tyler.durden/audk - audk - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Min M Xu	fb91d6cbd0	OvmfPkg/TdTcg2Dxe: Fix the mapping error between PCR index and MR index BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4179 According to UEFI Spec 2.10 it is supposed to return the mapping from PCR index to CC MR index: // // In the current version, we use the below mapping for TDX: // // TPM PCR Index \| CC Measurement Register Index \| TDX-measurement register // ----------------------------------------------------------------------- // 0 \| 0 \| MRTD // 1, 7 \| 1 \| RTMR[0] // 2~6 \| 2 \| RTMR[1] // 8~15 \| 3 \| RTMR[2] In the current implementation TdMapPcrToMrIndex returns the index of RTMR, not the MR index. After fix the spec unconsistent, other related codes are updated accordingly. 1) The index of event log uses the input MrIndex. 2) MrIndex is decreated by 1 before it is sent for RTMR extending. Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2] Cc: James Bottomley <jejb@linux.ibm.com> [jejb] Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1] Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky] Cc: Arti Gupta <ARGU@microsoft.com> Reported-by: Arti Gupta <ARGU@microsoft.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>	2022-12-15 03:07:33 +00:00
Min M Xu	19f7c63ea9	OvmfPkg/TdTcg2Dxe: Fix incorrect protocol and structure version BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4184 According to the Uefi spec 2.10 Section 38.2.2. EFI_CC_MEASUREMENT_PROTOCOL.GetCapability, the minor version of StructureVersion and ProtocolVersion should be 0. Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2] Cc: James Bottomley <jejb@linux.ibm.com> [jejb] Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1] Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky] Cc: Arti Gupta <ARGU@microsoft.com> Reported-by: Arti Gupta <ARGU@microsoft.com> Signed-off-by: Min Xu <min.m.xu@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>	2022-12-15 03:07:33 +00:00
Min Xu	57a6ee3461	OvmfPkg/IntelTdx: Add TdTcg2Dxe RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853 TdTcg2Dxe mimics the Security/Tcg/Tcg2Dxe. It does below tasks: - Set up and install CC_EVENTLOG ACPI table - Parse the GUIDed HOB (gCcEventEntryHobGuid) and create CC event log - Measure handoff tables, Boot##### variables etc - Measure Exit Boot Service failed - Install CcMeasurement Protocol Cc: Brijesh Singh <brijesh.singh@amd.com> Cc: Erdem Aktas <erdemaktas@google.com> Cc: James Bottomley <jejb@linux.ibm.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Ken Lu <ken.lu@intel.com> Cc: Sami Mujawar <sami.mujawar@arm.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Min Xu <min.m.xu@intel.com>	2022-06-03 11:41:36 +00:00

Author

SHA1

Message

Date

Min M Xu

fb91d6cbd0

OvmfPkg/TdTcg2Dxe: Fix the mapping error between PCR index and MR index

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4179

According to UEFI Spec 2.10 it is supposed to return the mapping from PCR
index to CC MR index:
//
// In the current version, we use the below mapping for TDX:
//
// TPM PCR Index | CC Measurement Register Index | TDX-measurement register
// -----------------------------------------------------------------------
// 0             |   0                           |   MRTD
// 1, 7          |   1                           |   RTMR[0]
// 2~6           |   2                           |   RTMR[1]
// 8~15          |   3                           |   RTMR[2]

In the current implementation TdMapPcrToMrIndex returns the index of RTMR,
not the MR index.

After fix the spec unconsistent, other related codes are updated
accordingly.
1) The index of event log uses the input MrIndex.
2) MrIndex is decreated by 1 before it is sent for RTMR extending.

Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2]
Cc: James Bottomley <jejb@linux.ibm.com> [jejb]
Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1]
Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky]
Cc: Arti Gupta <ARGU@microsoft.com>
Reported-by: Arti Gupta <ARGU@microsoft.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

2022-12-15 03:07:33 +00:00

Min M Xu

19f7c63ea9

OvmfPkg/TdTcg2Dxe: Fix incorrect protocol and structure version

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4184

According to the Uefi spec 2.10 Section 38.2.2.
EFI_CC_MEASUREMENT_PROTOCOL.GetCapability, the minor version of
StructureVersion and ProtocolVersion should be 0.

Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2]
Cc: James Bottomley <jejb@linux.ibm.com> [jejb]
Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1]
Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky]
Cc: Arti Gupta <ARGU@microsoft.com>
Reported-by: Arti Gupta <ARGU@microsoft.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

2022-12-15 03:07:33 +00:00

Min Xu

57a6ee3461

OvmfPkg/IntelTdx: Add TdTcg2Dxe

RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853

TdTcg2Dxe mimics the Security/Tcg/Tcg2Dxe. It does below tasks:
 - Set up and install CC_EVENTLOG ACPI table
 - Parse the GUIDed HOB (gCcEventEntryHobGuid) and create CC event log
 - Measure handoff tables, Boot##### variables etc
 - Measure Exit Boot Service failed
 - Install CcMeasurement Protocol

Cc: Brijesh Singh <brijesh.singh@amd.com>
Cc: Erdem Aktas <erdemaktas@google.com>
Cc: James Bottomley <jejb@linux.ibm.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Tom Lendacky <thomas.lendacky@amd.com>
Cc: Ken Lu <ken.lu@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>

2022-06-03 11:41:36 +00:00

3 Commits