SecurityPkg SecureBootConfigDxe: Add check for the external PE/COFF image.

Use BasePeCoffLib PeCoffLoaderGetImageInfo() to check the PE/COFF image.

In V2, add specific ImageRead() to make sure the PE/COFF image content
read is within the image buffer.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
This commit is contained in:
Liming Gao 2016-07-13 20:28:15 +08:00
parent 04147690b5
commit 5e9dfc6782
4 changed files with 74 additions and 0 deletions

View File

@ -34,6 +34,8 @@
PrintLib|MdePkg/Library/BasePrintLib/BasePrintLib.inf
UefiApplicationEntryPoint|MdePkg/Library/UefiApplicationEntryPoint/UefiApplicationEntryPoint.inf
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntryPoint.inf

View File

@ -58,6 +58,7 @@
PlatformSecureLib
DevicePathLib
FileExplorerLib
PeCoffLib
[Guids]
## SOMETIMES_CONSUMES ## Variable:L"CustomMode"

View File

@ -1609,6 +1609,54 @@ ON_EXIT:
return IsFound;
}
/**
Reads contents of a PE/COFF image in memory buffer.
Caution: This function may receive untrusted input.
PE/COFF image is external input, so this function will make sure the PE/COFF image content
read is within the image buffer.
@param FileHandle Pointer to the file handle to read the PE/COFF image.
@param FileOffset Offset into the PE/COFF image to begin the read operation.
@param ReadSize On input, the size in bytes of the requested read operation.
On output, the number of bytes actually read.
@param Buffer Output buffer that contains the data read from the PE/COFF image.
@retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
**/
EFI_STATUS
EFIAPI
SecureBootConfigImageRead (
IN VOID *FileHandle,
IN UINTN FileOffset,
IN OUT UINTN *ReadSize,
OUT VOID *Buffer
)
{
UINTN EndPosition;
if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
return EFI_INVALID_PARAMETER;
}
if (MAX_ADDRESS - FileOffset < *ReadSize) {
return EFI_INVALID_PARAMETER;
}
EndPosition = FileOffset + *ReadSize;
if (EndPosition > mImageSize) {
*ReadSize = (UINT32)(mImageSize - FileOffset);
}
if (FileOffset >= mImageSize) {
*ReadSize = 0;
}
CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
return EFI_SUCCESS;
}
/**
Load PE/COFF image information into internal buffer and check its validity.
@ -1625,9 +1673,28 @@ LoadPeImage (
EFI_IMAGE_DOS_HEADER *DosHdr;
EFI_IMAGE_NT_HEADERS32 *NtHeader32;
EFI_IMAGE_NT_HEADERS64 *NtHeader64;
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
EFI_STATUS Status;
NtHeader32 = NULL;
NtHeader64 = NULL;
ZeroMem (&ImageContext, sizeof (ImageContext));
ImageContext.Handle = (VOID *) mImageBase;
ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) SecureBootConfigImageRead;
//
// Get information about the image being loaded
//
Status = PeCoffLoaderGetImageInfo (&ImageContext);
if (EFI_ERROR (Status)) {
//
// The information can't be got from the invalid PeImage
//
DEBUG ((DEBUG_INFO, "SecureBootConfigDxe: PeImage invalid. \n"));
return Status;
}
//
// Read the Dos header
//
@ -1689,6 +1756,9 @@ LoadPeImage (
Calculate hash of Pe/Coff image based on the authenticode image hashing in
PE/COFF Specification 8.0 Appendix A
Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
the function LoadPeImage ().
@param[in] HashAlg Hash algorithm type.
@retval TRUE Successfully hash image.

View File

@ -40,6 +40,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/PlatformSecureLib.h>
#include <Library/BaseCryptLib.h>
#include <Library/FileExplorerLib.h>
#include <Library/PeCoffLib.h>
#include <Guid/MdeModuleHii.h>
#include <Guid/AuthenticatedVariableFormat.h>