SecurityPkg/Library/DxeImageVerificationLib/Measurement.c File Reference


Defines

#define MEASURED_AUTHORITY_COUNT_MAX   0x100

Functions

CHAR16 * AssignVarName (IN CHAR16 *VarName)
EFI_GUID * AssignVendorGuid (IN EFI_GUID *VendorGuid)
EFI_STATUS AddDataMeasured (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN Size)
BOOLEAN IsDataMeasured (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN Size)
BOOLEAN IsSecureAuthorityVariable (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid)
EFI_STATUS EFIAPI MeasureVariable (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *VarData, IN UINTN VarSize)
VOID EFIAPI SecureBootHook (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINTN DataSize, IN VOID *Data)

Variables

UINTN mMeasuredAuthorityCount = 0
UINTN mMeasuredAuthorityCountMax = 0
VARIABLE_RECORD * mMeasuredAuthorityList = NULL
VARIABLE_TYPE mVariableType []

Detailed Description

Measure TrEE required variable.

Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php

THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.


Define Documentation

#define MEASURED_AUTHORITY_COUNT_MAX   0x100

Referenced by AddDataMeasured().


Function Documentation

EFI_STATUS AddDataMeasured ( IN CHAR16 *  VarName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  Size 
)

This function will add variable information to MeasuredAuthorityList.

Parameters:
[in] VarName A Null-terminated string that is the name of the vendor's variable.
[in] VendorGuid A unique identifier for the vendor.
[in] VarData The content of the variable data.
[in] VarSize The size of the variable data.
Return values:
EFI_SUCCESS Operation completed successfully.
EFI_OUT_OF_RESOURCES Out of memory.

References AssignVarName(), AssignVendorGuid(), MEASURED_AUTHORITY_COUNT_MAX, mMeasuredAuthorityCount, mMeasuredAuthorityCountMax, and mMeasuredAuthorityList.

Referenced by SecureBootHook().

CHAR16* AssignVarName ( IN CHAR16 *  VarName  ) 

This function will check if VarName should be recorded and return the address of VarName if it is needed.

Parameters:
[in] VarName A Null-terminated string that is the name of the vendor's variable.
Returns:
the address of VarName.

References mVariableType, and UINTN().

Referenced by AddDataMeasured().

EFI_GUID* AssignVendorGuid ( IN EFI_GUID *  VendorGuid  ) 

This function will check if VendorGuid should be recorded and return the address of VendorGuid if it is needed.

Parameters:
[in] VendorGuid A unique identifier for the vendor.
Returns:
the address of VendorGuid.

References mVariableType, and UINTN().

Referenced by AddDataMeasured().

BOOLEAN IsDataMeasured ( IN CHAR16 *  VarName,
IN EFI_GUID *  VendorGuid,
IN VOID *  Data,
IN UINTN  Size 
)

This function will return if this variable is already measured.

Parameters:
[in] VarName A Null-terminated string that is the name of the vendor's variable.
[in] VendorGuid A unique identifier for the vendor.
[in] VarData The content of the variable data.
[in] VarSize The size of the variable data.
Return values:
TRUE The data is already measured.
FALSE The data is not measured yet.

References mMeasuredAuthorityCount, mMeasuredAuthorityList, TRUE, and UINTN().

Referenced by SecureBootHook().

BOOLEAN IsSecureAuthorityVariable ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid 
)

This function will return if this variable is SecureAuthority Variable.

Parameters:
[in] VariableName A Null-terminated string that is the name of the vendor's variable.
[in] VendorGuid A unique identifier for the vendor.
Return values:
TRUE This is SecureAuthority Variable
FALSE This is not SecureAuthority Variable

References mVariableType, TRUE, and UINTN().

Referenced by SecureBootHook().

EFI_STATUS EFIAPI MeasureVariable ( IN CHAR16 *  VarName,
IN EFI_GUID *  VendorGuid,
IN VOID *  VarData,
IN UINTN  VarSize 
)

Measure and log an EFI variable, and extend the measurement result into a specific PCR.

Parameters:
[in] VarName A Null-terminated string that is the name of the vendor's variable.
[in] VendorGuid A unique identifier for the vendor.
[in] VarData The content of the variable data.
[in] VarSize The size of the variable data.
Return values:
EFI_SUCCESS Operation completed successfully.
EFI_OUT_OF_RESOURCES Out of memory.
EFI_DEVICE_ERROR The operation was unsuccessful.

References EFI_STATUS(), TpmMeasureAndLogData(), and UINTN().

Referenced by ReadAndMeasureBootVariable(), ReadAndMeasureVariable(), and SecureBootHook().

VOID EFIAPI SecureBootHook ( IN CHAR16 *  VariableName,
IN EFI_GUID *  VendorGuid,
IN UINTN  DataSize,
IN VOID *  Data 
)

SecureBoot Hook for processing image verification.

Parameters:
[in] VariableName Name of Variable to be found.
[in] VendorGuid Variable vendor GUID.
[in] DataSize Size of Data found. If size is less than the data, this value contains the required size.
[in] Data Data pointer.

References AddDataMeasured(), EFI_STATUS(), IsDataMeasured(), IsSecureAuthorityVariable(), and MeasureVariable().

Referenced by IsAllowedByDb(), IsForbiddenByDbx(), and IsSignatureFoundInDatabase().


Variable Documentation

Referenced by AddDataMeasured(), and IsDataMeasured().

Referenced by AddDataMeasured().

VARIABLE_RECORD* mMeasuredAuthorityList = NULL

Referenced by AddDataMeasured(), and IsDataMeasured().

VARIABLE_TYPE mVariableType[]

Initial value:

 {
  {EFI_IMAGE_SECURITY_DATABASE,  &gEfiImageSecurityDatabaseGuid},
}

Referenced by AssignVarName(), AssignVendorGuid(), IsSecureAuthorityVariable(), and MeasureAllSecureVariables().


Generated on Thu Sep 24 23:44:24 2015 for SecurityPkg[ALL] by  doxygen 1.5.7.1