]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Update for SecurityPkg.
[mirror_edk2.git] / SecurityPkg / Tcg / TcgConfigDxe / TcgConfigImpl.c
1 /** @file
2 HII Config Access protocol implementation of TCG configuration module.
3
4 Copyright (c) 2011, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php
9
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
12
13 **/
14
15 #include "TcgConfigImpl.h"
16
17 CHAR16 mTcgStorageName[] = L"TCG_CONFIGURATION";
18
19 TCG_CONFIG_PRIVATE_DATA mTcgConfigPrivateDateTemplate = {
20 TCG_CONFIG_PRIVATE_DATA_SIGNATURE,
21 {
22 TcgExtractConfig,
23 TcgRouteConfig,
24 TcgCallback
25 }
26 };
27
28 HII_VENDOR_DEVICE_PATH mTcgHiiVendorDevicePath = {
29 {
30 {
31 HARDWARE_DEVICE_PATH,
32 HW_VENDOR_DP,
33 {
34 (UINT8) (sizeof (VENDOR_DEVICE_PATH)),
35 (UINT8) ((sizeof (VENDOR_DEVICE_PATH)) >> 8)
36 }
37 },
38 TCG_CONFIG_FORM_SET_GUID
39 },
40 {
41 END_DEVICE_PATH_TYPE,
42 END_ENTIRE_DEVICE_PATH_SUBTYPE,
43 {
44 (UINT8) (END_DEVICE_PATH_LENGTH),
45 (UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
46 }
47 }
48 };
49
50 /**
51 Get current state of TPM device.
52
53 @param[in] TcgProtocol Point to EFI_TCG_PROTOCOL instance.
54 @param[out] TpmEnable Flag to indicate TPM is enabled or not.
55 @param[out] TpmActivate Flag to indicate TPM is activated or not.
56
57 @retval EFI_SUCCESS State is successfully returned.
58 @retval EFI_DEVICE_ERROR Failed to get TPM response.
59 @retval Others Other errors as indicated.
60
61 **/
62 EFI_STATUS
63 GetTpmState (
64 IN EFI_TCG_PROTOCOL *TcgProtocol,
65 OUT BOOLEAN *TpmEnable, OPTIONAL
66 OUT BOOLEAN *TpmActivate OPTIONAL
67 )
68 {
69 EFI_STATUS Status;
70 TPM_RSP_COMMAND_HDR *TpmRsp;
71 UINT32 TpmSendSize;
72 TPM_PERMANENT_FLAGS *TpmPermanentFlags;
73 UINT8 CmdBuf[64];
74
75 ASSERT (TcgProtocol != NULL);
76
77 //
78 // Get TPM Permanent flags (TpmEnable, TpmActivate)
79 //
80 if ((TpmEnable != NULL) || (TpmActivate != NULL)) {
81 TpmSendSize = sizeof (TPM_RQU_COMMAND_HDR) + sizeof (UINT32) * 3;
82 *(UINT16*)&CmdBuf[0] = SwapBytes16 (TPM_TAG_RQU_COMMAND);
83 *(UINT32*)&CmdBuf[2] = SwapBytes32 (TpmSendSize);
84 *(UINT32*)&CmdBuf[6] = SwapBytes32 (TPM_ORD_GetCapability);
85
86 *(UINT32*)&CmdBuf[10] = SwapBytes32 (TPM_CAP_FLAG);
87 *(UINT32*)&CmdBuf[14] = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
88 *(UINT32*)&CmdBuf[18] = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
89
90 Status = TcgProtocol->PassThroughToTpm (
91 TcgProtocol,
92 TpmSendSize,
93 CmdBuf,
94 sizeof (CmdBuf),
95 CmdBuf
96 );
97 TpmRsp = (TPM_RSP_COMMAND_HDR *) &CmdBuf[0];
98 if (EFI_ERROR (Status) || (TpmRsp->tag != SwapBytes16 (TPM_TAG_RSP_COMMAND)) || (TpmRsp->returnCode != 0)) {
99 return EFI_DEVICE_ERROR;
100 }
101
102 TpmPermanentFlags = (TPM_PERMANENT_FLAGS *) &CmdBuf[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
103
104 if (TpmEnable != NULL) {
105 *TpmEnable = (BOOLEAN) !TpmPermanentFlags->disable;
106 }
107
108 if (TpmActivate != NULL) {
109 *TpmActivate = (BOOLEAN) !TpmPermanentFlags->deactivated;
110 }
111 }
112
113 return EFI_SUCCESS;
114 }
115
116 /**
117 This function allows a caller to extract the current configuration for one
118 or more named elements from the target driver.
119
120 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
121 @param[in] Request A null-terminated Unicode string in
122 <ConfigRequest> format.
123 @param[out] Progress On return, points to a character in the Request
124 string. Points to the string's null terminator if
125 request was successful. Points to the most recent
126 '&' before the first failing name/value pair (or
127 the beginning of the string if the failure is in
128 the first name/value pair) if the request was not
129 successful.
130 @param[out] Results A null-terminated Unicode string in
131 <ConfigAltResp> format which has all values filled
132 in for the names in the Request string. String to
133 be allocated by the called function.
134
135 @retval EFI_SUCCESS The Results is filled with the requested values.
136 @retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
137 @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
138 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
139 driver.
140
141 **/
142 EFI_STATUS
143 EFIAPI
144 TcgExtractConfig (
145 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
146 IN CONST EFI_STRING Request,
147 OUT EFI_STRING *Progress,
148 OUT EFI_STRING *Results
149 )
150 {
151 EFI_STATUS Status;
152 UINTN BufferSize;
153 TCG_CONFIGURATION Configuration;
154 TCG_CONFIG_PRIVATE_DATA *PrivateData;
155 EFI_STRING ConfigRequestHdr;
156 EFI_STRING ConfigRequest;
157 BOOLEAN AllocatedRequest;
158 UINTN Size;
159 BOOLEAN TpmEnable;
160 BOOLEAN TpmActivate;
161 CHAR16 State[32];
162
163 if (Progress == NULL || Results == NULL) {
164 return EFI_INVALID_PARAMETER;
165 }
166
167 *Progress = Request;
168 if ((Request != NULL) && !HiiIsConfigHdrMatch (Request, &gTcgConfigFormSetGuid, mTcgStorageName)) {
169 return EFI_NOT_FOUND;
170 }
171
172 ConfigRequestHdr = NULL;
173 ConfigRequest = NULL;
174 AllocatedRequest = FALSE;
175 Size = 0;
176
177 PrivateData = TCG_CONFIG_PRIVATE_DATA_FROM_THIS (This);
178
179 //
180 // Convert buffer data to <ConfigResp> by helper function BlockToConfig()
181 //
182 ZeroMem (&Configuration, sizeof (TCG_CONFIGURATION));
183
184 Configuration.MorState = PcdGetBool (PcdMorEnable);
185 Configuration.TpmOperation = PHYSICAL_PRESENCE_ENABLE;
186 Configuration.HideTpm = (BOOLEAN) (PcdGetBool (PcdHideTpmSupport) && PcdGetBool (PcdHideTpm));
187 //
188 // Read the original value of HideTpm from PrivateData which won't be changed by Setup in this boot.
189 //
190 Configuration.OriginalHideTpm = PrivateData->HideTpm;
191
192 //
193 // Display current TPM state.
194 //
195 if (PrivateData->TcgProtocol != NULL) {
196 Status = GetTpmState (PrivateData->TcgProtocol, &TpmEnable, &TpmActivate);
197 if (EFI_ERROR (Status)) {
198 return Status;
199 }
200
201 UnicodeSPrint (
202 State,
203 sizeof (State),
204 L"%s, and %s",
205 TpmEnable ? L"Enabled" : L"Disabled",
206 TpmActivate ? L"Activated" : L"Deactivated"
207 );
208 Configuration.TpmEnable = TpmEnable;
209 Configuration.TpmActivate = TpmActivate;
210
211 HiiSetString (PrivateData->HiiHandle, STRING_TOKEN (STR_TPM_STATE_CONTENT), State, NULL);
212 }
213
214 BufferSize = sizeof (Configuration);
215 ConfigRequest = Request;
216 if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
217 //
218 // Request has no request element, construct full request string.
219 // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
220 // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
221 //
222 ConfigRequestHdr = HiiConstructConfigHdr (&gTcgConfigFormSetGuid, mTcgStorageName, PrivateData->DriverHandle);
223 Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
224 ConfigRequest = AllocateZeroPool (Size);
225 ASSERT (ConfigRequest != NULL);
226 AllocatedRequest = TRUE;
227 UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64) BufferSize);
228 FreePool (ConfigRequestHdr);
229 }
230
231 Status = gHiiConfigRouting->BlockToConfig (
232 gHiiConfigRouting,
233 ConfigRequest,
234 (UINT8 *) &Configuration,
235 BufferSize,
236 Results,
237 Progress
238 );
239 //
240 // Free the allocated config request string.
241 //
242 if (AllocatedRequest) {
243 FreePool (ConfigRequest);
244 }
245 //
246 // Set Progress string to the original request string.
247 //
248 if (Request == NULL) {
249 *Progress = NULL;
250 } else if (StrStr (Request, L"OFFSET") == NULL) {
251 *Progress = Request + StrLen (Request);
252 }
253
254 return Status;
255 }
256
257 /**
258 This function processes the results of changes in configuration.
259
260 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
261 @param[in] Configuration A null-terminated Unicode string in <ConfigResp>
262 format.
263 @param[out] Progress A pointer to a string filled in with the offset of
264 the most recent '&' before the first failing
265 name/value pair (or the beginning of the string if
266 the failure is in the first name/value pair) or
267 the terminating NULL if all was successful.
268
269 @retval EFI_SUCCESS The Results is processed successfully.
270 @retval EFI_INVALID_PARAMETER Configuration is NULL.
271 @retval EFI_NOT_FOUND Routing data doesn't match any storage in this
272 driver.
273
274 **/
275 EFI_STATUS
276 EFIAPI
277 TcgRouteConfig (
278 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
279 IN CONST EFI_STRING Configuration,
280 OUT EFI_STRING *Progress
281 )
282 {
283 EFI_STATUS Status;
284 UINTN BufferSize;
285 TCG_CONFIGURATION TcgConfiguration;
286
287 if (Configuration == NULL || Progress == NULL) {
288 return EFI_INVALID_PARAMETER;
289 }
290
291 *Progress = Configuration;
292 if (!HiiIsConfigHdrMatch (Configuration, &gTcgConfigFormSetGuid, mTcgStorageName)) {
293 return EFI_NOT_FOUND;
294 }
295
296 //
297 // Convert <ConfigResp> to buffer data by helper function ConfigToBlock()
298 //
299 BufferSize = sizeof (TCG_CONFIGURATION);
300 Status = gHiiConfigRouting->ConfigToBlock (
301 gHiiConfigRouting,
302 Configuration,
303 (UINT8 *) &TcgConfiguration,
304 &BufferSize,
305 Progress
306 );
307 if (EFI_ERROR (Status)) {
308 return Status;
309 }
310
311 PcdSetBool (PcdMorEnable, TcgConfiguration.MorState);
312 PcdSetBool (PcdHideTpm, TcgConfiguration.HideTpm);
313
314 return EFI_SUCCESS;
315 }
316
317 /**
318 Save TPM request to variable space.
319
320 @param[in] PpRequest Physical Presence request command.
321
322 @retval EFI_SUCCESS The operation is finished successfully.
323 @retval Others Other errors as indicated.
324
325 **/
326 EFI_STATUS
327 SavePpRequest (
328 IN UINT8 PpRequest
329 )
330 {
331 EFI_STATUS Status;
332 UINTN DataSize;
333 EFI_PHYSICAL_PRESENCE PpData;
334
335 //
336 // Save TPM command to variable.
337 //
338 DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
339 Status = gRT->GetVariable (
340 PHYSICAL_PRESENCE_VARIABLE,
341 &gEfiPhysicalPresenceGuid,
342 NULL,
343 &DataSize,
344 &PpData
345 );
346 if (EFI_ERROR (Status)) {
347 return Status;
348 }
349
350 PpData.PPRequest = PpRequest;
351 Status = gRT->SetVariable (
352 PHYSICAL_PRESENCE_VARIABLE,
353 &gEfiPhysicalPresenceGuid,
354 EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
355 DataSize,
356 &PpData
357 );
358 if (EFI_ERROR(Status)) {
359 return Status;
360 }
361
362 //
363 // Reset system.
364 //
365 gRT->ResetSystem (EfiResetCold, EFI_SUCCESS, 0, NULL);
366
367 return EFI_SUCCESS;
368 }
369
370 /**
371 This function processes the results of changes in configuration.
372
373 @param[in] This Points to the EFI_HII_CONFIG_ACCESS_PROTOCOL.
374 @param[in] Action Specifies the type of action taken by the browser.
375 @param[in] QuestionId A unique value which is sent to the original
376 exporting driver so that it can identify the type
377 of data to expect.
378 @param[in] Type The type of value for the question.
379 @param[in] Value A pointer to the data being sent to the original
380 exporting driver.
381 @param[out] ActionRequest On return, points to the action requested by the
382 callback function.
383
384 @retval EFI_SUCCESS The callback successfully handled the action.
385 @retval EFI_OUT_OF_RESOURCES Not enough storage is available to hold the
386 variable and its data.
387 @retval EFI_DEVICE_ERROR The variable could not be saved.
388 @retval EFI_UNSUPPORTED The specified Action is not supported by the
389 callback.
390
391 **/
392 EFI_STATUS
393 EFIAPI
394 TcgCallback (
395 IN CONST EFI_HII_CONFIG_ACCESS_PROTOCOL *This,
396 IN EFI_BROWSER_ACTION Action,
397 IN EFI_QUESTION_ID QuestionId,
398 IN UINT8 Type,
399 IN EFI_IFR_TYPE_VALUE *Value,
400 OUT EFI_BROWSER_ACTION_REQUEST *ActionRequest
401 )
402 {
403 if ((This == NULL) || (Value == NULL) || (ActionRequest == NULL)) {
404 return EFI_INVALID_PARAMETER;
405 }
406
407 if ((Action != EFI_BROWSER_ACTION_CHANGED) || (QuestionId != KEY_TPM_ACTION)) {
408 return EFI_UNSUPPORTED;
409 }
410
411 SavePpRequest (Value->u8);
412 ASSERT (FALSE);
413
414 return EFI_SUCCESS;
415 }
416
417 /**
418 This function publish the TCG configuration Form for TPM device.
419
420 @param[in, out] PrivateData Points to TCG configuration private data.
421
422 @retval EFI_SUCCESS HII Form is installed for this network device.
423 @retval EFI_OUT_OF_RESOURCES Not enough resource for HII Form installation.
424 @retval Others Other errors as indicated.
425
426 **/
427 EFI_STATUS
428 InstallTcgConfigForm (
429 IN OUT TCG_CONFIG_PRIVATE_DATA *PrivateData
430 )
431 {
432 EFI_STATUS Status;
433 EFI_HII_HANDLE HiiHandle;
434 EFI_HANDLE DriverHandle;
435 VOID *StartOpCodeHandle;
436 VOID *EndOpCodeHandle;
437 EFI_IFR_GUID_LABEL *StartLabel;
438 EFI_IFR_GUID_LABEL *EndLabel;
439
440 EFI_HII_CONFIG_ACCESS_PROTOCOL *ConfigAccess;
441
442 DriverHandle = NULL;
443 ConfigAccess = &PrivateData->ConfigAccess;
444 Status = gBS->InstallMultipleProtocolInterfaces (
445 &DriverHandle,
446 &gEfiDevicePathProtocolGuid,
447 &mTcgHiiVendorDevicePath,
448 &gEfiHiiConfigAccessProtocolGuid,
449 ConfigAccess,
450 NULL
451 );
452 if (EFI_ERROR (Status)) {
453 return Status;
454 }
455
456 PrivateData->DriverHandle = DriverHandle;
457
458 //
459 // Publish the HII package list
460 //
461 HiiHandle = HiiAddPackages (
462 &gTcgConfigFormSetGuid,
463 DriverHandle,
464 TcgConfigDxeStrings,
465 TcgConfigBin,
466 NULL
467 );
468 if (HiiHandle == NULL) {
469 gBS->UninstallMultipleProtocolInterfaces (
470 DriverHandle,
471 &gEfiDevicePathProtocolGuid,
472 &mTcgHiiVendorDevicePath,
473 &gEfiHiiConfigAccessProtocolGuid,
474 ConfigAccess,
475 NULL
476 );
477
478 return EFI_OUT_OF_RESOURCES;
479 }
480
481 PrivateData->HiiHandle = HiiHandle;
482
483 //
484 // Remove the Hide TPM question from the IFR
485 //
486 if (!PcdGetBool (PcdHideTpmSupport)) {
487 //
488 // Allocate space for creation of UpdateData Buffer
489 //
490 StartOpCodeHandle = HiiAllocateOpCodeHandle ();
491 ASSERT (StartOpCodeHandle != NULL);
492
493 EndOpCodeHandle = HiiAllocateOpCodeHandle ();
494 ASSERT (EndOpCodeHandle != NULL);
495
496 //
497 // Create Hii Extend Label OpCode as the start opcode
498 //
499 StartLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (StartOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL));
500 StartLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
501 StartLabel->Number = LABEL_TCG_CONFIGURATION_HIDETPM;
502
503 //
504 // Create Hii Extend Label OpCode as the end opcode
505 //
506 EndLabel = (EFI_IFR_GUID_LABEL *) HiiCreateGuidOpCode (EndOpCodeHandle, &gEfiIfrTianoGuid, NULL, sizeof (EFI_IFR_GUID_LABEL));
507 EndLabel->ExtendOpCode = EFI_IFR_EXTEND_OP_LABEL;
508 EndLabel->Number = LABEL_END;
509
510 HiiUpdateForm (HiiHandle, NULL, TCG_CONFIGURATION_FORM_ID, StartOpCodeHandle, EndOpCodeHandle);
511
512 HiiFreeOpCodeHandle (StartOpCodeHandle);
513 HiiFreeOpCodeHandle (EndOpCodeHandle);
514 }
515
516 return EFI_SUCCESS;
517 }
518
519 /**
520 This function removes TCG configuration Form.
521
522 @param[in, out] PrivateData Points to TCG configuration private data.
523
524 **/
525 VOID
526 UninstallTcgConfigForm (
527 IN OUT TCG_CONFIG_PRIVATE_DATA *PrivateData
528 )
529 {
530 //
531 // Uninstall HII package list
532 //
533 if (PrivateData->HiiHandle != NULL) {
534 HiiRemovePackages (PrivateData->HiiHandle);
535 PrivateData->HiiHandle = NULL;
536 }
537
538 //
539 // Uninstall HII Config Access Protocol
540 //
541 if (PrivateData->DriverHandle != NULL) {
542 gBS->UninstallMultipleProtocolInterfaces (
543 PrivateData->DriverHandle,
544 &gEfiDevicePathProtocolGuid,
545 &mTcgHiiVendorDevicePath,
546 &gEfiHiiConfigAccessProtocolGuid,
547 &PrivateData->ConfigAccess,
548 NULL
549 );
550 PrivateData->DriverHandle = NULL;
551 }
552
553 FreePool (PrivateData);
554 }
EFI Development Kit II mirror for PVE