]> git.proxmox.com Git - mirror_edk2.git/blame_incremental - SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c
projects / mirror_edk2.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
SecurityPkg: Clear AuthSession content after use.
[mirror_edk2.git] / SecurityPkg / Library / Tpm2CommandLib / Tpm2NVStorage.c
... / ...
CommitLineData
1/** @file\r
2 Implement TPM2 NVStorage related command.\r
3\r
4Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR>\r
5This program and the accompanying materials\r
6are licensed and made available under the terms and conditions of the BSD License\r
7which accompanies this distribution. The full text of the license may be found at\r
8http://opensource.org/licenses/bsd-license.php\r
9\r
10THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
11WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
12\r
13**/\r
14\r
15#include <IndustryStandard/UefiTcgPlatform.h>\r
16#include <Library/Tpm2CommandLib.h>\r
17#include <Library/Tpm2DeviceLib.h>\r
18#include <Library/BaseMemoryLib.h>\r
19#include <Library/BaseLib.h>\r
20#include <Library/DebugLib.h>\r
21\r
22#pragma pack(1)\r
23\r
24#define RC_NV_ReadPublic_nvIndex (TPM_RC_H + TPM_RC_1)\r
25\r
26#define RC_NV_DefineSpace_authHandle (TPM_RC_H + TPM_RC_1)\r
27#define RC_NV_DefineSpace_auth (TPM_RC_P + TPM_RC_1)\r
28#define RC_NV_DefineSpace_publicInfo (TPM_RC_P + TPM_RC_2)\r
29\r
30#define RC_NV_UndefineSpace_authHandle (TPM_RC_H + TPM_RC_1)\r
31#define RC_NV_UndefineSpace_nvIndex (TPM_RC_H + TPM_RC_2)\r
32\r
33#define RC_NV_Read_authHandle (TPM_RC_H + TPM_RC_1)\r
34#define RC_NV_Read_nvIndex (TPM_RC_H + TPM_RC_2)\r
35#define RC_NV_Read_size (TPM_RC_P + TPM_RC_1)\r
36#define RC_NV_Read_offset (TPM_RC_P + TPM_RC_2)\r
37\r
38#define RC_NV_Write_authHandle (TPM_RC_H + TPM_RC_1)\r
39#define RC_NV_Write_nvIndex (TPM_RC_H + TPM_RC_2)\r
40#define RC_NV_Write_data (TPM_RC_P + TPM_RC_1)\r
41#define RC_NV_Write_offset (TPM_RC_P + TPM_RC_2)\r
42\r
43typedef struct {\r
44 TPM2_COMMAND_HEADER Header;\r
45 TPMI_RH_NV_INDEX NvIndex;\r
46} TPM2_NV_READPUBLIC_COMMAND;\r
47\r
48typedef struct {\r
49 TPM2_RESPONSE_HEADER Header;\r
50 TPM2B_NV_PUBLIC NvPublic;\r
51 TPM2B_NAME NvName;\r
52} TPM2_NV_READPUBLIC_RESPONSE;\r
53\r
54typedef struct {\r
55 TPM2_COMMAND_HEADER Header;\r
56 TPMI_RH_PROVISION AuthHandle;\r
57 UINT32 AuthSessionSize;\r
58 TPMS_AUTH_COMMAND AuthSession;\r
59 TPM2B_AUTH Auth;\r
60 TPM2B_NV_PUBLIC NvPublic;\r
61} TPM2_NV_DEFINESPACE_COMMAND;\r
62\r
63typedef struct {\r
64 TPM2_RESPONSE_HEADER Header;\r
65 UINT32 AuthSessionSize;\r
66 TPMS_AUTH_RESPONSE AuthSession;\r
67} TPM2_NV_DEFINESPACE_RESPONSE;\r
68\r
69typedef struct {\r
70 TPM2_COMMAND_HEADER Header;\r
71 TPMI_RH_PROVISION AuthHandle;\r
72 TPMI_RH_NV_INDEX NvIndex;\r
73 UINT32 AuthSessionSize;\r
74 TPMS_AUTH_COMMAND AuthSession;\r
75} TPM2_NV_UNDEFINESPACE_COMMAND;\r
76\r
77typedef struct {\r
78 TPM2_RESPONSE_HEADER Header;\r
79 UINT32 AuthSessionSize;\r
80 TPMS_AUTH_RESPONSE AuthSession;\r
81} TPM2_NV_UNDEFINESPACE_RESPONSE;\r
82\r
83typedef struct {\r
84 TPM2_COMMAND_HEADER Header;\r
85 TPMI_RH_NV_AUTH AuthHandle;\r
86 TPMI_RH_NV_INDEX NvIndex;\r
87 UINT32 AuthSessionSize;\r
88 TPMS_AUTH_COMMAND AuthSession;\r
89 UINT16 Size;\r
90 UINT16 Offset;\r
91} TPM2_NV_READ_COMMAND;\r
92\r
93typedef struct {\r
94 TPM2_RESPONSE_HEADER Header;\r
95 UINT32 AuthSessionSize;\r
96 TPM2B_MAX_BUFFER Data;\r
97 TPMS_AUTH_RESPONSE AuthSession;\r
98} TPM2_NV_READ_RESPONSE;\r
99\r
100typedef struct {\r
101 TPM2_COMMAND_HEADER Header;\r
102 TPMI_RH_NV_AUTH AuthHandle;\r
103 TPMI_RH_NV_INDEX NvIndex;\r
104 UINT32 AuthSessionSize;\r
105 TPMS_AUTH_COMMAND AuthSession;\r
106 TPM2B_MAX_BUFFER Data;\r
107 UINT16 Offset;\r
108} TPM2_NV_WRITE_COMMAND;\r
109\r
110typedef struct {\r
111 TPM2_RESPONSE_HEADER Header;\r
112 UINT32 AuthSessionSize;\r
113 TPMS_AUTH_RESPONSE AuthSession;\r
114} TPM2_NV_WRITE_RESPONSE;\r
115\r
116typedef struct {\r
117 TPM2_COMMAND_HEADER Header;\r
118 TPMI_RH_NV_AUTH AuthHandle;\r
119 TPMI_RH_NV_INDEX NvIndex;\r
120 UINT32 AuthSessionSize;\r
121 TPMS_AUTH_COMMAND AuthSession;\r
122} TPM2_NV_READLOCK_COMMAND;\r
123\r
124typedef struct {\r
125 TPM2_RESPONSE_HEADER Header;\r
126 UINT32 AuthSessionSize;\r
127 TPMS_AUTH_RESPONSE AuthSession;\r
128} TPM2_NV_READLOCK_RESPONSE;\r
129\r
130typedef struct {\r
131 TPM2_COMMAND_HEADER Header;\r
132 TPMI_RH_NV_AUTH AuthHandle;\r
133 TPMI_RH_NV_INDEX NvIndex;\r
134 UINT32 AuthSessionSize;\r
135 TPMS_AUTH_COMMAND AuthSession;\r
136} TPM2_NV_WRITELOCK_COMMAND;\r
137\r
138typedef struct {\r
139 TPM2_RESPONSE_HEADER Header;\r
140 UINT32 AuthSessionSize;\r
141 TPMS_AUTH_RESPONSE AuthSession;\r
142} TPM2_NV_WRITELOCK_RESPONSE;\r
143\r
144typedef struct {\r
145 TPM2_COMMAND_HEADER Header;\r
146 TPMI_RH_PROVISION AuthHandle;\r
147 UINT32 AuthSessionSize;\r
148 TPMS_AUTH_COMMAND AuthSession;\r
149} TPM2_NV_GLOBALWRITELOCK_COMMAND;\r
150\r
151typedef struct {\r
152 TPM2_RESPONSE_HEADER Header;\r
153 UINT32 AuthSessionSize;\r
154 TPMS_AUTH_RESPONSE AuthSession;\r
155} TPM2_NV_GLOBALWRITELOCK_RESPONSE;\r
156\r
157#pragma pack()\r
158\r
159/**\r
160 This command is used to read the public area and Name of an NV Index.\r
161\r
162 @param[in] NvIndex The NV Index.\r
163 @param[out] NvPublic The public area of the index.\r
164 @param[out] NvName The Name of the nvIndex.\r
165 \r
166 @retval EFI_SUCCESS Operation completed successfully.\r
167 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
168 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
169**/\r
170EFI_STATUS\r
171EFIAPI\r
172Tpm2NvReadPublic (\r
173 IN TPMI_RH_NV_INDEX NvIndex,\r
174 OUT TPM2B_NV_PUBLIC *NvPublic,\r
175 OUT TPM2B_NAME *NvName\r
176 )\r
177{\r
178 EFI_STATUS Status;\r
179 TPM2_NV_READPUBLIC_COMMAND SendBuffer;\r
180 TPM2_NV_READPUBLIC_RESPONSE RecvBuffer;\r
181 UINT32 SendBufferSize;\r
182 UINT32 RecvBufferSize;\r
183 UINT16 NvPublicSize;\r
184 UINT16 NvNameSize;\r
185 UINT8 *Buffer;\r
186 TPM_RC ResponseCode;\r
187\r
188 //\r
189 // Construct command\r
190 //\r
191 SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);\r
192 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadPublic);\r
193\r
194 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
195 \r
196 SendBufferSize = (UINT32) sizeof (SendBuffer);\r
197 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
198\r
199 //\r
200 // send Tpm command\r
201 //\r
202 RecvBufferSize = sizeof (RecvBuffer);\r
203 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
204 if (EFI_ERROR (Status)) {\r
205 return Status;\r
206 }\r
207\r
208 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
209 DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - %x\n", RecvBufferSize));\r
210 return EFI_DEVICE_ERROR;\r
211 }\r
212 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
213 if (ResponseCode != TPM_RC_SUCCESS) {\r
214 DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
215 }\r
216 switch (ResponseCode) {\r
217 case TPM_RC_SUCCESS:\r
218 // return data\r
219 break;\r
220 case TPM_RC_HANDLE + RC_NV_ReadPublic_nvIndex: // TPM_RC_NV_DEFINED:\r
221 return EFI_NOT_FOUND;\r
222 case TPM_RC_VALUE + RC_NV_ReadPublic_nvIndex:\r
223 return EFI_INVALID_PARAMETER;\r
224 default:\r
225 return EFI_DEVICE_ERROR;\r
226 }\r
227\r
228 if (RecvBufferSize <= sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + sizeof(UINT16)) {\r
229 DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - %x\n", RecvBufferSize));\r
230 return EFI_NOT_FOUND;\r
231 }\r
232\r
233 //\r
234 // Basic check\r
235 //\r
236 NvPublicSize = SwapBytes16 (RecvBuffer.NvPublic.size);\r
237 NvNameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize)));\r
238\r
239 if (RecvBufferSize != sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16) + NvNameSize) {\r
240 DEBUG ((EFI_D_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - NvPublicSize %x, NvNameSize %x\n", RecvBufferSize, NvNameSize));\r
241 return EFI_NOT_FOUND;\r
242 }\r
243\r
244 //\r
245 // Return the response\r
246 //\r
247 CopyMem (NvPublic, &RecvBuffer.NvPublic, sizeof(UINT16) + NvPublicSize);\r
248 NvPublic->size = NvPublicSize;\r
249 NvPublic->nvPublic.nvIndex = SwapBytes32 (NvPublic->nvPublic.nvIndex);\r
250 NvPublic->nvPublic.nameAlg = SwapBytes16 (NvPublic->nvPublic.nameAlg);\r
251 WriteUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));\r
