tpm20: Bring in the edk2 includes for TPM 2.0 support
Bring these in from edk2-stable202502. They will be used in a forthcoming TPM 2.0 support code. Sponsored by: Netflix
This commit is contained in:
File diff suppressed because it is too large
Load Diff
File diff suppressed because it is too large
Load Diff
@@ -0,0 +1,722 @@
|
||||
/** @file
|
||||
TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final and
|
||||
TCG PC Client Platform Firmware Profile Specification, Revision 1.06
|
||||
|
||||
Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.<BR>
|
||||
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
|
||||
**/
|
||||
|
||||
#ifndef __UEFI_TCG_PLATFORM_H__
|
||||
#define __UEFI_TCG_PLATFORM_H__
|
||||
|
||||
#include <IndustryStandard/Tpm12.h>
|
||||
#include <IndustryStandard/Tpm20.h>
|
||||
#include <Uefi.h>
|
||||
|
||||
//
|
||||
// Standard event types
|
||||
//
|
||||
#define EV_PREBOOT_CERT ((TCG_EVENTTYPE) 0x00000000)
|
||||
#define EV_POST_CODE ((TCG_EVENTTYPE) 0x00000001)
|
||||
#define EV_NO_ACTION ((TCG_EVENTTYPE) 0x00000003)
|
||||
#define EV_SEPARATOR ((TCG_EVENTTYPE) 0x00000004)
|
||||
#define EV_ACTION ((TCG_EVENTTYPE) 0x00000005)
|
||||
#define EV_EVENT_TAG ((TCG_EVENTTYPE) 0x00000006)
|
||||
#define EV_S_CRTM_CONTENTS ((TCG_EVENTTYPE) 0x00000007)
|
||||
#define EV_S_CRTM_VERSION ((TCG_EVENTTYPE) 0x00000008)
|
||||
#define EV_CPU_MICROCODE ((TCG_EVENTTYPE) 0x00000009)
|
||||
#define EV_PLATFORM_CONFIG_FLAGS ((TCG_EVENTTYPE) 0x0000000A)
|
||||
#define EV_TABLE_OF_DEVICES ((TCG_EVENTTYPE) 0x0000000B)
|
||||
#define EV_COMPACT_HASH ((TCG_EVENTTYPE) 0x0000000C)
|
||||
#define EV_NONHOST_CODE ((TCG_EVENTTYPE) 0x0000000F)
|
||||
#define EV_NONHOST_CONFIG ((TCG_EVENTTYPE) 0x00000010)
|
||||
#define EV_NONHOST_INFO ((TCG_EVENTTYPE) 0x00000011)
|
||||
#define EV_OMIT_BOOT_DEVICE_EVENTS ((TCG_EVENTTYPE) 0x00000012)
|
||||
|
||||
//
|
||||
// EFI specific event types
|
||||
//
|
||||
#define EV_EFI_EVENT_BASE ((TCG_EVENTTYPE) 0x80000000)
|
||||
#define EV_EFI_VARIABLE_DRIVER_CONFIG (EV_EFI_EVENT_BASE + 1)
|
||||
#define EV_EFI_VARIABLE_BOOT (EV_EFI_EVENT_BASE + 2)
|
||||
#define EV_EFI_BOOT_SERVICES_APPLICATION (EV_EFI_EVENT_BASE + 3)
|
||||
#define EV_EFI_BOOT_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 4)
|
||||
#define EV_EFI_RUNTIME_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 5)
|
||||
#define EV_EFI_GPT_EVENT (EV_EFI_EVENT_BASE + 6)
|
||||
#define EV_EFI_ACTION (EV_EFI_EVENT_BASE + 7)
|
||||
#define EV_EFI_PLATFORM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 8)
|
||||
#define EV_EFI_HANDOFF_TABLES (EV_EFI_EVENT_BASE + 9)
|
||||
#define EV_EFI_PLATFORM_FIRMWARE_BLOB2 (EV_EFI_EVENT_BASE + 0xA)
|
||||
#define EV_EFI_HANDOFF_TABLES2 (EV_EFI_EVENT_BASE + 0xB)
|
||||
#define EV_EFI_HCRTM_EVENT (EV_EFI_EVENT_BASE + 0x10)
|
||||
#define EV_EFI_VARIABLE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE0)
|
||||
#define EV_EFI_SPDM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 0xE1)
|
||||
#define EV_EFI_SPDM_FIRMWARE_CONFIG (EV_EFI_EVENT_BASE + 0xE2)
|
||||
#define EV_EFI_SPDM_DEVICE_BLOB EV_EFI_SPDM_FIRMWARE_BLOB
|
||||
#define EV_EFI_SPDM_DEVICE_CONFIG EV_EFI_SPDM_FIRMWARE_CONFIG
|
||||
//
|
||||
// The SPDM policy database for SPDM verification.
|
||||
// It goes to PCR7
|
||||
//
|
||||
#define EV_EFI_SPDM_DEVICE_POLICY (EV_EFI_EVENT_BASE + 0xE3)
|
||||
//
|
||||
// The SPDM policy authority for SPDM verification for the signature
|
||||
// of GET_MEASUREMENT or CHALLENGE_AUTH. It goes to PCR7.
