/** @file\r
The library instance provides security service of TPM measure boot. \r
\r
+ Caution: This file requires additional review when modified.\r
+ This library will have external input - PE/COFF image and GPT partition.\r
+ This external input must be validated carefully to avoid security issue like\r
+ buffer overflow, integer overflow.\r
+\r
+ DxeTpmMeasureBootLibImageRead() function will make sure the PE/COFF image content\r
+ read is within the image buffer.\r
+\r
+ TcgMeasurePeImage() function will accept untrusted PE/COFF image and validate its\r
+ data structure within this image buffer before use.\r
+\r
+ TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse\r
+ partition data carefully.\r
+\r
Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
/**\r
Reads contents of a PE/COFF image in memory buffer.\r
\r
+ Caution: This function may receive untrusted input.\r
+ PE/COFF image is external input, so this function will make sure the PE/COFF image content\r
+ read is within the image buffer.\r
+\r
@param FileHandle Pointer to the file handle to read the PE/COFF image.\r
@param FileOffset Offset into the PE/COFF image to begin the read operation.\r
@param ReadSize On input, the size in bytes of the requested read operation. \r
/**\r
Measure GPT table data into TPM log.\r
\r
+ Caution: This function may receive untrusted input.\r
+ The GPT partition table is external input, so this function should parse partition data carefully.\r
+\r
@param TcgProtocol Pointer to the located TCG protocol instance.\r
@param GptHandle Handle that GPT partition was installed.\r
\r
if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {\r
NumberOfPartition++; \r
}\r
- PartitionEntry++;\r
+ PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);\r
}\r
\r
//\r
- // Parepare Data for Measurement\r
+ // Prepare Data for Measurement\r
// \r
EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions) \r
+ NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);\r
- TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT));\r
+ TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));\r
if (TcgEvent == NULL) {\r
FreePool (PrimaryHeader);\r
FreePool (EntryPtr);\r
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {\r
if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {\r
CopyMem (\r
- (UINT8 *)&GptData->Partitions + NumberOfPartition * sizeof (EFI_PARTITION_ENTRY),\r
+ (UINT8 *)&GptData->Partitions + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry,\r
(UINT8 *)PartitionEntry,\r
- sizeof (EFI_PARTITION_ENTRY)\r
+ PrimaryHeader->SizeOfPartitionEntry\r
);\r
NumberOfPartition++;\r
}\r
- PartitionEntry++;\r
+ PartitionEntry =(EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);\r
}\r
\r
//\r
Measure PE image into TPM log based on the authenticode image hashing in\r
PE/COFF Specification 8.0 Appendix A.\r
\r
+ Caution: This function may receive untrusted input.\r
+ PE/COFF image is external input, so this function will validate its data structure\r
+ within this image buffer before use.\r
+\r
@param[in] TcgProtocol Pointer to the located TCG protocol instance.\r
@param[in] ImageAddress Start address of image buffer.\r
@param[in] ImageSize Image size\r
// Measuring PE/COFF Image Header;\r
// But CheckSum field and SECURITY data directory (certificate) are excluded\r
//\r
- Magic = Hdr.Pe32->OptionalHeader.Magic;\r
+ if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {\r
+ //\r
+ // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value \r
+ // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the \r
+ // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC\r
+ // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC\r
+ //\r
+ Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;\r
+ } else {\r
+ //\r
+ // Get the magic value from the PE/COFF Optional Header\r
+ //\r
+ Magic = Hdr.Pe32->OptionalHeader.Magic;\r
+ }\r
\r
//\r
// 3. Calculate the distance from the base of the image header to the image checksum address.\r