diff options
| author | Guo Mang <mang.guo@intel.com> | 2017-04-27 11:05:07 +0800 |
|---|---|---|
| committer | Guo Mang <mang.guo@intel.com> | 2017-04-27 11:05:07 +0800 |
| commit | c23f114d3cfbb29b8734b87213d1ec0de404197b (patch) | |
| tree | 4f3612573be055139a88213559212a40b7862fee /Core/MdeModulePkg/Universal/SecurityStubDxe | |
| parent | 001e57a103fce87245bfb7ae9c32ffb499a64135 (diff) | |
| download | edk2-platforms-c23f114d3cfbb29b8734b87213d1ec0de404197b.tar.xz | |
MdeModulePkg: Move to new location
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Guo Mang <mang.guo@intel.com>
Diffstat (limited to 'Core/MdeModulePkg/Universal/SecurityStubDxe')
6 files changed, 827 insertions, 0 deletions
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c b/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c new file mode 100644 index 0000000000..7135a9d87c --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.c @@ -0,0 +1,414 @@ +/** @file
+ Implement defer image load services for user identification in UEFI2.2.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+#include "Defer3rdPartyImageLoad.h"
+
+//
+// The structure to save the deferred 3rd party image information.
+//
+typedef struct {
+ EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath;
+ BOOLEAN BootOption;
+ BOOLEAN Loaded;
+} DEFERRED_3RD_PARTY_IMAGE_INFO;
+
+//
+// The table to save the deferred 3rd party image item.
+//
+typedef struct {
+ UINTN Count; ///< deferred 3rd party image count
+ DEFERRED_3RD_PARTY_IMAGE_INFO *ImageInfo; ///< deferred 3rd party image item
+} DEFERRED_3RD_PARTY_IMAGE_TABLE;
+
+BOOLEAN mImageLoadedAfterEndOfDxe = FALSE;
+BOOLEAN mEndOfDxe = FALSE;
+DEFERRED_3RD_PARTY_IMAGE_TABLE mDeferred3rdPartyImage = {
+ 0, // Deferred image count
+ NULL // The deferred image info
+};
+
+EFI_DEFERRED_IMAGE_LOAD_PROTOCOL mDeferredImageLoad = {
+ GetDefferedImageInfo
+};
+
+/**
+ Return whether the file comes from FV.
+
+ @param[in] File This is a pointer to the device path of the file
+ that is being dispatched.
+
+ @retval TRUE File comes from FV.
+ @retval FALSE File doesn't come from FV.
+**/
+BOOLEAN
+FileFromFv (
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File
+ )
+{
+ EFI_STATUS Status;
+ EFI_HANDLE DeviceHandle;
+ EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
+
+ //
+ // First check to see if File is from a Firmware Volume
+ //
+ DeviceHandle = NULL;
+ TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) File;
+ Status = gBS->LocateDevicePath (
+ &gEfiFirmwareVolume2ProtocolGuid,
+ &TempDevicePath,
+ &DeviceHandle
+ );
+ if (!EFI_ERROR (Status)) {
+ Status = gBS->OpenProtocol (
+ DeviceHandle,
+ &gEfiFirmwareVolume2ProtocolGuid,
+ NULL,
+ NULL,
+ NULL,
+ EFI_OPEN_PROTOCOL_TEST_PROTOCOL
+ );
+ if (!EFI_ERROR (Status)) {
+ return TRUE;
+ }
+ }
+
+ return FALSE;
+}
+
+/**
+ Find the deferred image which matches the device path.
+
+ @param[in] ImageDevicePath A pointer to the device path of a image.
+ @param[in] BootOption Whether the image is a boot option.
+
+ @return Pointer to the found deferred image or NULL if not found.
+**/
+DEFERRED_3RD_PARTY_IMAGE_INFO *
+LookupImage (
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath,
+ IN BOOLEAN BootOption
+ )
+{
+ UINTN Index;
+ UINTN DevicePathSize;
+
+ DevicePathSize = GetDevicePathSize (ImageDevicePath);
+
+ for (Index = 0; Index < mDeferred3rdPartyImage.Count; Index++) {
+ if (CompareMem (ImageDevicePath, mDeferred3rdPartyImage.ImageInfo[Index].ImageDevicePath, DevicePathSize) == 0) {
+ ASSERT (mDeferred3rdPartyImage.ImageInfo[Index].BootOption == BootOption);
+ return &mDeferred3rdPartyImage.ImageInfo[Index];
+ }
+ }
+
+ return NULL;
+}
+
+/**
+ Add the image info to a deferred image list.
+
+ @param[in] ImageDevicePath A pointer to the device path of a image.
+ @param[in] BootOption Whether the image is a boot option.
+
+**/
+VOID
+QueueImage (
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *ImageDevicePath,
+ IN BOOLEAN BootOption
+ )
+{
+ DEFERRED_3RD_PARTY_IMAGE_INFO *ImageInfo;
+
+ //
+ // Expand memory for the new deferred image.
+ //
+ ImageInfo = ReallocatePool (
+ mDeferred3rdPartyImage.Count * sizeof (DEFERRED_3RD_PARTY_IMAGE_INFO),
+ (mDeferred3rdPartyImage.Count + 1) * sizeof (DEFERRED_3RD_PARTY_IMAGE_INFO),
+ mDeferred3rdPartyImage.ImageInfo
+ );
+ if (ImageInfo == NULL) {
+ return;
+ }
+ mDeferred3rdPartyImage.ImageInfo = ImageInfo;
+
+ //
+ // Save the deferred image information.
+ //
+ ImageInfo = &mDeferred3rdPartyImage.ImageInfo[mDeferred3rdPartyImage.Count];
+ ImageInfo->ImageDevicePath = DuplicateDevicePath (ImageDevicePath);
+ if (ImageInfo->ImageDevicePath == NULL) {
+ return;
+ }
+ ImageInfo->BootOption = BootOption;
+ ImageInfo->Loaded = FALSE;
+ mDeferred3rdPartyImage.Count++;
+}
+
+
+/**
+ Returns information about a deferred image.
+
+ This function returns information about a single deferred image. The deferred images are
+ numbered consecutively, starting with 0. If there is no image which corresponds to
+ ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+ iteratively calling this function until EFI_NOT_FOUND is returned.
+ Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+ because of the location of the executable image, rather than its actual contents.
+
+ @param[in] This Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
+ @param[in] ImageIndex Zero-based index of the deferred index.
+ @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
+ The device path should not be freed by the caller.
+ @param[out] Image On return, points to the first byte of the image or NULL if the
+ image is not available. The image should not be freed by the caller
+ unless LoadImage() has been successfully called.
+ @param[out] ImageSize On return, the size of the image, or 0 if the image is not available.
+ @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
+ or FALSE if it was not intended as a boot option.
+
+ @retval EFI_SUCCESS Image information returned successfully.
+ @retval EFI_NOT_FOUND ImageIndex does not refer to a valid image.
+ @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+ BootOption is NULL.
+
+**/
+EFI_STATUS
+EFIAPI
+GetDefferedImageInfo (
+ IN EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *This,
+ IN UINTN ImageIndex,
+ OUT EFI_DEVICE_PATH_PROTOCOL **ImageDevicePath,
+ OUT VOID **Image,
+ OUT UINTN *ImageSize,
+ OUT BOOLEAN *BootOption
+ )
+{
+ UINTN Index;
+ UINTN NewCount;
+
+ if ((This == NULL) || (ImageSize == NULL) || (Image == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ if ((ImageDevicePath == NULL) || (BootOption == NULL)) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Remove the loaded images from the defer list in the first call.
+ //
+ if (ImageIndex == 0) {
+ NewCount = 0;
+ for (Index = 0; Index < mDeferred3rdPartyImage.Count; Index++) {
+ if (!mDeferred3rdPartyImage.ImageInfo[Index].Loaded) {
+ CopyMem (
+ &mDeferred3rdPartyImage.ImageInfo[NewCount],
+ &mDeferred3rdPartyImage.ImageInfo[Index],
+ sizeof (DEFERRED_3RD_PARTY_IMAGE_INFO)
+ );
+ NewCount++;
+ }
+ }
+
+ mDeferred3rdPartyImage.Count = NewCount;
+ }
+
+ if (ImageIndex >= mDeferred3rdPartyImage.Count) {
+ return EFI_NOT_FOUND;
+ }
+
+ //
+ // Get the request deferred image.
+ //
+ *ImageDevicePath = mDeferred3rdPartyImage.ImageInfo[ImageIndex].ImageDevicePath;
+ *BootOption = mDeferred3rdPartyImage.ImageInfo[ImageIndex].BootOption;
+ *Image = NULL;
+ *ImageSize = 0;
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Callback function executed when the EndOfDxe event group is signaled.
+
+ @param[in] Event Event whose notification function is being invoked.
+ @param[in] Context The pointer to the notification function's context, which
+ is implementation-dependent.
+**/
+VOID
+EFIAPI
+EndOfDxe (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ mEndOfDxe = TRUE;
+}
+
+/**
+ Event notification for gEfiDxeSmmReadyToLockProtocolGuid event.
+
+ This function reports failure if any deferred image is loaded before
+ this callback.
+ Platform should publish ReadyToLock protocol immediately after signaling
+ of the End of DXE Event.
+
+ @param Event The Event that is being processed, not used.
+ @param Context Event Context, not used.
+
+**/
+VOID
+EFIAPI
+DxeSmmReadyToLock (
+ IN EFI_EVENT Event,
+ IN VOID *Context
+ )
+{
+ EFI_STATUS Status;
+ VOID *Interface;
+
+ Status = gBS->LocateProtocol (&gEfiDxeSmmReadyToLockProtocolGuid, NULL, &Interface);
+ if (EFI_ERROR (Status)) {
+ return;
+ }
+
+ gBS->CloseEvent (Event);
+
+ if (mImageLoadedAfterEndOfDxe) {
+ //
+ // Platform should not dispatch the 3rd party images after signaling EndOfDxe event
+ // but before publishing DxeSmmReadyToLock protocol.
+ //
+ DEBUG ((
+ DEBUG_ERROR,
+ "[Security] 3rd party images must be dispatched after DxeSmmReadyToLock Protocol installation!\n"
+ ));
+ REPORT_STATUS_CODE (
+ EFI_ERROR_CODE | EFI_ERROR_UNRECOVERED,
+ (EFI_SOFTWARE_DXE_BS_DRIVER | EFI_SW_EC_ILLEGAL_SOFTWARE_STATE)
+ );
+ ASSERT (FALSE);
+ CpuDeadLoop ();
+ }
+}
+
+/**
+ Defer the 3rd party image load and installs Deferred Image Load Protocol.
+
+ @param[in] File This is a pointer to the device path of the file that
+ is being dispatched. This will optionally be used for
+ logging.
+ @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service.
+
+ @retval EFI_SUCCESS The file is not 3rd party image and can be loaded immediately.
+ @retval EFI_ACCESS_DENIED The file is 3rd party image and needs deferred.
+**/
+EFI_STATUS
+Defer3rdPartyImageLoad (
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
+ IN BOOLEAN BootPolicy
+ )
+{
+ DEFERRED_3RD_PARTY_IMAGE_INFO *ImageInfo;
+
+ //
+ // Ignore if File is NULL.
+ //
+ if (File == NULL) {
+ return EFI_SUCCESS;
+ }
+
+ if (FileFromFv (File)) {
+ return EFI_SUCCESS;
+ }
+
+ ImageInfo = LookupImage (File, BootPolicy);
+
+ DEBUG_CODE (
+ CHAR16 *DevicePathStr;
+ DevicePathStr = ConvertDevicePathToText (File, FALSE, FALSE);
+ DEBUG ((
+ DEBUG_INFO,
+ "[Security] 3rd party image[%p] %s EndOfDxe: %s.\n", ImageInfo,
+ mEndOfDxe ? L"can be loaded after": L"is deferred to load before",
+ DevicePathStr
+ ));
+ if (DevicePathStr != NULL) {
+ FreePool (DevicePathStr);
+ }
+ );
+
+ if (mEndOfDxe) {
+ mImageLoadedAfterEndOfDxe = TRUE;
+ //
+ // The image might be first time loaded after EndOfDxe,
+ // So ImageInfo can be NULL.
+ //
+ if (ImageInfo != NULL) {
+ ImageInfo->Loaded = TRUE;
+ }
+ return EFI_SUCCESS;
+ } else {
+ //
+ // The image might be second time loaded before EndOfDxe,
+ // So ImageInfo can be non-NULL.
+ //
+ if (ImageInfo == NULL) {
+ QueueImage (File, BootPolicy);
+ }
+ return EFI_ACCESS_DENIED;
+ }
+}
+
+/**
+ Installs DeferredImageLoad Protocol and listens EndOfDxe event.
+**/
+VOID
+Defer3rdPartyImageLoadInitialize (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ EFI_HANDLE Handle;
+ EFI_EVENT Event;
+ VOID *Registration;
+
+ Handle = NULL;
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &Handle,
+ &gEfiDeferredImageLoadProtocolGuid,
+ &mDeferredImageLoad,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ Status = gBS->CreateEventEx (
+ EVT_NOTIFY_SIGNAL,
+ TPL_CALLBACK,
+ EndOfDxe,
+ NULL,
+ &gEfiEndOfDxeEventGroupGuid,
+ &Event
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ EfiCreateProtocolNotifyEvent (
+ &gEfiDxeSmmReadyToLockProtocolGuid,
+ TPL_CALLBACK,
+ DxeSmmReadyToLock,
+ NULL,
+ &Registration
+ );
+}
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.h b/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.h new file mode 100644 index 0000000000..75553bad3b --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/Defer3rdPartyImageLoad.h @@ -0,0 +1,95 @@ +/** @file
+ Implement defer image load services for user identification in UEFI2.2.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _DEFER_3RD_PARTY_IMAGE_LOAD_H_
+#define _DEFER_3RD_PARTY_IMAGE_LOAD_H_
+
+#include <PiDxe.h>
+#include <Guid/EventGroup.h>
+#include <Protocol/DeferredImageLoad.h>
+#include <Protocol/FirmwareVolume2.h>
+#include <Protocol/DxeSmmReadyToLock.h>
+
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/DevicePathLib.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiLib.h>
+#include <Library/ReportStatusCodeLib.h>
+
+/**
+ Returns information about a deferred image.
+
+ This function returns information about a single deferred image. The deferred images are
+ numbered consecutively, starting with 0. If there is no image which corresponds to
+ ImageIndex, then EFI_NOT_FOUND is returned. All deferred images may be returned by
+ iteratively calling this function until EFI_NOT_FOUND is returned.
+ Image may be NULL and ImageSize set to 0 if the decision to defer execution was made
+ because of the location of the executable image, rather than its actual contents.
+
+ @param[in] This Points to this instance of the EFI_DEFERRED_IMAGE_LOAD_PROTOCOL.
+ @param[in] ImageIndex Zero-based index of the deferred index.
+ @param[out] ImageDevicePath On return, points to a pointer to the device path of the image.
+ The device path should not be freed by the caller.
+ @param[out] Image On return, points to the first byte of the image or NULL if the
+ image is not available. The image should not be freed by the caller
+ unless LoadImage() has been successfully called.
+ @param[out] ImageSize On return, the size of the image, or 0 if the image is not available.
+ @param[out] BootOption On return, points to TRUE if the image was intended as a boot option
+ or FALSE if it was not intended as a boot option.
+
+ @retval EFI_SUCCESS Image information returned successfully.
+ @retval EFI_NOT_FOUND ImageIndex does not refer to a valid image.
+ @retval EFI_INVALID_PARAMETER ImageDevicePath is NULL or Image is NULL or ImageSize is NULL or
+ BootOption is NULL.
+
+**/
+EFI_STATUS
+EFIAPI
+GetDefferedImageInfo (
+ IN EFI_DEFERRED_IMAGE_LOAD_PROTOCOL *This,
+ IN UINTN ImageIndex,
+ OUT EFI_DEVICE_PATH_PROTOCOL **ImageDevicePath,
+ OUT VOID **Image,
+ OUT UINTN *ImageSize,
+ OUT BOOLEAN *BootOption
+ );
+
+/**
+ Defer the 3rd party image load and installs Deferred Image Load Protocol.
+
+ @param[in] File This is a pointer to the device path of the file that
+ is being dispatched. This will optionally be used for
+ logging.
+ @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service.
+
+ @retval EFI_SUCCESS The file is not 3rd party image and can be loaded immediately.
+ @retval EFI_ACCESS_DENIED The file is 3rd party image and needs deferred.
+**/
+EFI_STATUS
+Defer3rdPartyImageLoad (
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
+ IN BOOLEAN BootPolicy
+ );
+
+/**
+ Installs DeferredImageLoad Protocol and listens EndOfDxe event.
+**/
+VOID
+Defer3rdPartyImageLoadInitialize (
+ VOID
+ );
+
+#endif
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStub.c b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStub.c new file mode 100644 index 0000000000..a75d8dc223 --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStub.c @@ -0,0 +1,216 @@ +/** @file
+ This driver produces Security2 and Security architectural protocol based on SecurityManagementLib.
+
+ Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+
+#include <Uefi.h>
+#include <Protocol/Security.h>
+#include <Protocol/Security2.h>
+#include <Library/DebugLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Library/UefiDriverEntryPoint.h>
+#include <Library/SecurityManagementLib.h>
+#include "Defer3rdPartyImageLoad.h"
+
+//
+// Handle for the Security Architectural Protocol instance produced by this driver
+//
+EFI_HANDLE mSecurityArchProtocolHandle = NULL;
+
+/**
+ The EFI_SECURITY_ARCH_PROTOCOL (SAP) is used to abstract platform-specific
+ policy from the DXE core response to an attempt to use a file that returns a
+ given status for the authentication check from the section extraction protocol.
+
+ The possible responses in a given SAP implementation may include locking
+ flash upon failure to authenticate, attestation logging for all signed drivers,
+ and other exception operations. The File parameter allows for possible logging
+ within the SAP of the driver.
+
+ If File is NULL, then EFI_INVALID_PARAMETER is returned.
+
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
+
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+ then EFI_ACCESS_DENIED is returned.
+
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use right now, but it
+ might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+ returned.
+
+ @param This The EFI_SECURITY_ARCH_PROTOCOL instance.
+ @param AuthenticationStatus
+ This is the authentication type returned from the Section
+ Extraction protocol. See the Section Extraction Protocol
+ Specification for details on this type.
+ @param File This is a pointer to the device path of the file that is
+ being dispatched. This will optionally be used for logging.
+
+ @retval EFI_SUCCESS Do nothing and return success.
+ @retval EFI_INVALID_PARAMETER File is NULL.
+**/
+EFI_STATUS
+EFIAPI
+SecurityStubAuthenticateState (
+ IN CONST EFI_SECURITY_ARCH_PROTOCOL *This,
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File
+ )
+{
+ EFI_STATUS Status;
+
+ Status = ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_AUTHENTICATION_STATE,
+ AuthenticationStatus,
+ File,
+ NULL,
+ 0,
+ FALSE
+ );
+ if (Status == EFI_SUCCESS) {
+ Status = ExecuteSecurityHandlers (AuthenticationStatus, File);
+ }
+
+ return Status;
+}
+
+/**
+ The DXE Foundation uses this service to measure and/or verify a UEFI image.
+
+ This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI
+ Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation
+ invokes the FileAuthentication() with a DevicePath and corresponding image in
+ FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the
+ appropriate PCR. The image verification logic will confirm the integrity and provenance of the
+ image in FileBuffer of length FileSize . The origin of the image will be DevicePath in
+ these cases.
+ If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected
+ in order to support the User Identification policy.
+
+ @param This The EFI_SECURITY2_ARCH_PROTOCOL instance.
+ @param File A pointer to the device path of the file that is
+ being dispatched. This will optionally be used for logging.
+ @param FileBuffer A pointer to the buffer with the UEFI file image.
+ @param FileSize The size of the file.
+ @param BootPolicy A boot policy that was used to call LoadImage() UEFI service. If
+ FileAuthentication() is invoked not from the LoadImage(),
+ BootPolicy must be set to FALSE.
+
+ @retval EFI_SUCCESS The file specified by DevicePath and non-NULL
+ FileBuffer did authenticate, and the platform policy dictates
+ that the DXE Foundation may use the file.
+ @retval EFI_SUCCESS The device path specified by NULL device path DevicePath
+ and non-NULL FileBuffer did authenticate, and the platform
+ policy dictates that the DXE Foundation may execute the image in
+ FileBuffer.
+ @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start
+ UEFI device drivers on the device path specified by DevicePath.
+ @retval EFI_SECURITY_VIOLATION The file specified by DevicePath and FileBuffer did not
+ authenticate, and the platform policy dictates that the file should be
+ placed in the untrusted state. The image has been added to the file
+ execution table.
+ @retval EFI_ACCESS_DENIED The file specified by File and FileBuffer did not
+ authenticate, and the platform policy dictates that the DXE
+ Foundation many not use File.
+ @retval EFI_SECURITY_VIOLATION FileBuffer is NULL and the user has no
+ permission to start UEFI device drivers on the device path specified
+ by DevicePath.
+ @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load
+ drivers from the device path specified by DevicePath. The
+ image has been added into the list of the deferred images.
+**/
+EFI_STATUS
+EFIAPI
+Security2StubAuthenticate (
+ IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
+ IN VOID *FileBuffer,
+ IN UINTN FileSize,
+ IN BOOLEAN BootPolicy
+ )
+{
+ EFI_STATUS Status;
+
+ if (FileBuffer != NULL) {
+ Status = Defer3rdPartyImageLoad (File, BootPolicy);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ }
+
+ return ExecuteSecurity2Handlers (EFI_AUTH_OPERATION_VERIFY_IMAGE |
+ EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD |
+ EFI_AUTH_OPERATION_MEASURE_IMAGE |
+ EFI_AUTH_OPERATION_CONNECT_POLICY,
+ 0,
+ File,
+ FileBuffer,
+ FileSize,
+ BootPolicy
+ );
+}
+
+//
+// Security2 and Security Architectural Protocol instance produced by this driver
+//
+EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = {
+ SecurityStubAuthenticateState
+};
+
+EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = {
+ Security2StubAuthenticate
+};
+
+/**
+ Installs Security2 and Security Architectural Protocol.
+
+ @param ImageHandle The image handle of this driver.
+ @param SystemTable A pointer to the EFI System Table.
+
+ @retval EFI_SUCCESS Install the sample Security Architectural Protocol successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+SecurityStubInitialize (
+ IN EFI_HANDLE ImageHandle,
+ IN EFI_SYSTEM_TABLE *SystemTable
+ )
+{
+ EFI_STATUS Status;
+
+ //
+ // Make sure the Security Architectural Protocol is not already installed in the system
+ //
+ ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurity2ArchProtocolGuid);
+ ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurityArchProtocolGuid);
+
+ //
+ // Install the Security Architectural Protocol onto a new handle
+ //
+ Status = gBS->InstallMultipleProtocolInterfaces (
+ &mSecurityArchProtocolHandle,
+ &gEfiSecurity2ArchProtocolGuid,
+ &mSecurity2Stub,
+ &gEfiSecurityArchProtocolGuid,
+ &mSecurityStub,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+
+ Defer3rdPartyImageLoadInitialize ();
+
+ return EFI_SUCCESS;
+}
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf new file mode 100644 index 0000000000..7f8f6cbb62 --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf @@ -0,0 +1,60 @@ +## @file
+# This driver produces security2 and security architectural protocol based on SecurityManagementLib.
+#
+# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
+# This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+#
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = SecurityStubDxe
+ MODULE_UNI_FILE = SecurityStubDxe.uni
+ FILE_GUID = F80697E9-7FD6-4665-8646-88E33EF71DFC
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ ENTRY_POINT = SecurityStubInitialize
+
+
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ SecurityStub.c
+ Defer3rdPartyImageLoad.c
+ Defer3rdPartyImageLoad.h
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+ UefiDriverEntryPoint
+ UefiBootServicesTableLib
+ DebugLib
+ SecurityManagementLib
+ ReportStatusCodeLib
+ UefiLib
+
+[Guids]
+ gEfiEndOfDxeEventGroupGuid ## CONSUMES ## Event
+
+[Protocols]
+ gEfiSecurityArchProtocolGuid ## PRODUCES
+ gEfiSecurity2ArchProtocolGuid ## PRODUCES
+ gEfiDeferredImageLoadProtocolGuid ## PRODUCES
+ gEfiDxeSmmReadyToLockProtocolGuid ## CONSUMES
+
+[Depex]
+ TRUE
+
+[UserExtensions.TianoCore."ExtraFiles"]
+ SecurityStubDxeExtra.uni
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.uni b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.uni new file mode 100644 index 0000000000..2050dd6b34 --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.uni @@ -0,0 +1,22 @@ +// /** @file
+// This driver produces security2 and security architectural protocol based on SecurityManagementLib.
+//
+// This driver produces security2 and security architectural protocol based on SecurityManagementLib.
+//
+// Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT #language en-US "Produces security2 and security architectural protocol based on SecurityManagementLib"
+
+#string STR_MODULE_DESCRIPTION #language en-US "This driver produces security2 and security architectural protocol based on SecurityManagementLib."
+
diff --git a/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxeExtra.uni b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxeExtra.uni new file mode 100644 index 0000000000..dfc807b29b --- /dev/null +++ b/Core/MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxeExtra.uni @@ -0,0 +1,20 @@ +// /** @file
+// SecurityStubDxe Localized Strings and Content
+//
+// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+//
+// This program and the accompanying materials
+// are licensed and made available under the terms and conditions of the BSD License
+// which accompanies this distribution. The full text of the license may be found at
+// http://opensource.org/licenses/bsd-license.php
+//
+// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+//
+// **/
+
+#string STR_PROPERTIES_MODULE_NAME
+#language en-US
+"Security Stub DXE Driver"
+
+
|