From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web12.17183.1628472255692770223 for ; Sun, 08 Aug 2021 18:24:16 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=bmwXcf44; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: jiewen.yao@intel.com) X-IronPort-AV: E=McAfee;i="6200,9189,10070"; a="201783555" X-IronPort-AV: E=Sophos;i="5.84,305,1620716400"; d="scan'208";a="201783555" Received: from orsmga001.jf.intel.com ([10.7.209.18]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 08 Aug 2021 18:24:14 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.84,305,1620716400"; d="scan'208";a="502584766" Received: from fmsmsx603.amr.corp.intel.com ([10.18.126.83]) by orsmga001.jf.intel.com with ESMTP; 08 Aug 2021 18:24:14 -0700 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx603.amr.corp.intel.com (10.18.126.83) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Sun, 8 Aug 2021 18:24:14 -0700 Received: from fmsmsx609.amr.corp.intel.com (10.18.126.89) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10; Sun, 8 Aug 2021 18:24:13 -0700 Received: from fmsedg601.ED.cps.intel.com (10.1.192.135) by fmsmsx609.amr.corp.intel.com (10.18.126.89) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2242.10 via Frontend Transport; Sun, 8 Aug 2021 18:24:13 -0700 Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.172) by edgegateway.intel.com (192.55.55.70) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2242.10; Sun, 8 Aug 2021 18:24:13 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=QCJMyN2di0iqjaCGVE3/D9T6krv7ArPlvctEjXwamOYmoIjhOWCdDGsBU5HZElNp0cjAQQl9UXztzGY8GuVSFiVulB4LUqaM7QHn/R8dXbC5DxvwUaw7mmHwO6Vv7yY1cjHZPiCL5xZzavYLwIdu5myzptw0A/TRQGWPNG6IWOHk4aDrMmnKpD6LkpIj3CxpjlCUYzn9bFOrHja0AagsUM9EAVBfvN6scOCN3NmVLi35yRFqtt4BU1wyfaqL4lskKNa72ISRDVc8AeBnLkP3QH/EjQzVL8Za6x6CNpnY8V9J1ebunh8TN8pg3iJ5Wez4Qt6oLoiUwq4y76/r6BXSSA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H7nCxgX1lQuLqAvEhrJHFt3AynbXC79SZ3AvsexJu3k=; b=m6zjLlL9tJnJpevGs5fZQuIvCV5Cvtl9C2gTIp114WSNzH3YRrYySo/7LcOlBc0wWi2uIuqNAp9Rtqepfx50eaP015roYkHFPXcaD+vqCGxfM+6SW9xqiDK8WHSigHvMLHdLGrfeM3yFT65CdO4Xh68a5yVXkkCtMLWHLJFvtsv6ZnXUbmwlV9j/qOPjVUA0rOjnDASWtF+NjtHjqQKvKWDEoOybod8aLujb7MKqFAKQ6aAiltEyLFOmf0DtEBApydl3HuFyTMMdVj3rOOtOTrKt5nUKaUSM+KhFWQXJo0XC68CnPLt9vonTuUhPT4D8PG9eIPdq5ska/9KHi+XOTA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=H7nCxgX1lQuLqAvEhrJHFt3AynbXC79SZ3AvsexJu3k=; b=bmwXcf44xvGjL0t2jvImMLxMwq5qgHM3a8ED3CBh2SRxcYmRSho4tkXc/bCUFicC9U4mvcBf5AvMkp1xANXdLaqA9iY7U4X6ELRT1Z1zKhtAoPypsk3gxsT0YhvCOR/gEoeLXTYaaJdrSwkMX8bK3mqsFoLNdzUx7JE8v1TwtPg= Received: from PH0PR11MB4885.namprd11.prod.outlook.com (2603:10b6:510:35::14) by PH0PR11MB4983.namprd11.prod.outlook.com (2603:10b6:510:40::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4394.17; Mon, 9 Aug 2021 01:24:12 +0000 Received: from PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79]) by PH0PR11MB4885.namprd11.prod.outlook.com ([fe80::e97b:e466:268f:fb79%5]) with mapi id 15.20.4394.022; Mon, 9 Aug 2021 01:24:12 +0000 From: "Yao, Jiewen" To: "Gonzalez Del Cueto, Rodrigo" , "devel@edk2.groups.io" CC: "Wang, Jian J" Subject: Re: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations. Thread-Topic: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations. Thread-Index: AQHXhMsudb/m0IOlWkSQDnE0yCKvu6tqbsNQ Date: Mon, 9 Aug 2021 01:24:11 +0000 Message-ID: References: <20210729224314.259-1-rodrigo.gonzalez.del.cueto@intel.com> In-Reply-To: <20210729224314.259-1-rodrigo.gonzalez.del.cueto@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-version: 11.5.1.3 dlp-product: dlpe-windows dlp-reaction: no-action authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 4eedb10e-dac9-409e-a62e-08d95ad464db x-ms-traffictypediagnostic: PH0PR11MB4983: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:221; x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: BjdaA3zvKThMubnGWAfjXFY9MLnqSWP/qcNYgJMgg+F6P2tZvp5aB9CpWK093zdY5Gc6ScMGBk9QVDB+LGpgS5KLSTk1tdP+U5d5t2xrZxcO5OiZAbozwM8ZaVGvULgfrNsvOzVq7v0Yj1uiTewhtg4c/MH2N8t87tGbii9htWQDUF+Rk2uHzfiQ1RKN9XId6PDp7PcRSRmiIhktGmeumADiRaiYIGov2Xrl9N5Ig8KJ78C/4ib4/ToEIkAed4v2iqO79n8UxY2Za/z/iK0rXKjR+XmA90jwkJSAu4iHPhXQPugKxW21NnOE6PksE0+ODMuFjWQp7QJp7zLmyq6I6F8CIii9bJWzYmi1kvK62Ujy6xxv9SKYFOd9U4xOSwqf8EueqNggsO9xcVyvClsuMlA767dWwqM6FUZgfV6WHIv9guYfJNReZvM06xnIovk2+0c3oibEqylkKFZCtBcD90bxPqPoLmwDPdidHy2wEHVUJOZhW160+zn9nuD0zvkb4Op5zYgEBIf85XeWUDmF2RAIqhPbLUf/8l13lPaHixkMAfr0jvbmuUuywpak3472G2GZl0qwdmOw26aeV1hLCzw0cIAJj+bdOQmuHzcIvNrIdh0UrwUsuu9U8aelR0qXKi2ZDkfPoxJdvl4AAoYqKS2bz+qkohlw4fF6FFuOVtY5AvXOlL5a1NHW1sfhrDHe782YrP5VVNrtrflor6bLSIg1kmP2c4KBYLgUQssWTYuaEuU2wioeQE3sIJuwGI7Rilk86rqIMUdRlnOWHRCR6PHsOxaY/FdgG4Gye/6+R2A= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH0PR11MB4885.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(39860400002)(346002)(376002)(366004)(136003)(396003)(45080400002)(30864003)(52536014)(66476007)(7696005)(38070700005)(33656002)(9686003)(53546011)(38100700002)(8936002)(66556008)(110136005)(66946007)(26005)(316002)(2906002)(6506007)(966005)(76116006)(478600001)(122000001)(83380400001)(4326008)(71200400001)(186003)(19627235002)(86362001)(107886003)(64756008)(8676002)(66446008)(15650500001)(55016002)(5660300002)(579004)(559001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?hpTuNYVfLv9zHVVwmEfg4B8I9NjivcucsR8H89ZTlwArE3Ddj4JAcqxGQ1X1?= =?us-ascii?Q?u3k0MN91d/ze970YQrddEpyjNGhnx/Ut9Ybot6JniR4fWoYeewDH69uUofD1?= =?us-ascii?Q?tffDY2eq/u52V9WPNYFnFE4SwkRdsia/w2XJVqd2Qp3yCyBszixyRDylEjmk?= =?us-ascii?Q?tWO6pLBHUVaEpbcNDUcolV7cHeHLa1TyoXvqAIB9fbGtbFGTRbFZGNUSM0KT?= =?us-ascii?Q?Ve2WWkhER1oXMeT+ZZqm4C2e0En9wx8t8LM4vU2DR4wenR9FlQhHkrgIVeXl?= =?us-ascii?Q?MhcfVHS6tSsZ9dF9qfdfFpg8vx2Ok5LB3CcPZtizPHFZhhZbARrieSjCk2if?= =?us-ascii?Q?ivj/whx5DheXcDON/v5upYyL17ZGy04hlzCJSFARAR6cEAwQQGRolwa20orK?= =?us-ascii?Q?XnyYUZJVjCSn2EHLdsRoaBVr/2aENaOUJAE7z4TBhwJ7nJfVtWGDIbCQwc2n?= =?us-ascii?Q?KBo7clCDln8LjirOANsAH7+yk9Dq3qxItF35ueYnQWXn1K8xUPQ8YUxvbKCE?= =?us-ascii?Q?GAzKs5Ub1gaMQ/LB2ZbPuNzwnlDFskpUwa8PW19l9KOoJhqeLITrygfGe7Y/?= =?us-ascii?Q?d7kXl4/Ki33B78M2oOawagcfPXt1b6l7LGWUExieLzzBlYflUeXLpeelKeXz?= =?us-ascii?Q?1+pxK8XR8WJBa0UI7G66SRKZq0tm/s+xit3L09FletwQLmJEbgwhvtf4g1op?= =?us-ascii?Q?nmSh6nQR36Wa2myF9lFd8W8fTPUMPKOQ5gdaGIwVXB/YNbtMHUPTvvH94ddc?= =?us-ascii?Q?6cuqD3aKGOLYlVDwYoEIaPb2Chw0Bpxco2SgCilks7lMnLsbohKqGPfWF+qc?= =?us-ascii?Q?7uqEq/pT/UbpNDiy00UCyhsK71Kht3p9NGv73066fHDCSrOfy3U75qrYzTAt?= =?us-ascii?Q?7jRCL/Cm5Dg0ZlVnM2kyKG0G3QKVvaQUHr8lSB2TdzcNaNvugQuDoqvXCDch?= =?us-ascii?Q?H9a0BjlBQuEgXlas67KGS4t1+vjKqgUFUninARqN8MJlwiUql7afuGs3VaOi?= =?us-ascii?Q?Q+ivm4Knm1xg1NzSNLaRzF2DC4G1S7QQFpi+6lKWihd53MAA3aP3UyKY76PX?= =?us-ascii?Q?RJK/VizS5dQ3cSCIC8OvxBsaqzfSXNHQG41ZT7pEd2rqkIBFQetAv6wUa+lW?= =?us-ascii?Q?bvc/UBPTNiKrmRdtHgJ5TdPpNdsDkL73NZVILSe88F+0eg+ZCz3iDOjhMUrz?= =?us-ascii?Q?3UzpAf8Dwe1A11tSmIUBF0aYSjVOl4SaWkQGPaboUAzSLVndk0yFHUHEBp0V?