SecurityPkg/Tcg/Tcg2PlatformPei/Tcg2PlatformPei.c

   1 /** @file
   2   Configure TPM 2 platform hierarchy on TPM state resume failure on S3 resume
   3
   4 Copyright (c) 2017, Intel Corporation. All rights reserved.<BR>
   5 Copyright (c) Microsoft Corporation.<BR>
   6 SPDX-License-Identifier: BSD-2-Clause-Patent
   7
   8 **/
   9
  10 #include <PiPei.h>
  11 #include <Library/PeiServicesLib.h>
  12 #include <Library/DebugLib.h>
  13 #include <Library/BaseMemoryLib.h>
  14 #include <Library/MemoryAllocationLib.h>
  15 #include <Library/HobLib.h>
  16 #include <Library/Tpm2CommandLib.h>
  17 #include <Library/Tpm2DeviceLib.h>
  18 #include <Library/TpmPlatformHierarchyLib.h>
  19 #include <Library/RngLib.h>
  20
  21 #include <Ppi/EndOfPeiPhase.h>
  22
  23 #define MAX_NEW_AUTHORIZATION_SIZE  SHA512_DIGEST_SIZE
  24
  25 /**
  26   This function handles PlatformInit task at the end of PEI
  27
  28   @param[in]  PeiServices        Pointer to PEI Services Table.
  29   @param[in]  NotifyDescriptor   Pointer to the descriptor for the Notification event that
  30                                  caused this function to execute.
  31   @param[in]  Ppi                Pointer to the PPI data associated with this function.
  32
  33   @retval     EFI_SUCCESS        The function completes successfully
  34   @retval     others
  35 **/
  36 EFI_STATUS
  37 EFIAPI
  38 PlatformInitEndOfPei (
  39   IN CONST EFI_PEI_SERVICES     **PeiServices,
  40   IN EFI_PEI_NOTIFY_DESCRIPTOR  *NotifyDescriptor,
  41   IN VOID                       *Ppi
  42   )
  43 {
  44   VOID  *TcgEventLog;
  45
  46   //
  47   // Try to get TcgEventLog in S3 to see if S3 error is reported.
  48   //
  49   TcgEventLog = GetFirstGuidHob (&gTcgEventEntryHobGuid);
  50   if (TcgEventLog == NULL) {
  51     TcgEventLog = GetFirstGuidHob (&gTcgEvent2EntryHobGuid);
  52   }
  53
  54   if (TcgEventLog == NULL) {
  55     //
  56     // no S3 error reported
  57     //
  58     return EFI_SUCCESS;
  59   }
  60
  61   //
  62   // If there is S3 error on TPM_SU_STATE and success on TPM_SU_CLEAR,
  63   // configure the TPM Platform Hierarchy.
  64   //
  65   ConfigureTpmPlatformHierarchy ();
  66
  67   return EFI_SUCCESS;
  68 }
  69
  70 static EFI_PEI_NOTIFY_DESCRIPTOR  mEndOfPeiNotifyList = {
  71   (EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
  72   &gEfiEndOfPeiSignalPpiGuid,
  73   (EFI_PEIM_NOTIFY_ENTRY_POINT)PlatformInitEndOfPei
  74 };
  75
  76 /**
  77   Main entry
  78
  79   @param[in]  FileHandle              Handle of the file being invoked.
  80   @param[in]  PeiServices             Pointer to PEI Services table.
  81
  82   @retval EFI_SUCCESS Install function successfully.
  83
  84 **/
  85 EFI_STATUS
  86 EFIAPI
  87 Tcg2PlatformPeiEntryPoint (
  88   IN       EFI_PEI_FILE_HANDLE  FileHandle,
  89   IN CONST EFI_PEI_SERVICES     **PeiServices
  90   )
  91 {
  92   EFI_STATUS     Status;
  93   EFI_BOOT_MODE  BootMode;
  94
  95   Status = PeiServicesGetBootMode (&BootMode);
  96   ASSERT_EFI_ERROR (Status);
  97
  98   if (BootMode != BOOT_ON_S3_RESUME) {
  99     return EFI_SUCCESS;
 100   }
 101
 102   //
 103   // Performing PlatformInitEndOfPei after EndOfPei PPI produced
 104   //
 105   Status = PeiServicesNotifyPpi (&mEndOfPeiNotifyList);
 106
 107   return Status;
 108 }