From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga04.intel.com (mga04.intel.com [])
 by mx.groups.io with SMTP id smtpd.web11.3442.1596674029695996418
 for <devel@edk2.groups.io>;
 Wed, 05 Aug 2020 17:34:02 -0700
Authentication-Results: mx.groups.io;
 dkim=missing; spf=fail (domain: intel.com, ip: <nil>, mailfrom: qi1.zhang@intel.com)
IronPort-SDR: ulzW3BdSLcdbfxhmVJui3cITga9+kQ/CZXpyziqQR4zvImr0VHgAd20eR/CeZ1IETyW//ic3Gh
 rv/DMFKRG9YQ==
X-IronPort-AV: E=McAfee;i="6000,8403,9704"; a="150152852"
X-IronPort-AV: E=Sophos;i="5.75,439,1589266800"; 
   d="scan'208";a="150152852"
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
  by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 Aug 2020 17:34:02 -0700
IronPort-SDR: I5bRaV1q6+0vtR9qXzQBqVQiynzcLjLMafrWO1C5DPfkPkHhGV4ihQhmirRdEWdy6tv/EEXMuG
 3Vjd7NjD1MZg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.75,439,1589266800"; 
   d="scan'208";a="274924461"
Received: from shwdesssddpdqi.ccr.corp.intel.com ([10.239.9.10])
  by fmsmga007.fm.intel.com with ESMTP; 05 Aug 2020 17:34:00 -0700
From: "Qi Zhang" <qi1.zhang@intel.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
	Chasel Chiu <chasel.chiu@intel.com>,
	Nate DeSimone <nathaniel.l.desimone@intel.com>,
	Star Zeng <star.zeng@intel.com>,
	Qi Zhang <qi1.zhang@intel.com>
Subject: [PATCH v2 8/9] IntelFsp2Wrapper/dsc: Add FspTpmMeasurementLib and PcdFspMeasurementConfig.
Date: Thu,  6 Aug 2020 08:33:41 +0800
Message-Id: <20200806003342.17866-9-qi1.zhang@intel.com>
X-Mailer: git-send-email 2.26.2.windows.1
In-Reply-To: <20200806003342.17866-1-qi1.zhang@intel.com>
References: <20200806003342.17866-1-qi1.zhang@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

From: Jiewen Yao <jiewen.yao@intel.com>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chasel Chiu <chasel.chiu@intel.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec | 17 +++++++++++++++++
 IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc |  5 ++++-
 2 files changed, 21 insertions(+), 1 deletion(-)

diff --git a/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec b/IntelFsp2Wrapper=
Pkg/IntelFsp2WrapperPkg.dec
index faf2be621c..4bd3250571 100644
--- a/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec
+++ b/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec
@@ -92,6 +92,23 @@
   #=0D
   gIntelFsp2WrapperTokenSpaceGuid.PcdFspModeSelection|0x00000001|UINT8|0x4=
000000A=0D
 =0D
+  ## This PCD decides how FSP is measured=0D
+  # 1) The BootGuard ACM may already measured the FSP component, such as F=
SPT/FSPM.=0D
+  # We need a flag (PCD) to indicate if there is need to do such FSP measu=
rement or NOT.=0D
+  # 2) The FSP binary includes FSP code and FSP UPD region. The UPD region=
 is considered=0D
+  # as configuration block, and it may be updated by OEM by design.=0D
+  # This flag (PCD) is to indicate if we need isolate the the UPD region f=
rom the FSP code region.=0D
+  # BIT0: Need measure FSP. (for FSP1.x) - reserved in FSP2.=0D
+  # BIT1: Need measure FSPT. (for FSP 2.x)=0D
+  # BIT2: Need measure FSPM. (for FSP 2.x)=0D
+  # BIT3: Need measure FSPS. (for FSP 2.x)=0D
+  # BIT4~30: reserved.=0D
+  # BIT31: Need isolate UPD region measurement.=0D
+    #0: measure FSP[T|M|S] as one binary in one record (PCR0).=0D
+    #1: measure FSP UPD region in one record (PCR1), the FSP code without =
UPD in another record (PCR0).=0D
+  #=0D
+  gIntelFsp2WrapperTokenSpaceGuid.PcdFspMeasurementConfig|0x0000000F|UINT3=
2|0x4000000B=0D
+=0D
 [PcdsFixedAtBuild, PcdsPatchableInModule,PcdsDynamic,PcdsDynamicEx]=0D
   #=0D
   ## These are the base address of FSP-M/S=0D
diff --git a/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc b/IntelFsp2Wrapper=
Pkg/IntelFsp2WrapperPkg.dsc
index cb4f69285d..5c0d509be4 100644
--- a/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc
+++ b/IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc
@@ -1,7 +1,7 @@
 ## @file=0D
 # Provides drivers and definitions to support fsp in EDKII bios.=0D
 #=0D
-# Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved.<BR>=0D
+# Copyright (c) 2014 - 2020, Intel Corporation. All rights reserved.<BR>=0D
 # SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
 ##=0D
@@ -45,6 +45,7 @@
   # FSP Wrapper Lib=0D
   FspWrapperApiLib|IntelFsp2WrapperPkg/Library/BaseFspWrapperApiLib/BaseFs=
pWrapperApiLib.inf=0D
   FspWrapperApiTestLib|IntelFsp2WrapperPkg/Library/BaseFspWrapperApiTestLi=
bNull/BaseFspWrapperApiTestLibNull.inf=0D
+  FspMeasurementLib|IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/Base=
FspMeasurementLib.inf=0D
 =0D
   # FSP platform sample=0D
   FspWrapperPlatformLib|IntelFsp2WrapperPkg/Library/BaseFspWrapperPlatform=
LibSample/BaseFspWrapperPlatformLibSample.inf=0D
@@ -57,6 +58,7 @@
   PeiServicesLib|MdePkg/Library/PeiServicesLib/PeiServicesLib.inf=0D
   MemoryAllocationLib|MdePkg/Library/PeiMemoryAllocationLib/PeiMemoryAlloc=
ationLib.inf=0D
   HobLib|MdePkg/Library/PeiHobLib/PeiHobLib.inf=0D
+  TpmMeasurementLib|SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasure=
mentLib.inf=0D
 =0D
 [LibraryClasses.common.DXE_DRIVER]=0D
   UefiDriverEntryPoint|MdePkg/Library/UefiDriverEntryPoint/UefiDriverEntry=
Point.inf=0D
@@ -73,6 +75,7 @@
   IntelFsp2WrapperPkg/Library/SecFspWrapperPlatformSecLibSample/SecFspWrap=
perPlatformSecLibSample.inf=0D
   IntelFsp2WrapperPkg/Library/PeiFspWrapperHobProcessLibSample/PeiFspWrapp=
erHobProcessLibSample.inf=0D
   IntelFsp2WrapperPkg/Library/PeiFspWrapperApiTestLib/PeiFspWrapperApiTest=
Lib.inf=0D
+  IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurementLib.=
inf=0D
 =0D
   IntelFsp2WrapperPkg/FspmWrapperPeim/FspmWrapperPeim.inf=0D
   IntelFsp2WrapperPkg/FspsWrapperPeim/FspsWrapperPeim.inf=0D
--=20
2.26.2.windows.1