From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail04.groups.io (mail04.groups.io [45.79.224.9]) by spool.mail.gandi.net (Postfix) with ESMTPS id B0E739405DC for ; Mon, 15 Apr 2024 02:08:46 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=bMrazL2sAuQDReSG0PFBwArhl0BRXeNJ1Sexo54LmjI=; c=relaxed/simple; d=groups.io; h=From:To:CC:Subject:Thread-Topic:Thread-Index:Date:Message-ID:References:In-Reply-To:Accept-Language:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Resent-Date:Resent-From:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type; s=20240206; t=1713146925; v=1; b=K0JNEa2aVKBvKfwHTRvxz4OQ+DrP8xBQCQwRrLYSOkGqEOWULPfk2WDBse2zRvqaMsGEcZCf vGBidohqtZeFrn+qVVZ48YqwD07yPBk+aThM4KLRBJ1LtVEerdxYOuMVgnx3bT/c4eozaVtOz4T fHUzKj5q/fUWf8XMxHGS7Q4YkFqDQp7aYwD3r/GLd8DNjAJJsBlIuAUX/QX23KvHuJeHyvYNQNo 7qlIa7slmKbhhOL5Miv3xtcnvkclpvkKHy3h/6hRUusYV0cqY5awq4WSBXiZwd2S3y5Svx5VNBl ol1VvIJHoEMQ08v3lf2s3/wiK3O3EOLyE44k7Ub74JxHw== X-Received: by 127.0.0.2 with SMTP id oDAwYY7687511xSBJtHB8lRv; Sun, 14 Apr 2024 19:08:45 -0700 X-Received: from mgamail.intel.com (mgamail.intel.com [192.198.163.7]) by mx.groups.io with SMTP id smtpd.web11.11708.1713146924611303457 for ; Sun, 14 Apr 2024 19:08:44 -0700 X-CSE-ConnectionGUID: daIpltq2R86Tuu3DkZAK/w== X-CSE-MsgGUID: lMXJMmxcR/eS/lMs76tQBw== X-IronPort-AV: E=McAfee;i="6600,9927,11044"; a="33908095" X-IronPort-AV: E=Sophos;i="6.07,202,1708416000"; d="scan'208";a="33908095" X-Received: from orviesa005.jf.intel.com ([10.64.159.145]) by fmvoesa101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2024 19:08:44 -0700 X-CSE-ConnectionGUID: MXn7yvTYQK6veNZDEowfCQ== X-CSE-MsgGUID: wkAT1TPASaCXTqtTbJNlCA== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="6.07,202,1708416000"; d="scan'208";a="26566554" X-Received: from orsmsx603.amr.corp.intel.com ([10.22.229.16]) by orviesa005.jf.intel.com with ESMTP/TLS/AES256-GCM-SHA384; 14 Apr 2024 19:08:43 -0700 X-Received: from orsmsx611.amr.corp.intel.com (10.22.229.24) by ORSMSX603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 14 Apr 2024 19:08:43 -0700 X-Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX611.amr.corp.intel.com (10.22.229.24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 14 Apr 2024 19:08:42 -0700 X-Received: from ORSEDG601.ED.cps.intel.com (10.7.248.6) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Sun, 14 Apr 2024 19:08:42 -0700 X-Received: from NAM11-DM6-obe.outbound.protection.outlook.com (104.47.57.168) by edgegateway.intel.com (134.134.137.102) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Sun, 14 Apr 2024 19:08:42 -0700 X-Received: from PH0PR11MB5046.namprd11.prod.outlook.com (2603:10b6:510:3b::20) by LV2PR11MB6022.namprd11.prod.outlook.com (2603:10b6:408:17c::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.26; Mon, 15 Apr 2024 02:08:15 +0000 X-Received: from PH0PR11MB5046.namprd11.prod.outlook.com ([fe80::c253:f1ee:bfd7:6991]) by PH0PR11MB5046.namprd11.prod.outlook.com ([fe80::c253:f1ee:bfd7:6991%6]) with mapi id 15.20.7472.027; Mon, 15 Apr 2024 02:08:15 +0000 From: "Wenxing Hou" To: "Kinney, Michael D" , "devel@edk2.groups.io" CC: Sean Brogan , Joey Vagedes , Liming Gao , Andrew Fish , "Liu, Zhiguang" , "Kumar, Rahul R" , "Yao, Jiewen" Subject: Re: [edk2-devel] [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec Thread-Topic: [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec Thread-Index: AQHahKXkhl1aGvhDX0KVrKbW0mmUU7FgFIBQgAiTgaA= Date: Mon, 15 Apr 2024 02:08:15 +0000 Message-ID: References: <20240402023125.4168-1-wenxing.hou@intel.com> In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: yes X-MS-TNEF-Correlator: x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH0PR11MB5046:EE_|LV2PR11MB6022:EE_ x-ms-office365-filtering-correlation-id: ae343428-a7a1-4dd3-ff54-08dc5cf0e909 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam-message-info: qp3GwGjypE1BFW+vcEkbkESyMjbSdW3mxq2nvSEvO14a9oh9AWU4J0jaDudIEMnv7FI1w+WCbvKR1qsuyIeakAoxXfXiRDCpMSJuOXudpXocY6t3peK9Dh3C3YWqVjK71tYkqPnBXFlgIW9EFm3lvYYuc/rTumDr+pcCb/VFaQhETPcyPk2ftCVTmjezF1JHOg1BpuHeC51stxYcPHkP5X+3uxJI64PY2U0DTwmqtQmdJykn4Zlq9KRPgKumVifVI8GSy+MN/ahS0uYB042Tzh5FRurkRQgrgTWQRiSyLax4Tl1PZHjU/byxGrplfaF/yfZZt9CvWlWVr5gD+ec8vxQ+21YnTs/vFKr8gQvIzAHD50cghHFud13Iwwdr5zNMS7G+JjcqD2bGRVWESRfYCN2KMHEB53NhkshC9BPbAXakQq8hUHV6RRwgpxpdkUSFfvMBn4Oybfse3kLalXw9F1mSggIGrW9BLSoHCAkN2PEfu/Hqk8E0JSTMaMyCbQDvtb3hOr2W128VicK+VHN4OAQKChbckvmmFpSDXyXf9eMoazxah2U5QK6x4Q+I+QI4eokKX1ELRN/sJqUTClfrMD2MrS+8gIjLB2XFa1rsEy6vb3Dpush4xEArj6YvnJoj/HyGf0gwGFQOyXiVezGTKWbBW5EVX1xLbeV/RGlSIAwwWVbOPN+o3ZcL5lWM1eb7 x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?b7iOWzqxUQboDPWdS6effHQsmhS4Zwf5RVLIEcnwmA6T9svOHYgzi4z0Gdt7?= =?us-ascii?Q?OQv6TvO0SW+9mcirw8mraLHTToqlRGgdss3qVlKEgwZQXc2fyy3uIk4hKDsP?= =?us-ascii?Q?1dLUFYLz4asaDn5yHOYWXncIhnbYQUvU6uWck462349GR9TO5hyIiNEXrLQW?= =?us-ascii?Q?R5khm5JD/YbGHxaWSUcuRFmRvj7hIevD9dcjGSR/weBU75SWgdCN9nGZ8GsK?= =?us-ascii?Q?sJD6GtXUezQhkJFfWwvZ5JstuF0IRU86iSocEkd6ulMiECunkgEhpKCc+/g7?= =?us-ascii?Q?0M+6d3iglsfKpHzGchUddiM2WwlxDHIbVN+wud1PbTVc7e7BPDAmuTDZeQG9?= =?us-ascii?Q?beqGAu5FdwlpDswnWQr3TI3LCsky8ubwODhD5iNlqwG/qv7KBSxUc+zdr+oX?= =?us-ascii?Q?Yi+Qy8/Yknlg7O/34DyjcEMrJjmVThUEpSEt3qrDvtAkaQ7NpO4u3FwMIgDx?= =?us-ascii?Q?rWcembOy1PJRMvXdjwxpWNlJCxfvQw1md0i1m5wUDcYDgR4Sp7BvrxAYVPIb?= =?us-ascii?Q?/QMixug2NPDCEuusm+EcpUpBO4puSyiuicnMKLlEldGUmOnF8dg6zKeCl0bY?= =?us-ascii?Q?ljr56/4Xcvu8roSf0CuNfu7dlvYjbqtcJIrADF0HTYif4Ohh1K6Eyj5ZcxL7?= =?us-ascii?Q?VNDj6iMwi2uOBEN9D1wJCUgF9XrA1D3mwiw2YrtT3iWVL44gswCMZtQNbxit?= =?us-ascii?Q?zw0txl102UwF73gQqMd+Vtud1SVvJBJ/WpUnJm67ZD5sCcUXQEZ49InM3w9i?= =?us-ascii?Q?om9JFrEAY44QYo7bl3bKFpYxgKiSgrOBZVuT6FOP6qMPCcIygAPyZu2ch+nw?= =?us-ascii?Q?2yDVzrQrUJ90vJH4vP1Ko46ctqc4D+vruA/yY9ihGSYUG25wDDdhNL4TmcGX?= =?us-ascii?Q?i0PvKUC3x8HjxM886Pazia7DL88dOktF4kUJ/3EUNA9wSbUXxZpjjIqsBUNJ?= =?us-ascii?Q?UgKqUQ0UhltIL4y3f/VJ/+R8G9eacJt9iUWpOMJBm6NKN+V+t2N6FOa4RqP8?= =?us-ascii?Q?JiH/Hmh5/MJVJNtef4K063hnC3J7OygryoENb16/NMsjjX3Jkp2OhGDBO+5Y?= =?us-ascii?Q?TWZjvWGk+Vurx+uwTNnBvpBIyPlNMphu/LaqPZhNRs9XzVSv6q0gA2uWMH13?= =?us-ascii?Q?JJx4/l+nJAhVPFsjYZYBnyYS8KmrmJOCSD24B8ykdNGpvzU2lIdqZI3cIJ3y?= =?us-ascii?Q?ym5lfPifu8HNKCFnRPy70rK0aSEymltag0qpkfeemt3UJHDjxKAWV0kmz0YH?= =?us-ascii?Q?Q1blpPfNb0H15tCuow7+Q7/fgdlDml8wrJNwqS+Qw5OIsrFwTaZYIGUUK6DD?= =?us-ascii?Q?VaaOpqVc/5SPV5iYYEQRTW0JawgT+hIhPOsVGvTda2MBIObBJS8uLtMAH/41?= =?us-ascii?Q?c7imTdbvuzOHL0Voy1hij9NzxjyoyYdCCr0p2ssjKOJRX4GxMbHYjRz+8hhN?= =?us-ascii?Q?xUZNg+kN8PGxJ7XrAk50MNjKqEz2hNKyHZfO5mS0evIbCzkqVYcyqmq7W3Kt?= =?us-ascii?Q?wGKVg+FowiKVeX/9I8bGol0MVf7CHWbck8EDharmEdeBZeXTa/t9aG7j0aAa?= =?us-ascii?Q?fRdVsgx5a0PxfVZ3X1/SkXjJLVM+7bJIzSL/J66Q?= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH0PR11MB5046.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: ae343428-a7a1-4dd3-ff54-08dc5cf0e909 X-MS-Exchange-CrossTenant-originalarrivaltime: 15 Apr 2024 02:08:15.1403 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: Aaipj8Z8gKDR8HOBfQ91ytZWRjH0yscrm39TWLvYOykwuGILN79hLZ9c4QU+c3Rejc543WPsS82NCQlpFFiNxA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: LV2PR11MB6022 X-OriginatorOrg: intel.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Resent-Date: Sun, 14 Apr 2024 19:08:44 -0700 Resent-From: wenxing.hou@intel.com Reply-To: devel@edk2.groups.io,wenxing.hou@intel.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: QNY7aFxrNNZXlYlORirsmtSUx7686176AA= Content-Language: en-US Content-Type: multipart/mixed; boundary="_002_PH0PR11MB50460B7AABD135E158D7A585F7092PH0PR11MB5046namp_" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20240206 header.b=K0JNEa2a; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=intel.