summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStar Zeng <star.zeng@intel.com>2014-04-15 09:19:04 +0000
committerlzeng14 <lzeng14@6f19259b-4bc3-4df7-8a09-765794883524>2014-04-15 09:19:04 +0000
commit387208ab04f54edb75c0853cf1ba1443bd796347 (patch)
tree30026f1f9922c7c6479f4a9625971e3764d6167b
parenta78167a64190eaccc99f84a1485ecb50a4fd0e6f (diff)
downloadedk2-platforms-387208ab04f54edb75c0853cf1ba1443bd796347.tar.xz
MdeModulePkg/SecurityPkg: Update TreePei to handle FvInfo2 and update FwVol of PeiCore to always install both FvInfo and FvInfo2.
Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng <star.zeng@intel.com> Reviewed-by: Liming Gao <liming.gao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15467 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r--MdeModulePkg/Core/Pei/FwVol/FwVol.c19
-rw-r--r--SecurityPkg/Tcg/TcgPei/TcgPei.c9
-rw-r--r--SecurityPkg/Tcg/TrEEPei/TrEEPei.c15
-rw-r--r--SecurityPkg/Tcg/TrEEPei/TrEEPei.inf1
4 files changed, 42 insertions, 2 deletions
diff --git a/MdeModulePkg/Core/Pei/FwVol/FwVol.c b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
index ec855a8df4..fe876ed393 100644
--- a/MdeModulePkg/Core/Pei/FwVol/FwVol.c
+++ b/MdeModulePkg/Core/Pei/FwVol/FwVol.c
@@ -1,7 +1,7 @@
/** @file
Pei Core Firmware File System service routines.
-Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -525,6 +525,7 @@ FirmwareVolmeInfoPpiNotifyCallback (
UINTN FvIndex;
EFI_PEI_FILE_HANDLE FileHandle;
VOID *DepexData;
+ BOOLEAN IsFvInfo2;
Status = EFI_SUCCESS;
PrivateData = PEI_CORE_INSTANCE_FROM_PS_THIS (PeiServices);
@@ -540,12 +541,14 @@ FirmwareVolmeInfoPpiNotifyCallback (
// It is FvInfo2PPI.
//
CopyMem (&FvInfo2Ppi, Ppi, sizeof (EFI_PEI_FIRMWARE_VOLUME_INFO2_PPI));
+ IsFvInfo2 = TRUE;
} else {
//
// It is FvInfoPPI.
//
CopyMem (&FvInfo2Ppi, Ppi, sizeof (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI));
FvInfo2Ppi.AuthenticationStatus = 0;
+ IsFvInfo2 = FALSE;
}
//
@@ -572,6 +575,10 @@ FirmwareVolmeInfoPpiNotifyCallback (
//
for (FvIndex = 0; FvIndex < PrivateData->FvCount; FvIndex ++) {
if (PrivateData->Fv[FvIndex].FvHandle == FvHandle) {
+ if (IsFvInfo2 && (FvInfo2Ppi.AuthenticationStatus != PrivateData->Fv[FvIndex].AuthenticationStatus)) {
+ PrivateData->Fv[FvIndex].AuthenticationStatus = FvInfo2Ppi.AuthenticationStatus;
+ DEBUG ((EFI_D_INFO, "Update AuthenticationStatus of the %dth FV to 0x%x!\n", FvIndex, FvInfo2Ppi.AuthenticationStatus));
+ }
DEBUG ((EFI_D_INFO, "The Fv %p has already been processed!\n", FvInfo2Ppi.FvInfo));
return EFI_SUCCESS;
}
@@ -1337,8 +1344,16 @@ ProcessFvFile (
ASSERT_EFI_ERROR (Status);
//
- // Install FvInfo2 Ppi and Build FvHob
+ // Install FvInfo(2) Ppi
//
+ PeiServicesInstallFvInfoPpi (
+ &FvHeader->FileSystemGuid,
+ (VOID**) FvHeader,
+ (UINT32) FvHeader->FvLength,
+ &ParentFvImageInfo.FvName,
+ &FileInfo.FileName
+ );
+
PeiServicesInstallFvInfo2Ppi (
&FvHeader->FileSystemGuid,
(VOID**) FvHeader,
diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c
index f3f4b3f4c0..f2650a20f3 100644
--- a/SecurityPkg/Tcg/TcgPei/TcgPei.c
+++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c
@@ -461,6 +461,7 @@ FirmwareVolmeInfoPpiNotifyCallback (
EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv;
EFI_STATUS Status;
EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
+ UINTN Index;
Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi;
@@ -485,6 +486,14 @@ FirmwareVolmeInfoPpiNotifyCallback (
ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) {
+ //
+ // Check whether FV is in the measured child FV list.
+ //
+ for (Index = 0; Index < mMeasuredChildFvIndex; Index++) {
+ if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) {
+ return EFI_SUCCESS;
+ }
+ }
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo;
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize;
mMeasuredChildFvIndex++;
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c
index 5dfbd8d893..001a45b310 100644
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c
+++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c
@@ -16,6 +16,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <IndustryStandard/UefiTcgPlatform.h>
#include <Ppi/FirmwareVolumeInfo.h>
+#include <Ppi/FirmwareVolumeInfo2.h>
#include <Ppi/LockPhysicalPresence.h>
#include <Ppi/TpmInitialized.h>
#include <Ppi/FirmwareVolume.h>
@@ -113,6 +114,11 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
FirmwareVolmeInfoPpiNotifyCallback
},
{
+ EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
+ &gEfiPeiFirmwareVolumeInfo2PpiGuid,
+ FirmwareVolmeInfoPpiNotifyCallback
+ },
+ {
(EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
&gEfiEndOfPeiSignalPpiGuid,
EndofPeiSignalNotifyCallBack
@@ -518,6 +524,7 @@ FirmwareVolmeInfoPpiNotifyCallback (
EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv;
EFI_STATUS Status;
EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
+ UINTN Index;
Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi;
@@ -542,6 +549,14 @@ FirmwareVolmeInfoPpiNotifyCallback (
ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) {
+ //
+ // Check whether FV is in the measured child FV list.
+ //
+ for (Index = 0; Index < mMeasuredChildFvIndex; Index++) {
+ if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) {
+ return EFI_SUCCESS;
+ }
+ }
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo;
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize;
mMeasuredChildFvIndex++;
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf
index 719f2b4a64..f5fb3d1acb 100644
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf
+++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf
@@ -53,6 +53,7 @@
[Ppis]
gEfiPeiFirmwareVolumeInfoPpiGuid
+ gEfiPeiFirmwareVolumeInfo2PpiGuid
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid
gPeiTpmInitializedPpiGuid
gEfiEndOfPeiSignalPpiGuid