3 Execute pending TPM requests from OS or BIOS and Lock TPM.
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable.
7 This external input must be validated carefully to avoid security issue.
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.
11 Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
12 This program and the accompanying materials
13 are licensed and made available under the terms and conditions of the BSD License
14 which accompanies this distribution. The full text of the license may be found at
15 http://opensource.org/licenses/bsd-license.php
17 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
18 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
24 #include <Protocol/TcgService.h>
25 #include <Protocol/VariableLock.h>
26 #include <Library/DebugLib.h>
27 #include <Library/BaseMemoryLib.h>
28 #include <Library/UefiRuntimeServicesTableLib.h>
29 #include <Library/UefiDriverEntryPoint.h>
30 #include <Library/UefiBootServicesTableLib.h>
31 #include <Library/UefiLib.h>
32 #include <Library/MemoryAllocationLib.h>
33 #include <Library/PrintLib.h>
34 #include <Library/HiiLib.h>
35 #include <Guid/EventGroup.h>
36 #include <Guid/PhysicalPresenceData.h>
38 #define TPM_PP_USER_ABORT ((TPM_RESULT)(-0x10))
39 #define TPM_PP_BIOS_FAILURE ((TPM_RESULT)(-0x0f))
40 #define CONFIRM_BUFFER_SIZE 4096
42 EFI_HII_HANDLE mPpStringPackHandle
;
45 Get string by string id from HII Interface.
47 @param[in] Id String ID.
49 @retval CHAR16 * String from ID.
50 @retval NULL If error occurs.
54 PhysicalPresenceGetStringById (
58 return HiiGetString (mPpStringPackHandle
, Id
, NULL
);
62 Get TPM physical presence permanent flags.
64 @param[in] TcgProtocol EFI TCG Protocol instance.
65 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
66 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
68 @retval EFI_SUCCESS Flags were returns successfully.
69 @retval other Failed to locate EFI TCG Protocol.
74 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
75 OUT BOOLEAN
*LifetimeLock
,
76 OUT BOOLEAN
*CmdEnable
80 TPM_RQU_COMMAND_HDR
*TpmRqu
;
81 TPM_RSP_COMMAND_HDR
*TpmRsp
;
83 UINT8 SendBuffer
[sizeof (*TpmRqu
) + sizeof (UINT32
) * 3];
84 TPM_PERMANENT_FLAGS
*TpmPermanentFlags
;
88 // Fill request header
90 TpmRsp
= (TPM_RSP_COMMAND_HDR
*)RecvBuffer
;
91 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)SendBuffer
;
93 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
94 TpmRqu
->paramSize
= SwapBytes32 (sizeof (SendBuffer
));
95 TpmRqu
->ordinal
= SwapBytes32 (TPM_ORD_GetCapability
);
98 // Set request parameter
100 SendBufPtr
= (UINT32
*)(TpmRqu
+ 1);
101 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (TPM_CAP_FLAG
));
102 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT
)));
103 WriteUnaligned32 (SendBufPtr
, SwapBytes32 (TPM_CAP_FLAG_PERMANENT
));
105 Status
= TcgProtocol
->PassThroughToTpm (
112 ASSERT_EFI_ERROR (Status
);
113 ASSERT (TpmRsp
->tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
114 ASSERT (TpmRsp
->returnCode
== 0);
116 TpmPermanentFlags
= (TPM_PERMANENT_FLAGS
*)&RecvBuffer
[sizeof (TPM_RSP_COMMAND_HDR
) + sizeof (UINT32
)];
118 if (LifetimeLock
!= NULL
) {
119 *LifetimeLock
= TpmPermanentFlags
->physicalPresenceLifetimeLock
;
122 if (CmdEnable
!= NULL
) {
123 *CmdEnable
= TpmPermanentFlags
->physicalPresenceCMDEnable
;
130 Issue TSC_PhysicalPresence command to TPM.
132 @param[in] TcgProtocol EFI TCG Protocol instance.
133 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
135 @retval EFI_SUCCESS TPM executed the command successfully.
136 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
137 @retval other Failed to locate EFI TCG Protocol.
141 TpmPhysicalPresence (
142 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
143 IN TPM_PHYSICAL_PRESENCE PhysicalPresence
147 TPM_RQU_COMMAND_HDR
*TpmRqu
;
148 TPM_PHYSICAL_PRESENCE
*TpmPp
;
149 TPM_RSP_COMMAND_HDR TpmRsp
;
150 UINT8 Buffer
[sizeof (*TpmRqu
) + sizeof (*TpmPp
)];
152 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)Buffer
;
153 TpmPp
= (TPM_PHYSICAL_PRESENCE
*)(TpmRqu
+ 1);
155 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
156 TpmRqu
->paramSize
= SwapBytes32 (sizeof (Buffer
));
157 TpmRqu
->ordinal
= SwapBytes32 (TSC_ORD_PhysicalPresence
);
158 WriteUnaligned16 (TpmPp
, (TPM_PHYSICAL_PRESENCE
) SwapBytes16 (PhysicalPresence
));
160 Status
= TcgProtocol
->PassThroughToTpm (
167 ASSERT_EFI_ERROR (Status
);
168 ASSERT (TpmRsp
.tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
169 if (TpmRsp
.returnCode
!= 0) {
171 // If it fails, some requirements may be needed for this command.
173 return EFI_SECURITY_VIOLATION
;
180 Issue a TPM command for which no additional output data will be returned.
182 @param[in] TcgProtocol EFI TCG Protocol instance.
183 @param[in] Ordinal TPM command code.
184 @param[in] AdditionalParameterSize Additional parameter size.
185 @param[in] AdditionalParameters Pointer to the Additional paramaters.
187 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or
188 receiving response from TPM.
189 @retval Others Return code from the TPM device after command execution.
193 TpmCommandNoReturnData (
194 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
195 IN TPM_COMMAND_CODE Ordinal
,
196 IN UINTN AdditionalParameterSize
,
197 IN VOID
*AdditionalParameters
201 TPM_RQU_COMMAND_HDR
*TpmRqu
;
202 TPM_RSP_COMMAND_HDR TpmRsp
;
205 TpmRqu
= (TPM_RQU_COMMAND_HDR
*) AllocatePool (sizeof (*TpmRqu
) + AdditionalParameterSize
);
206 if (TpmRqu
== NULL
) {
207 return TPM_PP_BIOS_FAILURE
;
210 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
211 Size
= (UINT32
)(sizeof (*TpmRqu
) + AdditionalParameterSize
);
212 TpmRqu
->paramSize
= SwapBytes32 (Size
);
213 TpmRqu
->ordinal
= SwapBytes32 (Ordinal
);
214 CopyMem (TpmRqu
+ 1, AdditionalParameters
, AdditionalParameterSize
);
216 Status
= TcgProtocol
->PassThroughToTpm (
220 (UINT32
)sizeof (TpmRsp
),
224 if (EFI_ERROR (Status
) || (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
))) {
225 return TPM_PP_BIOS_FAILURE
;
227 return SwapBytes32 (TpmRsp
.returnCode
);
231 Execute physical presence operation requested by the OS.
233 @param[in] TcgProtocol EFI TCG Protocol instance.
234 @param[in] CommandCode Physical presence operation value.
235 @param[in, out] PpiFlags The physical presence interface flags.
237 @retval TPM_PP_BIOS_FAILURE Unknown physical presence operation.
238 @retval TPM_PP_BIOS_FAILURE Error occurred during sending command to TPM or
239 receiving response from TPM.
240 @retval Others Return code from the TPM device after command execution.
244 ExecutePhysicalPresence (
245 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
246 IN UINT8 CommandCode
,
247 IN OUT UINT8
*PpiFlags
251 TPM_RESULT TpmResponse
;
254 switch (CommandCode
) {
255 case PHYSICAL_PRESENCE_ENABLE
:
256 return TpmCommandNoReturnData (
258 TPM_ORD_PhysicalEnable
,
263 case PHYSICAL_PRESENCE_DISABLE
:
264 return TpmCommandNoReturnData (
266 TPM_ORD_PhysicalDisable
,
271 case PHYSICAL_PRESENCE_ACTIVATE
:
273 return TpmCommandNoReturnData (
275 TPM_ORD_PhysicalSetDeactivated
,
280 case PHYSICAL_PRESENCE_DEACTIVATE
:
282 return TpmCommandNoReturnData (
284 TPM_ORD_PhysicalSetDeactivated
,
289 case PHYSICAL_PRESENCE_CLEAR
:
290 return TpmCommandNoReturnData (
297 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
298 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE
, PpiFlags
);
299 if (TpmResponse
== 0) {
300 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ACTIVATE
, PpiFlags
);
304 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
305 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE
, PpiFlags
);
306 if (TpmResponse
== 0) {
307 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DISABLE
, PpiFlags
);
311 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
313 return TpmCommandNoReturnData (
315 TPM_ORD_SetOwnerInstall
,
320 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
322 return TpmCommandNoReturnData (
324 TPM_ORD_SetOwnerInstall
,
329 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
331 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
332 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
334 if ((*PpiFlags
& FLAG_RESET_TRACK
) == 0) {
335 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
336 *PpiFlags
|= FLAG_RESET_TRACK
;
338 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
, PpiFlags
);
339 *PpiFlags
&= ~FLAG_RESET_TRACK
;
343 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
344 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
, PpiFlags
);
345 if (TpmResponse
== 0) {
346 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
, PpiFlags
);
350 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
351 InData
[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA
); // CapabilityArea
352 InData
[1] = SwapBytes32 (sizeof(UINT32
)); // SubCapSize
353 InData
[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE
); // SubCap
354 InData
[3] = SwapBytes32 (sizeof(UINT32
)); // SetValueSize
355 InData
[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
356 return TpmCommandNoReturnData (
358 TPM_ORD_SetCapability
,
363 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
365 // TPM_SetOperatorAuth
366 // This command requires UI to prompt user for Auth data
367 // Here it is NOT implemented
369 return TPM_PP_BIOS_FAILURE
;
371 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
372 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
373 if (TpmResponse
== 0) {
374 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
378 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
379 *PpiFlags
&= ~FLAG_NO_PPI_PROVISION
;
382 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
383 *PpiFlags
|= FLAG_NO_PPI_PROVISION
;
386 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
387 *PpiFlags
&= ~FLAG_NO_PPI_CLEAR
;
390 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
391 *PpiFlags
|= FLAG_NO_PPI_CLEAR
;
394 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
395 *PpiFlags
&= ~FLAG_NO_PPI_MAINTENANCE
;
398 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
399 *PpiFlags
|= FLAG_NO_PPI_MAINTENANCE
;
402 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
404 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
405 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
407 if ((*PpiFlags
& FLAG_RESET_TRACK
) == 0) {
408 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
409 *PpiFlags
|= FLAG_RESET_TRACK
;
411 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
412 *PpiFlags
&= ~FLAG_RESET_TRACK
;
416 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
418 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
419 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
421 if ((*PpiFlags
& FLAG_RESET_TRACK
) == 0) {
422 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
423 *PpiFlags
|= FLAG_RESET_TRACK
;
425 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
, PpiFlags
);
426 *PpiFlags
&= ~FLAG_RESET_TRACK
;
433 return TPM_PP_BIOS_FAILURE
;
438 Read the specified key for user confirmation.
440 @param[in] CautionKey If true, F12 is used as confirm key;
441 If false, F10 is used as confirm key.
443 @retval TRUE User confirmed the changes by input.
444 @retval FALSE User discarded the changes or device error.
449 IN BOOLEAN CautionKey
459 Status
= gST
->ConIn
->ReadKeyStroke (gST
->ConIn
, &Key
);
460 if (Status
== EFI_NOT_READY
) {
461 gBS
->WaitForEvent (1, &gST
->ConIn
->WaitForKey
, &Index
);
465 if (Status
== EFI_DEVICE_ERROR
) {
469 if (Key
.ScanCode
== SCAN_ESC
) {
470 InputKey
= Key
.ScanCode
;
472 if ((Key
.ScanCode
== SCAN_F10
) && !CautionKey
) {
473 InputKey
= Key
.ScanCode
;
475 if ((Key
.ScanCode
== SCAN_F12
) && CautionKey
) {
476 InputKey
= Key
.ScanCode
;
478 } while (InputKey
== 0);
480 if (InputKey
!= SCAN_ESC
) {
488 The constructor function register UNI strings into imageHandle.
490 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
492 @param ImageHandle The firmware allocated handle for the EFI image.
493 @param SystemTable A pointer to the EFI System Table.
495 @retval EFI_SUCCESS The constructor successfully added string package.
496 @retval Other value The constructor can't add string package.
501 TcgPhysicalPresenceLibConstructor (
502 IN EFI_HANDLE ImageHandle
,
503 IN EFI_SYSTEM_TABLE
*SystemTable
506 mPpStringPackHandle
= HiiAddPackages (&gEfiPhysicalPresenceGuid
, ImageHandle
, DxeTcgPhysicalPresenceLibStrings
, NULL
);
507 ASSERT (mPpStringPackHandle
!= NULL
);
513 Display the confirm text and get user confirmation.
515 @param[in] TpmPpCommand The requested TPM physical presence command.
517 @retval TRUE The user has confirmed the changes.
518 @retval FALSE The user doesn't confirm the changes.
522 IN UINT8 TpmPpCommand
535 BufSize
= CONFIRM_BUFFER_SIZE
;
536 ConfirmText
= AllocateZeroPool (BufSize
);
537 ASSERT (ConfirmText
!= NULL
);
539 switch (TpmPpCommand
) {
540 case PHYSICAL_PRESENCE_ENABLE
:
541 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE
));
543 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
544 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
547 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
548 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
552 case PHYSICAL_PRESENCE_DISABLE
:
553 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE
));
555 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
556 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
559 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
560 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
563 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
564 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
568 case PHYSICAL_PRESENCE_ACTIVATE
:
569 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE
));
571 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
572 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
575 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
576 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
580 case PHYSICAL_PRESENCE_DEACTIVATE
:
581 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE
));
583 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
584 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
587 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
588 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
591 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
592 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
596 case PHYSICAL_PRESENCE_CLEAR
:
598 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
600 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
601 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
604 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
605 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
606 StrnCat (ConfirmText
, L
" \n\n", (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
609 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
610 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
614 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
615 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE
));
617 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
618 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
621 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
622 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
625 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
626 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
630 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
631 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE
));
633 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
634 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
637 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
638 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
641 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
642 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
645 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
646 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
650 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
651 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP
));
653 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
654 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
657 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
658 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
662 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
663 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP
));
665 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
666 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
669 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
670 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
674 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
675 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON
));
677 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
678 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
681 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
682 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
685 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
686 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
690 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
691 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF
));
693 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
694 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
697 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
698 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
701 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
702 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
705 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
706 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
710 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
712 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE
));
714 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR
));
715 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
718 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
719 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
722 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
723 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
727 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
729 // TPM_SetOperatorAuth
730 // This command requires UI to prompt user for Auth data
731 // Here it is NOT implemented
735 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
737 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON
));
739 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
740 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
743 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
744 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
747 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
748 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
751 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
752 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
755 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
756 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
760 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
761 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION
));
763 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
764 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
767 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
768 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
771 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
772 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
776 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
778 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
780 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
781 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
784 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR
));
785 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
788 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
789 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
790 StrnCat (ConfirmText
, L
" \n\n", (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
793 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
794 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
797 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
798 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
802 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
804 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN
));
806 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
807 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
810 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
811 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
814 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
815 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
818 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
819 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
823 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
825 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR
));
827 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
828 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
831 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
832 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
833 StrnCat (ConfirmText
, L
" \n\n", (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
836 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
837 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
841 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
843 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
));
845 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
846 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
849 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
850 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
853 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
854 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
857 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
858 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
861 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
862 StrnCat (ConfirmText
, TmpStr1
, (BufSize
/ sizeof (CHAR16
*)) - StrLen (ConfirmText
) - 1);
870 if (TmpStr2
== NULL
) {
871 FreePool (ConfirmText
);
875 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY
));
876 BufSize
-= StrSize (ConfirmText
);
877 UnicodeSPrint (ConfirmText
+ StrLen (ConfirmText
), BufSize
, TmpStr1
, TmpStr2
);
880 for (Index
= 0; Index
< StrLen (ConfirmText
); Index
+= 80) {
881 StrnCpy(DstStr
, ConfirmText
+ Index
, 80);
887 FreePool (ConfirmText
);
889 if (ReadUserKey (CautionKey
)) {
897 Check if there is a valid physical presence command request. Also updates parameter value
898 to whether the requested physical presence command already confirmed by user
900 @param[in] TcgPpData EFI TCG Physical Presence request data.
901 @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
902 True, it indicates the command doesn't require user confirm, or already confirmed
903 in last boot cycle by user.
904 False, it indicates the command need user confirm from UI.
906 @retval TRUE Physical Presence operation command is valid.
907 @retval FALSE Physical Presence operation command is invalid.
911 HaveValidTpmRequest (
912 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
914 OUT BOOLEAN
*RequestConfirmed
918 *RequestConfirmed
= FALSE
;
920 switch (TcgPpData
->PPRequest
) {
921 case PHYSICAL_PRESENCE_NO_ACTION
:
922 *RequestConfirmed
= TRUE
;
924 case PHYSICAL_PRESENCE_ENABLE
:
925 case PHYSICAL_PRESENCE_DISABLE
:
926 case PHYSICAL_PRESENCE_ACTIVATE
:
927 case PHYSICAL_PRESENCE_DEACTIVATE
:
928 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
929 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
930 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
931 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
932 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
933 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
934 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
935 if ((Flags
& FLAG_NO_PPI_PROVISION
) != 0) {
936 *RequestConfirmed
= TRUE
;
940 case PHYSICAL_PRESENCE_CLEAR
:
941 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
942 if ((Flags
& FLAG_NO_PPI_CLEAR
) != 0) {
943 *RequestConfirmed
= TRUE
;
947 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
948 if ((Flags
& FLAG_NO_PPI_MAINTENANCE
) != 0) {
949 *RequestConfirmed
= TRUE
;
953 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
954 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
955 if ((Flags
& FLAG_NO_PPI_CLEAR
) != 0 && (Flags
& FLAG_NO_PPI_PROVISION
) != 0) {
956 *RequestConfirmed
= TRUE
;
960 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
961 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
962 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
963 *RequestConfirmed
= TRUE
;
966 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
967 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
968 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
973 // Wrong Physical Presence command
978 if ((Flags
& FLAG_RESET_TRACK
) != 0) {
980 // It had been confirmed in last boot, it doesn't need confirm again.
982 *RequestConfirmed
= TRUE
;
986 // Physical Presence command is correct
993 Check and execute the requested physical presence command.
995 Caution: This function may receive untrusted input.
996 TcgPpData variable is external input, so this function will validate
997 its data structure to be valid value.
999 @param[in] TcgProtocol EFI TCG Protocol instance.
1000 @param[in] TcgPpData Point to the physical presence NV variable.
1004 ExecutePendingTpmRequest (
1005 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
1006 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
1012 BOOLEAN RequestConfirmed
;
1015 if (!HaveValidTpmRequest(TcgPpData
, Flags
, &RequestConfirmed
)) {
1017 // Invalid operation request.
1019 TcgPpData
->PPResponse
= TPM_PP_BIOS_FAILURE
;
1020 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1021 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1022 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1023 Status
= gRT
->SetVariable (
1024 PHYSICAL_PRESENCE_VARIABLE
,
1025 &gEfiPhysicalPresenceGuid
,
1026 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1033 if (!RequestConfirmed
) {
1035 // Print confirm text and wait for approval.
1037 RequestConfirmed
= UserConfirm (TcgPpData
->PPRequest
);
1041 // Execute requested physical presence command
1043 TcgPpData
->PPResponse
= TPM_PP_USER_ABORT
;
1045 if (RequestConfirmed
) {
1046 TcgPpData
->PPResponse
= ExecutePhysicalPresence (TcgProtocol
, TcgPpData
->PPRequest
, &NewFlags
);
1050 // Save the flags if it is updated.
1052 if (Flags
!= NewFlags
) {
1053 Status
= gRT
->SetVariable (
1054 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1055 &gEfiPhysicalPresenceGuid
,
1056 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1066 if ((NewFlags
& FLAG_RESET_TRACK
) == 0) {
1067 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1068 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1074 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1075 Status
= gRT
->SetVariable (
1076 PHYSICAL_PRESENCE_VARIABLE
,
1077 &gEfiPhysicalPresenceGuid
,
1078 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1082 if (EFI_ERROR (Status
)) {
1086 if (TcgPpData
->PPResponse
== TPM_PP_USER_ABORT
) {
1091 // Reset system to make new TPM settings in effect
1093 switch (TcgPpData
->LastPPRequest
) {
1094 case PHYSICAL_PRESENCE_ACTIVATE
:
1095 case PHYSICAL_PRESENCE_DEACTIVATE
:
1096 case PHYSICAL_PRESENCE_CLEAR
:
1097 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
1098 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
1099 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
1100 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
1101 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
1102 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
1103 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
1104 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
1107 if (TcgPpData
->PPRequest
!= PHYSICAL_PRESENCE_NO_ACTION
) {
1113 Print (L
"Rebooting system to make TPM settings in effect\n");
1114 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
1119 Check and execute the pending TPM request and Lock TPM.
1121 The TPM request may come from OS or BIOS. This API will display request information and wait
1122 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
1123 the TPM request is confirmed, and one or more reset may be required to make TPM request to
1124 take effect. At last, it will lock TPM to prevent TPM state change by malware.
1126 This API should be invoked after console in and console out are all ready as they are required
1127 to display request information and get user input to confirm the request. This API should also
1128 be invoked as early as possible as TPM is locked in this function.
1133 TcgPhysicalPresenceLibProcessRequest (
1138 BOOLEAN LifetimeLock
;
1141 EFI_PHYSICAL_PRESENCE TcgPpData
;
1142 EFI_TCG_PROTOCOL
*TcgProtocol
;
1143 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLockProtocol
;
1146 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1147 if (EFI_ERROR (Status
)) {
1152 // Initialize physical presence flags.
1154 DataSize
= sizeof (UINT8
);
1155 Status
= gRT
->GetVariable (
1156 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1157 &gEfiPhysicalPresenceGuid
,
1162 if (EFI_ERROR (Status
)) {
1163 if (Status
== EFI_NOT_FOUND
) {
1164 PpiFlags
= FLAG_NO_PPI_PROVISION
;
1165 Status
= gRT
->SetVariable (
1166 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1167 &gEfiPhysicalPresenceGuid
,
1168 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1173 ASSERT_EFI_ERROR (Status
);
1175 DEBUG ((EFI_D_ERROR
, "[TPM] PpiFlags = %x, Status = %r\n", PpiFlags
, Status
));
1178 // This flags variable controls whether physical presence is required for TPM command.
1179 // It should be protected from malicious software. We set it as read-only variable here.
1181 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**)&VariableLockProtocol
);
1182 if (!EFI_ERROR (Status
)) {
1183 Status
= VariableLockProtocol
->RequestToLock (
1184 VariableLockProtocol
,
1185 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1186 &gEfiPhysicalPresenceGuid
1188 if (EFI_ERROR (Status
)) {
1189 DEBUG ((EFI_D_ERROR
, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE
, Status
));
1190 ASSERT_EFI_ERROR (Status
);
1195 // Initialize physical presence variable.
1197 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1198 Status
= gRT
->GetVariable (
1199 PHYSICAL_PRESENCE_VARIABLE
,
1200 &gEfiPhysicalPresenceGuid
,
1205 if (EFI_ERROR (Status
)) {
1206 if (Status
== EFI_NOT_FOUND
) {
1207 ZeroMem ((VOID
*)&TcgPpData
, sizeof (TcgPpData
));
1208 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1209 Status
= gRT
->SetVariable (
1210 PHYSICAL_PRESENCE_VARIABLE
,
1211 &gEfiPhysicalPresenceGuid
,
1212 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1217 ASSERT_EFI_ERROR (Status
);
1220 DEBUG ((EFI_D_INFO
, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags
, TcgPpData
.PPRequest
));
1222 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1224 // No operation request
1229 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1230 if (EFI_ERROR (Status
)) {
1237 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1241 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
1242 if (EFI_ERROR (Status
)) {
1248 // Set operator physical presence flags
1250 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_PRESENT
);
1253 // Execute pending TPM request.
1255 ExecutePendingTpmRequest (TcgProtocol
, &TcgPpData
, PpiFlags
);
1256 DEBUG ((EFI_D_INFO
, "[TPM] PPResponse = %x\n", TcgPpData
.PPResponse
));
1259 // Lock physical presence.
1261 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_NOTPRESENT
| TPM_PHYSICAL_PRESENCE_LOCK
);
1265 Check if the pending TPM request needs user input to confirm.
1267 The TPM request may come from OS. This API will check if TPM request exists and need user
1268 input to confirmation.
1270 @retval TRUE TPM needs input to confirm user physical presence.
1271 @retval FALSE TPM doesn't need input to confirm user physical presence.
1276 TcgPhysicalPresenceLibNeedUserConfirm(
1281 EFI_PHYSICAL_PRESENCE TcgPpData
;
1283 BOOLEAN RequestConfirmed
;
1284 BOOLEAN LifetimeLock
;
1286 EFI_TCG_PROTOCOL
*TcgProtocol
;
1289 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1290 if (EFI_ERROR (Status
)) {
1295 // Check Tpm requests
1297 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1298 Status
= gRT
->GetVariable (
1299 PHYSICAL_PRESENCE_VARIABLE
,
1300 &gEfiPhysicalPresenceGuid
,
1305 if (EFI_ERROR (Status
)) {
1309 DataSize
= sizeof (UINT8
);
1310 Status
= gRT
->GetVariable (
1311 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1312 &gEfiPhysicalPresenceGuid
,
1317 if (EFI_ERROR (Status
)) {
1321 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1323 // No operation request
1328 if (!HaveValidTpmRequest(&TcgPpData
, PpiFlags
, &RequestConfirmed
)) {
1330 // Invalid operation request.
1336 // Check Tpm Capability
1338 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1339 if (EFI_ERROR (Status
)) {
1346 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1352 if (!RequestConfirmed
) {
1354 // Need UI to confirm