| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
| |
Add TCG Spec compliance info to TCG related module INFs.
Cc: Qin Long <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
| |
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jeff Fan <jeff.fan@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For pointer subtraction, the result is of type "ptrdiff_t". According to
the C11 standard (Committee Draft - April 12, 2011):
"When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements. The
size of the result is implementation-defined, and its type (a signed
integer type) is ptrdiff_t defined in the <stddef.h> header. If the result
is not representable in an object of that type, the behavior is
undefined."
In our codes, there are cases that the pointer subtraction is not
performed by pointers to elements of the same array object. This might
lead to potential issues, since the behavior is undefined according to C11
standard.
Also, since the size of type "ptrdiff_t" is implementation-defined. Some
static code checkers may warn that the pointer subtraction might underflow
first and then being cast to a bigger size. For example:
UINT8 *Ptr1, *Ptr2;
UINTN PtrDiff;
...
PtrDiff = (UINTN) (Ptr1 - Ptr2);
The commit will refine the pointer subtraction expressions by casting each
pointer to UINTN first and then perform the subtraction:
PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Measure DBT into PCR[7] in initial measurement phase if present and
not empty by following TCG PC Client PFP 00.49.
The previous patch according to 00.21 is removed
1404e3a1508473643efba89af34bd133ab082dd5
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Measure BootOrder, Boot#### to PCR[1] according to TCG PC-Client PFP Spec
00.21 Section 2.4.4.2
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
All the event log entry in TCG2 Event log format should be TCG_PCR_EVENT2
except event log header. Defined by TCG EFI Spec 2.0 00.13
https://trustedcomputinggroup.org/wp-content/uploads/EFI-Protocol-Specification-rev13-160330final.pdf
Cc: Long Qin <qin.long@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Long Qin <qin.long@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update PCR[4] measure logic for each boot attempt.
1. Measure event to PCR[4] instead of PCR[5]
2. Measure “Calling UEFI Application from Boot Option”
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Use UEFI_VARIABLE_DATA data structure according to TCG PC-Client PFP Spec
00.21.
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Log Startup Locality Event according to TCG PC Client PFP 00.21.
Event should be placed before any extend to PCR[0]
http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Measure DBT into PCR[7] in initial measurement phase according
to TCG PC Client PFP 00.37. http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf
Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Update debug log to report correct FinalEventLog size.
Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Tcg2Dxe allocates event log below 4G. It is unnecessary.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The logic in functions ReadAndMeasureVariable() and MeasureVariable()
within Tcg2Dxe ensure that 'VarData' will not be NULL before calling
TcgDxeHashLogExtendEvent() at line 1716.
This commit adds ASSERT as warnings for the case that will not happen.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Current code uses GetDigestListSize(DigestList) to get
digest list size, that is incorrect.
The code should get digest list size of digests copied
into event2 log, those digests are compacted, so
GetDigestListBinSize() should be used.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
| |
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by : Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes the following typos:
- intialized -> initialized
- TURE -> TRUE
- successull -> successfully
- hanlder -> handler
- funciton -> function
- Seperator -> Separator
- Sumbit -> Submit
Also convert EFI_D_ERROR to DEBUG_ERROR for some debug messages.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch extracts function Tpm2GetCapabilitySupportedAndActivePcrs()
from drivers and also update Tcg2ExecutePhysicalPresence() to call
Tpm2GetCapabilitySupportedAndActivePcrs() instead of
Tcg2Protocol->GetCapability to query the TPM to determine which
hashing algorithms are supported.
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch just moves function CopyDigestListToBuffer() from
drivers to library with HashAlgorithmMask parameter added to
make the interface more applicable.
The related function IsHashAlgSupportedInHashAlgorithmMask()
is also moved from drivers to library as internal function.
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch just moves function GetDigestListSize() from
drivers to library and no functionality change.
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
This patch just moves function Tpm2GetDigestFromDigestList() from
drivers to library as GetDigestFromDigestList() and no functionality change.
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit removes the internal implementation of the function
InternalIsZeroBuffer(). Instead, it will use the API IsZeroBuffer() from
BaseMemoryLib in MdePkg.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before adding API IsZeroBuffer() in BaseMemoryLib at MdePkg, rename the
internal implementations of IsZeroBuffer() within SecurityPkg/Tcg modules
to avoid breaking bisection.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Use BasePeCoffLib PeCoffLoaderGetImageInfo() to check the PE/COFF image.
In V2, add specific ImageRead() to make sure the PE/COFF image content
read is within the image buffer.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
size
SubmitCommand() was checking the buffer size for ">=" Max size. This would
cause code to fail with "EFI_INVALID_PARAMETER" if a buffer was passed
that was the "max" size as indicated by the GetCapability() command.
Change to ">" to allow for maximum buffer size.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
|
| |
|
|
|
|
|
|
|
| |
Reduce several DEBUG messages verbosity from INFO to VERBOSE, so that will not see debug message around each driver loading when TPM 2.0 part present.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Derek Lin <derek.lin2@hpe.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
|
| |
|
|
|
|
|
|
|
|
| |
TempBuf in SetupEventLog needs to include sizeof(UINT32) to hold NumberOfAlgorithms.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Thomas Palmer <thomas.palmer@hpe.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch updated final event log calculation based on
TCG EFI PROTOCOL rev9, 7.1.2 "All options implementation".
The previous logic is to save event to final event log
once GetEventLog() is called. 7.1.1 shows that we should
save event log to both normal even log area and final event
log area after GetEventLog() is called.
And there is no need to record TCG12 format log to final
event log area, and normal event log area can be BootServices
memory because OS will not access it directly.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19661 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, NumberOfPCRBanks is calculated based on TPM
capability. However, there might be a case that TPM hardware
support 1 algorithm, but BIOS does not support and BIOS
mask it via PCD. This causes the conflict between
HashAlgorithmBitmap and NumberOfPCRBanks.
So we move the NumberOfPCRBanks calculation based on
HashAlgorithmBitmap to make sure the data is consistent.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19660 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
| |
Since Tcg2Dxe driver follows TCG spec, we should use
TCG2 MACRO, instead of TREE macro.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19659 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
final event log area
TCG event log and TCG2 final event log area length can be configurable to meet platform event log
requirement.
PcdTcgLogAreaMinLen : 0x10000 based on minimum requirement in TCG ACPI Spec 00.37
PcdTcg2FinalLogAreaLen : 0x8000 based on experience value
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Qin Long <qin.long@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19639 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Debug messages are using a format strings with %s for
a Unicode string, but the strings being printed are
ASCII strings and this results in corrupted debug
messages. Change the the format string to use %a
instead of %s.
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19617 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
To convert these files I ran:
$ python3 BaseTools/Scripts/ConvertUni.py SecurityPkg
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19262 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is patch to remove smbios measurement in TCG driver. There will be other patch to add it in Smbios driver.
The problem of current SMBIOS measurement is:
1) TCG drivers do not support SMBIOS3.0 table.
2) TCG drivers do not follow TCG platform spec on: "Platform configuration information that is automatically updated,
such as clock registers, and system unique information, such as asset numbers or serial numbers,
MUST NOT be measured into PCR [1], or any other PCR."
So we decide to move Smbios measurement from TCG drivers to Smbios driver.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18677 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Yao Jiewen <Jiewen.Yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18403 6f19259b-4bc3-4df7-8a09-765794883524
|
| |
|
|
|
|
|
|
| |
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Yao Jiewen <Jiewen.Yao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18335 6f19259b-4bc3-4df7-8a09-765794883524
|
|
|
TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification
TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification
Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated.
1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services.
2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP.
3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol.
Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524
|
