From nobody Mon Feb 9 04:59:24 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+62751+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62751+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1594979577; cv=none; d=zohomail.com; s=zohoarc; b=IwNb9rLXC0wiz2vX4dZOr/MAQt6A8L+k8rmmVkY7L5sYJXicgxKqJZrwvfQQWqOzLx/IAsvGW41TDxqehxoq4WMuX99he23ruIIawUjsnb2EXmvF4hcos7AOWgHo5cIieR2DcyBjVH4EuI5AbHViGKO94Yb07grCGNzbrB3SFis= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1594979577; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=hrp8OdLU9GHzjB2ogTWFCM6nWUByOVhBfD9ExnocVCg=; b=Aky1Bra9CFra2WYqbsfugCdvdL3FV5OcjUerJ6JUC4Qjm9hx1slDcV/0N1dRit6Kd0fe+Lnjo/r2+mh2yVFKqS7PhSmZ6oeVNUeO52K/6ijM/vonMQmnKQVNUYFWGAkF18U7IqjBmGKXbv7hKLDimxpJ2jGHWHFeiox31ykYCTE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+62751+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1594979577422251.60899181005414; Fri, 17 Jul 2020 02:52:57 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id FpMUYY1788612xCi85Wqb37s; Fri, 17 Jul 2020 02:52:57 -0700 X-Received: from mga12.intel.com (mga12.intel.com []) by mx.groups.io with SMTP id smtpd.web10.6793.1594971201528724190 for ; Fri, 17 Jul 2020 00:33:25 -0700 IronPort-SDR: aIP44kIe9UOjn2HyZwE2Q5O/VRG6ciWPasniwZ/ExOMuLout43u9BQs3nanRNDDFATk7Ydd5PH LgaaQwoebfiw== X-IronPort-AV: E=McAfee;i="6000,8403,9684"; a="129113491" X-IronPort-AV: E=Sophos;i="5.75,362,1589266800"; d="scan'208";a="129113491" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga106.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 17 Jul 2020 00:33:25 -0700 IronPort-SDR: J8ovL6oyvBjnzTloSG7UoidqwbL8GB5rtvJHslv3jQ8UpabZTxoC1rZ/3zDxOmqz9B83Log2XF t0MDiug+UTGA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,362,1589266800"; d="scan'208";a="361273529" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 17 Jul 2020 00:33:23 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Qi Zhang , Rahul Kumar Subject: [edk2-devel] [PATCH v3 3/6] SecurityPkg/Tcg: Add TcgPpi Date: Fri, 17 Jul 2020 15:33:09 +0800 Message-Id: <20200717073312.10594-4-qi1.zhang@intel.com> In-Reply-To: <20200717073312.10594-1-qi1.zhang@intel.com> References: <20200717073312.10594-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: ZzyvTjxkNW9t9Kpn6g5sxxxlx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1594979577; bh=bwSKJxRRJsKAT1gQY9/kn1ixGWun+G9rIvvYwdH5Jj8=; h=Cc:Date:From:Reply-To:Subject:To; b=apt8t2XPRwBO8gTTkk1tDWowIPgoNDj6K//t0ey1mYh3l7kvNYlT/kN1nKtmGKslZH8 1FeHBF8heIkokPdbZ83h1izWGs3WPqfolSs6frn9DXc+H8PCJy6yuRDyve7nHgLw5uohe O6r3R1egs9gktU8nLpuVFkyVnx2VQAqGgCk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Jiewen Yao --- SecurityPkg/Tcg/TcgPei/TcgPei.c | 61 ++++++++++++++++++++++++++++--- SecurityPkg/Tcg/TcgPei/TcgPei.inf | 3 +- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPe= i.c index a9a808c9ec..2533388849 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM device and measure FVs before handing off control to DXE. =20 -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -51,6 +52,45 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = =3D { NULL }; =20 +/** + Do a hash operation on a data buffer, extend a specific TPM PCR with the= hash result, + and build a GUIDed HOB recording the event which will be passed to the D= XE phase and + added into the Event Log. + + @param[in] This Indicates the calling context + @param[in] Flags Bitmap providing additional information. + @param[in] HashData Physical address of the start of the data = buffer + to be hashed, extended, and logged. + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + +**/ +EFI_STATUS +EFIAPI +HashLogExtendEvent ( + IN EDKII_TCG_PPI *This, + IN UINT64 Flags, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +EDKII_TCG_PPI mEdkiiTcgPpi =3D { + HashLogExtendEvent +}; + +EFI_PEI_PPI_DESCRIPTOR mTcgPpiList =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gEdkiiTcgPpiGuid, + &mEdkiiTcgPpi +}; + // // Number of firmware blobs to grow by each time we run out of room // @@ -243,7 +283,8 @@ TpmCommHashAll ( and build a GUIDed HOB recording the event which will be passed to the D= XE phase and added into the Event Log. =20 - @param[in] PeiServices Describes the list of possible PEI Service= s. + @param[in] This Indicates the calling context. + @param[in] Flags Bitmap providing additional information. @param[in] HashData Physical address of the start of the data = buffer to be hashed, extended, and logged. @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. @@ -256,8 +297,10 @@ TpmCommHashAll ( =20 **/ EFI_STATUS +EFIAPI HashLogExtendEvent ( - IN EFI_PEI_SERVICES **PeiServices, + IN EDKII_TCG_PPI *This, + IN UINT64 Flags, IN UINT8 *HashData, IN UINTN HashDataLen, IN TCG_PCR_EVENT_HDR *NewEventHdr, @@ -346,7 +389,8 @@ MeasureCRTMVersion ( TcgEventHdr.EventSize =3D (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwa= reVersionString)); =20 return HashLogExtendEvent ( - PeiServices, + &mEdkiiTcgPpi, + 0, (UINT8*)PcdGetPtr (PcdFirmwareVersionString), TcgEventHdr.EventSize, &TcgEventHdr, @@ -415,7 +459,8 @@ MeasureFvImage ( TcgEventHdr.EventSize =3D sizeof (FvBlob); =20 Status =3D HashLogExtendEvent ( - (EFI_PEI_SERVICES **) GetPeiServicesTablePointer(), + &mEdkiiTcgPpi, + 0, (UINT8*) (UINTN) FvBlob.BlobBase, (UINTN) FvBlob.BlobLength, &TcgEventHdr, @@ -744,6 +789,12 @@ PeimEntryMP ( Status =3D PeiServicesNotifyPpi (&mNotifyList[0]); ASSERT_EFI_ERROR (Status); =20 + // + // install Tcg Services + // + Status =3D PeiServicesInstallPpi (&mTcgPpiList); + ASSERT_EFI_ERROR (Status); + return Status; } =20 diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/Tcg= Pei.inf index c0bff6e85e..4ab4edd657 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -4,7 +4,7 @@ # This module will initialize TPM device, measure reported FVs and BIOS v= ersion. # This module may also lock TPM physical presence and physicalPresenceLif= etimeLock. # -# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -67,6 +67,7 @@ gPeiTpmInitializedPpiGuid ## S= OMETIMES_PRODUCES gPeiTpmInitializationDonePpiGuid ## P= RODUCES gEfiEndOfPeiSignalPpiGuid ## S= OMETIMES_CONSUMES ## NOTIFY + gEdkiiTcgPpiGuid ## P= RODUCES =20 [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## S= OMETIMES_CONSUMES --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#62751): https://edk2.groups.io/g/devel/message/62751 Mute This Topic: https://groups.io/mt/75608827/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-