tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Add TPM Physical Presence >=128 operation value support. 

The Tcg/TrEE PhysicalPresence library will depend on Tcg/TrEE PpVendor library.
The default NULL library instance is provided in this package.
OEM can create OemPpVendorLib as override to handle >=128 operation value.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <jiewen.yao@intel.com>
Reviewed-by: "Dong, Guo" <guo.dong@intel.com>




git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16597 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Yao, Jiewen 2015-01-12 03:16:49 +00:00 committed by jyao1
parent c5f1d437ed
commit 4610b23ab1
22 changed files with 1009 additions and 237 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
SecurityPkg/Include/Guid/PhysicalPresenceData.h
View File

@ -4,7 +4,7 @@
cleared after it is processed in the next boot cycle. The TPM response
is saved to variable.
Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -63,6 +63,9 @@ typedef struct {
// It should be protected from malicious software (e.g. Set it as read-only variable).
//
#define PHYSICAL_PRESENCE_FLAGS_VARIABLE L"PhysicalPresenceFlags"
typedef struct {
UINT8 PPFlags;
} EFI_PHYSICAL_PRESENCE_FLAGS;
//
// The definition bit of the TPM Management Flags

7
SecurityPkg/Include/Guid/TrEEPhysicalPresenceData.h
View File

@ -4,7 +4,7 @@
cleared after it is processed in the next boot cycle. The TPM2 response
is saved to variable.
Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -34,7 +34,9 @@ typedef struct {
//
// The definition bit of the flags
//
// BIT0 is reserved
#define TREE_FLAG_NO_PPI_CLEAR BIT1
// BIT2 is reserved
#define TREE_FLAG_RESET_TRACK BIT3
//
@ -42,6 +44,9 @@ typedef struct {
// It should be protected from malicious software (e.g. Set it as read-only variable).
//
#define TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE L"TrEEPhysicalPresenceFlags"
typedef struct {
UINT8 PPFlags;
} EFI_TREE_PHYSICAL_PRESENCE_FLAGS;
//
// The definition of physical presence operation actions

159
SecurityPkg/Include/Library/TcgPpVendorLib.h Normal file
View File

@ -0,0 +1,159 @@
/** @file
Ihis library is to support TCG Physical Presence Interface (PPI) specification
>= 128 Vendor Specific PPI Operation.
The Vendor Specific PPI operation may change TPM state, BIOS TPM management
flags, and may need additional boot cycle.
Caution: This function may receive untrusted input.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TCG_PP_VENDOR_LIB_H_
#define _TCG_PP_VENDOR_LIB_H_
//
// The definition of physical presence operation actions
//
#define TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION 128
//
// The definition bit of the BIOS TPM Management Flags
//
#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION BIT0
#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR BIT1
#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE BIT2
#define TCG_VENDOR_LIB_FLAG_RESET_TRACK BIT3
//
// The definition for TPM Operation Response to OS Environment
//
#define TCG_PP_OPERATION_RESPONSE_SUCCESS 0x0
#define TCG_PP_OPERATION_RESPONSE_USER_ABORT 0xFFFFFFF0
#define TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE 0xFFFFFFF1
//
// The return code for Sumbit TPM Request to Pre-OS Environment
// and Sumbit TPM Request to Pre-OS Environment 2
//
#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS 0
#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED 1
#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE 2
#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS 3
//
// The return code for Get User Confirmation Status for Operation
//
#define TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED 0
#define TCG_PP_GET_USER_CONFIRMATION_BIOS_ONLY 1
#define TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION 2
#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED 3
#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED 4
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
TcgPpVendorLibExecutePendingRequest (
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
);
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
TcgPpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
);
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
TcgPpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
);
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
TcgPpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
);
#endif

164
SecurityPkg/Include/Library/TrEEPpVendorLib.h Normal file
View File

@ -0,0 +1,164 @@
/** @file
Ihis library is to support Trusted Execution Environment (TrEE) ACPI Profile
>= 128 Vendor Specific PPI Operation.
The Vendor Specific PPI operation may change TPM state, BIOS TPM management
flags, and may need additional boot cycle.
Caution: This function may receive untrusted input.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#ifndef _TREE_PP_VENDOR_LIB_H_
#define _TREE_PP_VENDOR_LIB_H_
#include <IndustryStandard/Tpm20.h>
#include <Protocol/TrEEProtocol.h>
//
// The definition of physical presence operation actions
//
#define TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION 128
//
// The definition bit of the BIOS TPM Management Flags
//
// BIT0 is reserved
#define TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR BIT1
// BIT2 is reserved
#define TREE_VENDOR_LIB_FLAG_RESET_TRACK BIT3
//
// The definition for TPM Operation Response to OS Environment
//
#define TREE_PP_OPERATION_RESPONSE_SUCCESS 0x0
#define TREE_PP_OPERATION_RESPONSE_USER_ABORT 0xFFFFFFF0
#define TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE 0xFFFFFFF1
//
// The return code for Sumbit TPM Request to Pre-OS Environment
// and Sumbit TPM Request to Pre-OS Environment 2
//
#define TREE_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS 0
#define TREE_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED 1
#define TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE 2
#define TREE_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS 3
//
// The return code for Get User Confirmation Status for Operation
//
#define TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED 0
#define TREE_PP_GET_USER_CONFIRMATION_BIOS_ONLY 1
#define TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION 2
#define TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED 3
#define TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED 4
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
TrEEPpVendorLibExecutePendingRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
);
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
TrEEPpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
);
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
TrEEPpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
);
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
TrEEPpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
);
#endif

199
SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
View File

@ -8,7 +8,7 @@
ExecutePendingTpmRequest() will receive untrusted input and do validation.
Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -34,9 +34,8 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/HiiLib.h>
#include <Guid/EventGroup.h>
#include <Guid/PhysicalPresenceData.h>
#include <Library/TcgPpVendorLib.h>
#define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))
#define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))
#define CONFIRM_BUFFER_SIZE 4096
EFI_HII_HANDLE mPpStringPackHandle;
@ -184,12 +183,12 @@ TpmPhysicalPresence (
@param[in] AdditionalParameterSize Additional parameter size.
@param[in] AdditionalParameters Pointer to the Additional paramaters.
@retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
@retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
**/
TPM_RESULT
UINT32
TpmCommandNoReturnData (
IN EFI_TCG_PROTOCOL *TcgProtocol,
IN TPM_COMMAND_CODE Ordinal,
@ -204,7 +203,7 @@ TpmCommandNoReturnData (
TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);
if (TpmRqu == NULL) {
return TPM_PP_BIOS_FAILURE;
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
@ -222,7 +221,7 @@ TpmCommandNoReturnData (
);
FreePool (TpmRqu);
if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {
return TPM_PP_BIOS_FAILURE;
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
return SwapBytes32 (TpmRsp.returnCode);
}
@ -234,21 +233,21 @@ TpmCommandNoReturnData (
@param[in] CommandCode Physical presence operation value.
@param[in, out] PpiFlags The physical presence interface flags.
@retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.
@retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
@retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
@retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
**/
TPM_RESULT
UINT32
ExecutePhysicalPresence (
IN EFI_TCG_PROTOCOL *TcgProtocol,
IN UINT8 CommandCode,
IN OUT UINT8 *PpiFlags
IN EFI_TCG_PROTOCOL *TcgProtocol,
IN UINT32 CommandCode,
IN OUT EFI_PHYSICAL_PRESENCE_FLAGS *PpiFlags
)
{
BOOLEAN BoolVal;
TPM_RESULT TpmResponse;
UINT32 TpmResponse;
UINT32 InData[5];
switch (CommandCode) {
@ -331,12 +330,12 @@ ExecutePhysicalPresence (
// PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
// PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
//
if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
*PpiFlags |= FLAG_RESET_TRACK;
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);
*PpiFlags &= ~FLAG_RESET_TRACK;
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
return TpmResponse;
@ -366,7 +365,7 @@ ExecutePhysicalPresence (
// This command requires UI to prompt user for Auth data
// Here it is NOT implemented
//
return TPM_PP_BIOS_FAILURE;
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);
@ -376,27 +375,27 @@ ExecutePhysicalPresence (
return TpmResponse;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
*PpiFlags &= ~FLAG_NO_PPI_PROVISION;
PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;
return 0;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:
*PpiFlags |= FLAG_NO_PPI_PROVISION;
PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;
return 0;
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:
*PpiFlags &= ~FLAG_NO_PPI_CLEAR;
PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;
return 0;
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
*PpiFlags |= FLAG_NO_PPI_CLEAR;
PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;
return 0;
case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:
*PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;
PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;
return 0;
case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:
*PpiFlags |= FLAG_NO_PPI_MAINTENANCE;
PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;
return 0;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
@ -404,12 +403,12 @@ ExecutePhysicalPresence (
// PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
// PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
//
if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
*PpiFlags |= FLAG_RESET_TRACK;
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);
*PpiFlags &= ~FLAG_RESET_TRACK;
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
return TpmResponse;
@ -418,19 +417,19 @@ ExecutePhysicalPresence (
// PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
// PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
//
if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
*PpiFlags |= FLAG_RESET_TRACK;
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);
*PpiFlags &= ~FLAG_RESET_TRACK;
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
return TpmResponse;
default:
;
}
return TPM_PP_BIOS_FAILURE;
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
@ -519,7 +518,7 @@ TcgPhysicalPresenceLibConstructor (
**/
BOOLEAN
UserConfirm (
IN UINT8 TpmPpCommand
IN UINT32 TpmPpCommand
)
{
CHAR16 *ConfirmText;
@ -910,11 +909,12 @@ UserConfirm (
**/
BOOLEAN
HaveValidTpmRequest (
IN EFI_PHYSICAL_PRESENCE *TcgPpData,
IN UINT8 Flags,
OUT BOOLEAN *RequestConfirmed
IN EFI_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_PHYSICAL_PRESENCE_FLAGS Flags,
OUT BOOLEAN *RequestConfirmed
)
{
BOOLEAN IsRequestValid;
*RequestConfirmed = FALSE;
@ -933,27 +933,27 @@ HaveValidTpmRequest (
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:
if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
*RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_CLEAR:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
*RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) {
*RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
*RequestConfirmed = TRUE;
}
break;
@ -970,13 +970,22 @@ HaveValidTpmRequest (
break;
default:
//
// Wrong Physical Presence command
//
return FALSE;
if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
IsRequestValid = TcgPpVendorLibHasValidRequest (TcgPpData->PPRequest, Flags.PPFlags, RequestConfirmed);
if (!IsRequestValid) {
return FALSE;
} else {
break;
}
} else {
//
// Wrong Physical Presence command
//
return FALSE;
}
}
if ((Flags & FLAG_RESET_TRACK) != 0) {
if ((Flags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) != 0) {
//
// It had been confirmed in last boot, it doesn't need confirm again.
//
@ -1004,21 +1013,23 @@ HaveValidTpmRequest (
**/
VOID
ExecutePendingTpmRequest (
IN EFI_TCG_PROTOCOL *TcgProtocol,
IN EFI_PHYSICAL_PRESENCE *TcgPpData,
IN UINT8 Flags
IN EFI_TCG_PROTOCOL *TcgProtocol,
IN EFI_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
)
{
EFI_STATUS Status;
UINTN DataSize;
BOOLEAN RequestConfirmed;
UINT8 NewFlags;
EFI_PHYSICAL_PRESENCE_FLAGS NewFlags;
BOOLEAN ResetRequired;
UINT32 NewPPFlags;
if (!HaveValidTpmRequest(TcgPpData, Flags, &RequestConfirmed)) {
//
// Invalid operation request.
//
TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;
TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
@ -1032,43 +1043,50 @@ ExecutePendingTpmRequest (
return;
}
if (!RequestConfirmed) {
//
// Print confirm text and wait for approval.
//
RequestConfirmed = UserConfirm (TcgPpData->PPRequest);
}
ResetRequired = FALSE;
if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
NewFlags = Flags;
NewPPFlags = NewFlags.PPFlags;
TcgPpData->PPResponse = TcgPpVendorLibExecutePendingRequest (TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);
NewFlags.PPFlags = (UINT8)NewPPFlags;
} else {
if (!RequestConfirmed) {
//
// Print confirm text and wait for approval.
//
RequestConfirmed = UserConfirm (TcgPpData->PPRequest);
}
//
// Execute requested physical presence command
//
TcgPpData->PPResponse = TPM_PP_USER_ABORT;
NewFlags = Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &NewFlags);
//
// Execute requested physical presence command
//
TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_USER_ABORT;
NewFlags = Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &NewFlags);
}
}
//
// Save the flags if it is updated.
//
if (Flags != NewFlags) {
if (CompareMem (&Flags, &NewFlags, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS)) != 0) {
Status = gRT->SetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (UINT8),
sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
&NewFlags
);
if (EFI_ERROR (Status)) {
return;
}
}
//
// Clear request
//
if ((NewFlags & FLAG_RESET_TRACK) == 0) {
if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
}
@ -1088,7 +1106,7 @@ ExecutePendingTpmRequest (
return;
}
if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {
if (TcgPpData->PPResponse == TCG_PP_OPERATION_RESPONSE_USER_ABORT) {
return;
}
@ -1109,6 +1127,13 @@ ExecutePendingTpmRequest (
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
break;
default:
if (TcgPpData->LastPPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
if (ResetRequired) {
break;
} else {
return ;
}
}
if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {
break;
}
@ -1146,7 +1171,7 @@ TcgPhysicalPresenceLibProcessRequest (
EFI_PHYSICAL_PRESENCE TcgPpData;
EFI_TCG_PROTOCOL *TcgProtocol;
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
UINT8 PpiFlags;
EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
@ -1156,7 +1181,7 @@ TcgPhysicalPresenceLibProcessRequest (
//
// Initialize physical presence flags.
//
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
Status = gRT->GetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,
@ -1165,12 +1190,12 @@ TcgPhysicalPresenceLibProcessRequest (
&PpiFlags
);
if (EFI_ERROR (Status)) {
PpiFlags = FLAG_NO_PPI_PROVISION;
PpiFlags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;
Status = gRT->SetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (UINT8),
sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
&PpiFlags
);
if (EFI_ERROR (Status)) {
@ -1178,7 +1203,7 @@ TcgPhysicalPresenceLibProcessRequest (
return ;
}
}
DEBUG ((EFI_D_INFO, "[TPM] PpiFlags = %x\n", PpiFlags));
DEBUG ((EFI_D_INFO, "[TPM] PpiFlags = %x\n", PpiFlags.PPFlags));
//
// This flags variable controls whether physical presence is required for TPM command.
@ -1224,7 +1249,7 @@ TcgPhysicalPresenceLibProcessRequest (
}
}
DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags, TcgPpData.PPRequest));
DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags.PPFlags, TcgPpData.PPRequest));
if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {
//
@ -1284,14 +1309,14 @@ TcgPhysicalPresenceLibNeedUserConfirm(
VOID
)
{
EFI_STATUS Status;
EFI_PHYSICAL_PRESENCE TcgPpData;
UINTN DataSize;
BOOLEAN RequestConfirmed;
BOOLEAN LifetimeLock;
BOOLEAN CmdEnable;
EFI_TCG_PROTOCOL *TcgProtocol;
UINT8 PpiFlags;
EFI_STATUS Status;
EFI_PHYSICAL_PRESENCE TcgPpData;
UINTN DataSize;
BOOLEAN RequestConfirmed;
BOOLEAN LifetimeLock;
BOOLEAN CmdEnable;
EFI_TCG_PROTOCOL *TcgProtocol;
EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
@ -1313,7 +1338,7 @@ TcgPhysicalPresenceLibNeedUserConfirm(
return FALSE;
}
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
Status = gRT->GetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,

3
SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.inf
View File

@ -9,7 +9,7 @@
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -54,6 +54,7 @@
DebugLib
PrintLib
HiiLib
TcgPpVendorLib
[Protocols]
gEfiTcgProtocolGuid ## CONSUMES

155
SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
View File

@ -7,7 +7,7 @@
TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -34,10 +34,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Guid/EventGroup.h>
#include <Guid/TrEEPhysicalPresenceData.h>
#include <Library/Tpm2CommandLib.h>
#define TPM_PP_SUCCESS 0
#define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))
#define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))
#include <Library/TrEEPpVendorLib.h>
#define CONFIRM_BUFFER_SIZE 4096
@ -113,16 +110,16 @@ Done:
@param[in] CommandCode Physical presence operation value.
@param[in, out] PpiFlags The physical presence interface flags.
@retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.
@retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
@retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
@retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
receiving response from TPM.
@retval Others Return code from the TPM device after command execution.
**/
TPM_RESULT
UINT32
TrEEExecutePhysicalPresence (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT8 CommandCode,
IN OUT UINT8 *PpiFlags
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 CommandCode,
IN OUT EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags
)
{
EFI_STATUS Status;
@ -134,24 +131,24 @@ TrEEExecutePhysicalPresence (
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4:
Status = TpmCommandClear (PlatformAuth);
if (EFI_ERROR (Status)) {
return TPM_PP_BIOS_FAILURE;
return TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE;
} else {
return TPM_PP_SUCCESS;
return TREE_PP_OPERATION_RESPONSE_SUCCESS;
}
case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:
*PpiFlags &= ~TREE_FLAG_NO_PPI_CLEAR;
return TPM_PP_SUCCESS;
PpiFlags->PPFlags &= ~TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;
return TREE_PP_OPERATION_RESPONSE_SUCCESS;
case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
*PpiFlags |= TREE_FLAG_NO_PPI_CLEAR;
return TPM_PP_SUCCESS;
PpiFlags->PPFlags |= TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;
return TREE_PP_OPERATION_RESPONSE_SUCCESS;
default:
if (CommandCode <= TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
return TPM_PP_SUCCESS;
return TREE_PP_OPERATION_RESPONSE_SUCCESS;
} else {
return TPM_PP_BIOS_FAILURE;
return TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
}
}
@ -233,7 +230,7 @@ TrEEPhysicalPresenceLibConstructor (
**/
BOOLEAN
TrEEUserConfirm (
IN UINT8 TpmPpCommand
IN UINT32 TpmPpCommand
)
{
CHAR16 *ConfirmText;
@ -346,11 +343,13 @@ TrEEUserConfirm (
**/
BOOLEAN
TrEEHaveValidTpmRequest (
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN UINT8 Flags,
OUT BOOLEAN *RequestConfirmed
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags,
OUT BOOLEAN *RequestConfirmed
)
{
BOOLEAN IsRequestValid;
*RequestConfirmed = FALSE;
switch (TcgPpData->PPRequest) {
@ -361,7 +360,7 @@ TrEEHaveValidTpmRequest (
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_2:
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_3:
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4:
if ((Flags & TREE_FLAG_NO_PPI_CLEAR) != 0) {
if ((Flags.PPFlags & TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
*RequestConfirmed = TRUE;
}
break;
@ -374,13 +373,22 @@ TrEEHaveValidTpmRequest (
break;
default:
//
// Wrong Physical Presence command
//
return FALSE;
if (TcgPpData->PPRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
IsRequestValid = TrEEPpVendorLibHasValidRequest (TcgPpData->PPRequest, Flags.PPFlags, RequestConfirmed);
if (!IsRequestValid) {
return FALSE;
} else {
break;
}
} else {
//
// Wrong Physical Presence command
//
return FALSE;
}
}
if ((Flags & TREE_FLAG_RESET_TRACK) != 0) {
if ((Flags.PPFlags & TREE_VENDOR_LIB_FLAG_RESET_TRACK) != 0) {
//
// It had been confirmed in last boot, it doesn't need confirm again.
//
@ -407,15 +415,17 @@ TrEEHaveValidTpmRequest (
**/
VOID
TrEEExecutePendingTpmRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN UINT8 Flags
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN EFI_TREE_PHYSICAL_PRESENCE *TcgPpData,
IN EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags
)
{
EFI_STATUS Status;
UINTN DataSize;
BOOLEAN RequestConfirmed;
UINT8 NewFlags;
EFI_TREE_PHYSICAL_PRESENCE_FLAGS NewFlags;
BOOLEAN ResetRequired;
UINT32 NewPPFlags;
if (TcgPpData->PPRequest == TREE_PHYSICAL_PRESENCE_NO_ACTION) {
//
@ -429,9 +439,9 @@ TrEEExecutePendingTpmRequest (
// Invalid operation request.
//
if (TcgPpData->PPRequest <= TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
TcgPpData->PPResponse = TPM_PP_SUCCESS;
TcgPpData->PPResponse = TREE_PP_OPERATION_RESPONSE_SUCCESS;
} else {
TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;
TcgPpData->PPResponse = TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
TcgPpData->PPRequest = TREE_PHYSICAL_PRESENCE_NO_ACTION;
@ -446,33 +456,41 @@ TrEEExecutePendingTpmRequest (
return;
}
if (!RequestConfirmed) {
//
// Print confirm text and wait for approval.
//
RequestConfirmed = TrEEUserConfirm (TcgPpData->PPRequest
);
}
ResetRequired = FALSE;
if (TcgPpData->PPRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
NewFlags = Flags;
NewPPFlags = NewFlags.PPFlags;
TcgPpData->PPResponse = TrEEPpVendorLibExecutePendingRequest (PlatformAuth, TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);
NewFlags.PPFlags = (UINT8)NewPPFlags;
} else {
if (!RequestConfirmed) {
//
// Print confirm text and wait for approval.
//
RequestConfirmed = TrEEUserConfirm (TcgPpData->PPRequest
);
}
//
// Execute requested physical presence command
//
TcgPpData->PPResponse = TPM_PP_USER_ABORT;
NewFlags = Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = TrEEExecutePhysicalPresence (PlatformAuth, TcgPpData->PPRequest,
&NewFlags);
//
// Execute requested physical presence command
//
TcgPpData->PPResponse = TREE_PP_OPERATION_RESPONSE_USER_ABORT;
NewFlags = Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = TrEEExecutePhysicalPresence (PlatformAuth, TcgPpData->PPRequest,
&NewFlags);
}
}
//
// Save the flags if it is updated.
//
if (Flags != NewFlags) {
if (CompareMem (&Flags, &NewFlags, sizeof(EFI_TREE_PHYSICAL_PRESENCE_FLAGS)) != 0) {
Status = gRT->SetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (UINT8),
sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS),
&NewFlags
);
}
@ -480,7 +498,7 @@ TrEEExecutePendingTpmRequest (
//
// Clear request
//
if ((NewFlags & TREE_FLAG_RESET_TRACK) == 0) {
if ((NewFlags.PPFlags & TREE_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
TcgPpData->PPRequest = TREE_PHYSICAL_PRESENCE_NO_ACTION;
}
@ -500,7 +518,7 @@ TrEEExecutePendingTpmRequest (
return;
}
if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {
if (TcgPpData->PPResponse == TREE_PP_OPERATION_RESPONSE_USER_ABORT) {
return;
}
@ -514,6 +532,13 @@ TrEEExecutePendingTpmRequest (
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4:
break;
default:
if (TcgPpData->LastPPRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
if (ResetRequired) {
break;
} else {
return ;
}
}
if (TcgPpData->PPRequest != TREE_PHYSICAL_PRESENCE_NO_ACTION) {
break;
}
@ -549,7 +574,7 @@ TrEEPhysicalPresenceLibProcessRequest (
EFI_TREE_PHYSICAL_PRESENCE TcgPpData;
EFI_TREE_PROTOCOL *TreeProtocol;
EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
UINT8 PpiFlags;
EFI_TREE_PHYSICAL_PRESENCE_FLAGS PpiFlags;
Status = gBS->LocateProtocol (&gEfiTrEEProtocolGuid, NULL, (VOID **) &TreeProtocol);
if (EFI_ERROR (Status)) {
@ -559,7 +584,7 @@ TrEEPhysicalPresenceLibProcessRequest (
//
// Initialize physical presence flags.
//
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
Status = gRT->GetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,
@ -568,12 +593,12 @@ TrEEPhysicalPresenceLibProcessRequest (
&PpiFlags
);
if (EFI_ERROR (Status)) {
PpiFlags = 0;
PpiFlags.PPFlags = 0;
Status = gRT->SetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
sizeof (UINT8),
sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS),
&PpiFlags
);
if (EFI_ERROR (Status)) {
@ -581,7 +606,7 @@ TrEEPhysicalPresenceLibProcessRequest (
return ;
}
}
DEBUG ((EFI_D_INFO, "[TPM2] PpiFlags = %x\n", PpiFlags));
DEBUG ((EFI_D_INFO, "[TPM2] PpiFlags = %x\n", PpiFlags.PPFlags));
//
// This flags variable controls whether physical presence is required for TPM command.
@ -627,13 +652,13 @@ TrEEPhysicalPresenceLibProcessRequest (
}
}
DEBUG ((EFI_D_INFO, "[TPM2] Flags=%x, PPRequest=%x (LastPPRequest=%x)\n", PpiFlags, TcgPpData.PPRequest, TcgPpData.LastPPRequest));
DEBUG ((EFI_D_INFO, "[TPM2] Flags=%x, PPRequest=%x (LastPPRequest=%x)\n", PpiFlags.PPFlags, TcgPpData.PPRequest, TcgPpData.LastPPRequest));
//
// Execute pending TPM request.
//
TrEEExecutePendingTpmRequest (PlatformAuth, &TcgPpData, PpiFlags);
DEBUG ((EFI_D_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags));
DEBUG ((EFI_D_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags.PPFlags));
}
@ -658,7 +683,7 @@ TrEEPhysicalPresenceLibNeedUserConfirm(
UINTN DataSize;
BOOLEAN RequestConfirmed;
EFI_TREE_PROTOCOL *TreeProtocol;
UINT8 PpiFlags;
EFI_TREE_PHYSICAL_PRESENCE_FLAGS PpiFlags;
Status = gBS->LocateProtocol (&gEfiTrEEProtocolGuid, NULL, (VOID **) &TreeProtocol);
if (EFI_ERROR (Status)) {
@ -680,7 +705,7 @@ TrEEPhysicalPresenceLibNeedUserConfirm(
return FALSE;
}
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
Status = gRT->GetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,

