SecurityPkg/TdTcg2Dxe: Extend EFI boot variable to PCR[1]

According to TCG PC Client PFP spec 0021 Section 2.4.4.2 EFI boot variable
should be measured and extended to PCR[1], not PCR[5]. This patch is
proposed to fix this error.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Signed-off-by: Min Xu <min.m.xu@intel.com>

diff --git a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
index d19923b0c682628f5e7bba0013fcb088124969c3..59341a8c0250f9d878dee06849855b35be2d30fd 100644 (file)
--- a/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
+++ b/SecurityPkg/Tcg/TdTcg2Dxe/TdTcg2Dxe.c
@@ -1873,12 +1873,8 @@ ReadAndMeasureBootVariable (
   OUT     VOID      **VarData\r
   )\r
 {\r
-  //\r
-  // Boot variables are measured into (PCR[5]) RTMR[1],\r
-  // details in section 8.1 of TDVF design guide.\r
-  //\r
   return ReadAndMeasureVariable (\r
-           MapPcrToMrIndex (5),\r
+           MapPcrToMrIndex (1),\r
            EV_EFI_VARIABLE_BOOT,\r
            VarName,\r
            VendorGuid,\r