From b2df9a89ba9b1a490475bff4eb67d1d435677696 Mon Sep 17 00:00:00 2001 From: Ceping Sun Date: Fri, 27 Sep 2024 13:18:00 +0800 Subject: SecurityPkg/PeiTpmMeasurementLib: Support CC Measurement PeiTpmMeasurementLib is updated to support both TCG measurement and CC Measurement. gEfiPeiMasterBootModePpiGuid is removed from [Depex] because it is not needed for the library. Cc: Jiewen Yao Signed-off-by: Min Xu Signed-off-by: Ceping Sun --- .../PeiTpmMeasurementLib/PeiTpmMeasurementLib.c | 101 +++++++++++++++++---- .../PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf | 3 +- 2 files changed, 84 insertions(+), 20 deletions(-) diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c index 0e84fd661a..643e14520d 100644 --- a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c @@ -7,17 +7,80 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/ #include - #include #include #include #include #include #include - #include +#include #include +EFI_STATUS +CcMeasureAndLogData ( + EDKII_CC_PPI *CcPpi, + IN UINT32 PcrIndex, + IN UINT32 EventType, + IN VOID *EventLog, + IN UINT32 LogLen, + IN VOID *HashData, + IN UINT64 HashDataLen + ) +{ + EFI_STATUS Status; + CC_EVENT_HDR CcEventHdr; + EFI_CC_MR_INDEX MrIndex; + + Status = CcPpi->MapPcrToMrIndex (CcPpi, PcrIndex, &MrIndex); + if (EFI_ERROR (Status)) { + return Status; + } + + CcEventHdr.MrIndex = MrIndex; + CcEventHdr.EventType = EventType; + CcEventHdr.EventSize = LogLen; + + Status = CcPpi->HashLogExtendEvent ( + CcPpi, + 0, + (EFI_PHYSICAL_ADDRESS)(UINTN)HashData, + (UINTN)HashDataLen, + &CcEventHdr, + EventLog + ); + return Status; +} + +EFI_STATUS +TcgMeasureAndLogData ( + EDKII_TCG_PPI *TcgPpi, + IN UINT32 PcrIndex, + IN UINT32 EventType, + IN VOID *EventLog, + IN UINT32 LogLen, + IN VOID *HashData, + IN UINT64 HashDataLen + ) +{ + EFI_STATUS Status; + TCG_PCR_EVENT_HDR TcgEventHdr; + + TcgEventHdr.PCRIndex = PcrIndex; + TcgEventHdr.EventType = EventType; + TcgEventHdr.EventSize = LogLen; + + Status = TcgPpi->HashLogExtendEvent ( + TcgPpi, + 0, + HashData, + (UINTN)HashDataLen, + &TcgEventHdr, + EventLog + ); + return Status; +} + /** Tpm measure and log data, and extend the measurement result into a specific PCR. @@ -44,9 +107,20 @@ TpmMeasureAndLogData ( IN UINT64 HashDataLen ) { - EFI_STATUS Status; - EDKII_TCG_PPI *TcgPpi; - TCG_PCR_EVENT_HDR TcgEventHdr; + EFI_STATUS Status; + EDKII_TCG_PPI *TcgPpi; + EDKII_CC_PPI *CcPpi; + + Status = PeiServicesLocatePpi ( + &gEdkiiCcPpiGuid, + 0, + NULL, + (VOID **)&CcPpi + ); + if (!EFI_ERROR (Status)) { + DEBUG ((DEBUG_INFO, "PeiTpmMeasureAndLogData with Cc Measurement Ppi \n")); + return CcMeasureAndLogData (CcPpi, PcrIndex, EventType, EventLog, LogLen, HashData, HashDataLen); + } Status = PeiServicesLocatePpi ( &gEdkiiTcgPpiGuid, @@ -54,21 +128,10 @@ TpmMeasureAndLogData ( NULL, (VOID **)&TcgPpi ); - if (EFI_ERROR (Status)) { - return Status; + if (!EFI_ERROR (Status)) { + DEBUG ((DEBUG_INFO, "PeiTpmMeasureAndLogData with Tcg Ppi \n")); + Status = TcgMeasureAndLogData (TcgPpi, PcrIndex, EventType, EventLog, LogLen, HashData, HashDataLen); } - TcgEventHdr.PCRIndex = PcrIndex; - TcgEventHdr.EventType = EventType; - TcgEventHdr.EventSize = LogLen; - - Status = TcgPpi->HashLogExtendEvent ( - TcgPpi, - 0, - HashData, - (UINTN)HashDataLen, - &TcgEventHdr, - EventLog - ); return Status; } diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf index be5e344d7f..af94d53560 100644 --- a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.inf @@ -44,6 +44,7 @@ [Ppis] gEdkiiTcgPpiGuid ## CONSUMES + gEdkiiCcPpiGuid ## CONSUMES [Depex] - gEfiPeiMasterBootModePpiGuid + TRUE -- cgit