[mirror_edk2.git] / SecurityPkg / Tcg / Tcg2Smm / Tcg2Smm.c

/** @file\r
  It updates TPM2 items in ACPI table and registers SMI2 callback\r
  functions for Tcg2 physical presence, ClearMemory, and sample\r
  for dTPM StartMethod.\r
\r
  Caution: This module requires additional review when modified.\r
  This driver will have external input - variable and ACPINvs data in SMM mode.\r
  This external input must be validated carefully to avoid security issue.\r
\r
  PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.\r
\r
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials \r
are licensed and made available under the terms and conditions of the BSD License \r
which accompanies this distribution.  The full text of the license may be found at \r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include "Tcg2Smm.h"\r
\r
typedef enum {\r
  PtpInterfaceTis,\r
  PtpInterfaceFifo,\r
  PtpInterfaceCrb,\r
  PtpInterfaceMax,\r
} PTP_INTERFACE_TYPE;\r
\r
/**\r
  Return PTP interface type.\r
\r
  @param[in] Register                Pointer to PTP register.\r
\r
  @return PTP interface type.\r
**/\r
PTP_INTERFACE_TYPE\r
GetPtpInterface (\r
  IN VOID *Register\r
  )\r
{\r
  PTP_CRB_INTERFACE_IDENTIFIER  InterfaceId;\r
  PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;\r
\r
  //\r
  // Check interface id\r
  //\r
  InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);\r
  InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);\r
\r
  if (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) {\r
    return PtpInterfaceTis;\r
  }\r
\r
  if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) &&\r
      (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) &&\r
      (InterfaceId.Bits.CapCRB != 0)) {\r
    return PtpInterfaceCrb;\r
  }\r
\r
  if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) &&\r
      (InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) &&\r
      (InterfaceId.Bits.CapFIFO != 0) &&\r
      (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) {\r
    return PtpInterfaceFifo;\r
  }\r
\r
  //\r
  // No Ptp interface available\r
  //\r
  return PtpInterfaceMax;\r
}\r
\r
EFI_TPM2_ACPI_TABLE  mTpm2AcpiTemplate = {\r
  {\r
    EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,\r
    sizeof (mTpm2AcpiTemplate),\r
    EFI_TPM2_ACPI_TABLE_REVISION,\r
    //\r
    // Compiler initializes the remaining bytes to 0\r
    // These fields should be filled in in production\r
    //\r
  },\r
  0, // BIT0~15:  PlatformClass\r
     // BIT16~31: Reserved\r
  0, // Control Area\r
  EFI_TPM2_ACPI_TABLE_START_METHOD_TIS, // StartMethod\r
};\r
\r
EFI_SMM_VARIABLE_PROTOCOL  *mSmmVariable;\r
TCG_NVS                    *mTcgNvs;\r
\r
/**\r
  Software SMI callback for TPM physical presence which is called from ACPI method.\r
\r
  Caution: This function may receive untrusted input.\r
  Variable and ACPINvs are external input, so this function will validate\r
  its data structure to be valid value.\r
\r
  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().\r
  @param[in]      Context         Points to an optional handler context which was specified when the\r
                                  handler was registered.\r
  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will\r
                                  be conveyed from a non-SMM environment into an SMM environment.\r
  @param[in, out] CommBufferSize  The size of the CommBuffer.\r
\r
  @retval EFI_SUCCESS             The interrupt was handled successfully.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
PhysicalPresenceCallback (\r
  IN EFI_HANDLE                  DispatchHandle,\r
  IN CONST VOID                  *Context,\r
  IN OUT VOID                    *CommBuffer,\r
  IN OUT UINTN                   *CommBufferSize\r
  )\r
{\r
  UINT32                MostRecentRequest;\r
  UINT32                Response;\r
  UINT32                OperationRequest;\r
  UINT32                RequestParameter;\r
\r
\r
  if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {\r
    mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (\r
                                             &MostRecentRequest,\r
                                             &Response\r
                                             );\r
    mTcgNvs->PhysicalPresence.LastRequest = MostRecentRequest;\r
    mTcgNvs->PhysicalPresence.Response = Response;\r
    return EFI_SUCCESS;\r
  } else if ((mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) \r
          || (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {\r
\r
    OperationRequest = mTcgNvs->PhysicalPresence.Request;\r
    RequestParameter = mTcgNvs->PhysicalPresence.RequestParameter;\r
    mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (\r
                                             &OperationRequest,\r
                                             &RequestParameter\r
                                             );\r
    mTcgNvs->PhysicalPresence.Request = OperationRequest;\r
    mTcgNvs->PhysicalPresence.RequestParameter = RequestParameter;\r
  } else if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {\r
    mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (mTcgNvs->PPRequestUserConfirm);\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
\r
/**\r
  Software SMI callback for MemoryClear which is called from ACPI method.\r
\r
  Caution: This function may receive untrusted input.\r
  Variable and ACPINvs are external input, so this function will validate\r
  its data structure to be valid value.\r
\r
  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().\r
  @param[in]      Context         Points to an optional handler context which was specified when the\r
                                  handler was registered.\r
  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will\r
                                  be conveyed from a non-SMM environment into an SMM environment.\r
  @param[in, out] CommBufferSize  The size of the CommBuffer.\r
\r
  @retval EFI_SUCCESS             The interrupt was handled successfully.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
MemoryClearCallback (\r
  IN EFI_HANDLE                  DispatchHandle,\r
  IN CONST VOID                  *Context,\r
  IN OUT VOID                    *CommBuffer,\r
  IN OUT UINTN                   *CommBufferSize\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  UINTN                          DataSize;\r
  UINT8                          MorControl;\r
\r
  mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_SUCCESS;\r
  if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE) {\r
    MorControl = (UINT8) mTcgNvs->MemoryClear.Request;\r
  } else if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_PTS_CLEAR_MOR_BIT) {\r
    DataSize = sizeof (UINT8);\r
    Status = mSmmVariable->SmmGetVariable (\r
                             MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
                             &gEfiMemoryOverwriteControlDataGuid,\r
                             NULL,\r
                             &DataSize,\r
                             &MorControl\r
                             );\r
    if (EFI_ERROR (Status)) {\r
      mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
      DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));\r
      return EFI_SUCCESS;\r
    }\r
\r
    if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {\r
      return EFI_SUCCESS;\r
    }\r
    MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;\r
  }\r
\r
  DataSize = sizeof (UINT8);\r
  Status = mSmmVariable->SmmSetVariable (\r
                           MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,\r
                           &gEfiMemoryOverwriteControlDataGuid,\r
                           EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                           DataSize,\r
