3 Execute pending TPM requests from OS or BIOS and Lock TPM.
5 Caution: This module requires additional review when modified.
6 This driver will have external input - variable.
7 This external input must be validated carefully to avoid security issue.
9 ExecutePendingTpmRequest() will receive untrusted input and do validation.
11 Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
12 SPDX-License-Identifier: BSD-2-Clause-Patent
18 #include <Protocol/TcgService.h>
19 #include <Protocol/VariableLock.h>
20 #include <Library/DebugLib.h>
21 #include <Library/BaseMemoryLib.h>
22 #include <Library/UefiRuntimeServicesTableLib.h>
23 #include <Library/UefiDriverEntryPoint.h>
24 #include <Library/UefiBootServicesTableLib.h>
25 #include <Library/UefiLib.h>
26 #include <Library/MemoryAllocationLib.h>
27 #include <Library/PrintLib.h>
28 #include <Library/HiiLib.h>
29 #include <Guid/EventGroup.h>
30 #include <Guid/PhysicalPresenceData.h>
31 #include <Library/TcgPpVendorLib.h>
33 #define CONFIRM_BUFFER_SIZE 4096
35 EFI_HII_HANDLE mPpStringPackHandle
;
38 Get string by string id from HII Interface.
40 @param[in] Id String ID.
42 @retval CHAR16 * String from ID.
43 @retval NULL If error occurs.
47 PhysicalPresenceGetStringById (
51 return HiiGetString (mPpStringPackHandle
, Id
, NULL
);
55 Get TPM physical presence permanent flags.
57 @param[in] TcgProtocol EFI TCG Protocol instance.
58 @param[out] LifetimeLock physicalPresenceLifetimeLock permanent flag.
59 @param[out] CmdEnable physicalPresenceCMDEnable permanent flag.
61 @retval EFI_SUCCESS Flags were returns successfully.
62 @retval other Failed to locate EFI TCG Protocol.
67 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
68 OUT BOOLEAN
*LifetimeLock
,
69 OUT BOOLEAN
*CmdEnable
73 TPM_RQU_COMMAND_HDR
*TpmRqu
;
74 TPM_RSP_COMMAND_HDR
*TpmRsp
;
76 UINT8 SendBuffer
[sizeof (*TpmRqu
) + sizeof (UINT32
) * 3];
77 TPM_PERMANENT_FLAGS
*TpmPermanentFlags
;
81 // Fill request header
83 TpmRsp
= (TPM_RSP_COMMAND_HDR
*)RecvBuffer
;
84 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)SendBuffer
;
86 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
87 TpmRqu
->paramSize
= SwapBytes32 (sizeof (SendBuffer
));
88 TpmRqu
->ordinal
= SwapBytes32 (TPM_ORD_GetCapability
);
91 // Set request parameter
93 SendBufPtr
= (UINT32
*)(TpmRqu
+ 1);
94 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (TPM_CAP_FLAG
));
95 WriteUnaligned32 (SendBufPtr
++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT
)));
96 WriteUnaligned32 (SendBufPtr
, SwapBytes32 (TPM_CAP_FLAG_PERMANENT
));
98 Status
= TcgProtocol
->PassThroughToTpm (
105 if (EFI_ERROR (Status
)) {
109 if ((TpmRsp
->tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
)) || (TpmRsp
->returnCode
!= 0)) {
110 return EFI_DEVICE_ERROR
;
113 TpmPermanentFlags
= (TPM_PERMANENT_FLAGS
*)&RecvBuffer
[sizeof (TPM_RSP_COMMAND_HDR
) + sizeof (UINT32
)];
115 if (LifetimeLock
!= NULL
) {
116 *LifetimeLock
= TpmPermanentFlags
->physicalPresenceLifetimeLock
;
119 if (CmdEnable
!= NULL
) {
120 *CmdEnable
= TpmPermanentFlags
->physicalPresenceCMDEnable
;
127 Issue TSC_PhysicalPresence command to TPM.
129 @param[in] TcgProtocol EFI TCG Protocol instance.
130 @param[in] PhysicalPresence The state to set the TPM's Physical Presence flags.
132 @retval EFI_SUCCESS TPM executed the command successfully.
133 @retval EFI_SECURITY_VIOLATION TPM returned error when executing the command.
134 @retval other Failed to locate EFI TCG Protocol.
138 TpmPhysicalPresence (
139 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
140 IN TPM_PHYSICAL_PRESENCE PhysicalPresence
144 TPM_RQU_COMMAND_HDR
*TpmRqu
;
145 TPM_PHYSICAL_PRESENCE
*TpmPp
;
146 TPM_RSP_COMMAND_HDR TpmRsp
;
147 UINT8 Buffer
[sizeof (*TpmRqu
) + sizeof (*TpmPp
)];
149 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)Buffer
;
150 TpmPp
= (TPM_PHYSICAL_PRESENCE
*)(TpmRqu
+ 1);
152 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
153 TpmRqu
->paramSize
= SwapBytes32 (sizeof (Buffer
));
154 TpmRqu
->ordinal
= SwapBytes32 (TSC_ORD_PhysicalPresence
);
155 WriteUnaligned16 (TpmPp
, (TPM_PHYSICAL_PRESENCE
)SwapBytes16 (PhysicalPresence
));
157 Status
= TcgProtocol
->PassThroughToTpm (
164 if (EFI_ERROR (Status
)) {
168 if (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
)) {
169 return EFI_DEVICE_ERROR
;
172 if (TpmRsp
.returnCode
!= 0) {
174 // If it fails, some requirements may be needed for this command.
176 return EFI_SECURITY_VIOLATION
;
183 Issue a TPM command for which no additional output data will be returned.
185 @param[in] TcgProtocol EFI TCG Protocol instance.
186 @param[in] Ordinal TPM command code.
187 @param[in] AdditionalParameterSize Additional parameter size.
188 @param[in] AdditionalParameters Pointer to the Additional parameters.
190 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
191 receiving response from TPM.
192 @retval Others Return code from the TPM device after command execution.
196 TpmCommandNoReturnData (
197 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
198 IN TPM_COMMAND_CODE Ordinal
,
199 IN UINTN AdditionalParameterSize
,
200 IN VOID
*AdditionalParameters
204 TPM_RQU_COMMAND_HDR
*TpmRqu
;
205 TPM_RSP_COMMAND_HDR TpmRsp
;
208 TpmRqu
= (TPM_RQU_COMMAND_HDR
*)AllocatePool (sizeof (*TpmRqu
) + AdditionalParameterSize
);
209 if (TpmRqu
== NULL
) {
210 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
213 TpmRqu
->tag
= SwapBytes16 (TPM_TAG_RQU_COMMAND
);
214 Size
= (UINT32
)(sizeof (*TpmRqu
) + AdditionalParameterSize
);
215 TpmRqu
->paramSize
= SwapBytes32 (Size
);
216 TpmRqu
->ordinal
= SwapBytes32 (Ordinal
);
217 CopyMem (TpmRqu
+ 1, AdditionalParameters
, AdditionalParameterSize
);
219 Status
= TcgProtocol
->PassThroughToTpm (
223 (UINT32
)sizeof (TpmRsp
),
227 if (EFI_ERROR (Status
) || (TpmRsp
.tag
!= SwapBytes16 (TPM_TAG_RSP_COMMAND
))) {
228 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
231 return SwapBytes32 (TpmRsp
.returnCode
);
235 Execute physical presence operation requested by the OS.
237 @param[in] TcgProtocol EFI TCG Protocol instance.
238 @param[in] CommandCode Physical presence operation value.
239 @param[in, out] PpiFlags The physical presence interface flags.
241 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Unknown physical presence operation.
242 @retval TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE Error occurred during sending command to TPM or
243 receiving response from TPM.
244 @retval Others Return code from the TPM device after command execution.
248 ExecutePhysicalPresence (
249 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
250 IN UINT32 CommandCode
,
251 IN OUT EFI_PHYSICAL_PRESENCE_FLAGS
*PpiFlags
258 switch (CommandCode
) {
259 case PHYSICAL_PRESENCE_ENABLE
:
260 return TpmCommandNoReturnData (
262 TPM_ORD_PhysicalEnable
,
267 case PHYSICAL_PRESENCE_DISABLE
:
268 return TpmCommandNoReturnData (
270 TPM_ORD_PhysicalDisable
,
275 case PHYSICAL_PRESENCE_ACTIVATE
:
277 return TpmCommandNoReturnData (
279 TPM_ORD_PhysicalSetDeactivated
,
284 case PHYSICAL_PRESENCE_DEACTIVATE
:
286 return TpmCommandNoReturnData (
288 TPM_ORD_PhysicalSetDeactivated
,
293 case PHYSICAL_PRESENCE_CLEAR
:
294 return TpmCommandNoReturnData (
301 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
302 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE
, PpiFlags
);
303 if (TpmResponse
== 0) {
304 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ACTIVATE
, PpiFlags
);
309 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
310 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE
, PpiFlags
);
311 if (TpmResponse
== 0) {
312 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DISABLE
, PpiFlags
);
317 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
319 return TpmCommandNoReturnData (
321 TPM_ORD_SetOwnerInstall
,
326 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
328 return TpmCommandNoReturnData (
330 TPM_ORD_SetOwnerInstall
,
335 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
337 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
338 // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
340 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
341 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
342 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
344 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
, PpiFlags
);
345 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
350 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
351 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
, PpiFlags
);
352 if (TpmResponse
== 0) {
353 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
, PpiFlags
);
358 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
359 InData
[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA
); // CapabilityArea
360 InData
[1] = SwapBytes32 (sizeof (UINT32
)); // SubCapSize
361 InData
[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE
); // SubCap
362 InData
[3] = SwapBytes32 (sizeof (UINT32
)); // SetValueSize
363 InData
[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
364 return TpmCommandNoReturnData (
366 TPM_ORD_SetCapability
,
371 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
373 // TPM_SetOperatorAuth
374 // This command requires UI to prompt user for Auth data
375 // Here it is NOT implemented
377 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
379 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
380 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
381 if (TpmResponse
== 0) {
382 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
387 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
388 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
391 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
392 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
395 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
396 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
399 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
400 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
;
403 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
404 PpiFlags
->PPFlags
&= ~TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
407 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
408 PpiFlags
->PPFlags
|= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
;
411 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
413 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR
414 // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
416 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
417 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
418 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
420 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR
, PpiFlags
);
421 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
426 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
428 // PHYSICAL_PRESENCE_ENABLE_ACTIVATE + PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
429 // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
431 if ((PpiFlags
->PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
432 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_ENABLE_ACTIVATE
, PpiFlags
);
433 PpiFlags
->PPFlags
|= TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
435 TpmResponse
= ExecutePhysicalPresence (TcgProtocol
, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
, PpiFlags
);
436 PpiFlags
->PPFlags
&= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK
;
445 return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
449 Read the specified key for user confirmation.
451 @param[in] CautionKey If true, F12 is used as confirm key;
452 If false, F10 is used as confirm key.
454 @retval TRUE User confirmed the changes by input.
455 @retval FALSE User discarded the changes or device error.
460 IN BOOLEAN CautionKey
470 Status
= gST
->ConIn
->ReadKeyStroke (gST
->ConIn
, &Key
);
471 if (Status
== EFI_NOT_READY
) {
472 gBS
->WaitForEvent (1, &gST
->ConIn
->WaitForKey
, &Index
);
476 if (Status
== EFI_DEVICE_ERROR
) {
480 if (Key
.ScanCode
== SCAN_ESC
) {
481 InputKey
= Key
.ScanCode
;
484 if ((Key
.ScanCode
== SCAN_F10
) && !CautionKey
) {
485 InputKey
= Key
.ScanCode
;
488 if ((Key
.ScanCode
== SCAN_F12
) && CautionKey
) {
489 InputKey
= Key
.ScanCode
;
491 } while (InputKey
== 0);
493 if (InputKey
!= SCAN_ESC
) {
501 The constructor function register UNI strings into imageHandle.
503 It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
505 @param ImageHandle The firmware allocated handle for the EFI image.
506 @param SystemTable A pointer to the EFI System Table.
508 @retval EFI_SUCCESS The constructor successfully added string package.
509 @retval Other value The constructor can't add string package.
514 TcgPhysicalPresenceLibConstructor (
515 IN EFI_HANDLE ImageHandle
,
516 IN EFI_SYSTEM_TABLE
*SystemTable
519 mPpStringPackHandle
= HiiAddPackages (&gEfiPhysicalPresenceGuid
, ImageHandle
, DxeTcgPhysicalPresenceLibStrings
, NULL
);
520 ASSERT (mPpStringPackHandle
!= NULL
);
526 Display the confirm text and get user confirmation.
528 @param[in] TpmPpCommand The requested TPM physical presence command.
530 @retval TRUE The user has confirmed the changes.
531 @retval FALSE The user doesn't confirm the changes.
535 IN UINT32 TpmPpCommand
548 BufSize
= CONFIRM_BUFFER_SIZE
;
549 ConfirmText
= AllocateZeroPool (BufSize
);
550 ASSERT (ConfirmText
!= NULL
);
552 switch (TpmPpCommand
) {
553 case PHYSICAL_PRESENCE_ENABLE
:
554 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE
));
556 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
557 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
560 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
561 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
565 case PHYSICAL_PRESENCE_DISABLE
:
566 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE
));
568 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
569 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
572 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
573 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
576 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
577 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
581 case PHYSICAL_PRESENCE_ACTIVATE
:
582 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE
));
584 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
585 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
588 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
589 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
593 case PHYSICAL_PRESENCE_DEACTIVATE
:
594 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE
));
596 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
597 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
600 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
601 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
604 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
605 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
609 case PHYSICAL_PRESENCE_CLEAR
:
611 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
613 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
614 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
617 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
618 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
619 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
622 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
623 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
627 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
628 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE
));
630 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
631 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
634 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
635 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
638 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
639 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
643 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
644 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE_DISABLE
));
646 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
647 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
650 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
651 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
654 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
655 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
658 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
659 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
663 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
664 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ALLOW_TAKE_OWNERSHIP
));
666 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
667 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
670 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
671 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
675 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
676 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISALLOW_TAKE_OWNERSHIP
));
678 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
679 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
682 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
683 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
687 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
688 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON
));
690 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
691 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
694 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
695 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
698 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
699 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
703 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
704 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF
));
706 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
707 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
710 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF
));
711 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
714 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING
));
715 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
718 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
719 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
723 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
725 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE
));
727 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR
));
728 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
731 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
732 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
735 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
736 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
740 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
742 // TPM_SetOperatorAuth
743 // This command requires UI to prompt user for Auth data
744 // Here it is NOT implemented
748 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
750 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON
));
752 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
753 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
756 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
757 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
760 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
761 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
764 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
765 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
768 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
769 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
773 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
774 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_PROVISION
));
776 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
777 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
780 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY
));
781 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
784 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
785 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
789 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
791 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR
));
793 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
794 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
797 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR
));
798 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
801 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
802 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
803 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
806 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
807 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
810 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
811 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
815 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
817 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN
));
819 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR
));
820 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
823 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_MAINTAIN
));
824 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
827 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
828 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
831 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO
));
832 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
836 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
838 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR
));
840 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
841 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
844 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
845 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
846 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), L
" \n\n", (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
849 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
850 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
854 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
856 TmpStr2
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
));
858 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR
));
859 UnicodeSPrint (ConfirmText
, BufSize
, TmpStr1
, TmpStr2
);
862 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON
));
863 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
866 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR
));
867 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
870 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING_CLEAR_CONT
));
871 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
874 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY
));
875 StrnCatS (ConfirmText
, BufSize
/ sizeof (CHAR16
), TmpStr1
, (BufSize
/ sizeof (CHAR16
)) - StrLen (ConfirmText
) - 1);
883 if (TmpStr2
== NULL
) {
884 FreePool (ConfirmText
);
888 TmpStr1
= PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY
));
889 BufSize
-= StrSize (ConfirmText
);
890 UnicodeSPrint (ConfirmText
+ StrLen (ConfirmText
), BufSize
, TmpStr1
, TmpStr2
);
893 for (Index
= 0; Index
< StrLen (ConfirmText
); Index
+= 80) {
894 StrnCpyS (DstStr
, sizeof (DstStr
) / sizeof (CHAR16
), ConfirmText
+ Index
, sizeof (DstStr
) / sizeof (CHAR16
) - 1);
900 FreePool (ConfirmText
);
902 if (ReadUserKey (CautionKey
)) {
910 Check if there is a valid physical presence command request. Also updates parameter value
911 to whether the requested physical presence command already confirmed by user
913 @param[in] TcgPpData EFI TCG Physical Presence request data.
914 @param[in] Flags The physical presence interface flags.
915 @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI.
916 True, it indicates the command doesn't require user confirm, or already confirmed
917 in last boot cycle by user.
918 False, it indicates the command need user confirm from UI.
920 @retval TRUE Physical Presence operation command is valid.
921 @retval FALSE Physical Presence operation command is invalid.
925 HaveValidTpmRequest (
926 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
927 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
,
928 OUT BOOLEAN
*RequestConfirmed
931 BOOLEAN IsRequestValid
;
933 *RequestConfirmed
= FALSE
;
935 switch (TcgPpData
->PPRequest
) {
936 case PHYSICAL_PRESENCE_NO_ACTION
:
937 *RequestConfirmed
= TRUE
;
939 case PHYSICAL_PRESENCE_ENABLE
:
940 case PHYSICAL_PRESENCE_DISABLE
:
941 case PHYSICAL_PRESENCE_ACTIVATE
:
942 case PHYSICAL_PRESENCE_DEACTIVATE
:
943 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
944 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
945 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE
:
946 case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE
:
947 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
948 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
949 case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH
:
950 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0) {
951 *RequestConfirmed
= TRUE
;
956 case PHYSICAL_PRESENCE_CLEAR
:
957 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
958 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0) {
959 *RequestConfirmed
= TRUE
;
964 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
965 if ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE
) != 0) {
966 *RequestConfirmed
= TRUE
;
971 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
972 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
973 if (((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR
) != 0) && ((Flags
.PPFlags
& TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
) != 0)) {
974 *RequestConfirmed
= TRUE
;
979 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE
:
980 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE
:
981 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE
:
982 *RequestConfirmed
= TRUE
;
985 case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE
:
986 case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE
:
987 case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE
:
991 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
992 IsRequestValid
= TcgPpVendorLibHasValidRequest (TcgPpData
->PPRequest
, Flags
.PPFlags
, RequestConfirmed
);
993 if (!IsRequestValid
) {
1000 // Wrong Physical Presence command
1006 if ((Flags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) != 0) {
1008 // It had been confirmed in last boot, it doesn't need confirm again.
1010 *RequestConfirmed
= TRUE
;
1014 // Physical Presence command is correct
1020 Check and execute the requested physical presence command.
1022 Caution: This function may receive untrusted input.
1023 TcgPpData variable is external input, so this function will validate
1024 its data structure to be valid value.
1026 @param[in] TcgProtocol EFI TCG Protocol instance.
1027 @param[in] TcgPpData Point to the physical presence NV variable.
1028 @param[in] Flags The physical presence interface flags.
1032 ExecutePendingTpmRequest (
1033 IN EFI_TCG_PROTOCOL
*TcgProtocol
,
1034 IN EFI_PHYSICAL_PRESENCE
*TcgPpData
,
1035 IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
1040 BOOLEAN RequestConfirmed
;
1041 EFI_PHYSICAL_PRESENCE_FLAGS NewFlags
;
1042 BOOLEAN ResetRequired
;
1045 if (!HaveValidTpmRequest (TcgPpData
, Flags
, &RequestConfirmed
)) {
1047 // Invalid operation request.
1049 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE
;
1050 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1051 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1052 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1053 Status
= gRT
->SetVariable (
1054 PHYSICAL_PRESENCE_VARIABLE
,
1055 &gEfiPhysicalPresenceGuid
,
1056 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1063 ResetRequired
= FALSE
;
1064 if (TcgPpData
->PPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1066 NewPPFlags
= NewFlags
.PPFlags
;
1067 TcgPpData
->PPResponse
= TcgPpVendorLibExecutePendingRequest (TcgPpData
->PPRequest
, &NewPPFlags
, &ResetRequired
);
1068 NewFlags
.PPFlags
= (UINT8
)NewPPFlags
;
1070 if (!RequestConfirmed
) {
1072 // Print confirm text and wait for approval.
1074 RequestConfirmed
= UserConfirm (TcgPpData
->PPRequest
);
1078 // Execute requested physical presence command
1080 TcgPpData
->PPResponse
= TCG_PP_OPERATION_RESPONSE_USER_ABORT
;
1082 if (RequestConfirmed
) {
1083 TcgPpData
->PPResponse
= ExecutePhysicalPresence (TcgProtocol
, TcgPpData
->PPRequest
, &NewFlags
);
1088 // Save the flags if it is updated.
1090 if (CompareMem (&Flags
, &NewFlags
, sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
)) != 0) {
1091 Status
= gRT
->SetVariable (
1092 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1093 &gEfiPhysicalPresenceGuid
,
1094 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1095 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1098 if (EFI_ERROR (Status
)) {
1106 if ((NewFlags
.PPFlags
& TCG_VENDOR_LIB_FLAG_RESET_TRACK
) == 0) {
1107 TcgPpData
->LastPPRequest
= TcgPpData
->PPRequest
;
1108 TcgPpData
->PPRequest
= PHYSICAL_PRESENCE_NO_ACTION
;
1114 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1115 Status
= gRT
->SetVariable (
1116 PHYSICAL_PRESENCE_VARIABLE
,
1117 &gEfiPhysicalPresenceGuid
,
1118 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1122 if (EFI_ERROR (Status
)) {
1126 if (TcgPpData
->PPResponse
== TCG_PP_OPERATION_RESPONSE_USER_ABORT
) {
1131 // Reset system to make new TPM settings in effect
1133 switch (TcgPpData
->LastPPRequest
) {
1134 case PHYSICAL_PRESENCE_ACTIVATE
:
1135 case PHYSICAL_PRESENCE_DEACTIVATE
:
1136 case PHYSICAL_PRESENCE_CLEAR
:
1137 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE
:
1138 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE
:
1139 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE
:
1140 case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE
:
1141 case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE
:
1142 case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE
:
1143 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR
:
1144 case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE
:
1147 if (TcgPpData
->LastPPRequest
>= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION
) {
1148 if (ResetRequired
) {
1155 if (TcgPpData
->PPRequest
!= PHYSICAL_PRESENCE_NO_ACTION
) {
1162 Print (L
"Rebooting system to make TPM settings in effect\n");
1163 gRT
->ResetSystem (EfiResetCold
, EFI_SUCCESS
, 0, NULL
);
1168 Check and execute the pending TPM request and Lock TPM.
1170 The TPM request may come from OS or BIOS. This API will display request information and wait
1171 for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
1172 the TPM request is confirmed, and one or more reset may be required to make TPM request to
1173 take effect. At last, it will lock TPM to prevent TPM state change by malware.
1175 This API should be invoked after console in and console out are all ready as they are required
1176 to display request information and get user input to confirm the request. This API should also
1177 be invoked as early as possible as TPM is locked in this function.
1182 TcgPhysicalPresenceLibProcessRequest (
1187 BOOLEAN LifetimeLock
;
1190 EFI_PHYSICAL_PRESENCE TcgPpData
;
1191 EFI_TCG_PROTOCOL
*TcgProtocol
;
1192 EDKII_VARIABLE_LOCK_PROTOCOL
*VariableLockProtocol
;
1193 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1195 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1196 if (EFI_ERROR (Status
)) {
1201 // Initialize physical presence flags.
1203 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1204 Status
= gRT
->GetVariable (
1205 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1206 &gEfiPhysicalPresenceGuid
,
1211 if (EFI_ERROR (Status
)) {
1212 PpiFlags
.PPFlags
= TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION
;
1213 Status
= gRT
->SetVariable (
1214 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1215 &gEfiPhysicalPresenceGuid
,
1216 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1217 sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
),
1220 if (EFI_ERROR (Status
)) {
1221 DEBUG ((DEBUG_ERROR
, "[TPM] Set physical presence flag failed, Status = %r\n", Status
));
1226 DEBUG ((DEBUG_INFO
, "[TPM] PpiFlags = %x\n", PpiFlags
.PPFlags
));
1229 // This flags variable controls whether physical presence is required for TPM command.
1230 // It should be protected from malicious software. We set it as read-only variable here.
1232 Status
= gBS
->LocateProtocol (&gEdkiiVariableLockProtocolGuid
, NULL
, (VOID
**)&VariableLockProtocol
);
1233 if (!EFI_ERROR (Status
)) {
1234 Status
= VariableLockProtocol
->RequestToLock (
1235 VariableLockProtocol
,
1236 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1237 &gEfiPhysicalPresenceGuid
1239 if (EFI_ERROR (Status
)) {
1240 DEBUG ((DEBUG_ERROR
, "[TPM] Error when lock variable %s, Status = %r\n", PHYSICAL_PRESENCE_FLAGS_VARIABLE
, Status
));
1241 ASSERT_EFI_ERROR (Status
);
1246 // Initialize physical presence variable.
