Add HSTI support.

Add HSTI header file and a library to assist HSTI table creation. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com> Reviewed-by: "Gao, Liming" <liming.gao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16621 6f19259b-4bc3-4df7-8a09-765794883524
2015-01-19 06:08:23 +00:00
parent 2f04e52739
commit aaedfe3c12
9 changed files with 1143 additions and 2 deletions
--- a/MdePkg/Include/IndustryStandard/Hsti.h
+++ b/MdePkg/Include/IndustryStandard/Hsti.h
@@ -0,0 +1,82 @@
+/** @file
+  Support for HSTI 1.0 specification, defined at 
+  Microsoft Hardware Security Testability Specification.
+
+  Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __HSTI_H__
+#define __HSTI_H__
+
+#pragma pack(1)
+
+#define ADAPTER_INFO_PLATFORM_SECURITY_GUID \
+  {0x6be272c7, 0x1320, 0x4ccd, { 0x90, 0x17, 0xd4, 0x61, 0x2c, 0x01, 0x2b, 0x25 }}
+
+#define PLATFORM_SECURITY_VERSION_VNEXTCS         0x00000003
+
+#define PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE 0x00000001  // IHV
+#define PLATFORM_SECURITY_ROLE_PLATFORM_IBV       0x00000002
+#define PLATFORM_SECURITY_ROLE_IMPLEMENTOR_OEM    0x00000003 
+#define PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM    0x00000004  
+
+typedef struct {
+  //
+  //  Return PLATFORM_SECURITY_VERSION_VNEXTCS
+  //
+  UINT32  Version;
+  //
+  // The role of the publisher of this interface.  Reference platform designers
+  // such as IHVs and IBVs are expected to return PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE
+  // and PLATFORM_SECURITY_ROLE_PLATFORM_IBV respectively.
+  // If the test modules from the designers are unable to fully verify all
+  // security features, then the platform implementers, OEMs and ODMs, will
+  // need to publish this interface with a role of Implementer.
+  //
+  UINT32  Role;
+  //
+  // Human readable vendor, model, & version of this implementation.
+  //
+  CHAR16  ImplementationID[256];
+  //
+  // The size in bytes of the SecurityFeaturesRequired and SecurityFeaturesEnabled arrays.
+  // The arrays must be the same size.
+  //
+  UINT32  SecurityFeaturesSize;
+  //
+  // IHV-defined bitfield corresponding to all security features which must be
+  // implemented to meet the security requirements defined by PLATFORM_SECURITY_VERSION Version.
+  //
+//UINT8   SecurityFeaturesRequired[];     //Ignored for non-IHV
+  //
+  // Publisher-defined bitfield corresponding to all security features which
+  // have implemented programmatic tests in this module.
+  //
+//UINT8   SecurityFeaturesImplemented[];
+  //
+  // Publisher-defined bitfield corresponding to all security features which
+  // have been verified implemented by this implementation.
+  //
+//UINT8   SecurityFeaturesVerified[];
+  //
+  // A Null-terminated string, one failure per line (CR/LF terminated), with a
+  // unique identifier that the OEM/ODM can use to locate the documentation
+  // which will describe the steps to remediate the failure - a URL to the
+  // documentation is recommended.
+  //
+//CHAR16	ErrorString[];
+} ADAPTER_INFO_PLATFORM_SECURITY;
+
+#pragma pack()
+
+extern EFI_GUID gAdapterInfoPlatformSecurityGuid;
+
+#endif
--- a/MdePkg/Include/Library/HstiLib.h
+++ b/MdePkg/Include/Library/HstiLib.h
@@ -0,0 +1,158 @@
+/** @file
+  Provides services to create, get and update HSTI table in AIP protocol.
+
+  Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+  This program and the accompanying materials
+  are licensed and made available under the terms and conditions of the BSD License
+  which accompanies this distribution.  The full text of the license may be found at
+  http://opensource.org/licenses/bsd-license.php
+
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __HSTI_LIB_H__
+#define __HSTI_LIB_H__
+
+/**
+  Publish HSTI table in AIP protocol.
+
+  One system should have only one PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE.
+
+  If the Role is NOT PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+  SecurityFeaturesRequired field will be ignored.
+
+  @param Hsti      HSTI data
+  @param HstiSize  HSTI size
+
+  @retval EFI_SUCCESS          The HSTI data is published in AIP protocol.
+  @retval EFI_ALREADY_STARTED  There is already HSTI table with Role and ImplementationID published in system.
+  @retval EFI_VOLUME_CORRUPTED The input HSTI data does not follow HSTI specification.
