/** @file\r
Initialize TPM device and measure FVs before handing off control to DXE.\r
\r
-Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution. The full text of the license may be found at \r
#include <Library/HobLib.h>\r
#include <Library/PcdLib.h>\r
#include <Library/PeiServicesTablePointerLib.h>\r
+#include <Library/BaseLib.h>\r
\r
#include "TpmComm.h"\r
\r
}\r
};\r
\r
-CHAR8 mSCrtmVersion[] = "{D20BC7C6-A1A5-415c-AE85-38290AB6BE04}";\r
-\r
EFI_PLATFORM_FIRMWARE_BLOB mMeasuredFvInfo[FixedPcdGet32 (PcdPeiCoreMaxFvSupported)];\r
UINT32 mMeasuredFvIndex = 0;\r
\r
TCG_PCR_EVENT_HDR TcgEventHdr;\r
\r
//\r
- // Here, only a static GUID is measured instead of real CRTM version.\r
+ // Use FirmwareVersion string to represent CRTM version.\r
// OEMs should get real CRTM version string and measure it.\r
//\r
\r
TcgEventHdr.PCRIndex = 0;\r
TcgEventHdr.EventType = EV_S_CRTM_VERSION;\r
- TcgEventHdr.EventSize = sizeof (mSCrtmVersion);\r
+ TcgEventHdr.EventSize = StrSize((CHAR16*)PcdGetPtr (PcdFirmwareVersionString));\r
+\r
return HashLogExtendEvent (\r
PeiServices,\r
- (UINT8*)&mSCrtmVersion,\r
+ (UINT8*)PcdGetPtr (PcdFirmwareVersionString),\r
TcgEventHdr.EventSize,\r
TpmHandle,\r
&TcgEventHdr,\r
- (UINT8*)&mSCrtmVersion\r
+ (UINT8*)PcdGetPtr (PcdFirmwareVersionString)\r
);\r
}\r
\r
}\r
\r
/**\r
- Lock physical presence if needed.\r
+ Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by corresponding PCDs.\r
+ And lock physical presence if needed.\r
\r
@param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation\r
@param[in] NotifyDescriptor Address of the notification descriptor data structure.\r
BOOLEAN LifetimeLock;\r
BOOLEAN CmdEnable;\r
TIS_TPM_HANDLE TpmHandle;\r
+ TPM_PHYSICAL_PRESENCE PhysicalPresenceValue;\r
\r
TpmHandle = (TIS_TPM_HANDLE) (UINTN) TPM_BASE_ADDRESS;\r
- LockPhysicalPresencePpi = (PEI_LOCK_PHYSICAL_PRESENCE_PPI *) Ppi;\r
\r
- if (!LockPhysicalPresencePpi->LockPhysicalPresence ((CONST EFI_PEI_SERVICES**) PeiServices)) {\r
- return EFI_SUCCESS;\r
+ Status = TpmCommGetCapability (PeiServices, TpmHandle, NULL, &LifetimeLock, &CmdEnable);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
}\r
\r
//\r
- // Lock TPM physical presence.\r
+ // 1. Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by PCDs.\r
//\r
+ if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !LifetimeLock) {\r
+ //\r
+ // Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet. \r
+ //\r
+ PhysicalPresenceValue = TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK;\r
+\r
+ if (PcdGetBool (PcdPhysicalPresenceCmdEnable)) {\r
+ PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_ENABLE;\r
+ CmdEnable = TRUE;\r
+ } else {\r
+ PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_DISABLE;\r
+ CmdEnable = FALSE;\r
+ }\r
\r
- Status = TpmCommGetCapability (PeiServices, TpmHandle, NULL, &LifetimeLock, &CmdEnable);\r
- if (EFI_ERROR (Status)) {\r
- return Status;\r
+ if (PcdGetBool (PcdPhysicalPresenceHwEnable)) {\r
+ PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_ENABLE;\r
+ } else {\r
+ PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE;\r
+ } \r
+ \r
+ Status = TpmCommPhysicalPresence (\r
+ PeiServices,\r
+ TpmHandle,\r
+ PhysicalPresenceValue\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+ }\r
+ \r
+ //\r
+ // 2. Lock physical presence if it is required.\r
+ //\r
+ LockPhysicalPresencePpi = (PEI_LOCK_PHYSICAL_PRESENCE_PPI *) Ppi;\r
+ if (!LockPhysicalPresencePpi->LockPhysicalPresence ((CONST EFI_PEI_SERVICES**) PeiServices)) {\r
+ return EFI_SUCCESS;\r
}\r
\r
if (!CmdEnable) {\r
projects / mirror_edk2.git / blobdiff