[FF-A] ACPI TPM2 Table Changes: (#1075)

## Description

Updated the SBSA package to include the ACPI changes needed to generate
the TPM2 ACPI table. Added the .inf to the .dsc and .fdf. Updated the
ACPI TPM2 revision value. Updated the NVS value to account for a
mismatch between expected vs. actual.

For details on how to complete these options and their meaning refer to
[CONTRIBUTING.md](https://github.com/microsoft/mu/blob/HEAD/CONTRIBUTING.md).

- [x] Impacts functionality?
- [ ] Impacts security?
- [ ] Breaking change?
- [ ] Includes tests?
- [ ] Includes documentation?

## How This Was Tested

Build using the SBSA package, verified ACPI TPM2 table was generated by
using acpiview in the UEFI shell

## Integration Instructions

N/A

Platforms/QemuSbsaPkg/FfaPartitionTest/FfaPartitionTestApp.c

@@ -44,7 +44,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
     0xe0fad9b3, 0x7f5c, 0x42c5, { 0xb2, 0xee, 0xb7, 0xa8, 0x23, 0x13, 0xcd, 0xb2 } \
   }
 
-
 UINT16  FfaPartId;
 
 EFI_HARDWARE_INTERRUPT_PROTOCOL  *gInterrupt;
@@ -149,7 +148,7 @@ FfaPartitionTestAppEntry (
 
   DUMP_HEX (DEBUG_INFO, 0, &SmcArgs, sizeof (SmcArgs), "    ");
 
-  // Retrieve the partition information from the retuend registers
+  // Retrieve the partition information from the returned registers
   CopyMem (&FfaTestPartInfo, &SmcArgs.Arg3, sizeof (EFI_FFA_PART_INFO_DESC));
 
   DEBUG ((DEBUG_INFO, "Discovered first FF-A Ffa SP.\n"));
@@ -236,7 +235,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg4 = ((6 << 16) | (0));
   DirectMsgArgsEx.Arg5 = ((7 << 16) | (1));
   DirectMsgArgsEx.Arg6 = ((8 << 16) | (2));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -260,7 +259,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg6 = ((3 << 16) | (2));
   DirectMsgArgsEx.Arg7 = ((4 << 16) | (3));
   DirectMsgArgsEx.Arg8 = ((5 << 16) | (4));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -280,7 +279,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg2 = 0xb610b3a359f64054;
   DirectMsgArgsEx.Arg3 = 0x01;
   DirectMsgArgsEx.Arg4 = ((7 << 16) | (1));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -296,7 +295,7 @@ FfaPartitionTestAppEntry (
   // Call the TPM Service get_interface_version
   ZeroMem (&DirectMsgArgsEx, sizeof (DirectMsgArgsEx));
   DirectMsgArgsEx.Arg0 = 0x0F000001;
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTpmServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTpmServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -309,13 +308,13 @@ FfaPartitionTestAppEntry (
     DEBUG ((DEBUG_INFO, "TPM Service Interface Version: %d.%d\n", DirectMsgArgsEx.Arg1 >> 16, DirectMsgArgsEx.Arg1 & 0xFFFF));
   }
 
-  // Call the TPM Service get_interface_version
+  // Invoke the Test Service to trigger a notification event
   ZeroMem (&DirectMsgArgsEx, sizeof (DirectMsgArgsEx));
   DirectMsgArgsEx.Arg0 = 0xDEF1;
   DirectMsgArgsEx.Arg1 = 0xba7aff2eb1eac765;
   DirectMsgArgsEx.Arg2 = 0xb710b3a359f64054; // Battery Service
-  DirectMsgArgsEx.Arg3 = 0x01; // ID 1
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTestServiceGuid, &DirectMsgArgsEx);
+  DirectMsgArgsEx.Arg3 = 0x01;               // ID 1
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTestServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;

Platforms/QemuSbsaPkg/FfaPartitionTest/FfaPartitionTestApp.inf

@@ -11,7 +11,7 @@
 [Defines]
   INF_VERSION                    = 0x00010006
   BASE_NAME                      = FfaPartitionTestApp
-  FILE_GUID                      = e3dd9528-cee0-4375-995d-abd4b6ca314c
+  FILE_GUID                      = c02b1056-0c82-4c58-9bbc-94a7d5726ff1
   MODULE_TYPE                    = UEFI_APPLICATION
   VERSION_STRING                 = 1.0
   ENTRY_POINT                    = FfaPartitionTestAppEntry

Platforms/QemuSbsaPkg/Library/PlatformPeiLib/PlatformPeiLib.c

@@ -38,14 +38,11 @@ PlatformPeim (
   UINT64      TpmBase;
   EFI_STATUS  Status;
 
-  TpmBase = PcdGet64(PcdTpmBaseAddress);
+  TpmBase = PcdGet64 (PcdTpmBaseAddress);
 
   if (TpmBase != 0) {
     DEBUG ((DEBUG_INFO, "%a: TPM @ 0x%lx\n", __func__, TpmBase));
 
-    Status = (EFI_STATUS)PcdSet64S (PcdTpmBaseAddress, TpmBase);
-    ASSERT_EFI_ERROR (Status);
-
     Status = PeiServicesInstallPpi (&mTpm2DiscoveredPpi);
   } else {
     Status = PeiServicesInstallPpi (&mTpm2InitializationDonePpi);

Platforms/QemuSbsaPkg/QemuSbsaPkg.ci.yaml

@@ -56,6 +56,7 @@
             "PolicyServicePkg/PolicyServicePkg.dec",
             "OemPkg/OemPkg.dec",
             "SetupDataPkg/SetupDataPkg.dec",
+            "StandaloneMmPkg/StandaloneMmPkg.dec",
             ""
         ],
         # For host based unit tests

Platforms/QemuSbsaPkg/QemuSbsaPkg.dsc

@@ -494,6 +494,7 @@
 
   ArmMmuLib|ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf
   StandaloneMmCoreEntryPoint|ArmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
+  SecurePartitionServicesTableLib|ArmPkg/Library/SecurePartitionServicesTableLib/SecurePartitionServicesTableLib.inf
   PeCoffExtraActionLib|StandaloneMmPkg/Library/StandaloneMmPeCoffExtraActionLib/StandaloneMmPeCoffExtraActionLib.inf
   MmServicesTableLib|StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLibCore.inf
   ArmFfaLib|ArmPkg/Library/ArmFfaLib/ArmFfaStandaloneMmCoreLib.inf
@@ -636,7 +637,7 @@
   # but not used).
   #
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x40
-  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x14
+  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x28
 !if $(TOOL_CHAIN_TAG) == GCC5     # This is really odd on why CLANGPDB has runtime memory consumption differences
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x505
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x258
@@ -836,6 +837,12 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId|0x554D5250 #PRMU
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision|1
 
+  #
+  # TPM2 support
+  #
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x10000010000
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmMaxAddress|0x10000014FFF
+
 [PcdsFixedAtBuild.AARCH64]
   # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point,
   # if the entry point version is >= 3.0. AARCH64 OSes cannot assume the
@@ -909,7 +916,6 @@
   #
   # TPM2 support
   #
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x10000010000
 !if $(TPM2_ENABLE) == TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0
@@ -921,10 +927,11 @@
   gArmTokenSpaceGuid.PcdMmBufferBase
 
 [PcdsDynamicHii]
-
+!if $(TPM2_ENABLE) == TRUE
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|4|NV,BS
+!endif
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
 !endif
 
 ################################################################################
@@ -1252,6 +1259,8 @@
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
 !endif
+
+  SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.inf
 !endif
 
   #

Platforms/QemuSbsaPkg/QemuSbsaPkg.fdf

@@ -391,6 +391,7 @@ READ_LOCK_STATUS   = TRUE
   #
 !if $(TPM2_ENABLE) == TRUE
   INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+  INF SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.inf
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
 !endif

Platforms/QemuSbsaPkg/fdts/qemu_sbsa_example_config.dts

@@ -1,83 +1,83 @@
-/*
- * Copyright (c) 2020-21, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-
-/ {
-#define MODE_SEL0	(0x1)
-#define MODE_SEL1	(0x2)
-
-#define SECURE_RO 0x1
-#define SECURE_RW 0x3
-#define SECURE_EXECUTE_RO 0x5
-#define SECURE_EXECUTE_RW 0x7
-#define NON_SECURE_RO 0x9
-#define NON_SECURE_RW 0xB
-#define NON_SECURE_EXECUTE_RO 0xD
-#define NONSECURE_EXECUTE_RW 0xF
-	/*
-	 * FF-A compatible Secure Partition Manager parses the
-	 * config file and fetch the following booting arguments to
-	 * pass on to the StandAloneMM(StMM) Secure Partition.
-	 */
-	compatible = "arm,ffa-manifest-1.0";
-
-	description = "Example Services";
-	ffa-version = <0x00010002>; /* 31:16 - Major, 15:0 - Minor */
-	uuid = <0xb510b3a3 0x59f64054 0xba7aff2e 0xb1eac765>, <0x17b862a4 0x18064faf 0x86b3089a 0x58353861>, <0xe0fad9b3 0x7f5c42c5 0xb2eeb7a8 0x2313cdb2>;
-	id = <0x8002>;
-	execution-ctx-count = <1>;
-	exception-level = <MODE_SEL1>; /* SEL1*/
-	execution-state = <0>; /* AArch64*/
-	load-address = <0x0 0x20400000>;
-	entrypoint-offset = <0x10000>;
-	image-size = <0x0 0x400000>;
-	xlat-granule = <0>; /* 4KiB */
-	boot-order = <1>;
-	messaging-method = <0x603>; /* Direct request/response supported. */
-	ns-interrupts-action = <2>; /* Non-secure interrupt is signaled */
-	notification-support; /* Support receipt of notifications. */
-	gp-register-num = <0>;
-
-	boot-info {
-		compatible = "arm,ffa-manifest-boot-info";
-		ffa_manifest;
-	};
-
-	device-regions {
-		compatible = "arm,ffa-manifest-device-regions";
-
-		mailbox {
-			description = "mailbox";
-			base-address = <0x00000100 0x1FFFE000>;
-			pages-count = <0x1>; /* 4KB (actual 256 bytes) */
-			attributes = <SECURE_RW>; /* s-read-write */
-		};
-
-		/*
-		 * Secure UART region.
-		 */
-		secure_uart {
-			base-address = <0x0 0x60030000>;
-			pages-count = <0x1>;
-			attributes = <SECURE_RW>;
-		};
-
-		internl_tpm_crb {
-			description = "internal tpm crb";
-			base-address = <0x00000100 0x00010000>;
-			pages-count = <0x10>;
-			attributes = <SECURE_RW>;
-		};
-
-		external_tpm_crb {
-			description = "external tpm crb";
-			base-address = <0x00000000 0x60120000>;
-			pages-count = <0x10>;
-			attributes = <SECURE_RW>;
-		};
-	};
-};
+/*
+ * Copyright (c) 2020-21, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/dts-v1/;
+
+/ {
+#define MODE_SEL0	(0x1)
+#define MODE_SEL1	(0x2)
+
+#define SECURE_RO 0x1
+#define SECURE_RW 0x3
+#define SECURE_EXECUTE_RO 0x5
+#define SECURE_EXECUTE_RW 0x7
+#define NON_SECURE_RO 0x9
+#define NON_SECURE_RW 0xB
+#define NON_SECURE_EXECUTE_RO 0xD
+#define NONSECURE_EXECUTE_RW 0xF
+	/*
+	 * FF-A compatible Secure Partition Manager parses the
+	 * config file and fetch the following booting arguments to
+	 * pass on to the StandAloneMM(StMM) Secure Partition.
+	 */
+	compatible = "arm,ffa-manifest-1.0";
+
+	description = "Example Services";
+	ffa-version = <0x00010002>; /* 31:16 - Major, 15:0 - Minor */
+	uuid = <0xb510b3a3 0x59f64054 0xba7aff2e 0xb1eac765>, <0x17b862a4 0x18064faf 0x86b3089a 0x58353861>, <0xe0fad9b3 0x7f5c42c5 0xb2eeb7a8 0x2313cdb2>;
+	id = <0x8002>;
+	execution-ctx-count = <1>;
+	exception-level = <MODE_SEL1>; /* SEL1*/
+	execution-state = <0>; /* AArch64*/
+	load-address = <0x0 0x20400000>;
+	entrypoint-offset = <0x10000>;
+	image-size = <0x0 0x400000>;
+	xlat-granule = <0>; /* 4KiB */
+	boot-order = <1>;
+	messaging-method = <0x603>; /* Direct request/response supported. */
+	ns-interrupts-action = <2>; /* Non-secure interrupt is signaled */
+	notification-support; /* Support receipt of notifications. */
+	gp-register-num = <0>;
+
+	boot-info {
+		compatible = "arm,ffa-manifest-boot-info";
+		ffa_manifest;
+	};
+
+	device-regions {
+		compatible = "arm,ffa-manifest-device-regions";
+
+		mailbox {
+			description = "mailbox";
+			base-address = <0x00000100 0x1FFFE000>;
+			pages-count = <0x1>; /* 4KB (actual 256 bytes) */
+			attributes = <SECURE_RW>; /* s-read-write */
+		};
+
+		/*
+		 * Secure UART region.
+		 */
+		secure_uart {
+			base-address = <0x0 0x60030000>;
+			pages-count = <0x1>;
+			attributes = <SECURE_RW>;
+		};
+
+		internl_tpm_crb {
+			description = "internal tpm crb";
+			base-address = <0x00000100 0x00010000>;
+			pages-count = <0x10>;
+			attributes = <SECURE_RW>;
+		};
+
+		external_tpm_crb {
+			description = "external tpm crb";
+			base-address = <0x00000000 0x60120000>;
+			pages-count = <0x10>;
+			attributes = <SECURE_RW>;
+		};
+	};
+};