From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga07.intel.com (mga07.intel.com [134.134.136.100]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CA5CC81F22 for ; Wed, 16 Nov 2016 21:58:14 -0800 (PST) Received: from fmsmga003.fm.intel.com ([10.253.24.29]) by orsmga105.jf.intel.com with ESMTP; 16 Nov 2016 21:58:19 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,504,1473145200"; d="scan'208";a="787455128" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by FMSMGA003.fm.intel.com with ESMTP; 16 Nov 2016 21:58:19 -0800 Received: from fmsmsx112.amr.corp.intel.com (10.18.116.6) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 16 Nov 2016 21:58:19 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by FMSMSX112.amr.corp.intel.com (10.18.116.6) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 16 Nov 2016 21:58:19 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.239]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.96]) with mapi id 14.03.0248.002; Thu, 17 Nov 2016 13:58:13 +0800 From: "Zhang, Chao B" To: "Dong, Eric" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" Thread-Topic: [Patch 07/10] SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions. Thread-Index: AQHSP87/9gN32dBJTkiMtSc8e1Dnk6DcrtJQ Date: Thu, 17 Nov 2016 05:58:13 +0000 Message-ID: References: <1479276049-34308-1-git-send-email-eric.dong@intel.com> <1479276049-34308-8-git-send-email-eric.dong@intel.com> In-Reply-To: <1479276049-34308-8-git-send-email-eric.dong@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-ctpclassification: CTP_IC x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMmJlNzc1MzMtMTIyNy00ODk3LThmYWEtZGFkY2Y0NWE2OGU3IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6ImVaTFNUZ0VuYjJKbUQ4amw0cytWTkIzTThZdm53TnV0RjZEaVwvRkdiam1JPSJ9 x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch 07/10] SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Nov 2016 05:58:14 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Eric:=20 Suggest update commit log with the spec name/version of this feature Thanks & Best regards Chao Zhang -----Original Message----- From: Dong, Eric=20 Sent: Wednesday, November 16, 2016 2:01 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen; Zhang, Chao B Subject: [Patch 07/10] SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Stora= ge actions. After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Cc: Jiewen Yao Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong --- .../SmmTcg2PhysicalPresenceLib.c | 41 +++++++++++++++++-= ---- .../SmmTcg2PhysicalPresenceLib.inf | 2 ++ 2 files changed, 35 insertions(+), 8 deletions(-) diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physical= PresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physi= calPresenceLib.c index 039bca1..e3f7150 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c @@ -31,6 +31,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER= EXPRESS OR IMPLIED. #include #include #include +#include =20 EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable; =20 @@ -129,8 +130,10 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx = ( goto EXIT; } =20 - if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) && - (*OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATIO= N) ) { + if (((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) && + (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGI= N))|| + ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DIS= ABLE_BLOCK_SID_FUNC_FALSE) && + (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGI= N))) { // // This command requires UI to prompt user for Auth data. // @@ -244,12 +247,13 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunct= ion ( IN UINT32 OperationRequest ) { - EFI_STATUS Status; - UINTN DataSize; - EFI_TCG2_PHYSICAL_PRESENCE PpData; - EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags; - BOOLEAN RequestConfirmed; - =20 + EFI_STATUS Status; + UINTN DataSize; + EFI_TCG2_PHYSICAL_PRESENCE PpData; + EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags; + UINT32 StorageFlags; + BOOLEAN RequestConfirmed; + DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = =3D %x\n", OperationRequest)); =20 // @@ -283,6 +287,11 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFuncti= on ( return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION; } =20 + // + // Get the Physical Presence storage flags + // + StorageFlags =3D TcgPhysicalPresenceStorageLibReturnStorageFlags(); + RequestConfirmed =3D FALSE; =20 switch (OperationRequest) { @@ -318,6 +327,22 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFuncti= on ( RequestConfirmed =3D TRUE; break; =20 + case TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID: + if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR= _ENABLE_BLOCK_SID) =3D=3D 0) { + RequestConfirmed =3D TRUE; + } + break; + + case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID: + if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR= _DISABLE_BLOCK_SID) =3D=3D 0) { + RequestConfirmed =3D TRUE; + } + break; + + case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_= TRUE: + case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC= _TRUE: + break; + default: if (OperationRequest <=3D TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) { RequestConfirmed =3D TRUE; diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physical= PresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Phy= sicalPresenceLib.inf index 5fa84b1..a039bbc 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.inf +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.inf @@ -47,6 +47,8 @@ SmmServicesTableLib BaseMemoryLib =20 + TcgPhysicalPresenceStorageLib + [Guids] ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence" ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence" --=20 2.6.4.windows.1