From: "Zhang, Chao B" <chao.b.zhang@intel.com>
To: edk2-devel@lists.01.org
Cc: Jiewen Yao <jiewen.yao@intel.com>, Chao B Zhang <chao.b.zhang@intel.com>
Subject: [PATCH 09/15] SecurityPkg/TrEEPei: remove TrEE.
Date: Thu, 15 Mar 2018 15:35:31 +0800 [thread overview]
Message-ID: <20180315073537.16692-10-chao.b.zhang@intel.com> (raw)
In-Reply-To: <20180315073537.16692-1-chao.b.zhang@intel.com>
From: Jiewen Yao <jiewen.yao@intel.com>
TrEE is deprecated. We need use Tcg2.
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
SecurityPkg/Tcg/TrEEPei/TrEEPei.c | 690 --------------------
SecurityPkg/Tcg/TrEEPei/TrEEPei.inf | 86 ---
SecurityPkg/Tcg/TrEEPei/TrEEPei.uni | 21 -
| 19 -
4 files changed, 816 deletions(-)
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c
deleted file mode 100644
index b561245790..0000000000
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c
+++ /dev/null
@@ -1,690 +0,0 @@
-/** @file
- Initialize TPM2 device and measure FVs before handing off control to DXE.
-
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include <PiPei.h>
-
-#include <IndustryStandard/UefiTcgPlatform.h>
-#include <Ppi/FirmwareVolumeInfo.h>
-#include <Ppi/FirmwareVolumeInfo2.h>
-#include <Ppi/LockPhysicalPresence.h>
-#include <Ppi/TpmInitialized.h>
-#include <Ppi/FirmwareVolume.h>
-#include <Ppi/EndOfPeiPhase.h>
-#include <Ppi/FirmwareVolumeInfoMeasurementExcluded.h>
-
-#include <Guid/TcgEventHob.h>
-#include <Guid/MeasuredFvHob.h>
-#include <Guid/TpmInstance.h>
-
-#include <Library/DebugLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/PeiServicesLib.h>
-#include <Library/PeimEntryPoint.h>
-#include <Library/Tpm2CommandLib.h>
-#include <Library/Tpm2DeviceLib.h>
-#include <Library/HashLib.h>
-#include <Library/HobLib.h>
-#include <Library/PcdLib.h>
-#include <Library/PeiServicesTablePointerLib.h>
-#include <Protocol/TrEEProtocol.h>
-#include <Library/PerformanceLib.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/ReportStatusCodeLib.h>
-
-#define PERF_ID_TREE_PEI 0x3080
-
-typedef struct {
- EFI_GUID *EventGuid;
- TREE_EVENT_LOG_FORMAT LogFormat;
-} TREE_EVENT_INFO_STRUCT;
-
-TREE_EVENT_INFO_STRUCT mTreeEventInfo[] = {
- {&gTcgEventEntryHobGuid, TREE_EVENT_LOG_FORMAT_TCG_1_2},
-};
-
-BOOLEAN mImageInMemory = FALSE;
-EFI_PEI_FILE_HANDLE mFileHandle;
-
-EFI_PEI_PPI_DESCRIPTOR mTpmInitializedPpiList = {
- EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
- &gPeiTpmInitializedPpiGuid,
- NULL
-};
-
-EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
- EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
- &gPeiTpmInitializationDonePpiGuid,
- NULL
-};
-
-EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredBaseFvInfo;
-UINT32 mMeasuredBaseFvIndex = 0;
-
-EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredChildFvInfo;
-UINT32 mMeasuredChildFvIndex = 0;
-
-/**
- Measure and record the Firmware Volum Information once FvInfoPPI install.
-
- @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
- @param[in] NotifyDescriptor Address of the notification descriptor data structure.
- @param[in] Ppi Address of the PPI that was installed.
-
- @retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
- @return Others Fail to measure FV.
-
-**/
-EFI_STATUS
-EFIAPI
-FirmwareVolmeInfoPpiNotifyCallback (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
- IN VOID *Ppi
- );
-
-/**
- Record all measured Firmware Volum Information into a Guid Hob
-
- @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
- @param[in] NotifyDescriptor Address of the notification descriptor data structure.
- @param[in] Ppi Address of the PPI that was installed.
-
- @retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
- @return Others Fail to measure FV.
-
-**/
-EFI_STATUS
-EFIAPI
-EndofPeiSignalNotifyCallBack (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
- IN VOID *Ppi
- );
-
-EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
- {
- EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
- &gEfiPeiFirmwareVolumeInfoPpiGuid,
- FirmwareVolmeInfoPpiNotifyCallback
- },
- {
- EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
- &gEfiPeiFirmwareVolumeInfo2PpiGuid,
- FirmwareVolmeInfoPpiNotifyCallback
- },
- {
- (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
- &gEfiEndOfPeiSignalPpiGuid,
- EndofPeiSignalNotifyCallBack
- }
-};
-
-EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI *mMeasurementExcludedFvPpi;
-
-/**
- Record all measured Firmware Volum Information into a Guid Hob
- Guid Hob payload layout is
-
- UINT32 *************************** FIRMWARE_BLOB number
- EFI_PLATFORM_FIRMWARE_BLOB******** BLOB Array
-
- @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
- @param[in] NotifyDescriptor Address of the notification descriptor data structure.
- @param[in] Ppi Address of the PPI that was installed.
-
- @retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
- @return Others Fail to measure FV.
-
-**/
-EFI_STATUS
-EFIAPI
-EndofPeiSignalNotifyCallBack (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
- IN VOID *Ppi
- )
-{
- MEASURED_HOB_DATA *MeasuredHobData;
-
- MeasuredHobData = NULL;
-
- //
- // Create a Guid hob to save all measured Fv
- //
- MeasuredHobData = BuildGuidHob(
- &gMeasuredFvHobGuid,
- sizeof(UINTN) + sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex + mMeasuredChildFvIndex)
- );
-
- if (MeasuredHobData != NULL){
- //
- // Save measured FV info enty number
- //
- MeasuredHobData->Num = mMeasuredBaseFvIndex + mMeasuredChildFvIndex;
-
- //
- // Save measured base Fv info
- //
- CopyMem (MeasuredHobData->MeasuredFvBuf, mMeasuredBaseFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex));
-
- //
- // Save measured child Fv info
- //
- CopyMem (&MeasuredHobData->MeasuredFvBuf[mMeasuredBaseFvIndex] , mMeasuredChildFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredChildFvIndex));
- }
-
- return EFI_SUCCESS;
-}
-
-/**
- Add a new entry to the Event Log.
-
- @param[in] DigestList A list of digest.
- @param[in,out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
- @param[in] NewEventData Pointer to the new event data.
-
- @retval EFI_SUCCESS The new event log entry was added.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
-**/
-EFI_STATUS
-LogHashEvent (
- IN TPML_DIGEST_VALUES *DigestList,
- IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
- IN UINT8 *NewEventData
- )
-{
- VOID *HobData;
- EFI_STATUS Status;
- UINTN Index;
- EFI_STATUS RetStatus;
-
- RetStatus = EFI_SUCCESS;
- for (Index = 0; Index < sizeof(mTreeEventInfo)/sizeof(mTreeEventInfo[0]); Index++) {
- DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTreeEventInfo[Index].LogFormat));
- switch (mTreeEventInfo[Index].LogFormat) {
- case TREE_EVENT_LOG_FORMAT_TCG_1_2:
- Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);
- if (!EFI_ERROR (Status)) {
- HobData = BuildGuidHob (
- &gTcgEventEntryHobGuid,
- sizeof (*NewEventHdr) + NewEventHdr->EventSize
- );
- if (HobData == NULL) {
- RetStatus = EFI_OUT_OF_RESOURCES;
- break;
- }
-
- CopyMem (HobData, NewEventHdr, sizeof (*NewEventHdr));
- HobData = (VOID *) ((UINT8*)HobData + sizeof (*NewEventHdr));
- CopyMem (HobData, NewEventData, NewEventHdr->EventSize);
- }
- break;
- }
- }
-
- return RetStatus;
-}
-
-/**
- Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
- and build a GUIDed HOB recording the event which will be passed to the DXE phase and
- added into the Event Log.
-
- @param[in] Flags Bitmap providing additional information.
- @param[in] HashData Physical address of the start of the data buffer
- to be hashed, extended, and logged.
- @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
- @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
- @param[in] NewEventData Pointer to the new event data.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
- @retval EFI_DEVICE_ERROR The command was unsuccessful.
-
-**/
-EFI_STATUS
-HashLogExtendEvent (
- IN UINT64 Flags,
- IN UINT8 *HashData,
- IN UINTN HashDataLen,
- IN TCG_PCR_EVENT_HDR *NewEventHdr,
- IN UINT8 *NewEventData
- )
-{
- EFI_STATUS Status;
- TPML_DIGEST_VALUES DigestList;
-
- if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
- return EFI_DEVICE_ERROR;
- }
-
- Status = HashAndExtend (
- NewEventHdr->PCRIndex,
- HashData,
- HashDataLen,
- &DigestList
- );
- if (!EFI_ERROR (Status)) {
- if ((Flags & TREE_EXTEND_ONLY) == 0) {
- Status = LogHashEvent (&DigestList, NewEventHdr, NewEventData);
- }
- }
-
- if (Status == EFI_DEVICE_ERROR) {
- DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
- BuildGuidHob (&gTpmErrorHobGuid,0);
- REPORT_STATUS_CODE (
- EFI_ERROR_CODE | EFI_ERROR_MINOR,
- (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
- );
- }
-
- return Status;
-}
-
-/**
- Measure CRTM version.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
- @retval EFI_DEVICE_ERROR The command was unsuccessful.
-
-**/
-EFI_STATUS
-MeasureCRTMVersion (
- VOID
- )
-{
- TCG_PCR_EVENT_HDR TcgEventHdr;
-
- //
- // Use FirmwareVersion string to represent CRTM version.
- // OEMs should get real CRTM version string and measure it.
- //
-
- TcgEventHdr.PCRIndex = 0;
- TcgEventHdr.EventType = EV_S_CRTM_VERSION;
- TcgEventHdr.EventSize = (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwareVersionString));
-
- return HashLogExtendEvent (
- 0,
- (UINT8*)PcdGetPtr (PcdFirmwareVersionString),
- TcgEventHdr.EventSize,
- &TcgEventHdr,
- (UINT8*)PcdGetPtr (PcdFirmwareVersionString)
- );
-}
-
-/**
- Measure FV image.
- Add it into the measured FV list after the FV is measured successfully.
-
- @param[in] FvBase Base address of FV image.
- @param[in] FvLength Length of FV image.
-
- @retval EFI_SUCCESS Fv image is measured successfully
- or it has been already measured.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
- @retval EFI_DEVICE_ERROR The command was unsuccessful.
-
-**/
-EFI_STATUS
-MeasureFvImage (
- IN EFI_PHYSICAL_ADDRESS FvBase,
- IN UINT64 FvLength
- )
-{
- UINT32 Index;
- EFI_STATUS Status;
- EFI_PLATFORM_FIRMWARE_BLOB FvBlob;
- TCG_PCR_EVENT_HDR TcgEventHdr;
-
- //
- // Check if it is in Excluded FV list
- //
- if (mMeasurementExcludedFvPpi != NULL) {
- for (Index = 0; Index < mMeasurementExcludedFvPpi->Count; Index ++) {
- if (mMeasurementExcludedFvPpi->Fv[Index].FvBase == FvBase) {
- DEBUG ((DEBUG_INFO, "The FV which is excluded by TrEEPei starts at: 0x%x\n", FvBase));
- DEBUG ((DEBUG_INFO, "The FV which is excluded by TrEEPei has the size: 0x%x\n", FvLength));
- return EFI_SUCCESS;
- }
- }
- }
-
- //
- // Check whether FV is in the measured FV list.
- //
- for (Index = 0; Index < mMeasuredBaseFvIndex; Index ++) {
- if (mMeasuredBaseFvInfo[Index].BlobBase == FvBase) {
- return EFI_SUCCESS;
- }
- }
-
- //
- // Measure and record the FV to the TPM
- //
- FvBlob.BlobBase = FvBase;
- FvBlob.BlobLength = FvLength;
-
- DEBUG ((DEBUG_INFO, "The FV which is measured by TrEEPei starts at: 0x%x\n", FvBlob.BlobBase));
- DEBUG ((DEBUG_INFO, "The FV which is measured by TrEEPei has the size: 0x%x\n", FvBlob.BlobLength));
-
- TcgEventHdr.PCRIndex = 0;
- TcgEventHdr.EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB;
- TcgEventHdr.EventSize = sizeof (FvBlob);
-
- Status = HashLogExtendEvent (
- 0,
- (UINT8*) (UINTN) FvBlob.BlobBase,
- (UINTN) FvBlob.BlobLength,
- &TcgEventHdr,
- (UINT8*) &FvBlob
- );
-
- //
- // Add new FV into the measured FV list.
- //
- ASSERT (mMeasuredBaseFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported));
- if (mMeasuredBaseFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) {
- mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobBase = FvBase;
- mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobLength = FvLength;
- mMeasuredBaseFvIndex++;
- }
-
- return Status;
-}
-
-/**
- Measure main BIOS.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
- @retval EFI_DEVICE_ERROR The command was unsuccessful.
