From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 by mx.groups.io with SMTP id smtpd.web09.28337.1655717789581811779
 for <devel@edk2.groups.io>;
 Mon, 20 Jun 2022 02:36:31 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=FTAHkaSo;
 spf=pass (domain: intel.com, ip: 192.55.52.93, mailfrom: zhihao.li@intel.com)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1655717791; x=1687253791;
  h=from:to:cc:subject:date:message-id:in-reply-to:
   references:mime-version:content-transfer-encoding;
  bh=go/O7fZz1kNJ+34/KUjSGhj8w/wM01sf1iowJI7UKic=;
  b=FTAHkaSoqg58dQUM5vqg6SXbJodnEVEnaEoft5ryI48gJEwhh0vJoYtC
   7+npxTZdr13MkY6DBTLw39WPWbrk1tIrAGjd7qApl7Mbbt10M7tWMU+ka
   0ptJ+uHjdr+2bXurP2ooX9ITiKTRP4y40DNyhrxaebMcSciO+uDFeWnOR
   kQMwaxUA9DIL1NW1AAI+myvSAwyv2Wm3y7JGJjhuIUyZP6e8Ne9O8ppF0
   mXNeCMFt8sYtw/+JR3Bi2pDzoQa7a3BzZMNWnQO7dMzmu70uus/vhaNJy
   WMmPpuWQ2E448hBWGfA7xYyLUceTZLfHWegiG2rZZ/dFbMRqHPp1kjmdC
   Q==;
X-IronPort-AV: E=McAfee;i="6400,9594,10380"; a="277399474"
X-IronPort-AV: E=Sophos;i="5.92,306,1650956400"; 
   d="scan'208";a="277399474"
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
  by fmsmga102.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 20 Jun 2022 02:36:28 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.92,306,1650956400"; 
   d="scan'208";a="654595305"
Received: from sep081ff3625096.sh.intel.com (HELO win_li.ccr.corp.intel.com) ([10.239.157.34])
  by fmsmga004.fm.intel.com with ESMTP; 20 Jun 2022 02:36:26 -0700
From: "Li, Zhihao" <zhihao.li@intel.com>
To: devel@edk2.groups.io
Cc: Jiewen Yao <jiewen.yao@intel.com>,
	Jian J Wang <jian.j.wang@intel.com>,
	Rahul Kumar <rahul1.kumar@intel.com>,
	Qi Zhang <qi1.zhang@intel.com>
Subject: [PATCH v1 1/1] SecurityPkg: use SmmWaitForAllProcessor in TcgSmm and Tcg2Smm driver.
Date: Mon, 20 Jun 2022 17:36:15 +0800
Message-Id: <20220620093615.1535-7-zhihao.li@intel.com>
X-Mailer: git-send-email 2.26.2.windows.1
In-Reply-To: <20220620093615.1535-1-zhihao.li@intel.com>
References: <20220620093615.1535-1-zhihao.li@intel.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

From: Zhihao Li <zhihao.li@intel.com>

REF=EF=BC=9A https://bugzilla.tianocore.org/show_bug.cgi?id=3D3855

In UefiCpuPkg, there are a new Protocol with the new service
SmmWaitForAllProcessor(), which can be used by SMI handler
to optionally wait for other APs to complete SMM rendezvous in
relaxed AP mode.

This patch use the new service to let TcgSmm and Tcg2Smm driver work
normally in relaxed AP mode.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>

Signed-off-by: Zhihao Li <zhihao.li@intel.com>
---
 SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c            | 21 ++++++++++++++++++--
 SecurityPkg/Tcg/TcgSmm/TcgSmm.c              | 15 ++++++++++++--
 SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h            |  3 ++-
 SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf          |  3 ++-
 SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf |  1 +
 SecurityPkg/Tcg/TcgSmm/TcgSmm.h              |  3 ++-
 SecurityPkg/Tcg/TcgSmm/TcgSmm.inf            |  3 ++-
 7 files changed, 41 insertions(+), 8 deletions(-)

diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tc=
g2Smm.c
index 498fb626bd9c..4367102fbd49 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -9,7 +9,7 @@
 =0D
   PhysicalPresenceCallback() and MemoryClearCallback() will receive untrus=
ted input and do some check.=0D
 =0D
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 Copyright (c) Microsoft Corporation.=0D
 SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 =0D
@@ -42,6 +42,7 @@ EFI_HANDLE                 mReadyToLockHandle;
                                     should still be called.=0D
   @retval EFI_UNSUPPORTED           An unknown test function was requested=
.=0D
   @retval EFI_ACCESS_DENIED         Part of the communication buffer lies =
in an invalid region.=0D
+  @retval EFI_ABORTED               Fail to wait for all AP check in SMM.=
=0D
 =0D
 **/=0D
 EFI_STATUS=0D
@@ -78,6 +79,11 @@ TpmNvsCommunciate (
     return EFI_ACCESS_DENIED;=0D
   }=0D
 =0D
+  if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {=0D
+    DEBUG ((DEBUG_ERROR, "TpmNvsCommunciate: fail to wait for all AP check=
 in SMM!\n"));=0D
+    return EFI_ABORTED;=0D
+  }=0D
+=0D
   //=0D
   // Farm out the job to individual functions based on what was requested.=
=0D
   //=0D
@@ -116,7 +122,7 @@ TpmNvsCommunciate (
   @param[in, out] CommBufferSize  The size of the CommBuffer.=0D
 =0D
   @retval EFI_SUCCESS             The interrupt was handled successfully.=
=0D
-=0D
+  @retval EFI_ABORTED             Fail to wait for all AP check in SMM.=0D
 **/=0D
 EFI_STATUS=0D
 EFIAPI=0D
@@ -132,6 +138,11 @@ PhysicalPresenceCallback (
   UINT32  OperationRequest;=0D
   UINT32  RequestParameter;=0D
 =0D
+  if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {=0D
+    DEBUG ((DEBUG_ERROR, "TpmPhysicalPresent: fail to wait for all AP chec=
k in SMM!\n"));=0D
+    return EFI_ABORTED;=0D
+  }=0D
+=0D
   if (mTcgNvs->PhysicalPresence.Parameter =3D=3D TCG_ACPI_FUNCTION_RETURN_=
REQUEST_RESPONSE_TO_OS) {=0D
     mTcgNvs->PhysicalPresence.ReturnCode =3D Tcg2PhysicalPresenceLibReturn=
OperationResponseToOsFunction (=0D
                                              &MostRecentRequest,=0D
@@ -173,6 +184,7 @@ PhysicalPresenceCallback (
   @param[in, out] CommBufferSize  The size of the CommBuffer.=0D
 =0D
   @retval EFI_SUCCESS             The interrupt was handled successfully.=
=0D
+  @retval EFI_ABORTED             Fail to wait for all AP check in SMM.=0D
 =0D
 **/=0D
 EFI_STATUS=0D
@@ -217,6 +229,11 @@ MemoryClearCallback (
     return EFI_SUCCESS;=0D
   }=0D
 =0D
+  if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {=0D
+    DEBUG ((DEBUG_ERROR, "TpmMemoryClear: fail to wait for all AP check in=
 SMM!\n"));=0D
+    return EFI_ABORTED;=0D
+  }=0D
+=0D
   DataSize =3D sizeof (UINT8);=0D
   Status   =3D mSmmVariable->SmmSetVariable (=0D
                              MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,=0D
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c b/SecurityPkg/Tcg/TcgSmm/TcgSm=
m.c
index 96327a483ba9..e91567ca3169 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
@@ -8,7 +8,7 @@
 =0D
   PhysicalPresenceCallback() and MemoryClearCallback() will receive untrus=
ted input and do some check.=0D
 =0D
-Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 =0D
 **/=0D
@@ -33,7 +33,7 @@ TCG_NVS                    *mTcgNvs;
   @param[in, out] CommBufferSize  The size of the CommBuffer.=0D
 =0D
   @retval EFI_SUCCESS             The interrupt was handled successfully.=
=0D
-=0D
+  @retval EFI_ABORTED             Fail to wait for all AP check in SMM.=0D
 **/=0D
 EFI_STATUS=0D
 EFIAPI=0D
@@ -92,6 +92,11 @@ PhysicalPresenceCallback (
       return EFI_SUCCESS;=0D
     }=0D
 =0D
+    if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {=0D
+      DEBUG ((DEBUG_ERROR, "TPMPhysicalPresent: fail to wait for all AP ch=
eck in SMM!\n"));=0D
+      return EFI_ABORTED;=0D
+    }=0D
+=0D
     if (PpData.PPRequest !=3D mTcgNvs->PhysicalPresence.Request) {=0D
       PpData.PPRequest =3D (UINT8)mTcgNvs->PhysicalPresence.Request;=0D
       DataSize         =3D sizeof (EFI_PHYSICAL_PRESENCE);=0D
@@ -238,6 +243,7 @@ PhysicalPresenceCallback (
   @param[in, out] CommBufferSize  The size of the CommBuffer.=0D
 =0D
   @retval EFI_SUCCESS             The interrupt was handled successfully.=
=0D
+  @retval EFI_ABORTED             Fail to wait for all AP check in SMM.=0D
 =0D
 **/=0D
 EFI_STATUS=0D
@@ -282,6 +288,11 @@ MemoryClearCallback (
     return EFI_SUCCESS;=0D
   }=0D
 =0D
+  if (EFI_ERROR (SmmWaitForAllProcessor (TRUE))) {=0D
+    DEBUG ((DEBUG_ERROR, " TpmMemoryClear: fail to wait for all AP check i=
n SMM!\n"));=0D
+    return EFI_ABORTED;=0D
+  }=0D
+=0D
   DataSize =3D sizeof (UINT8);=0D
   Status   =3D mSmmVariable->SmmSetVariable (=0D
                              MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,=0D
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tc=
g2Smm.h
index 84b65eb0897c..c0c0e9d91aeb 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -1,7 +1,7 @@
 /** @file=0D
   The header file for Tcg2 SMM driver.=0D
 =0D
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 Copyright (c) Microsoft Corporation.=0D
 SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 =0D
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/IoLib.h>=0D
 #include <Library/PcdLib.h>=0D
 #include <Library/Tpm2DeviceLib.h>=0D
+#include <Library/SmmCpuRendezvousLib.h>=0D
 =0D
 #include <IndustryStandard/TpmPtp.h>=0D
 =0D
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/=
Tcg2Smm.inf
index 096338d0ef47..10b0629d506b 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -20,7 +20,7 @@
 #  This driver will have external input - variable and ACPINvs data in SMM=
 mode.=0D
 #  This external input must be validated carefully to avoid security issue=
.=0D
 #=0D
-# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>=0D
+# Copyright (c) 2015 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 # Copyright (c) Microsoft Corporation.<BR>=0D
 # SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -59,6 +59,7 @@ [LibraryClasses]
   Tcg2PhysicalPresenceLib=0D
   PcdLib=0D
   SmmMemLib=0D
+  SmmCpuRendezvousLib=0D
 =0D
 [Guids]=0D
   ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"=0D
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg=
/Tcg2Smm/Tcg2StandaloneMm.inf
index 746eda3e9fed..6cf74803a12d 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf
@@ -55,6 +55,7 @@ [LibraryClasses]
   Tcg2PhysicalPresenceLib=0D
   PcdLib=0D
   MemLib=0D
+  SmmCpuRendezvousLib=0D
 =0D
 [Guids]=0D
   ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"=0D
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h b/SecurityPkg/Tcg/TcgSmm/TcgSm=
m.h
index e348ad105499..dcc85ee3efbc 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
@@ -1,7 +1,7 @@
 /** @file=0D
   The header file for TCG SMM driver.=0D
 =0D
-Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+Copyright (c) 2012 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 =0D
 **/=0D
@@ -31,6 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/TpmMeasurementLib.h>=0D
 #include <Library/PcdLib.h>=0D
 #include <Library/TcgPpVendorLib.h>=0D
+#include <Library/SmmCpuRendezvousLib.h>=0D
 =0D
 #pragma pack(1)=0D
 typedef struct {=0D
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/Tcg=
Smm.inf
index 9fac896dde8b..1d0f1c9170d4 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -9,7 +9,7 @@
 #  This driver will have external input - variable and ACPINvs data in SMM=
 mode.=0D
 #  This external input must be validated carefully to avoid security issue=
.=0D
 #=0D
-# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>=0D
+# Copyright (c) 2011 - 2022, Intel Corporation. All rights reserved.<BR>=0D
 # Copyright (c) Microsoft Corporation.<BR>=0D
 # SPDX-License-Identifier: BSD-2-Clause-Patent=0D
 #=0D
@@ -46,6 +46,7 @@ [LibraryClasses]
   TpmMeasurementLib=0D
   PcdLib=0D
   TcgPpVendorLib=0D
+  SmmCpuRendezvousLib=0D
 =0D
 [Guids]=0D
   ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"=0D
--=20
2.26.2.windows.1