From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail04.groups.io (mail04.groups.io [45.79.224.9]) by spool.mail.gandi.net (Postfix) with ESMTPS id A31DC740034 for ; Mon, 15 Apr 2024 07:56:23 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=RZP7g0Q+DB4UXIV1Zm4YUmghzKUCuUNS9WS9/PrYSKE=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20240206; t=1713167782; v=1; b=Bd3VV4JpKh3pDCb19gHoIsqu9+7vXqpyY1H9+k5I6qN6M4J+aa8vpUeDeViQfW2p1gRi7P84 rvt4U8BjqLsWEMg31hGeEBaVsQVk+4lFEkPb4QdTxt6dUWwJ89K2yCPPKZrtZFPME1X1igxwGs3 ub3Zx1xO87Jg4Ko+SqL+ofOm/ppOs/zwdBEgfYPpBHw/1Fi178g8drnZ5laXJedYBsp2syL7eh5 7Gble+Pr1oA+Y810XK2H9Gk/vDq5bGuSH68NBpQ88lfdLJFwpG37SCzdp1Vydk5EdD8zryLooIb NVtDdpRYfkN5/ObMTYQ38LR52nCobggcC5pLzCTBTedzw== X-Received: by 127.0.0.2 with SMTP id 42AlYY7687511xCIyaWAGsh5; Mon, 15 Apr 2024 00:56:22 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.19]) by mx.groups.io with SMTP id smtpd.web11.15913.1713167777586436313 for ; Mon, 15 Apr 2024 00:56:21 -0700 X-CSE-ConnectionGUID: isX5KTRJS7uQTIB/gWSgIg== X-CSE-MsgGUID: 8jgzRWq4SrGuzjkRlgCsUg== X-IronPort-AV: E=McAfee;i="6600,9927,11044"; a="8410889" X-IronPort-AV: E=Sophos;i="6.07,202,1708416000"; d="scan'208";a="8410889" X-Received: from fmviesa005.fm.intel.com ([10.60.135.145]) by orvoesa111.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Apr 2024 00:56:21 -0700 X-CSE-ConnectionGUID: iQjpDsAORSaGdIApTkvMnw== X-CSE-MsgGUID: NhTD9LuxSbWS0P8fkGBoJw== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,202,1708416000"; d="scan'208";a="26258238" X-Received: from mxu9-mobl1.ccr.corp.intel.com ([10.124.224.178]) by fmviesa005-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 15 Apr 2024 00:56:20 -0700 From: "Min Xu" To: devel@edk2.groups.io Cc: Min M Xu , Jiewen Yao , Gerd Hoffmann Subject: [edk2-devel] [PATCH V1 1/5] Security/SecTpmMeasurementLibTdx: Delete unused SecTpmMeasurementLibTdx Date: Mon, 15 Apr 2024 15:55:50 +0800 Message-ID: <20240415075555.499-2-min.m.xu@intel.com> In-Reply-To: <20240415075555.499-1-min.m.xu@intel.com> References: <20240415075555.499-1-min.m.xu@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Mon, 15 Apr 2024 00:56:21 -0700 Resent-From: min.m.xu@intel.com Reply-To: devel@edk2.groups.io,min.m.xu@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: tavEJygD495A3njqzlUCFjgVx7686176AA= Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=Bd3VV4Jp; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.9 as permitted sender) smtp.mailfrom=bounce@groups.io From: Min M Xu BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4752 Cc: Jiewen Yao Cc: Gerd Hoffmann Signed-off-by: Min Xu --- .../SecTpmMeasurementLibTdx.c | 175 ------------------ .../SecTpmMeasurementLibTdx.inf | 34 ---- SecurityPkg/SecurityPkg.dsc | 2 - 3 files changed, 211 deletions(-) delete mode 100644 SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c delete mode 100644 SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf diff --git a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c b/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c deleted file mode 100644 index 36bfa373fe0f..000000000000 --- a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c +++ /dev/null @@ -1,175 +0,0 @@ -/** @file - This library is used by other modules to measure data to TPM. - -Copyright (c) 2020, Intel Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clause-Patent - -**/ - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - -#pragma pack(1) - -typedef struct { - UINT32 Count; - TPMI_ALG_HASH HashAlg; - BYTE Sha384[SHA384_DIGEST_SIZE]; -} TDX_DIGEST_VALUE; - -#pragma pack() - -#define INVALID_PCR2MR_INDEX 0xFF - -/** - Get the mapped RTMR index based on the input PCRIndex. - RTMR[0] => PCR[1,7] - RTMR[1] => PCR[2,3,4,5,6] - RTMR[2] => PCR[8~15] - RTMR[3] => NA - Note: - PCR[0] is mapped to MRTD and should not appear here. - - @param[in] PCRIndex The input PCR index - - @retval UINT8 The mapped RTMR index. -**/ -UINT8 -GetMappedRtmrIndex ( - IN UINT32 PCRIndex - ) -{ - UINT8 RtmrIndex; - - if ((PCRIndex == 0) || (PCRIndex > 15)) { - DEBUG ((DEBUG_ERROR, "Invalid PCRIndex(%d) map to MR Index.