* [PATCH v2] SecurityPkg: Change default value source
@ 2020-05-15 8:27 Maggie Chu
2020-05-16 3:20 ` Yao, Jiewen
0 siblings, 1 reply; 2+ messages in thread
From: Maggie Chu @ 2020-05-15 8:27 UTC (permalink / raw)
To: devel; +Cc: Eric Dong, Jian J Wang, Chao Zhang, Jiewen Yao
https://bugzilla.tianocore.org/show_bug.cgi?id=2713
In current code, If TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE variable
is not exist, code will get default value from two places.
This fix is to make the default value comes from the PCD
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags
Signed-off-by: Maggie Chu <maggie.chu@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
---
v2 change:
Change patch title.
.../Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 2 +-
.../Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c | 2 +-
.../PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf | 3 +++
.../Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c | 5 ++++-
.../SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf | 1 +
5 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
index 80e2e37bf4..bf793555aa 100644
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
@@ -1228,7 +1228,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags (
&PpiFlags
);
if (EFI_ERROR (Status)) {
- PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
+ PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
}
return PpiFlags.PPFlags;
}
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
index a111351516..a2c157d8a7 100644
--- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
@@ -47,7 +47,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags (
&PpiFlags
);
if (EFI_ERROR (Status)) {
- PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
+ PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
}
return PpiFlags.PPFlags;
}
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf
index d34f232022..11ebaa9263 100644
--- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf
@@ -43,5 +43,8 @@
[Ppis]
gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
+[Pcd]
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOMETIMES_CONSUMES
+
[Depex]
gEfiPeiReadOnlyVariable2PpiGuid
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
index 3827df9663..08ef5416d8 100644
--- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable;
BOOLEAN mIsTcg2PPVerLowerThan_1_3 = FALSE;
+UINT32 mTcg2PhysicalPresenceFlags;
/**
The handler for TPM physical presence function:
@@ -162,7 +163,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
&Flags
);
if (EFI_ERROR (Status)) {
- Flags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
+ Flags.PPFlags = mTcg2PhysicalPresenceFlags;
}
ReturnCode = Tcg2PpVendorLibSubmitRequestToPreOSFunction (*OperationRequest, Flags.PPFlags, *RequestParameter);
}
@@ -396,5 +397,7 @@ Tcg2PhysicalPresenceLibConstructor (
Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mTcg2PpSmmVariable);
ASSERT_EFI_ERROR (Status);
+ mTcg2PhysicalPresenceFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
+
return EFI_SUCCESS;
}
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
index e0e5fef5f1..1f40629e3b 100644
--- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
@@ -50,6 +50,7 @@
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOMETIMES_CONSUMES
[Depex]
gEfiSmmVariableProtocolGuid
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v2] SecurityPkg: Change default value source
2020-05-15 8:27 [PATCH v2] SecurityPkg: Change default value source Maggie Chu
@ 2020-05-16 3:20 ` Yao, Jiewen
0 siblings, 0 replies; 2+ messages in thread
From: Yao, Jiewen @ 2020-05-16 3:20 UTC (permalink / raw)
To: Chu, Maggie, devel@edk2.groups.io; +Cc: Dong, Eric, Wang, Jian J, Zhang, Chao B
Looks good to me.
Then can we remove TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT definition ?
It seems no longer useful.
Thank you
Yao Jiewen
> -----Original Message-----
> From: Chu, Maggie <maggie.chu@intel.com>
> Sent: Friday, May 15, 2020 4:28 PM
> To: devel@edk2.groups.io
> Cc: Dong, Eric <eric.dong@intel.com>; Wang, Jian J <jian.j.wang@intel.com>;
> Zhang, Chao B <chao.b.zhang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>
> Subject: [PATCH v2] SecurityPkg: Change default value source
>
> https://bugzilla.tianocore.org/show_bug.cgi?id=2713
> In current code, If TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE variable
> is not exist, code will get default value from two places.
> This fix is to make the default value comes from the PCD
> gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags
>
> Signed-off-by: Maggie Chu <maggie.chu@intel.com>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> ---
> v2 change:
> Change patch title.
>
> .../Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 2 +-
> .../Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c | 2 +-
> .../PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf | 3 +++
> .../Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c | 5
> ++++-
> .../SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf | 1 +
> 5 files changed, 10 insertions(+), 3 deletions(-)
>
> diff --git
> a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib
> .c
> b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib
> .c
> index 80e2e37bf4..bf793555aa 100644
> ---
> a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib
> .c
> +++
> b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib
> .c
> @@ -1228,7 +1228,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags (
> &PpiFlags
>
> );
>
> if (EFI_ERROR (Status)) {
>
> - PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT |
> TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
>
> + PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
>
> }
>
> return PpiFlags.PPFlags;
>
> }
>
> diff --git
> a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
> b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
> index a111351516..a2c157d8a7 100644
> ---
> a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
> +++
> b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c
> @@ -47,7 +47,7 @@ Tcg2PhysicalPresenceLibGetManagementFlags (
> &PpiFlags
>
> );
>
> if (EFI_ERROR (Status)) {
>
> - PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT |
> TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
>
> + PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
>
> }
>
> return PpiFlags.PPFlags;
>
> }
>
> diff --git
> a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.i
> nf
> b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.i
> nf
> index d34f232022..11ebaa9263 100644
> ---
> a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.i
> nf
> +++
> b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.i
> nf
> @@ -43,5 +43,8 @@
> [Ppis]
>
> gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
>
>
>
> +[Pcd]
>
> + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ##
> SOMETIMES_CONSUMES
>
> +
>
> [Depex]
>
> gEfiPeiReadOnlyVariable2PpiGuid
>
> diff --git
> a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.c
> b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.c
> index 3827df9663..08ef5416d8 100644
> ---
> a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.c
> +++
> b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.c
> @@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
>
>
> EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable;
>
> BOOLEAN mIsTcg2PPVerLowerThan_1_3 = FALSE;
>
> +UINT32 mTcg2PhysicalPresenceFlags;
>
>
>
> /**
>
> The handler for TPM physical presence function:
>
> @@ -162,7 +163,7 @@
> Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
> &Flags
>
> );
>
> if (EFI_ERROR (Status)) {
>
> - Flags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT |
> TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT;
>
> + Flags.PPFlags = mTcg2PhysicalPresenceFlags;
>
> }
>
> ReturnCode = Tcg2PpVendorLibSubmitRequestToPreOSFunction
> (*OperationRequest, Flags.PPFlags, *RequestParameter);
>
> }
>
> @@ -396,5 +397,7 @@ Tcg2PhysicalPresenceLibConstructor (
> Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL,
> (VOID**)&mTcg2PpSmmVariable);
>
> ASSERT_EFI_ERROR (Status);
>
>
>
> + mTcg2PhysicalPresenceFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
>
> +
>
> return EFI_SUCCESS;
>
> }
>
> diff --git
> a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.inf
> b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.inf
> index e0e5fef5f1..1f40629e3b 100644
> ---
> a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.inf
> +++
> b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresence
> Lib.inf
> @@ -50,6 +50,7 @@
>
>
> [Pcd]
>
> gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ##
> CONSUMES
>
> + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ##
> SOMETIMES_CONSUMES
>
>
>
> [Depex]
>
> gEfiSmmVariableProtocolGuid
>
> --
> 2.16.2.windows.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-05-16 3:20 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2020-05-15 8:27 [PATCH v2] SecurityPkg: Change default value source Maggie Chu
2020-05-16 3:20 ` Yao, Jiewen
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox