diff options
| author | Jiewen Yao <Jiewen.yao@intel.com> | 2014-03-21 02:51:42 +0000 |
|---|---|---|
| committer | jyao1 <jyao1@6f19259b-4bc3-4df7-8a09-765794883524> | 2014-03-21 02:51:42 +0000 |
| commit | 5437d457b9894e5f00c6203d0660f9df053b7730 (patch) | |
| tree | c123c9a8698766d92a1145e5c4f3b144227fceb0 /SecurityPkg | |
| parent | 553e86699d00ac8b7016fdfcb7fb747e89a1862d (diff) | |
Fix current TPM device string missing. Use efivarstore instead of varstor, remove TPM disable.
Signed-off-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Guo Dong <Guo.Dong@intel.com>
Reviewed-by: Liming Gao <Liming.Gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15360 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg')
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TpmDetection.c | 43 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr | 9 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c | 63 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf | 1 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c | 177 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h | 2 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h | 14 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c | 19 |
8 files changed, 151 insertions, 177 deletions
diff --git a/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c b/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c index b8aab1ffd..ce7a9a197 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c +++ b/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c @@ -14,6 +14,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <PiPei.h>
+#include <Ppi/ReadOnlyVariable2.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
@@ -64,25 +65,47 @@ DetectTpmDevice ( {
EFI_STATUS Status;
EFI_BOOT_MODE BootMode;
+ TREE_DEVICE_DETECTION TrEEDeviceDetection;
+ EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
+ UINTN Size;
+
+ if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) {
+ DEBUG ((EFI_D_ERROR, "DetectTpmDevice: Tpm is hide\n"));
+ return TPM_DEVICE_NULL;
+ }
Status = PeiServicesGetBootMode (&BootMode);
ASSERT_EFI_ERROR (Status);
//
- // In S3, we rely on Setup option, because we save to Setup in normal boot.
+ // In S3, we rely on normal boot Detection, because we save to ReadOnly Variable in normal boot.
//
if (BootMode == BOOT_ON_S3_RESUME) {
DEBUG ((EFI_D_ERROR, "DetectTpmDevice: S3 mode\n"));
- return SetupTpmDevice;
- }
- if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) {
- DEBUG ((EFI_D_ERROR, "DetectTpmDevice: Tpm is hide\n"));
- return TPM_DEVICE_NULL;
+ Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
+ ASSERT_EFI_ERROR (Status);
+
+ Size = sizeof(TREE_DEVICE_DETECTION);
+ ZeroMem (&TrEEDeviceDetection, sizeof(TrEEDeviceDetection));
+ Status = VariablePpi->GetVariable (
+ VariablePpi,
+ TREE_DEVICE_DETECTION_NAME,
+ &gTrEEConfigFormSetGuid,
+ NULL,
+ &Size,
+ &TrEEDeviceDetection
+ );
+ if (!EFI_ERROR (Status) &&
+ (TrEEDeviceDetection.TpmDeviceDetected >= TPM_DEVICE_MIN) &&
+ (TrEEDeviceDetection.TpmDeviceDetected <= TPM_DEVICE_MAX)) {
+ DEBUG ((EFI_D_ERROR, "TpmDevice from DeviceDetection: %x\n", TrEEDeviceDetection.TpmDeviceDetected));
+ return TrEEDeviceDetection.TpmDeviceDetected;
+ }
}
DEBUG ((EFI_D_ERROR, "DetectTpmDevice:\n"));
- if ((!IsDtpmPresent ()) || (SetupTpmDevice == TPM_DEVICE_NULL)) {
+ if (!IsDtpmPresent ()) {
// dTPM not available
return TPM_DEVICE_NULL;
}
@@ -96,7 +119,11 @@ DetectTpmDevice ( return TPM_DEVICE_2_0_DTPM;
}
- Status = Tpm12Startup (TPM_ST_CLEAR);
+ if (BootMode == BOOT_ON_S3_RESUME) {
+ Status = Tpm12Startup (TPM_ST_STATE);
+ } else {
+ Status = Tpm12Startup (TPM_ST_CLEAR);
+ }
if (EFI_ERROR (Status)) {
return TPM_DEVICE_2_0_DTPM;
}
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr b/SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr index 74e236319..84b55a9f1 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfig.vfr @@ -20,8 +20,9 @@ formset help = STRING_TOKEN(STR_TREE_HELP),
classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
- varstore TREE_CONFIGURATION,
+ efivarstore TREE_CONFIGURATION,
varid = TREE_CONFIGURATION_VARSTORE_ID,
+ attribute = 0x03, // EFI variable attribures EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_NON_VOLATILE
name = TREE_CONFIGURATION,
guid = TREE_CONFIG_FORM_SET_GUID;
@@ -40,7 +41,6 @@ formset prompt = STRING_TOKEN(STR_TREE_DEVICE_PROMPT),
help = STRING_TOKEN(STR_TREE_DEVICE_HELP),
flags = INTERACTIVE,
- option text = STRING_TOKEN(STR_TREE_TPM_DISABLE), value = TPM_DEVICE_NULL, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TREE_TPM_1_2), value = TPM_DEVICE_1_2, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TREE_TPM_2_0_DTPM), value = TPM_DEVICE_2_0_DTPM, flags = RESET_REQUIRED;
endoneof;
@@ -52,10 +52,11 @@ formset subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_TREE_PP_OPERATION);
- oneof varid = TREE_CONFIGURATION.Tpm2Operation,
+ oneof name = Tpm2Operation,
+ questionid = KEY_TPM2_OPERATION,
prompt = STRING_TOKEN(STR_TREE_OPERATION),
help = STRING_TOKEN(STR_TREE_OPERATION_HELP),
- flags = INTERACTIVE,
+ flags = INTERACTIVE | NUMERIC_SIZE_1,
option text = STRING_TOKEN(STR_TREE_NO_ACTION), value = TREE_PHYSICAL_PRESENCE_NO_ACTION, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TREE_CLEAR), value = TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR, flags = RESET_REQUIRED;
endoneof;
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c index 74b5e7ee2..2ad02c05a 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDriver.c @@ -38,8 +38,10 @@ TrEEConfigDriverEntryPoint ( EFI_STATUS Status;
TREE_CONFIG_PRIVATE_DATA *PrivateData;
TREE_CONFIGURATION TrEEConfiguration;
+ TREE_DEVICE_DETECTION TrEEDeviceDetection;
UINTN Index;
UINTN DataSize;
+ EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
Status = gBS->OpenProtocol (
ImageHandle,
@@ -79,37 +81,80 @@ TrEEConfigDriverEntryPoint ( &TrEEConfiguration
);
if (EFI_ERROR (Status)) {
+ //
+ // Variable not ready, set default value
+ //
+ TrEEConfiguration.TpmDevice = TPM_DEVICE_DEFAULT;
}
+
//
- // We should always reinit PP request.
+ // Validation
//
- TrEEConfiguration.Tpm2Operation = TREE_PHYSICAL_PRESENCE_NO_ACTION;
+ if ((TrEEConfiguration.TpmDevice > TPM_DEVICE_MAX) || (TrEEConfiguration.TpmDevice < TPM_DEVICE_MIN)) {
+ TrEEConfiguration.TpmDevice = TPM_DEVICE_DEFAULT;
+ }
//
- // Sync data from PCD to variable, so that we do not need detect again in S3 phase.
+ // Save to variable so platform driver can get it.
//
+ Status = gRT->SetVariable (
+ TREE_STORAGE_NAME,
+ &gTrEEConfigFormSetGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ sizeof(TrEEConfiguration),
+ &TrEEConfiguration
+ );
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "TrEEConfigDriver: Fail to set TREE_STORAGE_NAME\n"));
+ }
//
- // Get data from PCD to make sure data consistant - platform driver is suppose to construct this PCD accroding to Variable
+ // Sync data from PCD to variable, so that we do not need detect again in S3 phase.
//
+ TrEEDeviceDetection.TpmDeviceDetected = TPM_DEVICE_NULL;
for (Index = 0; Index < sizeof(mTpmInstanceId)/sizeof(mTpmInstanceId[0]); Index++) {
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &mTpmInstanceId[Index].TpmInstanceGuid)) {
- TrEEConfiguration.TpmDevice = mTpmInstanceId[Index].TpmDevice;
+ TrEEDeviceDetection.TpmDeviceDetected = mTpmInstanceId[Index].TpmDevice;
break;
}
}
+ PrivateData->TpmDeviceDetected = TrEEDeviceDetection.TpmDeviceDetected;
+
//
// Save to variable so platform driver can get it.
//
Status = gRT->SetVariable (
- TREE_STORAGE_NAME,
+ TREE_DEVICE_DETECTION_NAME,
&gTrEEConfigFormSetGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- sizeof(TrEEConfiguration),
- &TrEEConfiguration
+ sizeof(TrEEDeviceDetection),
+ &TrEEDeviceDetection
);
- ASSERT_EFI_ERROR (Status);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((EFI_D_ERROR, "TrEEConfigDriver: Fail to set TREE_DEVICE_DETECTION_NAME\n"));
+ Status = gRT->SetVariable (
+ TREE_DEVICE_DETECTION_NAME,
+ &gTrEEConfigFormSetGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
+ 0,
+ NULL
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
+
+ //
+ // We should lock TrEEDeviceDetection, because it contains information needed at S3.
+ //
+ Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
+ if (!EFI_ERROR (Status)) {
+ Status = VariableLockProtocol->RequestToLock (
+ VariableLockProtocol,
+ TREE_DEVICE_DETECTION_NAME,
+ &gTrEEConfigFormSetGuid
+ );
+ ASSERT_EFI_ERROR (Status);
+ }
//
// Install TrEE configuration form
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf index 0878fb651..042ad878d 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigDxe.inf @@ -62,6 +62,7 @@ [Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
gEfiHiiConfigRoutingProtocolGuid ## CONSUMES
+ gEdkiiVariableLockProtocolGuid ## CONSUMES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c index 0df99d607..2748505fe 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.c @@ -86,96 +86,7 @@ TrEEExtractConfig ( OUT EFI_STRING *Results
)
{
- EFI_STATUS Status;
- UINTN BufferSize;
- TREE_CONFIGURATION Configuration;
- TREE_CONFIG_PRIVATE_DATA *PrivateData;
- EFI_STRING ConfigRequestHdr;
- EFI_STRING ConfigRequest;
- BOOLEAN AllocatedRequest;
- UINTN Size;
- UINTN Index;
-
- if (Progress == NULL || Results == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Request;
- if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTrEEConfigFormSetGuid, TREE_STORAGE_NAME)) {
- return EFI_NOT_FOUND;
- }
-
- ConfigRequestHdr = NULL;
- ConfigRequest = NULL;
- AllocatedRequest = FALSE;
- Size = 0;
-
- PrivateData = TREE_CONFIG_PRIVATE_DATA_FROM_THIS (This);
-
- //
- // Convert buffer data to <ConfigResp> by helper function BlockToConfig()
- //
- BufferSize = sizeof (Configuration);
- Status = gRT->GetVariable (
- TREE_STORAGE_NAME,
- &gTrEEConfigFormSetGuid,
- NULL,
- &BufferSize,
- &Configuration
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Get data from PCD to make sure data consistant - platform driver is suppose to construct this PCD accroding to Variable
- //
- for (Index = 0; Index < sizeof(mTpmInstanceId)/sizeof(mTpmInstanceId[0]); Index++) {
- if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &mTpmInstanceId[Index].TpmInstanceGuid)) {
- Configuration.TpmDevice = mTpmInstanceId[Index].TpmDevice;
- break;
- }
- }
-
- BufferSize = sizeof (Configuration);
- ConfigRequest = Request;
- if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
- //
- // Request has no request element, construct full request string.
- // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
- // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
- //
- ConfigRequestHdr = HiiConstructConfigHdr (&gTrEEConfigFormSetGuid, TREE_STORAGE_NAME, PrivateData->DriverHandle);
- Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
- ConfigRequest = AllocateZeroPool (Size);
- ASSERT (ConfigRequest != NULL);
- AllocatedRequest = TRUE;
- UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64) BufferSize);
- FreePool (ConfigRequestHdr);
- }
-
- Status = gHiiConfigRouting->BlockToConfig (
- gHiiConfigRouting,
- ConfigRequest,
- (UINT8 *) &Configuration,
- BufferSize,
- Results,
- Progress
- );
- //
- // Free the allocated config request string.
- //
- if (AllocatedRequest) {
- FreePool (ConfigRequest);
- }
- //
- // Set Progress string to the original request string.
- //
- if (Request == NULL) {
- *Progress = NULL;
- } else if (StrStr (Request, L"OFFSET") == NULL) {
- *Progress = Request + StrLen (Request);
- }
-
- return Status;
+ return EFI_UNSUPPORTED;
}
/**
@@ -252,59 +163,7 @@ TrEERouteConfig ( OUT EFI_STRING *Progress
)
{
- EFI_STATUS Status;
- UINTN BufferSize;
- TREE_CONFIGURATION TrEEConfiguration;
-
- if (Configuration == NULL || Progress == NULL) {
- return EFI_INVALID_PARAMETER;
- }
-
- *Progress = Configuration;
- if (!HiiIsConfigHdrMatch (Configuration, &gTrEEConfigFormSetGuid, TREE_STORAGE_NAME)) {
- return EFI_NOT_FOUND;
- }
-
- BufferSize = sizeof (TrEEConfiguration);
- Status = gRT->GetVariable (
- TREE_STORAGE_NAME,
- &gTrEEConfigFormSetGuid,
- NULL,
- &BufferSize,
- &TrEEConfiguration
- );
- ASSERT_EFI_ERROR (Status);
-
- //
- // Convert <ConfigResp> to buffer data by helper function ConfigToBlock()
- //
- BufferSize = sizeof (TREE_CONFIGURATION);
- Status = gHiiConfigRouting->ConfigToBlock (
- gHiiConfigRouting,
- Configuration,
- (UINT8 *) &TrEEConfiguration,
- &BufferSize,
- Progress
- );
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- //
- // Save to variable so platform driver can get it.
- //
- Status = gRT->SetVariable (
- TREE_STORAGE_NAME,
- &gTrEEConfigFormSetGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
- sizeof(TrEEConfiguration),
- &TrEEConfiguration
- );
-
- SaveTrEEPpRequest (TrEEConfiguration.Tpm2Operation
- );
-
- return Status;
+ return EFI_UNSUPPORTED;
}
/**
@@ -343,13 +202,17 @@ TrEECallback ( if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER;
}
-
- if ((Action != EFI_BROWSER_ACTION_CHANGED) ||
- (QuestionId != KEY_TPM_DEVICE)) {
- return EFI_UNSUPPORTED;
+
+ if (Action == EFI_BROWSER_ACTION_CHANGED) {
+ if (QuestionId == KEY_TPM_DEVICE) {
+ return EFI_SUCCESS;
+ }
+ if (QuestionId == KEY_TPM2_OPERATION) {
+ return SaveTrEEPpRequest (Value->u8);
+ }
}
- return EFI_SUCCESS;
+ return EFI_UNSUPPORTED;
}
/**
@@ -413,6 +276,24 @@ InstallTrEEConfigForm ( PrivateData->HiiHandle = HiiHandle;
+ //
+ // Update static data
+ //
+ switch (PrivateData->TpmDeviceDetected) {
+ case TPM_DEVICE_NULL:
+ HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TREE_DEVICE_STATE_CONTENT), L"Not Found", NULL);
+ break;
+ case TPM_DEVICE_1_2:
+ HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TREE_DEVICE_STATE_CONTENT), L"TPM 1.2", NULL);
+ break;
+ case TPM_DEVICE_2_0_DTPM:
+ HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TREE_DEVICE_STATE_CONTENT), L"TPM 2.0 (DTPM)", NULL);
+ break;
+ default:
+ HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TREE_DEVICE_STATE_CONTENT), L"Unknown", NULL);
+ break;
+ }
+
return EFI_SUCCESS;
}
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h index 0d62c831d..720c698e7 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigImpl.h @@ -21,6 +21,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Protocol/HiiConfigAccess.h>
#include <Protocol/HiiConfigRouting.h>
#include <Protocol/TrEEProtocol.h>
+#include <Protocol/VariableLock.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
@@ -60,6 +61,7 @@ typedef struct { EFI_HII_HANDLE HiiHandle;
EFI_HANDLE DriverHandle;
+ UINT8 TpmDeviceDetected;
} TREE_CONFIG_PRIVATE_DATA;
extern TREE_CONFIG_PRIVATE_DATA mTrEEConfigPrivateDateTemplate;
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h index cb9f5a818..14e5d926a 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigNvData.h @@ -23,22 +23,32 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define TREE_CONFIGURATION_FORM_ID 0x0001
#define KEY_TPM_DEVICE 0x2000
+#define KEY_TPM2_OPERATION 0x2001
#define TPM_DEVICE_NULL 0
#define TPM_DEVICE_1_2 1
#define TPM_DEVICE_2_0_DTPM 2
+#define TPM_DEVICE_MIN TPM_DEVICE_1_2
#define TPM_DEVICE_MAX TPM_DEVICE_2_0_DTPM
#define TPM_DEVICE_DEFAULT TPM_DEVICE_1_2
//
-// Nv Data structure referenced by IFR
+// Nv Data structure referenced by IFR, TPM device user desired
//
typedef struct {
UINT8 TpmDevice;
- UINT8 Tpm2Operation;
} TREE_CONFIGURATION;
+//
+// Variable saved for S3, TPM detected, only valid in S3 path.
+// This variable is ReadOnly.
+//
+typedef struct {
+ UINT8 TpmDeviceDetected;
+} TREE_DEVICE_DETECTION;
+
#define TREE_STORAGE_NAME L"TREE_CONFIGURATION"
+#define TREE_DEVICE_DETECTION_NAME L"TREE_DEVICE_DETECTION"
#define TPM_INSTANCE_ID_LIST { \
{TPM_DEVICE_INTERFACE_NONE, TPM_DEVICE_NULL}, \
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c index 77d640dd4..9c1e917ab 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c @@ -94,8 +94,8 @@ TrEEConfigPeimEntryPoint ( //
// Validation
//
- if (TrEEConfiguration.TpmDevice > TPM_DEVICE_MAX) {
- TrEEConfiguration.TpmDevice = TPM_DEVICE_DEFAULT;
+ if ((TrEEConfiguration.TpmDevice > TPM_DEVICE_MAX) || (TrEEConfiguration.TpmDevice < TPM_DEVICE_MIN)) {
+ TrEEConfiguration.TpmDevice = TPM_DEVICE_DEFAULT;
}
//
@@ -105,8 +105,12 @@ TrEEConfigPeimEntryPoint ( if (PcdGetBool (PcdTpmAutoDetection)) {
TpmDevice = DetectTpmDevice (TrEEConfiguration.TpmDevice);
- DEBUG ((EFI_D_ERROR, "TrEEConfiguration.TpmDevice final: %x\n", TpmDevice));
- TrEEConfiguration.TpmDevice = TpmDevice;
+ DEBUG ((EFI_D_ERROR, "TpmDevice final: %x\n", TpmDevice));
+ if (TpmDevice != TPM_DEVICE_NULL) {
+ TrEEConfiguration.TpmDevice = TpmDevice;
+ }
+ } else {
+ TpmDevice = TrEEConfiguration.TpmDevice;
}
//
@@ -114,11 +118,14 @@ TrEEConfigPeimEntryPoint ( // This is work-around because there is no gurantee DynamicHiiPcd can return correct value in DXE phase.
// Using DynamicPcd instead.
//
+ // NOTE: TrEEConfiguration variable contains the desired TpmDevice type,
+ // while PcdTpmInstanceGuid PCD contains the real detected TpmDevice type
+ //
for (Index = 0; Index < sizeof(mTpmInstanceId)/sizeof(mTpmInstanceId[0]); Index++) {
- if (TrEEConfiguration.TpmDevice == mTpmInstanceId[Index].TpmDevice) {
+ if (TpmDevice == mTpmInstanceId[Index].TpmDevice) {
Size = sizeof(mTpmInstanceId[Index].TpmInstanceGuid);
PcdSetPtr (PcdTpmInstanceGuid, &Size, &mTpmInstanceId[Index].TpmInstanceGuid);
- DEBUG ((EFI_D_ERROR, "TrEEConfiguration.TpmDevice PCD: %g\n", &mTpmInstanceId[Index].TpmInstanceGuid));
+ DEBUG ((EFI_D_ERROR, "TpmDevice PCD: %g\n", &mTpmInstanceId[Index].TpmInstanceGuid));
break;
}
}
|