summaryrefslogtreecommitdiff
path: root/SecurityPkg/Tcg
diff options
context:
space:
mode:
authorMichael Kinney <michael.d.kinney@intel.com>2016-01-21 19:30:14 +0000
committermdkinney <mdkinney@Edk2>2016-01-21 19:30:14 +0000
commit45500265b3fbb05d98766b82af98f8642a8e5eba (patch)
tree1ddaf2fb1070450a4191fb0f22a339a00c7da9de /SecurityPkg/Tcg
parent83b9662fb0086841d4f6220147bbf78966c38c56 (diff)
downloadedk2-platforms-45500265b3fbb05d98766b82af98f8642a8e5eba.tar.xz
SecurityPkg/TcgPei: Use updated Tpm12CommandLib APIs
Use the following new APIs in Tpm12CommandLib and remove duplicate code from TcgPei and TcgDxe: Tpm12Extend() Tpm12PhysicalPresence() Tpm12ContinueSelfTest() Tpm12GetCapabilityFlagPermanent() Tpm12GetCapabilityFlagVolatile() Cc: Chao Zhang <chao.b.zhang@intel.com> Cc: Jiewen Yao <jiewen.yao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney <michael.d.kinney@intel.com> Reviewed-by: Chao Zhang <chao.b.zhang@intel.com> Reviewed-by: Jiewen Yao <jiewen.yao@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19728 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/Tcg')
-rw-r--r--SecurityPkg/Tcg/TcgPei/TcgPei.c87
-rw-r--r--SecurityPkg/Tcg/TcgPei/TcgPei.inf3
-rw-r--r--SecurityPkg/Tcg/TcgPei/TpmComm.c272
-rw-r--r--SecurityPkg/Tcg/TcgPei/TpmComm.h176
4 files changed, 61 insertions, 477 deletions
diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c
index b3ca64273d..25724a6812 100644
--- a/SecurityPkg/Tcg/TcgPei/TcgPei.c
+++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c
@@ -38,8 +38,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#include <Library/BaseLib.h>
#include <Library/MemoryAllocationLib.h>
#include <Library/ReportStatusCodeLib.h>
-
-#include "TpmComm.h"
+#include <Library/Tpm12DeviceLib.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseCryptLib.h>
BOOLEAN mImageInMemory = FALSE;
@@ -198,6 +199,40 @@ EndofPeiSignalNotifyCallBack (
}
/**
+Single function calculates SHA1 digest value for all raw data. It
+combines Sha1Init(), Sha1Update() and Sha1Final().
+
+@param[in] Data Raw data to be digested.
+@param[in] DataLen Size of the raw data.
+@param[out] Digest Pointer to a buffer that stores the final digest.
+
+@retval EFI_SUCCESS Always successfully calculate the final digest.
+**/
+EFI_STATUS
+EFIAPI
+TpmCommHashAll (
+ IN CONST UINT8 *Data,
+ IN UINTN DataLen,
+ OUT TPM_DIGEST *Digest
+ )
+{
+ VOID *Sha1Ctx;
+ UINTN CtxSize;
+
+ CtxSize = Sha1GetContextSize ();
+ Sha1Ctx = AllocatePool (CtxSize);
+ ASSERT (Sha1Ctx != NULL);
+
+ Sha1Init (Sha1Ctx);
+ Sha1Update (Sha1Ctx, Data, DataLen);
+ Sha1Final (Sha1Ctx, (UINT8 *)Digest);
+
+ FreePool (Sha1Ctx);
+
+ return EFI_SUCCESS;
+}
+
+/**
Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
and build a GUIDed HOB recording the event which will be passed to the DXE phase and
added into the Event Log.
@@ -242,8 +277,7 @@ HashLogExtendEvent (
}
}
- Status = TpmCommExtend (
- PeiServices,
+ Status = Tpm12Extend (
&NewEventHdr->Digest,
NewEventHdr->PCRIndex,
NULL
@@ -540,12 +574,11 @@ PhysicalPresencePpiNotifyCallback (
)
{
EFI_STATUS Status;
+ TPM_PERMANENT_FLAGS TpmPermanentFlags;
PEI_LOCK_PHYSICAL_PRESENCE_PPI *LockPhysicalPresencePpi;
- BOOLEAN LifetimeLock;
- BOOLEAN CmdEnable;
TPM_PHYSICAL_PRESENCE PhysicalPresenceValue;
- Status = TpmCommGetCapability (PeiServices, NULL, &LifetimeLock, &CmdEnable);
+ Status = Tpm12GetCapabilityFlagPermanent (&TpmPermanentFlags);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -553,7 +586,7 @@ PhysicalPresencePpiNotifyCallback (
//
// 1. Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by PCDs.
//
- if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !LifetimeLock) {
+ if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !TpmPermanentFlags.physicalPresenceLifetimeLock) {
//
// Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet.
//
@@ -561,10 +594,10 @@ PhysicalPresencePpiNotifyCallback (
if (PcdGetBool (PcdPhysicalPresenceCmdEnable)) {
PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_ENABLE;
- CmdEnable = TRUE;
+ TpmPermanentFlags.physicalPresenceCMDEnable = TRUE;
} else {
PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_DISABLE;
- CmdEnable = FALSE;
+ TpmPermanentFlags.physicalPresenceCMDEnable = FALSE;
}
if (PcdGetBool (PcdPhysicalPresenceHwEnable)) {
@@ -573,8 +606,7 @@ PhysicalPresencePpiNotifyCallback (
PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE;
}
- Status = TpmCommPhysicalPresence (
- PeiServices,
+ Status = Tpm12PhysicalPresence (
PhysicalPresenceValue
);
if (EFI_ERROR (Status)) {
@@ -590,8 +622,8 @@ PhysicalPresencePpiNotifyCallback (
return EFI_SUCCESS;
}
- if (!CmdEnable) {
- if (LifetimeLock) {
+ if (!TpmPermanentFlags.physicalPresenceCMDEnable) {
+ if (TpmPermanentFlags.physicalPresenceLifetimeLock) {
//
// physicalPresenceCMDEnable is locked, can't change.
//
@@ -602,8 +634,7 @@ PhysicalPresencePpiNotifyCallback (
// Enable physical presence command
// It is necessary in order to lock physical presence
//
- Status = TpmCommPhysicalPresence (
- PeiServices,
+ Status = Tpm12PhysicalPresence (
TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
if (EFI_ERROR (Status)) {
@@ -614,8 +645,7 @@ PhysicalPresencePpiNotifyCallback (
//
// Lock physical presence
//
- Status = TpmCommPhysicalPresence (
- PeiServices,
+ Status = Tpm12PhysicalPresence (
TPM_PHYSICAL_PRESENCE_LOCK
);
return Status;
@@ -631,19 +661,18 @@ PhysicalPresencePpiNotifyCallback (
**/
BOOLEAN
-EFIAPI
IsTpmUsable (
- IN EFI_PEI_SERVICES **PeiServices
+ VOID
)
{
- EFI_STATUS Status;
- BOOLEAN Deactivated;
+ EFI_STATUS Status;
+ TPM_PERMANENT_FLAGS TpmPermanentFlags;
- Status = TpmCommGetCapability (PeiServices, &Deactivated, NULL, NULL);
+ Status = Tpm12GetCapabilityFlagPermanent (&TpmPermanentFlags);
if (EFI_ERROR (Status)) {
return FALSE;
}
- return (BOOLEAN)(!Deactivated);
+ return (BOOLEAN)(!TpmPermanentFlags.deactivated);
}
/**
@@ -682,7 +711,7 @@ PeimEntryMP (
return Status;
}
- if (IsTpmUsable (PeiServices)) {
+ if (IsTpmUsable ()) {
if (PcdGet8 (PcdTpmScrtmPolicy) == 1) {
Status = MeasureCRTMVersion (PeiServices);
}
@@ -759,7 +788,11 @@ PeimEntryMA (
}
if (PcdGet8 (PcdTpmInitializationPolicy) == 1) {
- Status = TpmCommStartup ((EFI_PEI_SERVICES**)PeiServices, BootMode);
+ if (BootMode == BOOT_ON_S3_RESUME) {
+ Status = Tpm12Startup (TPM_ST_STATE);
+ } else {
+ Status = Tpm12Startup (TPM_ST_CLEAR);
+ }
if (EFI_ERROR (Status) ) {
goto Done;
}
@@ -769,7 +802,7 @@ PeimEntryMA (
// TpmSelfTest is optional on S3 path, skip it to save S3 time
//
if (BootMode != BOOT_ON_S3_RESUME) {
- Status = TpmCommContinueSelfTest ((EFI_PEI_SERVICES**)PeiServices);
+ Status = Tpm12ContinueSelfTest ();
if (EFI_ERROR (Status)) {
goto Done;
}
diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/TcgPei.inf
index cdee0ab2ec..9a44d8fbda 100644
--- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf
+++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf
@@ -34,8 +34,6 @@
[Sources]
TcgPei.c
- TpmComm.c
- TpmComm.h
[Packages]
MdePkg/MdePkg.dec
@@ -57,6 +55,7 @@
PcdLib
MemoryAllocationLib
ReportStatusCodeLib
+ Tpm12CommandLib
[Guids]
gTcgEventEntryHobGuid ## PRODUCES ## HOB
diff --git a/SecurityPkg/Tcg/TcgPei/TpmComm.c b/SecurityPkg/Tcg/TcgPei/TpmComm.c
deleted file mode 100644
index 1a2156c6eb..0000000000
--- a/SecurityPkg/Tcg/TcgPei/TpmComm.c
+++ /dev/null
@@ -1,272 +0,0 @@
-/** @file
- Utility functions used by TPM PEI driver.
-
-Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#include "TpmComm.h"
-
-/**
- Send TPM_Startup command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] BootMode Boot mode.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommStartup (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_BOOT_MODE BootMode
- )
-{
- EFI_STATUS Status;
- TPM_STARTUP_TYPE TpmSt;
- UINT32 TpmRecvSize;
- UINT32 TpmSendSize;
- TPM_CMD_START_UP SendBuffer;
- UINT8 RecvBuffer[20];
-
- TpmSt = TPM_ST_CLEAR;
- if (BootMode == BOOT_ON_S3_RESUME) {
- TpmSt = TPM_ST_STATE;
- }
- //
- // send Tpm command TPM_ORD_Startup
- //
- TpmRecvSize = 20;
- TpmSendSize = sizeof (TPM_CMD_START_UP);
- SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize);
- SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_Startup);
- SendBuffer.TpmSt = SwapBytes16 (TpmSt);
- Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer);
- return Status;
-}
-
-/**
- Send TPM_ContinueSelfTest command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommContinueSelfTest (
- IN EFI_PEI_SERVICES **PeiServices
- )
-{
- EFI_STATUS Status;
- UINT32 TpmRecvSize;
- UINT32 TpmSendSize;
- TPM_CMD_SELF_TEST SendBuffer;
- UINT8 RecvBuffer[20];
-
- //
- // send Tpm command TPM_ORD_ContinueSelfTest
- //
- TpmRecvSize = 20;
- TpmSendSize = sizeof (TPM_CMD_SELF_TEST);
- SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize);
- SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_ContinueSelfTest);
- Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer);
- return Status;
-}
-
-/**
- Get TPM capability flags.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[out] Deactivated Returns deactivated flag.
- @param[out] LifetimeLock Returns physicalPresenceLifetimeLock permanent flag.
- @param[out] CmdEnable Returns physicalPresenceCMDEnable permanent flag.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommGetCapability (
- IN EFI_PEI_SERVICES **PeiServices,
- OUT BOOLEAN *Deactivated, OPTIONAL
- OUT BOOLEAN *LifetimeLock, OPTIONAL
- OUT BOOLEAN *CmdEnable OPTIONAL
- )
-{
- EFI_STATUS Status;
- UINT32 TpmRecvSize;
- UINT32 TpmSendSize;
- TPM_CMD_GET_CAPABILITY SendBuffer;
- UINT8 RecvBuffer[40];
- TPM_PERMANENT_FLAGS *TpmPermanentFlags;
-
- //
- // send Tpm command TPM_ORD_GetCapability
- //
- TpmRecvSize = 40;
- TpmSendSize = sizeof (TPM_CMD_GET_CAPABILITY);
- SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize);
- SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_GetCapability);
- SendBuffer.Capability = SwapBytes32 (TPM_CAP_FLAG);
- SendBuffer.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
- SendBuffer.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
- Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer);
- if (EFI_ERROR (Status)) {
- return Status;
- }
- TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
- if (Deactivated != NULL) {
- *Deactivated = TpmPermanentFlags->deactivated;
- }
-
- if (LifetimeLock != NULL) {
- *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;
- }
-
- if (CmdEnable != NULL) {
- *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;
- }
- return Status;
-}
-
-/**
- Extend a TPM PCR.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] DigestToExtend The 160 bit value representing the event to be recorded.