3
SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
View File

@ -8,7 +8,7 @@
# This driver will have external input - variable.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -54,6 +54,7 @@
PrintLib
HiiLib
Tpm2CommandLib
TrEEPpVendorLib
[Protocols]
gEfiTrEEProtocolGuid ## CONSUMES

129
SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c Normal file
View File

@ -0,0 +1,129 @@
/** @file
NULL TCG PP Vendor library instance that does not support any vendor specific PPI.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/DebugLib.h>
#include <Library/TcgPpVendorLib.h>
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
TcgPpVendorLibExecutePendingRequest (
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
TcgPpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return FALSE;
}
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
TcgPpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
}
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
TcgPpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
}

37
SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf Normal file
View File

@ -0,0 +1,37 @@
## @file
# NULL TCG PP Vendor library instance that does not support any vendor specific PPI
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = TcgPpVendorLibNull
MODULE_UNI_FILE = TcgPpVendorLibNull.uni
FILE_GUID = 8489334D-4219-4CA1-9B42-1D46B0B75861
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = TcgPpVendorLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
TcgPpVendorLibNull.c
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
DebugLib

BIN
SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.uni Normal file
View File

Binary file not shown.

131
SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.c Normal file
View File

@ -0,0 +1,131 @@
/** @file
NULL TrEE PP Vendor library instance that does not support any vendor specific PPI.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include <Library/DebugLib.h>
#include <Library/TrEEPpVendorLib.h>
/**
Check and execute the requested physical presence command.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] PlatformAuth platform auth value. NULL means no platform auth change.
@param[in] OperationRequest TPM physical presence operation request.
@param[in, out] ManagementFlags BIOS TPM Management Flags.
@param[out] ResetRequired If reset is required to vendor settings in effect.
True, it indicates the reset is required.
False, it indicates the reset is not required.
@return TPM Operation Response to OS Environment.
**/
UINT32
EFIAPI
TrEEPpVendorLibExecutePendingRequest (
IN TPM2B_AUTH *PlatformAuth, OPTIONAL
IN UINT32 OperationRequest,
IN OUT UINT32 *ManagementFlags,
OUT BOOLEAN *ResetRequired
)
{
ASSERT (OperationRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
/**
Check if there is a valid physical presence command request.
This API should be invoked in BIOS boot phase to process pending request.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
True, it indicates the command doesn't require user confirm.
False, it indicates the command need user confirm from UI.
@retval TRUE Physical Presence operation command is valid.
@retval FALSE Physical Presence operation command is invalid.
**/
BOOLEAN
EFIAPI
TrEEPpVendorLibHasValidRequest (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags,
OUT BOOLEAN *RequestConfirmed
)
{
ASSERT (OperationRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return FALSE;
}
/**
The callback for TPM vendor specific physical presence which is called for
Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Submit TPM Operation Request to Pre-OS Environment and
Submit TPM Operation Request to Pre-OS Environment 2.
**/
UINT32
EFIAPI
TrEEPpVendorLibSubmitRequestToPreOSFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TREE_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
}
/**
The callback for TPM vendor specific physical presence which is called for
Get User Confirmation Status for Operation.
This API should be invoked in OS runtime phase to interface with ACPI method.
Caution: This function may receive untrusted input.
If OperationRequest < 128, then ASSERT().
@param[in] OperationRequest TPM physical presence operation request.
@param[in] ManagementFlags BIOS TPM Management Flags.
@return Return Code for Get User Confirmation Status for Operation.
**/
UINT32
EFIAPI
TrEEPpVendorLibGetUserConfirmationStatusFunction (
IN UINT32 OperationRequest,
IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
return TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
}

37
SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf Normal file
View File

@ -0,0 +1,37 @@
## @file
# NULL TrEE PP Vendor library instance that does not support any vendor specific PPI
#
# Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
# http://opensource.org/licenses/bsd-license.php
# THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
# WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#
##
[Defines]
INF_VERSION = 0x00010005
BASE_NAME = TrEEPpVendorLibNull
MODULE_UNI_FILE = TrEEPpVendorLibNull.uni
FILE_GUID = FB76E42B-EA77-48F3-A61D-208FF0535F92
MODULE_TYPE = DXE_DRIVER
VERSION_STRING = 1.0
LIBRARY_CLASS = TrEEPpVendorLib|DXE_RUNTIME_DRIVER DXE_SMM_DRIVER DXE_DRIVER
#
# The following information is for reference only and not required by the build tools.
#
# VALID_ARCHITECTURES = IA32 X64 IPF EBC
#
[Sources]
TrEEPpVendorLibNull.c
[Packages]
MdePkg/MdePkg.dec
SecurityPkg/SecurityPkg.dec
[LibraryClasses]
DebugLib

BIN
SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.uni Normal file
View File

Binary file not shown.

10
SecurityPkg/SecurityPkg.dec
View File

@ -5,7 +5,7 @@
# It also provides the definitions(including PPIs/PROTOCOLs/GUIDs and library classes)
# and libraries instances, which are used for those features.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials are licensed and made available under
# the terms and conditions of the BSD License which accompanies this distribution.
# The full text of the license may be found at
@ -39,6 +39,10 @@
#
TcgPhysicalPresenceLib|Include/Library/TcgPhysicalPresenceLib.h
## @libraryclass Provides support for TCG PP >= 128 Vendor Specific PPI Operation.
#
TcgPpVendorLib|Include/Library/TcgPpVendorLib.h
## @libraryclass Provides interfaces for other modules to send TPM 2.0 command.
#
Tpm2CommandLib|Include/Library/Tpm2CommandLib.h
@ -66,6 +70,10 @@
## @libraryclass Provides interfaces to handle TPM 2.0 request.
#
TrEEPhysicalPresenceLib|Include/Library/TrEEPhysicalPresenceLib.h
## @libraryclass Provides support for TrEE PP >= 128 Vendor Specific PPI Operation.
#
TrEEPpVendorLib|Include/Library/TrEEPpVendorLib.h
[Guids]
## Security package token space guid.

4
SecurityPkg/SecurityPkg.dsc
View File

@ -1,7 +1,7 @@
## @file
# Security Module Package for All Architectures.
#
# Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -55,6 +55,8 @@
Tpm12CommandLib|SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf
Tpm2CommandLib|SecurityPkg/Library/Tpm2CommandLib/Tpm2CommandLib.inf
TrEEPhysicalPresenceLib|SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.inf
TcgPpVendorLib|SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.inf
TrEEPpVendorLib|SecurityPkg/Library/TrEEPpVendorLibNull/TrEEPpVendorLibNull.inf
[LibraryClasses.common.PEIM]
PeimEntryPoint|MdePkg/Library/PeimEntryPoint/PeimEntryPoint.inf

71
SecurityPkg/Tcg/TcgSmm/TcgSmm.c
View File

@ -8,7 +8,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -53,7 +53,7 @@ PhysicalPresenceCallback (
EFI_STATUS Status;
UINTN DataSize;
EFI_PHYSICAL_PRESENCE PpData;
UINT8 Flags;
EFI_PHYSICAL_PRESENCE_FLAGS Flags;
BOOLEAN RequestConfirmed;
//
@ -67,23 +67,31 @@ PhysicalPresenceCallback (
&DataSize,
&PpData
);
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
DEBUG ((EFI_D_INFO, "[TPM] PP callback, Parameter = %x\n", mTcgNvs->PhysicalPresence.Parameter));
if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;
mTcgNvs->PhysicalPresence.LastRequest = 0;
mTcgNvs->PhysicalPresence.Response = 0;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;
mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
mTcgNvs->PhysicalPresence.Response = PpData.PPResponse;
} else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
|| (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) {
//
// This command requires UI to prompt user for Auth data.
//
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
return EFI_SUCCESS;
}
@ -100,15 +108,35 @@ PhysicalPresenceCallback (
}
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
return EFI_SUCCESS;
}
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
Status = mSmmVariable->SmmGetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,
NULL,
&DataSize,
&Flags
);
if (EFI_ERROR (Status)) {
Flags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;
}
mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibSubmitRequestToPreOSFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
}
} else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
//
// Get the Physical Presence flags
//
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
Status = mSmmVariable->SmmGetVariable (
PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiPhysicalPresenceGuid,
@ -117,7 +145,7 @@ PhysicalPresenceCallback (
&Flags
);
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@ -135,27 +163,27 @@ PhysicalPresenceCallback (
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_CLEAR:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) {
RequestConfirmed = TRUE;
}
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
RequestConfirmed = TRUE;
}
break;
@ -171,15 +199,20 @@ PhysicalPresenceCallback (
//
// This command requires UI to prompt user for Auth data
//
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
return EFI_SUCCESS;
default:
break;
}
if (RequestConfirmed) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
} else {
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
}
if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
}
}
return EFI_SUCCESS;

22
SecurityPkg/Tcg/TcgSmm/TcgSmm.h
View File

@ -1,7 +1,7 @@
/** @file
The header file for TCG SMM driver.
Copyright (c) 2012 - 2013, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -36,6 +36,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/DxeServicesLib.h>
#include <Library/TpmMeasurementLib.h>
#include <Library/PcdLib.h>
#include <Library/TcgPpVendorLib.h>
#pragma pack(1)
typedef struct {
@ -83,23 +84,10 @@ typedef struct {
#define ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST 8
//
// The return code for Get User Confirmation Status for Operation
// The return code for Return TPM Operation Response to OS Environment
//
#define PP_REQUEST_NOT_IMPLEMENTED 0
#define PP_REQUEST_BIOS_ONLY 1
#define PP_REQUEST_BLOCKED 2
#define PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED 3
#define PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED 4
//
// The return code for Sumbit TPM Request to Pre-OS Environment
// and Sumbit TPM Request to Pre-OS Environment 2
//
#define PP_SUBMIT_REQUEST_SUCCESS 0
#define PP_SUBMIT_REQUEST_NOT_IMPLEMENTED 1
#define PP_SUBMIT_REQUEST_GENERAL_FAILURE 2
#define PP_SUBMIT_REQUEST_BLOCKED_BY_BIOS_SETTINGS 3
#define PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS 0
#define PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE 1
//
// The definition for TCG MOR

3
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
View File

@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -49,6 +49,7 @@
DxeServicesLib
TpmMeasurementLib
PcdLib
TcgPpVendorLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"

