2 files changed, 210 insertions, 0 deletions

diff --git a/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.c b/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.c
new file mode 100644
index 0000000000..42eeecd68c
--- /dev/null
+++ b/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.c
@@ -0,0 +1,177 @@
+/** @file

+  EDKII Device Security library for SPDM device.

+  It follows the SPDM Specification.

+

+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>

+SPDX-License-Identifier: BSD-2-Clause-Patent

+

+**/

+

+#include <Library/BaseLib.h>

+#include <Library/DebugLib.h>

+#include <Library/BaseMemoryLib.h>

+#include "hal/base.h"

+#include "hal/library/memlib.h"

+

+/**

+ * Copies bytes from a source buffer to a destination buffer.

+ *

+ * This function copies "src_len" bytes from "src_buf" to "dst_buf".

+ *

+ * Asserts and returns a non-zero value if any of the following are true:

+ *   1) "src_buf" or "dst_buf" are NULL.

+ *   2) "src_len" or "dst_len" is greater than (SIZE_MAX >> 1).

+ *   3) "src_len" is greater than "dst_len".

+ *   4) "src_buf" and "dst_buf" overlap.

+ *

+ * If any of these cases fail, a non-zero value is returned. Additionally if

+ * "dst_buf" points to a non-NULL value and "dst_len" is valid, then "dst_len"

+ * bytes of "dst_buf" are zeroed.

+ *

+ * This function follows the C11 cppreference description of memcpy_s.

+ * https://en.cppreference.com/w/c/string/byte/memcpy

+ * The cppreferece description does NOT allow the source or destination

+ * buffers to be NULL.

+ *

+ * This function differs from the Microsoft and Safeclib memcpy_s implementations

+ * in that the Microsoft and Safeclib implementations allow for NULL source and

+ * destinations pointers when the number of bytes to copy (src_len) is zero.

+ *

+ * In addition the Microsoft and Safeclib memcpy_s functions return different

+ * negative values on error. For best support, clients should generally check

+ * against zero for success or failure.

+ *

+ * @param    dst_buf   Destination buffer to copy to.

+ * @param    dst_len   Maximum length in bytes of the destination buffer.

+ * @param    src_buf   Source buffer to copy from.

+ * @param    src_len   The number of bytes to copy from the source buffer.

+ *

+ * @return   0 on success. non-zero on error.

+ *

+ **/

+void

+libspdm_copy_mem (

+  void        *dst_buf,

+  size_t      dst_len,

+  const void  *src_buf,

+  size_t      src_len

+  )

+{

+  volatile uint8_t        *dst;

+  const volatile uint8_t  *src;

+

+  dst = (volatile uint8_t *)dst_buf;

+  src = (const volatile uint8_t *)src_buf;

+

+  /* Check for case where "dst" or "dst_len" may be invalid.

+   * Do not zero "dst" in this case. */

+  if ((dst == NULL) || (dst_len > (SIZE_MAX >> 1))) {

+    ASSERT (0);

+  }

+

+  /* Gaurd against invalid source. Zero "dst" in this case. */

+  if (src == NULL) {

+    ZeroMem (dst_buf, dst_len);

+    ASSERT (0);

+  }

+

+  /* Guard against overlap case. Zero "dst" in these cases. */

+  if (((src < dst) && (src + src_len > dst)) || ((dst < src) && (dst + src_len > src))) {

+    ZeroMem (dst_buf, dst_len);

+    ASSERT (0);

+  }

+

+  /* Guard against invalid lengths. Zero "dst" in these cases. */

+  if ((src_len > dst_len) ||

+      (src_len > (SIZE_MAX >> 1)))

+  {

+    ZeroMem (dst_buf, dst_len);

+    ASSERT (0);

+  }

+

+  while (src_len-- != 0) {

+    *(dst++) = *(src++);

+  }

+}

+

+/**

+ * Fills a target buffer with a byte value, and returns the target buffer.

+ *

+ * This function fills length bytes of buffer with value, and returns buffer.

+ *

+ * If length is greater than (MAX_ADDRESS - buffer + 1), then ASSERT().

+ *

+ * @param  buffer    The memory to set.

+ * @param  length    The number of bytes to set.

+ * @param  value     The value with which to fill length bytes of buffer.

+ *

+ * @return buffer.

+ *

+ **/

+void

+libspdm_set_mem (

+  void     *buffer,

+  size_t   length,

+  uint8_t  value

+  )

+{

+  SetMem (buffer, length, value);

+}

+

+/**

+ * Fills a target buffer with zeros, and returns the target buffer.

+ *

+ * This function fills length bytes of buffer with zeros, and returns buffer.

+ *

+ * If length > 0 and buffer is NULL, then ASSERT().

+ * If length is greater than (MAX_ADDRESS - buffer + 1), then ASSERT().

+ *

+ * @param  buffer      The pointer to the target buffer to fill with zeros.

+ * @param  length      The number of bytes in buffer to fill with zeros.

+ *

+ * @return buffer.

+ *

+ **/

+void

+libspdm_zero_mem (

+  void    *buffer,

+  size_t  length

+  )

+{

+  ZeroMem (buffer, length);

+}

+

+/**

+ * Compares the contents of two buffers in const time.

+ *

+ * This function compares length bytes of source_buffer to length bytes of destination_buffer.

+ * If all length bytes of the two buffers are identical, then 0 is returned.  Otherwise, the

+ * value returned is the first mismatched byte in source_buffer subtracted from the first

+ * mismatched byte in destination_buffer.

+ *

+ * If length > 0 and destination_buffer is NULL, then ASSERT().

+ * If length > 0 and source_buffer is NULL, then ASSERT().

+ * If length is greater than (MAX_ADDRESS - destination_buffer + 1), then ASSERT().

+ * If length is greater than (MAX_ADDRESS - source_buffer + 1), then ASSERT().

+ *

+ * @param  destination_buffer A pointer to the destination buffer to compare.

+ * @param  source_buffer      A pointer to the source buffer to compare.

+ * @param  length            The number of bytes to compare.

+ *

+ * @return 0                 All length bytes of the two buffers are identical.

+ * @retval Non-zero          There is mismatched between source_buffer and destination_buffer.

+ *

+ **/

+bool

+libspdm_consttime_is_mem_equal (

+  const void  *destination_buffer,

+  const void  *source_buffer,

+  size_t      length

+  )

+{

+  if (CompareMem (destination_buffer, source_buffer, length) == 0) {

+    return true;

+  } else {

+    return false;

+  }

+}

diff --git a/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.inf b/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.inf
new file mode 100644
index 0000000000..f5b92aae6b
--- /dev/null
+++ b/SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.inf
@@ -0,0 +1,33 @@
+## @file

+#  SPDM library.

+#

+#  Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>

+#

+#  SPDX-License-Identifier: BSD-2-Clause-Patent

+#

+##

+

+[Defines]

+  INF_VERSION                    = 0x00010005

+  BASE_NAME                      = MemLibWrapper

+  FILE_GUID                      = d97bb726-6640-47dc-ae00-0cf2fbfb60f0

+  MODULE_TYPE                    = BASE

+  VERSION_STRING                 = 1.0

+  LIBRARY_CLASS                  = MemLibWrapper

+

+#

+# The following information is for reference only and not required by the build tools.

+#

+#  VALID_ARCHITECTURES           = IA32 X64 AARCH64

+#

+

+[Sources]

+  MemLibWrapper.c

+

+[Packages]

+  MdePkg/MdePkg.dec

+  SecurityPkg/SecurityPkg.dec

+

+[LibraryClasses]

+  BaseLib

+  DebugLib