From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.groups.io with SMTP id smtpd.web11.15714.1598457716977931310 for ; Wed, 26 Aug 2020 09:01:57 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@redhat.com header.s=mimecast20190719 header.b=AANNrPxD; spf=pass (domain: redhat.com, ip: 63.128.21.124, mailfrom: lersek@redhat.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1598457716; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=K6pfL2MPE8t3j7V9GF/e+QH2hcekNoviyGso1vnkDn8=; b=AANNrPxDukUFBET1Q6euRueWixVRuI1ETaXlsqi92sQ8+jO+2vd+af5eNhLm4i4274jcRR q2vvsSY7QOEWfQifUEqxruNS+3ZLZ5TfLO3jO3QxXqI0qNHTyUKSTthfJPGaN/sm4haNOU W/E0z61PhrkYz5iZ+VxCf4rVwM+qMzM= Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-492-Kribun3JMgCeYvhlYID9-w-1; Wed, 26 Aug 2020 12:01:38 -0400 X-MC-Unique: Kribun3JMgCeYvhlYID9-w-1 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 3F60B84635B; Wed, 26 Aug 2020 16:01:36 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-114-182.ams2.redhat.com [10.36.114.182]) by smtp.corp.redhat.com (Postfix) with ESMTP id 7647B5D9FC; Wed, 26 Aug 2020 16:01:34 +0000 (UTC) Subject: Re: [edk2-devel] [PATCH v4 0/8] Need add a FSP binary measurement To: devel@edk2.groups.io, qi1.zhang@intel.com Cc: Jiewen Yao , Jian J Wang , Hao A Wu , Chasel Chiu , Nate DeSimone , Star Zeng References: <20200818062618.3698-1-qi1.zhang@intel.com> From: "Laszlo Ersek" Message-ID: <9a255d38-b1ee-9568-c9a0-0968b3258fc3@redhat.com> Date: Wed, 26 Aug 2020 18:01:33 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Firefox/52.0 Thunderbird/52.9.1 MIME-Version: 1.0 In-Reply-To: <20200818062618.3698-1-qi1.zhang@intel.com> X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=lersek@redhat.com X-Mimecast-Spam-Score: 0.002 X-Mimecast-Originator: redhat.com Content-Language: en-US Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit On 08/18/20 08:26, Qi Zhang wrote: > v4 change: > rename FvEventLogRecordLib to TcgEventLogRecordLib. > v3 change: > add a new lib FvEventLogRecordLib for gerneric code. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376 > > The EDKII BIOS calls FSP API in FSP Wrapper Pkg. > This FSP code need to be measured into TPM. > > We need add a generic module in FSP Wrapper Pkg code to measure: > 1) FSP-T, FSP-M, FSP-S in API mode. > 2) FSP-T in Dispatch-mode. The FSP-M and FSP-S will be reported > as standard FV and they will be measured by TCG-PEI. > > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Hao A Wu > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Star Zeng > Cc: Qi Zhang > > Jiewen Yao (4): > IntelFsp2WrapperPkg/FspMeasurementLib: Add header file. > IntelFsp2WrapperPkg/FspMeasurementLib: Add BaseFspMeasurementLib. > IntelFsp2WraperPkg/Fsp{m|s}WrapperPeim: Add FspBin measurement. > IntelFsp2Wrapper/dsc: Add FspTpmMeasurementLib and > PcdFspMeasurementConfig. > > Qi Zhang (4): > SecurityPkg/TcgEventLogRecordLib: add new lib for firmware measurement > SecurityPkg/dsc: add FvEventLogRecordLib > SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY > IntelFsp2WrapperPkg/dsc: add HashLib, Tpm2CommandLib and Tpm2DeviceLib > > .../FspmWrapperPeim/FspmWrapperPeim.c | 90 ++++++- > .../FspmWrapperPeim/FspmWrapperPeim.inf | 20 +- > .../FspsWrapperPeim/FspsWrapperPeim.c | 86 +++++- > .../FspsWrapperPeim/FspsWrapperPeim.inf | 27 +- > .../Include/Library/FspMeasurementLib.h | 39 +++ > IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec | 17 ++ > IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc | 10 +- > .../BaseFspMeasurementLib.inf | 54 ++++ > .../BaseFspMeasurementLib/FspMeasurementLib.c | 248 ++++++++++++++++++ > .../Include/Library/TcgEventLogRecordLib.h | 97 +++++++ > SecurityPkg/Include/Ppi/Tcg.h | 5 + > .../TcgEventLogRecordLib.c | 197 ++++++++++++++ > .../TcgEventLogRecordLib.inf | 40 +++ > .../TcgEventLogRecordLib.uni | 17 ++ > SecurityPkg/SecurityPkg.dec | 3 + > SecurityPkg/SecurityPkg.dsc | 2 + > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 +- > 17 files changed, 939 insertions(+), 25 deletions(-) > create mode 100644 IntelFsp2WrapperPkg/Include/Library/FspMeasurementLib.h > create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurementLib.inf > create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspMeasurementLib.c > create mode 100644 SecurityPkg/Include/Library/TcgEventLogRecordLib.h > create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c > create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf > create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.uni > Merged as commit range 78ab44cb9680..63d92674d240, via , with the v3 feedback tags brought forward, as explained here: . Thanks Laszlo