* [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
@ 2017-01-23 8:51 Zhang, Chao B
2017-01-23 8:51 ` [PATCH 2/2] MdePkg : UefiTcgPlatform.h: Define Startup Locality Event & Indicator Zhang, Chao B
2017-01-23 15:25 ` [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Yao, Jiewen
0 siblings, 2 replies; 4+ messages in thread
From: Zhang, Chao B @ 2017-01-23 8:51 UTC (permalink / raw)
To: edk2-devel; +Cc: jiewen.yao, star.zeng, Chao Zhang
Log Startup Locality Event according to TCG PC Client PFP 00.21.
Event should be placed before any extend to PCR[0]
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
---
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 48 ++++++++++++++++++++++++++++++---------
1 file changed, 37 insertions(+), 11 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index 3534fd1..2658944 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -1381,11 +1381,12 @@ SetupEventLog (
UINT32 HashAlgorithmMaskCopied;
TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
UINT8 TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
- TCG_PCR_EVENT_HDR FirstPcrEvent;
+ TCG_PCR_EVENT_HDR NoActionEvent;
TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
UINT8 *VendorInfoSize;
UINT32 NumberOfAlgorithms;
+ TCG_EfiStartupLocalityEvent StartupLocalityEvent;
DEBUG ((EFI_D_INFO, "SetupEventLog\n"));
@@ -1468,24 +1469,49 @@ SetupEventLog (
VendorInfoSize = (UINT8 *)TempDigestSize;
*VendorInfoSize = 0;
+ NoActionEvent.PCRIndex = 0;
+ NoActionEvent.EventType = EV_NO_ACTION;
+ ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
+ NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
+
//
- // FirstPcrEvent
+ // Log TcgEfiSpecIdEventStruct as the first Event
+ // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log
//
- FirstPcrEvent.PCRIndex = 0;
- FirstPcrEvent.EventType = EV_NO_ACTION;
- ZeroMem (&FirstPcrEvent.Digest, sizeof(FirstPcrEvent.Digest));
- FirstPcrEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
+ Status = TcgDxeLogEvent (
+ mTcg2EventInfo[Index].LogFormat,
+ &NoActionEvent,
+ sizeof(NoActionEvent),
+ (UINT8 *)TcgEfiSpecIdEventStruct,
+ NoActionEvent.EventSize
+ );
//
- // Record
+ // EfiStartupLocalityEvent
+ //
+ CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof(StartupLocalityEvent.Signature));
+ //
+ // SRTM uses Locality 0 to access the TPM according to PC Client PFP spec 2.2.1
+ //
+ StartupLocalityEvent.StartupLocality = LOCALITY_0_INDICATOR;
+
+ NoActionEvent.PCRIndex = 0;
+ NoActionEvent.EventType = EV_NO_ACTION;
+ ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
+ NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
+
+ //
+ // Log EfiStartupLocalityEvent as the second Event
+ // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
//
Status = TcgDxeLogEvent (
mTcg2EventInfo[Index].LogFormat,
- &FirstPcrEvent,
- sizeof(FirstPcrEvent),
- (UINT8 *)TcgEfiSpecIdEventStruct,
- FirstPcrEvent.EventSize
+ &NoActionEvent,
+ sizeof(NoActionEvent),
+ (UINT8 *)&StartupLocalityEvent,
+ NoActionEvent.EventSize
);
+
}
}
}
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [PATCH 2/2] MdePkg : UefiTcgPlatform.h: Define Startup Locality Event & Indicator
