Sync the branch changes to trunk.
authorTim He <tim.he@intel.com>
Fri, 8 May 2015 03:13:37 +0000 (03:13 +0000)
committertimhe <timhe@Edk2>
Fri, 8 May 2015 03:13:37 +0000 (03:13 +0000)
Support fTPM feature, and update the BiosID to 0.80.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Tim He <tim.he@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17362 6f19259b-4bc3-4df7-8a09-765794883524

26 files changed:
Vlv2DeviceRefCodePkg/Include/Ppi/PttPassThruPpi.h [new file with mode: 0644]
Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h [new file with mode: 0644]
Vlv2DeviceRefCodePkg/Include/Protocol/PttPassThru.h [new file with mode: 0644]
Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec
Vlv2TbltDevicePkg/BiosIdD.env
Vlv2TbltDevicePkg/BiosIdR.env
Vlv2TbltDevicePkg/BiosIdx64D.env
Vlv2TbltDevicePkg/BiosIdx64R.env
Vlv2TbltDevicePkg/Include/Guid/SetupVariable.h
Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c [new file with mode: 0644]
Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf [new file with mode: 0644]
Vlv2TbltDevicePkg/Library/PlatformBdsLib/BdsPlatform.c
Vlv2TbltDevicePkg/Library/PlatformBdsLib/PlatformBdsLib.inf
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c [new file with mode: 0644]
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf [new file with mode: 0644]
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c [new file with mode: 0644]
Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf [new file with mode: 0644]
Vlv2TbltDevicePkg/PlatformPei/Platform.c
Vlv2TbltDevicePkg/PlatformPei/PlatformPei.inf
Vlv2TbltDevicePkg/PlatformPkg.fdf
Vlv2TbltDevicePkg/PlatformPkgConfig.dsc
Vlv2TbltDevicePkg/PlatformPkgGcc.fdf
Vlv2TbltDevicePkg/PlatformPkgGccX64.dsc
Vlv2TbltDevicePkg/PlatformPkgIA32.dsc
Vlv2TbltDevicePkg/PlatformPkgX64.dsc
Vlv2TbltDevicePkg/PlatformSetupDxe/Security.vfi

diff --git a/Vlv2DeviceRefCodePkg/Include/Ppi/PttPassThruPpi.h b/Vlv2DeviceRefCodePkg/Include/Ppi/PttPassThruPpi.h
new file mode 100644 (file)
index 0000000..1b1b1a7
--- /dev/null
@@ -0,0 +1,98 @@
+/*++\r
+\r
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>\r
+                                                                                   \r
+  This program and the accompanying materials are licensed and made available under\r
+  the terms and conditions of the BSD License that accompanies this distribution.  \r
+  The full text of the license may be found at                                     \r
+  http://opensource.org/licenses/bsd-license.php.                                  \r
+                                                                                   \r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+                                                                                   \r
+--*/\r
+\r
+#ifndef _EFI_PTT_PASS_THRU_PPI_H\r
+#define _EFI_PTT_PASS_THRU_PPI_H\r
+\r
+#define PTT_PASS_THRU_PPI_GUID \\r
+  { \\r
+    0xc5068bac, 0xa7dc, 0x42f1, 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b   \\r
+  }\r
+// {C5068BAC-A7DC-42f1-AE80-CAA24BB4904B}\r
+//static const GUID <<name>> = \r
+//{ 0xc5068bac, 0xa7dc, 0x42f1, { 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b } };\r
+\r
+\r
+\r
+//#define EFI_PTT_PROTOCOL_GUID  HECI_PROTOCOL_GUID\r
+\r
+typedef struct _PTT_PASS_THRU_PPI PTT_PASS_THRU_PPI;\r
+\r
+/**\r
+  This service enables the sending of commands to the TPM2.\r
+\r
+  @param[in]      InputParameterBlockSize  Size of the TPM2 input parameter block.\r
+  @param[in]      InputParameterBlock      Pointer to the TPM2 input parameter block.\r
+  @param[in,out]  OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+  @param[in]      OutputParameterBlock     Pointer to the TPM2 output parameter block.\r
+\r
+  @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.\r
+  @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.\r
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small. \r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_SUBMIT_COMMAND) (\r
+  IN PTT_PASS_THRU_PPI *This,\r
+  IN UINT32                  InputParameterBlockSize,\r
+  IN UINT8                   *InputParameterBlock,\r
+  IN OUT UINT32              *OutputParameterBlockSize,\r
+  IN UINT8                   *OutputParameterBlock\r
+  );\r
+\r
+/**\r
+  This service requests use TPM2.\r
+\r
+  @retval EFI_SUCCESS      Get the control of TPM2 chip.\r
+  @retval EFI_NOT_FOUND    TPM2 not found.\r
+  @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REQUEST_USE_TPM) (\r
+  IN PTT_PASS_THRU_PPI *This\r
+  );\r
+\r
+typedef struct {\r
+  EFI_GUID                           ProviderGuid;\r
+  TPM2_SUBMIT_COMMAND                Tpm2SubmitCommand;\r
+  TPM2_REQUEST_USE_TPM               Tpm2RequestUseTpm;\r
+} PTT_TPM2_DEVICE_INTERFACE;\r
+\r
+\r
+/**\r
+  This service register TPM2 device.\r
+\r
+  @param Tpm2Device  TPM2 device\r
+\r
+  @retval EFI_SUCCESS          This TPM2 device is registered successfully.\r
+  @retval EFI_UNSUPPORTED      System does not support register this TPM2 device.\r
+  @retval EFI_ALREADY_STARTED  System already register this TPM2 device.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (\r
+  IN PTT_PASS_THRU_PPI  *This,\r
+  IN PTT_TPM2_DEVICE_INTERFACE   *Tpm2Device\r
+  );\r
+  \r
+typedef struct _PTT_PASS_THRU_PPI {\r
+  TPM2_SUBMIT_COMMAND             Tpm2SubmitCommand;\r
+  TPM2_REQUEST_USE_TPM            Tpm2RequestUseTpm;\r
+  TPM2_REGISTER_TPM2_DEVICE_LIB   Tpm2RegisterTpm2DeviceLib;\r
+} PTT_PASS_THRU_PPI;\r
+\r
+extern EFI_GUID gPttPassThruPpiGuid;\r
+\r
+#endif // _EFI_HECI_H\r
diff --git a/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h b/Vlv2DeviceRefCodePkg/Include/Ppi/fTPMPolicy.h
new file mode 100644 (file)
index 0000000..83ee8bb
--- /dev/null
@@ -0,0 +1,32 @@
+/*++\r
+\r
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>\r
+                                                                                   \r
+  This program and the accompanying materials are licensed and made available under\r
+  the terms and conditions of the BSD License that accompanies this distribution.  \r
+  The full text of the license may be found at                                     \r
+  http://opensource.org/licenses/bsd-license.php.                                  \r
+                                                                                   \r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+                                                                                   \r
+--*/\r
+\r
+#ifndef _SEC_FTPM_POLICY_PPI_H_\r
+#define _SEC_FTPM_POLICY_PPI_H_\r
+\r
+#define SEC_FTPM_POLICY_PPI_GUID \\r
+  { \\r
+    0x4fd1ba49, 0x8f90, 0x471a, 0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0 \\r
+  }\r
+\r
+extern EFI_GUID  gSeCfTPMPolicyPpiGuid;\r
+\r
+//\r
+// PPI definition\r
+//\r
+typedef struct SEC_FTPM_POLICY_PPI {\r
+  BOOLEAN                 fTPMEnable;\r
+} SEC_FTPM_POLICY_PPI;\r
+\r
+#endif\r
diff --git a/Vlv2DeviceRefCodePkg/Include/Protocol/PttPassThru.h b/Vlv2DeviceRefCodePkg/Include/Protocol/PttPassThru.h
new file mode 100644 (file)
index 0000000..10248cf
--- /dev/null
@@ -0,0 +1,97 @@
+/*++\r
+\r
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>\r
+                                                                                   \r
+  This program and the accompanying materials are licensed and made available under\r
+  the terms and conditions of the BSD License that accompanies this distribution.  \r
+  The full text of the license may be found at                                     \r
+  http://opensource.org/licenses/bsd-license.php.                                  \r
+                                                                                   \r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+                                                                                   \r
+--*/\r
+\r
+#ifndef _EFI_PTT_PASS_THRU_H\r
+#define _EFI_PTT_PASS_THRU_H\r
+\r
+#define PTT_PASS_THRU_PROTOCOL_GUID \\r
+  { \\r
+    0x73e2576, 0xf6c1, 0x4b91, 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1  \\r
+  }\r
+// {073E2576-F6C1-4b91-92A9-D4675DDA34B1}\r
+//static const GUID <<name>> = \r
+//{ 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } };\r
+\r
+\r
+//#define EFI_PTT_PROTOCOL_GUID  HECI_PROTOCOL_GUID\r
+\r
+typedef struct _PTT_PASS_THRU_PROTOCOL PTT_PASS_THRU_PROTOCOL;\r
+\r
+/**\r
+  This service enables the sending of commands to the TPM2.\r
+\r
+  @param[in]      InputParameterBlockSize  Size of the TPM2 input parameter block.\r
+  @param[in]      InputParameterBlock      Pointer to the TPM2 input parameter block.\r
+  @param[in,out]  OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+  @param[in]      OutputParameterBlock     Pointer to the TPM2 output parameter block.\r
+\r
+  @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.\r
+  @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.\r
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small. \r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_SUBMIT_COMMAND) (\r
+  IN PTT_PASS_THRU_PROTOCOL *This,\r
+  IN UINT32                  InputParameterBlockSize,\r
+  IN UINT8                   *InputParameterBlock,\r
+  IN OUT UINT32              *OutputParameterBlockSize,\r
+  IN UINT8                   *OutputParameterBlock\r
+  );\r
+\r
+/**\r
+  This service requests use TPM2.\r
+\r
+  @retval EFI_SUCCESS      Get the control of TPM2 chip.\r
+  @retval EFI_NOT_FOUND    TPM2 not found.\r
+  @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REQUEST_USE_TPM) (\r
+  IN PTT_PASS_THRU_PROTOCOL *This\r
+  );\r
+\r
+typedef struct {\r
+  EFI_GUID                           ProviderGuid;\r
+  TPM2_SUBMIT_COMMAND                Tpm2SubmitCommand;\r
+  TPM2_REQUEST_USE_TPM               Tpm2RequestUseTpm;\r
+} PTT_TPM2_DEVICE_INTERFACE;\r
+\r
+\r
+/**\r
+  This service register TPM2 device.\r
+\r
+  @param Tpm2Device  TPM2 device\r
+\r
+  @retval EFI_SUCCESS          This TPM2 device is registered successfully.\r
+  @retval EFI_UNSUPPORTED      System does not support register this TPM2 device.\r
+  @retval EFI_ALREADY_STARTED  System already register this TPM2 device.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (\r
+  IN PTT_PASS_THRU_PROTOCOL  *This,\r
+  IN PTT_TPM2_DEVICE_INTERFACE   *Tpm2Device\r
+  );\r
+  \r
+typedef struct _PTT_PASS_THRU_PROTOCOL {\r
+  TPM2_SUBMIT_COMMAND             Tpm2SubmitCommand;\r
+  TPM2_REQUEST_USE_TPM            Tpm2RequestUseTpm;\r
+  TPM2_REGISTER_TPM2_DEVICE_LIB   Tpm2RegisterTpm2DeviceLib;\r
+} PTT_PASS_THRU_PROTOCOL;\r
+\r
+extern EFI_GUID gPttPassThruProtocolGuid;\r
+\r
+#endif // _EFI_HECI_H\r
index b003354..5d3f46c 100644 (file)
@@ -1,6 +1,6 @@
 ##  @file  Vlv2DeviceRefCodePkg.dec\r
 #\r
-# Copyright (c) 2012  - 2014, Intel Corporation. All rights reserved\r
+# Copyright (c) 2012  - 2015, Intel Corporation. All rights reserved\r
 #\r
 # This program and the accompanying materials are licensed and made available under\r
 # the terms and conditions of the BSD License that accompanies this distribution.\r
@@ -37,7 +37,8 @@
   gSeCfTPMPolicyPpiGuid                 = { 0x4fd1ba49, 0x8f90, 0x471a, {0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0}}\r
   gEfiPeiReadOnlyVariable2PpiGuid       = { 0x2ab86ef5, 0xecb5, 0x4134, {0xb5, 0x56, 0x38, 0x54, 0xca, 0x1f, 0xe1, 0xb4}}\r
   gPchPeiInitPpiGuid                    = { 0xACB93B08, 0x5CDC, 0x4A8F, {0x93, 0xD4, 0x6, 0xE3, 0x42, 0xDF, 0x18, 0x2E}}\r
-\r
+  gPttPassThruPpiGuid                   = { 0xc5068bac, 0xa7dc, 0x42f1, {0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b}}\r
+  \r
 [Protocols]\r
   gEfiGlobalNvsAreaProtocolGuid         = { 0x074e1e48, 0x8132, 0x47a1, {0x8c, 0x2c, 0x3f, 0x14, 0xad, 0x9a, 0x66, 0xdc}}\r
   gPpmPlatformPolicyProtocolGuid        = { 0xddabfeac, 0xef63, 0x452c, {0x8f, 0x39, 0xed, 0x7f, 0xae, 0xd8, 0x26, 0x5e}}\r
@@ -70,7 +71,8 @@
   gEfiTdtOperationProtocolGuid          = {0xfd301ba4, 0x5e62, 0x4679,{ 0xa0, 0x6f, 0xe0, 0x9a, 0xab, 0xdd, 0x2a, 0x91}}\r
   gEfiConfigFileNameGuid            = { 0x98B8D59B, 0xE8BA, 0x48EE, { 0x98, 0xDD, 0xC2, 0x95, 0x39, 0x2F, 0x1E, 0xDB }}\r
   gEfiDFUResultGuid                 = { 0x14a7c46f, 0xbc02, 0x4047, { 0x9f, 0x18, 0xa5, 0xd7, 0x25, 0xd8, 0xbd, 0x19 }}\r
-\r
+  gPttPassThruProtocolGuid          = { 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } }\r
+  \r
 [Guids]\r
   gEfiCPTokenSpaceGuid                  = { 0x918211ce, 0xa1d2, 0x43a0, {0xa0, 0x4e, 0x75, 0xb5, 0xbf, 0x44, 0x50, 0x0E}}\r
   gEfiSmbusArpMapGuid                   = { 0x707BE83E, 0x0BF6, 0x40A5, {0xBE, 0x64, 0x34, 0xC0, 0x3A, 0xA0, 0xB8, 0xE2}}\r
index bc6656c..406bed2 100644 (file)
@@ -26,5 +26,5 @@ OEM_ID        = I32
 BUILD_TYPE    = D\r
 \r
 BOARD_ID = BLAKCRB\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
 VERSION_MINOR = 01\r
index 0709ac7..092423d 100644 (file)
@@ -26,5 +26,5 @@ OEM_ID        = I32
 BUILD_TYPE    = R\r
 \r
 BOARD_ID = BLAKCRB\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
 VERSION_MINOR = 01\r
index 5ed4b87..289441e 100644 (file)
@@ -25,6 +25,6 @@ BOARD_REV     = 1
 OEM_ID        = X64\r
 BUILD_TYPE    = D\r
 \r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
 VERSION_MINOR = 01\r
 BOARD_ID = BBAYCRB \r
index 21af131..92bd556 100644 (file)
@@ -25,6 +25,6 @@ BOARD_REV     = 1
 OEM_ID        = X64\r
 BUILD_TYPE    = R\r
 \r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
 VERSION_MINOR = 01\r
 BOARD_ID = BBAYCRB \r
index eb0a176..6b9b830 100644 (file)
@@ -1,6 +1,6 @@
 /*++
 
-  Copyright (c) 2004  - 2014, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>
                                                                                    
 
   This program and the accompanying materials are licensed and made available under
@@ -1110,7 +1110,7 @@ typedef struct {
   UINT8           GfxBoost;
   UINT8           IgdThermal;
   UINT8           SEC00;
-  UINT8           SEC01;
+  UINT8           fTPM;
   UINT8           SEC02;
   UINT8           SEC03;
   UINT8           MeasuredBootEnable;
diff --git a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c b/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c
new file mode 100644 (file)
index 0000000..9aebf52
--- /dev/null
@@ -0,0 +1,242 @@
+/** @file\r
+  Execute pending TPM2 requests from OS or BIOS.\r
+\r
+  Caution: This module requires additional review when modified.\r
+  This driver will have external input - variable.\r
+  This external input must be validated carefully to avoid security issue.\r
+\r
+  TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.\r
+\r
+Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials \r
+are licensed and made available under the terms and conditions of the BSD License \r
+which accompanies this distribution.  The full text of the license may be found at \r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include <PiDxe.h>\r
+\r
+#include <Protocol/TrEEProtocol.h>\r
+#include <Protocol/VariableLock.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/UefiRuntimeServicesTableLib.h>\r
+#include <Library/UefiDriverEntryPoint.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+#include <Library/UefiLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+#include <Library/PrintLib.h>\r
+#include <Library/HiiLib.h>\r
+#include <Guid/EventGroup.h>\r
+#include <Guid/TrEEPhysicalPresenceData.h>\r
+#include <Library/Tpm2CommandLib.h>\r
+#include <Library/TrEEPpVendorLib.h>\r
+\r
+\r
+/**\r
+  Get string by string id from HII Interface.\r
+\r
+  @param[in] Id          String ID.\r
+\r
+  @retval    CHAR16 *    String from ID.\r
+  @retval    NULL        If error occurs.\r
+\r
+**/\r
+CHAR16 *\r
+TrEEPhysicalPresenceGetStringById (\r
+  IN  EFI_STRING_ID   Id\r
+  )\r
+{\r
+  return NULL;\r
+}\r
+\r
+/**\r
+  Send ClearControl and Clear command to TPM.\r
+\r
+  @param[in]  PlatformAuth      platform auth value. NULL means no platform auth change.\r
+\r
+  @retval EFI_SUCCESS           Operation completed successfully.\r
+  @retval EFI_TIMEOUT           The register can't run into the expected status in time.\r
+  @retval EFI_BUFFER_TOO_SMALL  Response data buffer is too small.\r
+  @retval EFI_DEVICE_ERROR      Unexpected device behavior.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TpmCommandClear (\r
+  IN TPM2B_AUTH                *PlatformAuth  OPTIONAL\r
+  )\r
+{\r
+  return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+  Execute physical presence operation requested by the OS.\r
+\r
+  @param[in]      PlatformAuth        platform auth value. NULL means no platform auth change.\r
+  @param[in]      CommandCode         Physical presence operation value.\r
+  @param[in, out] PpiFlags            The physical presence interface flags.\r
+  \r
+  @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Unknown physical presence operation.\r
+  @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or \r
+                                                   receiving response from TPM.\r
+  @retval Others                                   Return code from the TPM device after command execution.\r
+**/\r
+UINT32\r
+TrEEExecutePhysicalPresence (\r
+  IN      TPM2B_AUTH                       *PlatformAuth,  OPTIONAL\r
+  IN      UINT32                           CommandCode,\r
+  IN OUT  EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags\r
+  )\r
+{\r
+  return 0;\r
+}\r
+\r
+\r
+/**\r
+  Read the specified key for user confirmation.\r
+\r
+  @param[in]  CautionKey  If true,  F12 is used as confirm key;\r
+                          If false, F10 is used as confirm key.\r
+\r
+  @retval     TRUE        User confirmed the changes by input.\r
+  @retval     FALSE       User discarded the changes.\r
+**/\r
+BOOLEAN\r
+TrEEReadUserKey (\r
+  IN     BOOLEAN                    CautionKey\r
+  )\r
+{\r
+  return FALSE;\r
+}\r
+\r
+/**\r
+  The constructor function register UNI strings into imageHandle.\r
+  \r
+  It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r
+\r
+  @param  ImageHandle   The firmware allocated handle for the EFI image.\r
+  @param  SystemTable   A pointer to the EFI System Table.\r
+  \r
+  @retval EFI_SUCCESS   The constructor successfully added string package.\r
+  @retval Other value   The constructor can't add string package.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TrEEPhysicalPresenceLibConstructor (\r
+  IN EFI_HANDLE        ImageHandle,\r
+  IN EFI_SYSTEM_TABLE  *SystemTable\r
+  )\r
+{\r
+  return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+  Display the confirm text and get user confirmation.\r
+\r
+  @param[in] TpmPpCommand  The requested TPM physical presence command.\r
+\r
+  @retval    TRUE          The user has confirmed the changes.\r
+  @retval    FALSE         The user doesn't confirm the changes.\r
+**/\r
+BOOLEAN\r
+TrEEUserConfirm (\r
+  IN      UINT32                    TpmPpCommand\r
+  )\r
+{\r
+  return FALSE;  \r
+}\r
+\r
+/**\r
+  Check if there is a valid physical presence command request. Also updates parameter value \r
+  to whether the requested physical presence command already confirmed by user\r
\r
+   @param[in]  TcgPpData                 EFI TrEE Physical Presence request data. \r
+   @param[in]  Flags                     The physical presence interface flags.\r
+   @param[out] RequestConfirmed            If the physical presence operation command required user confirm from UI.\r
+                                             True, it indicates the command doesn't require user confirm, or already confirmed \r
+                                                   in last boot cycle by user.\r
+                                             False, it indicates the command need user confirm from UI.\r
+\r
+   @retval  TRUE        Physical Presence operation command is valid.\r
+   @retval  FALSE       Physical Presence operation command is invalid.\r
+\r
+**/\r
+BOOLEAN\r
+TrEEHaveValidTpmRequest  (\r
+  IN      EFI_TREE_PHYSICAL_PRESENCE       *TcgPpData,\r
+  IN      EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags,\r
+  OUT     BOOLEAN                          *RequestConfirmed\r
+  )\r
+{\r
+  return TRUE;\r
+}\r
+\r
+\r
+/**\r
+  Check and execute the requested physical presence command.\r
+\r
+  Caution: This function may receive untrusted input.\r
+  TcgPpData variable is external input, so this function will validate\r
+  its data structure to be valid value.\r
+\r
+  @param[in] PlatformAuth         platform auth value. NULL means no platform auth change.\r
+  @param[in] TcgPpData            Point to the physical presence NV variable.\r
+  @param[in] Flags                The physical presence interface flags.\r
+**/\r
+VOID\r
+TrEEExecutePendingTpmRequest (\r
+  IN      TPM2B_AUTH                       *PlatformAuth,  OPTIONAL\r
+  IN      EFI_TREE_PHYSICAL_PRESENCE       *TcgPpData,\r
+  IN      EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags\r
+  )\r
+{\r
+  return;\r
+}\r
+\r
+/**\r
+  Check and execute the pending TPM request.\r
+\r
+  The TPM request may come from OS or BIOS. This API will display request information and wait \r
+  for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r
+  the TPM request is confirmed, and one or more reset may be required to make TPM request to \r
+  take effect.\r
+  \r
+  This API should be invoked after console in and console out are all ready as they are required\r
+  to display request information and get user input to confirm the request.  \r
+\r
+  @param[in]  PlatformAuth                   platform auth value. NULL means no platform auth change.\r
+**/\r
+VOID\r
+EFIAPI\r
+TrEEPhysicalPresenceLibProcessRequest (\r
+  IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL\r
+  )\r
+{\r
+  return;\r
+}\r
+\r
+/**\r
+  Check if the pending TPM request needs user input to confirm.\r
+\r
+  The TPM request may come from OS. This API will check if TPM request exists and need user\r
+  input to confirmation.\r
+  \r
+  @retval    TRUE        TPM needs input to confirm user physical presence.\r
+  @retval    FALSE       TPM doesn't need input to confirm user physical presence.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+TrEEPhysicalPresenceLibNeedUserConfirm(\r
+  VOID\r
+  )\r
+{\r
+\r
+  return FALSE;\r
+}\r
+\r
diff --git a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf b/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
new file mode 100644 (file)
index 0000000..64c17c6
--- /dev/null
@@ -0,0 +1,46 @@
+## @file\r
+# Null instance of DxeTrEEPhysicalPresenceLib\r
+#\r
+#  Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+#                                                                                  \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution.  \r
+# The full text of the license may be found at                                     \r
+# http://opensource.org/licenses/bsd-license.php.                                  \r
+#                                                                                  \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+#\r
+#\r
