[edk2-devel] [PATCH v2 6/6] SecurityPkg: Tcg2Acpi: Added unblock memory interface for NVS region

Kun Qin Tue, 09 Feb 2021 17:25:26 -0800

This changes added usage of DxeMmUnblockMemoryLib to explicitly request
allocated NVS region to be accessible from MM environment. It will bring
in compatibility with architectures that supports full memory blockage
inside MM.


Cc: Jiewen Yao <jiewen....@intel.com>
Cc: Jian J Wang <jian.j.w...@intel.com>
Cc: Qi Zhang <qi1.zh...@intel.com>
Cc: Rahul Kumar <rahul1.ku...@intel.com>

Signed-off-by: Kun Qin <ku...@outlook.com>
---

Notes:
    v2:
    - Newly added in v2.

 SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c   | 6 ++++++
 SecurityPkg/SecurityPkg.dsc           | 1 +
 SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf | 1 +
 3 files changed, 8 insertions(+)

diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c 
b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
index 7080df81efe7..cc37a8d5b9d9 100644
--- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
+++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
@@ -36,6 +36,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #include <Library/Tpm2DeviceLib.h>
 #include <Library/Tpm2CommandLib.h>
 #include <Library/UefiLib.h>
+#include <Library/DxeMmUnblockMemoryLib.h>
 
 //
 // Physical Presence Interface Version supported by Platform
@@ -145,6 +146,11 @@ AssignOpRegion (
       ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);
       OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;
       OpRegion->RegionLen    = (UINT8) Size;
+      // Request to unblock this region from MM core
+      Status = DxeMmUnblockMemoryRequest (MemoryAddress, EFI_SIZE_TO_PAGES 
(Size));
+      if (Status != EFI_UNSUPPORTED && EFI_ERROR (Status)) {
+        ASSERT_EFI_ERROR (Status);
+      }
       break;
     }
   }
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 37242da93f3d..d937521db388 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -67,6 +67,7 @@ [LibraryClasses]
   VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
   RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
   
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
+  
DxeMmUnblockMemoryLib|MdeModulePkg/Library/DxeMmUnblockMemoryLib/DxeMmUnblockMemoryLibNull.inf
 
 [LibraryClasses.ARM]
   #
diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf 
b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
index d8e06881c01d..60455610f9f6 100644
--- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
+++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
@@ -55,6 +55,7 @@ [LibraryClasses]
   Tpm2CommandLib
   Tcg2PhysicalPresenceLib
   PcdLib
+  DxeMmUnblockMemoryLib
 
 [Guids]
   gEfiTpmDeviceInstanceTpm20DtpmGuid                            ## PRODUCES    
       ## GUID       # TPM device identifier
-- 
2.30.0.windows.1



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#71554): https://edk2.groups.io/g/devel/message/71554
Mute This Topic: https://groups.io/mt/80522088/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[edk2-devel] [PATCH v2 6/6] SecurityPkg: Tcg2Acpi: Added unblock memory interface for NVS region

Reply via email to