2017-01-23 8:51 [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Zhang, Chao B
@ 2017-01-23 8:51 ` Zhang, Chao B
2017-01-23 15:25 ` [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Yao, Jiewen
1 sibling, 0 replies; 4+ messages in thread
From: Zhang, Chao B @ 2017-01-23 8:51 UTC (permalink / raw)
To: edk2-devel; +Cc: jiewen.yao, star.zeng, Chao Zhang
Add Startup Locality Event definition according to PC Client PFP 00.21
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Add Locality Indicator definition according to PC Client PTP 00.43
https://www.trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2-0-v43-150126.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
---
MdePkg/Include/IndustryStandard/UefiTcgPlatform.h | 29 ++++++++++++++++++++++-
1 file changed, 28 insertions(+), 1 deletion(-)
diff --git a/MdePkg/Include/IndustryStandard/UefiTcgPlatform.h b/MdePkg/Include/IndustryStandard/UefiTcgPlatform.h
index 23eaa53..6ce808e 100644
--- a/MdePkg/Include/IndustryStandard/UefiTcgPlatform.h
+++ b/MdePkg/Include/IndustryStandard/UefiTcgPlatform.h
@@ -1,7 +1,7 @@
/** @file
TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final
- Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -268,6 +268,33 @@ typedef struct {
//UINT8 vendorInfo[vendorInfoSize];
} TCG_EfiSpecIDEventStruct;
+
+
+#define TCG_EfiStartupLocalityEvent_SIGNATURE "StartupLocality"
+
+
+//
+// PC Client PTP spec Table 8 Relationship between Locality and Locality Attribute
+//
+#define LOCALITY_0_INDICATOR 0x01
+#define LOCALITY_1_INDICATOR 0x02
+#define LOCALITY_2_INDICATOR 0x03
+#define LOCALITY_3_INDICATOR 0x04
+#define LOCALITY_4_INDICATOR 0x05
+
+
+//
+// Startup Locality Event
+//
+typedef struct tdTCG_EfiStartupLocalityEvent{
+ UINT8 Signature[16];
+ //
+ // The Locality Indicator which sent the TPM2_Startup command
+ //
+ UINT8 StartupLocality;
+} TCG_EfiStartupLocalityEvent;
+
+
//
// Restore original structure alignment
//
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
2017-01-23 8:51 [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Zhang, Chao B
2017-01-23 8:51 ` [PATCH 2/2] MdePkg : UefiTcgPlatform.h: Define Startup Locality Event & Indicator Zhang, Chao B
@ 2017-01-23 15:25 ` Yao, Jiewen
2017-01-24 0:20 ` Zhang, Chao B
1 sibling, 1 reply; 4+ messages in thread
From: Yao, Jiewen @ 2017-01-23 15:25 UTC (permalink / raw)
To: Zhang, Chao B, edk2-devel@lists.01.org; +Cc: Zhang, Chao B, Zeng, Star
Hi
StartupLocality is a platform policy. We should not hardcode it.
We may use one of below ways:
1) Define a new PCD.
2) Detect if there is an startuplocality event hob reported in PEI phase.
Thank you
Yao Jiewen
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Zhang,
> Chao B
> Sent: Monday, January 23, 2017 4:52 PM
> To: edk2-devel@lists.01.org
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Zhang, Chao B
> <chao.b.zhang@intel.com>; Zeng, Star <star.zeng@intel.com>
> Subject: [edk2] [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
>
> Log Startup Locality Event according to TCG PC Client PFP 00.21.
