SecurityPkg DxeTcg2PhysicalPresenceLib: Enable Storage actions.

After enable storage related actions in the
TcgPhysicalPresenceStorageLib, use this library to support
storage related actions in this library.

Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>

diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
index 4cec0f75278bcdeac4f5fdd956d69abed63ae28e..38fe89c5c9cf37d75fcf377a2151b8c8801a3d0a 100644 (file)
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
@@ -37,6 +37,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/Tpm2CommandLib.h>\r
 #include <Library/Tcg2PhysicalPresenceLib.h>\r
 #include <Library/Tcg2PpVendorLib.h>\r
+#include <Library/TcgPhysicalPresenceStorageLib.h>\r
 \r
 #define CONFIRM_BUFFER_SIZE         4096\r
 \r
@@ -790,6 +791,11 @@ Tcg2PhysicalPresenceLibProcessRequest (
   EDKII_VARIABLE_LOCK_PROTOCOL      *VariableLockProtocol;\r
   EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  PpiFlags;\r
 \r
+  //\r
+  // Process the storage related action first.\r
+  //\r
+  TcgPhysicalPresenceStorageLibProcessRequest();\r
+\r
   Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);\r
   if (EFI_ERROR (Status)) {\r
     return ;\r
@@ -910,6 +916,15 @@ Tcg2PhysicalPresenceLibNeedUserConfirm(
   EFI_TCG2_PROTOCOL                 *Tcg2Protocol;\r
   EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  PpiFlags;\r
 \r
+  //\r
+  // Process the storage related action first.\r
+  // If confirm need user confirm, just return TRUE.\r
+  // else continue check other actions.\r
+  //\r
+  if (TcgPhysicalPresenceStorageLibNeedUserConfirm()) {\r
+    return TRUE;\r
+  }\r
+\r
   Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);\r
   if (EFI_ERROR (Status)) {\r
     return FALSE;\r
@@ -1045,9 +1060,9 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
   UINTN                             DataSize;\r
   EFI_TCG2_PHYSICAL_PRESENCE        PpData;\r
   EFI_TCG2_PHYSICAL_PRESENCE_FLAGS  Flags;\r
-  \r
+\r
   DEBUG ((EFI_D_INFO, "[TPM2] SubmitRequestToPreOSFunction, Request = %x, %x\n", OperationRequest, RequestParameter));\r
-  \r
+\r
   //\r
   // Get the Physical Presence variable\r
   //\r
@@ -1064,8 +1079,10 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
     return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;\r
   }\r
 \r
-  if ((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&\r
-      (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {\r
+  if (((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&\r
+       (OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN)) ||\r
+      ((OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE) &&\r
+       (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION))) {\r
     //\r
     // This command requires UI to prompt user for Auth data.\r
     //\r

diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
index f4aa0da0f072f931ed9150814c96216b8ed8cb59..b1798df81529f55acd3472c4f69dac50009cb55f 100644 (file)
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
@@ -55,6 +55,7 @@
   HobLib\r
   Tpm2CommandLib\r
   Tcg2PpVendorLib\r
+  TcgPhysicalPresenceStorageLib\r
 \r
 [Protocols]\r
   gEfiTcg2ProtocolGuid                 ## SOMETIMES_CONSUMES\r