Reviewed by: [email protected]
> -----Original Message----- > From: edk2-devel [mailto:[email protected]] On Behalf Of > Zhang, Chao B > Sent: Wednesday, June 8, 2016 3:38 PM > To: [email protected] > Cc: Yao, Jiewen <[email protected]>; Zhang, Chao B > <[email protected]>; Long, Qin <[email protected]> > Subject: [edk2] [PATCH] SecurityPkg: Tcg2Smm: Make TCG2 PP version > configurable > > Make TCG2 PP version configurable to meet different request. Current > default version is 1.3. > http://www.trustedcomputinggroup.org/physical-presence-interface_1-30_ > 0-52/ > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Chao Zhang <[email protected]> > --- > SecurityPkg/SecurityPkg.dec | 4 ++++ > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 42 > ++++++++++++++++++++++++++++++++++++- > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 6 ++++++ > SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 1 + > SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 4 ++-- > 5 files changed, 54 insertions(+), 3 deletions(-) > > diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec > index f4f3174..a9da5a6 100644 > --- a/SecurityPkg/SecurityPkg.dec > +++ b/SecurityPkg/SecurityPkg.dec > @@ -299,6 +299,10 @@ > # @ValidList 0x80000003 | 0x010D0000 > > gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0 > 000|UINT32|0x00000007 > > + ## Null-terminated string of the Version of Physical Presence interface > supported by platform. > + # @Prompt Version of Physical Presence interface supported by > platform. > + > gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|"1.3"| > VOID*|0x00000008 > + > [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] > ## Indicates the presence or absence of the platform operator during > firmware booting. > # If platform operator is not physical presence during boot. TPM will be > locked and the TPM commands > diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c > b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c > index dab1f53..b497475 100644 > --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c > +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c > @@ -251,6 +251,41 @@ AssignOpRegion ( > } > > /** > + Patch version string of Physical Presence interface supported by platform. > The initial string tag in TPM > +ACPI table is "$PV". > + > + @param[in, out] Table The TPM item in ACPI table. > + @param[in] PPVer Version string of Physical Presence > interface supported by platform. > + > + @return The allocated address for the > found region. > + > +**/ > +EFI_STATUS > +UpdatePPVersion ( > + EFI_ACPI_DESCRIPTION_HEADER *Table, > + CHAR8 *PPVer > + ) > +{ > + EFI_STATUS Status; > + UINT8 *DataPtr; > + > + // > + // Patch some pointers for the ASL code before loading the SSDT. > + // > + for (DataPtr = (UINT8 *)(Table + 1); > + DataPtr <= (UINT8 *) ((UINT8 *) Table + Table->Length - > PHYSICAL_PRESENCE_VERSION_SIZE); > + DataPtr += 1) { > + if (AsciiStrCmp(DataPtr, PHYSICAL_PRESENCE_VERSION_TAG) == 0) { > + Status = AsciiStrCpyS(DataPtr, PHYSICAL_PRESENCE_VERSION_SIZE, > PPVer); > + DEBUG((EFI_D_INFO, "TPM2 Physical Presence Interface Version > update status 0x%x\n", Status)); > + return Status; > + } > + } > + > + return EFI_NOT_FOUND; > +} > + > +/** > Initialize and publish TPM items in ACPI table. > > @retval EFI_SUCCESS The TCG ACPI table is published > successfully. > @@ -277,6 +312,11 @@ PublishAcpiTable ( > ); > ASSERT_EFI_ERROR (Status); > > + // > + // Update Table version before measuring it to PCR > + // > + Status = UpdatePPVersion(Table, (CHAR8 > *)PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer)); > + ASSERT_EFI_ERROR (Status); > > // > // Measure to PCR[0] with event EV_POST_CODE ACPI DATA > @@ -297,7 +337,7 @@ PublishAcpiTable ( > ASSERT (mTcgNvs != NULL); > > // > - // Publish the TPM ACPI table > + // Publish the TPM ACPI table. Table is re-checksumed. > // > Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID > **) &AcpiTable); > ASSERT_EFI_ERROR (Status); > diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h > b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h > index 62374a2..fa77c9a 100644 > --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h > +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h > @@ -87,4 +87,10 @@ typedef struct { > #define MOR_REQUEST_SUCCESS > 0 > #define MOR_REQUEST_GENERAL_FAILURE > 1 > > +// > +// Physical Presence Interface Version supported by Platform > +// > +#define PHYSICAL_PRESENCE_VERSION_TAG > "$PV" > +#define PHYSICAL_PRESENCE_VERSION_SIZE > 4 > + > #endif // __TCG_SMM_H__ > diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf > b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf > index 0cc0cc6..0de4fce 100644 > --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf > +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf > @@ -72,6 +72,7 @@ > gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId > ## SOMETIMES_CONSUMES > gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## > SOMETIMES_CONSUMES > gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress > ## CONSUMES > + gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer > ## CONSUMES > > [Depex] > gEfiAcpiTableProtocolGuid AND > diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl > b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl > index ba316cf..9ff74f7 100644 > --- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl > +++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl > @@ -2,7 +2,7 @@ > The TPM2 definition block in ACPI table for TCG2 physical presence > and MemoryClear. > > -Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> > +Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR> > (c)Copyright 2016 HP Development Company, L.P.<BR> > This program and the accompanying materials > are licensed and made available under the terms and conditions of the BSD > License > @@ -188,7 +188,7 @@ DefinitionBlock ( > // > // a) Get Physical Presence Interface Version > // > - Return ("1.3") > + Return ("$PV") > } > Case (2) > { > -- > 1.9.5.msysgit.1 > > _______________________________________________ > edk2-devel mailing list > [email protected] > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
