#include <IndustryStandard/UefiTcgPlatform.h>
#include <Library/Tpm2CommandLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>

Data Structures
struct	TPM2_NV_READPUBLIC_COMMAND

struct	TPM2_NV_READPUBLIC_RESPONSE

struct	TPM2_NV_DEFINESPACE_COMMAND

struct	TPM2_NV_DEFINESPACE_RESPONSE

struct	TPM2_NV_UNDEFINESPACE_COMMAND

struct	TPM2_NV_UNDEFINESPACE_RESPONSE

struct	TPM2_NV_READ_COMMAND

struct	TPM2_NV_READ_RESPONSE

struct	TPM2_NV_WRITE_COMMAND

struct	TPM2_NV_WRITE_RESPONSE

struct	TPM2_NV_READLOCK_COMMAND

struct	TPM2_NV_READLOCK_RESPONSE

struct	TPM2_NV_WRITELOCK_COMMAND

struct	TPM2_NV_WRITELOCK_RESPONSE

struct	TPM2_NV_GLOBALWRITELOCK_COMMAND

struct	TPM2_NV_GLOBALWRITELOCK_RESPONSE

struct	TPM2_NV_EXTEND_COMMAND

struct	TPM2_NV_EXTEND_RESPONSE

Macros
#define	RC_NV_ReadPublic_nvIndex (TPM_RC_H + TPM_RC_1)

#define	RC_NV_DefineSpace_authHandle (TPM_RC_H + TPM_RC_1)

#define	RC_NV_DefineSpace_auth (TPM_RC_P + TPM_RC_1)

#define	RC_NV_DefineSpace_publicInfo (TPM_RC_P + TPM_RC_2)

#define	RC_NV_UndefineSpace_authHandle (TPM_RC_H + TPM_RC_1)

#define	RC_NV_UndefineSpace_nvIndex (TPM_RC_H + TPM_RC_2)

#define	RC_NV_Read_authHandle (TPM_RC_H + TPM_RC_1)

#define	RC_NV_Read_nvIndex (TPM_RC_H + TPM_RC_2)

#define	RC_NV_Read_size (TPM_RC_P + TPM_RC_1)

#define	RC_NV_Read_offset (TPM_RC_P + TPM_RC_2)

#define	RC_NV_Write_authHandle (TPM_RC_H + TPM_RC_1)

#define	RC_NV_Write_nvIndex (TPM_RC_H + TPM_RC_2)

#define	RC_NV_Write_data (TPM_RC_P + TPM_RC_1)

#define	RC_NV_Write_offset (TPM_RC_P + TPM_RC_2)

Functions
EFI_STATUS EFIAPI	Tpm2NvReadPublic (IN TPMI_RH_NV_INDEX NvIndex, OUT TPM2B_NV_PUBLIC NvPublic, OUT TPM2B_NAME NvName)

EFI_STATUS EFIAPI	Tpm2NvDefineSpace (IN TPMI_RH_PROVISION AuthHandle, IN TPMS_AUTH_COMMAND AuthSession OPTIONAL, IN TPM2B_AUTH Auth, IN TPM2B_NV_PUBLIC *NvPublic)

EFI_STATUS EFIAPI	Tpm2NvUndefineSpace (IN TPMI_RH_PROVISION AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL)

EFI_STATUS EFIAPI	Tpm2NvRead (IN TPMI_RH_NV_AUTH AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND AuthSession OPTIONAL, IN UINT16 Size, IN UINT16 Offset, IN OUT TPM2B_MAX_BUFFER OutData)

EFI_STATUS EFIAPI	Tpm2NvWrite (IN TPMI_RH_NV_AUTH AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND AuthSession OPTIONAL, IN TPM2B_MAX_BUFFER InData, IN UINT16 Offset)

EFI_STATUS EFIAPI	Tpm2NvReadLock (IN TPMI_RH_NV_AUTH AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL)

EFI_STATUS EFIAPI	Tpm2NvWriteLock (IN TPMI_RH_NV_AUTH AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL)

EFI_STATUS EFIAPI	Tpm2NvGlobalWriteLock (IN TPMI_RH_PROVISION AuthHandle, IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL)

EFI_STATUS EFIAPI	Tpm2NvExtend (IN TPMI_RH_NV_AUTH AuthHandle, IN TPMI_RH_NV_INDEX NvIndex, IN TPMS_AUTH_COMMAND AuthSession OPTIONAL, IN TPM2B_MAX_BUFFER InData)

Detailed Description

Implement TPM2 NVStorage related command.

Copyright (c) 2013 - 2024, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent

Definition in file Tpm2NVStorage.c.

Macro Definition Documentation

◆ RC_NV_DefineSpace_auth

#define RC_NV_DefineSpace_auth (TPM_RC_P + TPM_RC_1)

Definition at line 21 of file Tpm2NVStorage.c.

◆ RC_NV_DefineSpace_authHandle

#define RC_NV_DefineSpace_authHandle (TPM_RC_H + TPM_RC_1)

Definition at line 20 of file Tpm2NVStorage.c.

◆ RC_NV_DefineSpace_publicInfo

#define RC_NV_DefineSpace_publicInfo (TPM_RC_P + TPM_RC_2)

Definition at line 22 of file Tpm2NVStorage.c.

◆ RC_NV_Read_authHandle

#define RC_NV_Read_authHandle (TPM_RC_H + TPM_RC_1)

Definition at line 27 of file Tpm2NVStorage.c.

◆ RC_NV_Read_nvIndex

#define RC_NV_Read_nvIndex (TPM_RC_H + TPM_RC_2)

Definition at line 28 of file Tpm2NVStorage.c.

◆ RC_NV_Read_offset

#define RC_NV_Read_offset (TPM_RC_P + TPM_RC_2)

Definition at line 30 of file Tpm2NVStorage.c.

◆ RC_NV_Read_size

#define RC_NV_Read_size (TPM_RC_P + TPM_RC_1)

Definition at line 29 of file Tpm2NVStorage.c.

◆ RC_NV_ReadPublic_nvIndex

#define RC_NV_ReadPublic_nvIndex (TPM_RC_H + TPM_RC_1)

Definition at line 18 of file Tpm2NVStorage.c.

◆ RC_NV_UndefineSpace_authHandle

#define RC_NV_UndefineSpace_authHandle (TPM_RC_H + TPM_RC_1)

Definition at line 24 of file Tpm2NVStorage.c.

◆ RC_NV_UndefineSpace_nvIndex

#define RC_NV_UndefineSpace_nvIndex (TPM_RC_H + TPM_RC_2)

Definition at line 25 of file Tpm2NVStorage.c.

◆ RC_NV_Write_authHandle

#define RC_NV_Write_authHandle (TPM_RC_H + TPM_RC_1)

Definition at line 32 of file Tpm2NVStorage.c.

◆ RC_NV_Write_data

#define RC_NV_Write_data (TPM_RC_P + TPM_RC_1)

Definition at line 34 of file Tpm2NVStorage.c.

◆ RC_NV_Write_nvIndex

#define RC_NV_Write_nvIndex (TPM_RC_H + TPM_RC_2)

Definition at line 33 of file Tpm2NVStorage.c.

◆ RC_NV_Write_offset

#define RC_NV_Write_offset (TPM_RC_P + TPM_RC_2)

Definition at line 35 of file Tpm2NVStorage.c.

Function Documentation

◆ Tpm2NvDefineSpace()

EFI_STATUS EFIAPI Tpm2NvDefineSpace	(	IN TPMI_RH_PROVISION	AuthHandle,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL,
		IN TPM2B_AUTH *	Auth,
		IN TPM2B_NV_PUBLIC *	NvPublic
	)

This command defines the attributes of an NV Index and causes the TPM to reserve space to hold the data associated with the index. If a definition already exists at the index, the TPM will return TPM_RC_NV_DEFINED.

Parameters

[in]	AuthHandle	TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.
[in]	AuthSession	Auth Session context
[in]	Auth	The authorization data.
[in]	NvPublic	The public area of the index.

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_ALREADY_STARTED	The command was returned successfully, but NvIndex is already defined.

Definition at line 300 of file Tpm2NVStorage.c.

◆ Tpm2NvExtend()

EFI_STATUS EFIAPI Tpm2NvExtend	(	IN TPMI_RH_NV_AUTH	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL,
		IN TPM2B_MAX_BUFFER *	InData
	)

This command extends a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace().

Parameters

[in]	AuthHandle	the handle indicating the source of the authorization value.
[in]	NvIndex	The NV Index of the area to extend.
[in]	AuthSession	Auth Session context
[in]	InData	The data to extend.

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 1086 of file Tpm2NVStorage.c.

◆ Tpm2NvGlobalWriteLock()

EFI_STATUS EFIAPI Tpm2NvGlobalWriteLock	(	IN TPMI_RH_PROVISION	AuthHandle,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL
	)

The command will SET TPMA_NV_WRITELOCKED for all indexes that have their TPMA_NV_GLOBALLOCK attribute SET.

Parameters

[in]	AuthHandle	TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.
[in]	AuthSession	Auth Session context

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 999 of file Tpm2NVStorage.c.

◆ Tpm2NvRead()

EFI_STATUS EFIAPI Tpm2NvRead	(	IN TPMI_RH_NV_AUTH	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL,
		IN UINT16	Size,
		IN UINT16	Offset,
		IN OUT TPM2B_MAX_BUFFER *	OutData
	)

This command reads a value from an area in NV memory previously defined by TPM2_NV_DefineSpace().

Parameters

[in]	AuthHandle	the handle indicating the source of the authorization value.
[in]	NvIndex	The index to be read.
[in]	AuthSession	Auth Session context
[in]	Size	Number of bytes to read.
[in]	Offset	Byte offset into the area.
[in,out]	OutData	The data read.

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 545 of file Tpm2NVStorage.c.

◆ Tpm2NvReadLock()

EFI_STATUS EFIAPI Tpm2NvReadLock	(	IN TPMI_RH_NV_AUTH	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL
	)

This command may be used to prevent further reads of the Index until the next TPM2_Startup (TPM_SU_CLEAR).

Parameters

[in]	AuthHandle	the handle indicating the source of the authorization value.
[in]	NvIndex	The NV Index of the area to lock.
[in]	AuthSession	Auth Session context

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 824 of file Tpm2NVStorage.c.

◆ Tpm2NvReadPublic()

EFI_STATUS EFIAPI Tpm2NvReadPublic	(	IN TPMI_RH_NV_INDEX	NvIndex,
		OUT TPM2B_NV_PUBLIC *	NvPublic,
		OUT TPM2B_NAME *	NvName
	)

This command is used to read the public area and Name of an NV Index.

Parameters

[in]	NvIndex	The NV Index.
[out]	NvPublic	The public area of the index.
[out]	NvName	The Name of the nvIndex.

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 182 of file Tpm2NVStorage.c.

◆ Tpm2NvUndefineSpace()

EFI_STATUS EFIAPI Tpm2NvUndefineSpace	(	IN TPMI_RH_PROVISION	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL
	)

This command removes an index from the TPM.

Parameters

[in]	AuthHandle	TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.
[in]	NvIndex	The NV Index.
[in]	AuthSession	Auth Session context

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 437 of file Tpm2NVStorage.c.

◆ Tpm2NvWrite()

EFI_STATUS EFIAPI Tpm2NvWrite	(	IN TPMI_RH_NV_AUTH	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL,
		IN TPM2B_MAX_BUFFER *	InData,
		IN UINT16	Offset
	)

This command writes a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace().

Parameters

[in]	AuthHandle	the handle indicating the source of the authorization value.
[in]	NvIndex	The NV Index of the area to write.
[in]	AuthSession	Auth Session context
[in]	InData	The data to write.
[in]	Offset	The offset into the NV Area.

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 693 of file Tpm2NVStorage.c.

◆ Tpm2NvWriteLock()

EFI_STATUS EFIAPI Tpm2NvWriteLock	(	IN TPMI_RH_NV_AUTH	AuthHandle,
		IN TPMI_RH_NV_INDEX	NvIndex,
		IN TPMS_AUTH_COMMAND *AuthSession	OPTIONAL
	)

This command may be used to inhibit further writes of the Index.

Parameters

[in]	AuthHandle	the handle indicating the source of the authorization value.
[in]	NvIndex	The NV Index of the area to lock.
[in]	AuthSession	Auth Session context

Return values

EFI_SUCCESS	Operation completed successfully.
EFI_DEVICE_ERROR	The command was unsuccessful.
EFI_NOT_FOUND	The command was returned successfully, but NvIndex is not found.

Definition at line 912 of file Tpm2NVStorage.c.

Data Structures

Macros

Functions

Detailed Description

Macro Definition Documentation

◆ RC_NV_DefineSpace_auth

◆ RC_NV_DefineSpace_authHandle

◆ RC_NV_DefineSpace_publicInfo

◆ RC_NV_Read_authHandle

◆ RC_NV_Read_nvIndex

◆ RC_NV_Read_offset

◆ RC_NV_Read_size

◆ RC_NV_ReadPublic_nvIndex

◆ RC_NV_UndefineSpace_authHandle

◆ RC_NV_UndefineSpace_nvIndex

◆ RC_NV_Write_authHandle

◆ RC_NV_Write_data

◆ RC_NV_Write_nvIndex

◆ RC_NV_Write_offset

Function Documentation

◆ Tpm2NvDefineSpace()

◆ Tpm2NvExtend()

◆ Tpm2NvGlobalWriteLock()

◆ Tpm2NvRead()

◆ Tpm2NvReadLock()

◆ Tpm2NvReadPublic()

◆ Tpm2NvUndefineSpace()

◆ Tpm2NvWrite()

◆ Tpm2NvWriteLock()