]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/TcgDxe/TcgDxe.c
projects / mirror_edk2.git / blob
? search:


5ef34d0ba20418faa3ef6498f5cdfff2e1cf6e10
[mirror_edk2.git] / SecurityPkg / Tcg / TcgDxe / TcgDxe.c
1 /** @file
2 This module implements TCG EFI Protocol.
3
4 Caution: This module requires additional review when modified.
5 This driver will have external input - TcgDxePassThroughToTpm
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8
9 TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.
10
11 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
12 This program and the accompanying materials
13 are licensed and made available under the terms and conditions of the BSD License
14 which accompanies this distribution. The full text of the license may be found at
15 http://opensource.org/licenses/bsd-license.php
16
17 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
18 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
19
20 **/
21
22 #include <PiDxe.h>
23 #include <IndustryStandard/Tpm12.h>
24 #include <IndustryStandard/Acpi.h>
25 #include <IndustryStandard/PeImage.h>
26 #include <IndustryStandard/SmBios.h>
27
28 #include <Guid/GlobalVariable.h>
29 #include <Guid/SmBios.h>
30 #include <Guid/HobList.h>
31 #include <Guid/TcgEventHob.h>
32 #include <Guid/EventGroup.h>
33 #include <Guid/EventExitBootServiceFailed.h>
34 #include <Protocol/DevicePath.h>
35 #include <Protocol/TcgService.h>
36 #include <Protocol/AcpiTable.h>
37
38 #include <Library/DebugLib.h>
39 #include <Library/BaseMemoryLib.h>
40 #include <Library/UefiRuntimeServicesTableLib.h>
41 #include <Library/UefiDriverEntryPoint.h>
42 #include <Library/HobLib.h>
43 #include <Library/UefiBootServicesTableLib.h>
44 #include <Library/BaseLib.h>
45 #include <Library/MemoryAllocationLib.h>
46 #include <Library/PrintLib.h>
47 #include <Library/TpmCommLib.h>
48 #include <Library/PcdLib.h>
49 #include <Library/UefiLib.h>
50
51 #include "TpmComm.h"
52
53 #define EFI_TCG_LOG_AREA_SIZE 0x10000
54
55 #pragma pack (1)
56
57 typedef struct _EFI_TCG_CLIENT_ACPI_TABLE {
58 EFI_ACPI_DESCRIPTION_HEADER Header;
59 UINT16 PlatformClass;
60 UINT32 Laml;
61 EFI_PHYSICAL_ADDRESS Lasa;
62 } EFI_TCG_CLIENT_ACPI_TABLE;
63
64 typedef struct _EFI_TCG_SERVER_ACPI_TABLE {
65 EFI_ACPI_DESCRIPTION_HEADER Header;
66 UINT16 PlatformClass;
67 UINT16 Reserved0;
68 UINT64 Laml;
69 EFI_PHYSICAL_ADDRESS Lasa;
70 UINT16 SpecRev;
71 UINT8 DeviceFlags;
72 UINT8 InterruptFlags;
73 UINT8 Gpe;
74 UINT8 Reserved1[3];
75 UINT32 GlobalSysInt;
76 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE BaseAddress;
77 UINT32 Reserved2;
78 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE ConfigAddress;
79 UINT8 PciSegNum;
80 UINT8 PciBusNum;
81 UINT8 PciDevNum;
82 UINT8 PciFuncNum;
83 } EFI_TCG_SERVER_ACPI_TABLE;
84
85 #pragma pack ()
86
87 #define TCG_DXE_DATA_FROM_THIS(this) \
88 BASE_CR (this, TCG_DXE_DATA, TcgProtocol)
89
90 typedef struct _TCG_DXE_DATA {
91 EFI_TCG_PROTOCOL TcgProtocol;
92 TCG_EFI_BOOT_SERVICE_CAPABILITY BsCap;
93 EFI_TCG_CLIENT_ACPI_TABLE *TcgClientAcpiTable;
94 EFI_TCG_SERVER_ACPI_TABLE *TcgServerAcpiTable;
95 UINTN EventLogSize;
96 UINT8 *LastEvent;
97 TIS_TPM_HANDLE TpmHandle;
98 } TCG_DXE_DATA;
99
100
101
102 EFI_TCG_CLIENT_ACPI_TABLE mTcgClientAcpiTemplate = {
103 {
104 EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
105 sizeof (mTcgClientAcpiTemplate),
106 0x02 //Revision
107 //
108 // Compiler initializes the remaining bytes to 0
109 // These fields should be filled in in production
110 //
111 },
112 0, // 0 for PC Client Platform Class
113 0, // Log Area Max Length
114 (EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1) // Log Area Start Address
115 };
116
117 //
118 // The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
119 // the TPM device connectes to LPC, and also defined the ACPI _UID as 0xFF,
120 // this _UID can be changed and should match with the _UID setting of the TPM
121 // ACPI device object
122 //
123 EFI_TCG_SERVER_ACPI_TABLE mTcgServerAcpiTemplate = {
124 {
125 EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
126 sizeof (mTcgServerAcpiTemplate),
127 0x02 //Revision
128 //
129 // Compiler initializes the remaining bytes to 0
130 // These fields should be filled in in production
131 //
132 },
133 1, // 1 for Server Platform Class
134 0, // Reserved
135 0, // Log Area Max Length
136 (EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1), // Log Area Start Address
137 0x0100, // TCG Specification revision 1.0
138 2, // Device Flags
139 0, // Interrupt Flags
140 0, // GPE
141 {0}, // Reserved 3 bytes
142 0, // Global System Interrupt
143 {
144 EFI_ACPI_3_0_SYSTEM_MEMORY,
145 0,
146 0,
147 EFI_ACPI_3_0_BYTE,
148 TPM_BASE_ADDRESS // Base Address
149 },
150 0, // Reserved
151 {0}, // Configuration Address
152 0xFF, // ACPI _UID value of the device, can be changed for different platforms
153 0, // ACPI _UID value of the device, can be changed for different platforms
154 0, // ACPI _UID value of the device, can be changed for different platforms
155 0 // ACPI _UID value of the device, can be changed for different platforms
156 };
157
158 UINTN mBootAttempts = 0;
159 CHAR16 mBootVarName[] = L"BootOrder";
160
161 /**
162 This service provides EFI protocol capability information, state information
163 about the TPM, and Event Log state information.
164
165 @param[in] This Indicates the calling context
166 @param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
167 structure and fills in the fields with the EFI protocol
168 capability information and the current TPM state information.
169 @param[out] TCGFeatureFlags This is a pointer to the feature flags. No feature
170 flags are currently defined so this parameter
171 MUST be set to 0. However, in the future,
172 feature flags may be defined that, for example,
173 enable hash algorithm agility.
174 @param[out] EventLogLocation This is a pointer to the address of the event log in memory.
175 @param[out] EventLogLastEntry If the Event Log contains more than one entry,
176 this is a pointer to the address of the start of
177 the last entry in the event log in memory.
178
179 @retval EFI_SUCCESS Operation completed successfully.
180 @retval EFI_INVALID_PARAMETER ProtocolCapability does not match TCG capability.
181
182 **/
183 EFI_STATUS
184 EFIAPI
185 TcgDxeStatusCheck (
186 IN EFI_TCG_PROTOCOL *This,
187 OUT TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability,
188 OUT UINT32 *TCGFeatureFlags,
189 OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
190 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
191 )
192 {
193 TCG_DXE_DATA *TcgData;
194
195 TcgData = TCG_DXE_DATA_FROM_THIS (This);
196
197 if (ProtocolCapability != NULL) {
198 *ProtocolCapability = TcgData->BsCap;
199 }
200
201 if (TCGFeatureFlags != NULL) {
202 *TCGFeatureFlags = 0;
203 }
204
205 if (EventLogLocation != NULL) {
206 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
207 *EventLogLocation = TcgData->TcgClientAcpiTable->Lasa;
208 } else {
209 *EventLogLocation = TcgData->TcgServerAcpiTable->Lasa;
210 }
211 }
212
213 if (EventLogLastEntry != NULL) {
214 if (TcgData->BsCap.TPMDeactivatedFlag) {
215 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;
216 } else {
217 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)TcgData->LastEvent;
218 }
219 }
220
221 return EFI_SUCCESS;
222 }
223
224 /**
225 This service abstracts the capability to do a hash operation on a data buffer.
226
227 @param[in] This Indicates the calling context
228 @param[in] HashData Pointer to the data buffer to be hashed
229 @param[in] HashDataLen Length of the data buffer to be hashed
230 @param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
231 @param[in, out] HashedDataLen Resultant length of the hashed data
232 @param[in, out] HashedDataResult Resultant buffer of the hashed data
233
234 @retval EFI_SUCCESS Operation completed successfully.
235 @retval EFI_INVALID_PARAMETER HashDataLen is NULL.
236 @retval EFI_INVALID_PARAMETER HashDataLenResult is NULL.
237 @retval EFI_OUT_OF_RESOURCES Cannot allocate buffer of size *HashedDataLen.
238 @retval EFI_UNSUPPORTED AlgorithmId not supported.
239 @retval EFI_BUFFER_TOO_SMALL *HashedDataLen < sizeof (TCG_DIGEST).
240
241 **/
242 EFI_STATUS
243 EFIAPI
244 TcgDxeHashAll (
245 IN EFI_TCG_PROTOCOL *This,
246 IN UINT8 *HashData,
247 IN UINT64 HashDataLen,
248 IN TCG_ALGORITHM_ID AlgorithmId,
249 IN OUT UINT64 *HashedDataLen,
250 IN OUT UINT8 **HashedDataResult
251 )
252 {
253 if (HashedDataLen == NULL || HashedDataResult == NULL) {
254 return EFI_INVALID_PARAMETER;
255 }
256
257 switch (AlgorithmId) {
258 case TPM_ALG_SHA:
259 if (*HashedDataLen == 0) {
260 *HashedDataLen = sizeof (TPM_DIGEST);
261 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
262 if (*HashedDataResult == NULL) {
263 return EFI_OUT_OF_RESOURCES;
264 }
265 }
266
267 if (*HashedDataLen < sizeof (TPM_DIGEST)) {
268 *HashedDataLen = sizeof (TPM_DIGEST);
269 return EFI_BUFFER_TOO_SMALL;
270 }
271 *HashedDataLen = sizeof (TPM_DIGEST);
272
273 if (*HashedDataResult == NULL) {
274 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
275 }
276
277 return TpmCommHashAll (
278 HashData,
279 (UINTN) HashDataLen,
280 (TPM_DIGEST*)*HashedDataResult
281 );
282 default:
283 return EFI_UNSUPPORTED;
284 }
285 }
286
287 /**
288 Add a new entry to the Event Log.
289
290 @param[in] TcgData TCG_DXE_DATA structure.
291 @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
292 @param[in] NewEventData Pointer to the new event data.
293
294 @retval EFI_SUCCESS The new event log entry was added.
295 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
296
297 **/
298 EFI_STATUS
299 EFIAPI
300 TcgDxeLogEventI (
301 IN TCG_DXE_DATA *TcgData,
302 IN TCG_PCR_EVENT_HDR *NewEventHdr,
303 IN UINT8 *NewEventData
304 )
305 {
306 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
307 TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgClientAcpiTable->Lasa;
308 return TpmCommLogEvent (
309 &TcgData->LastEvent,
310 &TcgData->EventLogSize,
311 (UINTN)TcgData->TcgClientAcpiTable->Laml,
312 NewEventHdr,
313 NewEventData
314 );
315 } else {
316 TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgServerAcpiTable->Lasa;
317 return TpmCommLogEvent (
318 &TcgData->LastEvent,
319 &TcgData->EventLogSize,
320 (UINTN)TcgData->TcgServerAcpiTable->Laml,
321 NewEventHdr,
322 NewEventData
323 );
324 }
325 }
326
327 /**
328 This service abstracts the capability to add an entry to the Event Log.
329
330 @param[in] This Indicates the calling context
331 @param[in] TCGLogData Pointer to the start of the data buffer containing
332 the TCG_PCR_EVENT data structure. All fields in
333 this structure are properly filled by the caller.
334 @param[in, out] EventNumber The event number of the event just logged
335 @param[in] Flags Indicate additional flags. Only one flag has been
336 defined at this time, which is 0x01 and means the
337 extend operation should not be performed. All
338 other bits are reserved.
339
340 @retval EFI_SUCCESS Operation completed successfully.
341 @retval EFI_OUT_OF_RESOURCES Insufficient memory in the event log to complete this action.
342
343 **/
344 EFI_STATUS
345 EFIAPI
346 TcgDxeLogEvent (
347 IN EFI_TCG_PROTOCOL *This,
348 IN TCG_PCR_EVENT *TCGLogData,
349 IN OUT UINT32 *EventNumber,
350 IN UINT32 Flags
351 )
352 {
353 TCG_DXE_DATA *TcgData;
354
355 if (TCGLogData == NULL){
356 return EFI_INVALID_PARAMETER;
357 }
358
359 TcgData = TCG_DXE_DATA_FROM_THIS (This);
360
361 if (TcgData->BsCap.TPMDeactivatedFlag) {
362 return EFI_DEVICE_ERROR;
363 }
364 return TcgDxeLogEventI (
365 TcgData,
366 (TCG_PCR_EVENT_HDR*)TCGLogData,
367 TCGLogData->Event
368 );
369 }
370
371 /**
372 This service is a proxy for commands to the TPM.
373
374 @param[in] This Indicates the calling context
375 @param[in] TpmInputParameterBlockSize Size of the TPM input parameter block
376 @param[in] TpmInputParameterBlock Pointer to the TPM input parameter block
377 @param[in] TpmOutputParameterBlockSize Size of the TPM output parameter block
378 @param[in] TpmOutputParameterBlock Pointer to the TPM output parameter block
379
380 @retval EFI_SUCCESS Operation completed successfully.
381 @retval EFI_INVALID_PARAMETER Invalid ordinal.
382 @retval EFI_UNSUPPORTED Current Task Priority Level >= EFI_TPL_CALLBACK.
383 @retval EFI_TIMEOUT The TIS timed-out.
384
385 **/
386 EFI_STATUS
387 EFIAPI
388 TcgDxePassThroughToTpm (
389 IN EFI_TCG_PROTOCOL *This,
390 IN UINT32 TpmInputParameterBlockSize,
391 IN UINT8 *TpmInputParameterBlock,
392 IN UINT32 TpmOutputParameterBlockSize,
393 IN UINT8 *TpmOutputParameterBlock
394 )
395 {
396 TCG_DXE_DATA *TcgData;
397
398 if (TpmInputParameterBlock == NULL ||
399 TpmOutputParameterBlock == NULL ||
400 TpmInputParameterBlockSize == 0 ||
401 TpmOutputParameterBlockSize == 0) {
402 return EFI_INVALID_PARAMETER;
403 }
404
405 TcgData = TCG_DXE_DATA_FROM_THIS (This);
406
407 return TisPcExecute (
408 TcgData->TpmHandle,
409 "%r%/%r",
410 TpmInputParameterBlock,
411 (UINTN) TpmInputParameterBlockSize,
412 TpmOutputParameterBlock,
413 (UINTN) TpmOutputParameterBlockSize
414 );
415 }
416
417 /**
418 Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
419 and add an entry to the Event Log.
420
421 @param[in] TcgData TCG_DXE_DATA structure.
422 @param[in] HashData Physical address of the start of the data buffer
423 to be hashed, extended, and logged.
424 @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
425 @param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
426 @param[in] NewEventData Pointer to the new event data.
427
428 @retval EFI_SUCCESS Operation completed successfully.
429 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
430 @retval EFI_DEVICE_ERROR The command was unsuccessful.
431
432 **/
433 EFI_STATUS
434 EFIAPI
435 TcgDxeHashLogExtendEventI (
436 IN TCG_DXE_DATA *TcgData,
437 IN UINT8 *HashData,
438 IN UINT64 HashDataLen,
439 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
440 IN UINT8 *NewEventData
441 )
442 {
443 EFI_STATUS Status;
444
445 if (HashData == NULL && HashDataLen > 0) {
446 return EFI_INVALID_PARAMETER;
447 }
448
449 if (HashDataLen > 0 || HashData != NULL) {
450 Status = TpmCommHashAll (
451 HashData,
452 (UINTN) HashDataLen,
453 &NewEventHdr->Digest
454 );
455 ASSERT_EFI_ERROR (Status);
456 }
457
458 Status = TpmCommExtend (
459 TcgData->TpmHandle,
460 &NewEventHdr->Digest,
461 NewEventHdr->PCRIndex,
462 NULL
463 );
464 if (!EFI_ERROR (Status)) {
465 Status = TcgDxeLogEventI (TcgData, NewEventHdr, NewEventData);
466 }
467
468 return Status;
469 }
470
471 /**
472 This service abstracts the capability to do a hash operation on a data buffer,
473 extend a specific TPM PCR with the hash result, and add an entry to the Event Log
474
475 @param[in] This Indicates the calling context
476 @param[in] HashData Physical address of the start of the data buffer
477 to be hashed, extended, and logged.
478 @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
479 @param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
480 @param[in, out] TCGLogData The physical address of the start of the data
481 buffer containing the TCG_PCR_EVENT data structure.
482 @param[in, out] EventNumber The event number of the event just logged.
483 @param[out] EventLogLastEntry Physical address of the first byte of the entry
484 just placed in the Event Log. If the Event Log was
485 empty when this function was called then this physical
486 address will be the same as the physical address of
487 the start of the Event Log.
488
489 @retval EFI_SUCCESS Operation completed successfully.
490 @retval EFI_UNSUPPORTED AlgorithmId != TPM_ALG_SHA.
491 @retval EFI_UNSUPPORTED Current TPL >= EFI_TPL_CALLBACK.
492 @retval EFI_DEVICE_ERROR The command was unsuccessful.
493
494 **/
495 EFI_STATUS
496 EFIAPI
497 TcgDxeHashLogExtendEvent (
498 IN EFI_TCG_PROTOCOL *This,
499 IN EFI_PHYSICAL_ADDRESS HashData,
500 IN UINT64 HashDataLen,
501 IN TPM_ALGORITHM_ID AlgorithmId,
502 IN OUT TCG_PCR_EVENT *TCGLogData,
503 IN OUT UINT32 *EventNumber,
504 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
505 )
506 {
507 TCG_DXE_DATA *TcgData;
508
509 if (TCGLogData == NULL || EventLogLastEntry == NULL){
510 return EFI_INVALID_PARAMETER;
511 }
512
513 TcgData = TCG_DXE_DATA_FROM_THIS (This);
514
515 if (TcgData->BsCap.TPMDeactivatedFlag) {
516 return EFI_DEVICE_ERROR;
517 }
518
519 if (AlgorithmId != TPM_ALG_SHA) {
520 return EFI_UNSUPPORTED;
521 }
522
523 return TcgDxeHashLogExtendEventI (
524 TcgData,
525 (UINT8 *) (UINTN) HashData,
526 HashDataLen,
527 (TCG_PCR_EVENT_HDR*)TCGLogData,
528 TCGLogData->Event
529 );
530 }
531
532 TCG_DXE_DATA mTcgDxeData = {
533 {
534 TcgDxeStatusCheck,
535 TcgDxeHashAll,
536 TcgDxeLogEvent,
537 TcgDxePassThroughToTpm,
538 TcgDxeHashLogExtendEvent
539 },
540 {
541 sizeof (mTcgDxeData.BsCap),
542 { 1, 2, 0, 0 },
543 { 1, 2, 0, 0 },
544 1,
545 TRUE,
546 FALSE
547 },
548 &mTcgClientAcpiTemplate,
549 &mTcgServerAcpiTemplate,
550 0,
551 NULL,
552 NULL
553 };
554
555 /**
556 Initialize the Event Log and log events passed from the PEI phase.
557
558 @retval EFI_SUCCESS Operation completed successfully.
559 @retval EFI_OUT_OF_RESOURCES Out of memory.
560
561 **/
562 EFI_STATUS
563 EFIAPI
564 SetupEventLog (
565 VOID
566 )
567 {
568 EFI_STATUS Status;
569 TCG_PCR_EVENT *TcgEvent;
570 EFI_PEI_HOB_POINTERS GuidHob;
571 EFI_PHYSICAL_ADDRESS Lasa;
572
573 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
574 Lasa = mTcgClientAcpiTemplate.Lasa;
575
576 Status = gBS->AllocatePages (
577 AllocateMaxAddress,
578 EfiACPIMemoryNVS,
579 EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
580 &Lasa
581 );
582 if (EFI_ERROR (Status)) {
583 return Status;
584 }
585 mTcgClientAcpiTemplate.Lasa = Lasa;
586 //
587 // To initialize them as 0xFF is recommended
588 // because the OS can know the last entry for that.
589 //
590 SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
591 mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
592
593 } else {
594 Lasa = mTcgServerAcpiTemplate.Lasa;
595
596 Status = gBS->AllocatePages (
597 AllocateMaxAddress,
598 EfiACPIMemoryNVS,
599 EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
600 &Lasa
601 );
602 if (EFI_ERROR (Status)) {
603 return Status;
604 }
605 mTcgServerAcpiTemplate.Lasa = Lasa;
606 //
607 // To initialize them as 0xFF is recommended
608 // because the OS can know the last entry for that.
609 //
610 SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
611 mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
612 }
613
614 GuidHob.Raw = GetHobList ();
615 while (!EFI_ERROR (Status) &&
616 (GuidHob.Raw = GetNextGuidHob (&gTcgEventEntryHobGuid, GuidHob.Raw)) != NULL) {
617 TcgEvent = GET_GUID_HOB_DATA (GuidHob.Guid);
618 GuidHob.Raw = GET_NEXT_HOB (GuidHob);
619 Status = TcgDxeLogEventI (
620 &mTcgDxeData,
621 (TCG_PCR_EVENT_HDR*)TcgEvent,
622 TcgEvent->Event
623 );
624 }
625
626 return Status;
627 }
628
629 /**
630 Measure and log an action string, and extend the measurement result into PCR[5].
631
632 @param[in] String A specific string that indicates an Action event.
633
634 @retval EFI_SUCCESS Operation completed successfully.
635 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
636
637 **/
638 EFI_STATUS
639 EFIAPI
640 TcgMeasureAction (
641 IN CHAR8 *String
642 )
643 {
644 TCG_PCR_EVENT_HDR TcgEvent;
645
646 TcgEvent.PCRIndex = 5;
647 TcgEvent.EventType = EV_EFI_ACTION;
648 TcgEvent.EventSize = (UINT32)AsciiStrLen (String);
649 return TcgDxeHashLogExtendEventI (
650 &mTcgDxeData,
651 (UINT8*)String,
652 TcgEvent.EventSize,
653 &TcgEvent,
654 (UINT8 *) String
655 );
656 }
657
658 /**
659 Measure and log EFI handoff tables, and extend the measurement result into PCR[1].
660
661 @retval EFI_SUCCESS Operation completed successfully.
662 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
663
664 **/
665 EFI_STATUS
666 EFIAPI
667 MeasureHandoffTables (
668 VOID
669 )
670 {
671 EFI_STATUS Status;
672 SMBIOS_TABLE_ENTRY_POINT *SmbiosTable;
673 TCG_PCR_EVENT_HDR TcgEvent;
674 EFI_HANDOFF_TABLE_POINTERS HandoffTables;
675
676 Status = EfiGetSystemConfigurationTable (
677 &gEfiSmbiosTableGuid,
678 (VOID **) &SmbiosTable
679 );
680
681 if (!EFI_ERROR (Status)) {
682 ASSERT (SmbiosTable != NULL);
683
684 TcgEvent.PCRIndex = 1;
685 TcgEvent.EventType = EV_EFI_HANDOFF_TABLES;
686 TcgEvent.EventSize = sizeof (HandoffTables);
687
688 HandoffTables.NumberOfTables = 1;
689 HandoffTables.TableEntry[0].VendorGuid = gEfiSmbiosTableGuid;
690 HandoffTables.TableEntry[0].VendorTable = SmbiosTable;
691
692 DEBUG ((DEBUG_INFO, "The Smbios Table starts at: 0x%x\n", SmbiosTable->TableAddress));
693 DEBUG ((DEBUG_INFO, "The Smbios Table size: 0x%x\n", SmbiosTable->TableLength));
694
695 Status = TcgDxeHashLogExtendEventI (
696 &mTcgDxeData,
697 (UINT8*)(UINTN)SmbiosTable->TableAddress,
698 SmbiosTable->TableLength,
699 &TcgEvent,
700 (UINT8*)&HandoffTables
701 );
702 }
703
704 return Status;
705 }
706
707 /**
708 Measure and log Separator event, and extend the measurement result into a specific PCR.
709
710 @param[in] PCRIndex PCR index.
711
712 @retval EFI_SUCCESS Operation completed successfully.
713 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
714
715 **/
716 EFI_STATUS
717 EFIAPI
718 MeasureSeparatorEvent (
719 IN TPM_PCRINDEX PCRIndex
720 )
721 {
722 TCG_PCR_EVENT_HDR TcgEvent;
723 UINT32 EventData;
724
725 EventData = 0;
726 TcgEvent.PCRIndex = PCRIndex;
727 TcgEvent.EventType = EV_SEPARATOR;
728 TcgEvent.EventSize = (UINT32)sizeof (EventData);
729 return TcgDxeHashLogExtendEventI (
730 &mTcgDxeData,
731 (UINT8 *)&EventData,
732 sizeof (EventData),
733 &TcgEvent,
734 (UINT8 *)&EventData
735 );
736 }
737
738 /**
739 Read an EFI Variable.
740
741 This function allocates a buffer to return the contents of the variable. The caller is
742 responsible for freeing the buffer.
743
744 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
745 @param[in] VendorGuid A unique identifier for the vendor.
746 @param[out] VarSize The size of the variable data.
747
748 @return A pointer to the buffer to return the contents of the variable.Otherwise NULL.
749
750 **/
751 VOID *
752 EFIAPI
753 ReadVariable (
754 IN CHAR16 *VarName,
755 IN EFI_GUID *VendorGuid,
756 OUT UINTN *VarSize
757 )
758 {
759 EFI_STATUS Status;
760 VOID *VarData;
761
762 *VarSize = 0;
763 Status = gRT->GetVariable (
764 VarName,
765 VendorGuid,
766 NULL,
767 VarSize,
768 NULL
769 );
770 if (Status != EFI_BUFFER_TOO_SMALL) {
771 return NULL;
772 }
773
774 VarData = AllocatePool (*VarSize);
775 if (VarData != NULL) {
776 Status = gRT->GetVariable (
777 VarName,
778 VendorGuid,
779 NULL,
780 VarSize,
781 VarData
782 );
783 if (EFI_ERROR (Status)) {
784 FreePool (VarData);
785 VarData = NULL;
786 *VarSize = 0;
787 }
788 }
789 return VarData;
790 }
791
792 /**
793 Measure and log an EFI variable, and extend the measurement result into a specific PCR.
794
795 @param[in] PCRIndex PCR Index.
796 @param[in] EventType Event type.
797 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
798 @param[in] VendorGuid A unique identifier for the vendor.
799 @param[in] VarData The content of the variable data.
800 @param[in] VarSize The size of the variable data.
801
802 @retval EFI_SUCCESS Operation completed successfully.
803 @retval EFI_OUT_OF_RESOURCES Out of memory.
804 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
805
806 **/
807 EFI_STATUS
808 EFIAPI
809 MeasureVariable (
810 IN TPM_PCRINDEX PCRIndex,
811 IN TCG_EVENTTYPE EventType,
812 IN CHAR16 *VarName,
813 IN EFI_GUID *VendorGuid,
814 IN VOID *VarData,
815 IN UINTN VarSize
816 )
817 {
818 EFI_STATUS Status;
819 TCG_PCR_EVENT_HDR TcgEvent;
820 UINTN VarNameLength;
821 EFI_VARIABLE_DATA *VarLog;
822
823 VarNameLength = StrLen (VarName);
824 TcgEvent.PCRIndex = PCRIndex;
825 TcgEvent.EventType = EventType;
826 TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
827 - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
828
829 VarLog = (EFI_VARIABLE_DATA*)AllocatePool (TcgEvent.EventSize);
830 if (VarLog == NULL) {
831 return EFI_OUT_OF_RESOURCES;
832 }
833
834 VarLog->VariableName = *VendorGuid;
835 VarLog->UnicodeNameLength = VarNameLength;
836 VarLog->VariableDataLength = VarSize;
837 CopyMem (
838 VarLog->UnicodeName,
839 VarName,
840 VarNameLength * sizeof (*VarName)
841 );
842 CopyMem (
843 (CHAR16 *)VarLog->UnicodeName + VarNameLength,
844 VarData,
845 VarSize
846 );
847
848 Status = TcgDxeHashLogExtendEventI (
849 &mTcgDxeData,
850 (UINT8*)VarData,
851 VarSize,
852 &TcgEvent,
853 (UINT8*)VarLog
854 );
855 FreePool (VarLog);
856 return Status;
857 }
858
859 /**
860 Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[5].
861
862 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
863 @param[in] VendorGuid A unique identifier for the vendor.
864 @param[out] VarSize The size of the variable data.
865 @param[out] VarData Pointer to the content of the variable.
866
867 @retval EFI_SUCCESS Operation completed successfully.
868 @retval EFI_OUT_OF_RESOURCES Out of memory.
869 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
870
871 **/
872 EFI_STATUS
873 EFIAPI
874 ReadAndMeasureBootVariable (
875 IN CHAR16 *VarName,
876 IN EFI_GUID *VendorGuid,
877 OUT UINTN *VarSize,
878 OUT VOID **VarData
879 )
880 {
881 EFI_STATUS Status;
882
883 *VarData = ReadVariable (VarName, VendorGuid, VarSize);
884 if (*VarData == NULL) {
885 return EFI_NOT_FOUND;
886 }
887
888 Status = MeasureVariable (
889 5,
890 EV_EFI_VARIABLE_BOOT,
891 VarName,
892 VendorGuid,
893 *VarData,
894 *VarSize
895 );
896 return Status;
897 }
898
899 /**
900 Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.
901
902 The EFI boot variables are BootOrder and Boot#### variables.
903
904 @retval EFI_SUCCESS Operation completed successfully.
905 @retval EFI_OUT_OF_RESOURCES Out of memory.
906 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
907
908 **/
909 EFI_STATUS
910 EFIAPI
911 MeasureAllBootVariables (
912 VOID
913 )
914 {
915 EFI_STATUS Status;
916 UINT16 *BootOrder;
917 UINTN BootCount;
918 UINTN Index;
919 VOID *BootVarData;
920 UINTN Size;
921
922 Status = ReadAndMeasureBootVariable (
923 mBootVarName,
924 &gEfiGlobalVariableGuid,
925 &BootCount,
926 (VOID **) &BootOrder
927 );
928 if (Status == EFI_NOT_FOUND) {
929 return EFI_SUCCESS;
930 }
931 ASSERT (BootOrder != NULL);
932
933 if (EFI_ERROR (Status)) {
934 FreePool (BootOrder);
935 return Status;
936 }
937
938 BootCount /= sizeof (*BootOrder);
939 for (Index = 0; Index < BootCount; Index++) {
940 UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);
941 Status = ReadAndMeasureBootVariable (
942 mBootVarName,
943 &gEfiGlobalVariableGuid,
944 &Size,
945 &BootVarData
946 );
947 if (!EFI_ERROR (Status)) {
948 FreePool (BootVarData);
949 }
950 }
951
952 FreePool (BootOrder);
953 return EFI_SUCCESS;
954 }
955
956 /**
957 Ready to Boot Event notification handler.
958
959 Sequence of OS boot events is measured in this event notification handler.
960
961 @param[in] Event Event whose notification function is being invoked
962 @param[in] Context Pointer to the notification function's context
963
964 **/
965 VOID
966 EFIAPI
967 OnReadyToBoot (
968 IN EFI_EVENT Event,
969 IN VOID *Context
970 )
971 {
972 EFI_STATUS Status;
973 TPM_PCRINDEX PcrIndex;
974
975 if (mBootAttempts == 0) {
976
977 //
978 // Measure handoff tables.
979 //
980 Status = MeasureHandoffTables ();
981 if (EFI_ERROR (Status)) {
982 DEBUG ((EFI_D_ERROR, "HOBs not Measured. Error!\n"));
983 }
984
985 //
986 // Measure BootOrder & Boot#### variables.
987 //
988 Status = MeasureAllBootVariables ();
989 if (EFI_ERROR (Status)) {
990 DEBUG ((EFI_D_ERROR, "Boot Variables not Measured. Error!\n"));
991 }
992
993 //
994 // 1. This is the first boot attempt.
995 //
996 Status = TcgMeasureAction (
997 EFI_CALLING_EFI_APPLICATION
998 );
999 ASSERT_EFI_ERROR (Status);
1000
1001 //
1002 // 2. Draw a line between pre-boot env and entering post-boot env.
1003 //
1004 for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {
1005 Status = MeasureSeparatorEvent (PcrIndex);
1006 ASSERT_EFI_ERROR (Status);
1007 }
1008
1009 //
1010 // 3. Measure GPT. It would be done in SAP driver.
1011 //
1012
1013 //
1014 // 4. Measure PE/COFF OS loader. It would be done in SAP driver.
1015 //
1016
1017 //
1018 // 5. Read & Measure variable. BootOrder already measured.
1019 //
1020 } else {
1021 //
1022 // 6. Not first attempt, meaning a return from last attempt
1023 //
1024 Status = TcgMeasureAction (
1025 EFI_RETURNING_FROM_EFI_APPLICATOIN
1026 );
1027 ASSERT_EFI_ERROR (Status);
1028 }
1029
1030 DEBUG ((EFI_D_INFO, "TPM TcgDxe Measure Data when ReadyToBoot\n"));
1031 //
1032 // Increase boot attempt counter.
1033 //
1034 mBootAttempts++;
1035 }
1036
1037 /**
1038 Install TCG ACPI Table when ACPI Table Protocol is available.
1039
1040 A system's firmware uses an ACPI table to identify the system's TCG capabilities
1041 to the Post-Boot environment. The information in this ACPI table is not guaranteed
1042 to be valid until the Host Platform transitions from pre-boot state to post-boot state.
1043
1044 @param[in] Event Event whose notification function is being invoked
1045 @param[in] Context Pointer to the notification function's context
1046 **/
1047 VOID
1048 EFIAPI
1049 InstallAcpiTable (
1050 IN EFI_EVENT Event,
1051 IN VOID* Context
1052 )
1053 {
1054 UINTN TableKey;
1055 EFI_STATUS Status;
1056 EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
1057 UINT8 Checksum;
1058
1059 Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **)&AcpiTable);
1060 if (EFI_ERROR (Status)) {
1061 return;
1062 }
1063
1064 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
1065
1066 //
1067 // The ACPI table must be checksumed before calling the InstallAcpiTable()
1068 // service of the ACPI table protocol to install it.
1069 //
1070 Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgClientAcpiTemplate, sizeof (mTcgClientAcpiTemplate));
1071 mTcgClientAcpiTemplate.Header.Checksum = Checksum;
1072
1073 Status = AcpiTable->InstallAcpiTable (
1074 AcpiTable,
1075 &mTcgClientAcpiTemplate,
1076 sizeof (mTcgClientAcpiTemplate),
1077 &TableKey
1078 );
1079 } else {
1080
1081 //
1082 // The ACPI table must be checksumed before calling the InstallAcpiTable()
1083 // service of the ACPI table protocol to install it.
1084 //
1085 Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));
1086 mTcgServerAcpiTemplate.Header.Checksum = Checksum;
1087
1088 Status = AcpiTable->InstallAcpiTable (
1089 AcpiTable,
1090 &mTcgServerAcpiTemplate,
1091 sizeof (mTcgServerAcpiTemplate),
1092 &TableKey
1093 );
1094 }
1095 ASSERT_EFI_ERROR (Status);
1096 }
1097
1098 /**
1099 Exit Boot Services Event notification handler.
1100
1101 Measure invocation and success of ExitBootServices.
1102
1103 @param[in] Event Event whose notification function is being invoked
1104 @param[in] Context Pointer to the notification function's context
1105
1106 **/
1107 VOID
1108 EFIAPI
1109 OnExitBootServices (
1110 IN EFI_EVENT Event,
1111 IN VOID *Context
1112 )
1113 {
1114 EFI_STATUS Status;
1115
1116 //
1117 // Measure invocation of ExitBootServices,
1118 //
1119 Status = TcgMeasureAction (
1120 EFI_EXIT_BOOT_SERVICES_INVOCATION
1121 );
1122 ASSERT_EFI_ERROR (Status);
1123
1124 //
1125 // Measure success of ExitBootServices
1126 //
1127 Status = TcgMeasureAction (
1128 EFI_EXIT_BOOT_SERVICES_SUCCEEDED
1129 );
1130 ASSERT_EFI_ERROR (Status);
1131 }
1132
1133 /**
1134 Exit Boot Services Failed Event notification handler.
1135
1136 Measure Failure of ExitBootServices.
1137
1138 @param[in] Event Event whose notification function is being invoked
1139 @param[in] Context Pointer to the notification function's context
1140
1141 **/
1142 VOID
1143 EFIAPI
1144 OnExitBootServicesFailed (
1145 IN EFI_EVENT Event,
1146 IN VOID *Context
1147 )
1148 {
1149 EFI_STATUS Status;
1150
1151 //
1152 // Measure Failure of ExitBootServices,
1153 //
1154 Status = TcgMeasureAction (
1155 EFI_EXIT_BOOT_SERVICES_FAILED
1156 );
1157 ASSERT_EFI_ERROR (Status);
1158
1159 }
1160
1161 /**
1162 Get TPM Deactivated state.
1163
1164 @param[out] TPMDeactivatedFlag Returns TPM Deactivated state.
1165
1166 @retval EFI_SUCCESS Operation completed successfully.
1167 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1168
1169 **/
1170 EFI_STATUS
1171 GetTpmStatus (
1172 OUT BOOLEAN *TPMDeactivatedFlag
1173 )
1174 {
1175 EFI_STATUS Status;
1176 TPM_STCLEAR_FLAGS VFlags;
1177
1178 Status = TpmCommGetFlags (
1179 mTcgDxeData.TpmHandle,
1180 TPM_CAP_FLAG_VOLATILE,
1181 &VFlags,
1182 sizeof (VFlags)
1183 );
1184 if (!EFI_ERROR (Status)) {
1185 *TPMDeactivatedFlag = VFlags.deactivated;
1186 }
1187
1188 return Status;
1189 }
1190
1191 /**
1192 The driver's entry point.
1193
1194 It publishes EFI TCG Protocol.
1195
1196 @param[in] ImageHandle The firmware allocated handle for the EFI image.
1197 @param[in] SystemTable A pointer to the EFI System Table.
1198
1199 @retval EFI_SUCCESS The entry point is executed successfully.
1200 @retval other Some error occurs when executing this entry point.
1201
1202 **/
1203 EFI_STATUS
1204 EFIAPI
1205 DriverEntry (
1206 IN EFI_HANDLE ImageHandle,
1207 IN EFI_SYSTEM_TABLE *SystemTable
1208 )
1209 {
1210 EFI_STATUS Status;
1211 EFI_EVENT Event;
1212 VOID *Registration;
1213
1214 mTcgDxeData.TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS;
1215 Status = TisPcRequestUseTpm (mTcgDxeData.TpmHandle);
1216 if (EFI_ERROR (Status)) {
1217 DEBUG ((EFI_D_ERROR, "TPM not detected!\n"));
1218 return Status;
1219 }
1220
1221 Status = GetTpmStatus (&mTcgDxeData.BsCap.TPMDeactivatedFlag);
1222 if (EFI_ERROR (Status)) {
1223 DEBUG ((
1224 EFI_D_ERROR,
1225 "Line %d in file " __FILE__ ":\n "
1226 "DriverEntry: TPM not working properly\n",
1227 __LINE__
1228 ));
1229 return Status;
1230 }
1231
1232 Status = gBS->InstallProtocolInterface (
1233 &ImageHandle,
1234 &gEfiTcgProtocolGuid,
1235 EFI_NATIVE_INTERFACE,
1236 &mTcgDxeData.TcgProtocol
1237 );
1238 if (!EFI_ERROR (Status) && !mTcgDxeData.BsCap.TPMDeactivatedFlag) {
1239 //
1240 // Setup the log area and copy event log from hob list to it
1241 //
1242 Status = SetupEventLog ();
1243 ASSERT_EFI_ERROR (Status);
1244
1245 //
1246 // Measure handoff tables, Boot#### variables etc.
1247 //
1248 Status = EfiCreateEventReadyToBootEx (
1249 TPL_CALLBACK,
1250 OnReadyToBoot,
1251 NULL,
1252 &Event
1253 );
1254
1255 Status = gBS->CreateEventEx (
1256 EVT_NOTIFY_SIGNAL,
1257 TPL_NOTIFY,
1258 OnExitBootServices,
1259 NULL,
1260 &gEfiEventExitBootServicesGuid,
1261 &Event
1262 );
1263
1264 //
1265 // Measure Exit Boot Service failed
1266 //
1267 Status = gBS->CreateEventEx (
1268 EVT_NOTIFY_SIGNAL,
1269 TPL_NOTIFY,
1270 OnExitBootServicesFailed,
1271 NULL,
1272 &gEventExitBootServicesFailedGuid,
1273 &Event
1274 );
1275 }
1276
1277 //
1278 // Install ACPI Table
1279 //
1280 EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);
1281
1282 return Status;
1283 }
EFI Development Kit II mirror for PVE