From 81ea49ac44e2c530694db5218b375caeca1fa584 Mon Sep 17 00:00:00 2001
From: Kun Qin <kuqin@microsoft.com>
Date: Thu, 14 May 2026 11:12:07 -0700
Subject: [PATCH 1/2] [DROP ON REBASE] SecurityPkg: Tcg2AcpiFfa: Fix endianness
 of partition ID Current Tcg2AcpiFfa will populate the partition ID in byte
 order of big- endian. This conflicts with the TCG ACPI Specification, which
 specifies the byte-order to be little-endian.

This change corrects the byte order population process by replacing the
platform parameter byte array with MdePkg defined structure.

Signed-off-by: Kun Qin <kun.qin@microsoft.com>

This re-applies the commit a270773cce476ed0be9eb9b6370164d1d1fb0796.
---
 SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c | 40 +++++++++++------------
 1 file changed, 20 insertions(+), 20 deletions(-)

diff --git a/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c b/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
index d7dec5030bb..122a396afcb 100644
--- a/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
+++ b/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
@@ -69,21 +69,21 @@ SPDX-License-Identifier: BSD-2-Clause-Patent
 #pragma pack(1)
 
 typedef struct {
-  EFI_ACPI_DESCRIPTION_HEADER    Header;
+  EFI_ACPI_DESCRIPTION_HEADER                               Header;
   // Flags field is replaced in version 4 and above
   //    BIT0~15:  PlatformClass      This field is only valid for version 4 and above
   //    BIT16~31: Reserved
-  UINT32                         Flags;
-  UINT64                         AddressOfControlArea;
-  UINT32                         StartMethod;
-  UINT8                          PlatformSpecificParameters[12]; // size up to 12
-  UINT32                         Laml;                           // Optional
-  UINT64                         Lasa;                           // Optional
-} EFI_TPM2_ACPI_TABLE_V4;
+  UINT32                                                    Flags;
+  UINT64                                                    AddressOfControlArea;
+  UINT32                                                    StartMethod;
+  EFI_TPM2_ACPI_START_METHOD_SPECIFIC_PARAMETERS_ARM_FFA    FfaParameters;
+  UINT32                                                    Laml; // Optional
+  UINT64                                                    Lasa; // Optional
+} EFI_TPM2_ACPI_TABLE_V5;
 
 #pragma pack()
 
-EFI_TPM2_ACPI_TABLE_V4  mTpm2AcpiTemplate = {
+EFI_TPM2_ACPI_TABLE_V5  mTpm2AcpiTemplate = {
   {
     EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,
     sizeof (mTpm2AcpiTemplate),
@@ -384,17 +384,17 @@ PublishTpm2 (
   PartitionId = PcdGet16 (PcdTpmServiceFfaPartitionId);
   ASSERT (PartitionId != 0);
   if (InterfaceType == Tpm2PtpInterfaceCrb) {
-    mTpm2AcpiTemplate.StartMethod                   = EFI_TPM2_ACPI_TABLE_START_METHOD_COMMAND_RESPONSE_BUFFER_INTERFACE_WITH_FFA;
-    mTpm2AcpiTemplate.AddressOfControlArea          = PcdGet64 (PcdTpmBaseAddress) + 0x40;
-    mTpm2AcpiTemplate.PlatformSpecificParameters[0] = 0x00;                           // Notifications Not Supported
-    mTpm2AcpiTemplate.PlatformSpecificParameters[1] = 0x00;                           // CRB 4KiB size, Not Cacheable
-    mTpm2AcpiTemplate.PlatformSpecificParameters[2] = (PartitionId >> 8) & MAX_UINT8; // HI Byte of Partition ID
-    mTpm2AcpiTemplate.PlatformSpecificParameters[3] = (PartitionId) & MAX_UINT8;      // LO Byte of Partition ID
-    ControlArea                                     = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN)mTpm2AcpiTemplate.AddressOfControlArea;
-    ControlArea->CommandSize                        = 0xF80;
-    ControlArea->ResponseSize                       = 0xF80;
-    ControlArea->Command                            = PcdGet64 (PcdTpmBaseAddress) + 0x80;
-    ControlArea->Response                           = PcdGet64 (PcdTpmBaseAddress) + 0x80;
+    mTpm2AcpiTemplate.StartMethod              = EFI_TPM2_ACPI_TABLE_START_METHOD_COMMAND_RESPONSE_BUFFER_INTERFACE_WITH_FFA;
+    mTpm2AcpiTemplate.AddressOfControlArea     = PcdGet64 (PcdTpmBaseAddress) + 0x40;
+    mTpm2AcpiTemplate.FfaParameters.Flags      = 0x00;           // Notifications Not Supported
+    mTpm2AcpiTemplate.FfaParameters.Attributes = (EFI_TPM2_ACPI_TABLE_ARM_FFA_PARAMETER_ATTR_CRB_REGION_SIZE_4KB << EFI_TPM2_ACPI_TABLE_ARM_FFA_PARAMETER_ATTR_CRB_REGION_SIZE_SHIFT) |
+                                                 (EFI_TPM2_ACPI_TABLE_ARM_FFA_PARAMETER_ATTR_MEM_TYPE_NOT_CACHABLE << EFI_TPM2_ACPI_TABLE_ARM_FFA_PARAMETER_ATTR_MEM_TYPE_SHIFT);
+    mTpm2AcpiTemplate.FfaParameters.PartitionId = PartitionId;   // Partition ID
+    ControlArea                                 = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN)mTpm2AcpiTemplate.AddressOfControlArea;
+    ControlArea->CommandSize                    = 0xF80;
+    ControlArea->ResponseSize                   = 0xF80;
+    ControlArea->Command                        = PcdGet64 (PcdTpmBaseAddress) + 0x80;
+    ControlArea->Response                       = PcdGet64 (PcdTpmBaseAddress) + 0x80;
   } else {
     DEBUG ((DEBUG_ERROR, "TPM2 InterfaceType get error! %d\n", InterfaceType));
     return EFI_UNSUPPORTED;

From 92695931fe7b7b2c1ef430ed8a7a39794ffa4b91 Mon Sep 17 00:00:00 2001
From: Kun Qin <kuqin@microsoft.com>
Date: Thu, 14 May 2026 11:12:26 -0700
Subject: [PATCH 2/2] [DROP ON REBASE] SecurityPkg: Tcg2AcpiFfa: Polish
 revision checks for TPM2 table Given the start method of FFA is only
 introduced in revision 5 of the TCG ACPI specification. A TPM2 table with FFA
 start method and lower than 5 revision should not be allowed.

This change updates the checks for revision PCD and removed a few
conditions based on new revision 5 assumptions.

Signed-off-by: Kun Qin <kun.qin@microsoft.com>

This re-applies the commit f1fc41cff2a2022e67da3f9f525f9087cf2de507.
---
 SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c | 14 ++++++++------
 1 file changed, 8 insertions(+), 6 deletions(-)

diff --git a/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c b/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
index 122a396afcb..c3ae72e6225 100644
--- a/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
+++ b/SecurityPkg/Tcg/Tcg2AcpiFfa/Tcg2AcpiFfa.c
@@ -362,16 +362,18 @@ PublishTpm2 (
   mTpm2AcpiTemplate.Header.Revision = PcdGet8 (PcdTpm2AcpiTableRev);
   DEBUG ((DEBUG_INFO, "Tpm2 ACPI table revision is %d\n", mTpm2AcpiTemplate.Header.Revision));
 
-  if (mTpm2AcpiTemplate.Header.Revision >= EFI_TPM2_ACPI_TABLE_REVISION_4) {
-    mTpm2AcpiTemplate.Flags = (mTpm2AcpiTemplate.Flags & 0xFFFF0000) | PcdGet8 (PcdTpmPlatformClass);
-    DEBUG ((DEBUG_INFO, "Tpm2 ACPI table PlatformClass is %d\n", (mTpm2AcpiTemplate.Flags & 0x0000FFFF)));
+  if (mTpm2AcpiTemplate.Header.Revision < EFI_TPM2_ACPI_TABLE_REVISION_5) {
+    DEBUG ((DEBUG_ERROR, "%a The minimum revision supported for TPM over FFA table is 5, not %d.\n", __func__, mTpm2AcpiTemplate.Header.Revision));
+    ASSERT (FALSE);
+    return EFI_UNSUPPORTED;
   }
 
+  mTpm2AcpiTemplate.Flags = (mTpm2AcpiTemplate.Flags & 0xFFFF0000) | PcdGet8 (PcdTpmPlatformClass);
+  DEBUG ((DEBUG_INFO, "Tpm2 ACPI table PlatformClass is %d\n", (mTpm2AcpiTemplate.Flags & 0x0000FFFF)));
+
   mTpm2AcpiTemplate.Laml = PcdGet32 (PcdTpm2AcpiTableLaml);
   mTpm2AcpiTemplate.Lasa = PcdGet64 (PcdTpm2AcpiTableLasa);
-  if ((mTpm2AcpiTemplate.Header.Revision < EFI_TPM2_ACPI_TABLE_REVISION_4) ||
-      (mTpm2AcpiTemplate.Laml == 0) || (mTpm2AcpiTemplate.Lasa == 0))
-  {
+  if ((mTpm2AcpiTemplate.Laml == 0) || (mTpm2AcpiTemplate.Lasa == 0)) {
     //
     // If version is smaller than 4 or Laml/Lasa is not valid, rollback to original Length.
     //