TianoCore EDK2 master
Loading...
Searching...
No Matches
SecurityStub.c
Go to the documentation of this file.
1
9#include <Uefi.h>
10#include <Protocol/Security.h>
11#include <Protocol/Security2.h>
12#include <Library/DebugLib.h>
13#include <Library/UefiBootServicesTableLib.h>
14#include <Library/UefiDriverEntryPoint.h>
15#include <Library/SecurityManagementLib.h>
16#include "Defer3rdPartyImageLoad.h"
17
18//
19// Handle for the Security Architectural Protocol instance produced by this driver
20//
21EFI_HANDLE mSecurityArchProtocolHandle = NULL;
22
58EFI_STATUS
59EFIAPI
60SecurityStubAuthenticateState (
61 IN CONST EFI_SECURITY_ARCH_PROTOCOL *This,
62 IN UINT32 AuthenticationStatus,
63 IN CONST EFI_DEVICE_PATH_PROTOCOL *File
64 )
65{
66 EFI_STATUS Status;
67
68 Status = ExecuteSecurity2Handlers (
69 EFI_AUTH_OPERATION_AUTHENTICATION_STATE,
70 AuthenticationStatus,
71 File,
72 NULL,
73 0,
74 FALSE
75 );
76 if (Status == EFI_SUCCESS) {
77 Status = ExecuteSecurityHandlers (AuthenticationStatus, File);
78 }
79
80 return Status;
81}
82
128EFI_STATUS
129EFIAPI
130Security2StubAuthenticate (
131 IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This,
132 IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
133 IN VOID *FileBuffer,
134 IN UINTN FileSize,
135 IN BOOLEAN BootPolicy
136 )
137{
138 EFI_STATUS Status;
139
140 if (FileBuffer != NULL) {
141 Status = Defer3rdPartyImageLoad (File, BootPolicy);
142 if (EFI_ERROR (Status)) {
143 return Status;
144 }
145 }
146
147 return ExecuteSecurity2Handlers (
148 EFI_AUTH_OPERATION_VERIFY_IMAGE |
149 EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD |
150 EFI_AUTH_OPERATION_MEASURE_IMAGE |
151 EFI_AUTH_OPERATION_CONNECT_POLICY,
152 0,
153 File,
154 FileBuffer,
155 FileSize,
156 BootPolicy
157 );
158}
159
160//
161// Security2 and Security Architectural Protocol instance produced by this driver
162//
163EFI_SECURITY_ARCH_PROTOCOL mSecurityStub = {
164 SecurityStubAuthenticateState
165};
166
167EFI_SECURITY2_ARCH_PROTOCOL mSecurity2Stub = {
168 Security2StubAuthenticate
169};
170
180EFI_STATUS
181EFIAPI
182SecurityStubInitialize (
183 IN EFI_HANDLE ImageHandle,
184 IN EFI_SYSTEM_TABLE *SystemTable
185 )
186{
187 EFI_STATUS Status;
188
189 //
190 // Make sure the Security Architectural Protocol is not already installed in the system
191 //
192 ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurity2ArchProtocolGuid);
193 ASSERT_PROTOCOL_ALREADY_INSTALLED (NULL, &gEfiSecurityArchProtocolGuid);
194
195 //
196 // Install the Security Architectural Protocol onto a new handle
197 //
198 Status = gBS->InstallMultipleProtocolInterfaces (
199 &mSecurityArchProtocolHandle,
200 &gEfiSecurity2ArchProtocolGuid,
201 &mSecurity2Stub,
202 &gEfiSecurityArchProtocolGuid,
203 &mSecurityStub,
204 NULL
205 );
206 ASSERT_EFI_ERROR (Status);
207
208 Defer3rdPartyImageLoadInitialize ();
209
210 return EFI_SUCCESS;
211}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
Defer3rdPartyImageLoad
EFI_STATUS Defer3rdPartyImageLoad(IN CONST EFI_DEVICE_PATH_PROTOCOL *File, IN BOOLEAN BootPolicy)
Definition: Defer3rdPartyImageLoad.c:314
Defer3rdPartyImageLoadInitialize
VOID Defer3rdPartyImageLoadInitialize(VOID)
Definition: Defer3rdPartyImageLoad.c:379
NULL
#define NULL
Definition: Base.h:319
CONST
#define CONST
Definition: Base.h:259
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
ASSERT_EFI_ERROR
#define ASSERT_EFI_ERROR(StatusParameter)
Definition: DebugLib.h:462
ASSERT_PROTOCOL_ALREADY_INSTALLED
#define ASSERT_PROTOCOL_ALREADY_INSTALLED(Handle, Guid)
Definition: DebugLib.h:535
ExecuteSecurity2Handlers
EFI_STATUS EFIAPI ExecuteSecurity2Handlers(IN UINT32 AuthenticationOperation, IN UINT32 AuthenticationStatus, IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL, IN VOID *FileBuffer, IN UINTN FileSize, IN BOOLEAN BootPolicy)
Definition: DxeSecurityManagementLib.c:480
ExecuteSecurityHandlers
EFI_STATUS EFIAPI ExecuteSecurityHandlers(IN UINT32 AuthenticationStatus, IN CONST EFI_DEVICE_PATH_PROTOCOL *FilePath)
Definition: DxeSecurityManagementLib.c:211
Security2StubAuthenticate
EFI_STATUS EFIAPI Security2StubAuthenticate(IN CONST EFI_SECURITY2_ARCH_PROTOCOL *This, IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL, IN VOID *FileBuffer, IN UINTN FileSize, IN BOOLEAN BootPolicy)
Definition: SecurityStub.c:130
SecurityStubInitialize
EFI_STATUS EFIAPI SecurityStubInitialize(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable)
Definition: SecurityStub.c:182
SecurityStubAuthenticateState
EFI_STATUS EFIAPI SecurityStubAuthenticateState(IN CONST EFI_SECURITY_ARCH_PROTOCOL *This, IN UINT32 AuthenticationStatus, IN CONST EFI_DEVICE_PATH_PROTOCOL *File)
Definition: SecurityStub.c:60
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_HANDLE
VOID * EFI_HANDLE
Definition: UefiBaseType.h:33
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
gBS
EFI_BOOT_SERVICES * gBS
Definition: UefiBootServicesTableLib.c:17
UefiDriverEntryPoint.h
_EFI_SECURITY2_ARCH_PROTOCOL
Definition: Security2.h:95
_EFI_SECURITY_ARCH_PROTOCOL
Definition: Security.h:91
EFI_DEVICE_PATH_PROTOCOL
Definition: DevicePath.h:43
EFI_SYSTEM_TABLE
Definition: UefiSpec.h:2028