From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web11.7440.1597200992599125708 for ; Tue, 11 Aug 2020 19:56:32 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=LBl3sQB3; spf=pass (domain: intel.com, ip: 134.134.136.20, mailfrom: jian.j.wang@intel.com) IronPort-SDR: VkSJmEs3dGo1mE5RkKBUHWMNKu+QQuW64wt3X1WElzdvB5f8RMBdeK6Ab5nPse9+Q1Z34b5seR tRbMHPKdG0aQ== X-IronPort-AV: E=McAfee;i="6000,8403,9710"; a="141716914" X-IronPort-AV: E=Sophos;i="5.76,302,1592895600"; d="scan'208";a="141716914" X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 11 Aug 2020 19:56:31 -0700 IronPort-SDR: PTmQKFzUPW3aNvNQNOtx8aai8I7ncL09LF+5LBNphqXgsYdFcXTHUlz8vkjQZ8Oyu/uUfDvcH6 wbDqx6kIApWQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.76,302,1592895600"; d="scan'208";a="334774957" Received: from unknown (HELO fmsmsx605.amr.corp.intel.com) ([10.18.84.215]) by orsmga007.jf.intel.com with ESMTP; 11 Aug 2020 19:56:31 -0700 Received: from fmsmsx605.amr.corp.intel.com (10.18.126.85) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.1713.5; Tue, 11 Aug 2020 19:56:27 -0700 Received: from fmsmsx157.amr.corp.intel.com (10.18.116.73) by fmsmsx605.amr.corp.intel.com (10.18.126.85) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256) id 15.1.1713.5 via Frontend Transport; Tue, 11 Aug 2020 19:56:27 -0700 Received: from FMSEDG002.ED.cps.intel.com (10.1.192.134) by FMSMSX157.amr.corp.intel.com (10.18.116.73) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 11 Aug 2020 19:56:26 -0700 Received: from NAM12-DM6-obe.outbound.protection.outlook.com (104.47.59.169) by edgegateway.intel.com (192.55.55.69) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 11 Aug 2020 19:56:27 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=lLDTuT5+KDPSWvmJNtxDWfhWT1KDsZYuK130o+qoFBAiQGHek52Sr+TQI5CbKdP6yM/S39TQu9CevsZTOoMTmTj0VnaZDeM4D/Pntv9qsKKqXumvWdJ0KB4cp4MVMF04KBDKRg2l34yJxgi88FcpwBojdwYVwOGIAoVvt7A7r6XFGclsqSBMJTE0hVv8jToSZz31V9EYn3qTvPqkxgnTwIX5c1mGohjmvgriVkRBkCwthYccvl2r4WogrJsuu6AQ+J15KR8cRdO6KtYsseTNN75P87WZVqTgHlXl5FYrII0YJZ2pL0XYqCARyzyyy4nH/TMm0lvNXMpZi9QEYGoXog== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVNe9KYKl+MrNugIod3WacTP5wHonC57+gQpBjYGqxY=; b=PXvNvvn+sTzTB7tEcyw3Ad+7GQVoKOcp1EYEkP0L9RuPiXExZNemRGZJA4nVkJnuKT9P7qn7KfA0tKQvSbe+jjgDjPFHpVjLtoJAKdkAzfnBjY0dqxKWbLcsJUinX2GK4TgKm1tXQ2tz2YE+JIUFsW1FW1I5v8bi3qrlU2aTGGCit4pnkornTKd+xIVA2AeKM/1bA55ts05tGDivbE6htov7LskfsWxkc5EjH6tKBeXHAiKFuZd4Sif9a6FAfF/vaAaFXTHpVOjzmR2lqDvxEMNh0AOSUWS5KKmz9PegkDxMUkWEaJqBBBsmrYust/ertgs7hcAg95y/jdmMYyYr1A== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kVNe9KYKl+MrNugIod3WacTP5wHonC57+gQpBjYGqxY=; b=LBl3sQB3nBoV2jwMlcsnBu+CPrsVW/vuhW9uH22rfdi6O8Bv5Vvl2Icwwl9GqqUSUfpWE6FhH6CMXu0IpuXXJ5B3zgUQdI8uMvv+Z8Upw+1rzToKeg1naeFybuRHYn4HDmHd+m5QWdO3BNRF45+DXUI8R5+CYBU2QvbmQ1/eMF0= Received: from SN6PR11MB3312.namprd11.prod.outlook.com (2603:10b6:805:c8::14) by SN6PR11MB2910.namprd11.prod.outlook.com (2603:10b6:805:da::29) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.15; Wed, 12 Aug 2020 02:56:26 +0000 Received: from SN6PR11MB3312.namprd11.prod.outlook.com ([fe80::bc48:4db0:9666:124e]) by SN6PR11MB3312.namprd11.prod.outlook.com ([fe80::bc48:4db0:9666:124e%7]) with mapi id 15.20.3261.024; Wed, 12 Aug 2020 02:56:26 +0000 From: "Wang, Jian J" To: "Zhang, Qi1" , "devel@edk2.groups.io" CC: "Yao, Jiewen" , "Kumar, Rahul1" Subject: Re: [PATCH v2 9/9] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY Thread-Topic: [PATCH v2 9/9] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY Thread-Index: AQHWa4lTGQo0vxmEI0q8dSqyD+OUmakz0Ttg Date: Wed, 12 Aug 2020 02:56:25 +0000 Message-ID: References: <20200806003342.17866-1-qi1.zhang@intel.com> <20200806003342.17866-10-qi1.zhang@intel.com> In-Reply-To: <20200806003342.17866-10-qi1.zhang@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiN2IwMTI1YmYtN2M2NC00MmUxLTg0NjktZGI3YjkyMTAyYTY5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjEwLjE4MDQuNDkiLCJUcnVzdGVkTGFiZWxIYXNoIjoiRHhHRWZNdXJ1K2FQMTc2RlU2bzdIVkFJckJwdVdmdzJIMlpHOFwvanlWcE9WSklSdlhDeDVWc01QZWFYYkRMc2cifQ== dlp-reaction: no-action dlp-version: 11.5.1.3 dlp-product: dlpe-windows x-ctpclassification: CTP_NT authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.198.147.203] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 4449d3ce-6393-44c9-0af6-08d83e6b4dd2 x-ms-traffictypediagnostic: SN6PR11MB2910: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:459; x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: bEHfRtcEcKmkcenqoCyGeY1fzXxCyuapkxNBr/EWMH/aKvysZNO5AeS0fwyMXq9uSWWU3y5e3hamVLr/FvTXeM+MAkSgmsjRNwp2V+eNquskEdsW+LHiss4BGJoO7owDQPL6aP03aNWqu2DHvDA+YFAPiTITPFf/KMsVgB3fNKQyLK5sAcExYDHhTS9JoJuHdt1fCfQADTDjdI1v3iDx/EhdzRT/01RhNDWiDOV6OghYFLEJj1wG+3yY9FlzETaGgTV225fDgRFtGX6BAZNX4sfYLRkfeR6rBHwaKvOqqATLjYFrFV/YljRzcb/OmQsHukxzUVfWbJWGe6x07H5VC0w5uWjapDUfb/CXBh/O8/RK29vdBWnX8yVN7HyYHqvObekesOo68a58/eVdzoMzUw== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:SN6PR11MB3312.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(4636009)(366004)(376002)(39860400002)(136003)(396003)(346002)(66446008)(9686003)(110136005)(54906003)(26005)(186003)(19627235002)(316002)(8676002)(52536014)(71200400001)(2906002)(478600001)(53546011)(66946007)(107886003)(86362001)(7696005)(66476007)(66556008)(64756008)(55016002)(5660300002)(8936002)(15650500001)(83380400001)(33656002)(76116006)(6506007)(4326008)(966005);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: du0NjJMqO50R3jrhvRWsZIt3YFdgOVJqeY0ejSYuq9BGkPsWwUpuKrfny3hxloGpwf8XmZazALIcQuFULctC7jaYexTIUSTS+9LuaEF04Om3Ve4eGdPEUMzI31ZOK7fywRiDmzK4mrTeSD2sGrnDZBH4JSIIg6I/YgVm+2w7HiSj8eJseDB2RSIFwp0MRvHrN6yKqQM7nVl86ovh84mIYVCA6EV9jQjNbDjNShcsitB7e8HZJ5mFyV4kUBysO734lGiOiOmbkr8ad3X0S9UMKkUr7u3gzGznCyJEG2LOzFLkyVts1OXFHOnlfzLUSEhltxigE+BrMmJ3twWXQBHYVWGNeJKG5UrUXfmtaAXLFiFn2FRykwkfbFUkUZCUH4Ld0KQ2NmkehEqne2MLqrm9EkL2F5jmdZRBrPPReQbjEvRdi8YQnokG6LC4fhp7nlWpokd/0zExExBXkNiM57Eop5QMR0ChBOVdAGG84KO3Riddmlqf2wSlmtP+i2d7sdYuVaXpQpECg0v0nyepzRzpDBQBN9BYkC5qRKK/mH3bxdx3QtHWVbb/2g6poEf4RMKVz/lJuz4Gzj2vSCpzLULss/NagY19zNWoQ3P9k2p+KQ1c5U4lj4UBMf7OUt7lyDPbl/Zm+S3xhnmrYZXyESJJSQ== MIME-Version: 1.0 X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: SN6PR11MB3312.namprd11.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 4449d3ce-6393-44c9-0af6-08d83e6b4dd2 X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Aug 2020 02:56:25.9629 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: EfX7HZ9qIFR4Zop6B195FC8mAZskh0nLnBdzzZs8Xib/NzhkR3vBXghx8JWSaXqD8jvPf4146P89KJJbsw4Olw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SN6PR11MB2910 Return-Path: jian.j.wang@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jian J Wang Regards, Jian > -----Original Message----- > From: Zhang, Qi1 > Sent: Thursday, August 06, 2020 8:34 AM > To: devel@edk2.groups.io > Cc: Zhang, Qi1 ; Yao, Jiewen ; > Wang, Jian J ; Kumar, Rahul1 > Subject: [PATCH v2 9/9] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2376 >=20 > Cc: Jiewen Yao > Cc: Jian J Wang > Cc: Qi Zhang > Cc: Rahul Kumar > Signed-off-by: Qi Zhang > --- > SecurityPkg/Include/Ppi/Tcg.h | 5 +++++ > SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 +++++++----- > 2 files changed, 12 insertions(+), 5 deletions(-) >=20 > diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.= h > index 0e943f2465..22f47f9817 100644 > --- a/SecurityPkg/Include/Ppi/Tcg.h > +++ b/SecurityPkg/Include/Ppi/Tcg.h > @@ -18,6 +18,11 @@ typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI; > // >=20 > #define EDKII_TCG_PRE_HASH 0x0000000000000001 >=20 >=20 >=20 > +// >=20 > +// This bit is shall be set when HashData is the pre-hash digest and log= only. >=20 > +// >=20 > +#define EDKII_TCG_PRE_HASH_LOG_ONLY 0x0000000000000002 >=20 > + >=20 > /** >=20 > Tpm measure and log data, and extend the measurement result into a spe= cific > PCR. >=20 >=20 >=20 > diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > index 246968bb7f..b56b03746c 100644 > --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c > @@ -453,13 +453,15 @@ HashLogExtendEvent ( > return EFI_DEVICE_ERROR; >=20 > } >=20 >=20 >=20 > - if(Flags & EDKII_TCG_PRE_HASH) { >=20 > + if ((Flags & EDKII_TCG_PRE_HASH) || (Flags & > EDKII_TCG_PRE_HASH_LOG_ONLY)) { >=20 > ZeroMem (&DigestList, sizeof(DigestList)); >=20 > CopyMem (&DigestList, HashData, sizeof(DigestList)); >=20 > - Status =3D Tpm2PcrExtend ( >=20 > - 0, >=20 > - &DigestList >=20 > - ); >=20 > + if (Flags & EDKII_TCG_PRE_HASH) { >=20 > + Status =3D Tpm2PcrExtend ( >=20 > + NewEventHdr->PCRIndex, >=20 > + &DigestList >=20 > + ); >=20 > + } >=20 > } else { >=20 > Status =3D HashAndExtend ( >=20 > NewEventHdr->PCRIndex, >=20 > -- > 2.26.2.windows.1