TianoCore EDK2 master
Loading...
Searching...
No Matches
Data Structures | Macros | Typedefs | Functions | Variables
TdTcg2Dxe.c File Reference
#include <PiDxe.h>
#include <IndustryStandard/Acpi.h>
#include <IndustryStandard/PeImage.h>
#include <IndustryStandard/TcpaAcpi.h>
#include <Guid/GlobalVariable.h>
#include <Guid/HobList.h>
#include <Guid/EventGroup.h>
#include <Guid/EventExitBootServiceFailed.h>
#include <Guid/ImageAuthentication.h>
#include <Guid/TpmInstance.h>
#include <Protocol/DevicePath.h>
#include <Protocol/MpService.h>
#include <Protocol/VariableWrite.h>
#include <Protocol/Tcg2Protocol.h>
#include <Protocol/TrEEProtocol.h>
#include <Protocol/AcpiTable.h>
#include <Library/DebugLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/UefiRuntimeServicesTableLib.h>
#include <Library/UefiDriverEntryPoint.h>
#include <Library/HobLib.h>
#include <Library/UefiBootServicesTableLib.h>
#include <Library/BaseLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/PrintLib.h>
#include <Library/PcdLib.h>
#include <Library/UefiLib.h>
#include <Library/HashLib.h>
#include <Library/PerformanceLib.h>
#include <Library/ReportStatusCodeLib.h>
#include <Library/TpmMeasurementLib.h>
#include <Protocol/CcMeasurement.h>
#include <Guid/CcEventHob.h>
#include <Library/TdxLib.h>

Go to the source code of this file.

Data Structures

struct  VARIABLE_TYPE
 
struct  CC_EVENT_INFO_STRUCT
 
struct  CC_EVENT_LOG_AREA_STRUCT
 
struct  _TDX_DXE_DATA
 
struct  TDX_HASH_INFO
 

Macros

#define PERF_ID_CC_TCG2_DXE   0x3130
 
#define CC_EVENT_LOG_AREA_COUNT_MAX   1
 
#define CC_MR_INDEX_0_MRTD   0
 
#define CC_MR_INDEX_1_RTMR0   1
 
#define CC_MR_INDEX_2_RTMR1   2
 
#define CC_MR_INDEX_3_RTMR2   3
 
#define CC_MR_INDEX_INVALID   4
 
#define COLUME_SIZE   (16 * 2)
 
#define TD_HASH_COUNT   1
 
#define TEMP_BUF_LEN
 

Typedefs

typedef struct _TDX_DXE_DATA TDX_DXE_DATA
 

Functions

UINT16 GetHashSizeFromAlgo (IN TPMI_ALG_HASH HashAlgo)
 
UINT32 GetHashMaskFromAlgo (IN TPMI_ALG_HASH HashAlgo)
 
VOID * CopyDigestListToBuffer (IN OUT VOID *Buffer, IN TPML_DIGEST_VALUES *DigestList, IN UINT32 HashAlgorithmMask)
 
EFI_STATUS MeasurePeImageAndExtend (IN UINT32 RtmrIndex, IN EFI_PHYSICAL_ADDRESS ImageAddress, IN UINTN ImageSize, OUT TPML_DIGEST_VALUES *DigestList)
 
VOID InternalDumpData (IN UINT8 *Data, IN UINTN Size)
 
VOID InternalDumpHex (IN UINT8 *Data, IN UINTN Size)
 
VOID InitNoActionEvent (IN OUT CC_EVENT_HDR *NoActionEvent, IN UINT32 EventSize)
 
EFI_STATUS GetProcessorsCpuLocation (OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf, OUT UINTN *Num)
 
EFI_STATUS EFIAPI TdGetCapability (IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability)
 
VOID DumpPcrEvent (IN TCG_PCR_EVENT_HDR *EventHdr)
 
VOID DumpTcgEfiSpecIdEventStruct (IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct)
 
UINTN GetTcgEfiSpecIdEventStructSize (IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct)
 
VOID DumpCcEvent (IN CC_EVENT *CcEvent)
 
UINTN GetCcEventSize (IN CC_EVENT *CcEvent)
 
VOID DumpCcEventLog (IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat, IN EFI_PHYSICAL_ADDRESS EventLogLocation, IN EFI_PHYSICAL_ADDRESS EventLogLastEntry, IN EFI_CC_FINAL_EVENTS_TABLE *FinalEventsTable)
 
EFI_STATUS EFIAPI TdGetEventLog (IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat, OUT EFI_PHYSICAL_ADDRESS *EventLogLocation, OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry, OUT BOOLEAN *EventLogTruncated)
 
BOOLEAN Is800155Event (IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
 
EFI_STATUS TcgCommLogEvent (IN OUT CC_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct, IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
 
UINT32 EFIAPI MapPcrToMrIndex (IN UINT32 PCRIndex)
 
EFI_STATUS EFIAPI TdMapPcrToMrIndex (IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN UINT32 PCRIndex, OUT UINT32 *MrIndex)
 
EFI_STATUS TdxDxeLogEvent (IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat, IN VOID *NewEventHdr, IN UINT32 NewEventHdrSize, IN UINT8 *NewEventData, IN UINT32 NewEventSize)
 
UINT32 GetDigestListBinSize (IN VOID *DigestListBin)
 
VOID * CopyDigestListBinToBuffer (IN OUT VOID *Buffer, IN VOID *DigestListBin, IN UINT32 HashAlgorithmMask, OUT UINT32 *HashAlgorithmMaskCopied)
 
EFI_STATUS TdxDxeLogHashEvent (IN TPML_DIGEST_VALUES *DigestList, IN OUT CC_EVENT_HDR *NewEventHdr, IN UINT8 *NewEventData)
 
EFI_STATUS TdxDxeHashLogExtendEvent (IN UINT64 Flags, IN UINT8 *HashData, IN UINT64 HashDataLen, IN OUT CC_EVENT_HDR *NewEventHdr, IN UINT8 *NewEventData)
 
EFI_STATUS EFIAPI TdHashLogExtendEvent (IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN UINT64 Flags, IN EFI_PHYSICAL_ADDRESS DataToHash, IN UINT64 DataToHashLen, IN EFI_CC_EVENT *CcEvent)
 
EFI_STATUS SetupCcEventLog (VOID)
 
EFI_STATUS TdMeasureAction (IN UINT32 MrIndex, IN CHAR8 *String)
 
EFI_STATUS MeasureHandoffTables (VOID)
 
EFI_STATUS MeasureSeparatorEvent (IN UINT32 MrIndex)
 
EFI_STATUS MeasureVariable (IN UINT32 MrIndex, IN TCG_EVENTTYPE EventType, IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, IN VOID *VarData, IN UINTN VarSize)
 
EFI_STATUS ReadAndMeasureVariable (IN UINT32 MrIndex, IN TCG_EVENTTYPE EventType, IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
 
EFI_STATUS ReadAndMeasureBootVariable (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
 
EFI_STATUS ReadAndMeasureSecureVariable (IN CHAR16 *VarName, IN EFI_GUID *VendorGuid, OUT UINTN *VarSize, OUT VOID **VarData)
 
EFI_STATUS MeasureAllBootVariables (VOID)
 
EFI_STATUS MeasureAllSecureVariables (VOID)
 
EFI_STATUS MeasureLaunchOfFirmwareDebugger (VOID)
 
VOID EFIAPI MeasureSecureBootPolicy (IN EFI_EVENT Event, IN VOID *Context)
 
VOID EFIAPI OnReadyToBoot (IN EFI_EVENT Event, IN VOID *Context)
 
VOID EFIAPI OnExitBootServices (IN EFI_EVENT Event, IN VOID *Context)
 
VOID EFIAPI OnExitBootServicesFailed (IN EFI_EVENT Event, IN VOID *Context)
 
EFI_STATUS SyncCcEvent (VOID)
 
VOID EFIAPI InstallAcpiTable (IN EFI_EVENT Event, IN VOID *Context)
 
EFI_STATUS InstallCcMeasurementProtocol (VOID)
 
EFI_STATUS EFIAPI DriverEntry (IN EFI_HANDLE ImageHandle, IN EFI_SYSTEM_TABLE *SystemTable)
 

Variables

CC_EVENT_INFO_STRUCT mCcEventInfo []
 
TDX_DXE_DATA mTdxDxeData
 
UINTN mBootAttempts = 0
 
CHAR16 mBootVarName [] = L"BootOrder"
 
VARIABLE_TYPE mVariableType []
 
EFI_CC_EVENTLOG_ACPI_TABLE mTdxEventlogAcpiTemplate
 
TDX_HASH_INFO mHashInfo []
 
EFI_HANDLE mImageHandle
 
EFI_CC_MEASUREMENT_PROTOCOL mTdProtocol
 

Detailed Description

This module implements EFI TD Protocol.

Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file TdTcg2Dxe.c.

Macro Definition Documentation

◆ CC_EVENT_LOG_AREA_COUNT_MAX

#define CC_EVENT_LOG_AREA_COUNT_MAX   1

Definition at line 50 of file TdTcg2Dxe.c.

◆ CC_MR_INDEX_0_MRTD

#define CC_MR_INDEX_0_MRTD   0

Definition at line 51 of file TdTcg2Dxe.c.

◆ CC_MR_INDEX_1_RTMR0

#define CC_MR_INDEX_1_RTMR0   1

Definition at line 52 of file TdTcg2Dxe.c.

◆ CC_MR_INDEX_2_RTMR1

#define CC_MR_INDEX_2_RTMR1   2

Definition at line 53 of file TdTcg2Dxe.c.

◆ CC_MR_INDEX_3_RTMR2

#define CC_MR_INDEX_3_RTMR2   3

Definition at line 54 of file TdTcg2Dxe.c.

◆ CC_MR_INDEX_INVALID

#define CC_MR_INDEX_INVALID   4

Definition at line 55 of file TdTcg2Dxe.c.

◆ COLUME_SIZE

#define COLUME_SIZE   (16 * 2)

Definition at line 263 of file TdTcg2Dxe.c.

◆ PERF_ID_CC_TCG2_DXE

#define PERF_ID_CC_TCG2_DXE   0x3130

Definition at line 48 of file TdTcg2Dxe.c.

◆ TD_HASH_COUNT

#define TD_HASH_COUNT   1

Definition at line 1413 of file TdTcg2Dxe.c.

◆ TEMP_BUF_LEN

#define TEMP_BUF_LEN
Value:
(sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) \
+ (TD_HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8))
TCG_EfiSpecIDEventStruct
Definition: UefiTcgPlatform.h:391
TCG_EfiSpecIdEventAlgorithmSize
Definition: UefiTcgPlatform.h:367

Definition at line 1414 of file TdTcg2Dxe.c.

Function Documentation

◆ CopyDigestListBinToBuffer()

VOID * CopyDigestListBinToBuffer ( IN OUT VOID *  Buffer,
IN VOID *  DigestListBin,
IN UINT32  HashAlgorithmMask,
OUT UINT32 *  HashAlgorithmMaskCopied 
)

Copy TPML_DIGEST_VALUES compact binary into a buffer

Parameters
[in,out]BufferBuffer to hold copied TPML_DIGEST_VALUES compact binary.
[in]DigestListBinTPML_DIGEST_VALUES compact binary buffer.
[in]HashAlgorithmMaskHASH bits corresponding to the desired digests to copy.
[out]HashAlgorithmMaskCopiedPointer to HASH bits corresponding to the digests copied.
Returns
The end of buffer to hold TPML_DIGEST_VALUES compact binary.

Definition at line 1140 of file TdTcg2Dxe.c.

◆ CopyDigestListToBuffer()

VOID * CopyDigestListToBuffer ( IN OUT VOID *  Buffer,
IN TPML_DIGEST_VALUES DigestList,
IN UINT32  HashAlgorithmMask 
)

Copy TPML_DIGEST_VALUES into a buffer

Parameters
[in,out]BufferBuffer to hold copied TPML_DIGEST_VALUES compact binary.
[in]DigestListTPML_DIGEST_VALUES to be copied.
[in]HashAlgorithmMaskHASH bits corresponding to the desired digests to copy.
Returns
The end of buffer to hold TPML_DIGEST_VALUES.

Definition at line 201 of file TdTcg2Dxe.c.

◆ DriverEntry()

EFI_STATUS EFIAPI DriverEntry ( IN EFI_HANDLE  ImageHandle,
IN EFI_SYSTEM_TABLE SystemTable 
)

The driver's entry point. It publishes EFI Tcg2 Protocol.

Parameters
[in]ImageHandleThe firmware allocated handle for the EFI image.
[in]SystemTableA pointer to the EFI System Table.
Return values
EFI_SUCCESSThe entry point is executed successfully.
otherSome error occurs when executing this entry point.

Definition at line 2427 of file TdTcg2Dxe.c.

◆ DumpCcEvent()

VOID DumpCcEvent ( IN CC_EVENT CcEvent)

This function dump TD Event (including the Digests).

Parameters
[in]CcEventTD Event structure.

Definition at line 589 of file TdTcg2Dxe.c.

◆ DumpCcEventLog()

VOID DumpCcEventLog ( IN EFI_CC_EVENT_LOG_FORMAT  EventLogFormat,
IN EFI_PHYSICAL_ADDRESS  EventLogLocation,
IN EFI_PHYSICAL_ADDRESS  EventLogLastEntry,
IN EFI_CC_FINAL_EVENTS_TABLE FinalEventsTable 
)

This function dump CC event log. TDVF only supports EFI_CC_EVENT_LOG_FORMAT_TCG_2

Parameters
[in]EventLogFormatThe type of the event log for which the information is requested.
[in]EventLogLocationA pointer to the memory address of the event log.
[in]EventLogLastEntryIf the Event Log contains more than one entry, this is a pointer to the address of the start of the last entry in the event log in memory.
[in]FinalEventsTableA pointer to the memory address of the final event table.

Definition at line 681 of file TdTcg2Dxe.c.

◆ DumpPcrEvent()

VOID DumpPcrEvent ( IN TCG_PCR_EVENT_HDR EventHdr)

This function dump PCR event. TD Event log reuse the TCG PCR Event spec. The first event in the event log is the SHA1 log format. There is only ONE TCG_PCR_EVENT in TD Event log.

Parameters
[in]EventHdrTCG PCR event structure.

Definition at line 495 of file TdTcg2Dxe.c.

◆ DumpTcgEfiSpecIdEventStruct()

VOID DumpTcgEfiSpecIdEventStruct ( IN TCG_EfiSpecIDEventStruct TcgEfiSpecIdEventStruct)

This function dump TCG_EfiSpecIDEventStruct.

Parameters
[in]TcgEfiSpecIdEventStructA pointer to TCG_EfiSpecIDEventStruct.

Definition at line 520 of file TdTcg2Dxe.c.

◆ GetCcEventSize()

UINTN GetCcEventSize ( IN CC_EVENT CcEvent)

This function returns size of Td Table event.

Parameters
[in]CcEventTd Table event structure.
Returns
size of Td event.

Definition at line 638 of file TdTcg2Dxe.c.

◆ GetDigestListBinSize()

UINT32 GetDigestListBinSize ( IN VOID *  DigestListBin)

Get TPML_DIGEST_VALUES compact binary buffer size.

Parameters
[in]DigestListBinTPML_DIGEST_VALUES compact binary buffer.
Returns
TPML_DIGEST_VALUES compact binary buffer size.

Definition at line 1103 of file TdTcg2Dxe.c.

◆ GetHashMaskFromAlgo()

UINT32 GetHashMaskFromAlgo ( IN TPMI_ALG_HASH  HashAlgo)

Get hash mask based on Algo

Parameters
[in]HashAlgoHash Algorithm Id.
Returns
Hash mask.

Definition at line 175 of file TdTcg2Dxe.c.

◆ GetHashSizeFromAlgo()

UINT16 GetHashSizeFromAlgo ( IN TPMI_ALG_HASH  HashAlgo)

Get hash size based on Algo

Parameters
[in]HashAlgoHash Algorithm Id.
Returns
Size of the hash.

Definition at line 152 of file TdTcg2Dxe.c.

◆ GetProcessorsCpuLocation()

EFI_STATUS GetProcessorsCpuLocation ( OUT EFI_CPU_PHYSICAL_LOCATION **  LocationBuf,
OUT UINTN Num 
)

Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function Caller is responsible to free LocationBuf.

Parameters
[out]LocationBufReturns Processor Location Buffer.
[out]NumReturns processor number.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_UNSUPPORTEDMpService protocol not found.

Definition at line 380 of file TdTcg2Dxe.c.

◆ GetTcgEfiSpecIdEventStructSize()

UINTN GetTcgEfiSpecIdEventStructSize ( IN TCG_EfiSpecIDEventStruct TcgEfiSpecIdEventStruct)

This function get size of TCG_EfiSpecIDEventStruct.

Parameters
[in]TcgEfiSpecIdEventStructA pointer to TCG_EfiSpecIDEventStruct.

Definition at line 568 of file TdTcg2Dxe.c.

◆ InitNoActionEvent()

VOID InitNoActionEvent ( IN OUT CC_EVENT_HDR NoActionEvent,
IN UINT32  EventSize 
)

This function initialize TD_EVENT_HDR for EV_NO_ACTION Event Type other than EFI Specification ID event. The behavior is defined by TCG PC Client PFP Spec. Section 9.3.4 EV_NO_ACTION Event Types

Parameters
[in,out]NoActionEventEvent Header of EV_NO_ACTION Event
[in]EventSizeEvent Size of the EV_NO_ACTION Event

Definition at line 330 of file TdTcg2Dxe.c.

◆ InstallAcpiTable()

VOID EFIAPI InstallAcpiTable ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

Install TDVF ACPI Table when ACPI Table Protocol is available.

Parameters
[in]EventEvent whose notification function is being invoked
[in]ContextPointer to the notification function's context

Definition at line 2355 of file TdTcg2Dxe.c.

◆ InstallCcMeasurementProtocol()

EFI_STATUS InstallCcMeasurementProtocol ( VOID  )

The function install TdTcg2 protocol.

Return values
EFI_SUCCESSTdTcg2 protocol is installed.
otherSome error occurs.

Definition at line 2398 of file TdTcg2Dxe.c.

◆ InternalDumpData()

VOID InternalDumpData ( IN UINT8 *  Data,
IN UINTN  Size 
)

This function dump raw data.

Parameters
Dataraw data
Sizeraw data size

Definition at line 274 of file TdTcg2Dxe.c.

◆ InternalDumpHex()

VOID InternalDumpHex ( IN UINT8 *  Data,
IN UINTN  Size 
)

This function dump raw data with colume format.

Parameters
Dataraw data
Sizeraw data size

Definition at line 295 of file TdTcg2Dxe.c.

◆ Is800155Event()

BOOLEAN Is800155Event ( IN VOID *  NewEventHdr,
IN UINT32  NewEventHdrSize,
IN UINT8 *  NewEventData,
IN UINT32  NewEventSize 
)

Return if this is a Tcg800155PlatformIdEvent.

Parameters
[in]NewEventHdrPointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
[in]NewEventHdrSizeNew event header size.
[in]NewEventDataPointer to the new event data.
[in]NewEventSizeNew event data size.
Return values
TRUEThis is a Tcg800155PlatformIdEvent.
FALSEThis is NOT a Tcg800155PlatformIdEvent.

Definition at line 814 of file TdTcg2Dxe.c.

◆ MapPcrToMrIndex()

UINT32 EFIAPI MapPcrToMrIndex ( IN UINT32  PCRIndex)

According to UEFI Spec 2.10 Section 38.4.1: The following table shows the TPM PCR index mapping and CC event log measurement register index interpretation for Intel TDX, where MRTD means Trust Domain Measurement Register and RTMR means Runtime Measurement Register

TPM PCR Index | CC Measurement Register Index | TDX-measurement register

0 | 0 | MRTD 1, 7 | 1 | RTMR[0] 2~6 | 2 | RTMR[1] 8~15 | 3 | RTMR[2]

Parameters
[in]PCRIndexIndex of the TPM PCR
Return values
UINT32Index of the CC Event Log Measurement Register Index
CC_MR_INDEX_INVALIDInvalid MR Index

Definition at line 955 of file TdTcg2Dxe.c.

◆ MeasureAllBootVariables()

EFI_STATUS MeasureAllBootVariables ( VOID  )

Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.

The EFI boot variables are BootOrder and Boot#### variables.

Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1932 of file TdTcg2Dxe.c.

