From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) by mx.groups.io with SMTP id smtpd.web10.21008.1595343912195543304 for ; Tue, 21 Jul 2020 08:05:12 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=wl0RggXK; spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: jiewen.yao@intel.com) IronPort-SDR: 4SapvddkuULDofQOjyp38PXmhXkG9oJi3VHtgKp3agJpZCqtatj2Ar+g/YZ/EVxIJn+pNdkA90 pJc0BIG350Ew== X-IronPort-AV: E=McAfee;i="6000,8403,9689"; a="148081134" X-IronPort-AV: E=Sophos;i="5.75,379,1589266800"; d="scan'208";a="148081134" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 21 Jul 2020 08:05:10 -0700 IronPort-SDR: U3bG1cUqB9kXCUtLkVlxx9KWfNPNwp6FC9ludzWeJgEqrxhFGwF7IXlXpDfmu1tv3PftZ2CnBd 9tmHq9XqSuGQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.75,379,1589266800"; d="scan'208";a="319932562" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by fmsmga002.fm.intel.com with ESMTP; 21 Jul 2020 08:05:10 -0700 Received: from FMSEDG001.ED.cps.intel.com (10.1.192.133) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 21 Jul 2020 08:05:10 -0700 Received: from NAM11-BN8-obe.outbound.protection.outlook.com (104.47.58.175) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 21 Jul 2020 08:05:10 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=I3IrhfOR71589ptl+vdayk1QLFaJmkDd2vYxdex+1sM/8xC+8Ihk5CRrBJ05/hDRFB559ovdQUfmK7JkRaiSwVGVfT4ufWaVD26xlP2YP04qnjb4qplGOVuJGND+qtXCFCdPQRKUmBgBIyD+BlHQtKh2l7TOtWMO1ikgoYBFsbp0Urd7WIE0qYiaPa+0QsXzA3MRkqzeLOjdX43i+RS+VsYcF7n65mfTURB4vcZw8taZSllU63yd7lq4rSX8AXVKhzH+6s22B+P/QBGVeQ4lzn7epr1A6dwtQCw2nuXUDtiE19I3N7Hfv8X5nIUbdB6Jry5S+WNsLj64btl0/d4m0A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3XopcMQxqJIt/XjtXMy1qwXfnbM5E3A3zwHYolNfQH8=; b=IgHLCvMhSJB5ULHsm8Hx2D5xLCusXZ/anl7waAIwYkO+/O5OOIasElDF/60NNF4hwee/racfi7GX0sfzxra2VPX3aaDfaEbt60B4UmL9iKS5FPwk0Q95cYktwjdyhr3Ftb6CCth3uzoIcuepNORIzxt8CteWXeikpLYghWwBoKdWcCRBzB+4w+nF2FNTcP0bg57E++mB+Z5yrfPLdnFQn1hTSZpJonvpOUqgBA8n/ZZUE3kezULRHzz1cJPr/fNXKijLS8fd6opsFaIfDvkUgZbXeVyIcb2exiqv2pdCjSUOF/yziqm+eDwGphavLTS9Uyp6I1ylibyJdG57I9Dcug== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3XopcMQxqJIt/XjtXMy1qwXfnbM5E3A3zwHYolNfQH8=; b=wl0RggXKq8cmGPmYEf6ZluYJ+yVH/BwndddN17cyeakhsRbmkzL7JKxDEyWg4xz7rQyBfOf3dFIhPC2DS5XRzSJe08oQ6Y8Foi2c4yerHnEm+l3GZuh9kYyr5dFL10FZQeCXxBR5nSXMm3zQey65LsE6F20p+5nN2ivbLBwMp+Q= Received: from DM5PR11MB2026.namprd11.prod.outlook.com (2603:10b6:3:10::17) by DM6PR11MB2554.namprd11.prod.outlook.com (2603:10b6:5:c8::21) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3216.21; Tue, 21 Jul 2020 15:05:08 +0000 Received: from DM5PR11MB2026.namprd11.prod.outlook.com ([fe80::e19d:1de4:c479:da4]) by DM5PR11MB2026.namprd11.prod.outlook.com ([fe80::e19d:1de4:c479:da4%4]) with mapi id 15.20.3216.020; Tue, 21 Jul 2020 15:05:08 +0000 From: "Yao, Jiewen" To: "Wang, Jian J" , "devel@edk2.groups.io" , "Zhang, Qi1" CC: "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. Thread-Topic: [edk2-devel] [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. Thread-Index: AQHWXBdB+ecqH2H06EKV3WvCo/ZO16kRwImAgAAGLUCAAGGjUA== Date: Tue, 21 Jul 2020 15:05:08 +0000 Message-ID: References: <20200717084935.11067-1-qi1.zhang@intel.com> <20200717084935.11067-6-qi1.zhang@intel.com> <1623B8ED1BE72736.9882@groups.io> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiODkwYTNiM2ItYjgyMS00NWYzLWE1M2UtODJhMDljMDA0ZTVhIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiSm5yMlVxNit2N3hpMUZNMUJWXC9XNVZrR1ZjR3RcL1MwNlJlR1lcL1FET2xoQVg1ZEZwazhwNlJqMXpxU3RyNlkyNyJ9 x-ctpclassification: CTP_NT dlp-version: 11.2.0.6 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [101.87.139.24] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d6212f85-d887-436d-f52a-08d82d877562 x-ms-traffictypediagnostic: DM6PR11MB2554: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:7691; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: Pp5dXEg3LsxDVqVe/2+tH+EWP5mt/ebdh/O5RVgkhXDVbT1M6TidgZ8jchuEQmtl8nDwPEBKlWgYNuPgflz11bSPyCdcihd7lcwKP7uNcLuJmK3bw3Uiw+vpgGHvYBsxmolxBGSBDW79Ygdc2ptl30Rrx1W7dpV5f+yUOUA1LQo6oKdOnitKpOOcHu9pSuiHUsJ192DxAn34bZrv0aSvJltCXbpvvE1VSWqmixV7yNai2mYKd2l3GVWrfNWb/NggzvCGUJYaNnQ9+MiICAlfEh6j3e2RgdPs3W22wsXksaWMufYE+mWKrDaCw9WoyXhjtcq6TKww3/qr2ePPt627AuyUw1oZVQwapIUnUJUIFNUaO5rTw1VQY0tDivNh4A1ivbocCY+pUDikPz5wBeiYUg== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DM5PR11MB2026.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(366004)(346002)(39860400002)(136003)(396003)(376002)(86362001)(71200400001)(2906002)(52536014)(53546011)(6506007)(66446008)(26005)(76116006)(66476007)(66556008)(6636002)(186003)(66946007)(64756008)(7696005)(110136005)(966005)(55016002)(83380400001)(4326008)(8676002)(9686003)(478600001)(8936002)(15650500001)(316002)(5660300002)(107886003)(33656002);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: SFUoYFHJ52cr1E3m8SYZDl7IjwgvT40nUUMQG1Wbh0qTA0457azKW45VBDXHbfe/OkRIgqN6jdZ13Zkc2Tlc/smDzTUUUzJCCJFqgUP9MBbl1BiO/uQvpziOF1R3qDaGmq0bx6o/Mo6vvX6wPwPFCwWcn06d11aTfdtaKfDJk72c2ELF4xKbrByC1g27NDT88TYCRn2pwFTKSkNFPHVFJ6cRPJueoQDJFJtvkRFHeNF5Xb+kJ3QumrZkzYhFSMqZ3/trAwXiOclIV8ZruqygFS4hMJverjrH9R1xOh7pCbXPsMsDGdVn5IDtMtjKbb19BlUxu+OVf4msJqu5QpYdqbmma6lspLe98k0NPJOASLIPa0Y8or64DaqoykbRlOnJJzl1nfwUmfffos6AwrMKXPPQ/9RIM30cITEwtOOn+YyHUvtiHB1v9tbVimzpVnd0W6S0YzQuD6cjTb9jJQS65rgsod5l180bYASu7eKBRBgJAFXuc2XBZ3ZO1K5MeNsM MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: DM5PR11MB2026.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d6212f85-d887-436d-f52a-08d82d877562 X-MS-Exchange-CrossTenant-originalarrivaltime: 21 Jul 2020 15:05:08.0941 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: yYbLFcA5ioiXFc4Asb0sIhzVU7Toi34ljoBo8swfoigMIBTp4CfD9aaOz/rU5GTVWs5uVNjnnkCYkce9m5cNng== X-MS-Exchange-Transport-CrossTenantHeadersStamped: DM6PR11MB2554 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Right. That can be implemented as separated patch. > -----Original Message----- > From: Wang, Jian J > Sent: Tuesday, July 21, 2020 5:16 PM > To: devel@edk2.groups.io; Wang, Jian J ; Zhang, Q= i1 > > Cc: Yao, Jiewen > Subject: RE: [edk2-devel] [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLi= b: > Add PEI instance. >=20 > Sorry, missing word in previous email. It should be >=20 > "following requirement is not embodied in" >=20 > Regards, > Jian >=20 > > -----Original Message----- > > From: devel@edk2.groups.io On Behalf Of Wang, > Jian > > J > > Sent: Tuesday, July 21, 2020 5:00 PM > > To: Zhang, Qi1 ; devel@edk2.groups.io > > Cc: Yao, Jiewen > > Subject: Re: [edk2-devel] [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurement= Lib: > > Add PEI instance. > > > > Qi, > > > > Two format issues inlined below. > > > > In addition, according to bz2841, following requirement is embodied in > > this patch. Maybe there's discussion before deciding not to implement > > it. If so, please update bz2841 to state it explicitly. > > > > 3) Add more API in TpmMeasurementLib, such as MeasureFirmwareBlob, > > MeasureHandoffTable for TPM PFP rev 105 support - add description for > > the FirmwareBlob and HandoffTable. > > > > Regards, > > Jian > > > > > -----Original Message----- > > > From: Zhang, Qi1 > > > Sent: Friday, July 17, 2020 4:50 PM > > > To: devel@edk2.groups.io > > > Cc: Yao, Jiewen ; Wang, Jian J > > ; > > > Zhang, Qi1 > > > Subject: [PATCH v4 5/6] SecurityPkg/PeiTpmMeasurementLib: Add PEI > instance. > > > > > > From: Jiewen Yao > > > > > > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2841 > > > > > > Cc: Jiewen Yao > > > Cc: Jian J Wang > > > Cc: Qi Zhang > > > Signed-off-by: Jiewen Yao > > > --- > > > .../PeiTpmMeasurementLib.c | 74 ++++++++++++++++= +++ > > > .../PeiTpmMeasurementLib.inf | 50 +++++++++++++ > > > .../PeiTpmMeasurementLib.uni | 17 +++++ > > > 3 files changed, 141 insertions(+) > > > create mode 100644 > > > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > > > create mode 100644 > > > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > > > create mode 100644 > > > SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > > > > > > diff --git > > > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > > > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > > > new file mode 100644 > > > index 0000000000..1a590e0c9e > > > --- /dev/null > > > +++ > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c > > > @@ -0,0 +1,74 @@ > > > +/** @file > > > > > > + This library is used by other modules to measure data to TPM. > > > > > > + > > > > > > +Copyright (c) 2020, Intel Corporation. All rights reserved.
> > > > > > +SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > + > > > > > > +**/ > > > > > > + > > > > > > +#include > > > > > > + > > > > > > +#include > > > > > > +#include > > > > > > +#include > > > > > > +#include > > > > > > +#include > > > > > > +#include > > > > > > + > > > > > > +#include > > > > > > +#include > > > > > > + > > > > > > +/** > > > > > > + Tpm measure and log data, and extend the measurement result into = a > > specific > > > PCR. > > > > > > + > > > > > > + @param[in] PcrIndex PCR Index. > > > > > > + @param[in] EventType Event type. > > > > > > + @param[in] EventLog Measurement event log. > > > > > > + @param[in] LogLen Event log length in bytes. > > > > > > + @param[in] HashData The start of the data buffer to be h= ashed, > > > extended. > > > > > > + @param[in] HashDataLen The length, in bytes, of the buffer = referenced > > by > > > HashData > > > > > > + > > > > > > + @retval EFI_SUCCESS Operation completed successfull= y. > > > > The description of above retval is not aligned with below line. > > > > > > > > + @retval EFI_UNSUPPORTED TPM device not available. > > > > > > + @retval EFI_OUT_OF_RESOURCES Out of memory. > > > > > > + @retval EFI_DEVICE_ERROR The operation was unsuccessful. > > > > > > +**/ > > > > > > +EFI_STATUS > > > > > > +EFIAPI > > > > > > +TpmMeasureAndLogData ( > > > > > > + IN UINT32 PcrIndex, > > > > > > + IN UINT32 EventType, > > > > > > + IN VOID *EventLog, > > > > > > + IN UINT32 LogLen, > > > > > > + IN VOID *HashData, > > > > > > + IN UINT64 HashDataLen > > > > > > + ) > > > > > > +{ > > > > > > + EFI_STATUS Status; > > > > > > + EDKII_TCG_PPI *TcgPpi; > > > > > > + TCG_PCR_EVENT_HDR TcgEventHdr; > > > > > > + > > > > > > + Status =3D PeiServicesLocatePpi( > > > > Missing a space before '(' > > > > > > > > + &gEdkiiTcgPpiGuid, > > > > > > + 0, > > > > > > + NULL, > > > > > > + (VOID**)&TcgPpi > > > > > > + ); > > > > > > + if (EFI_ERROR(Status)) { > > > > > > + return Status; > > > > > > + } > > > > > > + > > > > > > + TcgEventHdr.PCRIndex =3D PcrIndex; > > > > > > + TcgEventHdr.EventType =3D EventType; > > > > > > + TcgEventHdr.EventSize =3D LogLen; > > > > > > + > > > > > > + Status =3D TcgPpi->HashLogExtendEvent ( > > > > > > + TcgPpi, > > > > > > + 0, > > > > > > + HashData, > > > > > > + (UINTN)HashDataLen, > > > > > > + &TcgEventHdr, > > > > > > + EventLog > > > > > > + ); > > > > > > + return Status; > > > > > > +} > > > > > > diff --git > > > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > > > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > > > new file mode 100644 > > > index 0000000000..6625d0fd01 > > > --- /dev/null > > > +++ > > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf > > > @@ -0,0 +1,50 @@ > > > +## @file > > > > > > +# Provides TPM measurement functions for TPM1.2 and TPM 2.0 > > > > > > +# > > > > > > +# This library provides TpmMeasureAndLogData() to measure and log = data, > > > and > > > > > > +# extend the measurement result into a specific PCR. > > > > > > +# > > > > > > +# Copyright (c) 2020, Intel Corporation. All rights reserved.
> > > > > > +# SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > +# > > > > > > +## > > > > > > + > > > > > > +[Defines] > > > > > > + INF_VERSION =3D 0x00010005 > > > > > > + BASE_NAME =3D PeiTpmMeasurementLib > > > > > > + FILE_GUID =3D 9A62C49D-C45A-4322-9F3C-45958D= F0056B > > > > > > + MODULE_TYPE =3D PEIM > > > > > > + VERSION_STRING =3D 1.0 > > > > > > + LIBRARY_CLASS =3D TpmMeasurementLib|PEIM > > > > > > + MODULE_UNI_FILE =3D PeiTpmMeasurementLib.uni > > > > > > + > > > > > > +# > > > > > > +# The following information is for reference only and not required = by the > > build > > > tools. > > > > > > +# > > > > > > +# VALID_ARCHITECTURES =3D IA32 X64 > > > > > > +# > > > > > > + > > > > > > +[Sources] > > > > > > + PeiTpmMeasurementLib.c > > > > > > + > > > > > > +[Packages] > > > > > > + MdePkg/MdePkg.dec > > > > > > + MdeModulePkg/MdeModulePkg.dec > > > > > > + SecurityPkg/SecurityPkg.dec > > > > > > + > > > > > > +[LibraryClasses] > > > > > > + BaseLib > > > > > > + BaseMemoryLib > > > > > > + HobLib > > > > > > + DebugLib > > > > > > + PcdLib > > > > > > + PrintLib > > > > > > + PeiServicesLib > > > > > > + PeiServicesTablePointerLib > > > > > > + > > > > > > +[Ppis] > > > > > > + gEdkiiTcgPpiGuid = ## CONSUMES > > > > > > + > > > > > > +[Depex] > > > > > > + gEfiPeiMasterBootModePpiGuid AND > > > > > > + gEfiTpmDeviceSelectedGuid > > > > > > diff --git > > > a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > > > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > > > new file mode 100644 > > > index 0000000000..7b4341b449 > > > --- /dev/null > > > +++ > > b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.uni > > > @@ -0,0 +1,17 @@ > > > +// /** @file > > > > > > +// Provides TPM measurement functions for TPM1.2 and TPM 2.0 > > > > > > +// > > > > > > +// This library provides TpmMeasureAndLogData() to to measure and l= og > data, > > > and > > > > > > +// extend the measurement result into a specific PCR. > > > > > > +// > > > > > > +// Copyright (c) 2020, Intel Corporation. All rights reserved.
> > > > > > +// > > > > > > +// SPDX-License-Identifier: BSD-2-Clause-Patent > > > > > > +// > > > > > > +// **/ > > > > > > + > > > > > > + > > > > > > +#string STR_MODULE_ABSTRACT #language en-US "Provides T= PM > > > measurement functions for TPM1.2 and TPM 2.0" > > > > > > + > > > > > > +#string STR_MODULE_DESCRIPTION #language en-US "This libra= ry > > > provides TpmMeasureAndLogData() to to measure and log data, and exte= nd > > the > > > measurement result into a specific PCR." > > > > > > + > > > > > > -- > > > 2.26.2.windows.1 > > > > > >=20