From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1DC6081A5B for ; Sat, 21 Jan 2017 20:58:20 -0800 (PST) Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP; 21 Jan 2017 20:58:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,267,1477983600"; d="scan'208";a="1097278561" Received: from fmsmsx103.amr.corp.intel.com ([10.18.124.201]) by fmsmga001.fm.intel.com with ESMTP; 21 Jan 2017 20:58:19 -0800 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX103.amr.corp.intel.com (10.18.124.201) with Microsoft SMTP Server (TLS) id 14.3.248.2; Sat, 21 Jan 2017 20:58:18 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0248.002; Sun, 22 Jan 2017 12:58:17 +0800 From: "Zeng, Star" To: "Zhang, Chao B" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" , "Zeng, Star" Thread-Topic: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new TCG spec Thread-Index: AQHSdGugoh86zApY50OPkZW4Kf9nVqFD71eQ Date: Sun, 22 Jan 2017 04:58:16 +0000 Message-ID: <0C09AFA07DD0434D9E2A0C6AEB0483103B818D56@shsmsx102.ccr.corp.intel.com> References: <20170122045428.12992-1-chao.b.zhang@intel.com> In-Reply-To: <20170122045428.12992-1-chao.b.zhang@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new TCG spec X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jan 2017 04:58:20 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Star Zeng Thanks, Star -----Original Message----- From: Zhang, Chao B=20 Sent: Sunday, January 22, 2017 12:54 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen ; Zeng, Star ; Z= hang, Chao B Subject: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new T= CG spec Measure DBT into PCR[7] when it is updated between initial measure and Exit= BootService. Measure "SecureBoot" change after PK update. Spec version : TCG PC Client PFP 00.37. http://www.trustedcomputinggroup.or= g/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems= _v21.pdf Cc: Star Zeng Cc: Yao Jiewen Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang --- .../Universal/Variable/RuntimeDxe/Measurement.c | 82 ++++++++++++++++++= +++- .../Universal/Variable/RuntimeDxe/VariableDxe.c | 19 ++++- .../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 10 ++- .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 19 ++++- .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 7 +- 5 files changed, 128 insertions(+), 9 deletions(-) diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c b/Mde= ModulePkg/Universal/Variable/RuntimeDxe/Measurement.c index 2f92fae..309521f 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c @@ -1,7 +1,7 @@ /** @file Measure TrEE required variable. =20 -Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made availab= le under the terms and conditions of the BSD License which accompanies thi= s distribution. The full text of the license may be found at @@ -36,8 +36,= 16 @@ VARIABLE_TYPE mVariableType[] =3D { {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid}, {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid}, {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid}, + {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid}, }; =20 +// +// "SecureBoot" may update following PK Del/Add // Cache its value to=20 +detect value update // +UINT8 *mSecureBootVarData =3D NULL; +UINTN mSecureBootVarDataSize =3D 0; + /** This function will return if this variable is SecureBootPolicy Variable. =20 @@ -251,5 +259,77 @@ SecureBootHook ( FreePool (VariableData); } =20 + // + // "SecureBoot" is 8bit & read-only. It can only be changed according=20 + to PK update // if ((StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) =3D= =3D=20 + 0) && + CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)) { + Status =3D InternalGetVariable ( + EFI_SECURE_BOOT_MODE_NAME, + &gEfiGlobalVariableGuid, + &VariableData, + &VariableDataSize + ); + if (EFI_ERROR (Status)) { + return; + } + + // + // If PK update is successful. "SecureBoot" shall always exist ever s= ince variable write service is ready + // + ASSERT(mSecureBootVarData !=3D NULL); + + if (CompareMem(mSecureBootVarData, VariableData, VariableDataSize) != =3D 0) { + FreePool(mSecureBootVarData); + mSecureBootVarData =3D VariableData; + mSecureBootVarDataSize =3D VariableDataSize; + + DEBUG((DEBUG_INFO, "%s variable updated according to PK change. Rem= easure the value!\n", EFI_SECURE_BOOT_MODE_NAME)); + Status =3D MeasureVariable ( + EFI_SECURE_BOOT_MODE_NAME, + &gEfiGlobalVariableGuid, + mSecureBootVarData, + mSecureBootVarDataSize + ); + DEBUG ((DEBUG_INFO, "MeasureBootPolicyVariable - %r\n", Status)); + } else { + // + // "SecureBoot" variable is not changed + // + FreePool(VariableData); + } + } + return ; } + +/** + Some Secure Boot Policy Variable may update following other variable cha= nges(SecureBoot follows PK change, etc). + Record their initial State when variable write service is ready. + +**/ +VOID +EFIAPI +RecordSecureBootPolicyVarData( + VOID + ) +{ + EFI_STATUS Status; + + // + // Record initial "SecureBoot" variable value. + // It is used to detect SecureBoot variable change in SecureBootHook. + // + Status =3D InternalGetVariable ( + EFI_SECURE_BOOT_MODE_NAME, + &gEfiGlobalVariableGuid, + (VOID **)&mSecureBootVarData, + &mSecureBootVarDataSize + ); + if (EFI_ERROR(Status)) { + // + // Read could fail when Auth Variable solution is not supported + // + DEBUG((DEBUG_INFO, "RecordSecureBootPolicyVarData GetVariable %s=20 +Status %x\n", EFI_SECURE_BOOT_MODE_NAME, Status)); + } +} diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c b/Mde= ModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c index 3d3cd24..fe1b2b5 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c @@ -3,7 +3,7 @@ and volatile storage space and install variable architecture protocol. =20 Copyright (C) 2013, Red Hat, Inc. -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
(C) Copyright 2015 Hewlett Packard Enterprise Development LP
This pro= gram and the accompanying materials are licensed and made available under = the terms and conditions of the BSD License @@ -32,6 +32,17 @@ EDKII_VAR_CHECK_PROTOCOL mVarCheck = =3D { VarCheckRegis VarChe= ckVariablePropertyGet }; =20 /** + Some Secure Boot Policy Variable may update following other variable cha= nges(SecureBoot follows PK change, etc). + Record their initial State when variable write service is ready. + +**/ +VOID +EFIAPI +RecordSecureBootPolicyVarData( + VOID + ); + +/** Return TRUE if ExitBootServices () has been called. =20 @retval TRUE If ExitBootServices () has been called. @@ -415,6 +426,12 @@ FtwNotificationEvent ( } =20 // + // Some Secure Boot Policy Var (SecureBoot, etc) updates following=20 + other // Secure Boot Policy Variable change. Record their initial value. + // + RecordSecureBootPolicyVarData(); + + // // Install the Variable Write Architectural protocol. // Status =3D gBS->InstallProtocolInterface ( diff --git a/MdeModulePkg/Uni= versal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/= Variable/RuntimeDxe/VariableRuntimeDxe.inf index 6214966..bc24a25 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf @@ -9,7 +9,7 @@ # This external input must be validated carefully to avoid security issue= s such as # buffer overflow or integer overflow. # -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2017, Intel Corporation. All rights=20 +reserved.
# This program and the accompanying materials # are licensed and made ava= ilable under the terms and conditions of the BSD License # which accompani= es this distribution. The full text of the license may be found at @@ -94,6= +94,9 @@ ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" ## SOMETIMES_CONSUMES ## Variable:L"Lang" ## SOMETIMES_PRODUCES ## Variable:L"Lang" + ## SOMETIMES_CONSUMES ## Variable:L"PK" + ## SOMETIMES_CONSUMES ## Variable:L"KEK" + ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" gEfiGlobalVariableGuid =20 gEfiMemoryOverwriteControlDataGuid ## SOMETIMES_CONSUMES ##= Variable:L"MemoryOverwriteRequestControl" @@ -108,8 +111,9 @@ ## SOMETIMES_PRODUCES ## Variable:L"VarErrorFlag" gEdkiiVarErrorFlagGuid =20 - ## SOMETIMES_CONSUMES ## Variable:L"DB" - ## SOMETIMES_CONSUMES ## Variable:L"DBX" + ## SOMETIMES_CONSUMES ## Variable:L"db" + ## SOMETIMES_CONSUMES ## Variable:L"dbx" + ## SOMETIMES_CONSUMES ## Variable:L"dbt" gEfiImageSecurityDatabaseGuid =20 [Pcd] diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeD= xe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c index 0a076ae..e209d54 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c @@ -13,7 +13,7 @@ =20 InitCommunicateBuffer() is really function to check the variable data si= ze. =20 -Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made availab= le under the terms and conditions of the BSD License which accompanies thi= s distribution. The full text of the license may be found at @@ -71,6 +71,= 17 @@ SecureBootHook ( ); =20 /** + Some Secure Boot Policy Variable may update following other variable cha= nges(SecureBoot follows PK change, etc). + Record their initial State when variable write service is ready. + +**/ +VOID +EFIAPI +RecordSecureBootPolicyVarData( + VOID + ); + +/** Acquires lock only at boot time. Simply returns at runtime. =20 This is a temperary function that will be removed when @@ -1079,6 +1090,= 12 @@ SmmVariableWriteReady ( return; } =20 + // + // Some Secure Boot Policy Var (SecureBoot, etc) updates following=20 + other // Secure Boot Policy Variable change. Record their initial value= . + // + RecordSecureBootPolicyVarData(); + Status =3D gBS->InstallProtocolInterface ( &mHandle, &gEfiVariableWriteArchProtocolGuid, diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeD= xe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i= nf index 82ddb00..9975f5a 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.i +++ nf @@ -13,7 +13,7 @@ # may not be modified without authorization. If platform fails to protect= these resources, # the authentication service provided in this driver wi= ll be broken, and the behavior is undefined. # -# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2010 - 2017, Intel Corporation. All rights=20 +reserved.
# This program and the accompanying materials # are licensed and made ava= ilable under the terms and conditions of the BSD License # which accompani= es this distribution. The full text of the license may be found at @@ -81,8= +81,9 @@ ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" gEfiGlobalVariableGuid =20 - ## SOMETIMES_CONSUMES ## Variable:L"DB" - ## SOMETIMES_CONSUMES ## Variable:L"DBX" + ## SOMETIMES_CONSUMES ## Variable:L"db" + ## SOMETIMES_CONSUMES ## Variable:L"dbx" + ## SOMETIMES_CONSUMES ## Variable:L"dbt" gEfiImageSecurityDatabaseGuid =20 [Depex] -- 1.9.5.msysgit.1