]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
607599bf | 2 | \r |
3 | Execute pending TPM requests from OS or BIOS and Lock TPM.\r | |
4 | \r | |
568e7b27 | 5 | Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r |
0c18794e | 6 | This program and the accompanying materials \r |
7 | are licensed and made available under the terms and conditions of the BSD License \r | |
8 | which accompanies this distribution. The full text of the license may be found at \r | |
9 | http://opensource.org/licenses/bsd-license.php\r | |
10 | \r | |
11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
13 | \r | |
14 | **/\r | |
15 | \r | |
607599bf | 16 | #include <PiDxe.h>\r |
17 | \r | |
18 | #include <Protocol/TcgService.h>\r | |
19 | #include <Library/DebugLib.h>\r | |
20 | #include <Library/BaseMemoryLib.h>\r | |
21 | #include <Library/UefiRuntimeServicesTableLib.h>\r | |
22 | #include <Library/UefiDriverEntryPoint.h>\r | |
23 | #include <Library/UefiBootServicesTableLib.h>\r | |
24 | #include <Library/UefiLib.h>\r | |
25 | #include <Library/MemoryAllocationLib.h>\r | |
26 | #include <Library/PrintLib.h>\r | |
27 | #include <Library/HiiLib.h>\r | |
28 | #include <Guid/EventGroup.h>\r | |
29 | #include <Guid/PhysicalPresenceData.h>\r | |
30 | \r | |
31 | #define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))\r | |
32 | #define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))\r | |
33 | #define CONFIRM_BUFFER_SIZE 4096\r | |
0c18794e | 34 | \r |
35 | EFI_HII_HANDLE mPpStringPackHandle;\r | |
36 | \r | |
607599bf | 37 | /**\r |
38 | Get string by string id from HII Interface.\r | |
39 | \r | |
40 | @param[in] Id String ID.\r | |
41 | \r | |
42 | @retval CHAR16 * String from ID.\r | |
43 | @retval NULL If error occurs.\r | |
44 | \r | |
45 | **/\r | |
46 | CHAR16 *\r | |
47 | PhysicalPresenceGetStringById (\r | |
48 | IN EFI_STRING_ID Id\r | |
49 | )\r | |
50 | {\r | |
51 | return HiiGetString (mPpStringPackHandle, Id, NULL);\r | |
52 | }\r | |
53 | \r | |
0c18794e | 54 | /**\r |
55 | Get TPM physical presence permanent flags.\r | |
56 | \r | |
607599bf | 57 | @param[in] TcgProtocol EFI TCG Protocol instance. \r |
58 | @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag. \r | |
59 | @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.\r | |
0c18794e | 60 | \r |
61 | @retval EFI_SUCCESS Flags were returns successfully.\r | |
62 | @retval other Failed to locate EFI TCG Protocol.\r | |
63 | \r | |
64 | **/\r | |
65 | EFI_STATUS\r | |
66 | GetTpmCapability (\r | |
607599bf | 67 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
0c18794e | 68 | OUT BOOLEAN *LifetimeLock,\r |
69 | OUT BOOLEAN *CmdEnable\r | |
70 | )\r | |
71 | {\r | |
72 | EFI_STATUS Status;\r | |
0c18794e | 73 | TPM_RQU_COMMAND_HDR *TpmRqu;\r |
74 | TPM_RSP_COMMAND_HDR *TpmRsp;\r | |
75 | UINT32 *SendBufPtr;\r | |
76 | UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r | |
77 | TPM_PERMANENT_FLAGS *TpmPermanentFlags;\r | |
78 | UINT8 RecvBuffer[40];\r | |
79 | \r | |
0c18794e | 80 | //\r |
81 | // Fill request header\r | |
82 | //\r | |
83 | TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r | |
84 | TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r | |
85 | \r | |
607599bf | 86 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
87 | TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));\r | |
88 | TpmRqu->ordinal = SwapBytes32 (TPM_ORD_GetCapability);\r | |
0c18794e | 89 | \r |
90 | //\r | |
91 | // Set request parameter\r | |
92 | //\r | |
93 | SendBufPtr = (UINT32*)(TpmRqu + 1);\r | |
607599bf | 94 | WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));\r |
95 | WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));\r | |
96 | WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT)); \r | |
0c18794e | 97 | \r |
98 | Status = TcgProtocol->PassThroughToTpm (\r | |
99 | TcgProtocol,\r | |
100 | sizeof (SendBuffer),\r | |
101 | (UINT8*)TpmRqu,\r | |
102 | sizeof (RecvBuffer),\r | |
103 | (UINT8*)&RecvBuffer\r | |
104 | );\r | |
105 | ASSERT_EFI_ERROR (Status);\r | |
607599bf | 106 | ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r |
0c18794e | 107 | ASSERT (TpmRsp->returnCode == 0);\r |
108 | \r | |
109 | TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r | |
110 | \r | |
111 | if (LifetimeLock != NULL) {\r | |
112 | *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r | |
113 | }\r | |
114 | \r | |
115 | if (CmdEnable != NULL) {\r | |
116 | *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r | |
117 | }\r | |
118 | \r | |
119 | return Status;\r | |
120 | }\r | |
121 | \r | |
122 | /**\r | |
123 | Issue TSC_PhysicalPresence command to TPM.\r | |
124 | \r | |
607599bf | 125 | @param[in] TcgProtocol EFI TCG Protocol instance. \r |
0c18794e | 126 | @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags. \r |
127 | \r | |
128 | @retval EFI_SUCCESS TPM executed the command successfully.\r | |
129 | @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.\r | |
130 | @retval other Failed to locate EFI TCG Protocol.\r | |
131 | \r | |
132 | **/\r | |
133 | EFI_STATUS\r | |
134 | TpmPhysicalPresence (\r | |
607599bf | 135 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
0c18794e | 136 | IN TPM_PHYSICAL_PRESENCE PhysicalPresence\r |
137 | )\r | |
138 | {\r | |
139 | EFI_STATUS Status;\r | |
0c18794e | 140 | TPM_RQU_COMMAND_HDR *TpmRqu;\r |
141 | TPM_PHYSICAL_PRESENCE *TpmPp;\r | |
142 | TPM_RSP_COMMAND_HDR TpmRsp;\r | |
143 | UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r | |
144 | \r | |
0c18794e | 145 | TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r |
146 | TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r | |
147 | \r | |
607599bf | 148 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
149 | TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));\r | |
150 | TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);\r | |
151 | WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence)); \r | |
0c18794e | 152 | \r |
153 | Status = TcgProtocol->PassThroughToTpm (\r | |
154 | TcgProtocol,\r | |
155 | sizeof (Buffer),\r | |
156 | (UINT8*)TpmRqu,\r | |
157 | sizeof (TpmRsp),\r | |
158 | (UINT8*)&TpmRsp\r | |
159 | );\r | |
160 | ASSERT_EFI_ERROR (Status);\r | |
607599bf | 161 | ASSERT (TpmRsp.tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r |
0c18794e | 162 | if (TpmRsp.returnCode != 0) {\r |
163 | //\r | |
164 | // If it fails, some requirements may be needed for this command.\r | |
165 | //\r | |
166 | return EFI_SECURITY_VIOLATION;\r | |
167 | }\r | |
607599bf | 168 | \r |
0c18794e | 169 | return Status;\r |
170 | }\r | |
171 | \r | |
172 | /**\r | |
173 | Issue a TPM command for which no additional output data will be returned.\r | |
174 | \r | |
175 | @param[in] TcgProtocol EFI TCG Protocol instance. \r | |
176 | @param[in] Ordinal TPM command code. \r | |
177 | @param[in] AdditionalParameterSize Additional parameter size. \r | |
178 | @param[in] AdditionalParameters Pointer to the Additional paramaters. \r | |
179 | \r | |
180 | @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r | |
181 | receiving response from TPM.\r | |
182 | @retval Others Return code from the TPM device after command execution.\r | |
183 | \r | |
184 | **/\r | |
185 | TPM_RESULT\r | |
186 | TpmCommandNoReturnData (\r | |
187 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r | |
188 | IN TPM_COMMAND_CODE Ordinal,\r | |
189 | IN UINTN AdditionalParameterSize,\r | |
190 | IN VOID *AdditionalParameters\r | |
191 | )\r | |
192 | {\r | |
193 | EFI_STATUS Status;\r | |
194 | TPM_RQU_COMMAND_HDR *TpmRqu;\r | |
195 | TPM_RSP_COMMAND_HDR TpmRsp;\r | |
196 | UINT32 Size;\r | |
197 | \r | |
607599bf | 198 | TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);\r |
0c18794e | 199 | if (TpmRqu == NULL) {\r |
200 | return TPM_PP_BIOS_FAILURE;\r | |
201 | }\r | |
202 | \r | |
607599bf | 203 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
0c18794e | 204 | Size = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r |
607599bf | 205 | TpmRqu->paramSize = SwapBytes32 (Size);\r |
206 | TpmRqu->ordinal = SwapBytes32 (Ordinal);\r | |
207 | CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r | |
0c18794e | 208 | \r |
209 | Status = TcgProtocol->PassThroughToTpm (\r | |
210 | TcgProtocol,\r | |
211 | Size,\r | |
212 | (UINT8*)TpmRqu,\r | |
213 | (UINT32)sizeof (TpmRsp),\r | |
214 | (UINT8*)&TpmRsp\r | |
215 | );\r | |
216 | FreePool (TpmRqu);\r | |
607599bf | 217 | if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {\r |
0c18794e | 218 | return TPM_PP_BIOS_FAILURE;\r |
219 | }\r | |
607599bf | 220 | return SwapBytes32 (TpmRsp.returnCode);\r |
0c18794e | 221 | }\r |
222 | \r | |
223 | /**\r | |
224 | Execute physical presence operation requested by the OS.\r | |
225 | \r | |
607599bf | 226 | @param[in] TcgProtocol EFI TCG Protocol instance.\r |
227 | @param[in] CommandCode Physical presence operation value.\r | |
228 | @param[in, out] PpiFlags The physical presence interface flags.\r | |
0c18794e | 229 | \r |
230 | @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.\r | |
231 | @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r | |
232 | receiving response from TPM.\r | |
233 | @retval Others Return code from the TPM device after command execution.\r | |
234 | \r | |
235 | **/\r | |
236 | TPM_RESULT\r | |
237 | ExecutePhysicalPresence (\r | |
238 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r | |
239 | IN UINT8 CommandCode,\r | |
240 | IN OUT UINT8 *PpiFlags\r | |
241 | )\r | |
242 | {\r | |
243 | BOOLEAN BoolVal;\r | |
244 | TPM_RESULT TpmResponse;\r | |
245 | UINT32 InData[5];\r | |
246 | \r | |
247 | switch (CommandCode) {\r | |
607599bf | 248 | case PHYSICAL_PRESENCE_ENABLE:\r |
0c18794e | 249 | return TpmCommandNoReturnData (\r |
250 | TcgProtocol,\r | |
251 | TPM_ORD_PhysicalEnable,\r | |
252 | 0,\r | |
253 | NULL\r | |
254 | );\r | |
255 | \r | |
607599bf | 256 | case PHYSICAL_PRESENCE_DISABLE:\r |
0c18794e | 257 | return TpmCommandNoReturnData (\r |
258 | TcgProtocol,\r | |
259 | TPM_ORD_PhysicalDisable,\r | |
260 | 0,\r | |
261 | NULL\r | |
262 | );\r | |
263 | \r | |
607599bf | 264 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
0c18794e | 265 | BoolVal = FALSE;\r |
266 | return TpmCommandNoReturnData (\r | |
267 | TcgProtocol,\r | |
268 | TPM_ORD_PhysicalSetDeactivated,\r | |
269 | sizeof (BoolVal),\r | |
270 | &BoolVal\r | |
271 | );\r | |
272 | \r | |
607599bf | 273 | case PHYSICAL_PRESENCE_DEACTIVATE:\r |
0c18794e | 274 | BoolVal = TRUE;\r |
275 | return TpmCommandNoReturnData (\r | |
276 | TcgProtocol,\r | |
277 | TPM_ORD_PhysicalSetDeactivated,\r | |
278 | sizeof (BoolVal),\r | |
279 | &BoolVal\r | |
280 | );\r | |
281 | \r | |
607599bf | 282 | case PHYSICAL_PRESENCE_CLEAR:\r |
0c18794e | 283 | return TpmCommandNoReturnData (\r |
284 | TcgProtocol,\r | |
285 | TPM_ORD_ForceClear,\r | |
286 | 0,\r | |
287 | NULL\r | |
288 | );\r | |
289 | \r | |
607599bf | 290 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r |
291 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE, PpiFlags);\r | |
0c18794e | 292 | if (TpmResponse == 0) {\r |
607599bf | 293 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);\r |
0c18794e | 294 | }\r |
295 | return TpmResponse;\r | |
296 | \r | |
607599bf | 297 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r |
298 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE, PpiFlags);\r | |
0c18794e | 299 | if (TpmResponse == 0) {\r |
607599bf | 300 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);\r |
0c18794e | 301 | }\r |
302 | return TpmResponse;\r | |
303 | \r | |
607599bf | 304 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r |
0c18794e | 305 | BoolVal = TRUE;\r |
306 | return TpmCommandNoReturnData (\r | |
307 | TcgProtocol,\r | |
308 | TPM_ORD_SetOwnerInstall,\r | |
309 | sizeof (BoolVal),\r | |
310 | &BoolVal\r | |
311 | );\r | |
312 | \r | |
607599bf | 313 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r |
0c18794e | 314 | BoolVal = FALSE;\r |
315 | return TpmCommandNoReturnData (\r | |
316 | TcgProtocol,\r | |
317 | TPM_ORD_SetOwnerInstall,\r | |
318 | sizeof (BoolVal),\r | |
319 | &BoolVal\r | |
320 | );\r | |
321 | \r | |
607599bf | 322 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r |
0c18794e | 323 | //\r |
607599bf | 324 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE\r |
325 | // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot\r | |
0c18794e | 326 | //\r |
327 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
607599bf | 328 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 329 | *PpiFlags |= FLAG_RESET_TRACK;\r |
330 | } else {\r | |
607599bf | 331 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);\r |
0c18794e | 332 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
333 | }\r | |
334 | return TpmResponse;\r | |
335 | \r | |
607599bf | 336 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r |
337 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE, PpiFlags);\r | |
0c18794e | 338 | if (TpmResponse == 0) {\r |
607599bf | 339 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);\r |
0c18794e | 340 | }\r |
341 | return TpmResponse;\r | |
342 | \r | |
607599bf | 343 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
344 | InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA); // CapabilityArea\r | |
345 | InData[1] = SwapBytes32 (sizeof(UINT32)); // SubCapSize\r | |
346 | InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r | |
347 | InData[3] = SwapBytes32 (sizeof(UINT32)); // SetValueSize\r | |
348 | InData[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0\r | |
0c18794e | 349 | return TpmCommandNoReturnData (\r |
350 | TcgProtocol,\r | |
351 | TPM_ORD_SetCapability,\r | |
352 | sizeof (UINT32) * 5,\r | |
353 | InData\r | |
354 | );\r | |
355 | \r | |
607599bf | 356 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r |
0c18794e | 357 | //\r |
358 | // TPM_SetOperatorAuth\r | |
359 | // This command requires UI to prompt user for Auth data\r | |
360 | // Here it is NOT implemented\r | |
361 | //\r | |
362 | return TPM_PP_BIOS_FAILURE;\r | |
363 | \r | |
607599bf | 364 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
365 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r | |
0c18794e | 366 | if (TpmResponse == 0) {\r |
607599bf | 367 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 368 | }\r |
369 | return TpmResponse;\r | |
370 | \r | |
607599bf | 371 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r |
0c18794e | 372 | *PpiFlags &= ~FLAG_NO_PPI_PROVISION;\r |
373 | return 0;\r | |
374 | \r | |
607599bf | 375 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r |
0c18794e | 376 | *PpiFlags |= FLAG_NO_PPI_PROVISION;\r |
377 | return 0;\r | |
378 | \r | |
607599bf | 379 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r |
0c18794e | 380 | *PpiFlags &= ~FLAG_NO_PPI_CLEAR;\r |
381 | return 0;\r | |
382 | \r | |
607599bf | 383 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r |
0c18794e | 384 | *PpiFlags |= FLAG_NO_PPI_CLEAR;\r |
385 | return 0;\r | |
386 | \r | |
607599bf | 387 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r |
0c18794e | 388 | *PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;\r |
389 | return 0;\r | |
390 | \r | |
607599bf | 391 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r |
0c18794e | 392 | *PpiFlags |= FLAG_NO_PPI_MAINTENANCE;\r |
393 | return 0;\r | |
394 | \r | |
607599bf | 395 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r |
1f728ac7 | 396 | //\r |
397 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR\r | |
398 | // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.\r | |
399 | //\r | |
400 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
401 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r | |
402 | *PpiFlags |= FLAG_RESET_TRACK;\r | |
403 | } else {\r | |
607599bf | 404 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r |
1f728ac7 | 405 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
0c18794e | 406 | }\r |
407 | return TpmResponse;\r | |
408 | \r | |
607599bf | 409 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 410 | //\r |
607599bf | 411 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE\r |
1f728ac7 | 412 | // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.\r |
0c18794e | 413 | //\r |
414 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
607599bf | 415 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 416 | *PpiFlags |= FLAG_RESET_TRACK;\r |
417 | } else {\r | |
607599bf | 418 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 419 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
420 | } \r | |
421 | return TpmResponse;\r | |
422 | \r | |
423 | default:\r | |
424 | ;\r | |
425 | }\r | |
426 | return TPM_PP_BIOS_FAILURE;\r | |
427 | }\r | |
428 | \r | |
429 | \r | |
430 | /**\r | |
431 | Read the specified key for user confirmation.\r | |
432 | \r | |
433 | @param[in] CautionKey If true, F12 is used as confirm key;\r | |
434 | If false, F10 is used as confirm key.\r | |
435 | \r | |
436 | @retval TRUE User confirmed the changes by input.\r | |
437 | @retval FALSE User discarded the changes.\r | |
438 | \r | |
439 | **/\r | |
440 | BOOLEAN\r | |
441 | ReadUserKey (\r | |
442 | IN BOOLEAN CautionKey\r | |
443 | )\r | |
444 | {\r | |
445 | EFI_STATUS Status;\r | |
446 | EFI_INPUT_KEY Key;\r | |
447 | UINT16 InputKey;\r | |
0c18794e | 448 | \r |
449 | InputKey = 0; \r | |
450 | do {\r | |
451 | Status = gBS->CheckEvent (gST->ConIn->WaitForKey);\r | |
452 | if (!EFI_ERROR (Status)) {\r | |
453 | Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r | |
454 | if (Key.ScanCode == SCAN_ESC) {\r | |
455 | InputKey = Key.ScanCode;\r | |
456 | }\r | |
457 | if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r | |
458 | InputKey = Key.ScanCode;\r | |
459 | }\r | |
460 | if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r | |
461 | InputKey = Key.ScanCode;\r | |
462 | }\r | |
463 | } \r | |
464 | } while (InputKey == 0);\r | |
465 | \r | |
0c18794e | 466 | if (InputKey != SCAN_ESC) {\r |
467 | return TRUE;\r | |
468 | }\r | |
469 | \r | |
470 | return FALSE;\r | |
471 | }\r | |
472 | \r | |
607599bf | 473 | /**\r |
474 | The constructor function register UNI strings into imageHandle.\r | |
475 | \r | |
476 | It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r | |
477 | \r | |
478 | @param ImageHandle The firmware allocated handle for the EFI image.\r | |
479 | @param SystemTable A pointer to the EFI System Table.\r | |
480 | \r | |
481 | @retval EFI_SUCCESS The constructor successfully added string package.\r | |
482 | @retval Other value The constructor can't add string package.\r | |
483 | \r | |
484 | **/\r | |
485 | EFI_STATUS\r | |
486 | EFIAPI\r | |
487 | TcgPhysicalPresenceLibConstructor (\r | |
488 | IN EFI_HANDLE ImageHandle,\r | |
489 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
490 | )\r | |
491 | {\r | |
6f0b8648 | 492 | mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);\r |
607599bf | 493 | ASSERT (mPpStringPackHandle != NULL);\r |
494 | \r | |
495 | return EFI_SUCCESS;\r | |
496 | }\r | |
497 | \r | |
0c18794e | 498 | /**\r |
499 | Display the confirm text and get user confirmation.\r | |
500 | \r | |
501 | @param[in] TpmPpCommand The requested TPM physical presence command.\r | |
502 | \r | |
607599bf | 503 | @retval TRUE The user has confirmed the changes.\r |
504 | @retval FALSE The user doesn't confirm the changes.\r | |
0c18794e | 505 | **/\r |
506 | BOOLEAN\r | |
507 | UserConfirm (\r | |
508 | IN UINT8 TpmPpCommand\r | |
509 | )\r | |
510 | {\r | |
511 | CHAR16 *ConfirmText;\r | |
512 | CHAR16 *TmpStr1;\r | |
513 | CHAR16 *TmpStr2; \r | |
514 | UINTN BufSize;\r | |
515 | BOOLEAN CautionKey;\r | |
516 | UINT16 Index;\r | |
517 | CHAR16 DstStr[81];\r | |
518 | \r | |
519 | TmpStr2 = NULL;\r | |
520 | CautionKey = FALSE;\r | |
521 | BufSize = CONFIRM_BUFFER_SIZE;\r | |
522 | ConfirmText = AllocateZeroPool (BufSize);\r | |
523 | ASSERT (ConfirmText != NULL);\r | |
524 | \r | |
0c18794e | 525 | switch (TpmPpCommand) {\r |
607599bf | 526 | case PHYSICAL_PRESENCE_ENABLE:\r |
527 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));\r | |
0c18794e | 528 | \r |
607599bf | 529 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 530 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
531 | FreePool (TmpStr1);\r | |
532 | \r | |
607599bf | 533 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 534 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
535 | FreePool (TmpStr1);\r | |
536 | break;\r | |
537 | \r | |
607599bf | 538 | case PHYSICAL_PRESENCE_DISABLE:\r |
539 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));\r | |
0c18794e | 540 | \r |
607599bf | 541 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 542 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
543 | FreePool (TmpStr1);\r | |
544 | \r | |
607599bf | 545 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 546 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
547 | FreePool (TmpStr1);\r | |
548 | \r | |
607599bf | 549 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 550 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
551 | FreePool (TmpStr1);\r | |
552 | break;\r | |
553 | \r | |
607599bf | 554 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
555 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));\r | |
0c18794e | 556 | \r |
607599bf | 557 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 558 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
559 | FreePool (TmpStr1);\r | |
560 | \r | |
607599bf | 561 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 562 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
563 | FreePool (TmpStr1);\r | |
564 | break;\r | |
565 | \r | |
607599bf | 566 | case PHYSICAL_PRESENCE_DEACTIVATE:\r |
567 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));\r | |
0c18794e | 568 | \r |
607599bf | 569 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 570 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
571 | FreePool (TmpStr1);\r | |
572 | \r | |
607599bf | 573 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 574 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
575 | FreePool (TmpStr1);\r | |
576 | \r | |
607599bf | 577 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 578 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
579 | FreePool (TmpStr1); \r | |
580 | break;\r | |
581 | \r | |
607599bf | 582 | case PHYSICAL_PRESENCE_CLEAR:\r |
0c18794e | 583 | CautionKey = TRUE;\r |
607599bf | 584 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r |
0c18794e | 585 | \r |
607599bf | 586 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 587 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
588 | FreePool (TmpStr1);\r | |
589 | \r | |
607599bf | 590 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 591 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
592 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
593 | FreePool (TmpStr1); \r | |
594 | \r | |
607599bf | 595 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 596 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
597 | FreePool (TmpStr1);\r | |
598 | break;\r | |
599 | \r | |
607599bf | 600 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r |
601 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE));\r | |
0c18794e | 602 | \r |
607599bf | 603 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 604 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
605 | FreePool (TmpStr1);\r | |
606 | \r | |
607599bf | 607 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 608 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
609 | FreePool (TmpStr1);\r | |
610 | \r | |
607599bf | 611 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 612 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
613 | FreePool (TmpStr1);\r | |
614 | break;\r | |
615 | \r | |
607599bf | 616 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r |
617 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));\r | |
0c18794e | 618 | \r |
607599bf | 619 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 620 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
621 | FreePool (TmpStr1);\r | |
622 | \r | |
607599bf | 623 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r |
0c18794e | 624 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
625 | FreePool (TmpStr1);\r | |
626 | \r | |
607599bf | 627 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 628 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
629 | FreePool (TmpStr1);\r | |
630 | \r | |
607599bf | 631 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 632 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
633 | FreePool (TmpStr1);\r | |
634 | break;\r | |
635 | \r | |
607599bf | 636 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r |
637 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));\r | |
0c18794e | 638 | \r |
607599bf | 639 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 640 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
641 | FreePool (TmpStr1);\r | |
642 | \r | |
607599bf | 643 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 644 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
645 | FreePool (TmpStr1);\r | |
646 | break;\r | |
647 | \r | |
607599bf | 648 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r |
649 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));\r | |
0c18794e | 650 | \r |
607599bf | 651 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 652 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
653 | FreePool (TmpStr1);\r | |
654 | \r | |
607599bf | 655 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 656 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
657 | FreePool (TmpStr1);\r | |
658 | break;\r | |
659 | \r | |
607599bf | 660 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r |
661 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));\r | |
0c18794e | 662 | \r |
607599bf | 663 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 664 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
665 | FreePool (TmpStr1);\r | |
666 | \r | |
607599bf | 667 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 668 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
669 | FreePool (TmpStr1);\r | |
670 | \r | |
607599bf | 671 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 672 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
673 | FreePool (TmpStr1);\r | |
674 | break;\r | |
675 | \r | |
607599bf | 676 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r |
677 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));\r | |
0c18794e | 678 | \r |
607599bf | 679 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 680 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
681 | FreePool (TmpStr1);\r | |
682 | \r | |
607599bf | 683 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r |
0c18794e | 684 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
685 | FreePool (TmpStr1);\r | |
686 | \r | |
607599bf | 687 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 688 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
689 | FreePool (TmpStr1);\r | |
690 | \r | |
607599bf | 691 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 692 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
693 | FreePool (TmpStr1);\r | |
694 | break;\r | |
695 | \r | |
607599bf | 696 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
0c18794e | 697 | CautionKey = TRUE;\r |
607599bf | 698 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));\r |
0c18794e | 699 | \r |
607599bf | 700 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR)); \r |
0c18794e | 701 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
702 | FreePool (TmpStr1);\r | |
703 | \r | |
607599bf | 704 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r |
0c18794e | 705 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
706 | FreePool (TmpStr1);\r | |
707 | \r | |
607599bf | 708 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 709 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
710 | FreePool (TmpStr1);\r | |
711 | break;\r | |
712 | \r | |
607599bf | 713 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r |
0c18794e | 714 | //\r |
715 | // TPM_SetOperatorAuth\r | |
716 | // This command requires UI to prompt user for Auth data\r | |
717 | // Here it is NOT implemented\r | |
718 | //\r | |
719 | break;\r | |
720 | \r | |
607599bf | 721 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 722 | CautionKey = TRUE;\r |
607599bf | 723 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));\r |
0c18794e | 724 | \r |
607599bf | 725 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 726 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
727 | FreePool (TmpStr1);\r | |
728 | \r | |
607599bf | 729 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 730 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
731 | FreePool (TmpStr1);\r | |
732 | \r | |
607599bf | 733 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 734 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
735 | FreePool (TmpStr1);\r | |
736 | \r | |
607599bf | 737 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r |
0c18794e | 738 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
739 | FreePool (TmpStr1);\r | |
740 | \r | |
607599bf | 741 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 742 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
743 | FreePool (TmpStr1);\r | |
744 | break;\r | |
745 | \r | |
607599bf | 746 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r |
747 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION));\r | |
0c18794e | 748 | \r |
607599bf | 749 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 750 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
751 | FreePool (TmpStr1);\r | |
752 | \r | |
607599bf | 753 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 754 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
755 | FreePool (TmpStr1);\r | |
756 | \r | |
607599bf | 757 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 758 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
759 | FreePool (TmpStr1);\r | |
760 | break;\r | |
761 | \r | |
607599bf | 762 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r |
0c18794e | 763 | CautionKey = TRUE;\r |
607599bf | 764 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r |
0c18794e | 765 | \r |
607599bf | 766 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 767 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
768 | FreePool (TmpStr1);\r | |
769 | \r | |
607599bf | 770 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));\r |
0c18794e | 771 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
772 | FreePool (TmpStr1);\r | |
773 | \r | |
607599bf | 774 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 775 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
776 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
777 | FreePool (TmpStr1); \r | |
778 | \r | |
607599bf | 779 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 780 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
781 | FreePool (TmpStr1);\r | |
782 | \r | |
607599bf | 783 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 784 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
785 | FreePool (TmpStr1);\r | |
786 | break;\r | |
787 | \r | |
607599bf | 788 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r |
0c18794e | 789 | CautionKey = TRUE;\r |
607599bf | 790 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));\r |
0c18794e | 791 | \r |
607599bf | 792 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 793 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
794 | FreePool (TmpStr1);\r | |
795 | \r | |
607599bf | 796 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r |
0c18794e | 797 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
798 | FreePool (TmpStr1);\r | |
799 | \r | |
607599bf | 800 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 801 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
802 | FreePool (TmpStr1);\r | |
803 | \r | |
607599bf | 804 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 805 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
806 | FreePool (TmpStr1);\r | |
807 | break;\r | |
808 | \r | |
607599bf | 809 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r |
0c18794e | 810 | CautionKey = TRUE;\r |
607599bf | 811 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));\r |
0c18794e | 812 | \r |
607599bf | 813 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 814 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
815 | FreePool (TmpStr1);\r | |
816 | \r | |
607599bf | 817 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 818 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
819 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
820 | FreePool (TmpStr1);\r | |
821 | \r | |
607599bf | 822 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 823 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
824 | FreePool (TmpStr1);\r | |
825 | break;\r | |
826 | \r | |
607599bf | 827 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 828 | CautionKey = TRUE;\r |
607599bf | 829 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));\r |
0c18794e | 830 | \r |
607599bf | 831 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 832 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
833 | FreePool (TmpStr1);\r | |
834 | \r | |
607599bf | 835 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 836 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
837 | FreePool (TmpStr1);\r | |
838 | \r | |
607599bf | 839 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 840 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
841 | FreePool (TmpStr1);\r | |
842 | \r | |
607599bf | 843 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r |
0c18794e | 844 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
845 | FreePool (TmpStr1);\r | |
846 | \r | |
607599bf | 847 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 848 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
849 | FreePool (TmpStr1);\r | |
850 | break;\r | |
851 | \r | |
852 | default:\r | |
853 | ;\r | |
854 | }\r | |
855 | \r | |
856 | if (TmpStr2 == NULL) {\r | |
857 | FreePool (ConfirmText);\r | |
858 | return FALSE;\r | |
859 | }\r | |
860 | \r | |
607599bf | 861 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));\r |
0c18794e | 862 | BufSize -= StrSize (ConfirmText);\r |
863 | UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r | |
864 | \r | |
865 | DstStr[80] = L'\0';\r | |
866 | for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r | |
867 | StrnCpy(DstStr, ConfirmText + Index, 80); \r | |
868 | Print (DstStr); \r | |
869 | }\r | |
870 | \r | |
871 | FreePool (TmpStr1);\r | |
872 | FreePool (TmpStr2);\r | |
873 | FreePool (ConfirmText);\r | |
874 | \r | |
875 | if (ReadUserKey (CautionKey)) {\r | |
876 | return TRUE;\r | |
877 | }\r | |
878 | \r | |
879 | return FALSE; \r | |
880 | }\r | |
881 | \r | |
882 | /**\r | |
883 | Check and execute the requested physical presence command.\r | |
607599bf | 884 | \r |
885 | @param[in] TcgProtocol EFI TCG Protocol instance. \r | |
886 | @param[in] TcgPpData Point to the physical presence NV variable.\r | |
0c18794e | 887 | \r |
888 | **/\r | |
889 | VOID\r | |
890 | ExecutePendingTpmRequest (\r | |
607599bf | 891 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
892 | IN EFI_PHYSICAL_PRESENCE *TcgPpData\r | |
0c18794e | 893 | )\r |
894 | {\r | |
895 | EFI_STATUS Status;\r | |
0c18794e | 896 | UINTN DataSize;\r |
897 | UINT8 Flags;\r | |
898 | BOOLEAN RequestConfirmed;\r | |
899 | \r | |
900 | Flags = TcgPpData->Flags;\r | |
901 | RequestConfirmed = FALSE; \r | |
902 | switch (TcgPpData->PPRequest) {\r | |
607599bf | 903 | case PHYSICAL_PRESENCE_NO_ACTION:\r |
0c18794e | 904 | return;\r |
607599bf | 905 | case PHYSICAL_PRESENCE_ENABLE:\r |
906 | case PHYSICAL_PRESENCE_DISABLE:\r | |
907 | case PHYSICAL_PRESENCE_ACTIVATE:\r | |
908 | case PHYSICAL_PRESENCE_DEACTIVATE:\r | |
909 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r | |
910 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r | |
911 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r | |
912 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r | |
913 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r | |
914 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r | |
915 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r | |
0c18794e | 916 | if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r |
917 | RequestConfirmed = TRUE;\r | |
918 | }\r | |
919 | break;\r | |
920 | \r | |
607599bf | 921 | case PHYSICAL_PRESENCE_CLEAR:\r |
922 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r | |
0c18794e | 923 | if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r |
924 | RequestConfirmed = TRUE;\r | |
925 | }\r | |
926 | break;\r | |
927 | \r | |
607599bf | 928 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
0c18794e | 929 | if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r |
930 | RequestConfirmed = TRUE;\r | |
931 | }\r | |
932 | break;\r | |
933 | \r | |
607599bf | 934 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
935 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r | |
0c18794e | 936 | if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r |
937 | RequestConfirmed = TRUE;\r | |
938 | }\r | |
939 | break; \r | |
940 | \r | |
607599bf | 941 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r |
942 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r | |
943 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r | |
0c18794e | 944 | RequestConfirmed = TRUE;\r |
945 | break;\r | |
568e7b27 | 946 | \r |
947 | default:\r | |
948 | //\r | |
949 | // Invalid operation request.\r | |
950 | //\r | |
951 | TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;\r | |
952 | TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r | |
953 | TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r | |
954 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
955 | Status = gRT->SetVariable (\r | |
956 | PHYSICAL_PRESENCE_VARIABLE,\r | |
957 | &gEfiPhysicalPresenceGuid,\r | |
958 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
959 | DataSize,\r | |
960 | TcgPpData\r | |
961 | );\r | |
962 | return;\r | |
0c18794e | 963 | }\r |
964 | \r | |
965 | if ((Flags & FLAG_RESET_TRACK) != 0) {\r | |
966 | //\r | |
967 | // It had been confirmed in last boot, it doesn't need confirm again.\r | |
968 | //\r | |
969 | RequestConfirmed = TRUE;\r | |
970 | }\r | |
971 | \r | |
972 | if (!RequestConfirmed) {\r | |
973 | //\r | |
974 | // Print confirm text and wait for approval. \r | |
975 | //\r | |
976 | RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r | |
977 | }\r | |
978 | \r | |
979 | //\r | |
607599bf | 980 | // Execute requested physical presence command\r |
0c18794e | 981 | //\r |
982 | TcgPpData->PPResponse = TPM_PP_USER_ABORT;\r | |
983 | if (RequestConfirmed) {\r | |
0c18794e | 984 | TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &TcgPpData->Flags);\r |
985 | }\r | |
986 | \r | |
987 | //\r | |
988 | // Clear request\r | |
989 | //\r | |
990 | if ((TcgPpData->Flags & FLAG_RESET_TRACK) == 0) {\r | |
991 | TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r | |
568e7b27 | 992 | TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION; \r |
0c18794e | 993 | }\r |
994 | \r | |
995 | //\r | |
996 | // Save changes\r | |
997 | //\r | |
998 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
999 | Status = gRT->SetVariable (\r | |
1000 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1001 | &gEfiPhysicalPresenceGuid,\r | |
1002 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
1003 | DataSize,\r | |
1004 | TcgPpData\r | |
1005 | );\r | |
1006 | if (EFI_ERROR (Status)) {\r | |
1007 | return;\r | |
1008 | }\r | |
1009 | \r | |
1010 | if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {\r | |
1011 | return;\r | |
1012 | }\r | |
1013 | \r | |
1014 | //\r | |
1015 | // Reset system to make new TPM settings in effect\r | |
1016 | //\r | |
1017 | switch (TcgPpData->LastPPRequest) {\r | |
607599bf | 1018 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
1019 | case PHYSICAL_PRESENCE_DEACTIVATE:\r | |
1020 | case PHYSICAL_PRESENCE_CLEAR:\r | |
1021 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r | |
1022 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r | |
1023 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r | |
1024 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r | |
1025 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r | |
1026 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r | |
1027 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r | |
1028 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: \r | |
0c18794e | 1029 | break;\r |
1030 | default:\r | |
568e7b27 | 1031 | if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {\r |
0c18794e | 1032 | break;\r |
1033 | }\r | |
1034 | return;\r | |
1035 | }\r | |
1036 | \r | |
1037 | Print (L"Rebooting system to make TPM settings in effect\n");\r | |
1038 | gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r | |
1039 | ASSERT (FALSE); \r | |
1040 | }\r | |
1041 | \r | |
1042 | /**\r | |
607599bf | 1043 | Check and execute the pending TPM request and Lock TPM.\r |
0c18794e | 1044 | \r |
607599bf | 1045 | The TPM request may come from OS or BIOS. This API will display request information and wait \r |
1046 | for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r | |
1047 | the TPM request is confirmed, and one or more reset may be required to make TPM request to \r | |
1048 | take effect. At last, it will lock TPM to prevent TPM state change by malware.\r | |
1049 | \r | |
1050 | This API should be invoked after console in and console out are all ready as they are required\r | |
1051 | to display request information and get user input to confirm the request. This API should also \r | |
1052 | be invoked as early as possible as TPM is locked in this function.\r | |
1053 | \r | |
0c18794e | 1054 | **/\r |
1055 | VOID\r | |
1056 | EFIAPI\r | |
607599bf | 1057 | TcgPhysicalPresenceLibProcessRequest (\r |
1058 | VOID\r | |
0c18794e | 1059 | )\r |
1060 | {\r | |
1061 | EFI_STATUS Status;\r | |
1062 | BOOLEAN LifetimeLock;\r | |
1063 | BOOLEAN CmdEnable;\r | |
1064 | UINTN DataSize;\r | |
1065 | EFI_PHYSICAL_PRESENCE TcgPpData;\r | |
607599bf | 1066 | EFI_TCG_PROTOCOL *TcgProtocol;\r |
1067 | \r | |
1068 | Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r | |
1069 | if (EFI_ERROR (Status)) {\r | |
1070 | return ;\r | |
1071 | }\r | |
0c18794e | 1072 | \r |
1073 | //\r | |
607599bf | 1074 | // Initialize physical presence variable.\r |
0c18794e | 1075 | //\r |
1076 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
1077 | Status = gRT->GetVariable (\r | |
1078 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1079 | &gEfiPhysicalPresenceGuid,\r | |
1080 | NULL,\r | |
1081 | &DataSize,\r | |
1082 | &TcgPpData\r | |
1083 | );\r | |
607599bf | 1084 | if (EFI_ERROR (Status)) {\r |
1085 | if (Status == EFI_NOT_FOUND) {\r | |
1086 | ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r | |
1087 | TcgPpData.Flags |= FLAG_NO_PPI_PROVISION;\r | |
1088 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
1089 | Status = gRT->SetVariable (\r | |
1090 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1091 | &gEfiPhysicalPresenceGuid,\r | |
1092 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
1093 | DataSize,\r | |
1094 | &TcgPpData\r | |
1095 | );\r | |
1096 | }\r | |
1097 | ASSERT_EFI_ERROR (Status);\r | |
1098 | }\r | |
1099 | \r | |
0c18794e | 1100 | DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", TcgPpData.Flags, TcgPpData.PPRequest));\r |
607599bf | 1101 | \r |
1102 | Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r | |
0c18794e | 1103 | if (EFI_ERROR (Status)) {\r |
1104 | return ;\r | |
1105 | }\r | |
607599bf | 1106 | \r |
0c18794e | 1107 | if (!CmdEnable) {\r |
1108 | if (LifetimeLock) {\r | |
1109 | //\r | |
1110 | // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r | |
1111 | //\r | |
1112 | return ;\r | |
1113 | }\r | |
607599bf | 1114 | Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r |
0c18794e | 1115 | if (EFI_ERROR (Status)) {\r |
1116 | return ;\r | |
1117 | }\r | |
1118 | }\r | |
607599bf | 1119 | \r |
0c18794e | 1120 | //\r |
1121 | // Set operator physical presence flags\r | |
1122 | //\r | |
607599bf | 1123 | TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT);\r |
1124 | \r | |
0c18794e | 1125 | //\r |
1126 | // Execute pending TPM request.\r | |
1127 | // \r | |
607599bf | 1128 | ExecutePendingTpmRequest (TcgProtocol, &TcgPpData);\r |
0c18794e | 1129 | DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r |
1130 | \r | |
1131 | //\r | |
1132 | // Lock physical presence.\r | |
1133 | //\r | |
607599bf | 1134 | TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r |
0c18794e | 1135 | }\r |
1136 | \r |