                           &MorControl\r
                           );\r
  if (EFI_ERROR (Status)) { \r
    mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
    DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Find the operation region in TCG ACPI table by given Name and Size,\r
  and initialize it if the region is found.\r
\r
  @param[in, out] Table          The TPM item in ACPI table.\r
  @param[in]      Name           The name string to find in TPM table.\r
  @param[in]      Size           The size of the region to find.\r
\r
  @return                        The allocated address for the found region.\r
\r
**/\r
VOID *\r
AssignOpRegion (\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table,\r
  UINT32                         Name,\r
  UINT16                         Size\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  AML_OP_REGION_32_8             *OpRegion;\r
  EFI_PHYSICAL_ADDRESS           MemoryAddress;\r
\r
  MemoryAddress = SIZE_4GB - 1;\r
\r
  //\r
  // Patch some pointers for the ASL code before loading the SSDT.\r
  //\r
  for (OpRegion  = (AML_OP_REGION_32_8 *) (Table + 1);\r
       OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);\r
       OpRegion  = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {\r
    if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) && \r
        (OpRegion->NameString  == Name) &&\r
        (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&\r
        (OpRegion->BytePrefix  == AML_BYTE_PREFIX)) {\r
\r
      Status = gBS->AllocatePages(AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress);\r
      ASSERT_EFI_ERROR (Status);\r
      ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);\r
      OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;\r
      OpRegion->RegionLen    = (UINT8) Size;\r
      break;\r
    }\r
  }\r
\r
  return (VOID *) (UINTN) MemoryAddress;\r
}\r
\r
/**\r
  Patch version string of Physical Presence interface supported by platform. The initial string tag in TPM \r
ACPI table is "$PV".\r
\r
  @param[in, out] Table          The TPM item in ACPI table.\r
  @param[in]      PPVer          Version string of Physical Presence interface supported by platform.\r
\r
  @return                        The allocated address for the found region.\r
\r
**/\r
EFI_STATUS\r
UpdatePPVersion (\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table,\r
  CHAR8                          *PPVer\r
  )\r
{\r
  EFI_STATUS  Status;\r
  UINT8       *DataPtr;\r
\r
  //\r
  // Patch some pointers for the ASL code before loading the SSDT.\r
  //\r
  for (DataPtr  = (UINT8 *)(Table + 1);\r
       DataPtr <= (UINT8 *) ((UINT8 *) Table + Table->Length - PHYSICAL_PRESENCE_VERSION_SIZE);\r
       DataPtr += 1) {\r
    if (AsciiStrCmp((CHAR8 *)DataPtr,  PHYSICAL_PRESENCE_VERSION_TAG) == 0) {\r
      Status = AsciiStrCpyS((CHAR8 *)DataPtr, PHYSICAL_PRESENCE_VERSION_SIZE, PPVer);\r
      DEBUG((EFI_D_INFO, "TPM2 Physical Presence Interface Version update status 0x%x\n", Status));\r
      return Status;\r
    }\r
  }\r
\r
  return EFI_NOT_FOUND;\r
}\r
\r
/**\r
  Patch interrupt resources returned by TPM _PRS. ResourceTemplate to patch is determined by input\r
  interrupt buffer size. BufferSize, PkgLength and interrupt descirptor in ByteList need to be patched\r
\r
  @param[in, out] Table            The TPM item in ACPI table.\r
  @param[in]      IrqBuffer        Input new IRQ buffer.\r
  @param[in]      IrqBuffserSize   Input new IRQ buffer size.\r
  @param[out]     IsShortFormPkgLength   If _PRS returns Short length Package(ACPI spec 20.2.4).\r
\r
  @return                          patch status.\r
\r
**/\r
EFI_STATUS\r
UpdatePossibleResource (\r
  IN OUT  EFI_ACPI_DESCRIPTION_HEADER    *Table,\r
  IN      UINT32                         *IrqBuffer,\r
  IN      UINT32                         IrqBuffserSize,\r
  OUT     BOOLEAN                        *IsShortFormPkgLength\r
  )\r
{\r
  UINT8       *DataPtr;\r
  UINT8       *DataEndPtr;\r
  UINT32      NewPkgLength;\r
  UINT32      OrignalPkgLength;\r
\r
  NewPkgLength     = 0;\r
  OrignalPkgLength = 0;\r
  DataEndPtr       = NULL;\r
\r
  //\r
  // Follow ACPI spec\r
  //           6.4.3   Extend Interrupt Descriptor.\r
  //           19.3.3 ASL Resource Template\r
  //           20      AML specification\r
  // to patch TPM ACPI object _PRS returned ResourceTemplate() containing 2 resource descriptors and an auto appended End Tag\r
  //\r
  //  AML data is organized by following rule.\r
  //  Code need to patch BufferSize and PkgLength and interrupt descirptor in ByteList\r
  //\r
  // =============  Buffer ====================\r
  //           DefBuffer := BufferOp PkgLength BufferSize ByteList\r
  //            BufferOp := 0x11\r
  //\r
  // ==============PkgLength==================\r
  //          PkgLength := PkgLeadByte |\r
  //                              <PkgLeadByte ByteData> |\r
  //                              <PkgLeadByte ByteData ByteData> |\r
  //                              <PkgLeadByte ByteData ByteData ByteData>\r
  //\r
  //       PkgLeadByte := <bit 7-6: ByteData count that follows (0-3)>\r
  //                               <bit 5-4: Only used if PkgLength <= 63 >\r
  //                               <bit 3-0: Least significant package length nybble>\r
  //\r
  //==============BufferSize==================\r
  //        BufferSize := Integar\r
  //           Integar := ByteConst|WordConst|DwordConst....\r
  //\r
  //           ByteConst := BytePrefix ByteData\r
  //\r
  //==============ByteList===================\r
  //          ByteList := ByteData ByteList\r
  //\r
  //=========================================\r
\r
  //\r
  // 1. Check TPM_PRS_RESS with PkgLength <=63 can hold the input interrupt number buffer for patching\r
  //\r
  for (DataPtr  = (UINT8 *)(Table + 1);\r
       DataPtr < (UINT8 *) ((UINT8 *) Table + Table->Length - (TPM_PRS_RES_NAME_SIZE + TPM_POS_RES_TEMPLATE_MIN_SIZE));\r
       DataPtr += 1) {\r
    if (CompareMem(DataPtr, TPM_PRS_RESS, TPM_PRS_RES_NAME_SIZE) == 0) {\r
      //\r
      // Jump over object name & BufferOp\r
      //\r
      DataPtr += TPM_PRS_RES_NAME_SIZE + 1;\r
\r
      if ((*DataPtr & (BIT7|BIT6)) == 0) {\r
        OrignalPkgLength = (UINT32)*DataPtr;\r
        DataEndPtr       = DataPtr + OrignalPkgLength;\r
\r
        //\r
        // Jump over PkgLength = PkgLeadByte only\r
        //\r
        NewPkgLength++;\r
\r
        //\r
        // Jump over BufferSize\r
        //\r
        if (*(DataPtr + 1) == AML_BYTE_PREFIX) {\r
          NewPkgLength += 2;\r
        } else if (*(DataPtr + 1) == AML_WORD_PREFIX) {\r
          NewPkgLength += 3;\r
        } else if (*(DataPtr + 1) == AML_DWORD_PREFIX) {\r
          NewPkgLength += 5;\r
        } else {\r
          ASSERT(FALSE);\r
          return EFI_UNSUPPORTED;\r
        }\r
      } else {\r
        ASSERT(FALSE);\r
        return EFI_UNSUPPORTED;\r
      }\r
\r
      //\r
      // Include Memory32Fixed Descritor (12 Bytes) + Interrupt Descriptor header(5 Bytes) + End Tag(2 Bytes)\r
      //\r
      NewPkgLength += 19 + IrqBuffserSize;\r
      if (NewPkgLength > 63) {\r
        break;\r
      }\r
\r
      if (NewPkgLength > OrignalPkgLength) {\r
        ASSERT(FALSE);\r
        return EFI_INVALID_PARAMETER;\r
      }\r
\r
      //\r
      // 1.1 Patch PkgLength\r
      //\r
      *DataPtr = (UINT8)NewPkgLength;\r
\r
      //\r
      // 1.2 Patch BufferSize = sizeof(Memory32Fixed Descritor + Interrupt Descriptor + End Tag).\r
      //      It is Little endian. So only patch lowest byte of BufferSize due to current interrupt number limit.\r
      //\r
      *(DataPtr + 2) = (UINT8)(IrqBuffserSize + 19);\r
\r
      //\r
      // Notify _PRS to report short formed ResourceTemplate\r
      //\r
      *IsShortFormPkgLength = TRUE;\r
\r
      break;\r
    }\r
  }\r
\r
  //\r
