Fix TCG PPI request EnableActivateClear failure.
[mirror_edk2.git] / SecurityPkg / Library / DxeTcgPhysicalPresenceLib / DxeTcgPhysicalPresenceLib.c
CommitLineData
0c18794e 1/** @file\r
607599bf 2\r
3 Execute pending TPM requests from OS or BIOS and Lock TPM.\r
4\r
568e7b27 5Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
0c18794e 6This program and the accompanying materials \r
7are licensed and made available under the terms and conditions of the BSD License \r
8which accompanies this distribution. The full text of the license may be found at \r
9http://opensource.org/licenses/bsd-license.php\r
10\r
11THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
12WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
13\r
14**/\r
15\r
607599bf 16#include <PiDxe.h>\r
17\r
18#include <Protocol/TcgService.h>\r
19#include <Library/DebugLib.h>\r
20#include <Library/BaseMemoryLib.h>\r
21#include <Library/UefiRuntimeServicesTableLib.h>\r
22#include <Library/UefiDriverEntryPoint.h>\r
23#include <Library/UefiBootServicesTableLib.h>\r
24#include <Library/UefiLib.h>\r
25#include <Library/MemoryAllocationLib.h>\r
26#include <Library/PrintLib.h>\r
27#include <Library/HiiLib.h>\r
28#include <Guid/EventGroup.h>\r
29#include <Guid/PhysicalPresenceData.h>\r
30\r
31#define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))\r
32#define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))\r
33#define CONFIRM_BUFFER_SIZE 4096\r
0c18794e 34\r
35EFI_HII_HANDLE mPpStringPackHandle;\r
36\r
607599bf 37/**\r
38 Get string by string id from HII Interface.\r
39\r
40 @param[in] Id String ID.\r
41\r
42 @retval CHAR16 * String from ID.\r
43 @retval NULL If error occurs.\r
44\r
45**/\r
46CHAR16 *\r
47PhysicalPresenceGetStringById (\r
48 IN EFI_STRING_ID Id\r
49 )\r
50{\r
51 return HiiGetString (mPpStringPackHandle, Id, NULL);\r
52}\r
53\r
0c18794e 54/**\r
55 Get TPM physical presence permanent flags.\r
56\r
607599bf 57 @param[in] TcgProtocol EFI TCG Protocol instance. \r
58 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag. \r
59 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.\r
0c18794e 60 \r
61 @retval EFI_SUCCESS Flags were returns successfully.\r
62 @retval other Failed to locate EFI TCG Protocol.\r
63\r
64**/\r
65EFI_STATUS\r
66GetTpmCapability (\r
607599bf 67 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
0c18794e 68 OUT BOOLEAN *LifetimeLock,\r
69 OUT BOOLEAN *CmdEnable\r
70 )\r
71{\r
72 EFI_STATUS Status;\r
0c18794e 73 TPM_RQU_COMMAND_HDR *TpmRqu;\r
74 TPM_RSP_COMMAND_HDR *TpmRsp;\r
75 UINT32 *SendBufPtr;\r
76 UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r
77 TPM_PERMANENT_FLAGS *TpmPermanentFlags;\r
78 UINT8 RecvBuffer[40];\r
79 \r
0c18794e 80 //\r
81 // Fill request header\r
82 //\r
83 TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r
84 TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r
85 \r
607599bf 86 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
87 TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));\r
88 TpmRqu->ordinal = SwapBytes32 (TPM_ORD_GetCapability);\r
0c18794e 89\r
90 //\r
91 // Set request parameter\r
92 //\r
93 SendBufPtr = (UINT32*)(TpmRqu + 1);\r
607599bf 94 WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));\r
95 WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));\r
96 WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT)); \r
0c18794e 97 \r
98 Status = TcgProtocol->PassThroughToTpm (\r
99 TcgProtocol,\r
100 sizeof (SendBuffer),\r
101 (UINT8*)TpmRqu,\r
102 sizeof (RecvBuffer),\r
103 (UINT8*)&RecvBuffer\r
104 );\r
105 ASSERT_EFI_ERROR (Status);\r
607599bf 106 ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
0c18794e 107 ASSERT (TpmRsp->returnCode == 0);\r
108 \r
109 TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r
110 \r
111 if (LifetimeLock != NULL) {\r
112 *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r
113 }\r
114\r
115 if (CmdEnable != NULL) {\r
116 *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r
117 }\r
118\r
119 return Status;\r
120}\r
121\r
122/**\r
123 Issue TSC_PhysicalPresence command to TPM.\r
124\r
607599bf 125 @param[in] TcgProtocol EFI TCG Protocol instance. \r
0c18794e 126 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags. \r
127 \r
128 @retval EFI_SUCCESS TPM executed the command successfully.\r
129 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.\r
130 @retval other Failed to locate EFI TCG Protocol.\r
131\r
132**/\r
133EFI_STATUS\r
134TpmPhysicalPresence (\r
607599bf 135 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
0c18794e 136 IN TPM_PHYSICAL_PRESENCE PhysicalPresence\r
137 )\r
138{\r
139 EFI_STATUS Status;\r
0c18794e 140 TPM_RQU_COMMAND_HDR *TpmRqu;\r
141 TPM_PHYSICAL_PRESENCE *TpmPp;\r
142 TPM_RSP_COMMAND_HDR TpmRsp;\r
143 UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r
144\r
0c18794e 145 TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r
146 TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r
147\r
607599bf 148 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
149 TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));\r
150 TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);\r
151 WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence)); \r
0c18794e 152\r
153 Status = TcgProtocol->PassThroughToTpm (\r
154 TcgProtocol,\r
155 sizeof (Buffer),\r
156 (UINT8*)TpmRqu,\r
157 sizeof (TpmRsp),\r
158 (UINT8*)&TpmRsp\r
159 );\r
160 ASSERT_EFI_ERROR (Status);\r
607599bf 161 ASSERT (TpmRsp.tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
0c18794e 162 if (TpmRsp.returnCode != 0) {\r
163 //\r
164 // If it fails, some requirements may be needed for this command.\r
165 //\r
166 return EFI_SECURITY_VIOLATION;\r
167 }\r
607599bf 168 \r
0c18794e 169 return Status;\r
170}\r
171\r
172/**\r
173 Issue a TPM command for which no additional output data will be returned.\r
174\r
175 @param[in] TcgProtocol EFI TCG Protocol instance. \r
176 @param[in] Ordinal TPM command code. \r
177 @param[in] AdditionalParameterSize Additional parameter size. \r
178 @param[in] AdditionalParameters Pointer to the Additional paramaters. \r
179 \r
180 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
181 receiving response from TPM.\r
182 @retval Others Return code from the TPM device after command execution.\r
183\r
184**/\r
185TPM_RESULT\r
186TpmCommandNoReturnData (\r
187 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
188 IN TPM_COMMAND_CODE Ordinal,\r
189 IN UINTN AdditionalParameterSize,\r
190 IN VOID *AdditionalParameters\r
191 )\r
192{\r
193 EFI_STATUS Status;\r
194 TPM_RQU_COMMAND_HDR *TpmRqu;\r
195 TPM_RSP_COMMAND_HDR TpmRsp;\r
196 UINT32 Size;\r
197\r
607599bf 198 TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);\r
0c18794e 199 if (TpmRqu == NULL) {\r
200 return TPM_PP_BIOS_FAILURE;\r
201 }\r
202\r
607599bf 203 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
0c18794e 204 Size = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r
607599bf 205 TpmRqu->paramSize = SwapBytes32 (Size);\r
206 TpmRqu->ordinal = SwapBytes32 (Ordinal);\r
207 CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r
0c18794e 208\r
209 Status = TcgProtocol->PassThroughToTpm (\r
210 TcgProtocol,\r
211 Size,\r
212 (UINT8*)TpmRqu,\r
213 (UINT32)sizeof (TpmRsp),\r
214 (UINT8*)&TpmRsp\r
215 );\r
216 FreePool (TpmRqu);\r
607599bf 217 if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {\r
0c18794e 218 return TPM_PP_BIOS_FAILURE;\r
219 }\r
607599bf 220 return SwapBytes32 (TpmRsp.returnCode);\r
0c18794e 221}\r
222\r
223/**\r
224 Execute physical presence operation requested by the OS.\r
225\r
607599bf 226 @param[in] TcgProtocol EFI TCG Protocol instance.\r
227 @param[in] CommandCode Physical presence operation value.\r
228 @param[in, out] PpiFlags The physical presence interface flags.\r
0c18794e 229 \r
230 @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.\r
231 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
232 receiving response from TPM.\r
233 @retval Others Return code from the TPM device after command execution.\r
234\r
235**/\r
236TPM_RESULT\r
237ExecutePhysicalPresence (\r
238 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
239 IN UINT8 CommandCode,\r
240 IN OUT UINT8 *PpiFlags\r
241 )\r
242{\r
243 BOOLEAN BoolVal;\r
244 TPM_RESULT TpmResponse;\r
245 UINT32 InData[5];\r
246\r
247 switch (CommandCode) {\r
607599bf 248 case PHYSICAL_PRESENCE_ENABLE:\r
0c18794e 249 return TpmCommandNoReturnData (\r
250 TcgProtocol,\r
251 TPM_ORD_PhysicalEnable,\r
252 0,\r
253 NULL\r
254 );\r
255\r
607599bf 256 case PHYSICAL_PRESENCE_DISABLE:\r
0c18794e 257 return TpmCommandNoReturnData (\r
258 TcgProtocol,\r
259 TPM_ORD_PhysicalDisable,\r
260 0,\r
261 NULL\r
262 );\r
263\r
607599bf 264 case PHYSICAL_PRESENCE_ACTIVATE:\r
0c18794e 265 BoolVal = FALSE;\r
266 return TpmCommandNoReturnData (\r
267 TcgProtocol,\r
268 TPM_ORD_PhysicalSetDeactivated,\r
269 sizeof (BoolVal),\r
270 &BoolVal\r
271 );\r
272\r
607599bf 273 case PHYSICAL_PRESENCE_DEACTIVATE:\r
0c18794e 274 BoolVal = TRUE;\r
275 return TpmCommandNoReturnData (\r
276 TcgProtocol,\r
277 TPM_ORD_PhysicalSetDeactivated,\r
278 sizeof (BoolVal),\r
279 &BoolVal\r
280 );\r
281\r
607599bf 282 case PHYSICAL_PRESENCE_CLEAR:\r
0c18794e 283 return TpmCommandNoReturnData (\r
284 TcgProtocol,\r
285 TPM_ORD_ForceClear,\r
286 0,\r
287 NULL\r
288 );\r
289\r
607599bf 290 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
291 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE, PpiFlags);\r
0c18794e 292 if (TpmResponse == 0) {\r
607599bf 293 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);\r
0c18794e 294 }\r
295 return TpmResponse;\r
296\r
607599bf 297 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
298 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE, PpiFlags);\r
0c18794e 299 if (TpmResponse == 0) {\r
607599bf 300 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);\r
0c18794e 301 }\r
302 return TpmResponse;\r
303\r
607599bf 304 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
0c18794e 305 BoolVal = TRUE;\r
306 return TpmCommandNoReturnData (\r
307 TcgProtocol,\r
308 TPM_ORD_SetOwnerInstall,\r
309 sizeof (BoolVal),\r
310 &BoolVal\r
311 );\r
312\r
607599bf 313 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
0c18794e 314 BoolVal = FALSE;\r
315 return TpmCommandNoReturnData (\r
316 TcgProtocol,\r
317 TPM_ORD_SetOwnerInstall,\r
318 sizeof (BoolVal),\r
319 &BoolVal\r
320 );\r
321\r
607599bf 322 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
0c18794e 323 //\r
607599bf 324 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE\r
325 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot\r
0c18794e 326 //\r
327 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
607599bf 328 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 329 *PpiFlags |= FLAG_RESET_TRACK;\r
330 } else {\r
607599bf 331 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);\r
0c18794e 332 *PpiFlags &= ~FLAG_RESET_TRACK;\r
333 }\r
334 return TpmResponse;\r
335\r
607599bf 336 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
337 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE, PpiFlags);\r
0c18794e 338 if (TpmResponse == 0) {\r
607599bf 339 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);\r
0c18794e 340 }\r
341 return TpmResponse;\r
342\r
607599bf 343 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
344 InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA); // CapabilityArea\r
345 InData[1] = SwapBytes32 (sizeof(UINT32)); // SubCapSize\r
346 InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r
347 InData[3] = SwapBytes32 (sizeof(UINT32)); // SetValueSize\r
348 InData[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0\r
0c18794e 349 return TpmCommandNoReturnData (\r
350 TcgProtocol,\r
351 TPM_ORD_SetCapability,\r
352 sizeof (UINT32) * 5,\r
353 InData\r
354 );\r
355\r
607599bf 356 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 357 //\r
358 // TPM_SetOperatorAuth\r
359 // This command requires UI to prompt user for Auth data\r
360 // Here it is NOT implemented\r
361 //\r
362 return TPM_PP_BIOS_FAILURE;\r
363\r
607599bf 364 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
365 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
0c18794e 366 if (TpmResponse == 0) {\r
607599bf 367 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 368 }\r
369 return TpmResponse;\r
370\r
607599bf 371 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
0c18794e 372 *PpiFlags &= ~FLAG_NO_PPI_PROVISION;\r
373 return 0;\r
374\r
607599bf 375 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
0c18794e 376 *PpiFlags |= FLAG_NO_PPI_PROVISION;\r
377 return 0;\r
378\r
607599bf 379 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
0c18794e 380 *PpiFlags &= ~FLAG_NO_PPI_CLEAR;\r
381 return 0;\r
382\r
607599bf 383 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
0c18794e 384 *PpiFlags |= FLAG_NO_PPI_CLEAR;\r
385 return 0;\r
386\r
607599bf 387 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
0c18794e 388 *PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;\r
389 return 0;\r
390\r
607599bf 391 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
0c18794e 392 *PpiFlags |= FLAG_NO_PPI_MAINTENANCE;\r
393 return 0;\r
394 \r
607599bf 395 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
1f728ac7 396 //\r
397 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR\r
398 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.\r
399 //\r
400 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
401 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
402 *PpiFlags |= FLAG_RESET_TRACK;\r
403 } else {\r
607599bf 404 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
1f728ac7 405 *PpiFlags &= ~FLAG_RESET_TRACK;\r
0c18794e 406 }\r
407 return TpmResponse;\r
408\r
607599bf 409 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 410 //\r
607599bf 411 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE\r
1f728ac7 412 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.\r
0c18794e 413 //\r
414 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
607599bf 415 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 416 *PpiFlags |= FLAG_RESET_TRACK;\r
417 } else {\r
607599bf 418 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 419 *PpiFlags &= ~FLAG_RESET_TRACK;\r
420 } \r
421 return TpmResponse;\r
422\r
423 default:\r
424 ;\r
425 }\r
426 return TPM_PP_BIOS_FAILURE;\r
427}\r
428\r
429\r
430/**\r
431 Read the specified key for user confirmation.\r
432\r
433 @param[in] CautionKey If true, F12 is used as confirm key;\r
434 If false, F10 is used as confirm key.\r
435\r
436 @retval TRUE User confirmed the changes by input.\r
437 @retval FALSE User discarded the changes.\r
438\r
439**/\r
440BOOLEAN\r
441ReadUserKey (\r
442 IN BOOLEAN CautionKey\r
443 )\r
444{\r
445 EFI_STATUS Status;\r
446 EFI_INPUT_KEY Key;\r
447 UINT16 InputKey;\r
0c18794e 448 \r
449 InputKey = 0; \r
450 do {\r
451 Status = gBS->CheckEvent (gST->ConIn->WaitForKey);\r
452 if (!EFI_ERROR (Status)) {\r
453 Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r
454 if (Key.ScanCode == SCAN_ESC) {\r
455 InputKey = Key.ScanCode;\r
456 }\r
457 if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r
458 InputKey = Key.ScanCode;\r
459 }\r
460 if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r
461 InputKey = Key.ScanCode;\r
462 }\r
463 } \r
464 } while (InputKey == 0);\r
465\r
0c18794e 466 if (InputKey != SCAN_ESC) {\r
467 return TRUE;\r
468 }\r
469 \r
470 return FALSE;\r
471}\r
472\r
607599bf 473/**\r
474 The constructor function register UNI strings into imageHandle.\r
475 \r
476 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r
477\r
478 @param ImageHandle The firmware allocated handle for the EFI image.\r
479 @param SystemTable A pointer to the EFI System Table.\r
480 \r
481 @retval EFI_SUCCESS The constructor successfully added string package.\r
482 @retval Other value The constructor can't add string package.\r
483\r
484**/\r
485EFI_STATUS\r
486EFIAPI\r
487TcgPhysicalPresenceLibConstructor (\r
488 IN EFI_HANDLE ImageHandle,\r
489 IN EFI_SYSTEM_TABLE *SystemTable\r
490 )\r
491{\r
6f0b8648 492 mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);\r
607599bf 493 ASSERT (mPpStringPackHandle != NULL);\r
494\r
495 return EFI_SUCCESS;\r
496}\r
497\r
0c18794e 498/**\r
499 Display the confirm text and get user confirmation.\r
500\r
501 @param[in] TpmPpCommand The requested TPM physical presence command.\r
502\r
607599bf 503 @retval TRUE The user has confirmed the changes.\r
504 @retval FALSE The user doesn't confirm the changes.\r
0c18794e 505**/\r
506BOOLEAN\r
507UserConfirm (\r
508 IN UINT8 TpmPpCommand\r
509 )\r
510{\r
511 CHAR16 *ConfirmText;\r
512 CHAR16 *TmpStr1;\r
513 CHAR16 *TmpStr2; \r
514 UINTN BufSize;\r
515 BOOLEAN CautionKey;\r
516 UINT16 Index;\r
517 CHAR16 DstStr[81];\r
518 \r
519 TmpStr2 = NULL;\r
520 CautionKey = FALSE;\r
521 BufSize = CONFIRM_BUFFER_SIZE;\r
522 ConfirmText = AllocateZeroPool (BufSize);\r
523 ASSERT (ConfirmText != NULL);\r
524\r
0c18794e 525 switch (TpmPpCommand) {\r
607599bf 526 case PHYSICAL_PRESENCE_ENABLE:\r
527 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));\r
0c18794e 528 \r
607599bf 529 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 530 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
531 FreePool (TmpStr1);\r
532\r
607599bf 533 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 534 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
535 FreePool (TmpStr1);\r
536 break;\r
537\r
607599bf 538 case PHYSICAL_PRESENCE_DISABLE:\r
539 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));\r
0c18794e 540 \r
607599bf 541 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 542 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
543 FreePool (TmpStr1);\r
544\r
607599bf 545 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 546 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
547 FreePool (TmpStr1);\r
548\r
607599bf 549 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 550 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
551 FreePool (TmpStr1);\r
552 break;\r
553 \r
607599bf 554 case PHYSICAL_PRESENCE_ACTIVATE:\r
555 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));\r
0c18794e 556 \r
607599bf 557 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 558 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
559 FreePool (TmpStr1);\r
560\r
607599bf 561 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 562 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
563 FreePool (TmpStr1);\r
564 break;\r
565\r
607599bf 566 case PHYSICAL_PRESENCE_DEACTIVATE:\r
567 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));\r
0c18794e 568\r
607599bf 569 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 570 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
571 FreePool (TmpStr1);\r
572\r
607599bf 573 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 574 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
575 FreePool (TmpStr1);\r
576\r
607599bf 577 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 578 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
579 FreePool (TmpStr1); \r
580 break;\r
581\r
607599bf 582 case PHYSICAL_PRESENCE_CLEAR:\r
0c18794e 583 CautionKey = TRUE;\r
607599bf 584 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
0c18794e 585\r
607599bf 586 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 587 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
588 FreePool (TmpStr1);\r
589\r
607599bf 590 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 591 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
592 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
593 FreePool (TmpStr1); \r
594\r
607599bf 595 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 596 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
597 FreePool (TmpStr1);\r
598 break;\r
599\r
607599bf 600 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
601 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE));\r
0c18794e 602\r
607599bf 603 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 604 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
605 FreePool (TmpStr1);\r
606\r
607599bf 607 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 608 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
609 FreePool (TmpStr1);\r
610\r
607599bf 611 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 612 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
613 FreePool (TmpStr1);\r
614 break;\r
615\r
607599bf 616 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
617 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));\r
0c18794e 618 \r
607599bf 619 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 620 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
621 FreePool (TmpStr1);\r
622\r
607599bf 623 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
0c18794e 624 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
625 FreePool (TmpStr1);\r
626 \r
607599bf 627 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 628 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
629 FreePool (TmpStr1);\r
630\r
607599bf 631 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 632 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
633 FreePool (TmpStr1);\r
634 break;\r
635\r
607599bf 636 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
637 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));\r
0c18794e 638 \r
607599bf 639 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 640 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
641 FreePool (TmpStr1);\r
642\r
607599bf 643 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 644 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
645 FreePool (TmpStr1);\r
646 break;\r
647\r
607599bf 648 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
649 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));\r
0c18794e 650 \r
607599bf 651 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 652 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
653 FreePool (TmpStr1);\r
654\r
607599bf 655 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 656 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
657 FreePool (TmpStr1);\r
658 break;\r
659\r
607599bf 660 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
661 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));\r
0c18794e 662\r
607599bf 663 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 664 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
665 FreePool (TmpStr1);\r
666\r
607599bf 667 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 668 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
669 FreePool (TmpStr1);\r
670\r
607599bf 671 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 672 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
673 FreePool (TmpStr1);\r
674 break;\r
675\r
607599bf 676 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
677 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));\r
0c18794e 678 \r
607599bf 679 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 680 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
681 FreePool (TmpStr1);\r
682\r
607599bf 683 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
0c18794e 684 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
685 FreePool (TmpStr1);\r
686 \r
607599bf 687 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 688 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
689 FreePool (TmpStr1);\r
690\r
607599bf 691 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 692 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
693 FreePool (TmpStr1);\r
694 break;\r
695\r
607599bf 696 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
0c18794e 697 CautionKey = TRUE;\r
607599bf 698 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));\r
0c18794e 699 \r
607599bf 700 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR)); \r
0c18794e 701 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
702 FreePool (TmpStr1);\r
703 \r
607599bf 704 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
0c18794e 705 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
706 FreePool (TmpStr1);\r
707\r
607599bf 708 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 709 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
710 FreePool (TmpStr1);\r
711 break;\r
712\r
607599bf 713 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 714 //\r
715 // TPM_SetOperatorAuth\r
716 // This command requires UI to prompt user for Auth data\r
717 // Here it is NOT implemented\r
718 //\r
719 break;\r
720\r
607599bf 721 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 722 CautionKey = TRUE;\r
607599bf 723 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));\r
0c18794e 724\r
607599bf 725 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 726 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
727 FreePool (TmpStr1);\r
728\r
607599bf 729 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 730 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
731 FreePool (TmpStr1);\r
732\r
607599bf 733 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 734 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
735 FreePool (TmpStr1);\r
736\r
607599bf 737 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
0c18794e 738 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
739 FreePool (TmpStr1);\r
740\r
607599bf 741 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 742 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
743 FreePool (TmpStr1);\r
744 break;\r
745\r
607599bf 746 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
747 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION));\r
0c18794e 748\r
607599bf 749 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 750 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
751 FreePool (TmpStr1);\r
752\r
607599bf 753 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 754 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
755 FreePool (TmpStr1);\r
756\r
607599bf 757 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 758 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
759 FreePool (TmpStr1);\r
760 break;\r
761\r
607599bf 762 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
0c18794e 763 CautionKey = TRUE;\r
607599bf 764 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
0c18794e 765\r
607599bf 766 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 767 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
768 FreePool (TmpStr1);\r
769\r
607599bf 770 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));\r
0c18794e 771 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
772 FreePool (TmpStr1);\r
773\r
607599bf 774 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 775 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
776 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
777 FreePool (TmpStr1); \r
778\r
607599bf 779 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 780 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
781 FreePool (TmpStr1);\r
782\r
607599bf 783 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 784 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
785 FreePool (TmpStr1);\r
786 break;\r
787\r
607599bf 788 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
0c18794e 789 CautionKey = TRUE;\r
607599bf 790 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));\r
0c18794e 791\r
607599bf 792 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 793 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
794 FreePool (TmpStr1);\r
795\r
607599bf 796 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
0c18794e 797 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
798 FreePool (TmpStr1);\r
799\r
607599bf 800 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 801 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
802 FreePool (TmpStr1);\r
803\r
607599bf 804 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 805 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
806 FreePool (TmpStr1);\r
807 break;\r
808\r
607599bf 809 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
0c18794e 810 CautionKey = TRUE;\r
607599bf 811 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));\r
0c18794e 812\r
607599bf 813 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 814 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
815 FreePool (TmpStr1);\r
816\r
607599bf 817 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 818 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
819 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
820 FreePool (TmpStr1);\r
821\r
607599bf 822 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 823 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
824 FreePool (TmpStr1);\r
825 break;\r
826\r
607599bf 827 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 828 CautionKey = TRUE;\r
607599bf 829 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));\r
0c18794e 830\r
607599bf 831 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 832 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
833 FreePool (TmpStr1);\r
834\r
607599bf 835 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 836 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
837 FreePool (TmpStr1);\r
838\r
607599bf 839 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 840 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
841 FreePool (TmpStr1);\r
842\r
607599bf 843 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
0c18794e 844 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
845 FreePool (TmpStr1);\r
846\r
607599bf 847 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 848 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
849 FreePool (TmpStr1);\r
850 break;\r
851\r
852 default:\r
853 ;\r
854 }\r
855\r
856 if (TmpStr2 == NULL) {\r
857 FreePool (ConfirmText);\r
858 return FALSE;\r
859 }\r
860\r
607599bf 861 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));\r
0c18794e 862 BufSize -= StrSize (ConfirmText);\r
863 UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r
864\r
865 DstStr[80] = L'\0';\r
866 for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r
867 StrnCpy(DstStr, ConfirmText + Index, 80); \r
868 Print (DstStr); \r
869 }\r
870 \r
871 FreePool (TmpStr1);\r
872 FreePool (TmpStr2);\r
873 FreePool (ConfirmText);\r
874\r
875 if (ReadUserKey (CautionKey)) {\r
876 return TRUE;\r
877 }\r
878\r
879 return FALSE; \r
880}\r
881\r
882/**\r
883 Check and execute the requested physical presence command.\r
607599bf 884\r
885 @param[in] TcgProtocol EFI TCG Protocol instance. \r
886 @param[in] TcgPpData Point to the physical presence NV variable.\r
0c18794e 887\r
888**/\r
889VOID\r
890ExecutePendingTpmRequest (\r
607599bf 891 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
892 IN EFI_PHYSICAL_PRESENCE *TcgPpData\r
0c18794e 893 )\r
894{\r
895 EFI_STATUS Status;\r
0c18794e 896 UINTN DataSize;\r
897 UINT8 Flags;\r
898 BOOLEAN RequestConfirmed;\r
899\r
900 Flags = TcgPpData->Flags;\r
901 RequestConfirmed = FALSE; \r
902 switch (TcgPpData->PPRequest) {\r
607599bf 903 case PHYSICAL_PRESENCE_NO_ACTION:\r
0c18794e 904 return;\r
607599bf 905 case PHYSICAL_PRESENCE_ENABLE:\r
906 case PHYSICAL_PRESENCE_DISABLE:\r
907 case PHYSICAL_PRESENCE_ACTIVATE:\r
908 case PHYSICAL_PRESENCE_DEACTIVATE:\r
909 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
910 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
911 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
912 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
913 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
914 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
915 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 916 if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
917 RequestConfirmed = TRUE;\r
918 }\r
919 break;\r
920\r
607599bf 921 case PHYSICAL_PRESENCE_CLEAR:\r
922 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
0c18794e 923 if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
924 RequestConfirmed = TRUE;\r
925 }\r
926 break;\r
927\r
607599bf 928 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
0c18794e 929 if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
930 RequestConfirmed = TRUE;\r
931 }\r
932 break;\r
933\r
607599bf 934 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
935 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 936 if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
937 RequestConfirmed = TRUE;\r
938 }\r
939 break; \r
940\r
607599bf 941 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
942 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
943 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
0c18794e 944 RequestConfirmed = TRUE;\r
945 break;\r
568e7b27 946 \r
947 default:\r
948 //\r
949 // Invalid operation request.\r
950 //\r
951 TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;\r
952 TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
953 TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r
954 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
955 Status = gRT->SetVariable (\r
956 PHYSICAL_PRESENCE_VARIABLE,\r
957 &gEfiPhysicalPresenceGuid,\r
958 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
959 DataSize,\r
960 TcgPpData\r
961 );\r
962 return;\r
0c18794e 963 }\r
964\r
965 if ((Flags & FLAG_RESET_TRACK) != 0) {\r
966 //\r
967 // It had been confirmed in last boot, it doesn't need confirm again.\r
968 //\r
969 RequestConfirmed = TRUE;\r
970 }\r
971\r
972 if (!RequestConfirmed) {\r
973 //\r
974 // Print confirm text and wait for approval. \r
975 //\r
976 RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r
977 }\r
978\r
979 //\r
607599bf 980 // Execute requested physical presence command\r
0c18794e 981 //\r
982 TcgPpData->PPResponse = TPM_PP_USER_ABORT;\r
983 if (RequestConfirmed) {\r
0c18794e 984 TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &TcgPpData->Flags);\r
985 }\r
986\r
987 //\r
988 // Clear request\r
989 //\r
990 if ((TcgPpData->Flags & FLAG_RESET_TRACK) == 0) {\r
991 TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
568e7b27 992 TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION; \r
0c18794e 993 }\r
994\r
995 //\r
996 // Save changes\r
997 //\r
998 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
999 Status = gRT->SetVariable (\r
1000 PHYSICAL_PRESENCE_VARIABLE,\r
1001 &gEfiPhysicalPresenceGuid,\r
1002 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
1003 DataSize,\r
1004 TcgPpData\r
1005 );\r
1006 if (EFI_ERROR (Status)) {\r
1007 return;\r
1008 }\r
1009\r
1010 if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {\r
1011 return;\r
1012 }\r
1013\r
1014 //\r
1015 // Reset system to make new TPM settings in effect\r
1016 //\r
1017 switch (TcgPpData->LastPPRequest) {\r
607599bf 1018 case PHYSICAL_PRESENCE_ACTIVATE:\r
1019 case PHYSICAL_PRESENCE_DEACTIVATE:\r
1020 case PHYSICAL_PRESENCE_CLEAR:\r
1021 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
1022 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
1023 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
1024 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
1025 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
1026 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
1027 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
1028 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: \r
0c18794e 1029 break;\r
1030 default:\r
568e7b27 1031 if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {\r
0c18794e 1032 break;\r
1033 }\r
1034 return;\r
1035 }\r
1036\r
1037 Print (L"Rebooting system to make TPM settings in effect\n");\r
1038 gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r
1039 ASSERT (FALSE); \r
1040}\r
1041\r
1042/**\r
607599bf 1043 Check and execute the pending TPM request and Lock TPM.\r
0c18794e 1044\r
607599bf 1045 The TPM request may come from OS or BIOS. This API will display request information and wait \r
1046 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r
1047 the TPM request is confirmed, and one or more reset may be required to make TPM request to \r
1048 take effect. At last, it will lock TPM to prevent TPM state change by malware.\r
1049 \r
1050 This API should be invoked after console in and console out are all ready as they are required\r
1051 to display request information and get user input to confirm the request. This API should also \r
1052 be invoked as early as possible as TPM is locked in this function.\r
1053 \r
0c18794e 1054**/\r
1055VOID\r
1056EFIAPI\r
607599bf 1057TcgPhysicalPresenceLibProcessRequest (\r
1058 VOID\r
0c18794e 1059 )\r
1060{\r
1061 EFI_STATUS Status;\r
1062 BOOLEAN LifetimeLock;\r
1063 BOOLEAN CmdEnable;\r
1064 UINTN DataSize;\r
1065 EFI_PHYSICAL_PRESENCE TcgPpData;\r
607599bf 1066 EFI_TCG_PROTOCOL *TcgProtocol;\r
1067 \r
1068 Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
1069 if (EFI_ERROR (Status)) {\r
1070 return ;\r
1071 }\r
0c18794e 1072 \r
1073 //\r
607599bf 1074 // Initialize physical presence variable.\r
0c18794e 1075 //\r
1076 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1077 Status = gRT->GetVariable (\r
1078 PHYSICAL_PRESENCE_VARIABLE,\r
1079 &gEfiPhysicalPresenceGuid,\r
1080 NULL,\r
1081 &DataSize,\r
1082 &TcgPpData\r
1083 );\r
607599bf 1084 if (EFI_ERROR (Status)) {\r
1085 if (Status == EFI_NOT_FOUND) {\r
1086 ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r
1087 TcgPpData.Flags |= FLAG_NO_PPI_PROVISION;\r
1088 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1089 Status = gRT->SetVariable (\r
1090 PHYSICAL_PRESENCE_VARIABLE,\r
1091 &gEfiPhysicalPresenceGuid,\r
1092 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
1093 DataSize,\r
1094 &TcgPpData\r
1095 );\r
1096 }\r
1097 ASSERT_EFI_ERROR (Status);\r
1098 }\r
1099\r
0c18794e 1100 DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", TcgPpData.Flags, TcgPpData.PPRequest));\r
607599bf 1101\r
1102 Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r
0c18794e 1103 if (EFI_ERROR (Status)) {\r
1104 return ;\r
1105 }\r
607599bf 1106 \r
0c18794e 1107 if (!CmdEnable) {\r
1108 if (LifetimeLock) {\r
1109 //\r
1110 // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r
1111 //\r
1112 return ;\r
1113 }\r
607599bf 1114 Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r
0c18794e 1115 if (EFI_ERROR (Status)) {\r
1116 return ;\r
1117 }\r
1118 }\r
607599bf 1119 \r
0c18794e 1120 //\r
1121 // Set operator physical presence flags\r
1122 //\r
607599bf 1123 TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT);\r
1124\r
0c18794e 1125 //\r
1126 // Execute pending TPM request.\r
1127 // \r
607599bf 1128 ExecutePendingTpmRequest (TcgProtocol, &TcgPpData);\r
0c18794e 1129 DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r
1130\r
1131 //\r
1132 // Lock physical presence.\r
1133 //\r
607599bf 1134 TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r
0c18794e 1135}\r
1136\r