[edk2-devel] [PATCH v1 0/1] Sync the PcdTpm2HashMask to the active PCR banks
Snehal Kangralkar
snehal.kangralkar at intel.com
Fri Jul 1 17:42:12 UTC 2022
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=3923
According to definition of PcdTpm2HashMask, the mask reflects the PCR
banks which need to be extended.
In the Tcg2Pei SyncPcrAllocationsAndPcrMask function, we are setting
PcdTpm2HashMask to match the active PCR banks, but this will only occur
if the mask was originally set to 0.
Always syncing the PcdTpm2HashMask to the active PCR banks in the TPM.
Only then we do see the computed hashes are limited to those PCRs
which are active.
Cc: Jiewen Yao <jiewen.yao at intel.com>
Cc: Qi Zhang <qi1.zhang at intel.com>
Signed-off-by: Snehal Kangralkar <snehal.kangralkar at intel.com>
Snehal Kangralkar (1):
SecurityPkg : Sync PcdTpm2HashMask to the active PCR banks in the TPM
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c | 11 +++--------
1 file changed, 3 insertions(+), 8 deletions(-)
--
2.36.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#91018): https://edk2.groups.io/g/devel/message/91018
Mute This Topic: https://groups.io/mt/92157476/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list