2 steps are used to create/delete a time based variable.
For create
step 1: Insert Signer Cert to CertDB.
Step 2: Insert Payload to Variable.
For delete
step 1: Delete Variable.
Step 2: Delete Cert from CertDB.
System may breaks between step 1 & step 2, so CertDB may contains useless
Cert in the next reboot. AuthVariableLib choose to sync consistent state
between CertDB & Time Auth Variable on initialization. However, it doesn't
apply Time Auth attribute check. Now add it.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Zeng Star <star.zeng@intel.com>
Physical Presence state reporting is constrained by physical presence caching in variable driver. For example, reporting must be prior to Physical Presence caching. Physical Presence state becomes constant rather than instant after caching. Therefore, PlatformSecureLib is responsible for reporting Physical Presence state in expected way.
This reverts commit 90fa53213e.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
The input PeImage in HashPeImage() has been checked.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
This is an incompatible change. It uses PcdUserPhysicalPresence value instead
of hard code TRUE. Because PcdUserPhysicalPresence default value is FALSE,
this patch changes UserPhysicalPresent() return value from TRUE to FALSE.
From Security point, it is not safe to always return TRUE. If user wants this
behavior, he can still configure PcdUserPhysicalPresence value to TRUE in
the platform DSC file.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Giri P Mudusuru <giri.p.mudusuru@intel.com>
AuthVariableLib is updated to cache the UserPhysicalPresent state to global variable. This avoids calling PlatformSecureLib during runtime and makes PhysicalPresent state consistent during one boot.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
TcgDxePassThroughToTpm should be able to handle all TPM12 Command & Response correctly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
For Pyrite SSC device, it may not supports Active Key, So
add check logic before enable it.
Cc: Feng Tian <feng.tian@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Check the BlockSid feature capability through check
BlockSid header in the DiscoveryHeader.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
The ComId for Block SID authentication command is
0x0005 according to "TCG Storage Feature Set: Block
SID Authentication Specification Version 1.0.0". Update code to
follow this spec requirement.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Remove Customized SecureBoot Mode transition logic for Mantis 1263, including AuditMode/DeployedMode/PK update management.
Also remove image verification logic in AuditMode.
The feature has been moved to
https://github.com/tianocore/edk2-staging/tree/Customized-Secure-Boot
Previous check-in hash is
SHA-1: 4fc08e8d68
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Fix Tpm12NvWriteValue() command/response length byte order.
Tpm12SubmitCommand() was using the value from Command.Hdr.paramSize
which was swapped to be Big Endian, but the function was
expecting it in UINT32 Little Endian
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Signed-off-by: Derek Lin <derek.lin2@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Add DEBUG messages for TPM12Startup to distinguish between TPM_SUCCESS
and
TPM_INVALID_POSTINIT. This helps debugging some hardware problems.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Signed-off-by: Derek Lin <derek.lin2@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Add DEBUG messages for TPM2Startup to distinguish between TPM_RC_SUCCESS
and TPM_RC_INITIALIZE. This helps debugging some hardware problems.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <elhaj@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
This patch enhance OPAL password lib SMM communication by using fixed
SMM communication buffer.
Update OPAL password lib to consume EDKII_PI_SMM_COMMUNICATION_REGION_TABLE
as fixed communication buffer for SMM communication.
This is designed to meet Microsoft WSMT table definition on FIXED_COMM_BUFFERS
requirement.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Feng Tian <feng.tian@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
In image verification, if image verified pass in DBT, still need to verify if it is blocked by any other cert/cert hash from DBX.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Dick Wilkins <dick_wilkins@phoenix.com>
Revert previous fix in AuthVariable driver init which breaks SecureBootEnable original behavior. Add more error handling logic in SecureBootConfigDxe to prevent wrong display info when SecureBootEnable & PK inconsistency happens.
