]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Fix build fail.
[mirror_edk2.git] / SecurityPkg / Library / DxeTcgPhysicalPresenceLib / DxeTcgPhysicalPresenceLib.c
CommitLineData
0c18794e 1/** @file\r
607599bf 2\r
3 Execute pending TPM requests from OS or BIOS and Lock TPM.\r
4\r
dc204d5a
JY		 5 Caution: This module requires additional review when modified.\r
6 This driver will have external input - variable.\r
7 This external input must be validated carefully to avoid security issue.\r
8\r
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.\r
10\r
568e7b27 11Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
0c18794e 12This program and the accompanying materials \r
13are licensed and made available under the terms and conditions of the BSD License \r
14which accompanies this distribution. The full text of the license may be found at \r
15http://opensource.org/licenses/bsd-license.php\r
16\r
17THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
18WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
19\r
20**/\r
21\r
607599bf 22#include <PiDxe.h>\r
23\r
24#include <Protocol/TcgService.h>\r
25#include <Library/DebugLib.h>\r
26#include <Library/BaseMemoryLib.h>\r
27#include <Library/UefiRuntimeServicesTableLib.h>\r
28#include <Library/UefiDriverEntryPoint.h>\r
29#include <Library/UefiBootServicesTableLib.h>\r
30#include <Library/UefiLib.h>\r
31#include <Library/MemoryAllocationLib.h>\r
32#include <Library/PrintLib.h>\r
33#include <Library/HiiLib.h>\r
34#include <Guid/EventGroup.h>\r
35#include <Guid/PhysicalPresenceData.h>\r
36\r
37#define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))\r
38#define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))\r
39#define CONFIRM_BUFFER_SIZE 4096\r
0c18794e 40\r
41EFI_HII_HANDLE mPpStringPackHandle;\r
42\r
607599bf 43/**\r
44 Get string by string id from HII Interface.\r
45\r
46 @param[in] Id String ID.\r
47\r
48 @retval CHAR16 * String from ID.\r
49 @retval NULL If error occurs.\r
50\r
51**/\r
52CHAR16 *\r
53PhysicalPresenceGetStringById (\r
54 IN EFI_STRING_ID Id\r
55 )\r
56{\r
57 return HiiGetString (mPpStringPackHandle, Id, NULL);\r
58}\r
59\r
0c18794e 60/**\r
61 Get TPM physical presence permanent flags.\r
62\r
607599bf 63 @param[in] TcgProtocol EFI TCG Protocol instance. \r
64 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag. \r
65 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.\r
0c18794e 66 \r
67 @retval EFI_SUCCESS Flags were returns successfully.\r
68 @retval other Failed to locate EFI TCG Protocol.\r
69\r
70**/\r
71EFI_STATUS\r
72GetTpmCapability (\r
607599bf 73 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
0c18794e 74 OUT BOOLEAN *LifetimeLock,\r
75 OUT BOOLEAN *CmdEnable\r
76 )\r
77{\r
78 EFI_STATUS Status;\r
0c18794e 79 TPM_RQU_COMMAND_HDR *TpmRqu;\r
80 TPM_RSP_COMMAND_HDR *TpmRsp;\r
81 UINT32 *SendBufPtr;\r
82 UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r
83 TPM_PERMANENT_FLAGS *TpmPermanentFlags;\r
84 UINT8 RecvBuffer[40];\r
85 \r
0c18794e 86 //\r
87 // Fill request header\r
88 //\r
89 TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r
90 TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r
91 \r
607599bf 92 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
93 TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));\r
94 TpmRqu->ordinal = SwapBytes32 (TPM_ORD_GetCapability);\r
0c18794e 95\r
96 //\r
97 // Set request parameter\r
98 //\r
99 SendBufPtr = (UINT32*)(TpmRqu + 1);\r
607599bf 100 WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));\r
101 WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));\r
102 WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT)); \r
0c18794e 103 \r
104 Status = TcgProtocol->PassThroughToTpm (\r
105 TcgProtocol,\r
106 sizeof (SendBuffer),\r
107 (UINT8*)TpmRqu,\r
108 sizeof (RecvBuffer),\r
109 (UINT8*)&RecvBuffer\r
110 );\r
111 ASSERT_EFI_ERROR (Status);\r
607599bf 112 ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
0c18794e 113 ASSERT (TpmRsp->returnCode == 0);\r
114 \r
115 TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r
116 \r
117 if (LifetimeLock != NULL) {\r
118 *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r
119 }\r
120\r
121 if (CmdEnable != NULL) {\r
122 *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r
123 }\r
124\r
125 return Status;\r
126}\r
127\r
128/**\r
129 Issue TSC_PhysicalPresence command to TPM.\r
130\r
607599bf 131 @param[in] TcgProtocol EFI TCG Protocol instance. \r
0c18794e 132 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags. \r
133 \r
134 @retval EFI_SUCCESS TPM executed the command successfully.\r
135 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.\r
136 @retval other Failed to locate EFI TCG Protocol.\r
137\r
138**/\r
139EFI_STATUS\r
140TpmPhysicalPresence (\r
607599bf 141 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
0c18794e 142 IN TPM_PHYSICAL_PRESENCE PhysicalPresence\r
143 )\r
144{\r
145 EFI_STATUS Status;\r
0c18794e 146 TPM_RQU_COMMAND_HDR *TpmRqu;\r
147 TPM_PHYSICAL_PRESENCE *TpmPp;\r
148 TPM_RSP_COMMAND_HDR TpmRsp;\r
149 UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r
150\r
0c18794e 151 TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r
152 TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r
153\r
607599bf 154 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
155 TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));\r
156 TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);\r
157 WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence)); \r
0c18794e 158\r
159 Status = TcgProtocol->PassThroughToTpm (\r
160 TcgProtocol,\r
161 sizeof (Buffer),\r
162 (UINT8*)TpmRqu,\r
163 sizeof (TpmRsp),\r
164 (UINT8*)&TpmRsp\r
165 );\r
166 ASSERT_EFI_ERROR (Status);\r
607599bf 167 ASSERT (TpmRsp.tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
0c18794e 168 if (TpmRsp.returnCode != 0) {\r
169 //\r
170 // If it fails, some requirements may be needed for this command.\r
171 //\r
172 return EFI_SECURITY_VIOLATION;\r
173 }\r
607599bf 174 \r
0c18794e 175 return Status;\r
176}\r
177\r
178/**\r
179 Issue a TPM command for which no additional output data will be returned.\r
180\r
181 @param[in] TcgProtocol EFI TCG Protocol instance. \r
182 @param[in] Ordinal TPM command code. \r
183 @param[in] AdditionalParameterSize Additional parameter size. \r
184 @param[in] AdditionalParameters Pointer to the Additional paramaters. \r
185 \r
186 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
187 receiving response from TPM.\r
188 @retval Others Return code from the TPM device after command execution.\r
189\r
190**/\r
191TPM_RESULT\r
192TpmCommandNoReturnData (\r
193 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
194 IN TPM_COMMAND_CODE Ordinal,\r
195 IN UINTN AdditionalParameterSize,\r
196 IN VOID *AdditionalParameters\r
197 )\r
198{\r
199 EFI_STATUS Status;\r
200 TPM_RQU_COMMAND_HDR *TpmRqu;\r
201 TPM_RSP_COMMAND_HDR TpmRsp;\r
202 UINT32 Size;\r
203\r
607599bf 204 TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);\r
0c18794e 205 if (TpmRqu == NULL) {\r
206 return TPM_PP_BIOS_FAILURE;\r
207 }\r
208\r
607599bf 209 TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
0c18794e 210 Size = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r
607599bf 211 TpmRqu->paramSize = SwapBytes32 (Size);\r
212 TpmRqu->ordinal = SwapBytes32 (Ordinal);\r
213 CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r
0c18794e 214\r
215 Status = TcgProtocol->PassThroughToTpm (\r
216 TcgProtocol,\r
217 Size,\r
218 (UINT8*)TpmRqu,\r
219 (UINT32)sizeof (TpmRsp),\r
220 (UINT8*)&TpmRsp\r
221 );\r
222 FreePool (TpmRqu);\r
607599bf 223 if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {\r
0c18794e 224 return TPM_PP_BIOS_FAILURE;\r
225 }\r
607599bf 226 return SwapBytes32 (TpmRsp.returnCode);\r
0c18794e 227}\r
228\r
229/**\r
230 Execute physical presence operation requested by the OS.\r
231\r
607599bf 232 @param[in] TcgProtocol EFI TCG Protocol instance.\r
233 @param[in] CommandCode Physical presence operation value.\r
234 @param[in, out] PpiFlags The physical presence interface flags.\r
0c18794e 235 \r
236 @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.\r
237 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
238 receiving response from TPM.\r
239 @retval Others Return code from the TPM device after command execution.\r
240\r
241**/\r
242TPM_RESULT\r
243ExecutePhysicalPresence (\r
244 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
245 IN UINT8 CommandCode,\r
246 IN OUT UINT8 *PpiFlags\r
247 )\r
248{\r
249 BOOLEAN BoolVal;\r
250 TPM_RESULT TpmResponse;\r
251 UINT32 InData[5];\r
252\r
253 switch (CommandCode) {\r
607599bf 254 case PHYSICAL_PRESENCE_ENABLE:\r
0c18794e 255 return TpmCommandNoReturnData (\r
256 TcgProtocol,\r
257 TPM_ORD_PhysicalEnable,\r
258 0,\r
259 NULL\r
260 );\r
261\r
607599bf 262 case PHYSICAL_PRESENCE_DISABLE:\r
0c18794e 263 return TpmCommandNoReturnData (\r
264 TcgProtocol,\r
265 TPM_ORD_PhysicalDisable,\r
266 0,\r
267 NULL\r
268 );\r
269\r
607599bf 270 case PHYSICAL_PRESENCE_ACTIVATE:\r
0c18794e 271 BoolVal = FALSE;\r
272 return TpmCommandNoReturnData (\r
273 TcgProtocol,\r
274 TPM_ORD_PhysicalSetDeactivated,\r
275 sizeof (BoolVal),\r
276 &BoolVal\r
277 );\r
278\r
607599bf 279 case PHYSICAL_PRESENCE_DEACTIVATE:\r
0c18794e 280 BoolVal = TRUE;\r
281 return TpmCommandNoReturnData (\r
282 TcgProtocol,\r
283 TPM_ORD_PhysicalSetDeactivated,\r
284 sizeof (BoolVal),\r
285 &BoolVal\r
286 );\r
287\r
607599bf 288 case PHYSICAL_PRESENCE_CLEAR:\r
0c18794e 289 return TpmCommandNoReturnData (\r
290 TcgProtocol,\r
291 TPM_ORD_ForceClear,\r
292 0,\r
293 NULL\r
294 );\r
295\r
607599bf 296 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
297 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE, PpiFlags);\r
0c18794e 298 if (TpmResponse == 0) {\r
607599bf 299 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);\r
0c18794e 300 }\r
301 return TpmResponse;\r
302\r
607599bf 303 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
304 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE, PpiFlags);\r
0c18794e 305 if (TpmResponse == 0) {\r
607599bf 306 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);\r
0c18794e 307 }\r
308 return TpmResponse;\r
309\r
607599bf 310 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
0c18794e 311 BoolVal = TRUE;\r
312 return TpmCommandNoReturnData (\r
313 TcgProtocol,\r
314 TPM_ORD_SetOwnerInstall,\r
315 sizeof (BoolVal),\r
316 &BoolVal\r
317 );\r
318\r
607599bf 319 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
0c18794e 320 BoolVal = FALSE;\r
321 return TpmCommandNoReturnData (\r
322 TcgProtocol,\r
323 TPM_ORD_SetOwnerInstall,\r
324 sizeof (BoolVal),\r
325 &BoolVal\r
326 );\r
327\r
607599bf 328 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
0c18794e 329 //\r
607599bf 330 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE\r
331 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot\r
0c18794e 332 //\r
333 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
607599bf 334 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 335 *PpiFlags |= FLAG_RESET_TRACK;\r
336 } else {\r
607599bf 337 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);\r
0c18794e 338 *PpiFlags &= ~FLAG_RESET_TRACK;\r
339 }\r
340 return TpmResponse;\r
341\r
607599bf 342 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
343 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE, PpiFlags);\r
0c18794e 344 if (TpmResponse == 0) {\r
607599bf 345 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);\r
0c18794e 346 }\r
347 return TpmResponse;\r
348\r
607599bf 349 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
350 InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA); // CapabilityArea\r
351 InData[1] = SwapBytes32 (sizeof(UINT32)); // SubCapSize\r
352 InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r
353 InData[3] = SwapBytes32 (sizeof(UINT32)); // SetValueSize\r
354 InData[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0\r
0c18794e 355 return TpmCommandNoReturnData (\r
356 TcgProtocol,\r
357 TPM_ORD_SetCapability,\r
358 sizeof (UINT32) * 5,\r
359 InData\r
360 );\r
361\r
607599bf 362 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 363 //\r
364 // TPM_SetOperatorAuth\r
365 // This command requires UI to prompt user for Auth data\r
366 // Here it is NOT implemented\r
367 //\r
368 return TPM_PP_BIOS_FAILURE;\r
369\r
607599bf 370 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
371 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
0c18794e 372 if (TpmResponse == 0) {\r
607599bf 373 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 374 }\r
375 return TpmResponse;\r
376\r
607599bf 377 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
0c18794e 378 *PpiFlags &= ~FLAG_NO_PPI_PROVISION;\r
379 return 0;\r
380\r
607599bf 381 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
0c18794e 382 *PpiFlags |= FLAG_NO_PPI_PROVISION;\r
383 return 0;\r
384\r
607599bf 385 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
0c18794e 386 *PpiFlags &= ~FLAG_NO_PPI_CLEAR;\r
387 return 0;\r
388\r
607599bf 389 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
0c18794e 390 *PpiFlags |= FLAG_NO_PPI_CLEAR;\r
391 return 0;\r
392\r
607599bf 393 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
0c18794e 394 *PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;\r
395 return 0;\r
396\r
607599bf 397 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
0c18794e 398 *PpiFlags |= FLAG_NO_PPI_MAINTENANCE;\r
399 return 0;\r
400 \r
607599bf 401 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
1f728ac7 402 //\r
403 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR\r
404 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.\r
405 //\r
406 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
407 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
408 *PpiFlags |= FLAG_RESET_TRACK;\r
409 } else {\r
607599bf 410 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
1f728ac7 411 *PpiFlags &= ~FLAG_RESET_TRACK;\r
0c18794e 412 }\r
413 return TpmResponse;\r
414\r
607599bf 415 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 416 //\r
607599bf 417 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE\r
1f728ac7 418 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.\r
0c18794e 419 //\r
420 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
607599bf 421 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 422 *PpiFlags |= FLAG_RESET_TRACK;\r
423 } else {\r
607599bf 424 TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);\r
0c18794e 425 *PpiFlags &= ~FLAG_RESET_TRACK;\r
426 } \r
427 return TpmResponse;\r
428\r
429 default:\r
430 ;\r
431 }\r
432 return TPM_PP_BIOS_FAILURE;\r
433}\r
434\r
435\r
436/**\r
437 Read the specified key for user confirmation.\r
438\r
439 @param[in] CautionKey If true, F12 is used as confirm key;\r
440 If false, F10 is used as confirm key.\r
441\r
442 @retval TRUE User confirmed the changes by input.\r
443 @retval FALSE User discarded the changes.\r
444\r
445**/\r
446BOOLEAN\r
447ReadUserKey (\r
448 IN BOOLEAN CautionKey\r
449 )\r
450{\r
451 EFI_STATUS Status;\r
452 EFI_INPUT_KEY Key;\r
453 UINT16 InputKey;\r
0c18794e 454 \r
455 InputKey = 0; \r
456 do {\r
457 Status = gBS->CheckEvent (gST->ConIn->WaitForKey);\r
458 if (!EFI_ERROR (Status)) {\r
459 Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r
460 if (Key.ScanCode == SCAN_ESC) {\r
461 InputKey = Key.ScanCode;\r
462 }\r
463 if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r
464 InputKey = Key.ScanCode;\r
465 }\r
466 if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r
467 InputKey = Key.ScanCode;\r
468 }\r
469 } \r
470 } while (InputKey == 0);\r
471\r
0c18794e 472 if (InputKey != SCAN_ESC) {\r
473 return TRUE;\r
474 }\r
475 \r
476 return FALSE;\r
477}\r
478\r
607599bf 479/**\r
480 The constructor function register UNI strings into imageHandle.\r
481 \r
482 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS. \r
483\r
484 @param ImageHandle The firmware allocated handle for the EFI image.\r
485 @param SystemTable A pointer to the EFI System Table.\r
486 \r
487 @retval EFI_SUCCESS The constructor successfully added string package.\r
488 @retval Other value The constructor can't add string package.\r
489\r
490**/\r
491EFI_STATUS\r
492EFIAPI\r
493TcgPhysicalPresenceLibConstructor (\r
494 IN EFI_HANDLE ImageHandle,\r
495 IN EFI_SYSTEM_TABLE *SystemTable\r
496 )\r
497{\r
6f0b8648 498 mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);\r
607599bf 499 ASSERT (mPpStringPackHandle != NULL);\r
500\r
501 return EFI_SUCCESS;\r
502}\r
503\r
0c18794e 504/**\r
505 Display the confirm text and get user confirmation.\r
506\r
507 @param[in] TpmPpCommand The requested TPM physical presence command.\r
508\r
607599bf 509 @retval TRUE The user has confirmed the changes.\r
510 @retval FALSE The user doesn't confirm the changes.\r
0c18794e 511**/\r
512BOOLEAN\r
513UserConfirm (\r
514 IN UINT8 TpmPpCommand\r
515 )\r
516{\r
517 CHAR16 *ConfirmText;\r
518 CHAR16 *TmpStr1;\r
519 CHAR16 *TmpStr2; \r
520 UINTN BufSize;\r
521 BOOLEAN CautionKey;\r
522 UINT16 Index;\r
523 CHAR16 DstStr[81];\r
524 \r
525 TmpStr2 = NULL;\r
526 CautionKey = FALSE;\r
527 BufSize = CONFIRM_BUFFER_SIZE;\r
528 ConfirmText = AllocateZeroPool (BufSize);\r
529 ASSERT (ConfirmText != NULL);\r
530\r
0c18794e 531 switch (TpmPpCommand) {\r
607599bf 532 case PHYSICAL_PRESENCE_ENABLE:\r
533 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));\r
0c18794e 534 \r
607599bf 535 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 536 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
537 FreePool (TmpStr1);\r
538\r
607599bf 539 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 540 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
541 FreePool (TmpStr1);\r
542 break;\r
543\r
607599bf 544 case PHYSICAL_PRESENCE_DISABLE:\r
545 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));\r
0c18794e 546 \r
607599bf 547 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 548 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
549 FreePool (TmpStr1);\r
550\r
607599bf 551 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 552 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
553 FreePool (TmpStr1);\r
554\r
607599bf 555 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 556 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
557 FreePool (TmpStr1);\r
558 break;\r
559 \r
607599bf 560 case PHYSICAL_PRESENCE_ACTIVATE:\r
561 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));\r
0c18794e 562 \r
607599bf 563 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 564 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
565 FreePool (TmpStr1);\r
566\r
607599bf 567 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 568 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
569 FreePool (TmpStr1);\r
570 break;\r
571\r
607599bf 572 case PHYSICAL_PRESENCE_DEACTIVATE:\r
573 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));\r
0c18794e 574\r
607599bf 575 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 576 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
577 FreePool (TmpStr1);\r
578\r
607599bf 579 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 580 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
581 FreePool (TmpStr1);\r
582\r
607599bf 583 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 584 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
585 FreePool (TmpStr1); \r
586 break;\r
587\r
607599bf 588 case PHYSICAL_PRESENCE_CLEAR:\r
0c18794e 589 CautionKey = TRUE;\r
607599bf 590 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
0c18794e 591\r
607599bf 592 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 593 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
594 FreePool (TmpStr1);\r
595\r
607599bf 596 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 597 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
598 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
599 FreePool (TmpStr1); \r
600\r
607599bf 601 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 602 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
603 FreePool (TmpStr1);\r
604 break;\r
605\r
607599bf 606 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
607 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE));\r
0c18794e 608\r
607599bf 609 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 610 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
611 FreePool (TmpStr1);\r
612\r
607599bf 613 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 614 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
615 FreePool (TmpStr1);\r
616\r
607599bf 617 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 618 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
619 FreePool (TmpStr1);\r
620 break;\r
621\r
607599bf 622 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
623 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));\r
0c18794e 624 \r
607599bf 625 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 626 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
627 FreePool (TmpStr1);\r
628\r
607599bf 629 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
0c18794e 630 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
631 FreePool (TmpStr1);\r
632 \r
607599bf 633 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 634 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
635 FreePool (TmpStr1);\r
636\r
607599bf 637 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 638 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
639 FreePool (TmpStr1);\r
640 break;\r
641\r
607599bf 642 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
643 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));\r
0c18794e 644 \r
607599bf 645 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 646 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
647 FreePool (TmpStr1);\r
648\r
607599bf 649 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 650 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
651 FreePool (TmpStr1);\r
652 break;\r
653\r
607599bf 654 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
655 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));\r
0c18794e 656 \r
607599bf 657 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 658 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
659 FreePool (TmpStr1);\r
660\r
607599bf 661 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 662 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
663 FreePool (TmpStr1);\r
664 break;\r
665\r
607599bf 666 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
667 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));\r
0c18794e 668\r
607599bf 669 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 670 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
671 FreePool (TmpStr1);\r
672\r
607599bf 673 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 674 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
675 FreePool (TmpStr1);\r
676\r
607599bf 677 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 678 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
679 FreePool (TmpStr1);\r
680 break;\r
681\r
607599bf 682 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
683 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));\r
0c18794e 684 \r
607599bf 685 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR)); \r
0c18794e 686 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
687 FreePool (TmpStr1);\r
688\r
607599bf 689 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
0c18794e 690 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
691 FreePool (TmpStr1);\r
692 \r
607599bf 693 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
0c18794e 694 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
695 FreePool (TmpStr1);\r
696\r
607599bf 697 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 698 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
699 FreePool (TmpStr1);\r
700 break;\r
701\r
607599bf 702 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
0c18794e 703 CautionKey = TRUE;\r
607599bf 704 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));\r
0c18794e 705 \r
607599bf 706 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR)); \r
0c18794e 707 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
708 FreePool (TmpStr1);\r
709 \r
607599bf 710 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
0c18794e 711 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
712 FreePool (TmpStr1);\r
713\r
607599bf 714 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 715 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
716 FreePool (TmpStr1);\r
717 break;\r
718\r
607599bf 719 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 720 //\r
721 // TPM_SetOperatorAuth\r
722 // This command requires UI to prompt user for Auth data\r
723 // Here it is NOT implemented\r
724 //\r
725 break;\r
726\r
607599bf 727 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 728 CautionKey = TRUE;\r
607599bf 729 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));\r
0c18794e 730\r
607599bf 731 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 732 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
733 FreePool (TmpStr1);\r
734\r
607599bf 735 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 736 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
737 FreePool (TmpStr1);\r
738\r
607599bf 739 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 740 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
741 FreePool (TmpStr1);\r
742\r
607599bf 743 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
0c18794e 744 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
745 FreePool (TmpStr1);\r
746\r
607599bf 747 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 748 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
749 FreePool (TmpStr1);\r
750 break;\r
751\r
607599bf 752 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
753 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION));\r
0c18794e 754\r
607599bf 755 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 756 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
757 FreePool (TmpStr1);\r
758\r
607599bf 759 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
0c18794e 760 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
761 FreePool (TmpStr1);\r
762\r
607599bf 763 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 764 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
765 FreePool (TmpStr1);\r
766 break;\r
767\r
607599bf 768 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
0c18794e 769 CautionKey = TRUE;\r
607599bf 770 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
0c18794e 771\r
607599bf 772 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 773 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
774 FreePool (TmpStr1);\r
775\r
607599bf 776 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));\r
0c18794e 777 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
778 FreePool (TmpStr1);\r
779\r
607599bf 780 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 781 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
782 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
783 FreePool (TmpStr1); \r
784\r
607599bf 785 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 786 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
787 FreePool (TmpStr1);\r
788\r
607599bf 789 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 790 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
791 FreePool (TmpStr1);\r
792 break;\r
793\r
607599bf 794 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
0c18794e 795 CautionKey = TRUE;\r
607599bf 796 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));\r
0c18794e 797\r
607599bf 798 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
0c18794e 799 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
800 FreePool (TmpStr1);\r
801\r
607599bf 802 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
0c18794e 803 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
804 FreePool (TmpStr1);\r
805\r
607599bf 806 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 807 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
808 FreePool (TmpStr1);\r
809\r
607599bf 810 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
0c18794e 811 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
812 FreePool (TmpStr1);\r
813 break;\r
814\r
607599bf 815 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
0c18794e 816 CautionKey = TRUE;\r
607599bf 817 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));\r
0c18794e 818\r
607599bf 819 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 820 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
821 FreePool (TmpStr1);\r
822\r
607599bf 823 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 824 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
825 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
826 FreePool (TmpStr1);\r
827\r
607599bf 828 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 829 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
830 FreePool (TmpStr1);\r
831 break;\r
832\r
607599bf 833 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 834 CautionKey = TRUE;\r
607599bf 835 TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));\r
0c18794e 836\r
607599bf 837 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
0c18794e 838 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
839 FreePool (TmpStr1);\r
840\r
607599bf 841 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
0c18794e 842 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
843 FreePool (TmpStr1);\r
844\r
607599bf 845 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
0c18794e 846 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
847 FreePool (TmpStr1);\r
848\r
607599bf 849 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
0c18794e 850 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
851 FreePool (TmpStr1);\r
852\r
607599bf 853 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
0c18794e 854 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
855 FreePool (TmpStr1);\r
856 break;\r
857\r
858 default:\r
859 ;\r
860 }\r
861\r
862 if (TmpStr2 == NULL) {\r
863 FreePool (ConfirmText);\r
864 return FALSE;\r
865 }\r
866\r
607599bf 867 TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));\r
0c18794e 868 BufSize -= StrSize (ConfirmText);\r
869 UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r
870\r
871 DstStr[80] = L'\0';\r
872 for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r
873 StrnCpy(DstStr, ConfirmText + Index, 80); \r
874 Print (DstStr); \r
875 }\r
876 \r
877 FreePool (TmpStr1);\r
878 FreePool (TmpStr2);\r
879 FreePool (ConfirmText);\r
880\r
881 if (ReadUserKey (CautionKey)) {\r
882 return TRUE;\r
883 }\r
884\r
885 return FALSE; \r
886}\r
887\r
888/**\r
889 Check and execute the requested physical presence command.\r
607599bf 890\r
dc204d5a
JY		 891 Caution: This function may receive untrusted input.\r
892 TcgPpData variable is external input, so this function will validate\r
893 its data structure to be valid value.\r
894\r
607599bf 895 @param[in] TcgProtocol EFI TCG Protocol instance. \r
896 @param[in] TcgPpData Point to the physical presence NV variable.\r
0c18794e 897\r
898**/\r
899VOID\r
900ExecutePendingTpmRequest (\r
607599bf 901 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
902 IN EFI_PHYSICAL_PRESENCE *TcgPpData\r
0c18794e 903 )\r
904{\r
905 EFI_STATUS Status;\r
0c18794e 906 UINTN DataSize;\r
907 UINT8 Flags;\r
908 BOOLEAN RequestConfirmed;\r
909\r
910 Flags = TcgPpData->Flags;\r
911 RequestConfirmed = FALSE; \r
912 switch (TcgPpData->PPRequest) {\r
607599bf 913 case PHYSICAL_PRESENCE_NO_ACTION:\r
0c18794e 914 return;\r
607599bf 915 case PHYSICAL_PRESENCE_ENABLE:\r
916 case PHYSICAL_PRESENCE_DISABLE:\r
917 case PHYSICAL_PRESENCE_ACTIVATE:\r
918 case PHYSICAL_PRESENCE_DEACTIVATE:\r
919 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
920 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
921 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
922 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
923 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
924 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
925 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
0c18794e 926 if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
927 RequestConfirmed = TRUE;\r
928 }\r
929 break;\r
930\r
607599bf 931 case PHYSICAL_PRESENCE_CLEAR:\r
932 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
0c18794e 933 if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
934 RequestConfirmed = TRUE;\r
935 }\r
936 break;\r
937\r
607599bf 938 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
0c18794e 939 if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
940 RequestConfirmed = TRUE;\r
941 }\r
942 break;\r
943\r
607599bf 944 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
945 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
0c18794e 946 if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
947 RequestConfirmed = TRUE;\r
948 }\r
949 break; \r
950\r
607599bf 951 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
952 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
953 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
0c18794e 954 RequestConfirmed = TRUE;\r
955 break;\r
568e7b27 956 \r
477be7c4 957 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
958 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
959 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
960 break;\r
961 \r
568e7b27 962 default:\r
963 //\r
964 // Invalid operation request.\r
965 //\r
966 TcgPpData->PPResponse = TPM_PP_BIOS_FAILURE;\r
967 TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
968 TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r
969 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
970 Status = gRT->SetVariable (\r
971 PHYSICAL_PRESENCE_VARIABLE,\r
972 &gEfiPhysicalPresenceGuid,\r
973 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
974 DataSize,\r
975 TcgPpData\r
976 );\r
977 return;\r
0c18794e 978 }\r
979\r
980 if ((Flags & FLAG_RESET_TRACK) != 0) {\r
981 //\r
982 // It had been confirmed in last boot, it doesn't need confirm again.\r
983 //\r
984 RequestConfirmed = TRUE;\r
985 }\r
986\r
987 if (!RequestConfirmed) {\r
988 //\r
989 // Print confirm text and wait for approval. \r
990 //\r
991 RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r
992 }\r
993\r
994 //\r
607599bf 995 // Execute requested physical presence command\r
0c18794e 996 //\r
997 TcgPpData->PPResponse = TPM_PP_USER_ABORT;\r
998 if (RequestConfirmed) {\r
0c18794e 999 TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &TcgPpData->Flags);\r
1000 }\r
1001\r
1002 //\r
1003 // Clear request\r
1004 //\r
1005 if ((TcgPpData->Flags & FLAG_RESET_TRACK) == 0) {\r
1006 TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
568e7b27 1007 TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION; \r
0c18794e 1008 }\r
1009\r
1010 //\r
1011 // Save changes\r
1012 //\r
1013 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1014 Status = gRT->SetVariable (\r
1015 PHYSICAL_PRESENCE_VARIABLE,\r
1016 &gEfiPhysicalPresenceGuid,\r
1017 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
1018 DataSize,\r
1019 TcgPpData\r
1020 );\r
1021 if (EFI_ERROR (Status)) {\r
1022 return;\r
1023 }\r
1024\r
1025 if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {\r
1026 return;\r
1027 }\r
1028\r
1029 //\r
1030 // Reset system to make new TPM settings in effect\r
1031 //\r
1032 switch (TcgPpData->LastPPRequest) {\r
607599bf 1033 case PHYSICAL_PRESENCE_ACTIVATE:\r
1034 case PHYSICAL_PRESENCE_DEACTIVATE:\r
1035 case PHYSICAL_PRESENCE_CLEAR:\r
1036 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
1037 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
1038 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
1039 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
1040 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
1041 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
1042 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
1043 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: \r
0c18794e 1044 break;\r
1045 default:\r
568e7b27 1046 if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {\r
0c18794e 1047 break;\r
1048 }\r
1049 return;\r
1050 }\r
1051\r
1052 Print (L"Rebooting system to make TPM settings in effect\n");\r
1053 gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r
1054 ASSERT (FALSE); \r
1055}\r
1056\r
1057/**\r
607599bf 1058 Check and execute the pending TPM request and Lock TPM.\r
0c18794e 1059\r
607599bf 1060 The TPM request may come from OS or BIOS. This API will display request information and wait \r
1061 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r
1062 the TPM request is confirmed, and one or more reset may be required to make TPM request to \r
1063 take effect. At last, it will lock TPM to prevent TPM state change by malware.\r
1064 \r
1065 This API should be invoked after console in and console out are all ready as they are required\r
1066 to display request information and get user input to confirm the request. This API should also \r
1067 be invoked as early as possible as TPM is locked in this function.\r
1068 \r
0c18794e 1069**/\r
1070VOID\r
1071EFIAPI\r
607599bf 1072TcgPhysicalPresenceLibProcessRequest (\r
1073 VOID\r
0c18794e 1074 )\r
1075{\r
1076 EFI_STATUS Status;\r
1077 BOOLEAN LifetimeLock;\r
1078 BOOLEAN CmdEnable;\r
1079 UINTN DataSize;\r
1080 EFI_PHYSICAL_PRESENCE TcgPpData;\r
607599bf 1081 EFI_TCG_PROTOCOL *TcgProtocol;\r
1082 \r
1083 Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
1084 if (EFI_ERROR (Status)) {\r
1085 return ;\r
1086 }\r
0c18794e 1087 \r
1088 //\r
607599bf 1089 // Initialize physical presence variable.\r
0c18794e 1090 //\r
1091 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1092 Status = gRT->GetVariable (\r
1093 PHYSICAL_PRESENCE_VARIABLE,\r
1094 &gEfiPhysicalPresenceGuid,\r
1095 NULL,\r
1096 &DataSize,\r
1097 &TcgPpData\r
1098 );\r
607599bf 1099 if (EFI_ERROR (Status)) {\r
1100 if (Status == EFI_NOT_FOUND) {\r
1101 ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r
1102 TcgPpData.Flags |= FLAG_NO_PPI_PROVISION;\r
1103 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1104 Status = gRT->SetVariable (\r
1105 PHYSICAL_PRESENCE_VARIABLE,\r
1106 &gEfiPhysicalPresenceGuid,\r
1107 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
1108 DataSize,\r
1109 &TcgPpData\r
1110 );\r
1111 }\r
1112 ASSERT_EFI_ERROR (Status);\r
1113 }\r
1114\r
0c18794e 1115 DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", TcgPpData.Flags, TcgPpData.PPRequest));\r
607599bf 1116\r
1117 Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r
0c18794e 1118 if (EFI_ERROR (Status)) {\r
1119 return ;\r
1120 }\r
607599bf 1121 \r
0c18794e 1122 if (!CmdEnable) {\r
1123 if (LifetimeLock) {\r
1124 //\r
1125 // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r
1126 //\r
1127 return ;\r
1128 }\r
607599bf 1129 Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r
0c18794e 1130 if (EFI_ERROR (Status)) {\r
1131 return ;\r
1132 }\r
1133 }\r
607599bf 1134 \r
0c18794e 1135 //\r
1136 // Set operator physical presence flags\r
1137 //\r
607599bf 1138 TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT);\r
1139\r
0c18794e 1140 //\r
1141 // Execute pending TPM request.\r
1142 // \r
607599bf 1143 ExecutePendingTpmRequest (TcgProtocol, &TcgPpData);\r
0c18794e 1144 DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r
1145\r
1146 //\r
1147 // Lock physical presence.\r
1148 //\r
607599bf 1149 TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r
0c18794e 1150}\r
1151\r
EFI Development Kit II mirror for PVE