SecurityPkg: Fix typos in comments

[mirror_edk2.git] / SecurityPkg / Tcg / TcgDxe / TcgDxe.c

diff --git a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
index 4b9afe34a44dc8723db54c39240c21cfa810904f..f7bf79a66c57dfa7872f058b692f7e48e811485e 100644 (file)
--- a/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
+++ b/SecurityPkg/Tcg/TcgDxe/TcgDxe.c
@@ -8,7 +8,8 @@ buffer overflow, integer overflow.
 \r
 TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.\r
 \r
-Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>\r
+(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
 This program and the accompanying materials \r
 are licensed and made available under the terms and conditions of the BSD License \r
 which accompanies this distribution.  The full text of the license may be found at \r
@@ -23,11 +24,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <IndustryStandard/Tpm12.h>\r
 #include <IndustryStandard/Acpi.h>\r
 #include <IndustryStandard/PeImage.h>\r
-#include <IndustryStandard/SmBios.h>\r
 #include <IndustryStandard/TcpaAcpi.h>\r
 \r
 #include <Guid/GlobalVariable.h>\r
-#include <Guid/SmBios.h>\r
 #include <Guid/HobList.h>\r
 #include <Guid/TcgEventHob.h>\r
 #include <Guid/EventGroup.h>\r
@@ -48,14 +47,12 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
 #include <Library/BaseLib.h>\r
 #include <Library/MemoryAllocationLib.h>\r
 #include <Library/PrintLib.h>\r
-#include <Library/TpmCommLib.h>\r
+#include <Library/Tpm12DeviceLib.h>\r
 #include <Library/PcdLib.h>\r
 #include <Library/UefiLib.h>\r
 #include <Library/ReportStatusCodeLib.h>\r
-\r
-#include "TpmComm.h"\r
-\r
-#define  EFI_TCG_LOG_AREA_SIZE        0x10000\r
+#include <Library/Tpm12CommandLib.h>\r
+#include <Library/BaseCryptLib.h>\r
 \r
 #define TCG_DXE_DATA_FROM_THIS(this)  \\r
   BASE_CR (this, TCG_DXE_DATA, TcgProtocol)\r
@@ -67,7 +64,6 @@ typedef struct _TCG_DXE_DATA {
   EFI_TCG_SERVER_ACPI_TABLE         *TcgServerAcpiTable;\r
   UINTN                             EventLogSize;\r
   UINT8                             *LastEvent;\r
-  TIS_TPM_HANDLE                    TpmHandle;\r
 } TCG_DXE_DATA;\r
 \r
 \r
@@ -107,8 +103,8 @@ EFI_TCG_SERVER_ACPI_TABLE           mTcgServerAcpiTemplate = {
   0,                          // Reserved\r
   0,                          // Log Area Max Length\r
   (EFI_PHYSICAL_ADDRESS) (SIZE_4GB - 1), // Log Area Start Address\r
-  0x0100,                     // TCG Specification revision 1.0\r
-  2,                          // Device Flags\r
+  0x0120,                     // TCG Specification revision 1.2\r
+  0,                          // Device Flags\r
   0,                          // Interrupt Flags\r
   0,                          // GPE\r
   {0},                        // Reserved 3 bytes\r
@@ -118,7 +114,7 @@ EFI_TCG_SERVER_ACPI_TABLE           mTcgServerAcpiTemplate = {
     0,\r
     0,\r
     EFI_ACPI_3_0_BYTE,\r
-    TPM_BASE_ADDRESS          // Base Address\r
+    0                         // Base Address\r
   },\r
   0,                          // Reserved\r
   {0},                        // Configuration Address\r
@@ -275,6 +271,40 @@ TcgDxeStatusCheck (
   return EFI_SUCCESS;\r
 }\r
 \r
+/**\r
+Single function calculates SHA1 digest value for all raw data. It\r
+combines Sha1Init(), Sha1Update() and Sha1Final().\r
+\r
+@param[in]  Data          Raw data to be digested.\r
+@param[in]  DataLen       Size of the raw data.\r
+@param[out] Digest        Pointer to a buffer that stores the final digest.\r
+\r
+@retval     EFI_SUCCESS   Always successfully calculate the final digest.\r
+**/\r
+EFI_STATUS\r
+EFIAPI\r
+TpmCommHashAll (\r
+  IN  CONST UINT8       *Data,\r
+  IN        UINTN       DataLen,\r
+  OUT       TPM_DIGEST  *Digest\r
+  )\r
+{\r
+  VOID   *Sha1Ctx;\r
+  UINTN  CtxSize;\r
+\r
+  CtxSize = Sha1GetContextSize ();\r
+  Sha1Ctx = AllocatePool (CtxSize);\r
+  ASSERT (Sha1Ctx != NULL);\r
+\r
+  Sha1Init (Sha1Ctx);\r
+  Sha1Update (Sha1Ctx, Data, DataLen);\r
+  Sha1Final (Sha1Ctx, (UINT8 *)Digest);\r
+\r
+  FreePool (Sha1Ctx);\r
+\r
+  return EFI_SUCCESS;\r
+}\r
+\r
 /**\r
   This service abstracts the capability to do a hash operation on a data buffer.\r
   \r
@@ -324,9 +354,9 @@ TcgDxeHashAll (
       }\r
       *HashedDataLen = sizeof (TPM_DIGEST);\r
 \r
-         if (*HashedDataResult == NULL) {\r
-               *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);\r
-         } \r
+      if (*HashedDataResult == NULL) {\r
+        *HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);\r
+      } \r
 \r
       return TpmCommHashAll (\r
                HashData,\r
@@ -338,6 +368,53 @@ TcgDxeHashAll (
   }\r
 }\r
 \r
+/**\r
+Add a new entry to the Event Log.\r
+\r
+@param[in, out] EventLogPtr   Pointer to the Event Log data.\r
+@param[in, out] LogSize       Size of the Event Log.\r
+@param[in]      MaxSize       Maximum size of the Event Log.\r
+@param[in]      NewEventHdr   Pointer to a TCG_PCR_EVENT_HDR data structure.\r
+@param[in]      NewEventData  Pointer to the new event data.\r
+\r
+@retval EFI_SUCCESS           The new event log entry was added.\r
+@retval EFI_OUT_OF_RESOURCES  No enough memory to log the new event.\r
+\r
+**/\r
+EFI_STATUS\r
+TpmCommLogEvent (\r
+  IN OUT  UINT8                     **EventLogPtr,\r
+  IN OUT  UINTN                     *LogSize,\r
+  IN      UINTN                     MaxSize,\r
+  IN      TCG_PCR_EVENT_HDR         *NewEventHdr,\r
+  IN      UINT8                     *NewEventData\r
+  )\r
+{\r
+  UINTN                            NewLogSize;\r
+\r
+  //\r
+  // Prevent Event Overflow\r
+  //\r
+  if (NewEventHdr->EventSize > (UINTN)(~0) - sizeof (*NewEventHdr)) {\r
+    return EFI_OUT_OF_RESOURCES;\r
+  }\r
+\r
+  NewLogSize = sizeof (*NewEventHdr) + NewEventHdr->EventSize;\r
+  if (NewLogSize > MaxSize - *LogSize) {\r
+    return EFI_OUT_OF_RESOURCES;\r
+  }\r
+\r
+  *EventLogPtr += *LogSize;\r
+  *LogSize += NewLogSize;\r
+  CopyMem (*EventLogPtr, NewEventHdr, sizeof (*NewEventHdr));\r
+  CopyMem (\r
+    *EventLogPtr + sizeof (*NewEventHdr),\r
+    NewEventData,\r
+    NewEventHdr->EventSize\r
+    );\r
+  return EFI_SUCCESS;\r
+}\r
+\r
 /**\r
   Add a new entry to the Event Log.\r
 \r
@@ -447,8 +524,6 @@ TcgDxePassThroughToTpm (
   IN      UINT8                     *TpmOutputParameterBlock\r
   )\r
 {\r
-  TCG_DXE_DATA                      *TcgData;\r
-\r
   if (TpmInputParameterBlock == NULL || \r
       TpmOutputParameterBlock == NULL || \r
       TpmInputParameterBlockSize == 0 ||\r
@@ -456,15 +531,11 @@ TcgDxePassThroughToTpm (
     return EFI_INVALID_PARAMETER;\r
   }\r
 \r
-  TcgData = TCG_DXE_DATA_FROM_THIS (This);\r
-\r
-  return TisPcExecute (\r
-           TcgData->TpmHandle,\r
-           "%r%/%r",\r
+  return Tpm12SubmitCommand (\r
+           TpmInputParameterBlockSize,\r
            TpmInputParameterBlock,\r
-           (UINTN) TpmInputParameterBlockSize,\r
-           TpmOutputParameterBlock,\r
-           (UINTN) TpmOutputParameterBlockSize\r
+           &TpmOutputParameterBlockSize,\r
+           TpmOutputParameterBlock\r
            );\r
 }\r
 \r
@@ -512,8 +583,7 @@ TcgDxeHashLogExtendEventI (
     }\r
   }\r
 \r
-  Status = TpmCommExtend (\r
-             TcgData->TpmHandle,\r
+  Status = Tpm12Extend (\r
              &NewEventHdr->Digest,\r
              NewEventHdr->PCRIndex,\r
              NULL\r
@@ -627,7 +697,6 @@ TCG_DXE_DATA                 mTcgDxeData = {
   &mTcgClientAcpiTemplate,\r
   &mTcgServerAcpiTemplate,\r
   0,\r
-  NULL,\r
   NULL\r
 };\r
 \r
@@ -655,7 +724,7 @@ SetupEventLog (
     Status = gBS->AllocatePages (\r
                     AllocateMaxAddress,\r
                     EfiACPIMemoryNVS,\r
-                    EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),\r
+                    EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),\r
                     &Lasa\r
                     );\r
     if (EFI_ERROR (Status)) {\r
@@ -666,8 +735,8 @@ SetupEventLog (
     // To initialize them as 0xFF is recommended \r
     // because the OS can know the last entry for that.\r
     //\r
-    SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);\r
-    mTcgClientAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;\r
+    SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);\r
+    mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);\r
   \r
   } else {\r
     Lasa = mTcgServerAcpiTemplate.Lasa;\r
@@ -675,7 +744,7 @@ SetupEventLog (
     Status = gBS->AllocatePages (\r
                     AllocateMaxAddress,\r
                     EfiACPIMemoryNVS,\r
-                    EFI_SIZE_TO_PAGES (EFI_TCG_LOG_AREA_SIZE),\r
+                    EFI_SIZE_TO_PAGES (PcdGet32 (PcdTcgLogAreaMinLen)),\r
                     &Lasa\r
                     );\r
     if (EFI_ERROR (Status)) {\r
@@ -686,8 +755,8 @@ SetupEventLog (
     // To initialize them as 0xFF is recommended \r
     // because the OS can know the last entry for that.\r
     //\r
-    SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, EFI_TCG_LOG_AREA_SIZE, 0xFF);\r
-    mTcgServerAcpiTemplate.Laml = EFI_TCG_LOG_AREA_SIZE;\r
+    SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);\r
+    mTcgServerAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);\r
   }\r
 \r
   GuidHob.Raw = GetHobList ();\r
@@ -748,42 +817,13 @@ MeasureHandoffTables (
   )\r
 {\r
   EFI_STATUS                        Status;\r
-  SMBIOS_TABLE_ENTRY_POINT          *SmbiosTable;\r
   TCG_PCR_EVENT_HDR                 TcgEvent;\r
   EFI_HANDOFF_TABLE_POINTERS        HandoffTables;\r
   UINTN                             ProcessorNum;\r
   EFI_CPU_PHYSICAL_LOCATION         *ProcessorLocBuf;\r
 \r
   ProcessorLocBuf = NULL;\r
-\r
-  //\r
-  // Measure SMBIOS with EV_EFI_HANDOFF_TABLES to PCR[1]\r
-  //\r
-  Status = EfiGetSystemConfigurationTable (\r
-             &gEfiSmbiosTableGuid,\r
-             (VOID **) &SmbiosTable\r
-             );\r
-\r
-  if (!EFI_ERROR (Status) && SmbiosTable != NULL) {\r
-    TcgEvent.PCRIndex  = 1;\r
-    TcgEvent.EventType = EV_EFI_HANDOFF_TABLES;\r
-    TcgEvent.EventSize = sizeof (HandoffTables);\r
-\r
-    HandoffTables.NumberOfTables = 1;\r
-    HandoffTables.TableEntry[0].VendorGuid  = gEfiSmbiosTableGuid;\r
-    HandoffTables.TableEntry[0].VendorTable = SmbiosTable;\r
-\r
-    DEBUG ((DEBUG_INFO, "The Smbios Table starts at: 0x%x\n", SmbiosTable->TableAddress));\r
-    DEBUG ((DEBUG_INFO, "The Smbios Table size: 0x%x\n", SmbiosTable->TableLength));\r
-\r
-    Status = TcgDxeHashLogExtendEventI (\r
-               &mTcgDxeData,\r
-               (UINT8*)(UINTN)SmbiosTable->TableAddress,\r
-               SmbiosTable->TableLength,\r
-               &TcgEvent,\r
-               (UINT8*)&HandoffTables\r
-               );\r
-  }\r
+  Status = EFI_SUCCESS;\r
 \r
   if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {\r
     //\r
@@ -1111,7 +1151,7 @@ OnReadyToBoot (
                EFI_CALLING_EFI_APPLICATION\r
                );\r
     if (EFI_ERROR (Status)) {\r
-      DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));\r
+      DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_CALLING_EFI_APPLICATION));\r
     }\r
 \r
     //\r
@@ -1120,7 +1160,7 @@ OnReadyToBoot (
     for (PcrIndex = 0; PcrIndex < 8; PcrIndex++) {\r
       Status = MeasureSeparatorEvent (PcrIndex);\r
       if (EFI_ERROR (Status)) {\r
-        DEBUG ((EFI_D_ERROR, "Seperator Event not Measured. Error!\n"));\r
+        DEBUG ((DEBUG_ERROR, "Separator Event not Measured. Error!\n"));\r
       }\r
     }\r
 \r
@@ -1143,7 +1183,7 @@ OnReadyToBoot (
                EFI_RETURNING_FROM_EFI_APPLICATOIN\r
                );\r
     if (EFI_ERROR (Status)) {\r
-      DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATOIN));\r
+      DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_RETURNING_FROM_EFI_APPLICATOIN));\r
     }\r
   }\r
 \r
@@ -1216,6 +1256,7 @@ InstallAcpiTable (
     Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));\r
     mTcgServerAcpiTemplate.Header.Checksum = Checksum;\r
 \r
+    mTcgServerAcpiTemplate.BaseAddress.Address = PcdGet64 (PcdTpmBaseAddress);\r
     Status = AcpiTable->InstallAcpiTable (\r
                             AcpiTable,\r
                             &mTcgServerAcpiTemplate,\r
@@ -1254,7 +1295,7 @@ OnExitBootServices (
              EFI_EXIT_BOOT_SERVICES_INVOCATION\r
              );\r
   if (EFI_ERROR (Status)) {\r
-    DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));\r
+    DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_INVOCATION));\r
   }\r
 \r
   //\r
@@ -1264,7 +1305,7 @@ OnExitBootServices (
              EFI_EXIT_BOOT_SERVICES_SUCCEEDED\r
              );\r
   if (EFI_ERROR (Status)){\r
-    DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));\r
+    DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_SUCCEEDED));\r
   }\r
 }\r
 \r
@@ -1293,7 +1334,7 @@ OnExitBootServicesFailed (
              EFI_EXIT_BOOT_SERVICES_FAILED\r
              );\r
   if (EFI_ERROR (Status)){\r
-    DEBUG ((EFI_D_ERROR, "%s not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));\r
+    DEBUG ((EFI_D_ERROR, "%a not Measured. Error!\n", EFI_EXIT_BOOT_SERVICES_FAILED));\r
   }\r
 }\r
 \r
@@ -1308,20 +1349,15 @@ OnExitBootServicesFailed (
 **/\r
 EFI_STATUS\r
 GetTpmStatus (\r
-     OUT  BOOLEAN                   *TPMDeactivatedFlag\r
+  OUT BOOLEAN  *TPMDeactivatedFlag\r
   )\r
 {\r
-  EFI_STATUS                        Status;\r
-  TPM_STCLEAR_FLAGS                 VFlags;\r
+  EFI_STATUS         Status;\r
+  TPM_STCLEAR_FLAGS  VolatileFlags;\r
 \r
-  Status = TpmCommGetFlags (\r
-             mTcgDxeData.TpmHandle,\r
-             TPM_CAP_FLAG_VOLATILE,\r
-             &VFlags,\r
-             sizeof (VFlags)\r
-             );\r
+  Status = Tpm12GetCapabilityFlagVolatile (&VolatileFlags);\r
   if (!EFI_ERROR (Status)) {\r
-    *TPMDeactivatedFlag = VFlags.deactivated;\r
+    *TPMDeactivatedFlag = VolatileFlags.deactivated;\r
   }\r
 \r
   return Status;\r
@@ -1360,8 +1396,7 @@ DriverEntry (
     return EFI_DEVICE_ERROR;\r
   }\r
 \r
-  mTcgDxeData.TpmHandle = (TIS_TPM_HANDLE)(UINTN)TPM_BASE_ADDRESS;\r
-  Status = TisPcRequestUseTpm (mTcgDxeData.TpmHandle);\r
+  Status = Tpm12RequestUseTpm ();\r
   if (EFI_ERROR (Status)) {\r
     DEBUG ((EFI_D_ERROR, "TPM not detected!\n"));\r
     return Status;\r