3 Execute pending TPM requests from OS or BIOS and Lock TPM.
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable.
7 This external input must be validated carefully to avoid security issue.
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.
11 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
12 SPDX-License-Identifier: BSD-2-Clause-Patent
18 #include <Protocol/TcgService.h>
19 #include <Protocol/VariableLock.h>
20 #include <Library/DebugLib.h>
21 #include <Library/BaseMemoryLib.h>
22 #include <Library/UefiRuntimeServicesTableLib.h>
23 #include <Library/UefiDriverEntryPoint.h>
24 #include <Library/UefiBootServicesTableLib.h>
25 #include <Library/UefiLib.h>
26 #include <Library/MemoryAllocationLib.h>
27 #include <Library/PrintLib.h>
28 #include <Library/HiiLib.h>
29 #include <Guid/EventGroup.h>
30 #include <Guid/PhysicalPresenceData.h>
31 #include <Library/TcgPpVendorLib.h>
33 #define CONFIRM_BUFFER_SIZE 4096
35 EFI_HII_HANDLE mPpStringPackHandle
;
38 Get string by string id from HII Interface.
40 @param[in] Id String ID.
42 @retval CHAR16 * String from ID.
43 @retval NULL If error occurs.
47 PhysicalPresenceGetStringById (
51 return HiiGetString (mPpStringPackHandle
, Id
, NULL
);
55 Get TPM physical presence permanent flags.
57 @param[in] TcgProtocol EFI TCG Protocol instance.
58 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
59 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
61 @retval EFI_SUCCESS Flags were returns successfully.
62 @retval other Failed to locate EFI TCG Protocol.
67 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
68 OUT BOOLEAN
*LifetimeLock
,
69 OUT BOOLEAN
*CmdEnable
73 TPM_RQU_COMMAND_HDR
*TpmRqu
;
74 TPM_RSP_COMMAND_HDR
*TpmRsp
;
76 UINT8 SendBuffer
[sizeof (*TpmRqu
) + sizeof (UINT32
) * 3];
77 TPM_PERMANENT_FLAGS
*TpmPermanentFlags
;
81 // Fill request header
83 TpmRsp
= (TPM_RSP_COMMAND_HDR
*)RecvBuffer
;
84 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)SendBuffer
;
86 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
87 TpmRqu
->paramSize
= SwapBytes32 (sizeof (SendBuffer
));
88 TpmRqu
->ordinal
= SwapBytes32 (TPM_ORD_GetCapability
);
91 // Set request parameter
93 SendBufPtr
= (UINT32
*)(TpmRqu
+ 1);
94 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (TPM_CAP_FLAG
));
95 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT
)));
96 WriteUnaligned32 (SendBufPtr
, SwapBytes32 (TPM_CAP_FLAG_PERMANENT
));
98 Status
= TcgProtocol
->PassThroughToTpm (
105 if (EFI_ERROR (Status
)) {
109 if ((TpmRsp
->tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
)) || (TpmRsp
->returnCode
!= 0)) {
110 return EFI_DEVICE_ERROR
;
113 TpmPermanentFlags
= (TPM_PERMANENT_FLAGS
*)&RecvBuffer
[sizeof (TPM_RSP_COMMAND_HDR
) + sizeof (UINT32
)];
115 if (LifetimeLock
!= NULL
) {
116 *LifetimeLock
= TpmPermanentFlags
->physicalPresenceLifetimeLock
;
119 if (CmdEnable
!= NULL
) {
120 *CmdEnable
= TpmPermanentFlags
->physicalPresenceCMDEnable
;
127 Issue TSC_PhysicalPresence command to TPM.
129 @param[in] TcgProtocol EFI TCG Protocol instance.
130 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
132 @retval EFI_SUCCESS TPM executed the command successfully.
133 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
134 @retval other Failed to locate EFI TCG Protocol.
138 TpmPhysicalPresence (
139 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
140 IN TPM_PHYSICAL_PRESENCE PhysicalPresence
144 TPM_RQU_COMMAND_HDR
*TpmRqu
;
145 TPM_PHYSICAL_PRESENCE
*TpmPp
;
146 TPM_RSP_COMMAND_HDR TpmRsp
;
147 UINT8 Buffer
[sizeof (*TpmRqu
) + sizeof (*TpmPp
)];
149 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)Buffer
;
150 TpmPp
= (TPM_PHYSICAL_PRESENCE
*)(TpmRqu
+ 1);
152 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
153 TpmRqu
->paramSize
= SwapBytes32 (sizeof (Buffer
));
154 TpmRqu
->ordinal
= SwapBytes32 (TSC_ORD_PhysicalPresence
);
155 WriteUnaligned16 (TpmPp
, (TPM_PHYSICAL_PRESENCE
) SwapBytes16 (PhysicalPresence
));
157 Status
= TcgProtocol
->PassThroughToTpm (
164 if (EFI_ERROR (Status
)) {
168 if (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
)) {
169 return EFI_DEVICE_ERROR
;
172 if (TpmRsp
.returnCode
!= 0) {
174 // If it fails, some requirements may be needed for this command.
176 return EFI_SECURITY_VIOLATION
;
183 Issue a TPM command for which no additional output data will be returned.
185 @param[in] TcgProtocol EFI TCG Protocol instance.
186 @param[in] Ordinal TPM command code.
187 @param[in] AdditionalParameterSize Additional parameter size.
188 @param[in] AdditionalParameters Pointer to the Additional parameters.
190 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
191 receiving response from TPM.
192 @retval Others Return code from the TPM device after command execution.
196 TpmCommandNoReturnData (
197 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
198 IN TPM_COMMAND_CODE Ordinal
,
199 IN UINTN AdditionalParameterSize
,
200 IN VOID
*AdditionalParameters
204 TPM_RQU_COMMAND_HDR
*TpmRqu
;
205 TPM_RSP_COMMAND_HDR TpmRsp
;
208 TpmRqu
= (TPM_RQU_COMMAND_HDR
*) AllocatePool (sizeof (*TpmRqu
) + AdditionalParameterSize
);
209 if (TpmRqu
== NULL
) {
210 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
213 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
214 Size
= (UINT32
)(sizeof (*TpmRqu
) + AdditionalParameterSize
);
215 TpmRqu
->paramSize
= SwapBytes32 (Size
);
216 TpmRqu
->ordinal
= SwapBytes32 (Ordinal
);
217 CopyMem (TpmRqu
+ 1, AdditionalParameters
, AdditionalParameterSize
);
219 Status
= TcgProtocol
->PassThroughToTpm (
223 (UINT32
)sizeof (TpmRsp
),
227 if (EFI_ERROR (Status
) || (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
))) {
228 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
230 return SwapBytes32 (TpmRsp
.returnCode
);
234 Execute physical presence operation requested by the OS.
236 @param[in] TcgProtocol EFI TCG Protocol instance.
237 @param[in] CommandCode Physical presence operation value.
238 @param[in, out] PpiFlags The physical presence interface flags.
240 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
241 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
242 receiving response from TPM.
243 @retval Others Return code from the TPM device after command execution.
247 ExecutePhysicalPresence (
248 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
249 IN UINT32 CommandCode
,
250 IN OUT EFI_PHYSICAL_PRESENCE_FLAGS
*PpiFlags
257 switch (CommandCode
) {
258 case PHYSICAL_PRESENCE_ENABLE
:
259 return TpmCommandNoReturnData (
261 TPM_ORD_PhysicalEnable
,
266 case PHYSICAL_PRESENCE_DISABLE
:
267 return TpmCommandNoReturnData (
269 TPM_ORD_PhysicalDisable
,
274 case PHYSICAL_PRESENCE_ACTIVATE
:
276 return TpmCommandNoReturnData (
278 TPM_ORD_PhysicalSetDeactivated
,
283 case PHYSICAL_PRESENCE_DEACTIVATE
:
285 return TpmCommandNoReturnData (
287 TPM_ORD_PhysicalSetDeactivated
,
292 case PHYSICAL_PRESENCE_CLEAR
:
293 return TpmCommandNoReturnData (
300 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
301 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE
, PpiFlags
);
302 if (TpmResponse
== 0) {
303 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ACTIVATE
, PpiFlags
);
307 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
308 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE
, PpiFlags
);
309 if (TpmResponse
== 0) {
310 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DISABLE
, PpiFlags
);
314 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
316 return TpmCommandNoReturnData (
318 TPM_ORD_SetOwnerInstall
,
323 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
325 return TpmCommandNoReturnData (
327 TPM_ORD_SetOwnerInstall
,
332 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
334 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
335 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
337 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
338 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
339 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
341 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
, PpiFlags
);
342 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
346 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
347 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
, PpiFlags
);
348 if (TpmResponse
== 0) {
349 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
, PpiFlags
);
353 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
354 InData
[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA
); // CapabilityArea
355 InData
[1] = SwapBytes32 (sizeof(UINT32
)); // SubCapSize
356 InData
[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE
); // SubCap
357 InData
[3] = SwapBytes32 (sizeof(UINT32
)); // SetValueSize
358 InData
[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
359 return TpmCommandNoReturnData (
361 TPM_ORD_SetCapability
,
366 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
368 // TPM_SetOperatorAuth
369 // This command requires UI to prompt user for Auth data
370 // Here it is NOT implemented
372 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
374 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
375 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
376 if (TpmResponse
== 0) {
377 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
381 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
382 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
385 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
386 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
389 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
390 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
393 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
394 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
397 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
398 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
401 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
402 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
405 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
407 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
408 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
410 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
411 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
412 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
414 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
415 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
419 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
421 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
422 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
424 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
425 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
426 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
428 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
, PpiFlags
);
429 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
436 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
441 Read the specified key for user confirmation.
443 @param[in] CautionKey If true, F12 is used as confirm key;
444 If false, F10 is used as confirm key.
446 @retval TRUE User confirmed the changes by input.
447 @retval FALSE User discarded the changes or device error.
452 IN BOOLEAN CautionKey
462 Status
= gST
->ConIn
->ReadKeyStroke (gST
->ConIn
, &Key
);
463 if (Status
== EFI_NOT_READY
) {
464 gBS
->WaitForEvent (1, &gST
->ConIn
->WaitForKey
, &Index
);
468 if (Status
== EFI_DEVICE_ERROR
) {
472 if (Key
.ScanCode
== SCAN_ESC
) {
473 InputKey
= Key
.ScanCode
;
475 if ((Key
.ScanCode
== SCAN_F10
) && !CautionKey
) {
476 InputKey
= Key
.ScanCode
;
478 if ((Key
.ScanCode
== SCAN_F12
) && CautionKey
) {
479 InputKey
= Key
.ScanCode
;
481 } while (InputKey
== 0);
483 if (InputKey
!= SCAN_ESC
) {
491 The constructor function register UNI strings into imageHandle.
493 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
495 @param ImageHandle The firmware allocated handle for the EFI image.
496 @param SystemTable A pointer to the EFI System Table.
498 @retval EFI_SUCCESS The constructor successfully added string package.
499 @retval Other value The constructor can't add string package.
504 TcgPhysicalPresenceLibConstructor (
505 IN EFI_HANDLE ImageHandle
,
506 IN EFI_SYSTEM_TABLE
*SystemTable
509 mPpStringPackHandle
= HiiAddPackages (&gEfiPhysicalPresenceGuid
, ImageHandle
, DxeTcgPhysicalPresenceLibStrings
, NULL
);
510 ASSERT (mPpStringPackHandle
!= NULL
);
516 Display the confirm text and get user confirmation.
518 @param[in] TpmPpCommand The requested TPM physical presence command.
520 @retval TRUE The user has confirmed the changes.
521 @retval FALSE The user doesn't confirm the changes.
525 IN UINT32 TpmPpCommand
538 BufSize
= CONFIRM_BUFFER_SIZE
;
539 ConfirmText
= AllocateZeroPool (BufSize
);
540 ASSERT (ConfirmText
!= NULL
);
542 switch (TpmPpCommand
) {
543 case PHYSICAL_PRESENCE_ENABLE
:
544 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE
));
546 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
547 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
550 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
551 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
555 case PHYSICAL_PRESENCE_DISABLE
:
556 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE
));
558 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
559 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
562 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
563 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
566 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
567 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
571 case PHYSICAL_PRESENCE_ACTIVATE
:
572 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE
));
574 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
575 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
578 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
579 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
583 case PHYSICAL_PRESENCE_DEACTIVATE
:
584 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE
));
586 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
587 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
590 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
591 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
594 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
595 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
599 case PHYSICAL_PRESENCE_CLEAR
:
601 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
603 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
604 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
607 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
608 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
609 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
612 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
613 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
617 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
618 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE
));
620 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
621 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
624 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
625 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
628 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
629 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
633 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
634 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE
));
636 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
637 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
640 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
641 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
644 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
645 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
648 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
649 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
653 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
654 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP
));
656 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
657 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
660 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
661 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
665 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
666 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP
));
668 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
669 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
672 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
673 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
677 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
678 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON
));
680 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
681 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
684 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
685 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
688 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
689 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
693 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
694 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF
));
696 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
697 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
700 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
701 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
704 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
705 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
708 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
709 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
713 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
715 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE
));
717 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR
));
718 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
721 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
722 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
725 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
726 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
730 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
732 // TPM_SetOperatorAuth
733 // This command requires UI to prompt user for Auth data
734 // Here it is NOT implemented
738 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
740 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON
));
742 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
743 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
746 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
747 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
750 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
751 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
754 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
755 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
758 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
759 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
763 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
764 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION
));
766 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
767 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
770 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
771 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
774 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
775 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
779 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
781 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
783 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
784 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
787 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR
));
788 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
791 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
792 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
793 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
796 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
797 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
800 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
801 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
805 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
807 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN
));
809 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
810 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
813 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
814 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
817 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
818 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
821 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
822 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
826 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
828 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR
));
830 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
831 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
834 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
835 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
836 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
839 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
840 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
844 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
846 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
));
848 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
849 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
852 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
853 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
856 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
857 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
860 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
861 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
864 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
865 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
873 if (TmpStr2
== NULL
) {
874 FreePool (ConfirmText
);
878 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY
));
879 BufSize
-= StrSize (ConfirmText
);
880 UnicodeSPrint (ConfirmText
+ StrLen (ConfirmText
), BufSize
, TmpStr1
, TmpStr2
);
883 for (Index
= 0; Index
< StrLen (ConfirmText
); Index
+= 80) {
884 StrnCpyS(DstStr
, sizeof (DstStr
) / sizeof (CHAR16
), ConfirmText
+ Index
, sizeof (DstStr
) / sizeof (CHAR16
) - 1);
890 FreePool (ConfirmText
);
892 if (ReadUserKey (CautionKey
)) {
900 Check if there is a valid physical presence command request. Also updates parameter value
901 to whether the requested physical presence command already confirmed by user
903 @param[in] TcgPpData EFI TCG Physical Presence request data.
904 @param[in] Flags The physical presence interface flags.
905 @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
906 True, it indicates the command doesn't require user confirm, or already confirmed
907 in last boot cycle by user.
908 False, it indicates the command need user confirm from UI.
910 @retval TRUE Physical Presence operation command is valid.
911 @retval FALSE Physical Presence operation command is invalid.
915 HaveValidTpmRequest (
916 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
917 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
,
918 OUT BOOLEAN
*RequestConfirmed
921 BOOLEAN IsRequestValid
;
923 *RequestConfirmed
= FALSE
;
925 switch (TcgPpData
->PPRequest
) {
926 case PHYSICAL_PRESENCE_NO_ACTION
:
927 *RequestConfirmed
= TRUE
;
929 case PHYSICAL_PRESENCE_ENABLE
:
930 case PHYSICAL_PRESENCE_DISABLE
:
931 case PHYSICAL_PRESENCE_ACTIVATE
:
932 case PHYSICAL_PRESENCE_DEACTIVATE
:
933 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
934 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
935 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
936 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
937 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
938 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
939 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
940 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
941 *RequestConfirmed
= TRUE
;
945 case PHYSICAL_PRESENCE_CLEAR
:
946 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
947 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0) {
948 *RequestConfirmed
= TRUE
;
952 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
953 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
) != 0) {
954 *RequestConfirmed
= TRUE
;
958 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
959 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
960 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0 && (Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
961 *RequestConfirmed
= TRUE
;
965 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
966 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
967 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
968 *RequestConfirmed
= TRUE
;
971 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
972 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
973 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
977 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
978 IsRequestValid
= TcgPpVendorLibHasValidRequest (TcgPpData
->PPRequest
, Flags
.PPFlags
, RequestConfirmed
);
979 if (!IsRequestValid
) {
986 // Wrong Physical Presence command
992 if ((Flags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) != 0) {
994 // It had been confirmed in last boot, it doesn't need confirm again.
996 *RequestConfirmed
= TRUE
;
1000 // Physical Presence command is correct
1007 Check and execute the requested physical presence command.
1009 Caution: This function may receive untrusted input.
1010 TcgPpData variable is external input, so this function will validate
1011 its data structure to be valid value.
1013 @param[in] TcgProtocol EFI TCG Protocol instance.
1014 @param[in] TcgPpData Point to the physical presence NV variable.
1015 @param[in] Flags The physical presence interface flags.
1019 ExecutePendingTpmRequest (
1020 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
1021 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
1022 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
1027 BOOLEAN RequestConfirmed
;
1028 EFI_PHYSICAL_PRESENCE_FLAGS NewFlags
;
1029 BOOLEAN ResetRequired
;
1032 if (!HaveValidTpmRequest(TcgPpData
, Flags
, &RequestConfirmed
)) {
1034 // Invalid operation request.
1036 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
1037 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1038 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1039 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1040 Status
= gRT
->SetVariable (
1041 PHYSICAL_PRESENCE_VARIABLE
,
1042 &gEfiPhysicalPresenceGuid
,
1043 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1050 ResetRequired
= FALSE
;
1051 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1053 NewPPFlags
= NewFlags
.PPFlags
;
1054 TcgPpData
->PPResponse
= TcgPpVendorLibExecutePendingRequest (TcgPpData
->PPRequest
, &NewPPFlags
, &ResetRequired
);
1055 NewFlags
.PPFlags
= (UINT8
)NewPPFlags
;
1057 if (!RequestConfirmed
) {
1059 // Print confirm text and wait for approval.
1061 RequestConfirmed
= UserConfirm (TcgPpData
->PPRequest
);
1065 // Execute requested physical presence command
1067 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_USER_ABORT
;
1069 if (RequestConfirmed
) {
1070 TcgPpData
->PPResponse
= ExecutePhysicalPresence (TcgProtocol
, TcgPpData
->PPRequest
, &NewFlags
);
1075 // Save the flags if it is updated.
1077 if (CompareMem (&Flags
, &NewFlags
, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS
)) != 0) {
1078 Status
= gRT
->SetVariable (
1079 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1080 &gEfiPhysicalPresenceGuid
,
1081 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1082 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1085 if (EFI_ERROR (Status
)) {
1093 if ((NewFlags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
1094 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1095 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1101 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1102 Status
= gRT
->SetVariable (
1103 PHYSICAL_PRESENCE_VARIABLE
,
1104 &gEfiPhysicalPresenceGuid
,
1105 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1109 if (EFI_ERROR (Status
)) {
1113 if (TcgPpData
->PPResponse
== TCG_PP_OPERATION_RESPONSE_USER_ABORT
) {
1118 // Reset system to make new TPM settings in effect
1120 switch (TcgPpData
->LastPPRequest
) {
1121 case PHYSICAL_PRESENCE_ACTIVATE
:
1122 case PHYSICAL_PRESENCE_DEACTIVATE
:
1123 case PHYSICAL_PRESENCE_CLEAR
:
1124 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
1125 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
1126 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
1127 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
1128 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
1129 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
1130 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
1131 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
1134 if (TcgPpData
->LastPPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1135 if (ResetRequired
) {
1141 if (TcgPpData
->PPRequest
!= PHYSICAL_PRESENCE_NO_ACTION
) {
1147 Print (L
"Rebooting system to make TPM settings in effect\n");
1148 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
1153 Check and execute the pending TPM request and Lock TPM.
1155 The TPM request may come from OS or BIOS. This API will display request information and wait
1156 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
1157 the TPM request is confirmed, and one or more reset may be required to make TPM request to
1158 take effect. At last, it will lock TPM to prevent TPM state change by malware.
1160 This API should be invoked after console in and console out are all ready as they are required
1161 to display request information and get user input to confirm the request. This API should also
1162 be invoked as early as possible as TPM is locked in this function.
1167 TcgPhysicalPresenceLibProcessRequest (
1172 BOOLEAN LifetimeLock
;
1175 EFI_PHYSICAL_PRESENCE TcgPpData
;
1176 EFI_TCG_PROTOCOL
*TcgProtocol
;
1177 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLockProtocol
;
1178 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1180 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1181 if (EFI_ERROR (Status
)) {
1186 // Initialize physical presence flags.
1188 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1189 Status
= gRT
->GetVariable (
1190 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1191 &gEfiPhysicalPresenceGuid
,
1196 if (EFI_ERROR (Status
)) {
1197 PpiFlags
.PPFlags
= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
1198 Status
= gRT
->SetVariable (
1199 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1200 &gEfiPhysicalPresenceGuid
,
1201 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1202 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1205 if (EFI_ERROR (Status
)) {
1206 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence flag failed, Status = %r\n", Status
));
1210 DEBUG ((EFI_D_INFO
, "[TPM] PpiFlags = %x\n", PpiFlags
.PPFlags
));
1213 // This flags variable controls whether physical presence is required for TPM command.
1214 // It should be protected from malicious software. We set it as read-only variable here.
1216 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**)&VariableLockProtocol
);
1217 if (!EFI_ERROR (Status
)) {
1218 Status
= VariableLockProtocol
->RequestToLock (
1219 VariableLockProtocol
,
1220 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1221 &gEfiPhysicalPresenceGuid
1223 if (EFI_ERROR (Status
)) {
1224 DEBUG ((EFI_D_ERROR
, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE
, Status
));
1225 ASSERT_EFI_ERROR (Status
);
1230 // Initialize physical presence variable.
1232 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1233 Status
= gRT
->GetVariable (
1234 PHYSICAL_PRESENCE_VARIABLE
,
1235 &gEfiPhysicalPresenceGuid
,
1240 if (EFI_ERROR (Status
)) {
1241 ZeroMem ((VOID
*)&TcgPpData
, sizeof (TcgPpData
));
1242 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1243 Status
= gRT
->SetVariable (
1244 PHYSICAL_PRESENCE_VARIABLE
,
1245 &gEfiPhysicalPresenceGuid
,
1246 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1250 if (EFI_ERROR (Status
)) {
1251 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence variable failed, Status = %r\n", Status
));
1256 DEBUG ((EFI_D_INFO
, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags
.PPFlags
, TcgPpData
.PPRequest
));
1258 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1260 // No operation request
1265 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1266 if (EFI_ERROR (Status
)) {
1273 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1277 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
1278 if (EFI_ERROR (Status
)) {
1284 // Set operator physical presence flags
1286 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_PRESENT
);
1287 if (EFI_ERROR (Status
)) {
1292 // Execute pending TPM request.
1294 ExecutePendingTpmRequest (TcgProtocol
, &TcgPpData
, PpiFlags
);
1295 DEBUG ((EFI_D_INFO
, "[TPM] PPResponse = %x\n", TcgPpData
.PPResponse
));
1298 // Lock physical presence.
1300 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_NOTPRESENT
| TPM_PHYSICAL_PRESENCE_LOCK
);
1304 Check if the pending TPM request needs user input to confirm.
1306 The TPM request may come from OS. This API will check if TPM request exists and need user
1307 input to confirmation.
1309 @retval TRUE TPM needs input to confirm user physical presence.
1310 @retval FALSE TPM doesn't need input to confirm user physical presence.
1315 TcgPhysicalPresenceLibNeedUserConfirm(
1320 EFI_PHYSICAL_PRESENCE TcgPpData
;
1322 BOOLEAN RequestConfirmed
;
1323 BOOLEAN LifetimeLock
;
1325 EFI_TCG_PROTOCOL
*TcgProtocol
;
1326 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1328 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1329 if (EFI_ERROR (Status
)) {
1334 // Check Tpm requests
1336 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1337 Status
= gRT
->GetVariable (
1338 PHYSICAL_PRESENCE_VARIABLE
,
1339 &gEfiPhysicalPresenceGuid
,
1344 if (EFI_ERROR (Status
)) {
1348 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1349 Status
= gRT
->GetVariable (
1350 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1351 &gEfiPhysicalPresenceGuid
,
1356 if (EFI_ERROR (Status
)) {
1360 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1362 // No operation request
1367 if (!HaveValidTpmRequest(&TcgPpData
, PpiFlags
, &RequestConfirmed
)) {
1369 // Invalid operation request.
1375 // Check Tpm Capability
1377 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1378 if (EFI_ERROR (Status
)) {
1385 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1391 if (!RequestConfirmed
) {
1393 // Need UI to confirm