Revision: 19639
http://sourceforge.net/p/edk2/code/19639
Author: czhang46
Date: 2016-01-12 00:37:02 +0000 (Tue, 12 Jan 2016)
Log Message:
-----------
SecurityPkg: TcgDxe,Tcg2Dxe,TrEEDxe: New PCD for TCG event log and TCG2 final
event log area
TCG event log and TCG2 final event log area length can be configurable to meet
platform event log
requirement.
PcdTcgLogAreaMinLen : 0x10000 based on minimum requirement in TCG ACPI Spec
00.37
PcdTcg2FinalLogAreaLen : 0x8000 based on experience value
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <[email protected]>
Reviewed-by: Yao Jiewen <[email protected]>
Reviewed-by: Qin Long <[email protected]>
Modified Paths:
--------------
trunk/edk2/SecurityPkg/SecurityPkg.dec
trunk/edk2/SecurityPkg/SecurityPkg.uni
trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c
trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
Modified: trunk/edk2/SecurityPkg/SecurityPkg.dec
===================================================================
--- trunk/edk2/SecurityPkg/SecurityPkg.dec 2016-01-11 08:50:49 UTC (rev
19638)
+++ trunk/edk2/SecurityPkg/SecurityPkg.dec 2016-01-12 00:37:02 UTC (rev
19639)
@@ -5,7 +5,7 @@
# It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library
classes)
# and libraries instances, which are used for those features.
#
-# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP <BR>
# This program and the accompanying materials are licensed and made available
under
# the terms and conditions of the BSD License which accompanies this
distribution.
@@ -389,6 +389,15 @@
#
gEfiSecurityPkgTokenSpaceGuid.PcdRsa2048Sha256PublicKeyBuffer|{0x91, 0x29,
0xc4, 0xbd, 0xea, 0x6d, 0xda, 0xb3, 0xaa, 0x6f, 0x50, 0x16, 0xfc, 0xdb, 0x4b,
0x7e, 0x3c, 0xd6, 0xdc, 0xa4, 0x7a, 0x0e, 0xdd, 0xe6, 0x15, 0x8c, 0x73, 0x96,
0xa2, 0xd4, 0xa6, 0x4d}|VOID*|0x00010013
+ ## This PCD defines minimum length(in bytes) of the system preboot TCG event
log area(LAML).
+ # For PC Client Implementation spec up to and including 1.2 the minimum log
size is 64KB.
+ # @Prompt Minimum length(in bytes) of the system preboot TCG event log
area(LAML).
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen|0x10000|UINT32|0x00010017
+
+ ## This PCD defines length(in bytes) of the TCG2 Final event log area.
+ # @Prompt Length(in bytes) of the TCG2 Final event log area.
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen|0x8000|UINT32|0x00010018
+
[PcdsDynamic, PcdsDynamicEx]
## This PCD indicates Hash mask for TPM 2.0.<BR><BR>
Modified: trunk/edk2/SecurityPkg/SecurityPkg.uni
===================================================================
--- trunk/edk2/SecurityPkg/SecurityPkg.uni 2016-01-11 08:50:49 UTC (rev
19638)
+++ trunk/edk2/SecurityPkg/SecurityPkg.uni 2016-01-12 00:37:02 UTC (rev
19639)
@@ -5,7 +5,7 @@
// It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library
classes)
// and libraries instances, which are used for those features.
//
-// Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
+// Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials are licensed and made available
under
// the terms and conditions of the BSD License which accompanies this
distribution.
@@ -192,3 +192,12 @@
"Bios may choose to register a subset of PcdTpm2HashMask.\n"
"So this PCD is final value of how many hash algo is extended to
PCR."
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcgLogAreaMinLen_PROMPT
#language en-US "Minimum length(in bytes) of the system preboot TCG event log
area(LAML)."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcgLogAreaMinLen_HELP #language
en-US "This PCD defines minimum length(in bytes) of the system preboot TCG
event log area(LAML).\n"
+
"For PC Client Implementation spec up to and including 1.2 the minimum log
size is 64KB."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcg2FinalLogAreaLen_PROMPT
#language en-US "Length(in bytes) of the TCG2 Final event log area."
+
+#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTcg2FinalLogAreaLen_HELP
#language en-US "This PCD defines length(in bytes) of the TCG2 Final event log
area."
+
Modified: trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c 2016-01-11 08:50:49 UTC
(rev 19638)
+++ trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c 2016-01-12 00:37:02 UTC
(rev 19639)
@@ -56,9 +56,6 @@
EFI_GUID *VendorGuid;
} VARIABLE_TYPE;
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-#define EFI_TCG_FINAL_LOG_AREA_SIZE 0x1000
-
#define TCG2_DEFAULT_MAX_COMMAND_SIZE 0x1000
#define TCG2_DEFAULT_MAX_RESPONSE_SIZE 0x1000
@@ -1470,19 +1467,19 @@
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
- mTcgDxeData.EventLogAreaStruct[Index].Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32
(PcdTcgLogAreaMinLen);
//
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
//
// Create first entry for Log Header Entry Data
//
@@ -1571,13 +1568,13 @@
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_FINAL_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcg2FinalLogAreaLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_FINAL_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcg2FinalLogAreaLen), 0xFF);
//
// Initialize
@@ -1588,7 +1585,7 @@
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat =
mTcg2EventInfo[Index].LogFormat;
mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = Lasa +
sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
- mTcgDxeData.FinalEventLogAreaStruct[Index].Laml =
EFI_TCG_FINAL_LOG_AREA_SIZE - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
+ mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = PcdGet32
(PcdTcg2FinalLogAreaLen) - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID
*)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
Modified: trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf 2016-01-11 08:50:49 UTC
(rev 19638)
+++ trunk/edk2/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf 2016-01-12 00:37:02 UTC
(rev 19639)
@@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -100,6 +100,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ##
SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ##
CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks ##
CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ##
CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen ##
CONSUMES
[Depex]
TRUE
Modified: trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.c 2016-01-11 08:50:49 UTC (rev
19638)
+++ trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.c 2016-01-12 00:37:02 UTC (rev
19639)
@@ -53,8 +53,6 @@
#include "TpmComm.h"
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-
#define TCG_DXE_DATA_FROM_THIS(this) \
BASE_CR (this, TCG_DXE_DATA, TcgProtocol)
@@ -653,7 +651,7 @@
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
@@ -664,8 +662,8 @@
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE,
0xFF);
- mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, PcdGet32
(PcdTcgLogAreaMinLen), 0xFF);
+ mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
} else {
Lasa = mTcgServerAcpiTemplate.Lasa;
@@ -673,7 +671,7 @@
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
@@ -684,8 +682,8 @@
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE,
0xFF);
- mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, PcdGet32
(PcdTcgLogAreaMinLen), 0xFF);
+ mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
}
GuidHob.Raw = GetHobList ();
Modified: trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf 2016-01-11 08:50:49 UTC
(rev 19638)
+++ trunk/edk2/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf 2016-01-12 00:37:02 UTC
(rev 19639)
@@ -2,7 +2,7 @@
# Produces TCG protocol and measures boot environment
# This module will produce TCG protocol and measure boot environment.
#
-# Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -75,6 +75,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ##
SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ##
SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ##
SOMETIMES_CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ## CONSUMES
[Depex]
TRUE
Modified: trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c 2016-01-11 08:50:49 UTC
(rev 19638)
+++ trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.c 2016-01-12 00:37:02 UTC
(rev 19639)
@@ -55,8 +55,6 @@
EFI_GUID *VendorGuid;
} VARIABLE_TYPE;
-#define EFI_TCG_LOG_AREA_SIZE 0x10000
-
#define TREE_DEFAULT_MAX_COMMAND_SIZE 0x1000
#define TREE_DEFAULT_MAX_RESPONSE_SIZE 0x1000
@@ -949,19 +947,19 @@
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
- EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
&Lasa
);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
- mTcgDxeData.EventLogAreaStruct[Index].Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32
(PcdTcgLogAreaMinLen);
//
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
- SetMem ((VOID *)(UINTN)Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
+ SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
}
//
@@ -969,10 +967,10 @@
//
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
mTcgClientAcpiTemplate.Lasa = mTcgDxeData.EventLogAreaStruct[0].Lasa;
- mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
} else {
mTcgServerAcpiTemplate.Lasa = mTcgDxeData.EventLogAreaStruct[0].Lasa;
- mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
+ mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
}
//
Modified: trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
===================================================================
--- trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf 2016-01-11 08:50:49 UTC
(rev 19638)
+++ trunk/edk2/SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf 2016-01-12 00:37:02 UTC
(rev 19639)
@@ -7,7 +7,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD
License
# which accompanies this distribution. The full text of the license may be
found at
@@ -94,6 +94,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ##
SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ##
SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ##
SOMETIMES_CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ##
CONSUMES
[Depex]
TRUE
------------------------------------------------------------------------------
Site24x7 APM Insight: Get Deep Visibility into Application Performance
APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month
Monitor end-to-end web transactions and take corrective actions now
Troubleshoot faster and improve end-user experience. Signup Now!
http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
