From 547067dd8639dedddb0f6a82788eeb43f768969d Mon Sep 17 00:00:00 2001 From: Qi Zhang Date: Tue, 18 Aug 2020 14:26:17 +0800 Subject: [PATCH] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376 Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Qi Zhang Message-Id: <20200818062618.3698-8-qi1.zhang@intel.com> Reviewed-by: Jiewen Yao Reviewed-by: Jian J Wang --- SecurityPkg/Include/Ppi/Tcg.h | 5 +++++ SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 +++++++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.h index 0e943f2465..22f47f9817 100644 --- a/SecurityPkg/Include/Ppi/Tcg.h +++ b/SecurityPkg/Include/Ppi/Tcg.h @@ -18,6 +18,11 @@ typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI; // #define EDKII_TCG_PRE_HASH 0x0000000000000001 +// +// This bit is shall be set when HashData is the pre-hash digest and log only. +// +#define EDKII_TCG_PRE_HASH_LOG_ONLY 0x0000000000000002 + /** Tpm measure and log data, and extend the measurement result into a specific PCR. diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c index 246968bb7f..0e770f4485 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -453,13 +453,15 @@ HashLogExtendEvent ( return EFI_DEVICE_ERROR; } - if(Flags & EDKII_TCG_PRE_HASH) { + if ((Flags & EDKII_TCG_PRE_HASH) != 0 || (Flags & EDKII_TCG_PRE_HASH_LOG_ONLY) != 0) { ZeroMem (&DigestList, sizeof(DigestList)); CopyMem (&DigestList, HashData, sizeof(DigestList)); - Status = Tpm2PcrExtend ( - 0, - &DigestList - ); + if ((Flags & EDKII_TCG_PRE_HASH) !=0 ) { + Status = Tpm2PcrExtend ( + NewEventHdr->PCRIndex, + &DigestList + ); + } } else { Status = HashAndExtend ( NewEventHdr->PCRIndex,