diff options
author | Dong Guo <guo.dong@intel.com> | 2013-09-03 07:39:26 +0000 |
---|---|---|
committer | gdong1 <gdong1@6f19259b-4bc3-4df7-8a09-765794883524> | 2013-09-03 07:39:26 +0000 |
commit | ed094569d6a1248b1b6ca6d0439e5bdf0db36aa2 (patch) | |
tree | 29dd7ec37118455cfd846eba00b792a00b2f8194 /SecurityPkg/Include | |
parent | db06c2d723ac981e4e54b5d6dd410cb23621517c (diff) | |
download | edk2-ed094569d6a1248b1b6ca6d0439e5bdf0db36aa2.tar.gz edk2-ed094569d6a1248b1b6ca6d0439e5bdf0db36aa2.tar.bz2 edk2-ed094569d6a1248b1b6ca6d0439e5bdf0db36aa2.zip |
Enhance TPM driver to protect TPM physical presence flags.
Signed-off-by: Dong Guo <guo.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ouyang, Qian <qian.ouyang@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@14619 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Include')
-rw-r--r-- | SecurityPkg/Include/Guid/PhysicalPresenceData.h | 25 |
1 files changed, 15 insertions, 10 deletions
diff --git a/SecurityPkg/Include/Guid/PhysicalPresenceData.h b/SecurityPkg/Include/Guid/PhysicalPresenceData.h index 4db20a7b16..942865784c 100644 --- a/SecurityPkg/Include/Guid/PhysicalPresenceData.h +++ b/SecurityPkg/Include/Guid/PhysicalPresenceData.h @@ -4,7 +4,7 @@ cleared after it is processed in the next boot cycle. The TPM response
is saved to variable.
-Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -29,18 +29,9 @@ typedef struct { UINT8 PPRequest; ///< Physical Presence request command.
UINT8 LastPPRequest;
UINT32 PPResponse;
- UINT8 Flags;
} EFI_PHYSICAL_PRESENCE;
//
-// The definition bit of the flags
-//
-#define FLAG_NO_PPI_PROVISION BIT0
-#define FLAG_NO_PPI_CLEAR BIT1
-#define FLAG_NO_PPI_MAINTENANCE BIT2
-#define FLAG_RESET_TRACK BIT3
-
-//
// The definition of physical presence operation actions
//
#define PHYSICAL_PRESENCE_NO_ACTION 0
@@ -67,6 +58,20 @@ typedef struct { #define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR 21
#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22
+//
+// This variable is used to save TPM Management Flags and corresponding operations.
+// It should be protected from malicious software (e.g. Set it as read-only variable).
+//
+#define PHYSICAL_PRESENCE_FLAGS_VARIABLE L"PhysicalPresenceFlags"
+
+//
+// The definition bit of the TPM Management Flags
+//
+#define FLAG_NO_PPI_PROVISION BIT0
+#define FLAG_NO_PPI_CLEAR BIT1
+#define FLAG_NO_PPI_MAINTENANCE BIT2
+#define FLAG_RESET_TRACK BIT3
+
extern EFI_GUID gEfiPhysicalPresenceGuid;
#endif
|