4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync/** @file
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync EFI PEI Core Security services
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncCopyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncThis program and the accompanying materials
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncare licensed and made available under the terms and conditions of the BSD License
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncwhich accompanies this distribution. The full text of the license may be found at
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsynchttp://opensource.org/licenses/bsd-license.php
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncTHE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncWITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync**/
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync#include "PeiMain.h"
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncEFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync &gEfiPeiSecurity2PpiGuid,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync SecurityPpiNotifyCallback
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync};
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync/**
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Initialize the security services.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param OldCoreData Pointer to the old core data.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync NULL if being run in non-permament memory mode.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync**/
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncVOID
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncInitializeSecurityServices (
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_PEI_SERVICES **PeiServices,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN PEI_CORE_INSTANCE *OldCoreData
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync )
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync{
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync if (OldCoreData == NULL) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync PeiServicesNotifyPpi (&mNotifyList);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync }
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync return;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync}
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync/**
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Provide a callback for when the security PPI is installed.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync This routine will cache installed security PPI into PeiCore's private data.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param NotifyDescriptor The descriptor for the notification event.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param Ppi Pointer to the PPI in question.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @return Always success
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync**/
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncEFI_STATUS
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncEFIAPI
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncSecurityPpiNotifyCallback (
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_PEI_SERVICES **PeiServices,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN VOID *Ppi
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync )
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync{
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync PEI_CORE_INSTANCE *PrivateData;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Get PEI Core private data
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // If there isn't a security PPI installed, use the one from notification
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync if (PrivateData->PrivateSecurityPpi == NULL) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync }
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync return EFI_SUCCESS;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync}
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync/**
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Provide a callout to the security verification service.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param PrivateData PeiCore's private data structure
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param VolumeHandle Handle of FV
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param FileHandle Handle of PEIM's ffs
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_SUCCESS Image is OK
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_SECURITY_VIOLATION Image is illegal
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_NOT_FOUND If security PPI is not installed.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync**/
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncEFI_STATUS
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncVerifyPeim (
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN PEI_CORE_INSTANCE *PrivateData,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_PEI_FV_HANDLE VolumeHandle,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_PEI_FILE_HANDLE FileHandle
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync )
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync{
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync EFI_STATUS Status;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync UINT32 AuthenticationStatus;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync BOOLEAN DeferExection;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Set a default authentication state
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync AuthenticationStatus = 0;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync if (PrivateData->PrivateSecurityPpi == NULL) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = EFI_NOT_FOUND;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync } else {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Check to see if the image is OK
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = PrivateData->PrivateSecurityPpi->AuthenticationState (
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync (CONST EFI_PEI_SERVICES **) &PrivateData->Ps,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync PrivateData->PrivateSecurityPpi,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync AuthenticationStatus,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync VolumeHandle,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync FileHandle,
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync &DeferExection
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync );
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync if (DeferExection) {
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Status = EFI_SECURITY_VIOLATION;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync }
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync }
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync return Status;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync}
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync/**
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync Verify a Firmware volume.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @param CurrentFvAddress Pointer to the current Firmware Volume under consideration
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync @retval EFI_SUCCESS Firmware Volume is legal
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync**/
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncEFI_STATUS
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsyncVerifyFv (
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync )
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync{
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // Right now just pass the test. Future can authenticate and/or check the
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync // FV-header or other metric for goodness of binary.
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync //
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync return EFI_SUCCESS;
4fd606d1f5abe38e1f42c38de1d2e895166bd0f4vboxsync}