2 Implement TPM2 Integrity related command.
4 Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
15 #include <IndustryStandard/UefiTcgPlatform.h>
16 #include <Library/Tpm2CommandLib.h>
17 #include <Library/Tpm2DeviceLib.h>
18 #include <Library/BaseMemoryLib.h>
19 #include <Library/BaseLib.h>
20 #include <Library/DebugLib.h>
25 TPM2_COMMAND_HEADER Header
;
26 TPMI_DH_PCR PcrHandle
;
27 UINT32 AuthorizationSize
;
28 TPMS_AUTH_COMMAND AuthSessionPcr
;
29 TPML_DIGEST_VALUES DigestValues
;
30 } TPM2_PCR_EXTEND_COMMAND
;
33 TPM2_RESPONSE_HEADER Header
;
35 TPMS_AUTH_RESPONSE AuthSessionPcr
;
36 } TPM2_PCR_EXTEND_RESPONSE
;
39 TPM2_COMMAND_HEADER Header
;
40 TPMI_DH_PCR PcrHandle
;
41 UINT32 AuthorizationSize
;
42 TPMS_AUTH_COMMAND AuthSessionPcr
;
43 TPM2B_EVENT EventData
;
44 } TPM2_PCR_EVENT_COMMAND
;
47 TPM2_RESPONSE_HEADER Header
;
49 TPML_DIGEST_VALUES Digests
;
50 TPMS_AUTH_RESPONSE AuthSessionPcr
;
51 } TPM2_PCR_EVENT_RESPONSE
;
54 TPM2_COMMAND_HEADER Header
;
55 TPML_PCR_SELECTION PcrSelectionIn
;
56 } TPM2_PCR_READ_COMMAND
;
59 TPM2_RESPONSE_HEADER Header
;
60 UINT32 PcrUpdateCounter
;
61 TPML_PCR_SELECTION PcrSelectionOut
;
62 TPML_DIGEST PcrValues
;
63 } TPM2_PCR_READ_RESPONSE
;
66 TPM2_COMMAND_HEADER Header
;
67 TPMI_RH_PLATFORM AuthHandle
;
68 UINT32 AuthSessionSize
;
69 TPMS_AUTH_COMMAND AuthSession
;
70 TPML_PCR_SELECTION PcrAllocation
;
71 } TPM2_PCR_ALLOCATE_COMMAND
;
74 TPM2_RESPONSE_HEADER Header
;
75 UINT32 AuthSessionSize
;
76 TPMI_YES_NO AllocationSuccess
;
80 TPMS_AUTH_RESPONSE AuthSession
;
81 } TPM2_PCR_ALLOCATE_RESPONSE
;
86 This command is used to cause an update to the indicated PCR.
87 The digests parameter contains one or more tagged digest value identified by an algorithm ID.
88 For each digest, the PCR associated with pcrHandle is Extended into the bank identified by the tag (hashAlg).
90 @param[in] PcrHandle Handle of the PCR
91 @param[in] Digests List of tagged digest values to be extended
93 @retval EFI_SUCCESS Operation completed successfully.
94 @retval EFI_DEVICE_ERROR Unexpected device behavior.
99 IN TPMI_DH_PCR PcrHandle
,
100 IN TPML_DIGEST_VALUES
*Digests
104 TPM2_PCR_EXTEND_COMMAND Cmd
;
105 TPM2_PCR_EXTEND_RESPONSE Res
;
108 UINT32 ResultBufSize
;
111 UINT32 SessionInfoSize
;
114 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
115 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Extend
);
116 Cmd
.PcrHandle
= SwapBytes32(PcrHandle
);
120 // Add in Auth session
122 Buffer
= (UINT8
*)&Cmd
.AuthSessionPcr
;
125 SessionInfoSize
= CopyAuthSessionCommand (NULL
, Buffer
);
126 Buffer
+= SessionInfoSize
;
127 Cmd
.AuthorizationSize
= SwapBytes32(SessionInfoSize
);
130 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(Digests
->count
));
131 Buffer
+= sizeof(UINT32
);
134 for (Index
= 0; Index
< Digests
->count
; Index
++) {
135 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(Digests
->digests
[Index
].hashAlg
));
136 Buffer
+= sizeof(UINT16
);
137 DigestSize
= GetHashSizeFromAlgo (Digests
->digests
[Index
].hashAlg
);
138 if (DigestSize
== 0) {
139 DEBUG ((EFI_D_ERROR
, "Unknown hash algorithm %d\r\n", Digests
->digests
[Index
].hashAlg
));
140 return EFI_DEVICE_ERROR
;
144 &Digests
->digests
[Index
].digest
,
147 Buffer
+= DigestSize
;
150 CmdSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&Cmd
);
151 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
153 ResultBufSize
= sizeof(Res
);
154 Status
= Tpm2SubmitCommand (CmdSize
, (UINT8
*)&Cmd
, &ResultBufSize
, (UINT8
*)&Res
);
155 if (EFI_ERROR(Status
)) {
159 if (ResultBufSize
> sizeof(Res
)) {
160 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
161 return EFI_BUFFER_TOO_SMALL
;
165 // Validate response headers
167 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
168 if (RespSize
> sizeof(Res
)) {
169 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize
));
170 return EFI_BUFFER_TOO_SMALL
;
174 // Fail if command failed
176 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
177 DEBUG ((EFI_D_ERROR
, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
178 return EFI_DEVICE_ERROR
;
182 // Unmarshal the response
191 This command is used to cause an update to the indicated PCR.
192 The data in eventData is hashed using the hash algorithm associated with each bank in which the
193 indicated PCR has been allocated. After the data is hashed, the digests list is returned. If the pcrHandle
194 references an implemented PCR and not TPM_ALG_NULL, digests list is processed as in
196 A TPM shall support an Event.size of zero through 1,024 inclusive.
198 @param[in] PcrHandle Handle of the PCR
199 @param[in] EventData Event data in sized buffer
200 @param[out] Digests List of digest
202 @retval EFI_SUCCESS Operation completed successfully.
203 @retval EFI_DEVICE_ERROR Unexpected device behavior.
208 IN TPMI_DH_PCR PcrHandle
,
209 IN TPM2B_EVENT
*EventData
,
210 OUT TPML_DIGEST_VALUES
*Digests
214 TPM2_PCR_EVENT_COMMAND Cmd
;
215 TPM2_PCR_EVENT_RESPONSE Res
;
218 UINT32 ResultBufSize
;
221 UINT32 SessionInfoSize
;
224 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
225 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Event
);
226 Cmd
.PcrHandle
= SwapBytes32(PcrHandle
);
229 // Add in Auth session
231 Buffer
= (UINT8
*)&Cmd
.AuthSessionPcr
;
234 SessionInfoSize
= CopyAuthSessionCommand (NULL
, Buffer
);
235 Buffer
+= SessionInfoSize
;
236 Cmd
.AuthorizationSize
= SwapBytes32(SessionInfoSize
);
239 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(EventData
->size
));
240 Buffer
+= sizeof(UINT16
);
242 CopyMem (Buffer
, EventData
->buffer
, EventData
->size
);
243 Buffer
+= EventData
->size
;
245 CmdSize
= (UINT32
)((UINTN
)Buffer
- (UINTN
)&Cmd
);
246 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
248 ResultBufSize
= sizeof(Res
);
249 Status
= Tpm2SubmitCommand (CmdSize
, (UINT8
*)&Cmd
, &ResultBufSize
, (UINT8
*)&Res
);
250 if (EFI_ERROR(Status
)) {
254 if (ResultBufSize
> sizeof(Res
)) {
255 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n"));
256 return EFI_BUFFER_TOO_SMALL
;
260 // Validate response headers
262 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
263 if (RespSize
> sizeof(Res
)) {
264 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize
));
265 return EFI_BUFFER_TOO_SMALL
;
269 // Fail if command failed
271 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
272 DEBUG ((EFI_D_ERROR
, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
273 return EFI_DEVICE_ERROR
;
277 // Unmarshal the response
279 Buffer
= (UINT8
*)&Res
.Digests
;
281 Digests
->count
= SwapBytes32 (ReadUnaligned32 ((UINT32
*)Buffer
));
282 Buffer
+= sizeof(UINT32
);
283 for (Index
= 0; Index
< Digests
->count
; Index
++) {
284 Digests
->digests
[Index
].hashAlg
= SwapBytes16 (ReadUnaligned16 ((UINT16
*)Buffer
));
285 Buffer
+= sizeof(UINT16
);
286 DigestSize
= GetHashSizeFromAlgo (Digests
->digests
[Index
].hashAlg
);
287 if (DigestSize
== 0) {
288 DEBUG ((EFI_D_ERROR
, "Unknown hash algorithm %d\r\n", Digests
->digests
[Index
].hashAlg
));
289 return EFI_DEVICE_ERROR
;
292 &Digests
->digests
[Index
].digest
,
296 Buffer
+= DigestSize
;
303 This command returns the values of all PCR specified in pcrSelect.
305 @param[in] PcrSelectionIn The selection of PCR to read.
306 @param[out] PcrUpdateCounter The current value of the PCR update counter.
307 @param[out] PcrSelectionOut The PCR in the returned list.
308 @param[out] PcrValues The contents of the PCR indicated in pcrSelect.
310 @retval EFI_SUCCESS Operation completed successfully.
311 @retval EFI_DEVICE_ERROR The command was unsuccessful.
316 IN TPML_PCR_SELECTION
*PcrSelectionIn
,
317 OUT UINT32
*PcrUpdateCounter
,
318 OUT TPML_PCR_SELECTION
*PcrSelectionOut
,
319 OUT TPML_DIGEST
*PcrValues
323 TPM2_PCR_READ_COMMAND SendBuffer
;
324 TPM2_PCR_READ_RESPONSE RecvBuffer
;
325 UINT32 SendBufferSize
;
326 UINT32 RecvBufferSize
;
328 TPML_DIGEST
*PcrValuesOut
;
329 TPM2B_DIGEST
*Digests
;
334 SendBuffer
.Header
.tag
= SwapBytes16(TPM_ST_NO_SESSIONS
);
335 SendBuffer
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Read
);
337 SendBuffer
.PcrSelectionIn
.count
= SwapBytes32(PcrSelectionIn
->count
);
338 for (Index
= 0; Index
< PcrSelectionIn
->count
; Index
++) {
339 SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].hash
= SwapBytes16(PcrSelectionIn
->pcrSelections
[Index
].hash
);
340 SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].sizeofSelect
= PcrSelectionIn
->pcrSelections
[Index
].sizeofSelect
;
341 CopyMem (&SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].pcrSelect
, &PcrSelectionIn
->pcrSelections
[Index
].pcrSelect
, SendBuffer
.PcrSelectionIn
.pcrSelections
[Index
].sizeofSelect
);
344 SendBufferSize
= sizeof(SendBuffer
.Header
) + sizeof(SendBuffer
.PcrSelectionIn
.count
) + sizeof(SendBuffer
.PcrSelectionIn
.pcrSelections
[0]) * PcrSelectionIn
->count
;
345 SendBuffer
.Header
.paramSize
= SwapBytes32 (SendBufferSize
);
350 RecvBufferSize
= sizeof (RecvBuffer
);
351 Status
= Tpm2SubmitCommand (SendBufferSize
, (UINT8
*)&SendBuffer
, &RecvBufferSize
, (UINT8
*)&RecvBuffer
);
352 if (EFI_ERROR (Status
)) {
356 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
)) {
357 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
358 return EFI_DEVICE_ERROR
;
360 if (SwapBytes32(RecvBuffer
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
361 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer
.Header
.responseCode
)));
362 return EFI_NOT_FOUND
;
366 // Return the response
372 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
)) {
373 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
374 return EFI_DEVICE_ERROR
;
376 *PcrUpdateCounter
= SwapBytes32(RecvBuffer
.PcrUpdateCounter
);
381 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
)) {
382 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
383 return EFI_DEVICE_ERROR
;
385 PcrSelectionOut
->count
= SwapBytes32(RecvBuffer
.PcrSelectionOut
.count
);
386 if (RecvBufferSize
< sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
) + sizeof(RecvBuffer
.PcrSelectionOut
.pcrSelections
[0]) * PcrSelectionOut
->count
) {
387 DEBUG ((EFI_D_ERROR
, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize
));
388 return EFI_DEVICE_ERROR
;
390 for (Index
= 0; Index
< PcrSelectionOut
->count
; Index
++) {
391 PcrSelectionOut
->pcrSelections
[Index
].hash
= SwapBytes16(RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].hash
);
392 PcrSelectionOut
->pcrSelections
[Index
].sizeofSelect
= RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].sizeofSelect
;
393 CopyMem (&PcrSelectionOut
->pcrSelections
[Index
].pcrSelect
, &RecvBuffer
.PcrSelectionOut
.pcrSelections
[Index
].pcrSelect
, PcrSelectionOut
->pcrSelections
[Index
].sizeofSelect
);
399 PcrValuesOut
= (TPML_DIGEST
*)((UINT8
*)&RecvBuffer
+ sizeof (TPM2_RESPONSE_HEADER
) + sizeof(RecvBuffer
.PcrUpdateCounter
) + sizeof(RecvBuffer
.PcrSelectionOut
.count
) + sizeof(RecvBuffer
.PcrSelectionOut
.pcrSelections
[0]) * PcrSelectionOut
->count
);
400 PcrValues
->count
= SwapBytes32(PcrValuesOut
->count
);
401 Digests
= PcrValuesOut
->digests
;
402 for (Index
= 0; Index
< PcrValues
->count
; Index
++) {
403 PcrValues
->digests
[Index
].size
= SwapBytes16(Digests
->size
);
404 CopyMem (&PcrValues
->digests
[Index
].buffer
, &Digests
->buffer
, PcrValues
->digests
[Index
].size
);
405 Digests
= (TPM2B_DIGEST
*)((UINT8
*)Digests
+ sizeof(Digests
->size
) + PcrValues
->digests
[Index
].size
);
412 This command is used to set the desired PCR allocation of PCR and algorithms.
414 @param[in] AuthHandle TPM_RH_PLATFORM+{PP}
415 @param[in] AuthSession Auth Session context
416 @param[in] PcrAllocation The requested allocation
417 @param[out] AllocationSuccess YES if the allocation succeeded
418 @param[out] MaxPCR maximum number of PCR that may be in a bank
419 @param[out] SizeNeeded number of octets required to satisfy the request
420 @param[out] SizeAvailable Number of octets available. Computed before the allocation
422 @retval EFI_SUCCESS Operation completed successfully.
423 @retval EFI_DEVICE_ERROR The command was unsuccessful.
428 IN TPMI_RH_PLATFORM AuthHandle
,
429 IN TPMS_AUTH_COMMAND
*AuthSession
,
430 IN TPML_PCR_SELECTION
*PcrAllocation
,
431 OUT TPMI_YES_NO
*AllocationSuccess
,
433 OUT UINT32
*SizeNeeded
,
434 OUT UINT32
*SizeAvailable
438 TPM2_PCR_ALLOCATE_COMMAND Cmd
;
439 TPM2_PCR_ALLOCATE_RESPONSE Res
;
443 UINT32 SessionInfoSize
;
445 UINT32 ResultBufSize
;
451 Cmd
.Header
.tag
= SwapBytes16(TPM_ST_SESSIONS
);
452 Cmd
.Header
.paramSize
= SwapBytes32(sizeof(Cmd
));
453 Cmd
.Header
.commandCode
= SwapBytes32(TPM_CC_PCR_Allocate
);
454 Cmd
.AuthHandle
= SwapBytes32(AuthHandle
);
457 // Add in Auth session
459 Buffer
= (UINT8
*)&Cmd
.AuthSession
;
462 SessionInfoSize
= CopyAuthSessionCommand (AuthSession
, Buffer
);
463 Buffer
+= SessionInfoSize
;
464 Cmd
.AuthSessionSize
= SwapBytes32(SessionInfoSize
);
467 WriteUnaligned32 ((UINT32
*)Buffer
, SwapBytes32(PcrAllocation
->count
));
468 Buffer
+= sizeof(UINT32
);
469 for (Index
= 0; Index
< PcrAllocation
->count
; Index
++) {
470 WriteUnaligned16 ((UINT16
*)Buffer
, SwapBytes16(PcrAllocation
->pcrSelections
[Index
].hash
));
471 Buffer
+= sizeof(UINT16
);
472 *(UINT8
*)Buffer
= PcrAllocation
->pcrSelections
[Index
].sizeofSelect
;
474 CopyMem (Buffer
, PcrAllocation
->pcrSelections
[Index
].pcrSelect
, PcrAllocation
->pcrSelections
[Index
].sizeofSelect
);
475 Buffer
+= PcrAllocation
->pcrSelections
[Index
].sizeofSelect
;
478 CmdSize
= (UINT32
)(Buffer
- (UINT8
*)&Cmd
);
479 Cmd
.Header
.paramSize
= SwapBytes32(CmdSize
);
481 ResultBuf
= (UINT8
*) &Res
;
482 ResultBufSize
= sizeof(Res
);
487 Status
= Tpm2SubmitCommand (
493 if (EFI_ERROR(Status
)) {
497 if (ResultBufSize
> sizeof(Res
)) {
498 DEBUG ((EFI_D_ERROR
, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
499 Status
= EFI_BUFFER_TOO_SMALL
;
504 // Validate response headers
506 RespSize
= SwapBytes32(Res
.Header
.paramSize
);
507 if (RespSize
> sizeof(Res
)) {
508 DEBUG ((EFI_D_ERROR
, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize
));
509 Status
= EFI_BUFFER_TOO_SMALL
;
514 // Fail if command failed
516 if (SwapBytes32(Res
.Header
.responseCode
) != TPM_RC_SUCCESS
) {
517 DEBUG((EFI_D_ERROR
,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res
.Header
.responseCode
)));
518 Status
= EFI_DEVICE_ERROR
;
523 // Return the response
525 *AllocationSuccess
= Res
.AllocationSuccess
;
526 *MaxPCR
= SwapBytes32(Res
.MaxPCR
);
527 *SizeNeeded
= SwapBytes32(Res
.SizeNeeded
);
528 *SizeAvailable
= SwapBytes32(Res
.SizeAvailable
);
532 // Clear AuthSession Content
534 ZeroMem (&Cmd
, sizeof(Cmd
));
535 ZeroMem (&Res
, sizeof(Res
));
542 @param[in] PlatformAuth platform auth value. NULL means no platform auth change.
543 @param[in] SupportedPCRBanks Supported PCR banks
544 @param[in] PCRBanks PCR banks
546 @retval EFI_SUCCESS Operation completed successfully.
550 Tpm2PcrAllocateBanks (
551 IN TPM2B_AUTH
*PlatformAuth
, OPTIONAL
552 IN UINT32 SupportedPCRBanks
,
557 TPMS_AUTH_COMMAND
*AuthSession
;
558 TPMS_AUTH_COMMAND LocalAuthSession
;
559 TPML_PCR_SELECTION PcrAllocation
;
560 TPMI_YES_NO AllocationSuccess
;
563 UINT32 SizeAvailable
;
565 if (PlatformAuth
== NULL
) {
568 AuthSession
= &LocalAuthSession
;
569 ZeroMem (&LocalAuthSession
, sizeof(LocalAuthSession
));
570 LocalAuthSession
.sessionHandle
= TPM_RS_PW
;
571 LocalAuthSession
.hmac
.size
= PlatformAuth
->size
;
572 CopyMem (LocalAuthSession
.hmac
.buffer
, PlatformAuth
->buffer
, PlatformAuth
->size
);
578 ZeroMem (&PcrAllocation
, sizeof(PcrAllocation
));
579 if ((HASH_ALG_SHA1
& SupportedPCRBanks
) != 0) {
580 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA1
;
581 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
582 if ((HASH_ALG_SHA1
& PCRBanks
) != 0) {
583 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
584 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
585 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
587 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
588 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
589 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
591 PcrAllocation
.count
++;
593 if ((HASH_ALG_SHA256
& SupportedPCRBanks
) != 0) {
594 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA256
;
595 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
596 if ((HASH_ALG_SHA256
& PCRBanks
) != 0) {
597 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
598 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
599 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
601 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
602 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
603 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
605 PcrAllocation
.count
++;
607 if ((HASH_ALG_SHA384
& SupportedPCRBanks
) != 0) {
608 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA384
;
609 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
610 if ((HASH_ALG_SHA384
& PCRBanks
) != 0) {
611 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
612 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
613 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
615 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
616 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
617 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
619 PcrAllocation
.count
++;
621 if ((HASH_ALG_SHA512
& SupportedPCRBanks
) != 0) {
622 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SHA512
;
623 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
624 if ((HASH_ALG_SHA512
& PCRBanks
) != 0) {
625 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
626 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
627 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
629 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
630 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
631 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
633 PcrAllocation
.count
++;
635 if ((HASH_ALG_SM3_256
& SupportedPCRBanks
) != 0) {
636 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].hash
= TPM_ALG_SM3_256
;
637 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].sizeofSelect
= PCR_SELECT_MAX
;
638 if ((HASH_ALG_SM3_256
& PCRBanks
) != 0) {
639 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0xFF;
640 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0xFF;
641 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0xFF;
643 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[0] = 0x00;
644 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[1] = 0x00;
645 PcrAllocation
.pcrSelections
[PcrAllocation
.count
].pcrSelect
[2] = 0x00;
647 PcrAllocation
.count
++;
649 Status
= Tpm2PcrAllocate (
658 DEBUG ((EFI_D_INFO
, "Tpm2PcrAllocateBanks call Tpm2PcrAllocate - %r\n", Status
));
659 if (EFI_ERROR (Status
)) {
663 DEBUG ((EFI_D_INFO
, "AllocationSuccess - %02x\n", AllocationSuccess
));
664 DEBUG ((EFI_D_INFO
, "MaxPCR - %08x\n", MaxPCR
));
665 DEBUG ((EFI_D_INFO
, "SizeNeeded - %08x\n", SizeNeeded
));
666 DEBUG ((EFI_D_INFO
, "SizeAvailable - %08x\n", SizeAvailable
));
669 ZeroMem(&LocalAuthSession
.hmac
, sizeof(LocalAuthSession
.hmac
));