  // 2. Use TPM_PRS_RESL with PkgLength > 63 to hold longer input interrupt number buffer for patching\r
  //\r
  if (NewPkgLength > 63) {\r
    NewPkgLength     = 0;\r
    OrignalPkgLength = 0;\r
    for (DataPtr  = (UINT8 *)(Table + 1);\r
         DataPtr < (UINT8 *) ((UINT8 *) Table + Table->Length - (TPM_PRS_RES_NAME_SIZE + TPM_POS_RES_TEMPLATE_MIN_SIZE));\r
         DataPtr += 1) {\r
      if (CompareMem(DataPtr, TPM_PRS_RESL, TPM_PRS_RES_NAME_SIZE) == 0) {\r
        //\r
        // Jump over object name & BufferOp\r
        //\r
        DataPtr += TPM_PRS_RES_NAME_SIZE + 1;\r
\r
        if ((*DataPtr & (BIT7|BIT6)) != 0) {\r
          OrignalPkgLength = (UINT32)(*(DataPtr + 1) << 4) + (*DataPtr & 0x0F);\r
          DataEndPtr       = DataPtr + OrignalPkgLength;\r
          //\r
          // Jump over PkgLength = PkgLeadByte + ByteData length\r
          //\r
          NewPkgLength += 1 + ((*DataPtr & (BIT7|BIT6)) >> 6);\r
\r
          //\r
          // Jump over BufferSize\r
          //\r
          if (*(DataPtr + NewPkgLength) == AML_BYTE_PREFIX) {\r
            NewPkgLength += 2;\r
          } else if (*(DataPtr + NewPkgLength) == AML_WORD_PREFIX) {\r
            NewPkgLength += 3;\r
          } else if (*(DataPtr + NewPkgLength) == AML_DWORD_PREFIX) {\r
            NewPkgLength += 5;\r
          } else {\r
            ASSERT(FALSE);\r
            return EFI_UNSUPPORTED;\r
          }\r
        } else {\r
          ASSERT(FALSE);\r
          return EFI_UNSUPPORTED;\r
        }\r
\r
        //\r
        // Include Memory32Fixed Descritor (12 Bytes) + Interrupt Descriptor header(5 Bytes) + End Tag(2  Bytes)\r
        //\r
        NewPkgLength += 19 + IrqBuffserSize;\r
\r
        if (NewPkgLength > OrignalPkgLength) {\r
          ASSERT(FALSE);\r
          return EFI_INVALID_PARAMETER;\r
        }\r
\r
        //\r
        // 2.1 Patch PkgLength. Only patch PkgLeadByte and first ByteData\r
        //\r
        *DataPtr = (UINT8)((*DataPtr) & 0xF0) | (NewPkgLength & 0x0F);\r
        *(DataPtr + 1) = (UINT8)((NewPkgLength & 0xFF0) >> 4);\r
\r
        //\r
        // 2.2 Patch BufferSize = sizeof(Memory32Fixed Descritor + Interrupt Descriptor + End Tag).\r
        //     It is Little endian. Only patch lowest byte of BufferSize due to current interrupt number limit.\r
        //\r
        *(DataPtr + 2 + ((*DataPtr & (BIT7|BIT6)) >> 6)) = (UINT8)(IrqBuffserSize + 19);\r
\r
        //\r
        // Notify _PRS to report long formed ResourceTemplate\r
        //\r
        *IsShortFormPkgLength = FALSE;\r
        break;\r
      }\r
    }\r
  }\r
\r
  if (DataPtr >= (UINT8 *) ((UINT8 *) Table + Table->Length - (TPM_PRS_RES_NAME_SIZE + TPM_POS_RES_TEMPLATE_MIN_SIZE))) {\r
    return EFI_NOT_FOUND;\r
  }\r
\r
  //\r
  // 3. Move DataPtr to Interrupt descriptor header and patch interrupt descriptor.\r
  //     5 bytes for interrupt descriptor header, 2 bytes for End Tag\r
  //\r
  DataPtr += NewPkgLength - (5 + IrqBuffserSize + 2);\r
  //\r
  //   3.1 Patch Length bit[7:0] of Interrupt descirptor patch interrupt descriptor\r
  //\r
  *(DataPtr + 1) = (UINT8)(2 + IrqBuffserSize);\r
  //\r
  //   3.2 Patch Interrupt Table Length\r
  //\r
  *(DataPtr + 4) = (UINT8)(IrqBuffserSize / sizeof(UINT32));\r
  //\r
  //   3.3 Copy patched InterruptNumBuffer\r
  //\r
  CopyMem(DataPtr + 5, IrqBuffer, IrqBuffserSize);\r
\r
  //\r
  // 4. Jump over Interrupt descirptor and Patch END Tag, set Checksum field to 0\r
  //\r
  DataPtr       += 5 + IrqBuffserSize;\r
  *DataPtr       = ACPI_END_TAG_DESCRIPTOR;\r
  *(DataPtr + 1) = 0;\r
\r
  //\r
  // 5. Jump over new ResourceTemplate. Stuff rest bytes to NOOP\r
  //\r
  DataPtr += 2;\r
  if (DataPtr < DataEndPtr) {\r
    SetMem(DataPtr, (UINTN)DataEndPtr - (UINTN)DataPtr, AML_NOOP_OP);\r
  }\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Patch TPM2 device HID string.  The initial string tag in TPM2 ACPI table is "NNN0000".\r
\r
  @param[in, out] Table          The TPM2 SSDT ACPI table.\r
\r
  @return                               HID Update status.\r
\r
**/\r
EFI_STATUS\r
UpdateHID (\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table\r
  )\r
{\r
  EFI_STATUS  Status;\r
  UINT8       *DataPtr;\r
  CHAR8       Hid[TPM_HID_ACPI_SIZE];\r
  UINT32      ManufacturerID;\r
  UINT32      FirmwareVersion1;\r
  UINT32      FirmwareVersion2;\r
  BOOLEAN     PnpHID;\r
\r
  PnpHID = TRUE;\r
\r
  //\r
  // Initialize HID with Default PNP string\r
  //\r
  ZeroMem(Hid, TPM_HID_ACPI_SIZE);\r
\r
  //\r
  // Get Manufacturer ID\r
  //\r
  Status = Tpm2GetCapabilityManufactureID(&ManufacturerID);\r
  if (!EFI_ERROR(Status)) {\r
    DEBUG((EFI_D_INFO, "TPM_PT_MANUFACTURER 0x%08x\n", ManufacturerID));\r
    //\r
    // ManufacturerID defined in TCG Vendor ID Registry \r
    // may tailed with 0x00 or 0x20\r
    //\r
    if ((ManufacturerID >> 24) == 0x00 || ((ManufacturerID >> 24) == 0x20)) {\r
      //\r
      //  HID containing PNP ID "NNN####"\r
      //   NNN is uppercase letter for Vendor ID specified by manufacturer\r
      //\r
      CopyMem(Hid, &ManufacturerID, 3);\r
    } else {\r
      //\r
      //  HID containing ACP ID "NNNN####"\r
      //   NNNN is uppercase letter for Vendor ID specified by manufacturer\r
      //\r
      CopyMem(Hid, &ManufacturerID, 4);\r
      PnpHID = FALSE;\r
    }\r
  } else {\r
    DEBUG ((EFI_D_ERROR, "Get TPM_PT_MANUFACTURER failed %x!\n", Status));\r
    ASSERT(FALSE);\r
    return Status;\r
  }\r
\r
  Status = Tpm2GetCapabilityFirmwareVersion(&FirmwareVersion1, &FirmwareVersion2);\r
  if (!EFI_ERROR(Status)) {\r
    DEBUG((EFI_D_INFO, "TPM_PT_FIRMWARE_VERSION_1 0x%x\n", FirmwareVersion1));\r
    DEBUG((EFI_D_INFO, "TPM_PT_FIRMWARE_VERSION_2 0x%x\n", FirmwareVersion2));\r
    //\r
    //   #### is Firmware Version 1\r
    //\r
    if (PnpHID) {\r
      AsciiSPrint(Hid + 3, TPM_HID_PNP_SIZE - 3, "%02d%02d", ((FirmwareVersion1 & 0xFFFF0000) >> 16), (FirmwareVersion1 & 0x0000FFFF));\r
    } else {\r
      AsciiSPrint(Hid + 4, TPM_HID_ACPI_SIZE - 4, "%02d%02d", ((FirmwareVersion1 & 0xFFFF0000) >> 16), (FirmwareVersion1 & 0x0000FFFF));\r
    }\r
    \r
  } else {\r
    DEBUG ((EFI_D_ERROR, "Get TPM_PT_FIRMWARE_VERSION_X failed %x!\n", Status));\r
    ASSERT(FALSE);\r
    return Status;\r
  }\r
\r
  //\r
  // Patch HID in ASL code before loading the SSDT.\r
  //\r
  for (DataPtr  = (UINT8 *)(Table + 1);\r
       DataPtr <= (UINT8 *) ((UINT8 *) Table + Table->Length - TPM_HID_PNP_SIZE);\r
       DataPtr += 1) {\r
    if (AsciiStrCmp((CHAR8 *)DataPtr,  TPM_HID_TAG) == 0) {\r
      if (PnpHID) {\r
        CopyMem(DataPtr, Hid, TPM_HID_PNP_SIZE);\r
        //\r
        // if HID is PNP ID, patch the last byte in HID TAG to Noop\r
        //\r
        *(DataPtr + TPM_HID_PNP_SIZE) = AML_NOOP_OP;\r
      } else {\r
\r
        CopyMem(DataPtr, Hid, TPM_HID_ACPI_SIZE);\r
      }\r
      DEBUG((DEBUG_INFO, "TPM2 ACPI _HID is patched to %a\n", DataPtr));\r
\r
      return Status;\r
    }\r
  }\r
\r
  DEBUG((EFI_D_ERROR, "TPM2 ACPI HID TAG for patch not found!\n"));\r
  return EFI_NOT_FOUND;\r
}\r
\r
/**\r
  Initialize and publish TPM items in ACPI table.\r
\r
  @retval   EFI_SUCCESS     The TCG ACPI table is published successfully.\r
  @retval   Others          The TCG ACPI table is not published.\r
\r
**/\r
EFI_STATUS\r
PublishAcpiTable (\r
  VOID\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  EFI_ACPI_TABLE_PROTOCOL        *AcpiTable;\r
  UINTN                          TableKey;\r
  EFI_ACPI_DESCRIPTION_HEADER    *Table;\r
  UINTN                          TableSize;\r
  UINT32                         *PossibleIrqNumBuf;\r
  UINT32                         PossibleIrqNumBufSize;\r
  BOOLEAN                        IsShortFormPkgLength;\r
\r
  IsShortFormPkgLength = FALSE;\r
\r
  Status = GetSectionFromFv (\r
             &gEfiCallerIdGuid,\r
             EFI_SECTION_RAW,\r
             0,\r
             (VOID **) &Table,\r
             &TableSize\r
             );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  //\r
  // Update Table version before measuring it to PCR\r
  //\r
  Status = UpdatePPVersion(Table, (CHAR8 *)PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer));\r
  ASSERT_EFI_ERROR (Status);\r
\r
  DEBUG ((\r
    DEBUG_INFO,\r
    "Current physical presence interface version - %a\n",\r
    (CHAR8 *) PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer)\r
    ));\r
\r
  //\r
  // Update TPM2 HID before measuring it to PCR\r
  //\r
  Status = UpdateHID(Table);\r
  if (EFI_ERROR(Status)) {\r
    return Status;\r
  }\r
\r
  if (PcdGet32(PcdTpm2CurrentIrqNum) != 0) {\r
    //\r
    // Patch _PRS interrupt resource only when TPM interrupt is supported\r
    //\r
    PossibleIrqNumBuf     = (UINT32 *)PcdGetPtr(PcdTpm2PossibleIrqNumBuf);\r
    PossibleIrqNumBufSize = (UINT32)PcdGetSize(PcdTpm2PossibleIrqNumBuf);\r
\r
    if (PossibleIrqNumBufSize <= MAX_PRS_INT_BUF_SIZE && (PossibleIrqNumBufSize % sizeof(UINT32)) == 0) {\r
      Status = UpdatePossibleResource(Table, PossibleIrqNumBuf, PossibleIrqNumBufSize, &IsShortFormPkgLength);\r
      DEBUG ((\r
        DEBUG_INFO,\r
        "UpdatePossibleResource status - %x. TPM2 service may not ready in OS.\n",\r
        Status\r
        ));\r
    } else {\r
      DEBUG ((\r
        DEBUG_INFO,\r
        "PcdTpm2PossibleIrqNumBuf size %x is not correct. TPM2 service may not ready in OS.\n",\r
        PossibleIrqNumBufSize\r
      ));\r
    }\r
  }\r
\r
  //\r
  // Measure to PCR[0] with event EV_POST_CODE ACPI DATA\r
  //\r
  TpmMeasureAndLogData(\r
    0,\r
    EV_POST_CODE,\r
    EV_POSTCODE_INFO_ACPI_DATA,\r
    ACPI_DATA_LEN,\r
    Table,\r
    TableSize\r
    );\r
\r
\r
  ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'p', 'm', '2', 'T', 'a', 'b', 'l'));\r
  CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table->OemId) );\r
  mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));\r
  ASSERT (mTcgNvs != NULL);\r
  mTcgNvs->TpmIrqNum            = PcdGet32(PcdTpm2CurrentIrqNum);\r
  mTcgNvs->IsShortFormPkgLength = IsShortFormPkgLength;\r
\r
  //\r
  // Publish the TPM ACPI table. Table is re-checksumed.\r
  //\r
  Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  TableKey = 0;\r
  Status = AcpiTable->InstallAcpiTable (\r
                        AcpiTable,\r
                        Table,\r
                        TableSize,\r
                        &TableKey\r
                        );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return Status;\r
}\r
\r
/**\r
  Publish TPM2 ACPI table\r
\r
  @retval   EFI_SUCCESS     The TPM2 ACPI table is published successfully.\r
  @retval   Others          The TPM2 ACPI table is not published.\r
\r
**/\r
EFI_STATUS\r
PublishTpm2 (\r
  VOID\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  EFI_ACPI_TABLE_PROTOCOL        *AcpiTable;\r
  UINTN                          TableKey;\r
  UINT64                         OemTableId;\r
  EFI_TPM2_ACPI_CONTROL_AREA     *ControlArea;\r
  PTP_INTERFACE_TYPE             InterfaceType;\r
\r
  mTpm2AcpiTemplate.Header.Revision = PcdGet8(PcdTpm2AcpiTableRev);\r
  DEBUG((DEBUG_INFO, "Tpm2 ACPI table revision is %d\n", mTpm2AcpiTemplate.Header.Revision));\r
\r
  //\r
  // PlatformClass is only valid for version 4 and above\r
  //    BIT0~15:  PlatformClass \r
  //    BIT16~31: Reserved\r
  //\r
  if (mTpm2AcpiTemplate.Header.Revision >= EFI_TPM2_ACPI_TABLE_REVISION_4) {\r
    mTpm2AcpiTemplate.Flags = (mTpm2AcpiTemplate.Flags & 0xFFFF0000) | PcdGet8(PcdTpmPlatformClass);\r
    DEBUG((DEBUG_INFO, "Tpm2 ACPI table PlatformClass is %d\n", (mTpm2AcpiTemplate.Flags & 0x0000FFFF)));\r
  }\r
\r
  //\r
  // Measure to PCR[0] with event EV_POST_CODE ACPI DATA\r
  //\r
  TpmMeasureAndLogData(\r
    0,\r
    EV_POST_CODE,\r
    EV_POSTCODE_INFO_ACPI_DATA,\r
    ACPI_DATA_LEN,\r
    &mTpm2AcpiTemplate,\r
    sizeof(mTpm2AcpiTemplate)\r
    );\r
\r
  InterfaceType = GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));\r
  switch (InterfaceType) {\r
  case PtpInterfaceCrb:\r
    mTpm2AcpiTemplate.StartMethod = EFI_TPM2_ACPI_TABLE_START_METHOD_COMMAND_RESPONSE_BUFFER_INTERFACE;\r
    mTpm2AcpiTemplate.AddressOfControlArea = PcdGet64 (PcdTpmBaseAddress) + 0x40;\r
    ControlArea = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN)mTpm2AcpiTemplate.AddressOfControlArea;\r
    ControlArea->CommandSize  = 0xF80;\r
    ControlArea->ResponseSize = 0xF80;\r
    ControlArea->Command      = PcdGet64 (PcdTpmBaseAddress) + 0x80;\r
    ControlArea->Response     = PcdGet64 (PcdTpmBaseAddress) + 0x80;\r
    break;\r
  case PtpInterfaceFifo:\r
  case PtpInterfaceTis:\r
    break;\r
  default:\r
    DEBUG((EFI_D_ERROR, "TPM2 InterfaceType get error! %d\n", InterfaceType));\r
    break;\r
  }\r
\r
  CopyMem (mTpm2AcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTpm2AcpiTemplate.Header.OemId));\r
  OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);\r
  CopyMem (&mTpm2AcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));\r
  mTpm2AcpiTemplate.Header.OemRevision      = PcdGet32 (PcdAcpiDefaultOemRevision);\r
  mTpm2AcpiTemplate.Header.CreatorId        = PcdGet32 (PcdAcpiDefaultCreatorId);\r
  mTpm2AcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);\r
\r
  //\r
  // Construct ACPI table\r
  //\r
  Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  Status = AcpiTable->InstallAcpiTable (\r
                        AcpiTable,\r
                        &mTpm2AcpiTemplate,\r
                        sizeof(mTpm2AcpiTemplate),\r
                        &TableKey\r
                        );\r
  ASSERT_EFI_ERROR (Status);\r
\r
  return Status;\r
}\r
\r
/**\r
  The driver's entry point.\r
\r
  It install callbacks for TPM physical presence and MemoryClear, and locate \r
  SMM variable to be used in the callback function.\r
\r
  @param[in] ImageHandle  The firmware allocated handle for the EFI image.  \r
  @param[in] SystemTable  A pointer to the EFI System Table.\r
  \r
  @retval EFI_SUCCESS     The entry point is executed successfully.\r
  @retval Others          Some error occurs when executing this entry point.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
InitializeTcgSmm (\r
  IN EFI_HANDLE                  ImageHandle,\r
  IN EFI_SYSTEM_TABLE            *SystemTable\r
  )\r
{\r
  EFI_STATUS                     Status;\r
  EFI_SMM_SW_DISPATCH2_PROTOCOL  *SwDispatch;\r
  EFI_SMM_SW_REGISTER_CONTEXT    SwContext;\r
  EFI_HANDLE                     SwHandle;\r
\r
  if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm20DtpmGuid)){\r
    DEBUG ((EFI_D_ERROR, "No TPM2 DTPM instance required!\n"));\r
    return EFI_UNSUPPORTED;\r
  }\r
\r
  Status = PublishAcpiTable ();\r
  ASSERT_EFI_ERROR (Status);\r
\r
  //\r
  // Get the Sw dispatch protocol and register SMI callback functions.\r
  //\r
  Status = gSmst->SmmLocateProtocol (&gEfiSmmSwDispatch2ProtocolGuid, NULL, (VOID**)&SwDispatch);\r
  ASSERT_EFI_ERROR (Status);\r
  SwContext.SwSmiInputValue = (UINTN) -1;\r
  Status = SwDispatch->Register (SwDispatch, PhysicalPresenceCallback, &SwContext, &SwHandle);\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
  mTcgNvs->PhysicalPresence.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
\r
  SwContext.SwSmiInputValue = (UINTN) -1;\r
  Status = SwDispatch->Register (SwDispatch, MemoryClearCallback, &SwContext, &SwHandle);\r
  ASSERT_EFI_ERROR (Status);\r
  if (EFI_ERROR (Status)) {\r
    return Status;\r
  }\r
  mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
  \r
  //\r
  // Locate SmmVariableProtocol.\r
  //\r
  Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mSmmVariable);\r
  ASSERT_EFI_ERROR (Status);\r
\r
  //\r
  // Set TPM2 ACPI table\r
  //\r
  Status = PublishTpm2 ();\r
  ASSERT_EFI_ERROR (Status);\r
\r
\r
  return EFI_SUCCESS;\r
}\r
\r