\r
153	}\r
154	\r
155	//\r
156	// PE/COFF Image Measurement\r
157	//\r
158	// NOTE: The following codes/steps are based upon the authenticode image hashing in\r
159	// PE/COFF Specification 8.0 Appendix A.\r
160	//\r
161	//\r
162	\r
163	// 1. Load the image header into memory.\r
164	\r
165	// 2. Initialize a SHA hash context.\r
166	\r
167	Status = HashStart (&HashHandle);\r
168	if (EFI_ERROR (Status)) {\r
169	goto Finish;\r
170	}\r
171	\r
172	//\r
173	// Measuring PE/COFF Image Header;\r
174	// But CheckSum field and SECURITY data directory (certificate) are excluded\r
175	//\r
176	\r
177	//\r
178	// 3. Calculate the distance from the base of the image header to the image checksum address.\r
179	// 4. Hash the image header from its base to beginning of the image checksum.\r
180	//\r
181	HashBase = (UINT8 *)(UINTN)ImageAddress;\r
182	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
183	//\r
184	// Use PE32 offset\r
185	//\r
186	NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
187	HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
188	} else {\r
189	//\r
190	// Use PE32+ offset\r
191	//\r
192	NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
193	HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;\r
194	}\r
195	\r
196	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
197	if (EFI_ERROR (Status)) {\r
198	goto Finish;\r
199	}\r
200	\r
201	//\r
202	// 5. Skip over the image checksum (it occupies a single ULONG).\r
203	//\r
204	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
205	//\r
206	// 6. Since there is no Cert Directory in optional header, hash everything\r
207	// from the end of the checksum to the end of image header.\r
208	//\r
209	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
210	//\r
211	// Use PE32 offset.\r
212	//\r
213	HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
214	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
215	} else {\r
216	//\r
217	// Use PE32+ offset.\r
218	//\r
219	HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
220	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
221	}\r
222	\r
223	if (HashSize != 0) {\r
224	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
225	if (EFI_ERROR (Status)) {\r
226	goto Finish;\r
227	}\r
228	}\r
229	} else {\r
230	//\r
231	// 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
232	//\r
233	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
234	//\r
235	// Use PE32 offset\r
236	//\r
237	HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
238	HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
239	} else {\r
240	//\r
241	// Use PE32+ offset\r
242	//\r
243	HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
244	HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;\r
245	}\r
246	\r
247	if (HashSize != 0) {\r
248	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
249	if (EFI_ERROR (Status)) {\r
250	goto Finish;\r
251	}\r
252	}\r
253	\r
254	//\r
255	// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
256	// 9. Hash everything from the end of the Cert Directory to the end of image header.\r
257	//\r
258	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
259	//\r
260	// Use PE32 offset\r
261	//\r
262	HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
263	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
264	} else {\r
265	//\r
266	// Use PE32+ offset\r
267	//\r
268	HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
269	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);\r
270	}\r
271	\r
272	if (HashSize != 0) {\r
273	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
274	if (EFI_ERROR (Status)) {\r
275	goto Finish;\r
276	}\r
277	}\r
278	}\r
279	\r
280	//\r
281	// 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
282	//\r
283	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
284	//\r
285	// Use PE32 offset\r
286	//\r
287	SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
288	} else {\r
289	//\r
290	// Use PE32+ offset\r
291	//\r
292	SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
293	}\r
294	\r
295	//\r
296	// 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
297	// structures in the image. The 'NumberOfSections' field of the image\r
298	// header indicates how big the table should be. Do not include any\r
299	// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
300	//\r
301	SectionHeader = (EFI_IMAGE_SECTION_HEADER )AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) Hdr.Pe32->FileHeader.NumberOfSections);\r
302	if (SectionHeader == NULL) {\r
303	Status = EFI_OUT_OF_RESOURCES;\r
304	goto Finish;\r
305	}\r
306	\r
307	//\r
308	// 12. Using the 'PointerToRawData' in the referenced section headers as\r
309	// a key, arrange the elements in the table in ascending order. In other\r
310	// words, sort the section headers according to the disk-file offset of\r
311	// the section.\r
312	//\r
313	Section = (EFI_IMAGE_SECTION_HEADER *)(\r
314	(UINT8 *)(UINTN)ImageAddress +\r
315	PeCoffHeaderOffset +\r
316	sizeof (UINT32) +\r
317	sizeof (EFI_IMAGE_FILE_HEADER) +\r
318	Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
319	);\r
320	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
321	Pos = Index;\r
322	while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
323	CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));\r
324	Pos--;\r
325	}\r
326	\r
327	CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));\r
328	Section += 1;\r
329	}\r
330	\r
331	//\r
332	// 13. Walk through the sorted table, bring the corresponding section\r
333	// into memory, and hash the entire section (using the 'SizeOfRawData'\r
334	// field in the section header to determine the amount of data to hash).\r
335	// 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
336	// 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
337	//\r
338	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
339	Section = (EFI_IMAGE_SECTION_HEADER *)&SectionHeader[Index];\r
340	if (Section->SizeOfRawData == 0) {\r
341	continue;\r
342	}\r
343	\r
344	HashBase = (UINT8 *)(UINTN)ImageAddress + Section->PointerToRawData;\r
345	HashSize = (UINTN)Section->SizeOfRawData;\r
346	\r
347	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
348	if (EFI_ERROR (Status)) {\r
349	goto Finish;\r
350	}\r
351	\r
352	SumOfBytesHashed += HashSize;\r
353	}\r
354	\r
355	//\r
356	// 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
357	// data in the file that needs to be added to the hash. This data begins\r
358	// at file offset SUM_OF_BYTES_HASHED and its length is:\r
359	// FileSize - (CertDirectory->Size)\r
360	//\r
361	if (ImageSize > SumOfBytesHashed) {\r
362	HashBase = (UINT8 *)(UINTN)ImageAddress + SumOfBytesHashed;\r
363	\r
364	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
365	CertSize = 0;\r
366	} else {\r
367	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
368	//\r
369	// Use PE32 offset.\r
370	//\r
371	CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
372	} else {\r
373	//\r
374	// Use PE32+ offset.\r
375	//\r
376	CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
377	}\r
378	}\r
379	\r
380	if (ImageSize > CertSize + SumOfBytesHashed) {\r
381	HashSize = (UINTN)(ImageSize - CertSize - SumOfBytesHashed);\r
382	\r
383	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
384	if (EFI_ERROR (Status)) {\r
385	goto Finish;\r
386	}\r
387	} else if (ImageSize < CertSize + SumOfBytesHashed) {\r
388	Status = EFI_UNSUPPORTED;\r
389	goto Finish;\r
390	}\r
391	}\r
392	\r
393	//\r
394	// 17. Finalize the SHA hash.\r
395	//\r
396	Status = HashCompleteAndExtend (HashHandle, RtmrIndex, NULL, 0, DigestList);\r
397	if (EFI_ERROR (Status)) {\r
398	goto Finish;\r
399	}\r
400	\r
401	Finish:\r
402	if (SectionHeader != NULL) {\r
403	FreePool (SectionHeader);\r
404	}\r
405	\r
406	return Status;\r
407	}\r