From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) by mx.groups.io with SMTP id smtpd.web12.15121.1595322021231253356 for ; Tue, 21 Jul 2020 02:00:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=C/UAL800; spf=pass (domain: intel.com, ip: 134.134.136.24, mailfrom: jian.j.wang@intel.com) IronPort-SDR: U+C52DQg63JWeV1fb/v74iUDXUwfZskVx2ayyscW8VEUToD4ksHNcR3vELW/+m0bRxMlI58Z5F 7Yp26ksQ/meg== X-IronPort-AV: E=McAfee;i="6000,8403,9688"; a="151435813" X-IronPort-AV: E=Sophos;i="5.75,378,1589266800"; d="scan'208";a="151435813" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by orsmga102.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jul 2020 02:00:20 -0700 IronPort-SDR: 2qe7kZJH1R+zqtMQuWNC3B8F7YhILU4mDDoTFxkyF0I7RJqLfbfDc/5MpwoRYwdYUYyiIZanCJ +zmzC1E/lq5Q== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,378,1589266800"; d="scan'208";a="287848669" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga006.jf.intel.com with ESMTP; 21 Jul 2020 02:00:20 -0700 Received: from fmsmsx612.amr.corp.intel.com (10.18.126.92) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 21 Jul 2020 02:00:19 -0700 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by fmsmsx612.amr.corp.intel.com (10.18.126.92) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 21 Jul 2020 02:00:19 -0700 Received: from NAM12-BN8-obe.outbound.protection.outlook.com (104.47.55.177) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 21 Jul 2020 02:00:16 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=arDdhY/t+40+KBuAMO78AthV4s3/GKuRGaBJ4v+WaCqcyjbMSnaqNonwiHOSCHKzoGHyew5mGg1eIGv887tDeOv8d06mOyN0he5KE5JbCSV/gl93NwWhvPGiwsOZo/8ICbkLrI7NN4crr3EJLcgp3gvl/q4xI6bW9W3gxIU/ywPa75Ji8HjzQTyWEsP5iizqitpIrGx+bc/PEjhgO4rT4h7k2uKAHlmsdNaTQ9Obp4jExgX345ZD8HhZxZKf/lPawYbNgiOc/TTGvGkAN1M+xFba+q5hXn7NGFiObYeMu/tIJ6yNQHM8ybSmrfd/naOB24lo47pLRJ1Xp/08LyhgQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R1ck31VSA26xaLm2tn4RKiQCDIob1lPvUYow6qcsLaU=; b=JatmqxfqVAJxgCKTEuqRKACycZYxj3sPIgK+3mOE7dJv9cjjvPuqGQQKPhYP+zpJqYTOtnoK61s759ANSD67G1N9atP/zmIt6jM8rUdnaIRfeP3lWyqgqJkWhztwFTGtOzXyi9oaTj3cFqt9mgggmqN1ih8//OpHZ3+ezxPAmOA+wzo0+jgP+vUV2C9/B/WdQUL+5FTu8+Vfu9eIW/xRNACBeOUBEo6uV7OaT2C1R6BHFanLdX2x66gJE8eWMc6F2bHYSiIX9NX8DtWXNBItf2O50kSVlKROcrQZbz/QQYQMJLipVtQtZY0wimSroIw2W2HZbPdT2G2hJt9Koa04BA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=R1ck31VSA26xaLm2tn4RKiQCDIob1lPvUYow6qcsLaU=; b=C/UAL800LucnHoF1YhNOojFyLf/THBbtwVHsLPpc0RC/9qHluvnlrAmbHHfZ0Dzx1R6xt741Z/kpmZ3IJrF0/gpMkiSuyGuY7qGd8mfmRGXh9haTb0gfPx4ekvWkJDmX1P+uZ+tsCWDVk2vaGvppNA+i2Cf68sgYwOulaIxRXlc= Received: from BYAPR11MB3303.namprd11.prod.outlook.com (2603:10b6:a03:18::15) by BY5PR11MB3973.namprd11.prod.outlook.com (2603:10b6:a03:185::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3195.25; Tue, 21 Jul 2020 09:00:14 +0000 Received: from BYAPR11MB3303.namprd11.prod.outlook.com ([fe80::fc2a:d66e:8c79:6ecd]) by BYAPR11MB3303.namprd11.prod.outlook.com ([fe80::fc2a:d66e:8c79:6ecd%7]) with mapi id 15.20.3195.025; Tue, 21 Jul 2020 09:00:14 +0000 From: "Wang, Jian J" To: "Zhang, Qi1" , "devel@edk2.groups.io" CC: "Yao, Jiewen" Subject: Re: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. Thread-Topic: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. Thread-Index: AQHWXBdBcIc5dOrGwEy0t/J9jTF0yqkRwImA Date: Tue, 21 Jul 2020 09:00:14 +0000 Message-ID: References: <20200717084935.11067-1-qi1.zhang@intel.com> <20200717084935.11067-6-qi1.zhang@intel.com> In-Reply-To: <20200717084935.11067-6-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiODkwYTNiM2ItYjgyMS00NWYzLWE1M2UtODJhMDljMDA0ZTVhIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiSm5yMlVxNit2N3hpMUZNMUJWXC9XNVZrR1ZjR3RcL1MwNlJlR1lcL1FET2xoQVg1ZEZwazhwNlJqMXpxU3RyNlkyNyJ9 dlp-reaction: no-action dlp-version: 11.2.0.6 dlp-product: dlpe-windows x-ctpclassification: CTP_NT authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.194] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 9d7c671b-729a-4860-a6f8-08d82d547bb0 x-ms-traffictypediagnostic: BY5PR11MB3973: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7691; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: MEG9Zb29kqY2ggIpmzKU589FBdt3uly/OimfI3Qn+nMP6YUSQlzz3d4VnxPEdPZGv1/PCtSiMQeh1qe0z84L7CqC7gnMttxUBz+RasJSOdmSSc6/Ioy/LHcVTSRNN1hSaVYRR7DR8qaTxKUT2MAeTvHQjabL6+eDHiDpL/6jVALmiNwt80rsxyFN204LbNZjRiuZUqgHeWNjCKzbXaXTYre7Jdzskjxl7MdsRh4bMxEjDXLZdenQhdPF1SorDyN23Mfmtn2icpcBjg45NlAvFAOnvCNMDvjNfgqQz24To8ctVuqEWUJNymiMyLBNxhz4lgFgEzYqT6bfVyDBg8HLrY919kV4pBD6taflH68O67ivlKhple0hVHFYdnCgjJ9UmPCF/Zug1mZoIRdcoJhLYw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BYAPR11MB3303.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(136003)(396003)(346002)(376002)(39860400002)(366004)(478600001)(966005)(6506007)(53546011)(52536014)(5660300002)(186003)(26005)(7696005)(15650500001)(2906002)(83380400001)(86362001)(64756008)(66446008)(66946007)(76116006)(316002)(66556008)(66476007)(110136005)(4326008)(107886003)(33656002)(71200400001)(9686003)(55016002)(8936002)(8676002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: 12uER9hIjP7BgZin7Tc/IYumulp7kTbQrn7i6oc9CZ6+1mIKkL5MM0iQxDJXAiKQ0MKLCj643JPmhKAsT86WRJvWggSuCbkRraJ4DKPyb0wzmpp82sE3ZPMELsn4Eh8s2siR2HkAgTpPaPtoSBh2PSJX9QxVS/LyS9zeKMeyF1Hv7U8Aq/t/irl1JGccTtG4LMxo3zSWA40PVmIqOKcuuIp4JNv5p3zd6ZZ86B/FxlIXfEfDPSM3dNLBjQjRzRHO0RJqJE7k75U0ezpUaEHqg8OLpTwbBU8kfT9RxBNjz1HaH200OvQtX7r75YFSWwulWOouQw9GIePtECXdq+0OFlBXlOv3PPyXbF5RstsNLCE2xJnxORuJecNPNNeVGobNflX4ErYmZUTp8PPXcTNVRCBTGDgeK7A44IAgwW2ewizyjRcMCOW2I50zwKx/YLCdKhsK7IhS9nv0dWhjBI0qrNypwe1Vpr6KVoiL6T+SG7tNVpGQON47yUykliwobIYL MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: BYAPR11MB3303.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 9d7c671b-729a-4860-a6f8-08d82d547bb0 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jul 2020 09:00:14.6723 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: gG+/F5qFymc0NTeVsdFS62BtnO60BF6EdjLwMwWprIEhodlBwThmNQQa9BVtib89w+hg7sEuwj42I1cE6s8Cxw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BY5PR11MB3973 Return-Path: jian.j.wang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Qi, Two format issues inlined below. In addition, according to bz2841, following requirement is embodied in this patch. Maybe there's discussion before deciding not to implement it. If so, please update bz2841 to state it explicitly. 3) Add more API in TpmMeasurementLib, such as MeasureFirmwareBlob, MeasureHandoffTable for TPM PFP rev 105 support - add description for the FirmwareBlob and HandoffTable. Regards, Jian > -----Original Message----- > From: Zhang, Qi1 > Sent: Friday, July 17, 2020 4:50 PM > To: devel@edk2.groups.io > Cc: Yao, Jiewen ; Wang, Jian J ; > Zhang, Qi1 > Subject: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instanc= e. >=20 > From: Jiewen Yao >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 >=20 > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Qi Zhang > Signed-off-by: Jiewen Yao > --- > .../PeiTpmMeasurementLib.c | 74 +++++++++++++++++++ > .../PeiTpmMeasurementLib.inf | 50 +++++++++++++ > .../PeiTpmMeasurementLib.uni | 17 +++++ > 3 files changed, 141 insertions(+) > create mode 100644 > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > create mode 100644 > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > create mode 100644 > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni >=20 > diff --git > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > new file mode 100644 > index 0000000000..1a590e0c9e > --- /dev/null > +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > @@ -0,0 +1,74 @@ > +/** @file >=20 > + This library is used by other modules to measure data to TPM. >=20 > + >=20 > +Copyright (c) 2020, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include >=20 > + >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > + >=20 > +#include >=20 > +#include >=20 > + >=20 > +/** >=20 > + Tpm measure and log data, and extend the measurement result into a spe= cific > PCR. >=20 > + >=20 > + @param[in] PcrIndex PCR Index. >=20 > + @param[in] EventType Event type. >=20 > + @param[in] EventLog Measurement event log. >=20 > + @param[in] LogLen Event log length in bytes. >=20 > + @param[in] HashData The start of the data buffer to be hashed= , > extended. >=20 > + @param[in] HashDataLen The length, in bytes, of the buffer refer= enced by > HashData >=20 > + >=20 > + @retval EFI_SUCCESS Operation completed successfully. The description of above retval is not aligned with below line. >=20 > + @retval EFI_UNSUPPORTED TPM device not available. >=20 > + @retval EFI_OUT_OF_RESOURCES Out of memory. >=20 > + @retval EFI_DEVICE_ERROR The operation was unsuccessful. >=20 > +**/ >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +TpmMeasureAndLogData ( >=20 > + IN UINT32 PcrIndex, >=20 > + IN UINT32 EventType, >=20 > + IN VOID *EventLog, >=20 > + IN UINT32 LogLen, >=20 > + IN VOID *HashData, >=20 > + IN UINT64 HashDataLen >=20 > + ) >=20 > +{ >=20 > + EFI_STATUS Status; >=20 > + EDKII_TCG_PPI *TcgPpi; >=20 > + TCG_PCR_EVENT_HDR TcgEventHdr; >=20 > + >=20 > + Status =3D PeiServicesLocatePpi( Missing a space before '(' >=20 > + &gEdkiiTcgPpiGuid, >=20 > + 0, >=20 > + NULL, >=20 > + (VOID**)&TcgPpi >=20 > + ); >=20 > + if (EFI_ERROR(Status)) { >=20 > + return