From 022ff6bbba14e86ad721de66d43e0ddb2109ff8a Mon Sep 17 00:00:00 2001 From: lzeng14 Date: Tue, 29 Jan 2013 07:43:17 +0000 Subject: 1. Update DxeCore to get correct AuthenticationStatus and invoke gSecurity after FV image file is extracted by ReadSection(), and remove the gSecurity invoking in SmmDriverDispatchHandler() in SmmCore since FV has been verified in DxeCore. 2. Update SmmLoadImage() to return EFI_SECURITY_VIOLATION when gSecurity returns EFI_SECURITY_VIOLATION. Signed-off-by: Star Zeng Reviewed-by: Liming Gao git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14113 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c | 48 ++++++++++++++++----------- MdeModulePkg/Core/PiSmmCore/Dispatcher.c | 31 +++-------------- 2 files changed, 32 insertions(+), 47 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c b/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c index 45a236a7b8..75d6267f61 100644 --- a/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c +++ b/MdeModulePkg/Core/Dxe/Dispatcher/Dispatcher.c @@ -26,7 +26,7 @@ Depex - Dependency Expresion. SOR - Schedule On Request - Don't schedule if this bit is set. -Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -984,6 +984,7 @@ CoreProcessFvImageFile ( UINTN BufferSize; EFI_FIRMWARE_VOLUME_HEADER *FvHeader; UINT32 FvAlignment; + EFI_DEVICE_PATH_PROTOCOL *FvFileDevicePath; // // Read the first (and only the first) firmware volume section @@ -1004,6 +1005,32 @@ CoreProcessFvImageFile ( &AuthenticationStatus ); if (!EFI_ERROR (Status)) { + // + // Evaluate the authentication status of the Firmware Volume through + // Security Architectural Protocol + // + if (gSecurity != NULL) { + FvFileDevicePath = CoreFvToDevicePath (Fv, FvHandle, DriverName); + Status = gSecurity->FileAuthenticationState ( + gSecurity, + AuthenticationStatus, + FvFileDevicePath + ); + if (FvFileDevicePath != NULL) { + FreePool (FvFileDevicePath); + } + + if (Status != EFI_SUCCESS) { + // + // Security check failed. The firmware volume should not be used for any purpose. + // + if (Buffer != NULL) { + FreePool (Buffer); + } + return Status; + } + } + // // FvImage should be at its required alignment. // @@ -1087,7 +1114,6 @@ CoreFwVolEventProtocolNotify ( { EFI_STATUS Status; EFI_STATUS GetNextFileStatus; - EFI_STATUS SecurityStatus; EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv; EFI_DEVICE_PATH_PROTOCOL *FvDevicePath; EFI_HANDLE FvHandle; @@ -1159,24 +1185,6 @@ CoreFwVolEventProtocolNotify ( continue; } - // - // Evaluate the authentication status of the Firmware Volume through - // Security Architectural Protocol - // - if (gSecurity != NULL) { - SecurityStatus = gSecurity->FileAuthenticationState ( - gSecurity, - 0, - FvDevicePath - ); - if (SecurityStatus != EFI_SUCCESS) { - // - // Security check failed. The firmware volume should not be used for any purpose. - // - continue; - } - } - // // Discover Drivers in FV and add them to the Discovered Driver List. // Process EFI_FV_FILETYPE_DRIVER type and then EFI_FV_FILETYPE_COMBINED_PEIM_DRIVER diff --git a/MdeModulePkg/Core/PiSmmCore/Dispatcher.c b/MdeModulePkg/Core/PiSmmCore/Dispatcher.c index 8a9d99b158..b2e3d6a1e7 100644 --- a/MdeModulePkg/Core/PiSmmCore/Dispatcher.c +++ b/MdeModulePkg/Core/PiSmmCore/Dispatcher.c @@ -27,7 +27,7 @@ Depex - Dependency Expresion. - Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2013, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -671,6 +671,9 @@ SmmLoadImage ( // used the UEFI Boot Services AllocatePool() function // Status = gBS->FreePool(Buffer); + if (!EFI_ERROR (Status) && EFI_ERROR (SecurityStatus)) { + Status = SecurityStatus; + } return Status; } @@ -1197,7 +1200,6 @@ SmmDriverDispatchHandler ( UINTN HandleCount; EFI_HANDLE *HandleBuffer; EFI_STATUS GetNextFileStatus; - EFI_STATUS SecurityStatus; EFI_FIRMWARE_VOLUME2_PROTOCOL *Fv; EFI_DEVICE_PATH_PROTOCOL *FvDevicePath; EFI_HANDLE FvHandle; @@ -1258,31 +1260,6 @@ SmmDriverDispatchHandler ( continue; } - // - // If the Security Architectural Protocol has not been located yet, then attempt to locate it - // - if (mSecurity == NULL) { - gBS->LocateProtocol (&gEfiSecurityArchProtocolGuid, NULL, (VOID**)&mSecurity); - } - - // - // Evaluate the authentication status of the Firmware Volume through - // Security Architectural Protocol - // - if (mSecurity != NULL) { - SecurityStatus = mSecurity->FileAuthenticationState ( - mSecurity, - 0, - FvDevicePath - ); - if (SecurityStatus != EFI_SUCCESS) { - // - // Security check failed. The firmware volume should not be used for any purpose. - // - continue; - } - } - // // Discover Drivers in FV and add them to the Discovered Driver List. // Process EFI_FV_FILETYPE_SMM type and then EFI_FV_FILETYPE_COMBINED_SMM_DXE -- cgit v1.2.3