]> git.proxmox.com Git - mirror_edk2.git/blob - SecurityPkg/Tcg/TcgDxe/TcgDxe.c
projects / mirror_edk2.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Add TcgDxeHashLogExtendEvent EventLogLastEntry parameter update logic
[mirror_edk2.git] / SecurityPkg / Tcg / TcgDxe / TcgDxe.c
1 /** @file
2 This module implements TCG EFI Protocol.
3
4 Caution: This module requires additional review when modified.
5 This driver will have external input - TcgDxePassThroughToTpm
6 This external input must be validated carefully to avoid security issue like
7 buffer overflow, integer overflow.
8
9 TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.
10
11 Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>
12 This program and the accompanying materials
13 are licensed and made available under the terms and conditions of the BSD License
14 which accompanies this distribution. The full text of the license may be found at
15 http://opensource.org/licenses/bsd-license.php
16
17 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
18 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
19
20 **/
21
22 #include <PiDxe.h>
23 #include <IndustryStandard/Tpm12.h>
24 #include <IndustryStandard/Acpi.h>
25 #include <IndustryStandard/PeImage.h>
26 #include <IndustryStandard/SmBios.h>
27
28 #include <Guid/GlobalVariable.h>
29 #include <Guid/SmBios.h>
30 #include <Guid/HobList.h>
31 #include <Guid/TcgEventHob.h>
32 #include <Guid/EventGroup.h>
33 #include <Guid/EventExitBootServiceFailed.h>
34 #include <Protocol/DevicePath.h>
35 #include <Protocol/TcgService.h>
36 #include <Protocol/AcpiTable.h>
37
38 #include <Library/DebugLib.h>
39 #include <Library/BaseMemoryLib.h>
40 #include <Library/UefiRuntimeServicesTableLib.h>
41 #include <Library/UefiDriverEntryPoint.h>
42 #include <Library/HobLib.h>
43 #include <Library/UefiBootServicesTableLib.h>
44 #include <Library/BaseLib.h>
45 #include <Library/MemoryAllocationLib.h>
46 #include <Library/PrintLib.h>
47 #include <Library/TpmCommLib.h>
48 #include <Library/PcdLib.h>
49 #include <Library/UefiLib.h>
50
51 #include "TpmComm.h"
52
53 #define EFI_TCG_LOG_AREA_SIZE 0x10000
54
55 #pragma pack (1)
56
57 typedef struct _EFI_TCG_CLIENT_ACPI_TABLE {
58 EFI_ACPI_DESCRIPTION_HEADER Header;
59 UINT16 PlatformClass;
60 UINT32 Laml;
61 EFI_PHYSICAL_ADDRESS Lasa;
62 } EFI_TCG_CLIENT_ACPI_TABLE;
63
64 typedef struct _EFI_TCG_SERVER_ACPI_TABLE {
65 EFI_ACPI_DESCRIPTION_HEADER Header;
66 UINT16 PlatformClass;
67 UINT16 Reserved0;
68 UINT64 Laml;
69 EFI_PHYSICAL_ADDRESS Lasa;
70 UINT16 SpecRev;
71 UINT8 DeviceFlags;
72 UINT8 InterruptFlags;
73 UINT8 Gpe;
74 UINT8 Reserved1[3];
75 UINT32 GlobalSysInt;
76 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE BaseAddress;
77 UINT32 Reserved2;
78 EFI_ACPI_3_0_GENERIC_ADDRESS_STRUCTURE ConfigAddress;
79 UINT8 PciSegNum;
80 UINT8 PciBusNum;
81 UINT8 PciDevNum;
82 UINT8 PciFuncNum;
83 } EFI_TCG_SERVER_ACPI_TABLE;
84
85 #pragma pack ()
86
87 #define TCG_DXE_DATA_FROM_THIS(this) \
88 BASE_CR (this, TCG_DXE_DATA, TcgProtocol)
89
90 typedef struct _TCG_DXE_DATA {
91 EFI_TCG_PROTOCOL TcgProtocol;
92 TCG_EFI_BOOT_SERVICE_CAPABILITY BsCap;
93 EFI_TCG_CLIENT_ACPI_TABLE *TcgClientAcpiTable;
94 EFI_TCG_SERVER_ACPI_TABLE *TcgServerAcpiTable;
95 UINTN EventLogSize;
96 UINT8 *LastEvent;
97 TIS_TPM_HANDLE TpmHandle;
98 } TCG_DXE_DATA;
99
100
101
102 EFI_TCG_CLIENT_ACPI_TABLE mTcgClientAcpiTemplate = {
103 {
104 EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
105 sizeof (mTcgClientAcpiTemplate),
106 0x02 //Revision
107 //
108 // Compiler initializes the remaining bytes to 0
109 // These fields should be filled in in production
110 //
111 },
112 0, // 0 for PC Client Platform Class
113 0, // Log Area Max Length
114 (EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1) // Log Area Start Address
115 };
116
117 //
118 // The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
119 // the TPM device connectes to LPC, and also defined the ACPI _UID as 0xFF,
120 // this _UID can be changed and should match with the _UID setting of the TPM
121 // ACPI device object
122 //
123 EFI_TCG_SERVER_ACPI_TABLE mTcgServerAcpiTemplate = {
124 {
125 EFI_ACPI_3_0_TRUSTED_COMPUTING_PLATFORM_ALLIANCE_CAPABILITIES_TABLE_SIGNATURE,
126 sizeof (mTcgServerAcpiTemplate),
127 0x02 //Revision
128 //
129 // Compiler initializes the remaining bytes to 0
130 // These fields should be filled in in production
131 //
132 },
133 1, // 1 for Server Platform Class
134 0, // Reserved
135 0, // Log Area Max Length
136 (EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1), // Log Area Start Address
137 0x0100, // TCG Specification revision 1.0
138 2, // Device Flags
139 0, // Interrupt Flags
140 0, // GPE
141 {0}, // Reserved 3 bytes
142 0, // Global System Interrupt
143 {
144 EFI_ACPI_3_0_SYSTEM_MEMORY,
145 0,
146 0,
147 EFI_ACPI_3_0_BYTE,
148 TPM_BASE_ADDRESS // Base Address
149 },
150 0, // Reserved
151 {0}, // Configuration Address
152 0xFF, // ACPI _UID value of the device, can be changed for different platforms
153 0, // ACPI _UID value of the device, can be changed for different platforms
154 0, // ACPI _UID value of the device, can be changed for different platforms
155 0 // ACPI _UID value of the device, can be changed for different platforms
156 };
157
158 UINTN mBootAttempts = 0;
159 CHAR16 mBootVarName[] = L"BootOrder";
160
161 /**
162 This service provides EFI protocol capability information, state information
163 about the TPM, and Event Log state information.
164
165 @param[in] This Indicates the calling context
166 @param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
167 structure and fills in the fields with the EFI protocol
168 capability information and the current TPM state information.
169 @param[out] TCGFeatureFlags This is a pointer to the feature flags. No feature
170 flags are currently defined so this parameter
171 MUST be set to 0. However, in the future,
172 feature flags may be defined that, for example,
173 enable hash algorithm agility.
174 @param[out] EventLogLocation This is a pointer to the address of the event log in memory.
175 @param[out] EventLogLastEntry If the Event Log contains more than one entry,
176 this is a pointer to the address of the start of
177 the last entry in the event log in memory.
178
179 @retval EFI_SUCCESS Operation completed successfully.
180 @retval EFI_INVALID_PARAMETER ProtocolCapability does not match TCG capability.
181
182 **/
183 EFI_STATUS
184 EFIAPI
185 TcgDxeStatusCheck (
186 IN EFI_TCG_PROTOCOL *This,
187 OUT TCG_EFI_BOOT_SERVICE_CAPABILITY *ProtocolCapability,
188 OUT UINT32 *TCGFeatureFlags,
189 OUT EFI_PHYSICAL_ADDRESS *EventLogLocation,
190 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
191 )
192 {
193 TCG_DXE_DATA *TcgData;
194
195 TcgData = TCG_DXE_DATA_FROM_THIS (This);
196
197 if (ProtocolCapability != NULL) {
198 *ProtocolCapability = TcgData->BsCap;
199 }
200
201 if (TCGFeatureFlags != NULL) {
202 *TCGFeatureFlags = 0;
203 }
204
205 if (EventLogLocation != NULL) {
206 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
207 *EventLogLocation = TcgData->TcgClientAcpiTable->Lasa;
208 } else {
209 *EventLogLocation = TcgData->TcgServerAcpiTable->Lasa;
210 }
211 }
212
213 if (EventLogLastEntry != NULL) {
214 if (TcgData->BsCap.TPMDeactivatedFlag) {
215 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)0;
216 } else {
217 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN)TcgData->LastEvent;
218 }
219 }
220
221 return EFI_SUCCESS;
222 }
223
224 /**
225 This service abstracts the capability to do a hash operation on a data buffer.
226
227 @param[in] This Indicates the calling context
228 @param[in] HashData Pointer to the data buffer to be hashed
229 @param[in] HashDataLen Length of the data buffer to be hashed
230 @param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
231 @param[in, out] HashedDataLen Resultant length of the hashed data
232 @param[in, out] HashedDataResult Resultant buffer of the hashed data
233
234 @retval EFI_SUCCESS Operation completed successfully.
235 @retval EFI_INVALID_PARAMETER HashDataLen is NULL.
236 @retval EFI_INVALID_PARAMETER HashDataLenResult is NULL.
237 @retval EFI_OUT_OF_RESOURCES Cannot allocate buffer of size *HashedDataLen.
238 @retval EFI_UNSUPPORTED AlgorithmId not supported.
239 @retval EFI_BUFFER_TOO_SMALL *HashedDataLen < sizeof (TCG_DIGEST).
240
241 **/
242 EFI_STATUS
243 EFIAPI
244 TcgDxeHashAll (
245 IN EFI_TCG_PROTOCOL *This,
246 IN UINT8 *HashData,
247 IN UINT64 HashDataLen,
248 IN TCG_ALGORITHM_ID AlgorithmId,
249 IN OUT UINT64 *HashedDataLen,
250 IN OUT UINT8 **HashedDataResult
251 )
252 {
253 if (HashedDataLen == NULL || HashedDataResult == NULL) {
254 return EFI_INVALID_PARAMETER;
255 }
256
257 switch (AlgorithmId) {
258 case TPM_ALG_SHA:
259 if (*HashedDataLen == 0) {
260 *HashedDataLen = sizeof (TPM_DIGEST);
261 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
262 if (*HashedDataResult == NULL) {
263 return EFI_OUT_OF_RESOURCES;
264 }
265 }
266
267 if (*HashedDataLen < sizeof (TPM_DIGEST)) {
268 *HashedDataLen = sizeof (TPM_DIGEST);
269 return EFI_BUFFER_TOO_SMALL;
270 }
271 *HashedDataLen = sizeof (TPM_DIGEST);
272
273 if (*HashedDataResult == NULL) {
274 *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
275 }
276
277 return TpmCommHashAll (
278 HashData,
279 (UINTN) HashDataLen,
280 (TPM_DIGEST*)*HashedDataResult
281 );
282 default:
283 return EFI_UNSUPPORTED;
284 }
285 }
286
287 /**
288 Add a new entry to the Event Log.
289
290 @param[in] TcgData TCG_DXE_DATA structure.
291 @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
292 @param[in] NewEventData Pointer to the new event data.
293
294 @retval EFI_SUCCESS The new event log entry was added.
295 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
296
297 **/
298 EFI_STATUS
299 EFIAPI
300 TcgDxeLogEventI (
301 IN TCG_DXE_DATA *TcgData,
302 IN TCG_PCR_EVENT_HDR *NewEventHdr,
303 IN UINT8 *NewEventData
304 )
305 {
306 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
307 TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgClientAcpiTable->Lasa;
308 return TpmCommLogEvent (
309 &TcgData->LastEvent,
310 &TcgData->EventLogSize,
311 (UINTN)TcgData->TcgClientAcpiTable->Laml,
312 NewEventHdr,
313 NewEventData
314 );
315 } else {
316 TcgData->LastEvent = (UINT8*)(UINTN)TcgData->TcgServerAcpiTable->Lasa;
317 return TpmCommLogEvent (
318 &TcgData->LastEvent,
319 &TcgData->EventLogSize,
320 (UINTN)TcgData->TcgServerAcpiTable->Laml,
321 NewEventHdr,
322 NewEventData
323 );
324 }
325 }
326
327 /**
328 This service abstracts the capability to add an entry to the Event Log.
329
330 @param[in] This Indicates the calling context
331 @param[in] TCGLogData Pointer to the start of the data buffer containing
332 the TCG_PCR_EVENT data structure. All fields in
333 this structure are properly filled by the caller.
334 @param[in, out] EventNumber The event number of the event just logged
335 @param[in] Flags Indicate additional flags. Only one flag has been
336 defined at this time, which is 0x01 and means the
337 extend operation should not be performed. All
338 other bits are reserved.
339
340 @retval EFI_SUCCESS Operation completed successfully.
341 @retval EFI_OUT_OF_RESOURCES Insufficient memory in the event log to complete this action.
342
343 **/
344 EFI_STATUS
345 EFIAPI
346 TcgDxeLogEvent (
347 IN EFI_TCG_PROTOCOL *This,
348 IN TCG_PCR_EVENT *TCGLogData,
349 IN OUT UINT32 *EventNumber,
350 IN UINT32 Flags
351 )
352 {
353 TCG_DXE_DATA *TcgData;
354
355 if (TCGLogData == NULL){
356 return EFI_INVALID_PARAMETER;
357 }
358
359 TcgData = TCG_DXE_DATA_FROM_THIS (This);
360
361 if (TcgData->BsCap.TPMDeactivatedFlag) {
362 return EFI_DEVICE_ERROR;
363 }
364 return TcgDxeLogEventI (
365 TcgData,
366 (TCG_PCR_EVENT_HDR*)TCGLogData,
367 TCGLogData->Event
368 );
369 }
370
371 /**
372 This service is a proxy for commands to the TPM.
373
374 @param[in] This Indicates the calling context
375 @param[in] TpmInputParameterBlockSize Size of the TPM input parameter block
376 @param[in] TpmInputParameterBlock Pointer to the TPM input parameter block
377 @param[in] TpmOutputParameterBlockSize Size of the TPM output parameter block
378 @param[in] TpmOutputParameterBlock Pointer to the TPM output parameter block
379
380 @retval EFI_SUCCESS Operation completed successfully.
381 @retval EFI_INVALID_PARAMETER Invalid ordinal.
382 @retval EFI_UNSUPPORTED Current Task Priority Level >= EFI_TPL_CALLBACK.
383 @retval EFI_TIMEOUT The TIS timed-out.
384
385 **/
386 EFI_STATUS
387 EFIAPI
388 TcgDxePassThroughToTpm (
389 IN EFI_TCG_PROTOCOL *This,
390 IN UINT32 TpmInputParameterBlockSize,
391 IN UINT8 *TpmInputParameterBlock,
392 IN UINT32 TpmOutputParameterBlockSize,
393 IN UINT8 *TpmOutputParameterBlock
394 )
395 {
396 TCG_DXE_DATA *TcgData;
397
398 if (TpmInputParameterBlock == NULL ||
399 TpmOutputParameterBlock == NULL ||
400 TpmInputParameterBlockSize == 0 ||
401 TpmOutputParameterBlockSize == 0) {
402 return EFI_INVALID_PARAMETER;
403 }
404
405 TcgData = TCG_DXE_DATA_FROM_THIS (This);
406
407 return TisPcExecute (
408 TcgData->TpmHandle,
409 "%r%/%r",
410 TpmInputParameterBlock,
411 (UINTN) TpmInputParameterBlockSize,
412 TpmOutputParameterBlock,
413 (UINTN) TpmOutputParameterBlockSize
414 );
415 }
416
417 /**
418 Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result,
419 and add an entry to the Event Log.
420
421 @param[in] TcgData TCG_DXE_DATA structure.
422 @param[in] HashData Physical address of the start of the data buffer
423 to be hashed, extended, and logged.
424 @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
425 @param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
426 @param[in] NewEventData Pointer to the new event data.
427
428 @retval EFI_SUCCESS Operation completed successfully.
429 @retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
430 @retval EFI_DEVICE_ERROR The command was unsuccessful.
