From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from foss.arm.com (foss.arm.com [217.140.110.172]) by mx.groups.io with SMTP id smtpd.web10.23010.1641761913684755887 for ; Sun, 09 Jan 2022 12:58:34 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: arm.com, ip: 217.140.110.172, mailfrom: joseph.hemann@arm.com) Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 3D270139F; Sun, 9 Jan 2022 12:58:34 -0800 (PST) Received: from u203013-lin.austin.arm.com (u203013-lin.austin.arm.com [10.118.28.29]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPSA id 3388E3F766; Sun, 9 Jan 2022 12:58:34 -0800 (PST) From: "Joseph Hemann" To: devel@edk2.groups.io Cc: nd@arm.com, Joseph Hemann Subject: [PATCH 5/6] uefi-sct/SctPkg: TCG2 Protocol: add GetEventLog test Date: Sun, 9 Jan 2022 14:58:26 -0600 Message-Id: <20220109205827.3608758-6-Joseph.hemann@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20220109205827.3608758-1-Joseph.hemann@arm.com> References: <20220109205827.3608758-1-Joseph.hemann@arm.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable -add initial TCG2 protocol test for GetEventLog() -checkpoint for test function with invalid eventlog format -checkpoint for test function with valid eventlog format V2: -Change checkpoint names from HashLogExtendEvent to GetEventLog Signed-off-by: Joseph Hemann Change-Id: I5ca3a46b3d36e8f11848a788f6cfdcabeb5b04c8 --- .../EFI/Protocol/TCG2/BlackBoxTest/Guid.c | 8 + .../EFI/Protocol/TCG2/BlackBoxTest/Guid.h | 20 ++ .../TCG2/BlackBoxTest/TCG2ProtocolBBTest.h | 15 ++ .../TCG2ProtocolBBTestConformance.c | 204 +++++++++++++++++- uefi-sct/SctPkg/UEFI/Protocol/TCG2.h | 46 ++++ 5 files changed, 292 insertions(+), 1 deletion(-) diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/G= uid.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c index ed013744..b5a4e5c7 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.c @@ -49,3 +49,11 @@ EFI_GUID gTcg2ConformanceTestAssertionGuid009 =3D EFI_TE= ST_TCG2CONFORMANCE_ASSERTI EFI_GUID gTcg2ConformanceTestAssertionGuid010 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_010_GUID;=0D =0D EFI_GUID gTcg2ConformanceTestAssertionGuid011 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_011_GUID;=0D +=0D +EFI_GUID gTcg2ConformanceTestAssertionGuid012 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_012_GUID;=0D +=0D +EFI_GUID gTcg2ConformanceTestAssertionGuid013 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_013_GUID;=0D +=0D +EFI_GUID gTcg2ConformanceTestAssertionGuid014 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_014_GUID;=0D +=0D +EFI_GUID gTcg2ConformanceTestAssertionGuid015 =3D EFI_TEST_TCG2CONFORMANCE= _ASSERTION_015_GUID;=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/G= uid.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h index 45c2b2b2..d3a18aee 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/Guid.h @@ -80,3 +80,23 @@ extern EFI_GUID gTcg2ConformanceTestAssertionGuid010; { 0x9cd6d636, 0x603a, 0x4b78, {0x80, 0xa3, 0xa3, 0xb9, 0xcc, 0x6a, 0x0b, 0= x08 }}=0D =0D extern EFI_GUID gTcg2ConformanceTestAssertionGuid011;=0D +=0D +#define EFI_TEST_TCG2CONFORMANCE_ASSERTION_012_GUID \=0D +{ 0x0a938567, 0xb234, 0xad21, {0x2a, 0xa6, 0x11, 0x65, 0xaa, 0xde, 0x12, 0= xc2 }}=0D +=0D +extern EFI_GUID gTcg2ConformanceTestAssertionGuid012;=0D +=0D +#define EFI_TEST_TCG2CONFORMANCE_ASSERTION_013_GUID \=0D +{ 0x45fa1a42, 0x912a, 0x5124, {0x84, 0xf4, 0x41, 0x67, 0xab, 0xb5, 