From: Dong Guo Date: Thu, 27 Mar 2014 11:03:04 +0000 (+0000) Subject: Remove hide TPM support. X-Git-Tag: edk2-stable201903~11573 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=2bc363714e6bb2192a10b7b921c682eddd7cf8ec Remove hide TPM support. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dong Guo Reviewed-by: Yao Jiewen Reviewed-by: Ni, Ruiyu git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@15405 6f19259b-4bc3-4df7-8a09-765794883524 --- diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index 794287d137..c195ccaad3 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -229,15 +229,7 @@ # If 1, TCG platform type is server. gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass|0|UINT8|0x00000006 - ## The PCD is used to control whether to support hiding the TPM. - # If TRUE, PcdHideTpm controls whether to hide the TPM. - # This pcd is only for validation purpose. It should be set to false in production. - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport|FALSE|BOOLEAN|0x00000007 - [PcdsDynamic, PcdsDynamicEx] - ## The PCD is used to control whether to hide the TPM. - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm|FALSE|BOOLEAN|0x00010002 - [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## This PCD indicates the presence or absence of the platform operator. gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x00010001 diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr index fc601471d0..9e4e63d761 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr @@ -1,7 +1,7 @@ /** @file VFR file used by the TCG configuration component. -Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -44,13 +44,6 @@ formset endcheckbox; endif; - suppressif TRUE; - checkbox varid = TCG_CONFIGURATION.OriginalHideTpm, - prompt = STRING_TOKEN(STR_NULL), - help = STRING_TOKEN(STR_NULL), - endcheckbox; - endif; - text help = STRING_TOKEN(STR_TPM_STATE_HELP), text = STRING_TOKEN(STR_TPM_STATE_PROMPT), @@ -58,18 +51,6 @@ formset subtitle text = STRING_TOKEN(STR_NULL); - label LABEL_TCG_CONFIGURATION_HIDETPM; - - checkbox varid = TCG_CONFIGURATION.HideTpm, - questionid = KEY_HIDE_TPM, - prompt = STRING_TOKEN(STR_HIDE_TPM_PROMPT), - help = STRING_TOKEN(STR_HIDE_TPM_HELP), - flags = RESET_REQUIRED, - endcheckbox; - - label LABEL_END; - - grayoutif ideqval TCG_CONFIGURATION.OriginalHideTpm == 1; oneof varid = TCG_CONFIGURATION.TpmOperation, questionid = KEY_TPM_ACTION, prompt = STRING_TOKEN(STR_TPM_OPERATION), @@ -102,8 +83,6 @@ formset subtitle text = STRING_TOKEN(STR_NULL); - endif; - endform; endformset; diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c index a9a10c9e10..787251828f 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c @@ -1,7 +1,7 @@ /** @file The module entry point for Tcg configuration module. -Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -75,7 +75,6 @@ TcgConfigDriverEntryPoint ( } PrivateData->TcgProtocol = TcgProtocol; - PrivateData->HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)); // // Install TCG configuration form diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf index cdfc89c2ec..ba62017413 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf @@ -1,7 +1,7 @@ ## @file # Component name for Tcg configuration module. # -# Copyright (c) 2011 - 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -63,11 +63,7 @@ gEfiHiiConfigRoutingProtocolGuid ## CONSUMES gEfiTcgProtocolGuid ## CONSUMES -[FixedPcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport - [Pcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid [Depex] diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c index 5a52a6b87c..c2e3b34a25 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c @@ -1,7 +1,7 @@ /** @file HII Config Access protocol implementation of TCG configuration module. -Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -182,11 +182,6 @@ TcgExtractConfig ( ZeroMem (&Configuration, sizeof (TCG_CONFIGURATION)); Configuration.TpmOperation = PHYSICAL_PRESENCE_ENABLE; - Configuration.HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)); - // - // Read the original value of HideTpm from PrivateData which won't be changed by Setup in this boot. - // - Configuration.OriginalHideTpm = PrivateData->HideTpm; // // Display current TPM state. @@ -307,8 +302,6 @@ TcgRouteConfig ( return Status; } - PcdSetBool (PcdHideTpm, TcgConfiguration.HideTpm); - return EFI_SUCCESS; } @@ -425,11 +418,6 @@ InstallTcgConfigForm ( EFI_STATUS Status; EFI_HII_HANDLE HiiHandle; EFI_HANDLE DriverHandle; - VOID *StartOpCodeHandle; - VOID *EndOpCodeHandle; - EFI_IFR_GUID_LABEL *StartLabel; - EFI_IFR_GUID_LABEL *EndLabel; - EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess; DriverHandle = NULL; @@ -473,39 +461,6 @@ InstallTcgConfigForm ( PrivateData->HiiHandle = HiiHandle; - // - // Remove the Hide TPM question from the IFR - // - if (!PcdGetBool (PcdHideTpmSupport)) { - // - // Allocate space for creation of UpdateData Buffer - // - StartOpCodeHandle = HiiAllocateOpCodeHandle (); - ASSERT (StartOpCodeHandle != NULL); - - EndOpCodeHandle = HiiAllocateOpCodeHandle (); - ASSERT (EndOpCodeHandle != NULL); - - // - // Create Hii Extend Label OpCode as the start opcode - // - StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (StartOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); - StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; - StartLabel->Number = LABEL_TCG_CONFIGURATION_HIDETPM; - - // - // Create Hii Extend Label OpCode as the end opcode - // - EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (EndOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL)); - EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL; - EndLabel->Number = LABEL_END; - - HiiUpdateForm (HiiHandle, NULL, TCG_CONFIGURATION_FORM_ID, StartOpCodeHandle, EndOpCodeHandle); - - HiiFreeOpCodeHandle (StartOpCodeHandle); - HiiFreeOpCodeHandle (EndOpCodeHandle); - } - return EFI_SUCCESS; } diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h index cbfca74392..ecc6a6d855 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h @@ -2,7 +2,7 @@ The header file of HII Config Access protocol implementation of TCG configuration module. -Copyright (c) 2011, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -62,8 +62,6 @@ typedef struct { EFI_HANDLE DriverHandle; EFI_TCG_PROTOCOL *TcgProtocol; - - BOOLEAN HideTpm; } TCG_CONFIG_PRIVATE_DATA; extern TCG_CONFIG_PRIVATE_DATA mTcgConfigPrivateDateTemplate; diff --git a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h index 359f4a2bf6..eaa6fe8018 100644 --- a/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h +++ b/SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h @@ -1,7 +1,7 @@ /** @file Header file for NV data structure definition. -Copyright (c) 2011, Intel Corporation. All rights reserved.
+Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -22,19 +22,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define TCG_CONFIGURATION_VARSTORE_ID 0x0001 #define TCG_CONFIGURATION_FORM_ID 0x0001 -#define KEY_HIDE_TPM 0x2000 -#define KEY_TPM_ACTION 0x3000 -#define KEY_TPM_MOR_ENABLE 0x4000 +#define KEY_TPM_ACTION 0x3000 -#define LABEL_TCG_CONFIGURATION_HIDETPM 0x0001 -#define LABEL_END 0xffff +#define LABEL_TCG_CONFIGURATION_TPM_OPERATION 0x0001 +#define LABEL_END 0xffff // // Nv Data structure referenced by IFR // typedef struct { - BOOLEAN HideTpm; - BOOLEAN OriginalHideTpm; UINT8 TpmOperation; BOOLEAN TpmEnable; BOOLEAN TpmActivate; diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c index ae905f7653..f3f4b3f4c0 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM device and measure FVs before handing off control to DXE. -Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -711,10 +711,6 @@ PeimEntryMA ( return EFI_UNSUPPORTED; } - if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) { - return EFI_UNSUPPORTED; - } - // // Initialize TPM device // diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/TcgPei.inf index 48a3e64362..cf90eaec81 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -1,7 +1,7 @@ ## @file # This module will initialize TPM device and measure FVs in PEI phase. # -# Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -63,7 +63,6 @@ gEfiEndOfPeiSignalPpiGuid [Pcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable @@ -73,7 +72,6 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy [FixedPcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported ## CONSUMES [Depex] diff --git a/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c b/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c index ce7a9a1974..516f7c92a3 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c +++ b/SecurityPkg/Tcg/TrEEConfig/TpmDetection.c @@ -1,7 +1,7 @@ /** @file TPM1.2/dTPM2.0 auto detection. -Copyright (c) 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -69,11 +69,6 @@ DetectTpmDevice ( EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi; UINTN Size; - if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) { - DEBUG ((EFI_D_ERROR, "DetectTpmDevice: Tpm is hide\n")); - return TPM_DEVICE_NULL; - } - Status = PeiServicesGetBootMode (&BootMode); ASSERT_EFI_ERROR (Status); diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf index c6a489aee8..c3a8435391 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf @@ -2,7 +2,7 @@ # Component name for TrEE configuration module. # NOTE: This module is only for reference only, each platform should have its own setup page. # -# Copyright (c) 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -55,12 +55,8 @@ [Ppis] gEfiPeiReadOnlyVariable2PpiGuid -[FixedPcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport - [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c index 5b5ff6c3aa..5dfbd8d893 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c @@ -1,7 +1,7 @@ /** @file Initialize TPM2 device and measure FVs before handing off control to DXE. -Copyright (c) 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -620,10 +620,6 @@ PeimEntryMA ( return EFI_UNSUPPORTED; } - if (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm)) { - return EFI_UNSUPPORTED; - } - // // Update for Performance optimization // diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf index 3de112c5cf..719f2b4a64 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf @@ -1,7 +1,7 @@ ## @file # This module will initialize TPM2 device and measure FVs in PEI phase. # -# Copyright (c) 2013, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.
# This program and the accompanying materials # are licensed and made available under the terms and conditions of the BSD License # which accompanies this distribution. The full text of the license may be found at @@ -58,7 +58,6 @@ gEfiEndOfPeiSignalPpiGuid [Pcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpm gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## CONSUMES gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy @@ -66,7 +65,6 @@ gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy [FixedPcd] - gEfiSecurityPkgTokenSpaceGuid.PcdHideTpmSupport gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported ## CONSUMES [Depex]