diff options
| author | Ceping Sun <cepingx.sun@intel.com> | 2024-09-27 10:14:32 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-12-10 02:09:29 +0000 |
| commit | 3b07a2fb5257f7ef39a5f8e2aa710cc8eaa2612a (patch) | |
| tree | af33ff2b2bb2d2c1e291e81768d60d426146c710 | |
| parent | 481c43308b759c89dffb1337c66b86eeb55ea35d (diff) | |
| download | edk2-3b07a2fb5257f7ef39a5f8e2aa710cc8eaa2612a.tar.gz | |
SecurityPkg/Ppi: Add gEdkiiCcPpi for CC Measurement in PEI phase
gEdkiiCcPpi is designed to support CC measurement in PEI phase.
Cc: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Signed-off-by: Ceping Sun <cepingx.sun@intel.com>
| -rw-r--r-- | SecurityPkg/Include/Ppi/CcMeasurement.h | 78 | ||||
| -rw-r--r-- | SecurityPkg/SecurityPkg.dec | 3 |
2 files changed, 81 insertions, 0 deletions
diff --git a/SecurityPkg/Include/Ppi/CcMeasurement.h b/SecurityPkg/Include/Ppi/CcMeasurement.h new file mode 100644 index 0000000000..64ff991d7e --- /dev/null +++ b/SecurityPkg/Include/Ppi/CcMeasurement.h @@ -0,0 +1,78 @@ +/** @file
+ CC Measurement PPI services.
+
+Copyright (c) 2024, Intel Corporation. All rights reserved.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#ifndef _CC_MEASUREMENT_PPI_H_
+#define _CC_MEASUREMENT_PPI_H_
+
+#include <Protocol/CcMeasurement.h>
+
+typedef struct _EDKII_CC_PPI EDKII_CC_PPI;
+
+//
+// This bit is shall be set when HashData is the pre-hash digest.
+//
+#define EDKII_CC_PRE_HASH 0x0000000000000001
+
+//
+// This bit is shall be set when HashData is the pre-hash digest and log only.
+//
+#define EDKII_CC_PRE_HASH_LOG_ONLY 0x0000000000000002
+
+/**
+ Do a hash operation on a data buffer, extend a specific RTMR with the hash result,
+ and build a GUIDed HOB recording the event which will be passed to the DXE phase and
+ added into the Event Log.
+
+ @param[in] This Indicates the calling context
+ @param[in] Flags Bitmap providing additional information
+ @param[in] HashData Physical address of the start of the data buffer to be hashed.
+ @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
+ @param[in] NewEventHdr Pointer to a CC_EVENT_HDR data structure.
+ @param[in] NewEventData Pointer to the new event data.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval Others Other error as indicated
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CC_HASH_LOG_EXTEND_EVENT)(
+ IN EDKII_CC_PPI *This,
+ IN UINT64 Flags,
+ IN EFI_PHYSICAL_ADDRESS HashData,
+ IN UINTN HashDataLen,
+ IN CC_EVENT_HDR *NewEventHdr,
+ IN UINT8 *NewEventData
+ );
+
+/**
+ The EDKII_CC_MEASUREMENT_PPI MapPcrToMrIndex function call provides callers
+ the info on TPM PCR <-> CC MR mapping information.
+
+ @param[in] This Indicates the calling context
+ @param[in] PcrIndex TPM PCR index.
+ @param[out] MrIndex CC MR index.
+
+ @retval EFI_SUCCESS The MrIndex is returned.
+ @retval Others Other error as indicated
+**/
+typedef
+EFI_STATUS
+(EFIAPI *EDKII_CC_MAP_PCR_TO_MR_INDEX)(
+ IN EDKII_CC_PPI *This,
+ IN TCG_PCRINDEX PcrIndex,
+ OUT EFI_CC_MR_INDEX *MrIndex
+ );
+
+struct _EDKII_CC_PPI {
+ EDKII_CC_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
+ EDKII_CC_MAP_PCR_TO_MR_INDEX MapPcrToMrIndex;
+};
+
+extern EFI_GUID gEdkiiCcPpiGuid;
+
+#endif
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 1fa9a567da..0589cfaf68 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -266,6 +266,9 @@ ## Include/Ppi/Tcg.h
gEdkiiTcgPpiGuid = {0x57a13b87, 0x133d, 0x4bf3, { 0xbf, 0xf1, 0x1b, 0xca, 0xc7, 0x17, 0x6c, 0xf1 } }
+ ## Include/Ppi/CcMeasurement.h
+ gEdkiiCcPpiGuid = { 0x8c8f17c3, 0xbb8d, 0x4d4e, { 0x96, 0x0e, 0xd3, 0x33, 0xcf, 0x2b, 0xcb, 0x20 }}
+
#
# [Error.gEfiSecurityPkgTokenSpaceGuid]
# 0x80000001 | Invalid value provided.
|