Skip to content

Latest commit

 

History

History
81 lines (63 loc) · 3.77 KB

SecurityPkgNotes.md

File metadata and controls

81 lines (63 loc) · 3.77 KB
Raw

UDK2017 SecurityPkg Notes

NEW FEATURES AND CHANGES

  1. Authenticated variable and secure boot

    1. Implement new cert database "certdbv" for volatile timebased auth variable.
    2. Fix wrong image verification process against DBX & DBT. Signed image must not be blocked by any cert/cert hash in DBX, event if signature timestamp can pass verify.
    3. Enforce certificate database clean up to keep certificate database consistent with timebased auth variable.
    4. Enforce SHA256 algorithm check when verifying EFI_VARIABLE_AUTHENTICATION_2 in SetVariable.
    5. Support EFI_VARIABLE_AUTHENTICATION_2 data format signature enrollment in SecuerBootConfigDxe.

  2. TCG TPM

    1. Move Smbios table measurement from Tcg DXE Driver to SmbiosDxe.
    2. Add TPM2.0 Startup error handling in S3 path.
    3. Clear AuthSession content after Tpm2 Command execution to prevent secrete leakage.
    4. Correct NumberOfPCRBanks calculation. NumberOfPCRBanks is determined by TPM2.0 Supported algorithm & BIOS supported algorithm.
    5. Deprecate MORLock Module used for MOR lock v1. MOR lock V2 solution is supported in variable driver.
    6. Add TPM PTP CRB, FIFO support in TPM2 dTPM device lib.
    7. Change TPM2.0 MMIO range attribute to ReadWrite.
    8. Upgrade TCG2 PPI version to "1.3", it is configurable from Tcg2ConfigDxe.
    9. Generate TPM2.0 ACPI object HID from TPM vendor ManufacturerID & FirmwareVersion1 info.
    10. Upgrade TPM2 ACPI table revision to Rev 4, it is configurable from Tcg2ConfigDxe.
    11. Follow TCG PC-Client PFP Spec 00.21 to measure DBT, SecureBoot initial content&updated content to PCR[7], measure BootOrder, Boot#### to PCR[1], measure boot attempt to PCR[4].
    12. Filter inactive event digests generated by Tcg2Pei when Tcg2Dxe copying them to TCG event2 log.

  3. Misc

    1. Fix RSA2048SHA256 guided section extraction lib GetInfo output buffer size error.

PACKAGE INTERFACE CHANGES

  1. New Tpm12CommandLib library class is added to replace TpmCommLib.Library. This library is linked to TcgPei, TcgDxe, TcgConfigDxe. New Tpm12DeviceLib library class is added to support various TPM1.2 communication interfaces.

  2. New TCG OpalPasswordDxe, OpalPasswordSmm modules, OpalPasswordSupport, TcgStorageCoreLib, TcgStorageOpalLib library classes are added to support TCG Opal storage device password authentication and platform physical presence authentication to notify TCG Opal SSC Block SID enabled storage device to block attempts to authenticate the SID authority until a subsequent device power cycle occurs.

  3. New FmpAuthenticationLib library class is added to support signed FMP capsule authentication in recovery & capsule update. 2 library instances, Rsa2048Sha256 and PKCS7, are added accordingly.

  4. New guid gTpm2StartupLocalityHobGuid is added to identify TPM2.0 StartupLocality Hob.

  5. PCD changes

    1. PcdTcgLogAreaMinLen, PcdTcg2FinalLogAreaLen are added to configure TCG event log and TCG2 final event log area length.
    2. PcdTcgPhysicalPresenceInterfaceVer is added to configure TCG2 PPI version.
    3. PcdUserPhysicalPresence is added to indicate user physical presence.
    4. PcdPkcs7CertBuffer is added to store certificate used for Recovery and Capsule Update image verification.
    5. PcdTcg2PhysicalPresenceFlags is added to initialize Persistent Firmware TPM Management Flag and Firmware Storage Management Flag.
    6. PcdTpm2AcpiTableRev is added to configure TPM2 ACPI table revision.

INCOMPATIBLE CHANGES

  1. Image SHA1 hash is always rejected by SecureBootConfigDxe during signature database enrollment, even if the signed image signature comes with SHA1 hash.