From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com []) by mx.groups.io with SMTP id smtpd.web12.14679.1594709372852380864 for ; Mon, 13 Jul 2020 23:49:48 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=fail (domain: intel.com, ip: , mailfrom: qi1.zhang@intel.com) IronPort-SDR: ddGsLVC/YtU2ccOkT1YzglHNEJ2i3UTeHR7LBscBApBmQclTLlWrodfWK1ie5e6zpl78XoiAt/ icDRHNJX3R2Q== X-IronPort-AV: E=McAfee;i="6000,8403,9681"; a="136287727" X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="136287727" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 13 Jul 2020 23:49:48 -0700 IronPort-SDR: XDkbPIL6XVYxJQMcW3WZ+8+nayZy/+RASOzoYChWfeK3Eszotc+Q0jUI5aWOq+9Rx89VXaIXxb rRzZBhhT5ocw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,350,1589266800"; d="scan'208";a="360292100" Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10]) by orsmga001.jf.intel.com with ESMTP; 13 Jul 2020 23:49:44 -0700 From: Qi Zhang To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Qi Zhang , Rahul Kumar Subject: [PATCH 4/6] SecurityPkg/Tcg2: Add TcgPpi Date: Tue, 14 Jul 2020 14:49:20 +0800 Message-Id: <20200714064922.7025-5-qi1.zhang@intel.com> X-Mailer: git-send-email 2.26.2.windows.1 In-Reply-To: <20200714064922.7025-1-qi1.zhang@intel.com> References: <20200714064922.7025-1-qi1.zhang@intel.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Jiewen Yao REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Jiewen Yao --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 61 ++++++++++++++++++++++++----- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 3 +- 2 files changed, 54 insertions(+), 10 deletions(-) diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tc= g2Pei.c index 19b8e4b318..1313bbc9e1 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -1,7 +1,7 @@ /** @file=0D Initialize TPM2 device and measure FVs before handing off control to DXE= .=0D =0D -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
=0D Copyright (c) 2017, Microsoft Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D @@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =0D #include =0D #include =0D +#include =0D =0D #include =0D #include =0D @@ -66,6 +67,43 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = =3D { NULL=0D };=0D =0D +/**=0D + Do a hash operation on a data buffer, extend a specific TPM PCR with the= hash result,=0D + and build a GUIDed HOB recording the event which will be passed to the D= XE phase and=0D + added into the Event Log.=0D +=0D + @param[in] This Indicates the calling context=0D + @param[in] HashData Physical address of the start of the data = buffer=0D + to be hashed, extended, and logged.=0D + @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData.=0D + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data struct= ure.=0D + @param[in] NewEventData Pointer to the new event data.=0D +=0D + @retval EFI_SUCCESS Operation completed successfully.=0D + @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.=0D + @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D +=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +HashLogExtendEvent (=0D + IN EDKII_TCG_PPI *This,=0D + IN UINT8 *HashData,=0D + IN UINTN HashDataLen,=0D + IN TCG_PCR_EVENT_HDR *NewEventHdr,=0D + IN UINT8 *NewEventData=0D + );=0D +=0D +EDKII_TCG_PPI mEdkiiTcgPpi =3D {=0D + HashLogExtendEvent=0D +};=0D +=0D +EFI_PEI_PPI_DESCRIPTOR mTcgPpiList =3D {=0D + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,=0D + &gEdkiiTcgPpiGuid,=0D + &mEdkiiTcgPpi=0D +};=0D +=0D //=0D // Number of firmware blobs to grow by each time we run out of room=0D //=0D @@ -375,7 +413,7 @@ LogHashEvent ( and build a GUIDed HOB recording the event which will be passed to the D= XE phase and=0D added into the Event Log.