diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index d568b4757a..b5f4eb75f2 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -5,7 +5,7 @@
# It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library classes)
# and libraries instances, which are used for those features.
#
-# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License which accompanies this distribution.
@@ -389,6 +389,15 @@
#
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29, 0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b, 0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96, 0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
+ ## This PCD defines minimum length(in bytes) of the system preboot TCG event log area(LAML).
+ # For PC Client Implementation spec up to and including 1.2 the minimum log size is 64KB.
+ # @Prompt Minimum length(in bytes) of the system preboot TCG event log area(LAML).
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen|0x10000|UINT32|0x00010017
+
+ ## This PCD defines length(in bytes) of the TCG2 Final event log area.
+ # @Prompt Length(in bytes) of the TCG2 Final event log area.
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen|0x8000|UINT32|0x00010018
+
[PcdsDynamic, PcdsDynamicEx]
## This PCD indicates Hash mask for TPM 2.0.
diff --git a/SecurityPkg/SecurityPkg.uni b/SecurityPkg/SecurityPkg.uni
index 91fff94cc9..5fcd3f93c2 100644
--- a/SecurityPkg/SecurityPkg.uni
+++ b/SecurityPkg/SecurityPkg.uni
@@ -5,7 +5,7 @@
// It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library classes)
// and libraries instances, which are used for those features.
//
-// Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+// Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
//
// This program and the accompanying materials are licensed and made available under
// the terms and conditions of the BSD License which accompanies this distribution.
@@ -192,3 +192,12 @@
"Bios may choose to register a subset of PcdTpm2HashMask.\n"
"So this PCD is final value of how many hash algo is extended to PCR."
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcgLogAreaMinLen_PROMPT #language en-US "Minimum length(in bytes) of the system preboot TCG event log area(LAML)."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcgLogAreaMinLen_HELP #language en-US "This PCD defines minimum length(in bytes) of the system preboot TCG event log area(LAML).\n"
+ "For PC Client Implementation spec up to and including 1.2 the minimum log size is 64KB."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcg2FinalLogAreaLen_PROMPT #language en-US "Length(in bytes) of the TCG2 Final event log area."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcg2FinalLogAreaLen_HELP #language en-US "This PCD defines length(in bytes) of the TCG2 Final event log area."
+
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index ae5e0841c2..f0dbbac5b1 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -56,9 +56,6 @@ typedef struct {
EFI_GUID *VendorGuid;
} VARIABLE_TYPE;
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-#define EFI_TCG_FINAL_LOG_AREA_SIZE 0x1000
-
#define TCG2_DEFAULT_MAX_COMMAND_SIZE 0x1000
#define TCG2_DEFAULT_MAX_RESPONSE_SIZE 0x1000
@@ -1470,19 +1467,19 @@ SetupEventLog (
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
- mTcgDxeData.EventLogAreaStruct[Index].Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
//
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
//
// Create first entry for Log Header Entry Data
//
@@ -1571,13 +1568,13 @@ SetupEventLog (
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_FINAL_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcg2FinalLogAreaLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_FINAL_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcg2FinalLogAreaLen), 0xFF);
//
// Initialize
@@ -1588,7 +1585,7 @@ SetupEventLog (
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = Lasa + sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
- mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = EFI_TCG_FINAL_LOG_AREA_SIZE - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
+ mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcg2FinalLogAreaLen) - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID *)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
index ca6741b3ad..fd120e5538 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -100,6 +100,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen ## CONSUMES
[Depex]
TRUE
diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
index 4e2741c0cf..1e52179885 100644
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
@@ -53,8 +53,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include "TpmComm.h"
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-
#define TCG_DXE_DATA_FROM_THIS(this) \
BASE_CR (this, TCG_DXE_DATA, TcgProtocol)
@@ -653,7 +651,7 @@ SetupEventLog (
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
@@ -664,8 +662,8 @@ SetupEventLog (
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
- mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
+ mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
} else {
Lasa = mTcgServerAcpiTemplate.Lasa;
@@ -673,7 +671,7 @@ SetupEventLog (
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
@@ -684,8 +682,8 @@ SetupEventLog (
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
- mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
+ mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
}
GuidHob.Raw = GetHobList ();
diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf b/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
index 0976304883..e5409dfefd 100644
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
@@ -2,7 +2,7 @@
# Produces TCG protocol and measures boot environment
# This module will produce TCG protocol and measure boot environment.
#
-# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -75,6 +75,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ## CONSUMES
[Depex]
TRUE
diff --git a/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c b/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c
index 8f344fe93e..dfdee04688 100644
--- a/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c
+++ b/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c
@@ -55,8 +55,6 @@ typedef struct {
EFI_GUID *VendorGuid;
} VARIABLE_TYPE;
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-
#define TREE_DEFAULT_MAX_COMMAND_SIZE 0x1000
#define TREE_DEFAULT_MAX_RESPONSE_SIZE 0x1000
@@ -949,19 +947,19 @@ SetupEventLog (
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
- mTcgDxeData.EventLogAreaStruct[Index].Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
//
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
}
//
@@ -969,10 +967,10 @@ SetupEventLog (
//
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
mTcgClientAcpiTemplate.Lasa = mTcgDxeData.EventLogAreaStruct[0].Lasa;
- mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
} else {
mTcgServerAcpiTemplate.Lasa = mTcgDxeData.EventLogAreaStruct[0].Lasa;
- mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
}
//
diff --git a/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf b/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
index 258ab46db9..c22e8f0004 100644
--- a/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
+++ b/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
@@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -94,6 +94,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ## CONSUMES
[Depex]
TRUE