X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FLibrary%2FDxeImageVerificationLib%2FDxeImageVerificationLib.c;h=402540eb1b2bd4469f42bffcc5b6975537848ea5;hp=6e3e9eea95200a7a5b73ea230ffc39de3bbae490;hb=bc2dfdbcfc11dc785f0cc0ad2f519a63b98f88bc;hpb=28186d45660c92b8d98b8b19b5f8e6ff71ea5fba diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 6e3e9eea95..402540eb1b 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -1,6 +1,17 @@ /** @file Implement image verification services for secure boot service in UEFI2.3.1. + Caution: This file requires additional review when modified. + This library will have external input - PE/COFF image. + This external input must be validated carefully to avoid security issue like + buffer overflow, integer overflow. + + DxeImageVerificationLibImageRead() function will make sure the PE/COFF image content + read is within the image buffer. + + DxeImageVerificationHandler(), HashPeImageByType(), HashPeImage() function will accept + untrusted PE/COFF image and validate its data structure within this image buffer before use. + Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -14,15 +25,23 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include "DxeImageVerificationLib.h" +// +// Caution: This is used by a function which may receive untrusted input. +// These global variables hold PE/COFF image data, and they should be validated before use. +// EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader; -UINTN mImageSize; UINT32 mPeCoffHeaderOffset; -UINT8 mImageDigest[MAX_DIGEST_SIZE]; -UINTN mImageDigestSize; EFI_IMAGE_DATA_DIRECTORY *mSecDataDir = NULL; -UINT8 *mImageBase = NULL; EFI_GUID mCertType; +// +// Information on current PE/COFF image +// +UINTN mImageSize; +UINT8 *mImageBase = NULL; +UINT8 mImageDigest[MAX_DIGEST_SIZE]; +UINTN mImageDigestSize; + // // Notify string for authorization UI. // @@ -57,6 +76,10 @@ HASH_TABLE mHash[] = { /** Reads contents of a PE/COFF image in memory buffer. + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this function will make sure the PE/COFF image content + read is within the image buffer. + @param FileHandle Pointer to the file handle to read the PE/COFF image. @param FileOffset Offset into the PE/COFF image to begin the read operation. @param ReadSize On input, the size in bytes of the requested read operation. @@ -67,7 +90,7 @@ HASH_TABLE mHash[] = { **/ EFI_STATUS EFIAPI -ImageRead ( +DxeImageVerificationLibImageRead ( IN VOID *FileHandle, IN UINTN FileOffset, IN OUT UINTN *ReadSize, @@ -229,6 +252,10 @@ GetImageType ( Caculate hash of Pe/Coff image based on the authenticode image hashing in PE/COFF Specification 8.0 Appendix A + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this function will validate its data structure + within this image buffer before use. + @param[in] HashAlg Hash algorithm type. @retval TRUE Successfully hash image. @@ -251,8 +278,8 @@ HashPeImage ( EFI_IMAGE_SECTION_HEADER *SectionHeader; UINTN Index; UINTN Pos; - UINTN SumOfSectionBytes; - EFI_IMAGE_SECTION_HEADER *SectionCache; + UINT32 CertSize; + UINT32 NumberOfRvaAndSizes; HashCtx = NULL; SectionHeader = NULL; @@ -292,11 +319,26 @@ HashPeImage ( if (!Status) { goto Done; } + // // Measuring PE/COFF Image Header; // But CheckSum field and SECURITY data directory (certificate) are excluded // - Magic = mNtHeader.Pe32->OptionalHeader.Magic; + if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + // + // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value + // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the + // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC + // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC + // + Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC; + } else { + // + // Get the magic value from the PE/COFF Optional Header + // + Magic = mNtHeader.Pe32->OptionalHeader.Magic; + } + // // 3. Calculate the distance from the base of the image header to the image checksum address. // 4. Hash the image header from its base to beginning of the image checksum. @@ -307,11 +349,13 @@ HashPeImage ( // Use PE32 offset. // HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - HashBase); + NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes; } else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) { // // Use PE32+ offset. // HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - HashBase); + NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes; } else { // // Invalid header magic number. @@ -324,51 +368,86 @@ HashPeImage ( if (!Status) { goto Done; } + // // 5. Skip over the image checksum (it occupies a single ULONG). - // 6. Get the address of the beginning of the Cert Directory. - // 7. Hash everything from the end of the checksum to the start of the Cert Directory. // - if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) { // - // Use PE32 offset. + // 6. Since there is no Cert Directory in optional header, hash everything + // from the end of the checksum to the end of image header. // - HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32); - HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase); + if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + // + // Use PE32 offset. + // + HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32); + HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - mImageBase); + } else { + // + // Use PE32+ offset. + // + HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32); + HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - mImageBase); + } + + if (HashSize != 0) { + Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); + if (!Status) { + goto Done; + } + } } else { // - // Use PE32+ offset. + // 7. Hash everything from the end of the checksum to the start of the Cert Directory. // - HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32); - HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase); - } + if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + // + // Use PE32 offset. + // + HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32); + HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase); + } else { + // + // Use PE32+ offset. + // + HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32); + HashSize = (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase); + } + + if (HashSize != 0) { + Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); + if (!Status) { + goto Done; + } + } - Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); - if (!Status) { - goto Done; - } - // - // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.) - // 9. Hash everything from the end of the Cert Directory to the end of image header. - // - if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { - // - // Use PE32 offset - // - HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]; - HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase); - } else { // - // Use PE32+ offset. + // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.) + // 9. Hash everything from the end of the Cert Directory to the end of image header. // - HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]; - HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) ((UINT8 *) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - mImageBase); - } + if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + // + // Use PE32 offset + // + HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]; + HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - mImageBase); + } else { + // + // Use PE32+ offset. + // + HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]; + HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - mImageBase); + } - Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); - if (!Status) { - goto Done; + if (HashSize != 0) { + Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); + if (!Status) { + goto Done; + } + } } + // // 10. Set the SUM_OF_BYTES_HASHED to the size of the header. // @@ -393,20 +472,6 @@ HashPeImage ( mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader ); - SectionCache = Section; - for (Index = 0, SumOfSectionBytes = 0; Index < mNtHeader.Pe32->FileHeader.NumberOfSections; Index++, SectionCache++) { - SumOfSectionBytes += SectionCache->SizeOfRawData; - } - - // - // Sanity check for file corruption. Sections raw data size should be smaller - // than Image Size. - // - if (SumOfSectionBytes >= mImageSize) { - Status = FALSE; - goto Done; - } - // // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER // structures in the image. The 'NumberOfSections' field of the image @@ -465,37 +530,36 @@ HashPeImage ( // if (mImageSize > SumOfBytesHashed) { HashBase = mImageBase + SumOfBytesHashed; - if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { - if (mImageSize - SumOfBytesHashed < mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size) { - Status = FALSE; - goto Done; - } - // - // Use PE32 offset. - // - HashSize = (UINTN)( - mImageSize - - mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size - - SumOfBytesHashed); + + if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) { + CertSize = 0; } else { - if (mImageSize - SumOfBytesHashed < mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size) { - Status = FALSE; - goto Done; + if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + // + // Use PE32 offset. + // + CertSize = mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size; + } else { + // + // Use PE32+ offset. + // + CertSize = mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size; } - // - // Use PE32+ offset. - // - HashSize = (UINTN)( - mImageSize - - mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size - - SumOfBytesHashed); } - Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); - if (!Status) { + if (mImageSize > CertSize + SumOfBytesHashed) { + HashSize = (UINTN) (mImageSize - CertSize - SumOfBytesHashed); + + Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize); + if (!Status) { + goto Done; + } + } else if (mImageSize < CertSize + SumOfBytesHashed) { + Status = FALSE; goto Done; } } + Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest); Done: @@ -513,6 +577,10 @@ Done: Pe/Coff image based on the authenticode image hashing in PE/COFF Specification 8.0 Appendix A + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this function will validate its data structure + within this image buffer before use. + @retval EFI_UNSUPPORTED Hash algorithm is not supported. @retval EFI_SUCCESS Hash successfully. @@ -527,6 +595,10 @@ HashPeImageByType ( PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) (mImageBase + mSecDataDir->VirtualAddress); + if (PkcsCertData->Hdr.dwLength < sizeof (WIN_CERTIFICATE_EFI_PKCS) + 32) { + return EFI_UNSUPPORTED; + } + for (Index = 0; Index < HASHALG_MAX; Index++) { // // Check the Hash algorithm in PE/COFF Authenticode. @@ -547,6 +619,10 @@ HashPeImageByType ( continue; } + if (PkcsCertData->Hdr.dwLength < sizeof (WIN_CERTIFICATE_EFI_PKCS) + 32 + mHash[Index].OidLength) { + return EFI_UNSUPPORTED; + } + if (CompareMem (PkcsCertData->CertData + 32, mHash[Index].OidValue, mHash[Index].OidLength) == 0) { break; } @@ -706,60 +782,6 @@ AddImageExeInfo ( } } -/** - Discover if the UEFI image is authorized by user's policy setting. - - @param[in] Policy Specify platform's policy setting. - - @retval EFI_ACCESS_DENIED Image is not allowed to run. - @retval EFI_SECURITY_VIOLATION Image is deferred. - @retval EFI_SUCCESS Image is authorized to run. - -**/ -EFI_STATUS -ImageAuthorization ( - IN UINT32 Policy - ) -{ - EFI_STATUS Status; - EFI_INPUT_KEY Key; - - Status = EFI_ACCESS_DENIED; - - switch (Policy) { - - case QUERY_USER_ON_SECURITY_VIOLATION: - do { - CreatePopUp (EFI_LIGHTGRAY | EFI_BACKGROUND_BLUE, &Key, mNotifyString1, mNotifyString2, NULL); - if (Key.UnicodeChar == L'Y' || Key.UnicodeChar == L'y') { - Status = EFI_SUCCESS; - break; - } else if (Key.UnicodeChar == L'N' || Key.UnicodeChar == L'n') { - Status = EFI_ACCESS_DENIED; - break; - } else if (Key.UnicodeChar == L'D' || Key.UnicodeChar == L'd') { - Status = EFI_SECURITY_VIOLATION; - break; - } - } while (TRUE); - break; - - case ALLOW_EXECUTE_ON_SECURITY_VIOLATION: - Status = EFI_SUCCESS; - break; - - case DEFER_EXECUTE_ON_SECURITY_VIOLATION: - Status = EFI_SECURITY_VIOLATION; - break; - - case DENY_EXECUTE_ON_SECURITY_VIOLATION: - Status = EFI_ACCESS_DENIED; - break; - } - - return Status; -} - /** Check whether signature is in specified database. @@ -908,14 +930,14 @@ IsPkcsSignedDataVerifiedBySignatureList ( // Iterate each Signature Data Node within this CertList for verify. // RootCert = Cert->SignatureData; - RootCertSize = CertList->SignatureSize; + RootCertSize = CertList->SignatureSize - sizeof (EFI_GUID); // // Call AuthenticodeVerify library to Verify Authenticode struct. // VerifyStatus = AuthenticodeVerify ( PkcsCertData->CertData, - mSecDataDir->Size - sizeof(PkcsCertData->Hdr), + PkcsCertData->Hdr.dwLength - sizeof(PkcsCertData->Hdr), RootCert, RootCertSize, mImageDigest, @@ -964,14 +986,7 @@ VerifyCertPkcsSignedData ( } // - // 2: Find certificate from KEK database and try to verify authenticode struct. - // - if (IsPkcsSignedDataVerifiedBySignatureList (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid)) { - return EFI_SUCCESS; - } - - // - // 3: Find certificate from DB database and try to verify authenticode struct. + // 2: Find certificate from DB database and try to verify authenticode struct. // if (IsPkcsSignedDataVerifiedBySignatureList (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid)) { return EFI_SUCCESS; @@ -980,139 +995,6 @@ VerifyCertPkcsSignedData ( } } -/** - Verify certificate in WIN_CERTIFICATE_UEFI_GUID format. - - @retval EFI_SUCCESS Image pass verification. - @retval EFI_SECURITY_VIOLATION Image fail verification. - @retval other error value - -**/ -EFI_STATUS -VerifyCertUefiGuid ( - VOID - ) -{ - BOOLEAN Status; - WIN_CERTIFICATE_UEFI_GUID *EfiCert; - EFI_SIGNATURE_LIST *KekList; - EFI_SIGNATURE_DATA *KekItem; - EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlock; - VOID *Rsa; - UINTN KekCount; - UINTN Index; - UINTN KekDataSize; - BOOLEAN IsFound; - EFI_STATUS Result; - - EfiCert = NULL; - KekList = NULL; - KekItem = NULL; - CertBlock = NULL; - Rsa = NULL; - Status = FALSE; - IsFound = FALSE; - KekDataSize = 0; - - EfiCert = (WIN_CERTIFICATE_UEFI_GUID *) (mImageBase + mSecDataDir->VirtualAddress); - CertBlock = (EFI_CERT_BLOCK_RSA_2048_SHA256 *) EfiCert->CertData; - if (!CompareGuid (&EfiCert->CertType, &gEfiCertTypeRsa2048Sha256Guid)) { - // - // Invalid Certificate Data Type. - // - return EFI_SECURITY_VIOLATION; - } - - // - // Get KEK database variable data size - // - Result = gRT->GetVariable (EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid, NULL, &KekDataSize, NULL); - if (Result != EFI_BUFFER_TOO_SMALL) { - return EFI_SECURITY_VIOLATION; - } - - // - // Get KEK database variable. - // - KekList = GetEfiGlobalVariable (EFI_KEY_EXCHANGE_KEY_NAME); - if (KekList == NULL) { - return EFI_SECURITY_VIOLATION; - } - - // - // Enumerate all Kek items in this list to verify the variable certificate data. - // If anyone is authenticated successfully, it means the variable is correct! - // - while ((KekDataSize > 0) && (KekDataSize >= KekList->SignatureListSize)) { - if (CompareGuid (&KekList->SignatureType, &gEfiCertRsa2048Guid)) { - KekItem = (EFI_SIGNATURE_DATA *) ((UINT8 *) KekList + sizeof (EFI_SIGNATURE_LIST) + KekList->SignatureHeaderSize); - KekCount = (KekList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - KekList->SignatureHeaderSize) / KekList->SignatureSize; - for (Index = 0; Index < KekCount; Index++) { - if (CompareMem (KekItem->SignatureData, CertBlock->PublicKey, EFI_CERT_TYPE_RSA2048_SIZE) == 0) { - IsFound = TRUE; - break; - } - KekItem = (EFI_SIGNATURE_DATA *) ((UINT8 *) KekItem + KekList->SignatureSize); - } - } - KekDataSize -= KekList->SignatureListSize; - KekList = (EFI_SIGNATURE_LIST *) ((UINT8 *) KekList + KekList->SignatureListSize); - } - - if (!IsFound) { - // - // Signed key is not a trust one. - // - goto Done; - } - - // - // Now, we found the corresponding security policy. - // Verify the data payload. - // - Rsa = RsaNew (); - if (Rsa == NULL) { - Status = FALSE; - goto Done; - } - - // - // Set RSA Key Components. - // NOTE: Only N and E are needed to be set as RSA public key for signature verification. - // - Status = RsaSetKey (Rsa, RsaKeyN, CertBlock->PublicKey, EFI_CERT_TYPE_RSA2048_SIZE); - if (!Status) { - goto Done; - } - Status = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE)); - if (!Status) { - goto Done; - } - // - // Verify the signature. - // - Status = RsaPkcs1Verify ( - Rsa, - mImageDigest, - mImageDigestSize, - CertBlock->Signature, - EFI_CERT_TYPE_RSA2048_SHA256_SIZE - ); - -Done: - if (KekList != NULL) { - FreePool (KekList); - } - if (Rsa != NULL ) { - RsaFree (Rsa); - } - if (Status) { - return EFI_SUCCESS; - } else { - return EFI_SECURITY_VIOLATION; - } -} - /** Provide verification service for signed images, which include both signature validation and platform policy control. For signature types, both UEFI WIN_CERTIFICATE_UEFI_GUID and @@ -1122,22 +1004,28 @@ Done: Executables from FV is bypass, so pass in AuthenticationStatus is ignored. The image verification process is: - Is the Image signed? - If yes, - Does the image verify against a certificate (root or intermediate) in the allowed db? - Run it - Image verification fail - Is the Image's Hash not in forbidden database and the Image's Hash in allowed db? - Run it - If no, - Is the Image's Hash in the forbidden database (DBX)? - if yes, - Error out - Is the Image's Hash in the allowed database (DB)? - If yes, - Run it - If no, - Error out + If the image is signed, + If the image's certificate verifies against a certificate (root or intermediate) in the allowed + database (DB) and not in the forbidden database (DBX), the certificate verification is passed. + If the image's hash digest is in DBX, + deny execution. + If not, + run it. + If the Image's certificate verification failed. + If the Image's Hash is in DB and not in DBX, + run it. + Otherwise, + deny execution. + Otherwise, the image is not signed, + Is the Image's Hash in DBX? + If yes, deny execution. + If not, is the Image's Hash in DB? + If yes, run it. + If not, deny execution. + + Caution: This function may receive untrusted input. + PE/COFF image is external input, so this function will validate its data structure + within this image buffer before use. @param[in] AuthenticationStatus This is the authentication status returned from the security @@ -1170,19 +1058,20 @@ DxeImageVerificationHandler ( IN UINTN FileSize ) { - EFI_STATUS Status; - UINT16 Magic; - EFI_IMAGE_DOS_HEADER *DosHdr; - EFI_STATUS VerifyStatus; - UINT8 *SetupMode; - EFI_SIGNATURE_LIST *SignatureList; - UINTN SignatureListSize; - EFI_SIGNATURE_DATA *Signature; - EFI_IMAGE_EXECUTION_ACTION Action; - WIN_CERTIFICATE *WinCertificate; - UINT32 Policy; - UINT8 *SecureBootEnable; - PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + EFI_STATUS Status; + UINT16 Magic; + EFI_IMAGE_DOS_HEADER *DosHdr; + EFI_STATUS VerifyStatus; + EFI_SIGNATURE_LIST *SignatureList; + UINTN SignatureListSize; + EFI_SIGNATURE_DATA *Signature; + EFI_IMAGE_EXECUTION_ACTION Action; + WIN_CERTIFICATE *WinCertificate; + UINT32 Policy; + UINT8 *SecureBoot; + PE_COFF_LOADER_IMAGE_CONTEXT ImageContext; + UINT32 NumberOfRvaAndSizes; + UINT32 CertSize; if (File == NULL) { return EFI_INVALID_PARAMETER; @@ -1227,52 +1116,36 @@ DxeImageVerificationHandler ( return EFI_ACCESS_DENIED; } - SecureBootEnable = GetVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid); + GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBoot, NULL); // - // Skip verification if SecureBootEnable variable doesn't exist. + // Skip verification if SecureBoot variable doesn't exist. // - if (SecureBootEnable == NULL) { + if (SecureBoot == NULL) { return EFI_SUCCESS; } // - // Skip verification if SecureBootEnable is disabled. - // - if (*SecureBootEnable == SECURE_BOOT_DISABLE) { - FreePool (SecureBootEnable); - return EFI_SUCCESS; - } - - SetupMode = GetEfiGlobalVariable (EFI_SETUP_MODE_NAME); - - // - // SetupMode doesn't exist means no AuthVar driver is dispatched, - // skip verification. + // Skip verification if SecureBoot is disabled. // - if (SetupMode == NULL) { + if (*SecureBoot == SECURE_BOOT_MODE_DISABLE) { + FreePool (SecureBoot); return EFI_SUCCESS; } + FreePool (SecureBoot); - // - // If platform is in SETUP MODE, skip verification. - // - if (*SetupMode == SETUP_MODE) { - FreePool (SetupMode); - return EFI_SUCCESS; - } // // Read the Dos header. // if (FileBuffer == NULL) { - FreePool (SetupMode); return EFI_INVALID_PARAMETER; } + mImageBase = (UINT8 *) FileBuffer; mImageSize = FileSize; ZeroMem (&ImageContext, sizeof (ImageContext)); ImageContext.Handle = (VOID *) FileBuffer; - ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) ImageRead; + ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) DxeImageVerificationLibImageRead; // // Get information about the image being loaded @@ -1285,7 +1158,9 @@ DxeImageVerificationHandler ( goto Done; } - DosHdr = (EFI_IMAGE_DOS_HEADER *) mImageBase; + Status = EFI_ACCESS_DENIED; + + DosHdr = (EFI_IMAGE_DOS_HEADER *) mImageBase; if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) { // // DOS image header is present, @@ -1303,37 +1178,43 @@ DxeImageVerificationHandler ( // // It is not a valid Pe/Coff file. // - return EFI_ACCESS_DENIED; + goto Done; } - Magic = mNtHeader.Pe32->OptionalHeader.Magic; - if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { + if (mNtHeader.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { // - // Use PE32 offset. - // - mSecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]; - } else if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) { - // - // Use PE32+ offset. + // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value + // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the + // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC + // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC // - mSecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]; + Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC; } else { // - // Invalid header magic number. + // Get the magic value from the PE/COFF Optional Header // - Status = EFI_INVALID_PARAMETER; - goto Done; + Magic = mNtHeader.Pe32->OptionalHeader.Magic; } - - if (mSecDataDir->VirtualAddress >= mImageSize) { + + if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) { // - // Sanity check to see if this file is corrupted. + // Use PE32 offset. // - Status = EFI_INVALID_PARAMETER; - goto Done; + NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes; + if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) { + mSecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]; + } + } else { + // + // Use PE32+ offset. + // + NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes; + if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) { + mSecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]; + } } - if (mSecDataDir->Size == 0) { + if ((mSecDataDir == NULL) || ((mSecDataDir != NULL) && (mSecDataDir->Size == 0))) { // // This image is not signed. // @@ -1345,8 +1226,6 @@ DxeImageVerificationHandler ( // // Image Hash is in forbidden database (DBX). // - Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED; - Status = EFI_ACCESS_DENIED; goto Done; } @@ -1360,8 +1239,6 @@ DxeImageVerificationHandler ( // // Image Hash is not found in both forbidden and allowed database. // - Action = EFI_IMAGE_EXECUTION_AUTH_UNTESTED; - Status = EFI_ACCESS_DENIED; goto Done; } @@ -1370,64 +1247,45 @@ DxeImageVerificationHandler ( // WinCertificate = (WIN_CERTIFICATE *) (mImageBase + mSecDataDir->VirtualAddress); - switch (WinCertificate->wCertificateType) { + CertSize = sizeof (WIN_CERTIFICATE); - case WIN_CERT_TYPE_EFI_GUID: - // - // Verify UEFI GUID type. - // - if (!HashPeImage (HASHALG_SHA256)) { - goto Done; - } - - VerifyStatus = VerifyCertUefiGuid (); - break; + if ((mSecDataDir->Size <= CertSize) || (mSecDataDir->Size < WinCertificate->dwLength)) { + goto Done; + } - case WIN_CERT_TYPE_PKCS_SIGNED_DATA: + if (WinCertificate->wCertificateType == WIN_CERT_TYPE_PKCS_SIGNED_DATA) { // // Verify Pkcs signed data type. // - Status = HashPeImageByType(); + Status = HashPeImageByType(); if (EFI_ERROR (Status)) { goto Done; } - + VerifyStatus = VerifyCertPkcsSignedData (); + } else { + goto Done; + } + if (!EFI_ERROR (VerifyStatus)) { // - // For image verification against enrolled certificate(root or intermediate), - // no need to check image's hash in the allowed database. + // Verification is passed. + // Continue to check the image digest in signature database. // - if (!EFI_ERROR (VerifyStatus)) { - if (!IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, mImageDigest, &mCertType, mImageDigestSize)) { - return EFI_SUCCESS; - } + if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, mImageDigest, &mCertType, mImageDigestSize)) { + // + // Executable signature verification passes, but is found in forbidden signature database. + // + Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND; + Status = EFI_ACCESS_DENIED; + } else { + // + // For image verification against enrolled X.509 certificate(root or intermediate), + // no need to check image's hash in the allowed database. + // + return EFI_SUCCESS; } - break; - - default: - Status = EFI_ACCESS_DENIED; - goto Done; - } - // - // Get image hash value as executable's signature. - // - SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize; - SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize); - if (SignatureList == NULL) { - Status = EFI_OUT_OF_RESOURCES; - goto Done; - } - SignatureList->SignatureHeaderSize = 0; - SignatureList->SignatureListSize = (UINT32) SignatureListSize; - SignatureList->SignatureSize = (UINT32) mImageDigestSize; - CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID)); - Signature = (EFI_SIGNATURE_DATA *) ((UINT8 *) SignatureList + sizeof (EFI_SIGNATURE_LIST)); - CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize); - // - // Signature database check after verification. - // - if (EFI_ERROR (VerifyStatus)) { + } else { // // Verification failure. // @@ -1442,24 +1300,24 @@ DxeImageVerificationHandler ( Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED; Status = EFI_ACCESS_DENIED; } - } else if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE1, Signature->SignatureData, &mCertType, mImageDigestSize)) { - // - // Executable signature verification passes, but is found in forbidden signature database. - // - Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND; - Status = EFI_ACCESS_DENIED; - } else if (IsSignatureFoundInDatabase (EFI_IMAGE_SECURITY_DATABASE, Signature->SignatureData, &mCertType, mImageDigestSize)) { - // - // Executable signature is found in authorized signature database. - // - Status = EFI_SUCCESS; - } else { + } + + if (EFI_ERROR (Status)) { // - // Executable signature verification passes, but cannot be found in authorized signature database. - // Get platform policy to determine the action. + // Get image hash value as executable's signature. // - Action = EFI_IMAGE_EXECUTION_AUTH_SIG_PASSED; - Status = ImageAuthorization (Policy); + SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize; + SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize); + if (SignatureList == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Done; + } + SignatureList->SignatureHeaderSize = 0; + SignatureList->SignatureListSize = (UINT32) SignatureListSize; + SignatureList->SignatureSize = (UINT32) mImageDigestSize; + CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID)); + Signature = (EFI_SIGNATURE_DATA *) ((UINT8 *) SignatureList + sizeof (EFI_SIGNATURE_LIST)); + CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize); } Done: @@ -1474,8 +1332,6 @@ Done: FreePool (SignatureList); } - FreePool (SetupMode); - return Status; } @@ -1508,7 +1364,7 @@ VariableWriteCallBack ( // If this library is built-in, it means firmware has capability to perform // driver signing verification. // - SecureBootModePtr = GetEfiGlobalVariable (EFI_SECURE_BOOT_MODE_NAME); + GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBootModePtr, NULL); if (SecureBootModePtr == NULL) { SecureBootMode = SECURE_BOOT_MODE_DISABLE; //