]>
Commit | Line | Data |
---|---|---|
0c18794e | 1 | /** @file\r |
607599bf | 2 | \r |
3 | Execute pending TPM requests from OS or BIOS and Lock TPM.\r | |
4 | \r | |
dc204d5a JY |
5 | Caution: This module requires additional review when modified.\r |
6 | This driver will have external input - variable.\r | |
7 | This external input must be validated carefully to avoid security issue.\r | |
8 | \r | |
9 | ExecutePendingTpmRequest() will receive untrusted input and do validation.\r | |
10 | \r | |
568e7b27 | 11 | Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r |
0c18794e | 12 | This program and the accompanying materials \r |
13 | are licensed and made available under the terms and conditions of the BSD License \r | |
14 | which accompanies this distribution. The full text of the license may be found at \r | |
15 | http://opensource.org/licenses/bsd-license.php\r | |
16 | \r | |
17 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
18 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
19 | \r | |
20 | **/\r | |
21 | \r | |
607599bf | 22 | #include <PiDxe.h>\r |
23 | \r | |
24 | #include <Protocol/TcgService.h>\r | |
25 | #include <Library/DebugLib.h>\r | |
26 | #include <Library/BaseMemoryLib.h>\r | |
27 | #include <Library/UefiRuntimeServicesTableLib.h>\r | |
28 | #include <Library/UefiDriverEntryPoint.h>\r | |
29 | #include <Library/UefiBootServicesTableLib.h>\r | |
30 | #include <Library/UefiLib.h>\r | |
31 | #include <Library/MemoryAllocationLib.h>\r | |
32 | #include <Library/PrintLib.h>\r | |
33 | #include <Library/HiiLib.h>\r | |
34 | #include <Guid/EventGroup.h>\r | |
35 | #include <Guid/PhysicalPresenceData.h>\r | |
36 | \r | |
37 | #define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))\r | |
38 | #define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))\r | |
39 | #define CONFIRM_BUFFER_SIZE 4096\r | |
0c18794e | 40 | \r |
41 | EFI_HII_HANDLE mPpStringPackHandle;\r | |
42 | \r | |
607599bf | 43 | /**\r |
44 | Get string by string id from HII Interface.\r | |
45 | \r | |
46 | @param[in] Id String ID.\r | |
47 | \r | |
48 | @retval CHAR16 * String from ID.\r | |
49 | @retval NULL If error occurs.\r | |
50 | \r | |
51 | **/\r | |
52 | CHAR16 *\r | |
53 | PhysicalPresenceGetStringById (\r | |
54 | IN EFI_STRING_ID Id\r | |
55 | )\r | |
56 | {\r | |
57 | return HiiGetString (mPpStringPackHandle, Id, NULL);\r | |
58 | }\r | |
59 | \r | |
0c18794e | 60 | /**\r |
61 | Get TPM physical presence permanent flags.\r | |
62 | \r | |
607599bf | 63 | @param[in] TcgProtocol EFI TCG Protocol instance. \r |
64 | @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag. \r | |
65 | @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.\r | |
0c18794e | 66 | \r |
67 | @retval EFI_SUCCESS Flags were returns successfully.\r | |
68 | @retval other Failed to locate EFI TCG Protocol.\r | |
69 | \r | |
70 | **/\r | |
71 | EFI_STATUS\r | |
72 | GetTpmCapability (\r | |
607599bf | 73 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
0c18794e | 74 | OUT BOOLEAN *LifetimeLock,\r |
75 | OUT BOOLEAN *CmdEnable\r | |
76 | )\r | |
77 | {\r | |
78 | EFI_STATUS Status;\r | |
0c18794e | 79 | TPM_RQU_COMMAND_HDR *TpmRqu;\r |
80 | TPM_RSP_COMMAND_HDR *TpmRsp;\r | |
81 | UINT32 *SendBufPtr;\r | |
82 | UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r | |
83 | TPM_PERMANENT_FLAGS *TpmPermanentFlags;\r | |
84 | UINT8 RecvBuffer[40];\r | |
85 | \r | |
0c18794e | 86 | //\r |
87 | // Fill request header\r | |
88 | //\r | |
89 | TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r | |
90 | TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r | |
91 | \r | |
607599bf | 92 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
93 | TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));\r | |
94 | TpmRqu->ordinal = SwapBytes32 (TPM_ORD_GetCapability);\r | |
0c18794e | 95 | \r |
96 | //\r | |
97 | // Set request parameter\r | |
98 | //\r | |
99 | SendBufPtr = (UINT32*)(TpmRqu + 1);\r | |
607599bf | 100 | WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));\r |
101 | WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));\r | |
102 | WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT)); \r | |
0c18794e | 103 | \r |
104 | Status = TcgProtocol->PassThroughToTpm (\r | |
105 | TcgProtocol,\r | |
106 | sizeof (SendBuffer),\r | |
107 | (UINT8*)TpmRqu,\r | |
108 | sizeof (RecvBuffer),\r | |
109 | (UINT8*)&RecvBuffer\r | |
110 | );\r | |
111 | ASSERT_EFI_ERROR (Status);\r | |
607599bf | 112 | ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r |
0c18794e | 113 | ASSERT (TpmRsp->returnCode == 0);\r |
114 | \r | |
115 | TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r | |
116 | \r | |
117 | if (LifetimeLock != NULL) {\r | |
118 | *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r | |
119 | }\r | |
120 | \r | |
121 | if (CmdEnable != NULL) {\r | |
122 | *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r | |
123 | }\r | |
124 | \r | |
125 | return Status;\r | |
126 | }\r | |
127 | \r | |
128 | /**\r | |
129 | Issue TSC_PhysicalPresence command to TPM.\r | |
130 | \r | |
607599bf | 131 | @param[in] TcgProtocol EFI TCG Protocol instance. \r |
0c18794e | 132 | @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags. \r |
133 | \r | |
134 | @retval EFI_SUCCESS TPM executed the command successfully.\r | |
135 | @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.\r | |
136 | @retval other Failed to locate EFI TCG Protocol.\r | |
137 | \r | |
138 | **/\r | |
139 | EFI_STATUS\r | |
140 | TpmPhysicalPresence (\r | |
607599bf | 141 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
0c18794e | 142 | IN TPM_PHYSICAL_PRESENCE PhysicalPresence\r |
143 | )\r | |
144 | {\r | |
145 | EFI_STATUS Status;\r | |
0c18794e | 146 | TPM_RQU_COMMAND_HDR *TpmRqu;\r |
147 | TPM_PHYSICAL_PRESENCE *TpmPp;\r | |
148 | TPM_RSP_COMMAND_HDR TpmRsp;\r | |
149 | UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r | |
150 | \r | |
0c18794e | 151 | TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r |
152 | TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r | |
153 | \r | |
607599bf | 154 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
155 | TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));\r | |
156 | TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);\r | |
157 | WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence)); \r | |
0c18794e | 158 | \r |
159 | Status = TcgProtocol->PassThroughToTpm (\r | |
160 | TcgProtocol,\r | |
161 | sizeof (Buffer),\r | |
162 | (UINT8*)TpmRqu,\r | |
163 | sizeof (TpmRsp),\r | |
164 | (UINT8*)&TpmRsp\r | |
165 | );\r | |
166 | ASSERT_EFI_ERROR (Status);\r | |
607599bf | 167 | ASSERT (TpmRsp.tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r |
0c18794e | 168 | if (TpmRsp.returnCode != 0) {\r |
169 | //\r | |
170 | // If it fails, some requirements may be needed for this command.\r | |
171 | //\r | |
172 | return EFI_SECURITY_VIOLATION;\r | |
173 | }\r | |
607599bf | 174 | \r |
0c18794e | 175 | return Status;\r |
176 | }\r | |
177 | \r | |
178 | /**\r | |
179 | Issue a TPM command for which no additional output data will be returned.\r | |
180 | \r | |
181 | @param[in] TcgProtocol EFI TCG Protocol instance. \r | |
182 | @param[in] Ordinal TPM command code. \r | |
183 | @param[in] AdditionalParameterSize Additional parameter size. \r | |
184 | @param[in] AdditionalParameters Pointer to the Additional paramaters. \r | |
185 | \r | |
186 | @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r | |
187 | receiving response from TPM.\r | |
188 | @retval Others Return code from the TPM device after command execution.\r | |
189 | \r | |
190 | **/\r | |
191 | TPM_RESULT\r | |
192 | TpmCommandNoReturnData (\r | |
193 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r | |
194 | IN TPM_COMMAND_CODE Ordinal,\r | |
195 | IN UINTN AdditionalParameterSize,\r | |
196 | IN VOID *AdditionalParameters\r | |
197 | )\r | |
198 | {\r | |
199 | EFI_STATUS Status;\r | |
200 | TPM_RQU_COMMAND_HDR *TpmRqu;\r | |
201 | TPM_RSP_COMMAND_HDR TpmRsp;\r | |
202 | UINT32 Size;\r | |
203 | \r | |
607599bf | 204 | TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);\r |
0c18794e | 205 | if (TpmRqu == NULL) {\r |
206 | return TPM_PP_BIOS_FAILURE;\r | |
207 | }\r | |
208 | \r | |
607599bf | 209 | TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r |
0c18794e | 210 | Size = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r |
607599bf | 211 | TpmRqu->paramSize = SwapBytes32 (Size);\r |
212 | TpmRqu->ordinal = SwapBytes32 (Ordinal);\r | |
213 | CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r | |
0c18794e | 214 | \r |
215 | Status = TcgProtocol->PassThroughToTpm (\r | |
216 | TcgProtocol,\r | |
217 | Size,\r | |
218 | (UINT8*)TpmRqu,\r | |
219 | (UINT32)sizeof (TpmRsp),\r | |
220 | (UINT8*)&TpmRsp\r | |
221 | );\r | |
222 | FreePool (TpmRqu);\r | |
607599bf | 223 | if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {\r |
0c18794e | 224 | return TPM_PP_BIOS_FAILURE;\r |
225 | }\r | |
607599bf | 226 | return SwapBytes32 (TpmRsp.returnCode);\r |
0c18794e | 227 | }\r |
228 | \r | |
229 | /**\r | |
230 | Execute physical presence operation requested by the OS.\r | |
231 | \r | |
607599bf | 232 | @param[in] TcgProtocol EFI TCG Protocol instance.\r |
233 | @param[in] CommandCode Physical presence operation value.\r | |
234 | @param[in, out] PpiFlags The physical presence interface flags.\r | |
0c18794e | 235 | \r |
236 | @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.\r | |
237 | @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r | |
238 | receiving response from TPM.\r | |
239 | @retval Others Return code from the TPM device after command execution.\r | |
240 | \r | |
241 | **/\r | |
242 | TPM_RESULT\r | |
243 | ExecutePhysicalPresence (\r | |
244 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r | |
245 | IN UINT8 CommandCode,\r | |
246 | IN OUT UINT8 *PpiFlags\r | |
247 | )\r | |
248 | {\r | |
249 | BOOLEAN BoolVal;\r | |
250 | TPM_RESULT TpmResponse;\r | |
251 | UINT32 InData[5];\r | |
252 | \r | |
253 | switch (CommandCode) {\r | |
607599bf | 254 | case PHYSICAL_PRESENCE_ENABLE:\r |
0c18794e | 255 | return TpmCommandNoReturnData (\r |
256 | TcgProtocol,\r | |
257 | TPM_ORD_PhysicalEnable,\r | |
258 | 0,\r | |
259 | NULL\r | |
260 | );\r | |
261 | \r | |
607599bf | 262 | case PHYSICAL_PRESENCE_DISABLE:\r |
0c18794e | 263 | return TpmCommandNoReturnData (\r |
264 | TcgProtocol,\r | |
265 | TPM_ORD_PhysicalDisable,\r | |
266 | 0,\r | |
267 | NULL\r | |
268 | );\r | |
269 | \r | |
607599bf | 270 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
0c18794e | 271 | BoolVal = FALSE;\r |
272 | return TpmCommandNoReturnData (\r | |
273 | TcgProtocol,\r | |
274 | TPM_ORD_PhysicalSetDeactivated,\r | |
275 | sizeof (BoolVal),\r | |
276 | &BoolVal\r | |
277 | );\r | |
278 | \r | |
607599bf | 279 | case PHYSICAL_PRESENCE_DEACTIVATE:\r |
0c18794e | 280 | BoolVal = TRUE;\r |
281 | return TpmCommandNoReturnData (\r | |
282 | TcgProtocol,\r | |
283 | TPM_ORD_PhysicalSetDeactivated,\r | |
284 | sizeof (BoolVal),\r | |
285 | &BoolVal\r | |
286 | );\r | |
287 | \r | |
607599bf | 288 | case PHYSICAL_PRESENCE_CLEAR:\r |
0c18794e | 289 | return TpmCommandNoReturnData (\r |
290 | TcgProtocol,\r | |
291 | TPM_ORD_ForceClear,\r | |
292 | 0,\r | |
293 | NULL\r | |
294 | );\r | |
295 | \r | |
607599bf | 296 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r |
297 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE, PpiFlags);\r | |
0c18794e | 298 | if (TpmResponse == 0) {\r |
607599bf | 299 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);\r |
0c18794e | 300 | }\r |
301 | return TpmResponse;\r | |
302 | \r | |
607599bf | 303 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r |
304 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE, PpiFlags);\r | |
0c18794e | 305 | if (TpmResponse == 0) {\r |
607599bf | 306 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);\r |
0c18794e | 307 | }\r |
308 | return TpmResponse;\r | |
309 | \r | |
607599bf | 310 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r |
0c18794e | 311 | BoolVal = TRUE;\r |
312 | return TpmCommandNoReturnData (\r | |
313 | TcgProtocol,\r | |
314 | TPM_ORD_SetOwnerInstall,\r | |
315 | sizeof (BoolVal),\r | |
316 | &BoolVal\r | |
317 | );\r | |
318 | \r | |
607599bf | 319 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r |
0c18794e | 320 | BoolVal = FALSE;\r |
321 | return TpmCommandNoReturnData (\r | |
322 | TcgProtocol,\r | |
323 | TPM_ORD_SetOwnerInstall,\r | |
324 | sizeof (BoolVal),\r | |
325 | &BoolVal\r | |
326 | );\r | |
327 | \r | |
607599bf | 328 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r |
0c18794e | 329 | //\r |
607599bf | 330 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE\r |
331 | // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot\r | |
0c18794e | 332 | //\r |
333 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
607599bf | 334 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 335 | *PpiFlags |= FLAG_RESET_TRACK;\r |
336 | } else {\r | |
607599bf | 337 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);\r |
0c18794e | 338 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
339 | }\r | |
340 | return TpmResponse;\r | |
341 | \r | |
607599bf | 342 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r |
343 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE, PpiFlags);\r | |
0c18794e | 344 | if (TpmResponse == 0) {\r |
607599bf | 345 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);\r |
0c18794e | 346 | }\r |
347 | return TpmResponse;\r | |
348 | \r | |
607599bf | 349 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
350 | InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA); // CapabilityArea\r | |
351 | InData[1] = SwapBytes32 (sizeof(UINT32)); // SubCapSize\r | |
352 | InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r | |
353 | InData[3] = SwapBytes32 (sizeof(UINT32)); // SetValueSize\r | |
354 | InData[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0\r | |
0c18794e | 355 | return TpmCommandNoReturnData (\r |
356 | TcgProtocol,\r | |
357 | TPM_ORD_SetCapability,\r | |
358 | sizeof (UINT32) * 5,\r | |
359 | InData\r | |
360 | );\r | |
361 | \r | |
607599bf | 362 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r |
0c18794e | 363 | //\r |
364 | // TPM_SetOperatorAuth\r | |
365 | // This command requires UI to prompt user for Auth data\r | |
366 | // Here it is NOT implemented\r | |
367 | //\r | |
368 | return TPM_PP_BIOS_FAILURE;\r | |
369 | \r | |
607599bf | 370 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
371 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r | |
0c18794e | 372 | if (TpmResponse == 0) {\r |
607599bf | 373 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 374 | }\r |
375 | return TpmResponse;\r | |
376 | \r | |
607599bf | 377 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r |
0c18794e | 378 | *PpiFlags &= ~FLAG_NO_PPI_PROVISION;\r |
379 | return 0;\r | |
380 | \r | |
607599bf | 381 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r |
0c18794e | 382 | *PpiFlags |= FLAG_NO_PPI_PROVISION;\r |
383 | return 0;\r | |
384 | \r | |
607599bf | 385 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r |
0c18794e | 386 | *PpiFlags &= ~FLAG_NO_PPI_CLEAR;\r |
387 | return 0;\r | |
388 | \r | |
607599bf | 389 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r |
0c18794e | 390 | *PpiFlags |= FLAG_NO_PPI_CLEAR;\r |
391 | return 0;\r | |
392 | \r | |
607599bf | 393 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r |
0c18794e | 394 | *PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;\r |
395 | return 0;\r | |
396 | \r | |
607599bf | 397 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r |
0c18794e | 398 | *PpiFlags |= FLAG_NO_PPI_MAINTENANCE;\r |
399 | return 0;\r | |
400 | \r | |
607599bf | 401 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r |
1f728ac7 | 402 | //\r |
403 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR\r | |
404 | // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.\r | |
405 | //\r | |
406 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
407 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r | |
408 | *PpiFlags |= FLAG_RESET_TRACK;\r | |
409 | } else {\r | |
607599bf | 410 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r |
1f728ac7 | 411 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
0c18794e | 412 | }\r |
413 | return TpmResponse;\r | |
414 | \r | |
607599bf | 415 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 416 | //\r |
607599bf | 417 | // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE\r |
1f728ac7 | 418 | // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.\r |
0c18794e | 419 | //\r |
420 | if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r | |
607599bf | 421 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 422 | *PpiFlags |= FLAG_RESET_TRACK;\r |
423 | } else {\r | |
607599bf | 424 | TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);\r |
0c18794e | 425 | *PpiFlags &= ~FLAG_RESET_TRACK;\r |
426 | } \r | |
427 | return TpmResponse;\r | |
428 | \r | |
429 | default:\r | |
430 | ;\r | |
431 | }\r | |
432 | return TPM_PP_BIOS_FAILURE;\r | |
433 | }\r | |
434 | \r | |
435 | \r | |
436 | /**\r | |
437 | Read the specified key for user confirmation.\r | |
438 | \r | |
439 | @param[in] CautionKey If true, F12 is used as confirm key;\r | |
440 | If false, F10 is used as confirm key.\r | |
441 | \r | |
442 | @retval TRUE User confirmed the changes by input.\r | |
443 | @retval FALSE User discarded the changes.\r | |
444 | \r | |
445 | **/\r | |
446 | BOOLEAN\r | |
447 | ReadUserKey (\r | |
448 | IN BOOLEAN CautionKey\r | |
449 | )\r | |
450 | {\r | |
451 | EFI_STATUS Status;\r | |
452 | EFI_INPUT_KEY Key;\r | |
453 | UINT16 InputKey;\r | |
0c18794e | 454 | \r |
455 | InputKey = 0; \r | |
456 | do {\r | |
457 | Status = gBS->CheckEvent (gST->ConIn->WaitForKey);\r | |
458 | if (!EFI_ERROR (Status)) {\r | |
459 | Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r | |
460 | if (Key.ScanCode == SCAN_ESC) {\r | |
461 | InputKey = Key.ScanCode;\r | |
462 | }\r | |
463 | if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r | |
464 | InputKey = Key.ScanCode;\r | |
465 | }\r | |
466 | if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r | |
467 | InputKey = Key.ScanCode;\r | |
468 | }\r | |
469 | } \r | |
470 | } while (InputKey == 0);\r | |
471 | \r | |
0c18794e | 472 | if (InputKey != SCAN_ESC) {\r |
473 | return TRUE;\r | |
474 | }\r | |
475 | \r | |
476 | return FALSE;\r | |
477 | }\r | |
478 | \r | |
607599bf | 479 | /**\r |
480 | The constructor function register UNI strings into imageHandle.\r | |
481 | \r | |
482 | It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r | |
483 | \r | |
484 | @param ImageHandle The firmware allocated handle for the EFI image.\r | |
485 | @param SystemTable A pointer to the EFI System Table.\r | |
486 | \r | |
487 | @retval EFI_SUCCESS The constructor successfully added string package.\r | |
488 | @retval Other value The constructor can't add string package.\r | |
489 | \r | |
490 | **/\r | |
491 | EFI_STATUS\r | |
492 | EFIAPI\r | |
493 | TcgPhysicalPresenceLibConstructor (\r | |
494 | IN EFI_HANDLE ImageHandle,\r | |
495 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
496 | )\r | |
497 | {\r | |
6f0b8648 | 498 | mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);\r |
607599bf | 499 | ASSERT (mPpStringPackHandle != NULL);\r |
500 | \r | |
501 | return EFI_SUCCESS;\r | |
502 | }\r | |
503 | \r | |
0c18794e | 504 | /**\r |
505 | Display the confirm text and get user confirmation.\r | |
506 | \r | |
507 | @param[in] TpmPpCommand The requested TPM physical presence command.\r | |
508 | \r | |
607599bf | 509 | @retval TRUE The user has confirmed the changes.\r |
510 | @retval FALSE The user doesn't confirm the changes.\r | |
0c18794e | 511 | **/\r |
512 | BOOLEAN\r | |
513 | UserConfirm (\r | |
514 | IN UINT8 TpmPpCommand\r | |
515 | )\r | |
516 | {\r | |
517 | CHAR16 *ConfirmText;\r | |
518 | CHAR16 *TmpStr1;\r | |
519 | CHAR16 *TmpStr2; \r | |
520 | UINTN BufSize;\r | |
521 | BOOLEAN CautionKey;\r | |
522 | UINT16 Index;\r | |
523 | CHAR16 DstStr[81];\r | |
524 | \r | |
525 | TmpStr2 = NULL;\r | |
526 | CautionKey = FALSE;\r | |
527 | BufSize = CONFIRM_BUFFER_SIZE;\r | |
528 | ConfirmText = AllocateZeroPool (BufSize);\r | |
529 | ASSERT (ConfirmText != NULL);\r | |
530 | \r | |
0c18794e | 531 | switch (TpmPpCommand) {\r |
607599bf | 532 | case PHYSICAL_PRESENCE_ENABLE:\r |
533 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));\r | |
0c18794e | 534 | \r |
607599bf | 535 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 536 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
537 | FreePool (TmpStr1);\r | |
538 | \r | |
607599bf | 539 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 540 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
541 | FreePool (TmpStr1);\r | |
542 | break;\r | |
543 | \r | |
607599bf | 544 | case PHYSICAL_PRESENCE_DISABLE:\r |
545 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));\r | |
0c18794e | 546 | \r |
607599bf | 547 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 548 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
549 | FreePool (TmpStr1);\r | |
550 | \r | |
607599bf | 551 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 552 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
553 | FreePool (TmpStr1);\r | |
554 | \r | |
607599bf | 555 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 556 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
557 | FreePool (TmpStr1);\r | |
558 | break;\r | |
559 | \r | |
607599bf | 560 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
561 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));\r | |
0c18794e | 562 | \r |
607599bf | 563 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 564 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
565 | FreePool (TmpStr1);\r | |
566 | \r | |
607599bf | 567 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 568 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
569 | FreePool (TmpStr1);\r | |
570 | break;\r | |
571 | \r | |
607599bf | 572 | case PHYSICAL_PRESENCE_DEACTIVATE:\r |
573 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));\r | |
0c18794e | 574 | \r |
607599bf | 575 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 576 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
577 | FreePool (TmpStr1);\r | |
578 | \r | |
607599bf | 579 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 580 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
581 | FreePool (TmpStr1);\r | |
582 | \r | |
607599bf | 583 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 584 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
585 | FreePool (TmpStr1); \r | |
586 | break;\r | |
587 | \r | |
607599bf | 588 | case PHYSICAL_PRESENCE_CLEAR:\r |
0c18794e | 589 | CautionKey = TRUE;\r |
607599bf | 590 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r |
0c18794e | 591 | \r |
607599bf | 592 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 593 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
594 | FreePool (TmpStr1);\r | |
595 | \r | |
607599bf | 596 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 597 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
598 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
599 | FreePool (TmpStr1); \r | |
600 | \r | |
607599bf | 601 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 602 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
603 | FreePool (TmpStr1);\r | |
604 | break;\r | |
605 | \r | |
607599bf | 606 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r |
607 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE));\r | |
0c18794e | 608 | \r |
607599bf | 609 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 610 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
611 | FreePool (TmpStr1);\r | |
612 | \r | |
607599bf | 613 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 614 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
615 | FreePool (TmpStr1);\r | |
616 | \r | |
607599bf | 617 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 618 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
619 | FreePool (TmpStr1);\r | |
620 | break;\r | |
621 | \r | |
607599bf | 622 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r |
623 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));\r | |
0c18794e | 624 | \r |
607599bf | 625 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 626 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
627 | FreePool (TmpStr1);\r | |
628 | \r | |
607599bf | 629 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r |
0c18794e | 630 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
631 | FreePool (TmpStr1);\r | |
632 | \r | |
607599bf | 633 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 634 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
635 | FreePool (TmpStr1);\r | |
636 | \r | |
607599bf | 637 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 638 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
639 | FreePool (TmpStr1);\r | |
640 | break;\r | |
641 | \r | |
607599bf | 642 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r |
643 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));\r | |
0c18794e | 644 | \r |
607599bf | 645 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 646 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
647 | FreePool (TmpStr1);\r | |
648 | \r | |
607599bf | 649 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 650 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
651 | FreePool (TmpStr1);\r | |
652 | break;\r | |
653 | \r | |
607599bf | 654 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r |
655 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));\r | |
0c18794e | 656 | \r |
607599bf | 657 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 658 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
659 | FreePool (TmpStr1);\r | |
660 | \r | |
607599bf | 661 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 662 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
663 | FreePool (TmpStr1);\r | |
664 | break;\r | |
665 | \r | |
607599bf | 666 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r |
667 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));\r | |
0c18794e | 668 | \r |
607599bf | 669 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 670 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
671 | FreePool (TmpStr1);\r | |
672 | \r | |
607599bf | 673 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 674 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
675 | FreePool (TmpStr1);\r | |
676 | \r | |
607599bf | 677 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 678 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
679 | FreePool (TmpStr1);\r | |
680 | break;\r | |
681 | \r | |
607599bf | 682 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r |
683 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));\r | |
0c18794e | 684 | \r |
607599bf | 685 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r |
0c18794e | 686 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
687 | FreePool (TmpStr1);\r | |
688 | \r | |
607599bf | 689 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r |
0c18794e | 690 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
691 | FreePool (TmpStr1);\r | |
692 | \r | |
607599bf | 693 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r |
0c18794e | 694 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
695 | FreePool (TmpStr1);\r | |
696 | \r | |
607599bf | 697 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 698 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
699 | FreePool (TmpStr1);\r | |
700 | break;\r | |
701 | \r | |
607599bf | 702 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
0c18794e | 703 | CautionKey = TRUE;\r |
607599bf | 704 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));\r |
0c18794e | 705 | \r |
607599bf | 706 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR)); \r |
0c18794e | 707 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
708 | FreePool (TmpStr1);\r | |
709 | \r | |
607599bf | 710 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r |
0c18794e | 711 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
712 | FreePool (TmpStr1);\r | |
713 | \r | |
607599bf | 714 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 715 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
716 | FreePool (TmpStr1);\r | |
717 | break;\r | |
718 | \r | |
607599bf | 719 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r |
0c18794e | 720 | //\r |
721 | // TPM_SetOperatorAuth\r | |
722 | // This command requires UI to prompt user for Auth data\r | |
723 | // Here it is NOT implemented\r | |
724 | //\r | |
725 | break;\r | |
726 | \r | |
607599bf | 727 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 728 | CautionKey = TRUE;\r |
607599bf | 729 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));\r |
0c18794e | 730 | \r |
607599bf | 731 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 732 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
733 | FreePool (TmpStr1);\r | |
734 | \r | |
607599bf | 735 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 736 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
737 | FreePool (TmpStr1);\r | |
738 | \r | |
607599bf | 739 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 740 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
741 | FreePool (TmpStr1);\r | |
742 | \r | |
607599bf | 743 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r |
0c18794e | 744 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
745 | FreePool (TmpStr1);\r | |
746 | \r | |
607599bf | 747 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 748 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
749 | FreePool (TmpStr1);\r | |
750 | break;\r | |
751 | \r | |
607599bf | 752 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r |
753 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION));\r | |
0c18794e | 754 | \r |
607599bf | 755 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 756 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
757 | FreePool (TmpStr1);\r | |
758 | \r | |
607599bf | 759 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r |
0c18794e | 760 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
761 | FreePool (TmpStr1);\r | |
762 | \r | |
607599bf | 763 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 764 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
765 | FreePool (TmpStr1);\r | |
766 | break;\r | |
767 | \r | |
607599bf | 768 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r |
0c18794e | 769 | CautionKey = TRUE;\r |
607599bf | 770 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r |
0c18794e | 771 | \r |
607599bf | 772 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 773 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
774 | FreePool (TmpStr1);\r | |
775 | \r | |
607599bf | 776 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));\r |
0c18794e | 777 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
778 | FreePool (TmpStr1);\r | |
779 | \r | |
607599bf | 780 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 781 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
782 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
783 | FreePool (TmpStr1); \r | |
784 | \r | |
607599bf | 785 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 786 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
787 | FreePool (TmpStr1);\r | |
788 | \r | |
607599bf | 789 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 790 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
791 | FreePool (TmpStr1);\r | |
792 | break;\r | |
793 | \r | |
607599bf | 794 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r |
0c18794e | 795 | CautionKey = TRUE;\r |
607599bf | 796 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));\r |
0c18794e | 797 | \r |
607599bf | 798 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r |
0c18794e | 799 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
800 | FreePool (TmpStr1);\r | |
801 | \r | |
607599bf | 802 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r |
0c18794e | 803 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
804 | FreePool (TmpStr1);\r | |
805 | \r | |
607599bf | 806 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 807 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
808 | FreePool (TmpStr1);\r | |
809 | \r | |
607599bf | 810 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r |
0c18794e | 811 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
812 | FreePool (TmpStr1);\r | |
813 | break;\r | |
814 | \r | |
607599bf | 815 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r |
0c18794e | 816 | CautionKey = TRUE;\r |
607599bf | 817 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));\r |
0c18794e | 818 | \r |
607599bf | 819 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 820 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
821 | FreePool (TmpStr1);\r | |
822 | \r | |
607599bf | 823 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 824 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
825 | StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r | |
826 | FreePool (TmpStr1);\r | |
827 | \r | |
607599bf | 828 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 829 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
830 | FreePool (TmpStr1);\r | |
831 | break;\r | |
832 | \r | |
607599bf | 833 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r |
0c18794e | 834 | CautionKey = TRUE;\r |
607599bf | 835 | TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));\r |
0c18794e | 836 | \r |
607599bf | 837 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r |
0c18794e | 838 | UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r |
839 | FreePool (TmpStr1);\r | |
840 | \r | |
607599bf | 841 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r |
0c18794e | 842 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
843 | FreePool (TmpStr1);\r | |
844 | \r | |
607599bf | 845 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r |
0c18794e | 846 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
847 | FreePool (TmpStr1);\r | |
848 | \r | |
607599bf | 849 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r |
0c18794e | 850 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
851 | FreePool (TmpStr1);\r | |
852 | \r | |
607599bf | 853 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r |
0c18794e | 854 | StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r |
855 | FreePool (TmpStr1);\r | |
856 | break;\r | |
857 | \r | |
858 | default:\r | |
859 | ;\r | |
860 | }\r | |
861 | \r | |
862 | if (TmpStr2 == NULL) {\r | |
863 | FreePool (ConfirmText);\r | |
864 | return FALSE;\r | |
865 | }\r | |
866 | \r | |
607599bf | 867 | TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));\r |
0c18794e | 868 | BufSize -= StrSize (ConfirmText);\r |
869 | UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r | |
870 | \r | |
871 | DstStr[80] = L'\0';\r | |
872 | for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r | |
873 | StrnCpy(DstStr, ConfirmText + Index, 80); \r | |
874 | Print (DstStr); \r | |
875 | }\r | |
876 | \r | |
877 | FreePool (TmpStr1);\r | |
878 | FreePool (TmpStr2);\r | |
879 | FreePool (ConfirmText);\r | |
880 | \r | |
881 | if (ReadUserKey (CautionKey)) {\r | |
882 | return TRUE;\r | |
883 | }\r | |
884 | \r | |
885 | return FALSE; \r | |
886 | }\r | |
887 | \r | |
888 | /**\r | |
889 | Check and execute the requested physical presence command.\r | |
607599bf | 890 | \r |
dc204d5a JY |
891 | Caution: This function may receive untrusted input.\r |
892 | TcgPpData variable is external input, so this function will validate\r | |
893 | its data structure to be valid value.\r | |
894 | \r | |
607599bf | 895 | @param[in] TcgProtocol EFI TCG Protocol instance. \r |
896 | @param[in] TcgPpData Point to the physical presence NV variable.\r | |
0c18794e | 897 | \r |
898 | **/\r | |
899 | VOID\r | |
900 | ExecutePendingTpmRequest (\r | |
607599bf | 901 | IN EFI_TCG_PROTOCOL *TcgProtocol,\r |
902 | IN EFI_PHYSICAL_PRESENCE *TcgPpData\r | |
0c18794e | 903 | )\r |
904 | {\r | |
905 | EFI_STATUS Status;\r | |
0c18794e | 906 | UINTN DataSize;\r |
907 | UINT8 Flags;\r | |
908 | BOOLEAN RequestConfirmed;\r | |
909 | \r | |
910 | Flags = TcgPpData->Flags;\r | |
911 | RequestConfirmed = FALSE; \r | |
912 | switch (TcgPpData->PPRequest) {\r | |
607599bf | 913 | case PHYSICAL_PRESENCE_NO_ACTION:\r |
0c18794e | 914 | return;\r |
607599bf | 915 | case PHYSICAL_PRESENCE_ENABLE:\r |
916 | case PHYSICAL_PRESENCE_DISABLE:\r | |
917 | case PHYSICAL_PRESENCE_ACTIVATE:\r | |
918 | case PHYSICAL_PRESENCE_DEACTIVATE:\r | |
919 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r | |
920 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r | |
921 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r | |
922 | case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r | |
923 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r | |
924 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r | |
925 | case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r | |
0c18794e | 926 | if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r |
927 | RequestConfirmed = TRUE;\r | |
928 | }\r | |
929 | break;\r | |
930 | \r | |
607599bf | 931 | case PHYSICAL_PRESENCE_CLEAR:\r |
932 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r | |
0c18794e | 933 | if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r |
934 | RequestConfirmed = TRUE;\r | |
935 | }\r | |
936 | break;\r | |
937 | \r | |
607599bf | 938 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r |
0c18794e | 939 | if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r |
940 | RequestConfirmed = TRUE;\r | |
941 | }\r | |
942 | break;\r | |
943 | \r | |
607599bf | 944 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r |
945 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r | |
0c18794e | 946 | if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r |
947 | RequestConfirmed = TRUE;\r | |
948 | }\r | |
949 | break; \r | |
950 | \r | |
607599bf | 951 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r |
952 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r | |
953 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r | |
0c18794e | 954 | RequestConfirmed = TRUE;\r |
955 | break;\r | |
568e7b27 | 956 | \r |
477be7c4 | 957 | case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r |
958 | case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r | |
959 | case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r | |
960 | break;\r | |
961 | \r | |
568e7b27 | 962 | default:\r |
963 | //\r | |
964 | // Invalid operation request.\r | |
965 | //\r | |
966 | TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;\r | |
967 | TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r | |
968 | TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r | |
969 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
970 | Status = gRT->SetVariable (\r | |
971 | PHYSICAL_PRESENCE_VARIABLE,\r | |
972 | &gEfiPhysicalPresenceGuid,\r | |
973 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
974 | DataSize,\r | |
975 | TcgPpData\r | |
976 | );\r | |
977 | return;\r | |
0c18794e | 978 | }\r |
979 | \r | |
980 | if ((Flags & FLAG_RESET_TRACK) != 0) {\r | |
981 | //\r | |
982 | // It had been confirmed in last boot, it doesn't need confirm again.\r | |
983 | //\r | |
984 | RequestConfirmed = TRUE;\r | |
985 | }\r | |
986 | \r | |
987 | if (!RequestConfirmed) {\r | |
988 | //\r | |
989 | // Print confirm text and wait for approval. \r | |
990 | //\r | |
991 | RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r | |
992 | }\r | |
993 | \r | |
994 | //\r | |
607599bf | 995 | // Execute requested physical presence command\r |
0c18794e | 996 | //\r |
997 | TcgPpData->PPResponse = TPM_PP_USER_ABORT;\r | |
998 | if (RequestConfirmed) {\r | |
0c18794e | 999 | TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &TcgPpData->Flags);\r |
1000 | }\r | |
1001 | \r | |
1002 | //\r | |
1003 | // Clear request\r | |
1004 | //\r | |
1005 | if ((TcgPpData->Flags & FLAG_RESET_TRACK) == 0) {\r | |
1006 | TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r | |
568e7b27 | 1007 | TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION; \r |
0c18794e | 1008 | }\r |
1009 | \r | |
1010 | //\r | |
1011 | // Save changes\r | |
1012 | //\r | |
1013 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
1014 | Status = gRT->SetVariable (\r | |
1015 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1016 | &gEfiPhysicalPresenceGuid,\r | |
1017 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
1018 | DataSize,\r | |
1019 | TcgPpData\r | |
1020 | );\r | |
1021 | if (EFI_ERROR (Status)) {\r | |
1022 | return;\r | |
1023 | }\r | |
1024 | \r | |
1025 | if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {\r | |
1026 | return;\r | |
1027 | }\r | |
1028 | \r | |
1029 | //\r | |
1030 | // Reset system to make new TPM settings in effect\r | |
1031 | //\r | |
1032 | switch (TcgPpData->LastPPRequest) {\r | |
607599bf | 1033 | case PHYSICAL_PRESENCE_ACTIVATE:\r |
1034 | case PHYSICAL_PRESENCE_DEACTIVATE:\r | |
1035 | case PHYSICAL_PRESENCE_CLEAR:\r | |
1036 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r | |
1037 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r | |
1038 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r | |
1039 | case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r | |
1040 | case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r | |
1041 | case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r | |
1042 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r | |
1043 | case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: \r | |
0c18794e | 1044 | break;\r |
1045 | default:\r | |
568e7b27 | 1046 | if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {\r |
0c18794e | 1047 | break;\r |
1048 | }\r | |
1049 | return;\r | |
1050 | }\r | |
1051 | \r | |
1052 | Print (L"Rebooting system to make TPM settings in effect\n");\r | |
1053 | gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r | |
1054 | ASSERT (FALSE); \r | |
1055 | }\r | |
1056 | \r | |
1057 | /**\r | |
607599bf | 1058 | Check and execute the pending TPM request and Lock TPM.\r |
0c18794e | 1059 | \r |
607599bf | 1060 | The TPM request may come from OS or BIOS. This API will display request information and wait \r |
1061 | for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r | |
1062 | the TPM request is confirmed, and one or more reset may be required to make TPM request to \r | |
1063 | take effect. At last, it will lock TPM to prevent TPM state change by malware.\r | |
1064 | \r | |
1065 | This API should be invoked after console in and console out are all ready as they are required\r | |
1066 | to display request information and get user input to confirm the request. This API should also \r | |
1067 | be invoked as early as possible as TPM is locked in this function.\r | |
1068 | \r | |
0c18794e | 1069 | **/\r |
1070 | VOID\r | |
1071 | EFIAPI\r | |
607599bf | 1072 | TcgPhysicalPresenceLibProcessRequest (\r |
1073 | VOID\r | |
0c18794e | 1074 | )\r |
1075 | {\r | |
1076 | EFI_STATUS Status;\r | |
1077 | BOOLEAN LifetimeLock;\r | |
1078 | BOOLEAN CmdEnable;\r | |
1079 | UINTN DataSize;\r | |
1080 | EFI_PHYSICAL_PRESENCE TcgPpData;\r | |
607599bf | 1081 | EFI_TCG_PROTOCOL *TcgProtocol;\r |
1082 | \r | |
1083 | Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r | |
1084 | if (EFI_ERROR (Status)) {\r | |
1085 | return ;\r | |
1086 | }\r | |
0c18794e | 1087 | \r |
1088 | //\r | |
607599bf | 1089 | // Initialize physical presence variable.\r |
0c18794e | 1090 | //\r |
1091 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
1092 | Status = gRT->GetVariable (\r | |
1093 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1094 | &gEfiPhysicalPresenceGuid,\r | |
1095 | NULL,\r | |
1096 | &DataSize,\r | |
1097 | &TcgPpData\r | |
1098 | );\r | |
607599bf | 1099 | if (EFI_ERROR (Status)) {\r |
1100 | if (Status == EFI_NOT_FOUND) {\r | |
1101 | ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r | |
1102 | TcgPpData.Flags |= FLAG_NO_PPI_PROVISION;\r | |
1103 | DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r | |
1104 | Status = gRT->SetVariable (\r | |
1105 | PHYSICAL_PRESENCE_VARIABLE,\r | |
1106 | &gEfiPhysicalPresenceGuid,\r | |
1107 | EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r | |
1108 | DataSize,\r | |
1109 | &TcgPpData\r | |
1110 | );\r | |
1111 | }\r | |
1112 | ASSERT_EFI_ERROR (Status);\r | |
1113 | }\r | |
1114 | \r | |
0c18794e | 1115 | DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", TcgPpData.Flags, TcgPpData.PPRequest));\r |
607599bf | 1116 | \r |
1117 | Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r | |
0c18794e | 1118 | if (EFI_ERROR (Status)) {\r |
1119 | return ;\r | |
1120 | }\r | |
607599bf | 1121 | \r |
0c18794e | 1122 | if (!CmdEnable) {\r |
1123 | if (LifetimeLock) {\r | |
1124 | //\r | |
1125 | // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r | |
1126 | //\r | |
1127 | return ;\r | |
1128 | }\r | |
607599bf | 1129 | Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r |
0c18794e | 1130 | if (EFI_ERROR (Status)) {\r |
1131 | return ;\r | |
1132 | }\r | |
1133 | }\r | |
607599bf | 1134 | \r |
0c18794e | 1135 | //\r |
1136 | // Set operator physical presence flags\r | |
1137 | //\r | |
607599bf | 1138 | TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT);\r |
1139 | \r | |
0c18794e | 1140 | //\r |
1141 | // Execute pending TPM request.\r | |
1142 | // \r | |
607599bf | 1143 | ExecutePendingTpmRequest (TcgProtocol, &TcgPpData);\r |
0c18794e | 1144 | DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r |
1145 | \r | |
1146 | //\r | |
1147 | // Lock physical presence.\r | |
1148 | //\r | |
607599bf | 1149 | TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r |
0c18794e | 1150 | }\r |
1151 | \r |