From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 6166281ECE for ; Sat, 21 Jan 2017 20:57:10 -0800 (PST) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga105.jf.intel.com with ESMTP; 21 Jan 2017 20:57:10 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,267,1477983600"; d="scan'208";a="216169203" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by fmsmga004.fm.intel.com with ESMTP; 21 Jan 2017 20:57:09 -0800 Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.248.2; Sat, 21 Jan 2017 20:57:09 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0248.002; Sun, 22 Jan 2017 12:57:07 +0800 From: "Yao, Jiewen" To: "Zhang, Chao B" , "edk2-devel@lists.01.org" CC: "Zeng, Star" Thread-Topic: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new TCG spec Thread-Index: AQHSdGugmMgZX+dI0UW1NQBb9/7cEKFD7p6g Date: Sun, 22 Jan 2017 04:57:07 +0000 Message-ID: <74D8A39837DF1E4DA445A8C0B3885C503A8E4067@shsmsx102.ccr.corp.intel.com> References: <20170122045428.12992-1-chao.b.zhang@intel.com> In-Reply-To: <20170122045428.12992-1-chao.b.zhang@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new TCG spec X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 22 Jan 2017 04:57:10 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jiewen.yao@intel.com > -----Original Message----- > From: Zhang, Chao B > Sent: Sunday, January 22, 2017 12:54 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen ; Zeng, Star ; > Zhang, Chao B > Subject: [PATCH V3] MdeModulePkg: Variable: Update PCR[7] measure for new > TCG spec >=20 > Measure DBT into PCR[7] when it is updated between initial measure and > ExitBootService. Measure "SecureBoot" change after PK update. > Spec version : TCG PC Client PFP 00.37. > http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific > _Platform_Profile_for_TPM_2p0_Systems_v21.pdf >=20 > Cc: Star Zeng > Cc: Yao Jiewen > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Chao Zhang > --- > .../Universal/Variable/RuntimeDxe/Measurement.c | 82 > +++++++++++++++++++++- > .../Universal/Variable/RuntimeDxe/VariableDxe.c | 19 ++++- > .../Variable/RuntimeDxe/VariableRuntimeDxe.inf | 10 ++- > .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.c | 19 ++++- > .../Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf | 7 +- > 5 files changed, 128 insertions(+), 9 deletions(-) >=20 > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c > b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c > index 2f92fae..309521f 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c > @@ -1,7 +1,7 @@ > /** @file > Measure TrEE required variable. >=20 > -Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
> +Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D > License > which accompanies this distribution. The full text of the license may b= e found > at > @@ -36,8 +36,16 @@ VARIABLE_TYPE mVariableType[] =3D { > {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid}, > {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid}, > {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid}, > + {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid}, > }; >=20 > +// > +// "SecureBoot" may update following PK Del/Add > +// Cache its value to detect value update > +// > +UINT8 *mSecureBootVarData =3D NULL; > +UINTN mSecureBootVarDataSize =3D 0; > + > /** > This function will return if this variable is SecureBootPolicy Variabl= e. >=20 > @@ -251,5 +259,77 @@ SecureBootHook ( > FreePool (VariableData); > } >=20 > + // > + // "SecureBoot" is 8bit & read-only. It can only be changed according = to PK > update > + // > + if ((StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) =3D=3D 0) && > + CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)) { > + Status =3D InternalGetVariable ( > + EFI_SECURE_BOOT_MODE_NAME, > + &gEfiGlobalVariableGuid, > + &VariableData, > + &VariableDataSize > + ); > + if (EFI_ERROR (Status)) { > + return; > + } > + > + // > + // If PK update is successful. "SecureBoot" shall always exist ever= since > variable write service is ready > + // > + ASSERT(mSecureBootVarData !=3D NULL); > + > + if (CompareMem(mSecureBootVarData, VariableData, > VariableDataSize) !=3D 0) { > + FreePool(mSecureBootVarData); > + mSecureBootVarData =3D VariableData; > + mSecureBootVarDataSize =3D VariableDataSize; > + > + DEBUG((DEBUG_INFO, "%s variable updated according to PK change. > Remeasure the value!\n", EFI_SECURE_BOOT_MODE_NAME)); > + Status =3D MeasureVariable ( > + EFI_SECURE_BOOT_MODE_NAME, > + &gEfiGlobalVariableGuid, > + mSecureBootVarData, > + mSecureBootVarDataSize > + ); > + DEBUG ((DEBUG_INFO, "MeasureBootPolicyVariable - %r\n", Status)); > + } else { > + // > + // "SecureBoot" variable is not changed > + // > + FreePool(VariableData); > + } > + } > + > return ; > } > + > +/** > + Some Secure Boot Policy Variable may update following other variable > changes(SecureBoot follows PK change, etc). > + Record their initial State when variable write service is ready. > + > +**/ > +VOID > +EFIAPI > +RecordSecureBootPolicyVarData( > + VOID > + ) > +{ > + EFI_STATUS Status; > + > + // > + // Record initial "SecureBoot" variable value. > + // It is used to detect SecureBoot variable change in SecureBootHook. > + // > + Status =3D InternalGetVariable ( > + EFI_SECURE_BOOT_MODE_NAME, > + &gEfiGlobalVariableGuid, > + (VOID **)&mSecureBootVarData, > + &mSecureBootVarDataSize > + ); > + if (EFI_ERROR(Status)) { > + // > + // Read could fail when Auth Variable solution is not supported > + // > + DEBUG((DEBUG_INFO, "RecordSecureBootPolicyVarData GetVariable %s > Status %x\n", EFI_SECURE_BOOT_MODE_NAME, Status)); > + } > +} > diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c > index 3d3cd24..fe1b2b5 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c > @@ -3,7 +3,7 @@ > and volatile storage space and install variable architecture protocol. >=20 > Copyright (C) 2013, Red Hat, Inc. > -Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
> (C) Copyright 2015 Hewlett Packard Enterprise Development LP
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D > License > @@ -32,6 +32,17 @@ EDKII_VAR_CHECK_PROTOCOL mVarCheck > =3D { VarCheckRegis >=20 > VarCheckVariablePropertyGet }; >=20 > /** > + Some Secure Boot Policy Variable may update following other variable > changes(SecureBoot follows PK change, etc). > + Record their initial State when variable write service is ready. > + > +**/ > +VOID > +EFIAPI > +RecordSecureBootPolicyVarData( > + VOID > + ); > + > +/** > Return TRUE if ExitBootServices () has been called. >=20 > @retval TRUE If ExitBootServices () has been called. > @@ -415,6 +426,12 @@ FtwNotificationEvent ( > } >=20 > // > + // Some Secure Boot Policy Var (SecureBoot, etc) updates following oth= er > + // Secure Boot Policy Variable change. Record their initial value. > + // > + RecordSecureBootPolicyVarData(); > + > + // > // Install the Variable Write Architectural protocol. > // > Status =3D gBS->InstallProtocolInterface ( > diff --git > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > index 6214966..bc24a25 100644 > --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf > @@ -9,7 +9,7 @@ > # This external input must be validated carefully to avoid security iss= ues such > as > # buffer overflow or integer overflow. > # > -# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
> +# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
> # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the = BSD > License > # which accompanies this distribution. The full text of the license may = be found > at > @@ -94,6 +94,9 @@ > ## SOMETIMES_PRODUCES ## Variable:L"PlatformLang" > ## SOMETIMES_CONSUMES ## Variable:L"Lang" > ## SOMETIMES_PRODUCES ## Variable:L"Lang" > + ## SOMETIMES_CONSUMES ## Variable:L"PK" > + ## SOMETIMES_CONSUMES ## Variable:L"KEK" > + ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" > gEfiGlobalVariableGuid >=20 > gEfiMemoryOverwriteControlDataGuid ## > SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" > @@ -108,8 +111,9 @@ > ## SOMETIMES_PRODUCES ## Variable:L"VarErrorFlag" > gEdkiiVarErrorFlagGuid >=20 > - ## SOMETIMES_CONSUMES ## Variable:L"DB" > - ## SOMETIMES_CONSUMES ## Variable:L"DBX" > + ## SOMETIMES_CONSUMES ## Variable:L"db" > + ## SOMETIMES_CONSUMES ## Variable:L"dbx" > + ## SOMETIMES_CONSUMES ## Variable:L"dbt" > gEfiImageSecurityDatabaseGuid >=20 > [Pcd] > diff --git > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c > index 0a076ae..e209d54 100644 > --- > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c > +++ > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c > @@ -13,7 +13,7 @@ >=20 > InitCommunicateBuffer() is really function to check the variable data = size. >=20 > -Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
> +Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D > License > which accompanies this distribution. The full text of the license may b= e found > at > @@ -71,6 +71,17 @@ SecureBootHook ( > ); >=20 > /** > + Some Secure Boot Policy Variable may update following other variable > changes(SecureBoot follows PK change, etc). > + Record their initial State when variable write service is ready. > + > +**/ > +VOID > +EFIAPI > +RecordSecureBootPolicyVarData( > + VOID > + ); > + > +/** > Acquires lock only at boot time. Simply returns at runtime. >=20 > This is a temperary function that will be removed when > @@ -1079,6 +1090,12 @@ SmmVariableWriteReady ( > return; > } >=20 > + // > + // Some Secure Boot Policy Var (SecureBoot, etc) updates following oth= er > + // Secure Boot Policy Variable change. Record their initial value. > + // > + RecordSecureBootPolicyVarData(); > + > Status =3D gBS->InstallProtocolInterface ( > &mHandle, > &gEfiVariableWriteArchProtocolGuid, > diff --git > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.in > f > index 82ddb00..9975f5a 100644 > --- > a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf > +++ > b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.in > f > @@ -13,7 +13,7 @@ > # may not be modified without authorization. If platform fails to prote= ct these > resources, > # the authentication service provided in this driver will be broken, an= d the > behavior is undefined. > # > -# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
> +# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.
> # This program and the accompanying materials > # are licensed and made available under the terms and conditions of the = BSD > License > # which accompanies this distribution. The full text of the license may = be found > at > @@ -81,8 +81,9 @@ > ## SOMETIMES_CONSUMES ## Variable:L"SecureBoot" > gEfiGlobalVariableGuid >=20 > - ## SOMETIMES_CONSUMES ## Variable:L"DB" > - ## SOMETIMES_CONSUMES ## Variable:L"DBX" > + ## SOMETIMES_CONSUMES ## Variable:L"db" > + ## SOMETIMES_CONSUMES ## Variable:L"dbx" > + ## SOMETIMES_CONSUMES ## Variable:L"dbt" > gEfiImageSecurityDatabaseGuid >=20 > [Depex] > -- > 1.9.5.msysgit.1