1 files changed, 29 insertions, 17 deletions

diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
index 0e6a5d1ce6..ab580aaf57 100644
--- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
@@ -1,13 +1,14 @@
 ## @file

-#  The library instance provides security service of image verification.

-#  Image verification Library module supports UEFI2.3.1

+#  Provides security service of image verification

+#

+#  This library hooks LoadImage() API to verify every image by the verification policy.

 #

 #  Caution: This module requires additional review when modified.

 #  This library will have external input - PE/COFF image.

-#  This external input must be validated carefully to avoid security issue like

-#  buffer overflow, integer overflow.

+#  This external input must be validated carefully to avoid security issues such as

+#  buffer overflow or integer overflow.

 #

-# Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.<BR>

+# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>

 # This program and the accompanying materials

 # are licensed and made available under the terms and conditions of the BSD License

 # which accompanies this distribution. The full text of the license may be found at

@@ -19,7 +20,8 @@
 

 [Defines]

   INF_VERSION                    = 0x00010005

-  BASE_NAME                      = DxeImageVerificationLib   

+  BASE_NAME                      = DxeImageVerificationLib

+  MODULE_UNI_FILE                = DxeImageVerificationLib.uni

   FILE_GUID                      = 0CA970E1-43FA-4402-BC0A-81AF336BFFD6

   MODULE_TYPE                    = DXE_DRIVER

   VERSION_STRING                 = 1.0

@@ -58,20 +60,30 @@
   TpmMeasurementLib

 

 [Protocols]

-  gEfiFirmwareVolume2ProtocolGuid

-  gEfiBlockIoProtocolGuid

-  gEfiSimpleFileSystemProtocolGuid

-  

+  gEfiFirmwareVolume2ProtocolGuid       ## SOMETIMES_CONSUMES

+  gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES

+  gEfiSimpleFileSystemProtocolGuid      ## SOMETIMES_CONSUMES

+

 [Guids]

-  gEfiCertTypeRsa2048Sha256Guid

+  ## SOMETIMES_CONSUMES   ## Variable:L"DB"

+  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"

+  ## PRODUCES             ## SystemTable

+  ## CONSUMES             ## SystemTable

   gEfiImageSecurityDatabaseGuid

+

+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.

+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.

   gEfiCertSha1Guid

+  

+  ## SOMETIMES_CONSUMES   ## GUID       # Unique ID for the type of the signature.

+  ## SOMETIMES_PRODUCES   ## GUID       # Unique ID for the type of the signature.

   gEfiCertSha256Guid

-  gEfiCertX509Guid

-  gEfiCertRsa2048Guid

-  gEfiCertPkcs7Guid

+

+  gEfiCertX509Guid                      ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the signature.

+  gEfiCertPkcs7Guid                     ## SOMETIMES_CONSUMES    ## GUID     # Unique ID for the type of the certificate.

   

 [Pcd]

-  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy

-  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy

-  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy

+  gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy          ## SOMETIMES_CONSUMES

+  gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy     ## SOMETIMES_CONSUMES

+  gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy         ## SOMETIMES_CONSUMES

+  
\ No newline at end of file