* [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port
[not found] <20200406183422.37140-1-michael.kubacki@outlook.com>
@ 2020-04-06 18:34 ` Michael Kubacki
2020-04-07 22:34 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
2020-04-08 1:30 ` Guomin Jiang
2020-04-06 18:34 ` [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl Michael Kubacki
1 sibling, 2 replies; 6+ messages in thread
From: Michael Kubacki @ 2020-04-06 18:34 UTC (permalink / raw)
To: devel; +Cc: Kun Qin, Jian J Wang, Jiewen Yao, Chao Zhang
From: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416
Adds a PCD to SecurityPkg used to specify the SW SMI Command port. This
value may vary across platforms and is current hardcoded to 0xB2 in
package code.
Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
SecurityPkg/SecurityPkg.dec | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 2cdfb02cc5a2..87b1fbad8056 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -7,7 +7,7 @@
#
# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP <BR>
-# Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -272,6 +272,12 @@
# @ValidList 0x80000003 | 0x010D0000
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007
+ ## Defines the IO port used to trigger a software System Management Interrupt (SMI).<BR><BR>
+ # Used as the SMI Command IO port by security functionality that triggers a software SMI such
+ # as Physical Presence Interface (PPI).<BR>
+ # @Prompt SMI Command IO port.
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort|0xB2|UINT16|0x00000009
+
## Progress Code for FV verification result.<BR><BR>
# (EFI_SOFTWARE_PEI_MODULE | EFI_SUBCLASS_SPECIFIC | XXX)
# @Prompt Status Code for FV verification result
--
2.16.3.windows.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl
[not found] <20200406183422.37140-1-michael.kubacki@outlook.com>
2020-04-06 18:34 ` [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port Michael Kubacki
@ 2020-04-06 18:34 ` Michael Kubacki
2020-04-07 22:35 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
2020-04-08 1:29 ` Guomin Jiang
1 sibling, 2 replies; 6+ messages in thread
From: Michael Kubacki @ 2020-04-06 18:34 UTC (permalink / raw)
To: devel; +Cc: Kun Qin, Jian J Wang, Jiewen Yao, Chao Zhang
From: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416
Replaces the hardcoded value of 0xB2 with a PCD for the SMI port access
operation region. This allows platforms to customize the IO port value if
necessary.
Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 4 ++++
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 18 +++++++++---------
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 4 ++++
SecurityPkg/Tcg/TcgSmm/Tpm.asl | 17 +++++++++--------
4 files changed, 26 insertions(+), 17 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index e33cbcc49152..2ebf2e05f2ea 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -21,6 +21,7 @@
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -70,6 +71,9 @@
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiAcpiTableProtocolGuid ## CONSUMES
+[FixedPcd]
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ## CONSUMES
+
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
index 7a91708a1a34..95f9d7eae841 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
@@ -4,7 +4,7 @@
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(c)Copyright 2016 HP Development Company, L.P.<BR>
-Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
+Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -41,10 +41,10 @@ DefinitionBlock (
//
// Operational region for Smi port access
//
- OperationRegion (SMIP, SystemIO, 0xB2, 1)
+ OperationRegion (SMIP, SystemIO, FixedPcdGet16 (PcdSmiCommandIoPort), 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
- IOB2, 8
+ IOPN, 8
}
//
@@ -258,7 +258,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
}
}
Return (0)
@@ -359,7 +359,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
@@ -390,7 +390,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -422,7 +422,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
Case (8)
@@ -436,7 +436,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
@@ -475,7 +475,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
Return (MRET)
}
Default {BreakPoint}
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
index 29f9c15b0e02..9fac896dde8b 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -10,6 +10,7 @@
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -63,6 +64,9 @@
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiAcpiTableProtocolGuid ## CONSUMES
+[FixedPcd]
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ## CONSUMES
+
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
diff --git a/SecurityPkg/Tcg/TcgSmm/Tpm.asl b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
index 739067dbec03..9d5e6ddc110b 100644
--- a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
+++ b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
@@ -3,6 +3,7 @@
and MemoryClear.
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -41,10 +42,10 @@ DefinitionBlock (
//
// Operational region for Smi port access
//
- OperationRegion (SMIP, SystemIO, 0xB2, 1)
+ OperationRegion (SMIP, SystemIO, FixedPcdGet16 (PcdSmiCommandIoPort), 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
- IOB2, 8
+ IOPN, 8
}
//
@@ -96,7 +97,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
}
}
Return (0)
@@ -196,7 +197,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
@@ -227,7 +228,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -255,7 +256,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
Case (8)
@@ -269,7 +270,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
@@ -308,7 +309,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
Return (MRET)
}
Default {BreakPoint}
--
2.16.3.windows.1
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [EXTERNAL] [edk2-devel] [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port
2020-04-06 18:34 ` [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port Michael Kubacki
@ 2020-04-07 22:34 ` Bret Barkelew
2020-04-08 1:30 ` Guomin Jiang
1 sibling, 0 replies; 6+ messages in thread
From: Bret Barkelew @ 2020-04-07 22:34 UTC (permalink / raw)
To: devel@edk2.groups.io, michael.kubacki@outlook.com
Cc: Kun Qin, Jian J Wang, Jiewen Yao, Chao Zhang
[-- Attachment #1: Type: text/plain, Size: 2699 bytes --]
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
- Bret
________________________________
From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Michael Kubacki via groups.io <michael.kubacki=outlook.com@groups.io>
Sent: Monday, April 6, 2020 11:34:21 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Kun Qin <Kun.Qin@microsoft.com>; Jian J Wang <jian.j.wang@intel.com>; Jiewen Yao <jiewen.yao@intel.com>; Chao Zhang <chao.b.zhang@intel.com>
Subject: [EXTERNAL] [edk2-devel] [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port
From: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2416&data=02%7C01%7CBret.Barkelew%40microsoft.com%7Cbc0a9b59de37406bb30708d7da594167%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637217949197836672&sdata=IoTwuyyUc6ZLxHpyMCfWwtvnJb50g9bxfMoM4cl8O4s%3D&reserved=0
Adds a PCD to SecurityPkg used to specify the SW SMI Command port. This
value may vary across platforms and is current hardcoded to 0xB2 in
package code.
Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
SecurityPkg/SecurityPkg.dec | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index 2cdfb02cc5a2..87b1fbad8056 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -7,7 +7,7 @@
#
# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR>
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP <BR>
-# Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -272,6 +272,12 @@
# @ValidList 0x80000003 | 0x010D0000
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007
+ ## Defines the IO port used to trigger a software System Management Interrupt (SMI).<BR><BR>
+ # Used as the SMI Command IO port by security functionality that triggers a software SMI such
+ # as Physical Presence Interface (PPI).<BR>
+ # @Prompt SMI Command IO port.
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort|0xB2|UINT16|0x00000009
+
## Progress Code for FV verification result.<BR><BR>
# (EFI_SOFTWARE_PEI_MODULE | EFI_SUBCLASS_SPECIFIC | XXX)
# @Prompt Status Code for FV verification result
--
2.16.3.windows.1
[-- Attachment #2: Type: text/html, Size: 4884 bytes --]
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [EXTERNAL] [edk2-devel] [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl
2020-04-06 18:34 ` [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl Michael Kubacki
@ 2020-04-07 22:35 ` Bret Barkelew
2020-04-08 1:29 ` Guomin Jiang
1 sibling, 0 replies; 6+ messages in thread
From: Bret Barkelew @ 2020-04-07 22:35 UTC (permalink / raw)
To: devel@edk2.groups.io, michael.kubacki@outlook.com
Cc: Kun Qin, Jian J Wang, Jiewen Yao, Chao Zhang
[-- Attachment #1: Type: text/plain, Size: 8043 bytes --]
Reviewed-by: Bret Barkelew <bret.barkelew@microsoft.com>
- Bret
________________________________
From: devel@edk2.groups.io <devel@edk2.groups.io> on behalf of Michael Kubacki via groups.io <michael.kubacki=outlook.com@groups.io>
Sent: Monday, April 6, 2020 11:34:22 AM
To: devel@edk2.groups.io <devel@edk2.groups.io>
Cc: Kun Qin <Kun.Qin@microsoft.com>; Jian J Wang <jian.j.wang@intel.com>; Jiewen Yao <jiewen.yao@intel.com>; Chao Zhang <chao.b.zhang@intel.com>
Subject: [EXTERNAL] [edk2-devel] [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl
From: Michael Kubacki <michael.kubacki@microsoft.com>
REF:https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2416&data=02%7C01%7CBret.Barkelew%40microsoft.com%7Cf33af41d885e42621c3408d7da59482e%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637217949309605866&sdata=ThsbHop%2BGLThnYPKprw1c3DOGgGxKUIaMPVSSxNXGII%3D&reserved=0
Replaces the hardcoded value of 0xB2 with a PCD for the SMI port access
operation region. This allows platforms to customize the IO port value if
necessary.
Cc: Kun Qin <Kun.Qin@microsoft.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 4 ++++
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 18 +++++++++---------
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 4 ++++
SecurityPkg/Tcg/TcgSmm/Tpm.asl | 17 +++++++++--------
4 files changed, 26 insertions(+), 17 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index e33cbcc49152..2ebf2e05f2ea 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -21,6 +21,7 @@
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -70,6 +71,9 @@
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiAcpiTableProtocolGuid ## CONSUMES
+[FixedPcd]
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ## CONSUMES
+
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
index 7a91708a1a34..95f9d7eae841 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
@@ -4,7 +4,7 @@
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(c)Copyright 2016 HP Development Company, L.P.<BR>
-Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
+Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -41,10 +41,10 @@ DefinitionBlock (
//
// Operational region for Smi port access
//
- OperationRegion (SMIP, SystemIO, 0xB2, 1)
+ OperationRegion (SMIP, SystemIO, FixedPcdGet16 (PcdSmiCommandIoPort), 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
- IOB2, 8
+ IOPN, 8
}
//
@@ -258,7 +258,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
}
}
Return (0)
@@ -359,7 +359,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
@@ -390,7 +390,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -422,7 +422,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
Case (8)
@@ -436,7 +436,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
@@ -475,7 +475,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
Return (MRET)
}
Default {BreakPoint}
diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
index 29f9c15b0e02..9fac896dde8b 100644
--- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
+++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
@@ -10,6 +10,7 @@
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
@@ -63,6 +64,9 @@
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiAcpiTableProtocolGuid ## CONSUMES
+[FixedPcd]
+ gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ## CONSUMES
+
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
diff --git a/SecurityPkg/Tcg/TcgSmm/Tpm.asl b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
index 739067dbec03..9d5e6ddc110b 100644
--- a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
+++ b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
@@ -3,6 +3,7 @@
and MemoryClear.
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -41,10 +42,10 @@ DefinitionBlock (
//
// Operational region for Smi port access
//
- OperationRegion (SMIP, SystemIO, 0xB2, 1)
+ OperationRegion (SMIP, SystemIO, FixedPcdGet16 (PcdSmiCommandIoPort), 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
- IOB2, 8
+ IOPN, 8
}
//
@@ -96,7 +97,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
}
}
Return (0)
@@ -196,7 +197,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
@@ -227,7 +228,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -255,7 +256,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
Case (8)
@@ -269,7 +270,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (PPIN, IOB2)
+ Store (PPIN, IOPN)
Return (FRET)
}
@@ -308,7 +309,7 @@ DefinitionBlock (
//
// Trigger the SMI interrupt
//
- Store (MCIN, IOB2)
+ Store (MCIN, IOPN)
Return (MRET)
}
Default {BreakPoint}
--
2.16.3.windows.1
[-- Attachment #2: Type: text/html, Size: 17994 bytes --]
^ permalink raw reply related [flat|nested] 6+ messages in thread
* Re: [edk2-devel] [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl
2020-04-06 18:34 ` [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl Michael Kubacki
2020-04-07 22:35 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
@ 2020-04-08 1:29 ` Guomin Jiang
1 sibling, 0 replies; 6+ messages in thread
From: Guomin Jiang @ 2020-04-08 1:29 UTC (permalink / raw)
To: devel@edk2.groups.io, michael.kubacki@outlook.com
Cc: Kun Qin, Wang, Jian J, Yao, Jiewen, Zhang, Chao B
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael
> Kubacki
> Sent: Tuesday, April 7, 2020 2:34 AM
> To: devel@edk2.groups.io
> Cc: Kun Qin <Kun.Qin@microsoft.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Zhang,
> Chao B <chao.b.zhang@intel.com>
> Subject: [edk2-devel] [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port
> PCD in Tpm.asl
>
> From: Michael Kubacki <michael.kubacki@microsoft.com>
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416
>
> Replaces the hardcoded value of 0xB2 with a PCD for the SMI port access
> operation region. This allows platforms to customize the IO port value if
> necessary.
>
> Cc: Kun Qin <Kun.Qin@microsoft.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
> ---
> SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 4 ++++
> SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 18 +++++++++---------
> SecurityPkg/Tcg/TcgSmm/TcgSmm.inf | 4 ++++
> SecurityPkg/Tcg/TcgSmm/Tpm.asl | 17 +++++++++--------
> 4 files changed, 26 insertions(+), 17 deletions(-)
>
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
> b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
> index e33cbcc49152..2ebf2e05f2ea 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
> @@ -21,6 +21,7 @@
> # This external input must be validated carefully to avoid security issue.
> #
> # Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) Microsoft Corporation.<BR>
> # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -70,6 +71,9 @@
> gEfiSmmVariableProtocolGuid ## CONSUMES
> gEfiAcpiTableProtocolGuid ## CONSUMES
>
> +[FixedPcd]
> + gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ##
> CONSUMES
> +
> [Pcd]
> gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ##
> CONSUMES
> gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ##
> SOMETIMES_CONSUMES
> diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl index 7a91708a1a34..95f9d7eae841
> 100644
> --- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> +++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
> @@ -4,7 +4,7 @@
>
> Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
> (c)Copyright 2016 HP Development Company, L.P.<BR> -Copyright (c) 2017,
> Microsoft Corporation. All rights reserved. <BR>
> +Copyright (c) Microsoft Corporation.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -41,10 +41,10 @@ DefinitionBlock (
> //
> // Operational region for Smi port access
> //
> - OperationRegion (SMIP, SystemIO, 0xB2, 1)
> + OperationRegion (SMIP, SystemIO, FixedPcdGet16
> + (PcdSmiCommandIoPort), 1)
> Field (SMIP, ByteAcc, NoLock, Preserve)
> {
> - IOB2, 8
> + IOPN, 8
> }
>
> //
> @@ -258,7 +258,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (MCIN, IOB2)
> + Store (MCIN, IOPN)
> }
> }
> Return (0)
> @@ -359,7 +359,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
> Return (FRET)
>
>
> @@ -390,7 +390,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
>
> Store (LPPR, Index (TPM3, 0x01))
> Store (PPRP, Index (TPM3, 0x02)) @@ -422,7 +422,7 @@
> DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
> Return (FRET)
> }
> Case (8)
> @@ -436,7 +436,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
>
> Return (FRET)
> }
> @@ -475,7 +475,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (MCIN, IOB2)
> + Store (MCIN, IOPN)
> Return (MRET)
> }
> Default {BreakPoint}
> diff --git a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> index 29f9c15b0e02..9fac896dde8b 100644
> --- a/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> +++ b/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
> @@ -10,6 +10,7 @@
> # This external input must be validated carefully to avoid security issue.
> #
> # Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
> +# Copyright (c) Microsoft Corporation.<BR>
> # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -63,6 +64,9 @@
> gEfiSmmVariableProtocolGuid ## CONSUMES
> gEfiAcpiTableProtocolGuid ## CONSUMES
>
> +[FixedPcd]
> + gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort ## CONSUMES
> +
> [Pcd]
> gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
> gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ##
> SOMETIMES_CONSUMES
> diff --git a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> b/SecurityPkg/Tcg/TcgSmm/Tpm.asl index 739067dbec03..9d5e6ddc110b
> 100644
> --- a/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> +++ b/SecurityPkg/Tcg/TcgSmm/Tpm.asl
> @@ -3,6 +3,7 @@
> and MemoryClear.
>
> Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
> +Copyright (c) Microsoft Corporation.<BR>
> SPDX-License-Identifier: BSD-2-Clause-Patent
>
> **/
> @@ -41,10 +42,10 @@ DefinitionBlock (
> //
> // Operational region for Smi port access
> //
> - OperationRegion (SMIP, SystemIO, 0xB2, 1)
> + OperationRegion (SMIP, SystemIO, FixedPcdGet16
> + (PcdSmiCommandIoPort), 1)
> Field (SMIP, ByteAcc, NoLock, Preserve)
> {
> - IOB2, 8
> + IOPN, 8
> }
>
> //
> @@ -96,7 +97,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (MCIN, IOB2)
> + Store (MCIN, IOPN)
> }
> }
> Return (0)
> @@ -196,7 +197,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
> Return (FRET)
>
>
> @@ -227,7 +228,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
>
> Store (LPPR, Index (TPM3, 0x01))
> Store (PPRP, Index (TPM3, 0x02)) @@ -255,7 +256,7 @@
> DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
> Return (FRET)
> }
> Case (8)
> @@ -269,7 +270,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (PPIN, IOB2)
> + Store (PPIN, IOPN)
>
> Return (FRET)
> }
> @@ -308,7 +309,7 @@ DefinitionBlock (
> //
> // Trigger the SMI interrupt
> //
> - Store (MCIN, IOB2)
> + Store (MCIN, IOPN)
> Return (MRET)
> }
> Default {BreakPoint}
> --
> 2.16.3.windows.1
>
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
* Re: [edk2-devel] [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port
2020-04-06 18:34 ` [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port Michael Kubacki
2020-04-07 22:34 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
@ 2020-04-08 1:30 ` Guomin Jiang
1 sibling, 0 replies; 6+ messages in thread
From: Guomin Jiang @ 2020-04-08 1:30 UTC (permalink / raw)
To: devel@edk2.groups.io, michael.kubacki@outlook.com
Cc: Kun Qin, Wang, Jian J, Yao, Jiewen, Zhang, Chao B
Reviewed-by: Guomin Jiang <guomin.jiang@intel.com>
> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Michael
> Kubacki
> Sent: Tuesday, April 7, 2020 2:34 AM
> To: devel@edk2.groups.io
> Cc: Kun Qin <Kun.Qin@microsoft.com>; Wang, Jian J
> <jian.j.wang@intel.com>; Yao, Jiewen <jiewen.yao@intel.com>; Zhang,
> Chao B <chao.b.zhang@intel.com>
> Subject: [edk2-devel] [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI
> Command port
>
> From: Michael Kubacki <michael.kubacki@microsoft.com>
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2416
>
> Adds a PCD to SecurityPkg used to specify the SW SMI Command port. This
> value may vary across platforms and is current hardcoded to 0xB2 in package
> code.
>
> Cc: Kun Qin <Kun.Qin@microsoft.com>
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Chao Zhang <chao.b.zhang@intel.com>
> Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
> ---
> SecurityPkg/SecurityPkg.dec | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index
> 2cdfb02cc5a2..87b1fbad8056 100644
> --- a/SecurityPkg/SecurityPkg.dec
> +++ b/SecurityPkg/SecurityPkg.dec
> @@ -7,7 +7,7 @@
> #
> # Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.<BR> # (C)
> Copyright 2015 Hewlett Packard Enterprise Development LP <BR> -#
> Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
> +# Copyright (c) Microsoft Corporation.<BR>
> # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -272,6 +272,12
> @@
> # @ValidList 0x80000003 | 0x010D0000
>
> gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D
> 0000|UINT32|0x00000007
>
> + ## Defines the IO port used to trigger a software System Management
> + Interrupt (SMI).<BR><BR> # Used as the SMI Command IO port by
> + security functionality that triggers a software SMI such # as
> + Physical Presence Interface (PPI).<BR> # @Prompt SMI Command IO port.
> +
> +
> gEfiSecurityPkgTokenSpaceGuid.PcdSmiCommandIoPort|0xB2|UINT16|0x00
> 0000
> + 09
> +
> ## Progress Code for FV verification result.<BR><BR>
> # (EFI_SOFTWARE_PEI_MODULE | EFI_SUBCLASS_SPECIFIC | XXX)
> # @Prompt Status Code for FV verification result
> --
> 2.16.3.windows.1
>
>
>
^ permalink raw reply [flat|nested] 6+ messages in thread
end of thread, other threads:[~2020-04-08 1:30 UTC | newest]
Thread overview: 6+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <20200406183422.37140-1-michael.kubacki@outlook.com>
2020-04-06 18:34 ` [PATCH v1 1/2] SecurityPkg: Add PCD for SW SMI Command port Michael Kubacki
2020-04-07 22:34 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
2020-04-08 1:30 ` Guomin Jiang
2020-04-06 18:34 ` [PATCH v1 2/2] SecurityPkg Tcg: Use SW SMI IO port PCD in Tpm.asl Michael Kubacki
2020-04-07 22:35 ` [EXTERNAL] [edk2-devel] " Bret Barkelew
2020-04-08 1:29 ` Guomin Jiang
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox