From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) by mx.groups.io with SMTP id smtpd.web09.13770.1635553586348926424 for ; Fri, 29 Oct 2021 17:26:27 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=fjJES0pp; spf=pass (domain: intel.com, ip: 192.55.52.115, mailfrom: rodrigo.gonzalez.del.cueto@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10152"; a="231042532" X-IronPort-AV: E=Sophos;i="5.87,194,1631602800"; d="scan'208,217";a="231042532" Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga103.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 29 Oct 2021 17:26:25 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.87,194,1631602800"; d="scan'208,217";a="499124552" Received: from fmsmsx604.amr.corp.intel.com ([10.18.126.84]) by orsmga008.jf.intel.com with ESMTP; 29 Oct 2021 17:26:24 -0700 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx604.amr.corp.intel.com (10.18.126.84) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Fri, 29 Oct 2021 17:26:24 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12; Fri, 29 Oct 2021 17:26:23 -0700 Received: from FMSEDG603.ED.cps.intel.com (10.1.192.133) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.12 via Frontend Transport; Fri, 29 Oct 2021 17:26:23 -0700 Received: from NAM04-MW2-obe.outbound.protection.outlook.com (104.47.73.177) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.12; Fri, 29 Oct 2021 17:26:23 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MkTV2pvxnAbhhj4Qd/nQto3wDPBIvlvbDc1hi3AmxcwssOSli2ZenHew8aiHro6dJ6thKEkYRdGe5waoo1w7bGZNO/FPZdTqn7n0eaSwsck5TsKcX5LcshLF03iHwEJ+23N7MgB66flPOVVwq6cgsb+ag8EO9MeRmzaLxJlVDp1HqZHiR4hnv2wEZAZKbxdyrRRfIoeZJiYhanMTkwOBL4PuDAi7sa8h71USIUy1i0x3RmDxFOChvPFd+cAOSXvNxu4DFUejW1DQz2wzZeiZ4m8zAnCwflgUJOaEYd8DATz4cCIk68AEa3aNub49GPPR8462LIlwgdO5TDRIT2t2kA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=4TarzEVQIHNJdeZ7fEWG+G2RHLgDM52qtJYnNRnJbFU=; b=hwKH9+s8WEOeUKV1pP1N2TF+rSJwgdrl21SJmW3ILZENKz3QSzHPmFWfvMrB7rysBPS62WYrFxXdnTR8cBk3K5IVMv4Mhjkl1TJmJb74e1lVA40wYYatDlm4bIaDmECjlOuHDLr19XMbUiX6lV3h/UqJW42Djhb6I6QsehPduMHunZ1CtErLBSYZBDtx7APUqJuY7gohVBTTapNQH/Bng/XZeauiKTJ2ua+pBjS6NaQEZLs3sENhCYShcv1cZWj7Id8wP6qmmU/r68WOXqCQhBYdPauUaNkf/f0hvLU+m5DqnkzQns2qDELR8dtl1aZu6c8RwfNhkA77n0dVtPN1KA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=4TarzEVQIHNJdeZ7fEWG+G2RHLgDM52qtJYnNRnJbFU=; b=fjJES0ppkMQ+vp5F3df9o8ZRRMZsmy5imEhxeqn8pxAdYL95IVRLkmKsMvVFsXKVaqiftd0nZ+HhQxhTmjKCSKl8w0OXv/RHYGu9vsCaPcQ5uy1F5gLwUcJ5eAkYNr6kTYPe0FvyS2OZvNN4DPhTwqc8AD1uBCmmdilsR54aaqY= Received: from BY5PR11MB4184.namprd11.prod.outlook.com (2603:10b6:a03:192::33) by BYAPR11MB3814.namprd11.prod.outlook.com (2603:10b6:a03:fb::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4649.13; Sat, 30 Oct 2021 00:26:21 +0000 Received: from BY5PR11MB4184.namprd11.prod.outlook.com ([fe80::ccc3:a341:6fcd:d484]) by BY5PR11MB4184.namprd11.prod.outlook.com ([fe80::ccc3:a341:6fcd:d484%5]) with mapi id 15.20.4649.015; Sat, 30 Oct 2021 00:26:21 +0000 From: "Rodrigo Gonzalez del Cueto" To: "Yao, Jiewen" , "devel@edk2.groups.io" CC: "Wang, Jian J" Subject: Re: [PATCH] Reallocate TPM Active PCRs based on platform support. Thread-Topic: [PATCH] Reallocate TPM Active PCRs based on platform support. Thread-Index: AQHXiYhsCIWUIQy+Skm2hrkUQNoVaqtqZH8AgAFIHi+AAiYNgIB9M7KU Date: Sat, 30 Oct 2021 00:26:21 +0000 Message-ID: References: <20210804232813.818-1-rodrigo.gonzalez.del.cueto@intel.com>, In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: suggested_attachment_session_id: daa318a9-8caa-399e-c911-25a88013a897 authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: b8da97cc-5546-4bb3-7d36-08d99b3be642 x-ms-traffictypediagnostic: BYAPR11MB3814: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 3etmhULGBQf5VY+Ln84bGr1+sGQxc/Ph1S2qjQrhkOLuwf6FKEe6TfC1vwWH9AQ3Jw9Ts+uqLy+i68KtnchL35G0WEfwAbqeVdYUi0fXdZe9MCkjoIdsDlSgwsKtP2O8K2pwAWSARWO5VAsTxkiJtWD0t68wOa/n75cFJuTGKU4zVhtaAYX8DSJdZ5JJjQpsVLftbcH2tc1H22U/GadkjSPgXlOwTrNvbac6ai/gvHNit9XzcMboCwcMliOzM68gqM0JTV9hUSedngBHEAd6fcUILDjHj0gTSQLDGhKY+wqjLT7LywP2BHD5Gz90HOyC9AYVhci9CQ870cim7sK46dltJvR5JabqHTg5eBHkxCX9VbuKeNdmFb6Ow0B+dAzn/Gnxd/Vf9NUffw28jP+2H/6IkvIO78B0cqp6ouxUbQsxwUuLBcFWgtxd0MPpS3dh07CV6h9EyTD6F/dK2q8NLLvr6YuOVh6lcYZ6dbJ09GnnznnUvVzkrh6xI8L/BpChkKF+aBGIvvwdTbXdkuN/tPLM2aawNtmjDY6MT+RhRXdXVe/jaco0mp0qRhHRxEjSJqcqNo2l0DDjg3Vcrn0oAJAEukcPQudIg0mvL4YZ7jp9na6VLBJrHfm9mEQ8fTpU2/mxuh3tp4WBuYirvMJjln14EpFex8McIFU5HkJg7E75TtMhj7c+xt2owaT/kyIRiobVZOvFYEy1V9SB92vvAPt5Oq1HCFGmQrIhzklbHOREil6qxodTgvHL2qqA39s0JzH7WuM8AgFF2xhRRNminwHj46ngSe6ebwf3NkbwCw0= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BY5PR11MB4184.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(366004)(4326008)(316002)(5660300002)(966005)(107886003)(86362001)(6506007)(38100700002)(71200400001)(66556008)(7696005)(66446008)(64756008)(53546011)(55016002)(19627405001)(30864003)(66476007)(8676002)(38070700005)(66946007)(76116006)(122000001)(166002)(110136005)(2906002)(33656002)(186003)(508600001)(52536014)(26005)(19627235002)(8936002)(83380400001)(9686003)(82960400001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?Windows-1252?Q?tVZHR8BJ9NMn20z6ZHG+LuoXHeCA5gnCkEuCDSFs5lX9SgRT2zGghRRV?= =?Windows-1252?Q?FIbzYIYZrXi05ldhTppjpnN3cNXTN44Ew+P4/+k/Mvxp1/ivdWj28EzS?= =?Windows-1252?Q?3Sdvg6esoloXD+k87d8Z8kJ9KOV5aLaIdj1pHaJFnXjLz5pqkpItLaY9?= =?Windows-1252?Q?SDD8N/UUyxxaC3A6oiPDaNYXnNMs55L8/m4W0rpXOtVZ0n1ecglaOSIn?= =?Windows-1252?Q?YrztFtdCr2piSDE1GqkIWOv85cJlNtHg3ke4zm6lOSywSOcHBYsP7oYb?= =?Windows-1252?Q?WC6r6Tha+wn43eH+771M+XOR3lnUbFvbMy0ITi1uBdOoNiVCHTF/hME4?= =?Windows-1252?Q?AbPlY9NzPGQuZBHZ0Hbcgoq9OXDmjDN/ymmCfgY6FlGKQfYF0MlWonUY?= =?Windows-1252?Q?YTLdJi4F+LIW8xCckA3OHizftsKnebJenA4z8o9Z2MHSI7mVB8Yp1zFZ?= =?Windows-1252?Q?6T51gxCx7hGg5aqtiN89oqo0MZ8kGJeB6i8dbPmU+EBWnOLCVcYJ57VH?= =?Windows-1252?Q?9OED6PNoULdP6Z2g8JLc2cH9Sf3nTagkgaGeCwjzP59oykBAHV/FYDXd?= =?Windows-1252?Q?QfP2La4Q+dV6mLOR4Nszsp2sK+BoKlMCcO45Uz8QPWKHgp8ZJ18dupE9?= =?Windows-1252?Q?z4bYRu6dSgrHxVH31R3pZJLNh27hHEPJ5PTKM7YUC0jZ+Vp48/55HA1Y?= =?Windows-1252?Q?LFs6CYjr28ozk0eSWa9HFRhNBd3gV5qPgs1uZhcWzNiCTrZtRh52JNPf?= =?Windows-1252?Q?2l1amOX9dV8GuH54ncXP28L1Juu8fzkrTODqe+CR4EsWYZS2XyPOTtWg?= =?Windows-1252?Q?hVwkfF/VhK1nTpqVwVuJuUrZ0j2STTlBQoxxZ+8jJPyZv3PC0j7TXEjB?= =?Windows-1252?Q?Qr5nixes43iP2ks7oHaXQErwIHGwPXdV5pg6DbwjabvW9uoSnUU/CCZ8?= =?Windows-1252?Q?G5rWxzafzf1Geq/IJFbzZKlxTO7YVfybBwthytmRWx15qiiM5PpnH0M9?= =?Windows-1252?Q?saUmakQNVyILSkq+2vM2091hQuWvMZ8t8q6ztBMManOBUvcqvC3iRqn7?= =?Windows-1252?Q?15AOgste4AEcF6va3tjoHagEaqwqmZ6/kxlBsu+IPInVsICnGG3VjW19?= =?Windows-1252?Q?gf1uHp96LMchsFmH8QWpFqmxjYlWcnLUArVILi4Ofu+JpXPyVPp16yoe?= =?Windows-1252?Q?JK1gUmo4uGtI1WW5+IMYdjWfz8Tca3sQnSuFvcjtBStFGsR80EXkldqL?= =?Windows-1252?Q?klFsEsZtJjHBBhVAoKkmwmIeavMUrGl9ayWRXmiS7JSP0UNzcMaEayyK?= =?Windows-1252?Q?/IKvumSwatJFoZvx/L7254k+5DiPNZl14QYWFGdSou1Bn2mCjobX4NNM?= =?Windows-1252?Q?2NJpN7Fk8O7S9zS5iBl3nw8K0aexMBaey1ajRGVEB61JxeIb0RmUs561?= =?Windows-1252?Q?cnueB8QM6+hcNihYXinqsO61VUwa0mxsaWW0Mc4afSC0DWHwdWn6TSaF?= =?Windows-1252?Q?xrNk6Pvta8ALZS7sw8sf6tuJMEn2Kmn2k4XrKy9pTH1a19WtUhDMg72c?= =?Windows-1252?Q?H1c6FT4+AjiWdS12JWZq8rOuc27gDsJfbIWTyOXkEESynPjF3dV9xnO/?= =?Windows-1252?Q?ysoQo82pO2Jxn6K7lOTYQbejrIx78OprUZ+44eyfTjfr0c5jtcV0CpOn?= =?Windows-1252?Q?L8m5dGpWRfoZiN3+Q9niziYKeCYTIeyzaQQ9YLuW2nGIkohRawYwEVRd?= =?Windows-1252?Q?kPhTPOXjavFKYMXUfdZJ9A4CGlGx5izpKTN8q7EDv6rYhHzxg1jgXgDl?= =?Windows-1252?Q?9rOiUtZAAywzsKizZgAG+KzGVYmteIFJ8uyE2nOBGxSC4y8VWy0tlXXD?= =?Windows-1252?Q?val06pBVGdotaw=3D=3D?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BY5PR11MB4184.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: b8da97cc-5546-4bb3-7d36-08d99b3be642 X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Oct 2021 00:26:21.6889 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: DHIQCeBLsl23rGM19QPIetspFqCqZD2sN1p+9gCHDXmnoXtnQj0C9q8PIlpwjlVJN5Hl58ZRz2CAHsStRocsLL6J9FfzbB6piMfglBsZslwxN6ejeF/W1GIlfCMOjavf X-MS-Exchange-Transport-CrossTenantHeadersStamped: BYAPR11MB3814 Return-Path: rodrigo.gonzalez.del.cueto@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_BY5PR11MB4184FEC6CEC1738A972F067180879BY5PR11MB4184namp_" --_000_BY5PR11MB4184FEC6CEC1738A972F067180879BY5PR11MB4184namp_ Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable Hi Jiewen, In the past most of the TPM devices supported SHA1 and SHA256 hashing algor= ithms, which we have also supported in BIOS for many years. What recently changed is the exposure to new TPM devices which support addi= tional hashing algorithms (SHA384 and SM3) and will have such PCR banks act= ive by default, but which are not supported by some BIOS implementations. With the following example configuration, I will illustrate how we would hi= t the problematic condition I just described: * Using a TPM device supporting SM3 hashing algorithm and with the c= orresponding PCR bank active by default. HashLib library classes instances registered for Tcg2Config, Tcg2Pei and Tc= g2Dxe modules: * SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf * SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.in= f * SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha384.in= f PCD Configuration: * gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFF= F * gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000001F The current implementation of SyncPcrAllocationsAndPcrMask() triggers PCR b= ank reallocation only based on the intersection between TpmActivePcrBanks a= nd PcdTpm2HashMask. When the software HashLibBaseCryptoRouter solution is used, no PCR bank rea= llocation is occurring based on the supported hashing algorithms registered= by the present HashLib instances: SyncPcrAllocationsAndPcrMask! Supported PCRs - Count =3D 00000003 GetSupportedAndActivePcrs - Count =3D 00000002 SyncPcrAllocationsAndPcrMask - Updating PcdTpm2HashMask from 0x1F to 0x13. You can see no reallocation is triggered; the unsupported PCR banks are lef= t active and no extend operations occur on them, thus leaving them uncapped= . With the proposed patch set we are fixing two issues: a) An additional check for the intersection between the TpmActivePcrBanks a= nd the PcdTcg2HashAlgorithmBitmap populated by the BIOS' HashLib instances = at runtime. b) RegisterHashInterfaceLib correctly handles registering the HashLib insta= nce supported algorithm bitmap when PcdTpm2HashMask is set to zero. This is the BIOS behavior with the proposed patch: SyncPcrAllocationsAndPcrMask! Supported PCRs - Count =3D 00000003 GetSupportedAndActivePcrs - Count =3D 00000003 Tpm2GetCapabilitySupportedAndActivePcrs - TpmHashAlgorithmBitmap: 0x0000001= 3 Tpm2GetCapabilitySupportedAndActivePcrs - TpmActivePcrBanks 0x00000013 TpmHashAlgorithmBitmap: 0x00000013 Tpm2PcrMask 0x0000001F TpmActivePcrBanks & Tpm2PcrMask =3D 0x00000013 TpmActivePcrBanks & BiosHashAlgorithmBitmap =3D 0x00000003 NewTpmActivePcrBanks 0x00000003 SyncPcrAllocationsAndPcrMask - Reallocating PCR banks from 0x13 to 0x3. Tpm2PcrAllocateBanks (TpmHashAlgorithmBitmap: 0x00000013, NewTpmActivePcrBa= nks: 0x00000003) Tpm2PcrAllocateBanks call Tpm2PcrAllocate - Success AllocationSuccess - 01 MaxPCR - 00000018 SizeNeeded - 000004E0 SizeAvailable - 00000C60 After the PCR reallocation is triggered, the TPM active PCRs are a strict s= ubset of the hashing algorithms supported by BIOS. Please let me know if you need any questions regarding the solution or need= any further clarification on the problem statement. Regards, -Rodrigo ________________________________ From: Yao, Jiewen Sent: Tuesday, August 10, 2021 10:36 PM To: Gonzalez Del Cueto, Rodrigo ; dev= el@edk2.groups.io Cc: Wang, Jian J Subject: RE: [PATCH] Reallocate TPM Active PCRs based on platform support. OK, Would you please to share the PCD configuration works before and PCD co= nfiguration fails now? As well as your DSC file on how to configure the lib= rary. I would like to understand the problem statement from real use case, becaus= e the issue description cannot provide useful information to me. From: Gonzalez Del Cueto, Rodrigo Sent: Tuesday, August 10, 2021 2:27 PM To: Yao, Jiewen ; devel@edk2.groups.io Cc: Wang, Jian J Subject: Re: [PATCH] Reallocate TPM Active PCRs based on platform support. Hi Jiewen, Indeed, this bug has existed for a long time in this code. What recently ch= anged are the TPM configurations we are testing and exposed the issue; this= can be reproduced when the BIOS supported algorithms are a strict subset o= f the PCRs currently active in the TPM. Now that we are using TPM configurations with support for additional PCR ba= nks (ex. SHA384 and SM3) the bug has been exposed when compiling a BIOS wit= hout support for these PCR banks which are active by default in the some of= the TPMs. Regards, -Rodrigo ________________________________ From: Yao, Jiewen > Sent: Sunday, August 8, 2021 6:13 PM To: Gonzalez Del Cueto, Rodrigo >; devel@edk2.groups.io > Cc: Wang, Jian J > Subject: RE: [PATCH] Reallocate TPM Active PCRs based on platform support. Hi Rodrigo I don=92t understand the problem statement. This code has been there for long time. What is changed recently ? Thank you Yao Jiewen > -----Original Message----- > From: Gonzalez Del Cueto, Rodrigo > > Sent: Thursday, August 5, 2021 7:28 AM > To: devel@edk2.groups.io > Cc: Gonzalez Del Cueto, Rodrigo >; > Wang, Jian J >; Yao, = Jiewen > > Subject: [PATCH] Reallocate TPM Active PCRs based on platform support. > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3515 > > In V2: Add case to RegisterHashInterfaceLib logic > > RegisterHashInterfaceLib needs to correctly handle registering the HashLi= b > instance supported algorithm bitmap when PcdTpm2HashMask is set to zero. > > The current implementation of SyncPcrAllocationsAndPcrMask() triggers > PCR bank reallocation only based on the intersection between > TpmActivePcrBanks and PcdTpm2HashMask. > > When the software HashLibBaseCryptoRouter solution is used, no PCR bank > reallocation is occurring based on the supported hashing algorithms > registered by the HashLib instances. > > Need to have an additional check for the intersection between the > TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the > HashLib instances present on the platform's BIOS. > > Signed-off-by: Rodrigo Gonzalez del Cueto > > > > Cc: Jian J Wang > > Cc: Jiewen Yao > > --- > SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c > | 6 +++++- > SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c= | > 6 +++++- > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c = | 18 > +++++++++++++++++- > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf = | 1 + > 4 files changed, 28 insertions(+), 3 deletions(-) > > diff --git > a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe. > c > b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe. > c > index 7a0f61efbb..0821159120 100644 > --- > a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe. > c > +++ > b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe. > c > @@ -230,13 +230,17 @@ RegisterHashInterfaceLib ( > { > UINTN Index; > UINT32 HashMask; > + UINT32 Tpm2HashMask; > EFI_STATUS Status; > > // > // Check allow > // > HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid); > - if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { > + Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask); > + > + if ((Tpm2HashMask !