.../IntelPciDeviceSecurityDxe.c | 19 ++-- .../IntelPciDeviceSecurityDxe.inf | 1 - .../TcgDeviceEvent.h | 101 ------------------ 3 files changed, 9 insertions(+), 112 deletions(-) delete mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h
Since official TCG definition is added to MdePkg, IntelPciDeviceSecurityDxe
should not define its own TCG event log.
Cc: Ray Ni <ray.ni@intel.com>
Cc: Rangasai V Chaganty <rangasai.v.chaganty@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
.../IntelPciDeviceSecurityDxe.c | 19 ++--
.../IntelPciDeviceSecurityDxe.inf | 1 -
.../TcgDeviceEvent.h | 101 ------------------
3 files changed, 9 insertions(+), 112 deletions(-)
delete mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c
index 2922fb8deb..d46862a1c4 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c
@@ -22,14 +22,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Protocol/PciIo.h>
#include <Protocol/DeviceSecurity.h>
#include <Protocol/PlatformDeviceSecurityPolicy.h>
-#include "TcgDeviceEvent.h"
typedef struct {
- EDKII_DEVICE_SECURITY_EVENT_DATA_HEADER EventData;
+ TCG_DEVICE_SECURITY_EVENT_DATA_HEADER EventData;
SPDM_MEASUREMENT_BLOCK_COMMON_HEADER CommonHeader;
SPDM_MEASUREMENT_BLOCK_DMTF_HEADER DmtfHeader;
UINT8 Digest[SHA256_DIGEST_SIZE];
- EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
+ TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext;
} EDKII_DEVICE_SECURITY_PCI_EVENT_DATA;
typedef struct {
@@ -327,14 +326,14 @@ ExtendDigestRegister (
Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, 0, sizeof(PciData), &PciData);
ASSERT_EFI_ERROR(Status);
- PcrIndex = EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX;
- EventType = EDKII_DEVICE_MEASUREMENT_COMPONENT_EVENT_TYPE;
+ PcrIndex = 2;
+ EventType = EV_EFI_SPDM_FIRMWARE_BLOB;
- CopyMem (EventLog.EventData.Signature, EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE, sizeof(EventLog.EventData.Signature));
- EventLog.EventData.Version = EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION;
+ CopyMem (EventLog.EventData.Signature, TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE, sizeof(EventLog.EventData.Signature));
+ EventLog.EventData.Version = TCG_DEVICE_SECURITY_EVENT_DATA_VERSION;
EventLog.EventData.Length = sizeof(EDKII_DEVICE_SECURITY_PCI_EVENT_DATA);
EventLog.EventData.SpdmHashAlgo = TcgAlgIdToSpdmHashAlgo (TcgAlgId);
- EventLog.EventData.DeviceType = EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI;
+ EventLog.EventData.DeviceType = TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI;
EventLog.CommonHeader.Index = DigestSel;
EventLog.CommonHeader.MeasurementSpecification = SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF;
@@ -343,8 +342,8 @@ ExtendDigestRegister (
EventLog.DmtfHeader.DMTFSpecMeasurementValueSize = SHA256_DIGEST_SIZE;
CopyMem (&EventLog.Digest, Digest, SHA256_DIGEST_SIZE);
- EventLog.PciContext.Version = EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION;
- EventLog.PciContext.Length = sizeof(EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT);
+ EventLog.PciContext.Version = TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION;
+ EventLog.PciContext.Length = sizeof(TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT);
EventLog.PciContext.VendorId = PciData.Hdr.VendorId;
EventLog.PciContext.DeviceId = PciData.Hdr.DeviceId;
EventLog.PciContext.RevisionID = PciData.Hdr.RevisionID;
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf
index 89a4c8fadd..b51b843bb5 100644
--- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf
+++ b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf
@@ -16,7 +16,6 @@
[Sources]
IntelPciDeviceSecurityDxe.c
- TcgDeviceEvent.h
[Packages]
MdePkg/MdePkg.dec
diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h
deleted file mode 100644
index a0ce344112..0000000000
--- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h
+++ /dev/null
@@ -1,101 +0,0 @@
-/** @file
- TCG Device Event data structure
-Copyright (c) 2019, Intel Corporation. All rights reserved.<BR>
-SPDX-License-Identifier: BSD-2-Clause-Patent
-**/
-
-
-#ifndef __TCG_EVENT_DATA_H__
-#define __TCG_EVENT_DATA_H__
-
-#include <IndustryStandard/Spdm.h>
-
-#pragma pack(1)
-
-// -------------------------------------------
-// TCG Measurement for SPDM Device Measurement
-// -------------------------------------------
-
-//
-// Device Firmware Component (including immutable ROM or mutable firmware)
-//
-#define EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX 2
-#define EDKII_DEVICE_MEASUREMENT_COMPONENT_EVENT_TYPE 0x800000E1
-//
-// Device Firmware Configuration (including hardware configuration or firmware configuration)
-//
-#define EDKII_DEVICE_MEASUREMENT_CONFIGURATION_PCR_INDEX 4
-#define EDKII_DEVICE_MEASUREMENT_CONFIGURATION_EVENT_TYPE 0x800000E2
-
-//
-// Device Firmware Measurement Measurement Data
-// The measurement data is the device firmware measurement.