+  @retval EFI_OUT_OF_RESOURCES There is not enough system resource to publish HSTI data in AIP protocol.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetTable (
+  IN VOID                     *Hsti,
+  IN UINTN                    HstiSize
+  );
+
+/**
+  Search HSTI table in AIP protocol, and return the data.
+  This API will return the HSTI table with indicated Role and ImplementationID,
+  NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+  @param Role             Role of HSTI data.
+  @param ImplementationID ImplementationID of HSTI data.
+                          NULL means find the first one match Role.
+  @param Hsti             HSTI data. This buffer is allocated by callee, and it
+                          is the responsibility of the caller to free it after
+                          using it.
+  @param HstiSize         HSTI size
+
+  @retval EFI_SUCCESS          The HSTI data in AIP protocol is returned.
+  @retval EFI_NOT_FOUND        There is not HSTI table with the Role and ImplementationID published in system.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibGetTable (
+  IN UINT32                   Role,
+  IN CHAR16                   *ImplementationID OPTIONAL,
+  OUT VOID                    **Hsti,
+  OUT UINTN                   *HstiSize
+  );
+
+/**
+  Set FeaturesVerified in published HSTI table.
+  This API will update the HSTI table with indicated Role and ImplementationID,
+  NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+  @param Role             Role of HSTI data.
+  @param ImplementationID ImplementationID of HSTI data.
+                          NULL means find the first one match Role.
+  @param ByteIndex        Byte index of FeaturesVerified of HSTI data.
+  @param BitMask          Bit mask of FeaturesVerified of HSTI data.
+
+  @retval EFI_SUCCESS          The FeaturesVerified of HSTI data updated in AIP protocol.
+  @retval EFI_NOT_STARTED      There is not HSTI table with the Role and ImplementationID published in system.
+  @retval EFI_UNSUPPORTED      The ByteIndex is invalid.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetFeaturesVerified (
+  IN UINT32                   Role,
+  IN CHAR16                   *ImplementationID, OPTIONAL
+  IN UINT32                   ByteIndex,
+  IN UINT8                    BitMask
+  );
+
+/**
+  Clear FeaturesVerified in published HSTI table.
+  This API will update the HSTI table with indicated Role and ImplementationID,
+  NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+  @param Role             Role of HSTI data.
+  @param ImplementationID ImplementationID of HSTI data.
+                          NULL means find the first one match Role.
+  @param ByteIndex        Byte index of FeaturesVerified of HSTI data.
+  @param BitMask          Bit mask of FeaturesVerified of HSTI data.
+
+  @retval EFI_SUCCESS          The FeaturesVerified of HSTI data updated in AIP protocol.
+  @retval EFI_NOT_STARTED      There is not HSTI table with the Role and ImplementationID published in system.
+  @retval EFI_UNSUPPORTED      The ByteIndex is invalid.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibClearFeaturesVerified (
+  IN UINT32                   Role,
+  IN CHAR16                   *ImplementationID, OPTIONAL
+  IN UINT32                   ByteIndex,
+  IN UINT8                    BitMask
+  );
+
+/**
+  Append ErrorString in published HSTI table.
+  This API will update the HSTI table with indicated Role and ImplementationID,
+  NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+  @param Role             Role of HSTI data.
+  @param ImplementationID ImplementationID of HSTI data.
+                          NULL means find the first one match Role.
+  @param ErrorString      ErrorString of HSTI data.
+
+  @retval EFI_SUCCESS          The ErrorString of HSTI data is updated in AIP protocol.
+  @retval EFI_NOT_STARTED      There is not HSTI table with the Role and ImplementationID published in system.
+  @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibAppendErrorString (
+  IN UINT32                   Role,
+  IN CHAR16                   *ImplementationID, OPTIONAL
+  IN CHAR16                   *ErrorString
+  );
+
+/**
+  Set a new ErrorString in published HSTI table.
+  This API will update the HSTI table with indicated Role and ImplementationID,
+  NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+  @param Role             Role of HSTI data.
+  @param ImplementationID ImplementationID of HSTI data.
+                          NULL means find the first one match Role.
+  @param ErrorString      ErrorString of HSTI data.
+
+  @retval EFI_SUCCESS          The ErrorString of HSTI data is updated in AIP protocol.
+  @retval EFI_NOT_STARTED      There is not HSTI table with the Role and ImplementationID published in system.
+  @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetErrorString (
+  IN UINT32                   Role,
+  IN CHAR16                   *ImplementationID, OPTIONAL
+  IN CHAR16                   *ErrorString
+  );
+
+#endif