=3D 0) && > + ((HashMask & Tpm2HashMask) =3D=3D 0)) { > return EFI_UNSUPPORTED; > } > > diff --git > a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.= c > b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.= c > index 42cb562f67..6ae51dbce4 100644 > --- > a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.= c > +++ > b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.= c > @@ -327,13 +327,17 @@ RegisterHashInterfaceLib ( > UINTN Index; > HASH_INTERFACE_HOB *HashInterfaceHob; > UINT32 HashMask; > + UINT32 Tpm2HashMask; > EFI_STATUS Status; > > // > // Check allow > // > HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInterface->HashGuid); > - if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { > + Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask); > + > + if ((Tpm2HashMask !=3D 0) && > + ((HashMask & Tpm2HashMask) =3D=3D 0)) { > return EFI_UNSUPPORTED; > } > > diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > index 93a8803ff6..5ad6a45cf3 100644 > --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > @@ -262,6 +262,7 @@ SyncPcrAllocationsAndPcrMask ( > { > EFI_STATUS Status; > EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap; > + EFI_TCG2_EVENT_ALGORITHM_BITMAP BiosHashAlgorithmBitmap; > UINT32 TpmActivePcrBanks; > UINT32 NewTpmActivePcrBanks; > UINT32 Tpm2PcrMask; > @@ -273,16 +274,27 @@ SyncPcrAllocationsAndPcrMask ( > // Determine the current TPM support and the Platform PCR mask. > // > Status =3D Tpm2GetCapabilitySupportedAndActivePcrs > (&TpmHashAlgorithmBitmap, &TpmActivePcrBanks); > + > ASSERT_EFI_ERROR (Status); > + > + DEBUG ((EFI_D_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs - > TpmHashAlgorithmBitmap: 0x%08x\n", TpmHashAlgorithmBitmap)); > + DEBUG ((EFI_D_INFO, "Tpm2GetCapabilitySupportedAndActivePcrs - > TpmActivePcrBanks 0x%08x\n", TpmActivePcrBanks)); > > Tpm2PcrMask =3D PcdGet32 (PcdTpm2HashMask); > if (Tpm2PcrMask =3D=3D 0) { > // > // if PcdTPm2HashMask is zero, use ActivePcr setting > // > + DEBUG ((EFI_D_VERBOSE, "Initializing PcdTpm2HashMask to > TpmActivePcrBanks 0x%08x\n", TpmActivePcrBanks)); > PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); > + DEBUG ((EFI_D_VERBOSE, "Initializing Tpm2PcrMask to TpmActivePcrBank= s > 0x%08x\n", Tpm2PcrMask)); > Tpm2PcrMask =3D TpmActivePcrBanks; > } > + > + BiosHashAlgorithmBitmap =3D PcdGet32 (PcdTcg2HashAlgorithmBitmap); > + DEBUG ((EFI_D_INFO, "PcdTcg2HashAlgorithmBitmap 0x%08x\n", > BiosHashAlgorithmBitmap)); > + DEBUG ((EFI_D_INFO, "Tpm2PcrMask 0x%08x\n", Tpm2PcrMask)); // Active > PCR banks from TPM input > + DEBUG ((EFI_D_INFO, "TpmActivePcrBanks & BiosHashAlgorithmBitmap =3D > 0x%08x\n", NewTpmActivePcrBanks)); > > // > // Find the intersection of Pcd support and TPM support. > @@ -294,9 +306,12 @@ SyncPcrAllocationsAndPcrMask ( > // If there are active PCR banks that are not supported by the Platfor= m mask, > // update the TPM allocations and reboot the machine. > // > - if ((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBanks) { > + if (((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBanks) || > + ((TpmActivePcrBanks & BiosHashAlgorithmBitmap) !=3D TpmActivePcrBa= nks)) { > NewTpmActivePcrBanks =3D TpmActivePcrBanks & Tpm2PcrMask; > + NewTpmActivePcrBanks &=3D BiosHashAlgorithmBitmap; > > + DEBUG ((EFI_D_INFO, "NewTpmActivePcrBanks 0x%08x\n", > NewTpmActivePcrBanks)); > DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\= n", > __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); > if (NewTpmActivePcrBanks =3D=3D 0) { > DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a les= s > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > @@ -331,6 +346,7 @@ SyncPcrAllocationsAndPcrMask ( > } > > Status =3D PcdSet32S (PcdTpm2HashMask, NewTpm2PcrMask); > + DEBUG ((EFI_D_INFO, "Setting PcdTpm2Hash Mask to 0x%08x\n", > NewTpm2PcrMask)); > ASSERT_EFI_ERROR (Status); > } > } > diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf > b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf > index 06c26a2904..17ad116126 100644 > --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf > +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf > @@ -86,6 +86,7 @@ > ## SOMETIMES_CONSUMES > ## SOMETIMES_PRODUCES > gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask > + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap = ## > CONSUMES > > [Depex] > gEfiPeiMasterBootModePpiGuid AND > -- > 2.31.1.windows.1 --_000_BY5PR11MB4184FEC6CEC1738A972F067180879BY5PR11MB4184namp_ Content-Type: text/html; charset="Windows-1252" Content-Transfer-Encoding: quoted-printable
Hi Jiewen,

In the past most of the TPM devices supported S= HA1 and SHA256 hashing algorithms, which we have also supported in BIOS for= many years.
What recently changed is the exposure to new TPM devices which support addi= tional hashing algorithms (SHA384 and SM3) and will have such PCR banks act= ive by default, but which are not supported by some BIOS implementations.

With the following example configuration, I wil= l illustrate how we would hit the problematic condition I just described:
    • Using a TPM device support= ing SM3 hashing algorithm and with the corresponding PCR bank active by def= ault.
HashLib library classes instances registered for&= nbsp;Tcg2ConfigTcg2Pei and Tcg2Dxe modules:
    • SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf<= br>
    • SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256= .inf
    • SecurityPkg/Library/HashInstance= LibSha256/HashInstanceLibSha384.inf
PCD Configuration:
    • gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFFF
    • gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0x0000001F
The current implementation of SyncPcrAllocationsAndPcrMask() tr= iggers PCR bank reallocation only based on the TpmAct= ivePcrBanks and <= /b>PcdTpm2= HashMask.
When the software HashLibBaseCryptoRouter solution is used, no = PCR bank reallocation is occurring based on the supported hashing algorithm= s registered by the present HashLib instances:
SyncPcrAllocationsAndPcrMask!
Supported PCRs - Count =3D 00000003
GetSupportedAndActivePcrs - Count =3D 00000002
SyncPcrAllocationsAndPcrMask - Updating PcdTpm2HashMask from 0x1F to 0x13.=
You can see no reallocation is triggered; the u= nsupported PCR banks are left active and no extend operations occur on them= , thus leaving them uncapped.

With the proposed patch set we are fixing two issues:
a) An additional check for the intersection between the TpmActivePcrBanks and t= he Pcd= Tcg2HashAlgorithmBitmap populated by the BIOS' HashLib instances at runt= ime.
b) RegisterHashInterfaceLib correctly handles registering the HashLib = instance supported algorithm bitmap when PcdTpm2HashMask is set to zero.
This is the BIOS behavior with the proposed patch:
SyncPcrAllocationsAndPcrMask!
Supported PCRs - Count =3D 00000003
GetSupportedAndActivePcrs - Count =3D 00000003
Tpm2GetCapabilitySupportedAndActivePcrs - TpmHashAlgorithmBitmap: 0x0= 0000013
Tpm2GetCapabilitySupportedAndActivePcrs - TpmActivePcrBanks 0x0000001= 3
TpmHashAlgorithmBitmap: 0x00000013
Tpm2PcrMask 0x0000001F
TpmActivePcrBanks & Tpm2PcrMa= sk =3D 0x00000013
TpmActivePcrBanks & BiosHa= shAlgorithmBitmap =3D 0x00000003
NewTpmActivePcrBanks 0x00000003<= /b>
SyncPcrAllocationsAndPcrMask - Reallocating PCR banks from 0x13 to 0x= 3.
Tpm2PcrAllocateBanks (TpmHashAlgorithmBitmap: 0x00000013, NewTpmActiv= ePcrBanks: 0x00000003)
Tpm2PcrAllocateBanks call Tpm2PcrAllocate - Success
AllocationSuccess - 01
MaxPCR            - 00000018
SizeNeeded        - 000004E0
SizeAvailable     - 00000C60
After the PCR reallocation is triggered, the TPM active PCRs are a strict s= ubset of the hashing algorithms supported by BIOS.

Please let me know if you need any questions regarding the solution or need= any further clarification on the problem statement.

Regards,
-Rodrigo
From: Yao, Jiewen <jiewe= n.yao@intel.com>
Sent: Tuesday, August 10, 2021 10:36 PM
To: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel= .com>; devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Wang, Jian J <jian.j.wang@intel.com>
Subject: RE: [PATCH] Reallocate TPM Active PCRs based on platform su= pport.
 

OK, Would you please to share the PCD configuratio= n works before and PCD configuration fails now? As well as your DSC file on= how to configure the library.

 

I would like to understand the problem statement f= rom real use case, because the issue description cannot provide useful info= rmation to me.

 

From: Gonzalez Del Cueto, Rodrigo <rodri= go.gonzalez.del.cueto@intel.com>
Sent: Tuesday, August 10, 2021 2:27 PM
To: Yao, Jiewen <jiewen.yao@intel.com>; devel@edk2.groups.io Cc: Wang, Jian J <jian.j.wang@intel.com>
Subject: Re: [PATCH] Reallocate TPM Active PCRs based on platform su= pport.

 

Hi Jiewen,

 

Indeed, this bug has existed for a long time in this= code. What recently changed are the TPM configurations we are testing and = exposed the issue; this can be reproduced when the BIOS supported algorithms are a strict subset of the PCRs= currently active in the TPM.

 

Now that we are using TPM configurations with suppor= t for additional PCR banks (ex. SHA384 and SM3) the bug has been exposed wh= en compiling a BIOS without support for these PCR banks which are active by default in the some of the TPMs.

 

Regards,

-Rodrigo

 

From: Yao, Jiewen <jiewen.yao@intel.com>
Sent: Sunday, August 8, 2021 6:13 PM
To: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>; devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Wang, Jian J <jian.j.wang@intel.com>
Subject: RE: [PATCH] Reallocate TPM Active PCRs based on platform su= pport.

 

Hi Rodrigo
I don=92t understand the problem statement.

This code has been there for long time. What is changed recently ?

Thank you
Yao Jiewen


> -----Original Message-----
> From: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>
> Sent: Thursday, August 5, 2021 7:28 AM
> To: devel@edk2.groups.io > Cc: Gonzalez Del Cueto, Rodrigo <rodrigo.gonzalez.del.cueto@intel.com>;
> Wang, Jian J <jian.j.wang@= intel.com>; Yao, Jiewen <= jiewen.yao@intel.com>
> Subject: [PATCH] Reallocate TPM Active PCRs based on platform support.=
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3515
>
> In V2: Add case to RegisterHashInterfaceLib logic
>
> RegisterHashInterfaceLib needs to correctly handle registering the Has= hLib
> instance supported algorithm bitmap when PcdTpm2HashMask is set to zer= o.
>
> The current implementation of SyncPcrAllocationsAndPcrMask() triggers<= br> > PCR bank reallocation only based on the intersection between
> TpmActivePcrBanks and PcdTpm2HashMask.
>
> When the software HashLibBaseCryptoRouter solution is used, no PCR ban= k
> reallocation is occurring based on the supported hashing algorithms > registered by the HashLib instances.
>
> Need to have an additional check for the intersection between the
> TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the<= br> > HashLib instances present on the platform's BIOS.
>
> Signed-off-by: Rodrigo Gonzalez del Cueto
> <rodrigo.go= nzalez.del.cueto@intel.com>
>
> Cc: Jian J Wang <jian.j.wa= ng@intel.com>
> Cc: Jiewen Yao <jiewen.yao@= intel.com>
> ---
>  SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRou= terDxe.c
> |  6 +++++-
>  SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRou= terPei.c |
> 6 +++++-
>  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c     &= nbsp;           &nbs= p;            &= nbsp;         | 18
> +++++++++++++++++-
>  SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf     = ;            &n= bsp;            = ;        |  1 +
>  4 files changed, 28 insertions(+), 3 deletions(-)
>
> diff --git
> a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterD= xe.
> c
> b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterD= xe.
> c
> index 7a0f61efbb..0821159120 100644
> ---
> a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterD= xe.
> c
> +++
> b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterD= xe.
> c
> @@ -230,13 +230,17 @@ RegisterHashInterfaceLib (
>  {
>    UINTN        = ;      Index;
>    UINT32       &nbs= p;     HashMask;
> +  UINT32         &n= bsp;   Tpm2HashMask;
>    EFI_STATUS       =   Status;
>
>    //
>    // Check allow
>    //
>    HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInter= face->HashGuid);
> -  if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { > +  Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask);
> +
> +  if ((Tpm2HashMask !=3D 0) &&
> +      ((HashMask & Tpm2HashMask) =3D=3D = 0)) {
>      return EFI_UNSUPPORTED;
>    }
>
> diff --git
> a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterP= ei.c
> b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterP= ei.c
> index 42cb562f67..6ae51dbce4 100644
> ---
> a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterP= ei.c
> +++
> b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterP= ei.c
> @@ -327,13 +327,17 @@ RegisterHashInterfaceLib (
>    UINTN        = ;      Index;
>    HASH_INTERFACE_HOB *HashInterfaceHob;
>    UINT32       &nbs= p;     HashMask;
> +  UINT32         &n= bsp;   Tpm2HashMask;
>    EFI_STATUS       =   Status;
>
>    //
>    // Check allow
>    //
>    HashMask =3D Tpm2GetHashMaskFromAlgo (&HashInter= face->HashGuid);
> -  if ((HashMask & PcdGet32 (PcdTpm2HashMask)) =3D=3D 0) { > +  Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask);
> +
> +  if ((Tpm2HashMask !=3D 0) &&
> +      ((HashMask & Tpm2HashMask) =3D=3D = 0)) {
>      return EFI_UNSUPPORTED;
>    }
>
> diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> index 93a8803ff6..5ad6a45cf3 100644
> --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
> @@ -262,6 +262,7 @@ SyncPcrAllocationsAndPcrMask (
>  {
>    EFI_STATUS       =             &nb= sp;    Status;
>    EFI_TCG2_EVENT_ALGORITHM_BITMAP   TpmHashA= lgorithmBitmap;
> +  EFI_TCG2_EVENT_ALGORITHM_BITMAP   BiosHashAlgorithmB= itmap;
>    UINT32       &nbs= p;            &= nbsp;       TpmActivePcrBanks;
>    UINT32       &nbs= p;            &= nbsp;       NewTpmActivePcrBanks;
>    UINT32       &nbs= p;            &= nbsp;       Tpm2PcrMask;
> @@ -273,16 +274,27 @@ SyncPcrAllocationsAndPcrMask (
>    // Determine the current TPM support and the Platfor= m PCR mask.
>    //
>    Status =3D Tpm2GetCapabilitySupportedAndActivePcrs > (&TpmHashAlgorithmBitmap, &TpmActivePcrBanks);
> +
>    ASSERT_EFI_ERROR (Status);
> +
> +  DEBUG ((EFI_D_INFO, "Tpm2GetCapabilitySupportedAndActiveP= crs -
> TpmHashAlgorithmBitmap: 0x%08x\n", TpmHashAlgorithmBitmap));
> +  DEBUG ((EFI_D_INFO, "Tpm2GetCapabilitySupportedAndActiveP= crs -
> TpmActivePcrBanks 0x%08x\n", TpmActivePcrBanks));
>
>    Tpm2PcrMask =3D PcdGet32 (PcdTpm2HashMask);
>    if (Tpm2PcrMask =3D=3D 0) {
>      //
>      // if PcdTPm2HashMask is zero, use Activ= ePcr setting
>      //
> +    DEBUG ((EFI_D_VERBOSE, "Initializing PcdTpm2H= ashMask to
> TpmActivePcrBanks 0x%08x\n", TpmActivePcrBanks));
>      PcdSet32S (PcdTpm2HashMask, TpmActivePcr= Banks);
> +    DEBUG ((EFI_D_VERBOSE, "Initializing Tpm2PcrM= ask to TpmActivePcrBanks
> 0x%08x\n", Tpm2PcrMask));
>      Tpm2PcrMask =3D TpmActivePcrBanks;
>    }
> +
> +  BiosHashAlgorithmBitmap =3D PcdGet32 (PcdTcg2HashAlgorithmBitm= ap);
> +  DEBUG ((EFI_D_INFO, "PcdTcg2HashAlgorithmBitmap 0x%08x\n&= quot;,
> BiosHashAlgorithmBitmap));
> +  DEBUG ((EFI_D_INFO, "Tpm2PcrMask 0x%08x\n", Tpm2PcrM= ask)); // Active
> PCR banks from TPM input
> +  DEBUG ((EFI_D_INFO, "TpmActivePcrBanks & BiosHashAlgo= rithmBitmap =3D
> 0x%08x\n", NewTpmActivePcrBanks));
>
>    //
>    // Find the intersection of Pcd support and TPM supp= ort.
> @@ -294,9 +306,12 @@ SyncPcrAllocationsAndPcrMask (
>    // If there are active PCR banks that are not suppor= ted by the Platform mask,
>    // update the TPM allocations and reboot the machine= .
>    //
> -  if ((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBan= ks) {
> +  if (((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBa= nks) ||
> +      ((TpmActivePcrBanks & BiosHashAlgo= rithmBitmap) !=3D TpmActivePcrBanks)) {
>      NewTpmActivePcrBanks =3D TpmActivePcrBan= ks & Tpm2PcrMask;
> +    NewTpmActivePcrBanks &=3D BiosHashAlgorithmBit= map;
>
> +    DEBUG ((EFI_D_INFO, "NewTpmActivePcrBanks 0x%= 08x\n",
> NewTpmActivePcrBanks));
>      DEBUG ((EFI_D_INFO, "%a - Reallocat= ing PCR banks from 0x%X to 0x%X.\n",
> __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks));
>      if (NewTpmActivePcrBanks =3D=3D 0) {
>        DEBUG ((EFI_D_ERROR, "%= a - No viable PCRs active! Please set a less
> restrictive value for PcdTpm2HashMask!\n", __FUNCTION__));
> @@ -331,6 +346,7 @@ SyncPcrAllocationsAndPcrMask (
>      }
>
>      Status =3D PcdSet32S (PcdTpm2HashMask, N= ewTpm2PcrMask);
> +    DEBUG ((EFI_D_INFO, "Setting PcdTpm2Hash Mask= to 0x%08x\n",
> NewTpm2PcrMask));
>      ASSERT_EFI_ERROR (Status);
>    }
>  }
> diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> index 06c26a2904..17ad116126 100644
> --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
> @@ -86,6 +86,7 @@
>    ## SOMETIMES_CONSUMES
>    ## SOMETIMES_PRODUCES
>    gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
> +  gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap =             &nb= sp;    ##
> CONSUMES
>
>  [Depex]
>    gEfiPeiMasterBootModePpiGuid AND
> --
> 2.31.1.windows.1

--_000_BY5PR11MB4184FEC6CEC1738A972F067180879BY5PR11MB4184namp_--