[FF-A] ACPI TPM2 Table Changes:

Platforms/QemuSbsaPkg/FfaPartitionTest/FfaPartitionTestApp.c

@@ -44,7 +44,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
     0xe0fad9b3, 0x7f5c, 0x42c5, { 0xb2, 0xee, 0xb7, 0xa8, 0x23, 0x13, 0xcd, 0xb2 } \
   }
 
-
 UINT16  FfaPartId;
 
 EFI_HARDWARE_INTERRUPT_PROTOCOL  *gInterrupt;
@@ -149,7 +148,7 @@ FfaPartitionTestAppEntry (
 
   DUMP_HEX (DEBUG_INFO, 0, &SmcArgs, sizeof (SmcArgs), "    ");
 
-  // Retrieve the partition information from the retuend registers
+  // Retrieve the partition information from the returned registers
   CopyMem (&FfaTestPartInfo, &SmcArgs.Arg3, sizeof (EFI_FFA_PART_INFO_DESC));
 
   DEBUG ((DEBUG_INFO, "Discovered first FF-A Ffa SP.\n"));
@@ -236,7 +235,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg4 = ((6 << 16) | (0));
   DirectMsgArgsEx.Arg5 = ((7 << 16) | (1));
   DirectMsgArgsEx.Arg6 = ((8 << 16) | (2));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -260,7 +259,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg6 = ((3 << 16) | (2));
   DirectMsgArgsEx.Arg7 = ((4 << 16) | (3));
   DirectMsgArgsEx.Arg8 = ((5 << 16) | (4));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -280,7 +279,7 @@ FfaPartitionTestAppEntry (
   DirectMsgArgsEx.Arg2 = 0xb610b3a359f64054;
   DirectMsgArgsEx.Arg3 = 0x01;
   DirectMsgArgsEx.Arg4 = ((7 << 16) | (1));
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaNotificationServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -296,7 +295,7 @@ FfaPartitionTestAppEntry (
   // Call the TPM Service get_interface_version
   ZeroMem (&DirectMsgArgsEx, sizeof (DirectMsgArgsEx));
   DirectMsgArgsEx.Arg0 = 0x0F000001;
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTpmServiceGuid, &DirectMsgArgsEx);
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTpmServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;
@@ -309,13 +308,13 @@ FfaPartitionTestAppEntry (
     DEBUG ((DEBUG_INFO, "TPM Service Interface Version: %d.%d\n", DirectMsgArgsEx.Arg1 >> 16, DirectMsgArgsEx.Arg1 & 0xFFFF));
   }
 
-  // Call the TPM Service get_interface_version
+  // Invoke the Test Service to trigger a notification event
   ZeroMem (&DirectMsgArgsEx, sizeof (DirectMsgArgsEx));
   DirectMsgArgsEx.Arg0 = 0xDEF1;
   DirectMsgArgsEx.Arg1 = 0xba7aff2eb1eac765;
   DirectMsgArgsEx.Arg2 = 0xb710b3a359f64054; // Battery Service
-  DirectMsgArgsEx.Arg3 = 0x01; // ID 1
-  Status = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTestServiceGuid, &DirectMsgArgsEx);
+  DirectMsgArgsEx.Arg3 = 0x01;               // ID 1
+  Status               = FfaMessageSendDirectReq2 (FfaTestPartInfo.PartitionId, &FfaTestServiceGuid, &DirectMsgArgsEx);
   if (EFI_ERROR (Status)) {
     DEBUG ((DEBUG_ERROR, "Unable to communicate direct req 2 with FF-A Ffa test SP (%r).\n", Status));
     goto Done;

Platforms/QemuSbsaPkg/FfaPartitionTest/FfaPartitionTestApp.inf

@@ -11,7 +11,7 @@
 [Defines]
   INF_VERSION                    = 0x00010006
   BASE_NAME                      = FfaPartitionTestApp
-  FILE_GUID                      = e3dd9528-cee0-4375-995d-abd4b6ca314c
+  FILE_GUID                      = c02b1056-0c82-4c58-9bbc-94a7d5726ff1
   MODULE_TYPE                    = UEFI_APPLICATION
   VERSION_STRING                 = 1.0
   ENTRY_POINT                    = FfaPartitionTestAppEntry

Platforms/QemuSbsaPkg/Library/PlatformPeiLib/PlatformPeiLib.c

@@ -38,14 +38,11 @@ PlatformPeim (
   UINT64      TpmBase;
   EFI_STATUS  Status;
 
-  TpmBase = PcdGet64(PcdTpmBaseAddress);
+  TpmBase = PcdGet64 (PcdTpmBaseAddress);
 
   if (TpmBase != 0) {
     DEBUG ((DEBUG_INFO, "%a: TPM @ 0x%lx\n", __func__, TpmBase));
 
-    Status = (EFI_STATUS)PcdSet64S (PcdTpmBaseAddress, TpmBase);
-    ASSERT_EFI_ERROR (Status);
-
     Status = PeiServicesInstallPpi (&mTpm2DiscoveredPpi);
   } else {
     Status = PeiServicesInstallPpi (&mTpm2InitializationDonePpi);

Platforms/QemuSbsaPkg/QemuSbsaPkg.ci.yaml

@@ -56,6 +56,7 @@
             "PolicyServicePkg/PolicyServicePkg.dec",
             "OemPkg/OemPkg.dec",
             "SetupDataPkg/SetupDataPkg.dec",
+            "StandaloneMmPkg/StandaloneMmPkg.dec",
             ""
         ],
         # For host based unit tests

Platforms/QemuSbsaPkg/QemuSbsaPkg.dsc

@@ -494,6 +494,7 @@
 
   ArmMmuLib|ArmPkg/Library/StandaloneMmMmuLib/ArmMmuStandaloneMmLib.inf
   StandaloneMmCoreEntryPoint|ArmPkg/Library/StandaloneMmCoreEntryPoint/StandaloneMmCoreEntryPoint.inf
+  SecurePartitionServicesTableLib|ArmPkg/Library/SecurePartitionServicesTableLib/SecurePartitionServicesTableLib.inf
   PeCoffExtraActionLib|StandaloneMmPkg/Library/StandaloneMmPeCoffExtraActionLib/StandaloneMmPeCoffExtraActionLib.inf
   MmServicesTableLib|StandaloneMmPkg/Library/StandaloneMmServicesTableLib/StandaloneMmServicesTableLibCore.inf
   ArmFfaLib|ArmPkg/Library/ArmFfaLib/ArmFfaStandaloneMmCoreLib.inf
@@ -636,7 +637,7 @@
   # but not used).
   #
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIReclaimMemory|0x40
-  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x14
+  gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiACPIMemoryNVS|0x28
 !if $(TOOL_CHAIN_TAG) == GCC5     # This is really odd on why CLANGPDB has runtime memory consumption differences
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiReservedMemoryType|0x505
   gEmbeddedTokenSpaceGuid.PcdMemoryTypeEfiRuntimeServicesData|0x258
@@ -836,6 +837,12 @@
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId|0x554D5250 #PRMU
   gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision|1
 
+  #
+  # TPM2 support
+  #
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x10000010000
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpmMaxAddress|0x10000014FFF
+
 [PcdsFixedAtBuild.AARCH64]
   # Clearing BIT0 in this PCD prevents installing a 32-bit SMBIOS entry point,
   # if the entry point version is >= 3.0. AARCH64 OSes cannot assume the
@@ -909,7 +916,6 @@
   #
   # TPM2 support
   #
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0x10000010000
 !if $(TPM2_ENABLE) == TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
   gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|0
@@ -921,10 +927,11 @@
   gArmTokenSpaceGuid.PcdMmBufferBase
 
 [PcdsDynamicHii]
-
+!if $(TPM2_ENABLE) == TRUE
+  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|4|NV,BS
+!endif
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   gEfiSecurityPkgTokenSpaceGuid.PcdTcgPhysicalPresenceInterfaceVer|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x0|"1.3"|NV,BS
-  gEfiSecurityPkgTokenSpaceGuid.PcdTpm2AcpiTableRev|L"TCG2_VERSION"|gTcg2ConfigFormSetGuid|0x8|3|NV,BS
 !endif
 
 ################################################################################
@@ -1252,6 +1259,8 @@
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
 !endif
+
+  SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.inf
 !endif
 
   #

Platforms/QemuSbsaPkg/QemuSbsaPkg.fdf

@@ -391,6 +391,7 @@ READ_LOCK_STATUS   = TRUE
   #
 !if $(TPM2_ENABLE) == TRUE
   INF SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
+  INF SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.inf
 !if $(TPM2_CONFIG_ENABLE) == TRUE
   INF SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
 !endif

Platforms/QemuSbsaPkg/fdts/qemu_sbsa_example_config.dts

@@ -1,83 +1,83 @@
-/*
- * Copyright (c) 2020-21, ARM Limited and Contributors. All rights reserved.
- *
- * SPDX-License-Identifier: BSD-3-Clause
- */
-
-/dts-v1/;
-
-/ {
-#define MODE_SEL0	(0x1)
-#define MODE_SEL1	(0x2)
-
-#define SECURE_RO 0x1
-#define SECURE_RW 0x3
-#define SECURE_EXECUTE_RO 0x5
-#define SECURE_EXECUTE_RW 0x7
-#define NON_SECURE_RO 0x9
-#define NON_SECURE_RW 0xB
-#define NON_SECURE_EXECUTE_RO 0xD
-#define NONSECURE_EXECUTE_RW 0xF
-	/*
-	 * FF-A compatible Secure Partition Manager parses the
-	 * config file and fetch the following booting arguments to
-	 * pass on to the StandAloneMM(StMM) Secure Partition.
-	 */
-	compatible = "arm,ffa-manifest-1.0";
-
-	description = "Example Services";
-	ffa-version = <0x00010002>; /* 31:16 - Major, 15:0 - Minor */
-	uuid = <0xb510b3a3 0x59f64054 0xba7aff2e 0xb1eac765>, <0x17b862a4 0x18064faf 0x86b3089a 0x58353861>, <0xe0fad9b3 0x7f5c42c5 0xb2eeb7a8 0x2313cdb2>;
-	id = <0x8002>;
-	execution-ctx-count = <1>;
-	exception-level = <MODE_SEL1>; /* SEL1*/
-	execution-state = <0>; /* AArch64*/
-	load-address = <0x0 0x20400000>;
-	entrypoint-offset = <0x10000>;
-	image-size = <0x0 0x400000>;
-	xlat-granule = <0>; /* 4KiB */
-	boot-order = <1>;
-	messaging-method = <0x603>; /* Direct request/response supported. */
-	ns-interrupts-action = <2>; /* Non-secure interrupt is signaled */
-	notification-support; /* Support receipt of notifications. */
-	gp-register-num = <0>;
-
-	boot-info {
-		compatible = "arm,ffa-manifest-boot-info";
-		ffa_manifest;
-	};
-
-	device-regions {
-		compatible = "arm,ffa-manifest-device-regions";
-
-		mailbox {
-			description = "mailbox";
-			base-address = <0x00000100 0x1FFFE000>;
-			pages-count = <0x1>; /* 4KB (actual 256 bytes) */
-			attributes = <SECURE_RW>; /* s-read-write */
-		};
-
-		/*
-		 * Secure UART region.
-		 */
-		secure_uart {
-			base-address = <0x0 0x60030000>;
-			pages-count = <0x1>;
-			attributes = <SECURE_RW>;
-		};
-
-		internl_tpm_crb {
-			description = "internal tpm crb";
-			base-address = <0x00000100 0x00010000>;
-			pages-count = <0x10>;
-			attributes = <SECURE_RW>;
-		};
-
-		external_tpm_crb {
-			description = "external tpm crb";
-			base-address = <0x00000000 0x60120000>;
-			pages-count = <0x10>;
-			attributes = <SECURE_RW>;
-		};
-	};
-};
+/*
+ * Copyright (c) 2020-21, ARM Limited and Contributors. All rights reserved.
+ *
+ * SPDX-License-Identifier: BSD-3-Clause
+ */
+
+/dts-v1/;
+
+/ {
+#define MODE_SEL0	(0x1)
+#define MODE_SEL1	(0x2)
+
+#define SECURE_RO 0x1
+#define SECURE_RW 0x3
+#define SECURE_EXECUTE_RO 0x5
+#define SECURE_EXECUTE_RW 0x7
+#define NON_SECURE_RO 0x9
+#define NON_SECURE_RW 0xB
+#define NON_SECURE_EXECUTE_RO 0xD
+#define NONSECURE_EXECUTE_RW 0xF
+	/*
+	 * FF-A compatible Secure Partition Manager parses the
+	 * config file and fetch the following booting arguments to
+	 * pass on to the StandAloneMM(StMM) Secure Partition.
+	 */
+	compatible = "arm,ffa-manifest-1.0";
+
+	description = "Example Services";
+	ffa-version = <0x00010002>; /* 31:16 - Major, 15:0 - Minor */
+	uuid = <0xb510b3a3 0x59f64054 0xba7aff2e 0xb1eac765>, <0x17b862a4 0x18064faf 0x86b3089a 0x58353861>, <0xe0fad9b3 0x7f5c42c5 0xb2eeb7a8 0x2313cdb2>;
+	id = <0x8002>;
+	execution-ctx-count = <1>;
+	exception-level = <MODE_SEL1>; /* SEL1*/
+	execution-state = <0>; /* AArch64*/
+	load-address = <0x0 0x20400000>;
+	entrypoint-offset = <0x10000>;
+	image-size = <0x0 0x400000>;
+	xlat-granule = <0>; /* 4KiB */
+	boot-order = <1>;
+	messaging-method = <0x603>; /* Direct request/response supported. */
+	ns-interrupts-action = <2>; /* Non-secure interrupt is signaled */
+	notification-support; /* Support receipt of notifications. */
+	gp-register-num = <0>;
+
+	boot-info {
+		compatible = "arm,ffa-manifest-boot-info";
+		ffa_manifest;
+	};
+
+	device-regions {
+		compatible = "arm,ffa-manifest-device-regions";
+
+		mailbox {
+			description = "mailbox";
+			base-address = <0x00000100 0x1FFFE000>;
+			pages-count = <0x1>; /* 4KB (actual 256 bytes) */
+			attributes = <SECURE_RW>; /* s-read-write */
+		};
+
+		/*
+		 * Secure UART region.
+		 */
+		secure_uart {
+			base-address = <0x0 0x60030000>;
+			pages-count = <0x1>;
+			attributes = <SECURE_RW>;
+		};
+
+		internl_tpm_crb {
+			description = "internal tpm crb";
+			base-address = <0x00000100 0x00010000>;
+			pages-count = <0x10>;
+			attributes = <SECURE_RW>;
+		};
+
+		external_tpm_crb {
+			description = "external tpm crb";
+			base-address = <0x00000000 0x60120000>;
+			pages-count = <0x10>;
+			attributes = <SECURE_RW>;
+		};
+	};
+};