|
||||
//
|
||||
#define EV_EFI_SPDM_DEVICE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE4)
|
||||
|
||||
#define EFI_CALLING_EFI_APPLICATION \
|
||||
"Calling EFI Application from Boot Option"
|
||||
#define EFI_RETURNING_FROM_EFI_APPLICATION \
|
||||
"Returning from EFI Application from Boot Option"
|
||||
#define EFI_EXIT_BOOT_SERVICES_INVOCATION \
|
||||
"Exit Boot Services Invocation"
|
||||
#define EFI_EXIT_BOOT_SERVICES_FAILED \
|
||||
"Exit Boot Services Returned with Failure"
|
||||
#define EFI_EXIT_BOOT_SERVICES_SUCCEEDED \
|
||||
"Exit Boot Services Returned with Success"
|
||||
|
||||
#define EV_POSTCODE_INFO_POST_CODE "POST CODE"
|
||||
#define POST_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_POST_CODE) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_SMM_CODE "SMM CODE"
|
||||
#define SMM_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_SMM_CODE) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_ACPI_DATA "ACPI DATA"
|
||||
#define ACPI_DATA_LEN (sizeof(EV_POSTCODE_INFO_ACPI_DATA) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_BIS_CODE "BIS CODE"
|
||||
#define BIS_CODE_LEN (sizeof(EV_POSTCODE_INFO_BIS_CODE) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_UEFI_PI "UEFI PI"
|
||||
#define UEFI_PI_LEN (sizeof(EV_POSTCODE_INFO_UEFI_PI) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_OPROM "Embedded Option ROM"
|
||||
#define OPROM_LEN (sizeof(EV_POSTCODE_INFO_OPROM) - 1)
|
||||
|
||||
#define EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER "Embedded UEFI Driver"
|
||||
#define EMBEDDED_UEFI_DRIVER_LEN (sizeof(EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER) - 1)
|
||||
|
||||
#define FIRMWARE_DEBUGGER_EVENT_STRING "UEFI Debug Mode"
|
||||
#define FIRMWARE_DEBUGGER_EVENT_STRING_LEN (sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1)
|
||||
|
||||
//
|
||||
// Set structure alignment to 1-byte
|
||||
//
|
||||
#pragma pack (1)
|
||||
|
||||
typedef UINT32 TCG_EVENTTYPE;
|
||||
typedef TPM_PCRINDEX TCG_PCRINDEX;
|
||||
typedef TPM_DIGEST TCG_DIGEST;
|
||||
///
|
||||
/// Event Log Entry Structure Definition
|
||||
///
|
||||
typedef struct tdTCG_PCR_EVENT {
|
||||
TCG_PCRINDEX PCRIndex; ///< PCRIndex event extended to
|
||||
TCG_EVENTTYPE EventType; ///< TCG EFI event type
|
||||
TCG_DIGEST Digest; ///< Value extended into PCRIndex
|
||||
UINT32 EventSize; ///< Size of the event data
|
||||
UINT8 Event[1]; ///< The event data
|
||||
} TCG_PCR_EVENT;
|
||||
|
||||
#define TSS_EVENT_DATA_MAX_SIZE 256
|
||||
|
||||
///
|
||||
/// TCG_PCR_EVENT_HDR
|
||||
///
|
||||
typedef struct tdTCG_PCR_EVENT_HDR {
|
||||
TCG_PCRINDEX PCRIndex;
|
||||
TCG_EVENTTYPE EventType;
|
||||
TCG_DIGEST Digest;
|
||||
UINT32 EventSize;
|
||||
} TCG_PCR_EVENT_HDR;
|
||||
|
||||
///
|
||||
/// EFI_PLATFORM_FIRMWARE_BLOB
|
||||
///
|
||||
/// BlobLength should be of type UINTN but we use UINT64 here
|
||||
/// because PEI is 32-bit while DXE is 64-bit on x64 platforms
|
||||
///
|
||||
typedef struct tdEFI_PLATFORM_FIRMWARE_BLOB {
|
||||
EFI_PHYSICAL_ADDRESS BlobBase;
|
||||
UINT64 BlobLength;
|
||||
} EFI_PLATFORM_FIRMWARE_BLOB;
|
||||
|
||||
///
|
||||
/// UEFI_PLATFORM_FIRMWARE_BLOB
|
||||
///
|
||||
/// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB
|
||||
/// event to facilitate the measurement of firmware volume.
|
||||
///
|
||||
typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB {
|
||||
EFI_PHYSICAL_ADDRESS BlobBase;
|
||||
UINT64 BlobLength;
|
||||
} UEFI_PLATFORM_FIRMWARE_BLOB;
|
||||
|
||||
///
|
||||
/// UEFI_PLATFORM_FIRMWARE_BLOB2
|
||||
///
|
||||
/// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB2
|
||||
/// event to facilitate the measurement of firmware volume.
|
||||
///
|
||||
typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB2 {
|
||||
UINT8 BlobDescriptionSize;
|
||||
// UINT8 BlobDescription[BlobDescriptionSize];
|
||||
// EFI_PHYSICAL_ADDRESS BlobBase;
|
||||
// UINT64 BlobLength;
|
||||
} UEFI_PLATFORM_FIRMWARE_BLOB2;
|
||||
|
||||
///
|
||||
/// EFI_IMAGE_LOAD_EVENT
|
||||
///
|
||||
/// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION,
|
||||
/// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER
|
||||
///
|
||||
typedef struct tdEFI_IMAGE_LOAD_EVENT {
|
||||
EFI_PHYSICAL_ADDRESS ImageLocationInMemory;
|
||||
UINTN ImageLengthInMemory;
|
||||
UINTN ImageLinkTimeAddress;
|
||||
UINTN LengthOfDevicePath;
|
||||
EFI_DEVICE_PATH_PROTOCOL DevicePath[1];
|
||||
} EFI_IMAGE_LOAD_EVENT;
|
||||
|
||||
///
|
||||
/// UEFI_IMAGE_LOAD_EVENT
|
||||
///
|
||||
/// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION,
|
||||
/// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER
|
||||
///
|
||||
typedef struct tdUEFI_IMAGE_LOAD_EVENT {
|
||||
EFI_PHYSICAL_ADDRESS ImageLocationInMemory;
|
||||
UINT64 ImageLengthInMemory;
|
||||
UINT64 ImageLinkTimeAddress;
|
||||
UINT64 LengthOfDevicePath;
|
||||
EFI_DEVICE_PATH_PROTOCOL DevicePath[1];
|
||||
} UEFI_IMAGE_LOAD_EVENT;
|
||||
|
||||
///
|
||||
/// EFI_HANDOFF_TABLE_POINTERS
|
||||
///
|
||||
/// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate
|
||||
/// the measurement of given configuration tables.
|
||||
///
|
||||
typedef struct tdEFI_HANDOFF_TABLE_POINTERS {
|
||||
UINTN NumberOfTables;
|
||||
EFI_CONFIGURATION_TABLE TableEntry[1];
|
||||
} EFI_HANDOFF_TABLE_POINTERS;
|
||||
|
||||
///
|
||||
/// UEFI_HANDOFF_TABLE_POINTERS
|
||||
///
|
||||
/// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate
|
||||
/// the measurement of given configuration tables.
|
||||
///
|
||||
typedef struct tdUEFI_HANDOFF_TABLE_POINTERS {
|
||||
UINT64 NumberOfTables;
|
||||
EFI_CONFIGURATION_TABLE TableEntry[1];
|
||||
} UEFI_HANDOFF_TABLE_POINTERS;
|
||||
|
||||
///
|
||||
/// UEFI_HANDOFF_TABLE_POINTERS2
|
||||
///
|
||||
/// This structure is used in EV_EFI_HANDOFF_TABLES2 event to facilitate
|
||||
/// the measurement of given configuration tables.
|
||||
///
|
||||
typedef struct tdUEFI_HANDOFF_TABLE_POINTERS2 {
|
||||
UINT8 TableDescriptionSize;
|
||||
// UINT8 TableDescription[TableDescriptionSize];
|
||||
// UINT64 NumberOfTables;
|
||||
// EFI_CONFIGURATION_TABLE TableEntry[1];
|
||||
} UEFI_HANDOFF_TABLE_POINTERS2;
|
||||
|
||||
///
|
||||
/// EFI_VARIABLE_DATA
|
||||
///
|
||||
/// This structure serves as the header for measuring variables. The name of the
|
||||
/// variable (in Unicode format) should immediately follow, then the variable
|
||||
/// data.
|
||||
/// This is defined in TCG EFI Platform Spec for TPM1.1 or 1.2 V1.22
|
||||
///
|
||||
typedef struct tdEFI_VARIABLE_DATA {
|
||||
EFI_GUID VariableName;
|
||||
UINTN UnicodeNameLength;
|
||||
UINTN VariableDataLength;
|
||||
CHAR16 UnicodeName[1];
|
||||
INT8 VariableData[1]; ///< Driver or platform-specific data
|
||||
} EFI_VARIABLE_DATA;
|
||||
|
||||
///
|
||||
/// UEFI_VARIABLE_DATA
|
||||
///
|
||||
/// This structure serves as the header for measuring variables. The name of the
|
||||
/// variable (in Unicode format) should immediately follow, then the variable
|
||||
/// data.
|
||||
/// This is defined in TCG PC Client Firmware Profile Spec 00.21
|
||||
///
|
||||
typedef struct tdUEFI_VARIABLE_DATA {
|
||||
EFI_GUID VariableName;
|
||||
UINT64 UnicodeNameLength;
|
||||
UINT64 VariableDataLength;
|
||||
CHAR16 UnicodeName[1];
|
||||
INT8 VariableData[1]; ///< Driver or platform-specific data
|
||||
} UEFI_VARIABLE_DATA;
|
||||
|
||||
//
|
||||
// For TrEE1.0 compatibility
|
||||
//
|
||||
typedef struct {
|
||||
EFI_GUID VariableName;
|
||||
UINT64 UnicodeNameLength; // The TCG Definition used UINTN
|
||||
UINT64 VariableDataLength; // The TCG Definition used UINTN
|
||||
CHAR16 UnicodeName[1];
|
||||
INT8 VariableData[1];
|
||||
} EFI_VARIABLE_DATA_TREE;
|
||||
|
||||
typedef struct tdEFI_GPT_DATA {
|
||||
EFI_PARTITION_TABLE_HEADER EfiPartitionHeader;
|
||||
UINTN NumberOfPartitions;
|
||||
EFI_PARTITION_ENTRY Partitions[1];
|
||||
} EFI_GPT_DATA;
|
||||
|
||||
typedef struct tdUEFI_GPT_DATA {
|
||||
EFI_PARTITION_TABLE_HEADER EfiPartitionHeader;
|
||||
UINT64 NumberOfPartitions;
|
||||
EFI_PARTITION_ENTRY Partitions[1];
|
||||
} UEFI_GPT_DATA;
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE "SPDM Device Sec"
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION 1
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL 0
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI 1
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB 2
|
||||
|
||||
///
|
||||
/// TCG_DEVICE_SECURITY_EVENT_DATA_HEADER
|
||||
/// This is the header of TCG_DEVICE_SECURITY_EVENT_DATA, which is
|
||||
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.
|
||||
///
|
||||
typedef struct {
|
||||
UINT8 Signature[16];
|
||||
UINT16 Version;
|
||||
UINT16 Length;
|
||||
UINT32 SpdmHashAlgo;
|
||||
UINT32 DeviceType;
|
||||
// SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_HEADER;
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION 0
|
||||
|
||||
///
|
||||
/// TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT
|
||||
/// This is the PCI context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is
|
||||
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.
|
||||
///
|
||||
typedef struct {
|
||||
UINT16 Version;
|
||||
UINT16 Length;
|
||||
UINT16 VendorId;
|
||||
UINT16 DeviceId;
|
||||
UINT8 RevisionID;
|
||||
UINT8 ClassCode[3];
|
||||
UINT16 SubsystemVendorID;
|
||||
UINT16 SubsystemID;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT;
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT_VERSION 0
|
||||
|
||||
///
|
||||
/// TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT
|
||||
/// This is the USB context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is
|
||||
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.
|
||||
///
|
||||
typedef struct {
|
||||
UINT16 Version;
|
||||
UINT16 Length;
|
||||
// UINT8 DeviceDescriptor[DescLen];
|
||||
// UINT8 BodDescriptor[DescLen];
|
||||
// UINT8 ConfigurationDescriptor[DescLen][NumOfConfiguration];
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT;
|
||||
|
||||
//
|
||||
// Crypto Agile Log Entry Format
|
||||
//
|
||||
typedef struct tdTCG_PCR_EVENT2 {
|
||||
TCG_PCRINDEX PCRIndex;
|
||||
TCG_EVENTTYPE EventType;
|
||||
TPML_DIGEST_VALUES Digest;
|
||||
UINT32 EventSize;
|
||||
UINT8 Event[1];
|
||||
} TCG_PCR_EVENT2;
|
||||
|
||||
//
|
||||
// TCG PCR Event2 Header
|
||||
// Follow TCG EFI Protocol Spec 5.2 Crypto Agile Log Entry Format
|
||||
//
|
||||
typedef struct tdTCG_PCR_EVENT2_HDR {
|
||||
TCG_PCRINDEX PCRIndex;
|
||||
TCG_EVENTTYPE EventType;
|
||||
TPML_DIGEST_VALUES Digests;
|
||||
UINT32 EventSize;
|
||||
} TCG_PCR_EVENT2_HDR;
|
||||
|
||||
//
|
||||
// Log Header Entry Data
|
||||
//
|
||||
typedef struct {
|
||||
//
|
||||
// TCG defined hashing algorithm ID.
|
||||
//
|
||||
UINT16 algorithmId;
|
||||
//
|
||||
// The size of the digest for the respective hashing algorithm.
|
||||
//
|
||||
UINT16 digestSize;
|
||||
} TCG_EfiSpecIdEventAlgorithmSize;
|
||||
|
||||
#define TCG_EfiSpecIDEventStruct_SIGNATURE_02 "Spec ID Event02"
|
||||
#define TCG_EfiSpecIDEventStruct_SIGNATURE_03 "Spec ID Event03"
|
||||
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM12 1
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM12 2
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM12 2
|
||||
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2 2
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2 0
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2 0
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105 105
|
||||
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_106 106
|
||||
|
||||
typedef struct {
|
||||
UINT8 signature[16];
|
||||
//
|
||||
// The value for the Platform Class.
|
||||
// The enumeration is defined in the TCG ACPI Specification Client Common Header.
|
||||
//
|
||||
UINT32 platformClass;
|
||||
//
|
||||
// The TCG EFI Platform Specification minor version number this BIOS supports.
|
||||
// Any BIOS supporting version (1.22) MUST set this value to 02h.
|
||||
// Any BIOS supporting version (2.0) SHALL set this value to 0x00.
|
||||
//
|
||||
UINT8 specVersionMinor;
|
||||
//
|
||||
// The TCG EFI Platform Specification major version number this BIOS supports.
|
||||
// Any BIOS supporting version (1.22) MUST set this value to 01h.
|
||||
// Any BIOS supporting version (2.0) SHALL set this value to 0x02.
|
||||
//
|
||||
UINT8 specVersionMajor;
|
||||
//
|
||||
// The TCG EFI Platform Specification errata for this specification this BIOS supports.
|
||||
// Any BIOS supporting version and errata (1.22) MUST set this value to 02h.
|
||||
// Any BIOS supporting version and errata (2.0) SHALL set this value to 0x00.
|
||||
//
|
||||
UINT8 specErrata;
|
||||
//
|
||||
// Specifies the size of the UINTN fields used in various data structures used in this specification.
|
||||
// 0x01 indicates UINT32 and 0x02 indicates UINT64.
|
||||
//
|
||||
UINT8 uintnSize;
|
||||
//
|
||||
// This field is added in "Spec ID Event03".
|
||||
// The number of hashing algorithms used in this event log (except the first event).
|
||||
// All events in this event log use all hashing algorithms defined here.
|
||||
//
|
||||
UINT32 numberOfAlgorithms;
|
||||
//
|
||||
// This field is added in "Spec ID Event03".
|
||||
// An array of size numberOfAlgorithms of value pairs.
|
||||
//
|
||||
//TCG_EfiSpecIdEventAlgorithmSize digestSize[numberOfAlgorithms];
|
||||
TCG_EfiSpecIdEventAlgorithmSize digestSize[];
|
||||
//
|
||||
// Size in bytes of the VendorInfo field.
|
||||
// Maximum value SHALL be FFh bytes.
|
||||
//
|
||||
//UINT8 vendorInfoSize;
|
||||
//
|
||||
// Provided for use by the BIOS implementer.
|
||||
// The value might be used, for example, to provide more detailed information about the specific BIOS such as BIOS revision numbers, etc.
|
||||
// The values within this field are not standardized and are implementer-specific.
|
||||
// Platform-specific or -unique information SHALL NOT be provided in this field.
|
||||
//
|
||||
//UINT8 vendorInfo[vendorInfoSize];
|
||||
} TCG_EfiSpecIDEventStruct;
|
||||
|
||||
typedef struct tdTCG_PCClientTaggedEvent {
|
||||
UINT32 taggedEventID;
|
||||
UINT32 taggedEventDataSize;
|
||||
// UINT8 taggedEventData[taggedEventDataSize];
|
||||
} TCG_PCClientTaggedEvent;
|
||||
|
||||
#define TCG_Sp800_155_PlatformId_Event_SIGNATURE "SP800-155 Event"
|
||||
#define TCG_Sp800_155_PlatformId_Event2_SIGNATURE "SP800-155 Event2"
|
||||
#define TCG_Sp800_155_PlatformId_Event3_SIGNATURE "SP800-155 Event3"
|
||||
|
||||
typedef struct tdTCG_Sp800_155_PlatformId_Event2 {
|
||||
UINT8 Signature[16];
|
||||
//
|
||||
// Where Vendor ID is an integer defined
|
||||
// at http://www.iana.org/assignments/enterprisenumbers
|
||||
//
|
||||
UINT32 VendorId;
|
||||
//
|
||||
// 16-byte identifier of a given platform's static configuration of code
|
||||
//
|
||||
EFI_GUID ReferenceManifestGuid;
|
||||
//
|
||||
// Below structure is newly added in TCG_Sp800_155_PlatformId_Event2.
|
||||
//
|
||||
// UINT8 PlatformManufacturerStrSize;
|
||||
// UINT8 PlatformManufacturerStr[PlatformManufacturerStrSize];
|
||||
// UINT8 PlatformModelSize;
|
||||
// UINT8 PlatformModel[PlatformModelSize];
|
||||
// UINT8 PlatformVersionSize;
|
||||
// UINT8 PlatformVersion[PlatformVersionSize];
|
||||
// UINT8 FirmwareManufacturerStrSize;
|
||||
// UINT8 FirmwareManufacturerStr[FirmwareManufacturerStrSize];
|
||||
// UINT32 FirmwareManufacturerId;
|
||||
// UINT8 FirmwareVersion;
|
||||
// UINT8 FirmwareVersion[FirmwareVersionSize];
|
||||
} TCG_Sp800_155_PlatformId_Event2;
|
||||
|
||||
typedef struct tdTCG_Sp800_155_PlatformId_Event3 {
|
||||
UINT8 Signature[16];
|
||||
//
|
||||
// Where Vendor ID is an integer defined
|
||||
// at http://www.iana.org/assignments/enterprisenumbers
|
||||
//
|
||||
UINT32 VendorId;
|
||||
//
|
||||
// 16-byte identifier of a given platform's static configuration of code
|
||||
//
|
||||
EFI_GUID ReferenceManifestGuid;
|
||||
// UINT8 PlatformManufacturerStrSize;
|
||||
// UINT8 PlatformManufacturerStr[PlatformManufacturerStrSize];
|
||||
// UINT8 PlatformModelSize;
|
||||
// UINT8 PlatformModel[PlatformModelSize];
|
||||
// UINT8 PlatformVersionSize;
|
||||
// UINT8 PlatformVersion[PlatformVersionSize];
|
||||
// UINT8 FirmwareManufacturerStrSize;
|
||||
// UINT8 FirmwareManufacturerStr[FirmwareManufacturerStrSize];
|
||||
// UINT32 FirmwareManufacturerId;
|
||||
// UINT8 FirmwareVersion;
|
||||
// UINT8 FirmwareVersion[FirmwareVersionSize];
|
||||
//
|
||||
// Below structure is newly added in TCG_Sp800_155_PlatformId_Event3
|
||||
//
|
||||
// UINT32 RimLocatorType;
|
||||
// UINT32 RimLocatorLength;
|
||||
// UINT8 RimLocator[RimLocatorLength];
|
||||
// UINT32 PlatformCertLocatorType;
|
||||
// UINT32 PlatformCertLocatorLength;
|
||||
// UINT8 PlatformCertLocator[PlatformCertLocatorLength];
|
||||
} TCG_Sp800_155_PlatformId_Event3;
|
||||
|
||||
/**
|
||||
* TCG specifies a locator type with the following values
|
||||
* 0 - Raw data in the locator itself.
|
||||
* 1 - URI in rtf2396 format.
|
||||
* 2 - local device path in EFI_DEVICE_PATH_PROTOCOL format.
|
||||
* 3 - UEFI variable (16 byte EFI_GUID, then 00-terminated UCS2 string)
|
||||
**/
|
||||
#define TCG_LOCATOR_TYPE_RAW_DATA 0
|
||||
#define TCG_LOCATOR_TYPE_URI 1
|
||||
#define TCG_LOCATOR_TYPE_DEVICE_PATH 2
|
||||
#define TCG_LOCATOR_TYPE_UEFI_VARIABLE 3
|
||||
|
||||
#define TCG_EfiStartupLocalityEvent_SIGNATURE "StartupLocality"
|
||||
|
||||
//
|
||||
// The Locality Indicator which sent the TPM2_Startup command
|
||||
//
|
||||
#define LOCALITY_0_INDICATOR 0x00
|
||||
#define LOCALITY_3_INDICATOR 0x03
|
||||
|
||||
//
|
||||
// Startup Locality Event
|
||||
//
|
||||
typedef struct tdTCG_EfiStartupLocalityEvent {
|
||||
UINT8 Signature[16];
|
||||
//
|
||||
// The Locality Indicator which sent the TPM2_Startup command
|
||||
//
|
||||
UINT8 StartupLocality;
|
||||
} TCG_EfiStartupLocalityEvent;
|
||||
|
||||
//
|
||||
// Restore original structure alignment
|
||||
//
|
||||
#pragma pack ()
|
||||
|
||||
//
|
||||
// ======================================================================================================================
|
||||
// Event Type PCR Event Log Usage
|
||||
// ======================================================================================================================
|
||||
// EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device
|
||||
// EV_EFI_SPDM_DEVICE_CONFIG 3 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device
|
||||
// EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_SUMMARY_HASH.TCB (subtype) SUMMARY_HASH from device
|
||||
|
||||
// EV_EFI_SPDM_DEVICE_POLICY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_LIST Provisioned device public cert.
|
||||
// EV_EFI_SPDM_DEVICE_AUTHORITY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_DATA CHALLENGE_AUTH signature verification
|
||||
// ======================================================================================================================
|
||||
//
|
||||
|
||||
#define PCR_INDEX_FOR_SIGNATURE_DB 7
|
||||
|
||||
#pragma pack(1)
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_1 1
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_2 2
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE_2 "SPDM Device Sec2"
|
||||
|
||||
typedef struct {
|
||||
UINT8 Signature[16];
|
||||
UINT16 Version;
|
||||
UINT8 AuthState;
|
||||
UINT8 Reserved;
|
||||
UINT32 Length; // Length in bytes for all following structures.
|
||||
UINT32 DeviceType;
|
||||
UINT32 SubHeaderType;
|
||||
UINT32 SubHeaderLength; // Length in bytes of the sub header followed by.
|
||||
UINT64 SubHeaderUID; // Universal identifier assigned by the event log creator. It can be used to bind two sub header structure together.
|
||||
// UINT64 DevicePathLength;
|
||||
// UINT8 DevicePath[DevicePathLength];
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2;
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_SUCCESS 0
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_AUTH 1
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_BINDING 2
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_NO_SIG 3
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_INVALID 4
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_SPDM 0xFF
|
||||
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_MEASUREMENT_BLOCK 0
|
||||
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_CERT_CHAIN 1
|
||||
|
||||
typedef struct {
|
||||
UINT16 SpdmVersion;
|
||||
UINT8 SpdmMeasurementBlockCount;
|
||||
UINT8 Reserved;
|
||||
UINT32 SpdmMeasurementHashAlgo;
|
||||
// SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK;
|
||||
|
||||
typedef struct {
|
||||
UINT16 SpdmVersion;
|
||||
UINT8 SpdmSlotId;
|
||||
UINT8 Reserved;
|
||||
UINT32 SpdmHashAlgo;
|
||||
// SPDM_CERT_CHAIN SpdmCertChain;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN;
|
||||
|
||||
typedef struct {
|
||||
UINT32 Type;
|
||||
UINT32 Length;
|
||||
UINT8 Value[1];
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT;
|
||||
|
||||
typedef union {
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock;
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN SpdmCertChain;
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT OemMeasurement;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER;
|
||||
|
||||
typedef union {
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT Pci;
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT Usb;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;
|
||||
|
||||
typedef struct {
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader;
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader;
|
||||
TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext;
|
||||
} TCG_DEVICE_SECURITY_EVENT_DATA2;
|
||||
|
||||
#pragma pack()
|
||||
|
||||
//
|
||||
// EventType:EV_NO_ACTION
|
||||
// ======================================================================================================================
|
||||
// NVIndex Name PCR/NvIndex Event Log Usage
|
||||
// ======================================================================================================================
|
||||
// NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200 NV_INDEX_INSTANCE_EVENT_LOG_STRUCT NV Extend Record for instance data (CertChain)
|
||||
// NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201 NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT NV Extend Record for dynamic data (Nonce)
|
||||
|
||||
// EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ExitPmAuth
|
||||
// EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ReadyToBoot
|
||||
// ======================================================================================================================
|
||||
//
|
||||
|
||||
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200
|
||||
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201
|
||||
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202
|
||||
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203
|
||||
|
||||
#pragma pack(1)
|
||||
|
||||
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE_SIGNATURE "NvIndexInstance"
|
||||
#define TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT_VERSION 1
|
||||
|
||||
typedef struct {
|
||||
UINT8 Signature[16];
|
||||
UINT16 Version;
|
||||
UINT8 Reserved[6];
|
||||
// TCG_DEVICE_SECURITY_EVENT_DATA2 Data;
|
||||
} TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT;
|
||||
|
||||
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC_SIGNATURE "NvIndexDynamic "
|
||||
#define TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_VERSION 1
|
||||
|
||||
#define TCG_SPDM_CHALLENGE_DESCRIPTION "SPDM CHALLENGE"
|
||||
#define TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION "SPDM CHALLENGE_AUTH"
|
||||
#define TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION "SPDM GET_MEASUREMENTS"
|
||||
#define TCG_SPDM_MEASUREMENTS_DESCRIPTION "SPDM MEASUREMENTS"
|
||||
|
||||
typedef struct {
|
||||
UINT8 Signature[16];
|
||||
UINT16 Version;
|
||||
UINT8 Reserved[6];
|
||||
UINT64 Uid;
|
||||
// UINT16 DescriptionSize;
|
||||
// UINT8 Description[DescriptionSize];
|
||||
// UINT16 DataSize;
|
||||
// UINT8 Data[DataSize];
|
||||
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT;
|
||||
|
||||
typedef struct {
|
||||
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
|
||||
UINT16 DescriptionSize;
|
||||
UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_DESCRIPTION)];
|
||||
UINT16 DataSize;
|
||||
UINT8 Data[32];
|
||||
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE;
|
||||
|
||||
typedef struct {
|
||||
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
|
||||
UINT16 DescriptionSize;
|
||||
UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION)];
|
||||
UINT16 DataSize;
|
||||
UINT8 Data[32];
|
||||
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE_AUTH;
|
||||
|
||||
typedef struct {
|
||||
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
|
||||
UINT16 DescriptionSize;
|
||||
UINT8 Description[sizeof (TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION)];
|
||||
UINT16 DataSize;
|
||||
UINT8 Data[32];
|
||||
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_GET_MEASUREMENTS;
|
||||
|
||||
typedef struct {
|
||||
TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header;
|
||||
UINT16 DescriptionSize;
|
||||
UINT8 Description[sizeof (TCG_SPDM_MEASUREMENTS_DESCRIPTION)];
|
||||
UINT16 DataSize;
|
||||
UINT8 Data[32];
|
||||
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_MEASUREMENTS;
|
||||
|
||||
#pragma pack()
|
||||
|
||||
#endif
|
||||
@@ -0,0 +1,335 @@
|
||||
/** @file
|
||||
TPM2 Protocol as defined in TCG PC Client Platform EFI Protocol Specification Family "2.0".
|
||||
See http://trustedcomputinggroup.org for the latest specification
|
||||
|
||||
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
|
||||
SPDX-License-Identifier: BSD-2-Clause-Patent
|
||||
|
||||
**/
|
||||
|
||||
#ifndef __TCG2_PROTOCOL_H__
|
||||
#define __TCG2_PROTOCOL_H__
|
||||
|
||||
#include <IndustryStandard/UefiTcgPlatform.h>
|
||||
#include <IndustryStandard/Tpm20.h>
|
||||
|
||||
#define EFI_TCG2_PROTOCOL_GUID \
|
||||
{0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }}
|
||||
|
||||
typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;
|
||||
|
||||
typedef struct tdEFI_TCG2_VERSION {
|
||||
UINT8 Major;
|
||||
UINT8 Minor;
|
||||
} EFI_TCG2_VERSION;
|
||||
|
||||
typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;
|
||||
typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;
|
||||
typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;
|
||||
|
||||
#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x00000001
|
||||
#define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002
|
||||
|
||||
typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {
|
||||
//
|
||||
// Allocated size of the structure
|
||||
//
|
||||
UINT8 Size;
|
||||
//
|
||||
// Version of the EFI_TCG2_BOOT_SERVICE_CAPABILITY structure itself.
|
||||
// For this version of the protocol, the Major version shall be set to 1
|
||||
// and the Minor version shall be set to 1.
|
||||
//
|
||||
EFI_TCG2_VERSION StructureVersion;
|
||||
//
|
||||
// Version of the EFI TCG2 protocol.
|
||||
// For this version of the protocol, the Major version shall be set to 1
|
||||
// and the Minor version shall be set to 1.
|
||||
//
|
||||
EFI_TCG2_VERSION ProtocolVersion;
|
||||
//
|
||||
// Supported hash algorithms (this bitmap is determined by the supported PCR
|
||||
// banks in the TPM and the hashing algorithms supported by the firmware)
|
||||
//
|
||||
EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;
|
||||
//
|
||||
// Bitmap of supported event log formats
|
||||
//
|
||||
EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;
|
||||
//
|
||||
// False = TPM not present
|
||||
//
|
||||
BOOLEAN TPMPresentFlag;
|
||||
//
|
||||
// Max size (in bytes) of a command that can be sent to the TPM
|
||||
//
|
||||
UINT16 MaxCommandSize;
|
||||
//
|
||||
// Max size (in bytes) of a response that can be provided by the TPM
|
||||
//
|
||||
UINT16 MaxResponseSize;
|
||||
//
|
||||
// 4-byte Vendor ID
|
||||
// (see TCG Vendor ID registry, Section "TPM Capabilities Vendor ID")
|
||||
//
|
||||
UINT32 ManufacturerID;
|
||||
//
|
||||
// Maximum number of PCR banks (hashing algorithms) supported.
|
||||
// No granularity is provided to support a specific set of algorithms.
|
||||
// Minimum value is 1.
|
||||
//
|
||||
UINT32 NumberOfPCRBanks;
|
||||
//
|
||||
// A bitmap of currently active PCR banks (hashing algorithms).
|
||||
// This is a subset of the supported hashing algorithms reported in HashAlgorithmBitMap.
|
||||
// NumberOfPcrBanks defines the number of bits that are set.
|
||||
//
|
||||
EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;
|
||||
} EFI_TCG2_BOOT_SERVICE_CAPABILITY;
|
||||
|
||||
#define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001
|
||||
#define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002
|
||||
#define EFI_TCG2_BOOT_HASH_ALG_SHA384 0x00000004
|
||||
#define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008
|
||||
#define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
|
||||
|
||||
//
|
||||
// This bit is shall be set when an event shall be extended but not logged.
|
||||
//
|
||||
#define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
|
||||
//
|
||||
// This bit shall be set when the intent is to measure a PE/COFF image.
|
||||
//
|
||||
#define PE_COFF_IMAGE 0x0000000000000010
|
||||
|
||||
#define MAX_PCR_INDEX 23
|
||||
|
||||
#pragma pack(1)
|
||||
|
||||
#define EFI_TCG2_EVENT_HEADER_VERSION 1
|
||||
|
||||
typedef struct {
|
||||
//
|
||||
// Size of the event header itself (sizeof(EFI_TCG2_EVENT_HEADER)).
|
||||
//
|
||||
UINT32 HeaderSize;
|
||||
//
|
||||
// Header version. For this version of this specification, the value shall be 1.
|
||||
//
|
||||
UINT16 HeaderVersion;
|
||||
//
|
||||
// Index of the PCR that shall be extended (0 - 23).
|
||||
//
|
||||
TCG_PCRINDEX PCRIndex;
|
||||
//
|
||||
// Type of the event that shall be extended (and optionally logged).
|
||||
//
|
||||
TCG_EVENTTYPE EventType;
|
||||
} EFI_TCG2_EVENT_HEADER;
|
||||
|
||||
typedef struct tdEFI_TCG2_EVENT {
|
||||
//
|
||||
// Total size of the event including the Size component, the header and the Event data.
|
||||
//
|
||||
UINT32 Size;
|
||||
EFI_TCG2_EVENT_HEADER Header;
|
||||
UINT8 Event[1];
|
||||
} EFI_TCG2_EVENT;
|
||||
|
||||
#pragma pack()
|
||||
|
||||
/**
|
||||
The EFI_TCG2_PROTOCOL GetCapability function call provides protocol
|
||||
capability information and state information.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[in, out] ProtocolCapability The caller allocates memory for a EFI_TCG2_BOOT_SERVICE_CAPABILITY
|
||||
structure and sets the size field to the size of the structure allocated.
|
||||
The callee fills in the fields with the EFI protocol capability information
|
||||
and the current EFI TCG2 state information up to the number of fields which
|
||||
fit within the size of the structure passed in.
|
||||
|
||||
@retval EFI_SUCCESS Operation completed successfully.
|
||||
@retval EFI_DEVICE_ERROR The command was unsuccessful.
|
||||
The ProtocolCapability variable will not be populated.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
The ProtocolCapability variable will not be populated.
|
||||
@retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.
|
||||
It will be partially populated (required Size field will be set).
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_GET_CAPABILITY)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability
|
||||
);
|
||||
|
||||
/**
|
||||
The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to
|
||||
retrieve the address of a given event log and its last entry.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[in] EventLogFormat The type of the event log for which the information is requested.
|
||||
@param[out] EventLogLocation A pointer to the memory address of the event log.
|
||||
@param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the
|
||||
address of the start of the last entry in the event log in memory.
|
||||
@param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would
|
||||
have exceeded the area allocated for events, this value is set to TRUE.
|
||||
Otherwise, the value will be FALSE and the Event Log will be complete.
|
||||
|
||||
@retval EFI_SUCCESS Operation completed successfully.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect
|
||||
(e.g. asking for an event log whose format is not supported).
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_GET_EVENT_LOG)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
|
||||
OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
|
||||
OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,
|
||||
OUT BOOLEAN *EventLogTruncated
|
||||
);
|
||||
|
||||
/**
|
||||
The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with
|
||||
an opportunity to extend and optionally log events without requiring
|
||||
knowledge of actual TPM commands.
|
||||
The extend operation will occur even if this function cannot create an event
|
||||
log entry (e.g. due to the event log being full).
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[in] Flags Bitmap providing additional information.
|
||||
@param[in] DataToHash Physical address of the start of the data buffer to be hashed.
|
||||
@param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.
|
||||
@param[in] EfiTcgEvent Pointer to data buffer containing information about the event.
|
||||
|
||||
@retval EFI_SUCCESS Operation completed successfully.
|
||||
@retval EFI_DEVICE_ERROR The command was unsuccessful.
|
||||
@retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
@retval EFI_UNSUPPORTED The PE/COFF image type is not supported.
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_HASH_LOG_EXTEND_EVENT)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
IN UINT64 Flags,
|
||||
IN EFI_PHYSICAL_ADDRESS DataToHash,
|
||||
IN UINT64 DataToHashLen,
|
||||
IN EFI_TCG2_EVENT *EfiTcgEvent
|
||||
);
|
||||
|
||||
/**
|
||||
This service enables the sending of commands to the TPM.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[in] InputParameterBlockSize Size of the TPM input parameter block.
|
||||
@param[in] InputParameterBlock Pointer to the TPM input parameter block.
|
||||
@param[in] OutputParameterBlockSize Size of the TPM output parameter block.
|
||||
@param[in] OutputParameterBlock Pointer to the TPM output parameter block.
|
||||
|
||||
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
|
||||
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_SUBMIT_COMMAND)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
IN UINT32 InputParameterBlockSize,
|
||||
IN UINT8 *InputParameterBlock,
|
||||
IN UINT32 OutputParameterBlockSize,
|
||||
IN UINT8 *OutputParameterBlock
|
||||
);
|
||||
|
||||
/**
|
||||
This service returns the currently active PCR banks.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.
|
||||
|
||||
@retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_GET_ACTIVE_PCR_BANKS)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
OUT UINT32 *ActivePcrBanks
|
||||
);
|
||||
|
||||
/**
|
||||
This service sets the currently active PCR banks.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[in] ActivePcrBanks Bitmap of the requested active PCR banks. At least one bit SHALL be set.
|
||||
|
||||
@retval EFI_SUCCESS The bitmap in ActivePcrBank parameter is already active.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_SET_ACTIVE_PCR_BANKS)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
IN UINT32 ActivePcrBanks
|
||||
);
|
||||
|
||||
/**
|
||||
This service retrieves the result of a previous invocation of SetActivePcrBanks.
|
||||
|
||||
@param[in] This Indicates the calling context
|
||||
@param[out] OperationPresent Non-zero value to indicate a SetActivePcrBank operation was invoked during the last boot.
|
||||
@param[out] Response The response from the SetActivePcrBank request.
|
||||
|
||||
@retval EFI_SUCCESS The result value could be returned.
|
||||
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
|
||||
**/
|
||||
typedef
|
||||
EFI_STATUS
|
||||
(EFIAPI *EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS)(
|
||||
IN EFI_TCG2_PROTOCOL *This,
|
||||
OUT UINT32 *OperationPresent,
|
||||
OUT UINT32 *Response
|
||||
);
|
||||
|
||||
struct tdEFI_TCG2_PROTOCOL {
|
||||
EFI_TCG2_GET_CAPABILITY GetCapability;
|
||||
EFI_TCG2_GET_EVENT_LOG GetEventLog;
|
||||
EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;
|
||||
EFI_TCG2_SUBMIT_COMMAND SubmitCommand;
|
||||
EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;
|
||||
EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;
|
||||
EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;
|
||||
};
|
||||
|
||||
extern EFI_GUID gEfiTcg2ProtocolGuid;
|
||||
|
||||
//
|
||||
// Log entries after Get Event Log service
|
||||
//
|
||||
|
||||
#define EFI_TCG2_FINAL_EVENTS_TABLE_GUID \
|
||||
{0x1e2ed096, 0x30e2, 0x4254, { 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25 }}
|
||||
|
||||
extern EFI_GUID gEfiTcg2FinalEventsTableGuid;
|
||||
|
||||
typedef struct tdEFI_TCG2_FINAL_EVENTS_TABLE {
|
||||
//
|
||||
// The version of this structure.
|
||||
//
|
||||
UINT64 Version;
|
||||
//
|
||||
// Number of events recorded after invocation of GetEventLog API
|
||||
//
|
||||
UINT64 NumberOfEvents;
|
||||
//
|
||||
// List of events of type TCG_PCR_EVENT2.
|
||||
//
|
||||
// TCG_PCR_EVENT2 Event[1];
|
||||
} EFI_TCG2_FINAL_EVENTS_TABLE;
|
||||
|
||||
#define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1
|
||||
|
||||
#endif
|
||||
Reference in New Issue
Block a user