sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
30,642 Commits 13 Branches 33 Tags
9eb5ccda505917f6ee80284ed6fb5b51aa7152f9
Commit Graph

335 Commits

Author SHA1 Message Date
Rodrigo Gonzalez Del Cueto
7aa06237b8 SecurityPkg: Remove enforcement of final GoIdle transition for CRB commands 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4077

Following the design described in the TCG specification,
the driver implementation of the CRB protocol does not require
enforcing completing the transition to goIdle at the end of a command
sequence.

Signed-off-by: Rodrigo Gonzalez Del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2022-09-30 12:00:24 +00:00
Michael Kubacki
e495b1009a SecurityPkg/SmmTcg2PhysicalPresenceLib: Add missing debug print specifier 
The debug macro modified in this change was missing a print specifier
for a debug message argument given.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2022-09-09 01:42:39 +00:00
Qi Zhang
6f4e10d6db SecurityPkg: Add retry mechanism for tpm command 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3980

As per TCG PC Client Device Driver Design Principle document,
if tpm commands fails due to timeout condition, then it should
have retry mechanism (3 retry attempts).
Existing implementation of PtpCrbTpmCommand does not have retry
mechanism if it fails with EFI_TIMEOUT.

See TCG PC Client Device Driver Design Principles for TPM 2.0
https://trustedcomputinggroup.org/wp-content/uploads/TCG_PCClient_Device_Driver_Design_Principles_TPM2p0_v1p1_r4_211104_final.pdf
Vision 1.1, Revision 0.04
Section 7.2.1

Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Tested-by: Swapnil Patil <S.Keshavrao.Patil@dell.com>
 2022-07-31 16:34:01 +00:00
kuqin
dbc4e3675f SecurityPkg: SecureBootVariableLib: Added unit tests 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911

This change added unit test and enabled it from pipeline for the updated
SecureBootVariableLib.

The unit test covers all implemented interfaces and certain corner cases.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
Kun Qin
fe73e9cd89 SecurityPkg: SecureBootVariableProvisionLib: Updated implementation 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910

This change is in pair with the previous SecureBootVariableLib, which
removes the explicit invocation of `CreateTimeBasedPayload` and used new
interface `EnrollFromInput` instead.

The original `SecureBootFetchData` is also moved to this library and
incorporated with the newly defined `SecureBootCreateDataFromInput` to
keep the original code flow.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
kuqin
6eb4079475 SecurityPkg: SecureBootVariableLib: Added newly supported interfaces 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911

This change updated the interfaces provided by SecureBootVariableLib.

The new additions provided interfaces to enroll single authenticated
variable from input, a helper function to query secure boot status,
enroll all secure boot variables from UefiSecureBoot.h defined data
structures, a as well as a routine that deletes all secure boot related
variables.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
kuqin
6de7c084db SecurityPkg: SecureBootVariableLib: Updated signature list creator 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3910

This change removes the interface of SecureBootFetchData, and replaced
it with `SecureBootCreateDataFromInput`, which will require caller to
prepare available certificates in defined structures.

This improvement will eliminate the dependency of reading from FV,
extending the availability of this library instance.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
Kun Qin
56c717aafa SecurityPkg: SecureBootVariableLib: Updated time based payload creator 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3909

This change updated the interface of 'CreateTimeBasedPayload' by
requiring the caller to provide a timestamp, instead of relying on time
protocol to be ready during runtime. It intends to extend the library
availability during boot environment.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
Kun Qin
d6bee54c45 SecurityPkg: PlatformPKProtectionLib: Added PK protection interface 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3911

This patch provides an abstracted interface for platform to implement PK
variable related protection interface, which is designed to be used when
PK variable is about to be changed by UEFI firmware.

This change also provided a variable policy based library implementation
to accomodate platforms that supports variable policy for variable
protections.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>

Signed-off-by: Kun Qin <kun.qin@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Michael Kubacki <michael.kubacki@microsoft.com>
 2022-07-07 01:07:00 +00:00
Min M Xu
05e57cc9ce SecurityPkg/HashLibTdx: Return EFI_UNSUPPORTED if it is not Tdx guest 
HashLibTdx is designed for the Tdx guest. So if is not a Tdx guest,
return EFI_UNSUPPORTED in RegisterHashInterfaceLib.

