]>
Commit | Line | Data |
---|---|---|
1abfa4ce JY |
1 | /** @file\r |
2 | This module implements Tcg2 Protocol.\r | |
3 | \r | |
1404e3a1 | 4 | Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>\r |
336dbfd1 | 5 | (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r |
1abfa4ce JY |
6 | This program and the accompanying materials \r |
7 | are licensed and made available under the terms and conditions of the BSD License \r | |
8 | which accompanies this distribution. The full text of the license may be found at \r | |
9 | http://opensource.org/licenses/bsd-license.php\r | |
10 | \r | |
11 | THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r | |
12 | WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r | |
13 | \r | |
14 | **/\r | |
15 | \r | |
16 | #include <PiDxe.h>\r | |
17 | #include <IndustryStandard/Acpi.h>\r | |
18 | #include <IndustryStandard/PeImage.h>\r | |
1abfa4ce JY |
19 | #include <IndustryStandard/TcpaAcpi.h>\r |
20 | \r | |
21 | #include <Guid/GlobalVariable.h>\r | |
1abfa4ce JY |
22 | #include <Guid/HobList.h>\r |
23 | #include <Guid/TcgEventHob.h>\r | |
24 | #include <Guid/EventGroup.h>\r | |
25 | #include <Guid/EventExitBootServiceFailed.h>\r | |
26 | #include <Guid/ImageAuthentication.h>\r | |
27 | #include <Guid/TpmInstance.h>\r | |
28 | \r | |
29 | #include <Protocol/DevicePath.h>\r | |
30 | #include <Protocol/MpService.h>\r | |
31 | #include <Protocol/VariableWrite.h>\r | |
32 | #include <Protocol/Tcg2Protocol.h>\r | |
33 | #include <Protocol/TrEEProtocol.h>\r | |
34 | \r | |
35 | #include <Library/DebugLib.h>\r | |
36 | #include <Library/BaseMemoryLib.h>\r | |
37 | #include <Library/UefiRuntimeServicesTableLib.h>\r | |
38 | #include <Library/UefiDriverEntryPoint.h>\r | |
39 | #include <Library/HobLib.h>\r | |
40 | #include <Library/UefiBootServicesTableLib.h>\r | |
41 | #include <Library/BaseLib.h>\r | |
42 | #include <Library/MemoryAllocationLib.h>\r | |
43 | #include <Library/PrintLib.h>\r | |
44 | #include <Library/Tpm2CommandLib.h>\r | |
45 | #include <Library/PcdLib.h>\r | |
46 | #include <Library/UefiLib.h>\r | |
47 | #include <Library/Tpm2DeviceLib.h>\r | |
48 | #include <Library/HashLib.h>\r | |
49 | #include <Library/PerformanceLib.h>\r | |
50 | #include <Library/ReportStatusCodeLib.h>\r | |
51 | #include <Library/Tcg2PhysicalPresenceLib.h>\r | |
52 | \r | |
53 | #define PERF_ID_TCG2_DXE 0x3120\r | |
54 | \r | |
55 | typedef struct {\r | |
56 | CHAR16 *VariableName;\r | |
57 | EFI_GUID *VendorGuid;\r | |
58 | } VARIABLE_TYPE;\r | |
59 | \r | |
1abfa4ce JY |
60 | #define TCG2_DEFAULT_MAX_COMMAND_SIZE 0x1000\r |
61 | #define TCG2_DEFAULT_MAX_RESPONSE_SIZE 0x1000\r | |
62 | \r | |
63 | typedef struct {\r | |
64 | EFI_GUID *EventGuid;\r | |
65 | EFI_TCG2_EVENT_LOG_FORMAT LogFormat;\r | |
66 | } TCG2_EVENT_INFO_STRUCT;\r | |
67 | \r | |
68 | TCG2_EVENT_INFO_STRUCT mTcg2EventInfo[] = {\r | |
69 | {&gTcgEventEntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2},\r | |
70 | {&gTcgEvent2EntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_2},\r | |
71 | };\r | |
72 | \r | |
73 | #define TCG_EVENT_LOG_AREA_COUNT_MAX 2\r | |
74 | \r | |
75 | typedef struct {\r | |
76 | EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat;\r | |
77 | EFI_PHYSICAL_ADDRESS Lasa;\r | |
78 | UINT64 Laml;\r | |
79 | UINTN EventLogSize;\r | |
80 | UINT8 *LastEvent;\r | |
81 | BOOLEAN EventLogStarted;\r | |
82 | BOOLEAN EventLogTruncated;\r | |
83 | } TCG_EVENT_LOG_AREA_STRUCT;\r | |
84 | \r | |
85 | typedef struct _TCG_DXE_DATA {\r | |
86 | EFI_TCG2_BOOT_SERVICE_CAPABILITY BsCap;\r | |
87 | TCG_EVENT_LOG_AREA_STRUCT EventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];\r | |
88 | BOOLEAN GetEventLogCalled[TCG_EVENT_LOG_AREA_COUNT_MAX];\r | |
89 | TCG_EVENT_LOG_AREA_STRUCT FinalEventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];\r | |
90 | EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable[TCG_EVENT_LOG_AREA_COUNT_MAX];\r | |
91 | } TCG_DXE_DATA;\r | |
92 | \r | |
93 | TCG_DXE_DATA mTcgDxeData = {\r | |
94 | {\r | |
95 | sizeof (EFI_TCG2_BOOT_SERVICE_CAPABILITY), // Size\r | |
96 | { 1, 1 }, // StructureVersion\r | |
97 | { 1, 1 }, // ProtocolVersion\r | |
98 | EFI_TCG2_BOOT_HASH_ALG_SHA1, // HashAlgorithmBitmap\r | |
99 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2, // SupportedEventLogs\r | |
100 | TRUE, // TPMPresentFlag\r | |
101 | TCG2_DEFAULT_MAX_COMMAND_SIZE, // MaxCommandSize\r | |
102 | TCG2_DEFAULT_MAX_RESPONSE_SIZE, // MaxResponseSize\r | |
103 | 0, // ManufacturerID\r | |
104 | 0, // NumberOfPCRBanks\r | |
105 | 0, // ActivePcrBanks\r | |
106 | },\r | |
107 | };\r | |
108 | \r | |
109 | UINTN mBootAttempts = 0;\r | |
110 | CHAR16 mBootVarName[] = L"BootOrder";\r | |
111 | \r | |
112 | VARIABLE_TYPE mVariableType[] = {\r | |
113 | {EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid},\r | |
114 | {EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid},\r | |
115 | {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid},\r | |
116 | {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},\r | |
117 | {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},\r | |
118 | };\r | |
119 | \r | |
120 | EFI_HANDLE mImageHandle;\r | |
121 | \r | |
122 | /**\r | |
123 | Measure PE image into TPM log based on the authenticode image hashing in\r | |
124 | PE/COFF Specification 8.0 Appendix A.\r | |
125 | \r | |
126 | Caution: This function may receive untrusted input.\r | |
127 | PE/COFF image is external input, so this function will validate its data structure\r | |
128 | within this image buffer before use.\r | |
129 | \r | |
5a8eae95 LG |
130 | Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().\r |
131 | \r | |
1abfa4ce JY |
132 | @param[in] PCRIndex TPM PCR index\r |
133 | @param[in] ImageAddress Start address of image buffer.\r | |
134 | @param[in] ImageSize Image size\r | |
135 | @param[out] DigestList Digeest list of this image.\r | |
136 | \r | |
137 | @retval EFI_SUCCESS Successfully measure image.\r | |
138 | @retval EFI_OUT_OF_RESOURCES No enough resource to measure image.\r | |
139 | @retval other error value\r | |
140 | **/\r | |
141 | EFI_STATUS\r | |
142 | MeasurePeImageAndExtend (\r | |
143 | IN UINT32 PCRIndex,\r | |
144 | IN EFI_PHYSICAL_ADDRESS ImageAddress,\r | |
145 | IN UINTN ImageSize,\r | |
146 | OUT TPML_DIGEST_VALUES *DigestList\r | |
147 | );\r | |
148 | \r | |
149 | /**\r | |
150 | \r | |
151 | This function dump raw data.\r | |
152 | \r | |
153 | @param Data raw data\r | |
154 | @param Size raw data size\r | |
155 | \r | |
156 | **/\r | |
157 | VOID\r | |
158 | InternalDumpData (\r | |
159 | IN UINT8 *Data,\r | |
160 | IN UINTN Size\r | |
161 | )\r | |
162 | {\r | |
163 | UINTN Index;\r | |
164 | for (Index = 0; Index < Size; Index++) {\r | |
165 | DEBUG ((EFI_D_INFO, "%02x", (UINTN)Data[Index]));\r | |
166 | }\r | |
167 | }\r | |
168 | \r | |
a2612cf7 ZC |
169 | /**\r |
170 | \r | |
171 | This function initialize TCG_PCR_EVENT2_HDR for EV_NO_ACTION Event Type other than EFI Specification ID event\r | |
172 | The behavior is defined by TCG PC Client PFP Spec. Section 9.3.4 EV_NO_ACTION Event Types\r | |
173 | \r | |
174 | @param[in, out] NoActionEvent Event Header of EV_NO_ACTION Event\r | |
175 | @param[in] EventSize Event Size of the EV_NO_ACTION Event\r | |
176 | \r | |
177 | **/\r | |
178 | VOID\r | |
179 | InitNoActionEvent (\r | |
180 | IN OUT TCG_PCR_EVENT2_HDR *NoActionEvent,\r | |
181 | IN UINT32 EventSize\r | |
182 | )\r | |
183 | {\r | |
184 | UINT32 DigestListCount;\r | |
185 | TPMI_ALG_HASH HashAlgId;\r | |
186 | UINT8 *DigestBuffer;\r | |
187 | \r | |
188 | DigestBuffer = (UINT8 *)NoActionEvent->Digests.digests;\r | |
189 | DigestListCount = 0;\r | |
190 | \r | |
191 | NoActionEvent->PCRIndex = 0;\r | |
192 | NoActionEvent->EventType = EV_NO_ACTION;\r | |
193 | \r | |
194 | //\r | |
195 | // Set Hash count & hashAlg accordingly, while Digest.digests[n].digest to all 0\r | |
196 | //\r | |
197 | ZeroMem (&NoActionEvent->Digests, sizeof(NoActionEvent->Digests));\r | |
198 | \r | |
199 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {\r | |
200 | HashAlgId = TPM_ALG_SHA1;\r | |
201 | CopyMem (DigestBuffer, &HashAlgId, sizeof(TPMI_ALG_HASH));\r | |
202 | DigestBuffer += sizeof(TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);\r | |
203 | DigestListCount++;\r | |
204 | }\r | |
205 | \r | |
206 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {\r | |
207 | HashAlgId = TPM_ALG_SHA256;\r | |
208 | CopyMem (DigestBuffer, &HashAlgId, sizeof(TPMI_ALG_HASH));\r | |
209 | DigestBuffer += sizeof(TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);\r | |
210 | DigestListCount++;\r | |
211 | }\r | |
212 | \r | |
213 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {\r | |
214 | HashAlgId = TPM_ALG_SHA384;\r | |
215 | CopyMem (DigestBuffer, &HashAlgId, sizeof(TPMI_ALG_HASH));\r | |
216 | DigestBuffer += sizeof(TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);\r | |
217 | DigestListCount++;\r | |
218 | }\r | |
219 | \r | |
220 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {\r | |
221 | HashAlgId = TPM_ALG_SHA512;\r | |
222 | CopyMem (DigestBuffer, &HashAlgId, sizeof(TPMI_ALG_HASH));\r | |
223 | DigestBuffer += sizeof(TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);\r | |
224 | DigestListCount++;\r | |
225 | }\r | |
226 | \r | |
227 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {\r | |
228 | HashAlgId = TPM_ALG_SM3_256;\r | |
229 | CopyMem (DigestBuffer, &HashAlgId, sizeof(TPMI_ALG_HASH));\r | |
230 | DigestBuffer += sizeof(TPMI_ALG_HASH) + GetHashSizeFromAlgo (HashAlgId);\r | |
231 | DigestListCount++;\r | |
232 | }\r | |
233 | \r | |
234 | //\r | |
235 | // Set Digests Count\r | |
236 | //\r | |
237 | WriteUnaligned32 ((UINT32 *)&NoActionEvent->Digests.count, DigestListCount);\r | |
238 | \r | |
239 | //\r | |
240 | // Set Event Size\r | |
241 | //\r | |
242 | WriteUnaligned32((UINT32 *)DigestBuffer, EventSize);\r | |
243 | }\r | |
244 | \r | |
1abfa4ce JY |
245 | /**\r |
246 | \r | |
247 | This function dump raw data with colume format.\r | |
248 | \r | |
249 | @param Data raw data\r | |
250 | @param Size raw data size\r | |
251 | \r | |
252 | **/\r | |
253 | VOID\r | |
254 | InternalDumpHex (\r | |
255 | IN UINT8 *Data,\r | |
256 | IN UINTN Size\r | |
257 | )\r | |
258 | {\r | |
259 | UINTN Index;\r | |
260 | UINTN Count;\r | |
261 | UINTN Left;\r | |
262 | \r | |
263 | #define COLUME_SIZE (16 * 2)\r | |
264 | \r | |
265 | Count = Size / COLUME_SIZE;\r | |
266 | Left = Size % COLUME_SIZE;\r | |
267 | for (Index = 0; Index < Count; Index++) {\r | |
268 | DEBUG ((EFI_D_INFO, "%04x: ", Index * COLUME_SIZE));\r | |
269 | InternalDumpData (Data + Index * COLUME_SIZE, COLUME_SIZE);\r | |
270 | DEBUG ((EFI_D_INFO, "\n"));\r | |
271 | }\r | |
272 | \r | |
273 | if (Left != 0) {\r | |
274 | DEBUG ((EFI_D_INFO, "%04x: ", Index * COLUME_SIZE));\r | |
275 | InternalDumpData (Data + Index * COLUME_SIZE, Left);\r | |
276 | DEBUG ((EFI_D_INFO, "\n"));\r | |
277 | }\r | |
278 | }\r | |
279 | \r | |
1abfa4ce JY |
280 | /**\r |
281 | Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function\r | |
282 | Caller is responsible to free LocationBuf.\r | |
283 | \r | |
284 | @param[out] LocationBuf Returns Processor Location Buffer.\r | |
285 | @param[out] Num Returns processor number.\r | |
286 | \r | |
287 | @retval EFI_SUCCESS Operation completed successfully.\r | |
288 | @retval EFI_UNSUPPORTED MpService protocol not found.\r | |
289 | \r | |
290 | **/\r | |
291 | EFI_STATUS\r | |
292 | GetProcessorsCpuLocation (\r | |
293 | OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf,\r | |
294 | OUT UINTN *Num\r | |
295 | )\r | |
296 | {\r | |
297 | EFI_STATUS Status;\r | |
298 | EFI_MP_SERVICES_PROTOCOL *MpProtocol;\r | |
299 | UINTN ProcessorNum;\r | |
300 | UINTN EnabledProcessorNum;\r | |
301 | EFI_PROCESSOR_INFORMATION ProcessorInfo;\r | |
302 | EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;\r | |
303 | UINTN Index;\r | |
304 | \r | |
305 | Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **) &MpProtocol);\r | |
306 | if (EFI_ERROR (Status)) {\r | |
307 | //\r | |
308 | // MP protocol is not installed\r | |
309 | //\r | |
310 | return EFI_UNSUPPORTED;\r | |
311 | }\r | |
312 | \r | |
313 | Status = MpProtocol->GetNumberOfProcessors(\r | |
314 | MpProtocol,\r | |
315 | &ProcessorNum,\r | |
316 | &EnabledProcessorNum\r | |
317 | );\r | |
318 | if (EFI_ERROR(Status)){\r | |
319 | return Status;\r | |
320 | }\r | |
321 | \r | |
322 | Status = gBS->AllocatePool(\r | |
323 | EfiBootServicesData,\r | |
324 | sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,\r | |
325 | (VOID **) &ProcessorLocBuf\r | |
326 | );\r | |
327 | if (EFI_ERROR(Status)){\r | |
328 | return Status;\r | |
329 | }\r | |
330 | \r | |
331 | //\r | |
332 | // Get each processor Location info\r | |
333 | //\r | |
334 | for (Index = 0; Index < ProcessorNum; Index++) {\r | |
335 | Status = MpProtocol->GetProcessorInfo(\r | |
336 | MpProtocol,\r | |
337 | Index,\r | |
338 | &ProcessorInfo\r | |
339 | );\r | |
340 | if (EFI_ERROR(Status)){\r | |
341 | FreePool(ProcessorLocBuf);\r | |
342 | return Status;\r | |
343 | }\r | |
344 | \r | |
345 | //\r | |
346 | // Get all Processor Location info & measure\r | |
347 | //\r | |
348 | CopyMem(\r | |
349 | &ProcessorLocBuf[Index],\r | |
350 | &ProcessorInfo.Location,\r | |
351 | sizeof(EFI_CPU_PHYSICAL_LOCATION)\r | |
352 | );\r | |
353 | }\r | |
354 | \r | |
355 | *LocationBuf = ProcessorLocBuf;\r | |
356 | *Num = ProcessorNum;\r | |
357 | \r | |
358 | return Status;\r | |
359 | }\r | |
360 | \r | |
361 | /**\r | |
362 | The EFI_TCG2_PROTOCOL GetCapability function call provides protocol\r | |
363 | capability information and state information.\r | |
364 | \r | |
365 | @param[in] This Indicates the calling context\r | |
366 | @param[in, out] ProtocolCapability The caller allocates memory for a EFI_TCG2_BOOT_SERVICE_CAPABILITY\r | |
367 | structure and sets the size field to the size of the structure allocated.\r | |
368 | The callee fills in the fields with the EFI protocol capability information\r | |
369 | and the current EFI TCG2 state information up to the number of fields which\r | |
370 | fit within the size of the structure passed in.\r | |
371 | \r | |
372 | @retval EFI_SUCCESS Operation completed successfully.\r | |
373 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
374 | The ProtocolCapability variable will not be populated. \r | |
375 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
376 | The ProtocolCapability variable will not be populated.\r | |
377 | @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.\r | |
378 | It will be partially populated (required Size field will be set). \r | |
379 | **/\r | |
380 | EFI_STATUS\r | |
381 | EFIAPI\r | |
382 | Tcg2GetCapability (\r | |
383 | IN EFI_TCG2_PROTOCOL *This,\r | |
384 | IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability\r | |
385 | )\r | |
386 | {\r | |
336dbfd1 | 387 | DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability ...\n"));\r |
1abfa4ce JY |
388 | \r |
389 | if ((This == NULL) || (ProtocolCapability == NULL)) {\r | |
390 | return EFI_INVALID_PARAMETER;\r | |
391 | }\r | |
392 | \r | |
336dbfd1 DL |
393 | DEBUG ((DEBUG_VERBOSE, "Size - 0x%x\n", ProtocolCapability->Size));\r |
394 | DEBUG ((DEBUG_VERBOSE, " 1.1 - 0x%x, 1.0 - 0x%x\n", sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY), sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)));\r | |
1abfa4ce JY |
395 | \r |
396 | if (ProtocolCapability->Size < mTcgDxeData.BsCap.Size) {\r | |
397 | //\r | |
398 | // Handle the case that firmware support 1.1 but OS only support 1.0.\r | |
399 | //\r | |
400 | if ((mTcgDxeData.BsCap.ProtocolVersion.Major > 0x01) || \r | |
401 | ((mTcgDxeData.BsCap.ProtocolVersion.Major == 0x01) && ((mTcgDxeData.BsCap.ProtocolVersion.Minor > 0x00)))) {\r | |
402 | if (ProtocolCapability->Size >= sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)) {\r | |
403 | CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0));\r | |
404 | ProtocolCapability->Size = sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0);\r | |
405 | ProtocolCapability->StructureVersion.Major = 1;\r | |
406 | ProtocolCapability->StructureVersion.Minor = 0;\r | |
407 | ProtocolCapability->ProtocolVersion.Major = 1;\r | |
408 | ProtocolCapability->ProtocolVersion.Minor = 0;\r | |
409 | DEBUG ((EFI_D_ERROR, "TreeGetCapability (Compatible) - %r\n", EFI_SUCCESS));\r | |
410 | return EFI_SUCCESS;\r | |
411 | }\r | |
412 | }\r | |
413 | ProtocolCapability->Size = mTcgDxeData.BsCap.Size;\r | |
414 | return EFI_BUFFER_TOO_SMALL;\r | |
415 | }\r | |
416 | \r | |
417 | CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, mTcgDxeData.BsCap.Size);\r | |
336dbfd1 | 418 | DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability - %r\n", EFI_SUCCESS));\r |
1abfa4ce JY |
419 | return EFI_SUCCESS;\r |
420 | }\r | |
421 | \r | |
422 | /**\r | |
423 | This function dump PCR event.\r | |
424 | \r | |
425 | @param[in] EventHdr TCG PCR event structure.\r | |
426 | **/\r | |
427 | VOID\r | |
428 | DumpEvent (\r | |
429 | IN TCG_PCR_EVENT_HDR *EventHdr\r | |
430 | )\r | |
431 | {\r | |
432 | UINTN Index;\r | |
433 | \r | |
434 | DEBUG ((EFI_D_INFO, " Event:\n"));\r | |
435 | DEBUG ((EFI_D_INFO, " PCRIndex - %d\n", EventHdr->PCRIndex));\r | |
436 | DEBUG ((EFI_D_INFO, " EventType - 0x%08x\n", EventHdr->EventType));\r | |
437 | DEBUG ((EFI_D_INFO, " Digest - "));\r | |
438 | for (Index = 0; Index < sizeof(TCG_DIGEST); Index++) {\r | |
439 | DEBUG ((EFI_D_INFO, "%02x ", EventHdr->Digest.digest[Index]));\r | |
440 | }\r | |
441 | DEBUG ((EFI_D_INFO, "\n"));\r | |
442 | DEBUG ((EFI_D_INFO, " EventSize - 0x%08x\n", EventHdr->EventSize));\r | |
443 | InternalDumpHex ((UINT8 *)(EventHdr + 1), EventHdr->EventSize);\r | |
444 | }\r | |
445 | \r | |
446 | /**\r | |
447 | This function dump TCG_EfiSpecIDEventStruct.\r | |
448 | \r | |
449 | @param[in] TcgEfiSpecIdEventStruct A pointer to TCG_EfiSpecIDEventStruct.\r | |
450 | **/\r | |
451 | VOID\r | |
452 | DumpTcgEfiSpecIdEventStruct (\r | |
453 | IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct\r | |
454 | )\r | |
455 | {\r | |
a9092578 | 456 | TCG_EfiSpecIdEventAlgorithmSize *DigestSize;\r |
1abfa4ce | 457 | UINTN Index;\r |
a9092578 QS |
458 | UINT8 *VendorInfoSize;\r |
459 | UINT8 *VendorInfo;\r | |
460 | UINT32 NumberOfAlgorithms;\r | |
1abfa4ce JY |
461 | \r |
462 | DEBUG ((EFI_D_INFO, " TCG_EfiSpecIDEventStruct:\n"));\r | |
463 | DEBUG ((EFI_D_INFO, " signature - '"));\r | |
464 | for (Index = 0; Index < sizeof(TcgEfiSpecIdEventStruct->signature); Index++) {\r | |
465 | DEBUG ((EFI_D_INFO, "%c", TcgEfiSpecIdEventStruct->signature[Index]));\r | |
466 | }\r | |
467 | DEBUG ((EFI_D_INFO, "'\n"));\r | |
468 | DEBUG ((EFI_D_INFO, " platformClass - 0x%08x\n", TcgEfiSpecIdEventStruct->platformClass));\r | |
469 | DEBUG ((EFI_D_INFO, " specVersion - %d.%d%d\n", TcgEfiSpecIdEventStruct->specVersionMajor, TcgEfiSpecIdEventStruct->specVersionMinor, TcgEfiSpecIdEventStruct->specErrata));\r | |
470 | DEBUG ((EFI_D_INFO, " uintnSize - 0x%02x\n", TcgEfiSpecIdEventStruct->uintnSize));\r | |
471 | \r | |
a9092578 QS |
472 | CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof(NumberOfAlgorithms));\r |
473 | DEBUG ((EFI_D_INFO, " NumberOfAlgorithms - 0x%08x\n", NumberOfAlgorithms));\r | |
1abfa4ce | 474 | \r |
a9092578 QS |
475 | DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));\r |
476 | for (Index = 0; Index < NumberOfAlgorithms; Index++) {\r | |
1abfa4ce | 477 | DEBUG ((EFI_D_INFO, " digest(%d)\n", Index));\r |
a9092578 QS |
478 | DEBUG ((EFI_D_INFO, " algorithmId - 0x%04x\n", DigestSize[Index].algorithmId));\r |
479 | DEBUG ((EFI_D_INFO, " digestSize - 0x%04x\n", DigestSize[Index].digestSize));\r | |
1abfa4ce | 480 | }\r |
a9092578 QS |
481 | VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];\r |
482 | DEBUG ((EFI_D_INFO, " VendorInfoSize - 0x%02x\n", *VendorInfoSize));\r | |
483 | VendorInfo = VendorInfoSize + 1;\r | |
484 | DEBUG ((EFI_D_INFO, " VendorInfo - "));\r | |
485 | for (Index = 0; Index < *VendorInfoSize; Index++) {\r | |
486 | DEBUG ((EFI_D_INFO, "%02x ", VendorInfo[Index]));\r | |
1abfa4ce JY |
487 | }\r |
488 | DEBUG ((EFI_D_INFO, "\n"));\r | |
489 | }\r | |
490 | \r | |
491 | /**\r | |
492 | This function get size of TCG_EfiSpecIDEventStruct.\r | |
493 | \r | |
494 | @param[in] TcgEfiSpecIdEventStruct A pointer to TCG_EfiSpecIDEventStruct.\r | |
495 | **/\r | |
496 | UINTN\r | |
497 | GetTcgEfiSpecIdEventStructSize (\r | |
498 | IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct\r | |
499 | )\r | |
500 | {\r | |
a9092578 QS |
501 | TCG_EfiSpecIdEventAlgorithmSize *DigestSize;\r |
502 | UINT8 *VendorInfoSize;\r | |
503 | UINT32 NumberOfAlgorithms;\r | |
1abfa4ce | 504 | \r |
a9092578 | 505 | CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof(NumberOfAlgorithms));\r |
1abfa4ce | 506 | \r |
a9092578 QS |
507 | DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));\r |
508 | VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];\r | |
509 | return sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (NumberOfAlgorithms * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8) + (*VendorInfoSize);\r | |
1abfa4ce JY |
510 | }\r |
511 | \r | |
512 | /**\r | |
513 | This function dump PCR event 2.\r | |
514 | \r | |
515 | @param[in] TcgPcrEvent2 TCG PCR event 2 structure.\r | |
516 | **/\r | |
517 | VOID\r | |
518 | DumpEvent2 (\r | |
519 | IN TCG_PCR_EVENT2 *TcgPcrEvent2\r | |
520 | )\r | |
521 | {\r | |
522 | UINTN Index;\r | |
523 | UINT32 DigestIndex;\r | |
524 | UINT32 DigestCount;\r | |
525 | TPMI_ALG_HASH HashAlgo;\r | |
526 | UINT32 DigestSize;\r | |
527 | UINT8 *DigestBuffer;\r | |
528 | UINT32 EventSize;\r | |
529 | UINT8 *EventBuffer;\r | |
530 | \r | |
531 | DEBUG ((EFI_D_INFO, " Event:\n"));\r | |
532 | DEBUG ((EFI_D_INFO, " PCRIndex - %d\n", TcgPcrEvent2->PCRIndex));\r | |
533 | DEBUG ((EFI_D_INFO, " EventType - 0x%08x\n", TcgPcrEvent2->EventType));\r | |
534 | \r | |
535 | DEBUG ((EFI_D_INFO, " DigestCount: 0x%08x\n", TcgPcrEvent2->Digest.count));\r | |
536 | \r | |
537 | DigestCount = TcgPcrEvent2->Digest.count;\r | |
538 | HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;\r | |
539 | DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;\r | |
540 | for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {\r | |
541 | DEBUG ((EFI_D_INFO, " HashAlgo : 0x%04x\n", HashAlgo));\r | |
542 | DEBUG ((EFI_D_INFO, " Digest(%d): ", DigestIndex));\r | |
543 | DigestSize = GetHashSizeFromAlgo (HashAlgo);\r | |
544 | for (Index = 0; Index < DigestSize; Index++) {\r | |
545 | DEBUG ((EFI_D_INFO, "%02x ", DigestBuffer[Index]));\r | |
546 | }\r | |
547 | DEBUG ((EFI_D_INFO, "\n"));\r | |
548 | //\r | |
549 | // Prepare next\r | |
550 | //\r | |
551 | CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof(TPMI_ALG_HASH));\r | |
552 | DigestBuffer = DigestBuffer + DigestSize + sizeof(TPMI_ALG_HASH);\r | |
553 | }\r | |
554 | DEBUG ((EFI_D_INFO, "\n"));\r | |
555 | DigestBuffer = DigestBuffer - sizeof(TPMI_ALG_HASH);\r | |
556 | \r | |
557 | CopyMem (&EventSize, DigestBuffer, sizeof(TcgPcrEvent2->EventSize));\r | |
558 | DEBUG ((EFI_D_INFO, " EventSize - 0x%08x\n", EventSize));\r | |
559 | EventBuffer = DigestBuffer + sizeof(TcgPcrEvent2->EventSize);\r | |
560 | InternalDumpHex (EventBuffer, EventSize);\r | |
561 | }\r | |
562 | \r | |
563 | /**\r | |
564 | This function returns size of TCG PCR event 2.\r | |
565 | \r | |
566 | @param[in] TcgPcrEvent2 TCG PCR event 2 structure.\r | |
567 | \r | |
568 | @return size of TCG PCR event 2.\r | |
569 | **/\r | |
570 | UINTN\r | |
571 | GetPcrEvent2Size (\r | |
572 | IN TCG_PCR_EVENT2 *TcgPcrEvent2\r | |
573 | )\r | |
574 | {\r | |
575 | UINT32 DigestIndex;\r | |
576 | UINT32 DigestCount;\r | |
577 | TPMI_ALG_HASH HashAlgo;\r | |
578 | UINT32 DigestSize;\r | |
579 | UINT8 *DigestBuffer;\r | |
580 | UINT32 EventSize;\r | |
581 | UINT8 *EventBuffer;\r | |
582 | \r | |
583 | DigestCount = TcgPcrEvent2->Digest.count;\r | |
584 | HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;\r | |
585 | DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;\r | |
586 | for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {\r | |
587 | DigestSize = GetHashSizeFromAlgo (HashAlgo);\r | |
588 | //\r | |
589 | // Prepare next\r | |
590 | //\r | |
591 | CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof(TPMI_ALG_HASH));\r | |
592 | DigestBuffer = DigestBuffer + DigestSize + sizeof(TPMI_ALG_HASH);\r | |
593 | }\r | |
594 | DigestBuffer = DigestBuffer - sizeof(TPMI_ALG_HASH);\r | |
595 | \r | |
596 | CopyMem (&EventSize, DigestBuffer, sizeof(TcgPcrEvent2->EventSize));\r | |
597 | EventBuffer = DigestBuffer + sizeof(TcgPcrEvent2->EventSize);\r | |
598 | \r | |
599 | return (UINTN)EventBuffer + EventSize - (UINTN)TcgPcrEvent2;\r | |
600 | }\r | |
601 | \r | |
602 | /**\r | |
603 | This function dump event log.\r | |
604 | \r | |
605 | @param[in] EventLogFormat The type of the event log for which the information is requested.\r | |
606 | @param[in] EventLogLocation A pointer to the memory address of the event log.\r | |
607 | @param[in] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the\r | |
608 | address of the start of the last entry in the event log in memory.\r | |
609 | @param[in] FinalEventsTable A pointer to the memory address of the final event table.\r | |
610 | **/\r | |
611 | VOID\r | |
612 | DumpEventLog (\r | |
613 | IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,\r | |
614 | IN EFI_PHYSICAL_ADDRESS EventLogLocation,\r | |
615 | IN EFI_PHYSICAL_ADDRESS EventLogLastEntry,\r | |
616 | IN EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable\r | |
617 | )\r | |
618 | {\r | |
619 | TCG_PCR_EVENT_HDR *EventHdr;\r | |
620 | TCG_PCR_EVENT2 *TcgPcrEvent2;\r | |
621 | TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;\r | |
622 | UINTN NumberOfEvents;\r | |
623 | \r | |
624 | DEBUG ((EFI_D_INFO, "EventLogFormat: (0x%x)\n", EventLogFormat));\r | |
625 | \r | |
626 | switch (EventLogFormat) {\r | |
627 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:\r | |
628 | EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;\r | |
629 | while ((UINTN)EventHdr <= EventLogLastEntry) {\r | |
630 | DumpEvent (EventHdr);\r | |
631 | EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof(TCG_PCR_EVENT_HDR) + EventHdr->EventSize);\r | |
632 | }\r | |
633 | if (FinalEventsTable == NULL) {\r | |
634 | DEBUG ((EFI_D_INFO, "FinalEventsTable: NOT FOUND\n"));\r | |
635 | } else {\r | |
636 | DEBUG ((EFI_D_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));\r | |
637 | DEBUG ((EFI_D_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));\r | |
638 | DEBUG ((EFI_D_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));\r | |
639 | \r | |
640 | EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)(FinalEventsTable + 1);\r | |
641 | for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {\r | |
642 | DumpEvent (EventHdr);\r | |
643 | EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof(TCG_PCR_EVENT_HDR) + EventHdr->EventSize);\r | |
644 | }\r | |
645 | }\r | |
646 | break;\r | |
647 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:\r | |
648 | //\r | |
649 | // Dump first event \r | |
650 | //\r | |
651 | EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;\r | |
652 | DumpEvent (EventHdr);\r | |
653 | \r | |
654 | TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)(EventHdr + 1);\r | |
655 | DumpTcgEfiSpecIdEventStruct (TcgEfiSpecIdEventStruct);\r | |
656 | \r | |
657 | TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgEfiSpecIdEventStruct + GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct));\r | |
658 | while ((UINTN)TcgPcrEvent2 <= EventLogLastEntry) {\r | |
659 | DumpEvent2 (TcgPcrEvent2);\r | |
660 | TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));\r | |
661 | }\r | |
662 | \r | |
663 | if (FinalEventsTable == NULL) {\r | |
664 | DEBUG ((EFI_D_INFO, "FinalEventsTable: NOT FOUND\n"));\r | |
665 | } else {\r | |
666 | DEBUG ((EFI_D_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));\r | |
667 | DEBUG ((EFI_D_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));\r | |
668 | DEBUG ((EFI_D_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));\r | |
669 | \r | |
670 | TcgPcrEvent2 = (TCG_PCR_EVENT2 *)(UINTN)(FinalEventsTable + 1);\r | |
671 | for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {\r | |
672 | DumpEvent2 (TcgPcrEvent2);\r | |
673 | TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));\r | |
674 | }\r | |
675 | }\r | |
676 | break;\r | |
677 | }\r | |
678 | \r | |
679 | return ;\r | |
680 | }\r | |
681 | \r | |
682 | /**\r | |
683 | The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to\r | |
684 | retrieve the address of a given event log and its last entry. \r | |
685 | \r | |
686 | @param[in] This Indicates the calling context\r | |
687 | @param[in] EventLogFormat The type of the event log for which the information is requested.\r | |
688 | @param[out] EventLogLocation A pointer to the memory address of the event log.\r | |
689 | @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the\r | |
690 | address of the start of the last entry in the event log in memory.\r | |
691 | @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would\r | |
692 | have exceeded the area allocated for events, this value is set to TRUE.\r | |
693 | Otherwise, the value will be FALSE and the Event Log will be complete.\r | |
694 | \r | |
695 | @retval EFI_SUCCESS Operation completed successfully.\r | |
696 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect\r | |
697 | (e.g. asking for an event log whose format is not supported).\r | |
698 | **/\r | |
699 | EFI_STATUS\r | |
700 | EFIAPI\r | |
701 | Tcg2GetEventLog (\r | |
702 | IN EFI_TCG2_PROTOCOL *This,\r | |
703 | IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,\r | |
704 | OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,\r | |
705 | OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,\r | |
706 | OUT BOOLEAN *EventLogTruncated\r | |
707 | )\r | |
708 | {\r | |
709 | UINTN Index;\r | |
710 | \r | |
711 | DEBUG ((EFI_D_INFO, "Tcg2GetEventLog ... (0x%x)\n", EventLogFormat));\r | |
712 | \r | |
713 | if (This == NULL) {\r | |
714 | return EFI_INVALID_PARAMETER;\r | |
715 | }\r | |
716 | \r | |
717 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
718 | if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {\r | |
719 | break;\r | |
720 | }\r | |
721 | }\r | |
722 | \r | |
723 | if (Index == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0])) {\r | |
724 | return EFI_INVALID_PARAMETER;\r | |
725 | }\r | |
726 | \r | |
727 | if ((mTcg2EventInfo[Index].LogFormat & mTcgDxeData.BsCap.SupportedEventLogs) == 0) {\r | |
728 | return EFI_INVALID_PARAMETER;\r | |
729 | }\r | |
730 | \r | |
731 | if (!mTcgDxeData.BsCap.TPMPresentFlag) {\r | |
732 | if (EventLogLocation != NULL) {\r | |
733 | *EventLogLocation = 0;\r | |
734 | }\r | |
735 | if (EventLogLastEntry != NULL) {\r | |
736 | *EventLogLastEntry = 0;\r | |
737 | }\r | |
738 | if (EventLogTruncated != NULL) {\r | |
739 | *EventLogTruncated = FALSE;\r | |
740 | }\r | |
741 | return EFI_SUCCESS;\r | |
742 | }\r | |
743 | \r | |
744 | if (EventLogLocation != NULL) {\r | |
745 | *EventLogLocation = mTcgDxeData.EventLogAreaStruct[Index].Lasa;\r | |
746 | DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogLocation - %x)\n", *EventLogLocation));\r | |
747 | }\r | |
748 | \r | |
749 | if (EventLogLastEntry != NULL) {\r | |
750 | if (!mTcgDxeData.EventLogAreaStruct[Index].EventLogStarted) {\r | |
751 | *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;\r | |
752 | } else {\r | |
753 | *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)mTcgDxeData.EventLogAreaStruct[Index].LastEvent;\r | |
754 | }\r | |
755 | DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogLastEntry - %x)\n", *EventLogLastEntry));\r | |
756 | }\r | |
757 | \r | |
758 | if (EventLogTruncated != NULL) {\r | |
759 | *EventLogTruncated = mTcgDxeData.EventLogAreaStruct[Index].EventLogTruncated;\r | |
760 | DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogTruncated - %x)\n", *EventLogTruncated));\r | |
761 | }\r | |
762 | \r | |
763 | DEBUG ((EFI_D_INFO, "Tcg2GetEventLog - %r\n", EFI_SUCCESS));\r | |
764 | \r | |
765 | // Dump Event Log for debug purpose\r | |
766 | if ((EventLogLocation != NULL) && (EventLogLastEntry != NULL)) {\r | |
767 | DumpEventLog (EventLogFormat, *EventLogLocation, *EventLogLastEntry, mTcgDxeData.FinalEventsTable[Index]);\r | |
768 | }\r | |
769 | \r | |
770 | //\r | |
771 | // All events generated after the invocation of EFI_TCG2_GET_EVENT_LOG SHALL be stored\r | |
772 | // in an instance of an EFI_CONFIGURATION_TABLE named by the VendorGuid of EFI_TCG2_FINAL_EVENTS_TABLE_GUID.\r | |
773 | //\r | |
774 | mTcgDxeData.GetEventLogCalled[Index] = TRUE;\r | |
775 | \r | |
776 | return EFI_SUCCESS;\r | |
777 | }\r | |
778 | \r | |
779 | /**\r | |
780 | Add a new entry to the Event Log.\r | |
781 | \r | |
782 | @param[in, out] EventLogPtr Pointer to the Event Log data. \r | |
783 | @param[in, out] LogSize Size of the Event Log. \r | |
784 | @param[in] MaxSize Maximum size of the Event Log.\r | |
785 | @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure. \r | |
786 | @param[in] NewEventHdrSize New event header size.\r | |
787 | @param[in] NewEventData Pointer to the new event data. \r | |
788 | @param[in] NewEventSize New event data size.\r | |
789 | \r | |
790 | @retval EFI_SUCCESS The new event log entry was added.\r | |
791 | @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r | |
792 | \r | |
793 | **/\r | |
794 | EFI_STATUS\r | |
795 | TcgCommLogEvent (\r | |
796 | IN OUT UINT8 **EventLogPtr,\r | |
797 | IN OUT UINTN *LogSize,\r | |
798 | IN UINTN MaxSize,\r | |
799 | IN VOID *NewEventHdr,\r | |
800 | IN UINT32 NewEventHdrSize,\r | |
801 | IN UINT8 *NewEventData,\r | |
802 | IN UINT32 NewEventSize\r | |
803 | )\r | |
804 | {\r | |
805 | UINTN NewLogSize;\r | |
806 | \r | |
807 | if (NewEventSize > MAX_ADDRESS - NewEventHdrSize) {\r | |
808 | return EFI_OUT_OF_RESOURCES;\r | |
809 | }\r | |
810 | \r | |
811 | NewLogSize = NewEventHdrSize + NewEventSize;\r | |
812 | \r | |
813 | if (NewLogSize > MAX_ADDRESS - *LogSize) {\r | |
814 | return EFI_OUT_OF_RESOURCES;\r | |
815 | }\r | |
816 | \r | |
817 | if (NewLogSize + *LogSize > MaxSize) {\r | |
818 | DEBUG ((EFI_D_INFO, " MaxSize - 0x%x\n", MaxSize));\r | |
819 | DEBUG ((EFI_D_INFO, " NewLogSize - 0x%x\n", NewLogSize));\r | |
820 | DEBUG ((EFI_D_INFO, " LogSize - 0x%x\n", *LogSize));\r | |
821 | DEBUG ((EFI_D_INFO, "TcgCommLogEvent - %r\n", EFI_OUT_OF_RESOURCES));\r | |
822 | return EFI_OUT_OF_RESOURCES;\r | |
823 | }\r | |
824 | \r | |
825 | *EventLogPtr += *LogSize;\r | |
826 | *LogSize += NewLogSize;\r | |
827 | CopyMem (*EventLogPtr, NewEventHdr, NewEventHdrSize);\r | |
828 | CopyMem (\r | |
829 | *EventLogPtr + NewEventHdrSize,\r | |
830 | NewEventData,\r | |
831 | NewEventSize\r | |
832 | );\r | |
833 | return EFI_SUCCESS;\r | |
834 | }\r | |
835 | \r | |
836 | /**\r | |
837 | Add a new entry to the Event Log.\r | |
838 | \r | |
839 | @param[in] EventLogFormat The type of the event log for which the information is requested.\r | |
840 | @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure. \r | |
841 | @param[in] NewEventHdrSize New event header size.\r | |
842 | @param[in] NewEventData Pointer to the new event data. \r | |
843 | @param[in] NewEventSize New event data size.\r | |
844 | \r | |
845 | @retval EFI_SUCCESS The new event log entry was added.\r | |
846 | @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r | |
847 | \r | |
848 | **/\r | |
849 | EFI_STATUS\r | |
850 | TcgDxeLogEvent (\r | |
851 | IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,\r | |
852 | IN VOID *NewEventHdr,\r | |
853 | IN UINT32 NewEventHdrSize,\r | |
854 | IN UINT8 *NewEventData,\r | |
855 | IN UINT32 NewEventSize\r | |
856 | )\r | |
857 | {\r | |
858 | EFI_STATUS Status;\r | |
859 | UINTN Index;\r | |
860 | TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct;\r | |
861 | \r | |
862 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
863 | if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {\r | |
864 | break;\r | |
865 | }\r | |
866 | }\r | |
867 | \r | |
868 | if (Index == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0])) {\r | |
869 | return EFI_INVALID_PARAMETER;\r | |
870 | }\r | |
871 | \r | |
fd46e831 JY |
872 | //\r |
873 | // Record to normal event log\r | |
874 | //\r | |
875 | EventLogAreaStruct = &mTcgDxeData.EventLogAreaStruct[Index];\r | |
1abfa4ce JY |
876 | \r |
877 | if (EventLogAreaStruct->EventLogTruncated) {\r | |
878 | return EFI_VOLUME_FULL;\r | |
879 | }\r | |
880 | \r | |
881 | EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;\r | |
882 | Status = TcgCommLogEvent (\r | |
883 | &EventLogAreaStruct->LastEvent,\r | |
884 | &EventLogAreaStruct->EventLogSize,\r | |
885 | (UINTN)EventLogAreaStruct->Laml,\r | |
886 | NewEventHdr,\r | |
887 | NewEventHdrSize,\r | |
888 | NewEventData,\r | |
889 | NewEventSize\r | |
890 | );\r | |
891 | \r | |
fd46e831 | 892 | if (Status == EFI_OUT_OF_RESOURCES) {\r |
1abfa4ce JY |
893 | EventLogAreaStruct->EventLogTruncated = TRUE;\r |
894 | return EFI_VOLUME_FULL;\r | |
895 | } else if (Status == EFI_SUCCESS) {\r | |
896 | EventLogAreaStruct->EventLogStarted = TRUE;\r | |
fd46e831 JY |
897 | }\r |
898 | \r | |
899 | //\r | |
900 | // If GetEventLog is called, record to FinalEventsTable, too.\r | |
901 | //\r | |
902 | if (mTcgDxeData.GetEventLogCalled[Index]) {\r | |
903 | if (mTcgDxeData.FinalEventsTable[Index] == NULL) {\r | |
904 | //\r | |
905 | // no need for FinalEventsTable\r | |
906 | //\r | |
907 | return EFI_SUCCESS;\r | |
908 | }\r | |
909 | EventLogAreaStruct = &mTcgDxeData.FinalEventLogAreaStruct[Index];\r | |
910 | \r | |
911 | if (EventLogAreaStruct->EventLogTruncated) {\r | |
912 | return EFI_VOLUME_FULL;\r | |
913 | }\r | |
914 | \r | |
915 | EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;\r | |
916 | Status = TcgCommLogEvent (\r | |
917 | &EventLogAreaStruct->LastEvent,\r | |
918 | &EventLogAreaStruct->EventLogSize,\r | |
919 | (UINTN)EventLogAreaStruct->Laml,\r | |
920 | NewEventHdr,\r | |
921 | NewEventHdrSize,\r | |
922 | NewEventData,\r | |
923 | NewEventSize\r | |
924 | );\r | |
925 | if (Status == EFI_OUT_OF_RESOURCES) {\r | |
926 | EventLogAreaStruct->EventLogTruncated = TRUE;\r | |
927 | return EFI_VOLUME_FULL;\r | |
928 | } else if (Status == EFI_SUCCESS) {\r | |
929 | EventLogAreaStruct->EventLogStarted = TRUE;\r | |
930 | //\r | |
931 | // Increase the NumberOfEvents in FinalEventsTable\r | |
932 | //\r | |
1abfa4ce | 933 | (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents ++;\r |
fd46e831 | 934 | DEBUG ((EFI_D_INFO, "FinalEventsTable->NumberOfEvents - 0x%x\n", (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents));\r |
c0584d0b | 935 | DEBUG ((EFI_D_INFO, " Size - 0x%x\n", (UINTN)EventLogAreaStruct->EventLogSize));\r |
1abfa4ce JY |
936 | }\r |
937 | }\r | |
938 | \r | |
939 | return Status;\r | |
940 | }\r | |
941 | \r | |
1abfa4ce JY |
942 | /**\r |
943 | Get TPML_DIGEST_VALUES compact binary buffer size.\r | |
944 | \r | |
945 | @param[in] DigestListBin TPML_DIGEST_VALUES compact binary buffer.\r | |
946 | \r | |
947 | @return TPML_DIGEST_VALUES compact binary buffer size.\r | |
948 | **/\r | |
949 | UINT32\r | |
950 | GetDigestListBinSize (\r | |
951 | IN VOID *DigestListBin\r | |
952 | )\r | |
953 | {\r | |
954 | UINTN Index;\r | |
955 | UINT16 DigestSize;\r | |
956 | UINT32 TotalSize;\r | |
957 | UINT32 Count;\r | |
958 | TPMI_ALG_HASH HashAlg;\r | |
959 | \r | |
960 | Count = ReadUnaligned32 (DigestListBin);\r | |
961 | TotalSize = sizeof(Count);\r | |
962 | DigestListBin = (UINT8 *)DigestListBin + sizeof(Count);\r | |
963 | for (Index = 0; Index < Count; Index++) {\r | |
964 | HashAlg = ReadUnaligned16 (DigestListBin);\r | |
965 | TotalSize += sizeof(HashAlg);\r | |
966 | DigestListBin = (UINT8 *)DigestListBin + sizeof(HashAlg);\r | |
967 | \r | |
968 | DigestSize = GetHashSizeFromAlgo (HashAlg);\r | |
969 | TotalSize += DigestSize;\r | |
970 | DigestListBin = (UINT8 *)DigestListBin + DigestSize;\r | |
971 | }\r | |
972 | \r | |
973 | return TotalSize;\r | |
974 | }\r | |
975 | \r | |
ab5b1f31 SZ |
976 | /**\r |
977 | Copy TPML_DIGEST_VALUES compact binary into a buffer\r | |
978 | \r | |
979 | @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary.\r | |
980 | @param[in] DigestListBin TPML_DIGEST_VALUES compact binary buffer.\r | |
981 | @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy.\r | |
982 | @param[out] HashAlgorithmMaskCopied Pointer to HASH bits corresponding to the digests copied.\r | |
983 | \r | |
984 | @return The end of buffer to hold TPML_DIGEST_VALUES compact binary.\r | |
985 | **/\r | |
986 | VOID *\r | |
987 | CopyDigestListBinToBuffer (\r | |
988 | IN OUT VOID *Buffer,\r | |
989 | IN VOID *DigestListBin,\r | |
990 | IN UINT32 HashAlgorithmMask,\r | |
991 | OUT UINT32 *HashAlgorithmMaskCopied\r | |
992 | )\r | |
993 | {\r | |
994 | UINTN Index;\r | |
995 | UINT16 DigestSize;\r | |
996 | UINT32 Count;\r | |
997 | TPMI_ALG_HASH HashAlg;\r | |
998 | UINT32 DigestListCount;\r | |
999 | UINT32 *DigestListCountPtr;\r | |
1000 | \r | |
1001 | DigestListCountPtr = (UINT32 *) Buffer;\r | |
1002 | DigestListCount = 0;\r | |
1003 | (*HashAlgorithmMaskCopied) = 0;\r | |
1004 | \r | |
1005 | Count = ReadUnaligned32 (DigestListBin);\r | |
1006 | Buffer = (UINT8 *)Buffer + sizeof(Count);\r | |
1007 | DigestListBin = (UINT8 *)DigestListBin + sizeof(Count);\r | |
1008 | for (Index = 0; Index < Count; Index++) {\r | |
1009 | HashAlg = ReadUnaligned16 (DigestListBin);\r | |
1010 | DigestListBin = (UINT8 *)DigestListBin + sizeof(HashAlg);\r | |
1011 | DigestSize = GetHashSizeFromAlgo (HashAlg);\r | |
1012 | \r | |
1013 | if (IsHashAlgSupportedInHashAlgorithmMask(HashAlg, HashAlgorithmMask)) {\r | |
1014 | CopyMem (Buffer, &HashAlg, sizeof(HashAlg));\r | |
1015 | Buffer = (UINT8 *)Buffer + sizeof(HashAlg);\r | |
1016 | CopyMem (Buffer, DigestListBin, DigestSize);\r | |
1017 | Buffer = (UINT8 *)Buffer + DigestSize;\r | |
1018 | DigestListCount++;\r | |
1019 | (*HashAlgorithmMaskCopied) |= GetHashMaskFromAlgo (HashAlg);\r | |
1020 | } else {\r | |
1021 | DEBUG ((DEBUG_ERROR, "WARNING: CopyDigestListBinToBuffer Event log has HashAlg unsupported by PCR bank (0x%x)\n", HashAlg));\r | |
1022 | }\r | |
1023 | DigestListBin = (UINT8 *)DigestListBin + DigestSize;\r | |
1024 | }\r | |
1025 | WriteUnaligned32 (DigestListCountPtr, DigestListCount);\r | |
1026 | \r | |
1027 | return Buffer;\r | |
1028 | }\r | |
1029 | \r | |
1abfa4ce JY |
1030 | /**\r |
1031 | Add a new entry to the Event Log.\r | |
1032 | \r | |
1033 | @param[in] DigestList A list of digest.\r | |
1034 | @param[in,out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.\r | |
1035 | @param[in] NewEventData Pointer to the new event data.\r | |
1036 | \r | |
1037 | @retval EFI_SUCCESS The new event log entry was added.\r | |
1038 | @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r | |
1039 | **/\r | |
1040 | EFI_STATUS\r | |
1041 | TcgDxeLogHashEvent (\r | |
1042 | IN TPML_DIGEST_VALUES *DigestList,\r | |
1043 | IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,\r | |
1044 | IN UINT8 *NewEventData\r | |
1045 | )\r | |
1046 | {\r | |
1047 | EFI_STATUS Status;\r | |
1048 | EFI_TPL OldTpl;\r | |
1049 | UINTN Index;\r | |
1050 | EFI_STATUS RetStatus;\r | |
1051 | TCG_PCR_EVENT2 TcgPcrEvent2;\r | |
1052 | UINT8 *DigestBuffer;\r | |
a9f1b2e2 | 1053 | UINT32 *EventSizePtr;\r |
1abfa4ce JY |
1054 | \r |
1055 | DEBUG ((EFI_D_INFO, "SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));\r | |
1056 | \r | |
1057 | RetStatus = EFI_SUCCESS;\r | |
1058 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
1059 | if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {\r | |
1060 | DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));\r | |
1061 | switch (mTcg2EventInfo[Index].LogFormat) {\r | |
1062 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:\r | |
d4b9b2c3 | 1063 | Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);\r |
1abfa4ce JY |
1064 | if (!EFI_ERROR (Status)) {\r |
1065 | //\r | |
1066 | // Enter critical region\r | |
1067 | //\r | |
1068 | OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);\r | |
1069 | Status = TcgDxeLogEvent (\r | |
1070 | mTcg2EventInfo[Index].LogFormat,\r | |
1071 | NewEventHdr,\r | |
1072 | sizeof(TCG_PCR_EVENT_HDR),\r | |
1073 | NewEventData,\r | |
1074 | NewEventHdr->EventSize\r | |
1075 | );\r | |
1076 | if (Status != EFI_SUCCESS) {\r | |
1077 | RetStatus = Status;\r | |
1078 | }\r | |
1079 | gBS->RestoreTPL (OldTpl);\r | |
1080 | //\r | |
1081 | // Exit critical region\r | |
1082 | //\r | |
1083 | }\r | |
1084 | break;\r | |
1085 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:\r | |
1086 | ZeroMem (&TcgPcrEvent2, sizeof(TcgPcrEvent2));\r | |
1087 | TcgPcrEvent2.PCRIndex = NewEventHdr->PCRIndex;\r | |
1088 | TcgPcrEvent2.EventType = NewEventHdr->EventType;\r | |
1089 | DigestBuffer = (UINT8 *)&TcgPcrEvent2.Digest;\r | |
a9f1b2e2 SZ |
1090 | EventSizePtr = CopyDigestListToBuffer (DigestBuffer, DigestList, mTcgDxeData.BsCap.ActivePcrBanks);\r |
1091 | CopyMem (EventSizePtr, &NewEventHdr->EventSize, sizeof(NewEventHdr->EventSize));\r | |
1abfa4ce JY |
1092 | \r |
1093 | //\r | |
1094 | // Enter critical region\r | |
1095 | //\r | |
1096 | OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);\r | |
1097 | Status = TcgDxeLogEvent (\r | |
1098 | mTcg2EventInfo[Index].LogFormat,\r | |
1099 | &TcgPcrEvent2,\r | |
a9f1b2e2 | 1100 | sizeof(TcgPcrEvent2.PCRIndex) + sizeof(TcgPcrEvent2.EventType) + GetDigestListBinSize (DigestBuffer) + sizeof(TcgPcrEvent2.EventSize),\r |
1abfa4ce JY |
1101 | NewEventData,\r |
1102 | NewEventHdr->EventSize\r | |
1103 | );\r | |
1104 | if (Status != EFI_SUCCESS) {\r | |
1105 | RetStatus = Status;\r | |
1106 | }\r | |
1107 | gBS->RestoreTPL (OldTpl);\r | |
1108 | //\r | |
1109 | // Exit critical region\r | |
1110 | //\r | |
1111 | break;\r | |
1112 | }\r | |
1113 | }\r | |
1114 | }\r | |
1115 | \r | |
1116 | return RetStatus;\r | |
1117 | }\r | |
1118 | \r | |
1119 | /**\r | |
1120 | Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,\r | |
1121 | and add an entry to the Event Log.\r | |
1122 | \r | |
1123 | @param[in] Flags Bitmap providing additional information.\r | |
1124 | @param[in] HashData Physical address of the start of the data buffer \r | |
1125 | to be hashed, extended, and logged.\r | |
1126 | @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData\r | |
1127 | @param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure. \r | |
1128 | @param[in] NewEventData Pointer to the new event data. \r | |
1129 | \r | |
1130 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1131 | @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.\r | |
1132 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
1133 | \r | |
1134 | **/\r | |
1135 | EFI_STATUS\r | |
1136 | TcgDxeHashLogExtendEvent (\r | |
1137 | IN UINT64 Flags,\r | |
1138 | IN UINT8 *HashData,\r | |
1139 | IN UINT64 HashDataLen,\r | |
1140 | IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,\r | |
1141 | IN UINT8 *NewEventData\r | |
1142 | )\r | |
1143 | {\r | |
1144 | EFI_STATUS Status;\r | |
1145 | TPML_DIGEST_VALUES DigestList;\r | |
1146 | \r | |
1147 | if (!mTcgDxeData.BsCap.TPMPresentFlag) {\r | |
1148 | return EFI_DEVICE_ERROR;\r | |
1149 | }\r | |
1150 | \r | |
1151 | Status = HashAndExtend (\r | |
1152 | NewEventHdr->PCRIndex,\r | |
1153 | HashData,\r | |
1154 | (UINTN)HashDataLen,\r | |
1155 | &DigestList\r | |
1156 | );\r | |
1157 | if (!EFI_ERROR (Status)) {\r | |
1158 | if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {\r | |
1159 | Status = TcgDxeLogHashEvent (&DigestList, NewEventHdr, NewEventData);\r | |
1160 | }\r | |
1161 | }\r | |
1162 | \r | |
1163 | if (Status == EFI_DEVICE_ERROR) {\r | |
1164 | DEBUG ((EFI_D_ERROR, "TcgDxeHashLogExtendEvent - %r. Disable TPM.\n", Status));\r | |
1165 | mTcgDxeData.BsCap.TPMPresentFlag = FALSE;\r | |
1166 | REPORT_STATUS_CODE (\r | |
1167 | EFI_ERROR_CODE | EFI_ERROR_MINOR,\r | |
1168 | (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)\r | |
1169 | );\r | |
1170 | }\r | |
1171 | \r | |
1172 | return Status;\r | |
1173 | }\r | |
1174 | \r | |
1175 | /**\r | |
1176 | The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with\r | |
1177 | an opportunity to extend and optionally log events without requiring\r | |
1178 | knowledge of actual TPM commands. \r | |
1179 | The extend operation will occur even if this function cannot create an event\r | |
1180 | log entry (e.g. due to the event log being full). \r | |
1181 | \r | |
1182 | @param[in] This Indicates the calling context\r | |
1183 | @param[in] Flags Bitmap providing additional information.\r | |
1184 | @param[in] DataToHash Physical address of the start of the data buffer to be hashed. \r | |
1185 | @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.\r | |
1186 | @param[in] Event Pointer to data buffer containing information about the event.\r | |
1187 | \r | |
1188 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1189 | @retval EFI_DEVICE_ERROR The command was unsuccessful.\r | |
1190 | @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.\r | |
1191 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
1192 | @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.\r | |
1193 | **/\r | |
1194 | EFI_STATUS\r | |
1195 | EFIAPI\r | |
1196 | Tcg2HashLogExtendEvent (\r | |
1197 | IN EFI_TCG2_PROTOCOL *This,\r | |
1198 | IN UINT64 Flags,\r | |
1199 | IN EFI_PHYSICAL_ADDRESS DataToHash,\r | |
1200 | IN UINT64 DataToHashLen,\r | |
1201 | IN EFI_TCG2_EVENT *Event\r | |
1202 | )\r | |
1203 | {\r | |
1204 | EFI_STATUS Status;\r | |
1205 | TCG_PCR_EVENT_HDR NewEventHdr;\r | |
1206 | TPML_DIGEST_VALUES DigestList;\r | |
1207 | \r | |
336dbfd1 | 1208 | DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent ...\n"));\r |
1abfa4ce JY |
1209 | \r |
1210 | if ((This == NULL) || (DataToHash == 0) || (Event == NULL)) {\r | |
1211 | return EFI_INVALID_PARAMETER;\r | |
1212 | }\r | |
1213 | \r | |
1214 | if (!mTcgDxeData.BsCap.TPMPresentFlag) {\r | |
1215 | return EFI_DEVICE_ERROR;\r | |
1216 | }\r | |
1217 | \r | |
1218 | if (Event->Size < Event->Header.HeaderSize + sizeof(UINT32)) {\r | |
1219 | return EFI_INVALID_PARAMETER;\r | |
1220 | }\r | |
1221 | \r | |
1222 | if (Event->Header.PCRIndex > MAX_PCR_INDEX) {\r | |
1223 | return EFI_INVALID_PARAMETER;\r | |
1224 | }\r | |
1225 | \r | |
1226 | NewEventHdr.PCRIndex = Event->Header.PCRIndex;\r | |
1227 | NewEventHdr.EventType = Event->Header.EventType;\r | |
1228 | NewEventHdr.EventSize = Event->Size - sizeof(UINT32) - Event->Header.HeaderSize;\r | |
1229 | if ((Flags & PE_COFF_IMAGE) != 0) {\r | |
1230 | Status = MeasurePeImageAndExtend (\r | |
1231 | NewEventHdr.PCRIndex,\r | |
1232 | DataToHash,\r | |
1233 | (UINTN)DataToHashLen,\r | |
1234 | &DigestList\r | |
1235 | );\r | |
1236 | if (!EFI_ERROR (Status)) {\r | |
1237 | if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {\r | |
1238 | Status = TcgDxeLogHashEvent (&DigestList, &NewEventHdr, Event->Event);\r | |
1239 | }\r | |
1240 | }\r | |
1241 | if (Status == EFI_DEVICE_ERROR) {\r | |
1242 | DEBUG ((EFI_D_ERROR, "MeasurePeImageAndExtend - %r. Disable TPM.\n", Status));\r | |
1243 | mTcgDxeData.BsCap.TPMPresentFlag = FALSE;\r | |
1244 | REPORT_STATUS_CODE (\r | |
1245 | EFI_ERROR_CODE | EFI_ERROR_MINOR,\r | |
1246 | (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)\r | |
1247 | );\r | |
1248 | }\r | |
1249 | } else {\r | |
1250 | Status = TcgDxeHashLogExtendEvent (\r | |
1251 | Flags,\r | |
1252 | (UINT8 *) (UINTN) DataToHash,\r | |
1253 | DataToHashLen,\r | |
1254 | &NewEventHdr,\r | |
1255 | Event->Event\r | |
1256 | );\r | |
1257 | }\r | |
336dbfd1 | 1258 | DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent - %r\n", Status));\r |
1abfa4ce JY |
1259 | return Status;\r |
1260 | }\r | |
1261 | \r | |
1262 | /**\r | |
1263 | This service enables the sending of commands to the TPM.\r | |
1264 | \r | |
1265 | @param[in] This Indicates the calling context\r | |
1266 | @param[in] InputParameterBlockSize Size of the TPM input parameter block.\r | |
1267 | @param[in] InputParameterBlock Pointer to the TPM input parameter block.\r | |
1268 | @param[in] OutputParameterBlockSize Size of the TPM output parameter block.\r | |
1269 | @param[in] OutputParameterBlock Pointer to the TPM output parameter block.\r | |
1270 | \r | |
1271 | @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.\r | |
1272 | @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.\r | |
1273 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
1274 | @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. \r | |
1275 | **/\r | |
1276 | EFI_STATUS\r | |
1277 | EFIAPI\r | |
1278 | Tcg2SubmitCommand (\r | |
1279 | IN EFI_TCG2_PROTOCOL *This,\r | |
1280 | IN UINT32 InputParameterBlockSize,\r | |
1281 | IN UINT8 *InputParameterBlock,\r | |
1282 | IN UINT32 OutputParameterBlockSize,\r | |
1283 | IN UINT8 *OutputParameterBlock\r | |
1284 | )\r | |
1285 | {\r | |
1286 | EFI_STATUS Status;\r | |
1287 | \r | |
1288 | DEBUG ((EFI_D_INFO, "Tcg2SubmitCommand ...\n"));\r | |
1289 | \r | |
1290 | if ((This == NULL) ||\r | |
1291 | (InputParameterBlockSize == 0) || (InputParameterBlock == NULL) ||\r | |
1292 | (OutputParameterBlockSize == 0) || (OutputParameterBlock == NULL)) {\r | |
1293 | return EFI_INVALID_PARAMETER;\r | |
1294 | }\r | |
1295 | \r | |
1296 | if (!mTcgDxeData.BsCap.TPMPresentFlag) {\r | |
1297 | return EFI_DEVICE_ERROR;\r | |
1298 | }\r | |
1299 | \r | |
e1f35834 | 1300 | if (InputParameterBlockSize > mTcgDxeData.BsCap.MaxCommandSize) {\r |
1abfa4ce JY |
1301 | return EFI_INVALID_PARAMETER;\r |
1302 | }\r | |
e1f35834 | 1303 | if (OutputParameterBlockSize > mTcgDxeData.BsCap.MaxResponseSize) {\r |
1abfa4ce JY |
1304 | return EFI_INVALID_PARAMETER;\r |
1305 | }\r | |
1306 | \r | |
1307 | Status = Tpm2SubmitCommand (\r | |
1308 | InputParameterBlockSize,\r | |
1309 | InputParameterBlock,\r | |
1310 | &OutputParameterBlockSize,\r | |
1311 | OutputParameterBlock\r | |
1312 | );\r | |
1313 | DEBUG ((EFI_D_INFO, "Tcg2SubmitCommand - %r\n", Status));\r | |
1314 | return Status;\r | |
1315 | }\r | |
1316 | \r | |
1317 | /**\r | |
1318 | This service returns the currently active PCR banks.\r | |
1319 | \r | |
1320 | @param[in] This Indicates the calling context\r | |
1321 | @param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.\r | |
1322 | \r | |
1323 | @retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.\r | |
1324 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect. \r | |
1325 | **/\r | |
1326 | EFI_STATUS\r | |
1327 | EFIAPI\r | |
1328 | Tcg2GetActivePCRBanks (\r | |
1329 | IN EFI_TCG2_PROTOCOL *This,\r | |
1330 | OUT UINT32 *ActivePcrBanks\r | |
1331 | )\r | |
1332 | {\r | |
1333 | if (ActivePcrBanks == NULL) {\r | |
1334 | return EFI_INVALID_PARAMETER;\r | |
1335 | }\r | |
1336 | *ActivePcrBanks = mTcgDxeData.BsCap.ActivePcrBanks;\r | |
1337 | return EFI_SUCCESS;\r | |
1338 | }\r | |
1339 | \r | |
1340 | /**\r | |
1341 | This service sets the currently active PCR banks.\r | |
1342 | \r | |
1343 | @param[in] This Indicates the calling context\r | |
1344 | @param[in] ActivePcrBanks Bitmap of the requested active PCR banks. At least one bit SHALL be set.\r | |
1345 | \r | |
1346 | @retval EFI_SUCCESS The bitmap in ActivePcrBank parameter is already active.\r | |
1347 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
1348 | **/\r | |
1349 | EFI_STATUS\r | |
1350 | EFIAPI\r | |
1351 | Tcg2SetActivePCRBanks (\r | |
1352 | IN EFI_TCG2_PROTOCOL *This,\r | |
1353 | IN UINT32 ActivePcrBanks\r | |
1354 | )\r | |
1355 | {\r | |
1356 | EFI_STATUS Status;\r | |
1357 | UINT32 ReturnCode;\r | |
1358 | \r | |
1359 | DEBUG ((EFI_D_INFO, "Tcg2SetActivePCRBanks ... (0x%x)\n", ActivePcrBanks));\r | |
1360 | \r | |
1361 | if (ActivePcrBanks == 0) {\r | |
1362 | return EFI_INVALID_PARAMETER;\r | |
1363 | }\r | |
1364 | if ((ActivePcrBanks & (~mTcgDxeData.BsCap.HashAlgorithmBitmap)) != 0) {\r | |
1365 | return EFI_INVALID_PARAMETER;\r | |
1366 | }\r | |
1367 | if (ActivePcrBanks == mTcgDxeData.BsCap.ActivePcrBanks) {\r | |
1368 | //\r | |
1369 | // Need clear previous SET_PCR_BANKS setting\r | |
1370 | //\r | |
1371 | ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_NO_ACTION, 0);\r | |
1372 | } else {\r | |
1373 | ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, ActivePcrBanks);\r | |
1374 | }\r | |
1375 | \r | |
1376 | if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {\r | |
1377 | Status = EFI_SUCCESS;\r | |
1378 | } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {\r | |
1379 | Status = EFI_OUT_OF_RESOURCES;\r | |
1380 | } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {\r | |
1381 | Status = EFI_UNSUPPORTED;\r | |
1382 | } else {\r | |
1383 | Status = EFI_DEVICE_ERROR;\r | |
1384 | }\r | |
1385 | \r | |
1386 | DEBUG ((EFI_D_INFO, "Tcg2SetActivePCRBanks - %r\n", Status));\r | |
1387 | \r | |
1388 | return Status;\r | |
1389 | }\r | |
1390 | \r | |
1391 | /**\r | |
1392 | This service retrieves the result of a previous invocation of SetActivePcrBanks.\r | |
1393 | \r | |
1394 | @param[in] This Indicates the calling context\r | |
1395 | @param[out] OperationPresent Non-zero value to indicate a SetActivePcrBank operation was invoked during the last boot.\r | |
1396 | @param[out] Response The response from the SetActivePcrBank request.\r | |
1397 | \r | |
1398 | @retval EFI_SUCCESS The result value could be returned.\r | |
1399 | @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.\r | |
1400 | **/\r | |
1401 | EFI_STATUS\r | |
1402 | EFIAPI\r | |
1403 | Tcg2GetResultOfSetActivePcrBanks (\r | |
1404 | IN EFI_TCG2_PROTOCOL *This,\r | |
1405 | OUT UINT32 *OperationPresent,\r | |
1406 | OUT UINT32 *Response\r | |
1407 | )\r | |
1408 | {\r | |
1409 | UINT32 ReturnCode;\r | |
1410 | \r | |
1411 | if ((OperationPresent == NULL) || (Response == NULL)) {\r | |
1412 | return EFI_INVALID_PARAMETER;\r | |
1413 | }\r | |
1414 | \r | |
1415 | ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (OperationPresent, Response);\r | |
1416 | if (ReturnCode == TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS) {\r | |
1417 | return EFI_SUCCESS;\r | |
1418 | } else {\r | |
1419 | return EFI_UNSUPPORTED;\r | |
1420 | }\r | |
1421 | }\r | |
1422 | \r | |
1423 | EFI_TCG2_PROTOCOL mTcg2Protocol = {\r | |
1424 | Tcg2GetCapability,\r | |
1425 | Tcg2GetEventLog,\r | |
1426 | Tcg2HashLogExtendEvent,\r | |
1427 | Tcg2SubmitCommand,\r | |
1428 | Tcg2GetActivePCRBanks,\r | |
1429 | Tcg2SetActivePCRBanks,\r | |
1430 | Tcg2GetResultOfSetActivePcrBanks,\r | |
1431 | };\r | |
1432 | \r | |
1433 | /**\r | |
1434 | Initialize the Event Log and log events passed from the PEI phase.\r | |
1435 | \r | |
1436 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1437 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
1438 | \r | |
1439 | **/\r | |
1440 | EFI_STATUS\r | |
1441 | SetupEventLog (\r | |
1442 | VOID\r | |
1443 | )\r | |
1444 | {\r | |
1445 | EFI_STATUS Status;\r | |
1446 | VOID *TcgEvent;\r | |
1447 | EFI_PEI_HOB_POINTERS GuidHob;\r | |
1448 | EFI_PHYSICAL_ADDRESS Lasa;\r | |
1449 | UINTN Index;\r | |
ab5b1f31 SZ |
1450 | VOID *DigestListBin;\r |
1451 | TPML_DIGEST_VALUES TempDigestListBin;\r | |
1abfa4ce | 1452 | UINT32 DigestListBinSize;\r |
ab5b1f31 | 1453 | UINT8 *Event;\r |
1abfa4ce | 1454 | UINT32 EventSize;\r |
ab5b1f31 SZ |
1455 | UINT32 *EventSizePtr;\r |
1456 | UINT32 HashAlgorithmMaskCopied;\r | |
1abfa4ce | 1457 | TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;\r |
9381e149 | 1458 | UINT8 TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];\r |
a2612cf7 ZC |
1459 | TCG_PCR_EVENT_HDR SpecIdEvent;\r |
1460 | TCG_PCR_EVENT2_HDR NoActionEvent;\r | |
a9092578 | 1461 | TCG_EfiSpecIdEventAlgorithmSize *DigestSize;\r |
35e00ace | 1462 | TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;\r |
a9092578 QS |
1463 | UINT8 *VendorInfoSize;\r |
1464 | UINT32 NumberOfAlgorithms;\r | |
18458db1 | 1465 | TCG_EfiStartupLocalityEvent StartupLocalityEvent;\r |
1abfa4ce JY |
1466 | \r |
1467 | DEBUG ((EFI_D_INFO, "SetupEventLog\n"));\r | |
1468 | \r | |
1469 | //\r | |
1470 | // 1. Create Log Area\r | |
1471 | //\r | |
1472 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
1473 | if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {\r | |
1474 | mTcgDxeData.EventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;\r | |
1abfa4ce | 1475 | Status = gBS->AllocatePages (\r |
dc756bae | 1476 | AllocateAnyPages,\r |
fd46e831 | 1477 | EfiBootServicesData,\r |
91e914f5 | 1478 | EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),\r |
1abfa4ce JY |
1479 | &Lasa\r |
1480 | );\r | |
1481 | if (EFI_ERROR (Status)) {\r | |
1482 | return Status;\r | |
1483 | }\r | |
1484 | mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;\r | |
91e914f5 | 1485 | mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);\r |
1abfa4ce JY |
1486 | //\r |
1487 | // To initialize them as 0xFF is recommended \r | |
1488 | // because the OS can know the last entry for that.\r | |
1489 | //\r | |
91e914f5 | 1490 | SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);\r |
1abfa4ce JY |
1491 | //\r |
1492 | // Create first entry for Log Header Entry Data\r | |
1493 | //\r | |
1494 | if (mTcg2EventInfo[Index].LogFormat != EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2) {\r | |
1495 | //\r | |
1496 | // TcgEfiSpecIdEventStruct\r | |
1497 | //\r | |
1498 | TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)TempBuf;\r | |
1499 | CopyMem (TcgEfiSpecIdEventStruct->signature, TCG_EfiSpecIDEventStruct_SIGNATURE_03, sizeof(TcgEfiSpecIdEventStruct->signature));\r | |
1500 | TcgEfiSpecIdEventStruct->platformClass = PcdGet8 (PcdTpmPlatformClass);\r | |
1501 | TcgEfiSpecIdEventStruct->specVersionMajor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2;\r | |
1502 | TcgEfiSpecIdEventStruct->specVersionMinor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2;\r | |
1503 | TcgEfiSpecIdEventStruct->specErrata = TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2;\r | |
1504 | TcgEfiSpecIdEventStruct->uintnSize = sizeof(UINTN)/sizeof(UINT32);\r | |
a9092578 QS |
1505 | NumberOfAlgorithms = 0;\r |
1506 | DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));\r | |
1abfa4ce | 1507 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {\r |
35e00ace QS |
1508 | TempDigestSize = DigestSize;\r |
1509 | TempDigestSize += NumberOfAlgorithms;\r | |
1510 | TempDigestSize->algorithmId = TPM_ALG_SHA1;\r | |
1511 | TempDigestSize->digestSize = SHA1_DIGEST_SIZE;\r | |
a9092578 | 1512 | NumberOfAlgorithms++;\r |
1abfa4ce JY |
1513 | }\r |
1514 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {\r | |
35e00ace QS |
1515 | TempDigestSize = DigestSize;\r |
1516 | TempDigestSize += NumberOfAlgorithms;\r | |
1517 | TempDigestSize->algorithmId = TPM_ALG_SHA256;\r | |
1518 | TempDigestSize->digestSize = SHA256_DIGEST_SIZE;\r | |
a9092578 | 1519 | NumberOfAlgorithms++;\r |
1abfa4ce JY |
1520 | }\r |
1521 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {\r | |
35e00ace QS |
1522 | TempDigestSize = DigestSize;\r |
1523 | TempDigestSize += NumberOfAlgorithms;\r | |
1524 | TempDigestSize->algorithmId = TPM_ALG_SHA384;\r | |
1525 | TempDigestSize->digestSize = SHA384_DIGEST_SIZE;\r | |
a9092578 | 1526 | NumberOfAlgorithms++;\r |
1abfa4ce JY |
1527 | }\r |
1528 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {\r | |
35e00ace QS |
1529 | TempDigestSize = DigestSize;\r |
1530 | TempDigestSize += NumberOfAlgorithms;\r | |
1531 | TempDigestSize->algorithmId = TPM_ALG_SHA512;\r | |
1532 | TempDigestSize->digestSize = SHA512_DIGEST_SIZE;\r | |
a9092578 | 1533 | NumberOfAlgorithms++;\r |
1abfa4ce JY |
1534 | }\r |
1535 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {\r | |
35e00ace QS |
1536 | TempDigestSize = DigestSize;\r |
1537 | TempDigestSize += NumberOfAlgorithms;\r | |
1538 | TempDigestSize->algorithmId = TPM_ALG_SM3_256;\r | |
1539 | TempDigestSize->digestSize = SM3_256_DIGEST_SIZE;\r | |
a9092578 | 1540 | NumberOfAlgorithms++;\r |
1abfa4ce | 1541 | }\r |
a9092578 | 1542 | CopyMem (TcgEfiSpecIdEventStruct + 1, &NumberOfAlgorithms, sizeof(NumberOfAlgorithms));\r |
35e00ace QS |
1543 | TempDigestSize = DigestSize;\r |
1544 | TempDigestSize += NumberOfAlgorithms;\r | |
1545 | VendorInfoSize = (UINT8 *)TempDigestSize;\r | |
a9092578 | 1546 | *VendorInfoSize = 0;\r |
1abfa4ce | 1547 | \r |
a2612cf7 ZC |
1548 | SpecIdEvent.PCRIndex = 0;\r |
1549 | SpecIdEvent.EventType = EV_NO_ACTION;\r | |
1550 | ZeroMem (&SpecIdEvent.Digest, sizeof(SpecIdEvent.Digest));\r | |
1551 | SpecIdEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);\r | |
1abfa4ce JY |
1552 | \r |
1553 | //\r | |
a2612cf7 ZC |
1554 | // Log TcgEfiSpecIdEventStruct as the first Event. Event format is TCG_PCR_EVENT.\r |
1555 | // TCG EFI Protocol Spec. Section 5.3 Event Log Header\r | |
18458db1 | 1556 | // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log\r |
1abfa4ce JY |
1557 | //\r |
1558 | Status = TcgDxeLogEvent (\r | |
1559 | mTcg2EventInfo[Index].LogFormat,\r | |
a2612cf7 ZC |
1560 | &SpecIdEvent,\r |
1561 | sizeof(SpecIdEvent),\r | |
1abfa4ce | 1562 | (UINT8 *)TcgEfiSpecIdEventStruct,\r |
a2612cf7 | 1563 | SpecIdEvent.EventSize\r |
1abfa4ce | 1564 | );\r |
18458db1 ZC |
1565 | \r |
1566 | //\r | |
a2612cf7 | 1567 | // EfiStartupLocalityEvent. Event format is TCG_PCR_EVENT2\r |
18458db1 ZC |
1568 | //\r |
1569 | GuidHob.Guid = GetFirstGuidHob (&gTpm2StartupLocalityHobGuid);\r | |
1570 | if (GuidHob.Guid != NULL) {\r | |
1571 | //\r | |
1572 | // Get Locality Indicator from StartupLocality HOB\r | |
1573 | //\r | |
1574 | StartupLocalityEvent.StartupLocality = *(UINT8 *)(GET_GUID_HOB_DATA (GuidHob.Guid));\r | |
1575 | CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof(StartupLocalityEvent.Signature));\r | |
18458db1 ZC |
1576 | DEBUG ((DEBUG_INFO, "SetupEventLog: Set Locality from HOB into StartupLocalityEvent 0x%02x\n", StartupLocalityEvent.StartupLocality));\r |
1577 | \r | |
a2612cf7 ZC |
1578 | //\r |
1579 | // Initialize StartupLocalityEvent\r | |
1580 | //\r | |
1581 | InitNoActionEvent(&NoActionEvent, sizeof(StartupLocalityEvent));\r | |
1582 | \r | |
18458db1 ZC |
1583 | //\r |
1584 | // Log EfiStartupLocalityEvent as the second Event\r | |
1585 | // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event\r | |
1586 | //\r | |
1587 | Status = TcgDxeLogEvent (\r | |
1588 | mTcg2EventInfo[Index].LogFormat,\r | |
1589 | &NoActionEvent,\r | |
a2612cf7 | 1590 | sizeof(NoActionEvent.PCRIndex) + sizeof(NoActionEvent.EventType) + GetDigestListBinSize (&NoActionEvent.Digests) + sizeof(NoActionEvent.EventSize),\r |
18458db1 | 1591 | (UINT8 *)&StartupLocalityEvent,\r |
a2612cf7 | 1592 | sizeof(StartupLocalityEvent)\r |
18458db1 | 1593 | );\r |
a2612cf7 | 1594 | \r |
18458db1 | 1595 | }\r |
1abfa4ce JY |
1596 | }\r |
1597 | }\r | |
1598 | }\r | |
1599 | \r | |
1600 | //\r | |
1601 | // 2. Create Final Log Area\r | |
1602 | //\r | |
1603 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
1604 | if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {\r | |
fd46e831 | 1605 | if (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) {\r |
fd46e831 | 1606 | Status = gBS->AllocatePages (\r |
dc756bae | 1607 | AllocateAnyPages,\r |
fd46e831 JY |
1608 | EfiACPIMemoryNVS,\r |
1609 | EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcg2FinalLogAreaLen)),\r | |
1610 | &Lasa\r | |
1611 | );\r | |
1612 | if (EFI_ERROR (Status)) {\r | |
1613 | return Status;\r | |
1614 | }\r | |
1615 | SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcg2FinalLogAreaLen), 0xFF);\r | |
1abfa4ce | 1616 | \r |
fd46e831 JY |
1617 | //\r |
1618 | // Initialize\r | |
1619 | //\r | |
1620 | mTcgDxeData.FinalEventsTable[Index] = (VOID *)(UINTN)Lasa;\r | |
1621 | (mTcgDxeData.FinalEventsTable[Index])->Version = EFI_TCG2_FINAL_EVENTS_TABLE_VERSION;\r | |
1622 | (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents = 0;\r | |
1623 | \r | |
1624 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;\r | |
1625 | mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = Lasa + sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);\r | |
1626 | mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcg2FinalLogAreaLen) - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);\r | |
1627 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;\r | |
1628 | mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID *)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;\r | |
1629 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;\r | |
1630 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;\r | |
1abfa4ce | 1631 | \r |
1abfa4ce | 1632 | //\r |
fd46e831 | 1633 | // Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2 \r |
1abfa4ce | 1634 | //\r |
fd46e831 | 1635 | Status = gBS->InstallConfigurationTable (&gEfiTcg2FinalEventsTableGuid, (VOID *)mTcgDxeData.FinalEventsTable[Index]);\r |
1abfa4ce JY |
1636 | if (EFI_ERROR (Status)) {\r |
1637 | return Status;\r | |
1638 | }\r | |
fd46e831 JY |
1639 | } else {\r |
1640 | //\r | |
1641 | // No need to handle EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2\r | |
1642 | //\r | |
1643 | mTcgDxeData.FinalEventsTable[Index] = NULL;\r | |
1644 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;\r | |
1645 | mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = 0;\r | |
1646 | mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = 0;\r | |
1647 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;\r | |
1648 | mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = 0;\r | |
1649 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;\r | |
1650 | mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;\r | |
1abfa4ce JY |
1651 | }\r |
1652 | }\r | |
1653 | }\r | |
1654 | \r | |
1655 | //\r | |
1656 | // 3. Sync data from PEI to DXE\r | |
1657 | //\r | |
1658 | Status = EFI_SUCCESS;\r | |
1659 | for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {\r | |
1660 | if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {\r | |
1661 | GuidHob.Raw = GetHobList ();\r | |
1662 | Status = EFI_SUCCESS;\r | |
1663 | while (!EFI_ERROR (Status) && \r | |
1664 | (GuidHob.Raw = GetNextGuidHob (mTcg2EventInfo[Index].EventGuid, GuidHob.Raw)) != NULL) {\r | |
ab5b1f31 SZ |
1665 | TcgEvent = AllocateCopyPool (GET_GUID_HOB_DATA_SIZE (GuidHob.Guid), GET_GUID_HOB_DATA (GuidHob.Guid));\r |
1666 | ASSERT (TcgEvent != NULL);\r | |
1abfa4ce JY |
1667 | GuidHob.Raw = GET_NEXT_HOB (GuidHob);\r |
1668 | switch (mTcg2EventInfo[Index].LogFormat) {\r | |
1669 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:\r | |
1670 | Status = TcgDxeLogEvent (\r | |
1671 | mTcg2EventInfo[Index].LogFormat,\r | |
1672 | TcgEvent,\r | |
1673 | sizeof(TCG_PCR_EVENT_HDR),\r | |
1674 | ((TCG_PCR_EVENT*)TcgEvent)->Event,\r | |
1675 | ((TCG_PCR_EVENT_HDR*)TcgEvent)->EventSize\r | |
1676 | );\r | |
1677 | break;\r | |
1678 | case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:\r | |
ab5b1f31 SZ |
1679 | DigestListBin = (UINT8 *)TcgEvent + sizeof(TCG_PCRINDEX) + sizeof(TCG_EVENTTYPE);\r |
1680 | DigestListBinSize = GetDigestListBinSize (DigestListBin);\r | |
1681 | //\r | |
1682 | // Save event size.\r | |
1683 | //\r | |
1684 | CopyMem (&EventSize, (UINT8 *)DigestListBin + DigestListBinSize, sizeof(UINT32));\r | |
1685 | Event = (UINT8 *)DigestListBin + DigestListBinSize + sizeof(UINT32);\r | |
1686 | //\r | |
1687 | // Filter inactive digest in the event2 log from PEI HOB.\r | |
1688 | //\r | |
1689 | CopyMem (&TempDigestListBin, DigestListBin, GetDigestListBinSize (DigestListBin));\r | |
1690 | EventSizePtr = CopyDigestListBinToBuffer (\r | |
1691 | DigestListBin,\r | |
1692 | &TempDigestListBin,\r | |
1693 | mTcgDxeData.BsCap.ActivePcrBanks,\r | |
1694 | &HashAlgorithmMaskCopied\r | |
1695 | );\r | |
1696 | if (HashAlgorithmMaskCopied != mTcgDxeData.BsCap.ActivePcrBanks) {\r | |
1697 | DEBUG ((\r | |
1698 | DEBUG_ERROR,\r | |
1699 | "ERROR: The event2 log includes digest hash mask 0x%x, but required digest hash mask is 0x%x\n",\r | |
1700 | HashAlgorithmMaskCopied,\r | |
1701 | mTcgDxeData.BsCap.ActivePcrBanks\r | |
1702 | ));\r | |
1703 | }\r | |
1704 | //\r | |
1705 | // Restore event size.\r | |
1706 | //\r | |
1707 | CopyMem (EventSizePtr, &EventSize, sizeof(UINT32));\r | |
1708 | DigestListBinSize = GetDigestListBinSize (DigestListBin);\r | |
1709 | \r | |
1abfa4ce JY |
1710 | Status = TcgDxeLogEvent (\r |
1711 | mTcg2EventInfo[Index].LogFormat,\r | |
1712 | TcgEvent,\r | |
1713 | sizeof(TCG_PCRINDEX) + sizeof(TCG_EVENTTYPE) + DigestListBinSize + sizeof(UINT32),\r | |
ab5b1f31 | 1714 | Event,\r |
1abfa4ce JY |
1715 | EventSize\r |
1716 | );\r | |
1717 | break;\r | |
1718 | }\r | |
ab5b1f31 | 1719 | FreePool (TcgEvent);\r |
1abfa4ce JY |
1720 | }\r |
1721 | }\r | |
1722 | }\r | |
1723 | \r | |
1724 | return Status;\r | |
1725 | }\r | |
1726 | \r | |
1727 | /**\r | |
c1b0828b | 1728 | Measure and log an action string, and extend the measurement result into PCR[PCRIndex].\r |
1abfa4ce | 1729 | \r |
c1b0828b | 1730 | @param[in] PCRIndex PCRIndex to extend\r |
1abfa4ce JY |
1731 | @param[in] String A specific string that indicates an Action event. \r |
1732 | \r | |
1733 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1734 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1735 | \r | |
1736 | **/\r | |
1737 | EFI_STATUS\r | |
1738 | TcgMeasureAction (\r | |
c1b0828b ZC |
1739 | IN TPM_PCRINDEX PCRIndex,\r |
1740 | IN CHAR8 *String\r | |
1abfa4ce JY |
1741 | )\r |
1742 | {\r | |
1743 | TCG_PCR_EVENT_HDR TcgEvent;\r | |
1744 | \r | |
c1b0828b | 1745 | TcgEvent.PCRIndex = PCRIndex;\r |
1abfa4ce JY |
1746 | TcgEvent.EventType = EV_EFI_ACTION;\r |
1747 | TcgEvent.EventSize = (UINT32)AsciiStrLen (String);\r | |
1748 | return TcgDxeHashLogExtendEvent (\r | |
1749 | 0,\r | |
1750 | (UINT8*)String,\r | |
1751 | TcgEvent.EventSize,\r | |
1752 | &TcgEvent,\r | |
1753 | (UINT8 *) String\r | |
1754 | );\r | |
1755 | }\r | |
1756 | \r | |
1757 | /**\r | |
1758 | Measure and log EFI handoff tables, and extend the measurement result into PCR[1].\r | |
1759 | \r | |
1760 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1761 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1762 | \r | |
1763 | **/\r | |
1764 | EFI_STATUS\r | |
1765 | MeasureHandoffTables (\r | |
1766 | VOID\r | |
1767 | )\r | |
1768 | {\r | |
1769 | EFI_STATUS Status;\r | |
1abfa4ce JY |
1770 | TCG_PCR_EVENT_HDR TcgEvent;\r |
1771 | EFI_HANDOFF_TABLE_POINTERS HandoffTables;\r | |
1772 | UINTN ProcessorNum;\r | |
1773 | EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;\r | |
1774 | \r | |
1775 | ProcessorLocBuf = NULL;\r | |
d2de4483 | 1776 | Status = EFI_SUCCESS;\r |
1abfa4ce JY |
1777 | \r |
1778 | if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {\r | |
1779 | //\r | |
1780 | // Tcg Server spec. \r | |
1781 | // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]\r | |
1782 | //\r | |
1783 | Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);\r | |
1784 | \r | |
1785 | if (!EFI_ERROR(Status)){\r | |
1786 | TcgEvent.PCRIndex = 1;\r | |
1787 | TcgEvent.EventType = EV_TABLE_OF_DEVICES;\r | |
1788 | TcgEvent.EventSize = sizeof (HandoffTables);\r | |
1789 | \r | |
1790 | HandoffTables.NumberOfTables = 1;\r | |
1791 | HandoffTables.TableEntry[0].VendorGuid = gEfiMpServiceProtocolGuid;\r | |
1792 | HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf;\r | |
1793 | \r | |
1794 | Status = TcgDxeHashLogExtendEvent (\r | |
1795 | 0,\r | |
1796 | (UINT8*)(UINTN)ProcessorLocBuf,\r | |
1797 | sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,\r | |
1798 | &TcgEvent,\r | |
1799 | (UINT8*)&HandoffTables\r | |
1800 | );\r | |
1801 | \r | |
1802 | FreePool(ProcessorLocBuf);\r | |
1803 | }\r | |
1804 | }\r | |
1805 | \r | |
1806 | return Status;\r | |
1807 | }\r | |
1808 | \r | |
1809 | /**\r | |
1810 | Measure and log Separator event, and extend the measurement result into a specific PCR.\r | |
1811 | \r | |
1812 | @param[in] PCRIndex PCR index. \r | |
1813 | \r | |
1814 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1815 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1816 | \r | |
1817 | **/\r | |
1818 | EFI_STATUS\r | |
1819 | MeasureSeparatorEvent (\r | |
1820 | IN TPM_PCRINDEX PCRIndex\r | |
1821 | )\r | |
1822 | {\r | |
1823 | TCG_PCR_EVENT_HDR TcgEvent;\r | |
1824 | UINT32 EventData;\r | |
1825 | \r | |
1826 | DEBUG ((EFI_D_INFO, "MeasureSeparatorEvent Pcr - %x\n", PCRIndex));\r | |
1827 | \r | |
1828 | EventData = 0;\r | |
1829 | TcgEvent.PCRIndex = PCRIndex;\r | |
1830 | TcgEvent.EventType = EV_SEPARATOR;\r | |
1831 | TcgEvent.EventSize = (UINT32)sizeof (EventData);\r | |
1832 | return TcgDxeHashLogExtendEvent (\r | |
1833 | 0,\r | |
1834 | (UINT8 *)&EventData,\r | |
1835 | sizeof (EventData),\r | |
1836 | &TcgEvent,\r | |
1837 | (UINT8 *)&EventData\r | |
1838 | );\r | |
1839 | }\r | |
1840 | \r | |
1841 | /**\r | |
1842 | Measure and log an EFI variable, and extend the measurement result into a specific PCR.\r | |
1843 | \r | |
1844 | @param[in] PCRIndex PCR Index. \r | |
1845 | @param[in] EventType Event type. \r | |
1846 | @param[in] VarName A Null-terminated string that is the name of the vendor's variable.\r | |
1847 | @param[in] VendorGuid A unique identifier for the vendor.\r | |
1848 | @param[in] VarData The content of the variable data. \r | |
1849 | @param[in] VarSize The size of the variable data. \r | |
1850 | \r | |
1851 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1852 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
1853 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1854 | \r | |
1855 | **/\r | |
1856 | EFI_STATUS\r | |
1857 | MeasureVariable (\r | |
1858 | IN TPM_PCRINDEX PCRIndex,\r | |
1859 | IN TCG_EVENTTYPE EventType,\r | |
1860 | IN CHAR16 *VarName,\r | |
1861 | IN EFI_GUID *VendorGuid,\r | |
1862 | IN VOID *VarData,\r | |
1863 | IN UINTN VarSize\r | |
1864 | )\r | |
1865 | {\r | |
1866 | EFI_STATUS Status;\r | |
1867 | TCG_PCR_EVENT_HDR TcgEvent;\r | |
1868 | UINTN VarNameLength;\r | |
9d77acf1 | 1869 | UEFI_VARIABLE_DATA *VarLog;\r |
1abfa4ce JY |
1870 | \r |
1871 | DEBUG ((EFI_D_INFO, "Tcg2Dxe: MeasureVariable (Pcr - %x, EventType - %x, ", (UINTN)PCRIndex, (UINTN)EventType));\r | |
1872 | DEBUG ((EFI_D_INFO, "VariableName - %s, VendorGuid - %g)\n", VarName, VendorGuid));\r | |
1873 | \r | |
1874 | VarNameLength = StrLen (VarName);\r | |
1875 | TcgEvent.PCRIndex = PCRIndex;\r | |
1876 | TcgEvent.EventType = EventType;\r | |
1877 | \r | |
1878 | TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize\r | |
1879 | - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));\r | |
1880 | \r | |
9d77acf1 | 1881 | VarLog = (UEFI_VARIABLE_DATA *)AllocatePool (TcgEvent.EventSize);\r |
1abfa4ce JY |
1882 | if (VarLog == NULL) {\r |
1883 | return EFI_OUT_OF_RESOURCES;\r | |
1884 | }\r | |
1885 | \r | |
1886 | VarLog->VariableName = *VendorGuid;\r | |
1887 | VarLog->UnicodeNameLength = VarNameLength;\r | |
1888 | VarLog->VariableDataLength = VarSize;\r | |
1889 | CopyMem (\r | |
1890 | VarLog->UnicodeName,\r | |
1891 | VarName,\r | |
1892 | VarNameLength * sizeof (*VarName)\r | |
1893 | );\r | |
1894 | if (VarSize != 0 && VarData != NULL) {\r | |
1895 | CopyMem (\r | |
1896 | (CHAR16 *)VarLog->UnicodeName + VarNameLength,\r | |
1897 | VarData,\r | |
1898 | VarSize\r | |
1899 | );\r | |
1900 | }\r | |
1901 | \r | |
1902 | if (EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) {\r | |
1903 | //\r | |
9d77acf1 | 1904 | // Digest is the event data (UEFI_VARIABLE_DATA)\r |
1abfa4ce JY |
1905 | //\r |
1906 | Status = TcgDxeHashLogExtendEvent (\r | |
1907 | 0,\r | |
1908 | (UINT8*)VarLog,\r | |
1909 | TcgEvent.EventSize,\r | |
1910 | &TcgEvent,\r | |
1911 | (UINT8*)VarLog\r | |
1912 | );\r | |
1913 | } else {\r | |
36e9e3e8 | 1914 | ASSERT (VarData != NULL);\r |
1abfa4ce JY |
1915 | Status = TcgDxeHashLogExtendEvent (\r |
1916 | 0,\r | |
1917 | (UINT8*)VarData,\r | |
1918 | VarSize,\r | |
1919 | &TcgEvent,\r | |
1920 | (UINT8*)VarLog\r | |
1921 | );\r | |
1922 | }\r | |
1923 | FreePool (VarLog);\r | |
1924 | return Status;\r | |
1925 | }\r | |
1926 | \r | |
1927 | /**\r | |
1928 | Read then Measure and log an EFI variable, and extend the measurement result into a specific PCR.\r | |
1929 | \r | |
1930 | @param[in] PCRIndex PCR Index. \r | |
1931 | @param[in] EventType Event type. \r | |
1932 | @param[in] VarName A Null-terminated string that is the name of the vendor's variable.\r | |
1933 | @param[in] VendorGuid A unique identifier for the vendor.\r | |
1934 | @param[out] VarSize The size of the variable data. \r | |
1935 | @param[out] VarData Pointer to the content of the variable. \r | |
1936 | \r | |
1937 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1938 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
1939 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1940 | \r | |
1941 | **/\r | |
1942 | EFI_STATUS\r | |
1943 | ReadAndMeasureVariable (\r | |
1944 | IN TPM_PCRINDEX PCRIndex,\r | |
1945 | IN TCG_EVENTTYPE EventType,\r | |
1946 | IN CHAR16 *VarName,\r | |
1947 | IN EFI_GUID *VendorGuid,\r | |
1948 | OUT UINTN *VarSize,\r | |
1949 | OUT VOID **VarData\r | |
1950 | )\r | |
1951 | {\r | |
1952 | EFI_STATUS Status;\r | |
1953 | \r | |
1954 | Status = GetVariable2 (VarName, VendorGuid, VarData, VarSize);\r | |
1955 | if (EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) {\r | |
1956 | if (EFI_ERROR (Status)) {\r | |
1957 | //\r | |
1958 | // It is valid case, so we need handle it.\r | |
1959 | //\r | |
1960 | *VarData = NULL;\r | |
1961 | *VarSize = 0;\r | |
1962 | }\r | |
1963 | } else {\r | |
1964 | //\r | |
1965 | // if status error, VarData is freed and set NULL by GetVariable2\r | |
1966 | //\r | |
1967 | if (EFI_ERROR (Status)) {\r | |
1968 | return EFI_NOT_FOUND;\r | |
1969 | }\r | |
1970 | }\r | |
1971 | \r | |
1972 | Status = MeasureVariable (\r | |
1973 | PCRIndex,\r | |
1974 | EventType,\r | |
1975 | VarName,\r | |
1976 | VendorGuid,\r | |
1977 | *VarData,\r | |
1978 | *VarSize\r | |
1979 | );\r | |
1980 | return Status;\r | |
1981 | }\r | |
1982 | \r | |
1983 | /**\r | |
fe13f92b ZC |
1984 | Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[1].\r |
1985 | according to TCG PC Client PFP spec 0021 Section 2.4.4.2\r | |
1abfa4ce JY |
1986 | \r |
1987 | @param[in] VarName A Null-terminated string that is the name of the vendor's variable.\r | |
1988 | @param[in] VendorGuid A unique identifier for the vendor.\r | |
1989 | @param[out] VarSize The size of the variable data. \r | |
1990 | @param[out] VarData Pointer to the content of the variable. \r | |
1991 | \r | |
1992 | @retval EFI_SUCCESS Operation completed successfully.\r | |
1993 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
1994 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
1995 | \r | |
1996 | **/\r | |
1997 | EFI_STATUS\r | |
1998 | ReadAndMeasureBootVariable (\r | |
1999 | IN CHAR16 *VarName,\r | |
2000 | IN EFI_GUID *VendorGuid,\r | |
2001 | OUT UINTN *VarSize,\r | |
2002 | OUT VOID **VarData\r | |
2003 | )\r | |
2004 | {\r | |
2005 | return ReadAndMeasureVariable (\r | |
fe13f92b | 2006 | 1,\r |
1abfa4ce JY |
2007 | EV_EFI_VARIABLE_BOOT,\r |
2008 | VarName,\r | |
2009 | VendorGuid,\r | |
2010 | VarSize,\r | |
2011 | VarData\r | |
2012 | );\r | |
2013 | }\r | |
2014 | \r | |
2015 | /**\r | |
2016 | Read then Measure and log an EFI Secure variable, and extend the measurement result into PCR[7].\r | |
2017 | \r | |
2018 | @param[in] VarName A Null-terminated string that is the name of the vendor's variable.\r | |
2019 | @param[in] VendorGuid A unique identifier for the vendor.\r | |
2020 | @param[out] VarSize The size of the variable data. \r | |
2021 | @param[out] VarData Pointer to the content of the variable. \r | |
2022 | \r | |
2023 | @retval EFI_SUCCESS Operation completed successfully.\r | |
2024 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
2025 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
2026 | \r | |
2027 | **/\r | |
2028 | EFI_STATUS\r | |
2029 | ReadAndMeasureSecureVariable (\r | |
2030 | IN CHAR16 *VarName,\r | |
2031 | IN EFI_GUID *VendorGuid,\r | |
2032 | OUT UINTN *VarSize,\r | |
2033 | OUT VOID **VarData\r | |
2034 | )\r | |
2035 | {\r | |
2036 | return ReadAndMeasureVariable (\r | |
2037 | 7,\r | |
2038 | EV_EFI_VARIABLE_DRIVER_CONFIG,\r | |
2039 | VarName,\r | |
2040 | VendorGuid,\r | |
2041 | VarSize,\r | |
2042 | VarData\r | |
2043 | );\r | |
2044 | }\r | |
2045 | \r | |
2046 | /**\r | |
2047 | Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.\r | |
2048 | \r | |
2049 | The EFI boot variables are BootOrder and Boot#### variables.\r | |
2050 | \r | |
2051 | @retval EFI_SUCCESS Operation completed successfully.\r | |
2052 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
2053 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
2054 | \r | |
2055 | **/\r | |
2056 | EFI_STATUS\r | |
2057 | MeasureAllBootVariables (\r | |
2058 | VOID\r | |
2059 | )\r | |
2060 | {\r | |
2061 | EFI_STATUS Status;\r | |
2062 | UINT16 *BootOrder;\r | |
2063 | UINTN BootCount;\r | |
2064 | UINTN Index;\r | |
2065 | VOID *BootVarData;\r | |
2066 | UINTN Size;\r | |
2067 | \r | |
2068 | Status = ReadAndMeasureBootVariable (\r | |
2069 | mBootVarName,\r | |
2070 | &gEfiGlobalVariableGuid,\r | |
2071 | &BootCount,\r | |
2072 | (VOID **) &BootOrder\r | |
2073 | );\r | |
2074 | if (Status == EFI_NOT_FOUND || BootOrder == NULL) {\r | |
2075 | return EFI_SUCCESS;\r | |
2076 | }\r | |
2077 | \r | |
2078 | if (EFI_ERROR (Status)) {\r | |
2079 | //\r | |
2080 | // BootOrder can't be NULL if status is not EFI_NOT_FOUND\r | |
2081 | //\r | |
2082 | FreePool (BootOrder);\r | |
2083 | return Status;\r | |
2084 | }\r | |
2085 | \r | |
2086 | BootCount /= sizeof (*BootOrder);\r | |
2087 | for (Index = 0; Index < BootCount; Index++) {\r | |
2088 | UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);\r | |
2089 | Status = ReadAndMeasureBootVariable (\r | |
2090 | mBootVarName,\r | |
2091 | &gEfiGlobalVariableGuid,\r | |
2092 | &Size,\r | |
2093 | &BootVarData\r | |
2094 | );\r | |
2095 | if (!EFI_ERROR (Status)) {\r | |
2096 | FreePool (BootVarData);\r | |
2097 | }\r | |
2098 | }\r | |
2099 | \r | |
2100 | FreePool (BootOrder);\r | |
2101 | return EFI_SUCCESS;\r | |
2102 | }\r | |
2103 | \r | |
2104 | /**\r | |
2105 | Measure and log all EFI Secure variables, and extend the measurement result into a specific PCR.\r | |
2106 | \r | |
2107 | The EFI boot variables are BootOrder and Boot#### variables.\r | |
2108 | \r | |
2109 | @retval EFI_SUCCESS Operation completed successfully.\r | |
2110 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
2111 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
2112 | \r | |
2113 | **/\r | |
2114 | EFI_STATUS\r | |
2115 | MeasureAllSecureVariables (\r | |
2116 | VOID\r | |
2117 | )\r | |
2118 | {\r | |
2119 | EFI_STATUS Status;\r | |
2120 | VOID *Data;\r | |
2121 | UINTN DataSize;\r | |
2122 | UINTN Index;\r | |
2123 | \r | |
2124 | Status = EFI_NOT_FOUND;\r | |
2125 | for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {\r | |
2126 | Status = ReadAndMeasureSecureVariable (\r | |
2127 | mVariableType[Index].VariableName,\r | |
2128 | mVariableType[Index].VendorGuid,\r | |
2129 | &DataSize,\r | |
2130 | &Data\r | |
2131 | );\r | |
2132 | if (!EFI_ERROR (Status)) {\r | |
2133 | if (Data != NULL) {\r | |
2134 | FreePool (Data);\r | |
2135 | }\r | |
2136 | }\r | |
2137 | }\r | |
2138 | \r | |
400b0940 ZC |
2139 | //\r |
2140 | // Measure DBT if present and not empty\r | |
2141 | //\r | |
2142 | Status = GetVariable2 (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, &Data, &DataSize);\r | |
2143 | if (!EFI_ERROR(Status)) {\r | |
2144 | Status = MeasureVariable (\r | |
2145 | 7,\r | |
2146 | EV_EFI_VARIABLE_DRIVER_CONFIG,\r | |
2147 | EFI_IMAGE_SECURITY_DATABASE2,\r | |
2148 | &gEfiImageSecurityDatabaseGuid,\r | |
2149 | Data,\r | |
2150 | DataSize\r | |
2151 | );\r | |
2152 | FreePool(Data);\r | |
2153 | } else {\r | |
2154 | DEBUG((DEBUG_INFO, "Skip measuring variable %s since it's deleted\n", EFI_IMAGE_SECURITY_DATABASE2));\r | |
2155 | }\r | |
2156 | \r | |
1abfa4ce JY |
2157 | return EFI_SUCCESS;\r |
2158 | }\r | |
2159 | \r | |
2160 | /**\r | |
2161 | Measure and log launch of FirmwareDebugger, and extend the measurement result into a specific PCR.\r | |
2162 | \r | |
2163 | @retval EFI_SUCCESS Operation completed successfully.\r | |
2164 | @retval EFI_OUT_OF_RESOURCES Out of memory.\r | |
2165 | @retval EFI_DEVICE_ERROR The operation was unsuccessful.\r | |
2166 | \r | |
2167 | **/\r | |
2168 | EFI_STATUS\r | |
2169 | MeasureLaunchOfFirmwareDebugger (\r | |
2170 | VOID\r | |
2171 | )\r | |
2172 | {\r | |
2173 | TCG_PCR_EVENT_HDR TcgEvent;\r | |
2174 | \r | |
2175 | TcgEvent.PCRIndex = 7;\r | |
2176 | TcgEvent.EventType = EV_EFI_ACTION;\r | |
2177 | TcgEvent.EventSize = sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1;\r | |
2178 | return TcgDxeHashLogExtendEvent (\r | |
2179 | 0,\r | |
2180 | (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING,\r | |
2181 | sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1,\r | |
2182 | &TcgEvent,\r | |
2183 | (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING\r | |
2184 | );\r | |
2185 | }\r | |
2186 | \r | |
2187 | /**\r | |
2188 | Measure and log all Secure Boot Policy, and extend the measurement result into a specific PCR.\r | |
2189 | \r | |
2190 | Platform firmware adhering to the policy must therefore measure the following values into PCR[7]: (in order listed)\r | |
2191 | - The contents of the SecureBoot variable\r | |
2192 | - The contents of the PK variable\r | |
2193 | - The contents of the KEK variable\r | |
2194 | - The contents of the EFI_IMAGE_SECURITY_DATABASE variable\r | |
2195 | - The contents of the EFI_IMAGE_SECURITY_DATABASE1 variable\r | |
2196 | - Separator\r | |
2197 | - Entries in the EFI_IMAGE_SECURITY_DATABASE that are used to validate EFI Drivers or EFI Boot Applications in the boot path\r | |
2198 | \r | |
2199 | NOTE: Because of the above, UEFI variables PK, KEK, EFI_IMAGE_SECURITY_DATABASE,\r | |
2200 | EFI_IMAGE_SECURITY_DATABASE1 and SecureBoot SHALL NOT be measured into PCR[3].\r | |
2201 | \r | |
2202 | @param[in] Event Event whose notification function is being invoked\r | |
2203 | @param[in] Context Pointer to the notification function's context\r | |
2204 | **/\r | |
2205 | VOID\r | |
2206 | EFIAPI\r | |
2207 | MeasureSecureBootPolicy (\r | |
2208 | IN EFI_EVENT Event,\r | |
2209 | IN VOID *Context\r | |
2210 | )\r | |
2211 | {\r | |
2212 | EFI_STATUS Status;\r | |
2213 | VOID *Protocol;\r | |
2214 | \r | |
2215 | Status = gBS->LocateProtocol (&gEfiVariableWriteArchProtocolGuid, NULL, (VOID **)&Protocol);\r | |
2216 | if (EFI_ERROR (Status)) {\r | |
2217 | return;\r | |
2218 | }\r | |
2219 | \r | |
2220 | if (PcdGetBool (PcdFirmwareDebuggerInitialized)) {\r | |
2221 | Status = MeasureLaunchOfFirmwareDebugger ();\r | |
2222 | DEBUG ((EFI_D_INFO, "MeasureLaunchOfFirmwareDebugger - %r\n", Status));\r | |
2223 | }\r | |
2224 | \r | |
2225 | Status = MeasureAllSecureVariables ();\r | |
2226 | DEBUG ((EFI_D_INFO, "MeasureAllSecureVariables - %r\n", Status));\r | |
2227 | \r | |
2228 | //\r | |
2229 | // We need measure Separator(7) here, because this event must be between SecureBootPolicy (Configure)\r | |
2230 | // and ImageVerification (Authority)\r | |
2231 | // There might be a case that we need measure UEFI image from DriverOrder, besides BootOrder. So\r | |
2232 | // the Authority measurement happen before ReadToBoot event.\r | |
2233 | //\r | |
2234 | Status = MeasureSeparatorEvent (7);\r | |
2235 | DEBUG ((EFI_D_INFO, "MeasureSeparatorEvent - %r\n", Status));\r | |
2236 | return ;\r | |
2237 | }\r | |
2238 | \r | |
2239 | /**\r | |
2240 | Ready to Boot Event notification handler.\r | |
2241 | \r | |
2242 | Sequence of OS boot events is measured in this event notification handler.\r | |
2243 | \r | |
2244 | @param[in] Event Event whose notification function is being invoked\r | |
2245 | @param[in] Context Pointer to the notification function's context\r | |
2246 | \r | |
2247 | **/\r | |
2248 | VOID\r | |
2249 | EFIAPI\r | |
2250 | OnReadyToBoot (\r | |
2251 | IN EFI_EVENT Event,\r | |
2252 | IN VOID *Context\r | |
2253 | )\r | |
2254 | {\r | |
2255 | EFI_STATUS Status;\r | |
2256 | TPM_PCRINDEX PcrIndex;\r | |
2257 | \r | |
2258 | PERF_START_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE);\r | |
2259 | if (mBootAttempts == 0) {\r | |
2260 | \r | |
2261 | //\r | |
2262 | // Measure handoff tables.\r | |
2263 | //\r | |
2264 | Status = MeasureHandoffTables ();\r | |
2265 | if (EFI_ERROR (Status)) {\r | |
2266 | DEBUG ((EFI_D_ERROR, "HOBs not Measured. Error!\n"));\r | |
2267 | }\r | |
2268 | \r | |
2269 | //\r | |
2270 | // Measure BootOrder & Boot#### variables.\r | |
2271 | //\r | |
2272 | Status = MeasureAllBootVariables ();\r | |
2273 | if (EFI_ERROR (Status)) {\r | |
2274 | DEBUG ((EFI_D_ERROR, "Boot Variables not Measured. Error!\n"));\r | |
2275 | }\r | |
2276 | \r | |
2277 | //\r | |
2278 | // 1. This is the first boot attempt.\r | |
2279 | //\r | |
2280 | Status = TcgMeasureAction (\r | |
c1b0828b | 2281 | 4,\r |
1abfa4ce JY |
2282 | EFI_CALLING_EFI_APPLICATION\r |
2283 | );\r | |
2284 | if (EFI_ERROR (Status)) {\r | |
655dabe3 | 2285 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));\r |
1abfa4ce JY |
2286 | }\r |
2287 | \r | |
2288 | //\r | |
2289 | // 2. Draw a line between pre-boot env and entering post-boot env.\r | |
2290 | // PCR[7] is already done.\r | |
2291 | //\r | |
2292 | for (PcrIndex = 0; PcrIndex < 7; PcrIndex++) {\r | |
2293 | Status = MeasureSeparatorEvent (PcrIndex);\r | |
2294 | if (EFI_ERROR (Status)) {\r | |
0ab475c9 | 2295 | DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));\r |
1abfa4ce JY |
2296 | }\r |
2297 | }\r | |
2298 | \r | |
2299 | //\r | |
2300 | // 3. Measure GPT. It would be done in SAP driver.\r | |
2301 | //\r | |
2302 | \r | |
2303 | //\r | |
2304 | // 4. Measure PE/COFF OS loader. It would be done in SAP driver.\r | |
2305 | //\r | |
2306 | \r | |
2307 | //\r | |
2308 | // 5. Read & Measure variable. BootOrder already measured.\r | |
2309 | //\r | |
2310 | } else {\r | |
2311 | //\r | |
2312 | // 6. Not first attempt, meaning a return from last attempt\r | |
2313 | //\r | |
2314 | Status = TcgMeasureAction (\r | |
c1b0828b | 2315 | 4,\r |
1abfa4ce JY |
2316 | EFI_RETURNING_FROM_EFI_APPLICATOIN\r |
2317 | );\r | |
2318 | if (EFI_ERROR (Status)) {\r | |
655dabe3 | 2319 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATOIN));\r |
1abfa4ce | 2320 | }\r |
c1b0828b ZC |
2321 | \r |
2322 | //\r | |
2323 | // 7. Next boot attempt, measure "Calling EFI Application from Boot Option" again\r | |
2324 | // TCG PC Client PFP spec Section 2.4.4.5 Step 4\r | |
2325 | //\r | |
2326 | Status = TcgMeasureAction (\r | |
2327 | 4,\r | |
2328 | EFI_CALLING_EFI_APPLICATION\r | |
2329 | );\r | |
2330 | if (EFI_ERROR (Status)) {\r | |
2331 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));\r | |
2332 | }\r | |
1abfa4ce JY |
2333 | }\r |
2334 | \r | |
2335 | DEBUG ((EFI_D_INFO, "TPM2 Tcg2Dxe Measure Data when ReadyToBoot\n"));\r | |
2336 | //\r | |
2337 | // Increase boot attempt counter.\r | |
2338 | //\r | |
2339 | mBootAttempts++;\r | |
2340 | PERF_END_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE + 1);\r | |
2341 | }\r | |
2342 | \r | |
2343 | /**\r | |
2344 | Exit Boot Services Event notification handler.\r | |
2345 | \r | |
2346 | Measure invocation and success of ExitBootServices.\r | |
2347 | \r | |
2348 | @param[in] Event Event whose notification function is being invoked\r | |
2349 | @param[in] Context Pointer to the notification function's context\r | |
2350 | \r | |
2351 | **/\r | |
2352 | VOID\r | |
2353 | EFIAPI\r | |
2354 | OnExitBootServices (\r | |
2355 | IN EFI_EVENT Event,\r | |
2356 | IN VOID *Context\r | |
2357 | )\r | |
2358 | {\r | |
2359 | EFI_STATUS Status;\r | |
2360 | \r | |
2361 | //\r | |
2362 | // Measure invocation of ExitBootServices,\r | |
2363 | //\r | |
2364 | Status = TcgMeasureAction (\r | |
c1b0828b | 2365 | 5,\r |
1abfa4ce JY |
2366 | EFI_EXIT_BOOT_SERVICES_INVOCATION\r |
2367 | );\r | |
2368 | if (EFI_ERROR (Status)) {\r | |
655dabe3 | 2369 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));\r |
1abfa4ce JY |
2370 | }\r |
2371 | \r | |
2372 | //\r | |
2373 | // Measure success of ExitBootServices\r | |
2374 | //\r | |
2375 | Status = TcgMeasureAction (\r | |
c1b0828b | 2376 | 5,\r |
1abfa4ce JY |
2377 | EFI_EXIT_BOOT_SERVICES_SUCCEEDED\r |
2378 | );\r | |
2379 | if (EFI_ERROR (Status)) {\r | |
655dabe3 | 2380 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));\r |
1abfa4ce JY |
2381 | }\r |
2382 | }\r | |
2383 | \r | |
2384 | /**\r | |
2385 | Exit Boot Services Failed Event notification handler.\r | |
2386 | \r | |
2387 | Measure Failure of ExitBootServices.\r | |
2388 | \r | |
2389 | @param[in] Event Event whose notification function is being invoked\r | |
2390 | @param[in] Context Pointer to the notification function's context\r | |
2391 | \r | |
2392 | **/\r | |
2393 | VOID\r | |
2394 | EFIAPI\r | |
2395 | OnExitBootServicesFailed (\r | |
2396 | IN EFI_EVENT Event,\r | |
2397 | IN VOID *Context\r | |
2398 | )\r | |
2399 | {\r | |
2400 | EFI_STATUS Status;\r | |
2401 | \r | |
2402 | //\r | |
2403 | // Measure Failure of ExitBootServices,\r | |
2404 | //\r | |
2405 | Status = TcgMeasureAction (\r | |
c1b0828b | 2406 | 5,\r |
1abfa4ce JY |
2407 | EFI_EXIT_BOOT_SERVICES_FAILED\r |
2408 | );\r | |
2409 | if (EFI_ERROR (Status)) {\r | |
655dabe3 | 2410 | DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));\r |
1abfa4ce JY |
2411 | }\r |
2412 | \r | |
2413 | }\r | |
2414 | \r | |
2415 | /**\r | |
2416 | The function install Tcg2 protocol.\r | |
2417 | \r | |
2418 | @retval EFI_SUCCESS Tcg2 protocol is installed.\r | |
2419 | @retval other Some error occurs.\r | |
2420 | **/\r | |
2421 | EFI_STATUS\r | |
2422 | InstallTcg2 (\r | |
2423 | VOID\r | |
2424 | )\r | |
2425 | {\r | |
2426 | EFI_STATUS Status;\r | |
2427 | EFI_HANDLE Handle;\r | |
2428 | \r | |
2429 | Handle = NULL;\r | |
2430 | Status = gBS->InstallMultipleProtocolInterfaces (\r | |
2431 | &Handle,\r | |
2432 | &gEfiTcg2ProtocolGuid,\r | |
2433 | &mTcg2Protocol,\r | |
2434 | NULL\r | |
2435 | );\r | |
2436 | return Status;\r | |
2437 | }\r | |
2438 | \r | |
2439 | /**\r | |
2440 | The driver's entry point. It publishes EFI Tcg2 Protocol.\r | |
2441 | \r | |
2442 | @param[in] ImageHandle The firmware allocated handle for the EFI image. \r | |
2443 | @param[in] SystemTable A pointer to the EFI System Table.\r | |
2444 | \r | |
2445 | @retval EFI_SUCCESS The entry point is executed successfully.\r | |
2446 | @retval other Some error occurs when executing this entry point.\r | |
2447 | **/\r | |
2448 | EFI_STATUS\r | |
2449 | EFIAPI\r | |
2450 | DriverEntry (\r | |
2451 | IN EFI_HANDLE ImageHandle,\r | |
2452 | IN EFI_SYSTEM_TABLE *SystemTable\r | |
2453 | )\r | |
2454 | {\r | |
2455 | EFI_STATUS Status;\r | |
2456 | EFI_EVENT Event;\r | |
2457 | VOID *Registration;\r | |
2458 | UINT32 MaxCommandSize;\r | |
2459 | UINT32 MaxResponseSize;\r | |
1abfa4ce JY |
2460 | UINTN Index;\r |
2461 | EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;\r | |
2462 | UINT32 ActivePCRBanks;\r | |
2463 | UINT32 NumberOfPCRBanks;\r | |
2464 | \r | |
2465 | mImageHandle = ImageHandle;\r | |
2466 | \r | |
2467 | if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||\r | |
2468 | CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){\r | |
2469 | DEBUG ((EFI_D_ERROR, "No TPM2 instance required!\n"));\r | |
2470 | return EFI_UNSUPPORTED;\r | |
2471 | }\r | |
2472 | \r | |
2473 | if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {\r | |
2474 | DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));\r | |
2475 | return EFI_DEVICE_ERROR;\r | |
2476 | }\r | |
2477 | \r | |
2478 | Status = Tpm2RequestUseTpm ();\r | |
2479 | if (EFI_ERROR (Status)) {\r | |
2480 | DEBUG ((EFI_D_ERROR, "TPM2 not detected!\n"));\r | |
2481 | return Status;\r | |
2482 | }\r | |
2483 | \r | |
2484 | //\r | |
2485 | // Fill information\r | |
2486 | //\r | |
2487 | ASSERT (TCG_EVENT_LOG_AREA_COUNT_MAX == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]));\r | |
2488 | \r | |
2489 | mTcgDxeData.BsCap.Size = sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);\r | |
2490 | mTcgDxeData.BsCap.ProtocolVersion.Major = 1;\r | |
2491 | mTcgDxeData.BsCap.ProtocolVersion.Minor = 1;\r | |
2492 | mTcgDxeData.BsCap.StructureVersion.Major = 1;\r | |
2493 | mTcgDxeData.BsCap.StructureVersion.Minor = 1;\r | |
2494 | \r | |
2495 | DEBUG ((EFI_D_INFO, "Tcg2.ProtocolVersion - %02x.%02x\n", mTcgDxeData.BsCap.ProtocolVersion.Major, mTcgDxeData.BsCap.ProtocolVersion.Minor));\r | |
2496 | DEBUG ((EFI_D_INFO, "Tcg2.StructureVersion - %02x.%02x\n", mTcgDxeData.BsCap.StructureVersion.Major, mTcgDxeData.BsCap.StructureVersion.Minor));\r | |
2497 | \r | |
2498 | Status = Tpm2GetCapabilityManufactureID (&mTcgDxeData.BsCap.ManufacturerID);\r | |
2499 | if (EFI_ERROR (Status)) {\r | |
2500 | DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityManufactureID fail!\n"));\r | |
2501 | } else {\r | |
2502 | DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityManufactureID - %08x\n", mTcgDxeData.BsCap.ManufacturerID));\r | |
2503 | }\r | |
2504 | \r | |
2505 | DEBUG_CODE (\r | |
2506 | UINT32 FirmwareVersion1;\r | |
2507 | UINT32 FirmwareVersion2;\r | |
2508 | \r | |
2509 | Status = Tpm2GetCapabilityFirmwareVersion (&FirmwareVersion1, &FirmwareVersion2);\r | |
2510 | if (EFI_ERROR (Status)) {\r | |
2511 | DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityFirmwareVersion fail!\n"));\r | |
2512 | } else {\r | |
2513 | DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityFirmwareVersion - %08x %08x\n", FirmwareVersion1, FirmwareVersion2));\r | |
2514 | }\r | |
2515 | );\r | |
2516 | \r | |
2517 | Status = Tpm2GetCapabilityMaxCommandResponseSize (&MaxCommandSize, &MaxResponseSize);\r | |
2518 | if (EFI_ERROR (Status)) {\r | |
2519 | DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityMaxCommandResponseSize fail!\n"));\r | |
2520 | } else {\r | |
2521 | mTcgDxeData.BsCap.MaxCommandSize = (UINT16)MaxCommandSize;\r | |
2522 | mTcgDxeData.BsCap.MaxResponseSize = (UINT16)MaxResponseSize;\r | |
2523 | DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityMaxCommandResponseSize - %08x, %08x\n", MaxCommandSize, MaxResponseSize));\r | |
2524 | }\r | |
2525 | \r | |
2526 | //\r | |
2527 | // Get supported PCR and current Active PCRs\r | |
2528 | //\r | |
07cdba18 JY |
2529 | Status = Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmBitmap, &ActivePCRBanks);\r |
2530 | ASSERT_EFI_ERROR (Status);\r | |
2531 | \r | |
1abfa4ce JY |
2532 | mTcgDxeData.BsCap.HashAlgorithmBitmap = TpmHashAlgorithmBitmap & PcdGet32 (PcdTcg2HashAlgorithmBitmap);\r |
2533 | mTcgDxeData.BsCap.ActivePcrBanks = ActivePCRBanks & PcdGet32 (PcdTcg2HashAlgorithmBitmap);\r | |
2534 | \r | |
a3cad6f8 JY |
2535 | //\r |
2536 | // Need calculate NumberOfPCRBanks here, because HashAlgorithmBitmap might be removed by PCD.\r | |
2537 | //\r | |
2538 | NumberOfPCRBanks = 0;\r | |
2539 | for (Index = 0; Index < 32; Index++) {\r | |
2540 | if ((mTcgDxeData.BsCap.HashAlgorithmBitmap & (1u << Index)) != 0) {\r | |
2541 | NumberOfPCRBanks++;\r | |
2542 | }\r | |
2543 | }\r | |
2544 | \r | |
1abfa4ce JY |
2545 | if (PcdGet32 (PcdTcg2NumberOfPCRBanks) == 0) {\r |
2546 | mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;\r | |
2547 | } else {\r | |
2548 | mTcgDxeData.BsCap.NumberOfPCRBanks = PcdGet32 (PcdTcg2NumberOfPCRBanks);\r | |
2549 | if (PcdGet32 (PcdTcg2NumberOfPCRBanks) > NumberOfPCRBanks) {\r | |
2550 | DEBUG ((EFI_D_ERROR, "ERROR: PcdTcg2NumberOfPCRBanks(0x%x) > NumberOfPCRBanks(0x%x)\n", PcdGet32 (PcdTcg2NumberOfPCRBanks), NumberOfPCRBanks));\r | |
2551 | mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;\r | |
2552 | }\r | |
2553 | }\r | |
2554 | \r | |
2555 | mTcgDxeData.BsCap.SupportedEventLogs = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;\r | |
87361c6a | 2556 | if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) == 0) {\r |
1abfa4ce JY |
2557 | //\r |
2558 | // No need to expose TCG1.2 event log if SHA1 bank does not exist.\r | |
2559 | //\r | |
87361c6a | 2560 | mTcgDxeData.BsCap.SupportedEventLogs &= ~EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;\r |
1abfa4ce JY |
2561 | }\r |
2562 | \r | |
2563 | DEBUG ((EFI_D_INFO, "Tcg2.SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));\r | |
2564 | DEBUG ((EFI_D_INFO, "Tcg2.HashAlgorithmBitmap - 0x%08x\n", mTcgDxeData.BsCap.HashAlgorithmBitmap));\r | |
2565 | DEBUG ((EFI_D_INFO, "Tcg2.NumberOfPCRBanks - 0x%08x\n", mTcgDxeData.BsCap.NumberOfPCRBanks));\r | |
2566 | DEBUG ((EFI_D_INFO, "Tcg2.ActivePcrBanks - 0x%08x\n", mTcgDxeData.BsCap.ActivePcrBanks));\r | |
2567 | \r | |
2568 | if (mTcgDxeData.BsCap.TPMPresentFlag) {\r | |
2569 | //\r | |
2570 | // Setup the log area and copy event log from hob list to it\r | |
2571 | //\r | |
2572 | Status = SetupEventLog ();\r | |
2573 | ASSERT_EFI_ERROR (Status);\r | |
2574 | \r | |
2575 | //\r | |
2576 | // Measure handoff tables, Boot#### variables etc.\r | |
2577 | //\r | |
2578 | Status = EfiCreateEventReadyToBootEx (\r | |
2579 | TPL_CALLBACK,\r | |
2580 | OnReadyToBoot,\r | |
2581 | NULL,\r | |
2582 | &Event\r | |
2583 | );\r | |
2584 | \r | |
2585 | Status = gBS->CreateEventEx (\r | |
2586 | EVT_NOTIFY_SIGNAL,\r | |
2587 | TPL_NOTIFY,\r | |
2588 | OnExitBootServices,\r | |
2589 | NULL,\r | |
2590 | &gEfiEventExitBootServicesGuid,\r | |
2591 | &Event\r | |
2592 | );\r | |
2593 | \r | |
2594 | //\r | |
2595 | // Measure Exit Boot Service failed \r | |
2596 | //\r | |
2597 | Status = gBS->CreateEventEx (\r | |
2598 | EVT_NOTIFY_SIGNAL,\r | |
2599 | TPL_NOTIFY,\r | |
2600 | OnExitBootServicesFailed,\r | |
2601 | NULL,\r | |
2602 | &gEventExitBootServicesFailedGuid,\r | |
2603 | &Event\r | |
2604 | );\r | |
2605 | \r | |
2606 | //\r | |
2607 | // Create event callback, because we need access variable on SecureBootPolicyVariable\r | |
2608 | // We should use VariableWriteArch instead of VariableArch, because Variable driver\r | |
2609 | // may update SecureBoot value based on last setting.\r | |
2610 | //\r | |
2611 | EfiCreateProtocolNotifyEvent (&gEfiVariableWriteArchProtocolGuid, TPL_CALLBACK, MeasureSecureBootPolicy, NULL, &Registration);\r | |
2612 | }\r | |
2613 | \r | |
2614 | //\r | |
2615 | // Install Tcg2Protocol\r | |
2616 | //\r | |
2617 | Status = InstallTcg2 ();\r | |
2618 | DEBUG ((EFI_D_INFO, "InstallTcg2 - %r\n", Status));\r | |
2619 | \r | |
2620 | return Status;\r | |
2621 | }\r |