From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (NAM11-BN8-obe.outbound.protection.outlook.com [40.107.236.120]) by mx.groups.io with SMTP id smtpd.web12.127602.1597989332927653158 for ; Thu, 20 Aug 2020 22:55:33 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@microsoft.com header.s=selector2 header.b=j1LJ/Yrn; spf=pass (domain: microsoft.com, ip: 40.107.236.120, mailfrom: bret.barkelew@microsoft.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=kwTCQKt1csKAWzQNW8Ivg50VP4/HVP+JT5lFnrFuOqBdoNadlnHmX6Z1WL851K2ACmzrvsvoqcu4b+430fQUw7S7ydL2p2je1l8y19GrmdwqlDNitFhZN7e7PeQL2irUmYC+WbSWC586etOlbdbTMf29JP7VlsDoJQ0SA1xhqLIqjtTg/6hR8K/zLPpCbMl75SRpcQZh6w/0EfzZo3HKWt6QQK8B1MVBWur3s5yG/cytGLSnqVCllXZP6/DKT/V+L926Q+wXyVKNtVtN1g9lGyB8D2rGCHuql8aCsz5UFrhcsg+D6ipI2rilpzS/gOZq/SjX3hUdw3M66NotcUWezw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AoMTujMy/J/ptgI6avXiuZ/ZTEkzUiWsY41+EBs8TZY=; b=lWr0/d9covcTiMFd4CCAfHM8nJuwlOHZMgqhob+uo/fLZ86as26mpSMrSSbNMJ46Az7BQYwbAMLBiid4SDzQ2IgD7qub8O3VJ1uSefWlblF9y/Z4Ugou7peIsfm/DODZ1gSa8zOX6qCroNQdcHMPqAIVQG4yA/GNMU9oi3ug5JQxXQAVUMUvo2ax9ZLcAE0IoMdLx7NRw0q0js6+71tSKEEyG6H7XMxc2NAkGGRy6eHRj38gLNVMZ3nl1Gdq5XiTVN0KTstzTjNSVjYqLGH9p+G8Fmw4WzdmbsmPoz7kzuNPGCZgVQb/JsfhKtpdkDfaQy9/wReB2CArpGzaf9wPfw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=microsoft.com; dmarc=pass action=none header.from=microsoft.com; dkim=pass header.d=microsoft.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=AoMTujMy/J/ptgI6avXiuZ/ZTEkzUiWsY41+EBs8TZY=; b=j1LJ/Yrnp66B0kASvPO9X3gw8vdvs10j/1d+nehroYGZd7m7wuguUn48wG3hJ5SuhDw2DyDwALP4hgi2kbiINJ2jUbtnawHTWTyqjUkomxAxgQm8vIDi9FVFszm46fbr2eEoZn4nreMKjukvuigJuumvBbB/bztRNlzfUfrnlu0= Received: from CY4PR21MB0743.namprd21.prod.outlook.com (2603:10b6:903:b2::9) by CY4PR2101MB0802.namprd21.prod.outlook.com (2603:10b6:910:8f::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3305.13; Fri, 21 Aug 2020 05:55:31 +0000 Received: from CY4PR21MB0743.namprd21.prod.outlook.com ([fe80::2ca0:7d3e:e918:c47a]) by CY4PR21MB0743.namprd21.prod.outlook.com ([fe80::2ca0:7d3e:e918:c47a%12]) with mapi id 15.20.3326.011; Fri, 21 Aug 2020 05:55:31 +0000 From: "Bret Barkelew" To: "devel@edk2.groups.io" , "qi1.zhang@intel.com" CC: "Yao, Jiewen" , Jian J Wang , Hao A Wu , Chasel Chiu , "Desimone, Nathaniel L" , Star Zeng Subject: Re: [EXTERNAL] [edk2-devel] [PATCH v4 0/8] Need add a FSP binary measurement Thread-Topic: [EXTERNAL] [edk2-devel] [PATCH v4 0/8] Need add a FSP binary measurement Thread-Index: AQHWdSiAVIonecY8G0e2f7tsMJf+/6lCFM0M Date: Fri, 21 Aug 2020 05:55:30 +0000 Message-ID: References: <20200818062618.3698-1-qi1.zhang@intel.com> In-Reply-To: <20200818062618.3698-1-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: msip_labels: MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Enabled=True;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SiteId=72f988bf-86f1-41af-91ab-2d7cd011db47;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_SetDate=2020-08-21T05:55:29.918Z;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Name=General;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_ContentBits=0;MSIP_Label_f42aa342-8706-4288-bd11-ebb85995028c_Method=Standard; authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=microsoft.com; x-originating-ip: [174.21.132.206] x-ms-publictraffictype: Email x-ms-office365-filtering-ht: Tenant x-ms-office365-filtering-correlation-id: 7ccb9323-4bfc-4823-907b-08d84596d008 x-ms-traffictypediagnostic: CY4PR2101MB0802: x-ld-processed: 72f988bf-86f1-41af-91ab-2d7cd011db47,ExtAddr x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:4941; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: NqOujMwgpc5USvoZOwOGRc1h2kRNWw9/wPex5LmUBoJ8jBOr+YFUxHdx2J25mqaBXrzWnu27bAekRuFYoZjxXDcLAnLP977EhGkCiEOP/u3eqCyeX8IYG7OsxX/HrFnGWvJ0DM2UB32k/pnTJ84E1oZDa9SicW3zDKzWRF991Rey6xht2UVmhzpak5OZlO3mFB39jWmTbn4u5B6KUzpdSjD35Qc75Dsjj1IeSq6vAOtp76d88PuXtT2oP05m0pmgBhiSvDHECH5xawpBBXgEFsiqqXSVXFcC6UhO9MVIBrEzQfREsYZ2iYQd24opFOboQnpyl+VsWmdiDazrKCbrYYaGknikUawok/hIXEWHq5DOMnLiZd3pBeWkFEowJeFhqX6FtA8DmCPnfng5BRT7pg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CY4PR21MB0743.namprd21.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(346002)(376002)(396003)(136003)(366004)(39860400002)(316002)(186003)(4326008)(19627405001)(33656002)(8936002)(82960400001)(82950400001)(26005)(478600001)(8676002)(5660300002)(71200400001)(91956017)(76116006)(66446008)(54906003)(52536014)(10290500003)(86362001)(8990500004)(9686003)(7696005)(6506007)(83380400001)(64756008)(53546011)(166002)(110136005)(66946007)(2906002)(66476007)(55016002)(966005)(66556008);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: Wfc7jwA26xjt1kPf3iBivv1kk/tPEBoYLz7laZWJUtPBxPTXxf3oBOB1u309RKXOAtG8CoCkZ1N7zokaoGImZoC4FE3+MtrFXWp6XYB3VsJM4S98gGTGqVpDIEETQZvi4HaZ+C9FlZD4SsEqylGhIdTWVUgSUrbBNd60gzESE2jh70HlLVo7oh14Kf/Yxbv8MRBFXeTj+TC7ckqTnzeCQHhSMWvDWWZ9XRyIX2txisQEWj62ti7S9fpKHZ7uf8k1vyAW2bLbMzIK8BQVFTZZRJMdOyamau5fnpLm4SzyccJ4ylyNKvB5Z4ePKX8UaoDOnXGSqzhcQ0UQvNUv0p9tW1+qOW+BO9p1FsOg/VlywGvmYoK15kyngnreQf82mcHaoBlk/olV4BJ5o+eIwkGgBy0bhvFEWayeajvjWP1BM7cADfMOrS94i+r7Q38PoGvtPemZf5O7oVMofEYNFDUN76Qi1LTN6ZzQZy01q62/4tf8hzGSyF2m/e0LOwtSolOM4eX408lO3J+E6Bmo7/nndwBO8LmVTgwtd7hlBbzyB2czQeboF0jsYADlIIH59fpYmClyz0DgdB9jHJXpVITVa8FELMU6g9brQK/uFnjTtlDiSUyhFtQ50U8ta9rkYwoJLISds+8okIXlm4rtlO5dhA== x-ms-exchange-transport-forked: True MIME-Version: 1.0 X-OriginatorOrg: microsoft.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: CY4PR21MB0743.namprd21.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 7ccb9323-4bfc-4823-907b-08d84596d008 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Aug 2020 05:55:30.9133 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 72f988bf-86f1-41af-91ab-2d7cd011db47 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: O2mWJSzdcUH2msy2KxkhwbJIJrWreU1hLNJ5C5aZ6NI8xogS429Im1fEzLmKI0mb64ekLtyg2M/Yw9N0Uu9yQg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR2101MB0802 Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_CY4PR21MB0743CF51CE685C39A1FF2692EF5B0CY4PR21MB0743namp_" --_000_CY4PR21MB0743CF51CE685C39A1FF2692EF5B0CY4PR21MB0743namp_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Does this live in a branch somewhere? I'd like to take a look at it and mak= e sure it fully replaces our current custom solution. Thanks! - Bret ________________________________ From: devel@edk2.groups.io on behalf of Qi Zhang vi= a groups.io Sent: Monday, August 17, 2020 11:26 PM To: devel@edk2.groups.io Cc: Qi Zhang ; Yao, Jiewen ; Ji= an J Wang ; Hao A Wu ; Chasel Ch= iu ; Desimone, Nathaniel L ; Star Zeng Subject: [EXTERNAL] [edk2-devel] [PATCH v4 0/8] Need add a FSP binary meas= urement v4 change: rename FvEventLogRecordLib to TcgEventLogRecordLib. v3 change: add a new lib FvEventLogRecordLib for gerneric code. REF: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fb= ugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2376&data=3D02%7C01%7CBret.