58510766bb43426af4036456ad4beee00bbbd9ad
[mirror_edk2.git] / MdePkg / Library / DxeHstiLib / HstiDxe.c
1 /** @file
2
3 Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
4 This program and the accompanying materials
5 are licensed and made available under the terms and conditions of the BSD License
6 which accompanies this distribution. The full text of the license may be found at
7 http://opensource.org/licenses/bsd-license.php
8
9 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
10 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
11
12 **/
13
14 #include "HstiDxe.h"
15
16 /**
17 Find HSTI table in AIP protocol, and return the data.
18 This API will return the HSTI table with indicated Role and ImplementationID,
19 NULL ImplementationID means to find the first HSTI table with indicated Role.
20
21 @param Role Role of HSTI data.
22 @param ImplementationID ImplementationID of HSTI data.
23 NULL means find the first one match Role.
24 @param HstiData HSTI data. This buffer is allocated by callee, and it
25 is the responsibility of the caller to free it after
26 using it.
27 @param HstiSize HSTI size
28
29 @return Aip The AIP protocol having this HSTI.
30 @return NULL There is not HSTI table with the Role and ImplementationID published in system.
31 **/
32 VOID *
33 InternalHstiFindAip (
34 IN UINT32 Role,
35 IN CHAR16 *ImplementationID OPTIONAL,
36 OUT VOID **HstiData OPTIONAL,
37 OUT UINTN *HstiSize OPTIONAL
38 )
39 {
40 EFI_STATUS Status;
41 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
42 UINTN NoHandles;
43 EFI_HANDLE *Handles;
44 UINTN Index;
45 EFI_GUID *InfoTypesBuffer;
46 UINTN InfoTypesBufferCount;
47 UINTN InfoTypesIndex;
48 EFI_ADAPTER_INFORMATION_PROTOCOL *AipCandidate;
49 VOID *InformationBlock;
50 UINTN InformationBlockSize;
51 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
52
53 Status = gBS->LocateHandleBuffer (
54 ByProtocol,
55 &gEfiAdapterInformationProtocolGuid,
56 NULL,
57 &NoHandles,
58 &Handles
59 );
60 if (EFI_ERROR (Status)) {
61 return NULL;
62 }
63
64 Hsti = NULL;
65 Aip = NULL;
66 InformationBlock = NULL;
67 InformationBlockSize = 0;
68 for (Index = 0; Index < NoHandles; Index++) {
69 Status = gBS->HandleProtocol (
70 Handles[Index],
71 &gEfiAdapterInformationProtocolGuid,
72 (VOID **)&Aip
73 );
74 if (EFI_ERROR (Status)) {
75 continue;
76 }
77
78 //
79 // Check AIP
80 //
81 Status = Aip->GetSupportedTypes (
82 Aip,
83 &InfoTypesBuffer,
84 &InfoTypesBufferCount
85 );
86 if (EFI_ERROR (Status)) {
87 continue;
88 }
89
90 AipCandidate = NULL;
91 for (InfoTypesIndex = 0; InfoTypesIndex < InfoTypesBufferCount; InfoTypesIndex++) {
92 if (CompareGuid (&InfoTypesBuffer[InfoTypesIndex], &gAdapterInfoPlatformSecurityGuid)) {
93 AipCandidate = Aip;
94 break;
95 }
96 }
97 FreePool (InfoTypesBuffer);
98
99 if (AipCandidate == NULL) {
100 continue;
101 }
102
103 //
104 // Check HSTI Role
105 //
106 Aip = AipCandidate;
107 Status = Aip->GetInformation (
108 Aip,
109 &gAdapterInfoPlatformSecurityGuid,
110 &InformationBlock,
111 &InformationBlockSize
112 );
113 if (EFI_ERROR (Status)) {
114 continue;
115 }
116
117 Hsti = InformationBlock;
118 if ((Hsti->Role == Role) &&
119 ((ImplementationID == NULL) || (StrCmp (ImplementationID, Hsti->ImplementationID) == 0))) {
120 break;
121 } else {
122 Hsti = NULL;
123 FreePool (InformationBlock);
124 continue;
125 }
126 }
127 FreePool (Handles);
128
129 if (Hsti == NULL) {
130 return NULL;
131 }
132
133 if (HstiData != NULL) {
134 *HstiData = InformationBlock;
135 }
136 if (HstiSize != NULL) {
137 *HstiSize = InformationBlockSize;
138 }
139 return Aip;
140 }
141
142 /**
143 Return if input HSTI data follows HSTI specification.
144
145 @param HstiData HSTI data
146 @param HstiSize HSTI size
147
148 @retval TRUE HSTI data follows HSTI specification.
149 @retval FALSE HSTI data does not follow HSTI specification.
150 **/
151 BOOLEAN
152 InternalHstiIsValidTable (
153 IN VOID *HstiData,
154 IN UINTN HstiSize
155 )
156 {
157 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
158 UINTN Index;
159 CHAR16 *ErrorString;
160 CHAR16 ErrorChar;
161 UINTN ErrorStringSize;
162 UINTN ErrorStringLength;
163
164 Hsti = HstiData;
165
166 //
167 // basic check for header
168 //
169 if (HstiData == NULL) {
170 DEBUG ((EFI_D_ERROR, "HstiData == NULL\n"));
171 return FALSE;
172 }
173 if (HstiSize < sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) {
174 DEBUG ((EFI_D_ERROR, "HstiSize < sizeof(ADAPTER_INFO_PLATFORM_SECURITY)\n"));
175 return FALSE;
176 }
177 if (((HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) / 3) < Hsti->SecurityFeaturesSize) {
178 DEBUG ((EFI_D_ERROR, "((HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) / 3) < SecurityFeaturesSize\n"));
179 return FALSE;
180 }
181
182 //
183 // Check Version
184 //
185 if (Hsti->Version != PLATFORM_SECURITY_VERSION_VNEXTCS) {
186 DEBUG ((EFI_D_ERROR, "Version != PLATFORM_SECURITY_VERSION_VNEXTCS\n"));
187 return FALSE;
188 }
189
190 //
191 // Check Role
192 //
193 if ((Hsti->Role < PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE) ||
194 (Hsti->Role > PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM)) {
195 DEBUG ((EFI_D_ERROR, "Role < PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE ||\n"));
196 DEBUG ((EFI_D_ERROR, "Role > PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM\n"));
197 return FALSE;
198 }
199
200 //
201 // Check ImplementationID
202 //
203 for (Index = 0; Index < sizeof(Hsti->ImplementationID)/sizeof(Hsti->ImplementationID[0]); Index++) {
204 if (Hsti->ImplementationID[Index] == 0) {
205 break;
206 }
207 }
208 if (Index == sizeof(Hsti->ImplementationID)/sizeof(Hsti->ImplementationID[0])) {
209 DEBUG ((EFI_D_ERROR, "ImplementationID has no NUL CHAR\n"));
210 return FALSE;
211 }
212
213 ErrorStringSize = HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY) - Hsti->SecurityFeaturesSize * 3;
214 ErrorString = (CHAR16 *)((UINTN)Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY) - Hsti->SecurityFeaturesSize * 3);
215
216 //
217 // basic check for ErrorString
218 //
219 if (ErrorStringSize == 0) {
220 DEBUG ((EFI_D_ERROR, "ErrorStringSize == 0\n"));
221 return FALSE;
222 }
223 if ((ErrorStringSize & BIT0) != 0) {
224 DEBUG ((EFI_D_ERROR, "(ErrorStringSize & BIT0) != 0\n"));
225 return FALSE;
226 }
227
228 //
229 // ErrorString might not be CHAR16 aligned.
230 //
231 CopyMem (&ErrorChar, ErrorString, sizeof(ErrorChar));
232 for (ErrorStringLength = 0; (ErrorChar != 0) && (ErrorStringLength < (ErrorStringSize/2)); ErrorStringLength++) {
233 ErrorString++;
234 CopyMem (&ErrorChar, ErrorString, sizeof(ErrorChar));
235 }
236
237 //
238 // check the length of ErrorString
239 //
240 if (ErrorChar != 0) {
241 DEBUG ((EFI_D_ERROR, "ErrorString has no NUL CHAR\n"));
242 return FALSE;
243 }
244 if (ErrorStringLength == (ErrorStringSize/2)) {
245 DEBUG ((EFI_D_ERROR, "ErrorString Length incorrect\n"));
246 return FALSE;
247 }
248
249 return TRUE;
250 }
251
252 /**
253 Publish HSTI table in AIP protocol.
254
255 One system should have only one PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE.
256
257 If the Role is NOT PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
258 SecurityFeaturesRequired field will be ignored.
259
260 @param Hsti HSTI data
261 @param HstiSize HSTI size
262
263 @retval EFI_SUCCESS The HSTI data is published in AIP protocol.
264 @retval EFI_ALREADY_STARTED There is already HSTI table with Role and ImplementationID published in system.
265 @retval EFI_VOLUME_CORRUPTED The input HSTI data does not follow HSTI specification.
266 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to publish HSTI data in AIP protocol.
267 **/
268 EFI_STATUS
269 EFIAPI
270 HstiLibSetTable (
271 IN VOID *Hsti,
272 IN UINTN HstiSize
273 )
274 {
275 EFI_STATUS Status;
276 EFI_HANDLE Handle;
277 HSTI_AIP_PRIVATE_DATA *HstiAip;
278 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
279 UINT32 Role;
280 CHAR16 *ImplementationID;
281 UINT32 SecurityFeaturesSize;
282 UINT8 *SecurityFeaturesRequired;
283
284 if (!InternalHstiIsValidTable (Hsti, HstiSize)) {
285 return EFI_VOLUME_CORRUPTED;
286 }
287
288 Role = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->Role;
289 ImplementationID = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->ImplementationID;
290 Aip = InternalHstiFindAip (Role, ImplementationID, NULL, NULL);
291 if (Aip != NULL) {
292 return EFI_ALREADY_STARTED;
293 }
294
295 HstiAip = AllocateZeroPool (sizeof(HSTI_AIP_PRIVATE_DATA));
296 if (HstiAip == NULL) {
297 return EFI_OUT_OF_RESOURCES;
298 }
299 HstiAip->Hsti = AllocateCopyPool (HstiSize, Hsti);
300 if (HstiAip->Hsti == NULL) {
301 FreePool (HstiAip);
302 return EFI_OUT_OF_RESOURCES;
303 }
304 if (Role != PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE) {
305 SecurityFeaturesRequired = (UINT8 *)HstiAip->Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY);
306 SecurityFeaturesSize = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->SecurityFeaturesSize;
307 ZeroMem (SecurityFeaturesRequired, SecurityFeaturesSize);
308 }
309
310 HstiAip->Signature = HSTI_AIP_PRIVATE_SIGNATURE;
311 CopyMem (&HstiAip->Aip, &mAdapterInformationProtocol, sizeof(EFI_ADAPTER_INFORMATION_PROTOCOL));
312 HstiAip->HstiSize = HstiSize;
313 HstiAip->HstiMaxSize = HstiSize;
314
315 Handle = NULL;
316 Status = gBS->InstallMultipleProtocolInterfaces (
317 &Handle,
318 &gEfiAdapterInformationProtocolGuid,
319 &HstiAip->Aip,
320 NULL
321 );
322 if (EFI_ERROR (Status)) {
323 FreePool (HstiAip->Hsti);
324 FreePool (HstiAip);
325 }
326
327 return Status;
328 }
329
330 /**
331 Search HSTI table in AIP protocol, and return the data.
332 This API will return the HSTI table with indicated Role and ImplementationID,
333 NULL ImplementationID means to find the first HSTI table with indicated Role.
334
335 @param Role Role of HSTI data.
336 @param ImplementationID ImplementationID of HSTI data.
337 NULL means find the first one match Role.
338 @param Hsti HSTI data. This buffer is allocated by callee, and it
339 is the responsibility of the caller to free it after
340 using it.
341 @param HstiSize HSTI size
342
343 @retval EFI_SUCCESS The HSTI data in AIP protocol is returned.
344 @retval EFI_NOT_FOUND There is not HSTI table with the Role and ImplementationID published in system.
345 **/
346 EFI_STATUS
347 EFIAPI
348 HstiLibGetTable (
349 IN UINT32 Role,
350 IN CHAR16 *ImplementationID OPTIONAL,
351 OUT VOID **Hsti,
352 OUT UINTN *HstiSize
353 )
354 {
355 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
356
357 Aip = InternalHstiFindAip (Role, ImplementationID, Hsti, HstiSize);
358 if (Aip == NULL) {
359 return EFI_NOT_FOUND;
360 }
361 return EFI_SUCCESS;
362 }
363
364 /**
365 Record FeaturesVerified in published HSTI table.
366 This API will update the HSTI table with indicated Role and ImplementationID,
367 NULL ImplementationID means to find the first HSTI table with indicated Role.
368
369 @param Role Role of HSTI data.
370 @param ImplementationID ImplementationID of HSTI data.
371 NULL means find the first one match Role.
372 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
373 @param BitMask Bit mask of FeaturesVerified of HSTI data.
374 @param Set TRUE means to set the FeaturesVerified bit.
375 FALSE means to clear the FeaturesVerified bit.
376
377 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
378 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
379 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
380 **/
381 EFI_STATUS
382 InternalHstiRecordFeaturesVerified (
383 IN UINT32 Role,
384 IN CHAR16 *ImplementationID, OPTIONAL
385 IN UINT32 ByteIndex,
386 IN UINT8 Bit,
387 IN BOOLEAN Set
388 )
389 {
390 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
391 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
392 UINTN HstiSize;
393 UINT8 *SecurityFeaturesVerified;
394 EFI_STATUS Status;
395
396 Aip = InternalHstiFindAip (Role, ImplementationID, (VOID **)&Hsti, &HstiSize);
397 if (Aip == NULL) {
398 return EFI_NOT_STARTED;
399 }
400
401 if (ByteIndex >= Hsti->SecurityFeaturesSize) {
402 return EFI_UNSUPPORTED;
403 }
404
405 SecurityFeaturesVerified = (UINT8 *)((UINTN)Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY) + Hsti->SecurityFeaturesSize * 2);
406
407 if (Set) {
408 SecurityFeaturesVerified[ByteIndex] = (UINT8)(SecurityFeaturesVerified[ByteIndex] | (Bit));
409 } else {
410 SecurityFeaturesVerified[ByteIndex] = (UINT8)(SecurityFeaturesVerified[ByteIndex] & (~Bit));
411 }
412
413 Status = Aip->SetInformation (
414 Aip,
415 &gAdapterInfoPlatformSecurityGuid,
416 Hsti,
417 HstiSize
418 );
419 FreePool (Hsti);
420 return Status;
421 }
422
423 /**
424 Set FeaturesVerified in published HSTI table.
425 This API will update the HSTI table with indicated Role and ImplementationID,
426 NULL ImplementationID means to find the first HSTI table with indicated Role.
427
428 @param Role Role of HSTI data.
429 @param ImplementationID ImplementationID of HSTI data.
430 NULL means find the first one match Role.
431 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
432 @param BitMask Bit mask of FeaturesVerified of HSTI data.
433
434 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
435 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
436 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
437 **/
438 EFI_STATUS
439 EFIAPI
440 HstiLibSetFeaturesVerified (
441 IN UINT32 Role,
442 IN CHAR16 *ImplementationID, OPTIONAL
443 IN UINT32 ByteIndex,
444 IN UINT8 BitMask
445 )
446 {
447 return InternalHstiRecordFeaturesVerified (
448 Role,
449 ImplementationID,
450 ByteIndex,
451 BitMask,
452 TRUE
453 );
454 }
455
456 /**
457 Clear FeaturesVerified in published HSTI table.
458 This API will update the HSTI table with indicated Role and ImplementationID,
459 NULL ImplementationID means to find the first HSTI table with indicated Role.
460
461 @param Role Role of HSTI data.
462 @param ImplementationID ImplementationID of HSTI data.
463 NULL means find the first one match Role.
464 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
465 @param BitMask Bit mask of FeaturesVerified of HSTI data.
466
467 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
468 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
469 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
470 **/
471 EFI_STATUS
472 EFIAPI
473 HstiLibClearFeaturesVerified (
474 IN UINT32 Role,
475 IN CHAR16 *ImplementationID, OPTIONAL
476 IN UINT32 ByteIndex,
477 IN UINT8 BitMask
478 )
479 {
480 return InternalHstiRecordFeaturesVerified (
481 Role,
482 ImplementationID,
483 ByteIndex,
484 BitMask,
485 FALSE
486 );
487 }
488
489 /**
490 Record ErrorString in published HSTI table.
491 This API will update the HSTI table with indicated Role and ImplementationID,
492 NULL ImplementationID means to find the first HSTI table with indicated Role.
493
494 @param Role Role of HSTI data.
495 @param ImplementationID ImplementationID of HSTI data.
496 NULL means find the first one match Role.
497 @param ErrorString ErrorString of HSTI data.
498 @param Append TRUE means to append the ErrorString to HSTI table.
499 FALSE means to set the ErrorString in HSTI table.
500
501 @retval EFI_SUCCESS The ErrorString of HSTI data is published in AIP protocol.
502 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
503 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
504 **/
505 EFI_STATUS
506 InternalHstiRecordErrorString (
507 IN UINT32 Role,
508 IN CHAR16 *ImplementationID, OPTIONAL
509 IN CHAR16 *ErrorString,
510 IN BOOLEAN Append
511 )
512 {
513 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
514 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
515 UINTN HstiSize;
516 UINTN StringSize;
517 VOID *NewHsti;
518 UINTN NewHstiSize;
519 UINTN Offset;
520 EFI_STATUS Status;
521
522 Aip = InternalHstiFindAip (Role, ImplementationID, (VOID **)&Hsti, &HstiSize);
523 if (Aip == NULL) {
524 return EFI_NOT_STARTED;
525 }
526
527 if (Append) {
528 Offset = HstiSize - sizeof(CHAR16);
529 } else {
530 Offset = sizeof(ADAPTER_INFO_PLATFORM_SECURITY) + Hsti->SecurityFeaturesSize * 3;
531 }
532 StringSize = StrSize (ErrorString);
533
534 NewHstiSize = Offset + StringSize;
535 NewHsti = AllocatePool (NewHstiSize);
536 if (NewHsti == NULL) {
537 return EFI_OUT_OF_RESOURCES;
538 }
539
540 CopyMem (NewHsti, Hsti, Offset);
541 CopyMem ((UINT8 *)NewHsti + Offset, ErrorString, StringSize);
542
543 Status = Aip->SetInformation (
544 Aip,
545 &gAdapterInfoPlatformSecurityGuid,
546 NewHsti,
547 NewHstiSize
548 );
549 FreePool (Hsti);
550 FreePool (NewHsti);
551 return Status;
552 }
553
554 /**
555 Append ErrorString in published HSTI table.
556 This API will update the HSTI table with indicated Role and ImplementationID,
557 NULL ImplementationID means to find the first HSTI table with indicated Role.
558
559 @param Role Role of HSTI data.
560 @param ImplementationID ImplementationID of HSTI data.
561 NULL means find the first one match Role.
562 @param ErrorString ErrorString of HSTI data.
563
564 @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
565 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
566 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
567 **/
568 EFI_STATUS
569 EFIAPI
570 HstiLibAppendErrorString (
571 IN UINT32 Role,
572 IN CHAR16 *ImplementationID, OPTIONAL
573 IN CHAR16 *ErrorString
574 )
575 {
576 return InternalHstiRecordErrorString (
577 Role,
578 ImplementationID,
579 ErrorString,
580 TRUE
581 );
582 }
583
584 /**
585 Set a new ErrorString in published HSTI table.
586 This API will update the HSTI table with indicated Role and ImplementationID,
587 NULL ImplementationID means to find the first HSTI table with indicated Role.
588
589 @param Role Role of HSTI data.
590 @param ImplementationID ImplementationID of HSTI data.
591 NULL means find the first one match Role.
592 @param ErrorString ErrorString of HSTI data.
593
594 @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
595 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
596 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
597 **/
598 EFI_STATUS
599 EFIAPI
600 HstiLibSetErrorString (
601 IN UINT32 Role,
602 IN CHAR16 *ImplementationID, OPTIONAL
603 IN CHAR16 *ErrorString
604 )
605 {
606 return InternalHstiRecordErrorString (
607 Role,
608 ImplementationID,
609 ErrorString,
610 FALSE
611 );
612 }