+#\r
+\r
+[Defines]\r
+  INF_VERSION                    = 0x00010005\r
+  BASE_NAME                      = DxeTrEEPhysicalPresenceLib\r
+  FILE_GUID                      = B41B3DB3-ACC5-4fcd-9992-891F3F9C0DA5\r
+  MODULE_TYPE                    = DXE_DRIVER\r
+  VERSION_STRING                 = 1.0\r
+  LIBRARY_CLASS                  = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER \r
+  \r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources]\r
+  DxeTrEEPhysicalPresenceLibNull.c\r
+\r
+[Packages]\r
+  MdePkg/MdePkg.dec\r
+  MdeModulePkg/MdeModulePkg.dec\r
+  SecurityPkg/SecurityPkg.dec\r
+\r
+[LibraryClasses]\r
+\r
+\r
+[Protocols]\r
+\r
+\r
+[Guids]\r
+\r
index 903b46d..ad16267 100644 (file)
@@ -1,6 +1,6 @@
 /** @file\r
 \r
-  Copyright (c) 2004  - 2014, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2004  - 2015, Intel Corporation. All rights reserved.<BR>\r
                                                                                    \r\r
   This program and the accompanying materials are licensed and made available under\r\r
   the terms and conditions of the BSD License that accompanies this distribution.  \r\r
@@ -1763,10 +1763,12 @@ PlatformBdsPolicyBehavior (
     }\r
 \r
 \r
-#ifdef TPM_ENABLED\r
-       TcgPhysicalPresenceLibProcessRequest();\r
-#endif\r
-\r
+    #ifdef TPM_ENABLED\r
+    TcgPhysicalPresenceLibProcessRequest();\r
+    #endif\r
+    #ifdef FTPM_ENABLE\r
+    TrEEPhysicalPresenceLibProcessRequest(NULL);\r
+    #endif\r
     //\r
     // Close boot script and install ready to lock\r
     //\r
@@ -1951,10 +1953,12 @@ FULL_CONFIGURATION:
         PlatformBdsConnectSequence ();\r
       }\r
     }\r
-#ifdef TPM_ENABLED\r
+   #ifdef TPM_ENABLED\r
    TcgPhysicalPresenceLibProcessRequest();\r
-#endif\r
-\r
+   #endif\r
+   #ifdef FTPM_ENABLE\r
+   TrEEPhysicalPresenceLibProcessRequest(NULL);\r
+   #endif\r
     //\r
     // Close boot script and install ready to lock\r
     //\r
index da268b2..45578e8 100644 (file)
@@ -68,7 +68,7 @@
   PrintLib\r
   BaseCryptLib\r
 #  TcgPhysicalPresenceLib\r
-#  TrEEPhysicalPresenceLib\r
+  TrEEPhysicalPresenceLib  \r
   FileHandleLib\r
   S3BootScriptLib\r
   SerialPortLib\r
diff --git a/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c b/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.c
new file mode 100644 (file)
index 0000000..ac8ae51
--- /dev/null
@@ -0,0 +1,123 @@
+/*++\r
+\r
+Copyright (c)  1999  - 2015, Intel Corporation. All rights reserved\r
+                                                                                   \r
+  This program and the accompanying materials are licensed and made available under\r
+  the terms and conditions of the BSD License that accompanies this distribution.  \r
+  The full text of the license may be found at                                     \r
+  http://opensource.org/licenses/bsd-license.php.                                  \r
+                                                                                   \r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+                                                                                   \r
+--*/\r
+\r
+#include <Uefi.h>\r
+#include <Protocol/PttPassThru.h>\r
+#include <Library/PcdLib.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+//#include <Library/Tpm2DeviceLib.h>\r
+\r
+\r
+PTT_PASS_THRU_PROTOCOL *mPttPassThruProtocol;\r
+\r
+\r
+/**\r
+  The constructor function caches the pointer to PEI services.\r
+\r
+  The constructor function caches the pointer to PEI services.\r
+  It will always return EFI_SUCCESS.\r
+\r
+  @param  FfsHeader   Pointer to FFS header the loaded driver.\r
+  @param  PeiServices Pointer to the PEI services.\r
+\r
+  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.\r
+\r
+**/\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2DeviceLibConstructor (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS Status = EFI_SUCCESS;\r
+  \r
+  Status = gBS->LocateProtocol (&gPttPassThruProtocolGuid, NULL, (VOID **) &mPttPassThruProtocol);\r
+  \r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service enables the sending of commands to the TPM2.\r
+\r
+  @param[in]  InputParameterBlockSize  Size of the TPM2 input parameter block.\r
+  @param[in]  InputParameterBlock      Pointer to the TPM2 input parameter block.\r
+  @param[in]  OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+  @param[in]  OutputParameterBlock     Pointer to the TPM2 output parameter block.\r
+\r
+  @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.\r
+  @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.\r
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2SubmitCommand (\r
+  IN UINT32            InputParameterBlockSize,\r
+  IN UINT8             *InputParameterBlock,\r
+  IN OUT UINT32        *OutputParameterBlockSize,\r
+  IN UINT8             *OutputParameterBlock\r
+  )\r
+{\r
+  EFI_STATUS Status;\r
+  \r
+  Status = mPttPassThruProtocol->Tpm2SubmitCommand (\r
+             mPttPassThruProtocol,\r
+             InputParameterBlockSize,\r
+             InputParameterBlock,\r
+             OutputParameterBlockSize,\r
+             OutputParameterBlock\r
+           );\r
+\r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service requests use TPM2.\r
+\r
+  @retval EFI_SUCCESS      Get the control of TPM2 chip.\r
+  @retval EFI_NOT_FOUND    TPM2 not found.\r
+  @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RequestUseTpm (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS Status;\r
+  \r
+  Status = mPttPassThruProtocol->Tpm2RequestUseTpm (mPttPassThruProtocol);\r
+           \r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service register TPM2 device.\r
+\r
+  @Param Tpm2Device  TPM2 device\r
+\r
+  @retval EFI_SUCCESS          This TPM2 device is registered successfully.\r
+  @retval EFI_UNSUPPORTED      System does not support register this TPM2 device.\r
+  @retval EFI_ALREADY_STARTED  System already register this TPM2 device.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RegisterTpm2DeviceLib (\r
+  IN PTT_TPM2_DEVICE_INTERFACE   *Tpm2Device\r
+  )\r
+{\r
+  return EFI_UNSUPPORTED;\r
+}\r
+\r
+\r
diff --git a/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf b/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
new file mode 100644 (file)
index 0000000..aa76ad0
--- /dev/null
@@ -0,0 +1,67 @@
+#/** @file\r
+# \r
+#\r
+# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>\r
+#                                                                                  \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution. \r
+# The full text of the license may be found at                                     \r
+# http://opensource.org/licenses/bsd-license.php.                                  \r
+#                                                                                  \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+#                                                                                 \r
+#\r
+#\r
+#\r
+#**/\r
+\r
+\r
+[Defines]\r
+  INF_VERSION                    = 0x00010005\r
+  BASE_NAME                      = Tpm2DeviceLibSeC\r
+  FILE_GUID                      = 294B196A-A3CC-4a43-857F-EEC26147857B\r
+  MODULE_TYPE                    = BASE\r
+  VERSION_STRING                 = 1.0\r
+  LIBRARY_CLASS                  = Tpm2DeviceLib | DXE_DRIVER DXE_SMM_DRIVER\r
+  CONSTRUCTOR                    = Tpm2DeviceLibConstructor\r
+\r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources.common]\r
+  Tpm2DeviceLibSeC.c\r
+\r
+[Packages]\r
+  MdePkg/MdePkg.dec\r
+  MdeModulePkg/MdeModulePkg.dec\r
+  Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec\r
+  SecurityPkg/SecurityPkg.dec\r
+  Vlv2TbltDevicePkg/PlatformPkg.dec\r
+\r
+[LibraryClasses]\r
+  BaseLib\r
+  PcdLib\r
+  UefiBootServicesTableLib\r
+\r
+  \r
+[Guids]\r
+  gEfiVLVTokenSpaceGuid\r
+  \r
+[Pcd]\r
+  gEfiVLVTokenSpaceGuid.PcdMeasuredBootEnable\r
+  gEfiVLVTokenSpaceGuid.PcdFTPMErrorOccur\r
+  gEfiVLVTokenSpaceGuid.PcdFTPMCommand\r
+  gEfiVLVTokenSpaceGuid.PcdFTPMResponse\r
+  gEfiVLVTokenSpaceGuid.PcdFTPMNotRespond\r
+  gEfiVLVTokenSpaceGuid.PcdFTPMStatus\r
+  \r
+[Protocols]\r
+  gPttPassThruProtocolGuid\r
+    \r
+[Depex]\r
+  gPttPassThruProtocolGuid\r
+\r
diff --git a/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c b/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.c
new file mode 100644 (file)
index 0000000..7386ea4
--- /dev/null
@@ -0,0 +1,151 @@
+/*++\r
+\r
+Copyright (c)  1999  - 2015, Intel Corporation. All rights reserved\r
+                                                                                   \r
+  This program and the accompanying materials are licensed and made available under\r
+  the terms and conditions of the BSD License that accompanies this distribution.  \r
+  The full text of the license may be found at                                     \r
+  http://opensource.org/licenses/bsd-license.php.                                  \r
+                                                                                   \r
+  THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+  WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+                                                                                   \r
+\r
+--*/\r
+\r
+#include <Uefi.h>\r
+#include <PiPei.h>\r
+#include <Ppi/PttPassThruPpi.h>\r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/IoLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/PeiServicesLib.h>\r
+#include <Library/PcdLib.h>\r
+\r
+\r
+\r
+\r
+\r
+\r
+PTT_PASS_THRU_PPI  *SecPttPassThruPpi = NULL;\r
+\r
+/**\r
+  The constructor function caches the pointer to PEI services.\r
+\r
+  The constructor function caches the pointer to PEI services.\r
+  It will always return EFI_SUCCESS.\r
+\r
+  @param  FfsHeader   Pointer to FFS header the loaded driver.\r
+  @param  PeiServices Pointer to the PEI services.\r
+\r
+  @retval EFI_SUCCESS   The constructor always returns EFI_SUCCESS.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2DeviceLibConstructor (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS  Status = EFI_SUCCESS;\r
+  \r
+  Status = PeiServicesLocatePpi (&gPttPassThruPpiGuid, 0, NULL, (VOID **) &SecPttPassThruPpi);\r
+  if (EFI_ERROR (Status)) {\r
+     // Locate the PPI failed\r
+     SecPttPassThruPpi = NULL;\r
+  }\r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service enables the sending of commands to the TPM2.\r
+\r
+  @param[in]  InputParameterBlockSize  Size of the TPM2 input parameter block.\r
+  @param[in]  InputParameterBlock      Pointer to the TPM2 input parameter block.\r
+  @param[in]  OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+  @param[in]  OutputParameterBlock     Pointer to the TPM2 output parameter block.\r
+\r
+  @retval EFI_SUCCESS            The command byte stream was successfully sent to the device and a response was successfully received.\r
+  @retval EFI_DEVICE_ERROR       The command was not successfully sent to the device or a response was not successfully received from the device.\r
+  @retval EFI_BUFFER_TOO_SMALL   The output parameter block is too small.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2SubmitCommand (\r
+  IN UINT32            InputParameterBlockSize,\r
+  IN UINT8             *InputParameterBlock,\r
+  IN OUT UINT32        *OutputParameterBlockSize,\r
+  IN UINT8             *OutputParameterBlock\r
+  )\r
+{\r
+  EFI_STATUS  Status = EFI_SUCCESS;\r
+\r
+  if(NULL == InputParameterBlock || NULL == OutputParameterBlock || 0 == InputParameterBlockSize) {\r
+    DEBUG ((EFI_D_ERROR, "Buffer == NULL or InputParameterBlockSize == 0\n"));\r
+    Status = EFI_INVALID_PARAMETER;\r
+    return Status;\r
+  }\r
+\r
+  if (NULL == SecPttPassThruPpi) {\r
+    // Don't locate PPI by calling Tpm2DeviceLibConstructor() function??\r
+    Status = EFI_DEVICE_ERROR;\r
+    return Status;\r
+  }\r
+\r
+  Status = SecPttPassThruPpi->Tpm2SubmitCommand (\r
+             SecPttPassThruPpi, \r
+             InputParameterBlockSize, \r
+             InputParameterBlock, \r
+             OutputParameterBlockSize, \r
+             OutputParameterBlock\r
+           );\r
+  \r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service requests use TPM2.\r
+\r
+  @retval EFI_SUCCESS      Get the control of TPM2 chip.\r
+  @retval EFI_NOT_FOUND    TPM2 not found.\r
+  @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RequestUseTpm (\r
+  VOID\r
+  )\r
+{\r
+  EFI_STATUS  Status = EFI_SUCCESS;\r
+\r
+  if (NULL == SecPttPassThruPpi) {\r
+    // Don't locate PPI by calling Tpm2DeviceLibConstructor() function??\r
+    Status = EFI_DEVICE_ERROR;\r
+    return Status;\r
+  }\r
+\r
+  Status = SecPttPassThruPpi->Tpm2RequestUseTpm (SecPttPassThruPpi);\r
+  \r
+  return Status;\r
+}\r
+\r
+/**\r
+  This service register TPM2 device.\r
+\r
+  @Param Tpm2Device  TPM2 device\r
+\r
+  @retval EFI_SUCCESS          This TPM2 device is registered successfully.\r
+  @retval EFI_UNSUPPORTED      System does not support register this TPM2 device.\r
+  @retval EFI_ALREADY_STARTED  System already register this TPM2 device.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RegisterTpm2DeviceLib (\r
+  IN PTT_TPM2_DEVICE_INTERFACE   *Tpm2Device\r
+  )\r
+{\r
+  return EFI_UNSUPPORTED;\r
+}\r
+\r
+\r
diff --git a/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf b/Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
new file mode 100644 (file)
index 0000000..7171a58
--- /dev/null
@@ -0,0 +1,66 @@
+#/** @file\r
+# \r
+#\r
+# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>\r
+#                                                                                  \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution. \r
+# The full text of the license may be found at                                     \r
+# http://opensource.org/licenses/bsd-license.php.                                  \r
+#                                                                                  \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,            \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.    \r
+#                                                                                 \r
+#\r
+#\r
+#\r
+#**/\r
+\r
+\r
+[Defines]\r
+  INF_VERSION                    = 0x00010005\r
+  BASE_NAME                      = Tpm2DeviceLibSeC\r
+  FILE_GUID                      = 1EEA2BFE-01CB-40cc-A34E-CB224C800AA2\r
+  MODULE_TYPE                    = BASE\r
+  VERSION_STRING                 = 1.0\r
+  LIBRARY_CLASS                  = Tpm2DeviceLib | PEI_DRIVER PEIM\r
+  CONSTRUCTOR                    = Tpm2DeviceLibConstructor\r
+\r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+#  VALID_ARCHITECTURES           = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources.common]\r
+  Tpm2DeviceLibSeC.c\r
+\r
+[Packages]\r
+  MdePkg/MdePkg.dec\r
+  MdeModulePkg/MdeModulePkg.dec\r
+  Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec\r
+  SecurityPkg/SecurityPkg.dec\r
+  Vlv2TbltDevicePkg/PlatformPkg.dec\r
+\r
+[LibraryClasses]\r
+  BaseLib\r
+  BaseMemoryLib\r
+  MemoryAllocationLib\r
+  DebugLib\r
+  IoLib\r
+  PciLib\r
+  TimerLib\r
+  PcdLib\r
+  PeiServicesLib\r
+  PeimEntryPoint\r
+\r
+  \r
+[Guids]\r
+\r
+[Ppis]\r
+  gPttPassThruPpiGuid\r
+  \r
+[Depex]\r
+  gPttPassThruPpiGuid\r
+  \r
+\r
index 1dab9ca..899b4a9 100644 (file)
@@ -28,6 +28,7 @@ Module Name:
 #include <Ppi/MfgMemoryTest.h>\r
 #include <Guid/SetupVariable.h>\r
 #include <Guid/Vlv2Variable.h>\r
+#include <Ppi/fTPMPolicy.h>\r
 \r
 //\r
 // Start::Alpine Valley platform\r
@@ -190,6 +191,67 @@ PeiSmbusExec (
   UINT8 *Buffer\r
   );\r
 \r
+\r
+EFI_STATUS\r
+FtpmPolicyInit (\r
+  IN CONST EFI_PEI_SERVICES             **PeiServices,\r
+  IN SYSTEM_CONFIGURATION         *pSystemConfiguration\r
+  )\r
+{\r
+  EFI_STATUS                      Status;\r
+  EFI_PEI_PPI_DESCRIPTOR          *mFtpmPolicyPpiDesc;\r
+  SEC_FTPM_POLICY_PPI             *mFtpmPolicyPpi;\r
+\r
+\r
+  DEBUG((EFI_D_INFO, "FtpmPolicyInit Entry \n"));\r
+\r
+  if (NULL == PeiServices ||  NULL == pSystemConfiguration) {\r
+    DEBUG((EFI_D_ERROR, "Input error. \n"));\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+  \r
+  Status = (*PeiServices)->AllocatePool(\r
+                             PeiServices,\r
+                             sizeof (EFI_PEI_PPI_DESCRIPTOR),\r
+                             (void **)&mFtpmPolicyPpiDesc\r
+                             );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
+  Status = (*PeiServices)->AllocatePool(\r
+                             PeiServices,\r
+                             sizeof (SEC_FTPM_POLICY_PPI),\r
+                             (void **)&mFtpmPolicyPpi\r
+                             );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
+  //\r
+  // Initialize PPI\r
+  //\r
+  (*PeiServices)->SetMem ((VOID *)mFtpmPolicyPpi, sizeof (SEC_FTPM_POLICY_PPI), 0);\r
+  mFtpmPolicyPpiDesc->Flags = EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST;\r
+  mFtpmPolicyPpiDesc->Guid = &gSeCfTPMPolicyPpiGuid;\r
+  mFtpmPolicyPpiDesc->Ppi = mFtpmPolicyPpi;\r
+\r
+\r
+  DEBUG((EFI_D_INFO, "pSystemConfiguration->fTPM = 0x%x \n", pSystemConfiguration->fTPM)); \r
+  if(pSystemConfiguration->fTPM == 1) {\r
+    mFtpmPolicyPpi->fTPMEnable = TRUE;\r
+  } else {\r
+    mFtpmPolicyPpi->fTPMEnable = FALSE;\r
+  }\r
+\r
+  Status = (*PeiServices)->InstallPpi(\r
+                             PeiServices,\r
+                             mFtpmPolicyPpiDesc\r
+                             );\r
+  ASSERT_EFI_ERROR (Status);\r
+\r
+  DEBUG((EFI_D_INFO, "FtpmPolicyInit done \n"));\r
+  \r
+  return EFI_SUCCESS;\r
+}\r
+\r
+\r
 /**\r
   This routine attempts to acquire the SMBus\r
 \r
@@ -697,6 +759,14 @@ PeiInitPlatform (
     );\r
 \r
 \r
+#ifdef FTPM_ENABLE\r
+  Status = FtpmPolicyInit(PeiServices, &SystemConfiguration);\r
+  if (EFI_ERROR (Status)) {\r
+    DEBUG((EFI_D_ERROR, "fTPM init failed.\n"));\r
+  }\r
+#endif\r
+\r
+\r
   //\r
   // Set the new boot mode for MRC\r
   //\r
index af8bb19..9c1cd08 100644 (file)
   gPeiMfgMemoryTestPpiGuid\r
   gPeiSha256HashPpiGuid\r
   gVlvMmioPolicyPpiGuid\r
+  gSeCfTPMPolicyPpiGuid\r
 \r
 [Guids]\r
   gEfiSetupVariableGuid\r
index afe35f8..877ea27 100644 (file)
@@ -1,7 +1,7 @@
 #/** @file
 # FDF file of Platform.
 #
-# Copyright (c) 2008  - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2008  - 2015, Intel Corporation. All rights reserved.<BR>
 #                                                                                  
 # This program and the accompanying materials are licensed and made available under
 # the terms and conditions of the BSD License that accompanies this distribution.  
@@ -294,6 +294,9 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
 INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
 INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
 !endif
+!if $(FTPM_ENABLE) == TRUE
+INF  SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
+!endif
 INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
 
 !if $(ACPI50_ENABLE) == TRUE
@@ -349,6 +352,10 @@ INF $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf
 INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
 !if $(SOURCE_DEBUG_ENABLE) == TRUE
   INF  SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
 !endif
@@ -497,11 +504,24 @@ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET
 INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
 INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
 !endif
+!if $(MINNOW2_FSP_BUILD) == FALSE
+  !if $(SEC_ENABLE) == TRUE
+  INF  RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
+  INF  RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+  !endif
+!endif
 !if $(TPM_ENABLED) == TRUE
 INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
 INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
 INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
 !endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
 
 #
 # EDK II Related Platform codes
@@ -1010,6 +1030,7 @@ FV = BiosUpdate
   FILE SMM = $(NAMED_GUID) {
     SMM_DEPEX SMM_DEPEX                |.depex
     PE32      PE32                     |.efi
+    RAW       BIN  Optional            |.aml
     UI        STRING="$(MODULE_NAME)" Optional
     VERSION   STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
   }
index ec24fed..db50b93 100644 (file)
@@ -1,7 +1,7 @@
 #/** @file\r
 # platform configuration file.\r
 #\r
-# Copyright (c) 2012  - 2014, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2012  - 2015, Intel Corporation. All rights reserved.<BR>\r
 #                                                                                  \r\r
 # This program and the accompanying materials are licensed and made available under\r\r
 # the terms and conditions of the BSD License that accompanies this distribution.  \r\r
@@ -43,6 +43,7 @@ DEFINE CLKGEN_CONFIG_EXTRA_ENABLE=TRUE
 #\r
 DEFINE USE_HPET_TIMER = FALSE\r
 \r
+\r
 #\r
 # Feature selection\r
 #\r
index 7d281ea..43cdb12 100644 (file)
@@ -1,7 +1,7 @@
 #/** @file
 # FDF file of Platform.
 #
-# Copyright (c) 2008  - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2008  - 2015, Intel Corporation. All rights reserved.<BR>
 #                                                                                  
 # This program and the accompanying materials are licensed and made available under
 # the terms and conditions of the BSD License that accompanies this distribution.  
@@ -252,6 +252,9 @@ INF SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf
 INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
 INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
 !endif
+!if $(FTPM_ENABLE) == TRUE
+INF  SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
+!endif
 INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
 
