diff options
-rw-r--r-- | SecurityPkg/Include/Ppi/Tcg.h | 5 | ||||
-rw-r--r-- | SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 |
2 files changed, 12 insertions, 5 deletions
diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.h index 0e943f2465..22f47f9817 100644 --- a/SecurityPkg/Include/Ppi/Tcg.h +++ b/SecurityPkg/Include/Ppi/Tcg.h @@ -18,6 +18,11 @@ typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI; //
#define EDKII_TCG_PRE_HASH 0x0000000000000001
+//
+// This bit is shall be set when HashData is the pre-hash digest and log only.
+//
+#define EDKII_TCG_PRE_HASH_LOG_ONLY 0x0000000000000002
+
/**
Tpm measure and log data, and extend the measurement result into a specific PCR.
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c index 246968bb7f..0e770f4485 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -453,13 +453,15 @@ HashLogExtendEvent ( return EFI_DEVICE_ERROR;
}
- if(Flags & EDKII_TCG_PRE_HASH) {
+ if ((Flags & EDKII_TCG_PRE_HASH) != 0 || (Flags & EDKII_TCG_PRE_HASH_LOG_ONLY) != 0) {
ZeroMem (&DigestList, sizeof(DigestList));
CopyMem (&DigestList, HashData, sizeof(DigestList));
- Status = Tpm2PcrExtend (
- 0,
- &DigestList
- );
+ if ((Flags & EDKII_TCG_PRE_HASH) !=0 ) {
+ Status = Tpm2PcrExtend (
+ NewEventHdr->PCRIndex,
+ &DigestList
+ );
+ }
} else {
Status = HashAndExtend (
NewEventHdr->PCRIndex,
|