1248 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1249 Status
= gRT
->GetVariable (
1250 PHYSICAL_PRESENCE_VARIABLE
,
1251 &gEfiPhysicalPresenceGuid
,
1256 if (EFI_ERROR (Status
)) {
1257 ZeroMem ((VOID
*)&TcgPpData
, sizeof (TcgPpData
));
1258 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1259 Status
= gRT
->SetVariable (
1260 PHYSICAL_PRESENCE_VARIABLE
,
1261 &gEfiPhysicalPresenceGuid
,
1262 EFI_VARIABLE_NON_VOLATILE
| EFI_VARIABLE_BOOTSERVICE_ACCESS
| EFI_VARIABLE_RUNTIME_ACCESS
,
1266 if (EFI_ERROR (Status
)) {
1267 DEBUG ((DEBUG_ERROR
, "[TPM] Set physical presence variable failed, Status = %r\n", Status
));
1272 DEBUG ((DEBUG_INFO
, "[TPM] Flags=%x, PPRequest=%x\n", PpiFlags
.PPFlags
, TcgPpData
.PPRequest
));
1274 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1276 // No operation request
1281 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1282 if (EFI_ERROR (Status
)) {
1289 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1294 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_CMD_ENABLE
);
1295 if (EFI_ERROR (Status
)) {
1301 // Set operator physical presence flags
1303 Status
= TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_PRESENT
);
1304 if (EFI_ERROR (Status
)) {
1309 // Execute pending TPM request.
1311 ExecutePendingTpmRequest (TcgProtocol
, &TcgPpData
, PpiFlags
);
1312 DEBUG ((DEBUG_INFO
, "[TPM] PPResponse = %x\n", TcgPpData
.PPResponse
));
1315 // Lock physical presence.
1317 TpmPhysicalPresence (TcgProtocol
, TPM_PHYSICAL_PRESENCE_NOTPRESENT
| TPM_PHYSICAL_PRESENCE_LOCK
);
1321 Check if the pending TPM request needs user input to confirm.
1323 The TPM request may come from OS. This API will check if TPM request exists and need user
1324 input to confirmation.
1326 @retval TRUE TPM needs input to confirm user physical presence.
1327 @retval FALSE TPM doesn't need input to confirm user physical presence.
1332 TcgPhysicalPresenceLibNeedUserConfirm (
1337 EFI_PHYSICAL_PRESENCE TcgPpData
;
1339 BOOLEAN RequestConfirmed
;
1340 BOOLEAN LifetimeLock
;
1342 EFI_TCG_PROTOCOL
*TcgProtocol
;
1343 EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags
;
1345 Status
= gBS
->LocateProtocol (&gEfiTcgProtocolGuid
, NULL
, (VOID
**)&TcgProtocol
);
1346 if (EFI_ERROR (Status
)) {
1351 // Check Tpm requests
1353 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE
);
1354 Status
= gRT
->GetVariable (
1355 PHYSICAL_PRESENCE_VARIABLE
,
1356 &gEfiPhysicalPresenceGuid
,
1361 if (EFI_ERROR (Status
)) {
1365 DataSize
= sizeof (EFI_PHYSICAL_PRESENCE_FLAGS
);
1366 Status
= gRT
->GetVariable (
1367 PHYSICAL_PRESENCE_FLAGS_VARIABLE
,
1368 &gEfiPhysicalPresenceGuid
,
1373 if (EFI_ERROR (Status
)) {
1377 if (TcgPpData
.PPRequest
== PHYSICAL_PRESENCE_NO_ACTION
) {
1379 // No operation request
1384 if (!HaveValidTpmRequest (&TcgPpData
, PpiFlags
, &RequestConfirmed
)) {
1386 // Invalid operation request.
1392 // Check Tpm Capability
1394 Status
= GetTpmCapability (TcgProtocol
, &LifetimeLock
, &CmdEnable
);
1395 if (EFI_ERROR (Status
)) {
1402 // physicalPresenceCMDEnable is locked, can't execute physical presence command.
1408 if (!RequestConfirmed
) {
1410 // Need UI to confirm