summaryrefslogtreecommitdiff
path: root/MdeModulePkg/Library/DxeSecurityManagementLib
diff options
context:
space:
mode:
authorlgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>2009-11-26 01:31:48 +0000
committerlgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>2009-11-26 01:31:48 +0000
commitcd98f3050246e64f149d9a13032bc1608421811e (patch)
tree69226aa245cbd429fd94559ce6862b0d22d38301 /MdeModulePkg/Library/DxeSecurityManagementLib
parent7748df3da985214b8c6e39ea983018c212198d54 (diff)
downloadedk2-platforms-cd98f3050246e64f149d9a13032bc1608421811e.tar.xz
Add new SecurityManagementLib, and update SecurityStub driver to use this lib.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@9488 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg/Library/DxeSecurityManagementLib')
-rw-r--r--MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c251
-rw-r--r--MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf43
2 files changed, 294 insertions, 0 deletions
diff --git a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c
new file mode 100644
index 0000000000..1ff1bf6dfe
--- /dev/null
+++ b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c
@@ -0,0 +1,251 @@
+/** @file
+ Provides generic security measurement functions for DXE module.
+
+Copyright (c) 2009 Intel Corporation
+All rights reserved. This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#include <PiDxe.h>
+#include <Library/DebugLib.h>
+#include <Library/DxeServicesLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/SecurityManagementLib.h>
+
+#define SECURITY_HANDLER_TABLE_SIZE 0x10
+
+#define EFI_AUTH_OPERATION_MASK EFI_AUTH_OPERATION_VERIFY_IMAGE \
+ | EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD \
+ | EFI_AUTH_OPERATION_MEASURE_IMAGE
+
+typedef struct {
+ UINT32 SecurityOperation;
+ SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler;
+} SECURITY_INFO;
+
+UINT32 mCurrentAuthOperation = 0;
+UINT32 mNumberOfSecurityHandler = 0;
+UINT32 mMaxNumberOfSecurityHandler = 0;
+SECURITY_INFO *mSecurityTable = NULL;
+
+/**
+ Reallocates more global memory to store the registered Handler list.
+
+ @retval RETURN_SUCCESS Reallocate memory successfully.
+ @retval RETURN_OUT_OF_RESOURCES No enough memory to allocated.
+**/
+RETURN_STATUS
+EFIAPI
+ReallocateSecurityHandlerTable (
+ )
+{
+ //
+ // Reallocate memory for security info structure.
+ //
+ mSecurityTable = ReallocatePool (
+ mMaxNumberOfSecurityHandler * sizeof (SECURITY_INFO),
+ (mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE) * sizeof (SECURITY_INFO),
+ mSecurityTable
+ );
+
+ //
+ // No enough resource is allocated.
+ //
+ if (mSecurityTable == NULL) {
+ return RETURN_OUT_OF_RESOURCES;
+ }
+
+ //
+ // Increase max handler number
+ //
+ mMaxNumberOfSecurityHandler = mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE;
+ return RETURN_SUCCESS;
+}
+
+/**
+ Check whether an operation is valid according to the requirement of current operation,
+ which must make sure that the measure image operation is the last one.
+
+ @param CurrentAuthOperation Current operation.
+ @param CheckAuthOperation Operation to be checked.
+
+ @retval TRUE Operation is valid for current operation.
+ @retval FALSE Operation is invalid for current operation.
+**/
+BOOLEAN
+CheckAuthenticationOperation (
+ IN UINT32 CurrentAuthOperation,
+ IN UINT32 CheckAuthOperation
+ )
+{
+ //
+ // Make sure new auth operation can be recognized.
+ //
+ ASSERT ((CheckAuthOperation & ~(EFI_AUTH_OPERATION_MASK | EFI_AUTH_OPERATION_IMAGE_REQUIRED)) == 0);
+
+ //
+ // When current operation includes measure image operation,
+ // only another measure image operation or none operation will be allowed.
+ //
+ if ((CurrentAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) {
+ if (((CheckAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) ||
+ ((CheckAuthOperation & EFI_AUTH_OPERATION_MASK) == EFI_AUTH_OPERATION_NONE)) {
+ return TRUE;
+ } else {
+ return FALSE;
+ }
+ }
+
+ //
+ // When current operation doesn't include measure image operation,
+ // any new operation will be allowed.
+ //
+ return TRUE;
+}
+
+/**
+ Register security measurement handler with its operation type. The different
+ handler with the same operation can all be registered.
+
+ If SecurityHandler is NULL, then ASSERT().
+ If no enough resources available to register new handler, then ASSERT().
+ If AuthenticationOperation is not recongnized, then ASSERT().
+ If the previous register handler can't be executed before the later register handler, then ASSERT().
+
+ @param[in] SecurityHandler Security measurement service handler to be registered.
+ @param[in] AuthenticationOperation Operation type is specified for the registered handler.
+
+ @retval EFI_SUCCESS The handlers were registered successfully.
+**/
+EFI_STATUS
+EFIAPI
+RegisterSecurityHandler (
+ IN SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler,
+ IN UINT32 AuthenticationOperation
+ )
+{
+ EFI_STATUS Status;
+
+ ASSERT (SecurityHandler != NULL);
+
+ //
+ // Make sure AuthenticationOperation is valid in the register order.
+ //
+ ASSERT (CheckAuthenticationOperation (mCurrentAuthOperation, AuthenticationOperation));
+ mCurrentAuthOperation = mCurrentAuthOperation | AuthenticationOperation;
+
+ //
+ // Check whether the handler lists is enough to store new handler.
+ //
+ if (mNumberOfSecurityHandler == mMaxNumberOfSecurityHandler) {
+ //
+ // Allocate more resources for new handler.
+ //
+ Status = ReallocateSecurityHandlerTable();
+ ASSERT_EFI_ERROR (Status);
+ }
+
+ //
+ // Register new handler into the handler list.
+ //
+ mSecurityTable[mNumberOfSecurityHandler].SecurityOperation = AuthenticationOperation;
+ mSecurityTable[mNumberOfSecurityHandler].SecurityHandler = SecurityHandler;
+ mNumberOfSecurityHandler ++;
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Execute registered handlers until one returns an error and that error is returned.
+ If none of the handlers return an error, then EFI_SUCCESS is returned.
+
+ Before exectue handler, get the image buffer by file device path if a handler
+ requires the image file. And return the image buffer to each handler when exectue handler.
+
+ The handlers are executed in same order to their registered order.
+
+ @param[in] AuthenticationStatus
+ This is the authentication type returned from the Section
+ Extraction protocol. See the Section Extraction Protocol
+ Specification for details on this type.
+ @param[in] FilePath This is a pointer to the device path of the file that is
+ being dispatched. This will optionally be used for logging.
+
+ @retval EFI_SUCCESS The file specified by File did authenticate when more
+ than one security handler services were registered,
+ or the file did not authenticate when no security
+ handler service was registered. And the platform policy
+ dictates that the DXE Core may use File.
+ @retval EFI_INVALID_PARAMETER File is NULL.
+ @retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and
+ the platform policy dictates that File should be placed
+ in the untrusted state. A file may be promoted from
+ the untrusted to the trusted state at a future time
+ with a call to the Trust() DXE Service.
+ @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and
+ the platform policy dictates that File should not be
+ used for any purpose.
+**/
+EFI_STATUS
+EFIAPI
+ExecuteSecurityHandlers (
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *FilePath
+ )
+{
+ UINT32 Index;
+ EFI_STATUS Status;
+ UINT32 HandlerAuthenticationStatus;
+ VOID *FileBuffer;
+ UINTN FileSize;
+
+ if (FilePath == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
+ //
+ // Directly return successfully when no handler is registered.
+ //
+ if (mNumberOfSecurityHandler == 0) {
+ return EFI_SUCCESS;
+ }
+
+ Status = EFI_SUCCESS;
+ FileBuffer = NULL;
+ FileSize = 0;
+ HandlerAuthenticationStatus = AuthenticationStatus;
+ //
+ // Run security handler in same order to their registered list
+ //
+ for (Index = 0; Index < mNumberOfSecurityHandler; Index ++) {
+ if ((mSecurityTable[Index].SecurityOperation & EFI_AUTH_OPERATION_IMAGE_REQUIRED) == EFI_AUTH_OPERATION_IMAGE_REQUIRED) {
+ //
+ // Try get file buffer when the handler requires image buffer.
+ //
+ if (FileBuffer == NULL) {
+ FileBuffer = GetFileBufferByFilePath (FALSE, FilePath, &FileSize, &AuthenticationStatus);
+ }
+ }
+ Status = mSecurityTable[Index].SecurityHandler (
+ HandlerAuthenticationStatus,
+ FilePath,
+ FileBuffer,
+ FileSize
+ );
+ if (EFI_ERROR (Status)) {
+ break;
+ }
+ }
+
+ if (FileBuffer != NULL) {
+ FreePool (FileBuffer);
+ }
+
+ return Status;
+}
diff --git a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
new file mode 100644
index 0000000000..7b65d4a3b1
--- /dev/null
+++ b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf
@@ -0,0 +1,43 @@
+#/** @file
+# Instance of SecurityManagementLib Library for DXE phase.
+#
+# This library provides generic security measurement functions for DXE module.
+#
+# Copyright (c) 2009, Intel Corporation.
+#
+# All rights reserved. This program and the accompanying materials
+# are licensed and made available under the terms and conditions of the BSD License
+# which accompanies this distribution. The full text of the license may be found at
+# http://opensource.org/licenses/bsd-license.php
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+#
+#
+#**/
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = DxeSecurityManagementLib
+ FILE_GUID = 7F61122C-19DF-47c3-BA0D-6C1149E30FA1
+ MODULE_TYPE = DXE_DRIVER
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = SecurityManagementLib|DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[Sources]
+ DxeSecurityManagementLib.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ MdeModulePkg/MdeModulePkg.dec
+
+[LibraryClasses]
+ MemoryAllocationLib
+ DebugLib
+ DxeServicesLib
+