tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg: Tcg2Dxe: Log Startup Locality Event 

Log Startup Locality Event according to TCG PC Client PFP 00.21.
Event should be placed before any extend to PCR[0]
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf

Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
This commit is contained in:
Zhang, Chao B 2017-01-22 12:47:51 +08:00
parent 223a99e524
commit 18458db1d4
4 changed files with 60 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
SecurityPkg/Include/Guid/TcgEventHob.h
View File

@ -3,7 +3,7 @@
a TPM DXE Driver. A GUIDed HOB is generated for each measurement
made in the PEI Phase.
Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -44,4 +44,15 @@ extern EFI_GUID gTcgEvent2EntryHobGuid;
extern EFI_GUID gTpmErrorHobGuid;
///
/// The Global ID of a GUIDed HOB used to record TPM2 Startup Locality.
/// HOB payload is UINT8 according to Startup Locality Event.
///
#define EFI_TPM2_STARTUP_LOCALITY_HOB_GUID \
{ \
0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 } \
}
extern EFI_GUID gTpm2StartupLocalityHobGuid;
#endif

4
SecurityPkg/SecurityPkg.dec
View File

@ -134,6 +134,10 @@
# Include/Guid/TcgEventHob.h
gTpmErrorHobGuid = { 0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 }}
## HOB GUID used to record TPM2 startup locality
## Include/Guid/TcgEventHob.h
gTpm2StartupLocalityHobGuid = { 0x397b0c9, 0x22e8, 0x459e, { 0xa4, 0xff, 0x99, 0xbc, 0x65, 0x27, 0x9, 0x29 }}
## HOB GUID used to pass all PEI measured FV info to DXE Driver.
# Include/Guid/MeasuredFvHob.h
gMeasuredFvHobGuid = { 0xb2360b42, 0x7173, 0x420a, { 0x86, 0x96, 0x46, 0xca, 0x6b, 0xab, 0x10, 0x60 }}

54
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
View File

@ -1381,11 +1381,12 @@ SetupEventLog (
UINT32 HashAlgorithmMaskCopied;
TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
UINT8 TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
TCG_PCR_EVENT_HDR FirstPcrEvent;
TCG_PCR_EVENT_HDR NoActionEvent;
TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
UINT8 *VendorInfoSize;
UINT32 NumberOfAlgorithms;
TCG_EfiStartupLocalityEvent StartupLocalityEvent;
DEBUG ((EFI_D_INFO, "SetupEventLog\n"));
@ -1468,24 +1469,53 @@ SetupEventLog (
VendorInfoSize = (UINT8 *)TempDigestSize;
*VendorInfoSize = 0;
//
// FirstPcrEvent
//
FirstPcrEvent.PCRIndex = 0;
FirstPcrEvent.EventType = EV_NO_ACTION;
ZeroMem (&FirstPcrEvent.Digest, sizeof(FirstPcrEvent.Digest));
FirstPcrEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
NoActionEvent.PCRIndex = 0;
NoActionEvent.EventType = EV_NO_ACTION;
ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
//
// Record
// Log TcgEfiSpecIdEventStruct as the first Event
// TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log
//
Status = TcgDxeLogEvent (
mTcg2EventInfo[Index].LogFormat,
&FirstPcrEvent,
sizeof(FirstPcrEvent),
&NoActionEvent,
sizeof(NoActionEvent),
(UINT8 *)TcgEfiSpecIdEventStruct,
FirstPcrEvent.EventSize
NoActionEvent.EventSize
);
//
// EfiStartupLocalityEvent
//
GuidHob.Guid = GetFirstGuidHob (&gTpm2StartupLocalityHobGuid);
if (GuidHob.Guid != NULL) {
//
// Get Locality Indicator from StartupLocality HOB
//
StartupLocalityEvent.StartupLocality = *(UINT8 *)(GET_GUID_HOB_DATA (GuidHob.Guid));
CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof(StartupLocalityEvent.Signature));
NoActionEvent.PCRIndex = 0;
NoActionEvent.EventType = EV_NO_ACTION;
ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
DEBUG ((DEBUG_INFO, "SetupEventLog: Set Locality from HOB into StartupLocalityEvent 0x%02x\n", StartupLocalityEvent.StartupLocality));
//
// Log EfiStartupLocalityEvent as the second Event
// TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
//
Status = TcgDxeLogEvent (
mTcg2EventInfo[Index].LogFormat,
&NoActionEvent,
sizeof(NoActionEvent),
(UINT8 *)&StartupLocalityEvent,
NoActionEvent.EventSize
);
}
}
}
}

3
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
View File

@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -80,6 +80,7 @@
gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_CONSUMES ## GUID # TPM device identifier
gTcgEvent2EntryHobGuid ## SOMETIMES_CONSUMES ## HOB
gTpm2StartupLocalityHobGuid ## SOMETIMES_CONSUMES ## HOB
[Protocols]
gEfiTcg2ProtocolGuid ## PRODUCES