SecurityPkg: Tcg2Smm: Separate Tcg2Smm into 2 modules

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3169 This change separated the original Tcg2Smm module into 2 drivers: the SMM driver that registers callback for physical presence and memory clear; the Tcg2Acpi driver that patches and publishes ACPI table for runtime use. Tcg2Smm introduced an SMI root handler to allow Tcg2Acpi to communicate the NVS region used by Tpm.asl and exchange the registered SwSmiValue. Lastly, Tcg2Smm driver will publish gTcg2MmSwSmiRegisteredGuid at the end of entrypoint to ensure Tcg2Acpi to load after Tcg2Smm is ready to communicate. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Qi Zhang <qi1.zhang@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Kun Qin <kun.q@outlook.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Message-Id: <MWHPR06MB310295CC623EF7C062844DFFF3969@MWHPR06MB3102.namprd06.prod.outlook.com>
2021-03-04 20:14:13 -08:00
parent e2d6833c11
commit 3c2dc30d1b
10 changed files with 1349 additions and 785 deletions
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
@@ -2,6 +2,7 @@
  The header file for Tcg2 SMM driver.

 Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.
 SPDX-License-Identifier: BSD-2-Clause-Patent

 **/
@@ -9,13 +10,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #ifndef __TCG2_SMM_H__
 #define __TCG2_SMM_H__

-#include <PiDxe.h>
-#include <IndustryStandard/Acpi.h>
-#include <IndustryStandard/Tpm2Acpi.h>
+#include <PiMm.h>

 #include <Guid/MemoryOverwriteControl.h>
 #include <Guid/TpmInstance.h>
+#include <Guid/TpmNvsMm.h>

+#include <Protocol/MmReadyToLock.h>
 #include <Protocol/SmmSwDispatch2.h>
 #include <Protocol/AcpiTable.h>
 #include <Protocol/SmmVariable.h>
@@ -25,56 +26,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/BaseMemoryLib.h>
 #include <Library/DebugLib.h>
 #include <Library/MmServicesTableLib.h>
-#include <Library/UefiDriverEntryPoint.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/DxeServicesLib.h>
-#include <Library/TpmMeasurementLib.h>
 #include <Library/Tpm2CommandLib.h>
 #include <Library/Tcg2PhysicalPresenceLib.h>
 #include <Library/IoLib.h>
-#include <Library/PrintLib.h>
 #include <Library/PcdLib.h>
 #include <Library/Tpm2DeviceLib.h>

 #include <IndustryStandard/TpmPtp.h>

-#pragma pack(1)
-typedef struct {
-  UINT8                  SoftwareSmi;
-  UINT32                 Parameter;
-  UINT32                 Response;
-  UINT32                 Request;
-  UINT32                 RequestParameter;
-  UINT32                 LastRequest;
-  UINT32                 ReturnCode;
-} PHYSICAL_PRESENCE_NVS;
-
-typedef struct {
-  UINT8                  SoftwareSmi;
-  UINT32                 Parameter;
-  UINT32                 Request;
-  UINT32                 ReturnCode;
-} MEMORY_CLEAR_NVS;
-
-typedef struct {
-  PHYSICAL_PRESENCE_NVS  PhysicalPresence;
-  MEMORY_CLEAR_NVS       MemoryClear;
-  UINT32                 PPRequestUserConfirm;
-  UINT32                 TpmIrqNum;
-  BOOLEAN                IsShortFormPkgLength;
-} TCG_NVS;
-
-typedef struct {
-  UINT8                  OpRegionOp;
-  UINT32                 NameString;
-  UINT8                  RegionSpace;
-  UINT8                  DWordPrefix;
-  UINT32                 RegionOffset;
-  UINT8                  BytePrefix;
-  UINT8                  RegionLen;
-} AML_OP_REGION_32_8;
-#pragma pack()
-
 //
 // The definition for TCG MOR
 //
@@ -87,36 +46,42 @@ typedef struct {
 #define MOR_REQUEST_SUCCESS                                        0
 #define MOR_REQUEST_GENERAL_FAILURE                                1

-//
-// Physical Presence Interface Version supported by Platform
-//
-#define PHYSICAL_PRESENCE_VERSION_TAG                              "$PV"
-#define PHYSICAL_PRESENCE_VERSION_SIZE                             4
+/**
+  Notify the system that the SMM variable driver is ready.
+**/
+VOID
+Tcg2NotifyMmReady (
+  VOID
+  );

-//
-// PNP _HID for TPM2 device
-//
-#define TPM_HID_TAG                                                "NNNN0000"
-#define TPM_HID_PNP_SIZE                                           8
-#define TPM_HID_ACPI_SIZE                                          9
+/**
+  This function is an abstraction layer for implementation specific Mm buffer validation routine.

-#define TPM_PRS_RESL                                               "RESL"
-#define TPM_PRS_RESS                                               "RESS"
-#define TPM_PRS_RES_NAME_SIZE                                      4
-//
-// Minimum PRS resource template size
-//  1 byte    for  BufferOp
-//  1 byte    for  PkgLength
-//  2 bytes   for  BufferSize
-//  12 bytes  for  Memory32Fixed descriptor
-//  5 bytes   for  Interrupt descriptor
-//  2 bytes   for  END Tag
-//
-#define TPM_POS_RES_TEMPLATE_MIN_SIZE                              (1 + 1 + 2 + 12 + 5 + 2)
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+**/
+BOOLEAN
+IsBufferOutsideMmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  );
+
+/**
+  The driver's common initialization routine.
+
+  It install callbacks for TPM physical presence and MemoryClear, and locate
+  SMM variable to be used in the callback function.
+
+  @retval EFI_SUCCESS     The entry point is executed successfully.
+  @retval Others          Some error occurs when executing this entry point.
+
+**/
+EFI_STATUS
+InitializeTcgCommon (
+  VOID
+  );

-//
-// Max Interrupt buffer size for PRS interrupt resource
-// Now support 15 interrupts in maxmum
-//
-#define MAX_PRS_INT_BUF_SIZE                                       (15*4)
 #endif  // __TCG_SMM_H__