- Generated on Fri Nov 15 2024 18:01:32 for TianoCore EDK2 by
1.9.6
|
TianoCore EDK2 master
|
Go to the source code of this file.
Data Structures | |
| struct | EDKII_DEVICE_IDENTIFIER |
| struct | _EDKII_DEVICE_SECURITY_PROTOCOL |
Macros | |
| #define | EDKII_DEVICE_SECURITY_PROTOCOL_GUID |
| #define | EDKII_DEVICE_SECURITY_PROTOCOL_REVISION 0x00010000 |
| #define | EDKII_DEVICE_IDENTIFIER_REVISION 0x00010000 |
| #define | EDKII_DEVICE_IDENTIFIER_TYPE_PCI_GUID |
| #define | EDKII_DEVICE_IDENTIFIER_TYPE_USB_GUID |
Typedefs | |
| typedef struct _EDKII_DEVICE_SECURITY_PROTOCOL | EDKII_DEVICE_SECURITY_PROTOCOL |
| typedef EFI_STATUS(EFIAPI * | EDKII_DEVICE_AUTHENTICATE) (IN EDKII_DEVICE_SECURITY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId) |
Variables | |
| EFI_GUID | gEdkiiDeviceSecurityProtocolGuid |
| EFI_GUID | gEdkiiDeviceIdentifierTypePciGuid |
| EFI_GUID | gEdkiiDeviceIdentifierTypeUsbGuid |
Device Security Protocol definition.
It is used to authenticate a device based upon the platform policy. It is similar to the EFI_SECURITY_ARCH_PROTOCOL, which is used to verify a image.
Copyright (c) 2019, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file DeviceSecurity.h.
| #define EDKII_DEVICE_IDENTIFIER_REVISION 0x00010000 |
Definition at line 81 of file DeviceSecurity.h.
| #define EDKII_DEVICE_IDENTIFIER_TYPE_PCI_GUID |
Definition at line 86 of file DeviceSecurity.h.
| #define EDKII_DEVICE_IDENTIFIER_TYPE_USB_GUID |
Definition at line 91 of file DeviceSecurity.h.
| #define EDKII_DEVICE_SECURITY_PROTOCOL_GUID |
Definition at line 18 of file DeviceSecurity.h.
| #define EDKII_DEVICE_SECURITY_PROTOCOL_REVISION 0x00010000 |
Definition at line 33 of file DeviceSecurity.h.
| typedef EFI_STATUS(EFIAPI * EDKII_DEVICE_AUTHENTICATE) (IN EDKII_DEVICE_SECURITY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId) |
The device driver uses this service to measure and/or verify a device.
The flow in device driver is: 1) Device driver discovers a new device. 2) Device driver creates an EFI_DEVICE_PATH_PROTOCOL. 3) Device driver creates a device access protocol. e.g. EFI_PCI_IO_PROTOCOL for PCI device. EFI_USB_IO_PROTOCOL for USB device. EFI_EXT_SCSI_PASS_THRU_PROTOCOL for SCSI device. EFI_ATA_PASS_THRU_PROTOCOL for ATA device. EFI_NVM_EXPRESS_PASS_THRU_PROTOCOL for NVMe device. EFI_SD_MMC_PASS_THRU_PROTOCOL for SD/MMC device. 4) Device driver installs the EFI_DEVICE_PATH_PROTOCOL with EFI_DEVICE_PATH_PROTOCOL_GUID, and the device access protocol with EDKII_DEVICE_IDENTIFIER_TYPE_xxx_GUID. Once it is done, a DeviceHandle is returned. 5) Device driver creates EDKII_DEVICE_IDENTIFIER with EDKII_DEVICE_IDENTIFIER_TYPE_xxx_GUID and the DeviceHandle. 6) Device driver calls DeviceAuthenticate(). 7) If DeviceAuthenticate() returns EFI_SECURITY_VIOLATION, the device driver uninstalls all protocols on this handle. 8) If DeviceAuthenticate() returns EFI_SUCCESS, the device driver installs the device access protocol with a real protocol GUID. e.g. EFI_PCI_IO_PROTOCOL with EFI_PCI_IO_PROTOCOL_GUID. EFI_USB_IO_PROTOCOL with EFI_USB_IO_PROTOCOL_GUID.
| [in] | This | The protocol instance pointer. |
| [in] | DeviceId | The Identifier for the device. |
| EFI_SUCCESS | The device specified by the DeviceId passed the measurement and/or authentication based upon the platform policy. If TCG measurement is required, the measurement is extended to TPM PCR. |
| EFI_SECURITY_VIOLATION | The device fails to return the measurement data. |
| EFI_SECURITY_VIOLATION | The device fails to response the authentication request. |
| EFI_SECURITY_VIOLATION | The system fails to verify the device based upon the authentication response. |
| EFI_SECURITY_VIOLATION | The system fails to extend the measurement to TPM PCR. |
Definition at line 134 of file DeviceSecurity.h.
| typedef struct _EDKII_DEVICE_SECURITY_PROTOCOL EDKII_DEVICE_SECURITY_PROTOCOL |
Definition at line 26 of file DeviceSecurity.h.
1.9.6