\r
#pragma pack(1)\r
\r
+typedef struct {\r
+ TPM2_COMMAND_HEADER Header;\r
+ TPMI_RH_HIERARCHY AuthHandle;\r
+ UINT32 AuthSessionSize;\r
+ TPMS_AUTH_COMMAND AuthSession;\r
+ TPM2B_DIGEST AuthPolicy;\r
+ TPMI_ALG_HASH HashAlg;\r
+} TPM2_SET_PRIMARY_POLICY_COMMAND;\r
+\r
+typedef struct {\r
+ TPM2_RESPONSE_HEADER Header;\r
+ UINT32 AuthSessionSize;\r
+ TPMS_AUTH_RESPONSE AuthSession;\r
+} TPM2_SET_PRIMARY_POLICY_RESPONSE;\r
+\r
typedef struct {\r
TPM2_COMMAND_HEADER Header;\r
TPMI_RH_CLEAR AuthHandle;\r
\r
#pragma pack()\r
\r
+/**\r
+ This command allows setting of the authorization policy for the platform hierarchy (platformPolicy), the\r
+ storage hierarchy (ownerPolicy), and and the endorsement hierarchy (endorsementPolicy).\r
+\r
+ @param[in] AuthHandle TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} parameters to be validated\r
+ @param[in] AuthSession Auth Session context\r
+ @param[in] AuthPolicy An authorization policy hash\r
+ @param[in] HashAlg The hash algorithm to use for the policy\r
+\r
+ @retval EFI_SUCCESS Operation completed successfully.\r
+ @retval EFI_DEVICE_ERROR Unexpected device behavior.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+Tpm2SetPrimaryPolicy (\r
+ IN TPMI_RH_HIERARCHY_AUTH AuthHandle,\r
+ IN TPMS_AUTH_COMMAND *AuthSession,\r
+ IN TPM2B_DIGEST *AuthPolicy,\r
+ IN TPMI_ALG_HASH HashAlg\r
+ )\r
+{\r
+ EFI_STATUS Status;\r
+ TPM2_SET_PRIMARY_POLICY_COMMAND SendBuffer;\r
+ TPM2_SET_PRIMARY_POLICY_RESPONSE RecvBuffer;\r
+ UINT32 SendBufferSize;\r
+ UINT32 RecvBufferSize;\r
+ UINT8 *Buffer;\r
+ UINT32 SessionInfoSize;\r
+\r
+ //\r
+ // Construct command\r
+ //\r
+ SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);\r
+ SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_SetPrimaryPolicy);\r
+\r
+ SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);\r
+\r
+ //\r
+ // Add in Auth session\r
+ //\r
+ Buffer = (UINT8 *)&SendBuffer.AuthSession;\r
+\r
+ // sessionInfoSize\r
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);\r
+ Buffer += SessionInfoSize;\r
+ SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);\r
+\r
+ //\r
+ // Real data\r
+ //\r
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(AuthPolicy->size));\r
+ Buffer += sizeof(UINT16);\r
+ CopyMem (Buffer, AuthPolicy->buffer, AuthPolicy->size);\r
+ Buffer += AuthPolicy->size;\r
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(HashAlg));\r
+ Buffer += sizeof(UINT16);\r
+\r
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);\r
+ SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);\r
+\r
+ //\r
+ // send Tpm command\r
+ //\r
+ RecvBufferSize = sizeof (RecvBuffer);\r
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);\r
+ if (EFI_ERROR (Status)) {\r
+ return Status;\r
+ }\r
+\r
+ if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER)) {\r
+ DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - RecvBufferSize Error - %x\n", RecvBufferSize));\r
+ return EFI_DEVICE_ERROR;\r
+ }\r
+ if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {\r
+ DEBUG ((EFI_D_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));\r
+ return EFI_DEVICE_ERROR;\r
+ }\r
+\r
+ return EFI_SUCCESS;\r
+}\r
+\r
/**\r
This command removes all TPM context associated with a specific Owner.\r
\r