OvmfPkg/TdTcg2Dxe: Update with TdxHelperLib

Since TdxHelperLib has the API(TdxHelperMapPcrToMrIndex)
to map PCR to MR index, the duplicate codes are removed.

Cc: Erdem Aktas <erdemaktas@google.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Elena Reshetova <elena.reshetova@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>

OvmfPkg/IntelTdx/IntelTdxX64.dsc

@@ -313,6 +313,7 @@
   NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
   QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
+  TdxHelperLib|OvmfPkg/IntelTdx/TdxHelperLib/DxeTdxHelperLib.inf
 
 [LibraryClasses.common.UEFI_APPLICATION]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf

OvmfPkg/OvmfPkgX64.dsc

@@ -432,6 +432,7 @@
   NestedInterruptTplLib|OvmfPkg/Library/NestedInterruptTplLib/NestedInterruptTplLib.inf
   QemuFwCfgS3Lib|OvmfPkg/Library/QemuFwCfgS3Lib/DxeQemuFwCfgS3LibFwCfg.inf
   QemuLoadImageLib|OvmfPkg/Library/X86QemuLoadImageLib/X86QemuLoadImageLib.inf
+  TdxHelperLib|OvmfPkg/IntelTdx/TdxHelperLib/DxeTdxHelperLib.inf
 
 [LibraryClasses.common.UEFI_APPLICATION]
   PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf

OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c

@@ -44,15 +44,11 @@
 #include <Protocol/CcMeasurement.h>
 #include <Guid/CcEventHob.h>
 #include <Library/TdxLib.h>
+#include <Library/TdxHelperLib.h>
 
 #define PERF_ID_CC_TCG2_DXE  0x3130
 
 #define   CC_EVENT_LOG_AREA_COUNT_MAX  1
-#define   CC_MR_INDEX_0_MRTD           0
-#define   CC_MR_INDEX_1_RTMR0          1
-#define   CC_MR_INDEX_2_RTMR1          2
-#define   CC_MR_INDEX_3_RTMR2          3
-#define   CC_MR_INDEX_INVALID          4
 
 typedef struct {
   CHAR16      *VariableName;
@@ -932,51 +928,6 @@ TcgCommLogEvent (
   return EFI_SUCCESS;
 }
 
-/**
-  According to UEFI Spec 2.10 Section 38.4.1:
-    The following table shows the TPM PCR index mapping and CC event log measurement
-  register index interpretation for Intel TDX, where MRTD means Trust Domain Measurement
-   Register and RTMR means Runtime Measurement Register
-
-    // TPM PCR Index | CC Measurement Register Index | TDX-measurement register
-    //  ------------------------------------------------------------------------
-    // 0             |   0                           |   MRTD
-    // 1, 7          |   1                           |   RTMR[0]
-    // 2~6           |   2                           |   RTMR[1]
-    // 8~15          |   3                           |   RTMR[2]
-
-  @param[in] PCRIndex Index of the TPM PCR
-
-  @retval    UINT32               Index of the CC Event Log Measurement Register Index
-  @retval    CC_MR_INDEX_INVALID  Invalid MR Index
-**/
-UINT32
-EFIAPI
-MapPcrToMrIndex (
-  IN  UINT32  PCRIndex
-  )
-{
-  UINT32  MrIndex;
-
-  if (PCRIndex > 15) {
-    ASSERT (FALSE);
-    return CC_MR_INDEX_INVALID;
-  }
-
-  MrIndex = 0;
-  if (PCRIndex == 0) {
-    MrIndex = CC_MR_INDEX_0_MRTD;
-  } else if ((PCRIndex == 1) || (PCRIndex == 7)) {
-    MrIndex = CC_MR_INDEX_1_RTMR0;
-  } else if ((PCRIndex >= 2) && (PCRIndex <= 6)) {
-    MrIndex = CC_MR_INDEX_2_RTMR1;
-  } else if ((PCRIndex >= 8) && (PCRIndex <= 15)) {
-    MrIndex = CC_MR_INDEX_3_RTMR2;
-  }
-
-  return MrIndex;
-}
-
 EFI_STATUS
 EFIAPI
 TdMapPcrToMrIndex (
@@ -989,7 +940,7 @@ TdMapPcrToMrIndex (
     return EFI_INVALID_PARAMETER;
   }
 
-  *MrIndex = MapPcrToMrIndex (PCRIndex);
+  *MrIndex = TdxHelperMapPcrToMrIndex (PCRIndex);
 
   return *MrIndex == CC_MR_INDEX_INVALID ? EFI_INVALID_PARAMETER : EFI_SUCCESS;
 }
@@ -1656,7 +1607,7 @@ MeasureHandoffTables (
     Status = GetProcessorsCpuLocation (&ProcessorLocBuf, &ProcessorNum);
 
     if (!EFI_ERROR (Status)) {
-      CcEvent.MrIndex   = MapPcrToMrIndex (1);
+      CcEvent.MrIndex   = TdxHelperMapPcrToMrIndex (1);
       CcEvent.EventType = EV_TABLE_OF_DEVICES;
       CcEvent.EventSize = sizeof (HandoffTables);
 
@@ -1878,7 +1829,7 @@ ReadAndMeasureBootVariable (
   )
 {
   return ReadAndMeasureVariable (
-           MapPcrToMrIndex (1),
+           TdxHelperMapPcrToMrIndex (1),
            EV_EFI_VARIABLE_BOOT,
            VarName,
            VendorGuid,
@@ -1909,7 +1860,7 @@ ReadAndMeasureSecureVariable (
   )
 {
   return ReadAndMeasureVariable (
-           MapPcrToMrIndex (7),
+           TdxHelperMapPcrToMrIndex (7),
            EV_EFI_VARIABLE_DRIVER_CONFIG,
            VarName,
            VendorGuid,
@@ -2017,7 +1968,7 @@ MeasureAllSecureVariables (
   Status = GetVariable2 (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, &Data, &DataSize);
   if (!EFI_ERROR (Status)) {
     Status = MeasureVariable (
-               MapPcrToMrIndex (7),
+               TdxHelperMapPcrToMrIndex (7),
                EV_EFI_VARIABLE_DRIVER_CONFIG,
                EFI_IMAGE_SECURITY_DATABASE2,
                &gEfiImageSecurityDatabaseGuid,
@@ -2047,7 +1998,7 @@ MeasureLaunchOfFirmwareDebugger (
 {
   CC_EVENT_HDR  CcEvent;
 
-  CcEvent.MrIndex   = MapPcrToMrIndex (7);
+  CcEvent.MrIndex   = TdxHelperMapPcrToMrIndex (7);
   CcEvent.EventType = EV_EFI_ACTION;
   CcEvent.EventSize = sizeof (FIRMWARE_DEBUGGER_EVENT_STRING) - 1;
   return TdxDxeHashLogExtendEvent (
@@ -2106,7 +2057,7 @@ MeasureSecureBootPolicy (
   // There might be a case that we need measure UEFI image from DriverOrder, besides BootOrder. So
   // the Authority measurement happen before ReadToBoot event.
   //
-  Status = MeasureSeparatorEvent (MapPcrToMrIndex (7));
+  Status = MeasureSeparatorEvent (TdxHelperMapPcrToMrIndex (7));
   DEBUG ((DEBUG_INFO, "MeasureSeparatorEvent - %r\n", Status));
   return;
 }
@@ -2151,7 +2102,7 @@ OnReadyToBoot (
     // 1. This is the first boot attempt.
     //
     Status = TdMeasureAction (
-               MapPcrToMrIndex (4),
+               TdxHelperMapPcrToMrIndex (4),
                EFI_CALLING_EFI_APPLICATION
                );
     if (EFI_ERROR (Status)) {
@@ -2189,7 +2140,7 @@ OnReadyToBoot (
     // 6. Not first attempt, meaning a return from last attempt
     //
     Status = TdMeasureAction (
-               MapPcrToMrIndex (4),
+               TdxHelperMapPcrToMrIndex (4),
                EFI_RETURNING_FROM_EFI_APPLICATION
                );
     if (EFI_ERROR (Status)) {
@@ -2201,7 +2152,7 @@ OnReadyToBoot (
     // TCG PC Client PFP spec Section 2.4.4.5 Step 4
     //
     Status = TdMeasureAction (
-               MapPcrToMrIndex (4),
+               TdxHelperMapPcrToMrIndex (4),
                EFI_CALLING_EFI_APPLICATION
                );
     if (EFI_ERROR (Status)) {
@@ -2239,7 +2190,7 @@ OnExitBootServices (
   // Measure invocation of ExitBootServices,
   //
   Status = TdMeasureAction (
-             MapPcrToMrIndex (5),
+             TdxHelperMapPcrToMrIndex (5),
              EFI_EXIT_BOOT_SERVICES_INVOCATION
              );
   if (EFI_ERROR (Status)) {
@@ -2250,7 +2201,7 @@ OnExitBootServices (
   // Measure success of ExitBootServices
   //
   Status = TdMeasureAction (
-             MapPcrToMrIndex (5),
+             TdxHelperMapPcrToMrIndex (5),
              EFI_EXIT_BOOT_SERVICES_SUCCEEDED
              );
   if (EFI_ERROR (Status)) {
@@ -2280,7 +2231,7 @@ OnExitBootServicesFailed (
   // Measure Failure of ExitBootServices,
   //
   Status = TdMeasureAction (
-             MapPcrToMrIndex (5),
+             TdxHelperMapPcrToMrIndex (5),
              EFI_EXIT_BOOT_SERVICES_FAILED
              );
   if (EFI_ERROR (Status)) {

OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.inf

@@ -31,6 +31,7 @@
   MdeModulePkg/MdeModulePkg.dec
   SecurityPkg/SecurityPkg.dec
   CryptoPkg/CryptoPkg.dec
+  OvmfPkg/OvmfPkg.dec
 
 [LibraryClasses]
   MemoryAllocationLib
@@ -49,6 +50,7 @@
   PeCoffLib
   TpmMeasurementLib
   TdxLib
+  TdxHelperLib
 
 [Guids]
   ## SOMETIMES_CONSUMES     ## Variable:L"SecureBoot"