SecurityPkg DxeTcg2PhysicalPresenceLib: Enable Storage actions.
After enable storage related actions in the
TcgPhysicalPresenceStorageLib, use this library to support
storage related actions in this library.
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
index 4cec0f7..38fe89c 100644
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c
@@ -37,6 +37,7 @@
#include <Library/Tpm2CommandLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
#include <Library/Tcg2PpVendorLib.h>
+#include <Library/TcgPhysicalPresenceStorageLib.h>
#define CONFIRM_BUFFER_SIZE 4096
@@ -790,6 +791,11 @@
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
+ //
+ // Process the storage related action first.
+ //
+ TcgPhysicalPresenceStorageLibProcessRequest();
+
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
if (EFI_ERROR (Status)) {
return ;
@@ -910,6 +916,15 @@
EFI_TCG2_PROTOCOL *Tcg2Protocol;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
+ //
+ // Process the storage related action first.
+ // If confirm need user confirm, just return TRUE.
+ // else continue check other actions.
+ //
+ if (TcgPhysicalPresenceStorageLibNeedUserConfirm()) {
+ return TRUE;
+ }
+
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
if (EFI_ERROR (Status)) {
return FALSE;
@@ -1045,9 +1060,9 @@
UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags;
-
+
DEBUG ((EFI_D_INFO, "[TPM2] SubmitRequestToPreOSFunction, Request = %x, %x\n", OperationRequest, RequestParameter));
-
+
//
// Get the Physical Presence variable
//
@@ -1064,8 +1079,10 @@
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}
- if ((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
- (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
+ if (((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
+ (OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN)) ||
+ ((OperationRequest > TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE) &&
+ (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION))) {
//
// This command requires UI to prompt user for Auth data.
//
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
index f4aa0da..b1798df 100644
--- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
+++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
@@ -55,6 +55,7 @@
HobLib
Tpm2CommandLib
Tcg2PpVendorLib
+ TcgPhysicalPresenceStorageLib
[Protocols]
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES