SecurityPkg: Clean up source files

[mirror_edk2.git] / SecurityPkg / Library / DxeImageVerificationLib / DxeImageVerificationLib.inf
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf

index 5874d6b66b3abd48bcc5a39e5ad0fba1c349aa8a..3430b6ea9dacd878443684c55d1dfbfb6a2b8028 100644 (file)
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
@@ -1,8 +1,14 @@
  ## @file\r
-#  The library instance provides security service of image verification.\r
-#  Image verification Library module supports UEFI2.3.1\r
+#  Provides security service of image verification\r
  #\r
-# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+#  This library hooks LoadImage() API to verify every image by the verification policy.\r
+#\r
+#  Caution: This module requires additional review when modified.\r
+#  This library will have external input - PE/COFF image.\r
+#  This external input must be validated carefully to avoid security issues such as\r
+#  buffer overflow or integer overflow.\r
+#\r
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>\r
  # This program and the accompanying materials\r
  # are licensed and made available under the terms and conditions of the BSD License\r
  # which accompanies this distribution. The full text of the license may be found at\r
@@ -14,11 +20,12 @@
  \r
  [Defines]\r
    INF_VERSION                    = 0x00010005\r
-  BASE_NAME                      = DxeImageVerificationLib   \r
+  BASE_NAME                      = DxeImageVerificationLib\r
+  MODULE_UNI_FILE                = DxeImageVerificationLib.uni\r
    FILE_GUID                      = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6\r
    MODULE_TYPE                    = DXE_DRIVER\r
    VERSION_STRING                 = 1.0\r
-  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER \r
+  LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER\r
    CONSTRUCTOR                    = DxeImageVerificationLibConstructor\r
  \r
  #\r
@@ -30,6 +37,7 @@
  [Sources]\r
    DxeImageVerificationLib.c\r
    DxeImageVerificationLib.h\r
+  Measurement.c\r
  \r
  [Packages]\r
    MdePkg/MdePkg.dec\r
@@ -48,26 +56,45 @@
    DevicePathLib\r
    BaseCryptLib\r
    SecurityManagementLib\r
+  PeCoffLib\r
+  TpmMeasurementLib\r
  \r
  [Protocols]\r
-  gEfiFirmwareVolume2ProtocolGuid\r
-  gEfiBlockIoProtocolGuid\r
-  gEfiSimpleFileSystemProtocolGuid\r
-  gEfiVariableWriteArchProtocolGuid\r
-  \r
+  gEfiFirmwareVolume2ProtocolGuid       ## SOMETIMES_CONSUMES\r
+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES\r
+  gEfiSimpleFileSystemProtocolGuid      ## SOMETIMES_CONSUMES\r
+\r
  [Guids]\r
-  gEfiCertTypeRsa2048Sha256Guid\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBT"\r
+  ## PRODUCES             ## SystemTable\r
+  ## CONSUMES             ## SystemTable\r
    gEfiImageSecurityDatabaseGuid\r
+\r
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
    gEfiCertSha1Guid\r
+\r
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
    gEfiCertSha256Guid\r
-  gEfiCertX509Guid\r
-  gEfiCertRsa2048Guid\r
-  \r
-[Pcd]\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy\r
-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy\r
  \r
-  \r
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
+  gEfiCertSha384Guid\r
  \r
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.\r
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.\r
+  gEfiCertSha512Guid\r
  \r
+  gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
+  gEfiCertX509Sha256Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
+  gEfiCertX509Sha384Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
+  gEfiCertX509Sha512Guid                ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.\r
+  gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.\r
+\r
+[Pcd]\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy     ## SOMETIMES_CONSUMES\r
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy         ## SOMETIMES_CONSUMES\r