[edk2-devel] [PATCH V2 0/4] Add SPDM device security

Yao, Jiewen posted 4 patches 2 weeks ago
Failed in applying to current master (apply log)
MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.c       |  12 +-
MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.h       |   1 +
MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf  |   4 +-
.../Bus/Pci/PciBusDxe/PciEnumeratorSupport.c  |  63 +++++-
MdeModulePkg/Bus/Pci/PciBusDxe/PciLib.c       |   4 +-
.../Include/Protocol/DeviceSecurity.h         | 162 ++++++++++++++
MdeModulePkg/MdeModulePkg.dec                 |   5 +
MdePkg/Include/IndustryStandard/Spdm.h        | 203 ++++++++++++++++++
8 files changed, 447 insertions(+), 7 deletions(-)
create mode 100644 MdeModulePkg/Include/Protocol/DeviceSecurity.h
create mode 100644 MdePkg/Include/IndustryStandard/Spdm.h

[edk2-devel] [PATCH V2 0/4] Add SPDM device security

Posted by Yao, Jiewen 2 weeks ago
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2303

This patch series add support for device security based
upon the DMTF SPDM specification.
https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_0.95a.zip

We did design review at 18 Oct, 2019.
https://edk2.groups.io/g/devel/files/Designs/2019/1018
And the feedback from the meeting is addressed.
https://edk2.groups.io/g/devel/files/Designs/2019/1018/EDKII-Device%20Firmware%20Security%20v2.pdf

We add the Device security protocol in EDKII repo.
PCI bus driver consumes the interface.
If there is no producer, the PCI bus driver keeps current behavior.

So far, we only provide the producer what follows Intel
PCI security spec.
https://www.intel.com/content/www/us/en/io/pci-express/pcie-device-security-enhancements-spec.html
The implementation is put to EDKII platform repo.

The EDKII repo update is at https://github.com/jyao1/edk2/tree/DeviceSecurityMasterV2
The EDKII platform repo update is at https://github.com/jyao1/edk2-platforms/tree/DeviceSecurityMasterV2

The validation has been done on a Intel internal platform.
The device measurement can be shown in TCG event log.

signed-off-by: Jiewen Yao <jiewen.yao@intel.com>

Jiewen Yao (4):
  MdePkg/Include: Add DMTF SPDM definition.
  MdeModulePkg/Include: Add DeviceSecurity.h
  MdeModulePkg/dec: Add EdkiiDeviceSecurityProtocolGuid.
  MdeModulePkg/Pci: Add DeviceSecurity support.

 MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.c       |  12 +-
 MdeModulePkg/Bus/Pci/PciBusDxe/PciBus.h       |   1 +
 MdeModulePkg/Bus/Pci/PciBusDxe/PciBusDxe.inf  |   4 +-
 .../Bus/Pci/PciBusDxe/PciEnumeratorSupport.c  |  63 +++++-
 MdeModulePkg/Bus/Pci/PciBusDxe/PciLib.c       |   4 +-
 .../Include/Protocol/DeviceSecurity.h         | 162 ++++++++++++++
 MdeModulePkg/MdeModulePkg.dec                 |   5 +
 MdePkg/Include/IndustryStandard/Spdm.h        | 203 ++++++++++++++++++
 8 files changed, 447 insertions(+), 7 deletions(-)
 create mode 100644 MdeModulePkg/Include/Protocol/DeviceSecurity.h
 create mode 100644 MdePkg/Include/IndustryStandard/Spdm.h

-- 
2.19.2.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49763): https://edk2.groups.io/g/devel/message/49763
Mute This Topic: https://groups.io/mt/40117484/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-