git.proxmox.com Git - mirror_edk2.git/commit - SecurityPkg/Tcg/TcgPei/TcgPei.c

SecurityPkg/TcgPei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098)

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

When we allocate pool to save rebased the PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.
The TcgPei calculate the hash and it use the Migrated FV Info.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>

author	Guomin Jiang <guomin.jiang@intel.com>
	Wed, 8 Jul 2020 08:01:14 +0000 (16:01 +0800)
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
	Tue, 28 Jul 2020 01:43:16 +0000 (01:43 +0000)
commit	ffde22468e2f0e93b51f97b801e6c7a181088c61
tree	2431d6093dc51a1812b184007d002488f7209ba7	tree
parent	92c19c68cb8f3f5313ff886c664b9286fb50632d	commit \| diff

SecurityPkg/Tcg/TcgPei/TcgPei.c		diff \| blob \| blame \| history
SecurityPkg/Tcg/TcgPei/TcgPei.inf		diff \| blob \| blame \| history