/** @file\r
This driver produces Security2 and Security architectural protocol based on SecurityManagementLib.\r
- \r
- Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>\r
- This program and the accompanying materials \r
- are licensed and made available under the terms and conditions of the BSD License \r
- which accompanies this distribution. The full text of the license may be found at \r
- http://opensource.org/licenses/bsd-license.php \r
\r
- THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
- WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
+ This program and the accompanying materials\r
+ are licensed and made available under the terms and conditions of the BSD License\r
+ which accompanies this distribution. The full text of the license may be found at\r
+ http://opensource.org/licenses/bsd-license.php\r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
EFI_HANDLE mSecurityArchProtocolHandle = NULL;\r
\r
/**\r
- The EFI_SECURITY_ARCH_PROTOCOL (SAP) is used to abstract platform-specific \r
- policy from the DXE core response to an attempt to use a file that returns a \r
- given status for the authentication check from the section extraction protocol. \r
+ The EFI_SECURITY_ARCH_PROTOCOL (SAP) is used to abstract platform-specific\r
+ policy from the DXE core response to an attempt to use a file that returns a\r
+ given status for the authentication check from the section extraction protocol.\r
\r
- The possible responses in a given SAP implementation may include locking \r
- flash upon failure to authenticate, attestation logging for all signed drivers, \r
- and other exception operations. The File parameter allows for possible logging \r
+ The possible responses in a given SAP implementation may include locking\r
+ flash upon failure to authenticate, attestation logging for all signed drivers,\r
+ and other exception operations. The File parameter allows for possible logging\r
within the SAP of the driver.\r
\r
If File is NULL, then EFI_INVALID_PARAMETER is returned.\r
\r
- If the file specified by File with an authentication status specified by \r
+ If the file specified by File with an authentication status specified by\r
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.\r
\r
- If the file specified by File with an authentication status specified by \r
- AuthenticationStatus is not safe for the DXE Core to use under any circumstances, \r
+ If the file specified by File with an authentication status specified by\r
+ AuthenticationStatus is not safe for the DXE Core to use under any circumstances,\r
then EFI_ACCESS_DENIED is returned.\r
\r
- If the file specified by File with an authentication status specified by \r
- AuthenticationStatus is not safe for the DXE Core to use right now, but it \r
- might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is \r
+ If the file specified by File with an authentication status specified by\r
+ AuthenticationStatus is not safe for the DXE Core to use right now, but it\r
+ might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is\r
returned.\r
\r
@param This The EFI_SECURITY_ARCH_PROTOCOL instance.\r
- @param AuthenticationStatus \r
+ @param AuthenticationStatus\r
This is the authentication type returned from the Section\r
Extraction protocol. See the Section Extraction Protocol\r
Specification for details on this type.\r
)\r
{\r
EFI_STATUS Status;\r
- \r
- Status = ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE, \r
- AuthenticationStatus, \r
+\r
+ Status = ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE,\r
+ AuthenticationStatus,\r
File,\r
- NULL, \r
- 0, \r
+ NULL,\r
+ 0,\r
FALSE\r
);\r
if (Status == EFI_SUCCESS) {\r
Status = ExecuteSecurityHandlers (AuthenticationStatus, File);\r
}\r
- \r
+\r
return Status;\r
}\r
\r
these cases.\r
If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r
in order to support the User Identification policy.\r
- \r
+\r
@param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r
@param File A pointer to the device path of the file that is\r
being dispatched. This will optionally be used for logging.\r
@param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r
FileAuthentication() is invoked not from the LoadImage(),\r
BootPolicy must be set to FALSE.\r
- \r
+\r
@retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r
FileBuffer did authenticate, and the platform policy dictates\r
that the DXE Foundation may use the file.\r
}\r
}\r
\r
- return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE | \r
- EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD | \r
+ return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE |\r
+ EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD |\r
EFI_AUTH_OPERATION_MEASURE_IMAGE |\r
- EFI_AUTH_OPERATION_CONNECT_POLICY, \r
- 0, \r
+ EFI_AUTH_OPERATION_CONNECT_POLICY,\r
+ 0,\r
File,\r
- FileBuffer, \r
- FileSize, \r
+ FileBuffer,\r
+ FileSize,\r
BootPolicy\r
);\r
}\r
//\r
// Security2 and Security Architectural Protocol instance produced by this driver\r
//\r
-EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = { \r
- SecurityStubAuthenticateState \r
+EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = {\r
+ SecurityStubAuthenticateState\r
};\r
\r
-EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = { \r
- Security2StubAuthenticate \r
+EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = {\r
+ Security2StubAuthenticate\r
};\r
\r
/**\r
\r
@param ImageHandle The image handle of this driver.\r
@param SystemTable A pointer to the EFI System Table.\r
- \r
+\r
@retval EFI_SUCCESS Install the sample Security Architectural Protocol successfully.\r
\r
**/\r