diff options
Diffstat (limited to 'Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/HstiSiliconDxe.h')
| -rw-r--r-- | Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/HstiSiliconDxe.h | 276 |
1 files changed, 276 insertions, 0 deletions
diff --git a/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/HstiSiliconDxe.h b/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/HstiSiliconDxe.h new file mode 100644 index 0000000000..b2b48a2152 --- /dev/null +++ b/Silicon/Intel/KabylakeSiliconPkg/Hsti/Dxe/HstiSiliconDxe.h @@ -0,0 +1,276 @@ +/** @file
+ This file contains the required header files for the HSTI Silicon DXE driver
+
+Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
+This program and the accompanying materials are licensed and made available under
+the terms and conditions of the BSD License that accompanies this distribution.
+The full text of the license may be found at
+http://opensource.org/licenses/bsd-license.php.
+
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
+WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
+
+**/
+
+#ifndef _HSTI_SILICON_DXE_H_
+#define _HSTI_SILICON_DXE_H_
+
+#include <PiDxe.h>
+#include <Library/BaseLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/DebugLib.h>
+#include <Library/MemoryAllocationLib.h>
+#include <Library/UefiBootServicesTableLib.h>
+#include <Protocol/MpService.h>
+#include <Library/PciLib.h>
+#include <Library/TimerLib.h>
+#include <Library/IoLib.h>
+#include <Guid/EventGroup.h>
+#include <Library/UefiLib.h>
+#include <Protocol/SiPolicyProtocol.h>
+#include <IndustryStandard/Hsti.h>
+#include <Protocol/AdapterInformation.h>
+#include <Library/HstiLib.h>
+#include <HstiFeatureBit.h>
+#include <Protocol/Spi.h>
+#include <Library/PchCycleDecodingLib.h>
+#include <Library/HobLib.h>
+#include <Library/PchPcrLib.h>
+#include <Library/MmPciLib.h>
+#include <Library/PchP2sbLib.h>
+
+#ifndef TPM_BASE
+#define TPM_BASE 0
+#endif
+#include <Library/Tpm2CommandLib.h>
+
+#define TPM_BASE_ADDRESS 0xfed40000
+
+//
+// Silicon
+//
+#include <Register/Cpuid.h>
+#include <Register/Msr.h>
+#include <SaRegs.h>
+#include <SaAccess.h>
+#include <PchAccess.h>
+#include <MeChipset.h>
+#include <Library/PchGbeLib.h>
+#include <Library/CpuPlatformLib.h>
+
+#define SIZE_4KB 0x00001000
+#define SIZE_16KB 0x00004000
+#define SIZE_32KB 0x00008000
+#define SIZE_1MB 0x00100000
+#define SIZE_2MB 0x00200000
+#define SIZE_4MB 0x00400000
+#define SIZE_8MB 0x00800000
+#define SIZE_16MB 0x01000000
+#define SIZE_32MB 0x02000000
+#define SIZE_128MB 0x08000000
+#define SIZE_4GB 0x0000000100000000ULL
+#define BASE_4GB 0x0000000100000000ULL
+//@todo need to take this back to HstiFeatureBit.h
+#define HSTI_BYTE0_SECURE_CPU_CONFIGURATION_ERROR_STRING_B L" SMM Code Fetch outside SMRAM detection feature is disabled\r\n"
+
+//@todo need to take this back to HstiFeatureBit.h
+#define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_CODE_4 L"0x000A0004"
+#define HSTI_BYTE1_SECURE_PCH_CONFIGURATION_ERROR_STRING_4 L" P2SB SBI lock not set\r\n"
+
+#define MAX_NEW_AUTHORIZATION_SIZE SHA512_DIGEST_SIZE
+
+#define HSTI_PLATFORM_NAME L"Intel(R) 9-Series v1"
+
+#pragma pack(1)
+typedef struct {
+ UINT32 Version;
+ UINT32 Role;
+ CHAR16 ImplementationID[256];
+ UINT32 SecurityFeaturesSize;
+ UINT8 SecurityFeaturesRequired[HSTI_SECURITY_FEATURE_SIZE];
+ UINT8 SecurityFeaturesImplemented[HSTI_SECURITY_FEATURE_SIZE];
+ UINT8 SecurityFeaturesVerified[HSTI_SECURITY_FEATURE_SIZE];
+ CHAR16 End;
+} ADAPTER_INFO_PLATFORM_SECURITY_STRUCT;
+#pragma pack()
+
+extern UINT8 mFeatureImplemented[HSTI_SECURITY_FEATURE_SIZE];
+extern EFI_GUID gHstiProtocolGuid;
+extern EFI_GUID gHstiPublishCompleteProtocolGuid;
+
+/**
+ Concatenate error string.
+
+ @param[in] ErrorCodeString - Error Code
+ @param[in] ErrorCategoryString - Error Category
+ @param[in] ErrorString - Error Text
+
+ @retval CHAR16 - Concatenated string.
+**/
+CHAR16 *
+EFIAPI
+BuildHstiErrorString (
+ IN CHAR16 *ErrorCodeString,
+ IN CHAR16 *ErrorCategoryString,
+ IN CHAR16 *ErrorString
+ );
+
+/**
+ Run tests for HardwareRootedBootIntegrity bit
+**/
+VOID
+CheckHardwareRootedBootIntegrity (
+ VOID
+ );
+
+/**
+ Run tests for BootFirmwareMediaProtection bit
+**/
+VOID
+CheckBootFirmwareMediaProtection (
+ VOID
+ );
+
+/**
+ Run tests for SignedFirmwareUpdate bit
+**/
+VOID
+CheckSignedFirmwareUpdate (
+ VOID
+ );
+
+/**
+ Run tests for MeasuredBootEnforcement bit
+**/
+VOID
+CheckMeasuredBootEnforcement (
+ VOID
+ );
+
+/**
+ Run tests for IntegratedDeviceDMAProtection bit
+**/
+VOID
+CheckIntegratedDeviceDmaProtection (
+ VOID
+ );
+
+/**
+ Run tests for DebugModeDisabled bit
+**/
+VOID
+CheckDebugModeDisabled (
+ VOID
+ );
+
+/**
+ Run tests for SecureCPUConfiguration bit
+**/
+VOID
+CheckSecureCpuConfiguration (
+ VOID
+ );
+
+/**
+ Run tests for SecureSystemAgentConfiguration bit
+**/
+VOID
+CheckSecureSystemAgentConfiguration (
+ VOID
+ );
+
+/**
+ Run tests for SecureMemoryMapConfiguration bit
+**/
+VOID
+CheckSecureMemoryMapConfiguration (
+ VOID
+ );
+
+/**
+ Run tests for SecureIntegratedGraphicsConfiguration bit
+**/
+VOID
+CheckSecureIntegratedGraphicsConfiguration (
+ VOID
+ );
+
+/**
+ Run tests for SecurePCHConfiguration bit
+**/
+VOID
+CheckSecurePchConfiguration (
+ VOID
+ );
+
+//
+// Help function
+//
+
+/**
+ Initialize MP Helper
+**/
+VOID
+InitMp (
+ VOID
+ );
+
+/**
+ Concatenate error string.
+
+ @retval UINTN - CpuNumber.
+**/
+UINTN
+GetCpuNumber (
+ VOID
+ );
+
+
+/**
+ Concatenate error string.
+
+ @param[in] ProcessorNumber - Processor ID
+ @param[in] Index - Index
+
+ @retval UINT64 - Msr Value.
+**/
+UINT64
+ProcessorReadMsr64 (
+ IN UINTN ProcessorNumber,
+ IN UINT32 Index
+ );
+
+/**
+ Concatenate error string.
+
+ @param[in] ProcessorNumber - Processor ID
+ @param[in] Index - Index
+ @param[out] Eax - Eax
+ @param[out] Ebx - Ebx
+ @param[out] Ecx - Ecx
+ @param[out] Edx - Edx
+**/
+VOID
+ProcessorCpuid (
+ IN UINTN ProcessorNumber,
+ IN UINT32 Index,
+ OUT UINT32 *Eax, OPTIONAL
+ OUT UINT32 *Ebx, OPTIONAL
+ OUT UINT32 *Ecx, OPTIONAL
+ OUT UINT32 *Edx OPTIONAL
+ );
+
+/**
+ Concatenate error string.
+
+ @param[in] Address - Address
+
+ @retval UINT64 - Value.
+**/
+UINT64
+EFIAPI
+PciRead64 (
+ IN UINTN Address
+ );
+
+#endif
|