[Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib

From:	marcandre . lureau
Subject:	[Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib
Date:	Fri, 23 Feb 2018 14:23:11 +0100

From: Marc-André Lureau <address@hidden>

The library registers a security management handler, to measure images
that are not measure in PEI phase.

This seems to work for example with the qemu PXE rom:

Loading driver at 0x0003E6C2000 EntryPoint=0x0003E6C9076 8086100e.efi

And the following binary_bios_measurements log entry seems to be
added:

PCR: 2  type: EV_EFI_BOOT_SERVICES_DRIVER       size: 0x4e      digest: 
70a22475e9f18806d2ed9193b48d80d26779d9a4

CC: Laszlo Ersek <address@hidden>
CC: Stefan Berger <address@hidden>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Marc-André Lureau <address@hidden>
---
 OvmfPkg/OvmfPkgX64.dsc | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 2281bd5ff8..92ed9f3b0c 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -677,7 +677,10 @@
   MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf {
     <LibraryClasses>
       
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
-       }
+!if $(TPM2_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
+!endif
+  }
 !else
   MdeModulePkg/Universal/SecurityStubDxe/SecurityStubDxe.inf
 !endif
-- 
2.16.1.73.g5832b7e9f2

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 3/7] HACK: HobLib: workaround infinite loop, (continued)
- [Qemu-devel] [PATCH 3/7] HACK: HobLib: workaround infinite loop, marcandre . lureau, 2018/02/23
  - Re: [Qemu-devel] [PATCH 3/7] HACK: HobLib: workaround infinite loop, Laszlo Ersek, 2018/02/23
  - Re: [Qemu-devel] [edk2] [PATCH 3/7] HACK: HobLib: workaround infinite loop, Andrew Fish, 2018/02/23
- [Qemu-devel] [PATCH 1/7] SecurityPkg/Tcg2Pei: drop Tcg2PhysicalPresenceLib dependency, marcandre . lureau, 2018/02/23
  - Re: [Qemu-devel] [edk2] [PATCH 1/7] SecurityPkg/Tcg2Pei: drop Tcg2PhysicalPresenceLib dependency, Laszlo Ersek, 2018/02/23
  - Re: [Qemu-devel] [edk2] [PATCH 1/7] SecurityPkg/Tcg2Pei: drop Tcg2PhysicalPresenceLib dependency, Yao, Jiewen, 2018/02/23
- [Qemu-devel] [PATCH 5/7] ovmf: link with Tcg2Dxe module, marcandre . lureau, 2018/02/23
  - Re: [Qemu-devel] [edk2] [PATCH 5/7] ovmf: link with Tcg2Dxe module, Laszlo Ersek, 2018/02/26
- [Qemu-devel] [PATCH 6/7] ovmf: link with Tcg2ConfigDxe module, marcandre . lureau, 2018/02/23
  - Re: [Qemu-devel] [edk2] [PATCH 6/7] ovmf: link with Tcg2ConfigDxe module, Laszlo Ersek, 2018/02/26
- [Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib, marcandre . lureau <=
  - Re: [Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib, Laszlo Ersek, 2018/02/26
- Re: [Qemu-devel] [edk2] [PATCH 0/7] RFC: ovmf: preliminary TPM2 support, Laszlo Ersek, 2018/02/23

Prev by Date: [Qemu-devel] [PATCH 6/7] ovmf: link with Tcg2ConfigDxe module
Next by Date: Re: [Qemu-devel] [PATCH v2 18/67] target/arm: Implement SVE Stack Allocation Group
Previous by thread: Re: [Qemu-devel] [edk2] [PATCH 6/7] ovmf: link with Tcg2ConfigDxe module
Next by thread: Re: [Qemu-devel] [PATCH 7/7] ovmf: add DxeTpm2MeasureBootLib
Index(es):
- Date
- Thread