Re: [PATCH v2 9/9] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY


Wang, Jian J
 

Reviewed-by: Jian J Wang <jian.j.wang@...>

Regards,
Jian

-----Original Message-----
From: Zhang, Qi1 <qi1.zhang@...>
Sent: Thursday, August 06, 2020 8:34 AM
To: devel@edk2.groups.io
Cc: Zhang, Qi1 <qi1.zhang@...>; Yao, Jiewen <jiewen.yao@...>;
Wang, Jian J <jian.j.wang@...>; Kumar, Rahul1 <rahul1.kumar@...>
Subject: [PATCH v2 9/9] SecurityPkg/Tcg2: handle PRE HASH and LOG ONLY

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@...>
Cc: Jian J Wang <jian.j.wang@...>
Cc: Qi Zhang <qi1.zhang@...>
Cc: Rahul Kumar <rahul1.kumar@...>
Signed-off-by: Qi Zhang <qi1.zhang@...>
---
SecurityPkg/Include/Ppi/Tcg.h | 5 +++++
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 12 +++++++-----
2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/SecurityPkg/Include/Ppi/Tcg.h b/SecurityPkg/Include/Ppi/Tcg.h
index 0e943f2465..22f47f9817 100644
--- a/SecurityPkg/Include/Ppi/Tcg.h
+++ b/SecurityPkg/Include/Ppi/Tcg.h
@@ -18,6 +18,11 @@ typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI;
//

#define EDKII_TCG_PRE_HASH 0x0000000000000001



+//

+// This bit is shall be set when HashData is the pre-hash digest and log only.

+//

+#define EDKII_TCG_PRE_HASH_LOG_ONLY 0x0000000000000002

+

/**

Tpm measure and log data, and extend the measurement result into a specific
PCR.



diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
index 246968bb7f..b56b03746c 100644
--- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
+++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
@@ -453,13 +453,15 @@ HashLogExtendEvent (
return EFI_DEVICE_ERROR;

}



- if(Flags & EDKII_TCG_PRE_HASH) {

+ if ((Flags & EDKII_TCG_PRE_HASH) || (Flags &
EDKII_TCG_PRE_HASH_LOG_ONLY)) {

ZeroMem (&DigestList, sizeof(DigestList));

CopyMem (&DigestList, HashData, sizeof(DigestList));

- Status = Tpm2PcrExtend (

- 0,

- &DigestList

- );

+ if (Flags & EDKII_TCG_PRE_HASH) {

+ Status = Tpm2PcrExtend (

+ NewEventHdr->PCRIndex,

+ &DigestList

+ );

+ }

} else {

Status = HashAndExtend (

NewEventHdr->PCRIndex,

--
2.26.2.windows.1

Join devel@edk2.groups.io to automatically receive all group messages.