From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62486+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62486+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725679; cv=none; d=zohomail.com; s=zohoarc; b=Sap/7+hoaMZHarDMsqePHAvCGcMYyYSaHrBv5s1RhRXYebO7wAvCM6NmYxQcBM73KP9FCN26bvwlGZ6TtRG2Tc4/3icbP5MjKgPixq+f/vSludfnuIwniQwmYQ1MRnfHY43cD/hSVwgA7yb0h5MjgquCutOmm9yBm7KzvAX59hU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725679; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=bL9wquBFOnrp9avOOAVKWzZPD9FMc97JWACoc3Y6cn8=; b=jWFD/0YoJGPW9ELvtl2o+iUdjKHZv3lnZuPzqU2gBdSkzkk1OyrmCn9Y0ngQ4CIQ4RkUiUAlcR7UTlgnMYxIFlumZCDKoVPV/3SBrrh8YlMEPl0RK8VYP2J99MHQOkbbb/XjnbHHbNtfJMyCD3sG6RM6hKAXF0TXiOoWxGkA6bg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62486+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 159472567996132.54053224295308; Tue, 14 Jul 2020 04:21:19 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id HkRiYY1788612xooNQ5yLqq4; Tue, 14 Jul 2020 04:21:19 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:34 -0700 IronPort-SDR: S3WSQy8D+FSm8Opa7genFxVmdWMVBXJTcwWpIs+lQwCh1oy86Cxbq5N7PzCnZ3ZSjYDUdUOV+r oEB7NeydU1Ew== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287702" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287702" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:34 -0700 IronPort-SDR: O58UrUOy4yDExxhq01HEzqYKRRACm0HE7+IMiNI023bv811KEO+/qW0gZOTYhDcV4/HTa7QkzF iRllfQcXheHg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292061" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:32 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 1/6] SecurityPkg/TcgPpi: Add TcgPpi header file. Date: Tue, 14 Jul 2020 14:49:17 +0800 Message-Id: <20200714064922.7025-2-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: dCkfZpTHOMT4bsPruYsIJUojx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725679; bh=p+bgu3krjTnpZe4+j5CiUM+HWr4urmYdnGO3hgcQZmw=; h=Cc:Date:From:Reply-To:Subject:To; b=tgvuYWn7GJNZ8/KSB1k4vXrLAjnc+x+qyNQh8l+nLw/UTPCThn+0XByg5G8D5n43Rat MtNStope/KCPKogzRaI/OMgpWZ6cbiCR4YtZD6O9gAvkwEfrDld5tkJksaWelcYwthUli 0WV8A7SQatrYUrjITSunx+px8xLEfFIBRvE= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Jiewen Yao --- SecurityPkg/Include/Ppi/Tcg.h | 50 +++++++++++++++++++++++++++++++++++ 1 file changed, 50 insertions(+) create mode 100644 SecurityPkg/Include/Ppi/Tcg.h diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.h new file mode 100644 index 0000000000..4eacd57166 --- /dev/null +++ b/SecurityPkg/Include/Ppi/Tcg.h @@ -0,0 +1,50 @@ +/** @file + TCG PPI services. + +Copyright (c) 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_PPI_H_ +#define _TCG_PPI_H_ + +#include + +typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI; + +/** + Tpm measure and log data, and extend the measurement result into a speci= fic PCR. + + @param[in] This Indicates the calling context + @param[in] HashData Physical address of the start of the data = buffer + to be hashed, extended, and logged. + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_TCG_HASH_LOG_EXTEND_EVENT)( + IN EDKII_TCG_PPI *This, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +/// +/// The EFI_TCG Protocol abstracts TCG activity. +/// +struct _EDKII_TCG_PPI { + EDKII_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent; +}; + +extern EFI_GUID gEdkiiTcgPpiGuid; + +#endif --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62486): https://edk2.groups.io/g/devel/message/62486 Mute This Topic: https://groups.io/mt/75496422/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62489+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62489+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725680; cv=none; d=zohomail.com; s=zohoarc; b=V3YlkbeNJgtnbUHT8YYCLhrPpnClvKD1MLjbnj1slePmRoHwaL8w1azMGHCISoUVBoCvQ+XS1Xin/QaWH6WT5Ef4Pw5VsGortnK0rs6u8ishvRevYETQB6LztvNvVseMrGOquOqu/gWQzGgJqmJxlFaCPvI9OFKic8M7KnchepU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725680; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=/Mv3mrwKflRoWQJ2mxcOgPEL87OoLdFrDyY2pd82FIY=; b=hc8xJ8DOYLYHkKK/QspeZr4YtdoncvVcNn+wtxnNVqklxrZjuwsTdQQOqO0N9a0KHxkRp2P2pVVl/UyvwzNHpF31qIsaCoteBrtRkN0FjxpzNW5rxivqejtINBk/dnk2eP4kpeqocYiMxRXIRvN3h5GovJ2mCXEFvmeispiWm6I= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62489+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1594725680272853.1783340444458; Tue, 14 Jul 2020 04:21:20 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id XwWmYY1788612xsJZbGaPLhh; Tue, 14 Jul 2020 04:21:19 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:39 -0700 IronPort-SDR: +VexWukMkR7E/A3ERcCg2NxAaz51a1+/6kh/hTa9pW5H79Iu071pgs69wZXxlIZ7WlvbJnDxE4 4UvQDC3zPoEQ== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287715" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287715" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:38 -0700 IronPort-SDR: vocFBtX2PQdKxDbQXjhFuOc00KBTZA2WTK0Y83m6nTzqRxBgfd73cSkyEBU9FBi63gPbF0K00d n94T51HAzf3w== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292073" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:36 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 2/6] SecurityPkg/dec: Add TcgPpi. Date: Tue, 14 Jul 2020 14:49:18 +0800 Message-Id: <20200714064922.7025-3-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: CuPeAJf9HNCMfjtmLj7SWt6vx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725679; bh=GdjieUmL4iq8EhntCMLLXfiBDlJDraK9zvBEMYRAuHs=; h=Cc:Date:From:Reply-To:Subject:To; b=SHp+rrNeaJK2v2ynswxHmjkcUHPHdCepowmbPs1HWGwQC9P1OsJ5PVRy6Ks5B3Fsn4g H7jM6SpmB7I56E9+Eh3vUJ/w4h9yModDvmDNVrVo1q13abve6ay+60PKCqCIqSXDU6P1g sMmfAV47nk6LL9IcowDNtZ3ES+WtU4ZWCMY= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Jiewen Yao --- SecurityPkg/SecurityPkg.dec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 79d46308ad..42fc48cc1f 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -203,6 +203,9 @@ ## Include/Ppi/FirmwareVolumeInfoStoredHashFv.h gEdkiiPeiFirmwareVolumeInfoStoredHashFvPpiGuid =3D {0x7f5e4e31, 0x81b1, = 0x47e5, { 0x9e, 0x21, 0x1e, 0x4b, 0x5b, 0xc2, 0xf6, 0x1d } } =20 + ## Include/Ppi/Tcg.h + gEdkiiTcgPpiGuid =3D {0x57a13b87, 0x133d, 0x4bf3, { 0xbf, 0xf1, 0x1b, 0x= ca, 0xc7, 0x17, 0x6c, 0xf1 } } + # # [Error.gEfiSecurityPkgTokenSpaceGuid] # 0x80000001 | Invalid value provided. --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62489): https://edk2.groups.io/g/devel/message/62489 Mute This Topic: https://groups.io/mt/75496424/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62490+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62490+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725681; cv=none; d=zohomail.com; s=zohoarc; b=l92BIqaMEqpE+6eMSvmy9/vQDGAeUmO/1GY9T0FzZnPOxnX/D5hzFVq57/jLHM/BiaypeNMOY7vl+QX6GWMYbl84X4dGUwLdSh/MX32fxBq0sWuRS2+4PLenESveBy0QB/69RCazFSzn7h1jCzo5uqOFscOt5/Kus9jvOjyKMnk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725681; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=xPIE84UAn2/5apbDlP0YYC8qMS3OZPziigqhXT2ydG8=; b=mH5RskVtAJRvg6q6mY3NBbuLLY/ml+RIRddWNXwzIveHpScRZlw3utx8fmB4X2/QpGaOtPffmIg3hGvcZm6kOes/mXOs5b/6o1Ed0zCrJgcZ3xyH4whgV6m8/MWFvwgvaEaiTJKK1dtDRCYz+ZdOzR4S2lhawyCjkTEJtcA+wEU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62490+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1594725681116955.9311638542015; Tue, 14 Jul 2020 04:21:21 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id WWZGYY1788612xF7jgodZu7X; Tue, 14 Jul 2020 04:21:20 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:43 -0700 IronPort-SDR: vm2Ez+ZRD/ccSDCye21BWGpNQAuuZ8uPcZTumOdiBetg2SqDST3p42jSZ0l+Ln0Vdo8MPD9fsa aMDEyWy0qSyg== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287721" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287721" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:43 -0700 IronPort-SDR: G/8olIGcr6dn6qr8g+gebay5/jxTm184KT7SHWsQM9P8JBar5JSpK+ykf49zshH73nF3bY3Zfu ORITkZgjg3Gw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292085" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:40 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Qi Zhang , Rahul Kumar Subject: [edk2-devel] [PATCH 3/6] SecurityPkg/Tcg: Add TcgPpi Date: Tue, 14 Jul 2020 14:49:19 +0800 Message-Id: <20200714064922.7025-4-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: rgGGXOKYchRIK6P6LF2H9mRNx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725680; bh=UzKMvVOqUtSAosmNEPdR2N6WATTCYpYfZK6iD/X6SSA=; h=Cc:Date:From:Reply-To:Subject:To; b=O825E5dprUUrgC+kArjOQXFIh7mEta3y2NgeKBqKFM0lifpIPNzczRSG2M6DD57XqXb Q8PWnMIHlv01nVk1/KcFLiqZIKaliGAkgCdubDMrbAfhvU6ISbIl3WlHEG5mAJwP4ONTq dEvRR/qICG+FnLADdohgZwulgc6O/ekXlq4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Jiewen Yao --- SecurityPkg/Tcg/TcgPei/TcgPei.c | 53 ++++++++++++++++++++++++++++--- SecurityPkg/Tcg/TcgPei/TcgPei.inf | 3 +- 2 files changed, 51 insertions(+), 5 deletions(-) diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPe= i.c index a9a808c9ec..193d96b640 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM device and measure FVs before handing off control to DXE. =20 -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -51,6 +52,43 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = =3D { NULL }; =20 +/** + Do a hash operation on a data buffer, extend a specific TPM PCR with the= hash result, + and build a GUIDed HOB recording the event which will be passed to the D= XE phase and + added into the Event Log. + + @param[in] This Indicates the calling context + @param[in] HashData Physical address of the start of the data = buffer + to be hashed, extended, and logged. + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + +**/ +EFI_STATUS +EFIAPI +HashLogExtendEvent ( + IN EDKII_TCG_PPI *This, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +EDKII_TCG_PPI mEdkiiTcgPpi =3D { + HashLogExtendEvent +}; + +EFI_PEI_PPI_DESCRIPTOR mTcgPpiList =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gEdkiiTcgPpiGuid, + &mEdkiiTcgPpi +}; + // // Number of firmware blobs to grow by each time we run out of room // @@ -256,8 +294,9 @@ TpmCommHashAll ( =20 **/ EFI_STATUS +EFIAPI HashLogExtendEvent ( - IN EFI_PEI_SERVICES **PeiServices, + IN EDKII_TCG_PPI *This, IN UINT8 *HashData, IN UINTN HashDataLen, IN TCG_PCR_EVENT_HDR *NewEventHdr, @@ -346,7 +385,7 @@ MeasureCRTMVersion ( TcgEventHdr.EventSize =3D (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwa= reVersionString)); =20 return HashLogExtendEvent ( - PeiServices, + &mEdkiiTcgPpi, (UINT8*)PcdGetPtr (PcdFirmwareVersionString), TcgEventHdr.EventSize, &TcgEventHdr, @@ -415,7 +454,7 @@ MeasureFvImage ( TcgEventHdr.EventSize =3D sizeof (FvBlob); =20 Status =3D HashLogExtendEvent ( - (EFI_PEI_SERVICES **) GetPeiServicesTablePointer(), + &mEdkiiTcgPpi, (UINT8*) (UINTN) FvBlob.BlobBase, (UINTN) FvBlob.BlobLength, &TcgEventHdr, @@ -744,6 +783,12 @@ PeimEntryMP ( Status =3D PeiServicesNotifyPpi (&mNotifyList[0]); ASSERT_EFI_ERROR (Status); =20 + // + // install Tcg Services + // + Status =3D PeiServicesInstallPpi (&mTcgPpiList); + ASSERT_EFI_ERROR (Status); + return Status; } =20 diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/Tcg= Pei.inf index c0bff6e85e..4ab4edd657 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -4,7 +4,7 @@ # This module will initialize TPM device, measure reported FVs and BIOS v= ersion. # This module may also lock TPM physical presence and physicalPresenceLif= etimeLock. # -# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -67,6 +67,7 @@ gPeiTpmInitializedPpiGuid ## S= OMETIMES_PRODUCES gPeiTpmInitializationDonePpiGuid ## P= RODUCES gEfiEndOfPeiSignalPpiGuid ## S= OMETIMES_CONSUMES ## NOTIFY + gEdkiiTcgPpiGuid ## P= RODUCES =20 [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## S= OMETIMES_CONSUMES --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62490): https://edk2.groups.io/g/devel/message/62490 Mute This Topic: https://groups.io/mt/75496425/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62491+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62491+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725681; cv=none; d=zohomail.com; s=zohoarc; b=Y14AAyJuwYGDmGms5+3kTIAFC9wv+e81tMW3hBVb6LkD0JPgK88V/Z4OdapauKel6osZEr82/kziB0Du7p3TAJ2XtmGyPjYl8yxZA3L9WBkrJDYvyYOWMQdDc90kYPEv5HRspSl1ESVYUMwSRUwZ2Z+/84UuF9siPGonT3PkAK8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725681; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=2fpuPMvkIqazJ6bpvWafS3+6a6Y88FLFuhVwVEIPA6Y=; b=NEO/11R5nyF3XVxmcVMpAV+NEgJPQCHDogqlUfHlZGMcRkkaeumzPVTtw4PY+U26me7q3tKSibsVqqBmUxMkn7T4qxBz+URm2oPQXnDSX5VSnN0lDYY3eMbWzS2kibpUt2DY6kBWPrQTnc8fxIZ3sF1zZOla5OHzOdkQJuknQs0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62491+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1594725681440580.8571392268559; Tue, 14 Jul 2020 04:21:21 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id EA1zYY1788612xJuxjsfUpBa; Tue, 14 Jul 2020 04:21:21 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:48 -0700 IronPort-SDR: ddGsLVC/YtU2ccOkT1YzglHNEJ2i3UTeHR7LBscBApBmQclTLlWrodfWK1ie5e6zpl78XoiAt/ icDRHNJX3R2Q== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287727" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287727" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:48 -0700 IronPort-SDR: XDkbPIL6XVYxJQMcW3WZ+8+nayZy/+RASOzoYChWfeK3Eszotc+Q0jUI5aWOq+9Rx89VXaIXxb rRzZBhhT5ocw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292100" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:44 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Qi Zhang , Rahul Kumar Subject: [edk2-devel] [PATCH 4/6] SecurityPkg/Tcg2: Add TcgPpi Date: Tue, 14 Jul 2020 14:49:20 +0800 Message-Id: <20200714064922.7025-5-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: eyQKj7suYmuQCaDb2GfrHNxLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725681; bh=SuNcHxzGEqH91O56AcE5L2CEsij3VwM1HliQU/tLIog=; h=Cc:Date:From:Reply-To:Subject:To; b=f/FHWVy9GIjAzUVJ56NWJpRx7ChBk9uJ63DAEFuZRcK5QMvzNUPO5xLkuHqDcIlkF9n NghJ28UK/Fpjz1vJPjQ3CVhA3ltu4b1qpsr1f0SSdABqt4cpNY7Fe9tA7xFxvyzF3JWXc rnPcn6Q8jDlNlwcs1XA0N0UOgnFCggKVEOw= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Jiewen Yao --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 61 ++++++++++++++++++++++++----- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 3 +- 2 files changed, 54 insertions(+), 10 deletions(-) diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tc= g2Pei.c index 19b8e4b318..1313bbc9e1 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM2 device and measure FVs before handing off control to DXE. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
Copyright (c) 2017, Microsoft Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -66,6 +67,43 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = =3D { NULL }; =20 +/** + Do a hash operation on a data buffer, extend a specific TPM PCR with the= hash result, + and build a GUIDed HOB recording the event which will be passed to the D= XE phase and + added into the Event Log. + + @param[in] This Indicates the calling context + @param[in] HashData Physical address of the start of the data = buffer + to be hashed, extended, and logged. + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + +**/ +EFI_STATUS +EFIAPI +HashLogExtendEvent ( + IN EDKII_TCG_PPI *This, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +EDKII_TCG_PPI mEdkiiTcgPpi =3D { + HashLogExtendEvent +}; + +EFI_PEI_PPI_DESCRIPTOR mTcgPpiList =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gEdkiiTcgPpiGuid, + &mEdkiiTcgPpi +}; + // // Number of firmware blobs to grow by each time we run out of room // @@ -375,7 +413,7 @@ LogHashEvent ( and build a GUIDed HOB recording the event which will be passed to the D= XE phase and added into the Event Log. =20 - @param[in] Flags Bitmap providing additional information. + @param[in] This Indicates the calling context @param[in] HashData Physical address of the start of the data = buffer to be hashed, extended, and logged. @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. @@ -388,8 +426,9 @@ LogHashEvent ( =20 **/ EFI_STATUS +EFIAPI HashLogExtendEvent ( - IN UINT64 Flags, + IN EDKII_TCG_PPI *This, IN UINT8 *HashData, IN UINTN HashDataLen, IN TCG_PCR_EVENT_HDR *NewEventHdr, @@ -410,9 +449,7 @@ HashLogExtendEvent ( &DigestList ); if (!EFI_ERROR (Status)) { - if ((Flags & EFI_TCG2_EXTEND_ONLY) =3D=3D 0) { - Status =3D LogHashEvent (&DigestList, NewEventHdr, NewEventData); - } + Status =3D LogHashEvent (&DigestList, NewEventHdr, NewEventData); } =20 if (Status =3D=3D EFI_DEVICE_ERROR) { @@ -452,7 +489,7 @@ MeasureCRTMVersion ( TcgEventHdr.EventSize =3D (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwa= reVersionString)); =20 return HashLogExtendEvent ( - 0, + &mEdkiiTcgPpi, (UINT8*)PcdGetPtr (PcdFirmwareVersionString), TcgEventHdr.EventSize, &TcgEventHdr, @@ -672,7 +709,7 @@ MeasureFvImage ( // Hash the FV, extend digest to the TPM and log TCG event // Status =3D HashLogExtendEvent ( - 0, + &mEdkiiTcgPpi, (UINT8*) (UINTN) FvBase, // HashData (UINTN) FvLength, // HashDataLen &TcgEventHdr, // EventHdr @@ -866,6 +903,12 @@ PeimEntryMP ( Status =3D PeiServicesNotifyPpi (&mNotifyList[0]); ASSERT_EFI_ERROR (Status); =20 + // + // install Tcg Services + // + Status =3D PeiServicesInstallPpi (&mTcgPpiList); + ASSERT_EFI_ERROR (Status); + return Status; } =20 @@ -893,7 +936,7 @@ MeasureSeparatorEventWithError ( TcgEvent.PCRIndex =3D PCRIndex; TcgEvent.EventType =3D EV_SEPARATOR; TcgEvent.EventSize =3D (UINT32)sizeof (EventData); - return HashLogExtendEvent(0,(UINT8 *)&EventData, TcgEvent.EventSize, &Tc= gEvent,(UINT8 *)&EventData); + return HashLogExtendEvent(&mEdkiiTcgPpi,(UINT8 *)&EventData, TcgEvent.Ev= entSize, &TcgEvent,(UINT8 *)&EventData); } =20 /** diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/= Tcg2Pei.inf index 3d361e8859..f64b29f1ae 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -8,7 +8,7 @@ # # This module will initialize TPM device, measure reported FVs and BIOS v= ersion. # -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
# Copyright (c) 2017, Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -72,6 +72,7 @@ gPeiTpmInitializationDonePpiGuid ## = PRODUCES gEfiEndOfPeiSignalPpiGuid ## = SOMETIMES_CONSUMES ## NOTIFY gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid ## = SOMETIMES_CONSUMES + gEdkiiTcgPpiGuid ## = PRODUCES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## = SOMETIMES_CONSUMES --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62491): https://edk2.groups.io/g/devel/message/62491 Mute This Topic: https://groups.io/mt/75496426/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62492+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62492+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725681; cv=none; d=zohomail.com; s=zohoarc; b=EBlZiiHSbAcHTtYTvgoamrJRiM23dh+ehTZSQH+NeP/1G0YgVL9dyWRzBgqGchlyTz3q9GBuLCJ0mVNJaJC17Ppr5W+l0HzXOF1zuZByVSwelkcAhDY/eSJl3fox7/6KKvuYHwg/dP8H3wk5MRsLd12ZFVXrTXOgJMHfdMHhhvw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725681; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=RUVd99gpkVK3wkRg4Xfcbugc9BTHrD0OGCnGtT8Dyv4=; b=lY+UwaJVEES2KOWtVBpGtUuNDbVydzgv3Wnw+kj6CuRGkbhx8ricNFBcB+OK0JP5jD+lZsIYjhsjzX7fVNaYmq4Tl0r8tiXIuzsKZiJTDv4JIQjhUFLTqkGmrdPv+Q7xyMOiJDZXPV2q+i81VXGcraLNz4hG4zd41YUH9rCN9ko= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62492+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1594725681910964.8228761493666; Tue, 14 Jul 2020 04:21:21 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id DnGmYY1788612xNhufyUqVGw; Tue, 14 Jul 2020 04:21:21 -0700 X-Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:52 -0700 IronPort-SDR: 42RcAne0wf/TARPHS8QmBKEG5yDBhz0snXUytGkGCScsM3z8zo/CbeTzin+flpPD22tjruoZq7 OHyUfHPB+gxQ== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287738" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287738" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:52 -0700 IronPort-SDR: c6EN6n2Vfl43wa3cOZvp1YmfjLxBQyMLczH34DWvayLytoZqhYtdDYXSwQeIIJ3gpW5mfcBJnI SFnazmBd48hg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292115" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:49 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. Date: Tue, 14 Jul 2020 14:49:21 +0800 Message-Id: <20200714064922.7025-6-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: R1hyLtk5fejNQqsC5ExCXxaTx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725681; bh=z7r3yU3TMZW5hveCwLyxJpntnkNiP9jkrN34eN2dpgU=; h=Cc:Date:From:Reply-To:Subject:To; b=hkOHhub7pVBa7jkrw5RuRHyWbS0UwQEVA3pVitFTQIuDQdobEgoO36sgRTX/fi+vOz9 o7SMBsWdaTJdB1M79tRfGV9Cl+lHvgvQXDqGJuRQ0Bdn5L3DFVZDA/opYyLijZtQt9UrE LYAl4WNGycRGmO+CtU7CMGs/IYKq9HfSeD8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Jiewen Yao --- .../PeiTpmMeasurementLib.c | 73 +++++++++++++++++++ .../PeiTpmMeasurementLib.inf | 50 +++++++++++++ .../PeiTpmMeasurementLib.uni | 17 +++++ 3 files changed, 140 insertions(+) create mode 100644 SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurem= entLib.c create mode 100644 SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurem= entLib.inf create mode 100644 SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurem= entLib.uni diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.= c b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c new file mode 100644 index 0000000000..7db22c568e --- /dev/null +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c @@ -0,0 +1,73 @@ +/** @file + This library is used by other modules to measure data to TPM. + +Copyright (c) 2020, Intel Corporation. All rights reserved.
+SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include +#include +#include +#include +#include +#include + +#include +#include + +/** + Tpm measure and log data, and extend the measurement result into a speci= fic PCR. + + @param[in] PcrIndex PCR Index. + @param[in] EventType Event type. + @param[in] EventLog Measurement event log. + @param[in] LogLen Event log length in bytes. + @param[in] HashData The start of the data buffer to be hashed, = extended. + @param[in] HashDataLen The length, in bytes, of the buffer referen= ced by HashData + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +**/ +EFI_STATUS +EFIAPI +TpmMeasureAndLogData ( + IN UINT32 PcrIndex, + IN UINT32 EventType, + IN VOID *EventLog, + IN UINT32 LogLen, + IN VOID *HashData, + IN UINT64 HashDataLen + ) +{ + EFI_STATUS Status; + EDKII_TCG_PPI *TcgPpi; + TCG_PCR_EVENT_HDR TcgEventHdr; + + Status =3D PeiServicesLocatePpi( + &gEdkiiTcgPpiGuid, + 0, + NULL, + (VOID**)&TcgPpi + ); + if (EFI_ERROR(Status)) { + return Status; + } + + TcgEventHdr.PCRIndex =3D PcrIndex; + TcgEventHdr.EventType =3D EventType; + TcgEventHdr.EventSize =3D LogLen; + + Status =3D TcgPpi->HashLogExtendEvent ( + TcgPpi, + HashData, + (UINTN)HashDataLen, + &TcgEventHdr, + EventLog + ); + return Status; +} diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.= inf b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf new file mode 100644 index 0000000000..6625d0fd01 --- /dev/null +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf @@ -0,0 +1,50 @@ +## @file +# Provides TPM measurement functions for TPM1.2 and TPM 2.0 +# +# This library provides TpmMeasureAndLogData() to measure and log data, a= nd +# extend the measurement result into a specific PCR. +# +# Copyright (c) 2020, Intel Corporation. All rights reserved.
+# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION =3D 0x00010005 + BASE_NAME =3D PeiTpmMeasurementLib + FILE_GUID =3D 9A62C49D-C45A-4322-9F3C-45958DF0056B + MODULE_TYPE =3D PEIM + VERSION_STRING =3D 1.0 + LIBRARY_CLASS =3D TpmMeasurementLib|PEIM + MODULE_UNI_FILE =3D PeiTpmMeasurementLib.uni + +# +# The following information is for reference only and not required by the = build tools. +# +# VALID_ARCHITECTURES =3D IA32 X64 +# + +[Sources] + PeiTpmMeasurementLib.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + HobLib + DebugLib + PcdLib + PrintLib + PeiServicesLib + PeiServicesTablePointerLib + +[Ppis] + gEdkiiTcgPpiGuid ## = CONSUMES + +[Depex] + gEfiPeiMasterBootModePpiGuid AND + gEfiTpmDeviceSelectedGuid diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.= uni b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni new file mode 100644 index 0000000000..7b4341b449 --- /dev/null +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni @@ -0,0 +1,17 @@ +// /** @file +// Provides TPM measurement functions for TPM1.2 and TPM 2.0 +// +// This library provides TpmMeasureAndLogData() to to measure and log data= , and +// extend the measurement result into a specific PCR. +// +// Copyright (c) 2020, Intel Corporation. All rights reserved.
+// +// SPDX-License-Identifier: BSD-2-Clause-Patent +// +// **/ + + +#string STR_MODULE_ABSTRACT #language en-US "Provides TPM meas= urement functions for TPM1.2 and TPM 2.0" + +#string STR_MODULE_DESCRIPTION #language en-US "This library prov= ides TpmMeasureAndLogData() to to measure and log data, and extend the meas= urement result into a specific PCR." + --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62492): https://edk2.groups.io/g/devel/message/62492 Mute This Topic: https://groups.io/mt/75496427/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Mon May 6 18:15:48 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62487+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62487+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594725681; cv=none; d=zohomail.com; s=zohoarc; b=cCDgkZiVjLbfGVpDMhoVwa4vwvK8AsXhSt7nhTeiH8I9z/4dI5fOf5/BA24flsblikiOLDXjTiGqqKYUhvrODE8MMQfAjrBo4IS0Kvf4sCh/CfidHEzhdfLS3WMadzq1KCmqbsufPcWr3TH8HSp11YuJomlMKzXnG/U13RgKgbg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594725681; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=YXyt1VElbreeIdV+HkpoWeCjfoI/i9b7b/q0xV6B9Kg=; b=TvFk/hSgvwaVOsJPaC0GjUr682MtuK/3YlwK5xDQxzQTf7LOSJNDahDEKU0TNRfOVSSyzG4UAznLrV/6+nf6UhWkYXZycR0wbXn/O/fWQjWqeo/X+Hwl1PZpLFTNVCe1jdsGojnxjP2be46G2VPGzHPuDzFOYaZztu8XUFE7hVM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62487+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 159472568106324.206286166773793; Tue, 14 Jul 2020 04:21:21 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id DjaeYY1788612xgEi4WFIRMm; Tue, 14 Jul 2020 04:21:20 -0700 X-Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) by mx.groups.io with SMTP id smtpd.web12.14687.1594709402782480096 for ; Mon, 13 Jul 2020 23:50:02 -0700 IronPort-SDR: tqYymq/uyurJhZxIYGhkxtLyd1BT5ugluIRTBLjk7YVovZ6W1JB3qWUv5lWxUOcGgcPGUiI3cV TLt1r6meopBg== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="128913104" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="128913104" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga107.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:50:00 -0700 IronPort-SDR: ZzHnZAmYCqBXSVgTAwCJnqLyrmOtyWpI7oIPztcLitpxwtzOSGD6uQ7pFK9OV16dQeQzqRkoUe AfZVVnD8LsKg== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292128" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:53 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 6/6] SecurityPkg/dsc: Add PeiTpmMeasurementLib. Date: Tue, 14 Jul 2020 14:49:22 +0800 Message-Id: <20200714064922.7025-7-qi1.zhang@intel.com> In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: TlfyxKjCHIadr7imd2kKgGFqx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594725680; bh=uHG1iEe6BbQrnV6nXDOKwSL0WcwIEjsqAK3FQYHFl8k=; h=Cc:Date:From:Reply-To:Subject:To; b=aA48MmwZ5PnRptER1724qmHs6R9yA07o1xSp8u66SWuGHgx/TMbIGU77fLoHJaU7BeG 8YRqYVYMJC+sDYG3zcH3ZyR9lIyPOYoErC7dVpbz8Yt9YZm8TqSqdFcMXlvlnFGOAptHE +3oruXb0f/gLbwALDvLCfdwe7SVdBJ4HS0Y= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Jiewen Yao --- SecurityPkg/SecurityPkg.dsc | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 53fce05353..28effe3eda 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -1,7 +1,7 @@ ## @file # Security Module Package for All Architectures. # -# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2015-2020 Hewlett Packard Enterprise Development LP
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -96,6 +96,7 @@ Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm= .inf Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf Tcg2PhysicalPresenceLib|SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/P= eiTcg2PhysicalPresenceLib.inf + TpmMeasurementLib|SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasure= mentLib.inf RngLib|MdePkg/Library/BaseRngLib/BaseRngLib.inf =20 [LibraryClasses.common.DXE_DRIVER] @@ -234,6 +235,7 @@ SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.= inf SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationL= ibRsa2048Sha256.inf =20 + SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62487): https://edk2.groups.io/g/devel/message/62487 Mute This Topic: https://groups.io/mt/75496423/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-