=0D =0D - @param[in] Flags Bitmap providing additional information.=0D + @param[in] This Indicates the calling context=0D @param[in] HashData Physical address of the start of the data = buffer=0D to be hashed, extended, and logged.=0D @param[in] HashDataLen The length, in bytes, of the buffer refere= nced by HashData.=0D @@ -388,8 +426,9 @@ LogHashEvent ( =0D **/=0D EFI_STATUS=0D +EFIAPI=0D HashLogExtendEvent (=0D - IN UINT64 Flags,=0D + IN EDKII_TCG_PPI *This,=0D IN UINT8 *HashData,=0D IN UINTN HashDataLen,=0D IN TCG_PCR_EVENT_HDR *NewEventHdr,=0D @@ -410,9 +449,7 @@ HashLogExtendEvent ( &DigestList=0D );=0D if (!EFI_ERROR (Status)) {=0D - if ((Flags & EFI_TCG2_EXTEND_ONLY) =3D=3D 0) {=0D - Status =3D LogHashEvent (&DigestList, NewEventHdr, NewEventData);=0D - }=0D + Status =3D LogHashEvent (&DigestList, NewEventHdr, NewEventData);=0D }=0D =0D if (Status =3D=3D EFI_DEVICE_ERROR) {=0D @@ -452,7 +489,7 @@ MeasureCRTMVersion ( TcgEventHdr.EventSize =3D (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwa= reVersionString));=0D =0D return HashLogExtendEvent (=0D - 0,=0D + &mEdkiiTcgPpi,=0D (UINT8*)PcdGetPtr (PcdFirmwareVersionString),=0D TcgEventHdr.EventSize,=0D &TcgEventHdr,=0D @@ -672,7 +709,7 @@ MeasureFvImage ( // Hash the FV, extend digest to the TPM and log TCG event=0D //=0D Status =3D HashLogExtendEvent (=0D - 0,=0D + &mEdkiiTcgPpi,=0D (UINT8*) (UINTN) FvBase, // HashData=0D (UINTN) FvLength, // HashDataLen=0D &TcgEventHdr, // EventHdr=0D @@ -866,6 +903,12 @@ PeimEntryMP ( Status =3D PeiServicesNotifyPpi (&mNotifyList[0]);=0D ASSERT_EFI_ERROR (Status);=0D =0D + //=0D + // install Tcg Services=0D + //=0D + Status =3D PeiServicesInstallPpi (&mTcgPpiList);=0D + ASSERT_EFI_ERROR (Status);=0D +=0D return Status;=0D }=0D =0D @@ -893,7 +936,7 @@ MeasureSeparatorEventWithError ( TcgEvent.PCRIndex =3D PCRIndex;=0D TcgEvent.EventType =3D EV_SEPARATOR;=0D TcgEvent.EventSize =3D (UINT32)sizeof (EventData);=0D - return HashLogExtendEvent(0,(UINT8 *)&EventData, TcgEvent.EventSize, &Tc= gEvent,(UINT8 *)&EventData);=0D + return HashLogExtendEvent(&mEdkiiTcgPpi,(UINT8 *)&EventData, TcgEvent.Ev= entSize, &TcgEvent,(UINT8 *)&EventData);=0D }=0D =0D /**=0D diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/= Tcg2Pei.inf index 3d361e8859..f64b29f1ae 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -8,7 +8,7 @@ #=0D # This module will initialize TPM device, measure reported FVs and BIOS v= ersion.=0D #=0D -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
=0D +# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
=0D # Copyright (c) 2017, Microsoft Corporation. All rights reserved.
=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D @@ -72,6 +72,7 @@ gPeiTpmInitializationDonePpiGuid ## = PRODUCES=0D gEfiEndOfPeiSignalPpiGuid ## = SOMETIMES_CONSUMES ## NOTIFY=0D gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid ## = SOMETIMES_CONSUMES=0D + gEdkiiTcgPpiGuid ## = PRODUCES=0D =0D [Pcd]=0D gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## = SOMETIMES_CONSUMES=0D --=20 2.26.2.windows.1