 !if $(ACPI50_ENABLE) == TRUE
@@ -307,6 +310,10 @@ INF $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf
 INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
 !if $(SOURCE_DEBUG_ENABLE) == TRUE
   INF  SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
 !endif
@@ -455,11 +462,24 @@ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET
 INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
 INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
 !endif
+!if $(MINNOW2_FSP_BUILD) == FALSE
+  !if $(SEC_ENABLE) == TRUE
+  INF  RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
+  INF  RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+  !endif
+!endif
 !if $(TPM_ENABLED) == TRUE
 INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
 INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
 INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
 !endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
 
 #
 # EDK II Related Platform codes
@@ -968,6 +988,7 @@ FV = BiosUpdate
   FILE SMM = $(NAMED_GUID) {
     SMM_DEPEX SMM_DEPEX                |.depex
     PE32      PE32                     |.efi
+    RAW       BIN  Optional            |.aml
     UI        STRING="$(MODULE_NAME)" Optional
     VERSION   STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
   }
index 29ac7c1..40b17d1 100644 (file)
@@ -77,6 +77,9 @@
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
 
+  DEFINE SEC_ENABLE = FALSE
+  DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+  DEFINE FTPM_ENABLE = FALSE
 
 ################################################################################
 #
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
   SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
   TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
   TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE  
+  TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif  
+  
+  
   Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
 !if $(MINNOW2_FSP_BUILD) == TRUE
   FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
  !if $(MINNOW2_FSP_BUILD) == TRUE
  PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
  !endif
-
-
+!if $(FTPM_ENABLE) == TRUE 
+  Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
 
 [LibraryClasses.X64]
   #
 
 [PcdsFixedAtBuild.common]
 !if $(MINNOW2_FSP_BUILD) == TRUE
-# $(FLASH_REGION_VLVMICROCODE_BASE) 
+# $(FLASH_REGION_VLVMICROCODE_BASE)
   gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchAddress|0xFFD00000
 # $(FLASH_REGION_VLVMICROCODE_SIZE)
   gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize|0x00030000
   gFspWrapperTokenSpaceGuid.PcdFlashCodeCacheSize|0x00800000
 # $(FLASH_REGION_FSPBIN_BASE)
   gFspWrapperTokenSpaceGuid.PcdFlashFvFspBase|0xFFDB0000
-
 !endif
 
 !if $(PERFORMANCE_ENABLE) == TRUE
   !if $(TPM_ENABLED) == TRUE
     gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
   !endif
+  !if $(FTPM_ENABLE) == TRUE
+    gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
+  !endif
 
   ## This PCD defines the video horizontal resolution.
   #  This PCD could be set to 0 then video resolution could be at highest resolution.
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
     <PcdsPatchableInModule>
       gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <BuildOptions>
+      !if $(FTPM_ENABLE)==TRUE
+        *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+      !endif
   }
 
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
     <BuildOptions>
     }
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
 
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
 !endif
  MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
 
+!if $(FTPM_ENABLE) == TRUE
+   SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+    <PcdsPatchableInModule>
+      gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <LibraryClasses>
+      DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+      NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+  }
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
 !endif
 !if $(TPM_ENABLED) == TRUE
       NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
 !endif
   }
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
       DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
       PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
       SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+    !if $(FTPM_ENABLE) == TRUE  
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+    !else
+      TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+    !endif  
   }
 
