From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9604681F0B for ; Tue, 15 Nov 2016 22:01:28 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by orsmga104.jf.intel.com with ESMTP; 15 Nov 2016 22:01:33 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,646,1473145200"; d="scan'208";a="1085863546" Received: from shwde7156.ccr.corp.intel.com ([10.239.158.52]) by fmsmga002.fm.intel.com with ESMTP; 15 Nov 2016 22:01:32 -0800 From: Eric Dong To: edk2-devel@lists.01.org Cc: Jiewen Yao , Chao Zhang Date: Wed, 16 Nov 2016 14:00:46 +0800 Message-Id: <1479276049-34308-8-git-send-email-eric.dong@intel.com> X-Mailer: git-send-email 2.6.4.windows.1 In-Reply-To: <1479276049-34308-1-git-send-email-eric.dong@intel.com> References: <1479276049-34308-1-git-send-email-eric.dong@intel.com> Subject: [Patch 07/10] SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Nov 2016 06:01:28 -0000 After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Cc: Jiewen Yao Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong --- .../SmmTcg2PhysicalPresenceLib.c | 41 +++++++++++++++++----- .../SmmTcg2PhysicalPresenceLib.inf | 2 ++ 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c index 039bca1..e3f7150 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c @@ -31,6 +31,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include +#include EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable; @@ -129,8 +130,10 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( goto EXIT; } - if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) && - (*OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) { + if (((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) && + (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))|| + ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE) && + (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))) { // // This command requires UI to prompt user for Auth data. // @@ -244,12 +247,13 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( IN UINT32 OperationRequest ) { - EFI_STATUS Status; - UINTN DataSize; - EFI_TCG2_PHYSICAL_PRESENCE PpData; - EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags; - BOOLEAN RequestConfirmed; - + EFI_STATUS Status; + UINTN DataSize; + EFI_TCG2_PHYSICAL_PRESENCE PpData; + EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags; + UINT32 StorageFlags; + BOOLEAN RequestConfirmed; + DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = %x\n", OperationRequest)); // @@ -283,6 +287,11 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION; } + // + // Get the Physical Presence storage flags + // + StorageFlags = TcgPhysicalPresenceStorageLibReturnStorageFlags(); + RequestConfirmed = FALSE; switch (OperationRequest) { @@ -318,6 +327,22 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( RequestConfirmed = TRUE; break; + case TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID: + if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) { + RequestConfirmed = TRUE; + } + break; + + case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID: + if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) { + RequestConfirmed = TRUE; + } + break; + + case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE: + case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_TRUE: + break; + default: if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) { RequestConfirmed = TRUE; diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf index 5fa84b1..a039bbc 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf @@ -47,6 +47,8 @@ SmmServicesTableLib BaseMemoryLib + TcgPhysicalPresenceStorageLib + [Guids] ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence" ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence" -- 2.6.4.windows.1