3 Execute pending TPM requests from OS or BIOS and Lock TPM.
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable.
7 This external input must be validated carefully to avoid security issue.
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.
11 Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
12 This program and the accompanying materials
13 are licensed and made available under the terms and conditions of the BSD License
14 which accompanies this distribution. The full text of the license may be found at
15 http://opensource.org/licenses/bsd-license.php
17 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
18 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
24 #include <Protocol/TcgService.h>
25 #include <Protocol/VariableLock.h>
26 #include <Library/DebugLib.h>
27 #include <Library/BaseMemoryLib.h>
28 #include <Library/UefiRuntimeServicesTableLib.h>
29 #include <Library/UefiDriverEntryPoint.h>
30 #include <Library/UefiBootServicesTableLib.h>
31 #include <Library/UefiLib.h>
32 #include <Library/MemoryAllocationLib.h>
33 #include <Library/PrintLib.h>
34 #include <Library/HiiLib.h>
35 #include <Guid/EventGroup.h>
36 #include <Guid/PhysicalPresenceData.h>
37 #include <Library/TcgPpVendorLib.h>
38 #include <Library/TcgPhysicalPresenceStorageLib.h>
40 #define CONFIRM_BUFFER_SIZE 4096
42 EFI_HII_HANDLE mPpStringPackHandle
;
45 Get string by string id from HII Interface.
47 @param[in] Id String ID.
49 @retval CHAR16 * String from ID.
50 @retval NULL If error occurs.
54 PhysicalPresenceGetStringById (
58 return HiiGetString (mPpStringPackHandle
, Id
, NULL
);
62 Get TPM physical presence permanent flags.
64 @param[in] TcgProtocol EFI TCG Protocol instance.
65 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
66 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
68 @retval EFI_SUCCESS Flags were returns successfully.
69 @retval other Failed to locate EFI TCG Protocol.
74 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
75 OUT BOOLEAN
*LifetimeLock
,
76 OUT BOOLEAN
*CmdEnable
80 TPM_RQU_COMMAND_HDR
*TpmRqu
;
81 TPM_RSP_COMMAND_HDR
*TpmRsp
;
83 UINT8 SendBuffer
[sizeof (*TpmRqu
) + sizeof (UINT32
) * 3];
84 TPM_PERMANENT_FLAGS
*TpmPermanentFlags
;
88 // Fill request header
90 TpmRsp
= (TPM_RSP_COMMAND_HDR
*)RecvBuffer
;
91 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)SendBuffer
;
93 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
94 TpmRqu
->paramSize
= SwapBytes32 (sizeof (SendBuffer
));
95 TpmRqu
->ordinal
= SwapBytes32 (TPM_ORD_GetCapability
);
98 // Set request parameter
100 SendBufPtr
= (UINT32
*)(TpmRqu
+ 1);
101 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (TPM_CAP_FLAG
));
102 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT
)));
103 WriteUnaligned32 (SendBufPtr
, SwapBytes32 (TPM_CAP_FLAG_PERMANENT
));
105 Status
= TcgProtocol
->PassThroughToTpm (
112 ASSERT_EFI_ERROR (Status
);
113 ASSERT (TpmRsp
->tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
114 ASSERT (TpmRsp
->returnCode
== 0);
116 TpmPermanentFlags
= (TPM_PERMANENT_FLAGS
*)&RecvBuffer
[sizeof (TPM_RSP_COMMAND_HDR
) + sizeof (UINT32
)];
118 if (LifetimeLock
!= NULL
) {
119 *LifetimeLock
= TpmPermanentFlags
->physicalPresenceLifetimeLock
;
122 if (CmdEnable
!= NULL
) {
123 *CmdEnable
= TpmPermanentFlags
->physicalPresenceCMDEnable
;
130 Issue TSC_PhysicalPresence command to TPM.
132 @param[in] TcgProtocol EFI TCG Protocol instance.
133 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
135 @retval EFI_SUCCESS TPM executed the command successfully.
136 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
137 @retval other Failed to locate EFI TCG Protocol.
141 TpmPhysicalPresence (
142 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
143 IN TPM_PHYSICAL_PRESENCE PhysicalPresence
147 TPM_RQU_COMMAND_HDR
*TpmRqu
;
148 TPM_PHYSICAL_PRESENCE
*TpmPp
;
149 TPM_RSP_COMMAND_HDR TpmRsp
;
150 UINT8 Buffer
[sizeof (*TpmRqu
) + sizeof (*TpmPp
)];
152 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)Buffer
;
153 TpmPp
= (TPM_PHYSICAL_PRESENCE
*)(TpmRqu
+ 1);
155 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
156 TpmRqu
->paramSize
= SwapBytes32 (sizeof (Buffer
));
157 TpmRqu
->ordinal
= SwapBytes32 (TSC_ORD_PhysicalPresence
);
158 WriteUnaligned16 (TpmPp
, (TPM_PHYSICAL_PRESENCE
) SwapBytes16 (PhysicalPresence
));
160 Status
= TcgProtocol
->PassThroughToTpm (
167 ASSERT_EFI_ERROR (Status
);
168 ASSERT (TpmRsp
.tag
== SwapBytes16 (TPM_TAG_RSP_COMMAND
));
169 if (TpmRsp
.returnCode
!= 0) {
171 // If it fails, some requirements may be needed for this command.
173 return EFI_SECURITY_VIOLATION
;
180 Issue a TPM command for which no additional output data will be returned.
182 @param[in] TcgProtocol EFI TCG Protocol instance.
183 @param[in] Ordinal TPM command code.
184 @param[in] AdditionalParameterSize Additional parameter size.
185 @param[in] AdditionalParameters Pointer to the Additional paramaters.
187 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
188 receiving response from TPM.
189 @retval Others Return code from the TPM device after command execution.
193 TpmCommandNoReturnData (
194 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
195 IN TPM_COMMAND_CODE Ordinal
,
196 IN UINTN AdditionalParameterSize
,
197 IN VOID
*AdditionalParameters
201 TPM_RQU_COMMAND_HDR
*TpmRqu
;
202 TPM_RSP_COMMAND_HDR TpmRsp
;
205 TpmRqu
= (TPM_RQU_COMMAND_HDR
*) AllocatePool (sizeof (*TpmRqu
) + AdditionalParameterSize
);
206 if (TpmRqu
== NULL
) {
207 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
210 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
211 Size
= (UINT32
)(sizeof (*TpmRqu
) + AdditionalParameterSize
);
212 TpmRqu
->paramSize
= SwapBytes32 (Size
);
213 TpmRqu
->ordinal
= SwapBytes32 (Ordinal
);
214 CopyMem (TpmRqu
+ 1, AdditionalParameters
, AdditionalParameterSize
);
216 Status
= TcgProtocol
->PassThroughToTpm (
220 (UINT32
)sizeof (TpmRsp
),
224 if (EFI_ERROR (Status
) || (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
))) {
225 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
227 return SwapBytes32 (TpmRsp
.returnCode
);
231 Execute physical presence operation requested by the OS.
233 @param[in] TcgProtocol EFI TCG Protocol instance.
234 @param[in] CommandCode Physical presence operation value.
235 @param[in, out] PpiFlags The physical presence interface flags.
237 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
238 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
239 receiving response from TPM.
240 @retval Others Return code from the TPM device after command execution.
244 ExecutePhysicalPresence (
245 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
246 IN UINT32 CommandCode
,
247 IN OUT EFI_PHYSICAL_PRESENCE_FLAGS
*PpiFlags
254 switch (CommandCode
) {
255 case PHYSICAL_PRESENCE_ENABLE
:
256 return TpmCommandNoReturnData (
258 TPM_ORD_PhysicalEnable
,
263 case PHYSICAL_PRESENCE_DISABLE
:
264 return TpmCommandNoReturnData (
266 TPM_ORD_PhysicalDisable
,
271 case PHYSICAL_PRESENCE_ACTIVATE
:
273 return TpmCommandNoReturnData (
275 TPM_ORD_PhysicalSetDeactivated
,
280 case PHYSICAL_PRESENCE_DEACTIVATE
:
282 return TpmCommandNoReturnData (
284 TPM_ORD_PhysicalSetDeactivated
,
289 case PHYSICAL_PRESENCE_CLEAR
:
290 return TpmCommandNoReturnData (
297 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
298 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE
, PpiFlags
);
299 if (TpmResponse
== 0) {
300 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ACTIVATE
, PpiFlags
);
304 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
305 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE
, PpiFlags
);
306 if (TpmResponse
== 0) {
307 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DISABLE
, PpiFlags
);
311 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
313 return TpmCommandNoReturnData (
315 TPM_ORD_SetOwnerInstall
,
320 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
322 return TpmCommandNoReturnData (
324 TPM_ORD_SetOwnerInstall
,
329 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
331 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
332 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
334 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
335 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
336 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
338 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
, PpiFlags
);
339 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
343 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
344 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
, PpiFlags
);
345 if (TpmResponse
== 0) {
346 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
, PpiFlags
);
350 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
351 InData
[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA
); // CapabilityArea
352 InData
[1] = SwapBytes32 (sizeof(UINT32
)); // SubCapSize
353 InData
[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE
); // SubCap
354 InData
[3] = SwapBytes32 (sizeof(UINT32
)); // SetValueSize
355 InData
[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
356 return TpmCommandNoReturnData (
358 TPM_ORD_SetCapability
,
363 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
365 // TPM_SetOperatorAuth
366 // This command requires UI to prompt user for Auth data
367 // Here it is NOT implemented
369 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
371 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
372 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
373 if (TpmResponse
== 0) {
374 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
378 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
379 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
382 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
383 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
386 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
387 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
390 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
391 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
394 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
395 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
398 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
399 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
402 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
404 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
405 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
407 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
408 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
409 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
411 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
412 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
416 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
418 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
419 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
421 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
422 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
423 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
425 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
, PpiFlags
);
426 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
433 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
438 Read the specified key for user confirmation.
440 @param[in] CautionKey If true, F12 is used as confirm key;
441 If false, F10 is used as confirm key.
443 @retval TRUE User confirmed the changes by input.
444 @retval FALSE User discarded the changes or device error.
449 IN BOOLEAN CautionKey
459 Status
= gST
->ConIn
->ReadKeyStroke (gST
->ConIn
, &Key
);
460 if (Status
== EFI_NOT_READY
) {
461 gBS
->WaitForEvent (1, &gST
->ConIn
->WaitForKey
, &Index
);
465 if (Status
== EFI_DEVICE_ERROR
) {
469 if (Key
.ScanCode
== SCAN_ESC
) {
470 InputKey
= Key
.ScanCode
;
472 if ((Key
.ScanCode
== SCAN_F10
) && !CautionKey
) {
473 InputKey
= Key
.ScanCode
;
475 if ((Key
.ScanCode
== SCAN_F12
) && CautionKey
) {
476 InputKey
= Key
.ScanCode
;
478 } while (InputKey
== 0);
480 if (InputKey
!= SCAN_ESC
) {
488 The constructor function register UNI strings into imageHandle.
490 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
492 @param ImageHandle The firmware allocated handle for the EFI image.
493 @param SystemTable A pointer to the EFI System Table.
495 @retval EFI_SUCCESS The constructor successfully added string package.
496 @retval Other value The constructor can't add string package.
501 TcgPhysicalPresenceLibConstructor (
502 IN EFI_HANDLE ImageHandle
,
503 IN EFI_SYSTEM_TABLE
*SystemTable
506 mPpStringPackHandle
= HiiAddPackages (&gEfiPhysicalPresenceGuid
, ImageHandle
, DxeTcgPhysicalPresenceLibStrings
, NULL
);
507 ASSERT (mPpStringPackHandle
!= NULL
);
513 Display the confirm text and get user confirmation.
515 @param[in] TpmPpCommand The requested TPM physical presence command.
517 @retval TRUE The user has confirmed the changes.
518 @retval FALSE The user doesn't confirm the changes.
522 IN UINT32 TpmPpCommand
535 BufSize
= CONFIRM_BUFFER_SIZE
;
536 ConfirmText
= AllocateZeroPool (BufSize
);
537 ASSERT (ConfirmText
!= NULL
);
539 switch (TpmPpCommand
) {
540 case PHYSICAL_PRESENCE_ENABLE
:
541 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE
));
543 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
544 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
547 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
548 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
552 case PHYSICAL_PRESENCE_DISABLE
:
553 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE
));
555 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
556 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
559 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
560 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
563 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
564 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
568 case PHYSICAL_PRESENCE_ACTIVATE
:
569 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE
));
571 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
572 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
575 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
576 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
580 case PHYSICAL_PRESENCE_DEACTIVATE
:
581 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE
));
583 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
584 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
587 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
588 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
591 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
592 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
596 case PHYSICAL_PRESENCE_CLEAR
:
598 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
600 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
601 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
604 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
605 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
606 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
609 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
610 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
614 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
615 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE
));
617 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
618 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
621 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
622 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
625 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
626 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
630 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
631 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE
));
633 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
634 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
637 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
638 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
641 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
642 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
645 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
646 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
650 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
651 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP
));
653 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
654 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
657 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
658 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
662 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
663 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP
));
665 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
666 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
669 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
670 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
674 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
675 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON
));
677 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
678 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
681 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
682 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
685 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
686 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
690 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
691 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF
));
693 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
694 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
697 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
698 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
701 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
702 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
705 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
706 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
710 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
712 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE
));
714 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR
));
715 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
718 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
719 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
722 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
723 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
727 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
729 // TPM_SetOperatorAuth
730 // This command requires UI to prompt user for Auth data
731 // Here it is NOT implemented
735 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
737 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON
));
739 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
740 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
743 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
744 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
747 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
748 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
751 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
752 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
755 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
756 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
760 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
761 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION
));
763 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
764 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
767 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
768 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
771 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
772 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
776 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
778 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
780 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
781 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
784 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR
));
785 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
788 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
789 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
790 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
793 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
794 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
797 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
798 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
802 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
804 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN
));
806 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
807 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
810 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
811 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
814 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
815 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
818 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
819 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
823 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
825 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR
));
827 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
828 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
831 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
832 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
833 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
836 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
837 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
841 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
843 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
));
845 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
846 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
849 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
850 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
853 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
854 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
857 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
858 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
861 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
862 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
870 if (TmpStr2
== NULL
) {
871 FreePool (ConfirmText
);
875 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY
));
876 BufSize
-= StrSize (ConfirmText
);
877 UnicodeSPrint (ConfirmText
+ StrLen (ConfirmText
), BufSize
, TmpStr1
, TmpStr2
);
880 for (Index
= 0; Index
< StrLen (ConfirmText
); Index
+= 80) {
881 StrnCpyS(DstStr
, sizeof (DstStr
) / sizeof (CHAR16
), ConfirmText
+ Index
, sizeof (DstStr
) / sizeof (CHAR16
) - 1);
887 FreePool (ConfirmText
);
889 if (ReadUserKey (CautionKey
)) {
897 Check if there is a valid physical presence command request. Also updates parameter value
898 to whether the requested physical presence command already confirmed by user
900 @param[in] TcgPpData EFI TCG Physical Presence request data.
901 @param[in] Flags The physical presence interface flags.
902 @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
903 True, it indicates the command doesn't require user confirm, or already confirmed
904 in last boot cycle by user.
905 False, it indicates the command need user confirm from UI.
907 @retval TRUE Physical Presence operation command is valid.
908 @retval FALSE Physical Presence operation command is invalid.
912 HaveValidTpmRequest (
913 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
914 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
,
915 OUT BOOLEAN
*RequestConfirmed
918 BOOLEAN IsRequestValid
;
920 *RequestConfirmed
= FALSE
;
922 switch (TcgPpData
->PPRequest
) {
923 case PHYSICAL_PRESENCE_NO_ACTION
:
924 *RequestConfirmed
= TRUE
;
926 case PHYSICAL_PRESENCE_ENABLE
:
927 case PHYSICAL_PRESENCE_DISABLE
:
928 case PHYSICAL_PRESENCE_ACTIVATE
:
929 case PHYSICAL_PRESENCE_DEACTIVATE
:
930 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
931 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
932 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
933 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
934 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
935 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
936 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
937 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
938 *RequestConfirmed
= TRUE
;
942 case PHYSICAL_PRESENCE_CLEAR
:
943 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
944 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0) {
945 *RequestConfirmed
= TRUE
;
949 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
950 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
) != 0) {
951 *RequestConfirmed
= TRUE
;
955 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
956 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
957 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0 && (Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
958 *RequestConfirmed
= TRUE
;
962 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
963 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
964 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
965 *RequestConfirmed
= TRUE
;
968 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
969 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
970 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
974 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
975 IsRequestValid
= TcgPpVendorLibHasValidRequest (TcgPpData
->PPRequest
, Flags
.PPFlags
, RequestConfirmed
);
976 if (!IsRequestValid
) {
983 // Wrong Physical Presence command
989 if ((Flags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) != 0) {
991 // It had been confirmed in last boot, it doesn't need confirm again.
993 *RequestConfirmed
= TRUE
;
997 // Physical Presence command is correct
1004 Check and execute the requested physical presence command.
1006 Caution: This function may receive untrusted input.
1007 TcgPpData variable is external input, so this function will validate
1008 its data structure to be valid value.
1010 @param[in] TcgProtocol EFI TCG Protocol instance.
1011 @param[in] TcgPpData Point to the physical presence NV variable.
1012 @param[in] Flags The physical presence interface flags.
1016 ExecutePendingTpmRequest (
1017 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
1018 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
1019 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
1024 BOOLEAN RequestConfirmed
;
1025 EFI_PHYSICAL_PRESENCE_FLAGS NewFlags
;
1026 BOOLEAN ResetRequired
;
1029 if (!HaveValidTpmRequest(TcgPpData
, Flags
, &RequestConfirmed
)) {
1031 // Invalid operation request.
1033 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
1034 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1035 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1036 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1037 Status
= gRT
->SetVariable (
1038 PHYSICAL_PRESENCE_VARIABLE
,
1039 &gEfiPhysicalPresenceGuid
,
1040 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1047 ResetRequired
= FALSE
;
1048 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1050 NewPPFlags
= NewFlags
.PPFlags
;
1051 TcgPpData
->PPResponse
= TcgPpVendorLibExecutePendingRequest (TcgPpData
->PPRequest
, &NewPPFlags
, &ResetRequired
);
1052 NewFlags
.PPFlags
= (UINT8
)NewPPFlags
;
1054 if (!RequestConfirmed
) {
1056 // Print confirm text and wait for approval.
1058 RequestConfirmed
= UserConfirm (TcgPpData
->PPRequest
);
1062 // Execute requested physical presence command
1064 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_USER_ABORT
;
1066 if (RequestConfirmed
) {
1067 TcgPpData
->PPResponse
= ExecutePhysicalPresence (TcgProtocol
, TcgPpData
->PPRequest
, &NewFlags
);
1072 // Save the flags if it is updated.
1074 if (CompareMem (&Flags
, &NewFlags
, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS
)) != 0) {
1075 Status
= gRT
->SetVariable (
1076 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1077 &gEfiPhysicalPresenceGuid
,
1078 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1079 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1082 if (EFI_ERROR (Status
)) {
1090 if ((NewFlags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
1091 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1092 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1098 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1099 Status
= gRT
->SetVariable (
1100 PHYSICAL_PRESENCE_VARIABLE
,
1101 &gEfiPhysicalPresenceGuid
,
1102 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1106 if (EFI_ERROR (Status
)) {
1110 if (TcgPpData
->PPResponse
== TCG_PP_OPERATION_RESPONSE_USER_ABORT
) {
1115 // Reset system to make new TPM settings in effect
1117 switch (TcgPpData
->LastPPRequest
) {
1118 case PHYSICAL_PRESENCE_ACTIVATE
:
1119 case PHYSICAL_PRESENCE_DEACTIVATE
:
1120 case PHYSICAL_PRESENCE_CLEAR
:
1121 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
1122 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
1123 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
1124 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
1125 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
1126 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
1127 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
1128 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
1131 if (TcgPpData
->LastPPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1132 if (ResetRequired
) {
1138 if (TcgPpData
->PPRequest
!= PHYSICAL_PRESENCE_NO_ACTION
) {
1144 Print (L
"Rebooting system to make TPM settings in effect\n");
1145 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
1150 Check and execute the pending TPM request and Lock TPM.
1152 The TPM request may come from OS or BIOS. This API will display request information and wait
1153 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
1154 the TPM request is confirmed, and one or more reset may be required to make TPM request to
1155 take effect. At last, it will lock TPM to prevent TPM state change by malware.
1157 This API should be invoked after console in and console out are all ready as they are required
1158 to display request information and get user input to confirm the request. This API should also
1159 be invoked as early as possible as TPM is locked in this function.
1164 TcgPhysicalPresenceLibProcessRequest (
1169 BOOLEAN LifetimeLock
;
1172 EFI_PHYSICAL_PRESENCE TcgPpData
;
1173 EFI_TCG_PROTOCOL
*TcgProtocol
;
1174 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLockProtocol
;
1175 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1178 // Process the storage related action first.
1180 TcgPhysicalPresenceStorageLibProcessRequest();
1182 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1183 if (EFI_ERROR (Status
)) {
1188 // Initialize physical presence flags.
1190 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1191 Status
= gRT
->GetVariable (
1192 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1193 &gEfiPhysicalPresenceGuid
,
1198 if (EFI_ERROR (Status
)) {
1199 PpiFlags
.PPFlags
= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
1200 Status
= gRT
->SetVariable (
1201 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1202 &gEfiPhysicalPresenceGuid
,
1203 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1204 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1207 if (EFI_ERROR (Status
)) {
1208 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence flag failed, Status = %r\n", Status
));
1212 DEBUG ((EFI_D_INFO
, "[TPM] PpiFlags = %x\n", PpiFlags
.PPFlags
));
1215 // This flags variable controls whether physical presence is required for TPM command.
1216 // It should be protected from malicious software. We set it as read-only variable here.
1218 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**)&VariableLockProtocol
);
1219 if (!EFI_ERROR (Status
)) {
1220 Status
= VariableLockProtocol
->RequestToLock (
1221 VariableLockProtocol
,
1222 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1223 &gEfiPhysicalPresenceGuid
1225 if (EFI_ERROR (Status
)) {
1226 DEBUG ((EFI_D_ERROR
, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE
, Status
));
1227 ASSERT_EFI_ERROR (Status
);
1232 // Initialize physical presence variable.
1234 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1235 Status
= gRT
->GetVariable (
1236 PHYSICAL_PRESENCE_VARIABLE
,
1237 &gEfiPhysicalPresenceGuid
,
1242 if (EFI_ERROR (Status
)) {
1243 ZeroMem ((VOID
*)&TcgPpData
, sizeof (TcgPpData
));
1244 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1245 Status
= gRT
->SetVariable (
1246 PHYSICAL_PRESENCE_VARIABLE
,
1247 &gEfiPhysicalPresenceGuid
,
1248 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1252 if (EFI_ERROR (Status
)) {
1253 DEBUG ((EFI_D_ERROR
, "[TPM] Set physical presence variable failed, Status = %r\n", Status
));
1258 DEBUG ((EFI_D_INFO
, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags
.PPFlags
, TcgPpData
.PPRequest
));
1260 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1262 // No operation request
1267 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1268 if (EFI_ERROR (Status
)) {
1275 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1279 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
1280 if (EFI_ERROR (Status
)) {
1286 // Set operator physical presence flags
1288 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_PRESENT
);
1291 // Execute pending TPM request.
1293 ExecutePendingTpmRequest (TcgProtocol
, &TcgPpData
, PpiFlags
);
1294 DEBUG ((EFI_D_INFO
, "[TPM] PPResponse = %x\n", TcgPpData
.PPResponse
));
1297 // Lock physical presence.
1299 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_NOTPRESENT
| TPM_PHYSICAL_PRESENCE_LOCK
);
1303 Check if the pending TPM request needs user input to confirm.
1305 The TPM request may come from OS. This API will check if TPM request exists and need user
1306 input to confirmation.
1308 @retval TRUE TPM needs input to confirm user physical presence.
1309 @retval FALSE TPM doesn't need input to confirm user physical presence.
1314 TcgPhysicalPresenceLibNeedUserConfirm(
1319 EFI_PHYSICAL_PRESENCE TcgPpData
;
1321 BOOLEAN RequestConfirmed
;
1322 BOOLEAN LifetimeLock
;
1324 EFI_TCG_PROTOCOL
*TcgProtocol
;
1325 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1328 // Process the storage related action first.
1329 // If confirm need user confirm, just return TRUE.
1330 // else continue check other actions.
1332 if (TcgPhysicalPresenceStorageLibNeedUserConfirm()) {
1336 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1337 if (EFI_ERROR (Status
)) {
1342 // Check Tpm requests
1344 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1345 Status
= gRT
->GetVariable (
1346 PHYSICAL_PRESENCE_VARIABLE
,
1347 &gEfiPhysicalPresenceGuid
,
1352 if (EFI_ERROR (Status
)) {
1356 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1357 Status
= gRT
->GetVariable (
1358 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1359 &gEfiPhysicalPresenceGuid
,
1364 if (EFI_ERROR (Status
)) {
1368 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1370 // No operation request
1375 if (!HaveValidTpmRequest(&TcgPpData
, PpiFlags
, &RequestConfirmed
)) {
1377 // Invalid operation request.
1383 // Check Tpm Capability
1385 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1386 if (EFI_ERROR (Status
)) {
1393 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1399 if (!RequestConfirmed
) {
1401 // Need UI to confirm