From: Jiewen Yao Date: Wed, 14 Mar 2018 13:49:52 +0000 (+0800) Subject: Vlv2TbltDevicePkg/Tcg2PhysicalPresenceLib: use Tcg2 instead of TrEE. X-Git-Tag: edk2-stable201903~2124 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=9461604e1490f73fdbcc8e957dbe75f75c73b027;ds=sidebyside Vlv2TbltDevicePkg/Tcg2PhysicalPresenceLib: use Tcg2 instead of TrEE. TrEE is deprecated. We need use Tcg2. Cc: David Wei Cc: Mang Guo Cc: Chao B Zhang Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jiewen Yao Reviewed-by: Chao B Zhang Reviewed-by: Mang Guo --- diff --git a/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.c b/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.c new file mode 100644 index 0000000000..96fad05527 --- /dev/null +++ b/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.c @@ -0,0 +1,242 @@ +/** @file + Execute pending TPM2 requests from OS or BIOS. + + Caution: This module requires additional review when modified. + This driver will have external input - variable. + This external input must be validated carefully to avoid security issue. + + Tcg2ExecutePendingTpmRequest() will receive untrusted input and do validation. + +Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +/** + Get string by string id from HII Interface. + + @param[in] Id String ID. + + @retval CHAR16 * String from ID. + @retval NULL If error occurs. + +**/ +CHAR16 * +Tcg2PhysicalPresenceGetStringById ( + IN EFI_STRING_ID Id + ) +{ + return NULL; +} + +/** + Send ClearControl and Clear command to TPM. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_TIMEOUT The register can't run into the expected status in time. + @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. + @retval EFI_DEVICE_ERROR Unexpected device behavior. + +**/ +EFI_STATUS +EFIAPI +TpmCommandClear ( + IN TPM2B_AUTH *PlatformAuth OPTIONAL + ) +{ + return EFI_SUCCESS; +} + +/** + Execute physical presence operation requested by the OS. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. + @param[in] CommandCode Physical presence operation value. + @param[in, out] PpiFlags The physical presence interface flags. + + @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation. + @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or + receiving response from TPM. + @retval Others Return code from the TPM device after command execution. +**/ +UINT32 +Tcg2ExecutePhysicalPresence ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN UINT32 CommandCode, + IN OUT EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags + ) +{ + return 0; +} + + +/** + Read the specified key for user confirmation. + + @param[in] CautionKey If true, F12 is used as confirm key; + If false, F10 is used as confirm key. + + @retval TRUE User confirmed the changes by input. + @retval FALSE User discarded the changes. +**/ +BOOLEAN +Tcg2ReadUserKey ( + IN BOOLEAN CautionKey + ) +{ + return FALSE; +} + +/** + The constructor function register UNI strings into imageHandle. + + It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. + + @param ImageHandle The firmware allocated handle for the EFI image. + @param SystemTable A pointer to the EFI System Table. + + @retval EFI_SUCCESS The constructor successfully added string package. + @retval Other value The constructor can't add string package. +**/ +EFI_STATUS +EFIAPI +Tcg2PhysicalPresenceLibConstructor ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable + ) +{ + return EFI_SUCCESS; +} + +/** + Display the confirm text and get user confirmation. + + @param[in] TpmPpCommand The requested TPM physical presence command. + + @retval TRUE The user has confirmed the changes. + @retval FALSE The user doesn't confirm the changes. +**/ +BOOLEAN +Tcg2UserConfirm ( + IN UINT32 TpmPpCommand + ) +{ + return FALSE; +} + +/** + Check if there is a valid physical presence command request. Also updates parameter value + to whether the requested physical presence command already confirmed by user + + @param[in] TcgPpData EFI Tcg2 Physical Presence request data. + @param[in] Flags The physical presence interface flags. + @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI. + True, it indicates the command doesn't require user confirm, or already confirmed + in last boot cycle by user. + False, it indicates the command need user confirm from UI. + + @retval TRUE Physical Presence operation command is valid. + @retval FALSE Physical Presence operation command is invalid. + +**/ +BOOLEAN +Tcg2HaveValidTpmRequest ( + IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData, + IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags, + OUT BOOLEAN *RequestConfirmed + ) +{ + return TRUE; +} + + +/** + Check and execute the requested physical presence command. + + Caution: This function may receive untrusted input. + TcgPpData variable is external input, so this function will validate + its data structure to be valid value. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. + @param[in] TcgPpData Point to the physical presence NV variable. + @param[in] Flags The physical presence interface flags. +**/ +VOID +Tcg2ExecutePendingTpmRequest ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData, + IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags + ) +{ + return; +} + +/** + Check and execute the pending TPM request. + + The TPM request may come from OS or BIOS. This API will display request information and wait + for user confirmation if TPM request exists. The TPM request will be sent to TPM device after + the TPM request is confirmed, and one or more reset may be required to make TPM request to + take effect. + + This API should be invoked after console in and console out are all ready as they are required + to display request information and get user input to confirm the request. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. +**/ +VOID +EFIAPI +Tcg2PhysicalPresenceLibProcessRequest ( + IN TPM2B_AUTH *PlatformAuth OPTIONAL + ) +{ + return; +} + +/** + Check if the pending TPM request needs user input to confirm. + + The TPM request may come from OS. This API will check if TPM request exists and need user + input to confirmation. + + @retval TRUE TPM needs input to confirm user physical presence. + @retval FALSE TPM doesn't need input to confirm user physical presence. + +**/ +BOOLEAN +EFIAPI +Tcg2PhysicalPresenceLibNeedUserConfirm( + VOID + ) +{ + + return FALSE; +} + diff --git a/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.inf b/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.inf new file mode 100644 index 0000000000..b67fd13893 --- /dev/null +++ b/Vlv2TbltDevicePkg/Library/DxeTcg2PhysicalPresenceLibNull/DxeTcg2PhysicalPresenceLibNull.inf @@ -0,0 +1,46 @@ +## @file +# Null instance of DxeTcg2PhysicalPresenceLib +# +# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
+# +# This program and the accompanying materials are licensed and made available under +# the terms and conditions of the BSD License that accompanies this distribution. +# The full text of the license may be found at +# http://opensource.org/licenses/bsd-license.php. +# +# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. +# +# +# + +[Defines] + INF_VERSION = 0x00010005 + BASE_NAME = DxeTcg2PhysicalPresenceLib + FILE_GUID = B41B3DB3-ACC5-4fcd-9992-891F3F9C0DA5 + MODULE_TYPE = DXE_DRIVER + VERSION_STRING = 1.0 + LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER + +# +# The following information is for reference only and not required by the build tools. +# +# VALID_ARCHITECTURES = IA32 X64 IPF EBC +# + +[Sources] + DxeTcg2PhysicalPresenceLibNull.c + +[Packages] + MdePkg/MdePkg.dec + MdeModulePkg/MdeModulePkg.dec + SecurityPkg/SecurityPkg.dec + +[LibraryClasses] + + +[Protocols] + + +[Guids] + diff --git a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c b/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c deleted file mode 100644 index 9aebf528fb..0000000000 --- a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.c +++ /dev/null @@ -1,242 +0,0 @@ -/** @file - Execute pending TPM2 requests from OS or BIOS. - - Caution: This module requires additional review when modified. - This driver will have external input - variable. - This external input must be validated carefully to avoid security issue. - - TrEEExecutePendingTpmRequest() will receive untrusted input and do validation. - -Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -/** - Get string by string id from HII Interface. - - @param[in] Id String ID. - - @retval CHAR16 * String from ID. - @retval NULL If error occurs. - -**/ -CHAR16 * -TrEEPhysicalPresenceGetStringById ( - IN EFI_STRING_ID Id - ) -{ - return NULL; -} - -/** - Send ClearControl and Clear command to TPM. - - @param[in] PlatformAuth platform auth value. NULL means no platform auth change. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -EFIAPI -TpmCommandClear ( - IN TPM2B_AUTH *PlatformAuth OPTIONAL - ) -{ - return EFI_SUCCESS; -} - -/** - Execute physical presence operation requested by the OS. - - @param[in] PlatformAuth platform auth value. NULL means no platform auth change. - @param[in] CommandCode Physical presence operation value. - @param[in, out] PpiFlags The physical presence interface flags. - - @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation. - @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or - receiving response from TPM. - @retval Others Return code from the TPM device after command execution. -**/ -UINT32 -TrEEExecutePhysicalPresence ( - IN TPM2B_AUTH *PlatformAuth, OPTIONAL - IN UINT32 CommandCode, - IN OUT EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags - ) -{ - return 0; -} - - -/** - Read the specified key for user confirmation. - - @param[in] CautionKey If true, F12 is used as confirm key; - If false, F10 is used as confirm key. - - @retval TRUE User confirmed the changes by input. - @retval FALSE User discarded the changes. -**/ -BOOLEAN -TrEEReadUserKey ( - IN BOOLEAN CautionKey - ) -{ - return FALSE; -} - -/** - The constructor function register UNI strings into imageHandle. - - It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. - - @param ImageHandle The firmware allocated handle for the EFI image. - @param SystemTable A pointer to the EFI System Table. - - @retval EFI_SUCCESS The constructor successfully added string package. - @retval Other value The constructor can't add string package. -**/ -EFI_STATUS -EFIAPI -TrEEPhysicalPresenceLibConstructor ( - IN EFI_HANDLE ImageHandle, - IN EFI_SYSTEM_TABLE *SystemTable - ) -{ - return EFI_SUCCESS; -} - -/** - Display the confirm text and get user confirmation. - - @param[in] TpmPpCommand The requested TPM physical presence command. - - @retval TRUE The user has confirmed the changes. - @retval FALSE The user doesn't confirm the changes. -**/ -BOOLEAN -TrEEUserConfirm ( - IN UINT32 TpmPpCommand - ) -{ - return FALSE; -} - -/** - Check if there is a valid physical presence command request. Also updates parameter value - to whether the requested physical presence command already confirmed by user - - @param[in] TcgPpData EFI TrEE Physical Presence request data. - @param[in] Flags The physical presence interface flags. - @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI. - True, it indicates the command doesn't require user confirm, or already confirmed - in last boot cycle by user. - False, it indicates the command need user confirm from UI. - - @retval TRUE Physical Presence operation command is valid. - @retval FALSE Physical Presence operation command is invalid. - -**/ -BOOLEAN -TrEEHaveValidTpmRequest ( - IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData, - IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags, - OUT BOOLEAN *RequestConfirmed - ) -{ - return TRUE; -} - - -/** - Check and execute the requested physical presence command. - - Caution: This function may receive untrusted input. - TcgPpData variable is external input, so this function will validate - its data structure to be valid value. - - @param[in] PlatformAuth platform auth value. NULL means no platform auth change. - @param[in] TcgPpData Point to the physical presence NV variable. - @param[in] Flags The physical presence interface flags. -**/ -VOID -TrEEExecutePendingTpmRequest ( - IN TPM2B_AUTH *PlatformAuth, OPTIONAL - IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData, - IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags - ) -{ - return; -} - -/** - Check and execute the pending TPM request. - - The TPM request may come from OS or BIOS. This API will display request information and wait - for user confirmation if TPM request exists. The TPM request will be sent to TPM device after - the TPM request is confirmed, and one or more reset may be required to make TPM request to - take effect. - - This API should be invoked after console in and console out are all ready as they are required - to display request information and get user input to confirm the request. - - @param[in] PlatformAuth platform auth value. NULL means no platform auth change. -**/ -VOID -EFIAPI -TrEEPhysicalPresenceLibProcessRequest ( - IN TPM2B_AUTH *PlatformAuth OPTIONAL - ) -{ - return; -} - -/** - Check if the pending TPM request needs user input to confirm. - - The TPM request may come from OS. This API will check if TPM request exists and need user - input to confirmation. - - @retval TRUE TPM needs input to confirm user physical presence. - @retval FALSE TPM doesn't need input to confirm user physical presence. - -**/ -BOOLEAN -EFIAPI -TrEEPhysicalPresenceLibNeedUserConfirm( - VOID - ) -{ - - return FALSE; -} - diff --git a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf b/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf deleted file mode 100644 index 64c17c63d1..0000000000 --- a/Vlv2TbltDevicePkg/Library/DxeTrEEPhysicalPresenceLibNull/DxeTrEEPhysicalPresenceLibNull.inf +++ /dev/null @@ -1,46 +0,0 @@ -## @file -# Null instance of DxeTrEEPhysicalPresenceLib -# -# Copyright (c) 2010 - 2015, Intel Corporation. All rights reserved.
-# -# This program and the accompanying materials are licensed and made available under -# the terms and conditions of the BSD License that accompanies this distribution. -# The full text of the license may be found at -# http://opensource.org/licenses/bsd-license.php. -# -# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. -# -# -# - -[Defines] - INF_VERSION = 0x00010005 - BASE_NAME = DxeTrEEPhysicalPresenceLib - FILE_GUID = B41B3DB3-ACC5-4fcd-9992-891F3F9C0DA5 - MODULE_TYPE = DXE_DRIVER - VERSION_STRING = 1.0 - LIBRARY_CLASS = TrEEPhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER - -# -# The following information is for reference only and not required by the build tools. -# -# VALID_ARCHITECTURES = IA32 X64 IPF EBC -# - -[Sources] - DxeTrEEPhysicalPresenceLibNull.c - -[Packages] - MdePkg/MdePkg.dec - MdeModulePkg/MdeModulePkg.dec - SecurityPkg/SecurityPkg.dec - -[LibraryClasses] - - -[Protocols] - - -[Guids] -