tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Sync the branch changes to trunk. 

Support fTPM feature, and update the BiosID to 0.80.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Tim He <tim.he@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17362 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Tim He 2015-05-08 03:13:37 +00:00 committed by timhe
parent 7849538e0e
commit f4e7aa05a3
26 changed files with 1320 additions and 38 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

98
Vlv2DeviceRefCodePkg/Include/Ppi/PttPassThruPpi.h Normal file
View File

@ -0,0 +1,98 @@
/*++
Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
--*/
#ifndef _EFI_PTT_PASS_THRU_PPI_H
#define _EFI_PTT_PASS_THRU_PPI_H
#define PTT_PASS_THRU_PPI_GUID \
{ \
0xc5068bac, 0xa7dc, 0x42f1, 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b \
}
// {C5068BAC-A7DC-42f1-AE80-CAA24BB4904B}
//static const GUID <<name>> =
//{ 0xc5068bac, 0xa7dc, 0x42f1, { 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b } };
//#define EFI_PTT_PROTOCOL_GUID HECI_PROTOCOL_GUID
typedef struct _PTT_PASS_THRU_PPI PTT_PASS_THRU_PPI;
/**
This service enables the sending of commands to the TPM2.
@param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
@param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
@param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.
@param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_SUBMIT_COMMAND) (
IN PTT_PASS_THRU_PPI *This,
IN UINT32 InputParameterBlockSize,
IN UINT8 *InputParameterBlock,
IN OUT UINT32 *OutputParameterBlockSize,
IN UINT8 *OutputParameterBlock
);
/**
This service requests use TPM2.
@retval EFI_SUCCESS Get the control of TPM2 chip.
@retval EFI_NOT_FOUND TPM2 not found.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_REQUEST_USE_TPM) (
IN PTT_PASS_THRU_PPI *This
);
typedef struct {
EFI_GUID ProviderGuid;
TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;
TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;
} PTT_TPM2_DEVICE_INTERFACE;
/**
This service register TPM2 device.
@param Tpm2Device TPM2 device
@retval EFI_SUCCESS This TPM2 device is registered successfully.
@retval EFI_UNSUPPORTED System does not support register this TPM2 device.
@retval EFI_ALREADY_STARTED System already register this TPM2 device.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (
IN PTT_PASS_THRU_PPI *This,
IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device
);
typedef struct _PTT_PASS_THRU_PPI {
TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;
TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;
TPM2_REGISTER_TPM2_DEVICE_LIB Tpm2RegisterTpm2DeviceLib;
} PTT_PASS_THRU_PPI;
extern EFI_GUID gPttPassThruPpiGuid;
#endif // _EFI_HECI_H

32
Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h Normal file
View File

@ -0,0 +1,32 @@
/*++
Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
--*/
#ifndef _SEC_FTPM_POLICY_PPI_H_
#define _SEC_FTPM_POLICY_PPI_H_
#define SEC_FTPM_POLICY_PPI_GUID \
{ \
0x4fd1ba49, 0x8f90, 0x471a, 0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0 \
}
extern EFI_GUID gSeCfTPMPolicyPpiGuid;
//
// PPI definition
//
typedef struct SEC_FTPM_POLICY_PPI {
BOOLEAN fTPMEnable;
} SEC_FTPM_POLICY_PPI;
#endif

97
Vlv2DeviceRefCodePkg/Include/Protocol/PttPassThru.h Normal file
View File

@ -0,0 +1,97 @@
/*++
Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
--*/
#ifndef _EFI_PTT_PASS_THRU_H
#define _EFI_PTT_PASS_THRU_H
#define PTT_PASS_THRU_PROTOCOL_GUID \
{ \
0x73e2576, 0xf6c1, 0x4b91, 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 \
}
// {073E2576-F6C1-4b91-92A9-D4675DDA34B1}
//static const GUID <<name>> =
//{ 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } };
//#define EFI_PTT_PROTOCOL_GUID HECI_PROTOCOL_GUID
typedef struct _PTT_PASS_THRU_PROTOCOL PTT_PASS_THRU_PROTOCOL;
/**
This service enables the sending of commands to the TPM2.
@param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
@param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
@param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.
@param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_SUBMIT_COMMAND) (
IN PTT_PASS_THRU_PROTOCOL *This,
IN UINT32 InputParameterBlockSize,
IN UINT8 *InputParameterBlock,
IN OUT UINT32 *OutputParameterBlockSize,
IN UINT8 *OutputParameterBlock
);
/**
This service requests use TPM2.
@retval EFI_SUCCESS Get the control of TPM2 chip.
@retval EFI_NOT_FOUND TPM2 not found.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_REQUEST_USE_TPM) (
IN PTT_PASS_THRU_PROTOCOL *This
);
typedef struct {
EFI_GUID ProviderGuid;
TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;
TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;
} PTT_TPM2_DEVICE_INTERFACE;
/**
This service register TPM2 device.
@param Tpm2Device TPM2 device
@retval EFI_SUCCESS This TPM2 device is registered successfully.
@retval EFI_UNSUPPORTED System does not support register this TPM2 device.
@retval EFI_ALREADY_STARTED System already register this TPM2 device.
**/
typedef
EFI_STATUS
(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (
IN PTT_PASS_THRU_PROTOCOL *This,
IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device
);
typedef struct _PTT_PASS_THRU_PROTOCOL {
TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;
TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;
TPM2_REGISTER_TPM2_DEVICE_LIB Tpm2RegisterTpm2DeviceLib;
} PTT_PASS_THRU_PROTOCOL;
extern EFI_GUID gPttPassThruProtocolGuid;
#endif // _EFI_HECI_H

8
Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec
View File

@ -1,6 +1,6 @@
## @file Vlv2DeviceRefCodePkg.dec
#
# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved
# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
@ -37,7 +37,8 @@
gSeCfTPMPolicyPpiGuid = { 0x4fd1ba49, 0x8f90, 0x471a, {0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0}}
gEfiPeiReadOnlyVariable2PpiGuid = { 0x2ab86ef5, 0xecb5, 0x4134, {0xb5, 0x56, 0x38, 0x54, 0xca, 0x1f, 0xe1, 0xb4}}
gPchPeiInitPpiGuid = { 0xACB93B08, 0x5CDC, 0x4A8F, {0x93, 0xD4, 0x6, 0xE3, 0x42, 0xDF, 0x18, 0x2E}}
gPttPassThruPpiGuid = { 0xc5068bac, 0xa7dc, 0x42f1, {0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b}}
[Protocols]
gEfiGlobalNvsAreaProtocolGuid = { 0x074e1e48, 0x8132, 0x47a1, {0x8c, 0x2c, 0x3f, 0x14, 0xad, 0x9a, 0x66, 0xdc}}
gPpmPlatformPolicyProtocolGuid = { 0xddabfeac, 0xef63, 0x452c, {0x8f, 0x39, 0xed, 0x7f, 0xae, 0xd8, 0x26, 0x5e}}
@ -70,7 +71,8 @@
gEfiTdtOperationProtocolGuid = {0xfd301ba4, 0x5e62, 0x4679,{ 0xa0, 0x6f, 0xe0, 0x9a, 0xab, 0xdd, 0x2a, 0x91}}
gEfiConfigFileNameGuid = { 0x98B8D59B, 0xE8BA, 0x48EE, { 0x98, 0xDD, 0xC2, 0x95, 0x39, 0x2F, 0x1E, 0xDB }}
gEfiDFUResultGuid = { 0x14a7c46f, 0xbc02, 0x4047, { 0x9f, 0x18, 0xa5, 0xd7, 0x25, 0xd8, 0xbd, 0x19 }}
gPttPassThruProtocolGuid = { 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } }
[Guids]
gEfiCPTokenSpaceGuid = { 0x918211ce, 0xa1d2, 0x43a0, {0xa0, 0x4e, 0x75, 0xb5, 0xbf, 0x44, 0x50, 0x0E}}
gEfiSmbusArpMapGuid = { 0x707BE83E, 0x0BF6, 0x40A5, {0xBE, 0x64, 0x34, 0xC0, 0x3A, 0xA0, 0xB8, 0xE2}}

2
Vlv2TbltDevicePkg/BiosIdD.env
View File

@ -26,5 +26,5 @@ OEM_ID = I32
BUILD_TYPE = D
BOARD_ID = BLAKCRB
VERSION_MAJOR = 0079
VERSION_MAJOR = 0080
VERSION_MINOR = 01

2
Vlv2TbltDevicePkg/BiosIdR.env
View File

@ -26,5 +26,5 @@ OEM_ID = I32
BUILD_TYPE = R
BOARD_ID = BLAKCRB
VERSION_MAJOR = 0079
VERSION_MAJOR = 0080
VERSION_MINOR = 01

2
Vlv2TbltDevicePkg/BiosIdx64D.env
View File

@ -25,6 +25,6 @@ BOARD_REV = 1
OEM_ID = X64
BUILD_TYPE = D
VERSION_MAJOR = 0079
VERSION_MAJOR = 0080
VERSION_MINOR = 01
BOARD_ID = BBAYCRB

2
Vlv2TbltDevicePkg/BiosIdx64R.env
View File

@ -25,6 +25,6 @@ BOARD_REV = 1
OEM_ID = X64
BUILD_TYPE = R
VERSION_MAJOR = 0079
VERSION_MAJOR = 0080
VERSION_MINOR = 01
BOARD_ID = BBAYCRB

4
Vlv2TbltDevicePkg/Include/Guid/SetupVariable.h
View File

@ -1,6 +1,6 @@
/*++
Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
@ -1110,7 +1110,7 @@ typedef struct {
UINT8 GfxBoost;
UINT8 IgdThermal;
UINT8 SEC00;
UINT8 SEC01;
UINT8 fTPM;
UINT8 SEC02;
UINT8 SEC03;
UINT8 MeasuredBootEnable;

242
Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c Normal file
View File

@ -0,0 +1,242 @@
/** @file
Execute pending TPM2 requests from OS or BIOS.
Caution: This module requires additional review when modified.
This driver will have external input - variable.
This external input must be validated carefully to avoid security issue.
TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiDxe.h>
#include <Protocol/TrEEProtocol.h>
#include <Protocol/VariableLock.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PrintLib.h>
#include <Library/HiiLib.h>
#include <Guid/EventGroup.h>
#include <Guid/TrEEPhysicalPresenceData.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/TrEEPpVendorLib.h>
/**
Get string by string id from HII Interface.
@param[in] Id String ID.
@retval CHAR16 * String from ID.
@retval NULL If error occurs.
**/
CHAR16 *
TrEEPhysicalPresenceGetStringById (
IN EFI_STRING_ID Id
)
{
return NULL;
}
/**
Send ClearControl and Clear command to TPM.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_TIMEOUT The register can't run into the expected status in time.
@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
TpmCommandClear (
IN TPM2B_AUTH *PlatformAuth OPTIONAL
)
{
return EFI_SUCCESS;
}
/**
Execute physical presence operation requested by the OS.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] CommandCode Physical presence operation value.
@param[in, out] PpiFlags The physical presence interface flags.
@retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
@retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
**/
UINT32
TrEEExecutePhysicalPresence (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 CommandCode,
IN OUT EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags
)
{
return 0;
}
/**
Read the specified key for user confirmation.
@param[in] CautionKey If true, F12 is used as confirm key;
If false, F10 is used as confirm key.
@retval TRUE User confirmed the changes by input.
@retval FALSE User discarded the changes.
**/
BOOLEAN
TrEEReadUserKey (
IN BOOLEAN CautionKey
)
{
return FALSE;
}
/**
The constructor function register UNI strings into imageHandle.
It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The constructor successfully added string package.
@retval Other value The constructor can't add string package.
**/
EFI_STATUS
EFIAPI
TrEEPhysicalPresenceLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
return EFI_SUCCESS;
}
/**
Display the confirm text and get user confirmation.
@param[in] TpmPpCommand The requested TPM physical presence command.
@retval TRUE The user has confirmed the changes.
@retval FALSE The user doesn't confirm the changes.
**/
BOOLEAN
TrEEUserConfirm (
IN UINT32 TpmPpCommand
)
{
return FALSE;
}
/**
Check if there is a valid physical presence command request. Also updates parameter value
to whether the requested physical presence command already confirmed by user
@param[in] TcgPpData EFI TrEE Physical Presence request data.
@param[in] Flags The physical presence interface flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm, or already confirmed
in last boot cycle by user.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
TrEEHaveValidTpmRequest (
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags,
OUT BOOLEAN *RequestConfirmed
)
{
return TRUE;
}
/**
Check and execute the requested physical presence command.
Caution: This function may receive untrusted input.
TcgPpData variable is external input, so this function will validate
its data structure to be valid value.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] TcgPpData Point to the physical presence NV variable.
@param[in] Flags The physical presence interface flags.
**/
VOID
TrEEExecutePendingTpmRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags
)
{
return;
}
/**
Check and execute the pending TPM request.
The TPM request may come from OS or BIOS. This API will display request information and wait
for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
the TPM request is confirmed, and one or more reset may be required to make TPM request to
take effect.
This API should be invoked after console in and console out are all ready as they are required
to display request information and get user input to confirm the request.
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
**/
VOID
EFIAPI
TrEEPhysicalPresenceLibProcessRequest (
IN TPM2B_AUTH *PlatformAuth OPTIONAL
)
{
return;
}
/**
Check if the pending TPM request needs user input to confirm.
The TPM request may come from OS. This API will check if TPM request exists and need user
input to confirmation.
@retval TRUE TPM needs input to confirm user physical presence.
@retval FALSE TPM doesn't need input to confirm user physical presence.
**/
BOOLEAN
EFIAPI
TrEEPhysicalPresenceLibNeedUserConfirm(
VOID
)
{
return FALSE;
}

