proxmox-mirrors/mirror_edk2
1
0
Fork 0
mirror of https://git.proxmox.com/git/mirror_edk2 synced 2025-11-04 07:10:07 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

SecurityPkg/TcgDxe: Replace TpmCommLib with Tpm12DeviceLib

Browse Source 
Update TCG drivers for TPM 1.2 devices to use Tpm12DeviceLib instead
of TpmCommLib.  This is required to support TPM 1.2 hardware devices
that are not on LPC bus.

The current versions of the TCG PEIM and DXE driver contain
MMIO reads/writes to a TPM attached to an LPC bus.  In order
to support TPMs that are connected to other bus types, the
TGC PEIM and DXE drivers must be updated to not perform any
direct register accesses to any TPMs.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19722 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Michael Kinney 2016-01-21 19:29:28 +00:00 committed by mdkinney
parent b558f8bceb
commit 7cb1b15bea
5 changed files with 82 additions and 191 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
SecurityPkg/Tcg/TcgDxe/TcgDxe.c
View File

@ -46,7 +46,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/BaseLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PrintLib.h>
#include <Library/TpmCommLib.h>
#include <Library/Tpm12DeviceLib.h>
#include <Library/PcdLib.h>
#include <Library/UefiLib.h>
#include <Library/ReportStatusCodeLib.h>
@ -63,7 +63,6 @@ typedef struct _TCG_DXE_DATA {
EFI_TCG_SERVER_ACPI_TABLE *TcgServerAcpiTable;
UINTN EventLogSize;
UINT8 *LastEvent;
TIS_TPM_HANDLE TpmHandle;
} TCG_DXE_DATA;
@ -114,7 +113,7 @@ EFI_TCG_SERVER_ACPI_TABLE mTcgServerAcpiTemplate = {
0,
0,
EFI_ACPI_3_0_BYTE,
TPM_BASE_ADDRESS // Base Address
0 // Base Address
},
0, // Reserved
{0}, // Configuration Address
@ -455,7 +454,6 @@ TcgDxePassThroughToTpm (
TcgData = TCG_DXE_DATA_FROM_THIS (This);
return TisPcExecute (
TcgData->TpmHandle,
"%r%/%r",
TpmInputParameterBlock,
(UINTN) TpmInputParameterBlockSize,
@ -509,7 +507,6 @@ TcgDxeHashLogExtendEventI (
}
Status = TpmCommExtend (
TcgData->TpmHandle,
&NewEventHdr->Digest,
NewEventHdr->PCRIndex,
NULL
@ -623,7 +620,6 @@ TCG_DXE_DATA mTcgDxeData = {
&mTcgClientAcpiTemplate,
&mTcgServerAcpiTemplate,
0,
NULL,
NULL
};
@ -1183,6 +1179,7 @@ InstallAcpiTable (
Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));
mTcgServerAcpiTemplate.Header.Checksum = Checksum;
mTcgServerAcpiTemplate.BaseAddress.Address = PcdGet64 (PcdTpmBaseAddress);
Status = AcpiTable->InstallAcpiTable (
AcpiTable,
&mTcgServerAcpiTemplate,
@ -1282,7 +1279,6 @@ GetTpmStatus (
TPM_STCLEAR_FLAGS VFlags;
Status = TpmCommGetFlags (
mTcgDxeData.TpmHandle,
TPM_CAP_FLAG_VOLATILE,
&VFlags,
sizeof (VFlags)
@ -1327,8 +1323,7 @@ DriverEntry (
return EFI_DEVICE_ERROR;
}
mTcgDxeData.TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS;
Status = TisPcRequestUseTpm (mTcgDxeData.TpmHandle);
Status = Tpm12RequestUseTpm ();
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "TPM not detected!\n"));
return Status;

5
SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
View File

@ -36,6 +36,7 @@
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
CryptoPkg/CryptoPkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
@ -47,7 +48,8 @@
UefiRuntimeServicesTableLib
BaseMemoryLib
DebugLib
TpmCommLib
Tpm12DeviceLib
BaseCryptLib
PrintLib
UefiLib
PcdLib
@ -69,6 +71,7 @@
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES

182
SecurityPkg/Tcg/TcgDxe/TisDxe.c
View File

@ -1,7 +1,7 @@
/** @file
TIS (TPM Interface Specification) functions used by TPM Dxe driver.
Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -14,152 +14,18 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <IndustryStandard/Tpm12.h>
#include <Library/TimerLib.h>
#include <Library/TpmCommLib.h>
#include <Library/Tpm12DeviceLib.h>
#include <Library/DebugLib.h>
#include <Library/IoLib.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
//
// Max TPM command/reponse length
//
#define TPMCMDBUFLENGTH SIZE_1KB
STATIC UINT8 TpmCommandBuf[TPMCMDBUFLENGTH];
/**
Send command to TPM for execution.
@param[in] TisReg TPM register space base address.
@param[in] TpmBuffer Buffer for TPM command data.
@param[in] DataLength TPM command data length.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_TIMEOUT The register can't run into the expected status in time.
**/
EFI_STATUS
TisPcSend (
IN TIS_PC_REGISTERS_PTR TisReg,
IN UINT8 *TpmBuffer,
IN UINT32 DataLength
)
{
UINT16 BurstCount;
UINT32 Index;
EFI_STATUS Status;
Status = TisPcPrepareCommand (TisReg);
if (EFI_ERROR (Status)){
DEBUG ((DEBUG_ERROR, "The Tpm not ready!\n"));
return Status;
}
Index = 0;
while (Index < DataLength) {
Status = TisPcReadBurstCount (TisReg, &BurstCount);
if (EFI_ERROR (Status)) {
return EFI_TIMEOUT;
}
for (; BurstCount > 0 && Index < DataLength; BurstCount--) {
MmioWrite8 ((UINTN) &TisReg->DataFifo, *(TpmBuffer + Index));
Index++;
}
}
//
// Ensure the Tpm status STS_EXPECT change from 1 to 0
//
Status = TisPcWaitRegisterBits (
&TisReg->Status,
(UINT8) TIS_PC_VALID,
TIS_PC_STS_EXPECT,
TIS_TIMEOUT_C
);
return Status;
}
/**
Receive response data of last command from TPM.
@param[in] TisReg TPM register space base address.
@param[out] TpmBuffer Buffer for response data.
@param[out] RespSize Response data length.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_TIMEOUT The register can't run into the expected status in time.
@retval EFI_DEVICE_ERROR Unexpected device status.
@retval EFI_BUFFER_TOO_SMALL Response data is too long.
**/
EFI_STATUS
TisPcReceive (
IN TIS_PC_REGISTERS_PTR TisReg,
OUT UINT8 *TpmBuffer,
OUT UINT32 *RespSize
)
{
EFI_STATUS Status;
UINT16 BurstCount;
UINT32 Index;
UINT32 ResponseSize;
UINT32 Data32;
//
// Wait for the command completion
//
Status = TisPcWaitRegisterBits (
&TisReg->Status,
(UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
0,
TIS_TIMEOUT_B
);
if (EFI_ERROR (Status)) {
return EFI_TIMEOUT;
}
//
// Read the response data header and check it
//
Index = 0;
BurstCount = 0;
while (Index < sizeof (TPM_RSP_COMMAND_HDR)) {
Status = TisPcReadBurstCount (TisReg, &BurstCount);
if (EFI_ERROR (Status)) {
return EFI_TIMEOUT;
}
for (; BurstCount > 0 ; BurstCount--) {
*(TpmBuffer + Index) = MmioRead8 ((UINTN) &TisReg->DataFifo);
Index++;
if (Index == sizeof (TPM_RSP_COMMAND_HDR))
break;
}
}
//
// Check the reponse data header (tag,parasize and returncode )
//
CopyMem (&Data32, (TpmBuffer + 2), sizeof (UINT32));
ResponseSize = SwapBytes32 (Data32);
*RespSize = ResponseSize;
if (ResponseSize == sizeof (TPM_RSP_COMMAND_HDR)) {
return EFI_SUCCESS;
}
if (ResponseSize < sizeof (TPM_RSP_COMMAND_HDR)) {
return EFI_DEVICE_ERROR;
}
if (ResponseSize > TPMCMDBUFLENGTH) {
return EFI_BUFFER_TOO_SMALL;
}
//
// Continue reading the remaining data
//
while (Index < ResponseSize) {
for (; BurstCount > 0 ; BurstCount--) {
*(TpmBuffer + Index) = MmioRead8 ((UINTN) &TisReg->DataFifo);
Index++;
if (Index == ResponseSize) {
return EFI_SUCCESS;
}
}
Status = TisPcReadBurstCount (TisReg, &BurstCount);
if (EFI_ERROR (Status) && (Index < ResponseSize)) {
return EFI_DEVICE_ERROR;
}
}
return EFI_SUCCESS;
}
STATIC UINT8 TpmResponseBuf[TPMCMDBUFLENGTH];
/**
Format TPM command data according to the format control character.
@ -368,7 +234,6 @@ TisPcReceiveV (
EFI_STATUS
EFIAPI
TisPcExecute (
IN TIS_TPM_HANDLE TisReg,
IN CONST CHAR8 *Fmt,
...
)
@ -394,35 +259,20 @@ TisPcExecute (
}
Fmt++;
}
//
// Send the command to TPM
//
Status = TisPcSend (TisReg, TpmCommandBuf, BufSize);
if (EFI_ERROR (Status)) {
//
// Ensure the TPM state change from "Reception" to "Idle/Ready"
//
MmioWrite8 ((UINTN) &(((TIS_PC_REGISTERS_PTR) TisReg)->Status), TIS_PC_STS_READY);
goto Error;
}
MmioWrite8 ((UINTN) &(((TIS_PC_REGISTERS_PTR) TisReg)->Status), TIS_PC_STS_GO);
Fmt++;
//
// Receive the response data from TPM
//
ZeroMem (TpmCommandBuf, TPMCMDBUFLENGTH);
Status = TisPcReceive (TisReg, TpmCommandBuf, &ResponseSize);
//
// Ensure the TPM state change from "Execution" or "Completion" to "Idle/Ready"
//
MmioWrite8 ((UINTN) &(((TIS_PC_REGISTERS_PTR) TisReg)->Status), TIS_PC_STS_READY);
ZeroMem (TpmResponseBuf, sizeof (TpmResponseBuf));
ResponseSize = sizeof (TpmResponseBuf);
Status = Tpm12SubmitCommand (BufSize, TpmCommandBuf, &ResponseSize, TpmResponseBuf);
if (EFI_ERROR (Status)) {
goto Error;
}
Fmt++;
//
// Get the formatted data from the TpmCommandBuf.
// Get the formatted data from the TpmResponseBuf.
//
BufSize =0;
DataFinished = FALSE;
@ -430,7 +280,7 @@ TisPcExecute (
if (*Fmt == '%') {
Fmt++;
}
Status = TisPcReceiveV (*Fmt, &Ap, TpmCommandBuf, &BufSize, ResponseSize, &DataFinished);
Status = TisPcReceiveV (*Fmt, &Ap, TpmResponseBuf, &BufSize, ResponseSize, &DataFinished);
if (EFI_ERROR (Status)) {
goto Error;
}

