From 7f05fa00f73038b425002566d3afe6c3ade2ccdb Mon Sep 17 00:00:00 2001 From: Guo Mang Date: Thu, 22 Dec 2016 15:55:38 +0800 Subject: MdeModulePkg: Move to new location Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Guo Mang --- .../DxeSecurityManagementLib.c | 533 --------------------- .../DxeSecurityManagementLib.inf | 48 -- .../DxeSecurityManagementLib.uni | Bin 1892 -> 0 bytes 3 files changed, 581 deletions(-) delete mode 100644 MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c delete mode 100644 MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf delete mode 100644 MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.uni (limited to 'MdeModulePkg/Library/DxeSecurityManagementLib') diff --git a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c deleted file mode 100644 index b96d78664d..0000000000 --- a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.c +++ /dev/null @@ -1,533 +0,0 @@ -/** @file - Provides generic security measurement functions for DXE module. - -Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include -#include -#include -#include -#include -#include -#include -#include - -#define SECURITY_HANDLER_TABLE_SIZE 0x10 - -// -// Secruity Operation on Image and none Image. -// -#define EFI_AUTH_IMAGE_OPERATION_MASK (EFI_AUTH_OPERATION_VERIFY_IMAGE \ - | EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD \ - | EFI_AUTH_OPERATION_MEASURE_IMAGE) -#define EFI_AUTH_NONE_IMAGE_OPERATION_MASK (EFI_AUTH_OPERATION_CONNECT_POLICY \ - | EFI_AUTH_OPERATION_AUTHENTICATION_STATE) - -typedef struct { - UINT32 SecurityOperation; - SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler; -} SECURITY_INFO; - -typedef struct { - UINT32 Security2Operation; - SECURITY2_FILE_AUTHENTICATION_HANDLER Security2Handler; -} SECURITY2_INFO; - -UINT32 mCurrentAuthOperation = 0; -UINT32 mNumberOfSecurityHandler = 0; -UINT32 mMaxNumberOfSecurityHandler = 0; -SECURITY_INFO *mSecurityTable = NULL; - -UINT32 mCurrentAuthOperation2 = 0; -UINT32 mNumberOfSecurity2Handler = 0; -UINT32 mMaxNumberOfSecurity2Handler = 0; -SECURITY2_INFO *mSecurity2Table = NULL; - -/** - Reallocates more global memory to store the registered Handler list. - - @retval RETURN_SUCCESS Reallocate memory successfully. - @retval RETURN_OUT_OF_RESOURCES No enough memory to allocated. -**/ -RETURN_STATUS -EFIAPI -ReallocateSecurityHandlerTable ( - ) -{ - // - // Reallocate memory for security info structure. - // - mSecurityTable = ReallocatePool ( - mMaxNumberOfSecurityHandler * sizeof (SECURITY_INFO), - (mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE) * sizeof (SECURITY_INFO), - mSecurityTable - ); - - // - // No enough resource is allocated. - // - if (mSecurityTable == NULL) { - return RETURN_OUT_OF_RESOURCES; - } - - // - // Increase max handler number - // - mMaxNumberOfSecurityHandler = mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE; - return RETURN_SUCCESS; -} - -/** - Check whether an operation is valid according to the requirement of current operation, - which must make sure that the measure image operation is the last one. - - @param CurrentAuthOperation Current operation. - @param CheckAuthOperation Operation to be checked. - - @retval TRUE Operation is valid for current operation. - @retval FALSE Operation is invalid for current operation. -**/ -BOOLEAN -CheckAuthenticationOperation ( - IN UINT32 CurrentAuthOperation, - IN UINT32 CheckAuthOperation - ) -{ - // - // Make sure new auth operation can be recognized. - // - ASSERT ((CheckAuthOperation & ~(EFI_AUTH_IMAGE_OPERATION_MASK | EFI_AUTH_OPERATION_AUTHENTICATION_STATE | EFI_AUTH_OPERATION_IMAGE_REQUIRED)) == 0); - - // - // When current operation includes measure image operation, - // only another measure image operation or none operation will be allowed. - // - if ((CurrentAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) { - if (((CheckAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) || - ((CheckAuthOperation & EFI_AUTH_IMAGE_OPERATION_MASK) == EFI_AUTH_OPERATION_NONE)) { - return TRUE; - } else { - return FALSE; - } - } - - // - // When current operation doesn't include measure image operation, - // any new operation will be allowed. - // - return TRUE; -} - -/** - Register security measurement handler with its operation type. The different - handler with the same operation can all be registered. - - If SecurityHandler is NULL, then ASSERT(). - If no enough resources available to register new handler, then ASSERT(). - If AuthenticationOperation is not recongnized, then ASSERT(). - If the previous register handler can't be executed before the later register handler, then ASSERT(). - - @param[in] SecurityHandler Security measurement service handler to be registered. - @param[in] AuthenticationOperation Operation type is specified for the registered handler. - - @retval EFI_SUCCESS The handlers were registered successfully. -**/ -EFI_STATUS -EFIAPI -RegisterSecurityHandler ( - IN SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler, - IN UINT32 AuthenticationOperation - ) -{ - EFI_STATUS Status; - - ASSERT (SecurityHandler != NULL); - - // - // Make sure AuthenticationOperation is valid in the register order. - // - ASSERT (CheckAuthenticationOperation (mCurrentAuthOperation, AuthenticationOperation)); - mCurrentAuthOperation = mCurrentAuthOperation | AuthenticationOperation; - - // - // Check whether the handler lists is enough to store new handler. - // - if (mNumberOfSecurityHandler == mMaxNumberOfSecurityHandler) { - // - // Allocate more resources for new handler. - // - Status = ReallocateSecurityHandlerTable(); - ASSERT_EFI_ERROR (Status); - } - - // - // Register new handler into the handler list. - // - mSecurityTable[mNumberOfSecurityHandler].SecurityOperation = AuthenticationOperation; - mSecurityTable[mNumberOfSecurityHandler].SecurityHandler = SecurityHandler; - mNumberOfSecurityHandler ++; - - return EFI_SUCCESS; -} - -/** - Execute registered handlers until one returns an error and that error is returned. - If none of the handlers return an error, then EFI_SUCCESS is returned. - - Before exectue handler, get the image buffer by file device path if a handler - requires the image file. And return the image buffer to each handler when exectue handler. - - The handlers are executed in same order to their registered order. - - @param[in] AuthenticationStatus - This is the authentication type returned from the Section - Extraction protocol. See the Section Extraction Protocol - Specification for details on this type. - @param[in] FilePath This is a pointer to the device path of the file that is - being dispatched. This will optionally be used for logging. - - @retval EFI_SUCCESS The file specified by File did authenticate when more - than one security handler services were registered, - or the file did not authenticate when no security - handler service was registered. And the platform policy - dictates that the DXE Core may use File. - @retval EFI_INVALID_PARAMETER File is NULL. - @retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and - the platform policy dictates that File should be placed - in the untrusted state. A file may be promoted from - the untrusted to the trusted state at a future time - with a call to the Trust() DXE Service. - @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and - the platform policy dictates that File should not be - used for any purpose. -**/ -EFI_STATUS -EFIAPI -ExecuteSecurityHandlers ( - IN UINT32 AuthenticationStatus, - IN CONST EFI_DEVICE_PATH_PROTOCOL *FilePath - ) -{ - UINT32 Index; - EFI_STATUS Status; - UINT32 HandlerAuthenticationStatus; - VOID *FileBuffer; - UINTN FileSize; - EFI_HANDLE Handle; - EFI_DEVICE_PATH_PROTOCOL *Node; - EFI_DEVICE_PATH_PROTOCOL *FilePathToVerfiy; - - if (FilePath == NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // Directly return successfully when no handler is registered. - // - if (mNumberOfSecurityHandler == 0) { - return EFI_SUCCESS; - } - - Status = EFI_SUCCESS; - FileBuffer = NULL; - FileSize = 0; - HandlerAuthenticationStatus = AuthenticationStatus; - FilePathToVerfiy = (EFI_DEVICE_PATH_PROTOCOL *) FilePath; - // - // Run security handler in same order to their registered list - // - for (Index = 0; Index < mNumberOfSecurityHandler; Index ++) { - if ((mSecurityTable[Index].SecurityOperation & EFI_AUTH_OPERATION_IMAGE_REQUIRED) == EFI_AUTH_OPERATION_IMAGE_REQUIRED) { - // - // Try get file buffer when the handler requires image buffer. - // - if (FileBuffer == NULL) { - Node = FilePathToVerfiy; - Status = gBS->LocateDevicePath (&gEfiLoadFileProtocolGuid, &Node, &Handle); - // - // Try to get image by FALSE boot policy for the exact boot file path. - // - FileBuffer = GetFileBufferByFilePath (FALSE, FilePath, &FileSize, &AuthenticationStatus); - if (FileBuffer == NULL) { - // - // Try to get image by TRUE boot policy for the inexact boot file path. - // - FileBuffer = GetFileBufferByFilePath (TRUE, FilePath, &FileSize, &AuthenticationStatus); - } - if ((FileBuffer != NULL) && (!EFI_ERROR (Status))) { - // - // LoadFile () may cause the device path of the Handle be updated. - // - FilePathToVerfiy = AppendDevicePath (DevicePathFromHandle (Handle), Node); - } - } - } - Status = mSecurityTable[Index].SecurityHandler ( - HandlerAuthenticationStatus, - FilePathToVerfiy, - FileBuffer, - FileSize - ); - if (EFI_ERROR (Status)) { - break; - } - } - - if (FileBuffer != NULL) { - FreePool (FileBuffer); - } - if (FilePathToVerfiy != FilePath) { - FreePool (FilePathToVerfiy); - } - - return Status; -} - -/** - Reallocates more global memory to store the registered Securit2Handler list. - - @retval RETURN_SUCCESS Reallocate memory successfully. - @retval RETURN_OUT_OF_RESOURCES No enough memory to allocated. -**/ -RETURN_STATUS -EFIAPI -ReallocateSecurity2HandlerTable ( - ) -{ - // - // Reallocate memory for security info structure. - // - mSecurity2Table = ReallocatePool ( - mMaxNumberOfSecurity2Handler * sizeof (SECURITY2_INFO), - (mMaxNumberOfSecurity2Handler + SECURITY_HANDLER_TABLE_SIZE) * sizeof (SECURITY2_INFO), - mSecurity2Table - ); - - // - // No enough resource is allocated. - // - if (mSecurity2Table == NULL) { - return RETURN_OUT_OF_RESOURCES; - } - - // - // Increase max handler number - // - mMaxNumberOfSecurity2Handler = mMaxNumberOfSecurity2Handler + SECURITY_HANDLER_TABLE_SIZE; - return RETURN_SUCCESS; -} - -/** - Check whether an operation is valid according to the requirement of current operation, - which must make sure that the measure image operation is the last one. - - If AuthenticationOperation is not recongnized, return FALSE. - If AuthenticationOperation is EFI_AUTH_OPERATION_NONE, return FALSE. - If AuthenticationOperation includes security operation and authentication operation, return FALSE. - If the previous register handler can't be executed before the later register handler, return FALSE. - - @param CurrentAuthOperation Current operation. - @param CheckAuthOperation Operation to be checked. - - @retval TRUE Operation is valid for current operation. - @retval FALSE Operation is invalid for current operation. -**/ -BOOLEAN -CheckAuthentication2Operation ( - IN UINT32 CurrentAuthOperation, - IN UINT32 CheckAuthOperation - ) -{ - // - // Make sure new auth operation can be recognized. - // - if (CheckAuthOperation == EFI_AUTH_OPERATION_NONE) { - return FALSE; - } - if ((CheckAuthOperation & ~(EFI_AUTH_IMAGE_OPERATION_MASK | - EFI_AUTH_NONE_IMAGE_OPERATION_MASK | - EFI_AUTH_OPERATION_IMAGE_REQUIRED)) != 0) { - return FALSE; - } - - // - // When current operation includes measure image operation, - // only another measure image or none image operation will be allowed. - // - if ((CurrentAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) { - if (((CheckAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) || - ((CheckAuthOperation & EFI_AUTH_IMAGE_OPERATION_MASK) == 0)) { - return TRUE; - } else { - return FALSE; - } - } - - // - // Any other operation will be allowed. - // - return TRUE; -} - -/** - Register security measurement handler with its operation type. Different - handlers with the same operation can all be registered. - - If Security2Handler is NULL, then ASSERT(). - If no enough resources available to register new handler, then ASSERT(). - If AuthenticationOperation is not recongnized, then ASSERT(). - If AuthenticationOperation is EFI_AUTH_OPERATION_NONE, then ASSERT(). - If the previous register handler can't be executed before the later register handler, then ASSERT(). - - @param[in] Security2Handler The security measurement service handler to be registered. - @param[in] AuthenticationOperation The operation type is specified for the registered handler. - - @retval EFI_SUCCESS The handlers were registered successfully. -**/ -EFI_STATUS -EFIAPI -RegisterSecurity2Handler ( - IN SECURITY2_FILE_AUTHENTICATION_HANDLER Security2Handler, - IN UINT32 AuthenticationOperation - ) -{ - EFI_STATUS Status; - - ASSERT (Security2Handler != NULL); - - // - // Make sure AuthenticationOperation is valid in the register order. - // - ASSERT (CheckAuthentication2Operation (mCurrentAuthOperation2, AuthenticationOperation)); - mCurrentAuthOperation2 = mCurrentAuthOperation2 | AuthenticationOperation; - - // - // Check whether the handler lists is enough to store new handler. - // - if (mNumberOfSecurity2Handler == mMaxNumberOfSecurity2Handler) { - // - // Allocate more resources for new handler. - // - Status = ReallocateSecurity2HandlerTable(); - ASSERT_EFI_ERROR (Status); - } - - // - // Register new handler into the handler list. - // - mSecurity2Table[mNumberOfSecurity2Handler].Security2Operation = AuthenticationOperation; - mSecurity2Table[mNumberOfSecurity2Handler].Security2Handler = Security2Handler; - mNumberOfSecurity2Handler ++; - - return EFI_SUCCESS; -} - -/** - Execute registered handlers based on input AuthenticationOperation until - one returns an error and that error is returned. - - If none of the handlers return an error, then EFI_SUCCESS is returned. - The handlers those satisfy AuthenticationOperation will only be executed. - The handlers are executed in same order to their registered order. - - @param[in] AuthenticationOperation - The operation type specifies which handlers will be executed. - @param[in] AuthenticationStatus - The authentication status for the input file. - @param[in] File This is a pointer to the device path of the file that is - being dispatched. This will optionally be used for logging. - @param[in] FileBuffer A pointer to the buffer with the UEFI file image - @param[in] FileSize The size of File buffer. - @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service. - - @retval EFI_SUCCESS The file specified by DevicePath and non-NULL - FileBuffer did authenticate, and the platform policy dictates - that the DXE Foundation may use the file. - @retval EFI_SUCCESS The device path specified by NULL device path DevicePath - and non-NULL FileBuffer did authenticate, and the platform - policy dictates that the DXE Foundation may execute the image in - FileBuffer. - @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start - UEFI device drivers on the device path specified by DevicePath. - @retval EFI_SECURITY_VIOLATION The file specified by File or FileBuffer did not - authenticate, and the platform policy dictates that - the file should be placed in the untrusted state. - @retval EFI_SECURITY_VIOLATION FileBuffer FileBuffer is NULL and the user has no - permission to start UEFI device drivers on the device path specified - by DevicePath. - @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load - drivers from the device path specified by DevicePath. The - image has been added into the list of the deferred images. - @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and - the platform policy dictates that the DXE - Foundation may not use File. - @retval EFI_INVALID_PARAMETER File and FileBuffer are both NULL. -**/ -EFI_STATUS -EFIAPI -ExecuteSecurity2Handlers ( - IN UINT32 AuthenticationOperation, - IN UINT32 AuthenticationStatus, - IN CONST EFI_DEVICE_PATH_PROTOCOL *File, - IN VOID *FileBuffer, - IN UINTN FileSize, - IN BOOLEAN BootPolicy - ) -{ - UINT32 Index; - EFI_STATUS Status; - - // - // Invalid case if File and FileBuffer are both NULL. - // - if (File == NULL && FileBuffer == NULL) { - return EFI_INVALID_PARAMETER; - } - - // - // Directly return successfully when no handler is registered. - // - if (mNumberOfSecurity2Handler == 0) { - return EFI_SUCCESS; - } - - // - // Run security handler in same order to their registered list - // - for (Index = 0; Index < mNumberOfSecurity2Handler; Index ++) { - // - // If FileBuffer is not NULL, the input is Image, which will be handled by EFI_AUTH_IMAGE_OPERATION_MASK operation. - // If FileBuffer is NULL, the input is not Image, which will be handled by EFI_AUTH_NONE_IMAGE_OPERATION_MASK operation. - // Other cases are ignored. - // - if ((FileBuffer != NULL && (mSecurity2Table[Index].Security2Operation & EFI_AUTH_IMAGE_OPERATION_MASK) != 0) || - (FileBuffer == NULL && (mSecurity2Table[Index].Security2Operation & EFI_AUTH_NONE_IMAGE_OPERATION_MASK) != 0)) { - // - // Execute registered handlers based on input AuthenticationOperation - // - if ((mSecurity2Table[Index].Security2Operation & AuthenticationOperation) != 0) { - Status = mSecurity2Table[Index].Security2Handler ( - AuthenticationStatus, - File, - FileBuffer, - FileSize, - BootPolicy - ); - if (EFI_ERROR (Status)) { - return Status; - } - } - } - } - - return EFI_SUCCESS; -} diff --git a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf deleted file mode 100644 index 0f8a13b99d..0000000000 --- a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.inf +++ /dev/null @@ -1,48 +0,0 @@ -## @file -# Instance of SecurityManagementLib Library for DXE phase. -# -# This library provides generic security measurement functions for DXE module. -# -# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
-# -# This program and the accompanying materials -# are licensed and made available under the terms and conditions of the BSD License -# which accompanies this distribution. The full text of the license may be found at -# http://opensource.org/licenses/bsd-license.php -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -# -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = DxeSecurityManagementLib - MODULE_UNI_FILE = DxeSecurityManagementLib.uni - FILE_GUID = 7F61122C-19DF-47c3-BA0D-6C1149E30FA1 - MODULE_TYPE = DXE_DRIVER - VERSION_STRING = 1.0 - LIBRARY_CLASS = SecurityManagementLib|DXE_CORE DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER - -# -# The following information is for reference only and not required by the build tools. -# -# VALID_ARCHITECTURES = IA32 X64 IPF EBC -# - -[Sources] - DxeSecurityManagementLib.c - -[Packages] - MdePkg/MdePkg.dec - MdeModulePkg/MdeModulePkg.dec - -[LibraryClasses] - MemoryAllocationLib - DebugLib - DxeServicesLib - DevicePathLib - UefiBootServicesTableLib - -[Protocols] - gEfiLoadFileProtocolGuid ## SOMETIMES_CONSUMES diff --git a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.uni b/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.uni deleted file mode 100644 index 6ead295caf..0000000000 Binary files a/MdeModulePkg/Library/DxeSecurityManagementLib/DxeSecurityManagementLib.uni and /dev/null differ -- cgit v1.2.3