3 Execute pending TPM requests from OS or BIOS and Lock TPM.
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable.
7 This external input must be validated carefully to avoid security issue.
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.
11 Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
12 This program and the accompanying materials
13 are licensed and made available under the terms and conditions of the BSD License
14 which accompanies this distribution. The full text of the license may be found at
15 http://opensource.org/licenses/bsd-license.php
17 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
18 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
24 #include <Protocol/TcgService.h>
25 #include <Protocol/VariableLock.h>
26 #include <Library/DebugLib.h>
27 #include <Library/BaseMemoryLib.h>
28 #include <Library/UefiRuntimeServicesTableLib.h>
29 #include <Library/UefiDriverEntryPoint.h>
30 #include <Library/UefiBootServicesTableLib.h>
31 #include <Library/UefiLib.h>
32 #include <Library/MemoryAllocationLib.h>
33 #include <Library/PrintLib.h>
34 #include <Library/HiiLib.h>
35 #include <Guid/EventGroup.h>
36 #include <Guid/PhysicalPresenceData.h>
37 #include <Library/TcgPpVendorLib.h>
39 #define CONFIRM_BUFFER_SIZE 4096
41 EFI_HII_HANDLE mPpStringPackHandle
;
44 Get string by string id from HII Interface.
46 @param[in] Id String ID.
48 @retval CHAR16 * String from ID.
49 @retval NULL If error occurs.
53 PhysicalPresenceGetStringById (
57 return HiiGetString (mPpStringPackHandle
, Id
, NULL
);
61 Get TPM physical presence permanent flags.
63 @param[in] TcgProtocol EFI TCG Protocol instance.
64 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
65 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
67 @retval EFI_SUCCESS Flags were returns successfully.
68 @retval other Failed to locate EFI TCG Protocol.
73 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
74 OUT BOOLEAN
*LifetimeLock
,
75 OUT BOOLEAN
*CmdEnable
79 TPM_RQU_COMMAND_HDR
*TpmRqu
;
80 TPM_RSP_COMMAND_HDR
*TpmRsp
;
82 UINT8 SendBuffer
[sizeof (*TpmRqu
) + sizeof (UINT32
) * 3];
83 TPM_PERMANENT_FLAGS
*TpmPermanentFlags
;
87 // Fill request header
89 TpmRsp
= (TPM_RSP_COMMAND_HDR
*)RecvBuffer
;
90 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)SendBuffer
;
92 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
93 TpmRqu
->paramSize
= SwapBytes32 (sizeof (SendBuffer
));
94 TpmRqu
->ordinal
= SwapBytes32 (TPM_ORD_GetCapability
);
97 // Set request parameter
99 SendBufPtr
= (UINT32
*)(TpmRqu
+ 1);
100 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (TPM_CAP_FLAG
));
101 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT
)));
102 WriteUnaligned32 (SendBufPtr
, SwapBytes32 (TPM_CAP_FLAG_PERMANENT
));
104 Status
= TcgProtocol
->PassThroughToTpm (
111 ASSERT_EFI_ERROR (Status
);
112 ASSERT (TpmRsp
->tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
113 ASSERT (TpmRsp
->returnCode
== 0);
115 TpmPermanentFlags
= (TPM_PERMANENT_FLAGS
*)&RecvBuffer
[sizeof (TPM_RSP_COMMAND_HDR
) + sizeof (UINT32
)];
117 if (LifetimeLock
!= NULL
) {
118 *LifetimeLock
= TpmPermanentFlags
->physicalPresenceLifetimeLock
;
121 if (CmdEnable
!= NULL
) {
122 *CmdEnable
= TpmPermanentFlags
->physicalPresenceCMDEnable
;
129 Issue TSC_PhysicalPresence command to TPM.
131 @param[in] TcgProtocol EFI TCG Protocol instance.
132 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
134 @retval EFI_SUCCESS TPM executed the command successfully.
135 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
136 @retval other Failed to locate EFI TCG Protocol.
140 TpmPhysicalPresence (
141 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
142 IN TPM_PHYSICAL_PRESENCE PhysicalPresence
146 TPM_RQU_COMMAND_HDR
*TpmRqu
;
147 TPM_PHYSICAL_PRESENCE
*TpmPp
;
148 TPM_RSP_COMMAND_HDR TpmRsp
;
149 UINT8 Buffer
[sizeof (*TpmRqu
) + sizeof (*TpmPp
)];
151 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)Buffer
;
152 TpmPp
= (TPM_PHYSICAL_PRESENCE
*)(TpmRqu
+ 1);
154 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
155 TpmRqu
->paramSize
= SwapBytes32 (sizeof (Buffer
));
156 TpmRqu
->ordinal
= SwapBytes32 (TSC_ORD_PhysicalPresence
);
157 WriteUnaligned16 (TpmPp
, (TPM_PHYSICAL_PRESENCE
) SwapBytes16 (PhysicalPresence
));
159 Status
= TcgProtocol
->PassThroughToTpm (
166 ASSERT_EFI_ERROR (Status
);
167 ASSERT (TpmRsp
.tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
168 if (TpmRsp
.returnCode
!= 0) {
170 // If it fails, some requirements may be needed for this command.
172 return EFI_SECURITY_VIOLATION
;
179 Issue a TPM command for which no additional output data will be returned.
181 @param[in] TcgProtocol EFI TCG Protocol instance.
182 @param[in] Ordinal TPM command code.
183 @param[in] AdditionalParameterSize Additional parameter size.
184 @param[in] AdditionalParameters Pointer to the Additional paramaters.
186 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
187 receiving response from TPM.
188 @retval Others Return code from the TPM device after command execution.
192 TpmCommandNoReturnData (
193 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
194 IN TPM_COMMAND_CODE Ordinal
,
195 IN UINTN AdditionalParameterSize
,
196 IN VOID
*AdditionalParameters
200 TPM_RQU_COMMAND_HDR
*TpmRqu
;
201 TPM_RSP_COMMAND_HDR TpmRsp
;
204 TpmRqu
= (TPM_RQU_COMMAND_HDR
*) AllocatePool (sizeof (*TpmRqu
) + AdditionalParameterSize
);
205 if (TpmRqu
== NULL
) {
206 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
209 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
210 Size
= (UINT32
)(sizeof (*TpmRqu
) + AdditionalParameterSize
);
211 TpmRqu
->paramSize
= SwapBytes32 (Size
);
212 TpmRqu
->ordinal
= SwapBytes32 (Ordinal
);
213 CopyMem (TpmRqu
+ 1, AdditionalParameters
, AdditionalParameterSize
);
215 Status
= TcgProtocol
->PassThroughToTpm (
219 (UINT32
)sizeof (TpmRsp
),
223 if (EFI_ERROR (Status
) || (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
))) {
224 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
226 return SwapBytes32 (TpmRsp
.returnCode
);
230 Execute physical presence operation requested by the OS.
232 @param[in] TcgProtocol EFI TCG Protocol instance.
233 @param[in] CommandCode Physical presence operation value.
234 @param[in, out] PpiFlags The physical presence interface flags.
236 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
237 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
238 receiving response from TPM.
239 @retval Others Return code from the TPM device after command execution.
243 ExecutePhysicalPresence (
244 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
245 IN UINT32 CommandCode
,
246 IN OUT EFI_PHYSICAL_PRESENCE_FLAGS
*PpiFlags
253 switch (CommandCode
) {
254 case PHYSICAL_PRESENCE_ENABLE
:
255 return TpmCommandNoReturnData (
257 TPM_ORD_PhysicalEnable
,
262 case PHYSICAL_PRESENCE_DISABLE
:
263 return TpmCommandNoReturnData (
265 TPM_ORD_PhysicalDisable
,
270 case PHYSICAL_PRESENCE_ACTIVATE
:
272 return TpmCommandNoReturnData (
274 TPM_ORD_PhysicalSetDeactivated
,
279 case PHYSICAL_PRESENCE_DEACTIVATE
:
281 return TpmCommandNoReturnData (
283 TPM_ORD_PhysicalSetDeactivated
,
288 case PHYSICAL_PRESENCE_CLEAR
:
289 return TpmCommandNoReturnData (
296 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
297 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE
, PpiFlags
);
298 if (TpmResponse
== 0) {
299 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ACTIVATE
, PpiFlags
);
303 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
304 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE
, PpiFlags
);
305 if (TpmResponse
== 0) {
306 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DISABLE
, PpiFlags
);
310 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
312 return TpmCommandNoReturnData (
314 TPM_ORD_SetOwnerInstall
,
319 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
321 return TpmCommandNoReturnData (
323 TPM_ORD_SetOwnerInstall
,
328 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
330 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
331 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
333 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
334 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
335 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
337 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
, PpiFlags
);
338 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
342 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
343 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
, PpiFlags
);
344 if (TpmResponse
== 0) {
345 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
, PpiFlags
);
349 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
350 InData
[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA
); // CapabilityArea
351 InData
[1] = SwapBytes32 (sizeof(UINT32
)); // SubCapSize
352 InData
[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE
); // SubCap
353 InData
[3] = SwapBytes32 (sizeof(UINT32
)); // SetValueSize
354 InData
[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
355 return TpmCommandNoReturnData (
357 TPM_ORD_SetCapability
,
362 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
364 // TPM_SetOperatorAuth
365 // This command requires UI to prompt user for Auth data
366 // Here it is NOT implemented
368 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
370 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
371 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
372 if (TpmResponse
== 0) {
373 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
377 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
378 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
381 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
382 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
385 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
386 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
389 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
390 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
393 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
394 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
397 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
398 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
401 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
403 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
404 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
406 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
407 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
408 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
410 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
411 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
415 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
417 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
418 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
420 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
421 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
422 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
424 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
, PpiFlags
);
425 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
432 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
437 Read the specified key for user confirmation.
439 @param[in] CautionKey If true, F12 is used as confirm key;
440 If false, F10 is used as confirm key.
442 @retval TRUE User confirmed the changes by input.
443 @retval FALSE User discarded the changes or device error.
448 IN BOOLEAN CautionKey
458 Status
= gST
->ConIn
->ReadKeyStroke (gST
->ConIn
, &Key
);
459 if (Status
== EFI_NOT_READY
) {
460 gBS
->WaitForEvent (1, &gST
->ConIn
->WaitForKey
, &Index
);
464 if (Status
== EFI_DEVICE_ERROR
) {
468 if (Key
.ScanCode
== SCAN_ESC
) {
469 InputKey
= Key
.ScanCode
;
471 if ((Key
.ScanCode
== SCAN_F10
) && !CautionKey
) {
472 InputKey
= Key
.ScanCode
;
474 if ((Key
.ScanCode
== SCAN_F12
) && CautionKey
) {
475 InputKey
= Key
.ScanCode
;
477 } while (InputKey
== 0);
479 if (InputKey
!= SCAN_ESC
) {
487 The constructor function register UNI strings into imageHandle.
489 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
491 @param ImageHandle The firmware allocated handle for the EFI image.
492 @param SystemTable A pointer to the EFI System Table.
494 @retval EFI_SUCCESS The constructor successfully added string package.
495 @retval Other value The constructor can't add string package.
500 TcgPhysicalPresenceLibConstructor (
501 IN EFI_HANDLE ImageHandle
,
502 IN EFI_SYSTEM_TABLE
*SystemTable
505 mPpStringPackHandle
= HiiAddPackages (&gEfiPhysicalPresenceGuid
, ImageHandle
, DxeTcgPhysicalPresenceLibStrings
, NULL
);
506 ASSERT (mPpStringPackHandle
!= NULL
);
512 Display the confirm text and get user confirmation.
514 @param[in] TpmPpCommand The requested TPM physical presence command.
516 @retval TRUE The user has confirmed the changes.
517 @retval FALSE The user doesn't confirm the changes.
521 IN UINT32 TpmPpCommand
534 BufSize
= CONFIRM_BUFFER_SIZE
;
535 ConfirmText
= AllocateZeroPool (BufSize
);
536 ASSERT (ConfirmText
!= NULL
);
538 switch (TpmPpCommand
) {
539 case PHYSICAL_PRESENCE_ENABLE
:
540 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE
));
542 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
543 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
546 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
547 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
551 case PHYSICAL_PRESENCE_DISABLE
:
552 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE
));
554 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
555 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
558 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
559 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
562 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
563 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
567 case PHYSICAL_PRESENCE_ACTIVATE
:
568 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE
));
570 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
571 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
574 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
575 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
579 case PHYSICAL_PRESENCE_DEACTIVATE
:
580 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE
));
582 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
583 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
586 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
587 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
590 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
591 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
595 case PHYSICAL_PRESENCE_CLEAR
:
597 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
599 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
600 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
603 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
604 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
605 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
608 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
609 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
613 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
614 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE
));
616 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
617 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
620 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
621 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
624 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
625 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
629 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
630 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE
));
632 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
633 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
636 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
637 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
640 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
641 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
644 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
645 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
649 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
650 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP
));
652 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
653 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
656 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
657 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
661 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
662 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP
));
664 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
665 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
668 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
669 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
673 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
674 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON
));
676 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
677 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
680 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
681 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
684 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
685 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
689 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
690 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF
));
692 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
693 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
696 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
697 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
700 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
701 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
704 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
705 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
709 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
711 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE
));
713 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR
));
714 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
717 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
718 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
721 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
722 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
726 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
728 // TPM_SetOperatorAuth
729 // This command requires UI to prompt user for Auth data
730 // Here it is NOT implemented
734 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
736 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON
));
738 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
739 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
742 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
743 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
746 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
747 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
750 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
751 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
754 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
755 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
759 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
760 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION
));
762 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
763 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
766 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
767 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
770 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
771 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
775 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
777 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
779 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
780 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
783 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR
));
784 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
787 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
788 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
789 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
792 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
793 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
796 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
797 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
801 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
803 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN
));
805 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
806 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
809 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
810 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
813 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
814 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
817 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
818 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
822 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
824 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR
));
826 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
827 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
830 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
831 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
832 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
835 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
836 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
840 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
842 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
));
844 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
845 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
848 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
849 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
852 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
853 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
856 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
857 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
860 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
861 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
869 if (TmpStr2
== NULL
) {
870 FreePool (ConfirmText
);
874 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY
));
875 BufSize
-= StrSize (ConfirmText
);
876 UnicodeSPrint (ConfirmText
+ StrLen (ConfirmText
), BufSize
, TmpStr1
, TmpStr2
);
879 for (Index
= 0; Index
< StrLen (ConfirmText
); Index
+= 80) {
880 StrnCpyS(DstStr
, sizeof (DstStr
) / sizeof (CHAR16
), ConfirmText
+ Index
, sizeof (DstStr
) / sizeof (CHAR16
) - 1);
886 FreePool (ConfirmText
);
888 if (ReadUserKey (CautionKey
)) {
896 Check if there is a valid physical presence command request. Also updates parameter value
897 to whether the requested physical presence command already confirmed by user
899 @param[in] TcgPpData EFI TCG Physical Presence request data.
900 @param[in] Flags The physical presence interface flags.
901 @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
902 True, it indicates the command doesn't require user confirm, or already confirmed
903 in last boot cycle by user.
904 False, it indicates the command need user confirm from UI.
906 @retval TRUE Physical Presence operation command is valid.
907 @retval FALSE Physical Presence operation command is invalid.
911 HaveValidTpmRequest (
912 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
913 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
,
914 OUT BOOLEAN
*RequestConfirmed
917 BOOLEAN IsRequestValid
;
919 *RequestConfirmed
= FALSE
;
921 switch (TcgPpData
->PPRequest
) {
922 case PHYSICAL_PRESENCE_NO_ACTION
:
923 *RequestConfirmed
= TRUE
;
925 case PHYSICAL_PRESENCE_ENABLE
:
926 case PHYSICAL_PRESENCE_DISABLE
:
927 case PHYSICAL_PRESENCE_ACTIVATE
:
928 case PHYSICAL_PRESENCE_DEACTIVATE
:
929 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
930 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
931 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
932 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
933 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
934 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
935 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
936 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
937 *RequestConfirmed
= TRUE
;
941 case PHYSICAL_PRESENCE_CLEAR
:
942 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
943 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0) {
944 *RequestConfirmed
= TRUE
;
948 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
949 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
) != 0) {
950 *RequestConfirmed
= TRUE
;
954 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
955 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
956 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0 && (Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
957 *RequestConfirmed
= TRUE
;
961 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
962 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
963 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
964 *RequestConfirmed
= TRUE
;
967 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
968 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
969 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
973 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
974 IsRequestValid
= TcgPpVendorLibHasValidRequest (TcgPpData
->PPRequest
, Flags
.PPFlags
, RequestConfirmed
);
975 if (!IsRequestValid
) {
982 // Wrong Physical Presence command
988 if ((Flags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) != 0) {
990 // It had been confirmed in last boot, it doesn't need confirm again.
992 *RequestConfirmed
= TRUE
;
996 // Physical Presence command is correct
1003 Check and execute the requested physical presence command.
1005 Caution: This function may receive untrusted input.
1006 TcgPpData variable is external input, so this function will validate
1007 its data structure to be valid value.
1009 @param[in] TcgProtocol EFI TCG Protocol instance.
1010 @param[in] TcgPpData Point to the physical presence NV variable.
1011 @param[in] Flags The physical presence interface flags.
1015 ExecutePendingTpmRequest (
1016 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
1017 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
1018 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
1023 BOOLEAN RequestConfirmed
;
1024 EFI_PHYSICAL_PRESENCE_FLAGS NewFlags
;
1025 BOOLEAN ResetRequired
;
1028 if (!HaveValidTpmRequest(TcgPpData
, Flags
, &RequestConfirmed
)) {
1030 // Invalid operation request.
1032 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
1033 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1034 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1035 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1036 Status
= gRT
->SetVariable (
1037 PHYSICAL_PRESENCE_VARIABLE
,
1038 &gEfiPhysicalPresenceGuid
,
1039 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1046 ResetRequired
= FALSE
;
1047 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1049 NewPPFlags
= NewFlags
.PPFlags
;
1050 TcgPpData
->PPResponse
= TcgPpVendorLibExecutePendingRequest (TcgPpData
->PPRequest
, &NewPPFlags
, &ResetRequired
);
1051 NewFlags
.PPFlags
= (UINT8
)NewPPFlags
;
1053 if (!RequestConfirmed
) {
1055 // Print confirm text and wait for approval.
1057 RequestConfirmed
= UserConfirm (TcgPpData
->PPRequest
);
1061 // Execute requested physical presence command
1063 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_USER_ABORT
;
1065 if (RequestConfirmed
) {
1066 TcgPpData
->PPResponse
= ExecutePhysicalPresence (TcgProtocol
, TcgPpData
->PPRequest
, &NewFlags
);
1071 // Save the flags if it is updated.
1073 if (CompareMem (&Flags
, &NewFlags
, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS
)) != 0) {
1074 Status
= gRT
->SetVariable (
1075 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1076 &gEfiPhysicalPresenceGuid
,
1077 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1078 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1081 if (EFI_ERROR (Status
)) {
1089 if ((NewFlags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
1090 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1091 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1097 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1098 Status
= gRT
->SetVariable (
1099 PHYSICAL_PRESENCE_VARIABLE
,
1100 &gEfiPhysicalPresenceGuid
,
1101 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1105 if (EFI_ERROR (Status
)) {
1109 if (TcgPpData
->PPResponse
== TCG_PP_OPERATION_RESPONSE_USER_ABORT
) {
1114 // Reset system to make new TPM settings in effect
1116 switch (TcgPpData
->LastPPRequest
) {
1117 case PHYSICAL_PRESENCE_ACTIVATE
:
1118 case PHYSICAL_PRESENCE_DEACTIVATE
:
1119 case PHYSICAL_PRESENCE_CLEAR
:
1120 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
1121 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
1122 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
1123 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
1124 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
1125 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
1126 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
1127 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
1130 if (TcgPpData
->LastPPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1131 if (ResetRequired
) {
1137 if (TcgPpData
->PPRequest
!= PHYSICAL_PRESENCE_NO_ACTION
) {
1143 Print (L
"Rebooting system to make TPM settings in effect\n");
1144 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
1149 Check and execute the pending TPM request and Lock TPM.
1151 The TPM request may come from OS or BIOS. This API will display request information and wait
1152 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
1153 the TPM request is confirmed, and one or more reset may be required to make TPM request to
1154 take effect. At last, it will lock TPM to prevent TPM state change by malware.
1156 This API should be invoked after console in and console out are all ready as they are required
1157 to display request information and get user input to confirm the request. This API should also
1158 be invoked as early as possible as TPM is locked in this function.
1163 TcgPhysicalPresenceLibProcessRequest (
1168 BOOLEAN LifetimeLock
;
1171 EFI_PHYSICAL_PRESENCE TcgPpData
;
1172 EFI_TCG_PROTOCOL
*TcgProtocol
;
1173 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLockProtocol
;
1174 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1176 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1177 if (EFI_ERROR (Status
)) {
1182 // Initialize physical presence flags.
1184 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1185 Status
= gRT
->GetVariable (
1186 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1187 &gEfiPhysicalPresenceGuid
,
1192 if (EFI_ERROR (Status
)) {
1193 PpiFlags
.PPFlags
= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
1194 Status
= gRT
->SetVariable (
1195 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1196 &gEfiPhysicalPresenceGuid
,
1197 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1198 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1201 if (EFI_ERROR (Status
)) {
1202 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence flag failed, Status = %r\n", Status
));
1206 DEBUG ((EFI_D_INFO
, "[TPM] PpiFlags = %x\n", PpiFlags
.PPFlags
));
1209 // This flags variable controls whether physical presence is required for TPM command.
1210 // It should be protected from malicious software. We set it as read-only variable here.
1212 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**)&VariableLockProtocol
);
1213 if (!EFI_ERROR (Status
)) {
1214 Status
= VariableLockProtocol
->RequestToLock (
1215 VariableLockProtocol
,
1216 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1217 &gEfiPhysicalPresenceGuid
1219 if (EFI_ERROR (Status
)) {
1220 DEBUG ((EFI_D_ERROR
, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE
, Status
));
1221 ASSERT_EFI_ERROR (Status
);
1226 // Initialize physical presence variable.
1228 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1229 Status
= gRT
->GetVariable (
1230 PHYSICAL_PRESENCE_VARIABLE
,
1231 &gEfiPhysicalPresenceGuid
,
1236 if (EFI_ERROR (Status
)) {
1237 ZeroMem ((VOID
*)&TcgPpData
, sizeof (TcgPpData
));
1238 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1239 Status
= gRT
->SetVariable (
1240 PHYSICAL_PRESENCE_VARIABLE
,
1241 &gEfiPhysicalPresenceGuid
,
1242 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1246 if (EFI_ERROR (Status
)) {
1247 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence variable failed, Status = %r\n", Status
));
1252 DEBUG ((EFI_D_INFO
, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags
.PPFlags
, TcgPpData
.PPRequest
));
1254 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1256 // No operation request
1261 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1262 if (EFI_ERROR (Status
)) {
1269 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1273 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
1274 if (EFI_ERROR (Status
)) {
1280 // Set operator physical presence flags
1282 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_PRESENT
);
1285 // Execute pending TPM request.
1287 ExecutePendingTpmRequest (TcgProtocol
, &TcgPpData
, PpiFlags
);
1288 DEBUG ((EFI_D_INFO
, "[TPM] PPResponse = %x\n", TcgPpData
.PPResponse
));
1291 // Lock physical presence.
1293 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_NOTPRESENT
| TPM_PHYSICAL_PRESENCE_LOCK
);
1297 Check if the pending TPM request needs user input to confirm.
1299 The TPM request may come from OS. This API will check if TPM request exists and need user
1300 input to confirmation.
1302 @retval TRUE TPM needs input to confirm user physical presence.
1303 @retval FALSE TPM doesn't need input to confirm user physical presence.
1308 TcgPhysicalPresenceLibNeedUserConfirm(
1313 EFI_PHYSICAL_PRESENCE TcgPpData
;
1315 BOOLEAN RequestConfirmed
;
1316 BOOLEAN LifetimeLock
;
1318 EFI_TCG_PROTOCOL
*TcgProtocol
;
1319 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1321 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1322 if (EFI_ERROR (Status
)) {
1327 // Check Tpm requests
1329 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1330 Status
= gRT
->GetVariable (
1331 PHYSICAL_PRESENCE_VARIABLE
,
1332 &gEfiPhysicalPresenceGuid
,
1337 if (EFI_ERROR (Status
)) {
1341 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1342 Status
= gRT
->GetVariable (
1343 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1344 &gEfiPhysicalPresenceGuid
,
1349 if (EFI_ERROR (Status
)) {
1353 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1355 // No operation request
1360 if (!HaveValidTpmRequest(&TcgPpData
, PpiFlags
, &RequestConfirmed
)) {
1362 // Invalid operation request.
1368 // Check Tpm Capability
1370 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1371 if (EFI_ERROR (Status
)) {
1378 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1384 if (!RequestConfirmed
) {
1386 // Need UI to confirm