--- /dev/null
+/** @file\r
+ If CC Guest firmware supports measurement and an event is created,\r
+ CC Guest firmware is designed to report the event log with the same\r
+ data structure in TCG-Platform-Firmware-Profile specification with\r
+ EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 format.\r
+\r
+ The CC Guest firmware supports measurement, the CC Guest Firmware is\r
+ designed to produce EFI_CC_MEASUREMENT_PROTOCOL with new GUID\r
+ EFI_CC_MEASUREMENT_PROTOCOL_GUID to report event log and provides hash\r
+ capability.\r
+\r
+Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
+\r
+**/\r
+\r
+#ifndef CC_MEASUREMENT_PROTOCOL_H_\r
+#define CC_MEASUREMENT_PROTOCOL_H_\r
+\r
+#include <IndustryStandard/UefiTcgPlatform.h>\r
+\r
+#define EFI_CC_MEASUREMENT_PROTOCOL_GUID \\r
+ { 0x96751a3d, 0x72f4, 0x41a6, { 0xa7, 0x94, 0xed, 0x5d, 0x0e, 0x67, 0xae, 0x6b }}\r
+extern EFI_GUID gEfiCcMeasurementProtocolGuid;\r
+\r
+typedef struct _EFI_CC_MEASUREMENT_PROTOCOL EFI_CC_MEASUREMENT_PROTOCOL;\r
+\r
+typedef struct {\r
+ UINT8 Major;\r
+ UINT8 Minor;\r
+} EFI_CC_VERSION;\r
+\r
+//\r
+// EFI_CC Type/SubType definition\r
+//\r
+#define EFI_CC_TYPE_NONE 0\r
+#define EFI_CC_TYPE_SEV 1\r
+#define EFI_CC_TYPE_TDX 2\r
+\r
+typedef struct {\r
+ UINT8 Type;\r
+ UINT8 SubType;\r
+} EFI_CC_TYPE;\r
+\r
+typedef UINT32 EFI_CC_EVENT_LOG_BITMAP;\r
+typedef UINT32 EFI_CC_EVENT_LOG_FORMAT;\r
+typedef UINT32 EFI_CC_EVENT_ALGORITHM_BITMAP;\r
+typedef UINT32 EFI_CC_MR_INDEX;\r
+\r
+//\r
+// Intel TDX measure register index\r
+//\r
+#define TDX_MR_INDEX_MRTD 0\r
+#define TDX_MR_INDEX_RTMR0 1\r
+#define TDX_MR_INDEX_RTMR1 2\r
+#define TDX_MR_INDEX_RTMR2 3\r
+#define TDX_MR_INDEX_RTMR3 4\r
+\r
+#define EFI_CC_EVENT_LOG_FORMAT_TCG_2 0x00000002\r
+#define EFI_CC_BOOT_HASH_ALG_SHA384 0x00000004\r
+\r
+//\r
+// This bit is shall be set when an event shall be extended but not logged.\r
+//\r
+#define EFI_CC_FLAG_EXTEND_ONLY 0x0000000000000001\r
+//\r
+// This bit shall be set when the intent is to measure a PE/COFF image.\r
+//\r
+#define EFI_CC_FLAG_PE_COFF_IMAGE 0x0000000000000010\r
+\r
+#pragma pack (1)\r
+\r
+#define EFI_CC_EVENT_HEADER_VERSION 1\r
+\r
+typedef struct {\r
+ //\r
+ // Size of the event header itself (sizeof(EFI_CC_EVENT_HEADER)).\r
+ //\r
+ UINT32 HeaderSize;\r
+ //\r
+ // Header version. For this version of this specification, the value shall be 1.\r
+ //\r
+ UINT16 HeaderVersion;\r
+ //\r
+ // Index of the MR (measurement register) that shall be extended.\r
+ //\r
+ EFI_CC_MR_INDEX MrIndex;\r
+ //\r
+ // Type of the event that shall be extended (and optionally logged).\r
+ //\r
+ UINT32 EventType;\r
+} EFI_CC_EVENT_HEADER;\r
+\r
+typedef struct {\r
+ //\r
+ // Total size of the event including the Size component, the header and the Event data.\r
+ //\r
+ UINT32 Size;\r
+ EFI_CC_EVENT_HEADER Header;\r
+ UINT8 Event[1];\r
+} EFI_CC_EVENT;\r
+\r
+#pragma pack()\r
+\r
+typedef struct {\r
+ //\r
+ // Allocated size of the structure\r
+ //\r
+ UINT8 Size;\r
+ //\r
+ // Version of the EFI_CC_BOOT_SERVICE_CAPABILITY structure itself.\r
+ // For this version of the protocol, the Major version shall be set to 1\r
+ // and the Minor version shall be set to 0.\r
+ //\r
+ EFI_CC_VERSION StructureVersion;\r
+ //\r
+ // Version of the EFI CC Measurement protocol.\r
+ // For this version of the protocol, the Major version shall be set to 1\r
+ // and the Minor version shall be set to 0.\r
+ //\r
+ EFI_CC_VERSION ProtocolVersion;\r
+ //\r
+ // Supported hash algorithms\r
+ //\r
+ EFI_CC_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;\r
+ //\r
+ // Bitmap of supported event log formats\r
+ //\r
+ EFI_CC_EVENT_LOG_BITMAP SupportedEventLogs;\r
+\r
+ //\r
+ // Indicates the CC type\r
+ //\r
+ EFI_CC_TYPE CcType;\r
+} EFI_CC_BOOT_SERVICE_CAPABILITY;\r
+\r
+/**\r
+ The EFI_CC_MEASUREMENT_PROTOCOL GetCapability function call provides protocol\r
+ capability information and state information.\r
+\r
+ @param[in] This Indicates the calling context\r
+ @param[in, out] ProtocolCapability The caller allocates memory for a EFI_CC_BOOT_SERVICE_CAPABILITY\r
+ structure and sets the size field to the size of the structure allocated.\r
+ The callee fills in the fields with the EFI CC BOOT Service capability\r
+ information and the current CC information.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully.\r
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
+ The ProtocolCapability variable will not be populated.\r
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r
+ The ProtocolCapability variable will not be populated.\r
+ @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.\r
+ It will be partially populated (required Size field will be set).\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CC_GET_CAPABILITY)(\r
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,\r
+ IN OUT EFI_CC_BOOT_SERVICE_CAPABILITY *ProtocolCapability\r
+ );\r
+\r
+/**\r
+ The EFI_CC_MEASUREMENT_PROTOCOL Get Event Log function call allows a caller to\r
+ retrieve the address of a given event log and its last entry.\r
+\r
+ @param[in] This Indicates the calling context\r
+ @param[in] EventLogFormat The type of the event log for which the information is requested.\r
+ @param[out] EventLogLocation A pointer to the memory address of the event log.\r
+ @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the\r
+ address of the start of the last entry in the event log in memory.\r
+ @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would\r
+ have exceeded the area allocated for events, this value is set to TRUE.\r
+ Otherwise, the value will be FALSE and the Event Log will be complete.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully.\r
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect\r
+ (e.g. asking for an event log whose format is not supported).\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CC_GET_EVENT_LOG)(\r
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,\r
+ IN EFI_CC_EVENT_LOG_FORMAT EventLogFormat,\r
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,\r
+ OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,\r
+ OUT BOOLEAN *EventLogTruncated\r
+ );\r
+\r
+/**\r
+ The EFI_CC_MEASUREMENT_PROTOCOL HashLogExtendEvent function call provides\r
+ callers with an opportunity to extend and optionally log events without requiring\r
+ knowledge of actual CC commands.\r
+ The extend operation will occur even if this function cannot create an event\r
+ log entry (e.g. due to the event log being full).\r
+\r
+ @param[in] This Indicates the calling context\r
+ @param[in] Flags Bitmap providing additional information.\r
+ @param[in] DataToHash Physical address of the start of the data buffer to be hashed.\r
+ @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.\r
+ @param[in] EfiCcEvent Pointer to data buffer containing information about the event.\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully.\r
+ @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
+ @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.\r
+ @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r
+ @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CC_HASH_LOG_EXTEND_EVENT)(\r
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,\r
+ IN UINT64 Flags,\r
+ IN EFI_PHYSICAL_ADDRESS DataToHash,\r
+ IN UINT64 DataToHashLen,\r
+ IN EFI_CC_EVENT *EfiCcEvent\r
+ );\r
+\r
+/**\r
+ The EFI_CC_MEASUREMENT_PROTOCOL MapPcrToMrIndex function call provides callers\r
+ the info on TPM PCR <-> CC MR mapping information.\r
+\r
+ @param[in] This Indicates the calling context\r
+ @param[in] PcrIndex TPM PCR index.\r
+ @param[out] MrIndex CC MR index.\r
+\r
+ @retval EFI_SUCCESS The MrIndex is returned.\r
+ @retval EFI_INVALID_PARAMETER The MrIndex is NULL.\r
+ @retval EFI_UNSUPPORTED The PcrIndex is invalid.\r
+**/\r
+typedef\r
+EFI_STATUS\r
+(EFIAPI *EFI_CC_MAP_PCR_TO_MR_INDEX)(\r
+ IN EFI_CC_MEASUREMENT_PROTOCOL *This,\r
+ IN TCG_PCRINDEX PcrIndex,\r
+ OUT EFI_CC_MR_INDEX *MrIndex\r
+ );\r
+\r
+struct _EFI_CC_MEASUREMENT_PROTOCOL {\r
+ EFI_CC_GET_CAPABILITY GetCapability;\r
+ EFI_CC_GET_EVENT_LOG GetEventLog;\r
+ EFI_CC_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;\r
+ EFI_CC_MAP_PCR_TO_MR_INDEX MapPcrToMrIndex;\r
+};\r
+\r
+//\r
+// CC event log\r
+//\r
+\r
+#pragma pack(1)\r
+\r
+//\r
+// Crypto Agile Log Entry Format.\r
+// It is similar with TCG_PCR_EVENT2 except the field of MrIndex and PCRIndex.\r
+//\r
+typedef struct {\r
+ EFI_CC_MR_INDEX MrIndex;\r
+ UINT32 EventType;\r
+ TPML_DIGEST_VALUES Digests;\r
+ UINT32 EventSize;\r
+ UINT8 Event[1];\r
+} CC_EVENT;\r
+\r
+//\r
+// EFI CC Event Header\r
+// It is similar with TCG_PCR_EVENT2_HDR except the field of MrIndex and PCRIndex\r
+//\r
+typedef struct {\r
+ EFI_CC_MR_INDEX MrIndex;\r
+ UINT32 EventType;\r
+ TPML_DIGEST_VALUES Digests;\r
+ UINT32 EventSize;\r
+} CC_EVENT_HDR;\r
+\r
+#pragma pack()\r
+\r
+//\r
+// Log entries after Get Event Log service\r
+//\r
+\r
+#define EFI_CC_FINAL_EVENTS_TABLE_VERSION 1\r
+\r
+typedef struct {\r
+ //\r
+ // The version of this structure. It shall be set to 1.\r
+ //\r
+ UINT64 Version;\r
+ //\r
+ // Number of events recorded after invocation of GetEventLog API\r
+ //\r
+ UINT64 NumberOfEvents;\r
+ //\r
+ // List of events of type CC_EVENT.\r
+ //\r
+ // CC_EVENT Event[1];\r
+} EFI_CC_FINAL_EVENTS_TABLE;\r
+\r
+#define EFI_CC_FINAL_EVENTS_TABLE_GUID \\r
+ {0xdd4a4648, 0x2de7, 0x4665, {0x96, 0x4d, 0x21, 0xd9, 0xef, 0x5f, 0xb4, 0x46}}\r
+\r
+extern EFI_GUID gEfiCcFinalEventsTableGuid;\r
+\r
+#endif\r