What to do: 1. Move TpmMeasurementLib LibraryClass from SecurityPkg to MdeModulePkg. 2. Implement a NULL TpmMeasurementLib library instance.
Why to do: 1. Share code. We are moving forward to separate auth variable service from Auth Variable driver in SecurityPkg to AuthVariableLib. Then the AuthVariableLib could benefit and be used by different implementation of Auth Variable drivers. 2. Remove code duplication and reduce maintenance effort. After auth variable service separated from Auth Variable driver in SecurityPkg to AuthVariableLib. The remaining code logic of Auth Variable driver in SecurityPkg will be almost same with Variable driver in MdeModulePkg. We are going to merge them. 3. TpmMeasurementLib is consumed by Auth Variable driver in SecurityPkg now, as Auth Variable driver in SecurityPkg will be merged to Variable driver in MdeModulePkg, so the library class also needs to be moved to MdeModulePkg. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.z...@intel.com> Reviewed-by: Jiewen Yao <jiewen....@intel.com> Reviewed-by: Liming Gao <liming....@intel.com> --- MdeModulePkg/Include/Library/TpmMeasurementLib.h | 44 ++++++++++++++++++++ .../TpmMeasurementLibNull/TpmMeasurementLibNull.c | 45 +++++++++++++++++++++ .../TpmMeasurementLibNull.inf | 34 ++++++++++++++++ .../TpmMeasurementLibNull.uni | Bin 0 -> 1654 bytes MdeModulePkg/MdeModulePkg.dec | 4 ++ MdeModulePkg/MdeModulePkg.dsc | 2 + 6 files changed, 129 insertions(+) create mode 100644 MdeModulePkg/Include/Library/TpmMeasurementLib.h create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf create mode 100644 MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.uni diff --git a/MdeModulePkg/Include/Library/TpmMeasurementLib.h b/MdeModulePkg/Include/Library/TpmMeasurementLib.h new file mode 100644 index 0000000..45542f4 --- /dev/null +++ b/MdeModulePkg/Include/Library/TpmMeasurementLib.h @@ -0,0 +1,44 @@ +/** @file + This library is used by other modules to measure data to TPM. + +Copyright (c) 2012, Intel Corporation. All rights reserved. <BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _TPM_MEASUREMENT_LIB_H_ +#define _TPM_MEASUREMENT_LIB_H_ + +/** + Tpm measure and log data, and extend the measurement result into a specific PCR. + + @param[in] PcrIndex PCR Index. + @param[in] EventType Event type. + @param[in] EventLog Measurement event log. + @param[in] LogLen Event log length in bytes. + @param[in] HashData The start of the data buffer to be hashed, extended. + @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +**/ +EFI_STATUS +EFIAPI +TpmMeasureAndLogData ( + IN UINT32 PcrIndex, + IN UINT32 EventType, + IN VOID *EventLog, + IN UINT32 LogLen, + IN VOID *HashData, + IN UINT64 HashDataLen + ); + +#endif diff --git a/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c b/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c new file mode 100644 index 0000000..16221e9 --- /dev/null +++ b/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.c @@ -0,0 +1,45 @@ +/** @file + This library is used by other modules to measure data to TPM. + +Copyright (c) 2015, Intel Corporation. All rights reserved. <BR> +This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +/** + Tpm measure and log data, and extend the measurement result into a specific PCR. + + @param[in] PcrIndex PCR Index. + @param[in] EventType Event type. + @param[in] EventLog Measurement event log. + @param[in] LogLen Event log length in bytes. + @param[in] HashData The start of the data buffer to be hashed, extended. + @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +**/ +EFI_STATUS +EFIAPI +TpmMeasureAndLogData ( + IN UINT32 PcrIndex, + IN UINT32 EventType, + IN VOID *EventLog, + IN UINT32 LogLen, + IN VOID *HashData, + IN UINT64 HashDataLen + ) +{ + // + // Do nothing, just return EFI_SUCCESS. + // + return EFI_SUCCESS; +} diff --git a/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf b/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf new file mode 100644 index 0000000..fef783a --- /dev/null +++ b/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf @@ -0,0 +1,34 @@ +## @file +# Provides NULL TPM measurement function. +# +# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> +# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = TpmMeasurementLibNull + FILE_GUID = 6DFD6E9F-9278-48D8-8F45-B6CFF2C2B69C + MODULE_TYPE = UEFI_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = TpmMeasurementLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + MODULE_UNI_FILE = TpmMeasurementLibNull.uni + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 IPF +# + +[Sources] + TpmMeasurementLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec diff --git a/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.uni b/MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.uni new file mode 100644 index 0000000000000000000000000000000000000000..71a2b1f392d8b13bf7afeeb6558a9065b8e4075b GIT binary patch literal 1654 zcmchXPjAye5XI+=#CNdL3!pXuBrXUc5@Nuj)KTK7aH^btt);|?oY0alPy2hj*iND# zaX^)2@9xa(n>TM~egC^<Eem*G@C5e3W|rC9ruNjHV3n_Dg)QwC`vm(M%Y_Z?oF}jZ z?>EK;o)q6tVyAAE+Xnj#OKxN485p@WE8NG!|48PQZDE$#wcR*g&*1bNey{DNy|OoU z$~=PK2KIC2+EcJg-*kt4U~T-0sL`Z|s$TOJ=rl#AroFR{_3izUdJ{NgPRAATOE@XV z0+bX66UGe@Q@0+&bBS-|d|USA#7l3nQofAY9JE@`6sva6@r{|~j+t;veC^g*%5uxA z6Hjf#S2mrPyan@;iO;ogtV<LzQ)E`@BPEucdA+Y=1M9Lr-{Vqqy>nWO`HIVawHX|Q zC=OmP<yx~=)gyS;U8PR+nyKUb35oMBVh%a&>*BTC5;bzwsFAV!-VUDY`oPU5Y* z7wRdmt>O!(bd$XW=hHgSevM@W^NF1uc$%Qx@YaeX_QgWj^yr@0KJ#t68y2BtfR-8) ztP%Y+WEMJohuq07^FA>pLalv7KZisN9CFM|eXMVTQMf{FFm~KptJ57$m-vMmyNrQd z64iIiF0e<S3L|#e`>e!WHswr+RgALws87Ty`wzyic*I=yFZ`3mR}tFx3a3Vo(4t2- zDQEZS-$ehhmg6o>^`2Bc<L{2w?+T<C4E@PMyMmGQlCo{oO5pRi=Y%uV9k}M)Q@*-0 o>Vz|}#Iym!|M$miRJHtD9qNJs6{tgcmGZ}GdE7dh=u)1@18S@P%m4rY literal 0 HcmV?d00001 diff --git a/MdeModulePkg/MdeModulePkg.dec b/MdeModulePkg/MdeModulePkg.dec index 14e27a2..e87e89a 100644 --- a/MdeModulePkg/MdeModulePkg.dec +++ b/MdeModulePkg/MdeModulePkg.dec @@ -111,6 +111,10 @@ ## @libraryclass Provides core boot manager functions PlatformBootManagerLib|Include/Library/PlatformBootManagerLib.h + ## @libraryclass Provides common interfaces about TPM measurement for other modules. + # + TpmMeasurementLib|Include/Library/TpmMeasurementLib.h + [Guids] ## MdeModule package token space guid # Include/Guid/MdeModulePkgTokenSpace.h diff --git a/MdeModulePkg/MdeModulePkg.dsc b/MdeModulePkg/MdeModulePkg.dsc index f718b3e..3b1ace9 100644 --- a/MdeModulePkg/MdeModulePkg.dsc +++ b/MdeModulePkg/MdeModulePkg.dsc @@ -95,6 +95,7 @@ S3BootScriptLib|MdeModulePkg/Library/PiDxeS3BootScriptLib/DxeS3BootScriptLib.inf CpuExceptionHandlerLib|MdeModulePkg/Library/CpuExceptionHandlerLibNull/CpuExceptionHandlerLibNull.inf PlatformBootManagerLib|MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLibNull.inf + TpmMeasurementLib|MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf [LibraryClasses.EBC.PEIM] IoLib|MdePkg/Library/PeiIoLibCpuIo/PeiIoLibCpuIo.inf @@ -273,6 +274,7 @@ MdeModulePkg/Library/PeiDxeDebugLibReportStatusCode/PeiDxeDebugLibReportStatusCode.inf MdeModulePkg/Library/UefiBootManagerLib/UefiBootManagerLib.inf MdeModulePkg/Library/PlatformBootManagerLibNull/PlatformBootManagerLibNull.inf + MdeModulePkg/Library/TpmMeasurementLibNull/TpmMeasurementLibNull.inf MdeModulePkg/Universal/BdsDxe/BdsDxe.inf MdeModulePkg/Application/BootManagerMenuApp/BootManagerMenuApp.inf -- 1.9.5.msysgit.0 ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
