SecurityPkg SmmTcg2PhysicalPresenceLib: Enable Storage actions.

After enable storage related actions in the
TcgPhysicalPresenceStorageLib, use this library to support
storage related actions in this library.

Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>

SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c

@@ -31,6 +31,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/BaseMemoryLib.h>
 #include <Library/Tcg2PpVendorLib.h>
 #include <Library/SmmServicesTableLib.h>
+#include <Library/TcgPhysicalPresenceStorageLib.h>
 
 EFI_SMM_VARIABLE_PROTOCOL  *mTcg2PpSmmVariable;
 
@@ -129,8 +130,10 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
     goto EXIT;
   }
 
-  if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
+  if (((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
-      (*OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
+       (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))||
+      ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE) &&
+       (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))) {
     //
     // This command requires UI to prompt user for Auth data.
     //
@@ -244,12 +247,13 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
   IN UINT32                 OperationRequest
   )
 {
-  EFI_STATUS                        Status;
+  EFI_STATUS                               Status;
-  UINTN                             DataSize;
+  UINTN                                    DataSize;
-  EFI_TCG2_PHYSICAL_PRESENCE        PpData;
+  EFI_TCG2_PHYSICAL_PRESENCE               PpData;
-  EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  Flags;
+  EFI_TCG2_PHYSICAL_PRESENCE_FLAGS         Flags;
-  BOOLEAN                           RequestConfirmed;
+  UINT32                                   StorageFlags;
-  
+  BOOLEAN                                  RequestConfirmed;
+
   DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = %x\n", OperationRequest));
 
   //
@@ -283,6 +287,11 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
     return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
   }
 
+  //
+  // Get the Physical Presence storage flags
+  //
+  StorageFlags = TcgPhysicalPresenceStorageLibReturnStorageFlags();
+
   RequestConfirmed = FALSE;
 
   switch (OperationRequest) {
@@ -318,6 +327,22 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
       RequestConfirmed = TRUE;
       break;
 
+    case TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID:
+      if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
+        RequestConfirmed = TRUE;
+      }
+      break;
+
+    case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID:
+      if ((StorageFlags & TCG_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
+        RequestConfirmed = TRUE;
+      }
+      break;
+
+    case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE:
+    case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_TRUE:
+      break;
+
     default:
       if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
         RequestConfirmed = TRUE;

SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf

@@ -46,6 +46,7 @@
   Tcg2PpVendorLib
   SmmServicesTableLib
   BaseMemoryLib
+  TcgPhysicalPresenceStorageLib
 
 [Guids]
   ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"