v2023110000.1.0
What's Changed
-
Addeding dTPM support for MM Core module type @kuqin12 (#259)
Change Details
Description
The current dTPM library instance only supports MM_STANDALONE, which makes the MM core module unable to use this instance.
This change expands the support for this library to cover MM_CORE_STANDALONE as well.
For each item, place an "x" in between
[and]if true. Example:[x].
(you can also check items in the GitHub UI)- Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
- Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
- Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
- Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
- Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
This was tested on QEMU Q35 and verified bootable to UEFI shell.
Integration Instructions
N/A
- Impacts functionality?
🚀 Features & ✨ Enhancements
-
[CHERRY-PICK] Device Security Support Changes [REBASE \& FF] @makubacki (#268)
Change Details
Description
This cherry-pick series includes the SecurityPkg patches to support SPDM device authentication and measurement.
-
Adds the libspdm submodule - A SPDM implementation in the DMTF repo.
-
Adds TCG PFP 1.06 support - Adds support for the
Tpm2ExtendNvIndex()API. -
Adds core Device Security libraries in SecurityPkg
-
Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
-
Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
-
Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
-
Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
-
Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- EDK II testing
- Tests in DeviceSecurityTestPkg
Integration Instructions
- See some integration examples in DeviceSecurityTestPkg
- This change depends on the Mu Basecore changes in microsoft/mu_basecore#846. You must ensure those changes are also in your repo.
-
🔐 Security Impacting
-
[CHERRY-PICK] Device Security Support Changes [REBASE \& FF] @makubacki (#268)
Change Details
Description
This cherry-pick series includes the SecurityPkg patches to support SPDM device authentication and measurement.
-
Adds the libspdm submodule - A SPDM implementation in the DMTF repo.
-
Adds TCG PFP 1.06 support - Adds support for the
Tpm2ExtendNvIndex()API. -
Adds core Device Security libraries in SecurityPkg
-
Impacts functionality?
- Functionality - Does the change ultimately impact how firmware functions?
- Examples: Add a new library, publish a new PPI, update an algorithm, ...
-
Impacts security?
- Security - Does the change have a direct security impact on an application,
flow, or firmware? - Examples: Crypto algorithm change, buffer overflow fix, parameter
validation improvement, ...
- Security - Does the change have a direct security impact on an application,
-
Breaking change?
- Breaking change - Will anyone consuming this change experience a break
in build or boot behavior? - Examples: Add a new library class, move a module to a different repo, call
a function in a new library class in a pre-existing module, ...
- Breaking change - Will anyone consuming this change experience a break
-
Includes tests?
- Tests - Does the change include any explicit test code?
- Examples: Unit tests, integration tests, robot tests, ...
-
Includes documentation?
- Documentation - Does the change contain explicit documentation additions
outside direct code modifications (and comments)? - Examples: Update readme file, add feature readme file, link to documentation
on an a separate Web page, ...
- Documentation - Does the change contain explicit documentation additions
How This Was Tested
- EDK II testing
- Tests in DeviceSecurityTestPkg
Integration Instructions
- See some integration examples in DeviceSecurityTestPkg
- This change depends on the Mu Basecore changes in microsoft/mu_basecore#846. You must ensure those changes are also in your repo.
-
Full Changelog: v2023110000.0.5...v2023110000.1.0