Cc: Gerd Hoffmann <kraxel@redhat.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-06-16 08:08:19 +00:00
Min M Xu
2818fda9bc Security: Add SecTpmMeasurementLibTdx 
SecTpmMeasurementLitTdx is an instance of TpmMeasurementLib. It is
designed to used in a Td guest. This lib measures and logs data, and
extendx the measurement result into a specific RTMR.

SecTpmMeasurementLibTdx is a refactored lib of
OvmfPkg/Library/SecMeasurementLibTdx and it just copies
GetMappedRtmrIndex/TdxMeasureAndLogData from that lib. At the end of
this patch-set SecMeasurementLibTdx will be deleted.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2022-06-07 11:05:53 +00:00
Min Xu
72c5afd0b4 Security: Add HashLibTdx 
RFC: https://bugzilla.tianocore.org/show_bug.cgi?id=3853

This library provides hash service by registered hash handler in Td
guest. Currently only SHA384 is supported. After that the hash value is
extended to Td RTMR registers which is similar to TPM PCRs.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
 2022-06-03 11:41:36 +00:00
Rodrigo Gonzalez del Cueto
ab5ab2f603 SecurityPkg: TPM must go to Idle state on CRB command completion 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3463

In V2: Fixed patch format and uncrustify cleanup

In V1: To follow the TCG CRB protocol specification, on every CRB TPM
 command completion the TPM should return to Idle state, regardless of
the CRB Idle Bypass capability reported by the TPM device.

See: TCG PC Client Device Driver Design Principles for TPM 2.0,
Version 1.0, Rev 0.27

Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-12-17 15:03:43 +00:00
Rodrigo Gonzalez del Cueto
195f011973 SecurityPkg: Reallocate TPM Active PCRs based on platform support 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3515

In V4: Fixed patch format and uncrustify cleanup

In V3: Cleaned up comments, debug prints and updated patch to use the
new debug ENUM definitions.

- Replaced EFI_D_INFO with DEBUG_INFO.
- Replaced EFI_D_VERBOSE with DEBUG_VERBOSE.

In V2: Add case to RegisterHashInterfaceLib logic

RegisterHashInterfaceLib needs to correctly handle registering the HashLib
instance supported algorithm bitmap when PcdTpm2HashMask is set to zero.

The current implementation of SyncPcrAllocationsAndPcrMask() triggers
PCR bank reallocation only based on the intersection between
TpmActivePcrBanks and PcdTpm2HashMask.

When the software HashLibBaseCryptoRouter solution is used, no PCR bank
reallocation is occurring based on the supported hashing algorithms
registered by the HashLib instances.

Need to have an additional check for the intersection between the
TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the
HashLib instances present on the platform's BIOS.

Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-12-17 15:03:43 +00:00
Rodrigo Gonzalez del Cueto
8ed8568922 SecurityPkg: Debug code to audit BIOS TPM extend operations 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858

In V2: Fixed patch format and uncrustify cleanup

In V1: Add debug functionality to examine TPM extend operations
performed by BIOS and inspect the PCR 00 value prior to
any BIOS measurements.

Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-12-17 15:03:43 +00:00
Min Xu
8c06c53b58 SecurityPkg: Support CcMeasurementProtocol in DxeTpmMeasurementLib 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625

DxeTpmMeasurementLib supports TPM based measurement in DXE phase.
After CcMeasurementProtocol is introduced, CC based measurement needs
to be supported in DxeTpmMeasurementLib as well.

A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed.

In this library when do measurement only one of above 3 protocols will
be called.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
 2021-12-11 17:00:53 +00:00
Min Xu
a124cd4ef9 SecurityPkg: Support CcMeasurementProtocol in DxeTpm2MeasureBootLib 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625

DxeTpm2MeasureBootLib supports TPM2 based measure boot. After
CcMeasurementProtocol is introduced, CC based measure boot needs to
be supported in DxeTpm2MeasureBootLib as well.

There are 2 major changes in this commit.

1. A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed. In this library when
do measure boot only one of TCG2_PROTOCOL / CC_MEASUREMENT_PROTOCOL
will be called. MEASURE_BOOT_PROTOCOLS is defined to store the instances
of TCG2 protocol and CC Measurement protocol.

2. CcEvent is similar to Tcg2Event except the MrIndex and PcrIndex.
So in the code Tcg2Event will be first created and intialized. If
CcMeasurementProtocol is called to do the measure boot, then CcEvent
points to Tcg2Event and the MrIndex is adjusted.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
 2021-12-11 17:00:53 +00:00
Michael Kubacki
c411b485b6 SecurityPkg: Apply uncrustify changes 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737

Apply uncrustify changes to .c/.h files in the SecurityPkg package

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Michael D Kinney
f9f4fb2329 SecurityPkg: Change complex DEBUG_CODE() to DEBUG_CODE_BEGIN/END() 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3767

Update use of DEBUG_CODE(Expression) if Expression is a complex code
block with if/while/for/case statements that use {}.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Michael D Kinney
12710fe93b SecurityPkg: Change OPTIONAL keyword usage style 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3760

Update all use of ', OPTIONAL' to ' OPTIONAL,' for function params.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Michael D Kinney
e905fbb05a SecurityPkg: Change use of EFI_D_* to DEBUG_* 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3739

Update all use of EFI_D_* defines in DEBUG() macros to DEBUG_* defines.

Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael Kubacki <michael.kubacki@microsoft.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2021-12-07 17:24:28 +00:00
Stefan Berger
282122ec5f ArmVirtPkg/TPM: Add a NULL implementation of TpmPlatformHierarchyLib 
Add a NULL implementation of the library class TpmPlatformHierarchyLib.

Link: https://bugzilla.tianocore.org/show_bug.cgi?id=3510
Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
 2021-10-05 09:54:11 +00:00
Stefan Berger
f108178c56 SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy 
Introduce the new PCD
gEfiSecurityPkgTokenSpaceGuid.PcdRandomizePlatformHierarchy.
We need it for TpmPlatformHierarchyLib.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-09-13 16:53:14 +00:00
Stefan Berger
2906e572c6 SecurityPkg/Tcg: Make Tcg2PlatformDxe buildable and fix style issues 
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-09-13 16:53:14 +00:00
Stefan Berger
4d5f39cd22 SecurityPkg/TPM: Fix bugs in imported PeiDxeTpmPlatformHierarchyLib 
Fix some bugs in the original PeiDxeTpmPlatformHierarchyLib.c.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2021-09-13 16:53:14 +00:00
Stefan Berger
610d8073f2 SecurityPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms 
Import PeiDxeTpmPlatformHierarchyLib from edk2-platforms without any
modifications.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
 2021-09-13 16:53:14 +00:00
Rodrigo Gonzalez del Cueto
3c6107758b SecurityPkg: Fix GetSupportedAndActivePcrs counter calculation 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2855
The Tpm2GetCapabilitySupportedAndActivePcrs function prints a
count number that should reflect the *supported and currently
active* PCR banks, but the implementation in place displays
instead the count of the *supported PCR banks* retrieved
directly from the Tpm2GetCapabilityPcrs()
TPML_PCR_SELECTION output.

The counter should only take into account those PCRs banks
which are active.

Replaced usage of EFI_D_* for DEBUG_* definitions in debug
messages.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-08-09 03:32:24 +00:00
Grzegorz Bernacki
9732659698 SecurityPkg: Create library for enrolling Secure Boot variables. 
This commits add library, which consist functions to
enrolll Secure Boot keys and initialize Secure Boot
default variables. Some of the functions was moved
 from SecureBootConfigImpl.c file.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-08-03 07:26:41 +00:00
Grzegorz Bernacki
bb806a6e88 SecurityPkg: Create SecureBootVariableLib. 
This commits add library, which consist helper functions related
to creation/removal Secure Boot variables. Some of the functions
was moved from SecureBootConfigImpl.c file.

Signed-off-by: Grzegorz Bernacki <gjb@semihalf.com>
Reviewed-by: Sunny Wang <sunny.wang@arm.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-08-03 07:26:41 +00:00
Scottie Kuo
11b1c1d4b9 SecurityPkg: TcgStorageOpalLib: Initialize SupportedAttributes parameter. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3408

The value of SupportedAttributes in OpalGetSupportedAttributesInfo ()
is left undetermined, if the caller doesn't initialize it.
Initialize it in the function entry.

Signed-off-by: Scottie Kuo <scottie.kuo@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Maggie Chu <maggie.chu@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2021-06-15 08:43:25 +00:00
Kun Qin
7a56650e2e SecurityPkg: Tpm2DeviceLibDTpm: Introduce StandaloneMm instance 
This change added a new instance of Tpm2DeviceLibDTpm to support drivers
of type MM_STANDALONE. It abstracts dynamic Pcd access into separate file
for different instances to avoid dynamic usage for StandaloneMm modules.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-02-01 10:03:35 -08:00
Kun Qin
44ac44a269 SecurityPkg: Tcg2PpVendorLibNull: Added support for MM_STANDALONE type 
This change extends this null instance of Tcg2PpVendorLib to support
MM_STANDALONE drivers.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-02-01 10:03:35 -08:00
Kun Qin
4593925505 SecurityPkg: Tcg2PhysicalPresenceLib: Introduce StandaloneMm instance 
This change added a new instance of Tcg2PhysicalPresenceLib to support
MM_STANDALONE type drivers. It centralizes the common routines into
shared files and abstract the library constructor into corresponding
files to implement each constructor function prototypes.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2021-02-01 10:03:35 -08:00
gaoliming
e9d62effa3 Revert "SecurityPkg: Add RPMC Index to the RpmcLib" 
This reverts commit 6c8dd15c4a.

Based on the discussion https://edk2.groups.io/g/devel/message/67764,
this change is regarded as the feature request. But, it doesn't pass
reviewed before 202011 stable tag soft feature freeze. So, it should
not be merged into 202011 stable tag.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Nishant C Mistry <nishant.c.mistry@intel.com>
Signed-off-by: Liming Gao <gaoliming@byosoft.com.cn>
Acked-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
 2020-11-26 01:22:29 +00:00
Nishant Mistry
6c8dd15c4a SecurityPkg: Add RPMC Index to the RpmcLib 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594

The re-design requires multiple RPMC counter usages.
The consumer will be capable of selecting amongst multiple counters.

Signed-off-by: Nishant C Mistry <nishant.c.mistry@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-19 08:18:03 +00:00
Bret Barkelew
28f4616fde SecurityPkg: Allow VariablePolicy state to delete authenticated variables 
https://bugzilla.tianocore.org/show_bug.cgi?id=2522

Causes AuthService to check
IsVariablePolicyEnabled() before enforcing
write protections to allow variable deletion
when policy engine is disabled.

Only allows deletion, not modification.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Bret Barkelew <brbarkel@microsoft.com>
Signed-off-by: Bret Barkelew <brbarkel@microsoft.com>
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Acked-by: Jian J Wang <jian.j.wang@intel.com>
 2020-11-17 01:03:43 +00:00
Terry Lee
709b163940 SecurityPkg/Tcg2PhysicalPresenceLib: Fix incorrect TCG VER comparision 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2697

Tcg2PhysicalPresenceLibConstructor set the module variable
mIsTcg2PPVerLowerThan_1_3 with incorrect TCG version comparision.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-10-18 01:14:43 +00:00
Qi Zhang
7bcb021a6d SecurityPkg/PeiTpmMeasurementLib: remove gEfiTpmDeviceSelectedGuid 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2963

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-16 05:16:02 +00:00
Zhichao Gao
cdfc7ed34f SecurityPkg/DxeImageVerificationLib: Disable SHA1 base on MACRO 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2943

Disable SHA1 base on the MACRO DISABLE_SHA1_DEPRECATED_INTERFACES.
SHA1 is deprecated function and the MACRO is used to remove the whole
implementation of the SHA1. For the platforms that do not need SHA1
for security, the MACRO should works for DxeImageVerificationLib as
well.

Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-09-07 02:38:42 +00:00
Laszlo Ersek
0b143fa43e SecurityPkg/DxeImageVerificationLib: catch alignment overflow (CVE-2019-14562) 
The DxeImageVerificationHandler() function currently checks whether
"SecDataDir" has enough room for "WinCertificate->dwLength". However, for
advancing "OffSet", "WinCertificate->dwLength" is aligned to the next
multiple of 8. If "WinCertificate->dwLength" is large enough, the
alignment will return 0, and "OffSet" will be stuck at the same value.

Check whether "SecDataDir" has room left for both
"WinCertificate->dwLength" and the alignment.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-4-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Laszlo Ersek
a7632e913c SecurityPkg/DxeImageVerificationLib: assign WinCertificate after size check 
Currently the (SecDataDirLeft <= sizeof (WIN_CERTIFICATE)) check only
guards the de-referencing of the "WinCertificate" pointer. It does not
guard the calculation of the pointer itself:

  WinCertificate = (WIN_CERTIFICATE *) (mImageBase + OffSet);

This is wrong; if we don't know for sure that we have enough room for a
WIN_CERTIFICATE, then even creating such a pointer, not just
de-referencing it, may invoke undefined behavior.

Move the pointer calculation after the size check.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-3-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Laszlo Ersek
503248ccdf SecurityPkg/DxeImageVerificationLib: extract SecDataDirEnd, SecDataDirLeft 
The following two quantities:

  SecDataDir->VirtualAddress + SecDataDir->Size
  SecDataDir->VirtualAddress + SecDataDir->Size - OffSet

are used multiple times in DxeImageVerificationHandler(). Introduce helper
variables for them: "SecDataDirEnd" and "SecDataDirLeft", respectively.
This saves us multiple calculations and significantly simplifies the code.

Note that all three summands above have type UINT32, therefore the new
variables are also of type UINT32.

This patch does not change behavior.

(Note that the code already handles the case when the

  SecDataDir->VirtualAddress + SecDataDir->Size

UINT32 addition overflows -- namely, in that case, the certificate loop is
never entered, and the corruption check right after the loop fires.)

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Min Xu <min.m.xu@intel.com>
Cc: Wenyi Xie <xiewenyi2@huawei.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=2215
Signed-off-by: Laszlo Ersek <lersek@redhat.com>
Message-Id: <20200901091221.20948-2-lersek@redhat.com>
Reviewed-by: Philippe Mathieu-Daudé <philmd@redhat.com>
Tested-by: Wenyi Xie <xiewenyi2@huawei.com>
Reviewed-by: Min M Xu <min.m.xu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-09-02 10:16:18 +00:00
Qi Zhang
a13947b2fa SecurityPkg/TcgEventLogRecordLib: add new lib for firmware measurement 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2376

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Message-Id: <20200818062618.3698-2-qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-26 15:56:11 +00:00
Michael D Kinney
53b40c9c6d SecurityPkg: Fix spelling mistake for occurred 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2361

Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-08-19 00:54:23 +00:00
Zhang, Qi
1b0d659e6d SecurityPkg/Tpm2CommandLib: add a new function 
Tpm2GetCapabilityIsCommandImplemented

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2793

check if the commad is supported by comparing the command code with
command index.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-07-28 09:56:25 +00:00
Jiewen Yao
98625337e4 SecurityPkg/PeiTpmMeasurementLib: Add PEI instance. 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2841

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-07-23 01:31:43 +00:00
Maggie Chu
1a2ad3ba9e SecurityPkg: Change default value source 
https://bugzilla.tianocore.org/show_bug.cgi?id=2713
In current code, If TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE variable
is not exist, code will get default value from two places.
This fix is to make the default value comes from the PCD
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags

Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
 2020-05-21 15:48:57 +00:00
Guomin Jiang
1854eee1b4 SecurityPkg/DxeImageVerificationLib: Mark the File parameter as OPTIONAL 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

According to the File description, the File is optional and can be NULL.

Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00
Guomin Jiang
c14f034a1a SecurityPkg/DxeImageAuth: Mark the File parameter as OPTIONAL 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

According to the File description, The File is optional and can be NULL.

Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00
Guomin Jiang
1755932f89 SecurityPkg/TPM: measure UEFI images without associated device paths again 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2652

DxeTpm2MeasureBootHandler() and DxeTpmMeasureBootHandler() functions may
receive a FileBuffer argument that is not associated with any particular
device path (e.g., because the UEFI image has not been loaded from any
particular device path).
Therefore rejecting (File==NULL) at the top of the function is invalid.

Fixes: 4b026f0d5a

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>

Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
 2020-04-22 01:55:34 +00:00