Status; >=20 > + } >=20 > + >=20 > + TcgEventHdr.PCRIndex =3D PcrIndex; >=20 > + TcgEventHdr.EventType =3D EventType; >=20 > + TcgEventHdr.EventSize =3D LogLen; >=20 > + >=20 > + Status =3D TcgPpi->HashLogExtendEvent ( >=20 > + TcgPpi, >=20 > + 0, >=20 > + HashData, >=20 > + (UINTN)HashDataLen, >=20 > + &TcgEventHdr, >=20 > + EventLog >=20 > + ); >=20 > + return Status; >=20 > +} >=20 > diff --git > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > new file mode 100644 > index 0000000000..6625d0fd01 > --- /dev/null > +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > @@ -0,0 +1,50 @@ > +## @file >=20 > +# Provides TPM measurement functions for TPM1.2 and TPM 2.0 >=20 > +# >=20 > +# This library provides TpmMeasureAndLogData() to measure and log data, > and >=20 > +# extend the measurement result into a specific PCR. >=20 > +# >=20 > +# Copyright (c) 2020, Intel Corporation. All rights reserved.
>=20 > +# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +# >=20 > +## >=20 > + >=20 > +[Defines] >=20 > + INF_VERSION =3D 0x00010005 >=20 > + BASE_NAME =3D PeiTpmMeasurementLib >=20 > + FILE_GUID =3D 9A62C49D-C45A-4322-9F3C-45958DF0056= B >=20 > + MODULE_TYPE =3D PEIM >=20 > + VERSION_STRING =3D 1.0 >=20 > + LIBRARY_CLASS =3D TpmMeasurementLib|PEIM >=20 > + MODULE_UNI_FILE =3D PeiTpmMeasurementLib.uni >=20 > + >=20 > +# >=20 > +# The following information is for reference only and not required by th= e build > tools. >=20 > +# >=20 > +# VALID_ARCHITECTURES =3D IA32 X64 >=20 > +# >=20 > + >=20 > +[Sources] >=20 > + PeiTpmMeasurementLib.c >=20 > + >=20 > +[Packages] >=20 > + MdePkg/MdePkg.dec >=20 > + MdeModulePkg/MdeModulePkg.dec >=20 > + SecurityPkg/SecurityPkg.dec >=20 > + >=20 > +[LibraryClasses] >=20 > + BaseLib >=20 > + BaseMemoryLib >=20 > + HobLib >=20 > + DebugLib >=20 > + PcdLib >=20 > + PrintLib >=20 > + PeiServicesLib >=20 > + PeiServicesTablePointerLib >=20 > + >=20 > +[Ppis] >=20 > + gEdkiiTcgPpiGuid #= # CONSUMES >=20 > + >=20 > +[Depex] >=20 > + gEfiPeiMasterBootModePpiGuid AND >=20 > + gEfiTpmDeviceSelectedGuid >=20 > diff --git > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > new file mode 100644 > index 0000000000..7b4341b449 > --- /dev/null > +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > @@ -0,0 +1,17 @@ > +// /** @file >=20 > +// Provides TPM measurement functions for TPM1.2 and TPM 2.0 >=20 > +// >=20 > +// This library provides TpmMeasureAndLogData() to to measure and log da= ta, > and >=20 > +// extend the measurement result into a specific PCR. >=20 > +// >=20 > +// Copyright (c) 2020, Intel Corporation. All rights reserved.
>=20 > +// >=20 > +// SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +// >=20 > +// **/ >=20 > + >=20 > + >=20 > +#string STR_MODULE_ABSTRACT #language en-US "Provides TPM > measurement functions for TPM1.2 and TPM 2.0" >=20 > + >=20 > +#string STR_MODULE_DESCRIPTION #language en-US "This library > provides TpmMeasureAndLogData() to to measure and log data, and extend th= e > measurement result into a specific PCR." >=20 > + >=20 > -- > 2.26.2.windows.1