252 NvPublic->nvPublic.authPolicy.size = SwapBytes16 (NvPublic->nvPublic.authPolicy.size);\r
253 Buffer = (UINT8 *)&NvPublic->nvPublic.authPolicy;\r
254 Buffer += sizeof(UINT16) + NvPublic->nvPublic.authPolicy.size;\r
255 NvPublic->nvPublic.dataSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));\r
256\r
257 CopyMem (NvName, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize, NvNameSize);\r
258 NvName->size = NvNameSize;\r
259 \r
260 return EFI_SUCCESS;\r
261}\r
262\r
263/**\r
264 This command defines the attributes of an NV Index and causes the TPM to\r
265 reserve space to hold the data associated with the index.\r
266 If a definition already exists at the index, the TPM will return TPM_RC_NV_DEFINED.\r
267\r
268 @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.\r
269 @param[in] AuthSession Auth Session context\r
270 @param[in] Auth The authorization data.\r
271 @param[in] NvPublic The public area of the index.\r
272 \r
273 @retval EFI_SUCCESS Operation completed successfully.\r
274 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
275 @retval EFI_ALREADY_STARTED The command was returned successfully, but NvIndex is already defined.\r
276**/\r
277EFI_STATUS\r
278EFIAPI\r
279Tpm2NvDefineSpace (\r
280 IN TPMI_RH_PROVISION AuthHandle,\r
281 IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL\r
282 IN TPM2B_AUTH *Auth,\r
283 IN TPM2B_NV_PUBLIC *NvPublic\r
284 )\r
285{\r
286 EFI_STATUS Status;\r
287 TPM2_NV_DEFINESPACE_COMMAND SendBuffer;\r
288 TPM2_NV_DEFINESPACE_RESPONSE RecvBuffer;\r
289 UINT32 SendBufferSize;\r
290 UINT32 RecvBufferSize;\r
291 UINT16 NvPublicSize;\r
292 UINT8 *Buffer;\r
293 UINT32 SessionInfoSize;\r
294 TPM_RC ResponseCode;\r
295\r
296 //\r
297 // Construct command\r
298 //\r
299 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
300 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_DefineSpace);\r
301 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
302\r
303 //\r
304 // Add in Auth session\r
305 //\r
306 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
307\r
308 // sessionInfoSize\r
309 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
310 Buffer += SessionInfoSize;\r
311 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
312\r
313 //\r
314 // IndexAuth\r
315 //\r
316 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Auth->size));\r
317 Buffer += sizeof(UINT16);\r
318 CopyMem(Buffer, Auth->buffer, Auth->size);\r
319 Buffer += Auth->size;\r
320\r
321 //\r
322 // NvPublic\r
323 //\r
324 NvPublicSize = NvPublic->size;\r
325\r
326 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublicSize));\r
327 Buffer += sizeof(UINT16);\r
328 WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NvPublic->nvPublic.nvIndex));\r
329 Buffer += sizeof(UINT32);\r
330 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.nameAlg));\r
331 Buffer += sizeof(UINT16);\r
332 WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));\r
333 Buffer += sizeof(UINT32);\r
334 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.authPolicy.size));\r
335 Buffer += sizeof(UINT16);\r
336 CopyMem (Buffer, NvPublic->nvPublic.authPolicy.buffer, NvPublic->nvPublic.authPolicy.size);\r
337 Buffer += NvPublic->nvPublic.authPolicy.size;\r
338 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.dataSize));\r
339 Buffer += sizeof(UINT16);\r
340\r
341 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
342 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
343\r
344 //\r
345 // send Tpm command\r
346 //\r
347 RecvBufferSize = sizeof (RecvBuffer);\r
348 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
349 if (EFI_ERROR (Status)) {\r
350 goto Done;\r
351 }\r
352\r
353 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
354 DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));\r
355 Status = EFI_DEVICE_ERROR;\r
356 goto Done;\r
357 }\r
358\r
359 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
360 if (ResponseCode != TPM_RC_SUCCESS) {\r
361 DEBUG ((EFI_D_ERROR, "Tpm2NvDefineSpace - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
362 }\r
363 switch (ResponseCode) {\r
364 case TPM_RC_SUCCESS:\r
365 // return data\r
366 break;\r
367 case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:\r
368 case TPM_RC_SIZE + RC_NV_DefineSpace_auth:\r
369 Status = EFI_BAD_BUFFER_SIZE;\r
370 break;\r
371 case TPM_RC_ATTRIBUTES:\r
372 case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:\r
373 Status = EFI_UNSUPPORTED;\r
374 break;\r
375 case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:\r
376 Status = EFI_INVALID_PARAMETER;\r
377 break;\r
378 case TPM_RC_NV_DEFINED:\r
379 Status = EFI_ALREADY_STARTED;\r
380 break;\r
381 case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:\r
382 case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:\r
383 Status = EFI_INVALID_PARAMETER;\r
384 break;\r
385 case TPM_RC_NV_SPACE:\r
386 Status = EFI_OUT_OF_RESOURCES;\r
387 break;\r
388 default:\r
389 Status = EFI_DEVICE_ERROR;\r
390 break;\r
391 }\r
392\r
393Done:\r
394 //\r
395 // Clear AuthSession Content\r
396 //\r
397 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
398 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
399 return Status;\r
400}\r
401\r
402/**\r
403 This command removes an index from the TPM.\r
404\r
405 @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.\r
406 @param[in] NvIndex The NV Index.\r
407 @param[in] AuthSession Auth Session context\r
408 \r
409 @retval EFI_SUCCESS Operation completed successfully.\r
410 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
411 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
412**/\r
413EFI_STATUS\r
414EFIAPI\r
415Tpm2NvUndefineSpace (\r
416 IN TPMI_RH_PROVISION AuthHandle,\r
417 IN TPMI_RH_NV_INDEX NvIndex,\r
418 IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL\r
419 )\r
420{\r
421 EFI_STATUS Status;\r
422 TPM2_NV_UNDEFINESPACE_COMMAND SendBuffer;\r
423 TPM2_NV_UNDEFINESPACE_RESPONSE RecvBuffer;\r
424 UINT32 SendBufferSize;\r
425 UINT32 RecvBufferSize;\r
426 UINT8 *Buffer;\r
427 UINT32 SessionInfoSize;\r
428 TPM_RC ResponseCode;\r
429\r
430 //\r
431 // Construct command\r
432 //\r
433 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
434 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_UndefineSpace);\r
435\r
436 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
437 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
438\r
439 //\r
440 // Add in Auth session\r
441 //\r
442 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
443\r
444 // sessionInfoSize\r
445 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
446 Buffer += SessionInfoSize;\r
447 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
448\r
449 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
450 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
451\r
452 //\r
453 // send Tpm command\r
454 //\r
455 RecvBufferSize = sizeof (RecvBuffer);\r
456 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
457 if (EFI_ERROR (Status)) {\r
458 goto Done;\r
459 }\r
460\r
461 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
462 DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - RecvBufferSize Error - %x\n", RecvBufferSize));\r
463 Status = EFI_DEVICE_ERROR;\r
464 goto Done;\r
465 }\r
466\r
467 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
468 if (ResponseCode != TPM_RC_SUCCESS) {\r
469 DEBUG ((EFI_D_ERROR, "Tpm2NvUndefineSpace - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
470 }\r
471 switch (ResponseCode) {\r
472 case TPM_RC_SUCCESS:\r
473 // return data\r
474 break;\r
475 case TPM_RC_ATTRIBUTES:\r
476 case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:\r
477 Status = EFI_UNSUPPORTED;\r
478 break;\r
479 case TPM_RC_NV_AUTHORIZATION:\r
480 Status = EFI_SECURITY_VIOLATION;\r
481 break;\r
482 case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:\r
483 Status = EFI_NOT_FOUND;\r
484 break;\r
485 case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:\r
486 Status = EFI_INVALID_PARAMETER;\r
487 break;\r
488 case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:\r
489 case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:\r
490 Status = EFI_INVALID_PARAMETER;\r
491 break;\r
492 default:\r
493 Status = EFI_DEVICE_ERROR;\r
494 break;\r
495 }\r
496\r
497Done:\r
498 //\r
499 // Clear AuthSession Content\r
500 //\r
501 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
502 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
503 return Status;\r
504}\r
505\r
506/**\r
507 This command reads a value from an area in NV memory previously defined by TPM2_NV_DefineSpace().\r
508\r
509 @param[in] AuthHandle the handle indicating the source of the authorization value.\r
510 @param[in] NvIndex The index to be read.\r
511 @param[in] AuthSession Auth Session context\r
512 @param[in] Size Number of bytes to read.\r
513 @param[in] Offset Byte offset into the area.\r
514 @param[in,out] OutData The data read.\r
515 \r
516 @retval EFI_SUCCESS Operation completed successfully.\r
517 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
518 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
519**/\r
520EFI_STATUS\r
521EFIAPI\r
522Tpm2NvRead (\r
523 IN TPMI_RH_NV_AUTH AuthHandle,\r
524 IN TPMI_RH_NV_INDEX NvIndex,\r
525 IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL\r
526 IN UINT16 Size,\r
527 IN UINT16 Offset,\r
528 IN OUT TPM2B_MAX_BUFFER *OutData\r
529 )\r
530{\r
531 EFI_STATUS Status;\r
532 TPM2_NV_READ_COMMAND SendBuffer;\r
533 TPM2_NV_READ_RESPONSE RecvBuffer;\r
534 UINT32 SendBufferSize;\r
535 UINT32 RecvBufferSize;\r
536 UINT8 *Buffer;\r
537 UINT32 SessionInfoSize;\r
538 TPM_RC ResponseCode;\r
539\r
540 //\r
541 // Construct command\r
542 //\r
543 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
544 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_Read);\r
545\r
546 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
547 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
548\r
549 //\r
550 // Add in Auth session\r
551 //\r
552 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
553\r
554 // sessionInfoSize\r
555 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
556 Buffer += SessionInfoSize;\r
557 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
558\r
559 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Size));\r
560 Buffer += sizeof(UINT16);\r
561 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Offset));\r
562 Buffer += sizeof(UINT16);\r
563\r
564 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
565 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
566\r
567 //\r
568 // send Tpm command\r
569 //\r
570 RecvBufferSize = sizeof (RecvBuffer);\r
571 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
572 if (EFI_ERROR (Status)) {\r
573 goto Done;\r
574 }\r
575\r
576 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
577 DEBUG ((EFI_D_ERROR, "Tpm2NvRead - RecvBufferSize Error - %x\n", RecvBufferSize));\r
578 Status = EFI_DEVICE_ERROR;\r
579 goto Done;\r
580 }\r
581 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
582 if (ResponseCode != TPM_RC_SUCCESS) {\r
583 DEBUG ((EFI_D_ERROR, "Tpm2NvRead - responseCode - %x\n", ResponseCode));\r
584 }\r
585 switch (ResponseCode) {\r
586 case TPM_RC_SUCCESS:\r
587 // return data\r
588 break;\r
589 case TPM_RC_NV_AUTHORIZATION:\r
590 Status = EFI_SECURITY_VIOLATION;\r
591 break;\r
592 case TPM_RC_NV_LOCKED:\r
593 Status = EFI_ACCESS_DENIED;\r
594 break;\r
595 case TPM_RC_NV_RANGE:\r
596 Status = EFI_BAD_BUFFER_SIZE;\r
597 break;\r
598 case TPM_RC_NV_UNINITIALIZED:\r
599 Status = EFI_NOT_READY;\r
600 break;\r
601 case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:\r
602 Status = EFI_NOT_FOUND;\r
603 break;\r
604 case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:\r
605 Status = EFI_INVALID_PARAMETER;\r
606 break;\r
607 case TPM_RC_VALUE + RC_NV_Read_nvIndex:\r
608 case TPM_RC_VALUE + RC_NV_Read_authHandle:\r
609 Status = EFI_INVALID_PARAMETER;\r
610 break;\r
611 case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:\r
612 Status = EFI_INVALID_PARAMETER;\r
613 break;\r
614 case TPM_RC_AUTH_UNAVAILABLE:\r
615 Status = EFI_INVALID_PARAMETER;\r
616 break;\r
617 case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:\r
618 Status = EFI_INVALID_PARAMETER;\r
619 break;\r
620 case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:\r
621 Status = EFI_UNSUPPORTED;\r
622 break;\r
623 default:\r
624 Status = EFI_DEVICE_ERROR;\r
625 break;\r
626 }\r
627 if (Status != EFI_SUCCESS) {\r
628 goto Done;\r
629 }\r
630\r
631 //\r
632 // Return the response\r
633 //\r
634 OutData->size = SwapBytes16 (RecvBuffer.Data.size);\r
635 CopyMem (OutData->buffer, &RecvBuffer.Data.buffer, OutData->size);\r
636 \r
637Done:\r
638 //\r
639 // Clear AuthSession Content\r
640 //\r
641 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
642 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
643 return Status;\r
644}\r
645\r
646/**\r
647 This command writes a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace().\r
648\r
649 @param[in] AuthHandle the handle indicating the source of the authorization value.\r
650 @param[in] NvIndex The NV Index of the area to write.\r
651 @param[in] AuthSession Auth Session context\r
652 @param[in] InData The data to write.\r
653 @param[in] Offset The offset into the NV Area.\r
654 \r
655 @retval EFI_SUCCESS Operation completed successfully.\r
656 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
657 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
658**/\r
659EFI_STATUS\r
660EFIAPI\r
661Tpm2NvWrite (\r
662 IN TPMI_RH_NV_AUTH AuthHandle,\r
663 IN TPMI_RH_NV_INDEX NvIndex,\r
664 IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL\r
665 IN TPM2B_MAX_BUFFER *InData,\r
666 IN UINT16 Offset\r
667 )\r
668{\r
669 EFI_STATUS Status;\r
670 TPM2_NV_WRITE_COMMAND SendBuffer;\r
671 TPM2_NV_WRITE_RESPONSE RecvBuffer;\r
672 UINT32 SendBufferSize;\r
673 UINT32 RecvBufferSize;\r
674 UINT8 *Buffer;\r
675 UINT32 SessionInfoSize;\r
676 TPM_RC ResponseCode;\r
677\r
678 //\r
679 // Construct command\r
680 //\r
681 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
682 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_Write);\r
683\r
684 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
685 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
686\r
687 //\r
688 // Add in Auth session\r
689 //\r
690 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
691\r
692 // sessionInfoSize\r
693 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
694 Buffer += SessionInfoSize;\r
695 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
696\r
697 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (InData->size));\r
698 Buffer += sizeof(UINT16);\r
699 CopyMem (Buffer, InData->buffer, InData->size);\r
700 Buffer += InData->size;\r
701 WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Offset));\r
702 Buffer += sizeof(UINT16);\r
703\r
704 SendBufferSize = (UINT32) (Buffer - (UINT8 *)&SendBuffer);\r
705 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
706\r
707 //\r
708 // send Tpm command\r
709 //\r
710 RecvBufferSize = sizeof (RecvBuffer);\r
711 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
712 if (EFI_ERROR (Status)) {\r
713 goto Done;\r
714 }\r
715\r
716 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
717 DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - RecvBufferSize Error - %x\n", RecvBufferSize));\r
718 Status = EFI_DEVICE_ERROR;\r
719 goto Done;\r
720 }\r
721 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
722 if (ResponseCode != TPM_RC_SUCCESS) {\r
723 DEBUG ((EFI_D_ERROR, "Tpm2NvWrite - responseCode - %x\n", ResponseCode));\r
724 }\r
725 switch (ResponseCode) {\r
726 case TPM_RC_SUCCESS:\r
727 // return data\r
728 break;\r
729 case TPM_RC_ATTRIBUTES:\r
730 Status = EFI_UNSUPPORTED;\r
731 break;\r
732 case TPM_RC_NV_AUTHORIZATION:\r
733 Status = EFI_SECURITY_VIOLATION;\r
734 break;\r
735 case TPM_RC_NV_LOCKED:\r
736 Status = EFI_ACCESS_DENIED;\r
737 break;\r
738 case TPM_RC_NV_RANGE:\r
739 Status = EFI_BAD_BUFFER_SIZE;\r
740 break;\r
741 case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:\r
742 Status = EFI_NOT_FOUND;\r
743 break;\r
744 case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:\r
745 Status = EFI_INVALID_PARAMETER;\r
746 break;\r
747 case TPM_RC_VALUE + RC_NV_Write_nvIndex:\r
748 case TPM_RC_VALUE + RC_NV_Write_authHandle:\r
749 Status = EFI_INVALID_PARAMETER;\r
750 break;\r
751 case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:\r
752 Status = EFI_INVALID_PARAMETER;\r
753 break;\r
754 case TPM_RC_AUTH_UNAVAILABLE:\r
755 Status = EFI_INVALID_PARAMETER;\r
756 break;\r
757 case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:\r
758 Status = EFI_INVALID_PARAMETER;\r
759 break;\r
760 case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:\r
761 Status = EFI_UNSUPPORTED;\r
762 break;\r
763 default:\r
764 Status = EFI_DEVICE_ERROR;\r
765 break;\r
766 }\r
767\r
768Done:\r
769 //\r
770 // Clear AuthSession Content\r
771 //\r
772 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
773 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
774 return Status;\r
775}\r
776\r
777/**\r
778 This command may be used to prevent further reads of the Index until the next TPM2_Startup (TPM_SU_CLEAR).\r
779\r
780 @param[in] AuthHandle the handle indicating the source of the authorization value.\r
781 @param[in] NvIndex The NV Index of the area to lock.\r
782 @param[in] AuthSession Auth Session context\r
783\r
784 @retval EFI_SUCCESS Operation completed successfully.\r
785 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
786 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
787**/\r
788EFI_STATUS\r
789EFIAPI\r
790Tpm2NvReadLock (\r
791 IN TPMI_RH_NV_AUTH AuthHandle,\r
792 IN TPMI_RH_NV_INDEX NvIndex,\r
793 IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL\r
794 )\r
795{\r
796 EFI_STATUS Status;\r
797 TPM2_NV_READLOCK_COMMAND SendBuffer;\r
798 TPM2_NV_READLOCK_RESPONSE RecvBuffer;\r
799 UINT32 SendBufferSize;\r
800 UINT32 RecvBufferSize;\r
801 UINT8 *Buffer;\r
802 UINT32 SessionInfoSize;\r
803 TPM_RC ResponseCode;\r
804\r
805 //\r
806 // Construct command\r
807 //\r
808 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
809 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadLock);\r
810\r
811 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
812 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
813\r
814 //\r
815 // Add in Auth session\r
816 //\r
817 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
818\r
819 // sessionInfoSize\r
820 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
821 Buffer += SessionInfoSize;\r
822 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
823\r
824 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
825 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
826\r
827 //\r
828 // send Tpm command\r
829 //\r
830 RecvBufferSize = sizeof (RecvBuffer);\r
831 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
832 if (EFI_ERROR (Status)) {\r
833 goto Done;\r
834 }\r
835\r
836 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
837 DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
838 Status = EFI_DEVICE_ERROR;\r
839 goto Done;\r
840 }\r
841\r
842 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
843 if (ResponseCode != TPM_RC_SUCCESS) {\r
844 DEBUG ((EFI_D_ERROR, "Tpm2NvReadLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
845 }\r
846 switch (ResponseCode) {\r
847 case TPM_RC_SUCCESS:\r
848 // return data\r
849 break;\r
850 default:\r
851 Status = EFI_DEVICE_ERROR;\r
852 break;\r
853 }\r
854\r
855Done:\r
856 //\r
857 // Clear AuthSession Content\r
858 //\r
859 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
860 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
861 return Status;\r
862}\r
863\r
864/**\r
865 This command may be used to inhibit further writes of the Index.\r
866\r
867 @param[in] AuthHandle the handle indicating the source of the authorization value.\r
868 @param[in] NvIndex The NV Index of the area to lock.\r
869 @param[in] AuthSession Auth Session context\r
870\r
871 @retval EFI_SUCCESS Operation completed successfully.\r
872 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
873 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
874**/\r
875EFI_STATUS\r
876EFIAPI\r
877Tpm2NvWriteLock (\r
878 IN TPMI_RH_NV_AUTH AuthHandle,\r
879 IN TPMI_RH_NV_INDEX NvIndex,\r
880 IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL\r
881 )\r
882{\r
883 EFI_STATUS Status;\r
884 TPM2_NV_WRITELOCK_COMMAND SendBuffer;\r
885 TPM2_NV_WRITELOCK_RESPONSE RecvBuffer;\r
886 UINT32 SendBufferSize;\r
887 UINT32 RecvBufferSize;\r
888 UINT8 *Buffer;\r
889 UINT32 SessionInfoSize;\r
890 TPM_RC ResponseCode;\r
891\r
892 //\r
893 // Construct command\r
894 //\r
895 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
896 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_WriteLock);\r
897\r
898 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
899 SendBuffer.NvIndex = SwapBytes32 (NvIndex);\r
900\r
901 //\r
902 // Add in Auth session\r
903 //\r
904 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
905\r
906 // sessionInfoSize\r
907 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
908 Buffer += SessionInfoSize;\r
909 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
910\r
911 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
912 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
913\r
914 //\r
915 // send Tpm command\r
916 //\r
917 RecvBufferSize = sizeof (RecvBuffer);\r
918 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
919 if (EFI_ERROR (Status)) {\r
920 goto Done;\r
921 }\r
922\r
923 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
924 DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
925 Status = EFI_DEVICE_ERROR;\r
926 goto Done;\r
927 }\r
928\r
929 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
930 if (ResponseCode != TPM_RC_SUCCESS) {\r
931 DEBUG ((EFI_D_ERROR, "Tpm2NvWriteLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
932 }\r
933 switch (ResponseCode) {\r
934 case TPM_RC_SUCCESS:\r
935 // return data\r
936 break;\r
937 default:\r
938 Status = EFI_DEVICE_ERROR;\r
939 break;\r
940 }\r
941\r
942Done:\r
943 //\r
944 // Clear AuthSession Content\r
945 //\r
946 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
947 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
948 return Status;\r
949}\r
950\r
951/**\r
952 The command will SET TPMA_NV_WRITELOCKED for all indexes that have their TPMA_NV_GLOBALLOCK attribute SET.\r
953\r
954 @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}.\r
955 @param[in] AuthSession Auth Session context\r
956\r
957 @retval EFI_SUCCESS Operation completed successfully.\r
958 @retval EFI_DEVICE_ERROR The command was unsuccessful.\r
959 @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found.\r
960**/\r
961EFI_STATUS\r
962EFIAPI\r
963Tpm2NvGlobalWriteLock (\r
964 IN TPMI_RH_PROVISION AuthHandle,\r
965 IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL\r
966 )\r
967{\r
968 EFI_STATUS Status;\r
969 TPM2_NV_GLOBALWRITELOCK_COMMAND SendBuffer;\r
970 TPM2_NV_GLOBALWRITELOCK_RESPONSE RecvBuffer;\r
971 UINT32 SendBufferSize;\r
972 UINT32 RecvBufferSize;\r
973 UINT8 *Buffer;\r
974 UINT32 SessionInfoSize;\r
975 TPM_RC ResponseCode;\r
976\r
977 //\r
978 // Construct command\r
979 //\r
980 SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
981 SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_GlobalWriteLock);\r
982\r
983 SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
984\r
985 //\r
986 // Add in Auth session\r
987 //\r
988 Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
989\r
990 // sessionInfoSize\r
991 SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
992 Buffer += SessionInfoSize;\r
993 SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
994\r
995 SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);\r
996 SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
997\r
998 //\r
999 // send Tpm command\r
1000 //\r
1001 RecvBufferSize = sizeof (RecvBuffer);\r
1002 Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
1003 if (EFI_ERROR (Status)) {\r
1004 goto Done;\r
1005 }\r
1006\r
1007 if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
1008 DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - RecvBufferSize Error - %x\n", RecvBufferSize));\r
1009 Status = EFI_DEVICE_ERROR;\r
1010 goto Done;\r
1011 }\r
1012\r
1013 ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);\r
1014 if (ResponseCode != TPM_RC_SUCCESS) {\r
1015 DEBUG ((EFI_D_ERROR, "Tpm2NvGlobalWriteLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
1016 }\r
1017 switch (ResponseCode) {\r
1018 case TPM_RC_SUCCESS:\r
1019 // return data\r
1020 break;\r
1021 default:\r
1022 Status = EFI_DEVICE_ERROR;\r
1023 break;\r
1024 }\r
1025\r
1026Done:\r
1027 //\r
1028 // Clear AuthSession Content\r
1029 //\r
1030 ZeroMem (&SendBuffer, sizeof(SendBuffer));\r
1031 ZeroMem (&RecvBuffer, sizeof(RecvBuffer));\r
1032 return Status;\r
1033}\r
EFI Development Kit II mirror for PVE