From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web10.4661.1576912078190192475 for ; Fri, 20 Dec 2019 23:07:58 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jiewen.yao@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga102.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Dec 2019 23:07:57 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,338,1571727600"; d="scan'208";a="219022978" Received: from jyao1-mobl2.ccr.corp.intel.com ([10.254.215.100]) by orsmga003.jf.intel.com with ESMTP; 20 Dec 2019 23:07:56 -0800 From: "Yao, Jiewen" To: devel@edk2.groups.io Cc: Ray Ni , Rangasai V Chaganty Subject: [PATCH] IntelSiliconPkg/IntelPciDeviceSecurity: Use EDKII TCG definition. Date: Sat, 21 Dec 2019 15:07:43 +0800 Message-Id: <20191221070743.10720-1-jiewen.yao@intel.com> X-Mailer: git-send-email 2.19.2.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Since official TCG definition is added to MdePkg, IntelPciDeviceSecurityDxe should not define its own TCG event log. Cc: Ray Ni Cc: Rangasai V Chaganty Signed-off-by: Jiewen Yao --- .../IntelPciDeviceSecurityDxe.c | 19 ++-- .../IntelPciDeviceSecurityDxe.inf | 1 - .../TcgDeviceEvent.h | 101 ------------------ 3 files changed, 9 insertions(+), 112 deletions(-) delete mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c index 2922fb8deb..d46862a1c4 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c +++ b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c @@ -22,14 +22,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include -#include "TcgDeviceEvent.h" typedef struct { - EDKII_DEVICE_SECURITY_EVENT_DATA_HEADER EventData; + TCG_DEVICE_SECURITY_EVENT_DATA_HEADER EventData; SPDM_MEASUREMENT_BLOCK_COMMON_HEADER CommonHeader; SPDM_MEASUREMENT_BLOCK_DMTF_HEADER DmtfHeader; UINT8 Digest[SHA256_DIGEST_SIZE]; - EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext; + TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT PciContext; } EDKII_DEVICE_SECURITY_PCI_EVENT_DATA; typedef struct { @@ -327,14 +326,14 @@ ExtendDigestRegister ( Status = PciIo->Pci.Read (PciIo, EfiPciIoWidthUint8, 0, sizeof(PciData), &PciData); ASSERT_EFI_ERROR(Status); - PcrIndex = EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX; - EventType = EDKII_DEVICE_MEASUREMENT_COMPONENT_EVENT_TYPE; + PcrIndex = 2; + EventType = EV_EFI_SPDM_FIRMWARE_BLOB; - CopyMem (EventLog.EventData.Signature, EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE, sizeof(EventLog.EventData.Signature)); - EventLog.EventData.Version = EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION; + CopyMem (EventLog.EventData.Signature, TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE, sizeof(EventLog.EventData.Signature)); + EventLog.EventData.Version = TCG_DEVICE_SECURITY_EVENT_DATA_VERSION; EventLog.EventData.Length = sizeof(EDKII_DEVICE_SECURITY_PCI_EVENT_DATA); EventLog.EventData.SpdmHashAlgo = TcgAlgIdToSpdmHashAlgo (TcgAlgId); - EventLog.EventData.DeviceType = EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI; + EventLog.EventData.DeviceType = TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI; EventLog.CommonHeader.Index = DigestSel; EventLog.CommonHeader.MeasurementSpecification = SPDM_MEASUREMENT_BLOCK_HEADER_SPECIFICATION_DMTF; @@ -343,8 +342,8 @@ ExtendDigestRegister ( EventLog.DmtfHeader.DMTFSpecMeasurementValueSize = SHA256_DIGEST_SIZE; CopyMem (&EventLog.Digest, Digest, SHA256_DIGEST_SIZE); - EventLog.PciContext.Version = EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION; - EventLog.PciContext.Length = sizeof(EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT); + EventLog.PciContext.Version = TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION; + EventLog.PciContext.Length = sizeof(TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT); EventLog.PciContext.VendorId = PciData.Hdr.VendorId; EventLog.PciContext.DeviceId = PciData.Hdr.DeviceId; EventLog.PciContext.RevisionID = PciData.Hdr.RevisionID; diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf index 89a4c8fadd..b51b843bb5 100644 --- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf +++ b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf @@ -16,7 +16,6 @@ [Sources] IntelPciDeviceSecurityDxe.c - TcgDeviceEvent.h [Packages] MdePkg/MdePkg.dec diff --git a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h b/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h deleted file mode 100644 index a0ce344112..0000000000 --- a/Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h +++ /dev/null @@ -1,101 +0,0 @@ -/** @file - TCG Device Event data structure -Copyright (c) 2019, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent -**/ - - -#ifndef __TCG_EVENT_DATA_H__ -#define __TCG_EVENT_DATA_H__ - -#include - -#pragma pack(1) - -// ------------------------------------------- -// TCG Measurement for SPDM Device Measurement -// ------------------------------------------- - -// -// Device Firmware Component (including immutable ROM or mutable firmware) -// -#define EDKII_DEVICE_MEASUREMENT_COMPONENT_PCR_INDEX 2 -#define EDKII_DEVICE_MEASUREMENT_COMPONENT_EVENT_TYPE 0x800000E1 -// -// Device Firmware Configuration (including hardware configuration or firmware configuration) -// -#define EDKII_DEVICE_MEASUREMENT_CONFIGURATION_PCR_INDEX 4 -#define EDKII_DEVICE_MEASUREMENT_CONFIGURATION_EVENT_TYPE 0x800000E2 - -// -// Device Firmware Measurement Measurement Data -// The measurement data is the device firmware measurement. -// -// In order to support crypto agile, the firmware will hash the DeviceMeasurement again. -// As such the device measurement algo might be different with host firmware measurement algo. -// - -// -// Device Firmware Measurement Event Data -// -#define EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE "SPDM Device Sec\0" -#define EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION 0 - -// -// Device Type -// 0x03 ~ 0xDF reserved by TCG. -// 0xE0 ~ 0xFF reserved by OEM. -// -#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL 0 -#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI 1 -#define EDKII_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB 2 - -// -// Device Firmware Measurement Event Data Common Part -// The device specific part should follow this data structure. -// -typedef struct { - // - // It must be EDKII_DEVICE_SECURITY_EVENT_DATA_SIGNATURE. - // - UINT8 Signature[16]; - // - // It must be EDKII_DEVICE_SECURITY_EVENT_DATA_VERSION. - // - UINT16 Version; - // - // The length of whole data structure, including Device Context. - // - UINT16 Length; - // - // The SpdmHashAlgo - // - UINT32 SpdmHashAlgo; - // - // The type of device. This field is to determine the Device Context followed by. - // - UINT32 DeviceType; - // - // The SPDM measurement block. - // -//SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock; -} EDKII_DEVICE_SECURITY_EVENT_DATA_HEADER; - -// -// PCI device specific context -// -#define EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION 0 -typedef struct { - UINT16 Version; - UINT16 Length; - UINT16 VendorId; - UINT16 DeviceId; - UINT8 RevisionID; - UINT8 ClassCode[3]; - UINT16 SubsystemVendorID; - UINT16 SubsystemID; -} EDKII_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT; - -#pragma pack() - -#endif -- 2.19.2.windows.1