+ return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE, \r
+ AuthenticationStatus, \r
+ File,\r
+ NULL, \r
+ 0, \r
+ FALSE\r
+ );\r
+}\r
+\r
+/**\r
+ The DXE Foundation uses this service to measure and/or verify a UEFI image.\r
+\r
+ This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI\r
+ Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation\r
+ invokes the FileAuthentication() with a DevicePath and corresponding image in\r
+ FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the\r
+ appropriate PCR. The image verification logic will confirm the integrity and provenance of the\r
+ image in FileBuffer of length FileSize . The origin of the image will be DevicePath in\r
+ these cases.\r
+ If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r
+ in order to support the User Identification policy.\r
+ \r
+ @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r
+ @param File A pointer to the device path of the file that is\r
+ being dispatched. This will optionally be used for logging.\r
+ @param FileBuffer A pointer to the buffer with the UEFI file image.\r
+ @param FileSize The size of the file.\r
+ @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r
+ FileAuthentication() is invoked not from the LoadImage(),\r
+ BootPolicy must be set to FALSE.\r
+ \r
+ @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r
+ FileBuffer did authenticate, and the platform policy dictates\r
+ that the DXE Foundation may use the file.\r
+ @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r
+ and non-NULL FileBuffer did authenticate, and the platform\r
+ policy dictates that the DXE Foundation may execute the image in\r
+ FileBuffer.\r
+ @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r
+ UEFI device drivers on the device path specified by DevicePath.\r
+ @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not\r
+ authenticate, and the platform policy dictates that the file should be\r
+ placed in the untrusted state. The image has been added to the file\r
+ execution table.\r
+ @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r
+ authenticate, and the platform policy dictates that the DXE\r
+ Foundation many not use File.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r
+ permission to start UEFI device drivers on the device path specified\r
+ by DevicePath.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r
+ drivers from the device path specified by DevicePath. The\r
+ image has been added into the list of the deferred images.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Security2StubAuthenticate (\r
+ IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,\r
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File,\r
+ IN VOID *FileBuffer,\r
+ IN UINTN FileSize,\r
+ IN BOOLEAN BootPolicy\r
+ )\r
+{\r
+ return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE | \r
+ EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD | \r
+ EFI_AUTH_OPERATION_MEASURE_IMAGE |\r
+ EFI_AUTH_OPERATION_CONNECT_POLICY, \r
+ 0, \r
+ File,\r
+ FileBuffer, \r
+ FileSize, \r
+ BootPolicy\r
+ );\r