From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) by mx.groups.io with SMTP id smtpd.web10.16658.1627598612326400724 for ; Thu, 29 Jul 2021 15:43:33 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.120, mailfrom: rodrigo.gonzalez.del.cueto@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10060"; a="211106057" X-IronPort-AV: E=Sophos;i="5.84,280,1620716400"; d="scan'208";a="211106057" Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by fmsmga104.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jul 2021 15:43:29 -0700 X-IronPort-AV: E=Sophos;i="5.84,280,1620716400"; d="scan'208";a="507499121" Received: from fm73lab177-1.amr.corp.intel.com ([10.80.209.189]) by fmsmga003-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Jul 2021 15:43:29 -0700 From: "Rodrigo Gonzalez del Cueto" To: devel@edk2.groups.io Cc: Rodrigo Gonzalez del Cueto , Jiewen Yao , Jian J Wang Subject: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations. Date: Thu, 29 Jul 2021 15:43:14 -0700 Message-Id: <20210729224314.259-1-rodrigo.gonzalez.del.cueto@intel.com> X-Mailer: git-send-email 2.31.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858 Add debug functionality to examine TPM extend operations performed by BIOS and inspect the PCR 00 value prior to any BIOS measurements. Replaced usage of EFI_D_* for DEBUG_* definitions in debug messages. Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jiewen Yao Cc: Jian J Wang --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 28 ++++++++++++++++++++++------ SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c | 226 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------------- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 34 ++++++++++++++++++++-------------- 3 files changed, 245 insertions(+), 43 deletions(-) diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h b/SecurityPkg/Include/Library/Tpm2CommandLib.h index ee8eb62295..5e5c340893 100644 --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h @@ -1,7 +1,7 @@ /** @file This library is used by other modules to send TPM2 command. -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -505,7 +505,7 @@ EFIAPI Tpm2PcrEvent ( IN TPMI_DH_PCR PcrHandle, IN TPM2B_EVENT *EventData, - OUT TPML_DIGEST_VALUES *Digests + OUT TPML_DIGEST_VALUES *Digests ); /** @@ -522,10 +522,10 @@ Tpm2PcrEvent ( EFI_STATUS EFIAPI Tpm2PcrRead ( - IN TPML_PCR_SELECTION *PcrSelectionIn, - OUT UINT32 *PcrUpdateCounter, - OUT TPML_PCR_SELECTION *PcrSelectionOut, - OUT TPML_DIGEST *PcrValues + IN TPML_PCR_SELECTION *PcrSelectionIn, + OUT UINT32 *PcrUpdateCounter, + OUT TPML_PCR_SELECTION *PcrSelectionOut, + OUT TPML_DIGEST *PcrValues ); /** @@ -1113,4 +1113,20 @@ GetDigestFromDigestList( OUT VOID *Digest ); + /** + This function will query the TPM to determine which hashing algorithms and + get the digests of all active and supported PCR banks of a specific PCR register. + + @param[in] PcrHandle The index of the PCR register to be read. + @param[out] HashList List of digests from PCR register being read. + + @retval EFI_SUCCESS The Pcr was read successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrReadForActiveBank ( + IN TPMI_DH_PCR PcrHandle, + OUT TPML_DIGEST *HashList + ); #endif diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c index ddb15178fb..3b49192b93 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c @@ -1,7 +1,7 @@ /** @file Implement TPM2 Integrity related command. -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -109,7 +109,6 @@ Tpm2PcrExtend ( Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Extend); Cmd.PcrHandle = SwapBytes32(PcrHandle); - // // Add in Auth session // @@ -130,14 +129,26 @@ Tpm2PcrExtend ( Buffer += sizeof(UINT16); DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg); if (DigestSize == 0) { - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg)); + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg)); return EFI_DEVICE_ERROR; } + CopyMem( Buffer, &Digests->digests[Index].digest, DigestSize ); + + DEBUG_CODE_BEGIN (); + UINTN Index2; + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend - Hash = 0x%04x, Pcr[%02d], digest = ", Digests->digests[Index].hashAlg, (UINT8) PcrHandle)); + + for (Index2 = 0; Index2 < DigestSize; Index2++) { + DEBUG ((DEBUG_VERBOSE, "%02x ", Buffer[Index2])); + } + DEBUG ((DEBUG_VERBOSE, "\n")); + DEBUG_CODE_END (); + Buffer += DigestSize; } @@ -151,7 +162,7 @@ Tpm2PcrExtend ( } if (ResultBufSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n")); + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n")); return EFI_BUFFER_TOO_SMALL; } @@ -160,7 +171,7 @@ Tpm2PcrExtend ( // RespSize = SwapBytes32(Res.Header.paramSize); if (RespSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize)); return EFI_BUFFER_TOO_SMALL; } @@ -168,10 +179,15 @@ Tpm2PcrExtend ( // Fail if command failed // if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); return EFI_DEVICE_ERROR; } + DEBUG_CODE_BEGIN (); + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend: PCR read after extend...\n")); + Tpm2PcrReadForActiveBank (PcrHandle, NULL); + DEBUG_CODE_END (); + // // Unmarshal the response // @@ -246,7 +262,7 @@ Tpm2PcrEvent ( } if (ResultBufSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n")); + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n")); return EFI_BUFFER_TOO_SMALL; } @@ -255,7 +271,7 @@ Tpm2PcrEvent ( // RespSize = SwapBytes32(Res.Header.paramSize); if (RespSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize)); return EFI_BUFFER_TOO_SMALL; } @@ -263,7 +279,7 @@ Tpm2PcrEvent ( // Fail if command failed // if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); return EFI_DEVICE_ERROR; } @@ -284,7 +300,7 @@ Tpm2PcrEvent ( Buffer += sizeof(UINT16); DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg); if (DigestSize == 0) { - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg)); + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg)); return EFI_DEVICE_ERROR; } CopyMem( @@ -298,6 +314,7 @@ Tpm2PcrEvent ( return EFI_SUCCESS; } + /** This command returns the values of all PCR specified in pcrSelect. @@ -353,11 +370,11 @@ Tpm2PcrRead ( } if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); return EFI_DEVICE_ERROR; } if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode))); + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode))); return EFI_NOT_FOUND; } @@ -369,7 +386,7 @@ Tpm2PcrRead ( // PcrUpdateCounter // if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); return EFI_DEVICE_ERROR; } *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter); @@ -378,7 +395,7 @@ Tpm2PcrRead ( // PcrSelectionOut // if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); return EFI_DEVICE_ERROR; } PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count); @@ -388,7 +405,7 @@ Tpm2PcrRead ( } if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize)); return EFI_DEVICE_ERROR; } for (Index = 0; Index < PcrSelectionOut->count; Index++) { @@ -513,7 +530,7 @@ Tpm2PcrAllocate ( } if (ResultBufSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n")); + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n")); Status = EFI_BUFFER_TOO_SMALL; goto Done; } @@ -523,7 +540,7 @@ Tpm2PcrAllocate ( // RespSize = SwapBytes32(Res.Header.paramSize); if (RespSize > sizeof(Res)) { - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize)); + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize)); Status = EFI_BUFFER_TOO_SMALL; goto Done; } @@ -532,7 +549,7 @@ Tpm2PcrAllocate ( // Fail if command failed // if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { - DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); + DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); Status = EFI_DEVICE_ERROR; goto Done; } @@ -673,17 +690,180 @@ Tpm2PcrAllocateBanks ( &SizeNeeded, &SizeAvailable ); - DEBUG ((EFI_D_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status)); + DEBUG ((DEBUG_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status)); if (EFI_ERROR (Status)) { goto Done; } - DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); - DEBUG ((EFI_D_INFO, "MaxPCR - %08x\n", MaxPCR)); - DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded)); - DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable)); + DEBUG ((DEBUG_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); + DEBUG ((DEBUG_INFO, "MaxPCR - %08x\n", MaxPCR)); + DEBUG ((DEBUG_INFO, "SizeNeeded - %08x\n", SizeNeeded)); + DEBUG ((DEBUG_INFO, "SizeAvailable - %08x\n", SizeAvailable)); Done: ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac)); return Status; } + +/** + This function will query the TPM to determine which hashing algorithms and + get the digests of all active and supported PCR banks of a specific PCR register. + + @param[in] PcrHandle The index of the PCR register to be read. + @param[out] HashList List of digests from PCR register being read. + + @retval EFI_SUCCESS The Pcr was read successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrReadForActiveBank ( + IN TPMI_DH_PCR PcrHandle, + OUT TPML_DIGEST *HashList +) +{ + EFI_STATUS Status; + TPML_PCR_SELECTION Pcrs; + TPML_PCR_SELECTION PcrSelectionIn; + TPML_PCR_SELECTION PcrSelectionOut; + TPML_DIGEST PcrValues; + UINT32 PcrUpdateCounter; + UINT8 PcrIndex; + UINT32 TpmHashAlgorithmBitmap; + TPMI_ALG_HASH CurrentPcrBankHash; + UINT32 ActivePcrBanks; + UINT32 TcgRegistryHashAlg; + UINTN Index; + UINTN Index2; + + PcrIndex = (UINT8) PcrHandle; + + if ((PcrIndex < 0) || + (PcrIndex >= IMPLEMENTATION_PCR)) { + return EFI_INVALID_PARAMETER; + } + + ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn)); + ZeroMem (&PcrUpdateCounter, sizeof (UINT32)); + ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut)); + ZeroMem (&PcrValues, sizeof (PcrValues)); + ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); + + DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex)); + + // + // Read TPM capabilities + // + Status = Tpm2GetCapabilityPcrs (&Pcrs); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n")); + return EFI_DEVICE_ERROR; + } + + // + // Get Active Pcrs + // + Status = Tpm2GetCapabilitySupportedAndActivePcrs ( + &TpmHashAlgorithmBitmap, + &ActivePcrBanks + ); + + if (EFI_ERROR (Status)) { + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and active PCRs\n")); + return EFI_DEVICE_ERROR; + } + + // + // Select from Active PCRs + // + for (Index = 0; Index < Pcrs.count; Index++) { + CurrentPcrBankHash = Pcrs.pcrSelections[Index].hash; + + switch (CurrentPcrBankHash) { + case TPM_ALG_SHA1: + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n")); + TcgRegistryHashAlg = HASH_ALG_SHA1; + break; + case TPM_ALG_SHA256: + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n")); + TcgRegistryHashAlg = HASH_ALG_SHA256; + break; + case TPM_ALG_SHA384: + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n")); + TcgRegistryHashAlg = HASH_ALG_SHA384; + break; + case TPM_ALG_SHA512: + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n")); + TcgRegistryHashAlg = HASH_ALG_SHA512; + break; + case TPM_ALG_SM3_256: + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n")); + TcgRegistryHashAlg = HASH_ALG_SM3_256; + break; + default: + // + // Unsupported algorithm + // + DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n")); + TcgRegistryHashAlg = 0; + break; + } + // + // Skip unsupported and inactive PCR banks + // + if ((TcgRegistryHashAlg & ActivePcrBanks) == 0) { + DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank: 0x%04x\n", CurrentPcrBankHash)); + continue; + } + + // + // Select PCR from current active bank + // + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash = Pcrs.pcrSelections[Index].hash; + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect = PCR_SELECT_MAX; + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] = (PcrIndex < 8) ? 1 << PcrIndex : 0; + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] = (PcrIndex > 7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0; + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] = (PcrIndex > 15) ? 1 << (PcrIndex - 16) : 0; + PcrSelectionIn.count++; + } + + // + // Read PCRs + // + Status = Tpm2PcrRead ( + &PcrSelectionIn, + &PcrUpdateCounter, + &PcrSelectionOut, + &PcrValues + ); + + if (EFI_ERROR (Status)) { + DEBUG((DEBUG_ERROR, "Tpm2PcrRead failed Status = %r \n", Status)); + return EFI_DEVICE_ERROR; + } + + for (Index = 0; Index < PcrValues.count; Index++) { + DEBUG (( + DEBUG_INFO, + "ReadPcr - HashAlg = 0x%04x, Pcr[%02d], digest = ", + PcrSelectionOut.pcrSelections[Index].hash, + PcrIndex + )); + + for(Index2 = 0; Index2 < PcrValues.digests[Index].size; Index2++) { + DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index2])); + } + DEBUG ((DEBUG_INFO, "\n")); + } + + if (HashList != NULL) { + CopyMem ( + HashList, + &PcrValues, + sizeof (TPML_DIGEST) + ); + } + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c index 93a8803ff6..ea79fa0af6 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM2 device and measure FVs before handing off control to DXE. -Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
Copyright (c) 2017, Microsoft Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -191,7 +191,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = { } }; - /** Record all measured Firmware Volume Information into a Guid Hob Guid Hob payload layout is @@ -267,7 +266,7 @@ SyncPcrAllocationsAndPcrMask ( UINT32 Tpm2PcrMask; UINT32 NewTpm2PcrMask; - DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); + DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); // // Determine the current TPM support and the Platform PCR mask. @@ -278,7 +277,7 @@ SyncPcrAllocationsAndPcrMask ( Tpm2PcrMask = PcdGet32 (PcdTpm2HashMask); if (Tpm2PcrMask == 0) { // - // if PcdTPm2HashMask is zero, use ActivePcr setting + // if PcdTpm2HashMask is zero, use ActivePcr setting // PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); Tpm2PcrMask = TpmActivePcrBanks; @@ -297,9 +296,9 @@ SyncPcrAllocationsAndPcrMask ( if ((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) { NewTpmActivePcrBanks = TpmActivePcrBanks & Tpm2PcrMask; - DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); + DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); if (NewTpmActivePcrBanks == 0) { - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); ASSERT (FALSE); } else { Status = Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitmap, NewTpmActivePcrBanks); @@ -307,7 +306,7 @@ SyncPcrAllocationsAndPcrMask ( // // We can't do much here, but we hope that this doesn't happen. // - DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTION__)); + DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n", __FUNCTION__)); ASSERT_EFI_ERROR (Status); } // @@ -324,9 +323,9 @@ SyncPcrAllocationsAndPcrMask ( if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) != Tpm2PcrMask) { NewTpm2PcrMask = Tpm2PcrMask & TpmHashAlgorithmBitmap; - DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); + DEBUG ((DEBUG_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); if (NewTpm2PcrMask == 0) { - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a less restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); ASSERT (FALSE); } @@ -365,7 +364,7 @@ LogHashEvent ( RetStatus = EFI_SUCCESS; for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) { if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) { - DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat)); + DEBUG ((DEBUG_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat)); switch (mTcg2EventInfo[Index].LogFormat) { case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2: Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest); @@ -476,7 +475,7 @@ HashLogExtendEvent ( } if (Status == EFI_DEVICE_ERROR) { - DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status)); + DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status)); BuildGuidHob (&gTpmErrorHobGuid,0); REPORT_STATUS_CODE ( EFI_ERROR_CODE | EFI_ERROR_MINOR, @@ -1011,7 +1010,7 @@ PeimEntryMA ( } if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) { - DEBUG ((EFI_D_ERROR, "TPM2 error!\n")); + DEBUG ((DEBUG_ERROR, "TPM2 error!\n")); return EFI_DEVICE_ERROR; } @@ -1075,7 +1074,7 @@ PeimEntryMA ( for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) { Status = MeasureSeparatorEventWithError (PcrIndex); if (EFI_ERROR (Status)) { - DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured. Error!\n")); + DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured. Error!\n")); } } } @@ -1092,6 +1091,13 @@ PeimEntryMA ( } } + DEBUG_CODE_BEGIN (); + // + // Peek into TPM PCR 00 before any BIOS measurement. + // + Tpm2PcrReadForActiveBank (00, NULL); + DEBUG_CODE_END (); + // // Only install TpmInitializedPpi on success // @@ -1106,7 +1112,7 @@ PeimEntryMA ( Done: if (EFI_ERROR (Status)) { - DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n")); + DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n")); BuildGuidHob (&gTpmErrorHobGuid,0); REPORT_STATUS_CODE ( EFI_ERROR_CODE | EFI_ERROR_MINOR, -- 2.31.1.windows.1