diff options
Diffstat (limited to 'EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h')
| -rw-r--r-- | EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h | 158 |
1 files changed, 139 insertions, 19 deletions
diff --git a/EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h b/EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h index 0ba14cecfb..aa54b384ee 100644 --- a/EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h +++ b/EdkCompatibilityPkg/Foundation/Include/IndustryStandard/Tpm12.h @@ -15,7 +15,7 @@ Module Name: Abstract:
- TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 94)
+ TPM Specification data structures (TCG TPM Specification Version 1.2 Revision 103)
See http://trustedcomputinggroup.org for latest specification updates
@@ -39,6 +39,7 @@ Abstract: typedef UINT8 TPM_AUTH_DATA_USAGE;
typedef UINT8 TPM_PAYLOAD_TYPE;
typedef UINT8 TPM_VERSION_BYTE;
+typedef UINT8 TPM_DA_STATE;
typedef UINT16 TPM_TAG;
typedef UINT16 TPM_PROTOCOL_ID;
typedef UINT16 TPM_STARTUP_TYPE;
@@ -144,6 +145,9 @@ typedef UINT32 TPM_FAMILY_OPERATION; #define TPM_TAG_CMK_SIGTICKET ((TPM_STRUCTURE_TAG) 0x0034)
#define TPM_TAG_CMK_MA_APPROVAL ((TPM_STRUCTURE_TAG) 0x0035)
#define TPM_TAG_QUOTE_INFO2 ((TPM_STRUCTURE_TAG) 0x0036)
+#define TPM_TAG_DA_INFO ((TPM_STRUCTURE_TAG) 0x0037)
+#define TPM_TAG_DA_LIMITED ((TPM_STRUCTURE_TAG) 0x0038)
+#define TPM_TAG_DA_ACTION_TYPE ((TPM_STRUCTURE_TAG) 0x0039)
//
// Part 2, section 4: TPM Types
@@ -190,6 +194,7 @@ typedef UINT32 TPM_FAMILY_OPERATION; #define TPM_ET_DEL_KEY_BLOB ((UINT16) 0x0009) // The entity is a delegate key blob
#define TPM_ET_COUNTER ((UINT16) 0x000A) // The entity is a counter
#define TPM_ET_NV ((UINT16) 0x000B) // The entity is a NV index
+#define TPM_ET_OPERATOR ((UINT16) 0x000C) // The entity is the operator
#define TPM_ET_RESERVED_HANDLE ((UINT16) 0x0040) // Reserved. This value avoids collisions with the handle MSB setting.
//
// TPM_ENTITY_TYPE MSB Values: The MSB is used to indicate the ADIP encryption sheme when applicable
@@ -323,8 +328,6 @@ typedef TPM_DIGEST TPM_DIRVALUE; // This SHALL be the value of typedef TPM_DIGEST TPM_HMAC;
typedef TPM_DIGEST TPM_PCRVALUE; // The value inside of the PCR
typedef TPM_DIGEST TPM_AUDITDIGEST; // This SHALL be the value of the current internal audit state
-typedef TPM_DIGEST TPM_DAA_TPM_SEED; // This SHALL be a random value generated by a TPM immediately after the EK is installed in that TPM, whenever an EK is installed in that TPM
-typedef TPM_DIGEST TPM_DAA_CONTEXT_SEED; // This SHALL be a random value
//
// Part 2, section 5.5: TPM_NONCE
@@ -333,6 +336,9 @@ typedef struct tdTPM_NONCE{ UINT8 nonce[20];
} TPM_NONCE;
+typedef TPM_NONCE TPM_DAA_TPM_SEED; // This SHALL be a random value generated by a TPM immediately after the EK is installed in that TPM, whenever an EK is installed in that TPM
+typedef TPM_NONCE TPM_DAA_CONTEXT_SEED; // This SHALL be a random value
+
//
// Part 2, section 5.6: TPM_AUTHDATA
//
@@ -393,7 +399,8 @@ typedef struct tdTPM_KEY_HANDLE_LIST { #define TPM_ES_NONE ((TPM_ENC_SCHEME) 0x0001)
#define TPM_ES_RSAESPKCSv15 ((TPM_ENC_SCHEME) 0x0002)
#define TPM_ES_RSAESOAEP_SHA1_MGF1 ((TPM_ENC_SCHEME) 0x0003)
-#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004)
+#define TPM_ES_SYM_CNT ((TPM_ENC_SCHEME) 0x0004) // rev94 defined
+#define TPM_ES_SYM_CTR ((TPM_ENC_SCHEME) 0x0004)
#define TPM_ES_SYM_OFB ((TPM_ENC_SCHEME) 0x0005)
#define TPM_SS_NONE ((TPM_SIG_SCHEME) 0x0001)
@@ -584,6 +591,7 @@ typedef struct tdTPM_PERMANENT_FLAGS{ BOOLEAN readSRKPub;
BOOLEAN tpmEstablished;
BOOLEAN maintenanceDone;
+ BOOLEAN disableFullDALogicInfo;
} TPM_PERMANENT_FLAGS;
//
@@ -608,6 +616,7 @@ typedef struct tdTPM_PERMANENT_FLAGS{ #define TPM_PF_READSRKPUB ((TPM_CAPABILITY_AREA) 17)
#define TPM_PF_TPMESTABLISHED ((TPM_CAPABILITY_AREA) 18)
#define TPM_PF_MAINTENANCEDONE ((TPM_CAPABILITY_AREA) 19)
+#define TPM_PF_DISABLEFULLDALOGICINFO ((TPM_CAPABILITY_AREA) 20)
//
// Part 2, section 7.2: TPM_STCLEAR_FLAGS
@@ -655,10 +664,11 @@ typedef struct tdTPM_STANY_FLAGS{ //
// Part 2, section 7.4: TPM_PERMANENT_DATA
//
-//#define TPM_MIN_COUNTERS 4 // the minimum number of counters is 4
-//#define TPM_DELEGATE_KEY TPM_KEY
-//#define TPM_NUM_PCR 16
-//#define TPM_MAX_NV_WRITE_NOOWNER 64
+#define TPM_MIN_COUNTERS 4 // the minimum number of counters is 4
+#define TPM_DELEGATE_KEY TPM_KEY
+#define TPM_NUM_PCR 16
+#define TPM_MAX_NV_WRITE_NOOWNER 64
+
//typedef struct tdTPM_PERMANENT_DATA
//{
// TPM_STRUCTURE_TAG tag;
@@ -686,20 +696,62 @@ typedef struct tdTPM_STANY_FLAGS{ // UINT32 noOwnerNVWrite;
// TPM_CMK_DELEGATE restrictDelegate;
// TPM_DAA_TPM_SEED tpmDAASeed;
+// TPM_NONCE daaProff;
+// TPM_KEY daaBlobKey;
//} TPM_PERMANENT_DATA;
//
+// Part 2, section 7.4.1: PERMANENT_DATA Subcap for SetCapability
+//
+#define TPM_PD_REVMAJOR ((TPM_CAPABILITY_AREA) 1)
+#define TPM_PD_REVMINOR ((TPM_CAPABILITY_AREA) 2)
+#define TPM_PD_TPMPROOF ((TPM_CAPABILITY_AREA) 3)
+#define TPM_PD_OWNERAUTH ((TPM_CAPABILITY_AREA) 4)
+#define TPM_PD_OPERATORAUTH ((TPM_CAPABILITY_AREA) 5)
+#define TPM_PD_MANUMAINTPUB ((TPM_CAPABILITY_AREA) 6)
+#define TPM_PD_ENDORSEMENTKEY ((TPM_CAPABILITY_AREA) 7)
+#define TPM_PD_SRK ((TPM_CAPABILITY_AREA) 8)
+#define TPM_PD_DELEGATEKEY ((TPM_CAPABILITY_AREA) 9)
+#define TPM_PD_CONTEXTKEY ((TPM_CAPABILITY_AREA) 10)
+#define TPM_PD_AUDITMONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 11)
+#define TPM_PD_MONOTONICCOUNTER ((TPM_CAPABILITY_AREA) 12)
+#define TPM_PD_PCRATTRIB ((TPM_CAPABILITY_AREA) 13)
+#define TPM_PD_ORDINALAUDITSTATUS ((TPM_CAPABILITY_AREA) 14)
+#define TPM_PD_AUTHDIR ((TPM_CAPABILITY_AREA) 15)
+#define TPM_PD_RNGSTATE ((TPM_CAPABILITY_AREA) 16)
+#define TPM_PD_FAMILYTABLE ((TPM_CAPABILITY_AREA) 17)
+#define TPM_DELEGATETABLE ((TPM_CAPABILITY_AREA) 18)
+#define TPM_PD_EKRESET ((TPM_CAPABILITY_AREA) 19)
+#define TPM_PD_MAXNVBUFSIZE ((TPM_CAPABILITY_AREA) 20)
+#define TPM_PD_LASTFAMILYID ((TPM_CAPABILITY_AREA) 21)
+#define TPM_PD_NOOWNERNVWRITE ((TPM_CAPABILITY_AREA) 22)
+#define TPM_PD_RESTRICTDELEGATE ((TPM_CAPABILITY_AREA) 23)
+#define TPM_PD_TPMDAASEED ((TPM_CAPABILITY_AREA) 24)
+#define TPM_PD_DAAPROOF ((TPM_CAPABILITY_AREA) 25)
+
+//
// Part 2, section 7.5: TPM_STCLEAR_DATA
// available inside TPM only
//
-//typedef struct tdTPM_STCLEAR_DATA
-//{
-// TPM_STRUCTURE_TAG tag;
-// TPM_NONCE contextNonceKey;
-// TPM_COUNT_ID countID;
-// UINT32 ownerReference;
-// BOOLEAN disableResetLock;
-//} TPM_STCLEAR_DATA;
+ typedef struct tdTPM_STCLEAR_DATA{
+ TPM_STRUCTURE_TAG tag;
+ TPM_NONCE contextNonceKey;
+ TPM_COUNT_ID countID;
+ UINT32 ownerReference;
+ BOOLEAN disableResetLock;
+ TPM_PCRVALUE PCR[TPM_NUM_PCR];
+ UINT32 deferredPhysicalPresence;
+ }TPM_STCLEAR_DATA;
+
+//
+// Part 2, section 7.5.1: STCLEAR_DATA Subcap for SetCapability
+//
+#define TPM_SD_CONTEXTNONCEKEY ((TPM_CAPABILITY_AREA)0x00000001)
+#define TPM_SD_COUNTID ((TPM_CAPABILITY_AREA)0x00000002)
+#define TPM_SD_OWNERREFERENCE ((TPM_CAPABILITY_AREA)0x00000003)
+#define TPM_SD_DISABLERESETLOCK ((TPM_CAPABILITY_AREA)0x00000004)
+#define TPM_SD_PCR ((TPM_CAPABILITY_AREA)0x00000005)
+#define TPM_SD_DEFERREDPHYSICALPRESENCE ((TPM_CAPABILITY_AREA)0x00000006)
//
// Part 2, section 7.6: TPM_STANY_DATA
@@ -717,6 +769,16 @@ typedef struct tdTPM_STANY_FLAGS{ //} TPM_STANY_DATA;
//
+// Part 2, section 7.6.1: STANY_DATA Subcap for SetCapability
+//
+#define TPM_AD_CONTEXTNONCESESSION ((TPM_CAPABILITY_AREA) 1)
+#define TPM_AD_AUDITDIGEST ((TPM_CAPABILITY_AREA) 2)
+#define TPM_AD_CURRENTTICKS ((TPM_CAPABILITY_AREA) 3)
+#define TPM_AD_CONTEXTCOUNT ((TPM_CAPABILITY_AREA) 4)
+#define TPM_AD_CONTEXTLIST ((TPM_CAPABILITY_AREA) 5)
+#define TPM_AD_SESSIONS ((TPM_CAPABILITY_AREA) 6)
+
+//
// Part 2, section 8: PCR Structures
//
@@ -1137,7 +1199,9 @@ typedef struct tdTPM_AUDIT_EVENT_OUT //
// Part 2, section 16: Return Codes
//
-#define TPM_BASE 0
+#ifndef TPM_BASE
+#error "TPM Error Codes require definition of TPM_BASE"
+#endif
#define TPM_VENDOR_ERROR TPM_Vendor_Specific32
#define TPM_NON_FATAL 0x00000800
@@ -1498,12 +1562,14 @@ typedef struct tdTPM_NV_DATA_PUBLIC //
//
-// Part 2, section 20.3: Owner Permissions Settings for per1 bits
+// Part 2, section 20.2.1: Owner Permissions Settings for per1 bits
//
#define TPM_DELEGATE_SetOrdinalAuditStatus (((UINT32)1)<<30)
#define TPM_DELEGATE_DirWriteAuth (((UINT32)1)<<29)
#define TPM_DELEGATE_CMK_ApproveMA (((UINT32)1)<<28)
+#define TPM_DELEGATE_NV_WriteValue (((UINT32)1)<<27)
#define TPM_DELEGATE_CMK_CreateTicket (((UINT32)1)<<26)
+#define TPM_DELEGATE_NV_ReadValue (((UINT32)1)<<25)
#define TPM_DELEGATE_Delegate_LoadOwnerDelegation (((UINT32)1)<<24)
#define TPM_DELEGATE_DAA_Join (((UINT32)1)<<23)
#define TPM_DELEGATE_AuthorizeMigrationKey (((UINT32)1)<<22)
@@ -1514,6 +1580,7 @@ typedef struct tdTPM_NV_DATA_PUBLIC #define TPM_DELEGATE_ResetLockValue (((UINT32)1)<<17)
#define TPM_DELEGATE_OwnerClear (((UINT32)1)<<16)
#define TPM_DELEGATE_DisableOwnerClear (((UINT32)1)<<15)
+#define TPM_DELEGATE_NV_DefineSpace (((UINT32)1)<<14)
#define TPM_DELEGATE_OwnerSetDisable (((UINT32)1)<<13)
#define TPM_DELEGATE_SetCapability (((UINT32)1)<<12)
#define TPM_DELEGATE_MakeIdentity (((UINT32)1)<<11)
@@ -1530,7 +1597,7 @@ typedef struct tdTPM_NV_DATA_PUBLIC #define TPM_DELEGATE_DAA_Sign (((UINT32)1)<<0)
//
-// Part 2, section 20.3: Key Permissions Settings for per1 bits
+// Part 2, section 20.2.3: Key Permissions Settings for per1 bits
//
#define TPM_KEY_DELEGATE_CMK_ConvertMigration (((UINT32)1)<<28)
#define TPM_KEY_DELEGATE_TickStampBlob (((UINT32)1)<<27)
@@ -1723,6 +1790,15 @@ typedef struct tdTPM_DELEGATE_KEY_BLOB #define TPM_CAP_PROP_INPUT_BUFFER ((TPM_CAPABILITY_AREA) 0x00000124)
//
+// Part 2, section 21.4: TPM_CAPABILITY_AREA for SetCapability
+//
+#define TPM_SET_PERM_FLAGS ((TPM_CAPABILITY_AREA) 0x00000001)
+#define TPM_SET_PERM_DATA ((TPM_CAPABILITY_AREA) 0x00000002)
+#define TPM_SET_STCLEAR_FLAGS ((TPM_CAPABILITY_AREA) 0x00000003)
+#define TPM_SET_STCLEAR_DATA ((TPM_CAPABILITY_AREA) 0x00000004)
+#define TPM_SET_STANY_FLAGS ((TPM_CAPABILITY_AREA) 0x00000005)
+#define TPM_SET_STANY_DATA ((TPM_CAPABILITY_AREA) 0x00000006)
+
// Part 2, section 21.6: TPM_CAP_VERSION_INFO
// [size_is(vendorSpecificSize)] BYTE* vendorSpecific;
//
@@ -1737,6 +1813,50 @@ typedef struct tdTPM_CAP_VERSION_INFO { } TPM_CAP_VERSION_INFO;
//
+// Part 2, section 21.10: TPM_DA_ACTION_TYPE
+//
+typedef struct tdTPM_DA_ACTION_TYPE {
+ TPM_STRUCTURE_TAG tag;
+ UINT32 actions;
+} TPM_DA_ACTION_TYPE;
+
+#define TPM_DA_ACTION_FAILURE_MODE (((UINT32)1)<<3)
+#define TPM_DA_ACTION_DEACTIVATE (((UINT32)1)<<2)
+#define TPM_DA_ACTION_DISABLE (((UINT32)1)<<1)
+#define TPM_DA_ACTION_TIMEOUT (((UINT32)1)<<0)
+
+//
+// Part 2, section 21.7: TPM_DA_INFO
+//
+typedef struct tdTPM_DA_INFO {
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ UINT16 currentCount;
+ UINT16 thresholdCount;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 actionDependValue;
+ UINT32 vendorDataSize;
+ UINT8 *vendorData;
+} TPM_DA_INFO;
+
+//
+// Part 2, section 21.8: TPM_DA_INFO_LIMITED
+//
+typedef struct tdTPM_DA_INFO_LIMITED {
+ TPM_STRUCTURE_TAG tag;
+ TPM_DA_STATE state;
+ TPM_DA_ACTION_TYPE actionAtThreshold;
+ UINT32 vendorDataSize;
+ UINT8 *vendorData;
+} TPM_DA_INFO_LIMITED;
+
+//
+// Part 2, section 21.9: CAP_PROPERTY Subcap values for GetCapability
+//
+#define TPM_DA_STATE_INACTIVE ((UINT8)0x00)
+#define TPM_DA_STATE_ACTIVE ((UINT8)0x01)
+
+//
// Part 2, section 22: DAA Structures
//
|