audk/MdeModulePkg/Core/Pei/Security/Security.c

146 lines
4.1 KiB
C
Raw Normal View History

/** @file
EFI PEI Core Security services
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include "PeiMain.h"
EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList = {
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_DISPATCH | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gEfiPeiSecurity2PpiGuid,
SecurityPpiNotifyCallback
};
/**
Initialize the security services.
@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param OldCoreData Pointer to the old core data.
NULL if being run in non-permanent memory mode.
**/
VOID
InitializeSecurityServices (
IN EFI_PEI_SERVICES **PeiServices,
IN PEI_CORE_INSTANCE *OldCoreData
)
{
if (OldCoreData == NULL) {
PeiServicesNotifyPpi (&mNotifyList);
}
return;
}
/**
Provide a callback for when the security PPI is installed.
This routine will cache installed security PPI into PeiCore's private data.
@param PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param NotifyDescriptor The descriptor for the notification event.
@param Ppi Pointer to the PPI in question.
@return Always success
**/
EFI_STATUS
EFIAPI
SecurityPpiNotifyCallback (
IN EFI_PEI_SERVICES **PeiServices,
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
)
{
PEI_CORE_INSTANCE *PrivateData;
//
// Get PEI Core private data
//
PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);
//
// If there isn't a security PPI installed, use the one from notification
//
if (PrivateData->PrivateSecurityPpi == NULL) {
PrivateData->PrivateSecurityPpi = (EFI_PEI_SECURITY2_PPI *)Ppi;
}
return EFI_SUCCESS;
}
/**
Provide a callout to the security verification service.
@param PrivateData PeiCore's private data structure
@param VolumeHandle Handle of FV
@param FileHandle Handle of PEIM's FFS
@param AuthenticationStatus Authentication status
@retval EFI_SUCCESS Image is OK
@retval EFI_SECURITY_VIOLATION Image is illegal
@retval EFI_NOT_FOUND If security PPI is not installed.
**/
EFI_STATUS
VerifyPeim (
IN PEI_CORE_INSTANCE *PrivateData,
IN EFI_PEI_FV_HANDLE VolumeHandle,
IN EFI_PEI_FILE_HANDLE FileHandle,
IN UINT32 AuthenticationStatus
)
{
EFI_STATUS Status;
BOOLEAN DeferExecution;
Status = EFI_NOT_FOUND;
if (PrivateData->PrivateSecurityPpi == NULL) {
//
// Check AuthenticationStatus first.
//
if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {
if ((AuthenticationStatus & (EFI_AUTH_STATUS_TEST_FAILED | EFI_AUTH_STATUS_NOT_TESTED)) != 0) {
Status = EFI_SECURITY_VIOLATION;
}
}
} else {
//
// Check to see if the image is OK
//
Status = PrivateData->PrivateSecurityPpi->AuthenticationState (
(CONST EFI_PEI_SERVICES **) &PrivateData->Ps,
PrivateData->PrivateSecurityPpi,
AuthenticationStatus,
VolumeHandle,
FileHandle,
&DeferExecution
);
if (DeferExecution) {
Status = EFI_SECURITY_VIOLATION;
}
}
return Status;
}
/**
Verify a Firmware volume.
@param CurrentFvAddress Pointer to the current Firmware Volume under consideration
@retval EFI_SUCCESS Firmware Volume is legal
**/
EFI_STATUS
VerifyFv (
IN EFI_FIRMWARE_VOLUME_HEADER *CurrentFvAddress
)
{
//
// Right now just pass the test. Future can authenticate and/or check the
// FV-header or other metric for goodness of binary.
//
return EFI_SUCCESS;
}