[mirror_edk2.git] / SecurityPkg / Tcg / TcgSmm / TcgSmm.c

/** @file\r
  It updates TPM items in ACPI table and registers SMI callback\r
  functions for physical presence and ClearMemory.\r
\r
  Caution: This module requires additional review when modified.\r
  This driver will have external input - variable and ACPINvs data in SMM mode.\r
  This external input must be validated carefully to avoid security issue.\r
\r
  PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.\r
\r
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution.  The full text of the license may be found at \r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include "TcgSmm.h"\r
\r
EFI_SMM_VARIABLE_PROTOCOL  *mSmmVariable;\r
TCG_NVS                    *mTcgNvs;\r
\r
/**\r
  Software SMI callback for TPM physical presence which is called from ACPI method.\r
\r
  Caution: This function may receive untrusted input.\r
  Variable and ACPINvs are external input, so this function will validate\r
  its data structure to be valid value.\r
\r
  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().\r
  @param[in]      Context         Points to an optional handler context which was specified when the\r
                                  handler was registered.\r
  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will\r
                                  be conveyed from a non-SMM environment into an SMM environment.\r
  @param[in, out] CommBufferSize  The size of the CommBuffer.\r
\r
  @retval EFI_SUCCESS             The interrupt was handled successfully.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
PhysicalPresenceCallback (\r
  IN EFI_HANDLE                  DispatchHandle,\r
  IN CONST VOID                  *Context,\r
  IN OUT VOID                    *CommBuffer,\r
  IN OUT UINTN                   *CommBufferSize\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  UINTN                          DataSize;\r
  EFI_PHYSICAL_PRESENCE          PpData;\r
  UINT8                          Flags;\r
  BOOLEAN                        RequestConfirmed;\r
\r
  //\r
  // Get the Physical Presence variable\r
  //\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
  Status = mSmmVariable->SmmGetVariable (\r
                           PHYSICAL_PRESENCE_VARIABLE,\r
                           &gEfiPhysicalPresenceGuid,\r
                           NULL,\r
                           &DataSize,\r
                           &PpData\r
                           );\r
  if (EFI_ERROR (Status)) {\r
    return EFI_SUCCESS;\r
  }\r
\r
  DEBUG ((EFI_D_INFO, "[TPM] PP callback, Parameter = %x\n", mTcgNvs->PhysicalPresence.Parameter));\r
  if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {\r
    mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;\r
    mTcgNvs->PhysicalPresence.Response    = PpData.PPResponse;\r
  } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) \r
          || (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {\r
    if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) {\r
      //\r
      // This command requires UI to prompt user for Auth data.\r
      //\r
      mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;\r
      return EFI_SUCCESS;\r
    }\r
\r
    if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {\r
      PpData.PPRequest = (UINT8) mTcgNvs->PhysicalPresence.Request;\r
      DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
      Status = mSmmVariable->SmmSetVariable (\r
                               PHYSICAL_PRESENCE_VARIABLE,\r
                               &gEfiPhysicalPresenceGuid,\r
                               EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                               DataSize,\r
                               &PpData\r
                               );\r
    }\r
\r
    if (EFI_ERROR (Status)) { \r
      mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;\r
      return EFI_SUCCESS;\r
    }\r
    mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;\r
  } else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {\r
    Flags = PpData.Flags;  \r
    RequestConfirmed = FALSE;\r
\r
    switch (mTcgNvs->PhysicalPresence.Request) {\r
      case PHYSICAL_PRESENCE_ENABLE:\r
      case PHYSICAL_PRESENCE_DISABLE:\r
      case PHYSICAL_PRESENCE_ACTIVATE:\r
      case PHYSICAL_PRESENCE_DEACTIVATE:\r
      case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
      case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
      case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
      case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
      case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
      case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
        if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
          RequestConfirmed = TRUE;\r
        }\r
        break;\r
\r
      case PHYSICAL_PRESENCE_CLEAR:\r
      case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
        if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
          RequestConfirmed = TRUE;\r
        }\r
        break;\r
\r
      case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
        if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
          RequestConfirmed = TRUE;\r
        }\r
        break;\r
\r
      case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
      case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
        if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
          RequestConfirmed = TRUE;\r
        }\r
        break;  \r
\r
      case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
      case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
      case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
      case PHYSICAL_PRESENCE_NO_ACTION:\r
        RequestConfirmed = TRUE;\r
        break;\r
\r
      case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
        //\r
        // This command requires UI to prompt user for Auth data\r
        //\r
        mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED; \r
        return EFI_SUCCESS;\r
    }\r
\r
    if (RequestConfirmed) {\r
      mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;\r
    } else {\r
      mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;\r
    }    \r
  } \r
\r
  return EFI_SUCCESS;\r
}\r
\r
\r
/**\r
  Software SMI callback for MemoryClear which is called from ACPI method.\r
\r
  Caution: This function may receive untrusted input.\r
  Variable and ACPINvs are external input, so this function will validate\r
  its data structure to be valid value.\r
\r
  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().\r
  @param[in]      Context         Points to an optional handler context which was specified when the\r
                                  handler was registered.\r
  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will\r
                                  be conveyed from a non-SMM environment into an SMM environment.\r
  @param[in, out] CommBufferSize  The size of the CommBuffer.\r
\r
  @retval EFI_SUCCESS             The interrupt was handled successfully.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
MemoryClearCallback (\r
  IN EFI_HANDLE                  DispatchHandle,\r
  IN CONST VOID                  *Context,\r
  IN OUT VOID                    *CommBuffer,\r
  IN OUT UINTN                   *CommBufferSize\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  UINTN                          DataSize;\r
  UINT8                          MorControl;\r
\r
  mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_SUCCESS;\r
  if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE) {\r
    MorControl = (UINT8) mTcgNvs->MemoryClear.Request;\r
  } else if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_PTS_CLEAR_MOR_BIT) {\r
    DataSize = sizeof (UINT8);\r
    Status = mSmmVariable->SmmGetVariable (\r
                             MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
                             &gEfiMemoryOverwriteControlDataGuid,\r
                             NULL,\r
                             &DataSize,\r
                             &MorControl\r
                             );\r
    if (EFI_ERROR (Status)) {\r
      return EFI_SUCCESS;\r
    }\r
\r
    if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {\r
      return EFI_SUCCESS;\r
    }\r
    MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;\r
  }\r
\r
  DataSize = sizeof (UINT8);\r
  Status = mSmmVariable->SmmSetVariable (\r
                           MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
                           &gEfiMemoryOverwriteControlDataGuid,\r
                           EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                           DataSize,\r
                           &MorControl\r
                           );\r
  if (EFI_ERROR (Status)) { \r
    mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Find the operation region in TCG ACPI table by given Name and Size,\r
  and initialize it if the region is found.\r
\r
  @param[in, out] Table          The TPM item in ACPI table.\r
  @param[in]      Name           The name string to find in TPM table.\r
  @param[in]      Size           The size of the region to find.\r
\r
  @return                        The allocated address for the found region.\r
\r
**/\r
VOID *\r
AssignOpRegion (\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table,\r
  UINT32                         Name,\r
  UINT16                         Size\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  AML_OP_REGION_32_8             *OpRegion;\r
  EFI_PHYSICAL_ADDRESS           MemoryAddress;\r
\r
  MemoryAddress = SIZE_4GB - 1;\r
\r
  //\r
  // Patch some pointers for the ASL code before loading the SSDT.\r
  //\r
  for (OpRegion  = (AML_OP_REGION_32_8 *) (Table + 1);\r
       OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);\r
       OpRegion  = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {\r
    if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) && \r
        (OpRegion->NameString  == Name) &&\r
        (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&\r
        (OpRegion->BytePrefix  == AML_BYTE_PREFIX)) {\r
\r
      Status = gBS->AllocatePages(AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress);\r
      ASSERT_EFI_ERROR (Status);\r
      ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);\r
      OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;\r
      OpRegion->RegionLen    = (UINT8) Size;\r
      break;\r
    }\r
  }\r
\r
  return (VOID *) (UINTN) MemoryAddress;\r
}\r
\r
/**\r
  Initialize and publish TPM items in ACPI table.\r
\r
  @retval   EFI_SUCCESS     The TCG ACPI table is published successfully.\r
  @retval   Others          The TCG ACPI table is not published.\r
\r
**/\r
EFI_STATUS\r
PublishAcpiTable (\r
  VOID\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  EFI_ACPI_TABLE_PROTOCOL        *AcpiTable;\r
  UINTN                          TableKey;\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table;\r
  UINTN                          TableSize;\r
\r
  Status = GetSectionFromFv (\r
             &gEfiCallerIdGuid,\r
             EFI_SECTION_RAW,\r
             0,\r
             (VOID **) &Table,\r
             &TableSize\r
             );\r
  ASSERT_EFI_ERROR (Status);\r
\r
\r
  //\r
  // Measure to PCR[0] with event EV_POST_CODE ACPI DATA\r
  //\r
  TpmMeasureAndLogData(\r
    0,\r
    EV_POST_CODE,\r
    EV_POSTCODE_INFO_ACPI_DATA,\r
    ACPI_DATA_LEN,\r
    Table,\r
    TableSize\r
    );\r
\r
\r
  ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'c', 'g', 'T', 'a', 'b', 'l', 'e'));\r
  mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));\r
  ASSERT (mTcgNvs != NULL);\r
\r
  //\r
  // Publish the TPM ACPI table\r
  //\r
  Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  TableKey = 0;\r
  Status = AcpiTable->InstallAcpiTable (\r
                        AcpiTable,\r
                        Table,\r
                        TableSize,\r
                        &TableKey\r
                        );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return Status;\r
}\r
\r
/**\r
  The driver's entry point.\r
\r
  It install callbacks for TPM physical presence and MemoryClear, and locate \r
  SMM variable to be used in the callback function.\r
\r
  @param[in] ImageHandle  The firmware allocated handle for the EFI image.  \r
  @param[in] SystemTable  A pointer to the EFI System Table.\r
  \r
  @retval EFI_SUCCESS     The entry point is executed successfully.\r
  @retval Others          Some error occurs when executing this entry point.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
InitializeTcgSmm (\r
  IN EFI_HANDLE                  ImageHandle,\r
  IN EFI_SYSTEM_TABLE            *SystemTable\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  EFI_SMM_SW_DISPATCH2_PROTOCOL  *SwDispatch;\r
  EFI_SMM_SW_REGISTER_CONTEXT    SwContext;\r
  EFI_HANDLE                     SwHandle;\r
\r
  Status = PublishAcpiTable ();\r
  ASSERT_EFI_ERROR (Status);\r
\r
  //\r
  // Get the Sw dispatch protocol and register SMI callback functions.\r
  //\r
  Status = gSmst->SmmLocateProtocol (&gEfiSmmSwDispatch2ProtocolGuid, NULL, (VOID**)&SwDispatch);\r
  ASSERT_EFI_ERROR (Status);\r
  SwContext.SwSmiInputValue = (UINTN) -1;\r
  Status = SwDispatch->Register (SwDispatch, PhysicalPresenceCallback, &SwContext, &SwHandle);\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
  mTcgNvs->PhysicalPresence.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
\r
  SwContext.SwSmiInputValue = (UINTN) -1;\r
  Status = SwDispatch->Register (SwDispatch, MemoryClearCallback, &SwContext, &SwHandle);\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
  mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
  \r
  //\r
  // Locate SmmVariableProtocol.\r
  //\r
  Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mSmmVariable);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
Commit	Line	Data
0c18794e	1	/** @file\r
	2	It updates TPM items in ACPI table and registers SMI callback\r
	3	functions for physical presence and ClearMemory.\r
	4	\r
dc204d5a JY	5	Caution: This module requires additional review when modified.\r
	6	This driver will have external input - variable and ACPINvs data in SMM mode.\r
	7	This external input must be validated carefully to avoid security issue.\r
	8	\r
	9	PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.\r
	10	\r
82a1e09c	11	Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>\r
0c18794e	12	This program and the accompanying materials \r
	13	are licensed and made available under the terms and conditions of the BSD License \r
	14	which accompanies this distribution. The full text of the license may be found at \r
	15	http://opensource.org/licenses/bsd-license.php\r
	16	\r
	17	THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
	18	WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
	19	\r
	20	**/\r
	21	\r
82a1e09c	22	#include "TcgSmm.h"\r
0c18794e	23	\r
	24	EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable;\r
	25	TCG_NVS *mTcgNvs;\r
	26	\r
	27	/**\r
	28	Software SMI callback for TPM physical presence which is called from ACPI method.\r
	29	\r
dc204d5a JY	30	Caution: This function may receive untrusted input.\r
	31	Variable and ACPINvs are external input, so this function will validate\r
	32	its data structure to be valid value.\r
	33	\r
0c18794e	34	@param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().\r
	35	@param[in] Context Points to an optional handler context which was specified when the\r
	36	handler was registered.\r
	37	@param[in, out] CommBuffer A pointer to a collection of data in memory that will\r
	38	be conveyed from a non-SMM environment into an SMM environment.\r
	39	@param[in, out] CommBufferSize The size of the CommBuffer.\r
	40	\r
	41	@retval EFI_SUCCESS The interrupt was handled successfully.\r
	42	\r
	43	**/\r
	44	EFI_STATUS\r
	45	EFIAPI\r
	46	PhysicalPresenceCallback (\r
	47	IN EFI_HANDLE DispatchHandle,\r
	48	IN CONST VOID *Context,\r
	49	IN OUT VOID *CommBuffer,\r
	50	IN OUT UINTN *CommBufferSize\r
	51	)\r
	52	{\r
	53	EFI_STATUS Status;\r
	54	UINTN DataSize;\r
	55	EFI_PHYSICAL_PRESENCE PpData;\r
	56	UINT8 Flags;\r
	57	BOOLEAN RequestConfirmed;\r
	58	\r
	59	//\r
	60	// Get the Physical Presence variable\r
	61	//\r
	62	DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
	63	Status = mSmmVariable->SmmGetVariable (\r
	64	PHYSICAL_PRESENCE_VARIABLE,\r
	65	&gEfiPhysicalPresenceGuid,\r
	66	NULL,\r
	67	&DataSize,\r
	68	&PpData\r
	69	);\r
	70	if (EFI_ERROR (Status)) {\r
	71	return EFI_SUCCESS;\r
	72	}\r
	73	\r
	74	DEBUG ((EFI_D_INFO, "[TPM] PP callback, Parameter = %x\n", mTcgNvs->PhysicalPresence.Parameter));\r
82a1e09c	75	if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {\r
0c18794e	76	mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;\r
0c18794e	77	mTcgNvs->PhysicalPresence.Response = PpData.PPResponse;\r
82a1e09c	78	} else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) \r
82a1e09c	79	\|\| (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {\r
607599bf	80	if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) {\r
0c18794e	81	//\r
82a1e09c	82	// This command requires UI to prompt user for Auth data.\r
0c18794e	83	//\r
82a1e09c	84	mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;\r
0c18794e	85	return EFI_SUCCESS;\r
	86	}\r
	87	\r
	88	if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {\r
	89	PpData.PPRequest = (UINT8) mTcgNvs->PhysicalPresence.Request;\r
	90	DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
	91	Status = mSmmVariable->SmmSetVariable (\r
	92	PHYSICAL_PRESENCE_VARIABLE,\r
	93	&gEfiPhysicalPresenceGuid,\r
	94	EFI_VARIABLE_NON_VOLATILE \| EFI_VARIABLE_BOOTSERVICE_ACCESS \| EFI_VARIABLE_RUNTIME_ACCESS,\r
	95	DataSize,\r
	96	&PpData\r
	97	);\r
	98	}\r
	99	\r
	100	if (EFI_ERROR (Status)) { \r
82a1e09c	101	mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;\r
0c18794e	102	return EFI_SUCCESS;\r
0c18794e	103	}\r
82a1e09c	104	mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;\r
82a1e09c	105	} else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {\r
0c18794e	106	Flags = PpData.Flags; \r
	107	RequestConfirmed = FALSE;\r
	108	\r
	109	switch (mTcgNvs->PhysicalPresence.Request) {\r
607599bf	110	case PHYSICAL_PRESENCE_ENABLE:\r
	111	case PHYSICAL_PRESENCE_DISABLE:\r
	112	case PHYSICAL_PRESENCE_ACTIVATE:\r
	113	case PHYSICAL_PRESENCE_DEACTIVATE:\r
	114	case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
	115	case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
	116	case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
	117	case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
	118	case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
	119	case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
0c18794e	120	if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
	121	RequestConfirmed = TRUE;\r
	122	}\r
	123	break;\r
	124	\r
607599bf	125	case PHYSICAL_PRESENCE_CLEAR:\r
607599bf	126	case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
0c18794e	127	if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
	128	RequestConfirmed = TRUE;\r
	129	}\r
	130	break;\r
	131	\r
607599bf	132	case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
0c18794e	133	if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
	134	RequestConfirmed = TRUE;\r
	135	}\r
	136	break;\r
	137	\r
607599bf	138	case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
607599bf	139	case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e	140	if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
	141	RequestConfirmed = TRUE;\r
	142	}\r
	143	break; \r
	144	\r
607599bf	145	case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
	146	case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
	147	case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
	148	case PHYSICAL_PRESENCE_NO_ACTION:\r
0c18794e	149	RequestConfirmed = TRUE;\r
	150	break;\r
	151	\r
607599bf	152	case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e	153	//\r
0c18794e	154	// This command requires UI to prompt user for Auth data\r
0c18794e	155	//\r
82a1e09c	156	mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED; \r
0c18794e	157	return EFI_SUCCESS;\r
	158	}\r
	159	\r
	160	if (RequestConfirmed) {\r
82a1e09c	161	mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;\r
0c18794e	162	} else {\r
82a1e09c	163	mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;\r
0c18794e	164	} \r
	165	} \r
	166	\r
	167	return EFI_SUCCESS;\r
	168	}\r
	169	\r
	170	\r
	171	/**\r
	172	Software SMI callback for MemoryClear which is called from ACPI method.\r
	173	\r
dc204d5a JY	174	Caution: This function may receive untrusted input.\r
	175	Variable and ACPINvs are external input, so this function will validate\r
	176	its data structure to be valid value.\r
	177	\r
0c18794e	178	@param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().\r
	179	@param[in] Context Points to an optional handler context which was specified when the\r
	180	handler was registered.\r
	181	@param[in, out] CommBuffer A pointer to a collection of data in memory that will\r
	182	be conveyed from a non-SMM environment into an SMM environment.\r
	183	@param[in, out] CommBufferSize The size of the CommBuffer.\r
	184	\r
	185	@retval EFI_SUCCESS The interrupt was handled successfully.\r
	186	\r
	187	**/\r
	188	EFI_STATUS\r
	189	EFIAPI\r
	190	MemoryClearCallback (\r
	191	IN EFI_HANDLE DispatchHandle,\r
	192	IN CONST VOID *Context,\r
	193	IN OUT VOID *CommBuffer,\r
	194	IN OUT UINTN *CommBufferSize\r
	195	)\r
	196	{\r
	197	EFI_STATUS Status;\r
	198	UINTN DataSize;\r
	199	UINT8 MorControl;\r
	200	\r
82a1e09c	201	mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_SUCCESS;\r
82a1e09c	202	if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE) {\r
0c18794e	203	MorControl = (UINT8) mTcgNvs->MemoryClear.Request;\r
82a1e09c	204	} else if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_PTS_CLEAR_MOR_BIT) {\r
0c18794e	205	DataSize = sizeof (UINT8);\r
	206	Status = mSmmVariable->SmmGetVariable (\r
	207	MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
	208	&gEfiMemoryOverwriteControlDataGuid,\r
	209	NULL,\r
	210	&DataSize,\r
	211	&MorControl\r
	212	);\r
	213	if (EFI_ERROR (Status)) {\r
0c18794e	214	return EFI_SUCCESS;\r
	215	}\r
	216	\r
	217	if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {\r
	218	return EFI_SUCCESS;\r
	219	}\r
	220	MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;\r
	221	}\r
	222	\r
	223	DataSize = sizeof (UINT8);\r
	224	Status = mSmmVariable->SmmSetVariable (\r
	225	MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
	226	&gEfiMemoryOverwriteControlDataGuid,\r
	227	EFI_VARIABLE_NON_VOLATILE \| EFI_VARIABLE_BOOTSERVICE_ACCESS \| EFI_VARIABLE_RUNTIME_ACCESS,\r
	228	DataSize,\r
	229	&MorControl\r
	230	);\r
82a1e09c	231	if (EFI_ERROR (Status)) { \r
	232	mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
	233	}\r
0c18794e	234	\r
	235	return EFI_SUCCESS;\r
	236	}\r
	237	\r
	238	/**\r
	239	Find the operation region in TCG ACPI table by given Name and Size,\r
	240	and initialize it if the region is found.\r
	241	\r
	242	@param[in, out] Table The TPM item in ACPI table.\r
	243	@param[in] Name The name string to find in TPM table.\r
	244	@param[in] Size The size of the region to find.\r
	245	\r
	246	@return The allocated address for the found region.\r
	247	\r
	248	**/\r
	249	VOID *\r
	250	AssignOpRegion (\r
	251	EFI_ACPI_DESCRIPTION_HEADER *Table,\r
	252	UINT32 Name,\r
	253	UINT16 Size\r
	254	)\r
	255	{\r
	256	EFI_STATUS Status;\r
	257	AML_OP_REGION_32_8 *OpRegion;\r
	258	EFI_PHYSICAL_ADDRESS MemoryAddress;\r
	259	\r
	260	MemoryAddress = SIZE_4GB - 1;\r
	261	\r
	262	//\r
	263	// Patch some pointers for the ASL code before loading the SSDT.\r
	264	//\r
	265	for (OpRegion = (AML_OP_REGION_32_8 *) (Table + 1);\r
	266	OpRegion <= (AML_OP_REGION_32_8 ) ((UINT8 ) Table + Table->Length);\r
	267	OpRegion = (AML_OP_REGION_32_8 ) ((UINT8 ) OpRegion + 1)) {\r
209e6e31	268	if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) && \r
0c18794e	269	(OpRegion->NameString == Name) &&\r
0c18794e	270	(OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&\r
	271	(OpRegion->BytePrefix == AML_BYTE_PREFIX)) {\r
	272	\r
	273	Status = gBS->AllocatePages(AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress);\r
	274	ASSERT_EFI_ERROR (Status);\r
	275	ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);\r
	276	OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;\r
82a1e09c	277	OpRegion->RegionLen = (UINT8) Size;\r
0c18794e	278	break;\r
	279	}\r
	280	}\r
	281	\r
	282	return (VOID *) (UINTN) MemoryAddress;\r
	283	}\r
	284	\r
	285	/**\r
	286	Initialize and publish TPM items in ACPI table.\r
	287	\r
	288	@retval EFI_SUCCESS The TCG ACPI table is published successfully.\r
	289	@retval Others The TCG ACPI table is not published.\r
	290	\r
	291	**/\r
	292	EFI_STATUS\r
	293	PublishAcpiTable (\r
	294	VOID\r
	295	)\r
	296	{\r
	297	EFI_STATUS Status;\r
	298	EFI_ACPI_TABLE_PROTOCOL *AcpiTable;\r
	299	UINTN TableKey;\r
	300	EFI_ACPI_DESCRIPTION_HEADER *Table;\r
	301	UINTN TableSize;\r
	302	\r
	303	Status = GetSectionFromFv (\r
	304	&gEfiCallerIdGuid,\r
	305	EFI_SECTION_RAW,\r
	306	0,\r
	307	(VOID **) &Table,\r
	308	&TableSize\r
	309	);\r
	310	ASSERT_EFI_ERROR (Status);\r
	311	\r
a332cfd3	312	\r
	313	//\r
	314	// Measure to PCR[0] with event EV_POST_CODE ACPI DATA\r
	315	//\r
	316	TpmMeasureAndLogData(\r
	317	0,\r
	318	EV_POST_CODE,\r
	319	EV_POSTCODE_INFO_ACPI_DATA,\r
	320	ACPI_DATA_LEN,\r
	321	Table,\r
	322	TableSize\r
	323	);\r
	324	\r
	325	\r
0c18794e	326	ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'c', 'g', 'T', 'a', 'b', 'l', 'e'));\r
0f7f6d23	327	mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));\r
0c18794e	328	ASSERT (mTcgNvs != NULL);\r
	329	\r
	330	//\r
	331	// Publish the TPM ACPI table\r
	332	//\r
	333	Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);\r
	334	ASSERT_EFI_ERROR (Status);\r
	335	\r
	336	TableKey = 0;\r
	337	Status = AcpiTable->InstallAcpiTable (\r
	338	AcpiTable,\r
	339	Table,\r
	340	TableSize,\r
	341	&TableKey\r
	342	);\r
	343	ASSERT_EFI_ERROR (Status);\r
	344	\r
	345	return Status;\r
	346	}\r
	347	\r
	348	/**\r
	349	The driver's entry point.\r
	350	\r
	351	It install callbacks for TPM physical presence and MemoryClear, and locate \r
	352	SMM variable to be used in the callback function.\r
	353	\r
	354	@param[in] ImageHandle The firmware allocated handle for the EFI image. \r
	355	@param[in] SystemTable A pointer to the EFI System Table.\r
	356	\r
	357	@retval EFI_SUCCESS The entry point is executed successfully.\r
	358	@retval Others Some error occurs when executing this entry point.\r
	359	\r
	360	**/\r
	361	EFI_STATUS\r
	362	EFIAPI\r
	363	InitializeTcgSmm (\r
	364	IN EFI_HANDLE ImageHandle,\r
	365	IN EFI_SYSTEM_TABLE *SystemTable\r
	366	)\r
	367	{\r
	368	EFI_STATUS Status;\r
	369	EFI_SMM_SW_DISPATCH2_PROTOCOL *SwDispatch;\r
	370	EFI_SMM_SW_REGISTER_CONTEXT SwContext;\r
	371	EFI_HANDLE SwHandle;\r
	372	\r
	373	Status = PublishAcpiTable ();\r
	374	ASSERT_EFI_ERROR (Status);\r
	375	\r
	376	//\r
	377	// Get the Sw dispatch protocol and register SMI callback functions.\r
	378	//\r
	379	Status = gSmst->SmmLocateProtocol (&gEfiSmmSwDispatch2ProtocolGuid, NULL, (VOID**)&SwDispatch);\r
	380	ASSERT_EFI_ERROR (Status);\r
	381	SwContext.SwSmiInputValue = (UINTN) -1;\r
	382	Status = SwDispatch->Register (SwDispatch, PhysicalPresenceCallback, &SwContext, &SwHandle);\r
	383	ASSERT_EFI_ERROR (Status);\r
	384	if (EFI_ERROR (Status)) {\r
	385	return Status;\r
	386	}\r
	387	mTcgNvs->PhysicalPresence.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
	388	\r
	389	SwContext.SwSmiInputValue = (UINTN) -1;\r
	390	Status = SwDispatch->Register (SwDispatch, MemoryClearCallback, &SwContext, &SwHandle);\r
	391	ASSERT_EFI_ERROR (Status);\r
392	if (EFI_ERROR (Status)) {\r
393	return Status;\r
394	}\r
395	mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
396	\r
397	//\r
398	// Locate SmmVariableProtocol.\r
399	//\r
400	Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mSmmVariable);\r
401	ASSERT_EFI_ERROR (Status);\r
402	\r
403	return EFI_SUCCESS;\r
404	}\r
405	\r