diff options
| author | Yao, Jiewen <jiewen.yao@intel.com> | 2015-01-22 05:14:23 +0000 |
|---|---|---|
| committer | jyao1 <jyao1@Edk2> | 2015-01-22 05:14:23 +0000 |
| commit | 83a276f61342d0b0d94e96f7d0636bf9474b5ed1 (patch) | |
| tree | f53880d73526be46d42e2c2c068e79c18951147c /SecurityPkg/Tcg | |
| parent | 57ce74ac5ff4950b4bebd5bb1d8fa2024ecc1010 (diff) | |
Add TpmInitializationDonePpi to TPM PEI module.
This PPI will always be installed to notify other drivers that TPM initialization action is done. TPM initialization may success or fail, or even not present.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Dong, Guo" <guo.dong@intel.com>
Reviewed-by: "Chiu, Chasel" <chasel.chiu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16638 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Tcg')
| -rw-r--r-- | SecurityPkg/Tcg/TcgPei/TcgPei.c | 28 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TcgPei/TcgPei.inf | 3 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf | 4 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c | 20 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEPei/TrEEPei.c | 41 | ||||
| -rw-r--r-- | SecurityPkg/Tcg/TrEEPei/TrEEPei.inf | 3 |
6 files changed, 75 insertions, 24 deletions
diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c index dcf4b0bbb..466caf66c 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -50,6 +50,12 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializedPpiList = { NULL
};
+EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
+ EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
+ &gPeiTpmInitializationDonePpiGuid,
+ NULL
+};
+
EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredBaseFvInfo;
UINT32 mMeasuredBaseFvIndex = 0;
@@ -737,6 +743,7 @@ PeimEntryMA ( )
{
EFI_STATUS Status;
+ EFI_STATUS Status2;
EFI_BOOT_MODE BootMode;
TIS_TPM_HANDLE TpmHandle;
@@ -768,13 +775,13 @@ PeimEntryMA ( Status = TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)TpmHandle);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "TPM not detected!\n"));
- return Status;
+ goto Done;
}
if (PcdGet8 (PcdTpmInitializationPolicy) == 1) {
Status = TpmCommStartup ((EFI_PEI_SERVICES**)PeiServices, TpmHandle, BootMode);
if (EFI_ERROR (Status) ) {
- return Status;
+ goto Done;
}
}
@@ -784,20 +791,29 @@ PeimEntryMA ( if (BootMode != BOOT_ON_S3_RESUME) {
Status = TpmCommContinueSelfTest ((EFI_PEI_SERVICES**)PeiServices, TpmHandle);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
}
+ //
+ // Only intall TpmInitializedPpi on success
+ //
Status = PeiServicesInstallPpi (&mTpmInitializedPpiList);
ASSERT_EFI_ERROR (Status);
}
if (mImageInMemory) {
Status = PeimEntryMP ((EFI_PEI_SERVICES**)PeiServices);
- if (EFI_ERROR (Status)) {
- return Status;
- }
+ return Status;
}
+Done:
+ //
+ // Always intall TpmInitializationDonePpi no matter success or fail.
+ // Other driver can know TPM initialization state by TpmInitializedPpi.
+ //
+ Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
+ ASSERT_EFI_ERROR (Status2);
+
return Status;
}
diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/TcgPei.inf index 6a76cf1c2..56f87c2e1 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -69,7 +69,8 @@ gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES
- gPeiTpmInitializedPpiGuid ## PRODUCES
+ gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES
+ gPeiTpmInitializationDonePpiGuid ## PRODUCES
gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
[Pcd]
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf index 31807cb06..e8de529f8 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf @@ -4,7 +4,7 @@ # This module initializes TPM device type based on variable and detection.
# NOTE: This module is only for reference only, each platform should have its own setup page.
#
-# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -58,9 +58,11 @@ ## SOMETIMES_CONSUMES ## Variable:L"TREE_DEVICE_DETECTION"
gTrEEConfigFormSetGuid
gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID
+ gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_CONSUMES ## GUID # TPM device identifier
[Ppis]
gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
+ gPeiTpmInitializationDonePpiGuid ## SOMETIMES_PRODUCES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PRODUCES
diff --git a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c index 579d096be..efe40bc3c 100644 --- a/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c +++ b/SecurityPkg/Tcg/TrEEConfig/TrEEConfigPeim.c @@ -1,7 +1,7 @@ /** @file
The module entry point for TrEE configuration module.
-Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -25,6 +25,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <Library/PcdLib.h>
#include <Ppi/ReadOnlyVariable2.h>
+#include <Ppi/TpmInitialized.h>
#include <Protocol/TrEEProtocol.h>
#include "TrEEConfigNvData.h"
@@ -37,6 +38,12 @@ CONST EFI_PEI_PPI_DESCRIPTOR gTpmSelectedPpi = { NULL
};
+EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
+ EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
+ &gPeiTpmInitializationDonePpiGuid,
+ NULL
+};
+
/**
This routine check both SetupVariable and real TPM device, and return final TpmDevice configuration.
@@ -67,6 +74,7 @@ TrEEConfigPeimEntryPoint ( {
UINTN Size;
EFI_STATUS Status;
+ EFI_STATUS Status2;
EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
TREE_CONFIGURATION TrEEConfiguration;
UINTN Index;
@@ -136,5 +144,15 @@ TrEEConfigPeimEntryPoint ( Status = PeiServicesInstallPpi (&gTpmSelectedPpi);
ASSERT_EFI_ERROR (Status);
+ //
+ // Even if no TPM is selected or detected, we still need intall TpmInitializationDonePpi.
+ // Because TcgPei or TrEEPei will not run, but we still need a way to notify other driver.
+ // Other driver can know TPM initialization state by TpmInitializedPpi.
+ //
+ if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid)) {
+ Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
+ ASSERT_EFI_ERROR (Status2);
+ }
+
return Status;
}
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c index eea40847c..a7bc90343 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.c +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.c @@ -62,6 +62,12 @@ EFI_PEI_PPI_DESCRIPTOR mTpmInitializedPpiList = { NULL
};
+EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
+ EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
+ &gPeiTpmInitializationDonePpiGuid,
+ NULL
+};
+
EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredBaseFvInfo;
UINT32 mMeasuredBaseFvIndex = 0;
@@ -621,6 +627,7 @@ PeimEntryMA ( )
{
EFI_STATUS Status;
+ EFI_STATUS Status2;
EFI_BOOT_MODE BootMode;
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
@@ -629,15 +636,6 @@ PeimEntryMA ( return EFI_UNSUPPORTED;
}
- //
- // Update for Performance optimization
- //
- Status = Tpm2RequestUseTpm ();
- if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "TPM not detected!\n"));
- return Status;
- }
-
Status = PeiServicesGetBootMode (&BootMode);
ASSERT_EFI_ERROR (Status);
@@ -658,6 +656,12 @@ PeimEntryMA ( //
// Initialize TPM device
//
+ Status = Tpm2RequestUseTpm ();
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_ERROR, "TPM2 not detected!\n"));
+ goto Done;
+ }
+
if (PcdGet8 (PcdTpm2InitializationPolicy) == 1) {
if (BootMode == BOOT_ON_S3_RESUME) {
Status = Tpm2Startup (TPM_SU_STATE);
@@ -668,7 +672,7 @@ PeimEntryMA ( Status = Tpm2Startup (TPM_SU_CLEAR);
}
if (EFI_ERROR (Status) ) {
- return Status;
+ goto Done;
}
}
@@ -679,21 +683,30 @@ PeimEntryMA ( if (PcdGet8 (PcdTpm2SelfTestPolicy) == 1) {
Status = Tpm2SelfTest (NO);
if (EFI_ERROR (Status)) {
- return Status;
+ goto Done;
}
}
}
+ //
+ // Only intall TpmInitializedPpi on success
+ //
Status = PeiServicesInstallPpi (&mTpmInitializedPpiList);
ASSERT_EFI_ERROR (Status);
}
if (mImageInMemory) {
Status = PeimEntryMP ((EFI_PEI_SERVICES**)PeiServices);
- if (EFI_ERROR (Status)) {
- return Status;
- }
+ return Status;
}
+Done:
+ //
+ // Always intall TpmInitializationDonePpi no matter success or fail.
+ // Other driver can know TPM initialization state by TpmInitializedPpi.
+ //
+ Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
+ ASSERT_EFI_ERROR (Status2);
+
return Status;
}
diff --git a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf index 4d91dfe02..61a8cd082 100644 --- a/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf +++ b/SecurityPkg/Tcg/TrEEPei/TrEEPei.inf @@ -64,7 +64,8 @@ gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES
- gPeiTpmInitializedPpiGuid ## PRODUCES
+ gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES
+ gPeiTpmInitializationDonePpiGuid ## PRODUCES
gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
[Pcd]
|