-
-**/
-EFI_STATUS
-MeasureMainBios (
- VOID
- )
-{
- EFI_STATUS Status;
- UINT32 FvInstances;
- EFI_PEI_FV_HANDLE VolumeHandle;
- EFI_FV_INFO VolumeInfo;
- EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
-
- PERF_START_EX (mFileHandle, "EventRec", "TrEEPei", 0, PERF_ID_TREE_PEI);
- FvInstances = 0;
- while (TRUE) {
- //
- // Traverse all firmware volume instances of Static Core Root of Trust for Measurement
- // (S-CRTM), this firmware volume measure policy can be modified/enhanced by special
- // platform for special CRTM TPM measuring.
- //
- Status = PeiServicesFfsFindNextVolume (FvInstances, &VolumeHandle);
- if (EFI_ERROR (Status)) {
- break;
- }
-
- //
- // Measure and record the firmware volume that is dispatched by PeiCore
- //
- Status = PeiServicesFfsGetVolumeInfo (VolumeHandle, &VolumeInfo);
- ASSERT_EFI_ERROR (Status);
- //
- // Locate the corresponding FV_PPI according to founded FV's format guid
- //
- Status = PeiServicesLocatePpi (
- &VolumeInfo.FvFormat,
- 0,
- NULL,
- (VOID**)&FvPpi
- );
- if (!EFI_ERROR (Status)) {
- MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) VolumeInfo.FvStart, VolumeInfo.FvSize);
- }
-
- FvInstances++;
- }
- PERF_END_EX (mFileHandle, "EventRec", "TrEEPei", 0, PERF_ID_TREE_PEI + 1);
-
- return EFI_SUCCESS;
-}
-
-/**
- Measure and record the Firmware Volum Information once FvInfoPPI install.
-
- @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
- @param[in] NotifyDescriptor Address of the notification descriptor data structure.
- @param[in] Ppi Address of the PPI that was installed.
-
- @retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
- @return Others Fail to measure FV.
-
-**/
-EFI_STATUS
-EFIAPI
-FirmwareVolmeInfoPpiNotifyCallback (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
- IN VOID *Ppi
- )
-{
- EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv;
- EFI_STATUS Status;
- EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
- UINTN Index;
-
- Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi;
-
- //
- // The PEI Core can not dispatch or load files from memory mapped FVs that do not support FvPpi.
- //
- Status = PeiServicesLocatePpi (
- &Fv->FvFormat,
- 0,
- NULL,
- (VOID**)&FvPpi
- );
- if (EFI_ERROR (Status)) {
- return EFI_SUCCESS;
- }
-
- //
- // This is an FV from an FFS file, and the parent FV must have already been measured,
- // No need to measure twice, so just record the FV and return
- //
- if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
-
- ASSERT (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported));
- if (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) {
- //
- // Check whether FV is in the measured child FV list.
- //
- for (Index = 0; Index < mMeasuredChildFvIndex; Index++) {
- if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) {
- return EFI_SUCCESS;
- }
- }
- mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo;
- mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize;
- mMeasuredChildFvIndex++;
- }
- return EFI_SUCCESS;
- }
-
- return MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo, Fv->FvInfoSize);
-}
-
-/**
- Do measurement after memory is ready.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
- @retval EFI_DEVICE_ERROR The command was unsuccessful.
-
-**/
-EFI_STATUS
-PeimEntryMP (
- IN EFI_PEI_SERVICES **PeiServices
- )
-{
- EFI_STATUS Status;
-
- Status = PeiServicesLocatePpi (
- &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
- 0,
- NULL,
- (VOID**)&mMeasurementExcludedFvPpi
- );
- // Do not check status, because it is optional
-
- mMeasuredBaseFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
- ASSERT (mMeasuredBaseFvInfo != NULL);
- mMeasuredChildFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
- ASSERT (mMeasuredChildFvInfo != NULL);
-
- if (PcdGet8 (PcdTpm2ScrtmPolicy) == 1) {
- Status = MeasureCRTMVersion ();
- }
-
- Status = MeasureMainBios ();
-
- //
- // Post callbacks:
- // for the FvInfoPpi services to measure and record
- // the additional Fvs to TPM
- //
- Status = PeiServicesNotifyPpi (&mNotifyList[0]);
- ASSERT_EFI_ERROR (Status);
-
- return Status;
-}
-
-/**
- Entry point of this module.
-
- @param[in] FileHandle Handle of the file being invoked.
- @param[in] PeiServices Describes the list of possible PEI Services.
-
- @return Status.
-
-**/
-EFI_STATUS
-EFIAPI
-PeimEntryMA (
- IN EFI_PEI_FILE_HANDLE FileHandle,
- IN CONST EFI_PEI_SERVICES **PeiServices
- )
-{
- EFI_STATUS Status;
- EFI_STATUS Status2;
- EFI_BOOT_MODE BootMode;
-
- if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
- CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
- DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
- return EFI_UNSUPPORTED;
- }
-
- if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
- DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
- return EFI_DEVICE_ERROR;
- }
-
- Status = PeiServicesGetBootMode (&BootMode);
- ASSERT_EFI_ERROR (Status);
-
- //
- // In S3 path, skip shadow logic. no measurement is required
- //
- if (BootMode != BOOT_ON_S3_RESUME) {
- Status = (**PeiServices).RegisterForShadow(FileHandle);
- if (Status == EFI_ALREADY_STARTED) {
- mImageInMemory = TRUE;
- mFileHandle = FileHandle;
- } else if (Status == EFI_NOT_FOUND) {
- ASSERT_EFI_ERROR (Status);
- }
- }
-
- if (!mImageInMemory) {
- //
- // Initialize TPM device
- //
- Status = Tpm2RequestUseTpm ();
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "TPM2 not detected!\n"));
- goto Done;
- }
-
- if (PcdGet8 (PcdTpm2InitializationPolicy) == 1) {
- if (BootMode == BOOT_ON_S3_RESUME) {
- Status = Tpm2Startup (TPM_SU_STATE);
- if (EFI_ERROR (Status) ) {
- Status = Tpm2Startup (TPM_SU_CLEAR);
- }
- } else {
- Status = Tpm2Startup (TPM_SU_CLEAR);
- }
- if (EFI_ERROR (Status) ) {
- goto Done;
- }
- }
-
- //
- // TpmSelfTest is optional on S3 path, skip it to save S3 time
- //
- if (BootMode != BOOT_ON_S3_RESUME) {
- if (PcdGet8 (PcdTpm2SelfTestPolicy) == 1) {
- Status = Tpm2SelfTest (NO);
- if (EFI_ERROR (Status)) {
- goto Done;
- }
- }
- }
-
- //
- // Only intall TpmInitializedPpi on success
- //
- Status = PeiServicesInstallPpi (&mTpmInitializedPpiList);
- ASSERT_EFI_ERROR (Status);
- }
-
- if (mImageInMemory) {
- Status = PeimEntryMP ((EFI_PEI_SERVICES**)PeiServices);
- return Status;
- }
-
-Done:
- if (EFI_ERROR (Status)) {
- DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n"));
- BuildGuidHob (&gTpmErrorHobGuid,0);
- REPORT_STATUS_CODE (
- EFI_ERROR_CODE | EFI_ERROR_MINOR,
- (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
- );
- }
- //
- // Always intall TpmInitializationDonePpi no matter success or fail.
- // Other driver can know TPM initialization state by TpmInitializedPpi.
- //
- Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
- ASSERT_EFI_ERROR (Status2);
-
- return Status;
-}
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf
deleted file mode 100644
index 61a8cd0824..0000000000
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf
+++ /dev/null
@@ -1,86 +0,0 @@
-## @file
-# Initializes TPM 2.0 device and measure FVs in PEI phase
-#
-# This module will initialize TPM device, measure reported FVs and BIOS version.
-#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[Defines]
- INF_VERSION = 0x00010005
- BASE_NAME = TrEEPei
- MODULE_UNI_FILE = TrEEPei.uni
- FILE_GUID = CA5A1928-6523-409d-A9FE-5DCC87387222
- MODULE_TYPE = PEIM
- VERSION_STRING = 1.0
- ENTRY_POINT = PeimEntryMA
-
-#
-# The following information is for reference only and not required by the build tools.
-#
-# VALID_ARCHITECTURES = IA32 X64 IPF EBC
-#
-# [BootMode]
-# S3_RESUME ## SOMETIMES_CONSUMES
-#
-
-[Sources]
- TrEEPei.c
-
-[Packages]
- MdePkg/MdePkg.dec
- MdeModulePkg/MdeModulePkg.dec
- SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
- HobLib
- PeimEntryPoint
- PeiServicesLib
- BaseMemoryLib
- DebugLib
- Tpm2CommandLib
- PeiServicesTablePointerLib
- Tpm2DeviceLib
- HashLib
- PerformanceLib
- MemoryAllocationLib
- ReportStatusCodeLib
-
-[Guids]
- gTcgEventEntryHobGuid ## PRODUCES ## HOB
- gTpmErrorHobGuid ## SOMETIMES_PRODUCES ## HOB
- gMeasuredFvHobGuid ## PRODUCES ## HOB
- gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
- gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
-
-[Ppis]
- gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
- gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
- gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES
- gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES
- gPeiTpmInitializationDonePpiGuid ## PRODUCES
- gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
-
-[Pcd]
- gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## SOMETIMES_CONSUMES
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy ## CONSUMES
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy ## SOMETIMES_CONSUMES
- gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy ## CONSUMES
- gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported ## CONSUMES
- gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
-
-[Depex]
- gEfiPeiMasterBootModePpiGuid AND
- gEfiPeiReadOnlyVariable2PpiGuid AND
- gEfiTpmDeviceSelectedGuid
-
-[UserExtensions.TianoCore."ExtraFiles"]
- TrEEPeiExtra.uni
\ No newline at end of file
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.uni b/SecurityPkg/Tcg/TrEEPei/TrEEPei.uni
deleted file mode 100644
index 619484abfc..0000000000
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.uni
+++ /dev/null
@@ -1,21 +0,0 @@
-// /** @file
-// Initializes TPM 2.0 device and measure FVs in PEI phase
-//
-// This module will initialize TPM device, measure reported FVs and BIOS version.
-//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT #language en-US "Initializes TPM 2.0 device and measure FVs in PEI phase"
-
-#string STR_MODULE_DESCRIPTION #language en-US "This module will initialize TPM device, measure reported FVs and BIOS version."
-
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPeiExtra.uni b/SecurityPkg/Tcg/TrEEPei/TrEEPeiExtra.uni
deleted file mode 100644
index b6743ab953..0000000000
--- a/SecurityPkg/Tcg/TrEEPei/TrEEPeiExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// TrEEPei Localized Strings and Content
-//
-// Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME
-#language en-US
-"TrEE (Trusted Execution Environment) PEI"
-
-
--
2.16.2.windows.1
next prev parent reply other threads:[~2018-03-15 7:29 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-15 7:35 [PATCH 00/15] Remove TrEE* Zhang, Chao B
2018-03-15 7:35 ` [PATCH 01/15] ShellPkg/UefiHandleParsingLib: remove TrEE reference Zhang, Chao B
2018-03-16 3:49 ` Ni, Ruiyu
2018-03-16 3:53 ` Ni, Ruiyu
2018-03-15 7:35 ` [PATCH 02/15] QuarkPlatformPkg: " Zhang, Chao B
2018-03-15 12:52 ` Steele, Kelly
2018-03-15 7:35 ` [PATCH 03/15] Vlv2TbltDevicePkg/Tcg2PhysicalPresenceLib: use Tcg2 instead of TrEE Zhang, Chao B
2018-03-16 3:21 ` Guo, Mang
2018-03-15 7:35 ` [PATCH 04/15] Vlv2TbltDevicePkg/Bds: " Zhang, Chao B
2018-03-16 3:22 ` Guo, Mang
2018-03-15 7:35 ` [PATCH 05/15] Vlv2TbltDevicePkg/dsc/fdf: " Zhang, Chao B
2018-03-16 3:22 ` Guo, Mang
2018-03-15 7:35 ` [PATCH 06/15] SecurityPkg/dsc: remove TrEE Zhang, Chao B
2018-03-15 7:35 ` [PATCH 07/15] SecurityPkg/TrEESmm: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 08/15] SecurityPkg/TrEEDxe: " Zhang, Chao B
2018-03-15 7:35 ` Zhang, Chao B [this message]
2018-03-15 7:35 ` [PATCH 10/15] SecurityPkg/TrEEConfig: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 11/15] SecurityPkg/Tpm2DeviceLibTrEE: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 12/15] SecurityPkg/TrEEPhysicalPresenceLib: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 13/15] SecurityPkg/TrEEVendorLib: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 14/15] SecurityPkg/include: " Zhang, Chao B
2018-03-15 7:35 ` [PATCH 15/15] SecurityPkg/dec: " Zhang, Chao B
2018-03-15 8:39 ` [PATCH 00/15] Remove TrEE* Zhang, Chao B
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180315073537.16692-10-chao.b.zhang@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox