Implement Tcg physical presence as a library instead of DXE driver in order that TPM can be locked as early as possible.

Signed-off-by: gdong1
Reviewed-by: hhtian
Reviewed-by: niruiyu
Reviewed-by: xdu2


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12447 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
gdong1 2011-09-27 08:44:33 +00:00
parent f00237c1d2
commit 607599bf3d
10 changed files with 433 additions and 446 deletions

View File

@ -40,35 +40,32 @@ typedef struct {
#define FLAG_NO_PPI_MAINTENANCE BIT2
#define FLAG_RESET_TRACK BIT3
#define H2NS(x) ((((x) << 8) | ((x) >> 8)) & 0xffff)
#define H2NL(x) (H2NS ((x) >> 16) | (H2NS ((x) & 0xffff) << 16))
//
// The definition of physical presence operation actions
//
#define NO_ACTION 0
#define ENABLE 1
#define DISABLE 2
#define ACTIVATE 3
#define DEACTIVATE 4
#define CLEAR 5
#define ENABLE_ACTIVATE 6
#define DEACTIVATE_DISABLE 7
#define SET_OWNER_INSTALL_TRUE 8
#define SET_OWNER_INSTALL_FALSE 9
#define ENABLE_ACTIVATE_OWNER_TRUE 10
#define DEACTIVATE_DISABLE_OWNER_FALSE 11
#define DEFERRED_PP_UNOWNERED_FIELD_UPGRADE 12
#define SET_OPERATOR_AUTH 13
#define CLEAR_ENABLE_ACTIVATE 14
#define SET_NO_PPI_PROVISION_FALSE 15
#define SET_NO_PPI_PROVISION_TRUE 16
#define SET_NO_PPI_CLEAR_FALSE 17
#define SET_NO_PPI_CLEAR_TRUE 18
#define SET_NO_PPI_MAINTENANCE_FALSE 19
#define SET_NO_PPI_MAINTENANCE_TRUE 20
#define ENABLE_ACTIVATE_CLEAR 21
#define ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22
#define PHYSICAL_PRESENCE_NO_ACTION 0
#define PHYSICAL_PRESENCE_ENABLE 1
#define PHYSICAL_PRESENCE_DISABLE 2
#define PHYSICAL_PRESENCE_ACTIVATE 3
#define PHYSICAL_PRESENCE_DEACTIVATE 4
#define PHYSICAL_PRESENCE_CLEAR 5
#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE 6
#define PHYSICAL_PRESENCE_DEACTIVATE_DISABLE 7
#define PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE 8
#define PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE 9
#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE 10
#define PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE 11
#define PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE 12
#define PHYSICAL_PRESENCE_SET_OPERATOR_AUTH 13
#define PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE 14
#define PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE 15
#define PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE 16
#define PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE 17
#define PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE 18
#define PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE 19
#define PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE 20
#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR 21
#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22
extern EFI_GUID gEfiPhysicalPresenceGuid;

View File

@ -0,0 +1,38 @@
/** @file
Ihis library is intended to be used by BDS modules.
This library will lock TPM after executing TPM request.
Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TCG_PHYSICAL_PRESENCE_LIB_H_
#define _TCG_PHYSICAL_PRESENCE_LIB_H_
/**
Check and execute the pending TPM request and Lock TPM.
The TPM request may come from OS or BIOS. This API will display request information and wait
for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
the TPM request is confirmed, and one or more reset may be required to make TPM request to
take effect. At last, it will lock TPM to prevent TPM state change by malware.
This API should be invoked after console in and console out are all ready as they are required
to display request information and get user input to confirm the request. This API should also
be invoked as early as possible as TPM is locked in this function.
**/
VOID
EFIAPI
TcgPhysicalPresenceLibProcessRequest (
VOID
);
#endif

View File

@ -1,7 +1,8 @@
## @file
# Component file for PhysicalPresenceDxe driver.
# TCG physical presence library instance. This library will lock
# TPM after executing TPM request.
#
# Copyright (c) 2006 - 2010, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -13,22 +14,21 @@
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = PhysicalPresenceDxe
FILE_GUID = D85A4A0C-2E73-4491-92E1-DCEFC3882A68
BASE_NAME = DxeTcgPhysicalPresenceLib
FILE_GUID = EBC43A46-34AC-4F07-A7F5-A5394619361C
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
ENTRY_POINT = DriverEntry
LIBRARY_CLASS = TcgPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
CONSTRUCTOR = TcgPhysicalPresenceLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
PhysicalPresence.c
PhysicalPresence.h
DxeTcgPhysicalPresenceLib.c
PhysicalPresenceStrings.uni
[Packages]
@ -52,10 +52,3 @@
[Guids]
gEfiPhysicalPresenceGuid
[Depex]
gEfiTcgProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid AND
gEfiResetArchProtocolGuid

View File

@ -50,6 +50,7 @@
IoLib|MdePkg/Library/BaseIoLibIntrinsic/BaseIoLibIntrinsic.inf
TpmCommLib|SecurityPkg/Library/TpmCommLib/TpmCommLib.inf
PlatformSecureLib|SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.inf
TcgPhysicalPresenceLib|SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf
[LibraryClasses.common.PEIM]
PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf
@ -95,7 +96,6 @@
SecurityPkg/Tcg/TcgPei/TcgPei.inf
SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
SecurityPkg/Tcg/PhysicalPresenceDxe/PhysicalPresenceDxe.inf
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf {
<LibraryClasses>

View File

@ -1,38 +0,0 @@
/** @file
The header file for TPM physical presence driver.
Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __PHYSICAL_PRESENCE_H__
#define __PHYSICAL_PRESENCE_H__
#include <PiDxe.h>
#include <Protocol/TcgService.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PrintLib.h>
#include <Library/HiiLib.h>
#include <Guid/EventGroup.h>
#include <Guid/PhysicalPresenceData.h>
#define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))
#define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))
#define CONFIRM_BUFFER_SIZE 4096
#endif

View File

@ -80,24 +80,24 @@ formset
// Activate/deactivate (TPM_ORD_physicalSetDeactivated) command is not available when disabled.
//
suppressif ideqval TCG_CONFIGURATION.TpmEnable == 0;
option text = STRING_TOKEN(STR_DISABLE), value = DISABLE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ACTIVATE), value = ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_DEACTIVATE), value = DEACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_DEACTIVATE_DISABLE), value = DEACTIVATE_DISABLE, flags = 0;
option text = STRING_TOKEN(STR_DISABLE), value = PHYSICAL_PRESENCE_DISABLE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ACTIVATE), value = PHYSICAL_PRESENCE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_DEACTIVATE), value = PHYSICAL_PRESENCE_DEACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_DEACTIVATE_DISABLE), value = PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, flags = 0;
endif
//
// Clear (TPM_ORD_ForceClear) command is not available when disabled or deactivated.
//
suppressif ideqval TCG_CONFIGURATION.TpmEnable == 0 OR
ideqval TCG_CONFIGURATION.TpmActivate == 0;
option text = STRING_TOKEN(STR_TPM_CLEAR), value = CLEAR, flags = 0;
option text = STRING_TOKEN(STR_TPM_CLEAR_ENABLE_ACTIVATE), value = CLEAR_ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_CLEAR), value = PHYSICAL_PRESENCE_CLEAR, flags = 0;
option text = STRING_TOKEN(STR_TPM_CLEAR_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, flags = 0;
endif
option text = STRING_TOKEN(STR_ENABLE), value = ENABLE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value = ENABLE_ACTIVATE_CLEAR, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value = ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_ENABLE), value = PHYSICAL_PRESENCE_ENABLE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags = 0;
endoneof;
subtitle text = STRING_TOKEN(STR_NULL);

View File

@ -79,13 +79,13 @@ GetTpmState (
//
if ((TpmEnable != NULL) || (TpmActivate != NULL)) {
TpmSendSize = sizeof (TPM_RQU_COMMAND_HDR) + sizeof (UINT32) * 3;
*(UINT16*)&CmdBuf[0] = H2NS (TPM_TAG_RQU_COMMAND);
*(UINT32*)&CmdBuf[2] = H2NL (TpmSendSize);
*(UINT32*)&CmdBuf[6] = H2NL (TPM_ORD_GetCapability);
*(UINT16*)&CmdBuf[0] = SwapBytes16 (TPM_TAG_RQU_COMMAND);
*(UINT32*)&CmdBuf[2] = SwapBytes32 (TpmSendSize);
*(UINT32*)&CmdBuf[6] = SwapBytes32 (TPM_ORD_GetCapability);
*(UINT32*)&CmdBuf[10] = H2NL (TPM_CAP_FLAG);
*(UINT32*)&CmdBuf[14] = H2NL (sizeof (TPM_CAP_FLAG_PERMANENT));
*(UINT32*)&CmdBuf[18] = H2NL (TPM_CAP_FLAG_PERMANENT);
*(UINT32*)&CmdBuf[10] = SwapBytes32 (TPM_CAP_FLAG);
*(UINT32*)&CmdBuf[14] = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
*(UINT32*)&CmdBuf[18] = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
@ -95,7 +95,7 @@ GetTpmState (
CmdBuf
);
TpmRsp = (TPM_RSP_COMMAND_HDR *) &CmdBuf[0];
if (EFI_ERROR (Status) || (TpmRsp->tag != H2NS (TPM_TAG_RSP_COMMAND)) || (TpmRsp->returnCode != 0)) {
if (EFI_ERROR (Status) || (TpmRsp->tag != SwapBytes16 (TPM_TAG_RSP_COMMAND)) || (TpmRsp->returnCode != 0)) {
return EFI_DEVICE_ERROR;
}
@ -182,7 +182,7 @@ TcgExtractConfig (
ZeroMem (&Configuration, sizeof (TCG_CONFIGURATION));
Configuration.MorState = PcdGetBool (PcdMorEnable);
Configuration.TpmOperation = ENABLE;
Configuration.TpmOperation = PHYSICAL_PRESENCE_ENABLE;
Configuration.HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm));
//
// Read the original value of HideTpm from PrivateData which won't be changed by Setup in this boot.

View File

@ -128,7 +128,7 @@ PhysicalPresenceCallback (
// Submit TPM Operation Request to Pre-OS Environment
//
if (mTcgNvs->PhysicalPresence.Request == SET_OPERATOR_AUTH) {
if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) {
//
// This command requires UI to prompt user for Auth data, NOT implemented.
//
@ -164,49 +164,49 @@ PhysicalPresenceCallback (
RequestConfirmed = FALSE;
switch (mTcgNvs->PhysicalPresence.Request) {
case ENABLE:
case DISABLE:
case ACTIVATE:
case DEACTIVATE:
case ENABLE_ACTIVATE:
case DEACTIVATE_DISABLE:
case SET_OWNER_INSTALL_TRUE:
case SET_OWNER_INSTALL_FALSE:
case ENABLE_ACTIVATE_OWNER_TRUE:
case DEACTIVATE_DISABLE_OWNER_FALSE:
case PHYSICAL_PRESENCE_ENABLE:
case PHYSICAL_PRESENCE_DISABLE:
case PHYSICAL_PRESENCE_ACTIVATE:
case PHYSICAL_PRESENCE_DEACTIVATE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {
RequestConfirmed = TRUE;
}
break;
case CLEAR:
case ENABLE_ACTIVATE_CLEAR:
case PHYSICAL_PRESENCE_CLEAR:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {
RequestConfirmed = TRUE;
}
break;
case DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {
RequestConfirmed = TRUE;
}
break;
case ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
case CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {
RequestConfirmed = TRUE;
}
break;
case SET_NO_PPI_PROVISION_FALSE:
case SET_NO_PPI_CLEAR_FALSE:
case SET_NO_PPI_MAINTENANCE_FALSE:
case NO_ACTION:
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:
case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:
case PHYSICAL_PRESENCE_NO_ACTION:
RequestConfirmed = TRUE;
break;
case SET_OPERATOR_AUTH:
case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:
//
// This command requires UI to prompt user for Auth data
// Here it is NOT implemented