/** @file\r
EFI PEI Core Security services\r
- \r
-Copyright (c) 2006, Intel Corporation \r
-All rights reserved. This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution. The full text of the license may be found at \r
-http://opensource.org/licenses/bsd-license.php \r
- \r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
\r
-**/\r
-\r
-#include <PeiMain.h>\r
-\r
-/**\r
-\r
- Provide a callback for when the security PPI is installed.\r
-\r
- @param PeiServices - The PEI core services table.\r
- @param NotifyDescriptor - The descriptor for the notification event.\r
- @param Ppi - Pointer to the PPI in question.\r
-\r
- @return Always success\r
+Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
-EFI_STATUS\r
-EFIAPI\r
-SecurityPpiNotifyCallback (\r
- IN EFI_PEI_SERVICES **PeiServices,\r
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
- IN VOID *Ppi\r
- );\r
\r
-STATIC EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
- EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
- &gEfiPeiSecurity2PpiGuid,\r
- SecurityPpiNotifyCallback\r
+#include "PeiMain.h"\r
+\r
+EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
+ EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
+ &gEfiPeiSecurity2PpiGuid,\r
+ SecurityPpiNotifyCallback\r
};\r
\r
/**\r
-\r
Initialize the security services.\r
\r
-\r
- @param PeiServices - The PEI core services table.\r
- @param OldCoreData - Pointer to the old core data.\r
- NULL if being run in non-permament memory mode.\r
+ @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
+ @param OldCoreData Pointer to the old core data.\r
+ NULL if being run in non-permanent memory mode.\r
\r
**/\r
VOID\r
InitializeSecurityServices (\r
- IN EFI_PEI_SERVICES **PeiServices,\r
- IN PEI_CORE_INSTANCE *OldCoreData\r
+ IN EFI_PEI_SERVICES **PeiServices,\r
+ IN PEI_CORE_INSTANCE *OldCoreData\r
)\r
{\r
if (OldCoreData == NULL) {\r
PeiServicesNotifyPpi (&mNotifyList);\r
}\r
+\r
return;\r
}\r
\r
/**\r
\r
Provide a callback for when the security PPI is installed.\r
+ This routine will cache installed security PPI into PeiCore's private data.\r
\r
- @param PeiServices - The PEI core services table.\r
- @param NotifyDescriptor - The descriptor for the notification event.\r
- @param Ppi - Pointer to the PPI in question.\r
+ @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.\r
+ @param NotifyDescriptor The descriptor for the notification event.\r
+ @param Ppi Pointer to the PPI in question.\r
\r
@return Always success\r
\r
IN VOID *Ppi\r
)\r
{\r
- PEI_CORE_INSTANCE *PrivateData;\r
+ PEI_CORE_INSTANCE *PrivateData;\r
\r
//\r
// Get PEI Core private data\r
//\r
PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);\r
- \r
+\r
//\r
// If there isn't a security PPI installed, use the one from notification\r
//\r
if (PrivateData->PrivateSecurityPpi == NULL) {\r
PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;\r
}\r
+\r
return EFI_SUCCESS;\r
}\r
\r
/**\r
-\r
Provide a callout to the security verification service.\r
\r
-\r
@param PrivateData PeiCore's private data structure\r
@param VolumeHandle Handle of FV\r
- @param FileHandle Handle of PEIM's ffs\r
+ @param FileHandle Handle of PEIM's FFS\r
+ @param AuthenticationStatus Authentication status\r
\r
@retval EFI_SUCCESS Image is OK\r
@retval EFI_SECURITY_VIOLATION Image is illegal\r
-\r
+ @retval EFI_NOT_FOUND If security PPI is not installed.\r
**/\r
EFI_STATUS\r
VerifyPeim (\r
- IN PEI_CORE_INSTANCE *PrivateData,\r
- IN EFI_PEI_FV_HANDLE VolumeHandle,\r
- IN EFI_PEI_FILE_HANDLE FileHandle\r
+ IN PEI_CORE_INSTANCE *PrivateData,\r
+ IN EFI_PEI_FV_HANDLE VolumeHandle,\r
+ IN EFI_PEI_FILE_HANDLE FileHandle,\r
+ IN UINT32 AuthenticationStatus\r
)\r
{\r
- EFI_STATUS Status;\r
- UINT32 AuthenticationStatus;\r
- BOOLEAN DeferExection;\r
-\r
- //\r
- // Set a default authentication state\r
- //\r
- AuthenticationStatus = 0;\r
+ EFI_STATUS Status;\r
+ BOOLEAN DeferExecution;\r
\r
+ Status = EFI_NOT_FOUND;\r
if (PrivateData->PrivateSecurityPpi == NULL) {\r
- Status = EFI_NOT_FOUND;\r
+ //\r
+ // Check AuthenticationStatus first.\r
+ //\r
+ if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {\r
+ if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {\r
+ Status = EFI_SECURITY_VIOLATION;\r
+ }\r
+ }\r
} else {\r
//\r
// Check to see if the image is OK\r
//\r
Status = PrivateData->PrivateSecurityPpi->AuthenticationState (\r
- (CONST EFI_PEI_SERVICES **) &PrivateData->PS,\r
+ (CONST EFI_PEI_SERVICES **)&PrivateData->Ps,\r
PrivateData->PrivateSecurityPpi,\r
AuthenticationStatus,\r
VolumeHandle,\r
FileHandle,\r
- &DeferExection\r
+ &DeferExecution\r
);\r
- if (DeferExection) {\r
+ if (DeferExecution) {\r
Status = EFI_SECURITY_VIOLATION;\r
}\r
}\r
+\r
return Status;\r
}\r
\r
-\r
/**\r
Verify a Firmware volume.\r
\r
- @param CurrentFvAddress - Pointer to the current Firmware Volume under consideration\r
+ @param CurrentFvAddress Pointer to the current Firmware Volume under consideration\r
\r
- @retval EFI_SUCCESS - Firmware Volume is legal\r
- @retval EFI_SECURITY_VIOLATION - Firmware Volume fails integrity test\r
+ @retval EFI_SUCCESS Firmware Volume is legal\r
\r
**/\r
EFI_STATUS\r