feat: add security config structure
Add security config structure for `EV_SECURITY_CONFIG` event. This event
records security configuration such as security lifecycle state,
debug/trace state, or other vendor-specific security
configuration. The hash of this structure is extended into PCR 1.
Length of elements `Name` and `ConfigData` can be overridden by
consumers of this library as required.
The `EV_SECURITY_CONFIG` event and its associated structure will be
defined in an upcoming TCG spec.
Change-Id: I955897233af638c777cca97bd06c0ce3f0ea89c7
Signed-off-by: Mudit Sharma <mudit.sharma@arm.com>
diff --git a/include/tcg.h b/include/tcg.h
index 682364b..67f3e40 100644
--- a/include/tcg.h
+++ b/include/tcg.h
@@ -55,6 +55,14 @@
#define EV_EFI_HCRTM_EVENT 0x80000010U
#define EV_EFI_VARIABLE_AUTHORITY 0x800000E0U
+#ifndef MAX_SECURITY_CONFIG_NAME_LEN
+#define MAX_SECURITY_CONFIG_NAME_LEN 0x20
+#endif
+
+#ifndef MAX_SECURITY_CONFIG_DATA_LEN
+#define MAX_SECURITY_CONFIG_DATA_LEN 0x32
+#endif
+
/* Table 7 - TPM_ALG_ID */
typedef uint16_t tpm_alg_id;
@@ -302,6 +310,27 @@
uint8_t startup_locality;
} startup_locality_event_t;
+typedef struct security_config_data {
+ /* The length of the name field in this structure */
+ uint64_t name_length;
+
+ /*
+ * An 8-bit ASCII string which is the name of the
+ * configuration data in this structure.
+ * This string shall not be NULL terminated
+ */
+ uint8_t name[MAX_SECURITY_CONFIG_NAME_LEN];
+
+ /* The length of the config_data field in this structure */
+ uint64_t config_data_length;
+
+ /*
+ * An array containing the bytes of the security configuration
+ * data measured. The format of this data depends on the name.
+ */
+ uint8_t config_data[MAX_SECURITY_CONFIG_DATA_LEN];
+} security_config_data_t;
+
#pragma pack(pop)
#endif /* TCG_H */