]> git.proxmox.com Git - mirror_edk2.git/blame - SecurityPkg/Tcg/PhysicalPresenceDxe/PhysicalPresence.c
projects / mirror_edk2.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Add security package to repository.
[mirror_edk2.git] / SecurityPkg / Tcg / PhysicalPresenceDxe / PhysicalPresence.c
CommitLineData
0c18794e 1/** @file\r
2 This driver checks whether there is pending TPM request. If yes, \r
3 it will display TPM request information and ask for user confirmation.\r
4 The TPM request will be cleared after it is processed. \r
5 \r
6Copyright (c) 2006 - 2011, Intel Corporation. All rights reserved.<BR>\r
7This program and the accompanying materials \r
8are licensed and made available under the terms and conditions of the BSD License \r
9which accompanies this distribution. The full text of the license may be found at \r
10http://opensource.org/licenses/bsd-license.php\r
11\r
12THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
13WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
14\r
15**/\r
16\r
17#include "PhysicalPresence.h"\r
18\r
19EFI_HII_HANDLE mPpStringPackHandle;\r
20\r
21/**\r
22 Get TPM physical presence permanent flags.\r
23\r
24 @param[out] LifetimeLock Returns physicalPresenceLifetimeLock permanent flag. \r
25 @param[out] CmdEnable Returns physicalPresenceCMDEnable permanent flag.\r
26 \r
27 @retval EFI_SUCCESS Flags were returns successfully.\r
28 @retval other Failed to locate EFI TCG Protocol.\r
29\r
30**/\r
31EFI_STATUS\r
32GetTpmCapability (\r
33 OUT BOOLEAN *LifetimeLock,\r
34 OUT BOOLEAN *CmdEnable\r
35 )\r
36{\r
37 EFI_STATUS Status;\r
38 EFI_TCG_PROTOCOL *TcgProtocol;\r
39 TPM_RQU_COMMAND_HDR *TpmRqu;\r
40 TPM_RSP_COMMAND_HDR *TpmRsp;\r
41 UINT32 *SendBufPtr;\r
42 UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r
43 TPM_PERMANENT_FLAGS *TpmPermanentFlags;\r
44 UINT8 RecvBuffer[40];\r
45 \r
46 Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
47 if (EFI_ERROR (Status)) {\r
48 return Status;\r
49 }\r
50\r
51 //\r
52 // Fill request header\r
53 //\r
54 TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r
55 TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r
56 \r
57 TpmRqu->tag = H2NS (TPM_TAG_RQU_COMMAND);\r
58 TpmRqu->paramSize = H2NL (sizeof (SendBuffer));\r
59 TpmRqu->ordinal = H2NL (TPM_ORD_GetCapability);\r
60\r
61 //\r
62 // Set request parameter\r
63 //\r
64 SendBufPtr = (UINT32*)(TpmRqu + 1);\r
65 WriteUnaligned32 (SendBufPtr++, H2NL (TPM_CAP_FLAG));\r
66 WriteUnaligned32 (SendBufPtr++, H2NL (sizeof (TPM_CAP_FLAG_PERMANENT)));\r
67 WriteUnaligned32 (SendBufPtr, H2NL (TPM_CAP_FLAG_PERMANENT)); \r
68 \r
69 Status = TcgProtocol->PassThroughToTpm (\r
70 TcgProtocol,\r
71 sizeof (SendBuffer),\r
72 (UINT8*)TpmRqu,\r
73 sizeof (RecvBuffer),\r
74 (UINT8*)&RecvBuffer\r
75 );\r
76 ASSERT_EFI_ERROR (Status);\r
77 ASSERT (TpmRsp->tag == H2NS (TPM_TAG_RSP_COMMAND));\r
78 ASSERT (TpmRsp->returnCode == 0);\r
79 \r
80 TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r
81 \r
82 if (LifetimeLock != NULL) {\r
83 *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r
84 }\r
85\r
86 if (CmdEnable != NULL) {\r
87 *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r
88 }\r
89\r
90 return Status;\r
91}\r
92\r
93/**\r
94 Issue TSC_PhysicalPresence command to TPM.\r
95\r
96 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags. \r
97 \r
98 @retval EFI_SUCCESS TPM executed the command successfully.\r
99 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.\r
100 @retval other Failed to locate EFI TCG Protocol.\r
101\r
102**/\r
103EFI_STATUS\r
104TpmPhysicalPresence (\r
105 IN TPM_PHYSICAL_PRESENCE PhysicalPresence\r
106 )\r
107{\r
108 EFI_STATUS Status;\r
109 EFI_TCG_PROTOCOL *TcgProtocol;\r
110 TPM_RQU_COMMAND_HDR *TpmRqu;\r
111 TPM_PHYSICAL_PRESENCE *TpmPp;\r
112 TPM_RSP_COMMAND_HDR TpmRsp;\r
113 UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r
114\r
115 Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
116 if (EFI_ERROR (Status)) {\r
117 return Status;\r
118 }\r
119\r
120 TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r
121 TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r
122\r
123 TpmRqu->tag = H2NS (TPM_TAG_RQU_COMMAND);\r
124 TpmRqu->paramSize = H2NL (sizeof (Buffer));\r
125 TpmRqu->ordinal = H2NL (TSC_ORD_PhysicalPresence);\r
126 WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) H2NS (PhysicalPresence)); \r
127\r
128 Status = TcgProtocol->PassThroughToTpm (\r
129 TcgProtocol,\r
130 sizeof (Buffer),\r
131 (UINT8*)TpmRqu,\r
132 sizeof (TpmRsp),\r
133 (UINT8*)&TpmRsp\r
134 );\r
135 ASSERT_EFI_ERROR (Status);\r
136 ASSERT (TpmRsp.tag == H2NS (TPM_TAG_RSP_COMMAND));\r
137 if (TpmRsp.returnCode != 0) {\r
138 //\r
139 // If it fails, some requirements may be needed for this command.\r
140 //\r
141 return EFI_SECURITY_VIOLATION;\r
142 }\r
143 return Status;\r
144}\r
145\r
146/**\r
147 Issue a TPM command for which no additional output data will be returned.\r
148\r
149 @param[in] TcgProtocol EFI TCG Protocol instance. \r
150 @param[in] Ordinal TPM command code. \r
151 @param[in] AdditionalParameterSize Additional parameter size. \r
152 @param[in] AdditionalParameters Pointer to the Additional paramaters. \r
153 \r
154 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
155 receiving response from TPM.\r
156 @retval Others Return code from the TPM device after command execution.\r
157\r
158**/\r
159TPM_RESULT\r
160TpmCommandNoReturnData (\r
161 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
162 IN TPM_COMMAND_CODE Ordinal,\r
163 IN UINTN AdditionalParameterSize,\r
164 IN VOID *AdditionalParameters\r
165 )\r
166{\r
167 EFI_STATUS Status;\r
168 TPM_RQU_COMMAND_HDR *TpmRqu;\r
169 TPM_RSP_COMMAND_HDR TpmRsp;\r
170 UINT32 Size;\r
171\r
172 TpmRqu = (TPM_RQU_COMMAND_HDR*)AllocatePool (\r
173 sizeof (*TpmRqu) + AdditionalParameterSize\r
174 );\r
175 if (TpmRqu == NULL) {\r
176 return TPM_PP_BIOS_FAILURE;\r
177 }\r
178\r
179 TpmRqu->tag = H2NS (TPM_TAG_RQU_COMMAND);\r
180 Size = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r
181 TpmRqu->paramSize = H2NL (Size);\r
182 TpmRqu->ordinal = H2NL (Ordinal);\r
183 gBS->CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r
184\r
185 Status = TcgProtocol->PassThroughToTpm (\r
186 TcgProtocol,\r
187 Size,\r
188 (UINT8*)TpmRqu,\r
189 (UINT32)sizeof (TpmRsp),\r
190 (UINT8*)&TpmRsp\r
191 );\r
192 FreePool (TpmRqu);\r
193 if (EFI_ERROR (Status) || (TpmRsp.tag != H2NS (TPM_TAG_RSP_COMMAND))) {\r
194 return TPM_PP_BIOS_FAILURE;\r
195 }\r
196 return H2NL (TpmRsp.returnCode);\r
197}\r
198\r
199/**\r
200 Execute physical presence operation requested by the OS.\r
201\r
202 @param[in] TcgProtocol EFI TCG Protocol instance. \r
203 @param[in] CommandCode Physical presence operation value. \r
204 @param[in, out] PpiFlags The physical presence interface flags. \r
205 \r
206 @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.\r
207 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or \r
208 receiving response from TPM.\r
209 @retval Others Return code from the TPM device after command execution.\r
210\r
211**/\r
212TPM_RESULT\r
213ExecutePhysicalPresence (\r
214 IN EFI_TCG_PROTOCOL *TcgProtocol,\r
215 IN UINT8 CommandCode,\r
216 IN OUT UINT8 *PpiFlags\r
217 )\r
218{\r
219 BOOLEAN BoolVal;\r
220 TPM_RESULT TpmResponse;\r
221 UINT32 InData[5];\r
222\r
223 switch (CommandCode) {\r
224 case ENABLE:\r
225 return TpmCommandNoReturnData (\r
226 TcgProtocol,\r
227 TPM_ORD_PhysicalEnable,\r
228 0,\r
229 NULL\r
230 );\r
231\r
232 case DISABLE:\r
233 return TpmCommandNoReturnData (\r
234 TcgProtocol,\r
235 TPM_ORD_PhysicalDisable,\r
236 0,\r
237 NULL\r
238 );\r
239\r
240 case ACTIVATE:\r
241 BoolVal = FALSE;\r
242 return TpmCommandNoReturnData (\r
243 TcgProtocol,\r
244 TPM_ORD_PhysicalSetDeactivated,\r
245 sizeof (BoolVal),\r
246 &BoolVal\r
247 );\r
248\r
249 case DEACTIVATE:\r
250 BoolVal = TRUE;\r
251 return TpmCommandNoReturnData (\r
252 TcgProtocol,\r
253 TPM_ORD_PhysicalSetDeactivated,\r
254 sizeof (BoolVal),\r
255 &BoolVal\r
256 );\r
257\r
258 case CLEAR:\r
259 return TpmCommandNoReturnData (\r
260 TcgProtocol,\r
261 TPM_ORD_ForceClear,\r
262 0,\r
263 NULL\r
264 );\r
265\r
266 case ENABLE_ACTIVATE:\r
267 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ENABLE, PpiFlags);\r
268 if (TpmResponse == 0) {\r
269 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ACTIVATE, PpiFlags);\r
270 }\r
271 return TpmResponse;\r
272\r
273 case DEACTIVATE_DISABLE:\r
274 TpmResponse = ExecutePhysicalPresence (TcgProtocol, DEACTIVATE, PpiFlags);\r
275 if (TpmResponse == 0) {\r
276 TpmResponse = ExecutePhysicalPresence (TcgProtocol, DISABLE, PpiFlags);\r
277 }\r
278 return TpmResponse;\r
279\r
280 case SET_OWNER_INSTALL_TRUE:\r
281 BoolVal = TRUE;\r
282 return TpmCommandNoReturnData (\r
283 TcgProtocol,\r
284 TPM_ORD_SetOwnerInstall,\r
285 sizeof (BoolVal),\r
286 &BoolVal\r
287 );\r
288\r
289 case SET_OWNER_INSTALL_FALSE:\r
290 BoolVal = FALSE;\r
291 return TpmCommandNoReturnData (\r
292 TcgProtocol,\r
293 TPM_ORD_SetOwnerInstall,\r
294 sizeof (BoolVal),\r
295 &BoolVal\r
296 );\r
297\r
298 case ENABLE_ACTIVATE_OWNER_TRUE:\r
299 //\r
300 // ENABLE_ACTIVATE + SET_OWNER_INSTALL_TRUE\r
301 // SET_OWNER_INSTALL_TRUE will be executed atfer reboot\r
302 //\r
303 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
304 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ENABLE_ACTIVATE, PpiFlags);\r
305 *PpiFlags |= FLAG_RESET_TRACK;\r
306 } else {\r
307 TpmResponse = ExecutePhysicalPresence (TcgProtocol, SET_OWNER_INSTALL_TRUE, PpiFlags);\r
308 *PpiFlags &= ~FLAG_RESET_TRACK;\r
309 }\r
310 return TpmResponse;\r
311\r
312 case DEACTIVATE_DISABLE_OWNER_FALSE:\r
313 TpmResponse = ExecutePhysicalPresence (TcgProtocol, SET_OWNER_INSTALL_FALSE, PpiFlags);\r
314 if (TpmResponse == 0) {\r
315 TpmResponse = ExecutePhysicalPresence (TcgProtocol, DEACTIVATE_DISABLE, PpiFlags);\r
316 }\r
317 return TpmResponse;\r
318\r
319 case DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
320 InData[0] = H2NL (TPM_SET_STCLEAR_DATA); // CapabilityArea\r
321 InData[1] = H2NL (sizeof(UINT32)); // SubCapSize\r
322 InData[2] = H2NL (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r
323 InData[3] = H2NL (sizeof(UINT32)); // SetValueSize\r
324 InData[4] = H2NL (1); // UnownedFieldUpgrade; bit0\r
325 return TpmCommandNoReturnData (\r
326 TcgProtocol,\r
327 TPM_ORD_SetCapability,\r
328 sizeof (UINT32) * 5,\r
329 InData\r
330 );\r
331\r
332 case SET_OPERATOR_AUTH:\r
333 //\r
334 // TPM_SetOperatorAuth\r
335 // This command requires UI to prompt user for Auth data\r
336 // Here it is NOT implemented\r
337 //\r
338 return TPM_PP_BIOS_FAILURE;\r
339\r
340 case CLEAR_ENABLE_ACTIVATE:\r
341 TpmResponse = ExecutePhysicalPresence (TcgProtocol, CLEAR, PpiFlags);\r
342 if (TpmResponse == 0) {\r
343 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ENABLE_ACTIVATE, PpiFlags);\r
344 }\r
345 return TpmResponse;\r
346\r
347 case SET_NO_PPI_PROVISION_FALSE:\r
348 *PpiFlags &= ~FLAG_NO_PPI_PROVISION;\r
349 return 0;\r
350\r
351 case SET_NO_PPI_PROVISION_TRUE:\r
352 *PpiFlags |= FLAG_NO_PPI_PROVISION;\r
353 return 0;\r
354\r
355 case SET_NO_PPI_CLEAR_FALSE:\r
356 *PpiFlags &= ~FLAG_NO_PPI_CLEAR;\r
357 return 0;\r
358\r
359 case SET_NO_PPI_CLEAR_TRUE:\r
360 *PpiFlags |= FLAG_NO_PPI_CLEAR;\r
361 return 0;\r
362\r
363 case SET_NO_PPI_MAINTENANCE_FALSE:\r
364 *PpiFlags &= ~FLAG_NO_PPI_MAINTENANCE;\r
365 return 0;\r
366\r
367 case SET_NO_PPI_MAINTENANCE_TRUE:\r
368 *PpiFlags |= FLAG_NO_PPI_MAINTENANCE;\r
369 return 0;\r
370 \r
371 case ENABLE_ACTIVATE_CLEAR:\r
372 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ENABLE_ACTIVATE, PpiFlags);\r
373 if (TpmResponse == 0) {\r
374 TpmResponse = ExecutePhysicalPresence (TcgProtocol, CLEAR, PpiFlags);\r
375 }\r
376 return TpmResponse;\r
377\r
378 case ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
379 //\r
380 // ENABLE_ACTIVATE + CLEAR_ENABLE_ACTIVATE\r
381 // CLEAR_ENABLE_ACTIVATE will be executed atfer reboot.\r
382 //\r
383 if ((*PpiFlags & FLAG_RESET_TRACK) == 0) {\r
384 TpmResponse = ExecutePhysicalPresence (TcgProtocol, ENABLE_ACTIVATE, PpiFlags);\r
385 *PpiFlags |= FLAG_RESET_TRACK;\r
386 } else {\r
387 TpmResponse = ExecutePhysicalPresence (TcgProtocol, CLEAR_ENABLE_ACTIVATE, PpiFlags);\r
388 *PpiFlags &= ~FLAG_RESET_TRACK;\r
389 } \r
390 return TpmResponse;\r
391\r
392 default:\r
393 ;\r
394 }\r
395 return TPM_PP_BIOS_FAILURE;\r
396}\r
397\r
398\r
399/**\r
400 Read the specified key for user confirmation.\r
401\r
402 @param[in] CautionKey If true, F12 is used as confirm key;\r
403 If false, F10 is used as confirm key.\r
404\r
405 @retval TRUE User confirmed the changes by input.\r
406 @retval FALSE User discarded the changes.\r
407\r
408**/\r
409BOOLEAN\r
410ReadUserKey (\r
411 IN BOOLEAN CautionKey\r
412 )\r
413{\r
414 EFI_STATUS Status;\r
415 EFI_INPUT_KEY Key;\r
416 UINT16 InputKey;\r
417 EFI_TPL OldTpl;\r
418\r
419 OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL); \r
420 gBS->RestoreTPL (TPL_APPLICATION);\r
421 \r
422 InputKey = 0; \r
423 do {\r
424 Status = gBS->CheckEvent (gST->ConIn->WaitForKey);\r
425 if (!EFI_ERROR (Status)) {\r
426 Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r
427 if (Key.ScanCode == SCAN_ESC) {\r
428 InputKey = Key.ScanCode;\r
429 }\r
430 if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r
431 InputKey = Key.ScanCode;\r
432 }\r
433 if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r
434 InputKey = Key.ScanCode;\r
435 }\r
436 } \r
437 } while (InputKey == 0);\r
438\r
439 gBS->RaiseTPL (OldTpl); \r
440\r
441 if (InputKey != SCAN_ESC) {\r
442 return TRUE;\r
443 }\r
444 \r
445 return FALSE;\r
446}\r
447\r
448/**\r
449 Display the confirm text and get user confirmation.\r
450\r
451 @param[in] TpmPpCommand The requested TPM physical presence command.\r
452\r
453 @retval TRUE The user has confirmed the changes.\r
454 @retval FALSE The user doesn't confirm the changes.\r
455**/\r
456BOOLEAN\r
457UserConfirm (\r
458 IN UINT8 TpmPpCommand\r
459 )\r
460{\r
461 CHAR16 *ConfirmText;\r
462 CHAR16 *TmpStr1;\r
463 CHAR16 *TmpStr2; \r
464 UINTN BufSize;\r
465 BOOLEAN CautionKey;\r
466 UINT16 Index;\r
467 CHAR16 DstStr[81];\r
468 \r
469 TmpStr2 = NULL;\r
470 CautionKey = FALSE;\r
471 BufSize = CONFIRM_BUFFER_SIZE;\r
472 ConfirmText = AllocateZeroPool (BufSize);\r
473 ASSERT (ConfirmText != NULL);\r
474\r
475 mPpStringPackHandle = HiiAddPackages (\r
476 &gEfiPhysicalPresenceGuid,\r
477 NULL,\r
478 PhysicalPresenceDxeStrings,\r
479 NULL\r
480 );\r
481 ASSERT (mPpStringPackHandle != NULL);\r
482\r
483 switch (TpmPpCommand) {\r
484 case ENABLE:\r
485 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ENABLE), NULL);\r
486 \r
487 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL); \r
488 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
489 FreePool (TmpStr1);\r
490\r
491 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
492 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
493 FreePool (TmpStr1);\r
494 break;\r
495\r
496 case DISABLE:\r
497 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_DISABLE), NULL);\r
498 \r
499 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
500 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
501 FreePool (TmpStr1);\r
502\r
503 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING), NULL);\r
504 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
505 FreePool (TmpStr1);\r
506\r
507 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
508 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
509 FreePool (TmpStr1);\r
510 break;\r
511 \r
512 case ACTIVATE:\r
513 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACTIVATE), NULL);\r
514 \r
515 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
516 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
517 FreePool (TmpStr1);\r
518\r
519 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
520 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
521 FreePool (TmpStr1);\r
522 break;\r
523\r
524 case DEACTIVATE:\r
525 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_DEACTIVATE), NULL);\r
526\r
527 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
528 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
529 FreePool (TmpStr1);\r
530\r
531 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING), NULL);\r
532 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
533 FreePool (TmpStr1);\r
534\r
535 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
536 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
537 FreePool (TmpStr1); \r
538 break;\r
539\r
540 case CLEAR:\r
541 CautionKey = TRUE;\r
542 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CLEAR), NULL);\r
543\r
544 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
545 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
546 FreePool (TmpStr1);\r
547\r
548 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR), NULL);\r
549 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
550 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
551 FreePool (TmpStr1); \r
552\r
553 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
554 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
555 FreePool (TmpStr1);\r
556 break;\r
557\r
558 case ENABLE_ACTIVATE:\r
559 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ENABLE_ACTIVATE), NULL);\r
560\r
561 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
562 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
563 FreePool (TmpStr1);\r
564\r
565 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_ON), NULL);\r
566 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
567 FreePool (TmpStr1);\r
568\r
569 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
570 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
571 FreePool (TmpStr1);\r
572 break;\r
573\r
574 case DEACTIVATE_DISABLE:\r
575 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_DEACTIVATE_DISABLE), NULL);\r
576 \r
577 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL); \r
578 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
579 FreePool (TmpStr1);\r
580\r
581 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_OFF), NULL);\r
582 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
583 FreePool (TmpStr1);\r
584 \r
585 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING), NULL);\r
586 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
587 FreePool (TmpStr1);\r
588\r
589 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
590 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
591 FreePool (TmpStr1);\r
592 break;\r
593\r
594 case SET_OWNER_INSTALL_TRUE:\r
595 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP), NULL);\r
596 \r
597 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL); \r
598 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
599 FreePool (TmpStr1);\r
600\r
601 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
602 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
603 FreePool (TmpStr1);\r
604 break;\r
605\r
606 case SET_OWNER_INSTALL_FALSE:\r
607 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP), NULL);\r
608 \r
609 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL); \r
610 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
611 FreePool (TmpStr1);\r
612\r
613 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
614 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
615 FreePool (TmpStr1);\r
616 break;\r
617\r
618 case ENABLE_ACTIVATE_OWNER_TRUE:\r
619 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_TURN_ON), NULL);\r
620\r
621 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
622 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
623 FreePool (TmpStr1);\r
624\r
625 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_ON), NULL);\r
626 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
627 FreePool (TmpStr1);\r
628\r
629 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
630 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
631 FreePool (TmpStr1);\r
632 break;\r
633\r
634 case DEACTIVATE_DISABLE_OWNER_FALSE:\r
635 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_TURN_OFF), NULL);\r
636 \r
637 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL); \r
638 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
639 FreePool (TmpStr1);\r
640\r
641 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_OFF), NULL);\r
642 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
643 FreePool (TmpStr1);\r
644 \r
645 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING), NULL);\r
646 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
647 FreePool (TmpStr1);\r
648\r
649 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
650 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
651 FreePool (TmpStr1);\r
652 break;\r
653\r
654 case DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
655 CautionKey = TRUE;\r
656 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE), NULL);\r
657 \r
658 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_UPGRADE_HEAD_STR), NULL); \r
659 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
660 FreePool (TmpStr1);\r
661 \r
662 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_MAINTAIN), NULL);\r
663 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
664 FreePool (TmpStr1);\r
665\r
666 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
667 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
668 FreePool (TmpStr1);\r
669 break;\r
670\r
671 case SET_OPERATOR_AUTH:\r
672 //\r
673 // TPM_SetOperatorAuth\r
674 // This command requires UI to prompt user for Auth data\r
675 // Here it is NOT implemented\r
676 //\r
677 break;\r
678\r
679 case CLEAR_ENABLE_ACTIVATE:\r
680 CautionKey = TRUE;\r
681 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CLEAR_TURN_ON), NULL);\r
682\r
683 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
684 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
685 FreePool (TmpStr1);\r
686\r
687 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_ON), NULL);\r
688 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
689 FreePool (TmpStr1);\r
690\r
691 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR), NULL);\r
692 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
693 FreePool (TmpStr1);\r
694\r
695 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR_CONT), NULL);\r
696 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
697 FreePool (TmpStr1);\r
698\r
699 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
700 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
701 FreePool (TmpStr1);\r
702 break;\r
703\r
704 case SET_NO_PPI_PROVISION_TRUE:\r
705 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NO_PPI_PROVISION), NULL);\r
706\r
707 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_PPI_HEAD_STR), NULL);\r
708 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
709 FreePool (TmpStr1);\r
710\r
711 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ACCEPT_KEY), NULL);\r
712 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
713 FreePool (TmpStr1);\r
714\r
715 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NO_PPI_INFO), NULL);\r
716 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
717 FreePool (TmpStr1);\r
718 break;\r
719\r
720 case SET_NO_PPI_CLEAR_TRUE:\r
721 CautionKey = TRUE;\r
722 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CLEAR), NULL);\r
723\r
724 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_PPI_HEAD_STR), NULL);\r
725 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
726 FreePool (TmpStr1);\r
727\r
728 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_CLEAR), NULL);\r
729 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
730 FreePool (TmpStr1);\r
731\r
732 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR), NULL);\r
733 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
734 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
735 FreePool (TmpStr1); \r
736\r
737 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
738 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
739 FreePool (TmpStr1);\r
740\r
741 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NO_PPI_INFO), NULL);\r
742 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
743 FreePool (TmpStr1);\r
744 break;\r
745\r
746 case SET_NO_PPI_MAINTENANCE_TRUE:\r
747 CautionKey = TRUE;\r
748 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NO_PPI_MAINTAIN), NULL);\r
749\r
750 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_PPI_HEAD_STR), NULL);\r
751 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
752 FreePool (TmpStr1);\r
753\r
754 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_MAINTAIN), NULL);\r
755 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
756 FreePool (TmpStr1);\r
757\r
758 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
759 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
760 FreePool (TmpStr1);\r
761\r
762 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NO_PPI_INFO), NULL);\r
763 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
764 FreePool (TmpStr1);\r
765 break;\r
766\r
767 case ENABLE_ACTIVATE_CLEAR:\r
768 CautionKey = TRUE;\r
769 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR), NULL);\r
770\r
771 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
772 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
773 FreePool (TmpStr1);\r
774\r
775 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR), NULL);\r
776 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
777 StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
778 FreePool (TmpStr1);\r
779\r
780 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
781 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
782 FreePool (TmpStr1);\r
783 break;\r
784\r
785 case ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
786 CautionKey = TRUE;\r
787 TmpStr2 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE), NULL);\r
788\r
789 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_HEAD_STR), NULL);\r
790 UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
791 FreePool (TmpStr1);\r
792\r
793 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_NOTE_ON), NULL);\r
794 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
795 FreePool (TmpStr1);\r
796\r
797 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR), NULL);\r
798 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
799 FreePool (TmpStr1);\r
800\r
801 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_WARNING_CLEAR_CONT), NULL);\r
802 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
803 FreePool (TmpStr1);\r
804\r
805 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_CAUTION_KEY), NULL);\r
806 StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16 *)) - StrLen (ConfirmText) - 1);\r
807 FreePool (TmpStr1);\r
808 break;\r
809\r
810 default:\r
811 ;\r
812 }\r
813\r
814 if (TmpStr2 == NULL) {\r
815 FreePool (ConfirmText);\r
816 return FALSE;\r
817 }\r
818\r
819 TmpStr1 = HiiGetString (mPpStringPackHandle, STRING_TOKEN (TPM_REJECT_KEY), NULL);\r
820 BufSize -= StrSize (ConfirmText);\r
821 UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r
822\r
823 DstStr[80] = L'\0';\r
824 for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r
825 StrnCpy(DstStr, ConfirmText + Index, 80); \r
826 Print (DstStr); \r
827 }\r
828 \r
829 FreePool (TmpStr1);\r
830 FreePool (TmpStr2);\r
831 FreePool (ConfirmText);\r
832\r
833 if (ReadUserKey (CautionKey)) {\r
834 return TRUE;\r
835 }\r
836\r
837 return FALSE; \r
838}\r
839\r
840/**\r
841 Check and execute the requested physical presence command.\r
842 \r
843 @param[in, out] TcgPpData Point to the physical presence NV variable.\r
844\r
845**/\r
846VOID\r
847ExecutePendingTpmRequest (\r
848 IN OUT EFI_PHYSICAL_PRESENCE *TcgPpData\r
849 )\r
850{\r
851 EFI_STATUS Status;\r
852 EFI_TCG_PROTOCOL *TcgProtocol;\r
853 UINTN DataSize;\r
854 UINT8 Flags;\r
855 BOOLEAN RequestConfirmed;\r
856\r
857 Flags = TcgPpData->Flags;\r
858 RequestConfirmed = FALSE; \r
859 switch (TcgPpData->PPRequest) {\r
860 case NO_ACTION:\r
861 return;\r
862 case ENABLE:\r
863 case DISABLE:\r
864 case ACTIVATE:\r
865 case DEACTIVATE:\r
866 case ENABLE_ACTIVATE:\r
867 case DEACTIVATE_DISABLE:\r
868 case SET_OWNER_INSTALL_TRUE:\r
869 case SET_OWNER_INSTALL_FALSE:\r
870 case ENABLE_ACTIVATE_OWNER_TRUE:\r
871 case DEACTIVATE_DISABLE_OWNER_FALSE:\r
872 case SET_OPERATOR_AUTH:\r
873 if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
874 RequestConfirmed = TRUE;\r
875 }\r
876 break;\r
877\r
878 case CLEAR:\r
879 case ENABLE_ACTIVATE_CLEAR:\r
880 if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
881 RequestConfirmed = TRUE;\r
882 }\r
883 break;\r
884\r
885 case DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
886 if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
887 RequestConfirmed = TRUE;\r
888 }\r
889 break;\r
890\r
891 case CLEAR_ENABLE_ACTIVATE:\r
892 case ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
893 if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
894 RequestConfirmed = TRUE;\r
895 }\r
896 break; \r
897\r
898 case SET_NO_PPI_PROVISION_FALSE:\r
899 case SET_NO_PPI_CLEAR_FALSE:\r
900 case SET_NO_PPI_MAINTENANCE_FALSE:\r
901 RequestConfirmed = TRUE;\r
902 break;\r
903 }\r
904\r
905 if ((Flags & FLAG_RESET_TRACK) != 0) {\r
906 //\r
907 // It had been confirmed in last boot, it doesn't need confirm again.\r
908 //\r
909 RequestConfirmed = TRUE;\r
910 }\r
911\r
912 if (!RequestConfirmed) {\r
913 //\r
914 // Print confirm text and wait for approval. \r
915 //\r
916 RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r
917 }\r
918\r
919 //\r
920 // Execute requested physical presence command.\r
921 //\r
922 TcgPpData->PPResponse = TPM_PP_USER_ABORT;\r
923 if (RequestConfirmed) {\r
924 Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID**) &TcgProtocol);\r
925 ASSERT_EFI_ERROR (Status);\r
926 TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &TcgPpData->Flags);\r
927 }\r
928\r
929 //\r
930 // Clear request\r
931 //\r
932 if ((TcgPpData->Flags & FLAG_RESET_TRACK) == 0) {\r
933 TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
934 TcgPpData->PPRequest = 0; \r
935 }\r
936\r
937 //\r
938 // Save changes\r
939 //\r
940 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
941 Status = gRT->SetVariable (\r
942 PHYSICAL_PRESENCE_VARIABLE,\r
943 &gEfiPhysicalPresenceGuid,\r
944 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
945 DataSize,\r
946 TcgPpData\r
947 );\r
948 if (EFI_ERROR (Status)) {\r
949 return;\r
950 }\r
951\r
952 if (TcgPpData->PPResponse == TPM_PP_USER_ABORT) {\r
953 return;\r
954 }\r
955\r
956 //\r
957 // Reset system to make new TPM settings in effect\r
958 //\r
959 switch (TcgPpData->LastPPRequest) {\r
960 case ACTIVATE:\r
961 case DEACTIVATE:\r
962 case CLEAR:\r
963 case ENABLE_ACTIVATE:\r
964 case DEACTIVATE_DISABLE:\r
965 case ENABLE_ACTIVATE_OWNER_TRUE:\r
966 case DEACTIVATE_DISABLE_OWNER_FALSE:\r
967 case DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
968 case CLEAR_ENABLE_ACTIVATE:\r
969 case ENABLE_ACTIVATE_CLEAR:\r
970 case ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE: \r
971 break;\r
972 default:\r
973 if (TcgPpData->PPRequest != 0) {\r
974 break;\r
975 }\r
976 return;\r
977 }\r
978\r
979 Print (L"Rebooting system to make TPM settings in effect\n");\r
980 gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r
981 ASSERT (FALSE); \r
982}\r
983\r
984/**\r
985 Check and execute the physical presence command requested and\r
986 Lock physical presence.\r
987\r
988 @param[in] Event Event whose notification function is being invoked\r
989 @param[in] Context Pointer to the notification function's context\r
990\r
991**/\r
992VOID\r
993EFIAPI\r
994OnReadyToBoot (\r
995 IN EFI_EVENT Event,\r
996 IN VOID *Context\r
997 )\r
998{\r
999 EFI_STATUS Status;\r
1000 BOOLEAN LifetimeLock;\r
1001 BOOLEAN CmdEnable;\r
1002 UINTN DataSize;\r
1003 EFI_PHYSICAL_PRESENCE TcgPpData;\r
1004 \r
1005 //\r
1006 // Check pending request, if not exist, just return.\r
1007 //\r
1008 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1009 Status = gRT->GetVariable (\r
1010 PHYSICAL_PRESENCE_VARIABLE,\r
1011 &gEfiPhysicalPresenceGuid,\r
1012 NULL,\r
1013 &DataSize,\r
1014 &TcgPpData\r
1015 );\r
1016 ASSERT_EFI_ERROR (Status);\r
1017 DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", TcgPpData.Flags, TcgPpData.PPRequest));\r
1018 \r
1019 Status = GetTpmCapability (&LifetimeLock, &CmdEnable);\r
1020 if (EFI_ERROR (Status)) {\r
1021 return ;\r
1022 }\r
1023\r
1024 if (!CmdEnable) {\r
1025 if (LifetimeLock) {\r
1026 //\r
1027 // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r
1028 //\r
1029 return ;\r
1030 }\r
1031 Status = TpmPhysicalPresence (TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r
1032 if (EFI_ERROR (Status)) {\r
1033 return ;\r
1034 }\r
1035 }\r
1036\r
1037 //\r
1038 // Set operator physical presence flags\r
1039 //\r
1040 TpmPhysicalPresence (TPM_PHYSICAL_PRESENCE_PRESENT);\r
1041 \r
1042 //\r
1043 // Execute pending TPM request.\r
1044 // \r
1045 ExecutePendingTpmRequest (&TcgPpData);\r
1046 DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r
1047\r
1048 //\r
1049 // Lock physical presence.\r
1050 //\r
1051 TpmPhysicalPresence (TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r
1052}\r
1053\r
1054/**\r
1055 The driver's entry point.\r
1056\r
1057 @param[in] ImageHandle The firmware allocated handle for the EFI image. \r
1058 @param[in] SystemTable A pointer to the EFI System Table.\r
1059 \r
1060 @retval EFI_SUCCESS The entry point is executed successfully.\r
1061 @retval other Some error occurs when executing this entry point.\r
1062\r
1063**/\r
1064EFI_STATUS\r
1065EFIAPI\r
1066DriverEntry (\r
1067 IN EFI_HANDLE ImageHandle,\r
1068 IN EFI_SYSTEM_TABLE *SystemTable\r
1069 )\r
1070{\r
1071 EFI_EVENT Event;\r
1072 EFI_STATUS Status;\r
1073 UINTN DataSize;\r
1074 EFI_PHYSICAL_PRESENCE TcgPpData;\r
1075 \r
1076 //\r
1077 // Initialize physical presence variable exists.\r
1078 //\r
1079 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1080 Status = gRT->GetVariable (\r
1081 PHYSICAL_PRESENCE_VARIABLE,\r
1082 &gEfiPhysicalPresenceGuid,\r
1083 NULL,\r
1084 &DataSize,\r
1085 &TcgPpData\r
1086 );\r
1087 if (EFI_ERROR (Status)) {\r
1088 if (Status == EFI_NOT_FOUND) {\r
1089 ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r
1090 TcgPpData.Flags |= FLAG_NO_PPI_PROVISION;\r
1091 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
1092 Status = gRT->SetVariable (\r
1093 PHYSICAL_PRESENCE_VARIABLE,\r
1094 &gEfiPhysicalPresenceGuid,\r
1095 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
1096 DataSize,\r
1097 &TcgPpData\r
1098 );\r
1099 }\r
1100 ASSERT_EFI_ERROR (Status);\r
1101 }\r
1102\r
1103 //\r
1104 // TPL Level of physical presence should be larger \r
1105 // than one of TcgDxe driver (TPL_CALLBACK)\r
1106 //\r
1107 Status = EfiCreateEventReadyToBootEx (\r
1108 TPL_CALLBACK,\r
1109 OnReadyToBoot,\r
1110 NULL,\r
1111 &Event\r
1112 );\r
1113 return Status;\r
1114}\r
1115\r
EFI Development Kit II mirror for PVE