- @param[in] PcrIndex The PCR to be updated.
- @param[out] NewPcrValue New PCR value after extend.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommExtend (
- IN EFI_PEI_SERVICES **PeiServices,
- IN TPM_DIGEST *DigestToExtend,
- IN TPM_PCRINDEX PcrIndex,
- OUT TPM_DIGEST *NewPcrValue
- )
-{
- EFI_STATUS Status;
- UINT32 TpmSendSize;
- UINT32 TpmRecvSize;
- TPM_CMD_EXTEND SendBuffer;
- UINT8 RecvBuffer[10 + sizeof(TPM_DIGEST)];
-
- //
- // send Tpm command TPM_ORD_Extend
- //
- TpmRecvSize = sizeof (TPM_RSP_COMMAND_HDR) + sizeof (TPM_DIGEST);
- TpmSendSize = sizeof (TPM_CMD_EXTEND);
- SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize);
- SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_Extend);
- SendBuffer.PcrIndex = SwapBytes32 (PcrIndex);
- CopyMem (&SendBuffer.TpmDigest, (UINT8 *)DigestToExtend, sizeof (TPM_DIGEST));
- Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer);
- if (EFI_ERROR (Status)) {
- return Status;
- }
-
- if(NewPcrValue != NULL) {
- CopyMem ((UINT8*)NewPcrValue, &RecvBuffer[10], sizeof (TPM_DIGEST));
- }
-
- return Status;
-}
-
-
-/**
- Send TSC_PhysicalPresence command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] PhysicalPresence The state to set the TPMs Physical Presence flags.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommPhysicalPresence (
- IN EFI_PEI_SERVICES **PeiServices,
- IN TPM_PHYSICAL_PRESENCE PhysicalPresence
- )
-{
- EFI_STATUS Status;
- UINT32 TpmSendSize;
- UINT32 TpmRecvSize;
- TPM_CMD_PHYSICAL_PRESENCE SendBuffer;
- UINT8 RecvBuffer[10];
-
- //
- // send Tpm command TSC_ORD_PhysicalPresence
- //
- TpmRecvSize = 10;
- TpmSendSize = sizeof (TPM_CMD_PHYSICAL_PRESENCE);
- SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize);
- SendBuffer.Hdr.ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);
- SendBuffer.PhysicalPresence = SwapBytes16 (PhysicalPresence);
- Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer);
- return Status;
-}
-
-/**
- Single function calculates SHA1 digest value for all raw data. It
- combines Sha1Init(), Sha1Update() and Sha1Final().
-
- @param[in] Data Raw data to be digested.
- @param[in] DataLen Size of the raw data.
- @param[out] Digest Pointer to a buffer that stores the final digest.
-
- @retval EFI_SUCCESS Always successfully calculate the final digest.
-**/
-EFI_STATUS
-EFIAPI
-TpmCommHashAll (
- IN CONST UINT8 *Data,
- IN UINTN DataLen,
- OUT TPM_DIGEST *Digest
- )
-{
- VOID *Sha1Ctx;
- UINTN CtxSize;
-
- CtxSize = Sha1GetContextSize ();
- Sha1Ctx = AllocatePool (CtxSize);
- ASSERT (Sha1Ctx != NULL);
-
- Sha1Init (Sha1Ctx);
- Sha1Update (Sha1Ctx, Data, DataLen);
- Sha1Final (Sha1Ctx, (UINT8 *)Digest);
-
- FreePool (Sha1Ctx);
-
- return EFI_SUCCESS;
-}
diff --git a/SecurityPkg/Tcg/TcgPei/TpmComm.h b/SecurityPkg/Tcg/TcgPei/TpmComm.h
deleted file mode 100644
index 06eefe1410..0000000000
--- a/SecurityPkg/Tcg/TcgPei/TpmComm.h
+++ /dev/null
@@ -1,176 +0,0 @@
-/** @file
- The header file for TPM PEI driver.