-//
-// In order to support crypto agile, the firmware will hash the DeviceMeasurement again.
-// As such the device measurement algo might be different with host firmware measurement algo.
-//
-
-//
-// Device Firmware Measurement Event Data
-//
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE "SPDM Device Sec\0"
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION 0
-
-//
-// Device Type
-// 0x03 ~ 0xDF reserved by TCG.
-// 0xE0 ~ 0xFF reserved by OEM.
-//
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL 0
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI 1
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB 2
-
-//
-// Device Firmware Measurement Event Data Common Part
-// The device specific part should follow this data structure.
-//
-typedef struct {
- //
- // It must be EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE.
- //
- UINT8 Signature[16];
- //
- // It must be EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION.
- //
- UINT16 Version;
- //
- // The length of whole data structure, including Device Context.
- //
- UINT16 Length;
- //
- // The SpdmHashAlgo
- //
- UINT32 SpdmHashAlgo;
- //
- // The type of device. This field is to determine the Device Context followed by.
- //
- UINT32 DeviceType;
- //
- // The SPDM measurement block.
- //
-//SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
-} EDKII_DEVICE_SECURITY_EVENT_DATA_HEADER;
-
-//
-// PCI device specific context
-//
-#define EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION 0
-typedef struct {
- UINT16 Version;
- UINT16 Length;
- UINT16 VendorId;
- UINT16 DeviceId;
- UINT8 RevisionID;
- UINT8 ClassCode[3];
- UINT16 SubsystemVendorID;
- UINT16 SubsystemID;
-} EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT;
-
-#pragma pack()
-
-#endif
--
2.19.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#52476): https://edk2.groups.io/g/devel/message/52476
Mute This Topic: https://groups.io/mt/68955508/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
> > - PcrIndex = EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX; > + PcrIndex = 2; Jiewen, PcrIndex assignment is using magic value 2 here. I am ok with this magic value. Can you please add comment to say that this PCR is a device measurement component PCR? With that, Reviewed-by: Ray Ni <ray.ni@intel.com> Thanks, Ray -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52482): https://edk2.groups.io/g/devel/message/52482 Mute This Topic: https://groups.io/mt/68955508/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
Yes. I will. Thank you Yao Jiewen > -----Original Message----- > From: Ni, Ray <ray.ni@intel.com> > Sent: Monday, December 23, 2019 10:00 AM > To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io > Cc: Chaganty, Rangasai V <rangasai.v.chaganty@intel.com> > Subject: RE: [PATCH] IntelSiliconPkg/IntelPciDeviceSecurity: Use EDKII TCG > definition. > > > > > - PcrIndex = EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX; > > + PcrIndex = 2; > > Jiewen, PcrIndex assignment is using magic value 2 here. > I am ok with this magic value. Can you please add comment to say that this > PCR is a device measurement component PCR? > > With that, Reviewed-by: Ray Ni <ray.ni@intel.com> > > Thanks, > Ray -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52487): https://edk2.groups.io/g/devel/message/52487 Mute This Topic: https://groups.io/mt/68955508/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.