edk2[17352] Add a option in setup page in order to configure fTPM feature.

Thu, 07 May 2015 02:04:13 -0700 

Revision: 17352
          http://sourceforge.net/p/edk2/code/17352
Author:   timhe
Date:     2015-05-07 09:03:04 +0000 (Thu, 07 May 2015)
Log Message:
-----------
Add a option in setup page in order to configure fTPM feature. 


Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Tim He <[email protected]>
Reviewed-by: David Wei <[email protected]>

Modified Paths:
--------------
    
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c
    
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/Platform.c
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgX64.dsc
    branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi

Added Paths:
-----------
    branches/UDK2014.SP1/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h

Added: branches/UDK2014.SP1/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h
===================================================================
--- branches/UDK2014.SP1/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h          
                (rev 0)
+++ branches/UDK2014.SP1/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h  
2015-05-07 09:03:04 UTC (rev 17352)
@@ -0,0 +1,32 @@
+/*++
+
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>
+                                                                               
    
+  This program and the accompanying materials are licensed and made available 
under
+  the terms and conditions of the BSD License that accompanies this 
distribution.  
+  The full text of the license may be found at                                 
    
+  http://opensource.org/licenses/bsd-license.php.                              
    
+                                                                               
    
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,        
    
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR 
IMPLIED.    
+                                                                               
    
+--*/
+
+#ifndef _SEC_FTPM_POLICY_PPI_H_
+#define _SEC_FTPM_POLICY_PPI_H_
+
+#define SEC_FTPM_POLICY_PPI_GUID \
+  { \
+    0x4fd1ba49, 0x8f90, 0x471a, 0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0 
\
+  }
+
+extern EFI_GUID  gSeCfTPMPolicyPpiGuid;
+
+//
+// PPI definition
+//
+typedef struct SEC_FTPM_POLICY_PPI {
+  BOOLEAN                 fTPMEnable;
+} SEC_FTPM_POLICY_PPI;
+
+#endif

Modified: 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c
===================================================================
--- 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c
       2015-05-07 02:36:51 UTC (rev 17351)
+++ 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c
       2015-05-07 09:03:04 UTC (rev 17352)
@@ -99,7 +99,7 @@
   
   Status = mPttPassThruProtocol->Tpm2RequestUseTpm (mPttPassThruProtocol);
            
-  return EFI_SUCCESS;
+  return Status;
 }
 
 /**

Modified: 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c
===================================================================
--- 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c
       2015-05-07 02:36:51 UTC (rev 17351)
+++ 
branches/UDK2014.SP1/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c
       2015-05-07 09:03:04 UTC (rev 17352)
@@ -127,7 +127,7 @@
 
   Status = SecPttPassThruPpi->Tpm2RequestUseTpm (SecPttPassThruPpi);
   
-  return EFI_SUCCESS;
+  return Status;
 }
 
 /**

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/Platform.c
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/Platform.c       
2015-05-07 02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/Platform.c       
2015-05-07 09:03:04 UTC (rev 17352)
@@ -37,6 +37,7 @@
 #include <Ppi/MfgMemoryTest.h>
 #include <Guid/SetupVariable.h>
 #include <Guid/Vlv2Variable.h>
+#include <Ppi/fTPMPolicy.h>
 
 //
 // Start::Alpine Valley platform
@@ -199,6 +200,67 @@
   UINT8 *Buffer
   );
 
+
+EFI_STATUS
+FtpmPolicyInit (
+  IN CONST EFI_PEI_SERVICES             **PeiServices,
+  IN SYSTEM_CONFIGURATION         *pSystemConfiguration
+  )
+{
+  EFI_STATUS                      Status;
+  EFI_PEI_PPI_DESCRIPTOR          *mFtpmPolicyPpiDesc;
+  SEC_FTPM_POLICY_PPI             *mFtpmPolicyPpi;
+
+
+  DEBUG((EFI_D_INFO, "FtpmPolicyInit Entry \n"));
+
+  if (NULL == PeiServices ||  NULL == pSystemConfiguration) {
+    DEBUG((EFI_D_ERROR, "Input error. \n"));
+    return EFI_INVALID_PARAMETER;
+  }
+  
+  Status = (*PeiServices)->AllocatePool(
+                             PeiServices,
+                             sizeof (EFI_PEI_PPI_DESCRIPTOR),
+                             (void **)&mFtpmPolicyPpiDesc
+                             );
+  ASSERT_EFI_ERROR (Status);
+
+  Status = (*PeiServices)->AllocatePool(
+                             PeiServices,
+                             sizeof (SEC_FTPM_POLICY_PPI),
+                             (void **)&mFtpmPolicyPpi
+                             );
+  ASSERT_EFI_ERROR (Status);
+
+  //
+  // Initialize PPI
+  //
+  (*PeiServices)->SetMem ((VOID *)mFtpmPolicyPpi, sizeof 
(SEC_FTPM_POLICY_PPI), 0);
+  mFtpmPolicyPpiDesc->Flags = EFI_PEI_PPI_DESCRIPTOR_PPI | 
EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST;
+  mFtpmPolicyPpiDesc->Guid = &gSeCfTPMPolicyPpiGuid;
+  mFtpmPolicyPpiDesc->Ppi = mFtpmPolicyPpi;
+
+
+  DEBUG((EFI_D_INFO, "pSystemConfiguration->fTPM = 0x%x \n", 
pSystemConfiguration->fTPM)); 
+  if(pSystemConfiguration->fTPM == 1) {
+    mFtpmPolicyPpi->fTPMEnable = TRUE;
+  } else {
+    mFtpmPolicyPpi->fTPMEnable = FALSE;
+  }
+
+  Status = (*PeiServices)->InstallPpi(
+                             PeiServices,
+                             mFtpmPolicyPpiDesc
+                             );
+  ASSERT_EFI_ERROR (Status);
+
+  DEBUG((EFI_D_INFO, "FtpmPolicyInit done \n"));
+  
+  return EFI_SUCCESS;
+}
+
+
 /**
   This routine attempts to acquire the SMBus
 
@@ -706,6 +768,14 @@
     );
 
 
+#ifdef FTPM_ENABLE
+  Status = FtpmPolicyInit(PeiServices, &SystemConfiguration);
+  if (EFI_ERROR (Status)) {
+    DEBUG((EFI_D_ERROR, "fTPM init failed.\n"));
+  }
+#endif
+
+
   //
   // Set the new boot mode for MRC
   //

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf  
2015-05-07 02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf  
2015-05-07 09:03:04 UTC (rev 17352)
@@ -116,6 +116,7 @@
   gPeiMfgMemoryTestPpiGuid
   gPeiSha256HashPpiGuid
   gVlvMmioPolicyPpiGuid
+  gSeCfTPMPolicyPpiGuid
 
 [Guids]
   gEfiSetupVariableGuid

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc        
2015-05-07 02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgConfig.dsc        
2015-05-07 09:03:04 UTC (rev 17352)
@@ -50,10 +50,6 @@
 
 DEFINE TPM_ENABLED = FALSE
 
-DEFINE SEC_ENABLE = FALSE
-DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
-DEFINE FTPM_ENABLE = FALSE
-
 DEFINE ACPI50_ENABLE = TRUE
 DEFINE PERFORMANCE_ENABLE = FALSE
 

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc        
2015-05-07 02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc        
2015-05-07 09:03:04 UTC (rev 17352)
@@ -77,6 +77,9 @@
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
 
+  DEFINE SEC_ENABLE = FALSE
+  DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+  DEFINE FTPM_ENABLE = FALSE
 
 
################################################################################
 #

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc  2015-05-07 
02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgIA32.dsc  2015-05-07 
09:03:04 UTC (rev 17352)
@@ -77,6 +77,9 @@
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
 
+  DEFINE SEC_ENABLE = TRUE
+  DEFINE SEC_DEBUG_INFO_ENABLE = TRUE
+  DEFINE FTPM_ENABLE = TRUE
 
 
################################################################################
 #

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgX64.dsc
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgX64.dsc   2015-05-07 
02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformPkgX64.dsc   2015-05-07 
09:03:04 UTC (rev 17352)
@@ -76,8 +76,11 @@
 !endif
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
+  
+  DEFINE SEC_ENABLE = FALSE
+  DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+  DEFINE FTPM_ENABLE = FALSE
 
-
 
################################################################################
 #
 # SKU Identification section - list of all SKU IDs supported by this

Modified: branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi
===================================================================
--- branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi        
2015-05-07 02:36:51 UTC (rev 17351)
+++ branches/UDK2014.SP1/Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi        
2015-05-07 09:03:04 UTC (rev 17352)
@@ -46,19 +46,32 @@
   //TPM related
   //
   subtitle text = STRING_TOKEN(STR_TPM_CONFIGURATION_PROMPT);
+grayoutif ideqval Setup.ETpm== 0x1;
+  oneof   varid   = Setup.fTPM,
+    prompt      = STRING_TOKEN(STR_PTT_PROMPT),
+    help        = STRING_TOKEN(STR_PTT_HELP),
+      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = 
RESET_REQUIRED;
+      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | 
MANUFACTURING | RESET_REQUIRED;
+  endoneof;
+endif;
+
+grayoutif ideqval Setup.fTPM == 0x1;
   oneof   varid   = Setup.ETpm,
     prompt      = STRING_TOKEN(STR_TPM_PROMPT),
     help        = STRING_TOKEN(STR_TPM_HELP),
-      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | 
MANUFACTURING | RESET_REQUIRED;
-      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags= RESET_REQUIRED;
+      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = 
RESET_REQUIRED;
+      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | 
MANUFACTURING | RESET_REQUIRED;
   endoneof;
+endif;
 
+suppressif ideqval Setup.fTPM == 0;
   oneof varid = Setup.MeasuredBootEnable,
     prompt      = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_PROMPT),
     help        = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_HELP),
     option text = STRING_TOKEN(STR_DISABLE), value = 0, flags = RESET_REQUIRED;
     option text = STRING_TOKEN(STR_ENABLE), value = 1, flags =  DEFAULT | 
MANUFACTURING | RESET_REQUIRED;
   endoneof;
+endif;
 
   subtitle text = STRING_TOKEN(STR_NULL_STRING);
 


------------------------------------------------------------------------------
One dashboard for servers and applications across Physical-Virtual-Cloud 
Widest out-of-the-box monitoring support with 50+ applications
Performance metrics, stats and reports that give you Actionable Insights
Deep dive visibility with transaction tracing using APM Insight.
http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits

Reply via email to