[edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.

Rodrigo Gonzalez del Cueto posted 1 patch 3 years, 8 months ago
Patches applied successfully (tree, apply log)
git fetch https://github.com/patchew-project/edk2 tags/patchew/be0db939d7d1c36cf0085255b59acc549beb486c.1595283983.git.rodrigo.gonzalez.del.cueto@intel.com
There is a newer version of this series
SecurityPkg/Include/Library/Tpm2CommandLib.h  |  25 +-
.../Library/Tpm2CommandLib/Tpm2Integrity.c    | 468 ++++++++++++------
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c             |  32 +-
3 files changed, 364 insertions(+), 161 deletions(-)
[edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.
Posted by Rodrigo Gonzalez del Cueto 3 years, 8 months ago
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858

Add debug functionality to examine TPM extend operations
performed by BIOS and inspect the PCR 00 value prior to
any BIOS measurements.

Replaced usage of EFI_D_* for DEBUG_* definitions in debug
messages.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
---
 SecurityPkg/Include/Library/Tpm2CommandLib.h  |  25 +-
 .../Library/Tpm2CommandLib/Tpm2Integrity.c    | 468 ++++++++++++------
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c             |  32 +-
 3 files changed, 364 insertions(+), 161 deletions(-)

diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h b/SecurityPkg/Include/Library/Tpm2CommandLib.h
index ce381e786b..bfa5bd82f4 100644
--- a/SecurityPkg/Include/Library/Tpm2CommandLib.h
+++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h
@@ -505,7 +505,7 @@ EFIAPI
 Tpm2PcrEvent (
   IN      TPMI_DH_PCR               PcrHandle,
   IN      TPM2B_EVENT               *EventData,
-     OUT  TPML_DIGEST_VALUES        *Digests
+  OUT  TPML_DIGEST_VALUES        *Digests
   );
 
 /**
@@ -523,9 +523,26 @@ EFI_STATUS
 EFIAPI
 Tpm2PcrRead (
   IN      TPML_PCR_SELECTION        *PcrSelectionIn,
-     OUT  UINT32                    *PcrUpdateCounter,
-     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
-     OUT  TPML_DIGEST               *PcrValues
+  OUT  UINT32                    *PcrUpdateCounter,
+  OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
+  OUT  TPML_DIGEST               *PcrValues
+  );
+
+/**
+   This function will query the TPM to determine which hashing algorithms and
+   get the digests of all active and supported PCR banks of a specific PCR register.
+
+   @param[in]     PcrHandle     The index of the PCR register to be read.
+   @param[out]    HashList      List of digests from PCR register being read.
+
+   @retval EFI_SUCCESS           The Pcr was read successfully.
+   @retval EFI_DEVICE_ERROR      The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2ActivePcrRegisterRead (
+  IN      TPMI_DH_PCR                PcrHandle,
+  OUT     TPML_DIGEST                *HashList
   );
 
 /**
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
index ddb15178fb..229fc44139 100644
--- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
+++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
@@ -76,6 +76,297 @@ typedef struct {
 
 #pragma pack()
 
+/**
+  This command returns the values of all PCR specified in pcrSelect.
+
+  @param[in]  PcrSelectionIn     The selection of PCR to read.
+  @param[out] PcrUpdateCounter   The current value of the PCR update counter.
+  @param[out] PcrSelectionOut    The PCR in the returned list.
+  @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
+
+  @retval EFI_SUCCESS            Operation completed successfully.
+  @retval EFI_DEVICE_ERROR       The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2PcrRead (
+  IN      TPML_PCR_SELECTION        *PcrSelectionIn,
+     OUT  UINT32                    *PcrUpdateCounter,
+     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
+     OUT  TPML_DIGEST               *PcrValues
+  )
+{
+  EFI_STATUS                        Status;
+  TPM2_PCR_READ_COMMAND             SendBuffer;
+  TPM2_PCR_READ_RESPONSE            RecvBuffer;
+  UINT32                            SendBufferSize;
+  UINT32                            RecvBufferSize;
+  UINTN                             Index;
+  TPML_DIGEST                       *PcrValuesOut;
+  TPM2B_DIGEST                      *Digests;
+
+  //
+  // Construct command
+  //
+  SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
+  SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
+
+  SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
+  for (Index = 0; Index < PcrSelectionIn->count; Index++) {
+    SendBuffer.PcrSelectionIn.pcrSelections[Index].hash = SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
+    SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect = PcrSelectionIn->pcrSelections[Index].sizeofSelect;
+    CopyMem (&SendBuffer.PcrSelectionIn.pcrSelections[Index].pcrSelect, &PcrSelectionIn->pcrSelections[Index].pcrSelect, SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect);
+  }
+
+  SendBufferSize = sizeof(SendBuffer.Header) + sizeof(SendBuffer.PcrSelectionIn.count) + sizeof(SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
+  SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
+
+  //
+  // send Tpm command
+  //
+  RecvBufferSize = sizeof (RecvBuffer);
+  Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
+    return EFI_DEVICE_ERROR;
+  }
+  if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+    return EFI_NOT_FOUND;
+  }
+
+  //
+  // Return the response
+  //
+
+  //
+  // PcrUpdateCounter
+  //
+  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter)) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
+    return EFI_DEVICE_ERROR;
+  }
+  *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter);
+
+  //
+  // PcrSelectionOut
+  //
+  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count)) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
+    return EFI_DEVICE_ERROR;
+  }
+  PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count);
+  if (PcrSelectionOut->count > HASH_COUNT) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrSelectionOut->count error %x\n", PcrSelectionOut->count));
+    return EFI_DEVICE_ERROR;
+  }
+
+  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
+    return EFI_DEVICE_ERROR;
+  }
+  for (Index = 0; Index < PcrSelectionOut->count; Index++) {
+    PcrSelectionOut->pcrSelections[Index].hash = SwapBytes16(RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
+    PcrSelectionOut->pcrSelections[Index].sizeofSelect = RecvBuffer.PcrSelectionOut.pcrSelections[Index].sizeofSelect;
+    if (PcrSelectionOut->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
+      return EFI_DEVICE_ERROR;
+    }
+    CopyMem (&PcrSelectionOut->pcrSelections[Index].pcrSelect, &RecvBuffer.PcrSelectionOut.pcrSelections[Index].pcrSelect, PcrSelectionOut->pcrSelections[Index].sizeofSelect);
+  }
+
+  //
+  // PcrValues
+  //
+  PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
+  PcrValues->count = SwapBytes32(PcrValuesOut->count);
+  //
+  // The number of digests in list is not greater than 8 per TPML_DIGEST definition
+  //
+  if (PcrValues->count > 8) {
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrValues->count error %x\n", PcrValues->count));
+    return EFI_DEVICE_ERROR;
+  }
+  Digests = PcrValuesOut->digests;
+  for (Index = 0; Index < PcrValues->count; Index++) {
+    PcrValues->digests[Index].size = SwapBytes16(Digests->size);
+    if (PcrValues->digests[Index].size > sizeof(TPMU_HA)) {
+      DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - Digest.size error %x\n", PcrValues->digests[Index].size));
+      return EFI_DEVICE_ERROR;
+    }
+    CopyMem (&PcrValues->digests[Index].buffer, &Digests->buffer, PcrValues->digests[Index].size);
+    Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof(Digests->size) + PcrValues->digests[Index].size);
+  }
+
+  return EFI_SUCCESS;
+}
+
+/**
+   This function will query the TPM to determine which hashing algorithms and
+   get the digests of all active and supported PCR banks of a specific PCR register.
+
+   @param[in]     PcrHandle     The index of the PCR register to be read.
+   @param[out]    HashList      List of digests from PCR register being read.
+
+   @retval EFI_SUCCESS           The Pcr was read successfully.
+   @retval EFI_DEVICE_ERROR      The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2ActivePcrRegisterRead (
+ IN      TPMI_DH_PCR                PcrHandle,
+ OUT     TPML_DIGEST                *HashList
+)
+{
+  EFI_STATUS                        Status;
+  TPML_PCR_SELECTION                Pcrs;
+  TPML_PCR_SELECTION                PcrSelectionIn;
+  TPML_PCR_SELECTION                PcrSelectionOut;
+  TPML_DIGEST                       PcrValues;
+  UINT32                            PcrUpdateCounter;
+  UINT32                            PcrIndex;
+  UINT32                            TpmHashAlgorithmBitmap;
+  TPMI_ALG_HASH                     CurrentPcrBankHash;
+  UINT32                            ActivePcrBanks;
+  UINT32                            TcgRegistryHashAlg;
+  UINT32                            Index;
+  UINT32                            Index2;
+
+  PcrIndex = (UINT8)PcrHandle;
+
+  if ((PcrIndex < 0) ||
+      (PcrIndex >= IMPLEMENTATION_PCR)) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn));
+  ZeroMem (&PcrUpdateCounter, sizeof (UINT32));
+  ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut));
+  ZeroMem (&PcrValues, sizeof (PcrValues));
+  ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));
+
+  DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex));
+
+  //
+  // Read TPM capabilities
+  //
+  Status = Tpm2GetCapabilityPcrs (&Pcrs);
+
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n"));
+    return EFI_DEVICE_ERROR;
+  }
+
+  //
+  // Get Active Pcrs
+  //
+  Status = Tpm2GetCapabilitySupportedAndActivePcrs (
+             &TpmHashAlgorithmBitmap,
+             &ActivePcrBanks
+             );
+
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and active PCRs\n"));
+    return EFI_DEVICE_ERROR;
+  }
+
+  //
+  // Select from Active PCRs
+  //
+  for (Index = 0; Index < Pcrs.count; Index++) {
+    CurrentPcrBankHash = Pcrs.pcrSelections[Index].hash;
+
+    switch (CurrentPcrBankHash) {
+    case TPM_ALG_SHA1:
+      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n"));
+      TcgRegistryHashAlg = HASH_ALG_SHA1;
+      break;
+    case TPM_ALG_SHA256:
+      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n"));
+      TcgRegistryHashAlg = HASH_ALG_SHA256;
+      break;
+    case TPM_ALG_SHA384:
+      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n"));
+      TcgRegistryHashAlg = HASH_ALG_SHA384;
+      break;
+    case TPM_ALG_SHA512:
+      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n"));
+      TcgRegistryHashAlg = HASH_ALG_SHA512;
+      break;
+    case TPM_ALG_SM3_256:
+      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n"));
+      TcgRegistryHashAlg = HASH_ALG_SM3_256;
+      break;
+    default:
+      //
+      // Unsupported algorithm
+      //
+      DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n"));
+      TcgRegistryHashAlg = 0;
+      break;
+    }
+    //
+    // Skip unsupported and inactive PCR banks
+    //
+    if ((TcgRegistryHashAlg & ActivePcrBanks) == 0) {
+      DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank: 0x%04x\n", CurrentPcrBankHash));
+      continue;
+    }
+
+    //
+    // Select PCR from current active bank
+    //
+    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash = Pcrs.pcrSelections[Index].hash;
+    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect = PCR_SELECT_MAX;
+    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] = (PcrIndex < 8) ? 1 << PcrIndex : 0;
+    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] = (PcrIndex > 7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0;
+    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] = (PcrIndex > 15) ? 1 << (PcrIndex - 16) : 0;
+    PcrSelectionIn.count++;
+  }
+
+  //
+  // Read PCRs
+  //
+  Status = Tpm2PcrRead (
+             &PcrSelectionIn,
+             &PcrUpdateCounter,
+             &PcrSelectionOut,
+             &PcrValues
+             );
+
+  if (EFI_ERROR (Status)) {
+    DEBUG((DEBUG_ERROR, "Tpm2PcrRead failed Status = %r \n", Status));
+    return EFI_DEVICE_ERROR;
+  }
+
+  for (Index = 0; Index < PcrValues.count; Index++) {
+    DEBUG ((
+      DEBUG_INFO,
+      "ReadPcr - HashAlg = 0x%04x, Pcr[%02d], digest = ",
+      PcrSelectionOut.pcrSelections[Index].hash,
+      PcrIndex
+      ));
+
+    for(Index2 = 0; Index2 < PcrValues.digests[Index].size; Index2++) {
+      DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index2]));
+    }
+    DEBUG ((DEBUG_INFO, "\n"));
+  }
+
+  if (HashList != NULL) {
+    CopyMem (
+      HashList,
+      &PcrValues,
+      sizeof (TPML_DIGEST)
+      );
+  }
+
+  return EFI_SUCCESS;
+}
+
 /**
   This command is used to cause an update to the indicated PCR.
   The digests parameter contains one or more tagged digest value identified by an algorithm ID.
@@ -130,14 +421,26 @@ Tpm2PcrExtend (
     Buffer += sizeof(UINT16);
     DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
     if (DigestSize == 0) {
-      DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
+      DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
       return EFI_DEVICE_ERROR;
     }
+
     CopyMem(
       Buffer,
       &Digests->digests[Index].digest,
       DigestSize
       );
+
+    DEBUG_CODE_BEGIN ();
+    UINTN Index2;
+    DEBUG ((DEBUG_INFO, "Tpm2PcrExtend - Hash = 0x%04x, Pcr[%02d], digest = ", Digests->digests[Index].hashAlg, (UINT8) PcrHandle));
+
+    for (Index2 = 0; Index2 < DigestSize; Index2++) {
+      DEBUG ((DEBUG_INFO, "%02x ", Buffer[Index2]));
+    }
+    DEBUG ((DEBUG_INFO, "\n"));
+    DEBUG_CODE_END ();
+
     Buffer += DigestSize;
   }
 
@@ -151,7 +454,7 @@ Tpm2PcrExtend (
   }
 
   if (ResultBufSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
     return EFI_BUFFER_TOO_SMALL;
   }
 
@@ -160,7 +463,7 @@ Tpm2PcrExtend (
   //
   RespSize = SwapBytes32(Res.Header.paramSize);
   if (RespSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize));
     return EFI_BUFFER_TOO_SMALL;
   }
 
@@ -168,10 +471,15 @@ Tpm2PcrExtend (
   // Fail if command failed
   //
   if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
     return EFI_DEVICE_ERROR;
   }
 
+  DEBUG_CODE_BEGIN ();
+  DEBUG ((DEBUG_INFO, "Tpm2PcrExtend: PCR read after extend...\n"));
+  Tpm2ActivePcrRegisterRead (PcrHandle, NULL);
+  DEBUG_CODE_END ();
+
   //
   // Unmarshal the response
   //
@@ -246,7 +554,7 @@ Tpm2PcrEvent (
   }
 
   if (ResultBufSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n"));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n"));
     return EFI_BUFFER_TOO_SMALL;
   }
 
@@ -255,7 +563,7 @@ Tpm2PcrEvent (
   //
   RespSize = SwapBytes32(Res.Header.paramSize);
   if (RespSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize));
     return EFI_BUFFER_TOO_SMALL;
   }
 
@@ -263,7 +571,7 @@ Tpm2PcrEvent (
   // Fail if command failed
   //
   if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
     return EFI_DEVICE_ERROR;
   }
 
@@ -284,7 +592,7 @@ Tpm2PcrEvent (
     Buffer += sizeof(UINT16);
     DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
     if (DigestSize == 0) {
-      DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
+      DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
       return EFI_DEVICE_ERROR;
     }
     CopyMem(
@@ -298,134 +606,6 @@ Tpm2PcrEvent (
   return EFI_SUCCESS;
 }
 
-/**
-  This command returns the values of all PCR specified in pcrSelect.
-
-  @param[in]  PcrSelectionIn     The selection of PCR to read.
-  @param[out] PcrUpdateCounter   The current value of the PCR update counter.
-  @param[out] PcrSelectionOut    The PCR in the returned list.
-  @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
-
-  @retval EFI_SUCCESS            Operation completed successfully.
-  @retval EFI_DEVICE_ERROR       The command was unsuccessful.
-**/
-EFI_STATUS
-EFIAPI
-Tpm2PcrRead (
-  IN      TPML_PCR_SELECTION        *PcrSelectionIn,
-     OUT  UINT32                    *PcrUpdateCounter,
-     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
-     OUT  TPML_DIGEST               *PcrValues
-  )
-{
-  EFI_STATUS                        Status;
-  TPM2_PCR_READ_COMMAND             SendBuffer;
-  TPM2_PCR_READ_RESPONSE            RecvBuffer;
-  UINT32                            SendBufferSize;
-  UINT32                            RecvBufferSize;
-  UINTN                             Index;
-  TPML_DIGEST                       *PcrValuesOut;
-  TPM2B_DIGEST                      *Digests;
-
-  //
-  // Construct command
-  //
-  SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
-  SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
-
-  SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
-  for (Index = 0; Index < PcrSelectionIn->count; Index++) {
-    SendBuffer.PcrSelectionIn.pcrSelections[Index].hash = SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
-    SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect = PcrSelectionIn->pcrSelections[Index].sizeofSelect;
-    CopyMem (&SendBuffer.PcrSelectionIn.pcrSelections[Index].pcrSelect, &PcrSelectionIn->pcrSelections[Index].pcrSelect, SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect);
-  }
-
-  SendBufferSize = sizeof(SendBuffer.Header) + sizeof(SendBuffer.PcrSelectionIn.count) + sizeof(SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
-  SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
-
-  //
-  // send Tpm command
-  //
-  RecvBufferSize = sizeof (RecvBuffer);
-  Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
-  if (EFI_ERROR (Status)) {
-    return Status;
-  }
-
-  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
-    return EFI_DEVICE_ERROR;
-  }
-  if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
-    return EFI_NOT_FOUND;
-  }
-
-  //
-  // Return the response
-  //
-
-  //
-  // PcrUpdateCounter
-  //
-  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
-    return EFI_DEVICE_ERROR;
-  }
-  *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter);
-
-  //
-  // PcrSelectionOut
-  //
-  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
-    return EFI_DEVICE_ERROR;
-  }
-  PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count);
-  if (PcrSelectionOut->count > HASH_COUNT) {
-    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrSelectionOut->count error %x\n", PcrSelectionOut->count));
-    return EFI_DEVICE_ERROR;
-  }
-
-  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
-    return EFI_DEVICE_ERROR;
-  }
-  for (Index = 0; Index < PcrSelectionOut->count; Index++) {
-    PcrSelectionOut->pcrSelections[Index].hash = SwapBytes16(RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
-    PcrSelectionOut->pcrSelections[Index].sizeofSelect = RecvBuffer.PcrSelectionOut.pcrSelections[Index].sizeofSelect;
-    if (PcrSelectionOut->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
-      return EFI_DEVICE_ERROR;
-    }
-    CopyMem (&PcrSelectionOut->pcrSelections[Index].pcrSelect, &RecvBuffer.PcrSelectionOut.pcrSelections[Index].pcrSelect, PcrSelectionOut->pcrSelections[Index].sizeofSelect);
-  }
-
-  //
-  // PcrValues
-  //
-  PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
-  PcrValues->count = SwapBytes32(PcrValuesOut->count);
-  //
-  // The number of digests in list is not greater than 8 per TPML_DIGEST definition
-  //
-  if (PcrValues->count > 8) {
-    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrValues->count error %x\n", PcrValues->count));
-    return EFI_DEVICE_ERROR;
-  }
-  Digests = PcrValuesOut->digests;
-  for (Index = 0; Index < PcrValues->count; Index++) {
-    PcrValues->digests[Index].size = SwapBytes16(Digests->size);
-    if (PcrValues->digests[Index].size > sizeof(TPMU_HA)) {
-      DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - Digest.size error %x\n", PcrValues->digests[Index].size));
-      return EFI_DEVICE_ERROR;
-    }
-    CopyMem (&PcrValues->digests[Index].buffer, &Digests->buffer, PcrValues->digests[Index].size);
-    Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof(Digests->size) + PcrValues->digests[Index].size);
-  }
-
-  return EFI_SUCCESS;
-}
-
 /**
   This command is used to set the desired PCR allocation of PCR and algorithms.
 
@@ -513,7 +693,7 @@ Tpm2PcrAllocate (
   }
 
   if (ResultBufSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
     Status = EFI_BUFFER_TOO_SMALL;
     goto Done;
   }
@@ -523,7 +703,7 @@ Tpm2PcrAllocate (
   //
   RespSize = SwapBytes32(Res.Header.paramSize);
   if (RespSize > sizeof(Res)) {
-    DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
+    DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
     Status = EFI_BUFFER_TOO_SMALL;
     goto Done;
   }
@@ -532,7 +712,7 @@ Tpm2PcrAllocate (
   // Fail if command failed
   //
   if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
-    DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+    DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
     Status = EFI_DEVICE_ERROR;
     goto Done;
   }
@@ -673,15 +853,15 @@ Tpm2PcrAllocateBanks (
              &SizeNeeded,
              &SizeAvailable
              );
-  DEBUG ((EFI_D_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status));
+  DEBUG ((DEBUG_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status));
   if (EFI_ERROR (Status)) {
     goto Done;
   }
 
-  DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
-  DEBUG ((EFI_D_INFO, "MaxPCR            - %08x\n", MaxPCR));
-  DEBUG ((EFI_D_INFO, "SizeNeeded        - %08x\n", SizeNeeded));
-  DEBUG ((EFI_D_INFO, "SizeAvailable     - %08x\n", SizeAvailable));
+  DEBUG ((DEBUG_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
+  DEBUG ((DEBUG_INFO, "MaxPCR            - %08x\n", MaxPCR));
+  DEBUG ((DEBUG_INFO, "SizeNeeded        - %08x\n", SizeNeeded));
+  DEBUG ((DEBUG_INFO, "SizeAvailable     - %08x\n", SizeAvailable));
 
 Done:
   ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
index 19b8e4b318..678826f8a5 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
@@ -147,7 +147,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR           mNotifyList[] = {
   }
 };
 
-
 /**
   Record all measured Firmware Volume Information into a Guid Hob
   Guid Hob payload layout is
@@ -223,7 +222,7 @@ SyncPcrAllocationsAndPcrMask (
   UINT32                            Tpm2PcrMask;
   UINT32                            NewTpm2PcrMask;
 
-  DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n"));
+  DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n"));
 
   //
   // Determine the current TPM support and the Platform PCR mask.
@@ -234,7 +233,7 @@ SyncPcrAllocationsAndPcrMask (
   Tpm2PcrMask = PcdGet32 (PcdTpm2HashMask);
   if (Tpm2PcrMask == 0) {
     //
-    // if PcdTPm2HashMask is zero, use ActivePcr setting
+    // if PcdTpm2HashMask is zero, use ActivePcr setting
     //
     PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks);
     Tpm2PcrMask = TpmActivePcrBanks;
@@ -253,9 +252,9 @@ SyncPcrAllocationsAndPcrMask (
   if ((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) {
     NewTpmActivePcrBanks = TpmActivePcrBanks & Tpm2PcrMask;
 
-    DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
+    DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
     if (NewTpmActivePcrBanks == 0) {
-      DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
+      DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
       ASSERT (FALSE);
     } else {
       Status = Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitmap, NewTpmActivePcrBanks);
@@ -263,7 +262,7 @@ SyncPcrAllocationsAndPcrMask (
         //
         // We can't do much here, but we hope that this doesn't happen.
         //
-        DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTION__));
+        DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTION__));
         ASSERT_EFI_ERROR (Status);
       }
       //
@@ -280,9 +279,9 @@ SyncPcrAllocationsAndPcrMask (
   if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) != Tpm2PcrMask) {
     NewTpm2PcrMask = Tpm2PcrMask & TpmHashAlgorithmBitmap;
 
-    DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask));
+    DEBUG ((DEBUG_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask));
     if (NewTpm2PcrMask == 0) {
-      DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
+      DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
       ASSERT (FALSE);
     }
 
@@ -321,7 +320,7 @@ LogHashEvent (
   RetStatus = EFI_SUCCESS;
   for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
     if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
-      DEBUG ((EFI_D_INFO, "  LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));
+      DEBUG ((DEBUG_INFO, "  LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));
       switch (mTcg2EventInfo[Index].LogFormat) {
       case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
         Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);
@@ -416,7 +415,7 @@ HashLogExtendEvent (
   }
 
   if (Status == EFI_DEVICE_ERROR) {
-    DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
+    DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
     BuildGuidHob (&gTpmErrorHobGuid,0);
     REPORT_STATUS_CODE (
       EFI_ERROR_CODE | EFI_ERROR_MINOR,
@@ -925,7 +924,7 @@ PeimEntryMA (
   }
 
   if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
-    DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
+    DEBUG ((DEBUG_ERROR, "TPM2 error!\n"));
     return EFI_DEVICE_ERROR;
   }
 
@@ -989,7 +988,7 @@ PeimEntryMA (
       for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {
         Status = MeasureSeparatorEventWithError (PcrIndex);
         if (EFI_ERROR (Status)) {
-          DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured. Error!\n"));
+          DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured. Error!\n"));
         }
       }
     }
@@ -1006,6 +1005,13 @@ PeimEntryMA (
       }
     }
 
+    DEBUG_CODE_BEGIN ();
+    //
+    // Peek into TPM PCR 00 before any BIOS measurement.
+    //
+    Tpm2ActivePcrRegisterRead (00, NULL);
+    DEBUG_CODE_END ();
+
     //
     // Only install TpmInitializedPpi on success
     //
@@ -1020,7 +1026,7 @@ PeimEntryMA (
 
 Done:
   if (EFI_ERROR (Status)) {
-    DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n"));
+    DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n"));
     BuildGuidHob (&gTpmErrorHobGuid,0);
     REPORT_STATUS_CODE (
       EFI_ERROR_CODE | EFI_ERROR_MINOR,
-- 
2.27.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#62903): https://edk2.groups.io/g/devel/message/62903
Mute This Topic: https://groups.io/mt/75694164/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.
Posted by Yao, Jiewen 3 years, 8 months ago
Here is some initial feedback:

1) Please don't change function header Tpm2PcrEvent() and Tpm2PcrRead() in Tpm2CommandLib.h

2) Please don't move Tpm2PcrRead() function in Tpm2Integrity.c, so that I can know what you have changed.

3) Please add Tpm2ActivePcrRegisterRead() as the last function in Tpm2Integrity.c

4) Please use DEBUG_VERBOSE for the new debug log. We got feedback before that there are too many debug messages in TPM driver.

5) Below code is weird in Tpm2ActivePcrRegisterRead().
  UINT32                            PcrIndex; 
  PcrIndex = (UINT8)PcrHandle;

Why you define it as UINT32 and cast it as UINT8?

6) Please use 2 spaces indent for the function header.

EFI_STATUS
EFIAPI
Tpm2ActivePcrRegisterRead (
 IN      TPMI_DH_PCR                PcrHandle,
 OUT     TPML_DIGEST                *HashList
)

7) The name of Tpm2ActivePcrRegisterRead() is confusing. What you try to do is to read the PCR for the active bank. Maybe Tpm2PcrReadForActiveBank() ?

Thank you
Yao Jiewen


> -----Original Message-----
> From: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>
> Sent: Tuesday, July 21, 2020 6:29 AM
> To: devel@edk2.groups.io
> Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>; Yao,
> Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>; Zhang,
> Qi1 <qi1.zhang@intel.com>
> Subject: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858
> 
> Add debug functionality to examine TPM extend operations
> performed by BIOS and inspect the PCR 00 value prior to
> any BIOS measurements.
> 
> Replaced usage of EFI_D_* for DEBUG_* definitions in debug
> messages.
> 
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Qi Zhang <qi1.zhang@intel.com>
> Signed-off-by: Rodrigo Gonzalez del Cueto
> <rodrigo.gonzalez.del.cueto@intel.com>
> ---
>  SecurityPkg/Include/Library/Tpm2CommandLib.h  |  25 +-
>  .../Library/Tpm2CommandLib/Tpm2Integrity.c    | 468 ++++++++++++------
>  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c             |  32 +-
>  3 files changed, 364 insertions(+), 161 deletions(-)
> 
> diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h
> b/SecurityPkg/Include/Library/Tpm2CommandLib.h
> index ce381e786b..bfa5bd82f4 100644
> --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h
> +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h
> @@ -505,7 +505,7 @@ EFIAPI
>  Tpm2PcrEvent (
> 
>    IN      TPMI_DH_PCR               PcrHandle,
> 
>    IN      TPM2B_EVENT               *EventData,
> 
> -     OUT  TPML_DIGEST_VALUES        *Digests
> 
> +  OUT  TPML_DIGEST_VALUES        *Digests
> 
>    );
[Jiewen] Why you need this this?

> 
> 
> 
>  /**
> 
> @@ -523,9 +523,26 @@ EFI_STATUS
>  EFIAPI
> 
>  Tpm2PcrRead (
> 
>    IN      TPML_PCR_SELECTION        *PcrSelectionIn,
> 
> -     OUT  UINT32                    *PcrUpdateCounter,
> 
> -     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
> 
> -     OUT  TPML_DIGEST               *PcrValues
> 
> +  OUT  UINT32                    *PcrUpdateCounter,
> 
> +  OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
> 
> +  OUT  TPML_DIGEST               *PcrValues
> 
> +  ); 
> 
> +
> 
> +/**
> 
> +   This function will query the TPM to determine which hashing algorithms and
> 
> +   get the digests of all active and supported PCR banks of a specific PCR
> register.
> 
> +
> 
> +   @param[in]     PcrHandle     The index of the PCR register to be read.
> 
> +   @param[out]    HashList      List of digests from PCR register being read.
> 
> +
> 
> +   @retval EFI_SUCCESS           The Pcr was read successfully.
> 
> +   @retval EFI_DEVICE_ERROR      The command was unsuccessful.
> 
> +**/
> 
> +EFI_STATUS
> 
> +EFIAPI
> 
> +Tpm2ActivePcrRegisterRead (
> 
> +  IN      TPMI_DH_PCR                PcrHandle,
> 
> +  OUT     TPML_DIGEST                *HashList
> 
>    );
> 
> 
> 
>  /**
> 
> diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
> b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
> index ddb15178fb..229fc44139 100644
> --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
> +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c
> @@ -76,6 +76,297 @@ typedef struct {
> 
> 
>  #pragma pack()
> 
> 
> 
> +/**
> 
> +  This command returns the values of all PCR specified in pcrSelect.
> 
> +
> 
> +  @param[in]  PcrSelectionIn     The selection of PCR to read.
> 
> +  @param[out] PcrUpdateCounter   The current value of the PCR update
> counter.
> 
> +  @param[out] PcrSelectionOut    The PCR in the returned list.
> 
> +  @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
> 
> +
> 
> +  @retval EFI_SUCCESS            Operation completed successfully.
> 
> +  @retval EFI_DEVICE_ERROR       The command was unsuccessful.
> 
> +**/
> 
> +EFI_STATUS
> 
> +EFIAPI
> 
> +Tpm2PcrRead (
> 
> +  IN      TPML_PCR_SELECTION        *PcrSelectionIn,
> 
> +     OUT  UINT32                    *PcrUpdateCounter,
> 
> +     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
> 
> +     OUT  TPML_DIGEST               *PcrValues
> 
> +  )
> 
> +{
> 
> +  EFI_STATUS                        Status;
> 
> +  TPM2_PCR_READ_COMMAND             SendBuffer;
> 
> +  TPM2_PCR_READ_RESPONSE            RecvBuffer;
> 
> +  UINT32                            SendBufferSize;
> 
> +  UINT32                            RecvBufferSize;
> 
> +  UINTN                             Index;
> 
> +  TPML_DIGEST                       *PcrValuesOut;
> 
> +  TPM2B_DIGEST                      *Digests;
> 
> +
> 
> +  //
> 
> +  // Construct command
> 
> +  //
> 
> +  SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
> 
> +  SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
> 
> +
> 
> +  SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
> 
> +  for (Index = 0; Index < PcrSelectionIn->count; Index++) {
> 
> +    SendBuffer.PcrSelectionIn.pcrSelections[Index].hash =
> SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
> 
> +    SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect = PcrSelectionIn-
> >pcrSelections[Index].sizeofSelect;
> 
> +    CopyMem (&SendBuffer.PcrSelectionIn.pcrSelections[Index].pcrSelect,
> &PcrSelectionIn->pcrSelections[Index].pcrSelect,
> SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect);
> 
> +  }
> 
> +
> 
> +  SendBufferSize = sizeof(SendBuffer.Header) +
> sizeof(SendBuffer.PcrSelectionIn.count) +
> sizeof(SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
> 
> +  SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
> 
> +
> 
> +  //
> 
> +  // send Tpm command
> 
> +  //
> 
> +  RecvBufferSize = sizeof (RecvBuffer);
> 
> +  Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
> &RecvBufferSize, (UINT8 *)&RecvBuffer);
> 
> +  if (EFI_ERROR (Status)) {
> 
> +    return Status;
> 
> +  }
> 
> +
> 
> +  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +  if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n",
> SwapBytes32(RecvBuffer.Header.responseCode)));
> 
> +    return EFI_NOT_FOUND;
> 
> +  }
> 
> +
> 
> +  //
> 
> +  // Return the response
> 
> +  //
> 
> +
> 
> +  //
> 
> +  // PcrUpdateCounter
> 
> +  //
> 
> +  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter)) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +  *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter);
> 
> +
> 
> +  //
> 
> +  // PcrSelectionOut
> 
> +  //
> 
> +  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count)) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +  PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count);
> 
> +  if (PcrSelectionOut->count > HASH_COUNT) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrSelectionOut->count
> error %x\n", PcrSelectionOut->count));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +
> 
> +  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count) +
> sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +  for (Index = 0; Index < PcrSelectionOut->count; Index++) {
> 
> +    PcrSelectionOut->pcrSelections[Index].hash =
> SwapBytes16(RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
> 
> +    PcrSelectionOut->pcrSelections[Index].sizeofSelect =
> RecvBuffer.PcrSelectionOut.pcrSelections[Index].sizeofSelect;
> 
> +    if (PcrSelectionOut->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
> 
> +      return EFI_DEVICE_ERROR;
> 
> +    }
> 
> +    CopyMem (&PcrSelectionOut->pcrSelections[Index].pcrSelect,
> &RecvBuffer.PcrSelectionOut.pcrSelections[Index].pcrSelect, PcrSelectionOut-
> >pcrSelections[Index].sizeofSelect);
> 
> +  }
> 
> +
> 
> +  //
> 
> +  // PcrValues
> 
> +  //
> 
> +  PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof
> (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count) +
> sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
> 
> +  PcrValues->count = SwapBytes32(PcrValuesOut->count);
> 
> +  //
> 
> +  // The number of digests in list is not greater than 8 per TPML_DIGEST
> definition
> 
> +  //
> 
> +  if (PcrValues->count > 8) {
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrValues->count error %x\n",
> PcrValues->count));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +  Digests = PcrValuesOut->digests;
> 
> +  for (Index = 0; Index < PcrValues->count; Index++) {
> 
> +    PcrValues->digests[Index].size = SwapBytes16(Digests->size);
> 
> +    if (PcrValues->digests[Index].size > sizeof(TPMU_HA)) {
> 
> +      DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - Digest.size error %x\n",
> PcrValues->digests[Index].size));
> 
> +      return EFI_DEVICE_ERROR;
> 
> +    }
> 
> +    CopyMem (&PcrValues->digests[Index].buffer, &Digests->buffer, PcrValues-
> >digests[Index].size);
> 
> +    Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof(Digests->size) +
> PcrValues->digests[Index].size);
> 
> +  }
> 
> +
> 
> +  return EFI_SUCCESS;
> 
> +}
> 
> +
> 
> +/**
> 
> +   This function will query the TPM to determine which hashing algorithms and
> 
> +   get the digests of all active and supported PCR banks of a specific PCR
> register.
> 
> +
> 
> +   @param[in]     PcrHandle     The index of the PCR register to be read.
> 
> +   @param[out]    HashList      List of digests from PCR register being read.
> 
> +
> 
> +   @retval EFI_SUCCESS           The Pcr was read successfully.
> 
> +   @retval EFI_DEVICE_ERROR      The command was unsuccessful.
> 
> +**/
> 
> +EFI_STATUS
> 
> +EFIAPI
> 
> +Tpm2ActivePcrRegisterRead (
> 
> + IN      TPMI_DH_PCR                PcrHandle,
> 
> + OUT     TPML_DIGEST                *HashList
> 
> +)
> 
> +{
> 
> +  EFI_STATUS                        Status;
> 
> +  TPML_PCR_SELECTION                Pcrs;
> 
> +  TPML_PCR_SELECTION                PcrSelectionIn;
> 
> +  TPML_PCR_SELECTION                PcrSelectionOut;
> 
> +  TPML_DIGEST                       PcrValues;
> 
> +  UINT32                            PcrUpdateCounter;
> 
> +  UINT32                            PcrIndex;
> 
> +  UINT32                            TpmHashAlgorithmBitmap;
> 
> +  TPMI_ALG_HASH                     CurrentPcrBankHash;
> 
> +  UINT32                            ActivePcrBanks;
> 
> +  UINT32                            TcgRegistryHashAlg;
> 
> +  UINT32                            Index;
> 
> +  UINT32                            Index2;
> 
> +
> 
> +  PcrIndex = (UINT8)PcrHandle;
> 
> +
> 
> +  if ((PcrIndex < 0) ||
> 
> +      (PcrIndex >= IMPLEMENTATION_PCR)) {
> 
> +    return EFI_INVALID_PARAMETER;
> 
> +  }
> 
> +
> 
> +  ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn));
> 
> +  ZeroMem (&PcrUpdateCounter, sizeof (UINT32));
> 
> +  ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut));
> 
> +  ZeroMem (&PcrValues, sizeof (PcrValues));
> 
> +  ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));
> 
> +
> 
> +  DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex));
> 
> +
> 
> +  //
> 
> +  // Read TPM capabilities
> 
> +  //
> 
> +  Status = Tpm2GetCapabilityPcrs (&Pcrs);
> 
> +
> 
> +  if (EFI_ERROR (Status)) {
> 
> +    DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n"));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +
> 
> +  //
> 
> +  // Get Active Pcrs
> 
> +  //
> 
> +  Status = Tpm2GetCapabilitySupportedAndActivePcrs (
> 
> +             &TpmHashAlgorithmBitmap,
> 
> +             &ActivePcrBanks
> 
> +             );
> 
> +
> 
> +  if (EFI_ERROR (Status)) {
> 
> +    DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and
> active PCRs\n"));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +
> 
> +  //
> 
> +  // Select from Active PCRs
> 
> +  //
> 
> +  for (Index = 0; Index < Pcrs.count; Index++) {
> 
> +    CurrentPcrBankHash = Pcrs.pcrSelections[Index].hash;
> 
> +
> 
> +    switch (CurrentPcrBankHash) {
> 
> +    case TPM_ALG_SHA1:
> 
> +      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n"));
> 
> +      TcgRegistryHashAlg = HASH_ALG_SHA1;
> 
> +      break;
> 
> +    case TPM_ALG_SHA256:
> 
> +      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n"));
> 
> +      TcgRegistryHashAlg = HASH_ALG_SHA256;
> 
> +      break;
> 
> +    case TPM_ALG_SHA384:
> 
> +      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n"));
> 
> +      TcgRegistryHashAlg = HASH_ALG_SHA384;
> 
> +      break;
> 
> +    case TPM_ALG_SHA512:
> 
> +      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n"));
> 
> +      TcgRegistryHashAlg = HASH_ALG_SHA512;
> 
> +      break;
> 
> +    case TPM_ALG_SM3_256:
> 
> +      DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n"));
> 
> +      TcgRegistryHashAlg = HASH_ALG_SM3_256;
> 
> +      break;
> 
> +    default:
> 
> +      //
> 
> +      // Unsupported algorithm
> 
> +      //
> 
> +      DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n"));
> 
> +      TcgRegistryHashAlg = 0;
> 
> +      break;
> 
> +    }
> 
> +    //
> 
> +    // Skip unsupported and inactive PCR banks
> 
> +    //
> 
> +    if ((TcgRegistryHashAlg & ActivePcrBanks) == 0) {
> 
> +      DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank:
> 0x%04x\n", CurrentPcrBankHash));
> 
> +      continue;
> 
> +    }
> 
> +
> 
> +    //
> 
> +    // Select PCR from current active bank
> 
> +    //
> 
> +    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash =
> Pcrs.pcrSelections[Index].hash;
> 
> +    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect =
> PCR_SELECT_MAX;
> 
> +    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] = (PcrIndex <
> 8) ? 1 << PcrIndex : 0;
> 
> +    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] = (PcrIndex >
> 7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0;
> 
> +    PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] = (PcrIndex >
> 15) ? 1 << (PcrIndex - 16) : 0;
> 
> +    PcrSelectionIn.count++;
> 
> +  }
> 
> +
> 
> +  //
> 
> +  // Read PCRs
> 
> +  //
> 
> +  Status = Tpm2PcrRead (
> 
> +             &PcrSelectionIn,
> 
> +             &PcrUpdateCounter,
> 
> +             &PcrSelectionOut,
> 
> +             &PcrValues
> 
> +             );
> 
> +
> 
> +  if (EFI_ERROR (Status)) {
> 
> +    DEBUG((DEBUG_ERROR, "Tpm2PcrRead failed Status = %r \n", Status));
> 
> +    return EFI_DEVICE_ERROR;
> 
> +  }
> 
> +
> 
> +  for (Index = 0; Index < PcrValues.count; Index++) {
> 
> +    DEBUG ((
> 
> +      DEBUG_INFO,
> 
> +      "ReadPcr - HashAlg = 0x%04x, Pcr[%02d], digest = ",
> 
> +      PcrSelectionOut.pcrSelections[Index].hash,
> 
> +      PcrIndex
> 
> +      ));
> 
> +
> 
> +    for(Index2 = 0; Index2 < PcrValues.digests[Index].size; Index2++) {
> 
> +      DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index2]));
> 
> +    }
> 
> +    DEBUG ((DEBUG_INFO, "\n"));
> 
> +  }
> 
> +
> 
> +  if (HashList != NULL) {
> 
> +    CopyMem (
> 
> +      HashList,
> 
> +      &PcrValues,
> 
> +      sizeof (TPML_DIGEST)
> 
> +      );
> 
> +  }
> 
> +
> 
> +  return EFI_SUCCESS;
> 
> +}
> 
> +
> 
>  /**
> 
>    This command is used to cause an update to the indicated PCR.
> 
>    The digests parameter contains one or more tagged digest value identified by
> an algorithm ID.
> 
> @@ -130,14 +421,26 @@ Tpm2PcrExtend (
>      Buffer += sizeof(UINT16);
> 
>      DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
> 
>      if (DigestSize == 0) {
> 
> -      DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests-
> >digests[Index].hashAlg));
> 
> +      DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests-
> >digests[Index].hashAlg));
> 
>        return EFI_DEVICE_ERROR;
> 
>      }
> 
> +
> 
>      CopyMem(
> 
>        Buffer,
> 
>        &Digests->digests[Index].digest,
> 
>        DigestSize
> 
>        );
> 
> +
> 
> +    DEBUG_CODE_BEGIN ();
> 
> +    UINTN Index2;
> 
> +    DEBUG ((DEBUG_INFO, "Tpm2PcrExtend - Hash = 0x%04x, Pcr[%02d], digest
> = ", Digests->digests[Index].hashAlg, (UINT8) PcrHandle));
> 
> +
> 
> +    for (Index2 = 0; Index2 < DigestSize; Index2++) {
> 
> +      DEBUG ((DEBUG_INFO, "%02x ", Buffer[Index2]));
> 
> +    }
> 
> +    DEBUG ((DEBUG_INFO, "\n"));
> 
> +    DEBUG_CODE_END ();
> 
> +
> 
>      Buffer += DigestSize;
> 
>    }
> 
> 
> 
> @@ -151,7 +454,7 @@ Tpm2PcrExtend (
>    }
> 
> 
> 
>    if (ResultBufSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer
> Too Small\r\n"));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer
> Too Small\r\n"));
> 
>      return EFI_BUFFER_TOO_SMALL;
> 
>    }
> 
> 
> 
> @@ -160,7 +463,7 @@ Tpm2PcrExtend (
>    //
> 
>    RespSize = SwapBytes32(Res.Header.paramSize);
> 
>    if (RespSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n",
> RespSize));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n",
> RespSize));
> 
>      return EFI_BUFFER_TOO_SMALL;
> 
>    }
> 
> 
> 
> @@ -168,10 +471,15 @@ Tpm2PcrExtend (
>    // Fail if command failed
> 
>    //
> 
>    if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n",
> SwapBytes32(Res.Header.responseCode)));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error!
> 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
> 
>      return EFI_DEVICE_ERROR;
> 
>    }
> 
> 
> 
> +  DEBUG_CODE_BEGIN ();
> 
> +  DEBUG ((DEBUG_INFO, "Tpm2PcrExtend: PCR read after extend...\n"));
> 
> +  Tpm2ActivePcrRegisterRead (PcrHandle, NULL);
> 
> +  DEBUG_CODE_END ();
> 
> +
> 
>    //
