From 3e5a3960f8b99d0dcfa1c769161135a394336443 Mon Sep 17 00:00:00 2001 From: vanjeff Date: Wed, 27 Jun 2007 05:49:17 +0000 Subject: add some framework definitions git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@2776 6f19259b-4bc3-4df7-8a09-765794883524 --- IntelFrameworkPkg/Include/Ppi/ReadOnlyVariable.h | 120 ++++++++++++++++++++++ IntelFrameworkPkg/Include/Ppi/SectionExtraction.h | 108 +++++++++++++++++++ IntelFrameworkPkg/Include/Ppi/Security.h | 73 +++++++++++++ 3 files changed, 301 insertions(+) create mode 100644 IntelFrameworkPkg/Include/Ppi/ReadOnlyVariable.h create mode 100644 IntelFrameworkPkg/Include/Ppi/SectionExtraction.h create mode 100644 IntelFrameworkPkg/Include/Ppi/Security.h (limited to 'IntelFrameworkPkg/Include/Ppi') diff --git a/IntelFrameworkPkg/Include/Ppi/ReadOnlyVariable.h b/IntelFrameworkPkg/Include/Ppi/ReadOnlyVariable.h new file mode 100644 index 0000000000..ee00e14147 --- /dev/null +++ b/IntelFrameworkPkg/Include/Ppi/ReadOnlyVariable.h @@ -0,0 +1,120 @@ +/** @file + This file declares Read-only Variable Service PPI + + Copyright (c) 2006, Intel Corporation + All rights reserved. This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + Module Name: ReadOnlyVariable.h + + @par Revision Reference: + This PPI is defined in PEI CIS + Version 0.91. + +**/ + +#ifndef __PEI_READ_ONLY_VARIABLE_PPI_H__ +#define __PEI_READ_ONLY_VARIABLE_PPI_H__ + +#define EFI_PEI_READ_ONLY_VARIABLE_ACCESS_PPI_GUID \ + { \ + 0x3cdc90c6, 0x13fb, 0x4a75, {0x9e, 0x79, 0x59, 0xe9, 0xdd, 0x78, 0xb9, 0xfa } \ + } + +typedef struct _EFI_PEI_READ_ONLY_VARIABLE_PPI EFI_PEI_READ_ONLY_VARIABLE_PPI; + +// +// Variable attributes +// +#define EFI_VARIABLE_NON_VOLATILE 0x00000001 +#define EFI_VARIABLE_BOOTSERVICE_ACCESS 0x00000002 +#define EFI_VARIABLE_RUNTIME_ACCESS 0x00000004 +#define EFI_VARIABLE_READ_ONLY 0x00000008 + +/** + Get Variable value by Name and GUID pair + + @param PeiServices An indirect pointer to the PEI Services Table published by the PEI Foundation. + @param VariableName A NULL-terminated Unicode string that is the name of the vendor's variable. + @param VendorGuid A unique identifier for the vendor. + @param Attributes If not NULL, a pointer to the memory location to return + the attributes bitmask for the variable. + @param DataSize On input, the size in bytes of the return Data buffer. + On output, the size of data returned in Data. + @param Data The buffer to return the contents of the variable. + + @retval EFI_SUCCESS The function completed successfully. + @retval EFI_NOT_FOUND The variable was not found. + @retval EFI_BUFFER_TOO_SMALL The BufferSize is too small for the result. + @retval EFI_INVALID_PARAMETER One of the parameters has an invalid value. + @retval EFI_DEVICE_ERROR The variable could not be retrieved due to a hardware error. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_PEI_GET_VARIABLE) ( + IN EFI_PEI_SERVICES **PeiServices, + IN CHAR16 *VariableName, + IN EFI_GUID *VendorGuid, + OUT UINT32 *Attributes OPTIONAL, + IN OUT UINTN *DataSize, + OUT VOID *Data + ); + +/** + This function can be called multiple times to retrieve the VariableName + and VendorGuid of all variables currently available in the system. On each call + to GetNextVariableName() the previous results are passed into the interface, + and on output the interface returns the next variable name data. When the + entire variable list has been returned, the error EFI_NOT_FOUND is returned. + + @param PeiServices An indirect pointer to the PEI Services Table published by the PEI Foundation. + @param VariableNameSize The size of the VariableName buffer. + @param VariableName On input, supplies the last VariableName that was + returned by GetNextVariableName(). On output, returns the Null-terminated + Unicode string of the current variable. + @param VendorGuid On input, supplies the last VendorGuid that was + returned by GetNextVariableName(). On output, returns the VendorGuid + of the current variable. + + @retval EFI_SUCCESS The function completed successfully. + @retval EFI_NOT_FOUND The next variable was not found. + @retval EFI_BUFFER_TOO_SMALL The VariableNameSize is too small for the result. + @retval EFI_INVALID_PARAMETER One of the parameters has an invalid value. + @retval EFI_DEVICE_ERROR The variable name could not be retrieved due to a hardware error. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_PEI_GET_NEXT_VARIABLE_NAME) ( + IN EFI_PEI_SERVICES **PeiServices, + IN OUT UINTN *VariableNameSize, + IN OUT CHAR16 *VariableName, + IN OUT EFI_GUID *VendorGuid + ); + +/** + @par Ppi Description: + This PPI provides a lightweight, read-only variant of the full EFI + variable services. + + @param GetVariable + A service to ascertain a given variable name. + + @param GetNextVariableName + A service to ascertain a variable based upon a given, known variable + +**/ +struct _EFI_PEI_READ_ONLY_VARIABLE_PPI { + EFI_PEI_GET_VARIABLE PeiGetVariable; + EFI_PEI_GET_NEXT_VARIABLE_NAME PeiGetNextVariableName; +}; + +extern EFI_GUID gEfiPeiReadOnlyVariablePpiGuid; + +#endif diff --git a/IntelFrameworkPkg/Include/Ppi/SectionExtraction.h b/IntelFrameworkPkg/Include/Ppi/SectionExtraction.h new file mode 100644 index 0000000000..fb95f6065a --- /dev/null +++ b/IntelFrameworkPkg/Include/Ppi/SectionExtraction.h @@ -0,0 +1,108 @@ +/** @file + This file declares Section Extraction PPI. + + Copyright (c) 2006, Intel Corporation + All rights reserved. This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + Module Name: SectionExtraction.h + + @par Revision Reference: + This PPI is defined in PEI CIS. + Version 0.91. + +**/ + +#ifndef __SECTION_EXTRACTION_PPI_H__ +#define __SECTION_EXTRACTION_PPI_H__ + +#define EFI_PEI_SECTION_EXTRACTION_PPI_GUID \ + { \ + 0x4F89E208, 0xE144, 0x4804, {0x9E, 0xC8, 0x0F, 0x89, 0x4F, 0x7E, 0x36, 0xD7 } \ + } + +typedef struct _EFI_PEI_SECTION_EXTRACTION_PPI EFI_PEI_SECTION_EXTRACTION_PPI; + +// +// Bit values for AuthenticationStatus +// +#define EFI_PEI_AUTH_STATUS_PLATFORM_OVERRIDE 0x01 +#define EFI_PEI_AUTH_STATUS_IMAGE_SIGNED 0x02 +#define EFI_PEI_AUTH_STATUS_NOT_TESTED 0x04 +#define EFI_PEI_AUTH_STATUS_TEST_FAILED 0x08 + +/** + The function is used to retrieve a section from within a section file. + It will retrieve both encapsulation sections and leaf sections in their entirety, + exclusive of the section header. + + @param PeiServices Pointer to the PEI Services Table. + @param This Indicates the calling context + @param SectionType Pointer to an EFI_SECTION_TYPE. If SectionType == NULL, + the contents of the entire section are returned in Buffer. If SectionType + is not NULL, only the requested section is returned. + @param SectionDefinitionGuid + Pointer to an EFI_GUID. + If SectionType == EFI_SECTION_GUID_DEFINED, SectionDefinitionGuid + indicates for which section GUID to search. + If SectionType != EFI_SECTION_GUID_DEFINED, SectionDefinitionGuid + is unused and is ignored. + @param SectionInstance If SectionType is not NULL, indicates which + instance of the requested section type to return. + @param Buffer Pointer to a pointer to a buffer in which the section + contents are returned. + @param BufferSize A pointer to a caller-allocated UINT32.On input, *BufferSize + indicates the size in bytes of the memory region pointed to by Buffer.On output, + *BufferSize contains the number of bytes required to read the section. + @param AuthenticationStatus + A pointer to a caller-allocated UINT32 in + which any metadata from encapsulating GUID-defined sections is returned. + + @retval EFI_SUCCESS The section was successfully processed and the section + contents were returned in Buffer. + @retval EFI_PROTOCOL_ERROR A GUID-defined section was encountered in + the file with its EFI_GUIDED_SECTION_PROCESSING_REQUIRED bit set, but + there was no corresponding GUIDed Section Extraction Protocol in the + handle database.*Buffer is unmodified. + @retval EFI_NOT_FOUND The requested section does not exist.*Buffer is unmodified. + @retval EFI_OUT_OF_RESOURCES The system has insufficient resources to process the request. + @retval EFI_INVALID_PARAMETER The SectionStreamHandle does not exist. + @retval EFI_WARN_TOO_SMALL The size of the input buffer is insufficient to + contain the requested section. The input buffer is filled and contents are + section contents are truncated. + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_PEI_GET_SECTION) ( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_SECTION_EXTRACTION_PPI *This, + IN EFI_SECTION_TYPE *SectionType, + IN EFI_GUID *SectionDefinitionGuid, OPTIONAL + IN UINTN SectionInstance, + IN VOID **Buffer, + IN OUT UINT32 *BufferSize, + OUT UINT32 *AuthenticationStatus + ); + +/** + @par Ppi Description: + This PPI supports encapsulating sections, such as GUIDed sections used to + authenticate the file encapsulation of other domain-specific wrapping. + + @param GetSection + Retrieves a section from within a section file. + +**/ +struct _EFI_PEI_SECTION_EXTRACTION_PPI { + EFI_PEI_GET_SECTION PeiGetSection; +}; + +extern EFI_GUID gEfiPeiSectionExtractionPpiGuid; + +#endif diff --git a/IntelFrameworkPkg/Include/Ppi/Security.h b/IntelFrameworkPkg/Include/Ppi/Security.h new file mode 100644 index 0000000000..0be9b4a32d --- /dev/null +++ b/IntelFrameworkPkg/Include/Ppi/Security.h @@ -0,0 +1,73 @@ +/** @file + This file declares Security Architectural PPI. + + Copyright (c) 2006, Intel Corporation + All rights reserved. This program and the accompanying materials + are licensed and made available under the terms and conditions of the BSD License + which accompanies this distribution. The full text of the license may be found at + http://opensource.org/licenses/bsd-license.php + + THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, + WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + + Module Name: Security.h + + @par Revision Reference: + This PPI is defined in PEI CIS. + Version 0.91. + +**/ + +#ifndef __SECURITY_PPI_H__ +#define __SECURITY_PPI_H__ + +#define EFI_PEI_SECURITY_PPI_GUID \ + { \ + 0x1388066e, 0x3a57, 0x4efa, {0x98, 0xf3, 0xc1, 0x2f, 0x3a, 0x95, 0x8a, 0x29 } \ + } + +typedef struct _EFI_PEI_SECURITY_PPI EFI_PEI_SECURITY_PPI; + +/** + Allows the platform builder to implement a security policy in response + to varying file authentication states. + + @param PeiServices Pointer to the PEI Services Table. + @param This Interface pointer that implements the particular EFI_PEI_SECURITY_PPI instance. + @param AuthenticationStatus + Status returned by the verification service as part of section extraction. + @param FfsFileHeader Pointer to the file under review. + @param DeferExecution Pointer to a variable that alerts the PEI Foundation to defer execution of a PEIM. + + @retval EFI_SUCCESS The service performed its action successfully. + @retval EFI_SECURITY_VIOLATION The object cannot be trusted + +**/ +typedef +EFI_STATUS +(EFIAPI *EFI_PEI_SECURITY_AUTHENTICATION_STATE) ( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_SECURITY_PPI *This, + IN UINT32 AuthenticationStatus, + IN EFI_FFS_FILE_HEADER *FfsFileHeader, + IN OUT BOOLEAN *StartCrisisRecovery + ); + +/** + @par Ppi Description: + This PPI is installed by some platform PEIM that abstracts the security + policy to the PEI Foundation, namely the case of a PEIM's authentication + state being returned during the PEI section extraction process. + + @param AuthenticationState + Allows the platform builder to implement a security policy in response + to varying file authentication states. + +**/ +struct _EFI_PEI_SECURITY_PPI { + EFI_PEI_SECURITY_AUTHENTICATION_STATE AuthenticationState; +}; + +extern EFI_GUID gEfiPeiSecurityPpiGuid; + +#endif -- cgit v1.2.3