◆ MeasureAllSecureVariables()

EFI_STATUS MeasureAllSecureVariables ( VOID  )

Measure and log all EFI Secure variables, and extend the measurement result into a specific PCR.

The EFI boot variables are BootOrder and Boot#### variables.

Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1990 of file TdTcg2Dxe.c.

◆ MeasureHandoffTables()

EFI_STATUS MeasureHandoffTables ( VOID  )

Measure and log EFI handoff tables, and extend the measurement result into PCR[1].

Return values
EFI_SUCCESSOperation completed successfully.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1638 of file TdTcg2Dxe.c.

◆ MeasureLaunchOfFirmwareDebugger()

EFI_STATUS MeasureLaunchOfFirmwareDebugger ( VOID  )

Measure and log launch of FirmwareDebugger, and extend the measurement result into a specific PCR.

Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 2044 of file TdTcg2Dxe.c.

◆ MeasurePeImageAndExtend()

EFI_STATUS MeasurePeImageAndExtend ( IN UINT32  PCRIndex,
IN EFI_PHYSICAL_ADDRESS  ImageAddress,
IN UINTN  ImageSize,
OUT TPML_DIGEST_VALUES DigestList 
)

Measure PE image into TPM log based on the authenticode image hashing in PE/COFF Specification 8.0 Appendix A.

Caution: This function may receive untrusted input. PE/COFF image is external input, so this function will validate its data structure within this image buffer before use.

Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().

Parameters
[in]RtmrIndexRTMR index
[in]ImageAddressStart address of image buffer.
[in]ImageSizeImage size
[out]DigestListDigest list of this image.
Return values
EFI_SUCCESSSuccessfully measure image.
EFI_OUT_OF_RESOURCESNo enough resource to measure image.
othererror value

Measure PE image into TPM log based on the authenticode image hashing in PE/COFF Specification 8.0 Appendix A.

Caution: This function may receive untrusted input. PE/COFF image is external input, so this function will validate its data structure within this image buffer before use.

Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().

Parameters
[in]RtmrIndexRtmr index
[in]ImageAddressStart address of image buffer.
[in]ImageSizeImage size
[out]DigestListDigest list of this image.
Return values
EFI_SUCCESSSuccessfully measure image.
EFI_OUT_OF_RESOURCESNo enough resource to measure image.
othererror value

Measure PE image into TPM log based on the authenticode image hashing in PE/COFF Specification 8.0 Appendix A.

Caution: This function may receive untrusted input. PE/COFF image is external input, so this function will validate its data structure within this image buffer before use.

Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().

Parameters
[in]PCRIndexTPM PCR index
[in]ImageAddressStart address of image buffer.
[in]ImageSizeImage size
[out]DigestListDigest list of this image.
Return values
EFI_SUCCESSSuccessfully measure image.
EFI_OUT_OF_RESOURCESNo enough resource to measure image.
othererror value

Definition at line 95 of file MeasureBootPeCoff.c.

◆ MeasureSecureBootPolicy()

VOID EFIAPI MeasureSecureBootPolicy ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

Measure and log all Secure Boot Policy, and extend the measurement result into a specific PCR.

Platform firmware adhering to the policy must therefore measure the following values into PCR[7]: (in order listed)

  • The contents of the SecureBoot variable
  • The contents of the PK variable
  • The contents of the KEK variable
  • The contents of the EFI_IMAGE_SECURITY_DATABASE variable
  • The contents of the EFI_IMAGE_SECURITY_DATABASE1 variable
  • Separator
  • Entries in the EFI_IMAGE_SECURITY_DATABASE that are used to validate EFI Drivers or EFI Boot Applications in the boot path

NOTE: Because of the above, UEFI variables PK, KEK, EFI_IMAGE_SECURITY_DATABASE, EFI_IMAGE_SECURITY_DATABASE1 and SecureBoot SHALL NOT be measured into PCR[3].

Parameters
[in]EventEvent whose notification function is being invoked
[in]ContextPointer to the notification function's context

Definition at line 2082 of file TdTcg2Dxe.c.

◆ MeasureSeparatorEvent()

EFI_STATUS MeasureSeparatorEvent ( IN UINT32  MrIndex)

Measure and log Separator event, and extend the measurement result into a specific PCR.

Parameters
[in]PCRIndexPCR index.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1692 of file TdTcg2Dxe.c.

◆ MeasureVariable()

EFI_STATUS MeasureVariable ( IN UINT32  MrIndex,
IN TCG_EVENTTYPE  EventType,
IN CHAR16 *  VarName,
IN EFI_GUID VendorGuid,
IN VOID *  VarData,
IN UINTN  VarSize 
)

Measure and log an EFI variable, and extend the measurement result into a specific RTMR.

Parameters
[in]MrIndexRTMR Index.
[in]EventTypeEvent type.
[in]VarNameA Null-terminated string that is the name of the vendor's variable.
[in]VendorGuidA unique identifier for the vendor.
[in]VarDataThe content of the variable data.
[in]VarSizeThe size of the variable data.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1731 of file TdTcg2Dxe.c.

◆ OnExitBootServices()

VOID EFIAPI OnExitBootServices ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

Exit Boot Services Event notification handler.

Measure invocation and success of ExitBootServices.

Parameters
[in]EventEvent whose notification function is being invoked
[in]ContextPointer to the notification function's context

Definition at line 2231 of file TdTcg2Dxe.c.

◆ OnExitBootServicesFailed()

VOID EFIAPI OnExitBootServicesFailed ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

Exit Boot Services Failed Event notification handler.

Measure Failure of ExitBootServices.

Parameters
[in]EventEvent whose notification function is being invoked
[in]ContextPointer to the notification function's context

Definition at line 2272 of file TdTcg2Dxe.c.

◆ OnReadyToBoot()

VOID EFIAPI OnReadyToBoot ( IN EFI_EVENT  Event,
IN VOID *  Context 
)

Ready to Boot Event notification handler.

Sequence of OS boot events is measured in this event notification handler.

Parameters
[in]EventEvent whose notification function is being invoked
[in]ContextPointer to the notification function's context

Definition at line 2125 of file TdTcg2Dxe.c.

◆ ReadAndMeasureBootVariable()

EFI_STATUS ReadAndMeasureBootVariable ( IN CHAR16 *  VarName,
IN EFI_GUID VendorGuid,
OUT UINTN VarSize,
OUT VOID **  VarData 
)

Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[1]. according to TCG PC Client PFP spec 0021 Section 2.4.4.2

Parameters
[in]VarNameA Null-terminated string that is the name of the vendor's variable.
[in]VendorGuidA unique identifier for the vendor.
[out]VarSizeThe size of the variable data.
[out]VarDataPointer to the content of the variable.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1873 of file TdTcg2Dxe.c.

◆ ReadAndMeasureSecureVariable()

EFI_STATUS ReadAndMeasureSecureVariable ( IN CHAR16 *  VarName,
IN EFI_GUID VendorGuid,
OUT UINTN VarSize,
OUT VOID **  VarData 
)

Read then Measure and log an EFI Secure variable, and extend the measurement result into PCR[7].

Parameters
[in]VarNameA Null-terminated string that is the name of the vendor's variable.
[in]VendorGuidA unique identifier for the vendor.
[out]VarSizeThe size of the variable data.
[out]VarDataPointer to the content of the variable.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1904 of file TdTcg2Dxe.c.

◆ ReadAndMeasureVariable()

EFI_STATUS ReadAndMeasureVariable ( IN UINT32  MrIndex,
IN TCG_EVENTTYPE  EventType,
IN CHAR16 *  VarName,
IN EFI_GUID VendorGuid,
OUT UINTN VarSize,
OUT VOID **  VarData 
)

Read then Measure and log an EFI variable, and extend the measurement result into a specific RTMR.

Parameters
[in]MrIndexRTMR Index.
[in]EventTypeEvent type.
[in]VarNameA Null-terminated string that is the name of the vendor's variable.
[in]VendorGuidA unique identifier for the vendor.
[out]VarSizeThe size of the variable data.
[out]VarDataPointer to the content of the variable.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1818 of file TdTcg2Dxe.c.

◆ SetupCcEventLog()

EFI_STATUS SetupCcEventLog ( VOID  )

Initialize the TD Event Log and log events passed from the PEI phase.

Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESOut of memory.

Definition at line 1425 of file TdTcg2Dxe.c.

◆ SyncCcEvent()

EFI_STATUS SyncCcEvent ( VOID  )

Definition at line 2292 of file TdTcg2Dxe.c.

◆ TcgCommLogEvent()

EFI_STATUS TcgCommLogEvent ( IN OUT CC_EVENT_LOG_AREA_STRUCT EventLogAreaStruct,
IN VOID *  NewEventHdr,
IN UINT32  NewEventHdrSize,
IN UINT8 *  NewEventData,
IN UINT32  NewEventSize 
)

Add a new entry to the Event Log.

Parameters
[in,out]EventLogAreaStructThe event log area data structure
[in]NewEventHdrPointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
[in]NewEventHdrSizeNew event header size.
[in]NewEventDataPointer to the new event data.
[in]NewEventSizeNew event data size.
Return values
EFI_SUCCESSThe new event log entry was added.
EFI_OUT_OF_RESOURCESNo enough memory to log the new event.

Definition at line 854 of file TdTcg2Dxe.c.

◆ TdGetCapability()

EFI_STATUS EFIAPI TdGetCapability ( IN EFI_CC_MEASUREMENT_PROTOCOL This,
IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY ProtocolCapability 
)

The EFI_CC_MEASUREMENT_PROTOCOL GetCapability function call provides protocol capability information and state information.

Parameters
[in]ThisIndicates the calling context
[in,out]ProtocolCapabilityThe caller allocates memory for a EFI_CC_BOOT_SERVICE_CAPABILITY structure and sets the size field to the size of the structure allocated. The callee fills in the fields with the EFI protocol capability information and the current EFI TCG2 state information up to the number of fields which fit within the size of the structure passed in.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_DEVICE_ERRORThe command was unsuccessful. The ProtocolCapability variable will not be populated.
EFI_INVALID_PARAMETEROne or more of the parameters are incorrect. The ProtocolCapability variable will not be populated.
EFI_BUFFER_TOO_SMALLThe ProtocolCapability variable is too small to hold the full response. It will be partially populated (required Size field will be set).

Definition at line 470 of file TdTcg2Dxe.c.

◆ TdGetEventLog()

EFI_STATUS EFIAPI TdGetEventLog ( IN EFI_CC_MEASUREMENT_PROTOCOL This,
IN EFI_CC_EVENT_LOG_FORMAT  EventLogFormat,
OUT EFI_PHYSICAL_ADDRESS EventLogLocation,
OUT EFI_PHYSICAL_ADDRESS EventLogLastEntry,
OUT BOOLEAN *  EventLogTruncated 
)

The EFI_CC_MEASUREMENT_PROTOCOL Get Event Log function call allows a caller to retrieve the address of a given event log and its last entry.

Parameters
[in]ThisIndicates the calling context
[in]EventLogFormatThe type of the event log for which the information is requested.
[out]EventLogLocationA pointer to the memory address of the event log.
[out]EventLogLastEntryIf the Event Log contains more than one entry, this is a pointer to the address of the start of the last entry in the event log in memory.
[out]EventLogTruncatedIf the Event Log is missing at least one entry because an event would have exceeded the area allocated for events, this value is set to TRUE. Otherwise, the value will be FALSE and the Event Log will be complete.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_INVALID_PARAMETEROne or more of the parameters are incorrect (e.g. asking for an event log whose format is not supported).

Definition at line 752 of file TdTcg2Dxe.c.

◆ TdHashLogExtendEvent()

EFI_STATUS EFIAPI TdHashLogExtendEvent ( IN EFI_CC_MEASUREMENT_PROTOCOL This,
IN UINT64  Flags,
IN EFI_PHYSICAL_ADDRESS  DataToHash,
IN UINT64  DataToHashLen,
IN EFI_CC_EVENT CcEvent 
)

The EFI_CC_MEASUREMENT_PROTOCOL HashLogExtendEvent function call provides callers with an opportunity to extend and optionally log events without requiring knowledge of actual TPM commands. The extend operation will occur even if this function cannot create an event log entry (e.g. due to the event log being full).

Parameters
[in]ThisIndicates the calling context
[in]FlagsBitmap providing additional information.
[in]DataToHashPhysical address of the start of the data buffer to be hashed.
[in]DataToHashLenThe length in bytes of the buffer referenced by DataToHash.
[in]EventPointer to data buffer containing information about the event.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_DEVICE_ERRORThe command was unsuccessful.
EFI_VOLUME_FULLThe extend operation occurred, but the event could not be written to one or more event logs.
EFI_INVALID_PARAMETEROne or more of the parameters are incorrect.
EFI_UNSUPPORTEDThe PE/COFF image type is not supported.

Definition at line 1330 of file TdTcg2Dxe.c.

◆ TdMapPcrToMrIndex()

EFI_STATUS EFIAPI TdMapPcrToMrIndex ( IN EFI_CC_MEASUREMENT_PROTOCOL This,
IN UINT32  PCRIndex,
OUT UINT32 *  MrIndex 
)

Definition at line 982 of file TdTcg2Dxe.c.

◆ TdMeasureAction()

EFI_STATUS TdMeasureAction ( IN UINT32  MrIndex,
IN CHAR8 *  String 
)

Measure and log an action string, and extend the measurement result into RTMR.

Parameters
[in]MrIndexMrIndex to extend
[in]StringA specific string that indicates an Action event.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_DEVICE_ERRORThe operation was unsuccessful.

Definition at line 1611 of file TdTcg2Dxe.c.

◆ TdxDxeHashLogExtendEvent()

EFI_STATUS TdxDxeHashLogExtendEvent ( IN UINT64  Flags,
IN UINT8 *  HashData,
IN UINT64  HashDataLen,
IN OUT CC_EVENT_HDR NewEventHdr,
IN UINT8 *  NewEventData 
)

Do a hash operation on a data buffer, extend a specific RTMR with the hash result, and add an entry to the Event Log.

Parameters
[in]FlagsBitmap providing additional information.
[in]HashDataPhysical address of the start of the data buffer to be hashed, extended, and logged.
[in]HashDataLenThe length, in bytes, of the buffer referenced by HashData
[in,out]NewEventHdrPointer to a TD_EVENT_HDR data structure.
[in]NewEventDataPointer to the new event data.
Return values
EFI_SUCCESSOperation completed successfully.
EFI_OUT_OF_RESOURCESNo enough memory to log the new event.
EFI_DEVICE_ERRORThe command was unsuccessful.

Definition at line 1261 of file TdTcg2Dxe.c.

◆ TdxDxeLogEvent()

EFI_STATUS TdxDxeLogEvent ( IN EFI_CC_EVENT_LOG_FORMAT  EventLogFormat,
IN VOID *  NewEventHdr,
IN UINT32  NewEventHdrSize,
IN UINT8 *  NewEventData,
IN UINT32  NewEventSize 
)

Add a new entry to the Event Log.

Parameters
[in]EventLogFormatThe type of the event log for which the information is requested.
[in]NewEventHdrPointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
[in]NewEventHdrSizeNew event header size.
[in]NewEventDataPointer to the new event data.
[in]NewEventSizeNew event data size.
Return values
EFI_SUCCESSThe new event log entry was added.
EFI_OUT_OF_RESOURCESNo enough memory to log the new event.

Definition at line 1011 of file TdTcg2Dxe.c.

◆ TdxDxeLogHashEvent()

EFI_STATUS TdxDxeLogHashEvent ( IN TPML_DIGEST_VALUES DigestList,
IN OUT CC_EVENT_HDR NewEventHdr,
IN UINT8 *  NewEventData 
)

Add a new entry to the Event Log. The call chain is like below: TdxDxeLogHashEvent -> TdxDxeLogEvent -> TcgCommonLogEvent

Before this function is called, the event information (including the digest) is ready.

Parameters
[in]DigestListA list of digest.
[in,out]NewEventHdrPointer to a TD_EVENT_HDR data structure.
[in]NewEventDataPointer to the new event data.
Return values
EFI_SUCCESSThe new event log entry was added.
EFI_OUT_OF_RESOURCESNo enough memory to log the new event.

Definition at line 1200 of file TdTcg2Dxe.c.

Variable Documentation

◆ mBootAttempts

UINTN mBootAttempts = 0

Definition at line 109 of file TdTcg2Dxe.c.

◆ mBootVarName

CHAR16 mBootVarName[] = L"BootOrder"

Definition at line 110 of file TdTcg2Dxe.c.

◆ mCcEventInfo

CC_EVENT_INFO_STRUCT mCcEventInfo[]
Initial value:
= {
{ &gCcEventEntryHobGuid, EFI_CC_EVENT_LOG_FORMAT_TCG_2 },
}

Definition at line 94 of file TdTcg2Dxe.c.

◆ mHashInfo

TDX_HASH_INFO mHashInfo[]
Initial value:
= {
{ TPM_ALG_SHA384, SHA384_DIGEST_SIZE, HASH_ALG_SHA384 }
}
SHA384_DIGEST_SIZE
#define SHA384_DIGEST_SIZE
Definition: BaseCryptLib.h:49

Definition at line 140 of file TdTcg2Dxe.c.

◆ mImageHandle

EFI_HANDLE mImageHandle

Definition at line 234 of file TdTcg2Dxe.c.

◆ mTdProtocol

EFI_CC_MEASUREMENT_PROTOCOL mTdProtocol
Initial value:
= {
TdGetCapability,
TdGetEventLog,
TdHashLogExtendEvent,
TdMapPcrToMrIndex,
}
TdGetEventLog
EFI_STATUS EFIAPI TdGetEventLog(IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat, OUT EFI_PHYSICAL_ADDRESS *EventLogLocation, OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry, OUT BOOLEAN *EventLogTruncated)
Definition: TdTcg2Dxe.c:752
TdHashLogExtendEvent
EFI_STATUS EFIAPI TdHashLogExtendEvent(IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN UINT64 Flags, IN EFI_PHYSICAL_ADDRESS DataToHash, IN UINT64 DataToHashLen, IN EFI_CC_EVENT *CcEvent)
Definition: TdTcg2Dxe.c:1330
TdGetCapability
EFI_STATUS EFIAPI TdGetCapability(IN EFI_CC_MEASUREMENT_PROTOCOL *This, IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability)
Definition: TdTcg2Dxe.c:470

Definition at line 1406 of file TdTcg2Dxe.c.

◆ mTdxDxeData

TDX_DXE_DATA mTdxDxeData
Initial value:
= {
{
sizeof (EFI_CC_BOOT_SERVICE_CAPABILITY),
{ 1, 1 },
{ 1, 1 },
EFI_CC_BOOT_HASH_ALG_SHA384,
EFI_CC_EVENT_LOG_FORMAT_TCG_2,
{ 2, 0 }
},
}
EFI_CC_BOOT_SERVICE_CAPABILITY
Definition: CcMeasurement.h:105

Definition at line 98 of file TdTcg2Dxe.c.

◆ mTdxEventlogAcpiTemplate

EFI_CC_EVENTLOG_ACPI_TABLE mTdxEventlogAcpiTemplate
Initial value:
= {
{
EFI_CC_EVENTLOG_ACPI_TABLE_SIGNATURE,
sizeof (mTdxEventlogAcpiTemplate),
EFI_CC_EVENTLOG_ACPI_TABLE_REVISION,
},
{ EFI_CC_TYPE_TDX, 0 },
0,
0,
0,
}

Definition at line 120 of file TdTcg2Dxe.c.

◆ mVariableType

VARIABLE_TYPE mVariableType[]
Initial value:
= {
{ EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid },
{ EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid },
{ EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid },
{ EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid },
{ EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid },
}
EFI_KEY_EXCHANGE_KEY_NAME
#define EFI_KEY_EXCHANGE_KEY_NAME
Definition: GlobalVariable.h:126
EFI_PLATFORM_KEY_NAME
#define EFI_PLATFORM_KEY_NAME
Definition: GlobalVariable.h:131
EFI_SECURE_BOOT_MODE_NAME
#define EFI_SECURE_BOOT_MODE_NAME
Definition: GlobalVariable.h:143
EFI_IMAGE_SECURITY_DATABASE1
#define EFI_IMAGE_SECURITY_DATABASE1
Definition: ImageAuthentication.h:31
EFI_IMAGE_SECURITY_DATABASE
#define EFI_IMAGE_SECURITY_DATABASE
Definition: ImageAuthentication.h:26

Definition at line 112 of file TdTcg2Dxe.c.