From nobody Mon Feb 9 12:26:35 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+63065+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+63065+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1595391137; cv=none; d=zohomail.com; s=zohoarc; b=hnKSrLOLLWGUWSuBCQfp3BPDAxK7tgU6QAXu2ZN3WBaboTX3LHXGItH1H9XdSKBTud5ZAyhd+UwrcKtg0fcZ9TSxvl6Qrgn3jUEQaHYCcr8n89UA1SdykW/35xLr7fYUxNkd/lHiXY5nJhSJZAFFN9NYNh43u4b0v8qmnsHFp3E= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1595391137; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=J9oMIi/TRQas/BfsgQcUgxwL78qEdpn09MOof9z+lQg=; b=UX+qJp8V8Gv2Mre+yZJJIXKZX9Yb6EDxxKT5kct5UH4Aq7MCzjFqtq5zIBx0q9u5IEVoBKxnatge2E88Q0j9Ja4Y+WoI0+Rir2D/ZlO6MTomgaerJPRguj1c+WpEMF2czq68KKXkJXu2kdIFPe0anrfPrc54qyXJLlFxP8hKGD0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+63065+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1595391137852272.5596720547061; Tue, 21 Jul 2020 21:12:17 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id 45LMYY1788612xm2S3I0x0f6; Tue, 21 Jul 2020 21:12:17 -0700 X-Received: from mga01.intel.com (mga01.intel.com []) by mx.groups.io with SMTP id smtpd.web11.11889.1595391132846714831 for ; Tue, 21 Jul 2020 21:12:17 -0700 IronPort-SDR: OXDn3tzWNUHhRbVAsGi7Y4udhzBccV7jEIBFL9HUIuFh6fE205zGINAQbT5FetrUxPIzvEHZRZ t4N6yO5Ef9UA== X-IronPort-AV: E=McAfee;i="6000,8403,9689"; a="168412613" X-IronPort-AV: E=Sophos;i="5.75,381,1589266800"; d="scan'208";a="168412613" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from orsmga004.jf.intel.com ([10.7.209.38]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jul 2020 21:12:16 -0700 IronPort-SDR: Kta9JerlydoYrqkSRlvi7L8nYsMjH3/fSIk9M7bKUAea/Xnq8lqGaG3kvwGA/nQx+92kecUvd4 kQ5ViHbi9dkw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,381,1589266800"; d="scan'208";a="432240920" X-Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga004.jf.intel.com with ESMTP; 21 Jul 2020 21:12:15 -0700 From: "Qi Zhang" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Qi Zhang , Rahul Kumar Subject: [edk2-devel] [PATCH v5 3/6] SecurityPkg/Tcg: Add TcgPpi Date: Wed, 22 Jul 2020 12:12:03 +0800 Message-Id: <20200722041206.12199-4-qi1.zhang@intel.com> In-Reply-To: <20200722041206.12199-1-qi1.zhang@intel.com> References: <20200722041206.12199-1-qi1.zhang@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,qi1.zhang@intel.com X-Gm-Message-State: zYQw6kSgyPpFPs2TlDBuIE2Ex1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1595391137; bh=+GLhiKWS5nu2GPAIQM0Au/gfiiJxt3cZiCTIAPOvzzw=; h=Cc:Date:From:Reply-To:Subject:To; b=Vgd/rSk6MtnoMiqLdQPeDfs/sjUOdc/SizOl2bw4jIC1oGKzVLlxUT6uSeY7RprT5kC LshVyS2EfebZjFveKwev4elxIGv3kuSAq3K7qoUXt1nuW9nVF7OL8tjqGFKXRFt9dTKwt M162vOK1BTmx2Ky9JRg6OOUcrxyb8ZSj9o0= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Jiewen Yao --- SecurityPkg/Tcg/TcgPei/TcgPei.c | 61 ++++++++++++++++++++++++++++--- SecurityPkg/Tcg/TcgPei/TcgPei.inf | 3 +- 2 files changed, 58 insertions(+), 6 deletions(-) diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPe= i.c index a9a808c9ec..2533388849 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM device and measure FVs before handing off control to DXE. =20 -Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include =20 #include #include @@ -51,6 +52,45 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = =3D { NULL }; =20 +/** + Do a hash operation on a data buffer, extend a specific TPM PCR with the= hash result, + and build a GUIDed HOB recording the event which will be passed to the D= XE phase and + added into the Event Log. + + @param[in] This Indicates the calling context + @param[in] Flags Bitmap providing additional information. + @param[in] HashData Physical address of the start of the data = buffer + to be hashed, extended, and logged. + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + +**/ +EFI_STATUS +EFIAPI +HashLogExtendEvent ( + IN EDKII_TCG_PPI *This, + IN UINT64 Flags, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +EDKII_TCG_PPI mEdkiiTcgPpi =3D { + HashLogExtendEvent +}; + +EFI_PEI_PPI_DESCRIPTOR mTcgPpiList =3D { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gEdkiiTcgPpiGuid, + &mEdkiiTcgPpi +}; + // // Number of firmware blobs to grow by each time we run out of room // @@ -243,7 +283,8 @@ TpmCommHashAll ( and build a GUIDed HOB recording the event which will be passed to the D= XE phase and added into the Event Log. =20 - @param[in] PeiServices Describes the list of possible PEI Service= s. + @param[in] This Indicates the calling context. + @param[in] Flags Bitmap providing additional information. @param[in] HashData Physical address of the start of the data = buffer to be hashed, extended, and logged. @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData. @@ -256,8 +297,10 @@ TpmCommHashAll ( =20 **/ EFI_STATUS +EFIAPI HashLogExtendEvent ( - IN EFI_PEI_SERVICES **PeiServices, + IN EDKII_TCG_PPI *This, + IN UINT64 Flags, IN UINT8 *HashData, IN UINTN HashDataLen, IN TCG_PCR_EVENT_HDR *NewEventHdr, @@ -346,7 +389,8 @@ MeasureCRTMVersion ( TcgEventHdr.EventSize =3D (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwa= reVersionString)); =20 return HashLogExtendEvent ( - PeiServices, + &mEdkiiTcgPpi, + 0, (UINT8*)PcdGetPtr (PcdFirmwareVersionString), TcgEventHdr.EventSize, &TcgEventHdr, @@ -415,7 +459,8 @@ MeasureFvImage ( TcgEventHdr.EventSize =3D sizeof (FvBlob); =20 Status =3D HashLogExtendEvent ( - (EFI_PEI_SERVICES **) GetPeiServicesTablePointer(), + &mEdkiiTcgPpi, + 0, (UINT8*) (UINTN) FvBlob.BlobBase, (UINTN) FvBlob.BlobLength, &TcgEventHdr, @@ -744,6 +789,12 @@ PeimEntryMP ( Status =3D PeiServicesNotifyPpi (&mNotifyList[0]); ASSERT_EFI_ERROR (Status); =20 + // + // install Tcg Services + // + Status =3D PeiServicesInstallPpi (&mTcgPpiList); + ASSERT_EFI_ERROR (Status); + return Status; } =20 diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/Tcg= Pei.inf index c0bff6e85e..4ab4edd657 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -4,7 +4,7 @@ # This module will initialize TPM device, measure reported FVs and BIOS v= ersion. # This module may also lock TPM physical presence and physicalPresenceLif= etimeLock. # -# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -67,6 +67,7 @@ gPeiTpmInitializedPpiGuid ## S= OMETIMES_PRODUCES gPeiTpmInitializationDonePpiGuid ## P= RODUCES gEfiEndOfPeiSignalPpiGuid ## S= OMETIMES_CONSUMES ## NOTIFY + gEdkiiTcgPpiGuid ## P= RODUCES =20 [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## S= OMETIMES_CONSUMES --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#63065): https://edk2.groups.io/g/devel/message/63065 Mute This Topic: https://groups.io/mt/75718616/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-