This commit contains the patch files and tests for DxeTpmMeasureBootLib CVE 2022-36763. Cc: Jiewen Yao <jiewen.yao@intel.com> Signed-off-by: Doug Flick [MSFT] <doug.edk2@gmail.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
		
			
				
	
	
		
			65 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
			
		
		
	
	
			65 lines
		
	
	
		
			2.0 KiB
		
	
	
	
		
			INI
		
	
	
	
	
	
| ## @file
 | |
| #  Provides security service for TPM 1.2 measured boot
 | |
| #
 | |
| #  This library instance hooks LoadImage() API to measure every image that
 | |
| #  is not measured in PEI phase. And, it will also measure GPT partition.
 | |
| #
 | |
| #  Caution: This module requires additional review when modified.
 | |
| #  This library will have external input - PE/COFF image and GPT partition.
 | |
| #  This external input must be validated carefully to avoid security issues such
 | |
| #  as buffer overflow or integer overflow.
 | |
| #
 | |
| # Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
 | |
| # SPDX-License-Identifier: BSD-2-Clause-Patent
 | |
| #
 | |
| ##
 | |
| 
 | |
| [Defines]
 | |
|   INF_VERSION                    = 0x00010005
 | |
|   BASE_NAME                      = DxeTpmMeasureBootLib
 | |
|   MODULE_UNI_FILE                = DxeTpmMeasureBootLib.uni
 | |
|   FILE_GUID                      = 6C60C7D0-922A-4b7c-87D7-E503EDD73BBF
 | |
|   MODULE_TYPE                    = DXE_DRIVER
 | |
|   VERSION_STRING                 = 1.0
 | |
|   LIBRARY_CLASS                  = NULL|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
 | |
|   CONSTRUCTOR                    = DxeTpmMeasureBootLibConstructor
 | |
| 
 | |
| #
 | |
| # The following information is for reference only and not required by the build tools.
 | |
| #
 | |
| #  VALID_ARCHITECTURES           = IA32 X64 EBC
 | |
| #
 | |
| 
 | |
| [Sources]
 | |
|   DxeTpmMeasureBootLib.c
 | |
|   DxeTpmMeasureBootLibSanitization.c
 | |
|   DxeTpmMeasureBootLibSanitization.h
 | |
| 
 | |
| [Packages]
 | |
|   MdePkg/MdePkg.dec
 | |
|   MdeModulePkg/MdeModulePkg.dec
 | |
|   SecurityPkg/SecurityPkg.dec
 | |
|   CryptoPkg/CryptoPkg.dec
 | |
| 
 | |
| [LibraryClasses]
 | |
|   BaseMemoryLib
 | |
|   SafeIntLib
 | |
|   DebugLib
 | |
|   MemoryAllocationLib
 | |
|   DevicePathLib
 | |
|   UefiBootServicesTableLib
 | |
|   BaseCryptLib
 | |
|   PeCoffLib
 | |
|   BaseLib
 | |
|   SecurityManagementLib
 | |
|   HobLib
 | |
| 
 | |
| [Guids]
 | |
|   gMeasuredFvHobGuid                    ## SOMETIMES_CONSUMES ## HOB
 | |
| 
 | |
| [Protocols]
 | |
|   gEfiTcgProtocolGuid                   ## SOMETIMES_CONSUMES
 | |
|   gEfiFirmwareVolumeBlockProtocolGuid   ## SOMETIMES_CONSUMES
 | |
|   gEfiBlockIoProtocolGuid               ## SOMETIMES_CONSUMES
 | |
|   gEfiDiskIoProtocolGuid                ## SOMETIMES_CONSUMES
 |