SecurityPkg: Tcg2Smm: Added support for Standalone Mm

https://bugzilla.tianocore.org/show_bug.cgi?id=3169 This change added Standalone MM instance of Tcg2. The notify function for Standalone MM instance is left empty. A dependency DXE driver with a Depex of gEfiMmCommunication2ProtocolGuid was created to indicate the readiness of Standalone MM Tcg2 driver. Lastly, the support of CI build for Tcg2 Standalone MM module is added. Cc: Jiewen Yao <jiewen.yao@intel.com> Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Qi Zhang <qi1.zhang@intel.com> Cc: Rahul Kumar <rahul1.kumar@intel.com> Signed-off-by: Kun Qin <kun.q@outlook.com> Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com> Message-Id: <MWHPR06MB3102C3F99CBADFCC5F8A821CF3969@MWHPR06MB3102.namprd06.prod.outlook.com>
2021-03-04 20:14:14 -08:00
parent 3c2dc30d1b
commit 8802583c48
7 changed files with 251 additions and 0 deletions
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2StandaloneMm.c
@@ -0,0 +1,71 @@
+/** @file
+  TCG2 Standalone MM driver that updates TPM2 items in ACPI table and registers
+  SMI2 callback functions for Tcg2 physical presence, ClearMemory, and
+  sample for dTPM StartMethod.
+
+  Caution: This module requires additional review when modified.
+  This driver will have external input - variable and ACPINvs data in SMM mode.
+  This external input must be validated carefully to avoid security issue.
+
+  PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
+
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) Microsoft Corporation.
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include "Tcg2Smm.h"
+#include <Library/StandaloneMmMemLib.h>
+
+/**
+  Notify the system that the SMM variable driver is ready.
+**/
+VOID
+Tcg2NotifyMmReady (
+  VOID
+  )
+{
+  // Do nothing
+}
+
+/**
+  This function is an abstraction layer for implementation specific Mm buffer validation routine.
+
+  @param Buffer  The buffer start address to be checked.
+  @param Length  The buffer length to be checked.
+
+  @retval TRUE  This buffer is valid per processor architecture and not overlap with SMRAM.
+  @retval FALSE This buffer is not valid per processor architecture or overlap with SMRAM.
+**/
+BOOLEAN
+IsBufferOutsideMmValid (
+  IN EFI_PHYSICAL_ADDRESS  Buffer,
+  IN UINT64                Length
+  )
+{
+  return MmIsBufferOutsideMmValid (Buffer, Length);
+}
+
+/**
+  The driver's entry point.
+
+  It install callbacks for TPM physical presence and MemoryClear, and locate
+  SMM variable to be used in the callback function.
+
+  @param[in] ImageHandle  The firmware allocated handle for the EFI image.
+  @param[in] SystemTable  A pointer to the EFI System Table.
+
+  @retval EFI_SUCCESS     The entry point is executed successfully.
+  @retval Others          Some error occurs when executing this entry point.
+
+**/
+EFI_STATUS
+EFIAPI
+InitializeTcgStandaloneMm (
+  IN EFI_HANDLE                  ImageHandle,
+  IN EFI_MM_SYSTEM_TABLE         *SystemTable
+  )
+{
+  return InitializeTcgCommon ();
+}