[mirror_edk2.git] / SecurityPkg / Library / DxeTcgPhysicalPresenceLib / DxeTcgPhysicalPresenceLib.c

/** @file\r
\r
  Execute pending TPM requests from OS or BIOS and Lock TPM.\r
\r
  Caution: This module requires additional review when modified.\r
  This driver will have external input - variable.\r
  This external input must be validated carefully to avoid security issue.\r
\r
  ExecutePendingTpmRequest() will receive untrusted input and do validation.\r
\r
Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution.  The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
\r
#include <PiDxe.h>\r
\r
#include <Protocol/TcgService.h>\r
#include <Protocol/VariableLock.h>\r
#include <Library/DebugLib.h>\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/UefiRuntimeServicesTableLib.h>\r
#include <Library/UefiDriverEntryPoint.h>\r
#include <Library/UefiBootServicesTableLib.h>\r
#include <Library/UefiLib.h>\r
#include <Library/MemoryAllocationLib.h>\r
#include <Library/PrintLib.h>\r
#include <Library/HiiLib.h>\r
#include <Guid/EventGroup.h>\r
#include <Guid/PhysicalPresenceData.h>\r
#include <Library/TcgPpVendorLib.h>\r
\r
#define CONFIRM_BUFFER_SIZE         4096\r
\r
EFI_HII_HANDLE mPpStringPackHandle;\r
\r
/**\r
  Get string by string id from HII Interface.\r
\r
  @param[in] Id          String ID.\r
\r
  @retval    CHAR16 *    String from ID.\r
  @retval    NULL        If error occurs.\r
\r
**/\r
CHAR16 *\r
PhysicalPresenceGetStringById (\r
  IN  EFI_STRING_ID   Id\r
  )\r
{\r
  return HiiGetString (mPpStringPackHandle, Id, NULL);\r
}\r
\r
/**\r
  Get TPM physical presence permanent flags.\r
\r
  @param[in]  TcgProtocol   EFI TCG Protocol instance.\r
  @param[out] LifetimeLock  physicalPresenceLifetimeLock permanent flag.\r
  @param[out] CmdEnable     physicalPresenceCMDEnable permanent flag.\r
\r
  @retval EFI_SUCCESS       Flags were returns successfully.\r
  @retval other             Failed to locate EFI TCG Protocol.\r
\r
**/\r
EFI_STATUS\r
GetTpmCapability (\r
  IN   EFI_TCG_PROTOCOL             *TcgProtocol,\r
  OUT  BOOLEAN                      *LifetimeLock,\r
  OUT  BOOLEAN                      *CmdEnable\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  TPM_RQU_COMMAND_HDR               *TpmRqu;\r
  TPM_RSP_COMMAND_HDR               *TpmRsp;\r
  UINT32                            *SendBufPtr;\r
  UINT8                             SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];\r
  TPM_PERMANENT_FLAGS               *TpmPermanentFlags;\r
  UINT8                             RecvBuffer[40];\r
\r
  //\r
  // Fill request header\r
  //\r
  TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;\r
  TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;\r
\r
  TpmRqu->tag       = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
  TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));\r
  TpmRqu->ordinal   = SwapBytes32 (TPM_ORD_GetCapability);\r
\r
  //\r
  // Set request parameter\r
  //\r
  SendBufPtr      = (UINT32*)(TpmRqu + 1);\r
  WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));\r
  WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));\r
  WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));\r
\r
  Status = TcgProtocol->PassThroughToTpm (\r
                          TcgProtocol,\r
                          sizeof (SendBuffer),\r
                          (UINT8*)TpmRqu,\r
                          sizeof (RecvBuffer),\r
                          (UINT8*)&RecvBuffer\r
                          );\r
  ASSERT_EFI_ERROR (Status);\r
  ASSERT (TpmRsp->tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
  ASSERT (TpmRsp->returnCode == 0);\r
\r
  TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];\r
\r
  if (LifetimeLock != NULL) {\r
    *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock;\r
  }\r
\r
  if (CmdEnable != NULL) {\r
    *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable;\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
  Issue TSC_PhysicalPresence command to TPM.\r
\r
  @param[in] TcgProtocol          EFI TCG Protocol instance.\r
  @param[in] PhysicalPresence     The state to set the TPM's Physical Presence flags.\r
\r
  @retval EFI_SUCCESS             TPM executed the command successfully.\r
  @retval EFI_SECURITY_VIOLATION  TPM returned error when executing the command.\r
  @retval other                   Failed to locate EFI TCG Protocol.\r
\r
**/\r
EFI_STATUS\r
TpmPhysicalPresence (\r
  IN      EFI_TCG_PROTOCOL          *TcgProtocol,\r
  IN      TPM_PHYSICAL_PRESENCE     PhysicalPresence\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  TPM_RQU_COMMAND_HDR               *TpmRqu;\r
  TPM_PHYSICAL_PRESENCE             *TpmPp;\r
  TPM_RSP_COMMAND_HDR               TpmRsp;\r
  UINT8                             Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];\r
\r
  TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;\r
  TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);\r
\r
  TpmRqu->tag       = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
  TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));\r
  TpmRqu->ordinal   = SwapBytes32 (TSC_ORD_PhysicalPresence);\r
  WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));\r
\r
  Status = TcgProtocol->PassThroughToTpm (\r
                          TcgProtocol,\r
                          sizeof (Buffer),\r
                          (UINT8*)TpmRqu,\r
                          sizeof (TpmRsp),\r
                          (UINT8*)&TpmRsp\r
                          );\r
  ASSERT_EFI_ERROR (Status);\r
  ASSERT (TpmRsp.tag == SwapBytes16 (TPM_TAG_RSP_COMMAND));\r
  if (TpmRsp.returnCode != 0) {\r
    //\r
    // If it fails, some requirements may be needed for this command.\r
    //\r
    return EFI_SECURITY_VIOLATION;\r
  }\r
\r
  return Status;\r
}\r
\r
/**\r
  Issue a TPM command for which no additional output data will be returned.\r
\r
  @param[in] TcgProtocol              EFI TCG Protocol instance.\r
  @param[in] Ordinal                  TPM command code.\r
  @param[in] AdditionalParameterSize  Additional parameter size.\r
  @param[in] AdditionalParameters     Pointer to the Additional paramaters.\r
\r
  @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or\r
                                                  receiving response from TPM.\r
  @retval Others                                  Return code from the TPM device after command execution.\r
\r
**/\r
UINT32\r
TpmCommandNoReturnData (\r
  IN      EFI_TCG_PROTOCOL          *TcgProtocol,\r
  IN      TPM_COMMAND_CODE          Ordinal,\r
  IN      UINTN                     AdditionalParameterSize,\r
  IN      VOID                      *AdditionalParameters\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  TPM_RQU_COMMAND_HDR               *TpmRqu;\r
  TPM_RSP_COMMAND_HDR               TpmRsp;\r
  UINT32                            Size;\r
\r
  TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);\r
  if (TpmRqu == NULL) {\r
    return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
  }\r
\r
  TpmRqu->tag       = SwapBytes16 (TPM_TAG_RQU_COMMAND);\r
  Size              = (UINT32)(sizeof (*TpmRqu) + AdditionalParameterSize);\r
  TpmRqu->paramSize = SwapBytes32 (Size);\r
  TpmRqu->ordinal   = SwapBytes32 (Ordinal);\r
  CopyMem (TpmRqu + 1, AdditionalParameters, AdditionalParameterSize);\r
\r
  Status = TcgProtocol->PassThroughToTpm (\r
                          TcgProtocol,\r
                          Size,\r
                          (UINT8*)TpmRqu,\r
                          (UINT32)sizeof (TpmRsp),\r
                          (UINT8*)&TpmRsp\r
                          );\r
  FreePool (TpmRqu);\r
  if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {\r
    return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
  }\r
  return SwapBytes32 (TpmRsp.returnCode);\r
}\r
\r
/**\r
  Execute physical presence operation requested by the OS.\r
\r
  @param[in]      TcgProtocol         EFI TCG Protocol instance.\r
  @param[in]      CommandCode         Physical presence operation value.\r
  @param[in, out] PpiFlags            The physical presence interface flags.\r
\r
  @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Unknown physical presence operation.\r
  @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or\r
                                                  receiving response from TPM.\r
  @retval Others                                  Return code from the TPM device after command execution.\r
\r
**/\r
UINT32\r
ExecutePhysicalPresence (\r
  IN      EFI_TCG_PROTOCOL            *TcgProtocol,\r
  IN      UINT32                      CommandCode,\r
  IN OUT  EFI_PHYSICAL_PRESENCE_FLAGS *PpiFlags\r
  )\r
{\r
  BOOLEAN                           BoolVal;\r
  UINT32                            TpmResponse;\r
  UINT32                            InData[5];\r
\r
  switch (CommandCode) {\r
    case PHYSICAL_PRESENCE_ENABLE:\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_PhysicalEnable,\r
               0,\r
               NULL\r
               );\r
\r
    case PHYSICAL_PRESENCE_DISABLE:\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_PhysicalDisable,\r
               0,\r
               NULL\r
               );\r
\r
    case PHYSICAL_PRESENCE_ACTIVATE:\r
      BoolVal = FALSE;\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_PhysicalSetDeactivated,\r
               sizeof (BoolVal),\r
               &BoolVal\r
               );\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE:\r
      BoolVal = TRUE;\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_PhysicalSetDeactivated,\r
               sizeof (BoolVal),\r
               &BoolVal\r
               );\r
\r
    case PHYSICAL_PRESENCE_CLEAR:\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_ForceClear,\r
               0,\r
               NULL\r
               );\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
      TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE, PpiFlags);\r
      if (TpmResponse == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
      TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE, PpiFlags);\r
      if (TpmResponse == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
      BoolVal = TRUE;\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_SetOwnerInstall,\r
               sizeof (BoolVal),\r
               &BoolVal\r
               );\r
\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
      BoolVal = FALSE;\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_SetOwnerInstall,\r
               sizeof (BoolVal),\r
               &BoolVal\r
               );\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
      //\r
      // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE\r
      // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot\r
      //\r
      if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
        PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      } else {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);\r
        PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
      TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE, PpiFlags);\r
      if (TpmResponse == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
      InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA);            // CapabilityArea\r
      InData[1] = SwapBytes32 (sizeof(UINT32));                  // SubCapSize\r
      InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap\r
      InData[3] = SwapBytes32 (sizeof(UINT32));                  // SetValueSize\r
      InData[4] = SwapBytes32 (1);                               // UnownedFieldUpgrade; bit0\r
      return TpmCommandNoReturnData (\r
               TcgProtocol,\r
               TPM_ORD_SetCapability,\r
               sizeof (UINT32) * 5,\r
               InData\r
               );\r
\r
    case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
      //\r
      // TPM_SetOperatorAuth\r
      // This command requires UI to prompt user for Auth data\r
      // Here it is NOT implemented\r
      //\r
      return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
\r
    case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
      TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
      if (TpmResponse == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
      PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
      PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
      PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
      PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
      PpiFlags->PPFlags &= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
      PpiFlags->PPFlags |= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE;\r
      return 0;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
      //\r
      // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR\r
      // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.\r
      //\r
      if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
        PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      } else {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);\r
        PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      }\r
      return TpmResponse;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
      //\r
      // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE\r
      // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.\r
      //\r
      if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);\r
        PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      } else {\r
        TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);\r
        PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;\r
      }\r
      return TpmResponse;\r
\r
    default:\r
      ;\r
  }\r
  return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
}\r
\r
\r
/**\r
  Read the specified key for user confirmation.\r
\r
  @param[in]  CautionKey  If true,  F12 is used as confirm key;\r
                          If false, F10 is used as confirm key.\r
\r
  @retval     TRUE        User confirmed the changes by input.\r
  @retval     FALSE       User discarded the changes or device error.\r
\r
**/\r
BOOLEAN\r
ReadUserKey (\r
  IN     BOOLEAN                    CautionKey\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  EFI_INPUT_KEY                     Key;\r
  UINT16                            InputKey;\r
  UINTN                             Index;\r
\r
  InputKey = 0;\r
  do {\r
    Status = gST->ConIn->ReadKeyStroke (gST->ConIn, &Key);\r
    if (Status == EFI_NOT_READY) {\r
      gBS->WaitForEvent (1, &gST->ConIn->WaitForKey, &Index);\r
      continue;\r
    }\r
\r
    if (Status == EFI_DEVICE_ERROR) {\r
      return FALSE;\r
    }\r
\r
    if (Key.ScanCode == SCAN_ESC) {\r
      InputKey = Key.ScanCode;\r
    }\r
    if ((Key.ScanCode == SCAN_F10) && !CautionKey) {\r
      InputKey = Key.ScanCode;\r
    }\r
    if ((Key.ScanCode == SCAN_F12) && CautionKey) {\r
      InputKey = Key.ScanCode;\r
    }\r
  } while (InputKey == 0);\r
\r
  if (InputKey != SCAN_ESC) {\r
    return TRUE;\r
  }\r
\r
  return FALSE;\r
}\r
\r
/**\r
  The constructor function register UNI strings into imageHandle.\r
\r
  It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.\r
\r
  @param  ImageHandle   The firmware allocated handle for the EFI image.\r
  @param  SystemTable   A pointer to the EFI System Table.\r
\r
  @retval EFI_SUCCESS   The constructor successfully added string package.\r
  @retval Other value   The constructor can't add string package.\r
\r
**/\r
EFI_STATUS\r
EFIAPI\r
TcgPhysicalPresenceLibConstructor (\r
  IN EFI_HANDLE        ImageHandle,\r
  IN EFI_SYSTEM_TABLE  *SystemTable\r
  )\r
{\r
  mPpStringPackHandle = HiiAddPackages (&gEfiPhysicalPresenceGuid, ImageHandle, DxeTcgPhysicalPresenceLibStrings, NULL);\r
  ASSERT (mPpStringPackHandle != NULL);\r
\r
  return EFI_SUCCESS;\r
}\r
\r
/**\r
  Display the confirm text and get user confirmation.\r
\r
  @param[in] TpmPpCommand  The requested TPM physical presence command.\r
\r
  @retval    TRUE          The user has confirmed the changes.\r
  @retval    FALSE         The user doesn't confirm the changes.\r
**/\r
BOOLEAN\r
UserConfirm (\r
  IN      UINT32                    TpmPpCommand\r
  )\r
{\r
  CHAR16                            *ConfirmText;\r
  CHAR16                            *TmpStr1;\r
  CHAR16                            *TmpStr2;\r
  UINTN                             BufSize;\r
  BOOLEAN                           CautionKey;\r
  UINT16                            Index;\r
  CHAR16                            DstStr[81];\r
\r
  TmpStr2     = NULL;\r
  CautionKey  = FALSE;\r
  BufSize     = CONFIRM_BUFFER_SIZE;\r
  ConfirmText = AllocateZeroPool (BufSize);\r
  ASSERT (ConfirmText != NULL);\r
\r
  switch (TpmPpCommand) {\r
    case PHYSICAL_PRESENCE_ENABLE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DISABLE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_ACTIVATE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_CLEAR:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
      //\r
      // TPM_SetOperatorAuth\r
      // This command requires UI to prompt user for Auth data\r
      // Here it is NOT implemented\r
      //\r
      break;\r
\r
    case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
      CautionKey = TRUE;\r
      TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));\r
      UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
\r
      TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));\r
      StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);\r
      FreePool (TmpStr1);\r
      break;\r
\r
    default:\r
      ;\r
  }\r
\r
  if (TmpStr2 == NULL) {\r
    FreePool (ConfirmText);\r
    return FALSE;\r
  }\r
\r
  TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));\r
  BufSize -= StrSize (ConfirmText);\r
  UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);\r
\r
  DstStr[80] = L'\0';\r
  for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {\r
    StrnCpyS(DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);\r
    Print (DstStr);\r
  }\r
\r
  FreePool (TmpStr1);\r
  FreePool (TmpStr2);\r
  FreePool (ConfirmText);\r
\r
  if (ReadUserKey (CautionKey)) {\r
    return TRUE;\r
  }\r
\r
  return FALSE;\r
}\r
\r
/**\r
  Check if there is a valid physical presence command request. Also updates parameter value\r
  to whether the requested physical presence command already confirmed by user\r
\r
   @param[in]  TcgPpData           EFI TCG Physical Presence request data.\r
   @param[in]  Flags               The physical presence interface flags.\r
   @param[out] RequestConfirmed    If the physical presence operation command required user confirm from UI.\r
                                   True, it indicates the command doesn't require user confirm, or already confirmed\r
                                   in last boot cycle by user.\r
                                   False, it indicates the command need user confirm from UI.\r
\r
   @retval  TRUE        Physical Presence operation command is valid.\r
   @retval  FALSE       Physical Presence operation command is invalid.\r
\r
**/\r
BOOLEAN\r
HaveValidTpmRequest  (\r
  IN      EFI_PHYSICAL_PRESENCE       *TcgPpData,\r
  IN      EFI_PHYSICAL_PRESENCE_FLAGS Flags,\r
  OUT     BOOLEAN                     *RequestConfirmed\r
  )\r
{\r
  BOOLEAN  IsRequestValid;\r
\r
  *RequestConfirmed = FALSE;\r
\r
  switch (TcgPpData->PPRequest) {\r
    case PHYSICAL_PRESENCE_NO_ACTION:\r
      *RequestConfirmed = TRUE;\r
      return TRUE;\r
    case PHYSICAL_PRESENCE_ENABLE:\r
    case PHYSICAL_PRESENCE_DISABLE:\r
    case PHYSICAL_PRESENCE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:\r
    case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
    case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:\r
      if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {\r
        *RequestConfirmed = TRUE;\r
      }\r
      break;\r
\r
    case PHYSICAL_PRESENCE_CLEAR:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
      if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {\r
        *RequestConfirmed = TRUE;\r
      }\r
      break;\r
\r
    case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
      if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) {\r
        *RequestConfirmed = TRUE;\r
      }\r
      break;\r
\r
    case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
      if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {\r
        *RequestConfirmed = TRUE;\r
      }\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE:\r
      *RequestConfirmed = TRUE;\r
      break;\r
\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:\r
    case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:\r
      break;\r
\r
    default:\r
      if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {\r
        IsRequestValid = TcgPpVendorLibHasValidRequest (TcgPpData->PPRequest, Flags.PPFlags, RequestConfirmed);\r
        if (!IsRequestValid) {\r
          return FALSE;\r
        } else {\r
          break;\r
        }\r
      } else {\r
        //\r
        // Wrong Physical Presence command\r
        //\r
        return FALSE;\r
      }\r
  }\r
\r
  if ((Flags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) != 0) {\r
    //\r
    // It had been confirmed in last boot, it doesn't need confirm again.\r
    //\r
    *RequestConfirmed = TRUE;\r
  }\r
\r
  //\r
  // Physical Presence command is correct\r
  //\r
  return TRUE;\r
}\r
\r
\r
/**\r
  Check and execute the requested physical presence command.\r
\r
  Caution: This function may receive untrusted input.\r
  TcgPpData variable is external input, so this function will validate\r
  its data structure to be valid value.\r
\r
  @param[in] TcgProtocol          EFI TCG Protocol instance.\r
  @param[in] TcgPpData            Point to the physical presence NV variable.\r
  @param[in] Flags                The physical presence interface flags.\r
\r
**/\r
VOID\r
ExecutePendingTpmRequest (\r
  IN      EFI_TCG_PROTOCOL            *TcgProtocol,\r
  IN      EFI_PHYSICAL_PRESENCE       *TcgPpData,\r
  IN      EFI_PHYSICAL_PRESENCE_FLAGS Flags\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  UINTN                             DataSize;\r
  BOOLEAN                           RequestConfirmed;\r
  EFI_PHYSICAL_PRESENCE_FLAGS       NewFlags;\r
  BOOLEAN                           ResetRequired;\r
  UINT32                            NewPPFlags;\r
\r
  if (!HaveValidTpmRequest(TcgPpData, Flags, &RequestConfirmed)) {\r
    //\r
    // Invalid operation request.\r
    //\r
    TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;\r
    TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
    TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r
    DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
    Status = gRT->SetVariable (\r
                    PHYSICAL_PRESENCE_VARIABLE,\r
                    &gEfiPhysicalPresenceGuid,\r
                    EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                    DataSize,\r
                    TcgPpData\r
                    );\r
    return;\r
  }\r
\r
  ResetRequired = FALSE;\r
  if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {\r
    NewFlags = Flags;\r
    NewPPFlags = NewFlags.PPFlags;\r
    TcgPpData->PPResponse = TcgPpVendorLibExecutePendingRequest (TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);\r
    NewFlags.PPFlags = (UINT8)NewPPFlags;\r
  } else {\r
    if (!RequestConfirmed) {\r
      //\r
      // Print confirm text and wait for approval.\r
      //\r
      RequestConfirmed = UserConfirm (TcgPpData->PPRequest);\r
    }\r
\r
    //\r
    // Execute requested physical presence command\r
    //\r
    TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_USER_ABORT;\r
    NewFlags = Flags;\r
    if (RequestConfirmed) {\r
      TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &NewFlags);\r
    }\r
  }\r
\r
  //\r
  // Save the flags if it is updated.\r
  //\r
  if (CompareMem (&Flags, &NewFlags, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS)) != 0) {\r
    Status   = gRT->SetVariable (\r
                      PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
                      &gEfiPhysicalPresenceGuid,\r
                      EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                      sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),\r
                      &NewFlags\r
                      );\r
    if (EFI_ERROR (Status)) {\r
      return;\r
    }\r
  }\r
\r
  //\r
  // Clear request\r
  //\r
  if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {\r
    TcgPpData->LastPPRequest = TcgPpData->PPRequest;\r
    TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;\r
  }\r
\r
  //\r
  // Save changes\r
  //\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
  Status = gRT->SetVariable (\r
                  PHYSICAL_PRESENCE_VARIABLE,\r
                  &gEfiPhysicalPresenceGuid,\r
                  EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                  DataSize,\r
                  TcgPpData\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    return;\r
  }\r
\r
  if (TcgPpData->PPResponse == TCG_PP_OPERATION_RESPONSE_USER_ABORT) {\r
    return;\r
  }\r
\r
  //\r
  // Reset system to make new TPM settings in effect\r
  //\r
  switch (TcgPpData->LastPPRequest) {\r
    case PHYSICAL_PRESENCE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE:\r
    case PHYSICAL_PRESENCE_CLEAR:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
    case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
    case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
    case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
    case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
      break;\r
    default:\r
      if (TcgPpData->LastPPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {\r
        if (ResetRequired) {\r
          break;\r
        } else {\r
          return ;\r
        }\r
      }\r
      if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {\r
        break;\r
      }\r
      return;\r
  }\r
\r
  Print (L"Rebooting system to make TPM settings in effect\n");\r
  gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);\r
  ASSERT (FALSE);\r
}\r
\r
/**\r
  Check and execute the pending TPM request and Lock TPM.\r
\r
  The TPM request may come from OS or BIOS. This API will display request information and wait\r
  for user confirmation if TPM request exists. The TPM request will be sent to TPM device after\r
  the TPM request is confirmed, and one or more reset may be required to make TPM request to\r
  take effect. At last, it will lock TPM to prevent TPM state change by malware.\r
\r
  This API should be invoked after console in and console out are all ready as they are required\r
  to display request information and get user input to confirm the request. This API should also\r
  be invoked as early as possible as TPM is locked in this function.\r
\r
**/\r
VOID\r
EFIAPI\r
TcgPhysicalPresenceLibProcessRequest (\r
  VOID\r
  )\r
{\r
  EFI_STATUS                        Status;\r
  BOOLEAN                           LifetimeLock;\r
  BOOLEAN                           CmdEnable;\r
  UINTN                             DataSize;\r
  EFI_PHYSICAL_PRESENCE             TcgPpData;\r
  EFI_TCG_PROTOCOL                  *TcgProtocol;\r
  EDKII_VARIABLE_LOCK_PROTOCOL      *VariableLockProtocol;\r
  EFI_PHYSICAL_PRESENCE_FLAGS       PpiFlags;\r
\r
  Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
  if (EFI_ERROR (Status)) {\r
    return ;\r
  }\r
\r
  //\r
  // Initialize physical presence flags.\r
  //\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);\r
  Status = gRT->GetVariable (\r
                  PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
                  &gEfiPhysicalPresenceGuid,\r
                  NULL,\r
                  &DataSize,\r
                  &PpiFlags\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    PpiFlags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;\r
    Status   = gRT->SetVariable (\r
                      PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
                      &gEfiPhysicalPresenceGuid,\r
                      EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                      sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),\r
                      &PpiFlags\r
                      );\r
    if (EFI_ERROR (Status)) {\r
      DEBUG ((EFI_D_ERROR, "[TPM] Set physical presence flag failed, Status = %r\n", Status));\r
      return ;\r
    }\r
  }\r
  DEBUG ((EFI_D_INFO, "[TPM] PpiFlags = %x\n", PpiFlags.PPFlags));\r
\r
  //\r
  // This flags variable controls whether physical presence is required for TPM command.\r
  // It should be protected from malicious software. We set it as read-only variable here.\r
  //\r
  Status = gBS->LocateProtocol (&gEdkiiVariableLockProtocolGuid, NULL, (VOID **)&VariableLockProtocol);\r
  if (!EFI_ERROR (Status)) {\r
    Status = VariableLockProtocol->RequestToLock (\r
                                     VariableLockProtocol,\r
                                     PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
                                     &gEfiPhysicalPresenceGuid\r
                                     );\r
    if (EFI_ERROR (Status)) {\r
      DEBUG ((EFI_D_ERROR, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE, Status));\r
      ASSERT_EFI_ERROR (Status);\r
    }\r
  }\r
\r
  //\r
  // Initialize physical presence variable.\r
  //\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
  Status = gRT->GetVariable (\r
                  PHYSICAL_PRESENCE_VARIABLE,\r
                  &gEfiPhysicalPresenceGuid,\r
                  NULL,\r
                  &DataSize,\r
                  &TcgPpData\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));\r
    DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
    Status   = gRT->SetVariable (\r
                      PHYSICAL_PRESENCE_VARIABLE,\r
                      &gEfiPhysicalPresenceGuid,\r
                      EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,\r
                      DataSize,\r
                      &TcgPpData\r
                      );\r
    if (EFI_ERROR (Status)) {\r
      DEBUG ((EFI_D_ERROR, "[TPM] Set physical presence variable failed, Status = %r\n", Status));\r
      return;\r
    }\r
  }\r
\r
  DEBUG ((EFI_D_INFO, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags.PPFlags, TcgPpData.PPRequest));\r
\r
  if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {\r
    //\r
    // No operation request\r
    //\r
    return;\r
  }\r
\r
  Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r
  if (EFI_ERROR (Status)) {\r
    return ;\r
  }\r
\r
  if (!CmdEnable) {\r
    if (LifetimeLock) {\r
      //\r
      // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r
      //\r
      return ;\r
    }\r
    Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);\r
    if (EFI_ERROR (Status)) {\r
      return ;\r
    }\r
  }\r
\r
  //\r
  // Set operator physical presence flags\r
  //\r
  TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_PRESENT);\r
\r
  //\r
  // Execute pending TPM request.\r
  //\r
  ExecutePendingTpmRequest (TcgProtocol, &TcgPpData, PpiFlags);\r
  DEBUG ((EFI_D_INFO, "[TPM] PPResponse = %x\n", TcgPpData.PPResponse));\r
\r
  //\r
  // Lock physical presence.\r
  //\r
  TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_NOTPRESENT | TPM_PHYSICAL_PRESENCE_LOCK);\r
}\r
\r
/**\r
  Check if the pending TPM request needs user input to confirm.\r
\r
  The TPM request may come from OS. This API will check if TPM request exists and need user\r
  input to confirmation.\r
\r
  @retval    TRUE        TPM needs input to confirm user physical presence.\r
  @retval    FALSE       TPM doesn't need input to confirm user physical presence.\r
\r
**/\r
BOOLEAN\r
EFIAPI\r
TcgPhysicalPresenceLibNeedUserConfirm(\r
  VOID\r
  )\r
{\r
  EFI_STATUS                   Status;\r
  EFI_PHYSICAL_PRESENCE        TcgPpData;\r
  UINTN                        DataSize;\r
  BOOLEAN                      RequestConfirmed;\r
  BOOLEAN                      LifetimeLock;\r
  BOOLEAN                      CmdEnable;\r
  EFI_TCG_PROTOCOL             *TcgProtocol;\r
  EFI_PHYSICAL_PRESENCE_FLAGS  PpiFlags;\r
\r
  Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);\r
  if (EFI_ERROR (Status)) {\r
    return FALSE;\r
  }\r
\r
  //\r
  // Check Tpm requests\r
  //\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE);\r
  Status = gRT->GetVariable (\r
                  PHYSICAL_PRESENCE_VARIABLE,\r
                  &gEfiPhysicalPresenceGuid,\r
                  NULL,\r
                  &DataSize,\r
                  &TcgPpData\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    return FALSE;\r
  }\r
\r
  DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);\r
  Status = gRT->GetVariable (\r
                  PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
                  &gEfiPhysicalPresenceGuid,\r
                  NULL,\r
                  &DataSize,\r
                  &PpiFlags\r
                  );\r
  if (EFI_ERROR (Status)) {\r
    return FALSE;\r
  }\r
\r
  if (TcgPpData.PPRequest == PHYSICAL_PRESENCE_NO_ACTION) {\r
    //\r
    // No operation request\r
    //\r
    return FALSE;\r
  }\r
\r
  if (!HaveValidTpmRequest(&TcgPpData, PpiFlags, &RequestConfirmed)) {\r
    //\r
    // Invalid operation request.\r
    //\r
    return FALSE;\r
  }\r
\r
  //\r
  // Check Tpm Capability\r
  //\r
  Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);\r
  if (EFI_ERROR (Status)) {\r
    return FALSE;\r
  }\r
\r
  if (!CmdEnable) {\r
    if (LifetimeLock) {\r
      //\r
      // physicalPresenceCMDEnable is locked, can't execute physical presence command.\r
      //\r
      return FALSE;\r
    }\r
  }\r
\r
  if (!RequestConfirmed) {\r
    //\r
    // Need UI to confirm\r
    //\r
    return TRUE;\r
  }\r
\r
  return FALSE;\r
}\r
\r