0x89, 0= x90 }}=0D +=0D +extern EFI_GUID gTcg2ConformanceTestAssertionGuid013;=0D +=0D +#define EFI_TEST_TCG2CONFORMANCE_ASSERTION_014_GUID \=0D +{ 0xfc80408e, 0x9a3c, 0x4054, {0x96, 0xf9, 0x31, 0x23, 0x35, 0xc2, 0x31, 0= x35 }}=0D +=0D +extern EFI_GUID gTcg2ConformanceTestAssertionGuid014;=0D +=0D +#define EFI_TEST_TCG2CONFORMANCE_ASSERTION_015_GUID \=0D +{ 0xa76d2903, 0xbbcc, 0x8a72, {0x90, 0x23, 0xd3, 0xaa, 0xba, 0xb1, 0x52, 0= x13 }}=0D=0D +=0D +extern EFI_GUID gTcg2ConformanceTestAssertionGuid015;=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/T= CG2ProtocolBBTest.h b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/Black= BoxTest/TCG2ProtocolBBTest.h index 1b56852e..d9c23094 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTest.h +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTest.h @@ -45,6 +45,8 @@ Abstract: =0D #define EV_POST_CODE 0x01=0D =0D +#define EV_NO_ACTION 0x03=0D=0D +=0D #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001=0D =0D #define PE_COFF_IMAGE 0x0000000000000010=0D @@ -97,6 +99,19 @@ BBTestHashLogExtendEventConformanceTestCheckpoint2 ( IN EFI_TCG2_PROTOCOL *TCG2=0D );=0D =0D +EFI_STATUS=0D=0D +BBTestGetEventLogConformanceTestCheckpoint1 (=0D=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D=0D + );=0D=0D +=0D=0D +EFI_STATUS=0D=0D +BBTestGetEventLogConformanceTestCheckpoint2 (=0D=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D=0D + );=0D=0D +=0D=0D +=0D EFI_STATUS=0D BBTestGetCapabilityConformanceTest (=0D IN EFI_BB_TEST_PROTOCOL *This,=0D diff --git a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/T= CG2ProtocolBBTestConformance.c b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol= /TCG2/BlackBoxTest/TCG2ProtocolBBTestConformance.c index 874e4eb8..a7bec793 100644 --- a/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestConformance.c +++ b/uefi-sct/SctPkg/TestCase/UEFI/EFI/Protocol/TCG2/BlackBoxTest/TCG2Prot= ocolBBTestConformance.c @@ -137,7 +137,7 @@ BBTestGetActivePcrBanksConformanceTest ( =0D /**=0D * @brief Entrypoint for HashLogExtendEvent() Function Test.=0D - * 2 checkpoints will be tested.=0D + * 4 checkpoints will be tested.=0D * @param This a pointer of EFI_BB_TEST_PROTOCOL=0D * @param ClientInterface A pointer to the interface array under test=0D * @param TestLevel Test "thoroughness" control=0D @@ -183,6 +183,12 @@ BBTestHashLogExtendEventConformanceTest ( //Test with correct size field=0D BBTestHashLogExtendEventConformanceTestCheckpoint2 (StandardLib, TCG2);= =0D =0D + // Test GetEventLog using invalid EventLog Format=0D + BBTestGetEventLogConformanceTestCheckpoint1 (StandardLib, TCG2);=0D +=0D + // Test GetEventLog using valid EventLog Format=0D + BBTestGetEventLogConformanceTestCheckpoint2 (StandardLib, TCG2);=0D + return EFI_SUCCESS;=0D }=0D =0D @@ -759,3 +765,199 @@ BBTestHashLogExtendEventConformanceTestCheckpoint2 ( =20 return EFI_SUCCESS;=0D }=0D + +#define EFI_TCG2_INVALID_EVENT_LOG_FORMAT 0x20=0D + +EFI_STATUS=0D +BBTestGetEventLogConformanceTestCheckpoint1 (=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D + )=0D +{=0D + EFI_TEST_ASSERTION AssertionType;=0D + EFI_STATUS Status;=0D + EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat;=0D + EFI_PHYSICAL_ADDRESS *EventLogLocation;=0D + EFI_PHYSICAL_ADDRESS *EventLogLastEntry;=0D + BOOLEAN *EventLogTruncated;=0D +=0D + // Ensure Get EventLog returns Invalid Parameter when passed invalid for= mat=0D + EventLogFormat =3D EFI_TCG2_INVALID_EVENT_LOG_FORMAT;=0D +=0D + Status =3D TCG2->GetEventLog (=0D + TCG2,=0D + EventLogFormat,=0D + EventLogLocation,=0D + EventLogLastEntry,=0D + EventLogTruncated);=0D +=0D + if (EFI_INVALID_PARAMETER !=3D Status) {=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + } else {=0D + AssertionType =3D EFI_TEST_ASSERTION_PASSED;=0D + }=0D +=0D + StandardLib->RecordAssertion (=0D + StandardLib,=0D + AssertionType,=0D + gTcg2ConformanceTestAssertionGuid012,=0D + L"TCG2_PROTOCOL.GetEventLog - GetEventLog() should return= EFI_INVALID_PARAMETER when passed in invalid EventLog Format",=0D + L"%a:%d: Status - %r",=0D + __FILE__,=0D + (UINTN)__LINE__,=0D + Status=0D + );=0D +=0D + return EFI_SUCCESS;=0D +}=0D +=0D +EFI_STATUS=0D +BBTestGetEventLogConformanceTestCheckpoint2 (=0D + IN EFI_STANDARD_TEST_LIBRARY_PROTOCOL *StandardLib,=0D + IN EFI_TCG2_PROTOCOL *TCG2=0D + )=0D +{=0D + EFI_TEST_ASSERTION AssertionType;=0D + EFI_STATUS Status;=0D + EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat;=0D + EFI_PHYSICAL_ADDRESS EventLogLocation;=0D + EFI_PHYSICAL_ADDRESS EventLogLastEntry;=0D + BOOLEAN EventLogTruncated;=0D + TCG_PCR_EVENT *EventLogHeader;=0D + TCG_EfiSpecIDEventStruct *EventLogHeaderSpecEvent;=0D + TCG_PCR_EVENT2 *LastEvent;=0D + UINT8 *data =3D "Spec ID Event03\0\0";=0D +=0D + EventLogFormat =3D EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;=0D +=0D + // Call GetEventLog with valid EventLogFormat=0D + Status =3D TCG2->GetEventLog (=0D + TCG2,=0D + EventLogFormat,=0D + &EventLogLocation,=0D + &EventLogLastEntry,=0D + &EventLogTruncated);=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_PASSED;=0D + + // Verify GetEventLog returns EFI_SUCCESS=0D + if (Status !=3D EFI_SUCCESS) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: GetEventLog sho= uld return EFI_SUCCESS with valid EventLogFormat, Status =3D %r",=0D + Status=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D +=0D + }=0D + + StandardLib->RecordAssertion (=0D + StandardLib,=0D + AssertionType,=0D + gTcg2ConformanceTestAssertionGuid013,=0D + L"TCG2_PROTOCOL.GetEventLog - GetEventLog() should return= EFI_SUCCESS",=0D + L"%a:%d: Status - %r",=0D + __FILE__,=0D + (UINTN)__LINE__,=0D + Status=0D + );=0D +=0D + // If GetEventLog doesn't return EFI_SUCCESS abort test=0D + if (Status !=3D EFI_SUCCESS) {=0D + return Status;=0D + }=0D + + EventLogHeader =3D (TCG_PCR_EVENT *) EventLogLocation;=0D + EventLogHeaderSpecEvent =3D (TCG_EfiSpecIDEventStruct *) EventLogHeader-= >Event;=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_PASSED;=0D +=0D + + // Verify valid eventlog header is returned + // Verify EventLogHeader PCR index =3D=3D 0=0D + if (EventLogHeader->PCRIndex !=3D 0) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: EventLogHeader = should have PCR index =3D=3D 0"=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Verify EventLogHeader event type =3D EV_NO_ACTION=0D + if (EventLogHeader->EventType !=3D EV_NO_ACTION) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: EventLogHeader = should be EventType =3D=3D EV_NO_ACTION"=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Verify EventLog Signature=0D + Status =3D SctStrCmp(EventLogHeaderSpecEvent->signature, data);=0D + + if (Status !