From 01c0d3c0d508b8c1b41fd58e2ec565b40ea000ca Mon Sep 17 00:00:00 2001
From: Min M Xu <min.m.xu@intel.com>
Date: Wed, 14 Dec 2022 15:14:19 +0800
Subject: OvmfPkg/SecTpmMeasurementLib: Fix the mapping error of PCR and RTMR
 index

BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=4179

TDVF has the feature to do RTMR measurement in SEC phase. In the same time
it builds a GUID hob which carries the hash value of the measurement so
that in DXE phase a td event can be created based on this GUID Hob. There
is a mapping error between TPM PCR index and RTMR index according to UEFI
2.10. That PCR6 is missing in the mapping. This patch fixes this issue.

Cc: Erdem Aktas <erdemaktas@google.com> [ruleof2]
Cc: James Bottomley <jejb@linux.ibm.com> [jejb]
Cc: Jiewen Yao <jiewen.yao@intel.com> [jyao1]
Cc: Tom Lendacky <thomas.lendacky@amd.com> [tlendacky]
Cc: Arti Gupta <ARGU@microsoft.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'SecurityPkg')

diff --git a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c b/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c
index 38887b172d..36bfa373fe 100644
--- a/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c
+++ b/SecurityPkg/Library/SecTpmMeasurementLib/SecTpmMeasurementLibTdx.c
@@ -33,12 +33,11 @@ typedef struct {
 /**
   Get the mapped RTMR index based on the input PCRIndex.
   RTMR[0]  => PCR[1,7]
-  RTMR[1]  => PCR[2,3,4,5]
+  RTMR[1]  => PCR[2,3,4,5,6]
   RTMR[2]  => PCR[8~15]
   RTMR[3]  => NA
   Note:
     PCR[0] is mapped to MRTD and should not appear here.
-    PCR[6] is reserved for OEM. It is not used.
 
    @param[in] PCRIndex The input PCR index
 
@@ -51,7 +50,7 @@ GetMappedRtmrIndex (
 {
   UINT8  RtmrIndex;
 
-  if ((PCRIndex == 6) || (PCRIndex == 0) || (PCRIndex > 15)) {
+  if ((PCRIndex == 0) || (PCRIndex > 15)) {
     DEBUG ((DEBUG_ERROR, "Invalid PCRIndex(%d) map to MR Index.\n", PCRIndex));
     ASSERT (FALSE);
     return INVALID_PCR2MR_INDEX;
@@ -60,7 +59,7 @@ GetMappedRtmrIndex (
   RtmrIndex = 0;
   if ((PCRIndex == 1) || (PCRIndex == 7)) {
     RtmrIndex = 0;
-  } else if ((PCRIndex >= 2) && (PCRIndex < 6)) {
+  } else if ((PCRIndex >= 2) && (PCRIndex <= 6)) {
     RtmrIndex = 1;
   } else if ((PCRIndex >= 8) && (PCRIndex <= 15)) {
     RtmrIndex = 2;
-- 
cgit v1.2.3