[mirror_edk2.git] / SecurityPkg / Library / TcgEventLogRecordLib / TcgEventLogRecordLib.c

/** @file\r
  This library is used by other modules to measure data to TPM.\r
\r
Copyright (c) 2020, Intel Corporation. All rights reserved. <BR>\r
SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
#include <Uefi/UefiBaseType.h>\r
#include <Pi/PiFirmwareVolume.h>\r
\r
#include <Library/BaseMemoryLib.h>\r
#include <Library/DebugLib.h>\r
#include <Library/ReportStatusCodeLib.h>\r
#include <Library/PcdLib.h>\r
#include <Library/PrintLib.h>\r
#include <Library/TcgEventLogRecordLib.h>\r
#include <Library/TpmMeasurementLib.h>\r
\r
#include <IndustryStandard/UefiTcgPlatform.h>\r
\r
/**\r
  Get the FvName from the FV header.\r
\r
  Causion: The FV is untrusted input.\r
\r
  @param[in]  FvBase            Base address of FV image.\r
  @param[in]  FvLength          Length of FV image.\r
\r
  @return FvName pointer\r
  @retval NULL   FvName is NOT found\r
**/\r
VOID *\r
TpmMeasurementGetFvName (\r
  IN EFI_PHYSICAL_ADDRESS  FvBase,\r
  IN UINT64                FvLength\r
  )\r
{\r
  EFI_FIRMWARE_VOLUME_HEADER      *FvHeader;\r
  EFI_FIRMWARE_VOLUME_EXT_HEADER  *FvExtHeader;\r
\r
  if (FvBase >= MAX_ADDRESS) {\r
    return NULL;\r
  }\r
\r
  if (FvLength >= MAX_ADDRESS - FvBase) {\r
    return NULL;\r
  }\r
\r
  if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
    return NULL;\r
  }\r
\r
  FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;\r
  if (FvHeader->Signature != EFI_FVH_SIGNATURE) {\r
    return NULL;\r
  }\r
\r
  if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
    return NULL;\r
  }\r
\r
  if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {\r
    return NULL;\r
  }\r
\r
  FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);\r
\r
  return &FvExtHeader->FvName;\r
}\r
\r
/**\r
  Measure a FirmwareBlob.\r
\r
  @param[in]  PcrIndex                PcrIndex of the measurement.\r
  @param[in]  Description             Description for this FirmwareBlob.\r
  @param[in]  FirmwareBlobBase        Base address of this FirmwareBlob.\r
  @param[in]  FirmwareBlobLength      Size in bytes of this FirmwareBlob.\r
\r
  @retval EFI_SUCCESS           Operation completed successfully.\r
  @retval EFI_UNSUPPORTED       TPM device not available.\r
  @retval EFI_OUT_OF_RESOURCES  Out of memory.\r
  @retval EFI_DEVICE_ERROR      The operation was unsuccessful.\r
**/\r
EFI_STATUS\r
EFIAPI\r
MeasureFirmwareBlob (\r
  IN UINT32                PcrIndex,\r
  IN CHAR8                 *Description OPTIONAL,\r
  IN EFI_PHYSICAL_ADDRESS  FirmwareBlobBase,\r
  IN UINT64                FirmwareBlobLength\r
  )\r
{\r
  EFI_PLATFORM_FIRMWARE_BLOB      FvBlob;\r
  PLATFORM_FIRMWARE_BLOB2_STRUCT  FvBlob2;\r
  VOID                            *FvName;\r
  UINT32                          EventType;\r
  VOID                            *EventLog;\r
  UINT32                          EventLogSize;\r
  EFI_STATUS                      Status;\r
\r
  FvName = TpmMeasurementGetFvName (FirmwareBlobBase, FirmwareBlobLength);\r
\r
  if (((Description != NULL) || (FvName != NULL)) &&\r
      (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))\r
  {\r
    if (Description != NULL) {\r
      AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "%a", Description);\r
    } else {\r
      AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);\r
    }\r
\r
    FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);\r
    FvBlob2.BlobBase            = FirmwareBlobBase;\r
    FvBlob2.BlobLength          = FirmwareBlobLength;\r
\r
    EventType    = EV_EFI_PLATFORM_FIRMWARE_BLOB2;\r
    EventLog     = &FvBlob2;\r
    EventLogSize = sizeof (FvBlob2);\r
  } else {\r
    FvBlob.BlobBase   = FirmwareBlobBase;\r
    FvBlob.BlobLength = FirmwareBlobLength;\r
\r
    EventType    = EV_EFI_PLATFORM_FIRMWARE_BLOB;\r
    EventLog     = &FvBlob;\r
    EventLogSize = sizeof (FvBlob);\r
  }\r
\r
  Status = TpmMeasureAndLogData (\r
             PcrIndex,\r
             EventType,\r
             EventLog,\r
             EventLogSize,\r
             (VOID *)(UINTN)FirmwareBlobBase,\r
             FirmwareBlobLength\r
             );\r
\r
  return Status;\r
}\r
\r
/**\r
  Measure a HandoffTable.\r
\r
  @param[in]  PcrIndex                PcrIndex of the measurement.\r
  @param[in]  Description             Description for this HandoffTable.\r
  @param[in]  TableGuid               GUID of this HandoffTable.\r
  @param[in]  TableAddress            Base address of this HandoffTable.\r
  @param[in]  TableLength             Size in bytes of this HandoffTable.\r
\r
  @retval EFI_SUCCESS           Operation completed successfully.\r
  @retval EFI_UNSUPPORTED       TPM device not available.\r
  @retval EFI_OUT_OF_RESOURCES  Out of memory.\r
  @retval EFI_DEVICE_ERROR      The operation was unsuccessful.\r
**/\r
EFI_STATUS\r
EFIAPI\r
MeasureHandoffTable (\r
  IN UINT32    PcrIndex,\r
  IN CHAR8     *Description OPTIONAL,\r
  IN EFI_GUID  *TableGuid,\r
  IN VOID      *TableAddress,\r
  IN UINTN     TableLength\r
  )\r
{\r
  EFI_HANDOFF_TABLE_POINTERS      HandoffTables;\r
  HANDOFF_TABLE_POINTERS2_STRUCT  HandoffTables2;\r
  UINT32                          EventType;\r
  VOID                            *EventLog;\r
  UINT32                          EventLogSize;\r
  EFI_STATUS                      Status;\r
\r
  if ((Description != NULL) &&\r
      (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))\r
  {\r
    AsciiSPrint ((CHAR8 *)HandoffTables2.TableDescription, sizeof (HandoffTables2.TableDescription), "%a", Description);\r
\r
    HandoffTables2.TableDescriptionSize = sizeof (HandoffTables2.TableDescription);\r
    HandoffTables2.NumberOfTables       = 1;\r
    CopyGuid (&(HandoffTables2.TableEntry[0].VendorGuid), TableGuid);\r
    HandoffTables2.TableEntry[0].VendorTable = TableAddress;\r
\r
    EventType    = EV_EFI_HANDOFF_TABLES2;\r
    EventLog     = &HandoffTables2;\r
    EventLogSize = sizeof (HandoffTables2);\r
  } else {\r
    HandoffTables.NumberOfTables = 1;\r
    CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), TableGuid);\r
    HandoffTables.TableEntry[0].VendorTable = TableAddress;\r
\r
    EventType    = EV_EFI_HANDOFF_TABLES;\r
    EventLog     = &HandoffTables;\r
    EventLogSize = sizeof (HandoffTables);\r
  }\r
\r
  Status = TpmMeasureAndLogData (\r
             PcrIndex,\r
             EventType,\r
             EventLog,\r
             EventLogSize,\r
             TableAddress,\r
             TableLength\r
             );\r
  return Status;\r
}\r
Commit	Line	Data
	1	/** @file\r
	2	This library is used by other modules to measure data to TPM.\r
	3	\r
	4	Copyright (c) 2020, Intel Corporation. All rights reserved. <BR>\r
	5	SPDX-License-Identifier: BSD-2-Clause-Patent\r
	6	\r
	7	**/\r
	8	\r
	9	#include <Uefi/UefiBaseType.h>\r
	10	#include <Pi/PiFirmwareVolume.h>\r
	11	\r
	12	#include <Library/BaseMemoryLib.h>\r
	13	#include <Library/DebugLib.h>\r
	14	#include <Library/ReportStatusCodeLib.h>\r
	15	#include <Library/PcdLib.h>\r
	16	#include <Library/PrintLib.h>\r
	17	#include <Library/TcgEventLogRecordLib.h>\r
	18	#include <Library/TpmMeasurementLib.h>\r
	19	\r
	20	#include <IndustryStandard/UefiTcgPlatform.h>\r
	21	\r
	22	/**\r
	23	Get the FvName from the FV header.\r
	24	\r
	25	Causion: The FV is untrusted input.\r
	26	\r
	27	@param[in] FvBase Base address of FV image.\r
	28	@param[in] FvLength Length of FV image.\r
	29	\r
	30	@return FvName pointer\r
	31	@retval NULL FvName is NOT found\r
	32	**/\r
	33	VOID *\r
	34	TpmMeasurementGetFvName (\r
	35	IN EFI_PHYSICAL_ADDRESS FvBase,\r
	36	IN UINT64 FvLength\r
	37	)\r
	38	{\r
	39	EFI_FIRMWARE_VOLUME_HEADER *FvHeader;\r
	40	EFI_FIRMWARE_VOLUME_EXT_HEADER *FvExtHeader;\r
	41	\r
	42	if (FvBase >= MAX_ADDRESS) {\r
	43	return NULL;\r
	44	}\r
	45	\r
	46	if (FvLength >= MAX_ADDRESS - FvBase) {\r
	47	return NULL;\r
	48	}\r
	49	\r
	50	if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
	51	return NULL;\r
	52	}\r
	53	\r
	54	FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;\r
	55	if (FvHeader->Signature != EFI_FVH_SIGNATURE) {\r
	56	return NULL;\r
	57	}\r
	58	\r
	59	if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {\r
	60	return NULL;\r
	61	}\r
	62	\r
	63	if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {\r
	64	return NULL;\r
	65	}\r
	66	\r
	67	FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);\r
	68	\r
	69	return &FvExtHeader->FvName;\r
	70	}\r
	71	\r
	72	/**\r
	73	Measure a FirmwareBlob.\r
	74	\r
	75	@param[in] PcrIndex PcrIndex of the measurement.\r
	76	@param[in] Description Description for this FirmwareBlob.\r
	77	@param[in] FirmwareBlobBase Base address of this FirmwareBlob.\r
	78	@param[in] FirmwareBlobLength Size in bytes of this FirmwareBlob.\r
	79	\r
	80	@retval EFI_SUCCESS Operation completed successfully.\r
	81	@retval EFI_UNSUPPORTED TPM device not available.\r
	82	@retval EFI_OUT_OF_RESOURCES Out of memory.\r
	83	@retval EFI_DEVICE_ERROR The operation was unsuccessful.\r
	84	**/\r
	85	EFI_STATUS\r
	86	EFIAPI\r
	87	MeasureFirmwareBlob (\r
	88	IN UINT32 PcrIndex,\r
	89	IN CHAR8 *Description OPTIONAL,\r
	90	IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase,\r
	91	IN UINT64 FirmwareBlobLength\r
	92	)\r
	93	{\r
	94	EFI_PLATFORM_FIRMWARE_BLOB FvBlob;\r
	95	PLATFORM_FIRMWARE_BLOB2_STRUCT FvBlob2;\r
	96	VOID *FvName;\r
	97	UINT32 EventType;\r
	98	VOID *EventLog;\r
	99	UINT32 EventLogSize;\r
	100	EFI_STATUS Status;\r
	101	\r
	102	FvName = TpmMeasurementGetFvName (FirmwareBlobBase, FirmwareBlobLength);\r
	103	\r
	104	if (((Description != NULL) \|\| (FvName != NULL)) &&\r
	105	(PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))\r
	106	{\r
	107	if (Description != NULL) {\r
	108	AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "%a", Description);\r
	109	} else {\r
	110	AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);\r
	111	}\r
	112	\r
	113	FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);\r
	114	FvBlob2.BlobBase = FirmwareBlobBase;\r
	115	FvBlob2.BlobLength = FirmwareBlobLength;\r
	116	\r
	117	EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB2;\r
	118	EventLog = &FvBlob2;\r
	119	EventLogSize = sizeof (FvBlob2);\r
	120	} else {\r
	121	FvBlob.BlobBase = FirmwareBlobBase;\r
	122	FvBlob.BlobLength = FirmwareBlobLength;\r
	123	\r
	124	EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB;\r
	125	EventLog = &FvBlob;\r
	126	EventLogSize = sizeof (FvBlob);\r
	127	}\r
	128	\r
	129	Status = TpmMeasureAndLogData (\r
	130	PcrIndex,\r
	131	EventType,\r
	132	EventLog,\r
	133	EventLogSize,\r
	134	(VOID *)(UINTN)FirmwareBlobBase,\r
	135	FirmwareBlobLength\r
	136	);\r
	137	\r
	138	return Status;\r
	139	}\r
	140	\r
	141	/**\r
	142	Measure a HandoffTable.\r
	143	\r
	144	@param[in] PcrIndex PcrIndex of the measurement.\r
	145	@param[in] Description Description for this HandoffTable.\r
	146	@param[in] TableGuid GUID of this HandoffTable.\r
	147	@param[in] TableAddress Base address of this HandoffTable.\r
	148	@param[in] TableLength Size in bytes of this HandoffTable.\r
	149	\r
	150	@retval EFI_SUCCESS Operation completed successfully.\r
	151	@retval EFI_UNSUPPORTED TPM device not available.\r
	152	@retval EFI_OUT_OF_RESOURCES Out of memory.\r
	153	@retval EFI_DEVICE_ERROR The operation was unsuccessful.\r
	154	**/\r
	155	EFI_STATUS\r
	156	EFIAPI\r
	157	MeasureHandoffTable (\r
	158	IN UINT32 PcrIndex,\r
	159	IN CHAR8 *Description OPTIONAL,\r
	160	IN EFI_GUID *TableGuid,\r
	161	IN VOID *TableAddress,\r
	162	IN UINTN TableLength\r
	163	)\r
	164	{\r
	165	EFI_HANDOFF_TABLE_POINTERS HandoffTables;\r
	166	HANDOFF_TABLE_POINTERS2_STRUCT HandoffTables2;\r
	167	UINT32 EventType;\r
	168	VOID *EventLog;\r
	169	UINT32 EventLogSize;\r
	170	EFI_STATUS Status;\r
	171	\r
	172	if ((Description != NULL) &&\r
	173	(PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))\r
	174	{\r
	175	AsciiSPrint ((CHAR8 *)HandoffTables2.TableDescription, sizeof (HandoffTables2.TableDescription), "%a", Description);\r
	176	\r
	177	HandoffTables2.TableDescriptionSize = sizeof (HandoffTables2.TableDescription);\r
	178	HandoffTables2.NumberOfTables = 1;\r
	179	CopyGuid (&(HandoffTables2.TableEntry[0].VendorGuid), TableGuid);\r
	180	HandoffTables2.TableEntry[0].VendorTable = TableAddress;\r
	181	\r
	182	EventType = EV_EFI_HANDOFF_TABLES2;\r
	183	EventLog = &HandoffTables2;\r
	184	EventLogSize = sizeof (HandoffTables2);\r
	185	} else {\r
	186	HandoffTables.NumberOfTables = 1;\r
	187	CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), TableGuid);\r
	188	HandoffTables.TableEntry[0].VendorTable = TableAddress;\r
	189	\r
	190	EventType = EV_EFI_HANDOFF_TABLES;\r
	191	EventLog = &HandoffTables;\r
	192	EventLogSize = sizeof (HandoffTables);\r
	193	}\r
	194	\r
	195	Status = TpmMeasureAndLogData (\r
	196	PcrIndex,\r
	197	EventType,\r
	198	EventLog,\r
	199	EventLogSize,\r
	200	TableAddress,\r
	201	TableLength\r
	202	);\r
	203	return Status;\r
	204	}\r