[PATCH v6 7/7] SecurityPkg: Tcg2Acpi: Added unblock memory interface for NVS region


Kun Qin <kun.q@...>
 

This changes added usage of MmUnblockMemoryLib to explicitly request
allocated NVS region to be accessible from MM environment. It will bring
in compatibility with architectures that supports full memory blockage
inside MM.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Qi Zhang <qi1.zhang@intel.com>
Cc: Rahul Kumar <rahul1.kumar@intel.com>

Signed-off-by: Kun Qin <kun.q@outlook.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
---

Notes:
v6:
- Previously reviewed, no change.

v5:
- Previously reviewed, no change.

v4:
- Previously reviewed, no change.

v3:
- Added review-by tag. [Jiewen]
- Remove Dxe prefix to match interface update. [Jiewen]

v2:
- Newly added in v2.

SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c | 6 ++++++
SecurityPkg/SecurityPkg.dsc | 1 +
SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf | 1 +
3 files changed, 8 insertions(+)

diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
index 924c3b4edda6..e8844e474a9b 100644
--- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
+++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.c
@@ -38,6 +38,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
#include <Library/Tpm2DeviceLib.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/UefiLib.h>
+#include <Library/MmUnblockMemoryLib.h>

//
// Physical Presence Interface Version supported by Platform
@@ -147,6 +148,11 @@ AssignOpRegion (
ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);
OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;
OpRegion->RegionLen = (UINT8) Size;
+ // Request to unblock this region from MM core
+ Status = MmUnblockMemoryRequest (MemoryAddress, EFI_SIZE_TO_PAGES (Size));
+ if (Status != EFI_UNSUPPORTED && EFI_ERROR (Status)) {
+ ASSERT_EFI_ERROR (Status);
+ }
break;
}
}
diff --git a/SecurityPkg/SecurityPkg.dsc b/SecurityPkg/SecurityPkg.dsc
index 74ec42966273..a77665518bdd 100644
--- a/SecurityPkg/SecurityPkg.dsc
+++ b/SecurityPkg/SecurityPkg.dsc
@@ -67,6 +67,7 @@ [LibraryClasses]
VariableKeyLib|SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.inf
RpmcLib|SecurityPkg/Library/RpmcLibNull/RpmcLibNull.inf
TcgEventLogRecordLib|SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.inf
+ MmUnblockMemoryLib|MdePkg/Library/MmUnblockMemoryLib/MmUnblockMemoryLibNull.inf

[LibraryClasses.ARM]
#
diff --git a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
index 42ddb4bd1f39..f1c6ae5b1cb4 100644
--- a/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
+++ b/SecurityPkg/Tcg/Tcg2Acpi/Tcg2Acpi.inf
@@ -57,6 +57,7 @@ [LibraryClasses]
Tpm2CommandLib
Tcg2PhysicalPresenceLib
PcdLib
+ MmUnblockMemoryLib

[Guids]
gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier
--
2.30.0.windows.1