From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.31; helo=mga06.intel.com; envelope-from=chao.b.zhang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8A904211D0C9B for ; Wed, 20 Jun 2018 20:41:29 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Jun 2018 20:41:28 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.51,250,1526367600"; d="scan'208";a="51019521" Received: from czhan46-mobl1.ccr.corp.intel.com ([10.239.192.107]) by orsmga008.jf.intel.com with ESMTP; 20 Jun 2018 20:41:27 -0700 From: "Zhang, Chao B" To: edk2-devel@lists.01.org Cc: Long Qin , Yao Jiewen , Chao Zhang Date: Thu, 21 Jun 2018 11:41:23 +0800 Message-Id: <20180621034124.9816-1-chao.b.zhang@intel.com> X-Mailer: git-send-email 2.11.0.windows.1 Subject: [Patch] SecurityPkg: Cache TPM interface type info X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.26 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Jun 2018 03:41:29 -0000 Cache TPM interface type info to avoid excessive interface ID register read Cc: Long Qin Cc: Yao Jiewen Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Chao Zhang Signed-off-by: Zhang, Chao B --- SecurityPkg/Include/Library/Tpm2DeviceLib.h | 12 +++- .../Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c | 38 +++++++++++- .../Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf | 8 ++- .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c | 27 ++++++++- .../Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf | 6 +- SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c | 47 +++++++-------- SecurityPkg/SecurityPkg.dec | 12 +++- SecurityPkg/SecurityPkg.uni | 10 +++- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf | 3 +- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c | 68 ++++++---------------- SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 60 ++----------------- SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 1 + SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 1 + 13 files changed, 148 insertions(+), 145 deletions(-) diff --git a/SecurityPkg/Include/Library/Tpm2DeviceLib.h b/SecurityPkg/Include/Library/Tpm2DeviceLib.h index 67f158ef03..f072a24925 100644 --- a/SecurityPkg/Include/Library/Tpm2DeviceLib.h +++ b/SecurityPkg/Include/Library/Tpm2DeviceLib.h @@ -1,9 +1,9 @@ /** @file This library abstract how to access TPM2 hardware device. -Copyright (c) 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -15,10 +15,20 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #ifndef _TPM2_DEVICE_LIB_H_ #define _TPM2_DEVICE_LIB_H_ #include +// +// Used in PcdActiveTpmInterfaceType to identify TPM interface type +// +typedef enum { + Tpm2PtpInterfaceTis, + Tpm2PtpInterfaceFifo, + Tpm2PtpInterfaceCrb, + Tpm2PtpInterfaceMax, +} TPM2_PTP_INTERFACE_TYPE; + /** This service enables the sending of commands to the TPM2. @param[in] InputParameterBlockSize Size of the TPM2 input parameter block. @param[in] InputParameterBlock Pointer to the TPM2 input parameter block. diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c index 0b1723e4a1..3feb64df7e 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c @@ -1,10 +1,10 @@ /** @file This library is TPM2 DTPM device lib. Choosing this library means platform uses and only uses DTPM device as TPM2 engine. -Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -15,10 +15,23 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include #include +#include + +/** + Return PTP interface type. + + @param[in] Register Pointer to PTP register. + + @return PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +Tpm2GetPtpInterface ( + IN VOID *Register + ); /** This service enables the sending of commands to the TPM2. @param[in] InputParameterBlockSize Size of the TPM2 input parameter block. @@ -112,5 +125,28 @@ Tpm2RegisterTpm2DeviceLib ( IN TPM2_DEVICE_INTERFACE *Tpm2Device ) { return EFI_UNSUPPORTED; } + +/** + The function caches current active TPM interface type. + + @retval EFI_SUCCESS DTPM2.0 instance is registered, or system dose not surpport registr DTPM2.0 instance +**/ +EFI_STATUS +EFIAPI +Tpm2DeviceLibConstructor ( + VOID + ) +{ + TPM2_PTP_INTERFACE_TYPE PtpInterface; + + // + // Cache current active TpmInterfaceType only when needed + // + if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) { + PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface); + } + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf index 3e619b98b7..634bbae847 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf @@ -8,11 +8,11 @@ # This library implements TIS (TPM Interface Specification) and # PTP (Platform TPM Profile) functions which is # used for every TPM 2.0 command. Choosing this library means platform uses and # only uses TPM 2.0 DTPM device. # -# Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, @@ -25,12 +25,12 @@ BASE_NAME = Tpm2DeviceLibDTpm MODULE_UNI_FILE = Tpm2DeviceLibDTpm.uni FILE_GUID = E54A3327-A345-4068-8842-70AC0D519855 MODULE_TYPE = BASE VERSION_STRING = 1.0 - LIBRARY_CLASS = Tpm2DeviceLib - + LIBRARY_CLASS = Tpm2DeviceLib|PEIM DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER + Constructor = Tpm2DeviceLibConstructor # # The following information is for reference only and not required by the build tools. # # VALID_ARCHITECTURES = IA32 X64 IPF # @@ -48,8 +48,10 @@ BaseLib BaseMemoryLib IoLib TimerLib DebugLib + PcdLib [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## PRODUCES diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c index 3f28f21faa..01f78bf0be 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c @@ -1,11 +1,11 @@ /** @file This library is TPM2 DTPM instance. It can be registered to Tpm2 Device router, to be active TPM2 engine, based on platform setting. -Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -16,13 +16,26 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include #include +#include #include +/** + Return PTP interface type. + + @param[in] Register Pointer to PTP register. + + @return PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +Tpm2GetPtpInterface ( + IN VOID *Register + ); + /** Dump PTP register information. @param[in] Register Pointer to PTP register. **/ @@ -70,28 +83,36 @@ TPM2_DEVICE_INTERFACE mDTpm2InternalTpm2Device = { DTpm2SubmitCommand, DTpm2RequestUseTpm, }; /** - The function register DTPM2.0 instance. + The function register DTPM2.0 instance and caches current active TPM interface type. @retval EFI_SUCCESS DTPM2.0 instance is registered, or system dose not surpport registr DTPM2.0 instance **/ EFI_STATUS EFIAPI Tpm2InstanceLibDTpmConstructor ( VOID ) { - EFI_STATUS Status; + EFI_STATUS Status; + TPM2_PTP_INTERFACE_TYPE PtpInterface; Status = Tpm2RegisterTpm2DeviceLib (&mDTpm2InternalTpm2Device); if ((Status == EFI_SUCCESS) || (Status == EFI_UNSUPPORTED)) { // // Unsupported means platform policy does not need this instance enabled. // if (Status == EFI_SUCCESS) { + // + // Cache current active TpmInterfaceType only when needed + // + if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) { + PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface); + } DumpPtpInfo ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); } return EFI_SUCCESS; } return Status; diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf index 22efb1ef4c..876a5a63c4 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf @@ -3,11 +3,11 @@ # # This library can be registered to Tpm 2.0 device router, to be active TPM 2.0 # engine, based on platform setting. It supports both TIS (TPM Interface Specification) # and PTP (Platform TPM Profile) functions. # -# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, @@ -44,8 +44,10 @@ BaseLib BaseMemoryLib IoLib TimerLib DebugLib + PcdLib [Pcd] - gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## PRODUCES \ No newline at end of file diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c index d9df264699..1bc153a2c0 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c @@ -23,17 +23,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include -typedef enum { - PtpInterfaceTis, - PtpInterfaceFifo, - PtpInterfaceCrb, - PtpInterfaceMax, -} PTP_INTERFACE_TYPE; - // // Execution of the command may take from several seconds to minutes for certain // commands, such as key generation. // #define PTP_TIMEOUT_MAX (90000 * 1000) // 90s @@ -368,39 +361,39 @@ TisPcRequestUseTpm ( @param[in] Register Pointer to PTP register. @return PTP interface type. **/ -PTP_INTERFACE_TYPE +TPM2_PTP_INTERFACE_TYPE Tpm2GetPtpInterface ( IN VOID *Register ) { PTP_CRB_INTERFACE_IDENTIFIER InterfaceId; PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability; if (!Tpm2IsPtpPresence (Register)) { - return PtpInterfaceMax; + return Tpm2PtpInterfaceMax; } // // Check interface id // InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId); InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability); if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) && (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) && (InterfaceId.Bits.CapCRB != 0)) { - return PtpInterfaceCrb; + return Tpm2PtpInterfaceCrb; } if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) && (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) && (InterfaceId.Bits.CapFIFO != 0) && (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) { - return PtpInterfaceFifo; + return Tpm2PtpInterfaceFifo; } - return PtpInterfaceTis; + return Tpm2PtpInterfaceTis; } /** Dump PTP register information. @@ -415,11 +408,11 @@ DumpPtpInfo ( PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability; UINT8 StatusEx; UINT16 Vid; UINT16 Did; UINT8 Rid; - PTP_INTERFACE_TYPE PtpInterface; + TPM2_PTP_INTERFACE_TYPE PtpInterface; if (!Tpm2IsPtpPresence (Register)) { return ; } @@ -456,20 +449,20 @@ DumpPtpInfo ( } Vid = 0xFFFF; Did = 0xFFFF; Rid = 0xFF; - PtpInterface = Tpm2GetPtpInterface (Register); + PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); DEBUG ((EFI_D_INFO, "PtpInterface - %x\n", PtpInterface)); switch (PtpInterface) { - case PtpInterfaceCrb: + case Tpm2PtpInterfaceCrb: Vid = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Vid); Did = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Did); Rid = (UINT8)InterfaceId.Bits.Rid; break; - case PtpInterfaceFifo: - case PtpInterfaceTis: + case Tpm2PtpInterfaceFifo: + case Tpm2PtpInterfaceTis: Vid = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Vid); Did = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Did); Rid = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Rid); break; default: @@ -499,24 +492,24 @@ DTpm2SubmitCommand ( IN UINT8 *InputParameterBlock, IN OUT UINT32 *OutputParameterBlockSize, IN UINT8 *OutputParameterBlock ) { - PTP_INTERFACE_TYPE PtpInterface; + TPM2_PTP_INTERFACE_TYPE PtpInterface; - PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); switch (PtpInterface) { - case PtpInterfaceCrb: + case Tpm2PtpInterfaceCrb: return PtpCrbTpmCommand ( (PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress), InputParameterBlock, InputParameterBlockSize, OutputParameterBlock, OutputParameterBlockSize ); - case PtpInterfaceFifo: - case PtpInterfaceTis: + case Tpm2PtpInterfaceFifo: + case Tpm2PtpInterfaceTis: return Tpm2TisTpmCommand ( (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress), InputParameterBlock, InputParameterBlockSize, OutputParameterBlock, @@ -538,18 +531,18 @@ EFI_STATUS EFIAPI DTpm2RequestUseTpm ( VOID ) { - PTP_INTERFACE_TYPE PtpInterface; + TPM2_PTP_INTERFACE_TYPE PtpInterface; - PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); switch (PtpInterface) { - case PtpInterfaceCrb: + case Tpm2PtpInterfaceCrb: return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress)); - case PtpInterfaceFifo: - case PtpInterfaceTis: + case Tpm2PtpInterfaceFifo: + case Tpm2PtpInterfaceTis: return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress)); default: return EFI_NOT_FOUND; } } diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 497354634b..60f1c0a0e3 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -461,8 +461,18 @@ # has no need to be configured in platform dsc and will be set to correct # value by the HashLib instance according to the HashInstanceLib instances # linked, and the value of this PCD should be got in module entrypoint. # @Prompt Hash Algorithm bitmap. gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFFF|UINT32|0x00010016 - + + ## This PCD indicates current active TPM interface type. + # Accodingt to TCG PTP spec 1.3, there are 3 types defined in TPM2_PTP_INTERFACE_TYPE.
+ # 0x00 - FIFO interface as defined in TIS 1.3 is active.
+ # 0x01 - FIFO interface as defined in PTP for TPM 2.0 is active.
+ # 0x02 - CRB interface is active.
+ # 0xFF - Contains no current active TPM interface type.
+ # + # @Prompt current active TPM interface type. + gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType|0xFF|UINT8|0x0001001E + [UserExtensions.TianoCore."ExtraFiles"] SecurityPkgExtra.uni diff --git a/SecurityPkg/SecurityPkg.uni b/SecurityPkg/SecurityPkg.uni index aaf77269a3..c34250e423 100644 --- a/SecurityPkg/SecurityPkg.uni +++ b/SecurityPkg/SecurityPkg.uni @@ -244,6 +244,14 @@ #string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTpm2CurrentIrqNum_HELP #language en-US "This PCD defines current TPM2 device interrupt number reported by _CRS. If set to 0, interrupt is disabled." #string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTpm2PossibleIrqNumBuf_PROMPT #language en-US "Possible TPM2 device interrupt number buffer" #string STR_gEfiSecurityPkgTokenSpaceGuid_PcdTpm2PossibleIrqNumBuf_HELP #language en-US "This PCD defines possible TPM2 interrupt number in a platform reported by _PRS control method.\n" - "If PcdTpm2CurrentIrqNum set to 0, _PRS will not report any possible TPM2 interrupt numbers." \ No newline at end of file + "If PcdTpm2CurrentIrqNum set to 0, _PRS will not report any possible TPM2 interrupt numbers." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdActiveTpmInterfaceType_PROMPT #language en-US "Current active TPM interface type" + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdActiveTpmInterfaceType_HELP #language en-US "This PCD indicates current active TPM interface type.\n" + "0x00 - FIFO interface as defined in TIS 1.3 is active.
\n" + "0x01 - FIFO interface as defined in PTP for TPM 2.0 is active.
\n" + "0x02 - CRB interface is active.
\n" + "0xFF - Contains no current active TPM interface type
" \ No newline at end of file diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf index 38fa331701..a52709669a 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -2,11 +2,11 @@ # TPM device configuration for TPM 2.0 # # By this module, user may select TPM device, clear TPM state, etc. # NOTE: This module is only for reference only, each platform should have its own setup page. # -# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at # http://opensource.org/licenses/bsd-license.php # THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, @@ -77,10 +77,11 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev ## CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## CONSUMES [Depex] gEfiTcg2ProtocolGuid AND gEfiHiiConfigRoutingProtocolGuid AND gEfiHiiDatabaseProtocolGuid AND diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c index b3a849e918..78587c2425 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c @@ -1,10 +1,10 @@ /** @file HII Config Access protocol implementation of TCG2 configuration module. NOTE: This module is only for reference only, each platform should have its own setup page. -Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -14,11 +14,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ #include "Tcg2ConfigImpl.h" #include #include +#include #include + #include #include #define EFI_TCG2_EVENT_LOG_FORMAT_ALL (EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) @@ -57,45 +59,10 @@ HII_VENDOR_DEVICE_PATH mTcg2HiiVendorDevicePath = { } }; UINT8 mCurrentPpRequest; -/** - Return PTP interface type. - - @param[in] Register Pointer to PTP register. - - @return PTP interface type. -**/ -UINT8 -GetPtpInterface ( - IN VOID *Register - ) -{ - PTP_CRB_INTERFACE_IDENTIFIER InterfaceId; - PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability; - - // - // Check interface id - // - InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId); - InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability); - - if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) && - (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) && - (InterfaceId.Bits.CapCRB != 0)) { - return TPM_DEVICE_INTERFACE_PTP_CRB; - } - if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) && - (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) && - (InterfaceId.Bits.CapFIFO != 0) && - (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) { - return TPM_DEVICE_INTERFACE_PTP_FIFO; - } - return TPM_DEVICE_INTERFACE_TIS; -} - /** Return if PTP CRB is supported. @param[in] Register Pointer to PTP register. @@ -150,10 +117,11 @@ IsPtpFifoSupported ( return FALSE; } /** Set PTP interface type. + Do not update PcdActiveTpmInterfaceType here because interface change only happens on next _TPM_INIT @param[in] Register Pointer to PTP register. @param[in] PtpInterface PTP interface type. @retval EFI_SUCCESS PTP interface type is set. @@ -165,32 +133,32 @@ EFI_STATUS SetPtpInterface ( IN VOID *Register, IN UINT8 PtpInterface ) { - UINT8 PtpInterfaceCurrent; + TPM2_PTP_INTERFACE_TYPE PtpInterfaceCurrent; PTP_CRB_INTERFACE_IDENTIFIER InterfaceId; - PtpInterfaceCurrent = GetPtpInterface (Register); - if ((PtpInterfaceCurrent != TPM_DEVICE_INTERFACE_PTP_FIFO) && - (PtpInterfaceCurrent != TPM_DEVICE_INTERFACE_PTP_CRB)) { + PtpInterfaceCurrent = PcdGet8(PcdActiveTpmInterfaceType); + if ((PtpInterfaceCurrent != Tpm2PtpInterfaceFifo) && + (PtpInterfaceCurrent != Tpm2PtpInterfaceCrb)) { return EFI_UNSUPPORTED; } InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId); if (InterfaceId.Bits.IntfSelLock != 0) { return EFI_WRITE_PROTECTED; } switch (PtpInterface) { - case TPM_DEVICE_INTERFACE_PTP_FIFO: + case Tpm2PtpInterfaceFifo: if (InterfaceId.Bits.CapFIFO == 0) { return EFI_UNSUPPORTED; } InterfaceId.Bits.InterfaceSelector = PTP_INTERFACE_IDENTIFIER_INTERFACE_SELECTOR_FIFO; MmioWrite32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId, InterfaceId.Uint32); return EFI_SUCCESS; - case TPM_DEVICE_INTERFACE_PTP_CRB: + case Tpm2PtpInterfaceCrb: if (InterfaceId.Bits.CapCRB == 0) { return EFI_UNSUPPORTED; } InterfaceId.Bits.InterfaceSelector = PTP_INTERFACE_IDENTIFIER_INTERFACE_SELECTOR_CRB; MmioWrite32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId, InterfaceId.Uint32); @@ -820,11 +788,11 @@ InstallTcg2ConfigForm ( EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess; UINTN Index; TPML_PCR_SELECTION Pcrs; CHAR16 TempBuffer[1024]; TCG2_CONFIGURATION_INFO Tcg2ConfigInfo; - UINT8 TpmDeviceInterfaceDetected; + TPM2_PTP_INTERFACE_TYPE TpmDeviceInterfaceDetected; DriverHandle = NULL; ConfigAccess = &PrivateData->ConfigAccess; Status = gBS->InstallMultipleProtocolInterfaces ( &DriverHandle, @@ -925,35 +893,35 @@ InstallTcg2ConfigForm ( // // Update TPM device interface type // if (PrivateData->TpmDeviceDetected == TPM_DEVICE_2_0_DTPM) { - TpmDeviceInterfaceDetected = GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + TpmDeviceInterfaceDetected = PcdGet8(PcdActiveTpmInterfaceType); switch (TpmDeviceInterfaceDetected) { - case TPM_DEVICE_INTERFACE_TIS: + case Tpm2PtpInterfaceTis: HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_INTERFACE_STATE_CONTENT), L"TIS", NULL); break; - case TPM_DEVICE_INTERFACE_PTP_FIFO: + case Tpm2PtpInterfaceFifo: HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_INTERFACE_STATE_CONTENT), L"PTP FIFO", NULL); break; - case TPM_DEVICE_INTERFACE_PTP_CRB: + case Tpm2PtpInterfaceCrb: HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_INTERFACE_STATE_CONTENT), L"PTP CRB", NULL); break; default: HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_INTERFACE_STATE_CONTENT), L"Unknown", NULL); break; } Tcg2ConfigInfo.TpmDeviceInterfaceAttempt = TpmDeviceInterfaceDetected; switch (TpmDeviceInterfaceDetected) { - case TPM_DEVICE_INTERFACE_TIS: + case Tpm2PtpInterfaceTis: Tcg2ConfigInfo.TpmDeviceInterfacePtpFifoSupported = FALSE; Tcg2ConfigInfo.TpmDeviceInterfacePtpCrbSupported = FALSE; HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_INTERFACE_CAPABILITY_CONTENT), L"TIS", NULL); break; - case TPM_DEVICE_INTERFACE_PTP_FIFO: - case TPM_DEVICE_INTERFACE_PTP_CRB: + case Tpm2PtpInterfaceFifo: + case Tpm2PtpInterfaceCrb: Tcg2ConfigInfo.TpmDeviceInterfacePtpFifoSupported = IsPtpFifoSupported((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); Tcg2ConfigInfo.TpmDeviceInterfacePtpCrbSupported = IsPtpCrbSupported((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); TempBuffer[0] = 0; if (Tcg2ConfigInfo.TpmDeviceInterfacePtpFifoSupported) { if (TempBuffer[0] != 0) { diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c index c3cee834ae..fb9bcbc5d9 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c @@ -20,60 +20,10 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ #include "Tcg2Smm.h" -typedef enum { - PtpInterfaceTis, - PtpInterfaceFifo, - PtpInterfaceCrb, - PtpInterfaceMax, -} PTP_INTERFACE_TYPE; - -/** - Return PTP interface type. - - @param[in] Register Pointer to PTP register. - - @return PTP interface type. -**/ -PTP_INTERFACE_TYPE -GetPtpInterface ( - IN VOID *Register - ) -{ - PTP_CRB_INTERFACE_IDENTIFIER InterfaceId; - PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability; - - // - // Check interface id - // - InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId); - InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability); - - if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) { - return PtpInterfaceTis; - } - - if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) && - (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) && - (InterfaceId.Bits.CapCRB != 0)) { - return PtpInterfaceCrb; - } - - if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) && - (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) && - (InterfaceId.Bits.CapFIFO != 0) && - (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) { - return PtpInterfaceFifo; - } - - // - // No Ptp interface available - // - return PtpInterfaceMax; -} EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = { { EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE, sizeof (mTpm2AcpiTemplate), @@ -778,11 +728,11 @@ PublishTpm2 ( EFI_STATUS Status; EFI_ACPI_TABLE_PROTOCOL *AcpiTable; UINTN TableKey; UINT64 OemTableId; EFI_TPM2_ACPI_CONTROL_AREA *ControlArea; - PTP_INTERFACE_TYPE InterfaceType; + TPM2_PTP_INTERFACE_TYPE InterfaceType; mTpm2AcpiTemplate.Header.Revision = PcdGet8(PcdTpm2AcpiTableRev); DEBUG((DEBUG_INFO, "Tpm2 ACPI table revision is %d\n", mTpm2AcpiTemplate.Header.Revision)); // @@ -805,23 +755,23 @@ PublishTpm2 ( ACPI_DATA_LEN, &mTpm2AcpiTemplate, sizeof(mTpm2AcpiTemplate) ); - InterfaceType = GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + InterfaceType = PcdGet8(PcdActiveTpmInterfaceType); switch (InterfaceType) { - case PtpInterfaceCrb: + case Tpm2PtpInterfaceCrb: mTpm2AcpiTemplate.StartMethod = EFI_TPM2_ACPI_TABLE_START_METHOD_COMMAND_RESPONSE_BUFFER_INTERFACE; mTpm2AcpiTemplate.AddressOfControlArea = PcdGet64 (PcdTpmBaseAddress) + 0x40; ControlArea = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN)mTpm2AcpiTemplate.AddressOfControlArea; ControlArea->CommandSize = 0xF80; ControlArea->ResponseSize = 0xF80; ControlArea->Command = PcdGet64 (PcdTpmBaseAddress) + 0x80; ControlArea->Response = PcdGet64 (PcdTpmBaseAddress) + 0x80; break; - case PtpInterfaceFifo: - case PtpInterfaceTis: + case Tpm2PtpInterfaceFifo: + case Tpm2PtpInterfaceTis: break; default: DEBUG((EFI_D_ERROR, "TPM2 InterfaceType get error! %d\n", InterfaceType)); break; } diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h index 732452cb35..e3a14e8339 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h @@ -38,10 +38,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include #include #include +#include #include #pragma pack(1) typedef struct { diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf index 81f74959a4..168f9779e6 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf @@ -83,10 +83,11 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass ## SOMETIMES_CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpm2CurrentIrqNum ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PossibleIrqNumBuf ## CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## CONSUMES [Depex] gEfiAcpiTableProtocolGuid AND gEfiSmmSwDispatch2ProtocolGuid AND gEfiSmmVariableProtocolGuid AND -- 2.16.2.windows.1