From 1abfa4ce4835639c66ae82cc0d72cffcf3f28b6b Mon Sep 17 00:00:00 2001 From: "Yao, Jiewen" Date: Thu, 13 Aug 2015 08:24:17 +0000 Subject: Add TPM2 support defined in trusted computing group. TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated. 1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services. 2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP. 3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol. Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: "Yao, Jiewen" Reviewed-by: "Zhang, Chao B" git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/Include/Guid/Tcg2ConfigHii.h | 25 ++++++++++++ .../Include/Guid/Tcg2PhysicalPresenceData.h | 47 ++++++++++++++++++++++ SecurityPkg/Include/Guid/TcgEventHob.h | 9 ++++- 3 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 SecurityPkg/Include/Guid/Tcg2ConfigHii.h create mode 100644 SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h (limited to 'SecurityPkg/Include/Guid') diff --git a/SecurityPkg/Include/Guid/Tcg2ConfigHii.h b/SecurityPkg/Include/Guid/Tcg2ConfigHii.h new file mode 100644 index 0000000000..28e31e3475 --- /dev/null +++ b/SecurityPkg/Include/Guid/Tcg2ConfigHii.h @@ -0,0 +1,25 @@ +/** @file + GUIDs used as HII FormSet and HII Package list GUID in Tcg2Config driver. + +Copyright (c) 2015, Intel Corporation. All rights reserved.
+This program and the accompanying materials are licensed and made available under +the terms and conditions of the BSD License that accompanies this distribution. +The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php. + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TCG2_CONFIG_HII_GUID_H__ +#define __TCG2_CONFIG_HII_GUID_H__ + +#define TCG2_CONFIG_FORM_SET_GUID \ + { \ + 0x6339d487, 0x26ba, 0x424b, { 0x9a, 0x5d, 0x68, 0x7e, 0x25, 0xd7, 0x40, 0xbc } \ + } + +extern EFI_GUID gTcg2ConfigFormSetGuid; + +#endif diff --git a/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h b/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h new file mode 100644 index 0000000000..df43fd9c80 --- /dev/null +++ b/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h @@ -0,0 +1,47 @@ +/** @file + Define the variable data structures used for TCG2 physical presence. + The TPM2 request from firmware or OS is saved to variable. And it is + cleared after it is processed in the next boot cycle. The TPM2 response + is saved to variable. + +Copyright (c) 2015, Intel Corporation. All rights reserved.
+This program and the accompanying materials +are licensed and made available under the terms and conditions of the BSD License +which accompanies this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__ +#define __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__ + +#define EFI_TCG2_PHYSICAL_PRESENCE_DATA_GUID \ + { \ + 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9, 0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 } \ + } + +#define TCG2_PHYSICAL_PRESENCE_VARIABLE L"Tcg2PhysicalPresence" + +typedef struct { + UINT8 PPRequest; ///< Physical Presence request command. + UINT32 PPRequestParameter; ///< Physical Presence request Parameter. + UINT8 LastPPRequest; + UINT32 PPResponse; +} EFI_TCG2_PHYSICAL_PRESENCE; + +// +// This variable is used to save TCG2 Management Flags and corresponding operations. +// It should be protected from malicious software (e.g. Set it as read-only variable). +// +#define TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE L"Tcg2PhysicalPresenceFlags" +typedef struct { + UINT32 PPFlags; +} EFI_TCG2_PHYSICAL_PRESENCE_FLAGS; + +extern EFI_GUID gEfiTcg2PhysicalPresenceGuid; + +#endif + diff --git a/SecurityPkg/Include/Guid/TcgEventHob.h b/SecurityPkg/Include/Guid/TcgEventHob.h index c92ee8c029..1082807c36 100644 --- a/SecurityPkg/Include/Guid/TcgEventHob.h +++ b/SecurityPkg/Include/Guid/TcgEventHob.h @@ -1,5 +1,5 @@ /** @file - Defines the HOB GUID used to pass a TCG_PCR_EVENT from a TPM PEIM to + Defines the HOB GUID used to pass a TCG_PCR_EVENT or TCG_PCR_EVENT2 from a TPM PEIM to a TPM DXE Driver. A GUIDed HOB is generated for each measurement made in the PEI Phase. @@ -27,6 +27,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. extern EFI_GUID gTcgEventEntryHobGuid; +#define EFI_TCG_EVENT2_HOB_GUID \ + { \ + 0xd26c221e, 0x2430, 0x4c8a, { 0x91, 0x70, 0x3f, 0xcb, 0x45, 0x0, 0x41, 0x3f } \ + } + +extern EFI_GUID gTcgEvent2EntryHobGuid; + /// /// The Global ID of a GUIDed HOB used to record TPM device error. /// -- cgit v1.2.3