sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
9eb5ccda505917f6ee80284ed6fb5b51aa7152f9
system76-edk2/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
Min Xu a124cd4ef9 SecurityPkg: Support CcMeasurementProtocol in DxeTpm2MeasureBootLib 
BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=3625

DxeTpm2MeasureBootLib supports TPM2 based measure boot. After
CcMeasurementProtocol is introduced, CC based measure boot needs to
be supported in DxeTpm2MeasureBootLib as well.

There are 2 major changes in this commit.

1. A platform should have only one RTS/RTR. Only one of (virtual)TPM1.2,
(virtual)TPM2.0 and CC MR exists. Then only one TCG_SERVICE_PROTOCOL,
TCG2_PROTOCOL, CC_MEASUREMENT_PROTOCOL is exposed. In this library when
do measure boot only one of TCG2_PROTOCOL / CC_MEASUREMENT_PROTOCOL
will be called. MEASURE_BOOT_PROTOCOLS is defined to store the instances
of TCG2 protocol and CC Measurement protocol.

2. CcEvent is similar to Tcg2Event except the MrIndex and PcrIndex.
So in the code Tcg2Event will be first created and intialized. If
CcMeasurementProtocol is called to do the measure boot, then CcEvent
points to Tcg2Event and the MrIndex is adjusted.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Sami Mujawar <sami.mujawar@arm.com>
Cc: Gerd Hoffmann <kraxel@redhat.com>
Reviewed-by: Sami Mujawar <sami.mujawar@arm.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>
2021-12-11 17:00:53 +00:00

69 lines
2.3 KiB
INI
Raw Blame History

## @file
# Provides security service for TPM 2.0 measured boot and Confidential Computing measure boot.
#
# Spec Compliance Info:
# "TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 Level 00 Revision 1.03 v51"
# along with
# "Errata for PC Client Specific Platform Firmware Profile Specification Version 1.0 Revision 1.03"
#
# This library instance hooks LoadImage() API to measure every image that
# is not measured in PEI phase. And, it will also measure GPT partition.
#
# Caution: This module requires additional review when modified.
# This library will have external input - PE/COFF image and GPT partition.
# This external input must be validated carefully to avoid security issues such
# as buffer overflow or integer overflow.
#
# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = DxeTpm2MeasureBootLib
MODULE_UNI_FILE = DxeTpm2MeasureBootLib.uni
FILE_GUID = 778CE4F4-36BD-4ae7-B8F0-10B420B0D174
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = DxeTpm2MeasureBootLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 EBC
#
[Sources]
DxeTpm2MeasureBootLib.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
BaseMemoryLib
DebugLib
MemoryAllocationLib
DevicePathLib
UefiBootServicesTableLib
BaseCryptLib
PeCoffLib
BaseLib
SecurityManagementLib
HobLib
[Guids]
gMeasuredFvHobGuid ## SOMETIMES_CONSUMES ## HOB
[Protocols]
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
gEfiCcMeasurementProtocolGuid ## SOMETIMES_CONSUMES
gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
gEfiDiskIoProtocolGuid ## SOMETIMES_CONSUMES
Reference in New Issue View Git Blame Copy Permalink