[edk2] [PATCH 07/15] SecurityPkg/TrEESmm: remove TrEE.

Zhang, Chao B posted 15 patches 6 years, 9 months ago
[edk2] [PATCH 07/15] SecurityPkg/TrEESmm: remove TrEE.
Posted by Zhang, Chao B 6 years, 9 months ago
From: Jiewen Yao <jiewen.yao@intel.com>

TrEE is deprecated. We need use Tcg2.

Cc: Chao B Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jiewen Yao <jiewen.yao@intel.com>
---
 SecurityPkg/Tcg/TrEESmm/Tpm.asl          | 354 -------------
 SecurityPkg/Tcg/TrEESmm/TrEESmm.c        | 521 --------------------
 SecurityPkg/Tcg/TrEESmm/TrEESmm.h        | 105 ----
 SecurityPkg/Tcg/TrEESmm/TrEESmm.inf      |  85 ----
 SecurityPkg/Tcg/TrEESmm/TrEESmm.uni      |  28 --
 SecurityPkg/Tcg/TrEESmm/TrEESmmExtra.uni |  19 -
 6 files changed, 1112 deletions(-)

diff --git a/SecurityPkg/Tcg/TrEESmm/Tpm.asl b/SecurityPkg/Tcg/TrEESmm/Tpm.asl
deleted file mode 100644
index 0f6b94a23d..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/Tpm.asl
+++ /dev/null
@@ -1,354 +0,0 @@
-/** @file
-  The TPM2 definition block in ACPI table for TrEE physical presence  
-  and MemoryClear.
-
-Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials 
-are licensed and made available under the terms and conditions of the BSD License 
-which accompanies this distribution.  The full text of the license may be found at 
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-DefinitionBlock (
-  "Tpm.aml",
-  "SSDT",
-  2,
-  "INTEL ",
-  "Tpm2Tabl",
-  0x1000
-  )
-{
-  Scope (\_SB)
-  {
-    Device (TPM)
-    {
-      //
-      // TREE
-      //
-      Name (_HID, "MSFT0101")
-      
-      //
-      // Readable name of this device, don't know if this way is correct yet
-      //
-      Name (_STR, Unicode ("TPM 2.0 Device"))
-
-      //
-      // Return the resource consumed by TPM device
-      //
-      Name (_CRS, ResourceTemplate () {
-        Memory32Fixed (ReadWrite, 0xfed40000, 0x5000)
-      })
-
-      //
-      // Operational region for Smi port access
-      //
-      OperationRegion (SMIP, SystemIO, 0xB2, 1)
-      Field (SMIP, ByteAcc, NoLock, Preserve)
-      { 
-          IOB2, 8
-      }
-
-      //
-      // Operational region for TPM access
-      //
-      OperationRegion (TPMR, SystemMemory, 0xfed40000, 0x5000)
-      Field (TPMR, AnyAcc, NoLock, Preserve)
-      {
-        ACC0, 8,
-      }
-
-      //
-      // Operational region for TPM support, TPM Physical Presence and TPM Memory Clear
-      // Region Offset 0xFFFF0000 and Length 0xF0 will be fixed in C code.
-      //
-      OperationRegion (TNVS, SystemMemory, 0xFFFF0000, 0xF0)
-      Field (TNVS, AnyAcc, NoLock, Preserve)
-      {
-        PPIN,   8,  //   Software SMI for Physical Presence Interface
-        PPIP,   32, //   Used for save physical presence paramter
-        PPRP,   32, //   Physical Presence request operation response
-        PPRQ,   32, //   Physical Presence request operation
-        LPPR,   32, //   Last Physical Presence request operation
-        FRET,   32, //   Physical Presence function return code
-        MCIN,   8,  //   Software SMI for Memory Clear Interface
-        MCIP,   32, //   Used for save the Mor paramter
-        MORD,   32, //   Memory Overwrite Request Data
-        MRET,   32  //   Memory Overwrite function return code
-      }
-
-      Method (PTS, 1, Serialized)
-      {  
-        //
-        // Detect Sx state for MOR, only S4, S5 need to handle
-        //
-        If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
-        {   
-          //
-          // Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
-          //
-          If (LNot (And (MORD, 0x10)))
-          {
-            //
-            // Triggle the SMI through ACPI _PTS method.
-            //
-            Store (0x02, MCIP)
-              
-            //
-            // Triggle the SMI interrupt
-            //
-            Store (MCIN, IOB2)
-          }
-        }
-        Return (0)
-      }   
-
-      Method (_STA, 0)
-      {
-        if (LEqual (ACC0, 0xff))
-        {
-            Return (0)
-        }
-        Return (0x0f)
-      }
-
-      //
-      // TCG Hardware Information
-      //
-      Method (HINF, 3, Serialized, 0, {BuffObj, PkgObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
-      {
-        //
-        // Switch by function index
-        //
-        Switch (ToInteger(Arg1))
-        {
-          Case (0)
-          {
-            //
-            // Standard query
-            //
-            Return (Buffer () {0x03})
-          }
-          Case (1)
-          {
-            //
-            // Return failure if no TPM present
-            //
-            Name(TPMV, Package () {0x01, Package () {0x2, 0x0}})
-            if (LEqual (_STA (), 0x00))
-            {
-              Return (Package () {0x00})
-            }
-
-            //
-            // Return TPM version
-            //
-            Return (TPMV)
-          }
-          Default {BreakPoint}
-        }
-        Return (Buffer () {0})
-      }
-
-      Name(TPM2, Package (0x02){
-        Zero, 
-        Zero
-      })
-
-      Name(TPM3, Package (0x03){
-        Zero, 
-        Zero,
-        Zero
-      })
-
-      //
-      // TCG Physical Presence Interface
-      //
-      Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
-      {        
-        //
-        // Switch by function index
-        //
-        Switch (ToInteger(Arg1))
-        {
-          Case (0)
-          {
-            //
-            // Standard query, supports function 1-8
-            //
-            Return (Buffer () {0xFF, 0x01})
-          }
-          Case (1)
-          {
-            //
-            // a) Get Physical Presence Interface Version
-            //
-            Return ("1.2")
-          }
-          Case (2)
-          {
-            //
-            // b) Submit TPM Operation Request to Pre-OS Environment
-            //
-                  
-            Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
-            Store (0x02, PPIP)
-              
-            //
-            // Triggle the SMI interrupt
-            //
-            Store (PPIN, IOB2)
-            Return (FRET)
-
-
-          }
-          Case (3)
-          {
-            //
-            // c) Get Pending TPM Operation Requested By the OS
-            //
-                  
-            Store (PPRQ, Index (TPM2, 0x01))
-            Return (TPM2)
-          }
-          Case (4)
-          {
-            //
-            // d) Get Platform-Specific Action to Transition to Pre-OS Environment
-            //
-            Return (2)
-          }
-          Case (5)
-          {
-            //
-            // e) Return TPM Operation Response to OS Environment
-            //
-            Store (0x05, PPIP)
-                  
-            //
-            // Triggle the SMI interrupt
-            //
-            Store (PPIN, IOB2)
-                  
-            Store (LPPR, Index (TPM3, 0x01))
-            Store (PPRP, Index (TPM3, 0x02))
-
-            Return (TPM3)
-          }
-          Case (6)
-          {
-
-            //
-            // f) Submit preferred user language (Not implemented)
-            //
-
-            Return (3)
-
-          }
-          Case (7)
-          {
-            //
-            // g) Submit TPM Operation Request to Pre-OS Environment 2
-            //
-            Store (7, PPIP)
-            Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
-                
-            //
-            // Triggle the SMI interrupt 
-            //
-            Store (PPIN, IOB2)  
-            Return (FRET)
-          }
-          Case (8)
-          {
-            //
-            // e) Get User Confirmation Status for Operation
-            //
-            Store (8, PPIP)
-            Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
-                  
-            //
-            // Triggle the SMI interrupt
-            //
-            Store (PPIN, IOB2)
-                  
-            Return (FRET)
-          }
-
-          Default {BreakPoint}
-        }
-        Return (1)
-      }
-
-      Method (TMCI, 3, Serialized, 0, IntObj, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
-      {
-        //
-        // Switch by function index
-        //
-        Switch (ToInteger (Arg1))
-        {
-          Case (0)
-          {
-            //
-            // Standard query, supports function 1-1
-            //
-            Return (Buffer () {0x03})
-          }
-          Case (1)
-          {
-            //
-            // Save the Operation Value of the Request to MORD (reserved memory)
-            //
-            Store (DerefOf (Index (Arg2, 0x00)), MORD)
-                  
-            //
-            // Triggle the SMI through ACPI _DSM method.
-            //
-            Store (0x01, MCIP)
-                  
-            //
-            // Triggle the SMI interrupt
-            //
-            Store (MCIN, IOB2)
-            Return (MRET)
-          }
-          Default {BreakPoint}
-        }
-        Return (1)        
-      }
-
-      Method (_DSM, 4, Serialized, 0, UnknownObj, {BuffObj, IntObj, IntObj, PkgObj})
-      {
-
-        //
-        // TCG Hardware Information
-        //
-        If(LEqual(Arg0, ToUUID ("cf8e16a5-c1e8-4e25-b712-4f54a96702c8")))
-        {
-          Return (HINF (Arg1, Arg2, Arg3))
-        }
-
-        //
-        // TCG Physical Presence Interface
-        //
-        If(LEqual(Arg0, ToUUID ("3dddfaa6-361b-4eb4-a424-8d10089d1653")))
-        {
-          Return (TPPI (Arg1, Arg2, Arg3))
-        }
-
-        //
-        // TCG Memory Clear Interface
-        //
-        If(LEqual(Arg0, ToUUID ("376054ed-cc13-4675-901c-4756d7f2d45d")))
-        {
-          Return (TMCI (Arg1, Arg2, Arg3))
-        }
-
-        Return (Buffer () {0})
-      }
-    }
-  }
-}
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmm.c b/SecurityPkg/Tcg/TrEESmm/TrEESmm.c
deleted file mode 100644
index 1683dedc8a..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/TrEESmm.c
+++ /dev/null
@@ -1,521 +0,0 @@
-/** @file
-  It updates TPM2 items in ACPI table and registers SMI2 callback
-  functions for TrEE physical presence, ClearMemory, and sample
-  for dTPM StartMethod.
-
-  Caution: This module requires additional review when modified.
-  This driver will have external input - variable and ACPINvs data in SMM mode.
-  This external input must be validated carefully to avoid security issue.
-
-  PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
-
-Copyright (c) 2013 - 2017, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials 
-are licensed and made available under the terms and conditions of the BSD License 
-which accompanies this distribution.  The full text of the license may be found at 
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "TrEESmm.h"
-
-EFI_TPM2_ACPI_TABLE  mTpm2AcpiTemplate = {
-  {
-    EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,
-    sizeof (mTpm2AcpiTemplate),
-    EFI_TPM2_ACPI_TABLE_REVISION_3,
-    //
-    // Compiler initializes the remaining bytes to 0
-    // These fields should be filled in in production
-    //
-  },
-  0, // Flags
-  0, // Control Area
-  EFI_TPM2_ACPI_TABLE_START_METHOD_TIS, // StartMethod
-};
-
-EFI_SMM_VARIABLE_PROTOCOL  *mSmmVariable;
-TCG_NVS                    *mTcgNvs;
-
-/**
-  Software SMI callback for TPM physical presence which is called from ACPI method.
-
-  Caution: This function may receive untrusted input.
-  Variable and ACPINvs are external input, so this function will validate
-  its data structure to be valid value.
-
-  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().
-  @param[in]      Context         Points to an optional handler context which was specified when the
-                                  handler was registered.
-  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will
-                                  be conveyed from a non-SMM environment into an SMM environment.
-  @param[in, out] CommBufferSize  The size of the CommBuffer.
-
-  @retval EFI_SUCCESS             The interrupt was handled successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-PhysicalPresenceCallback (
-  IN EFI_HANDLE                  DispatchHandle,
-  IN CONST VOID                  *Context,
-  IN OUT VOID                    *CommBuffer,
-  IN OUT UINTN                   *CommBufferSize
-  )
-{
-  EFI_STATUS                        Status;
-  UINTN                             DataSize;
-  EFI_TREE_PHYSICAL_PRESENCE        PpData;
-  EFI_TREE_PHYSICAL_PRESENCE_FLAGS  Flags;
-  BOOLEAN                           RequestConfirmed;
-
-  //
-  // Get the Physical Presence variable
-  //
-  DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE);
-  Status = mSmmVariable->SmmGetVariable (
-                           TREE_PHYSICAL_PRESENCE_VARIABLE,
-                           &gEfiTrEEPhysicalPresenceGuid,
-                           NULL,
-                           &DataSize,
-                           &PpData
-                           );
-
-  DEBUG ((EFI_D_INFO, "[TPM2] PP callback, Parameter = %x, Request = %x\n", mTcgNvs->PhysicalPresence.Parameter, mTcgNvs->PhysicalPresence.Request));
-
-  if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
-    if (EFI_ERROR (Status)) {
-      mTcgNvs->PhysicalPresence.ReturnCode  = PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;
-      mTcgNvs->PhysicalPresence.LastRequest = 0;
-      mTcgNvs->PhysicalPresence.Response    = 0;
-      DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-    mTcgNvs->PhysicalPresence.ReturnCode  = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;
-    mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
-    mTcgNvs->PhysicalPresence.Response    = PpData.PPResponse;
-  } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) 
-          || (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
-    if (EFI_ERROR (Status)) {
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
-      DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-    if ((mTcgNvs->PhysicalPresence.Request > TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
-        (mTcgNvs->PhysicalPresence.Request < TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
-      //
-      // This command requires UI to prompt user for Auth data.
-      //
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
-      return EFI_SUCCESS;
-    }
-
-    if (PpData.PPRequest != mTcgNvs->PhysicalPresence.Request) {
-      PpData.PPRequest = (UINT8) mTcgNvs->PhysicalPresence.Request;
-      DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE);
-      Status = mSmmVariable->SmmSetVariable (
-                               TREE_PHYSICAL_PRESENCE_VARIABLE,
-                               &gEfiTrEEPhysicalPresenceGuid,
-                               EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
-                               DataSize,
-                               &PpData
-                               );
-    }
-
-    if (EFI_ERROR (Status)) { 
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
-      DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-    mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
-
-    if (mTcgNvs->PhysicalPresence.Request >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
-      DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
-      Status = mSmmVariable->SmmGetVariable (
-                               TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
-                               &gEfiTrEEPhysicalPresenceGuid,
-                               NULL,
-                               &DataSize,
-                               &Flags
-                               );
-      if (EFI_ERROR (Status)) {
-        Flags.PPFlags = 0;
-      }
-      mTcgNvs->PhysicalPresence.ReturnCode = TrEEPpVendorLibSubmitRequestToPreOSFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
-    }
-  } else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {
-    if (EFI_ERROR (Status)) {
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
-      DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-    //
-    // Get the Physical Presence flags
-    //
-    DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
-    Status = mSmmVariable->SmmGetVariable (
-                             TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
-                             &gEfiTrEEPhysicalPresenceGuid,
-                             NULL,
-                             &DataSize,
-                             &Flags
-                             );
-    if (EFI_ERROR (Status)) {
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
-      DEBUG ((EFI_D_ERROR, "[TPM2] Get PP flags failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-
-    RequestConfirmed = FALSE;
-
-    switch (mTcgNvs->PhysicalPresence.Request) {
-
-      case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR:
-      case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_2:
-      case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_3:
-      case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4:
-        if ((Flags.PPFlags & TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
-          RequestConfirmed = TRUE;
-        }
-        break;
-
-      case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:
-        RequestConfirmed = TRUE;
-        break;
-
-      case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
-        break;
-
-      default:
-        if (mTcgNvs->PhysicalPresence.Request <= TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
-          RequestConfirmed = TRUE;
-        } else {
-          if (mTcgNvs->PhysicalPresence.Request < TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
-            mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED; 
-            return EFI_SUCCESS;
-          }
-        }
-        break;
-    }
-
-    if (RequestConfirmed) {
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
-    } else {
-      mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
-    }    
-    if (mTcgNvs->PhysicalPresence.Request >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
-      mTcgNvs->PhysicalPresence.ReturnCode = TrEEPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
-    }
-  } 
-
-  return EFI_SUCCESS;
-}
-
-
-/**
-  Software SMI callback for MemoryClear which is called from ACPI method.
-
-  Caution: This function may receive untrusted input.
-  Variable and ACPINvs are external input, so this function will validate
-  its data structure to be valid value.
-
-  @param[in]      DispatchHandle  The unique handle assigned to this handler by SmiHandlerRegister().
-  @param[in]      Context         Points to an optional handler context which was specified when the
-                                  handler was registered.
-  @param[in, out] CommBuffer      A pointer to a collection of data in memory that will
-                                  be conveyed from a non-SMM environment into an SMM environment.
-  @param[in, out] CommBufferSize  The size of the CommBuffer.
-
-  @retval EFI_SUCCESS             The interrupt was handled successfully.
-
-**/
-EFI_STATUS
-EFIAPI
-MemoryClearCallback (
-  IN EFI_HANDLE                  DispatchHandle,
-  IN CONST VOID                  *Context,
-  IN OUT VOID                    *CommBuffer,
-  IN OUT UINTN                   *CommBufferSize
-  )
-{
-  EFI_STATUS                     Status;
-  UINTN                          DataSize;
-  UINT8                          MorControl;
-
-  mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_SUCCESS;
-  if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE) {
-    MorControl = (UINT8) mTcgNvs->MemoryClear.Request;
-  } else if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_PTS_CLEAR_MOR_BIT) {
-    DataSize = sizeof (UINT8);
-    Status = mSmmVariable->SmmGetVariable (
-                             MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
-                             &gEfiMemoryOverwriteControlDataGuid,
-                             NULL,
-                             &DataSize,
-                             &MorControl
-                             );
-    if (EFI_ERROR (Status)) {
-      mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
-      DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));
-      return EFI_SUCCESS;
-    }
-
-    if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {
-      return EFI_SUCCESS;
-    }
-    MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;
-  }
-
-  DataSize = sizeof (UINT8);
-  Status = mSmmVariable->SmmSetVariable (
-                           MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
-                           &gEfiMemoryOverwriteControlDataGuid,
-                           EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
-                           DataSize,
-                           &MorControl
-                           );
-  if (EFI_ERROR (Status)) { 
-    mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
-    DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
-  }
-
-  return EFI_SUCCESS;
-}
-
-/**
-  Find the operation region in TCG ACPI table by given Name and Size,
-  and initialize it if the region is found.
-
-  @param[in, out] Table          The TPM item in ACPI table.
-  @param[in]      Name           The name string to find in TPM table.
-  @param[in]      Size           The size of the region to find.
-
-  @return                        The allocated address for the found region.
-
-**/
-VOID *
-AssignOpRegion (
-  EFI_ACPI_DESCRIPTION_HEADER    *Table,
-  UINT32                         Name,
-  UINT16                         Size
-  )
-{
-  EFI_STATUS                     Status;
-  AML_OP_REGION_32_8             *OpRegion;
-  EFI_PHYSICAL_ADDRESS           MemoryAddress;
-
-  MemoryAddress = SIZE_4GB - 1;
-
-  //
-  // Patch some pointers for the ASL code before loading the SSDT.
-  //
-  for (OpRegion  = (AML_OP_REGION_32_8 *) (Table + 1);
-       OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
-       OpRegion  = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
-    if ((OpRegion->OpRegionOp  == AML_EXT_REGION_OP) && 
-        (OpRegion->NameString  == Name) &&
-        (OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
-        (OpRegion->BytePrefix  == AML_BYTE_PREFIX)) {
-
-      Status = gBS->AllocatePages(AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress);
-      ASSERT_EFI_ERROR (Status);
-      ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);
-      OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;
-      OpRegion->RegionLen    = (UINT8) Size;
-      break;
-    }
-  }
-
-  return (VOID *) (UINTN) MemoryAddress;
-}
-
-/**
-  Initialize and publish TPM items in ACPI table.
-
-  @retval   EFI_SUCCESS     The TCG ACPI table is published successfully.
-  @retval   Others          The TCG ACPI table is not published.
-
-**/
-EFI_STATUS
-PublishAcpiTable (
-  VOID
-  )
-{
-  EFI_STATUS                     Status;
-  EFI_ACPI_TABLE_PROTOCOL        *AcpiTable;
-  UINTN                          TableKey;
-  EFI_ACPI_DESCRIPTION_HEADER    *Table;
-  UINTN                          TableSize;
-
-  Status = GetSectionFromFv (
-             &gEfiCallerIdGuid,
-             EFI_SECTION_RAW,
-             0,
-             (VOID **) &Table,
-             &TableSize
-             );
-  ASSERT_EFI_ERROR (Status);
-
-
-  //
-  // Measure to PCR[0] with event EV_POST_CODE ACPI DATA
-  //
-  TpmMeasureAndLogData(
-    0,
-    EV_POST_CODE,
-    EV_POSTCODE_INFO_ACPI_DATA,
-    ACPI_DATA_LEN,
-    Table,
-    TableSize
-    );
-
-
-  ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'p', 'm', '2', 'T', 'a', 'b', 'l'));
-  CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table->OemId) );
-  mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));
-  ASSERT (mTcgNvs != NULL);
-
-  //
-  // Publish the TPM ACPI table
-  //
-  Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);
-  ASSERT_EFI_ERROR (Status);
-
-  TableKey = 0;
-  Status = AcpiTable->InstallAcpiTable (
-                        AcpiTable,
-                        Table,
-                        TableSize,
-                        &TableKey
-                        );
-  ASSERT_EFI_ERROR (Status);
-
-  return Status;
-}
-
-/**
-  Publish TPM2 ACPI table
-
-  @retval   EFI_SUCCESS     The TPM2 ACPI table is published successfully.
-  @retval   Others          The TPM2 ACPI table is not published.
-
-**/
-EFI_STATUS
-PublishTpm2 (
-  VOID
-  )
-{
-  EFI_STATUS                     Status;
-  EFI_ACPI_TABLE_PROTOCOL        *AcpiTable;
-  UINTN                          TableKey;
-  UINT64                         OemTableId;
-
-  //
-  // Measure to PCR[0] with event EV_POST_CODE ACPI DATA
-  //
-  TpmMeasureAndLogData(
-    0,
-    EV_POST_CODE,
-    EV_POSTCODE_INFO_ACPI_DATA,
-    ACPI_DATA_LEN,
-    &mTpm2AcpiTemplate,
-    sizeof(mTpm2AcpiTemplate)
-    );
-
-  CopyMem (mTpm2AcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTpm2AcpiTemplate.Header.OemId));
-  OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);
-  CopyMem (&mTpm2AcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));
-  mTpm2AcpiTemplate.Header.OemRevision      = PcdGet32 (PcdAcpiDefaultOemRevision);
-  mTpm2AcpiTemplate.Header.CreatorId        = PcdGet32 (PcdAcpiDefaultCreatorId);
-  mTpm2AcpiTemplate.Header.CreatorRevision  = PcdGet32 (PcdAcpiDefaultCreatorRevision);
-
-  //
-  // Construct ACPI table
-  //
-  Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);
-  ASSERT_EFI_ERROR (Status);
-
-  Status = AcpiTable->InstallAcpiTable (
-                        AcpiTable,
-                        &mTpm2AcpiTemplate,
-                        sizeof(mTpm2AcpiTemplate),
-                        &TableKey
-                        );
-  ASSERT_EFI_ERROR (Status);
-
-  return Status;
-}
-
-/**
-  The driver's entry point.
-
-  It install callbacks for TPM physical presence and MemoryClear, and locate 
-  SMM variable to be used in the callback function.
-
-  @param[in] ImageHandle  The firmware allocated handle for the EFI image.  
-  @param[in] SystemTable  A pointer to the EFI System Table.
-  
-  @retval EFI_SUCCESS     The entry point is executed successfully.
-  @retval Others          Some error occurs when executing this entry point.
-
-**/
-EFI_STATUS
-EFIAPI
-InitializeTcgSmm (
-  IN EFI_HANDLE                  ImageHandle,
-  IN EFI_SYSTEM_TABLE            *SystemTable
-  )
-{
-  EFI_STATUS                     Status;
-  EFI_SMM_SW_DISPATCH2_PROTOCOL  *SwDispatch;
-  EFI_SMM_SW_REGISTER_CONTEXT    SwContext;
-  EFI_HANDLE                     SwHandle;
-
-  if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm20DtpmGuid)){
-    DEBUG ((EFI_D_ERROR, "No TPM2 DTPM instance required!\n"));
-    return EFI_UNSUPPORTED;
-  }
-
-  Status = PublishAcpiTable ();
-  ASSERT_EFI_ERROR (Status);
-
-  //
-  // Get the Sw dispatch protocol and register SMI callback functions.
-  //
-  Status = gSmst->SmmLocateProtocol (&gEfiSmmSwDispatch2ProtocolGuid, NULL, (VOID**)&SwDispatch);
-  ASSERT_EFI_ERROR (Status);
-  SwContext.SwSmiInputValue = (UINTN) -1;
-  Status = SwDispatch->Register (SwDispatch, PhysicalPresenceCallback, &SwContext, &SwHandle);
-  ASSERT_EFI_ERROR (Status);
-  if (EFI_ERROR (Status)) {
-    return Status;
-  }
-  mTcgNvs->PhysicalPresence.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
-
-  SwContext.SwSmiInputValue = (UINTN) -1;
-  Status = SwDispatch->Register (SwDispatch, MemoryClearCallback, &SwContext, &SwHandle);
-  ASSERT_EFI_ERROR (Status);
-  if (EFI_ERROR (Status)) {
-    return Status;
-  }
-  mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
-  
-  //
-  // Locate SmmVariableProtocol.
-  //
-  Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mSmmVariable);
-  ASSERT_EFI_ERROR (Status);
-
-  //
-  // Set TPM2 ACPI table
-  //
-  Status = PublishTpm2 ();
-  ASSERT_EFI_ERROR (Status);
-
-
-  return EFI_SUCCESS;
-}
-
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmm.h b/SecurityPkg/Tcg/TrEESmm/TrEESmm.h
deleted file mode 100644
index a0e1182248..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/TrEESmm.h
+++ /dev/null
@@ -1,105 +0,0 @@
-/** @file
-  The header file for TrEE SMM driver.
-  
-Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials 
-are licensed and made available under the terms and conditions of the BSD License 
-which accompanies this distribution.  The full text of the license may be found at 
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, 
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef __TREE_SMM_H__
-#define __TREE_SMM_H__
-
-#include <PiDxe.h>
-#include <IndustryStandard/Acpi.h>
-#include <IndustryStandard/Tpm2Acpi.h>
-
-#include <Guid/TrEEPhysicalPresenceData.h>
-#include <Guid/MemoryOverwriteControl.h>
-#include <Guid/TpmInstance.h>
-
-#include <Protocol/SmmSwDispatch2.h>
-#include <Protocol/AcpiTable.h>
-#include <Protocol/SmmVariable.h>
-#include <Protocol/TrEEProtocol.h>
-
-#include <Library/BaseLib.h>
-#include <Library/BaseMemoryLib.h>
-#include <Library/DebugLib.h>
-#include <Library/SmmServicesTableLib.h>
-#include <Library/UefiDriverEntryPoint.h>
-#include <Library/UefiBootServicesTableLib.h>
-#include <Library/DxeServicesLib.h>
-#include <Library/TpmMeasurementLib.h>
-#include <Library/Tpm2DeviceLib.h>
-#include <Library/TrEEPpVendorLib.h>
-
-#pragma pack(1)
-typedef struct {
-  UINT8                  SoftwareSmi;
-  UINT32                 Parameter;
-  UINT32                 Response;
-  UINT32                 Request;
-  UINT32                 LastRequest;
-  UINT32                 ReturnCode;
-} PHYSICAL_PRESENCE_NVS;
-
-typedef struct {
-  UINT8                  SoftwareSmi;
-  UINT32                 Parameter;
-  UINT32                 Request;
-  UINT32                 ReturnCode;
-} MEMORY_CLEAR_NVS;
-
-typedef struct {
-  PHYSICAL_PRESENCE_NVS  PhysicalPresence;
-  MEMORY_CLEAR_NVS       MemoryClear;
-} TCG_NVS;
-
-typedef struct {
-  UINT8                  OpRegionOp;
-  UINT32                 NameString;
-  UINT8                  RegionSpace;
-  UINT8                  DWordPrefix;
-  UINT32                 RegionOffset;
-  UINT8                  BytePrefix;
-  UINT8                  RegionLen;
-} AML_OP_REGION_32_8;
-#pragma pack()
-
-//
-// The definition for TCG physical presence ACPI function
-//
-#define ACPI_FUNCTION_GET_PHYSICAL_PRESENCE_INTERFACE_VERSION      1
-#define ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS                       2
-#define ACPI_FUNCTION_GET_PENDING_REQUEST_BY_OS                    3
-#define ACPI_FUNCTION_GET_PLATFORM_ACTION_TO_TRANSITION_TO_BIOS    4
-#define ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS                5
-#define ACPI_FUNCTION_SUBMIT_PREFERRED_USER_LANGUAGE               6
-#define ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2                     7
-#define ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST     8
-
-//
-// The return code for Return TPM Operation Response to OS Environment
-//
-#define PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS                   0
-#define PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE                   1
-
-//
-// The definition for TCG MOR
-//
-#define ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE                   1
-#define ACPI_FUNCTION_PTS_CLEAR_MOR_BIT                            2
-
-//
-// The return code for Memory Clear Interface Functions
-//
-#define MOR_REQUEST_SUCCESS                                        0
-#define MOR_REQUEST_GENERAL_FAILURE                                1
-
-#endif  // __TCG_SMM_H__
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmm.inf b/SecurityPkg/Tcg/TrEESmm/TrEESmm.inf
deleted file mode 100644
index de71ffdc1b..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/TrEESmm.inf
+++ /dev/null
@@ -1,85 +0,0 @@
-## @file
-#  Provides ACPI metholds for TPM 2.0 support
-#
-#  This driver implements TPM 2.0 definition block in ACPI table and 
-#  registers SMI callback functions for TrEE physical presence and 
-#  MemoryClear to handle the requests from ACPI method.
-#
-#  Caution: This module requires additional review when modified.
-#  This driver will have external input - variable and ACPINvs data in SMM mode.
-#  This external input must be validated carefully to avoid security issue.
-#
-# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
-# This program and the accompanying materials
-# are licensed and made available under the terms and conditions of the BSD License
-# which accompanies this distribution. The full text of the license may be found at
-# http://opensource.org/licenses/bsd-license.php
-# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-#
-##
-
-[Defines]
-  INF_VERSION                    = 0x00010005
-  BASE_NAME                      = TrEESmm
-  MODULE_UNI_FILE                = TrEESmm.uni
-  FILE_GUID                      = 114B7105-6CC9-453c-BADC-16DF227BB4EF
-  MODULE_TYPE                    = DXE_SMM_DRIVER
-  PI_SPECIFICATION_VERSION       = 0x0001000A
-  VERSION_STRING                 = 1.0
-  ENTRY_POINT                    = InitializeTcgSmm
-
-[Sources]
-  TrEESmm.h
-  TrEESmm.c
-  Tpm.asl
-
-[Packages]
-  MdePkg/MdePkg.dec
-  MdeModulePkg/MdeModulePkg.dec
-  SecurityPkg/SecurityPkg.dec
-
-[LibraryClasses]
-  BaseLib
-  BaseMemoryLib
-  UefiDriverEntryPoint
-  SmmServicesTableLib
-  UefiBootServicesTableLib
-  DebugLib
-  DxeServicesLib
-  TpmMeasurementLib
-  Tpm2DeviceLib
-  TrEEPpVendorLib
-
-[Guids]
-  ## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
-  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
-  ## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
-  gEfiTrEEPhysicalPresenceGuid
-
-  ## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
-  ## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"  
-  gEfiMemoryOverwriteControlDataGuid
-  
-  gEfiTpmDeviceInstanceTpm20DtpmGuid                            ## PRODUCES           ## GUID       # TPM device identifier
-
-[Protocols]
-  gEfiSmmSwDispatch2ProtocolGuid                                ## CONSUMES
-  gEfiSmmVariableProtocolGuid                                   ## CONSUMES
-  gEfiAcpiTableProtocolGuid                                     ## CONSUMES
-
-[Pcd]
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid              ## CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId            ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId       ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision      ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId        ## SOMETIMES_CONSUMES
-  gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision  ## SOMETIMES_CONSUMES
-
-[Depex]
-  gEfiAcpiTableProtocolGuid AND
-  gEfiSmmSwDispatch2ProtocolGuid AND
-  gEfiSmmVariableProtocolGuid
-
-[UserExtensions.TianoCore."ExtraFiles"]
-  TrEESmmExtra.uni
\ No newline at end of file
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmm.uni b/SecurityPkg/Tcg/TrEESmm/TrEESmm.uni
deleted file mode 100644
index 3123918c3e..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/TrEESmm.uni
+++ /dev/null
@@ -1,28 +0,0 @@
-// /** @file
-// Provides ACPI metholds for TPM 2.0 support
-//
-// This driver implements TPM 2.0 definition block in ACPI table and
-// registers SMI callback functions for TrEE physical presence and
-// MemoryClear to handle the requests from ACPI method.
-// 
-// Caution: This module requires additional review when modified.
-// This driver will have external input - variable and ACPINvs data in SMM mode.
-// This external input must be validated carefully to avoid security issue.
-//
-// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-
-#string STR_MODULE_ABSTRACT             #language en-US "Provides ACPI metholds for TPM 2.0 support"
-
-#string STR_MODULE_DESCRIPTION          #language en-US "This driver implements TPM 2.0 definition block in ACPI table and registers SMI callback functions for TrEE physical presence and MemoryClear to handle the requests from ACPI method.\n"
-                                                        "Caution: This module requires additional review when modified. This driver will have external input - variable and ACPINvs data in SMM mode. This external input must be validated carefully to avoid security issues."
-
diff --git a/SecurityPkg/Tcg/TrEESmm/TrEESmmExtra.uni b/SecurityPkg/Tcg/TrEESmm/TrEESmmExtra.uni
deleted file mode 100644
index c7e4da28c8..0000000000
--- a/SecurityPkg/Tcg/TrEESmm/TrEESmmExtra.uni
+++ /dev/null
@@ -1,19 +0,0 @@
-// /** @file
-// TrEESmm Localized Strings and Content
-//
-// Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
-//
-// This program and the accompanying materials
-// are licensed and made available under the terms and conditions of the BSD License
-// which accompanies this distribution. The full text of the license may be found at
-// http://opensource.org/licenses/bsd-license.php
-// THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-// WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-//
-// **/
-
-#string STR_PROPERTIES_MODULE_NAME 
-#language en-US 
-"TrEE (Trusted Execution Environment) SMM"
-
-
-- 
2.16.2.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel