TianoCore EDK2 master
Loading...
Searching...
No Matches
DxeTpm2MeasureBootLibSanitization.c
Go to the documentation of this file.
1
24#include <Uefi.h>
25#include <Uefi/UefiSpec.h>
26#include <Library/SafeIntLib.h>
27#include <Library/UefiLib.h>
28#include <Library/DebugLib.h>
29#include <Library/BaseLib.h>
30#include <IndustryStandard/UefiTcgPlatform.h>
31#include <Protocol/BlockIo.h>
32#include <Library/MemoryAllocationLib.h>
33
34#include "DxeTpm2MeasureBootLibSanitization.h"
35
36#define GPT_HEADER_REVISION_V1 0x00010000
37
64EFI_STATUS
65EFIAPI
66Tpm2SanitizeEfiPartitionTableHeader (
67 IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
68 IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
69 )
70{
71 //
72 // Verify that the input parameters are safe to use
73 //
74 if (PrimaryHeader == NULL) {
75 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header!\n"));
76 return EFI_INVALID_PARAMETER;
77 }
78
79 if ((BlockIo == NULL) || (BlockIo->Media == NULL)) {
80 DEBUG ((DEBUG_ERROR, "Invalid BlockIo!\n"));
81 return EFI_INVALID_PARAMETER;
82 }
83
84 //
85 // The signature must be EFI_PTAB_HEADER_ID ("EFI PART" in ASCII)
86 //
87 if (PrimaryHeader->Header.Signature != EFI_PTAB_HEADER_ID) {
88 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header!\n"));
89 return EFI_DEVICE_ERROR;
90 }
91
92 //
93 // The version must be GPT_HEADER_REVISION_V1 (0x00010000)
94 //
95 if (PrimaryHeader->Header.Revision != GPT_HEADER_REVISION_V1) {
96 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header Revision!\n"));
97 return EFI_DEVICE_ERROR;
98 }
99
100 //
101 // The HeaderSize must be greater than or equal to 92 and must be less than or equal to the logical block size
102 //
103 if ((PrimaryHeader->Header.HeaderSize < sizeof (EFI_PARTITION_TABLE_HEADER)) || (PrimaryHeader->Header.HeaderSize > BlockIo->Media->BlockSize)) {
104 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header HeaderSize!\n"));
105 return EFI_DEVICE_ERROR;
106 }
107
108 //
109 // The partition entries should all be before the first usable block
110 //
111 if (PrimaryHeader->FirstUsableLBA <= PrimaryHeader->PartitionEntryLBA) {
112 DEBUG ((DEBUG_ERROR, "GPT PartitionEntryLBA is not less than FirstUsableLBA!\n"));
113 return EFI_DEVICE_ERROR;
114 }
115
116 //
117 // Check that the PartitionEntryLBA greater than the Max LBA
118 // This will be used later for multiplication
119 //
120 if (PrimaryHeader->PartitionEntryLBA > DivU64x32 (MAX_UINT64, BlockIo->Media->BlockSize)) {
121 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header PartitionEntryLBA!\n"));
122 return EFI_DEVICE_ERROR;
123 }
124
125 //
126 // Check that the number of partition entries is greater than zero
127 //
128 if (PrimaryHeader->NumberOfPartitionEntries == 0) {
129 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header NumberOfPartitionEntries!\n"));
130 return EFI_DEVICE_ERROR;
131 }
132
133 //
134 // SizeOfPartitionEntry must be 128, 256, 512... improper size may lead to accessing uninitialized memory
135 //
136 if ((PrimaryHeader->SizeOfPartitionEntry < 128) || ((PrimaryHeader->SizeOfPartitionEntry & (PrimaryHeader->SizeOfPartitionEntry - 1)) != 0)) {
137 DEBUG ((DEBUG_ERROR, "SizeOfPartitionEntry shall be set to a value of 128 x 2^n where n is an integer greater than or equal to zero (e.g., 128, 256, 512, etc.)!\n"));
138 return EFI_DEVICE_ERROR;
139 }
140
141 //
142 // This check is to prevent overflow when calculating the allocation size for the partition entries
143 // This check will be used later for multiplication
144 //
145 if (PrimaryHeader->NumberOfPartitionEntries > DivU64x32 (MAX_UINT64, PrimaryHeader->SizeOfPartitionEntry)) {
146 DEBUG ((DEBUG_ERROR, "Invalid Partition Table Header NumberOfPartitionEntries!\n"));
147 return EFI_DEVICE_ERROR;
148 }
149
150 return EFI_SUCCESS;
151}
152
170EFI_STATUS
171EFIAPI
172Tpm2SanitizePrimaryHeaderAllocationSize (
173 IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
174 OUT UINT32 *AllocationSize
175 )
176{
177 EFI_STATUS Status;
178
179 if (PrimaryHeader == NULL) {
180 return EFI_INVALID_PARAMETER;
181 }
182
183 if (AllocationSize == NULL) {
184 return EFI_INVALID_PARAMETER;
185 }
186
187 //
188 // Replacing logic:
189 // PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry;
190 //
191 Status = SafeUint32Mult (PrimaryHeader->NumberOfPartitionEntries, PrimaryHeader->SizeOfPartitionEntry, AllocationSize);
192 if (EFI_ERROR (Status)) {
193 DEBUG ((DEBUG_ERROR, "Allocation Size would have overflowed!\n"));
194 return EFI_BAD_BUFFER_SIZE;
195 }
196
197 return EFI_SUCCESS;
198}
199
223EFI_STATUS
224Tpm2SanitizePrimaryHeaderGptEventSize (
225 IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
226 IN UINTN NumberOfPartition,
227 OUT UINT32 *EventSize
228 )
229{
230 EFI_STATUS Status;
231 UINT32 SafeNumberOfPartitions;
232
233 if (PrimaryHeader == NULL) {
234 return EFI_INVALID_PARAMETER;
235 }
236
237 if (EventSize == NULL) {
238 return EFI_INVALID_PARAMETER;
239 }
240
241 //
242 // We shouldn't even attempt to perform the multiplication if the number of partitions is greater than the maximum value of UINT32
243 //
244 Status = SafeUintnToUint32 (NumberOfPartition, &SafeNumberOfPartitions);
245 if (EFI_ERROR (Status)) {
246 DEBUG ((DEBUG_ERROR, "NumberOfPartition would have overflowed!\n"));
247 return EFI_INVALID_PARAMETER;
248 }
249
250 //
251 // Replacing logic:
252 // (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions) + NumberOfPartition * PrimaryHeader.SizeOfPartitionEntry);
253 //
254 Status = SafeUint32Mult (SafeNumberOfPartitions, PrimaryHeader->SizeOfPartitionEntry, EventSize);
255 if (EFI_ERROR (Status)) {
256 DEBUG ((DEBUG_ERROR, "Event Size would have overflowed!\n"));
257 return EFI_BAD_BUFFER_SIZE;
258 }
259
260 //
261 // Replacing logic:
262 // *EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event);
263 //
264 Status = SafeUint32Add (
265 OFFSET_OF (EFI_TCG2_EVENT, Event) + OFFSET_OF (EFI_GPT_DATA, Partitions),
266 *EventSize,
267 EventSize
268 );
269 if (EFI_ERROR (Status)) {
270 DEBUG ((DEBUG_ERROR, "Event Size would have overflowed because of GPTData!\n"));
271 return EFI_BAD_BUFFER_SIZE;
272 }
273
274 return EFI_SUCCESS;
275}
276
294EFI_STATUS
295Tpm2SanitizePeImageEventSize (
296 IN UINT32 FilePathSize,
297 OUT UINT32 *EventSize
298 )
299{
300 EFI_STATUS Status;
301
302 // Replacing logic:
303 // sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
304 Status = SafeUint32Add (OFFSET_OF (EFI_IMAGE_LOAD_EVENT, DevicePath), FilePathSize, EventSize);
305 if (EFI_ERROR (Status)) {
306 DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
307 return EFI_BAD_BUFFER_SIZE;
308 }
309
310 // Replacing logic:
311 // EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event)
312 Status = SafeUint32Add (*EventSize, OFFSET_OF (EFI_TCG2_EVENT, Event), EventSize);
313 if (EFI_ERROR (Status)) {
314 DEBUG ((DEBUG_ERROR, "EventSize would overflow!\n"));
315 return EFI_BAD_BUFFER_SIZE;
316 }
317
318 return EFI_SUCCESS;
319}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
DivU64x32
UINT64 EFIAPI DivU64x32(IN UINT64 Dividend, IN UINT32 Divisor)
Definition: DivU64x32.c:29
Tpm2SanitizeEfiPartitionTableHeader
EFI_STATUS EFIAPI Tpm2SanitizeEfiPartitionTableHeader(IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader, IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo)
Definition: DxeTpm2MeasureBootLibSanitization.c:66
Tpm2SanitizePrimaryHeaderAllocationSize
EFI_STATUS EFIAPI Tpm2SanitizePrimaryHeaderAllocationSize(IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader, OUT UINT32 *AllocationSize)
Definition: DxeTpm2MeasureBootLibSanitization.c:172
Tpm2SanitizePeImageEventSize
EFI_STATUS Tpm2SanitizePeImageEventSize(IN UINT32 FilePathSize, OUT UINT32 *EventSize)
Definition: DxeTpm2MeasureBootLibSanitization.c:295
Tpm2SanitizePrimaryHeaderGptEventSize
EFI_STATUS Tpm2SanitizePrimaryHeaderGptEventSize(IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader, IN UINTN NumberOfPartition, OUT UINT32 *EventSize)
Definition: DxeTpm2MeasureBootLibSanitization.c:224
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
IN
#define IN
Definition: Base.h:279
OFFSET_OF
#define OFFSET_OF(TYPE, Field)
Definition: Base.h:758
OUT
#define OUT
Definition: Base.h:284
DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434
SafeUint32Add
RETURN_STATUS EFIAPI SafeUint32Add(IN UINT32 Augend, IN UINT32 Addend, OUT UINT32 *Result)
Definition: SafeIntLib.c:2927
SafeUint32Mult
RETURN_STATUS EFIAPI SafeUint32Mult(IN UINT32 Multiplicand, IN UINT32 Multiplier, OUT UINT32 *Result)
Definition: SafeIntLib.c:3283
SafeUintnToUint32
RETURN_STATUS EFIAPI SafeUintnToUint32(IN UINTN Operand, OUT UINT32 *Result)
Definition: SafeIntLib32.c:177
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
EFI_PTAB_HEADER_ID
#define EFI_PTAB_HEADER_ID
Definition: UefiGpt.h:20
_EFI_BLOCK_IO_PROTOCOL
Definition: BlockIo.h:214
EFI_PARTITION_TABLE_HEADER
Definition: UefiGpt.h:31
tdEFI_GPT_DATA
Definition: UefiTcgPlatform.h:276
tdEFI_IMAGE_LOAD_EVENT
Definition: UefiTcgPlatform.h:176
tdEFI_TCG2_EVENT
Definition: Tcg2Protocol.h:130