From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga12.intel.com (mga12.intel.com [192.55.52.136]) by mx.groups.io with SMTP id smtpd.web11.4051.1573518242449315609 for ; Mon, 11 Nov 2019 16:24:02 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=Ue4Rf31Y; spf=pass (domain: intel.com, ip: 192.55.52.136, mailfrom: michael.a.kubacki@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga106.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Nov 2019 16:24:02 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.68,294,1569308400"; d="scan'208";a="404065325" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga005.fm.intel.com with ESMTP; 11 Nov 2019 16:24:02 -0800 Received: from fmsmsx119.amr.corp.intel.com (10.18.124.207) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 11 Nov 2019 16:24:01 -0800 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by FMSMSX119.amr.corp.intel.com (10.18.124.207) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 11 Nov 2019 16:24:01 -0800 Received: from NAM02-CY1-obe.outbound.protection.outlook.com (104.47.37.50) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 11 Nov 2019 16:24:01 -0800 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=e/ig92Fe5NHB66q2iNbxnC74re3oYXrcTvSCZNmP/UUbGqG2qa6e6TktboMC9oUIEmSU2OzX29jz3miCqClfCV+HtF4wxIylMF2SejpNfZAfDaLCw1//cvL3H9unqknF4Mr18LTcrw/Vg+VRomjewiJ9/km6aW2Zzv3/n+M2u5JIm5MCS7gSi9GTVT5Y0NILyrCvcV1R2UP9O1VphWirkqIL1dcXtFeGoOxqG6sG0p/nMl1WolaFYZdoNIhUbq4nBKytVh3q0CKDRhoUA3d0SBcpIRhJzfUrV4cAkgiZpRhg7GbT17kwMazCNynY1z6iQX1NVKaL3pUUnONVhd9vsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KognJvsJ7kTEWR0aeXIpO6OcLgBCeFNTmDTT9zdK4UM=; b=N4gZT2ZoXVhlzP90iPwFcYecFOLfkWJiK/D0JUrZvGD+SCfRcHq9wH4Q0/2df8G2C+3nWw1RoSyEEezx+IkKnX3fB3O1APyUJFskZDj54YrIN5PbA8ns+GwdbiGFY86naSmzgPxarmtuxxJwtsEYHBDGyxN+/5G+XQD93zG/iUxrJV5RXcc0Yf8yxYqt23j4544jjVe18BDOPQ1S4FwPmDtipt3ssI+o18nxTV7xZs7oBEPa1zHbUMBPdbOlA41wUB1FZU1W+zaquKMWhQuCHYHASIxrFJsL9CgyMc1XOGgt+frJvq6rNNNxGJWamxDQt28kYX/0sNXewhNFfofoAQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KognJvsJ7kTEWR0aeXIpO6OcLgBCeFNTmDTT9zdK4UM=; b=Ue4Rf31YyWzzq0WqHf1TpAIJKB7dpBZQISA1wnmWYuwYnpnl63qLyfR9bimmWDXnGwtMnZhtq9eovFHLs7fvuRM1umJmdsSVRBpQWUR9eFNpfdE9EX+WdhomZO2DgNk4hYCs2AIsGAim4qciN7j5rKPRmE/oxBa0QfoBor9JHqQ= Received: from BY5PR11MB4484.namprd11.prod.outlook.com (52.132.254.155) by BY5PR11MB4465.namprd11.prod.outlook.com (52.132.253.212) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2430.24; Tue, 12 Nov 2019 00:23:46 +0000 Received: from BY5PR11MB4484.namprd11.prod.outlook.com ([fe80::c1ef:6e0b:90c8:55e2]) by BY5PR11MB4484.namprd11.prod.outlook.com ([fe80::c1ef:6e0b:90c8:55e2%7]) with mapi id 15.20.2430.027; Tue, 12 Nov 2019 00:23:46 +0000 From: "Kubacki, Michael A" To: "Gonzalez Del Cueto, Rodrigo" , "devel@edk2.groups.io" CC: "Chiu, Chasel" , "Desimone, Nathaniel L" , "Gao, Liming" Subject: Re: [edk2-platforms][Patch V2] MinPlatformPkg: Library for customizing TPM platform auth Thread-Topic: [edk2-platforms][Patch V2] MinPlatformPkg: Library for customizing TPM platform auth Thread-Index: AQHVmHRxKttyy3F/0UaAhJyjDuuENaeGpp/A Date: Tue, 12 Nov 2019 00:23:45 +0000 Message-ID: References: <20191111094230.6414-1-rodrigo.gonzalez.del.cueto@intel.com> In-Reply-To: <20191111094230.6414-1-rodrigo.gonzalez.del.cueto@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows x-ctpclassification: CTP_NT