46
SecurityPkg/Tcg/TcgDxe/TpmComm.c
View File

@ -1,7 +1,7 @@
/** @file
Utility functions used by TPM Dxe driver.
Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -14,15 +14,16 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <IndustryStandard/Tpm12.h>
#include <IndustryStandard/UefiTcgPlatform.h>
#include <Library/TpmCommLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/BaseCryptLib.h>
#include "TpmComm.h"
/**
Extend a TPM PCR.
@param[in] TpmHandle TPM handle.
@param[in] DigestToExtend The 160 bit value representing the event to be recorded.
@param[in] PcrIndex The PCR to be updated.
@param[out] NewPcrValue New PCR value after extend.
@ -33,7 +34,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
EFI_STATUS
TpmCommExtend (
IN TIS_TPM_HANDLE TpmHandle,
IN TPM_DIGEST *DigestToExtend,
IN TPM_PCRINDEX PcrIndex,
OUT TPM_DIGEST *NewPcrValue
@ -53,7 +53,6 @@ TpmCommExtend (
sizeof (CmdHdr) + sizeof (PcrIndex) + sizeof (*DigestToExtend);
CmdHdr.ordinal = TPM_ORD_Extend;
Status = TisPcExecute (
TpmHandle,
"%h%d%r%/%h%r",
&CmdHdr,
PcrIndex,
@ -75,7 +74,6 @@ TpmCommExtend (
/**
Get TPM capability flags.
@param[in] TpmHandle TPM handle.
@param[in] FlagSubcap Flag subcap.
@param[out] FlagBuffer Pointer to the buffer for returned flag structure.
@param[in] FlagSize Size of the buffer.
@ -86,7 +84,6 @@ TpmCommExtend (
**/
EFI_STATUS
TpmCommGetFlags (
IN TIS_TPM_HANDLE TpmHandle,
IN UINT32 FlagSubcap,
OUT VOID *FlagBuffer,
IN UINTN FlagSize
@ -102,7 +99,6 @@ TpmCommGetFlags (
CmdHdr.ordinal = TPM_ORD_GetCapability;
Status = TisPcExecute (
TpmHandle,
"%h%d%d%d%/%h%d%r",
&CmdHdr,
TPM_CAP_FLAG,
@ -168,3 +164,37 @@ TpmCommLogEvent (
);
return EFI_SUCCESS;
}
/**
Single function calculates SHA1 digest value for all raw data. It
combines Sha1Init(), Sha1Update() and Sha1Final().
@param[in] Data Raw data to be digested.
@param[in] DataLen Size of the raw data.
@param[out] Digest Pointer to a buffer that stores the final digest.
@retval EFI_SUCCESS Always successfully calculate the final digest.
**/
EFI_STATUS
EFIAPI
TpmCommHashAll (
IN CONST UINT8 *Data,
IN UINTN DataLen,
OUT TPM_DIGEST *Digest
)
{
VOID *Sha1Ctx;
UINTN CtxSize;
CtxSize = Sha1GetContextSize ();
Sha1Ctx = AllocatePool (CtxSize);
ASSERT (Sha1Ctx != NULL);
Sha1Init (Sha1Ctx);
Sha1Update (Sha1Ctx, Data, DataLen);
Sha1Final (Sha1Ctx, (UINT8 *)Digest);
FreePool (Sha1Ctx);
return EFI_SUCCESS;
}

27
SecurityPkg/Tcg/TcgDxe/TpmComm.h
View File

@ -1,7 +1,7 @@
/** @file
Definitions and function prototypes used by TPM DXE driver.
Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -40,7 +40,6 @@ TpmCommLogEvent (
/**
Extend a TPM PCR.
@param[in] TpmHandle TPM handle.
@param[in] DigestToExtend The 160 bit value representing the event to be recorded.
@param[in] PcrIndex The PCR to be updated.
@param[out] NewPcrValue New PCR value after extend.
@ -51,7 +50,6 @@ TpmCommLogEvent (
**/
EFI_STATUS
TpmCommExtend (
IN TIS_TPM_HANDLE TpmHandle,
IN TPM_DIGEST *DigestToExtend,
IN TPM_PCRINDEX PcrIndex,
OUT TPM_DIGEST *NewPcrValue
@ -60,7 +58,6 @@ TpmCommExtend (
/**
Get TPM capability flags.
@param[in] TpmHandle TPM handle.
@param[in] FlagSubcap Flag subcap.
@param[out] FlagBuffer Pointer to the buffer for returned flag structure.
@param[in] FlagSize Size of the buffer.
@ -71,7 +68,6 @@ TpmCommExtend (
**/
EFI_STATUS
TpmCommGetFlags (
IN TIS_TPM_HANDLE TpmHandle,
IN UINT32 FlagSubcap,
OUT VOID *Buffer,
IN UINTN Size
@ -83,7 +79,7 @@ TpmCommGetFlags (
@param[in] TisReg TPM Handle.
@param[in] Fmt Format control string.
@param[in] ... The variable argument list.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_TIMEOUT The register can't run into the expected status in time.
@ -91,9 +87,26 @@ TpmCommGetFlags (
EFI_STATUS
EFIAPI
TisPcExecute (
IN TIS_TPM_HANDLE TisReg,
IN CONST CHAR8 *Fmt,
...
);
/**
Single function calculates SHA1 digest value for all raw data. It
combines Sha1Init(), Sha1Update() and Sha1Final().
@param[in] Data Raw data to be digested.
@param[in] DataLen Size of the raw data.
@param[out] Digest Pointer to a buffer that stores the final digest.
@retval EFI_SUCCESS Always successfully calculate the final digest.
**/
EFI_STATUS
EFIAPI
TpmCommHashAll (
IN CONST UINT8 *Data,
IN UINTN DataLen,
OUT TPM_DIGEST *Digest
);
#endif // _TPM_COMM_H_