From 387208ab04f54edb75c0853cf1ba1443bd796347 Mon Sep 17 00:00:00 2001 From: Star Zeng Date: Tue, 15 Apr 2014 09:19:04 +0000 Subject: [PATCH] MdeModulePkg/SecurityPkg: Update TreePei to handle FvInfo2 and update FwVol of PeiCore to always install both FvInfo and FvInfo2. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng Reviewed-by: Liming Gao Reviewed-by: Chao Zhang git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15467 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Core/Pei/FwVol/FwVol.c | 19 +++++++++++++++++-- SecurityPkg/Tcg/TcgPei/TcgPei.c | 9 +++++++++ SecurityPkg/Tcg/TrEEPei/TrEEPei.c | 15 +++++++++++++++ SecurityPkg/Tcg/TrEEPei/TrEEPei.inf | 1 + 4 files changed, 42 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c index ec855a8df4..fe876ed393 100644 --- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c +++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c @@ -1,7 +1,7 @@ /** @file Pei Core Firmware File System service routines. -Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -525,6 +525,7 @@ FirmwareVolmeInfoPpiNotifyCallback ( UINTN FvIndex; EFI_PEI_FILE_HANDLE FileHandle; VOID *DepexData; + BOOLEAN IsFvInfo2; Status = EFI_SUCCESS; PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices); @@ -540,12 +541,14 @@ FirmwareVolmeInfoPpiNotifyCallback ( // It is FvInfo2PPI. // CopyMem (&FvInfo2Ppi, Ppi, sizeof (EFI_PEI_FIRMWARE_VOLUME_INFO2_PPI)); + IsFvInfo2 = TRUE; } else { // // It is FvInfoPPI. // CopyMem (&FvInfo2Ppi, Ppi, sizeof (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI)); FvInfo2Ppi.AuthenticationStatus = 0; + IsFvInfo2 = FALSE; } // @@ -572,6 +575,10 @@ FirmwareVolmeInfoPpiNotifyCallback ( // for (FvIndex = 0; FvIndex < PrivateData->FvCount; FvIndex ++) { if (PrivateData->Fv[FvIndex].FvHandle == FvHandle) { + if (IsFvInfo2 && (FvInfo2Ppi.AuthenticationStatus != PrivateData->Fv[FvIndex].AuthenticationStatus)) { + PrivateData->Fv[FvIndex].AuthenticationStatus = FvInfo2Ppi.AuthenticationStatus; + DEBUG ((EFI_D_INFO, "Update AuthenticationStatus of the %dth FV to 0x%x!\n", FvIndex, FvInfo2Ppi.AuthenticationStatus)); + } DEBUG ((EFI_D_INFO, "The Fv %p has already been processed!\n", FvInfo2Ppi.FvInfo)); return EFI_SUCCESS; } @@ -1337,8 +1344,16 @@ ProcessFvFile ( ASSERT_EFI_ERROR (Status); // - // Install FvInfo2 Ppi and Build FvHob + // Install FvInfo(2) Ppi // + PeiServicesInstallFvInfoPpi ( + &FvHeader->FileSystemGuid, + (VOID**) FvHeader, + (UINT32) FvHeader->FvLength, + &ParentFvImageInfo.FvName, + &FileInfo.FileName + ); + PeiServicesInstallFvInfo2Ppi ( &FvHeader->FileSystemGuid, (VOID**) FvHeader, diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c index f3f4b3f4c0..f2650a20f3 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -461,6 +461,7 @@ FirmwareVolmeInfoPpiNotifyCallback ( EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv; EFI_STATUS Status; EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi; + UINTN Index; Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi; @@ -485,6 +486,14 @@ FirmwareVolmeInfoPpiNotifyCallback ( ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)); if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) { + // + // Check whether FV is in the measured child FV list. + // + for (Index = 0; Index < mMeasuredChildFvIndex; Index++) { + if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) { + return EFI_SUCCESS; + } + } mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo; mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize; mMeasuredChildFvIndex++; diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c index 5dfbd8d893..001a45b310 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c @@ -16,6 +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include +#include #include #include #include @@ -112,6 +113,11 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = { &gEfiPeiFirmwareVolumeInfoPpiGuid, FirmwareVolmeInfoPpiNotifyCallback }, + { + EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK, + &gEfiPeiFirmwareVolumeInfo2PpiGuid, + FirmwareVolmeInfoPpiNotifyCallback + }, { (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), &gEfiEndOfPeiSignalPpiGuid, @@ -518,6 +524,7 @@ FirmwareVolmeInfoPpiNotifyCallback ( EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv; EFI_STATUS Status; EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi; + UINTN Index; Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi; @@ -542,6 +549,14 @@ FirmwareVolmeInfoPpiNotifyCallback ( ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)); if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) { + // + // Check whether FV is in the measured child FV list. + // + for (Index = 0; Index < mMeasuredChildFvIndex; Index++) { + if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) { + return EFI_SUCCESS; + } + } mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo; mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize; mMeasuredChildFvIndex++; diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf index 719f2b4a64..f5fb3d1acb 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf @@ -53,6 +53,7 @@ [Ppis] gEfiPeiFirmwareVolumeInfoPpiGuid + gEfiPeiFirmwareVolumeInfo2PpiGuid gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid gPeiTpmInitializedPpiGuid gEfiEndOfPeiSignalPpiGuid -- 2.39.2