SecurityPkg: Support CcMeasurementProtocol in DxeTpmMeasurementLib

[mirror_edk2.git] / SecurityPkg / Library / DxeTpmMeasurementLib / DxeTpmMeasurementLib.c

diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
index d014ea4aec081392deabbb4e665867ed75ac84ad..6f287b31fc77a64ba60dae2c1c876d99dc3aa817 100644 (file)
--- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
+++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
@@ -1,5 +1,6 @@
 /** @file\r
-  This library is used by other modules to measure data to TPM.\r
+  This library is used by other modules to measure data to TPM and Confidential\r
+  Computing (CC) measure registers.\r
 \r
 Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved. <BR>\r
 SPDX-License-Identifier: BSD-2-Clause-Patent\r
@@ -19,6 +20,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 \r
 #include <Guid/Acpi.h>\r
 #include <IndustryStandard/Acpi.h>\r
+#include <Protocol/CcMeasurement.h>\r
 \r
 /**\r
   Tpm12 measure and log data, and extend the measurement result into a specific PCR.\r
@@ -35,6 +37,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
   @retval EFI_OUT_OF_RESOURCES  Out of memory.\r
   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.\r
 **/\r
+STATIC\r
 EFI_STATUS\r
 Tpm12MeasureAndLogData (\r
   IN UINT32  PcrIndex,\r
@@ -101,6 +104,7 @@ Tpm12MeasureAndLogData (
   @retval EFI_OUT_OF_RESOURCES  Out of memory.\r
   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.\r
 **/\r
+STATIC\r
 EFI_STATUS\r
 Tpm20MeasureAndLogData (\r
   IN UINT32  PcrIndex,\r
@@ -147,6 +151,73 @@ Tpm20MeasureAndLogData (
   return Status;\r
 }\r
 \r
+/**\r
+  Cc measure and log data, and extend the measurement result into a\r
+  specific CC MR.\r
+\r
+  @param[in]  CcProtocol       Instance of CC measurement protocol\r
+  @param[in]  PcrIndex         PCR Index.\r
+  @param[in]  EventType        Event type.\r
+  @param[in]  EventLog         Measurement event log.\r
+  @param[in]  LogLen           Event log length in bytes.\r
+  @param[in]  HashData         The start of the data buffer to be hashed, extended.\r
+  @param[in]  HashDataLen      The length, in bytes, of the buffer referenced by HashData\r
+\r
+  @retval EFI_SUCCESS           Operation completed successfully.\r
+  @retval EFI_UNSUPPORTED       CC guest not available.\r
+  @retval EFI_OUT_OF_RESOURCES  Out of memory.\r
+  @retval EFI_DEVICE_ERROR      The operation was unsuccessful.\r
+  @retval EFI_INVALID_PARAMETER The input parameter is invalid.\r
+**/\r
+STATIC\r
+EFI_STATUS\r
+CcMeasureAndLogData (\r
+  IN EFI_CC_MEASUREMENT_PROTOCOL  *CcProtocol,\r
+  IN UINT32                       PcrIndex,\r
+  IN UINT32                       EventType,\r
+  IN VOID                         *EventLog,\r
+  IN UINT32                       LogLen,\r
+  IN VOID                         *HashData,\r
+  IN UINT64                       HashDataLen\r
+  )\r
+{\r
+  EFI_STATUS       Status;\r
+  EFI_CC_EVENT     *EfiCcEvent;\r
+  EFI_CC_MR_INDEX  MrIndex;\r
+\r
+  if (CcProtocol == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
+  Status = CcProtocol->MapPcrToMrIndex (CcProtocol, PcrIndex, &MrIndex);\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
+\r
+  EfiCcEvent = (EFI_CC_EVENT *)AllocateZeroPool (LogLen + sizeof (EFI_CC_EVENT));\r
+  if (EfiCcEvent == NULL) {\r
+    return EFI_OUT_OF_RESOURCES;\r
+  }\r
+\r
+  EfiCcEvent->Size                 = (UINT32)LogLen + sizeof (EFI_CC_EVENT) - sizeof (EfiCcEvent->Event);\r
+  EfiCcEvent->Header.HeaderSize    = sizeof (EFI_CC_EVENT_HEADER);\r
+  EfiCcEvent->Header.HeaderVersion = EFI_CC_EVENT_HEADER_VERSION;\r
+  EfiCcEvent->Header.MrIndex       = MrIndex;\r
+  EfiCcEvent->Header.EventType     = EventType;\r
+  CopyMem (&EfiCcEvent->Event[0], EventLog, LogLen);\r
+\r
+  Status = CcProtocol->HashLogExtendEvent (\r
+                         CcProtocol,\r
+                         0,\r
+                         (EFI_PHYSICAL_ADDRESS)(UINTN)HashData,\r
+                         HashDataLen,\r
+                         EfiCcEvent\r
+                         );\r
+  FreePool (EfiCcEvent);\r
+\r
+  return Status;\r
+}\r
+\r
 /**\r
   Tpm measure and log data, and extend the measurement result into a specific PCR.\r
 \r
@@ -173,25 +244,16 @@ TpmMeasureAndLogData (
   IN UINT64  HashDataLen\r
   )\r
 {\r
-  EFI_STATUS  Status;\r
-\r
-  //\r
-  // Try to measure using Tpm20 protocol\r
-  //\r
-  Status = Tpm20MeasureAndLogData (\r
-             PcrIndex,\r
-             EventType,\r
-             EventLog,\r
-             LogLen,\r
-             HashData,\r
-             HashDataLen\r
-             );\r
+  EFI_STATUS                   Status;\r
+  EFI_CC_MEASUREMENT_PROTOCOL  *CcProtocol;\r
 \r
-  if (EFI_ERROR (Status)) {\r
+  Status = gBS->LocateProtocol (&gEfiCcMeasurementProtocolGuid, NULL, (VOID **)&CcProtocol);\r
+  if (!EFI_ERROR (Status)) {\r
     //\r
-    // Try to measure using Tpm1.2 protocol\r
+    // Try to measure using Cc measurement protocol\r
     //\r
-    Status = Tpm12MeasureAndLogData (\r
+    Status = CcMeasureAndLogData (\r
+               CcProtocol,\r
                PcrIndex,\r
                EventType,\r
                EventLog,\r
@@ -199,6 +261,32 @@ TpmMeasureAndLogData (
                HashData,\r
                HashDataLen\r
                );\r
+  } else {\r
+    //\r
+    // Try to measure using Tpm20 protocol\r
+    //\r
+    Status = Tpm20MeasureAndLogData (\r
+               PcrIndex,\r
+               EventType,\r
+               EventLog,\r
+               LogLen,\r
+               HashData,\r
+               HashDataLen\r
+               );\r
+\r
+    if (EFI_ERROR (Status)) {\r
+      //\r
+      // Try to measure using Tpm1.2 protocol\r
+      //\r
+      Status = Tpm12MeasureAndLogData (\r
+                 PcrIndex,\r
+                 EventType,\r
+                 EventLog,\r
+                 LogLen,\r
+                 HashData,\r
+                 HashDataLen\r
+                 );\r
+    }\r
   }\r
 \r
   return Status;\r