-
-Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>
-This program and the accompanying materials
-are licensed and made available under the terms and conditions of the BSD License
-which accompanies this distribution. The full text of the license may be found at
-http://opensource.org/licenses/bsd-license.php
-
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
-
-**/
-
-#ifndef _TPM_COMM_H_
-#define _TPM_COMM_H_
-
-#include <IndustryStandard/Tpm12.h>
-#include <IndustryStandard/UefiTcgPlatform.h>
-#include <Library/MemoryAllocationLib.h>
-#include <Library/BaseCryptLib.h>
-#include <Library/Tpm12DeviceLib.h>
-#include <Library/DebugLib.h>
-#include <Library/BaseLib.h>
-#include <Library/BaseMemoryLib.h>
-
-#pragma pack(1)
-
-typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_STARTUP_TYPE TpmSt;
-} TPM_CMD_START_UP;
-
-typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
-} TPM_CMD_SELF_TEST;
-
-typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- UINT32 Capability;
- UINT32 CapabilityFlagSize;
- UINT32 CapabilityFlag;
-} TPM_CMD_GET_CAPABILITY;
-
-typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_PCRINDEX PcrIndex;
- TPM_DIGEST TpmDigest;
-} TPM_CMD_EXTEND;
-
-typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_PHYSICAL_PRESENCE PhysicalPresence;
-} TPM_CMD_PHYSICAL_PRESENCE;
-
-#pragma pack()
-
-/**
- Send TPM_Startup command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] BootMode Boot mode.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommStartup (
- IN EFI_PEI_SERVICES **PeiServices,
- IN EFI_BOOT_MODE BootMode
- );
-
-/**
- Send TPM_ContinueSelfTest command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommContinueSelfTest (
- IN EFI_PEI_SERVICES **PeiServices
- );
-
-/**
- Get TPM capability flags.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] TpmHandle TPM handle.
- @param[out] Deactivated Returns deactivated flag.
- @param[out] LifetimeLock Returns physicalPresenceLifetimeLock permanent flag.
- @param[out] CmdEnable Returns physicalPresenceCMDEnable permanent flag.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommGetCapability (
- IN EFI_PEI_SERVICES **PeiServices,
- OUT BOOLEAN *Deactivated, OPTIONAL
- OUT BOOLEAN *LifetimeLock, OPTIONAL
- OUT BOOLEAN *CmdEnable OPTIONAL
- );
-
-/**
- Extend a TPM PCR.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] TpmHandle TPM handle.
- @param[in] DigestToExtend The 160 bit value representing the event to be recorded.
- @param[in] PcrIndex The PCR to be updated.
- @param[out] NewPcrValue New PCR value after extend.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommExtend (
- IN EFI_PEI_SERVICES **PeiServices,
- IN TPM_DIGEST *DigestToExtend,
- IN TPM_PCRINDEX PcrIndex,
- OUT TPM_DIGEST *NewPcrValue
- );
-
-
-/**
- Send TSC_PhysicalPresence command to TPM.
-
- @param[in] PeiServices Describes the list of possible PEI Services.
- @param[in] TpmHandle TPM handle.
- @param[in] PhysicalPresence The state to set the TPMs Physical Presence flags.
-
- @retval EFI_SUCCESS Operation completed successfully.
- @retval EFI_TIMEOUT The register can't run into the expected status in time.
- @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
- @retval EFI_DEVICE_ERROR Unexpected device behavior.
-
-**/
-EFI_STATUS
-TpmCommPhysicalPresence (
- IN EFI_PEI_SERVICES **PeiServices,
- IN TPM_PHYSICAL_PRESENCE PhysicalPresence
- );
-
-/**
- Single function calculates SHA1 digest value for all raw data. It
- combines Sha1Init(), Sha1Update() and Sha1Final().
-
- @param[in] Data Raw data to be digested.
- @param[in] DataLen Size of the raw data.
- @param[out] Digest Pointer to a buffer that stores the final digest.
-
- @retval EFI_SUCCESS Always successfully calculate the final digest.
-**/
-EFI_STATUS
-EFIAPI
-TpmCommHashAll (
- IN CONST UINT8 *Data,
- IN UINTN DataLen,
- OUT TPM_DIGEST *Digest
- );
-
-#endif // _TPM_COMM_H_