Changeset 58459 in vbox for trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg
- Timestamp:
- Oct 28, 2015 8:17:18 PM (9 years ago)
- svn:sync-xref-src-repo-rev:
- 103761
- Location:
- trunk/src/VBox/Devices/EFI/Firmware
- Files:
-
- 23 edited
-
. (modified) (1 prop)
-
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c (modified) (6 diffs)
-
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h (modified) (2 diffs)
-
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf (modified) (3 diffs)
-
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c (modified) (5 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h (modified) (2 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h (modified) (3 diffs)
-
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni (modified) ( previous)
-
SecurityPkg/Tcg/TcgDxe/TcgDxe.c (modified) (30 diffs)
-
SecurityPkg/Tcg/TcgDxe/TcgDxe.inf (modified) (3 diffs)
-
SecurityPkg/Tcg/TcgDxe/TisDxe.c (modified) (2 diffs)
-
SecurityPkg/Tcg/TcgDxe/TpmComm.c (modified) (2 diffs)
-
SecurityPkg/Tcg/TcgPei/TcgPei.c (modified) (23 diffs)
-
SecurityPkg/Tcg/TcgPei/TcgPei.inf (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgPei/TpmComm.c (modified) (2 diffs)
-
SecurityPkg/Tcg/TcgSmm/TcgSmm.c (modified) (15 diffs)
-
SecurityPkg/Tcg/TcgSmm/TcgSmm.h (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf (modified) (4 diffs)
-
SecurityPkg/Tcg/TcgSmm/Tpm.asl (modified) (2 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/VBox/Devices/EFI/Firmware
-
Property svn:mergeinfo
set to (toggle deleted branches)
/vendor/edk2/current 103735-103757
-
Property svn:mergeinfo
set to (toggle deleted branches)
-
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c
r48674 r58459 5 5 will clear MOR_CLEAR_MEMORY_BIT bit if it is set. 6 6 7 Copyright (c) 2009 - 201 1, Intel Corporation. All rights reserved.<BR>7 Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR> 8 8 This program and the accompanying materials 9 9 are licensed and made available under the terms and conditions of the BSD License … … 17 17 18 18 #include "TcgMor.h" 19 20 UINT8 mMorControl; 21 22 /** 23 Ready to Boot Event notification handler. 24 25 Sequence of OS boot events is measured in this event notification handler. 26 27 @param[in] Event Event whose notification function is being invoked 28 @param[in] Context Pointer to the notification function's context 29 30 **/ 31 VOID 32 EFIAPI 33 OnReadyToBoot ( 34 IN EFI_EVENT Event, 35 IN VOID *Context 36 ) 37 { 38 EFI_STATUS Status; 39 UINTN DataSize; 40 41 if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) { 42 // 43 // MorControl is expected, directly return to avoid unnecessary variable operation 44 // 45 return ; 46 } 47 // 48 // Clear MOR_CLEAR_MEMORY_BIT 49 // 50 DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n")); 51 mMorControl &= 0xFE; 52 53 DataSize = sizeof (mMorControl); 54 Status = gRT->SetVariable ( 55 MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, 56 &gEfiMemoryOverwriteControlDataGuid, 57 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, 58 DataSize, 59 &mMorControl 60 ); 61 if (EFI_ERROR (Status)) { 62 DEBUG ((EFI_D_ERROR, "TcgMor: Clear MOR_CLEAR_MEMORY_BIT failure, Status = %r\n")); 63 } 64 } 65 19 66 20 67 /** … … 35 82 { 36 83 EFI_STATUS Status; 37 UINT8 MorControl;38 84 UINTN DataSize; 85 EFI_EVENT Event; 39 86 40 87 /// … … 42 89 /// 43 90 44 DataSize = sizeof ( MorControl);91 DataSize = sizeof (mMorControl); 45 92 Status = gRT->GetVariable ( 46 93 MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, … … 48 95 NULL, 49 96 &DataSize, 50 & MorControl97 &mMorControl 51 98 ); 52 99 if (EFI_ERROR (Status)) { … … 54 101 // Set default value to 0 55 102 // 56 MorControl = 0; 103 mMorControl = 0; 104 Status = gRT->SetVariable ( 105 MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME, 106 &gEfiMemoryOverwriteControlDataGuid, 107 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS, 108 DataSize, 109 &mMorControl 110 ); 111 DEBUG ((EFI_D_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status)); 57 112 } else { 58 if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {59 //60 // MorControl is expected, directly return to avoid unnecessary variable operation61 //62 return EFI_SUCCESS;63 }64 113 // 65 // C lear MOR_CLEAR_MEMORY_BIT114 // Create a Ready To Boot Event and Clear the MorControl bit in the call back function. 66 115 // 67 DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n")); 68 MorControl &= 0xFE; 69 } 116 DEBUG ((EFI_D_INFO, "TcgMor: Create ReadyToBoot Event for MorControl Bit cleanning!\n")); 117 Status = EfiCreateEventReadyToBootEx ( 118 TPL_CALLBACK, 119 OnReadyToBoot, 120 NULL, 121 &Event 122 ); 123 } 70 124 71 Status = gRT->SetVariable (72 MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,73 &gEfiMemoryOverwriteControlDataGuid,74 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,75 DataSize,76 &MorControl77 );78 ASSERT_EFI_ERROR (Status);79 125 return Status; 80 126 } -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h
r48674 r58459 2 2 The header file for TcgMor. 3 3 4 Copyright (c) 2009 , Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 23 23 #include <Library/UefiRuntimeServicesTableLib.h> 24 24 #include <Library/DebugLib.h> 25 #include <Library/UefiLib.h> 25 26 26 27 #endif -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
r48674 r58459 1 1 ## @file 2 # Component description file for Memory Overwrite Control driver.2 # Initilizes MemoryOverwriteRequestControl variable 3 3 # 4 # Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR> 4 # This module will clear MOR_CLEAR_MEMORY_BIT bit if it is set. 5 # 6 # Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR> 5 7 # This program and the accompanying materials 6 8 # are licensed and made available under the terms and conditions of the BSD License … … 15 17 INF_VERSION = 0x00010005 16 18 BASE_NAME = TcgMor 19 MODULE_UNI_FILE = TcgMor.uni 17 20 FILE_GUID = AD416CE3-A483-45b1-94C2-4B4E4D575562 18 21 MODULE_TYPE = DXE_DRIVER … … 40 43 ReportStatusCodeLib 41 44 DebugLib 45 UefiLib 42 46 43 47 [Guids] 44 gEfiMemoryOverwriteControlDataGuid # GUID ALWAYS_CONSUMED 48 ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" 49 ## PRODUCES ## Variable:L"MemoryOverwriteRequestControl" 50 gEfiMemoryOverwriteControlDataGuid 45 51 46 52 [Depex] 47 53 gEfiVariableArchProtocolGuid AND 48 54 gEfiVariableWriteArchProtocolGuid AND 49 gEfiTcgProtocolGuid55 ( gEfiTcgProtocolGuid OR gEfiTrEEProtocolGuid ) 50 56 57 [UserExtensions.TianoCore."ExtraFiles"] 58 TcgMorExtra.uni -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
r48674 r58459 1 1 ## @file 2 # Component description file for physical presence PEI module.2 # Produces a PPI to indicate whether to lock TPM in PEI phase 3 3 # 4 # Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR> 4 # This module produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate whether 5 # TPM physical presence needs to be locked. It can be replaced by a 6 # platform specific module. 7 # 8 # Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR> 5 9 # This program and the accompanying materials 6 10 # are licensed and made available under the terms and conditions of the BSD License … … 16 20 INF_VERSION = 0x00010005 17 21 BASE_NAME = PhysicalPresencePei 22 MODULE_UNI_FILE = PhysicalPresencePei.uni 18 23 FILE_GUID = 4FE772E8-FE3E-4086-B638-8C493C490488 19 24 MODULE_TYPE = PEIM … … 41 46 42 47 [Ppis] 43 gPeiLockPhysicalPresencePpiGuid 44 gEfiPeiReadOnlyVariable2PpiGuid 48 gPeiLockPhysicalPresencePpiGuid ## PRODUCES 49 gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES 45 50 46 51 [Guids] 47 gEfiPhysicalPresenceGuid 52 gEfiPhysicalPresenceGuid ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence" 48 53 49 54 [Pcd] 50 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence 55 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence ## SOMETIMES_CONSUMES 51 56 52 57 [Depex] … … 54 59 gEfiPeiReadOnlyVariable2PpiGuid AND 55 60 gPeiTpmInitializedPpiGuid 61 62 [UserExtensions.TianoCore."ExtraFiles"] 63 PhysicalPresencePeiExtra.uni 64 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
r48674 r58459 2 2 VFR file used by the TCG configuration component. 3 3 4 Copyright (c) 2011 - 201 2, Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 45 45 endif; 46 46 47 suppressif TRUE;48 checkbox varid = TCG_CONFIGURATION.OriginalHideTpm,49 prompt = STRING_TOKEN(STR_NULL),50 help = STRING_TOKEN(STR_NULL),51 endcheckbox;52 endif;53 54 47 text 55 48 help = STRING_TOKEN(STR_TPM_STATE_HELP), … … 59 52 subtitle text = STRING_TOKEN(STR_NULL); 60 53 61 label LABEL_TCG_CONFIGURATION_HIDETPM;62 63 checkbox varid = TCG_CONFIGURATION.HideTpm,64 questionid = KEY_HIDE_TPM,65 prompt = STRING_TOKEN(STR_HIDE_TPM_PROMPT),66 help = STRING_TOKEN(STR_HIDE_TPM_HELP),67 flags = RESET_REQUIRED,68 endcheckbox;69 70 label LABEL_END;71 72 grayoutif ideqval TCG_CONFIGURATION.OriginalHideTpm == 1;73 54 oneof varid = TCG_CONFIGURATION.TpmOperation, 74 55 questionid = KEY_TPM_ACTION, … … 103 84 subtitle text = STRING_TOKEN(STR_NULL); 104 85 105 checkbox varid = TCG_CONFIGURATION.MorState,106 questionid = KEY_TPM_MOR_ENABLE,107 prompt = STRING_TOKEN(STR_MOR_PROMPT),108 help = STRING_TOKEN(STR_MOR_HELP),109 endcheckbox;110 endif;111 112 86 endform; 113 87 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c
r48674 r58459 2 2 The module entry point for Tcg configuration module. 3 3 4 Copyright (c) 2011 , Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 14 14 15 15 #include "TcgConfigImpl.h" 16 #include <Guid/TpmInstance.h> 16 17 17 18 /** … … 37 38 TCG_CONFIG_PRIVATE_DATA *PrivateData; 38 39 EFI_TCG_PROTOCOL *TcgProtocol; 40 41 if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){ 42 DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n")); 43 return EFI_UNSUPPORTED; 44 } 39 45 40 46 Status = TisPcRequestUseTpm ((TIS_TPM_HANDLE) (UINTN) TPM_BASE_ADDRESS); … … 70 76 71 77 PrivateData->TcgProtocol = TcgProtocol; 72 PrivateData->HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm));73 78 74 79 // -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
r48674 r58459 1 1 ## @file 2 # Component name for Tcg configuration module. 2 # Provides the capability to update TPM state setup browser 3 # By this module, user may enable/disable/activate/deactivate/clear TPM, etc. 3 4 # 4 # Copyright (c) 2011 , Intel Corporation. All rights reserved.<BR>5 # Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 5 6 # This program and the accompanying materials 6 7 # are licensed and made available under the terms and conditions of the BSD License … … 15 16 INF_VERSION = 0x00010005 16 17 BASE_NAME = TcgConfigDxe 18 MODULE_UNI_FILE = TcgConfigDxe.uni 17 19 FILE_GUID = 1FA4DAFE-FA5D-4d75-BEA6-5863862C520A 18 20 MODULE_TYPE = DXE_DRIVER … … 54 56 55 57 [Guids] 58 ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence" 59 ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence" 56 60 gEfiPhysicalPresenceGuid 57 gEfiIfrTianoGuid 61 62 gEfiIfrTianoGuid ## SOMETIMES_PRODUCES ## GUID # HII opcode 63 ## PRODUCES ## HII 64 ## CONSUMES ## HII 58 65 gTcgConfigFormSetGuid 66 gEfiTpmDeviceInstanceTpm12Guid ## CONSUMES ## GUID # TPM device identifier 59 67 60 68 [Protocols] 61 gEfiHiiConfigAccessProtocolGuid ## PRODUCES 62 gEfiHiiConfigRoutingProtocolGuid ## CONSUMES 63 gEfiTcgProtocolGuid ## CONSUMES 64 65 [FixedPcd] 66 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport 69 gEfiHiiConfigAccessProtocolGuid ## PRODUCES 70 gEfiDevicePathProtocolGuid ## PRODUCES 71 gEfiTcgProtocolGuid ## CONSUMES 67 72 68 73 [Pcd] 69 gEfiSecurityPkgTokenSpaceGuid.PcdMorEnable 70 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm 74 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES 71 75 72 76 [Depex] … … 75 79 gEfiVariableArchProtocolGuid AND 76 80 gEfiVariableWriteArchProtocolGuid 81 82 [UserExtensions.TianoCore."ExtraFiles"] 83 TcgConfigDxeExtra.uni -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
r48674 r58459 2 2 HII Config Access protocol implementation of TCG configuration module. 3 3 4 Copyright (c) 2011 - 201 2, Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 182 182 ZeroMem (&Configuration, sizeof (TCG_CONFIGURATION)); 183 183 184 Configuration.MorState = PcdGetBool (PcdMorEnable);185 184 Configuration.TpmOperation = PHYSICAL_PRESENCE_ENABLE; 186 Configuration.HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm));187 //188 // Read the original value of HideTpm from PrivateData which won't be changed by Setup in this boot.189 //190 Configuration.OriginalHideTpm = PrivateData->HideTpm;191 185 192 186 // … … 308 302 return Status; 309 303 } 310 311 PcdSetBool (PcdMorEnable, TcgConfiguration.MorState);312 PcdSetBool (PcdHideTpm, TcgConfiguration.HideTpm);313 304 314 305 return EFI_SUCCESS; … … 428 419 EFI_HII_HANDLE HiiHandle; 429 420 EFI_HANDLE DriverHandle; 430 VOID *StartOpCodeHandle;431 VOID *EndOpCodeHandle;432 EFI_IFR_GUID_LABEL *StartLabel;433 EFI_IFR_GUID_LABEL *EndLabel;434 435 421 EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess; 436 422 … … 476 462 PrivateData->HiiHandle = HiiHandle; 477 463 478 //479 // Remove the Hide TPM question from the IFR480 //481 if (!PcdGetBool (PcdHideTpmSupport)) {482 //483 // Allocate space for creation of UpdateData Buffer484 //485 StartOpCodeHandle = HiiAllocateOpCodeHandle ();486 ASSERT (StartOpCodeHandle != NULL);487 488 EndOpCodeHandle = HiiAllocateOpCodeHandle ();489 ASSERT (EndOpCodeHandle != NULL);490 491 //492 // Create Hii Extend Label OpCode as the start opcode493 //494 StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (StartOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL));495 StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;496 StartLabel->Number = LABEL_TCG_CONFIGURATION_HIDETPM;497 498 //499 // Create Hii Extend Label OpCode as the end opcode500 //501 EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (EndOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL));502 EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;503 EndLabel->Number = LABEL_END;504 505 HiiUpdateForm (HiiHandle, NULL, TCG_CONFIGURATION_FORM_ID, StartOpCodeHandle, EndOpCodeHandle);506 507 HiiFreeOpCodeHandle (StartOpCodeHandle);508 HiiFreeOpCodeHandle (EndOpCodeHandle);509 }510 511 464 return EFI_SUCCESS; 512 465 } -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h
r48674 r58459 3 3 configuration module. 4 4 5 Copyright (c) 2011 , Intel Corporation. All rights reserved.<BR>5 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 6 6 This program and the accompanying materials 7 7 are licensed and made available under the terms and conditions of the BSD License … … 63 63 64 64 EFI_TCG_PROTOCOL *TcgProtocol; 65 66 BOOLEAN HideTpm;67 65 } TCG_CONFIG_PRIVATE_DATA; 68 66 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h
r48674 r58459 2 2 Header file for NV data structure definition. 3 3 4 Copyright (c) 2011 , Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 23 23 #define TCG_CONFIGURATION_FORM_ID 0x0001 24 24 25 #define KEY_HIDE_TPM 0x2000 26 #define KEY_TPM_ACTION 0x3000 27 #define KEY_TPM_MOR_ENABLE 0x4000 25 #define KEY_TPM_ACTION 0x3000 28 26 29 #define LABEL_TCG_CONFIGURATION_ HIDETPM0x000130 #define LABEL_END 0xffff27 #define LABEL_TCG_CONFIGURATION_TPM_OPERATION 0x0001 28 #define LABEL_END 0xffff 31 29 32 30 // … … 34 32 // 35 33 typedef struct { 36 BOOLEAN HideTpm;37 BOOLEAN OriginalHideTpm;38 BOOLEAN MorState;39 34 UINT8 TpmOperation; 40 35 BOOLEAN TpmEnable; -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
r48674 r58459 1 1 /** @file 2 2 This module implements TCG EFI Protocol. 3 4 Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR> 3 4 Caution: This module requires additional review when modified. 5 This driver will have external input - TcgDxePassThroughToTpm 6 This external input must be validated carefully to avoid security issue like 7 buffer overflow, integer overflow. 8 9 TcgDxePassThroughToTpm() will receive untrusted input and do basic validation. 10 11 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR> 5 12 This program and the accompanying materials 6 13 are licensed and made available under the terms and conditions of the BSD License … … 18 25 #include <IndustryStandard/PeImage.h> 19 26 #include <IndustryStandard/SmBios.h> 27 #include <IndustryStandard/TcpaAcpi.h> 20 28 21 29 #include <Guid/GlobalVariable.h> … … 24 32 #include <Guid/TcgEventHob.h> 25 33 #include <Guid/EventGroup.h> 34 #include <Guid/EventExitBootServiceFailed.h> 35 #include <Guid/TpmInstance.h> 36 26 37 #include <Protocol/DevicePath.h> 27 38 #include <Protocol/TcgService.h> 28 39 #include <Protocol/AcpiTable.h> 40 #include <Protocol/MpService.h> 29 41 30 42 #include <Library/DebugLib.h> … … 40 52 #include <Library/PcdLib.h> 41 53 #include <Library/UefiLib.h> 54 #include <Library/ReportStatusCodeLib.h> 42 55 43 56 #include "TpmComm.h" 44 57 45 58 #define EFI_TCG_LOG_AREA_SIZE 0x10000 46 47 #pragma pack (1)48 49 typedef struct _EFI_TCG_CLIENT_ACPI_TABLE {50 EFI_ACPI_DESCRIPTION_HEADER Header;51 UINT16 PlatformClass;52 UINT32 Laml;53 EFI_PHYSICAL_ADDRESS Lasa;54 } EFI_TCG_CLIENT_ACPI_TABLE;55 56 typedef struct _EFI_TCG_SERVER_ACPI_TABLE {57 EFI_ACPI_DESCRIPTION_HEADER Header;58 UINT16 PlatformClass;59 UINT16 Reserved0;60 UINT64 Laml;61 EFI_PHYSICAL_ADDRESS Lasa;62 UINT16 SpecRev;63 UINT8 DeviceFlags;64 UINT8 InterruptFlags;65 UINT8 Gpe;66 UINT8 Reserved1[3];67 UINT32 GlobalSysInt;68 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE BaseAddress;69 UINT32 Reserved2;70 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE ConfigAddress;71 UINT8 PciSegNum;72 UINT8 PciBusNum;73 UINT8 PciDevNum;74 UINT8 PciFuncNum;75 } EFI_TCG_SERVER_ACPI_TABLE;76 77 #pragma pack ()78 59 79 60 #define TCG_DXE_DATA_FROM_THIS(this) \ … … 152 133 153 134 /** 135 Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function 136 Caller is responsible to free LocationBuf. 137 138 @param[out] LocationBuf Returns Processor Location Buffer. 139 @param[out] Num Returns processor number. 140 141 @retval EFI_SUCCESS Operation completed successfully. 142 @retval EFI_UNSUPPORTED MpService protocol not found. 143 144 **/ 145 EFI_STATUS 146 GetProcessorsCpuLocation ( 147 OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf, 148 OUT UINTN *Num 149 ) 150 { 151 EFI_STATUS Status; 152 EFI_MP_SERVICES_PROTOCOL *MpProtocol; 153 UINTN ProcessorNum; 154 UINTN EnabledProcessorNum; 155 EFI_PROCESSOR_INFORMATION ProcessorInfo; 156 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf; 157 UINTN Index; 158 159 Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **) &MpProtocol); 160 if (EFI_ERROR (Status)) { 161 // 162 // MP protocol is not installed 163 // 164 return EFI_UNSUPPORTED; 165 } 166 167 Status = MpProtocol->GetNumberOfProcessors( 168 MpProtocol, 169 &ProcessorNum, 170 &EnabledProcessorNum 171 ); 172 if (EFI_ERROR(Status)){ 173 return Status; 174 } 175 176 Status = gBS->AllocatePool( 177 EfiBootServicesData, 178 sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum, 179 (VOID **) &ProcessorLocBuf 180 ); 181 if (EFI_ERROR(Status)){ 182 return Status; 183 } 184 185 // 186 // Get each processor Location info 187 // 188 for (Index = 0; Index < ProcessorNum; Index++) { 189 Status = MpProtocol->GetProcessorInfo( 190 MpProtocol, 191 Index, 192 &ProcessorInfo 193 ); 194 if (EFI_ERROR(Status)){ 195 FreePool(ProcessorLocBuf); 196 return Status; 197 } 198 199 // 200 // Get all Processor Location info & measure 201 // 202 CopyMem( 203 &ProcessorLocBuf[Index], 204 &ProcessorInfo.Location, 205 sizeof(EFI_CPU_PHYSICAL_LOCATION) 206 ); 207 } 208 209 *LocationBuf = ProcessorLocBuf; 210 *Num = ProcessorNum; 211 212 return Status; 213 } 214 215 /** 154 216 This service provides EFI protocol capability information, state information 155 217 about the TPM, and Event Log state information. … … 204 266 205 267 if (EventLogLastEntry != NULL) { 206 if (TcgData->BsCap.TPMDeactivatedFlag ) {268 if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) { 207 269 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0; 208 270 } else { … … 262 324 } 263 325 *HashedDataLen = sizeof (TPM_DIGEST); 326 327 if (*HashedDataResult == NULL) { 328 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen); 329 } 264 330 265 331 return TpmCommHashAll ( … … 341 407 TCG_DXE_DATA *TcgData; 342 408 409 if (TCGLogData == NULL){ 410 return EFI_INVALID_PARAMETER; 411 } 412 343 413 TcgData = TCG_DXE_DATA_FROM_THIS (This); 344 414 345 if (TcgData->BsCap.TPMDeactivatedFlag ) {415 if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) { 346 416 return EFI_DEVICE_ERROR; 347 417 } … … 379 449 { 380 450 TCG_DXE_DATA *TcgData; 451 452 if (TpmInputParameterBlock == NULL || 453 TpmOutputParameterBlock == NULL || 454 TpmInputParameterBlockSize == 0 || 455 TpmOutputParameterBlockSize == 0) { 456 return EFI_INVALID_PARAMETER; 457 } 381 458 382 459 TcgData = TCG_DXE_DATA_FROM_THIS (This); … … 420 497 EFI_STATUS Status; 421 498 422 if (HashDataLen > 0) { 499 if (!TcgData->BsCap.TPMPresentFlag) { 500 return EFI_DEVICE_ERROR; 501 } 502 503 if (HashDataLen > 0 || HashData != NULL) { 423 504 Status = TpmCommHashAll ( 424 505 HashData, … … 426 507 &NewEventHdr->Digest 427 508 ); 428 ASSERT_EFI_ERROR (Status); 509 if (EFI_ERROR(Status)) { 510 DEBUG ((DEBUG_ERROR, "TpmCommHashAll Failed. %x\n", Status)); 511 goto Done; 512 } 429 513 } 430 514 … … 437 521 if (!EFI_ERROR (Status)) { 438 522 Status = TcgDxeLogEventI (TcgData, NewEventHdr, NewEventData); 523 } 524 525 Done: 526 if ((Status == EFI_DEVICE_ERROR) || (Status == EFI_TIMEOUT)) { 527 DEBUG ((EFI_D_ERROR, "TcgDxeHashLogExtendEventI - %r. Disable TPM.\n", Status)); 528 TcgData->BsCap.TPMPresentFlag = FALSE; 529 REPORT_STATUS_CODE ( 530 EFI_ERROR_CODE | EFI_ERROR_MINOR, 531 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR) 532 ); 533 Status = EFI_DEVICE_ERROR; 439 534 } 440 535 … … 479 574 { 480 575 TCG_DXE_DATA *TcgData; 576 EFI_STATUS Status; 577 578 if (TCGLogData == NULL || EventLogLastEntry == NULL){ 579 return EFI_INVALID_PARAMETER; 580 } 481 581 482 582 TcgData = TCG_DXE_DATA_FROM_THIS (This); 483 583 484 if (TcgData->BsCap.TPMDeactivatedFlag ) {584 if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) { 485 585 return EFI_DEVICE_ERROR; 486 586 } … … 489 589 return EFI_UNSUPPORTED; 490 590 } 491 492 return TcgDxeHashLogExtendEventI ( 493 TcgData, 494 (UINT8 *) (UINTN) HashData, 495 HashDataLen, 496 (TCG_PCR_EVENT_HDR*)TCGLogData, 497 TCGLogData->Event 498 ); 591 592 if (HashData == 0 && HashDataLen > 0) { 593 return EFI_INVALID_PARAMETER; 594 } 595 596 Status = TcgDxeHashLogExtendEventI ( 597 TcgData, 598 (UINT8 *) (UINTN) HashData, 599 HashDataLen, 600 (TCG_PCR_EVENT_HDR*)TCGLogData, 601 TCGLogData->Event 602 ); 603 604 if (!EFI_ERROR(Status)){ 605 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN) TcgData->LastEvent; 606 } 607 608 return Status; 499 609 } 500 610 … … 642 752 TCG_PCR_EVENT_HDR TcgEvent; 643 753 EFI_HANDOFF_TABLE_POINTERS HandoffTables; 644 754 UINTN ProcessorNum; 755 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf; 756 757 ProcessorLocBuf = NULL; 758 759 // 760 // Measure SMBIOS with EV_EFI_HANDOFF_TABLES to PCR[1] 761 // 645 762 Status = EfiGetSystemConfigurationTable ( 646 763 &gEfiSmbiosTableGuid, … … 648 765 ); 649 766 650 if (!EFI_ERROR (Status)) { 651 ASSERT (SmbiosTable != NULL); 652 767 if (!EFI_ERROR (Status) && SmbiosTable != NULL) { 653 768 TcgEvent.PCRIndex = 1; 654 769 TcgEvent.EventType = EV_EFI_HANDOFF_TABLES; … … 669 784 (UINT8*)&HandoffTables 670 785 ); 786 } 787 788 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) { 789 // 790 // Tcg Server spec. 791 // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1] 792 // 793 Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum); 794 795 if (!EFI_ERROR(Status)){ 796 TcgEvent.PCRIndex = 1; 797 TcgEvent.EventType = EV_TABLE_OF_DEVICES; 798 TcgEvent.EventSize = sizeof (HandoffTables); 799 800 HandoffTables.NumberOfTables = 1; 801 HandoffTables.TableEntry[0].VendorGuid = gEfiMpServiceProtocolGuid; 802 HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf; 803 804 Status = TcgDxeHashLogExtendEventI ( 805 &mTcgDxeData, 806 (UINT8*)(UINTN)ProcessorLocBuf, 807 sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum, 808 &TcgEvent, 809 (UINT8*)&HandoffTables 810 ); 811 812 FreePool(ProcessorLocBuf); 813 } 671 814 } 672 815 … … 895 1038 (VOID **) &BootOrder 896 1039 ); 897 if (Status == EFI_NOT_FOUND ) {1040 if (Status == EFI_NOT_FOUND || BootOrder == NULL) { 898 1041 return EFI_SUCCESS; 899 1042 } 900 ASSERT (BootOrder != NULL);901 1043 902 1044 if (EFI_ERROR (Status)) { 1045 // 1046 // BootOrder can't be NULL if status is not EFI_NOT_FOUND 1047 // 903 1048 FreePool (BootOrder); 904 1049 return Status; … … 966 1111 EFI_CALLING_EFI_APPLICATION 967 1112 ); 968 ASSERT_EFI_ERROR (Status); 1113 if (EFI_ERROR (Status)) { 1114 DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION)); 1115 } 969 1116 970 1117 // … … 973 1120 for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) { 974 1121 Status = MeasureSeparatorEvent (PcrIndex); 975 ASSERT_EFI_ERROR (Status); 1122 if (EFI_ERROR (Status)) { 1123 DEBUG ((EFI_D_ERROR, "Seperator Event not Measured. Error!\n")); 1124 } 976 1125 } 977 1126 … … 994 1143 EFI_RETURNING_FROM_EFI_APPLICATOIN 995 1144 ); 996 ASSERT_EFI_ERROR (Status); 1145 if (EFI_ERROR (Status)) { 1146 DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATOIN)); 1147 } 997 1148 } 998 1149 … … 1025 1176 EFI_ACPI_TABLE_PROTOCOL *AcpiTable; 1026 1177 UINT8 Checksum; 1178 UINT64 OemTableId; 1027 1179 1028 1180 Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **)&AcpiTable); … … 1032 1184 1033 1185 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) { 1034 1186 CopyMem (mTcgClientAcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTcgClientAcpiTemplate.Header.OemId)); 1187 OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId); 1188 CopyMem (&mTcgClientAcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64)); 1189 mTcgClientAcpiTemplate.Header.OemRevision = PcdGet32 (PcdAcpiDefaultOemRevision); 1190 mTcgClientAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId); 1191 mTcgClientAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision); 1035 1192 // 1036 1193 // The ACPI table must be checksumed before calling the InstallAcpiTable() … … 1047 1204 ); 1048 1205 } else { 1049 1206 CopyMem (mTcgServerAcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTcgServerAcpiTemplate.Header.OemId)); 1207 OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId); 1208 CopyMem (&mTcgServerAcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64)); 1209 mTcgServerAcpiTemplate.Header.OemRevision = PcdGet32 (PcdAcpiDefaultOemRevision); 1210 mTcgServerAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId); 1211 mTcgServerAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision); 1050 1212 // 1051 1213 // The ACPI table must be checksumed before calling the InstallAcpiTable() … … 1062 1224 ); 1063 1225 } 1064 ASSERT_EFI_ERROR (Status); 1226 1227 if (EFI_ERROR (Status)) { 1228 DEBUG((EFI_D_ERROR, "Tcg Acpi Table installation failure")); 1229 } 1065 1230 } 1066 1231 … … 1089 1254 EFI_EXIT_BOOT_SERVICES_INVOCATION 1090 1255 ); 1091 ASSERT_EFI_ERROR (Status); 1256 if (EFI_ERROR (Status)) { 1257 DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION)); 1258 } 1092 1259 1093 1260 // … … 1097 1264 EFI_EXIT_BOOT_SERVICES_SUCCEEDED 1098 1265 ); 1099 ASSERT_EFI_ERROR (Status); 1266 if (EFI_ERROR (Status)){ 1267 DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED)); 1268 } 1269 } 1270 1271 /** 1272 Exit Boot Services Failed Event notification handler. 1273 1274 Measure Failure of ExitBootServices. 1275 1276 @param[in] Event Event whose notification function is being invoked 1277 @param[in] Context Pointer to the notification function's context 1278 1279 **/ 1280 VOID 1281 EFIAPI 1282 OnExitBootServicesFailed ( 1283 IN EFI_EVENT Event, 1284 IN VOID *Context 1285 ) 1286 { 1287 EFI_STATUS Status; 1288 1289 // 1290 // Measure Failure of ExitBootServices, 1291 // 1292 Status = TcgMeasureAction ( 1293 EFI_EXIT_BOOT_SERVICES_FAILED 1294 ); 1295 if (EFI_ERROR (Status)){ 1296 DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED)); 1297 } 1100 1298 } 1101 1299 … … 1152 1350 EFI_EVENT Event; 1153 1351 VOID *Registration; 1352 1353 if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){ 1354 DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n")); 1355 return EFI_UNSUPPORTED; 1356 } 1357 1358 if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) { 1359 DEBUG ((EFI_D_ERROR, "TPM error!\n")); 1360 return EFI_DEVICE_ERROR; 1361 } 1154 1362 1155 1363 mTcgDxeData.TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS; … … 1177 1385 &mTcgDxeData.TcgProtocol 1178 1386 ); 1179 // 1180 // Install ACPI Table 1181 // 1182 EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration); 1183 1184 if (!EFI_ERROR (Status) && !mTcgDxeData.BsCap.TPMDeactivatedFlag) { 1387 if (!EFI_ERROR (Status) && (!mTcgDxeData.BsCap.TPMDeactivatedFlag) && mTcgDxeData.BsCap.TPMPresentFlag) { 1185 1388 // 1186 1389 // Setup the log area and copy event log from hob list to it … … 1207 1410 &Event 1208 1411 ); 1209 } 1210 1412 1413 // 1414 // Measure Exit Boot Service failed 1415 // 1416 Status = gBS->CreateEventEx ( 1417 EVT_NOTIFY_SIGNAL, 1418 TPL_NOTIFY, 1419 OnExitBootServicesFailed, 1420 NULL, 1421 &gEventExitBootServicesFailedGuid, 1422 &Event 1423 ); 1424 } 1425 1426 // 1427 // Install ACPI Table 1428 // 1429 EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration); 1430 1211 1431 return Status; 1212 1432 } -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
r48674 r58459 1 1 ## @file 2 # Component file for module TcgDxe.2 # Produces TCG protocol and measures boot environment 3 3 # This module will produce TCG protocol and measure boot environment. 4 4 # 5 # Copyright (c) 2006 - 201 0, Intel Corporation. All rights reserved.<BR>5 # Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> 6 6 # This program and the accompanying materials 7 7 # are licensed and made available under the terms and conditions of the BSD License … … 16 16 INF_VERSION = 0x00010005 17 17 BASE_NAME = TcgDxe 18 MODULE_UNI_FILE = TcgDxe.uni 18 19 FILE_GUID = A5683620-7998-4bb2-A377-1C1E31E1E215 19 20 MODULE_TYPE = DXE_DRIVER … … 50 51 PrintLib 51 52 UefiLib 53 PcdLib 54 ReportStatusCodeLib 52 55 53 56 [Guids] 54 gEfiSmbiosTableGuid # ALWAYS_CONSUMED 55 gEfiGlobalVariableGuid # ALWAYS_CONSUMED 56 gTcgEventEntryHobGuid 57 gEfiEventReadyToBootGuid 58 gEfiEventExitBootServicesGuid 57 ## SOMETIMES_CONSUMES ## SystemTable # Smbios Table 58 ## SOMETIMES_CONSUMES ## GUID # Handoff Table for measurement. 59 gEfiSmbiosTableGuid 60 61 gEfiGlobalVariableGuid ## SOMETIMES_CONSUMES ## Variable:L"BootXXXX" 62 gTcgEventEntryHobGuid ## SOMETIMES_CONSUMES ## HOB 63 gTpmErrorHobGuid ## SOMETIMES_CONSUMES ## HOB 64 gEfiEventExitBootServicesGuid ## CONSUMES ## Event 65 gEventExitBootServicesFailedGuid ## SOMETIMES_CONSUMES ## Event 66 gEfiTpmDeviceInstanceTpm12Guid ## PRODUCES ## GUID # TPM device identifier 59 67 60 68 [Protocols] 61 gEfiTcgProtocolGuid ## PRODUCES62 gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED63 gEfi DevicePathProtocolGuid # PROTOCOL ALWAYS_CONSUMED64 69 gEfiTcgProtocolGuid ## PRODUCES 70 gEfiAcpiTableProtocolGuid ## NOTIFY 71 gEfiMpServiceProtocolGuid ## SOMETIMES_CONSUMES 72 65 73 [Pcd] 66 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass 74 gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass ## SOMETIMES_CONSUMES 75 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES 76 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES 77 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId ## SOMETIMES_CONSUMES 78 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES 79 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES 80 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES 81 gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES 67 82 68 83 [Depex] 69 84 TRUE 70 85 86 [UserExtensions.TianoCore."ExtraFiles"] 87 TcgDxeExtra.uni 88 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TisDxe.c
r48674 r58459 234 234 } 235 235 236 // 237 // Check input to avoid overflow. 238 // 239 if ((UINT32) (~0)- *DataLength < (UINT32)Size) { 240 return EFI_INVALID_PARAMETER; 241 } 242 236 243 if(*DataLength + (UINT32) Size > TPMCMDBUFLENGTH) { 237 244 return EFI_BUFFER_TOO_SMALL; … … 292 299 case 'r': 293 300 Size = VA_ARG (*ap, UINTN); 294 if(*DataIndex + (UINT32) Size <= RespSize) { 295 break; 301 // 302 // If overflowed, which means Size is big enough for Response data. 303 // skip this check. Copy the whole data 304 // 305 if ((UINT32) (~0)- *DataIndex >= (UINT32)Size) { 306 if(*DataIndex + (UINT32) Size <= RespSize) { 307 break; 308 } 296 309 } 310 297 311 *DataFinished = TRUE; 298 312 if (*DataIndex >= RespSize) { -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgDxe/TpmComm.c
r48674 r58459 2 2 Utility functions used by TPM Dxe driver. 3 3 4 Copyright (c) 2005 - 201 0, Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 145 145 ) 146 146 { 147 UINT32 NewLogSize; 147 UINTN NewLogSize; 148 149 // 150 // Prevent Event Overflow 151 // 152 if (NewEventHdr->EventSize > (UINTN)(~0) - sizeof (*NewEventHdr)) { 153 return EFI_OUT_OF_RESOURCES; 154 } 148 155 149 156 NewLogSize = sizeof (*NewEventHdr) + NewEventHdr->EventSize; 150 if (NewLogSize + *LogSize > MaxSize) {157 if (NewLogSize > MaxSize - *LogSize) { 151 158 return EFI_OUT_OF_RESOURCES; 152 159 } -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TcgPei.c
r48674 r58459 2 2 Initialize TPM device and measure FVs before handing off control to DXE. 3 3 4 Copyright (c) 2005 - 201 1, Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 18 18 #include <IndustryStandard/UefiTcgPlatform.h> 19 19 #include <Ppi/FirmwareVolumeInfo.h> 20 #include <Ppi/FirmwareVolumeInfo2.h> 20 21 #include <Ppi/LockPhysicalPresence.h> 21 22 #include <Ppi/TpmInitialized.h> 22 23 #include <Ppi/FirmwareVolume.h> 24 #include <Ppi/EndOfPeiPhase.h> 25 #include <Ppi/FirmwareVolumeInfoMeasurementExcluded.h> 26 23 27 #include <Guid/TcgEventHob.h> 28 #include <Guid/MeasuredFvHob.h> 29 #include <Guid/TpmInstance.h> 30 24 31 #include <Library/DebugLib.h> 25 32 #include <Library/BaseMemoryLib.h> … … 30 37 #include <Library/PcdLib.h> 31 38 #include <Library/PeiServicesTablePointerLib.h> 39 #include <Library/BaseLib.h> 40 #include <Library/MemoryAllocationLib.h> 41 #include <Library/ReportStatusCodeLib.h> 32 42 33 43 #include "TpmComm.h" … … 41 51 }; 42 52 53 EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = { 54 EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, 55 &gPeiTpmInitializationDonePpiGuid, 56 NULL 57 }; 58 59 EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredBaseFvInfo; 60 UINT32 mMeasuredBaseFvIndex = 0; 61 62 EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredChildFvInfo; 63 UINT32 mMeasuredChildFvIndex = 0; 64 65 EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI *mMeasurementExcludedFvPpi; 66 43 67 /** 44 68 Lock physical presence if needed. … … 73 97 EFIAPI 74 98 FirmwareVolmeInfoPpiNotifyCallback ( 99 IN EFI_PEI_SERVICES **PeiServices, 100 IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor, 101 IN VOID *Ppi 102 ); 103 104 /** 105 Record all measured Firmware Volum Information into a Guid Hob 106 107 @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation. 108 @param[in] NotifyDescriptor Address of the notification descriptor data structure. 109 @param[in] Ppi Address of the PPI that was installed. 110 111 @retval EFI_SUCCESS The FV Info is measured and recorded to TPM. 112 @return Others Fail to measure FV. 113 114 **/ 115 EFI_STATUS 116 EFIAPI 117 EndofPeiSignalNotifyCallBack ( 75 118 IN EFI_PEI_SERVICES **PeiServices, 76 119 IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor, … … 85 128 }, 86 129 { 87 (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),130 EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK, 88 131 &gEfiPeiFirmwareVolumeInfoPpiGuid, 89 132 FirmwareVolmeInfoPpiNotifyCallback 133 }, 134 { 135 EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK, 136 &gEfiPeiFirmwareVolumeInfo2PpiGuid, 137 FirmwareVolmeInfoPpiNotifyCallback 138 }, 139 { 140 (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), 141 &gEfiEndOfPeiSignalPpiGuid, 142 EndofPeiSignalNotifyCallBack 90 143 } 91 144 }; 92 145 93 CHAR8 mSCrtmVersion[] = "{D20BC7C6-A1A5-415c-AE85-38290AB6BE04}"; 94 95 EFI_PLATFORM_FIRMWARE_BLOB mMeasuredFvInfo[FixedPcdGet32 (PcdPeiCoreMaxFvSupported)]; 96 UINT32 mMeasuredFvIndex = 0; 146 /** 147 Record all measured Firmware Volum Information into a Guid Hob 148 Guid Hob payload layout is 149 150 UINT32 *************************** FIRMWARE_BLOB number 151 EFI_PLATFORM_FIRMWARE_BLOB******** BLOB Array 152 153 @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation. 154 @param[in] NotifyDescriptor Address of the notification descriptor data structure. 155 @param[in] Ppi Address of the PPI that was installed. 156 157 @retval EFI_SUCCESS The FV Info is measured and recorded to TPM. 158 @return Others Fail to measure FV. 159 160 **/ 161 EFI_STATUS 162 EFIAPI 163 EndofPeiSignalNotifyCallBack ( 164 IN EFI_PEI_SERVICES **PeiServices, 165 IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor, 166 IN VOID *Ppi 167 ) 168 { 169 MEASURED_HOB_DATA *MeasuredHobData; 170 171 MeasuredHobData = NULL; 172 173 // 174 // Create a Guid hob to save all measured Fv 175 // 176 MeasuredHobData = BuildGuidHob( 177 &gMeasuredFvHobGuid, 178 sizeof(UINTN) + sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex + mMeasuredChildFvIndex) 179 ); 180 181 if (MeasuredHobData != NULL){ 182 // 183 // Save measured FV info enty number 184 // 185 MeasuredHobData->Num = mMeasuredBaseFvIndex + mMeasuredChildFvIndex; 186 187 // 188 // Save measured base Fv info 189 // 190 CopyMem (MeasuredHobData->MeasuredFvBuf, mMeasuredBaseFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex)); 191 192 // 193 // Save measured child Fv info 194 // 195 CopyMem (&MeasuredHobData->MeasuredFvBuf[mMeasuredBaseFvIndex] , mMeasuredChildFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredChildFvIndex)); 196 } 197 198 return EFI_SUCCESS; 199 } 97 200 98 201 /** … … 126 229 EFI_STATUS Status; 127 230 VOID *HobData; 231 232 if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) { 233 return EFI_DEVICE_ERROR; 234 } 128 235 129 236 HobData = NULL; … … 134 241 &NewEventHdr->Digest 135 242 ); 136 ASSERT_EFI_ERROR (Status); 243 if (EFI_ERROR (Status)) { 244 goto Done; 245 } 137 246 } 138 247 … … 144 253 NULL 145 254 ); 146 ASSERT_EFI_ERROR (Status); 255 if (EFI_ERROR (Status)) { 256 goto Done; 257 } 147 258 148 259 HobData = BuildGuidHob ( … … 151 262 ); 152 263 if (HobData == NULL) { 153 return EFI_OUT_OF_RESOURCES; 264 Status = EFI_OUT_OF_RESOURCES; 265 goto Done; 154 266 } 155 267 … … 157 269 HobData = (VOID *) ((UINT8*)HobData + sizeof (*NewEventHdr)); 158 270 CopyMem (HobData, NewEventData, NewEventHdr->EventSize); 159 return EFI_SUCCESS; 271 272 Done: 273 if ((Status == EFI_DEVICE_ERROR) || (Status == EFI_TIMEOUT)) { 274 DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status)); 275 BuildGuidHob (&gTpmErrorHobGuid,0); 276 REPORT_STATUS_CODE ( 277 EFI_ERROR_CODE | EFI_ERROR_MINOR, 278 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR) 279 ); 280 Status = EFI_DEVICE_ERROR; 281 } 282 return Status; 160 283 } 161 284 … … 181 304 182 305 // 183 // Here, only a static GUID is measured instead of realCRTM version.306 // Use FirmwareVersion string to represent CRTM version. 