diff options
| author | Zhang, Chao B <chao.b.zhang@intel.com> | 2017-07-27 14:22:00 +0800 |
|---|---|---|
| committer | Zhang, Chao B <chao.b.zhang@intel.com> | 2017-10-15 08:16:36 +0800 |
| commit | d7c054f98591389f8e4dd46d2172949dbec2777c (patch) | |
| tree | f93e69cc4353e61794c775f5b3cc2625c45c3ae3 /SecurityPkg/SecurityPkg.dec | |
| parent | 53c6ff18032737fabb644a9e0c781d91a6830248 (diff) | |
| download | edk2-d7c054f98591389f8e4dd46d2172949dbec2777c.tar.gz edk2-d7c054f98591389f8e4dd46d2172949dbec2777c.tar.bz2 edk2-d7c054f98591389f8e4dd46d2172949dbec2777c.zip | |
SecurityPkg\Tcg2Pei: FV measure performance enhancement
1. Leverage Pre-Hashed FV PPI to reduce duplicated hash
2. Only measure BFV at the beginning. Other FVs are measured in FVinfo callback with nested
FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=662
Cc: Long Qin <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Sean Brogan <sean.brogan@microsoft.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Diffstat (limited to 'SecurityPkg/SecurityPkg.dec')
| -rw-r--r-- | SecurityPkg/SecurityPkg.dec | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 01bff01ed5..df4082bb8d 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -7,6 +7,7 @@ #
# Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP <BR>
+# Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License which accompanies this distribution.
# The full text of the license may be found at
@@ -222,6 +223,9 @@ ## Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid = { 0x6e056ff9, 0xc695, 0x4364, { 0x9e, 0x2c, 0x61, 0x26, 0xf5, 0xce, 0xea, 0xae } }
+ ## Include/Ppi/FirmwareVolumeInfoPrehashedFV.h
+ gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid = { 0x3ce1e631, 0x7008, 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49, 0x4b } }
+
#
# [Error.gEfiSecurityPkgTokenSpaceGuid]
# 0x80000001 | Invalid value provided.
@@ -448,9 +452,10 @@ [PcdsDynamic, PcdsDynamicEx]
- ## This PCD indicates Hash mask for TPM 2.0.<BR><BR>
+ ## This PCD indicates Hash mask for TPM 2.0. Bit definition strictly follows TCG Algorithm Registry.<BR><BR>
# If this bit is set, that means this algorithm is needed to extend to PCR.<BR>
# If this bit is clear, that means this algorithm is NOT needed to extend to PCR.<BR>
+ # If all the bits are clear, that means hash algorithm is determined by current Active PCR Banks.<BR>
# BIT0 - SHA1.<BR>
# BIT1 - SHA256.<BR>
# BIT2 - SHA384.<BR>
|