diff options
| author |   Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
|---|---|---|
| committer | Angelos Mouzakitis <a.mouzakitis@virtualopensystems.com> | 2023-10-10 14:33:42 +0000 |
| commit | af1a266670d040d2f4083ff309d732d648afba2a (patch) | |
| tree | 2fc46203448ddcc6f81546d379abfaeb323575e9 /roms/edk2/SecurityPkg/Library/Tpm12CommandLib | |
| parent | e02cda008591317b1625707ff8e115a4841aa889 (diff) | |
Change-Id: Iaf8d18082d3991dec7c0ebbea540f092188eb4ec
Diffstat (limited to 'roms/edk2/SecurityPkg/Library/Tpm12CommandLib')
9 files changed, 773 insertions, 0 deletions
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf new file mode 100644 index 000000000..46dd12fcc --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.inf @@ -0,0 +1,45 @@ +## @file
+# Provides some TPM 1.2 commands
+#
+# This library is used by other modules to send TPM 1.2 command.
+#
+# Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
+# SPDX-License-Identifier: BSD-2-Clause-Patent
+#
+##
+
+[Defines]
+ INF_VERSION = 0x00010005
+ BASE_NAME = Tpm12CommandLib
+ MODULE_UNI_FILE = Tpm12CommandLib.uni
+ FILE_GUID = C595047C-70B3-4731-99CC-A014E956D7A7
+ MODULE_TYPE = BASE
+ VERSION_STRING = 1.0
+ LIBRARY_CLASS = Tpm12CommandLib
+
+#
+# The following information is for reference only and not required by the build tools.
+#
+# VALID_ARCHITECTURES = IA32 X64
+#
+
+[Sources]
+ Tpm12Startup.c
+ Tpm12Ownership.c
+ Tpm12NvStorage.c
+ Tpm12GetCapability.c
+ Tpm12Pcr.c
+ Tpm12PhysicalPresence.c
+ Tpm12SelfTest.c
+
+[Packages]
+ MdePkg/MdePkg.dec
+ SecurityPkg/SecurityPkg.dec
+
+[LibraryClasses]
+ BaseLib
+ BaseMemoryLib
+ IoLib
+ TimerLib
+ DebugLib
+ Tpm12DeviceLib
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.uni b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.uni new file mode 100644 index 000000000..3f02db62a --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12CommandLib.uni @@ -0,0 +1,16 @@ +// /** @file
+// Provides some TPM 1.2 commands
+//
+// This library is used by other modules to send TPM 1.2 command.
+//
+// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
+//
+// SPDX-License-Identifier: BSD-2-Clause-Patent
+//
+// **/
+
+
+#string STR_MODULE_ABSTRACT #language en-US "Provides some TPM 1.2 command functions"
+
+#string STR_MODULE_DESCRIPTION #language en-US "This library is used by other modules to send TPM 1.2 command."
+
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c new file mode 100644 index 000000000..8a10d9990 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c @@ -0,0 +1,131 @@ +/** @file
+ Implement TPM1.2 Get Capabilities related commands.
+
+Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved. <BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+#pragma pack(1)
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ UINT32 Capability;
+ UINT32 CapabilityFlagSize;
+ UINT32 CapabilityFlag;
+} TPM_CMD_GET_CAPABILITY;
+
+typedef struct {
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 ResponseSize;
+ TPM_PERMANENT_FLAGS Flags;
+} TPM_RSP_GET_CAPABILITY_PERMANENT_FLAGS;
+
+typedef struct {
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 ResponseSize;
+ TPM_STCLEAR_FLAGS Flags;
+} TPM_RSP_GET_CAPABILITY_STCLEAR_FLAGS;
+
+#pragma pack()
+
+/**
+Get TPM capability permanent flags.
+
+@param[out] TpmPermanentFlags Pointer to the buffer for returned flag structure.
+
+@retval EFI_SUCCESS Operation completed successfully.
+@retval EFI_TIMEOUT The register can't run into the expected status in time.
+@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
+@retval EFI_DEVICE_ERROR Unexpected device behavior.
+
+**/
+EFI_STATUS
+EFIAPI
+Tpm12GetCapabilityFlagPermanent (
+ OUT TPM_PERMANENT_FLAGS *TpmPermanentFlags
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_GET_CAPABILITY Command;
+ TPM_RSP_GET_CAPABILITY_PERMANENT_FLAGS Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_GetCapability
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_GetCapability);
+ Command.Capability = SwapBytes32 (TPM_CAP_FLAG);
+ Command.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
+ Command.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (SwapBytes32 (Response.Hdr.returnCode) != TPM_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagPermanent: Response Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
+ return EFI_DEVICE_ERROR;
+ }
+
+ ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
+ CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof (*TpmPermanentFlags), SwapBytes32(Response.ResponseSize)));
+
+ return Status;
+}
+
+/**
+Get TPM capability volatile flags.
+
+@param[out] VolatileFlags Pointer to the buffer for returned flag structure.
+
+@retval EFI_SUCCESS Operation completed successfully.
+@retval EFI_DEVICE_ERROR The command was unsuccessful.
+
+**/
+EFI_STATUS
+EFIAPI
+Tpm12GetCapabilityFlagVolatile (
+ OUT TPM_STCLEAR_FLAGS *VolatileFlags
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_GET_CAPABILITY Command;
+ TPM_RSP_GET_CAPABILITY_STCLEAR_FLAGS Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_GetCapability
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_GetCapability);
+ Command.Capability = SwapBytes32 (TPM_CAP_FLAG);
+ Command.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_VOLATILE));
+ Command.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_VOLATILE);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (SwapBytes32 (Response.Hdr.returnCode) != TPM_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm12GetCapabilityFlagVolatile: Response Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
+ return EFI_DEVICE_ERROR;
+ }
+
+ ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
+ CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof (*VolatileFlags), SwapBytes32(Response.ResponseSize)));
+
+ return Status;
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c new file mode 100644 index 000000000..8295a1d26 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c @@ -0,0 +1,228 @@ +/** @file
+ Implement TPM1.2 NV storage related command.
+
+Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. <BR>
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+//
+// Max TPM NV value length
+//
+#define TPMNVVALUELENGTH 1024
+
+#pragma pack(1)
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM12_NV_DATA_PUBLIC PubInfo;
+ TPM_ENCAUTH EncAuth;
+} TPM_CMD_NV_DEFINE_SPACE;
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_NV_INDEX NvIndex;
+ UINT32 Offset;
+ UINT32 DataSize;
+} TPM_CMD_NV_READ_VALUE;
+
+typedef struct {
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 DataSize;
+ UINT8 Data[TPMNVVALUELENGTH];
+} TPM_RSP_NV_READ_VALUE;
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_NV_INDEX NvIndex;
+ UINT32 Offset;
+ UINT32 DataSize;
+ UINT8 Data[TPMNVVALUELENGTH];
+} TPM_CMD_NV_WRITE_VALUE;
+
+#pragma pack()
+
+/**
+ Send NV DefineSpace command to TPM1.2.
+
+ @param PubInfo The public parameters of the NV area.
+ @param EncAuth The encrypted AuthData, only valid if the attributes require subsequent authorization.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12NvDefineSpace (
+ IN TPM12_NV_DATA_PUBLIC *PubInfo,
+ IN TPM_ENCAUTH *EncAuth
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_NV_DEFINE_SPACE Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_NV_DefineSpace
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_DefineSpace);
+ Command.PubInfo.tag = SwapBytes16 (PubInfo->tag);
+ Command.PubInfo.nvIndex = SwapBytes32 (PubInfo->nvIndex);
+ Command.PubInfo.pcrInfoRead.pcrSelection.sizeOfSelect = SwapBytes16 (PubInfo->pcrInfoRead.pcrSelection.sizeOfSelect);
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[0] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[0];
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[1] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[1];
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[2] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[2];
+ Command.PubInfo.pcrInfoRead.localityAtRelease = PubInfo->pcrInfoRead.localityAtRelease;
+ CopyMem (&Command.PubInfo.pcrInfoRead.digestAtRelease, &PubInfo->pcrInfoRead.digestAtRelease, sizeof(PubInfo->pcrInfoRead.digestAtRelease));
+ Command.PubInfo.pcrInfoWrite.pcrSelection.sizeOfSelect = SwapBytes16 (PubInfo->pcrInfoWrite.pcrSelection.sizeOfSelect);
+ Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[0] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[0];
+ Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[1] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[1];
+ Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[2] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[2];
+ Command.PubInfo.pcrInfoWrite.localityAtRelease = PubInfo->pcrInfoWrite.localityAtRelease;
+ CopyMem (&Command.PubInfo.pcrInfoWrite.digestAtRelease, &PubInfo->pcrInfoWrite.digestAtRelease, sizeof(PubInfo->pcrInfoWrite.digestAtRelease));
+ Command.PubInfo.permission.tag = SwapBytes16 (PubInfo->permission.tag);
+ Command.PubInfo.permission.attributes = SwapBytes32 (PubInfo->permission.attributes);
+ Command.PubInfo.bReadSTClear = PubInfo->bReadSTClear;
+ Command.PubInfo.bWriteSTClear = PubInfo->bWriteSTClear;
+ Command.PubInfo.bWriteDefine = PubInfo->bWriteDefine;
+ Command.PubInfo.dataSize = SwapBytes32 (PubInfo->dataSize);
+ CopyMem (&Command.EncAuth, EncAuth, sizeof(*EncAuth));
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ DEBUG ((DEBUG_INFO, "Tpm12NvDefineSpace - ReturnCode = %x\n", SwapBytes32 (Response.returnCode)));
+ switch (SwapBytes32 (Response.returnCode)) {
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+}
+
+/**
+ Send NV ReadValue command to TPM1.2.
+
+ @param NvIndex The index of the area to set.
+ @param Offset The offset into the area.
+ @param DataSize The size of the data area.
+ @param Data The data to set the area to.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12NvReadValue (
+ IN TPM_NV_INDEX NvIndex,
+ IN UINT32 Offset,
+ IN OUT UINT32 *DataSize,
+ OUT UINT8 *Data
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_NV_READ_VALUE Command;
+ TPM_RSP_NV_READ_VALUE Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_NV_ReadValue
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_ReadValue);
+ Command.NvIndex = SwapBytes32 (NvIndex);
+ Command.Offset = SwapBytes32 (Offset);
+ Command.DataSize = SwapBytes32 (*DataSize);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ DEBUG ((DEBUG_INFO, "Tpm12NvReadValue - ReturnCode = %x\n", SwapBytes32 (Response.Hdr.returnCode)));
+ switch (SwapBytes32 (Response.Hdr.returnCode)) {
+ case TPM_SUCCESS:
+ break;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+
+ //
+ // Return the response
+ //
+ if (SwapBytes32 (Response.DataSize) > *DataSize) {
+ return EFI_BUFFER_TOO_SMALL;
+ }
+ *DataSize = SwapBytes32 (Response.DataSize);
+ ZeroMem (Data, *DataSize);
+ CopyMem (Data, &Response.Data, *DataSize);
+
+ return EFI_SUCCESS;
+}
+
+/**
+ Send NV WriteValue command to TPM1.2.
+
+ @param NvIndex The index of the area to set.
+ @param Offset The offset into the NV Area.
+ @param DataSize The size of the data parameter.
+ @param Data The data to set the area to.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12NvWriteValue (
+ IN TPM_NV_INDEX NvIndex,
+ IN UINT32 Offset,
+ IN UINT32 DataSize,
+ IN UINT8 *Data
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_NV_WRITE_VALUE Command;
+ UINT32 CommandLength;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 ResponseLength;
+
+ if (DataSize > sizeof (Command.Data)) {
+ return EFI_UNSUPPORTED;
+ }
+
+ //
+ // send Tpm command TPM_ORD_NV_WriteValue
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ CommandLength = sizeof (Command) - sizeof(Command.Data) + DataSize;
+ Command.Hdr.paramSize = SwapBytes32 (CommandLength);
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_WriteValue);
+ Command.NvIndex = SwapBytes32 (NvIndex);
+ Command.Offset = SwapBytes32 (Offset);
+ Command.DataSize = SwapBytes32 (DataSize);
+ CopyMem (Command.Data, Data, DataSize);
+ ResponseLength = sizeof (Response);
+ Status = Tpm12SubmitCommand (CommandLength, (UINT8 *)&Command, &ResponseLength, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ DEBUG ((DEBUG_INFO, "Tpm12NvWriteValue - ReturnCode = %x\n", SwapBytes32 (Response.returnCode)));
+ switch (SwapBytes32 (Response.returnCode)) {
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c new file mode 100644 index 000000000..382f059fb --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c @@ -0,0 +1,49 @@ +/** @file
+ Implement TPM1.2 Ownership related command.
+
+Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/BaseLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+/**
+ Send ForceClear command to TPM1.2.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12ForceClear (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_ForceClear
+ //
+ Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.paramSize = SwapBytes32 (sizeof (Command));
+ Command.ordinal = SwapBytes32 (TPM_ORD_ForceClear);
+ Length = sizeof (Response);
+
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ switch (SwapBytes32 (Response.returnCode)) {
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c new file mode 100644 index 000000000..562cf582d --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c @@ -0,0 +1,81 @@ +/** @file
+ Implement TPM1.2 PCR related commands.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+#pragma pack(1)
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_PCRINDEX PcrIndex;
+ TPM_DIGEST TpmDigest;
+} TPM_CMD_EXTEND;
+
+typedef struct {
+ TPM_RSP_COMMAND_HDR Hdr;
+ TPM_DIGEST TpmDigest;
+} TPM_RSP_EXTEND;
+
+#pragma pack()
+
+/**
+Extend a TPM PCR.
+
+@param[in] DigestToExtend The 160 bit value representing the event to be recorded.
+@param[in] PcrIndex The PCR to be updated.
+@param[out] NewPcrValue New PCR value after extend.
+
+@retval EFI_SUCCESS Operation completed successfully.
+@retval EFI_TIMEOUT The register can't run into the expected status in time.
+@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
+@retval EFI_DEVICE_ERROR Unexpected device behavior.
+
+**/
+EFI_STATUS
+EFIAPI
+Tpm12Extend (
+ IN TPM_DIGEST *DigestToExtend,
+ IN TPM_PCRINDEX PcrIndex,
+ OUT TPM_DIGEST *NewPcrValue
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_EXTEND Command;
+ TPM_RSP_EXTEND Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_Extend
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_Extend);
+ Command.PcrIndex = SwapBytes32 (PcrIndex);
+ CopyMem (&Command.TpmDigest, DigestToExtend, sizeof (Command.TpmDigest));
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (SwapBytes32(Response.Hdr.returnCode) != TPM_SUCCESS) {
+ DEBUG ((EFI_D_ERROR, "Tpm12Extend: Response Code error! 0x%08x\r\n", SwapBytes32(Response.Hdr.returnCode)));
+ return EFI_DEVICE_ERROR;
+ }
+
+ if (NewPcrValue != NULL) {
+ CopyMem (NewPcrValue, &Response.TpmDigest, sizeof (*NewPcrValue));
+ }
+
+ return Status;
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c new file mode 100644 index 000000000..208bff594 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c @@ -0,0 +1,66 @@ +/** @file
+ Implement TPM1.2 Physical Presence related command.
+
+Copyright (c) 2016, Intel Corporation. All rights reserved. <BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+#pragma pack(1)
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_PHYSICAL_PRESENCE PhysicalPresence;
+} TPM_CMD_PHYSICAL_PRESENCE;
+
+#pragma pack()
+
+/**
+Send TSC_PhysicalPresence command to TPM.
+
+@param[in] PhysicalPresence The state to set the TPMs Physical Presence flags.
+
+@retval EFI_SUCCESS Operation completed successfully.
+@retval EFI_TIMEOUT The register can't run into the expected status in time.
+@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
+@retval EFI_DEVICE_ERROR Unexpected device behavior.