> Event should be placed before any extend to PCR[0]
> http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific
> _Platform_Profile_for_TPM_2p0_Systems_v21.pdf
>
> Cc: Star Zeng <star.zeng@intel.com>
> Cc: Yao Jiewen <jiewen.yao@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
> ---
> SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 48
> ++++++++++++++++++++++++++++++---------
> 1 file changed, 37 insertions(+), 11 deletions(-)
>
> diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> index 3534fd1..2658944 100644
> --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> @@ -1381,11 +1381,12 @@ SetupEventLog (
> UINT32 HashAlgorithmMaskCopied;
> TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
> UINT8
> TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT *
> sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
> - TCG_PCR_EVENT_HDR FirstPcrEvent;
> + TCG_PCR_EVENT_HDR NoActionEvent;
> TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
> TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
> UINT8 *VendorInfoSize;
> UINT32 NumberOfAlgorithms;
> + TCG_EfiStartupLocalityEvent StartupLocalityEvent;
>
> DEBUG ((EFI_D_INFO, "SetupEventLog\n"));
>
> @@ -1468,24 +1469,49 @@ SetupEventLog (
> VendorInfoSize = (UINT8 *)TempDigestSize;
> *VendorInfoSize = 0;
>
> + NoActionEvent.PCRIndex = 0;
> + NoActionEvent.EventType = EV_NO_ACTION;
> + ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
> + NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize
> (TcgEfiSpecIdEventStruct);
> +
> //
> - // FirstPcrEvent
> + // Log TcgEfiSpecIdEventStruct as the first Event
> + // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries
> and Log
> //
> - FirstPcrEvent.PCRIndex = 0;
> - FirstPcrEvent.EventType = EV_NO_ACTION;
> - ZeroMem (&FirstPcrEvent.Digest, sizeof(FirstPcrEvent.Digest));
> - FirstPcrEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize
> (TcgEfiSpecIdEventStruct);
> + Status = TcgDxeLogEvent (
> + mTcg2EventInfo[Index].LogFormat,
> + &NoActionEvent,
> + sizeof(NoActionEvent),
> + (UINT8 *)TcgEfiSpecIdEventStruct,
> + NoActionEvent.EventSize
> + );
>
> //
> - // Record
> + // EfiStartupLocalityEvent
> + //
> + CopyMem (StartupLocalityEvent.Signature,
> TCG_EfiStartupLocalityEvent_SIGNATURE,
> sizeof(StartupLocalityEvent.Signature));
> + //
> + // SRTM uses Locality 0 to access the TPM according to PC Client PFP
> spec 2.2.1
> + //
> + StartupLocalityEvent.StartupLocality = LOCALITY_0_INDICATOR;
> +
> + NoActionEvent.PCRIndex = 0;
> + NoActionEvent.EventType = EV_NO_ACTION;
> + ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
> + NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
> +
> + //
> + // Log EfiStartupLocalityEvent as the second Event
> + // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
> //
> Status = TcgDxeLogEvent (
> mTcg2EventInfo[Index].LogFormat,
> - &FirstPcrEvent,
> - sizeof(FirstPcrEvent),
> - (UINT8 *)TcgEfiSpecIdEventStruct,
> - FirstPcrEvent.EventSize
> + &NoActionEvent,
> + sizeof(NoActionEvent),
> + (UINT8 *)&StartupLocalityEvent,
> + NoActionEvent.EventSize
> );
> +
> }
> }
> }
> --
> 1.9.5.msysgit.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
2017-01-23 15:25 ` [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Yao, Jiewen
@ 2017-01-24 0:20 ` Zhang, Chao B
0 siblings, 0 replies; 4+ messages in thread
From: Zhang, Chao B @ 2017-01-24 0:20 UTC (permalink / raw)
To: Yao, Jiewen, edk2-devel@lists.01.org; +Cc: Zeng, Star
Jiewen:
Actually I tried item 2 in PEI & produce hob for DXE to consume. But basing on my test
No TPM we have can support such feature defined in PTP00.47. PCR[0] after Startup(CLEAR) always
shows zero.
I will choose option 1 first.
From: Yao, Jiewen
Sent: Monday, January 23, 2017 11:25 PM
To: Zhang, Chao B <chao.b.zhang@intel.com>; edk2-devel@lists.01.org
Cc: Zhang, Chao B <chao.b.zhang@intel.com>; Zeng, Star <star.zeng@intel.com>
Subject: RE: [edk2] [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
Hi
StartupLocality is a platform policy. We should not hardcode it.
We may use one of below ways:
1) Define a new PCD.
2) Detect if there is an startuplocality event hob reported in PEI phase.
Thank you
Yao Jiewen
> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Zhang,
> Chao B
> Sent: Monday, January 23, 2017 4:52 PM
> To: edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> Cc: Yao, Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>; Zhang, Chao B
> <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>; Zeng, Star <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Subject: [edk2] [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event
>
> Log Startup Locality Event according to TCG PC Client PFP 00.21.
> Event should be placed before any extend to PCR[0]
> http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific
> _Platform_Profile_for_TPM_2p0_Systems_v21.pdf
>
> Cc: Star Zeng <star.zeng@intel.com<mailto:star.zeng@intel.com>>
> Cc: Yao Jiewen <jiewen.yao@intel.com<mailto:jiewen.yao@intel.com>>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Chao Zhang <chao.b.zhang@intel.com<mailto:chao.b.zhang@intel.com>>
> ---
> SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 48
> ++++++++++++++++++++++++++++++---------
> 1 file changed, 37 insertions(+), 11 deletions(-)
>
> diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> index 3534fd1..2658944 100644
> --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
> @@ -1381,11 +1381,12 @@ SetupEventLog (
> UINT32 HashAlgorithmMaskCopied;
> TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
> UINT8
> TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT *
> sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
> - TCG_PCR_EVENT_HDR FirstPcrEvent;
> + TCG_PCR_EVENT_HDR NoActionEvent;
> TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
> TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
> UINT8 *VendorInfoSize;
> UINT32 NumberOfAlgorithms;
> + TCG_EfiStartupLocalityEvent StartupLocalityEvent;
>
> DEBUG ((EFI_D_INFO, "SetupEventLog\n"));
>
> @@ -1468,24 +1469,49 @@ SetupEventLog (
> VendorInfoSize = (UINT8 *)TempDigestSize;
> *VendorInfoSize = 0;
>
> + NoActionEvent.PCRIndex = 0;
> + NoActionEvent.EventType = EV_NO_ACTION;
> + ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
> + NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize
> (TcgEfiSpecIdEventStruct);
> +
> //
> - // FirstPcrEvent
> + // Log TcgEfiSpecIdEventStruct as the first Event
> + // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries
> and Log
> //
> - FirstPcrEvent.PCRIndex = 0;
> - FirstPcrEvent.EventType = EV_NO_ACTION;
> - ZeroMem (&FirstPcrEvent.Digest, sizeof(FirstPcrEvent.Digest));
> - FirstPcrEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize
> (TcgEfiSpecIdEventStruct);
> + Status = TcgDxeLogEvent (
> + mTcg2EventInfo[Index].LogFormat,
> + &NoActionEvent,
> + sizeof(NoActionEvent),
> + (UINT8 *)TcgEfiSpecIdEventStruct,
> + NoActionEvent.EventSize
> + );
>
> //
> - // Record
> + // EfiStartupLocalityEvent
> + //
> + CopyMem (StartupLocalityEvent.Signature,
> TCG_EfiStartupLocalityEvent_SIGNATURE,
> sizeof(StartupLocalityEvent.Signature));
> + //
> + // SRTM uses Locality 0 to access the TPM according to PC Client PFP
> spec 2.2.1
> + //
> + StartupLocalityEvent.StartupLocality = LOCALITY_0_INDICATOR;
> +
> + NoActionEvent.PCRIndex = 0;
> + NoActionEvent.EventType = EV_NO_ACTION;
> + ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
> + NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
> +
> + //
> + // Log EfiStartupLocalityEvent as the second Event
> + // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
> //
> Status = TcgDxeLogEvent (
> mTcg2EventInfo[Index].LogFormat,
> - &FirstPcrEvent,
> - sizeof(FirstPcrEvent),
> - (UINT8 *)TcgEfiSpecIdEventStruct,
> - FirstPcrEvent.EventSize
> + &NoActionEvent,
> + sizeof(NoActionEvent),
> + (UINT8 *)&StartupLocalityEvent,
> + NoActionEvent.EventSize
> );
> +
> }
> }
> }
> --
> 1.9.5.msysgit.1
>
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org<mailto:edk2-devel@lists.01.org>
> https://lists.01.org/mailman/listinfo/edk2-devel
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-01-24 0:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-01-23 8:51 [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Zhang, Chao B
2017-01-23 8:51 ` [PATCH 2/2] MdePkg : UefiTcgPlatform.h: Define Startup Locality Event & Indicator Zhang, Chao B
2017-01-23 15:25 ` [PATCH 1/2] SecurityPkg: Tcg2Dxe: Log Startup Locality Event Yao, Jiewen
2017-01-24 0:20 ` Zhang, Chao B
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox