MdePkg: Move to new location

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Guo Mang <mang.guo@intel.com>

1 files changed, 0 insertions, 107 deletions

diff --git a/MdePkg/Include/Protocol/Security2.h b/MdePkg/Include/Protocol/Security2.h
deleted file mode 100644
index d282837b39..0000000000
--- a/MdePkg/Include/Protocol/Security2.h
+++ /dev/null
@@ -1,107 +0,0 @@
-/** @file

-  Security2 Architectural Protocol as defined in PI Specification1.2.1 VOLUME 2 DXE

-

-  Abstracts security-specific functions from the DXE Foundation of UEFI Image Verification,

-  Trusted Computing Group (TCG) measured boot, and User Identity policy for image loading and

-  consoles. This protocol must be produced by a boot service or runtime DXE driver.

-  

-  This protocol is optional and must be published prior to the EFI_SECURITY_ARCH_PROTOCOL.

-  As a result, the same driver must publish both of these interfaces.

-  

-  When both Security and Security2 Architectural Protocols are published, LoadImage must use

-  them in accordance with the following rules:

-    The Security2 protocol must be used on every image being loaded.

-    The Security protocol must be used after the Securiy2 protocol and only on images that 

-    have been read using Firmware Volume protocol.

-

-  When only Security architectural protocol is published, LoadImage must use it on every image

-  being loaded.

-

-  Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>

-  This program and the accompanying materials                          

-  are licensed and made available under the terms and conditions of the BSD License         

-  which accompanies this distribution.  The full text of the license may be found at        

-  http://opensource.org/licenses/bsd-license.php                                            

-

-  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,                     

-  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.             

-

-**/

-

-#ifndef __ARCH_PROTOCOL_SECURITY2_H__

-#define __ARCH_PROTOCOL_SECURITY2_H__

-

-///

-/// Global ID for the Security2 Code Architectural Protocol

-///

-#define EFI_SECURITY2_ARCH_PROTOCOL_GUID \

-  { 0x94ab2f58, 0x1438, 0x4ef1, {0x91, 0x52, 0x18, 0x94, 0x1a, 0x3a, 0x0e, 0x68 } }

-  

-typedef struct _EFI_SECURITY2_ARCH_PROTOCOL    EFI_SECURITY2_ARCH_PROTOCOL;

-

-/**

-  The DXE Foundation uses this service to measure and/or verify a UEFI image.

-

-  This service abstracts the invocation of Trusted Computing Group (TCG) measured boot, UEFI

-  Secure boot, and UEFI User Identity infrastructure. For the former two, the DXE Foundation

-  invokes the FileAuthentication() with a DevicePath and corresponding image in

-  FileBuffer memory. The TCG measurement code will record the FileBuffer contents into the

-  appropriate PCR. The image verification logic will confirm the integrity and provenance of the

-  image in FileBuffer of length FileSize . The origin of the image will be DevicePath in

-  these cases.

-  If the FileBuffer is NULL, the interface will determine if the DevicePath can be connected

-  in order to support the User Identification policy.

-  

-  @param  This             The EFI_SECURITY2_ARCH_PROTOCOL instance.

-  @param  File             A pointer to the device path of the file that is

-                           being dispatched. This will optionally be used for logging.

-  @param  FileBuffer       A pointer to the buffer with the UEFI file image.

-  @param  FileSize         The size of the file.

-  @param  BootPolicy       A boot policy that was used to call LoadImage() UEFI service. If

-                           FileAuthentication() is invoked not from the LoadImage(),

-                           BootPolicy must be set to FALSE.

-  

-  @retval EFI_SUCCESS             The file specified by DevicePath and non-NULL

-                                  FileBuffer did authenticate, and the platform policy dictates

-                                  that the DXE Foundation may use the file.

-  @retval EFI_SUCCESS             The device path specified by NULL device path DevicePath

-                                  and non-NULL FileBuffer did authenticate, and the platform

-                                  policy dictates that the DXE Foundation may execute the image in

-                                  FileBuffer.

-  @retval EFI_SUCCESS             FileBuffer is NULL and current user has permission to start

-                                  UEFI device drivers on the device path specified by DevicePath.

-  @retval EFI_SECURITY_VIOLATION  The file specified by DevicePath and FileBuffer did not

-                                  authenticate, and the platform policy dictates that the file should be

-                                  placed in the untrusted state. The image has been added to the file

-                                  execution table.

-  @retval EFI_ACCESS_DENIED       The file specified by File and FileBuffer did not

-                                  authenticate, and the platform policy dictates that the DXE

-                                  Foundation may not use File.

-  @retval EFI_SECURITY_VIOLATION  FileBuffer is NULL and the user has no

-                                  permission to start UEFI device drivers on the device path specified

-                                  by DevicePath.

-  @retval EFI_SECURITY_VIOLATION  FileBuffer is not NULL and the user has no permission to load

-                                  drivers from the device path specified by DevicePath. The

-                                  image has been added into the list of the deferred images.

-**/

-typedef EFI_STATUS (EFIAPI *EFI_SECURITY2_FILE_AUTHENTICATION) (  

-  IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,

-  IN CONST EFI_DEVICE_PATH_PROTOCOL    *DevicePath,

-  IN VOID                              *FileBuffer,

-  IN UINTN                             FileSize,

-  IN BOOLEAN                           BootPolicy

-);

-

-///

-/// The EFI_SECURITY2_ARCH_PROTOCOL is used to abstract platform-specific policy from the

-/// DXE Foundation. This includes measuring the PE/COFF image prior to invoking, comparing the

-/// image against a policy (whether a white-list/black-list of public image verification keys

-/// or registered hashes).

-///

-struct _EFI_SECURITY2_ARCH_PROTOCOL {

-  EFI_SECURITY2_FILE_AUTHENTICATION FileAuthentication;

-};

-

-extern EFI_GUID gEfiSecurity2ArchProtocolGuid;

-

-#endif