- Generated on Fri Nov 15 2024 18:01:41 for TianoCore EDK2 by
1.9.6
|
TianoCore EDK2 master
|
Go to the source code of this file.
Data Structures | |
| struct | EDKII_DEVICE_SECURITY_POLICY |
| struct | EDKII_DEVICE_SECURITY_STATE |
| struct | _EDKII_DEVICE_SECURITY_POLICY_PROTOCOL |
Typedefs | |
| typedef struct _EDKII_DEVICE_SECURITY_POLICY_PROTOCOL | EDKII_DEVICE_SECURITY_POLICY_PROTOCOL |
| typedef EFI_STATUS(EFIAPI * | EDKII_DEVICE_SECURITY_GET_DEVICE_POLICY) (IN EDKII_DEVICE_SECURITY_POLICY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId, OUT EDKII_DEVICE_SECURITY_POLICY *DeviceSecurityPolicy) |
| typedef EFI_STATUS(EFIAPI * | EDKII_DEVICE_SECURITY_NOTIFY_DEVICE_STATE) (IN EDKII_DEVICE_SECURITY_POLICY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId, IN EDKII_DEVICE_SECURITY_STATE *DeviceSecurityState) |
Variables | |
| EFI_GUID | gEdkiiDeviceSecurityPolicyProtocolGuid |
Platform Device Security Policy Protocol definition
Copyright (c) 2024, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
Definition in file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_AUTHENTICATION_REQUIRED BIT0 |
Definition at line 34 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_MEASUREMENT_REQUIRED BIT0 |
The macro for the policy defined in EDKII_DEVICE_SECURITY_POLICY
Definition at line 33 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_POLICY_PROTOCOL_REVISION 0x00010000 |
Definition at line 22 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_POLICY_REVISION 0x00010000 |
Definition at line 28 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR BIT31 |
Definition at line 55 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_CERTIFIACTE_FAILURE (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x31) |
Definition at line 64 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_CHALLENGE_FAILURE (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x30) |
Definition at line 63 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_DEVICE_ERROR (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x11) |
Definition at line 60 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_DEVICE_NO_CAPABILITIES (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x10) |
Definition at line 59 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_MEASUREMENT_AUTH_FAILURE (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x21) |
Definition at line 62 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_NO_CERT_PROVISION (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x32) |
Definition at line 65 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_TCG_EXTEND_TPM_PCR (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x20) |
Definition at line 61 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_UEFI_GET_POLICY_PROTOCOL (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x1) |
Definition at line 57 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_UEFI_OUT_OF_RESOURCE (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x2) |
Definition at line 58 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_ERROR_UEFI_UNSUPPORTED (EDKII_DEVICE_SECURITY_STATE_ERROR + 0x0) |
Definition at line 56 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_REVISION 0x00010000 |
Definition at line 49 of file DeviceSecurityPolicy.h.
| #define EDKII_DEVICE_SECURITY_STATE_SUCCESS 0 |
The macro for the state defined in EDKII_DEVICE_SECURITY_STATE
Definition at line 54 of file DeviceSecurityPolicy.h.
| typedef EFI_STATUS(EFIAPI * EDKII_DEVICE_SECURITY_GET_DEVICE_POLICY) (IN EDKII_DEVICE_SECURITY_POLICY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId, OUT EDKII_DEVICE_SECURITY_POLICY *DeviceSecurityPolicy) |
This function returns the device security policy associated with the device.
The device security driver may call this interface to get the platform policy for the specific device and determine if the measurement or authentication is required.
| [in] | This | The protocol instance pointer. |
| [in] | DeviceId | The Identifier for the device. |
| [out] | DeviceSecurityPolicy | The Device Security Policy associated with the device. |
| EFI_SUCCESS | The device security policy is returned |
| EFI_UNSUPPORTED | The function is unsupported for the specific Device. |
Definition at line 91 of file DeviceSecurityPolicy.h.
| typedef EFI_STATUS(EFIAPI * EDKII_DEVICE_SECURITY_NOTIFY_DEVICE_STATE) (IN EDKII_DEVICE_SECURITY_POLICY_PROTOCOL *This, IN EDKII_DEVICE_IDENTIFIER *DeviceId, IN EDKII_DEVICE_SECURITY_STATE *DeviceSecurityState) |
This function sets the device state based upon the authentication result.
The device security driver may call this interface to give the platform a notify based upon the measurement or authentication result. If the authentication or measurement fails, the platform may choose: 1) Do nothing. 2) Disable this device or slot temporarily and continue boot. 3) Reset the platform and retry again. 4) Disable this device or slot permanently. 5) Any other platform specific action.
| [in] | This | The protocol instance pointer. |
| [in] | DeviceId | The Identifier for the device. |
| [in] | DeviceSecurityState | The Device Security state associated with the device. |
| EFI_SUCCESS | The device state is set. |
| EFI_UNSUPPORTED | The function is unsupported for the specific Device. |
Definition at line 118 of file DeviceSecurityPolicy.h.
Definition at line 15 of file DeviceSecurityPolicy.h.
1.9.6