MdeModulePkg/Pci: Add DeviceSecurity support.
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2303 Whenever a PCI device is discovered, PCI bus calls the EDKII_DEVICE_SECURITY_PROTOCOL to authenticate it. If the function returns success, the PCI bus allocates the resource and installs the PCI_IO for the device. If the function returns fail, the PCI bus skips the device. It is similar to EFI_SECURITY_ARCH_PROTOCOL, which is used to verify an EFI image. Cc: Jian J Wang <jian.j.wang@intel.com> Cc: Hao A Wu <hao.a.wu@intel.com> Cc: Ray Ni <ray.ni@intel.com> Cc: Yun Lou <yun.lou@intel.com> Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com>
This commit is contained in:
@@ -8,7 +8,7 @@
|
||||
PCI Root Bridges. So it means platform needs install PCI Root Bridge IO protocol for each
|
||||
PCI Root Bus and install PCI Host Bridge Resource Allocation Protocol.
|
||||
|
||||
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR>
|
||||
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
|
||||
**/
|
||||
@@ -37,7 +37,7 @@ UINT64 gAllZero = 0;
|
||||
EFI_PCI_PLATFORM_PROTOCOL *gPciPlatformProtocol;
|
||||
EFI_PCI_OVERRIDE_PROTOCOL *gPciOverrideProtocol;
|
||||
EDKII_IOMMU_PROTOCOL *mIoMmuProtocol;
|
||||
|
||||
EDKII_DEVICE_SECURITY_PROTOCOL *mDeviceSecurityProtocol;
|
||||
|
||||
GLOBAL_REMOVE_IF_UNREFERENCED EFI_PCI_HOTPLUG_REQUEST_PROTOCOL mPciHotPlugRequest = {
|
||||
PciHotPlugRequestNotify
|
||||
@@ -293,6 +293,14 @@ PciBusDriverBindingStart (
|
||||
);
|
||||
}
|
||||
|
||||
if (mDeviceSecurityProtocol == NULL) {
|
||||
gBS->LocateProtocol (
|
||||
&gEdkiiDeviceSecurityProtocolGuid,
|
||||
NULL,
|
||||
(VOID **) &mDeviceSecurityProtocol
|
||||
);
|
||||
}
|
||||
|
||||
if (PcdGetBool (PcdPciDisableBusEnumeration)) {
|
||||
gFullEnumeration = FALSE;
|
||||
} else {
|
||||
|
Reference in New Issue
Block a user