+/** @file\r
+ Security2 Architectural Protocol as defined in PI Specification1.2.1 VOLUME 2 DXE\r
+\r
+ Abstracts security-specific functions from the DXE Foundation of UEFI Image Verification,\r
+ Trusted Computing Group (TCG) measured boot, and User Identity policy for image loading and\r
+ consoles. This protocol must be produced by a boot service or runtime DXE driver.\r
+ \r
+ This protocol is optional and must be published prior to the EFI_SECURITY_ARCH_PROTOCOL.\r
+ As a result, the same driver must publish both of these interfaces.\r
+ \r
+ When both Security and Security2 Architectural Protocols are published, LoadImage must use\r
+ them in accordance with the following rules:\r
+ The Security2 protocol must be used on every image being loaded.\r
+ The Security protocol must be used after the Securiy2 protocol and only on images that \r
+ have been read using Firmware Volume protocol.\r
+\r
+ When only Security architectural protocol is published, LoadImage must use it on every image\r
+ being loaded.\r
+\r
+ Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>\r
+ This program and the accompanying materials \r
+ are licensed and made available under the terms and conditions of the BSD License \r
+ which accompanies this distribution. The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php \r
+\r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+\r
+**/\r
+\r
+#ifndef __ARCH_PROTOCOL_SECURITY2_H__\r
+#define __ARCH_PROTOCOL_SECURITY2_H__\r
+\r
+///\r
+/// Global ID for the Security2 Code Architectural Protocol\r
+///\r
+#define EFI_SECURITY2_ARCH_PROTOCOL_GUID \\r
+ { 0x94ab2f58, 0x1438, 0x4ef1, {0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }\r
+ \r
+typedef struct _EFI_SECURITY2_ARCH_PROTOCOL EFI_SECURITY2_ARCH_PROTOCOL;\r
+\r
+/**\r
+ The DXE Foundation uses this service to measure and/or verify a UEFI image.\r
+\r
+ This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI\r
+ Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation\r
+ invokes the FileAuthentication() with a DevicePath and corresponding image in\r
+ FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the\r
+ appropriate PCR. The image verification logic will confirm the integrity and provenance of the\r
+ image in FileBuffer of length FileSize . The origin of the image will be DevicePath in\r
+ these cases.\r
+ If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected\r
+ in order to support the User Identification policy.\r
+ \r
+ @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.\r
+ @param File A pointer to the device path of the file that is\r
+ being dispatched. This will optionally be used for logging.\r
+ @param FileBuffer A pointer to the buffer with the UEFI file image.\r
+ @param FileSize The size of the file.\r
+ @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If\r
+ FileAuthentication() is invoked not from the LoadImage(),\r
+ BootPolicy must be set to FALSE.\r
+ \r
+ @retval EFI_SUCCESS The file specified by DevicePath and non-NULL\r
+ FileBuffer did authenticate, and the platform policy dictates\r
+ that the DXE Foundation may use the file.\r
+ @retval EFI_SUCCESS The device path specified by NULL device path DevicePath\r
+ and non-NULL FileBuffer did authenticate, and the platform\r
+ policy dictates that the DXE Foundation may execute the image in\r
+ FileBuffer.\r
+ @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start\r
+ UEFI device drivers on the device path specified by DevicePath.\r
+ @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not\r
+ authenticate, and the platform policy dictates that the file should be\r
+ placed in the untrusted state. The image has been added to the file\r
+ execution table.\r
+ @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not\r
+ authenticate, and the platform policy dictates that the DXE\r
+ Foundation may not use File.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no\r
+ permission to start UEFI device drivers on the device path specified\r
+ by DevicePath.\r
+ @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load\r
+ drivers from the device path specified by DevicePath. The\r
+ image has been added into the list of the deferred images.\r
+**/\r
+typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) ( \r
+ IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,\r
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,\r
+ IN VOID *FileBuffer,\r
+ IN UINTN FileSize,\r
+ IN BOOLEAN BootPolicy\r
+);\r
+\r
+///\r
+/// The EFI_SECURITY2_ARCH_PROTOCOL is used to abstract platform-specific policy from the\r
+/// DXE Foundation. This includes measuring the PE/COFF image prior to invoking, comparing the\r
+/// image against a policy (whether a white-list/black-list of public image verification keys\r
+/// or registered hashes).\r
+///\r
+struct _EFI_SECURITY2_ARCH_PROTOCOL {\r
+ EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;\r
+};\r
+\r
+extern EFI_GUID gEfiSecurity2ArchProtocolGuid;\r
+\r
+#endif\r
projects / mirror_edk2.git / commitdiff