[PATCH v8 07/10] SecurityPkg/Tcg: Import Tcg2PlatformPei from edk2-platforms

public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed

From: Stefan Berger <stefanb@linux.vnet.ibm.com>
To: devel@edk2.groups.io
Cc: mhaeuser@posteo.de, spbrogan@outlook.com,
	marcandre.lureau@redhat.com, kraxel@redhat.com,
	jiewen.yao@intel.com, Stefan Berger <stefanb@linux.vnet.ibm.com>,
	Stefan Berger <stefanb@linux.ibm.com>
Subject: [PATCH v8 07/10] SecurityPkg/Tcg: Import Tcg2PlatformPei from edk2-platforms
Date: Mon, 13 Sep 2021 10:21:03 -0400	[thread overview]
Message-ID: <20210913142106.2526997-8-stefanb@linux.vnet.ibm.com> (raw)
In-Reply-To: <20210913142106.2526997-1-stefanb@linux.vnet.ibm.com>

Import Tcg2PlatformPei from edk2-platforms without any modifications.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 .../Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c     | 107 ++++++++++++++++++
 .../Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf   |  52 +++++++++
 2 files changed, 159 insertions(+)
 create mode 100644 SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c
 create mode 100644 SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf

diff --git a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c
new file mode 100644
index 0000000000..66ec75ad0e
--- /dev/null
+++ b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c
@@ -0,0 +1,107 @@
+/** @file
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/PeiServicesLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/HobLib.h>
+#include <Library/Tpm2CommandLib.h>
+#include <Library/Tpm2DeviceLib.h>
+#include <Library/TpmPlatformHierarchyLib.h>
+#include <Library/RngLib.h>
+
+#include <Ppi/EndOfPeiPhase.h>
+
+#define MAX_NEW_AUTHORIZATION_SIZE        SHA512_DIGEST_SIZE
+
+/**
+  This function handles PlatformInit task at the end of PEI
+
+  @param[in]  PeiServices  Pointer to PEI Services Table.
+  @param[in]  NotifyDesc   Pointer to the descriptor for the Notification event that
+                           caused this function to execute.
+  @param[in]  Ppi          Pointer to the PPI data associated with this function.
+
+  @retval     EFI_SUCCESS  The function completes successfully
+  @retval     others
+**/
+EFI_STATUS
+EFIAPI
+PlatformInitEndOfPei (
+  IN CONST EFI_PEI_SERVICES     **PeiServices,
+  IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
+  IN VOID                       *Ppi
+  )
+{
+  VOID *TcgEventLog;
+
+  //
+  // Try to get TcgEventLog in S3 to see if S3 error is reported.
+  //
+  TcgEventLog = GetFirstGuidHob(&gTcgEventEntryHobGuid);
+  if (TcgEventLog == NULL) {
+    TcgEventLog = GetFirstGuidHob(&gTcgEvent2EntryHobGuid);
+  }
+
+  if (TcgEventLog == NULL) {
+    //
+    // no S3 error reported
+    //
+    return EFI_SUCCESS;
+  }
+
+  //
+  // If there is S3 error on TPM_SU_STATE and success on TPM_SU_CLEAR,
+  // configure the TPM Platform Hierarchy.
+  //
+  ConfigureTpmPlatformHierarchy ();
+
+  return EFI_SUCCESS;
+}
+
+static EFI_PEI_NOTIFY_DESCRIPTOR  mEndOfPeiNotifyList = {
+  (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
+  &gEfiEndOfPeiSignalPpiGuid,
+  (EFI_PEIM_NOTIFY_ENTRY_POINT)PlatformInitEndOfPei
+};
+
+/**
+  Main entry
+
+  @param[in]  FileHandle              Handle of the file being invoked.
+  @param[in]  PeiServices             Pointer to PEI Services table.
+
+  @retval EFI_SUCCESS Install function successfully.
+
+**/
+EFI_STATUS
+EFIAPI
+Tcg2PlatformPeiEntryPoint (
+  IN       EFI_PEI_FILE_HANDLE  FileHandle,
+  IN CONST EFI_PEI_SERVICES     **PeiServices
+  )
+{
+  EFI_STATUS               Status;
+  EFI_BOOT_MODE            BootMode;
+
+  Status = PeiServicesGetBootMode (&BootMode);
+  ASSERT_EFI_ERROR(Status);
+
+  if (BootMode != BOOT_ON_S3_RESUME) {
+    return EFI_SUCCESS;
+  }
+
+  //
+  // Performing PlatformInitEndOfPei after EndOfPei PPI produced
+  //
+  Status = PeiServicesNotifyPpi (&mEndOfPeiNotifyList);
+
+  return Status;
+}
diff --git a/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
new file mode 100644
index 0000000000..579f09b940
--- /dev/null
+++ b/SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.inf
@@ -0,0 +1,52 @@
+### @file
+#
+# Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+#
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+###
+
+[Defines]
+  INF_VERSION                    = 0x00010017
+  BASE_NAME                      = Tcg2PlatformPei
+  FILE_GUID                      = 47727552-A54B-4A84-8CC1-BFF23E239636
+  VERSION_STRING                 = 1.0
+  MODULE_TYPE                    = PEIM
+  ENTRY_POINT                    = Tcg2PlatformPeiEntryPoint
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC
+#
+
+[LibraryClasses]
+  PcdLib
+  BaseMemoryLib
+  MemoryAllocationLib
+  PeiServicesLib
+  PeimEntryPoint
+  DebugLib
+  Tpm2DeviceLib
+  Tpm2CommandLib
+  TpmPlatformHierarchyLib
+  RngLib
+
+[Packages]
+  MdePkg/MdePkg.dec
+  SecurityPkg/SecurityPkg.dec
+  MinPlatformPkg/MinPlatformPkg.dec
+
+[Sources]
+  Tcg2PlatformPei.c
+
+[Guids]
+  gTcgEventEntryHobGuid
+  gTcgEvent2EntryHobGuid
+
+[Ppis]
+  gEfiEndOfPeiSignalPpiGuid
+
+[Depex]
+  gEfiTpmDeviceSelectedGuid
+
-- 
2.31.1

next prev parent reply	other threads:[~2021-09-13 14:21 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-13 14:20 [PATCH v8 00/10] Ovmf: Disable the TPM2 platform hierarchy Stefan Berger
2021-09-13 14:20 ` [PATCH v8 01/10] SecurityPkg/TPM: Import PeiDxeTpmPlatformHierarchyLib.c from edk2-platforms Stefan Berger
2021-09-13 14:20 ` [PATCH v8 02/10] SecurityPkg/TPM: Fix bugs in imported PeiDxeTpmPlatformHierarchyLib Stefan Berger
2021-09-13 14:20 ` [PATCH v8 03/10] SecrutiyPkg/Tcg: Import Tcg2PlatformDxe from edk2-platforms Stefan Berger
2021-09-13 14:21 ` [PATCH v8 04/10] SecurityPkg/Tcg: Make Tcg2PlatformDxe buildable and fix style issues Stefan Berger
2021-09-13 14:21 ` [PATCH v8 05/10] SecurityPkg: Introduce new PCD PcdRandomizePlatformHierarchy Stefan Berger
2021-09-13 14:21 ` [PATCH v8 06/10] OvmfPkg: Reference new Tcg2PlatformDxe in the build system for compilation Stefan Berger
2021-09-13 14:21 ` Stefan Berger [this message]
2021-09-13 14:21 ` [PATCH v8 08/10] SecurityPkg/Tcg: Make Tcg2PlatformPei buildable and fix style issues Stefan Berger
2021-09-13 14:21 ` [PATCH v8 09/10] OvmfPkg: Reference new Tcg2PlatformPei in the build system Stefan Berger
2021-09-13 14:21 ` [PATCH v8 10/10] SecurityPkg: Add references to header and inf files to SecurityPkg Stefan Berger
2021-09-13 16:56 ` [PATCH v8 00/10] Ovmf: Disable the TPM2 platform hierarchy Yao, Jiewen

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:66ec75ad0 dfblob:579f09b94 )
 OR (
bs:"[PATCH v8 07/10] SecurityPkg/Tcg: Import Tcg2PlatformPei from edk2-platforms" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20210913142106.2526997-8-stefanb@linux.vnet.ibm.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox