]> git.proxmox.com Git - mirror_edk2.git/blob - MdePkg/Library/DxeHstiLib/HstiDxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add HSTI support.
[mirror_edk2.git] / MdePkg / Library / DxeHstiLib / HstiDxe.c
1 /** @file
2
3 Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
4 This program and the accompanying materials
5 are licensed and made available under the terms and conditions of the BSD License
6 which accompanies this distribution. The full text of the license may be found at
7 http://opensource.org/licenses/bsd-license.php
8
9 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
10 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
11
12 **/
13
14 #include "HstiDxe.h"
15
16 /**
17 Find HSTI table in AIP protocol, and return the data.
18 This API will return the HSTI table with indicated Role and ImplementationID,
19 NULL ImplementationID means to find the first HSTI table with indicated Role.
20
21 @param Role Role of HSTI data.
22 @param ImplementationID ImplementationID of HSTI data.
23 NULL means find the first one match Role.
24 @param HstiData HSTI data. This buffer is allocated by callee, and it
25 is the responsibility of the caller to free it after
26 using it.
27 @param HstiSize HSTI size
28
29 @return Aip The AIP protocol having this HSTI.
30 @return NULL There is not HSTI table with the Role and ImplementationID published in system.
31 **/
32 VOID *
33 InternalHstiFindAip (
34 IN UINT32 Role,
35 IN CHAR16 *ImplementationID OPTIONAL,
36 OUT VOID **HstiData OPTIONAL,
37 OUT UINTN *HstiSize OPTIONAL
38 )
39 {
40 EFI_STATUS Status;
41 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
42 UINTN NoHandles;
43 EFI_HANDLE *Handles;
44 UINTN Index;
45 EFI_GUID *InfoTypesBuffer;
46 UINTN InfoTypesBufferCount;
47 UINTN InfoTypesIndex;
48 EFI_ADAPTER_INFORMATION_PROTOCOL *AipCandidate;
49 VOID *InformationBlock;
50 UINTN InformationBlockSize;
51 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
52
53 Status = gBS->LocateHandleBuffer (
54 ByProtocol,
55 &gEfiAdapterInformationProtocolGuid,
56 NULL,
57 &NoHandles,
58 &Handles
59 );
60 if (EFI_ERROR (Status)) {
61 return NULL;
62 }
63
64 Hsti = NULL;
65 Aip = NULL;
66 InformationBlock = NULL;
67 InformationBlockSize = 0;
68 for (Index = 0; Index < NoHandles; Index++) {
69 Status = gBS->HandleProtocol (
70 Handles[Index],
71 &gEfiAdapterInformationProtocolGuid,
72 (VOID **)&Aip
73 );
74 if (EFI_ERROR (Status)) {
75 continue;
76 }
77
78 //
79 // Check AIP
80 //
81 Status = Aip->GetSupportedTypes (
82 Aip,
83 &InfoTypesBuffer,
84 &InfoTypesBufferCount
85 );
86 if (EFI_ERROR (Status)) {
87 continue;
88 }
89
90 AipCandidate = NULL;
91 for (InfoTypesIndex = 0; InfoTypesIndex < InfoTypesBufferCount; InfoTypesIndex++) {
92 if (CompareGuid (&InfoTypesBuffer[InfoTypesIndex], &gAdapterInfoPlatformSecurityGuid)) {
93 AipCandidate = Aip;
94 break;
95 }
96 }
97 FreePool (InfoTypesBuffer);
98
99 if (AipCandidate == NULL) {
100 continue;
101 }
102
103 //
104 // Check HSTI Role
105 //
106 Aip = AipCandidate;
107 Status = Aip->GetInformation (
108 Aip,
109 &gAdapterInfoPlatformSecurityGuid,
110 &InformationBlock,
111 &InformationBlockSize
112 );
113 if (EFI_ERROR (Status)) {
114 continue;
115 }
116
117 Hsti = InformationBlock;
118 if ((Hsti->Role == Role) &&
119 ((ImplementationID == NULL) || (StrCmp (ImplementationID, Hsti->ImplementationID) == 0))) {
120 break;
121 } else {
122 Hsti = NULL;
123 FreePool (InformationBlock);
124 continue;
125 }
126 }
127 FreePool (Handles);
128
129 if (Hsti == NULL) {
130 return NULL;
131 }
132
133 if (HstiData != NULL) {
134 *HstiData = InformationBlock;
135 }
136 if (HstiSize != NULL) {
137 *HstiSize = InformationBlockSize;
138 }
139 return Aip;
140 }
141
142 /**
143 Return if input HSTI data follows HSTI specification.
144
145 @param HstiData HSTI data
146 @param HstiSize HSTI size
147
148 @retval TRUE HSTI data follows HSTI specification.
149 @retval FALSE HSTI data does not follow HSTI specification.
150 **/
151 BOOLEAN
152 InternalHstiIsValidTable (
153 IN VOID *HstiData,
154 IN UINTN HstiSize
155 )
156 {
157 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
158 UINTN Index;
159 CHAR16 *ErrorString;
160 CHAR16 ErrorChar;
161 UINTN ErrorStringSize;
162 UINTN ErrorStringLength;
163
164 Hsti = HstiData;
165
166 //
167 // basic check for header
168 //
169 if (HstiData == NULL) {
170 DEBUG ((EFI_D_ERROR, "HstiData == NULL\n"));
171 return FALSE;
172 }
173 if (HstiSize < sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) {
174 DEBUG ((EFI_D_ERROR, "HstiSize < sizeof(ADAPTER_INFO_PLATFORM_SECURITY)\n"));
175 return FALSE;
176 }
177 if (((HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) / 3) < Hsti->SecurityFeaturesSize) {
178 DEBUG ((EFI_D_ERROR, "((HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY)) / 3) < SecurityFeaturesSize\n"));
179 return FALSE;
180 }
181
182 //
183 // Check Version
184 //
185 if (Hsti->Version != PLATFORM_SECURITY_VERSION_VNEXTCS) {
186 DEBUG ((EFI_D_ERROR, "Version != PLATFORM_SECURITY_VERSION_VNEXTCS\n"));
187 return FALSE;
188 }
189
190 //
191 // Check Role
192 //
193 if ((Hsti->Role < PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE) ||
194 (Hsti->Role > PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM)) {
195 DEBUG ((EFI_D_ERROR, "Role < PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE ||\n"));
196 DEBUG ((EFI_D_ERROR, "Role > PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM\n"));
197 return FALSE;
198 }
199
200 //
201 // Check ImplementationID
202 //
203 for (Index = 0; Index < sizeof(Hsti->ImplementationID); Index++) {
204 if (Hsti->ImplementationID[Index] == 0) {
205 break;
206 }
207 }
208 if (Index == sizeof(Hsti->ImplementationID)) {
209 DEBUG ((EFI_D_ERROR, "ImplementationID is no NUL CHAR\n"));
210 return FALSE;
211 }
212
213 ErrorStringSize = HstiSize - sizeof(ADAPTER_INFO_PLATFORM_SECURITY) - Hsti->SecurityFeaturesSize * 3;
214 ErrorString = (CHAR16 *)((UINTN)Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY) - Hsti->SecurityFeaturesSize * 3);
215
216 //
217 // basic check for ErrorString
218 //
219 if (ErrorStringSize == 0) {
220 DEBUG ((EFI_D_ERROR, "ErrorStringSize == 0\n"));
221 return FALSE;
222 }
223 if ((ErrorStringSize & BIT0) != 0) {
224 DEBUG ((EFI_D_ERROR, "(ErrorStringSize & BIT0) != 0\n"));
225 return FALSE;
226 }
227
228 //
229 // ErrorString might not be CHAR16 aligned.
230 //
231 CopyMem (&ErrorChar, ErrorString, sizeof(ErrorChar));
232 for (ErrorStringLength = 0; (ErrorChar != 0) && (ErrorStringLength < (ErrorStringSize/2)); ErrorStringLength++) {
233 ErrorString++;
234 CopyMem (&ErrorChar, ErrorString, sizeof(ErrorChar));
235 }
236
237 //
238 // check the length of ErrorString
239 //
240 if (ErrorChar != 0) {
241 DEBUG ((EFI_D_ERROR, "ErrorString has no NUL CHAR\n"));
242 return FALSE;
243 }
244 if (ErrorStringLength == (ErrorStringSize/2)) {
245 DEBUG ((EFI_D_ERROR, "ErrorString Length incorrect\n"));
246 return FALSE;
247 }
248
249 return TRUE;
250 }
251
252 /**
253 Publish HSTI table in AIP protocol.
254
255 One system should have only one PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE.
256
257 If the Role is NOT PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
258 SecurityFeaturesRequired field will be ignored.
259
260 @param Hsti HSTI data
261 @param HstiSize HSTI size
262
263 @retval EFI_SUCCESS The HSTI data is published in AIP protocol.
