public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Yao, Jiewen" <jiewen.yao@intel.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>, Chao Zhang <chao.b.zhang@intel.com>
Subject: [PATCH 2/6] SecurityPkg/Tcg2Dxe: Add Tcg2Dxe to support 800-155 event.
Date: Tue, 31 Dec 2019 14:44:08 +0800	[thread overview]
Message-ID: <20191231064412.22988-3-jiewen.yao@intel.com> (raw)
In-Reply-To: <20191231064412.22988-1-jiewen.yao@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2439

The TCG2 DXE supports to parse the 800-155 event GUID from PEI
and puts to the beginning of the TCG2 event.

The TCG2 DXE also supports a DXE driver produces 800-155 event
and let TCG2 DXE driver record.

The 800-155 is a NO-ACTION event which does not need extend
anything to TPM2. The TCG2 DXE also supports that.

Multiple 800-155 events are supported. All of them will be put
to the beginning of the TCG2 event, just after the SpecId event.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c   | 157 +++++++++++++++++++++++-----
 SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf |   1 +
 2 files changed, 129 insertions(+), 29 deletions(-)

diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index 3cd16c2fa3..b185b56703 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -75,6 +75,7 @@ typedef struct {
   UINT8                             *LastEvent;
   BOOLEAN                           EventLogStarted;
   BOOLEAN                           EventLogTruncated;
+  UINTN                             Next800155EventOffset;
 } TCG_EVENT_LOG_AREA_STRUCT;
 
 typedef struct _TCG_DXE_DATA {
@@ -771,16 +772,42 @@ Tcg2GetEventLog (
   return EFI_SUCCESS;
 }
 
+/*
+  Return if this is a Tcg800155PlatformIdEvent.
+
+  @param[in]      NewEventHdr         Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
+  @param[in]      NewEventHdrSize     New event header size.
+  @param[in]      NewEventData        Pointer to the new event data.
+  @param[in]      NewEventSize        New event data size.
+
+  @retval TRUE   This is a Tcg800155PlatformIdEvent.
+  @retval FALSE  This is NOT a Tcg800155PlatformIdEvent.
+
+*/
+BOOLEAN
+Is800155Event (
+  IN      VOID                      *NewEventHdr,
+  IN      UINT32                    NewEventHdrSize,
+  IN      UINT8                     *NewEventData,
+  IN      UINT32                    NewEventSize
+  )
+{
+  if ((((TCG_PCR_EVENT2_HDR *)NewEventHdr)->EventType == EV_NO_ACTION) &&
+      (NewEventSize >= sizeof(TCG_Sp800_155_PlatformId_Event2)) &&
+      (CompareMem (NewEventData, TCG_Sp800_155_PlatformId_Event2_SIGNATURE, sizeof(TCG_Sp800_155_PlatformId_Event2_SIGNATURE) - 1) == 0)) {
+    return TRUE;
+  }
+  return FALSE;
+}
+
 /**
   Add a new entry to the Event Log.
 
-  @param[in, out] EventLogPtr     Pointer to the Event Log data.
-  @param[in, out] LogSize         Size of the Event Log.
-  @param[in]      MaxSize         Maximum size of the Event Log.
-  @param[in]      NewEventHdr     Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
-  @param[in]      NewEventHdrSize New event header size.
-  @param[in]      NewEventData    Pointer to the new event data.
-  @param[in]      NewEventSize    New event data size.
+  @param[in, out] EventLogAreaStruct  The event log area data structure
+  @param[in]      NewEventHdr         Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
+  @param[in]      NewEventHdrSize     New event header size.
+  @param[in]      NewEventData        Pointer to the new event data.
+  @param[in]      NewEventSize        New event data size.
 