\n", PCRIndex)); - ASSERT (FALSE); - return INVALID_PCR2MR_INDEX; - } - - RtmrIndex = 0; - if ((PCRIndex == 1) || (PCRIndex == 7)) { - RtmrIndex = 0; - } else if ((PCRIndex >= 2) && (PCRIndex <= 6)) { - RtmrIndex = 1; - } else if ((PCRIndex >= 8) && (PCRIndex <= 15)) { - RtmrIndex = 2; - } - - return RtmrIndex; -} - -/** - Tpm measure and log data, and extend the measurement result into a specific PCR. - - @param[in] PcrIndex PCR Index. - @param[in] EventType Event type. - @param[in] EventLog Measurement event log. - @param[in] LogLen Event log length in bytes. - @param[in] HashData The start of the data buffer to be hashed, extended. - @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_UNSUPPORTED TPM device not available. - @retval EFI_OUT_OF_RESOURCES Out of memory. - @retval EFI_DEVICE_ERROR The operation was unsuccessful. -**/ -EFI_STATUS -EFIAPI -TpmMeasureAndLogData ( - IN UINT32 PcrIndex, - IN UINT32 EventType, - IN VOID *EventLog, - IN UINT32 LogLen, - IN VOID *HashData, - IN UINT64 HashDataLen - ) -{ - EFI_STATUS Status; - UINT32 RtmrIndex; - VOID *EventHobData; - TCG_PCR_EVENT2 *TcgPcrEvent2; - UINT8 *DigestBuffer; - TDX_DIGEST_VALUE *TdxDigest; - TPML_DIGEST_VALUES DigestList; - UINT8 *Ptr; - - if (!TdIsEnabled ()) { - return EFI_UNSUPPORTED; - } - - RtmrIndex = GetMappedRtmrIndex (PcrIndex); - if (RtmrIndex == INVALID_PCR2MR_INDEX) { - return EFI_INVALID_PARAMETER; - } - - DEBUG ((DEBUG_INFO, "Creating TdTcg2PcrEvent PCR[%d]/RTMR[%d] EventType 0x%x\n", PcrIndex, RtmrIndex, EventType)); - - Status = HashAndExtend ( - RtmrIndex, - (VOID *)HashData, - HashDataLen, - &DigestList - ); - - if (EFI_ERROR (Status)) { - DEBUG ((DEBUG_INFO, "Failed to HashAndExtend. %r\n", Status)); - return Status; - } - - // - // Use TDX_DIGEST_VALUE in the GUID HOB DataLength calculation - // to reserve enough buffer to hold TPML_DIGEST_VALUES compact binary - // which is limited to a SHA384 digest list - // - EventHobData = BuildGuidHob ( - &gCcEventEntryHobGuid, - sizeof (TcgPcrEvent2->PCRIndex) + sizeof (TcgPcrEvent2->EventType) + - sizeof (TDX_DIGEST_VALUE) + - sizeof (TcgPcrEvent2->EventSize) + LogLen - ); - - if (EventHobData == NULL) { - return EFI_OUT_OF_RESOURCES; - } - - Ptr = (UINT8 *)EventHobData; - // - // Initialize PcrEvent data now - // - RtmrIndex++; - CopyMem (Ptr, &RtmrIndex, sizeof (UINT32)); - Ptr += sizeof (UINT32); - CopyMem (Ptr, &EventType, sizeof (TCG_EVENTTYPE)); - Ptr += sizeof (TCG_EVENTTYPE); - - DigestBuffer = Ptr; - - TdxDigest = (TDX_DIGEST_VALUE *)DigestBuffer; - TdxDigest->Count = 1; - TdxDigest->HashAlg = TPM_ALG_SHA384; - CopyMem ( - TdxDigest->Sha384, - DigestList.digests[0].digest.sha384, - SHA384_DIGEST_SIZE - ); - - Ptr += sizeof (TDX_DIGEST_VALUE); - - CopyMem (Ptr, &LogLen, sizeof (UINT32)); - Ptr += sizeof (UINT32); - CopyMem (Ptr, EventLog, LogLen); - Ptr += LogLen; - - Status = EFI_SUCCESS; - return Status; -} diff --git a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf b/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf deleted file mode 100644 index 047d3aa80da6..000000000000 --- a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf +++ /dev/null @@ -1,34 +0,0 @@ -## @file -# Provides RTMR based measurement functions for Intel Tdx guest. -# -# This library provides TpmMeasureAndLogData() in a TDX guest to measure and log data, and -# extend the measurement result into a specific RTMR. -# -# Copyright (c) 2022, Intel Corporation. All rights reserved.
-# SPDX-License-Identifier: BSD-2-Clause-Patent -# -## - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = SecTpmMeasurementLibTdx - FILE_GUID = 1aeb641c-0324-47bd-b29d-e59671fc4106 - MODULE_TYPE = BASE - VERSION_STRING = 1.0 - LIBRARY_CLASS = TpmMeasurementLib|SEC - -[Sources] - SecTpmMeasurementLibTdx.c - -[Packages] - CryptoPkg/CryptoPkg.dec - MdeModulePkg/MdeModulePkg.dec - MdePkg/MdePkg.dec - SecurityPkg/SecurityPkg.dec - -[Guids] - gCcEventEntryHobGuid - -[LibraryClasses] - BaseLib - HashLib diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 7682066cd9fe..e3e43a246bbe 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -99,7 +99,6 @@ [LibraryClasses.X64.SEC] HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf - TpmMeasurementLib|SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf [LibraryClasses.X64.DXE_DRIVER] HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf @@ -296,7 +295,6 @@ [Components.X64] SecurityPkg/Library/HashLibTdx/HashLibTdx.inf - SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.inf SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf { HashLib|SecurityPkg/Library/HashLibTdx/HashLibTdx.inf -- 2.44.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117763): https://edk2.groups.io/g/devel/message/117763 Mute This Topic: https://groups.io/mt/105531958/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-