From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52708+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52708+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020677; cv=none; d=zohomail.com; s=zohoarc; b=mMOiM0addnkQEP1VyrlTqY4Rc8IChfv+QVC7HusIv4omgJgrVXGVO4vobS5B2W8Ndhoezm+d5TDCqJfF7HMKCkf70cJIDqbu9yK6Nd6z9lwf4HWoyqy+81Me2PkkKg4queej4Tc5sxabt3W29crCt1NR3qNguyacy8P6EfFTo3Y= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020677; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=7mmaTAqVlRSngrm1YCrlcqTY2PIHRci9xu7IN8SyLJ8=; b=gNVbRrPoe7jW8dqWTX5vz2YDvLVzRZqMCs51KTNupQ0JSKmGyoYPEMCTwL9/shIve/E11mvVdIOn3ITIYGxvEfJFr2Orpixx5THOEeTIPxw++2paYXVSumHI8CCSc8FjYA8JcRgTQo5CqKyE1IcRtwDXkp+ddJxVX9DxMqX0wHo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52708+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020677345514.4918175330935; Thu, 2 Jan 2020 19:04:37 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id aC9wYY1788612xVkBUauHpSf; Thu, 02 Jan 2020 19:04:36 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:36 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:36 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455059" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:35 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 01/13] SecurityPkg/Tcg2PpVerndorLib: Add two Ex function to handle PPdata Date: Fri, 3 Jan 2020 11:04:15 +0800 Message-Id: <20200103030428.28176-2-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: pmTpHKGfbPCdFUMYAX8pcN4ix1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020676; bh=+LW5FP26a1Ras9LrOUyBtLmnQyqVGHHmUJo+VaQZpno=; h=Cc:Date:From:Reply-To:Subject:To; b=LPYrcpub7pibPZOwpoZcmv/kKKXTkkTIfOtlbWh0zL0oVnHGezcJ/WM887dhXYOkPTD r7amVDb2pC7aCeUlMckbxiuT0lwcpPUFk3iXR1aS1WPpM2w+AdSd7Wp8BhljfOAOM/F/X Lxcgd38AXmBUMG0WM8j1cvD8l7Fcz8J+ECw= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Add Tcg2PpVendorLibExecutePendingRequestEx and Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx to handle the EFI_TCG2_PHYSICAL_PRESENCE parameters. Add the definition first. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- SecurityPkg/Include/Library/Tcg2PpVendorLib.h | 54 ++++++++++++++++++- 1 file changed, 53 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Include/Library/Tcg2PpVendorLib.h b/SecurityPkg/In= clude/Library/Tcg2PpVendorLib.h index 569eba6874..8f7fcf4e84 100644 --- a/SecurityPkg/Include/Library/Tcg2PpVendorLib.h +++ b/SecurityPkg/Include/Library/Tcg2PpVendorLib.h @@ -7,7 +7,7 @@ =20 Caution: This function may receive untrusted input. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -16,6 +16,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define _TCG2_PP_VENDOR_LIB_H_ =20 #include +#include #include #include =20 @@ -46,6 +47,33 @@ Tcg2PpVendorLibExecutePendingRequest ( OUT BOOLEAN *ResetRequired ); =20 +/** + Check and execute the requested physical presence command. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] PlatformAuth platform auth value. NULL means no plat= form auth change. + @param[in] PPData Ptr to EFI_TCG2_PHYSICAL_PRESENCE data. + @param[in, out] ManagementFlags BIOS TPM Management Flags. + @param[out] ResetRequired If reset is required to vendor settings= in effect. + True, it indicates the reset is require= d. + False, it indicates the reset is not re= quired. + + @return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibExecutePendingRequestEx ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN EFI_TCG2_PHYSICAL_PRESENCE *PPData, + IN OUT UINT32 *ManagementFlags, + OUT BOOLEAN *ResetRequired + ); + /** Check if there is a valid physical presence command request. =20 @@ -98,6 +126,30 @@ Tcg2PpVendorLibSubmitRequestToPreOSFunction ( IN UINT32 RequestParameter ); =20 +/** + The callback for TPM vendor specific physical presence which is called f= or + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI me= thod. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] *PPData Ptr to EFI_TCG2_PHYSICAL_PRESENCE data. + @param[in] ManagementFlags BIOS TPM Management Flags. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environme= nt and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx ( + IN EFI_TCG2_PHYSICAL_PRESENCE *PPdata, + IN UINT32 ManagementFlags + ); + /** The callback for TPM vendor specific physical presence which is called f= or Get User Confirmation Status for Operation. --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52708): https://edk2.groups.io/g/devel/message/52708 Mute This Topic: https://groups.io/mt/69392327/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52709+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52709+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020678; cv=none; d=zohomail.com; s=zohoarc; b=X+gCI1NDTsHPwVV9srji8y6/H+lfjwYntPGntjn5ivXfRyWxUdHzc6+nZenRcQFZiihCzYRcC4sJBCOv8votZUx4BcyytOt9bDorhpvmZ/Mebvfiw0YDUfSrOsmHCEdsosyqWqTj+aTB7/CeCGMhOnUI+Bj5nHYAga3P45CvUL8= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020678; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=EyKGAb+y1dBU9FTD67CkttMQVPVnpNMmqzDnED1gKvU=; b=CGe8dRtCf9LNPjmg2wQ7Slnm00t640pW12bzAt0tvkbtVTy2qn/Mnbxk5BZlXGZ2qZa+zusxMZ1fxueNMNswfAfXJO+INWexgU9kC+wB9OqH0eQWnjpusk5420uvwfWPLKNUJf2pXUg86ABS+GW9VrkewFQQoOD/1PenZUdcZs8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52709+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020678830177.15233189087087; Thu, 2 Jan 2020 19:04:38 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id ksJxYY1788612xdOtBEWthqd; Thu, 02 Jan 2020 19:04:38 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:37 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:37 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455076" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:36 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 02/13] SecurityPkg/Tcg2PpVendorLib: Add implementation of new Ex function Date: Fri, 3 Jan 2020 11:04:16 +0800 Message-Id: <20200103030428.28176-3-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: bBqX8t3VGitECTrQDVK1uSKNx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020678; bh=L+UTT7PAt2njLwx1shV3+VvqfWDZeZalZ+wugQC2Ido=; h=Cc:Date:From:Reply-To:Subject:To; b=YDOSx8AMiwIpjtbYtFJITvrnDVW9Cz4CR6hm0MVEceowtLU+YsGp4VuCSkQOnhoOjK8 fRvuSql/vmyn2iDZX+3YfwQq+c8xtJ7xpQoz+WZIkgmQUn7YFO+dJgKugJi29cvuWF+TT 1cI+gG9DycnaPlBE0Pjw34WU7N/fCWTMh6A= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Add Tcg2PpVendorLibExecutePendingRequestEx and Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx to handle the EFI_TCG2_PHYSICAL_PRESENCE parameters. Implement in the null version. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c | 61 ++++++++++++++++++- 1 file changed, 60 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c = b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c index 895d05a28d..0b57ba44e3 100644 --- a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c +++ b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c @@ -1,7 +1,7 @@ /** @file NULL Tcg2 PP Vendor library instance that does not support any vendor sp= ecific PPI. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -40,6 +40,37 @@ Tcg2PpVendorLibExecutePendingRequest ( return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE; } =20 +/** + Check and execute the requested physical presence command. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] PlatformAuth platform auth value. NULL means no plat= form auth change. + @param[in] PPData Ptr to EFI_TCG2_PHYSICAL_PRESENCE data. + @param[in, out] ManagementFlags BIOS TPM Management Flags. + @param[out] ResetRequired If reset is required to vendor settings= in effect. + True, it indicates the reset is require= d. + False, it indicates the reset is not re= quired. + + @return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibExecutePendingRequestEx ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN EFI_TCG2_PHYSICAL_PRESENCE *PPData, + IN OUT UINT32 *ManagementFlags, + OUT BOOLEAN *ResetRequired + ) +{ + ASSERT (PPData->PPRequest >=3D TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OP= ERATION); + return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE; +} + /** Check if there is a valid physical presence command request. =20 @@ -100,6 +131,34 @@ Tcg2PpVendorLibSubmitRequestToPreOSFunction ( return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED; } =20 +/** + The callback for TPM vendor specific physical presence which is called f= or + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI me= thod. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] *PPData Ptr to EFI_TCG2_PHYSICAL_PRESENCE data. + @param[in] ManagementFlags BIOS TPM Management Flags. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environme= nt and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx ( + IN EFI_TCG2_PHYSICAL_PRESENCE *PPdata, + IN UINT32 ManagementFlags + ) +{ + ASSERT (PPdata->PPRequest >=3D TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OP= ERATION); + return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED; +} + /** The callback for TPM vendor specific physical presence which is called f= or Get User Confirmation Status for Operation. --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52709): https://edk2.groups.io/g/devel/message/52709 Mute This Topic: https://groups.io/mt/69392329/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52710+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52710+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020679; cv=none; d=zohomail.com; s=zohoarc; b=UhNQxvii84+uadfaEpW4UzOD+kWogP7ET2VUG47KrVky+gHBM96J4qlmuvd8ZKoppBYwFii3ZvF3jURzjy8lEnVaXgGhYSeuYBrgWgOlF0cegmhRqflHIh8IAOXUfMUTZGtp4YrpqCALFj8MN5oxnRhFgTucF3Bksct7WG+kHso= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020679; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=vLA52gMh06dxqwyZFi8W6uaw1ZrTFj+wCblUvT8eZkY=; b=lYjfl02ml7D/enw4dNVoxwlg6bTZSbyEAOu6+kEIurAxCL/0if+1DEv8b4I6H9pEB/OXbKYGYdibpSc2tVr/mIk+90UYMoVaSYl32MuI2RqBDPRGDYqcAhZX7dbTjLRyUqTH4+GVSB1Tfs/tLEOCHHSlhdeVEaRF5aBavTPlrvE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52710+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020679577529.7928593235183; Thu, 2 Jan 2020 19:04:39 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 2tYqYY1788612x2EZcvdV9k2; Thu, 02 Jan 2020 19:04:39 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:38 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:38 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455087" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:37 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 03/13] SecurityPkg/Tcg2PhysicalPresenceLib: Use the new Ex function Date: Fri, 3 Jan 2020 11:04:17 +0800 Message-Id: <20200103030428.28176-4-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: WE9tmKCzT0Myt6PHEXu0djxLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020679; bh=9BzuLq10w/PFcg0/XDv8JrSyeKQUWU0pDSyBLy9/jFY=; h=Cc:Date:From:Reply-To:Subject:To; b=rhDfvPi8rn/uBGr4apIidUCJ3sHifAHc7jNx6BTlVCqP2FU8KVeRvQMQyCWZfm39/11 t2evDuEC2+R9mIVa5kHjPCROzZw8mK3mjw51lOH5zU7JWYGo92v0xnMgHz9mbNKxMEeyi K/91QPtxWI5q1MaOQTE2lb8rmjJHa26hIKE= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Change the call of Tcg2PpVendorLibExecutePendingRequest to Tcg2PpVendorLibExecutePendingRequestEx. Change the call of Tcg2PpVendorLibSubmitRequestToPreOSFunction to Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physi= calPresenceLib.c index 80e2e37bf4..081605f26c 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c @@ -7,7 +7,7 @@ =20 Tpm2ExecutePendingTpmRequest() will receive untrusted input and do valid= ation. =20 -Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -767,7 +767,7 @@ Tcg2ExecutePendingTpmRequest ( if (TcgPpData->PPRequest >=3D TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPE= RATION) { NewFlags =3D *Flags; NewPPFlags =3D NewFlags.PPFlags; - TcgPpData->PPResponse =3D Tcg2PpVendorLibExecutePendingRequest (Platfo= rmAuth, TcgPpData->PPRequest, &NewPPFlags, &ResetRequired); + TcgPpData->PPResponse =3D Tcg2PpVendorLibExecutePendingRequestEx (Plat= formAuth, TcgPpData, &NewPPFlags, &ResetRequired); NewFlags.PPFlags =3D NewPPFlags; } else { if (!RequestConfirmed) { @@ -1196,7 +1196,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( if (EFI_ERROR (Status)) { Flags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_= STORAGE_MANAGEMENT_FLAG_DEFAULT; } - return Tcg2PpVendorLibSubmitRequestToPreOSFunction (OperationRequest, = Flags.PPFlags, RequestParameter); + return Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx (&PpData, Flags.P= PFlags); } =20 return TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS; --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52710): https://edk2.groups.io/g/devel/message/52710 Mute This Topic: https://groups.io/mt/69392330/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52711+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52711+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020680; cv=none; d=zohomail.com; s=zohoarc; b=MN2o5JjYjDuR6It7nvkrdE3NrkBocSJOrUXq3vjyAx7ymCEsSmZyRDD7IioGGXRlO1LuFe3w78qQ1dLeU9GTAmtSXgMSSAiYo8pTfhA5zrIHnIKbozIeLN//deaT6XlBtuiG0o+77H4I2eK+kRct9sYomEQpCNdNNr3bvxC021w= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020680; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=k5qaYvlgOqVLdKDe7w+lPuKPukHkIH7HTpPtAAkI1aM=; b=nCB5DnbSU40Aopr3QcvAiQpMmo1Gcx8+LQhmxnH17BtTXxXXsa/wDJBSU+VYd2DWDrO/8pn26c1FzYRAaYDm+sx9HkNtB6gs8uDHFe6t9MF3+hNojtHY0A+GdzCPjlcBmA7TJlS8ft2ni+Q6gIgmhBgHQ3wqEKeiyFWeFeYvaZY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52711+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020680491674.7486688322584; Thu, 2 Jan 2020 19:04:40 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id XlbrYY1788612xC0GxoifseM; Thu, 02 Jan 2020 19:04:40 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:39 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:39 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455092" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:38 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 04/13] SecurityPkg/SmmTcg2PhysicalPresenceLib: Use the new Ex function Date: Fri, 3 Jan 2020 11:04:18 +0800 Message-Id: <20200103030428.28176-5-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: xmqiU1XaW4G1P1lYBbF4CXGyx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020680; bh=60TdpBOsweuWTliIJij3KG+3N5bq4ZLrmaevlqhMgTc=; h=Cc:Date:From:Reply-To:Subject:To; b=loa0+ZGub69Dfb6ZgISBjqPyBVx67BF+NyM7uF3XSvVEs5Im2K+fjMrAZEWuzHfySlr SpLz9c0dB6qGTbfyS3RptUHjetdZCCNgbrqQj2fTGUFbf6MHaYW7IgrZZbKlQQN1qAgEH G5Rw2J+eM1z6nBEaomcb4J6M2sZfPqOjjDs= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Change the call of Tcg2PpVendorLibSubmitRequestToPreOSFunction to Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physical= PresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physi= calPresenceLib.c index 3827df9663..72b51ed5e9 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c @@ -10,7 +10,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction() and Tcg2PhysicalPr= esenceLibGetUserConfirmationStatusFunction() will receive untrusted input and do validation. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -164,7 +164,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( if (EFI_ERROR (Status)) { Flags.PPFlags =3D TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT | TCG2_BIOS_= STORAGE_MANAGEMENT_FLAG_DEFAULT; } - ReturnCode =3D Tcg2PpVendorLibSubmitRequestToPreOSFunction (*Operation= Request, Flags.PPFlags, *RequestParameter); + ReturnCode =3D Tcg2PpVendorLibSubmitRequestToPreOSFunctionEx (&PpData,= Flags.PPFlags); } =20 EXIT: --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52711): https://edk2.groups.io/g/devel/message/52711 Mute This Topic: https://groups.io/mt/69392331/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52712+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52712+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020681; cv=none; d=zohomail.com; s=zohoarc; b=DoZkPeJOYcDV2Th76GBOP6QXzT2MEVXWD9JIRe50COeH/TXYBDYNF5MYFoGhCtizSn4+ofWciRSg/cKoRibVmintuQWLsKC59A6Gq8E4Ti7G6ZXB9CkhRpEh14e4aHzbsHFudc53qf52fwrXLTShRbdOewIgp5CCEuch5ZbBaGM= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020681; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=nw6lSZmeUlOadpI9gm7A4cUcfJpuPGe+zhuNkNNu53s=; b=hKrPpPVMyWW8Yx6barZICNx4bJxOTCBJcWDFot+vqJhyhv4ccxd1LiZxsrXjveTSb8bFb6T7S8ubGVSPoUnDWlfwfWNp+/FhVewDNB4tSGhqKCDFuCZXNkKjVtnTXDk91xFRQxxiIy3CBCtqJnr104c34czzL67FgULP8QW6w7o= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52712+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020681571694.6738098179579; Thu, 2 Jan 2020 19:04:41 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id MfL7YY1788612xQyJPBdmHlg; Thu, 02 Jan 2020 19:04:41 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:40 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:40 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455102" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:39 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 05/13] SecurityPkg/dec: Add a pcd for user response wait time Date: Fri, 3 Jan 2020 11:04:19 +0800 Message-Id: <20200103030428.28176-6-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: 9vpGA9HVCsFLTjo4YYtqj8yix1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020681; bh=7NwJVd9Y9aQ8tV8BpJxIuOXVqhBJjYJYQ9BJ5Ty2Ll8=; h=Cc:Date:From:Reply-To:Subject:To; b=aZtGnsdpAbVH5McNH4+cU+ZpUAMP+s0/uzJTayNaH4F0XlfSBx46VxCPzvT78nOOs2t Jzsfd1dcIkfQUVFXjjEKWsK5jCzsJ1phrjYXewhlvhWekzIY1l0GIAsm95wz7MxR4KyAg bkG7lC/A8mLvqE/7PemUsIfTM/NP4GLRCrI= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Add a pcd PcdPhysicalPresenceUserConfirmTimeout to set the wait time of the user response. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- SecurityPkg/SecurityPkg.dec | 7 ++++++- SecurityPkg/SecurityPkg.uni | 7 ++++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/SecurityPkg.dec b/SecurityPkg/SecurityPkg.dec index cac36caf0a..5711fde254 100644 --- a/SecurityPkg/SecurityPkg.dec +++ b/SecurityPkg/SecurityPkg.dec @@ -5,7 +5,7 @@ # It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and lib= rary classes) # and libraries instances, which are used for those features. # -# Copyright (c) 2009 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
# (C) Copyright 2015 Hewlett Packard Enterprise Development LP
# Copyright (c) 2017, Microsoft Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent @@ -287,6 +287,11 @@ # @Prompt Physical presence of the platform operator. gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence|TRUE|BOOLEAN|0x0001= 0001 =20 + ## Maximum wait time in seconds for user response in physical presence.<= BR>
+ # If the value is set to 0 (default), it means waiting forever. + # @Prompt Timeout of user confirmation. + gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceUserConfirmTimeout|0|UI= NT32|0x00010032 + [PcdsFixedAtBuild, PcdsPatchableInModule, PcdsDynamic, PcdsDynamicEx] ## Indicates whether TPM physical presence is locked during platform ini= tialization. # Once it is locked, it can not be unlocked for TPM life time.

diff --git a/SecurityPkg/SecurityPkg.uni b/SecurityPkg/SecurityPkg.uni index 68587304d7..be6523b3fb 100644 --- a/SecurityPkg/SecurityPkg.uni +++ b/SecurityPkg/SecurityPkg.uni @@ -5,7 +5,7 @@ // It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and lib= rary classes) // and libraries instances, which are used for those features. // -// Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
+// Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
// // SPDX-License-Identifier: BSD-2-Clause-Patent // @@ -84,6 +84,11 @@ = "TRUE - The platform operator is physically present.
\n" = "FALSE - The platform operator is not physically present.
" =20 +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdPhysicalPresenceUserConfirmTi= meout_PROMPT #language en-US "Timeout of user confirmation." + +#string STR_gEfiSecurityPkgTokenSpaceGuid_PcdPhysicalPresenceUserConfirmTi= meout_HELP #language en-US "Maximum wait time in seconds for user response= in physical presence.

\n" + = "If the value is set to 0 (default), it means w= aiting forever." + #string STR_gEfiSecurityPkgTokenSpaceGuid_PcdPhysicalPresenceLifetimeLock_= PROMPT #language en-US "Lock TPM physical presence asserting method." =20 #string STR_gEfiSecurityPkgTokenSpaceGuid_PcdPhysicalPresenceLifetimeLock_= HELP #language en-US "Indicates whether TPM physical presence is locked du= ring platform initialization. Once it is locked, it can not be unlocked for= TPM life time.

\n" --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52712): https://edk2.groups.io/g/devel/message/52712 Mute This Topic: https://groups.io/mt/69392332/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52713+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52713+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020682; cv=none; d=zohomail.com; s=zohoarc; b=F9s2SJdS6kDANGlTRPzEqD+Dw6MQIgp2GWL2SxsLoqTN1rkz3FNppkyhGcsTcdyJ6Qf0CK4lwp8YOvDN2zYc8zHlSgDYt2GezOGpa0R/DIsjak0ROGHM4+bDe1WX6bNZo8ANCqSNuhZhA4VW2P0QIwW//90ZDk5M6YF6NWujDBA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020682; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=fZFXnYAu+uxnK4WQ4m7rdTvW2Zm/39SKKqZMbJKAOqM=; b=Dtmvs7vAznGVO9+HNfj5dNQUQTgp4ueH50eF5EX6DkVnh4kVU0JTbr7+pxsXAmq8wpzU+rjA0JIagvA/eWSb4cwbMdQ5upVA+ZRaMrwyQdaovLoUY5JWZ7f51/Tumw7IAgGd2um0XGBZpNEAS7UE+/ZgA51wM5NGdiWi1jsg5eI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52713+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020682991907.0016157147795; Thu, 2 Jan 2020 19:04:42 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id 6x2EYY1788612xVdKszffqBM; Thu, 02 Jan 2020 19:04:42 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:42 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:41 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455113" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:40 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang , Jordan Justen , Laszlo Ersek , Ard Biesheuvel , =?UTF-8?q?Marc-Andr=C3=A9=20Lureau?= , Stefan Berger Subject: [edk2-devel] [PATCH 06/13] OvmfPkg/Tcg2PhysicalPresenceLib: Use pcd for user response wait time Date: Fri, 3 Jan 2020 11:04:20 +0800 Message-Id: <20200103030428.28176-7-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: gBH2baLXpwNbx0wyD8Fu3xCwx1787277AA= Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020682; bh=4lEiahyCyTS3iNKnY9QnGa4pPIA6IB3c/OCPI0irjsY=; h=Cc:Content-Type:Date:From:Reply-To:Subject:To; b=wE2BdK3xwTo6QoCgfLiZx/TyTgIXnEzhf1y/FvXmxWX+YhSjDWiRfOq1AE5fXSvZ03z HkxCNNkJSvKJPXuAFyFcW8YWaG2z2uQkwgVNhCVTnPFyokG50buEfX+e1GJO5U2t7rLpX a20btsSyBLQb++cJLcwUu2tTelofINxGRGw= X-ZohoMail-DKIM: pass (identity @groups.io) REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Use the pcd PcdPhysicalPresenceUserConfirmTimeout to control the wait time of user response. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Cc: Jordan Justen Cc: Laszlo Ersek Cc: Ard Biesheuvel Cc: Marc-Andr=C3=A9 Lureau Cc: Stefan Berger Signed-off-by: Zhichao Gao --- .../DxeTcg2PhysicalPresenceLib.c | 63 ++++++++++++++----- .../DxeTcg2PhysicalPresenceLib.inf | 6 +- 2 files changed, 52 insertions(+), 17 deletions(-) diff --git a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.c b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.c index 00d76ba2c2..13f78cbfac 100644 --- a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.c +++ b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.c @@ -9,7 +9,7 @@ =20 Copyright (C) 2018, Red Hat, Inc. Copyright (c) 2018, IBM Corporation. All rights reserved.
-Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2013 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -32,6 +32,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include +#include =20 #include =20 @@ -365,28 +367,57 @@ Tcg2ReadUserKey ( { EFI_STATUS Status; EFI_INPUT_KEY Key; - UINT16 InputKey; + UINT16 ConfirmKey; + UINTN Interval; + INT64 Timeout; =20 - InputKey =3D 0; + // + // delay 100 milli-second + // + Interval =3D 100; + ConfirmKey =3D (CautionKey) ? SCAN_F12 : SCAN_F10; + Timeout =3D (INT64)PcdGet32 (PcdPhysicalPresenceUserConfirmTimeout); + if (Timeout > 0) { + Timeout =3D (INT64)MultU64x32 ((UINT64)Timeout, 1000); + } else { + // + // Wait forever + // + Timeout =3D MAX_INT64; + } + + // + // Wait for user response within the time-out + // do { + MicroSecondDelay (Interval * 1000); + Status =3D gBS->CheckEvent (gST->ConIn->WaitForKey); if (!EFI_ERROR (Status)) { Status =3D gST->ConIn->ReadKeyStroke (gST->ConIn, &Key); - if (Key.ScanCode =3D=3D SCAN_ESC) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F10) && !CautionKey) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F12) && CautionKey) { - InputKey =3D Key.ScanCode; + if (!EFI_ERROR (Status)) { + if (Key.ScanCode =3D=3D ConfirmKey) { + // + // User Confirmation + // + return TRUE; + } + + if (Key.ScanCode =3D=3D SCAN_ESC) { + // + // User Rejection + // + return FALSE; + } + } else if (Status =3D=3D EFI_DEVICE_ERROR) { + // + // If error, assume User Rejection + // + return FALSE; } } - } while (InputKey =3D=3D 0); - - if (InputKey !=3D SCAN_ESC) { - return TRUE; - } + Timeout -=3D Interval; + } while (Timeout > 0); =20 return FALSE; } diff --git a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPre= senceLib.inf b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalP= resenceLib.inf index 85ce0e2b29..701de1836c 100644 --- a/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.inf +++ b/OvmfPkg/Library/Tcg2PhysicalPresenceLibQemu/DxeTcg2PhysicalPresenceLi= b.inf @@ -20,7 +20,7 @@ # This external input must be validated carefully to avoid security issue. # # Copyright (C) 2018, Red Hat, Inc. -# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -62,10 +62,14 @@ UefiBootServicesTableLib UefiLib UefiRuntimeServicesTableLib + TimerLib =20 [Protocols] gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES =20 +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceUserConfirmTimeout + [Guids] ## SOMETIMES_CONSUMES ## HII gEfiTcg2PhysicalPresenceGuid --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52713): https://edk2.groups.io/g/devel/message/52713 Mute This Topic: https://groups.io/mt/69392333/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52714+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52714+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020683; cv=none; d=zohomail.com; s=zohoarc; b=FZmqKhq2MDHfK70eylN/OBoiXupLc/6B4FxhjndM8mn1JS9vh2EPwPkbKmUrso927gL3H9Yol4v9n42A1w2qXMIvRYgN4q+XvLEUKD2bjUmB0Q11+uZdP9NV5gimJQvbdjgqYJx3wOFINdJmn/3OUvosyHUJ5IlInsfIcT/AOQU= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020683; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=l4UJdOqhTjlpsJXEPohy6bNLpiWMawZGim1jH+V/w3A=; b=GDl7PxqPdtLX5ZaYEKgQo3TNRpTpPFjgprellx/nYfZxkmLC9MjMbvbppTzWqeUTqaEINFRLfbXOsNQlbBvG1R6B/Yg9/q34hH6NG2j0AFa6Su6wXhOFXrgfZULNqvYlMlQNcj+fDBsmY5pEhWpNBbTvykqGPcjilg8U+JLQfBA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52714+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020683795110.19100873479545; Thu, 2 Jan 2020 19:04:43 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id Y8KOYY1788612x35t8zfCsvO; Thu, 02 Jan 2020 19:04:43 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:43 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:42 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455123" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:42 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 07/13] SecurityPkg/Tcg2PhysicalPresenceLib: Use Pcd for user resp wait time Date: Fri, 3 Jan 2020 11:04:21 +0800 Message-Id: <20200103030428.28176-8-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: toS7G4tOFMOnwMDWD4bC8USEx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020683; bh=vvoHPlk6/5+rbu1O8CafDrEV62iVh/L7s3m+/N7IY2Y=; h=Cc:Date:From:Reply-To:Subject:To; b=DV0KisMAgySF9cXtdY+Lz3Oo4XMIWaRsqTtGBhi1F/3TEM90gQQOwj8y052GRknTQ5d 4SMLtzT2kIK3d/NOhZvrSnHGAzAafT3wScdec49+I3i4Bhrr6dyNTEGdIHospI+lqByXe DHzOiaszMbEh5/hR5PEcBFX8U5f7UhSRfaw= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Use the pcd PcdPhysicalPresenceUserConfirmTimeout to control the wait time of user response. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../DxeTcg2PhysicalPresenceLib.c | 61 ++++++++++++++----- .../DxeTcg2PhysicalPresenceLib.inf | 4 +- 2 files changed, 49 insertions(+), 16 deletions(-) diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physi= calPresenceLib.c index 081605f26c..1ae19436c2 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c @@ -31,6 +31,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include +#include =20 #define CONFIRM_BUFFER_SIZE 4096 =20 @@ -267,28 +269,57 @@ Tcg2ReadUserKey ( { EFI_STATUS Status; EFI_INPUT_KEY Key; - UINT16 InputKey; + UINT16 ConfirmKey; + UINTN Interval; + INT64 Timeout; =20 - InputKey =3D 0; + // + // delay 100 milli-second + // + Interval =3D 100; + ConfirmKey =3D (CautionKey) ? SCAN_F12 : SCAN_F10; + Timeout =3D (INT64)PcdGet32 (PcdPhysicalPresenceUserConfirmTimeout); + if (Timeout > 0) { + Timeout =3D (INT64)MultU64x32 ((UINT64)Timeout, 1000); + } else { + // + // Wait forever + // + Timeout =3D MAX_INT64; + } + + // + // Wait for user response within the time-out + // do { + MicroSecondDelay (Interval * 1000); + Status =3D gBS->CheckEvent (gST->ConIn->WaitForKey); if (!EFI_ERROR (Status)) { Status =3D gST->ConIn->ReadKeyStroke (gST->ConIn, &Key); - if (Key.ScanCode =3D=3D SCAN_ESC) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F10) && !CautionKey) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F12) && CautionKey) { - InputKey =3D Key.ScanCode; + if (!EFI_ERROR (Status)) { + if (Key.ScanCode =3D=3D ConfirmKey) { + // + // User Confirmation + // + return TRUE; + } + + if (Key.ScanCode =3D=3D SCAN_ESC) { + // + // User Rejection + // + return FALSE; + } + } else if (Status =3D=3D EFI_DEVICE_ERROR) { + // + // If error, assume User Rejection + // + return FALSE; } } - } while (InputKey =3D=3D 0); - - if (InputKey !=3D SCAN_ESC) { - return TRUE; - } + Timeout -=3D Interval; + } while (Timeout > 0); =20 return FALSE; } diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Phy= sicalPresenceLib.inf index e1c7c20d52..afca48356e 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.inf +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.inf @@ -8,7 +8,7 @@ # This driver will have external input - variable. # This external input must be validated carefully to avoid security issue. # -# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2013 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -50,6 +50,7 @@ HobLib Tpm2CommandLib Tcg2PpVendorLib + TimerLib =20 [Protocols] gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES @@ -57,6 +58,7 @@ =20 [Pcd] gEfiSecurityPkgTokenSpaceGuid.PcdTcg2PhysicalPresenceFlags ## SOME= TIMES_CONSUMES + gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceUserConfirmTimeout =20 [Guids] ## SOMETIMES_CONSUMES ## HII --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52714): https://edk2.groups.io/g/devel/message/52714 Mute This Topic: https://groups.io/mt/69392334/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52715+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52715+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020685; cv=none; d=zohomail.com; s=zohoarc; b=lnmyBvdgheAeggNRbHvVSsZeQeUut48KlZeqW+cNpMmzXaXVo1qhEJONQi20u6hYTyUkQr5VKXA0bhRiB9X/VzANWxeaabh7bXKDJxvZR8oVPvDer0YmAEhbDUd3QBgdy10qWGETYuvNGsJrwJMZi9lxwyiQsR8Fuw86je+pxGw= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020685; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=oGxqYpVkFvXH4vOsu3HIlpi9MxGupZot+rsjRcOBEHQ=; b=TmypjKDTvW+L6+b60QJ8QwyjikHn93C6/LJvhKQk8IlbRfGw5vDeEZtvZX1J457vSYxjLvA27wancU/7VkaDJMo78QSHhYQ5vUCUlsW3G8olj2/fTtqSn2iXgoGeIFapCVXdWJZK8iE1Pc85beGpYlgJFF5U8j66uvA7Awcgbi8= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52715+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 157802068502662.80331759373996; Thu, 2 Jan 2020 19:04:45 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id zHLhYY1788612x5gh9BGedVx; Thu, 02 Jan 2020 19:04:44 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:44 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:43 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455138" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:43 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 08/13] SecurityPkg/TcgPyhsicalPresenceLib: Use Pcd for user resp wait time Date: Fri, 3 Jan 2020 11:04:22 +0800 Message-Id: <20200103030428.28176-9-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: X47fq4aEGxdaW3IR6Q8ZPAJrx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020684; bh=DGIardZcvYcY0wCkIBnWfIVBMKod7LaNqM93EHMYLLE=; h=Cc:Date:From:Reply-To:Subject:To; b=gsEaO/nMQldDsSTpJmSHtvSUjfVGI2iwDvRN1tqJFar/sVqbr1Ho6GxVdw10ssxxhp6 Ef2g7nHWjETgUC8DPOsDP0rlMJgemJiJcpv6B2FQ/wO2ac2sfjj62m7Y1Kzf9OhjO2ULn coMreYNA3HpIxmDmjAdpcp8qIMPYl6KNMhM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Use the pcd PcdPhysicalPresenceUserConfirmTimeout to control the wait time of user response. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../DxeTcgPhysicalPresenceLib.c | 76 ++++++++++++------- .../DxeTcgPhysicalPresenceLib.inf | 6 +- 2 files changed, 55 insertions(+), 27 deletions(-) diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPr= esenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalP= resenceLib.c index 174172d5d7..14423991f0 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c @@ -8,7 +8,7 @@ =20 ExecutePendingTpmRequest() will receive untrusted input and do validatio= n. =20 -Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -29,6 +29,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include +#include =20 #define CONFIRM_BUFFER_SIZE 4096 =20 @@ -444,35 +446,57 @@ ReadUserKey ( { EFI_STATUS Status; EFI_INPUT_KEY Key; - UINT16 InputKey; - UINTN Index; + UINT16 ConfirmKey; + UINTN Interval; + INT64 Timeout; =20 - InputKey =3D 0; - do { - Status =3D gST->ConIn->ReadKeyStroke (gST->ConIn, &Key); - if (Status =3D=3D EFI_NOT_READY) { - gBS->WaitForEvent (1, &gST->ConIn->WaitForKey, &Index); - continue; - } + // + // delay 100 milli-second + // + Interval =3D 100; + ConfirmKey =3D (CautionKey) ? SCAN_F12 : SCAN_F10; + Timeout =3D (INT64)PcdGet32 (PcdPhysicalPresenceUserConfirmTimeout); + if (Timeout > 0) { + Timeout =3D (INT64)MultU64x32 ((UINT64)Timeout, 1000); + } else { + // + // Wait forever + // + Timeout =3D MAX_INT64; + } =20 - if (Status =3D=3D EFI_DEVICE_ERROR) { - return FALSE; - } + // + // Wait for user response within the time-out + // + do { + MicroSecondDelay (Interval * 1000); + + Status =3D gBS->CheckEvent (gST->ConIn->WaitForKey); + if (!EFI_ERROR (Status)) { + Status =3D gST->ConIn->ReadKeyStroke (gST->ConIn, &Key); + if (!EFI_ERROR (Status)) { + if (Key.ScanCode =3D=3D ConfirmKey) { + // + // User Confirmation + // + return TRUE; + } =20 - if (Key.ScanCode =3D=3D SCAN_ESC) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F10) && !CautionKey) { - InputKey =3D Key.ScanCode; - } - if ((Key.ScanCode =3D=3D SCAN_F12) && CautionKey) { - InputKey =3D Key.ScanCode; + if (Key.ScanCode =3D=3D SCAN_ESC) { + // + // User Rejection + // + return FALSE; + } + } else if (Status =3D=3D EFI_DEVICE_ERROR) { + // + // If error, assume User Rejection + // + return FALSE; + } } - } while (InputKey =3D=3D 0); - - if (InputKey !=3D SCAN_ESC) { - return TRUE; - } + Timeout -=3D Interval; + } while (Timeout > 0); =20 return FALSE; } diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPr= esenceLib.inf b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysica= lPresenceLib.inf index cfe14f20ca..13b7246290 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.inf +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.inf @@ -9,7 +9,7 @@ # This driver will have external input - variable. # This external input must be validated carefully to avoid security issue. # -# Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2009 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -50,11 +50,15 @@ PrintLib HiiLib TcgPpVendorLib + TimerLib =20 [Protocols] gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES gEdkiiVariableLockProtocolGuid ## SOMETIMES_CONSUMES =20 +[Pcd] + gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceUserConfirmTimeout + [Guids] ## SOMETIMES_CONSUMES ## HII ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence" --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52715): https://edk2.groups.io/g/devel/message/52715 Mute This Topic: https://groups.io/mt/69392335/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52716+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52716+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020685; cv=none; d=zohomail.com; s=zohoarc; b=H3t2Cp1WJfedROlY2KRnA7TEVh1EKPwm3nca28v1OxXsbPpJMxFyATkQiAUfYuYe91ZOZSHxM5eIaCXLN86xOh9BNlF3FM3hwDCAHfG9b4iHOk+v3MRz06okO3yHQcnApliO2cdM+CyoDLSwUsG1dkvGuIjC4JOdAopRxBIiSVY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020685; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=BEo6pkxYm39DUnywjVelnBm/PmaPcpnAXUrYpaMTbgA=; b=XCFK34aWqH8JTkbG4NwLteX7/mTLjj9DFiFP6OrBf2gBHKSA89v2W2WO73b5RGdCvgwfg2ITT0FD79nKMzFcbobP5vyw8T2M26AF7h7Ap5Q2efMHCxOxHvZcBsvZqkBhpA819gXWcyPe2BpVe7OXSYW29uOUolQ9pszcsoJGMr0= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52716+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020685810878.1818829396851; Thu, 2 Jan 2020 19:04:45 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id qj9RYY1788612x1RwbfmlCrO; Thu, 02 Jan 2020 19:04:45 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:45 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:44 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455154" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:44 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 09/13] SecurityPkg/Tcg2PhysicalPresenceData.h: Add FunctionIndex for PPdata Date: Fri, 3 Jan 2020 11:04:23 +0800 Message-Id: <20200103030428.28176-10-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: tMSJ3t1dB91xOoxveOHLthlwx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020685; bh=gekZFyPcOyzi4JhoYvDd2A87MbRgRz4K34ns+lkl+z8=; h=Cc:Date:From:Reply-To:Subject:To; b=EQwACT3oewTfjubza/GHB6vzb6ITHLpWjZnyJwiwvu0EhOjZrs4JF8x8xkDJZwA7Z2E fo7jhMXaa56/C7THLmsuapWjfbiX+Ye5hRN7hIoOfu7YzlrKbQ7VqBT2Jy9oTKZHfFh+i 7A99o/I6Q8UF5eFao2XlUlqbDNZ/I5Xv3UM= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Add PPFunction to extend the EFI_TCG2_PHYSICAL_PRESENCE. It refers to Physical Presence Function Index. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h b/Security= Pkg/Include/Guid/Tcg2PhysicalPresenceData.h index 382b487649..b962e81788 100644 --- a/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h +++ b/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h @@ -4,7 +4,7 @@ cleared after it is processed in the next boot cycle. The TPM2 response is saved to variable. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -20,6 +20,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define TCG2_PHYSICAL_PRESENCE_VARIABLE L"Tcg2PhysicalPresence" =20 typedef struct { + UINT8 PPFunction; ///< Physical Presence Function Index UINT8 PPRequest; ///< Physical Presence request command. UINT32 PPRequestParameter; ///< Physical Presence request Parameter. UINT8 LastPPRequest; --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52716): https://edk2.groups.io/g/devel/message/52716 Mute This Topic: https://groups.io/mt/69392336/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52717+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52717+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020686; cv=none; d=zohomail.com; s=zohoarc; b=ezKddmQunS8OsUo3tVFjQ6dG5unwhfuSfo14jYW4YIj08M/NpgJemShDwLcy7J5qwSQje0IESMCNlbdv4LuUtJMU74X86rakF1OLg2R2H0IYw8Na8racuQ6FZQ+71zDiyexXeRo9P3GSFHr0SUnbm+qpUpZ9ppinnQH45Fb+IWg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020686; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=co3ILqU2qnJ/b1KRlhao77rThF/M+RChyc+gybiu2fg=; b=URjaL/GArWC3/fnIbN/Ea3Fczik1Pl4R/SXm3QEeW+g2vQiBzaqFGchPx5vwPOWzexM/WYhlGA7F4346sK4rD0s0W2+A6yABfAtju5nSajjID3SY4cawARFTGj7CA7cfa7f0S3hCJ8Eq9o69h+hySLUJ5QIJr5HHc4+jE6ceH50= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52717+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020686901809.1771100624253; Thu, 2 Jan 2020 19:04:46 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id aYFxYY1788612xqHMEgFn5VI; Thu, 02 Jan 2020 19:04:46 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:46 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:45 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455166" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:44 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 10/13] SecurityPkg/Tcg2PhysicalPresenceLib: Extend the submit preOS func Date: Fri, 3 Jan 2020 11:04:24 +0800 Message-Id: <20200103030428.28176-11-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: r1nexpP9xpyMAwNQ3Bw77r8ix1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020686; bh=Xv89OSADE8Q3tYoxzQDH0YsRqaZxUS1m59+cNMolQT0=; h=Cc:Date:From:Reply-To:Subject:To; b=nmdp/90iAh+HayJ5lZnpFiJR/QkHAharcNwhzNPBeX2qRUO9rnHdiXw9PepVuKFanGN YBY0W0ZROvd2lxpppDR8OtrIahPLN7m/WZV9Kmd1NBsJINZsHCvo7o5rZIFzlaZ8gEubg iXaNetJlJLIwFySZ+0naknbzFr9o4+iUZq4= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Extend the Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx to handle the FunctionIndex. And modify the all of this function to avoid build error. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h | 4 +++- .../DxeTcg2PhysicalPresenceLib.c | 1 + .../SmmTcg2PhysicalPresenceLib.c | 11 ++++++++++- SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c | 10 +++++++--- 4 files changed, 21 insertions(+), 5 deletions(-) diff --git a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h b/Securi= tyPkg/Include/Library/Tcg2PhysicalPresenceLib.h index 39febcb655..8b71c32d53 100644 --- a/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h +++ b/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h @@ -2,7 +2,7 @@ This library is intended to be used by BDS modules. This library will execute TPM2 request. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -127,6 +127,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunct= ion ( =20 Caution: This function may receive untrusted input. =20 + @param[in, out] Pointer to FunctionIndex TPM physical presence Function= Index. @param[in, out] Pointer to OperationRequest TPM physical presence opera= tion request. @param[in, out] Pointer to RequestParameter TPM physical presence opera= tion request parameter. =20 @@ -135,6 +136,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunct= ion ( **/ UINT32 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( + IN OUT UINT32 *FunctionIndex, IN OUT UINT32 *OperationRequest, IN OUT UINT32 *RequestParameter ); diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physical= PresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2Physi= calPresenceLib.c index 1ae19436c2..090ed2781e 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenc= eLib.c @@ -1199,6 +1199,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( =20 if ((PpData.PPRequest !=3D OperationRequest) || (PpData.PPRequestParameter !=3D RequestParameter)) { + PpData.PPFunction =3D (UINT8)TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_= 2; PpData.PPRequest =3D (UINT8)OperationRequest; PpData.PPRequestParameter =3D RequestParameter; DataSize =3D sizeof (EFI_TCG2_PHYSICAL_PRESENCE); diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physical= PresenceLib.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2Physi= calPresenceLib.c index 72b51ed5e9..271ee51060 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenc= eLib.c @@ -89,6 +89,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunctio= n ( =20 Caution: This function may receive untrusted input. =20 + @param[in, out] Pointer to FunctionIndex TPM physical presence Function= Index. @param[in, out] Pointer to OperationRequest TPM physical presence opera= tion request. @param[in, out] Pointer to RequestParameter TPM physical presence opera= tion request parameter. =20 @@ -97,6 +98,7 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunctio= n ( **/ UINT32 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( + IN OUT UINT32 *FunctionIndex, IN OUT UINT32 *OperationRequest, IN OUT UINT32 *RequestParameter ) @@ -135,6 +137,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( =20 if ((PpData.PPRequest !=3D *OperationRequest) || (PpData.PPRequestParameter !=3D *RequestParameter)) { + PpData.PPFunction =3D (UINT8)*FunctionIndex; PpData.PPRequest =3D (UINT8)*OperationRequest; PpData.PPRequestParameter =3D *RequestParameter; DataSize =3D sizeof (EFI_TCG2_PHYSICAL_PRESENCE); @@ -211,13 +214,19 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( IN UINT32 RequestParameter ) { + UINT32 TempFunctionIndex; UINT32 TempOperationRequest; UINT32 TempRequestParameter; =20 + TempFunctionIndex =3D TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2; TempOperationRequest =3D OperationRequest; TempRequestParameter =3D RequestParameter; =20 - return Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx(&TempOperat= ionRequest, &TempRequestParameter); + return Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( + &TempFunctionIndex, + &TempOperationRequest, + &TempRequestParameter + ); } =20 /** diff --git a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c b/SecurityPkg/Tcg/Tcg2Smm/Tc= g2Smm.c index 91aebb62b8..d9e8be1403 100644 --- a/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c +++ b/SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c @@ -9,7 +9,7 @@ =20 PhysicalPresenceCallback() and MemoryClearCallback() will receive untrus= ted input and do some check. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -80,6 +80,7 @@ PhysicalPresenceCallback ( { UINT32 MostRecentRequest; UINT32 Response; + UINT32 FunctionIndex; UINT32 OperationRequest; UINT32 RequestParameter; =20 @@ -95,12 +96,15 @@ PhysicalPresenceCallback ( } else if ((mTcgNvs->PhysicalPresence.Parameter =3D=3D TCG_ACPI_FUNCTION= _SUBMIT_REQUEST_TO_BIOS) || (mTcgNvs->PhysicalPresence.Parameter =3D=3D TCG_ACPI_FUNCTION= _SUBMIT_REQUEST_TO_BIOS_2)) { =20 + FunctionIndex =3D mTcgNvs->PhysicalPresence.Parameter; OperationRequest =3D mTcgNvs->PhysicalPresence.Request; RequestParameter =3D mTcgNvs->PhysicalPresence.RequestParameter; mTcgNvs->PhysicalPresence.ReturnCode =3D Tcg2PhysicalPresenceLibSubmit= RequestToPreOSFunctionEx ( - &OperationRequest, - &RequestParameter + &FunctionIndex, ///< Arg2= , Function Index (2 or 7) + &OperationRequest, ///< Arg3,= Integer1 (Operation value, valid for both Function Index 2 and 7) + &RequestParameter ///< Arg3,= Integer2 (Operation Parameter, valid for Function Index 7 only) ); + mTcgNvs->PhysicalPresence.Parameter =3D FunctionIndex; mTcgNvs->PhysicalPresence.Request =3D OperationRequest; mTcgNvs->PhysicalPresence.RequestParameter =3D RequestParameter; } else if (mTcgNvs->PhysicalPresence.Parameter =3D=3D TCG_ACPI_FUNCTION_= GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) { --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52717): https://edk2.groups.io/g/devel/message/52717 Mute This Topic: https://groups.io/mt/69392337/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52718+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52718+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020688; cv=none; d=zohomail.com; s=zohoarc; b=UAdZ2usIsvB2dvwAGajSyLMpcq/QG3PphOf69/1+KujrQlyV18IbfybTN1aiuQJS1/LCibx1Pe/mWnAgWfpbSoGhJClPB7Lgig6NbYq6tQjSFDeWsaWmwnMRVuwy/CRWP32dY2h3IFtYgop0ILpamGLMyXPU7mCRa2Cp5f4eBqo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020688; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=tBP5qaxcGp8CsuKFjmYyTO0c4tHwzwZdyfD2R3hjWeo=; b=D6qeaWCoh0b4gXHOuc/xaQ3fXXySQVUQ1wbpqSIaZixCHJgrf5EaDbDksfdkBs4imajQE7AfnrVi4VpI/gFhKvsrKiPmbCLCnGSWzfAj2Thw8QXmqrzsQHqfbzyvMpR4omrjtCq+s8bTVf+4Fg2mvsKbzl8iyl6vFnYVbfneIXM= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52718+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020688010350.86459057145555; Thu, 2 Jan 2020 19:04:48 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id Fg7mYY1788612xfvHyoi2v43; Thu, 02 Jan 2020 19:04:47 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:47 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:46 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455188" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:46 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 11/13] SecurityPkg: Move the Tcg2ConfigNvData.h to Include folder Date: Fri, 3 Jan 2020 11:04:25 +0800 Message-Id: <20200103030428.28176-12-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: 2Zpxprms1rWULKjaeKUWDTI0x1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020687; bh=WDFyqzghZJUUsltA4bVO7mgt4T8Jequ6e47k1p7UWDs=; h=Cc:Date:From:Reply-To:Subject:To; b=YUOmwLjMKHXSEqHipNMKUjpcxLy22XeowMpf7Id8UEQ8BuU8u6qdYKjNeXu1u5ZKZZD KCJK2Mbf9ub2wFLg+bLhXKCu3ltDW/lwuIcB/OYRkfMoqAkJ2qz9KUmhWBj+vqNdN6FhA BjieXv+ogUMSbjbxvx2fbDXQPDgJdOQQC5o= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Tcg2ConfigNvData.h is useful for the tcg2 driver. So move it to the Include folder for other platform tcg2 instances to use. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- SecurityPkg/{Tcg/Tcg2Config =3D> Include}/Tcg2ConfigNvData.h | 2 +- SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr | 4 ++-- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf | 3 +-- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h | 4 ++-- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf | 3 +-- SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c | 4 ++-- SecurityPkg/Tcg/Tcg2Config/TpmDetection.c | 4 ++-- 7 files changed, 11 insertions(+), 13 deletions(-) rename SecurityPkg/{Tcg/Tcg2Config =3D> Include}/Tcg2ConfigNvData.h (94%) diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h b/SecurityPkg/In= clude/Tcg2ConfigNvData.h similarity index 94% rename from SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h rename to SecurityPkg/Include/Tcg2ConfigNvData.h index a91c052850..9c7850e865 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h +++ b/SecurityPkg/Include/Tcg2ConfigNvData.h @@ -1,7 +1,7 @@ /** @file Header file for NV data structure definition. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr b/SecurityPkg/Tcg/Tc= g2Config/Tcg2Config.vfr index 91a463997c..10a447239e 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr @@ -1,12 +1,12 @@ /** @file VFR file used by the TCG2 configuration component. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ =20 -#include "Tcg2ConfigNvData.h" +#include =20 formset guid =3D TCG2_CONFIG_FORM_SET_GUID, diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf b/SecurityPkg/Tcg= /Tcg2Config/Tcg2ConfigDxe.inf index 6417ab82a1..8e12c2ebc8 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf @@ -4,7 +4,7 @@ # By this module, user may select TPM device, clear TPM state, etc. # NOTE: This module is only for reference only, each platform should have= its own setup page. # -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -29,7 +29,6 @@ Tcg2ConfigImpl.h Tcg2Config.vfr Tcg2ConfigStrings.uni - Tcg2ConfigNvData.h Tcg2Internal.h =20 [Packages] diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h b/SecurityPkg/Tcg/= Tcg2Config/Tcg2ConfigImpl.h index af542d52ef..860379605a 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h @@ -2,7 +2,7 @@ The header file of HII Config Access protocol implementation of TCG2 configuration module. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -35,7 +35,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent =20 #include =20 -#include "Tcg2ConfigNvData.h" +#include #include "Tcg2Internal.h" =20 #define TCG2_PROTOCOL_VERSION_DEFAULT 0x0001 diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf b/SecurityPkg/Tcg= /Tcg2Config/Tcg2ConfigPei.inf index f2aa3234ad..416ad4610b 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf @@ -4,7 +4,7 @@ # This module initializes TPM device type based on variable and detection. # NOTE: This module is only for reference only, each platform should have= its own setup page. # -# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
# SPDX-License-Identifier: BSD-2-Clause-Patent # ## @@ -27,7 +27,6 @@ =20 [Sources] Tcg2ConfigPeim.c - Tcg2ConfigNvData.h Tcg2Internal.h TpmDetection.c =20 diff --git a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c b/SecurityPkg/Tcg/= Tcg2Config/Tcg2ConfigPeim.c index e0d0a207e1..5b55c8b406 100644 --- a/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c +++ b/SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c @@ -1,7 +1,7 @@ /** @file The module entry point for Tcg2 configuration module. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -22,7 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include =20 -#include "Tcg2ConfigNvData.h" +#include #include "Tcg2Internal.h" =20 TPM_INSTANCE_ID mTpmInstanceId[] =3D TPM_INSTANCE_ID_LIST; diff --git a/SecurityPkg/Tcg/Tcg2Config/TpmDetection.c b/SecurityPkg/Tcg/Tc= g2Config/TpmDetection.c index eeaadc5e2f..67f76853e2 100644 --- a/SecurityPkg/Tcg/Tcg2Config/TpmDetection.c +++ b/SecurityPkg/Tcg/Tcg2Config/TpmDetection.c @@ -1,7 +1,7 @@ /** @file TPM1.2/dTPM2.0 auto detection. =20 -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent =20 **/ @@ -19,7 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include =20 -#include "Tcg2ConfigNvData.h" +#include #include "Tcg2Internal.h" =20 /** --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52718): https://edk2.groups.io/g/devel/message/52718 Mute This Topic: https://groups.io/mt/69392341/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52719+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52719+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020688; cv=none; d=zohomail.com; s=zohoarc; b=CVHJimlnqW4Fxv1JOnt3hU0GsgPekzWCCCLGnP0OIRjzcq1dqfG7IfL5vdKq8OLy8WborsrZ4Lkg7QtcjNv2YawpfWv4/rd7LwlVxHQZiApFEJii5qpHbVTh9z9sylPajUO3ZRhJMj6e7y8ACgGUYGRZ35xn2kPnN4xH7Ghhhp4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020688; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=rjmayBIeMYm9C28rXpqsV/k2NovJ7Dey4V0lHIHMlxs=; b=Y49RGIeq5kQlNzjUeX3UIVJRc9dn41zWv41p/Pf1qG7WuSx9ZQKzZFytYYxFk1A0jQ+svCHc5tTrJmxR+71hdJHF9Wb/KJJPGXVXDMCfF7Dm6MGJ1nZqVAIM06vElH2Ofb0rs9zwdpti59QLKUvaYmqXIfShgEfCxXjIRX3lGks= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52719+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 157802068882673.9099572013613; Thu, 2 Jan 2020 19:04:48 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id YjGeYY1788612xdrDx8AsmW0; Thu, 02 Jan 2020 19:04:48 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:47 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:47 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455215" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:47 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 12/13] SecurityPkg/TcgPhysicalPresenceLib: Replace the ASSERT with error code Date: Fri, 3 Jan 2020 11:04:26 +0800 Message-Id: <20200103030428.28176-13-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: mKFsM67CBrbVf3WMoxcnVZqTx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020688; bh=uaPBFZoYW/k0trXpgd2bq9Yb50LV81ySKtckP6Pub0E=; h=Cc:Date:From:Reply-To:Subject:To; b=C/xIw5tTWVW5gYJat+edwtOaKWCYg/FAbwuTdA7nsq7Wth6rCNghHuDB898vst4ZRzs eyP6Jev2tgX9IYxhdLW/yU5SESMh1Mr6pp4od/A/uf4T9mI3oJM7++Fd8Fjha0eeo1vL4 30YepmAigzsSyPsrJN1b/uvdtaVANw56dN8= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Replace the ASSERT with the error code return in the TpmPhysicalPresence and GetTpmCapability. Add missing error checking after call TpmPhysicalPresence in TcgPhysicalPresenceLibProcessRequest. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../DxeTcgPhysicalPresenceLib.c | 23 +++++++++++++++---- 1 file changed, 18 insertions(+), 5 deletions(-) diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPr= esenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalP= resenceLib.c index 14423991f0..7fb2ef9735 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c @@ -104,9 +104,13 @@ GetTpmCapability ( sizeof (RecvBuffer), (UINT8*)&RecvBuffer ); - ASSERT_EFI_ERROR (Status); - ASSERT (TpmRsp->tag =3D=3D SwapBytes16 (TPM_TAG_RSP_COMMAND)); - ASSERT (TpmRsp->returnCode =3D=3D 0); + if (EFI_ERROR (Status)) { + return Status; + } + + if ((TpmRsp->tag !=3D SwapBytes16 (TPM_TAG_RSP_COMMAND)) || (TpmRsp->ret= urnCode !=3D 0)) { + return EFI_DEVICE_ERROR; + } =20 TpmPermanentFlags =3D (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP= _COMMAND_HDR) + sizeof (UINT32)]; =20 @@ -159,8 +163,14 @@ TpmPhysicalPresence ( sizeof (TpmRsp), (UINT8*)&TpmRsp ); - ASSERT_EFI_ERROR (Status); - ASSERT (TpmRsp.tag =3D=3D SwapBytes16 (TPM_TAG_RSP_COMMAND)); + if (EFI_ERROR (Status)) { + return Status; + } + + if (TpmRsp.tag !=3D SwapBytes16 (TPM_TAG_RSP_COMMAND)) { + return EFI_DEVICE_ERROR; + } + if (TpmRsp.returnCode !=3D 0) { // // If it fails, some requirements may be needed for this command. @@ -1298,6 +1308,9 @@ TcgPhysicalPresenceLibProcessRequest ( // Set operator physical presence flags // TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT); + if (EFI_ERROR (Status)) { + return; + } =20 // // Execute pending TPM request. --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52719): https://edk2.groups.io/g/devel/message/52719 Mute This Topic: https://groups.io/mt/69392342/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- From nobody Sun May 5 06:11:53 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) client-ip=66.175.222.12; envelope-from=bounce+27952+52720+1787277+3901457@groups.io; helo=web01.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52720+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1578020689; cv=none; d=zohomail.com; s=zohoarc; b=gFdf1xuTW5wzKgN7fBiWeWnGTHH59AJivojOF/ofAjQ5ISmoWv6TG0wZVNAJBAl4iFUAG7L8Dv76ETQELb43BhyZREpo18u/L9ZlcvFY1BfBCX2yLwsBvCYsPuq0s4RgiPXtPWTnRKbz4vAPAZH3DvA7kdTkTChL15DxvspYtko= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1578020689; h=Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Id:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:References:Sender:Subject:To; bh=iyCNwC+Jeqifc/f2UYDn9NPwGy/l2sU9srwQ+vsyXIs=; b=jyoZi8hl1gw0uwFAjk4K2ZI17rRfRMIqfePo/0XvW3FZfl4MslrMUO8Y+gntNn9zG3ZyySdhiypNQE+eEAgcpljUI4++dtZvwmngLLEKOE/9lUt8v0k4HxqexhbglE39aQ4+dttFk2M0Wr0cPyWAd1PXk5SjgKoIbncvgGuUSnE= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.12 as permitted sender) smtp.mailfrom=bounce+27952+52720+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) header.from= Received: from web01.groups.io (web01.groups.io [66.175.222.12]) by mx.zohomail.com with SMTPS id 1578020689678402.3423389523082; Thu, 2 Jan 2020 19:04:49 -0800 (PST) Return-Path: X-Received: by 127.0.0.2 with SMTP id CDUeYY1788612xAF9uuMciJs; Thu, 02 Jan 2020 19:04:49 -0800 X-Received: from mga04.intel.com (mga04.intel.com []) by mx.groups.io with SMTP id smtpd.web09.3729.1578020675360032184 for ; Thu, 02 Jan 2020 19:04:48 -0800 X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 02 Jan 2020 19:04:48 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,389,1571727600"; d="scan'208";a="252455239" X-Received: from fieedk001.ccr.corp.intel.com ([10.239.33.119]) by fmsmga002.fm.intel.com with ESMTP; 02 Jan 2020 19:04:47 -0800 From: "Gao, Zhichao" To: devel@edk2.groups.io Cc: Jiewen Yao , Jian J Wang , Chao Zhang Subject: [edk2-devel] [PATCH 13/13] SecurityPkg/TcgPhysicalPresenceLib: Fix the operation of 11 Date: Fri, 3 Jan 2020 11:04:27 +0800 Message-Id: <20200103030428.28176-14-zhichao.gao@intel.com> In-Reply-To: <20200103030428.28176-1-zhichao.gao@intel.com> References: <20200103030428.28176-1-zhichao.gao@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,zhichao.gao@intel.com X-Gm-Message-State: 26wfkqhgGfszY3A2ZbBSiFLFx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1578020689; bh=z1yZjniWXYf66BmfDnEtIbQesAY/4DMt/+My3NoWWhY=; h=Cc:Date:From:Reply-To:Subject:To; b=Pwtit56QluqPGp3J3l0U8oc5KLBUtliRNvMx3TTGVYGas7U8h8P4EaD0ROtGL60xEEC bzPjiDyuZJTgRYhcc/9pPRddu6q1DTlzf5itCbTNgHWXC2TurscNqLJ+GOYhUfKe4tzBz S2X+Hjp8Tz2VT+3yY3UlsDvPJCqAdcMFDCk= X-ZohoMail-DKIM: pass (identity @groups.io) Content-Type: text/plain; charset="utf-8" REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2443 Refer to Physical Presence Interface Spec Page 37, the firmware may perform the PLATFORM RESET imediately after the TPM_PhysicalSetDeactivated =3D TRUE but that requires tracking the next command. Change the operation to match the spec. Cc: Jiewen Yao Cc: Jian J Wang Cc: Chao Zhang Signed-off-by: Zhichao Gao --- .../DxeTcgPhysicalPresenceLib.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPr= esenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalP= resenceLib.c index 7fb2ef9735..de339c9703 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceL= ib.c @@ -346,9 +346,16 @@ ExecutePhysicalPresence ( return TpmResponse; =20 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE: - TpmResponse =3D ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESE= NCE_SET_OWNER_INSTALL_FALSE, PpiFlags); - if (TpmResponse =3D=3D 0) { + // + // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE + PHYSICAL_PRESENCE_DEA= CTIVATE_DISABLE + // PHYSICAL_PRESENCE_DEACTIVATE_DISABLE will be executed after reboot + // + if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) =3D=3D 0) { + TpmResponse =3D ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRE= SENCE_SET_OWNER_INSTALL_FALSE, PpiFlags); + PpiFlags->PPFlags |=3D TCG_VENDOR_LIB_FLAG_RESET_TRACK; + } else { TpmResponse =3D ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRE= SENCE_DEACTIVATE_DISABLE, PpiFlags); + PpiFlags->PPFlags &=3D ~TCG_VENDOR_LIB_FLAG_RESET_TRACK; } return TpmResponse; =20 --=20 2.21.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#52720): https://edk2.groups.io/g/devel/message/52720 Mute This Topic: https://groups.io/mt/69392343/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-