From b7c51c9cf4864df6aabb99a1ae843becd577237c Mon Sep 17 00:00:00 2001 From: raywu Date: Fri, 15 Jun 2018 00:00:50 +0800 Subject: init. 1AQQW051 --- Board/EM/TCG2/Common/AmiTcgBinaries.cif | 12 + Board/EM/TCG2/Common/AmiTcgPlatform.cif | 11 + Board/EM/TCG2/Common/AmiTcgPlatform.sdl | 213 + Board/EM/TCG2/Common/AmiTcgPlatformDxe.c | 5594 ++++++++++++++++++++ Board/EM/TCG2/Common/AmiTcgPlatformDxe.cif | 15 + Board/EM/TCG2/Common/AmiTcgPlatformDxe.dxs | 82 + Board/EM/TCG2/Common/AmiTcgPlatformDxe.h | 425 ++ Board/EM/TCG2/Common/AmiTcgPlatformDxe.mak | 172 + Board/EM/TCG2/Common/AmiTcgPlatformDxe.sdl | 41 + Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.c | 1275 +++++ Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.h | 201 + Board/EM/TCG2/Common/AmiTcgPlatformDxeString.uni | Bin 0 -> 10866 bytes Board/EM/TCG2/Common/AmiTcgPlatformPei.cif | 14 + Board/EM/TCG2/Common/AmiTcgPlatformPei.dxs | 70 + Board/EM/TCG2/Common/AmiTcgPlatformPei.h | 338 ++ Board/EM/TCG2/Common/AmiTcgPlatformPei.sdl | 28 + Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.c | 782 +++ Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.cif | 9 + Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.mak | 98 + Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.c | 279 + .../EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.cif | 9 + .../EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.mak | 150 + Board/EM/TCG2/Common/AmiTcgPlatformPeiLib.c | 1907 +++++++ Board/EM/TCG2/Common/LEGX16.bin | Bin 0 -> 2894 bytes Board/EM/TCG2/Common/MPTPM.bin | Bin 0 -> 1549 bytes .../EM/TCG2/Common/Setup/HandleLoadDefaultsSetup.c | 141 + Board/EM/TCG2/Common/Setup/TPMPwd.c | 346 ++ Board/EM/TCG2/Common/Setup/TcgSetup.c | 67 + Board/EM/TCG2/Common/Setup/TcgSetup.cif | 15 + Board/EM/TCG2/Common/Setup/TcgSetup.mak | 123 + Board/EM/TCG2/Common/Setup/TcgSetup.sd | 672 +++ Board/EM/TCG2/Common/Setup/TcgSetup.sdl | 50 + Board/EM/TCG2/Common/Setup/TcgSetup.uni | Bin 0 -> 12532 bytes Board/EM/TCG2/Common/Setup/TcgSetupBoard.h | 95 + Board/EM/TCG2/Common/TPM32BIN.bin | Bin 0 -> 11690 bytes Board/EM/TCG2/Common/TcgBins.mak | 102 + Board/EM/TCG2/Common/TcgBins.sdl | 42 + Board/EM/TCG2/Common/TcgDxeplatform.c | 168 + Board/EM/TCG2/Common/TcgDxeplatform.cif | 12 + Board/EM/TCG2/Common/TcgDxeplatform.dxs | 70 + Board/EM/TCG2/Common/TcgDxeplatform.h | 69 + Board/EM/TCG2/Common/TcgDxeplatform.mak | 88 + Board/EM/TCG2/Common/TcgDxeplatform.sdl | 28 + Board/EM/TCG2/Common/TcgPeiplatform.c | 240 + Board/EM/TCG2/Common/TcgPeiplatform.cif | 12 + Board/EM/TCG2/Common/TcgPeiplatform.dxs | 70 + Board/EM/TCG2/Common/TcgPeiplatform.h | 66 + Board/EM/TCG2/Common/TcgPeiplatform.mak | 85 + Board/EM/TCG2/Common/TcgPeiplatform.sdl | 16 + .../TcgPlatformSetupPeiPolicy.c | 301 ++ .../TcgPlatformSetupPeiPolicy.cif | 12 + .../TcgPlatformSetupPeiPolicy.dxs | 52 + .../TcgPlatformSetupPeiPolicy.h | 167 + .../TcgPlatformSetupPeiPolicy.mak | 88 + .../TcgPlatformSetupPeiPolicy.sdl | 25 + .../TcgPlatformSetupPolicy.c | 441 ++ .../TcgPlatformSetupPolicy.cif | 12 + .../TcgPlatformSetupPolicy.dxs | 52 + .../TcgPlatformSetupPolicy.h | 165 + .../TcgPlatformSetupPolicy.mak | 88 + .../TcgPlatformSetupPolicy.sdl | 25 + Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.DXS | 85 + Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.c | 373 ++ Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.cif | 15 + Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.h | 141 + Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.mak | 191 + Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.sdl | 72 + Board/EM/TCG2/Common/Tpm20Acpi/TpmCrb.asl | 387 ++ Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2.asl | 256 + Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2_Ex.asl | 301 ++ Board/EM/TCG2/Common/Tpm20PlatformDxe.c | 2508 +++++++++ Board/EM/TCG2/Common/Tpm20PlatformDxe.cif | 17 + Board/EM/TCG2/Common/Tpm20PlatformDxe.dxs | 77 + Board/EM/TCG2/Common/Tpm20PlatformDxe.h | 459 ++ Board/EM/TCG2/Common/Tpm20PlatformDxe.mak | 104 + Board/EM/TCG2/Common/Tpm20PlatformDxe.sdl | 27 + Board/EM/TCG2/Common/Tpm20PlatformDxeLib.c | 57 + Board/EM/TCG2/Common/Tpm20PlatformDxeLib.h | 73 + Board/EM/TCG2/Common/Tpm20PlatformDxeString.uni | Bin 0 -> 7796 bytes 79 files changed, 20873 insertions(+) create mode 100644 Board/EM/TCG2/Common/AmiTcgBinaries.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatform.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatform.sdl create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.c create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.dxs create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.h create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.mak create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxe.sdl create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.c create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.h create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformDxeString.uni create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPei.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPei.dxs create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPei.h create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPei.sdl create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.c create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.mak create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.c create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.cif create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.mak create mode 100644 Board/EM/TCG2/Common/AmiTcgPlatformPeiLib.c create mode 100644 Board/EM/TCG2/Common/LEGX16.bin create mode 100644 Board/EM/TCG2/Common/MPTPM.bin create mode 100644 Board/EM/TCG2/Common/Setup/HandleLoadDefaultsSetup.c create mode 100644 Board/EM/TCG2/Common/Setup/TPMPwd.c create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.c create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.cif create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.mak create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.sd create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.sdl create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetup.uni create mode 100644 Board/EM/TCG2/Common/Setup/TcgSetupBoard.h create mode 100644 Board/EM/TCG2/Common/TPM32BIN.bin create mode 100644 Board/EM/TCG2/Common/TcgBins.mak create mode 100644 Board/EM/TCG2/Common/TcgBins.sdl create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.c create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.cif create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.dxs create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.h create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.mak create mode 100644 Board/EM/TCG2/Common/TcgDxeplatform.sdl create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.c create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.cif create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.dxs create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.h create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.mak create mode 100644 Board/EM/TCG2/Common/TcgPeiplatform.sdl create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.cif create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.dxs create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.sdl create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.cif create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.dxs create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak create mode 100644 Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.sdl create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.DXS create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.c create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.cif create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.h create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.mak create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.sdl create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/TpmCrb.asl create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2.asl create mode 100644 Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2_Ex.asl create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.c create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.cif create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.dxs create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.h create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.mak create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxe.sdl create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxeLib.c create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxeLib.h create mode 100644 Board/EM/TCG2/Common/Tpm20PlatformDxeString.uni (limited to 'Board/EM/TCG2') diff --git a/Board/EM/TCG2/Common/AmiTcgBinaries.cif b/Board/EM/TCG2/Common/AmiTcgBinaries.cif new file mode 100644 index 0000000..4b3b4b1 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgBinaries.cif @@ -0,0 +1,12 @@ + + name = "AmiTcgBinaries" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgBinaries" +[files] +"TcgBins.sdl" +"TcgBins.mak" +"TPM32BIN.bin" +"LEGX16.bin" +"MPTPM.bin" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatform.cif b/Board/EM/TCG2/Common/AmiTcgPlatform.cif new file mode 100644 index 0000000..0670fe2 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatform.cif @@ -0,0 +1,11 @@ + + name = "AmiTcgPlatform" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgPlatform" +[files] +"AmiTcgPlatform.sdl" +[parts] +"AmiTcgPlatformPei" +"AmiTcgPlatformDxe" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatform.sdl b/Board/EM/TCG2/Common/AmiTcgPlatform.sdl new file mode 100644 index 0000000..2fb0944 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatform.sdl @@ -0,0 +1,213 @@ +TOKEN + Name = "AMI_TCG_PLATFORM_SUPPORT" + Value = "1" + Help = "Main token TCG to allow override of TCG functions" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes +End + + +TOKEN + Name = "TCG_SIZE" + Value = "010000h" + Help = "Size of Dxecore to measure" + TokenType = Integer + TargetH = Yes +End + + + +TOKEN + Name = "USE_AMI_PERSISTENT_BIOS_MANAGEMENT_FLAGS_SUPPORT" + Value = "1" + Help = "Main token TCG to allow override of TCG functions" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes +End + + +TOKEN + Name = "DONT_SEND_SELFTEST_TILL_READY_TO_BOOT" + Value = "1" + Help = "Main token TCG send selftest on ready to boot" + TokenType = Boolean + TargetEQU = Yes + TargetH = Yes + TargetMAK = Yes +End + +TOKEN + Name = "SELF_TEST_VID" + Value = "015D1h" + Help = "Size of Dxecore to measure" + TokenType = Integer + TargetH = Yes +End + + +TOKEN + Name = "Measure_Boot_Data" + Value = "0" + Help = "token to determine if EFI boot data information are measured" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes +End + +TOKEN + Name = "WAKE_EVENT_MEASUREMENT" + Value = "0" + Help = "token to allow measurement of wake events. Note LOG_EV_EFI_ACTION also needs to be enabled" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes +Token = "LOG_EV_EFI_ACTION" "=" "1" +End + +TOKEN + Name = "PPI_DISPLAY_OFFSET" + Value = "001" + Help = "" + TokenType = Integer + TargetEQU = Yes + TargetH = Yes +End + +TOKEN + Name = "Measure_Smbios_Tables" + Value = "0" + Help = "token to determine if smbios tables are measured" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes +End + +TOKEN + Name = "TCGMeasureSecureBootVariables" + Value = "1" + Help = "Set 1 to measure secure boot Variables if Secureboot is Enabled. Note this requires WHCK connectedStandby compliance" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes + Token = "SecureBoot_SUPPORT" "=" "1" +End + +TOKEN + Name = "UnconfiguredSecureBootVariables" + Value = "0" + Help = "Set 1 to allow measurement of Secureboot Variables even when Secureboot is not configured. Enabling this token will add about 50-100ms to platform boot time" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes + Token = "SecureBoot_SUPPORT" "=" "1" + Token = "TCGMeasureSecureBootVariables" "=" "1" +End + +TOKEN + Name = "MeasureCPUMicrocodeToken" + Value = "0" + Help = "Set 1 to measure cpu microcode" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes + Token = "AMI_ZTEIC_SUPPORT" "=" "0" +End + +TOKEN + Name = "MEASURE_CRTM_VERSION_PEI_FUNCTION" + Value = "MeasureCRTMVersion" + Help = "Function to measure crtm version. Input:EFI_PEI_SERVICES **. AMI function Modified Pcr 0" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_TCG_PCCLIENT_ID_PEI_FUNCTION" + Value = "MeasureTCGPcClientSpecID" + Help = "Function to Measure TCG PcClient Spec ID. Input:EFI_PEI_SERVICES ** and PEI_TCG_PPI. Modifies Pcr 0" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_CORE_DXE_FW_VOL_PEI_FUNCTION" + Value = "MeasureDxeCoreFwVol" + Help = "Function to Measure Dxe FW volume. Gets Tcg Ppi, Peiservices and pointer to dxe fw vol. Modifies Pcr 0" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_PCI_OPTION_ROM_DXE_FUNCTION" + Value = "MeasurePCIOproms" + Help = "Function to measure dxe firmware volume. Inputs: None. Modifies Pcr 2" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_HANDOFF_TABLES_DXE_FUNCTION" + Value = "MeasureHandoffTables" + Help = "Measures BIOS tables ACPI and Smbios tables. Inputs: None. Modifies Pcr 0-ACPI, Pcr 1=Smbios" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_CPU_MICROCODE_DXE_FUNCTION" + Value = "MeasureCpuMicroCode" + Help = "Measures CPU Microcode Information. Input:None. Modifies Pcr 1" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNCTION" + Value = "MeasureSeparators" + Help = "Measures TCG separtors. Input None: Modifies: Pcr 0-7" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "MEASURE_SECURE_BOOT_DXE_FUNCTION" + Value = "MeasureSecurebootVariables" + Help = "Measures Secureboot Variables. Input: None. Modifies PCR 5" + TokenType = Expression + TargetH = Yes + Token = "SecureBoot_SUPPORT" "=" "1" +End + +TOKEN + Name = "MEASURES_BOOT_VARIABLES_DXE_FUNCTION" + Value = "MeasureAllBootVariables" + Help = "Measures EFI boot Variables. Input: None. Modifies PCR 5" + TokenType = Expression + TargetH = Yes +End + + +TOKEN + Name = "MEASURE_WAKE_EVENT_DXE_FUNCTION" + Value = "MeasureWakeEvent" + Help = "Function to Measure platform wake event. Modifies PCR 6" + TokenType = Expression + TargetH = Yes +End + +TOKEN + Name = "SKIP_PHYSICAL_PRESENCE_LOCK_FUNCTION" + Value = "DummySkipPhysicalPresence" + Help = "Function to alert if locking of physical presence should be skipped" + TokenType = Expression + TargetH = Yes +End \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.c b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.c new file mode 100644 index 0000000..e237fcb --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.c @@ -0,0 +1,5594 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.c 5 7/02/14 10:26p Fredericko $ +// +// $Revision: 5 $ +// +// $Date: 7/02/14 10:26p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.c $ +// +// 5 7/02/14 10:26p Fredericko +// +// 4 6/14/14 12:34a Fredericko +// Fix locking of Physical Presense +// +// 3 6/09/14 4:57p Fredericko +// Changes for SetVariable vulnerability during Runtime +// +// 2 6/03/14 7:55p Fredericko +// Tcm Support changes +// +// 1 4/21/14 2:17p Fredericko +// +// 5 3/28/14 7:47p Fredericko +// [TAG] EIP159964 +// [Category] Bug Fix +// [Severity] Important +// [Symptom] WHCK TCG OS Interface might faile +// [RootCause] MOR variable needs to be a runtime variable +// [Solution] Make MOR variable a runtime variable +// [Files] AmiTcgplatformdxe.c +// +// 4 3/17/14 9:28p Fredericko +// +// 3 3/17/14 3:21p Fredericko +// +// 2 3/14/14 3:24p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:55p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 48 12/12/12 6:53p Fredericko +// +// 47 12/03/12 11:02p Fredericko +// [TAG] EIP104961 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] UEFI 2.3.1 SCT test failed in Generic\EfiCompliant case. +// The VariableAttribute of SecureBoot is not correct. +// [RootCause] Changes to Secureboot module +// [Solution] Remove secureboot variable check in Tcg +// [Files] AmiTcgPlatformDxe.c +// xTcgdxe.c +// +// 46 11/30/12 7:23p Fredericko +// +// 2 11/30/12 7:18p Fredericko +// [TAG] EIP104949 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] UEFI 2.3.1 SCT test failed in Generic\EfiCompliant case. +// TpmOldvar is not defined in the Spec. +// [RootCause] Using Global EFI GUID for a locally defined variable. +// [Solution] Change GUID +// Also Fix for EIP 104961. Build error when using SecureBoot module +// 4.6.5.1_SECBOOT_WIN8_ 016 and newer. +// Setup variable change. +// [Files] AmiTcgPlatformDxe.c +// TCGMisc.h +// +// 45 11/05/12 11:13a Fredericko +// Continue Selftest Vendor ID Token added +// +// 44 10/30/12 10:47a Fredericko +// 1.Close PciIoEvent on Readytoboot +// 2. Token to measure Secureboot Variables even if secureboot is disabled +// 3. Changes to the measure of separators for boot speed +// +// 43 10/22/12 1:25a Jittenkumarp +// [TAG] EIP100790 +// [Category] Improvement +// [Description] ActivateApplication in AMITSE delayed if the SoftKbd +// support enabled thereforTPM Message are not displayed +// [Files] AmiTcgPlatformDxe.c, TCG.sdl, TPMPwd.c , AmiTcgPlatform.sdl +// +// 42 9/19/12 4:27p Fredericko +// [TAG] EIP98198 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] inconsistent usage of uppercase and lowercase hexadecimal +// digits for the BOOT#### EFI variables in AmiTcgPlatform +// [RootCause] use of lower case for generic definition of BOOT variable +// for searching and hashing +// [Solution] Base case on TSE_CAPITAL_BOOT_OPTION token. default is +// uppercase +// [Files] AmiTcgPlatformDxe.c +// +// 41 9/13/12 5:14p Fredericko +// [TAG] EIP96218 +// [Category] Bug Fix +// [Severity] Normal +// [Symptom] AMIUEFI: When dbx is not defined, the system is not +// measuring an entry for dbx in the log. ( Winqual Bug ID : 958441 ) +// [RootCause] Not measuring dbx event into Tcg Event log when dbx +// variable was not defined. +// [Solution] Measure with Datalength of zero for Events when +// SecureBootSupport is enabled but Keys are not installed +// +// [Files] xTcgDxe.c +// AmiTcgPlatformDxe.c +// +// 40 5/19/12 6:34p Fredericko +// changes for TPM_PASSWORD_AUTHENTICATION Token support. +// +// 39 5/18/12 6:09p Fredericko +// Changes for Confirm_SETUP_CHANGE token. +// +// 38 5/18/12 4:10p Fredericko +// Made changes for possible display corruption from AmiPostMgr protocol +// +// 37 5/09/12 3:59p Fredericko +// Changes in the way Separators are measured. +// +// 36 4/28/12 3:30p Fredericko +// Changed when selftest is called. Also put Perf macro info for DP log. +// +// 35 4/27/12 6:38p Fredericko +// +// 34 4/27/12 6:22p Fredericko +// Changes for system boot speed when TCG is enabled +// +// 33 4/25/12 10:50a Yul +// [TAG] EIP69594 +// [Category] Bug Fix +// [Severity] Normal +// [Symptom] In some rare situatations POST text screen outputs are +// corrupted. +// [RootCause] Using GetVariable() to read PlatformLang variable. +// [Solution] Using HiiLibGetString() to get the necessary string. +// [Files] AmiTcgPlatformDxe.c +// +// 32 4/22/12 6:56p Fredericko +// +// 31 4/19/12 8:02p Fredericko +// EIP83480: ClearLastBootFailed Flag before reseting system from TCG. +// Keep track of PPI UI. If it has already been launched don't launch +// again. +// LegacySerialIO can cause multiple launch of TCG PPI UI. +// +// 30 3/22/12 5:05p Fredericko +// Token to allow disabling measurement of smbios tables. +// +// 29 3/19/12 6:56p Fredericko +// [TAG] EIP82866 +// [Category] Improvement +// [Description] 1. AMIUEFI: Implement the NoPPIClear flag and provide +// operations to set/clear the value or a BIOS config option +// 2. Changes for Tcg Performance Metrics Improvement. +// [Files] NoPpiClear : AmiTcgNvFlagSample.c, AmiTcgNvFlagSample.sdl, +// AmiTcgPlatformDxe.c, TcgSmm.c +// Performance Metrics Files Changed: Tcg.sdl, TcgMisc.h, TcgDxe.c, +// TcgCommon.c, TcgCommon.h, +// AmiTcgPlatformPeiLib.c, AmiTcgPlatformDxe.c, TcgDxe.dxs +// +// 28 2/17/12 7:50p Fredericko +// 1.Fix PPI_Confirmation token where some strings were not displaying +// -EIP 81592 +// 2. Fix possible hang from size issue of AMITSESETUP variable during Ppi +// calls. +// +// 27 2/03/12 6:34p Fredericko +// [TAG] EIP81665 +// [Category] Improvement +// [Description] Support for MOR feature improvement. +// Reset Mor on Ready to boot. MeasureSecureBoot variables if +// TcgMeasureSecureboot token is enabled. +// Support to use either zeros as separators or -1 as separator. +// [Files] Tcg.sdl, AmiTcgPlatformDxe.c, Tcgdxe.c, Tcglegacy.c +// +// 26 1/20/12 9:19p Fredericko +// +// 25 1/17/12 5:40p Rahuls +// Fix possible sync error situations between TPM status from O.S. and +// BIOS. +// +// 24 1/17/12 12:04p Fredericko +// [TAG] EIP81011 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] Clear TPM Via OS fail +// [RootCause] BIOS was not syncing BIOS with O.S. changes +// [Solution] Synchronize BIOS information with O.S. request when O.S. +// changes TPM state with Physical Presence and Ownership +// [Files] AmiTcgPlatformDxe.c +// +// 23 12/30/11 5:04p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 22 12/18/11 10:32p Fredericko +// [TAG] EIP63922 +// [Category] Improvement +// [Description] [MBY] After udpate SMBIOS to v30, system hang at CKP +// 0xA0 if DEBUG_MODE = 1. +// +// 21 12/15/11 5:21p Fredericko +// +// 20 12/12/11 7:10p Fredericko +// +// 19 11/23/11 6:06p Fredericko +// [TAG] EIP74297 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] Process for when CONFIRM_SETUP_CHANGE is enabled will not +// behave as defined +// [RootCause] TpmNvflags were not set with consideration for when +// CONFIRM_SETUP_CHANGE is enabled +// [Solution] Set policy with reference to token +// [Files] AmiTcgPlatformDxe.c +// AmiTcgNvflagSample.c +// +// +// +// [TAG] EIP75882 +// [Category] Spec Update +// [Severity] Minor +// [Description] Added support for the measurement of Secureboot +// variables +// [Files] AmiTcgPlatformDxe.c +// +// +// +// [TAG] EIP63922 +// [Category] Improvement +// [Description] Support for Smbios label 30 and up. Callback on +// publishing of Smbios tables +// [Files] AmiTcgPlatformDxe.c +// +// 18 11/14/11 2:09p Fredericko +// [TAG] EIP54573 +// [Category] Improvement +// [Description] Added Support to allow or disallow the measurement of +// EFI boot Data into PCR 5. +// [Files] AmiTcgPlatform.sdl +// AmiTcgPlatformDxe.c +// +// 17 10/10/11 12:11a Fredericko +// [TAG] EIP70220 +// [Category] Improvement +// [Description] Remove dependency on CSM +// [Files] TcgLegacy.sdl +// AmiTcgPlatformDxe.c +// AmiTcgPlatformDxe.h +// xTcgDxe.c +// +// 16 9/27/11 10:33p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] changes for Tcg Setup policy +// [Files] Tcg.sdl +// TcgPei.cif +// TcgPei.mak +// xtcgPei.c +// xTcgPeiAfterMem.c +// TcgPeiAfterMem.mak +// TcgDxe.cif +// TcgDxe.mak +// xTcgDxe.c +// AmiTcgPlatformPeilib.c +// AmiTcgPlatformDxelib.c +// +// 15 9/03/11 8:08p Fredericko +// +// 14 8/29/11 5:41p Fredericko +// Reverting previous changes. +// +// 13 8/29/11 4:43p Fredericko +// [TAG] EIP63922 +// [Category] Improvement +// [Description] Fix changes to match smbios v30. Smbios tables were not +// being found on ready to boot. +// [Files] AmiTcgPlatformdxe.c +// +// 12 8/26/11 3:38p Fredericko +// [TAG] EIP67736 +// [Category] Bug Fix +// [Severity] Normal +// [Symptom] System Hange +// [RootCause] Overflow condition in comparism of length of Ffs +// [Solution] Check overflow condition in loop and break if it occurs +// [Files] AmiTcgPlatformDxe.c +// +// 11 8/10/11 4:34p Fredericko +// [TAG] EIP66465 +// [Category] Spec Update +// [Severity] Minor +// [Description] 1. Reset for PpiProvision flags to be updated in NVRAM +// 2. Fix for Ppi 11. TPM was being left activated +// 3. Legacy free support changes +// 4. Getplatform language pointer changes. +// [Files] 1. AmiTcgPlatformDxe.c +// +// 10 8/09/11 6:32p Fredericko +// [TAG] EIP66468 +// [Category] Spec Update +// [Severity] Minor +// [Description] 1. Changes for Tcg Ppi 1.2 support. +// [Files] 1 TcgSmm.h +// 2.TcgSmm.c +// 3.Tcg_ppi1_2.asl +// 4. AmiTcgNvflagsSample.c +// 5. AmiTcgPlatformPeiLib.c +// 6. AmiTcgPlatformDxe.sdl +// 7. AmiTcgPlatformDxe.c +// +// 9 7/25/11 3:42a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 8 4/28/11 6:33p Fredericko +// Changes for Lifetime lock settings +// +// 7 4/26/11 1:54p Fredericko +// Added support for function level override of specific functions. +// +// 6 4/25/11 1:26p Fredericko +// Added closing brackets that was causing build error when lifetime lock +// token was set. +// +// 5 4/06/11 6:46p Fredericko +// PPI confirmation Override changes +// +// 4 4/01/11 9:35a Fredericko +// Updated function Header +// +// 3 3/29/11 5:51p Fredericko +// Changes for core 464 and ACPI tables support +// +// 2 3/29/11 2:26p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxe.c +// +// Description: Function file for AmiTcgPlatformDxe +// +// +//************************************************************************* +#include "AmiTcgPlatformDxe.h" +#include "AmiTcgPlatformDxeLib.h" +#include "AmiTcgPlatformDxeStrTokens.h" +#include +#include "TcgPlatformSetupPolicy.h" +#if defined AmiBoardInfo_SUPPORT && AmiBoardInfo_SUPPORT == 1 +#include +#endif +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +#include +#endif + +#define BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID \ + {0xdbc9fd21, 0xfad8, 0x45b0, 0x9e, 0x78, 0x27, 0x15, 0x88, 0x67, 0xcc, 0x93} + +EFI_GUID gBdsAllDriversConnectedProtocolGuid = BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID; + +#if TPM_PASSWORD_AUTHENTICATION +#define TCG_PASSWORD_AUTHENTICATION_GUID \ + {0xB093BDD6, 0x2DE2, 0x4871,0x87,0x68, 0xEE,0x1D, 0xA5, 0x72, 0x49, 0xB4 } +EFI_GUID TcgPasswordAuthenticationGuid = TCG_PASSWORD_AUTHENTICATION_GUID; +#endif + +extern MEASURE_PCI_OPTION_ROM_FUNC_PTR MEASURE_PCI_OPTION_ROM_DXE_FUNCTION; +MEASURE_PCI_OPTION_ROM_FUNC_PTR *MeasurePCIOpromsFuncPtr = MEASURE_PCI_OPTION_ROM_DXE_FUNCTION; + +extern MEASURE_HANDOFF_TABLES_FUNC_PTR MEASURE_HANDOFF_TABLES_DXE_FUNCTION; +MEASURE_HANDOFF_TABLES_FUNC_PTR *MeasureHandoffTablesFuncPtr = MEASURE_HANDOFF_TABLES_DXE_FUNCTION; + +extern MEASURE_CPU_MICROCODE_FUNC_PTR MEASURE_CPU_MICROCODE_DXE_FUNCTION; +MEASURE_CPU_MICROCODE_FUNC_PTR *MeasureCpuMicroCodeFuncPtr = MEASURE_CPU_MICROCODE_DXE_FUNCTION; + +extern MEASURE_BOOT_VAR_FUNC_PTR MEASURES_BOOT_VARIABLES_DXE_FUNCTION; +MEASURE_BOOT_VAR_FUNC_PTR *MeasureAllBootVariablesFuncPtr = MEASURES_BOOT_VARIABLES_DXE_FUNCTION; + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +extern MEASURE_SECURE_BOOT_FUNC_PTR MEASURE_SECURE_BOOT_DXE_FUNCTION; +MEASURE_SECURE_BOOT_FUNC_PTR *MeasureSecurebootVariablesFuncPtr = MEASURE_SECURE_BOOT_DXE_FUNCTION; +#endif + +extern MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNC_PTR MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNCTION; +MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNC_PTR *MeasureSeparatorsFuncPtr = MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNCTION; + +extern MEASURE_WAKE_EVENT_DXE_FUNC_PTR MEASURE_WAKE_EVENT_DXE_FUNCTION; +MEASURE_WAKE_EVENT_DXE_FUNC_PTR *MeasureWakeEventFuncPtr = MEASURE_WAKE_EVENT_DXE_FUNCTION; + +extern SKIP_PHYSICAL_PRESENCE_LOCK_PTR SKIP_PHYSICAL_PRESENCE_LOCK_FUNCTION; +SKIP_PHYSICAL_PRESENCE_LOCK_PTR *DummySkipPhysicalPresencePtr = SKIP_PHYSICAL_PRESENCE_LOCK_FUNCTION; + + +static TCG_PROTOCOL_NOTIFY Ctx; +static void *SearchKey; +typedef UINT32 extended_request; +AMI_POST_MANAGER_PROTOCOL *pAmiPostMgr = NULL; +EFI_GUID gAmiPostManagerProtocolGuid = \ + AMI_POST_MANAGER_PROTOCOL_GUID; +EFI_HII_HANDLE gHiiHandle; +EFI_EVENT PciIoev; + + +#if EFI_SPECIFICATION_VERSION>0x20000 +#else +EFI_HII_PROTOCOL *Hii; +#endif + +static UINT8 ppi_request; +static EFI_HANDLE gAmiTcgPlatformImageHandle; +static EFI_EVENT ReadyToBootEvent; + +#if TPM_PASSWORD_AUTHENTICATION +BOOLEAN AuthenticateSet; +BOOLEAN AdminPasswordValid; +BOOLEAN PasswordSupplied; + +VOID SignalProtocolEvent(IN EFI_GUID *TcgPasswordAuthenticationGuid); + +#endif + +EFI_GUID gAMITcgPlatformProtocolguid = AMI_TCG_PLATFORM_PROTOCOL_GUID; +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +EFI_GUID gEfiImageSecurityDatabaseguid = EFI_IMAGE_SECURITY_DATABASE_GUID; +#endif +EFI_GUID gTpmDeviceProtocolGuid = EFI_TPM_DEVICE_PROTOCOL_GUID; +EFI_GUID gEfiTpmDxeDeviceProtocolGuid = EFI_TPM_DEVICE_PROTOCOL_GUID; + +#if (defined(SMBIOS_SUPPORT) && (SMBIOS_SUPPORT == 1)) +EFI_GUID gSmBiosTablePublished = TCG_SMBIOS_EFI_TABLE_GROUP; +#endif + +static BOOLEAN IsRunPpiUIAlreadyDone = FALSE; + +void run_PPI_UI( + IN EFI_EVENT ev, + IN VOID *ctx); + +EFI_STATUS TcgSetVariableWithNewAttributes( + IN CHAR16 *Name, IN EFI_GUID *Guid, IN UINT32 Attributes, + IN UINTN DataSize, IN VOID *Data +); + +//********************************************************************** +// +// +// Procedure: MeasureVariable +// +// Description: Measures a provided variable +// +// Input: IN TPM_PCRINDEX PCRIndex, +// IN TCG_EVENTTYPE EventType, +// IN CHAR16 *VarName, +// IN EFI_GUID *VendorGuid, +// IN VOID *VarData, +// IN UINTN VarSize +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureVariable( + IN TPM_PCRINDEX PCRIndex, + IN TCG_EVENTTYPE EventType, + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + IN VOID *VarData, + IN UINTN VarSize ) +{ + EFI_STATUS Status; + EFI_TCG_PROTOCOL *tcgSvc; + TCG_PCR_EVENT *TcgEvent = NULL; + UINTN VarNameLength; + TCG_EFI_VARIABLE_DATA *VarLog; + EFI_PHYSICAL_ADDRESS Last; + UINT32 evNum; + + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + + ASSERT( !EFI_ERROR( Status )); + + VarNameLength = Wcslen( VarName ); + + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCG_PCR_EVENT,Event ) + + (UINT32)(sizeof(*VarLog) + VarNameLength + * sizeof(*VarName) + VarSize - 3 ), + &TcgEvent ); + + ASSERT( !EFI_ERROR( Status )); + + TcgEvent->PCRIndex = PCRIndex; + TcgEvent->EventType = EventType; + TcgEvent->EventSize = (UINT32)( sizeof (*VarLog) + VarNameLength + * sizeof (*VarName) + VarSize - 3 ); + + pBS->AllocatePool( EfiBootServicesData, TcgEvent->EventSize, &VarLog ); + + if ( VarLog == NULL ) + { + return EFI_OUT_OF_RESOURCES; + } + + VarLog->VariableName = *VendorGuid; + VarLog->UnicodeNameLength = VarNameLength; + VarLog->VariableDataLength = VarSize; + + pBS->CopyMem( + (CHAR16*)(VarLog->UnicodeName), + VarName, + VarNameLength * sizeof (*VarName) + ); + + pBS->CopyMem( + (CHAR16*)(VarLog->UnicodeName) + VarNameLength, + VarData, + VarSize); + + pBS->CopyMem( TcgEvent->Event, + VarLog, + TcgEvent->EventSize ); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)VarLog, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last ); + + if ( TcgEvent != NULL ) + { + pBS->FreePool( TcgEvent ); + } + + ASSERT( !EFI_ERROR( Status )); + + if ( VarLog != NULL ) + { + pBS->FreePool( VarLog ); + } + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: TcmMeasureVariable +// +// Description: Measures a provided variable +// +// Input: IN TPM_PCRINDEX PCRIndex, +// IN TCG_EVENTTYPE EventType, +// IN CHAR16 *VarName, +// IN EFI_GUID *VendorGuid, +// IN VOID *VarData, +// IN UINTN VarSize +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcmMeasureVariable( + IN TPM_PCRINDEX PCRIndex, + IN TCG_EVENTTYPE EventType, + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + IN VOID *VarData, + IN UINTN VarSize ) +{ + EFI_STATUS Status; + EFI_TCM_PROTOCOL *tcgSvc; + TCM_PCR_EVENT *TcgEvent = NULL; + UINTN VarNameLength; + TCG_EFI_VARIABLE_DATA *VarLog; + EFI_PHYSICAL_ADDRESS Last; + UINT32 evNum; + + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + + ASSERT( !EFI_ERROR( Status )); + + VarNameLength = Wcslen( VarName ); + + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCM_PCR_EVENT,Event ) + + (UINT32)(sizeof(*VarLog) + VarNameLength + * sizeof(*VarName) + VarSize - 3 ), + &TcgEvent ); + + ASSERT( !EFI_ERROR( Status )); + + TcgEvent->PCRIndex = PCRIndex; + TcgEvent->EventType = EventType; + TcgEvent->EventSize = (UINT32)( sizeof (*VarLog) + VarNameLength + * sizeof (*VarName) + VarSize - 3 ); + + pBS->AllocatePool( EfiBootServicesData, TcgEvent->EventSize, &VarLog ); + + if ( VarLog == NULL ) + { + return EFI_OUT_OF_RESOURCES; + } + + VarLog->VariableName = *VendorGuid; + VarLog->UnicodeNameLength = VarNameLength; + VarLog->VariableDataLength = VarSize; + + pBS->CopyMem( + (CHAR16*)(VarLog->UnicodeName), + VarName, + VarNameLength * sizeof (*VarName) + ); + + pBS->CopyMem( + (CHAR16*)(VarLog->UnicodeName) + VarNameLength, + VarData, + VarSize + ); + + pBS->CopyMem( TcgEvent->Event, + VarLog, + TcgEvent->EventSize ); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)VarLog, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last ); + + if ( TcgEvent != NULL ) + { + pBS->FreePool( TcgEvent ); + } + + ASSERT( !EFI_ERROR( Status )); + + if ( VarLog != NULL ) + { + pBS->FreePool( VarLog ); + } + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: confirmUser +// +// Description: Wait on key press from ConIn; Accept Esc or F10. +// Timeout if user doesn't respond +// +// INPUT: +// +// OUTPUT: UINT8 +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 confirmUser( ) +{ + EFI_STATUS Status = EFI_SUCCESS; + EFI_INPUT_KEY key; + EFI_GUID guid = AMI_OS_PPI_CONFIRMATION_OVERRIDE_GUID; + AMI_CONFIRMATION_OVERRIDE_PROTOCOL *ConfirmOverride; + + Status = pBS->LocateProtocol( &guid, NULL, &ConfirmOverride); + + if(!EFI_ERROR(Status)){ + return(ConfirmOverride->ConfirmUser()); + } + + if ( pST->ConIn ) + { + while ( TRUE ) + { + Status = pST->ConIn->ReadKeyStroke( pST->ConIn, &key ); + + if ( Status == EFI_SUCCESS ) + { + if ( ( ppi_request == TCPA_PPIOP_CLEAR_ENACT || ppi_request == + TCPA_PPIOP_CLEAR || ppi_request == TCPA_PPIOP_SETNOPPICLEAR_FALSE + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV) ) + { + if ( key.ScanCode == TCG_CLEAR_REQUEST_KEY ) + { + return TRUE; + } + } + else { + + if ( key.ScanCode == TCG_CONFIGURATION_ACCEPT_KEY ) + { + return TRUE; + } + } + if ( key.ScanCode == TCG_CONFIGURATION_IGNORE_KEY ) + { + return FALSE; + } + } + } + } + return FALSE; +} + + +EFI_STATUS LogTcgEvent( TCG_PCR_EVENT *TcgEvent, + EFI_TCG_PROTOCOL *tcgSvc) +{ + UINT32 EventNumber; + + if(tcgSvc == NULL) return EFI_INVALID_PARAMETER; + + return( tcgSvc->LogEvent(tcgSvc, + TcgEvent, + &EventNumber, + 0x01)); + +} + + +EFI_STATUS ExtendEvent( + IN EFI_TCG_PROTOCOL *tcgSvc, + IN TPM_PCRINDEX PCRIndex, + IN TCG_DIGEST *Digest, + OUT TCG_DIGEST *NewPCRValue ) +{ + struct { + TPM_1_2_CMD_HEADER hdr; + TPM_PCRINDEX PcrIndex; + UINT8 Digest[20]; + } ExtendCmd; + + UINT8 result[100]; + + if(tcgSvc == NULL) return EFI_INVALID_PARAMETER; + + ExtendCmd.hdr.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + ExtendCmd.hdr.ParamSize = TPM_H2NL(sizeof(TPM_1_2_CMD_HEADER) + sizeof(TPM_PCRINDEX) + 20); + ExtendCmd.hdr.Ordinal = TPM_H2NL( TPM_ORD_Extend ); + ExtendCmd.PcrIndex = TPM_H2NL( PCRIndex ); + + pBS->CopyMem( ExtendCmd.Digest, + Digest->digest, + 20); + + return (tcgSvc->PassThroughToTpm( tcgSvc, + sizeof(TPM_1_2_CMD_HEADER) + sizeof(TPM_PCRINDEX) + 20, + (UINT8 *)&ExtendCmd, + sizeof (result), + (UINT8*)&result)); +} + + + +//********************************************************************** +// +// +// Procedure: MeasureSeparatorEvent +// +// Description: Measure Tcg Event Separator +// +// Input: IN TPM_PCRINDEX PCRIndex, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureSeparatorEvent( + IN TPM_PCRINDEX PCRIndex ) +{ + TCG_PCR_EVENT *TcgEvent = NULL; + static EFI_TCG_PROTOCOL *tcgSvc = NULL; + UINT32 evNum; + EFI_PHYSICAL_ADDRESS Last; + EFI_STATUS Status; + static UINT8 SeparatorInfo[36]; + UINT8 *tempDigest = NULL; + UINT64 HashedDataLen = 20; +#if USE_ZERO_SEPARATOR == 1 + UINT32 EventData = 0; +#else + UINT32 EventData = -1; +#endif + + TcgEvent = (TCG_PCR_EVENT *)SeparatorInfo; + + if(tcgSvc == NULL) + { + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + + TcgEvent->EventType = EV_SEPARATOR; + TcgEvent->EventSize = (UINT32)sizeof (EventData); + + pBS->CopyMem( TcgEvent->Event, + &EventData, + TcgEvent->EventSize); + } + + TcgEvent->PCRIndex = PCRIndex; + + //extend hash data + Status = tcgSvc->HashLogExtendEvent(tcgSvc, + (EFI_PHYSICAL_ADDRESS)&EventData, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last ); + + return Status; +} + + + +//********************************************************************** +// +// +// Procedure: TcmMeasureSeparatorEvent +// +// Description: Measure Tcg Event Separator +// +// Input: IN TPM_PCRINDEX PCRIndex, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcmMeasureSeparatorEvent( + IN TPM_PCRINDEX PCRIndex ) +{ + TCM_PCR_EVENT *TcgEvent = NULL; + EFI_TCM_PROTOCOL *tcgSvc; + UINT32 evNum; + EFI_PHYSICAL_ADDRESS Last; + EFI_STATUS Status; +#if USE_ZERO_SEPARATOR == 1 + UINT32 EventData = 0; +#else + UINT32 EventData = -1; +#endif + + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + + ASSERT( !EFI_ERROR( Status )); + + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCM_PCR_EVENT, Event ) + + sizeof (EventData), + &TcgEvent ); + + ASSERT( !EFI_ERROR( Status )); + + TcgEvent->PCRIndex = PCRIndex; + TcgEvent->EventType = EV_SEPARATOR; + TcgEvent->EventSize = (UINT32)sizeof (EventData); + + pBS->CopyMem( TcgEvent->Event, + &EventData, + sizeof (EventData)); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)&EventData, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last ); + + if ( TcgEvent != NULL ) + { + pBS->FreePool( TcgEvent ); + } + + return Status; +} + + + + + + + +//********************************************************************** +// +// +// Name: doCpuMicrocodeTcgEvent +// +// Description: Measures EV_CPU_MICROCODE event +// +// Input: IN Buffer +// IN size +// +// Output: Device path size +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS doCpuMicrocodeTcgEvent( + IN VOID * buffer, + IN UINTN size ) +{ + EFI_STATUS Status; + EFI_TCG_PCR_EVENT ev; + UINT32 EventNum; + EFI_TCG_PROTOCOL *tcg; + + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + ev.Header.PCRIndex = PCRi_HOST_PLATFORM_CONFIG; + ev.Header.EventType = EV_CPU_MICROCODE; + ev.Header.EventDataSize = sizeof(ev.Event.Mcu); + ev.Event.Mcu.MicrocodeEntrypoint = (EFI_PHYSICAL_ADDRESS)( UINTN ) buffer; + + Status = tcg->HashLogExtendEvent( + tcg, + ev.Event.Mcu.MicrocodeEntrypoint, + (UINT64)size, + TCG_ALG_SHA, + (TCG_PCR_EVENT*)&ev, + &EventNum, + 0 + ); + return Status; +} + + +//********************************************************************** +// +// +// Name: doTcmCpuMicrocodeTcgEvent +// +// Description: Measures EV_CPU_MICROCODE event +// +// Input: IN Buffer +// IN size +// +// Output: Device path size +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS doTcmCpuMicrocodeTcgEvent( + IN VOID * buffer, + IN UINTN size ) +{ + EFI_STATUS Status; + EFI_TCM_PCR_EVENT ev; + UINT32 EventNum; + EFI_TCM_PROTOCOL *tcg; + + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + ev.Header.PCRIndex = PCRi_HOST_PLATFORM_CONFIG; + ev.Header.EventType = EV_CPU_MICROCODE; + ev.Header.EventDataSize = sizeof(ev.Event.Mcu); + ev.Event.Mcu.MicrocodeEntrypoint = (EFI_PHYSICAL_ADDRESS)( UINTN ) buffer; + + Status = tcg->HashLogExtendEvent( + tcg, + ev.Event.Mcu.MicrocodeEntrypoint, + (UINT64)size, + TCG_ALG_SHA, + (TCM_PCR_EVENT*)&ev, + &EventNum, + 0 + ); + return Status; +} + + + + +//********************************************************************** +// +// +// Name: measureCpuMicroCode +// +// Description: Locates CPU Microcode update and measures it as a TCG event +// +// Input: NONE +// +// Output: Device path size +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureCpuMicroCode( ) +{ + EFI_STATUS Status; + VOID *KeyBuffer = 0; + EFI_GUID FileName; + EFI_FV_FILE_ATTRIBUTES FileAttr; + UINTN FileSize; + VOID *FileBuffer; + VOID *FileBufS; + UINT32 AuthStat; + EFI_HANDLE *Handles; + UINTN NumHandles; + EFI_FIRMWARE_VOLUME_PROTOCOL *FwVol; + EFI_FIRMWARE_VOLUME_HEADER *FvHdr; + BOOLEAN Nested = TRUE; + UINT8 *FvPtr; + UINT8 *EndOfFv; + UINT32 MicrocodeFfsSize; + UINT8 *EndOfMicrocode; + UINT8 *gStartOfMicrocode = 0; + UINT32 gMicrocodeFlashSize = 0; + EFI_FV_FILETYPE FileType; + AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL *POverride; + EFI_GUID Overrideguid =\ + AMI_MEASURE_CPU_MICROCODE_GUID; + + Status = pBS->LocateProtocol( + &Overrideguid, + NULL, + &POverride ); + + if(!EFI_ERROR(Status)){ + return (POverride->Function()); + } + + Status = pBS->LocateHandleBuffer( + ByProtocol, + &gEfiFirmwareVolumeProtocolGuid, + NULL, + &NumHandles, + &Handles + ); + ASSERT( !EFI_ERROR( Status )); + + for (; NumHandles > 0; NumHandles-- ) + { + Status = pBS->HandleProtocol( + Handles[NumHandles - 1], + &gEfiFirmwareVolumeProtocolGuid, + &FwVol + ); + + if ( EFI_ERROR( Status )) + { + break; + } + + Status = pBS->AllocatePool( EfiBootServicesData, + FwVol->KeySize, + &KeyBuffer ); + + if ( KeyBuffer == NULL ) + { + return EFI_OUT_OF_RESOURCES; + } + pBS->SetMem( KeyBuffer, FwVol->KeySize, 0 ); + + do + { + FileType = EFI_FV_FILETYPE_RAW; + Status = FwVol->GetNextFile( + FwVol, + KeyBuffer, + &FileType, + &FileName, + &FileAttr, + &FileSize ); + + if ( !EFI_ERROR( Status ) + && MemCmp( &FileName, &gMicrocodeGuid, + sizeof(gMicrocodeGuid)) == 0 ) + { + Nested = FALSE; + FileBuffer = NULL; + Status = FwVol->ReadFile( + FwVol, + &FileName, + &FileBuffer, + &FileSize, + &FileType, + &FileAttr, + &AuthStat + ); + ASSERT( !EFI_ERROR( Status )); + + TRACE((TRACE_ALWAYS, "CPU Microcode found: %x size %x\n", + FileBuffer, FileSize)); + + if(AutoSupportType()){ + Status = doTcmCpuMicrocodeTcgEvent( FileBuffer, FileSize ); + }else{ + Status = doCpuMicrocodeTcgEvent( FileBuffer, FileSize ); + } + + TRACE((TRACE_ALWAYS, "\tMeasured: %x\n", Status)); + pBS->FreePool( FileBuffer ); + goto Exit; + } + } while ( !EFI_ERROR( Status )); + } +Exit: + + if ( Nested == TRUE ) + { + //if error it could be a nested firmware volume so check + //for volume within volume + FvHdr = (EFI_FIRMWARE_VOLUME_HEADER*)(UINTN)FV_MAIN_BASE; + + FvPtr = (UINT8*)FvHdr + FvHdr->HeaderLength; + EndOfFv = (UINT8*)FvHdr + FvHdr->FvLength; + + while ( FvPtr < EndOfFv && *FvPtr != -1 ) + { + if ( guidcmp( &gMicrocodeGuid, + &((EFI_FFS_FILE_HEADER*)FvPtr)->Name ) == 0 ) + { + goto FOUND_MICROCODE_FILE; + } + + FvPtr += *(UINT32*)&((EFI_FFS_FILE_HEADER*)FvPtr)->Size & 0xffffff; + FvPtr = (UINT8*)(((UINTN)FvPtr + 7) & ~7); //8 byte alignment + + if( (*(UINT32*)&((EFI_FFS_FILE_HEADER*)FvPtr)->Size & 0xffffff) == 0xffffff ) + break; + + } + return EFI_NOT_FOUND; + +FOUND_MICROCODE_FILE: + + gStartOfMicrocode = FvPtr + sizeof(EFI_FFS_FILE_HEADER); + + MicrocodeFfsSize + = ((*(UINT32*)((EFI_FFS_FILE_HEADER*)FvPtr)->Size) & 0xffffff); + + gMicrocodeFlashSize = MicrocodeFfsSize - sizeof(EFI_FFS_FILE_HEADER); + EndOfMicrocode = gStartOfMicrocode + gMicrocodeFlashSize; + + FileBufS = (void*)gStartOfMicrocode; + + if(AutoSupportType()){ + Status = doTcmCpuMicrocodeTcgEvent( FileBufS, gMicrocodeFlashSize ); + }else{ + Status = doCpuMicrocodeTcgEvent( FileBufS, gMicrocodeFlashSize ); + } + + TRACE((TRACE_ALWAYS, "\tMeasured: %x\n", Status)); + } + pBS->FreePool( Handles ); + + if ( KeyBuffer ) + { + pBS->FreePool( KeyBuffer ); + } + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: SendTpmCommand +// +// Description: Sends a command to the TPM +// +// Input: IN EFI_TCG_PROTOCOL *tcg, +// IN UINT32 ord, +// IN int dataSize, +// IN OUT VOID *data +// +// Output: TPM_RESULT +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**********************************************************************s +TPM_RESULT SendTpmCommand( + IN EFI_TCG_PROTOCOL *tcg, + IN UINT32 ord, + IN int dataSize, + IN OUT void * data ) +{ + EFI_STATUS Status; + static UINT8 result[0x400]; + TPM_1_2_RET_HEADER * tpmResult; + + struct + { + TPM_1_2_CMD_HEADER hdr; + UINT8 data[0x100]; + } cmd; + + cmd.hdr.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmd.hdr.ParamSize = TPM_H2NL( sizeof (TPM_1_2_RET_HEADER) + dataSize ); + cmd.hdr.Ordinal = TPM_H2NL( ord ); + + MemCpy( cmd.data, data, dataSize ); + + Status = tcg->PassThroughToTpm( tcg, + sizeof (TPM_1_2_CMD_HEADER) + dataSize, + (UINT8*)&cmd, + sizeof (result), + (UINT8*)&result ); + + tpmResult = (TPM_1_2_RET_HEADER*)result; + + TRACE((TRACE_ALWAYS, "\tpmResult->RetCode: %x\n", TPM_H2NL(tpmResult->RetCode))); + + return tpmResult->RetCode; +} + + + + +//********************************************************************** +// +// +// Procedure: DoResetNow +// +// Description: Callback function to execute TPM reset +// +// Input: IN EFI_EVENT ev, +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS DoResetNow( + IN EFI_EVENT ev, + IN VOID *ctx ) +{ + EFI_RESET_TYPE resetType = *(EFI_RESET_TYPE*)ctx; + + TRACE((TRACE_ALWAYS, "TCG: DoResetNow resets the system: type(%d)\n", + resetType)); + + TRACE((TRACE_ALWAYS, "TCG: DoResetNow resets the system: type(%x)\n", + (EFI_RESET_TYPE*)ctx)); + + pRS->ResetSystem( resetType, 0, 0, NULL ); + TRACE((TRACE_ALWAYS, "\tError: Reset failed???\n")); + return EFI_SUCCESS; +} + + + + +//********************************************************************** +// +// +// Procedure: GET_PFA +// +// Description: Returns PCI device Bus Device Function infomation +// +// +// Input: EFI_PCI_IO_PROTOCOL *pciIo +// +// Output: UINT16 +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT16 GET_PFA( + IN EFI_PCI_IO_PROTOCOL *pciIo ) +{ + UINTN seg; + UINTN bus; + UINTN dev; + UINTN func; + EFI_STATUS Status; + + Status = pciIo->GetLocation( pciIo, &seg, &bus, &dev, &func ); + ASSERT( !EFI_ERROR( Status )); + + if ( EFI_ERROR( Status )) + { + return 0; + } + ASSERT( func < 8 ); + ASSERT( dev < 32 ); + ASSERT( bus < 256 ); + return (UINT16)((bus << 8) | (dev << 3) | func ); +} + + +// +//---------------------------------------------------------------------------- +// Procedure: ClearFastBootLastBootFailedFlag +// +// Description: FastBoot clear boot fail flag callback +// +// Input: +// IN EFI_EVENT Event - Callback event +// IN VOID *Context - pointer to calling context +// +// Output: None +// +//---------------------------------------------------------------------------- +// +VOID ClearFastBootLastBootFailedFlag() +{ + EFI_STATUS Status; + UINT32 LastBootFailed; + UINTN Size = sizeof(UINT32); + EFI_GUID FastBootVariableGuid = FAST_BOOT_VARIABLE_GUID; + + + Status = pRS->GetVariable(L"LastBootFailed", &FastBootVariableGuid, NULL, &Size, &LastBootFailed); + if(!EFI_ERROR(Status)) { + Status = pRS->SetVariable(L"LastBootFailed", + &FastBootVariableGuid, + EFI_VARIABLE_NON_VOLATILE, + 0, + &LastBootFailed); + } +} + + + +//********************************************************************** +// +// +// Procedure: RequestSystemReset +// +// Description: Requests for system reset through core else creates a call +// back to execute reset +// +// Input: IN EFI_RESET_TYPE type +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void RequestSystemReset( + IN EFI_RESET_TYPE type ) +{ + EFI_STATUS Status; + static EFI_EVENT ev; + static void * reg; + static EFI_RESET_TYPE ptype; + + ptype = type; + + TRACE((TRACE_ALWAYS, "TCG: Resets the system: type(%d)\n", type)); + TRACE((TRACE_ALWAYS, "TCG: Resets the system: typeaddress(%x)\n", + &type)); + + ClearFastBootLastBootFailedFlag(); + + pRS->ResetSystem( type, 0, 0, NULL ); + TRACE((TRACE_ALWAYS, "\tError: Reset failed???\n")); + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, DoResetNow, (void*)&ptype, &ev); + ASSERT( !EFI_ERROR( Status )); + Status = pBS->RegisterProtocolNotify(&gEfiResetArchProtocolGuid, ev, ®); + TRACE((TRACE_ALWAYS, + "\tRegister DoResetNow after Reset Architecture driver\n")); +} + + + + +//********************************************************************** +// +// +// Procedure: read_TPM_capabilities +// +// Description: Executes TPM operation to read capabilities +// +// Input: IN EFI_TCG_PROTOCOL* tcg +// +// Output: TPM capabilities structure +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TPM_Capabilities_PermanentFlag read_TPM_capabilities( + IN EFI_TCG_PROTOCOL* tcg ) +{ + TPM_Capabilities_PermanentFlag * cap; + EFI_STATUS Status; + TPM_GetCapabilities_Input cmdGetCap; + TPM_RQU_COMMAND_HDR NuvotoncmdGetTpmStatus; + TPM_Capabilities_PermanentFlag NuvotonCap; + static UINT8 result[0x100]; + + if(*(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00) != 0x1050) + { + cmdGetCap.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetCap.ParamSize = TPM_H2NL( sizeof (cmdGetCap)); + + if(AutoSupportType()){ + cmdGetCap.CommandCode = TPM_H2NL( TCM_ORD_GetCapability ); + cmdGetCap.CommandCode = TPM_H2NL( TCM_ORD_GetCapability ); + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_FLAG ); + }else{ + cmdGetCap.CommandCode = TPM_H2NL( TPM_ORD_GetCapability ); + cmdGetCap.CommandCode = TPM_H2NL( TPM_ORD_GetCapability ); + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_FLAG ); + } + + cmdGetCap.subCapSize = TPM_H2NL( 4 ); // subCap is always 32bit long + cmdGetCap.subCap = TPM_H2NL( TPM_CAP_FLAG_PERMANENT ); + + Status = tcg->PassThroughToTpm( tcg, + sizeof (cmdGetCap), + (UINT8*)&cmdGetCap, + sizeof (result), + result ); + + cap = (TPM_Capabilities_PermanentFlag*)result; + + TRACE((TRACE_ALWAYS, + "GetCapability: %r; size: %x; retCode:%x; tag:%x; bytes %08x\n", Status, + TPM_H2NL(cap->ParamSize ), TPM_H2NL(cap->RetCode ), + (UINT32) TPM_H2NS(cap->tag ), TPM_H2NL( *(UINT32*)&cap->disabled ))); + + return *cap; + }else{ + + MemSet(&NuvotonCap,sizeof(TPM_Capabilities_PermanentFlag), 0); + + NuvotoncmdGetTpmStatus.tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + NuvotoncmdGetTpmStatus.paramSize = TPM_H2NL( sizeof (TPM_RQU_COMMAND_HDR)); + NuvotoncmdGetTpmStatus.ordinal = TPM_H2NL( NTC_ORD_GET_TPM_STATUS ); + + Status = tcg->PassThroughToTpm( tcg, + sizeof (NuvotoncmdGetTpmStatus), + (UINT8*)&NuvotoncmdGetTpmStatus, + sizeof (result), + result ); + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->RetCode == 0) + { + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isdisabled){ + NuvotonCap.disabled = 1; + } + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isdeactivated){ + NuvotonCap.deactivated = 1; + } + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isOwnerSet){ + NuvotonCap.ownership = 1; + } + }else{ + + NuvotonCap.RetCode = ((NUVOTON_SPECIFIC_FLAGS *)result)->RetCode; + } + + return NuvotonCap; + } +} + + + +//********************************************************************** +// +// +// Procedure: read_volatile_flags +// +// Description: Executes TPM operation to read capabilities +// +// Input: IN EFI_TCG_PROTOCOL* tcg +// +// Output: TPM capabilities structure +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TPM_VOLATILE_FLAGS read_volatile_flags( + IN EFI_TCG_PROTOCOL* tcg ) +{ + TPM_VOLATILE_FLAGS *cap; + EFI_STATUS Status; + TPM_GetCapabilities_Input cmdGetCap; + static UINT8 result[0x100]; + + cmdGetCap.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetCap.ParamSize = TPM_H2NL( sizeof (cmdGetCap)); + cmdGetCap.CommandCode = TPM_H2NL( TPM_ORD_GetCapability ); + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_FLAG ); + + + cmdGetCap.subCapSize = TPM_H2NL( 4 ); // subCap is always 32bit long + cmdGetCap.subCap = TPM_H2NL( TPM_CAP_FLAG_VOLATILE ); + + Status = tcg->PassThroughToTpm( tcg, + sizeof (cmdGetCap), + (UINT8*)&cmdGetCap, + sizeof (result), + result ); + + cap = (TPM_VOLATILE_FLAGS *)result; + + return *cap; +} + + + + + + +//********************************************************************** +// +// +// Procedure: CheckTpmOwnership +// +// Description: Executes TPM operation to read capabilities +// +// Input: IN EFI_TCG_PROTOCOL *tcg +// +// Output: void +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 CheckTpmOwnership( + IN EFI_TCG_PROTOCOL *tcg ) +{ + EFI_STATUS Status; + TPM_GetCapabilities_Input cmdGetCap; + static UINT8 Ownership_Result[0x200]; + UINT8 TPM_Ownership; + TPM_RQU_COMMAND_HDR NuvotoncmdGetTpmStatus; + + if(*(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00) != 0x1050) + { + cmdGetCap.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetCap.ParamSize = TPM_H2NL( sizeof (cmdGetCap)); + + if(AutoSupportType()){ + cmdGetCap.CommandCode = TPM_H2NL( TCM_ORD_GetCapability ); + }else{ + cmdGetCap.CommandCode = TPM_H2NL( TPM_ORD_GetCapability ); + } + + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_PROPERTY ); + cmdGetCap.subCapSize = TPM_H2NL( 4 ); // subCap is always 32bit long + cmdGetCap.subCap = TPM_H2NL( TPM_CAP_PROP_OWNER ); + Status = tcg->PassThroughToTpm( tcg, + sizeof (cmdGetCap), + (UINT8*)&cmdGetCap, + sizeof (Ownership_Result), + Ownership_Result ); + + TPM_Ownership = (UINT8 )Ownership_Result[0x0E]; + return TPM_Ownership; + }else{ + + NuvotoncmdGetTpmStatus.tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + NuvotoncmdGetTpmStatus.paramSize = TPM_H2NL( sizeof (TPM_RQU_COMMAND_HDR)); + NuvotoncmdGetTpmStatus.ordinal = TPM_H2NL( NTC_ORD_GET_TPM_STATUS ); + + Status = tcg->PassThroughToTpm( tcg, + sizeof (NuvotoncmdGetTpmStatus), + (UINT8*)&NuvotoncmdGetTpmStatus, + sizeof (Ownership_Result), + Ownership_Result ); + + if(((NUVOTON_SPECIFIC_FLAGS *)Ownership_Result)->RetCode == 0) + { + return ((NUVOTON_SPECIFIC_FLAGS *)Ownership_Result)->isOwnerSet; + }else{ + return 0; + } + } +} + + + +//********************************************************************** +// +// +// Procedure: EfiLibGetSystemConfigurationTable +// +// Description: Get table from configuration table by name +// +// Input: IN EFI_GUID *TableGuid, +// IN OUT VOID **Table +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS EfiLibGetSystemConfigurationTable( + IN EFI_GUID *TableGuid, + IN OUT VOID **Table ) +{ + UINTN Index; + + *Table = NULL; + + for ( Index = 0; Index < pST->NumberOfTableEntries; Index++ ) + { + if ( !MemCmp( TableGuid, &(pST->ConfigurationTable[Index].VendorGuid), + sizeof(EFI_GUID))) + { + *Table = pST->ConfigurationTable[Index].VendorTable; + return EFI_SUCCESS; + } + } + + return EFI_NOT_FOUND; +} + + + + + +//********************************************************************** +// +// +// Procedure: MeasureHandoffTables +// +// Description: Measures, Logs and Extends EFI Handoff Tables. eg: SMBIOS +// +// Input: VOID +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureHandoffTables() +{ + EFI_STATUS Status; + EFI_TCG_PROTOCOL *tcgSvc; + TCG_PCR_EVENT *ev = NULL; + UINT32 evNum; +#if ( defined(Measure_Smbios_Tables) && (Measure_Smbios_Tables!= 0) ) +#if SMBIOS_SUPPORT == 1 + TCG_EFI_HANDOFF_TABLE_POINTERS HandoffTables; + SMBIOS_TABLE_ENTRY_POINT *SmbiosTable; +#endif +#endif + TCG_EFI_HANDOFF_TABLE_POINTERS AcpiHandoffTables; + EFI_PHYSICAL_ADDRESS Last; + mem_in dsdt; + ACPI_HDR *hdr1; + +#if defined AmiBoardInfo_SUPPORT && AmiBoardInfo_SUPPORT == 1 + EFI_GUID gAmiBoardInfoGuid = AMI_BOARD_INFO_PROTOCOL_GUID; + AMI_BOARD_INFO_PROTOCOL *gAmiBoardInfoProtocol=NULL; +#endif + + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + ASSERT( !EFI_ERROR( Status )); + + //Measuring ACPI hand off table + //first measure static DSDT in firmware volume +#if !defined(AmiBoardInfo_SUPPORT)||(AmiBoardInfo_SUPPORT==0) + GetDsdt( &dsdt ); +#else + Status = pBS->LocateProtocol(&gAmiBoardInfoGuid, NULL,(VOID**)&gAmiBoardInfoProtocol); + if (EFI_ERROR(Status)) + { + gAmiBoardInfoProtocol = NULL; + TRACE((-1, "ACPI: Can't find AMI Board Info Protocol %r EXITING!",Status)); + dsdt.address = 0; + dsdt.datat = 3; + dsdt.size = 0; + }else{ + + dsdt.address = (EFI_PHYSICAL_ADDRESS)gAmiBoardInfoProtocol->BoardAcpiInfo; + dsdt.datat = 2; + dsdt.size = ((ACPI_HDR*)gAmiBoardInfoProtocol->BoardAcpiInfo)->Length; + } +#endif + + + //if found it we can now measure + if ( dsdt.datat == 2 ) + { + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCG_PCR_EVENT, Event) + + sizeof (AcpiHandoffTables), &ev ); + + ASSERT( !EFI_ERROR( Status )); + + ev->PCRIndex = PCRi_HOST_PLATFORM_CONFIG; + ev->EventType = EV_EFI_HANDOFF_TABLES; + ev->EventSize = sizeof (AcpiHandoffTables); + + AcpiHandoffTables.NumberOfTables = 1; + AcpiHandoffTables.TableEntry[0].VendorGuid = gDsdtGuidDxe; + hdr1 = (ACPI_HDR*)dsdt.address; + AcpiHandoffTables.TableEntry[0].VendorTable = (VOID*)hdr1; + + pBS->CopyMem( ev->Event, + &AcpiHandoffTables, + sizeof (AcpiHandoffTables)); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)hdr1, + hdr1->Length, + TCG_ALG_SHA, + ev, + &evNum, + &Last ); + } + +#if ( defined(Measure_Smbios_Tables) && (Measure_Smbios_Tables!= 0) ) +#if SMBIOS_SUPPORT == 1 + Status = EfiLibGetSystemConfigurationTable( + &gEfiSmbiosTableGuid, + &SmbiosTable + ); +#endif + + +#if SMBIOS_SUPPORT == 1 + + if ( !EFI_ERROR( Status )) + { + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCG_PCR_EVENT, Event ) + + sizeof (HandoffTables), &ev ); + + ASSERT( !EFI_ERROR( Status )); + + ev->PCRIndex = PCRi_HOST_PLATFORM_CONFIG; + ev->EventType = EV_EFI_HANDOFF_TABLES; + ev->EventSize = sizeof (HandoffTables); + + HandoffTables.NumberOfTables = 1; + HandoffTables.TableEntry[0].VendorGuid = gEfiSmbiosTableGuid; + HandoffTables.TableEntry[0].VendorTable = SmbiosTable; + + pBS->CopyMem( ev->Event, + &HandoffTables, + sizeof (HandoffTables)); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)SmbiosTable->TableAddress, + SmbiosTable->TableLength, + TCG_ALG_SHA, + ev, + &evNum, + &Last ); + } +#endif +#endif + + if ( ev != NULL ) + { + pBS->FreePool( ev ); + } + + return Status; +} + + + +//********************************************************************** +// +// +// Procedure: TcmMeasureHandoffTables +// +// Description: Measures, Logs and Extends EFI Handoff Tables. eg: SMBIOS +// +// Input: VOID +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcmMeasureHandoffTables( + VOID ) +{ + EFI_STATUS Status; + EFI_TCM_PROTOCOL *tcgSvc; + +#if SMBIOS_SUPPORT == 1 + SMBIOS_TABLE_ENTRY_POINT *SmbiosTable; +#endif + TCM_PCR_EVENT *ev = NULL; + UINT32 evNum; +#if SMBIOS_SUPPORT == 1 + TCG_EFI_HANDOFF_TABLE_POINTERS HandoffTables; +#endif + TCG_EFI_HANDOFF_TABLE_POINTERS AcpiHandoffTables; + EFI_PHYSICAL_ADDRESS Last; + mem_in dsdt; + ACPI_HDR *hdr1; + EFI_GUID DsdtGuid = DSDT_GUID; + EFI_GUID SmbiosTableGuid = EFI_SMBIOS_TABLE_GUID; + +#if defined AmiBoardInfo_SUPPORT && AmiBoardInfo_SUPPORT == 1 + EFI_GUID gAmiBoardInfoGuid = AMI_BOARD_INFO_PROTOCOL_GUID; + AMI_BOARD_INFO_PROTOCOL *gAmiBoardInfoProtocol=NULL; +#endif + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + ASSERT( !EFI_ERROR( Status )); + + //Measuring ACPI hand off table + //first measure static DSDT in firmware volume +#if !defined AmiBoardInfo_SUPPORT && AmiBoardInfo_SUPPORT == 0 + GetDsdt( &dsdt ); +#else + Status = pBS->LocateProtocol(&gAmiBoardInfoGuid, NULL,(VOID**)&gAmiBoardInfoProtocol); + if (EFI_ERROR(Status)) + { + gAmiBoardInfoProtocol = NULL; + TRACE((-1, "ACPI: Can't find AMI Board Info Protocol %r EXITING!",Status)); + dsdt.address = 0; + dsdt.datat = 3; + dsdt.size = 0; + }else{ + + dsdt.address = (EFI_PHYSICAL_ADDRESS)gAmiBoardInfoProtocol->BoardAcpiInfo; + dsdt.datat = 2; + dsdt.size = ((ACPI_HDR*)gAmiBoardInfoProtocol->BoardAcpiInfo)->Length; + } +#endif + //if found it we can now measure + if ( dsdt.datat == 2 ) + { + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCM_PCR_EVENT, Event) + + sizeof (AcpiHandoffTables), &ev ); + + ASSERT( !EFI_ERROR( Status )); + + ev->PCRIndex = 1; + ev->EventType = EV_EFI_HANDOFF_TABLES; + ev->EventSize = sizeof (AcpiHandoffTables); + + AcpiHandoffTables.NumberOfTables = 1; + AcpiHandoffTables.TableEntry[0].VendorGuid = DsdtGuid; + hdr1 = (ACPI_HDR*)dsdt.address; + AcpiHandoffTables.TableEntry[0].VendorTable = (VOID*)hdr1; + + pBS->CopyMem( ev->Event, + &AcpiHandoffTables, + sizeof (AcpiHandoffTables)); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)hdr1, + hdr1->Length, + TCG_ALG_SHA, + ev, + &evNum, + &Last ); + } + + +#if (defined(SMBIOS_SUPPORT) && (SMBIOS_SUPPORT == 1)) + Status = EfiLibGetSystemConfigurationTable( + &SmbiosTableGuid, + &SmbiosTable + ); +#endif + +#if (defined(SMBIOS_SUPPORT) && (SMBIOS_SUPPORT == 1)) + + if ( !EFI_ERROR( Status )) + { + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCM_PCR_EVENT, Event ) + + sizeof (HandoffTables), &ev ); + + ASSERT( !EFI_ERROR( Status )); + + ev->PCRIndex = PCRi_HOST_PLATFORM_CONFIG; + ev->EventType = EV_EFI_HANDOFF_TABLES; + ev->EventSize = sizeof (HandoffTables); + + HandoffTables.NumberOfTables = 1; + HandoffTables.TableEntry[0].VendorGuid = SmbiosTableGuid; + HandoffTables.TableEntry[0].VendorTable = SmbiosTable; + + pBS->CopyMem( ev->Event, + &HandoffTables, + sizeof (HandoffTables)); + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)SmbiosTable->TableAddress, + SmbiosTable->TableLength, + TCG_ALG_SHA, + ev, + &evNum, + &Last ); + } +#endif + + if ( ev != NULL ) + { + pBS->FreePool( ev ); + } + + ASSERT( !EFI_ERROR( Status )); + + return Status; +} + + + + +//---------------------------------------------------------------------------- +// Procedure: TcgMeasureAction +// Description: Measure a Tcg Action +// INPUT: String +// OUTPUT: EFI_STATUS +//---------------------------------------------------------------------------- +EFI_STATUS +EFIAPI +TcgMeasureActionI ( + IN CHAR8 *String, + IN UINT32 PCRIndex + ) +{ + + TCG_PCR_EVENT *TcgEvent = NULL; + EFI_PHYSICAL_ADDRESS Last; + EFI_TCG_PROTOCOL *tcgSvc; + UINT32 evNum; + UINT32 Len; + EFI_STATUS Status; + + + Status = pBS->LocateProtocol ( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc); + + ASSERT(!EFI_ERROR(Status)); + + Len = (UINT32)Strlen(String); + Status = pBS->AllocatePool (EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE (TCG_PCR_EVENT, Event) + + Len, + &TcgEvent); + + ASSERT(!EFI_ERROR(Status)); + + TcgEvent->PCRIndex = PCRIndex; + TcgEvent->EventType = EV_EFI_ACTION; + TcgEvent->EventSize = Len; + + pBS->CopyMem (TcgEvent->Event, + String, + Len); + + Status = tcgSvc->HashLogExtendEvent ( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)String, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last); + + if(TcgEvent!=NULL) + { + pBS->FreePool (TcgEvent); + } + + return Status; +} + + + +//---------------------------------------------------------------------------- +// Procedure: TcgMeasureAction +// Description: Measure a Tcg Action +// INPUT: String +// OUTPUT: EFI_STATUS +//---------------------------------------------------------------------------- +EFI_STATUS +EFIAPI +TcmMeasureActionI ( + IN CHAR8 *String, + IN UINT32 PCRIndex + ) +{ + + TCM_PCR_EVENT *TcgEvent = NULL; + EFI_PHYSICAL_ADDRESS Last; + EFI_TCM_PROTOCOL *tcgSvc; + UINT32 evNum; + UINT32 Len; + EFI_STATUS Status; + + + Status = pBS->LocateProtocol ( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc); + + ASSERT(!EFI_ERROR(Status)); + + Len = (UINT32)Strlen(String); + Status = pBS->AllocatePool (EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE (TCM_PCR_EVENT, Event) + + Len, + &TcgEvent); + + ASSERT(!EFI_ERROR(Status)); + + TcgEvent->PCRIndex = PCRIndex; + TcgEvent->EventType = EV_EFI_ACTION; + TcgEvent->EventSize = Len; + + pBS->CopyMem (TcgEvent->Event, + String, + Len); + + Status = tcgSvc->HashLogExtendEvent ( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)String, + TcgEvent->EventSize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last); + + if(TcgEvent!=NULL) + { + pBS->FreePool (TcgEvent); + } + + return Status; +} + + + + + +//********************************************************************** +// +// +// Procedure: ReadVariable +// +// Description: Reads Boot Variable +// +// Input: IN CHAR16 *VarName, +// IN EFI_GUID *VendorGuid, +// OUT UINTN *VarSize +// +// Output: VOID* +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* ReadVariable( + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + OUT UINTN *VarSize ) +{ + EFI_STATUS Status; + VOID *VarData; + + *VarSize = 0; + Status = pRS->GetVariable( + VarName, + VendorGuid, + NULL, + VarSize, + NULL + ); + + if ( Status != EFI_BUFFER_TOO_SMALL ) + { + return NULL; + } + + + pBS->AllocatePool( EfiBootServicesData, *VarSize, &VarData ); + + if ( VarData != NULL ) + { + Status = pRS->GetVariable( + VarName, + VendorGuid, + NULL, + VarSize, + VarData + ); + + if ( EFI_ERROR( Status )) + { + pBS->FreePool( VarData ); + VarData = NULL; + *VarSize = 0; + } + } + return VarData; +} + + +//********************************************************************** +// +// +// Procedure: ReadAndMeasureBootVariable +// +// Description: Read and Measures Boot Variable +// +// Input: IN CHAR16 *VarName, +// IN EFI_GUID *VendorGuid, +// OUT UINTN *VarSize +// OUT VOID **VarData +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS ReadAndMeasureBootVariable( + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + OUT UINTN *VarSize, + OUT VOID **VarData ) +{ + EFI_STATUS Status; + + *VarData = ReadVariable( VarName, VendorGuid, VarSize ); + + if ( *VarData == NULL ) + { + return EFI_NOT_FOUND; + } + + if(AutoSupportType()){ + Status = TcmMeasureVariable( + PCRi_IPL_CONFIG_AND_DATA, + EV_EFI_VARIABLE_BOOT, + VarName, + VendorGuid, + *VarData, + *VarSize); + + }else{ + Status = MeasureVariable( + PCRi_IPL_CONFIG_AND_DATA, + EV_EFI_VARIABLE_BOOT, + VarName, + VendorGuid, + *VarData, + *VarSize); + } + return Status; +} + + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) + +UINTN +TcgGetImageExeInfoTableSize ( + EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable +) +{ + UINTN Index; + EFI_IMAGE_EXECUTION_INFO *ImageExeInfoItem; + UINTN TotalSize; + + if (ImageExeInfoTable == NULL) { + return 0; + } + + ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *) ((UINT8 *) ImageExeInfoTable + sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE)); + TotalSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE); + for (Index = 0; Index < ImageExeInfoTable->NumberOfImages; Index++) { + TotalSize += ImageExeInfoItem->InfoSize; + ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *) ((UINT8 *) ImageExeInfoItem + ImageExeInfoItem->InfoSize); + } + + return TotalSize; +} + + +EFI_STATUS MeasureSecurebootVariables( + VOID + ) +{ + EFI_STATUS Status; + UINT8 *VarData = NULL; + CHAR16 *SecurityVar[]={ + L"SecureBoot", + L"PK", + L"KEK", + L"db", + L"dbx", + L"ImageExecTable" + }; + + EFI_GUID Varguid; + TCG_EVENTTYPE Eventtypes[]={ + EV_EFI_VARIABLE_DRIVER_CONFIG, + EV_EFI_VARIABLE_DRIVER_CONFIG, + EV_EFI_VARIABLE_DRIVER_CONFIG, + EV_EFI_VARIABLE_DRIVER_CONFIG, + EV_EFI_VARIABLE_DRIVER_CONFIG, + EV_EFI_EXECUTION_INFO_TABLE + }; + + UINTN VarSize = 0; + UINTN i=0; + TCG_PCR_EVENT *TcgEvent = NULL; + EFI_TCG_PROTOCOL *tcgSvc; +#if 0 + UINT32 evNum; + EFI_PHYSICAL_ADDRESS Last; + EFI_SIGNATURE_LIST *pList; + UINTN Tablesize; +#endif + EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable = NULL; + static BOOLEAN Skip = FALSE; + + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc ); + + ASSERT( !EFI_ERROR( Status )); + + for(i=0; i<5; i++) + { + if(i==3 || i==4) + { + Varguid = gEfiImageSecurityDatabaseguid; + }else{ + Varguid = TcgEfiGlobalVariableGuid; + } + + VarData = ReadVariable( SecurityVar[i], &Varguid, &VarSize ); + + if ( VarData == NULL ) + { +#if (defined(UnconfiguredSecureBootVariables) && (UnconfiguredSecureBootVariables != 0)) + VarSize = 0; +#else + continue; +#endif + } + +#if (defined(UnconfiguredSecureBootVariables) && (UnconfiguredSecureBootVariables == 0)) + if( i == 0 && ((UINT8)(*VarData)) == 0) Skip = TRUE; + if (Skip == TRUE) continue; +#endif + + Status = MeasureVariable(PCRi_HOST_PLATFORM_MANUFACTURER_CONTROL, + Eventtypes[i], + SecurityVar[i], + &Varguid, + VarData, + VarSize); + } + +#if 0 + //now measure the efi_image_execution_table + ImageExeInfoTable = GetEfiConfigurationTable(pST, &gEfiImageSecurityDatabaseGuid); + Tablesize = TcgGetImageExeInfoTableSize(ImageExeInfoTable); + + if(Tablesize!=0) + { + + Status = pBS->AllocatePool( EfiBootServicesData, + _TPM_STRUCT_PARTIAL_SIZE( TCG_PCR_EVENT, Event ) + + (sizeof(EFI_IMAGE_EXECUTION_INFO)), + &TcgEvent ); + + ASSERT( !EFI_ERROR( Status )); + + TcgEvent->PCRIndex = PCRi_IPL_CONFIG_AND_DATA; + TcgEvent->EventType = EV_EFI_EXECUTION_INFO_TABLE; + TcgEvent->EventSize = (UINT32)(sizeof(EFI_IMAGE_EXECUTION_INFO)); + + pBS->CopyMem( TcgEvent->Event, + SecurityVar[i], + TcgEvent->EventSize); + + Status = tcgSvc->HashLogExtendEvent(tcgSvc, + (EFI_PHYSICAL_ADDRESS)ImageExeInfoTable, + Tablesize, + TCG_ALG_SHA, + TcgEvent, + &evNum, + &Last ); + + if ( TcgEvent != NULL ) + { + pBS->FreePool( TcgEvent ); + } + } + +#endif + return Status; +} + + +#endif + + + + +//********************************************************************** +// +// +// Procedure: MeasureAllBootVariables +// +// Description: Measures all the boot Variables +// +// Input: +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureAllBootVariables( + VOID ) +{ + EFI_STATUS Status; + CHAR16 BootVarName[] = L"BootOrder"; + UINT16 *BootOrder; + UINTN BootCount; + UINTN Index; + VOID *BootVarData = NULL; + UINTN Size; + + Status = ReadAndMeasureBootVariable( + BootVarName, + &TcgEfiGlobalVariableGuid, + &BootCount, + &BootOrder + ); + + if ( Status == EFI_NOT_FOUND ) + { + return EFI_SUCCESS; + } + + if ( EFI_ERROR( Status )) + { + return Status; + } + + BootCount /= sizeof (*BootOrder); + + for ( Index = 0; Index < BootCount; Index++ ) + { + +#if defined (TSE_CAPITAL_BOOT_OPTION) && (TSE_CAPITAL_BOOT_OPTION == 0) + Swprintf_s( BootVarName, sizeof(BootVarName), L"Boot%04x", + BootOrder[Index] ); +#else + Swprintf_s( BootVarName, sizeof(BootVarName), L"Boot%04X", + BootOrder[Index] ); +#endif + + Status = ReadAndMeasureBootVariable( + BootVarName, + &TcgEfiGlobalVariableGuid, + &Size, + &BootVarData + ); + + if ( !EFI_ERROR( Status )) + { + if ( BootVarData != NULL ) + { + pBS->FreePool( BootVarData ); + } + } + } + return EFI_SUCCESS; +} + + + + +#if ( defined(CSM_SUPPORT) && (CSM_SUPPORT != 0) ) +//********************************************************************** +// +// +// Procedure: GetPCIOPROMImage +// +// Description: Finds Onboard Option ROM Images +// +// +// Input: IN EFI_HANDLE PciHandle, +// OUT VOID *RomImage, +// OUT UINTN *Romsize, +// OUT UINTN *Flags +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS GetPCIOPROMImage( + IN EFI_HANDLE PciHandle, + OUT VOID *RomImage, + OUT UINTN *Romsize, + OUT UINTN *Flags ) +{ + EFI_LEGACY_BIOS_PROTOCOL *LgBP; + EFI_STATUS status; + + status = pBS->LocateProtocol( + &gEfiLegacyBiosProtocolGuid, + NULL, + &LgBP ); + + if(EFI_ERROR(status))return status; + + status = LgBP->CheckPciRom( LgBP, + PciHandle, + RomImage, + Romsize, + Flags ); + return status; +} +#endif + + +//********************************************************************** +// +// +// Procedure: MeasurePciOptionRom +// +// Description: Measures EV_ID_OPROM_EXECUTE event +// address (PFA) and with digest of the specified PCI device +// OpRom image +// +// +// Input: IN VOID *pImage, +// IN UINTN len, +// IN UINT16 pfa +// Output: +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasurePciOptionRom( + IN VOID *pImage, + IN UINTN len, + UINT16 pfa ) +{ + EFI_STATUS Status=EFI_SUCCESS; + EFI_TCG_PROTOCOL *tcgSvc; +// EFI_TCM_PROTOCOL *tcmSvc; + EFI_TCG_PCR_EVENT ev; +// EFI_TCM_PCR_EVENT TcmEvent; + UINT32 evNum; + EFI_PHYSICAL_ADDRESS Last; + UINT64 digestLen; + UINT8 *pDigest; + + + if(!AutoSupportType()) + { + Status = pBS->LocateProtocol( + &gEfiTcgProtocolGuid, + NULL, + &tcgSvc + ); + + if ( EFI_ERROR( Status )) + { + return EFI_SUCCESS; + } + + ev.Header.PCRIndex = PCRi_OPROM_CODE; + ev.Header.EventType = EV_EVENT_TAG; + ev.Event.Tagged.EventID = EV_ID_OPROM_EXECUTE; + ev.Event.Tagged.EventSize = + sizeof(ev.Event.Tagged.EventData.OptionRomExecute); + ev.Header.EventDataSize = _TPM_STRUCT_PARTIAL_SIZE(struct _EFI_TCG_EV_TAG, + EventData ) + ev.Event.Tagged.EventSize; + + ev.Event.Tagged.EventData.OptionRomExecute.PFA = pfa; + ev.Event.Tagged.EventData.OptionRomExecute.Reserved = 0; + digestLen = sizeof (ev.Event.Tagged.EventData.OptionRomExecute.Hash); + pDigest = ev.Event.Tagged.EventData.OptionRomExecute.Hash.digest; + + Status = tcgSvc->HashAll( + tcgSvc, + (UINT8*)pImage, + len, + TCG_ALG_SHA, + &digestLen, + &pDigest); + if ( EFI_ERROR( Status )){ + return Status; + } + + Status = tcgSvc->HashLogExtendEvent( + tcgSvc, + (EFI_PHYSICAL_ADDRESS)&ev.Event, ev.Header.EventDataSize, + TCG_ALG_SHA,(TCG_PCR_EVENT*)&ev, + &evNum,&Last); + }else{ + /* + Status = pBS->LocateProtocol ( + &gEfiTcgProtocolGuid, + NULL, + &tcmSvc); + + if ( EFI_ERROR( Status )) + { + return EFI_SUCCESS; + } + + TcmEvent.Header.PCRIndex = PCRi_OPROM_CODE; + TcmEvent.Header.EventType = EV_EVENT_TAG; + TcmEvent.Event.Tagged.EventID = EV_ID_OPROM_EXECUTE; + TcmEvent.Event.Tagged.EventSize = + sizeof(TcmEvent.Event.Tagged.EventData.OptionRomExecute); + TcmEvent.Header.EventDataSize = _TPM_STRUCT_PARTIAL_SIZE(struct _EFI_TCG_EV_TAG, + EventData ) + TcmEvent.Event.Tagged.EventSize; + + TcmEvent.Event.Tagged.EventData.OptionRomExecute.PFA = pfa; + TcmEvent.Event.Tagged.EventData.OptionRomExecute.Reserved = 0; + digestLen = sizeof (TcmEvent.Event.Tagged.EventData.OptionRomExecute.Hash); + pDigest = TcmEvent.Event.Tagged.EventData.OptionRomExecute.Hash.digest; + + Status = tcmSvc->HashAll( + tcmSvc, + (UINT8*)pImage, + len, + TCG_ALG_SHA, + &digestLen, + &pDigest); + if ( EFI_ERROR( Status )){ + return Status; + } + + Status = tcmSvc->HashLogExtendEvent( + tcmSvc, + (EFI_PHYSICAL_ADDRESS)&TcmEvent.Event, TcmEvent.Header.EventDataSize, + TCG_ALG_SHA,(TCM_PCR_EVENT*)&TcmEvent, + &evNum,&Last);*/ + } + + return Status; +} + + + +EFI_STATUS ResetMorVariable() +{ + EFI_STATUS Status; + EFI_GUID MorGuid = MEMORY_ONLY_RESET_CONTROL_GUID; + UINT32 Attribs = EFI_VARIABLE_NON_VOLATILE + | EFI_VARIABLE_BOOTSERVICE_ACCESS + | EFI_VARIABLE_RUNTIME_ACCESS; + + UINT8 Temp = 0xFE; + UINTN TempSize = sizeof (UINT8); + + + + Status = pRS->GetVariable( + L"MemoryOverwriteRequestControl", + &MorGuid, + &Attribs, + &TempSize, + &Temp ); + + if ( EFI_ERROR( Status ) || ((Temp & 01)!= 0) ) + { + Temp &= 0xFE; + Status = pRS->SetVariable( + L"MemoryOverwriteRequestControl", + &MorGuid, + Attribs, + sizeof (UINT8), + &Temp ); + } + + return Status; +} + + +EFI_STATUS MeasureWakeEvent() +{ + UINT8 nWake; + EFI_STATUS Status; + CHAR8 WakeString[0xD] = "Wake Event "; + + Status = GetTcgWakeEventType( &nWake ); + if ( EFI_ERROR( Status )){return Status;} + + TRACE((TRACE_ALWAYS, "TCG: GetTcgWakeEventType: Status=%r; WakeType=%x\n", + Status, nWake)); + + WakeString[0xB] = nWake; + + if(AutoSupportType()){ + Status = TcmMeasureActionI( WakeString, (UINT32)PCRi_STATE_TRANSITION ); + if ( EFI_ERROR( Status )){return Status;} + }else{ + Status = TcgMeasureActionI( WakeString, (UINT32)PCRi_STATE_TRANSITION ); + if ( EFI_ERROR( Status )){return Status;} + } + + return Status; +} + + + + +EFI_STATUS MeasureSeparators() +{ + TPM_PCRINDEX PcrIndex = 0; + EFI_STATUS Status; + + if(AutoSupportType()){ + for ( PcrIndex = 0; PcrIndex < 8; PcrIndex++ ) + { + Status = TcmMeasureSeparatorEvent( PcrIndex ); + } + }else{ + for ( PcrIndex = 0; PcrIndex < 8; PcrIndex++ ) + { + Status = MeasureSeparatorEvent( PcrIndex ); + } + } + return Status; +} + + +//********************************************************************** +// +// +// Procedure: DummySkipPhysicalPresencePtr +// +// Description: Always return false. Can be overridden with OEM function +// +// Input: IN EFI_EVENT efiev +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 DummySkipPhysicalPresence() +{ + return FALSE; +} + + +//********************************************************************** +// +// +// Procedure: tcgReadyToBoot +// +// Description: Generic Measurements done before EFI boots OS +// +// Input: IN EFI_EVENT efiev +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void tcgReadyToBoot( + IN EFI_EVENT efiev, + IN VOID *ctx ) +{ + static UINTN mBootAttempts = 0; + + EFI_STATUS Status; + EFI_TCG_PROTOCOL *tcg; + EFI_TPM_DEVICE_PROTOCOL *TpmDevice; + BOOLEAN Support = FALSE; + UINT16 physical_presence; + BOOLEAN SkipPpLock = FALSE; +#if SET_LIFETIME_PPLOCK == 1 + TPM_Capabilities_PermanentFlag cap; +#endif +#if MANUFACTURING_MODE_SUPPORT + BOOLEAN *ResetAllTcgVar = NULL; + EFI_GUID TcgManufacturingGuid = AMI_TCG_MANUFACTURING_MODE_HOB_GUID; + BOOLEAN *TcgMfgModeVar = NULL; + void **DummyPtr; +#endif + + + + PERF_START(0,L"TcgReadyToboot",NULL,0); + + TRACE((TRACE_ALWAYS, "TcgReady to boot entry\n")); + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + Support = AutoSupportType(); + + Status = pBS->LocateProtocol( &gEfiTpmDxeDeviceProtocolGuid, NULL, &TpmDevice ); + + if ( EFI_ERROR( Status )) + { + return; + } + + if ( mBootAttempts == 0 ) + { + ResetMorVariable(); + +#if defined (WAKE_EVENT_MEASUREMENT) && (WAKE_EVENT_MEASUREMENT != 0) + MeasureWakeEventFuncPtr(); +#endif + PERF_START(0,L"SelfTest",NULL,0); +#if defined DONT_SEND_SELFTEST_TILL_READY_TO_BOOT && DONT_SEND_SELFTEST_TILL_READY_TO_BOOT == 1 + if(*(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00) == SELF_TEST_VID) + { + SendTpmCommand( tcg, TPM_ORD_ContinueSelfTest,0, 0); + } +#endif + PERF_END(0,L"SelfTest",NULL,0); + // + // Measure handoff tables + // + if(!Support){ + Status = MeasureHandoffTablesFuncPtr( ); + } + + if(Support){ + Status = TcmMeasureActionI ( + "Calling EFI Application from Boot Option", + (UINT32)PCRi_IPL_CONFIG_AND_DATA ); + }else{ + Status = TcgMeasureActionI ( + "Calling EFI Application from Boot Option", + (UINT32)PCRi_IPL_CONFIG_AND_DATA ); + } + + if ( EFI_ERROR( Status )){return;} + // + // Measure BootOrder & Boot#### variables + // + +#if ( defined(Measure_Boot_Data) && (Measure_Boot_Data!= 0) ) + Status = MeasureAllBootVariablesFuncPtr( ); + + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Boot Variables not Measured. Error!\n")); + } +#endif + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) + PERF_START(0,L"MeasureSecBoot",NULL,0); + Status = MeasureSecurebootVariablesFuncPtr (); + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Error Measuring Secure Vars\n")); + } + PERF_END(0,L"MeasureSecBoot",NULL,0); +#endif + + // + // 4. Measure PE/COFF OS loader, would be done by DxeCore + // + PERF_START(0,L"OsSeparators",NULL,0); + MeasureSeparatorsFuncPtr(); + PERF_END(0,L"OsSeparators",NULL,0); + + pBS->CloseEvent(PciIoev); + } + else { + //.0 + + // 8. Not first attempt, meaning a return from last attempt + // + if(Support){ + Status = TcmMeasureActionI ( + "Returning from EFI Application from Boot Option", + (UINT32)PCRi_IPL_CONFIG_AND_DATA ); + }else{ + Status = TcgMeasureActionI ( + "Returning from EFI Application from Boot Option", + (UINT32)PCRi_IPL_CONFIG_AND_DATA ); + } + if ( EFI_ERROR( Status )){return;} + } + + // + // Increase boot attempt counter + // + if ( mBootAttempts == 0 ) //do this once + { + #if SET_LIFETIME_PPLOCK == 1 + + cap = read_TPM_capabilities( tcg ); + + if ( cap.physicalPresenceLifetimeLock == 0) + { + if(AutoSupportType()){ + physical_presence = TPM_H2NS(TPM_PHYSICAL_PRESENCE_CMD_ENABLE ); + if(cap.physicalPresenceCMDEnable == 0 && cap.physicalPresenceHWEnable == 0){ + SendTpmCommand( tcg, TCM_TSC_ORD_PhysicalPresence, + sizeof(physical_presence), &physical_presence ); + + } + physical_presence = TPM_H2NS( TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ); + SendTpmCommand( tcg, TCM_TSC_ORD_PhysicalPresence, + sizeof(physical_presence), &physical_presence ); + }else{ + physical_presence = TPM_H2NS(TPM_PHYSICAL_PRESENCE_CMD_ENABLE ); + if(cap.physicalPresenceCMDEnable == 0 && cap.physicalPresenceHWEnable == 0){ + SendTpmCommand( tcg, TSC_ORD_PhysicalPresence, + sizeof(physical_presence), &physical_presence ); + + } + physical_presence = TPM_H2NS( TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK ); + SendTpmCommand( tcg, TSC_ORD_PhysicalPresence, + sizeof(physical_presence), &physical_presence ); + } + + + } + #endif + +#if MANUFACTURING_MODE_SUPPORT + DummyPtr = &TcgMfgModeVar; + TcgMfgModeVar = (UINT8*)LocateATcgHob( + pST->NumberOfTableEntries, + pST->ConfigurationTable, + &TcgManufacturingGuid); + + if(*DummyPtr != NULL){ + if(*TcgMfgModeVar == 1 ) { + SkipPpLock = TRUE; + } + } +#else + SkipPpLock = DummySkipPhysicalPresencePtr(); +#endif + if( SkipPpLock == FALSE) + { + //always lock at the end of boot + physical_presence = TPM_H2NS( TPM_PHYSICAL_PRESENCE_LOCK ); + SendTpmCommand( tcg, TSC_ORD_PhysicalPresence, + sizeof(physical_presence), &physical_presence ); + } + + } + + + mBootAttempts++; + TRACE((TRACE_ALWAYS, "TcgReady to booot exit\n")); + PERF_END(0,L"TcgReadyToboot",NULL,0); +} + + + +//********************************************************************** +// +// +// Procedure: SetTcgReadyToBoot +// +// Description: Sets ready to boot callback on ready to boot for security device +// +// Input: NONE +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI SetTcgReadyToBoot() +{ + EFI_STATUS Status; + AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL *POverride; + EFI_GUID Overrideguid =\ + AMI_SET_TCG_READYTOBOOT_GUID; + + Status = pBS->LocateProtocol(&Overrideguid, + NULL, + &POverride ); + + if(!EFI_ERROR(Status)){ + return (POverride->Function()); + } + + #if defined(EFI_EVENT_SIGNAL_READY_TO_BOOT)\ + && EFI_SPECIFICATION_VERSION < 0x20000 + + Status = gBS->CreateEvent( EFI_EVENT_SIGNAL_READY_TO_BOOT, + EFI_TPL_CALLBACK, + tcgReadyToBoot, NULL, &ReadyToBootEvent ); + + #else + #if (defined(SMBIOS_SUPPORT) && (SMBIOS_SUPPORT == 1)) + #if (defined(SMBIOS_VER_32) && (SMBIOS_VER_32 == 1)) + Status = pBS->CreateEventEx( + EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + tcgReadyToBoot, + (VOID *)&gAmiTcgPlatformImageHandle, + &gSmBiosTablePublished, + &ReadyToBootEvent); + #else + Status = CreateReadyToBootEvent( EFI_TPL_CALLBACK - 1, + tcgReadyToBoot, + NULL, + &ReadyToBootEvent ); + #endif + #else + + Status = CreateReadyToBootEvent( EFI_TPL_CALLBACK, + tcgReadyToBoot, + NULL, + &ReadyToBootEvent ); + #endif + #endif + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: OnPciIOInstalled +// +// Description: Checks if PCI device has an Option Rom and initiates the +// Option rom measurment +// +// Input: +// IN EFI_EVENT ev +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS OnPciIOInstalled( + IN EFI_EVENT ev, + IN VOID *ctx ) +{ + EFI_PCI_IO_PROTOCOL *pciIo; + EFI_STATUS Status; + VOID * searchKey = ctx; + UINTN handlesSize = 0; + EFI_HANDLE *handles = 0; + UINTN i; +#if ( defined(CSM_SUPPORT) && (CSM_SUPPORT != 0) ) + VOID * EmbImage; + UINTN EmbImageSize; + UINTN Flags; +#endif + EFI_PCI_EXPANSION_ROM_HEADER *EfiRomHeader; + UINTN seg, bus, dev, func; + + TRACE((TRACE_ALWAYS, "OnPciIOInstalled\n")); + + while ( 1 ) + { + Status = pBS->LocateHandleBuffer( ByRegisterNotify, + NULL, + searchKey, + &handlesSize, + &handles ); + + if ( EFI_ERROR( Status ) || handles == 0 || handlesSize == 0 ) + { + TRACE((TRACE_ALWAYS, "OnPciIOInstalled...exit\n")); + return EFI_SUCCESS; + } + + for ( i = 0; i != handlesSize; i++ ) + { + Status = pBS->HandleProtocol( handles[i], + &gEfiPciIoProtocolGuid, + &pciIo ); + TRACE((TRACE_ALWAYS, "\n\n xtcgdxe::PCIOPROM\n\n")); + TRACE((TRACE_ALWAYS, "\tHandle %x; HandleProtocol:%r\n", + handles[i], Status)); + + if ( EFI_ERROR( Status )) + { + continue; + } + + Status = pciIo->GetLocation( pciIo, &seg, &bus, &dev, &func ); + TRACE((TRACE_ALWAYS, + "\tPCI Device(%r): %x %x %x %x; RomSize:%x; Rom[0-4]=%08x\n", + Status, seg, bus, dev, func, pciIo->RomSize, + (UINT32)((pciIo->RomImage == 0) ? 0 : *(UINT32*)pciIo->RomImage))); + + EfiRomHeader = (EFI_PCI_EXPANSION_ROM_HEADER*) pciIo->RomImage; + + if ((UINT32)pciIo->RomSize == 0 || pciIo->RomImage == 0 + || EfiRomHeader->Signature != + PCI_EXPANSION_ROM_HEADER_SIGNATURE ) + { +#if ( defined(CSM_SUPPORT) && (CSM_SUPPORT != 0) ) + if ((pciIo->RomSize == 0) || (pciIo->RomImage == NULL)) + { + //could be an onboard device + EmbImage = 0; + Flags = 0; + Status = GetPCIOPROMImage( handles[i], + &EmbImage, + &EmbImageSize, + &Flags ); + + if ( Flags == 0x02 ) + { + MeasurePciOptionRom( EmbImage, EmbImageSize, + GET_PFA( pciIo )); + continue; + } + } +#endif + continue; + } + MeasurePciOptionRom( pciIo->RomImage, + (UINT32)pciIo->RomSize, + GET_PFA( pciIo )); + } + pBS->FreePool( handles ); + } + +} + + + +//********************************************************************** +// +// +// Procedure: MeasurePCIOproms +// +// Description: Sets callback to measure PCI option roms that are given control +// +// Input: NONE +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI MeasurePCIOproms() +{ + EFI_STATUS Status; + AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL *POverride; + EFI_GUID Overrideguid =\ + AMI_MEASURE_PCIOPROM_GUID; + + + Status = pBS->LocateProtocol( + &Overrideguid, + NULL, + &POverride ); + + if(!EFI_ERROR(Status)){ + return (POverride->Function()); + } + + SearchKey = (void*)&Ctx; + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + TPL_CALLBACK, + OnPciIOInstalled, + SearchKey, + &PciIoev ); + + ASSERT( !EFI_ERROR( Status )); + Status = pBS->RegisterProtocolNotify( &gEfiPciIoProtocolGuid, + PciIoev, + &SearchKey ); + + Ctx = *(TCG_PROTOCOL_NOTIFY*)SearchKey; + + return EFI_SUCCESS; +} + + + + +EFI_STATUS +EFIAPI GetProtocolVersion( + AMI_TCG_PROTOCOL_VERSION *VerInf) +{ + VerInf->MajorVersion = 1; + VerInf->MinorVersion = 0; + VerInf->Reserve = 0; + VerInf->Flag = 0; + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: extend_request +// +// Description: Convert the opcode into array of 2-bit values.For each 2-bit: 0 - no change; 1 - turn off; 2 - turn on +// indexes: 0 - enable flag; 1 - active flag; 2 - onwership +// 3 - clear +// +// INPUT: IN UINT8 rqst +// +// OUTPUT: extended_request +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +extended_request extend_request( + IN UINT8 rqst ) +{ + + if ( rqst ) + { + switch ( rqst ) + { + case TCPA_PPIOP_ENABLE: + return PPIXOP_ENABLE; + case TCPA_PPIOP_DISABLE: + return PPIXOP_DISABLE; + case TCPA_PPIOP_ACTIVATE: + return PPIXOP_ACTIVATE; + case TCPA_PPIOP_DEACTIVATE: + return PPIXOP_DEACTIVATE; + case TCPA_PPIOP_CLEAR: + return PPIXOP_CLEAR; + case TCPA_PPIOP_ENABLE_ACTV: + return (PPIXOP_ENABLE | PPIXOP_ACTIVATE); + case TCPA_PPIOP_DEACT_DSBL: + return (PPIXOP_DISABLE | PPIXOP_DEACTIVATE); + case TCPA_PPIOP_OWNER_ON: + return PPIXOP_OWNER_ON; + case TCPA_PPIOP_OWNER_OFF: + return PPIXOP_OWNER_OFF; + case TCPA_PPIOP_ENACTVOWNER: + return (PPIXOP_ENABLE | PPIXOP_ACTIVATE | PPIXOP_OWNER_ON); + case TCPA_PPIOP_DADISBLOWNER: + return (PPIXOP_DISABLE | PPIXOP_DEACTIVATE | PPIXOP_OWNER_OFF); + case TCPA_PPIOP_CLEAR_ENACT: + return (PPIXOP_CLEAR| PPIXOP_ENABLE | PPIXOP_ACTIVATE ); + case TCPA_PPIOP_ENABLE_ACTV_CLEAR: + return (PPIXOP_ENABLE | PPIXOP_ACTIVATE | PPIXOP_CLEAR); + case TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV: + return((PPIXOP_ENABLE<<8) |(PPIXOP_ACTIVATE<<8) | PPIXOP_CLEAR | PPIXOP_ENABLE | PPIXOP_ACTIVATE); + default: + return 0; + } + } + else { + return 0; + } +} + + + + + +//********************************************************************** +// +// +// Procedure: execute_request +// +// Description: Execute TPM operation +// +// INPUT: IN UINT8 rqst +// +// OUTPUT: error code if any as result of executing the operation +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 expecting_reset = FALSE; +TPM_RESULT execute_request( + IN UINT8 rqst ) +{ + extended_request erqst, erqstSave; + EFI_STATUS Status; + EFI_TCG_PROTOCOL *tcg; + EFI_TPM_DEVICE_PROTOCOL *TpmDevice; + TPM_RESULT tpmStatus = 0; + TPM_Capabilities_PermanentFlag cap; + UINT8 zero = 0; + UINT8 one = 1; + UINT32 Temp = 0; + BOOLEAN SupportType = FALSE; + + erqst = extend_request( rqst ); + + erqstSave = erqst; + + Status = pBS->LocateProtocol( &gEfiTpmDxeDeviceProtocolGuid, + NULL, &TpmDevice ); + + if ( EFI_ERROR( Status )) + { + return TCPA_PPI_BIOSFAIL; + } + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Error: failed to locate TCG protocol: %r\n")); + return TCPA_PPI_BIOSFAIL; + } + + if(!AutoSupportType()){ + TpmDevice->Init( TpmDevice ); + }else{ + SupportType = TRUE; + } + + cap = read_TPM_capabilities( tcg ); + + if(!AutoSupportType()) + { + //use switch case + switch( rqst) + { + case 1: + // send tpm command to enable the TPM + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + break; + case 2: + //disable TPM + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalDisable, 0, 0 ); + break; + case 3: + //Activate TPM + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + break; + case 4: + //Dectivate TPM + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&one ); + break; + case 5: + //force clear + tpmStatus = SendTpmCommand( tcg, TPM_ORD_ForceClear, 0, 0 ); + break; + case 6: + //Enable + Activate + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus){ + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + break; + case 7: + //Deactivate + Disable + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&one ); + if(!tpmStatus){ + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalDisable, 0, 0 ); + } + break; + case 8: + //set Owner Install true + tpmStatus = SendTpmCommand( tcg, TPM_ORD_SetOwnerInstall,1, &one ); + break; + case 9: + //set Owner Install False + tpmStatus = SendTpmCommand( tcg, TPM_ORD_SetOwnerInstall,1, &zero ); + break; + case 10: + //Enable + Activate + set Owner Install true + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + tpmStatus = SendTpmCommand( tcg, TPM_ORD_SetOwnerInstall,1, &one ); + if((TPM_H2NL( tpmStatus ) & TCG_DEACTIVED_ERROR) == TCG_DEACTIVED_ERROR ) + { + Temp = TCPA_PPIOP_OWNER_ON | (rqst << 04); + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + } + break; + case 11: + //Setownerfalse + Deactivate + disable + tpmStatus = SendTpmCommand( tcg, TPM_ORD_SetOwnerInstall,1, &zero ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&one ); + + } + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalDisable, 0, 0 ); + } + break; + case 14: + //clear + Enable + Activate + tpmStatus = SendTpmCommand( tcg, TPM_ORD_ForceClear, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + } + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + break; + case 12: + case 13: + //not supported + //cases 15-20 are handles elsewhere + break; + case 21: + //Enable + Activate + clear + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + + Temp = TCPA_PPIOP_CLEAR | (rqst << 04); + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + break; + case 22: + //Enable + Activate + clear + Enable + Activate + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + + //after force clear, update request and reset the system for + // tcg flags to be updated + Temp = TCPA_PPIOP_CLEAR_ENACT | (rqst << 04); + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + break; + default: + break; + + } + }else{ + + //use switch case + switch( rqst) + { + case 1: + // send tpm command to enable the TPM + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + break; + case 2: + //disable TPM + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalDisable, 0, 0 ); + break; + case 3: + //Activate TPM + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + break; + case 4: + //Dectivate TPM + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&one ); + break; + case 5: + //force clear + tpmStatus = SendTpmCommand( tcg, TCM_ORD_ForceClear, 0, 0 ); + break; + case 6: + //Enable + Activate + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus){ + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + break; + case 7: + //Deactivate + Disable + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&one ); + if(!tpmStatus){ + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalDisable, 0, 0 ); + } + break; + case 8: + //set Owner Install true + tpmStatus = SendTpmCommand( tcg, TCM_ORD_SetOwnerInstall,1, &one ); + break; + case 9: + //set Owner Install False + tpmStatus = SendTpmCommand( tcg, TCM_ORD_SetOwnerInstall,1, &zero ); + break; + case 10: + //Enable + Activate + set Owner Install true + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + tpmStatus = SendTpmCommand( tcg, TCM_ORD_SetOwnerInstall,1, &one ); + if((TPM_H2NL( tpmStatus ) & TCG_DEACTIVED_ERROR) == TCG_DEACTIVED_ERROR ) + { + Temp = TCPA_PPIOP_OWNER_ON | (rqst << 04); + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + } + break; + case 11: + //Setownerfalse + Deactivate + disable + tpmStatus = SendTpmCommand( tcg, TCM_ORD_SetOwnerInstall,1, &zero ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&one ); + + } + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalDisable, 0, 0 ); + } + break; + case 14: + //clear + Enable + Activate + tpmStatus = SendTpmCommand( tcg, TCM_ORD_ForceClear, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + } + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + break; + case 12: + case 13: + //not supported + //cases 15-20 are handles elsewhere + break; + case 21: + //Enable + Activate + clear + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + + Temp = TCPA_PPIOP_CLEAR | (rqst << 04); + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + break; + case 22: + //Enable + Activate + clear + Enable + Activate + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_ForceClear, 0, 0 ); + } + + //after force clear, update request and reset the system for + // tcg flags to be updated + Temp = TCPA_PPIOP_ENABLE_ACTV | (rqst << 04); + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + RequestSystemReset( EfiResetCold ); + break; + default: + break; + + } + } + + WritePpiResult( rqst, (UINT16)( TPM_H2NL( tpmStatus ))); + // + // System may need reset so that TPM reload permanent flags + // + return tpmStatus; +} + + + +//********************************************************************** +// +// +// Procedure: ProcessTcgSetup +// +// Description: Handles Tcg Setup functionality +// +// Input: NONE +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI ProcessTcgSetup() +{ + UINT8 Disable = 0; + EFI_STATUS Status; + EFI_TCG_PROTOCOL *tcg; + EFI_TPM_DEVICE_PROTOCOL *TpmDevice; + TPM_Capabilities_PermanentFlag cap; + UINT8 Temp = 0; + UINT8 TpmOwner; +#if CONFIRM_SETUP_CHANGE + EFI_EVENT ev; +#endif + void *SimpleIn = NULL; + static void *reg; + TCG_PLATFORM_SETUP_PROTOCOL *ProtocolInstance; + EFI_GUID Policyguid = TCG_PLATFORM_SETUP_POLICY_GUID; + EFI_GUID EfiGlobalVariableGuid =\ + TCG_VARIABLE_GUID; + + UINT32 TpmOldVarAttributes = EFI_VARIABLE_BOOTSERVICE_ACCESS|\ + EFI_VARIABLE_NON_VOLATILE; + + UINTN Size = sizeof(UINT8); + TCG_CONFIGURATION Config; + UINT8 TpmOldVar = 0; + AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL *POverride; + EFI_GUID Overrideguid =\ + AMI_PROCESS_TCG_SETUP_GUID; + + + Status = pBS->LocateProtocol(&Overrideguid, + NULL, + &POverride ); + + if(!EFI_ERROR(Status)){ + return (POverride->Function()); + } + + Status = pBS->LocateProtocol( &gTpmDeviceProtocolGuid, NULL, &TpmDevice ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Error: failed to locate TCG protocol: %r\n")); + return Status; + } + + Status = pBS->LocateProtocol (&Policyguid, NULL, &ProtocolInstance); + if (EFI_ERROR (Status)) { + return Status; + } + + cap = read_TPM_capabilities( tcg ); + TpmOwner = CheckTpmOwnership( tcg ); + + MemCpy(&Config, &ProtocolInstance->ConfigFlags, sizeof(TCG_CONFIGURATION)); + + //update onwership and Deactivated statuses + Config.TpmEnaDisable = cap.disabled; + Config.TpmActDeact = cap.deactivated; + Config.TpmOwnedUnowned = TpmOwner; + Config.TpmHardware = AMI_TPM_HARDWARE_PRESET; + Config.TpmError = 0; + + Status = pRS->GetVariable ( + L"TpmOldvar", + &TcgEfiGlobalVariableGuid, + &TpmOldVarAttributes, + &Size, + &TpmOldVar); + + if(EFI_ERROR(Status)) + { + TpmOldVar = Config.TpmEnable; + //set variable + Status = pRS->SetVariable ( + L"TpmOldvar", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS, + Size, + &TpmOldVar); + }else + { + if(TpmOldVar == Config.TpmEnable) + { + if(Config.TpmEnable != (~( cap.disabled | cap.deactivated )& BIT00)) + { + Config.PpiSetupSyncFlag = 1; + } + }else{ + TpmOldVar = Config.TpmEnable; + + Status = TcgSetVariableWithNewAttributes(L"TpmOldvar", &TcgEfiGlobalVariableGuid, \ + TpmOldVarAttributes,\ + Size, &TpmOldVar ); + } + } + + if(Config.PpiSetupSyncFlag != 0) + { + //ppi request happened so sync setup variables + TRACE((TRACE_ALWAYS, "\n Setup and PPi request sync \n")); + Config.TpmEnable = (~( cap.disabled | cap.deactivated )& BIT00); + Config.TpmOperation = 0; + Config.PpiSetupSyncFlag = 0; + + TpmOldVar = Config.TpmEnable; + + Status = TcgSetVariableWithNewAttributes(L"TpmOldvar", &TcgEfiGlobalVariableGuid, \ + TpmOldVarAttributes,\ + Size, &TpmOldVar ); + + } + + + UpDateASL(Config.TpmSupport); + + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + if(Config.TpmEnable != (~( cap.disabled | cap.deactivated )& BIT00)) + { + TRACE((TRACE_ALWAYS, "\n TMP_ENABLE != Setup in setup \n")); + +#if CONFIRM_SETUP_CHANGE + + if ( Config.TpmEnable ) { + ppi_request = TCPA_PPIOP_ENABLE_ACTV; + + Config.Reserved5 = TRUE; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + run_PPI_UI, + 0, + &ev ); + if(EFI_ERROR(Status)) { + return Status; + } + + Status = pBS->RegisterProtocolNotify( + &gBdsAllDriversConnectedProtocolGuid, + ev, + ® ); + if(EFI_ERROR(Status)) { + return Status; + } + + run_PPI_UI( NULL, NULL ); + return Status; + + } + else if ( !Config.TpmEnable ) { + ppi_request = TCPA_PPIOP_DEACT_DSBL; + + Config.Reserved5 = TRUE; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + run_PPI_UI, + 0, + &ev ); + + if(EFI_ERROR(Status)){ + return Status; + } + + Status = pBS->RegisterProtocolNotify( + &gBdsAllDriversConnectedProtocolGuid, + ev, + ® ); + if(EFI_ERROR(Status)){ + return Status; + } + + run_PPI_UI( NULL, NULL ); + return Status; + + } + +#else + + if ( execute_request( Config.TpmEnable ? TCPA_PPIOP_ENABLE_ACTV : + TCPA_PPIOP_DEACT_DSBL ) != 0 ) + { + //Do nothing but update setup to display TPM ERROR on execution of + //setup command and continue to boot + Config.TpmError = AMI_TPM_HARDWARE_SETUP_REQUEST_ERROR; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + } + else { + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + RequestSystemReset( EfiResetCold ); + } + +#endif + + } + else if ( Config.TpmOperation ) + { + +#if CONFIRM_SETUP_CHANGE + ppi_request = Config.TpmOperation; + + Config.Reserved5 = TRUE; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + run_PPI_UI, + 0, + &ev ); + + if(EFI_ERROR(Status)){ + return Status; + } + + Status = pBS->RegisterProtocolNotify( + &gBdsAllDriversConnectedProtocolGuid, + ev, + ® ); + if(EFI_ERROR(Status)){ + return Status; + } + + run_PPI_UI( NULL, NULL ); + return Status; + +#else + TRACE((TRACE_ALWAYS, "\n ENABLE == Setup in setup \n")); + + if ( execute_request( Config.TpmOperation ) != 0 ) + { + //Do nothing but update setup to display TPM ERROR on execution of + //setup command and continue to boot + //Do nothing but update setup to display TPM ERROR on execution of + //setup command and continue to boot + Config.TpmError = AMI_TPM_HARDWARE_SETUP_REQUEST_ERROR; + Config.TpmOperation = 0; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + if(EFI_ERROR(Status))return Status; + + } + else { + //reset to update setup + if(Config.TpmOperation == TCPA_PPIOP_CLEAR) + { + Config.TpmEnable = 0; + } + Config.TpmOperation = 0; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + RequestSystemReset( EfiResetCold ); + } +#endif + } + + return Status; + +} + + + + +//********************************************************************** +// +// +// Procedure: GetStringFromToken +// +// Description: Gets a UNI string by Token +// +// Input: IN STRING_REF Token, +// OUT CHAR16 **String +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS GetStringFromToken( + IN STRING_REF Token, + OUT CHAR16 **String ) +{ + EFI_STATUS Status; + UINTN StringBufferLength; + UINT16 *Temp; + UINTN Size = 0; + + + // + // Find the string based on the current language + // + StringBufferLength = 0x500; + Status = pBS->AllocatePool( EfiBootServicesData, + sizeof (CHAR16) * 0x500, + String ); + Temp = *String; + while ( Temp < *String + StringBufferLength ) + { + *Temp = 0x0; + Temp++; + } + +#if EFI_SPECIFICATION_VERSION>0x20000 + + Status = HiiLibGetString ( + gHiiHandle, + Token, + &StringBufferLength, + *String + ); + if (EFI_ERROR(Status)) { + return Status; + } + +#else + if ( Hii == NULL ) + { + return EFI_NOT_FOUND; + } + + Status = Hii->GetString( + Hii, + gHiiHandle, + Token, + TRUE, + NULL, + &StringBufferLength, + *String + ); +#endif + + + if ( EFI_ERROR( Status )) + { + pBS->FreePool( *String ); + return EFI_NOT_FOUND; + } + + return EFI_SUCCESS; +} + +STRING_REF ppi_op_names[] = { + STRING_TOKEN( STR_TCG_ENABLE ), + STRING_TOKEN( STR_TCG_DISABLE ), + + STRING_TOKEN( STR_TCG_ACTIVATE ), + STRING_TOKEN( STR_TCG_DEACTIVATE ), + + STRING_TOKEN( STR_TCG_ALLOW ), + STRING_TOKEN( STR_TCG_DISALLOW ), + + STRING_TOKEN( STR_TCG_CLEAR ), + STRING_TOKEN( STR_TCG_NOTCLEAR ), + + STRING_TOKEN( STR_TCG_ENABLE ), + STRING_TOKEN( STR_TCG_DISABLE ), + + STRING_TOKEN( STR_TCG_ACTIVATE ), + STRING_TOKEN( STR_TCG_DEACTIVATE ), + +}; + + +STRING_REF NV_op_names[] = { + STRING_TOKEN( STR_TCG_SETNOPPIPROVISION ), + STRING_TOKEN( STR_TCG_SETNOPPICLEAR ), + STRING_TOKEN( STR_TCG_SETNOPPIMAINTENANCE ), + STRING_TOKEN( STR_TCG_SETNOPPIPROVISIONACCPET ), + STRING_TOKEN( STR_TCG_SETNOPPICLEARACCPET ), + STRING_TOKEN( STR_TCG_SETNOPPIMAINTENANCEACCEPT ), +}; + + +//********************************************************************** +// +// +// Procedure: displOperations +// +// Description: Display requested actions as a list of operations +// +// INPUT: IN extended_request erqst, +// IN int count, +// IN CHAR16 *DesStr +// +// OUTPUT: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void displOperations( + IN extended_request erqst, + IN int count, + IN CHAR16 *DesStr ) +{ + int i, j; + CHAR16 * strDelim = L", "; + UINT32 r; + CHAR16 *String; + + if ( count == 2 ) + { + strDelim = L" and "; + } + + for ( i = 0, r = erqst, j = 0; i <= PPI_MAX_BASIC_OP; i++, r >>= 2 ) + { + if ( r & PPI_FEATURE_CHANGE ) + { + GetStringFromToken( ppi_op_names[(i* 2) + (r & PPI_FEATURE_ON ? 0 : 1)], + &String ); + + Wcscpy( DesStr + Wcslen( DesStr ), String ); + j++; + + if ( j < count ) + { + Wcscpy( DesStr + Wcslen( DesStr ), strDelim ); + } + + if ( j == count - 2 ) + { + strDelim = L", and "; + } + } + } +} + + +//********************************************************************** +// +// +// Procedure: displTpmNvOperations +// +// Description: Display requested actions as a list of operations +// +// INPUT: IN extended_request erqst, +// IN CHAR16 *DesStr +// +// OUTPUT: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void displTpmNvOperations( + IN UINT8 erqst, + IN CHAR16 *DesStr ) +{ + CHAR16 *String; + + GetStringFromToken( STRING_TOKEN(STR_TCG_CONFIGURATION), &String ); + + if(erqst == TCPA_PPIOP_SETNOPPIPROVISION_TRUE){ + + Wcscpy( DesStr + Wcslen( DesStr ), String ); + GetStringFromToken( STRING_TOKEN(STR_TCG_SETNOPPIPROVISION) , &String ); + Wcscpy( DesStr + Wcslen( DesStr ), String ); + + }else if(erqst == TCPA_PPIOP_SETNOPPICLEAR_TRUE){ + + Wcscpy( DesStr + Wcslen( DesStr ), String ); + GetStringFromToken( STRING_TOKEN(STR_TCG_SETNOPPICLEAR) , &String ); + Wcscpy( DesStr + Wcslen( DesStr ), String ); + + }else if(erqst == TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE){ + + Wcscpy( DesStr + Wcslen( DesStr ), String ); + GetStringFromToken( STRING_TOKEN(STR_TCG_SETNOPPIMAINTENANCE) , &String ); + Wcscpy( DesStr + Wcslen( DesStr ), String ); + + } + +} + + + + +//********************************************************************** +// +// +// Procedure: prompt_operation +// +// Description: Display information on the requested TPM operation to the user; +// +// INPUT: IN int rqst +// +// OUTPUT: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void prompt_operation( + IN int rqst ) +{ + int i; + UINT32 r; + int count = 0; + EFI_STATUS Status; + CHAR16 TempChar; + CHAR16 *StrBuffer = NULL; + CHAR16 *String; + UINT8 rq = (UINT8) rqst; + UINTN CurX, CurY; + AMITSESETUP TSEVar; + UINTN Size; + EFI_GUID AmiTseSetupguid = AMITSESETUP_GUID; + + extended_request erqst; + + erqst = extend_request( rq ); + + // + // Allocate the memory for the string buffer + // + Status = pBS->AllocatePool( + EfiBootServicesData, + sizeof (CHAR16) * 0x100, + (VOID*) &StrBuffer + ); + + if ( EFI_ERROR( Status ) || StrBuffer == NULL ) + { + return; + } + + MemSet( StrBuffer, sizeof (CHAR16) * 0x100, 0 ); + + Status = pBS->LocateProtocol( &gAmiPostManagerProtocolGuid, + NULL, + &pAmiPostMgr ); + + if ( EFI_ERROR( Status )) + { + return; + } + // + // If we are silent mode switch to Bios post mode + // + + #if EFI_SPECIFICATION_VERSION<0x2000A + Status = pBS->LocateProtocol (&gEfiHiiProtocolGuid, NULL, &Hii); + ASSERT(!EFI_ERROR(Status)); + #endif + + pAmiPostMgr->SwitchToPostScreen( ); + + Size = sizeof (AMITSESETUP); + + Status = pRS->GetVariable(L"AMITSESetup", \ + &AmiTseSetupguid, \ + NULL, \ + &Size, \ + &TSEVar ); + + // + // Count number of simple operations + // + for ( i = 0, r = erqst; i <= PPI_MAX_BASIC_OP; i++, r >>= 2 ) + { + if ( r & PPI_FEATURE_CHANGE ) + { + count++; + } + } + TRACE((TRACE_ALWAYS, "PPI operations count: %d\n", count)); + + // + // Display the string + // + if(Status == EFI_SUCCESS){ + if(TSEVar.AMISilentBoot == 0x00){ + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + } + } + +//CurX, CurY; + pAmiPostMgr->GetCurPos(&CurX, &CurY); + + CurX = 0; + CurY -= PPI_DISPLAY_OFFSET; + + pAmiPostMgr->SetCurPos(CurX, CurY); + GetStringFromToken( STRING_TOKEN( STR_TCG_BLANK ), &String ); + Wcscpy( StrBuffer, String ); + + for(i=0; iDisplayPostMessage( StrBuffer ); + } + + MemSet( StrBuffer, sizeof (CHAR16) * 0x100, 0 ); + + if (rq < TCPA_PPIOP_SETNOPPIPROVISION_FALSE || rq > TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_CONFIGURATION ), &String ); + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + displOperations( erqst, count, StrBuffer ); + GetStringFromToken( STRING_TOKEN( STR_TPM ), &String ); + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + }else{ + displTpmNvOperations( rq , StrBuffer ); + } + + if ( Wcslen( StrBuffer ) > 79 ) + { + for ( i = 79; i > 1; i-- ) + { + if ( StrBuffer[i] == 0x0020 ) + { + break; + } + } + + TempChar = StrBuffer[i + 1]; + StrBuffer[i + 1] = 0000; + // + // Display the string + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + StrBuffer[i + 1] = TempChar; + pAmiPostMgr->DisplayPostMessage( &StrBuffer[i + 1] ); + } + else { + // + // Display the string + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + } + + //take care of Note messages + if ( ppi_request == TCPA_PPIOP_ENABLE_ACTV + || ppi_request == TCPA_PPIOP_ENACTVOWNER ) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_NOTE ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + if ( ppi_request == TCPA_PPIOP_DEACT_DSBL + || ppi_request == TCPA_PPIOP_DADISBLOWNER) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_NOTE1 ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + if ( ppi_request == TCPA_PPIOP_CLEAR_ENACT + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_NOTE2 ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + GetStringFromToken( STRING_TOKEN( STR_TCG_BLANK ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + + //take care of warning messages + if ( ppi_request == TCPA_PPIOP_CLEAR_ENACT + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV ) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_WARNING ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + if ( ppi_request == TCPA_PPIOP_CLEAR + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_WARNING1 ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + if ( ppi_request == TCPA_PPIOP_DISABLE || ppi_request == TCPA_PPIOP_DEACTIVATE + || ppi_request == TCPA_PPIOP_DEACT_DSBL || ppi_request == TCPA_PPIOP_DADISBLOWNER) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_WARNING2 ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + GetStringFromToken( STRING_TOKEN( STR_TCG_BLANK ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + + + MemSet( StrBuffer, sizeof (CHAR16) * 0x100, 0 ); + + // + // Display the one line space + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + + if ( ppi_request == TCPA_PPIOP_CLEAR_ENACT || ppi_request == + TCPA_PPIOP_CLEAR || ppi_request == TCPA_PPIOP_SETNOPPICLEAR_FALSE + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR + || ppi_request == TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV) + { + GetStringFromToken( STRING_TOKEN( STR_TCG_KEY1 ), &String ); + } + else { + GetStringFromToken( STRING_TOKEN( STR_TCG_KEY2 ), &String ); + } + + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + + // + // Display the string + // + if (rq < TCPA_PPIOP_SETNOPPIPROVISION_FALSE || rq > TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE){ + displOperations( erqst, count, StrBuffer ); + GetStringFromToken( STRING_TOKEN( STR_TPM ), &String ); + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + }else{ + if(rq == TCPA_PPIOP_SETNOPPIPROVISION_TRUE){ + GetStringFromToken( STRING_TOKEN(STR_TCG_SETNOPPIPROVISIONACCPET) , &String ); + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + + } + else if(rq == TCPA_PPIOP_SETNOPPICLEAR_TRUE){ + GetStringFromToken( STRING_TOKEN(STR_TCG_SETNOPPICLEARACCPET) , &String ); + Wcscpy( StrBuffer + Wcslen( StrBuffer ), String ); + } + } + + if (Wcslen( StrBuffer ) > 79 ) + { + for ( i = 79; i > 1; i-- ) + { + if ( StrBuffer[i] == 0x0020 ) + + { + break; + } + } + + TempChar = StrBuffer[i + 1]; + StrBuffer[i + 1] = 0000; + // + // Display the string + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + StrBuffer[i + 1] = TempChar; + pAmiPostMgr->DisplayPostMessage( &StrBuffer[i + 1] ); + } + else { + // + // Display the string + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + } + + + GetStringFromToken( STRING_TOKEN( STR_TCG_CONFIRAMATION ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + + MemSet( StrBuffer, sizeof (CHAR16) * 0x100, 0 ); + //Wcscpy (StrBuffer + Wcslen (StrBuffer), String); + + // + // Display the one line space + // + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + + pBS->FreePool( StrBuffer ); + + return; +} + + + + +void run_PPI_UI( + IN EFI_EVENT ev, + IN VOID *ctx) +{ + + static UINT8 RequestConfirmed = FALSE; + EFI_GUID Oempolicyguid = AMI_BIOSPPI_FLAGS_MANAGEMENT_GUID; + PERSISTENT_BIOS_TPM_MANAGEMENT_FLAGS_PROTOCOL *OemTpmBiosPolicy; + PERSISTENT_BIOS_TPM_FLAGS TpmNvflags; + EFI_STATUS Status; + TCG_PLATFORM_SETUP_PROTOCOL *ProtocolInstance; + EFI_GUID Policyguid = TCG_PLATFORM_SETUP_POLICY_GUID; + TCG_CONFIGURATION Config; + TSE_POST_STATUS TsePostStatus; +#if TPM_PASSWORD_AUTHENTICATION + UINT32 GlobalVariable; + UINTN Size; + if ( PasswordSupplied ) + { + goto CheckConfirm; + } +#else + if(IsRunPpiUIAlreadyDone ==TRUE){ + return; + } +#endif + + + if (pAmiPostMgr == NULL) { + Status = pBS->LocateProtocol( &gAmiPostManagerProtocolGuid, + NULL, + &pAmiPostMgr ); + + if (EFI_ERROR(Status)) { + return; + } + } + + // + // Calling GetPostStatus() to check current TSE_POST_STATUS + // + TsePostStatus = pAmiPostMgr->GetPostStatus(); + + if ( pST->ConIn == NULL || pST->ConOut == NULL || TsePostStatus == TSE_POST_STATUS_BEFORE_POST_SCREEN ) + { + TRACE((TRACE_ALWAYS, "\tTextIn/Out not ready: in=%x; out=%x\n", + pST->ConIn, pST->ConOut)); + return; + } + + IsRunPpiUIAlreadyDone = TRUE; + + Status = pBS->LocateProtocol (&Policyguid, NULL, &ProtocolInstance); + if (EFI_ERROR (Status)) { + return; + } + + + MemCpy(&Config, &ProtocolInstance->ConfigFlags, sizeof(TCG_CONFIGURATION)); + + Config.PpiSetupSyncFlag = TRUE; + + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + Status = pBS->LocateProtocol( &Oempolicyguid, NULL, &OemTpmBiosPolicy); + if(!EFI_ERROR(Status)){ + Status = OemTpmBiosPolicy->ReadBiosTpmflags(&TpmNvflags); + if(!EFI_ERROR(Status)){ + + switch( ppi_request) + { + case 1: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 2: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 3: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 4: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 5: + if(TpmNvflags.NoPpiClear == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 6: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 7: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 8: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 9: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 10: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 11: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 12: + //TPM_SetCapability command + if(TpmNvflags.NoPpiMaintenance == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 13: + if(TpmNvflags.NoPpiProvision == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 14: + if(TpmNvflags.NoPpiProvision == TRUE && TpmNvflags.NoPpiClear == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 15: + //SetNoPpiProvision_false + RequestConfirmed = TRUE; + break; + case 16: + RequestConfirmed = FALSE; + break; + case 17: + //SetNoPpiClear_false + RequestConfirmed = TRUE; + break; + case 18: + //SetNoPpiClear_True + RequestConfirmed = FALSE; + break; + case 19: + //SetNoPpiMaintenance_False + RequestConfirmed = TRUE; + break; + case 20: + RequestConfirmed = FALSE; + break; + case 21: + //Enable + Activate + Clear + if(TpmNvflags.NoPpiClear == TRUE) + { + RequestConfirmed = TRUE; + } + break; + case 22: + //Enable + Activate + clear + Enable + Activate + if(TpmNvflags.NoPpiProvision == TRUE && TpmNvflags.NoPpiClear == TRUE) + { + RequestConfirmed = TRUE; + } + break; + default: + break; + + } + + } + } + +#if CONFIRM_SETUP_CHANGE + if(Config.Reserved5 == TRUE) + { + Config.Reserved5 = FALSE; + RequestConfirmed = FALSE; + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + } +#endif + +#if TPM_PASSWORD_AUTHENTICATION + prompt_operation( ppi_request ); + RequestConfirmed = confirmUser( ); +#else + if(RequestConfirmed == FALSE) + { + prompt_operation( ppi_request ); + RequestConfirmed = confirmUser( ); + } +#endif + + + #if TPM_PASSWORD_AUTHENTICATION + + if ( check_authenticate_set( ) && RequestConfirmed ) + { + GlobalVariable = 0x58494d41; // "AMIX" + Status = pRS->SetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (UINT32), + &GlobalVariable + ); + + if ( EFI_ERROR( Status )) + { + Status = pRS->GetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + NULL, + &Size, + &GlobalVariable + ); + GlobalVariable = 0x58494d41; // "AMIX" + Status = pRS->SetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + Size, + &GlobalVariable + ); + } + SignalProtocolEvent(&TcgPasswordAuthenticationGuid); + return; + } +CheckConfirm: + #endif + + if ( !RequestConfirmed ) + { + TRACE((TRACE_ALWAYS, "\tPPI request was turned down: user cancel\n")); + TRACE((TRACE_ALWAYS, "Another key pressed for PPI setup, Write_result")); + WritePpiResult( ppi_request, TCPA_PPI_USERABORT ); + return; + } + + #if TPM_PASSWORD_AUTHENTICATION + + if ( check_authenticate_set( )) + { + GlobalVariable = 0; + Status = pRS->SetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (UINT32), + &GlobalVariable + ); + + if ( EFI_ERROR( Status )) + { + Status = pRS->GetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + NULL, + &Size, + &GlobalVariable + ); + GlobalVariable = 0; + Status = pRS->SetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + Size, + &GlobalVariable + ); + } + + if ( !check_user_is_administrator( )) + { + WritePpiResult( ppi_request, TCPA_PPI_USERABORT ); + return; + } + } + #endif + + TRACE((TRACE_ALWAYS, "F10 pressed for PPI setup, execute request")); + + //verify and do TPM related Ppi over here + if(ppi_request >= TCPA_PPIOP_SETNOPPIPROVISION_FALSE && + ppi_request <= TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE ) + { + if(ppi_request == TCPA_PPIOP_SETNOPPIPROVISION_FALSE) + { + if(TpmNvflags.NoPpiProvision != FALSE){ + TpmNvflags.NoPpiProvision = 0; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else if(ppi_request == TCPA_PPIOP_SETNOPPIPROVISION_TRUE) + { + if(TpmNvflags.NoPpiProvision != TRUE){ + TpmNvflags.NoPpiProvision = TRUE; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + } + else if(ppi_request == TCPA_PPIOP_SETNOPPICLEAR_FALSE){ + if(TpmNvflags.NoPpiClear != FALSE){ + TpmNvflags.NoPpiClear = 0; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + } else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else if(ppi_request == TCPA_PPIOP_SETNOPPICLEAR_TRUE){ + if(TpmNvflags.NoPpiClear != TRUE){ + TpmNvflags.NoPpiClear = TRUE; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + + }else if(ppi_request == TCPA_PPIOP_SETNOPPIMAINTENANCE_FALSE){ + if(TpmNvflags.NoPpiMaintenance != FALSE){ + TpmNvflags.NoPpiMaintenance = FALSE; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + }else if(ppi_request == TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE){ + if(TpmNvflags.NoPpiMaintenance != TRUE){ + TpmNvflags.NoPpiMaintenance = TRUE; + Status = OemTpmBiosPolicy->SetBiosTpmflags(&TpmNvflags); + if(Status){ + WritePpiResult( ppi_request, TCPA_PPI_BIOSFAIL ); + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + } + }else{ + WritePpiResult( ppi_request, (UINT16)EFI_SUCCESS ); + } + + RequestSystemReset( EfiResetCold); + }else + { + + if(ppi_request != 0) + { + if ( execute_request( ppi_request ) == 0 ) + { + ppi_request = 0; + RequestSystemReset( EfiResetCold); + } + else { + pST->ConOut->OutputString( + pST->ConOut, + L"\n\r Error trying to complete TPM request.\n\r" ); + RequestSystemReset( EfiResetCold); + } + } + } +} + + + +#if TPM_PASSWORD_AUTHENTICATION +//********************************************************************** +// +// +// Procedure: OnAdminPasswordValid +// +// Description: Sets AdminPasswordValid to TRUE [If TPM_PASSWORD_AUTHENTICATION] +// +// +// Input: IN EFI_EVENT ev, +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS OnAdminPasswordValid( + IN EFI_EVENT ev, + IN VOID *ctx ) +{ + AdminPasswordValid = TRUE; + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: OnPasswordSupplied +// +// Description: Sets PasswordSupplied to TRUE and runs PPI User Interface +// +// +// Input: IN EFI_EVENT ev, +// IN VOID *ctx +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS OnPasswordSupplied( + IN EFI_EVENT ev, + IN VOID *ctx ) +{ + PasswordSupplied = TRUE; + run_PPI_UI( ev, ctx); + return EFI_SUCCESS; +} + + +//**************************************************************************************** +// +// +// Procedure: check_authenticate_set +// +// Description: checks if password authentication set in Setup +// +// +// Input: +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +BOOLEAN check_authenticate_set( ) +{ + EFI_STATUS Status; + SETUP_DATA *sd = NULL; + BOOLEAN CheckPassword = FALSE; + + if ( AuthenticateSet ) + { + return TRUE; + } + Status = getSetupData( &sd, NULL, NULL ); + + if ( !EFI_ERROR( Status )) + { + CheckPassword = sd->TpmAuthenticate; + } + + if ( CheckPassword ) + { + AuthenticateSet = TRUE; + return TRUE; + } + return FALSE; +} + +//**************************************************************************************** +// +// +// Procedure: check_user_is_administrator +// +// Description: check if user was authenticated as an administrator (optional) +// +// +// Input: +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +BOOLEAN check_user_is_administrator( ) +{ + if ( check_authenticate_set( )) + { + if ( AdminPasswordValid ) + { + return TRUE; + } + else { + return FALSE; + } + } + return TRUE; +} + + +EFI_STATUS PasswordAuthHelperFunction( ) +{ + UINT32 GlobalVariable = 0; + EFI_STATUS Status; + EFI_EVENT ev; + static VOID *reg; + + // + // Hook Up Admin Password Notification ; + // + AuthenticateSet = check_authenticate_set( ); + AdminPasswordValid = FALSE; + PasswordSupplied = FALSE; + { + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_NOTIFY, + OnAdminPasswordValid, + ®, + &ev ); + ASSERT( !EFI_ERROR( Status )); + Status = pBS->RegisterProtocolNotify( &gAmitseAdminPasswordValidGuid, + ev, + ® ); + } + + { + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_NOTIFY, + OnPasswordSupplied, + ®, + &ev ); + ASSERT( !EFI_ERROR( Status )); + Status = pBS->RegisterProtocolNotify( &gAmitsePasswordPromptExitGuid, + ev, + ® ); + } + + Status = pRS->SetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (UINT32), + &GlobalVariable ); + + return Status; +} + + + +#endif + + +//********************************************************************** +// +// +// Procedure: ResetOSTcgVar +// +// Description: Function to reset TCG variables on certain scenerions +// +// Input: +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +void ResetOSTcgVar( ) +{ + EFI_STATUS Status; + EFI_GUID AmitcgefiOsVariableGuid = AMI_TCG_EFI_OS_VARIABLE_GUID; + AMI_PPI_NV_VAR Temp; + UINT32 Attribs = EFI_VARIABLE_NON_VOLATILE + | EFI_VARIABLE_BOOTSERVICE_ACCESS; + UINTN TempSize = sizeof (AMI_PPI_NV_VAR); + + Temp.RQST = 0; + Temp.RCNT = 0; + Temp.ERROR = 0; + Temp.Flag = 0; + Temp.AmiMisc = 0; + + Status = pRS->GetVariable( + L"AMITCGPPIVAR", + &AmitcgefiOsVariableGuid, + &Attribs, + &TempSize, + &Temp ); + + if ( EFI_ERROR( Status ) || Temp.RQST != 0 ) + { + Temp.RQST = 0; + Temp.RCNT = 0; + Temp.ERROR = 0; + Temp.Flag = 0; + Temp.AmiMisc = 0; + + Status = TcgSetVariableWithNewAttributes(L"AMITCGPPIVAR", &AmitcgefiOsVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (AMI_PPI_NV_VAR), &Temp); + + } +} + + + + +//********************************************************************** +// +// +// Procedure: ProcessTcgPpiRequest +// +// Description: Process Tcg Ppi requests +// +// Input: NONE +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI ProcessTcgPpiRequest() +{ + EFI_STATUS Status; + UINT32 Temp = 0; + UINT32 Attribs = EFI_VARIABLE_NON_VOLATILE + | EFI_VARIABLE_BOOTSERVICE_ACCESS; + UINTN TempSize = sizeof (UINT32); + AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL *POverride; + EFI_GUID Overrideguid =\ + AMI_PROCESS_TCG_PPI_REQUEST_GUID; + TCG_PLATFORM_SETUP_PROTOCOL *ProtocolInstance; + EFI_GUID Policyguid = TCG_PLATFORM_SETUP_POLICY_GUID; + TCG_CONFIGURATION Config; +#if defined TCGPPISPEC_1_2_SUPPORT && TCGPPISPEC_1_2_SUPPORT == 1 + EFI_GUID Oempolicyguid = AMI_BIOSPPI_FLAGS_MANAGEMENT_GUID; + EFI_GUID FlagsStatusguid = AMI_TCG_CONFIRMATION_FLAGS_GUID; + PERSISTENT_BIOS_TPM_MANAGEMENT_FLAGS_PROTOCOL *OemTpmBiosPolicy; + PERSISTENT_BIOS_TPM_FLAGS TpmNvflags; +#endif + EFI_TCG_PROTOCOL *tcg; + EFI_TPM_DEVICE_PROTOCOL *TpmDevice; + TPM_RESULT tpmStatus = 0; + UINT32 Intrqst; + UINT8 one = 1; + UINT8 zero = 0; + + + Status = pBS->LocateProtocol(&Overrideguid, + NULL, + &POverride ); + + if(!EFI_ERROR(Status)){ + return (POverride->Function()); + } + + Status = pBS->LocateProtocol (&Policyguid, NULL, &ProtocolInstance); + if (EFI_ERROR (Status)) { + return Status; + } + + //copy NV confirmation flags for O.S. request +#if defined TCGPPISPEC_1_2_SUPPORT && TCGPPISPEC_1_2_SUPPORT == 1 + Status = pBS->LocateProtocol( &Oempolicyguid, NULL, &OemTpmBiosPolicy); + if(!EFI_ERROR(Status)){ + Status = OemTpmBiosPolicy->ReadBiosTpmflags(&TpmNvflags); + if(EFI_ERROR(Status)){ + TpmNvflags.NoPpiProvision = 0; + TpmNvflags.NoPpiClear = 0; + TpmNvflags.NoPpiMaintenance = 0; + } + }else{ + //all request require confirmation + TpmNvflags.NoPpiProvision = 0; + TpmNvflags.NoPpiClear = 0; + TpmNvflags.NoPpiMaintenance = 0; + } + + Status = TcgSetVariableWithNewAttributes(L"TPMPERBIOSFLAGS", &FlagsStatusguid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (PERSISTENT_BIOS_TPM_FLAGS), &TpmNvflags ); + +#endif + + +#if TPM_PASSWORD_AUTHENTICATION + Status = PasswordAuthHelperFunction( ); +#endif + + + + ppi_request = ReadPpiRequest( ); + ppi_request &= 0xFF; + + Status = pRS->GetVariable( + L"TcgINTPPI", + &TcgEfiGlobalVariableGuid, + &Attribs, + &TempSize, + &Temp ); + + if(EFI_ERROR(Status)){ + //if error do nothing. It is alright for + //this variable to not exist. + Temp = 0; + } + + TRACE((TRACE_ALWAYS, "\n PPI_request is: %x \n", ppi_request)); + + if (Temp != 0) + { + MemCpy(&Config, &ProtocolInstance->ConfigFlags, sizeof(TCG_CONFIGURATION)); + + Config.PpiSetupSyncFlag = TRUE; + + ProtocolInstance->UpdateStatusFlags(&Config, TRUE); + + Status = pBS->LocateProtocol( &gEfiTpmDxeDeviceProtocolGuid,NULL, &TpmDevice); + if ( EFI_ERROR( Status )) + { + return Status; + } + + Status = pBS->LocateProtocol( &gEfiTcgProtocolGuid, NULL, &tcg ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + if(!AutoSupportType()){ + TpmDevice->Init( TpmDevice ); + + Intrqst = (TCPA_PPIOP_ENACTVOWNER << 4 | TCPA_PPIOP_OWNER_ON); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_SetOwnerInstall, 1, &one ); + WritePpiResult( ppi_request >> 04, (UINT16)( TPM_H2NL( tpmStatus ))); + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + RequestSystemReset( EfiResetCold ); + } + //no ppi request so check for setup request + Intrqst = (TCPA_PPIOP_ENABLE_ACTV_CLEAR << 4 | TCPA_PPIOP_CLEAR); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_ForceClear, 0, 0 ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + RequestSystemReset( EfiResetCold ); + } + + //no ppi request so check for setup request + Intrqst = (TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV << 4 | TCPA_PPIOP_ENABLE_ACTV); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TPM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + WritePpiResult( ppi_request >> 04, (UINT16)( TPM_H2NL( tpmStatus ))); + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + RequestSystemReset( EfiResetCold ); + } + + Intrqst = (TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV << 4 | TCPA_PPIOP_CLEAR_ENACT); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TPM_ORD_ForceClear, 0, 0 ); + if(!tpmStatus) + { + WritePpiResult( ppi_request >> 04, (UINT16)( TPM_H2NL( tpmStatus ))); + Temp = TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV << 4 | TCPA_PPIOP_ENABLE_ACTV; + + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + RequestSystemReset( EfiResetCold ); + } + } + } + else + { + Intrqst = (TCPA_PPIOP_ENACTVOWNER << 4 | TCPA_PPIOP_OWNER_ON); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_SetOwnerInstall, 1, &one ); + WritePpiResult( ppi_request >> 04, (UINT16)( TPM_H2NL( tpmStatus ))); + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + RequestSystemReset( EfiResetCold ); + } + //no ppi request so check for setup request + Intrqst = (TCPA_PPIOP_ENABLE_ACTV_CLEAR << 4 | TCPA_PPIOP_CLEAR); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_ForceClear, 0, 0 ); + + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + + RequestSystemReset( EfiResetCold ); + } + + //no ppi request so check for setup request + Intrqst = (TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV << 4 | TCPA_PPIOP_ENABLE_ACTV); + if ( Temp == Intrqst) + { + tpmStatus = SendTpmCommand( tcg, TCM_ORD_PhysicalEnable, 0, 0 ); + if(!tpmStatus) + { + tpmStatus = SendTpmCommand( tcg,TCM_ORD_PhysicalSetDeactivated, 1,&zero ); + } + WritePpiResult( ppi_request >> 04, (UINT16)( TPM_H2NL( tpmStatus ))); + if(!AutoSupportType()){ + TpmDevice->Close( TpmDevice ); + } + Temp = 0; + Status = TcgSetVariableWithNewAttributes(L"TcgINTPPI", &TcgEfiGlobalVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + sizeof (UINT32), &Temp ); + RequestSystemReset( EfiResetCold ); + } + } + } + + if(ppi_request == TCPA_PPIOP_UNOWNEDFIELDUPGRADE || ppi_request == TCPA_PPIOP_SETOPAUTH + || ppi_request == TCPA_PPIOP_SETNOPPIMAINTENANCE_FALSE || ppi_request == TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE){ + //these commands are optional and not supported + return EFI_SUCCESS; + } + + + if(ppi_request > 0 && ppi_request <= TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV) + { + EFI_EVENT ev; + static VOID *reg; + + #if TPM_PASSWORD_AUTHENTICATION + + AuthenticateSet = check_authenticate_set( ); + + #endif + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + run_PPI_UI, + 0, + &ev ); + + if(EFI_ERROR(Status)){ + return Status; + } + + Status = pBS->RegisterProtocolNotify( + &gBdsAllDriversConnectedProtocolGuid, + ev, + ® ); + if(EFI_ERROR(Status)) { + return Status; + } + } + + return Status; +} + + + +AMI_TCG_PLATFORM_PROTOCOL AmiTcgPlatformProtocol = { + MEASURE_CPU_MICROCODE_DXE_FUNCTION, + MEASURE_PCI_OPTION_ROM_DXE_FUNCTION, + ProcessTcgSetup, + ProcessTcgPpiRequest, + SetTcgReadyToBoot, + GetProtocolVersion, + ResetOSTcgVar +}; + + +EFI_STATUS +EFIAPI AmiTcgPlatformDXE_Entry( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable ) +{ + EFI_STATUS Status; + + InitAmiLib( ImageHandle, SystemTable ); + + gAmiTcgPlatformImageHandle = ImageHandle; + + Status = pBS->InstallProtocolInterface( + &ImageHandle, + &gAMITcgPlatformProtocolguid, + EFI_NATIVE_INTERFACE, + &AmiTcgPlatformProtocol); + + LoadStrings( ImageHandle, &gHiiHandle ); + return Status; +} + +// +//---------------------------------------------------------------------------- +// Procedure: SignalProtocolEvent +// +// Description: +// Internal function that installs/uninstalls protocol with a specified +// GUID and NULL interface. Such protocols can be used as event +// signaling mechanism. +// +// Input: +// IN EFI_GUID *TcgPasswordAuthenticationGuid - Pointer to the protocol GUID +// +// Output: +// VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//---------------------------------------------------------------------------- +// + +VOID +SignalProtocolEvent ( + IN EFI_GUID *TcgPasswordAuthenticationGuid ) +{ + EFI_HANDLE Handle = NULL; + pBS->InstallProtocolInterface ( + &Handle, TcgPasswordAuthenticationGuid, EFI_NATIVE_INTERFACE, NULL + ); + pBS->UninstallProtocolInterface ( + Handle, TcgPasswordAuthenticationGuid, NULL + ); + return; +} +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.cif b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.cif new file mode 100644 index 0000000..079f6a6 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.cif @@ -0,0 +1,15 @@ + + name = "AmiTcgPlatformDxe" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgPlatformDxe" +[files] +"AmiTcgPlatformDxe.sdl" +"AmiTcgPlatformDxe.mak" +"AmiTcgPlatformDxe.c" +"AmiTcgPlatformDxe.h" +"AmiTcgPlatformDxe.dxs" +"AmiTcgPlatformDxeLib.h" +"AmiTcgPlatformDxeLib.c" +"AmiTcgPlatformDxeString.uni" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.dxs b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.dxs new file mode 100644 index 0000000..6eceed8 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.dxs @@ -0,0 +1,82 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.dxs 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.dxs $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:55p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 3 7/25/11 3:44a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 2 3/29/11 2:27p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxe.dxs +// +// Description: Dependency file for AmiTcgPlatformDxe +// +// +//************************************************************************* +#include "TcgService.h" +#include + +DEPENDENCY_START +#if defined(TCGPPISPEC_1_2_SUPPORT)&&(TCGPPISPEC_1_2_SUPPORT==1) + EFI_TCG_PROTOCOL_GUID AND + AMI_BIOSPPI_FLAGS_MANAGEMENT_GUID +#else + EFI_TCG_PROTOCOL_GUID +#endif +DEPENDENCY_END + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.h b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.h new file mode 100644 index 0000000..eb04d34 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.h @@ -0,0 +1,425 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.h 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.h $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 10/03/13 2:19p Fredericko +// +// 1 7/10/13 5:55p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 11 1/20/12 9:20p Fredericko +// +// 10 12/30/11 5:06p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 9 11/28/11 7:31p Fredericko +// [TAG] EIP63922 +// [Category] Improvement +// [Description] Support for Smbios label 30 and up. Callback on +// publishing of Smbios tables +// [Files] AmiTcgPlatformDxe.c +// +// 8 10/10/11 11:36a Fredericko +// [TAG] EIP70220 +// [Category] Improvement +// [Description] Remove dependency on CSM +// [Files] TcgLegacy.sdl +// AmiTcgPlatformDxe.c +// AmiTcgPlatformDxe.h +// xTcgDxe.c +// +// 7 10/10/11 12:12a Fredericko +// [TAG] EIP70220 +// [Category] Improvement +// [Description] Remove dependency on CSM +// [Files] TcgLegacy.sdl +// AmiTcgPlatformDxe.c +// AmiTcgPlatformDxe.h +// xTcgDxe.c +// +// 6 7/25/11 3:43a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 5 4/28/11 6:34p Fredericko +// Removed VFR compile +// +// 4 4/26/11 1:54p Fredericko +// Added support for function level override of specific functions. GUID +// definitions added +// +// 3 4/06/11 10:40a Fredericko +// Core 4.6.5.0 build error changes +// +// 2 3/29/11 2:27p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxe.h +// +// Description: Header file for AmiTcgPlatformDxe +// +// +//************************************************************************* +#include +#include "TcgPc.h" +#include +#include +#include +#include +#if SMBIOS_SUPPORT == 1 + #include +#endif +#include +#include +#include +#include +#include +#include "Protocol/CpuIo.h" +#include "Protocol/FirmwareVolume.h" +#include "Protocol/DevicePath.h" + +#if ( defined(CSM_SUPPORT) && (CSM_SUPPORT != 0) ) +#include "Protocol/LegacyBios.h" +#endif + +#include "Protocol/PciIo.h" +#include "Protocol/Variable.h" +#include "Protocol/Reset.h" +#include "Protocol/SimpleTextOut.h" +#include "Protocol/SimpleTextIn.h" +#include "Protocol/UgaDraw.h" +#include "AMIPostMgr.h" +#if EFI_SPECIFICATION_VERSION>0x20000 + #include "Include\UefiHii.h" + #include "Protocol/HiiDatabase.h" + #include "Protocol/HiiString.h" +#else + #include "Protocol/HII.h" +#endif +#include +#include +#include +#include +#include "AmiTcgPlatformDxeLib.h" +#include + + + + +//-------------------------------------------------------------------------- +//GUID Definitions +//-------------------------------------------------------------------------- +#define EFI_SMBIOS_TABLE_GUID \ + {0xeb9d2d31, 0x2d88, 0x11d3, 0x9a, 0x16, 0x0, 0x90, 0x27, 0x3f, 0xc1, 0x4d} + +#define AMI_TCG_PLATFORM_PROTOCOL_GUID\ + {0x8c939604, 0x700, 0x4415, 0x9d, 0x62, 0x11, 0x61, 0xdb, 0x81, 0x64, 0xa6} + +#define AMI_PROCESS_TCG_PPI_REQUEST_GUID\ + { 0x30ad2b83, 0xadd0, 0x414b, 0xb1, 0x1c, 0xf9, 0x3c, 0xc1, 0xd0, 0xb7,\ + 0x9b} + +#define AMI_PROCESS_TCG_SETUP_GUID\ + { 0xc77dd102, 0x1db4, 0x4997, 0xae, 0x37, 0x4e, 0x8c, 0x52, 0x1e, 0xf5,\ + 0x67} + +#define AMI_MEASURE_CPU_MICROCODE_GUID\ + { 0x5cf308b5, 0xfa23, 0x4100, 0x8a, 0x76, 0xf3, 0x26, 0xc2, 0x81, 0x48,\ + 0x80} + +#define AMI_MEASURE_PCIOPROM_GUID\ + { 0x76f3992d, 0x529e, 0x4efe, 0x8b, 0xbe, 0x8e, 0x1e, 0xd4, 0x32, 0xc2,\ + 0x23} + +#define AMI_SET_TCG_READYTOBOOT_GUID\ + { 0xa4524a9c, 0xb5e, 0x492d, 0xae, 0xc9, 0x30, 0x86, 0x31, 0xb1, 0x89,\ + 0xb4} + +#define TCG_SMBIOS_EFI_TABLE_GROUP \ + { 0xb3dae700, 0x2a77, 0x4ea4, 0xaf, 0x79, 0x32, 0x97, 0xb4, 0x84, 0xbe, 0x61 } + + +EFI_GUID gEfiSmbiosTableGuid = EFI_SMBIOS_TABLE_GUID; + +#define MINI_SETUP_GUID { 0xB1DA0ADF, 0x4F77, 0x4070,\ + { 0xA8, 0x8E, 0xBF, 0xFE, 0x1C, 0x60, 0x52, 0x9A } } + +#define GUID_VARIABLE_DECLARATION( Variable, Guid ) extern EFI_GUID Variable + +EFI_GUID gMicrocodeGuid = { + 0x17088572, 0x377F, 0x44ef, 0x8F, 0x4E, 0xB0, 0x9F, 0xFF, 0x46, 0xA0, 0x70 +}; + +#if TPM_PASSWORD_AUTHENTICATION + +EFI_GUID gAmitseAdminPasswordValidGuid = AMITSE_ADMIN_PASSWORD_VALID_GUID; + + +#define AMITSE_PASSWORD_PROMPT_EXIT_GUID { 0xb9b038b0, 0xe2b6, 0x4aab, \ + 0x94, 0x35, 0x41, 0x65, 0xec, 0xfe, 0xd0, 0x32 } + + +EFI_GUID gAmitsePasswordPromptExitGuid = AMITSE_PASSWORD_PROMPT_EXIT_GUID; + +#define AMITSE_PASSWORD_PROMPT_ENTER_GUID \ +{ 0x73e7e01, 0x2611, 0x4e85, 0xb8, 0x96, 0xa3, 0xb6, 0x76, 0x7c, 0xba, 0x0 } + +EFI_GUID gAmitsePasswordPromptEnterGuid = AMITSE_PASSWORD_PROMPT_ENTER_GUID; +#endif + +EFI_GUID gEfiTcgProtocolGuid = EFI_TCG_PROTOCOL_GUID; +EFI_GUID gDsdtGuidDxe = DSDT_GUID; +EFI_GUID TcgEfiGlobalVariableGuid = TCG_EFI_GLOBAL_VARIABLE_GUID; + + +#define TCG_DEACTIVED_ERROR 0x06 + +//--------------------------------------------------------------------------- +// Structure Definitions +//--------------------------------------------------------------------------- +#if defined CORE_REVISION && CORE_REVISION < 5 +typedef struct _EFI_LIST_ENTRY +{ + struct _EFI_LIST_ENTRY *ForwardLink; + struct _EFI_LIST_ENTRY *BackLink; +} EFI_LIST_ENTRY; +#endif + +typedef struct +{ + UINTN Signature; + EFI_LIST_ENTRY AllEntries; // All entries + EFI_GUID ProtocolID; // ID of the protocol + EFI_LIST_ENTRY Protocols; // All protocol interfaces + EFI_LIST_ENTRY Notify; // Registerd notification handlers +} TCG_PROTOCOL_ENTRY; + +typedef struct +{ + UINTN Signature; + TCG_PROTOCOL_ENTRY *Protocol; + EFI_LIST_ENTRY Link; // All notifications for this protocol + EFI_EVENT Event; // Event to notify + EFI_LIST_ENTRY *Position; // Last position notified +} TCG_PROTOCOL_NOTIFY; + +typedef struct +{ + UINT8 MajorVersion; + UINT8 MinorVersion; + UINT8 Reserve; + UINT8 Flag; +} AMI_TCG_PROTOCOL_VERSION; + + + + +//********************************************************************** +// Function Declarations +//********************************************************************** +EFI_STATUS +OnAcpiInstalled(IN EFI_EVENT ev, + IN VOID *ctx ); + + + +EFI_STATUS measureCpuMicroCode(); + + +EFI_FORWARD_DECLARATION( AMI_TCG_PLATFORM_PROTOCOL ); + + +typedef +EFI_STATUS +(EFIAPI * MEASURE_CPU_MICROCODE)( + +); + + +typedef +EFI_STATUS +(EFIAPI * MEASURE_HANDOFF_TABLES)( + +); + + +typedef +EFI_STATUS +(EFIAPI * MEASURE_PCI_OPROMS)( + +); + + +typedef +EFI_STATUS +(EFIAPI * PROCESS_TCG_SETUP)( + +); + + + +typedef +EFI_STATUS +(EFIAPI * PROCESS_TCG_PPI_REQUEST)( + +); + + + +typedef +EFI_STATUS +(EFIAPI * MEASURE_VARIABLES)( + +); + + +typedef +EFI_STATUS +(EFIAPI * TCG_READY_TO_BOOT)( + +); + +typedef +EFI_STATUS +(EFIAPI * GET_PROTOCOL_VERSION)( + AMI_TCG_PROTOCOL_VERSION * +); + +typedef +EFI_STATUS +(EFIAPI * GET_)( + AMI_TCG_PROTOCOL_VERSION * +); + + +typedef +VOID +(EFIAPI * RESETOSTCGVAR)( +); + + +typedef +EFI_STATUS +(EFIAPI * AMI_TCG_DXE_FUNCTION_OVERRIDE)( +); + + + +typedef struct _AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL +{ + AMI_TCG_DXE_FUNCTION_OVERRIDE Function; +} AMI_TCG_DXE_FUNCTION_OVERRIDE_PROTOCOL; + + + +typedef EFI_STATUS (MEASURE_PCI_OPTION_ROM_FUNC_PTR)( +); + +typedef EFI_STATUS (MEASURE_HANDOFF_TABLES_FUNC_PTR)( +); + + +typedef EFI_STATUS (MEASURE_CPU_MICROCODE_FUNC_PTR)( +); + + +typedef EFI_STATUS (MEASURE_BOOT_VAR_FUNC_PTR)( +); + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables!= 0)) +typedef EFI_STATUS (MEASURE_SECURE_BOOT_FUNC_PTR)( +); +#endif + + +typedef EFI_STATUS (MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNC_PTR)( + +); + + +typedef EFI_STATUS (MEASURE_WAKE_EVENT_DXE_FUNC_PTR)( +); + +typedef UINT8 (SKIP_PHYSICAL_PRESENCE_LOCK_PTR)( +); + +extern MEASURE_PCI_OPTION_ROM_FUNC_PTR *MeasurePCIOpromsFuncPtr; +extern MEASURE_HANDOFF_TABLES_FUNC_PTR *MeasureHandoffTablesFuncPtr; +extern MEASURE_CPU_MICROCODE_FUNC_PTR *MeasureCpuMicroCodeFuncPtr; +extern MEASURE_BOOT_VAR_FUNC_PTR *MeasureAllBootVariablesFuncPtr; +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +extern MEASURE_SECURE_BOOT_FUNC_PTR *MeasureSecurebootVariablesFuncPtr; +#endif +extern MEASURES_TCG_BOOT_SEPARATORS_DXE_FUNC_PTR *MeasureSeparatorsFuncPtr; +extern MEASURE_WAKE_EVENT_DXE_FUNC_PTR *MeasureWakeEventFuncPtr; + +typedef struct _AMI_TCG_PLATFORM_PROTOCOL +{ + MEASURE_CPU_MICROCODE MeasureCpuMicroCode; + MEASURE_PCI_OPROMS MeasurePCIOproms; + PROCESS_TCG_SETUP ProcessTcgSetup; + PROCESS_TCG_PPI_REQUEST ProcessTcgPpiRequest; + TCG_READY_TO_BOOT SetTcgReadyToBoot; + GET_PROTOCOL_VERSION GetProtocolVersion; + RESETOSTCGVAR ResetOSTcgVar; +} AMI_TCG_PLATFORM_PROTOCOL; + +extern EFI_GUID gEfiTcgProtocolGuid; +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.mak b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.mak new file mode 100644 index 0000000..0db5de0 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.mak @@ -0,0 +1,172 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.mak 1 4/21/14 2:17p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:17p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxe.mak $ +# +# 1 4/21/14 2:17p Fredericko +# +# 1 10/08/13 12:04p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:55p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 7 9/27/11 10:31p Fredericko +# [TAG] EIP67286 +# [Category] Improvement +# [Description] changes for Tcg Setup policy +# [Files] Tcg.sdl +# TcgPei.cif +# TcgPei.mak +# xtcgPei.c +# xTcgPeiAfterMem.c +# TcgPeiAfterMem.mak +# TcgDxe.cif +# TcgDxe.mak +# xTcgDxe.c +# AmiTcgPlatformPeilib.c +# AmiTcgPlatformDxelib.c +# +# 6 9/02/11 6:16p Fredericko +# +# 4 5/31/11 1:56p Daniels +# [TAG] EIP58387 +# [Category] Improvement +# [Description] Add StrGather flags to allow strings to be overridden +# with TCGDXE_SDBS eLink. +# [Files] AmiTcgPlatformDxe.sdl, AmiTcgPlatformDxe.mak +# +# 3 4/22/11 8:58p Fredericko +# Changes for x32bit mode build +# +# 2 3/29/11 2:26p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# +# +#************************************************************************* +# +# +# Name: AmiTcgPlatformDxe +# +# Description: Make file for AmiTcgPlatformDxe +# +# +#************************************************************************ +all : AmiTcgPlatformDxe $(BUILD_DIR)\AmiTcgLibDxe.lib + + + +#--------------------------------------------------------------------------- +# $(BUILD_DIR)\AmiTcgLibDxe.lib +#--------------------------------------------------------------------------- +$(BUILD_DIR)\AmiTcgLibDxe.lib : $(BUILD_DIR)\AmiTcgPlatformDxe.mak MakeAmiTcgDxeLib + +AMITCGLIB_CFLAGS=$(CFLAGS)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(AMI_TCG_PLATFORM_DXE_DIR) + +AMI_TCG_LIB_OBJECTS = \ + $(BUILD_DIR)\$(AMI_TCG_PLATFORM_DXE_DIR)\AmiTcgPlatformDxeLib.obj \ + + +!IFNDEF LIB_BUILD_DIR +!IF "$(PROCESSOR)"=="x64" +AMITCMLIB = $(BUILD_DIR)\IA32\AmiTcmlib.lib +!ELSE +AMITCMLIB = $(BUILD_DIR)\AmiTcmlib.lib +!ENDIF +!ENDIF #LIB_BUILD_DIR + +MakeAmiTcgDxeLib: $(BUILD_DIR)\AmiTcmlib.lib + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\AmiTcgPlatformDxe.mak all\ + "CFLAGS=$(AMITCGLIB_CFLAGS) "\ + OBJECTS="$(AMI_TCG_LIB_OBJECTS)"\ + NAME=AmiTcgLibDxe\ + MAKEFILE=$(BUILD_DIR)\AmiTcgPlatformDxe.mak \ + TYPE=LIBRARY + + +#--------------------------------------------------------------------------- +# Making AmiTcgPlatformDxe +#--------------------------------------------------------------------------- +AmiTcgPlatformDxe : $(BUILD_DIR)\AmiTcgPlatformDxe.mak AmiTcgPlatformDxebin + +$(BUILD_DIR)\AmiTcgPlatformDxe.mak : $(AMI_TCG_PLATFORM_DXE_DIR)\$(@B).cif $(AMI_TCG_PLATFORM_DXE_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(AMI_TCG_PLATFORM_DXE_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + + +TCGDXEOVERRIDE_CFLAGS=$(CFLAGS)\ + /I$(TcgPlatformSetupPolicy_DIR)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(TCG_DIR)\protocol\TcgService\ + /I$(TCG_DIR)\protocol\TpmDevice\ + /I$(PROJECT_DIR)\Include\Protocol\ + +AmiTcgPlatformDXE_OBJECTS = \ +$(BUILD_DIR)\$(AMI_TCG_PLATFORM_DXE_DIR)\AmiTcgPlatformDxe.obj \ + + +AmiTcgPlatformDxebin: $(AMIDXELIB) $(BUILD_DIR)\AmiTcgLibDxe.lib + @echo CFLAGS=$(CFLAGS) + @echo TCGDXEOVERRIDE_CFLAGS=$(TCGDXEOVERRIDE_CFLAGS) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\AmiTcgPlatformDxe.mak all\ + "CFLAGS=$(TCGDXEOVERRIDE_CFLAGS)"\ + "CPFLAGS=$(TCGDXEOVERRIDE_CFLAGS)"\ + GUID=A29A63E3-E4E7-495f-8A6A-07738300CBB3 \ + ENTRY_POINT=AmiTcgPlatformDXE_Entry \ + TYPE=BS_DRIVER \ + "OBJECTS=$(AmiTcgPlatformDXE_OBJECTS)"\ + DEPEX1=$(AMI_TCG_PLATFORM_DXE_DIR)\AmiTcgPlatformDxe.dxs \ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX \ + COMPRESS=1 HAS_RESOURCES=1\ +!IF "$(TCGDXE_SDBS: =)"=="" + "STRGATHER_FLAGS=-db $(BUILD_DIR)\$(AMI_TCG_PLATFORM_DXE_DIR)\AmiTcgPlatformDxeString.sdb"\ +!ELSE + "STRGATHER_FLAGS=-db $(BUILD_DIR)\$(AMI_TCG_PLATFORM_DXE_DIR)\AmiTcgPlatformDxeString.sdb -db $(TCGDXE_SDBS: = -db )"\ +!ENDIF +#--------------------------------------------------------------------------- + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxe.sdl b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.sdl new file mode 100644 index 0000000..72db6d9 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxe.sdl @@ -0,0 +1,41 @@ +TOKEN + Name = "AMI_TCG_PLATFORM_DXE_SUPPORT" + Value = "1" + Help = "Disable AmiTcgPlatformDxe" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes + Token = "TPM12Enabled" "!=" "0" +End + +PATH + Name = "AMI_TCG_PLATFORM_DXE_DIR" +End + +MODULE + Help = "Includes AmiTcgPlatform.mak to Project" + File = "AmiTcgPlatformDxe.mak" +End + +TOKEN + Name = "SMBIOS_VER_32" + Value = "0" + Help = "Projects support smbios version 4.6.3_SMBIOS_32 and later" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes +End + + +ELINK + Name = "$(BUILD_DIR)\AmiTcgPlatformDxe.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +ELINK + Name = "TCGDXE_SDBS" + InvokeOrder = ReplaceParent +END \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.c b/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.c new file mode 100644 index 0000000..4ac3182 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.c @@ -0,0 +1,1275 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxeLib.c 2 6/09/14 4:58p Fredericko $ +// +// $Revision: 2 $ +// +// $Date: 6/09/14 4:58p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxeLib.c $ +// +// 2 6/09/14 4:58p Fredericko +// Changes for SetVariable vulnerability during Runtime +// +// 1 4/21/14 2:17p Fredericko +// +// 2 3/14/14 3:24p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:55p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 7 10/30/12 10:47a Fredericko +// +// 6 5/20/12 2:14p Fredericko +// +// 5 9/27/11 10:33p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] changes for Tcg Setup policy +// [Files] Tcg.sdl +// TcgPei.cif +// TcgPei.mak +// xtcgPei.c +// xTcgPeiAfterMem.c +// TcgPeiAfterMem.mak +// TcgDxe.cif +// TcgDxe.mak +// xTcgDxe.c +// AmiTcgPlatformPeilib.c +// AmiTcgPlatformDxelib.c +// +// 4 7/25/11 3:46a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 3 3/29/11 5:52p Fredericko +// Changes for core 464 and ACPI tables support +// +// 2 3/29/11 2:28p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxeLib.c +// +// Description: Function file for AmiTcgPlatformDxe library +// +// +//************************************************************************* +#include "AmiTcgPlatformDxeLib.h" + + +EFI_GUID TcgBoardEfiGlobalVariableGuid = TCG_EFI_GLOBAL_VARIABLE_GUID; +EFI_GUID AmitcgefiOsVariableGuid = AMI_TCG_EFI_OS_VARIABLE_GUID; + + +EFI_GUID gSetupGuid = SETUP_GUID; +EFI_GUID gTcgAcpiSupportGuid= EFI_ACPI_SUPPORT_GUID; +EFI_GUID gEfiAmiboardTcgWakeEventDataHobGuid = EFI_TCG_WAKE_EVENT_DATA_HOB_GUID; +EFI_GUID gEfiAmiboardHobListGuid = TCG_EFI_HOB_LIST_GUID; + +static UINT8 TcgAMLDATA; + +EFI_SMM_SYSTEM_TABLE *mSmst; +EFI_SMM_BASE_PROTOCOL *pSmmBase; + +EFI_GUID gDsdtGuid = DSDT_GUID; + +EFI_STATUS getSetupData ( + SETUP_DATA** ppsd, + UINT32 * pattr, + UINTN * psz ); + + + +#define GET_HOB_TYPE( Hob ) ((Hob).Header->HobType) +#define GET_HOB_LENGTH( Hob ) ((Hob).Header->HobLength) +#define GET_NEXT_HOB( Hob ) ((Hob).Raw + GET_HOB_LENGTH( Hob )) +#define END_OF_HOB_LIST( Hob ) (GET_HOB_TYPE( Hob ) == \ + EFI_HOB_TYPE_END_OF_HOB_LIST) +extern +BOOLEAN +__stdcall AutoSupportType (); + + +//********************************************************************** +// +// +// Procedure: GetHob +// +// Description: Find instance of a HOB type in a HOB list +// +// +// Input: IN UINT16 Type, +// IN VOID *HobStart +// +// Output: VOID* +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* GetHob( + IN UINT16 Type, + IN VOID *HobStart ) +{ + EFI_PEI_HOB_POINTERS Hob; + + Hob.Raw = HobStart; + + // + // Return input if not found + // + if ( HobStart == NULL ) + { + return HobStart; + } + + // + // Parse the HOB list, stop if end of list or matching type found. + // + while ( !END_OF_HOB_LIST( Hob )) + { + if ( Hob.Header->HobType == Type ) + { + break; + } + + Hob.Raw = GET_NEXT_HOB( Hob ); + } + + // + // Return input if not found + // + if ( END_OF_HOB_LIST( Hob )) + { + return HobStart; + } + + return (VOID*)(Hob.Raw); +} + + + + +//********************************************************************** +// +// +// Procedure: CompareGuid +// +// Description: Compares two input GUIDs +// +// +// Input: IN EFI_GUID *G1, +// IN EFI_GUID *G2 +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +BOOLEAN CompareGuid( + IN EFI_GUID *G1, + IN EFI_GUID *G2 ) +{ + UINT32 *p1 = (UINT32*)G1, *p2 = (UINT32*)G2; + UINTN i; + + for ( i = 0; i < 4; ++i ) + { + if ( p1[i] != p2[i] ) + { + return FALSE; + } + } + return TRUE; + ; +} + + +//********************************************************************** +// +// +// Procedure: GetNextGuidHob +// +// Description: Find GUID HOB +// +// Input: HobStart A pointer to the start hob. +// Guid A pointer to a guid. +// Output: +// Buffer A pointer to the buffer. +// BufferSize Buffer size. +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS GetNextGuidHob( + IN OUT VOID **HobStart, + IN EFI_GUID * Guid, + OUT VOID **Buffer, + OUT UINTN *BufferSize OPTIONAL ) +{ + EFI_STATUS Status; + EFI_PEI_HOB_POINTERS GuidHob; + + if ( Buffer == NULL ) + { + return EFI_INVALID_PARAMETER; + } + + for ( Status = EFI_NOT_FOUND; EFI_ERROR( Status );) + { + GuidHob.Raw = *HobStart; + + if ( END_OF_HOB_LIST( GuidHob )) + { + return EFI_NOT_FOUND; + } + + GuidHob.Raw = GetHob( EFI_HOB_TYPE_GUID_EXTENSION, *HobStart ); + + if ( GuidHob.Header->HobType == EFI_HOB_TYPE_GUID_EXTENSION ) + { + if ( CompareGuid( Guid, &GuidHob.Guid->Name )) + { + Status = EFI_SUCCESS; + *Buffer = (VOID*)((UINT8*)(&GuidHob.Guid->Name) + + sizeof (EFI_GUID)); + + if ( BufferSize != NULL ) + { + *BufferSize = GuidHob.Header->HobLength + - sizeof (EFI_HOB_GUID_TYPE); + } + } + } + + *HobStart = GET_NEXT_HOB( GuidHob ); + } + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: LocateATcgHob +// +// Description: Finds a Tcg HOB +// +// +// Input: IN UINTN NoTableEntries, +// IN EFI_CONFIGURATION_TABLE *ConfigTable, +// IN EFI_GUID *HOB_guid +// +// Output: VOID* +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* LocateATcgHob( + IN UINTN NoTableEntries, + IN EFI_CONFIGURATION_TABLE *ConfigTable, + IN EFI_GUID *HOB_guid ) +{ + VOID *HobStart; + VOID *PtrHob; + + while ( NoTableEntries > 0 ) + { + NoTableEntries--; + + if ((!MemCmp( + &ConfigTable[NoTableEntries].VendorGuid, + &gEfiAmiboardHobListGuid, sizeof(EFI_GUID) + ))) + { + HobStart = ConfigTable[NoTableEntries].VendorTable; + + if ( !EFI_ERROR( + GetNextGuidHob( &HobStart, HOB_guid, &PtrHob, NULL ) + )) + { + return PtrHob; + } + } + } + return NULL; +} + + + + +//******************************************************************************* +// +// +// Procedure: GetTcgWakeEventType +// +// Description: Reads and Reports the source of the wake-up event. +// +// Input: IN OUT UINT8 *pWake - output parameter returns the indication of the +// type of the wakup source: +// one of the following: +// SMBIOS_WAKEUP_TYPE_OTHERS +// SMBIOS_WAKEUP_TYPE_UNKNOWN +// SMBIOS_WAKEUP_TYPE_APM_TIMER +// SMBIOS_WAKEUP_TYPE_MODEM_RING +// SMBIOS_WAKEUP_TYPE_LAN_REMOTE +// SMBIOS_WAKEUP_TYPE_POWER_SWITCH +// SMBIOS_WAKEUP_TYPE_PCI_PME +// SMBIOS_WAKEUP_TYPE_AC_POWER_RESTORED +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//****************************************************************************** +EFI_STATUS GetTcgWakeEventType( + IN OUT UINT8 *pWake ) +{ + EFI_BOOT_MODE *BootMode = NULL; + UINTN NoTableEntries; + EFI_CONFIGURATION_TABLE *ConfigTable; + VOID *HobStart; + + *pWake = SMBIOS_WAKEUP_TYPE_UNKNOWN; + + NoTableEntries = pST->NumberOfTableEntries, + ConfigTable = pST->ConfigurationTable; + + while ( NoTableEntries > 0 ) + { + NoTableEntries--; + + if ( !MemCmp( + &ConfigTable[NoTableEntries].VendorGuid, + &gEfiAmiboardHobListGuid, sizeof(EFI_GUID) + )) + { + HobStart = ConfigTable[NoTableEntries].VendorTable; + + if ( !EFI_ERROR( + GetNextGuidHob( &HobStart, + &gEfiAmiboardTcgWakeEventDataHobGuid, + &BootMode, NULL ) + )) + { + break; + } + } + } + + if ( BootMode != NULL ) + { + if ( *BootMode == BOOT_ON_S4_RESUME || *BootMode == BOOT_ON_S5_RESUME + || *BootMode == BOOT_WITH_FULL_CONFIGURATION ) + { + *pWake = (UINT8)SMBIOS_WAKEUP_TYPE_POWER_SWITCH; + } + } + return EFI_SUCCESS; +} + + +//********************************************************************** +// +// +// Procedure: TcgGetDSDTTable +// +// Description: Gets Acpi DSDT table +// +// +// Input: +// +// Output: VOID * +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* TcgGetDSDTTable(EFI_ACPI_SUPPORT_PROTOCOL * mTcgAcpiSupport ) +{ + INTN Index; + PACPI_HDR Table; + UINTN Handle; + EFI_STATUS Status; + EFI_ACPI_TABLE_VERSION Version; + + + if(mTcgAcpiSupport == NULL)return NULL; + + for ( Index = 0;; ++Index ) + { + Status = mTcgAcpiSupport->GetAcpiTable( + mTcgAcpiSupport, + Index, + &Table, + &Version, + &Handle + ); + + if ( EFI_ERROR( Status )) + { + return 0; + } + + if (((PACPI_HDR)Table)->Signature == FACP_SIG ) + { + return (VOID*)(UINTN)((PFACP32)Table )->DSDT; + } + } +} + +//********************************************************************** +// +// +// Procedure: TcgConvertAslName +// +// Description: converts String a to ASL string NAME +// +// +// Input: IN UINT8 *AslName +// +// Output: UINT32 +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT32 TcgConvertAslName( + IN UINT8 *AslName ) +{ + AML_NAME_SEG n; + //Limit to 4 characters + UINTN l = Strlen( AslName ); + + //------------------------- + n.NAME = 0x5F5F5F5F; + MemCpy( &n.Name[0], AslName, l ); + return n.NAME; +} + +//********************************************************************** +// +// +// Procedure: TcgFindAslObjectName +// +// Description: converts String a to ASL string NAME +// +// +// Input: IN UINT8 *Start, +// IN UINT8 *ObjName, +// IN UINTN Len +// +// Output: VOID * +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* TcgFindAslObjectName( + IN UINT8 *Start, + IN UINT8 *ObjName, + IN UINTN Len ) +{ + unsigned int i; + UINT8 *p; + AML_NAME_SEG *obj, nm; + + //------------------------------ + nm.NAME = TcgConvertAslName( ObjName ); + + p = Start; + + for ( i = 0; i < Len; i++ ) + { + obj = (AML_NAME_SEG*)(&p[i]); + + if ( obj->NAME != nm.NAME ) + { + continue; + } + return &p[i]; + } + return NULL; +} + +//********************************************************************** +// +// +// Procedure: TcgCheckOpCode +// +// Description: converts String a to ASL string NAME +// +// +// Input: IN UINT8 *NameStart, +// IN UINT8 OpCode, +// IN UINT8 ExtOpCode, +// IN OUT ASL_OBJ_INFO *ObjInfo +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +BOOLEAN TcgCheckOpCode( + IN UINT8 *NameStart, + IN UINT8 OpCode, + IN UINT8 ExtOpCode, + IN OUT ASL_OBJ_INFO *ObjInfo ) +{ + UINT8 *p; + + //--------------------- + //Maximum number of bytes in PackageLength is 4 + if ((*(NameStart - 1)) == TCGAML_PR_ROOT || (*(NameStart - 1)) == + TCGAML_PR_PARENT ) + { + NameStart--; + } + + //if we Looking For ASL Name Object its a special case. + if ( OpCode == TCGAML_OP_NAME && !ExtOpCode ) + { + p = NameStart - 1; + + if ( *p == OpCode ) + { + ObjInfo->Object = p; + ObjInfo->ObjName = NameStart; + ObjInfo->Length = 0; + return TRUE; + } + return FALSE; + } + + //if we Looking For ASL Name Object its a special case. + if ( OpCode == TCGAML_OP_OPREG && ExtOpCode ) + { + p = NameStart - 2; + + if ( *p == ExtOpCode && *(p + 1) == OpCode ) + { + ObjInfo->Object = p; + ObjInfo->ObjName = NameStart; + ObjInfo->Length = 0; + return TRUE; + } + return FALSE; + } + return FALSE; +} + + +EFI_STATUS TcgSetVariableWithNewAttributes( + IN CHAR16 *Name, IN EFI_GUID *Guid, IN UINT32 Attributes, + IN UINTN DataSize, IN VOID *Data +) +{ + EFI_STATUS Status; + + Status = pRS->SetVariable(Name, Guid, Attributes, DataSize, Data); + if (!EFI_ERROR(Status) || Status != EFI_INVALID_PARAMETER) return Status; + + Status = pRS->SetVariable(Name, Guid, 0, 0, NULL); + if (EFI_ERROR(Status)) return Status; + + return pRS->SetVariable(Name, Guid, Attributes, DataSize, Data); +} + + + +//********************************************************************** +// +// +// Procedure: TcgGetAslObj +// +// Description: converts String a to ASL string NAME +// +// +// Input: IN UINT8 *Start, +// IN UINTN Length, +// IN UINT8 *Name, +// IN ASL_OBJ_TYPE ObjType, +// IN ASL_OBJ_INFO *ObjInfo +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcgGetAslObj( + IN UINT8 *Start, + IN UINTN Length, + IN UINT8 *Name, + IN ASL_OBJ_TYPE ObjType, + IN ASL_OBJ_INFO *ObjInfo ) +{ + UINT8 *pn, *s, eop, op; + UINTN l, i; + BOOLEAN objfound = FALSE; + + s = Start; + l = Length; + + while ( !objfound ) + { + pn = TcgFindAslObjectName( s, Name, l ); + + if ( !pn ) + { + return EFI_NOT_FOUND; + } + + //If we found the name let's check if it is the Object we are looking for + //it could be just object referance, or field definition inside the object, + //or double name, or multiple name definition we must filter such situations + // and make sure we have got the actual object but not its reference instance + switch ( ObjType ) + { + case otScope: + i = 0; + eop = 0; + op = TCGAML_OP_SCOPE; + break; + case otName: + i = 0; + eop = 0; + op = TCGAML_OP_NAME; + break; + case otProc: + i = 6; + eop = TCGAML_PR_EXTOP; + op = TCGAML_OP_PROC; + break; + case otTermal: + i = 0; + eop = TCGAML_PR_EXTOP; + op = TCGAML_OP_THERMAL; + break; + case otDevice: + i = 0; + eop = TCGAML_PR_EXTOP; + op = TCGAML_OP_DEVICE; + break; + case otMethod: + i = 1; + eop = 0; + op = TCGAML_OP_METHOD; + break; + case otPwrRes: + i = 3; + eop = TCGAML_PR_EXTOP; + op = TCGAML_OP_PWRRES; + break; + case otOpReg: + i = 0; + eop = TCGAML_PR_EXTOP; + op = TCGAML_OP_OPREG; + break; + + default: return EFI_NOT_FOUND; + } //switch + + objfound = TcgCheckOpCode( pn, op, eop, ObjInfo ); + + if ( !objfound ) + { + l -= (UINTN)( pn - s ) - 4; + s = pn + 4; + continue; + } + ObjInfo->ObjType = ObjType; + ObjInfo->DataStart = pn + i + 4; + + return EFI_SUCCESS; + } + + return EFI_NOT_FOUND; +} + +//********************************************************************** +// +// +// Procedure: LocateACPITableProtocol +// +// Description: Locates ACPI Table Protocol +// +// +// Input: IN EFI_GUID *Protocol, +// OUT VOID **Instance +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +#if !defined(AmiBoardInfo_SUPPORT) || (AmiBoardInfo_SUPPORT==0) +EFI_STATUS LocateACPITableProtocol( + IN EFI_GUID *Protocol, + OUT VOID **Instance ) +{ + EFI_STATUS Status; + EFI_HANDLE *HandleBuffer; + UINTN NumberOfHandles; + EFI_FV_FILETYPE FileType; + UINT32 FvStatus = 0; + EFI_FV_FILE_ATTRIBUTES Attributes; + UINTN Size; + UINTN i; + + + Status = pBS->LocateHandleBuffer( ByProtocol, + Protocol, + NULL, + &NumberOfHandles, + &HandleBuffer ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + + for ( i = 0; i < NumberOfHandles; i++ ) + { + Status = pBS->HandleProtocol( HandleBuffer[i], Protocol, Instance ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + Status = ((EFI_FIRMWARE_VOLUME_PROTOCOL*)(*Instance))->ReadFile( + *Instance, + & + gDsdtGuid, + NULL, + &Size, + &FileType, + &Attributes, + &FvStatus ); + + if ( Status == EFI_SUCCESS ) + { + break; + } + } + pBS->FreePool( HandleBuffer ); + return Status; +} +#endif + + + +//********************************************************************** +// +// +// Procedure: read_PPI_request +// +// Description: Reads and returns TCG PPI requests Value +// +// +// Input: +// +// Output: UINT8 +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 ReadPpiRequest( ) +{ + UINTN Size = sizeof(AMI_PPI_NV_VAR); + AMI_PPI_NV_VAR Temp; + EFI_STATUS Status; + + Status = pRS->GetVariable( L"AMITCGPPIVAR", \ + &AmitcgefiOsVariableGuid, \ + NULL, \ + &Size, \ + &Temp ); + + if(Status == EFI_NOT_FOUND) + { + Temp.RQST = 0; + Temp.RCNT = 0; + Temp.ERROR = 0; + Temp.Flag = 0; + Temp.AmiMisc = 0; + + Status = TcgSetVariableWithNewAttributes(L"AMITCGPPIVAR", &AmitcgefiOsVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + Size, &Temp ); + } + + return Temp.RQST; +} + + + + + +//**************************************************************************************** +// +// +// Procedure: write_PPI_result +// +// Description: Updates TCG PPI variable in NVRAM +// +// +// Input: IN UINT8 last_op, +// IN UINT16 status +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +void WritePpiResult( + IN UINT8 last_op, + IN UINT16 status ) +{ + UINTN Size = sizeof(AMI_PPI_NV_VAR); + AMI_PPI_NV_VAR Temp; + EFI_STATUS Status; + UINT8 Manip = 0; + + Status = pRS->GetVariable( L"AMITCGPPIVAR", \ + &AmitcgefiOsVariableGuid, \ + NULL, \ + &Size, \ + &Temp ); + + //now set variable to data + Temp.RQST = Manip; + Manip = (UINT8)( status & 0xFFFF ); + Temp.ERROR = Manip; + + if(status>0xFF && status<0xFFFF) + { + Temp.AmiMisc = (UINT8)(status >> 8); + }else{ + Temp.AmiMisc = 0; + } + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Error Setting Return value\n")); + return; + } + + Status = TcgSetVariableWithNewAttributes(L"AMITCGPPIVAR", &AmitcgefiOsVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + Size, &Temp ); +} + + + +//**************************************************************************************** +// +// +// Procedure: getSetupData +// +// Description: Retrieved SETUP_DATA structure from NVRAM +// +// +// Input: IN OUT SETUP_DATA** ppsd, +// IN UINT32* pattr, +// IN UINTN* psz +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +EFI_STATUS getSetupData( + IN OUT SETUP_DATA** ppsd, + IN UINT32 * pattr, + IN UINTN * psz ) +{ + EFI_STATUS Status; + UINTN sz = 0; + + *ppsd = NULL; + Status = pRS->GetVariable( L"Setup", &gSetupGuid, pattr, &sz, *ppsd ); + + if ( !EFI_ERROR( Status )) + { + return Status; + } + + if ( Status == EFI_BUFFER_TOO_SMALL ) + { + Status = pBS->AllocatePool( EfiBootServicesData, sz, ppsd ); + + if ( !(*ppsd)) + { + return EFI_OUT_OF_RESOURCES; + } + Status = pRS->GetVariable( L"Setup", &gSetupGuid, pattr, &sz, *ppsd ); + } + + if ( psz != NULL ) + { + *psz = sz; + } + return Status; +} + + + +//********************************************************************** +// +// +// Procedure: GetDsdt +// +// Description: Locates ACPI Table Protocol +// +// +// Input: IN OUT mem_in *dsdt +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +#if !defined(AmiBoardInfo_SUPPORT) || (AmiBoardInfo_SUPPORT==0) +EFI_STATUS GetDsdt( + IN OUT mem_in *dsdt ) +{ + EFI_FIRMWARE_VOLUME_PROTOCOL *fv; + EFI_STATUS Status; + UINT32 FvStatus; + + //--------------------------------------------- + Status = pBS->LocateProtocol( &gEfiFirmwareVolumeProtocolGuid, NULL, &fv ); + Status = LocateACPITableProtocol( &gEfiFirmwareVolumeProtocolGuid, &fv ); + + if ( EFI_ERROR( Status )) + { + return EFI_ABORTED; + } + + dsdt->address = 0; + Status + = fv->ReadSection( fv, + &gDsdtGuid, + EFI_SECTION_RAW, + 0, + (VOID**)&dsdt->address, + &((UINTN)dsdt->size), + &FvStatus ); + + + if ( EFI_ERROR( Status )) + { + dsdt->address = 0; + dsdt->datat = 3; + dsdt->size = 0; + } + else { + dsdt->datat = 2; + } + + + return EFI_SUCCESS; +} +#endif + + + + +//********************************************************************** +// +// +// Procedure: TcgUpdateAslNameObject +// +// Description: Locates ACPI Table Protocol +// +// +// Input: IN PACPI_HDR PDsdt, +// IN UINT8 *ObjName, +// IN UINT64 Value +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcgUpdateAslNameObject( + IN PACPI_HDR PDsdt, + IN UINT8 *ObjName, + IN UINT64 Value ) +{ + EFI_STATUS Status; + ASL_OBJ_INFO obj; + UINT32 Length; + UINT8 *ptr; + + + Length = PDsdt->Length - sizeof(ACPI_HDR); + ptr = (UINT8*)PDsdt + sizeof(ACPI_HDR); + + Status = TcgGetAslObj( ptr, Length, ObjName, otName, &obj ); + + + switch ( *((UINT8*)obj.DataStart)) + { + case TCGAML_PR_BYTE: { + UINT8 *p = (UINT8*)((UINT8*)obj.DataStart + 1); + //---------------------------------- + *p = (UINT8)Value; + } break; + + case TCGAML_PR_WORD: { + UINT16 *p = (UINT16*)((UINT8*)obj.DataStart + 1); + //---------------------------------- + *p = (UINT16)Value; + } break; + + case TCGAML_PR_DWORD: { + UINT32 *p = (UINT32*)((UINT8*)obj.DataStart + 1); + //---------------------------------- + *p = (UINT32)Value; + } break; + + case TCGAML_PR_QWORD: { + UINT64 *p = (UINT64*)((UINT8*)obj.DataStart + 1); + //---------------------------------- + *p = (UINT64)Value; + } break; + + case TCGAML_ZERO_OP: case TCGAML_ONE_OP: { + if ((Value == 0) || (Value == 1)) + { + UINT8 *p = (UINT8*)((UINT8*)obj.DataStart); + *p = (UINT8)Value; + } + else { + return EFI_INVALID_PARAMETER; + } + } break; + default: { + return EFI_INVALID_PARAMETER; + } + } + return EFI_SUCCESS; +} + + + + +//********************************************************************** +// +// +// Procedure: TcgUpdateAslObj +// +// Description: Updates TPM acpi variable for TPM support +// +// +// Input: IN EFI_EVENT ev, +// IN VOID *ctx, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcgUpdateAslObj( + IN EFI_EVENT ev, + IN VOID *ctx ) +{ + EFI_STATUS Status; + PACPI_HDR DsdtTable; + EFI_ACPI_SUPPORT_PROTOCOL *mTcgAcpiSupport; + + Status = pBS->LocateProtocol( &gTcgAcpiSupportGuid, NULL, &mTcgAcpiSupport ); + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "TcgBoard_c:Unable to locate AcpiSupport\n")); + return Status; + } + + DsdtTable = TcgGetDSDTTable(mTcgAcpiSupport); + + if ( !DsdtTable ) + { + TRACE((TRACE_ALWAYS, "TcgBoard.c::DSDT Table not found.\n")); + return EFI_NOT_FOUND; + } + + Status = TcgUpdateAslNameObject( DsdtTable, "TPMF", TcgAMLDATA ); + + //also update TCM flags + if(AutoSupportType()){ + TcgAMLDATA = 0x1; + Status = TcgUpdateAslNameObject( DsdtTable, "TCMF", TcgAMLDATA ); + }else{ + TcgAMLDATA = 0x0; + Status = TcgUpdateAslNameObject( DsdtTable, "TCMF", TcgAMLDATA ); + } + + TRACE((TRACE_ALWAYS, "TcgBoard_c:TCGUpdateAslNameOpject_DONE\n")); + + return Status; +} + + + + + +//********************************************************************** +// +// +// Procedure: UpDateASL +// +// Description: Update TCG ASL Support in ACPI base +// +// +// Input: IN UINT8 TcgSupport +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS UpDateASL( + IN UINT8 TcgSupport ) +{ + EFI_EVENT ev; + static VOID *reg; + EFI_STATUS Status; + VOID *ctx; + EFI_ACPI_SUPPORT_PROTOCOL *mTcgAcpiSupport; + + TcgAMLDATA = TcgSupport; + + Status = pBS->LocateProtocol( &gTcgAcpiSupportGuid, NULL, &mTcgAcpiSupport ); + + if ( EFI_ERROR( Status )) + { + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_DRIVER, TcgUpdateAslObj, ®, &ev ); + ASSERT( !EFI_ERROR( Status )); + Status = pBS->RegisterProtocolNotify( &gTcgAcpiSupportGuid, ev, ® ); + + return Status; + } + ev = NULL; + ctx = NULL; + + Status = TcgUpdateAslObj( ev, ctx ); + return Status; +} +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2013, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.h b/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.h new file mode 100644 index 0000000..349a4bb --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformDxeLib.h @@ -0,0 +1,201 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxeLib.h 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformDxe/AmiTcgPlatformDxeLib.h $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:55p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 4 7/25/11 3:45a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 3 4/28/11 6:34p Fredericko +// Removed VFR compile +// +// 2 3/29/11 2:27p Fredericko +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxeLib.h +// +// Description: Header firl for AmiTcgPlatformDxe library +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include "Protocol/CpuIo.h" +#include "Protocol/AcpiSupport.h" +#include "TcgPc.h" + +#define TCPA_PPIOP_ENABLE 1 +#define TCPA_PPIOP_DISABLE 2 +#define TCPA_PPIOP_ACTIVATE 3 +#define TCPA_PPIOP_DEACTIVATE 4 +#define TCPA_PPIOP_CLEAR 5 +#define TCPA_PPIOP_ENABLE_ACTV 6 +#define TCPA_PPIOP_DEACT_DSBL 7 +#define TCPA_PPIOP_OWNER_ON 8 +#define TCPA_PPIOP_OWNER_OFF 9 +#define TCPA_PPIOP_ENACTVOWNER 10 +#define TCPA_PPIOP_DADISBLOWNER 11 +#define TCPA_PPIOP_UNOWNEDFIELDUPGRADE 12 +#define TCPA_PPIOP_SETOPAUTH 13 +#define TCPA_PPIOP_CLEAR_ENACT 14 +#define TCPA_PPIOP_SETNOPPIPROVISION_FALSE 15 +#define TCPA_PPIOP_SETNOPPIPROVISION_TRUE 16 +#define TCPA_PPIOP_SETNOPPICLEAR_FALSE 17 +#define TCPA_PPIOP_SETNOPPICLEAR_TRUE 18 +#define TCPA_PPIOP_SETNOPPIMAINTENANCE_FALSE 19 +#define TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE 20 +#define TCPA_PPIOP_ENABLE_ACTV_CLEAR 21 +#define TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV 22 +#define EFI_TPL_DRIVER 6 + +#define TCGAML_PR_BYTE 0x0A +#define TCGAML_PR_WORD 0x0B +#define TCGAML_PR_DWORD 0x0C +#define TCGAML_PR_QWORD 0x0E +#define TCGAML_ZERO_OP 0x00 +#define TCGAML_ONE_OP 0x01 + +//Opcode Definition for Name Object +#define TCGAML_OP_ALIAS 0x06 +#define TCGAML_OP_NAME 0x08 +#define TCGAML_OP_SCOPE 0x10 +#define TCGAML_OP_ALIAS 0x06 +#define TCGAML_OP_NAME 0x08 +#define TCGAML_OP_SCOPE 0x10 +#define TCGAML_OP_BUFFER 0x11 +#define TCGAML_OP_PACKAGE 0x12 +#define TCGAML_OP_VARPACK 0x13 +#define TCGAML_OP_METHOD 0x14 +#define TCGAML_PR_EXTOP 0x5B //'[' +#define TCGAML_PR_PARENT 0x5E //'^' +#define TCGAML_PR_ROOT 0x5C //'\' + +#define TCGAML_OP_RETURN 0xA4 + +#define TCGAML_OP_OPREG 0x80 +#define TCGAML_OP_DEVICE 0x82 +#define TCGAML_OP_PROC 0x83 +#define TCGAML_OP_PWRRES 0x84 +#define TCGAML_OP_THERMAL 0x85 + +#ifndef SMBIOS_WAKEUP_TYPE_UNKNOWN +#define SMBIOS_WAKEUP_TYPE_UNKNOWN 0x02 +#endif +#ifndef SMBIOS_WAKEUP_TYPE_POWER_SWITCH +#define SMBIOS_WAKEUP_TYPE_POWER_SWITCH 0x06 +#endif + +#define AMI_TPM_HARDWARE_PRESET 0 +#define AMI_TPM_HARDWARE_NOTPRESET 1 +#define AMI_TPM_HARDWARE_SETUP_REQUEST_ERROR 1 + + +EFI_STATUS GetDsdt( + IN OUT mem_in *dsdt ); + +EFI_STATUS getSetupData ( + SETUP_DATA** ppsd, + UINT32 * pattr, + UINTN * psz ); + +EFI_STATUS GetTcgWakeEventType( + IN OUT UINT8 *pWake ); + +EFI_STATUS UpDateASL( + IN UINT8 TcgSupport ); + +UINT8 ReadPpiRequest( ); + +void Update_PpiVar( + IN UINT8 value ); + +void WritePpiResult( + IN UINT8 last_op, + IN UINT16 status ); + +VOID* LocateATcgHob( + IN UINTN NoTableEntries, + IN EFI_CONFIGURATION_TABLE *ConfigTable, + IN EFI_GUID *HOB_guid ); + + +#if TPM_PASSWORD_AUTHENTICATION +BOOLEAN check_authenticate_set(); + +BOOLEAN check_user_is_administrator( ); +#endif + + +EFI_STATUS readTpmSetup( + IN OUT UINT8* enable_old, + IN OUT UINT8* enable, + IN OUT UINT8* operation, + IN OUT UINT8* support ); + + +EFI_STATUS UpdateTpmSetup( + IN UINT8 enabled, + IN UINT8 op ); + +EFI_STATUS UpdateTpmCapSetup( + IN UINT8 EnaDis, + IN UINT8 ActDeact, + IN UINT8 OwnUnOwned, + IN UINT8 Hardware, + IN UINT8 TpmError); +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformDxeString.uni b/Board/EM/TCG2/Common/AmiTcgPlatformDxeString.uni new file mode 100644 index 0000000..e6ba91f Binary files /dev/null and b/Board/EM/TCG2/Common/AmiTcgPlatformDxeString.uni differ diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPei.cif b/Board/EM/TCG2/Common/AmiTcgPlatformPei.cif new file mode 100644 index 0000000..3578811 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPei.cif @@ -0,0 +1,14 @@ + + name = "AmiTcgPlatformPei" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgPlatformPei" +[files] +"AmiTcgPlatformPei.h" +"AmiTcgPlatformPei.dxs" +"AmiTcgPlatformPei.sdl" +"AmiTcgPlatformPeiLib.c" +[parts] +"AmiTcgPlatformPeiBeforeMem" +"AmiTcgPlatformPeiAfterMem" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPei.dxs b/Board/EM/TCG2/Common/AmiTcgPlatformPei.dxs new file mode 100644 index 0000000..8987919 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPei.dxs @@ -0,0 +1,70 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPei.dxs 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPei.dxs $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:03p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:54p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 2:19p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformPei.dxs +// +// Description: Dependency file +// +// +//************************************************************************* +#include "PPI\TcgService\TcgService.h" + +DEPENDENCY_START + PEI_TCG_PPI_GUID +DEPENDENCY_END + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPei.h b/Board/EM/TCG2/Common/AmiTcgPlatformPei.h new file mode 100644 index 0000000..a8c8b9f --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPei.h @@ -0,0 +1,338 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPei.h 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPei.h $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:03p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:54p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 6 12/30/11 4:40p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 5 9/01/11 2:25p Fredericko +// [TAG] EIP66113 +// [Category] Improvement +// [Description] Support LTsx on server platforms where startup commands +// are sent by the ACM binaries. +// [Files] AmiTcgPlatformPeiBoardBeforeMem.c +// AmiTcgPlatformPeiLib.c +// AmiTcgPlatformPei.h +// +// 4 4/28/11 6:30p Fredericko +// Removed VFR compile +// +// 3 4/26/11 1:51p Fredericko +// Added support for function level override of specific functions. GUID +// definitions added and generic function override definition also added. +// +// 2 3/29/11 2:18p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformPei.h +// +// Description: Header file for AmiTcgPlatformPei +// +// +//************************************************************************* +#include + +#define AMI_TCG_PLATFORM_PPI_BEFORE_MEM_GUID\ + {0xc1e6791d, 0xf35b, 0x43ef, 0x92, 0xa, 0xbe, 0x6, 0xba, 0x7f, 0x86, 0xa1} + +#define AMI_TCG_PLATFORM_PPI_AFTER_MEM_GUID\ + {0x890c2cef, 0x43c8, 0x4209, 0xa7, 0x8d, 0xae, 0x14, 0xaa, 0x17, 0x98, 0xb4} + +#define EFI_PEI_PERMANENT_MEMORY_INSTALLED_PPI \ + {0xf894643d, 0xc449, 0x42d1, 0x8e, 0xa8, 0x85, 0xbd, 0xd8, 0xc6, 0x5b, 0xde} + +#define TCG_LOCK_DOWN_VAR_GUID\ + {0x6e605536, 0xa30a, 0x4d56, 0x93, 0x9e, 0x1c, 0x37, 0x3f, 0x79, 0x8d, 0x7b} + +#define AMI_MEMORY_ABSENT_OVERRIDE_GUID\ + { 0x9c109e5e, 0xbf38, 0x4a78, 0x9c, 0xac, 0x43, 0xde, 0x7e, 0x72, 0x6f,\ + 0x9e} + +#define AMI_VERIFY_TCG_VARIABLES_GUID\ + { 0x4f44fa64, 0xa8d6, 0x4c19, 0xb6, 0x1d, 0x63, 0x10, 0x9d, 0x77, 0xd3,\ + 0xd2} + +#define AMI_MEMORY_PRESENT_FUNCTION_OVERRIDE_GUID\ + { 0x4d7161bc, 0xbe35, 0x43af, 0x87, 0x9b, 0x95, 0x6e, 0xb3, 0x79, 0x83,\ + 0xd6} + +#define AMI_SET_PHYSICAL_PRESENCE_GUID\ + { 0x126f424e, 0xf45b, 0x4406, 0x80, 0x1e, 0x2a, 0xac, 0xf4, 0x4, 0x16,\ + 0x7f} + +#define AMI_SKIP_TPM_STARTUP_GUID \ + { 0x6ee1b483, 0xa9b8, 0x4eaf, 0x9a, 0xe1, 0x3b, 0x28, 0xc5, 0xcf, 0xf3,\ + 0x6b} + + +#define EFI_MAX_BIT 0x80000000 + +#define TCG_LOG_MAX_TABLE_SIZE 0x100 +#define _CR( Record, TYPE,\ + Field )((TYPE*) ((CHAR8*) (Record) - (CHAR8*) &(((TYPE*) 0)->Field))) + + +static EFI_GUID gSetupGuid = SETUP_GUID; + +#pragma pack (1) +typedef struct +{ + EFI_PHYSICAL_ADDRESS PostCodeAddress; + #if x64_BUILD + UINT64 PostCodeLength; + #else + UINTN PostCodeLength; + #endif +} EFI_TCG_EV_POST_CODE; + +typedef struct +{ + EFI_TCG_PCR_EVENT_HEADER Header; + EFI_TCG_EV_POST_CODE Event; +} PEI_EFI_POST_CODE; + +typedef struct +{ + EFI_TCM_PCR_EVENT_HEADER Header; + EFI_TCG_EV_POST_CODE Event; +} TCM_PEI_EFI_POST_CODE; +#pragma pack () + +typedef struct _TCG_PEI_MEMORY_CALLBACK +{ + EFI_PEI_NOTIFY_DESCRIPTOR NotifyDesc; + EFI_FFS_FILE_HEADER *FfsHeader; +} TCG_PEI_MEMORY_CALLBACK; + + +EFI_FORWARD_DECLARATION( AMI_TCG_PLATFORM_PPI ); + + +typedef +EFI_STATUS +(EFIAPI * SET_TPM_PHYSICAL_PRESENCE)( + IN EFI_PEI_SERVICES **PeiServices +); + + +typedef +EFI_STATUS +(EFIAPI * MEMORY_PRESENT_ENTRY)( + IN EFI_PEI_SERVICES **PeiServices +); + + +typedef +EFI_STATUS +(EFIAPI * MEMORY_ABSENT_ENTRY)( + IN EFI_PEI_SERVICES **PeiServices +); + + +typedef +EFI_STATUS +(EFIAPI * READ_RESET_MOR)( + IN EFI_PEI_SERVICES **PeiServices +); + +typedef +EFI_STATUS +(EFIAPI * VERIFYTCGVARIABLES)( + IN EFI_PEI_SERVICES **PeiServices +); + + + +TPM_Capabilities_PermanentFlag TCGPEI_GETCAP( + IN EFI_PEI_SERVICES **PeiServices ); + +void +EFIAPI xTcgPeiEntry( + IN PEI_TCG_PPI *tcg, + IN EFI_FFS_FILE_HEADER *FfsHeader, + IN EFI_PEI_SERVICES **ps ); + + +//----------------------------------------------------------- +//HELPER FUNCTIONS +//----------------------------------------------------------- +VOID OverwriteSystemMemory( +IN EFI_PEI_SERVICES **PeiServices +); + + +EFI_STATUS MeasureCRTMVersion( + IN EFI_PEI_SERVICES **PeiServices +); + + +EFI_STATUS + MeasureTcmCRTMVersion( + IN EFI_PEI_SERVICES **PeiServices +); + +EFI_STATUS TcgPeiTpmStartup( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_BOOT_MODE BootMode +); + +EFI_STATUS SendStartupandSelftest( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_BOOT_MODE BootMode +); + +TCM_Capabilities_PermanentFlag TCMPEI_GETCAP( +IN EFI_PEI_SERVICES **PeiServices ); + + +EFI_STATUS MeasureDxeCoreFwVol( + IN PEI_TCG_PPI * tcg, + IN EFI_PEI_SERVICES **ps, + IN EFI_FIRMWARE_VOLUME_HEADER *fwv +); + +BOOLEAN Lock_TPMPhysicalPresence( + IN EFI_PEI_SERVICES **PeiServices +); + + +EFI_STATUS ContinueTPMSelfTest( + IN EFI_PEI_SERVICES **ps +); + +EFI_STATUS MeasureTCGPcClientSpecID( + IN EFI_PEI_SERVICES **ps, + IN PEI_TCG_PPI *tcg +); + +EFI_STATUS LocateTcgPpi( + IN EFI_PEI_SERVICES **PeiServices, + IN PEI_TPM_PPI **gTpmDevicePpi, + IN PEI_TCG_PPI **gTcgPpi +); + +EFI_STATUS LocateTcmPpi( + IN EFI_PEI_SERVICES **PeiServices, + IN PEI_TPM_PPI **gTpmDevicePpi, + IN PEI_TCM_PPI **gTcmPpi +); + + +EFI_STATUS TcgPeiBuildHobGuid( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_GUID *Guid, + IN UINTN DataLength, + OUT VOID **Hob ); + + +typedef +EFI_STATUS +(EFIAPI * AMI_TCG_PEI_FUNCTION_OVERRIDE)( + IN EFI_PEI_SERVICES **PeiServices +); + + + +EFI_STATUS FindDxeCoreFile( + IN EFI_PEI_SERVICES **ps, + OUT EFI_FIRMWARE_VOLUME_HEADER **fwMain ); + +typedef struct _AMI_TCG_PLATFORM_PPI_AFTER_MEM +{ + SET_TPM_PHYSICAL_PRESENCE SetPhysicalPresence; + MEMORY_PRESENT_ENTRY MemoryPresentFunctioOverride; + VERIFYTCGVARIABLES VerifyTcgVariables; +} AMI_TCG_PLATFORM_PPI_AFTER_MEM; + + +typedef struct _AMI_TCG_PLATFORM_PPI_BEFORE_MEM +{ + MEMORY_ABSENT_ENTRY MemoryAbsentFunctionOverride; +} AMI_TCG_PLATFORM_PPI_BEFORE_MEM; + + +typedef struct _AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI +{ + AMI_TCG_PEI_FUNCTION_OVERRIDE Function; +} AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI; + +typedef EFI_STATUS (MEASURE_CRTM_VERSION_PEI_FUNC_PTR)( + IN EFI_PEI_SERVICES **PeiServices +); + +typedef EFI_STATUS (MEASURE_TCG_PCCLIENT_ID_PEI_FUNC_PTR)( + IN EFI_PEI_SERVICES **ps, + IN PEI_TCG_PPI *tcg +); + +typedef EFI_STATUS (MEASURE_CORE_DXE_FW_VOL_PEI_FUNC_PTR)( + IN PEI_TCG_PPI * tcg, + IN EFI_PEI_SERVICES **ps, + IN EFI_FIRMWARE_VOLUME_HEADER *fwv +); + +extern MEASURE_CRTM_VERSION_PEI_FUNC_PTR *MeasureCRTMVersionFuncPtr; +extern MEASURE_TCG_PCCLIENT_ID_PEI_FUNC_PTR *MeasureTCGPcClientSpecIDFuncPtr; +extern MEASURE_CORE_DXE_FW_VOL_PEI_FUNC_PTR *MeasureDxeCoreFwVolFuncPtr; + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPei.sdl b/Board/EM/TCG2/Common/AmiTcgPlatformPei.sdl new file mode 100644 index 0000000..944669f --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPei.sdl @@ -0,0 +1,28 @@ +PATH + Name = "AMI_TCG_PLATFORM_PEI_DIR" +End + +MODULE + Help = "Includes AmiTcgPlatform.mak to Project" + File = "AmiTcgPlatformPeiAfterMem.mak" +End + +MODULE + Help = "Includes AmiTcgPlatform.mak to Project" + File = "AmiTcgPlatformPeiBeforeMem.mak" +End + + + +ELINK + Name = "$(BUILD_DIR)\AmiTcgPlatformPeiAfterMem.ffs" + Parent = "FV_BB" + InvokeOrder = AfterParent +End + + +ELINK + Name = "$(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.ffs" + Parent = "FV_BB" + InvokeOrder = AfterParent +End \ No newline at end of file diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.c b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.c new file mode 100644 index 0000000..70cd5d0 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.c @@ -0,0 +1,782 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiAfterMem/AmiTcgPlatformPeiAfterMem.c 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiAfterMem/AmiTcgPlatformPeiAfterMem.c $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:54p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 18 9/19/12 10:33a Fredericko +// [TAG] EIP90807 +// [Category] Improvement +// [Description] MonotonicCounter variable guid changed. +// [Files] xTcgPei.c, AmiTcgPlatformPeiAfterMem.c +// +// 17 4/27/12 6:19p Fredericko +// Changes for fast system boot when TCG is enabled. +// +// 16 2/03/12 6:20p Fredericko +// [TAG] EIP81665 +// [Category] Improvement +// [Description] Support for MOR feature improvement. Remove Unneeded +// Code. +// [Files] Tcg.sdl, AmiTcgPlatformDxe.c, Tcgdxe.c, Tcglegacy.c +// +// 15 12/30/11 5:01p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 14 10/24/11 12:28p Fredericko +// +// 13 9/03/11 8:07p Fredericko +// +// 12 8/26/11 3:01p Fredericko +// +// 11 4/26/11 4:16p Fredericko +// +// 10 4/26/11 1:56p Fredericko +// Added support for function level override of specific functions. +// +// 9 4/22/11 8:57p Fredericko +// Added extra logic for verifying and setting physical presence. +// +// 8 4/01/11 10:54a Fredericko +// Changes for TPM support in Legacy IO mode. Signal TpmPei driver to call +// init function for TPM. +// +// 7 4/01/11 9:34a Fredericko +// Updated function Header +// +// 6 3/31/11 4:59p Fredericko +// Changes for TCG_LEGACY support +// +// 5 3/30/11 11:54a Fredericko +// +// 4 3/29/11 9:21p Fredericko +// if startup or selftest fails, treat it as a fatal error; return +// +// 3 3/29/11 2:24p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformPeiAfterMem.c +// +// Description: Function file for AmiTcgPlatformPeiAfterMem +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include "PPI\TcgService\TcgTcmService.h" +#include "PPI\TcgService\TcgService.h" +#include "PPI\TpmDevice\TpmDevice.h" +#include "PPI\CpuIo.h" +#include "PPI\LoadFile.h" +#include +#include "AmiTcgPlatformPei.h" + + +EFI_GUID gAMITcgPlatformPpiAfterMemGuid = AMI_TCG_PLATFORM_PPI_AFTER_MEM_GUID; +EFI_GUID gAmiTcmSignalguid = AMI_TCM_CALLBACK_GUID; +EFI_GUID gAmiLegacyTpmguid = AMI_TPM_LEGACY_GUID; + +static EFI_PEI_PPI_DESCRIPTOR TcmInitPpi[] = { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gAmiTcmSignalguid, + NULL +}; + +static EFI_PEI_PPI_DESCRIPTOR LegacyTpmInitPpi[] = { + (EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST), + &gAmiLegacyTpmguid, + NULL +}; + + +#if TCG_LEGACY == 1 + EFI_STATUS Configure_Tpm_Chip( ); +#endif + +//********************************************************************** +// +// +// Procedure: VerifyTcgVariables +// +// Description: Function to check whether we need to reset TCG variables +// +// +// Input: EFI_PEI_SERVICES **PeiServices +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS VerifyTcgVariables( + EFI_PEI_SERVICES **PeiServices ) +{ + CHAR16 Monotonic[] = L"MonotonicCounter"; +#if defined(CORE_COMBINED_VERSION) && (CORE_COMBINED_VERSION > 262797) + EFI_GUID Guid = AMI_GLOBAL_VARIABLE_GUID; +#else + EFI_GUID Guid = EFI_GLOBAL_VARIABLE; +#endif + EFI_GUID TcgGuid = AMI_TCG_RESETVAR_HOB_GUID; + UINTN Size = sizeof(UINT32); + UINT32 Dummy; + EFI_PEI_READ_ONLY_VARIABLE_PPI *ReadOnlyVariable; + EFI_STATUS Status; + EFI_HOB_GUID_TYPE *Hob; + BOOLEAN ResetAllTcgVar = FALSE; + EFI_GUID gTcgReadOnlyVariablePpiGuid + = EFI_TCG_PEI_READ_ONLY_VARIABLE_PPI_GUID; + AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI *VerifyVarOverride; + EFI_GUID VarOverrideguid = AMI_VERIFY_TCG_VARIABLES_GUID; + + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &VarOverrideguid, + 0, NULL, + &VerifyVarOverride); + + if(!EFI_ERROR(Status)){ + return (VerifyVarOverride->Function(PeiServices)); + } + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTcgReadOnlyVariablePpiGuid, + 0, NULL, + &ReadOnlyVariable + ); + + Status = ReadOnlyVariable->GetVariable( PeiServices, Monotonic, &Guid, + NULL, &Size, &Dummy ); + + // if not found, then this is the first boot + if ( EFI_ERROR( Status )) + { + ResetAllTcgVar = TRUE; + Status = TcgPeiBuildHobGuid( + PeiServices, + &TcgGuid, + sizeof (BOOLEAN), + &Hob ); + Hob++; + (*PeiServices)->CopyMem( Hob, &ResetAllTcgVar, sizeof (ResetAllTcgVar)); + } + + return EFI_SUCCESS; +} + + + + +//********************************************************************** +// +// +// Procedure: Set_TPMPhysicalPresence +// +// Description: Sets TPM physical Presence +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS Set_TPMPhysicalPresence( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_STATUS Status; + TPM_RSP_COMMAND_HDR RspHdr; + + AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI *SetPhysicalOverride; + EFI_GUID Overrideguid = AMI_SET_PHYSICAL_PRESENCE_GUID; + struct + { + TPM_RQU_COMMAND_HDR CmdHdr; + UINT8 Data[0x4]; + } cmd; + + UINT16 physical_CMD_on = TPM_H2NS(TPM_PHYSICAL_PRESENCE_CMD_ENABLE ); + UINT16 physical_on = TPM_H2NS(TPM_PHYSICAL_PRESENCE_PRESENT ); + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &Overrideguid, + 0, NULL, + &SetPhysicalOverride); + + if(!EFI_ERROR(Status)){ + return (SetPhysicalOverride->Function(PeiServices)); + } + + cmd.CmdHdr.tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmd.CmdHdr.paramSize = TPM_H2NL((UINT32)( sizeof (cmd.CmdHdr) + + sizeof(TPM_PHYSICAL_PRESENCE))); + + cmd.CmdHdr.ordinal = TPM_H2NL(TSC_ORD_PhysicalPresence ); + + if ( Lock_TPMPhysicalPresence( PeiServices )) + { + physical_on = TPM_H2NS( TPM_PHYSICAL_PRESENCE_LOCK ); + }else{ + if(*(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00) == 0x15D1){ + Status = ContinueTPMSelfTest( PeiServices ); + } + } + + Status = LocateTcgPpi(PeiServices, &TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init( TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + MemCpy( cmd.Data, &physical_CMD_on, sizeof(TPM_PHYSICAL_PRESENCE)); + + Status =TcgPpi->TCGPassThroughToTpm( + TcgPpi, + PeiServices, + (sizeof (cmd.CmdHdr) + sizeof(TPM_PHYSICAL_PRESENCE)), + (UINT8*)&cmd, + sizeof (RspHdr), + (UINT8*)&RspHdr ); + + MemCpy( cmd.Data, &physical_on, sizeof(TPM_PHYSICAL_PRESENCE)); + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + PeiServices, + (sizeof (cmd.CmdHdr) + sizeof(TPM_PHYSICAL_PRESENCE)), + (UINT8*)&cmd, + sizeof (RspHdr), + (UINT8*)&RspHdr ); + + Status = TpmPpi->Close( TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + if ( EFI_ERROR( Status )) + { + return Status; + } + + if ( RspHdr.returnCode != 0 ) + { + return EFI_DEVICE_ERROR; + } + return EFI_SUCCESS; +} + + + + + +//********************************************************************** +// +// +// Procedure: Set_TCMPhysicalPresence +// +// Description: Sets TCM physical Presence +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS Set_TCMPhysicalPresence( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_STATUS Status; + TPM_RSP_COMMAND_HDR RspHdr; + + struct + { + TPM_RQU_COMMAND_HDR CmdHdr; + UINT8 Data[0x4]; + } cmd; + + UINT16 physical_CMD_on = TPM_H2NS(TPM_PHYSICAL_PRESENCE_CMD_ENABLE ); + UINT16 physical_on = TPM_H2NS(TPM_PHYSICAL_PRESENCE_PRESENT ); + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCM_PPI *TcgPpi = NULL; + + cmd.CmdHdr.tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmd.CmdHdr.paramSize = TPM_H2NL((UINT32)( sizeof (cmd.CmdHdr) + + sizeof(TPM_PHYSICAL_PRESENCE))); + + cmd.CmdHdr.ordinal = TPM_H2NL(TCM_TSC_ORD_PhysicalPresence ); + + + if ( Lock_TPMPhysicalPresence( PeiServices )) + { + physical_on = TPM_H2NS( TPM_PHYSICAL_PRESENCE_LOCK ); + } + + Status = LocateTcmPpi(PeiServices, &TpmPpi, &TcgPpi); + ASSERT_PEI_ERROR( PeiServices, Status ); + + MemCpy( cmd.Data, &physical_CMD_on, sizeof(TPM_PHYSICAL_PRESENCE)); + + Status = TcgPpi->TCMPassThroughToTcm( + TcgPpi, + PeiServices, + (sizeof (cmd.CmdHdr) + sizeof(TPM_PHYSICAL_PRESENCE)), + (UINT8*)&cmd, + sizeof (RspHdr), + (UINT8*)&RspHdr ); + + MemCpy( cmd.Data, &physical_on, sizeof(TPM_PHYSICAL_PRESENCE)); + + Status = TcgPpi->TCMPassThroughToTcm( + TcgPpi, + PeiServices, + (sizeof (cmd.CmdHdr) + sizeof(TPM_PHYSICAL_PRESENCE)), + (UINT8*)&cmd, + sizeof (RspHdr), + (UINT8*)&RspHdr ); + + if ( RspHdr.returnCode != 0 ) + { + return EFI_DEVICE_ERROR; + } + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: TcgPeiGetRawImage +// +// Description: Loads binary from RAW section of main firwmare volume +// +// Input: IN EFI_PEI_SERVICES **PeiServices +// IN OUT VOID **Buffer +// IN OUT UINT16 *size +// IN EFI_GUID guid +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI TcgPeiGetRawImage( + IN EFI_PEI_SERVICES **PeiServices, + IN OUT VOID **Buffer, + IN OUT UINT16 *size, + EFI_GUID guid ) +{ + EFI_STATUS Status; + EFI_FIRMWARE_VOLUME_HEADER *pFV; + UINTN FvNum = 0; + EFI_FFS_FILE_HEADER *ppFile = NULL; + MPDRIVER_LEGHEADER *Temp; + BOOLEAN Found = FALSE; + + while ( TRUE ) + { + Status = (*PeiServices)->FfsFindNextVolume( PeiServices, FvNum, &pFV ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + ppFile = NULL; + + while ( TRUE ) + { + Status = (*PeiServices)->FfsFindNextFile( PeiServices, + EFI_FV_FILETYPE_FREEFORM, + pFV, + &ppFile ); + + if ( Status == EFI_NOT_FOUND ) + { + break; + } + + if ( guidcmp( &ppFile->Name, &guid ) == 0 ) + { + Found = TRUE; + break; + } + } + + if ( Found ) + { + break; + } + else { + FvNum++; + } + } + + (*PeiServices)->FfsFindSectionData( PeiServices, + EFI_SECTION_RAW, + ppFile, + Buffer ); + + if ( Buffer == NULL ) + { + return EFI_NOT_FOUND; + } + + Temp = ((MPDRIVER_LEGHEADER*)(*Buffer)); + *size = Temp->Size; + + return Status; +} + + + + + +//********************************************************************** +// +// +// Procedure: MemoryPresentEntry +// +// Description: This function performs TPM MP initialization +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI MemoryPresentEntry( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_STATUS Status; + EFI_HOB_GUID_TYPE *Hob; + TCG_LOG_HOB *TcgLog; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + EFI_HOB_GUID_TYPE *ptrBootMode; + EFI_BOOT_MODE BootMode; + EFI_HOB_GUID_TYPE *MpHobType; + EFI_PHYSICAL_ADDRESS MPRuntime; + void *TcgMPBuffer = NULL; + FAR32LOCALS InitCall; + void *MPRuntimePtr = NULL; + UINT16 Pages = 0; + UINT32 Offset = 0; + UINT8 FuncID = 1; + void *ParamIN = NULL; + void *ParamOut = NULL; + UINT32 RetVal = 0; + EFI_FFS_FILE_HEADER *FfsHeader = NULL; + EFI_PEI_CPU_IO_PPI *CpuIo = (*PeiServices)->CpuIo; + UINT8 MPFILEERROR = 0xFA; + BOOLEAN ResetMor = FALSE; +#if TCG_LEGACY == 1 + BOOLEAN TpmLegBin = TRUE; + EFI_GUID MpFileGuid = EFI_TCG_MPDriver_GUID; +#else + BOOLEAN TpmLegBin = FALSE; + EFI_GUID MpFileGuid = EFI_TCM_MPDriver_GUID; +#endif + + AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI *MpOverride; + EFI_GUID Overrideguid = AMI_MEMORY_PRESENT_FUNCTION_OVERRIDE_GUID; + + EFI_GUID gPeiEfiAmiTcgWakeEventDataHobGuid = \ + EFI_TCG_WAKE_EVENT_DATA_HOB_GUID; + EFI_GUID gEfiPeiAmiTcgLogHobGuid = EFI_TCG_LOG_HOB_GUID; + EFI_GUID gEfiTcgMpDriverHobGuid = EFI_TCG_MPDriver_HOB_GUID; + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &Overrideguid, + 0, NULL, + &MpOverride); + + if(!EFI_ERROR(Status)){ + return (MpOverride->Function(PeiServices)); + } + +#if TCG_LEGACY == 1 + Status = Configure_Tpm_Chip( ); + if ( EFI_ERROR( Status )) + { + PEI_TRACE((-1, PeiServices, + "Device not configured for legacy IO aborting TPM initialization\n")); + return Status; + } +#endif + + Status = (*PeiServices)->GetBootMode( PeiServices, &BootMode ); + ASSERT_PEI_ERROR( PeiServices, Status ); + + if((AutoSupportType()) || (TpmLegBin == TRUE)){ + + PEI_TRACE((-1, PeiServices,"Setting up Binary Images\n")); + + Status = TcgPeiGetRawImage( PeiServices, &TcgMPBuffer, &Pages, MpFileGuid ); + + if ( TcgMPBuffer == NULL ) + { + PEI_TRACE((-1, PeiServices, + "Unable to Find TCM OEM MPDriver!!! Please make sure TCM porting is done correctly\n")); + PEI_TRACE((-1, PeiServices,"Unrecoverable Error. HALTING SYSTEM\n")); + CpuIo->Io.Write( PeiServices, CpuIo, 0, 0x80, 1, &MPFILEERROR ); + while ( 1 ) + { + ; + } + } + + (*PeiServices)->AllocatePages( PeiServices, + EfiRuntimeServicesCode, + (UINTN)((Pages / 4096)+1), + &MPRuntime ); + + MPRuntimePtr = (void*)MPRuntime; + MemCpy( MPRuntimePtr, TcgMPBuffer, Pages ); + + Offset = ((MPDRIVER_LEGHEADER*)MPRuntimePtr)->CodeP; + MPRuntime += Offset; + + //Assuming we are in Protected mode with flat address selector 10 as + //set by startup32.asm + InitCall.Offset = (UINT32)MPRuntime; + InitCall.Selector = SEL_flatCS; + InitCall.Codep = ((MPDRIVER_LEGHEADER*)MPRuntimePtr)->CodeP; + InitCall.Size = Pages; + + //create Hob to pass PEI Capabilities information + Status = TcgPeiBuildHobGuid( + PeiServices, + &gEfiTcgMpDriverHobGuid, + sizeof (FAR32LOCALS), + &MpHobType ); + + ASSERT_PEI_ERROR( PeiServices, Status ); + MpHobType++; + (*PeiServices)->CopyMem( MpHobType, &InitCall, sizeof (FAR32LOCALS)); + if ( EFI_ERROR( Status )) { + return Status; + } + + if(AutoSupportType()) + { + Status = (*PeiServices)->InstallPpi( PeiServices, TcmInitPpi ); + if ( EFI_ERROR( Status )) { + return Status; + } + }else{//legacy IO support for TPM + Status = (*PeiServices)->InstallPpi( PeiServices, LegacyTpmInitPpi ); + if ( EFI_ERROR( Status )) { + return Status; + } + } + + #if (StartupCmd_SelfTest_State == 1) + Status = SendStartupandSelftest(PeiServices,BootMode); + if(EFI_ERROR(Status))return Status; //if startup or selftest fails, treat it as a fatal error; return + #endif + } + + #if (StartupCmd_SelfTest_State == 0) + Status = SendStartupandSelftest(PeiServices,BootMode); + if(EFI_ERROR(Status))return Status; //if startup or selftest fails, treat it as a fatal error; return + #endif + + if((BootMode == BOOT_ON_S3_RESUME) || (BootMode == BOOT_IN_RECOVERY_MODE)){ + return EFI_SUCCESS; + } + + Status = TcgPeiBuildHobGuid( + PeiServices, + &gPeiEfiAmiTcgWakeEventDataHobGuid, + sizeof (BootMode), + &ptrBootMode ); + + ASSERT_PEI_ERROR( PeiServices, Status ); + ptrBootMode++; + (*PeiServices)->CopyMem( ptrBootMode, &BootMode, sizeof (BootMode)); + + //even if TPM is deactivated still build hob but + //don't populate it. + Status = TcgPeiBuildHobGuid( + PeiServices, + &gEfiPeiAmiTcgLogHobGuid, + sizeof (*TcgLog) + TCG_LOG_MAX_TABLE_SIZE, + &Hob ); + + ASSERT_PEI_ERROR( PeiServices, Status ); + + TcgLog = (TCG_LOG_HOB*)(Hob + 1); + (*PeiServices)->SetMem( TcgLog, sizeof (*TcgLog), 0 ); + TcgLog->TableMaxSize = TCG_LOG_MAX_TABLE_SIZE; + + if(!AutoSupportType()) + { + Status = MeasureCRTMVersionFuncPtr( PeiServices ); + ASSERT_PEI_ERROR( PeiServices, Status ); + }else{ + Status = MeasureTcmCRTMVersion( PeiServices ); + ASSERT_PEI_ERROR( PeiServices, Status ); + } + + Status = LocateTcgPpi(PeiServices, &TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + return Status; +} + + + + +static AMI_TCG_PLATFORM_PPI_AFTER_MEM mAmiTcgPlatformPPI = { + Set_TPMPhysicalPresence, + MemoryPresentEntry, + VerifyTcgVariables +}; + + +static EFI_PEI_PPI_DESCRIPTOR mAmiTcgPlatformPPIListAfterMem[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI + | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gAMITcgPlatformPpiAfterMemGuid, + &mAmiTcgPlatformPPI + } +}; + + + + +//********************************************************************** +// +// +// Procedure: AmiTcgPlatformPEI_EntryAfterMem +// +// Description: Installs AMIplatform PPI for initialization in PEI after +// memory is installed +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader, +// IN EFI_PEI_SERVICES **PeiServices +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI AmiTcgPlatformPEI_EntryAfterMem( + IN EFI_FFS_FILE_HEADER *FfsHeader, + IN EFI_PEI_SERVICES **PeiServices +){ + EFI_STATUS Status; + + Status = (*PeiServices)->InstallPpi( PeiServices, mAmiTcgPlatformPPIListAfterMem ); + return Status; +} + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.cif b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.cif new file mode 100644 index 0000000..5e3bfa8 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.cif @@ -0,0 +1,9 @@ + + name = "AmiTcgPlatformPeiAfterMem" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgPlatformPeiAfterMem" +[files] +"AmiTcgPlatformPeiAfterMem.c" +"AmiTcgPlatformPeiAfterMem.mak" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.mak b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.mak new file mode 100644 index 0000000..031d566 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiAfterMem.mak @@ -0,0 +1,98 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiAfterMem/AmiTcgPlatformPeiAfterMem.mak 1 4/21/14 2:17p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:17p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiAfterMem/AmiTcgPlatformPeiAfterMem.mak $ +# +# 1 4/21/14 2:17p Fredericko +# +# 1 10/08/13 12:04p Fredericko +# Initial Check-In for Tpm-Next module +# +# 2 10/03/13 2:13p Fredericko +# +# 1 7/10/13 5:54p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 2 3/29/11 2:24p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# +# +#************************************************************************* +# +# +# Name: AmiTcgPlatformPeiAfterMem.mak +# +# Description: Make file for AmiTcgPlatformPeiAfterMem +# +# +#************************************************************************ +all : AmiTcgPlatformPeiAfterMem + +AmiTcgPlatformPeiAfterMem : $(BUILD_DIR)\AmiTcgPlatformPeiAfterMem.mak AmiTcgPlatformPeiAfterMembin + +$(BUILD_DIR)\AmiTcgPlatformPeiAfterMem.mak : $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).cif $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + + +#--------------------------------------------------------------------------- +# Making AmiTcgPlatformPei +#--------------------------------------------------------------------------- +AMI_TCG_PEI_PLATFORM_OBJECTS_AFTER_MEM = \ + $(BUILD_DIR)\$(AMI_TCG_PLATFORM_PEI_DIR)\AmiTcgPlatformPeiAfterMem.obj \ + +TCGPEIOVERRIDE_CFLAGS=$(CFLAGS)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(AMI_TCG_PLATFORM_PEI_DIR)\ + +AmiTcgPlatformPeiAfterMembin : $(AMIPEILIB) $(BUILD_DIR)\AmiTcgLibPei.lib + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\AmiTcgPlatformPeiAfterMem.mak all \ + "CFLAGS=$(TCGPEIOVERRIDE_CFLAGS) "\ + "CPFLAGS=$(TCGPEIOVERRIDE_CFLAGS) "\ + GUID=9B3F28D5-10A6-46c8-BA72-BD40B847A71A\ + "OBJECTS=$(AMI_TCG_PEI_PLATFORM_OBJECTS_AFTER_MEM)" \ + ENTRY_POINT=AmiTcgPlatformPEI_EntryAfterMem \ + TYPE=PEIM \ + DEPEX1=$(AMI_TCG_PLATFORM_PEI_DIR)\AmiTcgPlatformPei.dxs \ + DEPEX1_TYPE=EFI_SECTION_PEI_DEPEX \ + COMPRESS=1 +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.c b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.c new file mode 100644 index 0000000..f76147e --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.c @@ -0,0 +1,279 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiBeforeMem/AmiTcgPlatformPeiBeforeMem.c 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiBeforeMem/AmiTcgPlatformPeiBeforeMem.c $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:54p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 8 4/27/12 6:18p Fredericko +// +// 7 1/17/12 11:24a Fredericko +// Install Tpm_Initialized Ppi in PEI +// +// 6 10/24/11 12:27p Fredericko +// +// 5 9/01/11 2:23p Fredericko +// [TAG] EIP66113 +// [Category] Improvement +// [Description] Support LTsx on server platforms where startup commands +// are sent by the ACM binaries. +// [Files] AmiTcgPlatformPeiBoardBeforeMem.c +// AmiTcgPlatformPeiLib.c +// AmiTcgPlatformPei.h +// +// 4 4/26/11 1:52p Fredericko +// Added support for function level override of specific functions. +// +// 3 4/01/11 9:34a Fredericko +// Updated function Header +// +// 2 3/29/11 2:22p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformPeiBeforeMem.c +// +// Description: Function file for AmiTcgPlatformPeiBeforeMem +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include "PPI\TcgService\TcgTcmService.h" +#include "PPI\TcgService\TcgService.h" +#include "PPI\TpmDevice\TpmDevice.h" +#include "PPI\CpuIo.h" +#include "PPI\LoadFile.h" +#include +#include "AmiTcgPlatformPei.h" + + +EFI_GUID gAMITcgPlatformPpiBeforeMemguid = AMI_TCG_PLATFORM_PPI_BEFORE_MEM_GUID; +EFI_GUID gTpmInitializedguid = PEI_TPM_INITIALIZED_PPI_GUID; + +static EFI_PEI_PPI_DESCRIPTOR Tpm_Initialized[] = +{ + { + EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gTpmInitializedguid, NULL + } +}; + + +//********************************************************************** +// +// +// Procedure: MemoryAbsentEntry +// +// Description: This function performs TPM MA initialization +// +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader +// IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +MemoryAbsentEntry( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_STATUS Status; + EFI_BOOT_MODE BootMode; + void *TcgDrvBuffer = NULL; + UINT16 Pages = 0; + EFI_GUID guid = EFI_TCG_MADriver_GUID; + EFI_HOB_GUID_TYPE *MAHobType; + MASTRUCT MAHob; + FAR32LOCALS CommonLegX; + EFI_GUID gEfiTcgMADriverHobGuid = EFI_TCG_MADriver_HOB_GUID; + AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI *PpiOverride; + EFI_GUID Overrideguid = AMI_MEMORY_ABSENT_OVERRIDE_GUID; + EFI_GUID SkipTpmStartupGuid = AMI_SKIP_TPM_STARTUP_GUID; + BOOLEAN SkipTpmStartup = FALSE; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &SkipTpmStartupGuid, + 0, NULL, + &PpiOverride); + + if(!EFI_ERROR(Status)) { + SkipTpmStartup = TRUE; + } + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &Overrideguid, + 0, NULL, + &PpiOverride); + + if(!EFI_ERROR(Status)){ + return (PpiOverride->Function(PeiServices)); + } + + Status = (*PeiServices)->GetBootMode( PeiServices, &BootMode ); + ASSERT_PEI_ERROR( PeiServices, Status ); + +#if (StartupCmd_SelfTest_State == 1) + if(!AutoSupportType()){ + if (!SkipTpmStartup) { + Status = TcgPeiTpmStartup( PeiServices, BootMode ); + ASSERT_PEI_ERROR( PeiServices, Status ); + } + + Status = ContinueTPMSelfTest( PeiServices ); + ASSERT_PEI_ERROR( PeiServices, Status ); + + if(!EFI_ERROR(Status)){ + (*PeiServices)->InstallPpi(PeiServices, Tpm_Initialized); + } + + if ((BootMode == BOOT_ON_S3_RESUME) || (BootMode == BOOT_IN_RECOVERY_MODE)) + { + return Status; + } + } +#else + if ((BootMode == BOOT_ON_S3_RESUME) || (BootMode == BOOT_IN_RECOVERY_MODE)) + { + return Status; + } +#endif + + if(AutoSupportType()){ + Status = FillDriverLocByFile(&CommonLegX.Offset,PeiServices,&guid,&TcgDrvBuffer,(UINTN*)&Pages); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + if ( CommonLegX.Offset == NULL ) + { + return EFI_NOT_FOUND; + } + + MAHob.Offset = CommonLegX.Offset; + MAHob.Selector = SEL_flatCS; + MAHob.Codep = ((MPDRIVER_LEGHEADER*)((UINT8*)(TcgDrvBuffer)))->CodeP; + + Status = TcgPeiBuildHobGuid( + PeiServices, + &gEfiTcgMADriverHobGuid, + sizeof (MASTRUCT), + &MAHobType ); + + ASSERT_PEI_ERROR( PeiServices, Status ); + MAHobType++; + + (*PeiServices)->CopyMem( MAHobType, &MAHob, sizeof (MASTRUCT)); + return Status; + } + + return EFI_SUCCESS; +} + + + + +static AMI_TCG_PLATFORM_PPI_BEFORE_MEM mAmiTcgPlatformPPI = { + MemoryAbsentEntry, +}; + + +static EFI_PEI_PPI_DESCRIPTOR mAmiTcgPlatformPPIListBeforeMem[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI + | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gAMITcgPlatformPpiBeforeMemguid, + &mAmiTcgPlatformPPI + } +}; + + + + +//********************************************************************** +// +// +// Procedure: AmiTcgPlatformPEI_EntryBeforeMem +// +// Description: Installs AMIplatform PPI for initialization in PEI before +// memory is installed +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader, +// IN EFI_PEI_SERVICES **PeiServices +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI AmiTcgPlatformPEI_EntryBeforeMem( + IN EFI_FFS_FILE_HEADER *FfsHeader, + IN EFI_PEI_SERVICES **PeiServices +){ + EFI_STATUS Status; + + Status = (*PeiServices)->InstallPpi( PeiServices, mAmiTcgPlatformPPIListBeforeMem ); + return Status; +} + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.cif b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.cif new file mode 100644 index 0000000..903e850 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.cif @@ -0,0 +1,9 @@ + + name = "AmiTcgPlatformPeiBeforeMem" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "AmiTcgPlatformPeiBeforeMem" +[files] +"AmiTcgPlatformPeiBeforeMem.c" +"AmiTcgPlatformPeiBeforeMem.mak" + diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.mak b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.mak new file mode 100644 index 0000000..0c3c2c3 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiBeforeMem.mak @@ -0,0 +1,150 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiBeforeMem/AmiTcgPlatformPeiBeforeMem.mak 2 6/09/14 4:53p Fredericko $ +# +# $Revision: 2 $ +# +# $Date: 6/09/14 4:53p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiBeforeMem/AmiTcgPlatformPeiBeforeMem.mak $ +# +# 2 6/09/14 4:53p Fredericko +# +# 1 4/21/14 2:17p Fredericko +# +# 1 10/08/13 12:04p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:54p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 4 9/27/11 10:29p Fredericko +# [TAG] EIP67286 +# [Category] Improvement +# [Description] changes for Tcg Setup policy +# [Files] Tcg.sdl +# TcgPei.cif +# TcgPei.mak +# xtcgPei.c +# xTcgPeiAfterMem.c +# TcgPeiAfterMem.mak +# TcgDxe.cif +# TcgDxe.mak +# xTcgDxe.c +# AmiTcgPlatformPeilib.c +# AmiTcgPlatformDxelib.c +# +# 3 4/22/11 8:56p Fredericko +# Changes for x32bit mode build +# +# 2 3/29/11 2:22p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# +# +#************************************************************************* +# +# +# Name: AmiTcgPlatformPeiBeforeMem.mak +# +# Description: Make file for AmiTcgPlatformPeiBeforeMem +# +# +#************************************************************************ +all : AmiTcgPlatformPeiBeforeMem $(BUILD_DIR)\AmiTcgLibPei.lib + +AmiTcgPlatformPeiBeforeMem : $(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak AmiTcgPlatformPeiBeforeMembin + +$(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak : $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).cif $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(AMI_TCG_PLATFORM_PEI_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +$(BUILD_DIR)\AmiTcgLibPei.lib : $(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak Make_AMITTCG_LIB + +AMITCGLIB_CFLAGS=$(CFLAGS)\ + /I$(TcgPlatformSetupPeiPolicy_DIR)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(TCG_DIR)\Common\Tpm20Includes\ + /I$(AMI_TCG_PLATFORM_PEI_DIR) + + +AMI_TCG_LIB_OBJECTS = \ + $(BUILD_DIR)\$(AMI_TCG_PLATFORM_PEI_DIR)\AmiTcgPlatformPeiLib.obj + +!IFNDEF LIB_BUILD_DIR +!IF "$(PROCESSOR)"=="x64" +TCGLIB=$(BUILD_DIR)\IA32\TisLib.lib +AMITCMLIB = $(BUILD_DIR)\IA32\AmiTcmlib.lib +!ELSE +TCGLIB=$(BUILD_DIR)\TisLib.lib +AMITCMLIB = $(BUILD_DIR)\AmiTcmlib.lib +!ENDIF +!ENDIF #LIB_BUILD_DIR + +Make_AMITTCG_LIB : $(TCGLIB) $(AMITCMLIB) $(AMICSPLib) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak all\ + "CFLAGS=$(AMITCGLIB_CFLAGS) "\ + OBJECTS="$(AMI_TCG_LIB_OBJECTS)"\ + NAME=AmiTcgLibPei\ + MAKEFILE=$(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak \ + TYPE=PEI_LIBRARY + + +#--------------------------------------------------------------------------- +# Making AmiTcgPlatformPei +#--------------------------------------------------------------------------- +AMI_TCG_PEI_PLATFORM_OBJECTS_BEFORE_MEM = \ + $(BUILD_DIR)\$(AMI_TCG_PLATFORM_PEI_DIR)\AmiTcgPlatformPeiBeforeMem.obj \ + +TCGPEIOVERRIDE_CFLAGS=$(CFLAGS)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(AMI_TCG_PLATFORM_PEI_DIR)\ + +AmiTcgPlatformPeiBeforeMembin : $(AMIPEILIB) $(BUILD_DIR)\AmiTcgLibPei.lib + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\AmiTcgPlatformPeiBeforeMem.mak all \ + "CFLAGS=$(TCGPEIOVERRIDE_CFLAGS) "\ + "CPFLAGS=$(TCGPEIOVERRIDE_CFLAGS) "\ + GUID=E9312938-E56B-4614-A252-CF7D2F377E26\ + "OBJECTS=$(AMI_TCG_PEI_PLATFORM_OBJECTS_BEFORE_MEM)" \ + ENTRY_POINT=AmiTcgPlatformPEI_EntryBeforeMem \ + TYPE=PEIM \ + DEPEX1=$(AMI_TCG_PLATFORM_PEI_DIR)\AmiTcgPlatformPei.dxs \ + DEPEX1_TYPE=EFI_SECTION_PEI_DEPEX \ + COMPRESS=0 +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/AmiTcgPlatformPeiLib.c b/Board/EM/TCG2/Common/AmiTcgPlatformPeiLib.c new file mode 100644 index 0000000..b7a3ee1 --- /dev/null +++ b/Board/EM/TCG2/Common/AmiTcgPlatformPeiLib.c @@ -0,0 +1,1907 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiLib.c 3 6/14/14 12:32a Fredericko $ +// +// $Revision: 3 $ +// +// $Date: 6/14/14 12:32a $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgPlatform/AmiTcgPlatformPei/AmiTcgPlatformPeiLib.c $ +// +// 3 6/14/14 12:32a Fredericko +// Fix locking of Physical Presense +// +// 2 6/09/14 4:51p Fredericko +// Changes for SetVariable vulnerability during Runtime +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:54p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 19 3/31/13 7:40p Fredericko +// [TAG] EIP118211 +// [Category] Improvement +// [Description] Implement ability to skip Physical presence lock in +// manufacturing mode +// [Files] TcgPei.c, AmiTcgPlatformDxe.c, AmiTcgNvflagSample.c +// +// [TAG] EIP +// [Category] Improvement +// [Description] Timing policy changes for slower TPMs (ability to skip +// setting of physical presence in PEI to DXE) +// [Files] AmiTcgPlatformDxe.c, AmiTcgNvflagSample.c, +// AmiTcgPlatformPei.c +// +// 18 3/06/13 3:23p Fredericko +// [TAG] EIP112717 +// [Category] Improvement +// [Description] Change code to use PCR from token definition file +// instead of using numbers +// [Files] xTcgDxe.c +// AmiTcgPlatformPeiLib.c +// AmiTcgPlatformDxe.c +// +// 17 11/05/12 11:12a Fredericko +// Continue Selftest Vendor ID Token added +// +// 16 4/27/12 6:16p Fredericko +// 1. Remove unused functions. +// +// 15 3/19/12 6:47p Fredericko +// Changes for Tcg Performance Metrics Improvement. +// Files Changed: Tcg.sdl, TcgMisc.h, TcgDxe.c, TcgCommon.c, TcgCommon.h, +// AmiTcgPlatformPeiLib.c, AmiTcgPlatformDxe.c, TcgDxe.dxs +// +// 14 2/03/12 5:52p Fredericko +// [TAG] EIP81665 +// [Category] Improvement +// [Description] Support for MOR feature improvement. Removed unneed +// functions. +// EIP: 80813: System will assert in AmiTcgPlatformPei.lib if PeiRamboot +// module is not included in the project +// [Files] Tcg.sdl, AmiTcgPlatformDxe.c, Tcgdxe.c, Tcglegacy.c +// +// 13 12/30/11 4:58p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 12 12/18/11 10:27p Fredericko +// Changes to support TcgplatformPeiPolicy in relation to O.S. requests. +// +// 11 12/12/11 3:52p Fredericko +// [TAG] EIP76865 +// [Category] Improvement +// [Description] Dual Support for TCM and TPM. System could hang in TXT +// if txt is enabled in setup +// [Files] AmiTcgPlatfompeilib.c, AmiTcgPlatformPpi.cif, +// AmiTcgPlatformPpi.h, AmiTcgPlatformProtocol.cif, +// AmiTcgPlatformProtocol.h, +// EMpTcmPei.c, TcgDxe.cif, TcgPei.cif, TcgPeiAfterMem.cif, +// TcgPeiAfterMem.mak, TcgTcmPeiAfterMem.c, xTcgDxe.c, xTcgPei.c, +// xTcgPeiAfterMem.c +// +// 10 9/27/11 10:28p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] changes for Tcg Setup policy +// [Files] Tcg.sdl +// TcgPei.cif +// TcgPei.mak +// xtcgPei.c +// xTcgPeiAfterMem.c +// TcgPeiAfterMem.mak +// TcgDxe.cif +// TcgDxe.mak +// xTcgDxe.c +// AmiTcgPlatformPeilib.c +// AmiTcgPlatformDxelib.c +// +// 9 9/01/11 2:25p Fredericko +// [TAG] EIP66113 +// [Category] Improvement +// [Description] Support LTsx on server platforms where startup commands +// are sent by the ACM binaries. +// [Files] AmiTcgPlatformPeiBoardBeforeMem.c +// AmiTcgPlatformPeiLib.c +// AmiTcgPlatformPei.h +// +// 8 8/26/11 3:00p Fredericko +// +// 7 8/09/11 6:30p Fredericko +// [TAG] EIP66468 +// [Category] Spec Update +// [Severity] Minor +// [Description] 1. Changes for Tcg Ppi 1.2 support. +// [Files] 1 TcgSmm.h +// 2.TcgSmm.c +// 3.Tcg_ppi1_2.asl +// 4. AmiTcgNvflagsSample.c +// 5. AmiTcgPlatformPeiLib.c +// 6. AmiTcgPlatformDxe.sdl +// 7. AmiTcgPlatformDxe.c +// +// 6 7/25/11 3:23a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] TCG Ppi Sec ver 1.2 update +// +// 5 4/05/11 8:08p Fredericko +// Changes for the measurement of FVMAIN in the case of the trusted +// cryptographic module +// +// 4 4/04/11 2:17p Fredericko +// Measurement of Dxe FVol commented back into code +// +// 3 3/29/11 9:20p Fredericko +// Handle TPM startup and selftest errors as fatal errors. Don't continue +// with any TPM initialization. +// +// 2 3/29/11 2:20p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformPeilib.c +// +// Description: Function file that contains library files for AmiTcgPlatformPei +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include +#include "PPI\TcgService\TcgTcmService.h" +#include "PPI\TcgService\TcgService.h" +#include "PPI\TpmDevice\TpmDevice.h" +#include "PPI\CpuIo.h" +#include "PPI\LoadFile.h" +#include +#include +#include "AmiTcgPlatformPei.h" +#include "TcgPlatformSetupPeiPolicy.h" +#include +#include + + +//************************************************************************* +// GLOBAL DEFINITIONS +//************************************************************************* +EFI_GUID gTcgPpiguid = PEI_TCG_PPI_GUID; +EFI_GUID gTpmDevicePpiguid = PEI_TPM_PPI_GUID; +EFI_GUID Descguid = AMI_TCG_PERM_FLAGS_GUID; +EFI_GUID Tpm20Hobguid = TPM20_HOB_GUID; + + +EFI_GUID gTpmguidEndOfPei = EFI_PEI_END_OF_PEI_PHASE_PPI_GUID; + + +EFI_GUID gTcgReadOnlyVariablePpiGuid + = EFI_TCG_PEI_READ_ONLY_VARIABLE_PPI_GUID; + + +EFI_GUID TcgBoardEfiGlobalVariableGuid = TCG_EFI_GLOBAL_VARIABLE_GUID; + +typedef struct +{ + TPM_1_2_CMD_HEADER hdr; + UINT32 pcr; + TCG_DIGEST digest; +} TPM_EXTEND_CMD; + +typedef struct +{ + TPM_1_2_RET_HEADER rethdr; + TCG_DIGEST Outdigest; +} TPM_EXTEND_RET; + +//********************************************************************** +// Links +//********************************************************************** +extern MEASURE_CRTM_VERSION_PEI_FUNC_PTR MEASURE_CRTM_VERSION_PEI_FUNCTION; +MEASURE_CRTM_VERSION_PEI_FUNC_PTR *MeasureCRTMVersionFuncPtr = MEASURE_CRTM_VERSION_PEI_FUNCTION; + +extern MEASURE_TCG_PCCLIENT_ID_PEI_FUNC_PTR MEASURE_TCG_PCCLIENT_ID_PEI_FUNCTION; +MEASURE_TCG_PCCLIENT_ID_PEI_FUNC_PTR *MeasureTCGPcClientSpecIDFuncPtr = MEASURE_TCG_PCCLIENT_ID_PEI_FUNCTION; + +extern MEASURE_CORE_DXE_FW_VOL_PEI_FUNC_PTR MEASURE_CORE_DXE_FW_VOL_PEI_FUNCTION; +MEASURE_CORE_DXE_FW_VOL_PEI_FUNC_PTR *MeasureDxeCoreFwVolFuncPtr = MEASURE_CORE_DXE_FW_VOL_PEI_FUNCTION; + + +//********************************************************************** +// TCG_Helper functions +//********************************************************************** +#pragma pack(1) +typedef struct _TCG_PEI_CALLBACK_CONTEXT +{ + PEI_TPM_PPI *TpmDevice; + EFI_PEI_SERVICES **PeiServices; +} TCG_PEI_CALLBACK_CONTEXT; +#pragma pack() + +UINT8 Tpm20SupportType() +{ + return (TRUE); +} + +static AMI_TPM20SUPPORTTYPE_PPI Tpm20SupportTypePpi = { + Tpm20SupportType +}; + + +static EFI_PEI_PPI_DESCRIPTOR mTpm20SupportList[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI + | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &Tpm20Hobguid, + &Tpm20SupportTypePpi + } +}; + + +EFI_STATUS +__stdcall TcgCommonPassThrough( + IN VOID *CallbackContext, + IN UINT32 NoInputBuffers, + IN TPM_TRANSMIT_BUFFER *InputBuffers, + IN UINT32 NoOutputBuffers, + IN OUT TPM_TRANSMIT_BUFFER *OutputBuffers ) +{ + TCG_PEI_CALLBACK_CONTEXT *Ctx; + + Ctx = (TCG_PEI_CALLBACK_CONTEXT*)CallbackContext; + + return Ctx->TpmDevice->Transmit( + Ctx->TpmDevice, + Ctx->PeiServices, + NoInputBuffers, + InputBuffers, + NoOutputBuffers, + OutputBuffers + ); +} + +BOOLEAN IsMfgMode( + IN EFI_PEI_SERVICES **PeiServices, + IN CONST EFI_PEI_READ_ONLY_VARIABLE2_PPI *ReadVariablePpi +); + + +//********************************************************************** +// +// +// Procedure: TcgPeiBuildHobGuid +// +// Description: Internal abstracted function to create a Hob +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// IN EFI_GUID *Guid, +// IN UINTN DataLength, +// OUT VOID **Hob +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TcgPeiBuildHobGuid( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_GUID *Guid, + IN UINTN DataLength, + OUT VOID **Hob ) +{ + EFI_STATUS Status; + + Status = (*PeiServices)->CreateHob( + PeiServices, + EFI_HOB_TYPE_GUID_EXTENSION, + (UINT16) ( sizeof (EFI_HOB_GUID_TYPE) + DataLength ), + Hob + ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + ((EFI_HOB_GUID_TYPE*)(*Hob))->Name = *Guid; + + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: FillDriverLocByFile +// +// Description: Helper function to locate a Driver by guid and fill in +// Offset data about it. Mainly for MA Driver +// +// +// Input: IN OUT UINT32* Offset, +// IN EFI_PEI_SERVICES **ps, +// IN EFI_GUID *Driveguid, +// IN OUT VOID **MAStart, +// IN OUT UINTN *MASize +// +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS FillDriverLocByFile( + IN OUT UINT32 * Offset, + IN EFI_PEI_SERVICES **ps, + IN EFI_GUID *Driveguid, + IN OUT VOID **MAStart, + IN OUT UINTN *MASize ) +{ + UINT8 * Temp; + EFI_FIRMWARE_VOLUME_HEADER *pFV; + EFI_FFS_FILE_HEADER *ppFile; + EFI_STATUS Status; + UINTN Instance = 0; + MPDRIVER_LEGHEADER *Buffer; + UINT32 CodeSec = 0; + + while ( TRUE ) + { + Status = (*ps)->FfsFindNextVolume( ps, Instance, &pFV ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + ppFile = NULL; + // + // Start new search in volume + // + while ( TRUE ) + { + Status = (*ps)->FfsFindNextFile( ps, + EFI_FV_FILETYPE_FREEFORM, + pFV, + &ppFile ); + + if ( Status == EFI_NOT_FOUND ) + { + break; + } + + if ( CompareGuid( &(ppFile->Name), Driveguid )) + { + Temp = ((UINT8*) ppFile + sizeof (EFI_FFS_FILE_HEADER) + + sizeof(ppFile->Size)); + Buffer = (MPDRIVER_LEGHEADER*)(Temp + 1); + CodeSec = Buffer->CodeP; + *Offset = (UINT32)Buffer + CodeSec; + *MAStart = Buffer; + *MASize = (UINTN)Buffer->Size; + return Status; + } + } + Instance += 1; + } +} + + + + +//********************************************************************** +// +// +// Procedure: FillDriverLoc +// +// Description: Minor function to fill in MPDriver Offsets for TPM +// Device PPI +// +// +// Input: IN OUT UINT32* Offset, +// IN EFI_PEI_SERVICES **ps, +// IN EFI_GUID *Driveguid +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID FillDriverLoc( + IN OUT UINT32 * Offset, + IN EFI_PEI_SERVICES **ps, + IN EFI_GUID *Driveguid ) +{ + EFI_HOB_GUID_TYPE *DrvHob; + UINT8 * Temp; + + (*ps)->GetHobList( ps, &DrvHob ); + while ( !EFI_ERROR( FindNextHobByType( EFI_HOB_TYPE_GUID_EXTENSION, &DrvHob ))) + { + if ((DrvHob->Header.HobType == EFI_HOB_TYPE_GUID_EXTENSION) + && (guidcmp( &DrvHob->Name, Driveguid )) == 0 ) + { + Temp = (UINT8*)++DrvHob; + *Offset = *(UINT32*) Temp; + break; + } + } +} + + + + + + +//********************************************************************** +// +// +// Procedure: LocateTcgPpi +// +// Description: Locates and initializes TCG Ppi +// +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader +// IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS LocateTcgPpi( + IN EFI_PEI_SERVICES **PeiServices, + IN PEI_TPM_PPI **gTpmDevicePpi, + IN PEI_TCG_PPI **gTcgPpi +) +{ + EFI_STATUS Status; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTpmDevicePpiguid, + 0, NULL, + gTpmDevicePpi); + + + if(EFI_ERROR(Status)){ + PEI_TRACE((-1, PeiServices, "gTpmDevicePpiguid NOT found %r \n", Status)); + return Status; + } + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTcgPpiguid, + 0, NULL, + gTcgPpi); + + if(EFI_ERROR(Status)){ + PEI_TRACE((-1, PeiServices, "gTcgPpiguid NOT found %r \n", Status)); + return Status; + } + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: LocateTcgPpi +// +// Description: Locates and initializes TCG Ppi +// +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader +// IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS LocateTcmPpi( + IN EFI_PEI_SERVICES **PeiServices, + IN PEI_TPM_PPI **gTpmDevicePpi, + IN PEI_TCM_PPI **gTcmPpi +) +{ + EFI_STATUS Status; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTpmDevicePpiguid, + 0, NULL, + gTpmDevicePpi); + + + if(EFI_ERROR(Status))return Status; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTcgPpiguid, + 0, NULL, + gTcmPpi); + + return Status; +} + + +EFI_STATUS Tpm20PeiSendStartup(IN EFI_PEI_SERVICES **PeiServices) +{ + EFI_STATUS Status = EFI_SUCCESS; + TPM2_Startup_Cmd StartupCmd; + TPM2_Common_RespHdr StartupReponse; + UINT32 ReturnSize = 0; + EFI_BOOT_MODE BootMode; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + + + Status = LocateTcgPpi(PeiServices,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + StartupCmd.tag = (TPMI_ST_COMMAND_TAG)TPM_H2NS(TPM_ST_NO_SESSIONS); + StartupCmd.CommandSize = TPM_H2NL((sizeof(TPM2_Startup_Cmd))); + StartupCmd.CommandCode = TPM_H2NL(TPM_CC_Startup); + + Status = (*PeiServices)->GetBootMode (PeiServices, &BootMode); + if(EFI_ERROR(Status))return Status; + + if(BootMode == BOOT_ON_S3_RESUME){ + StartupCmd.StartupType = TPM_H2NS(TPM_SU_STATE); + }else{ + StartupCmd.StartupType = TPM_H2NS(TPM_SU_CLEAR); + } + + ReturnSize = (UINT32)sizeof(StartupReponse); + + MemSet((UINT8 *)&StartupReponse,(UINTN)sizeof(StartupReponse), 0); + + Status = TcgPpi->TCGPassThroughToTpm(TcgPpi, + PeiServices, + sizeof(TPM2_Startup_Cmd), + (UINT8*)&StartupCmd, + ReturnSize, + (UINT8*)&StartupReponse); + + if((StartupReponse.ResponseCode) != TPM_RC_SUCCESS){ + Status = EFI_DEVICE_ERROR; + } + + return Status; +} + + +EFI_STATUS Tpm20PeiSelfTest(IN EFI_PEI_SERVICES **PeiServices) +{ + EFI_STATUS Status = EFI_SUCCESS; + TPM2_SelfTest SelfTestCmd; + TPM2_Common_RespHdr SelfTestReponse; + UINT32 ReturnSize = 0; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + + Status = LocateTcgPpi(PeiServices,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + SelfTestCmd.tag = (TPMI_ST_COMMAND_TAG)TPM_H2NS(TPM_ST_NO_SESSIONS); + SelfTestCmd.CommandSize = TPM_H2NL((sizeof(TPM2_SelfTest))); + SelfTestCmd.CommandCode = TPM_H2NL(TPM_CC_SelfTest); + SelfTestCmd.SelfTestType = 0; + + ReturnSize = (UINT32)sizeof(SelfTestReponse); + + MemSet((UINT8 *)&SelfTestReponse,(UINTN)sizeof(SelfTestReponse), 0); + + Status = TcgPpi->TCGPassThroughToTpm(TcgPpi, + PeiServices, + sizeof(SelfTestCmd), + (UINT8*)&SelfTestCmd, + ReturnSize, + (UINT8*)&SelfTestReponse); + + + Status = TpmPpi->Close(TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + return Status; +} + + + + +//********************************************************************** +// +// +// Procedure: TcgPeiTpmStartup +// +// Description: Sends Initial TPM Startup Command +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// IN EFI_BOOT_MODE BootMode +// +// Output: EFI STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS + TcgPeiTpmStartup( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_BOOT_MODE BootMode ) +{ + EFI_STATUS Status; + TPM_1_2_CMD_STARTUP cmdStartup; + TPM_1_2_RET_HEADER retHeader; + TPM_STARTUP_TYPE TpmSt; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + TCG_PLATFORM_SETUP_INTERFACE *TcgPeiPolicy = NULL; + EFI_GUID gTcgPeiPolicyGuid =\ + TCG_PLATFORM_SETUP_PEI_POLICY_GUID; + TCG_CONFIGURATION ConfigFlags; + EFI_HOB_GUID_TYPE *ptrTpm20Hob; + UINT8 Tpm20Device = FALSE; + + TpmSt = TPM_ST_CLEAR; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTcgPeiPolicyGuid, + 0, NULL, + &TcgPeiPolicy); + + if(EFI_ERROR(Status) || TcgPeiPolicy == NULL )return Status; + + Status = TcgPeiPolicy->getTcgPeiPolicy(PeiServices, &ConfigFlags); + + if(EFI_ERROR(Status))return Status; + + if(ConfigFlags.DisallowTpm == 1) + { + BootMode = BOOT_IN_RECOVERY_MODE; //deactivate the TPM + } + + if ( BootMode == BOOT_ON_S3_RESUME ) + { + TpmSt = TPM_ST_STATE; + } + +#if (TCG_CONVENTIONAL_BIOS_6_1) + + if ( BootMode == BOOT_IN_RECOVERY_MODE ) + { + TpmSt = TPM_ST_DEACTIVATED; + } +#endif + + Status = LocateTcgPpi(PeiServices,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + cmdStartup.Header.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdStartup.Header.ParamSize = TPM_H2NL( sizeof (cmdStartup)); + cmdStartup.Header.Ordinal = TPM_H2NL( TPM_ORD_Startup ); + cmdStartup.StartupType = TPM_H2NS( TpmSt ); + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + PeiServices, + sizeof (cmdStartup), + (UINT8*)&cmdStartup, + sizeof (retHeader), + (UINT8*)&retHeader); + + PEI_TRACE((-1, PeiServices, + "Tcg Startup Command Return Code: size: %x; retCode:%x; tag:%x; bytes %08x\n", + TPM_H2NL(retHeader.ParamSize ), + TPM_H2NL(retHeader.RetCode ), + (UINT32) + TPM_H2NS(retHeader.Tag ))); + + if ( retHeader.ParamSize == 0 ) + { + return EFI_DEVICE_ERROR; + + }else if(retHeader.RetCode != 0){ + //up till this point we do not know if it is a 1.2 device or + //a 2.0 device possibly a TPM 20 device send StartupCmd for TPM 20 + Status = Tpm20PeiSendStartup(PeiServices); + if(!EFI_ERROR(Status)){ + //TPM 2.0 device using TIS interface create TPM20 hob + Status = TcgPeiBuildHobGuid( PeiServices, + &Tpm20Hobguid, + sizeof (UINT8), + &ptrTpm20Hob ); + + ASSERT_PEI_ERROR( PeiServices, Status ); + ptrTpm20Hob++; + Tpm20Device = TRUE; + (*PeiServices)->CopyMem( ptrTpm20Hob, &Tpm20Device, sizeof (Tpm20Device)); + + Status = (*PeiServices)->InstallPpi( PeiServices, &mTpm20SupportList[0] ); + if ( EFI_ERROR( Status )) + { + return EFI_UNLOAD_IMAGE; + } + } + } + Status = TpmPpi->Close(TpmPpi, PeiServices ); + if (EFI_ERROR( Status )){ + return Status; + } + + return (Status | TPM_H2NL( retHeader.RetCode )); +} + + + + +//********************************************************************** +// +// +// Procedure: TcmPeiStartup +// +// Description: Sends Initial TPM Startup Command +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// IN EFI_BOOT_MODE BootMode +// +// Output: EFI STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +static +EFI_STATUS +__stdcall TcmPeiStartup( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_BOOT_MODE BootMode ) +{ + EFI_STATUS Status; + TPM_1_2_CMD_STARTUP cmdStartup; + TPM_1_2_RET_HEADER retHeader; + TPM_STARTUP_TYPE TpmSt; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCM_PPI *TcgPpi = NULL; + + TpmSt = TPM_ST_CLEAR; + + if ( BootMode == BOOT_ON_S3_RESUME ) + { + TpmSt = TPM_ST_STATE; + } + +#if (TCG_CONVENTIONAL_BIOS_6_1) + + if ( BootMode == BOOT_IN_RECOVERY_MODE ) + { + TpmSt = TPM_ST_DEACTIVATED; + } +#endif + + Status = LocateTcmPpi(PeiServices,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, PeiServices ); + if ( EFI_ERROR( Status )) + { + return Status; + } + + + cmdStartup.Header.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdStartup.Header.ParamSize = TPM_H2NL( sizeof (cmdStartup)); + cmdStartup.Header.Ordinal = TPM_H2NL( TCM_ORD_Startup ); + + cmdStartup.StartupType = TcgCommonH2NS( TpmSt ); + + Status = TcgPpi->TCMPassThroughToTcm( + TcgPpi, + PeiServices, + sizeof (cmdStartup), + (UINT8*)&cmdStartup, + sizeof (retHeader), + (UINT8*)&retHeader); + + + Status = TpmPpi->Close(TpmPpi, PeiServices ); + if (EFI_ERROR( Status )){ + return Status; + } + + PEI_TRACE((-1, PeiServices, + "Tcg Startup Command Return Code: size: %x; retCode:%x; tag:%x; bytes %08x\n", + TPM_H2NL(retHeader.ParamSize ), + TPM_H2NL(retHeader.RetCode ), + (UINT32) + TPM_H2NS(retHeader.Tag ))); + + if ( retHeader.ParamSize == 0 ) + { + return EFI_DEVICE_ERROR; + } + return (Status | TPM_H2NL( retHeader.RetCode )); +} + +//********************************************************************** +// +// +// Procedure: ContinueTPMSelfTest +// +// Description: Executes ContinueSelfTest operation on TPM. Certain TPM +// operation require this operation to be execute before. +// +// Input: IN EFI_PEI_SERVICES **ps +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS ContinueTPMSelfTest( + IN EFI_PEI_SERVICES **ps ) +{ + TPM_1_2_CMD_HEADER cmd; + TPM_1_2_RET_HEADER result; + EFI_STATUS Status; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + AMI_TPM20SUPPORTTYPE_PPI *Tpm20SupportType = NULL; + + Status = (*ps)->LocatePpi( + ps, + &Tpm20Hobguid, + 0, NULL, + &Tpm20SupportType); + + + if(!EFI_ERROR(Status) && Tpm20SupportType!= NULL){ + return (Tpm20PeiSelfTest(ps)); + } + + +#if defined DONT_SEND_SELFTEST_TILL_READY_TO_BOOT && DONT_SEND_SELFTEST_TILL_READY_TO_BOOT == 1 + if(*(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00) == SELF_TEST_VID) + { + return EFI_SUCCESS; + } +#endif + + Status = LocateTcgPpi(ps,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, ps ); + if ( EFI_ERROR( Status )){ + return Status; + } + + cmd.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmd.ParamSize = TPM_H2NL( sizeof (cmd)); + cmd.Ordinal = TPM_H2NL( TPM_ORD_ContinueSelfTest ); + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + ps, + sizeof (cmd), + (UINT8*)&cmd, + sizeof (result), + (UINT8*)&result ); + + PEI_TRACE((-1, ps, "TCG Pei: Self Test : status=%x; RetCode=%x\n", Status, + TPM_H2NL( result.RetCode ))); + + Status = TpmPpi->Close(TpmPpi, ps ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + else if ( result.RetCode != 0 ) + { + return EFI_DEVICE_ERROR; + } + + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: ContinueTCMSelfTest +// +// Description: Executes ContinueSelfTest operation on TPM. Certain TPM +// operation require this operation to be execute before. +// +// Input: IN EFI_PEI_SERVICES **ps +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** + +EFI_STATUS ContinueTCMSelfTest( + IN EFI_PEI_SERVICES **ps ) +{ + TPM_1_2_CMD_HEADER cmd; + TPM_1_2_RET_HEADER result; + EFI_STATUS Status; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + + + Status = LocateTcgPpi(ps,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + Status = TpmPpi->Init(TpmPpi, ps ); + if ( EFI_ERROR( Status )){ + return Status; + } + + cmd.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmd.ParamSize = TPM_H2NL( sizeof (cmd)); + cmd.Ordinal = TPM_H2NL(TCM_ORD_ContinueSelfTest ); + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + ps, + sizeof (cmd), + (UINT8*)&cmd, + sizeof (result), + (UINT8*)&result ); + + PEI_TRACE((-1, ps, "TCG Pei: Self Test : status=%x; RetCode=%x\n", Status, + TPM_H2NL( result.RetCode ))); + + Status = TpmPpi->Close(TpmPpi, ps ); + + if ( EFI_ERROR( Status )) + { + return Status; + } + + if ( result.RetCode != 0 ) + { + return EFI_DEVICE_ERROR; + } + + return EFI_SUCCESS; +} + + + +//********************************************************************** +// +// +// Procedure: SendStartupandSelftest +// +// Description: This function performs TPM MA initialization +// +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader +// IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS SendStartupandSelftest( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_BOOT_MODE BootMode +) +{ + EFI_STATUS Status; + EFI_GUID SkipTpmStartupGuid = AMI_SKIP_TPM_STARTUP_GUID; + BOOLEAN SkipTpmStartup = FALSE; + AMI_TCG_PEI_FUNCTION_OVERRIDE_PPI *PpiOverride; + TCG_PLATFORM_SETUP_INTERFACE *TcgPeiPolicy = NULL; + EFI_GUID gTcgPeiPolicyGuid =\ + TCG_PLATFORM_SETUP_PEI_POLICY_GUID; + TCG_CONFIGURATION ConfigFlags; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &SkipTpmStartupGuid, + 0, NULL, + &PpiOverride); + + if(!EFI_ERROR(Status)) { + SkipTpmStartup = TRUE; + } + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gTcgPeiPolicyGuid, + 0, NULL, + &TcgPeiPolicy); + + if(EFI_ERROR(Status) || TcgPeiPolicy == NULL )return Status; + + Status = TcgPeiPolicy->getTcgPeiPolicy(PeiServices, &ConfigFlags); + + if(EFI_ERROR(Status))return Status; + + if(ConfigFlags.DisallowTpm == 1) + { + BootMode = BOOT_IN_RECOVERY_MODE; //deactivate the TPM + Status = TcgPeiTpmStartup( PeiServices, BootMode ); + return Status; + } + + if(!AutoSupportType()){ + if (!SkipTpmStartup) { + Status = TcgPeiTpmStartup( PeiServices, BootMode ); + if(Status){ + //sartup command failed + return EFI_DEVICE_ERROR; + } + } + + Status = ContinueTPMSelfTest( PeiServices ); + if(Status){ + //Selftest command failed + return EFI_DEVICE_ERROR; + } + }else{ + Status = TcmPeiStartup( PeiServices, BootMode ); + if(Status){ + //sartup command failed + return EFI_DEVICE_ERROR; + } + + Status = ContinueTCMSelfTest( PeiServices ); + if(Status){ + //selftest command failed + return EFI_DEVICE_ERROR; + } + } + return Status; +} + + + + + + + + +//********************************************************************** +// +// +// Procedure: TCGPEI_GETCAP +// +// Description: Executes TPM operation to read capabilities +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: TPM_Capabilities_PermanentFlag +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TPM_Capabilities_PermanentFlag INTTCGPEI_GETCAP( + IN EFI_PEI_SERVICES **PeiServices ) +{ + TPM_Capabilities_PermanentFlag *cap = NULL; + EFI_STATUS Status; + TPM_GetCapabilities_Input cmdGetCap; + UINT8 result[0x100]; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + EFI_GUID TcgPpiguid = PEI_TCG_PPI_GUID; + EFI_GUID TpmDevicePpiguid = PEI_TPM_PPI_GUID; + + cmdGetCap.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetCap.ParamSize = TPM_H2NL( sizeof (cmdGetCap)); + cmdGetCap.CommandCode = TPM_H2NL( TPM_ORD_GetCapability ); + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_FLAG ); + cmdGetCap.subCapSize = TPM_H2NL( 4 ); // subCap is always 32bit long + cmdGetCap.subCap = TPM_H2NL( TPM_CAP_FLAG_PERMANENT ); + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &TpmDevicePpiguid, + 0, NULL, + &TpmPpi); + + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = TpmPpi->Init(TpmPpi, PeiServices); + + if(Status){ + MemSet(result,sizeof(TPM_Capabilities_PermanentFlag), 0); + cap = (TPM_Capabilities_PermanentFlag*)result; + return *cap; + } + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &TcgPpiguid, + 0, NULL, + &TcgPpi); + + ASSERT_PEI_ERROR( PeiServices, Status ); + + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + PeiServices, + sizeof(cmdGetCap), + (UINT8*)&cmdGetCap, + 0x100, + result ); + + cap = (TPM_Capabilities_PermanentFlag*)result; + + PEI_TRACE((-1, PeiServices, + "GetCapability: %r; size: %x; retCode:%x; tag:%x; bytes %08x\n", + Status,TPM_H2NL( cap->ParamSize ), TPM_H2NL(cap->RetCode ), + (UINT32)TPM_H2NS(cap->tag ), TPM_H2NL( *(UINT32*)&cap->disabled ))); + + + Status = TpmPpi->Close(TpmPpi, PeiServices); + + return *cap; +} + + + +//********************************************************************** +// +// +// Procedure: TCGPEI_GETCAP +// +// Description: Executes TPM operation to read capabilities +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: TPM_Capabilities_PermanentFlag +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TPM_Capabilities_PermanentFlag NuvotonProprietaryGetFlags( + IN EFI_PEI_SERVICES **PeiServices ) +{ + TPM_Capabilities_PermanentFlag cap; + EFI_STATUS Status; + TPM_RQU_COMMAND_HDR cmdGetTpmStatus; + UINT8 result[0x100]; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + EFI_GUID TcgPpiguid = PEI_TCG_PPI_GUID; + EFI_GUID TpmDevicePpiguid = PEI_TPM_PPI_GUID; + + cmdGetTpmStatus.tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetTpmStatus.paramSize = TPM_H2NL( sizeof (TPM_RQU_COMMAND_HDR)); + cmdGetTpmStatus.ordinal = TPM_H2NL( NTC_ORD_GET_TPM_STATUS ); + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &TpmDevicePpiguid, + 0, NULL, + &TpmPpi); + + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = TpmPpi->Init(TpmPpi, PeiServices); + + MemSet(&cap,sizeof(TPM_Capabilities_PermanentFlag), 0); + + if(Status){ + return cap; + } + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &TcgPpiguid, + 0, NULL, + &TcgPpi); + + ASSERT_PEI_ERROR( PeiServices, Status ); + + + Status = TcgPpi->TCGPassThroughToTpm( + TcgPpi, + PeiServices, + sizeof(cmdGetTpmStatus), + (UINT8*)&cmdGetTpmStatus, + 0x100, + result ); + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->RetCode == 0) + { + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isdisabled){ + cap.disabled = 1; + } + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isdeactivated){ + cap.deactivated = 1; + } + + if(((NUVOTON_SPECIFIC_FLAGS *)result)->isOwnerSet){ + cap.ownership = 1; + } + }else{ + cap.RetCode = ((NUVOTON_SPECIFIC_FLAGS *)result)->RetCode; + } + + + Status = TpmPpi->Close(TpmPpi, PeiServices); + + return cap; +} + + + + + + +//********************************************************************** +// +// +// Procedure: TCGPEI_GETCAP +// +// Description: Executes TPM operation to read capabilities +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: TPM_Capabilities_PermanentFlag +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TPM_Capabilities_PermanentFlag TCGPEI_GETCAP( + IN EFI_PEI_SERVICES **PeiServices ) +{ + TPM_PERM_FLAGS *CapPpi; + EFI_GUID guid = AMI_TCG_PERM_FLAGS_GUID; + EFI_STATUS Status; + TPM_Capabilities_PermanentFlag Cap; + EFI_PEI_PPI_DESCRIPTOR *FlagsPpiDesc; + TPM_PERM_FLAGS *FlagsPpi; + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &guid, + 0, + NULL, + &CapPpi); + + + if (EFI_ERROR(Status)){ + // + // Allocate descriptor and PPI structures + Status = (*PeiServices)->AllocatePool (PeiServices, sizeof (EFI_PEI_PPI_DESCRIPTOR), &FlagsPpiDesc); + ASSERT_PEI_ERROR (PeiServices, Status); + (*PeiServices)->SetMem ((VOID*) FlagsPpiDesc, sizeof (EFI_PEI_PPI_DESCRIPTOR), 0); + + Status = (*PeiServices)->AllocatePool (PeiServices, sizeof (TPM_PERM_FLAGS), &FlagsPpi); + ASSERT_PEI_ERROR (PeiServices, Status); + (*PeiServices)->SetMem ((VOID*) FlagsPpi, sizeof (TPM_PERM_FLAGS), 0); + + Cap = INTTCGPEI_GETCAP( PeiServices ); + (*PeiServices)->CopyMem(&FlagsPpi->Capabilities, &Cap, sizeof(TPM_Capabilities_PermanentFlag)); + + FlagsPpiDesc->Flags = EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST; + FlagsPpiDesc->Ppi = FlagsPpi; + + FlagsPpiDesc->Guid = &Descguid; + Status = (**PeiServices).InstallPpi (PeiServices, FlagsPpiDesc); + ASSERT_PEI_ERROR (PeiServices, Status); + + return Cap; + } + else{ + return CapPpi->Capabilities; + } +} + + +//********************************************************************** +// +// +// Procedure: TCGPEI_GETCAP +// +// Description: Executes TPM operation to read capabilities +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: TPM_Capabilities_PermanentFlag +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +TCM_Capabilities_PermanentFlag TCMPEI_GETCAP( + IN EFI_PEI_SERVICES **PeiServices ) +{ + TCM_Capabilities_PermanentFlag * cap = NULL; + EFI_STATUS Status; + TPM_GetCapabilities_Input cmdGetCap; + UINT8 result[0x100]; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCM_PPI *TcgPpi = NULL; + + + cmdGetCap.Tag = TPM_H2NS( TPM_TAG_RQU_COMMAND ); + cmdGetCap.ParamSize = TPM_H2NL( sizeof (cmdGetCap)); + cmdGetCap.CommandCode = TPM_H2NL( TCM_ORD_GetCapability ); + + cmdGetCap.caparea = TPM_H2NL( TPM_CAP_FLAG ); + cmdGetCap.subCapSize = TPM_H2NL( 4 ); // subCap is always 32bit long + cmdGetCap.subCap = TPM_H2NL( TPM_CAP_FLAG_PERMANENT ); + + Status = LocateTcmPpi(PeiServices, &TpmPpi, &TcgPpi); + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = TpmPpi->Init(TpmPpi, PeiServices ); + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = TcgPpi->TCMPassThroughToTcm( + TcgPpi, + PeiServices, + sizeof(cmdGetCap), + (UINT8*)&cmdGetCap, + 0x100, + result ); + + cap = (TCM_Capabilities_PermanentFlag*)result; + + PEI_TRACE((-1, PeiServices, + "GetCapability: %r; size: %x; retCode:%x; tag:%x; bytes %08x\n", + Status,TPM_H2NL( cap->ParamSize ), TPM_H2NL(cap->RetCode ), + (UINT32)TPM_H2NS(cap->tag ), TPM_H2NL( *(UINT32*)&cap->disabled ))); + + Status = TpmPpi->Close(TpmPpi, PeiServices ); + ASSERT_PEI_ERROR( PeiServices, Status ); + + return *cap; +} + + + + + + +//********************************************************************** +// +// +// Procedure: MeasureCRTMVersion +// +// Description: Measures EFI CRTM Version +// Demo Version[546BFB1E1D0C4055A4AD4EF4BF17B83A] +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS + MeasureCRTMVersion( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_TCG_PCR_EVENT TcgEvent; + UINT32 EventNum; + UINTN Len = sizeof(EFI_GUID); + EFI_GUID CrtmVersion = CRTM_GUID; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCG_PPI *TcgPpi = NULL; + EFI_STATUS Status; + + TcgEvent.Header.PCRIndex = PCRi_CRTM_AND_POST_BIOS; + TcgEvent.Header.EventType = EV_S_CRTM_VERSION; + TcgEvent.Header.EventDataSize = Len; + + Status = LocateTcgPpi(PeiServices,&TpmPpi, &TcgPpi); + if(EFI_ERROR(Status))return EFI_NOT_FOUND; + + MemCpy( + &TcgEvent.Event.SCrtmVersion, + &CrtmVersion, + Len + ); + + return TcgPpi->TCGHashLogExtendEvent( + TcgPpi, + PeiServices, + (UINT8*)&TcgEvent.Event, + TcgEvent.Header.EventDataSize, + (TCG_PCR_EVENT*)&TcgEvent, + &EventNum + ); +} + + + + +//********************************************************************** +// +// +// Procedure: MeasureTcmCRTMVersion +// +// Description: Measures EFI CRTM Version +// Demo Version[546BFB1E1D0C4055A4AD4EF4BF17B83A] +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS + MeasureTcmCRTMVersion( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_TCM_PCR_EVENT TcmEvent; + UINT32 EventNum; + UINTN Len = sizeof(EFI_GUID); + EFI_GUID CrtmVersion = CRTM_GUID; + PEI_TPM_PPI *TpmPpi = NULL; + PEI_TCM_PPI *TcgPpi = NULL; + EFI_STATUS Status; + + TcmEvent.Header.PCRIndex = PCRi_CRTM_AND_POST_BIOS; + TcmEvent.Header.EventType = EV_S_CRTM_VERSION; + TcmEvent.Header.EventDataSize = Len; + + MemCpy(&TcmEvent.Event.SCrtmVersion, + &CrtmVersion, Len); + + Status = LocateTcmPpi(PeiServices, &TpmPpi, &TcgPpi); + ASSERT_PEI_ERROR( PeiServices, Status ); + + return TcgPpi->TCMHashLogExtendEvent(TcgPpi, + PeiServices, + (UINT8*)&TcmEvent.Event, + TcmEvent.Header.EventDataSize, + (TCM_PCR_EVENT*)&TcmEvent, + &EventNum); +} + + + +//********************************************************************** +// +// +// Procedure: MeasureTCGPcClientSpecID +// +// Description: Includes a measurement of the TcgSpecID into PCR[0] +// +// +// Input: IN PEI_TCG_PPI* tcg, +// IN EFI_PEI_SERVICES **ps +// +// Output: +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureTCGPcClientSpecID( + IN EFI_PEI_SERVICES **ps, + IN PEI_TCG_PPI *tcg ) +{ + TCG_PCR_EVENT ev; + TCG_PCClientSpecIDEventStruct TcgInfo; + TCG_VendorInfoStruct TcgVenInfo; + UINT32 n; + EFI_STATUS status; + UINT8 i = 0, times = 0; + + PEI_TRACE((-1, ps, "TCG Pei: TCG_PcClientSpecID\n")); + + MemCpy( + TcgVenInfo.TCGBIOSVENDOR, + TCG_BIOS_VENDOR, + sizeof(TcgVenInfo.TCGBIOSVENDOR)); + + MemCpy( + TcgVenInfo.TCGOEMID, + TCG_OEM_ID, + sizeof(TcgVenInfo.TCGOEMID)); + + //fill in pc-client spec id + TcgInfo.PlatformClass = TCG_PLATFORM_CLASS; + TcgInfo.BIOSTypeInterface = TCG_BIOS_TYPE_INTERFACE; + TcgInfo.BIOSTypeMapping = TCG_BIOS_TYPE_MAPPING; + TcgInfo.SpecVersionMajor = TCG_SPEC_VERSION_MAJOR; + TcgInfo.SpecVersionMinor = TCG_SPEC_VERSION_MINOR; + TcgInfo.SpecErrata = TCG_SPEC_ERRATA; + TcgInfo.Reserved = 0x00; + TcgInfo.VendorInfo = &TcgVenInfo; + TcgInfo.VendorInfoSize = sizeof(TcgInfo.VendorInfo ); + + + ev.PCRIndex = PCRi_CRTM_AND_POST_BIOS; + ev.EventType = EV_SPECIFICATION_IDENTIFIER; + ev.EventSize = sizeof (TcgInfo); + ev.Event[0] = *(UINT8*)&TcgInfo; + +M_TRY_AGAIN: + status = tcg->TCGHashLogExtendEvent(tcg, + ps, + (UINT8*)&TcgInfo, + sizeof(TcgInfo), + &ev, + &n ); + + if ( EFI_ERROR( status )) + { + if ( status == EFI_NOT_READY ) + { + i = 0; + do + { + i++; + } while ( i < 200 ); + + if ( times > 0x2 ) + { + PEI_TRACE((-1, ps,"xTcgPei::Could not measure PC_CLIENTSPECID \n")); + goto M_TRY_DONE; + } + times++; + goto M_TRY_AGAIN; + } + } +M_TRY_DONE: + return status; +} + + + + + + + + +//********************************************************************** +// +// +// Procedure: MeasureDxeCoreFwVol +// +// Description: Measures the firmware volume as a EV_POST_CODE event +// +// +// Input: IN PEI_TCG_PPI* tcg, +// IN EFI_PEI_SERVICES **ps, +// IN EFI_FIRMWARE_VOLUME_HEADER *fwv +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS MeasureDxeCoreFwVol( + IN PEI_TCG_PPI * tcg, + IN EFI_PEI_SERVICES **ps, + IN EFI_FIRMWARE_VOLUME_HEADER *fwv ) +{ + PEI_EFI_POST_CODE ev; + UINT32 n; + EFI_STATUS status; + void *Context = NULL;; + + + PEI_TRACE((-1, ps, "TCG Pei: measure FwMain: at %x size %d\n", fwv, + fwv->FvLength)); + + ev.Header.PCRIndex = PCRi_CRTM_AND_POST_BIOS; + ev.Header.EventType = EV_POST_CODE; + ev.Header.EventDataSize = sizeof (EFI_TCG_EV_POST_CODE); + ev.Event.PostCodeAddress = (EFI_PHYSICAL_ADDRESS)FV_MAIN_BASE; + +#if PARTIALLY_MEASURE_FVMAIN == 1 + #if x64_BUILD + ev.Event.PostCodeLength = (UINT64)TCG_FV_MAIN_SIZE; + #else + ev.Event.PostCodeLength = (UINTN)TCG_FV_MAIN_SIZE; + #endif +#else +#if defined x64_BUILD && x64_BUILD == 1 + ev.Event.PostCodeLength = (UINT64)fwv->FvLength; +#else + ev.Event.PostCodeLength = (UINTN)fwv->FvLength; +#endif +#endif + status = tcg->TCGHashLogExtendEvent( tcg, ps, (UINT8*)fwv, + (UINT32)ev.Event.PostCodeLength, + (TCG_PCR_EVENT*)&ev, &n ); + + return status; + +} + + + +//********************************************************************** +// +// +// Procedure: TcmMeasureDxeCoreFwVol +// +// Description: Measures the firmware volume as a EV_POST_CODE event +// +// +// Input: IN PEI_TCM_PPI* tcg, +// IN EFI_PEI_SERVICES **ps, +// IN EFI_FIRMWARE_VOLUME_HEADER *fwv +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS TCMMeasureDxeCoreFwVol( + IN PEI_TCM_PPI * tcg, + IN EFI_PEI_SERVICES **ps, + IN EFI_FIRMWARE_VOLUME_HEADER *fwv ) +{ + TCM_PEI_EFI_POST_CODE tcmev; + UINT32 n; + EFI_STATUS status; + TCG_DIGEST TempDigest; + void *Context = NULL;; + + + PEI_TRACE((-1, ps, "TCG Pei: measure FwMain: at %x size %d\n", fwv, + fwv->FvLength)); + + tcmev.Header.PCRIndex = PCRi_CRTM_AND_POST_BIOS; + tcmev.Header.EventType = EV_POST_CODE; + tcmev.Header.EventDataSize = sizeof (EFI_TCG_EV_POST_CODE ); + + SHA1HashAll( Context, fwv, (UINTN)fwv->FvLength, &TempDigest ); + + tcmev.Event.PostCodeAddress = (EFI_PHYSICAL_ADDRESS)&TempDigest; +#if x64_BUILD + tcmev.Event.PostCodeLength = (UINT64)TPM_SHA1_160_HASH_LEN; +#else + tcmev.Event.PostCodeLength = (UINTN)TPM_SHA1_160_HASH_LEN; +#endif + + status = tcg->TCMHashLogExtendEvent( tcg, ps, (UINT8*)&TempDigest, + (UINT32)tcmev.Event.PostCodeLength, + (TCM_PCR_EVENT*)&tcmev, &n ); + + return status; +} + + + + + + +//********************************************************************** +// +// +// Procedure: Lock_TPMPhysicalPresence +// +// Description: check whether to Lock TPM physical Presence +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +BOOLEAN Lock_TPMPhysicalPresence( + IN EFI_PEI_SERVICES **PeiServices ) +{ + EFI_GUID gAmiTcgEfiOSVarguid + = AMI_TCG_EFI_OS_VARIABLE_GUID; + UINTN OSVarSize = sizeof(AMI_PPI_NV_VAR); + UINT32 Attribs = EFI_VARIABLE_NON_VOLATILE + | EFI_VARIABLE_BOOTSERVICE_ACCESS; + UINTN Size = sizeof(UINT8); + UINTN INTSize = sizeof(UINT32); + UINT32 OwnerCap = 0; + EFI_GUID peiTcgEfiGlobalVariableGuid \ + = TCG_EFI_GLOBAL_VARIABLE_GUID; + TCG_PLATFORM_SETUP_INTERFACE *TcgPeiPolicy = NULL; + EFI_GUID gTcgPeiPolicyGuid =\ + TCG_PLATFORM_SETUP_PEI_POLICY_GUID; +#if MANUFACTURING_MODE_SUPPORT + EFI_STATUS Status; + EFI_PEI_READ_ONLY_VARIABLE2_PPI *ReadVariable2Ppi; + EFI_GUID TcgManufacturingModeGuid = AMI_TCG_MANUFACTURING_MODE_HOB_GUID; + EFI_HOB_GUID_TYPE *TcgManufacturingModeHob; + BOOLEAN ManufacturingModeVar = FALSE; +#endif + +#if MANUFACTURING_MODE_SUPPORT + Status = (*PeiServices)->LocatePpi(PeiServices, + &gEfiPeiReadOnlyVariable2PpiGuid, + 0, + NULL, + &ReadVariable2Ppi); + + ASSERT_PEI_ERROR(PeiServices, Status); + if(!EFI_ERROR(Status)){ + if(IsMfgMode(PeiServices, ReadVariable2Ppi)){ + + ManufacturingModeVar = TRUE; + Status = TcgPeiBuildHobGuid(PeiServices, + &TcgManufacturingModeGuid, + sizeof (BOOLEAN), + &TcgManufacturingModeHob ); + + TcgManufacturingModeHob++; + (*PeiServices)->CopyMem( TcgManufacturingModeHob, &ManufacturingModeVar, sizeof (ManufacturingModeVar)); + + return FALSE; + } + } +#endif + return FALSE; +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/LEGX16.bin b/Board/EM/TCG2/Common/LEGX16.bin new file mode 100644 index 0000000..8dd33df Binary files /dev/null and b/Board/EM/TCG2/Common/LEGX16.bin differ diff --git a/Board/EM/TCG2/Common/MPTPM.bin b/Board/EM/TCG2/Common/MPTPM.bin new file mode 100644 index 0000000..a301a53 Binary files /dev/null and b/Board/EM/TCG2/Common/MPTPM.bin differ diff --git a/Board/EM/TCG2/Common/Setup/HandleLoadDefaultsSetup.c b/Board/EM/TCG2/Common/Setup/HandleLoadDefaultsSetup.c new file mode 100644 index 0000000..e4a2cbb --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/HandleLoadDefaultsSetup.c @@ -0,0 +1,141 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/HandleLoadDefaultsSetup.c 2 6/11/14 4:16p Fredericko $ +// +// $Revision: 2 $ +// +// $Date: 6/11/14 4:16p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/HandleLoadDefaultsSetup.c $ +// +// 2 6/11/14 4:16p Fredericko +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 1 11/22/11 6:41p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Separate out how load defaults are handled in setup +// from the TpmPwd.c +// [Files] 1. HandleLoadDefaultsSetup.c +// 2. TcgSetup.cif +// 3. TcgSetup.mak +// 4. TpmPwd.c +// +//********************************************************************** +//************************************************************************* +// +// +// Name: TPMPwd.c +// +// Description: +// Contains functions that handle TPM authentication +// +// +//************************************************************************* + +#include "token.h" +#include +#include +#include +#include "HiiLib.h" +#include "KeyMon.h" +#include "Core\EM\AMITSE\Inc\Variable.h" +#include "TcgPlatformSetupPolicy.h" + +#if EFI_SPECIFICATION_VERSION>0x20000 && !defined(GUID_VARIABLE_DEFINITION) + #include "Include\UefiHii.h" + #include "Protocol/HiiDatabase.h" + #include "Protocol/HiiString.h" +#else + #include "Protocol/HII.h" +#endif + +extern EFI_BOOT_SERVICES *gBS; +extern EFI_SYSTEM_TABLE *gST; +extern EFI_RUNTIME_SERVICES *gRT; + + +//**************************************************************************************** +// +// +// Procedure: TcgUpdateDefaultsHook +// +// Description: Updates TCG status on F3 +// +// Input: VOID +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +VOID TcgUpdateDefaultsHook(VOID ) +{ + EFI_STATUS Status; + SETUP_DATA SetupData; + TCG_PLATFORM_SETUP_PROTOCOL *ProtocolInstance; + EFI_GUID Policyguid = TCG_PLATFORM_SETUP_POLICY_GUID; + + //for OEMS that might want to update some policy on loaddefaults + //they need to update the policy on load defaults before this function is run + Status = gBS->LocateProtocol (&Policyguid, NULL, &ProtocolInstance); + if (EFI_ERROR (Status) || ProtocolInstance == NULL) { + return; + } + + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmSupport - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmSupport ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TcmSupport - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TcmSupport ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmEnable - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmEnable ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmAuthenticate - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmAuthenticate ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmOperation - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmOperation ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmHrdW - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmHardware ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmEnaDisable - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmEnaDisable ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmActDeact - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmActDeact ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmOwnedUnowned - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmOwnedUnowned ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TcgSupportEnabled - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TcgSupportEnabled ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.TpmError - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.TpmError ); + Status = VarSetValue(0, (UINT32)(((UINTN)&SetupData.SuppressTcg - (UINTN)&SetupData)), (UINTN)sizeof(UINT8), &ProtocolInstance->ConfigFlags.DisallowTpm ); + +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Setup/TPMPwd.c b/Board/EM/TCG2/Common/Setup/TPMPwd.c new file mode 100644 index 0000000..07cd976 --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TPMPwd.c @@ -0,0 +1,346 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** +// $Header: /Alaska/Projects/Intel/Haswell/LynxPoint_SharkBay-DT_Crb_1AQQW/Board/EM/TCG2/Common/Setup/TPMPwd.c 1 7/08/15 4:25a Chienhsieh $ +// +// $Revision: 1 $ +// +// $Date: 7/08/15 4:25a $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/Projects/Intel/Haswell/LynxPoint_SharkBay-DT_Crb_1AQQW/Board/EM/TCG2/Common/Setup/TPMPwd.c $ +// +// 1 7/08/15 4:25a Chienhsieh +// +// 2 6/11/14 4:15p Fredericko +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 7 10/22/12 1:21a Jittenkumarp +// [TAG] EIP100790 +// [Category] Improvement +// [Description] ActivateApplication in AMITSE delayed if the SoftKbd +// support enabled thereforTPM Message are not displayed +// [Files] AmiTcgPlatformDxe.c, TCG.sdl, TPMPwd.c , AmiTcgPlatform.sdl +// +// 6 11/22/11 6:45p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Separate out how load defaults are handled in setup +// from the TpmPwd.c +// [Files] 1. HandleLoadDefaultsSetup.c +// 2. TcgSetup.cif +// 3. TcgSetup.mak +// 4. TpmPwd.c +// +// 5 10/07/11 6:55p Fredericko +// +// 4 9/03/11 8:07p Fredericko +// +// 3 8/26/11 2:59p Fredericko +// [TAG] EIP67286 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] Tpm strings will not update probably when load optimize +// defaults is selected in setup +// [RootCause] Tcgsetup.sd did not account for F3 from setup +// [Solution] Fix TcgSetup.sd to update setup that status information +// for TPM will be available after reset. +// [Files] Tcg.sdl, TPMPwd.c, TcgSetup.sd, TcgSetup.uni +// +// 2 3/29/11 1:26p Fredericko +// +// 1 3/28/11 2:58p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// 7 8/09/10 2:32p Fredericko +// UEFI 2.1 changes +// +// 6 5/19/10 6:25p Fredericko +// Updated AMI Function Headers +// Code Beautification +// EIP 37653 +// +// 5 6/02/09 1:18p Fredericko +// +// 4 4/30/09 6:27p Fredericko +// Updated Header Date +// +// 3 4/30/09 5:47p Fredericko +// AMI company Header Address added +// +// 2 10/01/07 5:33p Fasihm +// Corrected the directive for AMIPostMgr.h to point to the correct +// location. +// +// 1 8/09/07 11:35a Pats +// Added to support password authentication. Requires TSE with capability +// of replacing ProcessConInAvailability through elinks. +// +//********************************************************************** +//************************************************************************* +// +// +// Name: TPMPwd.c +// +// Description: +// Contains functions that handle TPM authentication +// +// +//************************************************************************* + +#include "token.h" +#include +#include +#include +#include +#include "AMITSEStrTokens.h" +#include "commonoem.h" +#include "Protocol\AMIPostMgr.h" +#include "LogoLib.h" +#include "Mem.h" +#include "HiiLib.h" +#include "PwdLib.h" +#include "KeyMon.h" +#include "bootflow.h" +#include "commonoem.h" +#include "Core\EM\AMITSE\Inc\Variable.h" +#include "TcgPlatformSetupPolicy.h" + +#if EFI_SPECIFICATION_VERSION>0x20000 && !defined(GUID_VARIABLE_DEFINITION) + #include "Include\UefiHii.h" + #include "Protocol/HiiDatabase.h" + #include "Protocol/HiiString.h" +#else + #include "Protocol/HII.h" +#endif + +#if TPM_PASSWORD_AUTHENTICATION +#define TCG_PASSWORD_AUTHENTICATION_GUID \ + {0xB093BDD6, 0x2DE2, 0x4871, 0x87, 0x68, 0xEE, 0x1D, 0xA5, 0x72, 0x49, 0xB4 } +EFI_GUID TcgPasswordAuthenticationGuid = TCG_PASSWORD_AUTHENTICATION_GUID; +#endif + +extern EFI_BOOT_SERVICES *gBS; +extern EFI_SYSTEM_TABLE *gST; +extern EFI_RUNTIME_SERVICES *gRT; + + +typedef struct +{ UINT16 VID; + UINT16 DID; +} TCM_ID_STRUC; + + +TCM_ID_STRUC TCMSupportedArray[NUMBER_OF_SUPPORTED_TCM_DEVICES]={ + {SUPPORTED_TCM_DEVICE_1_VID,SUPPORTED_TCM_DEVICE_1_DID}, //ZTEIC + {SUPPORTED_TCM_DEVICE_2_VID,SUPPORTED_TCM_DEVICE_2_DID} //ZTEIC2 +}; + + + +//**************************************************************************************** +// +// +// Procedure: TCGProcessConInAvailability +// +// Description: This is a replacement for the ProcessConInAvailability +// hook in TSE, to provide password verification in the +// TCG eModule. +// This function is a hook called when TSE determines +// that console is available. This function is available +// as ELINK. In the generic implementation boot password +// is prompted in this function. +// +// +// Input: VOID +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +BOOLEAN TCGProcessConInAvailability ( + EFI_EVENT Event, + VOID *Context ) +{ + CHAR16 *text = NULL; + UINTN NoOfRetries; + UINT32 PasswordInstalled = AMI_PASSWORD_NONE; + UINTN Index; + EFI_INPUT_KEY Key; + BOOLEAN bScreenUsed = FALSE; + UINTN VariableSize = sizeof(UINT32); + UINT32 VariableData; + BOOLEAN PasswordRequest = FALSE; + EFI_GUID TcgEfiGlobalVariableGuid = TCG_EFI_GLOBAL_VARIABLE_GUID; + EFI_STATUS Status; + + Status = gRT->GetVariable( + L"AskPassword", + &TcgEfiGlobalVariableGuid, + NULL, + &VariableSize, + &VariableData + ); + + if ( VariableData == 0x58494d41 ) // "AMIX" + { + PasswordRequest = TRUE; + } + + PasswordInstalled = PasswordCheckInstalled( ); + NoOfRetries = 3; + + #if SETUP_USER_PASSWORD_POLICY + + if ((PasswordInstalled & AMI_PASSWORD_USER) || (PasswordRequest)) + { + #else + + if ((PasswordInstalled & AMI_PASSWORD_ANY) || (PasswordRequest)) + { + #endif + + bScreenUsed = TRUE; + + if ( AMI_PASSWORD_NONE == + CheckSystemPassword( AMI_PASSWORD_NONE, &NoOfRetries, NULL )) + { + while ( 1 ) + { + //Patch + //Ctl-Alt-Del is not recognized by core unless a + //ReadKeyStroke is issued + gBS->WaitForEvent( 1, &(gST->ConIn->WaitForKey), &Index ); + gST->ConIn->ReadKeyStroke( gST->ConIn, &Key ); + } + } + } + + return bScreenUsed; +} + + + +//********************************************************************** +// +// +// Procedure: AutoSupportType +// +// Description: verifies support for a TCM module on a platform +// +// Input: NONE +// +// Output: BOOLEAN +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +extern +BOOLEAN +__stdcall AutoSupportType () +{ +#if TCG_LEGACY == 0 + UINTN i=0; + + for(i=0;i<(sizeof(TCMSupportedArray)/sizeof(TCM_ID_STRUC));i++){ + if((TCMSupportedArray[i].VID == *(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF00)) && + (TCMSupportedArray[i].DID == *(UINT16 *)(UINTN)(PORT_TPM_IOMEMBASE + 0xF02))){ + return TRUE; + } + } +#endif + return FALSE; +} + +//**************************************************************************************** +// +// +// Procedure: PasswordAuthentication +// +// Description: This function is available as ELINK. In will create a Event for password +// authenication +// +// +// Input: VOID +// +// Output: +// Notes: +// +//**************************************************************************************** + +VOID PasswordAuthentication( VOID ) +{ + EFI_STATUS Status; + VOID *Registration; + EFI_EVENT Event; + + Status = gBS->CreateEvent ( + EVT_NOTIFY_SIGNAL, + TPL_CALLBACK, + TCGProcessConInAvailability, + NULL, + &Event + ); + if(EFI_ERROR(Status)) { + return ; + } + + Status = gBS->RegisterProtocolNotify ( + &TcgPasswordAuthenticationGuid, + Event, + &Registration + ); + if(EFI_ERROR(Status)) { + return ; + } + +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.c b/Board/EM/TCG2/Common/Setup/TcgSetup.c new file mode 100644 index 0000000..38d9ed3 --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetup.c @@ -0,0 +1,67 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.c 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.c $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 1:24p Fredericko +// +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//********************************************************************** +// +// +// Name: TcgSetup.c +// +// Description: +// +// +// +//********************************************************************** + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.cif b/Board/EM/TCG2/Common/Setup/TcgSetup.cif new file mode 100644 index 0000000..5f7509f --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetup.cif @@ -0,0 +1,15 @@ + + name = "TcgSetup" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common\Setup" + RefName = "TcgSetup" +[files] +"TcgSetup.sdl" +"TcgSetup.mak" +"TcgSetup.c" +"TcgSetup.sd" +"TcgSetup.uni" +"TcgSetupBoard.h" +"TPMPwd.c" +"HandleLoadDefaultsSetup.c" + diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.mak b/Board/EM/TCG2/Common/Setup/TcgSetup.mak new file mode 100644 index 0000000..b95543c --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetup.mak @@ -0,0 +1,123 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.mak 1 4/21/14 2:18p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:18p $ +#********************************************************************** +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.mak $ +# +# 1 4/21/14 2:18p Fredericko +# +# 1 10/08/13 12:05p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:57p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 5 11/22/11 6:44p Fredericko +# [TAG] EIP67286 +# [Category] Improvement +# [Description] Separate out how load defaults are handled in setup +# from the TpmPwd.c +# [Files] 1. HandleLoadDefaultsSetup.c +# 2. TcgSetup.cif +# 3. TcgSetup.mak +# 4. TpmPwd.c +# +# 4 10/07/11 6:54p Fredericko +# +# 3 8/26/11 3:23p Fredericko +# +# 2 3/29/11 1:23p Fredericko +# +# 1 3/28/11 2:57p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# 19 5/19/10 6:20p Fredericko +# Updated AMI copyright header +# Included File Header +# EIP 37653 +# +#************************************************************************* +#********************************************************************** +# +# +# Name: TcgSetup.mak +# +# Description: Make file for the OEM-specific sub-component of TCG +# +# +#********************************************************************** +all: + +$(BUILD_DIR)\TcgSetup.mak : $(TCG_SETUP_DIR)\$(@B).cif $(TCG_SETUP_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TCG_SETUP_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +TPMTSE_CFLAGS=$(CFLAGS) \ + -I $(TSEBIN_DIR)\Inc \ + -I $(TSEBIN_DIR)\ + /I$(TcgPlatformSetupPolicy_DIR)\ + +!IF $(TPM_PASSWORD_AUTHENTICATION) +#--------------------------------------------------------------------------- +# Compile Password customization file +#--------------------------------------------------------------------------- +AMITSEBin : $(BUILD_DIR)\$(TCG_SETUP_DIR)\TPMPwd.obj + +$(BUILD_DIR)\$(TCG_SETUP_DIR)\TPMPwd.obj : $(TCG_SETUP_DIR)\TPMPwd.obj + $(CC) $(TPMTSE_CFLAGS) /Fo$(BUILD_DIR)\$(TCG_SETUP_DIR)\TPMPwd.obj $(TCG_SETUP_DIR)\TPMPwd.c +#--------------------------------------------------------------------------- +!ENDIF + +AMITSEBin : $(BUILD_DIR)\$(TCG_SETUP_DIR)\HandleLoadDefaultsSetup.obj + +$(BUILD_DIR)\$(TCG_SETUP_DIR)\HandleLoadDefaultsSetup.obj : $(TCG_SETUP_DIR)\HandleLoadDefaultsSetup.obj + $(CC) $(TPMTSE_CFLAGS) /Fo$(BUILD_DIR)\$(TCG_SETUP_DIR)\HandleLoadDefaultsSetup.obj $(TCG_SETUP_DIR)\HandleLoadDefaultsSetup.c + +#--------------------------------------------------------------------------- +# Create TCG Setup Screens +#--------------------------------------------------------------------------- +SetupSdbs :$(BUILD_DIR)\TcgSetup.mak TCGSDB + +TCGSDB : + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\TcgSetup.mak all\ + TYPE=SDB NAME=TcgSetup STRING_CONSUMERS=$(TCG_SETUP_DIR)\TcgSetup.sd +#--------------------------------------------------------------------------- + +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.sd b/Board/EM/TCG2/Common/Setup/TcgSetup.sd new file mode 100644 index 0000000..fe83c2d --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetup.sd @@ -0,0 +1,672 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** + +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.sd 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetup.sd $ +// +// 1 4/21/14 2:18p Fredericko +// +// 2 3/17/14 3:22p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 10/03/13 2:45p Fredericko +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 6 9/28/11 6:33p Fredericko +// [TAG] EIPEIP000000 +// [Category] Improvement +// [Description] Provide a way to destroy TPM support without modifying +// SDL token +// [Files] TcgSetup.sd +// +// 5 9/07/11 9:31p Fredericko +// +// 4 8/29/11 6:52p Fredericko +// [TAG] EIP00000 +// [Category] Improvement +// [Description] Tcg Setup Improvement for Tpm status reporting +// [Files] TcgSetup.sd +// +// 3 8/23/11 1:38a Fredericko +// [TAG] EIP48182 +// [Category] Improvement +// [Description] Changes to adopted setup customization. +// [Files] TcgSetup.sd +// +// 19 5/19/10 6:24p Fredericko +// Updated AMI copyright header +// +// 18 4/10/10 9:42p Fredericko +// setup display operations on TPM operations +// +// 17 3/19/10 5:26p Fredericko +// modified for legacy IO interface support +// +// 16 11/09/09 12:08p Fredericko +// Checked in changes for UEFI 2.1. Also backward compatible with UEFI +// 2.0. Please note that tools update might be required. Should build fine +// with Tools Version 28. +// +// 15 4/30/09 6:26p Fredericko +// Updated Header Date +// +// 14 4/30/09 5:46p Fredericko +// AMI company Header Address changed +// +// 13 12/17/08 8:44p Rameshraju +// Tpmenableold variable moved out from the Setup structure. EIP 17549 +// +// 12 8/12/08 12:14p Fasihm +// Added the Manufacturing flag to all the setup questions. +// +// 11 6/25/08 6:23p Fredericko +// TXT related setup questions and information added. +// +// 10 1/04/08 3:51p Fredericko +// Remove #define in Setup variables since it can cause Setup Size +// problems in relation to the compiler +// +// 9 10/08/07 9:21a Fredericko +// +// 7 8/09/07 11:01a Pats +// Modified to support password authentication, and to reset system if TPM +// State is changed. +// +// 6 6/08/07 6:39p Fredericko +// New TPm feature to allow disabling/Enabling TPM support. Status display +// changes. +// +// 5 5/24/07 11:32a Fredericko +// Improve Aesthetic value of TPM module in setup +// +// 4 5/22/07 7:21p Fredericko +// +// 3 5/22/07 4:00p Fredericko +// TPM setup display status feature added +// +// 2 3/12/07 11:46a Fredericko +// Feature: Grayout Setup operation if TCG is disabled in setup. +// +// 1 10/06/06 5:15p Andriyn +// +//********************************************************************** +// +// +// Name: TCG.sd +// +// Description: TCG Form Template +// +// +//********************************************************************** + +#ifdef SETUP_DATA_DEFINITION +/***********************************************************/ +/* Put NVRAM data definitions here. +/* For example: UINT8 Data1; +/* These definitions will be converted by the build process +/* to a definitions of SETUP_DATA fields. +/***********************************************************/ + UINT8 TpmEnable; + UINT8 TpmOperation; + UINT8 TpmEnaDisable; + UINT8 TpmActDeact; + UINT8 TpmOwnedUnowned; + UINT8 TpmSupport; + UINT8 TcgSupportEnabled; + UINT8 TcmSupport; + UINT8 TpmHrdW; + UINT8 TpmAuthenticate; + UINT8 SuppressTcg; + UINT8 TpmError; + UINT8 Tpm20Device; + UINT8 ShaPolicy; +#endif + +#if defined(VFRCOMPILE) && !defined(CONTROLS_ARE_DEFINED) +#define CONTROL_DEFINITION +#endif +#ifdef CONTROL_DEFINITION + +#define TCG_ONEOF_TPMSUPPORT\ + oneof varid = SETUP_DATA.TpmSupport,\ + prompt = STRING_TOKEN(STR_TPM_SUPPORT_PROMPT ),\ + help = STRING_TOKEN(STR_TPMSUPPORT_HELP),\ + option text = STRING_TOKEN(STR_TPM_DISABLE), value = 0, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TPM_ENABLE), value = 1, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + endoneof; + + +#define TCG_ONEOF_TCMSUPPORT\ + oneof varid = SETUP_DATA.TpmSupport,\ + prompt = STRING_TOKEN(STR_TCM_SUPPORT_PROMPT ),\ + help = STRING_TOKEN(STR_TPMSUPPORT_HELP),\ + option text = STRING_TOKEN(STR_TPM_DISABLE), value = 0, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TPM_ENABLE), value = 1, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + endoneof; + +#define TCG_ONEOF_TPMAUTHENTICATE\ + oneof varid = SETUP_DATA.TpmAuthenticate,\ + prompt = STRING_TOKEN(STR_TPM_PASS_PROMPT),\ + help = STRING_TOKEN(STR_TPM_PASS_HELP),\ + option text = STRING_TOKEN(STR_TPM_DISABLE), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + option text = STRING_TOKEN(STR_TPM_ENABLE), value = 1, flags = RESET_REQUIRED;\ + endoneof; + +#define TCG_ONEOF_TPMENABLE\ + oneof varid = SETUP_DATA.TpmEnable,\ + prompt = STRING_TOKEN(STR_TPM_PROMPT),\ + help = STRING_TOKEN(STR_TPM_HELP),\ + option text = STRING_TOKEN(STR_TPM_DISABLED), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + option text = STRING_TOKEN(STR_TPM_ENABLED), value = 1, flags = RESET_REQUIRED;\ + endoneof; + +#define TCG_ONEOF_TCMENABLE\ + oneof varid = SETUP_DATA.TpmEnable,\ + prompt = STRING_TOKEN(STR_TCM_PROMPT),\ + help = STRING_TOKEN(STR_TPM_HELP),\ + option text = STRING_TOKEN(STR_TPM_DISABLED), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + option text = STRING_TOKEN(STR_TPM_ENABLED), value = 1, flags = RESET_REQUIRED;\ + endoneof; + +#define TCG_ONEOF_TPMOPERATION\ + oneof varid = SETUP_DATA.TpmOperation,\ + prompt = STRING_TOKEN(STR_TPMOP_PROMPT),\ + help = STRING_TOKEN(STR_TPMOP_HELP),\ + option text = STRING_TOKEN(STR_TPM_NONE), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + option text = STRING_TOKEN(STR_TPM_OWNER), value = TCPA_PPIOP_OWNER_ON, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TPM_NOOWNER), value = TCPA_PPIOP_OWNER_OFF, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TPM_CLEAR), value = TCPA_PPIOP_CLEAR, flags = RESET_REQUIRED;\ + endoneof; + + +#define TCG_ONEOF_TCMOPERATION\ + oneof varid = SETUP_DATA.TpmOperation,\ + prompt = STRING_TOKEN(STR_TPMOP_PROMPT),\ + help = STRING_TOKEN(STR_TPMOP_HELP),\ + option text = STRING_TOKEN(STR_TPM_NONE), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + option text = STRING_TOKEN(STR_TPM_OWNER), value = TCPA_PPIOP_OWNER_ON, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TPM_NOOWNER), value = TCPA_PPIOP_OWNER_OFF, flags = RESET_REQUIRED;\ + option text = STRING_TOKEN(STR_TCM_CLEAR), value = TCPA_PPIOP_CLEAR, flags = RESET_REQUIRED;\ + endoneof; + +#define TCG_ONEOF_HASHPOLICY\ + oneof varid = SETUP_DATA.ShaPolicy,\ + prompt = STRING_TOKEN(STR_HASHPOLICY),\ + help = STRING_TOKEN(STR_HASHPOLICY_HELP),\ + option text = STRING_TOKEN(STR_SHA1), value = 0, flags = RESET_REQUIRED | MANUFACTURING | DEFAULT;\ + endoneof; + + + +#define TCG_ONEOF_TPMENADISABLE\ + oneof varid = SETUP_DATA.TpmEnaDisable,\ + prompt = STRING_TOKEN(STR_ENABLED_PROMPT),\ + help = STRING_TOKEN(STR_ONOFFSTATE_HELP),\ + option text = STRING_TOKEN(STR_TPMDISABLED), value = 1, flags = DEFAULT | MANUFACTURING;\ + option text = STRING_TOKEN(STR_TPMENABLED), value = 0, flags = 0;\ + endoneof; + +#define TCG_ONEOF_TCMENADISABLE\ + oneof varid = SETUP_DATA.TpmEnaDisable,\ + prompt = STRING_TOKEN(STR_TCM_ENABLED_PROMPT),\ + help = STRING_TOKEN(STR_ONOFFSTATE_HELP),\ + option text = STRING_TOKEN(STR_TPMDISABLED), value = 1, flags = DEFAULT | MANUFACTURING;\ + option text = STRING_TOKEN(STR_TPMENABLED), value = 0, flags = 0;\ + endoneof; + +#define TCG_ONEOF_TPMACTDEACT\ + oneof varid = SETUP_DATA.TpmActDeact,\ + prompt = STRING_TOKEN(STR_ACTIVATE_PROMPT),\ + help = STRING_TOKEN(STR_ONOFFSTATE_HELP),\ + option text = STRING_TOKEN(STR_TPMDEACTIVATED), value = 1, flags = DEFAULT | MANUFACTURING;\ + option text = STRING_TOKEN(STR_TPMACTIVATED), value = 0, flags = 0;\ + endoneof; + +#define TCG_ONEOF_TCMACTDEACT\ + oneof varid = SETUP_DATA.TpmActDeact,\ + prompt = STRING_TOKEN(STR_TCM_ACTIVATE_PROMPT),\ + help = STRING_TOKEN(STR_ONOFFSTATE_HELP),\ + option text = STRING_TOKEN(STR_TPMDEACTIVATED), value = 1, flags = DEFAULT |MANUFACTURING;\ + option text = STRING_TOKEN(STR_TPMACTIVATED), value = 0, flags = 0;\ + endoneof; + +#define TCG_ONEOF_TPMOWNEDUNOWNED\ + oneof varid = SETUP_DATA.TpmOwnedUnowned,\ + prompt = STRING_TOKEN(STR_OWNED_OR_UNOWNED_PROMPT),\ + help = STRING_TOKEN(STR_OWNED_OR_UNOWNED_HELP),\ + option text = STRING_TOKEN(STR_OWNED), value = 1, flags = 0;\ + option text = STRING_TOKEN(STR_UNOWNED), value = 0, flags = DEFAULT | MANUFACTURING;\ + endoneof; + +#define TCG_ONEOF_TCMOWNEDUNOWNED\ + oneof varid = SETUP_DATA.TpmOwnedUnowned,\ + prompt = STRING_TOKEN(STR_TCM_OWNED_OR_UNOWNED_PROMPT),\ + help = STRING_TOKEN(STR_OWNED_OR_UNOWNED_HELP),\ + option text = STRING_TOKEN(STR_OWNED), value = 1, flags = 0;\ + option text = STRING_TOKEN(STR_UNOWNED), value = 0, flags = DEFAULT |MANUFACTURING;\ + endoneof; + +#endif //#ifdef CONTROL_DEFINITION + +#ifdef CONTROLS_WITH_DEFAULTS + TCG_ONEOF_TPMSUPPORT + TCG_ONEOF_TCMSUPPORT + TCG_ONEOF_TPMAUTHENTICATE + TCG_ONEOF_TPMENABLE + TCG_ONEOF_TCMENABLE + TCG_ONEOF_TPMOPERATION + TCG_ONEOF_TCMOPERATION + TCG_ONEOF_TPMENADISABLE + TCG_ONEOF_TCMENADISABLE + TCG_ONEOF_TPMACTDEACT + TCG_ONEOF_TCMACTDEACT + TCG_ONEOF_TPMOWNEDUNOWNED + TCG_ONEOF_TCMOWNEDUNOWNED +#endif //#ifdef CONTROLS_WITH_DEFAULTS + +#ifdef FORM_SET_TYPEDEF + #include + #include +#endif // FORM_SET_TYPEDEF + +#ifdef ADVANCED_FORM_SET + #ifndef SUPPRESS_GRAYOUT_ENDIF //old Core + #define SUPPRESS_GRAYOUT_ENDIF endif; + #endif + + #ifdef FORM_SET_ITEM + // Define controls to be added to the main page of the formset + #endif + + #ifdef FORM_SET_GOTO + // Define goto commands for the forms defined in this file + suppressif ideqval SETUP_DATA.SuppressTcg == 1; + suppressif ideqval SETUP_DATA.Tpm20Device == 1; + goto TCG_FORM_ID, + prompt = STRING_TOKEN(STR_TCG_FORM), + help = STRING_TOKEN(STR_TCG_FORM_HELP); + endif; + suppressif ideqval SETUP_DATA.Tpm20Device == 0; + goto TCG20_FORM_ID, + prompt = STRING_TOKEN(STR_TCG_FORM), + help = STRING_TOKEN(STR_TCG_FORM_HELP); + endif; + endif; + #endif + +#ifdef FORM_SET_FORM + + #ifndef TCG_FORM_TCG + #define TCG_FORM_TCG + + // Define forms + form formid = AUTO_ID(TCG_FORM_ID), + title = STRING_TOKEN(STR_TCG_FORM); + + + SUBTITLE(STRING_TOKEN(STR_TPM_CONFIGURATION)) + +#if TPM_PASSWORD_AUTHENTICATION + + suppressif ideqval SETUP_DATA.TcmSupport == 1; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1; + + TCG_ONEOF_TPMSUPPORT + + SUPPRESS_GRAYOUT_ENDIF // suppress-grayout + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval AMITSESETUP.AdminPassword == 0 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TPMAUTHENTICATE + + SUPPRESS_GRAYOUT_ENDIF // suppress-grayout + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1; + + TCG_ONEOF_TPMENABLE + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1 OR + ideqval SETUP_DATA.TpmActDeact == 1 OR + ideqval SETUP_DATA.TpmEnable == 0; + + TCG_ONEOF_TPMOPERATION + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TcmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1; + + TCG_ONEOF_TCMSUPPORT + + SUPPRESS_GRAYOUT_ENDIF // suppress-grayout + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval AMITSESETUP.AdminPassword == 0 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TPMAUTHENTICATE + + SUPPRESS_GRAYOUT_ENDIF // suppress-grayout + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1; + + TCG_ONEOF_TCMENABLE + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER AND + ideqval SETUP_DATA.TpmAuthenticate == 1 OR + ideqval SETUP_DATA.TpmActDeact == 1 OR + ideqval SETUP_DATA.TpmEnable == 0; + + TCG_ONEOF_TPMOPERATION + + SUPPRESS_GRAYOUT_ENDIF + +#if DISPLAY_TPM_SETUP_ERROR == 1 + suppressif ideqval SETUP_DATA.TpmError == 0; + text + help = STRING_TOKEN(STR_EMPTY), + text = STRING_TOKEN(STR_TPM_SETUP_ERROR), + text = STRING_TOKEN(STR_EMPTY), + flags = 0, + key = 0; + endif; +#endif + +#else + + suppressif ideqval SETUP_DATA.TcmSupport == 1; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TPMSUPPORT + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TPMENABLE + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER OR + ideqval SETUP_DATA.TpmActDeact == 1 OR + ideqval SETUP_DATA.TpmEnable == 0; + + TCG_ONEOF_TPMOPERATION + + SUPPRESS_GRAYOUT_ENDIF + + + suppressif ideqval SETUP_DATA.TcmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TCMSUPPORT + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER; + + TCG_ONEOF_TCMENABLE + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SYSTEM_ACCESS.Access == SYSTEM_PASSWORD_USER OR + ideqval SETUP_DATA.TpmActDeact == 1 OR + ideqval SETUP_DATA.TpmEnable == 0; + + TCG_ONEOF_TPMOPERATION + + SUPPRESS_GRAYOUT_ENDIF + +#endif + + SEPARATOR + SEPARATOR + + SUBTITLE(STRING_TOKEN(STR_TPM_STATUS_INFO)) + +#if TCG_LEGACY == 0 + suppressif ideqval SETUP_DATA.TpmHrdW == 0 OR + ideqval SETUP_DATA.TpmHrdW == 2; + text + help = STRING_TOKEN(STR_EMPTY), + text = STRING_TOKEN(STR_TPMHARDWARE), + text = STRING_TOKEN(STR_EMPTY), + flags = 0, + key = 0; + endif; + + suppressif ideqval SETUP_DATA.TcgSupportEnabled == 1 OR + ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2; + text + help = STRING_TOKEN(STR_EMPTY), + text = STRING_TOKEN(STR_TPMSUPP), + text = STRING_TOKEN(STR_EMPTY), + flags = 0, + key = 0; + endif; + + + suppressif ideqval SETUP_DATA.TpmHrdW == 0 OR + ideqval SETUP_DATA.TpmHrdW == 1; + text + help = STRING_TOKEN(STR_EMPTY), + text = STRING_TOKEN(STR_TPMOPTIMIZE), + text = STRING_TOKEN(STR_EMPTY), + flags = 0, + key = 0; + endif; +#endif + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TPMENADISABLE + + SUPPRESS_GRAYOUT_ENDIF + + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TPMACTDEACT + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 1 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TPMOWNEDUNOWNED + + SUPPRESS_GRAYOUT_ENDIF + + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TCMENADISABLE + + SUPPRESS_GRAYOUT_ENDIF + + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TCMACTDEACT + + SUPPRESS_GRAYOUT_ENDIF + + suppressif ideqval SETUP_DATA.TpmHrdW == 1 OR + ideqval SETUP_DATA.TpmHrdW == 2 OR + ideqval SETUP_DATA.TcmSupport == 0 OR + ideqval SETUP_DATA.TcgSupportEnabled == 0 OR + ideqval SETUP_DATA.TpmSupport == 0; + grayoutif ideqval SETUP_DATA.TpmEnable == 0 OR + ideqval SETUP_DATA.TpmEnable == 1; + + TCG_ONEOF_TCMOWNEDUNOWNED + + SUPPRESS_GRAYOUT_ENDIF + +#if DISPLAY_TPM_SETUP_ERROR == 1 + suppressif ideqval SETUP_DATA.TpmError == 0; + text + help = STRING_TOKEN(STR_EMPTY), + text = STRING_TOKEN(STR_TPM_SETUP_ERROR), + text = STRING_TOKEN(STR_EMPTY), + flags = 0, + key = 0; + endif; +#endif + endform; + #endif // #ifndef TCG_FORM_TCG + +#ifdef FORM_SET_FORM + + #ifndef TCG20_FORM_TCG + #define TCG20_FORM_TCG + + // Define forms + form formid = AUTO_ID(TCG20_FORM_ID), + title = STRING_TOKEN(STR_TCG_FORM); + + SEPARATOR + SEPARATOR + + TCG_ONEOF_TPMSUPPORT + + SEPARATOR + + SUBTITLE(STRING_TOKEN(STR_TPM_20_DEVICE)) + + grayoutif ideqval SETUP_DATA.CsmLaunchPolicy == 1; + TCG_ONEOF_HASHPOLICY + endif; + + endform; + #endif +#endif //end TCG20_FORM + + #endif +#endif // ADVANCED_FORM_SET +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.sdl b/Board/EM/TCG2/Common/Setup/TcgSetup.sdl new file mode 100644 index 0000000..287713b --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetup.sdl @@ -0,0 +1,50 @@ +TOKEN + Name = "TCGSETUP_SUPPORT" + Value = "1" + Help = "Main switch to control TCG setup pages" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes +End + +TOKEN + Name = "DISPLAY_TPM_SETUP_ERROR" + Value = "0" + Help = "Control warning message in setup if a TPM request form setup failed " + TokenType = Boolean + TargetEQU = Yes + TargetH = Yes + TargetMAK = Yes +End + +MODULE + Help = "Includes TcgSetup.mak to Project" + File = "TcgSetup.mak" +End + +PATH + Name = "TCG_SETUP_DIR" + Help = "Tcg Setup Directory" +End + +ELINK + Name = "$(TCG_SETUP_DIR)\TcgSetup.sd" + Parent = "SETUP_DEFINITIONS" + Priority = 0 + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\TcgSetup.sdb" + Parent = "SETUP_SDBS" + Priority = 0 + InvokeOrder = AfterParent +End + +ELINK + Name = "-i $(TCG_SETUP_DIR)" + Parent = "SETUP_VFR_INCLUDES" + Priority = 0 + InvokeOrder = AfterParent +End diff --git a/Board/EM/TCG2/Common/Setup/TcgSetup.uni b/Board/EM/TCG2/Common/Setup/TcgSetup.uni new file mode 100644 index 0000000..f845d95 Binary files /dev/null and b/Board/EM/TCG2/Common/Setup/TcgSetup.uni differ diff --git a/Board/EM/TCG2/Common/Setup/TcgSetupBoard.h b/Board/EM/TCG2/Common/Setup/TcgSetupBoard.h new file mode 100644 index 0000000..879a191 --- /dev/null +++ b/Board/EM/TCG2/Common/Setup/TcgSetupBoard.h @@ -0,0 +1,95 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetupBoard.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgSetup/TcgSetupBoard.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 3 7/25/11 3:16a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] TCG PPI Spec ver 1.2 update +// +// 2 3/29/11 1:26p Fredericko +// +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//********************************************************************** +// +// +// Name: TcgSetupBoard.h +// +// Description: +// +// +// +//********************************************************************** + +#define TCPA_PPIOP_ENABLE 1 +#define TCPA_PPIOP_DISABLE 2 +#define TCPA_PPIOP_ACTIVATE 3 +#define TCPA_PPIOP_DEACTIVATE 4 +#define TCPA_PPIOP_CLEAR 5 +#define TCPA_PPIOP_ENABLE_ACTV 6 +#define TCPA_PPIOP_DEACT_DSBL 7 +#define TCPA_PPIOP_OWNER_ON 8 +#define TCPA_PPIOP_OWNER_OFF 9 +#define TCPA_PPIOP_ENACTVOWNER 10 +#define TCPA_PPIOP_DADISBLOWNER 11 +#define TCPA_PPIOP_UNOWNEDFIELDUPGRADE 12 +#define TCPA_PPIOP_SETOPAUTH 13 +#define TCPA_PPIOP_CLEAR_ENACT 14 +#define TCPA_PPIOP_SETNOPPIPROVISION_FALSE 15 +#define TCPA_PPIOP_SETNOPPIPROVISION_TRUE 16 +#define TCPA_PPIOP_SETNOPPICLEAR_FALSE 17 +#define TCPA_PPIOP_SETNOPPICLEAR_TRUE 18 +#define TCPA_PPIOP_SETNOPPIMAINTENANCE_FALSE 19 +#define TCPA_PPIOP_SETNOPPIMAINTENANCE_TRUE 20 +#define TCPA_PPIOP_ENABLE_ACTV_CLEAR 21 +#define TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV 22 +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/TPM32BIN.bin b/Board/EM/TCG2/Common/TPM32BIN.bin new file mode 100644 index 0000000..c51c29c Binary files /dev/null and b/Board/EM/TCG2/Common/TPM32BIN.bin differ diff --git a/Board/EM/TCG2/Common/TcgBins.mak b/Board/EM/TCG2/Common/TcgBins.mak new file mode 100644 index 0000000..e2cf864 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgBins.mak @@ -0,0 +1,102 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgBinaries/TcgBins.mak 1 4/21/14 2:16p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:16p $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/AmiTcgBinaries/TcgBins.mak $ +# +# 1 4/21/14 2:16p Fredericko +# +# 1 10/08/13 12:03p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:52p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 2 3/29/11 2:47p Fredericko +# +# +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# +#********************************************************************** +# +# +# Name: TcgDxe.MAK +# +# Description: Make file for the tcgdxe component +# +# +#********************************************************************** +all : TcgBinaries + +TcgBinaries : $(BUILD_DIR)\LEGX16.ffs $(BUILD_DIR)\MPTPM.ffs $(BUILD_DIR)\TPM32BIN.ffs + +$(BUILD_DIR)\MPTPM.ffs: $(TCG_BINS_DIR)\$(@B).bin + $(MAKE) /$(MAKEFLAGS) /f Core\FFS.mak \ + NAME=$(@B) \ + BUILD_DIR=$(BUILD_DIR) SOURCE_DIR=$(TCG_BINS_DIR) \ + GUID=7D113AA9-6280-48c6-BACE-DFE7668E8307 \ + TYPE=EFI_FV_FILETYPE_FREEFORM \ + COMPRESS=1\ + BINFILE=$(TCG_BINS_DIR)\$(@B).bin FFSFILE=$@ + + +# +# Create TPM32BIN.ffs +# +$(BUILD_DIR)\TPM32BIN.ffs : $(TCG_BINS_DIR)\$(@B).bin + $(MAKE) /$(MAKEFLAGS) /f Core\FFS.mak \ + NAME=$(@B) \ + BUILD_DIR=$(BUILD_DIR) SOURCE_DIR=$(TCG_BINS_DIR) \ + GUID=0AA31BC6-3379-41e8-825A-53F82CC0F254 \ + TYPE=EFI_FV_FILETYPE_FREEFORM \ + COMPRESS=1\ + BINFILE=$(TCG_BINS_DIR)\$(@B).bin FFSFILE=$@ + +# +# Create LEG16.ffs +# +$(BUILD_DIR)\LEGX16.ffs : $(TCG_BINS_DIR)\$(@B).bin + $(MAKE) /$(MAKEFLAGS) /f Core\FFS.mak \ + NAME=$(@B) \ + BUILD_DIR=$(BUILD_DIR) SOURCE_DIR=$(TCG_BINS_DIR) \ + GUID=142204E2-C7B1-4af9-A729-923758D96D03 \ + TYPE=EFI_FV_FILETYPE_FREEFORM \ + COMPRESS=1\ + BINFILE=$** FFSFILE=$@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgBins.sdl b/Board/EM/TCG2/Common/TcgBins.sdl new file mode 100644 index 0000000..f3eddde --- /dev/null +++ b/Board/EM/TCG2/Common/TcgBins.sdl @@ -0,0 +1,42 @@ +TOKEN + Name = "AMI_TCG_BINARIES" + Value = "1" + Help = "Main switch to enable Ami TCG binaries support in Project" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + TargetH = Yes + Master = Yes +End + + +MODULE + Help = "Include make file for module" + File = "TcgBins.mak" +End + + + +PATH + Name = "TCG_BINS_DIR" + Help = "Directory for module part" +End + + +ELINK + Name = "$(BUILD_DIR)\TPM32BIN.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\LEGX16.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\MPTPM.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.c b/Board/EM/TCG2/Common/TcgDxeplatform.c new file mode 100644 index 0000000..520c0f9 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.c @@ -0,0 +1,168 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.c 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.c $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 5 1/20/12 9:14p Fredericko +// +// 4 4/04/11 2:16p Fredericko +// Removed #pragma optimization directives +// +// 3 4/01/11 9:39a Fredericko +// Updated function Header +// +// 2 3/29/11 1:21p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgDxeplatform.c +// +// Description: Function file for TcgDxeplatform +// +// +//************************************************************************* +#include +#include "AmiTcgPlatformDxe.h" + + +EFI_GUID gAmiTcgPlatformProtocolguid = AMI_TCG_PLATFORM_PROTOCOL_GUID; + + +//********************************************************************** +// +// +// Procedure: TcgDxeplatformEntry +// +// Description: +// +// Input: IN EFI_HANDLE ImageHandle, +// IN EFI_SYSTEM_TABLE *SystemTable +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI TcgDxeplatformEntry( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable ){ + + AMI_TCG_PLATFORM_PROTOCOL *AmiTcgPlatformProtocol = NULL; + EFI_STATUS Status; + BOOLEAN *ResetAllTcgVar = NULL; + EFI_GUID legTcgGuid = AMI_TCG_RESETVAR_HOB_GUID; + void ** DummyPtr; + + InitAmiLib( ImageHandle, SystemTable ); + + DummyPtr = &ResetAllTcgVar; + ResetAllTcgVar = (UINT8*)LocateATcgHob( + pST->NumberOfTableEntries, + pST->ConfigurationTable, + &legTcgGuid ); + + Status = pBS->LocateProtocol( &gAmiTcgPlatformProtocolguid, NULL, + &AmiTcgPlatformProtocol); + + DummyPtr = &ResetAllTcgVar; + + if ( *DummyPtr != NULL ) + { + //if ResetAllTcgVar, call setAllTcgVariable to zero + if ( *ResetAllTcgVar == TRUE ) + { + AmiTcgPlatformProtocol->ResetOSTcgVar(); + } + } + + if(EFI_ERROR(Status)){ + return EFI_SUCCESS; + } + + + Status = AmiTcgPlatformProtocol->ProcessTcgPpiRequest(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "\n Possible ERROR Processing Ppi Request from O.S.\n")); + } + + Status = AmiTcgPlatformProtocol->ProcessTcgSetup(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "\n Possible ERROR Processing Tcg Setup\n")); + } + +#if (defined(MeasureCPUMicrocodeToken) && (MeasureCPUMicrocodeToken == 1)) + Status = AmiTcgPlatformProtocol->MeasureCpuMicroCode(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "\n Possible ERROR Measuring CPU Microde\n")); + } +#endif + + Status = AmiTcgPlatformProtocol->MeasurePCIOproms(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "\n Possible ERROR Measuring PCI Option Roms\n")); + } + + Status = AmiTcgPlatformProtocol->SetTcgReadyToBoot(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "\n Possible ERROR process Tcg Ready to boot Callback\n")); + } + + return Status; +} + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.cif b/Board/EM/TCG2/Common/TcgDxeplatform.cif new file mode 100644 index 0000000..54878a1 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.cif @@ -0,0 +1,12 @@ + + name = "TcgDxeplatform" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "TcgDxeplatform" +[files] +"TcgDxeplatform.sdl" +"TcgDxeplatform.mak" +"TcgDxeplatform.c" +"TcgDxeplatform.h" +"TcgDxeplatform.dxs" + diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.dxs b/Board/EM/TCG2/Common/TcgDxeplatform.dxs new file mode 100644 index 0000000..65e6b6a --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.dxs @@ -0,0 +1,70 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.dxs 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.dxs $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 1:21p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgDxeplatform.dxs +// +// Description: Dependency file +// +// +//************************************************************************* +#include "AmiTcgPlatformDxe.h" + +DEPENDENCY_START + AMI_TCG_PLATFORM_PROTOCOL_GUID +DEPENDENCY_END + +//************************************************************************* +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.h b/Board/EM/TCG2/Common/TcgDxeplatform.h new file mode 100644 index 0000000..126698d --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.h @@ -0,0 +1,69 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.h 1 4/21/14 2:17p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:17p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.h $ +// +// 1 4/21/14 2:17p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 1:21p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgDxeplatform.h +// +// Description: Header file for TcgDxeplatform +// +// +//************************************************************************* + + + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.mak b/Board/EM/TCG2/Common/TcgDxeplatform.mak new file mode 100644 index 0000000..068570d --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.mak @@ -0,0 +1,88 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.mak 1 4/21/14 2:17p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:17p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgDxeplatform/TcgDxeplatform.mak $ +# +# 1 4/21/14 2:17p Fredericko +# +# 1 10/08/13 12:04p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:56p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 3 3/29/11 1:20p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +#********************************************************************** +# +# +# Name: TcgDxeplatform.mak +# +# Description: Make file for the TcgDxeplatform component +# +# +#********************************************************************** +all: $(BUILD_DIR)\TcgDxeplatform.mak TcgDxeplatformBin + +$(BUILD_DIR)\TcgDxeplatform.mak : $(TCG_DXE_PLATFORM_DIR)\$(@B).cif $(TCG_DXE_PLATFORM_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TCG_DXE_PLATFORM_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +TcgDxeplatform_CFLAGS=$(CFLAGS)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(TCG_DXE_PLATFORM_DIR)\ + /I$(TCG_DIR)\protocol\TcgService\ + /I$(TCG_DIR)\protocol\TpmDevice\ + /I$(PROJECT_DIR)\Include\Protocol + +TcgDxeplatformBin : $(AMIDXELIB) $(BUILD_DIR)\AmiTcgLibDxe.lib + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\TcgDxeplatform.mak all\ + "CFLAGS=$(TcgDxeplatform_CFLAGS) "\ + "CPFLAGS=$(TcgDxeplatform_CFLAGS) "\ + GUID=2688B232-9C02-4c12-BE1F-857C0FF2AAE3\ + ENTRY_POINT=TcgDxeplatformEntry \ + TYPE=BS_DRIVER \ + DEPEX1=$(TCG_DXE_PLATFORM_DIR)\TcgDxeplatform.dxs \ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX \ + EXT_HEADERS=$(BUILD_DIR)\token.h \ + COMPRESS=1\ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgDxeplatform.sdl b/Board/EM/TCG2/Common/TcgDxeplatform.sdl new file mode 100644 index 0000000..63ce7b5 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgDxeplatform.sdl @@ -0,0 +1,28 @@ +TOKEN + Name = "TCG_DXE_PLATFORM_SUPPORT" + Value = "1" + Help = "Tcgdxe platform supprt" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes + Token = "TPM12Enabled" "!=" "0" +End + + +MODULE + Help = "Includes TcgDxeplatform.mak to Project" + File = "TcgDxeplatform.mak" +End + + +PATH + Name = "TCG_DXE_PLATFORM_DIR" + Help = "" +End + +ELINK + Name = "$(BUILD_DIR)\TcgDxeplatform.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.c b/Board/EM/TCG2/Common/TcgPeiplatform.c new file mode 100644 index 0000000..6476964 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.c @@ -0,0 +1,240 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.c 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.c $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:04p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 5 4/26/11 1:46p Fredericko +// Function call changes to match changes to function header definition +// for Memoryabsent function. +// +// 4 4/04/11 2:14p Fredericko +// Removed #pragma optimization directives +// +// 3 3/29/11 9:18p Fredericko +// Handle TPM memory present errors +// +// 2 3/29/11 1:19p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgPeiPlatform.c +// +// Description: Function file for TcgPeiPlatform +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include "PPI\TcgService\TcgTcmService.h" +#include "PPI\TcgService\TcgService.h" +#include "PPI\TpmDevice\TpmDevice.h" +#include "PPI\CpuIo.h" +#include "PPI\LoadFile.h" +#include +#include "AmiTcgPlatformPei.h" + + + +EFI_GUID gAmiTcgPlatformPpiBeforeMem = AMI_TCG_PLATFORM_PPI_BEFORE_MEM_GUID; +EFI_GUID gAmiTcgPlatformPpiAfterMem = AMI_TCG_PLATFORM_PPI_AFTER_MEM_GUID; +EFI_GUID gCacheInstallGuid = EFI_PEI_PERMANENT_MEMORY_INSTALLED_PPI; + +EFI_STATUS +EFIAPI OnMemoryDiscovered( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDesc, + IN VOID *Ppi ); + + +static EFI_PEI_NOTIFY_DESCRIPTOR TcgAmiPlatformInitNotify[] = +{ + { + EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | \ + EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gAmiTcgPlatformPpiAfterMem, + OnMemoryDiscovered + } +}; + +//********************************************************************** +// +// +// Procedure: OnMemoryDiscovered +// +// Description: Call Memory Present initialization on memory Installation +// +// +// Input: IN EFI_PEI_SERVICES **PeiServices, +// IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDesc, +// IN VOID *Ppi +// +// Output: EFI STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI OnMemoryDiscovered( + IN EFI_PEI_SERVICES **PeiServices, + IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDesc, + IN VOID *Ppi ) +{ + EFI_STATUS Status; + AMI_TCG_PLATFORM_PPI_AFTER_MEM *AmiTcgPlatformPPI = NULL; + EFI_BOOT_MODE BootMode; + + + Status = (*PeiServices)->LocatePpi ( + PeiServices, + &gAmiTcgPlatformPpiAfterMem , + 0, + NULL, + &AmiTcgPlatformPPI); + + if ( EFI_ERROR( Status )){ + Status = (*PeiServices)->NotifyPpi (PeiServices, \ + TcgAmiPlatformInitNotify); + + return Status; + } + + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = (*PeiServices)->GetBootMode( PeiServices, &BootMode ); + ASSERT_PEI_ERROR( PeiServices, Status ); + + Status = AmiTcgPlatformPPI->VerifyTcgVariables(PeiServices); + Status = AmiTcgPlatformPPI->MemoryPresentFunctioOverride(PeiServices); + if(EFI_ERROR(Status))return Status; + + if((BootMode == BOOT_ON_S3_RESUME) || (BootMode == BOOT_IN_RECOVERY_MODE)){ + return EFI_SUCCESS; + } + + Status = AmiTcgPlatformPPI->SetPhysicalPresence(PeiServices); + return (Status); +} + + + + +//********************************************************************** +// +// +// Procedure: TcgPeiPlatformEntry +// +// Description: +// +// Input: IN EFI_FFS_FILE_HEADER *FfsHeader +// IN EFI_PEI_SERVICES **PeiServices, +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI TcgPeiplatformEntry( + IN EFI_FFS_FILE_HEADER *FfsHeader, + IN EFI_PEI_SERVICES **PeiServices ){ + + AMI_TCG_PLATFORM_PPI_BEFORE_MEM *AmiTcgPlatformPPI = NULL; + EFI_STATUS Status; + TCG_PEI_MEMORY_CALLBACK *MemCallback; + + Status = (*PeiServices)->LocatePpi ( + PeiServices, + &gAmiTcgPlatformPpiBeforeMem, + 0, + NULL, + &AmiTcgPlatformPPI); + + + if(EFI_ERROR(Status)){ + return EFI_SUCCESS; + } + + AmiTcgPlatformPPI->MemoryAbsentFunctionOverride(PeiServices); + + Status = (**PeiServices).AllocatePool( + PeiServices, + sizeof (TCG_PEI_MEMORY_CALLBACK), + &MemCallback); + + if ( !EFI_ERROR( Status )) + { + MemCallback->NotifyDesc.Flags + = (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK + | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST); + MemCallback->NotifyDesc.Guid = &gCacheInstallGuid; + MemCallback->NotifyDesc.Notify = OnMemoryDiscovered; + MemCallback->FfsHeader = FfsHeader; + + Status = (*PeiServices)->NotifyPpi( PeiServices, + &MemCallback->NotifyDesc ); + } + + return Status; +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.cif b/Board/EM/TCG2/Common/TcgPeiplatform.cif new file mode 100644 index 0000000..e562f7e --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.cif @@ -0,0 +1,12 @@ + + name = "TcgPeiplatform" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "TcgPeiplatform" +[files] +"TcgPeiplatform.sdl" +"TcgPeiplatform.mak" +"TcgPeiplatform.c" +"TcgPeiplatform.h" +"TcgPeiplatform.dxs" + diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.dxs b/Board/EM/TCG2/Common/TcgPeiplatform.dxs new file mode 100644 index 0000000..4ebca57 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.dxs @@ -0,0 +1,70 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.dxs 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.dxs $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 1:19p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgPeiPlatform.dxs +// +// Description: Dependency file +// +// +//************************************************************************* +#include "AmiTcgPlatformPei.h" + +DEPENDENCY_START + AMI_TCG_PLATFORM_PPI_BEFORE_MEM_GUID +DEPENDENCY_END + +//************************************************************************* +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.h b/Board/EM/TCG2/Common/TcgPeiplatform.h new file mode 100644 index 0000000..79d6724 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.h @@ -0,0 +1,66 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 3/29/11 1:19p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: TcgPeiPlatform +// +// Description: Header file for TcgPeiplatform +// +// +//************************************************************************* + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.mak b/Board/EM/TCG2/Common/TcgPeiplatform.mak new file mode 100644 index 0000000..bc9c606 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.mak @@ -0,0 +1,85 @@ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.mak 1 4/21/14 2:17p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:17p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPeiplatform/TcgPeiplatform.mak $ +# +# 1 4/21/14 2:17p Fredericko +# +# 1 10/08/13 12:04p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:56p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 4 3/29/11 1:18p Fredericko +# [TAG] EIP 54642 +# [Category] Improvement +# [Description] 1. Checkin Files related to TCG function override +# 2. Include TCM and TPM auto detection +# [Files] Affects all TCG files +# +# +#********************************************************************** +# +# +# Name: TcgPeiplatform.mak +# +# Description: Make file for the TcgPeiplatform component +# +# +#********************************************************************** +all: $(BUILD_DIR)\TcgPeiplatform.mak TcgPeiplatformBin + +$(BUILD_DIR)\TcgPeiplatform.mak : $(TCG_PEI_PLATFORM_DIR)\$(@B).cif $(TCG_PEI_PLATFORM_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TCG_PEI_PLATFORM_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +TcgPeiplatform_CFLAGS=$(CFLAGS)\ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(TCG_PEI_PLATFORM_DIR) + +TcgPeiplatformBin : $(AMIPEILIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\TcgPeiplatform.mak all\ + "CFLAGS=$(TcgPeiplatform_CFLAGS) "\ + GUID=6B844C5B-6B75-42ca-8E8E-1CB94412B59B\ + ENTRY_POINT=TcgPeiplatformEntry \ + TYPE=PEIM \ + DEPEX1=$(TCG_PEI_PLATFORM_DIR)\TcgPeiplatform.dxs \ + DEPEX1_TYPE=EFI_SECTION_PEI_DEPEX \ + EXT_HEADERS=$(BUILD_DIR)\token.h \ + COMPRESS=0\ +#********************************************************************** +#********************************************************************** +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#********************************************************************** +#********************************************************************** diff --git a/Board/EM/TCG2/Common/TcgPeiplatform.sdl b/Board/EM/TCG2/Common/TcgPeiplatform.sdl new file mode 100644 index 0000000..e7e8523 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPeiplatform.sdl @@ -0,0 +1,16 @@ +MODULE + Help = "Includes TcgPeiplatform.mak to Project" + File = "TcgPeiplatform.mak" +End + + +PATH + Name = "TCG_PEI_PLATFORM_DIR" + Help = "" +End + +ELINK + Name = "$(BUILD_DIR)\TcgPeiplatform.ffs" + Parent = "FV_BB" + InvokeOrder = AfterParent +End diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c new file mode 100644 index 0000000..09fd431 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c @@ -0,0 +1,301 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.c $ +// +// 1 4/21/14 2:18p Fredericko +// +// 2 12/10/13 12:56p Fredericko +// [TAG] EIP143615 +// [Category] Bug Fix +// [Severity] Minor +// [Symptom] Bitlocker WHCK failure +// [RootCause] PPI interface for TPM 1.2 device was failing +// [Solution] Fix the error in PPI interface error +// [Files] TcgPlatformSetupPeiPolicy.c +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 10/03/13 2:42p Fredericko +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 4 9/07/12 11:00a Fredericko +// [TAG] EIP94081 +// [Category] Bug Fix +// [Severity] Normal +// [Symptom] TcgPlatformSetupPeiPolicy.c does not load defaults when +// unable to load Setup variable +// [RootCause] Setupvariables not initialized if NVRAM is corrupted. +// [Solution] Initialize TCG variables to default if NVRAM corrupted +// [Files] TcgPlatformSetupPeiPolicy.c +// +// 3 12/18/11 10:24p Fredericko +// Changes to support TcgplatformPeiPolicy in relation to O.S. requests. +// +// 2 10/07/11 6:52p Fredericko +// +// 1 9/27/11 10:10p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Initial check-in for Tcg Setup policy for pei +// [Files] TcgPlatformSetupPeiPolicy.cif +// TcgPlatformSetupPeiPolicy.c +// TcgPlatformSetupPeiPolicy.h +// TcgPlatformSetupPeiPolicy.sdl +// TcgPlatformSetupPeiPolicy.mak +// TcgPlatformSetupPeiPolicy.dxs +// +//********************************************************************** + +// +//--------------------------------------------------------------------------- +// Name: TcgPlatformpeipolicy.c +// +// Description: Installs Tcg policy from setup variables in Pei +// +//--------------------------------------------------------------------------- +// + +#include +#include "TcgPlatformSetupPeiPolicy.h" + +EFI_GUID gTcgPlatformSetupPolicyGuid = TCG_PLATFORM_SETUP_PEI_POLICY_GUID; +EFI_GUID gTcgPeiInternalflagsGuid = PEI_TCG_INTERNAL_FLAGS_GUID; +EFI_GUID gTcgInternalPeiSyncflagGuid = TCG_PPI_SYNC_FLAG_GUID; + + +EFI_STATUS + getTcgPeiPolicy (IN EFI_PEI_SERVICES **PeiServices , + IN TCG_CONFIGURATION *ConfigFlags) + +{ + EFI_STATUS Status; + EFI_PEI_READ_ONLY_VARIABLE_PPI *ReadOnlyVariable; + EFI_GUID gPeiReadOnlyVariablePpiGuid + = EFI_PEI_READ_ONLY_VARIABLE_PPI_GUID; + UINTN VariableSize = sizeof(SETUP_DATA); + SETUP_DATA SetupData; + EFI_GUID gSetupGuid = SETUP_GUID; + UINT8 DisallowTpmFlag=0; + UINT8 SyncVar = 0; + UINTN SyncVarSize = sizeof(UINT8); + + // + // + // + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gPeiReadOnlyVariablePpiGuid, + 0, NULL, + &ReadOnlyVariable); + + PEI_TRACE((-1, PeiServices, "gPeiReadOnlyVariablePpiGuid Status = %r \n", Status)); + + if(!EFI_ERROR(Status)){ + + Status = ReadOnlyVariable->GetVariable(PeiServices, + L"Setup", + &gSetupGuid, + NULL, + &VariableSize, + &SetupData); + + PEI_TRACE((-1, PeiServices, "gSetupGuid Status = %r \n", Status)); + + if (EFI_ERROR(Status)) { + ConfigFlags->TpmSupport = 0; + ConfigFlags->TcmSupport = 0; + ConfigFlags->TpmEnable = 0; + ConfigFlags->TpmAuthenticate = 0; + ConfigFlags->TpmOperation = 0; + ConfigFlags->Tpm20Device = 0; + } else { + ConfigFlags->TpmSupport = SetupData.TpmSupport; + ConfigFlags->TcmSupport = SetupData.TcmSupport; + ConfigFlags->TpmEnable = SetupData.TpmEnable ; + ConfigFlags->TpmAuthenticate = SetupData.TpmAuthenticate; + ConfigFlags->TpmOperation = SetupData.TpmOperation; + ConfigFlags->Tpm20Device = SetupData.Tpm20Device; + ConfigFlags->Reserved1 = SetupData.ShaPolicy; + } + + + VariableSize = sizeof(UINT8); + Status = ReadOnlyVariable->GetVariable(PeiServices, + L"InternalDisallowTpmFlag", + &gTcgPeiInternalflagsGuid, + NULL, + &VariableSize, + &DisallowTpmFlag); + if(EFI_ERROR(Status)){ + Status = EFI_SUCCESS; + DisallowTpmFlag = 0; + } + + PEI_TRACE((-1, PeiServices, "gTcgPeiInternalflagsGuid Status = %r \n", Status)); + + Status = ReadOnlyVariable->GetVariable(PeiServices, + L"TcgInternalSyncFlag", + &gTcgInternalPeiSyncflagGuid, + NULL, + &SyncVarSize, + &SyncVar); + + PEI_TRACE((-1, PeiServices, "gTcgInternalPeiSyncflagGuid Status = %r \n", Status)); + + if(EFI_ERROR(Status)){ + SyncVar = 0; + Status = EFI_SUCCESS; + } + + ConfigFlags->Reserved2 = 0; + ConfigFlags->DisallowTpm = DisallowTpmFlag; + ConfigFlags->TpmHardware = 0; + ConfigFlags->TpmEnaDisable = 0; + ConfigFlags->TpmActDeact = 0; + ConfigFlags->TpmOwnedUnowned = 0; + ConfigFlags->TcgSupportEnabled = 0; + ConfigFlags->TpmError = 0; + ConfigFlags->PpiSetupSyncFlag = SyncVar; + ConfigFlags->Reserved3 = 0; + + ConfigFlags->Reserved4 = 0; + ConfigFlags->Reserved5 = 0; + }else{ + ConfigFlags->TpmSupport = 0; + ConfigFlags->TcmSupport = 0; + ConfigFlags->TpmEnable = 0 ; + ConfigFlags->TpmAuthenticate = 0; + ConfigFlags->TpmOperation = 0; + ConfigFlags->DisallowTpm = 0; + ConfigFlags->Reserved1 = 0; + ConfigFlags->Reserved2 = 0; + + ConfigFlags->TpmHardware = 0; + ConfigFlags->TpmEnaDisable = 0; + ConfigFlags->TpmActDeact = 0; + ConfigFlags->TpmOwnedUnowned = 0; + ConfigFlags->TcgSupportEnabled = 0; + ConfigFlags->TpmError = 0; + ConfigFlags->PpiSetupSyncFlag = 0; + ConfigFlags->Reserved3 = 0; + + ConfigFlags->Reserved4 = 0; + ConfigFlags->Reserved5 = 0; + } + + return Status; + +} + + + +static TCG_PLATFORM_SETUP_INTERFACE TcgPlatformSetupInstance = { + TCG_PLATFORM_SETUP_PEI_PROTOCOL_REVISION_1, + getTcgPeiPolicy +}; + +static EFI_PEI_PPI_DESCRIPTOR TcgPlatformSetupPeiPolicyDesc[] = { + { + EFI_PEI_PPI_DESCRIPTOR_PPI + | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST, + &gTcgPlatformSetupPolicyGuid, + &TcgPlatformSetupInstance + } +}; + + + +//********************************************************************** +// +// +// Procedure: TcgPlatformSetupPolicyEntryPoint +// +// Description: Entry point for TcgPlatformSetupPolicyEntryPoint +// +// Input: ImageHandle Image handle of this driver. +// SystemTable Global system service table. +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI +TcgPlatformSetupPeiPolicyEntryPoint ( + IN EFI_FFS_FILE_HEADER *FfsHeader, + IN EFI_PEI_SERVICES **PeiServices +) +{ + EFI_STATUS Status; + EFI_PEI_READ_ONLY_VARIABLE_PPI *ReadOnlyVariable; + EFI_GUID gPeiReadOnlyVariablePpiGuid + = EFI_PEI_READ_ONLY_VARIABLE_PPI_GUID; + UINTN VariableSize = sizeof(SETUP_DATA); + SETUP_DATA SetupData; + EFI_GUID gSetupGuid = SETUP_GUID; + + + Status = (*PeiServices)->LocatePpi( + PeiServices, + &gPeiReadOnlyVariablePpiGuid, + 0, NULL, + &ReadOnlyVariable); + + if (EFI_ERROR(Status)) + return EFI_SUCCESS; + + Status = ReadOnlyVariable->GetVariable(PeiServices, + L"Setup", + &gSetupGuid, + NULL, + &VariableSize, + &SetupData); + + Status = (**PeiServices).InstallPpi (PeiServices, TcgPlatformSetupPeiPolicyDesc); + + return Status; +} + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.cif b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.cif new file mode 100644 index 0000000..8a074e3 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.cif @@ -0,0 +1,12 @@ + + name = "TcgPlatformSetupPeiPolicy" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common\TcgPlatformSetupPeiPolicy\" + RefName = "TcgPlatformSetupPeiPolicy" +[files] +"TcgPlatformSetupPeiPolicy.c" +"TcgPlatformSetupPeiPolicy.h" +"TcgPlatformSetupPeiPolicy.sdl" +"TcgPlatformSetupPeiPolicy.mak" +"TcgPlatformSetupPeiPolicy.dxs" + diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.dxs b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.dxs new file mode 100644 index 0000000..537a053 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.dxs @@ -0,0 +1,52 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.dxs 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +// +//********************************************************************** + +// +//---------------------------------------------------------------------------- +// +// Name: TcgPlatformpeipolicy.dxs +// +// Description: Dependency file for TcgPlatformpeipolicy +// +//---------------------------------------------------------------------------- +// + +#include + +DEPENDENCY_START + EFI_PEI_READ_ONLY_VARIABLE_PPI_GUID +DEPENDENCY_END + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h new file mode 100644 index 0000000..d13e433 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h @@ -0,0 +1,167 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:56p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 2 12/18/11 10:25p Fredericko +// Changes to support TcgplatformPeiPolicy in relation to O.S. requests. +// +// 1 9/27/11 10:10p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Initial check-in for Tcg Setup policy for pei +// [Files] TcgPlatformSetupPeiPolicy.cif +// TcgPlatformSetupPeiPolicy.c +// TcgPlatformSetupPeiPolicy.h +// TcgPlatformSetupPeiPolicy.sdl +// TcgPlatformSetupPeiPolicy.mak +// TcgPlatformSetupPeiPolicy.dxs +// +// +//********************************************************************** +// +//--------------------------------------------------------------------------- +// Name: TcgPlatformpeipolicy.h +// +// Description: Header file for TcgPlatformpeipolicy +// +//--------------------------------------------------------------------------- +// + +#ifndef _TCG_PLATFORM_SETUP_PEI_POLICY_H_ +#define _TCG_PLATFORM_SETUP_PEI_POLICY_H_ + +#include +#include +#include +#include + + + +#define TCG_PLATFORM_SETUP_PEI_POLICY_GUID \ + { \ + 0xa76b4e22, 0xb50a, 0x401d, 0x8b, 0x35, 0x51, 0x24, 0xb0, 0xba, 0x41, 0x4 \ + } + +#define TCG_PPI_SYNC_FLAG_GUID \ + {\ + 0xf3ed95df, 0x828e, 0x41c7, 0xbc, 0xa0, 0x16, 0xc4, 0x19, 0x65, 0xa6, 0x34 \ + } + +#define PEI_TCG_INTERNAL_FLAGS_GUID \ + {\ + 0x70fff0ff, 0xa543, 0x45b9, 0x8b, 0xe3, 0x1b, 0xdb, 0x90, 0x41, 0x20, 0x80 \ + } + +// +// Protocol revision number +// Any backwards compatible changes to this protocol will result in an update in the revision number +// Major changes will require publication of a new protocol +// +#define TCG_PLATFORM_SETUP_PEI_PROTOCOL_REVISION_1 1 + +#pragma pack(1) +typedef struct { + // + // Byte 0, bit definition for functionality enable/disable + // + UINT8 TpmSupport; // 0: Disabled; 1: Enabled + UINT8 TcmSupport; // 0: Disabled; 1: Enabled + UINT8 TpmEnable; // 0: Disabled; 1: Enabled + UINT8 TpmAuthenticate; + UINT8 TpmOperation; // 0: Disabled; 1: Enabled + UINT8 DisallowTpm; // 0: Disabled; 1: Enabled + UINT8 Reserved1; + UINT8 Reserved2; + + // + // Byte 1, bit definition for Status Information + // + UINT8 TpmHardware; // 0: Disabled; 1: Enabled + UINT8 TpmEnaDisable; + UINT8 TpmActDeact; + UINT8 TpmOwnedUnowned; + UINT8 TcgSupportEnabled; // 0: Disabled; 1: Enabled + UINT8 TpmError; + UINT8 PpiSetupSyncFlag; + UINT8 Reserved3; + + // + // Byte 2, Reserved bytes + // + UINT8 Reserved4; + + // + // Byte 3, Reserved bytes + // + UINT8 Reserved5; + + //TPM 20 Configuration + UINT8 Tpm20Device; + +} TCG_CONFIGURATION; + +#pragma pack() + + +typedef +EFI_STATUS +(EFIAPI * GET_TCG_PEI_POLICY)( + IN EFI_PEI_SERVICES **PeiServices , + IN TCG_CONFIGURATION *ConfigFlags +); + + +// +// AMT DXE Platform Policiy ==================================================== +// +typedef struct _TCG_PLATFORM_SETUP_INTERFACE { + UINT8 Revision; + GET_TCG_PEI_POLICY getTcgPeiPolicy; +} TCG_PLATFORM_SETUP_INTERFACE; + + +#endif + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* \ No newline at end of file diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak new file mode 100644 index 0000000..57ba48a --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak @@ -0,0 +1,88 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2011, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* + +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak 1 4/21/14 2:18p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:18p $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.mak $ +# +# 1 4/21/14 2:18p Fredericko +# +# 1 10/08/13 12:05p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:56p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 4 10/07/11 11:54a Fredericko +# +# 1 9/27/11 10:10p Fredericko +# [TAG] EIP67286 +# [Category] Improvement +# [Description] Initial check-in for Tcg Setup policy for pei +# [Files] TcgPlatformSetupPeiPolicy.cif +# TcgPlatformSetupPeiPolicy.c +# TcgPlatformSetupPeiPolicy.h +# TcgPlatformSetupPeiPolicy.sdl +# TcgPlatformSetupPeiPolicy.mak +# TcgPlatformSetupPeiPolicy.dxs +# +# +#********************************************************************** +# +# +# Name: TcgPlatformpeipolicy.mak +# +# Description: Make file for TcgPlatformpeipolicy +# +# +#********************************************************************** +All : TcgPlatformSetupPeiPolicy + +TcgPlatformSetupPeiPolicy : $(BUILD_DIR)\TcgPlatformSetupPeiPolicy.mak TcgPlatformSetupPeiPolicyBin + +$(BUILD_DIR)\TcgPlatformSetupPeiPolicy.mak : $(TcgPlatformSetupPeiPolicy_DIR)\$(@B).cif $(TcgPlatformSetupPeiPolicy_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TcgPlatformSetupPeiPolicy_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +TcgPlatformSetupPeiPolicyBin : $(AMIPEILIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\TcgPlatformSetupPeiPolicy.mak all\ + GUID=0FE9DA53-043D-4265-A94D-FD77FEDE2EB4\ + ENTRY_POINT=TcgPlatformSetupPeiPolicyEntryPoint\ + DEPEX1=$(TcgPlatformSetupPeiPolicy_DIR)\TcgPlatformSetupPeiPolicy.dxs\ + DEPEX1_TYPE=EFI_SECTION_PEI_DEPEX\ + TYPE=PEIM\ + COMPRESS=0 + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.sdl b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.sdl new file mode 100644 index 0000000..7756da4 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPeiPolicy/TcgPlatformSetupPeiPolicy.sdl @@ -0,0 +1,25 @@ +TOKEN + Name = "TcgPlatformSetupPeiPolicy_SUPPORT" + Value = "1" + Help = "Main switch to enable TcgPlatformSetupPeiPolicy support in Project" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes +End + +PATH + Name = "TcgPlatformSetupPeiPolicy_DIR" +End + +MODULE + Help = "IncludesTcgPlatformSetupPeiPolicy.mak to Project" + File = "TcgPlatformSetupPeiPolicy.mak" +End + +ELINK + Name = "$(BUILD_DIR)\TcgPlatformSetupPeiPolicy.ffs" + Parent = "FV_BB" + InvokeOrder = AfterParent +End + diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c new file mode 100644 index 0000000..6a39194 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c @@ -0,0 +1,441 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c 2 6/09/14 4:59p Fredericko $ +// +// $Revision: 2 $ +// +// $Date: 6/09/14 4:59p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.c $ +// +// 2 6/09/14 4:59p Fredericko +// Changes for SetVariable vulnerability during Runtime +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 10/03/13 2:43p Fredericko +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 7 5/19/12 6:42p Fredericko +// +// 6 12/15/11 3:30p Fredericko +// removed check for setup changes before NVRAM writes +// +// 5 10/26/11 2:14p Fredericko +// [TAG] EIP72872 +// [Category] Improvement +// [Description] Do not call setvariable if no change to TPM setup +// information +// [Files] TcgPlatformSetupPolicy.c +// +// 4 10/24/11 1:52p Fredericko +// [TAG] EIP72872 +// [Category] Improvement +// [Description] TCG module do not call SetVariable() for setup data if +// no setup changes +// [Files] TcgPlatformSetupPolicy.c +// +// 3 10/07/11 6:52p Fredericko +// +// 2 9/28/11 6:30p Fredericko +// +// 1 9/27/11 10:11p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Initial check-in for Tcg Setup policy for Dxe +// [Files] TcgPlatformSetupPolicy.cif +// TcgPlatformSetupPolicy.c +// TcgPlatformSetupPolicy.h +// TcgPlatformSetupPolicy.sdl +// TcgPlatformSetupPolicy.mak +// TcgPlatformSetupPolicy.dxs +// +//********************************************************************** + +// +//--------------------------------------------------------------------------- +// Name: TcgPlatformSetupPolicy.c +// +// Description: Policy file to allow reading and update of TCG policy +// +//--------------------------------------------------------------------------- +// + +#include +#include "TcgPlatformSetupPolicy.h" + +TCG_PLATFORM_SETUP_PROTOCOL *TcgPlatformSetupInstance = NULL; + +EFI_HANDLE gImageHandle; +static TCG_CONFIGURATION InitialConfigFlags; +EFI_GUID gTcgPlatformSetupPolicyGuid = TCG_PLATFORM_SETUP_POLICY_GUID; +EFI_GUID gTcgInternalSyncflagGuid = TCG_PPI_SYNC_FLAG_GUID; +EFI_GUID gTcgInternalflagsGuid = TCG_INTERNAL_FLAGS_GUID; + + +EFI_STATUS + UpdateTcgStatusFlags (TCG_CONFIGURATION *StatusFlags, BOOLEAN UpdateNvram) + +{ + EFI_STATUS Status; + UINTN VariableSize = sizeof(SETUP_DATA); + SETUP_DATA SetupDataBuffer; + UINTN SetupVariableSize = sizeof(SETUP_DATA); + UINT32 SetupVariableAttributes; + EFI_GUID gSetupGuid = SETUP_GUID; + TCG_PLATFORM_SETUP_PROTOCOL *NewTcgPlatformSetupInstance = NULL; + TCG_PLATFORM_SETUP_PROTOCOL *OldTcgPlatformSetupInstance = NULL; + + if(InitialConfigFlags.DisallowTpm == 1)return EFI_INVALID_PARAMETER; + + Status = pBS->LocateProtocol (&gTcgPlatformSetupPolicyGuid, NULL, &OldTcgPlatformSetupInstance); + if (EFI_ERROR (Status)) { + return Status; + } + + Status = pBS->AllocatePool ( + EfiBootServicesData, + sizeof (TCG_PLATFORM_SETUP_PROTOCOL), + (VOID**)&NewTcgPlatformSetupInstance + ); + + if(StatusFlags == NULL) + { + return EFI_INVALID_PARAMETER; + } + + if(TcgPlatformSetupInstance == NULL) return EFI_OUT_OF_RESOURCES; + + NewTcgPlatformSetupInstance->ConfigFlags.TpmSupport = InitialConfigFlags.TpmSupport; + NewTcgPlatformSetupInstance->ConfigFlags.TcmSupport = StatusFlags->TcmSupport; + NewTcgPlatformSetupInstance->ConfigFlags.TpmEnable = StatusFlags->TpmEnable ; + NewTcgPlatformSetupInstance->ConfigFlags.TpmAuthenticate = InitialConfigFlags.TpmAuthenticate; + NewTcgPlatformSetupInstance->ConfigFlags.TpmOperation = StatusFlags->TpmOperation; + NewTcgPlatformSetupInstance->ConfigFlags.DisallowTpm = 0; + NewTcgPlatformSetupInstance->ConfigFlags.Reserved1 = StatusFlags->Reserved1; + NewTcgPlatformSetupInstance->ConfigFlags.Reserved2 = StatusFlags->Reserved2; + + NewTcgPlatformSetupInstance->ConfigFlags.TpmHardware = StatusFlags->TpmHardware; + NewTcgPlatformSetupInstance->ConfigFlags.TpmEnaDisable = StatusFlags->TpmEnaDisable; + NewTcgPlatformSetupInstance->ConfigFlags.TpmActDeact = StatusFlags->TpmActDeact; + NewTcgPlatformSetupInstance->ConfigFlags.TpmOwnedUnowned = StatusFlags->TpmOwnedUnowned; + NewTcgPlatformSetupInstance->ConfigFlags.TcgSupportEnabled = StatusFlags->TcgSupportEnabled ; + NewTcgPlatformSetupInstance->ConfigFlags.TpmError = StatusFlags->TpmError; + NewTcgPlatformSetupInstance->ConfigFlags.PpiSetupSyncFlag = StatusFlags->PpiSetupSyncFlag; + NewTcgPlatformSetupInstance->ConfigFlags.Reserved3 = StatusFlags->Reserved3; + + NewTcgPlatformSetupInstance->ConfigFlags.Reserved4 = StatusFlags->Reserved4; + NewTcgPlatformSetupInstance->ConfigFlags.Reserved5 = StatusFlags->Reserved5; + NewTcgPlatformSetupInstance->ConfigFlags.Tpm20Device = StatusFlags->Tpm20Device; + + + NewTcgPlatformSetupInstance->UpdateStatusFlags = UpdateTcgStatusFlags; + + Status = pBS->UninstallMultipleProtocolInterfaces( + gImageHandle, + &gTcgPlatformSetupPolicyGuid, + OldTcgPlatformSetupInstance, + NULL + ); + + Status = pBS->InstallMultipleProtocolInterfaces ( + &gImageHandle, + &gTcgPlatformSetupPolicyGuid, + NewTcgPlatformSetupInstance, + NULL + ); + + if (EFI_ERROR (Status)) { + return Status; + } + + if(UpdateNvram){ + + Status = pRS->GetVariable ( + L"Setup", + &gSetupGuid, + &SetupVariableAttributes, + &SetupVariableSize, + &SetupDataBuffer); + + SetupDataBuffer.TpmEnable = NewTcgPlatformSetupInstance->ConfigFlags.TpmEnable; + SetupDataBuffer.TpmSupport = NewTcgPlatformSetupInstance->ConfigFlags.TpmSupport; + SetupDataBuffer.TcmSupport = NewTcgPlatformSetupInstance->ConfigFlags.TcmSupport; + SetupDataBuffer.TpmAuthenticate = NewTcgPlatformSetupInstance->ConfigFlags.TpmAuthenticate; + SetupDataBuffer.TpmOperation = NewTcgPlatformSetupInstance->ConfigFlags.TpmOperation; + SetupDataBuffer.TpmEnaDisable = NewTcgPlatformSetupInstance->ConfigFlags.TpmEnaDisable; + SetupDataBuffer.TpmActDeact = NewTcgPlatformSetupInstance->ConfigFlags.TpmActDeact; + SetupDataBuffer.TpmHrdW = NewTcgPlatformSetupInstance->ConfigFlags.TpmHardware; + SetupDataBuffer.TpmOwnedUnowned = NewTcgPlatformSetupInstance->ConfigFlags.TpmOwnedUnowned; + SetupDataBuffer.TpmError = NewTcgPlatformSetupInstance->ConfigFlags.TpmError; + SetupDataBuffer.TcgSupportEnabled = NewTcgPlatformSetupInstance->ConfigFlags.TcgSupportEnabled; + SetupDataBuffer.Tpm20Device = NewTcgPlatformSetupInstance->ConfigFlags.Tpm20Device; + SetupDataBuffer.ShaPolicy = NewTcgPlatformSetupInstance->ConfigFlags.Reserved1; + + Status = pRS->SetVariable ( + L"Setup", + &gSetupGuid, + SetupVariableAttributes, + SetupVariableSize, + &SetupDataBuffer); + + SetupVariableAttributes = EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_NON_VOLATILE; + + Status = pRS->SetVariable ( + L"TcgInternalSyncFlag", + &gTcgInternalSyncflagGuid, + SetupVariableAttributes, + sizeof(UINT8), + &(NewTcgPlatformSetupInstance->ConfigFlags.PpiSetupSyncFlag)); + + if(Status == EFI_INVALID_PARAMETER) + { + Status = pRS->SetVariable( L"TcgInternalSyncFlag", \ + &gTcgInternalSyncflagGuid, \ + 0, \ + 0, \ + NULL); + + if(EFI_ERROR(Status))return Status; + + Status = pRS->SetVariable( L"TcgInternalSyncFlag", \ + &gTcgInternalSyncflagGuid, \ + SetupVariableAttributes, \ + sizeof(UINT8), \ + &(NewTcgPlatformSetupInstance->ConfigFlags.PpiSetupSyncFlag)); + } + } + + return Status; +} + + + +//********************************************************************** +// +// +// Procedure: TcgPlatformSetupPolicyEntryPoint +// +// Description: Entry point for TcgPlatformSetupPolicyEntryPoint +// +// Input: ImageHandle Image handle of this driver. +// SystemTable Global system service table. +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS +EFIAPI +TcgPlatformSetupPolicyEntryPoint ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable +) +{ + EFI_STATUS Status; + UINTN VariableSize = 0; + SETUP_DATA SetupDataBuffer; + SETUP_DATA *SetupData = &SetupDataBuffer; + UINTN SetupVariableSize; + UINT32 SetupVariableAttributes; + EFI_GUID gSetupGuid = SETUP_GUID; + UINT8 SyncVar; + UINT8 DisallowTpmFlag; + UINTN TempSizeofSyncVar = sizeof(UINT8); + + InitAmiLib (ImageHandle, SystemTable); + + SetupVariableSize = sizeof (SETUP_DATA); + + Status = pBS->AllocatePool ( + EfiBootServicesData, + sizeof (TCG_PLATFORM_SETUP_PROTOCOL), + (VOID**)&TcgPlatformSetupInstance + ); + + + if (EFI_ERROR(Status)) { + return EFI_OUT_OF_RESOURCES; + } + + Status = pRS->GetVariable ( + L"InternalDisallowTpmFlag", + &gTcgInternalflagsGuid, + &SetupVariableAttributes, + &TempSizeofSyncVar, + &DisallowTpmFlag); + + + if(EFI_ERROR(Status)){ + DisallowTpmFlag = 0; + Status = EFI_SUCCESS; + } + else if(DisallowTpmFlag == 1) + { + MemSet(&TcgPlatformSetupInstance->ConfigFlags, sizeof(TCG_CONFIGURATION), 0); + TcgPlatformSetupInstance->ConfigFlags.DisallowTpm = 1; + MemSet(&InitialConfigFlags, sizeof(TCG_CONFIGURATION), 0); + + InitialConfigFlags.DisallowTpm = 1; + + TcgPlatformSetupInstance->Revision = TCG_PLATFORM_SETUP_PROTOCOL_REVISION_1; + TcgPlatformSetupInstance->UpdateStatusFlags = UpdateTcgStatusFlags; + + Status = pRS->GetVariable ( + L"Setup", + &gSetupGuid, + &SetupVariableAttributes, + &SetupVariableSize, + &SetupDataBuffer); + + + SetupDataBuffer.TpmEnable = 0; + SetupDataBuffer.TpmSupport = 0; + SetupDataBuffer.TcmSupport = 0; + SetupDataBuffer.TpmAuthenticate = 0; + SetupDataBuffer.TpmOperation = 0; + SetupDataBuffer.TpmEnaDisable = 0; + SetupDataBuffer.TpmActDeact = 0; + SetupDataBuffer.TpmHrdW = 0; + SetupDataBuffer.TpmOwnedUnowned = 0; + SetupDataBuffer.TpmError = 0; + SetupDataBuffer.SuppressTcg = DisallowTpmFlag; + SetupDataBuffer.TcgSupportEnabled = 0; + + Status = pRS->SetVariable ( + L"Setup", + &gSetupGuid, + SetupVariableAttributes, + SetupVariableSize, + &SetupDataBuffer); + + return Status; + } + + + Status = pRS->GetVariable ( + L"TcgInternalSyncFlag", + &gTcgInternalSyncflagGuid, + &SetupVariableAttributes, + &TempSizeofSyncVar, + &SyncVar); + + if(EFI_ERROR(Status)){ + SyncVar = 0; + } + + + Status = pRS->GetVariable ( + L"Setup", + &gSetupGuid, + &SetupVariableAttributes, + &SetupVariableSize, + &SetupDataBuffer); + + TcgPlatformSetupInstance->Revision = TCG_PLATFORM_SETUP_PROTOCOL_REVISION_1; + + if (EFI_ERROR(Status)) + { + MemSet(&TcgPlatformSetupInstance->ConfigFlags, sizeof(TCG_CONFIGURATION), 0); + SetupData = NULL; + } else { + + MemSet(&TcgPlatformSetupInstance->ConfigFlags, sizeof(TCG_CONFIGURATION), 0); + TcgPlatformSetupInstance->ConfigFlags.TpmSupport = (SetupData->TpmSupport); + TcgPlatformSetupInstance->ConfigFlags.TcmSupport = (SetupData->TcmSupport); + TcgPlatformSetupInstance->ConfigFlags.TpmEnable = (SetupData->TpmEnable); + TcgPlatformSetupInstance->ConfigFlags.TpmAuthenticate = (SetupData->TpmAuthenticate); + TcgPlatformSetupInstance->ConfigFlags.TpmOperation = (SetupData->TpmOperation); + TcgPlatformSetupInstance->ConfigFlags.PpiSetupSyncFlag = SyncVar; + TcgPlatformSetupInstance->ConfigFlags.Reserved1 = (SetupData->ShaPolicy); + TcgPlatformSetupInstance->ConfigFlags.Reserved2 = 0; + TcgPlatformSetupInstance->ConfigFlags.DisallowTpm = DisallowTpmFlag; + TcgPlatformSetupInstance->ConfigFlags.TpmHardware = (SetupData->TpmHrdW); + TcgPlatformSetupInstance->ConfigFlags.TpmEnaDisable = (SetupData->TpmEnaDisable); + TcgPlatformSetupInstance->ConfigFlags.TpmActDeact = (SetupData->TpmActDeact); + TcgPlatformSetupInstance->ConfigFlags.TpmOwnedUnowned = (SetupData->TpmOwnedUnowned); + TcgPlatformSetupInstance->ConfigFlags.TcgSupportEnabled = (SetupData->TcgSupportEnabled); + TcgPlatformSetupInstance->ConfigFlags.TpmError = (SetupData->TpmError); + TcgPlatformSetupInstance->ConfigFlags.Reserved3 = 0; + TcgPlatformSetupInstance->ConfigFlags.Reserved4 = 0; + TcgPlatformSetupInstance->ConfigFlags.Reserved5 = 0; + TcgPlatformSetupInstance->ConfigFlags.Tpm20Device = SetupData->Tpm20Device; + } + + TcgPlatformSetupInstance->UpdateStatusFlags = UpdateTcgStatusFlags; + + InitialConfigFlags.TpmSupport = TcgPlatformSetupInstance->ConfigFlags.TpmSupport; + InitialConfigFlags.TcmSupport = TcgPlatformSetupInstance->ConfigFlags.TcmSupport; + InitialConfigFlags.TpmEnable = TcgPlatformSetupInstance->ConfigFlags.TpmEnable; + InitialConfigFlags.TpmAuthenticate = TcgPlatformSetupInstance->ConfigFlags.TpmAuthenticate; + InitialConfigFlags.TpmOperation = TcgPlatformSetupInstance->ConfigFlags.TpmOperation; + InitialConfigFlags.Reserved1 = TcgPlatformSetupInstance->ConfigFlags.Reserved1 ; + InitialConfigFlags.Reserved2 = TcgPlatformSetupInstance->ConfigFlags.Reserved2; + + InitialConfigFlags.TpmHardware = TcgPlatformSetupInstance->ConfigFlags.TpmHardware; + InitialConfigFlags.TpmEnaDisable = TcgPlatformSetupInstance->ConfigFlags.TpmEnaDisable; + InitialConfigFlags.TpmActDeact = TcgPlatformSetupInstance->ConfigFlags.TpmActDeact; + InitialConfigFlags.TpmOwnedUnowned = TcgPlatformSetupInstance->ConfigFlags.TpmOwnedUnowned; + InitialConfigFlags.TcgSupportEnabled = TcgPlatformSetupInstance->ConfigFlags.TcgSupportEnabled; + InitialConfigFlags.TpmError = TcgPlatformSetupInstance->ConfigFlags.TpmError; + InitialConfigFlags.PpiSetupSyncFlag = TcgPlatformSetupInstance->ConfigFlags.PpiSetupSyncFlag; + InitialConfigFlags.Reserved3 = TcgPlatformSetupInstance->ConfigFlags.Reserved3; + + InitialConfigFlags.Reserved4 = TcgPlatformSetupInstance->ConfigFlags.Reserved4; + InitialConfigFlags.Reserved5 = TcgPlatformSetupInstance->ConfigFlags.Reserved5; + + InitialConfigFlags.Tpm20Device = TcgPlatformSetupInstance->ConfigFlags.Tpm20Device; + + // + // + Status = pBS->InstallMultipleProtocolInterfaces ( + &ImageHandle, + &gTcgPlatformSetupPolicyGuid, + TcgPlatformSetupInstance, + NULL + ); + + gImageHandle = ImageHandle; + + return Status; +} +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.cif b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.cif new file mode 100644 index 0000000..f3fd80e --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.cif @@ -0,0 +1,12 @@ + + name = "TcgPlatformSetupPolicy" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common\TcgPlatformSetupPolicy\" + RefName = "TcgPlatformSetupPolicy" +[files] +"TcgPlatformSetupPolicy.c" +"TcgPlatformSetupPolicy.h" +"TcgPlatformSetupPolicy.sdl" +"TcgPlatformSetupPolicy.mak" +"TcgPlatformSetupPolicy.dxs" + diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.dxs b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.dxs new file mode 100644 index 0000000..8980c70 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.dxs @@ -0,0 +1,52 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.dxs 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +// +//********************************************************************** + +// +//---------------------------------------------------------------------------- +// +// Name: TcgPlatformpolicy.dxs +// +// Description: dependency file for TcgPlatformpolicy +// +//---------------------------------------------------------------------------- +// + +#include + +DEPENDENCY_START + EFI_VARIABLE_ARCH_PROTOCOL_GUID +DEPENDENCY_END + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h new file mode 100644 index 0000000..09637df --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h @@ -0,0 +1,165 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//********************************************************************** +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//********************************************************************** +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:05p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 1 9/27/11 10:11p Fredericko +// [TAG] EIP67286 +// [Category] Improvement +// [Description] Initial check-in for Tcg Setup policy for Dxe +// [Files] TcgPlatformSetupPolicy.cif +// TcgPlatformSetupPolicy.c +// TcgPlatformSetupPolicy.h +// TcgPlatformSetupPolicy.sdl +// TcgPlatformSetupPolicy.mak +// TcgPlatformSetupPolicy.dxs +// +// +//********************************************************************** +// +//---------------------------------------------------------------------------- +// +// Name: TcgPlatformpolicy.h +// +// Description: Header file for TcgPlatformpolicy +// +//---------------------------------------------------------------------------- +// +#ifndef _TCG_PLATFORM_SETUP_POLICY_H_ +#define _TCG_PLATFORM_SETUP_POLICY_H_ + +#include +#include +#include + + + +#define TCG_PLATFORM_SETUP_POLICY_GUID \ + { \ + 0xbb6cbeff, 0xe072, 0x40d2, 0xa6, 0xeb, 0xba, 0xb7, 0x5b, 0xde, 0x87, 0xe7 \ + } + +#define TCG_PPI_SYNC_FLAG_GUID \ + {\ + 0xf3ed95df, 0x828e, 0x41c7, 0xbc, 0xa0, 0x16, 0xc4, 0x19, 0x65, 0xa6, 0x34 \ + } + +#define TCG_INTERNAL_FLAGS_GUID \ + {\ + 0x70fff0ff, 0xa543, 0x45b9, 0x8b, 0xe3, 0x1b, 0xdb, 0x90, 0x41, 0x20, 0x80 \ + } + + +// +// Protocol revision number +// Any backwards compatible changes to this protocol will result in an update in the revision number +// Major changes will require publication of a new protocol +// +#define TCG_PLATFORM_SETUP_PROTOCOL_REVISION_1 1 + +#pragma pack(1) + +typedef struct { + // + // Byte 0, bit definition for functionality enable/disable + // + UINT8 TpmSupport; // 0: Disabled; 1: Enabled + UINT8 TcmSupport; // 0: Disabled; 1: Enabled + UINT8 TpmEnable; // 0: Disabled; 1: Enabled + UINT8 TpmAuthenticate; + UINT8 TpmOperation; // 0: Disabled; 1: Enabled + UINT8 DisallowTpm; // 0: Disabled; 1: Enabled + UINT8 Reserved1; + UINT8 Reserved2; + + // + // Byte 1, bit definition for Status Information + // + UINT8 TpmHardware; // 0: Disabled; 1: Enabled + UINT8 TpmEnaDisable; + UINT8 TpmActDeact; + UINT8 TpmOwnedUnowned; + UINT8 TcgSupportEnabled; // 0: Disabled; 1: Enabled + UINT8 TpmError; + UINT8 PpiSetupSyncFlag; + UINT8 Reserved3; + + // + // Byte 2, Reserved bytes + // + UINT8 Reserved4; + + // + // Byte 3, Reserved bytes + // + UINT8 Reserved5; + + //TPM 20 Configuration + UINT8 Tpm20Device; +} TCG_CONFIGURATION; + + +#pragma pack() + +typedef +EFI_STATUS +(EFIAPI * UPDATE_AMI_TCG_STATUS_FLAGS)( + TCG_CONFIGURATION *StatusFlags, + BOOLEAN UpdateNvram +); + + +// +// AMT DXE Platform Policiy ==================================================== +// +typedef struct _TCG_PLATFORM_SETUP_PROTOCOL { + UINT8 Revision; + TCG_CONFIGURATION ConfigFlags; + UPDATE_AMI_TCG_STATUS_FLAGS UpdateStatusFlags; +} TCG_PLATFORM_SETUP_PROTOCOL; + + +#endif + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2011, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* \ No newline at end of file diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak new file mode 100644 index 0000000..1d5fe1c --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak @@ -0,0 +1,88 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2011, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* + +#********************************************************************** +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak 1 4/21/14 2:18p Fredericko $ +# +# $Revision: 1 $ +# +# $Date: 4/21/14 2:18p $ +#********************************************************************** +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.mak $ +# +# 1 4/21/14 2:18p Fredericko +# +# 1 10/08/13 12:05p Fredericko +# Initial Check-In for Tpm-Next module +# +# 1 7/10/13 5:57p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 2 9/29/11 1:55a Fredericko +# +# 1 9/27/11 10:11p Fredericko +# [TAG] EIP67286 +# [Category] Improvement +# [Description] Initial check-in for Tcg Setup policy for Dxe +# [Files] TcgPlatformSetupPolicy.cif +# TcgPlatformSetupPolicy.c +# TcgPlatformSetupPolicy.h +# TcgPlatformSetupPolicy.sdl +# TcgPlatformSetupPolicy.mak +# TcgPlatformSetupPolicy.dxs +# +# +#********************************************************************** +# +# +# Name: TcgPlatformpolicy.mak +# +# Description: Make file for TcgPlatformpolicy +# +# +#********************************************************************** +All : TcgPlatformSetupPolicy + +TcgPlatformSetupPolicy : $(BUILD_DIR)\TcgPlatformSetupPolicy.mak TcgPlatformSetupPolicyBin + +$(BUILD_DIR)\TcgPlatformSetupPolicy.mak : $(TcgPlatformSetupPolicy_DIR)\$(@B).cif $(TcgPlatformSetupPolicy_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TcgPlatformSetupPolicy_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +TcgPlatformSetupPolicyBin : $(AMIDXELIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\TcgPlatformSetupPolicy.mak all\ + GUID=196CA3D8-9A5A-4735-B328-8FFC1D93D188\ + ENTRY_POINT=TcgPlatformSetupPolicyEntryPoint\ + DEPEX1=$(TcgPlatformSetupPolicy_DIR)\TcgPlatformSetupPolicy.dxs\ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX\ + TYPE=BS_DRIVER\ + COMPRESS=1 + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.sdl b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.sdl new file mode 100644 index 0000000..b5bf040 --- /dev/null +++ b/Board/EM/TCG2/Common/TcgPlatformSetupPolicy/TcgPlatformSetupPolicy.sdl @@ -0,0 +1,25 @@ +TOKEN + Name = "TcgPlatformSetupPolicy_SUPPORT" + Value = "1" + Help = "Main switch to enable TcgPlatformSetupPolicy support in Project" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes +End + +PATH + Name = "TcgPlatformSetupPolicy_DIR" +End + +MODULE + Help = "Includes AmtPlatformPolicy.mak to Project" + File = "TcgPlatformSetupPolicy.mak" +End + +ELINK + Name = "$(BUILD_DIR)\TcgPlatformSetupPolicy.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.DXS b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.DXS new file mode 100644 index 0000000..ec6fb4e --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.DXS @@ -0,0 +1,85 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//************************************************************************* +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.DXS 1 4/21/14 2:19p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:19p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.DXS $ +// +// 1 4/21/14 2:19p Fredericko +// +// 2 3/14/14 3:50p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 8/30/13 11:05p Fredericko +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 3 7/25/11 3:21a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] TCG Ppi Sec ver 1.2 update +// +// 2 5/20/10 8:54a Fredericko +// +// Included File Header +// Included File Revision History +// EIP 37653 +// +//************************************************************************* +// +// +// Name: TCGSmm.dxs +// +// Description: +// Dependency for TcgSmm +// +// +//************************************************************************* +#include "Tpm20Acpi.h" +#include +#include +#include +#include + +DEPENDENCY_START + EFI_ACPI_TABLE_PROTOCOL_GUID AND + EFI_TREE_PROTOCOL_GUID +DEPENDENCY_END + +//************************************************************************* +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.c b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.c new file mode 100644 index 0000000..6d12019 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.c @@ -0,0 +1,373 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.c 2 4/21/14 3:18p Fredericko $ +// +// $Revision: 2 $ +// +// $Date: 4/21/14 3:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.c $ +// +// 2 4/21/14 3:18p Fredericko +// +// 1 4/21/14 2:19p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 10/03/13 3:01p Fredericko +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +//************************************************************************* +// +// +// Name: +// +// Description: +// +// +//************************************************************************* + +#include "Tpm20Acpi.h" +#include +#include +#include "Tpm20CRBLib.h" + + +EFI_TPM2_ACPI_TABLE mTpm2AcpiTemplate = { + { + EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE, + sizeof (mTpm2AcpiTemplate), + EFI_TPM2_ACPI_TABLE_REVISION, + // + // initialize to 0 + // + // + }, + 0, // Flags + (EFI_PHYSICAL_ADDRESS)(UINTN)0xFFFFFFFF, // Control Area + EFI_TPM2_ACPI_TABLE_START_METHOD_ACPI, +}; + + + + +//********************************************************************** +// +// +// Procedure: GetHob +// +// Description: Find instance of a HOB type in a HOB list +// +// Input: +// Type The HOB type to return. +// HobStart The first HOB in the HOB list. +// +// Output: +// Pointer to the Hob matching the type or NULL +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* GetHob( + IN UINT16 Type, + IN VOID *HobStart ) +{ + EFI_PEI_HOB_POINTERS Hob; + + Hob.Raw = HobStart; + + // + // Return input if not found + // + if ( HobStart == NULL ) + { + return HobStart; + } + + // + // Parse the HOB list, stop if end of list or matching type found. + // + while ( !END_OF_HOB_LIST( Hob )) + { + if ( Hob.Header->HobType == Type ) + { + break; + } + + Hob.Raw = GET_NEXT_HOB( Hob ); + } + + // + // Return input if not found + // + if ( END_OF_HOB_LIST( Hob )) + { + return HobStart; + } + + return (VOID*)(Hob.Raw); +} + +//********************************************************************** +// +// +// Procedure: CompareGuid +// +// Description: Compares two input GUIDs +// +// Input: Comparision status +// +// Output: None +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +BOOLEAN CompareGuid( + EFI_GUID *G1, + EFI_GUID *G2 ) +{ + UINT32 *p1 = (UINT32*)G1, *p2 = (UINT32*)G2; + UINTN i; + + for ( i = 0; i < 4; ++i ) + { + if ( p1[i] != p2[i] ) + { + return FALSE; + } + } + return TRUE; + ; +} + +//********************************************************************** +// +// +// Procedure: GetNextGuidHob +// +// Description: Find GUID HOB +// +// Input: HobStart A pointer to the start hob. +// Guid A pointer to a guid. +// Output: +// Buffer A pointer to the buffer. +// BufferSize Buffer size. +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS GetNextGuidHob( + IN OUT VOID **HobStart, + IN EFI_GUID * Guid, + OUT VOID **Buffer, + OUT UINTN *BufferSize OPTIONAL ) +{ + EFI_STATUS Status; + EFI_PEI_HOB_POINTERS GuidHob; + + if ( Buffer == NULL ) + { + return EFI_INVALID_PARAMETER; + } + + for ( Status = EFI_NOT_FOUND; EFI_ERROR( Status );) + { + GuidHob.Raw = *HobStart; + + if ( END_OF_HOB_LIST( GuidHob )) + { + return EFI_NOT_FOUND; + } + + GuidHob.Raw = GetHob( EFI_HOB_TYPE_GUID_EXTENSION, *HobStart ); + + if ( GuidHob.Header->HobType == EFI_HOB_TYPE_GUID_EXTENSION ) + { + if ( CompareGuid( Guid, &GuidHob.Guid->Name )) + { + Status = EFI_SUCCESS; + *Buffer = (VOID*)((UINT8*)(&GuidHob.Guid->Name) + + sizeof (EFI_GUID)); + + if ( BufferSize != NULL ) + { + *BufferSize = GuidHob.Header->HobLength + - sizeof (EFI_HOB_GUID_TYPE); + } + } + } + + *HobStart = GET_NEXT_HOB( GuidHob ); + } + + return Status; +} + + + +VOID* FindHob( + IN UINTN NoTableEntries, + IN EFI_CONFIGURATION_TABLE *ConfigTable, + IN EFI_GUID *HOB_guid ) +{ + VOID *HobStart; + VOID *PtrHob; + EFI_GUID Hoblistguid = HOB_LIST_GUID; + + while ( NoTableEntries > 0 ) + { + NoTableEntries--; + + if ((!MemCmp( + &ConfigTable[NoTableEntries].VendorGuid, + &Hoblistguid, sizeof(EFI_GUID) + ))) + { + HobStart = ConfigTable[NoTableEntries].VendorTable; + + if ( !EFI_ERROR( + GetNextGuidHob( &HobStart, HOB_guid, &PtrHob, NULL ) + )) + { + TRACE ((TRACE_ALWAYS, "Hob found = %x \n", PtrHob)); + return PtrHob; + } + } + } + return NULL; +} + + + +EFI_STATUS +Tpm20PublishAcpiTable ( + VOID + ) +{ + EFI_STATUS Status; + UINTN TableKey = 0; + EFI_ACPI_TABLE_PROTOCOL *AcpiTable; + EFI_TPM2_ACPI_CONTROL_AREA *CtrlAreaMap = NULL; + EFI_GUID Meguid = ME_DATA_HOB_GUID; + INTEL_PTT_HOB_DATA *StolenAddress = NULL; + + mTpm2AcpiTemplate.Header.OemRevision = TPM20TABLEOEMREVISION; + mTpm2AcpiTemplate.Header.CreatorId = CREATOR_ID_AMI; + mTpm2AcpiTemplate.Header.OemTableId = EFI_SIGNATURE_64 ('T', 'p', 'm', '2', 'T', 'a', 'b', 'l'); + + // + // Publish the TPM ACPI table + // + Status = pBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **) &AcpiTable); + if(EFI_ERROR(Status))return Status; + + if(!isTpm20CrbPresent()) + { + mTpm2AcpiTemplate.AddressOfControlArea = 0; + mTpm2AcpiTemplate.StartMethod = 6; + }else{ + + StolenAddress = (INTEL_PTT_HOB_DATA *)FindHob ( pST->NumberOfTableEntries, + pST->ConfigurationTable, + &Meguid); + + if(StolenAddress != 0){ + if(((UINTN)((UINT64 *)StolenAddress->BufferAddress)) != 0){ + mTpm2AcpiTemplate.AddressOfControlArea = StolenAddress->BufferAddress; + }else{ + mTpm2AcpiTemplate.AddressOfControlArea = TPM20_CRBBASE; + } + }else{ + mTpm2AcpiTemplate.AddressOfControlArea = TPM20_CRBBASE; + } + + mTpm2AcpiTemplate.StartMethod = 2; + CtrlAreaMap = (EFI_TPM2_ACPI_CONTROL_AREA *)(UINTN) mTpm2AcpiTemplate.AddressOfControlArea; + MemSet (CtrlAreaMap, sizeof(EFI_TPM2_ACPI_CONTROL_AREA), 0); + CtrlAreaMap->CommandSize = 0xF80; + CtrlAreaMap->ResponseSize = 0xF80; + CtrlAreaMap->Command = (UINTN)mTpm2AcpiTemplate.AddressOfControlArea + 0x80; + CtrlAreaMap->Response = (UINTN)mTpm2AcpiTemplate.AddressOfControlArea + 0x80; + + TRACE ((TRACE_ALWAYS, "Ftpm Windows Buffer Control Area Address = %x\n", mTpm2AcpiTemplate.AddressOfControlArea)); + TRACE ((TRACE_ALWAYS, "Ftpm Windows Command/Response Buffer Address = %x\n", CtrlAreaMap->Command)); + } + + TRACE ((TRACE_ALWAYS, " Before Installation of ACPI table \n")); + Status = AcpiTable->InstallAcpiTable (AcpiTable, + &mTpm2AcpiTemplate, + sizeof(EFI_TPM2_ACPI_TABLE), + &TableKey); + + if(EFI_ERROR(Status))return Status; + + return Status; +} + + +EFI_STATUS +EFIAPI +Tpm20AcpiInitEntry ( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable +) +{ + EFI_STATUS Status; + + InitAmiLib( ImageHandle, SystemTable ); + + Status = Tpm20PublishAcpiTable (); + + return Status; +} + + + + + + + + +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.cif b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.cif new file mode 100644 index 0000000..2d62ae1 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.cif @@ -0,0 +1,15 @@ + + name = "Tpm20Acpi" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common\Tpm20Acpi" + RefName = "Tpm20Acpi" +[files] +"Tpm20Acpi.sdl" +"Tpm20Acpi.mak" +"Tpm20Acpi.h" +"Tpm20Acpi.c" +"Tpm20Acpi.DXS" +"TpmCrb.asl" +"tcg_ppi1_2_Ex.asl" +"tcg_ppi1_2.asl" + diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.h b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.h new file mode 100644 index 0000000..d07ee42 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.h @@ -0,0 +1,141 @@ +//************************************************************************* +//************************************************************************* +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//************************************************************************* +//************************************************************************* +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.h 1 4/21/14 2:19p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:19p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.h $ +// +// 1 4/21/14 2:19p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// +//************************************************************************* +// +// +// Name: +// +// Description: +// +// +//************************************************************************* +#ifndef _TPM20ACPI_H_ +#define _TPM20ACPI_H_ + +#include +#include +#include + +#define ME_DATA_HOB_GUID \ + { 0x1e94f097, 0x5acd, 0x4089, 0xb2, 0xe3, 0xb9, 0xa5, 0xc8, 0x79, 0xa7, 0x0c } + +#define INTERNAL_NVS_AREA_PROTOCOL_GUID \ + { \ + 0x74e1e48, 0x8132, 0x47a1, 0x8c, 0x2c, 0x3f, 0x14, 0xad, 0x9a, 0x66, 0xdc \ + } + +#define EFI_SIGNATURE_16(A, B) ((A) | (B << 8)) +#define EFI_SIGNATURE_32(A, B, C, D) (EFI_SIGNATURE_16 (A, B) | (EFI_SIGNATURE_16 (C, D) << 16)) + +#ifndef EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE +#define EFI_ACPI_5_0_TRUSTED_COMPUTING_PLATFORM_2_TABLE_SIGNATURE EFI_SIGNATURE_32('T', 'P', 'M', '2') + +#define EFI_SIGNATURE_64(A, B, C, D, E, F, G, H) \ + (EFI_SIGNATURE_32 (A, B, C, D) | ((UINT64) (EFI_SIGNATURE_32 (E, F, G, H)) << 32)) + +#endif + +#define TPM20TABLEOEMREVISION 1 +#define CREATOR_ID_AMI 0x20494D41 //" IMA""AMI "(AMI) +#define EFI_TPM2_ACPI_TABLE_START_METHOD_ACPI 2 +#define EFI_TPM2_ACPI_TABLE_REVISION 3 + +#pragma pack (1) + + +typedef struct { + UINT32 Signature; + UINT32 Length; + UINT8 Revision; + UINT8 Checksum; + UINT8 OemId[6]; + UINT64 OemTableId; + UINT32 OemRevision; + UINT32 CreatorId; + UINT32 CreatorRevision; +} EFI_ACPI_DESCRIPTION_HEADER; + +typedef struct { + EFI_ACPI_DESCRIPTION_HEADER Header; + UINT32 Flags; + UINT64 AddressOfControlArea; + UINT32 StartMethod; +} EFI_TPM2_ACPI_TABLE; + +typedef struct { + UINT32 Reserved; + UINT32 Error; + UINT32 Cancel; + UINT32 Start; + UINT64 InterruptControl; + UINT32 CommandSize; + UINT64 Command; + UINT32 ResponseSize; + UINT64 Response; +} EFI_TPM2_ACPI_CONTROL_AREA; + +typedef struct { + UINT64 BufferAddress; +}INTEL_PTT_HOB_DATA; + +#pragma pack () + +#define GET_HOB_TYPE( Hob ) ((Hob).Header->HobType) +#define GET_HOB_LENGTH( Hob ) ((Hob).Header->HobLength) +#define GET_NEXT_HOB( Hob ) ((Hob).Raw + GET_HOB_LENGTH( Hob )) +#define END_OF_HOB_LIST( Hob ) (GET_HOB_TYPE( Hob ) ==\ + EFI_HOB_TYPE_END_OF_HOB_LIST) + +EFI_STATUS GetNextGuidHob( + IN OUT VOID **HobStart, + IN EFI_GUID * Guid, + OUT VOID **Buffer, + OUT UINTN *BufferSize OPTIONAL ); + +#endif +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2005, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 6145-F Northbelt Pkwy, Norcross, GA 30071 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.mak b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.mak new file mode 100644 index 0000000..40a658f --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.mak @@ -0,0 +1,191 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.mak 3 4/30/14 11:55a Fredericko $ +# +# $Revision: 3 $ +# +# $Date: 4/30/14 11:55a $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20Acpi/Tpm20Acpi.mak $ +# +# 3 4/30/14 11:55a Fredericko +# +# 2 4/25/14 4:46p Fredericko +# Use Fixed memory descriptor to prevent O.S. from reassigning TPM +# resources +# +# 1 4/21/14 2:19p Fredericko +# +# 3 3/14/14 3:51p Fredericko +# +# 2 3/11/14 6:51p Fredericko +# [TAG] EIP151925 +# [Category] New Feature +# [Description] Changes for TcgGeneric Regression Testing +# +# 1 10/08/13 12:06p Fredericko +# Initial Check-In for Tpm-Next module +# +# 2 7/11/13 6:18p Fredericko +# +# 1 7/10/13 5:58p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +# 4 12/07/11 4:30p Fredericko +# [TAG] EIP59683 +# [Category] Improvement +# [Description] Allow selection between writing to SMI port as a word +# or as a Byte. +# Some platforms might require word writes to the SMI Status port. +# [Files] Tcg.cif, Tcg.sdl, Tcg_ppi1_2_Ex.asl, TcgSmm.mak, TcgSmm.c +# +# 3 8/09/10 2:32p Fredericko +# +# 2 5/20/10 8:50a Fredericko +# Included File Header +# Included File Revision History +# EIP 37653 +# +#************************************************************************* +# +# +# Name: TCGSmm.mak +# +# Description: +# Make file for TCG SMM module +# +# +#************************************************************************* +all : Tpm20Acpi + +Tpm20Acpi : $(BUILD_DIR)\Tpm20Acpi.mak Tpm20AcpiBin + +$(BUILD_DIR)\Tpm20Acpi.mak : $(TPM20ACPI_DIR)\Tpm20Acpi.cif $(TPM20ACPI_DIR)\Tpm20Acpi.mak $(BUILD_RULES) + $(CIF2MAK) $(TPM20ACPI_DIR)\Tpm20Acpi.cif $(CIF2MAK_DEFAULTS) + +Tpm20PlatformFlags=$(CFLAGS) \ + /I$(TCG_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(PROJECT_DIR)\Include\Protocol\ + /I$(TCG_DIR)\Protocol\ + /I$(TPM20_CRBLIB)\ + +Tpm20AcpiBin : $(AMICSPLib) $(AMIDXELIB) $(BUILD_DIR)\Tpm20CRBLib.lib + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\Tpm20Acpi.mak all\ + "CFLAGS=$(Tpm20PlatformFlags) "\ + "CPFLAGS=$(Tpm20PlatformFlags) "\ + GUID=4C8BDF60-2085-4577-8A46-96CB180967BC\ + ENTRY_POINT=Tpm20AcpiInitEntry\ + TYPE=BS_DRIVER \ + COMPRESS=1\ + + +$(BUILD_DIR)\tpm.asl: $(TPM20ACPI_DIR)\Tpm20Acpi.mak + copy << $@ +//tpm.asl +Device(\_SB.PCI0.TPM) + { + Method(_HID, 0){ //PnP Device ID + If(TCMF) + { + Return(EISAID("ZIT0101")) + } + Else + { + If(LEqual(TTDP, 0)){ + Return(EISAID("PNP0C31")) + }else{ + Return("MSFT0101") + } + } + } + + + Method(_STR,0) + { + If(LEqual(TTDP, 0)){ + Return (Unicode ("TPM 1.2 Device")) + }else { + Return (Unicode ("TPM 2.0 Device")) + } + } + + Name(_UID,0x01) + Name(CRST,ResourceTemplate() + { + Memory32Fixed (ReadOnly, 0xFED40000, 0x5000,PCRS) + }) + + OperationRegion(TMMB, SystemMemory, 0x0FED40000, 0x5000) + Field(TMMB, ByteAcc, Lock, Preserve) + { + Offset(0x0000), + ACCS, 8, // Access + Offset(0x0018), + TSTA, 8, // Status + TBCA, 8, // Burst Count + Offset(0x0F00), + TVID, 16, // TPM Chip VID + TDID, 16 // TPM Chip DID + } + + Method(_STA, 0){ + If(LEqual(TTDP, 0)){ + If(TPMF){ + Return(0x0F) // TPM Support + } + Return(0x00) // No TPM Support + }ElseIF(LEqual(TTDP, 1)){ + if(TTPF){ + Return(0x0F) // TPM Support + } + } + Return(0x00) // No TPM Support + } + + Method(_CRS, 0, Serialized) + { + If(LEqual(TTPF, 1)) + { + CreateDWordField(CRST, ^PCRS._BAS, MTFD) // Min + CreateDWordField(CRST, ^PCRS._LEN, LTFD) // Length + + Store(0x0FED40000, MTFD) + Store(0x00005000, LTFD) + } + + Return (CRST) + } + + } +<< +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* \ No newline at end of file diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.sdl b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.sdl new file mode 100644 index 0000000..850243a --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/Tpm20Acpi.sdl @@ -0,0 +1,72 @@ +TOKEN + Name = "TPM20ACPI_SUPPORT" + Value = "1" + Help = "Main switch to enable TCGSMM support in Project" + TokenType = Boolean + TargetEQU = Yes + TargetMAK = Yes + Master = Yes + Token = "TPM20Enabled" "!=" "0" +End + +PATH + Name = "TPM20ACPI_DIR" +End + +MODULE + Help = "Includes Tpm20Acpi.mak to Project" + File = "Tpm20Acpi.mak" +End + +ELINK + Name = "$(BUILD_DIR)\Tpm20Acpi.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(BUILD_DIR)\tpm.asl" + Parent = "GENERIC_ASL" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(TPM20ACPI_DIR)\TpmCrb.asl" + Parent = "GENERIC_ASL" + InvokeOrder = AfterParent +End + +ELINK + Name = "$(TPM20ACPI_DIR)\tcg_ppi1_2.asl" + Parent = "GENERIC_ASL" + InvokeOrder = AfterParent + Token = "OVERRIDE_TCG_ASL" "=" "0" + Token = "TCGPPISPEC_1_2_SUPPORT" "=" "1" + Token = "WORD_ACCESS_SMI_PORT" "=" "0" +End + +ELINK + Name = "$(TPM20ACPI_DIR)\tcg_ppi1_2_Ex.asl" + Parent = "GENERIC_ASL" + InvokeOrder = AfterParent + Token = "OVERRIDE_TCG_ASL" "=" "0" + Token = "TCGPPISPEC_1_2_SUPPORT" "=" "1" + Token = "WORD_ACCESS_SMI_PORT" "=" "1" +End + +TOKEN + Name = "TPMF" + Value = "0" + Help = "TPM ASL update Variable" + TokenType = Integer + TargetASL = Yes + TargetH = Yes +End + +ELINK + Name = "/D PTT_FLAG" + Help = "Intel platforms only" + Parent = "GLOBAL_DEFINES" + InvokeOrder = AfterParent +End + diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/TpmCrb.asl b/Board/EM/TCG2/Common/Tpm20Acpi/TpmCrb.asl new file mode 100644 index 0000000..43dc77e --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/TpmCrb.asl @@ -0,0 +1,387 @@ +Scope (\_SB.PCI0) +{ + Device (FTPM) + { + // + // Define _HID, "PNP0C31" is defined in + // + Name (_HID, "MSFT0101") + + // + // Readable name of this device, don't know if this way is correct yet + // + Name (_STR, Unicode ("TPM 2.0 Device")) + + // + // Return the resource consumed by TPM device + // + Name(_CRS,ResourceTemplate() + { + Memory32Fixed (ReadOnly, 0xFED70000, 0x1000,PCRS) + }) + + OperationRegion (TPMR, SystemMemory, 0xFED70000, 0x1000) + Field (TPMR, AnyAcc, NoLock, Preserve) + { + Offset(0x04), + FERR, 32, + Offset(0x0c), + BEGN, 32, + } + + OperationRegion (CRBD, SystemMemory, 0xFED70000, 0x1000) + Field (CRBD, AnyAcc, NoLock, Preserve) + { + Offset(0x04), + HERR, 32, + Offset (0x40), + HCMD, 32, + Offset(0x44), + HSTS, 32, + } + + OperationRegion (ASMI, SystemIO, SMIA , 0x1) + Field (ASMI, ByteAcc, NoLock, Preserve) + { + INQ,8 + } + + OperationRegion (BSMI, SystemIO, SMIB , 0x1) + Field (BSMI, ByteAcc, NoLock, Preserve) + { + DAT,8 + } + + Method (_STA, 0) + { + If(LEqual(TTDP, 1)){ + If(LEqual(TTPF, 0)){ + Return (0x0f) + } + } + Return (0x0) + } + + + Method (STRT, 3, Serialized, 0, IntObj, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj + { + // + // Switch by function index + // + Switch (ToInteger (Arg1)) + { + Case (0) + { + // + // Standard query, supports function 1-1 + // + Return (Buffer () {0x03}) + } + Case (1) + { + If(LEqual(Or(And(HSTS,0x00000002),And(HSTS,0x00000001)),0x00000003)) + { + // + // Trigger the FTPM_CMD interrupt + // + Store (0x00000001, HCMD) + } + Else + { + //Set Error Bit + Store(0x00000001,FERR) + //Clear Start Bit + Store(0x00000000,BEGN) + } + Return (0) + } + } + + Return (0) + } + + Method (CRYF, 3, Serialized, 0, {BuffObj, PkgObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj + { + // + // Switch by function index + // + Switch (ToInteger(Arg1)) + { + Case (0) + { + // + // Standard query + // + Return (Buffer () {0x03}) + } + Case (1) + { + // + // Return failure if no TPM present + // + Name(TPMV, Package () {0x01, Package () {0x1, 0x20}}) + Return (TPMV) + } + } + Return (Buffer () {0}) + } + + Method (PPIR, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj + { + // + // Switch by function index + // + Switch (ToInteger(Arg1)) + { + Case (0) + { + // + // Standard query, supports function 1-8 + // + return (Buffer() {0xff,0x01}) //support functions 0-6 + } + Case (1) + { + // + // a) Get Physical Presence Interface Version + // + Return ("1.2") + } + + // + // Function 2: Submit TPM Operation request + // Arg3[0]: Integer - Operation Value + case(2) + { + ToInteger(DeRefOf(Index(Arg2,0)), TMF2) //save request in temp flag + Store(0x12, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(TMF2,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + if(Lequal(DAT,0xF1)){ + return(0x1) + } + + return (Zero) //Success + } + + // + // Function 3: Get pending TPM operation + case(3) + { + Name(PPI1, Package(){0,0}) + Store(0x11,DAT) //read rqst operation + Store(OFST,INQ) //should cause SMI + + if(Lequal(DAT,0xFF)){ + return(0x1) + } + + Store(DAT, Index(PPI1,1)) + return(PPI1) + } + + // + // Function 4: Get platform-specific action to transition + // ot Pre-OS + // Returns: + // 0: None + // 1: Shutdown + // 2: Reboot + // 3: OS Vendor Specific + case(4) + { + return (TRST) //Shutdown + } + + // + // Function 5: Return TPM responce + // + case(5) + { + Name(PPI2, Package(){0,0,0}) + Store(0x21,DAT) + Store(OFST,INQ) + Store(DAT, Index(PPI2,1)) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(0x31,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + IF (Lequal(DAT, 0xF0)) + { + Store(0x51,DAT) + Store(OFST,INQ) + if(Lequal(DAT,0xFF)){ + Store(0xFFFFFFF0, Index(PPI2,2)) + return(PPI2) + } + } + ElseIF (Lequal(DAT, 0xF1)) + { + Store(0x51,DAT) + Store(OFST,INQ) + if(Lequal(DAT,0xFF)){ + Store(0xFFFFFFF1, Index(PPI2,2)) + return(PPI2) + } + } + Else + {Store(DAT, Index(PPI2,2))} + + return(PPI2) + } + + + // + // Function 6: Submit preferred user language + // Ppi Spec 1.2 section 2.1.6 + // Arg3[0]: String - preferred language code + case(6) + { + return ( 0x03 ) //Success + } + + + // + // Function 7: Submit TPM Operation Request to Pre-OS Environment 2 + // Ppi Spec 1.2 section 2.1.7 + // Arg3[0]: String - preferred language code + case(7) + { + ToInteger(DeRefOf(Index(Arg2,0)), TMF2) //save request in temp flag + Store(0x12, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(TMF2,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + if(Lequal(DAT,0xF1)){ + return(0x1) + } + + return (Zero) //Success + } + + case(8) + { + ToInteger(DeRefOf(Index(Arg2,0)), TMF2) //save request in temp flag + Store(0x43, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + Store(TMF2,DAT) + Store(OFST,INQ) + return (DAT) + } + + default { } + } + } + + Method (MORI, 3, Serialized, 0, IntObj, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj + { + // + // Switch by function index + // + Switch (ToInteger (Arg1)) + { + // + // Function 0: Return supported funcitons + // + case(0) + { + return (Buffer() {0x3}) //support functions 0 and 1 + } + + // + // Function 1: Set MOR Bit State + // + case(1) + { + Store(0x22, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + ToInteger(DeRefOf(Index(Arg2,0)), TMF1) //save request in temp flag + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + return (Zero) + } + default { } + } + return (Buffer() {0}) + } + + Method (_DSM, 4, Serialized, 0, UnknownObj, {BuffObj, IntObj, IntObj, PkgObj}) + { + + // + // TCG Physical Presence Interface + // + If(LEqual(Arg0, ToUUID ("3dddfaa6-361b-4eb4-a424-8d10089d1653"))) + { + Return (PPIR (Arg1, Arg2, Arg3)) + } + + // + // TCG Memory Clear Interface + // + If(LEqual(Arg0, ToUUID ("376054ed-cc13-4675-901c-4756d7f2d45d"))) + { + Return (MORI (Arg1, Arg2, Arg3)) + } + + // + // TPM2 ACPI Start Method + // + If(LEqual(Arg0, ToUUID ("cf8e16a5-c1e8-4e25-b712-4f54a96702c8"))) + { + Return (CRYF (Arg1, Arg2, Arg3)) + } + + If(LEqual(Arg0, ToUUID ("6bbf6cab-5463-4714-b7cd-f0203c0368d4"))) + { + Return (STRT (Arg1, Arg2, Arg3)) + } + + Return (Buffer () {0}) + } + + } +} \ No newline at end of file diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2.asl b/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2.asl new file mode 100644 index 0000000..3406155 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2.asl @@ -0,0 +1,256 @@ +//********************************************************************** +// +// +// Procedure: _DSM PPI Method for TPM device +// +// Description: Implement Phisical Presence Interface +// +// Input: \_SB.PCI0.LPCB.TP +// +// Output: PPI result +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +Scope(\_SB.PCI0.TPM) +{ + OperationRegion (ASMI, SystemIO, SMIA , 0x1) + Field (ASMI, ByteAcc, NoLock, Preserve) + { + INQ,8 + } + + OperationRegion (BSMI, SystemIO, SMIB , 0x1) + Field (BSMI, ByteAcc, NoLock, Preserve) + { + DAT,8 + } + + + Method( _DSM , 4) + { + if( LEqual(Arg0,ToUUID("3DDDFAA6-361B-4EB4-A424-8D10089D1653"))) + { + switch(ToInteger(Arg2)) + { + // + // Function 0: Return supported funcitons + // + case(0) + { + return (Buffer() {0xff,0x01}) //support functions 0-6 + } + + // + // Function 1: Ge PPI Version + // + case(1) + { + return ("1.2") + } + + // + // Function 2: Submit TPM Operation request + // Arg3[0]: Integer - Operation Value + case(2) + { + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(0x12, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(TMF2,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + if(Lequal(DAT,0xF1)){ + return(0x1) + } + + + return (Zero) //Success + } + + // + // Function 3: Get pending TPM operation + case(3) + { + Name(PPI1, Package(){0,0}) + Store(0x11,DAT) //read rqst operation + Store(OFST,INQ) //should cause SMI + + if(Lequal(DAT,0xFF)){ + return(0x1) + } + + Store(DAT, Index(PPI1,1)) + return(PPI1) + } + + // + // Function 4: Get platform-specific action to transition + // ot Pre-OS + // Returns: + // 0: None + // 1: Shutdown + // 2: Reboot + // 3: OS Vendor Specific + case(4) + { + return (TRST) //Shutdown + } + + // + // Function 5: Return TPM responce + // + case(5) + { + Name(PPI2, Package(){0,0,0}) + Store(0x21,DAT) + Store(OFST,INQ) + Store(DAT, Index(PPI2,1)) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(0x31,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + IF (Lequal(DAT, 0xF0)) + { + Store(0x51,DAT) + Store(OFST,INQ) + if(Lequal(DAT,0xFF)){ + Store(0xFFFFFFF0, Index(PPI2,2)) + return(PPI2) + } + } + ElseIF (Lequal(DAT, 0xF1)) + { + Store(0x51,DAT) + Store(OFST,INQ) + if(Lequal(DAT,0xFF)){ + Store(0xFFFFFFF1, Index(PPI2,2)) + return(PPI2) + } + } + Else + {Store(DAT, Index(PPI2,2))} + return(PPI2) + } + + + // + // Function 6: Submit preferred user language + // Ppi Spec 1.2 section 2.1.6 + // Arg3[0]: String - preferred language code + case(6) + { + return ( 0x03 ) //Success + } + + + // + // Function 7: Submit TPM Operation Request to Pre-OS Environment 2 + // Ppi Spec 1.2 section 2.1.7 + // Arg3[0]: String - preferred language code + case(7) + { + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(0x12, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + Store(TMF2,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + if(Lequal(DAT,0xF1)){ + return(0x1) + } + + return (Zero) //Success + } + + case(8) + { + + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(0x43, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + Store(TMF2,DAT) + Store(OFST,INQ) + return (DAT) + } + + default { } + } + } else {if(LEqual(Arg0, + ToUUID("376054ED-CC13-4675-901C-4756D7F2D45D"))){ + // + // Reset Atack Mitigation + // + switch(ToInteger(Arg2)) + { + // + // Function 0: Return supported funcitons + // + case(0) + { + return (Buffer() {0x3}) //support functions 0 and 1 + } + + // + // Function 1: Set MOR Bit State + // + case(1) + { + Store(0x22, TMF1) + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + ToInteger(DeRefOf(Index(Arg3,0)), TMF1) //save request in temp flag + Store(TMF1,DAT) + Store(OFST,INQ) + + if(Lequal(DAT,0xFF)){ + return(0x2) + } + + return (Zero) + } + default { } + } + + }} + return (Buffer() {0}) + } +} diff --git a/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2_Ex.asl b/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2_Ex.asl new file mode 100644 index 0000000..6d74b1e --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20Acpi/tcg_ppi1_2_Ex.asl @@ -0,0 +1,301 @@ +//********************************************************************** +// +// +// Procedure: _DSM PPI Method for TPM device +// +// Description: Implement Phisical Presence Interface using WordAcc +// +// Input: \_SB.PCI0.LPCB.TP +// +// Output: PPI result +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +Scope(\_SB.TPM) +{ + OperationRegion (TSMI, SystemIO, SMIA , 0x2) + Field (TSMI, WordAcc, NoLock, Preserve) + { + SMI,16, + } + + Method( _DSM , 4) + { + if( LEqual(Arg0,ToUUID("3DDDFAA6-361B-4EB4-A424-8D10089D1653"))) + { + switch(ToInteger(Arg2)) + { + // + // Function 0: Return supported funcitons + // + case(0) + { + return (Buffer() {0xff,0x01}) //support functions 0-6 + } + + // + // Function 1: Ge PPI Version + // + case(1) + { + return ("1.2") + } + + // + // Function 2: Submit TPM Operation request + // Arg3[0]: Integer - Operation Value + case(2) + { + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(OFST, TMF1) + Or(0x1200, TMF1, TMF1) + + Store(0xFA,P80D) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + ShiftLeft(TMF2, 0x8, TMF2) + Or(OFST, TMF2, TMF2) + + Store(TMF2,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + if(Lequal(TMF1,0xFF)){ + return(0x1) + } + + return (Zero) //Success + } + + // + // Function 3: Get pending TPM operation + case(3) + { + Store(0xFB,P80D) + Name(PPI1, Package(){0,0}) + Store(OFST,TMF1) + Or(0x1100, TMF1, TMF1) + + Store(TMF1, SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x1) + } + + Store(TMF1, Index(PPI1,1)) + return(PPI1) + } + + // + // Function 4: Get platform-specific action to transition + // ot Pre-OS + // Returns: + // 0: None + // 1: Shutdown + // 2: Reboot + // 3: OS Vendor Specific + case(4) + { + Store(0xFC,P80D) + return (TRST) //Shutdown + } + + // + // Function 5: Return TPM responce + // + case(5) + { + Name(PPI2, Package(){0,0,0}) + Store(0xFD,P80D) + Store(OFST,TMF1) + Or(0x2100, TMF1, TMF1) + Store(TMF1,SMI) + + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + Store(TMF1, Index(PPI2,1)) + + Store(OFST,TMF1) + Or(0x3100, TMF1, TMF1) + + Store(TMF1,SMI) + + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + IF (Lequal(TMF1, 0xF0)) + { + Store(OFST,TMF1) + Or(0x5100, TMF1, TMF1) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + Store(0xFFFFFFF0, Index(PPI2,2)) + return(PPI2) + } + + } + ElseIF (Lequal(TMF1, 0xF1)) + { + Store(OFST,TMF1) + Or(0x5100, TMF1, TMF1) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + Store(0xFFFFFFF1, Index(PPI2,2)) + return(PPI2) + } + } + Else + {Store(TMF1, Index(PPI2,2))} + return(PPI2) + } + + + // + // Function 6: Submit preferred user language + // Ppi Spec 1.2 section 2.1.6 + // Arg3[0]: String - preferred language code + case(6) + { + return ( 0x03 ) //Success + } + + + // + // Function 7: Submit TPM Operation Request to Pre-OS Environment 2 + // Ppi Spec 1.2 section 2.1.7 + // Arg3[0]: String - preferred language code + case(7) + { + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(0xFE,P80D) + Store(OFST,TMF1) + Or(0x1200, TMF1, TMF1) + Store(TMF1,SMI) + + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + ShiftLeft(TMF2, 0x8, TMF2) + Or(OFST, TMF2, TMF2) + + Store(TMF2,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + if(Lequal(TMF1,0xF1)){ + return(0x1) + } + + return (Zero) //Success + } + + case(8) + { + Store(0xFF,P80D) + ToInteger(DeRefOf(Index(Arg3,0)), TMF2) //save request in temp flag + Store(OFST,TMF1) + Or(0x4300, TMF1, TMF1) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftLeft(TMF2, 0x8, TMF2) + Or(OFST, TMF2, TMF2) + Store(TMF2,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + return (TMF1) + } + + default { } + } + } else {if(LEqual(Arg0, + ToUUID("376054ED-CC13-4675-901C-4756D7F2D45D"))){ + // + // Reset Atack Mitigation + // + switch(ToInteger(Arg2)) + { + // + // Function 0: Return supported funcitons + // + case(0) + { + return (Buffer() {0x3}) //support functions 0 and 1 + } + + // + // Function 1: Set MOR Bit State + // + case(1) + { + Store(0xF1,P80D) + Or(0x2200, TMF1, TMF1) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + ToInteger(DeRefOf(Index(Arg3,0)), TMF1) //save request in temp flag + ShiftLeft(TMF1, 0x8, TMF1) + Or(OFST, TMF1, TMF1) + Store(TMF1,SMI) + Store(SMI,TMF1) + ShiftRight(TMF1, 0x8, TMF1) + + if(Lequal(TMF1,0xFF)){ + return(0x2) + } + + return (Zero) + } + default { } + } + + }} + return (Buffer() {0}) + } +} diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.c b/Board/EM/TCG2/Common/Tpm20PlatformDxe.c new file mode 100644 index 0000000..cf35e7f --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.c @@ -0,0 +1,2508 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.c 4 6/14/14 12:39a Fredericko $ +// +// $Revision: 4 $ +// +// $Date: 6/14/14 12:39a $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.c $ +// +// 4 6/14/14 12:39a Fredericko +// +// 3 6/09/14 5:02p Fredericko +// Changes for SetVariable vulnerability during Runtime +// +// 2 4/25/14 4:44p Fredericko +// when secureboot is disabled +// +// 1 4/21/14 2:18p Fredericko +// +// 5 3/17/14 3:26p Fredericko +// +// 4 3/14/14 3:48p Fredericko +// +// 3 3/11/14 6:49p Fredericko +// [TAG] EIP151925 +// [Category] New Feature +// [Description] Changes for TcgGeneric Regression Testing +// +// 2 10/09/13 6:32p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 5 10/03/13 2:52p Fredericko +// +// 4 9/16/13 1:37p Fredericko +// TPM 2.0 UEFI preboot fixes. +// +// 3 8/30/13 11:03p Fredericko +// +// 2 7/11/13 6:16p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20). +// +// 1 7/10/13 5:57p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +//************************************************************************* +// +// +// Name: +// +// Description: +// +// +//************************************************************************* +#include "Tpm20PlatformDxe.h" +#include +#include +#include +#include +#include +#include +#include "Protocol/CpuIo.h" +#include "Protocol/FirmwareVolume.h" +#include "Protocol/DevicePath.h" +#include "AMIPostMgr.h" +#include "Tpm20PlatformDxeStrTokens.h" +#include "TcgPlatformSetupPolicy.h" + +#pragma optimize("",off) + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +EFI_GUID gEfiImageSecurityDatabaseguid = EFI_IMAGE_SECURITY_DATABASE_GUID; +#endif +EFI_GUID AmitcgefiOsVariableGuid = AMI_TCG_EFI_OS_VARIABLE_GUID; + +#define AMI_VALID_BOOT_IMAGE_CERT_TBL_GUID \ + { 0x6683D10C, 0xCF6E, 0x4914, 0xB5, 0xB4, 0xAB, 0x8E, 0xD7, 0x37, 0x0E, 0xD7 } + +#define BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID \ + {0xdbc9fd21, 0xfad8, 0x45b0, 0x9e, 0x78, 0x27, 0x15, 0x88, 0x67, 0xcc, 0x93} + +EFI_GUID gBdsAllDriversConnectedProtocolGuid = BDS_ALL_DRIVERS_CONNECTED_PROTOCOL_GUID; +EFI_GUID gAmiPostManagerProtocolGuid = AMI_POST_MANAGER_PROTOCOL_GUID; + +EFI_GUID gEfiGlobalVariableGuid = EFI_GLOBAL_VARIABLE; + +EFI_GUID ZeroGuid = {0,0,0,0,0,0,0,0,0,0,0}; + +EFI_GUID gEfiSmbiosTableGuid = EFI_SMBIOS_TABLE_GUID; +EFI_GUID FlagsStatusguid = AMI_TCG_CONFIRMATION_FLAGS_GUID; + +UINTN mMeasureGptCount = 0; +EFI_TREE_PROTOCOL *TrEEProtocolInstance = NULL; +static UINT8 PpiRequest; + +EFI_HII_HANDLE gHiiHandle; +AMI_POST_MANAGER_PROTOCOL *pAmiPostMgr = NULL; +EFI_HANDLE PlatformProtocolHandle; +static PERSISTENT_BIOS_TPM_FLAGS TpmNvflags; + +#pragma pack (1) +typedef struct +{ + EFI_PHYSICAL_ADDRESS PostCodeAddress; + #if x64_BUILD + UINT64 PostCodeLength; + #else + UINTN PostCodeLength; + #endif +} EFI_TCG_EV_POST_CODE; + +typedef struct +{ + EFI_TCG_PCR_EVENT_HEADER Header; + EFI_TCG_EV_POST_CODE Event; +} PEI_EFI_POST_CODE; +#pragma pack() + +BOOLEAN CompareGuid( + EFI_GUID *G1, + EFI_GUID *G2 ); + +// +// +// Data Table definition +// +typedef struct _AMI_VALID_CERT_IN_SIG_DB { + UINT32 SigOffset; + UINT32 SigLength; +} AMI_VALID_CERT_IN_SIG_DB; + + +typedef struct _AMI_INTERNAL_HLXE_PROTOCOL AMI_INTERNAL_HLXE_PROTOCOL; + +typedef +EFI_STATUS +(EFIAPI * INTERNAL_HASH_LOG_EXTEND_EVENT) ( + IN UINT8 *DataToHash, + IN UINT64 Flags, + IN UINTN DataSize, + IN OUT TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData +); + + +struct _AMI_INTERNAL_HLXE_PROTOCOL { + INTERNAL_HASH_LOG_EXTEND_EVENT InternalHashLogExtend; +}; + +EFI_STATUS EfiGetSystemConfigurationTable( + IN EFI_GUID *TableGuid, + OUT VOID **Table) +{ + *Table = GetEfiConfigurationTable(pST, TableGuid); + return (*Table == NULL) ? EFI_NOT_FOUND : EFI_SUCCESS; +} + + + +EFI_STATUS +EFIAPI +GetRandomAuthPassword( + IN UINT16 RNGValueLength, + IN OUT UINT8 *RNGValue + ) +{ + EFI_STATUS Status = EFI_SUCCESS; + return Status; +} + + +EFI_STATUS +EFIAPI +TpmRevokeTrust ( + ) +{ + EFI_STATUS Status = EFI_SUCCESS; + return Status; +} + + +#define GET_HOB_TYPE( Hob ) ((Hob).Header->HobType) +#define GET_HOB_LENGTH( Hob ) ((Hob).Header->HobLength) +#define GET_NEXT_HOB( Hob ) ((Hob).Raw + GET_HOB_LENGTH( Hob )) +#define END_OF_HOB_LIST( Hob ) (GET_HOB_TYPE( Hob ) == \ + EFI_HOB_TYPE_END_OF_HOB_LIST) + +//********************************************************************** +// +// +// Procedure: GetHob +// +// Description: Find instance of a HOB type in a HOB list +// +// +// Input: IN UINT16 Type, +// IN VOID *HobStart +// +// Output: VOID* +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +VOID* GetHob( + IN UINT16 Type, + IN VOID *HobStart ) +{ + EFI_PEI_HOB_POINTERS Hob; + + Hob.Raw = HobStart; + + // + // Return input if not found + // + if ( HobStart == NULL ) + { + return HobStart; + } + + // + // Parse the HOB list, stop if end of list or matching type found. + // + while ( !END_OF_HOB_LIST( Hob )) + { + if ( Hob.Header->HobType == Type ) + { + break; + } + + Hob.Raw = GET_NEXT_HOB( Hob ); + } + + // + // Return input if not found + // + if ( END_OF_HOB_LIST( Hob )) + { + return HobStart; + } + + return (VOID*)(Hob.Raw); +} + + + +EFI_STATUS +MeasureSeparatorEvent ( + IN UINT32 PCRIndex +) +{ + UINT32 EventData; + TrEE_EVENT *Tpm20Event=NULL; + UINT64 Flags = 0; + EFI_STATUS Status; + + if(TrEEProtocolInstance == NULL) return EFI_NOT_FOUND; + + pBS->AllocatePool(EfiBootServicesData, (sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + sizeof(UINT32)), &Tpm20Event); + + if(Tpm20Event==NULL) return EFI_OUT_OF_RESOURCES; + + EventData = 0; + Tpm20Event->Size = sizeof(TrEE_EVENT_HEADER) + sizeof(UINT32) + sizeof(EventData); + Tpm20Event->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER); + Tpm20Event->Header.HeaderVersion = 1; + Tpm20Event->Header.PCRIndex = PCRIndex; + Tpm20Event->Header.EventType = EV_SEPARATOR; + + pBS->CopyMem ((UINT32 *)((UINTN)&Tpm20Event->Event[0]), + &EventData, + sizeof(UINT32)); + + Status = TrEEProtocolInstance->HashLogExtendEvent(TrEEProtocolInstance, + Flags, (EFI_PHYSICAL_ADDRESS)&EventData, (UINT64)sizeof(EventData), + Tpm20Event); + + pBS->FreePool(Tpm20Event); + + return Status; +} + + + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +EFI_STATUS +MeasureCertificate(UINTN sizeOfCertificate, + UINT8 *pterCertificate) +{ + EFI_STATUS Status; + TrEE_EVENT *Tcg20Event; + EFI_VARIABLE_DATA *VarLog = NULL; + BOOLEAN AlreadyMeasuredCert = FALSE; + UINTN i=0; + UINTN VarNameLength; + static BOOLEAN initialized = 0; + static TPM_DIGEST digestTrackingArray[5]; + static TPM_DIGEST zeroDigest; + UINT8 *tempDigest = NULL; + UINT64 HashedDataLen = 20; + SHA1_CTX Sha1Ctx; + TCG_DIGEST *Sha1Digest = NULL; + UINT64 Flags = 0; + UINT32 EventSize = 0; + UINT8 *EventDataPtr; + + if(TrEEProtocolInstance == NULL) return EFI_NOT_FOUND; + + VarNameLength = Wcslen(L"db"); + + EventSize = (UINT32)( sizeof (*VarLog) + VarNameLength + * sizeof (CHAR16) + sizeOfCertificate) - 3; + + pBS->AllocatePool(EfiBootServicesData, (sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + EventSize), &Tcg20Event); + + if(Tcg20Event==NULL) return EFI_OUT_OF_RESOURCES; + + if(!initialized) + { + for(i=0;i<5; i++) + { + pBS->SetMem(digestTrackingArray[i].digest,20, 0); + } + pBS->SetMem(zeroDigest.digest,20, 0); + initialized = TRUE; + } + + Tcg20Event->Size = sizeof(TrEE_EVENT_HEADER) + sizeof(UINT32) + EventSize; + Tcg20Event->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER); + Tcg20Event->Header.HeaderVersion = 1; + Tcg20Event->Header.PCRIndex = 7; + Tcg20Event->Header.EventType = 0x800000E0; + + Status = pBS->AllocatePool(EfiBootServicesData, EventSize, &VarLog); + + if ( VarLog == NULL ){ + return EFI_OUT_OF_RESOURCES; + } + + VarLog->VariableName = gEfiImageSecurityDatabaseGuid; + VarLog->UnicodeNameLength = VarNameLength; + VarLog->VariableDataLength = sizeOfCertificate; + + pBS->CopyMem((CHAR16*)(VarLog->UnicodeName), + L"db", + VarNameLength * sizeof (CHAR16)); + + pBS->CopyMem((CHAR16*)(VarLog->UnicodeName) + VarNameLength, + pterCertificate, + sizeOfCertificate); + + //before extending verify if we have already measured it. + SHA1Init(&Sha1Ctx); + + SHA1Update(&Sha1Ctx, + VarLog, + (u32)EventSize); + + SHA1Final((unsigned char *)&Sha1Digest->digest, &Sha1Ctx); + + for(i=0; i<5; i++) + { + //tempDigest + if(!MemCmp(digestTrackingArray[i].digest, Sha1Digest, 20)) + return EFI_SUCCESS; //already measured + + if(!MemCmp(digestTrackingArray[i].digest, zeroDigest.digest, 20)) + break; //we need to measure + } + + pBS->CopyMem(digestTrackingArray[i].digest, Sha1Digest, 20); + + EventDataPtr = (UINT8 *)Tcg20Event; + + EventDataPtr += sizeof(TrEE_EVENT_HEADER) + sizeof(UINT32); + + pBS->CopyMem(EventDataPtr, VarLog, EventSize); + + Status = TrEEProtocolInstance->HashLogExtendEvent(TrEEProtocolInstance, + Flags, (EFI_PHYSICAL_ADDRESS)(UINT8 *)(UINTN)VarLog, (UINT64)EventSize, + Tcg20Event); + return Status; +} +#endif + + + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +EFI_STATUS FindandMeasureSecureBootCertificate() +{ + EFI_STATUS Status; + UINTN VarSize = 0; + UINTN i=0; + UINT8 *SecureDBBuffer = NULL; + UINT8 *CertificateBuffer = NULL; + UINTN SizeofCerificate = 0; + EFI_GUID Certificateguid = AMI_VALID_BOOT_IMAGE_CERT_TBL_GUID; + AMI_VALID_CERT_IN_SIG_DB *CertInfo; + UINT8 *CertOffsetPtr = NULL; + + VarSize = 0; + + Status = pRS->GetVariable(L"db", + &gEfiImageSecurityDatabaseGuid, + NULL, + &VarSize, + NULL); + + if ( Status != EFI_BUFFER_TOO_SMALL ) + { + return EFI_NOT_FOUND; + } + + Status = pBS->AllocatePool(EfiBootServicesData, VarSize, &SecureDBBuffer); + + if ( SecureDBBuffer != NULL ) + { + Status = pRS->GetVariable(L"db", + &gEfiImageSecurityDatabaseGuid, + NULL, + &VarSize, + SecureDBBuffer); + + if ( EFI_ERROR( Status )) + { + pBS->FreePool( SecureDBBuffer ); + SecureDBBuffer = NULL; + return EFI_NOT_FOUND; + } + }else{ + return EFI_OUT_OF_RESOURCES; + } + + //we need to find the pointer in the EFI system table and work from + //there + CertInfo = NULL; + EfiGetSystemConfigurationTable(&Certificateguid, &CertInfo ); + if(CertInfo == NULL){ + return EFI_NOT_FOUND; + } + if(CertInfo->SigLength == 0){ + return EFI_NOT_READY; + } + + CertOffsetPtr = NULL; + CertOffsetPtr = (SecureDBBuffer + CertInfo->SigOffset); + MeasureCertificate((UINTN)CertInfo->SigLength,CertOffsetPtr); + + if(SecureDBBuffer!=NULL){ + pBS->FreePool( SecureDBBuffer ); + } + + return Status; +} +#endif + + +UINTN Tpm20AsciiStrLen ( + IN CHAR8 *String) +{ + UINTN Length; + for (Length = 0; *String != '\0'; String++, Length++); + return Length; +} + + + +EFI_STATUS +EFIAPI +MeasureAction ( + IN CHAR8 *String +) +{ + TCG_PCR_EVENT_HDR TcgEvent; + AMI_INTERNAL_HLXE_PROTOCOL *InternalHLXE = NULL; + EFI_GUID gEfiAmiHLXEGuid = AMI_PROTOCOL_INTERNAL_HLXE_GUID; + EFI_STATUS Status; + + TcgEvent.PCRIndex = 5; + TcgEvent.EventType = EV_EFI_ACTION; + TcgEvent.EventSize = (UINT32)Tpm20AsciiStrLen (String); + + Status = pBS->LocateProtocol(&gEfiAmiHLXEGuid, NULL, &InternalHLXE); + if(EFI_ERROR(Status))return Status; + + Status = InternalHLXE->InternalHashLogExtend((UINT8*)String, 0, TcgEvent.EventSize, &TcgEvent, (UINT8*)String); + return Status; +} + + + + + +EFI_STATUS +EFIAPI +TreeMeasurePeImage ( + IN BOOLEAN BootPolicy, + IN EFI_PHYSICAL_ADDRESS ImageAddress, + IN UINTN ImageSize, + IN UINTN LinkTimeBase, + IN UINT16 ImageType, + IN EFI_HANDLE DeviceHandle, + IN EFI_DEVICE_PATH_PROTOCOL *FilePath + ) +{ + + EFI_STATUS Status; + TCG_PCR_EVENT_HDR TcgEvent; + UINT8 *EventData = NULL; + EFI_IMAGE_LOAD_EVENT *ImageLoad; + EFI_DEVICE_PATH_PROTOCOL *DevicePath; + EFI_DEVICE_PATH_PROTOCOL *FullPath; + UINT32 FullPathSize; + SHA1_CTX Sha1Ctx; + EFI_IMAGE_DOS_HEADER *DosHdr; + UINT32 PeCoffHeaderOffset; + EFI_IMAGE_NT_HEADERS64 *Hdr; + EFI_IMAGE_SECTION_HEADER *Section; + UINT8 *HashBase; + UINTN HashSize; + UINTN SumOfBytesHashed; + EFI_IMAGE_SECTION_HEADER *SectionHeader; + UINTN Index, iPos; + TCG_DIGEST Sha1Digest; + AMI_INTERNAL_HLXE_PROTOCOL *InternalHLXE = NULL; + EFI_GUID gEfiAmiHLXEGuid = AMI_PROTOCOL_INTERNAL_HLXE_GUID; + TCG_PLATFORM_SETUP_PROTOCOL *ProtocolInstance; + EFI_GUID Policyguid = TCG_PLATFORM_SETUP_POLICY_GUID; + SHA2_CTX Sha2Ctx; +// unsigned char Sha2DigestArray[32]; + UINT8 HashPolicy; + + + Status = pBS->LocateProtocol (&Policyguid, NULL, &ProtocolInstance); + if (EFI_ERROR (Status)) { + return 0; + } + + HashPolicy = ProtocolInstance->ConfigFlags.Reserved1; + + + ImageLoad = NULL; + FullPath = NULL; + SectionHeader = NULL; + FullPathSize = 0; + + TRACE ((TRACE_ALWAYS, "TreeMeasurePeImage Entry\n")); + + if (DeviceHandle != NULL) { + // + // Skip images loaded from FVs + // + Status = pBS->OpenProtocol ( + DeviceHandle, + &gEfiFirmwareVolumeProtocolGuid, + NULL, + NULL, + NULL, + EFI_OPEN_PROTOCOL_TEST_PROTOCOL + ); + + if (!EFI_ERROR (Status)) { + goto Done; + } + ASSERT (Status == EFI_UNSUPPORTED); + + // + // Get device path for the device handle + // + Status = pBS->HandleProtocol ( + DeviceHandle, + &gEfiDevicePathProtocolGuid, + &DevicePath + ); + if (EFI_ERROR (Status)) { + FullPathSize = (UINT32)DPLength (FullPath); + }else{ + FullPath = DPAdd (DevicePath, FilePath); + FullPathSize = (UINT32)DPLength (FullPath); + } + } + + //Allocate Event log memory + Status = pBS ->AllocatePool(EfiBootServicesData, ((sizeof (*ImageLoad) + - sizeof (ImageLoad->DevicePath)) + FullPathSize), &EventData); + + if(EFI_ERROR(Status))return Status; + // + // Determine destination PCR by BootPolicy + // + TcgEvent.EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath); + TcgEvent.EventSize += FullPathSize; + + switch (ImageType) { + case EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION: + TcgEvent.PCRIndex = 4; + TcgEvent.EventType = EV_EFI_BOOT_SERVICES_APPLICATION; + break; + case EFI_IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER: + TcgEvent.PCRIndex = 2; + TcgEvent.EventType = EV_EFI_BOOT_SERVICES_DRIVER; + goto Done; + break; + case EFI_IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER: + TcgEvent.PCRIndex = 2; + TcgEvent.EventType = EV_EFI_RUNTIME_SERVICES_DRIVER; + goto Done; + break; + default: + TcgEvent.EventType = ImageType; + Status = EFI_UNSUPPORTED; + goto Done; + } + + PERF_START(0,L"MeasurePeImg",NULL,0); + + Status = pBS ->AllocatePool(EfiBootServicesData,TcgEvent.EventSize, &ImageLoad); + + if (ImageLoad == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Done; + } + + ImageLoad->ImageLocationInMemory = ImageAddress; + ImageLoad->ImageLengthInMemory = ImageSize; + ImageLoad->ImageLinkTimeAddress = LinkTimeBase; + ImageLoad->LengthOfDevicePath = FullPathSize; + pBS->CopyMem( ImageLoad->DevicePath, FullPath, FullPathSize ); + + // + // Check PE/COFF image + // + DosHdr = (EFI_IMAGE_DOS_HEADER *)(UINTN)ImageAddress; + PeCoffHeaderOffset = 0; + if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) { + PeCoffHeaderOffset = DosHdr->e_lfanew; + } + if (((EFI_TE_IMAGE_HEADER *)((UINT8 *)(UINTN)ImageAddress + PeCoffHeaderOffset))->Signature + == EFI_TE_IMAGE_HEADER_SIGNATURE) { + goto Done; + } + + // + // PE/COFF Image Measurement + // + // NOTE: The following codes/steps are based upon the authenticode image hashing in + // PE/COFF Specification 8.0 Appendix A. + // + // + + // 1. Load the image header into memory. + + // 2. Initialize a SHA hash context. + if(HashPolicy == 0){ SHA1Init(&Sha1Ctx);} + else if(HashPolicy == 1){sha256_init( &Sha2Ctx );}; + + + // + // Measuring PE/COFF Image Header; + // But CheckSum field and SECURITY data directory (certificate) are excluded + // + Hdr = (EFI_IMAGE_NT_HEADERS *)((UINT8 *)(UINTN)ImageAddress + PeCoffHeaderOffset); + + // + // 3. Calculate the distance from the base of the image header to the image checksum address. + // 4. Hash the image header from its base to beginning of the image checksum. + // + HashBase = (UINT8 *)(UINTN)ImageAddress; + HashSize = (UINTN) ((UINT8 *)(&Hdr->OptionalHeader.CheckSum) - HashBase); + if(HashPolicy == 0){ + SHA1Update(&Sha1Ctx, + HashBase, + (u32)HashSize); + }else if(HashPolicy == 1){ + sha256_process( &Sha2Ctx, HashBase, (u32)HashSize ); + } + + + + // + // 5. Skip over the image checksum (it occupies a single ULONG). + // 6. Get the address of the beginning of the Cert Directory. + // 7. Hash everything from the end of the checksum to the start of the Cert Directory. + // + HashBase = (UINT8 *) &Hdr->OptionalHeader.CheckSum + sizeof (UINT32); + HashSize = (UINTN) ((UINT8 *)(&Hdr->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - HashBase); + + if(HashPolicy == 0){ + SHA1Update(&Sha1Ctx, + HashBase, + (u32)HashSize); + }else if(HashPolicy == 1){ + sha256_process( &Sha2Ctx, HashBase, (u32)HashSize ); + } + + // + // 8. Skip over the Cert Directory. (It is sizeof(IMAGE_DATA_DIRECTORY) bytes.) + // 9. Hash everything from the end of the Cert Directory to the end of image header. + // + HashBase = (UINT8 *) &Hdr->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]; + HashSize = Hdr->OptionalHeader.SizeOfHeaders - + (UINTN) ((UINT8 *)(&Hdr->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1]) - (UINT8 *)(UINTN)ImageAddress); + + if(HashPolicy == 0){ + SHA1Update(&Sha1Ctx, + HashBase, + (u32)HashSize); + }else if(HashPolicy == 1){ + sha256_process( &Sha2Ctx, HashBase, (u32)HashSize ); + } + + + // + // 10. Set the SUM_OF_BYTES_HASHED to the size of the header + // + SumOfBytesHashed = Hdr->OptionalHeader.SizeOfHeaders; + + // + // 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER + // structures in the image. The 'NumberOfSections' field of the image + // header indicates how big the table should be. Do not include any + // IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero. + // + pBS ->AllocatePool(EfiBootServicesData,sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr->FileHeader.NumberOfSections, &SectionHeader); + + if(SectionHeader==NULL)return EFI_OUT_OF_RESOURCES; + pBS->SetMem(SectionHeader, (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr->FileHeader.NumberOfSections), 0); + + // + // 12. Using the 'PointerToRawData' in the referenced section headers as + // a key, arrange the elements in the table in ascending order. In other + // words, sort the section headers according to the disk-file offset of + // the section. + // + Section = (EFI_IMAGE_SECTION_HEADER *) ( + (UINT8 *)(UINTN)ImageAddress + + PeCoffHeaderOffset + + sizeof(UINT32) + + sizeof(EFI_IMAGE_FILE_HEADER) + + Hdr->FileHeader.SizeOfOptionalHeader + ); + for (Index = 0; Index < Hdr->FileHeader.NumberOfSections; Index++) { + iPos = Index; + while ((iPos > 0) && (Section->PointerToRawData < SectionHeader[iPos - 1].PointerToRawData)) { + pBS->CopyMem (&SectionHeader[iPos], &SectionHeader[iPos - 1], sizeof(EFI_IMAGE_SECTION_HEADER)); + iPos--; + } + pBS->CopyMem( &SectionHeader[iPos], Section, + sizeof(EFI_IMAGE_SECTION_HEADER)); + Section += 1; + } + + // + // 13. Walk through the sorted table, bring the corresponding section + // into memory, and hash the entire section (using the 'SizeOfRawData' + // field in the section header to determine the amount of data to hash). + // 14. Add the section's 'SizeOfRawData' to SUM_OF_BYTES_HASHED . + // 15. Repeat steps 13 and 14 for all the sections in the sorted table. + // + for (Index = 0; Index < Hdr->FileHeader.NumberOfSections; Index++) { + Section = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index]; + if (Section->SizeOfRawData == 0) { + continue; + } + HashBase = (UINT8 *)(UINTN)ImageAddress + Section->PointerToRawData; + HashSize = (UINTN) Section->SizeOfRawData; + + if(HashPolicy == 0){ + SHA1Update(&Sha1Ctx, + HashBase, + (u32)HashSize); + }else if(HashPolicy == 1){ + sha256_process( &Sha2Ctx, HashBase, (u32)HashSize ); + } + + + SumOfBytesHashed += HashSize; + } + + // + // 16. If the file size is greater than SUM_OF_BYTES_HASHED, there is extra + // data in the file that needs to be added to the hash. This data begins + // at file offset SUM_OF_BYTES_HASHED and its length is: + // FileSize - (CertDirectory->Size) + // + if (ImageSize > SumOfBytesHashed) { + HashBase = (UINT8 *)(UINTN)ImageAddress + SumOfBytesHashed; + HashSize = (UINTN)(ImageSize - + Hdr->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY].Size - + SumOfBytesHashed); + + if(HashPolicy == 0){ + SHA1Update(&Sha1Ctx, + HashBase, + (u32)HashSize); + }else if(HashPolicy == 1){ + sha256_process( &Sha2Ctx, HashBase, (u32)HashSize ); + } + } + + // + // 17. Finalize the SHA hash. + // + if(HashPolicy == 0){ + SHA1Final(Sha1Digest.digest, &Sha1Ctx); + pBS->CopyMem(&TcgEvent.Digest, Sha1Digest.digest, SHA1_DIGEST_SIZE); + }else if(HashPolicy == 1){ + //sha256_done( &Sha2Ctx, Sha2DigestArray ); + //pBS->CopyMem(&TcgEvent.Digest.digestSha2, Sha2DigestArray, SHA256_DIGEST_SIZE); + } + + // + // HashLogExtendEvent + // + pBS->CopyMem(EventData, ImageLoad, TcgEvent.EventSize); + + Status = pBS->LocateProtocol(&gEfiAmiHLXEGuid, NULL, &InternalHLXE); + if(EFI_ERROR(Status))return Status; + + InternalHLXE->InternalHashLogExtend(NULL, 0, 0, &TcgEvent, EventData); + + PERF_END(0,L"MeasurePeImg",NULL,0); + + if(BootPolicy == TRUE){ +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) + FindandMeasureSecureBootCertificate(); +#endif + } + +Done: + if (ImageLoad != NULL) { + pBS->FreePool (ImageLoad); + } + + if (FullPathSize > 0) { + pBS->FreePool (FullPath); + } + + if (SectionHeader != NULL) { + pBS->FreePool (SectionHeader); + } + return Status; +} + + + +//******************************************************************************* +// +// +// Procedure: FindAndMeasureDxeFWVol +// +// Description: +// +// Input: +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//****************************************************************************** +EFI_STATUS FindAndMeasureDxeFWVol() +{ + EFI_STATUS Status; + EFI_GUID NameGuid =\ + {0x7739f24c, 0x93d7, 0x11d4,\ + 0x9a, 0x3a, 0x0, 0x90, 0x27, 0x3f, 0xc1, 0x4d}; + UINTN Size; + void *Buffer = NULL; + VOID *HobStart; + UINTN TableEntries; + EFI_PEI_HOB_POINTERS FirmwareVolumeHob; + BOOLEAN Found = FALSE; + TrEE_EVENT *Tcg20Event = NULL; + EFI_TCG_EV_POST_CODE EventData; + + + if(TrEEProtocolInstance == NULL) return EFI_NOT_FOUND; + + Status = pBS->AllocatePool(EfiBootServicesData, (sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + sizeof(EventData)), &Tcg20Event); + + if(EFI_ERROR(Status) || (Tcg20Event == NULL))return Status; + + + TableEntries = pST->NumberOfTableEntries; + + while ( TableEntries > 0 ) + { + TableEntries--; + + if ((!MemCmp( + &pST->ConfigurationTable[TableEntries].VendorGuid, + &NameGuid, sizeof(EFI_GUID)))) + { + HobStart = pST->ConfigurationTable[TableEntries].VendorTable; + FirmwareVolumeHob.Raw = GetHob (EFI_HOB_TYPE_FV, HobStart); + if (FirmwareVolumeHob.Header->HobType != EFI_HOB_TYPE_FV) { + continue; + } + break; + } + } + + for (Status = EFI_NOT_FOUND; EFI_ERROR (Status);) { + if (END_OF_HOB_LIST (FirmwareVolumeHob)) { + return EFI_NOT_FOUND; + } + + if (GET_HOB_TYPE (FirmwareVolumeHob) == EFI_HOB_TYPE_FV) { + if ((((UINT64)FirmwareVolumeHob.FirmwareVolume->BaseAddress)\ + < (UINT64)NVRAM_ADDRESS ) || + ((UINT64)FirmwareVolumeHob.FirmwareVolume->BaseAddress) == FV_MAIN_BASE) + { + Found = TRUE; + break; + } + } + + FirmwareVolumeHob.Raw = GET_NEXT_HOB (FirmwareVolumeHob); + } + + if(Found == FALSE)return EFI_NOT_FOUND; + + pBS->AllocatePool(EfiBootServicesData, (UINTN)FirmwareVolumeHob.FirmwareVolume->Length, Buffer); + + if(Buffer == NULL) return EFI_OUT_OF_RESOURCES; + + if(FirmwareVolumeHob.FirmwareVolume->BaseAddress == FV_MAIN_BASE) + { + if(FirmwareVolumeHob.FirmwareVolume->Length > TCG_SIZE){ + Size = TCG_SIZE; + }else{ + Size = FirmwareVolumeHob.FirmwareVolume->Length; + } + + pBS->CopyMem(Buffer, (UINT8 *)(EFI_PHYSICAL_ADDRESS)FirmwareVolumeHob.FirmwareVolume->BaseAddress,\ + Size); + + }else{ + + Buffer = (UINT8 *)(EFI_PHYSICAL_ADDRESS)FirmwareVolumeHob.FirmwareVolume->BaseAddress; + Size = FirmwareVolumeHob.FirmwareVolume->Length; + } + + EventData.PostCodeAddress = \ + (EFI_PHYSICAL_ADDRESS)FirmwareVolumeHob.FirmwareVolume->BaseAddress; + + #if defined x64_BUILD && x64_BUILD == 1 + EventData.PostCodeLength = Size; + #else + EventData.PostCodeLength = Size; + #endif + + + Tcg20Event->Size = sizeof(TrEE_EVENT_HEADER) + sizeof(UINT32) + sizeof(EventData); + Tcg20Event->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER); + Tcg20Event->Header.HeaderVersion = 1; + Tcg20Event->Header.PCRIndex = 0; + Tcg20Event->Header.EventType = EV_POST_CODE; + + pBS->CopyMem(Tcg20Event->Event, &EventData,sizeof(EventData)); + + + Status = TrEEProtocolInstance->HashLogExtendEvent(TrEEProtocolInstance, + 0, EventData.PostCodeAddress, Size, + Tcg20Event); + + return Status; +} + + +EFI_STATUS +EFIAPI +MeasureHandoffTables ( + VOID + ) +{ + EFI_STATUS Status = EFI_SUCCESS; +#if Measure_Smbios_Tables + SMBIOS_TABLE_ENTRY_POINT *SmbiosTable; + TrEE_EVENT *Tpm20Event; + + if(TrEEProtocolInstance == NULL) return EFI_NOT_FOUND; + + Status = pBS->AllocatePool(EfiBootServicesData, (sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + sizeof(EFI_HANDOFF_TABLE_POINTERS)), &Tpm20Event); + + if(EFI_ERROR(Status) || (Tpm20Event == NULL))return Status; + + Status = EfiGetSystemConfigurationTable (&gEfiSmbiosTableGuid, + (VOID **) &SmbiosTable); + + if (!EFI_ERROR (Status)) { + ASSERT (SmbiosTable != NULL); + } + + Tpm20Event->Size = sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + sizeof(EFI_HANDOFF_TABLE_POINTERS); + + Tpm20Event->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER); + Tpm20Event->Header.HeaderVersion = 1; + Tpm20Event->Header.PCRIndex = 1; + Tpm20Event->Header.EventType = EV_EFI_HANDOFF_TABLES; + + ((EFI_HANDOFF_TABLE_POINTERS *)((UINTN)&Tpm20Event->Event[0]))->NumberOfTables = 1; + ((EFI_HANDOFF_TABLE_POINTERS *)((UINTN)&Tpm20Event->Event[0]))->TableEntry[0].VendorGuid = gEfiSmbiosTableGuid; + ((EFI_HANDOFF_TABLE_POINTERS *)((UINTN)&Tpm20Event->Event[0]))->TableEntry[0].VendorTable = SmbiosTable; + + Status = TrEEProtocolInstance->HashLogExtendEvent(TrEEProtocolInstance, + 0, (EFI_PHYSICAL_ADDRESS)(UINT8*)(UINTN)SmbiosTable->TableAddress, + SmbiosTable->TableLength, + Tpm20Event); + + pBS->FreePool(Tpm20Event); +#endif + + return Status; +} + + + +VOID * +EFIAPI +ReadVariable ( + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + OUT UINTN *VarSize + ) +{ + EFI_STATUS Status; + VOID *VarData; + + *VarSize = 0; + Status = pRS->GetVariable ( + VarName, + VendorGuid, + NULL, + VarSize, + NULL + ); + if (Status != EFI_BUFFER_TOO_SMALL) { + return NULL; + } + + pBS->AllocatePool (EfiBootServicesData, *VarSize, &VarData); + if (VarData != NULL) { + Status = pRS->GetVariable ( + VarName, + VendorGuid, + NULL, + VarSize, + VarData + ); + if (EFI_ERROR (Status)) { + pBS->FreePool (VarData); + VarData = NULL; + *VarSize = 0; + } + } + return VarData; +} + + + +EFI_STATUS +EFIAPI +MeasureVariable ( + IN UINT32 PCRIndex, + IN UINT32 EventType, + IN CHAR16 *VarName, + IN EFI_GUID *VendorGuid, + IN VOID *VarData, + IN UINTN VarSize + ) +{ + EFI_STATUS Status; + TrEE_EVENT *Tpm20Event; + UINTN EventSize; + UINTN VarNameLength; + EFI_VARIABLE_DATA *VarLog; + + VarNameLength = Wcslen (VarName); + + if(TrEEProtocolInstance == NULL) return EFI_NOT_FOUND; + + EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize + - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData)); + + pBS->AllocatePool(EfiBootServicesData, (sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + EventSize), &Tpm20Event); + + if(Tpm20Event==NULL)return EFI_OUT_OF_RESOURCES; + + Tpm20Event->Size = sizeof(TrEE_EVENT_HEADER) + \ + sizeof(UINT32) + (UINT32)EventSize; + + Tpm20Event->Header.HeaderSize = sizeof(TrEE_EVENT_HEADER); + Tpm20Event->Header.HeaderVersion = 1; + Tpm20Event->Header.PCRIndex = PCRIndex; + Tpm20Event->Header.EventType = EventType; + + + ((EFI_VARIABLE_DATA *)((UINTN)&Tpm20Event->Event[0]))->VariableName = *VendorGuid; + ((EFI_VARIABLE_DATA *)((UINTN)&Tpm20Event->Event[0]))->UnicodeNameLength = VarNameLength; + ((EFI_VARIABLE_DATA *)((UINTN)&Tpm20Event->Event[0]))->VariableDataLength = VarSize; + + pBS->CopyMem (((EFI_VARIABLE_DATA *)((UINTN)&Tpm20Event->Event[0]))->UnicodeName, + VarName, + VarNameLength * sizeof (*VarName)); + + pBS->CopyMem ((CHAR16 *)((EFI_VARIABLE_DATA *)((UINTN)&Tpm20Event->Event[0]))->UnicodeName + VarNameLength, + VarData, + VarSize); + + Status = TrEEProtocolInstance->HashLogExtendEvent(TrEEProtocolInstance, + 0, (EFI_PHYSICAL_ADDRESS)(UINT8 *)(&Tpm20Event->Event[0]), EventSize, + Tpm20Event); + + pBS->FreePool(Tpm20Event); + + return Status; +} + + +EFI_STATUS +EFIAPI +TcgMeasureGptTable ( + IN EFI_HANDLE GptHandle + ) +{ + EFI_STATUS Status; + EFI_BLOCK_IO_PROTOCOL *BlockIo; + EFI_DISK_IO_PROTOCOL *DiskIo; + EFI_PARTITION_TABLE_HEADER *PrimaryHeader; + EFI_PARTITION_ENTRY *PartitionEntry; + UINT8 *EntryPtr; + UINTN NumberOfPartition; + UINT32 Index; + UINT64 Flags; + EFI_GPT_DATA *GptData; + UINT32 EventSize; + MASTER_BOOT_RECORD *Mbr; + UINT8 Count; + UINT32 LBAofGptHeader = 0; + TCG_PCR_EVENT_HDR TcgEvent; + AMI_INTERNAL_HLXE_PROTOCOL *InternalHLXE = NULL; + EFI_GUID gEfiAmiHLXEGuid = AMI_PROTOCOL_INTERNAL_HLXE_GUID; + + if (mMeasureGptCount > 0) { + return EFI_SUCCESS; + } + + Status = pBS->HandleProtocol (GptHandle, &gEfiBlockIoProtocolGuid, (VOID**)&BlockIo); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + Status = pBS->HandleProtocol (GptHandle, &gEfiDiskIoProtocolGuid, (VOID**)&DiskIo); + if (EFI_ERROR (Status)) { + return EFI_UNSUPPORTED; + } + + //Read the protective MBR + pBS->AllocatePool (EfiBootServicesData, BlockIo->Media->BlockSize, &Mbr); + if (Mbr == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + Status = DiskIo->ReadDisk ( + DiskIo, + BlockIo->Media->MediaId, + 0 * BlockIo->Media->BlockSize, + BlockIo->Media->BlockSize, + (UINT8 *)Mbr + ); + + for(Count=0; CountPartition[Count].OSIndicator == 0xEE){//(i.e., GPT Protective) + LBAofGptHeader = *(Mbr->Partition[Count].StartingLBA); + break; + } + } + + if(LBAofGptHeader == 0x00)//Did not find the correct GPTHeader so return EFI_NOT_FOUND + return EFI_NOT_FOUND; + + // + // Read the EFI Partition Table Header + // + pBS->AllocatePool (EfiBootServicesData, BlockIo->Media->BlockSize, &PrimaryHeader); + if (PrimaryHeader == NULL) { + return EFI_OUT_OF_RESOURCES; + } + + Status = DiskIo->ReadDisk ( + DiskIo, + BlockIo->Media->MediaId, + LBAofGptHeader * BlockIo->Media->BlockSize, + BlockIo->Media->BlockSize, + (UINT8 *)PrimaryHeader); + +// if(PrimaryHeader->Header.Signature != EFI_GPT_HEADER_ID)//Check for "EFI PART" signature + if (MemCmp(EFI_GPT_HEADER_ID, &PrimaryHeader->Header.Signature, sizeof(UINT64))) return EFI_NOT_FOUND; + + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "Failed to Read Partition Table Header!\n")); + pBS->FreePool (PrimaryHeader); + return EFI_DEVICE_ERROR; + } + + // + // Read the partition entry. + // + pBS->AllocatePool (EfiBootServicesData, PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry, &EntryPtr); + if (EntryPtr == NULL) { + pBS->FreePool (PrimaryHeader); + return EFI_OUT_OF_RESOURCES; + } + Status = DiskIo->ReadDisk ( + DiskIo, + BlockIo->Media->MediaId, + Mul64(PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize), + PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry, + EntryPtr + ); + if (EFI_ERROR (Status)) { + pBS->FreePool (PrimaryHeader); + pBS->FreePool (EntryPtr); + return EFI_DEVICE_ERROR; + } + + // + // Count the valid partition + // + PartitionEntry = (EFI_PARTITION_ENTRY *)EntryPtr; + NumberOfPartition = 0; + for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) { + if (MemCmp (&PartitionEntry->PartitionTypeGUID, &ZeroGuid, sizeof(EFI_GUID))) { + NumberOfPartition++; + } + PartitionEntry++; + } + + // + // Parepare Data for Measurement + // + EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions) + + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry); + + pBS->AllocatePool (EfiBootServicesData, EventSize, &GptData); + if (GptData == NULL) { + pBS->FreePool (PrimaryHeader); + pBS->FreePool (EntryPtr); + return EFI_OUT_OF_RESOURCES; + } + + MemSet(GptData, EventSize, 0); + + TcgEvent.PCRIndex = 5; + TcgEvent.EventType = EV_EFI_GPT_EVENT; + TcgEvent.EventSize = EventSize; + + Flags = 0; + + // + // Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition + // + pBS->CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER)); + GptData->NumberOfPartitions = NumberOfPartition; + // + // Copy the valid partition entry + // + PartitionEntry = (EFI_PARTITION_ENTRY*)EntryPtr; + NumberOfPartition = 0; + for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) { + if (MemCmp (&PartitionEntry->PartitionTypeGUID, &ZeroGuid, sizeof(EFI_GUID))) { + pBS->CopyMem ( + (UINT8 *)&GptData->Partitions + NumberOfPartition * sizeof (EFI_PARTITION_ENTRY), + (UINT8 *)PartitionEntry, + sizeof (EFI_PARTITION_ENTRY) + ); + NumberOfPartition++; + } + PartitionEntry++; + } + + // + // Measure the GPT data + // + if(NumberOfPartition > 0) + { + + Status = pBS->LocateProtocol(&gEfiAmiHLXEGuid, NULL, &InternalHLXE); + if(EFI_ERROR(Status))return Status; + + InternalHLXE->InternalHashLogExtend((UINT8 *)GptData, 0, EventSize, &TcgEvent, (UINT8 *)GptData); + + if (!EFI_ERROR (Status)) { + mMeasureGptCount++; + TRACE ((TRACE_ALWAYS, "\n GPT measurement successfull !!!\n")); + } + } + + pBS->FreePool (PrimaryHeader); + pBS->FreePool (EntryPtr); + pBS->FreePool (GptData); + return Status; +} + + + + + +EFI_STATUS +EFIAPI +MeasureGptTable () +{ + EFI_STATUS Status; + EFI_HANDLE Handle; + EFI_HANDLE *HandleArray; + UINTN HandleArrayCount; + UINTN Index; + EFI_DEVICE_PATH_PROTOCOL *BlockIoDevicePath; + EFI_DEVICE_PATH_PROTOCOL *DevicePath; + + TRACE ((TRACE_ALWAYS, "MeasureGptTable\n")); + + + Status = pBS->LocateHandleBuffer (ByProtocol, &gEfiBlockIoProtocolGuid, NULL, &HandleArrayCount, &HandleArray); + if (EFI_ERROR (Status)) { + return Status; + } + for (Index=0; Index < HandleArrayCount; Index++) { + Status = pBS->HandleProtocol (HandleArray[Index], &gEfiDevicePathProtocolGuid, (VOID *) &BlockIoDevicePath); + if (EFI_ERROR (Status) || BlockIoDevicePath == NULL) { + continue; + } + for (DevicePath = BlockIoDevicePath; !IsDevicePathEnd (DevicePath); DevicePath = NextDevicePathNode (DevicePath)) { + if ((DevicePathType (DevicePath) == ACPI_DEVICE_PATH) && (DevicePathSubType (DevicePath) == ACPI_DP)) { + Status = pBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePath, &Handle); + if (!EFI_ERROR (Status)) { + Status = TcgMeasureGptTable (Handle); + if (!EFI_ERROR (Status)) { + // + // GPT partition check done. + // +// mMeasureGptTableFlag = TRUE; + } + } + break; + } + } + } + + return Status; +} + +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) +EFI_STATUS +MeasureSecureBootState( + VOID + ) +{ + EFI_STATUS Status; + UINT32 Attribute; + UINTN DataSize; + UINT8 *Variable; + UINT64 MaxStorSize; + UINT64 RemStorSize; + UINT64 MaxVarSize; + TCG_PCR_EVENT_HDR TcgEvent; + CHAR16 *VarName; + EFI_GUID VendorGuid; + + Attribute = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS; + + TcgEvent.PCRIndex = 7; + TcgEvent.EventType = EV_EFI_VARIABLE_DRIVER_CONFIG; + + // Query maximum size of the variable and allocate memory + + Status = pRS->QueryVariableInfo(Attribute, &MaxStorSize, &RemStorSize, &MaxVarSize); + if (EFI_ERROR(Status)) { + return (Status); + } + + DataSize = (UINTN)MaxStorSize; + pBS->AllocatePool(EfiBootServicesData, DataSize, &Variable); + if (Variable == NULL) { + return EFI_OUT_OF_RESOURCES; + } + MemSet(Variable, DataSize, 0); // Clear the buffer + + // 1.Measure Secure Boot Variable Value + + Status = pRS->GetVariable ( + EFI_SECURE_BOOT_NAME, + &gEfiGlobalVariableGuid, + NULL, + &DataSize, + Variable + ); + + VarName = EFI_SECURE_BOOT_NAME; + VendorGuid = gEfiGlobalVariableGuid; + + if(EFI_ERROR(Status) || *Variable == 0){ + DataSize = 0; + *Variable = 0; + } + + + Status = MeasureVariable ( + 7, + EV_EFI_VARIABLE_DRIVER_CONFIG, + VarName, + &VendorGuid, + Variable, + DataSize + ); + + // 2.Measure PK Variable Value + + DataSize = (UINTN)MaxStorSize; // DataSize gets updated by GetVariable. So initialize everytime before the call + MemSet(Variable, DataSize, 0); // Clear the buffer + + Status = pRS->GetVariable ( + EFI_PLATFORM_KEY_NAME, + &gEfiGlobalVariableGuid, + NULL, + &DataSize, + Variable + ); + + VarName = EFI_PLATFORM_KEY_NAME; + VendorGuid = gEfiGlobalVariableGuid; + + if(EFI_ERROR(Status)){ + DataSize = 0; + *Variable = 0; + } + + Status = MeasureVariable ( + 7, + EV_EFI_VARIABLE_DRIVER_CONFIG, + VarName, + &VendorGuid, + Variable, + DataSize + ); + + // 3.Measure KEK Variable Value + + DataSize = (UINTN)MaxStorSize; // DataSize gets updated by GetVariable. So initialize everytime before the call + MemSet(Variable, DataSize, 0); // Clear the buffer + + Status = pRS->GetVariable ( + EFI_KEY_EXCHANGE_KEY_NAME, + &gEfiGlobalVariableGuid, + NULL, + &DataSize, + Variable + ); + + VarName = EFI_KEY_EXCHANGE_KEY_NAME; + VendorGuid = gEfiGlobalVariableGuid; + + if(EFI_ERROR(Status)){ + DataSize = 0; + *Variable = 0; + } + + Status = MeasureVariable ( + 7, + EV_EFI_VARIABLE_DRIVER_CONFIG, + VarName, + &VendorGuid, + Variable, + DataSize + ); + + if(EFI_ERROR(Status)){ + goto Exit; + } + + // 4.Measure EFI_IMAGE_SECURITY_DATABASE Variable Value + + DataSize = (UINTN)MaxStorSize; // DataSize gets updated by GetVariable. So initialize everytime before the call + MemSet(Variable, DataSize, 0); // Clear the buffer + + Status = pRS->GetVariable ( + EFI_IMAGE_SECURITY_DATABASE, + &gEfiImageSecurityDatabaseGuid, + NULL, + &DataSize, + Variable + ); + + VarName = EFI_IMAGE_SECURITY_DATABASE; + VendorGuid = gEfiImageSecurityDatabaseGuid; + + if(EFI_ERROR(Status)){ + DataSize = 0; + *Variable = 0; + } + + Status = MeasureVariable ( + 7, + EV_EFI_VARIABLE_DRIVER_CONFIG, + VarName, + &VendorGuid, + Variable, + DataSize + ); + + if(EFI_ERROR(Status)){ + goto Exit; + } + + // 5.Measure EFI_IMAGE_SECURITY_DATABASE1 Variable Value + + DataSize = (UINTN)MaxStorSize; // DataSize gets updated by GetVariable. So initialize everytime before the call + MemSet(Variable, DataSize, 0); // Clear the buffer + + Status = pRS->GetVariable ( + EFI_IMAGE_SECURITY_DATABASE1, + &gEfiImageSecurityDatabaseGuid, + NULL, + &DataSize, + Variable + ); + + VarName = EFI_IMAGE_SECURITY_DATABASE1; + VendorGuid = gEfiImageSecurityDatabaseGuid; + + if(EFI_ERROR(Status)){ + DataSize = 0; + *Variable = 0; + } + + Status = MeasureVariable ( + 7, + EV_EFI_VARIABLE_DRIVER_CONFIG, + VarName, + &VendorGuid, + Variable, + DataSize + ); + + if(EFI_ERROR(Status)){ + goto Exit; + } + +Exit: + pBS->FreePool(Variable); + return EFI_SUCCESS; +} +#endif + + +EFI_STATUS ResetMorVariable() +{ + EFI_STATUS Status; + EFI_GUID MorGuid = MEMORY_ONLY_RESET_CONTROL_GUID; + UINT32 Attribs = EFI_VARIABLE_NON_VOLATILE + | EFI_VARIABLE_BOOTSERVICE_ACCESS; + + UINT8 Temp = 0; + UINTN TempSize = sizeof (UINT8); + + + + Status = pRS->GetVariable( + L"MemoryOverwriteRequestControl", + &MorGuid, + &Attribs, + &TempSize, + &Temp ); + + if ( EFI_ERROR( Status ) || (Temp&01) != 0 ) + { + Temp &= 0xFE; + Status = pRS->SetVariable( + L"MemoryOverwriteRequestControl", + &MorGuid, + EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS + | EFI_VARIABLE_RUNTIME_ACCESS, + sizeof (UINT8), + &Temp ); + } + + return Status; +} + +EFI_STATUS +InternalMeasureAction ( + IN CHAR8 *ActionString + ) +{ + return EFI_SUCCESS; //not supported +} + + +EFI_STATUS +InternalMeasureGpt ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePath + ) +{ + + return EFI_SUCCESS; //not supported; +} + + + +EFI_TCG_PLATFORM_PROTOCOL mTcgPlatformProtocol = { + TreeMeasurePeImage, + InternalMeasureAction, + InternalMeasureGpt +}; + + +EFI_STATUS InstallTcgPlatformProtocol( + VOID +) +{ + + EFI_GUID gEfiTcgPrivateInterfaceGuid = EFI_TCG_PLATFORM_PROTOCOL_GUID; + + return pBS->InstallProtocolInterface ( + &PlatformProtocolHandle, + &gEfiTcgPrivateInterfaceGuid, + EFI_NATIVE_INTERFACE, + &mTcgPlatformProtocol + ); + +} + + +VOID +EFIAPI +Tpm20OnReadyToBoot ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + UINT32 PcrIndex; + static BOOLEAN mBootAttempts=0; + + if (mBootAttempts == 0) { + + ResetMorVariable(); + // + // Measure handoff tables + // + Status = MeasureHandoffTables (); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "HandoffTables not measured.\n")); + } + else { + TRACE((TRACE_ALWAYS, "HandoffTables measured.\n")); + } + + // + // Measure the fact that Secure Boot is disabled + // +#if (defined(TCGMeasureSecureBootVariables) && (TCGMeasureSecureBootVariables != 0)) + Status = MeasureSecureBootState(); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "Measuring secure boot state failed.\n")); + } + else { + TRACE((TRACE_ALWAYS, "Secure boot state measured.\n")); + } +#endif + + + // + // This is the first boot attempt + // + Status = MeasureAction ( + "EFI_CALLING_EFI_APPLICATION" + ); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "First boot attempt not Measured.\n")); + } + else { + TRACE((TRACE_ALWAYS, "First boot attempt measured.\n")); + } + + // + // Draw a line between pre-boot env and entering post-boot env + // + for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) { + Status = MeasureSeparatorEvent (PcrIndex); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "Measuring separtator event failed.\n")); + } + else { + TRACE((TRACE_ALWAYS, "Separator event measured.\n")); + } + + } + + // + // Measure GPT + // + Status = MeasureGptTable (); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "Measuring GPT failed.\n")); + } + else { + TRACE((TRACE_ALWAYS, "GPT measured.\n")); + } + } + else { + // + // Not first attempt, meaning a return from last attempt + // +/* + Status = MeasureAction ( + "EFI_RETURNING_FROM_EFI_APPLICATOIN" + ); + if (EFI_ERROR (Status)) { + TRACE ((TRACE_ALWAYS, "Measuring additional boot attempt failed.\n")); + } +*/ + } + // + // Increase boot attempt counter. + // + mBootAttempts++; + +} + + + +//********************************************************************** +// +// +// Procedure: GetStringFromToken +// +// Description: Gets a UNI string by Token +// +// Input: IN STRING_REF Token, +// OUT CHAR16 **String +// +// Output: EFI_STATUS +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +EFI_STATUS GetStringFromToken( + IN STRING_REF Token, + OUT CHAR16 **String ) +{ + EFI_STATUS Status; + UINTN StringBufferLength; + UINT16 *Temp; + UINTN Size = 0; + + + // + // Find the string based on the current language + // + StringBufferLength = 0x500; + Status = pBS->AllocatePool( EfiBootServicesData, + sizeof (CHAR16) * 0x500, + String ); + Temp = *String; + while ( Temp < *String + StringBufferLength ) + { + *Temp = 0x0; + Temp++; + } + +#if EFI_SPECIFICATION_VERSION>0x20000 + + Status = HiiLibGetString ( + gHiiHandle, + Token, + &StringBufferLength, + *String + ); + if (EFI_ERROR(Status)) { + return Status; + } + +#else + if ( Hii == NULL ) + { + return EFI_NOT_FOUND; + } + + Status = Hii->GetString( + Hii, + gHiiHandle, + Token, + TRUE, + NULL, + &StringBufferLength, + *String + ); +#endif + + + if ( EFI_ERROR( Status )) + { + pBS->FreePool( *String ); + return EFI_NOT_FOUND; + } + + return EFI_SUCCESS; +} + + + +EFI_STATUS TcgSetVariableWithNewAttributes( + IN CHAR16 *Name, IN EFI_GUID *Guid, IN UINT32 Attributes, + IN UINTN DataSize, IN VOID *Data +) +{ + EFI_STATUS Status; + + Status = pRS->SetVariable(Name, Guid, Attributes, DataSize, Data); + if (!EFI_ERROR(Status) || Status != EFI_INVALID_PARAMETER) return Status; + + Status = pRS->SetVariable(Name, Guid, 0, 0, NULL); + if (EFI_ERROR(Status)) return Status; + + return pRS->SetVariable(Name, Guid, Attributes, DataSize, Data); +} + + +//**************************************************************************************** +// +// +// Procedure: write_PPI_result +// +// Description: Updates TCG PPI variable in NVRAM +// +// +// Input: IN UINT8 last_op, +// IN UINT16 status +// +// Output: VOID +// +// Modified: +// +// Referrals: +// +// Notes: +// +//**************************************************************************************** +void WritePpiResult( + IN UINT8 last_op, + IN UINT16 status ) +{ + UINTN Size = sizeof(AMI_PPI_NV_VAR); + AMI_PPI_NV_VAR Temp; + EFI_STATUS Status; + UINT8 Manip = 0; + + Status = pRS->GetVariable( L"AMITCGPPIVAR", \ + &AmitcgefiOsVariableGuid, \ + NULL, \ + &Size, \ + &Temp ); + + //now set variable to data + Temp.RQST = Manip; + Manip = (UINT8)( status & 0xFFFF ); + Temp.ERROR = Manip; + + if(status>0xFF && status<0xFFFF) + { + Temp.AmiMisc = (UINT8)(status >> 8); + }else{ + Temp.AmiMisc = 0; + } + + if ( EFI_ERROR( Status )) + { + TRACE((TRACE_ALWAYS, "Error Setting Return value\n")); + return; + } + + + Status = TcgSetVariableWithNewAttributes(L"AMITCGPPIVAR", &AmitcgefiOsVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE \ + | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + Size, &Temp ); + +} + + + +/** + Send ClearControl command to TPM2. + + @param Disable if we need disable owner clear flag. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2ClearControl ( + IN TPMI_YES_NO Disable + ) +{ + EFI_STATUS Status; + TPM2_CLEAR_CONTROL_COMMAND Cmd; + TPM2_CLEAR_CONTROL_RESPONSE Res; + UINT32 ResultBufSize; + UINT32 CmdSize; + UINT32 RespSize; + UINT8 *Buffer; + UINT8 *AuthSizeOffset; + + Cmd.Header.tag = (TPMI_ST_COMMAND_TAG)TPM_H2NS(TPM_ST_SESSIONS); + Cmd.Header.commandCode = TPM_H2NL(TPM_CC_ClearControl); + Cmd.Auth = TPM_H2NL(TPM_RH_PLATFORM); + + Buffer = (UINT8 *)&Cmd.AuthorizationSize; + + // + // Add in Auth session + // + AuthSizeOffset = Buffer; + *(UINT32 *)Buffer = 0; + Buffer += sizeof(UINT32); + + // authHandle + *(UINT32 *)Buffer = TPM_H2NL(TPM_RS_PW); + Buffer += sizeof(UINT32); + + // nonce = nullNonce + *(UINT16 *)Buffer = 0; + Buffer += sizeof(UINT16); + + // sessionAttributes = 0 + *(UINT8 *)Buffer = 0; + Buffer += sizeof(UINT8); + + // auth = nullAuth + *(UINT16 *)Buffer = 0; + Buffer += sizeof(UINT16); + + // authorizationSize + *(UINT32 *)AuthSizeOffset = TPM_H2NL((UINT32)(Buffer - AuthSizeOffset - sizeof(UINT32))); + + // disable + *(UINT8 *)Buffer = Disable; + Buffer += sizeof(UINT8); + + CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd); + Cmd.Header.paramSize = TPM_H2NL(CmdSize); + + ResultBufSize = sizeof(Res); + Status = TrEEProtocolInstance->SubmitCommand(TrEEProtocolInstance,CmdSize,(UINT8 *)&Cmd , ResultBufSize , (UINT8 *)&Res); + + if (EFI_ERROR(Status)) { + return Status; + } + + if (ResultBufSize > sizeof(Res)) { + TRACE((TRACE_ALWAYS, "ClearControl: Failed ExecuteCommand: Buffer Too Small\r\n")); + Status = EFI_BUFFER_TOO_SMALL; + goto ClearControlEND; + } + + // + // Validate response headers + // + RespSize = TPM_H2NL(Res.Header.paramSize); + if (RespSize > sizeof(Res)) { + TRACE((TRACE_ALWAYS, "ClearControl: Response size too large! %d\r\n", RespSize)); + Status = EFI_BUFFER_TOO_SMALL; + goto ClearControlEND; + } + + // + // Fail if command failed + // + if (TPM_H2NL(Res.Header.responseCode) != TPM_RC_SUCCESS) { + TRACE((TRACE_ALWAYS, "ClearControl: Response Code error! 0x%08x\r\n", TPM_H2NL(Res.Header.responseCode))); + Status = EFI_DEVICE_ERROR; + goto ClearControlEND; + } + + // + // Unmarshal the response + // + + // None + + Status = EFI_SUCCESS; + +ClearControlEND: + return Status; +} + + + +EFI_STATUS +EFIAPI +Tpm2Clear ( + VOID + ) +{ + EFI_STATUS Status; + TPM2_CLEAR_COMMAND Cmd; + TPM2_CLEAR_RESPONSE Res; + UINT32 ResultBufSize; + UINT32 CmdSize; + UINT32 RespSize; + UINT8 *Buffer; + UINT8 *AuthSizeOffset; + + Cmd.Header.tag = (TPMI_ST_COMMAND_TAG)TPM_H2NS(TPM_ST_SESSIONS); + Cmd.Header.commandCode = TPM_H2NL(TPM_CC_Clear); + Cmd.Auth = TPM_H2NL(TPM_RH_PLATFORM); + + Buffer = (UINT8 *)&Cmd.AuthorizationSize; + + // + // Add in Auth session + // + AuthSizeOffset = Buffer; + *(UINT32 *)Buffer = 0; + Buffer += sizeof(UINT32); + + // authHandle + *(UINT32 *)Buffer = TPM_H2NL(TPM_RS_PW); + Buffer += sizeof(UINT32); + + // nonce = nullNonce + *(UINT16 *)Buffer = 0; + Buffer += sizeof(UINT16); + + // sessionAttributes = 0 + *(UINT8 *)Buffer = 0; + Buffer += sizeof(UINT8); + + // auth = nullAuth + *(UINT16 *)Buffer = 0; + Buffer += sizeof(UINT16); + + // authorizationSize + *(UINT32 *)AuthSizeOffset = TPM_H2NL((UINT32)(Buffer - AuthSizeOffset - sizeof(UINT32))); + + CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd); + Cmd.Header.paramSize = TPM_H2NL(CmdSize); + + ResultBufSize = sizeof(Res); + + Status = TrEEProtocolInstance->SubmitCommand(TrEEProtocolInstance,CmdSize,(UINT8 *)&Cmd , ResultBufSize , (UINT8 *)&Res); + if (EFI_ERROR(Status)) { + return Status; + } + + if (ResultBufSize > sizeof(Res)) { + TRACE((TRACE_ALWAYS, "Clear: Failed ExecuteCommand: Buffer Too Small\r\n")); + Status = EFI_BUFFER_TOO_SMALL; + goto ClearEND; + } + + // + // Validate response headers + // + RespSize = TPM_H2NL(Res.Header.paramSize); + if (RespSize > sizeof(Res)) { + TRACE((TRACE_ALWAYS, "Clear: Response size too large! %d\r\n", RespSize)); + Status = EFI_BUFFER_TOO_SMALL; + goto ClearEND; + } + + // + // Fail if command failed + // + if (TPM_H2NL(Res.Header.responseCode) != TPM_RC_SUCCESS) { + TRACE((TRACE_ALWAYS, "Clear: Response Code error! 0x%08x\r\n", TPM_H2NL(Res.Header.responseCode))); + Status = EFI_DEVICE_ERROR; + goto ClearEND; + } + + // + // Unmarshal the response + // + + // None + + Status = EFI_SUCCESS; + +ClearEND: + return Status; +} + + + +//********************************************************************** +// +// +// Procedure: read_PPI_request +// +// Description: Reads and returns TCG PPI requests Value +// +// +// Input: +// +// Output: UINT8 +// +// Modified: +// +// Referrals: +// +// Notes: +// +//********************************************************************** +UINT8 ReadPpiRequest( ) +{ + UINTN Size = sizeof(AMI_PPI_NV_VAR); + AMI_PPI_NV_VAR Temp; + EFI_STATUS Status; + + Status = pRS->GetVariable( L"AMITCGPPIVAR", \ + &AmitcgefiOsVariableGuid, \ + NULL, \ + &Size, \ + &Temp ); + + if(Status == EFI_NOT_FOUND) + { + Temp.RQST = 0; + Temp.RCNT = 0; + Temp.ERROR = 0; + Temp.Flag = 0; + Temp.AmiMisc = 0; + + Status = TcgSetVariableWithNewAttributes(L"AMITCGPPIVAR", &AmitcgefiOsVariableGuid, \ + EFI_VARIABLE_NON_VOLATILE \ + | EFI_VARIABLE_BOOTSERVICE_ACCESS,\ + Size, &Temp ); + + } + + return Temp.RQST; +} + + + +void HandleTpm20Ppi(IN EFI_EVENT ev, + IN VOID *ctx) +{ + BOOLEAN UserAction; + UINT8 StringType = 0; + UINTN CurX, CurY; + CHAR16 *StrBuffer = NULL; + CHAR16 *String; + EFI_INPUT_KEY key; + TSE_POST_STATUS TsePostStatus; + EFI_STATUS Status; + + + TRACE((TRACE_ALWAYS, "HandleTpm20Ppi Entry \n")); + if (pAmiPostMgr == NULL) { + Status = pBS->LocateProtocol( &gAmiPostManagerProtocolGuid, + NULL, + &pAmiPostMgr ); + if (EFI_ERROR(Status)) { + return; + } + } + + // + // Calling GetPostStatus() to check current TSE_POST_STATUS + // + TsePostStatus = pAmiPostMgr->GetPostStatus(); + + if ( pST->ConIn == NULL || pST->ConOut == NULL || TsePostStatus == TSE_POST_STATUS_BEFORE_POST_SCREEN ) + { + TRACE((TRACE_ALWAYS, "\tTextIn/Out not ready: in=%x; out=%x\n", + pST->ConIn, pST->ConOut)); + return; + } + + switch(PpiRequest){ + case TPM20_PP_NO_ACTION_MAX: + return; + + case TPM20_PP_CLEAR_CONTROL_CLEAR_2: + case TPM20_PP_CLEAR_CONTROL_CLEAR_3: + case TPM20_PP_CLEAR_CONTROL_CLEAR_4: + if(TpmNvflags.NoPpiClear != 1) + { + UserAction = TRUE; + StringType = 1; + break; + } + case TPM20_PP_SET_NO_PPI_CLEAR_FALSE: + UserAction = FALSE; + StringType = 0; + break; + + case TPM20_PP_SET_NO_PPI_CLEAR_TRUE: + if(TpmNvflags.NoPpiClear != 1) + { + UserAction = TRUE; + StringType = 2; + break; + } + + default: + if (PpiRequest <= TPM20_PP_NO_ACTION_MAX){ + WritePpiResult( PpiRequest, (UINT16)(0)); + }else{ + WritePpiResult( PpiRequest, (UINT16)(TCPA_PPI_BIOSFAIL)); + } + return; + } + + if(UserAction) + { + pAmiPostMgr->SwitchToPostScreen( ); + + Status = pBS->AllocatePool(EfiBootServicesData, + sizeof (CHAR16) * 0x100, + (VOID*) &StrBuffer); + + if ( EFI_ERROR( Status ) || StrBuffer == NULL ) + { + return; + } + + MemSet( StrBuffer, sizeof (CHAR16) * 0x100, 0 ); + + pAmiPostMgr->DisplayPostMessage( StrBuffer ); + + pAmiPostMgr->GetCurPos(&CurX, &CurY); + + CurX = 0; + CurY -= PPI_DISPLAY_OFFSET; + + if(StringType == 1){ + + GetStringFromToken( STRING_TOKEN(TPM_CLEAR_STR), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + GetStringFromToken( STRING_TOKEN( TPM_WARNING_CLEAR ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + GetStringFromToken( STRING_TOKEN( TPM_CAUTION_KEY ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + + }else if(StringType == 2){ + + GetStringFromToken( STRING_TOKEN(TPM_PPI_HEAD_STR), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + GetStringFromToken( STRING_TOKEN( TPM_NOTE_CLEAR ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + GetStringFromToken( STRING_TOKEN( TPM_ACCEPT_KEY ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + } + + GetStringFromToken( STRING_TOKEN( TPM_REJECT_KEY ), &String ); + pAmiPostMgr->DisplayPostMessage( String ); + + if ( pST->ConIn ) + { + while ( TRUE ) + { + Status = pST->ConIn->ReadKeyStroke( pST->ConIn, &key ); + if ( Status == EFI_SUCCESS ) + { + if ( PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_2 || + PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_3 || + PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_4 ) + { + if ( key.ScanCode == TCG_CLEAR_REQUEST_KEY ) + { + break; + } + } + else if(PpiRequest == TPM20_PP_SET_NO_PPI_CLEAR_FALSE || + PpiRequest == TPM20_PP_SET_NO_PPI_CLEAR_TRUE) + { + + if ( key.ScanCode == TCG_CONFIGURATION_ACCEPT_KEY ) + { + break; + } + } + else if ( key.ScanCode == TCG_CONFIGURATION_IGNORE_KEY ) + { + return; + } + } + } + } + + } + + if ( PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_2 || + PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_3 || + PpiRequest == TPM20_PP_CLEAR_CONTROL_CLEAR_4 ) + { + Status = Tpm2ClearControl(0); + if(!EFI_ERROR(Status)){ + + Status = Tpm2Clear(); + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "Error Clearing TPM20 device\n")); + WritePpiResult( PpiRequest, (UINT16)(TCPA_PPI_BIOSFAIL)); + }else{ + WritePpiResult( PpiRequest, (UINT16)(0)); + } + }else{ + TRACE((TRACE_ALWAYS, "Tpm2ClearControl failure\n")); + WritePpiResult( PpiRequest, (UINT16)(TCPA_PPI_BIOSFAIL)); + } + } + else if(PpiRequest == TPM20_PP_SET_NO_PPI_CLEAR_FALSE || + PpiRequest == TPM20_PP_SET_NO_PPI_CLEAR_TRUE) + { + if(PpiRequest == TPM20_PP_SET_NO_PPI_CLEAR_FALSE) + { + TpmNvflags.NoPpiClear = 0; + + }else{ + TpmNvflags.NoPpiClear = 1; + } + + Status = TcgSetVariableWithNewAttributes(L"TPMPERBIOSFLAGS", &FlagsStatusguid, \ + EFI_VARIABLE_NON_VOLATILE \ + | EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (PERSISTENT_BIOS_TPM_FLAGS), &TpmNvflags); + + if(EFI_ERROR(Status)){ + TRACE((TRACE_ALWAYS, "Error Clearing TPM20 device\n")); + WritePpiResult( PpiRequest, (UINT16)(TCPA_PPI_BIOSFAIL)); + } + else{ + WritePpiResult( PpiRequest, (UINT16)(0)); + } + }else{ + WritePpiResult( PpiRequest, (UINT16)(0)); + } + + TRACE((TRACE_ALWAYS, "TPM20 changes made reseting system\n")); + pRS->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL); +} + +VOID +EFIAPI +Tpm20OnExitBootServices ( + IN EFI_EVENT Event, + IN VOID *Context + ) +{ + EFI_STATUS Status; + + // + // Measure invocation of ExitBootServices, + // + Status = MeasureAction ( + "Exit Boot Services Invocation"); + + // + // Measure success of ExitBootServices + // + Status = MeasureAction ( + "Exit Boot Services Returned with Success"); +} + + + +EFI_STATUS +Tpm20PlatformEntry( + IN EFI_HANDLE ImageHandle, + IN EFI_SYSTEM_TABLE *SystemTable ) +{ + EFI_STATUS Status; + EFI_GUID gEfiTrEEProtocolGuid = EFI_TREE_PROTOCOL_GUID; + EFI_EVENT ReadyToBootEvent; + EFI_EVENT ev; + EFI_EVENT ExitBSEvent; + static VOID *reg; + UINTN Size = sizeof(PERSISTENT_BIOS_TPM_FLAGS); + + + InitAmiLib( ImageHandle, SystemTable ); + + TRACE((TRACE_ALWAYS, "Tpm20PlatformEntry\n")); + + Status = pBS->LocateProtocol(&gEfiTrEEProtocolGuid, NULL, &TrEEProtocolInstance); + if(EFI_ERROR(Status))return Status; + + Status = InstallTcgPlatformProtocol(); + if(EFI_ERROR(Status))return Status; + + //we found TrEE protocol do Tpm20 + //Initializations set ready to boot callback + //install platform protocol + + Status = CreateReadyToBootEvent(TPL_CALLBACK, + Tpm20OnReadyToBoot, + NULL, + &ReadyToBootEvent); + + Status = pBS->CreateEvent ( + EVT_SIGNAL_EXIT_BOOT_SERVICES, + EFI_TPL_NOTIFY, + Tpm20OnExitBootServices, + NULL, + &ExitBSEvent + ); + LoadStrings( ImageHandle, &gHiiHandle ); + + Status = pRS->GetVariable( L"TPMPERBIOSFLAGS", \ + &FlagsStatusguid, \ + NULL, \ + &Size, \ + &TpmNvflags ); + + if(EFI_ERROR(Status)) + { + TpmNvflags.NoPpiProvision = 1; + TpmNvflags.NoPpiClear = 0; + TpmNvflags.NoPpiMaintenance = 0; + + Status = TcgSetVariableWithNewAttributes(L"TPMPERBIOSFLAGS", &FlagsStatusguid, \ + EFI_VARIABLE_NON_VOLATILE \ + | EFI_VARIABLE_BOOTSERVICE_ACCESS, + sizeof (PERSISTENT_BIOS_TPM_FLAGS), &TpmNvflags); + + if(EFI_ERROR(Status))return Status; + } + + PpiRequest = ReadPpiRequest(); + PpiRequest &= 0xFF; + + if(PpiRequest > 0 && PpiRequest <= TCPA_PPIOP_ENABLE_ACTV_CLEAR_ENABLE_ACTV){ + + Status = pBS->CreateEvent( EFI_EVENT_NOTIFY_SIGNAL, + EFI_TPL_CALLBACK, + HandleTpm20Ppi, + 0, + &ev ); + + if(EFI_ERROR(Status)){ + return Status; + } + + Status = pBS->RegisterProtocolNotify( + &gBdsAllDriversConnectedProtocolGuid, + ev, + ® ); + if(EFI_ERROR(Status)) { + return Status; + } + } + + return Status; +} + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.cif b/Board/EM/TCG2/Common/Tpm20PlatformDxe.cif new file mode 100644 index 0000000..4727bfc --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.cif @@ -0,0 +1,17 @@ + + name = "Tpm20PlatformDxe" + category = ModulePart + LocalRoot = "Board\EM\TCG2\Common" + RefName = "Tpm20PlatformDxe" +[files] +"Tpm20PlatformDxe.sdl" +"Tpm20PlatformDxe.mak" +"Tpm20PlatformDxe.c" +"Tpm20PlatformDxe.h" +"Tpm20PlatformDxe.dxs" +"Tpm20PlatformDxeLib.h" +"Tpm20PlatformDxeLib.c" +"Tpm20PlatformDxeString.uni" +[parts] +"Tpm20Acpi" + diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.dxs b/Board/EM/TCG2/Common/Tpm20PlatformDxe.dxs new file mode 100644 index 0000000..51aaaae --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.dxs @@ -0,0 +1,77 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.dxs 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.dxs $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 3 7/25/11 3:44a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 2 3/29/11 2:27p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxe.dxs +// +// Description: Dependency file for AmiTcgPlatformDxe +// +// +//************************************************************************* +#include +#include + +DEPENDENCY_START + EFI_TREE_PROTOCOL_GUID +DEPENDENCY_END + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** \ No newline at end of file diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.h b/Board/EM/TCG2/Common/Tpm20PlatformDxe.h new file mode 100644 index 0000000..ea43a76 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.h @@ -0,0 +1,459 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 3 8/30/13 11:04p Fredericko +// +// 2 7/11/13 6:17p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20). +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 11 1/20/12 9:20p Fredericko +// +// 10 12/30/11 5:06p Fredericko +// [TAG] EIP78141 +// [Category] New Feature +// [Description] Added hooks to override generic TPM platform hash +// functions. +// [Files] 1. AmiTcgPlatform.sdl +// 2. AmiTcgPlatformPei.h +// 3. AmiTcgPlatformPeiLib.c +// 4. AmiTcgPlatformPeiAfterMem.c +// 5. AmiTcgPlatformDxe.c +// 6. AmiTcgPlatformDxe.h +// +// 9 11/28/11 7:31p Fredericko +// [TAG] EIP63922 +// [Category] Improvement +// [Description] Support for Smbios label 30 and up. Callback on +// publishing of Smbios tables +// [Files] AmiTcgPlatformDxe.c +// +// 8 10/10/11 11:36a Fredericko +// [TAG] EIP70220 +// [Category] Improvement +// [Description] Remove dependency on CSM +// [Files] TcgLegacy.sdl +// AmiTcgPlatformDxe.c +// AmiTcgPlatformDxe.h +// xTcgDxe.c +// +// 7 10/10/11 12:12a Fredericko +// [TAG] EIP70220 +// [Category] Improvement +// [Description] Remove dependency on CSM +// [Files] TcgLegacy.sdl +// AmiTcgPlatformDxe.c +// AmiTcgPlatformDxe.h +// xTcgDxe.c +// +// 6 7/25/11 3:43a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 5 4/28/11 6:34p Fredericko +// Removed VFR compile +// +// 4 4/26/11 1:54p Fredericko +// Added support for function level override of specific functions. GUID +// definitions added +// +// 3 4/06/11 10:40a Fredericko +// Core 4.6.5.0 build error changes +// +// 2 3/29/11 2:27p Fredericko +// [TAG] EIP 54642 +// [Category] Improvement +// [Description] 1. Checkin Files related to TCG function override +// 2. Include TCM and TPM auto detection +// [Files] Affects all TCG files +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxe.h +// +// Description: Header file for AmiTcgPlatformDxe +// +// +//************************************************************************* +#include +#include +#include +#include +#include +#include "protocol\TpmDevice\TpmDevice.h" +#include + +//-------------------------------------------------------------------------- +//GUID Definitions +//-------------------------------------------------------------------------- +#define EFI_SMBIOS_TABLE_GUID \ + { \ + 0xeb9d2d31, 0x2d88, 0x11d3, 0x9a, 0x16, 0x0, 0x90, 0x27, 0x3f, 0xc1, 0x4d \ + } + + +#define EFI_DP_TYPE_MASK 0x7F +#define EFI_DP_TYPE_UNPACKED 0x80 +#define END_INSTANCE_DEVICE_PATH_SUBTYPE 0x01 +#define END_DEVICE_PATH_TYPE 0x7F +#define END_ENTIRE_DEVICE_PATH_SUBTYPE 0xFF + +#define DP_IS_END_TYPE(a) +#define DP_IS_END_SUBTYPE(a) ( ((a)->SubType == END_ENTIRE_DEVICE_PATH_SUBTYPE ) + +#define DevicePathType(a) ( ((a)->Type) & EFI_DP_TYPE_MASK ) +#define DevicePathSubType(a) ( (a)->SubType ) +#define DevicePathNodeLength(a) ( ((a)->Length[0]) | ((a)->Length[1] << 8) ) + +#define IsDevicePathEndType(a) ( DevicePathType(a) == END_DEVICE_PATH_TYPE ) +#define IsDevicePathEndSubType(a) ( (a)->SubType == END_ENTIRE_DEVICE_PATH_SUBTYPE ) +#define IsDevicePathEnd(a) ( IsDevicePathEndType(a) && IsDevicePathEndSubType(a) ) +#define NextDevicePathNode(a) ( (EFI_DEVICE_PATH_PROTOCOL *) ( ((UINT8 *) (a)) + DevicePathNodeLength(a))) + + +#define MBR_SIGNATURE 0xaa55 + +#define EXTENDED_DOS_PARTITION 0x05 +#define EXTENDED_WINDOWS_PARTITION 0x0F + +#define MAX_MBR_PARTITIONS 4 + +#define PMBR_GPT_PARTITION 0xEE +#define EFI_PARTITION 0xEF + +#define MBR_SIZE 512 + + +//--------------------------------------------------------------------------- +// Structure Definitions +//--------------------------------------------------------------------------- +#pragma pack(push, 1) + +// +// ------------------------------------------------------------------ +// Name: Data_Structures +// +// Description: +// Data Structures needed for MBR +// +// MASTER_BOOT_RECORD - Data Structure definition of the +// MBR located in the first block on an MBR drive +// +// MBR_PARTITION - Data Structure definition for each +// partition in the MBR +// +// ------------------------------------------------------------------ +// +#pragma pack(1) + +/// +/// Data Structure definition for each partition in the MBR +/// +typedef struct _MBR_PARTITION { + UINT8 BootIndicator; + UINT8 StartHead; + UINT8 StartSector; + UINT8 StartTrack; + UINT8 OSIndicator; + UINT8 EndHead; + UINT8 EndSector; + UINT8 EndTrack; + UINT8 StartingLBA[4]; + UINT8 SizeInLBA[4]; +} MBR_PARTITION_RECORD; + +/// +/// Data Structure definition of the MBR located in the first block on an MBR drive +/// +typedef struct _MASTER_BOOT_RECORD { + UINT8 BootStrapCode[440]; + UINT8 UniqueMbrSignature[4]; + UINT8 Unknown[2]; + MBR_PARTITION_RECORD Partition[MAX_MBR_PARTITIONS]; + UINT16 Signature; +} MASTER_BOOT_RECORD; + + +#define EFI_GPT_HEADER_ID "EFI PART" + + +typedef struct +{ + EFI_TABLE_HEADER Header; + EFI_LBA MyLba; + EFI_LBA AlternateLba; + EFI_LBA FirstUsableLba; + EFI_LBA LastUsableLba; + EFI_GUID DiskGuid; + EFI_LBA PartitionEntryLba; + UINT32 NumberOfPartitionEntries; + UINT32 SizeOfPartitionEntry; + UINT32 Crc32; +} GPT_HEADER; + + +/// +/// GPT Partition Table Header. +/// +typedef struct { + /// + /// The table header for the GPT partition Table. + /// This header contains EFI_PTAB_HEADER_ID. + /// + EFI_TABLE_HEADER Header; + /// + /// The LBA that contains this data structure. + /// + EFI_LBA MyLBA; + /// + /// LBA address of the alternate GUID Partition Table Header. + /// + EFI_LBA AlternateLBA; + /// + /// The first usable logical block that may be used + /// by a partition described by a GUID Partition Entry. + /// + EFI_LBA FirstUsableLBA; + /// + /// The last usable logical block that may be used + /// by a partition described by a GUID Partition Entry. + /// + EFI_LBA LastUsableLBA; + /// + /// GUID that can be used to uniquely identify the disk. + /// + EFI_GUID DiskGUID; + /// + /// The starting LBA of the GUID Partition Entry array. + /// + EFI_LBA PartitionEntryLBA; + /// + /// The number of Partition Entries in the GUID Partition Entry array. + /// + UINT32 NumberOfPartitionEntries; + /// + /// The size, in bytes, of each the GUID Partition + /// Entry structures in the GUID Partition Entry + /// array. This field shall be set to a value of 128 x 2^n where n is + /// an integer greater than or equal to zero (e.g., 128, 256, 512, etc.). + /// + UINT32 SizeOfPartitionEntry; + /// + /// The CRC32 of the GUID Partition Entry array. + /// Starts at PartitionEntryLBA and is + /// computed over a byte length of + /// NumberOfPartitionEntries * SizeOfPartitionEntry. + /// + UINT32 PartitionEntryArrayCRC32; +} EFI_PARTITION_TABLE_HEADER; + +/// +/// GPT Partition Entry. +/// +typedef struct { + /// + /// Unique ID that defines the purpose and type of this Partition. A value of + /// zero defines that this partition entry is not being used. + /// + EFI_GUID PartitionTypeGUID; + /// + /// GUID that is unique for every partition entry. Every partition ever + /// created will have a unique GUID. + /// This GUID must be assigned when the GUID Partition Entry is created. + /// + EFI_GUID UniquePartitionGUID; + /// + /// Starting LBA of the partition defined by this entry + /// + EFI_LBA StartingLBA; + /// + /// Ending LBA of the partition defined by this entry. + /// + EFI_LBA EndingLBA; + /// + /// Attribute bits, all bits reserved by UEFI + /// Bit 0: If this bit is set, the partition is required for the platform to function. The owner/creator of the + /// partition indicates that deletion or modification of the contents can result in loss of platform + /// features or failure for the platform to boot or operate. The system cannot function normally if + /// this partition is removed, and it should be considered part of the hardware of the system. + /// Actions such as running diagnostics, system recovery, or even OS install or boot, could + /// potentially stop working if this partition is removed. Unless OS software or firmware + /// recognizes this partition, it should never be removed or modified as the UEFI firmware or + /// platform hardware may become non-functional. + /// Bit 1: If this bit is set, then firmware must not produce an EFI_BLOCK_IO_PROTOCOL device for + /// this partition. By not producing an EFI_BLOCK_IO_PROTOCOL partition, file system + /// mappings will not be created for this partition in UEFI. + /// Bit 2: This bit is set aside to let systems with traditional PC-AT BIOS firmware implementations + /// inform certain limited, special-purpose software running on these systems that a GPT + /// partition may be bootable. The UEFI boot manager must ignore this bit when selecting + /// a UEFI-compliant application, e.g., an OS loader. + /// Bits 3-47: Undefined and must be zero. Reserved for expansion by future versions of the UEFI + /// specification. + /// Bits 48-63: Reserved for GUID specific use. The use of these bits will vary depending on the + /// PartitionTypeGUID. Only the owner of the PartitionTypeGUID is allowed + /// to modify these bits. They must be preserved if Bits 0-47 are modified.. + /// + UINT64 Attributes; + /// + /// Null-terminated name of the partition. + /// + CHAR16 PartitionName[36]; +} EFI_PARTITION_ENTRY; + + + + +typedef struct tdEFI_GPT_DATA { + EFI_PARTITION_TABLE_HEADER EfiPartitionHeader; + UINTN NumberOfPartitions; + EFI_PARTITION_ENTRY Partitions[1]; +} EFI_GPT_DATA; + +#define TPM20_PP_NO_ACTION 0 +#define TPM20_PP_CLEAR_CONTROL_CLEAR 5 +#define TPM20_PP_CLEAR_CONTROL_CLEAR_2 14 +#define TPM20_PP_SET_NO_PPI_CLEAR_FALSE 17 +#define TPM20_PP_SET_NO_PPI_CLEAR_TRUE 18 +#define TPM20_PP_CLEAR_CONTROL_CLEAR_3 21 +#define TPM20_PP_CLEAR_CONTROL_CLEAR_4 22 + +#define TPM20_PP_NO_ACTION_MAX 20 + + +typedef UINT8 TPMI_YES_NO; +typedef UINT32 ClearControl_In; +typedef UINT32 Clear_In; + +#pragma pack(push, 1) + +typedef struct { + TPM_ST tag; + UINT32 paramSize; + TPM_CC commandCode; +} INT_TPM2_COMMAND_HEADER; + +typedef struct { + TPM_ST tag; + UINT32 paramSize; + TPM_RC responseCode; +} INT_TPM2_RESPONSE_HEADER; + +typedef struct { + INT_TPM2_COMMAND_HEADER Header; + TPMI_RH_CLEAR Auth; + UINT32 AuthorizationSize; + TPMS_AUTH_SESSION_COMMAND PwapAuth; + TPMI_YES_NO Disable; +} TPM2_CLEAR_CONTROL_COMMAND; + +typedef struct { + INT_TPM2_RESPONSE_HEADER Header; + UINT32 ParameterSize; + TPMS_AUTH_SESSION_COMMAND PwapAuthSeq; +} TPM2_CLEAR_CONTROL_RESPONSE; + +typedef struct { + INT_TPM2_COMMAND_HEADER Header; + TPMI_RH_CLEAR Auth; + UINT32 AuthorizationSize; + TPMS_AUTH_SESSION_COMMAND PwapAuth; +} TPM2_CLEAR_COMMAND; + +typedef struct { + INT_TPM2_RESPONSE_HEADER Header; + UINT32 ParameterSize; + TPMS_AUTH_SESSION_COMMAND PwapAuthSeq; +} TPM2_CLEAR_RESPONSE; + + +typedef +EFI_STATUS +(EFIAPI *EFI_TCG_MEASURE_PE_IMAGE) ( + IN BOOLEAN BootPolicy, + IN EFI_PHYSICAL_ADDRESS ImageAddress, + IN UINTN ImageSize, + IN UINTN LinkTimeBase, + IN UINT16 ImageType, + IN EFI_HANDLE DeviceHandle, + IN EFI_DEVICE_PATH_PROTOCOL *FilePath + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_TCG_MEASURE_ACTION) ( + IN CHAR8 *ActionString + ); + +typedef +EFI_STATUS +(EFIAPI *EFI_TCG_MEASURE_GPT_TABLE) ( + IN EFI_DEVICE_PATH_PROTOCOL *DevicePath + ); + +typedef struct _EFI_TCG_PLATFORM_PROTOCOL { + EFI_TCG_MEASURE_PE_IMAGE MeasurePeImage; + EFI_TCG_MEASURE_ACTION MeasureAction; + EFI_TCG_MEASURE_GPT_TABLE MeasureGptTable; +} EFI_TCG_PLATFORM_PROTOCOL; + +#define EFI_TCG_PLATFORM_PROTOCOL_GUID \ + { 0x8c4c9a41, 0xbf56, 0x4627, 0x9e, 0xa, 0xc8, 0x38, 0x6d, 0x66, 0x11, 0x5c } + + +#pragma pack(pop) +#pragma pack(pop) + +//********************************************************************** +// Function Declarations +//********************************************************************** + + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.mak b/Board/EM/TCG2/Common/Tpm20PlatformDxe.mak new file mode 100644 index 0000000..34a7498 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.mak @@ -0,0 +1,104 @@ +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* +# $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.mak 2 4/25/14 4:44p Fredericko $ +# +# $Revision: 2 $ +# +# $Date: 4/25/14 4:44p $ +#************************************************************************* +# Revision History +# ---------------- +# $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxe.mak $ +# +# 2 4/25/14 4:44p Fredericko +# when secureboot is disabled +# +# 1 4/21/14 2:18p Fredericko +# +# 1 10/08/13 12:06p Fredericko +# Initial Check-In for Tpm-Next module +# +# 2 7/11/13 6:16p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20). +# +# 1 7/10/13 5:57p Fredericko +# [TAG] EIP120969 +# [Category] New Feature +# [Description] TCG (TPM20) +# +#************************************************************************* +# +# +# Name: +# +# Description: +# +# +#************************************************************************ +all : Tpm20PlatformDxe + +Tpm20PlatformDxe : $(BUILD_DIR)\Tpm20PlatformDxe.mak Tpm20PlatformDxeBin + +$(BUILD_DIR)\Tpm20PlatformDxe.mak : $(TPM_20_PLATFORM_DXE_DIR)\$(@B).cif $(TPM_20_PLATFORM_DXE_DIR)\$(@B).mak $(BUILD_RULES) + $(CIF2MAK) $(TPM_20_PLATFORM_DXE_DIR)\$(@B).cif $(CIF2MAK_DEFAULTS) + +Tpm20PlatformFlags=$(CFLAGS) \ + /I$(TCG_DIR)\ + /I$(TPM12_DIR)\ + /I$(CORE_DIR)\ + /I$(TCG_DIR)\Common\ + /I$(PROJECT_DIR)\Include\Protocol\ + /I$(TCG_DIR)\Protocol\ + /I$(TcgPlatformSetupPolicy_DIR)\ +!IF "$(SecureBoot_SUPPORT)" == "1" + /I$(ImageVerificationLib_DIR)\ +!ENDIF + +TCG20PLTFM_OBJECTS = \ +$(BUILD_DIR)\$(TPM_20_PLATFORM_DXE_DIR)\Tpm20PlatformDxe.obj \ + +#--------------------------------------------------------------------------- +# Making AmiTcgPlatformDxe +#--------------------------------------------------------------------------- + +Tpm20PlatformDxeBin : $(AMIDXELIB) $(SHALIB) + $(MAKE) /$(MAKEFLAGS) $(BUILD_DEFAULTS)\ + /f $(BUILD_DIR)\Tpm20PlatformDxe.mak all\ + "CFLAGS=$(Tpm20PlatformFlags)"\ + "CPFLAGS=$(Tpm20PlatformFlags)"\ + GUID=0718AD81-F26A-4850-A6EC-F268E309D707 \ + ENTRY_POINT=Tpm20PlatformEntry \ + TYPE=BS_DRIVER \ + "OBJECTS=$(TCG20PLTFM_OBJECTS)"\ + DEPEX1=$(TPM_20_PLATFORM_DXE_DIR)\Tpm20PlatformDxe.dxs \ + DEPEX1_TYPE=EFI_SECTION_DXE_DEPEX \ + COMPRESS=1 HAS_RESOURCES=1\ + "STRGATHER_FLAGS=-db $(BUILD_DIR)\$(TPM_20_PLATFORM_DXE_DIR)\Tpm20PlatformDxeString.sdb"\ +#--------------------------------------------------------------------------- + +#************************************************************************* +#************************************************************************* +#** ** +#** (C)Copyright 1985-2010, American Megatrends, Inc. ** +#** ** +#** All Rights Reserved. ** +#** ** +#** 5555 Oakbrook Parkway, Suite 200, Norcross, GA 30093 ** +#** ** +#** Phone: (770)-246-8600 ** +#** ** +#************************************************************************* +#************************************************************************* diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxe.sdl b/Board/EM/TCG2/Common/Tpm20PlatformDxe.sdl new file mode 100644 index 0000000..e510add --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxe.sdl @@ -0,0 +1,27 @@ +TOKEN + Name = "Tpm20PlatformSupport" + Value = "1" + Help = "Enable or Disable TCG_generic support" + TokenType = Boolean + TargetH = Yes + TargetMAK = Yes + Master = Yes + Token = "TPM20Enabled" "!=" "0" +End + + +PATH + Name = "TPM_20_PLATFORM_DXE_DIR" +End + +MODULE + Help = "" + File = "Tpm20PlatformDxe.mak" +End + + +ELINK + Name = "$(BUILD_DIR)\Tpm20PlatformDxe.ffs" + Parent = "FV_MAIN" + InvokeOrder = AfterParent +End diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.c b/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.c new file mode 100644 index 0000000..be62875 --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.c @@ -0,0 +1,57 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxeLib.c 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxeLib.c $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// +//************************************************************************* +// +// Name: +// +// Description: +// +// +//************************************************************************* + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.h b/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.h new file mode 100644 index 0000000..2e086db --- /dev/null +++ b/Board/EM/TCG2/Common/Tpm20PlatformDxeLib.h @@ -0,0 +1,73 @@ +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//************************************************************************* +// $Header: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxeLib.h 1 4/21/14 2:18p Fredericko $ +// +// $Revision: 1 $ +// +// $Date: 4/21/14 2:18p $ +//************************************************************************* +// Revision History +// ---------------- +// $Log: /Alaska/SOURCE/Modules/TCG2/Common/Tpm20PlatformDxe/Tpm20PlatformDxeLib.h $ +// +// 1 4/21/14 2:18p Fredericko +// +// 1 10/08/13 12:06p Fredericko +// Initial Check-In for Tpm-Next module +// +// 2 7/11/13 6:17p Fredericko +// +// 1 7/10/13 5:58p Fredericko +// [TAG] EIP120969 +// [Category] New Feature +// [Description] TCG (TPM20) +// +// 4 7/25/11 3:45a Fredericko +// [TAG] EIP65177 +// [Category] Spec Update +// [Severity] Minor +// [Description] Tcg Ppi Spec ver 1.2 update +// +// 3 4/28/11 6:34p Fredericko +// Removed VFR compile +// +// 2 3/29/11 2:27p Fredericko +// +// +// +//************************************************************************* +// +// +// Name: AmiTcgPlatformDxeLib.h +// +// Description: Header firl for AmiTcgPlatformDxe library +// +// +//************************************************************************* + + + +//********************************************************************** +//********************************************************************** +//** ** +//** (C)Copyright 1985-2010, American Megatrends, Inc. ** +//** ** +//** All Rights Reserved. ** +//** ** +//** 5555 Oakbrook Pkwy, Suite 200, Norcross, GA 30093 ** +//** ** +//** Phone: (770)-246-8600 ** +//** ** +//********************************************************************** +//********************************************************************** \ No newline at end of file diff --git a/Board/EM/TCG2/Common/Tpm20PlatformDxeString.uni b/Board/EM/TCG2/Common/Tpm20PlatformDxeString.uni new file mode 100644 index 0000000..a346596 Binary files /dev/null and b/Board/EM/TCG2/Common/Tpm20PlatformDxeString.uni differ -- cgit v1.2.3