From d190f9e021e85cccc9afe23397d03c03175813ee Mon Sep 17 00:00:00 2001 From: Dun Tan Date: Tue, 4 Jun 2024 10:26:49 +0800 Subject: [PATCH] [Cherry-Pick] SecurityPkg: Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid Consume gEdkiiTcg2AcpiCommunicateBufferHobGuid in Tcg2Acpi driver. Tcg2Acpi will use the buffer stored in the HOB to exchange information with Tcg2StandaloneMm by the MM_COMMUNICATION_PROTOCOL. Signed-off-by: Dun Tan --- SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c | 28 ++++++++++++++------------- SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf | 5 +++-- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c index 3ead5f7580..87bd22cc93 100644 --- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c +++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c @@ -9,7 +9,7 @@ This driver will have external input - variable and ACPINvs data in SMM mode. This external input must be validated carefully to avoid security issue. -Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.
Copyright (c) Microsoft Corporation. SPDX-License-Identifier: BSD-2-Clause-Patent @@ -22,6 +22,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include +#include #include #include @@ -38,7 +39,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include #include #include -#include +#include // // Physical Presence Interface Version supported by Platform @@ -116,7 +117,7 @@ TCG_NVS *mTcgNvs; @param[in] Name The name string to find in TPM table. @param[in] Size The size of the region to find. - @return The allocated address for the found region. + @return The Acpi Communicate Buffer for the found region. **/ VOID * @@ -126,9 +127,10 @@ AssignOpRegion ( UINT16 Size ) { - EFI_STATUS Status; - AML_OP_REGION_32_8 *OpRegion; - EFI_PHYSICAL_ADDRESS MemoryAddress; + AML_OP_REGION_32_8 *OpRegion; + EFI_PHYSICAL_ADDRESS MemoryAddress; + EFI_HOB_GUID_TYPE *GuidHob; + TCG2_ACPI_COMMUNICATE_BUFFER *Tcg2AcpiCommunicateBufferHob; MemoryAddress = SIZE_4GB - 1; @@ -144,16 +146,16 @@ AssignOpRegion ( (OpRegion->DWordPrefix == AML_DWORD_PREFIX) && (OpRegion->BytePrefix == AML_BYTE_PREFIX)) { - Status = gBS->AllocatePages (AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress); - ASSERT_EFI_ERROR (Status); + GuidHob = GetFirstGuidHob (&gEdkiiTcg2AcpiCommunicateBufferHobGuid); + ASSERT (GuidHob != NULL); + Tcg2AcpiCommunicateBufferHob = GET_GUID_HOB_DATA (GuidHob); + MemoryAddress = Tcg2AcpiCommunicateBufferHob->Tcg2AcpiCommunicateBuffer; + ASSERT (MemoryAddress != 0); + ASSERT (EFI_PAGES_TO_SIZE (Tcg2AcpiCommunicateBufferHob->Pages) >= Size); + ZeroMem ((VOID *)(UINTN)MemoryAddress, Size); OpRegion->RegionOffset = (UINT32)(UINTN)MemoryAddress; OpRegion->RegionLen = (UINT8)Size; - // Request to unblock this region from MM core - Status = MmUnblockMemoryRequest (MemoryAddress, EFI_SIZE_TO_PAGES (Size)); - if ((Status != EFI_UNSUPPORTED) && EFI_ERROR (Status)) { - ASSERT_EFI_ERROR (Status); - } break; } diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf index bfb07e1d5e..158c3b36f0 100644 --- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf +++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf @@ -22,7 +22,7 @@ # This driver will have external input - variable and ACPINvs data in SMM mode. # This external input must be validated carefully to avoid security issue. # -# Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.
+# Copyright (c) 2015 - 2024, Intel Corporation. All rights reserved.
# Copyright (c) Microsoft Corporation.
# SPDX-License-Identifier: BSD-2-Clause-Patent # @@ -57,12 +57,13 @@ Tpm2CommandLib Tcg2PhysicalPresenceLib PcdLib - MmUnblockMemoryLib + HobLib [Guids] gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier gTpmNvsMmGuid ## CONSUMES gEdkiiPiSmmCommunicationRegionTableGuid ## CONSUMES + gEdkiiTcg2AcpiCommunicateBufferHobGuid [Protocols] gEfiAcpiTableProtocolGuid ## CONSUMES