+
+**/
+EFI_STATUS
+EFIAPI
+Tpm12PhysicalPresence (
+ IN TPM_PHYSICAL_PRESENCE PhysicalPresence
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_PHYSICAL_PRESENCE Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TSC_ORD_PhysicalPresence
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);
+ Command.PhysicalPresence = SwapBytes16 (PhysicalPresence);
+ Length = sizeof (Response);
+
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (SwapBytes32(Response.returnCode) != TPM_SUCCESS) {
+ DEBUG ((EFI_D_ERROR, "Tpm12PhysicalPresence: Response Code error! 0x%08x\r\n", SwapBytes32(Response.returnCode)));
+ return EFI_DEVICE_ERROR;
+ }
+
+ return EFI_SUCCESS;
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c new file mode 100644 index 000000000..be389a510 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c @@ -0,0 +1,54 @@ +/** @file
+ Implement TPM1.2 NV Self Test related commands.
+
+Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved. <BR>
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/Tpm12CommandLib.h>
+#include <Library/BaseLib.h>
+#include <Library/DebugLib.h>
+#include <Library/Tpm12DeviceLib.h>
+
+/**
+Send TPM_ContinueSelfTest command to TPM.
+
+@retval EFI_SUCCESS Operation completed successfully.
+@retval EFI_TIMEOUT The register can't run into the expected status in time.
+@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small.
+@retval EFI_DEVICE_ERROR Unexpected device behavior.
+
+**/
+EFI_STATUS
+EFIAPI
+Tpm12ContinueSelfTest (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_ContinueSelfTest
+ //
+ Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.paramSize = SwapBytes32 (sizeof (Command));
+ Command.ordinal = SwapBytes32 (TPM_ORD_ContinueSelfTest);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+
+ if (SwapBytes32 (Response.returnCode) != TPM_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm12ContinueSelfTest: Response Code error! 0x%08x\r\n", SwapBytes32 (Response.returnCode)));
+ return EFI_DEVICE_ERROR;
+ }
+
+ return Status;
+}
diff --git a/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c new file mode 100644 index 000000000..49e6a1e30 --- /dev/null +++ b/roms/edk2/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c @@ -0,0 +1,103 @@ +/** @file
+ Implement TPM1.2 Startup related command.
+
+Copyright (c) 2013, Intel Corporation. All rights reserved. <BR>
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+SPDX-License-Identifier: BSD-2-Clause-Patent
+
+**/
+
+#include <PiPei.h>
+#include <Library/BaseMemoryLib.h>
+#include <Library/BaseLib.h>
+#include <Library/Tpm12DeviceLib.h>
+#include <Library/DebugLib.h>
+
+#pragma pack(1)
+
+typedef struct {
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_STARTUP_TYPE TpmSt;
+} TPM_CMD_START_UP;
+
+#pragma pack()
+
+/**
+ Send Startup command to TPM1.2.
+
+ @param TpmSt Startup Type.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12Startup (
+ IN TPM_STARTUP_TYPE TpmSt
+ )
+{
+ EFI_STATUS Status;
+ TPM_CMD_START_UP Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_Startup
+ //
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_Startup);
+ Command.TpmSt = SwapBytes16 (TpmSt);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ switch (SwapBytes32(Response.returnCode)) {
+ case TPM_SUCCESS:
+ DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_SUCCESS\n"));
+ return EFI_SUCCESS;
+ case TPM_INVALID_POSTINIT:
+ // In warm reset, TPM may response TPM_INVALID_POSTINIT
+ DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_INVALID_POSTINIT\n"));
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+}
+
+/**
+ Send SaveState command to TPM1.2.
+
+ @retval EFI_SUCCESS Operation completed successfully.
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.
+**/
+EFI_STATUS
+EFIAPI
+Tpm12SaveState (
+ VOID
+ )
+{
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR Command;
+ TPM_RSP_COMMAND_HDR Response;
+ UINT32 Length;
+
+ //
+ // send Tpm command TPM_ORD_SaveState
+ //
+ Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.paramSize = SwapBytes32 (sizeof (Command));
+ Command.ordinal = SwapBytes32 (TPM_ORD_SaveState);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ if (EFI_ERROR (Status)) {
+ return Status;
+ }
+ switch (SwapBytes32 (Response.returnCode)) {
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
+ }
+}
|