431
432 **/
433 EFI_STATUS
434 EFIAPI
435 TcgDxeHashLogExtendEventI (
436 IN TCG_DXE_DATA *TcgData,
437 IN UINT8 *HashData,
438 IN UINT64 HashDataLen,
439 IN OUT TCG_PCR_EVENT_HDR *NewEventHdr,
440 IN UINT8 *NewEventData
441 )
442 {
443 EFI_STATUS Status;
444
445 if (HashData == NULL && HashDataLen > 0) {
446 return EFI_INVALID_PARAMETER;
447 }
448
449 if (HashDataLen > 0 || HashData != NULL) {
450 Status = TpmCommHashAll (
451 HashData,
452 (UINTN) HashDataLen,
453 &NewEventHdr->Digest
454 );
455 ASSERT_EFI_ERROR (Status);
456 }
457
458 Status = TpmCommExtend (
459 TcgData->TpmHandle,
460 &NewEventHdr->Digest,
461 NewEventHdr->PCRIndex,
462 NULL
463 );
464 if (!EFI_ERROR (Status)) {
465 Status = TcgDxeLogEventI (TcgData, NewEventHdr, NewEventData);
466 }
467
468 return Status;
469 }
470
471 /**
472 This service abstracts the capability to do a hash operation on a data buffer,
473 extend a specific TPM PCR with the hash result, and add an entry to the Event Log
474
475 @param[in] This Indicates the calling context
476 @param[in] HashData Physical address of the start of the data buffer
477 to be hashed, extended, and logged.
478 @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
479 @param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
480 @param[in, out] TCGLogData The physical address of the start of the data
481 buffer containing the TCG_PCR_EVENT data structure.
482 @param[in, out] EventNumber The event number of the event just logged.
483 @param[out] EventLogLastEntry Physical address of the first byte of the entry
484 just placed in the Event Log. If the Event Log was
485 empty when this function was called then this physical
486 address will be the same as the physical address of
487 the start of the Event Log.
488
489 @retval EFI_SUCCESS Operation completed successfully.
490 @retval EFI_UNSUPPORTED AlgorithmId != TPM_ALG_SHA.
491 @retval EFI_UNSUPPORTED Current TPL >= EFI_TPL_CALLBACK.
492 @retval EFI_DEVICE_ERROR The command was unsuccessful.
493
494 **/
495 EFI_STATUS
496 EFIAPI
497 TcgDxeHashLogExtendEvent (
498 IN EFI_TCG_PROTOCOL *This,
499 IN EFI_PHYSICAL_ADDRESS HashData,
500 IN UINT64 HashDataLen,
501 IN TPM_ALGORITHM_ID AlgorithmId,
502 IN OUT TCG_PCR_EVENT *TCGLogData,
503 IN OUT UINT32 *EventNumber,
504 OUT EFI_PHYSICAL_ADDRESS *EventLogLastEntry
505 )
506 {
507 TCG_DXE_DATA *TcgData;
508 EFI_STATUS Status;
509
510 if (TCGLogData == NULL || EventLogLastEntry == NULL){
511 return EFI_INVALID_PARAMETER;
512 }
513
514 TcgData = TCG_DXE_DATA_FROM_THIS (This);
515
516 if (TcgData->BsCap.TPMDeactivatedFlag) {
517 return EFI_DEVICE_ERROR;
518 }
519
520 if (AlgorithmId != TPM_ALG_SHA) {
521 return EFI_UNSUPPORTED;
522 }
523
524 Status = TcgDxeHashLogExtendEventI (
525 TcgData,
526 (UINT8 *) (UINTN) HashData,
527 HashDataLen,
528 (TCG_PCR_EVENT_HDR*)TCGLogData,
529 TCGLogData->Event
530 );
531
532 if (!EFI_ERROR(Status)){
533 *EventLogLastEntry = (EFI_PHYSICAL_ADDRESS)(UINTN) TcgData->LastEvent;
534 }
535
536 return Status;
537 }
538
539 TCG_DXE_DATA mTcgDxeData = {
540 {
541 TcgDxeStatusCheck,
542 TcgDxeHashAll,
543 TcgDxeLogEvent,
544 TcgDxePassThroughToTpm,
545 TcgDxeHashLogExtendEvent
546 },
547 {
548 sizeof (mTcgDxeData.BsCap),
549 { 1, 2, 0, 0 },
550 { 1, 2, 0, 0 },
551 1,
552 TRUE,
553 FALSE
554 },
555 &mTcgClientAcpiTemplate,
556 &mTcgServerAcpiTemplate,
557 0,
558 NULL,
559 NULL
560 };
561
562 /**
563 Initialize the Event Log and log events passed from the PEI phase.
564
565 @retval EFI_SUCCESS Operation completed successfully.
566 @retval EFI_OUT_OF_RESOURCES Out of memory.
567
568 **/
569 EFI_STATUS
570 EFIAPI
571 SetupEventLog (
572 VOID
573 )
574 {
575 EFI_STATUS Status;
576 TCG_PCR_EVENT *TcgEvent;
577 EFI_PEI_HOB_POINTERS GuidHob;
578 EFI_PHYSICAL_ADDRESS Lasa;
579
580 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
581 Lasa = mTcgClientAcpiTemplate.Lasa;
582
583 Status = gBS->AllocatePages (
584 AllocateMaxAddress,
585 EfiACPIMemoryNVS,
586 EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
587 &Lasa
588 );
589 if (EFI_ERROR (Status)) {
590 return Status;
591 }
592 mTcgClientAcpiTemplate.Lasa = Lasa;
593 //
594 // To initialize them as 0xFF is recommended
595 // because the OS can know the last entry for that.
596 //
597 SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
598 mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
599
600 } else {
601 Lasa = mTcgServerAcpiTemplate.Lasa;
602
603 Status = gBS->AllocatePages (
604 AllocateMaxAddress,
605 EfiACPIMemoryNVS,
606 EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),
607 &Lasa
608 );
609 if (EFI_ERROR (Status)) {
610 return Status;
611 }
612 mTcgServerAcpiTemplate.Lasa = Lasa;
613 //
614 // To initialize them as 0xFF is recommended
615 // because the OS can know the last entry for that.
616 //
617 SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);
618 mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;
619 }
620
621 GuidHob.Raw = GetHobList ();
622 while (!EFI_ERROR (Status) &&
623 (GuidHob.Raw = GetNextGuidHob (&gTcgEventEntryHobGuid, GuidHob.Raw)) != NULL) {
624 TcgEvent = GET_GUID_HOB_DATA (GuidHob.Guid);
625 GuidHob.Raw = GET_NEXT_HOB (GuidHob);
626 Status = TcgDxeLogEventI (
627 &mTcgDxeData,
628 (TCG_PCR_EVENT_HDR*)TcgEvent,
629 TcgEvent->Event
630 );
631 }
632
633 return Status;
634 }
635
636 /**
637 Measure and log an action string, and extend the measurement result into PCR[5].
638
639 @param[in] String A specific string that indicates an Action event.
640
641 @retval EFI_SUCCESS Operation completed successfully.
642 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
643
644 **/
645 EFI_STATUS
646 EFIAPI
647 TcgMeasureAction (
648 IN CHAR8 *String
649 )
650 {
651 TCG_PCR_EVENT_HDR TcgEvent;
652
653 TcgEvent.PCRIndex = 5;
654 TcgEvent.EventType = EV_EFI_ACTION;
655 TcgEvent.EventSize = (UINT32)AsciiStrLen (String);
656 return TcgDxeHashLogExtendEventI (
657 &mTcgDxeData,
658 (UINT8*)String,
659 TcgEvent.EventSize,
660 &TcgEvent,
661 (UINT8 *) String
662 );
663 }
664
665 /**
666 Measure and log EFI handoff tables, and extend the measurement result into PCR[1].
667
668 @retval EFI_SUCCESS Operation completed successfully.
669 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
670
671 **/
672 EFI_STATUS
673 EFIAPI
674 MeasureHandoffTables (
675 VOID
676 )
677 {
678 EFI_STATUS Status;
679 SMBIOS_TABLE_ENTRY_POINT *SmbiosTable;
680 TCG_PCR_EVENT_HDR TcgEvent;
681 EFI_HANDOFF_TABLE_POINTERS HandoffTables;
682
683 Status = EfiGetSystemConfigurationTable (
684 &gEfiSmbiosTableGuid,
685 (VOID **) &SmbiosTable
686 );
687
688 if (!EFI_ERROR (Status)) {
689 ASSERT (SmbiosTable != NULL);
690
691 TcgEvent.PCRIndex = 1;
692 TcgEvent.EventType = EV_EFI_HANDOFF_TABLES;
693 TcgEvent.EventSize = sizeof (HandoffTables);
694
695 HandoffTables.NumberOfTables = 1;
696 HandoffTables.TableEntry[0].VendorGuid = gEfiSmbiosTableGuid;
697 HandoffTables.TableEntry[0].VendorTable = SmbiosTable;
698
699 DEBUG ((DEBUG_INFO, "The Smbios Table starts at: 0x%x\n", SmbiosTable->TableAddress));
700 DEBUG ((DEBUG_INFO, "The Smbios Table size: 0x%x\n", SmbiosTable->TableLength));
701
702 Status = TcgDxeHashLogExtendEventI (
703 &mTcgDxeData,
704 (UINT8*)(UINTN)SmbiosTable->TableAddress,
705 SmbiosTable->TableLength,
706 &TcgEvent,
707 (UINT8*)&HandoffTables
708 );
709 }
710
711 return Status;
712 }
713
714 /**
715 Measure and log Separator event, and extend the measurement result into a specific PCR.
716
717 @param[in] PCRIndex PCR index.
718
719 @retval EFI_SUCCESS Operation completed successfully.
720 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
721
722 **/
723 EFI_STATUS
724 EFIAPI
725 MeasureSeparatorEvent (
726 IN TPM_PCRINDEX PCRIndex
727 )
728 {
729 TCG_PCR_EVENT_HDR TcgEvent;
730 UINT32 EventData;
731
732 EventData = 0;
733 TcgEvent.PCRIndex = PCRIndex;
734 TcgEvent.EventType = EV_SEPARATOR;
735 TcgEvent.EventSize = (UINT32)sizeof (EventData);
736 return TcgDxeHashLogExtendEventI (
737 &mTcgDxeData,
738 (UINT8 *)&EventData,
739 sizeof (EventData),
740 &TcgEvent,
741 (UINT8 *)&EventData
742 );
743 }
744
745 /**
746 Read an EFI Variable.
747
748 This function allocates a buffer to return the contents of the variable. The caller is
749 responsible for freeing the buffer.
750
751 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
752 @param[in] VendorGuid A unique identifier for the vendor.
753 @param[out] VarSize The size of the variable data.
754
755 @return A pointer to the buffer to return the contents of the variable.Otherwise NULL.
756
757 **/
758 VOID *
759 EFIAPI
760 ReadVariable (
761 IN CHAR16 *VarName,
762 IN EFI_GUID *VendorGuid,
763 OUT UINTN *VarSize
764 )
765 {
766 EFI_STATUS Status;
767 VOID *VarData;
768
769 *VarSize = 0;
770 Status = gRT->GetVariable (
771 VarName,
772 VendorGuid,
773 NULL,
774 VarSize,
775 NULL
776 );
777 if (Status != EFI_BUFFER_TOO_SMALL) {
778 return NULL;
779 }
780
781 VarData = AllocatePool (*VarSize);
782 if (VarData != NULL) {
783 Status = gRT->GetVariable (
784 VarName,
785 VendorGuid,
786 NULL,
787 VarSize,
788 VarData
789 );
790 if (EFI_ERROR (Status)) {
791 FreePool (VarData);
792 VarData = NULL;
793 *VarSize = 0;
794 }
795 }
796 return VarData;
797 }
798
799 /**
800 Measure and log an EFI variable, and extend the measurement result into a specific PCR.
801
802 @param[in] PCRIndex PCR Index.
803 @param[in] EventType Event type.
804 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
805 @param[in] VendorGuid A unique identifier for the vendor.
806 @param[in] VarData The content of the variable data.
807 @param[in] VarSize The size of the variable data.
808
809 @retval EFI_SUCCESS Operation completed successfully.
810 @retval EFI_OUT_OF_RESOURCES Out of memory.
811 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
812
813 **/
814 EFI_STATUS
815 EFIAPI
816 MeasureVariable (
817 IN TPM_PCRINDEX PCRIndex,
818 IN TCG_EVENTTYPE EventType,
819 IN CHAR16 *VarName,
820 IN EFI_GUID *VendorGuid,
821 IN VOID *VarData,
822 IN UINTN VarSize
823 )
824 {
825 EFI_STATUS Status;
826 TCG_PCR_EVENT_HDR TcgEvent;
827 UINTN VarNameLength;
828 EFI_VARIABLE_DATA *VarLog;
829
830 VarNameLength = StrLen (VarName);
831 TcgEvent.PCRIndex = PCRIndex;
832 TcgEvent.EventType = EventType;
833 TcgEvent.EventSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
834 - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
835
836 VarLog = (EFI_VARIABLE_DATA*)AllocatePool (TcgEvent.EventSize);
837 if (VarLog == NULL) {
838 return EFI_OUT_OF_RESOURCES;
839 }
840
841 VarLog->VariableName = *VendorGuid;
842 VarLog->UnicodeNameLength = VarNameLength;
843 VarLog->VariableDataLength = VarSize;
844 CopyMem (
845 VarLog->UnicodeName,
846 VarName,
847 VarNameLength * sizeof (*VarName)
848 );
849 CopyMem (
850 (CHAR16 *)VarLog->UnicodeName + VarNameLength,
851 VarData,
852 VarSize
853 );
854
855 Status = TcgDxeHashLogExtendEventI (
856 &mTcgDxeData,
857 (UINT8*)VarData,
858 VarSize,
859 &TcgEvent,
860 (UINT8*)VarLog
861 );
862 FreePool (VarLog);
863 return Status;
864 }
865
866 /**
867 Read then Measure and log an EFI boot variable, and extend the measurement result into PCR[5].
868
869 @param[in] VarName A Null-terminated string that is the name of the vendor's variable.
870 @param[in] VendorGuid A unique identifier for the vendor.
871 @param[out] VarSize The size of the variable data.
872 @param[out] VarData Pointer to the content of the variable.
873
874 @retval EFI_SUCCESS Operation completed successfully.
875 @retval EFI_OUT_OF_RESOURCES Out of memory.
876 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
877
878 **/
879 EFI_STATUS
880 EFIAPI
881 ReadAndMeasureBootVariable (
882 IN CHAR16 *VarName,
883 IN EFI_GUID *VendorGuid,
884 OUT UINTN *VarSize,
885 OUT VOID **VarData
886 )
887 {
888 EFI_STATUS Status;
889
890 *VarData = ReadVariable (VarName, VendorGuid, VarSize);
891 if (*VarData == NULL) {
892 return EFI_NOT_FOUND;
893 }
894
895 Status = MeasureVariable (
896 5,
897 EV_EFI_VARIABLE_BOOT,
898 VarName,
899 VendorGuid,
900 *VarData,
901 *VarSize
902 );
903 return Status;
904 }
905
906 /**
907 Measure and log all EFI boot variables, and extend the measurement result into a specific PCR.
908
909 The EFI boot variables are BootOrder and Boot#### variables.
910
911 @retval EFI_SUCCESS Operation completed successfully.
912 @retval EFI_OUT_OF_RESOURCES Out of memory.
913 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
914
915 **/
916 EFI_STATUS
917 EFIAPI
918 MeasureAllBootVariables (
919 VOID
920 )
921 {
922 EFI_STATUS Status;
923 UINT16 *BootOrder;
924 UINTN BootCount;
925 UINTN Index;
926 VOID *BootVarData;
927 UINTN Size;
928
929 Status = ReadAndMeasureBootVariable (
930 mBootVarName,
931 &gEfiGlobalVariableGuid,
932 &BootCount,
933 (VOID **) &BootOrder
934 );
935 if (Status == EFI_NOT_FOUND) {
936 return EFI_SUCCESS;
937 }
938 ASSERT (BootOrder != NULL);
939
940 if (EFI_ERROR (Status)) {
941 FreePool (BootOrder);
942 return Status;
943 }
944
945 BootCount /= sizeof (*BootOrder);
946 for (Index = 0; Index < BootCount; Index++) {
947 UnicodeSPrint (mBootVarName, sizeof (mBootVarName), L"Boot%04x", BootOrder[Index]);
948 Status = ReadAndMeasureBootVariable (
949 mBootVarName,
950 &gEfiGlobalVariableGuid,
951 &Size,
952 &BootVarData
953 );
954 if (!EFI_ERROR (Status)) {
955 FreePool (BootVarData);
956 }
957 }
958
959 FreePool (BootOrder);
960 return EFI_SUCCESS;
