summaryrefslogtreecommitdiffstats
path: root/OvmfPkg/Tcg
diff options
context:
space:
mode:
authorMin M Xu <min.m.xu@intel.com>2024-08-06 02:01:55 -0400
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>2024-08-27 12:50:51 +0000
commitefaf8931bbfa33a81b8792fbf9e2ccc239d53204 (patch)
treea831f5b76902c48c091ff32b1936e938c2d7bc65 /OvmfPkg/Tcg
parentccda91c28628aa70bca614f1f7b71ad7b5ca61e0 (diff)
downloadedk2-efaf8931bbfa33a81b8792fbf9e2ccc239d53204.tar.gz
edk2-efaf8931bbfa33a81b8792fbf9e2ccc239d53204.tar.bz2
edk2-efaf8931bbfa33a81b8792fbf9e2ccc239d53204.zip
OvmfPkg/TdTcg2Dxe: Fix the SeparatorEvent issue in RTMRs
According to the TCG EFI platform specification, the firmware must measure the EV_SEPARATOR event into PCRs 0-7. As PCR[1] and PCR[7] map to RTMR[0], and PCRs [2-6] map to RTMR[1], it is necessary to measure one EV_SEPARATOR event into RTMR[0] and another one into RTMR[1]. An issue is found in TdTcg2Dxe that 2 EV_SEPARATOR events are measured to RTMR[0] but no EV_SEPARATOR event is measured to RTMR[1]. This patch fixes the above issue. Cc: Erdem Aktas <erdemaktas@google.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Gerd Hoffmann <kraxel@redhat.com> Cc: Qinkun Bao <qinkun@google.com> Cc: Tom Lendacky <thomas.lendacky@amd.com> Cc: Michael Roth <michael.roth@amd.com> Signed-off-by: Min Xu <min.m.xu@intel.com>
Diffstat (limited to 'OvmfPkg/Tcg')
-rw-r--r--OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c12
1 files changed, 9 insertions, 3 deletions
diff --git a/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c b/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
index 0a23bff5a1..6d2de0e838 100644
--- a/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
+++ b/OvmfPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
@@ -2160,11 +2160,17 @@ OnReadyToBoot (
//
// 2. Draw a line between pre-boot env and entering post-boot env.
- // PCR[7] (is RTMR[0]) is already done.
//
- Status = MeasureSeparatorEvent (1);
+ // According to UEFI Spec 2.10 Section 38.4.1 the mapping between MrIndex and Intel
+ // TDX Measurement Register is:
+ // MrIndex 0 <--> MRTD
+ // MrIndex 1-3 <--> RTMR[0-2]
+ // RTMR[0] (i.e. MrIndex 1) is already done. So SepartorEvent shall be extended to
+ // RTMR[1] (i.e. MrIndex 2) as well.
+ //
+ Status = MeasureSeparatorEvent (CC_MR_INDEX_2_RTMR1);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));
+ DEBUG ((DEBUG_ERROR, "Separator Event not Measured to RTMR[1]. Error!\n"));
}
//