46
Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf Normal file
View File

@ -0,0 +1,46 @@
## @file
# Null instance of DxeTrEEPhysicalPresenceLib
#
# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
# The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
#
#
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = DxeTrEEPhysicalPresenceLib
FILE_GUID = B41B3DB3-ACC5-4fcd-9992-891F3F9C0DA5
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
DxeTrEEPhysicalPresenceLibNull.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
[Protocols]
[Guids]

20
Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
View File

@ -1,6 +1,6 @@
/** @file
Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
@ -1763,10 +1763,12 @@ PlatformBdsPolicyBehavior (
}
#ifdef TPM_ENABLED
TcgPhysicalPresenceLibProcessRequest();
#endif
#ifdef TPM_ENABLED
TcgPhysicalPresenceLibProcessRequest();
#endif
#ifdef FTPM_ENABLE
TrEEPhysicalPresenceLibProcessRequest(NULL);
#endif
//
// Close boot script and install ready to lock
//
@ -1951,10 +1953,12 @@ FULL_CONFIGURATION:
PlatformBdsConnectSequence ();
}
}
#ifdef TPM_ENABLED
#ifdef TPM_ENABLED
TcgPhysicalPresenceLibProcessRequest();
#endif
#endif
#ifdef FTPM_ENABLE
TrEEPhysicalPresenceLibProcessRequest(NULL);
#endif
//
// Close boot script and install ready to lock
//

2
Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
View File

@ -68,7 +68,7 @@
PrintLib
BaseCryptLib
# TcgPhysicalPresenceLib
# TrEEPhysicalPresenceLib
TrEEPhysicalPresenceLib
FileHandleLib
S3BootScriptLib
SerialPortLib

123
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c Normal file
View File

@ -0,0 +1,123 @@
/*++
Copyright (c) 1999 - 2015, Intel Corporation. All rights reserved
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
--*/
#include <Uefi.h>
#include <Protocol/PttPassThru.h>
#include <Library/PcdLib.h>
#include <Library/UefiBootServicesTableLib.h>
//#include <Library/Tpm2DeviceLib.h>
PTT_PASS_THRU_PROTOCOL *mPttPassThruProtocol;
/**
The constructor function caches the pointer to PEI services.
The constructor function caches the pointer to PEI services.
It will always return EFI_SUCCESS.
@param FfsHeader Pointer to FFS header the loaded driver.
@param PeiServices Pointer to the PEI services.
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
**/
EFI_STATUS
EFIAPI
Tpm2DeviceLibConstructor (
VOID
)
{
EFI_STATUS Status = EFI_SUCCESS;
Status = gBS->LocateProtocol (&gPttPassThruProtocolGuid, NULL, (VOID **) &mPttPassThruProtocol);
return Status;
}
/**
This service enables the sending of commands to the TPM2.
@param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
@param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
@param[in] OutputParameterBlockSize Size of the TPM2 output parameter block.
@param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
IN UINT32 InputParameterBlockSize,
IN UINT8 *InputParameterBlock,
IN OUT UINT32 *OutputParameterBlockSize,
IN UINT8 *OutputParameterBlock
)
{
EFI_STATUS Status;
Status = mPttPassThruProtocol->Tpm2SubmitCommand (
mPttPassThruProtocol,
InputParameterBlockSize,
InputParameterBlock,
OutputParameterBlockSize,
OutputParameterBlock
);
return Status;
}
/**
This service requests use TPM2.
@retval EFI_SUCCESS Get the control of TPM2 chip.
@retval EFI_NOT_FOUND TPM2 not found.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2RequestUseTpm (
VOID
)
{
EFI_STATUS Status;
Status = mPttPassThruProtocol->Tpm2RequestUseTpm (mPttPassThruProtocol);
return Status;
}
/**
This service register TPM2 device.
@Param Tpm2Device TPM2 device
@retval EFI_SUCCESS This TPM2 device is registered successfully.
@retval EFI_UNSUPPORTED System does not support register this TPM2 device.
@retval EFI_ALREADY_STARTED System already register this TPM2 device.
**/
EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
return EFI_UNSUPPORTED;
}

67
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf Normal file
View File

@ -0,0 +1,67 @@
#/** @file
#
#
# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
# The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
#
#
#
#**/
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tpm2DeviceLibSeC
FILE_GUID = 294B196A-A3CC-4a43-857F-EEC26147857B
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = Tpm2DeviceLib | DXE_DRIVER DXE_SMM_DRIVER
CONSTRUCTOR = Tpm2DeviceLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources.common]
Tpm2DeviceLibSeC.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec
SecurityPkg/SecurityPkg.dec
Vlv2TbltDevicePkg/PlatformPkg.dec
[LibraryClasses]
BaseLib
PcdLib
UefiBootServicesTableLib
[Guids]
gEfiVLVTokenSpaceGuid
[Pcd]
gEfiVLVTokenSpaceGuid.PcdMeasuredBootEnable
gEfiVLVTokenSpaceGuid.PcdFTPMErrorOccur
gEfiVLVTokenSpaceGuid.PcdFTPMCommand
gEfiVLVTokenSpaceGuid.PcdFTPMResponse
gEfiVLVTokenSpaceGuid.PcdFTPMNotRespond
gEfiVLVTokenSpaceGuid.PcdFTPMStatus
[Protocols]
gPttPassThruProtocolGuid
[Depex]
gPttPassThruProtocolGuid

151
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c Normal file
View File

@ -0,0 +1,151 @@
/*++
Copyright (c) 1999 - 2015, Intel Corporation. All rights reserved
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
--*/
#include <Uefi.h>
#include <PiPei.h>
#include <Ppi/PttPassThruPpi.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/IoLib.h>
#include <Library/DebugLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/PcdLib.h>
PTT_PASS_THRU_PPI *SecPttPassThruPpi = NULL;
/**
The constructor function caches the pointer to PEI services.
The constructor function caches the pointer to PEI services.
It will always return EFI_SUCCESS.
@param FfsHeader Pointer to FFS header the loaded driver.
@param PeiServices Pointer to the PEI services.
@retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.
**/
EFI_STATUS
EFIAPI
Tpm2DeviceLibConstructor (
VOID
)
{
EFI_STATUS Status = EFI_SUCCESS;
Status = PeiServicesLocatePpi (&gPttPassThruPpiGuid, 0, NULL, (VOID **) &SecPttPassThruPpi);
if (EFI_ERROR (Status)) {
// Locate the PPI failed
SecPttPassThruPpi = NULL;
}
return Status;
}
/**
This service enables the sending of commands to the TPM2.
@param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
@param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
@param[in] OutputParameterBlockSize Size of the TPM2 output parameter block.
@param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
IN UINT32 InputParameterBlockSize,
IN UINT8 *InputParameterBlock,
IN OUT UINT32 *OutputParameterBlockSize,
IN UINT8 *OutputParameterBlock
)
{
EFI_STATUS Status = EFI_SUCCESS;
if(NULL == InputParameterBlock || NULL == OutputParameterBlock || 0 == InputParameterBlockSize) {
DEBUG ((EFI_D_ERROR, "Buffer == NULL or InputParameterBlockSize == 0\n"));
Status = EFI_INVALID_PARAMETER;
return Status;
}
if (NULL == SecPttPassThruPpi) {
// Don't locate PPI by calling Tpm2DeviceLibConstructor() function??
Status = EFI_DEVICE_ERROR;
return Status;
}
Status = SecPttPassThruPpi->Tpm2SubmitCommand (
SecPttPassThruPpi,
InputParameterBlockSize,
InputParameterBlock,
OutputParameterBlockSize,
OutputParameterBlock
);
return Status;
}
/**
This service requests use TPM2.
@retval EFI_SUCCESS Get the control of TPM2 chip.
@retval EFI_NOT_FOUND TPM2 not found.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2RequestUseTpm (
VOID
)
{
EFI_STATUS Status = EFI_SUCCESS;
if (NULL == SecPttPassThruPpi) {
// Don't locate PPI by calling Tpm2DeviceLibConstructor() function??
Status = EFI_DEVICE_ERROR;
return Status;
}
Status = SecPttPassThruPpi->Tpm2RequestUseTpm (SecPttPassThruPpi);
return Status;
}
/**
This service register TPM2 device.
@Param Tpm2Device TPM2 device
@retval EFI_SUCCESS This TPM2 device is registered successfully.
@retval EFI_UNSUPPORTED System does not support register this TPM2 device.
@retval EFI_ALREADY_STARTED System already register this TPM2 device.
**/
EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
return EFI_UNSUPPORTED;
}

