tyler.durden/audk
1
0
Fork 0
mirror of https://github.com/acidanthera/audk.git synced 2025-09-24 10:17:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

IntelTdx: Fixed compilation and boot after switching to SecurePE loader.

Browse Source
This commit is contained in:
Mikhail Krichanov 2023-06-05 19:13:46 +03:00
parent d9bb10ae3b
commit 653d1195f1
8 changed files with 108 additions and 88 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
OvmfPkg/IntelTdx/IntelTdxX64.dsc
View File

@ -36,6 +36,9 @@
#
DEFINE BUILD_SHELL = TRUE
DEFINE LEGACY_WINDOWS_LOADER = FALSE
DEFINE LINUX_LOADER = FALSE
#
# Device drivers
#
@ -99,12 +102,6 @@
GCC:*_*_*_CC_FLAGS = -D SECURE_BOOT_FEATURE_ENABLED
!endif
[BuildOptions.common.EDKII.DXE_RUNTIME_DRIVER]
GCC:*_*_*_DLINK_FLAGS = -z common-page-size=0x1000
XCODE:*_*_*_DLINK_FLAGS = -seg1addr 0x1000 -segalign 0x1000
XCODE:*_*_*_MTOC_FLAGS = -align 0x1000
CLANGPDB:*_*_*_DLINK_FLAGS = /ALIGN:4096
################################################################################
#
# SKU Identification section - list of all SKU IDs supported by this Platform.
@ -134,7 +131,8 @@
SynchronizationLib|MdePkg/Library/BaseSynchronizationLib/BaseSynchronizationLib.inf
CpuLib|MdePkg/Library/BaseCpuLib/BaseCpuLib.inf
PerformanceLib|MdePkg/Library/BasePerformanceLibNull/BasePerformanceLibNull.inf
PeCoffLib|MdePkg/Library/BasePeCoffLib/BasePeCoffLib.inf
PeCoffLib2|MdePkg/Library/BasePeCoffLib2/BasePeCoffLib2.inf
UefiImageLib|MdePkg/Library/BaseUefiImageLib/BaseUefiImageLibPeCoff.inf
CacheMaintenanceLib|MdePkg/Library/BaseCacheMaintenanceLib/BaseCacheMaintenanceLib.inf
UefiDecompressLib|MdePkg/Library/BaseUefiDecompressLib/BaseUefiDecompressLib.inf
UefiHiiServicesLib|MdeModulePkg/Library/UefiHiiServicesLib/UefiHiiServicesLib.inf
@ -146,7 +144,6 @@
CapsuleLib|MdeModulePkg/Library/DxeCapsuleLibNull/DxeCapsuleLibNull.inf
DxeServicesLib|MdePkg/Library/DxeServicesLib/DxeServicesLib.inf
DxeServicesTableLib|MdePkg/Library/DxeServicesTableLib/DxeServicesTableLib.inf
PeCoffGetEntryPointLib|MdePkg/Library/BasePeCoffGetEntryPointLib/BasePeCoffGetEntryPointLib.inf
PciCf8Lib|MdePkg/Library/BasePciCf8Lib/BasePciCf8Lib.inf
PciExpressLib|MdePkg/Library/BasePciExpressLib/BasePciExpressLib.inf
PciLib|MdePkg/Library/BasePciLibCf8/BasePciLibCf8.inf
@ -185,9 +182,14 @@
CustomizedDisplayLib|MdeModulePkg/Library/CustomizedDisplayLib/CustomizedDisplayLib.inf
FrameBufferBltLib|MdeModulePkg/Library/FrameBufferBltLib/FrameBufferBltLib.inf
PeCoffExtraActionLib|MdePkg/Library/BasePeCoffExtraActionLibNull/BasePeCoffExtraActionLibNull.inf
DebugAgentLib|MdeModulePkg/Library/DebugAgentLibNull/DebugAgentLibNull.inf
!if $(SOURCE_DEBUG_ENABLE) == TRUE
UefiImageExtraActionLib|SourceLevelDebugPkg/Library/UefiImageExtraActionLibDebug/UefiImageExtraActionLibDebug.inf
!else
UefiImageExtraActionLib|MdePkg/Library/BaseUefiImageExtraActionLibNull/BaseUefiImageExtraActionLibNull.inf
!endif
LocalApicLib|UefiCpuPkg/Library/BaseXApicX2ApicLib/BaseXApicX2ApicLib.inf
DebugPrintErrorLevelLib|MdePkg/Library/BaseDebugPrintErrorLevelLib/BaseDebugPrintErrorLevelLib.inf
@ -470,6 +472,21 @@
# Point to the MdeModulePkg/Application/UiApp/UiApp.inf
gEfiMdeModulePkgTokenSpaceGuid.PcdBootManagerMenuFile|{ 0x21, 0xaa, 0x2c, 0x46, 0x14, 0x76, 0x03, 0x45, 0x83, 0x6e, 0x8a, 0xb6, 0xf4, 0x66, 0x23, 0x31 }
#
# Security measures for memory protection.
#
!if $(LEGACY_WINDOWS_LOADER) == TRUE
# Allow execution of EfiLoaderData memory regions.
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xFFFFFFFFFFFFFFD1
!elseif $(LINUX_LOADER) == TRUE
# Allow execution of EfiReservedMemoryType, EfiConventionalMemory, EfiBootServicesData and EfiLoaderData memory regions.
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xFFFFFFFFFFFFFF40
gEfiMdePkgTokenSpaceGuid.PcdImageLoaderAllowMisalignedOffset|TRUE
!else
# Allow execution of EfiConventionalMemory and EfiBootServicesData memory regions.
gEfiMdeModulePkgTokenSpaceGuid.PcdDxeNxMemoryProtectionPolicy|0xFFFFFFFFFFFFFF45
!endif
################################################################################
#
# Pcd Dynamic Section - list of all EDK II PCD Entries defined by this Platform

