blob: 8f72ba42401f25d793cde51b49ffc004ff554df1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
|
/** @file
This file includes the function prototypes for the sanitization functions.
These are those functions:
DxeTpm2MeasureBootLibImageRead() function will make sure the PE/COFF image content
read is within the image buffer.
Tcg2MeasureGptTable() function will receive untrusted GPT partition table, and parse
partition data carefully.
Tcg2MeasurePeImage() function will accept untrusted PE/COFF image and validate its
data structure within this image buffer before use.
Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef DXE_TPM2_MEASURE_BOOT_LIB_SANITATION_
#define DXE_TPM2_MEASURE_BOOT_LIB_SANITATION_
#include <Uefi.h>
#include <Uefi/UefiSpec.h>
#include <Protocol/BlockIo.h>
#include <IndustryStandard/UefiTcgPlatform.h>
#include <Protocol/Tcg2Protocol.h>
/**
This function will validate the EFI_PARTITION_TABLE_HEADER structure is safe to parse
However this function will not attempt to verify the validity of the GPT partition
It will check the following:
- Signature
- Revision
- AlternateLBA
- FirstUsableLBA
- LastUsableLBA
- PartitionEntryLBA
- NumberOfPartitionEntries
- SizeOfPartitionEntry
- BlockIo
@param[in] PrimaryHeader
Pointer to the EFI_PARTITION_TABLE_HEADER structure.
@param[in] BlockIo
Pointer to the EFI_BLOCK_IO_PROTOCOL structure.
@retval EFI_SUCCESS
The EFI_PARTITION_TABLE_HEADER structure is valid.
@retval EFI_INVALID_PARAMETER
The EFI_PARTITION_TABLE_HEADER structure is invalid.
**/
EFI_STATUS
EFIAPI
SanitizeEfiPartitionTableHeader (
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
IN CONST EFI_BLOCK_IO_PROTOCOL *BlockIo
);
/**
This function will validate that the allocation size from the primary header is sane
It will check the following:
- AllocationSize does not overflow
@param[in] PrimaryHeader
Pointer to the EFI_PARTITION_TABLE_HEADER structure.
@param[out] AllocationSize
Pointer to the allocation size.
@retval EFI_SUCCESS
The allocation size is valid.
@retval EFI_OUT_OF_RESOURCES
The allocation size is invalid.
**/
EFI_STATUS
EFIAPI
SanitizePrimaryHeaderAllocationSize (
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
OUT UINT32 *AllocationSize
);
/**
This function will validate that the Gpt Event Size calculated from the primary header is sane
It will check the following:
- EventSize does not overflow
Important: This function includes the entire length of the allocated space, including
(sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event)) . When hashing the buffer allocated with this
size, the caller must subtract the size of the (sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event))
from the size of the buffer before hashing.
@param[in] PrimaryHeader - Pointer to the EFI_PARTITION_TABLE_HEADER structure.
@param[in] NumberOfPartition - Number of partitions.
@param[out] EventSize - Pointer to the event size.
@retval EFI_SUCCESS
The event size is valid.
@retval EFI_OUT_OF_RESOURCES
Overflow would have occurred.
@retval EFI_INVALID_PARAMETER
One of the passed parameters was invalid.
**/
EFI_STATUS
SanitizePrimaryHeaderGptEventSize (
IN CONST EFI_PARTITION_TABLE_HEADER *PrimaryHeader,
IN UINTN NumberOfPartition,
OUT UINT32 *EventSize
);
/**
This function will validate that the PeImage Event Size from the loaded image is sane
It will check the following:
- EventSize does not overflow
@param[in] FilePathSize - Size of the file path.
@param[out] EventSize - Pointer to the event size.
@retval EFI_SUCCESS
The event size is valid.
@retval EFI_OUT_OF_RESOURCES
Overflow would have occurred.
@retval EFI_INVALID_PARAMETER
One of the passed parameters was invalid.
**/
EFI_STATUS
SanitizePeImageEventSize (
IN UINT32 FilePathSize,
OUT UINT32 *EventSize
);
#endif // DXE_TPM2_MEASURE_BOOT_LIB_VALIDATION_
|