=3D EFI_SUCCESS) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: EventLogHeader = Signature did not match \'Spec ID Event03\'"=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + StandardLib->RecordAssertion (=0D + StandardLib,=0D + AssertionType,=0D + gTcg2ConformanceTestAssertionGuid014,=0D + L"TCG2_PROTOCOL.GetEventLog - GetEventLog() should return= correct EventLogHeader",=0D + L"%a:%d: Status - %r",=0D + __FILE__,=0D + (UINTN)__LINE__,=0D + Status=0D + );=0D +=0D + + // Verify Event recorded in checkpoint2 was recorded in Eventlog + LastEvent =3D (TCG_PCR_EVENT2 *) EventLogLastEntry;=0D +=0D + // Verify Last Event PCR =3D 16=0D + if (LastEvent->PCRIndex !=3D 16) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: PCR Index of La= st event should be 16"=0D + );=0D +=0D + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D +=0D + // Verify last event type =3D EV_POST_CODE=0D + if (LastEvent->EventType !=3D EV_POST_CODE) {=0D + StandardLib->RecordMessage (=0D + StandardLib,=0D + EFI_VERBOSE_LEVEL_DEFAULT,=0D + L"\r\nTCG2 Protocol GetEventLog Test: PCR Index of la= st event should be type EV_POST_CODE"=0D + );=0D + + AssertionType =3D EFI_TEST_ASSERTION_FAILED;=0D + }=0D + + StandardLib->RecordAssertion (=0D + StandardLib,=0D + AssertionType,=0D + gTcg2ConformanceTestAssertionGuid015,=0D + L"TCG2_PROTOCOL.GetEventLog - GetEventLog() should record= Event from Checkpoint2 as last EventLogEntry",=0D + L"%a:%d: Status - %r",=0D + __FILE__,=0D + (UINTN)__LINE__,=0D + Status=0D + );=0D + + return EFI_SUCCESS;=0D +}=0D diff --git a/uefi-sct/SctPkg/UEFI/Protocol/TCG2.h b/uefi-sct/SctPkg/UEFI/Pr= otocol/TCG2.h index 923549e2..ac66fa0e 100644 --- a/uefi-sct/SctPkg/UEFI/Protocol/TCG2.h +++ b/uefi-sct/SctPkg/UEFI/Protocol/TCG2.h @@ -50,6 +50,8 @@ Abstract: =20 #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002 =20 +#define HASH_NUMBER 0x04=0D + typedef struct _EFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL; =20 typedef UINT64 EFI_PHYSICAL_ADDRESS; @@ -114,6 +116,50 @@ typedef struct tdEFI_TCG2_EVENT { UINT8 Event[]; } EFI_TCG2_EVENT; =20 +typedef struct {=0D + UINT16 hashAlg;=0D + UINT8 digest[];=0D +} TPMT_HA;=0D +=0D +typedef struct tdTPML_DIGEST_VALUES {=0D + UINT32 Count; // number of digests=0D + TPMT_HA Digests[HASH_NUMBER]; // Count digests=0D +} TPML_DIGEST_VALUES;=0D +=0D +// This Declaration is for parsing the eventlog header which is defined to= be 20 bytes in TCG EFI Protocol Spec=0D +typedef UINT8 TCG_DIGEST[20];=0D +=0D +typedef struct tdTCG_PCR_EVENT2 {=0D + TCG_PCRINDEX PCRIndex; // PCRIndex event extended to=0D + TCG_EVENTTYPE EventType; // Type of event (see [2])=0D + TPML_DIGEST_VALUES Digests; // List of digests extended to //PCRIndex=0D + UINT32 EventSize; // Size of the event data=0D + UINT8 *Event; // The event data=0D +} TCG_PCR_EVENT2;=0D +=0D +typedef struct tdTCG_PCR_EVENT {=0D + UINT32 PCRIndex; // PCRIndex event extended to=0D + UINT32 EventType; // Type of event (see EFI specs)=0D + TCG_DIGEST Digest; // Value extended into PCRIndex=0D + UINT32 EventSize; // Size of the event data=0D + UINT8 Event[0]; // The event data=0D +} TCG_PCR_EVENT;=0D +// Structure to be added to the Event Log=0D +=0D +typedef struct tdTCG_EfiSpecIdEventAlgorithmSize {=0D + UINT16 algorithmId;=0D + UINT16 digestSize;=0D +} TCG_EfiSpecIdEventAlgorithmSize;=0D +=0D +typedef struct tdTCG_EfiSpecIdEventStruct {=0D + UINT8 signature[16];=0D + UINT32 platformClass;=0D + UINT8 specVersionMinor;=0D + UINT8 specVersionMajor;=0D + UINT8 specErrata;=0D + UINT8 uintnSize;=0D +} TCG_EfiSpecIDEventStruct;=0D + typedef EFI_STATUS (EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) ( --=20 2.25.1