SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h

   1 /** @file
   2   This library is intended to be used by BDS modules.
   3   This library will execute TPM2 request.
   4
   5 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
   6 This program and the accompanying materials
   7 are licensed and made available under the terms and conditions of the BSD License
   8 which accompanies this distribution.  The full text of the license may be found at
   9 http://opensource.org/licenses/bsd-license.php
  10
  11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
  12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
  13
  14 **/
  15
  16 #ifndef _TCG2_PHYSICAL_PRESENCE_LIB_H_
  17 #define _TCG2_PHYSICAL_PRESENCE_LIB_H_
  18
  19 #include <IndustryStandard/Tpm20.h>
  20 #include <IndustryStandard/TcgPhysicalPresence.h>
  21 #include <Protocol/Tcg2Protocol.h>
  22
  23 //
  24 // UEFI TCG2 library definition bit of the BIOS TPM Management Flags
  25 //
  26 // BIT0 is reserved
  27 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR               BIT1
  28 // BIT2 is reserved
  29 #define TCG2_LIB_PP_FLAG_RESET_TRACK                                      BIT3
  30 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_ON             BIT4
  31 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF            BIT5
  32 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS          BIT6
  33 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS         BIT7
  34
  35 //
  36 // UEFI TCG2 library definition bit of the BIOS Information Flags
  37 //
  38 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_STORAGE_DISABLE      BIT8
  39 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_ENDORSEMENT_DISABLE  BIT9
  40
  41 //
  42 // UEFI TCG2 library definition bit of the BIOS Storage Management Flags
  43 //
  44 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID   BIT16
  45 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID  BIT17
  46
  47 //
  48 // Default value
  49 //
  50 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT  (TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF | \
  51                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR | \
  52                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS | \
  53                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS)
  54
  55 /**
  56   Check and execute the pending TPM request.
  57
  58   The TPM request may come from OS or BIOS. This API will display request information and wait
  59   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
  60   the TPM request is confirmed, and one or more reset may be required to make TPM request to
  61   take effect.
  62
  63   This API should be invoked after console in and console out are all ready as they are required
  64   to display request information and get user input to confirm the request.
  65
  66   @param  PlatformAuth                   platform auth value. NULL means no platform auth change.
  67 **/
  68 VOID
  69 EFIAPI
  70 Tcg2PhysicalPresenceLibProcessRequest (
  71   IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL
  72   );
  73
  74 /**
  75   Check if the pending TPM request needs user input to confirm.
  76
  77   The TPM request may come from OS. This API will check if TPM request exists and need user
  78   input to confirmation.
  79
  80   @retval    TRUE        TPM needs input to confirm user physical presence.
  81   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
  82
  83 **/
  84 BOOLEAN
  85 EFIAPI
  86 Tcg2PhysicalPresenceLibNeedUserConfirm (
  87   VOID
  88   );
  89
  90 /**
  91   Return TPM2 ManagementFlags set by PP interface.
  92
  93   @retval    ManagementFlags    TPM2 Management Flags.
  94 **/
  95 UINT32
  96 EFIAPI
  97 Tcg2PhysicalPresenceLibGetManagementFlags (
  98   VOID
  99   );
 100
 101 /**
 102   The handler for TPM physical presence function:
 103   Return TPM Operation Response to OS Environment.
 104
 105   This API should be invoked in OS runtime phase to interface with ACPI method.
 106
 107   @param[out]     MostRecentRequest Most recent operation request.
 108   @param[out]     Response          Response to the most recent operation request.
 109
 110   @return Return Code for Return TPM Operation Response to OS Environment.
 111 **/
 112 UINT32
 113 EFIAPI
 114 Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
 115   OUT UINT32                *MostRecentRequest,
 116   OUT UINT32                *Response
 117   );
 118
 119 /**
 120   The handler for TPM physical presence function:
 121   Submit TPM Operation Request to Pre-OS Environment and
 122   Submit TPM Operation Request to Pre-OS Environment 2.
 123
 124   This API should be invoked in OS runtime phase to interface with ACPI method.
 125
 126   Caution: This function may receive untrusted input.
 127
 128   @param[in out]  Pointer to OperationRequest TPM physical presence operation request.
 129   @param[in out]  Pointer to RequestParameter TPM physical presence operation request parameter.
 130
 131   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
 132         Submit TPM Operation Request to Pre-OS Environment 2.
 133   **/
 134 UINT32
 135 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
 136   IN OUT UINT32               *OperationRequest,
 137   IN OUT UINT32               *RequestParameter
 138   );
 139
 140 /**
 141   The handler for TPM physical presence function:
 142   Submit TPM Operation Request to Pre-OS Environment and
 143   Submit TPM Operation Request to Pre-OS Environment 2.
 144
 145   This API should be invoked in OS runtime phase to interface with ACPI method.
 146
 147   Caution: This function may receive untrusted input.
 148
 149   @param[in]      OperationRequest TPM physical presence operation request.
 150   @param[in]      RequestParameter TPM physical presence operation request parameter.
 151
 152   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
 153           Submit TPM Operation Request to Pre-OS Environment 2.
 154 **/
 155 UINT32
 156 EFIAPI
 157 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
 158   IN UINT32                 OperationRequest,
 159   IN UINT32                 RequestParameter
 160   );
 161
 162 /**
 163   The handler for TPM physical presence function:
 164   Get User Confirmation Status for Operation.
 165
 166   This API should be invoked in OS runtime phase to interface with ACPI method.
 167
 168   Caution: This function may receive untrusted input.
 169
 170   @param[in]      OperationRequest TPM physical presence operation request.
 171
 172   @return Return Code for Get User Confirmation Status for Operation.
 173 **/
 174 UINT32
 175 EFIAPI
 176 Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
 177   IN UINT32                 OperationRequest
 178   );
 179
 180 #endif