82
SecurityPkg/Tcg/TrEESmm/TrEESmm.c
View File

@ -9,7 +9,7 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -66,11 +66,11 @@ PhysicalPresenceCallback (
IN OUT UINTN *CommBufferSize
)
{
EFI_STATUS Status;
UINTN DataSize;
EFI_TREE_PHYSICAL_PRESENCE PpData;
UINT8 Flags;
BOOLEAN RequestConfirmed;
EFI_STATUS Status;
UINTN DataSize;
EFI_TREE_PHYSICAL_PRESENCE PpData;
EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags;
BOOLEAN RequestConfirmed;
//
// Get the Physical Presence variable
@ -83,24 +83,33 @@ PhysicalPresenceCallback (
&DataSize,
&PpData
);
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
DEBUG ((EFI_D_INFO, "[TPM2] PP callback, Parameter = %x, Request = %x\n", mTcgNvs->PhysicalPresence.Parameter, mTcgNvs->PhysicalPresence.Request));
if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;
mTcgNvs->PhysicalPresence.LastRequest = 0;
mTcgNvs->PhysicalPresence.Response = 0;
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;
mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
mTcgNvs->PhysicalPresence.Response = PpData.PPResponse;
} else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
|| (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
if (mTcgNvs->PhysicalPresence.Request > TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
if ((mTcgNvs->PhysicalPresence.Request > TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
(mTcgNvs->PhysicalPresence.Request < TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) ) {
//
// This command requires UI to prompt user for Auth data.
//
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
return EFI_SUCCESS;
}
@ -117,16 +126,36 @@ PhysicalPresenceCallback (
}
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Set PP variable failure! Status = %r\n", Status));
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;
if (mTcgNvs->PhysicalPresence.Request >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
Status = mSmmVariable->SmmGetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,
NULL,
&DataSize,
&Flags
);
if (EFI_ERROR (Status)) {
Flags.PPFlags = 0;
}
mTcgNvs->PhysicalPresence.ReturnCode = TrEEPpVendorLibSubmitRequestToPreOSFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
}
} else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
//
// Get the Physical Presence flags
//
DataSize = sizeof (UINT8);
DataSize = sizeof (EFI_TREE_PHYSICAL_PRESENCE_FLAGS);
Status = mSmmVariable->SmmGetVariable (
TREE_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
&gEfiTrEEPhysicalPresenceGuid,
@ -135,8 +164,8 @@ PhysicalPresenceCallback (
&Flags
);
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status));
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
DEBUG ((EFI_D_ERROR, "[TPM2] Get PP flags failure! Status = %r\n", Status));
return EFI_SUCCESS;
}
@ -148,7 +177,7 @@ PhysicalPresenceCallback (
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_2:
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_3:
case TREE_PHYSICAL_PRESENCE_CLEAR_CONTROL_CLEAR_4:
if ((Flags & TREE_FLAG_NO_PPI_CLEAR) != 0) {
if ((Flags.PPFlags & TREE_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
RequestConfirmed = TRUE;
}
break;
@ -164,17 +193,22 @@ PhysicalPresenceCallback (
if (mTcgNvs->PhysicalPresence.Request <= TREE_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
RequestConfirmed = TRUE;
} else {
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED;
return EFI_SUCCESS;
if (mTcgNvs->PhysicalPresence.Request < TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
return EFI_SUCCESS;
}
}
break;
}
if (RequestConfirmed) {
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
} else {
mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;
mTcgNvs->PhysicalPresence.ReturnCode = TREE_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
}
if (mTcgNvs->PhysicalPresence.Request >= TREE_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
mTcgNvs->PhysicalPresence.ReturnCode = TrEEPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
}
}
return EFI_SUCCESS;

22
SecurityPkg/Tcg/TrEESmm/TrEESmm.h
View File

@ -1,7 +1,7 @@
/** @file
The header file for TrEE SMM driver.
Copyright (c) 2013, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -37,6 +37,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/DxeServicesLib.h>
#include <Library/TpmMeasurementLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/TrEEPpVendorLib.h>
#pragma pack(1)
typedef struct {
@ -84,23 +85,10 @@ typedef struct {
#define ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST 8
//
// The return code for Get User Confirmation Status for Operation
// The return code for Return TPM Operation Response to OS Environment
//
#define PP_REQUEST_NOT_IMPLEMENTED 0
#define PP_REQUEST_BIOS_ONLY 1
#define PP_REQUEST_BLOCKED 2
#define PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED 3
#define PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED 4
//
// The return code for Sumbit TPM Request to Pre-OS Environment
// and Sumbit TPM Request to Pre-OS Environment 2
//
#define PP_SUBMIT_REQUEST_SUCCESS 0
#define PP_SUBMIT_REQUEST_NOT_IMPLEMENTED 1
#define PP_SUBMIT_REQUEST_GENERAL_FAILURE 2
#define PP_SUBMIT_REQUEST_BLOCKED_BY_BIOS_SETTINGS 3
#define PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS 0
#define PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE 1
//
// The definition for TCG MOR

3
SecurityPkg/Tcg/TrEESmm/TrEESmm.inf
View File

@ -9,7 +9,7 @@
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@ -49,6 +49,7 @@
DxeServicesLib
TpmMeasurementLib
Tpm2DeviceLib
TrEEPpVendorLib
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"