]>
Commit | Line | Data |
---|---|---|
59b226d6 JY |
1 | /** @file\r |
2 | TPM2 Protocol as defined in TCG PC Client Platform EFI Protocol Specification Family "2.0".\r | |
3 | See http://trustedcomputinggroup.org for the latest specification\r | |
4 | \r | |
9095d37b | 5 | Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>\r |
9344f092 | 6 | SPDX-License-Identifier: BSD-2-Clause-Patent\r |
59b226d6 JY |
7 | \r |
8 | **/\r | |
9 | \r | |
10 | #ifndef __TCG2_PROTOCOL_H__\r | |
11 | #define __TCG2_PROTOCOL_H__\r | |
12 | \r | |
13 | #include <IndustryStandard/UefiTcgPlatform.h>\r | |
14 | #include <IndustryStandard/Tpm20.h>\r | |
15 | \r | |
16 | #define EFI_TCG2_PROTOCOL_GUID \\r | |
17 | {0x607f766c, 0x7455, 0x42be, { 0x93, 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f }}\r | |
18 | \r | |
19 | typedef struct tdEFI_TCG2_PROTOCOL EFI_TCG2_PROTOCOL;\r | |
20 | \r | |
21 | typedef struct tdEFI_TCG2_VERSION {\r | |
22 | UINT8 Major;\r | |
23 | UINT8 Minor;\r | |
24 | } EFI_TCG2_VERSION;\r | |
25 | \r | |
26 | typedef UINT32 EFI_TCG2_EVENT_LOG_BITMAP;\r | |
27 | typedef UINT32 EFI_TCG2_EVENT_LOG_FORMAT;\r | |
28 | typedef UINT32 EFI_TCG2_EVENT_ALGORITHM_BITMAP;\r | |
29 | \r | |
30 | #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 0x00000001\r | |
31 | #define EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002\r | |
32 | \r | |
33 | typedef struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY {\r | |
34 | //\r | |
35 | // Allocated size of the structure\r | |
36 | //\r | |
37 | UINT8 Size;\r | |
38 | //\r | |
39 | // Version of the EFI_TCG2_BOOT_SERVICE_CAPABILITY structure itself.\r | |
40 | // For this version of the protocol, the Major version shall be set to 1\r | |
9095d37b | 41 | // and the Minor version shall be set to 1.\r |
59b226d6 JY |
42 | //\r |
43 | EFI_TCG2_VERSION StructureVersion;\r | |
44 | //\r | |
45 | // Version of the EFI TCG2 protocol.\r | |
46 | // For this version of the protocol, the Major version shall be set to 1\r | |
9095d37b | 47 | // and the Minor version shall be set to 1.\r |
59b226d6 JY |
48 | //\r |
49 | EFI_TCG2_VERSION ProtocolVersion;\r | |
50 | //\r | |
51 | // Supported hash algorithms (this bitmap is determined by the supported PCR\r | |
52 | // banks in the TPM and the hashing algorithms supported by the firmware)\r | |
53 | //\r | |
54 | EFI_TCG2_EVENT_ALGORITHM_BITMAP HashAlgorithmBitmap;\r | |
55 | //\r | |
56 | // Bitmap of supported event log formats\r | |
57 | //\r | |
58 | EFI_TCG2_EVENT_LOG_BITMAP SupportedEventLogs;\r | |
59 | //\r | |
60 | // False = TPM not present\r | |
61 | //\r | |
62 | BOOLEAN TPMPresentFlag;\r | |
63 | //\r | |
64 | // Max size (in bytes) of a command that can be sent to the TPM\r | |
65 | //\r | |
66 | UINT16 MaxCommandSize;\r | |
67 | //\r | |
68 | // Max size (in bytes) of a response that can be provided by the TPM\r | |
69 | //\r | |
70 | UINT16 MaxResponseSize;\r | |
71 | //\r | |
72 | // 4-byte Vendor ID\r | |
73 | // (see TCG Vendor ID registry, Section "TPM Capabilities Vendor ID")\r | |
74 | //\r | |
75 | UINT32 ManufacturerID;\r | |
76 | //\r | |
77 | // Maximum number of PCR banks (hashing algorithms) supported.\r | |
78 | // No granularity is provided to support a specific set of algorithms.\r | |
79 | // Minimum value is 1.\r | |
80 | //\r | |
81 | UINT32 NumberOfPCRBanks;\r | |
82 | //\r | |
83 | // A bitmap of currently active PCR banks (hashing algorithms).\r | |
84 | // This is a subset of the supported hashing algorithms reported in HashAlgorithmBitMap.\r | |
85 | // NumberOfPcrBanks defines the number of bits that are set.\r | |
86 | //\r | |
87 | EFI_TCG2_EVENT_ALGORITHM_BITMAP ActivePcrBanks;\r | |
88 | } EFI_TCG2_BOOT_SERVICE_CAPABILITY;\r | |
89 | \r | |
90 | #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001\r | |
91 | #define EFI_TCG2_BOOT_HASH_ALG_SHA256 0x00000002\r | |
92 | #define EFI_TCG2_BOOT_HASH_ALG_SHA384 0x00000004\r | |
93 | #define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008\r | |
94 | #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010\r | |
95 | \r | |
96 | //\r | |
97 | // This bit is shall be set when an event shall be extended but not logged.\r | |
98 | //\r | |
99 | #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001\r | |
100 | //\r | |
101 | // This bit shall be set when the intent is to measure a PE/COFF image.\r | |
102 | //\r | |
103 | #define PE_COFF_IMAGE 0x0000000000000010\r | |
104 | \r | |
105 | #define MAX_PCR_INDEX 23\r | |
106 | \r | |
107 | #pragma pack(1)\r | |
108 | \r | |
109 | #define EFI_TCG2_EVENT_HEADER_VERSION 1\r | |
110 | \r | |
111 | typedef struct {\r | |
112 | //\r | |
9095d37b | 113 | // Size of the event header itself (sizeof(EFI_TCG2_EVENT_HEADER)).\r |
59b226d6 JY |
114 | //\r |
115 | UINT32 HeaderSize;\r | |
116 | //\r | |
117 | // Header version. For this version of this specification, the value shall be 1.\r | |
118 | //\r | |
119 | UINT16 HeaderVersion;\r | |
120 | //\r | |
9095d37b | 121 | // Index of the PCR that shall be extended (0 - 23).\r |
59b226d6 JY |
122 | //\r |
123 | TCG_PCRINDEX PCRIndex;\r | |
124 | //\r | |
9095d37b | 125 | // Type of the event that shall be extended (and optionally logged).\r |
59b226d6 JY |
126 | //\r |
127 | TCG_EVENTTYPE EventType;\r | |
128 | } EFI_TCG2_EVENT_HEADER;\r | |
129 | \r | |
130 | typedef struct tdEFI_TCG2_EVENT {\r | |
131 | //\r | |
9095d37b | 132 | // Total size of the event including the Size component, the header and the Event data.\r |
59b226d6 JY |
133 | //\r |
134 | UINT32 Size;\r | |
135 | EFI_TCG2_EVENT_HEADER Header;\r | |
136 | UINT8 Event[1];\r | |
137 | } EFI_TCG2_EVENT;\r | |
138 | \r | |
139 | #pragma pack()\r | |
140 | \r | |
141 | /**\r | |
142 | The EFI_TCG2_PROTOCOL GetCapability function call provides protocol\r | |
143 | capability information and state information.\r | |
144 | \r | |
145 | @param[in] This Indicates the calling context\r | |
146 | @param[in, out] ProtocolCapability The caller allocates memory for a EFI_TCG2_BOOT_SERVICE_CAPABILITY\r | |
147 | structure and sets the size field to the size of the structure allocated.\r | |
148 | The callee fills in the fields with the EFI protocol capability information\r | |
149 | and the current EFI TCG2 state information up to the number of fields which\r | |
150 | fit within the size of the structure passed in.\r | |
151 | \r | |
152 | @retval EFI_SUCCESS Operation completed successfully.\r | |
153 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
9095d37b | 154 | The ProtocolCapability variable will not be populated.\r |
59b226d6 JY |
155 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r |
156 | The ProtocolCapability variable will not be populated.\r | |
157 | @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.\r | |
9095d37b | 158 | It will be partially populated (required Size field will be set).\r |
59b226d6 JY |
159 | **/\r |
160 | typedef\r | |
161 | EFI_STATUS\r | |
162 | (EFIAPI *EFI_TCG2_GET_CAPABILITY) (\r | |
163 | IN EFI_TCG2_PROTOCOL *This,\r | |
164 | IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability\r | |
165 | );\r | |
166 | \r | |
167 | /**\r | |
168 | The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to\r | |
9095d37b | 169 | retrieve the address of a given event log and its last entry.\r |
59b226d6 JY |
170 | \r |
171 | @param[in] This Indicates the calling context\r | |