   @retval EFI_SUCCESS           The new event log entry was added.
   @retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.
@@ -788,9 +815,7 @@ Tcg2GetEventLog (
 **/
 EFI_STATUS
 TcgCommLogEvent (
-  IN OUT  UINT8                     **EventLogPtr,
-  IN OUT  UINTN                     *LogSize,
-  IN      UINTN                     MaxSize,
+  IN OUT  TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct,
   IN      VOID                      *NewEventHdr,
   IN      UINT32                    NewEventHdrSize,
   IN      UINT8                     *NewEventData,
@@ -798,6 +823,7 @@ TcgCommLogEvent (
   )
 {
   UINTN                            NewLogSize;
+  BOOLEAN                          Record800155Event;
 
   if (NewEventSize > MAX_ADDRESS -  NewEventHdrSize) {
     return EFI_OUT_OF_RESOURCES;
@@ -805,23 +831,55 @@ TcgCommLogEvent (
 
   NewLogSize = NewEventHdrSize + NewEventSize;
 
-  if (NewLogSize > MAX_ADDRESS -  *LogSize) {
+  if (NewLogSize > MAX_ADDRESS -  EventLogAreaStruct->EventLogSize) {
     return EFI_OUT_OF_RESOURCES;
   }
 
-  if (NewLogSize + *LogSize > MaxSize) {
-    DEBUG ((EFI_D_INFO, "  MaxSize    - 0x%x\n", MaxSize));
-    DEBUG ((EFI_D_INFO, "  NewLogSize - 0x%x\n", NewLogSize));
-    DEBUG ((EFI_D_INFO, "  LogSize    - 0x%x\n", *LogSize));
-    DEBUG ((EFI_D_INFO, "TcgCommLogEvent - %r\n", EFI_OUT_OF_RESOURCES));
+  if (NewLogSize + EventLogAreaStruct->EventLogSize > EventLogAreaStruct->Laml) {
+    DEBUG ((DEBUG_INFO, "  Laml       - 0x%x\n", EventLogAreaStruct->Laml));
+    DEBUG ((DEBUG_INFO, "  NewLogSize - 0x%x\n", NewLogSize));
+    DEBUG ((DEBUG_INFO, "  LogSize    - 0x%x\n", EventLogAreaStruct->EventLogSize));
+    DEBUG ((DEBUG_INFO, "TcgCommLogEvent - %r\n", EFI_OUT_OF_RESOURCES));
     return EFI_OUT_OF_RESOURCES;
   }
 
-  *EventLogPtr += *LogSize;
-  *LogSize += NewLogSize;
-  CopyMem (*EventLogPtr, NewEventHdr, NewEventHdrSize);
+  //
+  // Check 800-155 event
+  // Record to 800-155 event offset only.
+  // If the offset is 0, no need to record.
+  //
+  Record800155Event = Is800155Event (NewEventHdr, NewEventHdrSize, NewEventData, NewEventSize);
+  if (Record800155Event) {
+    if (EventLogAreaStruct->Next800155EventOffset != 0) {
+      CopyMem (
+        (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset + NewLogSize,
+        (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset,
+        EventLogAreaStruct->EventLogSize - EventLogAreaStruct->Next800155EventOffset
+        );
+
+      CopyMem (
+        (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset,
+        NewEventHdr,
+        NewEventHdrSize
+        );
+      CopyMem (
+        (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset + NewEventHdrSize,
+        NewEventData,
+        NewEventSize
+        );
+
+      EventLogAreaStruct->Next800155EventOffset += NewLogSize;
+      EventLogAreaStruct->LastEvent += NewLogSize;
+      EventLogAreaStruct->EventLogSize += NewLogSize;
+    }
+    return EFI_SUCCESS;
+  }
+
+  EventLogAreaStruct->LastEvent = (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->EventLogSize;
+  EventLogAreaStruct->EventLogSize += NewLogSize;
+  CopyMem (EventLogAreaStruct->LastEvent, NewEventHdr, NewEventHdrSize);
   CopyMem (
-    *EventLogPtr + NewEventHdrSize,
+    EventLogAreaStruct->LastEvent + NewEventHdrSize,
     NewEventData,
     NewEventSize
     );
@@ -873,11 +931,8 @@ TcgDxeLogEvent (
     return EFI_VOLUME_FULL;
   }
 
-  EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;
   Status = TcgCommLogEvent (
-             &EventLogAreaStruct->LastEvent,
-             &EventLogAreaStruct->EventLogSize,
-             (UINTN)EventLogAreaStruct->Laml,
+             EventLogAreaStruct,
              NewEventHdr,
              NewEventHdrSize,
              NewEventData,
@@ -907,11 +962,8 @@ TcgDxeLogEvent (
       return EFI_VOLUME_FULL;
     }
 
-    EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;
     Status = TcgCommLogEvent (
-               &EventLogAreaStruct->LastEvent,
-               &EventLogAreaStruct->EventLogSize,
-               (UINTN)EventLogAreaStruct->Laml,
+               EventLogAreaStruct,
                NewEventHdr,
                NewEventHdrSize,
                NewEventData,
@@ -1138,11 +1190,25 @@ TcgDxeHashLogExtendEvent (
 {
   EFI_STATUS                        Status;
   TPML_DIGEST_VALUES                DigestList;
+  TCG_PCR_EVENT2_HDR                NoActionEvent;
 
   if (!mTcgDxeData.BsCap.TPMPresentFlag) {
     return EFI_DEVICE_ERROR;
   }
 
+  if (NewEventHdr->EventType == EV_NO_ACTION) {
+    //
+    // Do not do TPM extend for EV_NO_ACTION
+    //
+    Status = EFI_SUCCESS;
+    InitNoActionEvent (&NoActionEvent, NewEventHdr->EventSize);
+    if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
+      Status = TcgDxeLogHashEvent (&(NoActionEvent.Digests), NewEventHdr, NewEventData);
+    }
+
+    return Status;
+  }
+
   Status = HashAndExtend (
              NewEventHdr->PCRIndex,
              HashData,
@@ -1202,7 +1268,13 @@ Tcg2HashLogExtendEvent (
 
   DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent ...\n"));
 
-  if ((This == NULL) || (DataToHash == 0) || (Event == NULL)) {
+  if ((This == NULL) || (Event == NULL)) {
+    return EFI_INVALID_PARAMETER;
+  }
+  //
+  // Do not check hash data size for EV_NO_ACTION event.
+  //
+  if ((Event->Header.EventType != EV_NO_ACTION) && (DataToHash == 0)) {
     return EFI_INVALID_PARAMETER;
   }
 
@@ -1487,6 +1559,7 @@ SetupEventLog (
       }
       mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
       mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
+      mTcgDxeData.EventLogAreaStruct[Index].Next800155EventOffset = 0;
 
       if ((PcdGet8(PcdTpm2AcpiTableRev) >= 4) ||
           (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)) {
@@ -1577,6 +1650,30 @@ SetupEventLog (
                    (UINT8 *)TcgEfiSpecIdEventStruct,
                    SpecIdEvent.EventSize
                    );
+        //
+        // record the offset at the end of 800-155 event.
+        // the future 800-155 event can be inserted here.
+        //
+        mTcgDxeData.EventLogAreaStruct[Index].Next800155EventOffset = mTcgDxeData.EventLogAreaStruct[Index].EventLogSize;
+
+        //
+        // Tcg800155PlatformIdEvent. Event format is TCG_PCR_EVENT2
+        //
+        GuidHob.Guid = GetFirstGuidHob (&gTcg800155PlatformIdEventHobGuid);
+        while (GuidHob.Guid != NULL) {
+          InitNoActionEvent(&NoActionEvent, GET_GUID_HOB_DATA_SIZE (GuidHob.Guid));
+
+          Status = TcgDxeLogEvent (
+                     mTcg2EventInfo[Index].LogFormat,
+                     &NoActionEvent,
+                     sizeof(NoActionEvent.PCRIndex) + sizeof(NoActionEvent.EventType) + GetDigestListBinSize (&NoActionEvent.Digests) + sizeof(NoActionEvent.EventSize),
+                     GET_GUID_HOB_DATA (GuidHob.Guid),
+                     GET_GUID_HOB_DATA_SIZE (GuidHob.Guid)
+                     );
+
+          GuidHob.Guid = GET_NEXT_HOB (GuidHob);
+          GuidHob.Guid = GetNextGuidHob (&gTcg800155PlatformIdEventHobGuid, GuidHob.Guid);
+        }
 
         //
         // EfiStartupLocalityEvent. Event format is TCG_PCR_EVENT2
@@ -1643,6 +1740,7 @@ SetupEventLog (
         mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID *)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;
         mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
         mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
+        mTcgDxeData.FinalEventLogAreaStruct[Index].Next800155EventOffset = 0;
 
         //
         // Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2
@@ -1663,6 +1761,7 @@ SetupEventLog (
         mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = 0;
         mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
         mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
+        mTcgDxeData.FinalEventLogAreaStruct[Index].Next800155EventOffset = 0;
       }
     }
   }
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
index 0127a31e97..576cf80d06 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -85,6 +85,7 @@
 
   gTcgEvent2EntryHobGuid                             ## SOMETIMES_CONSUMES  ## HOB
   gTpm2StartupLocalityHobGuid                        ## SOMETIMES_CONSUMES  ## HOB
+  gTcg800155PlatformIdEventHobGuid                   ## SOMETIMES_CONSUMES  ## HOB
 
 [Protocols]
   gEfiTcg2ProtocolGuid                               ## PRODUCES
-- 
2.19.2.windows.1


  parent reply	other threads:[~2019-12-31  6:44 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-12-31  6:44 [PATCH 0/6] TCG: Add TCG PFP rev 105 and 800-155 event support Yao, Jiewen
2019-12-31  6:44 ` [PATCH 1/6] SecurityPkg/Guid: Add TCG 800-155 event GUID definition Yao, Jiewen
2020-01-06  3:22   ` Wang, Jian J
2019-12-31  6:44 ` Yao, Jiewen [this message]
2020-01-06  5:59   ` [edk2-devel] [PATCH 2/6] SecurityPkg/Tcg2Dxe: Add Tcg2Dxe to support 800-155 event Wang, Jian J
2019-12-31  6:44 ` [PATCH 3/6] MdeModulePkg/Smbios: Done measure Smbios multiple times Yao, Jiewen
2020-01-02 11:01   ` Zeng, Star
2019-12-31  6:44 ` [PATCH 4/6] MdeModulePkg/dec: add PcdTcgPfpMeasurementRevision PCD Yao, Jiewen
2020-01-06  3:13   ` Wang, Jian J
2019-12-31  6:44 ` [PATCH 5/6] MdeModulePkg/Smbios: Add TCG PFP rev 105 support Yao, Jiewen
2020-01-02 11:09   ` Zeng, Star
2020-01-02 14:16     ` Yao, Jiewen
2020-01-03  0:54       ` Zeng, Star
2019-12-31  6:44 ` [PATCH 6/6] SecurityPkg/Tcg2Pei: Add TCG PFP " Yao, Jiewen
2020-01-06  5:33   ` Wang, Jian J
2020-01-06  5:53     ` Yao, Jiewen
2020-01-06  5:57       ` Wang, Jian J
2020-01-06  6:00         ` Yao, Jiewen
2020-01-02  0:11 ` [edk2-devel] [PATCH 0/6] TCG: Add TCG PFP rev 105 and 800-155 event support Liming Gao
2020-01-02  0:39   ` Yao, Jiewen
2020-01-06  6:11 ` Wang, Jian J

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20191231064412.22988-3-jiewen.yao@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox