[mirror_edk2.git] / SecurityPkg / Tcg / Tcg2Dxe / MeasureBootPeCoff.c

/** @file\r
  This module implements measuring PeCoff image for Tcg2 Protocol.\r
\r
  Caution: This file requires additional review when modified.\r
  This driver will have external input - PE/COFF image.\r
  This external input must be validated carefully to avoid security issue like\r
  buffer overflow, integer overflow.\r
\r
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include <PiDxe.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/DevicePathLib.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/PeCoffLib.h>\r
#include <Library/Tpm2CommandLib.h>\r
#include <Library/HashLib.h>\r
\r
UINTN  mTcg2DxeImageSize = 0;\r
\r
/**\r
  Reads contents of a PE/COFF image in memory buffer.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
  read is within the image buffer.\r
\r
  @param  FileHandle      Pointer to the file handle to read the PE/COFF image.\r
  @param  FileOffset      Offset into the PE/COFF image to begin the read operation.\r
  @param  ReadSize        On input, the size in bytes of the requested read operation.\r
                          On output, the number of bytes actually read.\r
  @param  Buffer          Output buffer that contains the data read from the PE/COFF image.\r
\r
  @retval EFI_SUCCESS     The specified portion of the PE/COFF image was read and the size\r
**/\r
EFI_STATUS\r
EFIAPI\r
Tcg2DxeImageRead (\r
  IN     VOID    *FileHandle,\r
  IN     UINTN   FileOffset,\r
  IN OUT UINTN   *ReadSize,\r
  OUT    VOID    *Buffer\r
  )\r
{\r
  UINTN               EndPosition;\r
\r
  if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
    return EFI_INVALID_PARAMETER;\r
  }\r
\r
  EndPosition = FileOffset + *ReadSize;\r
  if (EndPosition > mTcg2DxeImageSize) {\r
    *ReadSize = (UINT32)(mTcg2DxeImageSize - FileOffset);\r
  }\r
\r
  if (FileOffset >= mTcg2DxeImageSize) {\r
    *ReadSize = 0;\r
  }\r
\r
  CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Measure PE image into TPM log based on the authenticode image hashing in\r
  PE/COFF Specification 8.0 Appendix A.\r
\r
  Caution: This function may receive untrusted input.\r
  PE/COFF image is external input, so this function will validate its data structure\r
  within this image buffer before use.\r
\r
  Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
\r
  @param[in]  PCRIndex       TPM PCR index\r
  @param[in]  ImageAddress   Start address of image buffer.\r
  @param[in]  ImageSize      Image size\r
  @param[out] DigestList     Digeest list of this image.\r
\r
  @retval EFI_SUCCESS            Successfully measure image.\r
  @retval EFI_OUT_OF_RESOURCES   No enough resource to measure image.\r
  @retval other error value\r
**/\r
EFI_STATUS\r
MeasurePeImageAndExtend (\r
  IN  UINT32                    PCRIndex,\r
  IN  EFI_PHYSICAL_ADDRESS      ImageAddress,\r
  IN  UINTN                     ImageSize,\r
  OUT TPML_DIGEST_VALUES        *DigestList\r
  )\r
{\r
  EFI_STATUS                           Status;\r
  EFI_IMAGE_DOS_HEADER                 *DosHdr;\r
  UINT32                               PeCoffHeaderOffset;\r
  EFI_IMAGE_SECTION_HEADER             *Section;\r
  UINT8                                *HashBase;\r
  UINTN                                HashSize;\r
  UINTN                                SumOfBytesHashed;\r
  EFI_IMAGE_SECTION_HEADER             *SectionHeader;\r
  UINTN                                Index;\r
  UINTN                                Pos;\r
  EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION  Hdr;\r
  UINT32                               NumberOfRvaAndSizes;\r
  UINT32                               CertSize;\r
  HASH_HANDLE                          HashHandle;\r
  PE_COFF_LOADER_IMAGE_CONTEXT         ImageContext;\r
\r
  HashHandle = 0xFFFFFFFF; // Know bad value\r
\r
  Status        = EFI_UNSUPPORTED;\r
  SectionHeader = NULL;\r
\r
  //\r
  // Check PE/COFF image\r
  //\r
  ZeroMem (&ImageContext, sizeof (ImageContext));\r
  ImageContext.Handle    = (VOID *) (UINTN) ImageAddress;\r
  mTcg2DxeImageSize      = ImageSize;\r
  ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) Tcg2DxeImageRead;\r
\r
  //\r
  // Get information about the image being loaded\r
  //\r
  Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
  if (EFI_ERROR (Status)) {\r
    //\r
    // The information can't be got from the invalid PeImage\r
    //\r
    DEBUG ((DEBUG_INFO, "Tcg2Dxe: PeImage invalid. Cannot retrieve image information.\n"));\r
    goto Finish;\r
  }\r
\r
  DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;\r
  PeCoffHeaderOffset = 0;\r
  if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
    PeCoffHeaderOffset = DosHdr->e_lfanew;\r
  }\r
\r
  Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *) (UINTN) ImageAddress + PeCoffHeaderOffset);\r
  if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
    Status = EFI_UNSUPPORTED;\r
    goto Finish;\r
  }\r
\r
  //\r
  // PE/COFF Image Measurement\r
  //\r
  //    NOTE: The following codes/steps are based upon the authenticode image hashing in\r
  //      PE/COFF Specification 8.0 Appendix A.\r
  //\r
  //\r
\r
  // 1.  Load the image header into memory.\r
\r
  // 2.  Initialize a SHA hash context.\r
\r
  Status = HashStart (&HashHandle);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
  //\r
  // Measuring PE/COFF Image Header;\r
  // But CheckSum field and SECURITY data directory (certificate) are excluded\r
  //\r
\r
  //\r
  // 3.  Calculate the distance from the base of the image header to the image checksum address.\r
  // 4.  Hash the image header from its base to beginning of the image checksum.\r
  //\r
  HashBase = (UINT8 *) (UINTN) ImageAddress;\r
  if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
    HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;\r
  }\r
\r
  Status = HashUpdate (HashHandle, HashBase, HashSize);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
  //\r
  // 5.  Skip over the image checksum (it occupies a single ULONG).\r
  //\r
  if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
    //\r
    // 6.  Since there is no Cert Directory in optional header, hash everything\r
    //     from the end of the checksum to the end of image header.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset.\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset.\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
  } else {\r
    //\r
    // 7.  Hash everything from the end of the checksum to the start of the Cert Directory.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
      HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;\r
    }\r
\r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
\r
    //\r
    // 8.  Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
    // 9.  Hash everything from the end of the Cert Directory to the end of image header.\r
    //\r
    if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
      //\r
      // Use PE32 offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    } else {\r
      //\r
      // Use PE32+ offset\r
      //\r
      HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
      HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
    }\r
\r
    if (HashSize != 0) {\r
      Status  = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    }\r
  }\r
\r
  //\r
  // 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
  //\r
  if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
    //\r
    // Use PE32 offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
  } else {\r
    //\r
    // Use PE32+ offset\r
    //\r
    SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
  }\r
\r
  //\r
  // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
  //     structures in the image. The 'NumberOfSections' field of the image\r
  //     header indicates how big the table should be. Do not include any\r
  //     IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
  //\r
  SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);\r
  if (SectionHeader == NULL) {\r
    Status = EFI_OUT_OF_RESOURCES;\r
    goto Finish;\r
  }\r
\r
  //\r
  // 12.  Using the 'PointerToRawData' in the referenced section headers as\r
  //      a key, arrange the elements in the table in ascending order. In other\r
  //      words, sort the section headers according to the disk-file offset of\r
  //      the section.\r
  //\r
  Section = (EFI_IMAGE_SECTION_HEADER *) (\r
               (UINT8 *) (UINTN) ImageAddress +\r
               PeCoffHeaderOffset +\r
               sizeof(UINT32) +\r
               sizeof(EFI_IMAGE_FILE_HEADER) +\r
               Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
               );\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Pos = Index;\r
    while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
      CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));\r
      Pos--;\r
    }\r
    CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));\r
    Section += 1;\r
  }\r
\r
  //\r
  // 13.  Walk through the sorted table, bring the corresponding section\r
  //      into memory, and hash the entire section (using the 'SizeOfRawData'\r
  //      field in the section header to determine the amount of data to hash).\r
  // 14.  Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
  // 15.  Repeat steps 13 and 14 for all the sections in the sorted table.\r
  //\r
  for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
    Section  = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];\r
    if (Section->SizeOfRawData == 0) {\r
      continue;\r
    }\r
    HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;\r
    HashSize = (UINTN) Section->SizeOfRawData;\r
\r
    Status = HashUpdate (HashHandle, HashBase, HashSize);\r
    if (EFI_ERROR (Status)) {\r
      goto Finish;\r
    }\r
\r
    SumOfBytesHashed += HashSize;\r
  }\r
\r
  //\r
  // 16.  If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
  //      data in the file that needs to be added to the hash. This data begins\r
  //      at file offset SUM_OF_BYTES_HASHED and its length is:\r
  //             FileSize  -  (CertDirectory->Size)\r
  //\r
  if (ImageSize > SumOfBytesHashed) {\r
    HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;\r
\r
    if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
      CertSize = 0;\r
    } else {\r
      if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
        //\r
        // Use PE32 offset.\r
        //\r
        CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      } else {\r
        //\r
        // Use PE32+ offset.\r
        //\r
        CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
      }\r
    }\r
\r
    if (ImageSize > CertSize + SumOfBytesHashed) {\r
      HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);\r
\r
      Status = HashUpdate (HashHandle, HashBase, HashSize);\r
      if (EFI_ERROR (Status)) {\r
        goto Finish;\r
      }\r
    } else if (ImageSize < CertSize + SumOfBytesHashed) {\r
      Status = EFI_UNSUPPORTED;\r
      goto Finish;\r
    }\r
  }\r
\r
  //\r
  // 17.  Finalize the SHA hash.\r
  //\r
  Status = HashCompleteAndExtend (HashHandle, PCRIndex, NULL, 0, DigestList);\r
  if (EFI_ERROR (Status)) {\r
    goto Finish;\r
  }\r
\r
Finish:\r
  if (SectionHeader != NULL) {\r
    FreePool (SectionHeader);\r
  }\r
\r
  return Status;\r
}\r
Commit	Line	Data
	1	/** @file\r
	2	This module implements measuring PeCoff image for Tcg2 Protocol.\r
	3	\r
	4	Caution: This file requires additional review when modified.\r
	5	This driver will have external input - PE/COFF image.\r
	6	This external input must be validated carefully to avoid security issue like\r
	7	buffer overflow, integer overflow.\r
	8	\r
	9	Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
	10	This program and the accompanying materials\r
	11	are licensed and made available under the terms and conditions of the BSD License\r
	12	which accompanies this distribution. The full text of the license may be found at\r
	13	http://opensource.org/licenses/bsd-license.php\r
	14	\r
	15	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
	16	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	17	\r
	18	**/\r
	19	\r
	20	#include <PiDxe.h>\r
	21	\r
	22	#include <Library/BaseLib.h>\r
	23	#include <Library/DebugLib.h>\r
	24	#include <Library/BaseMemoryLib.h>\r
	25	#include <Library/MemoryAllocationLib.h>\r
	26	#include <Library/DevicePathLib.h>\r
	27	#include <Library/UefiBootServicesTableLib.h>\r
	28	#include <Library/PeCoffLib.h>\r
	29	#include <Library/Tpm2CommandLib.h>\r
	30	#include <Library/HashLib.h>\r
	31	\r
	32	UINTN mTcg2DxeImageSize = 0;\r
	33	\r
	34	/**\r
	35	Reads contents of a PE/COFF image in memory buffer.\r
	36	\r
	37	Caution: This function may receive untrusted input.\r
	38	PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
	39	read is within the image buffer.\r
	40	\r
	41	@param FileHandle Pointer to the file handle to read the PE/COFF image.\r
	42	@param FileOffset Offset into the PE/COFF image to begin the read operation.\r
	43	@param ReadSize On input, the size in bytes of the requested read operation.\r
	44	On output, the number of bytes actually read.\r
	45	@param Buffer Output buffer that contains the data read from the PE/COFF image.\r
	46	\r
	47	@retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size\r
	48	**/\r
	49	EFI_STATUS\r
	50	EFIAPI\r
	51	Tcg2DxeImageRead (\r
	52	IN VOID *FileHandle,\r
	53	IN UINTN FileOffset,\r
	54	IN OUT UINTN *ReadSize,\r
	55	OUT VOID *Buffer\r
	56	)\r
	57	{\r
	58	UINTN EndPosition;\r
	59	\r
	60	if (FileHandle == NULL \|\| ReadSize == NULL \|\| Buffer == NULL) {\r
	61	return EFI_INVALID_PARAMETER;\r
	62	}\r
	63	\r
	64	if (MAX_ADDRESS - FileOffset < *ReadSize) {\r
	65	return EFI_INVALID_PARAMETER;\r
	66	}\r
	67	\r
	68	EndPosition = FileOffset + *ReadSize;\r
	69	if (EndPosition > mTcg2DxeImageSize) {\r
	70	*ReadSize = (UINT32)(mTcg2DxeImageSize - FileOffset);\r
	71	}\r
	72	\r
	73	if (FileOffset >= mTcg2DxeImageSize) {\r
	74	*ReadSize = 0;\r
	75	}\r
	76	\r
	77	CopyMem (Buffer, (UINT8 )((UINTN) FileHandle + FileOffset), ReadSize);\r
	78	\r
	79	return EFI_SUCCESS;\r
	80	}\r
	81	\r
	82	/**\r
	83	Measure PE image into TPM log based on the authenticode image hashing in\r
	84	PE/COFF Specification 8.0 Appendix A.\r
	85	\r
	86	Caution: This function may receive untrusted input.\r
	87	PE/COFF image is external input, so this function will validate its data structure\r
	88	within this image buffer before use.\r
	89	\r
	90	Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r
	91	\r
	92	@param[in] PCRIndex TPM PCR index\r
	93	@param[in] ImageAddress Start address of image buffer.\r
	94	@param[in] ImageSize Image size\r
	95	@param[out] DigestList Digeest list of this image.\r
	96	\r
	97	@retval EFI_SUCCESS Successfully measure image.\r
	98	@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.\r
	99	@retval other error value\r
	100	**/\r
	101	EFI_STATUS\r
	102	MeasurePeImageAndExtend (\r
	103	IN UINT32 PCRIndex,\r
	104	IN EFI_PHYSICAL_ADDRESS ImageAddress,\r
	105	IN UINTN ImageSize,\r
	106	OUT TPML_DIGEST_VALUES *DigestList\r
	107	)\r
	108	{\r
	109	EFI_STATUS Status;\r
	110	EFI_IMAGE_DOS_HEADER *DosHdr;\r
	111	UINT32 PeCoffHeaderOffset;\r
	112	EFI_IMAGE_SECTION_HEADER *Section;\r
	113	UINT8 *HashBase;\r
	114	UINTN HashSize;\r
	115	UINTN SumOfBytesHashed;\r
	116	EFI_IMAGE_SECTION_HEADER *SectionHeader;\r
	117	UINTN Index;\r
	118	UINTN Pos;\r
	119	EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;\r
	120	UINT32 NumberOfRvaAndSizes;\r
	121	UINT32 CertSize;\r
	122	HASH_HANDLE HashHandle;\r
	123	PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
	124	\r
	125	HashHandle = 0xFFFFFFFF; // Know bad value\r
	126	\r
	127	Status = EFI_UNSUPPORTED;\r
	128	SectionHeader = NULL;\r
	129	\r
	130	//\r
	131	// Check PE/COFF image\r
	132	//\r
	133	ZeroMem (&ImageContext, sizeof (ImageContext));\r
	134	ImageContext.Handle = (VOID *) (UINTN) ImageAddress;\r
	135	mTcg2DxeImageSize = ImageSize;\r
	136	ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) Tcg2DxeImageRead;\r
	137	\r
	138	//\r
	139	// Get information about the image being loaded\r
	140	//\r
	141	Status = PeCoffLoaderGetImageInfo (&ImageContext);\r
	142	if (EFI_ERROR (Status)) {\r
	143	//\r
	144	// The information can't be got from the invalid PeImage\r
	145	//\r
	146	DEBUG ((DEBUG_INFO, "Tcg2Dxe: PeImage invalid. Cannot retrieve image information.\n"));\r
	147	goto Finish;\r
	148	}\r
	149	\r
	150	DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;\r
	151	PeCoffHeaderOffset = 0;\r
	152	if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {\r
	153	PeCoffHeaderOffset = DosHdr->e_lfanew;\r
	154	}\r
	155	\r
	156	Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 )((UINT8 ) (UINTN) ImageAddress + PeCoffHeaderOffset);\r
	157	if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {\r
	158	Status = EFI_UNSUPPORTED;\r
	159	goto Finish;\r
	160	}\r
	161	\r
	162	//\r
	163	// PE/COFF Image Measurement\r
	164	//\r
	165	// NOTE: The following codes/steps are based upon the authenticode image hashing in\r
	166	// PE/COFF Specification 8.0 Appendix A.\r
	167	//\r
	168	//\r
	169	\r
	170	// 1. Load the image header into memory.\r
	171	\r
	172	// 2. Initialize a SHA hash context.\r
	173	\r
	174	Status = HashStart (&HashHandle);\r
	175	if (EFI_ERROR (Status)) {\r
	176	goto Finish;\r
	177	}\r
	178	\r
	179	//\r
	180	// Measuring PE/COFF Image Header;\r
	181	// But CheckSum field and SECURITY data directory (certificate) are excluded\r
	182	//\r
	183	\r
	184	//\r
	185	// 3. Calculate the distance from the base of the image header to the image checksum address.\r
	186	// 4. Hash the image header from its base to beginning of the image checksum.\r
	187	//\r
	188	HashBase = (UINT8 *) (UINTN) ImageAddress;\r
	189	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	190	//\r
	191	// Use PE32 offset\r
	192	//\r
	193	NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;\r
	194	HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;\r
	195	} else {\r
	196	//\r
	197	// Use PE32+ offset\r
	198	//\r
	199	NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;\r
	200	HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;\r
	201	}\r
	202	\r
	203	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	204	if (EFI_ERROR (Status)) {\r
	205	goto Finish;\r
	206	}\r
	207	\r
	208	//\r
	209	// 5. Skip over the image checksum (it occupies a single ULONG).\r
	210	//\r
	211	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
	212	//\r
	213	// 6. Since there is no Cert Directory in optional header, hash everything\r
	214	// from the end of the checksum to the end of image header.\r
	215	//\r
	216	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	217	//\r
	218	// Use PE32 offset.\r
	219	//\r
	220	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
	221	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
	222	} else {\r
	223	//\r
	224	// Use PE32+ offset.\r
	225	//\r
	226	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
	227	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
	228	}\r
	229	\r
	230	if (HashSize != 0) {\r
	231	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	232	if (EFI_ERROR (Status)) {\r
	233	goto Finish;\r
	234	}\r
	235	}\r
	236	} else {\r
	237	//\r
	238	// 7. Hash everything from the end of the checksum to the start of the Cert Directory.\r
	239	//\r
	240	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	241	//\r
	242	// Use PE32 offset\r
	243	//\r
	244	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);\r
	245	HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;\r
	246	} else {\r
	247	//\r
	248	// Use PE32+ offset\r
	249	//\r
	250	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);\r
	251	HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;\r
	252	}\r
	253	\r
	254	if (HashSize != 0) {\r
	255	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	256	if (EFI_ERROR (Status)) {\r
	257	goto Finish;\r
	258	}\r
	259	}\r
	260	\r
	261	//\r
	262	// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)\r
	263	// 9. Hash everything from the end of the Cert Directory to the end of image header.\r
	264	//\r
	265	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	266	//\r
	267	// Use PE32 offset\r
	268	//\r
	269	HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
	270	HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
	271	} else {\r
	272	//\r
	273	// Use PE32+ offset\r
	274	//\r
	275	HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];\r
	276	HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);\r
	277	}\r
	278	\r
	279	if (HashSize != 0) {\r
	280	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	281	if (EFI_ERROR (Status)) {\r
	282	goto Finish;\r
	283	}\r
	284	}\r
	285	}\r
	286	\r
	287	//\r
	288	// 10. Set the SUM_OF_BYTES_HASHED to the size of the header\r
	289	//\r
	290	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	291	//\r
	292	// Use PE32 offset\r
	293	//\r
	294	SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;\r
	295	} else {\r
	296	//\r
	297	// Use PE32+ offset\r
	298	//\r
	299	SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;\r
	300	}\r
	301	\r
	302	//\r
	303	// 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER\r
	304	// structures in the image. The 'NumberOfSections' field of the image\r
	305	// header indicates how big the table should be. Do not include any\r
	306	// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.\r
	307	//\r
	308	SectionHeader = (EFI_IMAGE_SECTION_HEADER ) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) Hdr.Pe32->FileHeader.NumberOfSections);\r
	309	if (SectionHeader == NULL) {\r
	310	Status = EFI_OUT_OF_RESOURCES;\r
	311	goto Finish;\r
	312	}\r
	313	\r
	314	//\r
	315	// 12. Using the 'PointerToRawData' in the referenced section headers as\r
	316	// a key, arrange the elements in the table in ascending order. In other\r
	317	// words, sort the section headers according to the disk-file offset of\r
	318	// the section.\r
	319	//\r
	320	Section = (EFI_IMAGE_SECTION_HEADER *) (\r
	321	(UINT8 *) (UINTN) ImageAddress +\r
	322	PeCoffHeaderOffset +\r
	323	sizeof(UINT32) +\r
	324	sizeof(EFI_IMAGE_FILE_HEADER) +\r
	325	Hdr.Pe32->FileHeader.SizeOfOptionalHeader\r
	326	);\r
	327	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
	328	Pos = Index;\r
	329	while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {\r
	330	CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));\r
	331	Pos--;\r
	332	}\r
	333	CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));\r
	334	Section += 1;\r
	335	}\r
	336	\r
	337	//\r
	338	// 13. Walk through the sorted table, bring the corresponding section\r
	339	// into memory, and hash the entire section (using the 'SizeOfRawData'\r
	340	// field in the section header to determine the amount of data to hash).\r
	341	// 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .\r
	342	// 15. Repeat steps 13 and 14 for all the sections in the sorted table.\r
	343	//\r
	344	for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {\r
	345	Section = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];\r
	346	if (Section->SizeOfRawData == 0) {\r
	347	continue;\r
	348	}\r
	349	HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;\r
	350	HashSize = (UINTN) Section->SizeOfRawData;\r
	351	\r
	352	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	353	if (EFI_ERROR (Status)) {\r
	354	goto Finish;\r
	355	}\r
	356	\r
	357	SumOfBytesHashed += HashSize;\r
	358	}\r
	359	\r
	360	//\r
	361	// 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra\r
	362	// data in the file that needs to be added to the hash. This data begins\r
	363	// at file offset SUM_OF_BYTES_HASHED and its length is:\r
	364	// FileSize - (CertDirectory->Size)\r
	365	//\r
	366	if (ImageSize > SumOfBytesHashed) {\r
	367	HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;\r
	368	\r
	369	if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {\r
	370	CertSize = 0;\r
	371	} else {\r
	372	if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
	373	//\r
	374	// Use PE32 offset.\r
	375	//\r
	376	CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
	377	} else {\r
	378	//\r
	379	// Use PE32+ offset.\r
	380	//\r
	381	CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;\r
	382	}\r
	383	}\r
	384	\r
	385	if (ImageSize > CertSize + SumOfBytesHashed) {\r
	386	HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);\r
	387	\r
	388	Status = HashUpdate (HashHandle, HashBase, HashSize);\r
	389	if (EFI_ERROR (Status)) {\r
	390	goto Finish;\r
	391	}\r
	392	} else if (ImageSize < CertSize + SumOfBytesHashed) {\r
	393	Status = EFI_UNSUPPORTED;\r
	394	goto Finish;\r
	395	}\r
	396	}\r
	397	\r
	398	//\r
	399	// 17. Finalize the SHA hash.\r
	400	//\r
	401	Status = HashCompleteAndExtend (HashHandle, PCRIndex, NULL, 0, DigestList);\r
	402	if (EFI_ERROR (Status)) {\r
	403	goto Finish;\r
	404	}\r
	405	\r
	406	Finish:\r
	407	if (SectionHeader != NULL) {\r
	408	FreePool (SectionHeader);\r
	409	}\r
	410	\r
	411	return Status;\r
	412	}\r