sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg: Add TPM PTP support in TCG2 SMM.

Browse Source 
TPM2 hardware may support PTP FIFO/TIS interface
or PTP CRB interface. The original ACPI table only
handles PTP FIFO/TIS interface. This patch adds
PTP CRB interface support.
The current logic is that SMM driver will runtime
detect TPM device interface (CRB or FIFO/TIS) and
publish TPM2 table based on result.

It is compatible for old TPM2 FIFO/TIS device and
new TPM2 CRB device.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19741 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Yao, Jiewen 2016-01-26 01:30:17 +00:00 committed by jyao1
parent 79e748cf29
commit d967d6d96f
4 changed files with 71 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
View File

@ -9,7 +9,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check. PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -22,6 +22,48 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include "Tcg2Smm.h" #include "Tcg2Smm.h"
typedef enum {
PtpInterfaceTis,
PtpInterfaceFifo,
PtpInterfaceCrb,
PtpInterfaceMax,
} PTP_INTERFACE_TYPE;
/**
Return PTP interface type.
@param[in] Register Pointer to PTP register.
@return PTP interface type.
**/
PTP_INTERFACE_TYPE
GetPtpInterface (
IN VOID *Register
)
{
PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
//
// Check interface id
//
InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) &&
(InterfaceId.Bits.CapCRB != 0)) {
return PtpInterfaceCrb;
}
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) &&
(InterfaceId.Bits.CapFIFO != 0) &&
(InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) {
return PtpInterfaceFifo;
}
return PtpInterfaceTis;
}
EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = { EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = {
{ {
EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE, EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,
@ -288,6 +330,8 @@ PublishTpm2 (
EFI_ACPI_TABLE_PROTOCOL *AcpiTable; EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
UINTN TableKey; UINTN TableKey;
UINT64 OemTableId; UINT64 OemTableId;
EFI_TPM2_ACPI_CONTROL_AREA *ControlArea;
PTP_INTERFACE_TYPE InterfaceType;
// //
// Measure to PCR[0] with event EV_POST_CODE ACPI DATA // Measure to PCR[0] with event EV_POST_CODE ACPI DATA
@ -301,6 +345,24 @@ PublishTpm2 (
sizeof(mTpm2AcpiTemplate) sizeof(mTpm2AcpiTemplate)
); );
InterfaceType = GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
switch (InterfaceType) {
case PtpInterfaceCrb:
mTpm2AcpiTemplate.StartMethod = EFI_TPM2_ACPI_TABLE_START_METHOD_COMMAND_RESPONSE_BUFFER_INTERFACE;
mTpm2AcpiTemplate.AddressOfControlArea = PcdGet64 (PcdTpmBaseAddress) + 0x40;
ControlArea = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN)mTpm2AcpiTemplate.AddressOfControlArea;
ControlArea->CommandSize = 0xF80;
ControlArea->ResponseSize = 0xF80;
ControlArea->Command = PcdGet64 (PcdTpmBaseAddress) + 0x80;
ControlArea->Response = PcdGet64 (PcdTpmBaseAddress) + 0x80;
break;
case PtpInterfaceFifo:
case PtpInterfaceTis:
break;
default:
break;
}
CopyMem (mTpm2AcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTpm2AcpiTemplate.Header.OemId)); CopyMem (mTpm2AcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTpm2AcpiTemplate.Header.OemId));
OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId); OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);
CopyMem (&mTpm2AcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64)); CopyMem (&mTpm2AcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));

5
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
View File

@ -1,7 +1,7 @@
/** @file /** @file
The header file for Tcg2 SMM driver. The header file for Tcg2 SMM driver.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -37,6 +37,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/TpmMeasurementLib.h> #include <Library/TpmMeasurementLib.h>
#include <Library/Tpm2DeviceLib.h> #include <Library/Tpm2DeviceLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h> #include <Library/Tcg2PhysicalPresenceLib.h>
#include <Library/IoLib.h>
#include <IndustryStandard/TpmPtp.h>
#pragma pack(1) #pragma pack(1)
typedef struct { typedef struct {

4
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
View File

@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode. # This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue. # This external input must be validated carefully to avoid security issue.
# #
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials # This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License # are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at # which accompanies this distribution. The full text of the license may be found at
@ -50,6 +50,7 @@
TpmMeasurementLib TpmMeasurementLib
Tpm2DeviceLib Tpm2DeviceLib
Tcg2PhysicalPresenceLib Tcg2PhysicalPresenceLib
IoLib
[Guids] [Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl" ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
@ -70,6 +71,7 @@
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES
[Depex] [Depex]
gEfiAcpiTableProtocolGuid AND gEfiAcpiTableProtocolGuid AND

2
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
View File

@ -2,7 +2,7 @@
The TPM2 definition block in ACPI table for TCG2 physical presence The TPM2 definition block in ACPI table for TCG2 physical presence
and MemoryClear. and MemoryClear.
Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at