2
OvmfPkg/IntelTdx/Sec/SecMain.c
View File

@ -19,8 +19,6 @@
#include <Library/UefiCpuLib.h>
#include <Library/DebugAgentLib.h>
#include <Library/IoLib.h>
#include <Library/PeCoffLib.h>
#include <Library/PeCoffGetEntryPointLib.h>
#include <Library/LocalApicLib.h>
#include <Library/CpuExceptionHandlerLib.h>
#include <IndustryStandard/Tdx.h>

3
OvmfPkg/IntelTdx/Sec/SecMain.inf
View File

@ -40,9 +40,6 @@
UefiCpuLib
DebugAgentLib
IoLib
PeCoffLib
PeCoffGetEntryPointLib
PeCoffExtraActionLib
ExtractGuidedSectionLib
LocalApicLib
MemEncryptSevLib

12
OvmfPkg/Library/PeilessStartupLib/DxeLoad.c
View File

@ -194,6 +194,7 @@ FindDxeNonCc (
EFI_FV_INFO FvImageInfo;
UINT32 FvAlignment;
VOID *FvBuffer;
UINT32 FvImageSize;
FileHandle = NULL;
@ -209,7 +210,7 @@ FindDxeNonCc (
//
// Find FvImage in FvFile
//
Status = FfsFindSectionDataWithHook (EFI_SECTION_FIRMWARE_VOLUME_IMAGE, CheckSectionHookForDxeNonCc, FileHandle, (VOID **)&FvImageHandle);
Status = FfsFindSectionDataWithHook (EFI_SECTION_FIRMWARE_VOLUME_IMAGE, CheckSectionHookForDxeNonCc, FileHandle, (VOID **)&FvImageHandle, &FvImageSize);
if (EFI_ERROR (Status)) {
return Status;
}
@ -281,10 +282,11 @@ DxeLoadCore (
EFI_STATUS Status;
EFI_FV_FILE_INFO DxeCoreFileInfo;
EFI_PHYSICAL_ADDRESS DxeCoreAddress;
UINT64 DxeCoreSize;
UINT32 DxeCoreSize;
EFI_PHYSICAL_ADDRESS DxeCoreEntryPoint;
EFI_PEI_FILE_HANDLE FileHandle;
VOID *PeCoffImage;
VOID *UefiImage;
UINT32 UefiImageSize;
//
// Look in all the FVs present and find the DXE Core FileHandle
@ -303,12 +305,12 @@ DxeLoadCore (
//
// Load the DXE Core from a Firmware Volume.
//
Status = FfsFindSectionDataWithHook (EFI_SECTION_PE32, NULL, FileHandle, &PeCoffImage);
Status = FfsFindSectionDataWithHook (EFI_SECTION_PE32, NULL, FileHandle, &UefiImage, &UefiImageSize);
if (EFI_ERROR (Status)) {
return Status;
}
Status = LoadPeCoffImage (PeCoffImage, &DxeCoreAddress, &DxeCoreSize, &DxeCoreEntryPoint);
Status = LoadUefiImage (UefiImage, UefiImageSize, &DxeCoreAddress, &DxeCoreSize, &DxeCoreEntryPoint);
ASSERT_EFI_ERROR (Status);
//

27
SecurityPkg/Include/Library/HashLib.h
View File

@ -14,6 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Uefi.h>
#include <Protocol/Hash.h>
#include <IndustryStandard/Tpm20.h>
typedef UINTN HASH_HANDLE;
/**
Start hash sequence.
@ -23,10 +24,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
HashStart (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
);
/**
@ -38,11 +39,11 @@ HashStart (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
);
@ -60,7 +61,7 @@ HashUpdate (
EFI_STATUS
EFIAPI
HashCompleteAndExtend (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
IN TPMI_DH_PCR PcrIndex,
IN VOID *DataToHash,
IN UINTN DataToHashLen,
@ -95,9 +96,9 @@ HashAndExtend (
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
typedef
BOOLEAN
EFI_STATUS
(EFIAPI *HASH_INIT)(
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
);
/**
@ -110,10 +111,10 @@ BOOLEAN
@retval EFI_SUCCESS Hash sequence updated.
**/
typedef
BOOLEAN
EFI_STATUS
(EFIAPI *HASH_UPDATE)(
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
);
@ -126,9 +127,9 @@ BOOLEAN
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
typedef
BOOLEAN
EFI_STATUS
(EFIAPI *HASH_FINAL)(
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
);

33
SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c
View File

@ -45,10 +45,10 @@ Tpm2SetSha384ToDigestList (
@retval EFI_SUCCESS Hash sequence start and HandleHandle returned.
@retval EFI_OUT_OF_RESOURCES No enough resource to start hash.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha384HashInit (
OUT VOID **HashHandle
OUT HASH_HANDLE *HashHandle
)
{
VOID *Sha384Ctx;
@ -60,9 +60,9 @@ Sha384HashInit (
Sha384Init (Sha384Ctx);
*HashHandle = Sha384Ctx;
*HashHandle = (HASH_HANDLE)Sha384Ctx;
return TRUE;
return EFI_SUCCESS;
}
/**
@ -74,17 +74,20 @@ Sha384HashInit (
@retval EFI_SUCCESS Hash sequence updated.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha384HashUpdate (
IN VOID *HashHandle,
IN CONST VOID *DataToHash,
IN HASH_HANDLE HashHandle,
IN VOID *DataToHash,
IN UINTN DataToHashLen
)
{
Sha384Update (HashHandle, DataToHash, DataToHashLen);
VOID *Sha384Ctx;
return TRUE;
Sha384Ctx = (VOID *)HashHandle;
Sha384Update (Sha384Ctx, DataToHash, DataToHashLen);
return EFI_SUCCESS;
}
/**
@ -95,22 +98,24 @@ Sha384HashUpdate (
@retval EFI_SUCCESS Hash sequence complete and DigestList is returned.
**/
BOOLEAN
EFI_STATUS
EFIAPI
Sha384HashFinal (
IN VOID *HashHandle,
IN HASH_HANDLE HashHandle,
OUT TPML_DIGEST_VALUES *DigestList
)
{
UINT8 Digest[SHA384_DIGEST_SIZE];
VOID *Sha384Ctx;
Sha384Final (HashHandle, Digest);
Sha384Ctx = (VOID *)HashHandle;
Sha384Final (Sha384Ctx, Digest);
FreePool (HashHandle);
FreePool (Sha384Ctx);
Tpm2SetSha384ToDigestList (DigestList, Digest);
return TRUE;
return EFI_SUCCESS;
}
HASH_INTERFACE mSha384InternalHashInstance = {

80
SecurityPkg/Tcg/TdTcg2Dxe/MeasureBootPeCoff.c
View File

@ -19,11 +19,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/MemoryAllocationLib.h>
#include <Library/DevicePathLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/PeCoffLib.h>
#include <Library/UefiImageLib.h>
#include <Library/HashLib.h>
UINTN mTcg2DxeImageSize = 0;
typedef union {
EFI_IMAGE_NT_HEADERS32 *Pe32;
EFI_IMAGE_NT_HEADERS64 *Pe32Plus;
EFI_IMAGE_OPTIONAL_HEADER_UNION *Union;
} EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION;
/**
Reads contents of a PE/COFF image in memory buffer.
@ -113,25 +119,19 @@ MeasurePeImageAndExtend (
UINT32 NumberOfRvaAndSizes;
UINT32 CertSize;
HASH_HANDLE HashHandle;
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
UEFI_IMAGE_LOADER_IMAGE_CONTEXT ImageContext;
HashHandle = 0xFFFFFFFF; // Know bad value
Status = EFI_UNSUPPORTED;
SectionHeader = NULL;
//
// Check PE/COFF image
//
ZeroMem (&ImageContext, sizeof (ImageContext));
ImageContext.Handle = (VOID *)(UINTN)ImageAddress;
mTcg2DxeImageSize = ImageSize;
ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)Tcg2DxeImageRead;
//
// Get information about the image being loaded
//
Status = PeCoffLoaderGetImageInfo (&ImageContext);
Status = UefiImageInitializeContext (&ImageContext, (VOID *) (UINTN) ImageAddress, ImageSize);
if (EFI_ERROR (Status)) {
//
// The information can't be got from the invalid PeImage
@ -147,7 +147,7 @@ MeasurePeImageAndExtend (
}
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *)(UINTN)ImageAddress + PeCoffHeaderOffset);
if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {
if (Hdr.Pe32->CommonHeader.Signature != EFI_IMAGE_NT_SIGNATURE) {
Status = EFI_UNSUPPORTED;
goto Finish;
}
@ -179,18 +179,18 @@ MeasurePeImageAndExtend (
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = (UINT8 *)(UINTN)ImageAddress;
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;
HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;
NumberOfRvaAndSizes = Hdr.Pe32->NumberOfRvaAndSizes;
HashSize = (UINTN)(&Hdr.Pe32->CheckSum) - (UINTN)HashBase;
} else {
//
// Use PE32+ offset
//
NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;
NumberOfRvaAndSizes = Hdr.Pe32Plus->NumberOfRvaAndSizes;
HashSize = (UINTN)(&Hdr.Pe32Plus->CheckSum) - (UINTN)HashBase;
}
Status = HashUpdate (HashHandle, HashBase, HashSize);
@ -206,18 +206,18 @@ MeasurePeImageAndExtend (
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
HashBase = (UINT8 *)&Hdr.Pe32->CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32->SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
} else {
//
// Use PE32+ offset.
//
HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
HashBase = (UINT8 *)&Hdr.Pe32Plus->CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32Plus->SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
}
if (HashSize != 0) {
@ -230,18 +230,18 @@ MeasurePeImageAndExtend (
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
HashBase = (UINT8 *)&Hdr.Pe32->CheckSum + sizeof (UINT32);
HashSize = (UINTN)(&Hdr.Pe32->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
} else {
//
// Use PE32+ offset
//
HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
HashBase = (UINT8 *)&Hdr.Pe32Plus->CheckSum + sizeof (UINT32);
HashSize = (UINTN)(&Hdr.Pe32Plus->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
}
if (HashSize != 0) {
@ -255,18 +255,18 @@ MeasurePeImageAndExtend (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
HashBase = (UINT8 *)&Hdr.Pe32->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32->SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
} else {
//
// Use PE32+ offset
//
HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
HashBase = (UINT8 *)&Hdr.Pe32Plus->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
}
if (HashSize != 0) {
@ -280,16 +280,16 @@ MeasurePeImageAndExtend (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header
//
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;
SumOfBytesHashed = Hdr.Pe32->SizeOfHeaders;
} else {
//
// Use PE32+ offset
//
SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;
SumOfBytesHashed = Hdr.Pe32Plus->SizeOfHeaders;
}
//
@ -298,7 +298,7 @@ MeasurePeImageAndExtend (
// header indicates how big the table should be. Do not include any
// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
//
SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);
SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->CommonHeader.FileHeader.NumberOfSections);
if (SectionHeader == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
@ -315,9 +315,9 @@ MeasurePeImageAndExtend (
PeCoffHeaderOffset +
sizeof (UINT32) +
sizeof (EFI_IMAGE_FILE_HEADER) +
Hdr.Pe32->FileHeader.SizeOfOptionalHeader
Hdr.Pe32->CommonHeader.FileHeader.SizeOfOptionalHeader
);
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
for (Index = 0; Index < Hdr.Pe32->CommonHeader.FileHeader.NumberOfSections; Index++) {
Pos = Index;
while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
@ -335,7 +335,7 @@ MeasurePeImageAndExtend (
// 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .
// 15. Repeat steps 13 and 14 for all the sections in the sorted table.
//
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
for (Index = 0; Index < Hdr.Pe32->CommonHeader.FileHeader.NumberOfSections; Index++) {
Section = (EFI_IMAGE_SECTION_HEADER *)&SectionHeader[Index];
if (Section->SizeOfRawData == 0) {
continue;
@ -364,16 +364,16 @@ MeasurePeImageAndExtend (
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
if (Hdr.Pe32->Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
CertSize = Hdr.Pe32->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
} else {
//
// Use PE32+ offset.
//
CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
CertSize = Hdr.Pe32Plus->DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
}
}

2
SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf
View File

@ -46,7 +46,7 @@
HashLib
PerformanceLib
ReportStatusCodeLib
PeCoffLib
UefiImageLib
TpmMeasurementLib
TdxLib