From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web10.7261.1597200487202016771 for ; Tue, 11 Aug 2020 19:48:07 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=e+nzkBUH; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: jian.j.wang@intel.com) IronPort-SDR: S7R4YMlrMIqb66ANayjkOTUtaI++jFA4zleMJhnNwkaflMN815Rd0LPCLiOfErEb+UPUQhabAv W/bdEqGJXang== X-IronPort-AV: E=McAfee;i="6000,8403,9710"; a="238714865" X-IronPort-AV: E=Sophos;i="5.76,302,1592895600"; d="scan'208";a="238714865" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga105.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Aug 2020 19:48:06 -0700 IronPort-SDR: LxIIX/4/aFSbdrhxx4Mrh4fgVN1RmJ8CbLUUzlMHL679zpF7FOYOnSDAX3Djqij0045UgDIY0C vZXArJiFbV6g== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.76,302,1592895600"; d="scan'208";a="294916186" Received: from orsmsx605-2.jf.intel.com (HELO ORSMSX605.amr.corp.intel.com) ([10.22.229.85]) by orsmga006.jf.intel.com with ESMTP; 11 Aug 2020 19:48:06 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX605.amr.corp.intel.com (10.22.229.18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 11 Aug 2020 19:48:05 -0700 Received: from orsmsx610.amr.corp.intel.com (10.22.229.23) by ORSMSX610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 11 Aug 2020 19:48:05 -0700 Received: from ORSEDG001.ED.cps.intel.com (10.7.248.4) by orsmsx610.amr.corp.intel.com (10.22.229.23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 11 Aug 2020 19:48:05 -0700 Received: from NAM04-CO1-obe.outbound.protection.outlook.com (104.47.45.55) by edgegateway.intel.com (134.134.137.100) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 11 Aug 2020 19:48:02 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N2zGEi4ehoXEh9PO6RzDXw2jrcM1wsOsnuBOcPCvTIGX6HAfGj3Q8f08fN0wvuz46txLmEel/syMyPVJmk2U3nEKeYfLIKziv2tom5HMmWcKAgAc4V8/X2YnFp+M1hGK/rPGpJDThHtDGN0sNYu6KVCT0ohKrZhe7ooCVUQUFSbVT1J46Pgt4yaU7Md7riWe0Y20aG9UOKnX+MFm1ImlAI8h5FetxMBytocnVQ2U/xxO8pdPtgLXTZDgtj7eJKau36tCpjZHMIkWh4ElTCuLPRzqf81uUkMKlkPq+dsphqmXzLudr9JOs+f8dTD0vmkSVmWv1v3Lu++keY+77tT3LQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+7QDdDG/QdI5qw4SJaWMuzztX2Pn6Hp3351RpVnTWcc=; b=Egxg8zgy/RnoPSHW9eYi6dyaeFnXM992V1q7hKtrEZwz8sjvdqXEO4zgn7f8aR0NfHhAwGL0Cih83ta6kJ5XmWy8lH1Cy00MJyhu4Udwl1BYx+PeGvgQNmlgpMnITcjV6Sv4tlj/NlYQNW72He+PeeOTUQ4jC6Sy7Tu+1SPDjaSv9aDB7LO6zINVWaBgRTeUvtkiUTkjALhUpYZirYkBAA0q6Z8plXYHHAjA/AUizAO8k4MSto4+T8bOmKuA6zj6Uq6LCfdwHZA69cngkvPc/8XVuBiPAvWFX9hVod0x8kZZu8hVMGSwZSgbrR6H2eLVAHALdcHXPa2UmaeM5AnUgQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=+7QDdDG/QdI5qw4SJaWMuzztX2Pn6Hp3351RpVnTWcc=; b=e+nzkBUH7sNCbGJvsH/7qtrEjxuGH2/RzXGebQG4qvCPYlMWf75PFWk1xDTJm23i9V0sTQ3cklGrY+vXCP5bpk5OlNLvsiDOojegl7afznMFZ5l9rx42wUx4AT0tZ6d0zt7ZOmhMl6ZpbBdtt9q24x5nrDZUEwV0WF0f6Wa3VSU= Received: from SN6PR11MB3312.namprd11.prod.outlook.com (2603:10b6:805:c8::14) by SN6PR11MB2992.namprd11.prod.outlook.com (2603:10b6:805:d4::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.15; Wed, 12 Aug 2020 02:48:01 +0000 Received: from SN6PR11MB3312.namprd11.prod.outlook.com ([fe80::bc48:4db0:9666:124e]) by SN6PR11MB3312.namprd11.prod.outlook.com ([fe80::bc48:4db0:9666:124e%7]) with mapi id 15.20.3261.024; Wed, 12 Aug 2020 02:48:01 +0000 From: "Wang, Jian J" To: "devel@edk2.groups.io" , "Zhang, Qi1" CC: "Yao, Jiewen" , "Chiu, Chasel" , "Desimone, Nathaniel L" , "Zeng, Star" Subject: Re: [edk2-devel] [PATCH v2 6/9] IntelFsp2WrapperPkg/FspMeasurementLib: Add BaseFspMeasurementLib. Thread-Topic: [edk2-devel] [PATCH v2 6/9] IntelFsp2WrapperPkg/FspMeasurementLib: Add BaseFspMeasurementLib. Thread-Index: AQHWa4lYKseI+5IXOEmAUU2slfYrI6kzytDA Date: Wed, 12 Aug 2020 02:48:01 +0000 Message-ID: References: <20200806003342.17866-1-qi1.zhang@intel.com> <20200806003342.17866-7-qi1.zhang@intel.com> In-Reply-To: <20200806003342.17866-7-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZmI1NTk1MWQtMTA2ZS00MjNjLWIyYzMtYTAzYWE3NTZkYWM4IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiU29vSmRaeTY1ckp5eUoxdHRGUWpRcEFEYWVrXC9zOTZpQXZ2XC83RncxU05wdDNrekk1U1QrUGVucHlFRUFpWit5In0= dlp-reaction: no-action dlp-version: 11.5.1.3 dlp-product: dlpe-windows x-ctpclassification: CTP_NT authentication-results: edk2.groups.io; dkim=none (message not signed) header.d=none;edk2.groups.io; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.203] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 50b863d4-e2eb-4dfa-0ddd-08d83e6a20ea x-ms-traffictypediagnostic: SN6PR11MB2992: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:3383; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: cam3q19GDis/tA/F2rVXkxw85gUBqLExdaLBb86orC8CRt3SKnQhO5AF/R20HO2Wk2D8qPq1eMoNAwro0/EWxLy9XPZMujHagy8eDQdWEz9U5PKz0YFX4pAsSJ7rCjPc6xQyO2yIzHdNqC9j9IvqhbFiZ6gjjY1Upbma1+pKmtxfKsIjMnbTz8Ud/xG0tLU64jSznwNFYit92bYVG5kY7p8Y9zZ8GWenLJ/z9Xao8qPVrxAPAgfgr7OFvBsqrOmrQUHqRRhWHx+q2nttCv5TLRdRyjbjP00bHodQaZGL9tefY1ieodkDUE2XhjkZbyBZbPCLW5GTh3ICH5a37UsuiaQUbHUbf+8ZhNPabjgaBCZBX9Wzrz9e6nzDtP4isQJXZ831kUmMQmSrj2zKqFt8EQ== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR11MB3312.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(4636009)(396003)(366004)(136003)(346002)(376002)(39860400002)(2906002)(9686003)(54906003)(86362001)(66476007)(55016002)(478600001)(71200400001)(966005)(8676002)(110136005)(316002)(66556008)(6636002)(107886003)(83380400001)(186003)(64756008)(7696005)(8936002)(26005)(52536014)(66946007)(30864003)(19627235002)(5660300002)(33656002)(4326008)(6506007)(53546011)(66446008)(76116006);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: LzGWGh6BcIBXREfrA4P99COj79QgTYBvTl3GSkNuAUswdkHouMtaTLzmvP1BLasj5UQ8rIfJfvcFu17vB7j0+ATzoZXp4fmDs7iAGK5/1akC6jKEQmeqr83bh+0ww1E+fD6ltijzK85MhEpCNQGdQiBfWuIKcWy5xio+Odc7ntc+mvu8gsDYmAoEiZi2VkEubDqW2inMsxe8ymq0DrDf8V1LXl6Fv1og6WwUcPoFpJKHNq040cQnbt9DQpk0fPI6vGJDLP7Z3hBTIukjj10fW4mixYzl1AI/388EQvn3U9VW4OsLy3qdHvKzKyffIVhZVyivqn2Hpsad/c0u8VrRrj9t/mF5i7Mbe0x/LNmv7rP9Y/IW1eopUfSw3/qOcqKc3jpTa2oGOkTLFu4KrgwU6eHYKpmS2v8rz9rtrvEihRqc/hekMPS/hQhYuz5meM+bgTFYObLM6ObHnlZDCP7RPOBb3qLD9YDlPo2Ao/paQuweWA5pQbaarD+aSx6q5W154+4suSgPtX0v3x6G4WtW+qNYU5KTsAfStMXFNNHQ5aMdacdP26PNPEk1c7tgMcU9hhnxc3TZDE+GsYrqiYnRs9VF9+3n5x7Ah7KL3SImyCvRoPxz60c2VQFsCwFORMRjae31zMvatPdt0/StOIDrxg== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB3312.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 50b863d4-e2eb-4dfa-0ddd-08d83e6a20ea X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Aug 2020 02:48:01.0741 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: FXEGk/Ay8344DpsJl2j1JXQRsJtNVCUcmXJlcl6aCE4ntAEBis+Xwd8TCfoQ+qEJch028mdYQo42LzdlKa7UfA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB2992 Return-Path: jian.j.wang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Qi, Comments below. > -----Original Message----- > From: devel@edk2.groups.io On Behalf Of Qi Zhang > Sent: Thursday, August 06, 2020 8:34 AM > To: devel@edk2.groups.io > Cc: Yao, Jiewen ; Chiu, Chasel ; > Desimone, Nathaniel L ; Zeng, Star > ; Zhang, Qi1 > Subject: [edk2-devel] [PATCH v2 6/9] IntelFsp2WrapperPkg/FspMeasurementLi= b: > Add BaseFspMeasurementLib. >=20 > From: Jiewen Yao >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2376 >=20 > Cc: Jiewen Yao > Cc: Chasel Chiu > Cc: Nate DeSimone > Cc: Star Zeng > Cc: Qi Zhang > Signed-off-by: Jiewen Yao > --- > .../BaseFspMeasurementLib.inf | 54 +++ > .../BaseFspMeasurementLib/FspMeasurementLib.c | 349 ++++++++++++++++++ > 2 files changed, 403 insertions(+) > create mode 100644 > IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurementLi > b.inf > create mode 100644 > IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspMeasurementLib.c >=20 > diff --git > a/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurement > Lib.inf > b/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurement > Lib.inf > new file mode 100644 > index 0000000000..d30168117d > --- /dev/null > +++ > b/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/BaseFspMeasurement > Lib.inf > @@ -0,0 +1,54 @@ > +## @file >=20 > +# Provides FSP measurement functions. >=20 > +# >=20 > +# This library provides MeasureFspFirmwareBlob() to measure FSP binary. >=20 > +# >=20 > +# Copyright (c) 2020, Intel Corporation. All rights reserved.
>=20 > +# SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > +# >=20 > +## >=20 > + >=20 > +[Defines] >=20 > + INF_VERSION =3D 0x00010005 >=20 > + BASE_NAME =3D FspMeasurementLib >=20 > + FILE_GUID =3D 9A62C49D-C45A-4322-9F3C-45958DF0056= B >=20 > + MODULE_TYPE =3D BASE >=20 > + VERSION_STRING =3D 1.0 >=20 > + LIBRARY_CLASS =3D FspMeasurementLib >=20 > + >=20 > +# >=20 > +# The following information is for reference only and not required by th= e build > tools. >=20 > +# >=20 > +# VALID_ARCHITECTURES =3D IA32 X64 >=20 > +# >=20 > + >=20 > +[Sources] >=20 > + FspMeasurementLib.c >=20 > + >=20 > +[Packages] >=20 > + MdePkg/MdePkg.dec >=20 > + MdeModulePkg/MdeModulePkg.dec >=20 > + SecurityPkg/SecurityPkg.dec >=20 > + IntelFsp2Pkg/IntelFsp2Pkg.dec >=20 > + IntelFsp2WrapperPkg/IntelFsp2WrapperPkg.dec >=20 > + >=20 > +[LibraryClasses] >=20 > + BaseLib >=20 > + BaseMemoryLib >=20 > + DebugLib >=20 > + PrintLib >=20 > + PcdLib >=20 > + PeiServicesLib >=20 > + PeiServicesTablePointerLib >=20 > + FspWrapperApiLib >=20 > + TpmMeasurementLib >=20 > + HashLib >=20 > + >=20 > +[Ppis] >=20 > + gEdkiiTcgPpiGuid ## = CONSUMES >=20 > + >=20 > +[Pcd] >=20 > + gIntelFsp2WrapperTokenSpaceGuid.PcdFspMeasurementConfig ## > CONSUMES >=20 > + gIntelFsp2WrapperTokenSpaceGuid.PcdFspmBaseAddress ## > CONSUMES >=20 > + gEfiMdeModulePkgTokenSpaceGuid.PcdTcgPfpMeasurementRevision ## > CONSUMES >=20 > + >=20 > diff --git > a/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspMeasurementLib.c > b/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspMeasurementLib.c > new file mode 100644 > index 0000000000..316570cd2c > --- /dev/null > +++ > b/IntelFsp2WrapperPkg/Library/BaseFspMeasurementLib/FspMeasurementLib.c > @@ -0,0 +1,349 @@ > +/** @file >=20 > + This library is used by FSP modules to measure data to TPM. >=20 > + >=20 > +Copyright (c) 2020, Intel Corporation. All rights reserved.
>=20 > +SPDX-License-Identifier: BSD-2-Clause-Patent >=20 > + >=20 > +**/ >=20 > + >=20 > +#include >=20 > +#include >=20 > + >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > +#include >=20 > + >=20 > +#include >=20 > +#include >=20 > + >=20 > +#pragma pack (1) >=20 > + >=20 > +#define PLATFORM_FIRMWARE_BLOB_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX- > XXXXXXXXXXXX)" >=20 > +typedef struct { >=20 > + UINT8 BlobDescriptionSize; >=20 > + UINT8 > BlobDescription[sizeof(PLATFORM_FIRMWARE_BLOB_DESC)]; >=20 > + EFI_PHYSICAL_ADDRESS BlobBase; >=20 > + UINT64 BlobLength; >=20 > +} PLATFORM_FIRMWARE_BLOB2_STRUCT; >=20 > + >=20 > +#define HANDOFF_TABLE_POINTER_DESC "1234567890ABCDEF" >=20 > +typedef struct { >=20 > + UINT8 TableDescriptionSize; >=20 > + UINT8 > TableDescription[sizeof(HANDOFF_TABLE_POINTER_DESC)]; >=20 > + UINT64 NumberOfTables; >=20 > + EFI_CONFIGURATION_TABLE TableEntry[1]; >=20 > +} HANDOFF_TABLE_POINTERS2_STRUCT; >=20 > + >=20 > +#pragma pack () >=20 Above definitions have been defined the same in EventLogRecord.c in patch3&= 4. Suggest put them in a common header file. > + >=20 > +/** >=20 > + Tpm measure and log data, and extend the measurement result into a spe= cific > PCR. >=20 > + >=20 > + @param[in] PcrIndex PCR Index. >=20 > + @param[in] EventType Event type. >=20 > + @param[in] EventLog Measurement event log. >=20 > + @param[in] LogLen Event log length in bytes. >=20 > + @param[in] HashData The start of the data buffer to be hashed= , > extended. >=20 > + @param[in] HashDataLen The length, in bytes, of the buffer refer= enced by > HashData >=20 > + @param[in] Flags Bitmap providing additional information. >=20 > + >=20 > + @retval EFI_SUCCESS Operation completed successfully. >=20 > + @retval EFI_UNSUPPORTED TPM device not available. >=20 > + @retval EFI_OUT_OF_RESOURCES Out of memory. >=20 > + @retval EFI_DEVICE_ERROR The operation was unsuccessful. >=20 > +**/ >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +TpmMeasureAndLogDataWithFlags ( >=20 > + IN UINT32 PcrIndex, >=20 > + IN UINT32 EventType, >=20 > + IN VOID *EventLog, >=20 > + IN UINT32 LogLen, >=20 > + IN VOID *HashData, >=20 > + IN UINT64 HashDataLen, >=20 > + IN UINT64 Flags >=20 > + ) >=20 > +{ >=20 > + EFI_STATUS Status; >=20 > + EDKII_TCG_PPI *TcgPpi; >=20 > + TCG_PCR_EVENT_HDR TcgEventHdr; >=20 > + >=20 > + Status =3D PeiServicesLocatePpi( >=20 > + &gEdkiiTcgPpiGuid, >=20 > + 0, >=20 > + NULL, >=20 > + (VOID**)&TcgPpi >=20 > + ); >=20 > + if (EFI_ERROR(Status)) { >=20 > + return Status; >=20 > + } >=20 > + >=20 > + TcgEventHdr.PCRIndex =3D PcrIndex; >=20 > + TcgEventHdr.EventType =3D EventType; >=20 > + TcgEventHdr.EventSize =3D LogLen; >=20 > + >=20 > + Status =3D TcgPpi->HashLogExtendEvent ( >=20 > + TcgPpi, >=20 > + Flags, >=20 > + HashData, >=20 > + (UINTN)HashDataLen, >=20 > + &TcgEventHdr, >=20 > + EventLog >=20 > + ); >=20 > + return Status; >=20 > +} >=20 > + >=20 > +/** >=20 > + Get the FvName from the FV header. >=20 > + >=20 > + Causion: The FV is untrusted input. >=20 > + >=20 > + @param[in] FvBase Base address of FV image. >=20 > + @param[in] FvLength Length of FV image. >=20 > + >=20 > + @return FvName pointer >=20 > + @retval NULL FvName is NOT found >=20 > +**/ >=20 > +STATIC >=20 > +VOID * >=20 > +TpmMeasurementGetFvName ( >=20 > + IN EFI_PHYSICAL_ADDRESS FvBase, >=20 > + IN UINT64 FvLength >=20 > + ) >=20 > +{ >=20 > + EFI_FIRMWARE_VOLUME_HEADER *FvHeader; >=20 > + EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader; >=20 > + >=20 > + if (FvBase >=3D MAX_ADDRESS) { >=20 > + return NULL; >=20 > + } >=20 > + if (FvLength >=3D MAX_ADDRESS - FvBase) { >=20 > + return NULL; >=20 > + } >=20 > + if (FvLength < sizeof(EFI_FIRMWARE_VOLUME_HEADER)) { >=20 > + return NULL; >=20 > + } >=20 > + >=20 > + FvHeader =3D (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase; >=20 > + if (FvHeader->Signature !=3D EFI_FVH_SIGNATURE) { >=20 > + return NULL; >=20 > + } >=20 > + if (FvHeader->ExtHeaderOffset < sizeof(EFI_FIRMWARE_VOLUME_HEADER)) { >=20 > + return NULL; >=20 > + } >=20 > + if (FvHeader->ExtHeaderOffset + > sizeof(EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) { >=20 > + return NULL; >=20 > + } >=20 > + FvExtHeader =3D (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + > FvHeader->ExtHeaderOffset); >=20 > + >=20 > + return &FvExtHeader->FvName; >=20 > +} >=20 > + >=20 > +/** >=20 > + Mesure a FSP FirmwareBlob. 'Mesure' -> 'Measure' >=20 > + >=20 > + @param[in] Descrption Description for this FirmwareBlob. 'Descrption' -> 'Description' >=20 > + @param[in] FirmwareBlobBase Base address of this FirmwareBlob. >=20 > + @param[in] FirmwareBlobLength Size in bytes of this FirmwareBlob= . >=20 > + @param[in] CfgRegionOffset Configuration region offset in byt= es. >=20 > + @param[in] CfgRegionSize Configuration region in bytes. >=20 > + >=20 > + @retval EFI_SUCCESS Operation completed successfully. >=20 > + @retval EFI_UNSUPPORTED TPM device not available. >=20 > + @retval EFI_OUT_OF_RESOURCES Out of memory. >=20 > + @retval EFI_DEVICE_ERROR The operation was unsuccessful. >=20 > +*/ >=20 > +STATIC >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +MeasureFspFirmwareBlobWithCfg ( >=20 > + IN CHAR8 *Description OPTIONAL, >=20 > + IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase, >=20 > + IN UINT64 FirmwareBlobLength, >=20 > + IN UINT32 CfgRegionOffset, >=20 > + IN UINT32 CfgRegionSize >=20 > + ) >=20 > +{ >=20 > + EFI_PLATFORM_FIRMWARE_BLOB FvBlob, UPDBlob; >=20 > + PLATFORM_FIRMWARE_BLOB2_STRUCT FvBlob2, UPDBlob2; >=20 > + VOID *FvName; >=20 > + UINT32 FvEventType; >=20 > + VOID *FvEventLog, *UPDEventLog; >=20 > + UINT32 FvEventLogSize, UPDEventLogSize; >=20 > + EFI_STATUS Status; >=20 > + HASH_HANDLE HashHandle; >=20 > + UINT8 *HashBase; >=20 > + UINTN HashSize; >=20 > + TPML_DIGEST_VALUES DigestList; >=20 > + >=20 > + FvName =3D TpmMeasurementGetFvName (FirmwareBlobBase, > FirmwareBlobLength); >=20 > + >=20 > + if (((Description !=3D NULL) || (FvName !=3D NULL)) && >=20 > + (PcdGet32(PcdTcgPfpMeasurementRevision) >=3D > TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105)) { >=20 > + ZeroMem (&FvBlob2, sizeof(FvBlob2)); >=20 > + ZeroMem (&UPDBlob2, sizeof(UPDBlob2)); >=20 The same as patch3&4, I think it's not necessary to clear the data in advance. > + if (Description !=3D NULL) { >=20 > + AsciiSPrint((CHAR8*)FvBlob2.BlobDescription, > sizeof(FvBlob2.BlobDescription), "%a", Description); >=20 > + AsciiSPrint((CHAR8*)UPDBlob2.BlobDescription, > sizeof(UPDBlob2.BlobDescription), "%aUDP", Description); >=20 > + } else { >=20 > + AsciiSPrint((CHAR8*)FvBlob2.BlobDescription, > sizeof(FvBlob2.BlobDescription), "Fv(%g)", FvName); >=20 > + AsciiSPrint((CHAR8*)UPDBlob2.BlobDescription, > sizeof(UPDBlob2.BlobDescription), "(%g)UDP", FvName); >=20 > + } >=20 > + >=20 > + FvBlob2.BlobDescriptionSize =3D sizeof(FvBlob2.BlobDescription); >=20 > + FvBlob2.BlobBase =3D FirmwareBlobBase; >=20 > + FvBlob2.BlobLength =3D FirmwareBlobLength; >=20 > + FvEventType =3D EV_EFI_PLATFORM_FIRMWARE_BLOB2; >=20 > + FvEventLog =3D &FvBlob2; >=20 > + FvEventLogSize =3D sizeof(FvBlob2); >=20 > + >=20 > + UPDBlob2.BlobDescriptionSize =3D sizeof(UPDBlob2.BlobDescription); >=20 > + UPDBlob2.BlobBase =3D CfgRegionOffset; >=20 > + UPDBlob2.BlobLength =3D CfgRegionSize; >=20 > + UPDEventLog =3D &UPDBlob2; >=20 > + UPDEventLogSize =3D sizeof(UPDBlob2); >=20 > + } else { >=20 > + FvBlob.BlobBase =3D FirmwareBlobBase; >=20 > + FvBlob.BlobLength =3D FirmwareBlobLength; >=20 > + FvEventType =3D EV_EFI_PLATFORM_FIRMWARE_BLOB; >=20 > + FvEventLog =3D &FvBlob; >=20 > + FvEventLogSize =3D sizeof(FvBlob); >=20 > + >=20 > + UPDBlob.BlobBase =3D CfgRegionOffset; >=20 > + UPDBlob.BlobLength =3D CfgRegionSize; >=20 > + UPDEventLog =3D &UPDBlob; >=20 > + UPDEventLogSize =3D sizeof(UPDBlob); >=20 > + } >=20 > + >=20 > + // Initialize a SHA hash context. >=20 > + Status =3D HashStart (&HashHandle); >=20 > + if (EFI_ERROR (Status)) { >=20 > + DEBUG ((DEBUG_ERROR, "HashStart failed - %r\n", Status)); >=20 > + return Status; >=20 > + } >=20 > + >=20 > + // Hash FSP binary before UDP >=20 > + HashBase =3D (UINT8 *) (UINTN) FirmwareBlobBase; >=20 > + HashSize =3D (UINTN) CfgRegionOffset; >=20 > + Status =3D HashUpdate (HashHandle, HashBase, HashSize); >=20 > + if (EFI_ERROR (Status)) { >=20 > + DEBUG ((DEBUG_ERROR, "HashUpdate failed - %r\n", Status)); >=20 > + return Status; >=20 > + } >=20 > + >=20 > + // Hash FSP binary after UDP >=20 > + HashBase =3D (UINT8 *) (UINTN) FirmwareBlobBase + CfgRegionOffset + > CfgRegionSize; >=20 > + HashSize =3D (UINTN)(FirmwareBlobLength - CfgRegionOffset - CfgRegionS= ize); >=20 > + Status =3D HashUpdate (HashHandle, HashBase, HashSize); >=20 > + if (EFI_ERROR (Status)) { >=20 > + DEBUG ((DEBUG_ERROR, "HashUpdate failed - %r\n", Status)); >=20 > + return Status; >=20 > + } >=20 > + >=20 > + // Finalize the SHA hash. >=20 > + Status =3D HashCompleteAndExtend (HashHandle, 0, NULL, 0, &DigestList)= ; >=20 > + if (EFI_ERROR (Status)) { >=20 > + DEBUG ((DEBUG_ERROR, "HashCompleteAndExtend failed - %r\n", Status))= ; >=20 > + return Status; >=20 > + } >=20 > + >=20 > + Status =3D TpmMeasureAndLogDataWithFlags ( >=20 > + 0, >=20 > + FvEventType, >=20 > + FvEventLog, >=20 > + FvEventLogSize, >=20 > + (UINT8 *) &DigestList, >=20 > + (UINTN) sizeof(DigestList), >=20 > + EDKII_TCG_PRE_HASH_LOG_ONLY >=20 > + ); >=20 > + >=20 > + Status =3D TpmMeasureAndLogData ( >=20 > + 1, >=20 > + EV_PLATFORM_CONFIG_FLAGS, >=20 > + UPDEventLog, >=20 > + UPDEventLogSize, >=20 > + (UINT8 *) (UINTN) FirmwareBlobBase + CfgRegionOffset, >=20 > + CfgRegionSize >=20 > + ); >=20 > + >=20 > + return Status; >=20 > +} >=20 > + >=20 > +FSP_INFO_HEADER * >=20 > +EFIAPI >=20 > +mFspFindFspHeader ( >=20 > + IN EFI_PHYSICAL_ADDRESS FlashFvFspBase >=20 > + ) >=20 > +{ >=20 > + UINT8 *CheckPointer; >=20 > + >=20 > + CheckPointer =3D (UINT8 *) (UINTN) FlashFvFspBase; >=20 > + >=20 > + if (((EFI_FIRMWARE_VOLUME_HEADER *)CheckPointer)->Signature !