264 @retval EFI_ALREADY_STARTED There is already HSTI table with Role and ImplementationID published in system.
265 @retval EFI_VOLUME_CORRUPTED The input HSTI data does not follow HSTI specification.
266 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to publish HSTI data in AIP protocol.
267 **/
268 EFI_STATUS
269 EFIAPI
270 HstiLibSetTable (
271 IN VOID *Hsti,
272 IN UINTN HstiSize
273 )
274 {
275 EFI_STATUS Status;
276 EFI_HANDLE Handle;
277 HSTI_AIP_PRIVATE_DATA *HstiAip;
278 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
279 UINT32 Role;
280 CHAR16 *ImplementationID;
281 UINT32 SecurityFeaturesSize;
282 UINT8 *SecurityFeaturesRequired;
283
284 if (!InternalHstiIsValidTable (Hsti, HstiSize)) {
285 return EFI_VOLUME_CORRUPTED;
286 }
287
288 Role = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->Role;
289 ImplementationID = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->ImplementationID;
290 Aip = InternalHstiFindAip (Role, ImplementationID, NULL, NULL);
291 if (Aip != NULL) {
292 return EFI_ALREADY_STARTED;
293 }
294
295 HstiAip = AllocateZeroPool (sizeof(HSTI_AIP_PRIVATE_DATA));
296 if (HstiAip == NULL) {
297 return EFI_OUT_OF_RESOURCES;
298 }
299 HstiAip->Hsti = AllocateCopyPool (HstiSize, Hsti);
300 if (HstiAip == NULL) {
301 FreePool (HstiAip);
302 return EFI_OUT_OF_RESOURCES;
303 }
304 if (Role != PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE) {
305 SecurityFeaturesRequired = (UINT8 *)HstiAip->Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY);
306 SecurityFeaturesSize = ((ADAPTER_INFO_PLATFORM_SECURITY *)Hsti)->SecurityFeaturesSize;
307 ZeroMem (SecurityFeaturesRequired, SecurityFeaturesSize);
308 }
309
310 HstiAip->Signature = HSTI_AIP_PRIVATE_SIGNATURE;
311 CopyMem (&HstiAip->Aip, &mAdapterInformationProtocol, sizeof(EFI_ADAPTER_INFORMATION_PROTOCOL));
312 HstiAip->HstiSize = HstiSize;
313 HstiAip->HstiMaxSize = HstiSize;
314
315 Handle = NULL;
316 Status = gBS->InstallMultipleProtocolInterfaces (
317 &Handle,
318 &gEfiAdapterInformationProtocolGuid,
319 &HstiAip->Aip,
320 NULL
321 );
322 if (EFI_ERROR (Status)) {
323 FreePool (HstiAip->Hsti);
324 FreePool (HstiAip);
325 }
326
327 return Status;
328 }
329
330 /**
331 Search HSTI table in AIP protocol, and return the data.
332 This API will return the HSTI table with indicated Role and ImplementationID,
333 NULL ImplementationID means to find the first HSTI table with indicated Role.
334
335 @param Role Role of HSTI data.
336 @param ImplementationID ImplementationID of HSTI data.
337 NULL means find the first one match Role.
338 @param Hsti HSTI data. This buffer is allocated by callee, and it
339 is the responsibility of the caller to free it after
340 using it.
341 @param HstiSize HSTI size
342
343 @retval EFI_SUCCESS The HSTI data in AIP protocol is returned.
344 @retval EFI_NOT_FOUND There is not HSTI table with the Role and ImplementationID published in system.
345 **/
346 EFI_STATUS
347 EFIAPI
348 HstiLibGetTable (
349 IN UINT32 Role,
350 IN CHAR16 *ImplementationID OPTIONAL,
351 OUT VOID **Hsti,
352 OUT UINTN *HstiSize
353 )
354 {
355 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
356
357 Aip = InternalHstiFindAip (Role, ImplementationID, Hsti, HstiSize);
358 if (Aip == NULL) {
359 return EFI_NOT_FOUND;
360 }
361 return EFI_SUCCESS;
362 }
363
364 /**
365 Record FeaturesVerified in published HSTI table.
366 This API will update the HSTI table with indicated Role and ImplementationID,
367 NULL ImplementationID means to find the first HSTI table with indicated Role.
368
369 @param Role Role of HSTI data.
370 @param ImplementationID ImplementationID of HSTI data.
371 NULL means find the first one match Role.
372 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
373 @param BitMask Bit mask of FeaturesVerified of HSTI data.
374 @param Set TRUE means to set the FeaturesVerified bit.
375 FALSE means to clear the FeaturesVerified bit.
376
377 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
378 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
379 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
380 **/
381 EFI_STATUS
382 InternalHstiRecordFeaturesVerified (
383 IN UINT32 Role,
384 IN CHAR16 *ImplementationID, OPTIONAL
385 IN UINT32 ByteIndex,
386 IN UINT8 Bit,
387 IN BOOLEAN Set
388 )
389 {
390 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
391 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
392 UINTN HstiSize;
393 UINT8 *SecurityFeaturesVerified;
394 EFI_STATUS Status;
395
396 Aip = InternalHstiFindAip (Role, ImplementationID, &Hsti, &HstiSize);
397 if (Aip == NULL) {
398 return EFI_NOT_STARTED;
399 }
400
401 if (ByteIndex >= Hsti->SecurityFeaturesSize) {
402 return EFI_UNSUPPORTED;
403 }
404
405 SecurityFeaturesVerified = (UINT8 *)((UINTN)Hsti + sizeof(ADAPTER_INFO_PLATFORM_SECURITY) + Hsti->SecurityFeaturesSize * 2);
406
407 if (Set) {
408 SecurityFeaturesVerified[ByteIndex] = (UINT8)(SecurityFeaturesVerified[ByteIndex] | (Bit));
409 } else {
410 SecurityFeaturesVerified[ByteIndex] = (UINT8)(SecurityFeaturesVerified[ByteIndex] & (~Bit));
411 }
412
413 Status = Aip->SetInformation (
414 Aip,
415 &gAdapterInfoPlatformSecurityGuid,
416 Hsti,
417 HstiSize
418 );
419 return Status;
420 }
421
422 /**
423 Set FeaturesVerified in published HSTI table.
424 This API will update the HSTI table with indicated Role and ImplementationID,
425 NULL ImplementationID means to find the first HSTI table with indicated Role.
426
427 @param Role Role of HSTI data.
428 @param ImplementationID ImplementationID of HSTI data.
429 NULL means find the first one match Role.
430 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
431 @param BitMask Bit mask of FeaturesVerified of HSTI data.
432
433 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
434 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
435 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
436 **/
437 EFI_STATUS
438 EFIAPI
439 HstiLibSetFeaturesVerified (
440 IN UINT32 Role,
441 IN CHAR16 *ImplementationID, OPTIONAL
442 IN UINT32 ByteIndex,
443 IN UINT8 BitMask
444 )
445 {
446 return InternalHstiRecordFeaturesVerified (
447 Role,
448 ImplementationID,
449 ByteIndex,
450 BitMask,
451 TRUE
452 );
453 }
454
455 /**
456 Clear FeaturesVerified in published HSTI table.
457 This API will update the HSTI table with indicated Role and ImplementationID,
458 NULL ImplementationID means to find the first HSTI table with indicated Role.
459
460 @param Role Role of HSTI data.
461 @param ImplementationID ImplementationID of HSTI data.
462 NULL means find the first one match Role.
463 @param ByteIndex Byte index of FeaturesVerified of HSTI data.
464 @param BitMask Bit mask of FeaturesVerified of HSTI data.
465
466 @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
467 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
468 @retval EFI_UNSUPPORTED The ByteIndex is invalid.
469 **/
470 EFI_STATUS
471 EFIAPI
472 HstiLibClearFeaturesVerified (
473 IN UINT32 Role,
474 IN CHAR16 *ImplementationID, OPTIONAL
475 IN UINT32 ByteIndex,
476 IN UINT8 BitMask
477 )
478 {
479 return InternalHstiRecordFeaturesVerified (
480 Role,
481 ImplementationID,
482 ByteIndex,
483 BitMask,
484 FALSE
485 );
486 }
487
488 /**
489 Record ErrorString in published HSTI table.
490 This API will update the HSTI table with indicated Role and ImplementationID,
491 NULL ImplementationID means to find the first HSTI table with indicated Role.
492
493 @param Role Role of HSTI data.
494 @param ImplementationID ImplementationID of HSTI data.
495 NULL means find the first one match Role.
496 @param ErrorString ErrorString of HSTI data.
497 @param Append TRUE means to append the ErrorString to HSTI table.
498 FALSE means to set the ErrorString in HSTI table.
499
500 @retval EFI_SUCCESS The ErrorString of HSTI data is published in AIP protocol.
501 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
502 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
503 **/
504 EFI_STATUS
505 InternalHstiRecordErrorString (
506 IN UINT32 Role,
507 IN CHAR16 *ImplementationID, OPTIONAL
508 IN CHAR16 *ErrorString,
509 IN BOOLEAN Append
510 )
511 {
512 EFI_ADAPTER_INFORMATION_PROTOCOL *Aip;
513 ADAPTER_INFO_PLATFORM_SECURITY *Hsti;
514 UINTN HstiSize;
515 UINTN StringSize;
516 VOID *NewHsti;
517 UINTN NewHstiSize;
518 UINTN Offset;
519 EFI_STATUS Status;
520
521 Aip = InternalHstiFindAip (Role, ImplementationID, &Hsti, &HstiSize);
522 if (Aip == NULL) {
523 return EFI_NOT_STARTED;
524 }
525
526 if (Append) {
527 Offset = HstiSize - sizeof(CHAR16);
528 } else {
529 Offset = sizeof(ADAPTER_INFO_PLATFORM_SECURITY) + Hsti->SecurityFeaturesSize * 3;
530 }
531 StringSize = StrSize (ErrorString);
532
533 NewHstiSize = Offset + StringSize;
534 NewHsti = AllocatePool (NewHstiSize);
535 if (NewHsti == NULL) {
536 return EFI_OUT_OF_RESOURCES;
537 }
538
539 CopyMem (NewHsti, Hsti, Offset);
540 CopyMem ((UINT8 *)NewHsti + Offset, ErrorString, StringSize);
541
542 Status = Aip->SetInformation (
543 Aip,
544 &gAdapterInfoPlatformSecurityGuid,
545 NewHsti,
546 NewHstiSize
547 );
548 return Status;
549 }
550
551 /**
552 Append ErrorString in published HSTI table.
553 This API will update the HSTI table with indicated Role and ImplementationID,
554 NULL ImplementationID means to find the first HSTI table with indicated Role.
555
556 @param Role Role of HSTI data.
557 @param ImplementationID ImplementationID of HSTI data.
558 NULL means find the first one match Role.
559 @param ErrorString ErrorString of HSTI data.
560
561 @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
562 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
563 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
564 **/
565 EFI_STATUS
566 EFIAPI
567 HstiLibAppendErrorString (
568 IN UINT32 Role,
569 IN CHAR16 *ImplementationID, OPTIONAL
570 IN CHAR16 *ErrorString
571 )
572 {
573 return InternalHstiRecordErrorString (
574 Role,
575 ImplementationID,
576 ErrorString,
577 TRUE
578 );
579 }
580
581 /**
582 Set a new ErrorString in published HSTI table.
583 This API will update the HSTI table with indicated Role and ImplementationID,
584 NULL ImplementationID means to find the first HSTI table with indicated Role.
585
586 @param Role Role of HSTI data.
587 @param ImplementationID ImplementationID of HSTI data.
588 NULL means find the first one match Role.
589 @param ErrorString ErrorString of HSTI data.
590
591 @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
592 @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
593 @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
594 **/
595 EFI_STATUS
596 EFIAPI
597 HstiLibSetErrorString (
598 IN UINT32 Role,
599 IN CHAR16 *ImplementationID, OPTIONAL
600 IN CHAR16 *ErrorString
601 )
602 {
603 return InternalHstiRecordErrorString (
604 Role,
605 ImplementationID,
606 ErrorString,
607 FALSE
608 );
609 }
EFI Development Kit II mirror for PVE