Update PeiCore to follow PI spec to retrieve GUIDED section data when ExtractionPpi is not found.

Enhance PeiCore Security Policy to check AuthenticationStatus when SecurityPpi is not found.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gao, Liming <liming.gao@intel.com>
Reviewed-by: Zeng, Star <star.zeng@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15817 6f19259b-4bc3-4df7-8a09-765794883524

MdeModulePkg/Core/Pei/FwVol/FwVol.c

@@ -735,6 +735,7 @@ ProcessSection (
   BOOLEAN                                 SectionCached;
   VOID                                    *TempOutputBuffer;
   UINT32                                  TempAuthenticationStatus;
+  UINT16                                  GuidedSectionAttributes;
 
   PrivateData   = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);
   *OutputBuffer = NULL;
@@ -834,9 +835,11 @@ ProcessSection (
         Authentication = 0;
         if (Section->Type == EFI_SECTION_GUID_DEFINED) {
           if (IS_SECTION2 (Section)) {
-            SectionDefinitionGuid = &((EFI_GUID_DEFINED_SECTION2 *)Section)->SectionDefinitionGuid;
+            SectionDefinitionGuid   = &((EFI_GUID_DEFINED_SECTION2 *)Section)->SectionDefinitionGuid;
+            GuidedSectionAttributes = ((EFI_GUID_DEFINED_SECTION2 *)Section)->Attributes;
           } else {
-            SectionDefinitionGuid = &((EFI_GUID_DEFINED_SECTION *)Section)->SectionDefinitionGuid;
+            SectionDefinitionGuid   = &((EFI_GUID_DEFINED_SECTION *)Section)->SectionDefinitionGuid;
+            GuidedSectionAttributes = ((EFI_GUID_DEFINED_SECTION *)Section)->Attributes;
           }
           if (VerifyGuidedSectionGuid (SectionDefinitionGuid, &GuidSectionPpi)) {
             Status = GuidSectionPpi->ExtractSection (
@@ -846,6 +849,21 @@ ProcessSection (
                                        &PpiOutputSize,
                                        &Authentication
                                        );
+          } else if ((GuidedSectionAttributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) == 0) {
+            //
+            // Figure out the proper authentication status for GUIDED section without processing required
+            //
+            Status = EFI_SUCCESS;
+            if ((GuidedSectionAttributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) == EFI_GUIDED_SECTION_AUTH_STATUS_VALID) {
+              Authentication |= EFI_AUTH_STATUS_IMAGE_SIGNED | EFI_AUTH_STATUS_NOT_TESTED;
+            }
+            if (IS_SECTION2 (Section)) {
+              PpiOutputSize = SECTION2_SIZE (Section) - ((EFI_GUID_DEFINED_SECTION2 *) Section)->DataOffset;
+              PpiOutput     = (UINT8 *) Section + ((EFI_GUID_DEFINED_SECTION2 *) Section)->DataOffset;
+            } else {
+              PpiOutputSize = SECTION_SIZE (Section) - ((EFI_GUID_DEFINED_SECTION *) Section)->DataOffset;
+              PpiOutput     = (UINT8 *) Section + ((EFI_GUID_DEFINED_SECTION *) Section)->DataOffset;
+            }
           }
         } else if (Section->Type == EFI_SECTION_COMPRESSION) {
           Status = PeiServicesLocatePpi (&gEfiPeiDecompressPpiGuid, 0, NULL, (VOID **) &DecompressPpi);