SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Message-Id: <20200818062618.3698-8-qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>

2 files changed, 12 insertions, 5 deletions

diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.h
index 0e943f2465..22f47f9817 100644
--- a/SecurityPkg/Include/Ppi/Tcg.h
+++ b/SecurityPkg/Include/Ppi/Tcg.h
@@ -18,6 +18,11 @@ typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI;
 //

 #define EDKII_TCG_PRE_HASH  0x0000000000000001

 

+//

+// This bit is shall be set when HashData is the pre-hash digest and log only.

+//

+#define EDKII_TCG_PRE_HASH_LOG_ONLY  0x0000000000000002

+

 /**

   Tpm measure and log data, and extend the measurement result into a specific PCR.

 

diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
index 246968bb7f..0e770f4485 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
@@ -453,13 +453,15 @@ HashLogExtendEvent (
     return EFI_DEVICE_ERROR;

   }

 

-  if(Flags & EDKII_TCG_PRE_HASH) {

+  if ((Flags & EDKII_TCG_PRE_HASH) != 0 || (Flags & EDKII_TCG_PRE_HASH_LOG_ONLY) != 0) {

     ZeroMem (&DigestList, sizeof(DigestList));

     CopyMem (&DigestList, HashData, sizeof(DigestList));

-    Status = Tpm2PcrExtend (

-             0,

-             &DigestList

-             );

+    if ((Flags & EDKII_TCG_PRE_HASH) !=0 ) {

+      Status = Tpm2PcrExtend (

+               NewEventHdr->PCRIndex,

+               &DigestList

+               );

+    }

   } else {

     Status = HashAndExtend (

                NewEventHdr->PCRIndex,