]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
SecurityPkg: Tcg2Dxe: Update PCR[4] measure logic
[mirror_edk2.git] / SecurityPkg / Tcg / Tcg2Dxe / Tcg2Dxe.c
1 /** @file
2 This module implements Tcg2 Protocol.
3
4 Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
5 (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution. The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13
14 **/
15
16 #include <PiDxe.h>
17 #include <IndustryStandard/Acpi.h>
18 #include <IndustryStandard/PeImage.h>
19 #include <IndustryStandard/TcpaAcpi.h>
20
21 #include <Guid/GlobalVariable.h>
22 #include <Guid/HobList.h>
23 #include <Guid/TcgEventHob.h>
24 #include <Guid/EventGroup.h>
25 #include <Guid/EventExitBootServiceFailed.h>
26 #include <Guid/ImageAuthentication.h>
27 #include <Guid/TpmInstance.h>
28
29 #include <Protocol/DevicePath.h>
30 #include <Protocol/MpService.h>
31 #include <Protocol/VariableWrite.h>
32 #include <Protocol/Tcg2Protocol.h>
33 #include <Protocol/TrEEProtocol.h>
34
35 #include <Library/DebugLib.h>
36 #include <Library/BaseMemoryLib.h>
37 #include <Library/UefiRuntimeServicesTableLib.h>
38 #include <Library/UefiDriverEntryPoint.h>
39 #include <Library/HobLib.h>
40 #include <Library/UefiBootServicesTableLib.h>
41 #include <Library/BaseLib.h>
42 #include <Library/MemoryAllocationLib.h>
43 #include <Library/PrintLib.h>
44 #include <Library/Tpm2CommandLib.h>
45 #include <Library/PcdLib.h>
46 #include <Library/UefiLib.h>
47 #include <Library/Tpm2DeviceLib.h>
48 #include <Library/HashLib.h>
49 #include <Library/PerformanceLib.h>
50 #include <Library/ReportStatusCodeLib.h>
51 #include <Library/Tcg2PhysicalPresenceLib.h>
52
53 #define PERF_ID_TCG2_DXE 0x3120
54
55 typedef struct {
56 CHAR16 *VariableName;
57 EFI_GUID *VendorGuid;
58 } VARIABLE_TYPE;
59
60 #define TCG2_DEFAULT_MAX_COMMAND_SIZE 0x1000
61 #define TCG2_DEFAULT_MAX_RESPONSE_SIZE 0x1000
62
63 typedef struct {
64 EFI_GUID *EventGuid;
65 EFI_TCG2_EVENT_LOG_FORMAT LogFormat;
66 } TCG2_EVENT_INFO_STRUCT;
67
68 TCG2_EVENT_INFO_STRUCT mTcg2EventInfo[] = {
69 {&gTcgEventEntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2},
70 {&gTcgEvent2EntryHobGuid, EFI_TCG2_EVENT_LOG_FORMAT_TCG_2},
71 };
72
73 #define TCG_EVENT_LOG_AREA_COUNT_MAX 2
74
75 typedef struct {
76 EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat;
77 EFI_PHYSICAL_ADDRESS Lasa;
78 UINT64 Laml;
79 UINTN EventLogSize;
80 UINT8 *LastEvent;
81 BOOLEAN EventLogStarted;
82 BOOLEAN EventLogTruncated;
83 } TCG_EVENT_LOG_AREA_STRUCT;
84
85 typedef struct _TCG_DXE_DATA {
86 EFI_TCG2_BOOT_SERVICE_CAPABILITY BsCap;
87 TCG_EVENT_LOG_AREA_STRUCT EventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];
88 BOOLEAN GetEventLogCalled[TCG_EVENT_LOG_AREA_COUNT_MAX];
89 TCG_EVENT_LOG_AREA_STRUCT FinalEventLogAreaStruct[TCG_EVENT_LOG_AREA_COUNT_MAX];
90 EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable[TCG_EVENT_LOG_AREA_COUNT_MAX];
91 } TCG_DXE_DATA;
92
93 TCG_DXE_DATA mTcgDxeData = {
94 {
95 sizeof (EFI_TCG2_BOOT_SERVICE_CAPABILITY), // Size
96 { 1, 1 }, // StructureVersion
97 { 1, 1 }, // ProtocolVersion
98 EFI_TCG2_BOOT_HASH_ALG_SHA1, // HashAlgorithmBitmap
99 EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2, // SupportedEventLogs
100 TRUE, // TPMPresentFlag
101 TCG2_DEFAULT_MAX_COMMAND_SIZE, // MaxCommandSize
102 TCG2_DEFAULT_MAX_RESPONSE_SIZE, // MaxResponseSize
103 0, // ManufacturerID
104 0, // NumberOfPCRBanks
105 0, // ActivePcrBanks
106 },
107 };
108
109 UINTN mBootAttempts = 0;
110 CHAR16 mBootVarName[] = L"BootOrder";
111
112 VARIABLE_TYPE mVariableType[] = {
113 {EFI_SECURE_BOOT_MODE_NAME, &gEfiGlobalVariableGuid},
114 {EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid},
115 {EFI_KEY_EXCHANGE_KEY_NAME, &gEfiGlobalVariableGuid},
116 {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},
117 {EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid},
118 {EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid},
119 };
120
121 EFI_HANDLE mImageHandle;
122
123 /**
124 Measure PE image into TPM log based on the authenticode image hashing in
125 PE/COFF Specification 8.0 Appendix A.
126
127 Caution: This function may receive untrusted input.
128 PE/COFF image is external input, so this function will validate its data structure
129 within this image buffer before use.
130
131 Notes: PE/COFF image is checked by BasePeCoffLib PeCoffLoaderGetImageInfo().
132
133 @param[in] PCRIndex TPM PCR index
134 @param[in] ImageAddress Start address of image buffer.
135 @param[in] ImageSize Image size
136 @param[out] DigestList Digeest list of this image.
137
138 @retval EFI_SUCCESS Successfully measure image.
139 @retval EFI_OUT_OF_RESOURCES No enough resource to measure image.
140 @retval other error value
141 **/
142 EFI_STATUS
143 MeasurePeImageAndExtend (
144 IN UINT32 PCRIndex,
145 IN EFI_PHYSICAL_ADDRESS ImageAddress,
146 IN UINTN ImageSize,
147 OUT TPML_DIGEST_VALUES *DigestList
148 );
149
150 /**
151
152 This function dump raw data.
153
154 @param Data raw data
155 @param Size raw data size
156
157 **/
158 VOID
159 InternalDumpData (
160 IN UINT8 *Data,
161 IN UINTN Size
162 )
163 {
164 UINTN Index;
165 for (Index = 0; Index < Size; Index++) {
166 DEBUG ((EFI_D_INFO, "%02x", (UINTN)Data[Index]));
167 }
168 }
169
170 /**
171
172 This function dump raw data with colume format.
173
174 @param Data raw data
175 @param Size raw data size
176
177 **/
178 VOID
179 InternalDumpHex (
180 IN UINT8 *Data,
181 IN UINTN Size
182 )
183 {
184 UINTN Index;
185 UINTN Count;
186 UINTN Left;
187
188 #define COLUME_SIZE (16 * 2)
189
190 Count = Size / COLUME_SIZE;
191 Left = Size % COLUME_SIZE;
192 for (Index = 0; Index < Count; Index++) {
193 DEBUG ((EFI_D_INFO, "%04x: ", Index * COLUME_SIZE));
194 InternalDumpData (Data + Index * COLUME_SIZE, COLUME_SIZE);
195 DEBUG ((EFI_D_INFO, "\n"));
196 }
197
198 if (Left != 0) {
199 DEBUG ((EFI_D_INFO, "%04x: ", Index * COLUME_SIZE));
200 InternalDumpData (Data + Index * COLUME_SIZE, Left);
201 DEBUG ((EFI_D_INFO, "\n"));
202 }
203 }
204
205 /**
206 Get All processors EFI_CPU_LOCATION in system. LocationBuf is allocated inside the function
207 Caller is responsible to free LocationBuf.
208
209 @param[out] LocationBuf Returns Processor Location Buffer.
210 @param[out] Num Returns processor number.
211
212 @retval EFI_SUCCESS Operation completed successfully.
213 @retval EFI_UNSUPPORTED MpService protocol not found.
214
215 **/
216 EFI_STATUS
217 GetProcessorsCpuLocation (
218 OUT EFI_CPU_PHYSICAL_LOCATION **LocationBuf,
219 OUT UINTN *Num
220 )
221 {
222 EFI_STATUS Status;
223 EFI_MP_SERVICES_PROTOCOL *MpProtocol;
224 UINTN ProcessorNum;
225 UINTN EnabledProcessorNum;
226 EFI_PROCESSOR_INFORMATION ProcessorInfo;
227 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
228 UINTN Index;
229
230 Status = gBS->LocateProtocol (&gEfiMpServiceProtocolGuid, NULL, (VOID **) &MpProtocol);
231 if (EFI_ERROR (Status)) {
232 //
233 // MP protocol is not installed
234 //
235 return EFI_UNSUPPORTED;
236 }
237
238 Status = MpProtocol->GetNumberOfProcessors(
239 MpProtocol,
240 &ProcessorNum,
241 &EnabledProcessorNum
242 );
243 if (EFI_ERROR(Status)){
244 return Status;
245 }
246
247 Status = gBS->AllocatePool(
248 EfiBootServicesData,
249 sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
250 (VOID **) &ProcessorLocBuf
251 );
252 if (EFI_ERROR(Status)){
253 return Status;
254 }
255
256 //
257 // Get each processor Location info
258 //
259 for (Index = 0; Index < ProcessorNum; Index++) {
260 Status = MpProtocol->GetProcessorInfo(
261 MpProtocol,
262 Index,
263 &ProcessorInfo
264 );
265 if (EFI_ERROR(Status)){
266 FreePool(ProcessorLocBuf);
267 return Status;
268 }
269
270 //
271 // Get all Processor Location info & measure
272 //
273 CopyMem(
274 &ProcessorLocBuf[Index],
275 &ProcessorInfo.Location,
276 sizeof(EFI_CPU_PHYSICAL_LOCATION)
277 );
278 }
279
280 *LocationBuf = ProcessorLocBuf;
281 *Num = ProcessorNum;
282
283 return Status;
284 }
285
286 /**
287 The EFI_TCG2_PROTOCOL GetCapability function call provides protocol
288 capability information and state information.
289
290 @param[in] This Indicates the calling context
291 @param[in, out] ProtocolCapability The caller allocates memory for a EFI_TCG2_BOOT_SERVICE_CAPABILITY
292 structure and sets the size field to the size of the structure allocated.
293 The callee fills in the fields with the EFI protocol capability information
294 and the current EFI TCG2 state information up to the number of fields which
295 fit within the size of the structure passed in.
296
297 @retval EFI_SUCCESS Operation completed successfully.
298 @retval EFI_DEVICE_ERROR The command was unsuccessful.
299 The ProtocolCapability variable will not be populated.
300 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
301 The ProtocolCapability variable will not be populated.
302 @retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.
303 It will be partially populated (required Size field will be set).
304 **/
305 EFI_STATUS
306 EFIAPI
307 Tcg2GetCapability (
308 IN EFI_TCG2_PROTOCOL *This,
309 IN OUT EFI_TCG2_BOOT_SERVICE_CAPABILITY *ProtocolCapability
310 )
311 {
312 DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability ...\n"));
313
314 if ((This == NULL) || (ProtocolCapability == NULL)) {
315 return EFI_INVALID_PARAMETER;
316 }
317
318 DEBUG ((DEBUG_VERBOSE, "Size - 0x%x\n", ProtocolCapability->Size));
319 DEBUG ((DEBUG_VERBOSE, " 1.1 - 0x%x, 1.0 - 0x%x\n", sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY), sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)));
320
321 if (ProtocolCapability->Size < mTcgDxeData.BsCap.Size) {
322 //
323 // Handle the case that firmware support 1.1 but OS only support 1.0.
324 //
325 if ((mTcgDxeData.BsCap.ProtocolVersion.Major > 0x01) ||
326 ((mTcgDxeData.BsCap.ProtocolVersion.Major == 0x01) && ((mTcgDxeData.BsCap.ProtocolVersion.Minor > 0x00)))) {
327 if (ProtocolCapability->Size >= sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)) {
328 CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0));
329 ProtocolCapability->Size = sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0);
330 ProtocolCapability->StructureVersion.Major = 1;
331 ProtocolCapability->StructureVersion.Minor = 0;
332 ProtocolCapability->ProtocolVersion.Major = 1;
333 ProtocolCapability->ProtocolVersion.Minor = 0;
334 DEBUG ((EFI_D_ERROR, "TreeGetCapability (Compatible) - %r\n", EFI_SUCCESS));
335 return EFI_SUCCESS;
336 }
337 }
338 ProtocolCapability->Size = mTcgDxeData.BsCap.Size;
339 return EFI_BUFFER_TOO_SMALL;
340 }
341
342 CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, mTcgDxeData.BsCap.Size);
343 DEBUG ((DEBUG_VERBOSE, "Tcg2GetCapability - %r\n", EFI_SUCCESS));
344 return EFI_SUCCESS;
345 }
346
347 /**
348 This function dump PCR event.
349
350 @param[in] EventHdr TCG PCR event structure.
351 **/
352 VOID
353 DumpEvent (
354 IN TCG_PCR_EVENT_HDR *EventHdr
355 )
356 {
357 UINTN Index;
358
359 DEBUG ((EFI_D_INFO, " Event:\n"));
360 DEBUG ((EFI_D_INFO, " PCRIndex - %d\n", EventHdr->PCRIndex));
361 DEBUG ((EFI_D_INFO, " EventType - 0x%08x\n", EventHdr->EventType));
362 DEBUG ((EFI_D_INFO, " Digest - "));
363 for (Index = 0; Index < sizeof(TCG_DIGEST); Index++) {
364 DEBUG ((EFI_D_INFO, "%02x ", EventHdr->Digest.digest[Index]));
365 }
366 DEBUG ((EFI_D_INFO, "\n"));
367 DEBUG ((EFI_D_INFO, " EventSize - 0x%08x\n", EventHdr->EventSize));
368 InternalDumpHex ((UINT8 *)(EventHdr + 1), EventHdr->EventSize);
369 }
370
371 /**
372 This function dump TCG_EfiSpecIDEventStruct.
373
374 @param[in] TcgEfiSpecIdEventStruct A pointer to TCG_EfiSpecIDEventStruct.
375 **/
376 VOID
377 DumpTcgEfiSpecIdEventStruct (
378 IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct
379 )
380 {
381 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
382 UINTN Index;
383 UINT8 *VendorInfoSize;
384 UINT8 *VendorInfo;
385 UINT32 NumberOfAlgorithms;
386
387 DEBUG ((EFI_D_INFO, " TCG_EfiSpecIDEventStruct:\n"));
388 DEBUG ((EFI_D_INFO, " signature - '"));
389 for (Index = 0; Index < sizeof(TcgEfiSpecIdEventStruct->signature); Index++) {
390 DEBUG ((EFI_D_INFO, "%c", TcgEfiSpecIdEventStruct->signature[Index]));
391 }
392 DEBUG ((EFI_D_INFO, "'\n"));
393 DEBUG ((EFI_D_INFO, " platformClass - 0x%08x\n", TcgEfiSpecIdEventStruct->platformClass));
394 DEBUG ((EFI_D_INFO, " specVersion - %d.%d%d\n", TcgEfiSpecIdEventStruct->specVersionMajor, TcgEfiSpecIdEventStruct->specVersionMinor, TcgEfiSpecIdEventStruct->specErrata));
395 DEBUG ((EFI_D_INFO, " uintnSize - 0x%02x\n", TcgEfiSpecIdEventStruct->uintnSize));
396
397 CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof(NumberOfAlgorithms));
398 DEBUG ((EFI_D_INFO, " NumberOfAlgorithms - 0x%08x\n", NumberOfAlgorithms));
399
400 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));
401 for (Index = 0; Index < NumberOfAlgorithms; Index++) {
402 DEBUG ((EFI_D_INFO, " digest(%d)\n", Index));
403 DEBUG ((EFI_D_INFO, " algorithmId - 0x%04x\n", DigestSize[Index].algorithmId));
404 DEBUG ((EFI_D_INFO, " digestSize - 0x%04x\n", DigestSize[Index].digestSize));
405 }
406 VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];
407 DEBUG ((EFI_D_INFO, " VendorInfoSize - 0x%02x\n", *VendorInfoSize));
408 VendorInfo = VendorInfoSize + 1;
409 DEBUG ((EFI_D_INFO, " VendorInfo - "));
410 for (Index = 0; Index < *VendorInfoSize; Index++) {
411 DEBUG ((EFI_D_INFO, "%02x ", VendorInfo[Index]));
412 }
413 DEBUG ((EFI_D_INFO, "\n"));
414 }
415
416 /**
417 This function get size of TCG_EfiSpecIDEventStruct.
418
419 @param[in] TcgEfiSpecIdEventStruct A pointer to TCG_EfiSpecIDEventStruct.
420 **/
421 UINTN
422 GetTcgEfiSpecIdEventStructSize (
423 IN TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct
424 )
425 {
426 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
427 UINT8 *VendorInfoSize;
428 UINT32 NumberOfAlgorithms;
429
430 CopyMem (&NumberOfAlgorithms, TcgEfiSpecIdEventStruct + 1, sizeof(NumberOfAlgorithms));
431
432 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));
433 VendorInfoSize = (UINT8 *)&DigestSize[NumberOfAlgorithms];
434 return sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (NumberOfAlgorithms * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8) + (*VendorInfoSize);
435 }
436
437 /**
438 This function dump PCR event 2.
439
440 @param[in] TcgPcrEvent2 TCG PCR event 2 structure.
441 **/
442 VOID
443 DumpEvent2 (
444 IN TCG_PCR_EVENT2 *TcgPcrEvent2
445 )
446 {
447 UINTN Index;
448 UINT32 DigestIndex;
449 UINT32 DigestCount;
450 TPMI_ALG_HASH HashAlgo;
451 UINT32 DigestSize;
452 UINT8 *DigestBuffer;
453 UINT32 EventSize;
454 UINT8 *EventBuffer;
455
456 DEBUG ((EFI_D_INFO, " Event:\n"));
457 DEBUG ((EFI_D_INFO, " PCRIndex - %d\n", TcgPcrEvent2->PCRIndex));
458 DEBUG ((EFI_D_INFO, " EventType - 0x%08x\n", TcgPcrEvent2->EventType));
459
460 DEBUG ((EFI_D_INFO, " DigestCount: 0x%08x\n", TcgPcrEvent2->Digest.count));
461
462 DigestCount = TcgPcrEvent2->Digest.count;
463 HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;
464 DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;
465 for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {
466 DEBUG ((EFI_D_INFO, " HashAlgo : 0x%04x\n", HashAlgo));
467 DEBUG ((EFI_D_INFO, " Digest(%d): ", DigestIndex));
468 DigestSize = GetHashSizeFromAlgo (HashAlgo);
469 for (Index = 0; Index < DigestSize; Index++) {
470 DEBUG ((EFI_D_INFO, "%02x ", DigestBuffer[Index]));
471 }
472 DEBUG ((EFI_D_INFO, "\n"));
473 //
474 // Prepare next
475 //
476 CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof(TPMI_ALG_HASH));
477 DigestBuffer = DigestBuffer + DigestSize + sizeof(TPMI_ALG_HASH);
478 }
479 DEBUG ((EFI_D_INFO, "\n"));
480 DigestBuffer = DigestBuffer - sizeof(TPMI_ALG_HASH);
481
482 CopyMem (&EventSize, DigestBuffer, sizeof(TcgPcrEvent2->EventSize));
483 DEBUG ((EFI_D_INFO, " EventSize - 0x%08x\n", EventSize));
484 EventBuffer = DigestBuffer + sizeof(TcgPcrEvent2->EventSize);
485 InternalDumpHex (EventBuffer, EventSize);
486 }
487
488 /**
489 This function returns size of TCG PCR event 2.
490
491 @param[in] TcgPcrEvent2 TCG PCR event 2 structure.
492
493 @return size of TCG PCR event 2.
494 **/
495 UINTN
496 GetPcrEvent2Size (
497 IN TCG_PCR_EVENT2 *TcgPcrEvent2
498 )
499 {
500 UINT32 DigestIndex;
501 UINT32 DigestCount;
502 TPMI_ALG_HASH HashAlgo;
503 UINT32 DigestSize;
504 UINT8 *DigestBuffer;
505 UINT32 EventSize;
506 UINT8 *EventBuffer;
507
508 DigestCount = TcgPcrEvent2->Digest.count;
509 HashAlgo = TcgPcrEvent2->Digest.digests[0].hashAlg;
510 DigestBuffer = (UINT8 *)&TcgPcrEvent2->Digest.digests[0].digest;
511 for (DigestIndex = 0; DigestIndex < DigestCount; DigestIndex++) {
512 DigestSize = GetHashSizeFromAlgo (HashAlgo);
513 //
514 // Prepare next
515 //
516 CopyMem (&HashAlgo, DigestBuffer + DigestSize, sizeof(TPMI_ALG_HASH));
517 DigestBuffer = DigestBuffer + DigestSize + sizeof(TPMI_ALG_HASH);
518 }
519 DigestBuffer = DigestBuffer - sizeof(TPMI_ALG_HASH);
520
521 CopyMem (&EventSize, DigestBuffer, sizeof(TcgPcrEvent2->EventSize));
522 EventBuffer = DigestBuffer + sizeof(TcgPcrEvent2->EventSize);
523
524 return (UINTN)EventBuffer + EventSize - (UINTN)TcgPcrEvent2;
525 }
526
527 /**
528 This function dump event log.
529
530 @param[in] EventLogFormat The type of the event log for which the information is requested.
531 @param[in] EventLogLocation A pointer to the memory address of the event log.
532 @param[in] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the
533 address of the start of the last entry in the event log in memory.
534 @param[in] FinalEventsTable A pointer to the memory address of the final event table.
535 **/
536 VOID
537 DumpEventLog (
538 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
539 IN EFI_PHYSICAL_ADDRESS EventLogLocation,
540 IN EFI_PHYSICAL_ADDRESS EventLogLastEntry,
541 IN EFI_TCG2_FINAL_EVENTS_TABLE *FinalEventsTable
542 )
543 {
544 TCG_PCR_EVENT_HDR *EventHdr;
545 TCG_PCR_EVENT2 *TcgPcrEvent2;
546 TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
547 UINTN NumberOfEvents;
548
549 DEBUG ((EFI_D_INFO, "EventLogFormat: (0x%x)\n", EventLogFormat));
550
551 switch (EventLogFormat) {
552 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
553 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
554 while ((UINTN)EventHdr <= EventLogLastEntry) {
555 DumpEvent (EventHdr);
556 EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof(TCG_PCR_EVENT_HDR) + EventHdr->EventSize);
557 }
558 if (FinalEventsTable == NULL) {
559 DEBUG ((EFI_D_INFO, "FinalEventsTable: NOT FOUND\n"));
560 } else {
561 DEBUG ((EFI_D_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));
562 DEBUG ((EFI_D_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));
563 DEBUG ((EFI_D_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));
564
565 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)(FinalEventsTable + 1);
566 for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {
567 DumpEvent (EventHdr);
568 EventHdr = (TCG_PCR_EVENT_HDR *)((UINTN)EventHdr + sizeof(TCG_PCR_EVENT_HDR) + EventHdr->EventSize);
569 }
570 }
571 break;
572 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
573 //
574 // Dump first event
575 //
576 EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
577 DumpEvent (EventHdr);
578
579 TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)(EventHdr + 1);
580 DumpTcgEfiSpecIdEventStruct (TcgEfiSpecIdEventStruct);
581
582 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgEfiSpecIdEventStruct + GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct));
583 while ((UINTN)TcgPcrEvent2 <= EventLogLastEntry) {
584 DumpEvent2 (TcgPcrEvent2);
585 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));
586 }
587
588 if (FinalEventsTable == NULL) {
589 DEBUG ((EFI_D_INFO, "FinalEventsTable: NOT FOUND\n"));
590 } else {
591 DEBUG ((EFI_D_INFO, "FinalEventsTable: (0x%x)\n", FinalEventsTable));
592 DEBUG ((EFI_D_INFO, " Version: (0x%x)\n", FinalEventsTable->Version));
593 DEBUG ((EFI_D_INFO, " NumberOfEvents: (0x%x)\n", FinalEventsTable->NumberOfEvents));
594
595 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)(UINTN)(FinalEventsTable + 1);
596 for (NumberOfEvents = 0; NumberOfEvents < FinalEventsTable->NumberOfEvents; NumberOfEvents++) {
597 DumpEvent2 (TcgPcrEvent2);
598 TcgPcrEvent2 = (TCG_PCR_EVENT2 *)((UINTN)TcgPcrEvent2 + GetPcrEvent2Size (TcgPcrEvent2));
599 }
600 }
601 break;
602 }
603
604 return ;
605 }
606
607 /**
608 The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to
609 retrieve the address of a given event log and its last entry.
610
611 @param[in] This Indicates the calling context
612 @param[in] EventLogFormat The type of the event log for which the information is requested.
613 @param[out] EventLogLocation A pointer to the memory address of the event log.
614 @param[out] EventLogLastEntry If the Event Log contains more than one entry, this is a pointer to the
615 address of the start of the last entry in the event log in memory.
616 @param[out] EventLogTruncated If the Event Log is missing at least one entry because an event would
617 have exceeded the area allocated for events, this value is set to TRUE.
618 Otherwise, the value will be FALSE and the Event Log will be complete.
619
620 @retval EFI_SUCCESS Operation completed successfully.
621 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect
622 (e.g. asking for an event log whose format is not supported).
623 **/
624 EFI_STATUS
625 EFIAPI
626 Tcg2GetEventLog (
627 IN EFI_TCG2_PROTOCOL *This,
628 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
629 OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
630 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry,
631 OUT BOOLEAN *EventLogTruncated
632 )
633 {
634 UINTN Index;
635
636 DEBUG ((EFI_D_INFO, "Tcg2GetEventLog ... (0x%x)\n", EventLogFormat));
637
638 if (This == NULL) {
639 return EFI_INVALID_PARAMETER;
640 }
641
642 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
643 if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {
644 break;
645 }
646 }
647
648 if (Index == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0])) {
649 return EFI_INVALID_PARAMETER;
650 }
651
652 if ((mTcg2EventInfo[Index].LogFormat & mTcgDxeData.BsCap.SupportedEventLogs) == 0) {
653 return EFI_INVALID_PARAMETER;
654 }
655
656 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
657 if (EventLogLocation != NULL) {
658 *EventLogLocation = 0;
659 }
660 if (EventLogLastEntry != NULL) {
661 *EventLogLastEntry = 0;
662 }
663 if (EventLogTruncated != NULL) {
664 *EventLogTruncated = FALSE;
665 }
666 return EFI_SUCCESS;
667 }
668
669 if (EventLogLocation != NULL) {
670 *EventLogLocation = mTcgDxeData.EventLogAreaStruct[Index].Lasa;
671 DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogLocation - %x)\n", *EventLogLocation));
672 }
673
674 if (EventLogLastEntry != NULL) {
675 if (!mTcgDxeData.EventLogAreaStruct[Index].EventLogStarted) {
676 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;
677 } else {
678 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)mTcgDxeData.EventLogAreaStruct[Index].LastEvent;
679 }
680 DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogLastEntry - %x)\n", *EventLogLastEntry));
681 }
682
683 if (EventLogTruncated != NULL) {
684 *EventLogTruncated = mTcgDxeData.EventLogAreaStruct[Index].EventLogTruncated;
685 DEBUG ((EFI_D_INFO, "Tcg2GetEventLog (EventLogTruncated - %x)\n", *EventLogTruncated));
686 }
687
688 DEBUG ((EFI_D_INFO, "Tcg2GetEventLog - %r\n", EFI_SUCCESS));
689
690 // Dump Event Log for debug purpose
691 if ((EventLogLocation != NULL) && (EventLogLastEntry != NULL)) {
692 DumpEventLog (EventLogFormat, *EventLogLocation, *EventLogLastEntry, mTcgDxeData.FinalEventsTable[Index]);
693 }
694
695 //
696 // All events generated after the invocation of EFI_TCG2_GET_EVENT_LOG SHALL be stored
697 // in an instance of an EFI_CONFIGURATION_TABLE named by the VendorGuid of EFI_TCG2_FINAL_EVENTS_TABLE_GUID.
698 //
699 mTcgDxeData.GetEventLogCalled[Index] = TRUE;
700
701 return EFI_SUCCESS;
702 }
703
704 /**
705 Add a new entry to the Event Log.
706
707 @param[in, out] EventLogPtr Pointer to the Event Log data.
708 @param[in, out] LogSize Size of the Event Log.
709 @param[in] MaxSize Maximum size of the Event Log.
710 @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
711 @param[in] NewEventHdrSize New event header size.
712 @param[in] NewEventData Pointer to the new event data.
713 @param[in] NewEventSize New event data size.
714
715 @retval EFI_SUCCESS The new event log entry was added.
716 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
717
718 **/
719 EFI_STATUS
720 TcgCommLogEvent (
721 IN OUT UINT8 **EventLogPtr,
722 IN OUT UINTN *LogSize,
723 IN UINTN MaxSize,
724 IN VOID *NewEventHdr,
725 IN UINT32 NewEventHdrSize,
726 IN UINT8 *NewEventData,
727 IN UINT32 NewEventSize
728 )
729 {
730 UINTN NewLogSize;
731
732 if (NewEventSize > MAX_ADDRESS - NewEventHdrSize) {
733 return EFI_OUT_OF_RESOURCES;
734 }
735
736 NewLogSize = NewEventHdrSize + NewEventSize;
737
738 if (NewLogSize > MAX_ADDRESS - *LogSize) {
739 return EFI_OUT_OF_RESOURCES;
740 }
741
742 if (NewLogSize + *LogSize > MaxSize) {
743 DEBUG ((EFI_D_INFO, " MaxSize - 0x%x\n", MaxSize));
744 DEBUG ((EFI_D_INFO, " NewLogSize - 0x%x\n", NewLogSize));
745 DEBUG ((EFI_D_INFO, " LogSize - 0x%x\n", *LogSize));
746 DEBUG ((EFI_D_INFO, "TcgCommLogEvent - %r\n", EFI_OUT_OF_RESOURCES));
747 return EFI_OUT_OF_RESOURCES;
748 }
749
750 *EventLogPtr += *LogSize;
751 *LogSize += NewLogSize;
752 CopyMem (*EventLogPtr, NewEventHdr, NewEventHdrSize);
753 CopyMem (
754 *EventLogPtr + NewEventHdrSize,
755 NewEventData,
756 NewEventSize
757 );
758 return EFI_SUCCESS;
759 }
760
761 /**
762 Add a new entry to the Event Log.
763
764 @param[in] EventLogFormat The type of the event log for which the information is requested.
765 @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
766 @param[in] NewEventHdrSize New event header size.
767 @param[in] NewEventData Pointer to the new event data.
768 @param[in] NewEventSize New event data size.
769
770 @retval EFI_SUCCESS The new event log entry was added.
771 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
772
773 **/
774 EFI_STATUS
775 TcgDxeLogEvent (
776 IN EFI_TCG2_EVENT_LOG_FORMAT EventLogFormat,
777 IN VOID *NewEventHdr,
778 IN UINT32 NewEventHdrSize,
779 IN UINT8 *NewEventData,
780 IN UINT32 NewEventSize
781 )
782 {
783 EFI_STATUS Status;
784 UINTN Index;
785 TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct;
786
787 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
788 if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {
789 break;
790 }
791 }
792
793 if (Index == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0])) {
794 return EFI_INVALID_PARAMETER;
795 }
796
797 //
798 // Record to normal event log
799 //
800 EventLogAreaStruct = &mTcgDxeData.EventLogAreaStruct[Index];
801
802 if (EventLogAreaStruct->EventLogTruncated) {
803 return EFI_VOLUME_FULL;
804 }
805
806 EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;
807 Status = TcgCommLogEvent (
808 &EventLogAreaStruct->LastEvent,
809 &EventLogAreaStruct->EventLogSize,
810 (UINTN)EventLogAreaStruct->Laml,
811 NewEventHdr,
812 NewEventHdrSize,
813 NewEventData,
814 NewEventSize
815 );
816
817 if (Status == EFI_OUT_OF_RESOURCES) {
818 EventLogAreaStruct->EventLogTruncated = TRUE;
819 return EFI_VOLUME_FULL;
820 } else if (Status == EFI_SUCCESS) {
821 EventLogAreaStruct->EventLogStarted = TRUE;
822 }
823
824 //
825 // If GetEventLog is called, record to FinalEventsTable, too.
826 //
827 if (mTcgDxeData.GetEventLogCalled[Index]) {
828 if (mTcgDxeData.FinalEventsTable[Index] == NULL) {
829 //
830 // no need for FinalEventsTable
831 //
832 return EFI_SUCCESS;
833 }
834 EventLogAreaStruct = &mTcgDxeData.FinalEventLogAreaStruct[Index];
835
836 if (EventLogAreaStruct->EventLogTruncated) {
837 return EFI_VOLUME_FULL;
838 }
839
840 EventLogAreaStruct->LastEvent = (UINT8*)(UINTN)EventLogAreaStruct->Lasa;
841 Status = TcgCommLogEvent (
842 &EventLogAreaStruct->LastEvent,
843 &EventLogAreaStruct->EventLogSize,
844 (UINTN)EventLogAreaStruct->Laml,
845 NewEventHdr,
846 NewEventHdrSize,
847 NewEventData,
848 NewEventSize
849 );
850 if (Status == EFI_OUT_OF_RESOURCES) {
851 EventLogAreaStruct->EventLogTruncated = TRUE;
852 return EFI_VOLUME_FULL;
853 } else if (Status == EFI_SUCCESS) {
854 EventLogAreaStruct->EventLogStarted = TRUE;
855 //
856 // Increase the NumberOfEvents in FinalEventsTable
857 //
858 (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents ++;
859 DEBUG ((EFI_D_INFO, "FinalEventsTable->NumberOfEvents - 0x%x\n", (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents));
860 DEBUG ((EFI_D_INFO, " Size - 0x%x\n", (UINTN)EventLogAreaStruct->EventLogSize));
861 }
862 }
863
864 return Status;
865 }
866
867 /**
868 Get TPML_DIGEST_VALUES compact binary buffer size.
869
870 @param[in] DigestListBin TPML_DIGEST_VALUES compact binary buffer.
871
872 @return TPML_DIGEST_VALUES compact binary buffer size.
873 **/
874 UINT32
875 GetDigestListBinSize (
876 IN VOID *DigestListBin
877 )
878 {
879 UINTN Index;
880 UINT16 DigestSize;
881 UINT32 TotalSize;
882 UINT32 Count;
883 TPMI_ALG_HASH HashAlg;
884
885 Count = ReadUnaligned32 (DigestListBin);
886 TotalSize = sizeof(Count);
887 DigestListBin = (UINT8 *)DigestListBin + sizeof(Count);
888 for (Index = 0; Index < Count; Index++) {
889 HashAlg = ReadUnaligned16 (DigestListBin);
890 TotalSize += sizeof(HashAlg);
891 DigestListBin = (UINT8 *)DigestListBin + sizeof(HashAlg);
892
893 DigestSize = GetHashSizeFromAlgo (HashAlg);
894 TotalSize += DigestSize;
895 DigestListBin = (UINT8 *)DigestListBin + DigestSize;
896 }
897
898 return TotalSize;
899 }
900
901 /**
902 Copy TPML_DIGEST_VALUES compact binary into a buffer
903
904 @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary.
905 @param[in] DigestListBin TPML_DIGEST_VALUES compact binary buffer.
906 @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy.
907 @param[out] HashAlgorithmMaskCopied Pointer to HASH bits corresponding to the digests copied.
908
909 @return The end of buffer to hold TPML_DIGEST_VALUES compact binary.
910 **/
911 VOID *
912 CopyDigestListBinToBuffer (
913 IN OUT VOID *Buffer,
914 IN VOID *DigestListBin,
915 IN UINT32 HashAlgorithmMask,
916 OUT UINT32 *HashAlgorithmMaskCopied
917 )
918 {
919 UINTN Index;
920 UINT16 DigestSize;
921 UINT32 Count;
922 TPMI_ALG_HASH HashAlg;
923 UINT32 DigestListCount;
924 UINT32 *DigestListCountPtr;
925
926 DigestListCountPtr = (UINT32 *) Buffer;
927 DigestListCount = 0;
928 (*HashAlgorithmMaskCopied) = 0;
929
930 Count = ReadUnaligned32 (DigestListBin);
931 Buffer = (UINT8 *)Buffer + sizeof(Count);
932 DigestListBin = (UINT8 *)DigestListBin + sizeof(Count);
933 for (Index = 0; Index < Count; Index++) {
934 HashAlg = ReadUnaligned16 (DigestListBin);
935 DigestListBin = (UINT8 *)DigestListBin + sizeof(HashAlg);
936 DigestSize = GetHashSizeFromAlgo (HashAlg);
937
938 if (IsHashAlgSupportedInHashAlgorithmMask(HashAlg, HashAlgorithmMask)) {
939 CopyMem (Buffer, &HashAlg, sizeof(HashAlg));
940 Buffer = (UINT8 *)Buffer + sizeof(HashAlg);
941 CopyMem (Buffer, DigestListBin, DigestSize);
942 Buffer = (UINT8 *)Buffer + DigestSize;
943 DigestListCount++;
944 (*HashAlgorithmMaskCopied) |= GetHashMaskFromAlgo (HashAlg);
945 } else {
946 DEBUG ((DEBUG_ERROR, "WARNING: CopyDigestListBinToBuffer Event log has HashAlg unsupported by PCR bank (0x%x)\n", HashAlg));
947 }
948 DigestListBin = (UINT8 *)DigestListBin + DigestSize;
949 }
950 WriteUnaligned32 (DigestListCountPtr, DigestListCount);
951
952 return Buffer;
953 }
954
955 /**
956 Add a new entry to the Event Log.
957
958 @param[in] DigestList A list of digest.
959 @param[in,out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
960 @param[in] NewEventData Pointer to the new event data.
961
962 @retval EFI_SUCCESS The new event log entry was added.
963 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
964 **/
965 EFI_STATUS
966 TcgDxeLogHashEvent (
967 IN TPML_DIGEST_VALUES *DigestList,
968 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
969 IN UINT8 *NewEventData
970 )
971 {
972 EFI_STATUS Status;
973 EFI_TPL OldTpl;
974 UINTN Index;
975 EFI_STATUS RetStatus;
976 TCG_PCR_EVENT2 TcgPcrEvent2;
977 UINT8 *DigestBuffer;
978 UINT32 *EventSizePtr;
979
980 DEBUG ((EFI_D_INFO, "SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));
981
982 RetStatus = EFI_SUCCESS;
983 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
984 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
985 DEBUG ((EFI_D_INFO, " LogFormat - 0x%08x\n", mTcg2EventInfo[Index].LogFormat));
986 switch (mTcg2EventInfo[Index].LogFormat) {
987 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
988 Status = GetDigestFromDigestList (TPM_ALG_SHA1, DigestList, &NewEventHdr->Digest);
989 if (!EFI_ERROR (Status)) {
990 //
991 // Enter critical region
992 //
993 OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);
994 Status = TcgDxeLogEvent (
995 mTcg2EventInfo[Index].LogFormat,
996 NewEventHdr,
997 sizeof(TCG_PCR_EVENT_HDR),
998 NewEventData,
999 NewEventHdr->EventSize
1000 );
1001 if (Status != EFI_SUCCESS) {
1002 RetStatus = Status;
1003 }
1004 gBS->RestoreTPL (OldTpl);
1005 //
1006 // Exit critical region
1007 //
1008 }
1009 break;
1010 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
1011 ZeroMem (&TcgPcrEvent2, sizeof(TcgPcrEvent2));
1012 TcgPcrEvent2.PCRIndex = NewEventHdr->PCRIndex;
1013 TcgPcrEvent2.EventType = NewEventHdr->EventType;
1014 DigestBuffer = (UINT8 *)&TcgPcrEvent2.Digest;
1015 EventSizePtr = CopyDigestListToBuffer (DigestBuffer, DigestList, mTcgDxeData.BsCap.ActivePcrBanks);
1016 CopyMem (EventSizePtr, &NewEventHdr->EventSize, sizeof(NewEventHdr->EventSize));
1017
1018 //
1019 // Enter critical region
1020 //
1021 OldTpl = gBS->RaiseTPL (TPL_HIGH_LEVEL);
1022 Status = TcgDxeLogEvent (
1023 mTcg2EventInfo[Index].LogFormat,
1024 &TcgPcrEvent2,
1025 sizeof(TcgPcrEvent2.PCRIndex) + sizeof(TcgPcrEvent2.EventType) + GetDigestListBinSize (DigestBuffer) + sizeof(TcgPcrEvent2.EventSize),
1026 NewEventData,
1027 NewEventHdr->EventSize
1028 );
1029 if (Status != EFI_SUCCESS) {
1030 RetStatus = Status;
1031 }
1032 gBS->RestoreTPL (OldTpl);
1033 //
1034 // Exit critical region
1035 //
1036 break;
1037 }
1038 }
1039 }
1040
1041 return RetStatus;
1042 }
1043
1044 /**
1045 Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
1046 and add an entry to the Event Log.
1047
1048 @param[in] Flags Bitmap providing additional information.
1049 @param[in] HashData Physical address of the start of the data buffer
1050 to be hashed, extended, and logged.
1051 @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
1052 @param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
1053 @param[in] NewEventData Pointer to the new event data.
1054
1055 @retval EFI_SUCCESS Operation completed successfully.
1056 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
1057 @retval EFI_DEVICE_ERROR The command was unsuccessful.
1058
1059 **/
1060 EFI_STATUS
1061 TcgDxeHashLogExtendEvent (
1062 IN UINT64 Flags,
1063 IN UINT8 *HashData,
1064 IN UINT64 HashDataLen,
1065 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
1066 IN UINT8 *NewEventData
1067 )
1068 {
1069 EFI_STATUS Status;
1070 TPML_DIGEST_VALUES DigestList;
1071
1072 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1073 return EFI_DEVICE_ERROR;
1074 }
1075
1076 Status = HashAndExtend (
1077 NewEventHdr->PCRIndex,
1078 HashData,
1079 (UINTN)HashDataLen,
1080 &DigestList
1081 );
1082 if (!EFI_ERROR (Status)) {
1083 if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
1084 Status = TcgDxeLogHashEvent (&DigestList, NewEventHdr, NewEventData);
1085 }
1086 }
1087
1088 if (Status == EFI_DEVICE_ERROR) {
1089 DEBUG ((EFI_D_ERROR, "TcgDxeHashLogExtendEvent - %r. Disable TPM.\n", Status));
1090 mTcgDxeData.BsCap.TPMPresentFlag = FALSE;
1091 REPORT_STATUS_CODE (
1092 EFI_ERROR_CODE | EFI_ERROR_MINOR,
1093 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
1094 );
1095 }
1096
1097 return Status;
1098 }
1099
1100 /**
1101 The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with
1102 an opportunity to extend and optionally log events without requiring
1103 knowledge of actual TPM commands.
1104 The extend operation will occur even if this function cannot create an event
1105 log entry (e.g. due to the event log being full).
1106
1107 @param[in] This Indicates the calling context
1108 @param[in] Flags Bitmap providing additional information.
1109 @param[in] DataToHash Physical address of the start of the data buffer to be hashed.
1110 @param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.
1111 @param[in] Event Pointer to data buffer containing information about the event.
1112
1113 @retval EFI_SUCCESS Operation completed successfully.
1114 @retval EFI_DEVICE_ERROR The command was unsuccessful.
1115 @retval EFI_VOLUME_FULL The extend operation occurred, but the event could not be written to one or more event logs.
1116 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
1117 @retval EFI_UNSUPPORTED The PE/COFF image type is not supported.
1118 **/
1119 EFI_STATUS
1120 EFIAPI
1121 Tcg2HashLogExtendEvent (
1122 IN EFI_TCG2_PROTOCOL *This,
1123 IN UINT64 Flags,
1124 IN EFI_PHYSICAL_ADDRESS DataToHash,
1125 IN UINT64 DataToHashLen,
1126 IN EFI_TCG2_EVENT *Event
1127 )
1128 {
1129 EFI_STATUS Status;
1130 TCG_PCR_EVENT_HDR NewEventHdr;
1131 TPML_DIGEST_VALUES DigestList;
1132
1133 DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent ...\n"));
1134
1135 if ((This == NULL) || (DataToHash == 0) || (Event == NULL)) {
1136 return EFI_INVALID_PARAMETER;
1137 }
1138
1139 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1140 return EFI_DEVICE_ERROR;
1141 }
1142
1143 if (Event->Size < Event->Header.HeaderSize + sizeof(UINT32)) {
1144 return EFI_INVALID_PARAMETER;
1145 }
1146
1147 if (Event->Header.PCRIndex > MAX_PCR_INDEX) {
1148 return EFI_INVALID_PARAMETER;
1149 }
1150
1151 NewEventHdr.PCRIndex = Event->Header.PCRIndex;
1152 NewEventHdr.EventType = Event->Header.EventType;
1153 NewEventHdr.EventSize = Event->Size - sizeof(UINT32) - Event->Header.HeaderSize;
1154 if ((Flags & PE_COFF_IMAGE) != 0) {
1155 Status = MeasurePeImageAndExtend (
1156 NewEventHdr.PCRIndex,
1157 DataToHash,
1158 (UINTN)DataToHashLen,
1159 &DigestList
1160 );
1161 if (!EFI_ERROR (Status)) {
1162 if ((Flags & EFI_TCG2_EXTEND_ONLY) == 0) {
1163 Status = TcgDxeLogHashEvent (&DigestList, &NewEventHdr, Event->Event);
1164 }
1165 }
1166 if (Status == EFI_DEVICE_ERROR) {
1167 DEBUG ((EFI_D_ERROR, "MeasurePeImageAndExtend - %r. Disable TPM.\n", Status));
1168 mTcgDxeData.BsCap.TPMPresentFlag = FALSE;
1169 REPORT_STATUS_CODE (
1170 EFI_ERROR_CODE | EFI_ERROR_MINOR,
1171 (PcdGet32 (PcdStatusCodeSubClassTpmDevice) | EFI_P_EC_INTERFACE_ERROR)
1172 );
1173 }
1174 } else {
1175 Status = TcgDxeHashLogExtendEvent (
1176 Flags,
1177 (UINT8 *) (UINTN) DataToHash,
1178 DataToHashLen,
1179 &NewEventHdr,
1180 Event->Event
1181 );
1182 }
1183 DEBUG ((DEBUG_VERBOSE, "Tcg2HashLogExtendEvent - %r\n", Status));
1184 return Status;
1185 }
1186
1187 /**
1188 This service enables the sending of commands to the TPM.
1189
1190 @param[in] This Indicates the calling context
1191 @param[in] InputParameterBlockSize Size of the TPM input parameter block.
1192 @param[in] InputParameterBlock Pointer to the TPM input parameter block.
1193 @param[in] OutputParameterBlockSize Size of the TPM output parameter block.
1194 @param[in] OutputParameterBlock Pointer to the TPM output parameter block.
1195
1196 @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
1197 @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
1198 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
1199 @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
1200 **/
1201 EFI_STATUS
1202 EFIAPI
1203 Tcg2SubmitCommand (
1204 IN EFI_TCG2_PROTOCOL *This,
1205 IN UINT32 InputParameterBlockSize,
1206 IN UINT8 *InputParameterBlock,
1207 IN UINT32 OutputParameterBlockSize,
1208 IN UINT8 *OutputParameterBlock
1209 )
1210 {
1211 EFI_STATUS Status;
1212
1213 DEBUG ((EFI_D_INFO, "Tcg2SubmitCommand ...\n"));
1214
1215 if ((This == NULL) ||
1216 (InputParameterBlockSize == 0) || (InputParameterBlock == NULL) ||
1217 (OutputParameterBlockSize == 0) || (OutputParameterBlock == NULL)) {
1218 return EFI_INVALID_PARAMETER;
1219 }
1220
1221 if (!mTcgDxeData.BsCap.TPMPresentFlag) {
1222 return EFI_DEVICE_ERROR;
1223 }
1224
1225 if (InputParameterBlockSize > mTcgDxeData.BsCap.MaxCommandSize) {
1226 return EFI_INVALID_PARAMETER;
1227 }
1228 if (OutputParameterBlockSize > mTcgDxeData.BsCap.MaxResponseSize) {
1229 return EFI_INVALID_PARAMETER;
1230 }
1231
1232 Status = Tpm2SubmitCommand (
1233 InputParameterBlockSize,
1234 InputParameterBlock,
1235 &OutputParameterBlockSize,
1236 OutputParameterBlock
1237 );
1238 DEBUG ((EFI_D_INFO, "Tcg2SubmitCommand - %r\n", Status));
1239 return Status;
1240 }
1241
1242 /**
1243 This service returns the currently active PCR banks.
1244
1245 @param[in] This Indicates the calling context
1246 @param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.
1247
1248 @retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.
1249 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
1250 **/
1251 EFI_STATUS
1252 EFIAPI
1253 Tcg2GetActivePCRBanks (
1254 IN EFI_TCG2_PROTOCOL *This,
1255 OUT UINT32 *ActivePcrBanks
1256 )
1257 {
1258 if (ActivePcrBanks == NULL) {
1259 return EFI_INVALID_PARAMETER;
1260 }
1261 *ActivePcrBanks = mTcgDxeData.BsCap.ActivePcrBanks;
1262 return EFI_SUCCESS;
1263 }
1264
1265 /**
1266 This service sets the currently active PCR banks.
1267
1268 @param[in] This Indicates the calling context
1269 @param[in] ActivePcrBanks Bitmap of the requested active PCR banks. At least one bit SHALL be set.
1270
1271 @retval EFI_SUCCESS The bitmap in ActivePcrBank parameter is already active.
1272 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
1273 **/
1274 EFI_STATUS
1275 EFIAPI
1276 Tcg2SetActivePCRBanks (
1277 IN EFI_TCG2_PROTOCOL *This,
1278 IN UINT32 ActivePcrBanks
1279 )
1280 {
1281 EFI_STATUS Status;
1282 UINT32 ReturnCode;
1283
1284 DEBUG ((EFI_D_INFO, "Tcg2SetActivePCRBanks ... (0x%x)\n", ActivePcrBanks));
1285
1286 if (ActivePcrBanks == 0) {
1287 return EFI_INVALID_PARAMETER;
1288 }
1289 if ((ActivePcrBanks & (~mTcgDxeData.BsCap.HashAlgorithmBitmap)) != 0) {
1290 return EFI_INVALID_PARAMETER;
1291 }
1292 if (ActivePcrBanks == mTcgDxeData.BsCap.ActivePcrBanks) {
1293 //
1294 // Need clear previous SET_PCR_BANKS setting
1295 //
1296 ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_NO_ACTION, 0);
1297 } else {
1298 ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, ActivePcrBanks);
1299 }
1300
1301 if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
1302 Status = EFI_SUCCESS;
1303 } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE) {
1304 Status = EFI_OUT_OF_RESOURCES;
1305 } else if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED) {
1306 Status = EFI_UNSUPPORTED;
1307 } else {
1308 Status = EFI_DEVICE_ERROR;
1309 }
1310
1311 DEBUG ((EFI_D_INFO, "Tcg2SetActivePCRBanks - %r\n", Status));
1312
1313 return Status;
1314 }
1315
1316 /**
1317 This service retrieves the result of a previous invocation of SetActivePcrBanks.
1318
1319 @param[in] This Indicates the calling context
1320 @param[out] OperationPresent Non-zero value to indicate a SetActivePcrBank operation was invoked during the last boot.
1321 @param[out] Response The response from the SetActivePcrBank request.
1322
1323 @retval EFI_SUCCESS The result value could be returned.
1324 @retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
1325 **/
1326 EFI_STATUS
1327 EFIAPI
1328 Tcg2GetResultOfSetActivePcrBanks (
1329 IN EFI_TCG2_PROTOCOL *This,
1330 OUT UINT32 *OperationPresent,
1331 OUT UINT32 *Response
1332 )
1333 {
1334 UINT32 ReturnCode;
1335
1336 if ((OperationPresent == NULL) || (Response == NULL)) {
1337 return EFI_INVALID_PARAMETER;
1338 }
1339
1340 ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (OperationPresent, Response);
1341 if (ReturnCode == TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS) {
1342 return EFI_SUCCESS;
1343 } else {
1344 return EFI_UNSUPPORTED;
1345 }
1346 }
1347
1348 EFI_TCG2_PROTOCOL mTcg2Protocol = {
1349 Tcg2GetCapability,
1350 Tcg2GetEventLog,
1351 Tcg2HashLogExtendEvent,
1352 Tcg2SubmitCommand,
1353 Tcg2GetActivePCRBanks,
1354 Tcg2SetActivePCRBanks,
1355 Tcg2GetResultOfSetActivePcrBanks,
1356 };
1357
1358 /**
1359 Initialize the Event Log and log events passed from the PEI phase.
1360
1361 @retval EFI_SUCCESS Operation completed successfully.
1362 @retval EFI_OUT_OF_RESOURCES Out of memory.
1363
1364 **/
1365 EFI_STATUS
1366 SetupEventLog (
1367 VOID
1368 )
1369 {
1370 EFI_STATUS Status;
1371 VOID *TcgEvent;
1372 EFI_PEI_HOB_POINTERS GuidHob;
1373 EFI_PHYSICAL_ADDRESS Lasa;
1374 UINTN Index;
1375 VOID *DigestListBin;
1376 TPML_DIGEST_VALUES TempDigestListBin;
1377 UINT32 DigestListBinSize;
1378 UINT8 *Event;
1379 UINT32 EventSize;
1380 UINT32 *EventSizePtr;
1381 UINT32 HashAlgorithmMaskCopied;
1382 TCG_EfiSpecIDEventStruct *TcgEfiSpecIdEventStruct;
1383 UINT8 TempBuf[sizeof(TCG_EfiSpecIDEventStruct) + sizeof(UINT32) + (HASH_COUNT * sizeof(TCG_EfiSpecIdEventAlgorithmSize)) + sizeof(UINT8)];
1384 TCG_PCR_EVENT_HDR NoActionEvent;
1385 TCG_EfiSpecIdEventAlgorithmSize *DigestSize;
1386 TCG_EfiSpecIdEventAlgorithmSize *TempDigestSize;
1387 UINT8 *VendorInfoSize;
1388 UINT32 NumberOfAlgorithms;
1389 TCG_EfiStartupLocalityEvent StartupLocalityEvent;
1390
1391 DEBUG ((EFI_D_INFO, "SetupEventLog\n"));
1392
1393 //
1394 // 1. Create Log Area
1395 //
1396 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
1397 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1398 mTcgDxeData.EventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1399 Status = gBS->AllocatePages (
1400 AllocateAnyPages,
1401 EfiBootServicesData,
1402 EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),
1403 &Lasa
1404 );
1405 if (EFI_ERROR (Status)) {
1406 return Status;
1407 }
1408 mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
1409 mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
1410 //
1411 // To initialize them as 0xFF is recommended
1412 // because the OS can know the last entry for that.
1413 //
1414 SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
1415 //
1416 // Create first entry for Log Header Entry Data
1417 //
1418 if (mTcg2EventInfo[Index].LogFormat != EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2) {
1419 //
1420 // TcgEfiSpecIdEventStruct
1421 //
1422 TcgEfiSpecIdEventStruct = (TCG_EfiSpecIDEventStruct *)TempBuf;
1423 CopyMem (TcgEfiSpecIdEventStruct->signature, TCG_EfiSpecIDEventStruct_SIGNATURE_03, sizeof(TcgEfiSpecIdEventStruct->signature));
1424 TcgEfiSpecIdEventStruct->platformClass = PcdGet8 (PcdTpmPlatformClass);
1425 TcgEfiSpecIdEventStruct->specVersionMajor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2;
1426 TcgEfiSpecIdEventStruct->specVersionMinor = TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2;
1427 TcgEfiSpecIdEventStruct->specErrata = TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2;
1428 TcgEfiSpecIdEventStruct->uintnSize = sizeof(UINTN)/sizeof(UINT32);
1429 NumberOfAlgorithms = 0;
1430 DigestSize = (TCG_EfiSpecIdEventAlgorithmSize *)((UINT8 *)TcgEfiSpecIdEventStruct + sizeof(*TcgEfiSpecIdEventStruct) + sizeof(NumberOfAlgorithms));
1431 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) != 0) {
1432 TempDigestSize = DigestSize;
1433 TempDigestSize += NumberOfAlgorithms;
1434 TempDigestSize->algorithmId = TPM_ALG_SHA1;
1435 TempDigestSize->digestSize = SHA1_DIGEST_SIZE;
1436 NumberOfAlgorithms++;
1437 }
1438 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
1439 TempDigestSize = DigestSize;
1440 TempDigestSize += NumberOfAlgorithms;
1441 TempDigestSize->algorithmId = TPM_ALG_SHA256;
1442 TempDigestSize->digestSize = SHA256_DIGEST_SIZE;
1443 NumberOfAlgorithms++;
1444 }
1445 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
1446 TempDigestSize = DigestSize;
1447 TempDigestSize += NumberOfAlgorithms;
1448 TempDigestSize->algorithmId = TPM_ALG_SHA384;
1449 TempDigestSize->digestSize = SHA384_DIGEST_SIZE;
1450 NumberOfAlgorithms++;
1451 }
1452 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
1453 TempDigestSize = DigestSize;
1454 TempDigestSize += NumberOfAlgorithms;
1455 TempDigestSize->algorithmId = TPM_ALG_SHA512;
1456 TempDigestSize->digestSize = SHA512_DIGEST_SIZE;
1457 NumberOfAlgorithms++;
1458 }
1459 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
1460 TempDigestSize = DigestSize;
1461 TempDigestSize += NumberOfAlgorithms;
1462 TempDigestSize->algorithmId = TPM_ALG_SM3_256;
1463 TempDigestSize->digestSize = SM3_256_DIGEST_SIZE;
1464 NumberOfAlgorithms++;
1465 }
1466 CopyMem (TcgEfiSpecIdEventStruct + 1, &NumberOfAlgorithms, sizeof(NumberOfAlgorithms));
1467 TempDigestSize = DigestSize;
1468 TempDigestSize += NumberOfAlgorithms;
1469 VendorInfoSize = (UINT8 *)TempDigestSize;
1470 *VendorInfoSize = 0;
1471
1472 NoActionEvent.PCRIndex = 0;
1473 NoActionEvent.EventType = EV_NO_ACTION;
1474 ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
1475 NoActionEvent.EventSize = (UINT32)GetTcgEfiSpecIdEventStructSize (TcgEfiSpecIdEventStruct);
1476
1477 //
1478 // Log TcgEfiSpecIdEventStruct as the first Event
1479 // TCG PC Client PFP spec. Section 9.2 Measurement Event Entries and Log
1480 //
1481 Status = TcgDxeLogEvent (
1482 mTcg2EventInfo[Index].LogFormat,
1483 &NoActionEvent,
1484 sizeof(NoActionEvent),
1485 (UINT8 *)TcgEfiSpecIdEventStruct,
1486 NoActionEvent.EventSize
1487 );
1488
1489 //
1490 // EfiStartupLocalityEvent
1491 //
1492 GuidHob.Guid = GetFirstGuidHob (&gTpm2StartupLocalityHobGuid);
1493 if (GuidHob.Guid != NULL) {
1494 //
1495 // Get Locality Indicator from StartupLocality HOB
1496 //
1497 StartupLocalityEvent.StartupLocality = *(UINT8 *)(GET_GUID_HOB_DATA (GuidHob.Guid));
1498 CopyMem (StartupLocalityEvent.Signature, TCG_EfiStartupLocalityEvent_SIGNATURE, sizeof(StartupLocalityEvent.Signature));
1499
1500 NoActionEvent.PCRIndex = 0;
1501 NoActionEvent.EventType = EV_NO_ACTION;
1502 ZeroMem (&NoActionEvent.Digest, sizeof(NoActionEvent.Digest));
1503 NoActionEvent.EventSize = sizeof(StartupLocalityEvent);
1504
1505 DEBUG ((DEBUG_INFO, "SetupEventLog: Set Locality from HOB into StartupLocalityEvent 0x%02x\n", StartupLocalityEvent.StartupLocality));
1506
1507 //
1508 // Log EfiStartupLocalityEvent as the second Event
1509 // TCG PC Client PFP spec. Section 9.3.4.3 Startup Locality Event
1510 //
1511 Status = TcgDxeLogEvent (
1512 mTcg2EventInfo[Index].LogFormat,
1513 &NoActionEvent,
1514 sizeof(NoActionEvent),
1515 (UINT8 *)&StartupLocalityEvent,
1516 NoActionEvent.EventSize
1517 );
1518 }
1519 }
1520 }
1521 }
1522
1523 //
1524 // 2. Create Final Log Area
1525 //
1526 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
1527 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1528 if (mTcg2EventInfo[Index].LogFormat == EFI_TCG2_EVENT_LOG_FORMAT_TCG_2) {
1529 Status = gBS->AllocatePages (
1530 AllocateAnyPages,
1531 EfiACPIMemoryNVS,
1532 EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcg2FinalLogAreaLen)),
1533 &Lasa
1534 );
1535 if (EFI_ERROR (Status)) {
1536 return Status;
1537 }
1538 SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcg2FinalLogAreaLen), 0xFF);
1539
1540 //
1541 // Initialize
1542 //
1543 mTcgDxeData.FinalEventsTable[Index] = (VOID *)(UINTN)Lasa;
1544 (mTcgDxeData.FinalEventsTable[Index])->Version = EFI_TCG2_FINAL_EVENTS_TABLE_VERSION;
1545 (mTcgDxeData.FinalEventsTable[Index])->NumberOfEvents = 0;
1546
1547 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1548 mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = Lasa + sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
1549 mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcg2FinalLogAreaLen) - sizeof(EFI_TCG2_FINAL_EVENTS_TABLE);
1550 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
1551 mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = (VOID *)(UINTN)mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa;
1552 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
1553 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
1554
1555 //
1556 // Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2
1557 //
1558 Status = gBS->InstallConfigurationTable (&gEfiTcg2FinalEventsTableGuid, (VOID *)mTcgDxeData.FinalEventsTable[Index]);
1559 if (EFI_ERROR (Status)) {
1560 return Status;
1561 }
1562 } else {
1563 //
1564 // No need to handle EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2
1565 //
1566 mTcgDxeData.FinalEventsTable[Index] = NULL;
1567 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogFormat = mTcg2EventInfo[Index].LogFormat;
1568 mTcgDxeData.FinalEventLogAreaStruct[Index].Lasa = 0;
1569 mTcgDxeData.FinalEventLogAreaStruct[Index].Laml = 0;
1570 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogSize = 0;
1571 mTcgDxeData.FinalEventLogAreaStruct[Index].LastEvent = 0;
1572 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogStarted = FALSE;
1573 mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
1574 }
1575 }
1576 }
1577
1578 //
1579 // 3. Sync data from PEI to DXE
1580 //
1581 Status = EFI_SUCCESS;
1582 for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
1583 if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
1584 GuidHob.Raw = GetHobList ();
1585 Status = EFI_SUCCESS;
1586 while (!EFI_ERROR (Status) &&
1587 (GuidHob.Raw = GetNextGuidHob (mTcg2EventInfo[Index].EventGuid, GuidHob.Raw)) != NULL) {
1588 TcgEvent = AllocateCopyPool (GET_GUID_HOB_DATA_SIZE (GuidHob.Guid), GET_GUID_HOB_DATA (GuidHob.Guid));
1589 ASSERT (TcgEvent != NULL);
1590 GuidHob.Raw = GET_NEXT_HOB (GuidHob);
1591 switch (mTcg2EventInfo[Index].LogFormat) {
1592 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
1593 Status = TcgDxeLogEvent (
1594 mTcg2EventInfo[Index].LogFormat,
1595 TcgEvent,
1596 sizeof(TCG_PCR_EVENT_HDR),
1597 ((TCG_PCR_EVENT*)TcgEvent)->Event,
1598 ((TCG_PCR_EVENT_HDR*)TcgEvent)->EventSize
1599 );
1600 break;
1601 case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
1602 DigestListBin = (UINT8 *)TcgEvent + sizeof(TCG_PCRINDEX) + sizeof(TCG_EVENTTYPE);
1603 DigestListBinSize = GetDigestListBinSize (DigestListBin);
1604 //
1605 // Save event size.
1606 //
1607 CopyMem (&EventSize, (UINT8 *)DigestListBin + DigestListBinSize, sizeof(UINT32));
1608 Event = (UINT8 *)DigestListBin + DigestListBinSize + sizeof(UINT32);
1609 //
1610 // Filter inactive digest in the event2 log from PEI HOB.
1611 //
1612 CopyMem (&TempDigestListBin, DigestListBin, GetDigestListBinSize (DigestListBin));
1613 EventSizePtr = CopyDigestListBinToBuffer (
1614 DigestListBin,
1615 &TempDigestListBin,
1616 mTcgDxeData.BsCap.ActivePcrBanks,
1617 &HashAlgorithmMaskCopied
1618 );
1619 if (HashAlgorithmMaskCopied != mTcgDxeData.BsCap.ActivePcrBanks) {
1620 DEBUG ((
1621 DEBUG_ERROR,
1622 "ERROR: The event2 log includes digest hash mask 0x%x, but required digest hash mask is 0x%x\n",
1623 HashAlgorithmMaskCopied,
1624 mTcgDxeData.BsCap.ActivePcrBanks
1625 ));
1626 }
1627 //
1628 // Restore event size.
1629 //
1630 CopyMem (EventSizePtr, &EventSize, sizeof(UINT32));
1631 DigestListBinSize = GetDigestListBinSize (DigestListBin);
1632
1633 Status = TcgDxeLogEvent (
1634 mTcg2EventInfo[Index].LogFormat,
1635 TcgEvent,
1636 sizeof(TCG_PCRINDEX) + sizeof(TCG_EVENTTYPE) + DigestListBinSize + sizeof(UINT32),
1637 Event,
1638 EventSize
1639 );
1640 break;
1641 }
1642 FreePool (TcgEvent);
1643 }
1644 }
1645 }
1646
1647 return Status;
1648 }
1649
1650 /**
1651 Measure and log an action string, and extend the measurement result into PCR[PCRIndex].
1652
1653 @param[in] PCRIndex PCRIndex to extend
1654 @param[in] String A specific string that indicates an Action event.
1655
1656 @retval EFI_SUCCESS Operation completed successfully.
1657 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1658
1659 **/
1660 EFI_STATUS
1661 TcgMeasureAction (
1662 IN TPM_PCRINDEX PCRIndex,
1663 IN CHAR8 *String
1664 )
1665 {
1666 TCG_PCR_EVENT_HDR TcgEvent;
1667
1668 TcgEvent.PCRIndex = PCRIndex;
1669 TcgEvent.EventType = EV_EFI_ACTION;
1670 TcgEvent.EventSize = (UINT32)AsciiStrLen (String);
1671 return TcgDxeHashLogExtendEvent (
1672 0,
1673 (UINT8*)String,
1674 TcgEvent.EventSize,
1675 &TcgEvent,
1676 (UINT8 *) String
1677 );
1678 }
1679
1680 /**
1681 Measure and log EFI handoff tables, and extend the measurement result into PCR[1].
1682
1683 @retval EFI_SUCCESS Operation completed successfully.
1684 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1685
1686 **/
1687 EFI_STATUS
1688 MeasureHandoffTables (
1689 VOID
1690 )
1691 {
1692 EFI_STATUS Status;
1693 TCG_PCR_EVENT_HDR TcgEvent;
1694 EFI_HANDOFF_TABLE_POINTERS HandoffTables;
1695 UINTN ProcessorNum;
1696 EFI_CPU_PHYSICAL_LOCATION *ProcessorLocBuf;
1697
1698 ProcessorLocBuf = NULL;
1699 Status = EFI_SUCCESS;
1700
1701 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
1702 //
1703 // Tcg Server spec.
1704 // Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
1705 //
1706 Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);
1707
1708 if (!EFI_ERROR(Status)){
1709 TcgEvent.PCRIndex = 1;
1710 TcgEvent.EventType = EV_TABLE_OF_DEVICES;
1711 TcgEvent.EventSize = sizeof (HandoffTables);
1712
1713 HandoffTables.NumberOfTables = 1;
1714 HandoffTables.TableEntry[0].VendorGuid = gEfiMpServiceProtocolGuid;
1715 HandoffTables.TableEntry[0].VendorTable = ProcessorLocBuf;
1716
1717 Status = TcgDxeHashLogExtendEvent (
1718 0,
1719 (UINT8*)(UINTN)ProcessorLocBuf,
1720 sizeof(EFI_CPU_PHYSICAL_LOCATION) * ProcessorNum,
1721 &TcgEvent,
1722 (UINT8*)&HandoffTables
1723 );
1724
1725 FreePool(ProcessorLocBuf);
1726 }
1727 }
1728
1729 return Status;
1730 }
1731
1732 /**
1733 Measure and log Separator event, and extend the measurement result into a specific PCR.
1734
1735 @param[in] PCRIndex PCR index.
1736
1737 @retval EFI_SUCCESS Operation completed successfully.
1738 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1739
1740 **/
1741 EFI_STATUS
1742 MeasureSeparatorEvent (
1743 IN TPM_PCRINDEX PCRIndex
1744 )
1745 {
1746 TCG_PCR_EVENT_HDR TcgEvent;
1747 UINT32 EventData;
1748
1749 DEBUG ((EFI_D_INFO, "MeasureSeparatorEvent Pcr - %x\n", PCRIndex));
1750
1751 EventData = 0;
1752 TcgEvent.PCRIndex = PCRIndex;
1753 TcgEvent.EventType = EV_SEPARATOR;
1754 TcgEvent.EventSize = (UINT32)sizeof (EventData);
1755 return TcgDxeHashLogExtendEvent (
1756 0,
1757 (UINT8 *)&EventData,
1758 sizeof (EventData),
1759 &TcgEvent,
1760 (UINT8 *)&EventData
1761 );
1762 }
1763
1764 /**
1765 Measure and log an EFI variable, and extend the measurement result into a specific PCR.
1766
1767 @param[in] PCRIndex PCR Index.
1768 @param[in] EventType Event type.
1769 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
1770 @param[in] VendorGuid A unique identifier for the vendor.
1771 @param[in] VarData The content of the variable data.
1772 @param[in] VarSize The size of the variable data.
1773
1774 @retval EFI_SUCCESS Operation completed successfully.
1775 @retval EFI_OUT_OF_RESOURCES Out of memory.
1776 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1777
1778 **/
1779 EFI_STATUS
1780 MeasureVariable (
1781 IN TPM_PCRINDEX PCRIndex,
1782 IN TCG_EVENTTYPE EventType,
1783 IN CHAR16 *VarName,
1784 IN EFI_GUID *VendorGuid,
1785 IN VOID *VarData,
1786 IN UINTN VarSize
1787 )
1788 {
1789 EFI_STATUS Status;
1790 TCG_PCR_EVENT_HDR TcgEvent;
1791 UINTN VarNameLength;
1792 UEFI_VARIABLE_DATA *VarLog;
1793
1794 DEBUG ((EFI_D_INFO, "Tcg2Dxe: MeasureVariable (Pcr - %x, EventType - %x, ", (UINTN)PCRIndex, (UINTN)EventType));
1795 DEBUG ((EFI_D_INFO, "VariableName - %s, VendorGuid - %g)\n", VarName, VendorGuid));
1796
1797 VarNameLength = StrLen (VarName);
1798 TcgEvent.PCRIndex = PCRIndex;
1799 TcgEvent.EventType = EventType;
1800
1801 TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
1802 - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
1803
1804 VarLog = (UEFI_VARIABLE_DATA *)AllocatePool (TcgEvent.EventSize);
1805 if (VarLog == NULL) {
1806 return EFI_OUT_OF_RESOURCES;
1807 }
1808
1809 VarLog->VariableName = *VendorGuid;
1810 VarLog->UnicodeNameLength = VarNameLength;
1811 VarLog->VariableDataLength = VarSize;
1812 CopyMem (
1813 VarLog->UnicodeName,
1814 VarName,
1815 VarNameLength * sizeof (*VarName)
1816 );
1817 if (VarSize != 0 && VarData != NULL) {
1818 CopyMem (
1819 (CHAR16 *)VarLog->UnicodeName + VarNameLength,
1820 VarData,
1821 VarSize
1822 );
1823 }
1824
1825 if (EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) {
1826 //
1827 // Digest is the event data (UEFI_VARIABLE_DATA)
1828 //
1829 Status = TcgDxeHashLogExtendEvent (
1830 0,
1831 (UINT8*)VarLog,
1832 TcgEvent.EventSize,
1833 &TcgEvent,
1834 (UINT8*)VarLog
1835 );
1836 } else {
1837 ASSERT (VarData != NULL);
1838 Status = TcgDxeHashLogExtendEvent (
1839 0,
1840 (UINT8*)VarData,
1841 VarSize,
1842 &TcgEvent,
1843 (UINT8*)VarLog
1844 );
1845 }
1846 FreePool (VarLog);
1847 return Status;
1848 }
1849
1850 /**
1851 Read then Measure and log an EFI variable, and extend the measurement result into a specific PCR.
1852
1853 @param[in] PCRIndex PCR Index.
1854 @param[in] EventType Event type.
1855 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
1856 @param[in] VendorGuid A unique identifier for the vendor.
1857 @param[out] VarSize The size of the variable data.
1858 @param[out] VarData Pointer to the content of the variable.
1859
1860 @retval EFI_SUCCESS Operation completed successfully.
1861 @retval EFI_OUT_OF_RESOURCES Out of memory.
1862 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1863
1864 **/
1865 EFI_STATUS
1866 ReadAndMeasureVariable (
1867 IN TPM_PCRINDEX PCRIndex,
1868 IN TCG_EVENTTYPE EventType,
1869 IN CHAR16 *VarName,
1870 IN EFI_GUID *VendorGuid,
1871 OUT UINTN *VarSize,
1872 OUT VOID **VarData
1873 )
1874 {
1875 EFI_STATUS Status;
1876
1877 Status = GetVariable2 (VarName, VendorGuid, VarData, VarSize);
1878 if (EventType == EV_EFI_VARIABLE_DRIVER_CONFIG) {
1879 if (EFI_ERROR (Status)) {
1880 //
1881 // It is valid case, so we need handle it.
1882 //
1883 *VarData = NULL;
1884 *VarSize = 0;
1885 }
1886 } else {
1887 //
1888 // if status error, VarData is freed and set NULL by GetVariable2
1889 //
1890 if (EFI_ERROR (Status)) {
1891 return EFI_NOT_FOUND;
1892 }
1893 }
1894
1895 Status = MeasureVariable (
1896 PCRIndex,
1897 EventType,
1898 VarName,
1899 VendorGuid,
1900 *VarData,
1901 *VarSize
1902 );
1903 return Status;
1904 }
1905
1906 /**
1907 Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[5].
1908
1909 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
1910 @param[in] VendorGuid A unique identifier for the vendor.
1911 @param[out] VarSize The size of the variable data.
1912 @param[out] VarData Pointer to the content of the variable.
1913
1914 @retval EFI_SUCCESS Operation completed successfully.
1915 @retval EFI_OUT_OF_RESOURCES Out of memory.
1916 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1917
1918 **/
1919 EFI_STATUS
1920 ReadAndMeasureBootVariable (
1921 IN CHAR16 *VarName,
1922 IN EFI_GUID *VendorGuid,
1923 OUT UINTN *VarSize,
1924 OUT VOID **VarData
1925 )
1926 {
1927 return ReadAndMeasureVariable (
1928 5,
1929 EV_EFI_VARIABLE_BOOT,
1930 VarName,
1931 VendorGuid,
1932 VarSize,
1933 VarData
1934 );
1935 }
1936
1937 /**
1938 Read then Measure and log an EFI Secure variable, and extend the measurement result into PCR[7].
1939
1940 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
1941 @param[in] VendorGuid A unique identifier for the vendor.
1942 @param[out] VarSize The size of the variable data.
1943 @param[out] VarData Pointer to the content of the variable.
1944
1945 @retval EFI_SUCCESS Operation completed successfully.
1946 @retval EFI_OUT_OF_RESOURCES Out of memory.
1947 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1948
1949 **/
1950 EFI_STATUS
1951 ReadAndMeasureSecureVariable (
1952 IN CHAR16 *VarName,
1953 IN EFI_GUID *VendorGuid,
1954 OUT UINTN *VarSize,
1955 OUT VOID **VarData
1956 )
1957 {
1958 return ReadAndMeasureVariable (
1959 7,
1960 EV_EFI_VARIABLE_DRIVER_CONFIG,
1961 VarName,
1962 VendorGuid,
1963 VarSize,
1964 VarData
1965 );
1966 }
1967
1968 /**
1969 Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.
1970
1971 The EFI boot variables are BootOrder and Boot#### variables.
1972
1973 @retval EFI_SUCCESS Operation completed successfully.
1974 @retval EFI_OUT_OF_RESOURCES Out of memory.
1975 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1976
1977 **/
1978 EFI_STATUS
1979 MeasureAllBootVariables (
1980 VOID
1981 )
1982 {
1983 EFI_STATUS Status;
1984 UINT16 *BootOrder;
1985 UINTN BootCount;
1986 UINTN Index;
1987 VOID *BootVarData;
1988 UINTN Size;
1989
1990 Status = ReadAndMeasureBootVariable (
1991 mBootVarName,
1992 &gEfiGlobalVariableGuid,
1993 &BootCount,
1994 (VOID **) &BootOrder
1995 );
1996 if (Status == EFI_NOT_FOUND || BootOrder == NULL) {
1997 return EFI_SUCCESS;
1998 }
1999
2000 if (EFI_ERROR (Status)) {
2001 //
2002 // BootOrder can't be NULL if status is not EFI_NOT_FOUND
2003 //
2004 FreePool (BootOrder);
2005 return Status;
2006 }
2007
2008 BootCount /= sizeof (*BootOrder);
2009 for (Index = 0; Index < BootCount; Index++) {
2010 UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);
2011 Status = ReadAndMeasureBootVariable (
2012 mBootVarName,
2013 &gEfiGlobalVariableGuid,
2014 &Size,
2015 &BootVarData
2016 );
2017 if (!EFI_ERROR (Status)) {
2018 FreePool (BootVarData);
2019 }
2020 }
2021
2022 FreePool (BootOrder);
2023 return EFI_SUCCESS;
2024 }
2025
2026 /**
2027 Measure and log all EFI Secure variables, and extend the measurement result into a specific PCR.
2028
2029 The EFI boot variables are BootOrder and Boot#### variables.
2030
2031 @retval EFI_SUCCESS Operation completed successfully.
2032 @retval EFI_OUT_OF_RESOURCES Out of memory.
2033 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
2034
2035 **/
2036 EFI_STATUS
2037 MeasureAllSecureVariables (
2038 VOID
2039 )
2040 {
2041 EFI_STATUS Status;
2042 VOID *Data;
2043 UINTN DataSize;
2044 UINTN Index;
2045
2046 Status = EFI_NOT_FOUND;
2047 for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
2048 Status = ReadAndMeasureSecureVariable (
2049 mVariableType[Index].VariableName,
2050 mVariableType[Index].VendorGuid,
2051 &DataSize,
2052 &Data
2053 );
2054 if (!EFI_ERROR (Status)) {
2055 if (Data != NULL) {
2056 FreePool (Data);
2057 }
2058 }
2059 }
2060
2061 return EFI_SUCCESS;
2062 }
2063
2064 /**
2065 Measure and log launch of FirmwareDebugger, and extend the measurement result into a specific PCR.
2066
2067 @retval EFI_SUCCESS Operation completed successfully.
2068 @retval EFI_OUT_OF_RESOURCES Out of memory.
2069 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
2070
2071 **/
2072 EFI_STATUS
2073 MeasureLaunchOfFirmwareDebugger (
2074 VOID
2075 )
2076 {
2077 TCG_PCR_EVENT_HDR TcgEvent;
2078
2079 TcgEvent.PCRIndex = 7;
2080 TcgEvent.EventType = EV_EFI_ACTION;
2081 TcgEvent.EventSize = sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1;
2082 return TcgDxeHashLogExtendEvent (
2083 0,
2084 (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING,
2085 sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1,
2086 &TcgEvent,
2087 (UINT8 *)FIRMWARE_DEBUGGER_EVENT_STRING
2088 );
2089 }
2090
2091 /**
2092 Measure and log all Secure Boot Policy, and extend the measurement result into a specific PCR.
2093
2094 Platform firmware adhering to the policy must therefore measure the following values into PCR[7]: (in order listed)
2095 - The contents of the SecureBoot variable
2096 - The contents of the PK variable
2097 - The contents of the KEK variable
2098 - The contents of the EFI_IMAGE_SECURITY_DATABASE variable
2099 - The contents of the EFI_IMAGE_SECURITY_DATABASE1 variable
2100 - Separator
2101 - Entries in the EFI_IMAGE_SECURITY_DATABASE that are used to validate EFI Drivers or EFI Boot Applications in the boot path
2102
2103 NOTE: Because of the above, UEFI variables PK, KEK, EFI_IMAGE_SECURITY_DATABASE,
2104 EFI_IMAGE_SECURITY_DATABASE1 and SecureBoot SHALL NOT be measured into PCR[3].
2105
2106 @param[in] Event Event whose notification function is being invoked
2107 @param[in] Context Pointer to the notification function's context
2108 **/
2109 VOID
2110 EFIAPI
2111 MeasureSecureBootPolicy (
2112 IN EFI_EVENT Event,
2113 IN VOID *Context
2114 )
2115 {
2116 EFI_STATUS Status;
2117 VOID *Protocol;
2118
2119 Status = gBS->LocateProtocol (&gEfiVariableWriteArchProtocolGuid, NULL, (VOID **)&Protocol);
2120 if (EFI_ERROR (Status)) {
2121 return;
2122 }
2123
2124 if (PcdGetBool (PcdFirmwareDebuggerInitialized)) {
2125 Status = MeasureLaunchOfFirmwareDebugger ();
2126 DEBUG ((EFI_D_INFO, "MeasureLaunchOfFirmwareDebugger - %r\n", Status));
2127 }
2128
2129 Status = MeasureAllSecureVariables ();
2130 DEBUG ((EFI_D_INFO, "MeasureAllSecureVariables - %r\n", Status));
2131
2132 //
2133 // We need measure Separator(7) here, because this event must be between SecureBootPolicy (Configure)
2134 // and ImageVerification (Authority)
2135 // There might be a case that we need measure UEFI image from DriverOrder, besides BootOrder. So
2136 // the Authority measurement happen before ReadToBoot event.
2137 //
2138 Status = MeasureSeparatorEvent (7);
2139 DEBUG ((EFI_D_INFO, "MeasureSeparatorEvent - %r\n", Status));
2140 return ;
2141 }
2142
2143 /**
2144 Ready to Boot Event notification handler.
2145
2146 Sequence of OS boot events is measured in this event notification handler.
2147
2148 @param[in] Event Event whose notification function is being invoked
2149 @param[in] Context Pointer to the notification function's context
2150
2151 **/
2152 VOID
2153 EFIAPI
2154 OnReadyToBoot (
2155 IN EFI_EVENT Event,
2156 IN VOID *Context
2157 )
2158 {
2159 EFI_STATUS Status;
2160 TPM_PCRINDEX PcrIndex;
2161
2162 PERF_START_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE);
2163 if (mBootAttempts == 0) {
2164
2165 //
2166 // Measure handoff tables.
2167 //
2168 Status = MeasureHandoffTables ();
2169 if (EFI_ERROR (Status)) {
2170 DEBUG ((EFI_D_ERROR, "HOBs not Measured. Error!\n"));
2171 }
2172
2173 //
2174 // Measure BootOrder & Boot#### variables.
2175 //
2176 Status = MeasureAllBootVariables ();
2177 if (EFI_ERROR (Status)) {
2178 DEBUG ((EFI_D_ERROR, "Boot Variables not Measured. Error!\n"));
2179 }
2180
2181 //
2182 // 1. This is the first boot attempt.
2183 //
2184 Status = TcgMeasureAction (
2185 4,
2186 EFI_CALLING_EFI_APPLICATION
2187 );
2188 if (EFI_ERROR (Status)) {
2189 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));
2190 }
2191
2192 //
2193 // 2. Draw a line between pre-boot env and entering post-boot env.
2194 // PCR[7] is already done.
2195 //
2196 for (PcrIndex = 0; PcrIndex < 7; PcrIndex++) {
2197 Status = MeasureSeparatorEvent (PcrIndex);
2198 if (EFI_ERROR (Status)) {
2199 DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));
2200 }
2201 }
2202
2203 //
2204 // 3. Measure GPT. It would be done in SAP driver.
2205 //
2206
2207 //
2208 // 4. Measure PE/COFF OS loader. It would be done in SAP driver.
2209 //
2210
2211 //
2212 // 5. Read & Measure variable. BootOrder already measured.
2213 //
2214 } else {
2215 //
2216 // 6. Not first attempt, meaning a return from last attempt
2217 //
2218 Status = TcgMeasureAction (
2219 4,
2220 EFI_RETURNING_FROM_EFI_APPLICATOIN
2221 );
2222 if (EFI_ERROR (Status)) {
2223 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATOIN));
2224 }
2225
2226 //
2227 // 7. Next boot attempt, measure "Calling EFI Application from Boot Option" again
2228 // TCG PC Client PFP spec Section 2.4.4.5 Step 4
2229 //
2230 Status = TcgMeasureAction (
2231 4,
2232 EFI_CALLING_EFI_APPLICATION
2233 );
2234 if (EFI_ERROR (Status)) {
2235 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));
2236 }
2237 }
2238
2239 DEBUG ((EFI_D_INFO, "TPM2 Tcg2Dxe Measure Data when ReadyToBoot\n"));
2240 //
2241 // Increase boot attempt counter.
2242 //
2243 mBootAttempts++;
2244 PERF_END_EX (mImageHandle, "EventRec", "Tcg2Dxe", 0, PERF_ID_TCG2_DXE + 1);
2245 }
2246
2247 /**
2248 Exit Boot Services Event notification handler.
2249
2250 Measure invocation and success of ExitBootServices.
2251
2252 @param[in] Event Event whose notification function is being invoked
2253 @param[in] Context Pointer to the notification function's context
2254
2255 **/
2256 VOID
2257 EFIAPI
2258 OnExitBootServices (
2259 IN EFI_EVENT Event,
2260 IN VOID *Context
2261 )
2262 {
2263 EFI_STATUS Status;
2264
2265 //
2266 // Measure invocation of ExitBootServices,
2267 //
2268 Status = TcgMeasureAction (
2269 5,
2270 EFI_EXIT_BOOT_SERVICES_INVOCATION
2271 );
2272 if (EFI_ERROR (Status)) {
2273 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));
2274 }
2275
2276 //
2277 // Measure success of ExitBootServices
2278 //
2279 Status = TcgMeasureAction (
2280 5,
2281 EFI_EXIT_BOOT_SERVICES_SUCCEEDED
2282 );
2283 if (EFI_ERROR (Status)) {
2284 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));
2285 }
2286 }
2287
2288 /**
2289 Exit Boot Services Failed Event notification handler.
2290
2291 Measure Failure of ExitBootServices.
2292
2293 @param[in] Event Event whose notification function is being invoked
2294 @param[in] Context Pointer to the notification function's context
2295
2296 **/
2297 VOID
2298 EFIAPI
2299 OnExitBootServicesFailed (
2300 IN EFI_EVENT Event,
2301 IN VOID *Context
2302 )
2303 {
2304 EFI_STATUS Status;
2305
2306 //
2307 // Measure Failure of ExitBootServices,
2308 //
2309 Status = TcgMeasureAction (
2310 5,
2311 EFI_EXIT_BOOT_SERVICES_FAILED
2312 );
2313 if (EFI_ERROR (Status)) {
2314 DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));
2315 }
2316
2317 }
2318
2319 /**
2320 The function install Tcg2 protocol.
2321
2322 @retval EFI_SUCCESS Tcg2 protocol is installed.
2323 @retval other Some error occurs.
2324 **/
2325 EFI_STATUS
2326 InstallTcg2 (
2327 VOID
2328 )
2329 {
2330 EFI_STATUS Status;
2331 EFI_HANDLE Handle;
2332
2333 Handle = NULL;
2334 Status = gBS->InstallMultipleProtocolInterfaces (
2335 &Handle,
2336 &gEfiTcg2ProtocolGuid,
2337 &mTcg2Protocol,
2338 NULL
2339 );
2340 return Status;
2341 }
2342
2343 /**
2344 The driver's entry point. It publishes EFI Tcg2 Protocol.
2345
2346 @param[in] ImageHandle The firmware allocated handle for the EFI image.
2347 @param[in] SystemTable A pointer to the EFI System Table.
2348
2349 @retval EFI_SUCCESS The entry point is executed successfully.
2350 @retval other Some error occurs when executing this entry point.
2351 **/
2352 EFI_STATUS
2353 EFIAPI
2354 DriverEntry (
2355 IN EFI_HANDLE ImageHandle,
2356 IN EFI_SYSTEM_TABLE *SystemTable
2357 )
2358 {
2359 EFI_STATUS Status;
2360 EFI_EVENT Event;
2361 VOID *Registration;
2362 UINT32 MaxCommandSize;
2363 UINT32 MaxResponseSize;
2364 UINTN Index;
2365 EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;
2366 UINT32 ActivePCRBanks;
2367 UINT32 NumberOfPCRBanks;
2368
2369 mImageHandle = ImageHandle;
2370
2371 if (CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceNoneGuid) ||
2372 CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){
2373 DEBUG ((EFI_D_ERROR, "No TPM2 instance required!\n"));
2374 return EFI_UNSUPPORTED;
2375 }
2376
2377 if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
2378 DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
2379 return EFI_DEVICE_ERROR;
2380 }
2381
2382 Status = Tpm2RequestUseTpm ();
2383 if (EFI_ERROR (Status)) {
2384 DEBUG ((EFI_D_ERROR, "TPM2 not detected!\n"));
2385 return Status;
2386 }
2387
2388 //
2389 // Fill information
2390 //
2391 ASSERT (TCG_EVENT_LOG_AREA_COUNT_MAX == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]));
2392
2393 mTcgDxeData.BsCap.Size = sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);
2394 mTcgDxeData.BsCap.ProtocolVersion.Major = 1;
2395 mTcgDxeData.BsCap.ProtocolVersion.Minor = 1;
2396 mTcgDxeData.BsCap.StructureVersion.Major = 1;
2397 mTcgDxeData.BsCap.StructureVersion.Minor = 1;
2398
2399 DEBUG ((EFI_D_INFO, "Tcg2.ProtocolVersion - %02x.%02x\n", mTcgDxeData.BsCap.ProtocolVersion.Major, mTcgDxeData.BsCap.ProtocolVersion.Minor));
2400 DEBUG ((EFI_D_INFO, "Tcg2.StructureVersion - %02x.%02x\n", mTcgDxeData.BsCap.StructureVersion.Major, mTcgDxeData.BsCap.StructureVersion.Minor));
2401
2402 Status = Tpm2GetCapabilityManufactureID (&mTcgDxeData.BsCap.ManufacturerID);
2403 if (EFI_ERROR (Status)) {
2404 DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityManufactureID fail!\n"));
2405 } else {
2406 DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityManufactureID - %08x\n", mTcgDxeData.BsCap.ManufacturerID));
2407 }
2408
2409 DEBUG_CODE (
2410 UINT32 FirmwareVersion1;
2411 UINT32 FirmwareVersion2;
2412
2413 Status = Tpm2GetCapabilityFirmwareVersion (&FirmwareVersion1, &FirmwareVersion2);
2414 if (EFI_ERROR (Status)) {
2415 DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityFirmwareVersion fail!\n"));
2416 } else {
2417 DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityFirmwareVersion - %08x %08x\n", FirmwareVersion1, FirmwareVersion2));
2418 }
2419 );
2420
2421 Status = Tpm2GetCapabilityMaxCommandResponseSize (&MaxCommandSize, &MaxResponseSize);
2422 if (EFI_ERROR (Status)) {
2423 DEBUG ((EFI_D_ERROR, "Tpm2GetCapabilityMaxCommandResponseSize fail!\n"));
2424 } else {
2425 mTcgDxeData.BsCap.MaxCommandSize = (UINT16)MaxCommandSize;
2426 mTcgDxeData.BsCap.MaxResponseSize = (UINT16)MaxResponseSize;
2427 DEBUG ((EFI_D_INFO, "Tpm2GetCapabilityMaxCommandResponseSize - %08x, %08x\n", MaxCommandSize, MaxResponseSize));
2428 }
2429
2430 //
2431 // Get supported PCR and current Active PCRs
2432 //
2433 Status = Tpm2GetCapabilitySupportedAndActivePcrs (&TpmHashAlgorithmBitmap, &ActivePCRBanks);
2434 ASSERT_EFI_ERROR (Status);
2435
2436 mTcgDxeData.BsCap.HashAlgorithmBitmap = TpmHashAlgorithmBitmap & PcdGet32 (PcdTcg2HashAlgorithmBitmap);
2437 mTcgDxeData.BsCap.ActivePcrBanks = ActivePCRBanks & PcdGet32 (PcdTcg2HashAlgorithmBitmap);
2438
2439 //
2440 // Need calculate NumberOfPCRBanks here, because HashAlgorithmBitmap might be removed by PCD.
2441 //
2442 NumberOfPCRBanks = 0;
2443 for (Index = 0; Index < 32; Index++) {
2444 if ((mTcgDxeData.BsCap.HashAlgorithmBitmap & (1u << Index)) != 0) {
2445 NumberOfPCRBanks++;
2446 }
2447 }
2448
2449 if (PcdGet32 (PcdTcg2NumberOfPCRBanks) == 0) {
2450 mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;
2451 } else {
2452 mTcgDxeData.BsCap.NumberOfPCRBanks = PcdGet32 (PcdTcg2NumberOfPCRBanks);
2453 if (PcdGet32 (PcdTcg2NumberOfPCRBanks) > NumberOfPCRBanks) {
2454 DEBUG ((EFI_D_ERROR, "ERROR: PcdTcg2NumberOfPCRBanks(0x%x) > NumberOfPCRBanks(0x%x)\n", PcdGet32 (PcdTcg2NumberOfPCRBanks), NumberOfPCRBanks));
2455 mTcgDxeData.BsCap.NumberOfPCRBanks = NumberOfPCRBanks;
2456 }
2457 }
2458
2459 mTcgDxeData.BsCap.SupportedEventLogs = EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2 | EFI_TCG2_EVENT_LOG_FORMAT_TCG_2;
2460 if ((mTcgDxeData.BsCap.ActivePcrBanks & EFI_TCG2_BOOT_HASH_ALG_SHA1) == 0) {
2461 //
2462 // No need to expose TCG1.2 event log if SHA1 bank does not exist.
2463 //
2464 mTcgDxeData.BsCap.SupportedEventLogs &= ~EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2;
2465 }
2466
2467 DEBUG ((EFI_D_INFO, "Tcg2.SupportedEventLogs - 0x%08x\n", mTcgDxeData.BsCap.SupportedEventLogs));
2468 DEBUG ((EFI_D_INFO, "Tcg2.HashAlgorithmBitmap - 0x%08x\n", mTcgDxeData.BsCap.HashAlgorithmBitmap));
2469 DEBUG ((EFI_D_INFO, "Tcg2.NumberOfPCRBanks - 0x%08x\n", mTcgDxeData.BsCap.NumberOfPCRBanks));
2470 DEBUG ((EFI_D_INFO, "Tcg2.ActivePcrBanks - 0x%08x\n", mTcgDxeData.BsCap.ActivePcrBanks));
2471
2472 if (mTcgDxeData.BsCap.TPMPresentFlag) {
2473 //
2474 // Setup the log area and copy event log from hob list to it
2475 //
2476 Status = SetupEventLog ();
2477 ASSERT_EFI_ERROR (Status);
2478
2479 //
2480 // Measure handoff tables, Boot#### variables etc.
2481 //
2482 Status = EfiCreateEventReadyToBootEx (
2483 TPL_CALLBACK,
2484 OnReadyToBoot,
2485 NULL,
2486 &Event
2487 );
2488
2489 Status = gBS->CreateEventEx (
2490 EVT_NOTIFY_SIGNAL,
2491 TPL_NOTIFY,
2492 OnExitBootServices,
2493 NULL,
2494 &gEfiEventExitBootServicesGuid,
2495 &Event
2496 );
2497
2498 //
2499 // Measure Exit Boot Service failed
2500 //
2501 Status = gBS->CreateEventEx (
2502 EVT_NOTIFY_SIGNAL,
2503 TPL_NOTIFY,
2504 OnExitBootServicesFailed,
2505 NULL,
2506 &gEventExitBootServicesFailedGuid,
2507 &Event
2508 );
2509
2510 //
2511 // Create event callback, because we need access variable on SecureBootPolicyVariable
2512 // We should use VariableWriteArch instead of VariableArch, because Variable driver
2513 // may update SecureBoot value based on last setting.
2514 //
2515 EfiCreateProtocolNotifyEvent (&gEfiVariableWriteArchProtocolGuid, TPL_CALLBACK, MeasureSecureBootPolicy, NULL, &Registration);
2516 }
2517
2518 //
2519 // Install Tcg2Protocol
2520 //
2521 Status = InstallTcg2 ();
2522 DEBUG ((EFI_D_INFO, "InstallTcg2 - %r\n", Status));
2523
2524 return Status;
2525 }
EFI Development Kit II mirror for PVE