x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNjdjZDU5M2EtZjk3NC00YWYxLWE3ZjYtNDljNzY4OTBiOGNlIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiSTlhcnE3ZmQ3UmlGNFwvaWxzbzhVSWtSNmpTWExhM0d5SWJCK0twaFhxNDRDSTVuc2Y3NE9hZjFJelkweUJiY3MifQ== dlp-reaction: no-action dlp-version: 11.2.0.6 authentication-results: spf=none (sender IP is ) smtp.mailfrom=michael.a.kubacki@intel.com; x-originating-ip: [134.134.136.217] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: fc4c5337-edf5-4684-65ba-08d7670694fb x-ms-traffictypediagnostic: BY5PR11MB4465: x-ms-exchange-purlcount: 2 x-ld-processed: 46c98d88-e344-4ed4-8496-4ed7712e255d,ExtAddr x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:10000; x-forefront-prvs: 021975AE46 x-forefront-antispam-report: SFV:NSPM;SFS:(10019020)(346002)(366004)(396003)(376002)(39860400002)(136003)(189003)(199004)(13464003)(8676002)(86362001)(7696005)(19627235002)(76176011)(102836004)(53546011)(229853002)(6436002)(6506007)(14444005)(478600001)(25786009)(966005)(52536014)(14454004)(33656002)(30864003)(5660300002)(99286004)(2906002)(81166006)(8936002)(81156014)(256004)(54906003)(316002)(4326008)(9686003)(186003)(7736002)(6306002)(26005)(110136005)(55016002)(486006)(6116002)(3846002)(66066001)(71190400001)(71200400001)(66556008)(66476007)(66946007)(305945005)(64756008)(66446008)(76116006)(74316002)(476003)(2501003)(6246003)(446003)(11346002)(107886003)(579004)(559001);DIR:OUT;SFP:1102;SCL:1;SRVR:BY5PR11MB4465;H:BY5PR11MB4484.namprd11.prod.outlook.com;FPR:;SPF:None;LANG:en;PTR:InfoNoRecords;MX:1;A:1; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: 7pbtkqtQQA3iBpaWyzkLtzWprEj2Wx/LsVSvwzVaHFALZZtgmYn7hW4LkdL0o8HBq1RIzLxpUs7nkZNoqoQjns6nixhNYPsTymT7ZTJnTew4ihs/92NC++Epgh6S1xrUlu804VIKTMR/gqpUZnlUg/VKv0AixnWItjB0lFczrDk76TOyXpibOJ9Wy7iTLhwryWCHi5utOqr//ODHzMPUYnTrKfLUqT2YonfHFeFTIopNMRzJ21m/r/YVxMFMtsH0voXspWD8sP1CWLEsskO5yAeG45rVGZ1osNQmsGxGvyWwBDeA8uhNMdad3t0UJTlMyryUXl2nJHQLXzyAx6oqDDiwF0yrmTwpVQT3+4GiJP+kdJpYQhduHdgP6ZtHsp98NWZszgdl+4MONul6woacu60Qwu6M8ua1wXlGliNZUyEWlY1rwvrtLsOdoi2I1iPVviXP5wMlnb2fmOSTv7WGjmHPxC80AV3mJTiwGptjFNM= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: fc4c5337-edf5-4684-65ba-08d7670694fb X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Nov 2019 00:23:45.9844 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: gBoXJ1anmViM9Is6YNd0+08B2N5l/3o9KKRCIyRQFhm4ZHfG5J3AxflGy/3LTR9jDInU0bGaPJK9zawQTqwJmnd6YmNrsMAm1szlLgvfV24= X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB4465 Return-Path: michael.a.kubacki@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Can you please make these changes in V3? MinPlatformPkg\MinPlatformPkg.dsc * It seems like a library class override section for Tcg2PlatformDxe is n= ot necessary. Can the TpmPlatformAuthLib library class simply be assigned in the [LibraryClasse= s] section? MinPlatformPkg\Tcg\Tcg2PlatformDxe\Tcg2PlatformDxe.c * I suggest using "SmmReadyToLock" instead of "ReadyToLock" throughout th= e file. * Can you please check again if all library classes included are required= for this implementation? For example, I don't see usage of MemoryAllocationLib in the file. MinPlatformPkg\Include\Library\TpmPlatformAuthLib\TpmPlatformAuthLib.h * Please add a file description to the copyright header. * ReadyToBoot is not the actual event the function is being invoked upon. So TpmPlatformAuthReadyToBootHandler ( ) is not accurate. The function is= also not directly a notification handler (the function signature does not reflect = that of a handler) so keeping "Handler" in the name is somewhat misleading. Some suggestions are: 1. TpmPlatformAuthAtSmmReadyToLock ( ) -> Keeps the event point in the = name 2. ConfigureTpmPlatformAuthAtSmmReadyToLock ( ) -> More descriptive; ke= eps event point in the name 3. ConfigureTpmPlatformAuth ( ) -> More succinct; allows flexibility fo= r invocation Unless there's a strong reason to associate the functionality with SmmRea= dyToLock, I suggest #3 (or your own name). MinPlatformPkg\Tcg\Tcg2PlatformPei\Tcg2PlatformPei.c * It doesn't seem these changes are directly related to the rest of the p= atch? Could it be a separate patch? MinPlatformPkg\Tcg\Library\TpmPlatformAuthLib\TpmPlatformAuthlib.inf * The constructor doesn't do anything. Is it actually needed? * Typo in function name: TpmPlatformAuthLibContructor MinPlatformPkg\Tcg\Library\TpmPlatformAuthLib\TpmPlatformAuthlib.c * The function description for TpmPlatformAuthLibConstructor ( ) referenc= es parameters that don't actually exist in the implementation. Thanks, Michael > -----Original Message----- > From: Gonzalez Del Cueto, Rodrigo > Sent: Monday, November 11, 2019 1:43 AM > To: devel@edk2.groups.io > Cc: Gonzalez Del Cueto, Rodrigo ; > Kubacki, Michael A ; Chiu, Chasel > ; Desimone, Nathaniel L > ; Gao, Liming > Subject: [edk2-platforms][Patch V2] MinPlatformPkg: Library for customizi= ng > TPM platform auth >=20 > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2331 >=20 > In V2: > + Kept callback function and registration in Tcg2PlatformDxe module. > + New library defining API function: TpmPlatformAuthReadyToBootHandler > for configuring the TPM's Platform Hierachy. This is now called > through Tcg2PlatformDxe's ReadyToLockEventCallBack. > + Ported GetAuthSize fix to both Tcg2PlatformPei and MinPlatform's > TpmPlatformAuthLib instance. >=20 > In order to enable some TPM use cases BIOS should enable to customize the > configuration of the TPM platform, provisioning of endorsement, platform > and storage hierarchy. >=20 > Cc: Michael Kubacki > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Liming Gao >=20 > Signed-off-by: Rodrigo Gonzalez del Cueto > > --- > .../Include/Library/TpmPlatformAuthLib.h | 24 ++ > .../Intel/MinPlatformPkg/MinPlatformPkg.dec | 2 + > .../Intel/MinPlatformPkg/MinPlatformPkg.dsc | 5 +- > .../TpmPlatformAuthLib/TpmPlatformAuthLib.c | 229 > ++++++++++++++++++ > .../TpmPlatformAuthLib/TpmPlatformAuthLib.inf | 49 ++++ > .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c | 161 ++---------- > .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf | 6 +- > .../Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c | 100 +++++--- > 8 files changed, 402 insertions(+), 174 deletions(-) create mode 100644 > Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformAuthLib.h > create mode 100644 > Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlatfo > rmAuthLib.c > create mode 100644 > Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlatfo > rmAuthLib.inf >=20 > diff --git > a/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformAuthLib.h > b/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformAuthLib.h > new file mode 100644 > index 00000000..f33b67b0 > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Include/Library/TpmPlatformAuthLib.h > @@ -0,0 +1,24 @@ > +/** @file++Copyright (c) 2019, Intel Corporation. All rights > reserved.
+SPDX-License-Identifier: BSD-2-Clause- > Patent++**/++#ifndef _TPM_PLATFORM_AUTH_LIB_H_+#define > _TPM_PLATFORM_AUTH_LIB_H_++#include +#include > ++/**+ This service will perform the TPM Platform Auth > configuration at the ReadyToBoot > event.++**/+VOID+EFIAPI+TpmPlatformAuthReadyToBootHandler (+ > VOID+ );++#endifdiff --git > a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > index a851021c..fc5979db 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dec > @@ -62,6 +62,8 @@ BoardInitLib|Include/Library/BoardInitLib.h > MultiBoardInitSupportLib|Include/Library/MultiBoardInitSupportLib.h > SecBoardInitLib|Include/Library/SecBoardInitLib.h > +TpmPlatformAuthLib|Include/Library/TpmPlatformAuthLib.h+ > TestPointLib|Include/Library/TestPointLib.h > TestPointCheckLib|Include/Library/TestPointCheckLib.h diff --git > a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > index 5f9363ff..fbfd1e5d 100644 > --- a/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > +++ b/Platform/Intel/MinPlatformPkg/MinPlatformPkg.dsc > @@ -185,7 +185,10 @@ > !if gMinPlatformPkgTokenSpaceGuid.PcdTpm2Enable =3D=3D TRUE > MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf- > MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf+ > MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf {+ > + > TpmPlatformAuthLib|MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/Tp > mPlatformAuthLib.inf+ } !endif [BuildOptions]diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlat > formAuthLib.c > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlat > formAuthLib.c > new file mode 100644 > index 00000000..8ac780e1 > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPl > +++ atformAuthLib.c > @@ -0,0 +1,229 @@ > +/** @file+ TPM Platform Auth configuration library.++ Copyright (c= ) > 2019, Intel Corporation. All rights reserved.
+ SPDX-License-Identi= fier: > BSD-2-Clause-Patent++ @par Specification Reference:+ > https://trustedcomputinggroup.org/resource/tcg-tpm-v2-0-provisioning- > guidance/+**/++#include ++#include > +#include +#include > +#include > +#include > +#include > +#include +#include > +#include ++//+// > The authorization value may be no larger than the digest produced by the > hash+// algorithm used for context integrity.+//+#define > MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE++/**+ Generate > high-quality entropy source through RDRAND.++ @param[in] Length > Size of the buffer, in bytes, to fill with.+ @param[out] Entropy = Pointer to > the buffer to store the entropy data.++ @retval EFI_SUCCESS Entro= py > generation succeeded.+ @retval EFI_NOT_READY Failed to request > random data.++**/+EFI_STATUS+EFIAPI+RdRandGenerateEntropy (+ IN > UINTN Length,+ OUT UINT8 *Entropy+ )+{+ EFI_STATUS Sta= tus;+ > UINTN BlockCount;+ UINT64 Seed[2];+ UINT8 *Ptr;++ Sta= tus =3D > EFI_NOT_READY;+ BlockCount =3D Length / 64;+ Ptr =3D (UINT8 *)Entropy;+= + > //+ // Generate high-quality seed for DRBG Entropy+ //+ while (BlockCo= unt > > 0) {+ Status =3D GetRandomNumber128 (Seed);+ if (EFI_ERROR (Statu= s)) > {+ return Status;+ }+ CopyMem (Ptr, Seed, 64);++ BlockCount= --;+ Ptr > =3D Ptr + 64;+ }++ //+ // Populate the remained data as request.+ //+= Status > =3D GetRandomNumber128 (Seed);+ if (EFI_ERROR (Status)) {+ return > Status;+ }+ CopyMem (Ptr, Seed, (Length % 64));++ return Status;+}++/*= *+ > This function returns the maximum size of TPM2B_AUTH; this structure is > used for an authorization value+ and limits an authValue to being no lar= ger > than the largest digest produced by a TPM.++ @param[out] AuthSize > Tpm2 Auth size++ @retval EFI_SUCCESS Auth size returned= .+ > @retval EFI_DEVICE_ERROR Can not return platform auth due to > device error.++**/+EFI_STATUS+EFIAPI+GetAuthSize (+ OUT UINT16 > *AuthSize+ )+{+ EFI_STATUS Status;+ TPML_PCR_SELECTION P= crs;+ > UINTN Index;+ UINT16 DigestSize;++ Statu= s =3D > EFI_SUCCESS;++ while (mAuthSize =3D=3D 0) {++ mAuthSize =3D > SHA1_DIGEST_SIZE;+ ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));+ > Status =3D Tpm2GetCapabilityPcrs (&Pcrs);++ if (EFI_ERROR (Status)) {+ > DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));+ break;+ = }++ > DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count));++ > for (Index =3D 0; Index < Pcrs.count; Index++) {+ DEBUG ((DEBUG_ERRO= R, > "alg - %x\n", Pcrs.pcrSelections[Index].hash));++ switch > (Pcrs.pcrSelections[Index].hash) {+ case TPM_ALG_SHA1:+ Diges= tSize > =3D SHA1_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA256:+ > DigestSize =3D SHA256_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA3= 84:+ > DigestSize =3D SHA384_DIGEST_SIZE;+ break;+ case TPM_ALG_SHA5= 12:+ > DigestSize =3D SHA512_DIGEST_SIZE;+ break;+ case > TPM_ALG_SM3_256:+ DigestSize =3D SM3_256_DIGEST_SIZE;+ brea= k;+ > default:+ DigestSize =3D SHA1_DIGEST_SIZE;+ break;+ }+= + if > (DigestSize > mAuthSize) {+ mAuthSize =3D DigestSize;+ }+ = }+ break;+ > }++ *AuthSize =3D mAuthSize;+ return Status;+}++/**+ Set PlatformAuth = to > random value.+**/+VOID+RandomizePlatformAuth (+ VOID+ )+{+ > EFI_STATUS Status;+ UINT16 = AuthSize;+ UINT32 > Index;+ UINT8 *Rand;+ UINTN = RandSize;+ > TPM2B_AUTH NewPlatformAuth;++ //+ // Send > Tpm2HierarchyChange Auth with random value to avoid PlatformAuth being > null+ //++ GetAuthSize (&AuthSize);++ ZeroMem > (NewPlatformAuth.buffer, AuthSize);+ NewPlatformAuth.size =3D > AuthSize;++ //+ // Allocate one buffer to store random data.+ //+ Ran= dSize > =3D MAX_NEW_AUTHORIZATION_SIZE;+ Rand =3D AllocatePool (RandSize);++ > RdRandGenerateEntropy (RandSize, Rand);+ CopyMem > (NewPlatformAuth.buffer, Rand, AuthSize);++ FreePool (Rand);++ //+ // > Send Tpm2HierarchyChangeAuth command with the new Auth value+ //+ > Status =3D Tpm2HierarchyChangeAuth (TPM_RH_PLATFORM, NULL, > &NewPlatformAuth);+ DEBUG ((DEBUG_INFO, "Tpm2HierarchyChangeAuth > Result: - %r\n", Status));+ ZeroMem (NewPlatformAuth.buffer, AuthSize);+ > ZeroMem (Rand, RandSize);+}++/**+ This service defines the configuratio= n > of the Platform Hierarchy Authorization Value (platformAuth)+ and Platf= orm > Hierarchy Authorization Policy > (platformPolicy)++**/+VOID+EFIAPI+TpmPlatformAuthReadyToBootHandle > r (+ )+{+ EFI_STATUS Status;+ VOID *Interface;++ //+ // Se= nd > Tpm2HierarchyChange Auth with random value to avoid PlatformAuth being > null+ //+ RandomizePlatformAuth ();+}++/**+ The library constructor.+= + > @param ImageHandle The firmware allocated handle for the EFI image.+ > @param SystemTable A pointer to the EFI System Table.++ @retval > EFI_SUCCESS The function always return > EFI_SUCCESS.+**/+EFI_STATUS+EFIAPI+TpmPlatformAuthLibContructor (+ > )+{+ return EFI_SUCCESS;+}diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlat > formAuthLib.inf > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPlat > formAuthLib.inf > new file mode 100644 > index 00000000..8a36f35e > --- /dev/null > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Library/TpmPlatformAuthLib/TpmPl > +++ atformAuthLib.inf > @@ -0,0 +1,49 @@ > +### @file+#+# TPM Platform Auth configuration library.+#+# Copyright (c) > 2019, Intel Corporation. All rights reserved.
+#+# SPDX-License- > Identifier: BSD-2-Clause-Patent+#+###++[Defines]+ INF_VERSION > =3D 0x00010005+ BASE_NAME =3D TpmPlatformAuthLib+ = FILE_GUID > =3D 7794F92C-4E8E-4E57-9E4A-49A0764C7D73+ MODULE_TYPE = =3D > DXE_DRIVER+ VERSION_STRING =3D 1.0+ LIBRARY_CLASS = =3D > TpmPlatformAuthLib+ CONSTRUCTOR =3D > TpmPlatformAuthLibContructor++[LibraryClasses]+ MemoryAllocationLib+ > BaseLib+ UefiBootServicesTableLib+ UefiDriverEntryPoint+ > UefiRuntimeServicesTableLib+ BaseMemoryLib+ DebugLib+ > Tpm2CommandLib+ Tpm2DeviceLib+ RngLib+ UefiLib++[Packages]+ > MdePkg/MdePkg.dec+ MdeModulePkg/MdeModulePkg.dec+ > SecurityPkg/SecurityPkg.dec+ CryptoPkg/CryptoPkg.dec++[Sources]+ > TpmPlatformAuthLib.c++[Protocols]+ > gEfiDxeSmmReadyToLockProtocolGuid ## SOMETIMES_CONSUMES ## > NOTIFY++[Guids]+ gEfiEventExitBootServicesGuid ## > SOMETIMES_CONSUMES ## Event++[Depex]+ gEfiTcg2ProtocolGuiddiff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c > index d0d88b2e..8fb5725c 100644 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe. > +++ c > @@ -1,8 +1,8 @@ > /** @file- Platform specific TPM2 component.+ Platform specific TPM2 > component for configuring the Platform Hierarchy. -Copyright (c) 2017, In= tel > Corporation. All rights reserved.
-SPDX-License-Identifier: BSD-2-Clau= se- > Patent+ Copyright (c) 2017 - 2019, Intel Corporation. All rights > reserved.
+ SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ - > 13,138 +13,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent > #include #include > #include > -#include - > #include #include +#include > #include > -#define > MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE- /**- Generate > high-quality entropy source through RDRAND.-- @param[in] Length = Size > of the buffer, in bytes, to fill with.- @param[out] Entropy Point= er to the > buffer to store the entropy data.-- @retval EFI_SUCCESS Entropy > generation succeeded.- @retval EFI_NOT_READY Failed to request > random data.--**/-EFI_STATUS-EFIAPI-RdRandGenerateEntropy (- IN > UINTN Length,- OUT UINT8 *Entropy- )-{- EFI_STATUS Sta= tus;- > UINTN BlockCount;- UINT64 Seed[2];- UINT8 *Ptr;+ Thi= s callback > function will run at the ReadyToLock event. - Status =3D EFI_NOT_READY;- > BlockCount =3D Length / 64;- Ptr =3D (UINT8 *)Entropy;-- //- // Genera= te high- > quality seed for DRBG Entropy- //- while (BlockCount > 0) {- Status = =3D > GetRandomNumber128(Seed);- if (EFI_ERROR(Status)) {- return Statu= s;- > }- CopyMem(Ptr, Seed, 64);-- BlockCount--;- Ptr =3D Ptr + 64;- = }-- //- // > Populate the remained data as request.- //- Status =3D > GetRandomNumber128(Seed);- if (EFI_ERROR(Status)) {- return Status;- = }- > CopyMem(Ptr, Seed, (Length % 64));-- return Status;-}--/**- Set > PlatformAuth to random value.-**/-VOID-RandomizePlatformAuth (- VOID- > )-{- EFI_STATUS Status;- UINT16 = AuthSize;- > TPML_PCR_SELECTION Pcrs;- UINT32 = Index;- UINT8 > *Rand;- UINTN RandSize;- TPM2B_AUTH > NewPlatformAuth;-- //- // Send Tpm2HierarchyChange Auth with random > value to avoid PlatformAuth being null- //- ZeroMem(&Pcrs, > sizeof(TPML_PCR_SELECTION));- AuthSize =3D > MAX_NEW_AUTHORIZATION_SIZE;-- Status =3D > Tpm2GetCapabilityPcrs(&Pcrs);- if (EFI_ERROR(Status)) {- > DEBUG((EFI_D_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));- } else {- for > (Index =3D 0; Index < Pcrs.count; Index++) {- switch > (Pcrs.pcrSelections[Index].hash) {- case TPM_ALG_SHA1:- AuthS= ize =3D > SHA1_DIGEST_SIZE;- break;- case TPM_ALG_SHA256:- AuthS= ize =3D > SHA256_DIGEST_SIZE;- break;- case TPM_ALG_SHA384:- Aut= hSize =3D > SHA384_DIGEST_SIZE;- break;- case TPM_ALG_SHA512:- Aut= hSize =3D > SHA512_DIGEST_SIZE;- break;- case TPM_ALG_SM3_256:- Au= thSize > =3D SM3_256_DIGEST_SIZE;- break;- }- }- }-- > ZeroMem(NewPlatformAuth.buffer, AuthSize);- NewPlatformAuth.size =3D > AuthSize;-- //- // Allocate one buffer to store random data.- //- Ran= dSize =3D > MAX_NEW_AUTHORIZATION_SIZE;- Rand =3D AllocatePool(RandSize);-- > RdRandGenerateEntropy(RandSize, Rand);- > CopyMem(NewPlatformAuth.buffer, Rand, AuthSize);-- FreePool(Rand);-- > //- // Send Tpm2HierarchyChangeAuth command with the new Auth value- > //- Status =3D Tpm2HierarchyChangeAuth(TPM_RH_PLATFORM, NULL, > &NewPlatformAuth);- DEBUG((DEBUG_INFO, "Tpm2HierarchyChangeAuth > Result: - %r\n", Status));- ZeroMem(NewPlatformAuth.buffer, AuthSize);- > ZeroMem(Rand, RandSize);-}--/**- This is the Event call back function to > notify the Library the system is entering- run time phase.+ Configurat= ion of > the TPM's Platform Hierarchy Authorization Value (platformAuth)+ and > Platform Hierarchy Authorization Policy (platformPolicy) can be defined > through this function. @param Event Pointer to this event @param > Context Event hanlder private data@@ -172,22 +49,20 @@ > ReadyToLockEventCallBack ( > return ; } - //- // Send Tpm2HierarchyChange Auth with random va= lue to > avoid PlatformAuth being null- //- RandomizePlatformAuth();+ > TpmPlatformAuthReadyToBootHandler (); gBS->CloseEvent (Event); } /**- > The driver's entry point.+ The driver's entry point. Will register a fu= nction for > callback during ReadyToLock event to+ configure the TPM's platform > authorization. - @param[in] ImageHandle The firmware allocated handle f= or > the EFI image.- @param[in] SystemTable A pointer to the EFI System > Table.+ @param[in] ImageHandle The firmware allocated handle for the E= FI > image.+ @param[in] SystemTable A pointer to the EFI System Table. - > @retval EFI_SUCCESS The entry point is executed successfully.- @retv= al > other Some error occurs when executing this entry point.+ @re= tval > EFI_SUCCESS The entry point is executed successfully.+ @retval othe= r > Some error occurs when executing this entry point. **/ EFI_STATUS > EFIAPI@@ -196,17 +71,19 @@ Tcg2PlatformDxeEntryPoint ( > IN EFI_SYSTEM_TABLE *SystemTable ) {- VOID > *Registration;- EFI_EVENT Event;+ VOID *Registrat= ion;+ > EFI_EVENT Event; - Event =3D EfiCreateProtocolNotifyEvent (+ Event = =3D > EfiCreateProtocolNotifyEvent ( > &gEfiDxeSmmReadyToLockProtocolGuid, TPL_CALLBACK, > ReadyToLockEventCallBack, NULL, &Registration = );+ > ASSERT (Event !=3D NULL); return EFI_SUCCESS; }+diff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.in > f > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.in > f > index e8ab5f35..921f7ac6 100644 > --- > a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.in > f > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe. > +++ inf > @@ -28,16 +28,14 @@ > UefiRuntimeServicesTableLib BaseMemoryLib DebugLib- > Tpm2CommandLib- Tpm2DeviceLib- RngLib UefiLib+ TpmPlatformAuthLib > [Packages] MdePkg/MdePkg.dec MdeModulePkg/MdeModulePkg.dec+ > MinPlatformPkg/MinPlatformPkg.dec SecurityPkg/SecurityPkg.dec- > CryptoPkg/CryptoPkg.dec [Sources] Tcg2PlatformDxe.cdiff --git > a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c > index 3a2d7d31..c52547e4 100644 > --- a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c > +++ > b/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei. > +++ c > @@ -1,7 +1,8 @@ > /** @file+ Platform specific TPM2 component for configuring the Platf= orm > Hierarchy. -Copyright (c) 2017, Intel Corporation. All rights reserved.- > SPDX-License-Identifier: BSD-2-Clause-Patent+ Copyright (c) 2017 - 201= 9, > Intel Corporation. All rights reserved.
+ SPDX-License-Identifier: = BSD-2- > Clause-Patent **/ @@ -72,52 +73,97 @@ RdRandGenerateEntropy ( > } /**- Set PlatformAuth to random value.+ This function returns the > maximum size of TPM2B_AUTH; this structure is used for an authorization > value+ and limits an authValue to being no larger than the largest diges= t > produced by a TPM.++ @param[out] AuthSize Tpm2 Auth size= ++ > @retval EFI_SUCCESS Auth size returned.+ @retval > EFI_DEVICE_ERROR Can not return platform auth due to device e= rror.+ > **/-VOID-RandomizePlatformAuth (- > VOID+EFI_STATUS+EFIAPI+GetAuthSize (+ OUT UINT16 *AuthSize = ) {- > EFI_STATUS Status;- UINT16 = AuthSize;- > TPML_PCR_SELECTION Pcrs;- UINT32 = Index;- UINT8 > *Rand;- UINTN RandSize;- TPM2B_AUTH > NewPlatformAuth;+ EFI_STATUS Status;+ TPML_PCR_SELECTION > Pcrs;+ UINTN Index;+ UINT16 DigestSize; = - //- // Send > Tpm2HierarchyChange Auth with random value to avoid PlatformAuth being > null- //- ZeroMem(&Pcrs, sizeof(TPML_PCR_SELECTION));- AuthSize =3D > MAX_NEW_AUTHORIZATION_SIZE;+ Status =3D EFI_SUCCESS;++ while > (mAuthSize =3D=3D 0) {++ mAuthSize =3D SHA1_DIGEST_SIZE;+ ZeroMem (= &Pcrs, > sizeof (TPML_PCR_SELECTION));+ Status =3D Tpm2GetCapabilityPcrs > (&Pcrs);++ if (EFI_ERROR (Status)) {+ DEBUG ((DEBUG_ERROR, > "Tpm2GetCapabilityPcrs fail!\n"));+ break;+ }++ DEBUG > ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - %08x\n", Pcrs.count)); - Status = =3D > Tpm2GetCapabilityPcrs(&Pcrs);- if (EFI_ERROR(Status)) {- > DEBUG((EFI_D_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));- } else { for > (Index =3D 0; Index < Pcrs.count; Index++) {+ DEBUG ((DEBUG_ERROR, "= alg - > %x\n", Pcrs.pcrSelections[Index].hash));+ switch > (Pcrs.pcrSelections[Index].hash) { case TPM_ALG_SHA1:- AuthS= ize =3D > SHA1_DIGEST_SIZE;+ DigestSize =3D SHA1_DIGEST_SIZE; break;= case > TPM_ALG_SHA256:- AuthSize =3D SHA256_DIGEST_SIZE;+ DigestSi= ze =3D > SHA256_DIGEST_SIZE; break; case TPM_ALG_SHA384:- Aut= hSize =3D > SHA384_DIGEST_SIZE;+ DigestSize =3D SHA384_DIGEST_SIZE; br= eak; > case TPM_ALG_SHA512:- AuthSize =3D SHA512_DIGEST_SIZE;+ > DigestSize =3D SHA512_DIGEST_SIZE; break; case TPM_ALG_SM3_= 256:- > AuthSize =3D SM3_256_DIGEST_SIZE;+ DigestSize =3D > SM3_256_DIGEST_SIZE;+ break;+ default:+ DigestSize =3D > SHA1_DIGEST_SIZE; break; }++ if (DigestSize > mAuthSiz= e) {+ > mAuthSize =3D DigestSize;+ } }+ break; } + *AuthSize =3D m= AuthSize;+ > return Status;+}++/**+ Set PlatformAuth to random > value.+**/+VOID+RandomizePlatformAuth (+ VOID+ )+{+ EFI_STATUS > Status;+ UINT16 AuthSize;+ UINT32 = Index;+ > UINT8 *Rand;+ UINTN = RandSize;+ TPM2B_AUTH > NewPlatformAuth;++ //+ // Send Tpm2HierarchyChange Auth with random > value to avoid PlatformAuth being null+ //++ GetAuthSize (&AuthSize);+ > ZeroMem(NewPlatformAuth.buffer, AuthSize); NewPlatformAuth.size =3D > AuthSize; -- > 2.22.0.windows.1