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 45.79.224.9 as permitted sender) smtp.mailfrom=bounce@groups.io --_002_PH0PR11MB50460B7AABD135E158D7A585F7092PH0PR11MB5046namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Mike, I have submitted PATCH v3, which updated the Readme.rst for libspdm submodu= le license. And I have added Leif. Please review the PATCH v3.=20 For your second feedback, I have investigate the situation. If we use 'git submodule update --init' to clone the submodule, the mbedtls= /openssl/cmocka in libspdm will not be cloned due to the absence of the '-= -recursive' option. And it will not affect the build and use of DeviceSecurity. Thanks, Wenxing -----Original Message----- From: Kinney, Michael D =20 Sent: Tuesday, April 9, 2024 11:14 PM To: Hou, Wenxing ; devel@edk2.groups.io Cc: Sean Brogan ; Joey Vagedes ; Liming Gao ; Andrew Fish ; Liu, Zhiguang ; Kumar, Rahul R ; Yao, Jiewen ; Kinney, Michael D Subject: RE: [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec +Leif Adding a new submodule requires review by the stewards to review the licens= e and the health and support of the submodule project. The top level Readme also requires updates. It lists all the submodules an= d licenses used. Please update this series with the Readme changes. https://github.com/tianocore/edk2?tab=3Dreadme-ov-file#license-details I also notice that libspdm has its own .gitmodules file that pulls in more = submodules. [submodule "os_stub/openssllib/openssl"] path =3D os_stub/openssllib/openssl url =3D https://github.com/openssl/openssl [submodule "os_stub/mbedtlslib/mbedtls"] path =3D os_stub/mbedtlslib/mbedtls url =3D https://github.com/ARMmbed/mbedtls [submodule "unit_test/cmockalib/cmocka"] path =3D unit_test/cmockalib/cmocka url =3D https://git.cryptomilk.org/projects/cmocka.git edk2 already had openssl and mbedtls as submodules, does this mean that ope= nssl and mbedtls will be cloned twice in 2 different locations now? The edk2 project had issues with the stability of the cmocka server and cha= nged to a tianocore mirror of the cmocka submodule to improve CI stability.= This is another submodule that will be cloned twice and may reintroduce th= e potential for CI stability issues. Thanks, Mike > -----Original Message----- > From: Hou, Wenxing > Sent: Monday, April 1, 2024 7:31 PM > To: devel@edk2.groups.io > Cc: Sean Brogan ; Joey Vagedes=20 > ; Kinney, Michael D=20 > ; Liming Gao ;=20 > Andrew Fish ; Liu, Zhiguang ;=20 > Kumar, Rahul R ; Yao, Jiewen=20 > > Subject: [PATCH 0/9] Add DeviceSecurity feature based on PFP 1.06 spec >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2479 >=20 > In PFP spec 1.06, platform firmware records the device certificate and=20 > device measurement for each SPDM responder. > This PATCH set implement the DeviceSecurityLib to support spdm device=20 > Authentication and Measurement. >=20 > Libspdm as submodule is to support DeviceSecurity feature: > https://github.com/DMTF/libspdm >=20 > TCG PFP spec 1.06: > https://trustedcomputinggroup.org/resource/pc-client-specific- > platform-firmware-profile-specification/ >=20 > The POC branch: > https://github.com/tianocore/edk2-staging/tree/DeviceSecurity >=20 > And the PATCH set has passed the EDKII CI: > https://github.com/tianocore/edk2/pull/5508 >=20 > Cc: Sean Brogan > Cc: Joey Vagedes > Cc: Michael D Kinney > Cc: Liming Gao > Cc: Andrew Fish > Cc: Zhiguang Liu > Cc: Rahul Kumar > Cc: Jiewen Yao > Signed-off-by: Wenxing Hou >=20 > Wenxing Hou (9): > MdePkg: Add SPDM1.2 support. > MdePkg: Add TCG PFP 1.06 support. > MdePkg: Add devAuthBoot GlobalVariable > MdeModulePkg/Variable: Add TCG SPDM device measurement update > SecurityPkg: Add TCG PFP 1.06 support. > SecurityPkg: add DeviceSecurity support > .pytool/CISettings.py: add libspdm submodule. > .gitmodule: Add libspdm submodule for EDKII > SecurityPkg: Add libspdm submodule >=20 > .gitmodules | 3 + > .pytool/CISettings.py | 2 + > MdeModulePkg/MdeModulePkg.dec | 5 + > .../Variable/RuntimeDxe/Measurement.c | 38 +- > .../RuntimeDxe/VariableRuntimeDxe.inf | 3 + > .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 3 + > MdePkg/Include/Guid/GlobalVariable.h | 8 +- > MdePkg/Include/Guid/ImageAuthentication.h | 5 +- > MdePkg/Include/IndustryStandard/Spdm.h | 1112 > ++++++++++++++++- > .../IndustryStandard/UefiTcgPlatform.h | 186 ++- > .../OsStub/CryptlibWrapper/CryptlibWrapper.c | 970 ++++++++++++++ > .../CryptlibWrapper/CryptlibWrapper.inf | 38 + > .../OsStub/MemLibWrapper/MemLibWrapper.c | 177 +++ > .../OsStub/MemLibWrapper/MemLibWrapper.inf | 33 + > .../PlatformLibWrapper/PlatformLibWrapper.c | 85 ++ > .../PlatformLibWrapper/PlatformLibWrapper.inf | 33 + > .../SpdmLib/Include/Stub/SpdmLibStub.h | 347 +++++ > .../SpdmLib/Include/hal/LibspdmStdBoolAlt.h | 23 + > .../SpdmLib/Include/hal/LibspdmStdDefAlt.h | 16 + > .../SpdmLib/Include/hal/LibspdmStdIntAlt.h | 25 + > .../DeviceSecurity/SpdmLib/Include/hal/base.h | 94 ++ > .../SpdmLib/Include/hal/library/debuglib.h | 39 + > .../SpdmLib/Include/library/spdm_lib_config.h | 394 ++++++ > .../DeviceSecurity/SpdmLib/SpdmCommonLib.inf | 47 + > .../DeviceSecurity/SpdmLib/SpdmCryptLib.inf | 45 + > .../SpdmLib/SpdmDeviceSecretLibNull.inf | 36 + > .../SpdmLib/SpdmRequesterLib.inf | 59 + > .../SpdmLib/SpdmResponderLib.inf | 61 + > .../SpdmLib/SpdmSecuredMessageLib.inf | 44 + > .../SpdmLib/SpdmTransportMctpLib.inf | 38 + > .../SpdmLib/SpdmTransportPciDoeLib.inf | 38 + > SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + > .../SpdmSecurityLib/SpdmAuthentication.c | 697 +++++++++++ > .../SpdmSecurityLib/SpdmConnectionInit.c | 481 +++++++ > .../SpdmSecurityLib/SpdmMeasurement.c | 714 +++++++++++ > .../SpdmSecurityLib/SpdmSecurityLib.c | 148 +++ > .../SpdmSecurityLib/SpdmSecurityLib.inf | 54 + > .../SpdmSecurityLib/SpdmSecurityLibInternal.h | 250 ++++ =20 > SecurityPkg/Include/Library/SpdmSecurityLib.h | 437 +++++++ > SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +- > .../Include/Protocol/DeviceSecurityPolicy.h | 133 ++ > .../HashLibBaseCryptoRouterDxe.c | 88 +- > .../Library/Tpm2CommandLib/Tpm2NVStorage.c | 122 +- > SecurityPkg/SecurityPkg.ci.yaml | 17 +- > SecurityPkg/SecurityPkg.dec | 13 +- > SecurityPkg/SecurityPkg.dsc | 31 +- > SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 61 +- > SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 4 +- > 48 files changed, 7196 insertions(+), 85 deletions(-) create mode=20 > 100644=20 > SecurityPkg/DeviceSecurity/OsStub/CryptlibWrapper/CryptlibWrapper.c > create mode 100644 > SecurityPkg/DeviceSecurity/OsStub/CryptlibWrapper/CryptlibWrapper.inf > create mode 100644 > SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.c > create mode 100644 > SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibWrapper.inf > create mode 100644 > SecurityPkg/DeviceSecurity/OsStub/PlatformLibWrapper/PlatformLibWrappe > r.c > create mode 100644 > SecurityPkg/DeviceSecurity/OsStub/PlatformLibWrapper/PlatformLibWrappe > r.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/Stub/SpdmLibStub.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdBoolAlt.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdDefAlt.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmStdIntAlt.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/base.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/library/debuglib.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/Include/library/spdm_lib_config.h > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmCommonLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmCryptLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmDeviceSecretLibNull.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmRequesterLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmResponderLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmSecuredMessageLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmTransportMctpLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmLib/SpdmTransportPciDoeLib.inf > create mode 160000 SecurityPkg/DeviceSecurity/SpdmLib/libspdm > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmAuthentication.c > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmConnectionInit.c > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmMeasurement.c > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurityLib.c > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurityLib.inf > create mode 100644 > SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurityLibInternal.h > create mode 100644 SecurityPkg/Include/Library/SpdmSecurityLib.h > create mode 100644 > SecurityPkg/Include/Protocol/DeviceSecurityPolicy.h >=20 > -- > 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117737): https://edk2.groups.io/g/devel/message/117737 Mute This Topic: https://groups.io/mt/105281046/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_002_PH0PR11MB50460B7AABD135E158D7A585F7092PH0PR11MB5046namp_ Content-Type: message/rfc822 Content-Disposition: attachment; creation-date="Mon, 15 Apr 2024 02:08:11 GMT"; modification-date="Mon, 15 Apr 2024 02:08:14 GMT" Received: from IA1PR11MB7175.namprd11.prod.outlook.com (2603:10b6:208:419::5) by PH0PR11MB5046.namprd11.prod.outlook.com with HTTPS; Mon, 15 Apr 2024 01:59:31 +0000 Received: from DM6PR03CA0028.namprd03.prod.outlook.com (2603:10b6:5:40::41) by IA1PR11MB7175.namprd11.prod.outlook.com (2603:10b6:208:419::5) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.26; Mon, 15 Apr 2024 01:59:29 +0000 Received: from CH2PEPF00000146.namprd02.prod.outlook.com (2603:10b6:5:40:cafe::f3) by DM6PR03CA0028.outlook.office365.com (2603:10b6:5:40::41) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7472.33 via Frontend Transport; Mon, 15 Apr 2024 01:59:29 +0000 Received: from edgegateway.intel.com (134.134.137.100) by CH2PEPF00000146.mail.protection.outlook.com (10.167.244.103) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7452.22 via Frontend Transport; Mon, 15 Apr 2024 01:59:29 +0000 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by edgegateway.intel.com (10.7.248.4) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 14 Apr 2024 18:59:20 -0700 Received: from orsmsx603.amr.corp.intel.com (10.22.229.16) by ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Sun, 14 Apr 2024 18:59:20 -0700 Received: from orviesa004.jf.intel.com (10.64.159.144) by orsmsx603.amr.corp.intel.com (10.22.229.16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35 via Frontend Transport; Sun, 14 Apr 2024 18:59:20 -0700 Received: from fmvoesa112.fm.intel.com ([10.64.2.22]) by orviesa004-1.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2024 18:59:18 -0700 Received: from mail04.groups.io ([45.79.224.9]) by mgamail.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 14 Apr 2024 18:59:10 -0700 From: "Hou, Wenxing" To: "devel@edk2.groups.io" CC: Andrew Fish , Leif Lindholm , "Kinney, Michael D" , Liming Gao , Sean Brogan , "Joey Vagedes" , "Liu, Zhiguang" , "Kumar, Rahul R" , "Yao, Jiewen" Subject: [edk2-devel] [PATCH v3 00/10] Add DeviceSecurity feature based on PFP 1.06 spec Thread-Topic: [edk2-devel] [PATCH v3 00/10] Add DeviceSecurity feature based on PFP 1.06 spec Thread-Index: AQHajtiO7K3okZt38U6638SlLXauIQ== Sender: "devel@edk2.groups.io" Date: Mon, 15 Apr 2024 01:58:49 +0000 Message-ID: <17C6518737B135E5.8775@groups.io> List-Help: List-Subscribe: List-Unsubscribe: Reply-To: "devel@edk2.groups.io" , "Hou, Wenxing" Content-Language: en-US X-MS-Exchange-Organization-AuthAs: Anonymous X-MS-Exchange-Organization-AuthSource: ORSMSX603.amr.corp.intel.com X-MS-Has-Attach: X-Auto-Response-Suppress: All X-MS-Exchange-Organization-Network-Message-Id: a1eab575-c69b-4d70-f97f-08dc5cefaf94 X-MS-Exchange-Organization-SCL: 1 X-MS-TNEF-Correlator: X-MS-Exchange-Organization-RecordReviewCfmType: 0 x-ms-exchange-organization-originalserveripaddress: 10.167.244.103 x-ms-exchange-organization-originalclientipaddress: 10.64.159.144 x-ms-publictraffictype: Email received-spf: None (mgamail.intel.com: no sender authenticity information available from domain of postmaster@mail04.groups.io) identity=helo; client-ip=45.79.224.9; receiver=mgamail.intel.com; envelope-from="bounce+27952+117726+6360182+10613013@groups.io"; x-sender="postmaster@mail04.groups.io"; x-conformance=sidf_compatible Resent-From: authentication-results: spf=softfail (sender IP is 134.134.137.100) smtp.mailfrom=groups.io; dkim=pass (signature was verified) header.d=groups.io;dmarc=fail action=none header.from=intel.com; x-forefront-antispam-report: CIP:134.134.137.100;CTRY:US;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:edgegateway.intel.com;PTR:edgegateway.intel.com;CAT:NONE;SFS:(13230031)(82310400014);DIR:INB; x-ms-office365-filtering-correlation-id: a1eab575-c69b-4d70-f97f-08dc5cefaf94 x-ms-traffictypediagnostic: CH2PEPF00000146:EE_|IA1PR11MB7175:EE_|PH0PR11MB5046:EE_ x-microsoft-antispam: BCL:0; x-ms-exchange-crosstenant-originalarrivaltime: 15 Apr 2024 01:59:29.0764 (UTC) x-ms-exchange-crosstenant-network-message-id: a1eab575-c69b-4d70-f97f-08dc5cefaf94 x-ms-exchange-crosstenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d x-ms-exchange-crosstenant-fromentityheader: HybridOnPrem x-ms-exchange-transport-crosstenantheadersstamped: IA1PR11MB7175 x-ms-exchange-transport-endtoendlatency: 00:00:02.2322028 x-ms-exchange-processed-by-bccfoldering: 15.20.7472.026 x-ms-exchange-crosstenant-authas: Anonymous x-ms-exchange-crosstenant-authsource: ORSMSX603.amr.corp.intel.com x-ironport-av: E=Sophos;i="6.07,202,1708416000"; d="scan'208";a="21824277" x-extloop1: 1 x-organizationheaderspreserved: ORSMSX610.amr.corp.intel.com x-crosspremisesheaderspromoted: CH2PEPF00000146.namprd02.prod.outlook.com x-crosspremisesheadersfiltered: CH2PEPF00000146.namprd02.prod.outlook.com x-originatororg: intel.onmicrosoft.com x-eopattributedmessage: 0 x-ms-exchange-crosstenant-originalattributedtenantconnectingip: TenantId=46c98d88-e344-4ed4-8496-4ed7712e255d;Ip=[134.134.137.100];Helo=[edgegateway.intel.com] X-Microsoft-Antispam-Mailbox-Delivery: ucf:1;jmr:0;auth:0;dest:C;OFR:CustomRules;ENG:(910001)(944506478)(944626604)(920097)(930097)(140003); X-Microsoft-Antispam-Message-Info: =?iso-8859-1?Q?nwDkx1zVggEFnD6qqo1mkDSlJoyDl4EGz2A8jue4I0EtOtzdBmSU5l5yPX?= =?iso-8859-1?Q?CtaypGi0p54EzkIc6xkorA4od3BKnfrMIa0QWdRHqNrj6i0xQ1vGCbl+/B?= =?iso-8859-1?Q?1XLmxQPSOSOplyvSSvoY31NOHmogQuRF3RtzGBwNuAzE1WZZWr3g6Spd8B?= =?iso-8859-1?Q?lfSdUoh2hvrLrXCb0pJ04wXxdPK8RmXdlPXnHg/0RFA03+FJANHWOgazPM?= =?iso-8859-1?Q?heu4J8RU5h7lGSVTjhGRkEssKPJHYfxeVqZzqmbW6KnkwmNA0AHwewGJvw?= =?iso-8859-1?Q?nQdkceVWbInw+jXVms+iE1VaE/x8b1XGGEg9hyuSUQ/WZakghoSK1qgiSI?= =?iso-8859-1?Q?idsLUMdldlqH/K3DjU715cl4Jsv8IA8ue8mxcTnglGj+OKFABsg5GqP3ey?= =?iso-8859-1?Q?hKsfBsyZktmqhYYuNMmOzRUgFc+6S4bUchUXGpFmAsrXluqFZuwSmz34m9?= =?iso-8859-1?Q?fGlXBLKTpUYBm+wYGPzQnvXBFrtd3g8Zhaz4J0H4H/4cz2w4I0m0NkbJtn?= =?iso-8859-1?Q?iFZIXdYh2MKIeXfQA+gE3Tzm+2taORdeF3iFGiWb3Bb/fygRKHtmk3uEnh?= =?iso-8859-1?Q?CQyEfE+IzhMwvzD3E+0tdn9HOZVBxwpGPJq/SGJ/ng/aC0jmbU9DIXaJzz?= =?iso-8859-1?Q?TXfAPoPArDJwuM9leBJ4ZjpOcs6c8X/spa59HA61BjD3iqUoXG2KWfQBnf?= =?iso-8859-1?Q?n7njBK+RZmGP/GqhKm2Gb8PPXI/5UJkpIYKi2U1hllmfc4TtIkXL8wlaEj?= =?iso-8859-1?Q?rU6bULzisvuxutCGyiGIWCKXosRbijhjS1D5mt2lzz4FFlu4uD+qFJu0Hc?= =?iso-8859-1?Q?3cGIcq1r3CyK2FrJL8mWK/xqI5UaQZZCwoKUS2YbyOoET18t5vUXTUXPh3?= =?iso-8859-1?Q?y5cIyHFp9fZLGxyHsyFB1IMFBR/E4O4jkTkQmrPGcZn9DMW64v6HGlX1ZJ?