TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse\r
partition data carefully.\r
\r
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution. The full text of the license may be found at \r
#include <Protocol/TcgService.h>\r
#include <Protocol/BlockIo.h>\r
#include <Protocol/DiskIo.h>\r
-#include <Protocol/DevicePathToText.h>\r
#include <Protocol/FirmwareVolumeBlock.h>\r
\r
-#include <Guid/TrustedFvHob.h>\r
+#include <Guid/MeasuredFvHob.h>\r
+#include <Guid/ZeroGuid.h>\r
\r
#include <Library/BaseLib.h>\r
#include <Library/DebugLib.h>\r
// Flag to check GPT partition. It only need be measured once.\r
//\r
BOOLEAN mMeasureGptTableFlag = FALSE;\r
-EFI_GUID mZeroGuid = {0, 0, 0, {0, 0, 0, 0, 0, 0, 0, 0}};\r
UINTN mMeasureGptCount = 0;\r
VOID *mFileBuffer;\r
-UINTN mImageSize;\r
+UINTN mTpmImageSize;\r
//\r
// Measured FV handle cache\r
//\r
EFI_HANDLE mCacheMeasuredHandle = NULL;\r
-UINT32 *mGuidHobData = NULL;\r
+MEASURED_HOB_DATA *mMeasuredHobData = NULL;\r
\r
/**\r
Reads contents of a PE/COFF image in memory buffer.\r
}\r
\r
EndPosition = FileOffset + *ReadSize;\r
- if (EndPosition > mImageSize) {\r
- *ReadSize = (UINT32)(mImageSize - FileOffset);\r
+ if (EndPosition > mTpmImageSize) {\r
+ *ReadSize = (UINT32)(mTpmImageSize - FileOffset);\r
}\r
\r
- if (FileOffset >= mImageSize) {\r
+ if (FileOffset >= mTpmImageSize) {\r
*ReadSize = 0;\r
}\r
\r
PartitionEntry = (EFI_PARTITION_ENTRY *)EntryPtr;\r
NumberOfPartition = 0;\r
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {\r
- if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {\r
+ if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &gZeroGuid)) {\r
NumberOfPartition++; \r
}\r
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);\r
PartitionEntry = (EFI_PARTITION_ENTRY*)EntryPtr;\r
NumberOfPartition = 0;\r
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {\r
- if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {\r
+ if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &gZeroGuid)) {\r
CopyMem (\r
(UINT8 *)&GptData->Partitions + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry,\r
(UINT8 *)PartitionEntry,\r
ImageLoad->ImageLengthInMemory = ImageSize;\r
ImageLoad->ImageLinkTimeAddress = LinkTimeBase;\r
ImageLoad->LengthOfDevicePath = FilePathSize;\r
- CopyMem (ImageLoad->DevicePath, FilePath, FilePathSize);\r
+ if ((FilePath != NULL) && (FilePathSize != 0)) {\r
+ CopyMem (ImageLoad->DevicePath, FilePath, FilePathSize);\r
+ }\r
\r
//\r
// Check PE/COFF image\r
&EventNumber,\r
&EventLogLastEntry\r
);\r
+ if (Status == EFI_OUT_OF_RESOURCES) {\r
+ //\r
+ // Out of resource here means the image is hashed and its result is extended to PCR.\r
+ // But the event log cann't be saved since log area is full.\r
+ // Just return EFI_SUCCESS in order not to block the image load.\r
+ //\r
+ Status = EFI_SUCCESS;\r
+ }\r
\r
Finish:\r
FreePool (TcgEvent);\r
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;\r
EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;\r
EFI_PHYSICAL_ADDRESS FvAddress;\r
- EFI_PLATFORM_FIRMWARE_BLOB *TrustedFvBuf;\r
UINT32 Index;\r
\r
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol);\r
&EventLogLocation,\r
&EventLogLastEntry\r
);\r
- if (EFI_ERROR (Status) || ProtocolCapability.TPMDeactivatedFlag) {\r
+ if (EFI_ERROR (Status) || ProtocolCapability.TPMDeactivatedFlag || (!ProtocolCapability.TPMPresentFlag)) {\r
//\r
// TPM device doesn't work or activate.\r
//\r
return EFI_SUCCESS;\r
}\r
//\r
- // The PE image from untrusted Firmware volume need be measured\r
- // The PE image from trusted Firmware volume will be mearsured according to policy below.\r
- // if it is driver, do not measure\r
+ // The PE image from unmeasured Firmware volume need be measured\r
+ // The PE image from measured Firmware volume will be mearsured according to policy below.\r
+ // If it is driver, do not measure\r
// If it is application, still measure.\r
//\r
ApplicationRequired = TRUE;\r
\r
- if (mCacheMeasuredHandle != Handle && mGuidHobData != NULL) {\r
+ if (mCacheMeasuredHandle != Handle && mMeasuredHobData != NULL) {\r
//\r
// Search for Root FV of this PE image\r
//\r
return Status;\r
}\r
\r
- TrustedFvBuf = (EFI_PLATFORM_FIRMWARE_BLOB *)(mGuidHobData + 1);\r
ApplicationRequired = FALSE;\r
\r
- for (Index = 0; Index < *mGuidHobData; Index++) {\r
- if(TrustedFvBuf[Index].BlobBase == FvAddress) {\r
+ for (Index = 0; Index < mMeasuredHobData->Num; Index++) {\r
+ if(mMeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {\r
//\r
// Cache measured FV for next measurement\r
//\r
goto Finish;\r
}\r
\r
- mImageSize = FileSize;\r
+ mTpmImageSize = FileSize;\r
mFileBuffer = FileBuffer;\r
\r
//\r
// \r
DEBUG_CODE_BEGIN ();\r
CHAR16 *ToText;\r
- EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *DevPathToText;\r
- Status = gBS->LocateProtocol (\r
- &gEfiDevicePathToTextProtocolGuid,\r
- NULL,\r
- (VOID **) &DevPathToText\r
- );\r
- if (!EFI_ERROR (Status)) {\r
- ToText = DevPathToText->ConvertDevicePathToText (\r
- DevicePathNode,\r
- FALSE,\r
- TRUE\r
- );\r
- if (ToText != NULL) {\r
- DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));\r
- }\r
+ ToText = ConvertDevicePathToText (\r
+ DevicePathNode,\r
+ FALSE,\r
+ TRUE\r
+ );\r
+ if (ToText != NULL) {\r
+ DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));\r
+ FreePool (ToText);\r
}\r
DEBUG_CODE_END ();\r
\r
\r
GuidHob = NULL;\r
\r
- GuidHob = GetFirstGuidHob (&gTrustedFvHobGuid);\r
+ GuidHob = GetFirstGuidHob (&gMeasuredFvHobGuid);\r
\r
if (GuidHob != NULL) {\r
- mGuidHobData = GET_GUID_HOB_DATA (GuidHob);\r
+ mMeasuredHobData = GET_GUID_HOB_DATA (GuidHob);\r
}\r
\r
return RegisterSecurity2Handler (\r
projects / mirror_edk2.git / blobdiff