Re: [edk2-devel] [PATCH v1] MinPlatformPkg: Remove PeiDxeTpmPlatformHierarchyLib

Reviewed-by: Rodrigo Gonzalez del Cueto -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#112055): https://edk2.groups.io/g/devel/message/112055 Mute This Topic: https://groups.io/mt/102974261/21656 Group Owner: devel+ow...@edk2.groups.io

[edk2-devel] [edk2-platforms][Patch V2] MinPlatformPkg: Library for customizing TPM platform auth

orm and storage hierarchy. Cc: Michael Kubacki Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Signed-off-by: Rodrigo Gonzalez del Cueto --- .../Include/Library/TpmPlatformAuthLib.h | 24 ++ .../Intel/MinPlatformPkg/MinPlatformPkg.dec | 2 + .../Intel/MinPlatformPkg/MinPlatform

[edk2-devel] [edk2-platforms][Patch V3 1/1] MinPlatformPkg: Library for customizing TPM platform hierarchy

figuration of the TPM platform, provisioning of endorsement, platform and storage hierarchy. Cc: Michael Kubacki Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Signed-off-by: Rodrigo Gonzalez del Cueto --- .../Include/Library/TpmPlatformHierarchyLib.h | 29 +++ .../Intel/MinP

[edk2-devel] [edk2-platforms][Patch V4 0/2] MinPlatformPkg: Introduce library for customizing TPM platform configuration

[PATCH 4] Split up TpmPlatformHierarchyLib from Tcg2PlatformDxe modifications [PATCH 1/2] Introduction of TpmPlatformHierarchyLib [PATCH 2/2] Modification on Tcg2PlatformDxe to use TpmPlatformHierarchyLib Rodrigo Gonzalez del Cueto (2): MinPlatformPkg: Library for customizing TPM platform

[edk2-devel] [edk2-platforms][Patch V4 2/2] MinPlatformPkg: Tcg2PlatformDxe to use TpmPlatformHierarchyLib

ned-off-by: Rodrigo Gonzalez del Cueto --- .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c | 168 +++--- .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf | 12 +- 2 files changed, 24 insertions(+), 156 deletions(-) diff --git a/Platform/Intel/MinPlatformPkg/Tcg/Tcg2PlatformDxe/Tcg2Platfo

[edk2-devel] [edk2-platforms][Patch V4 1/2] MinPlatformPkg: Library for customizing TPM platform hierarchy

, provisioning of endorsement, platform and storage hierarchy. Cc: Michael Kubacki Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Signed-off-by: Rodrigo Gonzalez del Cueto --- .../Include/Library/TpmPlatformHierarchyLib.h | 29 +++ .../Intel/MinPlatformPkg/MinPlatformPkg.dec | 2

[edk2-devel] [edk2-platforms][Patch V5 0/2] MinPlatformPkg: Introduce library for customizing TPM platform configuration

[PATCH 5] Split up TpmPlatformHierarchyLib from Tcg2PlatformDxe modifications [PATCH 1/2] Add new library class TpmPlatformHierarchyLib [PATCH 2/2] Add usage in Tcg2PlatformDxe Rodrigo Gonzalez del Cueto (2): MinPlatformPkg: Library for customizing TPM platform hierarchy MinPlatformPkg

[edk2-devel] [edk2-platforms][Patch V5 1/2] MinPlatformPkg: Library for customizing TPM platform hierarchy

should enable to customize the configuration of the TPM platform, provisioning of endorsement, platform and storage hierarchy. Cc: Michael Kubacki Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Signed-off-by: Rodrigo Gonzalez del Cueto --- .../Include/Library/TpmPlatformHierarchyLib.h | 29

[edk2-devel] [edk2-platforms][Patch V5 2/2] MinPlatformPkg: Tcg2PlatformDxe to use TpmPlatformHierarchyLib

Hierarchy. Cc: Michael Kubacki Cc: Chasel Chiu Cc: Nate DeSimone Cc: Liming Gao Signed-off-by: Rodrigo Gonzalez del Cueto --- .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.c | 168 +++--- .../Tcg/Tcg2PlatformDxe/Tcg2PlatformDxe.inf | 12 +- 2 files changed, 24 insertions(+), 156

[edk2-devel] [PATCH] SecurityPkg: Remove enforcement of final GoIdle transition for CRB commands

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4077 Following the design described in the TCG specification, the driver implementation of the CRB protocol does not require enforcing completing the transition to goIdle at the end of a command sequence. Signed-off-by: "Gonzalez Del Cueto, Rodr

[edk2-devel] [PATCH] SecurityPkg: Fix GetSupportedAndActivePcrs counter calculation

directly from the Tpm2GetCapabilityPcrs() TPML_PCR_SELECTION output. The counter should only take into account those PCRs banks which are active. Replaced usage of EFI_D_* for DEBUG_* definitions in debug messages. Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Signed-off-by: Rodrigo Gonzalez del

[edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.

Cc: Qi Zhang Signed-off-by: Rodrigo Gonzalez del Cueto --- SecurityPkg/Include/Library/Tpm2CommandLib.h | 25 +- .../Library/Tpm2CommandLib/Tpm2Integrity.c| 468 -- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 32 +- 3 files changed, 364 insertions(+), 161 deletions

[edk2-devel] [PATCH] SecurityPkg: Fix GetSupportedAndActivePcrs counter calculation

Gonzalez del Cueto --- SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c | 46 +- 1 file changed, 29 insertions(+), 17 deletions(-) diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c

Re: [edk2-devel] [PATCH] SecurityPkg: Fix GetSupportedAndActivePcrs counter calculation

will review and give comment to the latest version. > > Thank you > Yao Jiewen > > > > -Original Message- > > From: devel@edk2.groups.io On Behalf Of > Rodrigo > > Gonzalez del Cueto > > Sent: Tuesday, July 21, 2020 5:27 AM > >

Re: [edk2-devel] [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion.

for TPM 2.0, > Version 1.0, Rev 0.27 > > Signed-off-by: Rodrigo Gonzalez del Cueto > > Cc: Jian J Wang > Cc: Jiewen Yao > --- > SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 12 +--- > 1 file changed, 1 insertion(+), 11 deletions(-) > > diff

Re: [edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support.

on the supported hashing algorithms > registered by the HashLib instances. > > Need to have an additional check for the intersection between the > TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the > HashLib instances present on the platform's BIOS. > > Signed-off-by:

[edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support.

PcdTcg2HashAlgorithmBitmap populated by the HashLib instances present on the platform's BIOS. Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c | 6 +- SecurityPkg/Library/HashLibBaseCryptoR

[edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858 In V2: Fixed patch format and uncrustify cleanup In V1: Add debug functionality to examine TPM extend operations performed by BIOS and inspect the PCR 00 value prior to any BIOS measurements. Signed-off-by: Rodrigo Gonzalez del Cueto Cc

[edk2-devel] [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion

TPM device. See: TCG PC Client Device Driver Design Principles for TPM 2.0, Version 1.0, Rev 0.27 Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 14 ++ 1 file changed, 2 insertions(+), 12 deletions

[edk2-devel] [PATCH] SecurityPkg: Reallocate TPM Active PCRs based on platform support

between the TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the HashLib instances present on the platform's BIOS. Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c

Re: [edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations

Ran CI on this version of the patch using a draft pull request: SecurityPkg: Debug code to audit BIOS TPM extend operations by rodrigog-intel · Pull Request #2321 · tianocore/edk2 (github.com) ( https://github.com/tianocore/edk2/pull/2321 ) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive

Re: [edk2-devel] [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion

Ran CI on this version of the patch using a draft pull request: SecurityPkg: TPM must go to Idle state on CRB command completion by rodrigog-intel · Pull Request #2320 · tianocore/edk2 (github.com) ( https://github.com/tianocore/edk2/pull/2320 ) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You rec

Re: [edk2-devel] [PATCH] SecurityPkg: Reallocate TPM Active PCRs based on platform support

Ran CI on this version of the patch using a draft pull request: SecurityPkg: Reallocate TPM Active PCRs based on platform support by rodrigog-intel · Pull Request #2322 · tianocore/edk2 (github.com) ( https://github.com/tianocore/edk2/pull/2322 ) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You re

[edk2-devel] [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion.

: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 12 +--- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c index

[edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support.

BIOS. Change-Id: I1cdabe14a4fb5adfc289a2dd60f1b467c64282ac Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 18 +- SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf | 1 + 2 files changed, 18 insertions(+), 1 deletion(-) diff --

[edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858 Add debug functionality to examine TPM extend operations performed by BIOS and inspect the PCR 00 value prior to any BIOS measurements. Replaced usage of EFI_D_* for DEBUG_* definitions in debug messages. Signed-off-by: Rodrigo Gonzalez

Re: [edk2-devel] [PATCH] SecurityPkg: TPM must go to Idle state on CRB command completion.

Missed adding the Bugzilla reference to the patch. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3463 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#78448): https://edk2.groups.io/g/devel/message/78448 Mute This Topic: https://grou

[edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support.

instances. Need to have an additional check for the intersection between the TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the HashLib instances present on the platform's BIOS. Signed-off-by: Rodrigo Gonzalez del Cueto Cc: Jian J Wang Cc: Jiewen Yao --- SecurityPkg/Li

Re: [edk2-devel] [PATCH] Reallocate TPM Active PCRs based on platform support.

location is occurring based on the supported hashing algorithms > registered by the HashLib instances. > > Need to have an additional check for the intersection between the > TpmActivePcrBanks and the PcdTcg2HashAlgorithmBitmap populated by the > HashLib instances present on the platform'

Re: [edk2-devel] [PATCH] SecurityPkg: Debug code to audit BIOS TPM extend operations.

extend operations > performed by BIOS and inspect the PCR 00 value prior to > any BIOS measurements. > > Replaced usage of EFI_D_* for DEBUG_* definitions in debug > messages. > > Signed-off-by: Rodrigo Gonzalez del Cueto > > Cc: Jiewen Yao > Cc: