]>
Commit | Line | Data |
---|---|---|
59b226d6 JY |
1 | /** @file\r |
2 | TPM2 Protocol as defined in TCG PC Client Platform EFI Protocol Specification Family "2.0".\r | |
3 | See http://trustedcomputinggroup.org for the latest specification\r | |
4 | \r | |
5 | Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>\r | |
6 | This program and the accompanying materials \r | |
7 | are licensed and made available under the terms and conditions of the BSD License \r | |
8 | which accompanies this distribution. The full text of the license may be found at \r | |
9 | http://opensource.org/licenses/bsd-license.php\r | |
10 | \r | |
11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
13 | \r | |
14 | **/\r | |
15 | \r | |
16 | #ifndef __TCG2_PROTOCOL_H__\r | |
17 | #define __TCG2_PROTOCOL_H__\r | |
18 | \r | |
19 | #include <IndustryStandard/UefiTcgPlatform.h>\r | |
20 | #include <IndustryStandard/Tpm20.h>\r | |
21 | \r | |
22 | #define EFI_TCG2_PROTOCOL_GUID \\r | |
23 | {0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }}\r | |
24 | \r | |
25 | typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;\r | |
26 | \r | |
27 | typedef struct tdEFI_TCG2_VERSION {\r | |
28 | UINT8 Major;\r | |
29 | UINT8 Minor;\r | |
30 | } EFI_TCG2_VERSION;\r | |
31 | \r | |
32 | typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;\r | |
33 | typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;\r | |
34 | typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;\r | |
35 | \r | |
36 | #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x00000001\r | |
37 | #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002\r | |
38 | \r | |
39 | typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {\r | |
40 | //\r | |
41 | // Allocated size of the structure\r | |
42 | //\r | |
43 | UINT8 Size;\r | |
44 | //\r | |
45 | // Version of the EFI_TCG2_BOOT_SERVICE_CAPABILITY structure itself.\r | |
46 | // For this version of the protocol, the Major version shall be set to 1\r | |
47 | // and the Minor version shall be set to 1. \r | |
48 | //\r | |
49 | EFI_TCG2_VERSION StructureVersion;\r | |
50 | //\r | |
51 | // Version of the EFI TCG2 protocol.\r | |
52 | // For this version of the protocol, the Major version shall be set to 1\r | |
53 | // and the Minor version shall be set to 1. \r | |
54 | //\r | |
55 | EFI_TCG2_VERSION ProtocolVersion;\r | |
56 | //\r | |
57 | // Supported hash algorithms (this bitmap is determined by the supported PCR\r | |
58 | // banks in the TPM and the hashing algorithms supported by the firmware)\r | |
59 | //\r | |
60 | EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;\r | |
61 | //\r | |
62 | // Bitmap of supported event log formats\r | |
63 | //\r | |
64 | EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;\r | |
65 | //\r | |
66 | // False = TPM not present\r | |
67 | //\r | |
68 | BOOLEAN TPMPresentFlag;\r | |
69 | //\r | |
70 | // Max size (in bytes) of a command that can be sent to the TPM\r | |
71 | //\r | |
72 | UINT16 MaxCommandSize;\r | |
73 | //\r | |
74 | // Max size (in bytes) of a response that can be provided by the TPM\r | |
75 | //\r | |
76 | UINT16 MaxResponseSize;\r | |
77 | //\r | |
78 | // 4-byte Vendor ID\r | |
79 | // (see TCG Vendor ID registry, Section "TPM Capabilities Vendor ID")\r | |
80 | //\r | |
81 | UINT32 ManufacturerID;\r | |
82 | //\r | |
83 | // Maximum number of PCR banks (hashing algorithms) supported.\r | |
84 | // No granularity is provided to support a specific set of algorithms.\r | |
85 | // Minimum value is 1.\r | |
86 | //\r | |
87 | UINT32 NumberOfPCRBanks;\r | |
88 | //\r | |
89 | // A bitmap of currently active PCR banks (hashing algorithms).\r | |
90 | // This is a subset of the supported hashing algorithms reported in HashAlgorithmBitMap.\r | |
91 | // NumberOfPcrBanks defines the number of bits that are set.\r | |
92 | //\r | |
93 | EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;\r | |
94 | } EFI_TCG2_BOOT_SERVICE_CAPABILITY;\r | |
95 | \r | |
96 | #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001\r | |
97 | #define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002\r | |
98 | #define EFI_TCG2_BOOT_HASH_ALG_SHA384 0x00000004\r | |
99 | #define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008\r | |
100 | #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010\r | |
101 | \r | |
102 | //\r | |
103 | // This bit is shall be set when an event shall be extended but not logged.\r | |
104 | //\r | |
105 | #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001\r | |
106 | //\r | |
107 | // This bit shall be set when the intent is to measure a PE/COFF image.\r | |
108 | //\r | |
109 | #define PE_COFF_IMAGE 0x0000000000000010\r | |
110 | \r | |
111 | #define MAX_PCR_INDEX 23\r | |
112 | \r | |
113 | #pragma pack(1)\r | |
114 | \r | |
115 | #define EFI_TCG2_EVENT_HEADER_VERSION 1\r | |
116 | \r | |
117 | typedef struct {\r | |
118 | //\r | |
119 | // Size of the event header itself (sizeof(EFI_TCG2_EVENT_HEADER)). \r | |
120 | //\r | |
121 | UINT32 HeaderSize;\r | |
122 | //\r | |
123 | // Header version. For this version of this specification, the value shall be 1.\r | |
124 | //\r | |
125 | UINT16 HeaderVersion;\r | |
126 | //\r | |
127 | // Index of the PCR that shall be extended (0 - 23). \r | |
128 | //\r | |
129 | TCG_PCRINDEX PCRIndex;\r | |
130 | //\r | |
131 | // Type of the event that shall be extended (and optionally logged). \r | |
132 | //\r | |
133 | TCG_EVENTTYPE EventType;\r | |
134 | } EFI_TCG2_EVENT_HEADER;\r | |
135 | \r | |
136 | typedef struct tdEFI_TCG2_EVENT {\r | |
137 | //\r | |
138 | // Total size of the event including the Size component, the header and the Event data. \r | |
139 | //\r | |
140 | UINT32 Size;\r | |
141 | EFI_TCG2_EVENT_HEADER Header;\r | |
142 | UINT8 Event[1];\r | |
143 | } EFI_TCG2_EVENT;\r | |
144 | \r | |
145 | #pragma pack()\r | |
146 | \r | |
147 | /**\r | |
148 | The EFI_TCG2_PROTOCOL GetCapability function call provides protocol\r | |
149 | capability information and state information.\r | |
150 | \r | |
151 | @param[in] This Indicates the calling context\r | |
152 | @param[in, out] ProtocolCapability The caller allocates memory for a EFI_TCG2_BOOT_SERVICE_CAPABILITY\r | |
153 | structure and sets the size field to the size of the structure allocated.\r | |
154 | The callee fills in the fields with the EFI protocol capability information\r | |
155 | and the current EFI TCG2 state information up to the number of fields which\r | |
156 | fit within the size of the structure passed in.\r | |
157 | \r | |
158 | @retval EFI_SUCCESS Operation completed successfully.\r | |
159 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
160 | The ProtocolCapability variable will not be populated. \r | |
161 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
162 | The ProtocolCapability variable will not be populated.\r | |
163 | @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.\r | |
164 | It will be partially populated (required Size field will be set). \r | |
165 | **/\r | |
166 | typedef\r | |
167 | EFI_STATUS\r | |
168 | (EFIAPI *EFI_TCG2_GET_CAPABILITY) (\r | |
169 | IN EFI_TCG2_PROTOCOL *This,\r | |
170 | IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability\r | |
171 | );\r | |
172 | \r | |
173 | /**\r | |
174 | The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to\r | |
175 | retrieve the address of a given event log and its last entry. \r | |
176 | \r | |
177 | @param[in] This Indicates the calling context\r | |
178 | @param[in] EventLogFormat The type of the event log for which the information is requested.\r | |
179 | @param[out] EventLogLocation A pointer to the memory address of the event log.\r | |
180 | @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the\r | |
181 | address of the start of the last entry in the event log in memory.\r | |
182 | @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would\r | |
183 | have exceeded the area allocated for events, this value is set to TRUE.\r | |
184 | Otherwise, the value will be FALSE and the Event Log will be complete.\r | |
185 | \r | |
186 | @retval EFI_SUCCESS Operation completed successfully.\r | |
187 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect\r | |
188 | (e.g. asking for an event log whose format is not supported).\r | |
189 | **/\r | |
190 | typedef\r | |
191 | EFI_STATUS\r | |
192 | (EFIAPI *EFI_TCG2_GET_EVENT_LOG) (\r | |
193 | IN EFI_TCG2_PROTOCOL *This,\r | |
194 | IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,\r | |
195 | OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,\r | |
196 | OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,\r | |
197 | OUT BOOLEAN *EventLogTruncated\r | |
198 | );\r | |
199 | \r | |
200 | /**\r | |
201 | The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with\r | |
202 | an opportunity to extend and optionally log events without requiring\r | |
203 | knowledge of actual TPM commands. \r | |
204 | The extend operation will occur even if this function cannot create an event\r | |
205 | log entry (e.g. due to the event log being full). \r | |
206 | \r | |
207 | @param[in] This Indicates the calling context\r | |
208 | @param[in] Flags Bitmap providing additional information.\r | |
209 | @param[in] DataToHash Physical address of the start of the data buffer to be hashed. \r | |
210 | @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.\r | |
211 | @param[in] EfiTcgEvent Pointer to data buffer containing information about the event.\r | |
212 | \r | |
213 | @retval EFI_SUCCESS Operation completed successfully.\r | |
214 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
215 | @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.\r | |
216 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
217 | @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.\r | |
218 | **/\r | |
219 | typedef\r | |
220 | EFI_STATUS\r | |
221 | (EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (\r | |
222 | IN EFI_TCG2_PROTOCOL *This,\r | |
223 | IN UINT64 Flags,\r | |
224 | IN EFI_PHYSICAL_ADDRESS DataToHash,\r | |
225 | IN UINT64 DataToHashLen,\r | |
226 | IN EFI_TCG2_EVENT *EfiTcgEvent\r | |
227 | );\r | |
228 | \r | |
229 | /**\r | |
230 | This service enables the sending of commands to the TPM.\r | |
231 | \r | |
232 | @param[in] This Indicates the calling context\r | |
233 | @param[in] InputParameterBlockSize Size of the TPM input parameter block.\r | |
234 | @param[in] InputParameterBlock Pointer to the TPM input parameter block.\r | |
235 | @param[in] OutputParameterBlockSize Size of the TPM output parameter block.\r | |
236 | @param[in] OutputParameterBlock Pointer to the TPM output parameter block.\r | |
237 | \r | |
238 | @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r | |
239 | @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r | |
240 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
241 | @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. \r | |
242 | **/\r | |
243 | typedef\r | |
244 | EFI_STATUS\r | |
245 | (EFIAPI *EFI_TCG2_SUBMIT_COMMAND) (\r | |
246 | IN EFI_TCG2_PROTOCOL *This,\r | |
247 | IN UINT32 InputParameterBlockSize,\r | |
248 | IN UINT8 *InputParameterBlock,\r | |
249 | IN UINT32 OutputParameterBlockSize,\r | |
250 | IN UINT8 *OutputParameterBlock\r | |
251 | );\r | |
252 | \r | |
253 | /**\r | |
254 | This service returns the currently active PCR banks.\r | |
255 | \r | |
256 | @param[in] This Indicates the calling context\r | |
257 | @param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.\r | |
258 | \r | |
259 | @retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.\r | |
260 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. \r | |
261 | **/\r | |
262 | typedef\r | |
263 | EFI_STATUS\r | |
264 | (EFIAPI *EFI_TCG2_GET_ACTIVE_PCR_BANKS) (\r | |
265 | IN EFI_TCG2_PROTOCOL *This,\r | |
266 | OUT UINT32 *ActivePcrBanks\r | |
267 | );\r | |
268 | \r | |
269 | /**\r | |
270 | This service sets the currently active PCR banks.\r | |
271 | \r | |
272 | @param[in] This Indicates the calling context\r | |
273 | @param[in] ActivePcrBanks Bitmap of the requested active PCR banks. At least one bit SHALL be set.\r | |
274 | \r | |
275 | @retval EFI_SUCCESS The bitmap in ActivePcrBank parameter is already active.\r | |
276 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
277 | **/\r | |
278 | typedef\r | |
279 | EFI_STATUS\r | |
280 | (EFIAPI *EFI_TCG2_SET_ACTIVE_PCR_BANKS) (\r | |
281 | IN EFI_TCG2_PROTOCOL *This,\r | |
282 | IN UINT32 ActivePcrBanks\r | |
283 | );\r | |
284 | \r | |
285 | /**\r | |
286 | This service retrieves the result of a previous invocation of SetActivePcrBanks.\r | |
287 | \r | |
288 | @param[in] This Indicates the calling context\r | |
289 | @param[out] OperationPresent Non-zero value to indicate a SetActivePcrBank operation was invoked during the last boot.\r | |
290 | @param[out] Response The response from the SetActivePcrBank request.\r | |
291 | \r | |
292 | @retval EFI_SUCCESS The result value could be returned.\r | |
293 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
294 | **/\r | |
295 | typedef\r | |
296 | EFI_STATUS\r | |
297 | (EFIAPI *EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (\r | |
298 | IN EFI_TCG2_PROTOCOL *This,\r | |
299 | OUT UINT32 *OperationPresent,\r | |
300 | OUT UINT32 *Response\r | |
301 | );\r | |
302 | \r | |
303 | struct tdEFI_TCG2_PROTOCOL {\r | |
304 | EFI_TCG2_GET_CAPABILITY GetCapability;\r | |
305 | EFI_TCG2_GET_EVENT_LOG GetEventLog;\r | |
306 | EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;\r | |
307 | EFI_TCG2_SUBMIT_COMMAND SubmitCommand;\r | |
308 | EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;\r | |
309 | EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;\r | |
310 | EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;\r | |
311 | };\r | |
312 | \r | |
313 | extern EFI_GUID gEfiTcg2ProtocolGuid;\r | |
314 | \r | |
315 | //\r | |
316 | // Log entries after Get Event Log service\r | |
317 | //\r | |
318 | \r | |
319 | #define EFI_TCG2_FINAL_EVENTS_TABLE_GUID \\r | |
320 | {0x1e2ed096, 0x30e2, 0x4254, { 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25 }}\r | |
321 | \r | |
322 | extern EFI_GUID gEfiTcg2FinalEventsTableGuid;\r | |
323 | \r | |
324 | typedef struct tdEFI_TCG2_FINAL_EVENTS_TABLE {\r | |
325 | //\r | |
326 | // The version of this structure.\r | |
327 | //\r | |
328 | UINT64 Version;\r | |
329 | //\r | |
330 | // Number of events recorded after invocation of GetEventLog API\r | |
331 | //\r | |
332 | UINT64 NumberOfEvents;\r | |
333 | //\r | |
334 | // List of events of type TCG_PCR_EVENT2.\r | |
335 | //\r | |
336 | //TCG_PCR_EVENT2 Event[1];\r | |
337 | } EFI_TCG2_FINAL_EVENTS_TABLE;\r | |
338 | \r | |
339 | #define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1\r | |
340 | \r | |
341 | #endif\r |