= =?iso-8859-1?Q?NuiSBx3qXV5NJ+QOqslAxaj1+Y2yuzVtm/3Pj/Df3vJSpjrCNqBqiTqXFd?= =?iso-8859-1?Q?814KB3EFwoEvBq5i4MCOeuBhmCKD90FGBfOMfCdBlxsA5aQ1MM7edVEZP4?= =?iso-8859-1?Q?MS6B3iZNZepIBBUi9c5SPSOsu9ek1O+2dsAymrDGqQjnm45ncAgnCBacy8?= =?iso-8859-1?Q?5/f4EepsVNYj6ZSNmXJkcoRmbtHYquGvhICXZSIGPXcG2sDenGuJkHmKD4?= =?iso-8859-1?Q?DoGy+JrkNpjavgtnK2negEZ9FN5KR08dLxL5CSYk6bz4To1fO94IYbr4fH?= =?iso-8859-1?Q?EIJE6EGG4+T7SIyFY2uhR1+ZezNzHcTxkqjJbDbJdWDl1Joh3ZDzkPHLcK?= =?iso-8859-1?Q?dDR0dTrlItCFkt9W0grPcO7chDVVfgHHkEigqzmel5N+utPK2aAjCp5raX?= =?iso-8859-1?Q?SIhaOugJm3VSMKcS9DaqBUkb+Og4tefKq4JKCx+1ajlAE9He8ERRK5JlMm?= =?iso-8859-1?Q?nXDiHqQEKfBRHUSB/JThqb3BHiO2ocwCXlxQ/LPeL+quFCZP+viqEXv1VP?= =?iso-8859-1?Q?vSPU/PTJ2BbXNjxaBV+sKmSgOx6V9T948cyQYh+iRCHb7ZRN2EVxGoThWU?= =?iso-8859-1?Q?3S8kibChOazVlQbhRZ7Fk3jQEc1IgkFrVCjHvrqiHmbDOteSZ8gEB87qoq?= =?iso-8859-1?Q?FjQzUfdPKLjsEUqX2JwWQqjVbSf9Pj8Umu3qVFwY88+SUFedbbdRKht0Y9?= =?iso-8859-1?Q?fSpdk2fXEq6Q9XPQj2cgW6OJDNI0rQHFBdeOzrK84ujQ3D9AQAnywVMAvH?= =?iso-8859-1?Q?oaCgWupSn/zi6CXUnjB2ykGu91Mu5YUgPem17Rn53GX2x8QLnCac/YvqoH?= =?iso-8859-1?Q?MPhwNsjY3ctDVu/vZYwHNZ8PHvEjAN2/X5KwKhMC0QPK5k8Kfjg3?= Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2479 In PFP spec 1.06, platform firmware records the device certificate and devi= ce measurement for each SPDM responder. This PATCH set implement the DeviceSecurityLib to support spdm device Authe= ntication and Measurement. Libspdm as submodule is to support DeviceSecurity feature: https://github.com/DMTF/libspdm TCG PFP spec 1.06: https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firm= ware-profile-specification/ The POC branch: https://github.com/tianocore/edk2-staging/tree/DeviceSecurity And the PATCH set has passed the EDKII CI: https://github.com/tianocore/edk2/pull/5508 v2 changes: - Fix typo: PcdEnableSpdmDeviceAuthenticaion -> PcdEnableSpdmDeviceAuthent= ication v3 changes: - Add new patch 10: Update ReadMe.rst for libspdm submodule license PATCH 3: Reviewed-by: Liming Gao PATCH 7: Reviewed-by: Joey Vagedes Cc: Andrew Fish Cc: Leif Lindholm Cc: Michael D Kinney Cc: Liming Gao Cc: Sean Brogan Cc: Joey Vagedes Cc: Zhiguang Liu Cc: Rahul Kumar Cc: Jiewen Yao Signed-off-by: Wenxing Hou Wenxing Hou (10): MdePkg: Add SPDM1.2 support. MdePkg: Add TCG PFP 1.06 support. MdePkg: Add devAuthBoot GlobalVariable MdeModulePkg/Variable: Add TCG SPDM device measurement update SecurityPkg: Add TCG PFP 1.06 support. SecurityPkg: add DeviceSecurity support .pytool/CISettings.py: add libspdm submodule. .gitmodule: Add libspdm submodule for EDKII SecurityPkg: Add libspdm submodule ReadMe.rst: Add libspdm submodule license .gitmodules | 3 + .pytool/CISettings.py | 2 + MdeModulePkg/MdeModulePkg.dec | 5 + .../Variable/RuntimeDxe/Measurement.c | 38 +- .../RuntimeDxe/VariableRuntimeDxe.inf | 3 + .../RuntimeDxe/VariableSmmRuntimeDxe.inf | 3 + MdePkg/Include/Guid/GlobalVariable.h | 8 +- MdePkg/Include/Guid/ImageAuthentication.h | 5 +- MdePkg/Include/IndustryStandard/Spdm.h | 1112 ++++++++++++++++- .../IndustryStandard/UefiTcgPlatform.h | 186 ++- ReadMe.rst | 1 + .../OsStub/CryptlibWrapper/CryptlibWrapper.c | 970 ++++++++++++++ .../CryptlibWrapper/CryptlibWrapper.inf | 38 + .../OsStub/MemLibWrapper/MemLibWrapper.c | 177 +++ .../OsStub/MemLibWrapper/MemLibWrapper.inf | 33 + .../PlatformLibWrapper/PlatformLibWrapper.c | 85 ++ .../PlatformLibWrapper/PlatformLibWrapper.inf | 33 + .../SpdmLib/Include/Stub/SpdmLibStub.h | 347 +++++ .../SpdmLib/Include/hal/LibspdmStdBoolAlt.h | 23 + .../SpdmLib/Include/hal/LibspdmStdDefAlt.h | 16 + .../SpdmLib/Include/hal/LibspdmStdIntAlt.h | 25 + .../DeviceSecurity/SpdmLib/Include/hal/base.h | 94 ++ .../SpdmLib/Include/hal/library/debuglib.h | 39 + .../SpdmLib/Include/library/spdm_lib_config.h | 394 ++++++ .../DeviceSecurity/SpdmLib/SpdmCommonLib.inf | 47 + .../DeviceSecurity/SpdmLib/SpdmCryptLib.inf | 45 + .../SpdmLib/SpdmDeviceSecretLibNull.inf | 36 + .../SpdmLib/SpdmRequesterLib.inf | 59 + .../SpdmLib/SpdmResponderLib.inf | 61 + .../SpdmLib/SpdmSecuredMessageLib.inf | 44 + .../SpdmLib/SpdmTransportMctpLib.inf | 38 + .../SpdmLib/SpdmTransportPciDoeLib.inf | 38 + SecurityPkg/DeviceSecurity/SpdmLib/libspdm | 1 + .../SpdmSecurityLib/SpdmAuthentication.c | 697 +++++++++++ .../SpdmSecurityLib/SpdmConnectionInit.c | 481 +++++++ .../SpdmSecurityLib/SpdmMeasurement.c | 714 +++++++++++ .../SpdmSecurityLib/SpdmSecurityLib.c | 148 +++ .../SpdmSecurityLib/SpdmSecurityLib.inf | 54 + .../SpdmSecurityLib/SpdmSecurityLibInternal.h | 250 ++++ SecurityPkg/Include/Library/SpdmSecurityLib.h | 437 +++++++ SecurityPkg/Include/Library/Tpm2CommandLib.h | 23 +- .../Include/Protocol/DeviceSecurityPolicy.h | 133 ++ .../HashLibBaseCryptoRouterDxe.c | 88 +- .../Library/Tpm2CommandLib/Tpm2NVStorage.c | 122 +- SecurityPkg/SecurityPkg.ci.yaml | 17 +- SecurityPkg/SecurityPkg.dec | 13 +- SecurityPkg/SecurityPkg.dsc | 31 +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 61 +- SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 4 +- 49 files changed, 7197 insertions(+), 85 deletions(-) create mode 100644 SecurityPkg/DeviceSecurity/OsStub/CryptlibWrapper/Crypt= libWrapper.c create mode 100644 SecurityPkg/DeviceSecurity/OsStub/CryptlibWrapper/Crypt= libWrapper.inf create mode 100644 SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibW= rapper.c create mode 100644 SecurityPkg/DeviceSecurity/OsStub/MemLibWrapper/MemLibW= rapper.inf create mode 100644 SecurityPkg/DeviceSecurity/OsStub/PlatformLibWrapper/Pl= atformLibWrapper.c create mode 100644 SecurityPkg/DeviceSecurity/OsStub/PlatformLibWrapper/Pl= atformLibWrapper.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/Stub/SpdmLib= Stub.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmS= tdBoolAlt.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmS= tdDefAlt.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/LibspdmS= tdIntAlt.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/base.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/hal/library/= debuglib.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/Include/library/spdm= _lib_config.h create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmCommonLib.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmCryptLib.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmDeviceSecretLibN= ull.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmRequesterLib.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmResponderLib.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmSecuredMessageLi= b.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmTransportMctpLib= .inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmLib/SpdmTransportPciDoeL= ib.inf create mode 160000 SecurityPkg/DeviceSecurity/SpdmLib/libspdm create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmAuthenti= cation.c create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmConnecti= onInit.c create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmMeasurem= ent.c create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurity= Lib.c create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurity= Lib.inf create mode 100644 SecurityPkg/DeviceSecurity/SpdmSecurityLib/SpdmSecurity= LibInternal.h create mode 100644 SecurityPkg/Include/Library/SpdmSecurityLib.h create mode 100644 SecurityPkg/Include/Protocol/DeviceSecurityPolicy.h --=20 2.26.2.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#117726): https://edk2.groups.io/g/devel/message/117726 Mute This Topic: https://groups.io/mt/105528198/6360182 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [wenxing.hou@intel.com] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- --_002_PH0PR11MB50460B7AABD135E158D7A585F7092PH0PR11MB5046namp_--