From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Zhang, Qi1" <qi1.zhang@intel.com>,
"devel@edk2.groups.io" <devel@edk2.groups.io>
Cc: "Yao, Jiewen" <jiewen.yao@intel.com>
Subject: Re: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance.
Date: Tue, 21 Jul 2020 09:00:14 +0000 [thread overview]
Message-ID: <BYAPR11MB330391D5704135181EB764CFB6780@BYAPR11MB3303.namprd11.prod.outlook.com> (raw)
In-Reply-To: <20200717084935.11067-6-qi1.zhang@intel.com>
Qi,
Two format issues inlined below.
In addition, according to bz2841, following requirement is embodied in
this patch. Maybe there's discussion before deciding not to implement
it. If so, please update bz2841 to state it explicitly.
3) Add more API in TpmMeasurementLib, such as MeasureFirmwareBlob,
MeasureHandoffTable for TPM PFP rev 105 support - add description for
the FirmwareBlob and HandoffTable.
Regards,
Jian
> -----Original Message-----
> From: Zhang, Qi1 <qi1.zhang@intel.com>
> Sent: Friday, July 17, 2020 4:50 PM
> To: devel@edk2.groups.io
> Cc: Yao, Jiewen <jiewen.yao@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Zhang, Qi1 <qi1.zhang@intel.com>
> Subject: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance.
>
> From: Jiewen Yao <jiewen.yao@intel.com>
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841
>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Qi Zhang <qi1.zhang@intel.com>
> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
> ---
> .../PeiTpmMeasurementLib.c | 74 +++++++++++++++++++
> .../PeiTpmMeasurementLib.inf | 50 +++++++++++++
> .../PeiTpmMeasurementLib.uni | 17 +++++
> 3 files changed, 141 insertions(+)
> create mode 100644
> SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c
> create mode 100644
> SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf
> create mode 100644
> SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni
>
> diff --git
> a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c
> b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c
> new file mode 100644
> index 0000000000..1a590e0c9e
> --- /dev/null
> +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c
> @@ -0,0 +1,74 @@
> +/** @file
>
> + This library is used by other modules to measure data to TPM.
>
> +
>
> +Copyright (c) 2020, Intel Corporation. All rights reserved. <BR>
>
> +SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +
>
> +**/
>
> +
>
> +#include <PiPei.h>
>
> +
>
> +#include <Library/BaseMemoryLib.h>
>
> +#include <Library/PeiServicesLib.h>
>
> +#include <Library/PeiServicesTablePointerLib.h>
>
> +#include <Library/DebugLib.h>
>
> +#include <Library/HobLib.h>
>
> +#include <Library/TpmMeasurementLib.h>
>
> +
>
> +#include <Ppi/Tcg.h>
>
> +#include <IndustryStandard/UefiTcgPlatform.h>
>
> +
>
> +/**
>
> + Tpm measure and log data, and extend the measurement result into a specific
> PCR.
>
> +
>
> + @param[in] PcrIndex PCR Index.
>
> + @param[in] EventType Event type.
>
> + @param[in] EventLog Measurement event log.
>
> + @param[in] LogLen Event log length in bytes.
>
> + @param[in] HashData The start of the data buffer to be hashed,
> extended.
>
> + @param[in] HashDataLen The length, in bytes, of the buffer referenced by
> HashData
>
> +
>
> + @retval EFI_SUCCESS Operation completed successfully.
The description of above retval is not aligned with below line.
>
> + @retval EFI_UNSUPPORTED TPM device not available.
>
> + @retval EFI_OUT_OF_RESOURCES Out of memory.
>
> + @retval EFI_DEVICE_ERROR The operation was unsuccessful.
>
> +**/
>
> +EFI_STATUS
>
> +EFIAPI
>
> +TpmMeasureAndLogData (
>
> + IN UINT32 PcrIndex,
>
> + IN UINT32 EventType,
>
> + IN VOID *EventLog,
>
> + IN UINT32 LogLen,
>
> + IN VOID *HashData,
>
> + IN UINT64 HashDataLen
>
> + )
>
> +{
>
> + EFI_STATUS Status;
>
> + EDKII_TCG_PPI *TcgPpi;
>
> + TCG_PCR_EVENT_HDR TcgEventHdr;
>
> +
>
> + Status = PeiServicesLocatePpi(
Missing a space before '('
>
> + &gEdkiiTcgPpiGuid,
>
> + 0,
>
> + NULL,
>
> + (VOID**)&TcgPpi
>
> + );
>
> + if (EFI_ERROR(Status)) {
>
> + return Status;
>
> + }
>
> +
>
> + TcgEventHdr.PCRIndex = PcrIndex;
>
> + TcgEventHdr.EventType = EventType;
>
> + TcgEventHdr.EventSize = LogLen;
>
> +
>
> + Status = TcgPpi->HashLogExtendEvent (
>
> + TcgPpi,
>
> + 0,
>
> + HashData,
>
> + (UINTN)HashDataLen,
>
> + &TcgEventHdr,
>
> + EventLog
>
> + );
>
> + return Status;
>
> +}
>
> diff --git
> a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf
> b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf
> new file mode 100644
> index 0000000000..6625d0fd01
> --- /dev/null
> +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf
> @@ -0,0 +1,50 @@
> +## @file
>
> +# Provides TPM measurement functions for TPM1.2 and TPM 2.0
>
> +#
>
> +# This library provides TpmMeasureAndLogData() to measure and log data,
> and
>
> +# extend the measurement result into a specific PCR.
>
> +#
>
> +# Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> +# SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +#
>
> +##
>
> +
>
> +[Defines]
>
> + INF_VERSION = 0x00010005
>
> + BASE_NAME = PeiTpmMeasurementLib
>
> + FILE_GUID = 9A62C49D-C45A-4322-9F3C-45958DF0056B
>
> + MODULE_TYPE = PEIM
>
> + VERSION_STRING = 1.0
>
> + LIBRARY_CLASS = TpmMeasurementLib|PEIM
>
> + MODULE_UNI_FILE = PeiTpmMeasurementLib.uni
>
> +
>
> +#
>
> +# The following information is for reference only and not required by the build
> tools.
>
> +#
>
> +# VALID_ARCHITECTURES = IA32 X64
>
> +#
>
> +
>
> +[Sources]
>
> + PeiTpmMeasurementLib.c
>
> +
>
> +[Packages]
>
> + MdePkg/MdePkg.dec
>
> + MdeModulePkg/MdeModulePkg.dec
>
> + SecurityPkg/SecurityPkg.dec
>
> +
>
> +[LibraryClasses]
>
> + BaseLib
>
> + BaseMemoryLib
>
> + HobLib
>
> + DebugLib
>
> + PcdLib
>
> + PrintLib
>
> + PeiServicesLib
>
> + PeiServicesTablePointerLib
>
> +
>
> +[Ppis]
>
> + gEdkiiTcgPpiGuid ## CONSUMES
>
> +
>
> +[Depex]
>
> + gEfiPeiMasterBootModePpiGuid AND
>
> + gEfiTpmDeviceSelectedGuid
>
> diff --git
> a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni
> b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni
> new file mode 100644
> index 0000000000..7b4341b449
> --- /dev/null
> +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni
> @@ -0,0 +1,17 @@
> +// /** @file
>
> +// Provides TPM measurement functions for TPM1.2 and TPM 2.0
>
> +//
>
> +// This library provides TpmMeasureAndLogData() to to measure and log data,
> and
>
> +// extend the measurement result into a specific PCR.
>
> +//
>
> +// Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>
>
> +//
>
> +// SPDX-License-Identifier: BSD-2-Clause-Patent
>
> +//
>
> +// **/
>
> +
>
> +
>
> +#string STR_MODULE_ABSTRACT #language en-US "Provides TPM
> measurement functions for TPM1.2 and TPM 2.0"
>
> +
>
> +#string STR_MODULE_DESCRIPTION #language en-US "This library
> provides TpmMeasureAndLogData() to to measure and log data, and extend the
> measurement result into a specific PCR."
>
> +
>
> --
> 2.26.2.windows.1
next prev parent reply other threads:[~2020-07-21 9:00 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-17 8:49 [PATCH v4 0/6] Add capability to let PEIM extend TcgEvent Qi Zhang
2020-07-17 8:49 ` [PATCH v4 1/6] SecurityPkg/TcgPpi: Add TcgPpi header file Qi Zhang
2020-07-21 8:37 ` Wang, Jian J
2020-07-17 8:49 ` [PATCH v4 2/6] SecurityPkg/dec: Add TcgPpi Qi Zhang
2020-07-21 8:37 ` Wang, Jian J
2020-07-17 8:49 ` [PATCH v4 3/6] SecurityPkg/Tcg: " Qi Zhang
2020-07-21 8:36 ` Wang, Jian J
2020-07-17 8:49 ` [PATCH v4 4/6] SecurityPkg/Tcg2: " Qi Zhang
2020-07-21 8:52 ` Wang, Jian J
2020-07-17 8:49 ` [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance Qi Zhang
2020-07-21 9:00 ` Wang, Jian J [this message]
[not found] ` <1623B8ED1BE72736.9882@groups.io>
2020-07-21 9:16 ` [edk2-devel] " Wang, Jian J
2020-07-21 15:05 ` Yao, Jiewen
2020-07-22 1:08 ` Wang, Jian J
2020-07-22 2:08 ` Qi Zhang
2020-07-22 2:13 ` Yao, Jiewen
2020-07-17 8:49 ` [PATCH v4 6/6] SecurityPkg/dsc: Add PeiTpmMeasurementLib Qi Zhang
2020-07-21 9:00 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=BYAPR11MB330391D5704135181EB764CFB6780@BYAPR11MB3303.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox