SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions.

After enable storage related actions in the TcgPhysicalPresenceStorageLib, use this library to support storage related actions in this library. Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong <eric.dong@intel.com>
author: Eric Dong <eric.dong@intel.com> 2016-11-16 13:45:21 +0800
committer: Star Zeng <star.zeng@intel.com> 2016-11-21 15:37:55 +0800
commit: 509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9 (patch)
tree: 22c5912459d416b10738c0b77c447556694306e9 /SecurityPkg/Library/SmmTcg2PhysicalPresenceLib
parent: 182d8208a4b0cf52fad839ba58d6fecae35b467c (diff)
download: edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.tar.gz
edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.tar.bz2
edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.zip
2 files changed, 34 insertions, 8 deletions
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
index 039bca1293..e3f7150ee0 100644
--- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c
@@ -31,6 +31,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/BaseMemoryLib.h>
 #include <Library/Tcg2PpVendorLib.h>
 #include <Library/SmmServicesTableLib.h>
+#include <Library/TcgPhysicalPresenceStorageLib.h>
 
 EFI_SMM_VARIABLE_PROTOCOL  *mTcg2PpSmmVariable;
 
@@ -129,8 +130,10 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
     goto EXIT;
   }
 
-  if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
-      (*OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
+  if (((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
+       (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))||
+      ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE) &&
+       (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))) {
     //
     // This command requires UI to prompt user for Auth data.
     //
@@ -244,12 +247,13 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
   IN UINT32                 OperationRequest
   )
 {
-  EFI_STATUS                        Status;
-  UINTN                             DataSize;
-  EFI_TCG2_PHYSICAL_PRESENCE        PpData;
-  EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  Flags;
-  BOOLEAN                           RequestConfirmed;
-  
+  EFI_STATUS                               Status;
+  UINTN                                    DataSize;
+  EFI_TCG2_PHYSICAL_PRESENCE               PpData;
+  EFI_TCG2_PHYSICAL_PRESENCE_FLAGS         Flags;
+  UINT32                                   StorageFlags;
+  BOOLEAN                                  RequestConfirmed;
+
   DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = %x\n", OperationRequest));
 
   //
@@ -283,6 +287,11 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
     return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
   }
 
+  //
+  // Get the Physical Presence storage flags
+  //
+  StorageFlags = TcgPhysicalPresenceStorageLibReturnStorageFlags();
+
   RequestConfirmed = FALSE;
 
   switch (OperationRequest) {
@@ -318,6 +327,22 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
       RequestConfirmed = TRUE;
       break;
 
+    case TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID:
+      if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
+        RequestConfirmed = TRUE;
+      }
+      break;
+
+    case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID:
+      if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
+        RequestConfirmed = TRUE;
+      }
+      break;
+
+    case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE:
+    case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_TRUE:
+      break;
+
     default:
       if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
         RequestConfirmed = TRUE;
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
index 5fa84b1024..9c80ac1ad7 100644
--- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
@@ -46,6 +46,7 @@
   Tcg2PpVendorLib
   SmmServicesTableLib
   BaseMemoryLib
+  TcgPhysicalPresenceStorageLib
 
 [Guids]
   ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
author	Eric Dong <eric.dong@intel.com>	2016-11-16 13:45:21 +0800
committer	Star Zeng <star.zeng@intel.com>	2016-11-21 15:37:55 +0800
commit	509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9 (patch)
tree	22c5912459d416b10738c0b77c447556694306e9 /SecurityPkg/Library/SmmTcg2PhysicalPresenceLib
parent	182d8208a4b0cf52fad839ba58d6fecae35b467c (diff)
download	edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.tar.gz edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.tar.bz2 edk2-509b0fe35807d1a51a8c5bee6321a0ea7e2c17b9.zip