[mirror_edk2.git] / SecurityPkg / Tcg / TrEEDxe / MeasureBootPeCoff.c

/** @file\r
  This module implements measuring PeCoff image for TrEE Protocol.\r
  \r
  Caution: This file requires additional review when modified.\r
  This driver will have external input - PE/COFF image.\r
  This external input must be validated carefully to avoid security issue like\r
  buffer overflow, integer overflow.\r
\r
Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution.  The full text of the license may be found at \r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include <PiDxe.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/DevicePathLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/PeCoffLib.h>\r
#include <Library/Tpm2CommandLib.h>\r
#include <Library/HashLib.h>\r
\r
UINTN  mTrEEDxeImageSize = 0;\r
\r
/**\r
  Reads contents of a PE/COFF image in memory buffer.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
  read is within the image buffer.\r
\r
  @param  FileHandle      Pointer to the file handle to read the PE/COFF image.\r
  @param  FileOffset      Offset into the PE/COFF image to begin the read operation.\r
  @param  ReadSize        On input, the size in bytes of the requested read operation.\r
                          On output, the number of bytes actually read.\r
  @param  Buffer          Output buffer that contains the data read from the PE/COFF image.\r
\r
  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size\r
**/\r
EFI_STATUS\r
EFIAPI\r
TrEEDxeImageRead (\r
  IN     VOID    *FileHandle,\r
  IN     UINTN   FileOffset,\r
  IN OUT UINTN   *ReadSize,\r
  OUT    VOID    *Buffer\r
  )\r
{\r
  UINTN               EndPosition;\r
\r
  if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  EndPosition = FileOffset + *ReadSize;\r
  if (EndPosition > mTrEEDxeImageSize) {\r
    *ReadSize = (UINT32)(mTrEEDxeImageSize - FileOffset);\r
  }\r
\r
  if (FileOffset >= mTrEEDxeImageSize) {\r
    *ReadSize = 0;\r
  }\r
\r
  CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Measure PE image into TPM log based on the authenticode image hashing in\r
  PE/COFF Specification 8.0 Appendix A.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will validate its data structure\r
  within this image buffer before use.\r
\r
  Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
\r
  @param[in]  PCRIndex       TPM PCR index\r
  @param[in]  ImageAddress   Start address of image buffer.\r
  @param[in]  ImageSize      Image size\r
  @param[out] DigestList     Digeest list of this image.\r
\r
  @retval EFI_SUCCESS            Successfully measure image.\r
  @retval EFI_OUT_OF_RESOURCES   No enough resource to measure image.\r
  @retval other error value\r
**/\r
EFI_STATUS\r
MeasurePeImageAndExtend (\r
  IN  UINT32                    PCRIndex,\r
  IN  EFI_PHYSICAL_ADDRESS      ImageAddress,\r
  IN  UINTN                     ImageSize,\r
  OUT TPML_DIGEST_VALUES        *DigestList\r
  )\r
{\r
  EFI_STATUS                           Status;\r
  EFI_IMAGE_DOS_HEADER                 *DosHdr;\r
  UINT32                               PeCoffHeaderOffset;\r
  EFI_IMAGE_SECTION_HEADER             *Section;\r
  UINT8                                *HashBase;\r
  UINTN                                HashSize;\r
  UINTN                                SumOfBytesHashed;\r
  EFI_IMAGE_SECTION_HEADER             *SectionHeader;\r
  UINTN                                Index;\r
  UINTN                                Pos;\r
  UINT16                               Magic;\r
  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr;\r
  UINT32                               NumberOfRvaAndSizes;\r
  UINT32                               CertSize;\r
  HASH_HANDLE                          HashHandle;\r
  PE_COFF_LOADER_IMAGE_CONTEXT         ImageContext;\r
\r
  HashHandle = 0xFFFFFFFF; // Know bad value\r
\r
  Status        = EFI_UNSUPPORTED;\r
  SectionHeader = NULL;\r
\r
  //\r
  // Check PE/COFF image\r
  //\r
  ZeroMem (&ImageContext, sizeof (ImageContext));\r
  ImageContext.Handle    = (VOID *) (UINTN) ImageAddress;\r
  mTrEEDxeImageSize      = ImageSize;\r
  ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) TrEEDxeImageRead;\r
\r
  //\r
  // Get information about the image being loaded\r