= Barkelew%40microsoft.com%7C0a458f4d4eea4c503fe908d8433fa25d%7C72f988bf86f14= 1af91ab2d7cd011db47%7C1%7C0%7C637333287874367194&sdata=3DSGpI04kc3Tcoo3= 6CQ903bnTN2NFPUxoc8YzIwzIdfcs%3D&reserved=3D0 The EDKII BIOS calls FSP API in FSP Wrapper Pkg. This FSP code need to be measured into TPM. We need add a generic module in FSP Wrapper Pkg code to measure: 1) FSP-T, FSP-M, FSP-S in API mode. 2) FSP-T in Dispatch-mode. The FSP-M and FSP-S will be reported as standard FV and they will be measured by TCG-PEI. Cc: Jiewen Yao Cc: Jian J Wang Cc: Hao A Wu Cc: Chasel Chiu Cc: Nate DeSimone Cc: Star Zeng Cc: Qi Zhang Jiewen Yao (4): IntelFsp2WrapperPkg/FspMeasurementLib: Add header file. IntelFsp2WrapperPkg/FspMeasurementLib: Add BaseFspMeasurementLib. IntelFsp2WraperPkg/Fsp{m|s}WrapperPeim: Add FspBin measurement. IntelFsp2Wrapper/dsc: Add FspTpmMeasurementLib and PcdFspMeasurementConfig. Qi Zhang (4): SecurityPkg/TcgEventLogRecordLib: add new lib for firmware measurement SecurityPkg/dsc: add FvEventLogRecordLib SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY IntelFsp2WrapperPkg/dsc: add HashLib, Tpm2CommandLib and Tpm2DeviceLib .../FspmWrapperPeim/FspmWrapperPeim.c | 90 ++++++- .../FspmWrapperPeim/FspmWrapperPeim.inf | 20 +- .../FspsWrapperPeim/FspsWrapperPeim.c | 86 +++++- .../FspsWrapperPeim/FspsWrapperPeim.inf | 27 +- .../Include/Library/FspMeasurementLib.h | 39 +++ IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec | 17 ++ IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc | 10 +- .../BaseFspMeasurementLib.inf | 54 ++++ .../BaseFspMeasurementLib/FspMeasurementLib.c | 248 ++++++++++++++++++ .../Include/Library/TcgEventLogRecordLib.h | 97 +++++++ SecurityPkg/Include/Ppi/Tcg.h | 5 + .../TcgEventLogRecordLib.c | 197 ++++++++++++++ .../TcgEventLogRecordLib.inf | 40 +++ .../TcgEventLogRecordLib.uni | 17 ++ SecurityPkg/SecurityPkg.dec | 3 + SecurityPkg/SecurityPkg.dsc | 2 + SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 +- 17 files changed, 939 insertions(+), 25 deletions(-) create mode 100644 IntelFsp2WrapperPkg/Include/Library/FspMeasurementLib.= h create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/Base= FspMeasurementLib.inf create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspM= easurementLib.c create mode 100644 SecurityPkg/Include/Library/TcgEventLogRecordLib.h create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRe= cordLib.c create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRe= cordLib.inf create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRe= cordLib.uni -- 2.26.2.windows.1 --_000_CY4PR21MB0743CF51CE685C39A1FF2692EF5B0CY4PR21MB0743namp_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Does this live in a branch somewhere? I'd like to take a look at it and ma= ke sure it fully replaces our current custom solution.

Thanks!

- Bret


From: dev= el@edk2.groups.io <devel@edk2.groups.io> on behalf of Qi Zhang via gr= oups.io <qi1.zhang=3Dintel.com@groups.io>
Sent: Monday, August 17, 2020 11:26 PM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Qi Zhang <qi1.zhang@intel.com>; Yao, Jiewen <jiewen.ya= o@intel.com>; Jian J Wang <jian.j.wang@intel.com>; Hao A Wu <ha= o.a.wu@intel.com>; Chasel Chiu <chasel.chiu@intel.com>; Desimone, = Nathaniel L <nathaniel.l.desimone@intel.com>; Star Zeng <star.zeng= @intel.com>
Subject: [EXTERNAL] [edk2-devel] [PATCH v4 0/8] Need add a FSP bina= ry measurement
 
v4 change:
   rename FvEventLogRecordLib to TcgEventLogRecordLib.
v3 change:
  add a new lib FvEventLogRecordLib for gerneric code.

REF: https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugzil= la.tianocore.org%2Fshow_bug.cgi%3Fid%3D2376&amp;data=3D02%7C01%7CBret.B= arkelew%40microsoft.com%7C0a458f4d4eea4c503fe908d8433fa25d%7C72f988bf86f141= af91ab2d7cd011db47%7C1%7C0%7C637333287874367194&amp;sdata=3DSGpI04kc3Tc= oo36CQ903bnTN2NFPUxoc8YzIwzIdfcs%3D&amp;reserved=3D0

The EDKII BIOS calls FSP API in FSP Wrapper Pkg.
This FSP code need to be measured into TPM.

We need add a generic module in FSP Wrapper Pkg code to measure:
1) FSP-T, FSP-M, FSP-S in API mode.
2) FSP-T in Dispatch-mode. The FSP-M and FSP-S will be reported
   as standard FV and they will be measured by TCG-PEI.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chasel Chiu <chasel.chiu@intel.com>
Cc: Nate DeSimone <nathaniel.l.desimone@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>

Jiewen Yao (4):
  IntelFsp2WrapperPkg/FspMeasurementLib: Add header file.
  IntelFsp2WrapperPkg/FspMeasurementLib: Add BaseFspMeasurementLib.   IntelFsp2WraperPkg/Fsp{m|s}WrapperPeim: Add FspBin measurement.
  IntelFsp2Wrapper/dsc: Add FspTpmMeasurementLib and
    PcdFspMeasurementConfig.

Qi Zhang (4):
  SecurityPkg/TcgEventLogRecordLib: add new lib for firmware measurem= ent
  SecurityPkg/dsc: add FvEventLogRecordLib
  SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY
  IntelFsp2WrapperPkg/dsc: add HashLib, Tpm2CommandLib and Tpm2Device= Lib

 .../FspmWrapperPeim/FspmWrapperPeim.c     &= nbsp;   |  90 ++++++-
 .../FspmWrapperPeim/FspmWrapperPeim.inf     = ;  |  20 +-
 .../FspsWrapperPeim/FspsWrapperPeim.c     &= nbsp;   |  86 +++++-
 .../FspsWrapperPeim/FspsWrapperPeim.inf     = ;  |  27 +-
 .../Include/Library/FspMeasurementLib.h     = ;  |  39 +++
 IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec   |  17 += +
 IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dsc   |  10 += -
 .../BaseFspMeasurementLib.inf      &nb= sp;          |  54 ++++  .../BaseFspMeasurementLib/FspMeasurementLib.c | 248 ++++++++++++++++= ++
 .../Include/Library/TcgEventLogRecordLib.h    | = 97 +++++++
 SecurityPkg/Include/Ppi/Tcg.h      &nb= sp;          |   5 +=
 .../TcgEventLogRecordLib.c       =              | = 197 ++++++++++++++
 .../TcgEventLogRecordLib.inf      &nbs= p;           |  40 += ++
 .../TcgEventLogRecordLib.uni      &nbs= p;           |  17 += +
 SecurityPkg/SecurityPkg.dec       = ;            | =   3 +
 SecurityPkg/SecurityPkg.dsc       = ;            | =   2 +
 SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c      = ;       |  12 +-
 17 files changed, 939 insertions(+), 25 deletions(-)
 create mode 100644 IntelFsp2WrapperPkg/Include/Library/FspMeasuremen= tLib.h
 create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib= /BaseFspMeasurementLib.inf
 create mode 100644 IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib= /FspMeasurementLib.c
 create mode 100644 SecurityPkg/Include/Library/TcgEventLogRecordLib.= h
 create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEvent= LogRecordLib.c
 create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEvent= LogRecordLib.inf
 create mode 100644 SecurityPkg/Library/TcgEventLogRecordLib/TcgEvent= LogRecordLib.uni

--
2.26.2.windows.1




--_000_CY4PR21MB0743CF51CE685C39A1FF2692EF5B0CY4PR21MB0743namp_--