184 307 // OEMs should get real CRTM version string and measure it. 185 308 // … … 187 310 TcgEventHdr.PCRIndex = 0; 188 311 TcgEventHdr.EventType = EV_S_CRTM_VERSION; 189 TcgEventHdr.EventSize = sizeof (mSCrtmVersion); 312 TcgEventHdr.EventSize = (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwareVersionString)); 313 190 314 return HashLogExtendEvent ( 191 315 PeiServices, 192 (UINT8*) &mSCrtmVersion,316 (UINT8*)PcdGetPtr (PcdFirmwareVersionString), 193 317 TcgEventHdr.EventSize, 194 318 TpmHandle, 195 319 &TcgEventHdr, 196 (UINT8*) &mSCrtmVersion320 (UINT8*)PcdGetPtr (PcdFirmwareVersionString) 197 321 ); 198 322 } … … 227 351 228 352 // 353 // Check if it is in Excluded FV list 354 // 355 if (mMeasurementExcludedFvPpi != NULL) { 356 for (Index = 0; Index < mMeasurementExcludedFvPpi->Count; Index ++) { 357 if (mMeasurementExcludedFvPpi->Fv[Index].FvBase == FvBase) { 358 DEBUG ((DEBUG_INFO, "The FV which is excluded by TcgPei starts at: 0x%x\n", FvBase)); 359 DEBUG ((DEBUG_INFO, "The FV which is excluded by TcgPei has the size: 0x%x\n", FvLength)); 360 return EFI_SUCCESS; 361 } 362 } 363 } 364 365 // 229 366 // Check whether FV is in the measured FV list. 230 367 // 231 for (Index = 0; Index < mMeasured FvIndex; Index ++) {232 if (mMeasured FvInfo[Index].BlobBase == FvBase) {368 for (Index = 0; Index < mMeasuredBaseFvIndex; Index ++) { 369 if (mMeasuredBaseFvInfo[Index].BlobBase == FvBase) { 233 370 return EFI_SUCCESS; 234 371 } … … 256 393 (UINT8*) &FvBlob 257 394 ); 258 ASSERT_EFI_ERROR (Status);259 395 260 396 // 261 397 // Add new FV into the measured FV list. 262 398 // 263 ASSERT (mMeasuredFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)); 264 if (mMeasuredFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) { 265 mMeasuredFvInfo[mMeasuredFvIndex].BlobBase = FvBase; 266 mMeasuredFvInfo[mMeasuredFvIndex++].BlobLength = FvLength; 399 ASSERT (mMeasuredBaseFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)); 400 if (mMeasuredBaseFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) { 401 mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobBase = FvBase; 402 mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobLength = FvLength; 403 mMeasuredBaseFvIndex++; 267 404 } 268 405 … … 352 489 EFI_STATUS Status; 353 490 EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi; 491 UINTN Index; 354 492 355 493 Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi; … … 370 508 // 371 509 // This is an FV from an FFS file, and the parent FV must have already been measured, 372 // No need to measure twice, so just re turns510 // No need to measure twice, so just record the FV and return 373 511 // 374 512 if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) { 513 514 ASSERT (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)); 515 if (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) { 516 // 517 // Check whether FV is in the measured child FV list. 518 // 519 for (Index = 0; Index < mMeasuredChildFvIndex; Index++) { 520 if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) { 521 return EFI_SUCCESS; 522 } 523 } 524 mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo; 525 mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize; 526 mMeasuredChildFvIndex++; 527 } 375 528 return EFI_SUCCESS; 376 529 } … … 380 533 381 534 /** 382 Lock physical presence if needed. 535 Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by corresponding PCDs. 536 And lock physical presence if needed. 383 537 384 538 @param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation … … 404 558 BOOLEAN CmdEnable; 405 559 TIS_TPM_HANDLE TpmHandle; 560 TPM_PHYSICAL_PRESENCE PhysicalPresenceValue; 406 561 407 562 TpmHandle = (TIS_TPM_HANDLE) (UINTN) TPM_BASE_ADDRESS; 408 LockPhysicalPresencePpi = (PEI_LOCK_PHYSICAL_PRESENCE_PPI *) Ppi;409 410 if (!LockPhysicalPresencePpi->LockPhysicalPresence ((CONST EFI_PEI_SERVICES**) PeiServices)) {411 return EFI_SUCCESS;412 }413 414 //415 // Lock TPM physical presence.416 //417 563 418 564 Status = TpmCommGetCapability (PeiServices, TpmHandle, NULL, &LifetimeLock, &CmdEnable); 419 565 if (EFI_ERROR (Status)) { 420 566 return Status; 567 } 568 569 // 570 // 1. Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by PCDs. 571 // 572 if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !LifetimeLock) { 573 // 574 // Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet. 575 // 576 PhysicalPresenceValue = TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK; 577 578 if (PcdGetBool (PcdPhysicalPresenceCmdEnable)) { 579 PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_ENABLE; 580 CmdEnable = TRUE; 581 } else { 582 PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_DISABLE; 583 CmdEnable = FALSE; 584 } 585 586 if (PcdGetBool (PcdPhysicalPresenceHwEnable)) { 587 PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_ENABLE; 588 } else { 589 PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE; 590 } 591 592 Status = TpmCommPhysicalPresence ( 593 PeiServices, 594 TpmHandle, 595 PhysicalPresenceValue 596 ); 597 if (EFI_ERROR (Status)) { 598 return Status; 599 } 600 } 601 602 // 603 // 2. Lock physical presence if it is required. 604 // 605 LockPhysicalPresencePpi = (PEI_LOCK_PHYSICAL_PRESENCE_PPI *) Ppi; 606 if (!LockPhysicalPresencePpi->LockPhysicalPresence ((CONST EFI_PEI_SERVICES**) PeiServices)) { 607 return EFI_SUCCESS; 421 608 } 422 609 … … 500 687 TIS_TPM_HANDLE TpmHandle; 501 688 689 Status = PeiServicesLocatePpi ( 690 &gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid, 691 0, 692 NULL, 693 (VOID**)&mMeasurementExcludedFvPpi 694 ); 695 // Do not check status, because it is optional 696 697 mMeasuredBaseFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported)); 698 ASSERT (mMeasuredBaseFvInfo != NULL); 699 mMeasuredChildFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported)); 700 ASSERT (mMeasuredChildFvInfo != NULL); 701 502 702 TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS; 503 703 Status = TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)TpmHandle); … … 507 707 508 708 if (IsTpmUsable (PeiServices, TpmHandle)) { 509 Status = MeasureCRTMVersion (PeiServices, TpmHandle); 510 ASSERT_EFI_ERROR (Status); 709 if (PcdGet8 (PcdTpmScrtmPolicy) == 1) { 710 Status = MeasureCRTMVersion (PeiServices, TpmHandle); 711 } 511 712 512 713 Status = MeasureMainBios (PeiServices, TpmHandle); … … 543 744 { 544 745 EFI_STATUS Status; 746 EFI_STATUS Status2; 545 747 EFI_BOOT_MODE BootMode; 546 748 TIS_TPM_HANDLE TpmHandle; 547 749 548 if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) { 750 if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){ 751 DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n")); 549 752 return EFI_UNSUPPORTED; 550 753 } 551 754 552 Status = (**PeiServices).RegisterForShadow(FileHandle); 553 if (Status == EFI_ALREADY_STARTED) { 554 mImageInMemory = TRUE; 555 } else if (Status == EFI_NOT_FOUND) { 556 ASSERT_EFI_ERROR (Status); 755 if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) { 756 DEBUG ((EFI_D_ERROR, "TPM error!\n")); 757 return EFI_DEVICE_ERROR; 758 } 759 760 // 761 // Initialize TPM device 762 // 763 Status = PeiServicesGetBootMode (&BootMode); 764 ASSERT_EFI_ERROR (Status); 765 766 // 767 // In S3 path, skip shadow logic. no measurement is required 768 // 769 if (BootMode != BOOT_ON_S3_RESUME) { 770 Status = (**PeiServices).RegisterForShadow(FileHandle); 771 if (Status == EFI_ALREADY_STARTED) { 772 mImageInMemory = TRUE; 773 } else if (Status == EFI_NOT_FOUND) { 774 ASSERT_EFI_ERROR (Status); 775 } 557 776 } 558 777 559 778 if (!mImageInMemory) { 560 //561 // Initialize TPM device562 //563 Status = PeiServicesGetBootMode (&BootMode);564 ASSERT_EFI_ERROR (Status);565 566 779 TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS; 567 780 Status = TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)TpmHandle); 568 781 if (EFI_ERROR (Status)) { 569 782 DEBUG ((DEBUG_ERROR, "TPM not detected!\n")); 570 return Status; 571 } 572 573 Status = TpmCommStartup ((EFI_PEI_SERVICES**)PeiServices, TpmHandle, BootMode); 574 if (EFI_ERROR (Status) ) { 575 return Status; 576 } 577 Status = TpmCommContinueSelfTest ((EFI_PEI_SERVICES**)PeiServices, TpmHandle); 578 if (EFI_ERROR (Status)) { 579 return Status; 580 } 783 goto Done; 784 } 785 786 if (PcdGet8 (PcdTpmInitializationPolicy) == 1) { 787 Status = TpmCommStartup ((EFI_PEI_SERVICES**)PeiServices, TpmHandle, BootMode); 788 if (EFI_ERROR (Status) ) { 789 goto Done; 790 } 791 } 792 793 // 794 // TpmSelfTest is optional on S3 path, skip it to save S3 time 795 // 796 if (BootMode != BOOT_ON_S3_RESUME) { 797 Status = TpmCommContinueSelfTest ((EFI_PEI_SERVICES**)PeiServices, TpmHandle); 798 if (EFI_ERROR (Status)) { 799 goto Done; 800 } 801 } 802 803 // 804 // Only intall TpmInitializedPpi on success 805 // 581 806 Status = PeiServicesInstallPpi (&mTpmInitializedPpiList); 582 807 ASSERT_EFI_ERROR (Status); … … 585 810 if (mImageInMemory) { 586 811 Status = PeimEntryMP ((EFI_PEI_SERVICES**)PeiServices); 587 if (EFI_ERROR (Status)) { 588 return Status; 589 } 590 } 812 return Status; 813 } 814 815 Done: 816 if (EFI_ERROR (Status)) { 817 DEBUG ((EFI_D_ERROR, "TPM error! Build Hob\n")); 818 BuildGuidHob (&gTpmErrorHobGuid,0); 819 REPORT_STATUS_CODE ( 820 EFI_ERROR_CODE | EFI_ERROR_MINOR, 821 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR) 822 ); 823 } 824 // 825 // Always intall TpmInitializationDonePpi no matter success or fail. 826 // Other driver can know TPM initialization state by TpmInitializedPpi. 827 // 828 Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList); 829 ASSERT_EFI_ERROR (Status2); 591 830 592 831 return Status; -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TcgPei.inf
r48674 r58459 1 1 ## @file 2 # This module will initialize TPM device and measure FVs in PEI phase.2 # Initializes TPM device and measures FVs in PEI phase 3 3 # 4 # Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR> 4 # This module will initialize TPM device, measure reported FVs and BIOS version. 5 # This module may also lock TPM physical presence and physicalPresenceLifetimeLock. 6 # 7 # Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> 5 8 # This program and the accompanying materials 6 9 # are licensed and made available under the terms and conditions of the BSD License … … 15 18 INF_VERSION = 0x00010005 16 19 BASE_NAME = TcgPei 20 MODULE_UNI_FILE = TcgPei.uni 17 21 FILE_GUID = 2BE1E4A6-6505-43b3-9FFC-A3C8330E0432 18 22 MODULE_TYPE = PEIM … … 24 28 # 25 29 # VALID_ARCHITECTURES = IA32 X64 IPF EBC 30 # 31 # [BootMode] 32 # S3_RESUME ## SOMETIMES_CONSUMES 26 33 # 27 34 … … 47 54 IoLib 48 55 PeiServicesTablePointerLib 56 BaseLib 57 PcdLib 58 MemoryAllocationLib 59 ReportStatusCodeLib 49 60 50 61 [Guids] 51 gTcgEventEntryHobGuid 62 gTcgEventEntryHobGuid ## PRODUCES ## HOB 63 gTpmErrorHobGuid ## SOMETIMES_PRODUCES ## HOB 64 gMeasuredFvHobGuid ## PRODUCES ## HOB 65 gEfiTpmDeviceInstanceTpm12Guid ## PRODUCES ## GUID # TPM device identifier 52 66 53 67 [Ppis] 54 gPeiLockPhysicalPresencePpiGuid 55 gEfiPeiFirmwareVolumeInfoPpiGuid 56 gPeiTpmInitializedPpiGuid 68 gPeiLockPhysicalPresencePpiGuid ## SOMETIMES_CONSUMES ## NOTIFY 69 gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY 70 gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY 71 gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES 72 gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES 73 gPeiTpmInitializationDonePpiGuid ## PRODUCES 74 gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY 57 75 58 76 [Pcd] 59 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm 60 61 [FixedPcd] 62 gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport 77 gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## SOMETIMES_CONSUMES 78 gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable ## SOMETIMES_CONSUMES 79 gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable ## SOMETIMES_CONSUMES 80 gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## SOMETIMES_CONSUMES 81 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES 82 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy ## CONSUMES 83 gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy ## SOMETIMES_CONSUMES 63 84 gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported ## CONSUMES 85 gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES 64 86 65 87 [Depex] 66 88 gEfiPeiMasterBootModePpiGuid AND 67 gEfiPeiReadOnlyVariable2PpiGuid 89 gEfiPeiReadOnlyVariable2PpiGuid AND 90 gEfiTpmDeviceSelectedGuid 91 92 [UserExtensions.TianoCore."ExtraFiles"] 93 TcgPeiExtra.uni 94 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgPei/TpmComm.c
r48674 r58459 2 2 Utility functions used by TPM PEI driver. 3 3 4 Copyright (c) 2005 - 201 1, Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 223 223 CopyMem (&SendBuffer.TpmDigest, (UINT8 *)DigestToExtend, sizeof (TPM_DIGEST)); 224 224 Status = TisTpmCommand (PeiServices, TpmHandle, (UINT8 *)&SendBuffer, TpmSendSize, RecvBuffer, &TpmRecvSize); 225 ASSERT_EFI_ERROR (Status); 225 if (EFI_ERROR (Status)) { 226 return Status; 227 } 226 228 227 229 if(NewPcrValue != NULL) { -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.c
r48674 r58459 3 3 functions for physical presence and ClearMemory. 4 4 5 Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> 5 Caution: This module requires additional review when modified. 6 This driver will have external input - variable and ACPINvs data in SMM mode. 7 This external input must be validated carefully to avoid security issue. 8 9 PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check. 10 11 Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR> 6 12 This program and the accompanying materials 7 13 are licensed and made available under the terms and conditions of the BSD License … … 21 27 /** 22 28 Software SMI callback for TPM physical presence which is called from ACPI method. 29 30 Caution: This function may receive untrusted input. 31 Variable and ACPINvs are external input, so this function will validate 32 its data structure to be valid value. 23 33 24 34 @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister(). … … 44 54 UINTN DataSize; 45 55 EFI_PHYSICAL_PRESENCE PpData; 46 UINT8Flags;56 EFI_PHYSICAL_PRESENCE_FLAGS Flags; 47 57 BOOLEAN RequestConfirmed; 48 58 … … 58 68 &PpData 59 69 ); 60 if (EFI_ERROR (Status)) {61 return EFI_SUCCESS;62 }63 70 64 71 DEBUG ((EFI_D_INFO, "[TPM] PP callback, Parameter = %x\n", mTcgNvs->PhysicalPresence.Parameter)); 65 72 if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) { 73 if (EFI_ERROR (Status)) { 74 mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE; 75 mTcgNvs->PhysicalPresence.LastRequest = 0; 76 mTcgNvs->PhysicalPresence.Response = 0; 77 DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status)); 78 return EFI_SUCCESS; 79 } 80 mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS; 66 81 mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest; 67 82 mTcgNvs->PhysicalPresence.Response = PpData.PPResponse; 68 83 } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) 69 84 || (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) { 85 if (EFI_ERROR (Status)) { 86 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE; 87 DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status)); 88 return EFI_SUCCESS; 89 } 70 90 if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) { 71 91 // 72 92 // This command requires UI to prompt user for Auth data. 73 93 // 74 mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;94 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED; 75 95 return EFI_SUCCESS; 76 96 } … … 89 109 90 110 if (EFI_ERROR (Status)) { 91 mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE; 92 return EFI_SUCCESS; 93 } 94 mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS; 111 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE; 112 return EFI_SUCCESS; 113 } 114 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS; 115 116 if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) { 117 DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS); 118 Status = mSmmVariable->SmmGetVariable ( 119 PHYSICAL_PRESENCE_FLAGS_VARIABLE, 120 &gEfiPhysicalPresenceGuid, 121 NULL, 122 &DataSize, 123 &Flags 124 ); 125 if (EFI_ERROR (Status)) { 126 Flags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION; 127 } 128 mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibSubmitRequestToPreOSFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags); 129 } 95 130 } else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) { 96 Flags = PpData.Flags; 131 if (EFI_ERROR (Status)) { 132 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION; 133 DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status)); 134 return EFI_SUCCESS; 135 } 136 // 137 // Get the Physical Presence flags 138 // 139 DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS); 140 Status = mSmmVariable->SmmGetVariable ( 141 PHYSICAL_PRESENCE_FLAGS_VARIABLE, 142 &gEfiPhysicalPresenceGuid, 143 NULL, 144 &DataSize, 145 &Flags 146 ); 147 if (EFI_ERROR (Status)) { 148 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION; 149 DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status)); 150 return EFI_SUCCESS; 151 } 152 97 153 RequestConfirmed = FALSE; 98 154 … … 108 164 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE: 109 165 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE: 110 if ((Flags &FLAG_NO_PPI_PROVISION) != 0) {166 if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) { 111 167 RequestConfirmed = TRUE; 112 168 } … … 115 171 case PHYSICAL_PRESENCE_CLEAR: 116 172 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR: 117 if ((Flags &FLAG_NO_PPI_CLEAR) != 0) {173 if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) { 118 174 RequestConfirmed = TRUE; 119 175 } … … 121 177 122 178 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE: 123 if ((Flags &FLAG_NO_PPI_MAINTENANCE) != 0) {179 if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) { 124 180 RequestConfirmed = TRUE; 125 181 } … … 128 184 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: 129 185 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE: 130 if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags &FLAG_NO_PPI_PROVISION) != 0) {186 if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) { 131 187 RequestConfirmed = TRUE; 132 188 } … … 144 200 // This command requires UI to prompt user for Auth data 145 201 // 146 mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED;202 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED; 147 203 return EFI_SUCCESS; 204 default: 205 break; 148 206 } 149 207 150 208 if (RequestConfirmed) { 151 mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;209 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED; 152 210 } else { 153 mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;211 mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED; 154 212 } 213 if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) { 214 mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags); 215 } 155 216 } 156 217 … … 161 222 /** 162 223 Software SMI callback for MemoryClear which is called from ACPI method. 224 225 Caution: This function may receive untrusted input. 226 Variable and ACPINvs are external input, so this function will validate 227 its data structure to be valid value. 163 228 164 229 @param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister(). … … 198 263 ); 199 264 if (EFI_ERROR (Status)) { 265 mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE; 266 DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status)); 200 267 return EFI_SUCCESS; 201 268 } … … 217 284 if (EFI_ERROR (Status)) { 218 285 mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE; 286 DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status)); 219 287 } 220 288 … … 296 364 ASSERT_EFI_ERROR (Status); 297 365 366 367 // 368 // Measure to PCR[0] with event EV_POST_CODE ACPI DATA 369 // 370 TpmMeasureAndLogData( 371 0, 372 EV_POST_CODE, 373 EV_POSTCODE_INFO_ACPI_DATA, 374 ACPI_DATA_LEN, 375 Table, 376 TableSize 377 ); 378 379 298 380 ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'c', 'g', 'T', 'a', 'b', 'l', 'e')); 381 CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table->OemId) ); 299 382 mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS)); 300 383 ASSERT (mTcgNvs != NULL); … … 343 426 EFI_HANDLE SwHandle; 344 427 428 if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){ 429 DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n")); 430 return EFI_UNSUPPORTED; 431 } 432 345 433 Status = PublishAcpiTable (); 346 434 ASSERT_EFI_ERROR (Status); -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.h
r48674 r58459 2 2 The header file for TCG SMM driver. 3 3 4 Copyright (c) 2012 , Intel Corporation. All rights reserved.<BR>4 Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR> 5 5 This program and the accompanying materials 6 6 are licensed and made available under the terms and conditions of the BSD License … … 18 18 #include <PiDxe.h> 19 19 #include <IndustryStandard/Acpi.h> 20 #include <IndustryStandard/UefiTcgPlatform.h> 21 20 22 #include <Guid/PhysicalPresenceData.h> 21 23 #include <Guid/MemoryOverwriteControl.h> 24 #include <Guid/TpmInstance.h> 25 22 26 #include <Protocol/SmmSwDispatch2.h> 23 27 #include <Protocol/AcpiTable.h> … … 31 35 #include <Library/UefiBootServicesTableLib.h> 32 36 #include <Library/DxeServicesLib.h> 37 #include <Library/TpmMeasurementLib.h> 38 #include <Library/PcdLib.h> 39 #include <Library/TcgPpVendorLib.h> 33 40 34 41 #pragma pack(1) … … 78 85 79 86 // 80 // The return code for Get User Confirmation Status for Operation87 // The return code for Return TPM Operation Response to OS Environment 81 88 // 82 #define PP_REQUEST_NOT_IMPLEMENTED 0 83 #define PP_REQUEST_BIOS_ONLY 1 84 #define PP_REQUEST_BLOCKED 2 85 #define PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED 3 86 #define PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED 4 87 88 // 89 // The return code for Sumbit TPM Request to Pre-OS Environment 90 // and Sumbit TPM Request to Pre-OS Environment 2 91 // 92 #define PP_SUBMIT_REQUEST_SUCCESS 0 93 #define PP_SUBMIT_REQUEST_NOT_IMPLEMENTED 1 94 #define PP_SUBMIT_REQUEST_GENERAL_FAILURE 2 95 #define PP_SUBMIT_REQUEST_BLOCKED_BY_BIOS_SETTINGS 3 96 89 #define PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS 0 90 #define PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE 1 97 91 98 92 // -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
r48674 r58459 1 1 ## @file 2 # This driver implements TPM definition block in ACPI table and 3 # registers SMI callback functions for physical presence and 4 # MemoryClear to handle the requests from ACPI method. 2 # Implements ACPI metholds for the TCG feature 5 3 # 6 # Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR> 4 # This driver implements TPM definition block in ACPI table and registers SMI 5 # callback functions for physical presence and MemoryClear to handle the requests 6 # from ACPI method. 7 # 8 # Caution: This module requires additional review when modified. 9 # This driver will have external input - variable and ACPINvs data in SMM mode. 10 # This external input must be validated carefully to avoid security issue. 11 # 12 # Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR> 7 13 # This program and the accompanying materials 8 14 # are licensed and made available under the terms and conditions of the BSD License … … 17 23 INF_VERSION = 0x00010005 18 24 BASE_NAME = TcgSmm 25 MODULE_UNI_FILE = TcgSmm.uni 19 26 FILE_GUID = 42293093-76B9-4482-8C02-3BEFDEA9B35D 20 27 MODULE_TYPE = DXE_SMM_DRIVER … … 41 48 DebugLib 42 49 DxeServicesLib 50 TpmMeasurementLib 51 PcdLib 52 TcgPpVendorLib 43 53 44 54 [Guids] 55 ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence" 56 ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence" 57 ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags" 45 58 gEfiPhysicalPresenceGuid 59 60 ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl" 61 ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl" 46 62 gEfiMemoryOverwriteControlDataGuid 63 64 gEfiTpmDeviceInstanceTpm12Guid ## PRODUCES ## GUID # TPM device identifier 47 65 48 66 [Protocols] 49 gEfiSmmSwDispatch2ProtocolGuid # PROTOCOL ALWAYS_CONSUMED 50 gEfiSmmVariableProtocolGuid # PROTOCOL ALWAYS_CONSUMED 51 gEfiAcpiTableProtocolGuid # PROTOCOL ALWAYS_CONSUMED 67 gEfiSmmSwDispatch2ProtocolGuid ## CONSUMES 68 gEfiSmmVariableProtocolGuid ## CONSUMES 69 gEfiAcpiTableProtocolGuid ## CONSUMES 70 71 [Pcd] 72 gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES 73 gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES 52 74 53 75 [Depex] … … 56 78 gEfiSmmVariableProtocolGuid AND 57 79 gEfiTcgProtocolGuid 80 81 [UserExtensions.TianoCore."ExtraFiles"] 82 TcgSmmExtra.uni 83 -
trunk/src/VBox/Devices/EFI/Firmware/SecurityPkg/Tcg/TcgSmm/Tpm.asl
r48674 r58459 3 3 and MemoryClear. 4 4 5 Copyright (c) 2011 - 201 2, Intel Corporation. All rights reserved.<BR>5 Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.<BR> 6 6 This program and the accompanying materials 7 7 are licensed and made available under the terms and conditions of the BSD License … … 17 17 "Tpm.aml", 18 18 "SSDT", 19 1,20 "I ntel_",19 2, 20 "INTEL ", 21 21 "TcgTable", 22 22 0x1000
Note:
See TracChangeset
for help on using the changeset viewer.
