REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2303
This patch series add support for device security based upon the DMTF SPDM specification. https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_0.95a.zip We did design review at 18 Oct, 2019. https://edk2.groups.io/g/devel/files/Designs/2019/1018 And the feedback from the meeting is addressed. https://edk2.groups.io/g/devel/files/Designs/2019/1018/EDKII-Device%20Firmware%20Security%20v2.pdf The Device security protocol is added in EDKII repo. Here we add the producer what follows Intel PCI security spec to do the device firmware measurement. https://www.intel.com/content/www/us/en/io/pci-express/pcie-device-security-enhancements-spec.html The EDKII repo update is at https://github.com/jyao1/edk2/tree/DeviceSecurityMasterV2 The EDKII platform repo update is at https://github.com/jyao1/edk2-platforms/tree/DeviceSecurityMasterV2 The validation has been done on a Intel internal platform. The device measurement can be shown in TCG event log. signed-off-by: Jiewen Yao <jiewen....@intel.com> Jiewen Yao (6): IntelSiliconPkg/Include: Add Intel PciSecurity definition. IntelSiliconPkg/Include: Add Platform Device Security Policy protocol IntelSiliconPkg/dec: Add ProtocolGuid definition. IntelSiliconPkg/IntelPciDeviceSecurityDxe: Add PciSecurity. IntelSiliconPkg/SamplePlatformDevicePolicyDxe: Add sample policy. IntelSiliconPkg/dsc: Add Device Security component. .../IntelPciDeviceSecurityDxe.c | 701 ++++++++++++++++++ .../IntelPciDeviceSecurityDxe.inf | 45 ++ .../TcgDeviceEvent.h | 193 +++++ .../SamplePlatformDevicePolicyDxe.c | 189 +++++ .../SamplePlatformDevicePolicyDxe.inf | 40 + .../IndustryStandard/IntelPciSecurity.h | 66 ++ .../Protocol/PlatformDeviceSecurityPolicy.h | 84 +++ .../Intel/IntelSiliconPkg/IntelSiliconPkg.dec | 1 + .../Intel/IntelSiliconPkg/IntelSiliconPkg.dsc | 3 + 9 files changed, 1322 insertions(+) create mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.c create mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/IntelPciDeviceSecurityDxe.inf create mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/IntelPciDeviceSecurityDxe/TcgDeviceEvent.h create mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/SamplePlatformDevicePolicyDxe/SamplePlatformDevicePolicyDxe.c create mode 100644 Silicon/Intel/IntelSiliconPkg/Feature/PcieSecurity/SamplePlatformDevicePolicyDxe/SamplePlatformDevicePolicyDxe.inf create mode 100644 Silicon/Intel/IntelSiliconPkg/Include/IndustryStandard/IntelPciSecurity.h create mode 100644 Silicon/Intel/IntelSiliconPkg/Include/Protocol/PlatformDeviceSecurityPolicy.h -- 2.19.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#49768): https://edk2.groups.io/g/devel/message/49768 Mute This Topic: https://groups.io/mt/40117794/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
