[edk2-devel] [PATCH] SecurityPkg: Add RPMC Index to the RpmcLib

Yao, Jiewen jiewen.yao at intel.com
Fri Nov 20 07:38:37 UTC 2020 

Hey
The more I review the code, the more I think we should revisit the usage mode for multiple counters.

Some thought:

1) In previous design, it is very clear that we only have one counter. We read it and we increase it.
But here, if we add Index, that means there could be multiple counters. Then the question is how many? There is no API to tell us how many counters we can use.
For multiple counter case, I think we need at least one API - GetCounterNumber().

2) The description for Index is not clear.
Does that start from 0 or 1, to any ID to match hardware?
If it is the last one, then we need a bit-mask, or a valid ID array to show which counter number is valid to use.

3) Compatibility is another problem, if the old solution *just* need one counter, then it has to use the new API to select which counter?

Now, I am not sure if using *Index* is the best way to resolve the problem.

I recommend we check in a real solution to use the RpmcLib, then we can see what interface is really needed.

Thank you
Yao Jiewen


> -----Original Message-----
> From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of Wang,
> Jian J
> Sent: Wednesday, November 18, 2020 11:35 AM
> To: devel at edk2.groups.io; Mistry, Nishant C <nishant.c.mistry at intel.com>
> Subject: Re: [edk2-devel] [PATCH] SecurityPkg: Add RPMC Index to the
> RpmcLib
> 
> 
> Reviewed-by: Jian J Wang <jian.j.wang at intel.com>
> 
> Regards,
> Jian
> 
> > -----Original Message-----
> > From: devel at edk2.groups.io <devel at edk2.groups.io> On Behalf Of
> Nishant
> > Mistry
> > Sent: Thursday, November 12, 2020 2:49 AM
> > To: devel at edk2.groups.io
> > Subject: [edk2-devel] [PATCH] SecurityPkg: Add RPMC Index to the RpmcLib
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2594
> >
> > The re-design requires multiple RPMC counter usages.
> > The consumer will be capable of selecting amongst multiple counters.
> >
> > Signed-off-by: Nishant C Mistry <nishant.c.mistry at intel.com>
> > ---
> >  SecurityPkg/Include/Library/RpmcLib.h         | 6 +++++-
> >  SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c | 6 +++++-
> >  2 files changed, 10 insertions(+), 2 deletions(-)
> >
> > diff --git a/SecurityPkg/Include/Library/RpmcLib.h
> > b/SecurityPkg/Include/Library/RpmcLib.h
> > index 5882bfae2f..3c15bce1ce 100644
> > --- a/SecurityPkg/Include/Library/RpmcLib.h
> > +++ b/SecurityPkg/Include/Library/RpmcLib.h
> > @@ -14,6 +14,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >  /**
> >    Requests the monotonic counter from the designated RPMC counter.
> >
> > +  @param[in]    CounterIndex            The RPMC index
> >    @param[out]   CounterValue            A pointer to a buffer to store the
> RPMC
> > value.
> >
> >    @retval       EFI_SUCCESS             The operation completed successfully.
> > @@ -23,12 +24,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >  EFI_STATUS
> >  EFIAPI
> >  RequestMonotonicCounter (
> > +  IN  UINT8   CounterIndex,
> >    OUT UINT32  *CounterValue
> >    );
> >
> >  /**
> >    Increments the monotonic counter in the SPI flash device by 1.
> >
> > +  @param[in]    CounterIndex            The RPMC index
> > +
> >    @retval       EFI_SUCCESS             The operation completed successfully.
> >    @retval       EFI_DEVICE_ERROR        A device error occurred while
> attempting
> > to update the counter.
> >    @retval       EFI_UNSUPPORTED         The operation is un-supported.
> > @@ -36,7 +40,7 @@ RequestMonotonicCounter (
> >  EFI_STATUS
> >  EFIAPI
> >  IncrementMonotonicCounter (
> > -  VOID
> > +  IN  UINT8   CounterIndex
> >    );
> >
> >  #endif
> > diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > index e1dd09eb10..697e493a7c 100644
> > --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > +++ b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c
> > @@ -12,6 +12,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >  /**
> >    Requests the monotonic counter from the designated RPMC counter.
> >
> > +  @param[in]    CounterIndex            The RPMC index
> >    @param[out]   CounterValue            A pointer to a buffer to store the
> RPMC
> > value.
> >
> >    @retval       EFI_SUCCESS             The operation completed successfully.
> > @@ -21,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
> >  EFI_STATUS
> >  EFIAPI
> >  RequestMonotonicCounter (
> > +  IN  UINT8   CounterIndex,
> >    OUT UINT32  *CounterValue
> >    )
> >  {
> > @@ -31,6 +33,8 @@ RequestMonotonicCounter (
> >  /**
> >    Increments the monotonic counter in the SPI flash device by 1.
> >
> > +  @param[in]    CounterIndex            The RPMC index
> > +
> >    @retval       EFI_SUCCESS             The operation completed successfully.
> >    @retval       EFI_DEVICE_ERROR        A device error occurred while
> attempting
> > to update the counter.
> >    @retval       EFI_UNSUPPORTED         The operation is un-supported.
> > @@ -38,7 +42,7 @@ RequestMonotonicCounter (
> >  EFI_STATUS
> >  EFIAPI
> >  IncrementMonotonicCounter (
> > -  VOID
> > +  IN  UINT8   CounterIndex
> >    )
> >  {
> >    ASSERT (FALSE);
> > --
> > 2.16.2.windows.1
> >
> >
> >
> >
> >
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#67756): https://edk2.groups.io/g/devel/message/67756
Mute This Topic: https://groups.io/mt/78195042/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list