MdeModulePkg: Variable: Update PCR[7] measure for new TCG spec

Measure DBT into PCR[7] when it is updated between initial measure and
ExitBootService. Measure "SecureBoot" change after PK update.
Spec version : TCG PC Client PFP 00.37. http://www.trustedcomputinggroup.org/wp-content/uploads/PC-ClientSpecific_Platform_Profile_for_TPM_2p0_Systems_v21.pdf

Cc: Star Zeng <star.zeng@intel.com>
Cc: Yao Jiewen <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
index 2f92fae3108aaff575e91b257b8d30ff193bcf43..309521f9236beecdfb5687bd2eee6640f9f48611 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Measurement.c
@@ -1,7 +1,7 @@
 /** @file\r
   Measure TrEE required variable.\r
 \r
 /** @file\r
   Measure TrEE required variable.\r
 \r

-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>\r

 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r


@@ -36,8 +36,16 @@ VARIABLE_TYPE  mVariableType[] = {
   {EFI_KEY_EXCHANGE_KEY_NAME,    &gEfiGlobalVariableGuid},\r
   {EFI_IMAGE_SECURITY_DATABASE,  &gEfiImageSecurityDatabaseGuid},\r
   {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},\r
   {EFI_KEY_EXCHANGE_KEY_NAME,    &gEfiGlobalVariableGuid},\r
   {EFI_IMAGE_SECURITY_DATABASE,  &gEfiImageSecurityDatabaseGuid},\r
   {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},\r

+  {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid},\r

 };\r
 \r
 };\r
 \r

+//\r
+// "SecureBoot" may update following PK Del/Add\r
+//  Cache its value to detect value update\r
+//\r
+UINT8       *mSecureBootVarData    = NULL;\r
+UINTN       mSecureBootVarDataSize = 0;\r
+\r

 /**\r
   This function will return if this variable is SecureBootPolicy Variable.\r
 \r
 /**\r
   This function will return if this variable is SecureBootPolicy Variable.\r
 \r


@@ -251,5 +259,77 @@ SecureBootHook (
     FreePool (VariableData);\r
   }\r
 \r
     FreePool (VariableData);\r
   }\r
 \r

+  //\r
+  // "SecureBoot" is 8bit & read-only. It can only be changed according to PK update\r
+  //\r
+  if ((StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0) &&\r
+       CompareGuid (VendorGuid, &gEfiGlobalVariableGuid)) {\r
+     Status = InternalGetVariable (\r
+                EFI_SECURE_BOOT_MODE_NAME,\r
+                &gEfiGlobalVariableGuid,\r
+                &VariableData,\r
+                &VariableDataSize\r
+                );\r
+     if (EFI_ERROR (Status)) {\r
+       return;\r
+     }\r
+\r
+     //\r
+     // If PK update is successful. "SecureBoot" shall always exist ever since variable write service is ready\r
+     //\r
+     ASSERT(mSecureBootVarData != NULL);\r
+\r
+     if (CompareMem(mSecureBootVarData, VariableData, VariableDataSize) != 0) {\r
+       FreePool(mSecureBootVarData);\r
+       mSecureBootVarData     = VariableData;\r
+       mSecureBootVarDataSize = VariableDataSize;\r
+\r
+       DEBUG((DEBUG_INFO, "%s variable updated according to PK change. Remeasure the value!\n", EFI_SECURE_BOOT_MODE_NAME));\r
+       Status = MeasureVariable (\r
+                  EFI_SECURE_BOOT_MODE_NAME,\r
+                  &gEfiGlobalVariableGuid,\r
+                  mSecureBootVarData,\r
+                  mSecureBootVarDataSize\r
+                  );\r
+       DEBUG ((DEBUG_INFO, "MeasureBootPolicyVariable - %r\n", Status));\r
+     } else {\r
+       //\r
+       // "SecureBoot" variable is not changed\r
+       //\r
+       FreePool(VariableData);\r
+     }\r
+  }\r
+\r

   return ;\r
 }\r
   return ;\r
 }\r

+\r
+/**\r
+  Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc).\r
+  Record their initial State when variable write service is ready.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+RecordSecureBootPolicyVarData(\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS Status;\r
+\r
+  //\r
+  // Record initial "SecureBoot" variable value.\r
+  // It is used to detect SecureBoot variable change in SecureBootHook.\r
+  //\r
+  Status = InternalGetVariable (\r
+             EFI_SECURE_BOOT_MODE_NAME,\r
+             &gEfiGlobalVariableGuid,\r
+             (VOID **)&mSecureBootVarData,\r
+             &mSecureBootVarDataSize\r
+             );\r
+  if (EFI_ERROR(Status)) {\r
+    //\r
+    // Read could fail when Auth Variable solution is not supported\r
+    //\r
+    DEBUG((DEBUG_INFO, "RecordSecureBootPolicyVarData GetVariable %s Status %x\n", EFI_SECURE_BOOT_MODE_NAME, Status));\r
+  }\r
+}\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
index 3d3cd24e0dd0fa6be5431296a89e68ff381cdd87..fe1b2b588cb98d1314bcbd695169fda1cde958e6 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableDxe.c
@@ -3,7 +3,7 @@
   and volatile storage space and install variable architecture protocol.\r
 \r
 Copyright (C) 2013, Red Hat, Inc.\r
   and volatile storage space and install variable architecture protocol.\r
 \r
 Copyright (C) 2013, Red Hat, Inc.\r

-Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>\r

 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 (C) Copyright 2015 Hewlett Packard Enterprise Development LP<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r


@@ -31,6 +31,17 @@ EDKII_VAR_CHECK_PROTOCOL            mVarCheck                  = { VarCheckRegis
                                                                     VarCheckVariablePropertySet,\r
                                                                     VarCheckVariablePropertyGet };\r
 \r
                                                                     VarCheckVariablePropertySet,\r
                                                                     VarCheckVariablePropertyGet };\r
 \r

+/**\r
+  Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc).\r
+  Record their initial State when variable write service is ready.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+RecordSecureBootPolicyVarData(\r
+  VOID\r
+  );\r
+\r

 /**\r
   Return TRUE if ExitBootServices () has been called.\r
 \r
 /**\r
   Return TRUE if ExitBootServices () has been called.\r
 \r


@@ -414,6 +425,12 @@ FtwNotificationEvent (
     DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));\r
   }\r
 \r
     DEBUG ((DEBUG_ERROR, "Variable write service initialization failed. Status = %r\n", Status));\r
   }\r
 \r

+  //\r
+  // Some Secure Boot Policy Var (SecureBoot, etc) updates following other\r
+  // Secure Boot Policy Variable change. Record their initial value.\r
+  //\r
+  RecordSecureBootPolicyVarData();\r
+\r

   //\r
   // Install the Variable Write Architectural protocol.\r
   //\r
   //\r
   // Install the Variable Write Architectural protocol.\r
   //\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
index 6214966c458be9cf3f37aa6097bd0295040b86fb..bc24a251c894731022a2cd809b9f970de9ee6ad6 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableRuntimeDxe.inf
@@ -9,7 +9,7 @@
 #  This external input must be validated carefully to avoid security issues such as\r
 #  buffer overflow or integer overflow.\r
 #\r
 #  This external input must be validated carefully to avoid security issues such as\r
 #  buffer overflow or integer overflow.\r
 #\r

-# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>\r

 # This program and the accompanying materials\r
 # are licensed and made available under the terms and conditions of the BSD License\r
 # which accompanies this distribution. The full text of the license may be found at\r
 # This program and the accompanying materials\r
 # are licensed and made available under the terms and conditions of the BSD License\r
 # which accompanies this distribution. The full text of the license may be found at\r


@@ -94,6 +94,9 @@
   ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"\r
   ## SOMETIMES_CONSUMES   ## Variable:L"Lang"\r
   ## SOMETIMES_PRODUCES   ## Variable:L"Lang"\r
   ## SOMETIMES_PRODUCES   ## Variable:L"PlatformLang"\r
   ## SOMETIMES_CONSUMES   ## Variable:L"Lang"\r
   ## SOMETIMES_PRODUCES   ## Variable:L"Lang"\r

+  ## SOMETIMES_CONSUMES   ## Variable:L"PK"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"KEK"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"SecureBoot"\r

   gEfiGlobalVariableGuid\r
 \r
   gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ## Variable:L"MemoryOverwriteRequestControl"\r
   gEfiGlobalVariableGuid\r
 \r
   gEfiMemoryOverwriteControlDataGuid            ## SOMETIMES_CONSUMES   ## Variable:L"MemoryOverwriteRequestControl"\r


@@ -108,8 +111,9 @@
   ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"\r
   gEdkiiVarErrorFlagGuid\r
 \r
   ## SOMETIMES_PRODUCES   ## Variable:L"VarErrorFlag"\r
   gEdkiiVarErrorFlagGuid\r
 \r

-  ## SOMETIMES_CONSUMES   ## Variable:L"DB"\r
-  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"db"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"dbx"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"dbt"\r

   gEfiImageSecurityDatabaseGuid\r
 \r
 [Pcd]\r
   gEfiImageSecurityDatabaseGuid\r
 \r
 [Pcd]\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
index 0a076ae4675ad6167869fff58aca7c51bcbb66d4..e209d54755ef1bec8f1b47ffa2b20f0533b1915d 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.c
@@ -13,7 +13,7 @@
 \r
   InitCommunicateBuffer() is really function to check the variable data size.\r
 \r
 \r
   InitCommunicateBuffer() is really function to check the variable data size.\r
 \r

-Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>\r

 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r


@@ -70,6 +70,17 @@ SecureBootHook (
   IN EFI_GUID                               *VendorGuid\r
   );\r
 \r
   IN EFI_GUID                               *VendorGuid\r
   );\r
 \r

+/**\r
+  Some Secure Boot Policy Variable may update following other variable changes(SecureBoot follows PK change, etc).\r
+  Record their initial State when variable write service is ready.\r
+\r
+**/\r
+VOID\r
+EFIAPI\r
+RecordSecureBootPolicyVarData(\r
+  VOID\r
+  );\r
+\r

 /**\r
   Acquires lock only at boot time. Simply returns at runtime.\r
 \r
 /**\r
   Acquires lock only at boot time. Simply returns at runtime.\r
 \r


@@ -1079,6 +1090,12 @@ SmmVariableWriteReady (
     return;\r
   }\r
 \r
     return;\r
   }\r
 \r

+  //\r
+  // Some Secure Boot Policy Var (SecureBoot, etc) updates following other\r
+  // Secure Boot Policy Variable change.  Record their initial value.\r
+  //\r
+  RecordSecureBootPolicyVarData();\r
+\r

   Status = gBS->InstallProtocolInterface (\r
                   &mHandle,\r
                   &gEfiVariableWriteArchProtocolGuid,\r
   Status = gBS->InstallProtocolInterface (\r
                   &mHandle,\r
                   &gEfiVariableWriteArchProtocolGuid,\r

diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
index 82ddb00a19c17918b407f82196216501cfbd3668..9975f5ae1d6e9be5844f0689a2019aade5fcae7f 100644 (file)
--- a/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
+++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/VariableSmmRuntimeDxe.inf
@@ -13,7 +13,7 @@
 #  may not be modified without authorization. If platform fails to protect these resources,\r
 #  the authentication service provided in this driver will be broken, and the behavior is undefined.\r
 #\r
 #  may not be modified without authorization. If platform fails to protect these resources,\r
 #  the authentication service provided in this driver will be broken, and the behavior is undefined.\r
 #\r

-# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>\r

 # This program and the accompanying materials\r
 # are licensed and made available under the terms and conditions of the BSD License\r
 # which accompanies this distribution. The full text of the license may be found at\r
 # This program and the accompanying materials\r
 # are licensed and made available under the terms and conditions of the BSD License\r
 # which accompanies this distribution. The full text of the license may be found at\r


@@ -81,8 +81,9 @@
   ## SOMETIMES_CONSUMES   ## Variable:L"SecureBoot"\r
   gEfiGlobalVariableGuid\r
 \r
   ## SOMETIMES_CONSUMES   ## Variable:L"SecureBoot"\r
   gEfiGlobalVariableGuid\r
 \r

-  ## SOMETIMES_CONSUMES   ## Variable:L"DB"\r
-  ## SOMETIMES_CONSUMES   ## Variable:L"DBX"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"db"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"dbx"\r
+  ## SOMETIMES_CONSUMES   ## Variable:L"dbt"\r

   gEfiImageSecurityDatabaseGuid\r
 \r
 [Depex]\r
   gEfiImageSecurityDatabaseGuid\r
 \r
 [Depex]\r