172 | @param[in] EventLogFormat The type of the event log for which the information is requested.\r | |
173 | @param[out] EventLogLocation A pointer to the memory address of the event log.\r | |
174 | @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the\r | |
175 | address of the start of the last entry in the event log in memory.\r | |
176 | @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would\r | |
177 | have exceeded the area allocated for events, this value is set to TRUE.\r | |
178 | Otherwise, the value will be FALSE and the Event Log will be complete.\r | |
179 | \r | |
180 | @retval EFI_SUCCESS Operation completed successfully.\r | |
181 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect\r | |
182 | (e.g. asking for an event log whose format is not supported).\r | |
183 | **/\r | |
184 | typedef\r | |
185 | EFI_STATUS\r | |
186 | (EFIAPI *EFI_TCG2_GET_EVENT_LOG) (\r | |
187 | IN EFI_TCG2_PROTOCOL *This,\r | |
188 | IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,\r | |
189 | OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,\r | |
190 | OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,\r | |
191 | OUT BOOLEAN *EventLogTruncated\r | |
192 | );\r | |
193 | \r | |
194 | /**\r | |
195 | The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with\r | |
196 | an opportunity to extend and optionally log events without requiring\r | |
9095d37b | 197 | knowledge of actual TPM commands.\r |
59b226d6 | 198 | The extend operation will occur even if this function cannot create an event\r |
9095d37b | 199 | log entry (e.g. due to the event log being full).\r |
59b226d6 JY |
200 | \r |
201 | @param[in] This Indicates the calling context\r | |
202 | @param[in] Flags Bitmap providing additional information.\r | |
9095d37b | 203 | @param[in] DataToHash Physical address of the start of the data buffer to be hashed.\r |
59b226d6 JY |
204 | @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.\r |
205 | @param[in] EfiTcgEvent Pointer to data buffer containing information about the event.\r | |
206 | \r | |
207 | @retval EFI_SUCCESS Operation completed successfully.\r | |
208 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
209 | @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.\r | |
210 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
211 | @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.\r | |
212 | **/\r | |
213 | typedef\r | |
214 | EFI_STATUS\r | |
215 | (EFIAPI * EFI_TCG2_HASH_LOG_EXTEND_EVENT) (\r | |
216 | IN EFI_TCG2_PROTOCOL *This,\r | |
217 | IN UINT64 Flags,\r | |
218 | IN EFI_PHYSICAL_ADDRESS DataToHash,\r | |
219 | IN UINT64 DataToHashLen,\r | |
220 | IN EFI_TCG2_EVENT *EfiTcgEvent\r | |
221 | );\r | |
222 | \r | |
223 | /**\r | |
224 | This service enables the sending of commands to the TPM.\r | |
225 | \r | |
226 | @param[in] This Indicates the calling context\r | |
227 | @param[in] InputParameterBlockSize Size of the TPM input parameter block.\r | |
228 | @param[in] InputParameterBlock Pointer to the TPM input parameter block.\r | |
229 | @param[in] OutputParameterBlockSize Size of the TPM output parameter block.\r | |
230 | @param[in] OutputParameterBlock Pointer to the TPM output parameter block.\r | |
231 | \r | |
232 | @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r | |
233 | @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r | |
234 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
9095d37b | 235 | @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.\r |
59b226d6 JY |
236 | **/\r |
237 | typedef\r | |
238 | EFI_STATUS\r | |
239 | (EFIAPI *EFI_TCG2_SUBMIT_COMMAND) (\r | |
240 | IN EFI_TCG2_PROTOCOL *This,\r | |
241 | IN UINT32 InputParameterBlockSize,\r | |
242 | IN UINT8 *InputParameterBlock,\r | |
243 | IN UINT32 OutputParameterBlockSize,\r | |
244 | IN UINT8 *OutputParameterBlock\r | |
245 | );\r | |
246 | \r | |
247 | /**\r | |
248 | This service returns the currently active PCR banks.\r | |
249 | \r | |
250 | @param[in] This Indicates the calling context\r | |
251 | @param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.\r | |
252 | \r | |
253 | @retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.\r | |
9095d37b | 254 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r |
59b226d6 JY |
255 | **/\r |
256 | typedef\r | |
257 | EFI_STATUS\r | |
258 | (EFIAPI *EFI_TCG2_GET_ACTIVE_PCR_BANKS) (\r | |
259 | IN EFI_TCG2_PROTOCOL *This,\r | |
260 | OUT UINT32 *ActivePcrBanks\r | |
261 | );\r | |
262 | \r | |
263 | /**\r | |
264 | This service sets the currently active PCR banks.\r | |
265 | \r | |
266 | @param[in] This Indicates the calling context\r | |
267 | @param[in] ActivePcrBanks Bitmap of the requested active PCR banks. At least one bit SHALL be set.\r | |
268 | \r | |
269 | @retval EFI_SUCCESS The bitmap in ActivePcrBank parameter is already active.\r | |
270 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
271 | **/\r | |
272 | typedef\r | |
273 | EFI_STATUS\r | |
274 | (EFIAPI *EFI_TCG2_SET_ACTIVE_PCR_BANKS) (\r | |
275 | IN EFI_TCG2_PROTOCOL *This,\r | |
276 | IN UINT32 ActivePcrBanks\r | |
277 | );\r | |
278 | \r | |
279 | /**\r | |
280 | This service retrieves the result of a previous invocation of SetActivePcrBanks.\r | |
281 | \r | |
282 | @param[in] This Indicates the calling context\r | |
283 | @param[out] OperationPresent Non-zero value to indicate a SetActivePcrBank operation was invoked during the last boot.\r | |
284 | @param[out] Response The response from the SetActivePcrBank request.\r | |
285 | \r | |
286 | @retval EFI_SUCCESS The result value could be returned.\r | |
287 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
288 | **/\r | |
289 | typedef\r | |
290 | EFI_STATUS\r | |
291 | (EFIAPI *EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS) (\r | |
292 | IN EFI_TCG2_PROTOCOL *This,\r | |
293 | OUT UINT32 *OperationPresent,\r | |
294 | OUT UINT32 *Response\r | |
295 | );\r | |
296 | \r | |
297 | struct tdEFI_TCG2_PROTOCOL {\r | |
298 | EFI_TCG2_GET_CAPABILITY GetCapability;\r | |
299 | EFI_TCG2_GET_EVENT_LOG GetEventLog;\r | |
300 | EFI_TCG2_HASH_LOG_EXTEND_EVENT HashLogExtendEvent;\r | |
301 | EFI_TCG2_SUBMIT_COMMAND SubmitCommand;\r | |
302 | EFI_TCG2_GET_ACTIVE_PCR_BANKS GetActivePcrBanks;\r | |
303 | EFI_TCG2_SET_ACTIVE_PCR_BANKS SetActivePcrBanks;\r | |
304 | EFI_TCG2_GET_RESULT_OF_SET_ACTIVE_PCR_BANKS GetResultOfSetActivePcrBanks;\r | |
305 | };\r | |
306 | \r | |
307 | extern EFI_GUID gEfiTcg2ProtocolGuid;\r | |
308 | \r | |
309 | //\r | |
310 | // Log entries after Get Event Log service\r | |
311 | //\r | |
312 | \r | |
313 | #define EFI_TCG2_FINAL_EVENTS_TABLE_GUID \\r | |
314 | {0x1e2ed096, 0x30e2, 0x4254, { 0xbd, 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25 }}\r | |
315 | \r | |
316 | extern EFI_GUID gEfiTcg2FinalEventsTableGuid;\r | |
317 | \r | |
318 | typedef struct tdEFI_TCG2_FINAL_EVENTS_TABLE {\r | |
319 | //\r | |
320 | // The version of this structure.\r | |
321 | //\r | |
322 | UINT64 Version;\r | |
323 | //\r | |
324 | // Number of events recorded after invocation of GetEventLog API\r | |
325 | //\r | |
326 | UINT64 NumberOfEvents;\r | |
327 | //\r | |
328 | // List of events of type TCG_PCR_EVENT2.\r | |
329 | //\r | |
330 | //TCG_PCR_EVENT2 Event[1];\r | |
331 | } EFI_TCG2_FINAL_EVENTS_TABLE;\r | |
332 | \r | |
333 | #define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1\r | |
334 | \r | |
335 | #endif\r |