diff options
| author | Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com> | 2021-12-17 10:47:07 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-12-17 15:03:43 +0000 |
| commit | 8ed8568922be9b5f7111fc1297317106aba7ab52 (patch) | |
| tree | 9a9ee361b39b4522c1352446792525b30938e526 /SecurityPkg/Include | |
| parent | b451c6908878c448c2a2aa6e9ca2a2dfe078fbb8 (diff) | |
| download | edk2-8ed8568922be9b5f7111fc1297317106aba7ab52.zip edk2-8ed8568922be9b5f7111fc1297317106aba7ab52.tar.gz edk2-8ed8568922be9b5f7111fc1297317106aba7ab52.tar.bz2 | |
SecurityPkg: Debug code to audit BIOS TPM extend operations
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2858
In V2: Fixed patch format and uncrustify cleanup
In V1: Add debug functionality to examine TPM extend operations
performed by BIOS and inspect the PCR 00 value prior to
any BIOS measurements.
Signed-off-by: Rodrigo Gonzalez del Cueto <rodrigo.gonzalez.del.cueto@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Diffstat (limited to 'SecurityPkg/Include')
| -rw-r--r-- | SecurityPkg/Include/Library/Tpm2CommandLib.h | 33 |
1 files changed, 25 insertions, 8 deletions
diff --git a/SecurityPkg/Include/Library/Tpm2CommandLib.h b/SecurityPkg/Include/Library/Tpm2CommandLib.h index 2e83a2f..a2fb97f 100644 --- a/SecurityPkg/Include/Library/Tpm2CommandLib.h +++ b/SecurityPkg/Include/Library/Tpm2CommandLib.h @@ -1,7 +1,7 @@ /** @file
This library is used by other modules to send TPM2 command.
-Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+Copyright (c) 2013 - 2021, Intel Corporation. All rights reserved. <BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -503,9 +503,9 @@ Tpm2PcrExtend ( EFI_STATUS
EFIAPI
Tpm2PcrEvent (
- IN TPMI_DH_PCR PcrHandle,
- IN TPM2B_EVENT *EventData,
- OUT TPML_DIGEST_VALUES *Digests
+ IN TPMI_DH_PCR PcrHandle,
+ IN TPM2B_EVENT *EventData,
+ OUT TPML_DIGEST_VALUES *Digests
);
/**
@@ -522,10 +522,10 @@ Tpm2PcrEvent ( EFI_STATUS
EFIAPI
Tpm2PcrRead (
- IN TPML_PCR_SELECTION *PcrSelectionIn,
- OUT UINT32 *PcrUpdateCounter,
- OUT TPML_PCR_SELECTION *PcrSelectionOut,
- OUT TPML_DIGEST *PcrValues
+ IN TPML_PCR_SELECTION *PcrSelectionIn,
+ OUT UINT32 *PcrUpdateCounter,
+ OUT TPML_PCR_SELECTION *PcrSelectionOut,
+ OUT TPML_DIGEST *PcrValues
);
/**
@@ -1113,4 +1113,21 @@ GetDigestFromDigestList ( OUT VOID *Digest
);
+/**
+ This function will query the TPM to determine which hashing algorithms and
+ get the digests of all active and supported PCR banks of a specific PCR register.
+
+ @param[in] PcrHandle The index of the PCR register to be read.
+ @param[out] HashList List of digests from PCR register being read.
+
+ @retval EFI_SUCCESS The Pcr was read successfully.
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.
+**/
+EFI_STATUS
+EFIAPI
+Tpm2PcrReadForActiveBank (
+ IN TPMI_DH_PCR PcrHandle,
+ OUT TPML_DIGEST *HashList
+ );
+
#endif
|