From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 17E11D800F6 for ; Mon, 8 Apr 2024 01:47:04 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=CWmHRdt0IjDZ8TO8o/+6joCTpGkT9CRuqXpIgXVlNvU=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1712540823; v=1; b=fUjQXHgllOF3BLkQcXqqJi6Lg2g8aekxJfe7FwRHMRWoeG0G83/eT62Zatazp/eYUvB5bE43 Bdniuy3T8gSte1rgD1DAMEc1rWX1WL3XgJuI4COcRty9X3XrpYay23e6RiKnNGxP4Zg5zukpAoX IARJhFKwHWsArL6kaApNo0+JTvBVwxe5bJ9FccWENKjjpGmK2T/I1zCizx9Cu8gLHkCijjyqpMm +dA0+uDhJ3Qsn6fc8Y89D0fWvcwzN52ls8n2U9NbWJQ2aVwi9z61dbWltbwi4c6IAt1koZTo/qr huVW93VmX7v/pon27Xd+/JEAdcKPFYtgaQnhhttWQdXAg== X-Received: by 127.0.0.2 with SMTP id XkPmYY7687511xMvOCuP39jz; Sun, 07 Apr 2024 18:47:03 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.18]) by mx.groups.io with SMTP id smtpd.web11.96783.1712540815713985685 for ; Sun, 07 Apr 2024 18:47:03 -0700 X-CSE-ConnectionGUID: Jf+briuFSNim+6XJr9LFyw== X-CSE-MsgGUID: 7abYOKnVRreBhpPyq1AfMg== X-IronPort-AV: E=McAfee;i="6600,9927,11037"; a="7969739" X-IronPort-AV: E=Sophos;i="6.07,186,1708416000"; d="scan'208";a="7969739" X-Received: from fmviesa003.fm.intel.com ([10.60.135.143]) by orvoesa110.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 07 Apr 2024 18:47:03 -0700 X-CSE-ConnectionGUID: xD0nGZkGS3OJJAOS6FUxQA== X-CSE-MsgGUID: 7F4TAKI7Q/G4UcR5I7onXw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,186,1708416000"; d="scan'208";a="24209704" X-Received: from shwdejointd777.ccr.corp.intel.com ([10.239.58.116]) by fmviesa003.fm.intel.com with ESMTP; 07 Apr 2024 18:47:01 -0700 From: "Wenxing Hou" To: devel@edk2.groups.io Cc: Jiewen Yao , Rahul Kumar Subject: [edk2-devel] [PATCH v2 5/9] SecurityPkg: Add TCG PFP 1.06 support. Date: Mon, 8 Apr 2024 09:46:45 +0800 Message-Id: <20240408014649.2521-6-wenxing.hou@intel.com> In-Reply-To: <20240408014649.2521-1-wenxing.hou@intel.com> References: <20240408014649.2521-1-wenxing.hou@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sun, 07 Apr 2024 18:47:03 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: 6f5ijCVJjlvz6efNUlXi0FmYx7686176AA= Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=fUjQXHgl; spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none) Add new api Tpm2ExtendNvIndex. It is uesd in HashCompleteAndExtend when PcrIndex > MAX_PCR_INDEX. Cc: Jiewen Yao Cc: Rahul Kumar Signed-off-by: Wenxing Hou --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +++- .../HashLibBaseCryptoRouterDxe.c | 88 +++++++++++-- .../Library/Tpm2CommandLib/Tpm2NVStorage.c | 122 +++++++++++++++++- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 61 ++++++++- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 4 +- 5 files changed, 278 insertions(+), 20 deletions(-) diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h b/SecurityPkg/Inc= lude/Library/Tpm2CommandLib.h index a2fb97f18d..70eec84c90 100644 --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h @@ -1,7 +1,7 @@ /** @file=0D This library is used by other modules to send TPM2 command.=0D =0D -Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -467,6 +467,27 @@ Tpm2NvGlobalWriteLock ( IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL=0D );=0D =0D +/**=0D + This command extends a value to an area in NV memory that was previously= defined by TPM2_NV_DefineSpace().=0D +=0D + @param[in] AuthHandle the handle indicating the source of the a= uthorization value.=0D + @param[in] NvIndex The NV Index of the area to extend.=0D + @param[in] AuthSession Auth Session context=0D + @param[in] InData The data to extend.=0D +=0D + @retval EFI_SUCCESS Operation completed successfully.=0D + @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D + @retval EFI_NOT_FOUND The command was returned successfully, bu= t NvIndex is not found.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +Tpm2NvExtend (=0D + IN TPMI_RH_NV_AUTH AuthHandle,=0D + IN TPMI_RH_NV_INDEX NvIndex,=0D + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,=0D + IN TPM2B_MAX_BUFFER *InData=0D + );=0D +=0D /**=0D This command is used to cause an update to the indicated PCR.=0D The digests parameter contains one or more tagged digest value identifie= d by an algorithm ID.=0D diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerDxe.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoR= outerDxe.c index ee8fe6e06e..2169c5e185 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDx= e.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDx= e.c @@ -3,7 +3,7 @@ hash handler registered, such as SHA1, SHA256.=0D Platform can use PcdTpm2HashMask to mask some hash engines.=0D =0D -Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -16,6 +16,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =0D #include =0D #include =0D +#include =0D =0D #include "HashLibBaseCryptoRouterCommon.h"=0D =0D @@ -128,6 +129,49 @@ HashUpdate ( return EFI_SUCCESS;=0D }=0D =0D +/**=0D + Extend to TPM NvIndex.=0D +=0D + @param[in] NvIndex The NV Index of the area to extend.=0D + @param[in] DataSize The data size to extend.=0D + @param[in] Data The data to extend.=0D +=0D + @retval EFI_SUCCESS Operation completed successfully.=0D + @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D + @retval EFI_NOT_FOUND The command was returned successfully, bu= t NvIndex is not found.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +Tpm2ExtendNvIndex (=0D + TPMI_RH_NV_INDEX NvIndex,=0D + UINT16 DataSize,=0D + BYTE *Data=0D + )=0D +{=0D + EFI_STATUS Status;=0D + TPMI_RH_NV_AUTH AuthHandle;=0D + TPM2B_MAX_BUFFER NvExtendData;=0D +=0D + AuthHandle =3D TPM_RH_PLATFORM;=0D + ZeroMem (&NvExtendData, sizeof (NvExtendData));=0D + CopyMem (NvExtendData.buffer, Data, DataSize);=0D + NvExtendData.size =3D DataSize;=0D + Status =3D Tpm2NvExtend (=0D + AuthHandle,=0D + NvIndex,=0D + NULL,=0D + &NvExtendData=0D + );=0D + if (EFI_ERROR (Status)) {=0D + DEBUG (=0D + (DEBUG_ERROR, "Extend TPM NV index failed, Index: 0x%x Status: %d\n"= ,=0D + NvIndex, Status)=0D + );=0D + }=0D +=0D + return Status;=0D +}=0D +=0D /**=0D Hash sequence complete and extend to PCR.=0D =0D @@ -149,11 +193,16 @@ HashCompleteAndExtend ( OUT TPML_DIGEST_VALUES *DigestList=0D )=0D {=0D - TPML_DIGEST_VALUES Digest;=0D - HASH_HANDLE *HashCtx;=0D - UINTN Index;=0D - EFI_STATUS Status;=0D - UINT32 HashMask;=0D + TPML_DIGEST_VALUES Digest;=0D + HASH_HANDLE *HashCtx;=0D + UINTN Index;=0D + EFI_STATUS Status;=0D + UINT32 HashMask;=0D + TPML_DIGEST_VALUES TcgPcrEvent2Digest;=0D + EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;=0D + UINT32 ActivePcrBanks;=0D + UINT32 *BufferPtr;=0D + UINT32 DigestListBinSize;=0D =0D if (mHashInterfaceCount =3D=3D 0) {=0D return EFI_UNSUPPORTED;=0D @@ -175,10 +224,29 @@ HashCompleteAndExtend ( =0D FreePool (HashCtx);=0D =0D - Status =3D Tpm2PcrExtend (=0D - PcrIndex,=0D - DigestList=0D - );=0D + if (PcrIndex <=3D MAX_PCR_INDEX) {=0D + Status =3D Tpm2PcrExtend (=0D + PcrIndex,=0D + DigestList=0D + );=0D + } else {=0D + Status =3D Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmB= itmap, &ActivePcrBanks);=0D + ASSERT_EFI_ERROR (Status);=0D + ActivePcrBanks =3D ActivePcrBanks & mSupportedHashMaskCurrent;=0D + ZeroMem (&TcgPcrEvent2Digest, sizeof (TcgPcrEvent2Digest));=0D + BufferPtr =3D CopyDigestListToBuffer (&TcgPcrEvent2Digest, Dig= estList, ActivePcrBanks);=0D + DigestListBinSize =3D (UINT32)((UINT8 *)BufferPtr - (UINT8 *)&TcgPcrEv= ent2Digest);=0D +=0D + //=0D + // Extend to TPM NvIndex=0D + //=0D + Status =3D Tpm2ExtendNvIndex (=0D + PcrIndex,=0D + (UINT16)DigestListBinSize,=0D + (BYTE *)&TcgPcrEvent2Digest=0D + );=0D + }=0D +=0D return Status;=0D }=0D =0D diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c b/SecurityP= kg/Library/Tpm2CommandLib/Tpm2NVStorage.c index 5077ace7c2..f11f7696b1 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c @@ -1,7 +1,7 @@ /** @file=0D Implement TPM2 NVStorage related command.=0D =0D -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D **/=0D @@ -148,6 +148,22 @@ typedef struct { TPMS_AUTH_RESPONSE AuthSession;=0D } TPM2_NV_GLOBALWRITELOCK_RESPONSE;=0D =0D +typedef struct {=0D + TPM2_COMMAND_HEADER Header;=0D + TPMI_RH_NV_AUTH AuthHandle;=0D + TPMI_RH_NV_INDEX NvIndex;=0D + UINT32 AuthSessionSize;=0D + TPMS_AUTH_COMMAND AuthSession;=0D + TPM2B_MAX_BUFFER Data;=0D + UINT16 Offset;=0D +} TPM2_NV_EXTEND_COMMAND;=0D +=0D +typedef struct {=0D + TPM2_RESPONSE_HEADER Header;=0D + UINT32 AuthSessionSize;=0D + TPMS_AUTH_RESPONSE AuthSession;=0D +} TPM2_NV_EXTEND_RESPONSE;=0D +=0D #pragma pack()=0D =0D /**=0D @@ -1052,3 +1068,107 @@ Done: ZeroMem (&RecvBuffer, sizeof (RecvBuffer));=0D return Status;=0D }=0D +=0D +/**=0D + This command extends a value to an area in NV memory that was previously= defined by TPM2_NV_DefineSpace().=0D +=0D + @param[in] AuthHandle the handle indicating the source of the a= uthorization value.=0D + @param[in] NvIndex The NV Index of the area to extend.=0D + @param[in] AuthSession Auth Session context=0D + @param[in] InData The data to extend.=0D +=0D + @retval EFI_SUCCESS Operation completed successfully.=0D + @retval EFI_DEVICE_ERROR The command was unsuccessful.=0D + @retval EFI_NOT_FOUND The command was returned successfully, bu= t NvIndex is not found.=0D +**/=0D +EFI_STATUS=0D +EFIAPI=0D +Tpm2NvExtend (=0D + IN TPMI_RH_NV_AUTH AuthHandle,=0D + IN TPMI_RH_NV_INDEX NvIndex,=0D + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,=0D + IN TPM2B_MAX_BUFFER *InData=0D + )=0D +{=0D + EFI_STATUS Status;=0D + TPM2_NV_EXTEND_COMMAND SendBuffer;=0D + TPM2_NV_EXTEND_RESPONSE RecvBuffer;=0D + UINT32 SendBufferSize;=0D + UINT32 RecvBufferSize;=0D + UINT8 *Buffer;=0D + UINT32 SessionInfoSize;=0D + TPM_RC ResponseCode;=0D +=0D + //=0D + // Construct command=0D + //=0D + SendBuffer.Header.tag =3D SwapBytes16 (TPM_ST_SESSIONS);=0D + SendBuffer.Header.commandCode =3D SwapBytes32 (TPM_CC_NV_Extend);=0D +=0D + SendBuffer.AuthHandle =3D SwapBytes32 (AuthHandle);=0D + SendBuffer.NvIndex =3D SwapBytes32 (NvIndex);=0D +=0D + //=0D + // Add in Auth session=0D + //=0D + Buffer =3D (UINT8 *)&SendBuffer.AuthSession;=0D +=0D + // sessionInfoSize=0D + SessionInfoSize =3D CopyAuthSessionCommand (AuthSession, Buff= er);=0D + Buffer +=3D SessionInfoSize;=0D + SendBuffer.AuthSessionSize =3D SwapBytes32 (SessionInfoSize);=0D +=0D + WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (InData->size));=0D + Buffer +=3D sizeof (UINT16);=0D + CopyMem (Buffer, InData->buffer, InData->size);=0D + Buffer +=3D InData->size;=0D +=0D + SendBufferSize =3D (UINT32)(Buffer - (UINT8 *)&SendBuffer);= =0D + SendBuffer.Header.paramSize =3D SwapBytes32 (SendBufferSize);=0D +=0D + //=0D + // send Tpm command=0D + //=0D + RecvBufferSize =3D sizeof (RecvBuffer);=0D + Status =3D Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuff= er, &RecvBufferSize, (UINT8 *)&RecvBuffer);=0D + if (EFI_ERROR (Status)) {=0D + goto Done;=0D + }=0D +=0D + if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {=0D + DEBUG ((DEBUG_ERROR, "Tpm2NvExtend - RecvBufferSize Error - %x\n", Rec= vBufferSize));=0D + Status =3D EFI_DEVICE_ERROR;=0D + goto Done;=0D + }=0D +=0D + ResponseCode =3D SwapBytes32 (RecvBuffer.Header.responseCode);=0D + if (ResponseCode !=3D TPM_RC_SUCCESS) {=0D + DEBUG ((DEBUG_ERROR, "Tpm2NvExtend - responseCode - %x\n", ResponseCod= e));=0D + }=0D +=0D + switch (ResponseCode) {=0D + case TPM_RC_SUCCESS:=0D + // return data=0D + break;=0D + case TPM_RC_ATTRIBUTES:=0D + Status =3D EFI_UNSUPPORTED;=0D + break;=0D + case TPM_RC_NV_AUTHORIZATION:=0D + Status =3D EFI_SECURITY_VIOLATION;=0D + break;=0D + case TPM_RC_NV_LOCKED:=0D + Status =3D EFI_ACCESS_DENIED;=0D + break;=0D + default:=0D + Status =3D EFI_DEVICE_ERROR;=0D + break;=0D + }=0D +=0D +Done:=0D + //=0D + // Clear AuthSession Content=0D + //=0D + ZeroMem (&SendBuffer, sizeof (SendBuffer));=0D + ZeroMem (&RecvBuffer, sizeof (RecvBuffer));=0D + return Status;=0D +}=0D diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tc= g2Dxe.c index f6ea8b2bbf..b8f50e25df 100644 --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c @@ -1,7 +1,7 @@ /** @file=0D This module implements Tcg2 Protocol.=0D =0D -Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
=0D +Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.
=0D (C) Copyright 2016 Hewlett Packard Enterprise Development LP
=0D SPDX-License-Identifier: BSD-2-Clause-Patent=0D =0D @@ -19,6 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include =0D #include =0D #include =0D +#include =0D =0D #include =0D #include =0D @@ -1230,10 +1231,25 @@ TcgDxeHashLogExtendEvent ( //=0D // Do not do TPM extend for EV_NO_ACTION=0D //=0D - Status =3D EFI_SUCCESS;=0D - InitNoActionEvent (&NoActionEvent, NewEventHdr->EventSize);=0D - if ((Flags & EFI_TCG2_EXTEND_ONLY) =3D=3D 0) {=0D - Status =3D TcgDxeLogHashEvent (&(NoActionEvent.Digests), NewEventHdr= , NewEventData);=0D + if (NewEventHdr->PCRIndex <=3D MAX_PCR_INDEX) {=0D + Status =3D EFI_SUCCESS;=0D + InitNoActionEvent (&NoActionEvent, NewEventHdr->EventSize);=0D + if ((Flags & EFI_TCG2_EXTEND_ONLY) =3D=3D 0) {=0D + Status =3D TcgDxeLogHashEvent (&(NoActionEvent.Digests), NewEventH= dr, NewEventData);=0D + }=0D + } else {=0D + //=0D + // Extend to NvIndex=0D + //=0D + Status =3D HashAndExtend (=0D + NewEventHdr->PCRIndex,=0D + HashData,=0D + (UINTN)HashDataLen,=0D + &DigestList=0D + );=0D + if (!EFI_ERROR (Status)) {=0D + Status =3D TcgDxeLogHashEvent (&DigestList, NewEventHdr, NewEventD= ata);=0D + }=0D }=0D =0D return Status;=0D @@ -1317,7 +1333,7 @@ Tcg2HashLogExtendEvent ( return EFI_INVALID_PARAMETER;=0D }=0D =0D - if (Event->Header.PCRIndex > MAX_PCR_INDEX) {=0D + if ((Event->Header.EventType !=3D EV_NO_ACTION) && (Event->Header.PCRInd= ex > MAX_PCR_INDEX)) {=0D return EFI_INVALID_PARAMETER;=0D }=0D =0D @@ -2063,7 +2079,7 @@ MeasureVariable ( );=0D }=0D =0D - if (EventType =3D=3D EV_EFI_VARIABLE_DRIVER_CONFIG) {=0D + if ((EventType =3D=3D EV_EFI_VARIABLE_DRIVER_CONFIG) || (EventType =3D= =3D EV_EFI_SPDM_DEVICE_POLICY)) {=0D //=0D // Digest is the event data (UEFI_VARIABLE_DATA)=0D //=0D @@ -2319,6 +2335,37 @@ MeasureAllSecureVariables ( DEBUG ((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n",= EFI_IMAGE_SECURITY_DATABASE2));=0D }=0D =0D + //=0D + // Meaurement UEFI device signature database=0D + //=0D + if ((PcdGet32 (PcdTcgPfpMeasurementRevision) >=3D TCG_EfiSpecIDEventStru= ct_SPEC_ERRATA_TPM2_REV_106) &&=0D + (PcdGet8 (PcdEnableSpdmDeviceAuthentication) !=3D 0))=0D + {=0D + Status =3D GetVariable2 (EFI_DEVICE_SECURITY_DATABASE, &gEfiDeviceSign= atureDatabaseGuid, &Data, &DataSize);=0D + if (Status =3D=3D EFI_SUCCESS) {=0D + Status =3D MeasureVariable (=0D + PCR_INDEX_FOR_SIGNATURE_DB,=0D + EV_EFI_SPDM_DEVICE_POLICY,=0D + EFI_DEVICE_SECURITY_DATABASE,=0D + &gEfiDeviceSignatureDatabaseGuid,=0D + Data,=0D + DataSize=0D + );=0D + FreePool (Data);=0D + } else if (Status =3D=3D EFI_NOT_FOUND) {=0D + Data =3D NULL;=0D + DataSize =3D 0;=0D + Status =3D MeasureVariable (=0D + PCR_INDEX_FOR_SIGNATURE_DB,=0D + EV_EFI_SPDM_DEVICE_POLICY,=0D + EFI_DEVICE_SECURITY_DATABASE,=0D + &gEfiDeviceSignatureDatabaseGuid,=0D + Data,=0D + DataSize=0D + );=0D + }=0D + }=0D +=0D return EFI_SUCCESS;=0D }=0D =0D diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/= Tcg2Dxe.inf index 7dc7a2683d..a645474bf3 100644 --- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf +++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf @@ -16,7 +16,7 @@ # This external input must be validated carefully to avoid security issue= like=0D # buffer overflow, integer overflow.=0D #=0D -# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
=0D +# Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.
=0D # SPDX-License-Identifier: BSD-2-Clause-Patent=0D #=0D ##=0D @@ -86,6 +86,7 @@ gTcgEvent2EntryHobGuid ## SOMETIMES_CONSUMES= ## HOB=0D gTpm2StartupLocalityHobGuid ## SOMETIMES_CONSUMES= ## HOB=0D gTcg800155PlatformIdEventHobGuid ## SOMETIMES_CONSUMES= ## HOB=0D + gEfiDeviceSignatureDatabaseGuid=0D =0D [Protocols]=0D gEfiTcg2ProtocolGuid ## PRODUCES=0D @@ -107,6 +108,7 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLaml = ## PRODUCES=0D gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLasa = ## PRODUCES=0D gEfiMdeModulePkgTokenSpaceGuid.PcdTcgPfpMeasurementRevision = ## CONSUMES=0D + gEfiMdeModulePkgTokenSpaceGuid.PcdEnableSpdmDeviceAuthentication = ## CONSUMES=0D =0D [Depex]=0D # According to PcdTpm2AcpiTableRev definition in SecurityPkg.dec=0D --=20 2.26.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117482): https://edk2.groups.io/g/devel/message/117482 Mute This Topic: https://groups.io/mt/105394118/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-