1 /** @file
2 Provides generic security measurement functions for DXE module.
3
4 Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include <PiDxe.h>
16 #include <Protocol/LoadFile.h>
17 #include <Library/DebugLib.h>
18 #include <Library/DxeServicesLib.h>
19 #include <Library/MemoryAllocationLib.h>
20 #include <Library/SecurityManagementLib.h>
21 #include <Library/DevicePathLib.h>
22 #include <Library/UefiBootServicesTableLib.h>
23
24 #define SECURITY_HANDLER_TABLE_SIZE 0x10
25
26 //
27 // Secruity Operation on Image and none Image.
28 //
29 #define EFI_AUTH_IMAGE_OPERATION_MASK (EFI_AUTH_OPERATION_VERIFY_IMAGE \
30 | EFI_AUTH_OPERATION_DEFER_IMAGE_LOAD \
31 | EFI_AUTH_OPERATION_MEASURE_IMAGE)
32 #define EFI_AUTH_NONE_IMAGE_OPERATION_MASK (EFI_AUTH_OPERATION_CONNECT_POLICY \
33 | EFI_AUTH_OPERATION_AUTHENTICATION_STATE)
34
35 typedef struct {
36 UINT32 SecurityOperation;
37 SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler;
38 } SECURITY_INFO;
39
40 typedef struct {
41 UINT32 Security2Operation;
42 SECURITY2_FILE_AUTHENTICATION_HANDLER Security2Handler;
43 } SECURITY2_INFO;
44
45 UINT32 mCurrentAuthOperation = 0;
46 UINT32 mNumberOfSecurityHandler = 0;
47 UINT32 mMaxNumberOfSecurityHandler = 0;
48 SECURITY_INFO *mSecurityTable = NULL;
49
50 UINT32 mCurrentAuthOperation2 = 0;
51 UINT32 mNumberOfSecurity2Handler = 0;
52 UINT32 mMaxNumberOfSecurity2Handler = 0;
53 SECURITY2_INFO *mSecurity2Table = NULL;
54
55 /**
56 Reallocates more global memory to store the registered Handler list.
57
58 @retval RETURN_SUCCESS Reallocate memory successfully.
59 @retval RETURN_OUT_OF_RESOURCES No enough memory to allocated.
60 **/
61 RETURN_STATUS
62 EFIAPI
ReallocateSecurityHandlerTable()63 ReallocateSecurityHandlerTable (
64 )
65 {
66 //
67 // Reallocate memory for security info structure.
68 //
69 mSecurityTable = ReallocatePool (
70 mMaxNumberOfSecurityHandler * sizeof (SECURITY_INFO),
71 (mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE) * sizeof (SECURITY_INFO),
72 mSecurityTable
73 );
74
75 //
76 // No enough resource is allocated.
77 //
78 if (mSecurityTable == NULL) {
79 return RETURN_OUT_OF_RESOURCES;
80 }
81
82 //
83 // Increase max handler number
84 //
85 mMaxNumberOfSecurityHandler = mMaxNumberOfSecurityHandler + SECURITY_HANDLER_TABLE_SIZE;
86 return RETURN_SUCCESS;
87 }
88
89 /**
90 Check whether an operation is valid according to the requirement of current operation,
91 which must make sure that the measure image operation is the last one.
92
93 @param CurrentAuthOperation Current operation.
94 @param CheckAuthOperation Operation to be checked.
95
96 @retval TRUE Operation is valid for current operation.
97 @retval FALSE Operation is invalid for current operation.
98 **/
99 BOOLEAN
CheckAuthenticationOperation(IN UINT32 CurrentAuthOperation,IN UINT32 CheckAuthOperation)100 CheckAuthenticationOperation (
101 IN UINT32 CurrentAuthOperation,
102 IN UINT32 CheckAuthOperation
103 )
104 {
105 //
106 // Make sure new auth operation can be recognized.
107 //
108 ASSERT ((CheckAuthOperation & ~(EFI_AUTH_IMAGE_OPERATION_MASK | EFI_AUTH_OPERATION_AUTHENTICATION_STATE | EFI_AUTH_OPERATION_IMAGE_REQUIRED)) == 0);
109
110 //
111 // When current operation includes measure image operation,
112 // only another measure image operation or none operation will be allowed.
113 //
114 if ((CurrentAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) {
115 if (((CheckAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) ||
116 ((CheckAuthOperation & EFI_AUTH_IMAGE_OPERATION_MASK) == EFI_AUTH_OPERATION_NONE)) {
117 return TRUE;
118 } else {
119 return FALSE;
120 }
121 }
122
123 //
124 // When current operation doesn't include measure image operation,
125 // any new operation will be allowed.
126 //
127 return TRUE;
128 }
129
130 /**
131 Register security measurement handler with its operation type. The different
132 handler with the same operation can all be registered.
133
134 If SecurityHandler is NULL, then ASSERT().
135 If no enough resources available to register new handler, then ASSERT().
136 If AuthenticationOperation is not recongnized, then ASSERT().
137 If the previous register handler can't be executed before the later register handler, then ASSERT().
138
139 @param[in] SecurityHandler Security measurement service handler to be registered.
140 @param[in] AuthenticationOperation Operation type is specified for the registered handler.
141
142 @retval EFI_SUCCESS The handlers were registered successfully.
143 **/
144 EFI_STATUS
145 EFIAPI
RegisterSecurityHandler(IN SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler,IN UINT32 AuthenticationOperation)146 RegisterSecurityHandler (
147 IN SECURITY_FILE_AUTHENTICATION_STATE_HANDLER SecurityHandler,
148 IN UINT32 AuthenticationOperation
149 )
150 {
151 EFI_STATUS Status;
152
153 ASSERT (SecurityHandler != NULL);
154
155 //
156 // Make sure AuthenticationOperation is valid in the register order.
157 //
158 ASSERT (CheckAuthenticationOperation (mCurrentAuthOperation, AuthenticationOperation));
159 mCurrentAuthOperation = mCurrentAuthOperation | AuthenticationOperation;
160
161 //
162 // Check whether the handler lists is enough to store new handler.
163 //
164 if (mNumberOfSecurityHandler == mMaxNumberOfSecurityHandler) {
165 //
166 // Allocate more resources for new handler.
167 //
168 Status = ReallocateSecurityHandlerTable();
169 ASSERT_EFI_ERROR (Status);
170 }
171
172 //
173 // Register new handler into the handler list.
174 //
175 mSecurityTable[mNumberOfSecurityHandler].SecurityOperation = AuthenticationOperation;
176 mSecurityTable[mNumberOfSecurityHandler].SecurityHandler = SecurityHandler;
177 mNumberOfSecurityHandler ++;
178
179 return EFI_SUCCESS;
180 }
181
182 /**
183 Execute registered handlers until one returns an error and that error is returned.
184 If none of the handlers return an error, then EFI_SUCCESS is returned.
185
186 Before exectue handler, get the image buffer by file device path if a handler
187 requires the image file. And return the image buffer to each handler when exectue handler.
188
189 The handlers are executed in same order to their registered order.
190
191 @param[in] AuthenticationStatus
192 This is the authentication type returned from the Section
193 Extraction protocol. See the Section Extraction Protocol
194 Specification for details on this type.
195 @param[in] FilePath This is a pointer to the device path of the file that is
196 being dispatched. This will optionally be used for logging.
197
198 @retval EFI_SUCCESS The file specified by File did authenticate when more
199 than one security handler services were registered,
200 or the file did not authenticate when no security
201 handler service was registered. And the platform policy
202 dictates that the DXE Core may use File.
203 @retval EFI_INVALID_PARAMETER File is NULL.
204 @retval EFI_SECURITY_VIOLATION The file specified by File did not authenticate, and
205 the platform policy dictates that File should be placed
206 in the untrusted state. A file may be promoted from
207 the untrusted to the trusted state at a future time
208 with a call to the Trust() DXE Service.
209 @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and
210 the platform policy dictates that File should not be
211 used for any purpose.
212 **/
213 EFI_STATUS
214 EFIAPI
ExecuteSecurityHandlers(IN UINT32 AuthenticationStatus,IN CONST EFI_DEVICE_PATH_PROTOCOL * FilePath)215 ExecuteSecurityHandlers (
216 IN UINT32 AuthenticationStatus,
217 IN CONST EFI_DEVICE_PATH_PROTOCOL *FilePath
218 )
219 {
220 UINT32 Index;
221 EFI_STATUS Status;
222 UINT32 HandlerAuthenticationStatus;
223 VOID *FileBuffer;
224 UINTN FileSize;
225 EFI_HANDLE Handle;
226 EFI_DEVICE_PATH_PROTOCOL *Node;
227 EFI_DEVICE_PATH_PROTOCOL *FilePathToVerfiy;
228
229 if (FilePath == NULL) {
230 return EFI_INVALID_PARAMETER;
231 }
232
233 //
234 // Directly return successfully when no handler is registered.
