From 606d38a59804ee2f5754430c64030f0c8e1fc498 Mon Sep 17 00:00:00 2001 From: "Dong, Guo" Date: Thu, 28 Aug 2014 05:49:11 +0000 Subject: SecurityPkg: INF/DEC file updates to EDK II packages 4. PCD information in DEC file comment blocks are either incomplete or incorrect. This includes detailed description, @Prompt, @ValidRange, @ValidList, @Expression, and [Error.] validation error messages. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong, Guo Reviewed-by: Gao, Liming git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15952 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/SecurityPkg.dec | 260 ++++++++++++++++++++++++++------------------ 1 file changed, 153 insertions(+), 107 deletions(-) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 1d44095af4..47a96a954d 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -1,6 +1,9 @@ ## @file SecurityPkg.dec -# This package includes the security drivers, defintions(including PPIs/PROTOCOLs/GUIDs -# and library classes) and libraries instances. +# Provides security features that conform to TCG/UEFI industry standards +# +# The security features include secure boot, measured boot and user identification. +# It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library classes) +# and libraries instances, which are used for those features. # # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials are licensed and made available under @@ -16,6 +19,7 @@ [Defines] DEC_SPECIFICATION = 0x00010005 PACKAGE_NAME = SecurityPkg + PACKAGE_UNI_FILE = SecurityPkg.uni PACKAGE_GUID = 24369CAC-6AA6-4fb8-88DB-90BF061668AD PACKAGE_VERSION = 0.93 @@ -64,10 +68,10 @@ TrEEPhysicalPresenceLib|Include/Library/TrEEPhysicalPresenceLib.h [Guids] - ## Security package token space guid + ## Security package token space guid. # Include/Guid/SecurityPkgTokenSpace.h gEfiSecurityPkgTokenSpaceGuid = { 0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba }} - + ## Guid acted as the authenticated variable store header's signature, and to specify the variable list entries put in the EFI system table. # Include/Guid/AuthenticatedVariableFormat.h gEfiAuthenticatedVariableGuid = { 0xaaf32c78, 0x947b, 0x439a, { 0xa1, 0x80, 0x2e, 0x14, 0x4e, 0xc3, 0x77, 0x92 } } @@ -87,7 +91,7 @@ gEfiCustomModeEnableGuid = { 0xc076ec0c, 0x7028, 0x4399, { 0xa0, 0x72, 0x71, 0xee, 0x5c, 0x44, 0x8b, 0x9f } } ## GUID used to "VendorKeysNv" variable to record the out of band secure boot keys modification. - # This variable is a read-only NV varaible that indicates whether someone other than the platform vendor has used a + # This variable is a read-only NV variable that indicates whether someone other than the platform vendor has used a # mechanism not defined by the UEFI Specification to transition the system to setup mode or to update secure boot keys. # Include/Guid/AuthenticatedVariableFormat.h gEfiVendorKeysNvGuid = { 0x9073e4e0, 0x60ec, 0x4b6e, { 0x99, 0x3, 0x4c, 0x22, 0x3c, 0x26, 0xf, 0x3c } } @@ -157,150 +161,190 @@ gTrEEConfigFormSetGuid = {0xc54b425f, 0xaa79, 0x48b4, { 0x98, 0x1f, 0x99, 0x8b, 0x3c, 0x4b, 0x64, 0x1c }} [Ppis] - ## Include/Ppi/LockPhysicalPresence.h + ## The PPI GUID for that TPM physical presence should be locked. + # Include/Ppi/LockPhysicalPresence.h gPeiLockPhysicalPresencePpiGuid = { 0xef9aefe5, 0x2bd3, 0x4031, { 0xaf, 0x7d, 0x5e, 0xfe, 0x5a, 0xbb, 0x9a, 0xd } } - ## Include/Ppi/TpmInitialized.h + ## The PPI GUID for that TPM is initialized. + # Include/Ppi/TpmInitialized.h gPeiTpmInitializedPpiGuid = { 0xe9db0d58, 0xd48d, 0x47f6, { 0x9c, 0x6e, 0x6f, 0x40, 0xe8, 0x6c, 0x7b, 0x41 }} ## Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid = { 0x6e056ff9, 0xc695, 0x4364, { 0x9e, 0x2c, 0x61, 0x26, 0xf5, 0xce, 0xea, 0xae } } -[PcdsFixedAtBuild] - ## Pcd for OptionRom. - # Image verification policy settings: - # ALWAYS_EXECUTE 0x00000000 - # NEVER_EXECUTE 0x00000001 - # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002 - # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003 - # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004 - # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005 - # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since - # it violates the UEFI specification and has been removed. +# +# [Error.gEfiSecurityPkgTokenSpaceGuid] +# 0x80000001 | Invalid value provided. +# 0x80000002 | Reserved bits must be set to zero. +# + +[PcdsFixedAtBuild, PcdsPatchableInModule] + ## Image verification policy for OptionRom. Only following values are valid:

+ # NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and has been removed.
+ # 0x00000000 Always trust the image.
+ # 0x00000001 Never trust the image.
+ # 0x00000002 Allow execution when there is security violation.
+ # 0x00000003 Defer execution when there is security violation.
+ # 0x00000004 Deny execution when there is security violation.
+ # 0x00000005 Query user when there is security violation.
+ # @Prompt Set policy for the image from OptionRom. + # @ValidRange 0x80000001 | 0x00000000 - 0x00000005 gEfiSecurityPkgTokenSpaceGuid.PcdOptionRomImageVerificationPolicy|0x04|UINT32|0x00000001 - - ## Pcd for removable media. - # Removable media include CD-ROM, Floppy, USB and network. - # Image verification policy settings: - # ALWAYS_EXECUTE 0x00000000 - # NEVER_EXECUTE 0x00000001 - # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002 - # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003 - # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004 - # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005 - # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since - # it violates the UEFI specification and has been removed. + + ## Image verification policy for removable media which includes CD-ROM, Floppy, USB and network. + # Only following values are valid:

+ # NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and has been removed.
+ # 0x00000000 Always trust the image.
+ # 0x00000001 Never trust the image.
+ # 0x00000002 Allow execution when there is security violation.
+ # 0x00000003 Defer execution when there is security violation.
+ # 0x00000004 Deny execution when there is security violation.
+ # 0x00000005 Query user when there is security violation.
+ # @Prompt Set policy for the image from removable media. + # @ValidRange 0x80000001 | 0x00000000 - 0x00000005 gEfiSecurityPkgTokenSpaceGuid.PcdRemovableMediaImageVerificationPolicy|0x04|UINT32|0x00000002 - - ## Pcd for fixed media. - # Fixed media include hard disk. - # Image verification policy settings: - # ALWAYS_EXECUTE 0x00000000 - # NEVER_EXECUTE 0x00000001 - # ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002 - # DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003 - # DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004 - # QUERY_USER_ON_SECURITY_VIOLATION 0x00000005 - # NOTE: Do NOT use QUERY_USER_ON_SECURITY_VIOLATION and ALLOW_EXECUTE_ON_SECURITY_VIOLATION since - # it violates the UEFI specification and has been removed. + + ## Image verification policy for fixed media which includes hard disk. + # Only following values are valid:

+ # NOTE: Do NOT use 0x5 and 0x2 since it violates the UEFI specification and has been removed.
+ # 0x00000000 Always trust the image.
+ # 0x00000001 Never trust the image.
+ # 0x00000002 Allow execution when there is security violation.
+ # 0x00000003 Defer execution when there is security violation.
+ # 0x00000004 Deny execution when there is security violation.
+ # 0x00000005 Query user when there is security violation.
+ # @Prompt Set policy for the image from fixed media. + # @ValidRange 0x80000001 | 0x00000000 - 0x00000005 gEfiSecurityPkgTokenSpaceGuid.PcdFixedMediaImageVerificationPolicy|0x04|UINT32|0x00000003 - - ## Defer Image Load policy settings. - # The policy is bitwise. - # If bit is set, the image from corresponding device will be trust when loading. - # - # IMAGE_UNKNOWN 0x00000001 - # IMAGE_FROM_FV 0x00000002 - # IMAGE_FROM_OPTION_ROM 0x00000004 - # IMAGE_FROM_REMOVABLE_MEDIA 0x00000008 - # IMAGE_FROM_FIXED_MEDIA 0x00000010 - gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy|0x0000001F|UINT32|0x0000004 - - ## The size of Append variable buffer. This buffer is reserved for runtime use, OS can append data into one existing variable. - gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize|0x2000|UINT32|0x30000005 - ## This PCD specifies the type of TCG platform that contains TPM chip. - # This PCD is only avaiable when PcdTpmPhysicalPresence is TRUE. - # If 0, TCG platform type is PC client. - # If 1, TCG platform type is server. - gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass|0|UINT8|0x00000006 + ## Defer Image Load policy settings. The policy is bitwise. + # If a bit is set, the image from corresponding device will be trusted when loading. Or + # the image will be deferred. The deferred image will be checked after user is identified.

+ # BIT0 - Image from unknown device.
+ # BIT1 - Image from firmware volume.
+ # BIT2 - Image from OptionRom.
+ # BIT3 - Image from removable media which includes CD-ROM, Floppy, USB and network.
+ # BIT4 - Image from fixed media device which includes hard disk.
+ # @Prompt Set policy whether trust image before user identification. + # @ValidRange 0x80000002 | 0x00000000 - 0x0000001F + gEfiSecurityPkgTokenSpaceGuid.PcdDeferImageLoadPolicy|0x0000001F|UINT32|0x0000004 -[PcdsFixedAtBuild, PcdsPatchableInModule] ## Null-terminated Unicode string of the file name that is the default name to save USB credential. # The specified file should be saved at the root directory of USB storage disk. # @Prompt File name to save credential. gEfiSecurityPkgTokenSpaceGuid.PcdFixedUsbCredentialProviderTokenFileName|L"Token.bin"|VOID*|0x00000005 - + + ## The size of Append variable buffer. This buffer is reserved for runtime use, OS can append data into one existing variable. + # Note: This PCD is not been used. + # @Prompt Max variable size for append operation. + gEfiSecurityPkgTokenSpaceGuid.PcdMaxAppendVariableSize|0x2000|UINT32|0x30000005 + + ## Specifies the type of TCG platform that contains TPM chip.

+ # If 0, TCG platform type is PC client.
+ # If 1, TCG platform type is PC server.
+ # @Prompt Select platform type. + # @ValidRange 0x80000001 | 0x00 - 0x1 + gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass|0|UINT8|0x00000006 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - ## This PCD indicates the presence or absence of the platform operator. + ## Indicates the presence or absence of the platform operator during firmware booting. + # If platform operator is not physical presence during boot. TPM will be locked and the TPM commands + # that required operator physical presence can not run.

+ # TRUE - The platform operator is physically present.
+ # FALSE - The platform operator is not physically present.
+ # @Prompt Physical presence of the platform operator. gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - ## This PCD indicates whether to set TPM physicalPresenceLifetimeLock bit. - # Once this bit is set, it can not be cleared (It is locked for TPM life time). + ## Indicates whether TPM physical presence is locked during platform initialization. + # Once it is locked, it can not be unlocked for TPM life time.

+ # TRUE - Lock TPM physical presence asserting method.
+ # FALSE - Not lock TPM physical presence asserting method.
+ # @Prompt Lock TPM physical presence asserting method. gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock|FALSE|BOOLEAN|0x00010003 - + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - ## This PCD is used to specify the default value for physicalPresenceCMDEnable bit when setting physicalPresenceLifetimeLock bit. - # If PcdPhysicalPresenceCmdEnable is set to TRUE, physicalPresenceCMDEnable bit will be set, else this bit will be cleared. + ## Indicates whether the platform supports the software method of asserting physical presence.

+ # TRUE - Supports the software method of asserting physical presence.
+ # FALSE - Does not support the software method of asserting physical presence.
+ # @Prompt Enable software method of asserting physical presence. gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable|TRUE|BOOLEAN|0x00010004 - + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - ## This PCD is used to specify the default value for physicalPresenceHWEnable bit when setting physicalPresenceLifetimeLock bit. - # If PcdPhysicalPresenceHwEnable is set to TRUE, physicalPresenceHWEnable bit will be set, else this bit will be cleared. + ## Indicates whether the platform supports the hardware method of asserting physical presence.

+ # TRUE - Supports the hardware method of asserting physical presence.
+ # FALSE - Does not support the hardware method of asserting physical presence.
+ # @Prompt Enable hardware method of asserting physical presence. gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable|TRUE|BOOLEAN|0x00010005 [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] - ## This PCD indicates if debugger exists. + ## This PCD indicates if debugger exists.

+ # TRUE - Firmware debugger exists.
+ # FALSE - Firmware debugger doesn't exist.
+ # @Prompt Firmware debugger status. gEfiSecurityPkgTokenSpaceGuid.PcdFirmwareDebuggerInitialized|FALSE|BOOLEAN|0x00010009 - ## This PCD indicates the TPM2 initialization policy. - # 0: No initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized. - # 1: Initialization needed. + ## This PCD indicates the initialization policy for TPM 2.0.

+ # If 0, no initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized.
+ # If 1, initialization needed.
+ # @Prompt TPM 2.0 device initialization policy.
+ # @ValidRange 0x80000001 | 0x00 - 0x1 gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy|1|UINT8|0x0001000A - ## This PCD indicates the TPM initialization policy. - # 0: No initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized. - # 1: Initialization needed. + ## This PCD indicates the initialization policy for TPM 1.2.

+ # If 0, no initialization needed - most likely used for chipset SRTM solution, in which TPM is already initialized.
+ # If 1, initialization needed.
+ # @Prompt TPM 1.2 device initialization policy. + # @ValidRange 0x80000001 | 0x00 - 0x1 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1|UINT8|0x0001000B - ## This PCD indicates the TPM2 SelfTest policy. - # 0: No SelfTest needed - most likely used for fTPM, because it might already be tested. - # 1: SelfTest needed. + ## This PCD indicates the TPM 2.0 SelfTest policy.

+ # if 0, no SelfTest needed - most likely used for fTPM, because it might already be tested.
+ # if 1, SelfTest needed.
+ # @Prompt TPM 2.0 device selftest. + # @ValidRange 0x80000001 | 0x00 - 0x1 gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy|1|UINT8|0x0001000C - ## This PCD indicates the TPM2 SCRTM policy. - # 0: No SCRTM needed - In this case, it is already done. - # 1: SCRTM done by BIOS. + ## This PCD indicates Static Core Root of Trust for Measurement (SCRTM) policy using TPM 2.0.

+ # if 0, no SCRTM measurement needed - In this case, it is already done.
+ # if 1, SCRTM measurement done by BIOS.
+ # @Prompt SCRTM policy setting for TPM 2.0 device. + # @ValidRange 0x80000001 | 0x00 - 0x1 gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1|UINT8|0x0001000D - ## This PCD indicates the TPM SCRTM policy. - # 0: No SCRTM needed - In this case, it is already done. - # 1: SCRTM done by BIOS. + ## This PCD indicates Static Core Root of Trust for Measurement (SCRTM) policy using TPM 1.2.

+ # if 0, no SCRTM measurement needed - In this case, it is already done.
+ # if 1, SCRTM measurement done by BIOS.
+ # @Prompt SCRTM policy setting for TPM 1.2 device + # @ValidRange 0x80000001 | 0x00 - 0x1 gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1|UINT8|0x0001000E - ## Guid name to identify TPM instance - # TPM_DEVICE_INTERFACE_NONE means disable - # TPM_DEVICE_INTERFACE_TPM12 means TPM1.2 DTPM - # TPM_DEVICE_INTERFACE_DTPM2 means TPM2 DTPM + ## Guid name to identify TPM instance.

+ # TPM_DEVICE_INTERFACE_NONE means disable.
+ # TPM_DEVICE_INTERFACE_TPM12 means TPM 1.2 DTPM.
+ # TPM_DEVICE_INTERFACE_DTPM2 means TPM 2.0 DTPM.
+ # @Prompt TPM device type identifier gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid |{ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }|VOID*|0x0001000F - ## This PCD indicates the TPM2 Hash mask. - # BIT0: SHA1 - # BIT1: SHA256 - # BIT2: SHA384 - # BIT3: SHA512 - # If this bit is set, that means this algorithm is needed to extend to PCR. - # If this bit is clear, that means this algorithm is NOT needed to extend to PCR. - # 0xFFFFFFFF means extend all. - gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0xFFFFFFFF|UINT32|0x00010010 - - ## This PCD indicates if BIOS auto detect TPM1.2 or dTPM2.0. - # 0: No auto detection. - # 1: Auto detection. + ## This PCD indicates Hash mask for TPM 2.0.

+ # If this bit is set, that means this algorithm is needed to extend to PCR.
+ # If this bit is clear, that means this algorithm is NOT needed to extend to PCR.
+ # BIT0 - SHA1.
+ # BIT1 - SHA256.
+ # BIT2 - SHA384.
+ # BIT3 - SHA512.
+ # @Prompt Hash mask for TPM 2.0 + # @ValidRange 0x80000001 | 0x00000000 - 0x0000000F + gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000000F|UINT32|0x00010010 + + ## This PCD indicates if BIOS auto detect TPM1.2 or dTPM2.0.

+ # FALSE - No auto detection.
+ # TRUE - Auto detection.
+ # @Prompt TPM type detection. gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection|TRUE|BOOLEAN|0x00010011 - ## This PCD indicates TPM base address. + ## This PCD indicates TPM base address.

+ # @Prompt TPM device address. gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0xFED40000|UINT64|0x00010012 ## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images @@ -308,4 +352,6 @@ # @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images # gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013 - \ No newline at end of file + +[UserExtensions.TianoCore."ExtraFiles"] + SecurityPkgExtra.uni -- cgit v1.2.3