tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SecurityPkg: Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid 

Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid in Tcg2Acpi
driver. Tcg2Acpi will use the buffer stored in the HOB to
exchange information with Tcg2StandaloneMm by the
MM_COMMUNICATION_PROTOCOL.

Signed-off-by: Dun Tan <dun.tan@intel.com>
This commit is contained in:
Dun Tan 2024-06-04 10:26:49 +08:00 committed by mergify[bot]
parent 9a76c7945b
commit e939ecf6c1
2 changed files with 18 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
View File

@ -9,7 +9,7 @@
This driver will have external input - variable and ACPINvs data in SMM mode. This driver will have external input - variable and ACPINvs data in SMM mode.
This external input must be validated carefully to avoid security issue. This external input must be validated carefully to avoid security issue.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
Copyright (c) Microsoft Corporation. Copyright (c) Microsoft Corporation.
SPDX-License-Identifier: BSD-2-Clause-Patent SPDX-License-Identifier: BSD-2-Clause-Patent
@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Guid/TpmInstance.h> #include <Guid/TpmInstance.h>
#include <Guid/TpmNvsMm.h> #include <Guid/TpmNvsMm.h>
#include <Guid/PiSmmCommunicationRegionTable.h> #include <Guid/PiSmmCommunicationRegionTable.h>
#include <Guid/Tcg2AcpiCommunicateBuffer.h>
#include <Protocol/AcpiTable.h> #include <Protocol/AcpiTable.h>
#include <Protocol/Tcg2Protocol.h> #include <Protocol/Tcg2Protocol.h>
@ -38,7 +39,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/Tpm2DeviceLib.h> #include <Library/Tpm2DeviceLib.h>
#include <Library/Tpm2CommandLib.h> #include <Library/Tpm2CommandLib.h>
#include <Library/UefiLib.h> #include <Library/UefiLib.h>
#include <Library/MmUnblockMemoryLib.h> #include <Library/HobLib.h>
// //
// Physical Presence Interface Version supported by Platform // Physical Presence Interface Version supported by Platform
@ -116,7 +117,7 @@ TCG_NVS *mTcgNvs;
@param[in] Name The name string to find in TPM table. @param[in] Name The name string to find in TPM table.
@param[in] Size The size of the region to find. @param[in] Size The size of the region to find.
@return The allocated address for the found region. @return The Acpi Communicate Buffer for the found region.
**/ **/
VOID * VOID *
@ -126,9 +127,10 @@ AssignOpRegion (
UINT16 Size UINT16 Size
) )
{ {
EFI_STATUS Status;
AML_OP_REGION_32_8 *OpRegion; AML_OP_REGION_32_8 *OpRegion;
EFI_PHYSICAL_ADDRESS MemoryAddress; EFI_PHYSICAL_ADDRESS MemoryAddress;
EFI_HOB_GUID_TYPE *GuidHob;
TCG2_ACPI_COMMUNICATE_BUFFER *Tcg2AcpiCommunicateBufferHob;
MemoryAddress = SIZE_4GB - 1; MemoryAddress = SIZE_4GB - 1;
@ -144,16 +146,16 @@ AssignOpRegion (
(OpRegion->DWordPrefix == AML_DWORD_PREFIX) && (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
(OpRegion->BytePrefix == AML_BYTE_PREFIX)) (OpRegion->BytePrefix == AML_BYTE_PREFIX))
{ {
Status = gBS->AllocatePages (AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress); GuidHob = GetFirstGuidHob (&gEdkiiTcg2AcpiCommunicateBufferHobGuid);
ASSERT_EFI_ERROR (Status); ASSERT (GuidHob != NULL);
Tcg2AcpiCommunicateBufferHob = GET_GUID_HOB_DATA (GuidHob);
MemoryAddress = Tcg2AcpiCommunicateBufferHob->Tcg2AcpiCommunicateBuffer;
ASSERT (MemoryAddress != 0);
ASSERT (EFI_PAGES_TO_SIZE (Tcg2AcpiCommunicateBufferHob->Pages) >= Size);
ZeroMem ((VOID *)(UINTN)MemoryAddress, Size); ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);
OpRegion->RegionOffset = (UINT32)(UINTN)MemoryAddress; OpRegion->RegionOffset = (UINT32)(UINTN)MemoryAddress;
OpRegion->RegionLen = (UINT8)Size; OpRegion->RegionLen = (UINT8)Size;
// Request to unblock this region from MM core
Status = MmUnblockMemoryRequest (MemoryAddress, EFI_SIZE_TO_PAGES (Size));
if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) {
ASSERT_EFI_ERROR (Status);
}
break; break;
} }

5
SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
View File

@ -22,7 +22,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode. # This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue. # This external input must be validated carefully to avoid security issue.
# #
# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR> # Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.<BR>
# Copyright (c) Microsoft Corporation.<BR> # Copyright (c) Microsoft Corporation.<BR>
# SPDX-License-Identifier: BSD-2-Clause-Patent # SPDX-License-Identifier: BSD-2-Clause-Patent
# #
@ -57,12 +57,13 @@
Tpm2CommandLib Tpm2CommandLib
Tcg2PhysicalPresenceLib Tcg2PhysicalPresenceLib
PcdLib PcdLib
MmUnblockMemoryLib HobLib
[Guids] [Guids]
gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier
gTpmNvsMmGuid ## CONSUMES gTpmNvsMmGuid ## CONSUMES
gEdkiiPiSmmCommunicationRegionTableGuid ## CONSUMES gEdkiiPiSmmCommunicationRegionTableGuid ## CONSUMES
gEdkiiTcg2AcpiCommunicateBufferHobGuid
[Protocols] [Protocols]
gEfiAcpiTableProtocolGuid ## CONSUMES gEfiAcpiTableProtocolGuid ## CONSUMES