public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: "Min Xu" <min.m.xu@intel.com>
To: devel@edk2.groups.io
Cc: Min Xu <min.m.xu@intel.com>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Zhiguang Liu <zhiguang.liu@intel.com>,
	Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Sami Mujawar <sami.mujawar@arm.com>,
	Gerd Hoffmann <kraxel@redhat.com>
Subject: [PATCH V7 3/3] SecurityPkg: Support CcMeasurementProtocol in DxeTpmMeasurementLib
Date: Sat, 11 Dec 2021 21:08:42 +0800	[thread overview]
Message-ID: <a621c4df2c0d032e639b617017448f26bf1bc3a4.1639225842.git.min.m.xu@intel.com> (raw)
In-Reply-To: <cover.1639225842.git.min.m.xu@intel.com>

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625

DxeTpmMeasurementLib supports TPM based measurement in DXE phase.
After CcMeasurementProtocol is introduced, CC based measurement needs
to be supported in DxeTpmMeasurementLib as well.

A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed.

In this library when do measurement only one of above 3 protocols will
be called.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
---
 .../DxeTpmMeasurementLib.c                    | 122 +++++++++++++++---
 .../DxeTpmMeasurementLib.inf                  |   9 +-
 2 files changed, 111 insertions(+), 20 deletions(-)

diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
index d014ea4aec08..6f287b31fc77 100644
--- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
+++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
@@ -1,5 +1,6 @@
 /** @file
-  This library is used by other modules to measure data to TPM.
+  This library is used by other modules to measure data to TPM and Confidential
+  Computing (CC) measure registers.
 
 Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved. <BR>
 SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -19,6 +20,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 
 #include <Guid/Acpi.h>
 #include <IndustryStandard/Acpi.h>
+#include <Protocol/CcMeasurement.h>
 
 /**
   Tpm12 measure and log data, and extend the measurement result into a specific PCR.
@@ -35,6 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.
 **/
+STATIC
 EFI_STATUS
 Tpm12MeasureAndLogData (
   IN UINT32  PcrIndex,
@@ -101,6 +104,7 @@ Tpm12MeasureAndLogData (
   @retval EFI_OUT_OF_RESOURCES  Out of memory.
   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.
 **/
+STATIC
 EFI_STATUS
 Tpm20MeasureAndLogData (
   IN UINT32  PcrIndex,
@@ -147,6 +151,73 @@ Tpm20MeasureAndLogData (
   return Status;
 }
 
+/**
+  Cc measure and log data, and extend the measurement result into a
+  specific CC MR.
+
+  @param[in]  CcProtocol       Instance of CC measurement protocol
+  @param[in]  PcrIndex         PCR Index.
+  @param[in]  EventType        Event type.
+  @param[in]  EventLog         Measurement event log.
+  @param[in]  LogLen           Event log length in bytes.
+  @param[in]  HashData         The start of the data buffer to be hashed, extended.
+  @param[in]  HashDataLen      The length, in bytes, of the buffer referenced by HashData
+
+  @retval EFI_SUCCESS           Operation completed successfully.
+  @retval EFI_UNSUPPORTED       CC guest not available.
+  @retval EFI_OUT_OF_RESOURCES  Out of memory.
+  @retval EFI_DEVICE_ERROR      The operation was unsuccessful.
+  @retval EFI_INVALID_PARAMETER The input parameter is invalid.
+**/
+STATIC
+EFI_STATUS
+CcMeasureAndLogData (
+  IN EFI_CC_MEASUREMENT_PROTOCOL  *CcProtocol,
+  IN UINT32                       PcrIndex,
+  IN UINT32                       EventType,
+  IN VOID                         *EventLog,
+  IN UINT32                       LogLen,
+  IN VOID                         *HashData,
+  IN UINT64                       HashDataLen
+  )
+{
+  EFI_STATUS       Status;
+  EFI_CC_EVENT     *EfiCcEvent;
+  EFI_CC_MR_INDEX  MrIndex;
+
+  if (CcProtocol == NULL) {
+    return EFI_INVALID_PARAMETER;
+  }
+
+  Status = CcProtocol->MapPcrToMrIndex (CcProtocol, PcrIndex, &MrIndex);
+  if (EFI_ERROR (Status)) {
+    return Status;
+  }
+
+  EfiCcEvent = (EFI_CC_EVENT *)AllocateZeroPool (LogLen + sizeof (EFI_CC_EVENT));
+  if (EfiCcEvent == NULL) {
+    return EFI_OUT_OF_RESOURCES;
+  }
+
+  EfiCcEvent->Size                 = (UINT32)LogLen + sizeof (EFI_CC_EVENT) - sizeof (EfiCcEvent->Event);
+  EfiCcEvent->Header.HeaderSize    = sizeof (EFI_CC_EVENT_HEADER);
+  EfiCcEvent->Header.HeaderVersion = EFI_CC_EVENT_HEADER_VERSION;
+  EfiCcEvent->Header.MrIndex       = MrIndex;
+  EfiCcEvent->Header.EventType     = EventType;
+  CopyMem (&EfiCcEvent->Event[0], EventLog, LogLen);
+
+  Status = CcProtocol->HashLogExtendEvent (
+                         CcProtocol,
+                         0,
+                         (EFI_PHYSICAL_ADDRESS)(UINTN)HashData,
+                         HashDataLen,
+                         EfiCcEvent
+                         );
+  FreePool (EfiCcEvent);
+
+  return Status;
+}
+
 /**
   Tpm measure and log data, and extend the measurement result into a specific PCR.
 
@@ -173,25 +244,16 @@ TpmMeasureAndLogData (
   IN UINT64  HashDataLen
   )
 {
-  EFI_STATUS  Status;
+  EFI_STATUS                   Status;
+  EFI_CC_MEASUREMENT_PROTOCOL  *CcProtocol;
 
-  //
-  // Try to measure using Tpm20 protocol
-  //
-  Status = Tpm20MeasureAndLogData (
-             PcrIndex,
-             EventType,
-             EventLog,
-             LogLen,
-             HashData,
-             HashDataLen
-             );
-
-  if (EFI_ERROR (Status)) {
+  Status = gBS->LocateProtocol (&gEfiCcMeasurementProtocolGuid, NULL, (VOID **)&CcProtocol);
+  if (!EFI_ERROR (Status)) {
     //
-    // Try to measure using Tpm1.2 protocol
+    // Try to measure using Cc measurement protocol
     //
-    Status = Tpm12MeasureAndLogData (
+    Status = CcMeasureAndLogData (
+               CcProtocol,
                PcrIndex,
                EventType,
                EventLog,
@@ -199,6 +261,32 @@ TpmMeasureAndLogData (
                HashData,
                HashDataLen
                );
+  } else {
+    //
+    // Try to measure using Tpm20 protocol
+    //
+    Status = Tpm20MeasureAndLogData (
+               PcrIndex,
+               EventType,
+               EventLog,
+               LogLen,
+               HashData,
+               HashDataLen
+               );
+
+    if (EFI_ERROR (Status)) {
+      //
+      // Try to measure using Tpm1.2 protocol
+      //
+      Status = Tpm12MeasureAndLogData (
+                 PcrIndex,
+                 EventType,
+                 EventLog,
+                 LogLen,
+                 HashData,
+                 HashDataLen
+                 );
+    }
   }
 
   return Status;
diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
index 7d41bc41f95d..3af3d4e33b25 100644
--- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
+++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
@@ -1,5 +1,7 @@
 ## @file
-#  Provides TPM measurement functions for TPM1.2 and TPM 2.0
+#  Provides below measurement functions:
+#    1. TPM measurement functions for TPM1.2 and TPM 2.0
+#    2. Confidential Computing (CC) measurement functions
 #
 #  This library provides TpmMeasureAndLogData() to measure and log data, and
 #  extend the measurement result into a specific PCR.
@@ -40,5 +42,6 @@
   UefiBootServicesTableLib
 
 [Protocols]
-  gEfiTcgProtocolGuid           ## SOMETIMES_CONSUMES
-  gEfiTcg2ProtocolGuid          ## SOMETIMES_CONSUMES
+  gEfiTcgProtocolGuid               ## SOMETIMES_CONSUMES
+  gEfiTcg2ProtocolGuid              ## SOMETIMES_CONSUMES
+  gEfiCcMeasurementProtocolGuid     ## SOMETIMES_CONSUMES
-- 
2.29.2.windows.2


  parent reply	other threads:[~2021-12-11 13:09 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-12-11 13:08 [PATCH V7 0/3] Introduce CcMeasurementProtocol into EDK2 Min Xu
2021-12-11 13:08 ` [PATCH V7 1/3] MdePkg: Introduce CcMeasurementProtocol for CC Guest firmware Min Xu
2021-12-11 13:08 ` [PATCH V7 2/3] SecurityPkg: Support CcMeasurementProtocol in DxeTpm2MeasureBootLib Min Xu
2021-12-11 13:08 ` Min Xu [this message]
2021-12-11 13:45 ` [PATCH V7 0/3] Introduce CcMeasurementProtocol into EDK2 Yao, Jiewen
     [not found] ` <16BFB74A32C27317.32732@groups.io>
2021-12-12  0:29   ` [edk2-devel] " Yao, Jiewen
2021-12-13  9:28     ` Sami Mujawar

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=a621c4df2c0d032e639b617017448f26bf1bc3a4.1639225842.git.min.m.xu@intel.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox