MdeModulePkg/Core/Pei/Security/Security.c

   1 /** @file
   2   EFI PEI Core Security services
   3
   4 Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include "PeiMain.h"
  10
  11 EFI_PEI_NOTIFY_DESCRIPTOR  mNotifyList = {
  12   EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
  13   &gEfiPeiSecurity2PpiGuid,
  14   SecurityPpiNotifyCallback
  15 };
  16
  17 /**
  18   Initialize the security services.
  19
  20   @param PeiServices     An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
  21   @param OldCoreData     Pointer to the old core data.
  22                          NULL if being run in non-permanent memory mode.
  23
  24 **/
  25 VOID
  26 InitializeSecurityServices (
  27   IN EFI_PEI_SERVICES   **PeiServices,
  28   IN PEI_CORE_INSTANCE  *OldCoreData
  29   )
  30 {
  31   if (OldCoreData == NULL) {
  32     PeiServicesNotifyPpi (&mNotifyList);
  33   }
  34
  35   return;
  36 }
  37
  38 /**
  39
  40   Provide a callback for when the security PPI is installed.
  41   This routine will cache installed security PPI into PeiCore's private data.
  42
  43   @param PeiServices        An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
  44   @param NotifyDescriptor   The descriptor for the notification event.
  45   @param Ppi                Pointer to the PPI in question.
  46
  47   @return Always success
  48
  49 **/
  50 EFI_STATUS
  51 EFIAPI
  52 SecurityPpiNotifyCallback (
  53   IN EFI_PEI_SERVICES           **PeiServices,
  54   IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
  55   IN VOID                       *Ppi
  56   )
  57 {
  58   PEI_CORE_INSTANCE  *PrivateData;
  59
  60   //
  61   // Get PEI Core private data
  62   //
  63   PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);
  64
  65   //
  66   // If there isn't a security PPI installed, use the one from notification
  67   //
  68   if (PrivateData->PrivateSecurityPpi == NULL) {
  69     PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;
  70   }
  71
  72   return EFI_SUCCESS;
  73 }
  74
  75 /**
  76   Provide a callout to the security verification service.
  77
  78   @param PrivateData     PeiCore's private data structure
  79   @param VolumeHandle    Handle of FV
  80   @param FileHandle      Handle of PEIM's FFS
  81   @param AuthenticationStatus Authentication status
  82
  83   @retval EFI_SUCCESS              Image is OK
  84   @retval EFI_SECURITY_VIOLATION   Image is illegal
  85   @retval EFI_NOT_FOUND            If security PPI is not installed.
  86 **/
  87 EFI_STATUS
  88 VerifyPeim (
  89   IN PEI_CORE_INSTANCE    *PrivateData,
  90   IN EFI_PEI_FV_HANDLE    VolumeHandle,
  91   IN EFI_PEI_FILE_HANDLE  FileHandle,
  92   IN UINT32               AuthenticationStatus
  93   )
  94 {
  95   EFI_STATUS  Status;
  96   BOOLEAN     DeferExecution;
  97
  98   Status = EFI_NOT_FOUND;
  99   if (PrivateData->PrivateSecurityPpi == NULL) {
 100     //
 101     // Check AuthenticationStatus first.
 102     //
 103     if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {
 104       if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {
 105         Status = EFI_SECURITY_VIOLATION;
 106       }
 107     }
 108   } else {
 109     //
 110     // Check to see if the image is OK
 111     //
 112     Status = PrivateData->PrivateSecurityPpi->AuthenticationState (
 113                                                 (CONST EFI_PEI_SERVICES **)&PrivateData->Ps,
 114                                                 PrivateData->PrivateSecurityPpi,
 115                                                 AuthenticationStatus,
 116                                                 VolumeHandle,
 117                                                 FileHandle,
 118                                                 &DeferExecution
 119                                                 );
 120     if (DeferExecution) {
 121       Status = EFI_SECURITY_VIOLATION;
 122     }
 123   }
 124
 125   return Status;
 126 }
 127
 128 /**
 129   Verify a Firmware volume.
 130
 131   @param CurrentFvAddress   Pointer to the current Firmware Volume under consideration
 132
 133   @retval EFI_SUCCESS       Firmware Volume is legal
 134
 135 **/
 136 EFI_STATUS
 137 VerifyFv (
 138   IN EFI_FIRMWARE_VOLUME_HEADER  *CurrentFvAddress
 139   )
 140 {
 141   //
 142   // Right now just pass the test.  Future can authenticate and/or check the
 143   // FV-header or other metric for goodness of binary.
 144   //
 145   return EFI_SUCCESS;
 146 }