--- /dev/null
+/*++\r
+\r
+ Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ \r
+ This program and the accompanying materials are licensed and made available under\r
+ the terms and conditions of the BSD License that accompanies this distribution. \r
+ The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php. \r
+ \r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ \r
+--*/\r
+\r
+#ifndef _EFI_PTT_PASS_THRU_PPI_H\r
+#define _EFI_PTT_PASS_THRU_PPI_H\r
+\r
+#define PTT_PASS_THRU_PPI_GUID \\r
+ { \\r
+ 0xc5068bac, 0xa7dc, 0x42f1, 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b \\r
+ }\r
+// {C5068BAC-A7DC-42f1-AE80-CAA24BB4904B}\r
+//static const GUID <<name>> = \r
+//{ 0xc5068bac, 0xa7dc, 0x42f1, { 0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b } };\r
+\r
+\r
+\r
+//#define EFI_PTT_PROTOCOL_GUID HECI_PROTOCOL_GUID\r
+\r
+typedef struct _PTT_PASS_THRU_PPI PTT_PASS_THRU_PPI;\r
+\r
+/**\r
+ This service enables the sending of commands to the TPM2.\r
+\r
+ @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.\r
+ @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.\r
+ @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+ @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.\r
+\r
+ @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r
+ @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. \r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_SUBMIT_COMMAND) (\r
+ IN PTT_PASS_THRU_PPI *This,\r
+ IN UINT32 InputParameterBlockSize,\r
+ IN UINT8 *InputParameterBlock,\r
+ IN OUT UINT32 *OutputParameterBlockSize,\r
+ IN UINT8 *OutputParameterBlock\r
+ );\r
+\r
+/**\r
+ This service requests use TPM2.\r
+\r
+ @retval EFI_SUCCESS Get the control of TPM2 chip.\r
+ @retval EFI_NOT_FOUND TPM2 not found.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REQUEST_USE_TPM) (\r
+ IN PTT_PASS_THRU_PPI *This\r
+ );\r
+\r
+typedef struct {\r
+ EFI_GUID ProviderGuid;\r
+ TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;\r
+ TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;\r
+} PTT_TPM2_DEVICE_INTERFACE;\r
+\r
+\r
+/**\r
+ This service register TPM2 device.\r
+\r
+ @param Tpm2Device TPM2 device\r
+\r
+ @retval EFI_SUCCESS This TPM2 device is registered successfully.\r
+ @retval EFI_UNSUPPORTED System does not support register this TPM2 device.\r
+ @retval EFI_ALREADY_STARTED System already register this TPM2 device.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (\r
+ IN PTT_PASS_THRU_PPI *This,\r
+ IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device\r
+ );\r
+ \r
+typedef struct _PTT_PASS_THRU_PPI {\r
+ TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;\r
+ TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;\r
+ TPM2_REGISTER_TPM2_DEVICE_LIB Tpm2RegisterTpm2DeviceLib;\r
+} PTT_PASS_THRU_PPI;\r
+\r
+extern EFI_GUID gPttPassThruPpiGuid;\r
+\r
+#endif // _EFI_HECI_H\r
--- /dev/null
+/*++\r
+\r
+ Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ \r
+ This program and the accompanying materials are licensed and made available under\r
+ the terms and conditions of the BSD License that accompanies this distribution. \r
+ The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php. \r
+ \r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ \r
+--*/\r
+\r
+#ifndef _SEC_FTPM_POLICY_PPI_H_\r
+#define _SEC_FTPM_POLICY_PPI_H_\r
+\r
+#define SEC_FTPM_POLICY_PPI_GUID \\r
+ { \\r
+ 0x4fd1ba49, 0x8f90, 0x471a, 0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0 \\r
+ }\r
+\r
+extern EFI_GUID gSeCfTPMPolicyPpiGuid;\r
+\r
+//\r
+// PPI definition\r
+//\r
+typedef struct SEC_FTPM_POLICY_PPI {\r
+ BOOLEAN fTPMEnable;\r
+} SEC_FTPM_POLICY_PPI;\r
+\r
+#endif\r
--- /dev/null
+/*++\r
+\r
+ Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ \r
+ This program and the accompanying materials are licensed and made available under\r
+ the terms and conditions of the BSD License that accompanies this distribution. \r
+ The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php. \r
+ \r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ \r
+--*/\r
+\r
+#ifndef _EFI_PTT_PASS_THRU_H\r
+#define _EFI_PTT_PASS_THRU_H\r
+\r
+#define PTT_PASS_THRU_PROTOCOL_GUID \\r
+ { \\r
+ 0x73e2576, 0xf6c1, 0x4b91, 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 \\r
+ }\r
+// {073E2576-F6C1-4b91-92A9-D4675DDA34B1}\r
+//static const GUID <<name>> = \r
+//{ 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } };\r
+\r
+\r
+//#define EFI_PTT_PROTOCOL_GUID HECI_PROTOCOL_GUID\r
+\r
+typedef struct _PTT_PASS_THRU_PROTOCOL PTT_PASS_THRU_PROTOCOL;\r
+\r
+/**\r
+ This service enables the sending of commands to the TPM2.\r
+\r
+ @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.\r
+ @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.\r
+ @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+ @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.\r
+\r
+ @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r
+ @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. \r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_SUBMIT_COMMAND) (\r
+ IN PTT_PASS_THRU_PROTOCOL *This,\r
+ IN UINT32 InputParameterBlockSize,\r
+ IN UINT8 *InputParameterBlock,\r
+ IN OUT UINT32 *OutputParameterBlockSize,\r
+ IN UINT8 *OutputParameterBlock\r
+ );\r
+\r
+/**\r
+ This service requests use TPM2.\r
+\r
+ @retval EFI_SUCCESS Get the control of TPM2 chip.\r
+ @retval EFI_NOT_FOUND TPM2 not found.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REQUEST_USE_TPM) (\r
+ IN PTT_PASS_THRU_PROTOCOL *This\r
+ );\r
+\r
+typedef struct {\r
+ EFI_GUID ProviderGuid;\r
+ TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;\r
+ TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;\r
+} PTT_TPM2_DEVICE_INTERFACE;\r
+\r
+\r
+/**\r
+ This service register TPM2 device.\r
+\r
+ @param Tpm2Device TPM2 device\r
+\r
+ @retval EFI_SUCCESS This TPM2 device is registered successfully.\r
+ @retval EFI_UNSUPPORTED System does not support register this TPM2 device.\r
+ @retval EFI_ALREADY_STARTED System already register this TPM2 device.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *TPM2_REGISTER_TPM2_DEVICE_LIB) (\r
+ IN PTT_PASS_THRU_PROTOCOL *This,\r
+ IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device\r
+ );\r
+ \r
+typedef struct _PTT_PASS_THRU_PROTOCOL {\r
+ TPM2_SUBMIT_COMMAND Tpm2SubmitCommand;\r
+ TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm;\r
+ TPM2_REGISTER_TPM2_DEVICE_LIB Tpm2RegisterTpm2DeviceLib;\r
+} PTT_PASS_THRU_PROTOCOL;\r
+\r
+extern EFI_GUID gPttPassThruProtocolGuid;\r
+\r
+#endif // _EFI_HECI_H\r
## @file Vlv2DeviceRefCodePkg.dec\r
#\r
-# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved\r
+# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved\r
#\r
# This program and the accompanying materials are licensed and made available under\r
# the terms and conditions of the BSD License that accompanies this distribution.\r
gSeCfTPMPolicyPpiGuid = { 0x4fd1ba49, 0x8f90, 0x471a, {0xa2, 0xc9, 0x17, 0x3c, 0x7a, 0x73, 0x2f, 0xd0}}\r
gEfiPeiReadOnlyVariable2PpiGuid = { 0x2ab86ef5, 0xecb5, 0x4134, {0xb5, 0x56, 0x38, 0x54, 0xca, 0x1f, 0xe1, 0xb4}}\r
gPchPeiInitPpiGuid = { 0xACB93B08, 0x5CDC, 0x4A8F, {0x93, 0xD4, 0x6, 0xE3, 0x42, 0xDF, 0x18, 0x2E}}\r
-\r
+ gPttPassThruPpiGuid = { 0xc5068bac, 0xa7dc, 0x42f1, {0xae, 0x80, 0xca, 0xa2, 0x4b, 0xb4, 0x90, 0x4b}}\r
+ \r
[Protocols]\r
gEfiGlobalNvsAreaProtocolGuid = { 0x074e1e48, 0x8132, 0x47a1, {0x8c, 0x2c, 0x3f, 0x14, 0xad, 0x9a, 0x66, 0xdc}}\r
gPpmPlatformPolicyProtocolGuid = { 0xddabfeac, 0xef63, 0x452c, {0x8f, 0x39, 0xed, 0x7f, 0xae, 0xd8, 0x26, 0x5e}}\r
gEfiTdtOperationProtocolGuid = {0xfd301ba4, 0x5e62, 0x4679,{ 0xa0, 0x6f, 0xe0, 0x9a, 0xab, 0xdd, 0x2a, 0x91}}\r
gEfiConfigFileNameGuid = { 0x98B8D59B, 0xE8BA, 0x48EE, { 0x98, 0xDD, 0xC2, 0x95, 0x39, 0x2F, 0x1E, 0xDB }}\r
gEfiDFUResultGuid = { 0x14a7c46f, 0xbc02, 0x4047, { 0x9f, 0x18, 0xa5, 0xd7, 0x25, 0xd8, 0xbd, 0x19 }}\r
-\r
+ gPttPassThruProtocolGuid = { 0x73e2576, 0xf6c1, 0x4b91, { 0x92, 0xa9, 0xd4, 0x67, 0x5d, 0xda, 0x34, 0xb1 } }\r
+ \r
[Guids]\r
gEfiCPTokenSpaceGuid = { 0x918211ce, 0xa1d2, 0x43a0, {0xa0, 0x4e, 0x75, 0xb5, 0xbf, 0x44, 0x50, 0x0E}}\r
gEfiSmbusArpMapGuid = { 0x707BE83E, 0x0BF6, 0x40A5, {0xBE, 0x64, 0x34, 0xC0, 0x3A, 0xA0, 0xB8, 0xE2}}\r
BUILD_TYPE = D\r
\r
BOARD_ID = BLAKCRB\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
VERSION_MINOR = 01\r
BUILD_TYPE = R\r
\r
BOARD_ID = BLAKCRB\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
VERSION_MINOR = 01\r
OEM_ID = X64\r
BUILD_TYPE = D\r
\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
VERSION_MINOR = 01\r
BOARD_ID = BBAYCRB \r
OEM_ID = X64\r
BUILD_TYPE = R\r
\r
-VERSION_MAJOR = 0079\r
+VERSION_MAJOR = 0080\r
VERSION_MINOR = 01\r
BOARD_ID = BBAYCRB \r
/*++
- Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
UINT8 GfxBoost;
UINT8 IgdThermal;
UINT8 SEC00;
- UINT8 SEC01;
+ UINT8 fTPM;
UINT8 SEC02;
UINT8 SEC03;
UINT8 MeasuredBootEnable;
--- /dev/null
+/** @file\r
+ Execute pending TPM2 requests from OS or BIOS.\r
+\r
+ Caution: This module requires additional review when modified.\r
+ This driver will have external input - variable.\r
+ This external input must be validated carefully to avoid security issue.\r
+\r
+ TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.\r
+\r
+Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials \r
+are licensed and made available under the terms and conditions of the BSD License \r
+which accompanies this distribution. The full text of the license may be found at \r
+http://opensource.org/licenses/bsd-license.php\r
+\r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+\r
+**/\r
+\r
+#include <PiDxe.h>\r
+\r
+#include <Protocol/TrEEProtocol.h>\r
+#include <Protocol/VariableLock.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/UefiRuntimeServicesTableLib.h>\r
+#include <Library/UefiDriverEntryPoint.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+#include <Library/UefiLib.h>\r
+#include <Library/MemoryAllocationLib.h>\r
+#include <Library/PrintLib.h>\r
+#include <Library/HiiLib.h>\r
+#include <Guid/EventGroup.h>\r
+#include <Guid/TrEEPhysicalPresenceData.h>\r
+#include <Library/Tpm2CommandLib.h>\r
+#include <Library/TrEEPpVendorLib.h>\r
+\r
+\r
+/**\r
+ Get string by string id from HII Interface.\r
+\r
+ @param[in] Id String ID.\r
+\r
+ @retval CHAR16 * String from ID.\r
+ @retval NULL If error occurs.\r
+\r
+**/\r
+CHAR16 *\r
+TrEEPhysicalPresenceGetStringById (\r
+ IN EFI_STRING_ID Id\r
+ )\r
+{\r
+ return NULL;\r
+}\r
+\r
+/**\r
+ Send ClearControl and Clear command to TPM.\r
+\r
+ @param[in] PlatformAuth platform auth value. NULL means no platform auth change.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully.\r
+ @retval EFI_TIMEOUT The register can't run into the expected status in time.\r
+ @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TpmCommandClear (\r
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL\r
+ )\r
+{\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Execute physical presence operation requested by the OS.\r
+\r
+ @param[in] PlatformAuth platform auth value. NULL means no platform auth change.\r
+ @param[in] CommandCode Physical presence operation value.\r
+ @param[in, out] PpiFlags The physical presence interface flags.\r
+ \r
+ @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.\r
+ @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or \r
+ receiving response from TPM.\r
+ @retval Others Return code from the TPM device after command execution.\r
+**/\r
+UINT32\r
+TrEEExecutePhysicalPresence (\r
+ IN TPM2B_AUTH *PlatformAuth, OPTIONAL\r
+ IN UINT32 CommandCode,\r
+ IN OUT EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags\r
+ )\r
+{\r
+ return 0;\r
+}\r
+\r
+\r
+/**\r
+ Read the specified key for user confirmation.\r
+\r
+ @param[in] CautionKey If true, F12 is used as confirm key;\r
+ If false, F10 is used as confirm key.\r
+\r
+ @retval TRUE User confirmed the changes by input.\r
+ @retval FALSE User discarded the changes.\r
+**/\r
+BOOLEAN\r
+TrEEReadUserKey (\r
+ IN BOOLEAN CautionKey\r
+ )\r
+{\r
+ return FALSE;\r
+}\r
+\r
+/**\r
+ The constructor function register UNI strings into imageHandle.\r
+ \r
+ It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r
+\r
+ @param ImageHandle The firmware allocated handle for the EFI image.\r
+ @param SystemTable A pointer to the EFI System Table.\r
+ \r
+ @retval EFI_SUCCESS The constructor successfully added string package.\r
+ @retval Other value The constructor can't add string package.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TrEEPhysicalPresenceLibConstructor (\r
+ IN EFI_HANDLE ImageHandle,\r
+ IN EFI_SYSTEM_TABLE *SystemTable\r
+ )\r
+{\r
+ return EFI_SUCCESS;\r
+}\r
+\r
+/**\r
+ Display the confirm text and get user confirmation.\r
+\r
+ @param[in] TpmPpCommand The requested TPM physical presence command.\r
+\r
+ @retval TRUE The user has confirmed the changes.\r
+ @retval FALSE The user doesn't confirm the changes.\r
+**/\r
+BOOLEAN\r
+TrEEUserConfirm (\r
+ IN UINT32 TpmPpCommand\r
+ )\r
+{\r
+ return FALSE; \r
+}\r
+\r
+/**\r
+ Check if there is a valid physical presence command request. Also updates parameter value \r
+ to whether the requested physical presence command already confirmed by user\r
+ \r
+ @param[in] TcgPpData EFI TrEE Physical Presence request data. \r
+ @param[in] Flags The physical presence interface flags.\r
+ @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.\r
+ True, it indicates the command doesn't require user confirm, or already confirmed \r
+ in last boot cycle by user.\r
+ False, it indicates the command need user confirm from UI.\r
+\r
+ @retval TRUE Physical Presence operation command is valid.\r
+ @retval FALSE Physical Presence operation command is invalid.\r
+\r
+**/\r
+BOOLEAN\r
+TrEEHaveValidTpmRequest (\r
+ IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,\r
+ IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags,\r
+ OUT BOOLEAN *RequestConfirmed\r
+ )\r
+{\r
+ return TRUE;\r
+}\r
+\r
+\r
+/**\r
+ Check and execute the requested physical presence command.\r
+\r
+ Caution: This function may receive untrusted input.\r
+ TcgPpData variable is external input, so this function will validate\r
+ its data structure to be valid value.\r
+\r
+ @param[in] PlatformAuth platform auth value. NULL means no platform auth change.\r
+ @param[in] TcgPpData Point to the physical presence NV variable.\r
+ @param[in] Flags The physical presence interface flags.\r
+**/\r
+VOID\r
+TrEEExecutePendingTpmRequest (\r
+ IN TPM2B_AUTH *PlatformAuth, OPTIONAL\r
+ IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,\r
+ IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags\r
+ )\r
+{\r
+ return;\r
+}\r
+\r
+/**\r
+ Check and execute the pending TPM request.\r
+\r
+ The TPM request may come from OS or BIOS. This API will display request information and wait \r
+ for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r
+ the TPM request is confirmed, and one or more reset may be required to make TPM request to \r
+ take effect.\r
+ \r
+ This API should be invoked after console in and console out are all ready as they are required\r
+ to display request information and get user input to confirm the request. \r
+\r
+ @param[in] PlatformAuth platform auth value. NULL means no platform auth change.\r
+**/\r
+VOID\r
+EFIAPI\r
+TrEEPhysicalPresenceLibProcessRequest (\r
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL\r
+ )\r
+{\r
+ return;\r
+}\r
+\r
+/**\r
+ Check if the pending TPM request needs user input to confirm.\r
+\r
+ The TPM request may come from OS. This API will check if TPM request exists and need user\r
+ input to confirmation.\r
+ \r
+ @retval TRUE TPM needs input to confirm user physical presence.\r
+ @retval FALSE TPM doesn't need input to confirm user physical presence.\r
+\r
+**/\r
+BOOLEAN\r
+EFIAPI\r
+TrEEPhysicalPresenceLibNeedUserConfirm(\r
+ VOID\r
+ )\r
+{\r
+\r
+ return FALSE;\r
+}\r
+\r
--- /dev/null
+## @file\r
+# Null instance of DxeTrEEPhysicalPresenceLib\r
+#\r
+# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.<BR>\r
+# \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution. \r
+# The full text of the license may be found at \r
+# http://opensource.org/licenses/bsd-license.php. \r
+# \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+#\r
+#\r
+#\r
+\r
+[Defines]\r
+ INF_VERSION = 0x00010005\r
+ BASE_NAME = DxeTrEEPhysicalPresenceLib\r
+ FILE_GUID = B41B3DB3-ACC5-4fcd-9992-891F3F9C0DA5\r
+ MODULE_TYPE = DXE_DRIVER\r
+ VERSION_STRING = 1.0\r
+ LIBRARY_CLASS = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER \r
+ \r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources]\r
+ DxeTrEEPhysicalPresenceLibNull.c\r
+\r
+[Packages]\r
+ MdePkg/MdePkg.dec\r
+ MdeModulePkg/MdeModulePkg.dec\r
+ SecurityPkg/SecurityPkg.dec\r
+\r
+[LibraryClasses]\r
+\r
+\r
+[Protocols]\r
+\r
+\r
+[Guids]\r
+\r
/** @file\r
\r
- Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR>\r
\r\r
This program and the accompanying materials are licensed and made available under\r\r
the terms and conditions of the BSD License that accompanies this distribution. \r\r
}\r
\r
\r
-#ifdef TPM_ENABLED\r
- TcgPhysicalPresenceLibProcessRequest();\r
-#endif\r
-\r
+ #ifdef TPM_ENABLED\r
+ TcgPhysicalPresenceLibProcessRequest();\r
+ #endif\r
+ #ifdef FTPM_ENABLE\r
+ TrEEPhysicalPresenceLibProcessRequest(NULL);\r
+ #endif\r
//\r
// Close boot script and install ready to lock\r
//\r
PlatformBdsConnectSequence ();\r
}\r
}\r
-#ifdef TPM_ENABLED\r
+ #ifdef TPM_ENABLED\r
TcgPhysicalPresenceLibProcessRequest();\r
-#endif\r
-\r
+ #endif\r
+ #ifdef FTPM_ENABLE\r
+ TrEEPhysicalPresenceLibProcessRequest(NULL);\r
+ #endif\r
//\r
// Close boot script and install ready to lock\r
//\r
PrintLib\r
BaseCryptLib\r
# TcgPhysicalPresenceLib\r
-# TrEEPhysicalPresenceLib\r
+ TrEEPhysicalPresenceLib \r
FileHandleLib\r
S3BootScriptLib\r
SerialPortLib\r
--- /dev/null
+/*++\r
+\r
+Copyright (c) 1999 - 2015, Intel Corporation. All rights reserved\r
+ \r
+ This program and the accompanying materials are licensed and made available under\r
+ the terms and conditions of the BSD License that accompanies this distribution. \r
+ The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php. \r
+ \r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ \r
+--*/\r
+\r
+#include <Uefi.h>\r
+#include <Protocol/PttPassThru.h>\r
+#include <Library/PcdLib.h>\r
+#include <Library/UefiBootServicesTableLib.h>\r
+//#include <Library/Tpm2DeviceLib.h>\r
+\r
+\r
+PTT_PASS_THRU_PROTOCOL *mPttPassThruProtocol;\r
+\r
+\r
+/**\r
+ The constructor function caches the pointer to PEI services.\r
+\r
+ The constructor function caches the pointer to PEI services.\r
+ It will always return EFI_SUCCESS.\r
+\r
+ @param FfsHeader Pointer to FFS header the loaded driver.\r
+ @param PeiServices Pointer to the PEI services.\r
+\r
+ @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.\r
+\r
+**/\r
+\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2DeviceLibConstructor (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status = EFI_SUCCESS;\r
+ \r
+ Status = gBS->LocateProtocol (&gPttPassThruProtocolGuid, NULL, (VOID **) &mPttPassThruProtocol);\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service enables the sending of commands to the TPM2.\r
+\r
+ @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.\r
+ @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.\r
+ @param[in] OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+ @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.\r
+\r
+ @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r
+ @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2SubmitCommand (\r
+ IN UINT32 InputParameterBlockSize,\r
+ IN UINT8 *InputParameterBlock,\r
+ IN OUT UINT32 *OutputParameterBlockSize,\r
+ IN UINT8 *OutputParameterBlock\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ \r
+ Status = mPttPassThruProtocol->Tpm2SubmitCommand (\r
+ mPttPassThruProtocol,\r
+ InputParameterBlockSize,\r
+ InputParameterBlock,\r
+ OutputParameterBlockSize,\r
+ OutputParameterBlock\r
+ );\r
+\r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service requests use TPM2.\r
+\r
+ @retval EFI_SUCCESS Get the control of TPM2 chip.\r
+ @retval EFI_NOT_FOUND TPM2 not found.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RequestUseTpm (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ \r
+ Status = mPttPassThruProtocol->Tpm2RequestUseTpm (mPttPassThruProtocol);\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service register TPM2 device.\r
+\r
+ @Param Tpm2Device TPM2 device\r
+\r
+ @retval EFI_SUCCESS This TPM2 device is registered successfully.\r
+ @retval EFI_UNSUPPORTED System does not support register this TPM2 device.\r
+ @retval EFI_ALREADY_STARTED System already register this TPM2 device.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RegisterTpm2DeviceLib (\r
+ IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device\r
+ )\r
+{\r
+ return EFI_UNSUPPORTED;\r
+}\r
+\r
+\r
--- /dev/null
+#/** @file\r
+# \r
+#\r
+# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>\r
+# \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution. \r
+# The full text of the license may be found at \r
+# http://opensource.org/licenses/bsd-license.php. \r
+# \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+# \r
+#\r
+#\r
+#\r
+#**/\r
+\r
+\r
+[Defines]\r
+ INF_VERSION = 0x00010005\r
+ BASE_NAME = Tpm2DeviceLibSeC\r
+ FILE_GUID = 294B196A-A3CC-4a43-857F-EEC26147857B\r
+ MODULE_TYPE = BASE\r
+ VERSION_STRING = 1.0\r
+ LIBRARY_CLASS = Tpm2DeviceLib | DXE_DRIVER DXE_SMM_DRIVER\r
+ CONSTRUCTOR = Tpm2DeviceLibConstructor\r
+\r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources.common]\r
+ Tpm2DeviceLibSeC.c\r
+\r
+[Packages]\r
+ MdePkg/MdePkg.dec\r
+ MdeModulePkg/MdeModulePkg.dec\r
+ Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec\r
+ SecurityPkg/SecurityPkg.dec\r
+ Vlv2TbltDevicePkg/PlatformPkg.dec\r
+\r
+[LibraryClasses]\r
+ BaseLib\r
+ PcdLib\r
+ UefiBootServicesTableLib\r
+\r
+ \r
+[Guids]\r
+ gEfiVLVTokenSpaceGuid\r
+ \r
+[Pcd]\r
+ gEfiVLVTokenSpaceGuid.PcdMeasuredBootEnable\r
+ gEfiVLVTokenSpaceGuid.PcdFTPMErrorOccur\r
+ gEfiVLVTokenSpaceGuid.PcdFTPMCommand\r
+ gEfiVLVTokenSpaceGuid.PcdFTPMResponse\r
+ gEfiVLVTokenSpaceGuid.PcdFTPMNotRespond\r
+ gEfiVLVTokenSpaceGuid.PcdFTPMStatus\r
+ \r
+[Protocols]\r
+ gPttPassThruProtocolGuid\r
+ \r
+[Depex]\r
+ gPttPassThruProtocolGuid\r
+\r
--- /dev/null
+/*++\r
+\r
+Copyright (c) 1999 - 2015, Intel Corporation. All rights reserved\r
+ \r
+ This program and the accompanying materials are licensed and made available under\r
+ the terms and conditions of the BSD License that accompanies this distribution. \r
+ The full text of the license may be found at \r
+ http://opensource.org/licenses/bsd-license.php. \r
+ \r
+ THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+ \r
+\r
+--*/\r
+\r
+#include <Uefi.h>\r
+#include <PiPei.h>\r
+#include <Ppi/PttPassThruPpi.h>\r
+#include <Library/BaseLib.h>\r
+#include <Library/BaseMemoryLib.h>\r
+#include <Library/IoLib.h>\r
+#include <Library/DebugLib.h>\r
+#include <Library/PeiServicesLib.h>\r
+#include <Library/PcdLib.h>\r
+\r
+\r
+\r
+\r
+\r
+\r
+PTT_PASS_THRU_PPI *SecPttPassThruPpi = NULL;\r
+\r
+/**\r
+ The constructor function caches the pointer to PEI services.\r
+\r
+ The constructor function caches the pointer to PEI services.\r
+ It will always return EFI_SUCCESS.\r
+\r
+ @param FfsHeader Pointer to FFS header the loaded driver.\r
+ @param PeiServices Pointer to the PEI services.\r
+\r
+ @retval EFI_SUCCESS The constructor always returns EFI_SUCCESS.\r
+\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2DeviceLibConstructor (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status = EFI_SUCCESS;\r
+ \r
+ Status = PeiServicesLocatePpi (&gPttPassThruPpiGuid, 0, NULL, (VOID **) &SecPttPassThruPpi);\r
+ if (EFI_ERROR (Status)) {\r
+ // Locate the PPI failed\r
+ SecPttPassThruPpi = NULL;\r
+ }\r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service enables the sending of commands to the TPM2.\r
+\r
+ @param[in] InputParameterBlockSize Size of the TPM2 input parameter block.\r
+ @param[in] InputParameterBlock Pointer to the TPM2 input parameter block.\r
+ @param[in] OutputParameterBlockSize Size of the TPM2 output parameter block.\r
+ @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.\r
+\r
+ @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r
+ @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r
+ @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2SubmitCommand (\r
+ IN UINT32 InputParameterBlockSize,\r
+ IN UINT8 *InputParameterBlock,\r
+ IN OUT UINT32 *OutputParameterBlockSize,\r
+ IN UINT8 *OutputParameterBlock\r
+ )\r
+{\r
+ EFI_STATUS Status = EFI_SUCCESS;\r
+\r
+ if(NULL == InputParameterBlock || NULL == OutputParameterBlock || 0 == InputParameterBlockSize) {\r
+ DEBUG ((EFI_D_ERROR, "Buffer == NULL or InputParameterBlockSize == 0\n"));\r
+ Status = EFI_INVALID_PARAMETER;\r
+ return Status;\r
+ }\r
+\r
+ if (NULL == SecPttPassThruPpi) {\r
+ // Don't locate PPI by calling Tpm2DeviceLibConstructor() function??\r
+ Status = EFI_DEVICE_ERROR;\r
+ return Status;\r
+ }\r
+\r
+ Status = SecPttPassThruPpi->Tpm2SubmitCommand (\r
+ SecPttPassThruPpi, \r
+ InputParameterBlockSize, \r
+ InputParameterBlock, \r
+ OutputParameterBlockSize, \r
+ OutputParameterBlock\r
+ );\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service requests use TPM2.\r
+\r
+ @retval EFI_SUCCESS Get the control of TPM2 chip.\r
+ @retval EFI_NOT_FOUND TPM2 not found.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RequestUseTpm (\r
+ VOID\r
+ )\r
+{\r
+ EFI_STATUS Status = EFI_SUCCESS;\r
+\r
+ if (NULL == SecPttPassThruPpi) {\r
+ // Don't locate PPI by calling Tpm2DeviceLibConstructor() function??\r
+ Status = EFI_DEVICE_ERROR;\r
+ return Status;\r
+ }\r
+\r
+ Status = SecPttPassThruPpi->Tpm2RequestUseTpm (SecPttPassThruPpi);\r
+ \r
+ return Status;\r
+}\r
+\r
+/**\r
+ This service register TPM2 device.\r
+\r
+ @Param Tpm2Device TPM2 device\r
+\r
+ @retval EFI_SUCCESS This TPM2 device is registered successfully.\r
+ @retval EFI_UNSUPPORTED System does not support register this TPM2 device.\r
+ @retval EFI_ALREADY_STARTED System already register this TPM2 device.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2RegisterTpm2DeviceLib (\r
+ IN PTT_TPM2_DEVICE_INTERFACE *Tpm2Device\r
+ )\r
+{\r
+ return EFI_UNSUPPORTED;\r
+}\r
+\r
+\r
--- /dev/null
+#/** @file\r
+# \r
+#\r
+# Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>\r
+# \r
+# This program and the accompanying materials are licensed and made available under\r
+# the terms and conditions of the BSD License that accompanies this distribution. \r
+# The full text of the license may be found at \r
+# http://opensource.org/licenses/bsd-license.php. \r
+# \r
+# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. \r
+# \r
+#\r
+#\r
+#\r
+#**/\r
+\r
+\r
+[Defines]\r
+ INF_VERSION = 0x00010005\r
+ BASE_NAME = Tpm2DeviceLibSeC\r
+ FILE_GUID = 1EEA2BFE-01CB-40cc-A34E-CB224C800AA2\r
+ MODULE_TYPE = BASE\r
+ VERSION_STRING = 1.0\r
+ LIBRARY_CLASS = Tpm2DeviceLib | PEI_DRIVER PEIM\r
+ CONSTRUCTOR = Tpm2DeviceLibConstructor\r
+\r
+#\r
+# The following information is for reference only and not required by the build tools.\r
+#\r
+# VALID_ARCHITECTURES = IA32 X64 IPF EBC\r
+#\r
+\r
+[Sources.common]\r
+ Tpm2DeviceLibSeC.c\r
+\r
+[Packages]\r
+ MdePkg/MdePkg.dec\r
+ MdeModulePkg/MdeModulePkg.dec\r
+ Vlv2DeviceRefCodePkg/Vlv2DeviceRefCodePkg.dec\r
+ SecurityPkg/SecurityPkg.dec\r
+ Vlv2TbltDevicePkg/PlatformPkg.dec\r
+\r
+[LibraryClasses]\r
+ BaseLib\r
+ BaseMemoryLib\r
+ MemoryAllocationLib\r
+ DebugLib\r
+ IoLib\r
+ PciLib\r
+ TimerLib\r
+ PcdLib\r
+ PeiServicesLib\r
+ PeimEntryPoint\r
+\r
+ \r
+[Guids]\r
+\r
+[Ppis]\r
+ gPttPassThruPpiGuid\r
+ \r
+[Depex]\r
+ gPttPassThruPpiGuid\r
+ \r
+\r
#include <Ppi/MfgMemoryTest.h>\r
#include <Guid/SetupVariable.h>\r
#include <Guid/Vlv2Variable.h>\r
+#include <Ppi/fTPMPolicy.h>\r
\r
//\r
// Start::Alpine Valley platform\r
UINT8 *Buffer\r
);\r
\r
+\r
+EFI_STATUS\r
+FtpmPolicyInit (\r
+ IN CONST EFI_PEI_SERVICES **PeiServices,\r
+ IN SYSTEM_CONFIGURATION *pSystemConfiguration\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ EFI_PEI_PPI_DESCRIPTOR *mFtpmPolicyPpiDesc;\r
+ SEC_FTPM_POLICY_PPI *mFtpmPolicyPpi;\r
+\r
+\r
+ DEBUG((EFI_D_INFO, "FtpmPolicyInit Entry \n"));\r
+\r
+ if (NULL == PeiServices || NULL == pSystemConfiguration) {\r
+ DEBUG((EFI_D_ERROR, "Input error. \n"));\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+ \r
+ Status = (*PeiServices)->AllocatePool(\r
+ PeiServices,\r
+ sizeof (EFI_PEI_PPI_DESCRIPTOR),\r
+ (void **)&mFtpmPolicyPpiDesc\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ Status = (*PeiServices)->AllocatePool(\r
+ PeiServices,\r
+ sizeof (SEC_FTPM_POLICY_PPI),\r
+ (void **)&mFtpmPolicyPpi\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ //\r
+ // Initialize PPI\r
+ //\r
+ (*PeiServices)->SetMem ((VOID *)mFtpmPolicyPpi, sizeof (SEC_FTPM_POLICY_PPI), 0);\r
+ mFtpmPolicyPpiDesc->Flags = EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST;\r
+ mFtpmPolicyPpiDesc->Guid = &gSeCfTPMPolicyPpiGuid;\r
+ mFtpmPolicyPpiDesc->Ppi = mFtpmPolicyPpi;\r
+\r
+\r
+ DEBUG((EFI_D_INFO, "pSystemConfiguration->fTPM = 0x%x \n", pSystemConfiguration->fTPM)); \r
+ if(pSystemConfiguration->fTPM == 1) {\r
+ mFtpmPolicyPpi->fTPMEnable = TRUE;\r
+ } else {\r
+ mFtpmPolicyPpi->fTPMEnable = FALSE;\r
+ }\r
+\r
+ Status = (*PeiServices)->InstallPpi(\r
+ PeiServices,\r
+ mFtpmPolicyPpiDesc\r
+ );\r
+ ASSERT_EFI_ERROR (Status);\r
+\r
+ DEBUG((EFI_D_INFO, "FtpmPolicyInit done \n"));\r
+ \r
+ return EFI_SUCCESS;\r
+}\r
+\r
+\r
/**\r
This routine attempts to acquire the SMBus\r
\r
);\r
\r
\r
+#ifdef FTPM_ENABLE\r
+ Status = FtpmPolicyInit(PeiServices, &SystemConfiguration);\r
+ if (EFI_ERROR (Status)) {\r
+ DEBUG((EFI_D_ERROR, "fTPM init failed.\n"));\r
+ }\r
+#endif\r
+\r
+\r
//\r
// Set the new boot mode for MRC\r
//\r
gPeiMfgMemoryTestPpiGuid\r
gPeiSha256HashPpiGuid\r
gVlvMmioPolicyPpiGuid\r
+ gSeCfTPMPolicyPpiGuid\r
\r
[Guids]\r
gEfiSetupVariableGuid\r
#/** @file
# FDF file of Platform.
#
-# Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
+!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
!if $(ACPI50_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
!if $(SOURCE_DEBUG_ENABLE) == TRUE
INF SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
!endif
INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
!endif
+!if $(MINNOW2_FSP_BUILD) == FALSE
+ !if $(SEC_ENABLE) == TRUE
+ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
+ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+ !endif
+!endif
!if $(TPM_ENABLED) == TRUE
INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
#
# EDK II Related Platform codes
FILE SMM = $(NAMED_GUID) {
SMM_DEPEX SMM_DEPEX |.depex
PE32 PE32 |.efi
+ RAW BIN Optional |.aml
UI STRING="$(MODULE_NAME)" Optional
VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
}
#/** @file\r
# platform configuration file.\r
#\r
-# Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>\r
+# Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>\r
# \r\r
# This program and the accompanying materials are licensed and made available under\r\r
# the terms and conditions of the BSD License that accompanies this distribution. \r\r
#\r
DEFINE USE_HPET_TIMER = FALSE\r
\r
+\r
#\r
# Feature selection\r
#\r
#/** @file
# FDF file of Platform.
#
-# Copyright (c) 2008 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2008 - 2015, Intel Corporation. All rights reserved.<BR>
#
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License that accompanies this distribution.
INF SecurityPkg/Tcg/TcgPei/TcgPei.inf
INF SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF SecurityPkg/Tcg/TrEEPei/TrEEPei.inf #use PCD config
+!endif
INF MdeModulePkg/Core/DxeIplPeim/DxeIpl.inf
!if $(ACPI50_ENABLE) == TRUE
INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
!if $(SOURCE_DEBUG_ENABLE) == TRUE
INF SourceLevelDebugPkg/DebugAgentPei/DebugAgentPei.inf
!endif
INF IntelFrameworkModulePkg/Universal/LegacyRegionDxe/LegacyRegionDxe.inf
INF Vlv2TbltDevicePkg/VlvPlatformInitDxe/VlvPlatformInitDxe.inf
!endif
+!if $(MINNOW2_FSP_BUILD) == FALSE
+ !if $(SEC_ENABLE) == TRUE
+ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf
+ INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+ !endif
+!endif
!if $(TPM_ENABLED) == TRUE
INF SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
INF SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
INF RuleOverride = DRIVER_ACPITABLE SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+INF SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+INF SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf
+INF RuleOverride = BINARY $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
#
# EDK II Related Platform codes
FILE SMM = $(NAMED_GUID) {
SMM_DEPEX SMM_DEPEX |.depex
PE32 PE32 |.efi
+ RAW BIN Optional |.aml
UI STRING="$(MODULE_NAME)" Optional
VERSION STRING="$(INF_VERSION)" Optional BUILD_NUM=$(BUILD_NUMBER)
}
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
+ DEFINE SEC_ENABLE = FALSE
+ DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+ DEFINE FTPM_ENABLE = FALSE
################################################################################
#
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE
+ TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif
+
+
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
-
-
+!if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
[LibraryClasses.X64]
#
[PcdsFixedAtBuild.common]
!if $(MINNOW2_FSP_BUILD) == TRUE
-# $(FLASH_REGION_VLVMICROCODE_BASE)
+# $(FLASH_REGION_VLVMICROCODE_BASE)
gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchAddress|0xFFD00000
# $(FLASH_REGION_VLVMICROCODE_SIZE)
gFspWrapperTokenSpaceGuid.PcdCpuMicrocodePatchRegionSize|0x00030000
gFspWrapperTokenSpaceGuid.PcdFlashCodeCacheSize|0x00800000
# $(FLASH_REGION_FSPBIN_BASE)
gFspWrapperTokenSpaceGuid.PcdFlashFvFspBase|0xFFDB0000
-
!endif
!if $(PERFORMANCE_ENABLE) == TRUE
!if $(TPM_ENABLED) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
+ !if $(FTPM_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
+ !endif
## This PCD defines the video horizontal resolution.
# This PCD could be set to 0 then video resolution could be at highest resolution.
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <BuildOptions>
+ !if $(FTPM_ENABLE)==TRUE
+ *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+ !endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
}
!endif
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
+!if $(FTPM_ENABLE) == TRUE
+ SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+ <PcdsPatchableInModule>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <LibraryClasses>
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+ NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+ }
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+ !if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ !else
+ TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+ !endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
+!if $(SEC_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
+!else
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
+!endif
+ }
+
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+ SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+ SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+ <LibraryClasses>
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ }
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
DEFINE X64_BUILD_ENABLE =
!endif
+!if $(FTPM_ENABLE) == TRUE
+ DEFINE DSC_FTPM_BUILD_OPTIONS = -DFTPM_ENABLE
+!else
+ DEFINE DSC_FTPM_BUILD_OPTIONS =
+!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = -DTPM_ENABLED
!else
!endif
- DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+ DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
+ DEFINE SEC_ENABLE = TRUE
+ DEFINE SEC_DEBUG_INFO_ENABLE = TRUE
+ DEFINE FTPM_ENABLE = TRUE
################################################################################
#
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE
+ TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif
+
+
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
-
-
+!if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
[LibraryClasses.IA32]
#
!if $(TPM_ENABLED) == TRUE
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
!endif
+ !if $(FTPM_ENABLE) == TRUE
+ gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x7b, 0x3a, 0xcd, 0x72, 0xA5, 0xFE, 0x5e, 0x4f, 0x91, 0x65, 0x4d, 0xd1, 0x21, 0x87, 0xbb, 0x13}
+ !endif
## This PCD defines the video horizontal resolution.
# This PCD could be set to 0 then video resolution could be at highest resolution.
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <BuildOptions>
+ !if $(FTPM_ENABLE)==TRUE
+ *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+ !endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
}
!endif
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
+!if $(FTPM_ENABLE) == TRUE
+ SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+ <PcdsPatchableInModule>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <LibraryClasses>
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+ NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+ }
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+ !if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ !else
+ TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+ !endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
+!if $(SEC_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
+!else
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
+!endif
+ }
+
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+ SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+ SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+ <LibraryClasses>
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ }
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
DEFINE X64_BUILD_ENABLE =
!endif
+!if $(FTPM_ENABLE) == TRUE
+ DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
+!else
+ DEFINE DSC_FTPM_BUILD_OPTIONS =
+!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
!else
!endif
- DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+ DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif
!endif
DEFINE PLATFORM_PCIEXPRESS_BASE = 0E0000000
-
+
+ DEFINE SEC_ENABLE = FALSE
+ DEFINE SEC_DEBUG_INFO_ENABLE = FALSE
+ DEFINE FTPM_ENABLE = FALSE
################################################################################
#
ShellLib|ShellPkg/Library/UefiShellLib/UefiShellLib.inf
FileHandleLib|MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.inf
SortLib|MdeModulePkg/Library/UefiSortLib/UefiSortLib.inf
-
+!if $(FTPM_ENABLE) == TRUE
+ BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
+ OpensslLib|CryptoPkg/Library/OpensslLib/OpensslLib.inf
+ IntrinsicLib|CryptoPkg/Library/IntrinsicLib/IntrinsicLib.inf
+!endif
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
+!if $(FTPM_ENABLE) == TRUE
+ TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
+!endif
+
+
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
FspApiLib|IntelFspWrapperPkg/Library/BaseFspApiLib/BaseFspApiLib.inf
!if $(MINNOW2_FSP_BUILD) == TRUE
PlatformFspLib|Vlv2TbltDevicePkg/Library/PlatformFspLib/PlatformFspLib.inf
!endif
-
-
+!if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCPei/Tpm2DeviceLibSeC.inf
+!endif
[LibraryClasses.X64]
#
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/MemoryInit.inf {
<PcdsPatchableInModule>
gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <BuildOptions>
+ !if $(FTPM_ENABLE)==TRUE
+ *_*_IA32_CC_FLAGS = /D FTPM_ENABLE
+ !endif
}
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/SeCUma.inf
!endif
+!if $(FTPM_ENABLE) == TRUE
+$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/fTPMInitPeim.inf
+!endif
+
!if $(RC_BINARY_RELEASE) == TRUE
$(PLATFORM_PACKAGE)/PlatformPei/PlatformPei.inf {
<BuildOptions>
}
!endif
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/IA32/Tpm2DeviceSeCPei.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
!endif
MdeModulePkg/Universal/FaultTolerantWritePei/FaultTolerantWritePei.inf
+!if $(FTPM_ENABLE) == TRUE
+ SecurityPkg/Tcg/TrEEPei/TrEEPei.inf {
+ <PcdsPatchableInModule>
+ gEfiMdePkgTokenSpaceGuid.PcdDebugPrintErrorLevel|0x80000046
+ <LibraryClasses>
+ DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
+ NULL|SecurityPkg/Library\HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library/PeiPcdLib/PeiPcdLib.inf
+ }
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
!endif
!if $(TPM_ENABLED) == TRUE
NULL|SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.inf
+!endif
+!if $(FTPM_ENABLE) == TRUE
+ NULL|SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
!endif
}
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/MpCpu.inf
DebugLib|MdePkg/Library/BaseDebugLibSerialPort/BaseDebugLibSerialPort.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
SerialPortLib|$(PLATFORM_PACKAGE)/Library/SerialPortLib/SerialPortLib.inf
+ !if $(FTPM_ENABLE) == TRUE
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ !else
+ TrEEPhysicalPresenceLib|$(PLATFORM_PACKAGE)/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf
+ !endif
}
$(PLATFORM_PACKAGE)/UiApp/UiApp.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Dptf.inf
$(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/PnpDxe.inf
+!if $(SEC_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/HeciDrv.inf {
+!if $(SEC_DEBUG_INFO_ENABLE) == TRUE
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=1
+!else
+ <BuildOptions>
+ *_*_X64_CC_FLAGS = /DSEC_DEBUG_INFO=0
+!endif
+ }
+
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/SeCPolicyInitDxe.inf
+!endif
+
+!if $(FTPM_ENABLE) == TRUE
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/Tpm2DeviceSeCDxe.inf
+ SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.inf
+ SecurityPkg/Tcg/TrEEDxe/TrEEDxe.inf{
+ <LibraryClasses>
+ NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
+ NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
+ PcdLib|MdePkg/Library\DxePcdLib/DxePcdLib.inf
+ Tpm2DeviceLib|Vlv2TbltDevicePkg/Library/Tpm2DeviceLibSeCDxe/Tpm2DeviceLibSeC.inf
+ }
+ $(PLATFORM_BINARY_PACKAGE)/$(DXE_ARCHITECTURE)$(TARGET)/$(DXE_ARCHITECTURE)/FtpmSmm.inf
+!endif
!if $(TPM_ENABLED) == TRUE
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
DEFINE X64_BUILD_ENABLE =
!endif
+!if $(FTPM_ENABLE) == TRUE
+ DEFINE DSC_FTPM_BUILD_OPTIONS = /DFTPM_ENABLE
+!else
+ DEFINE DSC_FTPM_BUILD_OPTIONS =
+!endif
!if $(TPM_ENABLED) == TRUE
DEFINE DSC_TPM_BUILD_OPTIONS = /DTPM_ENABLED
!else
!endif
- DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
+ DEFINE EDK_EDKII_DSC_FEATURE_BUILD_OPTIONS = $(MINNOW2_FSP_OPTION) $(MINNOW2_BUILD_OPTION) $(ENBDT_PF_ENABLE) $(EXTERNAL_VGA_BUILD_OPTION) $(PCIE_ENUM_WA_BUILD_OPTION) $(X0_WA_ENABLE_BUILD_OPTION) $(A0_WA_ENABLE_BUILD_OPTION) $(MICROCODE_FREE_BUILD_OPTIONS) $(SIMICS_BUILD_OPTIONS) $(HYBRID_BUILD_OPTIONS) $(COMPACT_BUILD_OPTIONS) $(VP_BUILD_OPTIONS) $(SYSCTL_ID_BUILD_OPTION) $(CLKGEN_CONFIG_EXTRA_BUILD_OPTION) $(SYSCTL_X0_CONVERT_BOARD_OPTION) $(ENBDT_S3_SUPPORT_OPTIONS) $(SATA_SUPPORT_BUILD_OPTION) $(PCIESC_SUPPORT_BUILD_OPTION) $(DSC_FTPM_BUILD_OPTIONS) $(DSC_FTPM_ERROR_WR_BUILD_OPTIONS) $(DSC_TPM_BUILD_OPTIONS) $(DSC_BYTI_SECURE_BOOT_BUILD_OPTIONS)
!if $(PERFORMANCE_ENABLE) == TRUE
DEFINE PDB_BUILD_OPTION = /Zi
!endif
//TPM related\r
//\r
subtitle text = STRING_TOKEN(STR_TPM_CONFIGURATION_PROMPT);\r
+grayoutif ideqval Setup.ETpm== 0x1;\r
+ oneof varid = Setup.fTPM,\r
+ prompt = STRING_TOKEN(STR_PTT_PROMPT),\r
+ help = STRING_TOKEN(STR_PTT_HELP),\r
+ option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;\r
+ option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
+ endoneof;\r
+endif;\r
+\r
+grayoutif ideqval Setup.fTPM == 0x1;\r
oneof varid = Setup.ETpm,\r
prompt = STRING_TOKEN(STR_TPM_PROMPT),\r
help = STRING_TOKEN(STR_TPM_HELP),\r
- option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
- option text = STRING_TOKEN(STR_DISABLE), value= 0, flags= RESET_REQUIRED;\r
+ option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = RESET_REQUIRED;\r
+ option text = STRING_TOKEN(STR_DISABLE), value= 0, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
endoneof;\r
+endif;\r
\r
+suppressif ideqval Setup.fTPM == 0;\r
oneof varid = Setup.MeasuredBootEnable,\r
prompt = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_PROMPT),\r
help = STRING_TOKEN(STR_MEASURED_BOOT_ENABLE_HELP),\r
option text = STRING_TOKEN(STR_DISABLE), value = 0, flags = RESET_REQUIRED;\r
option text = STRING_TOKEN(STR_ENABLE), value = 1, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;\r
endoneof;\r
+endif;\r
\r
subtitle text = STRING_TOKEN(STR_NULL_STRING);\r
\r