Make TCG2 PP version configurable to meet different request. Current default
version is 1.3.
http://www.trustedcomputinggroup.org/physical-presence-interface_1-30_0-52/
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chao Zhang <chao.b.zh...@intel.com>
---
SecurityPkg/SecurityPkg.dec | 4 ++++
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 42 ++++++++++++++++++++++++++++++++++++-
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 6 ++++++
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 1 +
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl | 4 ++--
5 files changed, 54 insertions(+), 3 deletions(-)
diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec
index f4f3174..a9da5a6 100644
--- a/SecurityPkg/SecurityPkg.dec
+++ b/SecurityPkg/SecurityPkg.dec
@@ -299,6 +299,10 @@
# @ValidList 0x80000003 | 0x010D0000
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice|0x010D0000|UINT32|0x00000007
+ ## Null-terminated string of the Version of Physical Presence interface
supported by platform.
+ # @Prompt Version of Physical Presence interface supported by platform.
+
gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|"1.3"|VOID*|0x00000008
+
[PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx]
## Indicates the presence or absence of the platform operator during
firmware booting.
# If platform operator is not physical presence during boot. TPM will be
locked and the TPM commands
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
index dab1f53..b497475 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -251,6 +251,41 @@ AssignOpRegion (
}
/**
+ Patch version string of Physical Presence interface supported by platform.
The initial string tag in TPM
+ACPI table is "$PV".
+
+ @param[in, out] Table The TPM item in ACPI table.
+ @param[in] PPVer Version string of Physical Presence interface
supported by platform.
+
+ @return The allocated address for the found region.
+
+**/
+EFI_STATUS
+UpdatePPVersion (
+ EFI_ACPI_DESCRIPTION_HEADER *Table,
+ CHAR8 *PPVer
+ )
+{
+ EFI_STATUS Status;
+ UINT8 *DataPtr;
+
+ //
+ // Patch some pointers for the ASL code before loading the SSDT.
+ //
+ for (DataPtr = (UINT8 *)(Table + 1);
+ DataPtr <= (UINT8 *) ((UINT8 *) Table + Table->Length -
PHYSICAL_PRESENCE_VERSION_SIZE);
+ DataPtr += 1) {
+ if (AsciiStrCmp(DataPtr, PHYSICAL_PRESENCE_VERSION_TAG) == 0) {
+ Status = AsciiStrCpyS(DataPtr, PHYSICAL_PRESENCE_VERSION_SIZE, PPVer);
+ DEBUG((EFI_D_INFO, "TPM2 Physical Presence Interface Version update
status 0x%x\n", Status));
+ return Status;
+ }
+ }
+
+ return EFI_NOT_FOUND;
+}
+
+/**
Initialize and publish TPM items in ACPI table.
@retval EFI_SUCCESS The TCG ACPI table is published successfully.
@@ -277,6 +312,11 @@ PublishAcpiTable (
);
ASSERT_EFI_ERROR (Status);
+ //
+ // Update Table version before measuring it to PCR
+ //
+ Status = UpdatePPVersion(Table, (CHAR8
*)PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer));
+ ASSERT_EFI_ERROR (Status);
//
// Measure to PCR[0] with event EV_POST_CODE ACPI DATA
@@ -297,7 +337,7 @@ PublishAcpiTable (
ASSERT (mTcgNvs != NULL);
//
- // Publish the TPM ACPI table
+ // Publish the TPM ACPI table. Table is re-checksumed.
//
Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **)
&AcpiTable);
ASSERT_EFI_ERROR (Status);
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
index 62374a2..fa77c9a 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -87,4 +87,10 @@ typedef struct {
#define MOR_REQUEST_SUCCESS 0
#define MOR_REQUEST_GENERAL_FAILURE 1
+//
+// Physical Presence Interface Version supported by Platform
+//
+#define PHYSICAL_PRESENCE_VERSION_TAG "$PV"
+#define PHYSICAL_PRESENCE_VERSION_SIZE 4
+
#endif // __TCG_SMM_H__
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index 0cc0cc6..0de4fce 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -72,6 +72,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ##
SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ##
SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer ## CONSUMES
[Depex]
gEfiAcpiTableProtocolGuid AND
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
index ba316cf..9ff74f7 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
@@ -2,7 +2,7 @@
The TPM2 definition block in ACPI table for TCG2 physical presence
and MemoryClear.
-Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
(c)Copyright 2016 HP Development Company, L.P.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -188,7 +188,7 @@ DefinitionBlock (
//
// a) Get Physical Presence Interface Version
//
- Return ("1.3")
+ Return ("$PV")
}
Case (2)
{
--
1.9.5.msysgit.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