= =?us-ascii?Q?WC9X7oTTITay0jLwoZZC85jezOAvZKI+OsHptXKn0QO+QXe9PKy+tXqQy80a?= =?us-ascii?Q?XQvXORCMl176xZOUgBV8WePv?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB4885.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4eedb10e-dac9-409e-a62e-08d95ad464db X-MS-Exchange-CrossTenant-originalarrivaltime: 09 Aug 2021 01:24:11.9686 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: TfoycVpfE57mj2rmfmj7IOuf70R/zeTdfl3Gjn6Q0QPl/9rUZlMzlzN/hL7cBwpd0HMpwdwHt85g+ajy9sSRUQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: PH0PR11MB4983 Return-Path: jiewen.yao@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Some feedback: 1) I think it is OK to add Tpm2PcrReadForActiveBank() API. But I feel we will add too many noise to dump Tpm2PcrReadForActiveBank() in= the code everytime. I am not sure why it is needed. What is the problem statement? 2) Below definition does not follow EDKII coding style. Please use 2 "space= " as indent. EFI_STATUS EFIAPI Tpm2PcrReadForActiveBank ( IN TPMI_DH_PCR PcrHandle, OUT TPML_DIGEST *HashList ) > -----Original Message----- > From: Gonzalez Del Cueto, Rodrigo > Sent: Friday, July 30, 2021 6:43 AM > To: devel@edk2.groups.io > Cc: Gonzalez Del Cueto, Rodrigo ; Y= ao, > Jiewen ; Wang, Jian J > Subject: [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operati= ons. >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2858 >=20 > Add debug functionality to examine TPM extend operations > performed by BIOS and inspect the PCR 00 value prior to > any BIOS measurements. >=20 > Replaced usage of EFI_D_* for DEBUG_* definitions in debug > messages. >=20 > Signed-off-by: Rodrigo Gonzalez del Cueto > > Cc: Jiewen Yao > Cc: Jian J Wang > --- > SecurityPkg/Include/Library/Tpm2CommandLib.h | 28 > ++++++++++++++++++++++------ > SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c | 226 > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ > ++++++++----------------------- > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 34 +++++++++++++++= +++++------ > -------- > 3 files changed, 245 insertions(+), 43 deletions(-) >=20 > diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h > b/SecurityPkg/Include/Library/Tpm2CommandLib.h > index ee8eb62295..5e5c340893 100644 > --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h > +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h > @@ -1,7 +1,7 @@ > /** @file > This library is used by other modules to send TPM2 command. >=20 > -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ > @@ -505,7 +505,7 @@ EFIAPI > Tpm2PcrEvent ( > IN TPMI_DH_PCR PcrHandle, > IN TPM2B_EVENT *EventData, > - OUT TPML_DIGEST_VALUES *Digests > + OUT TPML_DIGEST_VALUES *Digests > ); >=20 > /** > @@ -522,10 +522,10 @@ Tpm2PcrEvent ( > EFI_STATUS > EFIAPI > Tpm2PcrRead ( > - IN TPML_PCR_SELECTION *PcrSelectionIn, > - OUT UINT32 *PcrUpdateCounter, > - OUT TPML_PCR_SELECTION *PcrSelectionOut, > - OUT TPML_DIGEST *PcrValues > + IN TPML_PCR_SELECTION *PcrSelectionIn, > + OUT UINT32 *PcrUpdateCounter, > + OUT TPML_PCR_SELECTION *PcrSelectionOut, > + OUT TPML_DIGEST *PcrValues > ); >=20 > /** > @@ -1113,4 +1113,20 @@ GetDigestFromDigestList( > OUT VOID *Digest > ); >=20 > + /** > + This function will query the TPM to determine which hashing algorithm= s and > + get the digests of all active and supported PCR banks of a specific P= CR > register. > + > + @param[in] PcrHandle The index of the PCR register to be read= . > + @param[out] HashList List of digests from PCR register being = read. > + > + @retval EFI_SUCCESS The Pcr was read successfully. > + @retval EFI_DEVICE_ERROR The command was unsuccessful. > +**/ > +EFI_STATUS > +EFIAPI > +Tpm2PcrReadForActiveBank ( > + IN TPMI_DH_PCR PcrHandle, > + OUT TPML_DIGEST *HashList > + ); > #endif > diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > index ddb15178fb..3b49192b93 100644 > --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c > @@ -1,7 +1,7 @@ > /** @file > Implement TPM2 Integrity related command. >=20 > -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
> +Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > **/ > @@ -109,7 +109,6 @@ Tpm2PcrExtend ( > Cmd.Header.commandCode =3D SwapBytes32(TPM_CC_PCR_Extend); > Cmd.PcrHandle =3D SwapBytes32(PcrHandle); >=20 > - > // > // Add in Auth session > // > @@ -130,14 +129,26 @@ Tpm2PcrExtend ( > Buffer +=3D sizeof(UINT16); > DigestSize =3D GetHashSizeFromAlgo (Digests->digests[Index].hashAlg)= ; > if (DigestSize =3D=3D 0) { > - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > return EFI_DEVICE_ERROR; > } > + > CopyMem( > Buffer, > &Digests->digests[Index].digest, > DigestSize > ); > + > + DEBUG_CODE_BEGIN (); > + UINTN Index2; > + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend - Hash =3D 0x%04x, Pcr[%02d], > digest =3D ", Digests->digests[Index].hashAlg, (UINT8) PcrHandle)); > + > + for (Index2 =3D 0; Index2 < DigestSize; Index2++) { > + DEBUG ((DEBUG_VERBOSE, "%02x ", Buffer[Index2])); > + } > + DEBUG ((DEBUG_VERBOSE, "\n")); > + DEBUG_CODE_END (); > + > Buffer +=3D DigestSize; > } >=20 > @@ -151,7 +162,7 @@ Tpm2PcrExtend ( > } >=20 > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer > Too Small\r\n")); > return EFI_BUFFER_TOO_SMALL; > } >=20 > @@ -160,7 +171,7 @@ Tpm2PcrExtend ( > // > RespSize =3D SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n= ", > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n= ", > RespSize)); > return EFI_BUFFER_TOO_SMALL; > } >=20 > @@ -168,10 +179,15 @@ Tpm2PcrExtend ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) !=3D TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n= ", > SwapBytes32(Res.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > return EFI_DEVICE_ERROR; > } >=20 > + DEBUG_CODE_BEGIN (); > + DEBUG ((DEBUG_VERBOSE, "Tpm2PcrExtend: PCR read after extend...\n")); > + Tpm2PcrReadForActiveBank (PcrHandle, NULL); > + DEBUG_CODE_END (); > + > // > // Unmarshal the response > // > @@ -246,7 +262,7 @@ Tpm2PcrEvent ( > } >=20 > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer > Too Small\r\n")); > return EFI_BUFFER_TOO_SMALL; > } >=20 > @@ -255,7 +271,7 @@ Tpm2PcrEvent ( > // > RespSize =3D SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n"= , > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n"= , > RespSize)); > return EFI_BUFFER_TOO_SMALL; > } >=20 > @@ -263,7 +279,7 @@ Tpm2PcrEvent ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) !=3D TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n"= , > SwapBytes32(Res.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > return EFI_DEVICE_ERROR; > } >=20 > @@ -284,7 +300,7 @@ Tpm2PcrEvent ( > Buffer +=3D sizeof(UINT16); > DigestSize =3D GetHashSizeFromAlgo (Digests->digests[Index].hashAlg)= ; > if (DigestSize =3D=3D 0) { > - DEBUG ((EFI_D_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > + DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests- > >digests[Index].hashAlg)); > return EFI_DEVICE_ERROR; > } > CopyMem( > @@ -298,6 +314,7 @@ Tpm2PcrEvent ( > return EFI_SUCCESS; > } >=20 > + > /** > This command returns the values of all PCR specified in pcrSelect. >=20 > @@ -353,11 +370,11 @@ Tpm2PcrRead ( > } >=20 > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > if (SwapBytes32(RecvBuffer.Header.responseCode) !=3D TPM_RC_SUCCESS) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - responseCode - %x\n", > SwapBytes32(RecvBuffer.Header.responseCode))); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", > SwapBytes32(RecvBuffer.Header.responseCode))); > return EFI_NOT_FOUND; > } >=20 > @@ -369,7 +386,7 @@ Tpm2PcrRead ( > // PcrUpdateCounter > // > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > *PcrUpdateCounter =3D SwapBytes32(RecvBuffer.PcrUpdateCounter); > @@ -378,7 +395,7 @@ Tpm2PcrRead ( > // PcrSelectionOut > // > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter) + > sizeof(RecvBuffer.PcrSelectionOut.count)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > PcrSelectionOut->count =3D SwapBytes32(RecvBuffer.PcrSelectionOut.coun= t); > @@ -388,7 +405,7 @@ Tpm2PcrRead ( > } >=20 > if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + > sizeof(RecvBuffer.PcrUpdateCounter) + > sizeof(RecvBuffer.PcrSelectionOut.count) + > sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->co= unt) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", > RecvBufferSize)); > return EFI_DEVICE_ERROR; > } > for (Index =3D 0; Index < PcrSelectionOut->count; Index++) { > @@ -513,7 +530,7 @@ Tpm2PcrAllocate ( > } >=20 > if (ResultBufSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer > Too Small\r\n")); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: > Buffer Too Small\r\n")); > Status =3D EFI_BUFFER_TOO_SMALL; > goto Done; > } > @@ -523,7 +540,7 @@ Tpm2PcrAllocate ( > // > RespSize =3D SwapBytes32(Res.Header.paramSize); > if (RespSize > sizeof(Res)) { > - DEBUG ((EFI_D_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r= \n", > RespSize)); > + DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too > large! %d\r\n", RespSize)); > Status =3D EFI_BUFFER_TOO_SMALL; > goto Done; > } > @@ -532,7 +549,7 @@ Tpm2PcrAllocate ( > // Fail if command failed > // > if (SwapBytes32(Res.Header.responseCode) !=3D TPM_RC_SUCCESS) { > - DEBUG((EFI_D_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n= ", > SwapBytes32(Res.Header.responseCode))); > + DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error! > 0x%08x\r\n", SwapBytes32(Res.Header.responseCode))); > Status =3D EFI_DEVICE_ERROR; > goto Done; > } > @@ -673,17 +690,180 @@ Tpm2PcrAllocateBanks ( > &SizeNeeded, > &SizeAvailable > ); > - DEBUG ((EFI_D_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n"= , > Status)); > + DEBUG ((DEBUG_INFO, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n"= , > Status)); > if (EFI_ERROR (Status)) { > goto Done; > } >=20 > - DEBUG ((EFI_D_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); > - DEBUG ((EFI_D_INFO, "MaxPCR - %08x\n", MaxPCR)); > - DEBUG ((EFI_D_INFO, "SizeNeeded - %08x\n", SizeNeeded)); > - DEBUG ((EFI_D_INFO, "SizeAvailable - %08x\n", SizeAvailable)); > + DEBUG ((DEBUG_INFO, "AllocationSuccess - %02x\n", AllocationSuccess)); > + DEBUG ((DEBUG_INFO, "MaxPCR - %08x\n", MaxPCR)); > + DEBUG ((DEBUG_INFO, "SizeNeeded - %08x\n", SizeNeeded)); > + DEBUG ((DEBUG_INFO, "SizeAvailable - %08x\n", SizeAvailable)); >=20 > Done: > ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac)); > return Status; > } > + > +/** > + This function will query the TPM to determine which hashing algorithm= s and > + get the digests of all active and supported PCR banks of a specific P= CR > register. > + > + @param[in] PcrHandle The index of the PCR register to be read= . > + @param[out] HashList List of digests from PCR register being = read. > + > + @retval EFI_SUCCESS The Pcr was read successfully. > + @retval EFI_DEVICE_ERROR The command was unsuccessful. > +**/ > +EFI_STATUS > +EFIAPI > +Tpm2PcrReadForActiveBank ( > + IN TPMI_DH_PCR PcrHandle, > + OUT TPML_DIGEST *HashList > +) > +{ > + EFI_STATUS Status; > + TPML_PCR_SELECTION Pcrs; > + TPML_PCR_SELECTION PcrSelectionIn; > + TPML_PCR_SELECTION PcrSelectionOut; > + TPML_DIGEST PcrValues; > + UINT32 PcrUpdateCounter; > + UINT8 PcrIndex; > + UINT32 TpmHashAlgorithmBitmap; > + TPMI_ALG_HASH CurrentPcrBankHash; > + UINT32 ActivePcrBanks; > + UINT32 TcgRegistryHashAlg; > + UINTN Index; > + UINTN Index2; > + > + PcrIndex =3D (UINT8) PcrHandle; > + > + if ((PcrIndex < 0) || > + (PcrIndex >=3D IMPLEMENTATION_PCR)) { > + return EFI_INVALID_PARAMETER; > + } > + > + ZeroMem (&PcrSelectionIn, sizeof (PcrSelectionIn)); > + ZeroMem (&PcrUpdateCounter, sizeof (UINT32)); > + ZeroMem (&PcrSelectionOut, sizeof (PcrSelectionOut)); > + ZeroMem (&PcrValues, sizeof (PcrValues)); > + ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION)); > + > + DEBUG ((DEBUG_INFO, "ReadPcr - %02d\n", PcrIndex)); > + > + // > + // Read TPM capabilities > + // > + Status =3D Tpm2GetCapabilityPcrs (&Pcrs); > + > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities\n")); > + return EFI_DEVICE_ERROR; > + } > + > + // > + // Get Active Pcrs > + // > + Status =3D Tpm2GetCapabilitySupportedAndActivePcrs ( > + &TpmHashAlgorithmBitmap, > + &ActivePcrBanks > + ); > + > + if (EFI_ERROR (Status)) { > + DEBUG ((DEBUG_ERROR, "ReadPcr: Unable to read TPM capabilities and > active PCRs\n")); > + return EFI_DEVICE_ERROR; > + } > + > + // > + // Select from Active PCRs > + // > + for (Index =3D 0; Index < Pcrs.count; Index++) { > + CurrentPcrBankHash =3D Pcrs.pcrSelections[Index].hash; > + > + switch (CurrentPcrBankHash) { > + case TPM_ALG_SHA1: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA1 Present\n")); > + TcgRegistryHashAlg =3D HASH_ALG_SHA1; > + break; > + case TPM_ALG_SHA256: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA256 Present\n")); > + TcgRegistryHashAlg =3D HASH_ALG_SHA256; > + break; > + case TPM_ALG_SHA384: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA384 Present\n")); > + TcgRegistryHashAlg =3D HASH_ALG_SHA384; > + break; > + case TPM_ALG_SHA512: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SHA512 Present\n")); > + TcgRegistryHashAlg =3D HASH_ALG_SHA512; > + break; > + case TPM_ALG_SM3_256: > + DEBUG ((DEBUG_VERBOSE, "HASH_ALG_SM3 Present\n")); > + TcgRegistryHashAlg =3D HASH_ALG_SM3_256; > + break; > + default: > + // > + // Unsupported algorithm > + // > + DEBUG ((DEBUG_VERBOSE, "Unknown algorithm present\n")); > + TcgRegistryHashAlg =3D 0; > + break; > + } > + // > + // Skip unsupported and inactive PCR banks > + // > + if ((TcgRegistryHashAlg & ActivePcrBanks) =3D=3D 0) { > + DEBUG ((DEBUG_VERBOSE, "Skipping unsupported or inactive bank: > 0x%04x\n", CurrentPcrBankHash)); > + continue; > + } > + > + // > + // Select PCR from current active bank > + // > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].hash =3D > Pcrs.pcrSelections[Index].hash; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].sizeofSelect =3D > PCR_SELECT_MAX; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[0] =3D = (PcrIndex < > 8) ? 1 << PcrIndex : 0; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[1] =3D = (PcrIndex > > 7) && (PcrIndex < 16) ? 1 << (PcrIndex - 8) : 0; > + PcrSelectionIn.pcrSelections[PcrSelectionIn.count].pcrSelect[2] =3D = (PcrIndex > > 15) ? 1 << (PcrIndex - 16) : 0; > + PcrSelectionIn.count++; > + } > + > + // > + // Read PCRs > + // > + Status =3D Tpm2PcrRead ( > + &PcrSelectionIn, > + &PcrUpdateCounter, > + &PcrSelectionOut, > + &PcrValues > + ); > + > + if (EFI_ERROR (Status)) { > + DEBUG((DEBUG_ERROR, "Tpm2PcrRead failed Status =3D %r \n", Status)); > + return EFI_DEVICE_ERROR; > + } > + > + for (Index =3D 0; Index < PcrValues.count; Index++) { > + DEBUG (( > + DEBUG_INFO, > + "ReadPcr - HashAlg =3D 0x%04x, Pcr[%02d], digest =3D ", > + PcrSelectionOut.pcrSelections[Index].hash, > + PcrIndex > + )); > + > + for(Index2 =3D 0; Index2 < PcrValues.digests[Index].size; Index2++) = { > + DEBUG ((DEBUG_INFO, "%02x ", PcrValues.digests[Index].buffer[Index= 2])); > + } > + DEBUG ((DEBUG_INFO, "\n")); > + } > + > + if (HashList !=3D NULL) { > + CopyMem ( > + HashList, > + &PcrValues, > + sizeof (TPML_DIGEST) > + ); > + } > + > + return EFI_SUCCESS; > +} > diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > index 93a8803ff6..ea79fa0af6 100644 > --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > @@ -1,7 +1,7 @@ > /** @file > Initialize TPM2 device and measure FVs before handing off control to D= XE. >=20 > -Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
> +Copyright (c) 2015 - 2021, Intel Corporation. All rights reserved.
> Copyright (c) 2017, Microsoft Corporation. All rights reserved.
> SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > @@ -191,7 +191,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] =3D= { > } > }; >=20 > - > /** > Record all measured Firmware Volume Information into a Guid Hob > Guid Hob payload layout is > @@ -267,7 +266,7 @@ SyncPcrAllocationsAndPcrMask ( > UINT32 Tpm2PcrMask; > UINT32 NewTpm2PcrMask; >=20 > - DEBUG ((EFI_D_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); > + DEBUG ((DEBUG_ERROR, "SyncPcrAllocationsAndPcrMask!\n")); >=20 > // > // Determine the current TPM support and the Platform PCR mask. > @@ -278,7 +277,7 @@ SyncPcrAllocationsAndPcrMask ( > Tpm2PcrMask =3D PcdGet32 (PcdTpm2HashMask); > if (Tpm2PcrMask =3D=3D 0) { > // > - // if PcdTPm2HashMask is zero, use ActivePcr setting > + // if PcdTpm2HashMask is zero, use ActivePcr setting > // > PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); > Tpm2PcrMask =3D TpmActivePcrBanks; > @@ -297,9 +296,9 @@ SyncPcrAllocationsAndPcrMask ( > if ((TpmActivePcrBanks & Tpm2PcrMask) !=3D TpmActivePcrBanks) { > NewTpmActivePcrBanks =3D TpmActivePcrBanks & Tpm2PcrMask; >=20 > - DEBUG ((EFI_D_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\= n", > __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); > + DEBUG ((DEBUG_INFO, "%a - Reallocating PCR banks from 0x%X to 0x%X.\= n", > __FUNCTION__, TpmActivePcrBanks, NewTpmActivePcrBanks)); > if (NewTpmActivePcrBanks =3D=3D 0) { > - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs active! Please set a les= s > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs active! Please set a les= s > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > ASSERT (FALSE); > } else { > Status =3D Tpm2PcrAllocateBanks (NULL, (UINT32)TpmHashAlgorithmBit= map, > NewTpmActivePcrBanks); > @@ -307,7 +306,7 @@ SyncPcrAllocationsAndPcrMask ( > // > // We can't do much here, but we hope that this doesn't happen. > // > - DEBUG ((EFI_D_ERROR, "%a - Failed to reallocate PCRs!\n", > __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - Failed to reallocate PCRs!\n", > __FUNCTION__)); > ASSERT_EFI_ERROR (Status); > } > // > @@ -324,9 +323,9 @@ SyncPcrAllocationsAndPcrMask ( > if ((Tpm2PcrMask & TpmHashAlgorithmBitmap) !=3D Tpm2PcrMask) { > NewTpm2PcrMask =3D Tpm2PcrMask & TpmHashAlgorithmBitmap; >=20 > - DEBUG ((EFI_D_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to > 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); > + DEBUG ((DEBUG_INFO, "%a - Updating PcdTpm2HashMask from 0x%X to > 0x%X.\n", __FUNCTION__, Tpm2PcrMask, NewTpm2PcrMask)); > if (NewTpm2PcrMask =3D=3D 0) { > - DEBUG ((EFI_D_ERROR, "%a - No viable PCRs supported! Please set a = less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > + DEBUG ((DEBUG_ERROR, "%a - No viable PCRs supported! Please set a = less > restrictive value for PcdTpm2HashMask!\n", __FUNCTION__)); > ASSERT (FALSE); > } >=20 > @@ -365,7 +364,7 @@ LogHashEvent ( > RetStatus =3D EFI_SUCCESS; > for (Index =3D 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo= [0]); > Index++) { > if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) !=3D 0) { > - DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", > mTcg2EventInfo[Index].LogFormat)); > + DEBUG ((DEBUG_INFO, " LogFormat - 0x%08x\n", > mTcg2EventInfo[Index].LogFormat)); > switch (mTcg2EventInfo[Index].LogFormat) { > case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2: > Status =3D GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, > &NewEventHdr->Digest); > @@ -476,7 +475,7 @@ HashLogExtendEvent ( > } >=20 > if (Status =3D=3D EFI_DEVICE_ERROR) { > - DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Stat= us)); > + DEBUG ((DEBUG_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", > Status)); > BuildGuidHob (&gTpmErrorHobGuid,0); > REPORT_STATUS_CODE ( > EFI_ERROR_CODE | EFI_ERROR_MINOR, > @@ -1011,7 +1010,7 @@ PeimEntryMA ( > } >=20 > if (GetFirstGuidHob (&gTpmErrorHobGuid) !=3D NULL) { > - DEBUG ((EFI_D_ERROR, "TPM2 error!\n")); > + DEBUG ((DEBUG_ERROR, "TPM2 error!\n")); > return EFI_DEVICE_ERROR; > } >=20 > @@ -1075,7 +1074,7 @@ PeimEntryMA ( > for (PcrIndex =3D 0; PcrIndex < 8; PcrIndex++) { > Status =3D MeasureSeparatorEventWithError (PcrIndex); > if (EFI_ERROR (Status)) { > - DEBUG ((EFI_D_ERROR, "Separator Event with Error not Measured. > Error!\n")); > + DEBUG ((DEBUG_ERROR, "Separator Event with Error not Measured. > Error!\n")); > } > } > } > @@ -1092,6 +1091,13 @@ PeimEntryMA ( > } > } >=20 > + DEBUG_CODE_BEGIN (); > + // > + // Peek into TPM PCR 00 before any BIOS measurement. > + // > + Tpm2PcrReadForActiveBank (00, NULL); > + DEBUG_CODE_END (); > + > // > // Only install TpmInitializedPpi on success > // > @@ -1106,7 +1112,7 @@ PeimEntryMA ( >=20 > Done: > if (EFI_ERROR (Status)) { > - DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n")); > + DEBUG ((DEBUG_ERROR, "TPM2 error! Build Hob\n")); > BuildGuidHob (&gTpmErrorHobGuid,0); > REPORT_STATUS_CODE ( > EFI_ERROR_CODE | EFI_ERROR_MINOR, > -- > 2.31.1.windows.1