SecurityPkg: INF/DEC file updates to EDK II packages

1. Usage information in INF file comment blocks are either incomplete or incorrect. This includes usage information for Protocols/PPIs/GUIDs/PCDs/HOBs/Events/BootModes. The syntax for usage information in comment blocks is defined in the EDK II Module Information (INF) Specification Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo <guo.dong@intel.com> Reviewed-by: Gao, Liming <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15950 6f19259b-4bc3-4df7-8a09-765794883524
author: Dong, Guo <guo.dong@intel.com> 2014-08-28 05:31:09 +0000
committer: lgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524> 2014-08-28 05:31:09 +0000
commit: 60c944c7d63978eee337f52af360ca5d807c11b6 (patch)
tree: a0093c20ea79b1a64fc250f75e54e34cd4d45c95 /SecurityPkg/Library/DxeImageVerificationLib
parent: 5841ba45f2d9dee54c2cf20ea374761207f3bb92 (diff)
download: edk2-platforms-60c944c7d63978eee337f52af360ca5d807c11b6.tar.xz
1 files changed, 29 insertions, 17 deletions
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
index 0e6a5d1ce6..ab580aaf57 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
@@ -1,13 +1,14 @@
 ## @file
-#  The library instance provides security service of image verification.
-#  Image verification Library module supports UEFI2.3.1
+#  Provides security service of image verification
+#
+#  This library hooks LoadImage() API to verify every image by the verification policy.
 #
 #  Caution: This module requires additional review when modified.
 #  This library will have external input - PE/COFF image.
-#  This external input must be validated carefully to avoid security issue like
-#  buffer overflow, integer overflow.
+#  This external input must be validated carefully to avoid security issues such as
+#  buffer overflow or integer overflow.
 #
-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -19,7 +20,8 @@
 
 [Defines]
   INF_VERSION                    = 0x00010005
-  BASE_NAME                      = DxeImageVerificationLib   
+  BASE_NAME                      = DxeImageVerificationLib
+  MODULE_UNI_FILE                = DxeImageVerificationLib.uni
   FILE_GUID                      = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6
   MODULE_TYPE                    = DXE_DRIVER
   VERSION_STRING                 = 1.0
@@ -58,20 +60,30 @@
   TpmMeasurementLib
 
 [Protocols]
-  gEfiFirmwareVolume2ProtocolGuid
-  gEfiBlockIoProtocolGuid
-  gEfiSimpleFileSystemProtocolGuid
-  
+  gEfiFirmwareVolume2ProtocolGuid       ## SOMETIMES_CONSUMES
+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES
+  gEfiSimpleFileSystemProtocolGuid      ## SOMETIMES_CONSUMES
+
 [Guids]
-  gEfiCertTypeRsa2048Sha256Guid
+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"
+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"
+  ## PRODUCES             ## SystemTable
+  ## CONSUMES             ## SystemTable
   gEfiImageSecurityDatabaseGuid
+
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
   gEfiCertSha1Guid
+  
+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.
+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.
   gEfiCertSha256Guid
-  gEfiCertX509Guid
-  gEfiCertRsa2048Guid
-  gEfiCertPkcs7Guid
+
+  gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.
+  gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.
   
 [Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy
-  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy
-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy
+  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy     ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy         ## SOMETIMES_CONSUMES
+  
+\ No newline at end of file
author	Dong, Guo <guo.dong@intel.com>	2014-08-28 05:31:09 +0000
committer	lgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524>	2014-08-28 05:31:09 +0000
commit	60c944c7d63978eee337f52af360ca5d807c11b6 (patch)
tree	a0093c20ea79b1a64fc250f75e54e34cd4d45c95 /SecurityPkg/Library/DxeImageVerificationLib
parent	5841ba45f2d9dee54c2cf20ea374761207f3bb92 (diff)
download	edk2-platforms-60c944c7d63978eee337f52af360ca5d807c11b6.tar.xz