The code blindly assumes a TIS interface is present in case both CRB and
FIFO checks fail. Check the InterfaceType for TIS instead and only
return Tpm2PtpInterfaceTis in case it matches, Tpm2PtpInterfaceMax
otherwise.
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Add the AUTH_SIG_NOT_FOUND Action to the Image Execution Info Table
when the Image is signed but signature is not allowed by DB and the
hash of image is not found in DB/DBX.
This is documented in the UEFI spec 2.10, table 32.5.
This issue is found by the SIE SCT with the error message as follows:
SecureBoot - TestImage1.bin in Image Execution Info Table with
SIG_NOT_FOUND. --FAILURE
B3A670AA-0FBA-48CA-9D01-0EE9700965A9
SctPkg/TestCase/UEFI/EFI/RuntimeServices/SecureBoot/BlackBoxTest/
ImageLoadingBBTest.c:1079:Status Success
Signed-off-by: Nhi Pham <nhi@os.amperecomputing.com>
Reviewed-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
__FUNCTION__ is a pre-standard extension that gcc and Visual C++ among
others support, while __func__ was standardized in C99.
Since it's more standard, replace __FUNCTION__ with __func__ throughout
SecurityPkg.
Signed-off-by: Rebecca Cran <rebecca@bsdio.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
Update SecureBootVariableLib host-based unit test INF file to only
list VALID_ARCHITECTURES of IA32 and X64 to align with all other
host-based unit test INF files. The UnitTestFrameworkPkg only
provides build support of host-based unit tests to OS applications
for IA32 and X64.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osde@linux.microsoft.com>
The unit test code for the SecureBootVariableLib is initializing
local variable structures in their declaration from other local
variables that are also initialized in their declaration. ANSI C
does not allow this and error 4122 is generated on VS20xx compilers.
The test cases are updated to initialize the local structure
fields in C statements instead of their local variable declaration.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osde@linux.microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4389
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Chris Johnson <chris.n.johnson@intel.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osde@linux.microsoft.com>
Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
If FirmwareVolumeShadow PPI is available, then use it to
shadow FVs to memory. Otherwise fallback to CopyMem().
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Patel Umang <umang.patel@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Call gRT->GetVariable() directly to read the SecureBoot variable. It is
one byte in size so we can easily place it on the stack instead of
having GetEfiGlobalVariable2() allocate it for us, which avoids a few
possible error cases.
Skip secure boot checks if (and only if):
(a) the SecureBoot variable is not present (EFI_NOT_FOUND) according to
the return value, or
(b) the SecureBoot variable was read successfully and is set to
SECURE_BOOT_MODE_DISABLE.
Previously the code skipped the secure boot checks on *any*
gRT->GetVariable() error (GetEfiGlobalVariable2 sets the variable
value to NULL in that case) and also on memory allocation failures.
Fixes: CVE-2019-14560
Bugzilla: https://bugzilla.tianocore.org/show_bug.cgi?id=2167
Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
Suggested-by: Marvin Häuser <mhaeuser@posteo.de>
Reviewed-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
On Arm platforms, the number of available RNG algorithms is
dynamically detected and can be 0 in the absence of FEAT_RNG
and firmware TRNG.
In this case, the EFI_RNG_PROTOCOL should not be installed to
prevent from installing an empty protocol.
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
[ardb: return EFI_REQUEST_UNLOAD_IMAGE instead of an error]
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
mAvailableAlgoArrayCount holds the count of available RNG algorithms.
In a following patch, its value will be used to prevent the
EFI_RNG_PROTOCOL to be installed if no RNG algorithm is available.
Correctly set/reset the value for all implementations.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Reviewed-by: Ard Biesheuvel <ardb@kernel.org>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4335
CcMeasurement protocol is installed when it is supported in a td-guest. If
the installation of the protocol failed, the guest shall go into
CpuDeadLoop. Because the measurement feature is crucial to a td-guest and
it shall stop running immediately at this situation.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506
Change the default value of PcdRequireSelfSignedPk to FALSE in
accordance with UEFI spec, which states that PK need not be
self-signed when enrolling in setup mode.
Note that this relaxes the legacy behavior, which required the PK to
be self-signed in this case.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Jan Bobek <jbobek@nvidia.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506
Per UEFI spec, enrolling a new PK in setup mode should not require a
self-signature. Introduce a feature PCD called PcdRequireSelfSignedPk
to control this requirement. Default to TRUE in order to preserve the
legacy behavior.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Co-authored-by: Matthew Carlson <macarl@microsoft.com>
Signed-off-by: Jan Bobek <jbobek@nvidia.com>
Reviewed-by: Sean Brogan <sean.brogan@microsoft.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4305
Based on whether the DER-encoded ContentInfo structure is present in
authenticated SetVariable payload or not, the SHA-256 OID can be
located at different places.
UEFI specification explicitly states the driver shall support both
cases, but the old code assumed ContentInfo was not present and
incorrectly rejected authenticated variable updates when it were
present.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Jan Bobek <jbobek@nvidia.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
According to TCG PC Client PFP spec 0021 Section 2.4.4.2 EFI boot variable
should be measured and extended to PCR[1], not PCR[5]. This patch is
proposed to fix this error.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4194
The TdTcg2Dxe lives in the OvmfPkg instead of the SecurityPkg. Having
the TdTcg2Dxe at the same place as Tcg2Dxe will be easier for platforms to
consume.
Definition of PcdCcEventlogAcpiTableLaml and PcdCcEventlogAcpiTableLasa
are also moved from OvmfPkg.dec to SecurityPkg.dec.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Arti Gupta <ARGU@microsoft.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
There's no real usage of these two libraries. They're deprecated.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Cc: Judah Vang <judah.vang@intel.com>
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Acked-by: Michael D Kinney <michael.d.kinney@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4179
TDVF has the feature to do RTMR measurement in SEC phase. In the same time
it builds a GUID hob which carries the hash value of the measurement so
that in DXE phase a td event can be created based on this GUID Hob. There
is a mapping error between TPM PCR index and RTMR index according to UEFI
2.10. That PCR6 is missing in the mapping. This patch fixes this issue.
Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2]
Cc: James Bottomley <jejb@linux.ibm.com> [jejb]
Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1]
Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky]
Cc: Arti Gupta <ARGU@microsoft.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
Add RngDxe support for Arm. This implementation uses the ArmTrngLib
to support the RawAlgorithm and doens't support the RNDR instruction.
To re-use the RngGetRNG(), RngGetInfo() and FreeAvailableAlgorithms()
functions, create Arm/AArch64 files which implement the arch specific
function GetAvailableAlgorithms(). Indeed, FEAT_RNG instruction is not
supported on Arm.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
To re-use the AArch64/RngDxe.c for an Arm implementation,
rename AArch64/RngDxe.c to ArmRngDxe.c.
Acked-by: Leif Lindholm <quic_llindhol@quicinc.com>
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
PcdCpuRngSupportedAlgorithm should allow to identify the the algorithm
used by the RNDR CPU instruction to generate a random number.
Add a debug warning if the Pcd is not set.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
RawAlgorithm is used to provide access to entropy that is suitable
for cryptographic applications. Therefore, add RawAlgorithm support
that provides access to entropy using the ArmTrngLib.
Also remove unused UefiBootServicesTableLib library inclusion
and Status variable.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
RngGetBytes() relies on the RngLib. The RngLib might use the RNDR
instruction if the FEAT_RNG feature is present. RngGetInfo and
RngGetRNG both must check that RngGetBytes() is working before
advertising/using it.
To do so, allocate an array storing the available algorithms.
The Rng algorithm at the lowest index will be the default Rng
algorithm. The array is shared between RngGetInfo and RngGetRNG.
This array is allocated when the driver is loaded, and freed
when unloaded.
This patch also prevents from having PcdCpuRngSupportedAlgorithm
let to a zero GUID, but let the possibility to have no valid Rng
algorithm in such case.
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
This patch:
-Update RngGetBytes() documentation to align the function
definition and declaration.
-Improve input parameter checking. Even though 'This'
it is not used, the parameter should always point to the
current EFI_RNG_PROTOCOL.
-Removes TimerLib inclusion as unused.
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
RngGetInfo() is one of the 2 functions of the EFI_RNG_PROTOCOL.
RngGetInfo() is currently a mere wrapper around
ArchGetSupportedRngAlgorithms() which is implemented differently
depending on the architecture used.
RngGetInfo() does nothing more than calling
ArchGetSupportedRngAlgorithms(). So remove it, and let RngGetInfo()
be implemented differently according to the architecture.
This follows the implementation of the other function of the
EFI_RNG_PROTOCOL, RngGetRNG().
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
gEfiRngAlgorithmSp80090Ctr256Guid was used as the default algorithm
in RngGetRNG(). The commit below set the default algorithm to
PcdCpuRngSupportedAlgorithm, which is a zero GUID by default.
As the Pcd value is not defined for any platform in the edk2-platfoms
repository, assume it was an error and go back to the first version,
using gEfiRngAlgorithmSp80090Ctr256Guid.
Fixes: 4e5ecdbac8 ("SecurityPkg: Add support for RngDxe on AARCH64")
Signed-off-by: Pierre Gondois <Pierre.Gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
Bugzilla: 3668 (https://bugzilla.tianocore.org/show_bug.cgi?id=3668)
Rename RdRandGenerateEntropy() to GenerateEntropy() to provide a
common interface to generate entropy on other architectures.
GenerateEntropy() is intended to generate high quality entropy.
Also move the definition to RngDxeInternals.h
Signed-off-by: Pierre Gondois <pierre.gondois@arm.com>
Acked-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4053
Add LOONGARCH64 architecture to SecurityPkg for EDK2 CI testing.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Chao Li <lichao@loongson.cn>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4077
Following the design described in the TCG specification,
the driver implementation of the CRB protocol does not require
enforcing completing the transition to goIdle at the end of a command
sequence.
Signed-off-by: Rodrigo Gonzalez Del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
The debug macro modified in this change was missing a print specifier
for a debug message argument given.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3980
As per TCG PC Client Device Driver Design Principle document,
if tpm commands fails due to timeout condition, then it should
have retry mechanism (3 retry attempts).
Existing implementation of PtpCrbTpmCommand does not have retry
mechanism if it fails with EFI_TIMEOUT.
See TCG PC Client Device Driver Design Principles for TPM 2.0
https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_Device_Driver_Design_Principles_TPM2p0_v1p1_r4_211104_final.pdf
Vision 1.1, Revision 0.04
Section 7.2.1
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Swapnil Patil <S.Keshavrao.Patil@dell.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911
This change added unit test and enabled it from pipeline for the updated
SecureBootVariableLib.
The unit test covers all implemented interfaces and certain corner cases.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3909
This change is in pair with the previous SecureBootVariableLib change,
which updated the interface of `CreateTimeBasedPayload`.
This change added a helper function to query the current time through
Real Time Clock protocol. This function is used when needing to format
an authenticated variable payload.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910
This change added common header files to consumer drivers to unblock
pipeline builds.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910
This change is in pair with the previous SecureBootVariableLib, which
removes the explicit invocation of `CreateTimeBasedPayload` and used new
interface `EnrollFromInput` instead.
The original `SecureBootFetchData` is also moved to this library and
incorporated with the newly defined `SecureBootCreateDataFromInput` to
keep the original code flow.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911
This change updated the interfaces provided by SecureBootVariableLib.
The new additions provided interfaces to enroll single authenticated
variable from input, a helper function to query secure boot status,
enroll all secure boot variables from UefiSecureBoot.h defined data
structures, a as well as a routine that deletes all secure boot related
variables.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910
This change removes the interface of SecureBootFetchData, and replaced
it with `SecureBootCreateDataFromInput`, which will require caller to
prepare available certificates in defined structures.
This improvement will eliminate the dependency of reading from FV,
extending the availability of this library instance.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3909
This change updated the interface of 'CreateTimeBasedPayload' by
requiring the caller to provide a timestamp, instead of relying on time
protocol to be ready during runtime. It intends to extend the library
availability during boot environment.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911
This patch provides an abstracted interface for platform to implement PK
variable related protection interface, which is designed to be used when
PK variable is about to be changed by UEFI firmware.
This change also provided a variable policy based library implementation
to accomodate platforms that supports variable policy for variable
protections.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910
This change added certificate and payload structures that can be consumed
by SecureBootVariableLib and other Secure Boot related operations.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
HashLibTdx is designed for the Tdx guest. So if is not a Tdx guest,
return EFI_UNSUPPORTED in RegisterHashInterfaceLib.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
SecTpmMeasurementLitTdx is an instance of TpmMeasurementLib. It is
designed to used in a Td guest. This lib measures and logs data, and
extendx the measurement result into a specific RTMR.
SecTpmMeasurementLibTdx is a refactored lib of
OvmfPkg/Library/SecMeasurementLibTdx and it just copies
GetMappedRtmrIndex/TdxMeasureAndLogData from that lib. At the end of
this patch-set SecMeasurementLibTdx will be deleted.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
EFI_CC_EVENT_HOB_GUID is the global ID of a GUIDed HOB used to pass
TDX_DIGEST_VALUE from SEC to a DXE Driver ( This DXE driver will
be introduced in the following commit in this patch-sets ). In that
DXE driver this GUIDed HOB will be parsed and the TDX_DIGEST_VALUE
then will be extracted. After that a EFI_CC_EVENT will be created
based on it.
Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853
This library provides hash service by registered hash handler in Td
guest. Currently only SHA384 is supported. After that the hash value is
extended to Td RTMR registers which is similar to TPM PCRs.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3463
In V2: Fixed patch format and uncrustify cleanup
In V1: To follow the TCG CRB protocol specification, on every CRB TPM
command completion the TPM should return to Idle state, regardless of
the CRB Idle Bypass capability reported by the TPM device.
See: TCG PC Client Device Driver Design Principles for TPM 2.0,
Version 1.0, Rev 0.27
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3515
In V4: Fixed patch format and uncrustify cleanup
In V3: Cleaned up comments, debug prints and updated patch to use the
new debug ENUM definitions.
- Replaced EFI_D_INFO with DEBUG_INFO.
- Replaced EFI_D_VERBOSE with DEBUG_VERBOSE.
In V2: Add case to RegisterHashInterfaceLib logic
RegisterHashInterfaceLib needs to correctly handle registering the HashLib
instance supported algorithm bitmap when PcdTpm2HashMask is set to zero.
The current implementation of SyncPcrAllocationsAndPcrMask() triggers
PCR bank reallocation only based on the intersection between
TpmActivePcrBanks and PcdTpm2HashMask.
When the software HashLibBaseCryptoRouter solution is used, no PCR bank
reallocation is occurring based on the supported hashing algorithms
registered by the HashLib instances.
Need to have an additional check for the intersection between the
TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the
HashLib instances present on the platform's BIOS.
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858
In V2: Fixed patch format and uncrustify cleanup
In V1: Add debug functionality to examine TPM extend operations
performed by BIOS and inspect the PCR 00 value prior to
any BIOS measurements.
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625
DxeTpmMeasurementLib supports TPM based measurement in DXE phase.
After CcMeasurementProtocol is introduced, CC based measurement needs
to be supported in DxeTpmMeasurementLib as well.
A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed.
In this library when do measurement only one of above 3 protocols will
be called.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625
DxeTpm2MeasureBootLib supports TPM2 based measure boot. After
CcMeasurementProtocol is introduced, CC based measure boot needs to
be supported in DxeTpm2MeasureBootLib as well.
There are 2 major changes in this commit.
1. A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed. In this library when
do measure boot only one of TCG2_PROTOCOL / CC_MEASUREMENT_PROTOCOL
will be called. MEASURE_BOOT_PROTOCOLS is defined to store the instances
of TCG2 protocol and CC Measurement protocol.
2. CcEvent is similar to Tcg2Event except the MrIndex and PcrIndex.
So in the code Tcg2Event will be first created and intialized. If
CcMeasurementProtocol is called to do the measure boot, then CcEvent
points to Tcg2Event and the MrIndex is adjusted.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
Apply uncrustify changes to .c/.h files in the SecurityPkg package
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Gerd Hoffmann
Nhi Pham
Rebecca Cran
Michael D Kinney
Chris Johnson
Umang Patel
Pierre Gondois
Min M Xu
Jan Bobek
Jian J Wang
Sami Mujawar
Chao Li
Rodrigo Gonzalez Del Cueto
Michael Kubacki
Qi Zhang
kuqin