[202405][Rebase&&FF] Everything MS Changes (#311)

0461663

## Description

- [ ] Impacts functionality?
- **Functionality** - Does the change ultimately impact how firmware
functions?
- Examples: Add a new library, publish a new PPI, update an algorithm,
...
- [ ] Impacts security?
- **Security** - Does the change have a direct security impact on an
application,
    flow, or firmware?
  - Examples: Crypto algorithm change, buffer overflow fix, parameter
    validation improvement, ...
- [ ] Breaking change?
- **Breaking change** - Will anyone consuming this change experience a
break
    in build or boot behavior?
- Examples: Add a new library class, move a module to a different repo,
call
    a function in a new library class in a pre-existing module, ...
- [ ] Includes tests?
  - **Tests** - Does the change include any explicit test code?
  - Examples: Unit tests, integration tests, robot tests, ...
- [ ] Includes documentation?
- **Documentation** - Does the change contain explicit documentation
additions
    outside direct code modifications (and comments)?
- Examples: Update readme file, add feature readme file, link to
documentation
    on an a separate Web page, ...

## How This Was Tested
Local CI

## Integration Instructions
N/A

---------

Co-authored-by: Bret Barkelew <bret.barkelew@microsoft.com>

SecurityPkg/Include/Library/Tcg2PreUefiEventLogLib.h

@@ -0,0 +1,23 @@
+/** @file -- Tcg2PreUefiEventLogLib.h
+  This describes the interface that should be published by instances of the
+  Tcg2PreUefiEventLogLib. This library can be used to publish TPM EventLog
+  entries for measurements that may have been made prior to driver
+  initialization.
+
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+**/
+
+#ifndef TCG_2_PRE_UEFI_EVENT_LOG_LIB_H_
+#define TCG_2_PRE_UEFI_EVENT_LOG_LIB_H_
+
+/**
+  Create the EventLog entries.
+**/
+VOID
+EFIAPI
+CreateTcg2PreUefiEventLogEntries (
+  VOID
+  );
+
+#endif // TCG_2_PRE_UEFI_EVENT_LOG_LIB_H_

SecurityPkg/Include/Library/Tpm2CommandLib.h

@@ -1241,4 +1241,24 @@ Tpm2PcrReadForActiveBank (
   OUT     TPML_DIGEST  *HashList
   );
 
+// MU_CHANGE [BEGIN]
+
+/**
+  Check if all hash algorithms supported in HashAlgorithmMask are
+  present in the DigestList.
+
+  @param DigestList         Digest list
+  @param HashAlgorithmMask  Bitfield of allowed hash algorithms.
+
+  @retval TRUE  All hash algorithms present.
+  @retval FALSE Some hash algorithms not present.
+**/
+BOOLEAN
+IsDigestListInSyncWithHashAlgorithmMask (
+  IN TPML_DIGEST_VALUES  *DigestList,
+  IN UINT32              HashAlgorithmMask
+  );
+
+// MU_CHANGE [END]
+
 #endif

SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c

@@ -212,6 +212,25 @@ AuthVariableLibInitialize (
   if (!EFI_ERROR (Status)) {
     if (mPlatformMode == USER_MODE) {
       SecureBootEnable = *(UINT8 *)Data;
+      // MU_CHANGE_173316
+      // MU_CHANGE [BEGIN] - In our implementation, we do not allow SecureBootEnable to override mPlatformMode.
+      // If SecureBootEnable is FOUND and mPlatformMode is USER_MODE, ensure that
+      //  SecureBootEnable == SECURE_BOOT_ENABLE.
+      if (SecureBootEnable == SECURE_BOOT_DISABLE) {
+        SecureBootEnable = SECURE_BOOT_ENABLE;
+        Status           = AuthServiceInternalUpdateVariable (
+                             EFI_SECURE_BOOT_ENABLE_NAME,
+                             &gEfiSecureBootEnableDisableGuid,
+                             &SecureBootEnable,
+                             sizeof (UINT8),
+                             EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
+                             );
+        if (EFI_ERROR (Status)) {
+          return Status;
+        }
+      }
+
+      // MU_CHANGE [END]
     }
   } else if (mPlatformMode == USER_MODE) {
     //

SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c

@@ -374,14 +374,19 @@ Tcg2UserConfirm (
   IN      UINT32  TpmPpCommandParameter
   )
 {
-  CHAR16                            *ConfirmText;
-  CHAR16                            *TmpStr1;
-  CHAR16                            *TmpStr2;
-  UINTN                             BufSize;
-  BOOLEAN                           CautionKey;
-  BOOLEAN                           NoPpiInfo;
-  UINT16                            Index;
-  CHAR16                            DstStr[81];
+  CHAR16   *ConfirmText;
+  CHAR16   *TmpStr1;
+  CHAR16   *TmpStr2;
+  UINTN    BufSize;
+  BOOLEAN  CautionKey;
+  BOOLEAN  NoPpiInfo;
+  // MU_CHANGE_70401
+  // MU_CHANGE [BEGIN] - Add a boolean to track the results and remove temporary string buffer.
+  // We now hand the full string off to a helper function to display the user confirmation dialog.
+  BOOLEAN  Result;
+  // UINT16                            Index;
+  // CHAR16                            DstStr[81];
+  // MU_CHANGE [END]
   CHAR16                            TempBuffer[1024];
   CHAR16                            TempBuffer2[1024];
   EFI_TCG2_PROTOCOL                 *Tcg2Protocol;
@@ -583,11 +588,14 @@ Tcg2UserConfirm (
   BufSize -= StrSize (ConfirmText);
   UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);
 
-  DstStr[80] = L'\0';
-  for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
-    StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
-    Print (DstStr);
-  }
+  // MU_CHANGE_70401
+  // MU_CHANGE [BEGIN] - We now hand the full string off to a helper function to display the user confirmation dialog.
+  // DstStr[80] = L'\0';
+  // for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
+  //   StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
+  //   Print (DstStr);
+  // }
+  Result = PromptForUserConfirmation (ConfirmText);     // JBB TODO: Alter EDKII to call out to a vendor function to do this.
 
   FreePool (TmpStr1);
   FreePool (TmpStr2);
@@ -598,7 +606,9 @@ Tcg2UserConfirm (
   //   return TRUE;
   // }
 
-  return FALSE;
+  // return FALSE;
+  return Result;
+  // MU_CHANGE [END]
 }
 
 /**
@@ -662,35 +672,56 @@ Tcg2HaveValidTpmRequest  (
       break;
 
     case TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS:
-      if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS) == 0) {
-        *RequestConfirmed = TRUE;
+      // MU_CHANGE_108842
+      // MU_CHANGE [BEGIN] - Do not allow Flags to bypass confirmation in production mode.
+
+      if (PcdGetBool (PcdDisallowPPIPersistentClearPermissions)) {
+        if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS) == 0) {
+          *RequestConfirmed = TRUE;
+        }
       }
 
+      // MU_CHANGE [END]
       break;
 
     case TCG2_PHYSICAL_PRESENCE_CHANGE_EPS:
-      if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS) == 0) {
-        *RequestConfirmed = TRUE;
+      // MU_CHANGE_108842
+      // MU_CHANGE [BEGIN] - Do not allow Flags to bypass confirmation in production mode.
+      if (PcdGetBool (PcdDisallowPPIPersistentClearPermissions)) {
+        if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS) == 0) {
+          *RequestConfirmed = TRUE;
+        }
       }
 
+      // MU_CHANGE [END]
       break;
 
     case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
       *RequestConfirmed = TRUE;
       break;
 
     case TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID:
-      if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
-        *RequestConfirmed = TRUE;
+      // MU_CHANGE_108842
+      // MU_CHANGE [BEGIN] - Do not allow Flags to bypass confirmation in production mode.
+      if (PcdGetBool (PcdDisallowPPIPersistentClearPermissions)) {
+        if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
+          *RequestConfirmed = TRUE;
+        }
       }
 
+      // MU_CHANGE [END]
       break;
 
     case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID:
-      if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
-        *RequestConfirmed = TRUE;
+      // MU_CHANGE_108842
+      // MU_CHANGE [BEGIN] - Do not allow Flags to bypass confirmation in production mode.
+      if (PcdGetBool (PcdDisallowPPIPersistentClearPermissions)) {
+        if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
+          *RequestConfirmed = TRUE;
+        }
       }
 
+      // MU_CHANGE [END]
       break;
 
     case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE:
@@ -898,7 +929,7 @@ Tcg2ExecutePendingTpmRequest (
       return;
   }
 
-  Print (L"Rebooting system to make TPM2 settings in effect\n");
+  // Print (L"Rebooting system to make TPM2 settings in effect\n");         // MU_CHANGE
   gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
   ASSERT (FALSE);
 }
@@ -922,12 +953,16 @@ Tcg2PhysicalPresenceLibProcessRequest (
   IN      TPM2B_AUTH  *PlatformAuth  OPTIONAL
   )
 {
-  EFI_STATUS                        Status;
-  UINTN                             DataSize;
-  EFI_TCG2_PHYSICAL_PRESENCE        TcgPpData;
-  EDKII_VARIABLE_LOCK_PROTOCOL      *VariableLockProtocol;
+  EFI_STATUS                  Status;
+  UINTN                       DataSize;
+  EFI_TCG2_PHYSICAL_PRESENCE  TcgPpData;
+  // EDKII_VARIABLE_LOCK_PROTOCOL      *VariableLockProtocol;  // MU_CHANGE
   EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  PpiFlags;
 
+  // MU_CHANGE_212735
+  // MU_CHANGE [BEGIN]
+
+  /*
   //
   // This flags variable controls whether physical presence is required for TPM command.
   // It should be protected from malicious software. We set it as read-only variable here.
@@ -952,6 +987,8 @@ Tcg2PhysicalPresenceLibProcessRequest (
     DEBUG ((DEBUG_INFO, "S4 Resume, Skip TPM PP process!\n"));
     return;
   }
+  */
+  // MU_CHANGE [END]
 
   //
   // Initialize physical presence flags.
@@ -965,6 +1002,10 @@ Tcg2PhysicalPresenceLibProcessRequest (
                     &PpiFlags
                     );
   if (EFI_ERROR (Status)) {
+    // MU_CHANGE_212735
+    // MU_CHANGE [BEGIN]
+
+    /*
     PpiFlags.PPFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
     Status           = gRT->SetVariable (
                               TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
@@ -977,8 +1018,11 @@ Tcg2PhysicalPresenceLibProcessRequest (
       DEBUG ((DEBUG_ERROR, "[TPM2] Set physical presence flag failed, Status = %r\n", Status));
       return;
     }
-
     DEBUG ((DEBUG_INFO, "[TPM2] Initial physical presence flags value is 0x%x\n", PpiFlags.PPFlags));
+    */
+
+    return;
+    // MU_CHANGE [END]
   }
 
   //
@@ -994,6 +1038,11 @@ Tcg2PhysicalPresenceLibProcessRequest (
                     );
   if (EFI_ERROR (Status)) {
     ZeroMem ((VOID *)&TcgPpData, sizeof (TcgPpData));
+    // MU_CHANGE_212735
+    // MU_CHANGE [BEGIN]
+
+    /*
+    ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
     DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
     Status   = gRT->SetVariable (
                       TCG2_PHYSICAL_PRESENCE_VARIABLE,
@@ -1006,6 +1055,10 @@ Tcg2PhysicalPresenceLibProcessRequest (
       DEBUG ((DEBUG_ERROR, "[TPM2] Set physical presence variable failed, Status = %r\n", Status));
       return;
     }
+    */
+
+    return;
+    // MU_CHANGE [END]
   }
 
   DEBUG ((DEBUG_INFO, "[TPM2] Flags=%x, PPRequest=%x (LastPPRequest=%x)\n", PpiFlags.PPFlags, TcgPpData.PPRequest, TcgPpData.LastPPRequest));

SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf

@@ -58,6 +58,7 @@
 
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags       ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdDisallowPPIPersistentClearPermissions  ## CONSUMES # MU_CHANGE 108842
 
 [Guids]
   ## SOMETIMES_CONSUMES ## HII

SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni

@@ -12,8 +12,18 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #string TPM_PPI_HEAD_STR              #language en-US    "A configuration change was requested to allow the Operating System to %s the computer's TPM (Trusted Platform Module) without asking for user confirmation in the future.\n\n"
 
 #string TPM_ACCEPT_KEY                #language en-US    "Press F10 "
-#string TPM_CAUTION_KEY               #language en-US    "Press F12 "
-#string TPM_REJECT_KEY                #language en-US    "to %s the TPM \nPress ESC to reject this change request and continue\n"
+
+/**
+MU_CHANGE_70401
+MU_CHANGE [BEGIN] - Alter the strings to reflect the new dialog box.
+**/
+#string TPM_CAUTION_KEY               #language en-US    "Press OK "
+#string TPM_REJECT_KEY                #language en-US    "to %s the TPM \nPress CANCEL to reject this change request and continue\n"
+// #string TPM_CAUTION_KEY               #language en-US    "Press F12 "
+// #string TPM_REJECT_KEY                #language en-US    "to %s the TPM \nPress ESC to reject this change request and continue\n"
+/**
+MU_CHANGE [END]
+**/
 
 #string TPM_ENABLE                    #language en-US    "enable"
 #string TPM_DISABLE                   #language en-US    "disable"

SecurityPkg/Library/DxeTcg2PhysicalPresenceMinimumLib/DxeTcg2PhysicalPresenceMinimumLib.inf

@@ -8,8 +8,7 @@
 # SPDX-License-Identifier: BSD-2-Clause-Patent
 #
 ##
-
-#Override : 00000002 | SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 6205753f2abf9126f2711c5f154f9f99 | 2024-07-24T18-06-30 | 69ff4b6fc889c8e66101cad3dcf8be3d516e038d
+#Override : 00000002 | SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 9755efb1cbfd445f85b13fac552bcadc| 2024-07-24T18-06-30 | 69ff4b6fc889c8e66101cad3dcf8be3d516e038d
 # This is not a true override, but spell changes to ensure mu_tiano_plus passes CI is required and changes the hash.
 
 [Defines]

SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/MmTcg2PhysicalPresenceLibCommon.c

@@ -128,6 +128,21 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
     goto EXIT;
   }
 
+  // MU_CHANGE_108842
+  // MSChange [BEGIN] - Do not allow the PPI flags (persistent clear permission) request in ship mode.
+  if (PcdGetBool (PcdDisallowPPIPersistentClearPermissions)) {
+    if ((*OperationRequest == TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CHANGE_PCRS_FALSE) ||
+        (*OperationRequest == TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CHANGE_EPS_FALSE) ||
+        (*OperationRequest == TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_TURN_OFF_FALSE))
+    {
+      DEBUG ((DEBUG_ERROR, "[TPM2] Refusing to process PPI flags request in production!\n"));
+      ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS;
+      goto EXIT;
+    }
+  }
+
+  // MU_CHANGE [END]
+
   if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
       (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))
   {

SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf

@@ -53,6 +53,7 @@
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer  ## CONSUMES
   gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags        ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdDisallowPPIPersistentClearPermissions  ## CONSUMES # MU_CHANGE 108842
 
 [Depex]
   gEfiSmmVariableProtocolGuid

SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/StandaloneMmTcg2PhysicalPresenceLib.inf

@@ -57,6 +57,7 @@
 [Pcd]
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer  ## CONSUMES
   gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags        ## SOMETIMES_CONSUMES
+  gEfiSecurityPkgTokenSpaceGuid.PcdDisallowPPIPersistentClearPermissions  ## CONSUMES # MU_CHANGE 108842
 
 [Depex]
   gEfiSmmVariableProtocolGuid