   $(PLATFORM_PACKAGE)/UiApp/UiApp.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
 
+!if $(SEC_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=1
+!else
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=0
+!endif
+  }
+  
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+  SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+  SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+    <LibraryClasses>
+      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+  }
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
   DEFINE X64_BUILD_ENABLE =
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  DEFINE DSC_FTPM_BUILD_OPTIONS = -DFTPM_ENABLE
+!else
+  DEFINE DSC_FTPM_BUILD_OPTIONS = 
+!endif
 !if $(TPM_ENABLED) == TRUE
   DEFINE DSC_TPM_BUILD_OPTIONS = -DTPM_ENABLED
 !else
 !endif
 
 
-  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
 !if $(PERFORMANCE_ENABLE) == TRUE
   DEFINE PDB_BUILD_OPTION = /Zi
 !endif
index 333b800..795c176 100644 (file)
@@ -77,6 +77,9 @@
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
 
+  DEFINE SEC_ENABLE = TRUE
+  DEFINE SEC_DEBUG_INFO_ENABLE = TRUE
+  DEFINE FTPM_ENABLE = TRUE
 
 ################################################################################
 #
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
   SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
   TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
   TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE  
+  TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif  
+  
+  
   Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
 !if $(MINNOW2_FSP_BUILD) == TRUE
   FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
  !if $(MINNOW2_FSP_BUILD) == TRUE
  PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
  !endif
-
-
+!if $(FTPM_ENABLE) == TRUE 
+  Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
 
 [LibraryClasses.IA32]
   #
   !if $(TPM_ENABLED) == TRUE
     gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
   !endif
+  !if $(FTPM_ENABLE) == TRUE
+    gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
+  !endif
 
   ## This PCD defines the video horizontal resolution.
   #  This PCD could be set to 0 then video resolution could be at highest resolution.
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
     <PcdsPatchableInModule>
       gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <BuildOptions>
+      !if $(FTPM_ENABLE)==TRUE
+        *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+      !endif
   }
 
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
     <BuildOptions>
     }
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
 
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
 !endif
  MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
 
+!if $(FTPM_ENABLE) == TRUE
+   SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+    <PcdsPatchableInModule>
+      gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <LibraryClasses>
+      DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+      NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+  }
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
 !endif
 !if $(TPM_ENABLED) == TRUE
       NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
 !endif
   }
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
       DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
       PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
       SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+    !if $(FTPM_ENABLE) == TRUE  
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+    !else
+      TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+    !endif  
   }
 
   $(PLATFORM_PACKAGE)/UiApp/UiApp.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
 
+!if $(SEC_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=1
+!else
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=0
+!endif
+  }
+  
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+  SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+  SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+    <LibraryClasses>
+      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+  }
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
   DEFINE X64_BUILD_ENABLE =
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
+!else
+  DEFINE DSC_FTPM_BUILD_OPTIONS = 
+!endif
 !if $(TPM_ENABLED) == TRUE
   DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
 !else
 !endif
 
 
-  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
 !if $(PERFORMANCE_ENABLE) == TRUE
   DEFINE PDB_BUILD_OPTION = /Zi
 !endif
index f49195b..44239d6 100644 (file)
 !endif
 
   DEFINE   PLATFORM_PCIEXPRESS_BASE   = 0E0000000
-
+  
+  DEFINE SEC_ENABLE = FALSE
+  DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+  DEFINE FTPM_ENABLE = FALSE
 
 ################################################################################
 #
   ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
   FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
   SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+  BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+  OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+  IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
   TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
   TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE  
+  TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif  
+  
+  
   Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
 !if $(MINNOW2_FSP_BUILD) == TRUE
   FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
  !if $(MINNOW2_FSP_BUILD) == TRUE
  PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
  !endif
-
-
+!if $(FTPM_ENABLE) == TRUE 
+  Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
 
 [LibraryClasses.X64]
   #
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
     <PcdsPatchableInModule>
       gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <BuildOptions>
+      !if $(FTPM_ENABLE)==TRUE
+        *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+      !endif
   }
 
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
 !if $(RC_BINARY_RELEASE) == TRUE
   $(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
     <BuildOptions>
     }
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
 
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
 !endif
  MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
 
+!if $(FTPM_ENABLE) == TRUE
+   SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+    <PcdsPatchableInModule>
+      gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+    <LibraryClasses>
+      DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+      NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+  }
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
 !endif
 !if $(TPM_ENABLED) == TRUE
       NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+      NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
 !endif
   }
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
       DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
       PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
       SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+    !if $(FTPM_ENABLE) == TRUE  
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+    !else
+      TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+    !endif  
   }
 
   $(PLATFORM_PACKAGE)/UiApp/UiApp.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
   $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
 
+!if $(SEC_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=1
+!else
+    <BuildOptions>
+      *_*_X64_CC_FLAGS      = /DSEC_DEBUG_INFO=0
+!endif
+  }
+  
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+  SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+  SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+    <LibraryClasses>
+      NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+      NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+      PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+      Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+  }
+  $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
 !if $(TPM_ENABLED) == TRUE
   SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
     <LibraryClasses>
   DEFINE X64_BUILD_ENABLE =
 !endif
 
+!if $(FTPM_ENABLE) == TRUE
+  DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
+!else
+  DEFINE DSC_FTPM_BUILD_OPTIONS = 
+!endif
 !if $(TPM_ENABLED) == TRUE
   DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
 !else
 !endif
 
 
-  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+  DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
 !if $(PERFORMANCE_ENABLE) == TRUE
   DEFINE PDB_BUILD_OPTION = /Zi
 !endif
index f4922ff..52470ed 100644 (file)
@@ -37,19 +37,32 @@ form formid = SECURITY_CONFIGURATION_FORM_ID,
   //TPM related\r
   //\r
   subtitle text = STRING_TOKEN(STR_TPM_CONFIGURATION_PROMPT);\r
+grayoutif ideqval Setup.ETpm== 0x1;\r
+  oneof   varid   = Setup.fTPM,\r
+    prompt      = STRING_TOKEN(STR_PTT_PROMPT),\r
+    help        = STRING_TOKEN(STR_PTT_HELP),\r
+      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;\r
+      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
+  endoneof;\r
+endif;\r
+\r
+grayoutif ideqval Setup.fTPM == 0x1;\r
   oneof   varid   = Setup.ETpm,\r
     prompt      = STRING_TOKEN(STR_TPM_PROMPT),\r
     help        = STRING_TOKEN(STR_TPM_HELP),\r
-      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
-      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags= RESET_REQUIRED;\r
+      option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;\r
+      option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
   endoneof;\r
+endif;\r
 \r
+suppressif ideqval Setup.fTPM == 0;\r
   oneof varid = Setup.MeasuredBootEnable,\r
     prompt      = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_PROMPT),\r
     help        = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_HELP),\r
     option text = STRING_TOKEN(STR_DISABLE), value = 0, flags = RESET_REQUIRED;\r
     option text = STRING_TOKEN(STR_ENABLE), value = 1, flags =  DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
   endoneof;\r
+endif;\r
 \r
   subtitle text = STRING_TOKEN(STR_NULL_STRING);\r
 \r