tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg: Fixed compilation for OvmfPkgX64 -D TPM2_ENABLE.

This commit is contained in:
Mikhail Krichanov 2024-10-23 12:27:58 +03:00 committed by MikhailKrichanov
parent 261ae47e07
commit 431595fc95
9 changed files with 119 additions and 96 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c
View File

@ -595,15 +595,15 @@ IsCertHashFoundInDbx (
goto Done;
}
if (!mHash[HashAlg].HashInit (HashCtx)) {
if (EFI_ERROR(mHash[HashAlg].HashInit (HashCtx))) {
goto Done;
}
if (!mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize)) {
if (EFI_ERROR(mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize))) {
goto Done;
}
if (!mHash[HashAlg].HashFinal (HashCtx, CertDigest)) {
if (EFI_ERROR(mHash[HashAlg].HashFinal (HashCtx, CertDigest))) {
goto Done;
}

34
SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c
View File

@ -45,10 +45,10 @@ Tpm2SetSha1ToDigestList (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha1HashInit (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID *Sha1Ctx;
@ -56,13 +56,15 @@ Sha1HashInit (
CtxSize = Sha1GetContextSize ();
Sha1Ctx = AllocatePool (CtxSize);
ASSERT (Sha1Ctx != NULL);
if (Sha1Ctx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
Sha1Init (Sha1Ctx);
*HashHandle = Sha1Ctx;
*HashHandle = (HASH_HANDLE)Sha1Ctx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -74,17 +76,17 @@ Sha1HashInit (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha1HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
Sha1Update (HashHandle, DataToHash, DataToHashLen);
Sha1Update ((VOID *)HashHandle, DataToHash, DataToHashLen);
return TRUE;
return EFI_SUCCESS;
}
/**
@ -95,28 +97,28 @@ Sha1HashUpdate (
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha1HashFinal (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
)
{
UINT8 Digest[SHA1_DIGEST_SIZE];
Sha1Final (HashHandle, Digest);
Sha1Final ((VOID *)HashHandle, Digest);
FreePool (HashHandle);
FreePool ((VOID *)HashHandle);
Tpm2SetSha1ToDigestList (DigestList, Digest);
return TRUE;
return EFI_SUCCESS;
}
HASH_INTERFACE mSha1InternalHashInstance = {
HASH_ALGORITHM_SHA1_GUID,
Sha1HashInit,
Sha1Update,
Sha1HashUpdate,
Sha1HashFinal,
};

32
SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c
View File

@ -45,10 +45,10 @@ Tpm2SetSha256ToDigestList (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha256HashInit (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID *Sha256Ctx;
@ -56,13 +56,15 @@ Sha256HashInit (
CtxSize = Sha256GetContextSize ();
Sha256Ctx = AllocatePool (CtxSize);
ASSERT (Sha256Ctx != NULL);
if (Sha256Ctx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
Sha256Init (Sha256Ctx);
*HashHandle = Sha256Ctx;
*HashHandle = (HASH_HANDLE)Sha256Ctx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -74,17 +76,17 @@ Sha256HashInit (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha256HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
Sha256Update (HashHandle, DataToHash, DataToHashLen);
Sha256Update ((VOID *)HashHandle, DataToHash, DataToHashLen);
return TRUE;
return EFI_SUCCESS;
}
/**
@ -95,22 +97,22 @@ Sha256HashUpdate (
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha256HashFinal (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
)
{
UINT8 Digest[SHA256_DIGEST_SIZE];
Sha256Final (HashHandle, Digest);
Sha256Final ((VOID *)HashHandle, Digest);
FreePool (HashHandle);
FreePool ((VOID *)HashHandle);
Tpm2SetSha256ToDigestList (DigestList, Digest);
return TRUE;
return EFI_SUCCESS;
}
HASH_INTERFACE mSha256InternalHashInstance = {

10
SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
View File

@ -56,7 +56,9 @@ Sha384HashInit (
CtxSize = Sha384GetContextSize ();
Sha384Ctx = AllocatePool (CtxSize);
ASSERT (Sha384Ctx != NULL);
if (Sha384Ctx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
Sha384Init (Sha384Ctx);
@ -106,12 +108,10 @@ Sha384HashFinal (
)
{
UINT8 Digest[SHA384_DIGEST_SIZE];
VOID *Sha384Ctx;
Sha384Ctx = (VOID *)HashHandle;
Sha384Final (Sha384Ctx, Digest);
Sha384Final ((VOID *)HashHandle, Digest);
FreePool (Sha384Ctx);
FreePool ((VOID *)HashHandle);
Tpm2SetSha384ToDigestList (DigestList, Digest);

36
SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c
View File

@ -44,10 +44,10 @@ Tpm2SetSha512ToDigestList (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha512HashInit (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID *Sha512Ctx;
@ -55,13 +55,15 @@ Sha512HashInit (
CtxSize = Sha512GetContextSize ();
Sha512Ctx = AllocatePool (CtxSize);
ASSERT (Sha512Ctx != NULL);
if (Sha512Ctx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
Sha512Init (Sha512Ctx);
*HashHandle = Sha512Ctx;
*HashHandle = (HASH_HANDLE)Sha512Ctx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -73,17 +75,17 @@ Sha512HashInit (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha512HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN UINTN DataToHashLen
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
Sha512Update (HashHandle, DataToHash, DataToHashLen);
Sha512Update ((VOID *)HashHandle, DataToHash, DataToHashLen);
return TRUE;
return EFI_SUCCESS;
}
/**
@ -94,24 +96,22 @@ Sha512HashUpdate (
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha512HashFinal (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
)
{
UINT8 Digest[SHA512_DIGEST_SIZE];
VOID *Sha512Ctx;
Sha512Ctx = (VOID *)HashHandle;
Sha512Final (Sha512Ctx, Digest);
Sha512Final ((VOID *)HashHandle, Digest);
FreePool (Sha512Ctx);
FreePool ((VOID *)HashHandle);
Tpm2SetSha512ToDigestList (DigestList, Digest);
return TRUE;
return EFI_SUCCESS;
}
HASH_INTERFACE mSha512InternalHashInstance = {

32
SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c
View File

@ -44,10 +44,10 @@ Tpm2SetSm3ToDigestList (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sm3HashInit (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID *Sm3Ctx;
@ -56,14 +56,14 @@ Sm3HashInit (
CtxSize = Sm3GetContextSize ();
Sm3Ctx = AllocatePool (CtxSize);
if (Sm3Ctx == NULL) {
return FALSE;
return EFI_OUT_OF_RESOURCES;
}
Sm3Init (Sm3Ctx);
*HashHandle = Sm3Ctx;
*HashHandle = (HASH_HANDLE)Sm3Ctx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -75,17 +75,17 @@ Sm3HashInit (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sm3HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN UINTN DataToHashLen
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
Sm3Update (HashHandle, DataToHash, DataToHashLen);
Sm3Update ((VOID *)HashHandle, DataToHash, DataToHashLen);
return TRUE;
return EFI_SUCCESS;
}
/**
@ -96,22 +96,22 @@ Sm3HashUpdate (
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sm3HashFinal (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
)
{
UINT8 Digest[SM3_256_DIGEST_SIZE];
Sm3Final (HashHandle, Digest);
Sm3Final ((VOID *)HashHandle, Digest);
FreePool (HashHandle);
FreePool ((VOID *)HashHandle);
Tpm2SetSm3ToDigestList (DigestList, Digest);
return TRUE;
return EFI_SUCCESS;
}
HASH_INTERFACE mSm3InternalHashInstance = {

34
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c
View File

@ -59,13 +59,13 @@ CheckSupportedHashMaskMismatch (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
HashStart (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID **HashCtx;
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
@ -76,7 +76,9 @@ HashStart (
CheckSupportedHashMaskMismatch ();
HashCtx = AllocatePool (sizeof (*HashCtx) * mHashInterfaceCount);
ASSERT (HashCtx != NULL);
if (HashCtx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
for (Index = 0; Index < mHashInterfaceCount; Index++) {
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
@ -85,9 +87,9 @@ HashStart (
}
}
*HashHandle = HashCtx;
*HashHandle = (HASH_HANDLE)HashCtx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -99,15 +101,15 @@ HashStart (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
VOID **HashCtx;
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
@ -117,7 +119,7 @@ HashUpdate (
CheckSupportedHashMaskMismatch ();
HashCtx = (VOID **)HashHandle;
HashCtx = (HASH_HANDLE *)HashHandle;
for (Index = 0; Index < mHashInterfaceCount; Index++) {
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
@ -126,7 +128,7 @@ HashUpdate (
}
}
return TRUE;
return EFI_SUCCESS;
}
/**
@ -186,7 +188,7 @@ Tpm2ExtendNvIndex (
EFI_STATUS
EFIAPI
HashCompleteAndExtend (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
IN TPMI_DH_PCR PcrIndex,
IN VOID *DataToHash,
IN UINTN DataToHashLen,
@ -194,7 +196,7 @@ HashCompleteAndExtend (
)
{
TPML_DIGEST_VALUES Digest;
VOID **HashCtx;
HASH_HANDLE *HashCtx;
UINTN Index;
EFI_STATUS Status;
UINT32 HashMask;
@ -210,7 +212,7 @@ HashCompleteAndExtend (
CheckSupportedHashMaskMismatch ();
HashCtx = (VOID **)HashHandle;
HashCtx = (HASH_HANDLE *)HashHandle;
ZeroMem (DigestList, sizeof (*DigestList));
for (Index = 0; Index < mHashInterfaceCount; Index++) {
@ -269,7 +271,7 @@ HashAndExtend (
OUT TPML_DIGEST_VALUES *DigestList
)
{
VOID *HashHandle;
HASH_HANDLE HashHandle;
EFI_STATUS Status;
if (mHashInterfaceCount == 0) {

28
SecurityPkg/Tcg/Tcg2Dxe/MeasureBootUefiImage.c
View File

@ -23,6 +23,21 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/Tpm2CommandLib.h>
#include <Library/HashLib.h>
STATIC
EFI_STATUS
EFIAPI
UifiImageHashUpdate (
IN UEFI_IMAGE_LOADER_IMAGE_CONTEXT *ImageContext,
IN HASH_HANDLE HashHandle
)
{
return UefiImageHashImageDefault (
ImageContext,
(VOID *)HashHandle,
(UEFI_IMAGE_LOADER_HASH_UPDATE)HashUpdate
) ? EFI_SUCCESS : EFI_ABORTED;
}
/**
Measure UEFI image into TPM log based on its default image hashing.
@ -49,11 +64,11 @@ MeasureUefiImageAndExtend (
OUT TPML_DIGEST_VALUES *DigestList
)
{
EFI_STATUS Status;
VOID *HashHandle;
UEFI_IMAGE_LOADER_IMAGE_CONTEXT ImageContext;
EFI_STATUS Status;
HASH_HANDLE HashHandle;
UEFI_IMAGE_LOADER_IMAGE_CONTEXT ImageContext;
Status = EFI_UNSUPPORTED;
Status = EFI_UNSUPPORTED;
// FIXME: Can this somehow be abstracted away?
//
@ -63,7 +78,8 @@ MeasureUefiImageAndExtend (
&ImageContext,
(VOID *) (UINTN) ImageAddress,
(UINT32) ImageSize,
UEFI_IMAGE_SOURCE_ALL
UEFI_IMAGE_SOURCE_ALL,
UefiImageOriginFv
);
if (EFI_ERROR (Status)) {
//
@ -85,7 +101,7 @@ MeasureUefiImageAndExtend (
}
// FIXME: This is just an ugly wrapper, the types should match (UINTN <-> VOID *), fix the libs
UefiImageHashImageDefault (&ImageContext, HashHandle, HashUpdate);
Status = UifiImageHashUpdate (&ImageContext, HashHandle);
if (EFI_ERROR (Status)) {
return Status;
}

3
SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigImpl.c
View File

@ -1983,7 +1983,8 @@ EnrollImageSignatureToSigDB (
&ImageContext,
ImageBase,
(UINT32)ImageSize,
UEFI_IMAGE_SOURCE_NON_FV
UEFI_IMAGE_SOURCE_NON_FV,
UefiImageOriginOptionROM
);
if (EFI_ERROR (Status)) {
goto ON_EXIT;