Defines | |
#define | MEASURED_AUTHORITY_COUNT_MAX 0x100 |
Functions | |
CHAR16 * | AssignVarName (IN CHAR16 *VarName) |
EFI_GUID * | AssignVendorGuid (IN EFI_GUID *VendorGuid) |
EFI_STATUS | AddDataMeasured (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN Size) |
BOOLEAN | IsDataMeasured (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *Data, IN UINTN Size) |
BOOLEAN | IsSecureAuthorityVariable (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid) |
EFI_STATUS EFIAPI | MeasureVariable (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *VarData, IN UINTN VarSize) |
VOID EFIAPI | SecureBootHook (IN CHAR16 *VariableName, IN EFI_GUID *VendorGuid, IN UINTN DataSize, IN VOID *Data) |
Variables | |
UINTN | mMeasuredAuthorityCount = 0 |
UINTN | mMeasuredAuthorityCountMax = 0 |
VARIABLE_RECORD * | mMeasuredAuthorityList = NULL |
VARIABLE_TYPE | mVariableType [] |
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define MEASURED_AUTHORITY_COUNT_MAX 0x100 |
Referenced by AddDataMeasured().
EFI_STATUS AddDataMeasured | ( | IN CHAR16 * | VarName, | |
IN EFI_GUID * | VendorGuid, | |||
IN VOID * | Data, | |||
IN UINTN | Size | |||
) |
This function will add variable information to MeasuredAuthorityList.
[in] | VarName | A Null-terminated string that is the name of the vendor's variable. |
[in] | VendorGuid | A unique identifier for the vendor. |
[in] | VarData | The content of the variable data. |
[in] | VarSize | The size of the variable data. |
EFI_SUCCESS | Operation completed successfully. | |
EFI_OUT_OF_RESOURCES | Out of memory. |
References AssignVarName(), AssignVendorGuid(), MEASURED_AUTHORITY_COUNT_MAX, mMeasuredAuthorityCount, mMeasuredAuthorityCountMax, and mMeasuredAuthorityList.
Referenced by SecureBootHook().
CHAR16* AssignVarName | ( | IN CHAR16 * | VarName | ) |
This function will check if VarName should be recorded and return the address of VarName if it is needed.
[in] | VarName | A Null-terminated string that is the name of the vendor's variable. |
References mVariableType, and UINTN().
Referenced by AddDataMeasured().
EFI_GUID* AssignVendorGuid | ( | IN EFI_GUID * | VendorGuid | ) |
This function will check if VendorGuid should be recorded and return the address of VendorGuid if it is needed.
[in] | VendorGuid | A unique identifier for the vendor. |
References mVariableType, and UINTN().
Referenced by AddDataMeasured().
BOOLEAN IsDataMeasured | ( | IN CHAR16 * | VarName, | |
IN EFI_GUID * | VendorGuid, | |||
IN VOID * | Data, | |||
IN UINTN | Size | |||
) |
This function will return if this variable is already measured.
[in] | VarName | A Null-terminated string that is the name of the vendor's variable. |
[in] | VendorGuid | A unique identifier for the vendor. |
[in] | VarData | The content of the variable data. |
[in] | VarSize | The size of the variable data. |
TRUE | The data is already measured. | |
FALSE | The data is not measured yet. |
References mMeasuredAuthorityCount, mMeasuredAuthorityList, TRUE, and UINTN().
Referenced by SecureBootHook().
BOOLEAN IsSecureAuthorityVariable | ( | IN CHAR16 * | VariableName, | |
IN EFI_GUID * | VendorGuid | |||
) |
This function will return if this variable is SecureAuthority Variable.
[in] | VariableName | A Null-terminated string that is the name of the vendor's variable. |
[in] | VendorGuid | A unique identifier for the vendor. |
TRUE | This is SecureAuthority Variable | |
FALSE | This is not SecureAuthority Variable |
References mVariableType, TRUE, and UINTN().
Referenced by SecureBootHook().
EFI_STATUS EFIAPI MeasureVariable | ( | IN CHAR16 * | VarName, | |
IN EFI_GUID * | VendorGuid, | |||
IN VOID * | VarData, | |||
IN UINTN | VarSize | |||
) |
Measure and log an EFI variable, and extend the measurement result into a specific PCR.
[in] | VarName | A Null-terminated string that is the name of the vendor's variable. |
[in] | VendorGuid | A unique identifier for the vendor. |
[in] | VarData | The content of the variable data. |
[in] | VarSize | The size of the variable data. |
EFI_SUCCESS | Operation completed successfully. | |
EFI_OUT_OF_RESOURCES | Out of memory. | |
EFI_DEVICE_ERROR | The operation was unsuccessful. |
References EFI_STATUS(), TpmMeasureAndLogData(), and UINTN().
Referenced by ReadAndMeasureBootVariable(), ReadAndMeasureVariable(), and SecureBootHook().
VOID EFIAPI SecureBootHook | ( | IN CHAR16 * | VariableName, | |
IN EFI_GUID * | VendorGuid, | |||
IN UINTN | DataSize, | |||
IN VOID * | Data | |||
) |
SecureBoot Hook for processing image verification.
[in] | VariableName | Name of Variable to be found. |
[in] | VendorGuid | Variable vendor GUID. |
[in] | DataSize | Size of Data found. If size is less than the data, this value contains the required size. |
[in] | Data | Data pointer. |
References AddDataMeasured(), EFI_STATUS(), IsDataMeasured(), IsSecureAuthorityVariable(), and MeasureVariable().
Referenced by IsAllowedByDb(), IsForbiddenByDbx(), and IsSignatureFoundInDatabase().
UINTN mMeasuredAuthorityCount = 0 |
Referenced by AddDataMeasured(), and IsDataMeasured().
UINTN mMeasuredAuthorityCountMax = 0 |
Referenced by AddDataMeasured().
VARIABLE_RECORD* mMeasuredAuthorityList = NULL |
Referenced by AddDataMeasured(), and IsDataMeasured().
VARIABLE_TYPE mVariableType[] |
Initial value:
{ {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid}, }
Referenced by AssignVarName(), AssignVendorGuid(), IsSecureAuthorityVariable(), and MeasureAllSecureVariables().