SecurityPkg/include: remove TrEE.

TrEE is deprecated. We need use Tcg2. Cc: Chao B Zhang <chao.b.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao <jiewen.yao@intel.com> Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>
2018-03-14 21:56:16 +08:00 · 2018-03-14 21:56:16 +08:00 · f5a343f5ef
parent 8afbd22eea
commit f5a343f5ef
4 changed files with 0 additions and 313 deletions
--- a/SecurityPkg/Include/Guid/TrEEConfigHii.h
+++ b/SecurityPkg/Include/Guid/TrEEConfigHii.h
@ -1,25 +0,0 @@
 /** @file
  GUIDs used as HII FormSet and HII Package list GUID in TrEEConfig driver. 
 Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials are licensed and made available under 
 the terms and conditions of the BSD License that accompanies this distribution.  
 The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php.                                            
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,                     
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 #ifndef __TREE_CONFIG_HII_GUID_H__
 #define __TREE_CONFIG_HII_GUID_H__
 #define TREE_CONFIG_FORM_SET_GUID \
  { \
    0xc54b425f, 0xaa79, 0x48b4, { 0x98, 0x1f, 0x99, 0x8b, 0x3c, 0x4b, 0x64, 0x1c } \
  }
 extern EFI_GUID gTrEEConfigFormSetGuid;
 #endif
--- a/SecurityPkg/Include/Guid/TrEEPhysicalPresenceData.h
+++ b/SecurityPkg/Include/Guid/TrEEPhysicalPresenceData.h
@ -1,67 +0,0 @@
 /** @file
  Define the variable data structures used for TrEE physical presence.
  The TPM2 request from firmware or OS is saved to variable. And it is
  cleared after it is processed in the next boot cycle. The TPM2 response 
  is saved to variable.
 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 #ifndef __TREE_PHYSICAL_PRESENCE_DATA_GUID_H__
 #define __TREE_PHYSICAL_PRESENCE_DATA_GUID_H__
 #define EFI_TREE_PHYSICAL_PRESENCE_DATA_GUID \
  { \
    0xf24643c2, 0xc622, 0x494e, { 0x8a, 0xd, 0x46, 0x32, 0x57, 0x9c, 0x2d, 0x5b }\
  }
 #define TREE_PHYSICAL_PRESENCE_VARIABLE  L"TrEEPhysicalPresence"
 typedef struct {
  UINT8   PPRequest;      ///< Physical Presence request command.
  UINT8   LastPPRequest;
  UINT32  PPResponse;
 } EFI_TREE_PHYSICAL_PRESENCE;
 //
 // The definition bit of the flags
 //
 // BIT0 is reserved
 #define TREE_FLAG_NO_PPI_CLEAR                        BIT1
 // BIT2 is reserved
 #define TREE_FLAG_RESET_TRACK                         BIT3
 //
 // This variable is used to save TPM Management Flags and corresponding operations.
 // It should be protected from malicious software (e.g. Set it as read-only variable). 
 //
 #define TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE  L"TrEEPhysicalPresenceFlags"
 typedef struct {
  UINT8   PPFlags;
 } EFI_TREE_PHYSICAL_PRESENCE_FLAGS;
 //
 // The definition of physical presence operation actions
 //
 #define TREE_PHYSICAL_PRESENCE_NO_ACTION                               0
 #define TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR                     5
 #define TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_2                   14
 #define TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE                  17
 #define TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE                   18
 #define TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_3                   21
 #define TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4                   22
 #define TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX                           22
 extern EFI_GUID  gEfiTrEEPhysicalPresenceGuid;
 #endif
--- a/SecurityPkg/Include/Library/TrEEPhysicalPresenceLib.h
+++ b/SecurityPkg/Include/Library/TrEEPhysicalPresenceLib.h
@ -1,57 +0,0 @@
 /** @file
  This library is intended to be used by BDS modules.
  This library will execute TPM2 request.
 Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD License 
 which accompanies this distribution.  The full text of the license may be found at 
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 #ifndef _TREE_PHYSICAL_PRESENCE_LIB_H_
 #define _TREE_PHYSICAL_PRESENCE_LIB_H_
 #include <IndustryStandard/Tpm20.h>
 #include <Protocol/TrEEProtocol.h>
 /**
  Check and execute the pending TPM request.
  The TPM request may come from OS or BIOS. This API will display request information and wait 
  for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
  the TPM request is confirmed, and one or more reset may be required to make TPM request to 
  take effect.
  This API should be invoked after console in and console out are all ready as they are required
  to display request information and get user input to confirm the request.  
  @param  PlatformAuth                   platform auth value. NULL means no platform auth change.
 **/
 VOID
 EFIAPI
 TrEEPhysicalPresenceLibProcessRequest (
  IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL
  );
 /**
  Check if the pending TPM request needs user input to confirm.
  The TPM request may come from OS. This API will check if TPM request exists and need user
  input to confirmation.
  @retval    TRUE        TPM needs input to confirm user physical presence.
  @retval    FALSE       TPM doesn't need input to confirm user physical presence.
 **/
 BOOLEAN
 EFIAPI
 TrEEPhysicalPresenceLibNeedUserConfirm(
  VOID
  );
 #endif
--- a/SecurityPkg/Include/Library/TrEEPpVendorLib.h
+++ b/SecurityPkg/Include/Library/TrEEPpVendorLib.h
@ -1,164 +0,0 @@
 /** @file
  This library is to support Trusted Execution Environment (TrEE) ACPI Profile
  >= 128 Vendor Specific PPI Operation.
  The Vendor Specific PPI operation may change TPM state, BIOS TPM management
  flags, and may need additional boot cycle.
  Caution: This function may receive untrusted input.
 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials 
 are licensed and made available under the terms and conditions of the BSD License 
 which accompanies this distribution.  The full text of the license may be found at 
 http://opensource.org/licenses/bsd-license.php
 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 **/
 #ifndef _TREE_PP_VENDOR_LIB_H_
 #define _TREE_PP_VENDOR_LIB_H_
 #include <IndustryStandard/Tpm20.h>
 #include <Protocol/TrEEProtocol.h>
 //
 // The definition of physical presence operation actions
 //
 #define TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION                         128
 //
 // The definition bit of the BIOS TPM Management Flags
 //
 // BIT0 is reserved
 #define TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR                        BIT1
 // BIT2 is reserved
 #define TREE_VENDOR_LIB_FLAG_RESET_TRACK                                  BIT3
 //
 // The definition for TPM Operation Response to OS Environment
 //
 #define TREE_PP_OPERATION_RESPONSE_SUCCESS              0x0
 #define TREE_PP_OPERATION_RESPONSE_USER_ABORT           0xFFFFFFF0
 #define TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE         0xFFFFFFF1
 //
 // The return code for Submit TPM Request to Pre-OS Environment
 // and Submit TPM Request to Pre-OS Environment 2
 //
 #define TREE_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS                                  0
 #define TREE_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED                          1
 #define TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE                          2
 #define TREE_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS                 3
 //
 // The return code for Get User Confirmation Status for Operation
 //
 #define TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED                                 0
 #define TREE_PP_GET_USER_CONFIRMATION_BIOS_ONLY                                       1
 #define TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION                   2
 #define TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED                     3
 #define TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED                 4
 /**
  Check and execute the requested physical presence command.
  This API should be invoked in BIOS boot phase to process pending request.
  Caution: This function may receive untrusted input.
  If OperationRequest < 128, then ASSERT().
  @param[in]      PlatformAuth     platform auth value. NULL means no platform auth change.
  @param[in]      OperationRequest TPM physical presence operation request.
  @param[in, out] ManagementFlags  BIOS TPM Management Flags.
  @param[out]     ResetRequired    If reset is required to vendor settings in effect.
                                   True, it indicates the reset is required.
                                   False, it indicates the reset is not required.
  @return TPM Operation Response to OS Environment.
 **/
 UINT32
 EFIAPI
 TrEEPpVendorLibExecutePendingRequest (
  IN TPM2B_AUTH             *PlatformAuth,  OPTIONAL
  IN UINT32                 OperationRequest,
  IN OUT UINT32             *ManagementFlags,
  OUT BOOLEAN               *ResetRequired
  );
 /**
  Check if there is a valid physical presence command request.
  This API should be invoked in BIOS boot phase to process pending request.
  Caution: This function may receive untrusted input.
  If OperationRequest < 128, then ASSERT().
  @param[in]      OperationRequest TPM physical presence operation request.
  @param[in]      ManagementFlags  BIOS TPM Management Flags.
  @param[out]     RequestConfirmed If the physical presence operation command required user confirm from UI.
                                   True, it indicates the command doesn't require user confirm.
                                   False, it indicates the command need user confirm from UI.
  @retval  TRUE        Physical Presence operation command is valid.
  @retval  FALSE       Physical Presence operation command is invalid.
 **/
 BOOLEAN
 EFIAPI
 TrEEPpVendorLibHasValidRequest (
  IN UINT32                 OperationRequest,
  IN UINT32                 ManagementFlags,
  OUT BOOLEAN               *RequestConfirmed
  );
 /**
  The callback for TPM vendor specific physical presence which is called for
  Submit TPM Operation Request to Pre-OS Environment and
  Submit TPM Operation Request to Pre-OS Environment 2.
  This API should be invoked in OS runtime phase to interface with ACPI method.
  Caution: This function may receive untrusted input.
  If OperationRequest < 128, then ASSERT().
  @param[in]      OperationRequest TPM physical presence operation request.
  @param[in]      ManagementFlags  BIOS TPM Management Flags.
  @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
          Submit TPM Operation Request to Pre-OS Environment 2.
 **/
 UINT32
 EFIAPI
 TrEEPpVendorLibSubmitRequestToPreOSFunction (
  IN UINT32                 OperationRequest,
  IN UINT32                 ManagementFlags
  );
 /**
  The callback for TPM vendor specific physical presence which is called for
  Get User Confirmation Status for Operation.
  This API should be invoked in OS runtime phase to interface with ACPI method.
  Caution: This function may receive untrusted input.
  If OperationRequest < 128, then ASSERT().
  @param[in]      OperationRequest TPM physical presence operation request.
  @param[in]      ManagementFlags  BIOS TPM Management Flags.
  @return Return Code for Get User Confirmation Status for Operation.
 **/
 UINT32
 EFIAPI
 TrEEPpVendorLibGetUserConfirmationStatusFunction (
  IN UINT32                 OperationRequest,
  IN UINT32                 ManagementFlags
  );
 #endif