[Qemu-devel] [PATCH v2 8/8] ovmf: add DxeTpm2MeasureBootLib

[marcandre . lureau]

From: Marc-André Lureau <address@hidden>

The library registers a security management handler, to measure images
that are not measure in PEI phase.

This seems to work for example with the qemu PXE rom:

Loading driver at 0x0003E6C2000 EntryPoint=0x0003E6C9076 8086100e.efi

And the following binary_bios_measurements log entry seems to be
added:

PCR: 2  type: EV_EFI_BOOT_SERVICES_DRIVER       size: 0x4e      digest: 
70a22475e9f18806d2ed9193b48d80d26779d9a4

Cc: Laszlo Ersek <address@hidden>
Cc: Stefan Berger <address@hidden>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Marc-André Lureau <address@hidden>
---
 OvmfPkg/OvmfPkgX64.dsc | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/OvmfPkg/OvmfPkgX64.dsc b/OvmfPkg/OvmfPkgX64.dsc
index 7753852144fb..9db1712e3623 100644
--- a/OvmfPkg/OvmfPkgX64.dsc
+++ b/OvmfPkg/OvmfPkgX64.dsc
@@ -662,6 +662,9 @@ [Components]
     <LibraryClasses>
 !if $(SECURE_BOOT_ENABLE) == TRUE
       
NULL|SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
+!endif
+!if $(TPM2_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
 !endif
   }
 
-- 
2.16.2.346.g9779355e34