diff options
Diffstat (limited to 'Board/EM/FIT/Dxe')
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.c | 186 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.cif | 12 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.dxs | 71 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.h | 114 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.mak | 122 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardDxe.sdl | 95 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c | 350 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.cif | 11 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h | 276 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.mak | 46 | ||||
| -rw-r--r-- | Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl | 91 |
11 files changed, 1374 insertions, 0 deletions
diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.c b/Board/EM/FIT/Dxe/BootGuardDxe.c new file mode 100644 index 0000000..4c4ccb0 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.c @@ -0,0 +1,186 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.c 1 2/25/13 1:11a Bensonlai $ +// +// $Revision: 1 $ +// +// $Date: 2/25/13 1:11a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.c $ +// +// 1 2/25/13 1:11a Bensonlai +// [TAG] EIP114386 +// [Category] Spec Update +// [Severity] Important +// [Description] [SBY] Ultrabook for Shark Bay Platform - : Boot Guard +// for 4th Gen Intel Core Processor based on Mobile U-Processor Line - +// BIOS Writer's Guide - Rev 0.8.1 +// [Files] BootGuardDxe.cif +// BootGuardDxe.c +// BootGuardDxe.h +// BootGuardDxe.sdl +// BootGuardDxe.dxs +// BootGuardDxe.mak +// +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootGuardDxe.c +// +// Description: Chain of trust for Dxe +// +//<AMI_FHDR_END> +//********************************************************************** + +#include "BootGuardDxe.h" + +VOID +BootGuardDxeCallback ( + IN EFI_EVENT Event, + IN VOID *Context +) +{ + EFI_INPUT_KEY Key; + EFI_STATUS Status; + + gST->ConOut->ClearScreen (gST->ConOut); + + gST->ConOut->OutputString ( + gST->ConOut, + L"Anchor Cove verified DXE that is fail\n\r" + ); + + gST->ConOut->OutputString ( + gST->ConOut, + L"System will shutdown\n\r" + ); + + gST->ConOut->OutputString ( + gST->ConOut, + L"Press any key\n\r" + ); + + do { + Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key); + } while (Status != EFI_SUCCESS); + + gRT->ResetSystem (EfiResetShutdown, EFI_SUCCESS, 0, NULL); + EFI_DEADLOOP (); + + gBS->CloseEvent (Event); +} + +VOID +BootGuardDxeRegisterCallBack ( + VOID +) +{ + EFI_EVENT Event; + VOID *NotifyReg; + EFI_STATUS Status; + + Status = gBS->CreateEvent ( + EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + BootGuardDxeCallback, + NULL, + &Event + ); + + if ( EFI_ERROR(Status) ) { + ASSERT_EFI_ERROR (Status); + return; + } + + Status = gBS->RegisterProtocolNotify ( + &gNotifyProtocolGuid , + Event, + &NotifyReg + ); + + if ( EFI_ERROR(Status) ) { + ASSERT_EFI_ERROR (Status); + return; + } + + return; +} + +EFI_STATUS +BootGuardDxeEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable +) +{ + EFI_GUID AmiBootGuardHobGuid = AMI_ANCHOR_COVE_HOB_GUID; + AMI_ANCHOR_COVE_HOB *AmiBootGuardHobPtr; + PCH_SERIES PchSeries = GetPchSeries(); + EFI_BOOT_MODE BootMode; + EFI_PEI_HOB_POINTERS HobList; + + if ( PchSeries != PchLp ) { + return EFI_SUCCESS; + } + + if ( IsBootGuardSupported() == FALSE ) { + return EFI_SUCCESS; + } + + DEBUG ((EFI_D_INFO, "[BootGuardDxe.c] : Entry Point...\n")); + + // + // Check Boot Type + // + EfiGetSystemConfigurationTable (&gEfiHobListGuid, (VOID **) &HobList.Raw); + if (HobList.Header->HobType != EFI_HOB_TYPE_HANDOFF) { + DEBUG ((EFI_D_ERROR, "[BootGuardDxe.c] : Get HOB fail\n")); + return EFI_SUCCESS; + } + + BootMode = HobList.HandoffInformationTable->BootMode; + if ( BootMode == BOOT_IN_RECOVERY_MODE ) { + DEBUG ((EFI_D_ERROR, "[BootGuardDxe.c] : In the BOOT_IN_RECOVERY_MODE\n")); + return EFI_SUCCESS; + } + + AmiBootGuardHobPtr = GetFirstGuidHob (&AmiBootGuardHobGuid); + if (AmiBootGuardHobPtr == NULL) { + DEBUG ((EFI_D_ERROR, "[BootGuardDxe.c] : AmiBootGuard DXE Hob not available\n")); + return EFI_NOT_FOUND; + } + + if ( AmiBootGuardHobPtr->AmiBootGuardVerificationforPEItoDXEFlag == 0 ) { + BootGuardDxeRegisterCallBack(); + } + + DEBUG ((EFI_D_INFO, "[BootGuardDxe.c] : Entry End...\n")); + + return EFI_SUCCESS; +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.cif b/Board/EM/FIT/Dxe/BootGuardDxe.cif new file mode 100644 index 0000000..ea40b8e --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.cif @@ -0,0 +1,12 @@ +<component> + name = "BootGuardDxe" + category = ModulePart + LocalRoot = "Board\EM\FIT\Dxe" + RefName = "BootGuardDxe" +[files] +"BootGuardDxe.c" +"BootGuardDxe.h" +"BootGuardDxe.sdl" +"BootGuardDxe.dxs" +"BootGuardDxe.mak" +<endComponent> diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.dxs b/Board/EM/FIT/Dxe/BootGuardDxe.dxs new file mode 100644 index 0000000..2034306 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.dxs @@ -0,0 +1,71 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.dxs 1 2/25/13 1:11a Bensonlai $ +// +// $Revision: 1 $ +// +// $Date: 2/25/13 1:11a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.dxs $ +// +// 1 2/25/13 1:11a Bensonlai +// [TAG] EIP114386 +// [Category] Spec Update +// [Severity] Important +// [Description] [SBY] Ultrabook for Shark Bay Platform - : Boot Guard +// for 4th Gen Intel Core Processor based on Mobile U-Processor Line - +// BIOS Writer's Guide - Rev 0.8.1 +// [Files] BootGuardDxe.cif +// BootGuardDxe.c +// BootGuardDxe.h +// BootGuardDxe.sdl +// BootGuardDxe.dxs +// BootGuardDxe.mak +// +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootGuardDxe.dxs +// +// Description: Dependency expression file for BootGuardDxe Driver. +// +//<AMI_FHDR_END> +//********************************************************************** + +#include "AutoGen.h" +#include "DxeDepex.h" +#if defined (BUILD_WITH_GLUELIB) || defined (BUILD_WITH_EDKII_GLUE_LIB) +#include "EfiDepex.h" +#include EFI_ARCH_PROTOCOL_DEFINITION (Variable) +#endif + +DEPENDENCY_START + EFI_VARIABLE_ARCH_PROTOCOL_GUID +DEPENDENCY_END + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.h b/Board/EM/FIT/Dxe/BootGuardDxe.h new file mode 100644 index 0000000..a5d49a7 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.h @@ -0,0 +1,114 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.h 2 3/07/13 5:41a Bensonlai $ +// +// $Revision: 2 $ +// +// $Date: 3/07/13 5:41a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.h $ +// +// 2 3/07/13 5:41a Bensonlai +// [TAG] EIP117307 +// [Category] Improvement +// [Description] [Boot Guard] Implementation of speed up the post time +// for Chain of Trust +// [Files] BootGuardDxe.h, BootGuardPei.c, BootGuardPei.h, +// BpmKmGen.exe, ReserveBootGuardFvMainHashKey.bin +// +// 1 2/25/13 1:11a Bensonlai +// [TAG] EIP114386 +// [Category] Spec Update +// [Severity] Important +// [Description] [SBY] Ultrabook for Shark Bay Platform - : Boot Guard +// for 4th Gen Intel Core Processor based on Mobile U-Processor Line - +// BIOS Writer's Guide - Rev 0.8.1 +// [Files] BootGuardDxe.cif +// BootGuardDxe.c +// BootGuardDxe.h +// BootGuardDxe.sdl +// BootGuardDxe.dxs +// BootGuardDxe.mak +// +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootGuardDxe.h +// +// Description: Header file for BootGuardDxe +// +//<AMI_FHDR_END> +//********************************************************************** + +#ifndef _BootGuardDxe_H_ +#define _BootGuardDxe_H_ + +#if !defined(EDK_RELEASE_VERSION) || (EDK_RELEASE_VERSION < 0x00020000) +#include "EdkIIGlueDxe.h" +#include "CpuAccess.h" +#include "PchAccess.h" +#include "PchPlatformLib.h" +#include "BootGuardLibrary.h" +#include <token.h> +#endif + +#define BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID \ + { 0xdbc9fd21, 0xfad8, 0x45b0, 0x9e, 0x78, 0x27, 0x15, 0x88, 0x67, 0xcc, 0x93 } + +EFI_GUID gNotifyProtocolGuid = BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID; + +// +// GUID for the AMI_ANCHOR_COVE Module +// +#if !defined(EDK_RELEASE_VERSION) || (EDK_RELEASE_VERSION < 0x00020000) +#define AMI_ANCHOR_COVE_HOB_GUID \ + { \ + 0xb60ab175, 0x498d, 0x429d, 0xad, 0xba, 0xa, 0x62, 0x2c, 0x58, 0x16, 0xe2 \ + } +#else +#define AMI_ANCHOR_COVE_HOB_GUID \ + { \ + 0xb60ab175, 0x498d, 0x429d, \ + { \ + 0xad, 0xba, 0xa, 0x62, 0x2c, 0x58, 0x16, 0xe2 \ + } \ + } +#endif + +#pragma pack (1) + +typedef struct { + EFI_HOB_GUID_TYPE EfiHobGuidType; + UINT8 AmiBootGuardVerificationforPEItoDXEFlag; +} AMI_ANCHOR_COVE_HOB; + +#pragma pack () + +#endif + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.mak b/Board/EM/FIT/Dxe/BootGuardDxe.mak new file mode 100644 index 0000000..72c3c26 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.mak @@ -0,0 +1,122 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.mak 1 2/25/13 1:11a Bensonlai $ +# +# $Revision: 1 $ +# +# $Date: 2/25/13 1:11a $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.mak $ +# +# 1 2/25/13 1:11a Bensonlai +# [TAG] EIP114386 +# [Category] Spec Update +# [Severity] Important +# [Description] [SBY] Ultrabook for Shark Bay Platform - : Boot Guard +# for 4th Gen Intel Core Processor based on Mobile U-Processor Line - +# BIOS Writer's Guide - Rev 0.8.1 +# [Files] BootGuardDxe.cif +# BootGuardDxe.c +# BootGuardDxe.h +# BootGuardDxe.sdl +# BootGuardDxe.dxs +# BootGuardDxe.mak +# +#********************************************************************** +#<AMI_FHDR_START> +# +# Name: BootGuardDxe.mak +# +# Description: Make file for BootGuardDxe +# +#<AMI_FHDR_END> +#********************************************************************** + +all : BootGuardDxe + +BootGuardDxe : $(BUILD_DIR)\BootGuardDxe.mak BootGuardDxe_Bin + +$(BUILD_DIR)\BootGuardDxe.mak : $(BOOT_GUARD_DXE_PATH)\$(@B).cif $(BOOT_GUARD_DXE_PATH)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(BOOT_GUARD_DXE_PATH)\$(@B).cif $(CIF2MAK_DEFAULTS) + +BootGuardDxe_INCLUDES=\ + $(EdkIIGlueLib_INCLUDES)\ + $(EDK_INCLUDES)\ + $(INTEL_PCH_INCLUDES)\ + $(PROJECT_CPU_INCLUDES)\ + +BootGuardDxe_LIBS=\ + $(EDKPROTOCOLLIB)\ + $(EFIGUIDLIB)\ + $(EdkIIGlueBaseLib_LIB)\ +!IF "$(x64_BUILD)"=="1" + $(EdkIIGlueBaseLibX64_LIB)\ +!ELSE + $(EdkIIGlueBaseLibIA32_LIB)\ +!ENDIF + $(EDKFRAMEWORKGUIDLIB)\ + $(EDKFRAMEWORKPROTOCOLLIB)\ + $(EdkIIGlueBaseIoLibIntrinsic_LIB)\ + $(EdkIIGlueBaseMemoryLib_LIB)\ + $(EdkIIGlueDxeReportStatusCodeLib_LIB)\ + $(EdkIIGlueDxeServicesTableLib_LIB)\ + $(EdkIIGlueDxeDebugLibReportStatusCode_LIB)\ + $(EdkIIGlueUefiBootServicesTableLib_LIB)\ + $(EdkIIGlueUefiDevicePathLib_LIB)\ + $(EdkIIGlueBasePciLibPciExpress_LIB)\ + $(EdkIIGlueEdkDxeRuntimeDriverLib_LIB)\ + $(EdkIIGlueDxeHobLib_LIB)\ + $(PchPlatformDxeLib_LIB)\ + $(CpuPlatformLib_LIB)\ + $(BootGuardLib_LIB)\ + +BootGuardDxe_DEFINES=\ + $(MY_DEFINES)\ + /D"__EDKII_GLUE_MODULE_ENTRY_POINT__=BootGuardDxeEntryPoint"\ + /D __EDKII_GLUE_BASE_MEMORY_LIB__ \ + /D __EDKII_GLUE_DXE_REPORT_STATUS_CODE_LIB__ \ + /D __EDKII_GLUE_DXE_DEBUG_LIB_REPORT_STATUS_CODE__ \ + /D __EDKII_GLUE_UEFI_BOOT_SERVICES_TABLE_LIB__\ + /D __EDKII_GLUE_BASE_IO_LIB_INTRINSIC__ \ + /D __EDKII_GLUE_DXE_SERVICES_TABLE_LIB__ \ + /D __EDKII_GLUE_DXE_HOB_LIB__ \ + +BootGuardDxe_Bin : $(BootGuardDxe_LIBS) + $(MAKE) /$(MAKEFLAGS) $(EDKIIGLUE_DEFAULTS)\ + /f $(BUILD_DIR)\BootGuardDxe.mak all\ + "MY_INCLUDES=$(BootGuardDxe_INCLUDES)"\ + "MY_DEFINES=$(BootGuardDxe_DEFINES)"\ + GUID=1DB43EC9-DF5F-4cf5-AAF0-0E85DB4E149A \ + ENTRY_POINT=_ModuleEntryPoint \ + EDKIIModule=DXEDRIVER\ + TYPE=BS_DRIVER \ + DEPEX1=$(BOOT_GUARD_DXE_PATH)\BootGuardDxe.dxs \ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX \ + COMPRESS=1\ + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/FIT/Dxe/BootGuardDxe.sdl b/Board/EM/FIT/Dxe/BootGuardDxe.sdl new file mode 100644 index 0000000..10527a0 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardDxe.sdl @@ -0,0 +1,95 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.sdl 2 3/06/13 2:54a Bensonlai $ +# +# $Revision: 2 $ +# +# $Date: 3/06/13 2:54a $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardDxe.sdl $ +# +# 2 3/06/13 2:54a Bensonlai +# [TAG] EIP116907 +# [Category] Improvement +# [Description] BpmKmGen.exe generates KM / BPM tables and +# BootGuardFvMainHash key separately +# [Files] BpmKmGen.exe, Fit.sdl, Fit.mak, BootGuardPei.sdl, +# BootGuardDxe.sdl +# +# 1 2/25/13 1:11a Bensonlai +# [TAG] EIP114386 +# [Category] Spec Update +# [Severity] Important +# [Description] [SBY] Ultrabook for Shark Bay Platform - : Boot Guard +# for 4th Gen Intel Core Processor based on Mobile U-Processor Line - +# BIOS Writer's Guide - Rev 0.8.1 +# [Files] BootGuardDxe.cif +# BootGuardDxe.c +# BootGuardDxe.h +# BootGuardDxe.sdl +# BootGuardDxe.dxs +# BootGuardDxe.mak +# +#********************************************************************** +#<AMI_FHDR_START> +# +# Name: BootGuardDxe.sdl +# +# Description: SDL file for BootGuardDxe +# +#<AMI_FHDR_END> +#********************************************************************** + +TOKEN + Name = "BOOT_GUARD_DXE_SUPPORT" + Value = "1" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes + Master = Yes + Help = "Main switch to enable BootGuardDxe support in Project" + Token = "INTEL_BOOT_GUARD_CHAIN_OF_TRUST_SUPPORT" "=" "1" +End + +MODULE + File = "BootGuardDxe.mak" + Help = "Includes BootGuardDxe.mak to Project" +End + +PATH + Name = "BOOT_GUARD_DXE_PATH" +End + +ELINK + Name = "$(BUILD_DIR)\BootGuardDxe.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c new file mode 100644 index 0000000..16a317b --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c @@ -0,0 +1,350 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c 2 10/29/13 5:15a Bensonlai $ +// +// $Revision: 2 $ +// +// $Date: 10/29/13 5:15a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.c $ +// +// 2 10/29/13 5:15a Bensonlai +// [TAG] EIPNone +// [Category] Bug Fix +// [Severity] Important +// [Symptom] Build error when enable the DEBUG mode. +// +// 1 9/06/13 6:17a Bensonlai +// [TAG] EIP135513 +// [Category] New Feature +// [Description] Implementation of Boot Guard of PTT flow for WHCK test. +// [Files] BootGuardTPM2Dxe.cif +// BootGuardTPM2Dxe.c +// BootGuardTPM2Dxe.h +// BootGuardTPM2Dxe.sdl +// BootGuardTPM2Dxe.mak +// +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootGuardTPM2Dxe.c +// +// Description: TPM2 Initialization Flow for Boot Guard +// +//<AMI_FHDR_END> +//********************************************************************** + +#include <Efi.h> +#include <Pei.h> +#include "BootGuardTPM2Dxe.h" +#include <token.h> +#include "CpuRegs.h" +#include <AmiDxeLib.h> +#include "Include\Library\Tpm20.h" +#include <Protocol\TcgService\TcgService.h> + +UINT32 +EFIAPI +AsmReadMsr32 ( + IN UINT32 Index +); + +#define DEBUG(arg) + +VOID * +EFIAPI +GlueCopyMem ( + OUT VOID *DestinationBuffer, + IN CONST VOID *SourceBuffer, + IN UINTN Length +); + +VOID * +EFIAPI +GlueZeroMem ( + OUT VOID *Buffer, + IN UINTN Length +); + +VOID * +EFIAPI +GlueAllocatePool ( + IN UINTN AllocationSize +); + +#define CopyMem(_DESTINATIONBUFFER, _SOURCEBUFFER, _LENGTH) GlueCopyMem(_DESTINATIONBUFFER, _SOURCEBUFFER, _LENGTH) +#define ZeroMem(_BUFFER, _LENGTH) GlueZeroMem(_BUFFER, _LENGTH) +#define AllocatePool(_SIZE) GlueAllocatePool(_SIZE) + +#pragma pack(push, 1) + +typedef union { + UINT8 sha1[SHA1_DIGEST_SIZE]; + UINT8 sha256[SHA256_DIGEST_SIZE]; +} TPM_COMM_DIGEST_UNION; + +typedef struct { + UINT16 HashAlgId; + TPM_COMM_DIGEST_UNION Digest; +} TPM_COMM_DIGEST; + +#pragma pack(pop) + +EFI_STATUS +Tpm20Hash( + IN CONST UINT8 *DataToHash, + IN UINTN DataSize, + OUT TPM_COMM_DIGEST *Digest +); + +EFI_STATUS +TpmDxeLogEventI( + IN VOID *NewEventHdr, + IN UINT8 *NewEventData +); + +#define ACM_STATUS (*(UINT32*)0xFED30328) + +EFI_STATUS LogDetailPCREvent( + VOID +) +{ + UINT8 FoundACM = 0, FoundKM = 0, FoundBPM = 0; + UINT32 u32HashLen = 0; + UINT8 byteEventBuf[0x200]; + TCG_PCR_EVENT *TcgEvent = (TCG_PCR_EVENT*)&byteEventBuf[0]; + UINT32 EventNum = 0, FitEntryPointer = 0, FitEntryNumber = 0, i = 0; + UINTN Len; + CHAR8 DetailPCRStr[] = "Boot Guard Measured S-CRTM"; + EFI_STATUS Status = EFI_SUCCESS; + BOOT_POLICY *BP = NULL; + FIT_ENTRY *FitEntry = NULL; + KEY_MANIFEST_STRAUCTURE *KmStructure = NULL; + BpmStruct *BpmStructure = NULL; + + ZeroMem( + byteEventBuf, + sizeof(byteEventBuf) + ); + + Len = sizeof(DetailPCRStr)+1; + + TcgEvent->PCRIndex = 0; + TcgEvent->EventType = EV_S_CRTM_VERSION; + TcgEvent->EventSize = (UINT32)Len; + + DEBUG((-1, "[BootGuardTPM2Dxe.c] : Enter LogDetailPCREvent(...)\n")); + + GlueCopyMem( + TcgEvent->Event, + DetailPCRStr, + Len + ); + + // On page 44. + // The pHashData must be the format . + // SHA-1 { + // 1) One byte containing the lower 8 bit of the BP.RSTR + // 2) One byte contain the lower 8 bits of BP.TYPE + // .... + // 7) Digest of Hashed IBB Segments(s) + + BP = AllocatePool( sizeof (BOOT_POLICY)); + if ( NULL == BP ) { + return EFI_OUT_OF_RESOURCES; + } + + DEBUG(( -1, "MSR[0x%x]:[%08x]\n", MSR_BOOT_GUARD_SACM_INFO, AsmReadMsr32 (MSR_BOOT_GUARD_SACM_INFO) )); + DEBUG(( -1, "ACM_STATUS:[%08x]\n", ACM_STATUS )); + + BP->RSTR0 = (AsmReadMsr32 (MSR_BOOT_GUARD_SACM_INFO) & BIT4) ? 1 : 0; + BP->RSTR1 = (ACM_STATUS & BIT21) ? 1 : 0; + BP->RSTR2 = (ACM_STATUS & BIT22) ? 1 : 0; + BP->RSTR3 = (ACM_STATUS & BIT23) ? 1 : 0; + BP->RSTR4 = (ACM_STATUS & BIT24) ? 1 : 0; + BP->RSTR5 = 0; + BP->RSTR6 = 0; + BP->RSTR7 = 0; + + BP->TYPE0 = (AsmReadMsr32 (MSR_BOOT_GUARD_SACM_INFO) & BIT5) ? 1 : 0; + BP->TYPE1 = (AsmReadMsr32 (MSR_BOOT_GUARD_SACM_INFO) & BIT6) ? 1 : 0; + BP->TYPE2 = (ACM_STATUS & BIT20) ? 1 : 0; + BP->TYPE3 = 0; + BP->TYPE4 = 0; + BP->TYPE5 = 0; + BP->TYPE6 = 0; + BP->TYPE7 = 0; + + BP->ACM_SVN = ACMSVN; + { + FitEntryPointer = MmioRead32(IBB_ENTRYPOINT_M); + if ( FitEntryPointer == 0xFFFFFFFF ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] : FitEntryPointer(%lx) is empty\n", FitEntryPointer)); + } + + FitEntry = (FIT_ENTRY*)FitEntryPointer; + if ( FitEntry->TblAddress != EFI_SIGNATURE_64 ('_', 'F', 'I', 'T', '_', ' ', ' ', ' ') ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] : [Type 0] FitEntry->TblAddress(%lx) is error\n", FitEntry->TblAddress)); + } + + FitEntryNumber = FitEntry->TblSIZE; + + FoundACM = 0; + for(i=1; i<FitEntryNumber; i++) { + FitEntry = (FIT_ENTRY*)(FitEntryPointer + i*16); + if ( FitEntry->TblType == 0x02 ) { // FIT type 0x02 - Anc ACM location + FoundACM =1; + break; + } + } + + if ( FoundACM == 0 ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] : Can't find the Boot Guard ACM")); + } + + DEBUG((-1, "\n[BootGuardTPM2Dxe.c] : BP->ACM_Signature \n")); + + for ( i=0; i<256; i++ ) { + if (i % 16 == 0) DEBUG((-1, "\n")); + BP->ACM_Signature[i] = MmioRead8( FitEntry->TblAddress + 0x184 + i ); + DEBUG((-1, "%02x ", BP->ACM_Signature[i])); + } + + DEBUG((-1, "\n")); + + FoundKM = 0; + for(i=1; i<FitEntryNumber; i++) { + FitEntry = (FIT_ENTRY*)(FitEntryPointer + i*16); + if ( FitEntry->TblType == 0x0B ) { // FIT Type 0x0B - Key Manifest + FoundKM =1; + break; + } + } + + if ( FoundKM == 0 ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] : Can't find the Boot Guard KM")); + } + + KmStructure = (KEY_MANIFEST_STRAUCTURE*)FitEntry->TblAddress; + DEBUG((-1, "\nKmStructure:\n")); + + for ( i=0; i<256; i++ ) { + if (i % 16 == 0) DEBUG((-1, "\n")); + BP->Key_Manifest_Signature[i] = KmStructure->KeyManifestSignature.Signature.Signature[i]; + DEBUG((-1, "%02x ", BP->Key_Manifest_Signature[i])); + } + + DEBUG((-1, "\n")); + + FoundBPM = 0; + for(i=1; i<FitEntryNumber; i++) { + FitEntry = (FIT_ENTRY*)(FitEntryPointer + i*16); + if ( FitEntry->TblType == 0x0C ) { // FIT type 0x0C - Boot Policy Manifest + FoundBPM =1; + break; + } + } + + if ( FoundBPM == 0 ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] :Can't find the Boot Guard BPM")); + } + + BpmStructure = (BpmStruct*)FitEntry->TblAddress; + DEBUG((-1, "\nBpmStructure:\n")); + + for ( i=0; i<256; i++ ) { + if (i % 16 == 0) DEBUG((-1, "\n")); + BP->Boot_Policy_Manifest_Signature[i] = BpmStructure->Bpm_Signature_Element.KeySignature.Signature.Signature[i]; + DEBUG((-1, "%02x ", BP->Boot_Policy_Manifest_Signature[i])); + } + + DEBUG((-1, "\n\nBpmStructure->Digest_of_Hashed_IBB_Segment:\n\n")); + + for ( i=0; i<32; i++ ) { + if (i % 16 == 0) DEBUG((-1, "\n")); + BP->Digest_of_Hashed_IBB_Segment[i] = BpmStructure->Ibb_Element.Digest.HashBuffer[i]; + DEBUG((-1, "%02x ", BP->Digest_of_Hashed_IBB_Segment[i])); + } + + DEBUG((-1, "\n")); + } + + { + TPM_COMM_DIGEST Digest; + + u32HashLen = sizeof (BOOT_POLICY); + Tpm20Hash( (UINT8*)BP, u32HashLen, &Digest ); + CopyMem(&TcgEvent->Digest, &Digest.Digest.sha1, SHA1_DIGEST_SIZE); + } + Status = TpmDxeLogEventI ( + (VOID*)TcgEvent, + &TcgEvent->Event[0]); + + return Status; +} + +EFI_STATUS ACM_PostSuccess( + VOID +) +{ + UINT32 MsrValue; + + MsrValue = (UINT32) AsmReadMsr32 (MSR_BOOT_GUARD_SACM_INFO); + if ( ((MsrValue & B_NEM_INIT) == B_NEM_INIT) && + ((MsrValue & B_MEASURED) == B_MEASURED) && + ((MsrValue & V_TPM_PRESENT_PTT) == V_TPM_PRESENT_PTT) && + ((MsrValue & B_TPM_SUCCESS) == B_TPM_SUCCESS) ) { + DEBUG((-1, "[BootGuardTPM2Dxe.c] : ACM_PostSuccess(...) : EFI_SUCCESS\n")); + return EFI_SUCCESS; + } + + DEBUG((-1, "[BootGuardTPM2Dxe.c] : ACM_PostSuccess(...) : EFI_UNSUPPORTED\n")); + return EFI_UNSUPPORTED; +} + +EFI_STATUS +BootGuardMeasureCRTMVersion( + VOID ) +{ + EFI_STATUS Status; + DEBUG((-1, "[BootGuardTPM2Dxe.c] : Enter BootGuardMeasureCRTMVersion(...)\n")); + + Status = ACM_PostSuccess( ); + if( !EFI_ERROR(Status) ) + { + Status = LogDetailPCREvent(); + } + + DEBUG((-1, "[BootGuardTPM2Dxe.c] : End of BootGuardMeasureCRTMVersion\n")); + + return EFI_SUCCESS; +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.cif b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.cif new file mode 100644 index 0000000..704be62 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.cif @@ -0,0 +1,11 @@ +<component> + name = "BootGuardTPM2Dxe" + category = ModulePart + LocalRoot = "Board\EM\FIT\Dxe\BootGuardTPM2Dxe" + RefName = "BootGuardTPM2Dxe" +[files] +"BootGuardTPM2Dxe.c" +"BootGuardTPM2Dxe.h" +"BootGuardTPM2Dxe.sdl" +"BootGuardTPM2Dxe.mak" +<endComponent> diff --git a/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h new file mode 100644 index 0000000..7ab934a --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h @@ -0,0 +1,276 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h 1 9/06/13 6:17a Bensonlai $ +// +// $Revision: 1 $ +// +// $Date: 9/06/13 6:17a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.h $ +// +// 1 9/06/13 6:17a Bensonlai +// [TAG] EIP135513 +// [Category] New Feature +// [Description] Implementation of Boot Guard of PTT flow for WHCK test. +// [Files] BootGuardTPM2Dxe.cif +// BootGuardTPM2Dxe.c +// BootGuardTPM2Dxe.h +// BootGuardTPM2Dxe.sdl +// BootGuardTPM2Dxe.mak +// +//********************************************************************** +//<AMI_FHDR_START> +// +// Name: BootGuardTPM2Dxe.c +// +// Description: TPM2 Initialization Flow for Boot Guard +// +//<AMI_FHDR_END> +//********************************************************************** + +#ifndef _BOOT_GUARD_TPM2_H_ +#define _BOOT_GUARD_TPM2_H_ + +#ifndef _EFI_MMIO_ACCESS_H_ +#define _EFI_MMIO_ACCESS_H_ + +#define MmioAddress(BaseAddr, Register) \ + ( (UINTN)BaseAddr + (UINTN)(Register) ) + +// 32-bit +#define Mmio32Ptr(BaseAddr, Register) \ + ( (volatile UINT32 *)MmioAddress(BaseAddr, Register) ) + +#define Mmio32(BaseAddr, Register) \ + *Mmio32Ptr(BaseAddr, Register) + +#define MmioRead32(Addr) \ + Mmio32(Addr, 0) + +#define MmioWrite32(Addr, Value) \ + (Mmio32(Addr, 0) = (UINT32)Value) + +#define MmioRW32(Addr, set, reset) \ + (Mmio32(Addr, 0) = ((Mmio32(Addr, 0) & (UINT32)~(reset)) | (UINT32)set)) + +// 16-bit +#define Mmio16Ptr(BaseAddr, Register) \ + ( (volatile UINT16 *)MmioAddress(BaseAddr, Register) ) + +#define Mmio16(BaseAddr, Register) \ + *Mmio16Ptr(BaseAddr, Register) + +#define MmioRead16(Addr) \ + Mmio16(Addr, 0) + +#define MmioWrite16(Addr, Value) \ + (Mmio16(Addr, 0) = (UINT16)Value) + +#define MmioRW16(Addr, set, reset) \ + (Mmio16(Addr, 0) = ((Mmio16(Addr, 0) & (UINT16)~(reset)) | (UINT16)set)) + +// 8-bit +#define Mmio8Ptr(BaseAddr, Register) \ + ( (volatile UINT8 *)MmioAddress(BaseAddr, Register) ) + +#define Mmio8(BaseAddr, Register) \ + *Mmio8Ptr(BaseAddr, Register) + +#define MmioRead8(Addr) \ + Mmio8(Addr, 0) + +#define MmioWrite8(Addr, Value) \ + (Mmio8(Addr, 0) = (UINT8)Value) + +#define MmioRW8(Addr, set, reset) \ + (Mmio8(Addr, 0) = ((Mmio8(Addr, 0) & (UINT8)~(reset)) | (UINT8)set)) + +#endif + +// +// Define macros to build data structure signatures from characters. +// +#define EFI_SIGNATURE_16(A, B) ((A) | (B << 8)) +#define EFI_SIGNATURE_32(A, B, C, D) (EFI_SIGNATURE_16 (A, B) | (EFI_SIGNATURE_16 (C, D) << 16)) +#define EFI_SIGNATURE_64(A, B, C, D, E, F, G, H) \ + (EFI_SIGNATURE_32 (A, B, C, D) | ((UINT64) (EFI_SIGNATURE_32 (E, F, G, H)) << 32)) + +#define IBB_ENTRYPOINT_M 0xFFFFFFC0 + +#pragma pack(1) + +typedef struct _BOOT_POLICY +{ + UINT8 RSTR0:1; + UINT8 RSTR1:1; + UINT8 RSTR2:1; + UINT8 RSTR3:1; + UINT8 RSTR4:1; + UINT8 RSTR5:1; + UINT8 RSTR6:1; + UINT8 RSTR7:1; + UINT8 TYPE0:1; + UINT8 TYPE1:1; + UINT8 TYPE2:1; + UINT8 TYPE3:1; + UINT8 TYPE4:1; + UINT8 TYPE5:1; + UINT8 TYPE6:1; + UINT8 TYPE7:1; + UINT16 ACM_SVN; + UINT8 ACM_Signature[256]; + UINT8 Key_Manifest_Signature[256]; + UINT8 Boot_Policy_Manifest_Signature[256]; + UINT8 Digest_of_Hashed_IBB_Segment[32]; +} BOOT_POLICY; + +typedef struct _FIT_ENTRY +{ + UINT64 TblAddress; + UINT32 TblSIZE; + UINT16 TblVer; + UINT8 TblType; + UINT8 TblChkSum; +} FIT_ENTRY; + +// +// Manifest definition +// +#define TPM_ALG_SHA1 0x4 +#define TPM_ALG_SHA256 0xB +#define SHA1_DIGEST_SIZE 20 +#define SHA256_DIGEST_SIZE 32 + +typedef struct { + UINT16 HashAlg; + UINT16 Size; + UINT8 HashBuffer[SHA256_DIGEST_SIZE]; +} HASH_STRUCTURE; + +#define RSA_PUBLIC_KEY_STRUCT_KEY_SIZE_DEFAULT 2048 +#define RSA_PUBLIC_KEY_STRUCT_KEY_LEN_DEFAULT (RSA_PUBLIC_KEY_STRUCT_KEY_SIZE_DEFAULT/8) +#define RSA_PUBLIC_KEY_STRUCT_KEY_EXPONENT_DEFAULT 0x10001 // NOT 0x10001 +typedef struct { + UINT8 Version; + UINT16 KeySize; + UINT32 Exponent; + UINT8 Modulus[RSA_PUBLIC_KEY_STRUCT_KEY_LEN_DEFAULT]; +} RSA_PUBLIC_KEY_STRUCT; + +#define RSASSA_SIGNATURE_STRUCT_KEY_SIZE_DEFAULT 2048 +#define RSASSA_SIGNATURE_STRUCT_KEY_LEN_DEFAULT (RSASSA_SIGNATURE_STRUCT_KEY_SIZE_DEFAULT/8) +typedef struct { + UINT8 Version; + UINT16 KeySize; + UINT16 HashAlg; + UINT8 Signature[RSASSA_SIGNATURE_STRUCT_KEY_LEN_DEFAULT]; +} RSASSA_SIGNATURE_STRUCT; + +typedef struct { + UINT8 Version; + UINT16 KeyAlg; + RSA_PUBLIC_KEY_STRUCT Key; + UINT16 SigScheme; + RSASSA_SIGNATURE_STRUCT Signature; +} KEY_SIGNATURE_STRUCT; + +typedef struct { + UINT8 StructureID[8]; + UINT8 StructVersion; + UINT8 HdrStructVersion; + UINT8 PMBPMVersion; + UINT8 BPSVN_BPM; + UINT8 ACMSVN_BPM; + UINT8 Reserved; + UINT16 NEMDataStack; +} BOOT_POLICY_MANIFEST_HEADER; + +typedef struct { + UINT16 Reserved; + UINT16 Flags; + UINT32 Base; + UINT32 Size; +} IBB_SEGMENT_ELEMENT; + +typedef struct { + UINT8 StructureID[8]; + UINT8 StructVersion; + UINT8 SetNumber; + UINT8 Reserved; + UINT8 PBETValue; + UINT32 Flags; + UINT64 IBB_MCHBAR; + UINT64 VTD_BAR; + UINT32 PMRL_Base; + UINT32 PMRL_Limit; + UINT64 PMRH_Base; + UINT64 PMRH_Limit; + HASH_STRUCTURE PostIbbHash; + UINT32 EntryPoint; + HASH_STRUCTURE Digest; + UINT8 SegmentCount; // 1 ~ 8 + IBB_SEGMENT_ELEMENT IBBSegment[1]; +} IBB_ELEMENT; + +typedef struct { + UINT8 StructureID[8]; + UINT8 StructVersion; + UINT16 PMDataSize; +//UINT8 PMData[PMDataSize]; +} PLATFORM_MANUFACTURER_ELEMENT; + +typedef struct { + UINT8 StructureID[8]; + UINT8 StructVersion; + KEY_SIGNATURE_STRUCT KeySignature; +} BOOT_POLICY_MANIFEST_SIGNATURE_ELEMENT; + +typedef struct { + BOOT_POLICY_MANIFEST_HEADER Bpm_Header; + IBB_ELEMENT Ibb_Element; + //PLATFORM_MANUFACTURER_ELEMENT Platform_Manufacture_Element; + BOOT_POLICY_MANIFEST_SIGNATURE_ELEMENT Bpm_Signature_Element; +} BpmStruct; + +typedef struct { + UINT8 StructureID[8]; + UINT8 StructVersion; + UINT8 KeyManifestVersion; + UINT8 KMSVN; + UINT8 KeyManifestID; + HASH_STRUCTURE BPKey; + KEY_SIGNATURE_STRUCT KeyManifestSignature; +} KEY_MANIFEST_STRAUCTURE; + +#pragma pack() + +#endif + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.mak b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.mak new file mode 100644 index 0000000..74259e1 --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.mak @@ -0,0 +1,46 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 6145-F Northbelt Pkwy, Norcross, GA 30071 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** + +#********************************************************************** +#<AMI_FHDR_START> +# +# Name: BootGuardTPM2Dxe.mak +# +# Description: TPM2 Initialization Flow for Boot Guard +# +#<AMI_FHDR_END> +#********************************************************************** + +TpmDrvBin : $(BUILD_DIR)\BootGuardTPM2Dxe.obj + +TPM2_INCLUDE=\ + /I$(TpmDrv_DIR)\ + /I$(TCG_DIR)\ + +$(BUILD_DIR)\BootGuardTPM2Dxe.obj : $(BootGuardTPM2Dxe_PATH)\BootGuardTPM2Dxe.c + $(CC) $(CFLAGS) /I$(PROJECT_DIR) /I$(PROJECT_DIR)\Include $(TPM2_INCLUDE) $(PROJECT_CPU_INCLUDES) /Fo$(BUILD_DIR)\BootGuardTPM2Dxe.obj $(BootGuardTPM2Dxe_PATH)\BootGuardTPM2Dxe.c + +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 6145-F Northbelt Pkwy, Norcross, GA 30071 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** diff --git a/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl new file mode 100644 index 0000000..25872fe --- /dev/null +++ b/Board/EM/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl @@ -0,0 +1,91 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** + +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl 2 10/29/13 5:16a Bensonlai $ +# +# $Revision: 2 $ +# +# $Date: 10/29/13 5:16a $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/SharkBayRefCodes/FIT/Dxe/BootGuardTPM2Dxe/BootGuardTPM2Dxe.sdl $ +# +# 2 10/29/13 5:16a Bensonlai +# [TAG] EIPNone +# [Category] Bug Fix +# [Severity] Important +# [Symptom] Build error when enable the DEBUG mode. +# +# 1 9/06/13 6:17a Bensonlai +# [TAG] EIP135513 +# [Category] New Feature +# [Description] Implementation of Boot Guard of PTT flow for WHCK test. +# [Files] BootGuardTPM2Dxe.cif +# BootGuardTPM2Dxe.c +# BootGuardTPM2Dxe.h +# BootGuardTPM2Dxe.sdl +# BootGuardTPM2Dxe.mak +# +#********************************************************************** +#<AMI_FHDR_START> +# +# Name: BootGuardTPM2Dxe.sdl +# +# Description: SDL file for BootGuard TPM2 +# +#<AMI_FHDR_END> +#********************************************************************** + +TOKEN + Name = "BootGuardTPM2Dxe_SUPPORT" + Value = "1" + Help = "Main switch to enable BootGuardTPM2Dxe support in Project" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes + Token = "TpmDrv_SUPPORT" "=" "1" + Token = "INTEL_BOOT_GUARD_SUPPORT" "=" "1" +End + +PATH + Name = "BootGuardTPM2Dxe_PATH" +End + +MODULE + File = "BootGuardTPM2Dxe.mak" + Help = "Includes BootGuardTPM2Dxe.mak to Project" +End + +ELINK + Name = "BootGuardMeasureCRTMVersion," + Parent = "TcgPreMeasurementList" + InvokeOrder = AfterParent +End + +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2013, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** |