TianoCore EDK2 master
Loading...
Searching...
No Matches
Tcg2Dxe.c
Go to the documentation of this file.
1
10#include <PiDxe.h>
11#include <IndustryStandard/Acpi.h>
12#include <IndustryStandard/PeImage.h>
13#include <IndustryStandard/TcpaAcpi.h>
14
15#include <Guid/GlobalVariable.h>
16#include <Guid/HobList.h>
17#include <Guid/TcgEventHob.h>
18#include <Guid/EventGroup.h>
19#include <Guid/EventExitBootServiceFailed.h>
20#include <Guid/ImageAuthentication.h>
21#include <Guid/TpmInstance.h>
22#include <Guid/DeviceAuthentication.h>
23
24#include <Protocol/DevicePath.h>
25#include <Protocol/MpService.h>
26#include <Protocol/VariableWrite.h>
27#include <Protocol/Tcg2Protocol.h>
28#include <Protocol/TrEEProtocol.h>
29#include <Protocol/ResetNotification.h>
30
31#include <Library/DebugLib.h>
32#include <Library/BaseMemoryLib.h>
33#include <Library/UefiRuntimeServicesTableLib.h>
34#include <Library/UefiDriverEntryPoint.h>
35#include <Library/HobLib.h>
36#include <Library/UefiBootServicesTableLib.h>
37#include <Library/BaseLib.h>
38#include <Library/MemoryAllocationLib.h>
39#include <Library/PrintLib.h>
40#include <Library/Tpm2CommandLib.h>
41#include <Library/PcdLib.h>
42#include <Library/UefiLib.h>
43#include <Library/Tpm2DeviceLib.h>
44#include <Library/HashLib.h>
45#include <Library/PerformanceLib.h>
46#include <Library/ReportStatusCodeLib.h>
47#include <Library/Tcg2PhysicalPresenceLib.h>
48
49#define PERF_ID_TCG2_DXE 0x3120
50
51typedef struct {
52 CHAR16 *VariableName;
53 EFI_GUID *VendorGuid;
54} VARIABLE_TYPE;
55
56#define TCG2_DEFAULT_MAX_COMMAND_SIZE 0x1000
57#define TCG2_DEFAULT_MAX_RESPONSE_SIZE 0x1000
58
59typedef struct {
60 EFI_GUID *EventGuid;
61 EFI_TCG2_EVENT_LOG_FORMAT LogFormat;
62} TCG2_EVENT_INFO_STRUCT;
63
64TCG2_EVENT_INFO_STRUCT mTcg2EventInfo[] = {
65 { &gTcgEventEntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 },
66 { &gTcgEvent2EntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 },
67};
68
69#define TCG_EVENT_LOG_AREA_COUNT_MAX 2
70
71typedef struct {
72 EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat;
73 EFI_PHYSICAL_ADDRESS Lasa;
74 UINT64 Laml;
75 UINTN EventLogSize;
76 UINT8 *LastEvent;
77 BOOLEAN EventLogStarted;
78 BOOLEAN EventLogTruncated;
79 UINTN Next800155EventOffset;
80} TCG_EVENT_LOG_AREA_STRUCT;
81
82typedef struct _TCG_DXE_DATA {
83 EFI_TCG2_BOOT_SERVICE_CAPABILITY BsCap;
84 TCG_EVENT_LOG_AREA_STRUCT EventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];
85 BOOLEAN GetEventLogCalled[TCG_EVENT_LOG_AREA_COUNT_MAX];
86 TCG_EVENT_LOG_AREA_STRUCT FinalEventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];
87 EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable[TCG_EVENT_LOG_AREA_COUNT_MAX];
88} TCG_DXE_DATA;
89
90TCG_DXE_DATA mTcgDxeData = {
91 {
92 sizeof (EFI_TCG2_BOOT_SERVICE_CAPABILITY), // Size
93 { 1, 1 }, // StructureVersion
94 { 1, 1 }, // ProtocolVersion
95 EFI_TCG2_BOOT_HASH_ALG_SHA1, // HashAlgorithmBitmap
96 EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2, // SupportedEventLogs
97 TRUE, // TPMPresentFlag
98 TCG2_DEFAULT_MAX_COMMAND_SIZE, // MaxCommandSize
99 TCG2_DEFAULT_MAX_RESPONSE_SIZE, // MaxResponseSize
100 0, // ManufacturerID
101 0, // NumberOfPCRBanks
102 0, // ActivePcrBanks
103 },
104};
105
106UINTN mBootAttempts = 0;
107CHAR16 mBootVarName[] = L"BootOrder";
108
109VARIABLE_TYPE mVariableType[] = {
110 { EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid },
111 { EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid },
112 { EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid },
113 { EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid },
114 { EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid },
115};
116
117EFI_HANDLE mImageHandle;
118
138EFI_STATUS
139MeasurePeImageAndExtend (
140 IN UINT32 PCRIndex,
141 IN EFI_PHYSICAL_ADDRESS ImageAddress,
142 IN UINTN ImageSize,
143 OUT TPML_DIGEST_VALUES *DigestList
144 );
145
154VOID
155InternalDumpData (
156 IN UINT8 *Data,
157 IN UINTN Size
158 )
159{
160 UINTN Index;
161
162 for (Index = 0; Index < Size; Index++) {
163 DEBUG ((DEBUG_INFO, "%02x", (UINTN)Data[Index]));
164 }
165}
166
176VOID
177InitNoActionEvent (
178 IN OUT TCG_PCR_EVENT2_HDR *NoActionEvent,
179 IN UINT32 EventSize
180 )
181{
182 UINT32 DigestListCount;
183 TPMI_ALG_HASH HashAlgId;
184 UINT8 *DigestBuffer;
185
186 DigestBuffer = (UINT8 *)NoActionEvent->Digests.digests;
187 DigestListCount = 0;
188
189 NoActionEvent->PCRIndex = 0;
190 NoActionEvent->EventType = EV_NO_ACTION;
191
192 //
193 // Set Hash count & hashAlg accordingly, while Digest.digests[n].digest to all 0
194 //
195 ZeroMem (&NoActionEvent->Digests, sizeof (NoActionEvent->Digests));
196
197 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {
198 HashAlgId = TPM_ALG_SHA1;
199 CopyMem (DigestBuffer, &HashAlgId, sizeof (TPMI_ALG_HASH));
200 DigestBuffer += sizeof (TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);
201 DigestListCount++;
202 }
203
204 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
205 HashAlgId = TPM_ALG_SHA256;
206 CopyMem (DigestBuffer, &HashAlgId, sizeof (TPMI_ALG_HASH));
207 DigestBuffer += sizeof (TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);
208 DigestListCount++;
209 }
210
211 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
212 HashAlgId = TPM_ALG_SHA384;
213 CopyMem (DigestBuffer, &HashAlgId, sizeof (TPMI_ALG_HASH));
214 DigestBuffer += sizeof (TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);
215 DigestListCount++;
216 }
217
218 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
219 HashAlgId = TPM_ALG_SHA512;
220 CopyMem (DigestBuffer, &HashAlgId, sizeof (TPMI_ALG_HASH));
221 DigestBuffer += sizeof (TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);
222 DigestListCount++;
223 }
224
225 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
226 HashAlgId = TPM_ALG_SM3_256;
227 CopyMem (DigestBuffer, &HashAlgId, sizeof (TPMI_ALG_HASH));
228 DigestBuffer += sizeof (TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);
229 DigestListCount++;
230 }
231
232 //
233 // Set Digests Count
234 //
235 WriteUnaligned32 ((UINT32 *)&NoActionEvent->Digests.count, DigestListCount);
236
237 //
238 // Set Event Size
239 //
240 WriteUnaligned32 ((UINT32 *)DigestBuffer, EventSize);
241}
242
251VOID
252InternalDumpHex (
253 IN UINT8 *Data,
254 IN UINTN Size
255 )
256{
257 UINTN Index;
258 UINTN Count;
259 UINTN Left;
260
261 #define COLUME_SIZE (16 * 2)
262
263 Count = Size / COLUME_SIZE;
264 Left = Size % COLUME_SIZE;
265 for (Index = 0; Index < Count; Index++) {
266 DEBUG ((DEBUG_INFO, "%04x: ", Index * COLUME_SIZE));
267 InternalDumpData (Data + Index * COLUME_SIZE, COLUME_SIZE);
268 DEBUG ((DEBUG_INFO, "\n"));
269 }
270
271 if (Left != 0) {
272 DEBUG ((DEBUG_INFO, "%04x: ", Index * COLUME_SIZE));
273 InternalDumpData (Data + Index * COLUME_SIZE, Left);
274 DEBUG ((DEBUG_INFO, "\n"));
275 }
276}
277
289EFI_STATUS
290GetProcessorsCpuLocation (
291 OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf,
292 OUT UINTN *Num
293 )
294{
295 EFI_STATUS Status;
296 EFI_MP_SERVICES_PROTOCOL *MpProtocol;
297 UINTN ProcessorNum;
298 UINTN EnabledProcessorNum;
299 EFI_PROCESSOR_INFORMATION ProcessorInfo;
300 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
301 UINTN Index;
302
303 Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **)&MpProtocol);
304 if (EFI_ERROR (Status)) {
305 //
306 // MP protocol is not installed
307 //
308 return EFI_UNSUPPORTED;
309 }
310
311 Status = MpProtocol->GetNumberOfProcessors (
312 MpProtocol,
313 &ProcessorNum,
314 &EnabledProcessorNum
315 );
316 if (EFI_ERROR (Status)) {
317 return Status;
318 }
319
320 Status = gBS->AllocatePool (
321 EfiBootServicesData,
322 sizeof (EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
323 (VOID **)&ProcessorLocBuf
324 );
325 if (EFI_ERROR (Status)) {
326 return Status;
327 }
328
329 //
330 // Get each processor Location info
331 //
332 for (Index = 0; Index < ProcessorNum; Index++) {
333 Status = MpProtocol->GetProcessorInfo (
334 MpProtocol,
335 Index,
336 &ProcessorInfo
337 );
338 if (EFI_ERROR (Status)) {
339 FreePool (ProcessorLocBuf);
340 return Status;
341 }
342
343 //
344 // Get all Processor Location info & measure
345 //
346 CopyMem (
347 &ProcessorLocBuf[Index],
348 &ProcessorInfo.Location,
349 sizeof (EFI_CPU_PHYSICAL_LOCATION)
350 );
351 }
352
353 *LocationBuf = ProcessorLocBuf;
354 *Num = ProcessorNum;
355
356 return Status;
357}
358
378EFI_STATUS
379EFIAPI
380Tcg2GetCapability (
381 IN EFI_TCG2_PROTOCOL *This,
382 IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability
383 )
384{
385 DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability ...\n"));
386
387 if ((This == NULL) || (ProtocolCapability == NULL)) {
388 return EFI_INVALID_PARAMETER;
389 }
390
391 DEBUG ((DEBUG_VERBOSE, "Size - 0x%x\n", ProtocolCapability->Size));
392 DEBUG ((DEBUG_VERBOSE, " 1.1 - 0x%x, 1.0 - 0x%x\n", sizeof (EFI_TCG2_BOOT_SERVICE_CAPABILITY), sizeof (TREE_BOOT_SERVICE_CAPABILITY_1_0)));
393
394 if (ProtocolCapability->Size < mTcgDxeData.BsCap.Size) {
395 //
396 // Handle the case that firmware support 1.1 but OS only support 1.0.
397 //
398 if ((mTcgDxeData.BsCap.ProtocolVersion.Major > 0x01) ||
399 ((mTcgDxeData.BsCap.ProtocolVersion.Major == 0x01) && ((mTcgDxeData.BsCap.ProtocolVersion.Minor > 0x00))))
400 {
401 if (ProtocolCapability->Size >= sizeof (TREE_BOOT_SERVICE_CAPABILITY_1_0)) {
402 CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, sizeof (TREE_BOOT_SERVICE_CAPABILITY_1_0));
403 ProtocolCapability->Size = sizeof (TREE_BOOT_SERVICE_CAPABILITY_1_0);
404 ProtocolCapability->StructureVersion.Major = 1;
405 ProtocolCapability->StructureVersion.Minor = 0;
406 ProtocolCapability->ProtocolVersion.Major = 1;
407 ProtocolCapability->ProtocolVersion.Minor = 0;
408 DEBUG ((DEBUG_ERROR, "TreeGetCapability (Compatible) - %r\n", EFI_SUCCESS));
409 return EFI_SUCCESS;
410 }
411 }
412
413 ProtocolCapability->Size = mTcgDxeData.BsCap.Size;
414 return EFI_BUFFER_TOO_SMALL;
415 }
416
417 CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, mTcgDxeData.BsCap.Size);
418 DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability - %r\n", EFI_SUCCESS));
419 return EFI_SUCCESS;
420}
421
427VOID
428DumpEvent (
429 IN TCG_PCR_EVENT_HDR *EventHdr
430 )
431{
432 UINTN Index;
433
434 DEBUG ((DEBUG_INFO, " Event:\n"));
435 DEBUG ((DEBUG_INFO, " PCRIndex - %d\n", EventHdr->PCRIndex));
436 DEBUG ((DEBUG_INFO, " EventType - 0x%08x\n", EventHdr->EventType));
437 DEBUG ((DEBUG_INFO, " Digest - "));
438 for (Index = 0; Index < sizeof (TCG_DIGEST); Index++) {
439 DEBUG ((DEBUG_INFO, "%02x ", EventHdr->Digest.digest[Index]));
440 }
441
442 DEBUG ((DEBUG_INFO, "\n"));
443 DEBUG ((DEBUG_INFO, " EventSize - 0x%08x\n", EventHdr->EventSize));
444 InternalDumpHex ((UINT8 *)(EventHdr + 1), EventHdr->EventSize);
445}
446
452VOID
453DumpTcgEfiSpecIdEventStruct (
454 IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct
455 )
456{
457 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
458 UINTN Index;
459 UINT8 *VendorInfoSize;
460 UINT8 *VendorInfo;
461 UINT32 NumberOfAlgorithms;
462
463 DEBUG ((DEBUG_INFO, " TCG_EfiSpecIDEventStruct:\n"));
464 DEBUG ((DEBUG_INFO, " signature - '"));
465 for (Index = 0; Index < sizeof (TcgEfiSpecIdEventStruct->signature); Index++) {
466 DEBUG ((DEBUG_INFO, "%c", TcgEfiSpecIdEventStruct->signature[Index]));
467 }
468
469 DEBUG ((DEBUG_INFO, "'\n"));
470 DEBUG ((DEBUG_INFO, " platformClass - 0x%08x\n", TcgEfiSpecIdEventStruct->platformClass));
471 DEBUG ((DEBUG_INFO, " specVersion - %d.%d%d\n", TcgEfiSpecIdEventStruct->specVersionMajor, TcgEfiSpecIdEventStruct->specVersionMinor, TcgEfiSpecIdEventStruct->specErrata));
472 DEBUG ((DEBUG_INFO, " uintnSize - 0x%02x\n", TcgEfiSpecIdEventStruct->uintnSize));
473
474 CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof (NumberOfAlgorithms));
475 DEBUG ((DEBUG_INFO, " NumberOfAlgorithms - 0x%08x\n", NumberOfAlgorithms));
476
477 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof (*TcgEfiSpecIdEventStruct) + sizeof (NumberOfAlgorithms));
478 for (Index = 0; Index < NumberOfAlgorithms; Index++) {
479 DEBUG ((DEBUG_INFO, " digest(%d)\n", Index));
480 DEBUG ((DEBUG_INFO, " algorithmId - 0x%04x\n", DigestSize[Index].algorithmId));
481 DEBUG ((DEBUG_INFO, " digestSize - 0x%04x\n", DigestSize[Index].digestSize));
482 }
483
484 VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];
485 DEBUG ((DEBUG_INFO, " VendorInfoSize - 0x%02x\n", *VendorInfoSize));
486 VendorInfo = VendorInfoSize + 1;
487 DEBUG ((DEBUG_INFO, " VendorInfo - "));
488 for (Index = 0; Index < *VendorInfoSize; Index++) {
489 DEBUG ((DEBUG_INFO, "%02x ", VendorInfo[Index]));
490 }
491
492 DEBUG ((DEBUG_INFO, "\n"));
493}
494
500UINTN
501GetTcgEfiSpecIdEventStructSize (
502 IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct
503 )
504{
505 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
506 UINT8 *VendorInfoSize;
507 UINT32 NumberOfAlgorithms;
508
509 CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof (NumberOfAlgorithms));
510
511 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof (*TcgEfiSpecIdEventStruct) + sizeof (NumberOfAlgorithms));
512 VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];
513 return sizeof (TCG_EfiSpecIDEventStruct) + sizeof (UINT32) + (NumberOfAlgorithms * sizeof (TCG_EfiSpecIdEventAlgorithmSize)) + sizeof (UINT8) + (*VendorInfoSize);
514}
515
521VOID
522DumpEvent2 (
523 IN TCG_PCR_EVENT2 *TcgPcrEvent2
524 )
525{
526 UINTN Index;
527 UINT32 DigestIndex;
528 UINT32 DigestCount;
529 TPMI_ALG_HASH HashAlgo;
530 UINT32 DigestSize;
531 UINT8 *DigestBuffer;
532 UINT32 EventSize;
533 UINT8 *EventBuffer;
534
535 DEBUG ((DEBUG_INFO, " Event:\n"));
536 DEBUG ((DEBUG_INFO, " PCRIndex - %d\n", TcgPcrEvent2->PCRIndex));
537 DEBUG ((DEBUG_INFO, " EventType - 0x%08x\n", TcgPcrEvent2->EventType));
538
539 DEBUG ((DEBUG_INFO, " DigestCount: 0x%08x\n", TcgPcrEvent2->Digest.count));
540
541 DigestCount = TcgPcrEvent2->Digest.count;
542 HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;
543 DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;
544 for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {
545 DEBUG ((DEBUG_INFO, " HashAlgo : 0x%04x\n", HashAlgo));
546 DEBUG ((DEBUG_INFO, " Digest(%d): ", DigestIndex));
547 DigestSize = GetHashSizeFromAlgo (HashAlgo);
548 for (Index = 0; Index < DigestSize; Index++) {
549 DEBUG ((DEBUG_INFO, "%02x ", DigestBuffer[Index]));
550 }
551
552 DEBUG ((DEBUG_INFO, "\n"));
553 //
554 // Prepare next
555 //
556 CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof (TPMI_ALG_HASH));
557 DigestBuffer = DigestBuffer + DigestSize + sizeof (TPMI_ALG_HASH);
558 }
559
560 DEBUG ((DEBUG_INFO, "\n"));
561 DigestBuffer = DigestBuffer - sizeof (TPMI_ALG_HASH);
562
563 CopyMem (&EventSize, DigestBuffer, sizeof (TcgPcrEvent2->EventSize));
564 DEBUG ((DEBUG_INFO, " EventSize - 0x%08x\n", EventSize));
565 EventBuffer = DigestBuffer + sizeof (TcgPcrEvent2->EventSize);
566 InternalDumpHex (EventBuffer, EventSize);
567}
568
576UINTN
577GetPcrEvent2Size (
578 IN TCG_PCR_EVENT2 *TcgPcrEvent2
579 )
580{
581 UINT32 DigestIndex;
582 UINT32 DigestCount;
583 TPMI_ALG_HASH HashAlgo;
584 UINT32 DigestSize;
585 UINT8 *DigestBuffer;
586 UINT32 EventSize;
587 UINT8 *EventBuffer;
588
589 DigestCount = TcgPcrEvent2->Digest.count;
590 HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;
591 DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;
592 for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {
593 DigestSize = GetHashSizeFromAlgo (HashAlgo);
594 //
595 // Prepare next
596 //
597 CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof (TPMI_ALG_HASH));
598 DigestBuffer = DigestBuffer + DigestSize + sizeof (TPMI_ALG_HASH);
599 }
600
601 DigestBuffer = DigestBuffer - sizeof (TPMI_ALG_HASH);
602
603 CopyMem (&EventSize, DigestBuffer, sizeof (TcgPcrEvent2->EventSize));
604 EventBuffer = DigestBuffer + sizeof (TcgPcrEvent2->EventSize);
605
606 return (UINTN)EventBuffer + EventSize - (UINTN)TcgPcrEvent2;
607}
608
618VOID
619DumpEventLog (
620 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
621 IN EFI_PHYSICAL_ADDRESS EventLogLocation,
622 IN EFI_PHYSICAL_ADDRESS EventLogLastEntry,
623 IN EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable
624 )
625{
626 TCG_PCR_EVENT_HDR *EventHdr;
627 TCG_PCR_EVENT2 *TcgPcrEvent2;
628 TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
629 UINTN NumberOfEvents;
630
631 DEBUG ((DEBUG_INFO, "EventLogFormat: (0x%x)\n", EventLogFormat));
632
633 switch (EventLogFormat) {
634 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
635 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
636 while ((UINTN)EventHdr <= EventLogLastEntry) {
637 DumpEvent (EventHdr);
638 EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof (TCG_PCR_EVENT_HDR) + EventHdr->EventSize);
639 }
640
641 if (FinalEventsTable == NULL) {
642 DEBUG ((DEBUG_INFO, "FinalEventsTable: NOT FOUND\n"));
643 } else {
644 DEBUG ((DEBUG_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));
645 DEBUG ((DEBUG_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));
646 DEBUG ((DEBUG_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));
647
648 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)(FinalEventsTable + 1);
649 for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {
650 DumpEvent (EventHdr);
651 EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof (TCG_PCR_EVENT_HDR) + EventHdr->EventSize);
652 }
653 }
654
655 break;
656 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
657 //
658 // Dump first event
659 //
660 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
661 DumpEvent (EventHdr);
662
663 TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)(EventHdr + 1);
664 DumpTcgEfiSpecIdEventStruct (TcgEfiSpecIdEventStruct);
665
666 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgEfiSpecIdEventStruct + GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct));
667 while ((UINTN)TcgPcrEvent2 <= EventLogLastEntry) {
668 DumpEvent2 (TcgPcrEvent2);
669 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));
670 }
671
672 if (FinalEventsTable == NULL) {
673 DEBUG ((DEBUG_INFO, "FinalEventsTable: NOT FOUND\n"));
674 } else {
675 DEBUG ((DEBUG_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));
676 DEBUG ((DEBUG_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));
677 DEBUG ((DEBUG_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));
678
679 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)(UINTN)(FinalEventsTable + 1);
680 for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {
681 DumpEvent2 (TcgPcrEvent2);
682 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));
683 }
684 }
685
686 break;
687 }
688
689 return;
690}
691
709EFI_STATUS
710EFIAPI
711Tcg2GetEventLog (
712 IN EFI_TCG2_PROTOCOL *This,
713 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
714 OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
715 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,
716 OUT BOOLEAN *EventLogTruncated
717 )
718{
719 UINTN Index;
720
721 DEBUG ((DEBUG_INFO, "Tcg2GetEventLog ... (0x%x)\n", EventLogFormat));
722
723 if (This == NULL) {
724 return EFI_INVALID_PARAMETER;
725 }
726
727 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
728 if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {
729 break;
730 }
731 }
732
733 if (Index == sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0])) {
734 return EFI_INVALID_PARAMETER;
735 }
736
737 if ((mTcg2EventInfo[Index].LogFormat & mTcgDxeData.BsCap.SupportedEventLogs) == 0) {
738 return EFI_INVALID_PARAMETER;
739 }
740
741 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
742 if (EventLogLocation != NULL) {
743 *EventLogLocation = 0;
744 }
745
746 if (EventLogLastEntry != NULL) {
747 *EventLogLastEntry = 0;
748 }
749
750 if (EventLogTruncated != NULL) {
751 *EventLogTruncated = FALSE;
752 }
753
754 return EFI_SUCCESS;
755 }
756
757 if (EventLogLocation != NULL) {
758 *EventLogLocation = mTcgDxeData.EventLogAreaStruct[Index].Lasa;
759 DEBUG ((DEBUG_INFO, "Tcg2GetEventLog (EventLogLocation - %x)\n", *EventLogLocation));
760 }
761
762 if (EventLogLastEntry != NULL) {
763 if (!mTcgDxeData.EventLogAreaStruct[Index].EventLogStarted) {
764 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;
765 } else {
766 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)mTcgDxeData.EventLogAreaStruct[Index].LastEvent;
767 }
768
769 DEBUG ((DEBUG_INFO, "Tcg2GetEventLog (EventLogLastEntry - %x)\n", *EventLogLastEntry));
770 }
771
772 if (EventLogTruncated != NULL) {
773 *EventLogTruncated = mTcgDxeData.EventLogAreaStruct[Index].EventLogTruncated;
774 DEBUG ((DEBUG_INFO, "Tcg2GetEventLog (EventLogTruncated - %x)\n", *EventLogTruncated));
775 }
776
777 DEBUG ((DEBUG_INFO, "Tcg2GetEventLog - %r\n", EFI_SUCCESS));
778
779 // Dump Event Log for debug purpose
780 if ((EventLogLocation != NULL) && (EventLogLastEntry != NULL)) {
781 DumpEventLog (EventLogFormat, *EventLogLocation, *EventLogLastEntry, mTcgDxeData.FinalEventsTable[Index]);
782 }
783
784 //
785 // All events generated after the invocation of EFI_TCG2_GET_EVENT_LOG SHALL be stored
786 // in an instance of an EFI_CONFIGURATION_TABLE named by the VendorGuid of EFI_TCG2_FINAL_EVENTS_TABLE_GUID.
787 //
788 mTcgDxeData.GetEventLogCalled[Index] = TRUE;
789
790 return EFI_SUCCESS;
791}
792
805BOOLEAN
806Is800155Event (
807 IN VOID *NewEventHdr,
808 IN UINT32 NewEventHdrSize,
809 IN UINT8 *NewEventData,
810 IN UINT32 NewEventSize
811 )
812{
813 if ((((TCG_PCR_EVENT2_HDR *)NewEventHdr)->EventType == EV_NO_ACTION) &&
814 (NewEventSize >= sizeof (TCG_Sp800_155_PlatformId_Event2)) &&
815 ((CompareMem (
816 NewEventData,
817 TCG_Sp800_155_PlatformId_Event2_SIGNATURE,
818 sizeof (TCG_Sp800_155_PlatformId_Event2_SIGNATURE) - 1
819 ) == 0) ||
820 (CompareMem (
821 NewEventData,
822 TCG_Sp800_155_PlatformId_Event3_SIGNATURE,
823 sizeof (TCG_Sp800_155_PlatformId_Event3_SIGNATURE) - 1
824 ) == 0)))
825 {
826 return TRUE;
827 }
828
829 return FALSE;
830}
831
845EFI_STATUS
846TcgCommLogEvent (
847 IN OUT TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct,
848 IN VOID *NewEventHdr,
849 IN UINT32 NewEventHdrSize,
850 IN UINT8 *NewEventData,
851 IN UINT32 NewEventSize
852 )
853{
854 UINTN NewLogSize;
855 BOOLEAN Record800155Event;
856
857 if (NewEventSize > MAX_ADDRESS - NewEventHdrSize) {
858 return EFI_OUT_OF_RESOURCES;
859 }
860
861 NewLogSize = NewEventHdrSize + NewEventSize;
862
863 if (NewLogSize > MAX_ADDRESS - EventLogAreaStruct->EventLogSize) {
864 return EFI_OUT_OF_RESOURCES;
865 }
866
867 if (NewLogSize + EventLogAreaStruct->EventLogSize > EventLogAreaStruct->Laml) {
868 DEBUG ((DEBUG_INFO, " Laml - 0x%x\n", EventLogAreaStruct->Laml));
869 DEBUG ((DEBUG_INFO, " NewLogSize - 0x%x\n", NewLogSize));
870 DEBUG ((DEBUG_INFO, " LogSize - 0x%x\n", EventLogAreaStruct->EventLogSize));
871 DEBUG ((DEBUG_INFO, "TcgCommLogEvent - %r\n", EFI_OUT_OF_RESOURCES));
872 return EFI_OUT_OF_RESOURCES;
873 }
874
875 //
876 // Check 800-155 event
877 // Record to 800-155 event offset only.
878 // If the offset is 0, no need to record.
879 //
880 Record800155Event = Is800155Event (NewEventHdr, NewEventHdrSize, NewEventData, NewEventSize);
881 if (Record800155Event) {
882 if (EventLogAreaStruct->Next800155EventOffset != 0) {
883 CopyMem (
884 (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset + NewLogSize,
885 (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset,
886 EventLogAreaStruct->EventLogSize - EventLogAreaStruct->Next800155EventOffset
887 );
888
889 CopyMem (
890 (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset,
891 NewEventHdr,
892 NewEventHdrSize
893 );
894 CopyMem (
895 (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->Next800155EventOffset + NewEventHdrSize,
896 NewEventData,
897 NewEventSize
898 );
899
900 EventLogAreaStruct->Next800155EventOffset += NewLogSize;
901 EventLogAreaStruct->LastEvent += NewLogSize;
902 EventLogAreaStruct->EventLogSize += NewLogSize;
903 }
904
905 return EFI_SUCCESS;
906 }
907
908 EventLogAreaStruct->LastEvent = (UINT8 *)(UINTN)EventLogAreaStruct->Lasa + EventLogAreaStruct->EventLogSize;
909 EventLogAreaStruct->EventLogSize += NewLogSize;
910 CopyMem (EventLogAreaStruct->LastEvent, NewEventHdr, NewEventHdrSize);
911 CopyMem (
912 EventLogAreaStruct->LastEvent + NewEventHdrSize,
913 NewEventData,
914 NewEventSize
915 );
916 return EFI_SUCCESS;
917}
918
932EFI_STATUS
933TcgDxeLogEvent (
934 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
935 IN VOID *NewEventHdr,
936 IN UINT32 NewEventHdrSize,
937 IN UINT8 *NewEventData,
938 IN UINT32 NewEventSize
939 )
940{
941 EFI_STATUS Status;
942 UINTN Index;
943 TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct;
944
945 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
946 if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {
947 break;
948 }
949 }
950
951 if (Index == sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0])) {
952 return EFI_INVALID_PARAMETER;
953 }
954
955 //
956 // Record to normal event log
957 //
958 EventLogAreaStruct = &mTcgDxeData.EventLogAreaStruct[Index];
959
960 if (EventLogAreaStruct->EventLogTruncated) {
961 return EFI_VOLUME_FULL;
962 }
963
964 Status = TcgCommLogEvent (
965 EventLogAreaStruct,
966 NewEventHdr,
967 NewEventHdrSize,
968 NewEventData,
969 NewEventSize
970 );
971
972 if (Status == EFI_OUT_OF_RESOURCES) {
973 EventLogAreaStruct->EventLogTruncated = TRUE;
974 return EFI_VOLUME_FULL;
975 } else if (Status == EFI_SUCCESS) {
976 EventLogAreaStruct->EventLogStarted = TRUE;
977 }
978
979 //
980 // If GetEventLog is called, record to FinalEventsTable, too.
981 //
982 if (mTcgDxeData.GetEventLogCalled[Index]) {
983 if (mTcgDxeData.FinalEventsTable[Index] == NULL) {
984 //
985 // no need for FinalEventsTable
986 //
987 return EFI_SUCCESS;
988 }
989
990 EventLogAreaStruct = &mTcgDxeData.FinalEventLogAreaStruct[Index];
991
992 if (EventLogAreaStruct->EventLogTruncated) {
993 return EFI_VOLUME_FULL;
994 }
995
996 Status = TcgCommLogEvent (
997 EventLogAreaStruct,
998 NewEventHdr,
999 NewEventHdrSize,
1000 NewEventData,
1001 NewEventSize
1002 );
1003 if (Status == EFI_OUT_OF_RESOURCES) {
1004 EventLogAreaStruct->EventLogTruncated = TRUE;
1005 return EFI_VOLUME_FULL;
1006 } else if (Status == EFI_SUCCESS) {
1007 EventLogAreaStruct->EventLogStarted = TRUE;
1008 //
1009 // Increase the NumberOfEvents in FinalEventsTable
1010 //
1011 (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents++;
1012 DEBUG ((DEBUG_INFO, "FinalEventsTable->NumberOfEvents - 0x%x\n", (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents));
1013 DEBUG ((DEBUG_INFO, " Size - 0x%x\n", (UINTN)EventLogAreaStruct->EventLogSize));
1014 }
1015 }
1016
1017 return Status;
1018}
1019
1027UINT32
1028GetDigestListBinSize (
1029 IN VOID *DigestListBin
1030 )
1031{
1032 UINTN Index;
1033 UINT16 DigestSize;
1034 UINT32 TotalSize;
1035 UINT32 Count;
1036 TPMI_ALG_HASH HashAlg;
1037
1038 Count = ReadUnaligned32 (DigestListBin);
1039 TotalSize = sizeof (Count);
1040 DigestListBin = (UINT8 *)DigestListBin + sizeof (Count);
1041 for (Index = 0; Index < Count; Index++) {
1042 HashAlg = ReadUnaligned16 (DigestListBin);
1043 TotalSize += sizeof (HashAlg);
1044 DigestListBin = (UINT8 *)DigestListBin + sizeof (HashAlg);
1045
1046 DigestSize = GetHashSizeFromAlgo (HashAlg);
1047 TotalSize += DigestSize;
1048 DigestListBin = (UINT8 *)DigestListBin + DigestSize;
1049 }
1050
1051 return TotalSize;
1052}
1053
1064VOID *
1065CopyDigestListBinToBuffer (
1066 IN OUT VOID *Buffer,
1067 IN VOID *DigestListBin,
1068 IN UINT32 HashAlgorithmMask,
1069 OUT UINT32 *HashAlgorithmMaskCopied
1070 )
1071{
1072 UINTN Index;
1073 UINT16 DigestSize;
1074 UINT32 Count;
1075 TPMI_ALG_HASH HashAlg;
1076 UINT32 DigestListCount;
1077 UINT32 *DigestListCountPtr;
1078
1079 DigestListCountPtr = (UINT32 *)Buffer;
1080 DigestListCount = 0;
1081 (*HashAlgorithmMaskCopied) = 0;
1082
1083 Count = ReadUnaligned32 (DigestListBin);
1084 Buffer = (UINT8 *)Buffer + sizeof (Count);
1085 DigestListBin = (UINT8 *)DigestListBin + sizeof (Count);
1086 for (Index = 0; Index < Count; Index++) {
1087 HashAlg = ReadUnaligned16 (DigestListBin);
1088 DigestListBin = (UINT8 *)DigestListBin + sizeof (HashAlg);
1089 DigestSize = GetHashSizeFromAlgo (HashAlg);
1090
1091 if (IsHashAlgSupportedInHashAlgorithmMask (HashAlg, HashAlgorithmMask)) {
1092 CopyMem (Buffer, &HashAlg, sizeof (HashAlg));
1093 Buffer = (UINT8 *)Buffer + sizeof (HashAlg);
1094 CopyMem (Buffer, DigestListBin, DigestSize);
1095 Buffer = (UINT8 *)Buffer + DigestSize;
1096 DigestListCount++;
1097 (*HashAlgorithmMaskCopied) |= GetHashMaskFromAlgo (HashAlg);
1098 } else {
1099 DEBUG ((DEBUG_ERROR, "WARNING: CopyDigestListBinToBuffer Event log has HashAlg unsupported by PCR bank (0x%x)\n", HashAlg));
1100 }
1101
1102 DigestListBin = (UINT8 *)DigestListBin + DigestSize;
1103 }
1104
1105 WriteUnaligned32 (DigestListCountPtr, DigestListCount);
1106
1107 return Buffer;
1108}
1109
1120EFI_STATUS
1121TcgDxeLogHashEvent (
1122 IN TPML_DIGEST_VALUES *DigestList,
1123 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
1124 IN UINT8 *NewEventData
1125 )
1126{
1127 EFI_STATUS Status;
1128 EFI_TPL OldTpl;
1129 UINTN Index;
1130 EFI_STATUS RetStatus;
1131 TCG_PCR_EVENT2 TcgPcrEvent2;
1132 UINT8 *DigestBuffer;
1133 UINT32 *EventSizePtr;
1134
1135 DEBUG ((DEBUG_INFO, "SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));
1136
1137 RetStatus = EFI_SUCCESS;
1138 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
1139 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1140 DEBUG ((DEBUG_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));
1141 switch (mTcg2EventInfo[Index].LogFormat) {
1142 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
1143 Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);
1144 if (!EFI_ERROR (Status)) {
1145 //
1146 // Enter critical region
1147 //
1148 OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);
1149 Status = TcgDxeLogEvent (
1150 mTcg2EventInfo[Index].LogFormat,
1151 NewEventHdr,
1152 sizeof (TCG_PCR_EVENT_HDR),
1153 NewEventData,
1154 NewEventHdr->EventSize
1155 );
1156 if (Status != EFI_SUCCESS) {
1157 RetStatus = Status;
1158 }
1159
1160 gBS->RestoreTPL (OldTpl);
1161 //
1162 // Exit critical region
1163 //
1164 }
1165
1166 break;
1167 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
1168 ZeroMem (&TcgPcrEvent2, sizeof (TcgPcrEvent2));
1169 TcgPcrEvent2.PCRIndex = NewEventHdr->PCRIndex;
1170 TcgPcrEvent2.EventType = NewEventHdr->EventType;
1171 DigestBuffer = (UINT8 *)&TcgPcrEvent2.Digest;
1172 EventSizePtr = CopyDigestListToBuffer (DigestBuffer, DigestList, mTcgDxeData.BsCap.ActivePcrBanks);
1173 CopyMem (EventSizePtr, &NewEventHdr->EventSize, sizeof (NewEventHdr->EventSize));
1174
1175 //
1176 // Enter critical region
1177 //
1178 OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);
1179 Status = TcgDxeLogEvent (
1180 mTcg2EventInfo[Index].LogFormat,
1181 &TcgPcrEvent2,
1182 sizeof (TcgPcrEvent2.PCRIndex) + sizeof (TcgPcrEvent2.EventType) + GetDigestListBinSize (DigestBuffer) + sizeof (TcgPcrEvent2.EventSize),
1183 NewEventData,
1184 NewEventHdr->EventSize
1185 );
1186 if (Status != EFI_SUCCESS) {
1187 RetStatus = Status;
1188 }
1189
1190 gBS->RestoreTPL (OldTpl);
1191 //
1192 // Exit critical region
1193 //
1194 break;
1195 }
1196 }
1197 }
1198
1199 return RetStatus;
1200}
1201
1218EFI_STATUS
1219TcgDxeHashLogExtendEvent (
1220 IN UINT64 Flags,
1221 IN UINT8 *HashData,
1222 IN UINT64 HashDataLen,
1223 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
1224 IN UINT8 *NewEventData
1225 )
1226{
1227 EFI_STATUS Status;
1228 TPML_DIGEST_VALUES DigestList;
1229 TCG_PCR_EVENT2_HDR NoActionEvent;
1230
1231 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1232 return EFI_DEVICE_ERROR;
1233 }
1234
1235 if (NewEventHdr->EventType == EV_NO_ACTION) {
1236 //
1237 // Do not do TPM extend for EV_NO_ACTION
1238 //
1239 if (NewEventHdr->PCRIndex <= MAX_PCR_INDEX) {
1240 Status = EFI_SUCCESS;
1241 InitNoActionEvent (&NoActionEvent, NewEventHdr->EventSize);
1242 if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
1243 Status = TcgDxeLogHashEvent (&(NoActionEvent.Digests), NewEventHdr, NewEventData);
1244 }
1245 } else {
1246 //
1247 // Extend to NvIndex
1248 //
1249 Status = HashAndExtend (
1250 NewEventHdr->PCRIndex,
1251 HashData,
1252 (UINTN)HashDataLen,
1253 &DigestList
1254 );
1255 if (!EFI_ERROR (Status)) {
1256 Status = TcgDxeLogHashEvent (&DigestList, NewEventHdr, NewEventData);
1257 }
1258 }
1259
1260 return Status;
1261 }
1262
1263 Status = HashAndExtend (
1264 NewEventHdr->PCRIndex,
1265 HashData,
1266 (UINTN)HashDataLen,
1267 &DigestList
1268 );
1269 if (!EFI_ERROR (Status)) {
1270 if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
1271 Status = TcgDxeLogHashEvent (&DigestList, NewEventHdr, NewEventData);
1272 }
1273 }
1274
1275 if (Status == EFI_DEVICE_ERROR) {
1276 DEBUG ((DEBUG_ERROR, "TcgDxeHashLogExtendEvent - %r. Disable TPM.\n", Status));
1277 mTcgDxeData.BsCap.TPMPresentFlag = FALSE;
1278 REPORT_STATUS_CODE (
1279 EFI_ERROR_CODE | EFI_ERROR_MINOR,
1280 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
1281 );
1282 }
1283
1284 return Status;
1285}
1286
1306EFI_STATUS
1307EFIAPI
1308Tcg2HashLogExtendEvent (
1309 IN EFI_TCG2_PROTOCOL *This,
1310 IN UINT64 Flags,
1311 IN EFI_PHYSICAL_ADDRESS DataToHash,
1312 IN UINT64 DataToHashLen,
1313 IN EFI_TCG2_EVENT *Event
1314 )
1315{
1316 EFI_STATUS Status;
1317 TCG_PCR_EVENT_HDR NewEventHdr;
1318 TPML_DIGEST_VALUES DigestList;
1319
1320 DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent ...\n"));
1321
1322 if ((This == NULL) || (Event == NULL)) {
1323 return EFI_INVALID_PARAMETER;
1324 }
1325
1326 //
1327 // Do not check hash data size for EV_NO_ACTION event.
1328 //
1329 if ((Event->Header.EventType != EV_NO_ACTION) && (DataToHash == 0)) {
1330 return EFI_INVALID_PARAMETER;
1331 }
1332
1333 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1334 return EFI_DEVICE_ERROR;
1335 }
1336
1337 if (Event->Size < Event->Header.HeaderSize + sizeof (UINT32)) {
1338 return EFI_INVALID_PARAMETER;
1339 }
1340
1341 if ((Event->Header.EventType != EV_NO_ACTION) && (Event->Header.PCRIndex > MAX_PCR_INDEX)) {
1342 return EFI_INVALID_PARAMETER;
1343 }
1344
1345 NewEventHdr.PCRIndex = Event->Header.PCRIndex;
1346 NewEventHdr.EventType = Event->Header.EventType;
1347 NewEventHdr.EventSize = Event->Size - sizeof (UINT32) - Event->Header.HeaderSize;
1348 if ((Flags & PE_COFF_IMAGE) != 0) {
1349 Status = MeasurePeImageAndExtend (
1350 NewEventHdr.PCRIndex,
1351 DataToHash,
1352 (UINTN)DataToHashLen,
1353 &DigestList
1354 );
1355 if (!EFI_ERROR (Status)) {
1356 if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
1357 Status = TcgDxeLogHashEvent (&DigestList, &NewEventHdr, Event->Event);
1358 }
1359 }
1360
1361 if (Status == EFI_DEVICE_ERROR) {
1362 DEBUG ((DEBUG_ERROR, "MeasurePeImageAndExtend - %r. Disable TPM.\n", Status));
1363 mTcgDxeData.BsCap.TPMPresentFlag = FALSE;
1364 REPORT_STATUS_CODE (
1365 EFI_ERROR_CODE | EFI_ERROR_MINOR,
1366 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
1367 );
1368 }
1369 } else {
1370 Status = TcgDxeHashLogExtendEvent (
1371 Flags,
1372 (UINT8 *)(UINTN)DataToHash,
1373 DataToHashLen,
1374 &NewEventHdr,
1375 Event->Event
1376 );
1377 }
1378
1379 DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent - %r\n", Status));
1380 return Status;
1381}
1382
1397EFI_STATUS
1398EFIAPI
1399Tcg2SubmitCommand (
1400 IN EFI_TCG2_PROTOCOL *This,
1401 IN UINT32 InputParameterBlockSize,
1402 IN UINT8 *InputParameterBlock,
1403 IN UINT32 OutputParameterBlockSize,
1404 IN UINT8 *OutputParameterBlock
1405 )
1406{
1407 EFI_STATUS Status;
1408
1409 DEBUG ((DEBUG_INFO, "Tcg2SubmitCommand ...\n"));
1410
1411 if ((This == NULL) ||
1412 (InputParameterBlockSize == 0) || (InputParameterBlock == NULL) ||
1413 (OutputParameterBlockSize == 0) || (OutputParameterBlock == NULL))
1414 {
1415 return EFI_INVALID_PARAMETER;
1416 }
1417
1418 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1419 return EFI_DEVICE_ERROR;
1420 }
1421
1422 if (InputParameterBlockSize > mTcgDxeData.BsCap.MaxCommandSize) {
1423 return EFI_INVALID_PARAMETER;
1424 }
1425
1426 if (OutputParameterBlockSize > mTcgDxeData.BsCap.MaxResponseSize) {
1427 return EFI_INVALID_PARAMETER;
1428 }
1429
1430 Status = Tpm2SubmitCommand (
1431 InputParameterBlockSize,
1432 InputParameterBlock,
1433 &OutputParameterBlockSize,
1434 OutputParameterBlock
1435 );
1436 DEBUG ((DEBUG_INFO, "Tcg2SubmitCommand - %r\n", Status));
1437 return Status;
1438}
1439
1449EFI_STATUS
1450EFIAPI
1451Tcg2GetActivePCRBanks (
1452 IN EFI_TCG2_PROTOCOL *This,
1453 OUT UINT32 *ActivePcrBanks
1454 )
1455{
1456 if (ActivePcrBanks == NULL) {
1457 return EFI_INVALID_PARAMETER;
1458 }
1459
1460 *ActivePcrBanks = mTcgDxeData.BsCap.ActivePcrBanks;
1461 return EFI_SUCCESS;
1462}
1463
1473EFI_STATUS
1474EFIAPI
1475Tcg2SetActivePCRBanks (
1476 IN EFI_TCG2_PROTOCOL *This,
1477 IN UINT32 ActivePcrBanks
1478 )
1479{
1480 EFI_STATUS Status;
1481 UINT32 ReturnCode;
1482
1483 DEBUG ((DEBUG_INFO, "Tcg2SetActivePCRBanks ... (0x%x)\n", ActivePcrBanks));
1484
1485 if (ActivePcrBanks == 0) {
1486 return EFI_INVALID_PARAMETER;
1487 }
1488
1489 if ((ActivePcrBanks & (~mTcgDxeData.BsCap.HashAlgorithmBitmap)) != 0) {
1490 return EFI_INVALID_PARAMETER;
1491 }
1492
1493 if (ActivePcrBanks == mTcgDxeData.BsCap.ActivePcrBanks) {
1494 //
1495 // Need clear previous SET_PCR_BANKS setting
1496 //
1497 ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_NO_ACTION, 0);
1498 } else {
1499 ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, ActivePcrBanks);
1500 }
1501
1502 if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
1503 Status = EFI_SUCCESS;
1504 } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
1505 Status = EFI_OUT_OF_RESOURCES;
1506 } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
1507 Status = EFI_UNSUPPORTED;
1508 } else {
1509 Status = EFI_DEVICE_ERROR;
1510 }
1511
1512 DEBUG ((DEBUG_INFO, "Tcg2SetActivePCRBanks - %r\n", Status));
1513
1514 return Status;
1515}
1516
1527EFI_STATUS
1528EFIAPI
1529Tcg2GetResultOfSetActivePcrBanks (
1530 IN EFI_TCG2_PROTOCOL *This,
1531 OUT UINT32 *OperationPresent,
1532 OUT UINT32 *Response
1533 )
1534{
1535 UINT32 ReturnCode;
1536
1537 if ((OperationPresent == NULL) || (Response == NULL)) {
1538 return EFI_INVALID_PARAMETER;
1539 }
1540
1541 ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (OperationPresent, Response);
1542 if (ReturnCode == TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS) {
1543 return EFI_SUCCESS;
1544 } else {
1545 return EFI_UNSUPPORTED;
1546 }
1547}
1548
1549EFI_TCG2_PROTOCOL mTcg2Protocol = {
1550 Tcg2GetCapability,
1551 Tcg2GetEventLog,
1552 Tcg2HashLogExtendEvent,
1553 Tcg2SubmitCommand,
1554 Tcg2GetActivePCRBanks,
1555 Tcg2SetActivePCRBanks,
1556 Tcg2GetResultOfSetActivePcrBanks,
1557};
1558
1566EFI_STATUS
1567SetupEventLog (
1568 VOID
1569 )
1570{
1571 EFI_STATUS Status;
1572 VOID *TcgEvent;
1573 EFI_PEI_HOB_POINTERS GuidHob;
1574 EFI_PHYSICAL_ADDRESS Lasa;
1575 UINTN Index;
1576 VOID *DigestListBin;
1577 TPML_DIGEST_VALUES TempDigestListBin;
1578 UINT32 DigestListBinSize;
1579 UINT8 *Event;
1580 UINT32 EventSize;
1581 UINT32 *EventSizePtr;
1582 UINT32 HashAlgorithmMaskCopied;
1583 TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
1584 UINT8 TempBuf[sizeof (TCG_EfiSpecIDEventStruct) + sizeof (UINT32) + (HASH_COUNT * sizeof (TCG_EfiSpecIdEventAlgorithmSize)) + sizeof (UINT8)];
1585 TCG_PCR_EVENT_HDR SpecIdEvent;
1586 TCG_PCR_EVENT2_HDR NoActionEvent;
1587 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
1588 TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
1589 UINT8 *VendorInfoSize;
1590 UINT32 NumberOfAlgorithms;
1591 TCG_EfiStartupLocalityEvent StartupLocalityEvent;
1592
1593 DEBUG ((DEBUG_INFO, "SetupEventLog\n"));
1594
1595 //
1596 // 1. Create Log Area
1597 //
1598 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
1599 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1600 mTcgDxeData.EventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1601 if (PcdGet8 (PcdTpm2AcpiTableRev) >= 4) {
1602 Status = gBS->AllocatePages (
1603 AllocateAnyPages,
1604 EfiACPIMemoryNVS,
1605 EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
1606 &Lasa
1607 );
1608 } else {
1609 Status = gBS->AllocatePages (
1610 AllocateAnyPages,
1611 EfiBootServicesData,
1612 EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
1613 &Lasa
1614 );
1615 }
1616
1617 if (EFI_ERROR (Status)) {
1618 return Status;
1619 }
1620
1621 mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
1622 mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
1623 mTcgDxeData.EventLogAreaStruct[Index].Next800155EventOffset = 0;
1624
1625 if ((PcdGet8 (PcdTpm2AcpiTableRev) >= 4) ||
1626 (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2))
1627 {
1628 //
1629 // Report TCG2 event log address and length, so that they can be reported in TPM2 ACPI table.
1630 // Ignore the return status, because those fields are optional.
1631 //
1632 PcdSet32S (PcdTpm2AcpiTableLaml, (UINT32)mTcgDxeData.EventLogAreaStruct[Index].Laml);
1633 PcdSet64S (PcdTpm2AcpiTableLasa, mTcgDxeData.EventLogAreaStruct[Index].Lasa);
1634 }
1635
1636 //
1637 // To initialize them as 0xFF is recommended
1638 // because the OS can know the last entry for that.
1639 //
1640 SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
1641 //
1642 // Create first entry for Log Header Entry Data
1643 //
1644 if (mTcg2EventInfo[Index].LogFormat != EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2) {
1645 //
1646 // TcgEfiSpecIdEventStruct
1647 //
1648 TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)TempBuf;
1649 CopyMem (TcgEfiSpecIdEventStruct->signature, TCG_EfiSpecIDEventStruct_SIGNATURE_03, sizeof (TcgEfiSpecIdEventStruct->signature));
1650 TcgEfiSpecIdEventStruct->platformClass = PcdGet8 (PcdTpmPlatformClass);
1651 TcgEfiSpecIdEventStruct->specVersionMajor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2;
1652 TcgEfiSpecIdEventStruct->specVersionMinor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2;
1653 TcgEfiSpecIdEventStruct->specErrata = (UINT8)PcdGet32 (PcdTcgPfpMeasurementRevision);
1654 TcgEfiSpecIdEventStruct->uintnSize = sizeof (UINTN)/sizeof (UINT32);
1655 NumberOfAlgorithms = 0;
1656 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof (*TcgEfiSpecIdEventStruct) + sizeof (NumberOfAlgorithms));
1657 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {
1658 TempDigestSize = DigestSize;
1659 TempDigestSize += NumberOfAlgorithms;
1660 TempDigestSize->algorithmId = TPM_ALG_SHA1;
1661 TempDigestSize->digestSize = SHA1_DIGEST_SIZE;
1662 NumberOfAlgorithms++;
1663 }
1664
1665 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
1666 TempDigestSize = DigestSize;
1667 TempDigestSize += NumberOfAlgorithms;
1668 TempDigestSize->algorithmId = TPM_ALG_SHA256;
1669 TempDigestSize->digestSize = SHA256_DIGEST_SIZE;
1670 NumberOfAlgorithms++;
1671 }
1672
1673 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
1674 TempDigestSize = DigestSize;
1675 TempDigestSize += NumberOfAlgorithms;
1676 TempDigestSize->algorithmId = TPM_ALG_SHA384;
1677 TempDigestSize->digestSize = SHA384_DIGEST_SIZE;
1678 NumberOfAlgorithms++;
1679 }
1680
1681 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
1682 TempDigestSize = DigestSize;
1683 TempDigestSize += NumberOfAlgorithms;
1684 TempDigestSize->algorithmId = TPM_ALG_SHA512;
1685 TempDigestSize->digestSize = SHA512_DIGEST_SIZE;
1686 NumberOfAlgorithms++;
1687 }
1688
1689 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
1690 TempDigestSize = DigestSize;
1691 TempDigestSize += NumberOfAlgorithms;
1692 TempDigestSize->algorithmId = TPM_ALG_SM3_256;
1693 TempDigestSize->digestSize = SM3_256_DIGEST_SIZE;
1694 NumberOfAlgorithms++;
1695 }
1696
1697 CopyMem (TcgEfiSpecIdEventStruct + 1, &NumberOfAlgorithms, sizeof (NumberOfAlgorithms));
1698 TempDigestSize = DigestSize;
1699 TempDigestSize += NumberOfAlgorithms;
1700 VendorInfoSize = (UINT8 *)TempDigestSize;
1701 *VendorInfoSize = 0;
1702
1703 SpecIdEvent.PCRIndex = 0;
1704 SpecIdEvent.EventType = EV_NO_ACTION;
1705 ZeroMem (&SpecIdEvent.Digest, sizeof (SpecIdEvent.Digest));
1706 SpecIdEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
1707
1708 //
1709 // Log TcgEfiSpecIdEventStruct as the first Event. Event format is TCG_PCR_EVENT.
1710 // TCG EFI Protocol Spec. Section 5.3 Event Log Header
1711 // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log
1712 //
1713 Status = TcgDxeLogEvent (
1714 mTcg2EventInfo[Index].LogFormat,
1715 &SpecIdEvent,
1716 sizeof (SpecIdEvent),
1717 (UINT8 *)TcgEfiSpecIdEventStruct,
1718 SpecIdEvent.EventSize
1719 );
1720 //
1721 // record the offset at the end of 800-155 event.
1722 // the future 800-155 event can be inserted here.
