tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add TPM2 support defined in trusted computing group. 

TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification
TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification

Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated.
1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services.
2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP.
3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol.

Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Yao, Jiewen 2015-08-13 08:24:17 +00:00 committed by jyao1
parent 59b226d6d7
commit 1abfa4ce48
62 changed files with 9524 additions and 129 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
SecurityPkg/Include/Guid/Tcg2ConfigHii.h Normal file
View File

@ -0,0 +1,25 @@
/** @file
GUIDs used as HII FormSet and HII Package list GUID in Tcg2Config driver.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials are licensed and made available under
the terms and conditions of the BSD License that accompanies this distribution.
The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php.
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __TCG2_CONFIG_HII_GUID_H__
#define __TCG2_CONFIG_HII_GUID_H__
#define TCG2_CONFIG_FORM_SET_GUID \
{ \
0x6339d487, 0x26ba, 0x424b, { 0x9a, 0x5d, 0x68, 0x7e, 0x25, 0xd7, 0x40, 0xbc } \
}
extern EFI_GUID gTcg2ConfigFormSetGuid;
#endif

47
SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h Normal file
View File

@ -0,0 +1,47 @@
/** @file
Define the variable data structures used for TCG2 physical presence.
The TPM2 request from firmware or OS is saved to variable. And it is
cleared after it is processed in the next boot cycle. The TPM2 response
is saved to variable.
Copyright (c) 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__
#define __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__
#define EFI_TCG2_PHYSICAL_PRESENCE_DATA_GUID \
{ \
0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9, 0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 } \
}
#define TCG2_PHYSICAL_PRESENCE_VARIABLE L"Tcg2PhysicalPresence"
typedef struct {
UINT8 PPRequest; ///< Physical Presence request command.
UINT32 PPRequestParameter; ///< Physical Presence request Parameter.
UINT8 LastPPRequest;
UINT32 PPResponse;
} EFI_TCG2_PHYSICAL_PRESENCE;
//
// This variable is used to save TCG2 Management Flags and corresponding operations.
// It should be protected from malicious software (e.g. Set it as read-only variable).
//
#define TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE L"Tcg2PhysicalPresenceFlags"
typedef struct {
UINT32 PPFlags;
} EFI_TCG2_PHYSICAL_PRESENCE_FLAGS;
extern EFI_GUID gEfiTcg2PhysicalPresenceGuid;
#endif

9
SecurityPkg/Include/Guid/TcgEventHob.h
View File

@ -1,5 +1,5 @@
/** @file
Defines the HOB GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to
Defines the HOB GUID used to pass a TCG_PCR_EVENT or TCG_PCR_EVENT2 from a TPM PEIM to
a TPM DXE Driver. A GUIDed HOB is generated for each measurement
made in the PEI Phase.
@ -27,6 +27,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
extern EFI_GUID gTcgEventEntryHobGuid;
#define EFI_TCG_EVENT2_HOB_GUID \
{ \
0xd26c221e, 0x2430, 0x4c8a, { 0x91, 0x70, 0x3f, 0xcb, 0x45, 0x0, 0x41, 0x3f } \
}
extern EFI_GUID gTcgEvent2EntryHobGuid;
///
/// The Global ID of a GUIDed HOB used to record TPM device error.
///

160
SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h Normal file
View File

@ -0,0 +1,160 @@
/** @file
Ihis library is intended to be used by BDS modules.
This library will execute TPM2 request.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TCG2_PHYSICAL_PRESENCE_LIB_H_
#define _TCG2_PHYSICAL_PRESENCE_LIB_H_
#include <IndustryStandard/Tpm20.h>
#include <IndustryStandard/TcgPhysicalPresence.h>
#include <Protocol/Tcg2Protocol.h>
//
// UEFI TCG2 library definition bit of the BIOS TPM Management Flags
//
// BIT0 is reserved
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR BIT1
// BIT2 is reserved
#define TCG2_LIB_PP_FLAG_RESET_TRACK BIT3
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_ON BIT4
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF BIT5
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS BIT6
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS BIT7
//
// UEFI TCG2 library definition bit of the BIOS Information Flags
//
#define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_STORAGE_DISABLE BIT8
#define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_ENDORSEMENT_DISABLE BIT9
//
// UEFI TCG2 library definition bit of the BIOS Storage Management Flags
//
#define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID BIT16
#define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID BIT17
//
// Default value
//
#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT (TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF | \
TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR | \
TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS | \
TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS)
/**
Check and execute the pending TPM request.
The TPM request may come from OS or BIOS. This API will display request information and wait
for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
the TPM request is confirmed, and one or more reset may be required to make TPM request to
take effect.
This API should be invoked after console in and console out are all ready as they are required
to display request information and get user input to confirm the request.
@param PlatformAuth platform auth value. NULL means no platform auth change.
**/
VOID
EFIAPI
Tcg2PhysicalPresenceLibProcessRequest (
IN TPM2B_AUTH *PlatformAuth OPTIONAL
);
/**
Check if the pending TPM request needs user input to confirm.
The TPM request may come from OS. This API will check if TPM request exists and need user
input to confirmation.
@retval TRUE TPM needs input to confirm user physical presence.
@retval FALSE TPM doesn't need input to confirm user physical presence.
**/
BOOLEAN
EFIAPI
Tcg2PhysicalPresenceLibNeedUserConfirm (
VOID
);
/**
Return TPM2 ManagementFlags set by PP interface.
@retval ManagementFlags TPM2 Management Flags.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibGetManagementFlags (
VOID
);
/**
The handler for TPM physical presence function:
Return TPM Operation Response to OS Environment.
This API should be invoked in OS runtime phase to interface with ACPI method.
@param[out] MostRecentRequest Most recent operation request.
@param[out] Response Response to the most recent operation request.
@return Return Code for Return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
OUT UINT32 *MostRecentRequest,
OUT UINT32 *Response
);
/**
The handler for TPM physical presence function:
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
@param[in] OperationRequest TPM physical presence operation request.
@param[in] RequestParameter TPM physical presence operation request parameter.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 RequestParameter
);
/**
The handler for TPM physical presence function:
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
@param[in] OperationRequest TPM physical presence operation request.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest
);
#endif

129
SecurityPkg/Include/Library/Tcg2PpVendorLib.h Normal file
View File

@ -0,0 +1,129 @@
/** @file
Ihis library is to support TCG PC Client Platform Physical Presence Interface Specification
Family "2.0" part, >= 128 Vendor Specific PPI Operation.
The Vendor Specific PPI operation may change TPM state, BIOS TPM management
flags, and may need additional boot cycle.
Caution: This function may receive untrusted input.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TCG2_PP_VENDOR_LIB_H_
#define _TCG2_PP_VENDOR_LIB_H_
#include <IndustryStandard/Tpm20.h>
#include <Protocol/Tcg2Protocol.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
Tcg2PpVendorLibExecutePendingRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
);
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
Tcg2PpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
);
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[in] RequestParameter Extra parameter from the passed package.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
Tcg2PpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
IN UINT32 RequestParameter
);
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
Tcg2PpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
);
#endif

1245
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c Normal file
View File

File diff suppressed because it is too large Load Diff

69
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf Normal file
View File

@ -0,0 +1,69 @@
## @file
# Executes TPM 2.0 requests from OS or BIOS
#
# This library will check and execute TPM 2.0 request from OS or BIOS. The request may
# ask for user confirmation before execution.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = DxeTcg2PhysicalPresenceLib
MODULE_UNI_FILE = DxeTcg2PhysicalPresenceLib.uni
FILE_GUID = 7E507A86-DE8B-4AD3-BC4C-0498389098D3
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
DxeTcg2PhysicalPresenceLib.c
PhysicalPresenceStrings.uni
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
MemoryAllocationLib
UefiLib
UefiBootServicesTableLib
UefiDriverEntryPoint
UefiRuntimeServicesTableLib
BaseMemoryLib
DebugLib
PrintLib
HiiLib
HobLib
Tpm2CommandLib
Tcg2PpVendorLib
[Protocols]
gEfiTcg2ProtocolGuid ## CONSUMES
gEdkiiVariableLockProtocolGuid ## CONSUMES
[Guids]
## CONSUMES ## HII
## SOMETIMES_PRODUCES ## Variable:L"Tcg2PhysicalPresence"
## SOMETIMES_CONSUMES ## Variable:L"Tcg2PhysicalPresence"
## SOMETIMES_PRODUCES ## Variable:L"Tcg2PhysicalPresenceFlags"
## SOMETIMES_CONSUMES ## Variable:L"Tcg2PhysicalPresenceFlags"
gEfiTcg2PhysicalPresenceGuid

BIN
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/PhysicalPresenceStrings.uni Normal file
View File

Binary file not shown.

148
SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c
View File

@ -9,10 +9,10 @@
DxeTpm2MeasureBootLibImageRead() function will make sure the PE/COFF image content
read is within the image buffer.
TrEEMeasurePeImage() function will accept untrusted PE/COFF image and validate its
Tcg2MeasurePeImage() function will accept untrusted PE/COFF image and validate its
data structure within this image buffer before use.
TrEEMeasureGptTable() function will receive untrusted GPT partition table, and parse
Tcg2MeasureGptTable() function will receive untrusted GPT partition table, and parse
partition data carefully.
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
@ -28,7 +28,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <PiDxe.h>
#include <Protocol/TrEEProtocol.h>
#include <Protocol/Tcg2Protocol.h>
#include <Protocol/BlockIo.h>
#include <Protocol/DiskIo.h>
#include <Protocol/DevicePathToText.h>
@ -51,15 +51,15 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
//
// Flag to check GPT partition. It only need be measured once.
//
BOOLEAN mTrEEMeasureGptTableFlag = FALSE;
UINTN mTrEEMeasureGptCount = 0;
VOID *mTrEEFileBuffer;
UINTN mTrEEImageSize;
BOOLEAN mTcg2MeasureGptTableFlag = FALSE;
UINTN mTcg2MeasureGptCount = 0;
VOID *mTcg2FileBuffer;
UINTN mTcg2ImageSize;
//
// Measured FV handle cache
//
EFI_HANDLE mTrEECacheMeasuredHandle = NULL;
MEASURED_HOB_DATA *mTrEEMeasuredHobData = NULL;
EFI_HANDLE mTcg2CacheMeasuredHandle = NULL;
MEASURED_HOB_DATA *mTcg2MeasuredHobData = NULL;
/**
Reads contents of a PE/COFF image in memory buffer.
@ -96,11 +96,11 @@ DxeTpm2MeasureBootLibImageRead (
}
EndPosition = FileOffset + *ReadSize;
if (EndPosition > mTrEEImageSize) {
*ReadSize = (UINT32)(mTrEEImageSize - FileOffset);
if (EndPosition > mTcg2ImageSize) {
*ReadSize = (UINT32)(mTcg2ImageSize - FileOffset);
}
if (FileOffset >= mTrEEImageSize) {
if (FileOffset >= mTcg2ImageSize) {
*ReadSize = 0;
}
@ -115,7 +115,7 @@ DxeTpm2MeasureBootLibImageRead (
Caution: This function may receive untrusted input.
The GPT partition table is external input, so this function should parse partition data carefully.
@param TreeProtocol Pointer to the located TREE protocol instance.
@param Tcg2Protocol Pointer to the located TCG2 protocol instance.
@param GptHandle Handle that GPT partition was installed.
@retval EFI_SUCCESS Successfully measure GPT table.
@ -126,8 +126,8 @@ DxeTpm2MeasureBootLibImageRead (
**/
EFI_STATUS
EFIAPI
TrEEMeasureGptTable (
IN EFI_TREE_PROTOCOL *TreeProtocol,
Tcg2MeasureGptTable (
IN EFI_TCG2_PROTOCOL *Tcg2Protocol,
IN EFI_HANDLE GptHandle
)
{
@ -139,11 +139,11 @@ TrEEMeasureGptTable (
UINT8 *EntryPtr;
UINTN NumberOfPartition;
UINT32 Index;
TrEE_EVENT *TreeEvent;
EFI_TCG2_EVENT *Tcg2Event;
EFI_GPT_DATA *GptData;
UINT32 EventSize;
if (mTrEEMeasureGptCount > 0) {
if (mTcg2MeasureGptCount > 0) {
return EFI_SUCCESS;
}
@ -212,19 +212,19 @@ TrEEMeasureGptTable (
//
EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
+ NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
TreeEvent = (TrEE_EVENT *) AllocateZeroPool (EventSize + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event));
if (TreeEvent == NULL) {
Tcg2Event = (EFI_TCG2_EVENT *) AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event));
if (Tcg2Event == NULL) {
FreePool (PrimaryHeader);
FreePool (EntryPtr);
return EFI_OUT_OF_RESOURCES;
}
TreeEvent->Size = EventSize + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event);
TreeEvent->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER);
TreeEvent->Header.HeaderVersion = TREE_EVENT_HEADER_VERSION;
TreeEvent->Header.PCRIndex = 5;
TreeEvent->Header.EventType = EV_EFI_GPT_EVENT;
GptData = (EFI_GPT_DATA *) TreeEvent->Event;
Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
Tcg2Event->Header.PCRIndex = 5;
Tcg2Event->Header.EventType = EV_EFI_GPT_EVENT;
GptData = (EFI_GPT_DATA *) Tcg2Event->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
@ -251,20 +251,20 @@ TrEEMeasureGptTable (
//
// Measure the GPT data
//
Status = TreeProtocol->HashLogExtendEvent (
TreeProtocol,
Status = Tcg2Protocol->HashLogExtendEvent (
Tcg2Protocol,
0,
(EFI_PHYSICAL_ADDRESS) (UINTN) (VOID *) GptData,
(UINT64) EventSize,
TreeEvent
Tcg2Event
);
if (!EFI_ERROR (Status)) {
mTrEEMeasureGptCount++;
mTcg2MeasureGptCount++;
}
FreePool (PrimaryHeader);
FreePool (EntryPtr);
FreePool (TreeEvent);
FreePool (Tcg2Event);
return Status;
}
@ -277,7 +277,7 @@ TrEEMeasureGptTable (
PE/COFF image is external input, so this function will validate its data structure
within this image buffer before use.
@param[in] TreeProtocol Pointer to the located TREE protocol instance.
@param[in] Tcg2Protocol Pointer to the located TCG2 protocol instance.
@param[in] ImageAddress Start address of image buffer.
@param[in] ImageSize Image size
@param[in] LinkTimeBase Address that the image is loaded into memory.
@ -292,8 +292,8 @@ TrEEMeasureGptTable (
**/
EFI_STATUS
EFIAPI
TrEEMeasurePeImage (
IN EFI_TREE_PROTOCOL *TreeProtocol,
Tcg2MeasurePeImage (
IN EFI_TCG2_PROTOCOL *Tcg2Protocol,
IN EFI_PHYSICAL_ADDRESS ImageAddress,
IN UINTN ImageSize,
IN UINTN LinkTimeBase,
@ -302,7 +302,7 @@ TrEEMeasurePeImage (
)
{
EFI_STATUS Status;
TrEE_EVENT *TreeEvent;
EFI_TCG2_EVENT *Tcg2Event;
EFI_IMAGE_LOAD_EVENT *ImageLoad;
UINT32 FilePathSize;
UINT32 EventSize;
@ -315,33 +315,33 @@ TrEEMeasurePeImage (
// Determine destination PCR by BootPolicy
//
EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
TreeEvent = AllocateZeroPool (EventSize + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event));
if (TreeEvent == NULL) {
Tcg2Event = AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event));
if (Tcg2Event == NULL) {
return EFI_OUT_OF_RESOURCES;
}
TreeEvent->Size = EventSize + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event);
TreeEvent->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER);
TreeEvent->Header.HeaderVersion = TREE_EVENT_HEADER_VERSION;
ImageLoad = (EFI_IMAGE_LOAD_EVENT *) TreeEvent->Event;
Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
ImageLoad = (EFI_IMAGE_LOAD_EVENT *) Tcg2Event->Event;
switch (ImageType) {
case EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION:
TreeEvent->Header.EventType = EV_EFI_BOOT_SERVICES_APPLICATION;
TreeEvent->Header.PCRIndex = 4;
Tcg2Event->Header.EventType = EV_EFI_BOOT_SERVICES_APPLICATION;
Tcg2Event->Header.PCRIndex = 4;
break;
case EFI_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
TreeEvent->Header.EventType = EV_EFI_BOOT_SERVICES_DRIVER;
TreeEvent->Header.PCRIndex = 2;
Tcg2Event->Header.EventType = EV_EFI_BOOT_SERVICES_DRIVER;
Tcg2Event->Header.PCRIndex = 2;
break;
case EFI_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
TreeEvent->Header.EventType = EV_EFI_RUNTIME_SERVICES_DRIVER;
TreeEvent->Header.PCRIndex = 2;
Tcg2Event->Header.EventType = EV_EFI_RUNTIME_SERVICES_DRIVER;
Tcg2Event->Header.PCRIndex = 2;
break;
default:
DEBUG ((
EFI_D_ERROR,
"TrEEMeasurePeImage: Unknown subsystem type %d",
"Tcg2MeasurePeImage: Unknown subsystem type %d",
ImageType
));
goto Finish;
@ -358,12 +358,12 @@ TrEEMeasurePeImage (
//
// Log the PE data
//
Status = TreeProtocol->HashLogExtendEvent (
TreeProtocol,
Status = Tcg2Protocol->HashLogExtendEvent (
Tcg2Protocol,
PE_COFF_IMAGE,
ImageAddress,
ImageSize,
TreeEvent
Tcg2Event
);
if (Status == EFI_VOLUME_FULL) {
//
@ -375,7 +375,7 @@ TrEEMeasurePeImage (
}
Finish:
FreePool (TreeEvent);
FreePool (Tcg2Event);
return Status;
}
@ -428,9 +428,9 @@ DxeTpm2MeasureBootHandler (
IN BOOLEAN BootPolicy
)
{
EFI_TREE_PROTOCOL *TreeProtocol;
EFI_TCG2_PROTOCOL *Tcg2Protocol;
EFI_STATUS Status;
TREE_BOOT_SERVICE_CAPABILITY ProtocolCapability;
EFI_TCG2_BOOT_SERVICE_CAPABILITY ProtocolCapability;
EFI_DEVICE_PATH_PROTOCOL *DevicePathNode;
EFI_DEVICE_PATH_PROTOCOL *OrigDevicePathNode;
EFI_HANDLE Handle;
@ -441,26 +441,26 @@ DxeTpm2MeasureBootHandler (
EFI_PHYSICAL_ADDRESS FvAddress;
UINT32 Index;
Status = gBS->LocateProtocol (&gEfiTrEEProtocolGuid, NULL, (VOID **) &TreeProtocol);
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
if (EFI_ERROR (Status)) {
//
// TrEE protocol is not installed. So, TPM2 is not present.
// Tcg2 protocol is not installed. So, TPM2 is not present.
// Don't do any measurement, and directly return EFI_SUCCESS.
//
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - TrEE - %r\n", Status));
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - Tcg2 - %r\n", Status));
return EFI_SUCCESS;
}
ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
Status = TreeProtocol->GetCapability (
TreeProtocol,
Status = Tcg2Protocol->GetCapability (
Tcg2Protocol,
&ProtocolCapability
);
if (EFI_ERROR (Status) || (!ProtocolCapability.TrEEPresentFlag)) {
if (EFI_ERROR (Status) || (!ProtocolCapability.TPMPresentFlag)) {
//
// TPM device doesn't work or activate.
//
DEBUG ((EFI_D_ERROR, "DxeTpm2MeasureBootHandler (%r) - TrEEPresentFlag - %x\n", Status, ProtocolCapability.TrEEPresentFlag));
DEBUG ((EFI_D_ERROR, "DxeTpm2MeasureBootHandler (%r) - TPMPresentFlag - %x\n", Status, ProtocolCapability.TPMPresentFlag));
return EFI_SUCCESS;
}
@ -475,7 +475,7 @@ DxeTpm2MeasureBootHandler (
//
DevicePathNode = OrigDevicePathNode;
Status = gBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePathNode, &Handle);
if (!EFI_ERROR (Status) && !mTrEEMeasureGptTableFlag) {
if (!EFI_ERROR (Status) && !mTcg2MeasureGptTableFlag) {
//
// Find the gpt partion on the given devicepath
//
@ -508,13 +508,13 @@ DxeTpm2MeasureBootHandler (
//
// Measure GPT disk.
//
Status = TrEEMeasureGptTable (TreeProtocol, Handle);
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - TrEEMeasureGptTable - %r\n", Status));
Status = Tcg2MeasureGptTable (Tcg2Protocol, Handle);
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - Tcg2MeasureGptTable - %r\n", Status));
if (!EFI_ERROR (Status)) {
//
// GPT disk check done.
//
mTrEEMeasureGptTableFlag = TRUE;
mTcg2MeasureGptTableFlag = TRUE;
}
}
FreePool (OrigDevicePathNode);
@ -553,7 +553,7 @@ DxeTpm2MeasureBootHandler (
//
ApplicationRequired = TRUE;
if (mTrEECacheMeasuredHandle != Handle && mTrEEMeasuredHobData != NULL) {
if (mTcg2CacheMeasuredHandle != Handle && mTcg2MeasuredHobData != NULL) {
//
// Search for Root FV of this PE image
//
@ -577,12 +577,12 @@ DxeTpm2MeasureBootHandler (
ApplicationRequired = FALSE;
for (Index = 0; Index < mTrEEMeasuredHobData->Num; Index++) {
if(mTrEEMeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
for (Index = 0; Index < mTcg2MeasuredHobData->Num; Index++) {
if(mTcg2MeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
//
// Cache measured FV for next measurement
//
mTrEECacheMeasuredHandle = Handle;
mTcg2CacheMeasuredHandle = Handle;
ApplicationRequired = TRUE;
break;
}
@ -598,8 +598,8 @@ DxeTpm2MeasureBootHandler (
goto Finish;
}
mTrEEImageSize = FileSize;
mTrEEFileBuffer = FileBuffer;
mTcg2ImageSize = FileSize;
mTcg2FileBuffer = FileBuffer;
//
// Measure PE Image
@ -645,15 +645,15 @@ DxeTpm2MeasureBootHandler (
//
// Measure PE image into TPM log.
//
Status = TrEEMeasurePeImage (
TreeProtocol,
Status = Tcg2MeasurePeImage (
Tcg2Protocol,
(EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
FileSize,
(UINTN) ImageContext.ImageAddress,
ImageContext.ImageType,
DevicePathNode
);
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - TrEEMeasurePeImage - %r\n", Status));
DEBUG ((EFI_D_INFO, "DxeTpm2MeasureBootHandler - Tcg2MeasurePeImage - %r\n", Status));
}
//
@ -692,7 +692,7 @@ DxeTpm2MeasureBootLibConstructor (
GuidHob = GetFirstGuidHob (&gMeasuredFvHobGuid);
if (GuidHob != NULL) {
mTrEEMeasuredHobData = GET_GUID_HOB_DATA (GuidHob);
mTcg2MeasuredHobData = GET_GUID_HOB_DATA (GuidHob);
}
return RegisterSecurity2Handler (

2
SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
View File

@ -61,7 +61,7 @@
gZeroGuid ## SOMETIMES_CONSUMES ## GUID
[Protocols]
gEfiTrEEProtocolGuid ## SOMETIMES_CONSUMES
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES
gEfiFirmwareVolumeBlockProtocolGuid ## SOMETIMES_CONSUMES
gEfiBlockIoProtocolGuid ## SOMETIMES_CONSUMES
gEfiDiskIoProtocolGuid ## SOMETIMES_CONSUMES

36
SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c
View File

@ -1,7 +1,7 @@
/** @file
This library is used by other modules to measure data to TPM.
Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -15,7 +15,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <PiDxe.h>
#include <Protocol/TcgService.h>
#include <Protocol/TrEEProtocol.h>
#include <Protocol/Tcg2Protocol.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
@ -120,37 +120,37 @@ Tpm20MeasureAndLogData (
)
{
EFI_STATUS Status;
EFI_TREE_PROTOCOL *TreeProtocol;
TrEE_EVENT *TreeEvent;
EFI_TCG2_PROTOCOL *Tcg2Protocol;
EFI_TCG2_EVENT *Tcg2Event;
//
// TrEEPresentFlag is checked in HashLogExtendEvent
// TPMPresentFlag is checked in HashLogExtendEvent
//
Status = gBS->LocateProtocol (&gEfiTrEEProtocolGuid, NULL, (VOID **) &TreeProtocol);
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
if (EFI_ERROR (Status)) {
return Status;
}
TreeEvent = (TrEE_EVENT *) AllocateZeroPool (LogLen + sizeof (TrEE_EVENT));
if(TreeEvent == NULL) {
Tcg2Event = (EFI_TCG2_EVENT *) AllocateZeroPool (LogLen + sizeof (EFI_TCG2_EVENT));
if(Tcg2Event == NULL) {
return EFI_OUT_OF_RESOURCES;
}
TreeEvent->Size = (UINT32)LogLen + sizeof (TrEE_EVENT) - sizeof(TreeEvent->Event);
TreeEvent->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER);
TreeEvent->Header.HeaderVersion = TREE_EVENT_HEADER_VERSION;
TreeEvent->Header.PCRIndex = PcrIndex;
TreeEvent->Header.EventType = EventType;
CopyMem (&TreeEvent->Event[0], EventLog, LogLen);
Tcg2Event->Size = (UINT32)LogLen + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
Tcg2Event->Header.PCRIndex = PcrIndex;
Tcg2Event->Header.EventType = EventType;
CopyMem (&Tcg2Event->Event[0], EventLog, LogLen);
Status = TreeProtocol->HashLogExtendEvent (
TreeProtocol,
Status = Tcg2Protocol->HashLogExtendEvent (
Tcg2Protocol,
0,
(EFI_PHYSICAL_ADDRESS)(UINTN)HashData,
HashDataLen,
TreeEvent
Tcg2Event
);
FreePool (TreeEvent);
FreePool (Tcg2Event);
return Status;
}

2
SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
View File

@ -46,4 +46,4 @@
[Protocols]
gEfiTcgProtocolGuid ## SOMETIMES_CONSUMES
gEfiTrEEProtocolGuid ## SOMETIMES_CONSUMES
gEfiTcg2ProtocolGuid ## SOMETIMES_CONSUMES

12
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.c
View File

@ -1,7 +1,7 @@
/** @file
Ihis is BaseCrypto router support function.
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -19,7 +19,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/HashLib.h>
#include <Protocol/TrEEProtocol.h>
#include <Protocol/Tcg2Protocol.h>
typedef struct {
EFI_GUID Guid;
@ -27,10 +27,10 @@ typedef struct {
} TPM2_HASH_MASK;
TPM2_HASH_MASK mTpm2HashMask[] = {
{HASH_ALGORITHM_SHA1_GUID, TREE_BOOT_HASH_ALG_SHA1},
{HASH_ALGORITHM_SHA256_GUID, TREE_BOOT_HASH_ALG_SHA256},
{HASH_ALGORITHM_SHA384_GUID, TREE_BOOT_HASH_ALG_SHA384},
{HASH_ALGORITHM_SHA512_GUID, TREE_BOOT_HASH_ALG_SHA512},
{HASH_ALGORITHM_SHA1_GUID, HASH_ALG_SHA1},
{HASH_ALGORITHM_SHA256_GUID, HASH_ALG_SHA256},
{HASH_ALGORITHM_SHA384_GUID, HASH_ALG_SHA384},
{HASH_ALGORITHM_SHA512_GUID, HASH_ALG_SHA512},
};
/**

27
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c
View File

@ -3,7 +3,7 @@
hash handler registerd, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -44,6 +44,7 @@ HashStart (
{
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
if (mHashInterfaceCount == 0) {
return EFI_UNSUPPORTED;
@ -53,7 +54,10 @@ HashStart (
ASSERT (HashCtx != NULL);
for (Index = 0; Index < mHashInterfaceCount; Index++) {
mHashInterface[Index].HashInit (&HashCtx[Index]);
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
mHashInterface[Index].HashInit (&HashCtx[Index]);
}
}
*HashHandle = (HASH_HANDLE)HashCtx;
@ -80,6 +84,7 @@ HashUpdate (
{
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
if (mHashInterfaceCount == 0) {
return EFI_UNSUPPORTED;
@ -88,7 +93,10 @@ HashUpdate (
HashCtx = (HASH_HANDLE *)HashHandle;
for (Index = 0; Index < mHashInterfaceCount; Index++) {
mHashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
mHashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
}
}
return EFI_SUCCESS;
@ -119,6 +127,7 @@ HashCompleteAndExtend (
HASH_HANDLE *HashCtx;
UINTN Index;
EFI_STATUS Status;
UINT32 HashMask;
if (mHashInterfaceCount == 0) {
return EFI_UNSUPPORTED;
@ -128,9 +137,12 @@ HashCompleteAndExtend (
ZeroMem (DigestList, sizeof(*DigestList));
for (Index = 0; Index < mHashInterfaceCount; Index++) {
mHashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
mHashInterface[Index].HashFinal (HashCtx[Index], &Digest);
Tpm2SetHashToDigestList (DigestList, &Digest);
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
mHashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
mHashInterface[Index].HashFinal (HashCtx[Index], &Digest);
Tpm2SetHashToDigestList (DigestList, &Digest);
}
}
FreePool (HashCtx);
@ -192,6 +204,7 @@ RegisterHashInterfaceLib (
{
UINTN Index;
UINT32 HashMask;
UINT32 BiosSupportedHashMask;
//
// Check allow
@ -204,6 +217,8 @@ RegisterHashInterfaceLib (
if (mHashInterfaceCount >= sizeof(mHashInterface)/sizeof(mHashInterface[0])) {
return EFI_OUT_OF_RESOURCES;
}
BiosSupportedHashMask = PcdGet32 (PcdTcg2HashAlgorithmBitmap);
PcdSet32 (PcdTcg2HashAlgorithmBitmap, BiosSupportedHashMask | HashMask);
//
// Check duplication

5
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
View File

@ -5,7 +5,7 @@
# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
# mask some hash engines.
#
# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -48,5 +48,6 @@
PcdLib
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES

27
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c
View File

@ -3,7 +3,7 @@
hash handler registerd, such as SHA1, SHA256.
Platform can use PcdTpm2HashMask to mask some hash engines.
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -72,6 +72,7 @@ HashStart (
HASH_INTERFACE_HOB *HashInterfaceHob;
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterface ();
if (HashInterfaceHob == NULL) {
@ -86,7 +87,10 @@ HashStart (
ASSERT (HashCtx != NULL);
for (Index = 0; Index < HashInterfaceHob->HashInterfaceCount; Index++) {
HashInterfaceHob->HashInterface[Index].HashInit (&HashCtx[Index]);
HashMask = Tpm2GetHashMaskFromAlgo (&HashInterfaceHob->HashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
HashInterfaceHob->HashInterface[Index].HashInit (&HashCtx[Index]);
}
}
*HashHandle = (HASH_HANDLE)HashCtx;
@ -114,6 +118,7 @@ HashUpdate (
HASH_INTERFACE_HOB *HashInterfaceHob;
HASH_HANDLE *HashCtx;
UINTN Index;
UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterface ();
if (HashInterfaceHob == NULL) {
@ -127,7 +132,10 @@ HashUpdate (
HashCtx = (HASH_HANDLE *)HashHandle;
for (Index = 0; Index < HashInterfaceHob->HashInterfaceCount; Index++) {
HashInterfaceHob->HashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
HashMask = Tpm2GetHashMaskFromAlgo (&HashInterfaceHob->HashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
HashInterfaceHob->HashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
}
}
return EFI_SUCCESS;
@ -159,6 +167,7 @@ HashCompleteAndExtend (
HASH_HANDLE *HashCtx;
UINTN Index;
EFI_STATUS Status;
UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterface ();
if (HashInterfaceHob == NULL) {
@ -173,9 +182,12 @@ HashCompleteAndExtend (
ZeroMem (DigestList, sizeof(*DigestList));
for (Index = 0; Index < HashInterfaceHob->HashInterfaceCount; Index++) {
HashInterfaceHob->HashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
HashInterfaceHob->HashInterface[Index].HashFinal (HashCtx[Index], &Digest);
Tpm2SetHashToDigestList (DigestList, &Digest);
HashMask = Tpm2GetHashMaskFromAlgo (&HashInterfaceHob->HashInterface[Index].HashGuid);
if ((HashMask & PcdGet32 (PcdTpm2HashMask)) != 0) {
HashInterfaceHob->HashInterface[Index].HashUpdate (HashCtx[Index], DataToHash, DataToHashLen);
HashInterfaceHob->HashInterface[Index].HashFinal (HashCtx[Index], &Digest);
Tpm2SetHashToDigestList (DigestList, &Digest);
}
}
FreePool (HashCtx);
@ -245,6 +257,7 @@ RegisterHashInterfaceLib (
HASH_INTERFACE_HOB *HashInterfaceHob;
HASH_INTERFACE_HOB LocalHashInterfaceHob;
UINT32 HashMask;
UINT32 BiosSupportedHashMask;
//
// Check allow
@ -266,6 +279,8 @@ RegisterHashInterfaceLib (
if (HashInterfaceHob->HashInterfaceCount >= HASH_COUNT) {
return EFI_OUT_OF_RESOURCES;
}
BiosSupportedHashMask = PcdGet32 (PcdTcg2HashAlgorithmBitmap);
PcdSet32 (PcdTcg2HashAlgorithmBitmap, BiosSupportedHashMask | HashMask);
//
// Check duplication

5
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
View File

@ -5,7 +5,7 @@
# hash handler registered, such as SHA1, SHA256. Platform can use PcdTpm2HashMask to
# mask some hash engines.
#
# Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -49,5 +49,6 @@
HobLib
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES

11
SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c
View File

@ -1,7 +1,7 @@
/** @file
Ihis library uses TPM2 device to calculation hash.
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -20,7 +20,6 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/MemoryAllocationLib.h>
#include <Library/HashLib.h>
#include <Library/PcdLib.h>
#include <Protocol/TrEEProtocol.h>
typedef struct {
TPM_ALG_ID AlgoId;
@ -28,10 +27,10 @@ typedef struct {
} TPM2_HASH_MASK;
TPM2_HASH_MASK mTpm2HashMask[] = {
{TPM_ALG_SHA1, TREE_BOOT_HASH_ALG_SHA1},
{TPM_ALG_SHA256, TREE_BOOT_HASH_ALG_SHA256},
{TPM_ALG_SHA384, TREE_BOOT_HASH_ALG_SHA384},
{TPM_ALG_SHA512, TREE_BOOT_HASH_ALG_SHA512},
{TPM_ALG_SHA1, HASH_ALG_SHA1},
{TPM_ALG_SHA256, HASH_ALG_SHA256},
{TPM_ALG_SHA384, HASH_ALG_SHA384},
{TPM_ALG_SHA512, HASH_ALG_SHA512},
};
/**

59
SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c Normal file
View File

@ -0,0 +1,59 @@
/** @file
Get TPM 2.0 physical presence information.
This library will get TPM 2.0 physical presence information.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiPei.h>
#include <Guid/Tcg2PhysicalPresenceData.h>
#include <Ppi/ReadOnlyVariable2.h>
#include <Library/DebugLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/PeiServicesTablePointerLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
/**
Return TPM2 ManagementFlags set by PP interface.
@retval ManagementFlags TPM2 Management Flags.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibGetManagementFlags (
VOID
)
{
EFI_STATUS Status;
EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
UINTN DataSize;
Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
ASSERT_EFI_ERROR (Status);
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
Status = VariablePpi->GetVariable (
VariablePpi,
TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&PpiFlags
);
if (EFI_ERROR (Status)) {
PpiFlags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT;
}
return PpiFlags.PPFlags;
}

52
SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf Normal file
View File

@ -0,0 +1,52 @@
## @file
# Get TPM 2.0 physical presence information.
#
# This library will get TPM 2.0 physical presence information.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = PeiTcg2PhysicalPresenceLib
MODULE_UNI_FILE = PeiTcg2PhysicalPresenceLib.uni
FILE_GUID = AB82E7BE-0970-480b-93EB-3D332B89F99E
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
LIBRARY_CLASS = Tcg2PhysicalPresenceLib|PEIM
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
PeiTcg2PhysicalPresenceLib.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
DebugLib
PeiServicesLib
PeiServicesTablePointerLib
[Guids]
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
gEfiTcg2PhysicalPresenceGuid
[Ppis]
gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
[Depex]
gEfiPeiReadOnlyVariable2PpiGuid

BIN
SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.uni Normal file
View File

Binary file not shown.

314
SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.c Normal file
View File

@ -0,0 +1,314 @@
/** @file
Handle TPM 2.0 physical presence requests from OS.
This library will handle TPM 2.0 physical presence request from OS.
Caution: This module requires additional review when modified.
This driver will have external input - variable.
This external input must be validated carefully to avoid security issue.
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction() and Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction()
will receive untrusted input and do validation.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiSmm.h>
#include <Guid/Tcg2PhysicalPresenceData.h>
#include <Protocol/SmmVariable.h>
#include <Library/DebugLib.h>
#include <Library/Tcg2PpVendorLib.h>
#include <Library/SmmServicesTableLib.h>
EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable;
/**
The handler for TPM physical presence function:
Return TPM Operation Response to OS Environment.
This API should be invoked in OS runtime phase to interface with ACPI method.
@param[out] MostRecentRequest Most recent operation request.
@param[out] Response Response to the most recent operation request.
@return Return Code for Return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
OUT UINT32 *MostRecentRequest,
OUT UINT32 *Response
)
{
EFI_STATUS Status;
UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
DEBUG ((EFI_D_INFO, "[TPM2] ReturnOperationResponseToOsFunction\n"));
//
// Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&PpData
);
if (EFI_ERROR (Status)) {
*MostRecentRequest = 0;
*Response = 0;
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;
}
*MostRecentRequest = PpData.LastPPRequest;
*Response = PpData.PPResponse;
return TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;
}
/**
The handler for TPM physical presence function:
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
@param[in] OperationRequest TPM physical presence operation request.
@param[in] RequestParameter TPM physical presence operation request parameter.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 RequestParameter
)
{
EFI_STATUS Status;
UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags;
DEBUG ((EFI_D_INFO, "[TPM2] SubmitRequestToPreOSFunction, Request = %x, %x\n", OperationRequest, RequestParameter));
//
// Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&PpData
);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}
if ((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
(OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
//
// This command requires UI to prompt user for Auth data.
//
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
}
if (PpData.PPRequest != OperationRequest) {
PpData.PPRequest = (UINT8)OperationRequest;
PpData.PPRequestParameter = RequestParameter;
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
Status = mTcg2PpSmmVariable->SmmSetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
DataSize,
&PpData
);
}
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}
if (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&Flags
);
if (EFI_ERROR (Status)) {
Flags.PPFlags = TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT;
}
return Tcg2PpVendorLibSubmitRequestToPreOSFunction (OperationRequest, Flags.PPFlags, RequestParameter);
}
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
}
/**
The handler for TPM physical presence function:
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
@param[in] OperationRequest TPM physical presence operation request.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest
)
{
EFI_STATUS Status;
UINTN DataSize;
EFI_TCG2_PHYSICAL_PRESENCE PpData;
EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags;
BOOLEAN RequestConfirmed;
DEBUG ((EFI_D_INFO, "[TPM2] GetUserConfirmationStatusFunction, Request = %x\n", OperationRequest));
//
// Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&PpData
);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
}
//
// Get the Physical Presence flags
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
NULL,
&DataSize,
&Flags
);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP flags failure! Status = %r\n", Status));
return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
}
RequestConfirmed = FALSE;
switch (OperationRequest) {
case TCG2_PHYSICAL_PRESENCE_CLEAR:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR_2:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR_3:
if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR) == 0) {
RequestConfirmed = TRUE;
}
break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CLEAR_TRUE:
RequestConfirmed = TRUE;
break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CLEAR_FALSE:
break;
case TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS:
if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS) == 0) {
RequestConfirmed = TRUE;
}
break;
case TCG2_PHYSICAL_PRESENCE_CHANGE_EPS:
if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS) == 0) {
RequestConfirmed = TRUE;
}
break;
case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
RequestConfirmed = TRUE;
break;
default:
if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
RequestConfirmed = TRUE;
} else {
if (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
}
}
break;
}
if (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
return Tcg2PpVendorLibGetUserConfirmationStatusFunction (OperationRequest, Flags.PPFlags);
}
if (RequestConfirmed) {
return TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
} else {
return TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
}
}
/**
The constructor function register UNI strings into imageHandle.
It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
@param ImageHandle The firmware allocated handle for the EFI image.
@param SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The constructor successfully added string package.
@retval Other value The constructor can't add string package.
**/
EFI_STATUS
EFIAPI
Tcg2PhysicalPresenceLibConstructor (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
//
// Locate SmmVariableProtocol.
//
Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mTcg2PpSmmVariable);
ASSERT_EFI_ERROR (Status);
return EFI_SUCCESS;
}

56
SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf Normal file
View File

@ -0,0 +1,56 @@
## @file
# Handle TPM 2.0 physical presence requests from OS.
#
# This library will handle TPM 2.0 physical presence request from OS.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = SmmTcg2PhysicalPresenceLib
MODULE_UNI_FILE = SmmTcg2PhysicalPresenceLib.uni
FILE_GUID = AAE02741-858B-4964-9887-CA870489D944
MODULE_TYPE = DXE_SMM_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = Tcg2PhysicalPresenceLib|DXE_SMM_DRIVER
CONSTRUCTOR = Tcg2PhysicalPresenceLibConstructor
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
SmmTcg2PhysicalPresenceLib.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
DebugLib
Tcg2PpVendorLib
SmmServicesTableLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresenceFlags"
gEfiTcg2PhysicalPresenceGuid
[Depex]
gEfiSmmVariableProtocolGuid

BIN
SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.uni Normal file
View File

Binary file not shown.

133
SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c Normal file
View File

@ -0,0 +1,133 @@
/** @file
NULL Tcg2 PP Vendor library instance that does not support any vendor specific PPI.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/DebugLib.h>
#include <Library/Tcg2PpVendorLib.h>
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
Tcg2PpVendorLibExecutePendingRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
Tcg2PpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return FALSE;
}
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[in] RequestParameter Extra parameter from the passed package.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
Tcg2PpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
IN UINT32 RequestParameter
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
}
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
Tcg2PpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
}

37
SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf Normal file
View File

@ -0,0 +1,37 @@
## @file
# NULL Tcg PP Vendor library instance that does not support any vendor specific PPI
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2PpVendorLibNull
MODULE_UNI_FILE = Tcg2PpVendorLibNull.uni
FILE_GUID = 51924AE9-BE81-4820-94BA-7C9546E702D0
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = Tcg2PpVendorLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
Tcg2PpVendorLibNull.c
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
DebugLib

BIN
SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.uni Normal file
View File

Binary file not shown.

125
SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c Normal file
View File

@ -0,0 +1,125 @@
/** @file
Ihis library is TPM2 TCG2 protocol lib.
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Protocol/Tcg2Protocol.h>
#include <IndustryStandard/Tpm20.h>
EFI_TCG2_PROTOCOL *mTcg2Protocol = NULL;
/**
This service enables the sending of commands to the TPM2.
@param[in] InputParameterBlockSize Size of the TPM2 input parameter block.
@param[in] InputParameterBlock Pointer to the TPM2 input parameter block.
@param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block.
@param[in] OutputParameterBlock Pointer to the TPM2 output parameter block.
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
IN UINT32 InputParameterBlockSize,
IN UINT8 *InputParameterBlock,
IN OUT UINT32 *OutputParameterBlockSize,
IN UINT8 *OutputParameterBlock
)
{
EFI_STATUS Status;
TPM2_RESPONSE_HEADER *Header;
if (mTcg2Protocol == NULL) {
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &mTcg2Protocol);
if (EFI_ERROR (Status)) {
//
// Tcg2 protocol is not installed. So, TPM2 is not present.
//
DEBUG ((EFI_D_ERROR, "Tpm2SubmitCommand - Tcg2 - %r\n", Status));
return EFI_NOT_FOUND;
}
}
//
// Assume when Tcg2 Protocol is ready, RequestUseTpm already done.
//
Status = mTcg2Protocol->SubmitCommand (
mTcg2Protocol,
InputParameterBlockSize,
InputParameterBlock,
*OutputParameterBlockSize,
OutputParameterBlock
);
if (EFI_ERROR (Status)) {
return Status;
}
Header = (TPM2_RESPONSE_HEADER *)OutputParameterBlock;
*OutputParameterBlockSize = SwapBytes32 (Header->paramSize);
return EFI_SUCCESS;
}
/**
This service requests use TPM2.
@retval EFI_SUCCESS Get the control of TPM2 chip.
@retval EFI_NOT_FOUND TPM2 not found.
@retval EFI_DEVICE_ERROR Unexpected device behavior.
**/
EFI_STATUS
EFIAPI
Tpm2RequestUseTpm (
VOID
)
{
EFI_STATUS Status;
if (mTcg2Protocol == NULL) {
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &mTcg2Protocol);
if (EFI_ERROR (Status)) {
//
// Tcg2 protocol is not installed. So, TPM2 is not present.
//
DEBUG ((EFI_D_ERROR, "Tpm2RequestUseTpm - Tcg2 - %r\n", Status));
return EFI_NOT_FOUND;
}
}
//
// Assume when Tcg2 Protocol is ready, RequestUseTpm already done.
//
return EFI_SUCCESS;
}
/**
This service register TPM2 device.
@param Tpm2Device TPM2 device
@retval EFI_SUCCESS This TPM2 device is registered successfully.
@retval EFI_UNSUPPORTED System does not support register this TPM2 device.
@retval EFI_ALREADY_STARTED System already register this TPM2 device.
**/
EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
IN TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
return EFI_UNSUPPORTED;
}

46
SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf Normal file
View File

@ -0,0 +1,46 @@
## @file
# Provides function interfaces to communicate with TPM 2.0 device
#
# This library helps to use TPM 2.0 device in library function API
# based on TPM2 protocol.
#
# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tpm2DeviceLibTcg2
MODULE_UNI_FILE = Tpm2DeviceLibTcg2.uni
FILE_GUID = A1B0B230-67DC-431E-A94A-A96AF1EBE637
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = Tpm2DeviceLib|DXE_DRIVER DXE_RUNTIME_DRIVER DXE_SAL_DRIVER DXE_SMM_DRIVER UEFI_APPLICATION UEFI_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
Tpm2DeviceLibTcg2.c
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
DebugLib
UefiBootServicesTableLib
[Protocols]
gEfiTcg2ProtocolGuid ## CONSUMES

BIN
SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.uni Normal file
View File

Binary file not shown.

21
SecurityPkg/SecurityPkg.dec
View File

@ -104,6 +104,10 @@
# Include/Guid/TcgEventHob.h
gTcgEventEntryHobGuid = { 0x2b9ffb52, 0x1b13, 0x416f, { 0xa8, 0x7b, 0xbc, 0x93, 0xd, 0xef, 0x92, 0xa8 }}
## Hob GUID used to pass a TCG_PCR_EVENT_2 from a TPM2 PEIM to a TPM2 DXE Driver.
## Include/Guid/TcgEventHob.h
gTcgEvent2EntryHobGuid = { 0xd26c221e, 0x2430, 0x4c8a, { 0x91, 0x70, 0x3f, 0xcb, 0x45, 0x0, 0x41, 0x3f }}
## HOB GUID used to record TPM device error.
# Include/Guid/TcgEventHob.h
gTpmErrorHobGuid = { 0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 }}
@ -116,6 +120,10 @@
# Include/Guid/PhysicalPresenceData.h
gEfiPhysicalPresenceGuid = { 0xf6499b1, 0xe9ad, 0x493d, { 0xb9, 0xc2, 0x2f, 0x90, 0x81, 0x5c, 0x6c, 0xbc }}
## GUID used to "Tcg2PhysicalPresence" variable and "Tcg2PhysicalPresenceFlags" variable for TPM2 request and response.
# Include/Guid/Tcg2PhysicalPresenceData.h
gEfiTcg2PhysicalPresenceGuid = { 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9, 0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 }}
## GUID used for form browser, password credential and provider identifier.
# Include/Guid/PwdCredentialProviderHii.h
gPwdCredentialProviderGuid = { 0x78b9ec8b, 0xc000, 0x46c5, { 0xac, 0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce }}
@ -136,6 +144,10 @@
# Include/Guid/TcgConfigHii.h
gTcgConfigFormSetGuid = { 0xb0f901e4, 0xc424, 0x45de, { 0x90, 0x81, 0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 }}
## GUID used for FormSet and config variable.
# Include/Guid/Tcg2ConfigHii.h
gTcg2ConfigFormSetGuid = {0x6339d487, 0x26ba, 0x424b, { 0x9a, 0x5d, 0x68, 0x7e, 0x25, 0xd7, 0x40, 0xbc }}
## GUID used for FormSet.
# Include/Guid/SecureBootConfigHii.h
gSecureBootConfigFormSetGuid = { 0x5daf50a5, 0xea81, 0x4de2, {0x8f, 0x9b, 0xca, 0xbd, 0xa9, 0xcf, 0x5c, 0x14}}
@ -363,6 +375,15 @@
# @Prompt TPM device address.
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress|0xFED40000|UINT64|0x00010012
## This PCD indicated final BIOS supported Hash mask.
# Bios may choose to register a subset of PcdTpm2HashMask.
# So this PCD is final value of how many hash algo is extended to PCR.
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|0xFFFFFFFF|UINT32|0x00010016
## This PCR means the OEM configurated number of PCR banks.
# 0 means dynamic get from supported HASH algorithm
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks|0x0|UINT32|0x00010015
## Provides one or more SHA 256 Hashes of the RSA 2048 public keys used to verify Recovery and Capsule Update images
#
# @Prompt One or more SHA 256 Hashes of RSA 2048 bit public keys used to verify Recovery and Capsule Update images

61
SecurityPkg/SecurityPkg.dsc
View File

@ -56,8 +56,10 @@
TpmMeasurementLib|SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.inf
Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
Tcg2PhysicalPresenceLib|SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
TcgPpVendorLib|SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf
Tcg2PpVendorLib|SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.inf
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
[LibraryClasses.common.PEIM]
@ -71,6 +73,7 @@
ReportStatusCodeLib|MdeModulePkg/Library/PeiReportStatusCodeLib/PeiReportStatusCodeLib.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
Tcg2PhysicalPresenceLib|SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf
[LibraryClasses.common.DXE_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -78,34 +81,34 @@
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
[LibraryClasses.common.UEFI_DRIVER, LibraryClasses.common.DXE_RUNTIME_DRIVER, LibraryClasses.common.DXE_SAL_DRIVER,]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
DebugLib|MdePkg/Library/UefiDebugLibConOut/UefiDebugLibConOut.inf
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
[LibraryClasses.common.DXE_RUNTIME_DRIVER]
ReportStatusCodeLib|MdeModulePkg/Library/RuntimeDxeReportStatusCodeLib/RuntimeDxeReportStatusCodeLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/RuntimeCryptLib.inf
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
[LibraryClasses.common.UEFI_DRIVER, LibraryClasses.common.UEFI_APPLICATION]
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/BaseCryptLib.inf
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
[LibraryClasses.IPF.DXE_SAL_DRIVER]
ExtendedSalLib|MdePkg/Library/DxeRuntimeExtendedSalLib/DxeRuntimeExtendedSalLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLibRuntimeCryptProtocol/BaseCryptLibRuntimeCryptProtocol.inf
HashLib|SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
[LibraryClasses.common.DXE_SMM_DRIVER]
HobLib|MdePkg/Library/DxeHobLib/DxeHobLib.inf
@ -115,7 +118,8 @@
SmmMemLib|MdePkg/Library/SmmMemLib/SmmMemLib.inf
BaseCryptLib|CryptoPkg/Library/BaseCryptLib/SmmCryptLib.inf
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
Tcg2PhysicalPresenceLib|SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
[PcdsDynamicDefault.common.DEFAULT]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid|{0xb6, 0xe5, 0x01, 0x8b, 0x19, 0x4f, 0xe8, 0x46, 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc}
@ -124,6 +128,8 @@
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy|1
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy|1
gEfiSecurityPkgTokenSpaceGuid.PcdTpmScrtmPolicy|1
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask|3
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap|3
[Components]
SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.inf
@ -154,12 +160,21 @@
# TPM2
#
SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.inf
SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.inf
SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.inf
#
# TrEE - to be deprecated
#
SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.inf
SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.inf
SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
#
# TrEE - to be deprecated
#
SecurityPkg/Library/Tpm2DeviceLibTrEE/Tpm2DeviceLibTrEE.inf
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
@ -197,6 +212,35 @@
SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf {
<LibraryClasses>
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.inf
}
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf {
<LibraryClasses>
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.inf
NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
}
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf {
<LibraryClasses>
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.inf
NULL|SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.inf
NULL|SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.inf
NULL|SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.inf
PcdLib|MdePkg/Library/DxePcdLib/DxePcdLib.inf
}
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf {
<LibraryClasses>
Tpm2DeviceLib|SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.inf
}
#
# TrEE - to be deprecated
#
SecurityPkg/Tcg/TrEEConfig/TrEEConfigPei.inf {
<LibraryClasses>
Tpm12DeviceLib|SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12DeviceLibDTpm.inf
@ -237,6 +281,11 @@
SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.inf
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/SmmTcg2PhysicalPresenceLib.inf
#
# TrEE - to be deprecated
#
SecurityPkg/Tcg/TrEESmm/TrEESmm.inf
#
# Random Number Generator

167
SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr Normal file
View File

@ -0,0 +1,167 @@
/** @file
VFR file used by the TCG2 configuration component.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Tcg2ConfigNvData.h"
formset
guid = TCG2_CONFIG_FORM_SET_GUID,
title = STRING_TOKEN(STR_TCG2_TITLE),
help = STRING_TOKEN(STR_TCG2_HELP),
classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
efivarstore TCG2_CONFIGURATION,
varid = TCG2_CONFIGURATION_VARSTORE_ID,
attribute = 0x03, // EFI variable attribures EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_NON_VOLATILE
name = TCG2_CONFIGURATION,
guid = TCG2_CONFIG_FORM_SET_GUID;
form formid = TCG2_CONFIGURATION_FORM_ID,
title = STRING_TOKEN(STR_TCG2_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
text
help = STRING_TOKEN(STR_TCG2_DEVICE_STATE_HELP),
text = STRING_TOKEN(STR_TCG2_DEVICE_STATE_PROMPT),
text = STRING_TOKEN(STR_TCG2_DEVICE_STATE_CONTENT);
oneof varid = TCG2_CONFIGURATION.TpmDevice,
questionid = KEY_TPM_DEVICE,
prompt = STRING_TOKEN(STR_TCG2_DEVICE_PROMPT),
help = STRING_TOKEN(STR_TCG2_DEVICE_HELP),
flags = INTERACTIVE,
option text = STRING_TOKEN(STR_TCG2_TPM_1_2), value = TPM_DEVICE_1_2, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_TPM_2_0_DTPM), value = TPM_DEVICE_2_0_DTPM, flags = RESET_REQUIRED;
endoneof;
subtitle text = STRING_TOKEN(STR_NULL);
suppressif ideqvallist TCG2_CONFIGURATION.TpmDevice == TPM_DEVICE_NULL TPM_DEVICE_1_2;
text
help = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO),
text = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO_CONTENT);
text
help = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO),
text = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT);
text
help = STRING_TOKEN(STR_BIOS_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_BIOS_HASH_ALGO),
text = STRING_TOKEN(STR_BIOS_HASH_ALGO_CONTENT);
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_TCG2_PP_OPERATION);
oneof name = Tpm2Operation,
questionid = KEY_TPM2_OPERATION,
prompt = STRING_TOKEN(STR_TCG2_OPERATION),
help = STRING_TOKEN(STR_TCG2_OPERATION_HELP),
flags = INTERACTIVE | NUMERIC_SIZE_1,
option text = STRING_TOKEN(STR_TCG2_NO_ACTION), value = TCG2_PHYSICAL_PRESENCE_NO_ACTION, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_ENABLE), value = TCG2_PHYSICAL_PRESENCE_ENABLE, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE), value = TCG2_PHYSICAL_PRESENCE_DISABLE, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_CLEAR), value = TCG2_PHYSICAL_PRESENCE_CLEAR, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_SET_PCD_BANKS), value = TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_CHANGE_EPS), value = TCG2_PHYSICAL_PRESENCE_CHANGE_EPS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_LOG_ALL_DIGESTS), value = TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY), value = TCG2_PHYSICAL_PRESENCE_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_ENABLE_BLOCK_SID), value = TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE_BLOCK_SID), value = TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID, flags = RESET_REQUIRED;
endoneof;
suppressif NOT questionref(Tpm2Operation) == TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS;
numeric name = Tpm2OperationParameter,
questionid = KEY_TPM2_OPERATION_PARAMETER,
prompt = STRING_TOKEN(STR_TCG2_OPERATION_PARAMETER),
help = STRING_TOKEN(STR_TCG2_OPERATION_PARAMETER_HELP),
flags = DISPLAY_UINT_HEX | INTERACTIVE | NUMERIC_SIZE_4,
minimum = 0,
maximum = 0xFFFFFFFF,
step = 0,
default = 0,
endnumeric;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_TCG2_CONFIGURATION);
text
help = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT_HELP),
text = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT),
text = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP_HELP),
text = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP),
text = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS_HELP),
text = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS),
text = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS_HELP),
text = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS),
text = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS_CONTENT);
subtitle text = STRING_TOKEN(STR_NULL);
checkbox name = TCG2ActivatePCRBank0,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_0,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA1),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA1_HELP),
flags = INTERACTIVE,
default = 1,
endcheckbox;
checkbox name = TCG2ActivatePCRBank1,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_1,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA256),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA256_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank2,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_2,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA384),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA384_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank3,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_3,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA512),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA512_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank4,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_4,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SM3_256),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SM3_256_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
endif;
endform;
endformset;

280
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDriver.c Normal file
View File

@ -0,0 +1,280 @@
/** @file
The module entry point for Tcg2 configuration module.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Tcg2ConfigImpl.h"
extern TPM_INSTANCE_ID mTpmInstanceId[TPM_DEVICE_MAX + 1];
/**
Update default PCR banks data.
@param[in] HiiPackage HII Package.
@param[in] HiiPackageSize HII Package size.
@param[in] PCRBanks PCR Banks data.
**/
VOID
UpdateDefaultPCRBanks (
IN VOID *HiiPackage,
IN UINTN HiiPackageSize,
IN UINT32 PCRBanks
)
{
EFI_HII_PACKAGE_HEADER *HiiPackageHeader;
EFI_IFR_OP_HEADER *IfrOpCodeHeader;
EFI_IFR_CHECKBOX *IfrCheckBox;
EFI_IFR_DEFAULT *IfrDefault;
HiiPackageHeader = (EFI_HII_PACKAGE_HEADER *)HiiPackage;
switch (HiiPackageHeader->Type) {
case EFI_HII_PACKAGE_FORMS:
IfrOpCodeHeader = (EFI_IFR_OP_HEADER *)(HiiPackageHeader + 1);
while ((UINTN)IfrOpCodeHeader < (UINTN)HiiPackageHeader + HiiPackageHeader->Length) {
switch (IfrOpCodeHeader->OpCode) {
case EFI_IFR_CHECKBOX_OP:
IfrCheckBox = (EFI_IFR_CHECKBOX *)IfrOpCodeHeader;
if ((IfrCheckBox->Question.QuestionId >= KEY_TPM2_PCR_BANKS_REQUEST_0) && (IfrCheckBox->Question.QuestionId <= KEY_TPM2_PCR_BANKS_REQUEST_4)) {
IfrDefault = (EFI_IFR_DEFAULT *)(IfrCheckBox + 1);
ASSERT (IfrDefault->Header.OpCode == EFI_IFR_DEFAULT_OP);
ASSERT (IfrDefault->Type == EFI_IFR_TYPE_BOOLEAN);
IfrDefault->Value.b = (BOOLEAN)((PCRBanks >> (IfrCheckBox->Question.QuestionId - KEY_TPM2_PCR_BANKS_REQUEST_0)) & 0x1);
}
break;
}
IfrOpCodeHeader = (EFI_IFR_OP_HEADER *)((UINTN)IfrOpCodeHeader + IfrOpCodeHeader->Length);
}
break;
}
return ;
}
/**
The entry point for Tcg2 configuration driver.
@param[in] ImageHandle The image handle of the driver.
@param[in] SystemTable The system table.
@retval EFI_ALREADY_STARTED The driver already exists in system.
@retval EFI_OUT_OF_RESOURCES Fail to execute entry point due to lack of resources.
@retval EFI_SUCCES All the related protocols are installed on the driver.
@retval Others Fail to install protocols as indicated.
**/
EFI_STATUS
EFIAPI
Tcg2ConfigDriverEntryPoint (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
TCG2_CONFIG_PRIVATE_DATA *PrivateData;
TCG2_CONFIGURATION Tcg2Configuration;
TCG2_DEVICE_DETECTION Tcg2DeviceDetection;
UINTN Index;
UINTN DataSize;
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
UINT32 CurrentActivePCRBanks;
Status = gBS->OpenProtocol (
ImageHandle,
&gEfiCallerIdGuid,
NULL,
ImageHandle,
ImageHandle,
EFI_OPEN_PROTOCOL_TEST_PROTOCOL
);
if (!EFI_ERROR (Status)) {
return EFI_ALREADY_STARTED;
}
//
// Create a private data structure.
//
PrivateData = AllocateCopyPool (sizeof (TCG2_CONFIG_PRIVATE_DATA), &mTcg2ConfigPrivateDateTemplate);
ASSERT (PrivateData != NULL);
mTcg2ConfigPrivateDate = PrivateData;
//
// Install private GUID.
//
Status = gBS->InstallMultipleProtocolInterfaces (
&ImageHandle,
&gEfiCallerIdGuid,
PrivateData,
NULL
);
ASSERT_EFI_ERROR (Status);
Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &PrivateData->Tcg2Protocol);
ASSERT_EFI_ERROR (Status);
PrivateData->ProtocolCapability.Size = sizeof(PrivateData->ProtocolCapability);
Status = PrivateData->Tcg2Protocol->GetCapability (
PrivateData->Tcg2Protocol,
&PrivateData->ProtocolCapability
);
ASSERT_EFI_ERROR (Status);
DataSize = sizeof(Tcg2Configuration);
Status = gRT->GetVariable (
TCG2_STORAGE_NAME,
&gTcg2ConfigFormSetGuid,
NULL,
&DataSize,
&Tcg2Configuration
);
if (EFI_ERROR (Status)) {
//
// Variable not ready, set default value
//
Tcg2Configuration.TpmDevice = TPM_DEVICE_DEFAULT;
}
//
// Validation
//
if ((Tcg2Configuration.TpmDevice > TPM_DEVICE_MAX) || (Tcg2Configuration.TpmDevice < TPM_DEVICE_MIN)) {
Tcg2Configuration.TpmDevice = TPM_DEVICE_DEFAULT;
}
//
// Set value for Tcg2CurrentActivePCRBanks
// Search Tcg2ConfigBin[] and update default value there
//
Status = PrivateData->Tcg2Protocol->GetActivePcrBanks (PrivateData->Tcg2Protocol, &CurrentActivePCRBanks);
ASSERT_EFI_ERROR (Status);
PrivateData->PCRBanksDesired = CurrentActivePCRBanks;
UpdateDefaultPCRBanks (Tcg2ConfigBin + sizeof(UINT32), ReadUnaligned32((UINT32 *)Tcg2ConfigBin) - sizeof(UINT32), CurrentActivePCRBanks);
//
// Save to variable so platform driver can get it.
//
Status = gRT->SetVariable (
TCG2_STORAGE_NAME,
&gTcg2ConfigFormSetGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
sizeof(Tcg2Configuration),
&Tcg2Configuration
);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "Tcg2ConfigDriver: Fail to set TCG2_STORAGE_NAME\n"));
}
//
// Sync data from PCD to variable, so that we do not need detect again in S3 phase.
//
Tcg2DeviceDetection.TpmDeviceDetected = TPM_DEVICE_NULL;
for (Index = 0; Index < sizeof(mTpmInstanceId)/sizeof(mTpmInstanceId[0]); Index++) {
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &mTpmInstanceId[Index].TpmInstanceGuid)) {
Tcg2DeviceDetection.TpmDeviceDetected = mTpmInstanceId[Index].TpmDevice;
break;
}
}
PrivateData->TpmDeviceDetected = Tcg2DeviceDetection.TpmDeviceDetected;
//
// Save to variable so platform driver can get it.
//
Status = gRT->SetVariable (
TCG2_DEVICE_DETECTION_NAME,
&gTcg2ConfigFormSetGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
sizeof(Tcg2DeviceDetection),
&Tcg2DeviceDetection
);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "Tcg2ConfigDriver: Fail to set TCG2_DEVICE_DETECTION_NAME\n"));
Status = gRT->SetVariable (
TCG2_DEVICE_DETECTION_NAME,
&gTcg2ConfigFormSetGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,
0,
NULL
);
ASSERT_EFI_ERROR (Status);
}
//
// We should lock Tcg2DeviceDetection, because it contains information needed at S3.
//
Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);
if (!EFI_ERROR (Status)) {
Status = VariableLockProtocol->RequestToLock (
VariableLockProtocol,
TCG2_DEVICE_DETECTION_NAME,
&gTcg2ConfigFormSetGuid
);
ASSERT_EFI_ERROR (Status);
}
//
// Install Tcg2 configuration form
//
Status = InstallTcg2ConfigForm (PrivateData);
if (EFI_ERROR (Status)) {
goto ErrorExit;
}
return EFI_SUCCESS;
ErrorExit:
if (PrivateData != NULL) {
UninstallTcg2ConfigForm (PrivateData);
}
return Status;
}
/**
Unload the Tcg2 configuration form.
@param[in] ImageHandle The driver's image handle.
@retval EFI_SUCCESS The Tcg2 configuration form is unloaded.
@retval Others Failed to unload the form.
**/
EFI_STATUS
EFIAPI
Tcg2ConfigDriverUnload (
IN EFI_HANDLE ImageHandle
)
{
EFI_STATUS Status;
TCG2_CONFIG_PRIVATE_DATA *PrivateData;
Status = gBS->HandleProtocol (
ImageHandle,
&gEfiCallerIdGuid,
(VOID **) &PrivateData
);
if (EFI_ERROR (Status)) {
return Status;
}
ASSERT (PrivateData->Signature == TCG2_CONFIG_PRIVATE_DATA_SIGNATURE);
gBS->UninstallMultipleProtocolInterfaces (
&ImageHandle,
&gEfiCallerIdGuid,
PrivateData,
NULL
);
UninstallTcg2ConfigForm (PrivateData);
return EFI_SUCCESS;
}

87
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf Normal file
View File

@ -0,0 +1,87 @@
## @file
# TPM device configuration for TPM 2.0
#
# By this module, user may select TPM device, clear TPM state, etc.
# NOTE: This module is only for reference only, each platform should have its own setup page.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2ConfigDxe
MODULE_UNI_FILE = Tcg2ConfigDxe.uni
FILE_GUID = 4D9CBEF0-15A0-4D0C-83DB-5213E710C23F
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
ENTRY_POINT = Tcg2ConfigDriverEntryPoint
UNLOAD_IMAGE = Tcg2ConfigDriverUnload
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
Tcg2ConfigDriver.c
Tcg2ConfigImpl.c
Tcg2ConfigImpl.h
Tcg2Config.vfr
Tcg2ConfigStrings.uni
Tcg2ConfigNvData.h
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
UefiLib
UefiBootServicesTableLib
UefiRuntimeServicesTableLib
UefiDriverEntryPoint
UefiHiiServicesLib
DebugLib
HiiLib
PcdLib
PrintLib
Tpm2DeviceLib
Tpm2CommandLib
Tcg2PhysicalPresenceLib
[Guids]
## PRODUCES ## HII
## SOMETIMES_PRODUCES ## Variable:L"TCG2_CONFIGURATION"
## SOMETIMES_CONSUMES ## Variable:L"TCG2_CONFIGURATION"
## PRODUCES ## Variable:L"TCG2_DEVICE_DETECTION"
## SOMETIMES_CONSUMES ## Variable:L"TCG2_DEVICE_DETECTION"
gTcg2ConfigFormSetGuid
[Protocols]
gEfiHiiConfigAccessProtocolGuid ## PRODUCES
gEfiDevicePathProtocolGuid ## PRODUCES
gEdkiiVariableLockProtocolGuid ## CONSUMES
gEfiTcg2ProtocolGuid ## CONSUMES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES
[Depex]
gEfiTcg2ProtocolGuid AND
gEfiHiiConfigRoutingProtocolGuid AND
gEfiHiiDatabaseProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2ConfigDxeExtra.uni

BIN
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxeExtra.uni Normal file
View File

Binary file not shown.

610
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c Normal file
View File

@ -0,0 +1,610 @@
/** @file
HII Config Access protocol implementation of TCG2 configuration module.
NOTE: This module is only for reference only, each platform should have its own setup page.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Tcg2ConfigImpl.h"
#include <Library/PcdLib.h>
#include <Library/Tpm2CommandLib.h>
#include <Guid/TpmInstance.h>
#define EFI_TCG2_EVENT_LOG_FORMAT_ALL (EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)
TPM_INSTANCE_ID mTpmInstanceId[TPM_DEVICE_MAX + 1] = TPM_INSTANCE_ID_LIST;
TCG2_CONFIG_PRIVATE_DATA *mTcg2ConfigPrivateDate;
TCG2_CONFIG_PRIVATE_DATA mTcg2ConfigPrivateDateTemplate = {
TCG2_CONFIG_PRIVATE_DATA_SIGNATURE,
{
Tcg2ExtractConfig,
Tcg2RouteConfig,
Tcg2Callback
}
};
HII_VENDOR_DEVICE_PATH mTcg2HiiVendorDevicePath = {
{
{
HARDWARE_DEVICE_PATH,
HW_VENDOR_DP,
{
(UINT8) (sizeof (VENDOR_DEVICE_PATH)),
(UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
}
},
TCG2_CONFIG_FORM_SET_GUID
},
{
END_DEVICE_PATH_TYPE,
END_ENTIRE_DEVICE_PATH_SUBTYPE,
{
(UINT8) (END_DEVICE_PATH_LENGTH),
(UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
}
}
};
UINT8 mCurrentPpRequest;
/**
This function allows a caller to extract the current configuration for one
or more named elements from the target driver.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Request A null-terminated Unicode string in
<ConfigRequest> format.
@param[out] Progress On return, points to a character in the Request
string. Points to the string's null terminator if
request was successful. Points to the most recent
'&' before the first failing name/value pair (or
the beginning of the string if the failure is in
the first name/value pair) if the request was not
successful.
@param[out] Results A null-terminated Unicode string in
<ConfigAltResp> format which has all values filled
in for the names in the Request string. String to
be allocated by the called function.
@retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
@retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.
**/
EFI_STATUS
EFIAPI
Tcg2ExtractConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Request,
OUT EFI_STRING *Progress,
OUT EFI_STRING *Results
)
{
if (Progress == NULL || Results == NULL) {
return EFI_INVALID_PARAMETER;
}
*Progress = Request;
return EFI_NOT_FOUND;
}
/**
Save TPM request to variable space.
@param[in] PpRequest Physical Presence request command.
@retval EFI_SUCCESS The operation is finished successfully.
@retval Others Other errors as indicated.
**/
EFI_STATUS
SaveTcg2PpRequest (
IN UINT8 PpRequest
)
{
UINT32 ReturnCode;
EFI_STATUS Status;
ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (PpRequest, 0);
if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
mCurrentPpRequest = PpRequest;
Status = EFI_SUCCESS;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
Status = EFI_OUT_OF_RESOURCES;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
Status = EFI_UNSUPPORTED;
} else {
Status = EFI_DEVICE_ERROR;
}
return Status;
}
/**
Save TPM request to variable space.
@param[in] PpRequestParameter Physical Presence request parameter.
@retval EFI_SUCCESS The operation is finished successfully.
@retval Others Other errors as indicated.
**/
EFI_STATUS
SaveTcg2PpRequestParameter (
IN UINT32 PpRequestParameter
)
{
UINT32 ReturnCode;
EFI_STATUS Status;
ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (mCurrentPpRequest, PpRequestParameter);
if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
Status = EFI_SUCCESS;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
Status = EFI_OUT_OF_RESOURCES;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
Status = EFI_UNSUPPORTED;
} else {
Status = EFI_DEVICE_ERROR;
}
return Status;
}
/**
Save Tcg2 PCR Banks request request to variable space.
@param[in] PCRBankIndex PCR Bank Index.
@param[in] Enable Enable or disable this PCR Bank.
@retval EFI_SUCCESS The operation is finished successfully.
@retval Others Other errors as indicated.
**/
EFI_STATUS
SaveTcg2PCRBanksRequest (
IN UINTN PCRBankIndex,
IN BOOLEAN Enable
)
{
UINT32 ReturnCode;
EFI_STATUS Status;
if (Enable) {
mTcg2ConfigPrivateDate->PCRBanksDesired |= (0x1 << PCRBankIndex);
} else {
mTcg2ConfigPrivateDate->PCRBanksDesired &= ~(0x1 << PCRBankIndex);
}
ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, mTcg2ConfigPrivateDate->PCRBanksDesired);
if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
Status = EFI_SUCCESS;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
Status = EFI_OUT_OF_RESOURCES;
} else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
Status = EFI_UNSUPPORTED;
} else {
Status = EFI_DEVICE_ERROR;
}
return Status;
}
/**
This function processes the results of changes in configuration.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Configuration A null-terminated Unicode string in <ConfigResp>
format.
@param[out] Progress A pointer to a string filled in with the offset of
the most recent '&' before the first failing
name/value pair (or the beginning of the string if
the failure is in the first name/value pair) or
the terminating NULL if all was successful.
@retval EFI_SUCCESS The Results is processed successfully.
@retval EFI_INVALID_PARAMETER Configuration is NULL.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.
**/
EFI_STATUS
EFIAPI
Tcg2RouteConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Configuration,
OUT EFI_STRING *Progress
)
{
if (Configuration == NULL || Progress == NULL) {
return EFI_INVALID_PARAMETER;
}
return EFI_NOT_FOUND;
}
/**
This function processes the results of changes in configuration.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Action Specifies the type of action taken by the browser.
@param[in] QuestionId A unique value which is sent to the original
exporting driver so that it can identify the type
of data to expect.
@param[in] Type The type of value for the question.
@param[in] Value A pointer to the data being sent to the original
exporting driver.
@param[out] ActionRequest On return, points to the action requested by the
callback function.
@retval EFI_SUCCESS The callback successfully handled the action.
@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
variable and its data.
@retval EFI_DEVICE_ERROR The variable could not be saved.
@retval EFI_UNSUPPORTED The specified Action is not supported by the
callback.
**/
EFI_STATUS
EFIAPI
Tcg2Callback (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN EFI_BROWSER_ACTION Action,
IN EFI_QUESTION_ID QuestionId,
IN UINT8 Type,
IN EFI_IFR_TYPE_VALUE *Value,
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
)
{
if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
return EFI_INVALID_PARAMETER;
}
if (Action == EFI_BROWSER_ACTION_CHANGED) {
if (QuestionId == KEY_TPM_DEVICE) {
return EFI_SUCCESS;
}
if (QuestionId == KEY_TPM2_OPERATION) {
return SaveTcg2PpRequest (Value->u8);
}
if (QuestionId == KEY_TPM2_OPERATION_PARAMETER) {
return SaveTcg2PpRequestParameter (Value->u32);
}
if ((QuestionId >= KEY_TPM2_PCR_BANKS_REQUEST_0) && (QuestionId <= KEY_TPM2_PCR_BANKS_REQUEST_4)) {
SaveTcg2PCRBanksRequest (QuestionId - KEY_TPM2_PCR_BANKS_REQUEST_0, Value->b);
}
}
return EFI_UNSUPPORTED;
}
/**
Append Buffer With TpmAlgHash.
@param[in] Buffer Buffer to be appended.
@param[in] BufferSize Size of buffer.
@param[in] TpmAlgHash TpmAlgHash.
**/
VOID
AppendBufferWithTpmAlgHash (
IN UINT16 *Buffer,
IN UINTN BufferSize,
IN UINT32 TpmAlgHash
)
{
switch (TpmAlgHash) {
case TPM_ALG_SHA1:
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA1", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
break;
case TPM_ALG_SHA256:
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
break;
case TPM_ALG_SHA384:
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA384", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
break;
case TPM_ALG_SHA512:
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA512", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
break;
case TPM_ALG_SM3_256:
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SM3_256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
break;
}
}
/**
Fill Buffer With BootHashAlg.
@param[in] Buffer Buffer to be filled.
@param[in] BufferSize Size of buffer.
@param[in] BootHashAlg BootHashAlg.
**/
VOID
FillBufferWithBootHashAlg (
IN UINT16 *Buffer,
IN UINTN BufferSize,
IN UINT32 BootHashAlg
)
{
Buffer[0] = 0;
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA1", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA384", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SHA512", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"SM3_256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
}
/**
Fill Buffer With TCG2EventLogFormat.
@param[in] Buffer Buffer to be filled.
@param[in] BufferSize Size of buffer.
@param[in] TCG2EventLogFormat TCG2EventLogFormat.
**/
VOID
FillBufferWithTCG2EventLogFormat (
IN UINT16 *Buffer,
IN UINTN BufferSize,
IN UINT32 TCG2EventLogFormat
)
{
Buffer[0] = 0;
if ((TCG2EventLogFormat & EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"TCG_1_2", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((TCG2EventLogFormat & EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"TCG_2", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
if ((TCG2EventLogFormat & (~EFI_TCG2_EVENT_LOG_FORMAT_ALL)) != 0) {
if (Buffer[0] != 0) {
StrnCat (Buffer, L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
StrnCat (Buffer, L"UNKNOWN", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
}
/**
Check if buffer is all zero.
@param[in] Buffer Buffer to be checked.
@param[in] BufferSize Size of buffer to be checked.
@retval TRUE Buffer is all zero.
@retval FALSE Buffer is not all zero.
**/
BOOLEAN
IsZeroBuffer (
IN VOID *Buffer,
IN UINTN BufferSize
)
{
UINT8 *BufferData;
UINTN Index;
BufferData = Buffer;
for (Index = 0; Index < BufferSize; Index++) {
if (BufferData[Index] != 0) {
return FALSE;
}
}
return TRUE;
}
/**
This function publish the TCG2 configuration Form for TPM device.
@param[in, out] PrivateData Points to TCG2 configuration private data.
@retval EFI_SUCCESS HII Form is installed for this network device.
@retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.
@retval Others Other errors as indicated.
**/
EFI_STATUS
InstallTcg2ConfigForm (
IN OUT TCG2_CONFIG_PRIVATE_DATA *PrivateData
)
{
EFI_STATUS Status;
EFI_HII_HANDLE HiiHandle;
EFI_HANDLE DriverHandle;
EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess;
UINTN Index;
TPML_PCR_SELECTION Pcrs;
CHAR16 TempBuffer[1024];
DriverHandle = NULL;
ConfigAccess = &PrivateData->ConfigAccess;
Status = gBS->InstallMultipleProtocolInterfaces (
&DriverHandle,
&gEfiDevicePathProtocolGuid,
&mTcg2HiiVendorDevicePath,
&gEfiHiiConfigAccessProtocolGuid,
ConfigAccess,
NULL
);
if (EFI_ERROR (Status)) {
return Status;
}
PrivateData->DriverHandle = DriverHandle;
//
// Publish the HII package list
//
HiiHandle = HiiAddPackages (
&gTcg2ConfigFormSetGuid,
DriverHandle,
Tcg2ConfigDxeStrings,
Tcg2ConfigBin,
NULL
);
if (HiiHandle == NULL) {
gBS->UninstallMultipleProtocolInterfaces (
DriverHandle,
&gEfiDevicePathProtocolGuid,
&mTcg2HiiVendorDevicePath,
&gEfiHiiConfigAccessProtocolGuid,
ConfigAccess,
NULL
);
return EFI_OUT_OF_RESOURCES;
}
PrivateData->HiiHandle = HiiHandle;
//
// Update static data
//
switch (PrivateData->TpmDeviceDetected) {
case TPM_DEVICE_NULL:
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_STATE_CONTENT), L"Not Found", NULL);
break;
case TPM_DEVICE_1_2:
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_STATE_CONTENT), L"TPM 1.2", NULL);
break;
case TPM_DEVICE_2_0_DTPM:
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_STATE_CONTENT), L"TPM 2.0 (DTPM)", NULL);
break;
default:
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_DEVICE_STATE_CONTENT), L"Unknown", NULL);
break;
}
Status = Tpm2GetCapabilityPcrs (&Pcrs);
if (EFI_ERROR (Status)) {
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM2_ACTIVE_HASH_ALGO_CONTENT), L"[Unknown]", NULL);
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT), L"[Unknown]", NULL);
} else {
TempBuffer[0] = 0;
for (Index = 0; Index < Pcrs.count; Index++) {
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
AppendBufferWithTpmAlgHash (TempBuffer, sizeof(TempBuffer), Pcrs.pcrSelections[Index].hash);
}
}
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM2_ACTIVE_HASH_ALGO_CONTENT), TempBuffer, NULL);
TempBuffer[0] = 0;
for (Index = 0; Index < Pcrs.count; Index++) {
AppendBufferWithTpmAlgHash (TempBuffer, sizeof(TempBuffer), Pcrs.pcrSelections[Index].hash);
}
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT), TempBuffer, NULL);
}
FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), PcdGet32 (PcdTcg2HashAlgorithmBitmap));
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_BIOS_HASH_ALGO_CONTENT), TempBuffer, NULL);
//
// Tcg2 Capability
//
FillBufferWithTCG2EventLogFormat (TempBuffer, sizeof(TempBuffer), PrivateData->ProtocolCapability.SupportedEventLogs);
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT_CONTENT), TempBuffer, NULL);
FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), PrivateData->ProtocolCapability.HashAlgorithmBitmap);
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_HASH_ALGO_BITMAP_CONTENT), TempBuffer, NULL);
UnicodeSPrint (TempBuffer, sizeof (TempBuffer), L"%d", PrivateData->ProtocolCapability.NumberOfPCRBanks);
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_NUMBER_OF_PCR_BANKS_CONTENT), TempBuffer, NULL);
FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), PrivateData->ProtocolCapability.ActivePcrBanks);
HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TCG2_ACTIVE_PCR_BANKS_CONTENT), TempBuffer, NULL);
return EFI_SUCCESS;
}
/**
This function removes TCG2 configuration Form.
@param[in, out] PrivateData Points to TCG2 configuration private data.
**/
VOID
UninstallTcg2ConfigForm (
IN OUT TCG2_CONFIG_PRIVATE_DATA *PrivateData
)
{
//
// Uninstall HII package list
//
if (PrivateData->HiiHandle != NULL) {
HiiRemovePackages (PrivateData->HiiHandle);
PrivateData->HiiHandle = NULL;
}
//
// Uninstall HII Config Access Protocol
//
if (PrivateData->DriverHandle != NULL) {
gBS->UninstallMultipleProtocolInterfaces (
PrivateData->DriverHandle,
&gEfiDevicePathProtocolGuid,
&mTcg2HiiVendorDevicePath,
&gEfiHiiConfigAccessProtocolGuid,
&PrivateData->ConfigAccess,
NULL
);
PrivateData->DriverHandle = NULL;
}
FreePool (PrivateData);
}

197
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h Normal file
View File

@ -0,0 +1,197 @@
/** @file
The header file of HII Config Access protocol implementation of TCG2
configuration module.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __TCG2_CONFIG_IMPL_H__
#define __TCG2_CONFIG_IMPL_H__
#include <Uefi.h>
#include <Protocol/HiiConfigAccess.h>
#include <Protocol/HiiConfigRouting.h>
#include <Protocol/Tcg2Protocol.h>
#include <Protocol/VariableLock.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiHiiServicesLib.h>
#include <Library/UefiLib.h>
#include <Library/HiiLib.h>
#include <Library/DevicePathLib.h>
#include <Library/PcdLib.h>
#include <Library/PrintLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
#include <Guid/MdeModuleHii.h>
#include "Tcg2ConfigNvData.h"
//
// Tool generated IFR binary data and String package data
//
extern UINT8 Tcg2ConfigBin[];
extern UINT8 Tcg2ConfigDxeStrings[];
///
/// HII specific Vendor Device Path definition.
///
typedef struct {
VENDOR_DEVICE_PATH VendorDevicePath;
EFI_DEVICE_PATH_PROTOCOL End;
} HII_VENDOR_DEVICE_PATH;
typedef struct {
UINTN Signature;
EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
EFI_HII_HANDLE HiiHandle;
EFI_HANDLE DriverHandle;
UINT8 TpmDeviceDetected;
EFI_TCG2_PROTOCOL *Tcg2Protocol;
EFI_TCG2_BOOT_SERVICE_CAPABILITY ProtocolCapability;
UINT32 PCRBanksDesired;
} TCG2_CONFIG_PRIVATE_DATA;
extern TCG2_CONFIG_PRIVATE_DATA mTcg2ConfigPrivateDateTemplate;
extern TCG2_CONFIG_PRIVATE_DATA *mTcg2ConfigPrivateDate;
#define TCG2_CONFIG_PRIVATE_DATA_SIGNATURE SIGNATURE_32 ('T', 'r', 'E', 'D')
#define TCG2_CONFIG_PRIVATE_DATA_FROM_THIS(a) CR (a, TCG2_CONFIG_PRIVATE_DATA, ConfigAccess, TCG2_CONFIG_PRIVATE_DATA_SIGNATURE)
/**
This function publish the TCG2 configuration Form for TPM device.
@param[in, out] PrivateData Points to TCG2 configuration private data.
@retval EFI_SUCCESS HII Form is installed for this network device.
@retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.
@retval Others Other errors as indicated.
**/
EFI_STATUS
InstallTcg2ConfigForm (
IN OUT TCG2_CONFIG_PRIVATE_DATA *PrivateData
);
/**
This function removes TCG2 configuration Form.
@param[in, out] PrivateData Points to TCG2 configuration private data.
**/
VOID
UninstallTcg2ConfigForm (
IN OUT TCG2_CONFIG_PRIVATE_DATA *PrivateData
);
/**
This function allows a caller to extract the current configuration for one
or more named elements from the target driver.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Request A null-terminated Unicode string in
<ConfigRequest> format.
@param[out] Progress On return, points to a character in the Request
string. Points to the string's null terminator if
request was successful. Points to the most recent
'&' before the first failing name/value pair (or
the beginning of the string if the failure is in
the first name/value pair) if the request was not
successful.
@param[out] Results A null-terminated Unicode string in
<ConfigAltResp> format which has all values filled
in for the names in the Request string. String to
be allocated by the called function.
@retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
@retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.
**/
EFI_STATUS
EFIAPI
Tcg2ExtractConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Request,
OUT EFI_STRING *Progress,
OUT EFI_STRING *Results
);
/**
This function processes the results of changes in configuration.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Configuration A null-terminated Unicode string in <ConfigResp>
format.
@param[out] Progress A pointer to a string filled in with the offset of
the most recent '&' before the first failing
name/value pair (or the beginning of the string if
the failure is in the first name/value pair) or
the terminating NULL if all was successful.
@retval EFI_SUCCESS The Results is processed successfully.
@retval EFI_INVALID_PARAMETER Configuration is NULL.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.
**/
EFI_STATUS
EFIAPI
Tcg2RouteConfig (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN CONST EFI_STRING Configuration,
OUT EFI_STRING *Progress
);
/**
This function processes the results of changes in configuration.
@param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
@param[in] Action Specifies the type of action taken by the browser.
@param[in] QuestionId A unique value which is sent to the original
exporting driver so that it can identify the type
of data to expect.
@param[in] Type The type of value for the question.
@param[in] Value A pointer to the data being sent to the original
exporting driver.
@param[out] ActionRequest On return, points to the action requested by the
callback function.
@retval EFI_SUCCESS The callback successfully handled the action.
@retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
variable and its data.
@retval EFI_DEVICE_ERROR The variable could not be saved.
@retval EFI_UNSUPPORTED The specified Action is not supported by the
callback.
**/
EFI_STATUS
EFIAPI
Tcg2Callback (
IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
IN EFI_BROWSER_ACTION Action,
IN EFI_QUESTION_ID QuestionId,
IN UINT8 Type,
IN EFI_IFR_TYPE_VALUE *Value,
OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
);
#endif

94
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h Normal file
View File

@ -0,0 +1,94 @@
/** @file
Header file for NV data structure definition.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __TCG2_CONFIG_NV_DATA_H__
#define __TCG2_CONFIG_NV_DATA_H__
#include <Guid/HiiPlatformSetupFormset.h>
#include <Guid/Tcg2ConfigHii.h>
#include <IndustryStandard/TcgPhysicalPresence.h>
//
// BUGBUG: In order to pass VfrCompiler, we have to redefine below MACRO, which already in <Protocol/Tcg2Protocol.h>.
//
#ifndef __TCG2_H__
#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x00000001
#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002
#endif
#define EFI_TCG2_EVENT_LOG_FORMAT_ALL (EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2)
#define TCG2_CONFIGURATION_VARSTORE_ID 0x0001
#define TCG2_CONFIGURATION_FORM_ID 0x0001
#define KEY_TPM_DEVICE 0x2000
#define KEY_TPM2_OPERATION 0x2001
#define KEY_TPM2_OPERATION_PARAMETER 0x2002
#define KEY_TPM2_PCR_BANKS_REQUEST_0 0x2003
#define KEY_TPM2_PCR_BANKS_REQUEST_1 0x2004
#define KEY_TPM2_PCR_BANKS_REQUEST_2 0x2005
#define KEY_TPM2_PCR_BANKS_REQUEST_3 0x2006
#define KEY_TPM2_PCR_BANKS_REQUEST_4 0x2007
#define TPM_DEVICE_NULL 0
#define TPM_DEVICE_1_2 1
#define TPM_DEVICE_2_0_DTPM 2
#define TPM_DEVICE_MIN TPM_DEVICE_1_2
#define TPM_DEVICE_MAX TPM_DEVICE_2_0_DTPM
#define TPM_DEVICE_DEFAULT TPM_DEVICE_1_2
#define TCG2_PROTOCOL_VERSION_DEFAULT 0x0001
#define EFI_TCG2_EVENT_LOG_FORMAT_DEFAULT EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2
//
// Nv Data structure referenced by IFR, TPM device user desired
//
typedef struct {
UINT8 TpmDevice;
} TCG2_CONFIGURATION;
//
// Variable saved for S3, TPM detected, only valid in S3 path.
// This variable is ReadOnly.
//
typedef struct {
UINT8 TpmDeviceDetected;
} TCG2_DEVICE_DETECTION;
#define TCG2_STORAGE_NAME L"TCG2_CONFIGURATION"
#define TCG2_DEVICE_DETECTION_NAME L"TCG2_DEVICE_DETECTION"
#define TPM_INSTANCE_ID_LIST { \
{TPM_DEVICE_INTERFACE_NONE, TPM_DEVICE_NULL}, \
{TPM_DEVICE_INTERFACE_TPM12, TPM_DEVICE_1_2}, \
{TPM_DEVICE_INTERFACE_TPM20_DTPM, TPM_DEVICE_2_0_DTPM}, \
}
//
// BUGBUG: In order to pass VfrCompiler, we have to redefine GUID here.
//
#ifndef __BASE_H__
typedef struct {
UINT32 Data1;
UINT16 Data2;
UINT16 Data3;
UINT8 Data4[8];
} GUID;
#endif
typedef struct {
GUID TpmInstanceGuid;
UINT8 TpmDevice;
} TPM_INSTANCE_ID;
#endif

78
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf Normal file
View File

@ -0,0 +1,78 @@
## @file
# Set TPM device type
#
# This module initializes TPM device type based on variable and detection.
# NOTE: This module is only for reference only, each platform should have its own setup page.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2ConfigPei
MODULE_UNI_FILE = Tcg2ConfigPei.uni
FILE_GUID = EADD5061-93EF-4CCC-8450-F78A7F0820F0
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
ENTRY_POINT = Tcg2ConfigPeimEntryPoint
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
# [BootMode]
# S3_RESUME ## SOMETIMES_CONSUMES
#
[Sources]
Tcg2ConfigPeim.c
Tcg2ConfigNvData.h
TpmDetection.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
MemoryAllocationLib
PeiServicesLib
PeimEntryPoint
DebugLib
PcdLib
TimerLib
IoLib
Tpm12CommandLib
Tpm12DeviceLib
[Guids]
## SOMETIMES_CONSUMES ## Variable:L"TCG2_CONFIGURATION"
## SOMETIMES_CONSUMES ## Variable:L"TCG2_DEVICE_DETECTION"
gTcg2ConfigFormSetGuid
gEfiTpmDeviceSelectedGuid ## PRODUCES ## GUID # Used as a PPI GUID
gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_CONSUMES ## GUID # TPM device identifier
[Ppis]
gEfiPeiReadOnlyVariable2PpiGuid ## CONSUMES
gPeiTpmInitializationDonePpiGuid ## SOMETIMES_PRODUCES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy ## PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_CONSUMES
[Depex]
gEfiPeiMasterBootModePpiGuid AND
gEfiPeiReadOnlyVariable2PpiGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2ConfigPeiExtra.uni

BIN
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeiExtra.uni Normal file
View File

Binary file not shown.

158
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c Normal file
View File

@ -0,0 +1,158 @@
/** @file
The module entry point for Tcg2 configuration module.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiPei.h>
#include <Guid/TpmInstance.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/PcdLib.h>
#include <Ppi/ReadOnlyVariable2.h>
#include <Ppi/TpmInitialized.h>
#include <Protocol/Tcg2Protocol.h>
#include "Tcg2ConfigNvData.h"
TPM_INSTANCE_ID mTpmInstanceId[] = TPM_INSTANCE_ID_LIST;
CONST EFI_PEI_PPI_DESCRIPTOR gTpmSelectedPpi = {
(EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
&gEfiTpmDeviceSelectedGuid,
NULL
};
EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gPeiTpmInitializationDonePpiGuid,
NULL
};
/**
This routine check both SetupVariable and real TPM device, and return final TpmDevice configuration.
@param SetupTpmDevice TpmDevice configuration in setup driver
@return TpmDevice configuration
**/
UINT8
DetectTpmDevice (
IN UINT8 SetupTpmDevice
);
/**
The entry point for Tcg2 configuration driver.
@param FileHandle Handle of the file being invoked.
@param PeiServices Describes the list of possible PEI Services.
@retval EFI_SUCCES Convert variable to PCD successfully.
@retval Others Fail to convert variable to PCD.
**/
EFI_STATUS
EFIAPI
Tcg2ConfigPeimEntryPoint (
IN EFI_PEI_FILE_HANDLE FileHandle,
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
UINTN Size;
EFI_STATUS Status;
EFI_STATUS Status2;
EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
TCG2_CONFIGURATION Tcg2Configuration;
UINTN Index;
UINT8 TpmDevice;
Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
ASSERT_EFI_ERROR (Status);
Size = sizeof(Tcg2Configuration);
Status = VariablePpi->GetVariable (
VariablePpi,
TCG2_STORAGE_NAME,
&gTcg2ConfigFormSetGuid,
NULL,
&Size,
&Tcg2Configuration
);
if (EFI_ERROR (Status)) {
//
// Variable not ready, set default value
//
Tcg2Configuration.TpmDevice = TPM_DEVICE_DEFAULT;
}
//
// Validation
//
if ((Tcg2Configuration.TpmDevice > TPM_DEVICE_MAX) || (Tcg2Configuration.TpmDevice < TPM_DEVICE_MIN)) {
Tcg2Configuration.TpmDevice = TPM_DEVICE_DEFAULT;
}
//
// Although we have SetupVariable info, we still need detect TPM device manually.
//
DEBUG ((EFI_D_INFO, "Tcg2Configuration.TpmDevice from Setup: %x\n", Tcg2Configuration.TpmDevice));
if (PcdGetBool (PcdTpmAutoDetection)) {
TpmDevice = DetectTpmDevice (Tcg2Configuration.TpmDevice);
DEBUG ((EFI_D_INFO, "TpmDevice final: %x\n", TpmDevice));
if (TpmDevice != TPM_DEVICE_NULL) {
Tcg2Configuration.TpmDevice = TpmDevice;
}
} else {
TpmDevice = Tcg2Configuration.TpmDevice;
}
//
// Convert variable to PCD.
// This is work-around because there is no gurantee DynamicHiiPcd can return correct value in DXE phase.
// Using DynamicPcd instead.
//
// NOTE: Tcg2Configuration variable contains the desired TpmDevice type,
// while PcdTpmInstanceGuid PCD contains the real detected TpmDevice type
//
for (Index = 0; Index < sizeof(mTpmInstanceId)/sizeof(mTpmInstanceId[0]); Index++) {
if (TpmDevice == mTpmInstanceId[Index].TpmDevice) {
Size = sizeof(mTpmInstanceId[Index].TpmInstanceGuid);
PcdSetPtr (PcdTpmInstanceGuid, &Size, &mTpmInstanceId[Index].TpmInstanceGuid);
DEBUG ((EFI_D_INFO, "TpmDevice PCD: %g\n", &mTpmInstanceId[Index].TpmInstanceGuid));
break;
}
}
//
// Selection done
//
Status = PeiServicesInstallPpi (&gTpmSelectedPpi);
ASSERT_EFI_ERROR (Status);
//
// Even if no TPM is selected or detected, we still need intall TpmInitializationDonePpi.
// Because TcgPei or Tcg2Pei will not run, but we still need a way to notify other driver.
// Other driver can know TPM initialization state by TpmInitializedPpi.
//
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid)) {
Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
ASSERT_EFI_ERROR (Status2);
}
return Status;
}

BIN
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigStrings.uni Normal file
View File

Binary file not shown.

129
SecurityPkg/Tcg/Tcg2Config/TpmDetection.c Normal file
View File

@ -0,0 +1,129 @@
/** @file
TPM1.2/dTPM2.0 auto detection.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiPei.h>
#include <Ppi/ReadOnlyVariable2.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/IoLib.h>
#include <Library/DebugLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/PcdLib.h>
#include <Library/Tpm12DeviceLib.h>
#include <Library/Tpm12CommandLib.h>
#include <IndustryStandard/Tpm12.h>
#include "Tcg2ConfigNvData.h"
/**
This routine return if dTPM (1.2 or 2.0) present.
@retval TRUE dTPM present
@retval FALSE dTPM not present
**/
BOOLEAN
IsDtpmPresent (
VOID
)
{
UINT8 RegRead;
RegRead = MmioRead8 ((UINTN)PcdGet64 (PcdTpmBaseAddress));
if (RegRead == 0xFF) {
DEBUG ((EFI_D_ERROR, "DetectTpmDevice: Dtpm not present\n"));
return FALSE;
} else {
DEBUG ((EFI_D_INFO, "DetectTpmDevice: Dtpm present\n"));
return TRUE;
}
}
/**
This routine check both SetupVariable and real TPM device, and return final TpmDevice configuration.
@param SetupTpmDevice TpmDevice configuration in setup driver
@return TpmDevice configuration
**/
UINT8
DetectTpmDevice (
IN UINT8 SetupTpmDevice
)
{
EFI_STATUS Status;
EFI_BOOT_MODE BootMode;
TCG2_DEVICE_DETECTION Tcg2DeviceDetection;
EFI_PEI_READ_ONLY_VARIABLE2_PPI *VariablePpi;
UINTN Size;
Status = PeiServicesGetBootMode (&BootMode);
ASSERT_EFI_ERROR (Status);
//
// In S3, we rely on normal boot Detection, because we save to ReadOnly Variable in normal boot.
//
if (BootMode == BOOT_ON_S3_RESUME) {
DEBUG ((EFI_D_INFO, "DetectTpmDevice: S3 mode\n"));
Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
ASSERT_EFI_ERROR (Status);
Size = sizeof(TCG2_DEVICE_DETECTION);
ZeroMem (&Tcg2DeviceDetection, sizeof(Tcg2DeviceDetection));
Status = VariablePpi->GetVariable (
VariablePpi,
TCG2_DEVICE_DETECTION_NAME,
&gTcg2ConfigFormSetGuid,
NULL,
&Size,
&Tcg2DeviceDetection
);
if (!EFI_ERROR (Status) &&
(Tcg2DeviceDetection.TpmDeviceDetected >= TPM_DEVICE_MIN) &&
(Tcg2DeviceDetection.TpmDeviceDetected <= TPM_DEVICE_MAX)) {
DEBUG ((EFI_D_ERROR, "TpmDevice from DeviceDetection: %x\n", Tcg2DeviceDetection.TpmDeviceDetected));
return Tcg2DeviceDetection.TpmDeviceDetected;
}
}
DEBUG ((EFI_D_INFO, "DetectTpmDevice:\n"));
if (!IsDtpmPresent ()) {
// dTPM not available
return TPM_DEVICE_NULL;
}
// dTPM available and not disabled by setup
// We need check if it is TPM1.2 or TPM2.0
// So try TPM1.2 command at first
Status = Tpm12RequestUseTpm ();
if (EFI_ERROR (Status)) {
return TPM_DEVICE_2_0_DTPM;
}
if (BootMode == BOOT_ON_S3_RESUME) {
Status = Tpm12Startup (TPM_ST_STATE);
} else {
Status = Tpm12Startup (TPM_ST_CLEAR);
}
if (EFI_ERROR (Status)) {
return TPM_DEVICE_2_0_DTPM;
}
// NO initialization needed again.
PcdSet8 (PcdTpmInitializationPolicy, 0);
return TPM_DEVICE_1_2;
}

357
SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c Normal file
View File

@ -0,0 +1,357 @@
/** @file
This module implements measuring PeCoff image for Tcg2 Protocol.
Caution: This file requires additional review when modified.
This driver will have external input - PE/COFF image.
This external input must be validated carefully to avoid security issue like
buffer overflow, integer overflow.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiDxe.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/DevicePathLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/PeCoffLib.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/HashLib.h>
/**
Measure PE image into TPM log based on the authenticode image hashing in
PE/COFF Specification 8.0 Appendix A.
Caution: This function may receive untrusted input.
PE/COFF image is external input, so this function will validate its data structure
within this image buffer before use.
@param[in] PCRIndex TPM PCR index
@param[in] ImageAddress Start address of image buffer.
@param[in] ImageSize Image size
@param[out] DigestList Digeest list of this image.
@retval EFI_SUCCESS Successfully measure image.
@retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
@retval other error value
**/
EFI_STATUS
MeasurePeImageAndExtend (
IN UINT32 PCRIndex,
IN EFI_PHYSICAL_ADDRESS ImageAddress,
IN UINTN ImageSize,
OUT TPML_DIGEST_VALUES *DigestList
)
{
EFI_STATUS Status;
EFI_IMAGE_DOS_HEADER *DosHdr;
UINT32 PeCoffHeaderOffset;
EFI_IMAGE_SECTION_HEADER *Section;
UINT8 *HashBase;
UINTN HashSize;
UINTN SumOfBytesHashed;
EFI_IMAGE_SECTION_HEADER *SectionHeader;
UINTN Index;
UINTN Pos;
UINT16 Magic;
EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION Hdr;
UINT32 NumberOfRvaAndSizes;
UINT32 CertSize;
HASH_HANDLE HashHandle;
HashHandle = 0xFFFFFFFF; // Know bad value
Status = EFI_UNSUPPORTED;
SectionHeader = NULL;
//
// Check PE/COFF image
//
DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;
PeCoffHeaderOffset = 0;
if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {
PeCoffHeaderOffset = DosHdr->e_lfanew;
}
Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *) (UINTN) ImageAddress + PeCoffHeaderOffset);
if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {
Status = EFI_UNSUPPORTED;
goto Finish;
}
//
// PE/COFF Image Measurement
//
// NOTE: The following codes/steps are based upon the authenticode image hashing in
// PE/COFF Specification 8.0 Appendix A.
//
//
// 1. Load the image header into memory.
// 2. Initialize a SHA hash context.
Status = HashStart (&HashHandle);
if (EFI_ERROR (Status)) {
goto Finish;
}
//
// Measuring PE/COFF Image Header;
// But CheckSum field and SECURITY data directory (certificate) are excluded
//
if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
// in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
// Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
// then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
//
Magic = EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC;
} else {
//
// Get the magic value from the PE/COFF Optional Header
//
Magic = Hdr.Pe32->OptionalHeader.Magic;
}
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
HashBase = (UINT8 *) (UINTN) ImageAddress;
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;
HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.CheckSum) - HashBase);
} else {
//
// Use PE32+ offset
//
NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - HashBase);
}
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
//
// 5. Skip over the image checksum (it occupies a single ULONG).
//
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
//
// 6. Since there is no Cert Directory in optional header, hash everything
// from the end of the checksum to the end of image header.
//
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
} else {
//
// Use PE32+ offset.
//
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
}
if (HashSize != 0) {
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
}
} else {
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
//
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
} else {
//
// Use PE32+ offset
//
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN) ((UINT8 *)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase);
}
if (HashSize != 0) {
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
}
//
// 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.)
// 9. Hash everything from the end of the Cert Directory to the end of image header.
//
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
} else {
//
// Use PE32+ offset
//
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
}
if (HashSize != 0) {
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
}
}
//
// 10. Set the SUM_OF_BYTES_HASHED to the size of the header
//
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
SumOfBytesHashed = Hdr.Pe32->OptionalHeader.SizeOfHeaders;
} else {
//
// Use PE32+ offset
//
SumOfBytesHashed = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders;
}
//
// 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER
// structures in the image. The 'NumberOfSections' field of the image
// header indicates how big the table should be. Do not include any
// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
//
SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);
if (SectionHeader == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
}
//
// 12. Using the 'PointerToRawData' in the referenced section headers as
// a key, arrange the elements in the table in ascending order. In other
// words, sort the section headers according to the disk-file offset of
// the section.
//
Section = (EFI_IMAGE_SECTION_HEADER *) (
(UINT8 *) (UINTN) ImageAddress +
PeCoffHeaderOffset +
sizeof(UINT32) +
sizeof(EFI_IMAGE_FILE_HEADER) +
Hdr.Pe32->FileHeader.SizeOfOptionalHeader
);
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
Pos = Index;
while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));
Pos--;
}
CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));
Section += 1;
}
//
// 13. Walk through the sorted table, bring the corresponding section
// into memory, and hash the entire section (using the 'SizeOfRawData'
// field in the section header to determine the amount of data to hash).
// 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED .
// 15. Repeat steps 13 and 14 for all the sections in the sorted table.
//
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
Section = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];
if (Section->SizeOfRawData == 0) {
continue;
}
HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;
HashSize = (UINTN) Section->SizeOfRawData;
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
SumOfBytesHashed += HashSize;
}
//
// 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra
// data in the file that needs to be added to the hash. This data begins
// at file offset SUM_OF_BYTES_HASHED and its length is:
// FileSize - (CertDirectory->Size)
//
if (ImageSize > SumOfBytesHashed) {
HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
} else {
if (Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset.
//
CertSize = Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
} else {
//
// Use PE32+ offset.
//
CertSize = Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size;
}
}
if (ImageSize > CertSize + SumOfBytesHashed) {
HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
} else if (ImageSize < CertSize + SumOfBytesHashed) {
Status = EFI_UNSUPPORTED;
goto Finish;
}
}
//
// 17. Finalize the SHA hash.
//
Status = HashCompleteAndExtend (HashHandle, PCRIndex, NULL, 0, DigestList);
if (EFI_ERROR (Status)) {
goto Finish;
}
Finish:
if (SectionHeader != NULL) {
FreePool (SectionHeader);
}
return Status;
}

2563
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c Normal file
View File

File diff suppressed because it is too large Load Diff

112
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf Normal file
View File

@ -0,0 +1,112 @@
## @file
# Produces Tcg2 protocol and measure boot environment
# This module will produce Tcg2 protocol and measure boot environment.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - PE/COFF image.
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2Dxe
MODULE_UNI_FILE = Tcg2Dxe.uni
FILE_GUID = FDFF263D-5F68-4591-87BA-B768F445A9AF
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
ENTRY_POINT = DriverEntry
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF
#
[Sources]
Tcg2Dxe.c
MeasureBootPeCoff.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
CryptoPkg/CryptoPkg.dec
[LibraryClasses]
MemoryAllocationLib
BaseLib
UefiBootServicesTableLib
HobLib
UefiDriverEntryPoint
UefiRuntimeServicesTableLib
BaseMemoryLib
DebugLib
Tpm2CommandLib
PrintLib
UefiLib
Tpm2DeviceLib
HashLib
PerformanceLib
ReportStatusCodeLib
Tcg2PhysicalPresenceLib
[Guids]
## SOMETIMES_CONSUMES ## SystemTable # Smbios Table
## SOMETIMES_CONSUMES ## GUID # Handoff Table for measurement.
gEfiSmbiosTableGuid
## SOMETIMES_CONSUMES ## Variable:L"SecureBoot"
## SOMETIMES_CONSUMES ## Variable:L"PK"
## SOMETIMES_CONSUMES ## Variable:L"KEK"
## SOMETIMES_CONSUMES ## Variable:L"BootXXXX"
gEfiGlobalVariableGuid
## SOMETIMES_CONSUMES ## Variable:L"db"
## SOMETIMES_CONSUMES ## Variable:L"dbx"
gEfiImageSecurityDatabaseGuid
gTcgEventEntryHobGuid ## SOMETIMES_CONSUMES ## HOB
gTpmErrorHobGuid ## SOMETIMES_CONSUMES ## HOB
gEfiEventExitBootServicesGuid ## CONSUMES ## Event
gEventExitBootServicesFailedGuid ## SOMETIMES_CONSUMES ## Event
gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_CONSUMES ## GUID # TPM device identifier
gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_CONSUMES ## GUID # TPM device identifier
gTcgEvent2EntryHobGuid ## SOMETIMES_CONSUMES ## HOB
[Protocols]
gEfiTcg2ProtocolGuid ## PRODUCES
gEfiTcg2FinalEventsTableGuid ## PRODUCES
gEfiAcpiTableProtocolGuid ## NOTIFY
gEfiMpServiceProtocolGuid ## SOMETIMES_CONSUMES
gEfiVariableWriteArchProtocolGuid ## NOTIFY
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdFirmwareDebuggerInitialized ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2HashAlgorithmBitmap ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTcg2NumberOfPCRBanks ## CONSUMES
[Depex]
TRUE
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2DxeExtra.uni

BIN
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Tcg/Tcg2Dxe/Tcg2DxeExtra.uni Normal file
View File

Binary file not shown.

946
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c Normal file
View File

@ -0,0 +1,946 @@
/** @file
Initialize TPM2 device and measure FVs before handing off control to DXE.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <PiPei.h>
#include <IndustryStandard/UefiTcgPlatform.h>
#include <Ppi/FirmwareVolumeInfo.h>
#include <Ppi/FirmwareVolumeInfo2.h>
#include <Ppi/LockPhysicalPresence.h>
#include <Ppi/TpmInitialized.h>
#include <Ppi/FirmwareVolume.h>
#include <Ppi/EndOfPeiPhase.h>
#include <Ppi/FirmwareVolumeInfoMeasurementExcluded.h>
#include <Guid/TcgEventHob.h>
#include <Guid/MeasuredFvHob.h>
#include <Guid/TpmInstance.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/PeimEntryPoint.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/HashLib.h>
#include <Library/HobLib.h>
#include <Library/PcdLib.h>
#include <Library/PeiServicesTablePointerLib.h>
#include <Protocol/Tcg2Protocol.h>
#include <Library/PerformanceLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/ReportStatusCodeLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
#define PERF_ID_TCG2_PEI 0x3080
typedef struct {
EFI_GUID *EventGuid;
EFI_TCG2_EVENT_LOG_FORMAT LogFormat;
} TCG2_EVENT_INFO_STRUCT;
TCG2_EVENT_INFO_STRUCT mTcg2EventInfo[] = {
{&gTcgEventEntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2},
{&gTcgEvent2EntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_2},
};
BOOLEAN mImageInMemory = FALSE;
EFI_PEI_FILE_HANDLE mFileHandle;
EFI_PEI_PPI_DESCRIPTOR mTpmInitializedPpiList = {
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gPeiTpmInitializedPpiGuid,
NULL
};
EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gPeiTpmInitializationDonePpiGuid,
NULL
};
EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredBaseFvInfo;
UINT32 mMeasuredBaseFvIndex = 0;
EFI_PLATFORM_FIRMWARE_BLOB *mMeasuredChildFvInfo;
UINT32 mMeasuredChildFvIndex = 0;
/**
Measure and record the Firmware Volum Information once FvInfoPPI install.
@param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param[in] NotifyDescriptor Address of the notification descriptor data structure.
@param[in] Ppi Address of the PPI that was installed.
@retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
@return Others Fail to measure FV.
**/
EFI_STATUS
EFIAPI
FirmwareVolmeInfoPpiNotifyCallback (
IN EFI_PEI_SERVICES **PeiServices,
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
);
/**
Record all measured Firmware Volum Information into a Guid Hob
@param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param[in] NotifyDescriptor Address of the notification descriptor data structure.
@param[in] Ppi Address of the PPI that was installed.
@retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
@return Others Fail to measure FV.
**/
EFI_STATUS
EFIAPI
EndofPeiSignalNotifyCallBack (
IN EFI_PEI_SERVICES **PeiServices,
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
);
EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfoPpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
},
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfo2PpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
},
{
(EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
&gEfiEndOfPeiSignalPpiGuid,
EndofPeiSignalNotifyCallBack
}
};
EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI *mMeasurementExcludedFvPpi;
/**
This function get digest from digest list.
@param HashAlg digest algorithm
@param DigestList digest list
@param Digest digest
@retval EFI_SUCCESS Sha1Digest is found and returned.
@retval EFI_NOT_FOUND Sha1Digest is not found.
**/
EFI_STATUS
Tpm2GetDigestFromDigestList (
IN TPMI_ALG_HASH HashAlg,
IN TPML_DIGEST_VALUES *DigestList,
IN VOID *Digest
)
{
UINTN Index;
UINT16 DigestSize;
DigestSize = GetHashSizeFromAlgo (HashAlg);
for (Index = 0; Index < DigestList->count; Index++) {
if (DigestList->digests[Index].hashAlg == HashAlg) {
CopyMem (
Digest,
&DigestList->digests[Index].digest,
DigestSize
);
return EFI_SUCCESS;
}
}
return EFI_NOT_FOUND;
}
/**
Record all measured Firmware Volum Information into a Guid Hob
Guid Hob payload layout is
UINT32 *************************** FIRMWARE_BLOB number
EFI_PLATFORM_FIRMWARE_BLOB******** BLOB Array
@param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param[in] NotifyDescriptor Address of the notification descriptor data structure.
@param[in] Ppi Address of the PPI that was installed.
@retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
@return Others Fail to measure FV.
**/
EFI_STATUS
EFIAPI
EndofPeiSignalNotifyCallBack (
IN EFI_PEI_SERVICES **PeiServices,
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
)
{
MEASURED_HOB_DATA *MeasuredHobData;
MeasuredHobData = NULL;
//
// Create a Guid hob to save all measured Fv
//
MeasuredHobData = BuildGuidHob(
&gMeasuredFvHobGuid,
sizeof(UINTN) + sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex + mMeasuredChildFvIndex)
);
if (MeasuredHobData != NULL){
//
// Save measured FV info enty number
//
MeasuredHobData->Num = mMeasuredBaseFvIndex + mMeasuredChildFvIndex;
//
// Save measured base Fv info
//
CopyMem (MeasuredHobData->MeasuredFvBuf, mMeasuredBaseFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredBaseFvIndex));
//
// Save measured child Fv info
//
CopyMem (&MeasuredHobData->MeasuredFvBuf[mMeasuredBaseFvIndex] , mMeasuredChildFvInfo, sizeof(EFI_PLATFORM_FIRMWARE_BLOB) * (mMeasuredChildFvIndex));
}
return EFI_SUCCESS;
}
/**
Check if buffer is all zero.
@param[in] Buffer Buffer to be checked.
@param[in] BufferSize Size of buffer to be checked.
@retval TRUE Buffer is all zero.
@retval FALSE Buffer is not all zero.
**/
BOOLEAN
IsZeroBuffer (
IN VOID *Buffer,
IN UINTN BufferSize
)
{
UINT8 *BufferData;
UINTN Index;
BufferData = Buffer;
for (Index = 0; Index < BufferSize; Index++) {
if (BufferData[Index] != 0) {
return FALSE;
}
}
return TRUE;
}
/**
Get TPML_DIGEST_VALUES data size.
@param[in] DigestList TPML_DIGEST_VALUES data.
@return TPML_DIGEST_VALUES data size.
**/
UINT32
GetDigestListSize (
IN TPML_DIGEST_VALUES *DigestList
)
{
UINTN Index;
UINT16 DigestSize;
UINT32 TotalSize;
TotalSize = sizeof(DigestList->count);
for (Index = 0; Index < DigestList->count; Index++) {
DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);
TotalSize += sizeof(DigestList->digests[Index].hashAlg) + DigestSize;
}
return TotalSize;
}
/**
Return if hash alg is supported in TPM PCR bank.
@param HashAlg Hash algorithm to be checked.
@retval TRUE Hash algorithm is supported.
@retval FALSE Hash algorithm is not supported.
**/
BOOLEAN
IsHashAlgSupportedInPcrBank (
IN TPMI_ALG_HASH HashAlg
)
{
UINT32 ActivePcrBanks;
ActivePcrBanks = PcdGet32 (PcdTpm2HashMask);
switch (HashAlg) {
case TPM_ALG_SHA1:
if ((ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {
return TRUE;
}
break;
case TPM_ALG_SHA256:
if ((ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
return TRUE;
}
break;
case TPM_ALG_SHA384:
if ((ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
return TRUE;
}
break;
case TPM_ALG_SHA512:
if ((ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
return TRUE;
}
break;
case TPM_ALG_SM3_256:
if ((ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
return TRUE;
}
break;
}
return FALSE;
}
/**
Copy TPML_DIGEST_VALUES into a buffer
@param[in,out] Buffer Buffer to hold TPML_DIGEST_VALUES.
@param[in] DigestList TPML_DIGEST_VALUES to be copied.
@return The end of buffer to hold TPML_DIGEST_VALUES.
**/
VOID *
CopyDigestListToBuffer (
IN OUT VOID *Buffer,
IN TPML_DIGEST_VALUES *DigestList
)
{
UINTN Index;
UINT16 DigestSize;
CopyMem (Buffer, &DigestList->count, sizeof(DigestList->count));
Buffer = (UINT8 *)Buffer + sizeof(DigestList->count);
for (Index = 0; Index < DigestList->count; Index++) {
if (!IsHashAlgSupportedInPcrBank (DigestList->digests[Index].hashAlg)) {
DEBUG ((EFI_D_ERROR, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList->digests[Index].hashAlg));
continue;
}
CopyMem (Buffer, &DigestList->digests[Index].hashAlg, sizeof(DigestList->digests[Index].hashAlg));
Buffer = (UINT8 *)Buffer + sizeof(DigestList->digests[Index].hashAlg);
DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);
CopyMem (Buffer, &DigestList->digests[Index].digest, DigestSize);
Buffer = (UINT8 *)Buffer + DigestSize;
}
return Buffer;
}
/**
Set Tpm2HashMask PCD value accroding to TPM2 PCR bank.
**/
VOID
SetTpm2HashMask (
VOID
)
{
EFI_STATUS Status;
UINT32 ActivePcrBanks;
TPML_PCR_SELECTION Pcrs;
UINTN Index;
DEBUG ((EFI_D_ERROR, "SetTpm2HashMask!\n"));
Status = Tpm2GetCapabilityPcrs (&Pcrs);
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityPcrs fail!\n"));
ActivePcrBanks = EFI_TCG2_BOOT_HASH_ALG_SHA1;
} else {
DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityPcrs Count - %08x\n", Pcrs.count));
ActivePcrBanks = 0;
for (Index = 0; Index < Pcrs.count; Index++) {
DEBUG ((EFI_D_INFO, "hash - %x\n", Pcrs.pcrSelections[Index].hash));
switch (Pcrs.pcrSelections[Index].hash) {
case TPM_ALG_SHA1:
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
ActivePcrBanks |= EFI_TCG2_BOOT_HASH_ALG_SHA1;
}
break;
case TPM_ALG_SHA256:
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
ActivePcrBanks |= EFI_TCG2_BOOT_HASH_ALG_SHA256;
}
break;
case TPM_ALG_SHA384:
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
ActivePcrBanks |= EFI_TCG2_BOOT_HASH_ALG_SHA384;
}
break;
case TPM_ALG_SHA512:
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
ActivePcrBanks |= EFI_TCG2_BOOT_HASH_ALG_SHA512;
}
break;
case TPM_ALG_SM3_256:
if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
ActivePcrBanks |= EFI_TCG2_BOOT_HASH_ALG_SM3_256;
}
break;
}
}
}
PcdSet32 (PcdTpm2HashMask, ActivePcrBanks);
}
/**
Add a new entry to the Event Log.
@param[in] DigestList A list of digest.
@param[in,out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS The new event log entry was added.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
**/
EFI_STATUS
LogHashEvent (
IN TPML_DIGEST_VALUES *DigestList,
IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
IN UINT8 *NewEventData
)
{
VOID *HobData;
EFI_STATUS Status;
UINTN Index;
EFI_STATUS RetStatus;
UINT32 SupportedEventLogs;
TCG_PCR_EVENT2 *TcgPcrEvent2;
UINT8 *DigestBuffer;
SupportedEventLogs = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;
RetStatus = EFI_SUCCESS;
for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
if ((SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));
switch (mTcg2EventInfo[Index].LogFormat) {
case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
Status = Tpm2GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);
if (!EFI_ERROR (Status)) {
HobData = BuildGuidHob (
&gTcgEventEntryHobGuid,
sizeof (*NewEventHdr) + NewEventHdr->EventSize
);
if (HobData == NULL) {
RetStatus = EFI_OUT_OF_RESOURCES;
break;
}
CopyMem (HobData, NewEventHdr, sizeof (*NewEventHdr));
HobData = (VOID *) ((UINT8*)HobData + sizeof (*NewEventHdr));
CopyMem (HobData, NewEventData, NewEventHdr->EventSize);
}
break;
case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
HobData = BuildGuidHob (
&gTcgEvent2EntryHobGuid,
sizeof(TcgPcrEvent2->PCRIndex) + sizeof(TcgPcrEvent2->EventType) + GetDigestListSize (DigestList) + sizeof(TcgPcrEvent2->EventSize) + NewEventHdr->EventSize
);
if (HobData == NULL) {
RetStatus = EFI_OUT_OF_RESOURCES;
break;
}
TcgPcrEvent2 = HobData;
TcgPcrEvent2->PCRIndex = NewEventHdr->PCRIndex;
TcgPcrEvent2->EventType = NewEventHdr->EventType;
DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest;
DigestBuffer = CopyDigestListToBuffer (DigestBuffer, DigestList);
CopyMem (DigestBuffer, &NewEventHdr->EventSize, sizeof(TcgPcrEvent2->EventSize));
DigestBuffer = DigestBuffer + sizeof(TcgPcrEvent2->EventSize);
CopyMem (DigestBuffer, NewEventData, NewEventHdr->EventSize);
break;
}
}
}
return RetStatus;
}
/**
Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
and build a GUIDed HOB recording the event which will be passed to the DXE phase and
added into the Event Log.
@param[in] Flags Bitmap providing additional information.
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
HashLogExtendEvent (
IN UINT64 Flags,
IN UINT8 *HashData,
IN UINTN HashDataLen,
IN TCG_PCR_EVENT_HDR *NewEventHdr,
IN UINT8 *NewEventData
)
{
EFI_STATUS Status;
TPML_DIGEST_VALUES DigestList;
if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
return EFI_DEVICE_ERROR;
}
Status = HashAndExtend (
NewEventHdr->PCRIndex,
HashData,
HashDataLen,
&DigestList
);
if (!EFI_ERROR (Status)) {
if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
Status = LogHashEvent (&DigestList, NewEventHdr, NewEventData);
}
}
if (Status == EFI_DEVICE_ERROR) {
DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
BuildGuidHob (&gTpmErrorHobGuid,0);
REPORT_STATUS_CODE (
EFI_ERROR_CODE | EFI_ERROR_MINOR,
(PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
);
}
return Status;
}
/**
Measure CRTM version.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
MeasureCRTMVersion (
VOID
)
{
TCG_PCR_EVENT_HDR TcgEventHdr;
//
// Use FirmwareVersion string to represent CRTM version.
// OEMs should get real CRTM version string and measure it.
//
TcgEventHdr.PCRIndex = 0;
TcgEventHdr.EventType = EV_S_CRTM_VERSION;
TcgEventHdr.EventSize = (UINT32) StrSize((CHAR16*)PcdGetPtr (PcdFirmwareVersionString));
return HashLogExtendEvent (
0,
(UINT8*)PcdGetPtr (PcdFirmwareVersionString),
TcgEventHdr.EventSize,
&TcgEventHdr,
(UINT8*)PcdGetPtr (PcdFirmwareVersionString)
);
}
/**
Measure FV image.
Add it into the measured FV list after the FV is measured successfully.
@param[in] FvBase Base address of FV image.
@param[in] FvLength Length of FV image.
@retval EFI_SUCCESS Fv image is measured successfully
or it has been already measured.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
MeasureFvImage (
IN EFI_PHYSICAL_ADDRESS FvBase,
IN UINT64 FvLength
)
{
UINT32 Index;
EFI_STATUS Status;
EFI_PLATFORM_FIRMWARE_BLOB FvBlob;
TCG_PCR_EVENT_HDR TcgEventHdr;
//
// Check if it is in Excluded FV list
//
if (mMeasurementExcludedFvPpi != NULL) {
for (Index = 0; Index < mMeasurementExcludedFvPpi->Count; Index ++) {
if (mMeasurementExcludedFvPpi->Fv[Index].FvBase == FvBase) {
DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei starts at: 0x%x\n", FvBase));
DEBUG ((DEBUG_INFO, "The FV which is excluded by Tcg2Pei has the size: 0x%x\n", FvLength));
return EFI_SUCCESS;
}
}
}
//
// Check whether FV is in the measured FV list.
//
for (Index = 0; Index < mMeasuredBaseFvIndex; Index ++) {
if (mMeasuredBaseFvInfo[Index].BlobBase == FvBase) {
return EFI_SUCCESS;
}
}
//
// Measure and record the FV to the TPM
//
FvBlob.BlobBase = FvBase;
FvBlob.BlobLength = FvLength;
DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei starts at: 0x%x\n", FvBlob.BlobBase));
DEBUG ((DEBUG_INFO, "The FV which is measured by Tcg2Pei has the size: 0x%x\n", FvBlob.BlobLength));
TcgEventHdr.PCRIndex = 0;
TcgEventHdr.EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB;
TcgEventHdr.EventSize = sizeof (FvBlob);
Status = HashLogExtendEvent (
0,
(UINT8*) (UINTN) FvBlob.BlobBase,
(UINTN) FvBlob.BlobLength,
&TcgEventHdr,
(UINT8*) &FvBlob
);
//
// Add new FV into the measured FV list.
//
ASSERT (mMeasuredBaseFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredBaseFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) {
mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobBase = FvBase;
mMeasuredBaseFvInfo[mMeasuredBaseFvIndex].BlobLength = FvLength;
mMeasuredBaseFvIndex++;
}
return Status;
}
/**
Measure main BIOS.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
MeasureMainBios (
VOID
)
{
EFI_STATUS Status;
UINT32 FvInstances;
EFI_PEI_FV_HANDLE VolumeHandle;
EFI_FV_INFO VolumeInfo;
EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
PERF_START_EX (mFileHandle, "EventRec", "Tcg2Pei", 0, PERF_ID_TCG2_PEI);
FvInstances = 0;
while (TRUE) {
//
// Traverse all firmware volume instances of Static Core Root of Trust for Measurement
// (S-CRTM), this firmware volume measure policy can be modified/enhanced by special
// platform for special CRTM TPM measuring.
//
Status = PeiServicesFfsFindNextVolume (FvInstances, &VolumeHandle);
if (EFI_ERROR (Status)) {
break;
}
//
// Measure and record the firmware volume that is dispatched by PeiCore
//
Status = PeiServicesFfsGetVolumeInfo (VolumeHandle, &VolumeInfo);
ASSERT_EFI_ERROR (Status);
//
// Locate the corresponding FV_PPI according to founded FV's format guid
//
Status = PeiServicesLocatePpi (
&VolumeInfo.FvFormat,
0,
NULL,
(VOID**)&FvPpi
);
if (!EFI_ERROR (Status)) {
MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) VolumeInfo.FvStart, VolumeInfo.FvSize);
}
FvInstances++;
}
PERF_END_EX (mFileHandle, "EventRec", "Tcg2Pei", 0, PERF_ID_TCG2_PEI + 1);
return EFI_SUCCESS;
}
/**
Measure and record the Firmware Volum Information once FvInfoPPI install.
@param[in] PeiServices An indirect pointer to the EFI_PEI_SERVICES table published by the PEI Foundation.
@param[in] NotifyDescriptor Address of the notification descriptor data structure.
@param[in] Ppi Address of the PPI that was installed.
@retval EFI_SUCCESS The FV Info is measured and recorded to TPM.
@return Others Fail to measure FV.
**/
EFI_STATUS
EFIAPI
FirmwareVolmeInfoPpiNotifyCallback (
IN EFI_PEI_SERVICES **PeiServices,
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
)
{
EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *Fv;
EFI_STATUS Status;
EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
UINTN Index;
Fv = (EFI_PEI_FIRMWARE_VOLUME_INFO_PPI *) Ppi;
//
// The PEI Core can not dispatch or load files from memory mapped FVs that do not support FvPpi.
//
Status = PeiServicesLocatePpi (
&Fv->FvFormat,
0,
NULL,
(VOID**)&FvPpi
);
if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
//
// This is an FV from an FFS file, and the parent FV must have already been measured,
// No need to measure twice, so just record the FV and return
//
if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
ASSERT (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredChildFvIndex < FixedPcdGet32 (PcdPeiCoreMaxFvSupported)) {
//
// Check whether FV is in the measured child FV list.
//
for (Index = 0; Index < mMeasuredChildFvIndex; Index++) {
if (mMeasuredChildFvInfo[Index].BlobBase == (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo) {
return EFI_SUCCESS;
}
}
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobBase = (EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo;
mMeasuredChildFvInfo[mMeasuredChildFvIndex].BlobLength = Fv->FvInfoSize;
mMeasuredChildFvIndex++;
}
return EFI_SUCCESS;
}
return MeasureFvImage ((EFI_PHYSICAL_ADDRESS) (UINTN) Fv->FvInfo, Fv->FvInfoSize);
}
/**
Do measurement after memory is ready.
@param[in] PeiServices Describes the list of possible PEI Services.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
PeimEntryMP (
IN EFI_PEI_SERVICES **PeiServices
)
{
EFI_STATUS Status;
Status = PeiServicesLocatePpi (
&gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
0,
NULL,
(VOID**)&mMeasurementExcludedFvPpi
);
// Do not check status, because it is optional
mMeasuredBaseFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
ASSERT (mMeasuredBaseFvInfo != NULL);
mMeasuredChildFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
ASSERT (mMeasuredChildFvInfo != NULL);
if (PcdGet8 (PcdTpm2ScrtmPolicy) == 1) {
Status = MeasureCRTMVersion ();
}
Status = MeasureMainBios ();
//
// Post callbacks:
// for the FvInfoPpi services to measure and record
// the additional Fvs to TPM
//
Status = PeiServicesNotifyPpi (&mNotifyList[0]);
ASSERT_EFI_ERROR (Status);
return Status;
}
/**
Entry point of this module.
@param[in] FileHandle Handle of the file being invoked.
@param[in] PeiServices Describes the list of possible PEI Services.
@return Status.
**/
EFI_STATUS
EFIAPI
PeimEntryMA (
IN EFI_PEI_FILE_HANDLE FileHandle,
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
EFI_STATUS Status;
EFI_STATUS Status2;
EFI_BOOT_MODE BootMode;
if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
DEBUG ((EFI_D_ERROR, "No TPM2 instance required!\n"));
return EFI_UNSUPPORTED;
}
if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
return EFI_DEVICE_ERROR;
}
Status = PeiServicesGetBootMode (&BootMode);
ASSERT_EFI_ERROR (Status);
//
// In S3 path, skip shadow logic. no measurement is required
//
if (BootMode != BOOT_ON_S3_RESUME) {
Status = (**PeiServices).RegisterForShadow(FileHandle);
if (Status == EFI_ALREADY_STARTED) {
mImageInMemory = TRUE;
mFileHandle = FileHandle;
} else if (Status == EFI_NOT_FOUND) {
ASSERT_EFI_ERROR (Status);
}
}
if (!mImageInMemory) {
//
// Initialize TPM device
//
Status = Tpm2RequestUseTpm ();
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "TPM2 not detected!\n"));
goto Done;
}
if (PcdGet8 (PcdTpm2InitializationPolicy) == 1) {
if (BootMode == BOOT_ON_S3_RESUME) {
Status = Tpm2Startup (TPM_SU_STATE);
if (EFI_ERROR (Status) ) {
Status = Tpm2Startup (TPM_SU_CLEAR);
}
} else {
Status = Tpm2Startup (TPM_SU_CLEAR);
}
if (EFI_ERROR (Status) ) {
goto Done;
}
}
//
// Update Tpm2HashMask according to PCR bank.
//
SetTpm2HashMask ();
//
// TpmSelfTest is optional on S3 path, skip it to save S3 time
//
if (BootMode != BOOT_ON_S3_RESUME) {
if (PcdGet8 (PcdTpm2SelfTestPolicy) == 1) {
Status = Tpm2SelfTest (NO);
if (EFI_ERROR (Status)) {
goto Done;
}
}
}
//
// Only intall TpmInitializedPpi on success
//
Status = PeiServicesInstallPpi (&mTpmInitializedPpiList);
ASSERT_EFI_ERROR (Status);
}
if (mImageInMemory) {
Status = PeimEntryMP ((EFI_PEI_SERVICES**)PeiServices);
return Status;
}
Done:
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "TPM2 error! Build Hob\n"));
BuildGuidHob (&gTpmErrorHobGuid,0);
REPORT_STATUS_CODE (
EFI_ERROR_CODE | EFI_ERROR_MINOR,
(PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
);
}
//
// Always intall TpmInitializationDonePpi no matter success or fail.
// Other driver can know TPM initialization state by TpmInitializedPpi.
//
Status2 = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
ASSERT_EFI_ERROR (Status2);
return Status;
}

89
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.inf Normal file
View File

@ -0,0 +1,89 @@
## @file
# Initializes TPM 2.0 device and measure FVs in PEI phase
#
# This module will initialize TPM device, measure reported FVs and BIOS version.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2Pei
MODULE_UNI_FILE = Tcg2Pei.uni
FILE_GUID = A0C98B77-CBA5-4BB8-993B-4AF6CE33ECE4
MODULE_TYPE = PEIM
VERSION_STRING = 1.0
ENTRY_POINT = PeimEntryMA
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
# [BootMode]
# S3_RESUME ## SOMETIMES_CONSUMES
#
[Sources]
Tcg2Pei.c
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
HobLib
PeimEntryPoint
PeiServicesLib
BaseMemoryLib
DebugLib
Tpm2CommandLib
PeiServicesTablePointerLib
Tpm2DeviceLib
HashLib
PerformanceLib
MemoryAllocationLib
ReportStatusCodeLib
Tcg2PhysicalPresenceLib
[Guids]
gTcgEventEntryHobGuid ## PRODUCES ## HOB
gTpmErrorHobGuid ## SOMETIMES_PRODUCES ## HOB
gMeasuredFvHobGuid ## PRODUCES ## HOB
gTcgEvent2EntryHobGuid ## PRODUCES ## HOB
gEfiTpmDeviceInstanceNoneGuid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
gEfiTpmDeviceInstanceTpm12Guid ## SOMETIMES_PRODUCES ## GUID # TPM device identifier
[Ppis]
gEfiPeiFirmwareVolumeInfoPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfo2PpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid ## SOMETIMES_CONSUMES
gPeiTpmInitializedPpiGuid ## SOMETIMES_PRODUCES
gPeiTpmInitializationDonePpiGuid ## PRODUCES
gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
[Pcd]
gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2InitializationPolicy ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2SelfTestPolicy ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2ScrtmPolicy ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdPeiCoreMaxFvSupported ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdStatusCodeSubClassTpmDevice ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpm2HashMask ## CONSUMES
[Depex]
gEfiPeiMasterBootModePpiGuid AND
gEfiPeiReadOnlyVariable2PpiGuid AND
gEfiTpmDeviceSelectedGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2PeiExtra.uni

BIN
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Tcg/Tcg2Pei/Tcg2PeiExtra.uni Normal file
View File

Binary file not shown.

397
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c Normal file
View File

@ -0,0 +1,397 @@
/** @file
It updates TPM2 items in ACPI table and registers SMI2 callback
functions for Tcg2 physical presence, ClearMemory, and sample
for dTPM StartMethod.
Caution: This module requires additional review when modified.
This driver will have external input - variable and ACPINvs data in SMM mode.
This external input must be validated carefully to avoid security issue.
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Tcg2Smm.h"
EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = {
{
EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE,
sizeof (mTpm2AcpiTemplate),
EFI_TPM2_ACPI_TABLE_REVISION,
//
// Compiler initializes the remaining bytes to 0
// These fields should be filled in in production
//
},
0, // Flags
0, // Control Area
EFI_TPM2_ACPI_TABLE_START_METHOD_TIS, // StartMethod
};
EFI_SMM_VARIABLE_PROTOCOL *mSmmVariable;
TCG_NVS *mTcgNvs;
/**
Software SMI callback for TPM physical presence which is called from ACPI method.
Caution: This function may receive untrusted input.
Variable and ACPINvs are external input, so this function will validate
its data structure to be valid value.
@param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().
@param[in] Context Points to an optional handler context which was specified when the
handler was registered.
@param[in, out] CommBuffer A pointer to a collection of data in memory that will
be conveyed from a non-SMM environment into an SMM environment.
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
**/
EFI_STATUS
EFIAPI
PhysicalPresenceCallback (
IN EFI_HANDLE DispatchHandle,
IN CONST VOID *Context,
IN OUT VOID *CommBuffer,
IN OUT UINTN *CommBufferSize
)
{
UINT32 MostRecentRequest;
UINT32 Response;
if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
&MostRecentRequest,
&Response
);
mTcgNvs->PhysicalPresence.LastRequest = MostRecentRequest;
mTcgNvs->PhysicalPresence.Response = Response;
return EFI_SUCCESS;
} else if ((mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
|| (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
mTcgNvs->PhysicalPresence.Request,
mTcgNvs->PhysicalPresence.RequestParameter
);
} else if (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {
mTcgNvs->PhysicalPresence.ReturnCode = Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request);
}
return EFI_SUCCESS;
}
/**
Software SMI callback for MemoryClear which is called from ACPI method.
Caution: This function may receive untrusted input.
Variable and ACPINvs are external input, so this function will validate
its data structure to be valid value.
@param[in] DispatchHandle The unique handle assigned to this handler by SmiHandlerRegister().
@param[in] Context Points to an optional handler context which was specified when the
handler was registered.
@param[in, out] CommBuffer A pointer to a collection of data in memory that will
be conveyed from a non-SMM environment into an SMM environment.
@param[in, out] CommBufferSize The size of the CommBuffer.
@retval EFI_SUCCESS The interrupt was handled successfully.
**/
EFI_STATUS
EFIAPI
MemoryClearCallback (
IN EFI_HANDLE DispatchHandle,
IN CONST VOID *Context,
IN OUT VOID *CommBuffer,
IN OUT UINTN *CommBufferSize
)
{
EFI_STATUS Status;
UINTN DataSize;
UINT8 MorControl;
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_SUCCESS;
if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE) {
MorControl = (UINT8) mTcgNvs->MemoryClear.Request;
} else if (mTcgNvs->MemoryClear.Parameter == ACPI_FUNCTION_PTS_CLEAR_MOR_BIT) {
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmGetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
NULL,
&DataSize,
&MorControl
);
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
if (MOR_CLEAR_MEMORY_VALUE (MorControl) == 0x0) {
return EFI_SUCCESS;
}
MorControl &= ~MOR_CLEAR_MEMORY_BIT_MASK;
}
DataSize = sizeof (UINT8);
Status = mSmmVariable->SmmSetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
DataSize,
&MorControl
);
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
}
return EFI_SUCCESS;
}
/**
Find the operation region in TCG ACPI table by given Name and Size,
and initialize it if the region is found.
@param[in, out] Table The TPM item in ACPI table.
@param[in] Name The name string to find in TPM table.
@param[in] Size The size of the region to find.
@return The allocated address for the found region.
**/
VOID *
AssignOpRegion (
EFI_ACPI_DESCRIPTION_HEADER *Table,
UINT32 Name,
UINT16 Size
)
{
EFI_STATUS Status;
AML_OP_REGION_32_8 *OpRegion;
EFI_PHYSICAL_ADDRESS MemoryAddress;
MemoryAddress = SIZE_4GB - 1;
//
// Patch some pointers for the ASL code before loading the SSDT.
//
for (OpRegion = (AML_OP_REGION_32_8 *) (Table + 1);
OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
OpRegion = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&
(OpRegion->NameString == Name) &&
(OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
(OpRegion->BytePrefix == AML_BYTE_PREFIX)) {
Status = gBS->AllocatePages(AllocateMaxAddress, EfiACPIMemoryNVS, EFI_SIZE_TO_PAGES (Size), &MemoryAddress);
ASSERT_EFI_ERROR (Status);
ZeroMem ((VOID *)(UINTN)MemoryAddress, Size);
OpRegion->RegionOffset = (UINT32) (UINTN) MemoryAddress;
OpRegion->RegionLen = (UINT8) Size;
break;
}
}
return (VOID *) (UINTN) MemoryAddress;
}
/**
Initialize and publish TPM items in ACPI table.
@retval EFI_SUCCESS The TCG ACPI table is published successfully.
@retval Others The TCG ACPI table is not published.
**/
EFI_STATUS
PublishAcpiTable (
VOID
)
{
EFI_STATUS Status;
EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
UINTN TableKey;
EFI_ACPI_DESCRIPTION_HEADER *Table;
UINTN TableSize;
Status = GetSectionFromFv (
&gEfiCallerIdGuid,
EFI_SECTION_RAW,
0,
(VOID **) &Table,
&TableSize
);
ASSERT_EFI_ERROR (Status);
//
// Measure to PCR[0] with event EV_POST_CODE ACPI DATA
//
TpmMeasureAndLogData(
0,
EV_POST_CODE,
EV_POSTCODE_INFO_ACPI_DATA,
ACPI_DATA_LEN,
Table,
TableSize
);
ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'p', 'm', '2', 'T', 'a', 'b', 'l'));
CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table->OemId) );
mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));
ASSERT (mTcgNvs != NULL);
//
// Publish the TPM ACPI table
//
Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);
ASSERT_EFI_ERROR (Status);
TableKey = 0;
Status = AcpiTable->InstallAcpiTable (
AcpiTable,
Table,
TableSize,
&TableKey
);
ASSERT_EFI_ERROR (Status);
return Status;
}
/**
Publish TPM2 ACPI table
@retval EFI_SUCCESS The TPM2 ACPI table is published successfully.
@retval Others The TPM2 ACPI table is not published.
**/
EFI_STATUS
PublishTpm2 (
VOID
)
{
EFI_STATUS Status;
EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
UINTN TableKey;
UINT64 OemTableId;
//
// Measure to PCR[0] with event EV_POST_CODE ACPI DATA
//
TpmMeasureAndLogData(
0,
EV_POST_CODE,
EV_POSTCODE_INFO_ACPI_DATA,
ACPI_DATA_LEN,
&mTpm2AcpiTemplate,
sizeof(mTpm2AcpiTemplate)
);
CopyMem (mTpm2AcpiTemplate.Header.OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (mTpm2AcpiTemplate.Header.OemId));
OemTableId = PcdGet64 (PcdAcpiDefaultOemTableId);
CopyMem (&mTpm2AcpiTemplate.Header.OemTableId, &OemTableId, sizeof (UINT64));
mTpm2AcpiTemplate.Header.OemRevision = PcdGet32 (PcdAcpiDefaultOemRevision);
mTpm2AcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId);
mTpm2AcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision);
//
// Construct ACPI table
//
Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable);
ASSERT_EFI_ERROR (Status);
Status = AcpiTable->InstallAcpiTable (
AcpiTable,
&mTpm2AcpiTemplate,
sizeof(mTpm2AcpiTemplate),
&TableKey
);
ASSERT_EFI_ERROR (Status);
return Status;
}
/**
The driver's entry point.
It install callbacks for TPM physical presence and MemoryClear, and locate
SMM variable to be used in the callback function.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval Others Some error occurs when executing this entry point.
**/
EFI_STATUS
EFIAPI
InitializeTcgSmm (
IN EFI_HANDLE ImageHandle,
IN EFI_SYSTEM_TABLE *SystemTable
)
{
EFI_STATUS Status;
EFI_SMM_SW_DISPATCH2_PROTOCOL *SwDispatch;
EFI_SMM_SW_REGISTER_CONTEXT SwContext;
EFI_HANDLE SwHandle;
if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm20DtpmGuid)){
DEBUG ((EFI_D_ERROR, "No TPM2 DTPM instance required!\n"));
return EFI_UNSUPPORTED;
}
Status = PublishAcpiTable ();
ASSERT_EFI_ERROR (Status);
//
// Get the Sw dispatch protocol and register SMI callback functions.
//
Status = gSmst->SmmLocateProtocol (&gEfiSmmSwDispatch2ProtocolGuid, NULL, (VOID**)&SwDispatch);
ASSERT_EFI_ERROR (Status);
SwContext.SwSmiInputValue = (UINTN) -1;
Status = SwDispatch->Register (SwDispatch, PhysicalPresenceCallback, &SwContext, &SwHandle);
ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgNvs->PhysicalPresence.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
SwContext.SwSmiInputValue = (UINTN) -1;
Status = SwDispatch->Register (SwDispatch, MemoryClearCallback, &SwContext, &SwHandle);
ASSERT_EFI_ERROR (Status);
if (EFI_ERROR (Status)) {
return Status;
}
mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
//
// Locate SmmVariableProtocol.
//
Status = gSmst->SmmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mSmmVariable);
ASSERT_EFI_ERROR (Status);
//
// Set TPM2 ACPI table
//
Status = PublishTpm2 ();
ASSERT_EFI_ERROR (Status);
return EFI_SUCCESS;
}

87
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h Normal file
View File

@ -0,0 +1,87 @@
/** @file
The header file for Tcg2 SMM driver.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef __TCG2_SMM_H__
#define __TCG2_SMM_H__
#include <PiDxe.h>
#include <IndustryStandard/Acpi.h>
#include <IndustryStandard/Tpm2Acpi.h>
#include <Guid/MemoryOverwriteControl.h>
#include <Guid/TpmInstance.h>
#include <Protocol/SmmSwDispatch2.h>
#include <Protocol/AcpiTable.h>
#include <Protocol/SmmVariable.h>
#include <Protocol/Tcg2Protocol.h>
#include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
#include <Library/SmmServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/DxeServicesLib.h>
#include <Library/TpmMeasurementLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/Tcg2PhysicalPresenceLib.h>
#pragma pack(1)
typedef struct {
UINT8 SoftwareSmi;
UINT32 Parameter;
UINT32 Response;
UINT32 Request;
UINT32 RequestParameter;
UINT32 LastRequest;
UINT32 ReturnCode;
} PHYSICAL_PRESENCE_NVS;
typedef struct {
UINT8 SoftwareSmi;
UINT32 Parameter;
UINT32 Request;
UINT32 ReturnCode;
} MEMORY_CLEAR_NVS;
typedef struct {
PHYSICAL_PRESENCE_NVS PhysicalPresence;
MEMORY_CLEAR_NVS MemoryClear;
} TCG_NVS;
typedef struct {
UINT8 OpRegionOp;
UINT32 NameString;
UINT8 RegionSpace;
UINT8 DWordPrefix;
UINT32 RegionOffset;
UINT8 BytePrefix;
UINT8 RegionLen;
} AML_OP_REGION_32_8;
#pragma pack()
//
// The definition for TCG MOR
//
#define ACPI_FUNCTION_DSM_MEMORY_CLEAR_INTERFACE 1
#define ACPI_FUNCTION_PTS_CLEAR_MOR_BIT 2
//
// The return code for Memory Clear Interface Functions
//
#define MOR_REQUEST_SUCCESS 0
#define MOR_REQUEST_GENERAL_FAILURE 1
#endif // __TCG_SMM_H__

80
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf Normal file
View File

@ -0,0 +1,80 @@
## @file
# Provides ACPI metholds for TPM 2.0 support
#
# This driver implements TPM 2.0 definition block in ACPI table and
# registers SMI callback functions for Tcg2 physical presence and
# MemoryClear to handle the requests from ACPI method.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = Tcg2Smm
MODULE_UNI_FILE = Tcg2Smm.uni
FILE_GUID = 44A20657-10B8-4049-A148-ACD8812AF257
MODULE_TYPE = DXE_SMM_DRIVER
PI_SPECIFICATION_VERSION = 0x0001000A
VERSION_STRING = 1.0
ENTRY_POINT = InitializeTcgSmm
[Sources]
Tcg2Smm.h
Tcg2Smm.c
Tpm.asl
[Packages]
MdePkg/MdePkg.dec
MdeModulePkg/MdeModulePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
BaseLib
BaseMemoryLib
UefiDriverEntryPoint
SmmServicesTableLib
UefiBootServicesTableLib
DebugLib
DxeServicesLib
TpmMeasurementLib
Tpm2DeviceLib
Tcg2PhysicalPresenceLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
gEfiMemoryOverwriteControlDataGuid
gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier
[Protocols]
gEfiSmmSwDispatch2ProtocolGuid ## CONSUMES
gEfiSmmVariableProtocolGuid ## CONSUMES
gEfiAcpiTableProtocolGuid ## CONSUMES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemTableId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultOemRevision ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorId ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdAcpiDefaultCreatorRevision ## SOMETIMES_CONSUMES
[Depex]
gEfiAcpiTableProtocolGuid AND
gEfiSmmSwDispatch2ProtocolGuid AND
gEfiSmmVariableProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2SmmExtra.uni

BIN
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.uni Normal file
View File

Binary file not shown.

BIN
SecurityPkg/Tcg/Tcg2Smm/Tcg2SmmExtra.uni Normal file
View File

Binary file not shown.

359
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl Normal file
View File

@ -0,0 +1,359 @@
/** @file
The TPM2 definition block in ACPI table for TCG2 physical presence
and MemoryClear.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
DefinitionBlock (
"Tpm.aml",
"SSDT",
2,
"INTEL ",
"Tpm2Tabl",
0x1000
)
{
Scope (\_SB)
{
Device (TPM)
{
//
// TCG2
//
Name (_HID, "MSFT0101")
//
// Readable name of this device, don't know if this way is correct yet
//
Name (_STR, Unicode ("TPM 2.0 Device"))
//
// Return the resource consumed by TPM device
//
Name (_CRS, ResourceTemplate () {
Memory32Fixed (ReadOnly, 0xfed40000, 0x5000)
})
//
// Operational region for Smi port access
//
OperationRegion (SMIP, SystemIO, 0xB2, 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
IOB2, 8
}
//
// Operational region for TPM access
//
OperationRegion (TPMR, SystemMemory, 0xfed40000, 0x5000)
Field (TPMR, AnyAcc, NoLock, Preserve)
{
ACC0, 8,
}
//
// Operational region for TPM support, TPM Physical Presence and TPM Memory Clear
// Region Offset 0xFFFF0000 and Length 0xF0 will be fixed in C code.
//
OperationRegion (TNVS, SystemMemory, 0xFFFF0000, 0xF0)
Field (TNVS, AnyAcc, NoLock, Preserve)
{
PPIN, 8, // Software SMI for Physical Presence Interface
PPIP, 32, // Used for save physical presence paramter
PPRP, 32, // Physical Presence request operation response
PPRQ, 32, // Physical Presence request operation
PPRM, 32, // Physical Presence request operation parameter
LPPR, 32, // Last Physical Presence request operation
FRET, 32, // Physical Presence function return code
MCIN, 8, // Software SMI for Memory Clear Interface
MCIP, 32, // Used for save the Mor paramter
MORD, 32, // Memory Overwrite Request Data
MRET, 32 // Memory Overwrite function return code
}
Method (PTS, 1, Serialized)
{
//
// Detect Sx state for MOR, only S4, S5 need to handle
//
If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
{
//
// Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
//
If (LNot (And (MORD, 0x10)))
{
//
// Triggle the SMI through ACPI _PTS method.
//
Store (0x02, MCIP)
//
// Triggle the SMI interrupt
//
Store (MCIN, IOB2)
}
}
Return (0)
}
Method (_STA, 0)
{
if (LEqual (ACC0, 0xff))
{
Return (0)
}
Return (0x0f)
}
//
// TCG Hardware Information
//
Method (HINF, 3, Serialized, 0, {BuffObj, PkgObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
{
//
// Switch by function index
//
Switch (ToInteger(Arg1))
{
Case (0)
{
//
// Standard query
//
Return (Buffer () {0x03})
}
Case (1)
{
//
// Return failure if no TPM present
//
Name(TPMV, Package () {0x01, Package () {0x2, 0x0}})
if (LEqual (_STA (), 0x00))
{
Return (Package () {0x00})
}
//
// Return TPM version
//
Return (TPMV)
}
Default {BreakPoint}
}
Return (Buffer () {0})
}
Name(TPM2, Package (0x02){
Zero,
Zero
})
Name(TPM3, Package (0x03){
Zero,
Zero,
Zero
})
//
// TCG Physical Presence Interface
//
Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
{
//
// Switch by function index
//
Switch (ToInteger(Arg1))
{
Case (0)
{
//
// Standard query, supports function 1-8
//
Return (Buffer () {0xFF, 0x01})
}
Case (1)
{
//
// a) Get Physical Presence Interface Version
//
Return ("1.2")
}
Case (2)
{
//
// b) Submit TPM Operation Request to Pre-OS Environment
//
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
Store (0x02, PPIP)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Return (FRET)
}
Case (3)
{
//
// c) Get Pending TPM Operation Requested By the OS
//
Store (PPRQ, Index (TPM2, 0x01))
Return (TPM2)
}
Case (4)
{
//
// d) Get Platform-Specific Action to Transition to Pre-OS Environment
//
Return (2)
}
Case (5)
{
//
// e) Return TPM Operation Response to OS Environment
//
Store (0x05, PPIP)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
Return (TPM3)
}
Case (6)
{
//
// f) Submit preferred user language (Not implemented)
//
Return (3)
}
Case (7)
{
//
// g) Submit TPM Operation Request to Pre-OS Environment 2
//
Store (7, PPIP)
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
Store (0, PPRM)
If (LEqual (PPRQ, 23)) {
Store (DerefOf (Index (Arg2, 0x01)), PPRM)
}
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Return (FRET)
}
Case (8)
{
//
// e) Get User Confirmation Status for Operation
//
Store (8, PPIP)
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Return (FRET)
}
Default {BreakPoint}
}
Return (1)
}
Method (TMCI, 3, Serialized, 0, IntObj, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
{
//
// Switch by function index
//
Switch (ToInteger (Arg1))
{
Case (0)
{
//
// Standard query, supports function 1-1
//
Return (Buffer () {0x03})
}
Case (1)
{
//
// Save the Operation Value of the Request to MORD (reserved memory)
//
Store (DerefOf (Index (Arg2, 0x00)), MORD)
//
// Triggle the SMI through ACPI _DSM method.
//
Store (0x01, MCIP)
//
// Triggle the SMI interrupt
//
Store (MCIN, IOB2)
Return (MRET)
}
Default {BreakPoint}
}
Return (1)
}
Method (_DSM, 4, Serialized, 0, UnknownObj, {BuffObj, IntObj, IntObj, PkgObj})
{
//
// TCG Hardware Information
//
If(LEqual(Arg0, ToUUID ("cf8e16a5-c1e8-4e25-b712-4f54a96702c8")))
{
Return (HINF (Arg1, Arg2, Arg3))
}
//
// TCG Physical Presence Interface
//
If(LEqual(Arg0, ToUUID ("3dddfaa6-361b-4eb4-a424-8d10089d1653")))
{
Return (TPPI (Arg1, Arg2, Arg3))
}
//
// TCG Memory Clear Interface
//
If(LEqual(Arg0, ToUUID ("376054ed-cc13-4675-901c-4756d7f2d45d")))
{
Return (TMCI (Arg1, Arg2, Arg3))
}
Return (Buffer () {0})
}
}
}
}