SecurityPkg: Tcg2Dxe: Log Startup Locality Event

Log Startup Locality Event according to TCG PC Client PFP 00.21. Event should be placed before any extend to PCR[0] http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf Cc: Star Zeng <star.zeng@intel.com> Cc: Yao Jiewen <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
2017-01-22 12:47:51 +08:00
parent 223a99e524
commit 18458db1d4
4 changed files with 60 additions and 14 deletions
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -1381,11 +1381,12 @@ SetupEventLog (
  UINT32                          HashAlgorithmMaskCopied;
  TCG_EfiSpecIDEventStruct        *TcgEfiSpecIdEventStruct;
  UINT8                           TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
-  TCG_PCR_EVENT_HDR               FirstPcrEvent;
+  TCG_PCR_EVENT_HDR               NoActionEvent;
  TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
  TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
  UINT8                           *VendorInfoSize;
  UINT32                          NumberOfAlgorithms;
+  TCG_EfiStartupLocalityEvent     StartupLocalityEvent;

  DEBUG ((EFI_D_INFO, "SetupEventLog\n"));

@@ -1468,24 +1469,53 @@ SetupEventLog (
        VendorInfoSize = (UINT8 *)TempDigestSize;
        *VendorInfoSize = 0;

-        //
-        // FirstPcrEvent
-        //
-        FirstPcrEvent.PCRIndex = 0;
-        FirstPcrEvent.EventType = EV_NO_ACTION;
-        ZeroMem (&FirstPcrEvent.Digest, sizeof(FirstPcrEvent.Digest));
-        FirstPcrEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
+        NoActionEvent.PCRIndex = 0;
+        NoActionEvent.EventType = EV_NO_ACTION;
+        ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
+        NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);

        //
-        // Record
+        // Log TcgEfiSpecIdEventStruct as the first Event
+        //   TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log
        //
        Status = TcgDxeLogEvent (
                   mTcg2EventInfo[Index].LogFormat,
-                   &FirstPcrEvent,
-                   sizeof(FirstPcrEvent),
+                   &NoActionEvent,
+                   sizeof(NoActionEvent),
                   (UINT8 *)TcgEfiSpecIdEventStruct,
-                   FirstPcrEvent.EventSize
+                   NoActionEvent.EventSize
                   );
+
+        //
+        // EfiStartupLocalityEvent
+        //
+        GuidHob.Guid = GetFirstGuidHob (&gTpm2StartupLocalityHobGuid);
+        if (GuidHob.Guid != NULL) {
+          //
+          // Get Locality Indicator from StartupLocality HOB
+          //
+          StartupLocalityEvent.StartupLocality = *(UINT8 *)(GET_GUID_HOB_DATA (GuidHob.Guid));
+          CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof(StartupLocalityEvent.Signature));
+
+          NoActionEvent.PCRIndex = 0;
+          NoActionEvent.EventType = EV_NO_ACTION;
+          ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
+          NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
+
+          DEBUG ((DEBUG_INFO, "SetupEventLog: Set Locality from HOB into StartupLocalityEvent 0x%02x\n", StartupLocalityEvent.StartupLocality));
+
+          //
+          // Log EfiStartupLocalityEvent as the second Event
+          //   TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
+          //
+          Status = TcgDxeLogEvent (
+                     mTcg2EventInfo[Index].LogFormat,
+                     &NoActionEvent,
+                     sizeof(NoActionEvent),
+                     (UINT8 *)&StartupLocalityEvent,
+                     NoActionEvent.EventSize
+                     );
+        }
      }
    }
  }
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -7,7 +7,7 @@
 #  This external input must be validated carefully to avoid security issue like
 #  buffer overflow, integer overflow.
 #
-# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
 # This program and the accompanying materials
 # are licensed and made available under the terms and conditions of the BSD License
 # which accompanies this distribution. The full text of the license may be found at
@@ -80,6 +80,7 @@
  gEfiTpmDeviceInstanceTpm12Guid                     ## SOMETIMES_CONSUMES  ## GUID       # TPM device identifier

  gTcgEvent2EntryHobGuid                             ## SOMETIMES_CONSUMES  ## HOB
+  gTpm2StartupLocalityHobGuid                        ## SOMETIMES_CONSUMES  ## HOB

 [Protocols]
  gEfiTcg2ProtocolGuid                               ## PRODUCES