1723 //
1724 mTcgDxeData.EventLogAreaStruct[Index].Next800155EventOffset = \
1725 mTcgDxeData.EventLogAreaStruct[Index].EventLogSize;
1726
1727 //
1728 // Tcg800155PlatformIdEvent. Event format is TCG_PCR_EVENT2
1729 //
1730 GuidHob.Guid = GetFirstGuidHob (&gTcg800155PlatformIdEventHobGuid);
1731 while (GuidHob.Guid != NULL) {
1732 InitNoActionEvent (&NoActionEvent, GET_GUID_HOB_DATA_SIZE (GuidHob.Guid));
1733
1734 Status = TcgDxeLogEvent (
1735 mTcg2EventInfo[Index].LogFormat,
1736 &NoActionEvent,
1737 sizeof (NoActionEvent.PCRIndex) + sizeof (NoActionEvent.EventType) + GetDigestListBinSize (&NoActionEvent.Digests) + sizeof (NoActionEvent.EventSize),
1738 GET_GUID_HOB_DATA (GuidHob.Guid),
1739 GET_GUID_HOB_DATA_SIZE (GuidHob.Guid)
1740 );
1741
1742 GuidHob.Guid = GET_NEXT_HOB (GuidHob);
1743 GuidHob.Guid = GetNextGuidHob (&gTcg800155PlatformIdEventHobGuid, GuidHob.Guid);
1744 }
1745
1746 //
1747 // EfiStartupLocalityEvent. Event format is TCG_PCR_EVENT2
1748 //
1749 GuidHob.Guid = GetFirstGuidHob (&gTpm2StartupLocalityHobGuid);
1750 if (GuidHob.Guid != NULL) {
1751 //
1752 // Get Locality Indicator from StartupLocality HOB
1753 //
1754 StartupLocalityEvent.StartupLocality = *(UINT8 *)(GET_GUID_HOB_DATA (GuidHob.Guid));
1755 CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof (StartupLocalityEvent.Signature));
1756 DEBUG ((DEBUG_INFO, "SetupEventLog: Set Locality from HOB into StartupLocalityEvent 0x%02x\n", StartupLocalityEvent.StartupLocality));
1757
1758 //
1759 // Initialize StartupLocalityEvent
1760 //
1761 InitNoActionEvent (&NoActionEvent, sizeof (StartupLocalityEvent));
1762
1763 //
1764 // Log EfiStartupLocalityEvent as the second Event
1765 // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
1766 //
1767 Status = TcgDxeLogEvent (
1768 mTcg2EventInfo[Index].LogFormat,
1769 &NoActionEvent,
1770 sizeof (NoActionEvent.PCRIndex) + sizeof (NoActionEvent.EventType) + GetDigestListBinSize (&NoActionEvent.Digests) + sizeof (NoActionEvent.EventSize),
1771 (UINT8 *)&StartupLocalityEvent,
1772 sizeof (StartupLocalityEvent)
1773 );
1774 }
1775 }
1776 }
1777 }
1778
1779 //
1780 // 2. Create Final Log Area
1781 //
1782 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
1783 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1784 if (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) {
1785 Status = gBS->AllocatePages (
1786 AllocateAnyPages,
1787 EfiACPIMemoryNVS,
1788 EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcg2FinalLogAreaLen)),
1789 &Lasa
1790 );
1791 if (EFI_ERROR (Status)) {
1792 return Status;
1793 }
1794
1795 SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcg2FinalLogAreaLen), 0xFF);
1796
1797 //
1798 // Initialize
1799 //
1800 mTcgDxeData.FinalEventsTable[Index] = (VOID *)(UINTN)Lasa;
1801 (mTcgDxeData.FinalEventsTable[Index])->Version = EFI_TCG2_FINAL_EVENTS_TABLE_VERSION;
1802 (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents = 0;
1803
1804 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1805 mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = Lasa + sizeof (EFI_TCG2_FINAL_EVENTS_TABLE);
1806 mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcg2FinalLogAreaLen) - sizeof (EFI_TCG2_FINAL_EVENTS_TABLE);
1807 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
1808 mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID *)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;
1809 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
1810 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
1811 mTcgDxeData.FinalEventLogAreaStruct[Index].Next800155EventOffset = 0;
1812
1813 //
1814 // Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2
1815 //
1816 Status = gBS->InstallConfigurationTable (&gEfiTcg2FinalEventsTableGuid, (VOID *)mTcgDxeData.FinalEventsTable[Index]);
1817 if (EFI_ERROR (Status)) {
1818 return Status;
1819 }
1820 } else {
1821 //
1822 // No need to handle EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2
1823 //
1824 mTcgDxeData.FinalEventsTable[Index] = NULL;
1825 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1826 mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = 0;
1827 mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = 0;
1828 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
1829 mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = 0;
1830 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
1831 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
1832 mTcgDxeData.FinalEventLogAreaStruct[Index].Next800155EventOffset = 0;
1833 }
1834 }
1835 }
1836
1837 //
1838 // 3. Sync data from PEI to DXE
1839 //
1840 Status = EFI_SUCCESS;
1841 for (Index = 0; Index < sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]); Index++) {
1842 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1843 GuidHob.Raw = GetHobList ();
1844 Status = EFI_SUCCESS;
1845 while (!EFI_ERROR (Status) &&
1846 (GuidHob.Raw = GetNextGuidHob (mTcg2EventInfo[Index].EventGuid, GuidHob.Raw)) != NULL)
1847 {
1848 TcgEvent = AllocateCopyPool (GET_GUID_HOB_DATA_SIZE (GuidHob.Guid), GET_GUID_HOB_DATA (GuidHob.Guid));
1849 ASSERT (TcgEvent != NULL);
1850 GuidHob.Raw = GET_NEXT_HOB (GuidHob);
1851 switch (mTcg2EventInfo[Index].LogFormat) {
1852 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
1853 Status = TcgDxeLogEvent (
1854 mTcg2EventInfo[Index].LogFormat,
1855 TcgEvent,
1856 sizeof (TCG_PCR_EVENT_HDR),
1857 ((TCG_PCR_EVENT *)TcgEvent)->Event,
1858 ((TCG_PCR_EVENT_HDR *)TcgEvent)->EventSize
1859 );
1860 break;
1861 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
1862 DigestListBin = (UINT8 *)TcgEvent + sizeof (TCG_PCRINDEX) + sizeof (TCG_EVENTTYPE);
1863 DigestListBinSize = GetDigestListBinSize (DigestListBin);
1864 //
1865 // Save event size.
1866 //
1867 CopyMem (&EventSize, (UINT8 *)DigestListBin + DigestListBinSize, sizeof (UINT32));
1868 Event = (UINT8 *)DigestListBin + DigestListBinSize + sizeof (UINT32);
1869 //
1870 // Filter inactive digest in the event2 log from PEI HOB.
1871 //
1872 CopyMem (&TempDigestListBin, DigestListBin, GetDigestListBinSize (DigestListBin));
1873 EventSizePtr = CopyDigestListBinToBuffer (
1874 DigestListBin,
1875 &TempDigestListBin,
1876 mTcgDxeData.BsCap.ActivePcrBanks,
1877 &HashAlgorithmMaskCopied
1878 );
1879 if (HashAlgorithmMaskCopied != mTcgDxeData.BsCap.ActivePcrBanks) {
1880 DEBUG ((
1881 DEBUG_ERROR,
1882 "ERROR: The event2 log includes digest hash mask 0x%x, but required digest hash mask is 0x%x\n",
1883 HashAlgorithmMaskCopied,
1884 mTcgDxeData.BsCap.ActivePcrBanks
1885 ));
1886 }
1887
1888 //
1889 // Restore event size.
1890 //
1891 CopyMem (EventSizePtr, &EventSize, sizeof (UINT32));
1892 DigestListBinSize = GetDigestListBinSize (DigestListBin);
1893
1894 Status = TcgDxeLogEvent (
1895 mTcg2EventInfo[Index].LogFormat,
1896 TcgEvent,
1897 sizeof (TCG_PCRINDEX) + sizeof (TCG_EVENTTYPE) + DigestListBinSize + sizeof (UINT32),
1898 Event,
1899 EventSize
1900 );
1901 break;
1902 }
1903
1904 FreePool (TcgEvent);
1905 }
1906 }
1907 }
1908
1909 return Status;
1910}
1911
1922EFI_STATUS
1923TcgMeasureAction (
1924 IN TPM_PCRINDEX PCRIndex,
1925 IN CHAR8 *String
1926 )
1927{
1928 TCG_PCR_EVENT_HDR TcgEvent;
1929
1930 TcgEvent.PCRIndex = PCRIndex;
1931 TcgEvent.EventType = EV_EFI_ACTION;
1932 TcgEvent.EventSize = (UINT32)AsciiStrLen (String);
1933 return TcgDxeHashLogExtendEvent (
1934 0,
1935 (UINT8 *)String,
1936 TcgEvent.EventSize,
1937 &TcgEvent,
1938 (UINT8 *)String
1939 );
1940}
1941
1949EFI_STATUS
1950MeasureHandoffTables (
1951 VOID
1952 )
1953{
1954 EFI_STATUS Status;
1955 TCG_PCR_EVENT_HDR TcgEvent;
1956 EFI_HANDOFF_TABLE_POINTERS HandoffTables;
1957 UINTN ProcessorNum;
1958 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
1959
1960 ProcessorLocBuf = NULL;
1961 Status = EFI_SUCCESS;
1962
1963 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
1964 //
1965 // Tcg Server spec.
1966 // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
1967 //
1968 Status = GetProcessorsCpuLocation (&ProcessorLocBuf, &ProcessorNum);
1969
1970 if (!EFI_ERROR (Status)) {
1971 TcgEvent.PCRIndex = 1;
1972 TcgEvent.EventType = EV_TABLE_OF_DEVICES;
1973 TcgEvent.EventSize = sizeof (HandoffTables);
1974
1975 HandoffTables.NumberOfTables = 1;
1976 HandoffTables.TableEntry[0].VendorGuid = gEfiMpServiceProtocolGuid;
1977 HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf;
1978
1979 Status = TcgDxeHashLogExtendEvent (
1980 0,
1981 (UINT8 *)(UINTN)ProcessorLocBuf,
1982 sizeof (EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
1983 &TcgEvent,
1984 (UINT8 *)&HandoffTables
1985 );
1986
1987 FreePool (ProcessorLocBuf);
1988 }
1989 }
1990
1991 return Status;
1992}
1993
2003EFI_STATUS
2004MeasureSeparatorEvent (
2005 IN TPM_PCRINDEX PCRIndex
2006 )
2007{
2008 TCG_PCR_EVENT_HDR TcgEvent;
2009 UINT32 EventData;
2010
2011 DEBUG ((DEBUG_INFO, "MeasureSeparatorEvent Pcr - %x\n", PCRIndex));
2012
2013 EventData = 0;
2014 TcgEvent.PCRIndex = PCRIndex;
2015 TcgEvent.EventType = EV_SEPARATOR;
2016 TcgEvent.EventSize = (UINT32)sizeof (EventData);
2017 return TcgDxeHashLogExtendEvent (
2018 0,
2019 (UINT8 *)&EventData,
2020 sizeof (EventData),
2021 &TcgEvent,
2022 (UINT8 *)&EventData
2023 );
2024}
2025
2041EFI_STATUS
2042MeasureVariable (
2043 IN TPM_PCRINDEX PCRIndex,
2044 IN TCG_EVENTTYPE EventType,
2045 IN CHAR16 *VarName,
2046 IN EFI_GUID *VendorGuid,
2047 IN VOID *VarData,
2048 IN UINTN VarSize
2049 )
2050{
2051 EFI_STATUS Status;
2052 TCG_PCR_EVENT_HDR TcgEvent;
2053 UINTN VarNameLength;
2054 UEFI_VARIABLE_DATA *VarLog;
2055
2056 DEBUG ((DEBUG_INFO, "Tcg2Dxe: MeasureVariable (Pcr - %x, EventType - %x, ", (UINTN)PCRIndex, (UINTN)EventType));
2057 DEBUG ((DEBUG_INFO, "VariableName - %s, VendorGuid - %g)\n", VarName, VendorGuid));
2058
2059 VarNameLength = StrLen (VarName);
2060 TcgEvent.PCRIndex = PCRIndex;
2061 TcgEvent.EventType = EventType;
2062
2063 TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
2064 - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
2065
2066 VarLog = (UEFI_VARIABLE_DATA *)AllocatePool (TcgEvent.EventSize);
2067 if (VarLog == NULL) {
2068 return EFI_OUT_OF_RESOURCES;
2069 }
2070
2071 VarLog->VariableName = *VendorGuid;
2072 VarLog->UnicodeNameLength = VarNameLength;
2073 VarLog->VariableDataLength = VarSize;
2074 CopyMem (
2075 VarLog->UnicodeName,
2076 VarName,
2077 VarNameLength * sizeof (*VarName)
2078 );
2079 if ((VarSize != 0) && (VarData != NULL)) {
2080 CopyMem (
2081 (CHAR16 *)VarLog->UnicodeName + VarNameLength,
2082 VarData,
2083 VarSize
2084 );
2085 }
2086
2087 if ((EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) || (EventType == EV_EFI_SPDM_DEVICE_POLICY)) {
2088 //
2089 // Digest is the event data (UEFI_VARIABLE_DATA)
2090 //
2091 Status = TcgDxeHashLogExtendEvent (
2092 0,
2093 (UINT8 *)VarLog,
2094 TcgEvent.EventSize,
2095 &TcgEvent,
2096 (UINT8 *)VarLog
2097 );
2098 } else {
2099 ASSERT (VarData != NULL);
2100 Status = TcgDxeHashLogExtendEvent (
2101 0,
2102 (UINT8 *)VarData,
2103 VarSize,
2104 &TcgEvent,
2105 (UINT8 *)VarLog
2106 );
2107 }
2108
2109 FreePool (VarLog);
2110 return Status;
2111}
2112
2128EFI_STATUS
2129ReadAndMeasureVariable (
2130 IN TPM_PCRINDEX PCRIndex,
2131 IN TCG_EVENTTYPE EventType,
2132 IN CHAR16 *VarName,
2133 IN EFI_GUID *VendorGuid,
2134 OUT UINTN *VarSize,
2135 OUT VOID **VarData
2136 )
2137{
2138 EFI_STATUS Status;
2139
2140 Status = GetVariable2 (VarName, VendorGuid, VarData, VarSize);
2141 if (EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) {
2142 if (EFI_ERROR (Status)) {
2143 //
2144 // It is valid case, so we need handle it.
2145 //
2146 *VarData = NULL;
2147 *VarSize = 0;
2148 }
2149 } else {
2150 //
2151 // if status error, VarData is freed and set NULL by GetVariable2
2152 //
2153 if (EFI_ERROR (Status)) {
2154 return EFI_NOT_FOUND;
2155 }
2156 }
2157
2158 Status = MeasureVariable (
2159 PCRIndex,
2160 EventType,
2161 VarName,
2162 VendorGuid,
2163 *VarData,
2164 *VarSize
2165 );
2166 return Status;
2167}
2168
2183EFI_STATUS
2184ReadAndMeasureBootVariable (
2185 IN CHAR16 *VarName,
2186 IN EFI_GUID *VendorGuid,
2187 OUT UINTN *VarSize,
2188 OUT VOID **VarData
2189 )
2190{
2191 return ReadAndMeasureVariable (
2192 1,
2193 EV_EFI_VARIABLE_BOOT,
2194 VarName,
2195 VendorGuid,
2196 VarSize,
2197 VarData
2198 );
2199}
2200
2214EFI_STATUS
2215ReadAndMeasureSecureVariable (
2216 IN CHAR16 *VarName,
2217 IN EFI_GUID *VendorGuid,
2218 OUT UINTN *VarSize,
2219 OUT VOID **VarData
2220 )
2221{
2222 return ReadAndMeasureVariable (
2223 7,
2224 EV_EFI_VARIABLE_DRIVER_CONFIG,
2225 VarName,
2226 VendorGuid,
2227 VarSize,
2228 VarData
2229 );
2230}
2231
2242EFI_STATUS
2243MeasureAllBootVariables (
2244 VOID
2245 )
2246{
2247 EFI_STATUS Status;
2248 UINT16 *BootOrder;
2249 UINTN BootCount;
2250 UINTN Index;
2251 VOID *BootVarData;
2252 UINTN Size;
2253
2254 Status = ReadAndMeasureBootVariable (
2255 mBootVarName,
2256 &gEfiGlobalVariableGuid,
2257 &BootCount,
2258 (VOID **)&BootOrder
2259 );
2260 if ((Status == EFI_NOT_FOUND) || (BootOrder == NULL)) {
2261 return EFI_SUCCESS;
2262 }
2263
2264 if (EFI_ERROR (Status)) {
2265 //
2266 // BootOrder can't be NULL if status is not EFI_NOT_FOUND
2267 //
2268 FreePool (BootOrder);
2269 return Status;
2270 }
2271
2272 BootCount /= sizeof (*BootOrder);
2273 for (Index = 0; Index < BootCount; Index++) {
2274 UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);
2275 Status = ReadAndMeasureBootVariable (
2276 mBootVarName,
2277 &gEfiGlobalVariableGuid,
2278 &Size,
2279 &BootVarData
2280 );
2281 if (!EFI_ERROR (Status)) {
2282 FreePool (BootVarData);
2283 }
2284 }
2285
2286 FreePool (BootOrder);
2287 return EFI_SUCCESS;
2288}
2289
2300EFI_STATUS
2301MeasureAllSecureVariables (
2302 VOID
2303 )
2304{
2305 EFI_STATUS Status;
2306 VOID *Data;
2307 UINTN DataSize;
2308 UINTN Index;
2309
2310 Status = EFI_NOT_FOUND;
2311 for (Index = 0; Index < sizeof (mVariableType)/sizeof (mVariableType[0]); Index++) {
2312 Status = ReadAndMeasureSecureVariable (
2313 mVariableType[Index].VariableName,
2314 mVariableType[Index].VendorGuid,
2315 &DataSize,
2316 &Data
2317 );
2318 if (!EFI_ERROR (Status)) {
2319 if (Data != NULL) {
2320 FreePool (Data);
2321 }
2322 }
2323 }
2324
2325 //
2326 // Measure DBT if present and not empty
2327 //
2328 Status = GetVariable2 (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, &Data, &DataSize);
2329 if (!EFI_ERROR (Status)) {
2330 Status = MeasureVariable (
2331 7,
2332 EV_EFI_VARIABLE_DRIVER_CONFIG,
2333 EFI_IMAGE_SECURITY_DATABASE2,
2334 &gEfiImageSecurityDatabaseGuid,
2335 Data,
2336 DataSize
2337 );
2338 FreePool (Data);
2339 } else {
2340 DEBUG ((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n", EFI_IMAGE_SECURITY_DATABASE2));
2341 }
2342
2343 //
2344 // Meaurement UEFI device signature database
2345 //
2346 if ((PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_106) &&
2347 (PcdGet8 (PcdEnableSpdmDeviceAuthentication) != 0))
2348 {
2349 Status = GetVariable2 (EFI_DEVICE_SECURITY_DATABASE, &gEfiDeviceSignatureDatabaseGuid, &Data, &DataSize);
2350 if (Status == EFI_SUCCESS) {
2351 Status = MeasureVariable (
2352 PCR_INDEX_FOR_SIGNATURE_DB,
2353 EV_EFI_SPDM_DEVICE_POLICY,
2354 EFI_DEVICE_SECURITY_DATABASE,
2355 &gEfiDeviceSignatureDatabaseGuid,
2356 Data,
2357 DataSize
2358 );
2359 FreePool (Data);
2360 } else if (Status == EFI_NOT_FOUND) {
2361 Data = NULL;
2362 DataSize = 0;
2363 Status = MeasureVariable (
2364 PCR_INDEX_FOR_SIGNATURE_DB,
2365 EV_EFI_SPDM_DEVICE_POLICY,
2366 EFI_DEVICE_SECURITY_DATABASE,
2367 &gEfiDeviceSignatureDatabaseGuid,
2368 Data,
2369 DataSize
2370 );
2371 }
2372 }
2373
2374 return EFI_SUCCESS;
2375}
2376
2385EFI_STATUS
2386MeasureLaunchOfFirmwareDebugger (
2387 VOID
2388 )
2389{
2390 TCG_PCR_EVENT_HDR TcgEvent;
2391
2392 TcgEvent.PCRIndex = 7;
2393 TcgEvent.EventType = EV_EFI_ACTION;
2394 TcgEvent.EventSize = sizeof (FIRMWARE_DEBUGGER_EVENT_STRING) - 1;
2395 return TcgDxeHashLogExtendEvent (
2396 0,
2397 (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING,
2398 sizeof (FIRMWARE_DEBUGGER_EVENT_STRING) - 1,
2399 &TcgEvent,
2400 (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING
2401 );
2402}
2403
2422VOID
2423EFIAPI
2424MeasureSecureBootPolicy (
2425 IN EFI_EVENT Event,
2426 IN VOID *Context
2427 )
2428{
2429 EFI_STATUS Status;
2430 VOID *Protocol;
2431
2432 Status = gBS->LocateProtocol (&gEfiVariableWriteArchProtocolGuid, NULL, (VOID **)&Protocol);
2433 if (EFI_ERROR (Status)) {
2434 return;
2435 }
2436
2437 if (PcdGetBool (PcdFirmwareDebuggerInitialized)) {
2438 Status = MeasureLaunchOfFirmwareDebugger ();
2439 DEBUG ((DEBUG_INFO, "MeasureLaunchOfFirmwareDebugger - %r\n", Status));
2440 }
2441
2442 Status = MeasureAllSecureVariables ();
2443 DEBUG ((DEBUG_INFO, "MeasureAllSecureVariables - %r\n", Status));
2444
2445 //
2446 // We need measure Separator(7) here, because this event must be between SecureBootPolicy (Configure)
2447 // and ImageVerification (Authority)
2448 // There might be a case that we need measure UEFI image from DriverOrder, besides BootOrder. So
2449 // the Authority measurement happen before ReadToBoot event.
2450 //
2451 Status = MeasureSeparatorEvent (7);
2452 DEBUG ((DEBUG_INFO, "MeasureSeparatorEvent - %r\n", Status));
2453 return;
2454}
2455
2465VOID
2466EFIAPI
2467OnReadyToBoot (
2468 IN EFI_EVENT Event,
2469 IN VOID *Context
2470 )
2471{
2472 EFI_STATUS Status;
2473 TPM_PCRINDEX PcrIndex;
2474
2475 PERF_START_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE);
2476 if (mBootAttempts == 0) {
2477 //
2478 // Measure handoff tables.
2479 //
2480 Status = MeasureHandoffTables ();
2481 if (EFI_ERROR (Status)) {
2482 DEBUG ((DEBUG_ERROR, "HOBs not Measured. Error!\n"));
2483 }
2484
2485 //
2486 // Measure BootOrder & Boot#### variables.
2487 //
2488 Status = MeasureAllBootVariables ();
2489 if (EFI_ERROR (Status)) {
2490 DEBUG ((DEBUG_ERROR, "Boot Variables not Measured. Error!\n"));
2491 }
2492
2493 //
2494 // 1. This is the first boot attempt.
2495 //
2496 Status = TcgMeasureAction (
2497 4,
2498 EFI_CALLING_EFI_APPLICATION
2499 );
2500 if (EFI_ERROR (Status)) {
2501 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));
2502 }
2503
2504 //
2505 // 2. Draw a line between pre-boot env and entering post-boot env.
2506 // PCR[7] is already done.
2507 //
2508 for (PcrIndex = 0; PcrIndex < 7; PcrIndex++) {
2509 Status = MeasureSeparatorEvent (PcrIndex);
2510 if (EFI_ERROR (Status)) {
2511 DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));
2512 }
2513 }
2514
2515 //
2516 // 3. Measure GPT. It would be done in SAP driver.
2517 //
2518
2519 //
2520 // 4. Measure PE/COFF OS loader. It would be done in SAP driver.
2521 //
2522
2523 //
2524 // 5. Read & Measure variable. BootOrder already measured.
2525 //
2526 } else {
2527 //
2528 // 6. Not first attempt, meaning a return from last attempt
2529 //
2530 Status = TcgMeasureAction (
2531 4,
2532 EFI_RETURNING_FROM_EFI_APPLICATION
2533 );
2534 if (EFI_ERROR (Status)) {
2535 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATION));
2536 }
2537
2538 //
2539 // 7. Next boot attempt, measure "Calling EFI Application from Boot Option" again
2540 // TCG PC Client PFP spec Section 2.4.4.5 Step 4
2541 //
2542 Status = TcgMeasureAction (
2543 4,
2544 EFI_CALLING_EFI_APPLICATION
2545 );
2546 if (EFI_ERROR (Status)) {
2547 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));
2548 }
2549 }
2550
2551 DEBUG ((DEBUG_INFO, "TPM2 Tcg2Dxe Measure Data when ReadyToBoot\n"));
2552 //
2553 // Increase boot attempt counter.
2554 //
2555 mBootAttempts++;
2556 PERF_END_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE + 1);
2557}
2558
2568VOID
2569EFIAPI
2570OnExitBootServices (
2571 IN EFI_EVENT Event,
2572 IN VOID *Context
2573 )
2574{
2575 EFI_STATUS Status;
2576
2577 //
2578 // Measure invocation of ExitBootServices,
2579 //
2580 Status = TcgMeasureAction (
2581 5,
2582 EFI_EXIT_BOOT_SERVICES_INVOCATION
2583 );
2584 if (EFI_ERROR (Status)) {
2585 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));
2586 }
2587
2588 //
2589 // Measure success of ExitBootServices
2590 //
2591 Status = TcgMeasureAction (
2592 5,
2593 EFI_EXIT_BOOT_SERVICES_SUCCEEDED
2594 );
2595 if (EFI_ERROR (Status)) {
2596 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));
2597 }
2598}
2599
2609VOID
2610EFIAPI
2611OnExitBootServicesFailed (
2612 IN EFI_EVENT Event,
2613 IN VOID *Context
2614 )
2615{
2616 EFI_STATUS Status;
2617
2618 //
2619 // Measure invocation of ExitBootServices,
2620 //
2621 Status = TcgMeasureAction (
2622 5,
2623 EFI_EXIT_BOOT_SERVICES_INVOCATION
2624 );
2625 if (EFI_ERROR (Status)) {
2626 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));
2627 }
2628
2629 //
2630 // Measure Failure of ExitBootServices,
2631 //
2632 Status = TcgMeasureAction (
2633 5,
2634 EFI_EXIT_BOOT_SERVICES_FAILED
2635 );
2636 if (EFI_ERROR (Status)) {
2637 DEBUG ((DEBUG_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));
2638 }
2639}
2640
2658VOID
2659EFIAPI
2660ShutdownTpmOnReset (
2661 IN EFI_RESET_TYPE ResetType,
2662 IN EFI_STATUS ResetStatus,
2663 IN UINTN DataSize,
2664 IN VOID *ResetData OPTIONAL
2665 )
2666{
2667 EFI_STATUS Status;
2668
2669 Status = Tpm2Shutdown (TPM_SU_CLEAR);
2670 DEBUG ((DEBUG_VERBOSE, "Tpm2Shutdown (SU_CLEAR) - %r\n", Status));
2671}
2672
2681VOID
2682EFIAPI
2683OnResetNotificationInstall (
2684 IN EFI_EVENT Event,
2685 IN VOID *Context
2686 )
2687{
2688 EFI_STATUS Status;
2689 EFI_RESET_NOTIFICATION_PROTOCOL *ResetNotify;
2690
2691 Status = gBS->LocateProtocol (&gEfiResetNotificationProtocolGuid, NULL, (VOID **)&ResetNotify);
2692 if (!EFI_ERROR (Status)) {
2693 Status = ResetNotify->RegisterResetNotify (ResetNotify, ShutdownTpmOnReset);
2694 ASSERT_EFI_ERROR (Status);
2695 DEBUG ((DEBUG_VERBOSE, "TCG2: Hook system reset to properly shutdown TPM.\n"));
2696
2697 gBS->CloseEvent (Event);
2698 }
2699}
2700
2707EFI_STATUS
2708InstallTcg2 (
2709 VOID
2710 )
2711{
2712 EFI_STATUS Status;
2713 EFI_HANDLE Handle;
2714
2715 Handle = NULL;
2716 Status = gBS->InstallMultipleProtocolInterfaces (
2717 &Handle,
2718 &gEfiTcg2ProtocolGuid,
2719 &mTcg2Protocol,
2720 NULL
2721 );
2722 return Status;
2723}
2724
2734EFI_STATUS
2735EFIAPI
2736DriverEntry (
2737 IN EFI_HANDLE ImageHandle,
2738 IN EFI_SYSTEM_TABLE *SystemTable
2739 )
2740{
2741 EFI_STATUS Status;
2742 EFI_EVENT Event;
2743 VOID *Registration;
2744 UINT32 MaxCommandSize;
2745 UINT32 MaxResponseSize;
2746 UINTN Index;
2747 EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;
2748 UINT32 ActivePCRBanks;
2749 UINT32 NumberOfPCRBanks;
2750
2751 mImageHandle = ImageHandle;
2752
2753 if (CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
2754 CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid))
2755 {
2756 DEBUG ((DEBUG_INFO, "No TPM2 instance required!\n"));
2757 return EFI_UNSUPPORTED;
2758 }
2759
2760 if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
2761 DEBUG ((DEBUG_ERROR, "TPM2 error!\n"));
2762 return EFI_DEVICE_ERROR;
2763 }
2764
2765 Status = Tpm2RequestUseTpm ();
2766 if (EFI_ERROR (Status)) {
2767 DEBUG ((DEBUG_ERROR, "TPM2 not detected!\n"));
2768 return Status;
2769 }
2770
2771 //
2772 // Fill information
2773 //
2774 ASSERT (TCG_EVENT_LOG_AREA_COUNT_MAX == sizeof (mTcg2EventInfo)/sizeof (mTcg2EventInfo[0]));
2775
2776 mTcgDxeData.BsCap.Size = sizeof (EFI_TCG2_BOOT_SERVICE_CAPABILITY);
2777 mTcgDxeData.BsCap.ProtocolVersion.Major = 1;
2778 mTcgDxeData.BsCap.ProtocolVersion.Minor = 1;
2779 mTcgDxeData.BsCap.StructureVersion.Major = 1;
2780 mTcgDxeData.BsCap.StructureVersion.Minor = 1;
2781
2782 DEBUG ((DEBUG_INFO, "Tcg2.ProtocolVersion - %02x.%02x\n", mTcgDxeData.BsCap.ProtocolVersion.Major, mTcgDxeData.BsCap.ProtocolVersion.Minor));
2783 DEBUG ((DEBUG_INFO, "Tcg2.StructureVersion - %02x.%02x\n", mTcgDxeData.BsCap.StructureVersion.Major, mTcgDxeData.BsCap.StructureVersion.Minor));
2784
2785 Status = Tpm2GetCapabilityManufactureID (&mTcgDxeData.BsCap.ManufacturerID);
2786 if (EFI_ERROR (Status)) {
2787 DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityManufactureID fail!\n"));
2788 } else {
2789 DEBUG ((DEBUG_INFO, "Tpm2GetCapabilityManufactureID - %08x\n", mTcgDxeData.BsCap.ManufacturerID));
2790 }
2791
2792 DEBUG_CODE_BEGIN ();
2793 UINT32 FirmwareVersion1;
2794 UINT32 FirmwareVersion2;
2795
2796 Status = Tpm2GetCapabilityFirmwareVersion (&FirmwareVersion1, &FirmwareVersion2);
2797 if (EFI_ERROR (Status)) {
2798 DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityFirmwareVersion fail!\n"));
2799 } else {
2800 DEBUG ((DEBUG_INFO, "Tpm2GetCapabilityFirmwareVersion - %08x %08x\n", FirmwareVersion1, FirmwareVersion2));
2801 }
2802
2803 DEBUG_CODE_END ();
2804
2805 Status = Tpm2GetCapabilityMaxCommandResponseSize (&MaxCommandSize, &MaxResponseSize);
2806 if (EFI_ERROR (Status)) {
2807 DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityMaxCommandResponseSize fail!\n"));
2808 } else {
2809 mTcgDxeData.BsCap.MaxCommandSize = (UINT16)MaxCommandSize;
2810 mTcgDxeData.BsCap.MaxResponseSize = (UINT16)MaxResponseSize;
2811 DEBUG ((DEBUG_INFO, "Tpm2GetCapabilityMaxCommandResponseSize - %08x, %08x\n", MaxCommandSize, MaxResponseSize));
2812 }
2813
2814 //
2815 // Get supported PCR and current Active PCRs
2816 //
2817 Status = Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmBitmap, &ActivePCRBanks);
2818 ASSERT_EFI_ERROR (Status);
2819
2820 mTcgDxeData.BsCap.HashAlgorithmBitmap = TpmHashAlgorithmBitmap & PcdGet32 (PcdTcg2HashAlgorithmBitmap);
2821 mTcgDxeData.BsCap.ActivePcrBanks = ActivePCRBanks & PcdGet32 (PcdTcg2HashAlgorithmBitmap);
2822
2823 //
2824 // Need calculate NumberOfPCRBanks here, because HashAlgorithmBitmap might be removed by PCD.
2825 //
2826 NumberOfPCRBanks = 0;
2827 for (Index = 0; Index < 32; Index++) {
2828 if ((mTcgDxeData.BsCap.HashAlgorithmBitmap & (1u << Index)) != 0) {
2829 NumberOfPCRBanks++;
2830 }
2831 }
2832
2833 if (PcdGet32 (PcdTcg2NumberOfPCRBanks) == 0) {
2834 mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;
2835 } else {
2836 mTcgDxeData.BsCap.NumberOfPCRBanks = PcdGet32 (PcdTcg2NumberOfPCRBanks);
2837 if (PcdGet32 (PcdTcg2NumberOfPCRBanks) > NumberOfPCRBanks) {
2838 DEBUG ((DEBUG_ERROR, "ERROR: PcdTcg2NumberOfPCRBanks(0x%x) > NumberOfPCRBanks(0x%x)\n", PcdGet32 (PcdTcg2NumberOfPCRBanks), NumberOfPCRBanks));
2839 mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;
2840 }
2841 }
2842
2843 mTcgDxeData.BsCap.SupportedEventLogs = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;
2844 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) == 0) {
2845 //
2846 // No need to expose TCG1.2 event log if SHA1 bank does not exist.
2847 //
2848 mTcgDxeData.BsCap.SupportedEventLogs &= ~EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
2849 }
2850
2851 DEBUG ((DEBUG_INFO, "Tcg2.SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));
2852 DEBUG ((DEBUG_INFO, "Tcg2.HashAlgorithmBitmap - 0x%08x\n", mTcgDxeData.BsCap.HashAlgorithmBitmap));
2853 DEBUG ((DEBUG_INFO, "Tcg2.NumberOfPCRBanks - 0x%08x\n", mTcgDxeData.BsCap.NumberOfPCRBanks));
2854 DEBUG ((DEBUG_INFO, "Tcg2.ActivePcrBanks - 0x%08x\n", mTcgDxeData.BsCap.ActivePcrBanks));
2855
2856 if (mTcgDxeData.BsCap.TPMPresentFlag) {
2857 //
2858 // Setup the log area and copy event log from hob list to it
2859 //
2860 Status = SetupEventLog ();
2861 ASSERT_EFI_ERROR (Status);
2862
2863 //
2864 // Measure handoff tables, Boot#### variables etc.
2865 //
2866 Status = EfiCreateEventReadyToBootEx (
2867 TPL_CALLBACK,
2868 OnReadyToBoot,
2869 NULL,
2870 &Event
2871 );
2872
2873 Status = gBS->CreateEventEx (
2874 EVT_NOTIFY_SIGNAL,
2875 TPL_NOTIFY,
2876 OnExitBootServices,
2877 NULL,
2878 &gEfiEventExitBootServicesGuid,
2879 &Event
2880 );
2881
2882 //
2883 // Measure Exit Boot Service failed
2884 //
2885 Status = gBS->CreateEventEx (
2886 EVT_NOTIFY_SIGNAL,
2887 TPL_NOTIFY,
2888 OnExitBootServicesFailed,
2889 NULL,
2890 &gEventExitBootServicesFailedGuid,
2891 &Event
2892 );
2893
2894 //
2895 // Create event callback, because we need access variable on SecureBootPolicyVariable
2896 // We should use VariableWriteArch instead of VariableArch, because Variable driver
2897 // may update SecureBoot value based on last setting.
2898 //
2899 EfiCreateProtocolNotifyEvent (&gEfiVariableWriteArchProtocolGuid, TPL_CALLBACK, MeasureSecureBootPolicy, NULL, &Registration);
2900
2901 //
2902 // Hook the system reset to properly shutdown TPM.
2903 //
2904 EfiCreateProtocolNotifyEvent (&gEfiResetNotificationProtocolGuid, TPL_CALLBACK, OnResetNotificationInstall, NULL, &Registration);
2905 }
2906
2907 //
2908 // Install Tcg2Protocol
2909 //
2910 Status = InstallTcg2 ();
2911 DEBUG ((DEBUG_INFO, "InstallTcg2 - %r\n", Status));
2912
2913 return Status;
2914}
UINTN
UINT64 UINTN
Definition: ProcessorBind.h:112
MAX_ADDRESS
#define MAX_ADDRESS
Definition: ProcessorBind.h:137
GetFirstGuidHob
VOID *EFIAPI GetFirstGuidHob(IN CONST EFI_GUID *Guid)
Definition: HobLib.c:215
GetNextGuidHob
VOID *EFIAPI GetNextGuidHob(IN CONST EFI_GUID *Guid, IN CONST VOID *HobStart)
Definition: HobLib.c:176
GetHobList
VOID *EFIAPI GetHobList(VOID)
Definition: HobLib.c:76
SHA1_DIGEST_SIZE
#define SHA1_DIGEST_SIZE
Definition: BaseCryptLib.h:39
SM3_256_DIGEST_SIZE
#define SM3_256_DIGEST_SIZE
Definition: BaseCryptLib.h:59
SHA512_DIGEST_SIZE
#define SHA512_DIGEST_SIZE
Definition: BaseCryptLib.h:54
SHA256_DIGEST_SIZE
#define SHA256_DIGEST_SIZE
Definition: BaseCryptLib.h:44
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49
AsciiStrLen
UINTN EFIAPI AsciiStrLen(IN CONST CHAR8 *String)
Definition: String.c:641
ReadUnaligned16
UINT16 EFIAPI ReadUnaligned16(IN CONST UINT16 *Buffer)
Definition: Unaligned.c:29
WriteUnaligned32
UINT32 EFIAPI WriteUnaligned32(OUT UINT32 *Buffer, IN UINT32 Value)
Definition: Unaligned.c:177
StrLen
UINTN EFIAPI StrLen(IN CONST CHAR16 *String)
Definition: String.c:30
ReadUnaligned32
UINT32 EFIAPI ReadUnaligned32(IN CONST UINT32 *Buffer)
Definition: Unaligned.c:145
CompareMem
INTN EFIAPI CompareMem(IN CONST VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CompareMemWrapper.c:45
CopyMem
VOID *EFIAPI CopyMem(OUT VOID *DestinationBuffer, IN CONST VOID *SourceBuffer, IN UINTN Length)
Definition: CopyMemWrapper.c:41
SetMem
VOID *EFIAPI SetMem(OUT VOID *Buffer, IN UINTN Length, IN UINT8 Value)
Definition: SetMemWrapper.c:38
CompareGuid
BOOLEAN EFIAPI CompareGuid(IN CONST GUID *Guid1, IN CONST GUID *Guid2)
Definition: MemLibGuid.c:73
ZeroMem
VOID *EFIAPI ZeroMem(OUT VOID *Buffer, IN UINTN Length)
Definition: ZeroMemWrapper.c:38
FreePool
VOID EFIAPI FreePool(IN VOID *Buffer)
Definition: MemoryAllocationLib.c:266
AllocateCopyPool
VOID *EFIAPI AllocateCopyPool(IN UINTN AllocationSize, IN CONST VOID *Buffer)
Definition: MemoryAllocationLib.c:590
EFI_KEY_EXCHANGE_KEY_NAME
#define EFI_KEY_EXCHANGE_KEY_NAME
Definition: GlobalVariable.h:126
EFI_PLATFORM_KEY_NAME
#define EFI_PLATFORM_KEY_NAME
Definition: GlobalVariable.h:131
EFI_SECURE_BOOT_MODE_NAME
#define EFI_SECURE_BOOT_MODE_NAME
Definition: GlobalVariable.h:143
HashAndExtend
EFI_STATUS EFIAPI HashAndExtend(IN TPMI_DH_PCR PcrIndex, IN VOID *DataToHash, IN UINTN DataToHashLen, OUT TPML_DIGEST_VALUES *DigestList)
Definition: HashLibTdx.c:150
EFI_IMAGE_SECURITY_DATABASE2
#define EFI_IMAGE_SECURITY_DATABASE2
Definition: ImageAuthentication.h:36
EFI_IMAGE_SECURITY_DATABASE1
#define EFI_IMAGE_SECURITY_DATABASE1
Definition: ImageAuthentication.h:31
EFI_IMAGE_SECURITY_DATABASE
#define EFI_IMAGE_SECURITY_DATABASE
Definition: ImageAuthentication.h:26
UnicodeSPrint
UINTN EFIAPI UnicodeSPrint(OUT CHAR16 *StartOfBuffer, IN UINTN BufferSize, IN CONST CHAR16 *FormatString,...)
Definition: PrintLib.c:408
NULL
#define NULL
Definition: Base.h:319
TRUE
#define TRUE
Definition: Base.h:301
FALSE
#define FALSE
Definition: Base.h:307
IN
#define IN
Definition: Base.h:279
OUT
#define OUT
Definition: Base.h:284
ASSERT_EFI_ERROR
#define ASSERT_EFI_ERROR(StatusParameter)
Definition: DebugLib.h:462
DEBUG_CODE_BEGIN
#define DEBUG_CODE_BEGIN()
Definition: DebugLib.h:564
DEBUG
#define DEBUG(Expression)
Definition: DebugLib.h:434
DEBUG_CODE_END
#define DEBUG_CODE_END()
Definition: DebugLib.h:578
REPORT_STATUS_CODE
#define REPORT_STATUS_CODE(Type, Value)
Definition: ReportStatusCodeLib.h:366
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction
UINT32 EFIAPI Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction(IN UINT32 OperationRequest, IN UINT32 RequestParameter)
Definition: DxeTcg2PhysicalPresenceLib.c:909
Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction
UINT32 EFIAPI Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction(OUT UINT32 *MostRecentRequest, OUT UINT32 *Response)
Definition: DxeTcg2PhysicalPresenceLib.c:871
PcdGet8
#define PcdGet8(TokenName)
Definition: PcdLib.h:336
PcdGet32
#define PcdGet32(TokenName)
Definition: PcdLib.h:362
PcdGetBool
#define PcdGetBool(TokenName)
Definition: PcdLib.h:401
PcdSet64S
#define PcdSet64S(TokenName, Value)
Definition: PcdLib.h:511
PcdSet32S
#define PcdSet32S(TokenName, Value)
Definition: PcdLib.h:497
PcdGetPtr
#define PcdGetPtr(TokenName)
Definition: PcdLib.h:388
PERF_START_EX
#define PERF_START_EX(Handle, Token, Module, TimeStamp, Identifier)
Definition: PerformanceLib.h:722
PERF_END_EX
#define PERF_END_EX(Handle, Token, Module, TimeStamp, Identifier)
Definition: PerformanceLib.h:708
EFI_ERROR_MINOR
#define EFI_ERROR_MINOR
Definition: PiStatusCode.h:58
AllocatePool
VOID *EFIAPI AllocatePool(IN UINTN AllocationSize)
Definition: MemoryAllocationLib.c:195
TcgMeasureAction
EFI_STATUS TcgMeasureAction(IN TPM_PCRINDEX PCRIndex, IN CHAR8 *String)
Definition: Tcg2Dxe.c:1923
OnExitBootServicesFailed
VOID EFIAPI OnExitBootServicesFailed(IN EFI_EVENT Event, IN VOID *Context)
Definition: Tcg2Dxe.c:2611
InternalDumpData
VOID InternalDumpData(IN UINT8 *Data, IN UINTN Size)
Definition: Tcg2Dxe.c:155
GetTcgEfiSpecIdEventStructSize
UINTN GetTcgEfiSpecIdEventStructSize(IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct)
Definition: Tcg2Dxe.c:501
CopyDigestListBinToBuffer
VOID * CopyDigestListBinToBuffer(IN OUT VOID *Buffer, IN VOID *DigestListBin, IN UINT32 HashAlgorithmMask, OUT UINT32 *HashAlgorithmMaskCopied)
Definition: Tcg2Dxe.c:1065
Tcg2SetActivePCRBanks
EFI_STATUS EFIAPI Tcg2SetActivePCRBanks(IN EFI_TCG2_PROTOCOL *This, IN UINT32 ActivePcrBanks)
Definition: Tcg2Dxe.c:1475
MeasureLaunchOfFirmwareDebugger
EFI_STATUS MeasureLaunchOfFirmwareDebugger(VOID)
Definition: Tcg2Dxe.c:2386
SetupEventLog
EFI_STATUS SetupEventLog(VOID)
Definition: Tcg2Dxe.c:1567
Tcg2HashLogExtendEvent
EFI_STATUS EFIAPI Tcg2HashLogExtendEvent(IN EFI_TCG2_PROTOCOL *This, IN UINT64 Flags, IN EFI_PHYSICAL_ADDRESS DataToHash, IN UINT64 DataToHashLen, IN EFI_TCG2_EVENT *Event)
Definition: Tcg2Dxe.c:1308
GetPcrEvent2Size
UINTN GetPcrEvent2Size(IN TCG_PCR_EVENT2 *TcgPcrEvent2)
Definition: Tcg2Dxe.c:577
MeasureAllSecureVariables
EFI_STATUS MeasureAllSecureVariables(VOID)
Definition: Tcg2Dxe.c:2301
InternalDumpHex
VOID InternalDumpHex(IN UINT8 *Data, IN UINTN Size)
Definition: Tcg2Dxe.c:252
Tcg2GetActivePCRBanks
EFI_STATUS EFIAPI Tcg2GetActivePCRBanks(IN EFI_TCG2_PROTOCOL *This, OUT UINT32 *ActivePcrBanks)
Definition: Tcg2Dxe.c:1451
ReadAndMeasureVariable
EFI_STATUS ReadAndMeasureVariable(IN TPM_PCRINDEX PCRIndex, IN TCG_EVENTTYPE EventType, IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
Definition: Tcg2Dxe.c:2129
DumpTcgEfiSpecIdEventStruct
VOID DumpTcgEfiSpecIdEventStruct(IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct)
Definition: Tcg2Dxe.c:453
Is800155Event
BOOLEAN Is800155Event(IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
Definition: Tcg2Dxe.c:806
ShutdownTpmOnReset
VOID EFIAPI ShutdownTpmOnReset(IN EFI_RESET_TYPE ResetType, IN EFI_STATUS ResetStatus, IN UINTN DataSize, IN VOID *ResetData OPTIONAL)
Definition: Tcg2Dxe.c:2660
GetProcessorsCpuLocation
EFI_STATUS GetProcessorsCpuLocation(OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf, OUT UINTN *Num)
Definition: Tcg2Dxe.c:290
TcgDxeHashLogExtendEvent
EFI_STATUS TcgDxeHashLogExtendEvent(IN UINT64 Flags, IN UINT8 *HashData, IN UINT64 HashDataLen, IN OUT TCG_PCR_EVENT_HDR *NewEventHdr, IN UINT8 *NewEventData)
Definition: Tcg2Dxe.c:1219
MeasurePeImageAndExtend
EFI_STATUS MeasurePeImageAndExtend(IN UINT32 PCRIndex, IN EFI_PHYSICAL_ADDRESS ImageAddress, IN UINTN ImageSize, OUT TPML_DIGEST_VALUES *DigestList)
Definition: MeasureBootPeCoff.c:95
MeasureSecureBootPolicy
VOID EFIAPI MeasureSecureBootPolicy(IN EFI_EVENT Event, IN VOID *Context)
Definition: Tcg2Dxe.c:2424
GetDigestListBinSize
UINT32 GetDigestListBinSize(IN VOID *DigestListBin)
Definition: Tcg2Dxe.c:1028
MeasureVariable
EFI_STATUS MeasureVariable(IN TPM_PCRINDEX PCRIndex, IN TCG_EVENTTYPE EventType, IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *VarData, IN UINTN VarSize)
Definition: Tcg2Dxe.c:2042
OnReadyToBoot
VOID EFIAPI OnReadyToBoot(IN EFI_EVENT Event, IN VOID *Context)
Definition: Tcg2Dxe.c:2467
InitNoActionEvent
VOID InitNoActionEvent(IN OUT TCG_PCR_EVENT2_HDR *NoActionEvent, IN UINT32 EventSize)
Definition: Tcg2Dxe.c:177
Tcg2GetCapability
EFI_STATUS EFIAPI Tcg2GetCapability(IN EFI_TCG2_PROTOCOL *This, IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability)
Definition: Tcg2Dxe.c:380
Tcg2SubmitCommand
EFI_STATUS EFIAPI Tcg2SubmitCommand(IN EFI_TCG2_PROTOCOL *This, IN UINT32 InputParameterBlockSize, IN UINT8 *InputParameterBlock, IN UINT32 OutputParameterBlockSize, IN UINT8 *OutputParameterBlock)
Definition: Tcg2Dxe.c:1399
DumpEventLog
VOID DumpEventLog(IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat, IN EFI_PHYSICAL_ADDRESS EventLogLocation, IN EFI_PHYSICAL_ADDRESS EventLogLastEntry, IN EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable)
Definition: Tcg2Dxe.c:619
TcgCommLogEvent
EFI_STATUS TcgCommLogEvent(IN OUT TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct, IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
Definition: Tcg2Dxe.c:846
MeasureSeparatorEvent
EFI_STATUS MeasureSeparatorEvent(IN TPM_PCRINDEX PCRIndex)
Definition: Tcg2Dxe.c:2004
OnExitBootServices
VOID EFIAPI OnExitBootServices(IN EFI_EVENT Event, IN VOID *Context)
Definition: Tcg2Dxe.c:2570
Tcg2GetEventLog
EFI_STATUS EFIAPI Tcg2GetEventLog(IN EFI_TCG2_PROTOCOL *This, IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat, OUT EFI_PHYSICAL_ADDRESS *EventLogLocation, OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry, OUT BOOLEAN *EventLogTruncated)
Definition: Tcg2Dxe.c:711
Tcg2GetResultOfSetActivePcrBanks
EFI_STATUS EFIAPI Tcg2GetResultOfSetActivePcrBanks(IN EFI_TCG2_PROTOCOL *This, OUT UINT32 *OperationPresent, OUT UINT32 *Response)
Definition: Tcg2Dxe.c:1529
DumpEvent2
VOID DumpEvent2(IN TCG_PCR_EVENT2 *TcgPcrEvent2)
Definition: Tcg2Dxe.c:522
DumpEvent
VOID DumpEvent(IN TCG_PCR_EVENT_HDR *EventHdr)
Definition: Tcg2Dxe.c:428
ReadAndMeasureBootVariable
EFI_STATUS ReadAndMeasureBootVariable(IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
Definition: Tcg2Dxe.c:2184
OnResetNotificationInstall
VOID EFIAPI OnResetNotificationInstall(IN EFI_EVENT Event, IN VOID *Context)
Definition: Tcg2Dxe.c:2683
TcgDxeLogEvent
EFI_STATUS TcgDxeLogEvent(IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat, IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
Definition: Tcg2Dxe.c:933
MeasureHandoffTables
EFI_STATUS MeasureHandoffTables(VOID)
Definition: Tcg2Dxe.c:1950
ReadAndMeasureSecureVariable
EFI_STATUS ReadAndMeasureSecureVariable(IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
Definition: Tcg2Dxe.c:2215
TcgDxeLogHashEvent
EFI_STATUS TcgDxeLogHashEvent(IN TPML_DIGEST_VALUES *DigestList, IN OUT TCG_PCR_EVENT_HDR *NewEventHdr, IN UINT8 *NewEventData)
Definition: Tcg2Dxe.c:1121
MeasureAllBootVariables
EFI_STATUS MeasureAllBootVariables(VOID)
Definition: Tcg2Dxe.c:2243
DriverEntry
EFI_STATUS EFIAPI DriverEntry(IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable)
Definition: Tcg2Dxe.c:2736
InstallTcg2
EFI_STATUS InstallTcg2(VOID)
Definition: Tcg2Dxe.c:2708
GetHashMaskFromAlgo
UINT32 GetHashMaskFromAlgo(IN TPMI_ALG_HASH HashAlgo)
Definition: TdTcg2Dxe.c:175
CopyDigestListToBuffer
VOID * CopyDigestListToBuffer(IN OUT VOID *Buffer, IN TPML_DIGEST_VALUES *DigestList, IN UINT32 HashAlgorithmMask)
Definition: TdTcg2Dxe.c:201
GetHashSizeFromAlgo
UINT16 GetHashSizeFromAlgo(IN TPMI_ALG_HASH HashAlgo)
Definition: TdTcg2Dxe.c:152
TPM_PCRINDEX
UINT32 TPM_PCRINDEX
Definition: Tpm12.h:133
IsHashAlgSupportedInHashAlgorithmMask
BOOLEAN EFIAPI IsHashAlgSupportedInHashAlgorithmMask(IN TPMI_ALG_HASH HashAlg, IN UINT32 HashAlgorithmMask)
Definition: Tpm2Help.c:208
Tpm2GetCapabilitySupportedAndActivePcrs
EFI_STATUS EFIAPI Tpm2GetCapabilitySupportedAndActivePcrs(OUT UINT32 *TpmHashAlgorithmBitmap, OUT UINT32 *ActivePcrBanks)
Definition: Tpm2Capability.c:527
Tpm2GetCapabilityFirmwareVersion
EFI_STATUS EFIAPI Tpm2GetCapabilityFirmwareVersion(OUT UINT32 *FirmwareVersion1, OUT UINT32 *FirmwareVersion2)
Definition: Tpm2Capability.c:216
Tpm2GetCapabilityMaxCommandResponseSize
EFI_STATUS EFIAPI Tpm2GetCapabilityMaxCommandResponseSize(OUT UINT32 *MaxCommandSize, OUT UINT32 *MaxResponseSize)
Definition: Tpm2Capability.c:267
Tpm2GetCapabilityManufactureID
EFI_STATUS EFIAPI Tpm2GetCapabilityManufactureID(OUT UINT32 *ManufactureId)
Definition: Tpm2Capability.c:179
Tpm2Shutdown
EFI_STATUS EFIAPI Tpm2Shutdown(IN TPM_SU ShutdownType)
Definition: Tpm2Startup.c:95
GetDigestFromDigestList
EFI_STATUS EFIAPI GetDigestFromDigestList(IN TPMI_ALG_HASH HashAlg, IN TPML_DIGEST_VALUES *DigestList, OUT VOID *Digest)
Definition: Tpm2Help.c:331
Tpm2SubmitCommand
EFI_STATUS EFIAPI Tpm2SubmitCommand(IN UINT32 InputParameterBlockSize, IN UINT8 *InputParameterBlock, IN OUT UINT32 *OutputParameterBlockSize, IN UINT8 *OutputParameterBlock)
Definition: Tpm2DeviceLibDTpm.c:66
Tpm2RequestUseTpm
EFI_STATUS EFIAPI Tpm2RequestUseTpm(VOID)
Definition: Tpm2DeviceLibDTpm.c:90
EFI_PHYSICAL_ADDRESS
UINT64 EFI_PHYSICAL_ADDRESS
Definition: UefiBaseType.h:50
EFI_STATUS
RETURN_STATUS EFI_STATUS
Definition: UefiBaseType.h:29
EFI_EVENT
VOID * EFI_EVENT
Definition: UefiBaseType.h:37
EFI_TPL
UINTN EFI_TPL
Definition: UefiBaseType.h:41
EFI_SIZE_TO_PAGES
#define EFI_SIZE_TO_PAGES(Size)
Definition: UefiBaseType.h:200
EFI_HANDLE
VOID * EFI_HANDLE
Definition: UefiBaseType.h:33
EFI_SUCCESS
#define EFI_SUCCESS
Definition: UefiBaseType.h:112
gBS
EFI_BOOT_SERVICES * gBS
Definition: UefiBootServicesTableLib.c:17
UefiDriverEntryPoint.h
GetVariable2
EFI_STATUS EFIAPI GetVariable2(IN CONST CHAR16 *Name, IN CONST EFI_GUID *Guid, OUT VOID **Value, OUT UINTN *Size OPTIONAL)
Definition: UefiLib.c:1317
EfiCreateEventReadyToBootEx
EFI_STATUS EFIAPI EfiCreateEventReadyToBootEx(IN EFI_TPL NotifyTpl, IN EFI_EVENT_NOTIFY NotifyFunction OPTIONAL, IN VOID *NotifyContext OPTIONAL, OUT EFI_EVENT *ReadyToBootEvent)
Definition: UefiNotTiano.c:164
EfiCreateProtocolNotifyEvent
EFI_EVENT EFIAPI EfiCreateProtocolNotifyEvent(IN EFI_GUID *ProtocolGuid, IN EFI_TPL NotifyTpl, IN EFI_EVENT_NOTIFY NotifyFunction, IN VOID *NotifyContext OPTIONAL, OUT VOID **Registration)
Definition: UefiLib.c:134
EfiBootServicesData
@ EfiBootServicesData
Definition: UefiMultiPhase.h:61
EfiACPIMemoryNVS
@ EfiACPIMemoryNVS
Definition: UefiMultiPhase.h:86
EFI_RESET_TYPE
EFI_RESET_TYPE
Definition: UefiMultiPhase.h:132
AllocateAnyPages
@ AllocateAnyPages
Definition: UefiSpec.h:33
TCG_PCR_EVENT_HDR
struct tdTCG_PCR_EVENT_HDR TCG_PCR_EVENT_HDR
_EFI_MP_SERVICES_PROTOCOL
Definition: MpService.h:662
_EFI_RESET_NOTIFICATION_PROTOCOL
Definition: ResetNotification.h:71
_TCG_DXE_DATA
Definition: Tcg2Dxe.c:82
_TREE_BOOT_SERVICE_CAPABILITY
Definition: TrEEProtocol.h:30
EFI_CONFIGURATION_TABLE::VendorTable
VOID * VendorTable
Definition: UefiSpec.h:2022
EFI_CONFIGURATION_TABLE::VendorGuid
EFI_GUID VendorGuid
Definition: UefiSpec.h:2018
EFI_CPU_PHYSICAL_LOCATION
Definition: MpService.h:89
EFI_PROCESSOR_INFORMATION
Definition: MpService.h:146
EFI_PROCESSOR_INFORMATION::Location
EFI_CPU_PHYSICAL_LOCATION Location
Definition: MpService.h:178
EFI_SYSTEM_TABLE
Definition: UefiSpec.h:2028
GUID
Definition: Base.h:213
TCG2_EVENT_INFO_STRUCT
Definition: Tcg2Dxe.c:59
TCG_EVENT_LOG_AREA_STRUCT
Definition: Tcg2Dxe.c:71
TCG_EfiSpecIDEventStruct
Definition: UefiTcgPlatform.h:391
TCG_EfiSpecIdEventAlgorithmSize
Definition: UefiTcgPlatform.h:367
TPML_DIGEST_VALUES
Definition: Tpm20.h:1073
VARIABLE_TYPE
Definition: Measurement.c:24
tdEFI_HANDOFF_TABLE_POINTERS
Definition: UefiTcgPlatform.h:204
tdEFI_TCG2_BOOT_SERVICE_CAPABILITY
Definition: Tcg2Protocol.h:33
tdEFI_TCG2_EVENT
Definition: Tcg2Protocol.h:130
tdEFI_TCG2_FINAL_EVENTS_TABLE
Definition: Tcg2Protocol.h:318
tdEFI_TCG2_PROTOCOL
Definition: Tcg2Protocol.h:297
tdTCG_EfiStartupLocalityEvent
Definition: UefiTcgPlatform.h:539
tdTCG_PCR_EVENT2_HDR
Definition: UefiTcgPlatform.h:357
tdTCG_PCR_EVENT2
Definition: UefiTcgPlatform.h:345
tdTCG_PCR_EVENT_HDR
Definition: UefiTcgPlatform.h:128
tdTCG_PCR_EVENT
Definition: UefiTcgPlatform.h:115
tdTCG_Sp800_155_PlatformId_Event2
Definition: UefiTcgPlatform.h:456
tdTPM_DIGEST
Definition: Tpm12.h:439
tdUEFI_VARIABLE_DATA
Definition: UefiTcgPlatform.h:257
tdUEFI_VARIABLE_DATA::VariableData
INT8 VariableData[1]
Driver or platform-specific data.
Definition: UefiTcgPlatform.h:262
EFI_PEI_HOB_POINTERS
Definition: PiHob.h:493