X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=blobdiff_plain;f=SecurityPkg%2FLibrary%2FDxeTpmMeasureBootLib%2FDxeTpmMeasureBootLib.c;h=4e4a90f9da625145bcb723080108674aa0545a3d;hp=9b13806e892c23f7fbc4e3d1af309bdd709138c2;hb=f199664ce70b6b1303329113bf9fbc9b002fa1b6;hpb=2aadc9205b8c1ea8b002e2bc05dcaed7b1505121
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
index 9b13806e89..4e4a90f9da 100644
--- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
+++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c
@@ -1,5 +1,5 @@
/** @file
- The library instance provides security service of TPM measure boot.
+ The library instance provides security service of TPM measure boot.
Caution: This file requires additional review when modified.
This library will have external input - PE/COFF image and GPT partition.
@@ -15,13 +15,13 @@
TcgMeasureGptTable() function will receive untrusted GPT partition table, and parse
partition data carefully.
-Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
+Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
+This program and the accompanying materials
+are licensed and made available under the terms and conditions of the BSD License
+which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -31,10 +31,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include
#include
#include
-#include
#include
-#include
+#include
#include
#include
@@ -51,15 +50,14 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
// Flag to check GPT partition. It only need be measured once.
//
BOOLEAN mMeasureGptTableFlag = FALSE;
-EFI_GUID mZeroGuid = {0, 0, 0, {0, 0, 0, 0, 0, 0, 0, 0}};
UINTN mMeasureGptCount = 0;
VOID *mFileBuffer;
-UINTN mImageSize;
+UINTN mTpmImageSize;
//
// Measured FV handle cache
//
EFI_HANDLE mCacheMeasuredHandle = NULL;
-UINT32 *mGuidHobData = NULL;
+MEASURED_HOB_DATA *mMeasuredHobData = NULL;
/**
Reads contents of a PE/COFF image in memory buffer.
@@ -70,11 +68,11 @@ UINT32 *mGuidHobData = NULL;
@param FileHandle Pointer to the file handle to read the PE/COFF image.
@param FileOffset Offset into the PE/COFF image to begin the read operation.
- @param ReadSize On input, the size in bytes of the requested read operation.
+ @param ReadSize On input, the size in bytes of the requested read operation.
On output, the number of bytes actually read.
@param Buffer Output buffer that contains the data read from the PE/COFF image.
-
- @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
+
+ @retval EFI_SUCCESS The specified portion of the PE/COFF image was read and the size
**/
EFI_STATUS
EFIAPI
@@ -96,11 +94,11 @@ DxeTpmMeasureBootLibImageRead (
}
EndPosition = FileOffset + *ReadSize;
- if (EndPosition > mImageSize) {
- *ReadSize = (UINT32)(mImageSize - FileOffset);
+ if (EndPosition > mTpmImageSize) {
+ *ReadSize = (UINT32)(mTpmImageSize - FileOffset);
}
- if (FileOffset >= mImageSize) {
+ if (FileOffset >= mTpmImageSize) {
*ReadSize = 0;
}
@@ -159,11 +157,11 @@ TcgMeasureGptTable (
}
//
// Read the EFI Partition Table Header
- //
+ //
PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
if (PrimaryHeader == NULL) {
return EFI_OUT_OF_RESOURCES;
- }
+ }
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
@@ -175,7 +173,7 @@ TcgMeasureGptTable (
DEBUG ((EFI_D_ERROR, "Failed to Read Partition Table Header!\n"));
FreePool (PrimaryHeader);
return EFI_DEVICE_ERROR;
- }
+ }
//
// Read the partition entry.
//
@@ -196,23 +194,23 @@ TcgMeasureGptTable (
FreePool (EntryPtr);
return EFI_DEVICE_ERROR;
}
-
+
//
// Count the valid partition
//
PartitionEntry = (EFI_PARTITION_ENTRY *)EntryPtr;
NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
- if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {
- NumberOfPartition++;
+ if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
+ NumberOfPartition++;
}
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
//
// Prepare Data for Measurement
- //
- EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ //
+ EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
if (TcgEvent == NULL) {
@@ -224,11 +222,11 @@ TcgMeasureGptTable (
TcgEvent->PCRIndex = 5;
TcgEvent->EventType = EV_EFI_GPT_EVENT;
TcgEvent->EventSize = EventSize;
- GptData = (EFI_GPT_DATA *) TcgEvent->Event;
+ GptData = (EFI_GPT_DATA *) TcgEvent->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
- //
+ //
CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
GptData->NumberOfPartitions = NumberOfPartition;
//
@@ -237,7 +235,7 @@ TcgMeasureGptTable (
PartitionEntry = (EFI_PARTITION_ENTRY*)EntryPtr;
NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
- if (!CompareGuid (&PartitionEntry->PartitionTypeGUID, &mZeroGuid)) {
+ if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
CopyMem (
(UINT8 *)&GptData->Partitions + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry,
(UINT8 *)PartitionEntry,
@@ -280,6 +278,9 @@ TcgMeasureGptTable (
PE/COFF image is external input, so this function will validate its data structure
within this image buffer before use.
+ Notes: PE/COFF image has been checked by BasePeCoffLib PeCoffLoaderGetImageInfo() in
+ its caller function DxeTpmMeasureBootHandler().
+
@param[in] TcgProtocol Pointer to the located TCG protocol instance.
@param[in] ImageAddress Start address of image buffer.
@param[in] ImageSize Image size
@@ -289,7 +290,7 @@ TcgMeasureGptTable (
@retval EFI_SUCCESS Successfully measure image.
@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
- @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
+ @retval EFI_UNSUPPORTED ImageType is unsupported or PE image is mal-format.
@retval other error value
**/
@@ -319,7 +320,6 @@ TcgMeasurePeImage (
EFI_IMAGE_SECTION_HEADER *SectionHeader;
UINTN Index;
UINTN Pos;
- UINT16 Magic;
UINT32 EventSize;
UINT32 EventNumber;
EFI_PHYSICAL_ADDRESS EventLogLastEntry;
@@ -372,7 +372,9 @@ TcgMeasurePeImage (
ImageLoad->ImageLengthInMemory = ImageSize;
ImageLoad->ImageLinkTimeAddress = LinkTimeBase;
ImageLoad->LengthOfDevicePath = FilePathSize;
- CopyMem (ImageLoad->DevicePath, FilePath, FilePathSize);
+ if ((FilePath != NULL) && (FilePathSize != 0)) {
+ CopyMem (ImageLoad->DevicePath, FilePath, FilePathSize);
+ }
//
// Check PE/COFF image
@@ -415,44 +417,30 @@ TcgMeasurePeImage (
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
- if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
- //
- // NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
- // in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
- // Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
- // then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
- //
- Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
- } else {
- //
- // Get the magic value from the PE/COFF Optional Header
- //
- Magic = Hdr.Pe32->OptionalHeader.Magic;
- }
-
+
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = (UINT8 *) (UINTN) ImageAddress;
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;
- HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.CheckSum) - HashBase);
+ HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
} else {
//
// Use PE32+ offset
//
NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
- HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - HashBase);
+ HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;
}
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
goto Finish;
- }
+ }
//
// 5. Skip over the image checksum (it occupies a single ULONG).
@@ -462,7 +450,7 @@ TcgMeasurePeImage (
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -481,23 +469,23 @@ TcgMeasurePeImage (
if (!HashStatus) {
goto Finish;
}
- }
+ }
} else {
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
+ HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
} else {
//
// Use PE32+ offset
- //
+ //
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
+ HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
}
if (HashSize != 0) {
@@ -511,7 +499,7 @@ TcgMeasurePeImage (
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -524,7 +512,7 @@ TcgMeasurePeImage (
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
}
-
+
if (HashSize != 0) {
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
@@ -536,7 +524,7 @@ TcgMeasurePeImage (
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header
//
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
@@ -618,7 +606,7 @@ TcgMeasurePeImage (
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
- if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
+ if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
@@ -664,6 +652,14 @@ TcgMeasurePeImage (
&EventNumber,
&EventLogLastEntry
);
+ if (Status == EFI_OUT_OF_RESOURCES) {
+ //
+ // Out of resource here means the image is hashed and its result is extended to PCR.
+ // But the event log cann't be saved since log area is full.
+ // Just return EFI_SUCCESS in order not to block the image load.
+ //
+ Status = EFI_SUCCESS;
+ }
Finish:
FreePool (TcgEvent);
@@ -679,27 +675,27 @@ Finish:
}
/**
- The security handler is used to abstract platform-specific policy
- from the DXE core response to an attempt to use a file that returns a
- given status for the authentication check from the section extraction protocol.
+ The security handler is used to abstract platform-specific policy
+ from the DXE core response to an attempt to use a file that returns a
+ given status for the authentication check from the section extraction protocol.
- The possible responses in a given SAP implementation may include locking
- flash upon failure to authenticate, attestation logging for all signed drivers,
- and other exception operations. The File parameter allows for possible logging
+ The possible responses in a given SAP implementation may include locking
+ flash upon failure to authenticate, attestation logging for all signed drivers,
+ and other exception operations. The File parameter allows for possible logging
within the SAP of the driver.
If File is NULL, then EFI_INVALID_PARAMETER is returned.
- If the file specified by File with an authentication status specified by
+ If the file specified by File with an authentication status specified by
AuthenticationStatus is safe for the DXE Core to use, then EFI_SUCCESS is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use under any circumstances,
then EFI_ACCESS_DENIED is returned.
- If the file specified by File with an authentication status specified by
- AuthenticationStatus is not safe for the DXE Core to use right now, but it
- might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
+ If the file specified by File with an authentication status specified by
+ AuthenticationStatus is not safe for the DXE Core to use right now, but it
+ might be possible to use it at a future time, then EFI_SECURITY_VIOLATION is
returned.
@param[in] AuthenticationStatus This is the authentication status returned
@@ -740,7 +736,6 @@ DxeTpmMeasureBootHandler (
PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
EFI_FIRMWARE_VOLUME_BLOCK_PROTOCOL *FvbProtocol;
EFI_PHYSICAL_ADDRESS FvAddress;
- EFI_PLATFORM_FIRMWARE_BLOB *TrustedFvBuf;
UINT32 Index;
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol);
@@ -754,13 +749,13 @@ DxeTpmMeasureBootHandler (
ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
Status = TcgProtocol->StatusCheck (
- TcgProtocol,
+ TcgProtocol,
&ProtocolCapability,
&TCGFeatureFlags,
&EventLogLocation,
&EventLogLastEntry
);
- if (EFI_ERROR (Status) || ProtocolCapability.TPMDeactivatedFlag) {
+ if (EFI_ERROR (Status) || ProtocolCapability.TPMDeactivatedFlag || (!ProtocolCapability.TPMPresentFlag)) {
//
// TPM device doesn't work or activate.
//
@@ -771,7 +766,7 @@ DxeTpmMeasureBootHandler (
// Copy File Device Path
//
OrigDevicePathNode = DuplicateDevicePath (File);
-
+
//
// 1. Check whether this device path support BlockIo protocol.
// Is so, this device path may be a GPT device path.
@@ -792,8 +787,8 @@ DxeTpmMeasureBootHandler (
DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP) {
//
// Check whether it is a gpt partition or not
- //
- if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
+ //
+ if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
//
@@ -828,7 +823,7 @@ DxeTpmMeasureBootHandler (
DevicePathNode = NextDevicePathNode (DevicePathNode);
}
}
-
+
//
// 2. Measure PE image.
//
@@ -848,23 +843,23 @@ DxeTpmMeasureBootHandler (
return EFI_SUCCESS;
}
//
- // The PE image from untrusted Firmware volume need be measured
- // The PE image from trusted Firmware volume will be mearsured according to policy below.
- // if it is driver, do not measure
+ // The PE image from unmeasured Firmware volume need be measured
+ // The PE image from measured Firmware volume will be mearsured according to policy below.
+ // If it is driver, do not measure
// If it is application, still measure.
//
ApplicationRequired = TRUE;
- if (mCacheMeasuredHandle != Handle && mGuidHobData != NULL) {
+ if (mCacheMeasuredHandle != Handle && mMeasuredHobData != NULL) {
//
// Search for Root FV of this PE image
//
TempHandle = Handle;
do {
Status = gBS->HandleProtocol(
- TempHandle,
+ TempHandle,
&gEfiFirmwareVolumeBlockProtocolGuid,
- &FvbProtocol
+ (VOID**)&FvbProtocol
);
TempHandle = FvbProtocol->ParentHandle;
} while (!EFI_ERROR(Status) && FvbProtocol->ParentHandle != NULL);
@@ -877,11 +872,10 @@ DxeTpmMeasureBootHandler (
return Status;
}
- TrustedFvBuf = (EFI_PLATFORM_FIRMWARE_BLOB *)(mGuidHobData + 1);
ApplicationRequired = FALSE;
- for (Index = 0; Index < *mGuidHobData; Index++) {
- if(TrustedFvBuf[Index].BlobBase == FvAddress) {
+ for (Index = 0; Index < mMeasuredHobData->Num; Index++) {
+ if(mMeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
//
// Cache measured FV for next measurement
//
@@ -901,7 +895,7 @@ DxeTpmMeasureBootHandler (
goto Finish;
}
- mImageSize = FileSize;
+ mTpmImageSize = FileSize;
mFileBuffer = FileBuffer;
//
@@ -922,33 +916,26 @@ DxeTpmMeasureBootHandler (
//
goto Finish;
}
-
+
//
// Measure only application if Application flag is set
// Measure drivers and applications if Application flag is not set
//
- if ((!ApplicationRequired) ||
- (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+ if ((!ApplicationRequired) ||
+ (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
//
// Print the image path to be measured.
- //
+ //
DEBUG_CODE_BEGIN ();
CHAR16 *ToText;
- EFI_DEVICE_PATH_TO_TEXT_PROTOCOL *DevPathToText;
- Status = gBS->LocateProtocol (
- &gEfiDevicePathToTextProtocolGuid,
- NULL,
- (VOID **) &DevPathToText
- );
- if (!EFI_ERROR (Status)) {
- ToText = DevPathToText->ConvertDevicePathToText (
- DevicePathNode,
- FALSE,
- TRUE
- );
- if (ToText != NULL) {
- DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
- }
+ ToText = ConvertDevicePathToText (
+ DevicePathNode,
+ FALSE,
+ TRUE
+ );
+ if (ToText != NULL) {
+ DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
+ FreePool (ToText);
}
DEBUG_CODE_END ();
@@ -957,10 +944,10 @@ DxeTpmMeasureBootHandler (
//
Status = TcgMeasurePeImage (
TcgProtocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
- FileSize,
- (UINTN) ImageContext.ImageAddress,
- ImageContext.ImageType,
+ (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+ FileSize,
+ (UINTN) ImageContext.ImageAddress,
+ ImageContext.ImageType,
DevicePathNode
);
}
@@ -996,10 +983,10 @@ DxeTpmMeasureBootLibConstructor (
GuidHob = NULL;
- GuidHob = GetFirstGuidHob (&gTrustedFvHobGuid);
+ GuidHob = GetFirstGuidHob (&gMeasuredFvHobGuid);
if (GuidHob != NULL) {
- mGuidHobData = GET_GUID_HOB_DATA (GuidHob);
+ mMeasuredHobData = GET_GUID_HOB_DATA (GuidHob);
}
return RegisterSecurity2Handler (