diff options
| author | Yao, Jiewen <jiewen.yao@intel.com> | 2015-01-19 06:08:23 +0000 |
|---|---|---|
| committer | jyao1 <jyao1@Edk2> | 2015-01-19 06:08:23 +0000 |
| commit | aaedfe3c126c434badb608284ad72d8a07ce162b (patch) | |
| tree | 23c72ac830e58ed591a311b7f43ccc81b00cdaee /MdePkg/Include | |
| parent | 2f04e527397f6e6646ca7a96436b5edb29d303e9 (diff) | |
Add HSTI support.
Add HSTI header file and a library to assist HSTI table creation.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Gao, Liming" <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16621 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdePkg/Include')
| -rw-r--r-- | MdePkg/Include/IndustryStandard/Hsti.h | 82 | ||||
| -rw-r--r-- | MdePkg/Include/Library/HstiLib.h | 158 |
2 files changed, 240 insertions, 0 deletions
diff --git a/MdePkg/Include/IndustryStandard/Hsti.h b/MdePkg/Include/IndustryStandard/Hsti.h new file mode 100644 index 0000000000..1f118551a0 --- /dev/null +++ b/MdePkg/Include/IndustryStandard/Hsti.h @@ -0,0 +1,82 @@ +/** @file
+ Support for HSTI 1.0 specification, defined at
+ Microsoft Hardware Security Testability Specification.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __HSTI_H__
+#define __HSTI_H__
+
+#pragma pack(1)
+
+#define ADAPTER_INFO_PLATFORM_SECURITY_GUID \
+ {0x6be272c7, 0x1320, 0x4ccd, { 0x90, 0x17, 0xd4, 0x61, 0x2c, 0x01, 0x2b, 0x25 }}
+
+#define PLATFORM_SECURITY_VERSION_VNEXTCS 0x00000003
+
+#define PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE 0x00000001 // IHV
+#define PLATFORM_SECURITY_ROLE_PLATFORM_IBV 0x00000002
+#define PLATFORM_SECURITY_ROLE_IMPLEMENTOR_OEM 0x00000003
+#define PLATFORM_SECURITY_ROLE_IMPLEMENTOR_ODM 0x00000004
+
+typedef struct {
+ //
+ // Return PLATFORM_SECURITY_VERSION_VNEXTCS
+ //
+ UINT32 Version;
+ //
+ // The role of the publisher of this interface. Reference platform designers
+ // such as IHVs and IBVs are expected to return PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE
+ // and PLATFORM_SECURITY_ROLE_PLATFORM_IBV respectively.
+ // If the test modules from the designers are unable to fully verify all
+ // security features, then the platform implementers, OEMs and ODMs, will
+ // need to publish this interface with a role of Implementer.
+ //
+ UINT32 Role;
+ //
+ // Human readable vendor, model, & version of this implementation.
+ //
+ CHAR16 ImplementationID[256];
+ //
+ // The size in bytes of the SecurityFeaturesRequired and SecurityFeaturesEnabled arrays.
+ // The arrays must be the same size.
+ //
+ UINT32 SecurityFeaturesSize;
+ //
+ // IHV-defined bitfield corresponding to all security features which must be
+ // implemented to meet the security requirements defined by PLATFORM_SECURITY_VERSION Version.
+ //
+//UINT8 SecurityFeaturesRequired[]; //Ignored for non-IHV
+ //
+ // Publisher-defined bitfield corresponding to all security features which
+ // have implemented programmatic tests in this module.
+ //
+//UINT8 SecurityFeaturesImplemented[];
+ //
+ // Publisher-defined bitfield corresponding to all security features which
+ // have been verified implemented by this implementation.
+ //
+//UINT8 SecurityFeaturesVerified[];
+ //
+ // A Null-terminated string, one failure per line (CR/LF terminated), with a
+ // unique identifier that the OEM/ODM can use to locate the documentation
+ // which will describe the steps to remediate the failure - a URL to the
+ // documentation is recommended.
+ //
+//CHAR16 ErrorString[];
+} ADAPTER_INFO_PLATFORM_SECURITY;
+
+#pragma pack()
+
+extern EFI_GUID gAdapterInfoPlatformSecurityGuid;
+
+#endif
diff --git a/MdePkg/Include/Library/HstiLib.h b/MdePkg/Include/Library/HstiLib.h new file mode 100644 index 0000000000..9af8817b75 --- /dev/null +++ b/MdePkg/Include/Library/HstiLib.h @@ -0,0 +1,158 @@ +/** @file
+ Provides services to create, get and update HSTI table in AIP protocol.
+
+ Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+ This program and the accompanying materials
+ are licensed and made available under the terms and conditions of the BSD License
+ which accompanies this distribution. The full text of the license may be found at
+ http://opensource.org/licenses/bsd-license.php
+
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef __HSTI_LIB_H__
+#define __HSTI_LIB_H__
+
+/**
+ Publish HSTI table in AIP protocol.
+
+ One system should have only one PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE.
+
+ If the Role is NOT PLATFORM_SECURITY_ROLE_PLATFORM_REFERENCE,
+ SecurityFeaturesRequired field will be ignored.
+
+ @param Hsti HSTI data
+ @param HstiSize HSTI size
+
+ @retval EFI_SUCCESS The HSTI data is published in AIP protocol.
+ @retval EFI_ALREADY_STARTED There is already HSTI table with Role and ImplementationID published in system.
+ @retval EFI_VOLUME_CORRUPTED The input HSTI data does not follow HSTI specification.
+ @retval EFI_OUT_OF_RESOURCES There is not enough system resource to publish HSTI data in AIP protocol.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetTable (
+ IN VOID *Hsti,
+ IN UINTN HstiSize
+ );
+
+/**
+ Search HSTI table in AIP protocol, and return the data.
+ This API will return the HSTI table with indicated Role and ImplementationID,
+ NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+ @param Role Role of HSTI data.
+ @param ImplementationID ImplementationID of HSTI data.
+ NULL means find the first one match Role.
+ @param Hsti HSTI data. This buffer is allocated by callee, and it
+ is the responsibility of the caller to free it after
+ using it.
+ @param HstiSize HSTI size
+
+ @retval EFI_SUCCESS The HSTI data in AIP protocol is returned.
+ @retval EFI_NOT_FOUND There is not HSTI table with the Role and ImplementationID published in system.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibGetTable (
+ IN UINT32 Role,
+ IN CHAR16 *ImplementationID OPTIONAL,
+ OUT VOID **Hsti,
+ OUT UINTN *HstiSize
+ );
+
+/**
+ Set FeaturesVerified in published HSTI table.
+ This API will update the HSTI table with indicated Role and ImplementationID,
+ NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+ @param Role Role of HSTI data.
+ @param ImplementationID ImplementationID of HSTI data.
+ NULL means find the first one match Role.
+ @param ByteIndex Byte index of FeaturesVerified of HSTI data.
+ @param BitMask Bit mask of FeaturesVerified of HSTI data.
+
+ @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
+ @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
+ @retval EFI_UNSUPPORTED The ByteIndex is invalid.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetFeaturesVerified (
+ IN UINT32 Role,
+ IN CHAR16 *ImplementationID, OPTIONAL
+ IN UINT32 ByteIndex,
+ IN UINT8 BitMask
+ );
+
+/**
+ Clear FeaturesVerified in published HSTI table.
+ This API will update the HSTI table with indicated Role and ImplementationID,
+ NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+ @param Role Role of HSTI data.
+ @param ImplementationID ImplementationID of HSTI data.
+ NULL means find the first one match Role.
+ @param ByteIndex Byte index of FeaturesVerified of HSTI data.
+ @param BitMask Bit mask of FeaturesVerified of HSTI data.
+
+ @retval EFI_SUCCESS The FeaturesVerified of HSTI data updated in AIP protocol.
+ @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
+ @retval EFI_UNSUPPORTED The ByteIndex is invalid.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibClearFeaturesVerified (
+ IN UINT32 Role,
+ IN CHAR16 *ImplementationID, OPTIONAL
+ IN UINT32 ByteIndex,
+ IN UINT8 BitMask
+ );
+
+/**
+ Append ErrorString in published HSTI table.
+ This API will update the HSTI table with indicated Role and ImplementationID,
+ NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+ @param Role Role of HSTI data.
+ @param ImplementationID ImplementationID of HSTI data.
+ NULL means find the first one match Role.
+ @param ErrorString ErrorString of HSTI data.
+
+ @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
+ @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
+ @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibAppendErrorString (
+ IN UINT32 Role,
+ IN CHAR16 *ImplementationID, OPTIONAL
+ IN CHAR16 *ErrorString
+ );
+
+/**
+ Set a new ErrorString in published HSTI table.
+ This API will update the HSTI table with indicated Role and ImplementationID,
+ NULL ImplementationID means to find the first HSTI table with indicated Role.
+
+ @param Role Role of HSTI data.
+ @param ImplementationID ImplementationID of HSTI data.
+ NULL means find the first one match Role.
+ @param ErrorString ErrorString of HSTI data.
+
+ @retval EFI_SUCCESS The ErrorString of HSTI data is updated in AIP protocol.
+ @retval EFI_NOT_STARTED There is not HSTI table with the Role and ImplementationID published in system.
+ @retval EFI_OUT_OF_RESOURCES There is not enough system resource to update ErrorString.
+**/
+EFI_STATUS
+EFIAPI
+HstiLibSetErrorString (
+ IN UINT32 Role,
+ IN CHAR16 *ImplementationID, OPTIONAL
+ IN CHAR16 *ErrorString
+ );
+
+#endif
|