]> git.proxmox.com Git - mirror_edk2.git/commit
projects / mirror_edk2.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4b68cef) | patch
SecurityPkg/Tcg2Pei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098)
authorGuomin Jiang <guomin.jiang@intel.com>
Mon, 29 Jun 2020 06:50:21 +0000 (14:50 +0800)
committermergify[bot] <37929162+mergify[bot]@users.noreply.github.com>
Tue, 28 Jul 2020 01:43:16 +0000 (01:43 +0000)
commit012809cdca4b876e675cbd181fee213133858a5e
treee2ef7add66353f3c5d19518c57d24e2af7fde62etree
parent4b68cef04c70d8fd8a9bf745fc649c84d67531e8commit | diff
SecurityPkg/Tcg2Pei: Use Migrated FV Info Hob for calculating hash (CVE-2019-11098)

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1614

When we allocate pool to save rebased the PEIMs, the address will change
randomly, therefore the hash will change and result PCR0 change as well.
To avoid this, we save the raw PEIMs and use it to calculate hash.
The Tcg2Pei calculate the hash and it use the Migrated FV Info.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Signed-off-by: Guomin Jiang <guomin.jiang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Qi Zhang <qi1.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c diff | blob | blame | history
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf diff | blob | blame | history
EFI Development Kit II mirror for PVE