\r
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.\r
\r
-Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials \r
-are licensed and made available under the terms and conditions of the BSD License \r
-which accompanies this distribution. The full text of the license may be found at \r
+Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials\r
+are licensed and made available under the terms and conditions of the BSD License\r
+which accompanies this distribution. The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, \r
+THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
\r
**/\r
EFI_STATUS Status;\r
UINTN DataSize;\r
EFI_PHYSICAL_PRESENCE PpData;\r
- UINT8 Flags;\r
+ EFI_PHYSICAL_PRESENCE_FLAGS Flags;\r
BOOLEAN RequestConfirmed;\r
\r
//\r
&DataSize,\r
&PpData\r
);\r
- if (EFI_ERROR (Status)) {\r
- return EFI_SUCCESS;\r
- }\r
\r
DEBUG ((EFI_D_INFO, "[TPM] PP callback, Parameter = %x\n", mTcgNvs->PhysicalPresence.Parameter));\r
if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS) {\r
+ if (EFI_ERROR (Status)) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE;\r
+ mTcgNvs->PhysicalPresence.LastRequest = 0;\r
+ mTcgNvs->PhysicalPresence.Response = 0;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));\r
+ return EFI_SUCCESS;\r
+ }\r
+ mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;\r
mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;\r
mTcgNvs->PhysicalPresence.Response = PpData.PPResponse;\r
- } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS) \r
+ } else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)\r
|| (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {\r
+ if (EFI_ERROR (Status)) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));\r
+ return EFI_SUCCESS;\r
+ }\r
if (mTcgNvs->PhysicalPresence.Request == PHYSICAL_PRESENCE_SET_OPERATOR_AUTH) {\r
//\r
// This command requires UI to prompt user for Auth data.\r
//\r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_NOT_IMPLEMENTED;\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;\r
return EFI_SUCCESS;\r
}\r
\r
);\r
}\r
\r
- if (EFI_ERROR (Status)) { \r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_GENERAL_FAILURE;\r
+ if (EFI_ERROR (Status)) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;\r
return EFI_SUCCESS;\r
}\r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_SUBMIT_REQUEST_SUCCESS;\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS;\r
+\r
+ if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {\r
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);\r
+ Status = mSmmVariable->SmmGetVariable (\r
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
+ &gEfiPhysicalPresenceGuid,\r
+ NULL,\r
+ &DataSize,\r
+ &Flags\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ Flags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;\r
+ }\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibSubmitRequestToPreOSFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);\r
+ }\r
} else if (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST) {\r
- Flags = PpData.Flags; \r
+ if (EFI_ERROR (Status)) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP variable failure! Status = %r\n", Status));\r
+ return EFI_SUCCESS;\r
+ }\r
+ //\r
+ // Get the Physical Presence flags\r
+ //\r
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);\r
+ Status = mSmmVariable->SmmGetVariable (\r
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,\r
+ &gEfiPhysicalPresenceGuid,\r
+ NULL,\r
+ &DataSize,\r
+ &Flags\r
+ );\r
+ if (EFI_ERROR (Status)) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Get PP flags failure! Status = %r\n", Status));\r
+ return EFI_SUCCESS;\r
+ }\r
+\r
RequestConfirmed = FALSE;\r
\r
- switch (mTcgNvs->PhysicalPresence.Request) {\r
+ switch (mTcgNvs->PPRequestUserConfirm) {\r
case PHYSICAL_PRESENCE_ENABLE:\r
case PHYSICAL_PRESENCE_DISABLE:\r
case PHYSICAL_PRESENCE_ACTIVATE:\r
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:\r
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:\r
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:\r
- if ((Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
+ if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {\r
RequestConfirmed = TRUE;\r
}\r
break;\r
\r
case PHYSICAL_PRESENCE_CLEAR:\r
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:\r
- if ((Flags & FLAG_NO_PPI_CLEAR) != 0) {\r
+ if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {\r
RequestConfirmed = TRUE;\r
}\r
break;\r
\r
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:\r
- if ((Flags & FLAG_NO_PPI_MAINTENANCE) != 0) {\r
+ if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) {\r
RequestConfirmed = TRUE;\r
}\r
break;\r
\r
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:\r
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:\r
- if ((Flags & FLAG_NO_PPI_CLEAR) != 0 && (Flags & FLAG_NO_PPI_PROVISION) != 0) {\r
+ if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {\r
RequestConfirmed = TRUE;\r
}\r
- break; \r
+ break;\r
\r
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:\r
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:\r
//\r
// This command requires UI to prompt user for Auth data\r
//\r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_NOT_IMPLEMENTED; \r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;\r
return EFI_SUCCESS;\r
+ default:\r
+ break;\r
}\r
\r
if (RequestConfirmed) {\r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_NOT_REQUIRED;\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;\r
} else {\r
- mTcgNvs->PhysicalPresence.ReturnCode = PP_REQUEST_ALLOWED_AND_PPUSER_REQUIRED;\r
- } \r
- } \r
+ mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;\r
+ }\r
+ if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {\r
+ mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);\r
+ }\r
+ }\r
\r
return EFI_SUCCESS;\r
}\r
&MorControl\r
);\r
if (EFI_ERROR (Status)) {\r
+ mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Get MOR variable failure! Status = %r\n", Status));\r
return EFI_SUCCESS;\r
}\r
\r
DataSize,\r
&MorControl\r
);\r
- if (EFI_ERROR (Status)) { \r
+ if (EFI_ERROR (Status)) {\r
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;\r
+ DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));\r
}\r
\r
return EFI_SUCCESS;\r
for (OpRegion = (AML_OP_REGION_32_8 *) (Table + 1);\r
OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);\r
OpRegion = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {\r
- if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) && \r
+ if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&\r
(OpRegion->NameString == Name) &&\r
(OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&\r
(OpRegion->BytePrefix == AML_BYTE_PREFIX)) {\r
);\r
ASSERT_EFI_ERROR (Status);\r
\r
+\r
+ //\r
+ // Measure to PCR[0] with event EV_POST_CODE ACPI DATA\r
+ //\r
+ TpmMeasureAndLogData(\r
+ 0,\r
+ EV_POST_CODE,\r
+ EV_POSTCODE_INFO_ACPI_DATA,\r
+ ACPI_DATA_LEN,\r
+ Table,\r
+ TableSize\r
+ );\r
+\r
+\r
ASSERT (Table->OemTableId == SIGNATURE_64 ('T', 'c', 'g', 'T', 'a', 'b', 'l', 'e'));\r
+ CopyMem (Table->OemId, PcdGetPtr (PcdAcpiDefaultOemId), sizeof (Table->OemId) );\r
mTcgNvs = AssignOpRegion (Table, SIGNATURE_32 ('T', 'N', 'V', 'S'), (UINT16) sizeof (TCG_NVS));\r
ASSERT (mTcgNvs != NULL);\r
\r
/**\r
The driver's entry point.\r
\r
- It install callbacks for TPM physical presence and MemoryClear, and locate \r
+ It install callbacks for TPM physical presence and MemoryClear, and locate\r
SMM variable to be used in the callback function.\r
\r
- @param[in] ImageHandle The firmware allocated handle for the EFI image. \r
+ @param[in] ImageHandle The firmware allocated handle for the EFI image.\r
@param[in] SystemTable A pointer to the EFI System Table.\r
- \r
+\r
@retval EFI_SUCCESS The entry point is executed successfully.\r
@retval Others Some error occurs when executing this entry point.\r
\r
EFI_SMM_SW_REGISTER_CONTEXT SwContext;\r
EFI_HANDLE SwHandle;\r
\r
+ if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &gEfiTpmDeviceInstanceTpm12Guid)){\r
+ DEBUG ((EFI_D_ERROR, "No TPM12 instance required!\n"));\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+\r
Status = PublishAcpiTable ();\r
ASSERT_EFI_ERROR (Status);\r
\r
return Status;\r
}\r
mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;\r
- \r
+\r
//\r
// Locate SmmVariableProtocol.\r
//\r