Commit hash for the reverted patch in AuthVariable driver is
SHA-1: a6811666b0
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
APIs used to support opal password solution to trig opal command.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Library APIs used to create commands defined by TCG storage opal spec.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
APIs used to create commands defined by TCG storage core spec.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
Some commands in DxeTcg2PhysicalPresenceLib accept
AuthSession as input parameter and copy to local
command buffer. After use, this AuthSession content
should be zeroed, because there might be some secrete
there.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
Tpm2Ptp.c is library, but it miss Tpm2 prefix for
IsPtpPresence() and GetPtpInterface(). There might
be risk as name symbol conflict. This patch adds Tpm2
prefix for them.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
Tested-by: "Wu, Hao A" <hao.a.wu@intel.com>
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction()
has check if current request is same as previous.
But it forget check RequestParameter, which causes
second request fail to process, if RequestParameter
is different.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
Add a new cert data base "certdbv" to store signer certs for volatile time based
Auth variable.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19786 6f19259b-4bc3-4df7-8a09-765794883524
1) NvPublic.dataSize data should be got from original
receive buffer, instead of returned NvPublic.
2) NvNameSize means the size of NvName without size field.
The original code treats it to be size of NvName with size
field, so the last 2 bytes are missing.
This patch fixed problem.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19756 6f19259b-4bc3-4df7-8a09-765794883524
Previously, we only add PTP detection in Tpm12RequestUseTpm,
because RequestUseTpm does not check TPM command.
This patch also adds similar check in Tpm12SubmitCommand.
PTP device does not accept TPM12 command, so that it can
return error on PTP device, instead of wait till timeout.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19755 6f19259b-4bc3-4df7-8a09-765794883524
The TPM RequestUseTpm API can only set register to
use the hardware, but it can not be used to distinguish
TPM12 or TPM2 device.
TPM PTP defines same address with TIS, so we need
detect the TPM device is PTP or TIS in RequestUseTpm.
Also, Tcg2Config driver call RequestUseTpm to detect
TPM hardware device. So we have to add check here.
There is no need to support PTP CRB style SubmitCommand(),
because TPM2 device can not accept TPM12 style command.
This patch also uses TpmTis.h instead of duplicate
definition.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19742 6f19259b-4bc3-4df7-8a09-765794883524
TPM2 hardware may support PTP FIFO/TIS interface
or PTP CRB interface. The original lib only handles
PTP FIFO/TIS interface. This patch adds PTP CRB
interface support.
The current logic is that lib will runtime detect
TPM device interface (CRB or FIFO/TIS) and call
proper function to access hardware.
It is compatible for old TPM2 FIFO/TIS device and
new TPM2 CRB device.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19740 6f19259b-4bc3-4df7-8a09-765794883524
Add the following APIs that are required by TcgPei and/or TcgDxe to
the Tpm12CommandLib instance:
Tpm12Extend()
Tpm12PhysicalPresence()
Tpm12ContinueSelfTest()
Tpm12GetCapabilityFlagPermanent()
Tpm12GetCapabilityFlagVolatile()
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19727 6f19259b-4bc3-4df7-8a09-765794883524
Some commands in Tpm2CommandLib accept AuthSession
as input parameter and copy to local command buffer.
After use, this AuthSession content should be zeroed,
because there might be some secrete there.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19635 6f19259b-4bc3-4df7-8a09-765794883524
Tpm2Startup does not check TPM device return code.
It might cause problem, that error is not detected
in Tcg2Peim, for example, S3 resume case.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19634 6f19259b-4bc3-4df7-8a09-765794883524
Change TisTpmCommand to Tpm2TisTpmCommand. Makes function name more clear.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Samer El-Haj-Mahmoud <samer.el-haj-mahmoud@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19622 6f19259b-4bc3-4df7-8a09-765794883524
Some compilers (like RVCT) reject input files that do not end in a
newline. So add missing newlines to some SecurityPkg header files.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19107 6f19259b-4bc3-4df7-8a09-765794883524
Zhang, Chao B
Liming Gao
Eric Dong
Cinnamon Shia
Samer El-Haj-Mahmoud
Jiewen Yao
Michael Kinney
Star Zeng
Jordan Justen
Ard Biesheuvel