/** @file\r
-\r
+ EFI PEI Core Security services\r
+ \r
Copyright (c) 2006, Intel Corporation \r
All rights reserved. This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
\r
-Module Name:\r
+**/\r
\r
- Security.c\r
+#include <PeiMain.h>\r
\r
-Abstract:\r
+/**\r
\r
- EFI PEI Core Security services\r
+ Provide a callback for when the security PPI is installed.\r
\r
-**/\r
+ @param PeiServices - The PEI core services table.\r
+ @param NotifyDescriptor - The descriptor for the notification event.\r
+ @param Ppi - Pointer to the PPI in question.\r
\r
-#include <PeiMain.h>\r
+ @return Always success\r
\r
-STATIC\r
+**/\r
EFI_STATUS\r
EFIAPI\r
SecurityPpiNotifyCallback (\r
IN VOID *Ppi\r
);\r
\r
-static EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
+STATIC EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {\r
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,\r
&gEfiPeiSecurity2PpiGuid,\r
SecurityPpiNotifyCallback\r
};\r
\r
-VOID\r
-InitializeSecurityServices (\r
- IN EFI_PEI_SERVICES **PeiServices,\r
- IN PEI_CORE_INSTANCE *OldCoreData\r
- )\r
-/*++\r
-\r
-Routine Description:\r
+/**\r
\r
Initialize the security services.\r
\r
-Arguments:\r
\r
- PeiServices - The PEI core services table.\r
- OldCoreData - Pointer to the old core data.\r
- NULL if being run in non-permament memory mode.\r
-Returns:\r
+ @param PeiServices - The PEI core services table.\r
+ @param OldCoreData - Pointer to the old core data.\r
+ NULL if being run in non-permament memory mode.\r
\r
- None\r
-\r
---*/\r
+**/\r
+VOID\r
+InitializeSecurityServices (\r
+ IN EFI_PEI_SERVICES **PeiServices,\r
+ IN PEI_CORE_INSTANCE *OldCoreData\r
+ )\r
{\r
if (OldCoreData == NULL) {\r
PeiServicesNotifyPpi (&mNotifyList);\r
return;\r
}\r
\r
-STATIC\r
+/**\r
+\r
+ Provide a callback for when the security PPI is installed.\r
+\r
+ @param PeiServices - The PEI core services table.\r
+ @param NotifyDescriptor - The descriptor for the notification event.\r
+ @param Ppi - Pointer to the PPI in question.\r
+\r
+ @return Always success\r
+\r
+**/\r
EFI_STATUS\r
EFIAPI\r
SecurityPpiNotifyCallback (\r
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,\r
IN VOID *Ppi\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Provide a callback for when the security PPI is installed.\r
-\r
-Arguments:\r
-\r
- PeiServices - The PEI core services table.\r
- NotifyDescriptor - The descriptor for the notification event.\r
- Ppi - Pointer to the PPI in question.\r
-\r
-Returns:\r
-\r
- EFI_SUCCESS - The function is successfully processed.\r
-\r
---*/\r
{\r
PEI_CORE_INSTANCE *PrivateData;\r
\r
return EFI_SUCCESS;\r
}\r
\r
-EFI_STATUS\r
-VerifyPeim (\r
- IN PEI_CORE_INSTANCE *PrivateData,\r
- IN EFI_PEI_FV_HANDLE VolumeHandle,\r
- IN EFI_PEI_FILE_HANDLE FileHandle\r
- )\r
-/*++\r
-\r
-Routine Description:\r
+/**\r
\r
Provide a callout to the security verification service.\r
\r
-Arguments:\r
\r
- PeiServices - The PEI core services table.\r
- CurrentPeimAddress - Pointer to the Firmware File under investigation.\r
+ @param PrivateData PeiCore's private data structure\r
+ @param VolumeHandle Handle of FV\r
+ @param FileHandle Handle of PEIM's ffs\r
\r
-Returns:\r
+ @retval EFI_SUCCESS Image is OK\r
+ @retval EFI_SECURITY_VIOLATION Image is illegal\r
\r
- EFI_SUCCESS - Image is OK\r
- EFI_SECURITY_VIOLATION - Image is illegal\r
-\r
---*/\r
+**/\r
+EFI_STATUS\r
+VerifyPeim (\r
+ IN PEI_CORE_INSTANCE *PrivateData,\r
+ IN EFI_PEI_FV_HANDLE VolumeHandle,\r
+ IN EFI_PEI_FILE_HANDLE FileHandle\r
+ )\r
{\r
EFI_STATUS Status;\r
UINT32 AuthenticationStatus;\r
}\r
\r
\r
+/**\r
+ Verify a Firmware volume.\r
+\r
+ @param CurrentFvAddress - Pointer to the current Firmware Volume under consideration\r
+\r
+ @retval EFI_SUCCESS - Firmware Volume is legal\r
+ @retval EFI_SECURITY_VIOLATION - Firmware Volume fails integrity test\r
+\r
+**/\r
EFI_STATUS\r
VerifyFv (\r
IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress\r
)\r
-/*++\r
-\r
-Routine Description:\r
-\r
- Verify a Firmware volume\r
-\r
-Arguments:\r
-\r
- CurrentFvAddress - Pointer to the current Firmware Volume under consideration\r
-\r
-Returns:\r
-\r
- EFI_SUCCESS - Firmware Volume is legal\r
- EFI_SECURITY_VIOLATION - Firmware Volume fails integrity test\r
-\r
---*/\r
{\r
//\r
// Right now just pass the test. Future can authenticate and/or check the\r