> 
>    // Unmarshal the response
> 
>    //
> 
> @@ -246,7 +554,7 @@ Tpm2PcrEvent (
>    }
> 
> 
> 
>    if (ResultBufSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer
> Too Small\r\n"));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer
> Too Small\r\n"));
> 
>      return EFI_BUFFER_TOO_SMALL;
> 
>    }
> 
> 
> 
> @@ -255,7 +563,7 @@ Tpm2PcrEvent (
>    //
> 
>    RespSize = SwapBytes32(Res.Header.paramSize);
> 
>    if (RespSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n",
> RespSize));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n",
> RespSize));
> 
>      return EFI_BUFFER_TOO_SMALL;
> 
>    }
> 
> 
> 
> @@ -263,7 +571,7 @@ Tpm2PcrEvent (
>    // Fail if command failed
> 
>    //
> 
>    if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n",
> SwapBytes32(Res.Header.responseCode)));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error!
> 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
> 
>      return EFI_DEVICE_ERROR;
> 
>    }
> 
> 
> 
> @@ -284,7 +592,7 @@ Tpm2PcrEvent (
>      Buffer += sizeof(UINT16);
> 
>      DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
> 
>      if (DigestSize == 0) {
> 
> -      DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests-
> >digests[Index].hashAlg));
> 
> +      DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests-
> >digests[Index].hashAlg));
> 
>        return EFI_DEVICE_ERROR;
> 
>      }
> 
>      CopyMem(
> 
> @@ -298,134 +606,6 @@ Tpm2PcrEvent (
>    return EFI_SUCCESS;
> 
>  }
> 
> 
> 
> -/**
> 
> -  This command returns the values of all PCR specified in pcrSelect.
> 
> -
> 
> -  @param[in]  PcrSelectionIn     The selection of PCR to read.
> 
> -  @param[out] PcrUpdateCounter   The current value of the PCR update
> counter.
> 
> -  @param[out] PcrSelectionOut    The PCR in the returned list.
> 
> -  @param[out] PcrValues          The contents of the PCR indicated in pcrSelect.
> 
> -
> 
> -  @retval EFI_SUCCESS            Operation completed successfully.
> 
> -  @retval EFI_DEVICE_ERROR       The command was unsuccessful.
> 
> -**/
> 
> -EFI_STATUS
> 
> -EFIAPI
> 
> -Tpm2PcrRead (
> 
> -  IN      TPML_PCR_SELECTION        *PcrSelectionIn,
> 
> -     OUT  UINT32                    *PcrUpdateCounter,
> 
> -     OUT  TPML_PCR_SELECTION        *PcrSelectionOut,
> 
> -     OUT  TPML_DIGEST               *PcrValues
> 
> -  )
> 
> -{
> 
> -  EFI_STATUS                        Status;
> 
> -  TPM2_PCR_READ_COMMAND             SendBuffer;
> 
> -  TPM2_PCR_READ_RESPONSE            RecvBuffer;
> 
> -  UINT32                            SendBufferSize;
> 
> -  UINT32                            RecvBufferSize;
> 
> -  UINTN                             Index;
> 
> -  TPML_DIGEST                       *PcrValuesOut;
> 
> -  TPM2B_DIGEST                      *Digests;
> 
> -
> 
> -  //
> 
> -  // Construct command
> 
> -  //
> 
> -  SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
> 
> -  SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
> 
> -
> 
> -  SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
> 
> -  for (Index = 0; Index < PcrSelectionIn->count; Index++) {
> 
> -    SendBuffer.PcrSelectionIn.pcrSelections[Index].hash =
> SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
> 
> -    SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect = PcrSelectionIn-
> >pcrSelections[Index].sizeofSelect;
> 
> -    CopyMem (&SendBuffer.PcrSelectionIn.pcrSelections[Index].pcrSelect,
> &PcrSelectionIn->pcrSelections[Index].pcrSelect,
> SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect);
> 
> -  }
> 
> -
> 
> -  SendBufferSize = sizeof(SendBuffer.Header) +
> sizeof(SendBuffer.PcrSelectionIn.count) +
> sizeof(SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
> 
> -  SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
> 
> -
> 
> -  //
> 
> -  // send Tpm command
> 
> -  //
> 
> -  RecvBufferSize = sizeof (RecvBuffer);
> 
> -  Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer,
> &RecvBufferSize, (UINT8 *)&RecvBuffer);
> 
> -  if (EFI_ERROR (Status)) {
> 
> -    return Status;
> 
> -  }
> 
> -
> 
> -  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -  if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - responseCode - %x\n",
> SwapBytes32(RecvBuffer.Header.responseCode)));
> 
> -    return EFI_NOT_FOUND;
> 
> -  }
> 
> -
> 
> -  //
> 
> -  // Return the response
> 
> -  //
> 
> -
> 
> -  //
> 
> -  // PcrUpdateCounter
> 
> -  //
> 
> -  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -  *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter);
> 
> -
> 
> -  //
> 
> -  // PcrSelectionOut
> 
> -  //
> 
> -  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -  PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count);
> 
> -  if (PcrSelectionOut->count > HASH_COUNT) {
> 
> -    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrSelectionOut->count
> error %x\n", PcrSelectionOut->count));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -
> 
> -  if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) +
> sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count) +
> sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n",
> RecvBufferSize));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -  for (Index = 0; Index < PcrSelectionOut->count; Index++) {
> 
> -    PcrSelectionOut->pcrSelections[Index].hash =
> SwapBytes16(RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
> 
> -    PcrSelectionOut->pcrSelections[Index].sizeofSelect =
> RecvBuffer.PcrSelectionOut.pcrSelections[Index].sizeofSelect;
> 
> -    if (PcrSelectionOut->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
> 
> -      return EFI_DEVICE_ERROR;
> 
> -    }
> 
> -    CopyMem (&PcrSelectionOut->pcrSelections[Index].pcrSelect,
> &RecvBuffer.PcrSelectionOut.pcrSelections[Index].pcrSelect, PcrSelectionOut-
> >pcrSelections[Index].sizeofSelect);
> 
> -  }
> 
> -
> 
> -  //
> 
> -  // PcrValues
> 
> -  //
> 
> -  PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof
> (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) +
> sizeof(RecvBuffer.PcrSelectionOut.count) +
> sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
> 
> -  PcrValues->count = SwapBytes32(PcrValuesOut->count);
> 
> -  //
> 
> -  // The number of digests in list is not greater than 8 per TPML_DIGEST
> definition
> 
> -  //
> 
> -  if (PcrValues->count > 8) {
> 
> -    DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrValues->count error %x\n",
> PcrValues->count));
> 
> -    return EFI_DEVICE_ERROR;
> 
> -  }
> 
> -  Digests = PcrValuesOut->digests;
> 
> -  for (Index = 0; Index < PcrValues->count; Index++) {
> 
> -    PcrValues->digests[Index].size = SwapBytes16(Digests->size);
> 
> -    if (PcrValues->digests[Index].size > sizeof(TPMU_HA)) {
> 
> -      DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - Digest.size error %x\n",
> PcrValues->digests[Index].size));
> 
> -      return EFI_DEVICE_ERROR;
> 
> -    }
> 
> -    CopyMem (&PcrValues->digests[Index].buffer, &Digests->buffer, PcrValues-
> >digests[Index].size);
> 
> -    Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof(Digests->size) +
> PcrValues->digests[Index].size);
> 
> -  }
> 
> -
> 
> -  return EFI_SUCCESS;
> 
> -}
> 
> -
> 
>  /**
> 
>    This command is used to set the desired PCR allocation of PCR and algorithms.
> 
> 
> 
> @@ -513,7 +693,7 @@ Tpm2PcrAllocate (
>    }
> 
> 
> 
>    if (ResultBufSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer
> Too Small\r\n"));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand:
> Buffer Too Small\r\n"));
> 
>      Status = EFI_BUFFER_TOO_SMALL;
> 
>      goto Done;
> 
>    }
> 
> @@ -523,7 +703,7 @@ Tpm2PcrAllocate (
>    //
> 
>    RespSize = SwapBytes32(Res.Header.paramSize);
> 
>    if (RespSize > sizeof(Res)) {
> 
> -    DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n",
> RespSize));
> 
> +    DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too
> large! %d\r\n", RespSize));
> 
>      Status = EFI_BUFFER_TOO_SMALL;
> 
>      goto Done;
> 
>    }
> 
> @@ -532,7 +712,7 @@ Tpm2PcrAllocate (
>    // Fail if command failed
> 
>    //
> 
>    if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
> 
> -    DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n",
> SwapBytes32(Res.Header.responseCode)));
> 
> +    DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error!
> 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
> 
>      Status = EFI_DEVICE_ERROR;
> 
>      goto Done;
> 
>    }
> 
> @@ -673,15 +853,15 @@ Tpm2PcrAllocateBanks (
>               &SizeNeeded,
> 
>               &SizeAvailable
> 
>               );
> 
> -  DEBUG ((EFI_D_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n",
> Status));
> 
> +  DEBUG ((DEBUG_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n",
> Status));
> 
>    if (EFI_ERROR (Status)) {
> 
>      goto Done;
> 
>    }
> 
> 
> 
> -  DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
> 
> -  DEBUG ((EFI_D_INFO, "MaxPCR            - %08x\n", MaxPCR));
> 
> -  DEBUG ((EFI_D_INFO, "SizeNeeded        - %08x\n", SizeNeeded));
> 
> -  DEBUG ((EFI_D_INFO, "SizeAvailable     - %08x\n", SizeAvailable));
> 
> +  DEBUG ((DEBUG_INFO, "AllocationSuccess - %02x\n", AllocationSuccess));
> 
> +  DEBUG ((DEBUG_INFO, "MaxPCR            - %08x\n", MaxPCR));
> 
> +  DEBUG ((DEBUG_INFO, "SizeNeeded        - %08x\n", SizeNeeded));
> 
> +  DEBUG ((DEBUG_INFO, "SizeAvailable     - %08x\n", SizeAvailable));
> 
> 
> 
>  Done:
> 
>    ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
> 
> diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> index 19b8e4b318..678826f8a5 100644
> --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> @@ -147,7 +147,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR           mNotifyList[] = {
>    }
> 
>  };
> 
> 
> 
> -
> 
>  /**
> 
>    Record all measured Firmware Volume Information into a Guid Hob
> 
>    Guid Hob payload layout is
> 
> @@ -223,7 +222,7 @@ SyncPcrAllocationsAndPcrMask (
>    UINT32                            Tpm2PcrMask;
> 
>    UINT32                            NewTpm2PcrMask;
> 
> 
> 
> -  DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n"));
> 
> +  DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n"));
> 
> 
> 
>    //
> 
>    // Determine the current TPM support and the Platform PCR mask.
> 
> @@ -234,7 +233,7 @@ SyncPcrAllocationsAndPcrMask (
>    Tpm2PcrMask = PcdGet32 (PcdTpm2HashMask);
> 
>    if (Tpm2PcrMask == 0) {
> 
>      //
> 
> -    // if PcdTPm2HashMask is zero, use ActivePcr setting
> 
> +    // if PcdTpm2HashMask is zero, use ActivePcr setting
> 
>      //
> 
>      PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks);
> 
>      Tpm2PcrMask = TpmActivePcrBanks;
> 
> @@ -253,9 +252,9 @@ SyncPcrAllocationsAndPcrMask (
>    if ((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) {
> 
>      NewTpmActivePcrBanks = TpmActivePcrBanks & Tpm2PcrMask;
> 
> 
> 
> -    DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n",
> __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
> 
> +    DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n",
> __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
> 
>      if (NewTpmActivePcrBanks == 0) {
> 
> -      DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a less
> restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
> 
> +      DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less
> restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
> 
>        ASSERT (FALSE);
> 
>      } else {
> 
>        Status = Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitmap,
> NewTpmActivePcrBanks);
> 
> @@ -263,7 +262,7 @@ SyncPcrAllocationsAndPcrMask (
>          //
> 
>          // We can't do much here, but we hope that this doesn't happen.
> 
>          //
> 
> -        DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n",
> __FUNCTION__));
> 
> +        DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n",
> __FUNCTION__));
> 
>          ASSERT_EFI_ERROR (Status);
> 
>        }
> 
>        //
> 
> @@ -280,9 +279,9 @@ SyncPcrAllocationsAndPcrMask (
>    if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) != Tpm2PcrMask) {
> 
>      NewTpm2PcrMask = Tpm2PcrMask & TpmHashAlgorithmBitmap;
> 
> 
> 
> -    DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to
> 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask));
> 
> +    DEBUG ((DEBUG_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to
> 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask));
> 
>      if (NewTpm2PcrMask == 0) {
> 
> -      DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a less
> restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
> 
> +      DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a less
> restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
> 
>        ASSERT (FALSE);
> 
>      }
> 
> 
> 
> @@ -321,7 +320,7 @@ LogHashEvent (
>    RetStatus = EFI_SUCCESS;
> 
>    for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]);
> Index++) {
> 
>      if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
> 
> -      DEBUG ((EFI_D_INFO, "  LogFormat - 0x%08x\n",
> mTcg2EventInfo[Index].LogFormat));
> 
> +      DEBUG ((DEBUG_INFO, "  LogFormat - 0x%08x\n",
> mTcg2EventInfo[Index].LogFormat));
> 
>        switch (mTcg2EventInfo[Index].LogFormat) {
> 
>        case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
> 
>          Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList,
> &NewEventHdr->Digest);
> 
> @@ -416,7 +415,7 @@ HashLogExtendEvent (
>    }
> 
> 
> 
>    if (Status == EFI_DEVICE_ERROR) {
> 
> -    DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
> 
> +    DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n",
> Status));
> 
>      BuildGuidHob (&gTpmErrorHobGuid,0);
> 
>      REPORT_STATUS_CODE (
> 
>        EFI_ERROR_CODE | EFI_ERROR_MINOR,
> 
> @@ -925,7 +924,7 @@ PeimEntryMA (
>    }
> 
> 
> 
>    if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
> 
> -    DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
> 
> +    DEBUG ((DEBUG_ERROR, "TPM2 error!\n"));
> 
>      return EFI_DEVICE_ERROR;
> 
>    }
> 
> 
> 
> @@ -989,7 +988,7 @@ PeimEntryMA (
>        for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {
> 
>          Status = MeasureSeparatorEventWithError (PcrIndex);
> 
>          if (EFI_ERROR (Status)) {
> 
> -          DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured.
> Error!\n"));
> 
> +          DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured.
> Error!\n"));
> 
>          }
> 
>        }
> 
>      }
> 
> @@ -1006,6 +1005,13 @@ PeimEntryMA (
>        }
> 
>      }
> 
> 
> 
> +    DEBUG_CODE_BEGIN ();
> 
> +    //
> 
> +    // Peek into TPM PCR 00 before any BIOS measurement.
> 
> +    //
> 
> +    Tpm2ActivePcrRegisterRead (00, NULL);
> 
> +    DEBUG_CODE_END ();
> 
> +
> 
>      //
> 
>      // Only install TpmInitializedPpi on success
> 
>      //
> 
> @@ -1020,7 +1026,7 @@ PeimEntryMA (
> 
> 
>  Done:
> 
>    if (EFI_ERROR (Status)) {
> 
> -    DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n"));
> 
> +    DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n"));
> 
>      BuildGuidHob (&gTpmErrorHobGuid,0);
> 
>      REPORT_STATUS_CODE (
> 
>        EFI_ERROR_CODE | EFI_ERROR_MINOR,
> 
> --
> 2.27.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#63173): https://edk2.groups.io/g/devel/message/63173
Mute This Topic: https://groups.io/mt/75694164/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-