961 }
962
963 /**
964 Ready to Boot Event notification handler.
965
966 Sequence of OS boot events is measured in this event notification handler.
967
968 @param[in] Event Event whose notification function is being invoked
969 @param[in] Context Pointer to the notification function's context
970
971 **/
972 VOID
973 EFIAPI
974 OnReadyToBoot (
975 IN EFI_EVENT Event,
976 IN VOID *Context
977 )
978 {
979 EFI_STATUS Status;
980 TPM_PCRINDEX PcrIndex;
981
982 if (mBootAttempts == 0) {
983
984 //
985 // Measure handoff tables.
986 //
987 Status = MeasureHandoffTables ();
988 if (EFI_ERROR (Status)) {
989 DEBUG ((EFI_D_ERROR, "HOBs not Measured. Error!\n"));
990 }
991
992 //
993 // Measure BootOrder & Boot#### variables.
994 //
995 Status = MeasureAllBootVariables ();
996 if (EFI_ERROR (Status)) {
997 DEBUG ((EFI_D_ERROR, "Boot Variables not Measured. Error!\n"));
998 }
999
1000 //
1001 // 1. This is the first boot attempt.
1002 //
1003 Status = TcgMeasureAction (
1004 EFI_CALLING_EFI_APPLICATION
1005 );
1006 ASSERT_EFI_ERROR (Status);
1007
1008 //
1009 // 2. Draw a line between pre-boot env and entering post-boot env.
1010 //
1011 for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {
1012 Status = MeasureSeparatorEvent (PcrIndex);
1013 ASSERT_EFI_ERROR (Status);
1014 }
1015
1016 //
1017 // 3. Measure GPT. It would be done in SAP driver.
1018 //
1019
1020 //
1021 // 4. Measure PE/COFF OS loader. It would be done in SAP driver.
1022 //
1023
1024 //
1025 // 5. Read & Measure variable. BootOrder already measured.
1026 //
1027 } else {
1028 //
1029 // 6. Not first attempt, meaning a return from last attempt
1030 //
1031 Status = TcgMeasureAction (
1032 EFI_RETURNING_FROM_EFI_APPLICATOIN
1033 );
1034 ASSERT_EFI_ERROR (Status);
1035 }
1036
1037 DEBUG ((EFI_D_INFO, "TPM TcgDxe Measure Data when ReadyToBoot\n"));
1038 //
1039 // Increase boot attempt counter.
1040 //
1041 mBootAttempts++;
1042 }
1043
1044 /**
1045 Install TCG ACPI Table when ACPI Table Protocol is available.
1046
1047 A system's firmware uses an ACPI table to identify the system's TCG capabilities
1048 to the Post-Boot environment. The information in this ACPI table is not guaranteed
1049 to be valid until the Host Platform transitions from pre-boot state to post-boot state.
1050
1051 @param[in] Event Event whose notification function is being invoked
1052 @param[in] Context Pointer to the notification function's context
1053 **/
1054 VOID
1055 EFIAPI
1056 InstallAcpiTable (
1057 IN EFI_EVENT Event,
1058 IN VOID* Context
1059 )
1060 {
1061 UINTN TableKey;
1062 EFI_STATUS Status;
1063 EFI_ACPI_TABLE_PROTOCOL *AcpiTable;
1064 UINT8 Checksum;
1065
1066 Status = gBS->LocateProtocol (&gEfiAcpiTableProtocolGuid, NULL, (VOID **)&AcpiTable);
1067 if (EFI_ERROR (Status)) {
1068 return;
1069 }
1070
1071 if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
1072
1073 //
1074 // The ACPI table must be checksumed before calling the InstallAcpiTable()
1075 // service of the ACPI table protocol to install it.
1076 //
1077 Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgClientAcpiTemplate, sizeof (mTcgClientAcpiTemplate));
1078 mTcgClientAcpiTemplate.Header.Checksum = Checksum;
1079
1080 Status = AcpiTable->InstallAcpiTable (
1081 AcpiTable,
1082 &mTcgClientAcpiTemplate,
1083 sizeof (mTcgClientAcpiTemplate),
1084 &TableKey
1085 );
1086 } else {
1087
1088 //
1089 // The ACPI table must be checksumed before calling the InstallAcpiTable()
1090 // service of the ACPI table protocol to install it.
1091 //
1092 Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));
1093 mTcgServerAcpiTemplate.Header.Checksum = Checksum;
1094
1095 Status = AcpiTable->InstallAcpiTable (
1096 AcpiTable,
1097 &mTcgServerAcpiTemplate,
1098 sizeof (mTcgServerAcpiTemplate),
1099 &TableKey
1100 );
1101 }
1102 ASSERT_EFI_ERROR (Status);
1103 }
1104
1105 /**
1106 Exit Boot Services Event notification handler.
1107
1108 Measure invocation and success of ExitBootServices.
1109
1110 @param[in] Event Event whose notification function is being invoked
1111 @param[in] Context Pointer to the notification function's context
1112
1113 **/
1114 VOID
1115 EFIAPI
1116 OnExitBootServices (
1117 IN EFI_EVENT Event,
1118 IN VOID *Context
1119 )
1120 {
1121 EFI_STATUS Status;
1122
1123 //
1124 // Measure invocation of ExitBootServices,
1125 //
1126 Status = TcgMeasureAction (
1127 EFI_EXIT_BOOT_SERVICES_INVOCATION
1128 );
1129 ASSERT_EFI_ERROR (Status);
1130
1131 //
1132 // Measure success of ExitBootServices
1133 //
1134 Status = TcgMeasureAction (
1135 EFI_EXIT_BOOT_SERVICES_SUCCEEDED
1136 );
1137 ASSERT_EFI_ERROR (Status);
1138 }
1139
1140 /**
1141 Exit Boot Services Failed Event notification handler.
1142
1143 Measure Failure of ExitBootServices.
1144
1145 @param[in] Event Event whose notification function is being invoked
1146 @param[in] Context Pointer to the notification function's context
1147
1148 **/
1149 VOID
1150 EFIAPI
1151 OnExitBootServicesFailed (
1152 IN EFI_EVENT Event,
1153 IN VOID *Context
1154 )
1155 {
1156 EFI_STATUS Status;
1157
1158 //
1159 // Measure Failure of ExitBootServices,
1160 //
1161 Status = TcgMeasureAction (
1162 EFI_EXIT_BOOT_SERVICES_FAILED
1163 );
1164 ASSERT_EFI_ERROR (Status);
1165
1166 }
1167
1168 /**
1169 Get TPM Deactivated state.
1170
1171 @param[out] TPMDeactivatedFlag Returns TPM Deactivated state.
1172
1173 @retval EFI_SUCCESS Operation completed successfully.
1174 @retval EFI_DEVICE_ERROR The operation was unsuccessful.
1175
1176 **/
1177 EFI_STATUS
1178 GetTpmStatus (
1179 OUT BOOLEAN *TPMDeactivatedFlag
1180 )
1181 {
1182 EFI_STATUS Status;
1183 TPM_STCLEAR_FLAGS VFlags;
1184
1185 Status = TpmCommGetFlags (
1186 mTcgDxeData.TpmHandle,
1187 TPM_CAP_FLAG_VOLATILE,
1188 &VFlags,
1189 sizeof (VFlags)
1190 );
1191 if (!EFI_ERROR (Status)) {
1192 *TPMDeactivatedFlag = VFlags.deactivated;
1193 }
1194
1195 return Status;
1196 }
1197
1198 /**
1199 The driver's entry point.
1200
1201 It publishes EFI TCG Protocol.
1202
1203 @param[in] ImageHandle The firmware allocated handle for the EFI image.
1204 @param[in] SystemTable A pointer to the EFI System Table.
1205
1206 @retval EFI_SUCCESS The entry point is executed successfully.
1207 @retval other Some error occurs when executing this entry point.
1208
1209 **/
1210 EFI_STATUS
1211 EFIAPI
1212 DriverEntry (
1213 IN EFI_HANDLE ImageHandle,
1214 IN EFI_SYSTEM_TABLE *SystemTable
1215 )
1216 {
1217 EFI_STATUS Status;
1218 EFI_EVENT Event;
1219 VOID *Registration;
1220
1221 mTcgDxeData.TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS;
1222 Status = TisPcRequestUseTpm (mTcgDxeData.TpmHandle);
1223 if (EFI_ERROR (Status)) {
1224 DEBUG ((EFI_D_ERROR, "TPM not detected!\n"));
1225 return Status;
1226 }
1227
1228 Status = GetTpmStatus (&mTcgDxeData.BsCap.TPMDeactivatedFlag);
1229 if (EFI_ERROR (Status)) {
1230 DEBUG ((
1231 EFI_D_ERROR,
1232 "Line %d in file " __FILE__ ":\n "
1233 "DriverEntry: TPM not working properly\n",
1234 __LINE__
1235 ));
1236 return Status;
1237 }
1238
1239 Status = gBS->InstallProtocolInterface (
1240 &ImageHandle,
1241 &gEfiTcgProtocolGuid,
1242 EFI_NATIVE_INTERFACE,
1243 &mTcgDxeData.TcgProtocol
1244 );
1245 if (!EFI_ERROR (Status) && !mTcgDxeData.BsCap.TPMDeactivatedFlag) {
1246 //
1247 // Setup the log area and copy event log from hob list to it
1248 //
1249 Status = SetupEventLog ();
1250 ASSERT_EFI_ERROR (Status);
1251
1252 //
1253 // Measure handoff tables, Boot#### variables etc.
1254 //
1255 Status = EfiCreateEventReadyToBootEx (
1256 TPL_CALLBACK,
1257 OnReadyToBoot,
1258 NULL,
1259 &Event
1260 );
1261
1262 Status = gBS->CreateEventEx (
1263 EVT_NOTIFY_SIGNAL,
1264 TPL_NOTIFY,
1265 OnExitBootServices,
1266 NULL,
1267 &gEfiEventExitBootServicesGuid,
1268 &Event
1269 );
1270
1271 //
1272 // Measure Exit Boot Service failed
1273 //
1274 Status = gBS->CreateEventEx (
1275 EVT_NOTIFY_SIGNAL,
1276 TPL_NOTIFY,
1277 OnExitBootServicesFailed,
1278 NULL,
1279 &gEventExitBootServicesFailedGuid,
1280 &Event
1281 );
1282 }
1283
1284 //
1285 // Install ACPI Table
1286 //
1287 EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);
1288
1289 return Status;
1290 }
EFI Development Kit II mirror for PVE