sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
bcab901b7cc3b433bca5779a770ba3edbc7153f4
system76-edk2/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf
Guomin Jiang 012809cdca SecurityPkg/Tcg2Pei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098) 
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

When we allocate pool to save rebased the PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.
The Tcg2Pei calculate the hash and it use the Migrated FV Info.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
2020-07-28 01:43:16 +00:00

96 lines
3.9 KiB
INI
Raw Blame History

## @file
# Initializes TPM 2.0 device and measure FVs in PEI phase
#
# Spec Compliance Info:
# "TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 Level 00 Revision 1.03 v51"
# along with
# "Errata for PC Client Specific Platform Firmware Profile Specification Version 1.0 Revision 1.03"
#
# This module will initialize TPM device, measure reported FVs and BIOS version.
#
# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2Pei
MODULE_UNI_FILE = Tcg2Pei.uni
FILE_GUID = A0C98B77-CBA5-4BB8-993B-4AF6CE33ECE4
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
ENTRY_POINT = PeimEntryMA
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 EBC
#
# [BootMode]
# S3_RESUME ## SOMETIMES_CONSUMES
#
[Sources]
Tcg2Pei.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
HobLib
PeimEntryPoint
PeiServicesLib
BaseMemoryLib
DebugLib
Tpm2CommandLib
PeiServicesTablePointerLib
Tpm2DeviceLib
HashLib
PerformanceLib
MemoryAllocationLib
ReportStatusCodeLib
ResetSystemLib
PrintLib
[Guids]
gTcgEventEntryHobGuid ## PRODUCES ## HOB
gTpmErrorHobGuid ## SOMETIMES_PRODUCES ## HOB
gMeasuredFvHobGuid ## PRODUCES ## HOB
gTcgEvent2EntryHobGuid ## PRODUCES ## HOB
gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
gEdkiiMigratedFvInfoGuid ## SOMETIMES_CONSUMES ## HOB
[Ppis]
gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES
gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES
gPeiTpmInitializationDonePpiGuid ## PRODUCES
gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid ## SOMETIMES_CONSUMES
gEdkiiTcgPpiGuid ## PRODUCES
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdTcgPfpMeasurementRevision ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
## SOMETIMES_CONSUMES
## SOMETIMES_PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask
[Depex]
gEfiPeiMasterBootModePpiGuid AND
gEfiTpmDeviceSelectedGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2PeiExtra.uni
Reference in New Issue View Git Blame Copy Permalink