From d646d1a927c2931be19d229388699dcae71a40d1 Mon Sep 17 00:00:00 2001 From: "Zhang, Chao B" Date: Tue, 27 Dec 2016 16:47:06 +0800 Subject: SecurityPkg: Tcg2PhysicalPresence: Define TCG2 PP Flags Initial Pcd Define PcdTcg2PhysicalPresenceFlags to initialize TCG2 PP Flags setting. Cc: Yao Jiewen Cc: Star Zeng Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Chao Zhang Reviewed-by: Yao Jiewen Reviewed-by: Star Zeng Conflicts: SecurityPkg/SecurityPkg.dec --- .../Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 3 ++- .../DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf | 5 ++++- SecurityPkg/SecurityPkg.dec | 6 ++++++ 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c index cb3cfe35bb..78f2859f70 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c @@ -1081,7 +1081,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( &PpiFlags ); if (EFI_ERROR (Status)) { - PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT; + PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags); Status = gRT->SetVariable ( TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE, &gEfiTcg2PhysicalPresenceGuid, @@ -1093,6 +1093,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( DEBUG ((EFI_D_ERROR, "[TPM2] Set physical presence flag failed, Status = %r\n", Status)); return ; } + DEBUG((DEBUG_INFO, "[TPM2] Initial physical presence flags value is 0x%x\n", PpiFlags.PPFlags)); } // diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf index bad4fe41b1..de87971839 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf @@ -8,7 +8,7 @@ # This driver will have external input - variable. # This external input must be validated carefully to avoid security issue. # -# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -60,6 +60,9 @@ gEfiTcg2ProtocolGuid ## CONSUMES gEdkiiVariableLockProtocolGuid ## CONSUMES +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOMETIMES_CONSUMES + [Guids] ## CONSUMES ## HII ## SOMETIMES_PRODUCES ## Variable:L"Tcg2PhysicalPresence" diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index b4eabc4886..8a453fcf8b 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -414,6 +414,12 @@ # @Prompt Length(in bytes) of the TCG2 Final event log area. gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen|0x8000|UINT32|0x00010018 + ## This PCD defines initial setting of TCG2 Persistent Firmware Management Flags + # PCD can be configured for different settings in different scenarios + # Default setting is TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT + # @Prompt Inital setting of TCG2 Persistent Firmware Management Flags + gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags|0x300E3|UINT32|0x0001001B + [PcdsDynamic, PcdsDynamicEx] ## This PCD indicates Hash mask for TPM 2.0.

-- cgit v1.2.3