Measure Processor location as system identity to PCR[1] according to Tcg server spec

Signed-off-by : Chao Zhang<chao.b.zhang@intel.com> Reviewed-by : Dong Guo<guo.dong@intel.com> Reviewed-by : Yao Jiewen<jiewen.yao@intel.com> git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13971 6f19259b-4bc3-4df7-8a09-765794883524
2012-11-28 01:32:51 +00:00 · 2012-11-28 01:32:51 +00:00 · b25380e3ed
parent f5a859d685
commit b25380e3ed
2 changed files with 116 additions and 0 deletions
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
@ -34,6 +34,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Protocol/DevicePath.h>
 #include <Protocol/TcgService.h>
 #include <Protocol/AcpiTable.h>
+#include <Protocol/MpService.h>

 #include <Library/DebugLib.h>
 #include <Library/BaseMemoryLib.h>
@ -158,6 +159,87 @@ EFI_TCG_SERVER_ACPI_TABLE           mTcgServerAcpiTemplate = {
 UINTN  mBootAttempts  = 0;
 CHAR16 mBootVarName[] = L"BootOrder";

+/**
+  Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function
+  Caller is responsible to free LocationBuf.
+
+  @param[out] LocationBuf          Returns Processor Location Buffer.
+  @param[out] Num                  Returns processor number.
+
+  @retval EFI_SUCCESS              Operation completed successfully.
+  @retval EFI_UNSUPPORTED       MpService protocol not found.
+
+**/
+EFI_STATUS
+GetProcessorsCpuLocation (
+    OUT  EFI_CPU_PHYSICAL_LOCATION   **LocationBuf,
+    OUT  UINTN                       *Num
+  )
+{
+  EFI_STATUS                        Status;
+  EFI_MP_SERVICES_PROTOCOL          *MpProtocol;
+  UINTN                             ProcessorNum;
+  UINTN                             EnabledProcessorNum;
+  EFI_PROCESSOR_INFORMATION         ProcessorInfo;
+  EFI_CPU_PHYSICAL_LOCATION         *ProcessorLocBuf;
+  UINTN                             Index;
+
+  Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **) &MpProtocol);
+  if (EFI_ERROR (Status)) {
+    //
+    // MP protocol is not installed
+    //
+    return EFI_UNSUPPORTED;
+  }
+
+  Status = MpProtocol->GetNumberOfProcessors(
+                         MpProtocol,
+                         &ProcessorNum,
+                         &EnabledProcessorNum
+                         );
+  if (EFI_ERROR(Status)){
+    return Status;
+  }
+
+  Status = gBS->AllocatePool(
+                  EfiBootServicesData,
+                  sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
+                  &ProcessorLocBuf
+                  );
+  if (EFI_ERROR(Status)){
+    return Status;
+  }
+
+  //
+  // Get each processor Location info
+  //
+  for (Index = 0; Index < ProcessorNum; Index++) {
+    Status = MpProtocol->GetProcessorInfo(
+                           MpProtocol,
+                           Index,
+                           &ProcessorInfo
+                           );
+    if (EFI_ERROR(Status)){
+      FreePool(ProcessorLocBuf);
+      return Status;
+    }
+
+    //
+    // Get all Processor Location info & measure
+    //
+    CopyMem(
+      &ProcessorLocBuf[Index],
+      &ProcessorInfo.Location,
+      sizeof(EFI_CPU_PHYSICAL_LOCATION)
+      );
+  }
+
+  *LocationBuf = ProcessorLocBuf;
+  *Num = ProcessorNum;
+
+  return Status;
+}
+
 /**
  This service provides EFI protocol capability information, state information 
  about the TPM, and Event Log state information.
@ -679,7 +761,12 @@ MeasureHandoffTables (
  SMBIOS_TABLE_ENTRY_POINT          *SmbiosTable;
  TCG_PCR_EVENT_HDR                 TcgEvent;
  EFI_HANDOFF_TABLE_POINTERS        HandoffTables;
+  UINTN                             ProcessorNum;
+  EFI_CPU_PHYSICAL_LOCATION         *ProcessorLocBuf;

+  //
+  // Measure SMBIOS with EV_EFI_HANDOFF_TABLES to PCR[1]
+  //
  Status = EfiGetSystemConfigurationTable (
             &gEfiSmbiosTableGuid,
             (VOID **) &SmbiosTable
@ -708,6 +795,34 @@ MeasureHandoffTables (
               );
  }

+  if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
+    //
+    // Tcg Server spec. 
+    // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
+    //
+    Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);
+
+    if (!EFI_ERROR(Status)){
+      TcgEvent.PCRIndex  = 1;
+      TcgEvent.EventType = EV_TABLE_OF_DEVICES;
+      TcgEvent.EventSize = sizeof (HandoffTables);
+
+      HandoffTables.NumberOfTables = 1;
+      HandoffTables.TableEntry[0].VendorGuid  = gEfiMpServiceProtocolGuid;
+      HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf;
+
+      Status = TcgDxeHashLogExtendEventI (
+                 &mTcgDxeData,
+                 (UINT8*)(UINTN)ProcessorLocBuf,
+                 sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
+                 &TcgEvent,
+                 (UINT8*)&HandoffTables
+                 );
+
+      FreePool(ProcessorLocBuf);
+    }
+  }
+
  return Status;
 }

--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
@ -62,6 +62,7 @@
  gEfiTcgProtocolGuid                           ## PRODUCES
  gEfiAcpiTableProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED
  gEfiDevicePathProtocolGuid                    # PROTOCOL ALWAYS_CONSUMED
+  gEfiMpServiceProtocolGuid                     # PROTOCOL ALWAYS_CONSUMED

 [Pcd]
  gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass