From nobody Wed Dec 25 13:10:49 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1507879577771228.96925826728568; Fri, 13 Oct 2017 00:26:17 -0700 (PDT) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id D05C521F7D500; Fri, 13 Oct 2017 00:22:44 -0700 (PDT) Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3962A21F7D4F5 for ; Fri, 13 Oct 2017 00:22:43 -0700 (PDT) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 13 Oct 2017 00:26:15 -0700 Received: from czhan46-mobl1.ccr.corp.intel.com ([10.239.192.197]) by fmsmga002.fm.intel.com with ESMTP; 13 Oct 2017 00:25:51 -0700 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.88; helo=mga01.intel.com; envelope-from=chao.b.zhang@intel.com; receiver=edk2-devel@lists.01.org X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.43,369,1503385200"; d="scan'208";a="1230331885" From: "Zhang, Chao B" To: edk2-devel@lists.01.org Date: Fri, 13 Oct 2017 15:25:49 +0800 Message-Id: <20171013072549.41328-1-chao.b.zhang@intel.com> X-Mailer: git-send-email 2.11.0.windows.1 Subject: [edk2] [PATCH V2] SecurityPkg\Tcg2Pei: FV measure performance enhancement X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: jiewen.yao@intel.com, Chao Zhang , qin.long@intel.com MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" 1. Leverage Pre-Hashed FV PPI to reduce duplicated hash 2. Only measure BFV at the beginning. Other FVs are measured in FVinfo call= back with nested FV check. https://bugzilla.tianocore.org/show_bug.cgi?id=3D662 Cc: Long Qin Cc: Yao Jiewen Cc: Sean Brogan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang Reviewed-by: Long Qin --- .../Include/Ppi/FirmwareVolumeInfoPrehashedFV.h | 70 ++++++ SecurityPkg/SecurityPkg.dec | 7 +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 245 +++++++++++++++--= ---- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 2 + 4 files changed, 250 insertions(+), 74 deletions(-) create mode 100644 SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h diff --git a/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h b/Secu= rityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h new file mode 100644 index 0000000..2273357 --- /dev/null +++ b/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h @@ -0,0 +1,70 @@ +/** @file +PPI to describe all hash digests for a given FV + +Copyright (c) 2017, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD = License +which accompanies this distribution. The full text of the license may be = found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLI= ED. + +**/ +/** +PPI to describe all hash digests for a given FV + +Copyright (c) 2017, Microsoft Corporation + +All rights reserved. +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are met: +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. +2. Redistributions in binary form must reproduce the above copyright notic= e, +this list of conditions and the following disclaimer in the documentation + and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS= " AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPL= IED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DIS= CLAIMED. +IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY D= IRECT, +INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUD= ING, +BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF U= SE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEO= RY OF +LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLI= GENCE +OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +**/ + +#ifndef __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__ +#define __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__ + +#define EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI_GUID \ + { 0x3ce1e631, 0x7008, 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49,= 0x4b } } + +// +// HashAlgoId is TPM_ALG_ID in Tpm20.h +// +typedef struct _HASH_INFO { + UINT16 HashAlgoId; + UINT16 HashSize; + //UINT8 Hash[]; +} HASH_INFO; + +// +// This PPI indicates a FV is already hashed, platform should ensure 1:1 m= apping between pre-hashed PPI and FV. +// The Count field in PPI is followed by Count number of FV hash info entr= ies, which can be extended to PCR and logged to TCG event log directly by T= CG modules. +// +typedef struct { + UINT32 FvBase; + UINT32 FvLength; + UINT32 Count; + //HASH_INFO HashInfo[]; +} EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI; + +extern EFI_GUID gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid; + +#endif + diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 7a900dc..45d95c5 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -7,6 +7,7 @@ # # Copyright (c) 2009 - 2017, Intel Corporation. All rights reserved.
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
+# Copyright (c) 2017, Microsoft Corporation. All rights reserved.
# This program and the accompanying materials are licensed and made availa= ble under # the terms and conditions of the BSD License which accompanies this distr= ibution. # The full text of the license may be found at @@ -222,6 +223,9 @@ ## Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid =3D { 0x6e056ff9, 0x= c695, 0x4364, { 0x9e, 0x2c, 0x61, 0x26, 0xf5, 0xce, 0xea, 0xae } } =20 + ## Include/Ppi/FirmwareVolumeInfoPrehashedFV.h + gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid =3D { 0x3ce1e631, 0x7008, = 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49, 0x4b } } + # # [Error.gEfiSecurityPkgTokenSpaceGuid] # 0x80000001 | Invalid value provided. @@ -452,9 +456,10 @@ =20 [PcdsDynamic, PcdsDynamicEx] =20 - ## This PCD indicates Hash mask for TPM 2.0.

+ ## This PCD indicates Hash mask for TPM 2.0. Bit definition strictly fol= lows TCG Algorithm Registry.

# If this bit is set, that means this algorithm is needed to extend to = PCR.
# If this bit is clear, that means this algorithm is NOT needed to exte= nd to PCR.
+ # If all the bits are clear, that means hash algorithm is determined by= current Active PCR Banks.
# BIT0 - SHA1.
# BIT1 - SHA256.
# BIT2 - SHA384.
diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c b/SecurityPkg/Tcg/Tcg2Pei/Tc= g2Pei.c index 69adad4..a7ae335 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c @@ -2,6 +2,7 @@ Initialize TPM2 device and measure FVs before handing off control to DXE. =20 Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2017, Microsoft Corporation. All rights reserved.
This program and the accompanying materials=20 are licensed and made available under the terms and conditions of the BSD = License=20 which accompanies this distribution. The full text of the license may be = found at=20 @@ -22,6 +23,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include #include #include +#include =20 #include #include @@ -133,7 +135,6 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] =3D { } }; =20 -EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI *mMeasurementExclude= dFvPpi; =20 /** Record all measured Firmware Volum Information into a Guid Hob @@ -215,6 +216,13 @@ SyncPcrAllocationsAndPcrMask ( ASSERT_EFI_ERROR (Status); =20 Tpm2PcrMask =3D PcdGet32 (PcdTpm2HashMask); + if (Tpm2PcrMask =3D=3D 0) { + // + // if PcdTPm2HashMask is zero, use ActivePcr setting + // + PcdSet32S (PcdTpm2HashMask, TpmActivePcrBanks); + Tpm2PcrMask =3D TpmActivePcrBanks; + } =20 // // Find the intersection of Pcd support and TPM support. @@ -455,53 +463,152 @@ MeasureFvImage ( IN UINT64 FvLength ) { - UINT32 Index; - EFI_STATUS Status; - EFI_PLATFORM_FIRMWARE_BLOB FvBlob; - TCG_PCR_EVENT_HDR TcgEventHdr; - - // - // Check if it is in Excluded FV list - // - if (mMeasurementExcludedFvPpi !=3D NULL) { - for (Index =3D 0; Index < mMeasurementExcludedFvPpi->Count; Index ++) { - if (mMeasurementExcludedFvPpi->Fv[Index].FvBase =3D=3D FvBase) { - DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei starts at= : 0x%x\n", FvBase)); - DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei has the s= ize: 0x%x\n", FvLength)); - return EFI_SUCCESS; + UINT32 Index; + EFI_STATUS Status; + EFI_PLATFORM_FIRMWARE_BLOB FvBlob; + TCG_PCR_EVENT_HDR TcgEventHdr; + UINT32 Instance; + UINT32 Tpm2HashMask; + TPML_DIGEST_VALUES DigestList; + UINT32 DigestCount; + EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI *MeasurementExclud= edFvPpi; + EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI *PrehashedFvPpi; + HASH_INFO *PreHashInfo; + UINT32 HashAlgoMask; + + // + // Check Excluded FV list + // + Instance =3D 0; + do { + Status =3D PeiServicesLocatePpi( + &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid, + Instance, + NULL, + (VOID**)&MeasurementExcludedFvPpi + ); + if (!EFI_ERROR(Status)) { + for (Index =3D 0; Index < MeasurementExcludedFvPpi->Count; Index ++)= { + if (MeasurementExcludedFvPpi->Fv[Index].FvBase =3D=3D FvBase + && MeasurementExcludedFvPpi->Fv[Index].FvLength =3D=3D FvLength) { + DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei starts = at: 0x%x\n", FvBase)); + DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei has the= size: 0x%x\n", FvLength)); + return EFI_SUCCESS; + } } + + Instance++; } - } + } while (!EFI_ERROR(Status)); =20 // - // Check whether FV is in the measured FV list. + // Check measured FV list // for (Index =3D 0; Index < mMeasuredBaseFvIndex; Index ++) { - if (mMeasuredBaseFvInfo[Index].BlobBase =3D=3D FvBase) { + if (mMeasuredBaseFvInfo[Index].BlobBase =3D=3D FvBase && mMeasuredBase= FvInfo[Index].BlobLength =3D=3D FvLength) { + DEBUG ((DEBUG_INFO, "The FV which is already measured by Tcg2Pei sta= rts at: 0x%x\n", FvBase)); + DEBUG ((DEBUG_INFO, "The FV which is already measured by Tcg2Pei has= the size: 0x%x\n", FvLength)); return EFI_SUCCESS; } } - =20 + // - // Measure and record the FV to the TPM + // Check pre-hashed FV list // - FvBlob.BlobBase =3D FvBase; - FvBlob.BlobLength =3D FvLength; + Instance =3D 0; + Tpm2HashMask =3D PcdGet32 (PcdTpm2HashMask); + do { + Status =3D PeiServicesLocatePpi ( + &gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid, + Instance, + NULL, + (VOID**)&PrehashedFvPpi + ); + if (!EFI_ERROR(Status) && PrehashedFvPpi->FvBase =3D=3D FvBase && Preh= ashedFvPpi->FvLength =3D=3D FvLength) { + ZeroMem (&DigestList, sizeof(TPML_DIGEST_VALUES)); + + // + // The FV is prehashed, check against TPM hash mask + // + PreHashInfo =3D (HASH_INFO *)(PrehashedFvPpi + 1); + for (Index =3D 0, DigestCount =3D 0; Index < PrehashedFvPpi->Count; = Index++) { + DEBUG((DEBUG_INFO, "Hash Algo ID in PrehashedFvPpi=3D0x%x\n", PreH= ashInfo->HashAlgoId)); + HashAlgoMask =3D GetHashMaskFromAlgo(PreHashInfo->HashAlgoId); + if ((Tpm2HashMask & HashAlgoMask) !=3D 0 ) { + // + // Hash is required, copy it to DigestList + // + WriteUnaligned16(&(DigestList.digests[DigestCount].hashAlg), Pre= HashInfo->HashAlgoId); + CopyMem ( + &DigestList.digests[DigestCount].digest, + PreHashInfo + 1, + PreHashInfo->HashSize + ); + DigestCount++; + // + // Clean the corresponding Hash Algo mask bit + // + Tpm2HashMask &=3D ~HashAlgoMask; + } + PreHashInfo =3D (HASH_INFO *)((UINT8 *)(PreHashInfo + 1) + PreHash= Info->HashSize); + } + + WriteUnaligned32(&DigestList.count, DigestCount); =20 - DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei starts at: 0x%x= \n", FvBlob.BlobBase)); - DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei has the size: 0= x%x\n", FvBlob.BlobLength)); + break; + } + Instance++; + } while (!EFI_ERROR(Status)); =20 - TcgEventHdr.PCRIndex =3D 0; + // + // Init the log event for FV measurement + // + FvBlob.BlobBase =3D FvBase; + FvBlob.BlobLength =3D FvLength; + TcgEventHdr.PCRIndex =3D 0; TcgEventHdr.EventType =3D EV_EFI_PLATFORM_FIRMWARE_BLOB; TcgEventHdr.EventSize =3D sizeof (FvBlob); =20 - Status =3D HashLogExtendEvent ( - 0, - (UINT8*) (UINTN) FvBlob.BlobBase, - (UINTN) FvBlob.BlobLength, - &TcgEventHdr, - (UINT8*) &FvBlob - ); + if (Tpm2HashMask =3D=3D 0) { + // + // FV pre-hash algos comply with current TPM hash requirement + // Skip hashing step in measure, only extend DigestList to PCR and log= event + // + Status =3D Tpm2PcrExtend( + 0, + &DigestList + ); + + if (!EFI_ERROR(Status)) { + Status =3D LogHashEvent (&DigestList, &TcgEventHdr, (UINT8*) &FvBlo= b); + DEBUG ((DEBUG_INFO, "The pre-hashed FV which is extended & logged b= y Tcg2Pei starts at: 0x%x\n", FvBlob.BlobBase)); + DEBUG ((DEBUG_INFO, "The pre-hashed FV which is extended & logged b= y Tcg2Pei has the size: 0x%x\n", FvBlob.BlobLength)); + } else if (Status =3D=3D EFI_DEVICE_ERROR) { + BuildGuidHob (&gTpmErrorHobGuid,0); + REPORT_STATUS_CODE ( + EFI_ERROR_CODE | EFI_ERROR_MINOR, + (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ER= ROR) + ); + } + } else { + // + // Hash the FV, extend digest to the TPM and log TCG event + // + Status =3D HashLogExtendEvent ( + 0, + (UINT8*) (UINTN) FvBlob.BlobBase, + (UINTN) FvBlob.BlobLength, + &TcgEventHdr, + (UINT8*) &FvBlob + ); + DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei starts at: 0x= %x\n", FvBlob.BlobBase)); + DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei has the size:= 0x%x\n", FvBlob.BlobLength)); + } + + if (EFI_ERROR(Status)) { + DEBUG ((DEBUG_ERROR, "The FV which failed to be measured starts at: 0x= %x\n", FvBase)); + return Status; + } =20 // // Add new FV into the measured FV list. @@ -530,47 +637,44 @@ MeasureMainBios ( ) { EFI_STATUS Status; - UINT32 FvInstances; EFI_PEI_FV_HANDLE VolumeHandle; EFI_FV_INFO VolumeInfo; EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi; =20 PERF_START_EX (mFileHandle, "EventRec", "Tcg2Pei", 0, PERF_ID_TCG2_PEI); - FvInstances =3D 0; - while (TRUE) { - // - // Traverse all firmware volume instances of Static Core Root of Trust= for Measurement - // (S-CRTM), this firmware volume measure policy can be modified/enhan= ced by special - // platform for special CRTM TPM measuring. - // - Status =3D PeiServicesFfsFindNextVolume (FvInstances, &VolumeHandle); - if (EFI_ERROR (Status)) { - break; - } - =20 - // - // Measure and record the firmware volume that is dispatched by PeiCore - // - Status =3D PeiServicesFfsGetVolumeInfo (VolumeHandle, &VolumeInfo); - ASSERT_EFI_ERROR (Status); - // - // Locate the corresponding FV_PPI according to founded FV's format gu= id - // - Status =3D PeiServicesLocatePpi ( - &VolumeInfo.FvFormat,=20 - 0,=20 - NULL, - (VOID**)&FvPpi - ); - if (!EFI_ERROR (Status)) { - MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) VolumeInfo.FvStart, V= olumeInfo.FvSize); - } =20 - FvInstances++; - } + // + // Only measure BFV at the very beginning. Other parts of Static Core Ro= ot of + // Trust for Measurement(S-CRTM) will be measured later on FvInfoNotify. + // BFV is processed without installing FV Info Ppi. Other FVs either ins= ide BFV or + // reported by platform will be installed with Fv Info Ppi + // This firmware volume measure policy can be modified/enhanced by speci= al + // platform for special CRTM TPM measuring. + // + Status =3D PeiServicesFfsFindNextVolume (0, &VolumeHandle); + ASSERT_EFI_ERROR (Status); + + // + // Measure and record the firmware volume that is dispatched by PeiCore + // + Status =3D PeiServicesFfsGetVolumeInfo (VolumeHandle, &VolumeInfo); + ASSERT_EFI_ERROR (Status); + // + // Locate the corresponding FV_PPI according to founded FV's format guid + // + Status =3D PeiServicesLocatePpi ( + &VolumeInfo.FvFormat, + 0, + NULL, + (VOID**)&FvPpi + ); + ASSERT_EFI_ERROR (Status); + + Status =3D MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) VolumeInfo.FvS= tart, VolumeInfo.FvSize); + PERF_END_EX (mFileHandle, "EventRec", "Tcg2Pei", 0, PERF_ID_TCG2_PEI + 1= ); =20 - return EFI_SUCCESS; + return Status; } =20 /** @@ -655,14 +759,6 @@ PeimEntryMP ( { EFI_STATUS Status; =20 - Status =3D PeiServicesLocatePpi ( - &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,=20 - 0,=20 - NULL, - (VOID**)&mMeasurementExcludedFvPpi - ); - // Do not check status, because it is optional - mMeasuredBaseFvInfo =3D (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool= (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported)= ); ASSERT (mMeasuredBaseFvInfo !=3D NULL); mMeasuredChildFvInfo =3D (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool= (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported)= ); @@ -673,6 +769,9 @@ PeimEntryMP ( } =20 Status =3D MeasureMainBios (); + if (EFI_ERROR(Status)) { + return Status; + } =20 // // Post callbacks: diff --git a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf b/SecurityPkg/Tcg/Tcg2Pei/= Tcg2Pei.inf index 1b79ee4..f7b8544 100644 --- a/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf +++ b/SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf @@ -9,6 +9,7 @@ # This module will initialize TPM device, measure reported FVs and BIOS v= ersion. # # Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2017, Microsoft Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BS= D License # which accompanies this distribution. The full text of the license may be= found at @@ -75,6 +76,7 @@ gPeiTpmInitializedPpiGuid ## = SOMETIMES_PRODUCES gPeiTpmInitializationDonePpiGuid ## = PRODUCES gEfiEndOfPeiSignalPpiGuid ## = SOMETIMES_CONSUMES ## NOTIFY + gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid ## = SOMETIMES_CONSUMES =20 [Pcd] gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## = SOMETIMES_CONSUMES --=20 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel