SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c

   1 /** @file
   2   This library is used by other modules to measure data to TPM.
   3
   4 Copyright (c) 2020, Intel Corporation. All rights reserved. <BR>
   5 SPDX-License-Identifier: BSD-2-Clause-Patent
   6
   7 **/
   8
   9 #include <Uefi/UefiBaseType.h>
  10 #include <Pi/PiFirmwareVolume.h>
  11
  12 #include <Library/BaseMemoryLib.h>
  13 #include <Library/DebugLib.h>
  14 #include <Library/ReportStatusCodeLib.h>
  15 #include <Library/PcdLib.h>
  16 #include <Library/PrintLib.h>
  17 #include <Library/TcgEventLogRecordLib.h>
  18 #include <Library/TpmMeasurementLib.h>
  19
  20 #include <IndustryStandard/UefiTcgPlatform.h>
  21
  22 /**
  23   Get the FvName from the FV header.
  24
  25   Causion: The FV is untrusted input.
  26
  27   @param[in]  FvBase            Base address of FV image.
  28   @param[in]  FvLength          Length of FV image.
  29
  30   @return FvName pointer
  31   @retval NULL   FvName is NOT found
  32 **/
  33 VOID *
  34 TpmMeasurementGetFvName (
  35   IN EFI_PHYSICAL_ADDRESS  FvBase,
  36   IN UINT64                FvLength
  37   )
  38 {
  39   EFI_FIRMWARE_VOLUME_HEADER      *FvHeader;
  40   EFI_FIRMWARE_VOLUME_EXT_HEADER  *FvExtHeader;
  41
  42   if (FvBase >= MAX_ADDRESS) {
  43     return NULL;
  44   }
  45
  46   if (FvLength >= MAX_ADDRESS - FvBase) {
  47     return NULL;
  48   }
  49
  50   if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
  51     return NULL;
  52   }
  53
  54   FvHeader = (EFI_FIRMWARE_VOLUME_HEADER *)(UINTN)FvBase;
  55   if (FvHeader->Signature != EFI_FVH_SIGNATURE) {
  56     return NULL;
  57   }
  58
  59   if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
  60     return NULL;
  61   }
  62
  63   if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
  64     return NULL;
  65   }
  66
  67   FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);
  68
  69   return &FvExtHeader->FvName;
  70 }
  71
  72 /**
  73   Measure a FirmwareBlob.
  74
  75   @param[in]  PcrIndex                PcrIndex of the measurement.
  76   @param[in]  Description             Description for this FirmwareBlob.
  77   @param[in]  FirmwareBlobBase        Base address of this FirmwareBlob.
  78   @param[in]  FirmwareBlobLength      Size in bytes of this FirmwareBlob.
  79
  80   @retval EFI_SUCCESS           Operation completed successfully.
  81   @retval EFI_UNSUPPORTED       TPM device not available.
  82   @retval EFI_OUT_OF_RESOURCES  Out of memory.
  83   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.
  84 **/
  85 EFI_STATUS
  86 EFIAPI
  87 MeasureFirmwareBlob (
  88   IN UINT32                PcrIndex,
  89   IN CHAR8                 *Description OPTIONAL,
  90   IN EFI_PHYSICAL_ADDRESS  FirmwareBlobBase,
  91   IN UINT64                FirmwareBlobLength
  92   )
  93 {
  94   EFI_PLATFORM_FIRMWARE_BLOB      FvBlob;
  95   PLATFORM_FIRMWARE_BLOB2_STRUCT  FvBlob2;
  96   VOID                            *FvName;
  97   UINT32                          EventType;
  98   VOID                            *EventLog;
  99   UINT32                          EventLogSize;
 100   EFI_STATUS                      Status;
 101
 102   FvName = TpmMeasurementGetFvName (FirmwareBlobBase, FirmwareBlobLength);
 103
 104   if (((Description != NULL) || (FvName != NULL)) &&
 105       (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))
 106   {
 107     if (Description != NULL) {
 108       AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "%a", Description);
 109     } else {
 110       AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);
 111     }
 112
 113     FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);
 114     FvBlob2.BlobBase            = FirmwareBlobBase;
 115     FvBlob2.BlobLength          = FirmwareBlobLength;
 116
 117     EventType    = EV_EFI_PLATFORM_FIRMWARE_BLOB2;
 118     EventLog     = &FvBlob2;
 119     EventLogSize = sizeof (FvBlob2);
 120   } else {
 121     FvBlob.BlobBase   = FirmwareBlobBase;
 122     FvBlob.BlobLength = FirmwareBlobLength;
 123
 124     EventType    = EV_EFI_PLATFORM_FIRMWARE_BLOB;
 125     EventLog     = &FvBlob;
 126     EventLogSize = sizeof (FvBlob);
 127   }
 128
 129   Status = TpmMeasureAndLogData (
 130              PcrIndex,
 131              EventType,
 132              EventLog,
 133              EventLogSize,
 134              (VOID *)(UINTN)FirmwareBlobBase,
 135              FirmwareBlobLength
 136              );
 137
 138   return Status;
 139 }
 140
 141 /**
 142   Measure a HandoffTable.
 143
 144   @param[in]  PcrIndex                PcrIndex of the measurement.
 145   @param[in]  Description             Description for this HandoffTable.
 146   @param[in]  TableGuid               GUID of this HandoffTable.
 147   @param[in]  TableAddress            Base address of this HandoffTable.
 148   @param[in]  TableLength             Size in bytes of this HandoffTable.
 149
 150   @retval EFI_SUCCESS           Operation completed successfully.
 151   @retval EFI_UNSUPPORTED       TPM device not available.
 152   @retval EFI_OUT_OF_RESOURCES  Out of memory.
 153   @retval EFI_DEVICE_ERROR      The operation was unsuccessful.
 154 **/
 155 EFI_STATUS
 156 EFIAPI
 157 MeasureHandoffTable (
 158   IN UINT32    PcrIndex,
 159   IN CHAR8     *Description OPTIONAL,
 160   IN EFI_GUID  *TableGuid,
 161   IN VOID      *TableAddress,
 162   IN UINTN     TableLength
 163   )
 164 {
 165   EFI_HANDOFF_TABLE_POINTERS      HandoffTables;
 166   HANDOFF_TABLE_POINTERS2_STRUCT  HandoffTables2;
 167   UINT32                          EventType;
 168   VOID                            *EventLog;
 169   UINT32                          EventLogSize;
 170   EFI_STATUS                      Status;
 171
 172   if ((Description != NULL) &&
 173       (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))
 174   {
 175     AsciiSPrint ((CHAR8 *)HandoffTables2.TableDescription, sizeof (HandoffTables2.TableDescription), "%a", Description);
 176
 177     HandoffTables2.TableDescriptionSize = sizeof (HandoffTables2.TableDescription);
 178     HandoffTables2.NumberOfTables       = 1;
 179     CopyGuid (&(HandoffTables2.TableEntry[0].VendorGuid), TableGuid);
 180     HandoffTables2.TableEntry[0].VendorTable = TableAddress;
 181
 182     EventType    = EV_EFI_HANDOFF_TABLES2;
 183     EventLog     = &HandoffTables2;
 184     EventLogSize = sizeof (HandoffTables2);
 185   } else {
 186     HandoffTables.NumberOfTables = 1;
 187     CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), TableGuid);
 188     HandoffTables.TableEntry[0].VendorTable = TableAddress;
 189
 190     EventType    = EV_EFI_HANDOFF_TABLES;
 191     EventLog     = &HandoffTables;
 192     EventLogSize = sizeof (HandoffTables);
 193   }
 194
 195   Status = TpmMeasureAndLogData (
 196              PcrIndex,
 197              EventType,
 198              EventLog,
 199              EventLogSize,
 200              TableAddress,
 201              TableLength
 202              );
 203   return Status;
 204 }