* [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] @ 2023-01-17 23:53 Min Xu 2023-01-18 0:15 ` Yao, Jiewen [not found] ` <173B3EFE3FEA3093.24231@groups.io> 0 siblings, 2 replies; 3+ messages in thread From: Min Xu @ 2023-01-17 23:53 UTC (permalink / raw) To: devel; +Cc: Min M Xu, Jiewen Yao, Jian J Wang From: Min M Xu <min.m.xu@intel.com> According to TCG PC Client PFP spec 0021 Section 2.4.4.2 EFI boot variable should be measured and extended to PCR[1], not PCR[5]. This patch is proposed to fix this error. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com> --- SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c index d19923b0c682..59341a8c0250 100644 --- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c +++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c @@ -1873,12 +1873,8 @@ ReadAndMeasureBootVariable ( OUT VOID **VarData ) { - // - // Boot variables are measured into (PCR[5]) RTMR[1], - // details in section 8.1 of TDVF design guide. - // return ReadAndMeasureVariable ( - MapPcrToMrIndex (5), + MapPcrToMrIndex (1), EV_EFI_VARIABLE_BOOT, VarName, VendorGuid, -- 2.29.2.windows.2 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] 2023-01-17 23:53 [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] Min Xu @ 2023-01-18 0:15 ` Yao, Jiewen [not found] ` <173B3EFE3FEA3093.24231@groups.io> 1 sibling, 0 replies; 3+ messages in thread From: Yao, Jiewen @ 2023-01-18 0:15 UTC (permalink / raw) To: Xu, Min M, devel@edk2.groups.io; +Cc: Wang, Jian J Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> > -----Original Message----- > From: Xu, Min M <min.m.xu@intel.com> > Sent: Wednesday, January 18, 2023 7:53 AM > To: devel@edk2.groups.io > Cc: Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; > Wang, Jian J <jian.j.wang@intel.com> > Subject: [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to > PCR[1] > > From: Min M Xu <min.m.xu@intel.com> > > According to TCG PC Client PFP spec 0021 Section 2.4.4.2 EFI boot variable > should be measured and extended to PCR[1], not PCR[5]. This patch is > proposed to fix this error. > > Cc: Jiewen Yao <jiewen.yao@intel.com> > Cc: Jian J Wang <jian.j.wang@intel.com> > Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> > Signed-off-by: Min Xu <min.m.xu@intel.com> > --- > SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c | 6 +----- > 1 file changed, 1 insertion(+), 5 deletions(-) > > diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > index d19923b0c682..59341a8c0250 100644 > --- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > +++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > @@ -1873,12 +1873,8 @@ ReadAndMeasureBootVariable ( > OUT VOID **VarData > ) > { > - // > - // Boot variables are measured into (PCR[5]) RTMR[1], > - // details in section 8.1 of TDVF design guide. > - // > return ReadAndMeasureVariable ( > - MapPcrToMrIndex (5), > + MapPcrToMrIndex (1), > EV_EFI_VARIABLE_BOOT, > VarName, > VendorGuid, > -- > 2.29.2.windows.2 ^ permalink raw reply [flat|nested] 3+ messages in thread
[parent not found: <173B3EFE3FEA3093.24231@groups.io>]
* Re: [edk2-devel] [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] [not found] ` <173B3EFE3FEA3093.24231@groups.io> @ 2023-01-18 4:33 ` Yao, Jiewen 0 siblings, 0 replies; 3+ messages in thread From: Yao, Jiewen @ 2023-01-18 4:33 UTC (permalink / raw) To: devel@edk2.groups.io, Yao, Jiewen, Xu, Min M; +Cc: Wang, Jian J Merged https://github.com/tianocore/edk2/pull/3920 > -----Original Message----- > From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Yao, > Jiewen > Sent: Wednesday, January 18, 2023 8:15 AM > To: Xu, Min M <min.m.xu@intel.com>; devel@edk2.groups.io > Cc: Wang, Jian J <jian.j.wang@intel.com> > Subject: Re: [edk2-devel] [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI > boot variable to PCR[1] > > Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> > > > -----Original Message----- > > From: Xu, Min M <min.m.xu@intel.com> > > Sent: Wednesday, January 18, 2023 7:53 AM > > To: devel@edk2.groups.io > > Cc: Xu, Min M <min.m.xu@intel.com>; Yao, Jiewen > <jiewen.yao@intel.com>; > > Wang, Jian J <jian.j.wang@intel.com> > > Subject: [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to > > PCR[1] > > > > From: Min M Xu <min.m.xu@intel.com> > > > > According to TCG PC Client PFP spec 0021 Section 2.4.4.2 EFI boot variable > > should be measured and extended to PCR[1], not PCR[5]. This patch is > > proposed to fix this error. > > > > Cc: Jiewen Yao <jiewen.yao@intel.com> > > Cc: Jian J Wang <jian.j.wang@intel.com> > > Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> > > Signed-off-by: Min Xu <min.m.xu@intel.com> > > --- > > SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c | 6 +----- > > 1 file changed, 1 insertion(+), 5 deletions(-) > > > > diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > > b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > > index d19923b0c682..59341a8c0250 100644 > > --- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > > +++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c > > @@ -1873,12 +1873,8 @@ ReadAndMeasureBootVariable ( > > OUT VOID **VarData > > ) > > { > > - // > > - // Boot variables are measured into (PCR[5]) RTMR[1], > > - // details in section 8.1 of TDVF design guide. > > - // > > return ReadAndMeasureVariable ( > > - MapPcrToMrIndex (5), > > + MapPcrToMrIndex (1), > > EV_EFI_VARIABLE_BOOT, > > VarName, > > VendorGuid, > > -- > > 2.29.2.windows.2 > > > > > ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2023-01-18 4:33 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2023-01-17 23:53 [PATCH V2 1/1] SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1] Min Xu 2023-01-18 0:15 ` Yao, Jiewen [not found] ` <173B3EFE3FEA3093.24231@groups.io> 2023-01-18 4:33 ` [edk2-devel] " Yao, Jiewen
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox