From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 5FC7481EEB for ; Tue, 15 Nov 2016 22:01:25 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga104.jf.intel.com with ESMTP; 15 Nov 2016 22:01:30 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,646,1473145200"; d="scan'208";a="1085863531" Received: from shwde7156.ccr.corp.intel.com ([10.239.158.52]) by fmsmga002.fm.intel.com with ESMTP; 15 Nov 2016 22:01:28 -0800 From: Eric Dong To: edk2-devel@lists.01.org Cc: Jiewen Yao , Chao Zhang Date: Wed, 16 Nov 2016 14:00:43 +0800 Message-Id: <1479276049-34308-5-git-send-email-eric.dong@intel.com> X-Mailer: git-send-email 2.6.4.windows.1 In-Reply-To: <1479276049-34308-1-git-send-email-eric.dong@intel.com> References: <1479276049-34308-1-git-send-email-eric.dong@intel.com> Subject: [Patch 04/10] SecurityPkg: Add SmmTcgPhysicalPresenceStorageLib. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Nov 2016 06:01:25 -0000 Tcg Physical Presence spec defined some actions used for storage device. Add Smm version library to handles these actions. Cc: Jiewen Yao Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong --- .../SmmTcgPhysicalPresenceStorageLib.c | 181 +++++++++++++++++++++ .../SmmTcgPhysicalPresenceStorageLib.inf | 46 ++++++ .../SmmTcgPhysicalPresenceStorageLib.uni | 18 ++ 3 files changed, 245 insertions(+) create mode 100644 SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.c create mode 100644 SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.inf create mode 100644 SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.uni diff --git a/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.c b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.c new file mode 100644 index 0000000..fb4622e --- /dev/null +++ b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.c @@ -0,0 +1,181 @@ +/** @file + Tcg PP storage library instance that does support any storage specific PPI. + +Copyright (c) 2016, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ +#include + +#include +#include + +#include + + + +#include +#include +#include + + +EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpStorageSmmVariable; + +/** + The handler for TPM physical presence function: + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + Caution: This function may receive untrusted input. + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] RequestParameter TPM physical presence operation request parameter. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +TcgPhysicalPresenceStorageLibSubmitRequestToPreOSFunction ( + IN UINT32 OperationRequest, + IN UINT32 RequestParameter + ) +{ + ASSERT (FALSE); + + return TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS; +} + +/** + The handler for TPM physical presence function: + Return TPM Operation Response to OS Environment. + + @param[out] MostRecentRequest Most recent operation request. + @param[out] Response Response to the most recent operation request. + + @return Return Code for Return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +TcgPhysicalPresenceStorageLibReturnOperationResponseToOsFunction ( + OUT UINT32 *MostRecentRequest, + OUT UINT32 *Response + ) +{ + ASSERT (FALSE); + + return TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS; +} + +/** + Check if the pending TPM request needs user input to confirm. + + The TPM request may come from OS. This API will check if TPM request exists and need user + input to confirmation. + + @retval TRUE TPM needs input to confirm user physical presence. + @retval FALSE TPM doesn't need input to confirm user physical presence. + +**/ +BOOLEAN +EFIAPI +TcgPhysicalPresenceStorageLibNeedUserConfirm( + VOID + ) +{ + ASSERT (FALSE); + + return FALSE; +} + +/** + Check and execute the pending TPM request. + + The TPM request may come from OS or BIOS. This API will display request information and wait + for user confirmation if TPM request exists. The TPM request will be sent to TPM device after + the TPM request is confirmed, and one or more reset may be required to make TPM request to + take effect. + + This API should be invoked after console in and console out are all ready as they are required + to display request information and get user input to confirm the request. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. +**/ +VOID +EFIAPI +TcgPhysicalPresenceStorageLibProcessRequest ( + VOID + ) +{ + ASSERT (FALSE); +} + +/** + The handler for TPM physical presence function: + Return TPM Operation flag variable. + + @return Return Code for Return TPM Operation flag variable. +**/ +UINT32 +EFIAPI +TcgPhysicalPresenceStorageLibReturnStorageFlags ( + VOID + ) +{ + UINTN DataSize; + EFI_TCG_PHYSICAL_PRESENCE_STORAGE_FLAGS PpiFlags; + EFI_STATUS Status; + + // + // Get the Physical Presence storage flags + // + DataSize = sizeof (EFI_TCG_PHYSICAL_PRESENCE_STORAGE_FLAGS); + Status = mTcg2PpStorageSmmVariable->SmmGetVariable ( + TCG_PHYSICAL_PRESENCE_STORAGE_FLAGS_VARIABLE, + &gEfiTcgPhysicalPresenceStorageGuid, + NULL, + &DataSize, + &PpiFlags + ); + if (EFI_ERROR (Status)) { + DEBUG ((EFI_D_ERROR, "[TPM2] Get PP storage flags failure! Status = %r\n", Status)); + PpiFlags.PPFlags = TCG_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; + } + + return PpiFlags.PPFlags; +} + +/** + + Install Boot Manager Menu driver. + + @param ImageHandle The image handle. + @param SystemTable The system table. + + @retval EFI_SUCEESS Install Boot manager menu success. + @retval Other Return error status. + +**/ +EFI_STATUS +EFIAPI +TcgPhysicalPresenceStorageLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + EFI_STATUS Status; + + // + // Locate SmmVariableProtocol. + // + Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mTcg2PpStorageSmmVariable); + ASSERT_EFI_ERROR (Status); + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.inf b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.inf new file mode 100644 index 0000000..80a14c8 --- /dev/null +++ b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.inf @@ -0,0 +1,46 @@ +## @file +# Tcg PP storage library instance that does support any storage specific PPI. +# +# Copyright (c) 2016, Intel Corporation. All rights reserved.
+# This program and the accompanying materials +# are licensed and made available under the terms and conditions of the BSD License +# which accompanies this distribution. The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = SmmTcgPhysicalPresenceStorageLib + MODULE_UNI_FILE = SmmTcgPhysicalPresenceStorageLib.uni + FILE_GUID = BC66DA00-E4CF-4E61-9000-E636856F8881 + MODULE_TYPE = DXE_SMM_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = TcgPhysicalPresenceStorageLib|DXE_SMM_DRIVER + CONSTRUCTOR = TcgPhysicalPresenceStorageLibConstructor + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# + +[Sources] + SmmTcgPhysicalPresenceStorageLib.c + +[Packages] + MdePkg/MdePkg.dec + SecurityPkg/SecurityPkg.dec + MdeModulePkg/MdeModulePkg.dec + +[LibraryClasses] + DebugLib + SmmServicesTableLib + +[Guids] + gEfiTcgPhysicalPresenceStorageGuid ## SOMETIMES_CONSUMES ## HII + +[Depex] + gEfiSmmVariableProtocolGuid diff --git a/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.uni b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.uni new file mode 100644 index 0000000..400f0fc --- /dev/null +++ b/SecurityPkg/Library/SmmTcgPhysicalPresenceStorageLib/SmmTcgPhysicalPresenceStorageLib.uni @@ -0,0 +1,18 @@ +// /** @file +// Tcg PP storage library instance that does support any storage specific PPI. +// +// Copyright (c) 2016, Intel Corporation. All rights reserved.
+// +// This program and the accompanying materials +// are licensed and made available under the terms and conditions of the BSD License +// which accompanies this distribution. The full text of the license may be found at +// http://opensource.org/licenses/bsd-license.php +// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +// +// **/ + +#string STR_MODULE_ABSTRACT #language en-US "Tcg PP Storage library instance that supports any storage specific PPI" + +#string STR_MODULE_DESCRIPTION #language en-US "Tcg PP Storage library instance that supports any storage specific PPI." + -- 2.6.4.windows.1