MdePkg: Add TCG PFP 1.06 support.

Add support for
TCG PC Client Platform Firmware Profile Specification 1.06.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>

Signed-off-by: Wenxing Hou <wenxing.hou@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
This commit is contained in:
Wenxing Hou 2024-04-18 17:28:11 +08:00 committed by mergify[bot]
parent 338fd26b8f
commit 5f391c6606
2 changed files with 187 additions and 3 deletions

View File

@ -1302,7 +1302,9 @@ typedef struct {
#define SPDM_ST1_VALUE_US 100000
///
/// id-DMTF 1.3.6.1.4.1.412
/// id-DMTF 1.3.6.1.4.1.412.
/// These OID are defiend in ANNEX C (informative) OID reference section from the DMTF SPDM spec.
/// https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_1.2.2.pdf
///
#define SPDM_OID_DMTF \
{0x2B, 0x06, 0x01, 0x04, 0x01, 0x83, 0x1C }

View File

@ -1,8 +1,8 @@
/** @file
TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final and
TCG PC Client Platform Firmware Profile Specification, Revision 1.05
TCG PC Client Platform Firmware Profile Specification, Revision 1.06
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@ -53,6 +53,18 @@
#define EV_EFI_VARIABLE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE0)
#define EV_EFI_SPDM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 0xE1)
#define EV_EFI_SPDM_FIRMWARE_CONFIG (EV_EFI_EVENT_BASE + 0xE2)
#define EV_EFI_SPDM_DEVICE_BLOB EV_EFI_SPDM_FIRMWARE_BLOB
#define EV_EFI_SPDM_DEVICE_CONFIG EV_EFI_SPDM_FIRMWARE_CONFIG
//
// The SPDM policy database for SPDM verification.
// It goes to PCR7
//
#define EV_EFI_SPDM_DEVICE_POLICY (EV_EFI_EVENT_BASE + 0xE3)
//
// The SPDM policy authority for SPDM verification for the signature
// of GET_MEASUREMENT or CHALLENGE_AUTH. It goes to PCR7.
//
#define EV_EFI_SPDM_DEVICE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE4)
#define EFI_CALLING_EFI_APPLICATION \
"Calling EFI Application from Boot Option"
@ -374,6 +386,7 @@ typedef struct {
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2 0
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2 0
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105 105
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_106 106
typedef struct {
UINT8 signature[16];
@ -492,4 +505,173 @@ typedef struct tdTCG_EfiStartupLocalityEvent {
//
#pragma pack ()
//
// ======================================================================================================================
// Event Type PCR Event Log Usage
// ======================================================================================================================
// EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device
// EV_EFI_SPDM_DEVICE_CONFIG 3 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device
// EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_SUMMARY_HASH.TCB (subtype) SUMMARY_HASH from device
// EV_EFI_SPDM_DEVICE_POLICY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_LIST Provisioned device public cert.
// EV_EFI_SPDM_DEVICE_AUTHORITY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_DATA CHALLENGE_AUTH signature verification
// ======================================================================================================================
//
#define PCR_INDEX_FOR_SIGNATURE_DB 7
#pragma pack(1)
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_1 1
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_2 2
#define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE_2 "SPDM Device Sec2"
typedef struct {
UINT8 Signature[16];
UINT16 Version;
UINT8 AuthState;
UINT8 Reserved;
UINT32 Length; // Length in bytes for all following structures.
UINT32 DeviceType;
UINT32 SubHeaderType;
UINT32 SubHeaderLength; // Length in bytes of the sub header followed by.
UINT64 SubHeaderUID; // Universal identifier assigned by the event log creator. It can be used to bind two sub header structure together.
// UINT64 DevicePathLength;
// UINT8 DevicePath[DevicePathLength];
} TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2;
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_SUCCESS 0
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_AUTH 1
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_BINDING 2
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_NO_SIG 3
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_INVALID 4
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_SPDM 0xFF
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_MEASUREMENT_BLOCK 0
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_CERT_CHAIN 1
typedef struct {
UINT16 SpdmVersion;
UINT8 SpdmMeasurementBlockCount;
UINT8 Reserved;
UINT32 SpdmMeasurementHashAlgo;
// SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK;
typedef struct {
UINT16 SpdmVersion;
UINT8 SpdmSlotId;
UINT8 Reserved;
UINT32 SpdmHashAlgo;
// SPDM_CERT_CHAIN SpdmCertChain;
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN;
typedef struct {
UINT32 Type;
UINT32 Length;
UINT8 Value[1];
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT;
typedef union {
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN SpdmCertChain;
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT OemMeasurement;
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER;
typedef union {
TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT Pci;
TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT Usb;
} TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;
typedef struct {
TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
} TCG_DEVICE_SECURITY_EVENT_DATA2;
#pragma pack()
//
// EventType:EV_NO_ACTION
// ======================================================================================================================
// NVIndex Name PCR/NvIndex Event Log Usage
// ======================================================================================================================
// NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200 NV_INDEX_INSTANCE_EVENT_LOG_STRUCT NV Extend Record for instance data (CertChain)
// NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201 NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT NV Extend Record for dynamic data (Nonce)
// EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ExitPmAuth
// EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ReadyToBoot
// ======================================================================================================================
//
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203
#pragma pack(1)
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE_SIGNATURE "NvIndexInstance"
#define TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT_VERSION 1
typedef struct {
UINT8 Signature[16];
UINT16 Version;
UINT8 Reserved[6];
// TCG_DEVICE_SECURITY_EVENT_DATA2 Data;
} TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT;
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC_SIGNATURE "NvIndexDynamic "
#define TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_VERSION 1
#define TCG_SPDM_CHALLENGE_DESCRIPTION "SPDM CHALLENGE"
#define TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION "SPDM CHALLENGE_AUTH"
#define TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION "SPDM GET_MEASUREMENTS"
#define TCG_SPDM_MEASUREMENTS_DESCRIPTION "SPDM MEASUREMENTS"
typedef struct {
UINT8 Signature[16];
UINT16 Version;
UINT8 Reserved[6];
UINT64 Uid;
// UINT16 DescriptionSize;
// UINT8 Description[DescriptionSize];
// UINT16 DataSize;
// UINT8 Data[DataSize];
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT;
typedef struct {
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
UINT16 DescriptionSize;
UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_DESCRIPTION)];
UINT16 DataSize;
UINT8 Data[32];
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE;
typedef struct {
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
UINT16 DescriptionSize;
UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION)];
UINT16 DataSize;
UINT8 Data[32];
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE_AUTH;
typedef struct {
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
UINT16 DescriptionSize;
UINT8 Description[sizeof (TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION)];
UINT16 DataSize;
UINT8 Data[32];
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_GET_MEASUREMENTS;
typedef struct {
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
UINT16 DescriptionSize;
UINT8 Description[sizeof (TCG_SPDM_MEASUREMENTS_DESCRIPTION)];
UINT16 DataSize;
UINT8 Data[32];
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_MEASUREMENTS;
#pragma pack()
#endif