From: Kun Qin Date: Fri, 18 Dec 2020 06:31:21 +0000 (-0800) Subject: SecurityPkg: Tpm2DeviceLibDTpm: Introduce StandaloneMm instance X-Git-Tag: edk2-stable202102~85 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=7a56650e2e5661bf296c7a27865351900045610a SecurityPkg: Tpm2DeviceLibDTpm: Introduce StandaloneMm instance This change added a new instance of Tpm2DeviceLibDTpm to support drivers of type MM_STANDALONE. It abstracts dynamic Pcd access into separate file for different instances to avoid dynamic usage for StandaloneMm modules. Cc: Jiewen Yao Cc: Jian J Wang Cc: Qi Zhang Cc: Rahul Kumar Signed-off-by: Kun Qin Reviewed-by: Jiewen Yao --- diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c index 42e1ecbce9..238389dbdb 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c @@ -13,29 +13,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include -/** - Return PTP interface type. - - @param[in] Register Pointer to PTP register. - - @return PTP interface type. -**/ -TPM2_PTP_INTERFACE_TYPE -Tpm2GetPtpInterface ( - IN VOID *Register - ); - -/** - Return PTP CRB interface IdleByPass state. - - @param[in] Register Pointer to PTP register. - - @return PTP CRB interface IdleByPass state. -**/ -UINT8 -Tpm2GetIdleByPass ( - IN VOID *Register - ); +#include "Tpm2DeviceLibDTpm.h" /** This service enables the sending of commands to the TPM2. @@ -145,21 +123,5 @@ Tpm2DeviceLibConstructor ( VOID ) { - TPM2_PTP_INTERFACE_TYPE PtpInterface; - UINT8 IdleByPass; - - // - // Cache current active TpmInterfaceType only when needed - // - if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) { - PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); - PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface); - } - - if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) { - IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); - PcdSet8S(PcdCRBIdleByPass, IdleByPass); - } - - return EFI_SUCCESS; + return InternalTpm2DeviceLibDTpmCommonConstructor (); } diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h new file mode 100644 index 0000000000..9fff989522 --- /dev/null +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h @@ -0,0 +1,67 @@ +/** @file + This header file includes common internal fuction prototypes. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM2_DEVICE_LIB_DTPM_H_ +#define _TPM2_DEVICE_LIB_DTPM_H_ + +/** + Return PTP interface type. + + @param[in] Register Pointer to PTP register. + + @return PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +Tpm2GetPtpInterface ( + IN VOID *Register + ); + +/** + Return PTP CRB interface IdleByPass state. + + @param[in] Register Pointer to PTP register. + + @return PTP CRB interface IdleByPass state. +**/ +UINT8 +Tpm2GetIdleByPass ( + IN VOID *Register + ); + +/** + Return cached PTP interface type. + + @return Cached PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +GetCachedPtpInterface ( + VOID + ); + +/** + Return cached PTP CRB interface IdleByPass state. + + @return Cached PTP CRB interface IdleByPass state. +**/ +UINT8 +GetCachedIdleByPass ( + VOID + ); + +/** + The common function cache current active TpmInterfaceType when needed. + + @retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance +**/ +EFI_STATUS +InternalTpm2DeviceLibDTpmCommonConstructor ( + VOID + ); + +#endif // _TPM2_DEVICE_LIB_DTPM_H_ diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf index 2b62750463..be3a0053cc 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf @@ -11,6 +11,7 @@ # only uses TPM 2.0 DTPM device. # # Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -34,6 +35,8 @@ Tpm2Tis.c Tpm2Ptp.c Tpm2DeviceLibDTpm.c + Tpm2DeviceLibDTpmBase.c + Tpm2DeviceLibDTpm.h [Packages] MdePkg/MdePkg.dec diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c new file mode 100644 index 0000000000..bc35e257e1 --- /dev/null +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c @@ -0,0 +1,68 @@ +/** @file + This file abstract internal interfaces of which implementation differs per library instance. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include +#include + +#include "Tpm2DeviceLibDTpm.h" + +/** + Return cached PTP CRB interface IdleByPass state. + + @return Cached PTP CRB interface IdleByPass state. +**/ +UINT8 +GetCachedIdleByPass ( + VOID + ) +{ + return PcdGet8(PcdCRBIdleByPass); +} + +/** + Return cached PTP interface type. + + @return Cached PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +GetCachedPtpInterface ( + VOID + ) +{ + return PcdGet8(PcdActiveTpmInterfaceType); +} + +/** + The common function cache current active TpmInterfaceType when needed. + + @retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance +**/ +EFI_STATUS +InternalTpm2DeviceLibDTpmCommonConstructor ( + VOID + ) +{ + TPM2_PTP_INTERFACE_TYPE PtpInterface; + UINT8 IdleByPass; + + // + // Cache current active TpmInterfaceType only when needed + // + if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) { + PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface); + } + + if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) { + IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + PcdSet8S(PcdCRBIdleByPass, IdleByPass); + } + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c new file mode 100644 index 0000000000..eac866d2a7 --- /dev/null +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c @@ -0,0 +1,66 @@ +/** @file + This file abstract internal interfaces of which implementation differs per library instance. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#include + +#include "Tpm2DeviceLibDTpm.h" + +TPM2_PTP_INTERFACE_TYPE mActiveTpmInterfaceType; +UINT8 mCRBIdleByPass; + +/** + Return cached PTP CRB interface IdleByPass state. + + @return Cached PTP CRB interface IdleByPass state. +**/ +UINT8 +GetCachedIdleByPass ( + VOID + ) +{ + return mCRBIdleByPass; +} + +/** + Return cached PTP interface type. + + @return Cached PTP interface type. +**/ +TPM2_PTP_INTERFACE_TYPE +GetCachedPtpInterface ( + VOID + ) +{ + return mActiveTpmInterfaceType; +} + +/** + The common function cache current active TpmInterfaceType when needed. + + @retval EFI_SUCCESS DTPM2.0 instance is registered, or system does not support register DTPM2.0 instance +**/ +EFI_STATUS +InternalTpm2DeviceLibDTpmCommonConstructor ( + VOID + ) +{ + mActiveTpmInterfaceType = 0xFF; + mCRBIdleByPass = 0xFF; + + // + // Always cache current active TpmInterfaceType for StandaloneMm implementation + // + mActiveTpmInterfaceType = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + + if (mActiveTpmInterfaceType == Tpm2PtpInterfaceCrb) { + mCRBIdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); + } + + return EFI_SUCCESS; +} diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf new file mode 100644 index 0000000000..18c08ad8bd --- /dev/null +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf @@ -0,0 +1,54 @@ +## @file +# Provides TPM 2.0 TIS/PTP functions for DTPM +# +# Spec Compliance Info: +# "TCG PC Client Platform TPM Profile(PTP) Specification Family 2.0 Level 00 Revision 00.43" +# "TCG PC Client Specific TPM Interface Specification(TIS) Version 1.3" +# +# This library implements TIS (TPM Interface Specification) and +# PTP (Platform TPM Profile) functions which is +# used for every TPM 2.0 command. Choosing this library means platform uses and +# only uses TPM 2.0 DTPM device. +# +# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation. +# SPDX-License-Identifier: BSD-2-Clause-Patent +# +## + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = Tpm2DeviceLibDTpmStandaloneMm + FILE_GUID = 9A5DB21A-FF0B-46D0-8672-B4F83FEF1F0E + MODULE_TYPE = BASE + VERSION_STRING = 1.0 + LIBRARY_CLASS = Tpm2DeviceLib|MM_STANDALONE + CONSTRUCTOR = Tpm2DeviceLibConstructor + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 +# + +[Sources] + Tpm2Tis.c + Tpm2Ptp.c + Tpm2DeviceLibDTpm.c + Tpm2DeviceLibDTpmStandaloneMm.c + Tpm2DeviceLibDTpm.h + +[Packages] + MdePkg/MdePkg.dec + SecurityPkg/SecurityPkg.dec + +[LibraryClasses] + BaseLib + BaseMemoryLib + IoLib + TimerLib + DebugLib + PcdLib + +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## CONSUMES diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c index 691eaa40c0..053e597d2e 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c @@ -16,29 +16,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include -/** - Return PTP interface type. - - @param[in] Register Pointer to PTP register. - - @return PTP interface type. -**/ -TPM2_PTP_INTERFACE_TYPE -Tpm2GetPtpInterface ( - IN VOID *Register - ); - -/** - Return PTP CRB interface IdleByPass state. - - @param[in] Register Pointer to PTP register. - - @return PTP CRB interface IdleByPass state. -**/ -UINT8 -Tpm2GetIdleByPass ( - IN VOID *Register - ); +#include "Tpm2DeviceLibDTpm.h" /** Dump PTP register information. @@ -102,8 +80,6 @@ Tpm2InstanceLibDTpmConstructor ( ) { EFI_STATUS Status; - TPM2_PTP_INTERFACE_TYPE PtpInterface; - UINT8 IdleByPass; Status = Tpm2RegisterTpm2DeviceLib (&mDTpm2InternalTpm2Device); if ((Status == EFI_SUCCESS) || (Status == EFI_UNSUPPORTED)) { @@ -111,19 +87,7 @@ Tpm2InstanceLibDTpmConstructor ( // Unsupported means platform policy does not need this instance enabled. // if (Status == EFI_SUCCESS) { - // - // Cache current active TpmInterfaceType only when needed - // - if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) { - PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); - PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface); - } - - if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) { - IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); - PcdSet8S(PcdCRBIdleByPass, IdleByPass); - } - + Status = InternalTpm2DeviceLibDTpmCommonConstructor (); DumpPtpInfo ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress)); } return EFI_SUCCESS; diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf index 5f267f552c..31113d93ee 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf @@ -6,6 +6,7 @@ # and PTP (Platform TPM Profile) functions. # # Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) Microsoft Corporation # SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -30,6 +31,8 @@ Tpm2Tis.c Tpm2Ptp.c Tpm2InstanceLibDTpm.c + Tpm2DeviceLibDTpmBase.c + Tpm2DeviceLibDTpm.h [Packages] MdePkg/MdePkg.dec diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c index 2c73385b6c..f1f8091683 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c @@ -2,6 +2,7 @@ PTP (Platform TPM Profile) CRB (Command Response Buffer) interface used by dTPM2.0 library. Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c), Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent **/ @@ -19,6 +20,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include +#include "Tpm2DeviceLibDTpm.h" + // // Execution of the command may take from several seconds to minutes for certain // commands, such as key generation. @@ -174,7 +177,7 @@ PtpCrbTpmCommand ( // STEP 0: // if CapCRbIdelByPass == 0, enforce Idle state before sending command // - if (PcdGet8(PcdCRBIdleByPass) == 0 && (MmioRead32((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0){ + if (GetCachedIdleByPass () == 0 && (MmioRead32((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0){ Status = PtpCrbWaitRegisterBits ( &CrbReg->CrbControlStatus, PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE, @@ -330,7 +333,7 @@ GoReady_Exit: // Goto Ready State if command is completed successfully and TPM support IdleBypass // If not supported. flow down to GoIdle // - if (PcdGet8(PcdCRBIdleByPass) == 1) { + if (GetCachedIdleByPass () == 1) { MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY); return Status; } @@ -350,7 +353,7 @@ GoIdle_Exit: // Only enforce Idle state transition if execution fails when CRBIdleBypass==1 // Leave regular Idle delay at the beginning of next command execution // - if (PcdGet8(PcdCRBIdleByPass) == 1){ + if (GetCachedIdleByPass () == 1){ Status = PtpCrbWaitRegisterBits ( &CrbReg->CrbControlStatus, PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE, @@ -519,7 +522,7 @@ DumpPtpInfo ( Vid = 0xFFFF; Did = 0xFFFF; Rid = 0xFF; - PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); + PtpInterface = GetCachedPtpInterface (); DEBUG ((EFI_D_INFO, "PtpInterface - %x\n", PtpInterface)); switch (PtpInterface) { case Tpm2PtpInterfaceCrb: @@ -564,7 +567,7 @@ DTpm2SubmitCommand ( { TPM2_PTP_INTERFACE_TYPE PtpInterface; - PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); + PtpInterface = GetCachedPtpInterface (); switch (PtpInterface) { case Tpm2PtpInterfaceCrb: return PtpCrbTpmCommand ( @@ -603,7 +606,7 @@ DTpm2RequestUseTpm ( { TPM2_PTP_INTERFACE_TYPE PtpInterface; - PtpInterface = PcdGet8(PcdActiveTpmInterfaceType); + PtpInterface = GetCachedPtpInterface (); switch (PtpInterface) { case Tpm2PtpInterfaceCrb: return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress)); diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc index 7240b2573e..618420a56c 100644 --- a/SecurityPkg/SecurityPkg.dsc +++ b/SecurityPkg/SecurityPkg.dsc @@ -211,6 +211,7 @@ SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf + SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.inf SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf