Hi Jiewen, The intention of such API would be to ease debugging and auditing PCR attestation along the boot; it has been a common task while debugging several issues and TPM configurations. a) Configurations in which BIOS is not the S-CRTM and we need to attest what has been measured to the TPM prior to any measurements performed by BIOS. b) Verifying the values in all the active and supported PCR banks: attestation or capping of the PCRs. (See BZ: 3515) Such API together with the TCG event log print out it allows us to audit and debug the measured boot sequence. Regards, -Rodrigo ________________________________ From: Yao, Jiewen Sent: Sunday, August 8, 2021 6:24 PM To: Gonzalez Del Cueto, Rodrigo ; devel@edk2.groups.io Cc: Wang, Jian J Subject: RE: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations. Some feedback: 1) I think it is OK to add Tpm2PcrReadForActiveBank() API. But I feel we will add too many noise to dump Tpm2PcrReadForActiveBank() in the code everytime. I am not sure why it is needed. What is the problem statement? 2) Below definition does not follow EDKII coding style. Please use 2 "space" as indent. EFI_STATUS EFIAPI Tpm2PcrReadForActiveBank ( IN TPMI_DH_PCR PcrHandle, OUT TPML_DIGEST *HashList ) > -----Original Message----- > From: Gonzalez Del Cueto, Rodrigo > Sent: Friday, July 30, 2021 6:43 AM > To: devel@edk2.groups.io > Cc: Gonzalez Del Cueto, Rodrigo ; Yao, > Jiewen ; Wang, Jian J > Subject: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858 > > Add debug functionality to examine TPM extend operations > performed by BIOS and inspect the PCR 00 value prior to > any BIOS measurements. > > Replaced usage of EFI_D_* for DEBUG_* definitions in debug > messages. > > Signed-off-by: Rodrigo Gonzalez del Cueto > > Cc: Jiewen Yao > Cc: Jian J Wang > --- > SecurityPkg/Include/Library/Tpm2CommandLib.h | 28 > ++++++++++++++++++++++------ > SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c | 226 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ++++++++----------------------- > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 34 ++++++++++++++++++++------ > -------- > 3 files changed, 245 insertions(+), 43 deletions(-) > > diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h > b/SecurityPkg/Include/Library/Tpm2CommandLib.h > index ee8eb62295..5e5c340893 100644 > --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h > +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h > @@ -1,7 +1,7 @@ > /** @file > This library is used by other modules to send TPM2 command. > > -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > @@ -505,7 +505,7 @@ EFIAPI > Tpm2PcrEvent ( > IN TPMI_DH_PCR PcrHandle, > IN TPM2B_EVENT *EventData, > - OUT TPML_DIGEST_VALUES *Digests > + OUT TPML_DIGEST_VALUES *Digests > ); > > /** > @@ -522,10 +522,10 @@ Tpm2PcrEvent ( > EFI_STATUS > EFIAPI > Tpm2PcrRead ( > - IN TPML_PCR_SELECTION *PcrSelectionIn, > - OUT UINT32 *PcrUpdateCounter, > - OUT TPML_PCR_SELECTION *PcrSelectionOut, > - OUT TPML_DIGEST *PcrValues > + IN TPML_PCR_SELECTION *PcrSelectionIn, > + OUT UINT32 *PcrUpdateCounter, > + OUT TPML_PCR_SELECTION *PcrSelectionOut, > + OUT TPML_DIGEST *PcrValues > ); > > /** > @@ -1113,4 +1113,20 @@ GetDigestFromDigestList( > OUT VOID *Digest > ); > > + /** > + This function will query the TPM to determine which hashing algorithms and > + get the digests of all active and supported PCR banks of a specific PCR > register. > + > + @param[in] PcrHandle The index of the PCR register to be read. > + @param[out] HashList List of digests from PCR register being read. > + > + @retval EFI_SUCCESS The Pcr was read successfully. > + @retval EFI_DEVICE_ERROR The command was unsuccessful. > +**/ > +EFI_STATUS > +EFIAPI > +Tpm2PcrReadForActiveBank ( > + IN TPMI_DH_PCR PcrHandle, > + OUT TPML_DIGEST *HashList > + ); > #endif > diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > index ddb15178fb..3b49192b93 100644 > --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM2 Integrity related command. > > -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent > > **/ > @@ -109,7 +109,6 @@ Tpm2PcrExtend ( > Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Extend); > Cmd.PcrHandle = SwapBytes32(PcrHandle); > > - > // > // Add in Auth session > // > @@ -130,14 +129,26 @@ Tpm2PcrExtend ( > Buffer += sizeof(UINT16); > DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg); > if (DigestSize == 0) { > - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > return EFI_DEVICE_ERROR; > } > + > CopyMem( > Buffer, > &Digests->digests[Index].digest, > DigestSize > ); > + > + DEBUG_CODE_BEGIN (); > + UINTN Index2; > + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend - Hash = 0x%04x, Pcr[%02d], > digest = ", Digests->digests[Index].hashAlg, (UINT8) PcrHandle)); > + > + for (Index2 = 0; Index2 < DigestSize; Index2++) { > + DEBUG ((DEBUG_VERBOSE, "%02x ", Buffer[Index2])); > + } > + DEBUG ((DEBUG_VERBOSE, "\n")); > + DEBUG_CODE_END (); > + > Buffer += DigestSize; > } > > @@ -151,7 +162,7 @@ Tpm2PcrExtend ( > } > > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer > Too Small\r\n")); > return EFI_BUFFER_TOO_SMALL; > } > > @@ -160,7 +171,7 @@ Tpm2PcrExtend ( > // > RespSize = SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", > RespSize)); > return EFI_BUFFER_TOO_SMALL; > } > > @@ -168,10 +179,15 @@ Tpm2PcrExtend ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", > SwapBytes32(Res.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > return EFI_DEVICE_ERROR; > } > > + DEBUG_CODE_BEGIN (); > + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend: PCR read after extend...\n")); > + Tpm2PcrReadForActiveBank (PcrHandle, NULL); > + DEBUG_CODE_END (); > + > // > // Unmarshal the response > // > @@ -246,7 +262,7 @@ Tpm2PcrEvent ( > } > > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer > Too Small\r\n")); > return EFI_BUFFER_TOO_SMALL; > } > > @@ -255,7 +271,7 @@ Tpm2PcrEvent ( > // > RespSize = SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", > RespSize)); > return EFI_BUFFER_TOO_SMALL; > } > > @@ -263,7 +279,7 @@ Tpm2PcrEvent ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", > SwapBytes32(Res.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > return EFI_DEVICE_ERROR; > } > > @@ -284,7 +300,7 @@ Tpm2PcrEvent ( > Buffer += sizeof(UINT16); > DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg); > if (DigestSize == 0) { > - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > return EFI_DEVICE_ERROR; > } > CopyMem( > @@ -298,6 +314,7 @@ Tpm2PcrEvent ( > return EFI_SUCCESS; > } > > + > /** > This command returns the values of all PCR specified in pcrSelect. > > @@ -353,11 +370,11 @@ Tpm2PcrRead ( > } > > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - responseCode - %x\n", > SwapBytes32(RecvBuffer.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", > SwapBytes32(RecvBuffer.Header.responseCode))); > return EFI_NOT_FOUND; > } > > @@ -369,7 +386,7 @@ Tpm2PcrRead ( > // PcrUpdateCounter > // > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter); > @@ -378,7 +395,7 @@ Tpm2PcrRead ( > // PcrSelectionOut > // > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter) + > sizeof(RecvBuffer.PcrSelectionOut.count)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count); > @@ -388,7 +405,7 @@ Tpm2PcrRead ( > } > > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter) + > sizeof(RecvBuffer.PcrSelectionOut.count) + > sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > for (Index = 0; Index < PcrSelectionOut->count; Index++) { > @@ -513,7 +530,7 @@ Tpm2PcrAllocate ( > } > > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: > Buffer Too Small\r\n")); > Status = EFI_BUFFER_TOO_SMALL; > goto Done; > } > @@ -523,7 +540,7 @@ Tpm2PcrAllocate ( > // > RespSize = SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too > large! %d\r\n", RespSize)); > Status = EFI_BUFFER_TOO_SMALL; > goto Done; > } > @@ -532,7 +549,7 @@ Tpm2PcrAllocate ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) { > - DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", > SwapBytes32(Res.Header.responseCode))); > + DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > Status = EFI_DEVICE_ERROR; > goto Done; > } > @@ -673,17 +690,180 @@ Tpm2PcrAllocateBanks ( > &SizeNeeded, > &SizeAvailable > ); > - DEBUG ((EFI_D_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", > Status)); > + DEBUG ((DEBUG_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", > Status)); > if (EFI_ERROR (Status)) { > goto Done; > } > > - DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); > - DEBUG ((EFI_D_INFO, "MaxPCR - %08x\n", MaxPCR)); > - DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded)); > - DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable)); > + DEBUG ((DEBUG_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); > + DEBUG ((DEBUG_INFO, "MaxPCR - %08x\n", MaxPCR)); > + DEBUG ((DEBUG_INFO, "SizeNeeded - %08x\n", SizeNeeded)); > + DEBUG ((DEBUG_INFO, "SizeAvailable - %08x\n", SizeAvailable)); > > Done: > ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac)); > return Status; > } > + > +/** > + This function will query the TPM to determine which hashing algorithms and > + get the digests of all active and supported PCR banks of a specific PCR > register. > + > + @param[in] PcrHandle The index of the PCR register to be read. > + @param[out] HashList List of digests from PCR register being read. > + > + @retval EFI_SUCCESS The Pcr was read successfully. > + @retval EFI_DEVICE_ERROR The command was unsuccessful. > +**/ > +EFI_STATUS > +EFIAPI > +Tpm2PcrReadForActiveBank ( > + IN TPMI_DH_PCR PcrHandle, > + OUT TPML_DIGEST *HashList > +) > +{ > + EFI_STATUS Status; > + TPML_PCR_SELECTION Pcrs; > + TPML_PCR_SELECTION PcrSelectionIn; > + TPML_PCR_SELECTION PcrSelectionOut; > + TPML_DIGEST PcrValues; > + UINT32 PcrUpdateCounter; > + UINT8 PcrIndex; > + UINT32 TpmHashAlgorithmBitmap; > + TPMI_ALG_HASH CurrentPcrBankHash; > + UINT32 ActivePcrBanks; > + UINT32 TcgRegistryHashAlg; > + UINTN Index; > + UINTN Index2; > + > + PcrIndex = (UINT8) PcrHandle; > + > + if ((PcrIndex < 0) || > + (PcrIndex >= IMPLEMENTATION_PCR)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn)); > + ZeroMem (&PcrUpdateCounter, sizeof (UINT32)); > + ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut)); > + ZeroMem (&PcrValues, sizeof (PcrValues)); > + ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); > + > + DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex)); > + > + // > + // Read TPM capabilities > + // > + Status = Tpm2GetCapabilityPcrs (&Pcrs); > + > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n")); > + return EFI_DEVICE_ERROR; > + } > + > + // > + // Get Active Pcrs > + // > + Status = Tpm2GetCapabilitySupportedAndActivePcrs ( > + &TpmHashAlgorithmBitmap, > + &ActivePcrBanks > + ); > + > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and > active PCRs\n")); > + return EFI_DEVICE_ERROR; > + } > + > + // > + // Select from Active PCRs > + // > + for (Index = 0; Index < Pcrs.count; Index++) { > + CurrentPcrBankHash = Pcrs.pcrSelections[Index].hash; > + > + switch (CurrentPcrBankHash) { > + case TPM_ALG_SHA1: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n")); > + TcgRegistryHashAlg = HASH_ALG_SHA1; > + break; > + case TPM_ALG_SHA256: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n")); > + TcgRegistryHashAlg = HASH_ALG_SHA256; > + break; > + case TPM_ALG_SHA384: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n")); > + TcgRegistryHashAlg = HASH_ALG_SHA384; > + break; > + case TPM_ALG_SHA512: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n")); > + TcgRegistryHashAlg = HASH_ALG_SHA512; > + break; > + case TPM_ALG_SM3_256: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n")); > + TcgRegistryHashAlg = HASH_ALG_SM3_256; > + break; > + default: > + // > + // Unsupported algorithm > + // > + DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n")); > + TcgRegistryHashAlg = 0; > + break; > + } > + // > + // Skip unsupported and inactive PCR banks > + // > + if ((TcgRegistryHashAlg & ActivePcrBanks) == 0) { > + DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank: > 0x%04x\n", CurrentPcrBankHash)); > + continue; > + } > + > + // > + // Select PCR from current active bank > + // > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash = > Pcrs.pcrSelections[Index].hash; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect = > PCR_SELECT_MAX; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] = (PcrIndex < > 8) ? 1 << PcrIndex : 0; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] = (PcrIndex > > 7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] = (PcrIndex > > 15) ? 1 << (PcrIndex - 16) : 0; > + PcrSelectionIn.count++; > + } > + > + // > + // Read PCRs > + // > + Status = Tpm2PcrRead ( > + &PcrSelectionIn, > + &PcrUpdateCounter, > + &PcrSelectionOut, > + &PcrValues > + ); > + > + if (EFI_ERROR (Status)) { > + DEBUG((DEBUG_ERROR, "Tpm2PcrRead failed Status = %r \n", Status)); > + return EFI_DEVICE_ERROR; > + } > + > + for (Index = 0; Index < PcrValues.count; Index++) { > + DEBUG (( > + DEBUG_INFO, > + "ReadPcr - HashAlg = 0x%04x, Pcr[%02d], digest = ", > + PcrSelectionOut.pcrSelections[Index].hash, > + PcrIndex > + )); > + > + for(Index2 = 0; Index2 < PcrValues.digests[Index].size; Index2++) { > + DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index2])); > + } > + DEBUG ((DEBUG_INFO, "\n")); > + } > + > + if (HashList != NULL) { > + CopyMem ( > + HashList, > + &PcrValues, > + sizeof (TPML_DIGEST) > + ); > + } > + > + return EFI_SUCCESS; > +} > diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > index 93a8803ff6..ea79fa0af6 100644 > --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > @@ -1,7 +1,7 @@ > /** @file > Initialize TPM2 device and measure FVs before handing off control to DXE. > > -Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
> +Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
> Copyright (c) 2017, Microsoft Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent > > @@ -191,7 +191,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = { > } > }; > > - > /** > Record all measured Firmware Volume Information into a Guid Hob > Guid Hob payload layout is > @@ -267,7 +266,7 @@ SyncPcrAllocationsAndPcrMask ( > UINT32 Tpm2PcrMask; > UINT32 NewTpm2PcrMask; > > - DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); > + DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); > > // > // Determine the current TPM support and the Platform PCR mask. > @@ -278,7 +277,7 @@ SyncPcrAllocationsAndPcrMask ( > Tpm2PcrMask = PcdGet32 (PcdTpm2HashMask); > if (Tpm2PcrMask == 0) { > // > - // if PcdTPm2HashMask is zero, use ActivePcr setting > + // if PcdTpm2HashMask is zero, use ActivePcr setting > // > PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); > Tpm2PcrMask = TpmActivePcrBanks; > @@ -297,9 +296,9 @@ SyncPcrAllocationsAndPcrMask ( > if ((TpmActivePcrBanks & Tpm2PcrMask) != TpmActivePcrBanks) { > NewTpmActivePcrBanks = TpmActivePcrBanks & Tpm2PcrMask; > > - DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", > __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); > + DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\n", > __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); > if (NewTpmActivePcrBanks == 0) { > - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > ASSERT (FALSE); > } else { > Status = Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBitmap, > NewTpmActivePcrBanks); > @@ -307,7 +306,7 @@ SyncPcrAllocationsAndPcrMask ( > // > // We can't do much here, but we hope that this doesn't happen. > // > - DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n", > __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n", > __FUNCTION__)); > ASSERT_EFI_ERROR (Status); > } > // > @@ -324,9 +323,9 @@ SyncPcrAllocationsAndPcrMask ( > if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) != Tpm2PcrMask) { > NewTpm2PcrMask = Tpm2PcrMask & TpmHashAlgorithmBitmap; > > - DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to > 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); > + DEBUG ((DEBUG_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to > 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); > if (NewTpm2PcrMask == 0) { > - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > ASSERT (FALSE); > } > > @@ -365,7 +364,7 @@ LogHashEvent ( > RetStatus = EFI_SUCCESS; > for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); > Index++) { > if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) { > - DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", > mTcg2EventInfo[Index].LogFormat)); > + DEBUG ((DEBUG_INFO, " LogFormat - 0x%08x\n", > mTcg2EventInfo[Index].LogFormat)); > switch (mTcg2EventInfo[Index].LogFormat) { > case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2: > Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, > &NewEventHdr->Digest); > @@ -476,7 +475,7 @@ HashLogExtendEvent ( > } > > if (Status == EFI_DEVICE_ERROR) { > - DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status)); > + DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", > Status)); > BuildGuidHob (&gTpmErrorHobGuid,0); > REPORT_STATUS_CODE ( > EFI_ERROR_CODE | EFI_ERROR_MINOR, > @@ -1011,7 +1010,7 @@ PeimEntryMA ( > } > > if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) { > - DEBUG ((EFI_D_ERROR, "TPM2 error!\n")); > + DEBUG ((DEBUG_ERROR, "TPM2 error!\n")); > return EFI_DEVICE_ERROR; > } > > @@ -1075,7 +1074,7 @@ PeimEntryMA ( > for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) { > Status = MeasureSeparatorEventWithError (PcrIndex); > if (EFI_ERROR (Status)) { > - DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured. > Error!\n")); > + DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured. > Error!\n")); > } > } > } > @@ -1092,6 +1091,13 @@ PeimEntryMA ( > } > } > > + DEBUG_CODE_BEGIN (); > + // > + // Peek into TPM PCR 00 before any BIOS measurement. > + // > + Tpm2PcrReadForActiveBank (00, NULL); > + DEBUG_CODE_END (); > + > // > // Only install TpmInitializedPpi on success > // > @@ -1106,7 +1112,7 @@ PeimEntryMA ( > > Done: > if (EFI_ERROR (Status)) { > - DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n")); > + DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n")); > BuildGuidHob (&gTpmErrorHobGuid,0); > REPORT_STATUS_CODE ( > EFI_ERROR_CODE | EFI_ERROR_MINOR, > -- > 2.31.1.windows.1