sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg: Tpm2DeviceLibDTpm: Introduce StandaloneMm instance

Browse Source 
This change added a new instance of Tpm2DeviceLibDTpm to support drivers
of type MM_STANDALONE. It abstracts dynamic Pcd access into separate file
for different instances to avoid dynamic usage for StandaloneMm modules.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
This commit is contained in:
Kun Qin
2020-12-17 22:31:21 -08:00
parent 44ac44a269
commit 7a56650e2e
10 changed files with 275 additions and 84 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c
View File

@@ -13,29 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/Tpm2DeviceLib.h> #include <Library/Tpm2DeviceLib.h>
#include <Library/PcdLib.h> #include <Library/PcdLib.h>
/** #include "Tpm2DeviceLibDTpm.h"
Return PTP interface type.
@param[in] Register Pointer to PTP register.
@return PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
Tpm2GetPtpInterface (
IN VOID *Register
);
/**
Return PTP CRB interface IdleByPass state.
@param[in] Register Pointer to PTP register.
@return PTP CRB interface IdleByPass state.
**/
UINT8
Tpm2GetIdleByPass (
IN VOID *Register
);
/** /**
This service enables the sending of commands to the TPM2. This service enables the sending of commands to the TPM2.
@@ -145,21 +123,5 @@ Tpm2DeviceLibConstructor (
VOID VOID
) )
{ {
TPM2_PTP_INTERFACE_TYPE PtpInterface; return InternalTpm2DeviceLibDTpmCommonConstructor ();
UINT8 IdleByPass;
//
// Cache current active TpmInterfaceType only when needed
//
if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) {
PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface);
}
if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) {
IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdCRBIdleByPass, IdleByPass);
}
return EFI_SUCCESS;
} }

67
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h Normal file
View File

@@ -0,0 +1,67 @@
/** @file
This header file includes common internal fuction prototypes.
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#ifndef _TPM2_DEVICE_LIB_DTPM_H_
#define _TPM2_DEVICE_LIB_DTPM_H_
/**
Return PTP interface type.
@param[in] Register Pointer to PTP register.
@return PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
Tpm2GetPtpInterface (
IN VOID *Register
);
/**
Return PTP CRB interface IdleByPass state.
@param[in] Register Pointer to PTP register.
@return PTP CRB interface IdleByPass state.
**/
UINT8
Tpm2GetIdleByPass (
IN VOID *Register
);
/**
Return cached PTP interface type.
@return Cached PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
GetCachedPtpInterface (
VOID
);
/**
Return cached PTP CRB interface IdleByPass state.
@return Cached PTP CRB interface IdleByPass state.
**/
UINT8
GetCachedIdleByPass (
VOID
);
/**
The common function cache current active TpmInterfaceType when needed.
@retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance
**/
EFI_STATUS
InternalTpm2DeviceLibDTpmCommonConstructor (
VOID
);
#endif // _TPM2_DEVICE_LIB_DTPM_H_

3
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
View File

@@ -11,6 +11,7 @@
# only uses TPM 2.0 DTPM device. # only uses TPM 2.0 DTPM device.
# #
# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent # SPDX-License-Identifier: BSD-2-Clause-Patent
# #
## ##
@@ -34,6 +35,8 @@
Tpm2Tis.c Tpm2Tis.c
Tpm2Ptp.c Tpm2Ptp.c
Tpm2DeviceLibDTpm.c Tpm2DeviceLibDTpm.c
Tpm2DeviceLibDTpmBase.c
Tpm2DeviceLibDTpm.h
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec

68
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c Normal file
View File

@@ -0,0 +1,68 @@
/** @file
This file abstract internal interfaces of which implementation differs per library instance.
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/Tpm2DeviceLib.h>
#include <Library/PcdLib.h>
#include "Tpm2DeviceLibDTpm.h"
/**
Return cached PTP CRB interface IdleByPass state.
@return Cached PTP CRB interface IdleByPass state.
**/
UINT8
GetCachedIdleByPass (
VOID
)
{
return PcdGet8(PcdCRBIdleByPass);
}
/**
Return cached PTP interface type.
@return Cached PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
GetCachedPtpInterface (
VOID
)
{
return PcdGet8(PcdActiveTpmInterfaceType);
}
/**
The common function cache current active TpmInterfaceType when needed.
@retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance
**/
EFI_STATUS
InternalTpm2DeviceLibDTpmCommonConstructor (
VOID
)
{
TPM2_PTP_INTERFACE_TYPE PtpInterface;
UINT8 IdleByPass;
//
// Cache current active TpmInterfaceType only when needed
//
if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) {
PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface);
}
if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) {
IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdCRBIdleByPass, IdleByPass);
}
return EFI_SUCCESS;
}

66
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c Normal file
View File

@@ -0,0 +1,66 @@
/** @file
This file abstract internal interfaces of which implementation differs per library instance.
Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <Library/Tpm2DeviceLib.h>
#include "Tpm2DeviceLibDTpm.h"
TPM2_PTP_INTERFACE_TYPE mActiveTpmInterfaceType;
UINT8 mCRBIdleByPass;
/**
Return cached PTP CRB interface IdleByPass state.
@return Cached PTP CRB interface IdleByPass state.
**/
UINT8
GetCachedIdleByPass (
VOID
)
{
return mCRBIdleByPass;
}
/**
Return cached PTP interface type.
@return Cached PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
GetCachedPtpInterface (
VOID
)
{
return mActiveTpmInterfaceType;
}
/**
The common function cache current active TpmInterfaceType when needed.
@retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance
**/
EFI_STATUS
InternalTpm2DeviceLibDTpmCommonConstructor (
VOID
)
{
mActiveTpmInterfaceType = 0xFF;
mCRBIdleByPass = 0xFF;
//
// Always cache current active TpmInterfaceType for StandaloneMm implementation
//
mActiveTpmInterfaceType = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
if (mActiveTpmInterfaceType == Tpm2PtpInterfaceCrb) {
mCRBIdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
}
return EFI_SUCCESS;
}

54
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf Normal file
View File

@@ -0,0 +1,54 @@
## @file
# Provides TPM 2.0 TIS/PTP functions for DTPM
#
# Spec Compliance Info:
# "TCG PC Client Platform TPM Profile(PTP) Specification Family 2.0 Level 00 Revision 00.43"
# "TCG PC Client Specific TPM Interface Specification(TIS) Version 1.3"
#
# This library implements TIS (TPM Interface Specification) and
# PTP (Platform TPM Profile) functions which is
# used for every TPM 2.0 command. Choosing this library means platform uses and
# only uses TPM 2.0 DTPM device.
#
# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tpm2DeviceLibDTpmStandaloneMm
FILE_GUID = 9A5DB21A-FF0B-46D0-8672-B4F83FEF1F0E
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = Tpm2DeviceLib|MM_STANDALONE
CONSTRUCTOR = Tpm2DeviceLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64
#
[Sources]
Tpm2Tis.c
Tpm2Ptp.c
Tpm2DeviceLibDTpm.c
Tpm2DeviceLibDTpmStandaloneMm.c
Tpm2DeviceLibDTpm.h
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
IoLib
TimerLib
DebugLib
PcdLib
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES

40
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c
View File

@@ -16,29 +16,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Guid/TpmInstance.h> #include <Guid/TpmInstance.h>
/** #include "Tpm2DeviceLibDTpm.h"
Return PTP interface type.
@param[in] Register Pointer to PTP register.
@return PTP interface type.
**/
TPM2_PTP_INTERFACE_TYPE
Tpm2GetPtpInterface (
IN VOID *Register
);
/**
Return PTP CRB interface IdleByPass state.
@param[in] Register Pointer to PTP register.
@return PTP CRB interface IdleByPass state.
**/
UINT8
Tpm2GetIdleByPass (
IN VOID *Register
);
/** /**
Dump PTP register information. Dump PTP register information.
@@ -102,8 +80,6 @@ Tpm2InstanceLibDTpmConstructor (
) )
{ {
EFI_STATUS Status; EFI_STATUS Status;
TPM2_PTP_INTERFACE_TYPE PtpInterface;
UINT8 IdleByPass;
Status = Tpm2RegisterTpm2DeviceLib (&mDTpm2InternalTpm2Device); Status = Tpm2RegisterTpm2DeviceLib (&mDTpm2InternalTpm2Device);
if ((Status == EFI_SUCCESS) || (Status == EFI_UNSUPPORTED)) { if ((Status == EFI_SUCCESS) || (Status == EFI_UNSUPPORTED)) {
@@ -111,19 +87,7 @@ Tpm2InstanceLibDTpmConstructor (
// Unsupported means platform policy does not need this instance enabled. // Unsupported means platform policy does not need this instance enabled.
// //
if (Status == EFI_SUCCESS) { if (Status == EFI_SUCCESS) {
// Status = InternalTpm2DeviceLibDTpmCommonConstructor ();
// Cache current active TpmInterfaceType only when needed
//
if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) {
PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface);
}
if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) {
IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
PcdSet8S(PcdCRBIdleByPass, IdleByPass);
}
DumpPtpInfo ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); DumpPtpInfo ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
} }
return EFI_SUCCESS; return EFI_SUCCESS;

3
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
View File

@@ -6,6 +6,7 @@
# and PTP (Platform TPM Profile) functions. # and PTP (Platform TPM Profile) functions.
# #
# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation
# SPDX-License-Identifier: BSD-2-Clause-Patent # SPDX-License-Identifier: BSD-2-Clause-Patent
# #
## ##
@@ -30,6 +31,8 @@
Tpm2Tis.c Tpm2Tis.c
Tpm2Ptp.c Tpm2Ptp.c
Tpm2InstanceLibDTpm.c Tpm2InstanceLibDTpm.c
Tpm2DeviceLibDTpmBase.c
Tpm2DeviceLibDTpm.h
[Packages] [Packages]
MdePkg/MdePkg.dec MdePkg/MdePkg.dec

15
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c
View File

@@ -2,6 +2,7 @@
PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by dTPM2.0 library. PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by dTPM2.0 library.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c), Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
**/ **/
@@ -19,6 +20,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <IndustryStandard/TpmPtp.h> #include <IndustryStandard/TpmPtp.h>
#include <IndustryStandard/TpmTis.h> #include <IndustryStandard/TpmTis.h>
#include "Tpm2DeviceLibDTpm.h"
// //
// Execution of the command may take from several seconds to minutes for certain // Execution of the command may take from several seconds to minutes for certain
// commands, such as key generation. // commands, such as key generation.
@@ -174,7 +177,7 @@ PtpCrbTpmCommand (
// STEP 0: // STEP 0:
// if CapCRbIdelByPass == 0, enforce Idle state before sending command // if CapCRbIdelByPass == 0, enforce Idle state before sending command
// //
if (PcdGet8(PcdCRBIdleByPass) == 0 && (MmioRead32((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0){ if (GetCachedIdleByPass () == 0 && (MmioRead32((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0){
Status = PtpCrbWaitRegisterBits ( Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStatus, &CrbReg->CrbControlStatus,
PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE, PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
@@ -330,7 +333,7 @@ GoReady_Exit:
// Goto Ready State if command is completed successfully and TPM support IdleBypass // Goto Ready State if command is completed successfully and TPM support IdleBypass
// If not supported. flow down to GoIdle // If not supported. flow down to GoIdle
// //
if (PcdGet8(PcdCRBIdleByPass) == 1) { if (GetCachedIdleByPass () == 1) {
MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY); MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
return Status; return Status;
} }
@@ -350,7 +353,7 @@ GoIdle_Exit:
// Only enforce Idle state transition if execution fails when CRBIdleBypass==1 // Only enforce Idle state transition if execution fails when CRBIdleBypass==1
// Leave regular Idle delay at the beginning of next command execution // Leave regular Idle delay at the beginning of next command execution
// //
if (PcdGet8(PcdCRBIdleByPass) == 1){ if (GetCachedIdleByPass () == 1){
Status = PtpCrbWaitRegisterBits ( Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStatus, &CrbReg->CrbControlStatus,
PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE, PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
@@ -519,7 +522,7 @@ DumpPtpInfo (
Vid = 0xFFFF; Vid = 0xFFFF;
Did = 0xFFFF; Did = 0xFFFF;
Rid = 0xFF; Rid = 0xFF;
PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); PtpInterface = GetCachedPtpInterface ();
DEBUG ((EFI_D_INFO, "PtpInterface - %x\n", PtpInterface)); DEBUG ((EFI_D_INFO, "PtpInterface - %x\n", PtpInterface));
switch (PtpInterface) { switch (PtpInterface) {
case Tpm2PtpInterfaceCrb: case Tpm2PtpInterfaceCrb:
@@ -564,7 +567,7 @@ DTpm2SubmitCommand (
{ {
TPM2_PTP_INTERFACE_TYPE PtpInterface; TPM2_PTP_INTERFACE_TYPE PtpInterface;
PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); PtpInterface = GetCachedPtpInterface ();
switch (PtpInterface) { switch (PtpInterface) {
case Tpm2PtpInterfaceCrb: case Tpm2PtpInterfaceCrb:
return PtpCrbTpmCommand ( return PtpCrbTpmCommand (
@@ -603,7 +606,7 @@ DTpm2RequestUseTpm (
{ {
TPM2_PTP_INTERFACE_TYPE PtpInterface; TPM2_PTP_INTERFACE_TYPE PtpInterface;
PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); PtpInterface = GetCachedPtpInterface ();
switch (PtpInterface) { switch (PtpInterface) {
case Tpm2PtpInterfaceCrb: case Tpm2PtpInterfaceCrb:
return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress)); return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));

1
SecurityPkg/SecurityPkg.dsc
View File

@@ -211,6 +211,7 @@
SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf
SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf