[edk2-devel] [PATCH 3/3] SecurityPkg/Tcg2: Add Support Laml, Lasa for TPM2 ACPI.
Yao, Jiewen
jiewen.yao at intel.com
Sun Sep 29 06:15:58 UTC 2019
Tcg2Dxe produces PcdTpm2AcpiTableLaml/Lasa for event log address.
Tcg2Smm consumes PcdTpm2AcpiTableLaml/Lasa to fill TPM2 ACPI table.
Cc: Jian J Wang <jian.j.wang at intel.com>
Cc: Chao Zhang <chao.b.zhang at intel.com>
Signed-off-by: Jiewen Yao <jiewen.yao at intel.com>
---
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c | 32 +++++++++++++++++++++++------
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf | 3 +++
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 32 ++++++++++++++++++++++++++---
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf | 2 ++
4 files changed, 60 insertions(+), 9 deletions(-)
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
index a2729457b7..85f2e0ae38 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
@@ -1467,17 +1467,37 @@ SetupEventLog (
for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
mTcgDxeData.EventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
- Status = gBS->AllocatePages (
- AllocateAnyPages,
- EfiBootServicesData,
- EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
- &Lasa
- );
+ if (PcdGet8(PcdTpm2AcpiTableRev) >= 4) {
+ Status = gBS->AllocatePages (
+ AllocateAnyPages,
+ EfiACPIMemoryNVS,
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
+ &Lasa
+ );
+ } else {
+ Status = gBS->AllocatePages (
+ AllocateAnyPages,
+ EfiBootServicesData,
+ EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
+ &Lasa
+ );
+ }
if (EFI_ERROR (Status)) {
return Status;
}
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
+
+ if ((PcdGet8(PcdTpm2AcpiTableRev) >= 4) ||
+ (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)) {
+ //
+ // Report TCG2 event log address and length, so that they can be reported in TPM2 ACPI table.
+ // Ignore the return status, because those fields are optional.
+ //
+ PcdSet32S(PcdTpm2AcpiTableLaml, (UINT32)mTcgDxeData.EventLogAreaStruct[Index].Laml);
+ PcdSet64S(PcdTpm2AcpiTableLasa, mTcgDxeData.EventLogAreaStruct[Index].Lasa);
+ }
+
//
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
diff --git a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
index 9a44aadea6..c41c50a7a2 100644
--- a/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+++ b/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
@@ -102,6 +102,9 @@
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcgLogAreaMinLen ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2FinalLogAreaLen ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLaml ## PRODUCES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLasa ## PRODUCES
[Depex]
TRUE
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
index a2d71741f2..14e4ed0ee1 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
@@ -16,8 +16,24 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include "Tcg2Smm.h"
+#pragma pack(1)
-EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = {
+typedef struct {
+ EFI_ACPI_DESCRIPTION_HEADER Header;
+ // Flags field is replaced in version 4 and above
+ // BIT0~15: PlatformClass This field is only valid for version 4 and above
+ // BIT16~31: Reserved
+ UINT32 Flags;
+ UINT64 AddressOfControlArea;
+ UINT32 StartMethod;
+ UINT8 PlatformSpecificParameters[12]; // size up to 12
+ UINT32 Laml; // Optional
+ UINT64 Lasa; // Optional
+} EFI_TPM2_ACPI_TABLE_V4;
+
+#pragma pack()
+
+EFI_TPM2_ACPI_TABLE_V4 mTpm2AcpiTemplate = {
{
EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,
sizeof (mTpm2AcpiTemplate),
@@ -748,6 +764,16 @@ PublishTpm2 (
DEBUG((DEBUG_INFO, "Tpm2 ACPI table PlatformClass is %d\n", (mTpm2AcpiTemplate.Flags & 0x0000FFFF)));
}
+ mTpm2AcpiTemplate.Laml = PcdGet32(PcdTpm2AcpiTableLaml);
+ mTpm2AcpiTemplate.Lasa = PcdGet64(PcdTpm2AcpiTableLasa);
+ if ((mTpm2AcpiTemplate.Header.Revision < EFI_TPM2_ACPI_TABLE_REVISION_4) ||
+ (mTpm2AcpiTemplate.Laml == 0) || (mTpm2AcpiTemplate.Lasa == 0)) {
+ //
+ // If version is smaller than 4 or Laml/Lasa is not valid, rollback to original Length.
+ //
+ mTpm2AcpiTemplate.Header.Length = sizeof(EFI_TPM2_ACPI_TABLE);
+ }
+
//
// Measure to PCR[0] with event EV_POST_CODE ACPI DATA
//
@@ -757,7 +783,7 @@ PublishTpm2 (
EV_POSTCODE_INFO_ACPI_DATA,
ACPI_DATA_LEN,
&mTpm2AcpiTemplate,
- sizeof(mTpm2AcpiTemplate)
+ mTpm2AcpiTemplate.Header.Length
);
InterfaceType = PcdGet8(PcdActiveTpmInterfaceType);
@@ -795,7 +821,7 @@ PublishTpm2 (
Status = AcpiTable->InstallAcpiTable (
AcpiTable,
&mTpm2AcpiTemplate,
- sizeof(mTpm2AcpiTemplate),
+ mTpm2AcpiTemplate.Header.Length,
&TableKey
);
ASSERT_EFI_ERROR (Status);
diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
index 471342703f..e33cbcc491 100644
--- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
+++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
@@ -84,6 +84,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2CurrentIrqNum ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2PossibleIrqNumBuf ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdActiveTpmInterfaceType ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLaml ## CONSUMES
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableLasa ## CONSUMES
[Depex]
gEfiAcpiTableProtocolGuid AND
--
2.19.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#48262): https://edk2.groups.io/g/devel/message/48262
Mute This Topic: https://groups.io/mt/34330941/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list