  //\r
  Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
  if (EFI_ERROR (Status)) {\r
    //\r
    // The information can't be got from the invalid PeImage\r
    //\r
    DEBUG ((DEBUG_INFO, "TreeDxe: PeImage invalid. Cannot retrieve image information.\n"));\r
    goto Finish;\r
  }\r
\r
  DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;\r
  PeCoffHeaderOffset = 0;\r
  if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
    PeCoffHeaderOffset = DosHdr->e_lfanew;\r
  }\r
\r
  Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *) (UINTN) ImageAddress + PeCoffHeaderOffset);\r
  if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
    Status = EFI_UNSUPPORTED;\r
    goto Finish;\r
  }\r
\r
  //\r
  // PE/COFF Image Measurement\r
  //\r
  //    NOTE: The following codes/steps are based upon the authenticode image hashing in\r
  //      PE/COFF Specification 8.0 Appendix A.\r
  //\r
  //\r
\r
  // 1.  Load the image header into memory.\r
\r
  // 2.  Initialize a SHA hash context.\r
\r
  Status = HashStart (&HashHandle);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
  //\r
  // Measuring PE/COFF Image Header;\r
  // But CheckSum field and SECURITY data directory (certificate) are excluded\r
  //\r
  if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value \r
    //       in the PE/COFF Header. If the MachineType is Itanium(IA64) and the \r
    //       Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC\r
    //       then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC\r
    //\r
    Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;\r
  } else {\r
    //\r
    // Get the magic value from the PE/COFF Optional Header\r
    //\r
    Magic = Hdr.Pe32->OptionalHeader.Magic;\r
  }\r
  \r
  //\r
  // 3.  Calculate the distance from the base of the image header to the image checksum address.\r
  // 4.  Hash the image header from its base to beginning of the image checksum.\r
  //\r
  HashBase = (UINT8 *) (UINTN) ImageAddress;\r
  if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.CheckSum) - HashBase);\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - HashBase);\r
  }\r
\r
  Status = HashUpdate (HashHandle, HashBase, HashSize);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }  \r
\r
  //\r
  // 5.  Skip over the image checksum (it occupies a single ULONG).\r
  //\r
  if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
    //\r
    // 6.  Since there is no Cert Directory in optional header, hash everything\r
    //     from the end of the checksum to the end of image header.\r
    //\r
    if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset.\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset.\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }    \r
  } else {\r
    //\r
    // 7.  Hash everything from the end of the checksum to the start of the Cert Directory.\r
    //\r
    if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //    \r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
\r
    //\r
    // 8.  Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
    // 9.  Hash everything from the end of the Cert Directory to the end of image header.\r
    //\r
    if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    }\r
    \r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
  }\r
\r
  //\r
  // 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
  //\r
  if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
  }\r
\r
  //\r
  // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
  //     structures in the image. The 'NumberOfSections' field of the image\r
  //     header indicates how big the table should be. Do not include any\r
  //     IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
  //\r
  SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);\r
  if (SectionHeader == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Finish;\r
  }\r
\r
  //\r
  // 12.  Using the 'PointerToRawData' in the referenced section headers as\r
  //      a key, arrange the elements in the table in ascending order. In other\r
  //      words, sort the section headers according to the disk-file offset of\r
  //      the section.\r
  //\r
  Section = (EFI_IMAGE_SECTION_HEADER *) (\r
               (UINT8 *) (UINTN) ImageAddress +\r
               PeCoffHeaderOffset +\r
               sizeof(UINT32) +\r
               sizeof(EFI_IMAGE_FILE_HEADER) +\r
               Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
               );\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Pos = Index;\r
    while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
      CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));\r
      Pos--;\r
    }\r
    CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));\r
    Section += 1;\r
  }\r
\r
  //\r
  // 13.  Walk through the sorted table, bring the corresponding section\r
  //      into memory, and hash the entire section (using the 'SizeOfRawData'\r
  //      field in the section header to determine the amount of data to hash).\r
  // 14.  Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
  // 15.  Repeat steps 13 and 14 for all the sections in the sorted table.\r
  //\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Section  = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];\r
    if (Section->SizeOfRawData == 0) {\r
      continue;\r
    }\r
    HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;\r
    HashSize = (UINTN) Section->SizeOfRawData;\r
\r
    Status = HashUpdate (HashHandle, HashBase, HashSize);\r
    if (EFI_ERROR (Status)) {\r
      goto Finish;\r
    }\r
\r
    SumOfBytesHashed += HashSize;\r
  }\r
\r
  //\r
  // 16.  If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
  //      data in the file that needs to be added to the hash. This data begins\r
  //      at file offset SUM_OF_BYTES_HASHED and its length is:\r
  //             FileSize  -  (CertDirectory->Size)\r
  //\r
  if (ImageSize > SumOfBytesHashed) {\r
    HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;\r
\r
    if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
      CertSize = 0;\r
    } else {\r
      if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
        //\r
        // Use PE32 offset.\r
        //\r
        CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      } else {\r
        //\r
        // Use PE32+ offset.\r
        //\r
        CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      }\r
    }\r
\r
    if (ImageSize > CertSize + SumOfBytesHashed) {\r
      HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);\r
\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    } else if (ImageSize < CertSize + SumOfBytesHashed) {\r
      Status = EFI_UNSUPPORTED;\r
      goto Finish;\r
    }\r
  }\r
\r
  //\r
  // 17.  Finalize the SHA hash.\r
  //\r
  Status = HashCompleteAndExtend (HashHandle, PCRIndex, NULL, 0, DigestList);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
Finish:\r
  if (SectionHeader != NULL) {\r
    FreePool (SectionHeader);\r
  }\r
\r
  return Status;\r
}\r
Commit	Line	Data
c1d93242 JY	1	/** @file\r
	2	This module implements measuring PeCoff image for TrEE Protocol.\r
	3	\r
	4	Caution: This file requires additional review when modified.\r
	5	This driver will have external input - PE/COFF image.\r
	6	This external input must be validated carefully to avoid security issue like\r
	7	buffer overflow, integer overflow.\r
	8	\r
cad19cd3	9	Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>\r
c1d93242 JY	10	This program and the accompanying materials \r
	11	are licensed and made available under the terms and conditions of the BSD License \r
	12	which accompanies this distribution. The full text of the license may be found at \r
	13	http://opensource.org/licenses/bsd-license.php\r
	14	\r
	15	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
	16	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	17	\r
	18	**/\r
	19	\r
	20	#include <PiDxe.h>\r
	21	\r
	22	#include <Library/BaseLib.h>\r
	23	#include <Library/DebugLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/MemoryAllocationLib.h>\r
	26	#include <Library/DevicePathLib.h>\r
	27	#include <Library/UefiBootServicesTableLib.h>\r
	28	#include <Library/PeCoffLib.h>\r
	29	#include <Library/Tpm2CommandLib.h>\r
	30	#include <Library/HashLib.h>\r
	31	\r
cad19cd3 LG	32	UINTN mTrEEDxeImageSize = 0;\r
	33	\r
	34	/**\r
	35	Reads contents of a PE/COFF image in memory buffer.\r
	36	\r
	37	Caution: This function may receive untrusted input.\r
	38	PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
	39	read is within the image buffer.\r
	40	\r
	41	@param FileHandle Pointer to the file handle to read the PE/COFF image.\r
	42	@param FileOffset Offset into the PE/COFF image to begin the read operation.\r
	43	@param ReadSize On input, the size in bytes of the requested read operation.\r
	44	On output, the number of bytes actually read.\r
	45	@param Buffer Output buffer that contains the data read from the PE/COFF image.\r
	46	\r
	47	@retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size\r
	48	**/\r
	49	EFI_STATUS\r
	50	EFIAPI\r
	51	TrEEDxeImageRead (\r
	52	IN VOID *FileHandle,\r
	53	IN UINTN FileOffset,\r
	54	IN OUT UINTN *ReadSize,\r
	55	OUT VOID *Buffer\r
	56	)\r
	57	{\r
	58	UINTN EndPosition;\r
	59	\r
	60	if (FileHandle == NULL \|\| ReadSize == NULL \|\| Buffer == NULL) {\r
	61	return EFI_INVALID_PARAMETER;\r
	62	}\r
	63	\r
	64	if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
	65	return EFI_INVALID_PARAMETER;\r
	66	}\r
	67	\r
	68	EndPosition = FileOffset + *ReadSize;\r
	69	if (EndPosition > mTrEEDxeImageSize) {\r
	70	*ReadSize = (UINT32)(mTrEEDxeImageSize - FileOffset);\r
	71	}\r
	72	\r
	73	if (FileOffset >= mTrEEDxeImageSize) {\r
	74	*ReadSize = 0;\r
	75	}\r
	76	\r
	77	CopyMem (Buffer, (UINT8 )((UINTN) FileHandle + FileOffset), ReadSize);\r
	78	\r
	79	return EFI_SUCCESS;\r
	80	}\r
	81	\r
c1d93242 JY	82	/**\r
	83	Measure PE image into TPM log based on the authenticode image hashing in\r
	84	PE/COFF Specification 8.0 Appendix A.\r
	85	\r
	86	Caution: This function may receive untrusted input.\r
	87	PE/COFF image is external input, so this function will validate its data structure\r
	88	within this image buffer before use.\r
	89	\r
cad19cd3 LG	90	Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
cad19cd3 LG	91	\r
c1d93242 JY	92	@param[in] PCRIndex TPM PCR index\r
	93	@param[in] ImageAddress Start address of image buffer.\r
	94	@param[in] ImageSize Image size\r
	95	@param[out] DigestList Digeest list of this image.\r
	96	\r
	97	@retval EFI_SUCCESS Successfully measure image.\r
	98	@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.\r
	99	@retval other error value\r
	100	**/\r
	101	EFI_STATUS\r
	102	MeasurePeImageAndExtend (\r
	103	IN UINT32 PCRIndex,\r
	104	IN EFI_PHYSICAL_ADDRESS ImageAddress,\r
	105	IN UINTN ImageSize,\r
	106	OUT TPML_DIGEST_VALUES *DigestList\r
	107	)\r
	108	{\r
	109	EFI_STATUS Status;\r
	110	EFI_IMAGE_DOS_HEADER *DosHdr;\r
	111	UINT32 PeCoffHeaderOffset;\r
	112	EFI_IMAGE_SECTION_HEADER *Section;\r
	113	UINT8 *HashBase;\r
	114	UINTN HashSize;\r
	115	UINTN SumOfBytesHashed;\r
	116	EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
	117	UINTN Index;\r
	118	UINTN Pos;\r
	119	UINT16 Magic;\r
	120	EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;\r
	121	UINT32 NumberOfRvaAndSizes;\r
	122	UINT32 CertSize;\r
	123	HASH_HANDLE HashHandle;\r
cad19cd3	124	PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
c1d93242 JY	125	\r
	126	HashHandle = 0xFFFFFFFF; // Know bad value\r
	127	\r
	128	Status = EFI_UNSUPPORTED;\r
	129	SectionHeader = NULL;\r
	130	\r
	131	//\r
	132	// Check PE/COFF image\r
	133	//\r
cad19cd3 LG	134	ZeroMem (&ImageContext, sizeof (ImageContext));\r
	135	ImageContext.Handle = (VOID *) (UINTN) ImageAddress;\r
	136	mTrEEDxeImageSize = ImageSize;\r
	137	ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) TrEEDxeImageRead;\r
	138	\r
	139	//\r
	140	// Get information about the image being loaded\r
	141	//\r
	142	Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
	143	if (EFI_ERROR (Status)) {\r
	144	//\r
	145	// The information can't be got from the invalid PeImage\r
	146	//\r
	147	DEBUG ((DEBUG_INFO, "TreeDxe: PeImage invalid. Cannot retrieve image information.\n"));\r
	148	goto Finish;\r
	149	}\r
	150	\r
c1d93242 JY	151	DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;\r
	152	PeCoffHeaderOffset = 0;\r
	153	if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
	154	PeCoffHeaderOffset = DosHdr->e_lfanew;\r
	155	}\r
	156	\r
	157	Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 )((UINT8 ) (UINTN) ImageAddress + PeCoffHeaderOffset);\r
	158	if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
	159	Status = EFI_UNSUPPORTED;\r
	160	goto Finish;\r
	161	}\r
	162	\r
	163	//\r
	164	// PE/COFF Image Measurement\r
	165	//\r
	166	// NOTE: The following codes/steps are based upon the authenticode image hashing in\r
	167	// PE/COFF Specification 8.0 Appendix A.\r
	168	//\r
	169	//\r
	170	\r
	171	// 1. Load the image header into memory.\r
	172	\r
	173	// 2. Initialize a SHA hash context.\r
	174	\r
	175	Status = HashStart (&HashHandle);\r
	176	if (EFI_ERROR (Status)) {\r
	177	goto Finish;\r
	178	}\r
	179	\r
	180	//\r
	181	// Measuring PE/COFF Image Header;\r
	182	// But CheckSum field and SECURITY data directory (certificate) are excluded\r
	183	//\r
	184	if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	185	//\r
	186	// NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value \r
	187	// in the PE/COFF Header. If the MachineType is Itanium(IA64) and the \r
	188	// Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC\r
	189	// then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC\r
	190	//\r
	191	Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;\r
	192	} else {\r
	193	//\r
	194	// Get the magic value from the PE/COFF Optional Header\r
	195	//\r
	196	Magic = Hdr.Pe32->OptionalHeader.Magic;\r
	197	}\r
	198	\r
	199	//\r
	200	// 3. Calculate the distance from the base of the image header to the image checksum address.\r
	201	// 4. Hash the image header from its base to beginning of the image checksum.\r
	202	//\r
	203	HashBase = (UINT8 *) (UINTN) ImageAddress;\r
	204	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	205	//\r
	206	// Use PE32 offset\r
	207	//\r
	208	NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
	209	HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.CheckSum) - HashBase);\r
	210	} else {\r
	211	//\r
	212	// Use PE32+ offset\r
	213	//\r
	214	NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
215	HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - HashBase);\r
216	}\r
217	\r
218	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
219	if (EFI_ERROR (Status)) {\r
220	goto Finish;\r
221	} \r
222	\r
223	//\r
224	// 5. Skip over the image checksum (it occupies a single ULONG).\r
225	//\r
226	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
227	//\r
228	// 6. Since there is no Cert Directory in optional header, hash everything\r
229	// from the end of the checksum to the end of image header.\r
230	//\r
231	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
232	//\r
233	// Use PE32 offset.\r
234	//\r
235	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
236	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
237	} else {\r
238	//\r
239	// Use PE32+ offset.\r
240	//\r
241	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
242	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
243	}\r
244	\r
245	if (HashSize != 0) {\r
246	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
247	if (EFI_ERROR (Status)) {\r
248	goto Finish;\r
249	}\r
250	} \r
251	} else {\r
252	//\r
253	// 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
254	//\r
255	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
256	//\r
257	// Use PE32 offset\r
258	//\r
259	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
260	HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
261	} else {\r
262	//\r
263	// Use PE32+ offset\r
264	// \r
265	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
266	HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);\r
267	}\r
268	\r
269	if (HashSize != 0) {\r
270	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
271	if (EFI_ERROR (Status)) {\r
272	goto Finish;\r
273	}\r
274	}\r
275	\r
276	//\r
277	// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
278	// 9. Hash everything from the end of the Cert Directory to the end of image header.\r
279	//\r
280	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
281	//\r
282	// Use PE32 offset\r
283	//\r
284	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
285	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
286	} else {\r
287	//\r
288	// Use PE32+ offset\r
289	//\r
290	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
291	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
292	}\r
293	\r
294	if (HashSize != 0) {\r
295	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
296	if (EFI_ERROR (Status)) {\r
297	goto Finish;\r
298	}\r
299	}\r
300	}\r
301	\r
302	//\r
303	// 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
304	//\r
305	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
306	//\r
307	// Use PE32 offset\r
308	//\r
309	SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
310	} else {\r
311	//\r
312	// Use PE32+ offset\r
313	//\r
314	SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
315	}\r
316	\r
317	//\r
318	// 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
319	// structures in the image. The 'NumberOfSections' field of the image\r
320	// header indicates how big the table should be. Do not include any\r
321	// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
322	//\r
323	SectionHeader = (EFI_IMAGE_SECTION_HEADER ) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) Hdr.Pe32->FileHeader.NumberOfSections);\r
324	if (SectionHeader == NULL) {\r
325	Status = EFI_OUT_OF_RESOURCES;\r
326	goto Finish;\r
327	}\r
328	\r
329	//\r
330	// 12. Using the 'PointerToRawData' in the referenced section headers as\r
331	// a key, arrange the elements in the table in ascending order. In other\r
332	// words, sort the section headers according to the disk-file offset of\r
333	// the section.\r
334	//\r
335	Section = (EFI_IMAGE_SECTION_HEADER *) (\r
336	(UINT8 *) (UINTN) ImageAddress +\r
337	PeCoffHeaderOffset +\r
338	sizeof(UINT32) +\r
339	sizeof(EFI_IMAGE_FILE_HEADER) +\r
340	Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
341	);\r
342	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
343	Pos = Index;\r
344	while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
345	CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));\r
346	Pos--;\r
347	}\r
348	CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));\r
349	Section += 1;\r
350	}\r
351	\r
352	//\r
353	// 13. Walk through the sorted table, bring the corresponding section\r
354	// into memory, and hash the entire section (using the 'SizeOfRawData'\r
355	// field in the section header to determine the amount of data to hash).\r
356	// 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
357	// 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
358	//\r
359	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
360	Section = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];\r
361	if (Section->SizeOfRawData == 0) {\r
362	continue;\r
363	}\r
364	HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;\r
365	HashSize = (UINTN) Section->SizeOfRawData;\r
366	\r
367	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
368	if (EFI_ERROR (Status)) {\r
369	goto Finish;\r
370	}\r
371	\r
372	SumOfBytesHashed += HashSize;\r
373	}\r
374	\r
375	//\r
376	// 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
377	// data in the file that needs to be added to the hash. This data begins\r
378	// at file offset SUM_OF_BYTES_HASHED and its length is:\r
379	// FileSize - (CertDirectory->Size)\r
380	//\r
381	if (ImageSize > SumOfBytesHashed) {\r
382	HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;\r
383	\r
384	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
385	CertSize = 0;\r
386	} else {\r
387	if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
388	//\r
389	// Use PE32 offset.\r
390	//\r
391	CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
392	} else {\r
393	//\r
394	// Use PE32+ offset.\r
395	//\r
396	CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
397	}\r
398	}\r
399	\r
400	if (ImageSize > CertSize + SumOfBytesHashed) {\r
401	HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);\r
402	\r
403	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
404	if (EFI_ERROR (Status)) {\r
405	goto Finish;\r
406	}\r
407	} else if (ImageSize < CertSize + SumOfBytesHashed) {\r
408	Status = EFI_UNSUPPORTED;\r
409	goto Finish;\r
410	}\r
411	}\r
412	\r
413	//\r
414	// 17. Finalize the SHA hash.\r
415	//\r
416	Status = HashCompleteAndExtend (HashHandle, PCRIndex, NULL, 0, DigestList);\r
417	if (EFI_ERROR (Status)) {\r
418	goto Finish;\r
419	}\r
420	\r
421	Finish:\r
422	if (SectionHeader != NULL) {\r
423	FreePool (SectionHeader);\r
424	}\r
425	\r
426	return Status;\r
427	}\r