1. Enable use-cases in PEI using SecurityPPI co-equal to the use-cases in DXE using the Security Arch Protocol

2. Add support to find section by instance rather than only 0 at PEI phase.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14763 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Star Zeng
2013-10-11 03:54:13 +00:00
committed by lzeng14
parent 71fd9fae8b
commit c79351059e
18 changed files with 1139 additions and 231 deletions

View File

@@ -1,7 +1,7 @@
/** @file
EFI PEI Core Security services
Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -78,13 +78,12 @@ SecurityPpiNotifyCallback (
}
/**
Provide a callout to the security verification service.
@param PrivateData PeiCore's private data structure
@param VolumeHandle Handle of FV
@param FileHandle Handle of PEIM's ffs
@param AuthenticationStatus Authentication status
@retval EFI_SUCCESS Image is OK
@retval EFI_SECURITY_VIOLATION Image is illegal
@@ -94,17 +93,13 @@ EFI_STATUS
VerifyPeim (
IN PEI_CORE_INSTANCE *PrivateData,
IN EFI_PEI_FV_HANDLE VolumeHandle,
IN EFI_PEI_FILE_HANDLE FileHandle
IN EFI_PEI_FILE_HANDLE FileHandle,
IN UINT32 AuthenticationStatus
)
{
EFI_STATUS Status;
UINT32 AuthenticationStatus;
BOOLEAN DeferExection;
//
// Set a default authentication state
//
AuthenticationStatus = 0;
if (PrivateData->PrivateSecurityPpi == NULL) {
Status = EFI_NOT_FOUND;