2018-06-27 15:13:09 +02:00
|
|
|
/** @file
|
2011-09-02 09:49:32 +02:00
|
|
|
This module implements TCG EFI Protocol.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2012-08-17 09:59:51 +02:00
|
|
|
Caution: This module requires additional review when modified.
|
|
|
|
This driver will have external input - TcgDxePassThroughToTpm
|
|
|
|
This external input must be validated carefully to avoid security issue like
|
|
|
|
buffer overflow, integer overflow.
|
|
|
|
|
|
|
|
TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
|
2016-04-28 22:41:28 +02:00
|
|
|
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
|
2019-04-04 01:06:56 +02:00
|
|
|
SPDX-License-Identifier: BSD-2-Clause-Patent
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
**/
|
|
|
|
|
|
|
|
#include <PiDxe.h>
|
|
|
|
#include <IndustryStandard/Tpm12.h>
|
|
|
|
#include <IndustryStandard/Acpi.h>
|
|
|
|
#include <IndustryStandard/PeImage.h>
|
2013-09-18 07:31:18 +02:00
|
|
|
#include <IndustryStandard/TcpaAcpi.h>
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
#include <Guid/GlobalVariable.h>
|
|
|
|
#include <Guid/HobList.h>
|
|
|
|
#include <Guid/TcgEventHob.h>
|
|
|
|
#include <Guid/EventGroup.h>
|
2012-08-02 08:33:10 +02:00
|
|
|
#include <Guid/EventExitBootServiceFailed.h>
|
2013-09-18 07:31:18 +02:00
|
|
|
#include <Guid/TpmInstance.h>
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
#include <Protocol/DevicePath.h>
|
|
|
|
#include <Protocol/TcgService.h>
|
|
|
|
#include <Protocol/AcpiTable.h>
|
2012-11-28 02:32:51 +01:00
|
|
|
#include <Protocol/MpService.h>
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
#include <Library/DebugLib.h>
|
|
|
|
#include <Library/BaseMemoryLib.h>
|
|
|
|
#include <Library/UefiRuntimeServicesTableLib.h>
|
|
|
|
#include <Library/UefiDriverEntryPoint.h>
|
|
|
|
#include <Library/HobLib.h>
|
|
|
|
#include <Library/UefiBootServicesTableLib.h>
|
|
|
|
#include <Library/BaseLib.h>
|
|
|
|
#include <Library/MemoryAllocationLib.h>
|
|
|
|
#include <Library/PrintLib.h>
|
2016-01-21 20:29:28 +01:00
|
|
|
#include <Library/Tpm12DeviceLib.h>
|
2011-09-02 09:49:32 +02:00
|
|
|
#include <Library/PcdLib.h>
|
|
|
|
#include <Library/UefiLib.h>
|
2015-01-12 04:21:00 +01:00
|
|
|
#include <Library/ReportStatusCodeLib.h>
|
2016-01-21 20:30:21 +01:00
|
|
|
#include <Library/Tpm12CommandLib.h>
|
|
|
|
#include <Library/BaseCryptLib.h>
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
#define TCG_DXE_DATA_FROM_THIS(this) \
|
|
|
|
BASE_CR (this, TCG_DXE_DATA, TcgProtocol)
|
|
|
|
|
|
|
|
typedef struct _TCG_DXE_DATA {
|
|
|
|
EFI_TCG_PROTOCOL TcgProtocol;
|
|
|
|
TCG_EFI_BOOT_SERVICE_CAPABILITY BsCap;
|
|
|
|
EFI_TCG_CLIENT_ACPI_TABLE *TcgClientAcpiTable;
|
|
|
|
EFI_TCG_SERVER_ACPI_TABLE *TcgServerAcpiTable;
|
|
|
|
UINTN EventLogSize;
|
|
|
|
UINT8 *LastEvent;
|
|
|
|
} TCG_DXE_DATA;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
EFI_TCG_CLIENT_ACPI_TABLE mTcgClientAcpiTemplate = {
|
|
|
|
{
|
|
|
|
EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
|
|
|
|
sizeof (mTcgClientAcpiTemplate),
|
|
|
|
0x02 //Revision
|
|
|
|
//
|
|
|
|
// Compiler initializes the remaining bytes to 0
|
|
|
|
// These fields should be filled in in production
|
|
|
|
//
|
|
|
|
},
|
|
|
|
0, // 0 for PC Client Platform Class
|
|
|
|
0, // Log Area Max Length
|
|
|
|
(EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1) // Log Area Start Address
|
|
|
|
};
|
|
|
|
|
|
|
|
//
|
|
|
|
// The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
|
2019-10-09 09:20:15 +02:00
|
|
|
// the TPM device connects to LPC, and also defined the ACPI _UID as 0xFF,
|
2018-06-27 15:13:09 +02:00
|
|
|
// this _UID can be changed and should match with the _UID setting of the TPM
|
|
|
|
// ACPI device object
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
|
|
|
EFI_TCG_SERVER_ACPI_TABLE mTcgServerAcpiTemplate = {
|
|
|
|
{
|
|
|
|
EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
|
|
|
|
sizeof (mTcgServerAcpiTemplate),
|
|
|
|
0x02 //Revision
|
|
|
|
//
|
|
|
|
// Compiler initializes the remaining bytes to 0
|
|
|
|
// These fields should be filled in in production
|
|
|
|
//
|
|
|
|
},
|
|
|
|
1, // 1 for Server Platform Class
|
|
|
|
0, // Reserved
|
|
|
|
0, // Log Area Max Length
|
|
|
|
(EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1), // Log Area Start Address
|
2016-04-28 22:41:28 +02:00
|
|
|
0x0120, // TCG Specification revision 1.2
|
|
|
|
0, // Device Flags
|
2011-09-02 09:49:32 +02:00
|
|
|
0, // Interrupt Flags
|
|
|
|
0, // GPE
|
|
|
|
{0}, // Reserved 3 bytes
|
|
|
|
0, // Global System Interrupt
|
|
|
|
{
|
|
|
|
EFI_ACPI_3_0_SYSTEM_MEMORY,
|
|
|
|
0,
|
|
|
|
0,
|
|
|
|
EFI_ACPI_3_0_BYTE,
|
2016-01-21 20:29:28 +01:00
|
|
|
0 // Base Address
|
2011-09-02 09:49:32 +02:00
|
|
|
},
|
|
|
|
0, // Reserved
|
|
|
|
{0}, // Configuration Address
|
|
|
|
0xFF, // ACPI _UID value of the device, can be changed for different platforms
|
|
|
|
0, // ACPI _UID value of the device, can be changed for different platforms
|
|
|
|
0, // ACPI _UID value of the device, can be changed for different platforms
|
|
|
|
0 // ACPI _UID value of the device, can be changed for different platforms
|
|
|
|
};
|
|
|
|
|
|
|
|
UINTN mBootAttempts = 0;
|
|
|
|
CHAR16 mBootVarName[] = L"BootOrder";
|
|
|
|
|
2012-11-28 02:32:51 +01:00
|
|
|
/**
|
|
|
|
Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function
|
|
|
|
Caller is responsible to free LocationBuf.
|
|
|
|
|
|
|
|
@param[out] LocationBuf Returns Processor Location Buffer.
|
|
|
|
@param[out] Num Returns processor number.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_UNSUPPORTED MpService protocol not found.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
GetProcessorsCpuLocation (
|
|
|
|
OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf,
|
|
|
|
OUT UINTN *Num
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
EFI_MP_SERVICES_PROTOCOL *MpProtocol;
|
|
|
|
UINTN ProcessorNum;
|
|
|
|
UINTN EnabledProcessorNum;
|
|
|
|
EFI_PROCESSOR_INFORMATION ProcessorInfo;
|
|
|
|
EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
|
|
|
|
UINTN Index;
|
|
|
|
|
|
|
|
Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **) &MpProtocol);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
//
|
|
|
|
// MP protocol is not installed
|
|
|
|
//
|
|
|
|
return EFI_UNSUPPORTED;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = MpProtocol->GetNumberOfProcessors(
|
|
|
|
MpProtocol,
|
|
|
|
&ProcessorNum,
|
|
|
|
&EnabledProcessorNum
|
|
|
|
);
|
|
|
|
if (EFI_ERROR(Status)){
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = gBS->AllocatePool(
|
|
|
|
EfiBootServicesData,
|
|
|
|
sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
|
2012-11-29 03:12:32 +01:00
|
|
|
(VOID **) &ProcessorLocBuf
|
2012-11-28 02:32:51 +01:00
|
|
|
);
|
|
|
|
if (EFI_ERROR(Status)){
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get each processor Location info
|
|
|
|
//
|
|
|
|
for (Index = 0; Index < ProcessorNum; Index++) {
|
|
|
|
Status = MpProtocol->GetProcessorInfo(
|
|
|
|
MpProtocol,
|
|
|
|
Index,
|
|
|
|
&ProcessorInfo
|
|
|
|
);
|
|
|
|
if (EFI_ERROR(Status)){
|
|
|
|
FreePool(ProcessorLocBuf);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Get all Processor Location info & measure
|
|
|
|
//
|
|
|
|
CopyMem(
|
|
|
|
&ProcessorLocBuf[Index],
|
|
|
|
&ProcessorInfo.Location,
|
|
|
|
sizeof(EFI_CPU_PHYSICAL_LOCATION)
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
*LocationBuf = ProcessorLocBuf;
|
|
|
|
*Num = ProcessorNum;
|
|
|
|
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
/**
|
2018-06-27 15:13:09 +02:00
|
|
|
This service provides EFI protocol capability information, state information
|
2011-09-02 09:49:32 +02:00
|
|
|
about the TPM, and Event Log state information.
|
|
|
|
|
|
|
|
@param[in] This Indicates the calling context
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
|
|
|
|
structure and fills in the fields with the EFI protocol
|
2011-09-02 09:49:32 +02:00
|
|
|
capability information and the current TPM state information.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] TCGFeatureFlags This is a pointer to the feature flags. No feature
|
|
|
|
flags are currently defined so this parameter
|
|
|
|
MUST be set to 0. However, in the future,
|
|
|
|
feature flags may be defined that, for example,
|
2011-09-02 09:49:32 +02:00
|
|
|
enable hash algorithm agility.
|
|
|
|
@param[out] EventLogLocation This is a pointer to the address of the event log in memory.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] EventLogLastEntry If the Event Log contains more than one entry,
|
|
|
|
this is a pointer to the address of the start of
|
|
|
|
the last entry in the event log in memory.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_INVALID_PARAMETER ProtocolCapability does not match TCG capability.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeStatusCheck (
|
|
|
|
IN EFI_TCG_PROTOCOL *This,
|
|
|
|
OUT TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability,
|
|
|
|
OUT UINT32 *TCGFeatureFlags,
|
|
|
|
OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
|
|
|
|
OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
|
|
|
|
)
|
|
|
|
{
|
|
|
|
TCG_DXE_DATA *TcgData;
|
|
|
|
|
|
|
|
TcgData = TCG_DXE_DATA_FROM_THIS (This);
|
|
|
|
|
|
|
|
if (ProtocolCapability != NULL) {
|
|
|
|
*ProtocolCapability = TcgData->BsCap;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (TCGFeatureFlags != NULL) {
|
|
|
|
*TCGFeatureFlags = 0;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (EventLogLocation != NULL) {
|
|
|
|
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
|
|
|
|
*EventLogLocation = TcgData->TcgClientAcpiTable->Lasa;
|
|
|
|
} else {
|
|
|
|
*EventLogLocation = TcgData->TcgServerAcpiTable->Lasa;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (EventLogLastEntry != NULL) {
|
2015-01-13 02:18:11 +01:00
|
|
|
if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
|
2011-09-02 09:49:32 +02:00
|
|
|
*EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;
|
|
|
|
} else {
|
|
|
|
*EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)TcgData->LastEvent;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2016-01-21 20:30:21 +01:00
|
|
|
/**
|
|
|
|
Single function calculates SHA1 digest value for all raw data. It
|
|
|
|
combines Sha1Init(), Sha1Update() and Sha1Final().
|
|
|
|
|
|
|
|
@param[in] Data Raw data to be digested.
|
|
|
|
@param[in] DataLen Size of the raw data.
|
|
|
|
@param[out] Digest Pointer to a buffer that stores the final digest.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Always successfully calculate the final digest.
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TpmCommHashAll (
|
|
|
|
IN CONST UINT8 *Data,
|
|
|
|
IN UINTN DataLen,
|
|
|
|
OUT TPM_DIGEST *Digest
|
|
|
|
)
|
|
|
|
{
|
|
|
|
VOID *Sha1Ctx;
|
|
|
|
UINTN CtxSize;
|
|
|
|
|
|
|
|
CtxSize = Sha1GetContextSize ();
|
|
|
|
Sha1Ctx = AllocatePool (CtxSize);
|
|
|
|
ASSERT (Sha1Ctx != NULL);
|
|
|
|
|
|
|
|
Sha1Init (Sha1Ctx);
|
|
|
|
Sha1Update (Sha1Ctx, Data, DataLen);
|
|
|
|
Sha1Final (Sha1Ctx, (UINT8 *)Digest);
|
|
|
|
|
|
|
|
FreePool (Sha1Ctx);
|
|
|
|
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
/**
|
|
|
|
This service abstracts the capability to do a hash operation on a data buffer.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] This Indicates the calling context
|
|
|
|
@param[in] HashData Pointer to the data buffer to be hashed
|
|
|
|
@param[in] HashDataLen Length of the data buffer to be hashed
|
|
|
|
@param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
|
|
|
|
@param[in, out] HashedDataLen Resultant length of the hashed data
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in, out] HashedDataResult Resultant buffer of the hashed data
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_INVALID_PARAMETER HashDataLen is NULL.
|
|
|
|
@retval EFI_INVALID_PARAMETER HashDataLenResult is NULL.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Cannot allocate buffer of size *HashedDataLen.
|
|
|
|
@retval EFI_UNSUPPORTED AlgorithmId not supported.
|
|
|
|
@retval EFI_BUFFER_TOO_SMALL *HashedDataLen < sizeof (TCG_DIGEST).
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeHashAll (
|
|
|
|
IN EFI_TCG_PROTOCOL *This,
|
|
|
|
IN UINT8 *HashData,
|
|
|
|
IN UINT64 HashDataLen,
|
|
|
|
IN TCG_ALGORITHM_ID AlgorithmId,
|
|
|
|
IN OUT UINT64 *HashedDataLen,
|
|
|
|
IN OUT UINT8 **HashedDataResult
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if (HashedDataLen == NULL || HashedDataResult == NULL) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
|
|
|
switch (AlgorithmId) {
|
|
|
|
case TPM_ALG_SHA:
|
|
|
|
if (*HashedDataLen == 0) {
|
|
|
|
*HashedDataLen = sizeof (TPM_DIGEST);
|
|
|
|
*HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
|
|
|
|
if (*HashedDataResult == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if (*HashedDataLen < sizeof (TPM_DIGEST)) {
|
|
|
|
*HashedDataLen = sizeof (TPM_DIGEST);
|
|
|
|
return EFI_BUFFER_TOO_SMALL;
|
|
|
|
}
|
|
|
|
*HashedDataLen = sizeof (TPM_DIGEST);
|
|
|
|
|
2016-04-28 22:41:28 +02:00
|
|
|
if (*HashedDataResult == NULL) {
|
|
|
|
*HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
|
2018-06-27 15:13:09 +02:00
|
|
|
}
|
2012-07-26 07:17:35 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
return TpmCommHashAll (
|
|
|
|
HashData,
|
|
|
|
(UINTN) HashDataLen,
|
|
|
|
(TPM_DIGEST*)*HashedDataResult
|
|
|
|
);
|
|
|
|
default:
|
|
|
|
return EFI_UNSUPPORTED;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2016-01-21 20:30:21 +01:00
|
|
|
/**
|
|
|
|
Add a new entry to the Event Log.
|
|
|
|
|
|
|
|
@param[in, out] EventLogPtr Pointer to the Event Log data.
|
|
|
|
@param[in, out] LogSize Size of the Event Log.
|
|
|
|
@param[in] MaxSize Maximum size of the Event Log.
|
|
|
|
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
|
|
|
|
@param[in] NewEventData Pointer to the new event data.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS The new event log entry was added.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
TpmCommLogEvent (
|
|
|
|
IN OUT UINT8 **EventLogPtr,
|
|
|
|
IN OUT UINTN *LogSize,
|
|
|
|
IN UINTN MaxSize,
|
|
|
|
IN TCG_PCR_EVENT_HDR *NewEventHdr,
|
|
|
|
IN UINT8 *NewEventData
|
|
|
|
)
|
|
|
|
{
|
|
|
|
UINTN NewLogSize;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Prevent Event Overflow
|
|
|
|
//
|
2017-01-06 09:10:09 +01:00
|
|
|
if ((UINTN) NewEventHdr->EventSize > MAX_UINTN - sizeof (*NewEventHdr)) {
|
2016-01-21 20:30:21 +01:00
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
NewLogSize = sizeof (*NewEventHdr) + NewEventHdr->EventSize;
|
|
|
|
if (NewLogSize > MaxSize - *LogSize) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
*EventLogPtr += *LogSize;
|
|
|
|
*LogSize += NewLogSize;
|
|
|
|
CopyMem (*EventLogPtr, NewEventHdr, sizeof (*NewEventHdr));
|
|
|
|
CopyMem (
|
|
|
|
*EventLogPtr + sizeof (*NewEventHdr),
|
|
|
|
NewEventData,
|
|
|
|
NewEventHdr->EventSize
|
|
|
|
);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
/**
|
|
|
|
Add a new entry to the Event Log.
|
|
|
|
|
|
|
|
@param[in] TcgData TCG_DXE_DATA structure.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
|
|
|
|
@param[in] NewEventData Pointer to the new event data.
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS The new event log entry was added.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeLogEventI (
|
|
|
|
IN TCG_DXE_DATA *TcgData,
|
|
|
|
IN TCG_PCR_EVENT_HDR *NewEventHdr,
|
|
|
|
IN UINT8 *NewEventData
|
|
|
|
)
|
|
|
|
{
|
|
|
|
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
|
|
|
|
TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgClientAcpiTable->Lasa;
|
|
|
|
return TpmCommLogEvent (
|
|
|
|
&TcgData->LastEvent,
|
|
|
|
&TcgData->EventLogSize,
|
|
|
|
(UINTN)TcgData->TcgClientAcpiTable->Laml,
|
|
|
|
NewEventHdr,
|
|
|
|
NewEventData
|
|
|
|
);
|
|
|
|
} else {
|
|
|
|
TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgServerAcpiTable->Lasa;
|
|
|
|
return TpmCommLogEvent (
|
|
|
|
&TcgData->LastEvent,
|
|
|
|
&TcgData->EventLogSize,
|
|
|
|
(UINTN)TcgData->TcgServerAcpiTable->Laml,
|
|
|
|
NewEventHdr,
|
|
|
|
NewEventData
|
|
|
|
);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
This service abstracts the capability to add an entry to the Event Log.
|
|
|
|
|
|
|
|
@param[in] This Indicates the calling context
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] TCGLogData Pointer to the start of the data buffer containing
|
|
|
|
the TCG_PCR_EVENT data structure. All fields in
|
2011-09-02 09:49:32 +02:00
|
|
|
this structure are properly filled by the caller.
|
|
|
|
@param[in, out] EventNumber The event number of the event just logged
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] Flags Indicate additional flags. Only one flag has been
|
|
|
|
defined at this time, which is 0x01 and means the
|
|
|
|
extend operation should not be performed. All
|
|
|
|
other bits are reserved.
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Insufficient memory in the event log to complete this action.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeLogEvent (
|
|
|
|
IN EFI_TCG_PROTOCOL *This,
|
|
|
|
IN TCG_PCR_EVENT *TCGLogData,
|
|
|
|
IN OUT UINT32 *EventNumber,
|
|
|
|
IN UINT32 Flags
|
|
|
|
)
|
|
|
|
{
|
|
|
|
TCG_DXE_DATA *TcgData;
|
|
|
|
|
2012-08-21 04:12:43 +02:00
|
|
|
if (TCGLogData == NULL){
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
TcgData = TCG_DXE_DATA_FROM_THIS (This);
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2015-01-13 02:18:11 +01:00
|
|
|
if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
|
2011-09-02 09:49:32 +02:00
|
|
|
return EFI_DEVICE_ERROR;
|
|
|
|
}
|
|
|
|
return TcgDxeLogEventI (
|
|
|
|
TcgData,
|
|
|
|
(TCG_PCR_EVENT_HDR*)TCGLogData,
|
|
|
|
TCGLogData->Event
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
This service is a proxy for commands to the TPM.
|
|
|
|
|
|
|
|
@param[in] This Indicates the calling context
|
|
|
|
@param[in] TpmInputParameterBlockSize Size of the TPM input parameter block
|
|
|
|
@param[in] TpmInputParameterBlock Pointer to the TPM input parameter block
|
|
|
|
@param[in] TpmOutputParameterBlockSize Size of the TPM output parameter block
|
|
|
|
@param[in] TpmOutputParameterBlock Pointer to the TPM output parameter block
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_INVALID_PARAMETER Invalid ordinal.
|
|
|
|
@retval EFI_UNSUPPORTED Current Task Priority Level >= EFI_TPL_CALLBACK.
|
|
|
|
@retval EFI_TIMEOUT The TIS timed-out.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxePassThroughToTpm (
|
|
|
|
IN EFI_TCG_PROTOCOL *This,
|
|
|
|
IN UINT32 TpmInputParameterBlockSize,
|
|
|
|
IN UINT8 *TpmInputParameterBlock,
|
|
|
|
IN UINT32 TpmOutputParameterBlockSize,
|
|
|
|
IN UINT8 *TpmOutputParameterBlock
|
|
|
|
)
|
|
|
|
{
|
2018-06-27 15:13:09 +02:00
|
|
|
if (TpmInputParameterBlock == NULL ||
|
|
|
|
TpmOutputParameterBlock == NULL ||
|
2012-08-17 09:59:51 +02:00
|
|
|
TpmInputParameterBlockSize == 0 ||
|
|
|
|
TpmOutputParameterBlockSize == 0) {
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
2016-01-21 20:30:21 +01:00
|
|
|
return Tpm12SubmitCommand (
|
|
|
|
TpmInputParameterBlockSize,
|
2011-09-02 09:49:32 +02:00
|
|
|
TpmInputParameterBlock,
|
2016-01-21 20:30:21 +01:00
|
|
|
&TpmOutputParameterBlockSize,
|
|
|
|
TpmOutputParameterBlock
|
2011-09-02 09:49:32 +02:00
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
|
|
|
|
and add an entry to the Event Log.
|
|
|
|
|
|
|
|
@param[in] TcgData TCG_DXE_DATA structure.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] HashData Physical address of the start of the data buffer
|
2011-09-02 09:49:32 +02:00
|
|
|
to be hashed, extended, and logged.
|
|
|
|
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
|
|
|
|
@param[in] NewEventData Pointer to the new event data.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
|
|
|
|
@retval EFI_DEVICE_ERROR The command was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeHashLogExtendEventI (
|
|
|
|
IN TCG_DXE_DATA *TcgData,
|
|
|
|
IN UINT8 *HashData,
|
|
|
|
IN UINT64 HashDataLen,
|
|
|
|
IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
|
|
|
|
IN UINT8 *NewEventData
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
|
2015-01-12 04:21:00 +01:00
|
|
|
if (!TcgData->BsCap.TPMPresentFlag) {
|
|
|
|
return EFI_DEVICE_ERROR;
|
2012-08-21 04:12:43 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if (HashDataLen > 0 || HashData != NULL) {
|
2011-09-02 09:49:32 +02:00
|
|
|
Status = TpmCommHashAll (
|
|
|
|
HashData,
|
|
|
|
(UINTN) HashDataLen,
|
|
|
|
&NewEventHdr->Digest
|
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR(Status)) {
|
|
|
|
DEBUG ((DEBUG_ERROR, "TpmCommHashAll Failed. %x\n", Status));
|
2015-01-12 04:21:00 +01:00
|
|
|
goto Done;
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
2016-01-21 20:30:21 +01:00
|
|
|
Status = Tpm12Extend (
|
2011-09-02 09:49:32 +02:00
|
|
|
&NewEventHdr->Digest,
|
|
|
|
NewEventHdr->PCRIndex,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
if (!EFI_ERROR (Status)) {
|
|
|
|
Status = TcgDxeLogEventI (TcgData, NewEventHdr, NewEventData);
|
|
|
|
}
|
|
|
|
|
2015-01-12 04:21:00 +01:00
|
|
|
Done:
|
|
|
|
if ((Status == EFI_DEVICE_ERROR) || (Status == EFI_TIMEOUT)) {
|
|
|
|
DEBUG ((EFI_D_ERROR, "TcgDxeHashLogExtendEventI - %r. Disable TPM.\n", Status));
|
|
|
|
TcgData->BsCap.TPMPresentFlag = FALSE;
|
|
|
|
REPORT_STATUS_CODE (
|
|
|
|
EFI_ERROR_CODE | EFI_ERROR_MINOR,
|
|
|
|
(PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
|
|
|
|
);
|
|
|
|
Status = EFI_DEVICE_ERROR;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
This service abstracts the capability to do a hash operation on a data buffer,
|
|
|
|
extend a specific TPM PCR with the hash result, and add an entry to the Event Log
|
|
|
|
|
|
|
|
@param[in] This Indicates the calling context
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] HashData Physical address of the start of the data buffer
|
2011-09-02 09:49:32 +02:00
|
|
|
to be hashed, extended, and logged.
|
|
|
|
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
|
|
|
|
@param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in, out] TCGLogData The physical address of the start of the data
|
2011-09-02 09:49:32 +02:00
|
|
|
buffer containing the TCG_PCR_EVENT data structure.
|
|
|
|
@param[in, out] EventNumber The event number of the event just logged.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] EventLogLastEntry Physical address of the first byte of the entry
|
|
|
|
just placed in the Event Log. If the Event Log was
|
|
|
|
empty when this function was called then this physical
|
|
|
|
address will be the same as the physical address of
|
2011-09-02 09:49:32 +02:00
|
|
|
the start of the Event Log.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_UNSUPPORTED AlgorithmId != TPM_ALG_SHA.
|
|
|
|
@retval EFI_UNSUPPORTED Current TPL >= EFI_TPL_CALLBACK.
|
|
|
|
@retval EFI_DEVICE_ERROR The command was unsuccessful.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgDxeHashLogExtendEvent (
|
|
|
|
IN EFI_TCG_PROTOCOL *This,
|
|
|
|
IN EFI_PHYSICAL_ADDRESS HashData,
|
|
|
|
IN UINT64 HashDataLen,
|
|
|
|
IN TPM_ALGORITHM_ID AlgorithmId,
|
|
|
|
IN OUT TCG_PCR_EVENT *TCGLogData,
|
|
|
|
IN OUT UINT32 *EventNumber,
|
|
|
|
OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
|
|
|
|
)
|
|
|
|
{
|
|
|
|
TCG_DXE_DATA *TcgData;
|
2012-08-23 05:17:33 +02:00
|
|
|
EFI_STATUS Status;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2012-08-21 04:12:43 +02:00
|
|
|
if (TCGLogData == NULL || EventLogLastEntry == NULL){
|
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
TcgData = TCG_DXE_DATA_FROM_THIS (This);
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2015-01-13 02:18:11 +01:00
|
|
|
if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
|
2011-09-02 09:49:32 +02:00
|
|
|
return EFI_DEVICE_ERROR;
|
|
|
|
}
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
if (AlgorithmId != TPM_ALG_SHA) {
|
|
|
|
return EFI_UNSUPPORTED;
|
|
|
|
}
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2015-01-13 02:18:11 +01:00
|
|
|
if (HashData == 0 && HashDataLen > 0) {
|
2015-01-12 04:21:00 +01:00
|
|
|
return EFI_INVALID_PARAMETER;
|
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2012-08-23 05:17:33 +02:00
|
|
|
Status = TcgDxeHashLogExtendEventI (
|
|
|
|
TcgData,
|
|
|
|
(UINT8 *) (UINTN) HashData,
|
|
|
|
HashDataLen,
|
|
|
|
(TCG_PCR_EVENT_HDR*)TCGLogData,
|
|
|
|
TCGLogData->Event
|
|
|
|
);
|
|
|
|
|
|
|
|
if (!EFI_ERROR(Status)){
|
|
|
|
*EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN) TcgData->LastEvent;
|
|
|
|
}
|
|
|
|
|
|
|
|
return Status;
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
TCG_DXE_DATA mTcgDxeData = {
|
|
|
|
{
|
|
|
|
TcgDxeStatusCheck,
|
|
|
|
TcgDxeHashAll,
|
|
|
|
TcgDxeLogEvent,
|
|
|
|
TcgDxePassThroughToTpm,
|
|
|
|
TcgDxeHashLogExtendEvent
|
|
|
|
},
|
|
|
|
{
|
|
|
|
sizeof (mTcgDxeData.BsCap),
|
|
|
|
{ 1, 2, 0, 0 },
|
|
|
|
{ 1, 2, 0, 0 },
|
|
|
|
1,
|
|
|
|
TRUE,
|
|
|
|
FALSE
|
|
|
|
},
|
|
|
|
&mTcgClientAcpiTemplate,
|
|
|
|
&mTcgServerAcpiTemplate,
|
|
|
|
0,
|
|
|
|
NULL
|
|
|
|
};
|
|
|
|
|
|
|
|
/**
|
|
|
|
Initialize the Event Log and log events passed from the PEI phase.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Out of memory.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
SetupEventLog (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
TCG_PCR_EVENT *TcgEvent;
|
|
|
|
EFI_PEI_HOB_POINTERS GuidHob;
|
|
|
|
EFI_PHYSICAL_ADDRESS Lasa;
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
|
|
|
|
Lasa = mTcgClientAcpiTemplate.Lasa;
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
Status = gBS->AllocatePages (
|
|
|
|
AllocateMaxAddress,
|
|
|
|
EfiACPIMemoryNVS,
|
2016-01-12 01:37:02 +01:00
|
|
|
EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
|
2011-09-02 09:49:32 +02:00
|
|
|
&Lasa
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
mTcgClientAcpiTemplate.Lasa = Lasa;
|
|
|
|
//
|
2018-06-27 15:13:09 +02:00
|
|
|
// To initialize them as 0xFF is recommended
|
2011-09-02 09:49:32 +02:00
|
|
|
// because the OS can know the last entry for that.
|
|
|
|
//
|
2016-01-12 01:37:02 +01:00
|
|
|
SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
|
|
|
|
mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
} else {
|
|
|
|
Lasa = mTcgServerAcpiTemplate.Lasa;
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
Status = gBS->AllocatePages (
|
|
|
|
AllocateMaxAddress,
|
|
|
|
EfiACPIMemoryNVS,
|
2016-01-12 01:37:02 +01:00
|
|
|
EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
|
2011-09-02 09:49:32 +02:00
|
|
|
&Lasa
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
mTcgServerAcpiTemplate.Lasa = Lasa;
|
|
|
|
//
|
2018-06-27 15:13:09 +02:00
|
|
|
// To initialize them as 0xFF is recommended
|
2011-09-02 09:49:32 +02:00
|
|
|
// because the OS can know the last entry for that.
|
|
|
|
//
|
2016-01-12 01:37:02 +01:00
|
|
|
SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
|
|
|
|
mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
GuidHob.Raw = GetHobList ();
|
2018-06-27 15:13:09 +02:00
|
|
|
while (!EFI_ERROR (Status) &&
|
2011-09-02 09:49:32 +02:00
|
|
|
(GuidHob.Raw = GetNextGuidHob (&gTcgEventEntryHobGuid, GuidHob.Raw)) != NULL) {
|
|
|
|
TcgEvent = GET_GUID_HOB_DATA (GuidHob.Guid);
|
|
|
|
GuidHob.Raw = GET_NEXT_HOB (GuidHob);
|
|
|
|
Status = TcgDxeLogEventI (
|
|
|
|
&mTcgDxeData,
|
|
|
|
(TCG_PCR_EVENT_HDR*)TcgEvent,
|
|
|
|
TcgEvent->Event
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Measure and log an action string, and extend the measurement result into PCR[5].
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] String A specific string that indicates an Action event.
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
TcgMeasureAction (
|
|
|
|
IN CHAR8 *String
|
|
|
|
)
|
|
|
|
{
|
|
|
|
TCG_PCR_EVENT_HDR TcgEvent;
|
|
|
|
|
|
|
|
TcgEvent.PCRIndex = 5;
|
|
|
|
TcgEvent.EventType = EV_EFI_ACTION;
|
|
|
|
TcgEvent.EventSize = (UINT32)AsciiStrLen (String);
|
|
|
|
return TcgDxeHashLogExtendEventI (
|
|
|
|
&mTcgDxeData,
|
|
|
|
(UINT8*)String,
|
|
|
|
TcgEvent.EventSize,
|
|
|
|
&TcgEvent,
|
|
|
|
(UINT8 *) String
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Measure and log EFI handoff tables, and extend the measurement result into PCR[1].
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MeasureHandoffTables (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
TCG_PCR_EVENT_HDR TcgEvent;
|
|
|
|
EFI_HANDOFF_TABLE_POINTERS HandoffTables;
|
2012-11-28 02:32:51 +01:00
|
|
|
UINTN ProcessorNum;
|
|
|
|
EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2014-07-28 09:45:49 +02:00
|
|
|
ProcessorLocBuf = NULL;
|
2015-10-27 04:54:08 +01:00
|
|
|
Status = EFI_SUCCESS;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2012-11-28 02:32:51 +01:00
|
|
|
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
|
|
|
|
//
|
2018-06-27 15:13:09 +02:00
|
|
|
// Tcg Server spec.
|
2012-11-28 02:32:51 +01:00
|
|
|
// Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
|
|
|
|
//
|
|
|
|
Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);
|
|
|
|
|
|
|
|
if (!EFI_ERROR(Status)){
|
|
|
|
TcgEvent.PCRIndex = 1;
|
|
|
|
TcgEvent.EventType = EV_TABLE_OF_DEVICES;
|
|
|
|
TcgEvent.EventSize = sizeof (HandoffTables);
|
|
|
|
|
|
|
|
HandoffTables.NumberOfTables = 1;
|
|
|
|
HandoffTables.TableEntry[0].VendorGuid = gEfiMpServiceProtocolGuid;
|
|
|
|
HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf;
|
|
|
|
|
|
|
|
Status = TcgDxeHashLogExtendEventI (
|
|
|
|
&mTcgDxeData,
|
|
|
|
(UINT8*)(UINTN)ProcessorLocBuf,
|
|
|
|
sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
|
|
|
|
&TcgEvent,
|
|
|
|
(UINT8*)&HandoffTables
|
|
|
|
);
|
|
|
|
|
|
|
|
FreePool(ProcessorLocBuf);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Measure and log Separator event, and extend the measurement result into a specific PCR.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] PCRIndex PCR index.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MeasureSeparatorEvent (
|
|
|
|
IN TPM_PCRINDEX PCRIndex
|
|
|
|
)
|
|
|
|
{
|
|
|
|
TCG_PCR_EVENT_HDR TcgEvent;
|
|
|
|
UINT32 EventData;
|
|
|
|
|
|
|
|
EventData = 0;
|
|
|
|
TcgEvent.PCRIndex = PCRIndex;
|
|
|
|
TcgEvent.EventType = EV_SEPARATOR;
|
|
|
|
TcgEvent.EventSize = (UINT32)sizeof (EventData);
|
|
|
|
return TcgDxeHashLogExtendEventI (
|
|
|
|
&mTcgDxeData,
|
|
|
|
(UINT8 *)&EventData,
|
|
|
|
sizeof (EventData),
|
|
|
|
&TcgEvent,
|
|
|
|
(UINT8 *)&EventData
|
|
|
|
);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Read an EFI Variable.
|
|
|
|
|
|
|
|
This function allocates a buffer to return the contents of the variable. The caller is
|
|
|
|
responsible for freeing the buffer.
|
|
|
|
|
|
|
|
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
|
|
|
|
@param[in] VendorGuid A unique identifier for the vendor.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] VarSize The size of the variable data.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@return A pointer to the buffer to return the contents of the variable.Otherwise NULL.
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID *
|
|
|
|
EFIAPI
|
|
|
|
ReadVariable (
|
|
|
|
IN CHAR16 *VarName,
|
|
|
|
IN EFI_GUID *VendorGuid,
|
|
|
|
OUT UINTN *VarSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
VOID *VarData;
|
|
|
|
|
|
|
|
*VarSize = 0;
|
|
|
|
Status = gRT->GetVariable (
|
|
|
|
VarName,
|
|
|
|
VendorGuid,
|
|
|
|
NULL,
|
|
|
|
VarSize,
|
|
|
|
NULL
|
|
|
|
);
|
|
|
|
if (Status != EFI_BUFFER_TOO_SMALL) {
|
|
|
|
return NULL;
|
|
|
|
}
|
|
|
|
|
|
|
|
VarData = AllocatePool (*VarSize);
|
|
|
|
if (VarData != NULL) {
|
|
|
|
Status = gRT->GetVariable (
|
|
|
|
VarName,
|
|
|
|
VendorGuid,
|
|
|
|
NULL,
|
|
|
|
VarSize,
|
|
|
|
VarData
|
|
|
|
);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
FreePool (VarData);
|
|
|
|
VarData = NULL;
|
|
|
|
*VarSize = 0;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
return VarData;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Measure and log an EFI variable, and extend the measurement result into a specific PCR.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] PCRIndex PCR Index.
|
|
|
|
@param[in] EventType Event type.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
|
|
|
|
@param[in] VendorGuid A unique identifier for the vendor.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] VarData The content of the variable data.
|
|
|
|
@param[in] VarSize The size of the variable data.
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Out of memory.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MeasureVariable (
|
|
|
|
IN TPM_PCRINDEX PCRIndex,
|
|
|
|
IN TCG_EVENTTYPE EventType,
|
|
|
|
IN CHAR16 *VarName,
|
|
|
|
IN EFI_GUID *VendorGuid,
|
|
|
|
IN VOID *VarData,
|
|
|
|
IN UINTN VarSize
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
TCG_PCR_EVENT_HDR TcgEvent;
|
|
|
|
UINTN VarNameLength;
|
|
|
|
EFI_VARIABLE_DATA *VarLog;
|
|
|
|
|
|
|
|
VarNameLength = StrLen (VarName);
|
|
|
|
TcgEvent.PCRIndex = PCRIndex;
|
|
|
|
TcgEvent.EventType = EventType;
|
|
|
|
TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
|
|
|
|
- sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
|
|
|
|
|
|
|
|
VarLog = (EFI_VARIABLE_DATA*)AllocatePool (TcgEvent.EventSize);
|
|
|
|
if (VarLog == NULL) {
|
|
|
|
return EFI_OUT_OF_RESOURCES;
|
|
|
|
}
|
|
|
|
|
|
|
|
VarLog->VariableName = *VendorGuid;
|
|
|
|
VarLog->UnicodeNameLength = VarNameLength;
|
|
|
|
VarLog->VariableDataLength = VarSize;
|
|
|
|
CopyMem (
|
|
|
|
VarLog->UnicodeName,
|
|
|
|
VarName,
|
|
|
|
VarNameLength * sizeof (*VarName)
|
|
|
|
);
|
|
|
|
CopyMem (
|
|
|
|
(CHAR16 *)VarLog->UnicodeName + VarNameLength,
|
|
|
|
VarData,
|
|
|
|
VarSize
|
|
|
|
);
|
|
|
|
|
|
|
|
Status = TcgDxeHashLogExtendEventI (
|
|
|
|
&mTcgDxeData,
|
2015-07-15 04:13:22 +02:00
|
|
|
(UINT8*)VarLog,
|
|
|
|
TcgEvent.EventSize,
|
2011-09-02 09:49:32 +02:00
|
|
|
&TcgEvent,
|
|
|
|
(UINT8*)VarLog
|
|
|
|
);
|
|
|
|
FreePool (VarLog);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[5].
|
|
|
|
|
|
|
|
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
|
|
|
|
@param[in] VendorGuid A unique identifier for the vendor.
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] VarSize The size of the variable data.
|
|
|
|
@param[out] VarData Pointer to the content of the variable.
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Out of memory.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
ReadAndMeasureBootVariable (
|
|
|
|
IN CHAR16 *VarName,
|
|
|
|
IN EFI_GUID *VendorGuid,
|
|
|
|
OUT UINTN *VarSize,
|
|
|
|
OUT VOID **VarData
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
|
|
|
|
*VarData = ReadVariable (VarName, VendorGuid, VarSize);
|
|
|
|
if (*VarData == NULL) {
|
|
|
|
return EFI_NOT_FOUND;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = MeasureVariable (
|
|
|
|
5,
|
|
|
|
EV_EFI_VARIABLE_BOOT,
|
|
|
|
VarName,
|
|
|
|
VendorGuid,
|
|
|
|
*VarData,
|
|
|
|
*VarSize
|
|
|
|
);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.
|
|
|
|
|
|
|
|
The EFI boot variables are BootOrder and Boot#### variables.
|
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_OUT_OF_RESOURCES Out of memory.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
MeasureAllBootVariables (
|
|
|
|
VOID
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
UINT16 *BootOrder;
|
|
|
|
UINTN BootCount;
|
|
|
|
UINTN Index;
|
|
|
|
VOID *BootVarData;
|
|
|
|
UINTN Size;
|
|
|
|
|
|
|
|
Status = ReadAndMeasureBootVariable (
|
|
|
|
mBootVarName,
|
|
|
|
&gEfiGlobalVariableGuid,
|
|
|
|
&BootCount,
|
|
|
|
(VOID **) &BootOrder
|
|
|
|
);
|
2014-12-10 09:21:05 +01:00
|
|
|
if (Status == EFI_NOT_FOUND || BootOrder == NULL) {
|
2011-09-02 09:49:32 +02:00
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (EFI_ERROR (Status)) {
|
2014-10-31 11:59:25 +01:00
|
|
|
//
|
|
|
|
// BootOrder can't be NULL if status is not EFI_NOT_FOUND
|
|
|
|
//
|
2011-09-02 09:49:32 +02:00
|
|
|
FreePool (BootOrder);
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
BootCount /= sizeof (*BootOrder);
|
|
|
|
for (Index = 0; Index < BootCount; Index++) {
|
|
|
|
UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);
|
|
|
|
Status = ReadAndMeasureBootVariable (
|
|
|
|
mBootVarName,
|
|
|
|
&gEfiGlobalVariableGuid,
|
|
|
|
&Size,
|
|
|
|
&BootVarData
|
|
|
|
);
|
|
|
|
if (!EFI_ERROR (Status)) {
|
|
|
|
FreePool (BootVarData);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
FreePool (BootOrder);
|
|
|
|
return EFI_SUCCESS;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Ready to Boot Event notification handler.
|
|
|
|
|
|
|
|
Sequence of OS boot events is measured in this event notification handler.
|
|
|
|
|
|
|
|
@param[in] Event Event whose notification function is being invoked
|
|
|
|
@param[in] Context Pointer to the notification function's context
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
OnReadyToBoot (
|
|
|
|
IN EFI_EVENT Event,
|
|
|
|
IN VOID *Context
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
TPM_PCRINDEX PcrIndex;
|
|
|
|
|
|
|
|
if (mBootAttempts == 0) {
|
|
|
|
|
|
|
|
//
|
|
|
|
// Measure handoff tables.
|
|
|
|
//
|
|
|
|
Status = MeasureHandoffTables ();
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((EFI_D_ERROR, "HOBs not Measured. Error!\n"));
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// Measure BootOrder & Boot#### variables.
|
|
|
|
//
|
|
|
|
Status = MeasureAllBootVariables ();
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((EFI_D_ERROR, "Boot Variables not Measured. Error!\n"));
|
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// 1. This is the first boot attempt.
|
|
|
|
//
|
|
|
|
Status = TcgMeasureAction (
|
|
|
|
EFI_CALLING_EFI_APPLICATION
|
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)) {
|
2016-01-07 23:24:22 +01:00
|
|
|
DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
//
|
|
|
|
// 2. Draw a line between pre-boot env and entering post-boot env.
|
|
|
|
//
|
|
|
|
for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {
|
|
|
|
Status = MeasureSeparatorEvent (PcrIndex);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)) {
|
2016-11-15 08:39:26 +01:00
|
|
|
DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
//
|
|
|
|
// 3. Measure GPT. It would be done in SAP driver.
|
|
|
|
//
|
|
|
|
|
|
|
|
//
|
|
|
|
// 4. Measure PE/COFF OS loader. It would be done in SAP driver.
|
|
|
|
//
|
|
|
|
|
|
|
|
//
|
|
|
|
// 5. Read & Measure variable. BootOrder already measured.
|
|
|
|
//
|
|
|
|
} else {
|
|
|
|
//
|
|
|
|
// 6. Not first attempt, meaning a return from last attempt
|
|
|
|
//
|
|
|
|
Status = TcgMeasureAction (
|
2018-12-19 04:44:34 +01:00
|
|
|
EFI_RETURNING_FROM_EFI_APPLICATION
|
2011-09-02 09:49:32 +02:00
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)) {
|
2018-12-19 04:44:34 +01:00
|
|
|
DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATION));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
DEBUG ((EFI_D_INFO, "TPM TcgDxe Measure Data when ReadyToBoot\n"));
|
|
|
|
//
|
|
|
|
// Increase boot attempt counter.
|
|
|
|
//
|
|
|
|
mBootAttempts++;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Install TCG ACPI Table when ACPI Table Protocol is available.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
A system's firmware uses an ACPI table to identify the system's TCG capabilities
|
|
|
|
to the Post-Boot environment. The information in this ACPI table is not guaranteed
|
|
|
|
to be valid until the Host Platform transitions from pre-boot state to post-boot state.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@param[in] Event Event whose notification function is being invoked
|
|
|
|
@param[in] Context Pointer to the notification function's context
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
InstallAcpiTable (
|
|
|
|
IN EFI_EVENT Event,
|
|
|
|
IN VOID* Context
|
|
|
|
)
|
|
|
|
{
|
|
|
|
UINTN TableKey;
|
|
|
|
EFI_STATUS Status;
|
|
|
|
EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
|
|
|
|
UINT8 Checksum;
|
2013-09-16 04:20:52 +02:00
|
|
|
UINT64 OemTableId;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **)&AcpiTable);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
|
2013-09-16 04:20:52 +02:00
|
|
|
CopyMem (mTcgClientAcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTcgClientAcpiTemplate.Header.OemId));
|
|
|
|
OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);
|
|
|
|
CopyMem (&mTcgClientAcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));
|
|
|
|
mTcgClientAcpiTemplate.Header.OemRevision = PcdGet32 (PcdAcpiDefaultOemRevision);
|
|
|
|
mTcgClientAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId);
|
|
|
|
mTcgClientAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision);
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
2019-10-09 09:20:15 +02:00
|
|
|
// The ACPI table must be checksummed before calling the InstallAcpiTable()
|
2011-09-02 09:49:32 +02:00
|
|
|
// service of the ACPI table protocol to install it.
|
|
|
|
//
|
|
|
|
Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgClientAcpiTemplate, sizeof (mTcgClientAcpiTemplate));
|
|
|
|
mTcgClientAcpiTemplate.Header.Checksum = Checksum;
|
|
|
|
|
|
|
|
Status = AcpiTable->InstallAcpiTable (
|
|
|
|
AcpiTable,
|
|
|
|
&mTcgClientAcpiTemplate,
|
|
|
|
sizeof (mTcgClientAcpiTemplate),
|
|
|
|
&TableKey
|
|
|
|
);
|
|
|
|
} else {
|
2013-09-16 04:20:52 +02:00
|
|
|
CopyMem (mTcgServerAcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTcgServerAcpiTemplate.Header.OemId));
|
|
|
|
OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);
|
|
|
|
CopyMem (&mTcgServerAcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));
|
|
|
|
mTcgServerAcpiTemplate.Header.OemRevision = PcdGet32 (PcdAcpiDefaultOemRevision);
|
|
|
|
mTcgServerAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId);
|
|
|
|
mTcgServerAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision);
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
2019-10-09 09:20:15 +02:00
|
|
|
// The ACPI table must be checksummed before calling the InstallAcpiTable()
|
2011-09-02 09:49:32 +02:00
|
|
|
// service of the ACPI table protocol to install it.
|
|
|
|
//
|
|
|
|
Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));
|
|
|
|
mTcgServerAcpiTemplate.Header.Checksum = Checksum;
|
|
|
|
|
2016-01-21 20:29:28 +01:00
|
|
|
mTcgServerAcpiTemplate.BaseAddress.Address = PcdGet64 (PcdTpmBaseAddress);
|
2011-09-02 09:49:32 +02:00
|
|
|
Status = AcpiTable->InstallAcpiTable (
|
|
|
|
AcpiTable,
|
|
|
|
&mTcgServerAcpiTemplate,
|
|
|
|
sizeof (mTcgServerAcpiTemplate),
|
|
|
|
&TableKey
|
|
|
|
);
|
|
|
|
}
|
2014-10-31 11:59:25 +01:00
|
|
|
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG((EFI_D_ERROR, "Tcg Acpi Table installation failure"));
|
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
Exit Boot Services Event notification handler.
|
|
|
|
|
|
|
|
Measure invocation and success of ExitBootServices.
|
|
|
|
|
|
|
|
@param[in] Event Event whose notification function is being invoked
|
|
|
|
@param[in] Context Pointer to the notification function's context
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
OnExitBootServices (
|
|
|
|
IN EFI_EVENT Event,
|
|
|
|
IN VOID *Context
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Measure invocation of ExitBootServices,
|
|
|
|
//
|
|
|
|
Status = TcgMeasureAction (
|
|
|
|
EFI_EXIT_BOOT_SERVICES_INVOCATION
|
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)) {
|
2016-01-07 23:24:22 +01:00
|
|
|
DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
//
|
|
|
|
// Measure success of ExitBootServices
|
|
|
|
//
|
|
|
|
Status = TcgMeasureAction (
|
|
|
|
EFI_EXIT_BOOT_SERVICES_SUCCEEDED
|
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)){
|
2016-01-07 23:24:22 +01:00
|
|
|
DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
2012-08-02 08:33:10 +02:00
|
|
|
/**
|
|
|
|
Exit Boot Services Failed Event notification handler.
|
|
|
|
|
|
|
|
Measure Failure of ExitBootServices.
|
|
|
|
|
|
|
|
@param[in] Event Event whose notification function is being invoked
|
|
|
|
@param[in] Context Pointer to the notification function's context
|
|
|
|
|
|
|
|
**/
|
|
|
|
VOID
|
|
|
|
EFIAPI
|
|
|
|
OnExitBootServicesFailed (
|
|
|
|
IN EFI_EVENT Event,
|
|
|
|
IN VOID *Context
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
|
|
|
|
//
|
|
|
|
// Measure Failure of ExitBootServices,
|
|
|
|
//
|
|
|
|
Status = TcgMeasureAction (
|
|
|
|
EFI_EXIT_BOOT_SERVICES_FAILED
|
|
|
|
);
|
2014-10-31 11:59:25 +01:00
|
|
|
if (EFI_ERROR (Status)){
|
2016-01-07 23:24:22 +01:00
|
|
|
DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));
|
2014-10-31 11:59:25 +01:00
|
|
|
}
|
2012-08-02 08:33:10 +02:00
|
|
|
}
|
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
/**
|
|
|
|
Get TPM Deactivated state.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[out] TPMDeactivatedFlag Returns TPM Deactivated state.
|
2011-09-02 09:49:32 +02:00
|
|
|
|
|
|
|
@retval EFI_SUCCESS Operation completed successfully.
|
|
|
|
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
GetTpmStatus (
|
2016-01-21 20:30:21 +01:00
|
|
|
OUT BOOLEAN *TPMDeactivatedFlag
|
2011-09-02 09:49:32 +02:00
|
|
|
)
|
|
|
|
{
|
2016-01-21 20:30:21 +01:00
|
|
|
EFI_STATUS Status;
|
|
|
|
TPM_STCLEAR_FLAGS VolatileFlags;
|
2011-09-02 09:49:32 +02:00
|
|
|
|
2016-01-21 20:30:21 +01:00
|
|
|
Status = Tpm12GetCapabilityFlagVolatile (&VolatileFlags);
|
2011-09-02 09:49:32 +02:00
|
|
|
if (!EFI_ERROR (Status)) {
|
2016-01-21 20:30:21 +01:00
|
|
|
*TPMDeactivatedFlag = VolatileFlags.deactivated;
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
The driver's entry point.
|
|
|
|
|
|
|
|
It publishes EFI TCG Protocol.
|
|
|
|
|
2018-06-27 15:13:09 +02:00
|
|
|
@param[in] ImageHandle The firmware allocated handle for the EFI image.
|
2011-09-02 09:49:32 +02:00
|
|
|
@param[in] SystemTable A pointer to the EFI System Table.
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
@retval EFI_SUCCESS The entry point is executed successfully.
|
|
|
|
@retval other Some error occurs when executing this entry point.
|
|
|
|
|
|
|
|
**/
|
|
|
|
EFI_STATUS
|
|
|
|
EFIAPI
|
|
|
|
DriverEntry (
|
|
|
|
IN EFI_HANDLE ImageHandle,
|
|
|
|
IN EFI_SYSTEM_TABLE *SystemTable
|
|
|
|
)
|
|
|
|
{
|
|
|
|
EFI_STATUS Status;
|
|
|
|
EFI_EVENT Event;
|
|
|
|
VOID *Registration;
|
|
|
|
|
2013-09-18 07:31:18 +02:00
|
|
|
if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
|
|
|
|
DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n"));
|
|
|
|
return EFI_UNSUPPORTED;
|
|
|
|
}
|
|
|
|
|
2015-03-04 02:15:08 +01:00
|
|
|
if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
|
|
|
|
DEBUG ((EFI_D_ERROR, "TPM error!\n"));
|
|
|
|
return EFI_DEVICE_ERROR;
|
|
|
|
}
|
|
|
|
|
2016-01-21 20:29:28 +01:00
|
|
|
Status = Tpm12RequestUseTpm ();
|
2011-09-02 09:49:32 +02:00
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((EFI_D_ERROR, "TPM not detected!\n"));
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = GetTpmStatus (&mTcgDxeData.BsCap.TPMDeactivatedFlag);
|
|
|
|
if (EFI_ERROR (Status)) {
|
|
|
|
DEBUG ((
|
|
|
|
EFI_D_ERROR,
|
2017-06-08 04:16:40 +02:00
|
|
|
"DriverEntry: TPM not working properly\n"
|
2011-09-02 09:49:32 +02:00
|
|
|
));
|
|
|
|
return Status;
|
|
|
|
}
|
|
|
|
|
|
|
|
Status = gBS->InstallProtocolInterface (
|
|
|
|
&ImageHandle,
|
|
|
|
&gEfiTcgProtocolGuid,
|
|
|
|
EFI_NATIVE_INTERFACE,
|
|
|
|
&mTcgDxeData.TcgProtocol
|
|
|
|
);
|
2015-01-13 02:18:11 +01:00
|
|
|
if (!EFI_ERROR (Status) && (!mTcgDxeData.BsCap.TPMDeactivatedFlag) && mTcgDxeData.BsCap.TPMPresentFlag) {
|
2011-09-02 09:49:32 +02:00
|
|
|
//
|
|
|
|
// Setup the log area and copy event log from hob list to it
|
|
|
|
//
|
|
|
|
Status = SetupEventLog ();
|
|
|
|
ASSERT_EFI_ERROR (Status);
|
|
|
|
|
|
|
|
//
|
|
|
|
// Measure handoff tables, Boot#### variables etc.
|
|
|
|
//
|
|
|
|
Status = EfiCreateEventReadyToBootEx (
|
|
|
|
TPL_CALLBACK,
|
|
|
|
OnReadyToBoot,
|
|
|
|
NULL,
|
|
|
|
&Event
|
|
|
|
);
|
|
|
|
|
|
|
|
Status = gBS->CreateEventEx (
|
|
|
|
EVT_NOTIFY_SIGNAL,
|
|
|
|
TPL_NOTIFY,
|
|
|
|
OnExitBootServices,
|
|
|
|
NULL,
|
|
|
|
&gEfiEventExitBootServicesGuid,
|
|
|
|
&Event
|
|
|
|
);
|
2012-08-02 08:33:10 +02:00
|
|
|
|
|
|
|
//
|
2018-06-27 15:13:09 +02:00
|
|
|
// Measure Exit Boot Service failed
|
2012-08-02 08:33:10 +02:00
|
|
|
//
|
|
|
|
Status = gBS->CreateEventEx (
|
|
|
|
EVT_NOTIFY_SIGNAL,
|
|
|
|
TPL_NOTIFY,
|
|
|
|
OnExitBootServicesFailed,
|
|
|
|
NULL,
|
|
|
|
&gEventExitBootServicesFailedGuid,
|
|
|
|
&Event
|
|
|
|
);
|
2011-09-02 09:49:32 +02:00
|
|
|
}
|
|
|
|
|
2012-07-09 05:22:21 +02:00
|
|
|
//
|
|
|
|
// Install ACPI Table
|
|
|
|
//
|
|
|
|
EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);
|
2018-06-27 15:13:09 +02:00
|
|
|
|
2011-09-02 09:49:32 +02:00
|
|
|
return Status;
|
|
|
|
}
|