235 //
236 if (mNumberOfSecurityHandler == 0) {
237 return EFI_SUCCESS;
238 }
239
240 Status = EFI_SUCCESS;
241 FileBuffer = NULL;
242 FileSize = 0;
243 HandlerAuthenticationStatus = AuthenticationStatus;
244 FilePathToVerfiy = (EFI_DEVICE_PATH_PROTOCOL *) FilePath;
245 //
246 // Run security handler in same order to their registered list
247 //
248 for (Index = 0; Index < mNumberOfSecurityHandler; Index ++) {
249 if ((mSecurityTable[Index].SecurityOperation & EFI_AUTH_OPERATION_IMAGE_REQUIRED) == EFI_AUTH_OPERATION_IMAGE_REQUIRED) {
250 //
251 // Try get file buffer when the handler requires image buffer.
252 //
253 if (FileBuffer == NULL) {
254 Node = FilePathToVerfiy;
255 Status = gBS->LocateDevicePath (&gEfiLoadFileProtocolGuid, &Node, &Handle);
256 //
257 // Try to get image by FALSE boot policy for the exact boot file path.
258 //
259 FileBuffer = GetFileBufferByFilePath (FALSE, FilePath, &FileSize, &AuthenticationStatus);
260 if (FileBuffer == NULL) {
261 //
262 // Try to get image by TRUE boot policy for the inexact boot file path.
263 //
264 FileBuffer = GetFileBufferByFilePath (TRUE, FilePath, &FileSize, &AuthenticationStatus);
265 }
266 if ((FileBuffer != NULL) && (!EFI_ERROR (Status))) {
267 //
268 // LoadFile () may cause the device path of the Handle be updated.
269 //
270 FilePathToVerfiy = AppendDevicePath (DevicePathFromHandle (Handle), Node);
271 }
272 }
273 }
274 Status = mSecurityTable[Index].SecurityHandler (
275 HandlerAuthenticationStatus,
276 FilePathToVerfiy,
277 FileBuffer,
278 FileSize
279 );
280 if (EFI_ERROR (Status)) {
281 break;
282 }
283 }
284
285 if (FileBuffer != NULL) {
286 FreePool (FileBuffer);
287 }
288 if (FilePathToVerfiy != FilePath) {
289 FreePool (FilePathToVerfiy);
290 }
291
292 return Status;
293 }
294
295 /**
296 Reallocates more global memory to store the registered Securit2Handler list.
297
298 @retval RETURN_SUCCESS Reallocate memory successfully.
299 @retval RETURN_OUT_OF_RESOURCES No enough memory to allocated.
300 **/
301 RETURN_STATUS
302 EFIAPI
ReallocateSecurity2HandlerTable()303 ReallocateSecurity2HandlerTable (
304 )
305 {
306 //
307 // Reallocate memory for security info structure.
308 //
309 mSecurity2Table = ReallocatePool (
310 mMaxNumberOfSecurity2Handler * sizeof (SECURITY2_INFO),
311 (mMaxNumberOfSecurity2Handler + SECURITY_HANDLER_TABLE_SIZE) * sizeof (SECURITY2_INFO),
312 mSecurity2Table
313 );
314
315 //
316 // No enough resource is allocated.
317 //
318 if (mSecurity2Table == NULL) {
319 return RETURN_OUT_OF_RESOURCES;
320 }
321
322 //
323 // Increase max handler number
324 //
325 mMaxNumberOfSecurity2Handler = mMaxNumberOfSecurity2Handler + SECURITY_HANDLER_TABLE_SIZE;
326 return RETURN_SUCCESS;
327 }
328
329 /**
330 Check whether an operation is valid according to the requirement of current operation,
331 which must make sure that the measure image operation is the last one.
332
333 If AuthenticationOperation is not recongnized, return FALSE.
334 If AuthenticationOperation is EFI_AUTH_OPERATION_NONE, return FALSE.
335 If AuthenticationOperation includes security operation and authentication operation, return FALSE.
336 If the previous register handler can't be executed before the later register handler, return FALSE.
337
338 @param CurrentAuthOperation Current operation.
339 @param CheckAuthOperation Operation to be checked.
340
341 @retval TRUE Operation is valid for current operation.
342 @retval FALSE Operation is invalid for current operation.
343 **/
344 BOOLEAN
CheckAuthentication2Operation(IN UINT32 CurrentAuthOperation,IN UINT32 CheckAuthOperation)345 CheckAuthentication2Operation (
346 IN UINT32 CurrentAuthOperation,
347 IN UINT32 CheckAuthOperation
348 )
349 {
350 //
351 // Make sure new auth operation can be recognized.
352 //
353 if (CheckAuthOperation == EFI_AUTH_OPERATION_NONE) {
354 return FALSE;
355 }
356 if ((CheckAuthOperation & ~(EFI_AUTH_IMAGE_OPERATION_MASK |
357 EFI_AUTH_NONE_IMAGE_OPERATION_MASK |
358 EFI_AUTH_OPERATION_IMAGE_REQUIRED)) != 0) {
359 return FALSE;
360 }
361
362 //
363 // When current operation includes measure image operation,
364 // only another measure image or none image operation will be allowed.
365 //
366 if ((CurrentAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) {
367 if (((CheckAuthOperation & EFI_AUTH_OPERATION_MEASURE_IMAGE) == EFI_AUTH_OPERATION_MEASURE_IMAGE) ||
368 ((CheckAuthOperation & EFI_AUTH_IMAGE_OPERATION_MASK) == 0)) {
369 return TRUE;
370 } else {
371 return FALSE;
372 }
373 }
374
375 //
376 // Any other operation will be allowed.
377 //
378 return TRUE;
379 }
380
381 /**
382 Register security measurement handler with its operation type. Different
383 handlers with the same operation can all be registered.
384
385 If Security2Handler is NULL, then ASSERT().
386 If no enough resources available to register new handler, then ASSERT().
387 If AuthenticationOperation is not recongnized, then ASSERT().
388 If AuthenticationOperation is EFI_AUTH_OPERATION_NONE, then ASSERT().
389 If the previous register handler can't be executed before the later register handler, then ASSERT().
390
391 @param[in] Security2Handler The security measurement service handler to be registered.
392 @param[in] AuthenticationOperation The operation type is specified for the registered handler.
393
394 @retval EFI_SUCCESS The handlers were registered successfully.
395 **/
396 EFI_STATUS
397 EFIAPI
RegisterSecurity2Handler(IN SECURITY2_FILE_AUTHENTICATION_HANDLER Security2Handler,IN UINT32 AuthenticationOperation)398 RegisterSecurity2Handler (
399 IN SECURITY2_FILE_AUTHENTICATION_HANDLER Security2Handler,
400 IN UINT32 AuthenticationOperation
401 )
402 {
403 EFI_STATUS Status;
404
405 ASSERT (Security2Handler != NULL);
406
407 //
408 // Make sure AuthenticationOperation is valid in the register order.
409 //
410 ASSERT (CheckAuthentication2Operation (mCurrentAuthOperation2, AuthenticationOperation));
411 mCurrentAuthOperation2 = mCurrentAuthOperation2 | AuthenticationOperation;
412
413 //
414 // Check whether the handler lists is enough to store new handler.
415 //
416 if (mNumberOfSecurity2Handler == mMaxNumberOfSecurity2Handler) {
417 //
418 // Allocate more resources for new handler.
419 //
420 Status = ReallocateSecurity2HandlerTable();
421 ASSERT_EFI_ERROR (Status);
422 }
423
424 //
425 // Register new handler into the handler list.
426 //
427 mSecurity2Table[mNumberOfSecurity2Handler].Security2Operation = AuthenticationOperation;
428 mSecurity2Table[mNumberOfSecurity2Handler].Security2Handler = Security2Handler;
429 mNumberOfSecurity2Handler ++;
430
431 return EFI_SUCCESS;
432 }
433
434 /**
435 Execute registered handlers based on input AuthenticationOperation until
436 one returns an error and that error is returned.
437
438 If none of the handlers return an error, then EFI_SUCCESS is returned.
439 The handlers those satisfy AuthenticationOperation will only be executed.
440 The handlers are executed in same order to their registered order.
441
442 @param[in] AuthenticationOperation
443 The operation type specifies which handlers will be executed.
444 @param[in] AuthenticationStatus
445 The authentication status for the input file.
446 @param[in] File This is a pointer to the device path of the file that is
447 being dispatched. This will optionally be used for logging.
448 @param[in] FileBuffer A pointer to the buffer with the UEFI file image
449 @param[in] FileSize The size of File buffer.
450 @param[in] BootPolicy A boot policy that was used to call LoadImage() UEFI service.
451
452 @retval EFI_SUCCESS The file specified by DevicePath and non-NULL
453 FileBuffer did authenticate, and the platform policy dictates
454 that the DXE Foundation may use the file.
455 @retval EFI_SUCCESS The device path specified by NULL device path DevicePath
456 and non-NULL FileBuffer did authenticate, and the platform
457 policy dictates that the DXE Foundation may execute the image in
458 FileBuffer.
459 @retval EFI_SUCCESS FileBuffer is NULL and current user has permission to start
460 UEFI device drivers on the device path specified by DevicePath.
461 @retval EFI_SECURITY_VIOLATION The file specified by File or FileBuffer did not
462 authenticate, and the platform policy dictates that
463 the file should be placed in the untrusted state.
464 @retval EFI_SECURITY_VIOLATION FileBuffer FileBuffer is NULL and the user has no
465 permission to start UEFI device drivers on the device path specified
466 by DevicePath.
467 @retval EFI_SECURITY_VIOLATION FileBuffer is not NULL and the user has no permission to load
468 drivers from the device path specified by DevicePath. The
469 image has been added into the list of the deferred images.
470 @retval EFI_ACCESS_DENIED The file specified by File did not authenticate, and
471 the platform policy dictates that the DXE
472 Foundation may not use File.
473 @retval EFI_INVALID_PARAMETER File and FileBuffer are both NULL.
474 **/
475 EFI_STATUS
476 EFIAPI
ExecuteSecurity2Handlers(IN UINT32 AuthenticationOperation,IN UINT32 AuthenticationStatus,IN CONST EFI_DEVICE_PATH_PROTOCOL * File,IN VOID * FileBuffer,IN UINTN FileSize,IN BOOLEAN BootPolicy)477 ExecuteSecurity2Handlers (
478 IN UINT32 AuthenticationOperation,
479 IN UINT32 AuthenticationStatus,
480 IN CONST EFI_DEVICE_PATH_PROTOCOL *File,
481 IN VOID *FileBuffer,
482 IN UINTN FileSize,
483 IN BOOLEAN BootPolicy
484 )
485 {
486 UINT32 Index;
487 EFI_STATUS Status;
488
489 //
490 // Invalid case if File and FileBuffer are both NULL.
491 //
492 if (File == NULL && FileBuffer == NULL) {
493 return EFI_INVALID_PARAMETER;
494 }
495
496 //
497 // Directly return successfully when no handler is registered.
498 //
499 if (mNumberOfSecurity2Handler == 0) {
500 return EFI_SUCCESS;
501 }
502
503 //
504 // Run security handler in same order to their registered list
505 //
506 for (Index = 0; Index < mNumberOfSecurity2Handler; Index ++) {
507 //
508 // If FileBuffer is not NULL, the input is Image, which will be handled by EFI_AUTH_IMAGE_OPERATION_MASK operation.
509 // If FileBuffer is NULL, the input is not Image, which will be handled by EFI_AUTH_NONE_IMAGE_OPERATION_MASK operation.
510 // Other cases are ignored.
511 //
512 if ((FileBuffer != NULL && (mSecurity2Table[Index].Security2Operation & EFI_AUTH_IMAGE_OPERATION_MASK) != 0) ||
513 (FileBuffer == NULL && (mSecurity2Table[Index].Security2Operation & EFI_AUTH_NONE_IMAGE_OPERATION_MASK) != 0)) {
514 //
515 // Execute registered handlers based on input AuthenticationOperation
516 //
517 if ((mSecurity2Table[Index].Security2Operation & AuthenticationOperation) != 0) {
518 Status = mSecurity2Table[Index].Security2Handler (
519 AuthenticationStatus,
520 File,
521 FileBuffer,
522 FileSize,
523 BootPolicy
524 );
525 if (EFI_ERROR (Status)) {
526 return Status;
527 }
528 }
529 }
530 }
531
532 return EFI_SUCCESS;
533 }
534