=3D > EFI_FVH_SIGNATURE) { >=20 > + return NULL; >=20 > + } >=20 > + >=20 > + if (((EFI_FIRMWARE_VOLUME_HEADER *)CheckPointer)->ExtHeaderOffset !=3D > 0) { >=20 > + CheckPointer =3D CheckPointer + ((EFI_FIRMWARE_VOLUME_HEADER > *)CheckPointer)->ExtHeaderOffset; >=20 > + CheckPointer =3D CheckPointer + ((EFI_FIRMWARE_VOLUME_EXT_HEADER > *)CheckPointer)->ExtHeaderSize; >=20 > + CheckPointer =3D (UINT8 *) ALIGN_POINTER (CheckPointer, 8); >=20 > + } else { >=20 > + CheckPointer =3D CheckPointer + ((EFI_FIRMWARE_VOLUME_HEADER > *)CheckPointer)->HeaderLength; >=20 > + } >=20 > + >=20 > + >=20 > + CheckPointer =3D CheckPointer + sizeof (EFI_FFS_FILE_HEADER); >=20 > + >=20 > + if (((EFI_RAW_SECTION *)CheckPointer)->Type !=3D EFI_SECTION_RAW) { >=20 > + return NULL; >=20 > + } >=20 > + >=20 > + CheckPointer =3D CheckPointer + sizeof (EFI_RAW_SECTION); >=20 > + >=20 > + return (FSP_INFO_HEADER *)CheckPointer; >=20 > +} >=20 > +/** >=20 > + Mesure a FSP FirmwareBlob. 'Mesure' -> ' Measure' >=20 > + >=20 > + @param[in] PcrIndex PCR Index. >=20 > + @param[in] Descrption Description for this FirmwareBlob. >=20 > + @param[in] FirmwareBlobBase Base address of this FirmwareBlob. >=20 > + @param[in] FirmwareBlobLength Size in bytes of this FirmwareBlob= . >=20 > + >=20 > + @retval EFI_SUCCESS Operation completed successfully. >=20 > + @retval EFI_UNSUPPORTED TPM device not available. >=20 > + @retval EFI_OUT_OF_RESOURCES Out of memory. >=20 > + @retval EFI_DEVICE_ERROR The operation was unsuccessful. >=20 > +*/ >=20 > +EFI_STATUS >=20 > +EFIAPI >=20 > +MeasureFspFirmwareBlob ( >=20 > + IN UINT32 PcrIndex, >=20 > + IN CHAR8 *Description OPTIONAL, >=20 > + IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase, >=20 > + IN UINT64 FirmwareBlobLength >=20 > + ) >=20 > +{ >=20 > + UINT32 FspMeasureMask; >=20 > + FSP_INFO_HEADER *FspHeaderPtr; >=20 > + >=20 > + FspMeasureMask =3D PcdGet32 (PcdFspMeasurementConfig); >=20 > + if (FspMeasureMask & FSP_MEASURE_FSPUPD) { >=20 > + FspHeaderPtr =3D (FSP_INFO_HEADER *) mFspFindFspHeader > (FirmwareBlobBase); >=20 > + if (FspHeaderPtr =3D=3D NULL) { >=20 > + return MeasureFirmwareBlob (PcrIndex, Description, FirmwareBlobBas= e, > FirmwareBlobLength);; >=20 > + } >=20 > + return MeasureFspFirmwareBlobWithCfg(Description, FirmwareBlobBase, > FirmwareBlobLength, >=20 > + FspHeaderPtr->CfgRegionOffset, = FspHeaderPtr- > >CfgRegionSize); >=20 > + } else { >=20 > + return MeasureFirmwareBlob (PcrIndex, Description, FirmwareBlobBase, > FirmwareBlobLength); >=20 > + } >=20 > +} >=20 > + >=20 > -- > 2.26.2.windows.1 >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this group. >=20 > View/Reply Online (#63757): https://edk2.groups.io/g/devel/message/63757 > Mute This Topic: https://groups.io/mt/76019588/1768734 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub [jian.j.wang@intel.com= ] > -=3D-=3D-=3D-=3D-=3D-=3D