diff options
| author | Dun Tan <dun.tan@intel.com> | 2024-05-24 17:03:02 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2024-07-02 03:31:31 +0000 |
| commit | 97ede07beb5eb09b1e3fe09c9ce0137a7425dc1e (patch) | |
| tree | 8f73c27e61949aca867944be54a6ee94c676e67f /SecurityPkg/Tcg | |
| parent | cb38d27f1dbbd787d3606f6314b5f33a5cb86646 (diff) | |
| download | edk2-97ede07beb5eb09b1e3fe09c9ce0137a7425dc1e.tar.gz edk2-97ede07beb5eb09b1e3fe09c9ce0137a7425dc1e.tar.bz2 edk2-97ede07beb5eb09b1e3fe09c9ce0137a7425dc1e.zip | |
SecurityPkg/Tcg2StandaloneMm:Consume gEdkiiTpmInstanceHobGuid
Consume gEdkiiTpmInstanceHobGuid in Tcg2StandaloneMm
driver. It's to avoid using dynamic PcdTpmInstanceGuid
in StandaloneMm driver.
Signed-off-by: Dun Tan <dun.tan@intel.com>
Diffstat (limited to 'SecurityPkg/Tcg')
| -rw-r--r-- | SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 4 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h | 13 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c | 30 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf | 7 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c | 16 |
5 files changed, 61 insertions, 9 deletions
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c index c47c582cc8..c2cef764e0 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c @@ -9,7 +9,7 @@ PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -285,7 +285,7 @@ InitializeTcgCommon ( EFI_HANDLE McSwHandle;
EFI_HANDLE NotifyHandle;
- if (!CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm20DtpmGuid)) {
+ if (!IsTpm20Dtpm ()) {
DEBUG ((DEBUG_ERROR, "No TPM2 DTPM instance required!\n"));
return EFI_UNSUPPORTED;
}
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h index 84b65eb089..3672db939b 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h @@ -1,7 +1,7 @@ /** @file
The header file for Tcg2 SMM driver.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -84,4 +84,15 @@ InitializeTcgCommon ( VOID
);
+/**
+ This function checks if the required DTPM instance is TPM 2.0.
+
+ @retval TRUE The required DTPM instance is equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+ @retval FALSE The required DTPM instance is not equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+**/
+BOOLEAN
+IsTpm20Dtpm (
+ VOID
+ );
+
#endif // __TCG_SMM_H__
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c index 77fa3691f4..9320053224 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c @@ -9,7 +9,7 @@ PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -17,6 +17,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "Tcg2Smm.h"
#include <Library/StandaloneMmMemLib.h>
+#include <Library/HobLib.h>
/**
Notify the system that the SMM variable driver is ready.
@@ -48,6 +49,33 @@ IsBufferOutsideMmValid ( }
/**
+ This function checks if the required DTPM instance is TPM 2.0.
+
+ @retval TRUE The required DTPM instance is equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+ @retval FALSE The required DTPM instance is not equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+**/
+BOOLEAN
+IsTpm20Dtpm (
+ VOID
+ )
+{
+ VOID *GuidHob;
+
+ GuidHob = GetFirstGuidHob (&gEdkiiTpmInstanceHobGuid);
+ if (GuidHob != NULL) {
+ if (CompareGuid ((EFI_GUID *)GET_GUID_HOB_DATA (GuidHob), &gEfiTpmDeviceInstanceTpm20DtpmGuid)) {
+ return TRUE;
+ }
+
+ DEBUG ((DEBUG_ERROR, "No TPM2 DTPM instance required! - %g\n", (EFI_GUID *)GET_GUID_HOB_DATA (GuidHob)));
+ } else {
+ DEBUG ((DEBUG_ERROR, "No gEdkiiTpmInstanceHobGuid!\n"));
+ }
+
+ return FALSE;
+}
+
+/**
The driver's entry point.
It install callbacks for TPM physical presence and MemoryClear, and locate
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf index 746eda3e9f..bca59a539b 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.inf @@ -20,7 +20,7 @@ # This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
-# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
@@ -55,6 +55,7 @@ Tcg2PhysicalPresenceLib
PcdLib
MemLib
+ HobLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
@@ -63,15 +64,13 @@ gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier
gTpmNvsMmGuid ## CONSUMES
+ gEdkiiTpmInstanceHobGuid
[Protocols]
gEfiSmmSwDispatch2ProtocolGuid ## CONSUMES
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiMmReadyToLockProtocolGuid ## CONSUMES
-[Pcd]
- gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
-
[Depex]
gEfiSmmSwDispatch2ProtocolGuid AND
gEfiSmmVariableProtocolGuid
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c index 514171cfac..f7d595e7f3 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2TraditionalMm.c @@ -9,7 +9,7 @@ PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -59,6 +59,20 @@ IsBufferOutsideMmValid ( }
/**
+ This function checks if the required DTPM instance is TPM 2.0.
+
+ @retval TRUE The required DTPM instance is equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+ @retval FALSE The required DTPM instance is not equal to gEfiTpmDeviceInstanceTpm20DtpmGuid.
+**/
+BOOLEAN
+IsTpm20Dtpm (
+ VOID
+ )
+{
+ return CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm20DtpmGuid);
+}
+
+/**
The driver's entry point.
It install callbacks for TPM physical presence and MemoryClear, and locate
|