66
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf Normal file
View File

@ -0,0 +1,66 @@
#/** @file
#
#
# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
# The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php.
#
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
#
#
#
#**/
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tpm2DeviceLibSeC
FILE_GUID = 1EEA2BFE-01CB-40cc-A34E-CB224C800AA2
MODULE_TYPE = BASE
VERSION_STRING = 1.0
LIBRARY_CLASS = Tpm2DeviceLib | PEI_DRIVER PEIM
CONSTRUCTOR = Tpm2DeviceLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources.common]
Tpm2DeviceLibSeC.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec
SecurityPkg/SecurityPkg.dec
Vlv2TbltDevicePkg/PlatformPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
DebugLib
IoLib
PciLib
TimerLib
PcdLib
PeiServicesLib
PeimEntryPoint
[Guids]
[Ppis]
gPttPassThruPpiGuid
[Depex]
gPttPassThruPpiGuid

70
Vlv2TbltDevicePkg/PlatformPei/Platform.c
View File

@ -28,6 +28,7 @@ Module Name:
#include <Ppi/MfgMemoryTest.h>
#include <Guid/SetupVariable.h>
#include <Guid/Vlv2Variable.h>
#include <Ppi/fTPMPolicy.h>
//
// Start::Alpine Valley platform
@ -190,6 +191,67 @@ PeiSmbusExec (
UINT8 *Buffer
);
EFI_STATUS
FtpmPolicyInit (
IN CONST EFI_PEI_SERVICES **PeiServices,
IN SYSTEM_CONFIGURATION *pSystemConfiguration
)
{
EFI_STATUS Status;
EFI_PEI_PPI_DESCRIPTOR *mFtpmPolicyPpiDesc;
SEC_FTPM_POLICY_PPI *mFtpmPolicyPpi;
DEBUG((EFI_D_INFO, "FtpmPolicyInit Entry \n"));
if (NULL == PeiServices || NULL == pSystemConfiguration) {
DEBUG((EFI_D_ERROR, "Input error. \n"));
return EFI_INVALID_PARAMETER;
}
Status = (*PeiServices)->AllocatePool(
PeiServices,
sizeof (EFI_PEI_PPI_DESCRIPTOR),
(void **)&mFtpmPolicyPpiDesc
);
ASSERT_EFI_ERROR (Status);
Status = (*PeiServices)->AllocatePool(
PeiServices,
sizeof (SEC_FTPM_POLICY_PPI),
(void **)&mFtpmPolicyPpi
);
ASSERT_EFI_ERROR (Status);
//
// Initialize PPI
//
(*PeiServices)->SetMem ((VOID *)mFtpmPolicyPpi, sizeof (SEC_FTPM_POLICY_PPI), 0);
mFtpmPolicyPpiDesc->Flags = EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST;
mFtpmPolicyPpiDesc->Guid = &gSeCfTPMPolicyPpiGuid;
mFtpmPolicyPpiDesc->Ppi = mFtpmPolicyPpi;
DEBUG((EFI_D_INFO, "pSystemConfiguration->fTPM = 0x%x \n", pSystemConfiguration->fTPM));
if(pSystemConfiguration->fTPM == 1) {
mFtpmPolicyPpi->fTPMEnable = TRUE;
} else {
mFtpmPolicyPpi->fTPMEnable = FALSE;
}
Status = (*PeiServices)->InstallPpi(
PeiServices,
mFtpmPolicyPpiDesc
);
ASSERT_EFI_ERROR (Status);
DEBUG((EFI_D_INFO, "FtpmPolicyInit done \n"));
return EFI_SUCCESS;
}
/**
This routine attempts to acquire the SMBus
@ -697,6 +759,14 @@ PeiInitPlatform (
);
#ifdef FTPM_ENABLE
Status = FtpmPolicyInit(PeiServices, &SystemConfiguration);
if (EFI_ERROR (Status)) {
DEBUG((EFI_D_ERROR, "fTPM init failed.\n"));
}
#endif
//
// Set the new boot mode for MRC
//

1
Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf
View File

@ -107,6 +107,7 @@
gPeiMfgMemoryTestPpiGuid
gPeiSha256HashPpiGuid
gVlvMmioPolicyPpiGuid
gSeCfTPMPolicyPpiGuid
[Guids]
gEfiSetupVariableGuid

23
Vlv2TbltDevicePkg/PlatformPkg.fdf
View File

@ -1,7 +1,7 @@
#/** @file
# FDF file of Platform.
#
# Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
@ -294,6 +294,9 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
!if $(ACPI50_ENABLE) == TRUE
@ -349,6 +352,10 @@ INF $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
!endif
!if $(SOURCE_DEBUG_ENABLE) == TRUE
INF SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
!endif
@ -497,11 +504,24 @@ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET
INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
!endif
!if $(MINNOW2_FSP_BUILD) == FALSE
!if $(SEC_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
!endif
!endif
!if $(TPM_ENABLED) == TRUE
INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
!endif
#
# EDK II Related Platform codes
@ -1010,6 +1030,7 @@ FV = BiosUpdate
FILE SMM = $(NAMED_GUID) {
SMM_DEPEX SMM_DEPEX |.depex
PE32 PE32 |.efi
RAW BIN Optional |.aml
UI STRING="$(MODULE_NAME)" Optional
VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
}

3
Vlv2TbltDevicePkg/PlatformPkgConfig.dsc
View File

@ -1,7 +1,7 @@
#/** @file
# platform configuration file.
#
# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
@ -43,6 +43,7 @@ DEFINE CLKGEN_CONFIG_EXTRA_ENABLE=TRUE
#
DEFINE USE_HPET_TIMER = FALSE
#
# Feature selection
#

23
Vlv2TbltDevicePkg/PlatformPkgGcc.fdf
View File

@ -1,7 +1,7 @@
#/** @file
# FDF file of Platform.
#
# Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
@ -252,6 +252,9 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
!if $(ACPI50_ENABLE) == TRUE
@ -307,6 +310,10 @@ INF $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
!endif
!if $(SOURCE_DEBUG_ENABLE) == TRUE
INF SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
!endif
@ -455,11 +462,24 @@ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET
INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
!endif
!if $(MINNOW2_FSP_BUILD) == FALSE
!if $(SEC_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
!endif
!endif
!if $(TPM_ENABLED) == TRUE
INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
!endif
!if $(FTPM_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
!endif
#
# EDK II Related Platform codes
@ -968,6 +988,7 @@ FV = BiosUpdate
FILE SMM = $(NAMED_GUID) {
SMM_DEPEX SMM_DEPEX |.depex
PE32 PE32 |.efi
RAW BIN Optional |.aml
UI STRING="$(MODULE_NAME)" Optional
VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
}

88
Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
View File

@ -77,6 +77,9 @@
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
DEFINE SEC_ENABLE = FALSE
DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
DEFINE FTPM_ENABLE = FALSE
################################################################################
#
@ -266,9 +269,18 @@
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
!if $(FTPM_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
!if $(FTPM_ENABLE) == TRUE
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
!endif
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
@ -319,8 +331,9 @@
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
!endif
[LibraryClasses.X64]
#
@ -584,7 +597,7 @@
[PcdsFixedAtBuild.common]
!if $(MINNOW2_FSP_BUILD) == TRUE
# $(FLASH_REGION_VLVMICROCODE_BASE)
# $(FLASH_REGION_VLVMICROCODE_BASE)
gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchAddress|0xFFD00000
# $(FLASH_REGION_VLVMICROCODE_SIZE)
gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize|0x00030000
@ -595,7 +608,6 @@
gFspWrapperTokenSpaceGuid.PcdFlashCodeCacheSize|0x00800000
# $(FLASH_REGION_FSPBIN_BASE)
gFspWrapperTokenSpaceGuid.PcdFlashFvFspBase|0xFFDB0000
!endif
!if $(PERFORMANCE_ENABLE) == TRUE
@ -811,6 +823,9 @@
!if $(TPM_ENABLED) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
!if $(FTPM_ENABLE) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
## This PCD defines the video horizontal resolution.
# This PCD could be set to 0 then video resolution could be at highest resolution.
@ -902,12 +917,20 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<BuildOptions>
!if $(FTPM_ENABLE)==TRUE
*_*_IA32_CC_FLAGS = /D FTPM_ENABLE
!endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
!endif
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
@ -929,6 +952,9 @@
}
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
@ -989,6 +1015,17 @@
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
!if $(FTPM_ENABLE) == TRUE
SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<LibraryClasses>
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
}
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1083,6 +1120,9 @@
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
@ -1097,6 +1137,11 @@
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
!else
TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
!endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
@ -1200,6 +1245,32 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
!if $(SEC_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
!else
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
<LibraryClasses>
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1494,6 +1565,11 @@
DEFINE X64_BUILD_ENABLE =
!endif
!if $(FTPM_ENABLE) == TRUE
DEFINE DSC_FTPM_BUILD_OPTIONS = -DFTPM_ENABLE
!else
DEFINE DSC_FTPM_BUILD_OPTIONS =
!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = -DTPM_ENABLED
!else
@ -1501,7 +1577,7 @@
!endif
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif

85
Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
View File

@ -77,6 +77,9 @@
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
DEFINE SEC_ENABLE = TRUE
DEFINE SEC_DEBUG_INFO_ENABLE = TRUE
DEFINE FTPM_ENABLE = TRUE
################################################################################
#
@ -266,9 +269,18 @@
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
!if $(FTPM_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
!if $(FTPM_ENABLE) == TRUE
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
!endif
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
@ -319,8 +331,9 @@
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
!endif
[LibraryClasses.IA32]
#
@ -810,6 +823,9 @@
!if $(TPM_ENABLED) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
!if $(FTPM_ENABLE) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
## This PCD defines the video horizontal resolution.
# This PCD could be set to 0 then video resolution could be at highest resolution.
@ -898,12 +914,20 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<BuildOptions>
!if $(FTPM_ENABLE)==TRUE
*_*_IA32_CC_FLAGS = /D FTPM_ENABLE
!endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
!endif
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
@ -925,6 +949,9 @@
}
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
@ -985,6 +1012,17 @@
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
!if $(FTPM_ENABLE) == TRUE
SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<LibraryClasses>
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
}
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1078,6 +1116,9 @@
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
@ -1092,6 +1133,11 @@
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
!else
TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
!endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
@ -1195,6 +1241,32 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
!if $(SEC_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
!else
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
<LibraryClasses>
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1483,6 +1555,11 @@
DEFINE X64_BUILD_ENABLE =
!endif
!if $(FTPM_ENABLE) == TRUE
DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
!else
DEFINE DSC_FTPM_BUILD_OPTIONS =
!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
!else
@ -1490,7 +1567,7 @@
!endif
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif

84
Vlv2TbltDevicePkg/PlatformPkgX64.dsc
View File

@ -76,7 +76,10 @@
!endif
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
DEFINE SEC_ENABLE = FALSE
DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
DEFINE FTPM_ENABLE = FALSE
################################################################################
#
@ -266,9 +269,18 @@
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
!if $(FTPM_ENABLE) == TRUE
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
!if $(FTPM_ENABLE) == TRUE
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
!endif
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
@ -319,8 +331,9 @@
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
!endif
[LibraryClasses.X64]
#
@ -898,12 +911,20 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<BuildOptions>
!if $(FTPM_ENABLE)==TRUE
*_*_IA32_CC_FLAGS = /D FTPM_ENABLE
!endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
!endif
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
@ -925,6 +946,9 @@
}
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
@ -985,6 +1009,17 @@
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
!if $(FTPM_ENABLE) == TRUE
SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
<LibraryClasses>
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
}
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1078,6 +1113,9 @@
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
!endif
!if $(FTPM_ENABLE) == TRUE
NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
@ -1092,6 +1130,11 @@
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
!if $(FTPM_ENABLE) == TRUE
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
!else
TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
!endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
@ -1195,6 +1238,32 @@
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
!if $(SEC_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
!else
<BuildOptions>
*_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
!endif
!if $(FTPM_ENABLE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
<LibraryClasses>
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
@ -1483,6 +1552,11 @@
DEFINE X64_BUILD_ENABLE =
!endif
!if $(FTPM_ENABLE) == TRUE
DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
!else
DEFINE DSC_FTPM_BUILD_OPTIONS =
!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
!else
@ -1490,7 +1564,7 @@
!endif
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif

17
Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi
View File

@ -37,19 +37,32 @@ form formid = SECURITY_CONFIGURATION_FORM_ID,
//TPM related
//
subtitle text = STRING_TOKEN(STR_TPM_CONFIGURATION_PROMPT);
grayoutif ideqval Setup.ETpm== 0x1;
oneof varid = Setup.fTPM,
prompt = STRING_TOKEN(STR_PTT_PROMPT),
help = STRING_TOKEN(STR_PTT_HELP),
option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
endoneof;
endif;
grayoutif ideqval Setup.fTPM == 0x1;
oneof varid = Setup.ETpm,
prompt = STRING_TOKEN(STR_TPM_PROMPT),
help = STRING_TOKEN(STR_TPM_HELP),
option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_DISABLE), value= 0, flags= RESET_REQUIRED;
option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
endoneof;
endif;
suppressif ideqval Setup.fTPM == 0;
oneof varid = Setup.MeasuredBootEnable,
prompt = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_PROMPT),
help = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_HELP),
option text = STRING_TOKEN(STR_DISABLE), value = 0, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
endoneof;
endif;
subtitle text = STRING_TOKEN(STR_NULL_STRING);