diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-11 08:17:27 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-11 08:17:27 +0000 |
| commit | f215e02bf85f68d3a6106c2a1f4f7f063f819064 (patch) | |
| tree | 6bb5b92c046312c4e95ac2620b10ddf482d3fa8b /src/VBox/Devices/EFI/Firmware/SecurityPkg/Include | |
| parent | Initial commit. (diff) | |
| download | virtualbox-f215e02bf85f68d3a6106c2a1f4f7f063f819064.tar.xz virtualbox-f215e02bf85f68d3a6106c2a1f4f7f063f819064.zip | |
Adding upstream version 7.0.14-dfsg.upstream/7.0.14-dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'src/VBox/Devices/EFI/Firmware/SecurityPkg/Include')
34 files changed, 5640 insertions, 0 deletions
diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h new file mode 100644 index 00000000..95e77179 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/AuthenticatedVariableFormat.h @@ -0,0 +1,69 @@ +/** @file + The variable data structures are related to EDKII-specific + implementation of UEFI authenticated variables. + AuthenticatedVariableFormat.h defines variable data headers + and variable storage region headers that has been moved to + VariableFormat.h. + +Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __AUTHENTICATED_VARIABLE_FORMAT_H__ +#define __AUTHENTICATED_VARIABLE_FORMAT_H__ + +#include <Guid/VariableFormat.h> + +#define EFI_SECURE_BOOT_ENABLE_DISABLE \ + { 0xf0a30bc7, 0xaf08, 0x4556, { 0x99, 0xc4, 0x0, 0x10, 0x9, 0xc9, 0x3a, 0x44 } } + +extern EFI_GUID gEfiSecureBootEnableDisableGuid; +extern EFI_GUID gEfiCertDbGuid; +extern EFI_GUID gEfiCustomModeEnableGuid; +extern EFI_GUID gEfiVendorKeysNvGuid; + +/// +/// "SecureBootEnable" variable for the Secure Boot feature enable/disable. +/// This variable is used for allowing a physically present user to disable +/// Secure Boot via firmware setup without the possession of PKpriv. +/// +/// GUID: gEfiSecureBootEnableDisableGuid +/// +/// Format: UINT8 +/// +#define EFI_SECURE_BOOT_ENABLE_NAME L"SecureBootEnable" +#define SECURE_BOOT_ENABLE 1 +#define SECURE_BOOT_DISABLE 0 + +/// +/// "CustomMode" variable for two Secure Boot modes feature: "Custom" and "Standard". +/// Standard Secure Boot mode is the default mode as UEFI Spec's description. +/// Custom Secure Boot mode allows for more flexibility as specified in the following: +/// Can enroll or delete PK without existing PK's private key. +/// Can enroll or delete KEK without existing PK's private key. +/// Can enroll or delete signature from DB/DBX without KEK's private key. +/// +/// GUID: gEfiCustomModeEnableGuid +/// +/// Format: UINT8 +/// +#define EFI_CUSTOM_MODE_NAME L"CustomMode" +#define CUSTOM_SECURE_BOOT_MODE 1 +#define STANDARD_SECURE_BOOT_MODE 0 + +/// +/// "VendorKeysNv" variable to record the out of band secure boot keys modification. +/// This variable is a read-only NV variable that indicates whether someone other than +/// the platform vendor has used a mechanism not defined by the UEFI Specification to +/// transition the system to setup mode or to update secure boot keys. +/// +/// GUID: gEfiVendorKeysNvGuid +/// +/// Format: UINT8 +/// +#define EFI_VENDOR_KEYS_NV_VARIABLE_NAME L"VendorKeysNv" +#define VENDOR_KEYS_VALID 1 +#define VENDOR_KEYS_MODIFIED 0 + +#endif // __AUTHENTICATED_VARIABLE_FORMAT_H__ diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/MeasuredFvHob.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/MeasuredFvHob.h new file mode 100644 index 00000000..ac93c08a --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/MeasuredFvHob.h @@ -0,0 +1,30 @@ +/** @file + Defines the HOB GUID used to pass all PEI measured FV info to + DXE Driver. + +Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _MEASURED_FV_HOB_H_ +#define _MEASURED_FV_HOB_H_ + +#include <IndustryStandard/UefiTcgPlatform.h> + +/// +/// The Global ID of a GUIDed HOB used to pass all PEI measured FV info to DXE Driver. +/// +#define EFI_MEASURED_FV_HOB_GUID \ + { \ + 0xb2360b42, 0x7173, 0x420a, { 0x86, 0x96, 0x46, 0xca, 0x6b, 0xab, 0x10, 0x60 } \ + } + +extern EFI_GUID gMeasuredFvHobGuid; + +typedef struct { + UINT32 Num; + EFI_PLATFORM_FIRMWARE_BLOB MeasuredFvBuf[1]; +} MEASURED_HOB_DATA; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PhysicalPresenceData.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PhysicalPresenceData.h new file mode 100644 index 00000000..8ac3b424 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PhysicalPresenceData.h @@ -0,0 +1,75 @@ +/** @file + Define the variable data structures used for TCG physical presence. + The TPM request from firmware or OS is saved to variable. And it is + cleared after it is processed in the next boot cycle. The TPM response + is saved to variable. + +Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PHYSICAL_PRESENCE_DATA_GUID_H__ +#define __PHYSICAL_PRESENCE_DATA_GUID_H__ + +#define EFI_PHYSICAL_PRESENCE_DATA_GUID \ + { \ + 0xf6499b1, 0xe9ad, 0x493d, { 0xb9, 0xc2, 0x2f, 0x90, 0x81, 0x5c, 0x6c, 0xbc }\ + } + +#define PHYSICAL_PRESENCE_VARIABLE L"PhysicalPresence" + +typedef struct { + UINT8 PPRequest; ///< Physical Presence request command. + UINT8 LastPPRequest; + UINT32 PPResponse; +} EFI_PHYSICAL_PRESENCE; + +// +// The definition of physical presence operation actions +// +#define PHYSICAL_PRESENCE_NO_ACTION 0 +#define PHYSICAL_PRESENCE_ENABLE 1 +#define PHYSICAL_PRESENCE_DISABLE 2 +#define PHYSICAL_PRESENCE_ACTIVATE 3 +#define PHYSICAL_PRESENCE_DEACTIVATE 4 +#define PHYSICAL_PRESENCE_CLEAR 5 +#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE 6 +#define PHYSICAL_PRESENCE_DEACTIVATE_DISABLE 7 +#define PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE 8 +#define PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE 9 +#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE 10 +#define PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE 11 +#define PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE 12 +#define PHYSICAL_PRESENCE_SET_OPERATOR_AUTH 13 +#define PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE 14 +#define PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE 15 +#define PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE 16 +#define PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE 17 +#define PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE 18 +#define PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_FALSE 19 +#define PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE 20 +#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR 21 +#define PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE 22 + +// +// This variable is used to save TPM Management Flags and corresponding operations. +// It should be protected from malicious software (e.g. Set it as read-only variable). +// +#define PHYSICAL_PRESENCE_FLAGS_VARIABLE L"PhysicalPresenceFlags" +typedef struct { + UINT8 PPFlags; +} EFI_PHYSICAL_PRESENCE_FLAGS; + +// +// The definition bit of the TPM Management Flags +// +#define FLAG_NO_PPI_PROVISION BIT0 +#define FLAG_NO_PPI_CLEAR BIT1 +#define FLAG_NO_PPI_MAINTENANCE BIT2 +#define FLAG_RESET_TRACK BIT3 + +extern EFI_GUID gEfiPhysicalPresenceGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PwdCredentialProviderHii.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PwdCredentialProviderHii.h new file mode 100644 index 00000000..3fea4a00 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/PwdCredentialProviderHii.h @@ -0,0 +1,23 @@ +/** @file + GUID used as HII FormSet and HII Package list GUID in PwdCredentialProviderDxe driver. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PWD_CREDENTIAL_PROVIDER_HII_H__ +#define __PWD_CREDENTIAL_PROVIDER_HII_H__ + +// +// Used for save password credential and form browser. +// Also used as provider identifier. +// +#define PWD_CREDENTIAL_PROVIDER_GUID \ + { \ + 0x78b9ec8b, 0xc000, 0x46c5, { 0xac, 0x93, 0x24, 0xa0, 0xc1, 0xbb, 0x0, 0xce } \ + } + +extern EFI_GUID gPwdCredentialProviderGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecureBootConfigHii.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecureBootConfigHii.h new file mode 100644 index 00000000..4eb61b00 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecureBootConfigHii.h @@ -0,0 +1,20 @@ +/** @file + GUIDs used as HII FormSet and HII Package list GUID in SecureBootConfigDxe driver. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __SECUREBOOT_CONFIG_HII_GUID_H__ +#define __SECUREBOOT_CONFIG_HII_GUID_H__ + +#define SECUREBOOT_CONFIG_FORM_SET_GUID \ + { \ + 0x5daf50a5, 0xea81, 0x4de2, {0x8f, 0x9b, 0xca, 0xbd, 0xa9, 0xcf, 0x5c, 0x14} \ + } + + +extern EFI_GUID gSecureBootConfigFormSetGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecurityPkgTokenSpace.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecurityPkgTokenSpace.h new file mode 100644 index 00000000..305acc02 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/SecurityPkgTokenSpace.h @@ -0,0 +1,19 @@ +/** @file + GUID for SecurityPkg PCD Token Space. + +Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _SECURITYPKG_TOKEN_SPACE_GUID_H_ +#define _SECURITYPKG_TOKEN_SPACE_GUID_H_ + +#define SECURITYPKG_TOKEN_SPACE_GUID \ + { \ + 0xd3fb176, 0x9569, 0x4d51, { 0xa3, 0xef, 0x7d, 0x61, 0xc6, 0x4f, 0xea, 0xba } \ + } + +extern EFI_GUID gEfiSecurityPkgTokenSpaceGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2ConfigHii.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2ConfigHii.h new file mode 100644 index 00000000..eabd394f --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2ConfigHii.h @@ -0,0 +1,19 @@ +/** @file + GUIDs used as HII FormSet and HII Package list GUID in Tcg2Config driver. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __TCG2_CONFIG_HII_GUID_H__ +#define __TCG2_CONFIG_HII_GUID_H__ + +#define TCG2_CONFIG_FORM_SET_GUID \ + { \ + 0x6339d487, 0x26ba, 0x424b, { 0x9a, 0x5d, 0x68, 0x7e, 0x25, 0xd7, 0x40, 0xbc } \ + } + +extern EFI_GUID gTcg2ConfigFormSetGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h new file mode 100644 index 00000000..9840e980 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/Tcg2PhysicalPresenceData.h @@ -0,0 +1,41 @@ +/** @file + Define the variable data structures used for TCG2 physical presence. + The TPM2 request from firmware or OS is saved to variable. And it is + cleared after it is processed in the next boot cycle. The TPM2 response + is saved to variable. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__ +#define __TCG2_PHYSICAL_PRESENCE_DATA_GUID_H__ + +#define EFI_TCG2_PHYSICAL_PRESENCE_DATA_GUID \ + { \ + 0xaeb9c5c1, 0x94f1, 0x4d02, { 0xbf, 0xd9, 0x46, 0x2, 0xdb, 0x2d, 0x3c, 0x54 } \ + } + +#define TCG2_PHYSICAL_PRESENCE_VARIABLE L"Tcg2PhysicalPresence" + +typedef struct { + UINT8 PPRequest; ///< Physical Presence request command. + UINT32 PPRequestParameter; ///< Physical Presence request Parameter. + UINT8 LastPPRequest; + UINT32 PPResponse; +} EFI_TCG2_PHYSICAL_PRESENCE; + +// +// This variable is used to save TCG2 Management Flags and corresponding operations. +// It should be protected from malicious software (e.g. Set it as read-only variable). +// +#define TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE L"Tcg2PhysicalPresenceFlags" +typedef struct { + UINT32 PPFlags; +} EFI_TCG2_PHYSICAL_PRESENCE_FLAGS; + +extern EFI_GUID gEfiTcg2PhysicalPresenceGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgConfigHii.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgConfigHii.h new file mode 100644 index 00000000..48b74bdc --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgConfigHii.h @@ -0,0 +1,19 @@ +/** @file + GUIDs used as HII FormSet and HII Package list GUID in TcgConfig driver. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __TCG_CONFIG_HII_GUID_H__ +#define __TCG_CONFIG_HII_GUID_H__ + +#define TCG_CONFIG_FORM_SET_GUID \ + { \ + 0xb0f901e4, 0xc424, 0x45de, {0x90, 0x81, 0x95, 0xe2, 0xb, 0xde, 0x6f, 0xb5 } \ + } + +extern EFI_GUID gTcgConfigFormSetGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgEventHob.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgEventHob.h new file mode 100644 index 00000000..18d020bf --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TcgEventHob.h @@ -0,0 +1,63 @@ +/** @file + Defines the HOB GUID used to pass a TCG_PCR_EVENT or TCG_PCR_EVENT2 from a TPM PEIM to + a TPM DXE Driver. A GUIDed HOB is generated for each measurement + made in the PEI Phase. + +Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_EVENT_HOB_H_ +#define _TCG_EVENT_HOB_H_ + +/// +/// The Global ID of a GUIDed HOB used to pass a TCG_PCR_EVENT from a TPM PEIM to a TPM DXE Driver. +/// +#define EFI_TCG_EVENT_HOB_GUID \ + { \ + 0x2b9ffb52, 0x1b13, 0x416f, { 0xa8, 0x7b, 0xbc, 0x93, 0xd, 0xef, 0x92, 0xa8 } \ + } + +extern EFI_GUID gTcgEventEntryHobGuid; + +#define EFI_TCG_EVENT2_HOB_GUID \ + { \ + 0xd26c221e, 0x2430, 0x4c8a, { 0x91, 0x70, 0x3f, 0xcb, 0x45, 0x0, 0x41, 0x3f } \ + } + +extern EFI_GUID gTcgEvent2EntryHobGuid; + +/// +/// The Global ID of a GUIDed HOB used to record TPM device error. +/// +#define EFI_TPM_ERROR_GUID \ + { \ + 0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 } \ + } + +extern EFI_GUID gTpmErrorHobGuid; + +/// +/// The Global ID of a GUIDed HOB used to record TPM2 Startup Locality. +/// HOB payload is UINT8 according to Startup Locality Event. +/// +#define EFI_TPM2_STARTUP_LOCALITY_HOB_GUID \ + { \ + 0xef598499, 0xb25e, 0x473a, { 0xbf, 0xaf, 0xe7, 0xe5, 0x7d, 0xce, 0x82, 0xc4 } \ + } + +extern EFI_GUID gTpm2StartupLocalityHobGuid; + +/// +/// The Global ID of a GUIDed HOB used to record TCG 800-155 PlatformId Event. +/// HOB payload is the whole TCG_Sp800_155_PlatformId_Event2 according to TCG 800-155 PlatformId Event. +/// +#define EFI_TCG_800_155_PLATFORM_ID_EVENT_HOB_GUID \ + { \ + 0xe2c3bc69, 0x615c, 0x4b5b, { 0x8e, 0x5c, 0xa0, 0x33, 0xa9, 0xc2, 0x5e, 0xd6 } \ + } + +extern EFI_GUID gTcg800155PlatformIdEventHobGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmInstance.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmInstance.h new file mode 100644 index 00000000..ce617778 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmInstance.h @@ -0,0 +1,32 @@ +/** @file + TPM instance guid, used for PcdTpmInstanceGuid. + +Copyright (c) 2013, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __TPM_INSTANCE_GUID_H__ +#define __TPM_INSTANCE_GUID_H__ + +#define TPM_DEVICE_INTERFACE_NONE \ + { 0x00000000, 0x0000, 0x0000, { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 } } + +#define TPM_DEVICE_INTERFACE_TPM12 \ + { 0x8b01e5b6, 0x4f19, 0x46e8, { 0xab, 0x93, 0x1c, 0x53, 0x67, 0x1b, 0x90, 0xcc } } + +#define TPM_DEVICE_INTERFACE_TPM20_DTPM \ + { 0x286bf25a, 0xc2c3, 0x408c, { 0xb3, 0xb4, 0x25, 0xe6, 0x75, 0x8b, 0x73, 0x17 } } + +extern EFI_GUID gEfiTpmDeviceInstanceNoneGuid; +extern EFI_GUID gEfiTpmDeviceInstanceTpm12Guid; +extern EFI_GUID gEfiTpmDeviceInstanceTpm20DtpmGuid; + + +#define TPM_DEVICE_SELECTED_GUID \ + { 0x7f4158d3, 0x74d, 0x456d, { 0x8c, 0xb2, 0x1, 0xf9, 0xc8, 0xf7, 0x9d, 0xaa } } + +extern EFI_GUID gEfiTpmDeviceSelectedGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmNvsMm.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmNvsMm.h new file mode 100644 index 00000000..51abd89a --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Guid/TpmNvsMm.h @@ -0,0 +1,68 @@ +/** @file + TPM NVS MM guid, used for exchanging information, including SWI value and NVS region + information, for patching TPM ACPI table. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> +Copyright (c) Microsoft Corporation. +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef TCG2_NVS_MM_H_ +#define TCG2_NVS_MM_H_ + +#define MM_TPM_NVS_HOB_GUID \ + { 0xc96c76eb, 0xbc78, 0x429c, { 0x9f, 0x4b, 0xda, 0x51, 0x78, 0xc2, 0x84, 0x57 }} + +extern EFI_GUID gTpmNvsMmGuid; + +#pragma pack(1) +typedef struct { + UINT8 SoftwareSmi; + UINT32 Parameter; + UINT32 Response; + UINT32 Request; + UINT32 RequestParameter; + UINT32 LastRequest; + UINT32 ReturnCode; +} PHYSICAL_PRESENCE_NVS; + +typedef struct { + UINT8 SoftwareSmi; + UINT32 Parameter; + UINT32 Request; + UINT32 ReturnCode; +} MEMORY_CLEAR_NVS; + +typedef struct { + PHYSICAL_PRESENCE_NVS PhysicalPresence; + MEMORY_CLEAR_NVS MemoryClear; + UINT32 PPRequestUserConfirm; + UINT32 TpmIrqNum; + BOOLEAN IsShortFormPkgLength; +} TCG_NVS; + +typedef struct { + UINT8 OpRegionOp; + UINT32 NameString; + UINT8 RegionSpace; + UINT8 DWordPrefix; + UINT32 RegionOffset; + UINT8 BytePrefix; + UINT8 RegionLen; +} AML_OP_REGION_32_8; + +typedef struct { + UINT64 Function; + UINT64 ReturnStatus; + EFI_PHYSICAL_ADDRESS TargetAddress; + UINT64 RegisteredPpSwiValue; + UINT64 RegisteredMcSwiValue; +} TPM_NVS_MM_COMM_BUFFER; +#pragma pack() + +typedef enum { + TpmNvsMmExchangeInfo, +} TPM_NVS_MM_FUNCTION; + +#endif // TCG2_NVS_MM_H_ diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/HashLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/HashLib.h new file mode 100644 index 00000000..c6fb4e23 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/HashLib.h @@ -0,0 +1,167 @@ +/** @file + This library abstract TPM2 hash calculation. + The platform can choose multiply hash, while caller just need invoke these API. + Then all hash value will be returned and/or extended. + +Copyright (c) 2013 - 2016, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _HASH_LIB_H_ +#define _HASH_LIB_H_ + +#include <Uefi.h> +#include <Protocol/Hash.h> +#include <IndustryStandard/Tpm20.h> +typedef UINTN HASH_HANDLE; + +/** + Start hash sequence. + + @param HashHandle Hash handle. + + @retval EFI_SUCCESS Hash sequence start and HandleHandle returned. + @retval EFI_OUT_OF_RESOURCES No enough resource to start hash. +**/ +EFI_STATUS +EFIAPI +HashStart ( + OUT HASH_HANDLE *HashHandle + ); + +/** + Update hash sequence data. + + @param HashHandle Hash handle. + @param DataToHash Data to be hashed. + @param DataToHashLen Data size. + + @retval EFI_SUCCESS Hash sequence updated. +**/ +EFI_STATUS +EFIAPI +HashUpdate ( + IN HASH_HANDLE HashHandle, + IN VOID *DataToHash, + IN UINTN DataToHashLen + ); + +/** + Hash sequence complete and extend to PCR. + + @param HashHandle Hash handle. + @param PcrIndex PCR to be extended. + @param DataToHash Data to be hashed. + @param DataToHashLen Data size. + @param DigestList Digest list. + + @retval EFI_SUCCESS Hash sequence complete and DigestList is returned. +**/ +EFI_STATUS +EFIAPI +HashCompleteAndExtend ( + IN HASH_HANDLE HashHandle, + IN TPMI_DH_PCR PcrIndex, + IN VOID *DataToHash, + IN UINTN DataToHashLen, + OUT TPML_DIGEST_VALUES *DigestList + ); + +/** + Hash data and extend to PCR. + + @param PcrIndex PCR to be extended. + @param DataToHash Data to be hashed. + @param DataToHashLen Data size. + @param DigestList Digest list. + + @retval EFI_SUCCESS Hash data and DigestList is returned. +**/ +EFI_STATUS +EFIAPI +HashAndExtend ( + IN TPMI_DH_PCR PcrIndex, + IN VOID *DataToHash, + IN UINTN DataToHashLen, + OUT TPML_DIGEST_VALUES *DigestList + ); + +/** + Start hash sequence. + + @param HashHandle Hash handle. + + @retval EFI_SUCCESS Hash sequence start and HandleHandle returned. + @retval EFI_OUT_OF_RESOURCES No enough resource to start hash. +**/ +typedef +EFI_STATUS +(EFIAPI *HASH_INIT) ( + OUT HASH_HANDLE *HashHandle + ); + +/** + Update hash sequence data. + + @param HashHandle Hash handle. + @param DataToHash Data to be hashed. + @param DataToHashLen Data size. + + @retval EFI_SUCCESS Hash sequence updated. +**/ +typedef +EFI_STATUS +(EFIAPI *HASH_UPDATE) ( + IN HASH_HANDLE HashHandle, + IN VOID *DataToHash, + IN UINTN DataToHashLen + ); + +/** + Complete hash sequence complete. + + @param HashHandle Hash handle. + @param DigestList Digest list. + + @retval EFI_SUCCESS Hash sequence complete and DigestList is returned. +**/ +typedef +EFI_STATUS +(EFIAPI *HASH_FINAL) ( + IN HASH_HANDLE HashHandle, + OUT TPML_DIGEST_VALUES *DigestList + ); + +#define HASH_ALGORITHM_SHA1_GUID EFI_HASH_ALGORITHM_SHA1_GUID +#define HASH_ALGORITHM_SHA256_GUID EFI_HASH_ALGORITHM_SHA256_GUID +#define HASH_ALGORITHM_SHA384_GUID EFI_HASH_ALGORITHM_SHA384_GUID +#define HASH_ALGORITHM_SHA512_GUID EFI_HASH_ALGORITHM_SHA512_GUID +#define HASH_ALGORITHM_SM3_256_GUID \ + { \ + 0x251C7818, 0x0DBF, 0xE619, { 0x7F, 0xC2, 0xD6, 0xAC, 0x43, 0x42, 0x7D, 0xA3 } \ + } + +typedef struct { + EFI_GUID HashGuid; + HASH_INIT HashInit; + HASH_UPDATE HashUpdate; + HASH_FINAL HashFinal; +} HASH_INTERFACE; + +/** + This service register Hash. + + @param HashInterface Hash interface + + @retval EFI_SUCCESS This hash interface is registered successfully. + @retval EFI_UNSUPPORTED System does not support register this interface. + @retval EFI_ALREADY_STARTED System already register this interface. +**/ +EFI_STATUS +EFIAPI +RegisterHashInterfaceLib ( + IN HASH_INTERFACE *HashInterface + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/PlatformSecureLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/PlatformSecureLib.h new file mode 100644 index 00000000..2e7b6672 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/PlatformSecureLib.h @@ -0,0 +1,36 @@ +/** @file + Provides a secure platform-specific method to detect physically present user. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PLATFORM_SECURE_LIB_H__ +#define __PLATFORM_SECURE_LIB_H__ + + +/** + + This function provides a platform-specific method to detect whether the platform + is operating by a physically present user. + + Programmatic changing of platform security policy (such as disable Secure Boot, + or switch between Standard/Custom Secure Boot mode) MUST NOT be possible during + Boot Services or after exiting EFI Boot Services. Only a physically present user + is allowed to perform these operations. + + NOTE THAT: This function cannot depend on any EFI Variable Service since they are + not available when this function is called in AuthenticateVariable driver. + + @retval TRUE The platform is operated by a physically present user. + @retval FALSE The platform is NOT operated by a physically present user. + +**/ +BOOLEAN +EFIAPI +UserPhysicalPresent ( + VOID + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/RpmcLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/RpmcLib.h new file mode 100644 index 00000000..663d425d --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/RpmcLib.h @@ -0,0 +1,43 @@ +/** @file + Public definitions for the Replay Protected Monotonic Counter (RPMC) Library. + +Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _RPMC_LIB_H_ +#define _RPMC_LIB_H_ + +#include <Uefi/UefiBaseType.h> + +/** + Requests the monotonic counter from the designated RPMC counter. + + @param[out] CounterValue A pointer to a buffer to store the RPMC value. + + @retval EFI_SUCCESS The operation completed successfully. + @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter. + @retval EFI_UNSUPPORTED The operation is un-supported. +**/ +EFI_STATUS +EFIAPI +RequestMonotonicCounter ( + OUT UINT32 *CounterValue + ); + +/** + Increments the monotonic counter in the SPI flash device by 1. + + @retval EFI_SUCCESS The operation completed successfully. + @retval EFI_DEVICE_ERROR A device error occurred while attempting to update the counter. + @retval EFI_UNSUPPORTED The operation is un-supported. +**/ +EFI_STATUS +EFIAPI +IncrementMonotonicCounter ( + VOID + ); + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h new file mode 100644 index 00000000..fa26a9c3 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PhysicalPresenceLib.h @@ -0,0 +1,167 @@ +/** @file + This library is intended to be used by BDS modules. + This library will execute TPM2 request. + +Copyright (c) 2015 - 2020, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG2_PHYSICAL_PRESENCE_LIB_H_ +#define _TCG2_PHYSICAL_PRESENCE_LIB_H_ + +#include <IndustryStandard/Tpm20.h> +#include <IndustryStandard/TcgPhysicalPresence.h> +#include <Protocol/Tcg2Protocol.h> + +// +// UEFI TCG2 library definition bit of the BIOS TPM Management Flags +// +// BIT0 is reserved +#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR BIT1 +// BIT2 is reserved +#define TCG2_LIB_PP_FLAG_RESET_TRACK BIT3 +#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_ON BIT4 +#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF BIT5 +#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS BIT6 +#define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS BIT7 + +// +// UEFI TCG2 library definition bit of the BIOS Information Flags +// +#define TCG2_BIOS_INFORMATION_FLAG_HIERARCHY_CONTROL_STORAGE_DISABLE BIT8 +#define TCG2_BIOS_INFORMATION_FLAG_HIERARCHY_CONTROL_ENDORSEMENT_DISABLE BIT9 + +// +// UEFI TCG2 library definition bit of the BIOS Storage Management Flags +// +#define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID BIT16 +#define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID BIT17 +#define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID BIT18 + +/** + Check and execute the pending TPM request. + + The TPM request may come from OS or BIOS. This API will display request information and wait + for user confirmation if TPM request exists. The TPM request will be sent to TPM device after + the TPM request is confirmed, and one or more reset may be required to make TPM request to + take effect. + + This API should be invoked after console in and console out are all ready as they are required + to display request information and get user input to confirm the request. + + @param PlatformAuth platform auth value. NULL means no platform auth change. +**/ +VOID +EFIAPI +Tcg2PhysicalPresenceLibProcessRequest ( + IN TPM2B_AUTH *PlatformAuth OPTIONAL + ); + +/** + Check if the pending TPM request needs user input to confirm. + + The TPM request may come from OS. This API will check if TPM request exists and need user + input to confirmation. + + @retval TRUE TPM needs input to confirm user physical presence. + @retval FALSE TPM doesn't need input to confirm user physical presence. + +**/ +BOOLEAN +EFIAPI +Tcg2PhysicalPresenceLibNeedUserConfirm ( + VOID + ); + +/** + Return TPM2 ManagementFlags set by PP interface. + + @retval ManagementFlags TPM2 Management Flags. +**/ +UINT32 +EFIAPI +Tcg2PhysicalPresenceLibGetManagementFlags ( + VOID + ); + +/** + The handler for TPM physical presence function: + Return TPM Operation Response to OS Environment. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + @param[out] MostRecentRequest Most recent operation request. + @param[out] Response Response to the most recent operation request. + + @return Return Code for Return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( + OUT UINT32 *MostRecentRequest, + OUT UINT32 *Response + ); + +/** + The handler for TPM physical presence function: + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + @param[in, out] Pointer to OperationRequest TPM physical presence operation request. + @param[in, out] Pointer to RequestParameter TPM physical presence operation request parameter. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + **/ +UINT32 +Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( + IN OUT UINT32 *OperationRequest, + IN OUT UINT32 *RequestParameter + ); + +/** + The handler for TPM physical presence function: + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] RequestParameter TPM physical presence operation request parameter. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( + IN UINT32 OperationRequest, + IN UINT32 RequestParameter + ); + +/** + The handler for TPM physical presence function: + Get User Confirmation Status for Operation. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + @param[in] OperationRequest TPM physical presence operation request. + + @return Return Code for Get User Confirmation Status for Operation. +**/ +UINT32 +EFIAPI +Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( + IN UINT32 OperationRequest + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PpVendorLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PpVendorLib.h new file mode 100644 index 00000000..456b2ddb --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tcg2PpVendorLib.h @@ -0,0 +1,123 @@ +/** @file + This library is to support TCG PC Client Platform Physical Presence Interface Specification + Family "2.0" part, >= 128 Vendor Specific PPI Operation. + + The Vendor Specific PPI operation may change TPM state, BIOS TPM management + flags, and may need additional boot cycle. + + Caution: This function may receive untrusted input. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG2_PP_VENDOR_LIB_H_ +#define _TCG2_PP_VENDOR_LIB_H_ + +#include <IndustryStandard/Tpm20.h> +#include <Protocol/Tcg2Protocol.h> +#include <Library/Tcg2PhysicalPresenceLib.h> + +/** + Check and execute the requested physical presence command. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. + @param[in] OperationRequest TPM physical presence operation request. + @param[in, out] ManagementFlags BIOS TPM Management Flags. + @param[out] ResetRequired If reset is required to vendor settings in effect. + True, it indicates the reset is required. + False, it indicates the reset is not required. + + @return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibExecutePendingRequest ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN UINT32 OperationRequest, + IN OUT UINT32 *ManagementFlags, + OUT BOOLEAN *ResetRequired + ); + +/** + Check if there is a valid physical presence command request. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI. + True, it indicates the command doesn't require user confirm. + False, it indicates the command need user confirm from UI. + + @retval TRUE Physical Presence operation command is valid. + @retval FALSE Physical Presence operation command is invalid. +**/ +BOOLEAN +EFIAPI +Tcg2PpVendorLibHasValidRequest ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags, + OUT BOOLEAN *RequestConfirmed + ); + +/** + The callback for TPM vendor specific physical presence which is called for + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + @param[in] RequestParameter Extra parameter from the passed package. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibSubmitRequestToPreOSFunction ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags, + IN UINT32 RequestParameter + ); + +/** + The callback for TPM vendor specific physical presence which is called for + Get User Confirmation Status for Operation. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + + @return Return Code for Get User Confirmation Status for Operation. +**/ +UINT32 +EFIAPI +Tcg2PpVendorLibGetUserConfirmationStatusFunction ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgEventLogRecordLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgEventLogRecordLib.h new file mode 100644 index 00000000..8631b5b9 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgEventLogRecordLib.h @@ -0,0 +1,97 @@ +/** @file + This library is used by other modules to measure Firmware to TPM. + +Copyright (c) 2020, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_EVENTLOGRECORD_LIB_H_ +#define _TCG_EVENTLOGRECORD_LIB_H_ + +#include <Uefi.h> + +#pragma pack (1) + +#define PLATFORM_FIRMWARE_BLOB_DESC "Fv(XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX)" +typedef struct { + UINT8 BlobDescriptionSize; + UINT8 BlobDescription[sizeof(PLATFORM_FIRMWARE_BLOB_DESC)]; + EFI_PHYSICAL_ADDRESS BlobBase; + UINT64 BlobLength; +} PLATFORM_FIRMWARE_BLOB2_STRUCT; + +#define HANDOFF_TABLE_POINTER_DESC "1234567890ABCDEF" +typedef struct { + UINT8 TableDescriptionSize; + UINT8 TableDescription[sizeof(HANDOFF_TABLE_POINTER_DESC)]; + UINT64 NumberOfTables; + EFI_CONFIGURATION_TABLE TableEntry[1]; +} HANDOFF_TABLE_POINTERS2_STRUCT; + +#pragma pack () + +/** + Get the FvName from the FV header. + + Causion: The FV is untrusted input. + + @param[in] FvBase Base address of FV image. + @param[in] FvLength Length of FV image. + + @return FvName pointer + @retval NULL FvName is NOT found +**/ +VOID * +TpmMeasurementGetFvName ( + IN EFI_PHYSICAL_ADDRESS FvBase, + IN UINT64 FvLength + ); + +/** + Measure a FirmwareBlob. + + @param[in] PcrIndex PCR Index. + @param[in] Description Description for this FirmwareBlob. + @param[in] FirmwareBlobBase Base address of this FirmwareBlob. + @param[in] FirmwareBlobLength Size in bytes of this FirmwareBlob. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +*/ +EFI_STATUS +EFIAPI +MeasureFirmwareBlob ( + IN UINT32 PcrIndex, + IN CHAR8 *Description OPTIONAL, + IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase, + IN UINT64 FirmwareBlobLength + ); + +/** + Measure a HandoffTable. + + @param[in] PcrIndex PcrIndex of the measurement. + @param[in] Description Description for this HandoffTable. + @param[in] TableGuid GUID of this HandoffTable. + @param[in] TableAddress Base address of this HandoffTable. + @param[in] TableLength Size in bytes of this HandoffTable. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +*/ +EFI_STATUS +EFIAPI +MeasureHandoffTable ( + IN UINT32 PcrIndex, + IN CHAR8 *Description OPTIONAL, + IN EFI_GUID *TableGuid, + IN VOID *TableAddress, + IN UINTN TableLength + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h new file mode 100644 index 00000000..8a9c535a --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPhysicalPresenceLib.h @@ -0,0 +1,48 @@ +/** @file + This library is intended to be used by BDS modules. + This library will lock TPM after executing TPM request. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_PHYSICAL_PRESENCE_LIB_H_ +#define _TCG_PHYSICAL_PRESENCE_LIB_H_ + +/** + Check and execute the pending TPM request and Lock TPM. + + The TPM request may come from OS or BIOS. This API will display request information and wait + for user confirmation if TPM request exists. The TPM request will be sent to TPM device after + the TPM request is confirmed, and one or more reset may be required to make TPM request to + take effect. At last, it will lock TPM to prevent TPM state change by malware. + + This API should be invoked after console in and console out are all ready as they are required + to display request information and get user input to confirm the request. This API should also + be invoked as early as possible as TPM is locked in this function. + +**/ +VOID +EFIAPI +TcgPhysicalPresenceLibProcessRequest ( + VOID + ); + +/** + Check if the pending TPM request needs user input to confirm. + + The TPM request may come from OS. This API will check if TPM request exists and need user + input to confirmation. + + @retval TRUE TPM needs input to confirm user physical presence. + @retval FALSE TPM doesn't need input to confirm user physical presence. + +**/ +BOOLEAN +EFIAPI +TcgPhysicalPresenceLibNeedUserConfirm( + VOID + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPpVendorLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPpVendorLib.h new file mode 100644 index 00000000..d57316b0 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgPpVendorLib.h @@ -0,0 +1,153 @@ +/** @file + This library is to support TCG Physical Presence Interface (PPI) specification + >= 128 Vendor Specific PPI Operation. + + The Vendor Specific PPI operation may change TPM state, BIOS TPM management + flags, and may need additional boot cycle. + + Caution: This function may receive untrusted input. + +Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_PP_VENDOR_LIB_H_ +#define _TCG_PP_VENDOR_LIB_H_ + +// +// The definition of physical presence operation actions +// +#define TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION 128 + +// +// The definition bit of the BIOS TPM Management Flags +// +#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION BIT0 +#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR BIT1 +#define TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE BIT2 +#define TCG_VENDOR_LIB_FLAG_RESET_TRACK BIT3 + +// +// The definition for TPM Operation Response to OS Environment +// +#define TCG_PP_OPERATION_RESPONSE_SUCCESS 0x0 +#define TCG_PP_OPERATION_RESPONSE_USER_ABORT 0xFFFFFFF0 +#define TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE 0xFFFFFFF1 + +// +// The return code for Submit TPM Request to Pre-OS Environment +// and Submit TPM Request to Pre-OS Environment 2 +// +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS 0 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED 1 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE 2 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS 3 + +// +// The return code for Get User Confirmation Status for Operation +// +#define TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED 0 +#define TCG_PP_GET_USER_CONFIRMATION_BIOS_ONLY 1 +#define TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION 2 +#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED 3 +#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED 4 + +/** + Check and execute the requested physical presence command. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in, out] ManagementFlags BIOS TPM Management Flags. + @param[out] ResetRequired If reset is required to vendor settings in effect. + True, it indicates the reset is required. + False, it indicates the reset is not required. + + @return TPM Operation Response to OS Environment. +**/ +UINT32 +EFIAPI +TcgPpVendorLibExecutePendingRequest ( + IN UINT32 OperationRequest, + IN OUT UINT32 *ManagementFlags, + OUT BOOLEAN *ResetRequired + ); + +/** + Check if there is a valid physical presence command request. + + This API should be invoked in BIOS boot phase to process pending request. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + @param[out] RequestConfirmed If the physical presence operation command required user confirm from UI. + True, it indicates the command doesn't require user confirm. + False, it indicates the command need user confirm from UI. + + @retval TRUE Physical Presence operation command is valid. + @retval FALSE Physical Presence operation command is invalid. +**/ +BOOLEAN +EFIAPI +TcgPpVendorLibHasValidRequest ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags, + OUT BOOLEAN *RequestConfirmed + ); + +/** + The callback for TPM vendor specific physical presence which is called for + Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + + @return Return Code for Submit TPM Operation Request to Pre-OS Environment and + Submit TPM Operation Request to Pre-OS Environment 2. +**/ +UINT32 +EFIAPI +TcgPpVendorLibSubmitRequestToPreOSFunction ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags + ); + +/** + The callback for TPM vendor specific physical presence which is called for + Get User Confirmation Status for Operation. + + This API should be invoked in OS runtime phase to interface with ACPI method. + + Caution: This function may receive untrusted input. + + If OperationRequest < 128, then ASSERT(). + + @param[in] OperationRequest TPM physical presence operation request. + @param[in] ManagementFlags BIOS TPM Management Flags. + + @return Return Code for Get User Confirmation Status for Operation. +**/ +UINT32 +EFIAPI +TcgPpVendorLibGetUserConfirmationStatusFunction ( + IN UINT32 OperationRequest, + IN UINT32 ManagementFlags + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageCoreLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageCoreLib.h new file mode 100644 index 00000000..3ec22418 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageCoreLib.h @@ -0,0 +1,1309 @@ +/** @file + Public API for the Tcg Core library to perform the lowest level TCG Data encoding. + + (TCG Storage Architecture Core Specification, Version 2.01, Revision 1.00, + https://trustedcomputinggroup.org/tcg-storage-architecture-core-specification/) + + Check http://trustedcomputinggroup.org for latest specification updates. + +Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_CORE_H_ +#define _TCG_CORE_H_ + +#include <IndustryStandard/TcgStorageCore.h> + +#define ERROR_CHECK(arg) \ + { \ + TCG_RESULT ret = (arg); \ + if (ret != TcgResultSuccess) { \ + DEBUG ((DEBUG_INFO, "ERROR_CHECK failed at %a:%u\n", __FILE__, __LINE__)); \ + return ret; \ + } \ + } + +#define METHOD_STATUS_ERROR_CHECK(arg, failRet) \ + if ((arg) != TCG_METHOD_STATUS_CODE_SUCCESS) { \ + DEBUG ((DEBUG_INFO, "Method Status error: 0x%02X (%a)\n", arg, TcgMethodStatusString(arg))); \ + return (failRet); \ + } + +#define NULL_CHECK(arg) \ + do { \ + if ((arg) == NULL) { \ + DEBUG ((DEBUG_INFO, "NULL_CHECK(%a) failed at %a:%u\n", #arg, __FILE__, __LINE__)); \ + return TcgResultFailureNullPointer; \ + } \ + } while (0) + +#pragma pack(1) + +/** +Tcg result codes. + +The result code indicates if the Tcg function call was successful or not +**/ +typedef enum { + // + // This is the return result upon successful completion of a Tcg function call + // + TcgResultSuccess, + + // + // This is the return "catchall" result for the failure of a Tcg function call + // + TcgResultFailure, + + // + // This is the return result if a required parameter was Null for a Tcg function call + // + TcgResultFailureNullPointer, + + // + // This is the return result if a required buffersize was 0 for a Tcg function call + // + TcgResultFailureZeroSize, + + // + // This is the return result if a Tcg function call was executed out of order. + // For instance, starting a Tcg subpacket before starting its Tcg packet. + // + TcgResultFailureInvalidAction, + + // + // This is the return result if the buffersize provided is not big enough to add a requested Tcg encoded item. + // + TcgResultFailureBufferTooSmall, + + // + // This is the return result for a Tcg parse function if the end of the parsed Buffer is reached, yet Data is still attempted to be retrieved. + // For instance, attempting to retrieve another Tcg token from the Buffer after it has reached the end of the Tcg subpacket payload. + // + TcgResultFailureEndBuffer, + + // + // This is the return result for a Tcg parse function if the Tcg Token item requested is not the expected type. + // For instance, the caller requested to receive an integer and the Tcg token was a byte sequence. + // + TcgResultFailureInvalidType, +} TCG_RESULT; + +// +// Structure that is used to build the Tcg ComPacket. It contains the start Buffer pointer and the current position of the +// Tcg ComPacket, current Tcg Packet and Tcg SubPacket. This structure must be initialized +// by calling tcgInitTcgCreateStruct before it is used as parameter to any other Tcg function. +// This structure should NOT be directly modified by the client of this library. +// +// NOTE: WE MAY MAKE THIS AN ABSTRACT STRUCTURE WITH A DEFINED SIZE AND KEEP THE VARIABLES +// INTERNAL AND ONLY KNOWN TO THE TCG LIBRARY +// +// tcgInitTcgCreateStruct +// +typedef struct { + // + // Buffer allocated and freed by the client of the Tcg library. + // This is the Buffer that shall contain the final Tcg encoded compacket. + // + VOID *Buffer; + + // + // Size of the Buffer provided. + // + UINT32 BufferSize; + + // + //Pointer to the start of the Tcg ComPacket. It should point to a location within Buffer. + // + TCG_COM_PACKET *ComPacket; + + // + // Current Tcg Packet that is being created. It should point to a location within Buffer. + // + TCG_PACKET *CurPacket; + + // + // Current Tcg SubPacket that is being created. It should point to a location within Buffer. + // + TCG_SUB_PACKET *CurSubPacket; + + // + // Flag used to indicate if the Buffer of the structure should be filled out. + // This is intended to be used to support a use-case where the client of library + // can perform all the desired tcg calls to determine what the actual Size of the final compacket will be. + // Then the client can allocate the required Buffer Size and re-run the tcg calls. + // THIS MAY NOT BE IMPLEMENTED... REQUIRES MORE THOUGHT BECAUSE YOU CANNOT SOLVE ISSUE FOR RECEIVE + // + BOOLEAN DryRun; +} TCG_CREATE_STRUCT; + +// +// Structure that is used to parse the Tcg response received. It contains the response Buffer pointer +// and the current position of the Tcg ComPacket, current Tcg Packet and Tcg SubPacket being parsed. +// This structure must be initialized by calling tcgInitTcgParseStruct before it is used as parameter to any other Tcg parse function. +// This structure should NOT be directly modified by the client of this library. +// +// NOTE: WE MAY MAKE THIS AN ABSTRACT STRUCTURE WITH A DEFINED SIZE AND KEEP THE VARIABLES +// INTERNAL AND ONLY KNOWN TO THE TCG LIBRARY +// +// @sa tcgInitTcgParseStruct +// +typedef struct { + // + // Buffer allocated and freed by the client of the Tcg library. + // This is the Buffer that contains the Tcg response to decode/parse. + // + const VOID* Buffer; + + // + //Size of the Buffer provided. + // + UINT32 BufferSize; + + // + // Pointer to the start of the Tcg ComPacket. It should point to a location within Buffer. + // + TCG_COM_PACKET *ComPacket; + + // + // Current Tcg Packet that is being created. It should point to a location within Buffer. + // + TCG_PACKET *CurPacket; + + // + // Current Tcg SubPacket that is being created. It should point to a location within Buffer. + // + TCG_SUB_PACKET *CurSubPacket; + + // + // Current pointer within the current subpacket payload. + // + UINT8 *CurPtr; +} TCG_PARSE_STRUCT ; + + +// +// Structure that is used to represent a Tcg Token that is retrieved by Tcg parse functions. +// +typedef struct { + // + // Describes the type of Tcg token the Hdr start points to. + // + TCG_TOKEN_TYPE Type; + + // + // Pointer to the beginning of the Header of the Tcg token + // + UINT8 *HdrStart; +} TCG_TOKEN ; + +/** + + Required to be called before calling any other Tcg functions with the TCG_CREATE_STRUCT. + Initializes the packet variables to NULL. Additionally, the buffer will be memset. + + @param[in/out] CreateStruct Structure to initialize + @param[in] Buffer Buffer allocated by client of library. It will contain the Tcg encoded packet. This cannot be null. + @param[in] BufferSize Size of buffer provided. It cannot be 0. + +**/ +TCG_RESULT +EFIAPI +TcgInitTcgCreateStruct( + TCG_CREATE_STRUCT *CreateStruct, + VOID *Buffer, + UINT32 BufferSize + ); + + +/** + + Encodes the ComPacket header to the data structure. + + @param[in/out] CreateStruct Structure to initialize + @param[in] ComId ComID of the Tcg ComPacket. + @param[in] ComIdExtension ComID Extension of the Tcg ComPacket. + +**/ +TCG_RESULT +EFIAPI +TcgStartComPacket( + TCG_CREATE_STRUCT *CreateStruct, + UINT16 ComId, + UINT16 ComIdExtension + ); + + +/** + + Starts a new ComPacket in the Data structure. + + @param[in/out] CreateStruct Structure used to add Tcg Packet + @param[in] Tsn Packet Tper session number + @param[in] Hsn Packet Host session number + @param[in] SeqNumber Packet Sequence Number + @param[in] AckType Packet Acknowledge Type + @param[in] Ack Packet Acknowledge + +**/ +TCG_RESULT +EFIAPI +TcgStartPacket( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 Tsn, + UINT32 Hsn, + UINT32 SeqNumber, + UINT16 AckType, + UINT32 Ack + ); + +/** + + Starts a new SubPacket in the Data structure. + + @param[in/out] CreateStruct Structure used to start Tcg SubPacket + @param[in] Kind SubPacket kind + +**/ +TCG_RESULT +EFIAPI +TcgStartSubPacket( + TCG_CREATE_STRUCT *CreateStruct, + UINT16 Kind + ); + + +/** + + Ends the current SubPacket in the Data structure. This function will also perform the 4-byte padding + required for Subpackets. + + @param[in/out] CreateStruct Structure used to end the current Tcg SubPacket + +**/ +TCG_RESULT +EFIAPI +TcgEndSubPacket( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + + Ends the current Packet in the Data structure. + + @param[in/out] CreateStruct Structure used to end the current Tcg Packet + +**/ +TCG_RESULT +EFIAPI +TcgEndPacket( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + + Ends the ComPacket in the Data structure and ret + + @param[in/out] CreateStruct Structure used to end the Tcg ComPacket + @param[in/out] Size Describes the Size of the entire ComPacket (Header and payload). Filled out by function. + +**/ +TCG_RESULT +EFIAPI +TcgEndComPacket( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size + ); + +/** + Adds a single raw token byte to the Data structure. + + @param[in/out] CreateStruct Structure used to add the byte + @param [in] Byte Byte to add + +**/ +TCG_RESULT +EFIAPI +TcgAddRawByte( + TCG_CREATE_STRUCT *CreateStruct, + UINT8 Byte + ); + + +/** + + Adds the Data parameter as a byte sequence to the Data structure. + + @param [in/out] CreateStruct Structure used to add the byte sequence + @param[in] Data Byte sequence that will be encoded and copied into Data structure + @param[in] DataSize Length of Data provided + @param[in] Continued TRUE if byte sequence is continued or + FALSE if the Data contains the entire byte sequence to be encoded + +**/ +TCG_RESULT +EFIAPI +TcgAddByteSequence( + TCG_CREATE_STRUCT *CreateStruct, + const VOID *Data, + UINT32 DataSize, + BOOLEAN Continued + ); + + +/** + + Adds an arbitrary-Length integer to the Data structure. + + The integer will be encoded using the shortest possible atom. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Data Integer in host byte order that will be encoded and copied into Data structure + @param[in] DataSize Length in bytes of the Data provided + @param[in] SignedInteger TRUE if the integer is signed or FALSE if the integer is unsigned + +**/ +TCG_RESULT +EFIAPI +TcgAddInteger( + TCG_CREATE_STRUCT *CreateStruct, + const VOID *Data, + UINT32 DataSize, + BOOLEAN SignedInteger + ); + + +/** + Adds an 8-bit unsigned integer to the Data structure. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Value Integer Value to add + +**/ +TCG_RESULT +EFIAPI +TcgAddUINT8( + TCG_CREATE_STRUCT *CreateStruct, + UINT8 Value + ); + +/** + + Adds a 16-bit unsigned integer to the Data structure. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Value Integer Value to add + +**/ +TCG_RESULT +EFIAPI +TcgAddUINT16 ( + TCG_CREATE_STRUCT *CreateStruct, + UINT16 Value + ); + +/** + + Adds a 32-bit unsigned integer to the Data structure. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Value Integer Value to add + +**/ +TCG_RESULT +EFIAPI +TcgAddUINT32( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 Value + ); + + +/** + + Adds a 64-bit unsigned integer to the Data structure. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Value Integer Value to add + +**/ +TCG_RESULT +EFIAPI +TcgAddUINT64( + TCG_CREATE_STRUCT *CreateStruct, + UINT64 Value + ); + +/** + Adds a BOOLEAN to the Data structure. + + @param[in/out] CreateStruct Structure used to add the integer + @param[in] Value BOOLEAN Value to add + +**/ +TCG_RESULT +EFIAPI +TcgAddBOOLEAN( + TCG_CREATE_STRUCT *CreateStruct, + BOOLEAN Value + ); + +/** + Add tcg uid info. + + @param [in/out] CreateStruct Structure used to add the integer + @param Uid Input uid info. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgAddTcgUid( + TCG_CREATE_STRUCT *CreateStruct, + TCG_UID Uid + ); + +/** + Adds a Start List token to the Data structure. + + @param[in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddStartList( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + + Adds an End List token to the Data structure. + + @param [in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddEndList( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + Adds a Start Name token to the Data structure. + + @param[in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddStartName( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + + Adds an End Name token to the Data structure. + + @param [in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddEndName( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + Adds a Call token to the Data structure. + + @param [in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddCall( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + +Adds an End of Data token to the Data structure. + +@param[in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddEndOfData( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + +Adds an End of Session token to the Data structure. + +@param [in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddEndOfSession( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + Adds a Start Transaction token to the Data structure. + + @param [in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddStartTransaction( + TCG_CREATE_STRUCT *CreateStruct + ); + + +/** + Adds an End Transaction token to the Data structure. + + @param[in/out] CreateStruct Structure used to add the token + +**/ +TCG_RESULT +EFIAPI +TcgAddEndTransaction( + TCG_CREATE_STRUCT *CreateStruct + ); + +/** + Initial the tcg parse structure. + + @param ParseStruct Input parse structure. + @param Buffer Input buffer data. + @param BufferSize Input buffer size. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgInitTcgParseStruct( + TCG_PARSE_STRUCT *ParseStruct, + const VOID *Buffer, + UINT32 BufferSize + ); + +/** + Get next token info. + + @param ParseStruct Input parse structure info. + @param TcgToken return the tcg token info. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextToken( + TCG_PARSE_STRUCT *ParseStruct, + TCG_TOKEN *TcgToken + ); + +/** + Get next token Type. + + @param ParseStruct Input parse structure. + @param Type Input the type need to check. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextTokenType( + TCG_PARSE_STRUCT *ParseStruct, + TCG_TOKEN_TYPE Type + ); + +/** + Get atom info. + + @param TcgToken Input token info. + @param HeaderLength return the header length. + @param DataLength return the data length. + @param ByteOrInt return the atom Type. + @param SignOrCont return the sign or count info. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetAtomInfo( + const TCG_TOKEN *TcgToken, + UINT32 *HeaderLength, + UINT32 *DataLength, + UINT8 *ByteOrInt, + UINT8 *SignOrCont + ); + +/** + Get token byte sequence. + + @param TcgToken Input token info. + @param Length Input the length info. + + @retval Return the value data. + +**/ +UINT8* +EFIAPI +TcgGetTokenByteSequence( + const TCG_TOKEN *TcgToken, + UINT32 *Length + ); + +/** + Get token specified value. + + @param TcgToken Input token info. + @param Value return the value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetTokenUINT64( + const TCG_TOKEN *TcgToken, + UINT64 *Value + ); + + +/** + Get next specify value. + + @param ParseStruct Input parse structure. + @param Value Return value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextUINT8( + TCG_PARSE_STRUCT *ParseStruct, + UINT8 *Value + ); + + +/** + Get next specify value. + + @param ParseStruct Input parse structure. + @param Value Return value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextUINT16( + TCG_PARSE_STRUCT *ParseStruct, + UINT16 *Value + ); + +/** + Get next specify value. + + @param ParseStruct Input parse structure. + @param Value Return value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextUINT32( + TCG_PARSE_STRUCT *ParseStruct, + UINT32 *Value + ); + +/** + Get next specify value. + + @param ParseStruct Input parse structure. + @param Value Return value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextUINT64( + TCG_PARSE_STRUCT *ParseStruct, + UINT64 *Value + ); + +/** + Get next specify value. + + @param ParseStruct Input parse structure. + @param Value Return value. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextBOOLEAN( + TCG_PARSE_STRUCT *ParseStruct, + BOOLEAN *Value + ); + +/** + Get next tcg uid info. + + @param ParseStruct Input parse structure. + @param Uid Get the uid info. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextTcgUid( + TCG_PARSE_STRUCT *ParseStruct, + TCG_UID *Uid + ); + +/** + Get next byte sequence. + + @param ParseStruct Input parse structure. + @param Data return the data. + @param Length return the length. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextByteSequence( + TCG_PARSE_STRUCT *ParseStruct, + const VOID **Data, + UINT32 *Length + ); + +/** + Get next start list. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextStartList( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next end list. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextEndList( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next start name. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextStartName( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next end name. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextEndName( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next call. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextCall( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next end data. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextEndOfData( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next end of session. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextEndOfSession( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next start transaction. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextStartTransaction( + TCG_PARSE_STRUCT *ParseStruct + ); + +/** + Get next end transaction. + + @param ParseStruct Input parse structure. + + @retval return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgGetNextEndTransaction( + TCG_PARSE_STRUCT *ParseStruct + ); + +// end of parse functions + + +typedef +BOOLEAN +(EFIAPI* TCG_LEVEL0_ENUM_CALLBACK) ( + const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader, + TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feature, + UINTN FeatureSize, // includes header + VOID *Context +); + +/** + Adds call token and method Header (invoking id, and method id). + + @param CreateStruct The input create structure. + @param InvokingId Invoking id. + @param MethodId Method id. + +**/ +TCG_RESULT +EFIAPI +TcgStartMethodCall( + TCG_CREATE_STRUCT *CreateStruct, + TCG_UID InvokingId, + TCG_UID MethodId + ); + +/** + Adds START LIST token. + + @param CreateStruct The input create structure. + +**/ +TCG_RESULT +EFIAPI +TcgStartParameters( + TCG_CREATE_STRUCT *CreateStruct + ); + +/** + Adds END LIST token. + + @param CreateStruct The input create structure. + +**/ +TCG_RESULT +EFIAPI +TcgEndParameters( + TCG_CREATE_STRUCT *CreateStruct + ); + +/** + Adds END Data token and method list. + + @param CreateStruct The input create structure. + +**/ +TCG_RESULT +EFIAPI +TcgEndMethodCall( + TCG_CREATE_STRUCT *CreateStruct + ); + +/** + + Adds Start Session call to the data structure. This creates the entire ComPacket structure and + returns the size of the entire compacket in the size parameter. + + @param [in/out] CreateStruct Structure used to add the start session call + @param [in/out] Size Describes the size of the entire ComPacket (header and payload). Filled out by function. + @param [in] ComId ComID for the ComPacket + @param [in] ComIdExtension Extended ComID for the ComPacket + @param [in] HostSessionId Host Session ID + @param [in] SpId Security Provider to start session with + @param [in] Write Write option for start session. TRUE = start session requests write access + @param [in] HostChallengeLength Length of the host challenge. Length should be 0 if hostChallenge is NULL + @param [in] HostChallenge Host challenge for Host Signing Authority. If NULL, then no Host Challenge shall be sent. + @param [in] HostSigningAuthority Host Signing Authority used for start session. If NULL, then no Host Signing Authority shall be sent. + +**/ +TCG_RESULT +EFIAPI +TcgCreateStartSession( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 HostSessionId, + TCG_UID SpId, + BOOLEAN Write, + UINT32 HostChallengeLength, + const VOID *HostChallenge, + TCG_UID HostSigningAuthority + ); + +/** + Creates ComPacket with a Method call that sets the PIN column for the row specified. + This assumes a start session has already been opened with the desired SP. + + @param [in/out] CreateStruct Structure used to add method call. + @param [in/out] Size Describes the size of the entire ComPacket (header and payload). Filled out by function. + @param [in] ComId ComID for the ComPacket + @param [in] ComIdExtension Extended ComID for the ComPacket + @param [in] TperSession Tper Session ID for the Packet + @param [in] HostSession Host Session ID for the Packet + @param [in] SidRow UID of row of current SP to set PIN column + @param [in] Password value of PIN to set + @param [in] PasswordSize Size of PIN + +**/ +TCG_RESULT +EFIAPI +TcgCreateSetCPin( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 TperSession, + UINT32 HostSession, + TCG_UID SidRow, + const VOID *Password, + UINT32 PasswordSize + ); + +/** + Creates ComPacket with a Method call that sets the "Enabled" column for the row specified using the value specified. + This assumes a start session has already been opened with the desired SP. + + @param [in/out] CreateStruct Structure used to add method call + @param [in/out] Size Describes the size of the entire ComPacket (header and payload). Filled out by function. + @param [in] ComId ComID for the ComPacket + @param [in] ComIdExtension Extended ComID for the ComPacket + @param [in] TperSession Tper Session ID for the Packet + @param [in] HostSession Host Session ID for the Packet + @param [in] AuthorityUid Authority UID to modify the "Enabled" column for + @param [in] Enabled Value to set the "Enabled" column to + +**/ +TCG_RESULT +EFIAPI +TcgSetAuthorityEnabled( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 TperSession, + UINT32 HostSession, + TCG_UID AuthorityUid, + BOOLEAN Enabled + ); + +/** + + Creates ComPacket with EndSession. + This assumes a start session has already been opened. + + @param [in/out] CreateStruct Structure used to add Endsession + @param [in/out] Size Describes the size of the entire ComPacket (header and payload). Filled out by function. + @param [in] ComId ComID for the ComPacket + @param [in] ComIdExtension Extended ComID for the ComPacket + @param [in] HostSessionId Host Session ID for the Packet + @param [in] TpSessionId Tper Session ID for the Packet + +**/ +TCG_RESULT +EFIAPI +TcgCreateEndSession( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 HostSessionId, + UINT32 TpSessionId + ); + + +/** + + Retrieves human-readable token type name. + + @param[in] Type Token type to retrieve + +**/ +CHAR8* +EFIAPI +TcgTokenTypeString( + TCG_TOKEN_TYPE Type + ); + +/** + Returns the method status of the current subpacket. Does not affect the current position + in the ComPacket. In other words, it can be called whenever you have a valid SubPacket. + + @param [in/out] ParseStruct Structure used to parse received TCG response + @param [in/out] MethodStatus Method status retrieved of the current SubPacket + +**/ +TCG_RESULT +EFIAPI +TcgGetMethodStatus( + const TCG_PARSE_STRUCT *ParseStruct, + UINT8 *MethodStatus + ); + +/** + Returns a human-readable string representing a method status return code. + + @param[in] MethodStatus Method status to translate to a string + + + @retval return the string info. +**/ +CHAR8* +EFIAPI +TcgMethodStatusString( + UINT8 MethodStatus + ); + + +/** + Retrieves the comID and Extended comID of the ComPacket in the Tcg response. + It is intended to be used to confirm the received Tcg response is intended for user that received it. + + @param [in] ParseStruct Structure used to parse received TCG response. + @param [in/out] ComId comID retrieved from received ComPacket. + @param [in/out] ComIdExtension Extended comID retrieved from received ComPacket + +**/ +TCG_RESULT +EFIAPI +TcgGetComIds( + const TCG_PARSE_STRUCT *ParseStruct, + UINT16 *ComId, + UINT16 *ComIdExtension + ); + +/** + Checks if the ComIDs of the response match the expected values. + + @param[in] ParseStruct Structure used to parse received TCG response + @param[in] ExpectedComId Expected comID + @param[in] ExpectedComIdExtension Expected extended comID + +**/ +TCG_RESULT +EFIAPI +TcgCheckComIds( + const TCG_PARSE_STRUCT *ParseStruct, + UINT16 ExpectedComId, + UINT16 ExpectedComIdExtension + ); + +/** + Parses the Sync Session response contained in the parseStruct to retrieve Tper session ID. If the Sync Session response + parameters do not match the comID, extended ComID and host session ID then a failure is returned. + + @param[in/out] ParseStruct Structure used to parse received TCG response, contains Sync Session response. + @param[in] ComId Expected ComID that is compared to actual ComID of response + @param[in] ComIdExtension Expected Extended ComID that is compared to actual Extended ComID of response + @param[in] HostSessionId Expected Host Session ID that is compared to actual Host Session ID of response + @param[in/out] TperSessionId Tper Session ID retrieved from the Sync Session response. + +**/ +TCG_RESULT +EFIAPI +TcgParseSyncSession( + const TCG_PARSE_STRUCT *ParseStruct, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 HostSessionId, + UINT32 *TperSessionId + ); + +/** + Create set ace. + + @param CreateStruct Input create structure. + @param Size size info. + @param ComId ComId info. + @param ComIdExtension ComId extension info. + @param TperSession Tper session data. + @param HostSession Host session data. + @param AceRow Ace row info. + @param Authority1 Authority 1 info. + @param LogicalOperator Logical operator info. + @param Authority2 Authority 2 info. + + @retval Return the action result. + +**/ +TCG_RESULT +EFIAPI +TcgCreateSetAce( + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size, + UINT16 ComId, + UINT16 ComIdExtension, + UINT32 TperSession, + UINT32 HostSession, + TCG_UID AceRow, + TCG_UID Authority1, + BOOLEAN LogicalOperator, + TCG_UID Authority2 + ); + +/** + Enum level 0 discovery. + + @param DiscoveryHeader Discovery header. + @param Callback Callback function. + @param Context The context for the function. + + @retval return true if the callback return TRUE, else return FALSE. + +**/ +BOOLEAN +EFIAPI +TcgEnumLevel0Discovery( + const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader, + TCG_LEVEL0_ENUM_CALLBACK Callback, + VOID *Context + ); + +/** + Get Feature code from the header. + + @param DiscoveryHeader The discovery header. + @param FeatureCode return the Feature code. + @param FeatureSize return the Feature size. + + @retval return the Feature code data. +**/ +TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER* +EFIAPI +TcgGetFeature( + const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader, + UINT16 FeatureCode, + UINTN *FeatureSize + ); + +/** + Determines if the protocol provided is part of the provided supported protocol list. + + @param[in] ProtocolList Supported protocol list to investigate + @param[in] Protocol Protocol value to determine if supported + + @return TRUE = protocol is supported, FALSE = protocol is not supported +**/ +BOOLEAN +EFIAPI +TcgIsProtocolSupported( + const TCG_SUPPORTED_SECURITY_PROTOCOLS *ProtocolList, + UINT16 Protocol + ); + +/** + Determines if the Locking Feature "Locked" bit is set in the level 0 discovery response. + + @param[in] Discovery Level 0 discovery response + + @return TRUE = Locked is set, FALSE = Locked is false + +**/ +BOOLEAN +EFIAPI +TcgIsLocked( + const TCG_LEVEL0_DISCOVERY_HEADER *Discovery + ); + +#pragma pack() + + +#endif // _TCG_CORE_H_ diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageOpalLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageOpalLib.h new file mode 100644 index 00000000..cb21e7c5 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TcgStorageOpalLib.h @@ -0,0 +1,892 @@ +/** @file + Public API for Opal Core library. + + (TCG Storage Architecture Core Specification, Version 2.01, Revision 1.00, + https://trustedcomputinggroup.org/tcg-storage-architecture-core-specification/ + + Storage Work Group Storage Security Subsystem Class: Pyrite, Specification Version 2.00, Revision 1.00, + https://trustedcomputinggroup.org/resource/tcg-storage-security-subsystem-class-pyrite/ + + Storage Work Group Storage Security Subsystem Class: Opal, Version 2.01 Final, Revision 1.00, + https://trustedcomputinggroup.org/storage-work-group-storage-security-subsystem-class-opal/ + + TCG Storage Security Subsystem Class: Opalite Version 1.00 Revision 1.00, + https://trustedcomputinggroup.org/tcg-storage-security-subsystem-class-opalite/ + + TCG Storage Feature Set: Block SID Authentication, Version 1.00 Final, Revision 1.00, + https://trustedcomputinggroup.org/tcg-storage-feature-set-block-sid-authentication-specification/ + + TCG Storage Opal SSC Feature Set: PSID Version 1.00, Revision 1.00, + https://trustedcomputinggroup.org/tcg-storage-opal-feature-set-psid/) + + Check http://trustedcomputinggroup.org for latest specification updates. + +Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _OPAL_CORE_H_ +#define _OPAL_CORE_H_ + +#include <IndustryStandard/TcgStorageOpal.h> + +#include <Library/TcgStorageCoreLib.h> +#include <Protocol/StorageSecurityCommand.h> + +#pragma pack(1) + +typedef struct { + // + // Opal SSC 1 support (0 - not supported, 1 - supported) + // + UINT32 OpalSsc1 : 1; + + // + // Opal SSC 2support (0 - not supported, 1 - supported) + // + UINT32 OpalSsc2 : 1; + + // + // Opal SSC Lite support (0 - not supported, 1 - supported) + // + UINT32 OpalSscLite : 1; + + // + // Pyrite SSC support (0 - not supported, 1 - supported) + // + UINT32 PyriteSsc : 1; + + // + // Security protocol 1 support (0 - not supported, 1 - supported) + // + UINT32 Sp1 : 1; + + // + // Security protocol 2 support (0 - not supported, 1 - supported) + // + UINT32 Sp2 : 1; + + // + // Security protocol IEEE1667 support (0 - not supported, 1 - supported) + // + UINT32 SpIeee1667 : 1; + + // + // Media encryption supported (0 - not supported, 1 - supported) + // + UINT32 MediaEncryption : 1; + + // + // Initial C_PIN_SID PIN Indicator + // 0 - The initial C_PIN_SID PIN value is NOT equal to the C_PIN_MSID PIN value + // 1 - The initial C_PIN_SID PIN value is equal to the C_PIN_MSID PIN value + // + UINT32 InitCpinIndicator : 1; + + // + // Behavior of C_PIN_SID PIN upon TPer Revert + // 0 - The initial C_PIN_SID PIN value is NOT equal to the C_PIN_MSID PIN value + // 1 - The initial C_PIN_SID PIN value is equal to the C_PIN_MSID PIN value + // + UINT32 CpinUponRevert : 1; + + // + // Media encryption supported (0 - not supported, 1 - supported) + // + UINT32 BlockSid : 1; + + // + // Pyrite SSC V2 support (0 - not supported, 1 - supported) + // + UINT32 PyriteSscV2 : 1; + + // + // Supported Data Removal Mechanism support (0 - not supported, 1 - supported) + // + UINT32 DataRemoval : 1; +} OPAL_DISK_SUPPORT_ATTRIBUTE; + +// +// Opal device ownership type +// The type indicates who was the determined owner of the device. +// +typedef enum { + // + // Represents the device ownership is unknown because starting a session as the SID authority with the ADMIN SP + //was unsuccessful with the provided PIN + // + OpalOwnershipUnknown, + + // + // Represents that the ADMIN SP SID authority contains the same PIN as the MSID PIN + // + OpalOwnershipNobody, +} OPAL_OWNER_SHIP; + +// +// Structure that is used to represent an Opal session. +// The structure must be initialized by calling OpalStartSession before being used as a parameter +// for any other Opal function. +// This structure should NOT be directly modified by the client of this library. +// +// +typedef struct { + UINT32 HostSessionId; + UINT32 TperSessionId; + UINT16 ComIdExtension; + + UINT16 OpalBaseComId; + + EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp; + UINT32 MediaId; +} OPAL_SESSION; +#pragma pack() + +/** + + The function fills in the provided Buffer with the supported protocol list + of the device specified. + + @param[in] Session OPAL_SESSION data. + @param[in] BufferSize Size of Buffer provided (in bytes) + @param[in] BuffAddress Buffer address to fill with security protocol list + +**/ +TCG_RESULT +EFIAPI +OpalRetrieveSupportedProtocolList( + OPAL_SESSION *Session, + UINTN BufferSize, + VOID *BuffAddress + ); + +/** + + The function fills in the provided Buffer with the level 0 discovery Header + of the device specified. + + @param[in] Session OPAL_SESSION data. + @param[in] BufferSize Size of Buffer provided (in bytes) + @param[in] BuffAddress Buffer address to fill with Level 0 Discovery response + +**/ +TCG_RESULT +EFIAPI +OpalRetrieveLevel0DiscoveryHeader( + OPAL_SESSION *Session, + UINTN BufferSize, + VOID *BuffAddress + ); + +/** + Starts a session with a security provider (SP). + + If a session is started successfully, the caller must end the session with OpalEndSession when finished + performing Opal actions. + + @param[in/out] Session OPAL_SESSION to initialize. + @param[in] SpId Security provider ID to start the session with. + @param[in] Write Whether the session should be read-only (FALSE) or read/write (TRUE). + @param[in] HostChallengeLength Length of the host challenge. Length should be 0 if hostChallenge is NULL + @param[in] HostChallenge Host challenge for Host Signing Authority. If NULL, then no Host Challenge will be sent. + @param[in] HostSigningAuthority Host Signing Authority used for start session. If NULL, then no Host Signing Authority will be sent. + @param[in/out] MethodStatus Status of the StartSession method; only valid if TcgResultSuccess is returned. + + @return TcgResultSuccess indicates that the function completed without any internal errors. + The caller must inspect the MethodStatus field to determine whether the method completed successfully. + +**/ +TCG_RESULT +EFIAPI +OpalStartSession( + OPAL_SESSION *Session, + TCG_UID SpId, + BOOLEAN Write, + UINT32 HostChallengeLength, + const VOID *HostChallenge, + TCG_UID HostSigningAuthority, + UINT8 *MethodStatus + ); + +/** + Close a session opened with OpalStartSession. + + @param[in/out] Session OPAL_SESSION to end. + +**/ +TCG_RESULT +EFIAPI +OpalEndSession( + OPAL_SESSION *Session + ); + +/** + + Reverts device using Admin SP Revert method. + + @param[in] AdminSpSession OPAL_SESSION with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY to perform PSID revert. + +**/ +TCG_RESULT +EFIAPI +OpalPsidRevert( + OPAL_SESSION *AdminSpSession + ); + + +/** + + The function retrieves the MSID from the device specified + + @param[in] AdminSpSession OPAL_SESSION with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY to perform PSID revert. + @param[in] MsidBufferSize Allocated buffer size (in bytes) for MSID allocated by caller + @param[in] Msid Variable length byte sequence representing MSID of device + @param[in] MsidLength Actual length of MSID retrieved from device + +**/ +TCG_RESULT +EFIAPI +OpalGetMsid( + OPAL_SESSION *AdminSpSession, + UINT32 MsidBufferSize, + UINT8 *Msid, + UINT32 *MsidLength + ); + +/** + + The function activates the Locking SP. + Once activated, per Opal spec, the ADMIN SP SID PIN is copied over to the ADMIN1 LOCKING SP PIN. + If the Locking SP is already enabled, then TcgResultSuccess is returned and no action occurs. + + @param[in] AdminSpSession OPAL_SESSION with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY to activate Locking SP + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalActivateLockingSp( + OPAL_SESSION *AdminSpSession, + UINT8 *MethodStatus + ); + + +/** + + The function sets the PIN column of the specified cpinRowUid (authority) with the newPin value. + + @param[in/out] Session OPAL_SESSION to set password + @param[in] CpinRowUid UID of row (authority) to update PIN column + @param[in] NewPin New Pin to set for cpinRowUid specified + @param[in] NewPinLength Length in bytes of newPin + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalSetPassword( + OPAL_SESSION *Session, + TCG_UID CpinRowUid, + const VOID *NewPin, + UINT32 NewPinLength, + UINT8 *MethodStatus + ); + +/** + + The function retrieves the active key of the global locking range + and calls the GenKey method on the active key retrieved. + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP to generate key + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalGlobalLockingRangeGenKey( + OPAL_SESSION *LockingSpSession, + UINT8 *MethodStatus + ); + + +/** + + The function updates the ReadLocked and WriteLocked columns of the Global Locking Range. + This function is required for a user1 authority, since a user1 authority shall only have access to ReadLocked and WriteLocked columns + (not ReadLockEnabled and WriteLockEnabled columns). + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP to generate key + @param[in] ReadLocked Value to set ReadLocked column for Global Locking Range + @param[in] WriteLocked Value to set WriteLocked column for Global Locking Range + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalUpdateGlobalLockingRange( + OPAL_SESSION *LockingSpSession, + BOOLEAN ReadLocked, + BOOLEAN WriteLocked, + UINT8 *MethodStatus + ); + + +/** + + The function updates the RangeStart, RangeLength, ReadLockedEnabled, WriteLockedEnabled, ReadLocked and WriteLocked columns + of the specified Locking Range. This function requires admin authority of a locking SP session. + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP to generate key + @param[in] LockingRangeUid Locking range UID to set values + @param[in] RangeStart Value to set RangeStart column for Locking Range + @param[in] RangeLength Value to set RangeLength column for Locking Range + @param[in] ReadLockEnabled Value to set readLockEnabled column for Locking Range + @param[in] WriteLockEnabled Value to set writeLockEnabled column for Locking Range + @param[in] ReadLocked Value to set ReadLocked column for Locking Range + @param[in] WriteLocked Value to set WriteLocked column for Locking Range + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalSetLockingRange( + OPAL_SESSION *LockingSpSession, + TCG_UID LockingRangeUid, + UINT64 RangeStart, + UINT64 RangeLength, + BOOLEAN ReadLockEnabled, + BOOLEAN WriteLockEnabled, + BOOLEAN ReadLocked, + BOOLEAN WriteLocked, + UINT8 *MethodStatus + ); + +/** + + The function sets the Enabled column to TRUE for the authorityUid provided and updates the PIN column for the cpinRowUid provided + using the newPin provided. AuthorityUid and cpinRowUid should describe the same authority. + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY to update + @param[in] CpinRowUid Row UID of C_PIN table of Locking SP to update PIN + @param[in] AuthorityUid UID of Locking SP authority to update Pin column with + @param[in] NewPin New Password used to set Pin column + @param[in] NewPinLength Length in bytes of new password + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalSetLockingSpAuthorityEnabledAndPin( + OPAL_SESSION *LockingSpSession, + TCG_UID CpinRowUid, + TCG_UID AuthorityUid, + const VOID *NewPin, + UINT32 NewPinLength, + UINT8 *MethodStatus + ); + + +/** + + The function sets the Enabled column to FALSE for the USER1 authority. + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY to disable User1 + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalDisableUser( + OPAL_SESSION *LockingSpSession, + UINT8 *MethodStatus + ); + + +/** + + The function calls the Admin SP RevertSP method on the Locking SP. If KeepUserData is True, then the optional parameter + to keep the user data is set to True, otherwise the optional parameter is not provided. + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY to revertSP + @param[in] KeepUserData Specifies whether or not to keep user data when performing RevertSP action. True = keeps user data. + @param[in/out] MethodStatus Method status of last action performed. If action succeeded, it should be TCG_METHOD_STATUS_CODE_SUCCESS. + +**/ +TCG_RESULT +EFIAPI +OpalAdminRevert( + OPAL_SESSION *LockingSpSession, + BOOLEAN KeepUserData, + UINT8 *MethodStatus + ); + + +/** + + The function retrieves the TryLimit column for the specified rowUid (authority). + + @param[in] LockingSpSession OPAL_SESSION with OPAL_UID_LOCKING_SP to retrieve try limit + @param[in] RowUid Row UID of the Locking SP C_PIN table to retrieve TryLimit column + @param[in/out] TryLimit Value from TryLimit column + +**/ +TCG_RESULT +EFIAPI +OpalGetTryLimit( + OPAL_SESSION *LockingSpSession, + TCG_UID RowUid, + UINT32 *TryLimit + ); + + +/** + + The function populates the CreateStruct with a payload that will retrieve the global locking range active key. + It is intended to be called with a session that is already started with a valid credential. + The function does not send the payload. + + @param[in] Session OPAL_SESSION to populate command for, needs comId + @param[in/out] CreateStruct Structure to populate with encoded TCG command + @param[in/out] Size Size in bytes of the command created. + +**/ +TCG_RESULT +EFIAPI +OpalCreateRetrieveGlobalLockingRangeActiveKey( + const OPAL_SESSION *Session, + TCG_CREATE_STRUCT *CreateStruct, + UINT32 *Size + ); + + +/** + + The function acquires the activeKey specified for the Global Locking Range from the parseStruct. + + @param[in] ParseStruct Structure that contains the device's response with the activekey + @param[in/out] ActiveKey The UID of the active key retrieved + +**/ +TCG_RESULT +EFIAPI +OpalParseRetrieveGlobalLockingRangeActiveKey( + TCG_PARSE_STRUCT *ParseStruct, + TCG_UID *ActiveKey + ); + +/** + + Get the support attribute info. + + @param[in] Session OPAL_SESSION with OPAL_UID_LOCKING_SP to retrieve info. + @param[in/out] LockingFeature Return the Locking info. + +**/ +TCG_RESULT +EFIAPI +OpalGetLockingInfo( + OPAL_SESSION *Session, + TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature + ); + +/** + + The function determines whether or not all of the requirements for the Opal Feature (not full specification) + are met by the specified device. + + @param[in] SupportedAttributes Opal device attribute. + +**/ +BOOLEAN +EFIAPI +OpalFeatureSupported( + OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes + ); + +/** + + The function returns whether or not the device is Opal Enabled. + TRUE means that the device is partially or fully locked. + This will perform a Level 0 Discovery and parse the locking feature descriptor + + @param[in] SupportedAttributes Opal device attribute. + @param[in] LockingFeature Opal device locking status. + + +**/ +BOOLEAN +EFIAPI +OpalFeatureEnabled( + OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes, + TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature + ); + +/** + + The function returns whether or not the device is Opal Locked. + TRUE means that the device is partially or fully locked. + This will perform a Level 0 Discovery and parse the locking feature descriptor + + @param[in] SupportedAttributes Opal device attribute. + @param[in] LockingFeature Opal device locking status. + +**/ +BOOLEAN +OpalDeviceLocked( + OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes, + TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature + ); + +/** + Trig the block sid action. + + @param[in] Session OPAL_SESSION to populate command for, needs comId + @param[in] HardwareReset Whether need to do hardware reset. + +**/ +TCG_RESULT +EFIAPI +OpalBlockSid( + OPAL_SESSION *Session, + BOOLEAN HardwareReset + ); + +/** + + Get the support attribute info. + + @param[in] Session OPAL_SESSION with OPAL_UID_LOCKING_SP to retrieve info. + @param[in/out] SupportedAttributes Return the support attribute info. + @param[out] OpalBaseComId Return the base com id info. + +**/ +TCG_RESULT +EFIAPI +OpalGetSupportedAttributesInfo( + OPAL_SESSION *Session, + OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes, + UINT16 *OpalBaseComId + ); + +/** + Creates a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts device using Admin SP Revert method. + + @param[in] AdminSpSession OPAL_SESSION to populate command for, needs comId + @param[in] Psid PSID of device to revert. + @param[in] PsidLength Length of PSID in bytes. + +**/ +TCG_RESULT +EFIAPI +OpalUtilPsidRevert( + OPAL_SESSION *AdminSpSession, + const VOID *Psid, + UINT32 PsidLength + ); + +/** + Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY, + sets the OPAL_UID_ADMIN_SP_C_PIN_SID column with the new password, + and activates the locking SP to copy SID PIN to Admin1 Locking SP PIN. + + @param[in] AdminSpSession OPAL_SESSION to populate command for, needs comId + @param[in] GeneratedSid Generated SID of disk + @param[in] SidLength Length of generatedSid in bytes + @param[in] Password New admin password to set + @param[in] PassLength Length of password in bytes + +**/ +TCG_RESULT +EFIAPI +OpalUtilSetAdminPasswordAsSid( + OPAL_SESSION *AdminSpSession, + const VOID *GeneratedSid, + UINT32 SidLength, + const VOID *Password, + UINT32 PassLength + ); + +/** + + Opens a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY, + and updates the specified locking range with the provided column values. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] Password New admin password to set + @param[in] PassLength Length of password in bytes + @param[in] LockingRangeUid Locking range UID to set values + @param[in] RangeStart Value to set RangeStart column for Locking Range + @param[in] RangeLength Value to set RangeLength column for Locking Range + @param[in] ReadLockEnabled Value to set readLockEnabled column for Locking Range + @param[in] WriteLockEnabled Value to set writeLockEnabled column for Locking Range + @param[in] ReadLocked Value to set ReadLocked column for Locking Range + @param[in] WriteLocked Value to set WriteLocked column for Locking Range + +**/ +TCG_RESULT +EFIAPI +OpalUtilSetOpalLockingRange( + OPAL_SESSION *LockingSpSession, + const VOID *Password, + UINT32 PassLength, + TCG_UID LockingRangeUid, + UINT64 RangeStart, + UINT64 RangeLength, + BOOLEAN ReadLockEnabled, + BOOLEAN WriteLockEnabled, + BOOLEAN ReadLocked, + BOOLEAN WriteLocked + ); + +/** + Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_SID_AUTHORITY, + sets OPAL_UID_ADMIN_SP_C_PIN_SID with the new password, + and sets OPAL_LOCKING_SP_C_PIN_ADMIN1 with the new password. + + @param[in] AdminSpSession OPAL_SESSION to populate command for, needs comId + @param[in] OldPassword Current admin password + @param[in] OldPasswordLength Length of current admin password in bytes + @param[in] NewPassword New admin password to set + @param[in] NewPasswordLength Length of new password in bytes + +**/ +TCG_RESULT +EFIAPI +OpalUtilSetAdminPassword( + OPAL_SESSION *AdminSpSession, + const VOID *OldPassword, + UINT32 OldPasswordLength, + const VOID *NewPassword, + UINT32 NewPasswordLength + ); + +/** + Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY + and sets the User1 SP authority to enabled and sets the User1 password. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] OldPassword Current admin password + @param[in] OldPasswordLength Length of current admin password in bytes + @param[in] NewPassword New admin password to set + @param[in] NewPasswordLength Length of new password in bytes + +**/ +TCG_RESULT +EFIAPI +OpalUtilSetUserPassword( + OPAL_SESSION *LockingSpSession, + const VOID *OldPassword, + UINT32 OldPasswordLength, + const VOID *NewPassword, + UINT32 NewPasswordLength + ); + +/** + Verify whether user input the correct password. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] Password Admin password + @param[in] PasswordLength Length of password in bytes + @param[in/out] HostSigningAuthority Use the Host signing authority type. + +**/ +TCG_RESULT +EFIAPI +OpalUtilVerifyPassword ( + OPAL_SESSION *LockingSpSession, + const VOID *Password, + UINT32 PasswordLength, + TCG_UID HostSigningAuthority + ); + +/** + Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_USER1_AUTHORITY or OPAL_LOCKING_SP_ADMIN1_AUTHORITY + and generates a new global locking range key to erase the Data. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] Password Admin or user password + @param[in] PasswordLength Length of password in bytes + @param[in/out] PasswordFailed indicates if password failed (start session didn't work) + +**/ +TCG_RESULT +EFIAPI +OpalUtilSecureErase( + OPAL_SESSION *LockingSpSession, + const VOID *Password, + UINT32 PasswordLength, + BOOLEAN *PasswordFailed + ); + +/** + Starts a session with OPAL_UID_LOCKING_SP as OPAL_LOCKING_SP_ADMIN1_AUTHORITY and disables the User1 authority. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] Password Admin password + @param[in] PasswordLength Length of password in bytes + @param[in/out] PasswordFailed indicates if password failed (start session didn't work) + +**/ +TCG_RESULT +EFIAPI +OpalUtilDisableUser( + OPAL_SESSION *LockingSpSession, + const VOID *Password, + UINT32 PasswordLength, + BOOLEAN *PasswordFailed + ); + +/** + Opens a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts the device using the RevertSP method. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param[in] KeepUserData TRUE to keep existing Data on the disk, or FALSE to erase it + @param[in] Password Admin password + @param[in] PasswordLength Length of password in bytes + @param[in/out] PasswordFailed indicates if password failed (start session didn't work) + @param[in] Msid Input Msid info. + @param[in] MsidLength Input Msid info length. + +**/ +TCG_RESULT +EFIAPI +OpalUtilRevert( + OPAL_SESSION *LockingSpSession, + BOOLEAN KeepUserData, + const VOID *Password, + UINT32 PasswordLength, + BOOLEAN *PasswordFailed, + UINT8 *Msid, + UINT32 MsidLength + ); + +/** + After revert success, set SID to MSID. + + @param[in] AdminSpSession OPAL_SESSION to populate command for, needs comId + @param Password, Input password info. + @param PasswordLength, Input password length. + @param[in] Msid Input Msid info. + @param[in] MsidLength Input Msid info length. + +**/ +TCG_RESULT +EFIAPI +OpalUtilSetSIDtoMSID ( + OPAL_SESSION *AdminSpSession, + const VOID *Password, + UINT32 PasswordLength, + UINT8 *Msid, + UINT32 MsidLength + ); + +/** + Update global locking range. + + @param[in] LockingSpSession OPAL_SESSION to populate command for, needs comId + @param Password, Input password info. + @param PasswordLength, Input password length. + @param ReadLocked, Read lock info. + @param WriteLocked write lock info. + +**/ +TCG_RESULT +EFIAPI +OpalUtilUpdateGlobalLockingRange( + OPAL_SESSION *LockingSpSession, + const VOID *Password, + UINT32 PasswordLength, + BOOLEAN ReadLocked, + BOOLEAN WriteLocked + ); + +/** + Update global locking range. + + @param Session, The session info for one opal device. + @param Msid, The data buffer to save Msid info. + @param MsidBufferLength, The data buffer length for Msid. + @param MsidLength, The actual data length for Msid. + +**/ +TCG_RESULT +EFIAPI +OpalUtilGetMsid( + OPAL_SESSION *Session, + UINT8 *Msid, + UINT32 MsidBufferLength, + UINT32 *MsidLength + ); + +/** + + The function determines who owns the device by attempting to start a session with different credentials. + If the SID PIN matches the MSID PIN, the no one owns the device. + If the SID PIN matches the ourSidPin, then "Us" owns the device. Otherwise it is unknown. + + + @param[in] Session The session info for one opal device. + @param Msid, The Msid info. + @param MsidLength, The data length for Msid. + +**/ +OPAL_OWNER_SHIP +EFIAPI +OpalUtilDetermineOwnership( + OPAL_SESSION *Session, + UINT8 *Msid, + UINT32 MsidLength + ); + +/** + + The function returns if admin password exists. + + @param[in] OwnerShip The owner ship of the opal device. + @param[in] LockingFeature The locking info of the opal device. + + @retval TRUE Admin password existed. + @retval FALSE Admin password not existed. + +**/ +BOOLEAN +EFIAPI +OpalUtilAdminPasswordExists( + IN UINT16 OwnerShip, + IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature + ); + +/** + Get Active Data Removal Mechanism Value. + + @param[in] Session, The session info for one opal device. + @param[in] GeneratedSid Generated SID of disk + @param[in] SidLength Length of generatedSid in bytes + @param[out] ActiveDataRemovalMechanism Return the active data removal mechanism. + +**/ +TCG_RESULT +EFIAPI +OpalUtilGetActiveDataRemovalMechanism ( + OPAL_SESSION *Session, + const VOID *GeneratedSid, + UINT32 SidLength, + UINT8 *ActiveDataRemovalMechanism + ); + +/** + Get the supported Data Removal Mechanism list. + + @param[in] Session, The session info for one opal device. + @param[out] RemovalMechanismLists Return the supported data removal mechanism lists. + +**/ +TCG_RESULT +EFIAPI +OpalUtilGetDataRemovalMechanismLists ( + IN OPAL_SESSION *Session, + OUT UINT32 *RemovalMechanismLists + ); + +#endif // _OPAL_CORE_H_ diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12CommandLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12CommandLib.h new file mode 100644 index 00000000..8dc5002a --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12CommandLib.h @@ -0,0 +1,219 @@ +/** @file + This library is used by other modules to send TPM12 command. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM12_COMMAND_LIB_H_ +#define _TPM12_COMMAND_LIB_H_ + +#include <IndustryStandard/Tpm12.h> + +/** + Send Startup command to TPM1.2. + + @param TpmSt Startup Type. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12Startup ( + IN TPM_STARTUP_TYPE TpmSt + ); + +/** + Send SaveState command to TPM1.2. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12SaveState ( + VOID + ); + +/** + Send ForceClear command to TPM1.2. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12ForceClear ( + VOID + ); + +#pragma pack(1) + +typedef struct { + UINT16 sizeOfSelect; + UINT8 pcrSelect[3]; +} TPM12_PCR_SELECTION; + +typedef struct { + TPM12_PCR_SELECTION pcrSelection; + TPM_LOCALITY_SELECTION localityAtRelease; + TPM_COMPOSITE_HASH digestAtRelease; +} TPM12_PCR_INFO_SHORT; + +typedef struct { + TPM_STRUCTURE_TAG tag; + TPM_NV_INDEX nvIndex; + TPM12_PCR_INFO_SHORT pcrInfoRead; + TPM12_PCR_INFO_SHORT pcrInfoWrite; + TPM_NV_ATTRIBUTES permission; + BOOLEAN bReadSTClear; + BOOLEAN bWriteSTClear; + BOOLEAN bWriteDefine; + UINT32 dataSize; +} TPM12_NV_DATA_PUBLIC; + +#pragma pack() + +/** + Send NV DefineSpace command to TPM1.2. + + @param PubInfo The public parameters of the NV area. + @param EncAuth The encrypted AuthData, only valid if the attributes require subsequent authorization. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12NvDefineSpace ( + IN TPM12_NV_DATA_PUBLIC *PubInfo, + IN TPM_ENCAUTH *EncAuth + ); + +/** + Send NV ReadValue command to TPM1.2. + + @param NvIndex The index of the area to set. + @param Offset The offset into the area. + @param DataSize The size of the data area. + @param Data The data to set the area to. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12NvReadValue ( + IN TPM_NV_INDEX NvIndex, + IN UINT32 Offset, + IN OUT UINT32 *DataSize, + OUT UINT8 *Data + ); + +/** + Send NV WriteValue command to TPM1.2. + + @param NvIndex The index of the area to set. + @param Offset The offset into the NV Area. + @param DataSize The size of the data parameter. + @param Data The data to set the area to. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12NvWriteValue ( + IN TPM_NV_INDEX NvIndex, + IN UINT32 Offset, + IN UINT32 DataSize, + IN UINT8 *Data + ); + +/** +Extend a TPM PCR. + +@param[in] DigestToExtend The 160 bit value representing the event to be recorded. +@param[in] PcrIndex The PCR to be updated. +@param[out] NewPcrValue New PCR value after extend. + +@retval EFI_SUCCESS Operation completed successfully. +@retval EFI_TIMEOUT The register can't run into the expected status in time. +@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. +@retval EFI_DEVICE_ERROR Unexpected device behavior. + +**/ +EFI_STATUS +EFIAPI +Tpm12Extend ( + IN TPM_DIGEST *DigestToExtend, + IN TPM_PCRINDEX PcrIndex, + OUT TPM_DIGEST *NewPcrValue + ); + +/** +Send TSC_PhysicalPresence command to TPM. + +@param[in] PhysicalPresence The state to set the TPMs Physical Presence flags. + +@retval EFI_SUCCESS Operation completed successfully. +@retval EFI_TIMEOUT The register can't run into the expected status in time. +@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. +@retval EFI_DEVICE_ERROR Unexpected device behavior. + +**/ +EFI_STATUS +EFIAPI +Tpm12PhysicalPresence ( + IN TPM_PHYSICAL_PRESENCE PhysicalPresence + ); + +/** +Send TPM_ContinueSelfTest command to TPM. + +@retval EFI_SUCCESS Operation completed successfully. +@retval EFI_TIMEOUT The register can't run into the expected status in time. +@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. +@retval EFI_DEVICE_ERROR Unexpected device behavior. + +**/ +EFI_STATUS +EFIAPI +Tpm12ContinueSelfTest ( + VOID + ); + +/** +Get TPM capability permanent flags. + +@param[out] TpmPermanentFlags Pointer to the buffer for returned flag structure. + +@retval EFI_SUCCESS Operation completed successfully. +@retval EFI_TIMEOUT The register can't run into the expected status in time. +@retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. +@retval EFI_DEVICE_ERROR Unexpected device behavior. + +**/ +EFI_STATUS +EFIAPI +Tpm12GetCapabilityFlagPermanent ( + OUT TPM_PERMANENT_FLAGS *TpmPermanentFlags + ); + +/** +Get TPM capability volatile flags. + +@param[out] VolatileFlags Pointer to the buffer for returned flag structure. + +@retval EFI_SUCCESS Operation completed successfully. +@retval EFI_DEVICE_ERROR The command was unsuccessful. + +**/ +EFI_STATUS +EFIAPI +Tpm12GetCapabilityFlagVolatile ( + OUT TPM_STCLEAR_FLAGS *VolatileFlags + ); +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12DeviceLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12DeviceLib.h new file mode 100644 index 00000000..e9de93e1 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm12DeviceLib.h @@ -0,0 +1,48 @@ +/** @file + This library abstract how to access TPM12 hardware device. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM12_DEVICE_LIB_H_ +#define _TPM12_DEVICE_LIB_H_ + +#include <IndustryStandard/Tpm12.h> + +/** + This service enables the sending of commands to the TPM12. + + @param[in] InputParameterBlockSize Size of the TPM12 input parameter block. + @param[in] InputParameterBlock Pointer to the TPM12 input parameter block. + @param[in,out] OutputParameterBlockSize Size of the TPM12 output parameter block. + @param[in] OutputParameterBlock Pointer to the TPM12 output parameter block. + + @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received. + @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device. + @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. +**/ +EFI_STATUS +EFIAPI +Tpm12SubmitCommand ( + IN UINT32 InputParameterBlockSize, + IN UINT8 *InputParameterBlock, + IN OUT UINT32 *OutputParameterBlockSize, + IN UINT8 *OutputParameterBlock + ); + +/** + This service requests use TPM12. + + @retval EFI_SUCCESS Get the control of TPM12 chip. + @retval EFI_NOT_FOUND TPM12 not found. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm12RequestUseTpm ( + VOID + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2CommandLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2CommandLib.h new file mode 100644 index 00000000..cccf3a68 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2CommandLib.h @@ -0,0 +1,1116 @@ +/** @file + This library is used by other modules to send TPM2 command. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM2_COMMAND_LIB_H_ +#define _TPM2_COMMAND_LIB_H_ + +#include <IndustryStandard/Tpm20.h> + +/** + This command starts a hash or an Event sequence. + If hashAlg is an implemented hash, then a hash sequence is started. + If hashAlg is TPM_ALG_NULL, then an Event sequence is started. + + @param[in] HashAlg The hash algorithm to use for the hash sequence + An Event sequence starts if this is TPM_ALG_NULL. + @param[out] SequenceHandle A handle to reference the sequence + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2HashSequenceStart ( + IN TPMI_ALG_HASH HashAlg, + OUT TPMI_DH_OBJECT *SequenceHandle + ); + +/** + This command is used to add data to a hash or HMAC sequence. + The amount of data in buffer may be any size up to the limits of the TPM. + NOTE: In all TPM, a buffer size of 1,024 octets is allowed. + + @param[in] SequenceHandle Handle for the sequence object + @param[in] Buffer Data to be added to hash + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2SequenceUpdate ( + IN TPMI_DH_OBJECT SequenceHandle, + IN TPM2B_MAX_BUFFER *Buffer + ); + +/** + This command adds the last part of data, if any, to an Event sequence and returns the result in a digest list. + If pcrHandle references a PCR and not TPM_RH_NULL, then the returned digest list is processed in + the same manner as the digest list input parameter to TPM2_PCR_Extend() with the pcrHandle in each + bank extended with the associated digest value. + + @param[in] PcrHandle PCR to be extended with the Event data + @param[in] SequenceHandle Authorization for the sequence + @param[in] Buffer Data to be added to the Event + @param[out] Results List of digests computed for the PCR + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2EventSequenceComplete ( + IN TPMI_DH_PCR PcrHandle, + IN TPMI_DH_OBJECT SequenceHandle, + IN TPM2B_MAX_BUFFER *Buffer, + OUT TPML_DIGEST_VALUES *Results + ); + +/** + This command adds the last part of data, if any, to a hash/HMAC sequence and returns the result. + + @param[in] SequenceHandle Authorization for the sequence + @param[in] Buffer Data to be added to the hash/HMAC + @param[out] Result The returned HMAC or digest in a sized buffer + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2SequenceComplete ( + IN TPMI_DH_OBJECT SequenceHandle, + IN TPM2B_MAX_BUFFER *Buffer, + OUT TPM2B_DIGEST *Result + ); + +/** + Send Startup command to TPM2. + + @param[in] StartupType TPM_SU_CLEAR or TPM_SU_STATE + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2Startup ( + IN TPM_SU StartupType + ); + +/** + Send Shutdown command to TPM2. + + @param[in] ShutdownType TPM_SU_CLEAR or TPM_SU_STATE. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2Shutdown ( + IN TPM_SU ShutdownType + ); + +/** + This command causes the TPM to perform a test of its capabilities. + If the fullTest is YES, the TPM will test all functions. + If fullTest = NO, the TPM will only test those functions that have not previously been tested. + + @param[in] FullTest YES if full test to be performed + NO if only test of untested functions required + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2SelfTest ( + IN TPMI_YES_NO FullTest + ); + +/** + This command allows setting of the authorization policy for the platform hierarchy (platformPolicy), the + storage hierarchy (ownerPolicy), and and the endorsement hierarchy (endorsementPolicy). + + @param[in] AuthHandle TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} parameters to be validated + @param[in] AuthSession Auth Session context + @param[in] AuthPolicy An authorization policy hash + @param[in] HashAlg The hash algorithm to use for the policy + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2SetPrimaryPolicy ( + IN TPMI_RH_HIERARCHY_AUTH AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN TPM2B_DIGEST *AuthPolicy, + IN TPMI_ALG_HASH HashAlg + ); + +/** + This command removes all TPM context associated with a specific Owner. + + @param[in] AuthHandle TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2Clear ( + IN TPMI_RH_CLEAR AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL + ); + +/** + Disables and enables the execution of TPM2_Clear(). + + @param[in] AuthHandle TPM_RH_LOCKOUT or TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + @param[in] Disable YES if the disableOwnerClear flag is to be SET, + NO if the flag is to be CLEAR. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2ClearControl ( + IN TPMI_RH_CLEAR AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL + IN TPMI_YES_NO Disable + ); + +/** + This command allows the authorization secret for a hierarchy or lockout to be changed using the current + authorization value as the command authorization. + + @param[in] AuthHandle TPM_RH_LOCKOUT, TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + @param[in] NewAuth New authorization secret + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2HierarchyChangeAuth ( + IN TPMI_RH_HIERARCHY_AUTH AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN TPM2B_AUTH *NewAuth + ); + +/** + This replaces the current EPS with a value from the RNG and sets the Endorsement hierarchy controls to + their default initialization values. + + @param[in] AuthHandle TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2ChangeEPS ( + IN TPMI_RH_PLATFORM AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession + ); + +/** + This replaces the current PPS with a value from the RNG and sets platformPolicy to the default + initialization value (the Empty Buffer). + + @param[in] AuthHandle TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2ChangePPS ( + IN TPMI_RH_PLATFORM AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession + ); + +/** + This command enables and disables use of a hierarchy. + + @param[in] AuthHandle TPM_RH_ENDORSEMENT, TPM_RH_OWNER or TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + @param[in] Hierarchy Hierarchy of the enable being modified + @param[in] State YES if the enable should be SET, + NO if the enable should be CLEAR + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2HierarchyControl ( + IN TPMI_RH_HIERARCHY AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN TPMI_RH_HIERARCHY Hierarchy, + IN TPMI_YES_NO State + ); + +/** + This command cancels the effect of a TPM lockout due to a number of successive authorization failures. + If this command is properly authorized, the lockout counter is set to zero. + + @param[in] LockHandle LockHandle + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2DictionaryAttackLockReset ( + IN TPMI_RH_LOCKOUT LockHandle, + IN TPMS_AUTH_COMMAND *AuthSession + ); + +/** + This command cancels the effect of a TPM lockout due to a number of successive authorization failures. + If this command is properly authorized, the lockout counter is set to zero. + + @param[in] LockHandle LockHandle + @param[in] AuthSession Auth Session context + @param[in] NewMaxTries Count of authorization failures before the lockout is imposed + @param[in] NewRecoveryTime Time in seconds before the authorization failure count is automatically decremented + @param[in] LockoutRecovery Time in seconds after a lockoutAuth failure before use of lockoutAuth is allowed + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2DictionaryAttackParameters ( + IN TPMI_RH_LOCKOUT LockHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN UINT32 NewMaxTries, + IN UINT32 NewRecoveryTime, + IN UINT32 LockoutRecovery + ); + +/** + This command is used to read the public area and Name of an NV Index. + + @param[in] NvIndex The NV Index. + @param[out] NvPublic The public area of the index. + @param[out] NvName The Name of the nvIndex. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2NvReadPublic ( + IN TPMI_RH_NV_INDEX NvIndex, + OUT TPM2B_NV_PUBLIC *NvPublic, + OUT TPM2B_NAME *NvName + ); + +/** + This command defines the attributes of an NV Index and causes the TPM to + reserve space to hold the data associated with the index. + If a definition already exists at the index, the TPM will return TPM_RC_NV_DEFINED. + + @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}. + @param[in] AuthSession Auth Session context + @param[in] Auth The authorization data. + @param[in] NvPublic The public area of the index. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_ALREADY_STARTED The command was returned successfully, but NvIndex is already defined. +**/ +EFI_STATUS +EFIAPI +Tpm2NvDefineSpace ( + IN TPMI_RH_PROVISION AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL + IN TPM2B_AUTH *Auth, + IN TPM2B_NV_PUBLIC *NvPublic + ); + +/** + This command removes an index from the TPM. + + @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}. + @param[in] NvIndex The NV Index. + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvUndefineSpace ( + IN TPMI_RH_PROVISION AuthHandle, + IN TPMI_RH_NV_INDEX NvIndex, + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL + ); + +/** + This command reads a value from an area in NV memory previously defined by TPM2_NV_DefineSpace(). + + @param[in] AuthHandle the handle indicating the source of the authorization value. + @param[in] NvIndex The index to be read. + @param[in] AuthSession Auth Session context + @param[in] Size Number of bytes to read. + @param[in] Offset Byte offset into the area. + @param[in,out] OutData The data read. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvRead ( + IN TPMI_RH_NV_AUTH AuthHandle, + IN TPMI_RH_NV_INDEX NvIndex, + IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL + IN UINT16 Size, + IN UINT16 Offset, + IN OUT TPM2B_MAX_BUFFER *OutData + ); + +/** + This command writes a value to an area in NV memory that was previously defined by TPM2_NV_DefineSpace(). + + @param[in] AuthHandle the handle indicating the source of the authorization value. + @param[in] NvIndex The NV Index of the area to write. + @param[in] AuthSession Auth Session context + @param[in] InData The data to write. + @param[in] Offset The offset into the NV Area. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvWrite ( + IN TPMI_RH_NV_AUTH AuthHandle, + IN TPMI_RH_NV_INDEX NvIndex, + IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL + IN TPM2B_MAX_BUFFER *InData, + IN UINT16 Offset + ); + +/** + This command may be used to prevent further reads of the Index until the next TPM2_Startup (TPM_SU_CLEAR). + + @param[in] AuthHandle the handle indicating the source of the authorization value. + @param[in] NvIndex The NV Index of the area to lock. + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvReadLock ( + IN TPMI_RH_NV_AUTH AuthHandle, + IN TPMI_RH_NV_INDEX NvIndex, + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL + ); + +/** + This command may be used to inhibit further writes of the Index. + + @param[in] AuthHandle the handle indicating the source of the authorization value. + @param[in] NvIndex The NV Index of the area to lock. + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvWriteLock ( + IN TPMI_RH_NV_AUTH AuthHandle, + IN TPMI_RH_NV_INDEX NvIndex, + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL + ); + +/** + The command will SET TPMA_NV_WRITELOCKED for all indexes that have their TPMA_NV_GLOBALLOCK attribute SET. + + @param[in] AuthHandle TPM_RH_OWNER or TPM_RH_PLATFORM+{PP}. + @param[in] AuthSession Auth Session context + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. + @retval EFI_NOT_FOUND The command was returned successfully, but NvIndex is not found. +**/ +EFI_STATUS +EFIAPI +Tpm2NvGlobalWriteLock ( + IN TPMI_RH_PROVISION AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL + ); + +/** + This command is used to cause an update to the indicated PCR. + The digests parameter contains one or more tagged digest value identified by an algorithm ID. + For each digest, the PCR associated with pcrHandle is Extended into the bank identified by the tag (hashAlg). + + @param[in] PcrHandle Handle of the PCR + @param[in] Digests List of tagged digest values to be extended + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrExtend ( + IN TPMI_DH_PCR PcrHandle, + IN TPML_DIGEST_VALUES *Digests + ); + +/** + This command is used to cause an update to the indicated PCR. + The data in eventData is hashed using the hash algorithm associated with each bank in which the + indicated PCR has been allocated. After the data is hashed, the digests list is returned. If the pcrHandle + references an implemented PCR and not TPM_ALG_NULL, digests list is processed as in + TPM2_PCR_Extend(). + A TPM shall support an Event.size of zero through 1,024 inclusive. + + @param[in] PcrHandle Handle of the PCR + @param[in] EventData Event data in sized buffer + @param[out] Digests List of digest + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrEvent ( + IN TPMI_DH_PCR PcrHandle, + IN TPM2B_EVENT *EventData, + OUT TPML_DIGEST_VALUES *Digests + ); + +/** + This command returns the values of all PCR specified in pcrSelect. + + @param[in] PcrSelectionIn The selection of PCR to read. + @param[out] PcrUpdateCounter The current value of the PCR update counter. + @param[out] PcrSelectionOut The PCR in the returned list. + @param[out] PcrValues The contents of the PCR indicated in pcrSelect. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrRead ( + IN TPML_PCR_SELECTION *PcrSelectionIn, + OUT UINT32 *PcrUpdateCounter, + OUT TPML_PCR_SELECTION *PcrSelectionOut, + OUT TPML_DIGEST *PcrValues + ); + +/** + This command is used to set the desired PCR allocation of PCR and algorithms. + + @param[in] AuthHandle TPM_RH_PLATFORM+{PP} + @param[in] AuthSession Auth Session context + @param[in] PcrAllocation The requested allocation + @param[out] AllocationSuccess YES if the allocation succeeded + @param[out] MaxPCR maximum number of PCR that may be in a bank + @param[out] SizeNeeded number of octets required to satisfy the request + @param[out] SizeAvailable Number of octets available. Computed before the allocation + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrAllocate ( + IN TPMI_RH_PLATFORM AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN TPML_PCR_SELECTION *PcrAllocation, + OUT TPMI_YES_NO *AllocationSuccess, + OUT UINT32 *MaxPCR, + OUT UINT32 *SizeNeeded, + OUT UINT32 *SizeAvailable + ); + +/** + Alloc PCR data. + + @param[in] PlatformAuth platform auth value. NULL means no platform auth change. + @param[in] SupportedPCRBanks Supported PCR banks + @param[in] PCRBanks PCR banks + + @retval EFI_SUCCESS Operation completed successfully. +**/ +EFI_STATUS +EFIAPI +Tpm2PcrAllocateBanks ( + IN TPM2B_AUTH *PlatformAuth, OPTIONAL + IN UINT32 SupportedPCRBanks, + IN UINT32 PCRBanks + ); + +/** + This command returns various information regarding the TPM and its current state. + + The capability parameter determines the category of data returned. The property parameter + selects the first value of the selected category to be returned. If there is no property + that corresponds to the value of property, the next higher value is returned, if it exists. + The moreData parameter will have a value of YES if there are more values of the requested + type that were not returned. + If no next capability exists, the TPM will return a zero-length list and moreData will have + a value of NO. + + NOTE: + To simplify this function, leave returned CapabilityData for caller to unpack since there are + many capability categories and only few categories will be used in firmware. It means the caller + need swap the byte order for the fields in CapabilityData. + + @param[in] Capability Group selection; determines the format of the response. + @param[in] Property Further definition of information. + @param[in] PropertyCount Number of properties of the indicated type to return. + @param[out] MoreData Flag to indicate if there are more values of this type. + @param[out] CapabilityData The capability data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapability ( + IN TPM_CAP Capability, + IN UINT32 Property, + IN UINT32 PropertyCount, + OUT TPMI_YES_NO *MoreData, + OUT TPMS_CAPABILITY_DATA *CapabilityData + ); + +/** + This command returns the information of TPM Family. + + This function parse the value got from TPM2_GetCapability and return the Family. + + @param[out] Family The Family of TPM. (a 4-octet character string) + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityFamily ( + OUT CHAR8 *Family + ); + +/** + This command returns the information of TPM manufacture ID. + + This function parse the value got from TPM2_GetCapability and return the TPM manufacture ID. + + @param[out] ManufactureId The manufacture ID of TPM. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityManufactureID ( + OUT UINT32 *ManufactureId + ); + +/** + This command returns the information of TPM FirmwareVersion. + + This function parse the value got from TPM2_GetCapability and return the TPM FirmwareVersion. + + @param[out] FirmwareVersion1 The FirmwareVersion1. + @param[out] FirmwareVersion2 The FirmwareVersion2. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityFirmwareVersion ( + OUT UINT32 *FirmwareVersion1, + OUT UINT32 *FirmwareVersion2 + ); + +/** + This command returns the information of the maximum value for commandSize and responseSize in a command. + + This function parse the value got from TPM2_GetCapability and return the max command size and response size + + @param[out] MaxCommandSize The maximum value for commandSize in a command. + @param[out] MaxResponseSize The maximum value for responseSize in a command. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityMaxCommandResponseSize ( + OUT UINT32 *MaxCommandSize, + OUT UINT32 *MaxResponseSize + ); + +/** + This command returns Returns a list of TPMS_ALG_PROPERTIES. Each entry is an + algorithm ID and a set of properties of the algorithm. + + This function parse the value got from TPM2_GetCapability and return the list. + + @param[out] AlgList List of algorithm. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilitySupportedAlg ( + OUT TPML_ALG_PROPERTY *AlgList + ); + +/** + This command returns the information of TPM LockoutCounter. + + This function parse the value got from TPM2_GetCapability and return the LockoutCounter. + + @param[out] LockoutCounter The LockoutCounter of TPM. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityLockoutCounter ( + OUT UINT32 *LockoutCounter + ); + +/** + This command returns the information of TPM LockoutInterval. + + This function parse the value got from TPM2_GetCapability and return the LockoutInterval. + + @param[out] LockoutInterval The LockoutInterval of TPM. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityLockoutInterval ( + OUT UINT32 *LockoutInterval + ); + +/** + This command returns the information of TPM InputBufferSize. + + This function parse the value got from TPM2_GetCapability and return the InputBufferSize. + + @param[out] InputBufferSize The InputBufferSize of TPM. + the maximum size of a parameter (typically, a TPM2B_MAX_BUFFER) + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityInputBufferSize ( + OUT UINT32 *InputBufferSize + ); + +/** + This command returns the information of TPM PCRs. + + This function parse the value got from TPM2_GetCapability and return the PcrSelection. + + @param[out] Pcrs The Pcr Selection + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityPcrs ( + OUT TPML_PCR_SELECTION *Pcrs + ); + +/** + This function will query the TPM to determine which hashing algorithms + are supported and which PCR banks are currently active. + + @param[out] TpmHashAlgorithmBitmap A bitmask containing the algorithms supported by the TPM. + @param[out] ActivePcrBanks A bitmask containing the PCRs currently allocated. + + @retval EFI_SUCCESS TPM was successfully queried and return values can be trusted. + @retval Others An error occurred, likely in communication with the TPM. + +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilitySupportedAndActivePcrs( + OUT UINT32 *TpmHashAlgorithmBitmap, + OUT UINT32 *ActivePcrBanks + ); + +/** + This command returns the information of TPM AlgorithmSet. + + This function parse the value got from TPM2_GetCapability and return the AlgorithmSet. + + @param[out] AlgorithmSet The AlgorithmSet of TPM. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityAlgorithmSet ( + OUT UINT32 *AlgorithmSet + ); + +/** + This function will query if the command is supported. + + @param[In] Command TPM_CC command starts from TPM_CC_FIRST. + @param[out] IsCmdImpl The command is supported or not. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2GetCapabilityIsCommandImplemented ( + IN TPM_CC Command, + OUT BOOLEAN *IsCmdImpl + ); + +/** + This command is used to check to see if specific combinations of algorithm parameters are supported. + + @param[in] Parameters Algorithm parameters to be validated + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2TestParms ( + IN TPMT_PUBLIC_PARMS *Parameters + ); + +/** + This command allows the platform to change the set of algorithms that are used by the TPM. + The algorithmSet setting is a vendor-dependent value. + + @param[in] AuthHandle TPM_RH_PLATFORM + @param[in] AuthSession Auth Session context + @param[in] AlgorithmSet A TPM vendor-dependent value indicating the + algorithm set selection + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2SetAlgorithmSet ( + IN TPMI_RH_PLATFORM AuthHandle, + IN TPMS_AUTH_COMMAND *AuthSession, + IN UINT32 AlgorithmSet + ); + +/** + This command is used to start an authorization session using alternative methods of + establishing the session key (sessionKey) that is used for authorization and encrypting value. + + @param[in] TpmKey Handle of a loaded decrypt key used to encrypt salt. + @param[in] Bind Entity providing the authValue. + @param[in] NonceCaller Initial nonceCaller, sets nonce size for the session. + @param[in] Salt Value encrypted according to the type of tpmKey. + @param[in] SessionType Indicates the type of the session. + @param[in] Symmetric The algorithm and key size for parameter encryption. + @param[in] AuthHash Hash algorithm to use for the session. + @param[out] SessionHandle Handle for the newly created session. + @param[out] NonceTPM The initial nonce from the TPM, used in the computation of the sessionKey. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2StartAuthSession ( + IN TPMI_DH_OBJECT TpmKey, + IN TPMI_DH_ENTITY Bind, + IN TPM2B_NONCE *NonceCaller, + IN TPM2B_ENCRYPTED_SECRET *Salt, + IN TPM_SE SessionType, + IN TPMT_SYM_DEF *Symmetric, + IN TPMI_ALG_HASH AuthHash, + OUT TPMI_SH_AUTH_SESSION *SessionHandle, + OUT TPM2B_NONCE *NonceTPM + ); + +/** + This command causes all context associated with a loaded object or session to be removed from TPM memory. + + @param[in] FlushHandle The handle of the item to flush. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2FlushContext ( + IN TPMI_DH_CONTEXT FlushHandle + ); + +/** + This command includes a secret-based authorization to a policy. + The caller proves knowledge of the secret value using an authorization + session using the authValue associated with authHandle. + + @param[in] AuthHandle Handle for an entity providing the authorization + @param[in] PolicySession Handle for the policy session being extended. + @param[in] AuthSession Auth Session context + @param[in] NonceTPM The policy nonce for the session. + @param[in] CpHashA Digest of the command parameters to which this authorization is limited. + @param[in] PolicyRef A reference to a policy relating to the authorization. + @param[in] Expiration Time when authorization will expire, measured in seconds from the time that nonceTPM was generated. + @param[out] Timeout Time value used to indicate to the TPM when the ticket expires. + @param[out] PolicyTicket A ticket that includes a value indicating when the authorization expires. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PolicySecret ( + IN TPMI_DH_ENTITY AuthHandle, + IN TPMI_SH_POLICY PolicySession, + IN TPMS_AUTH_COMMAND *AuthSession, OPTIONAL + IN TPM2B_NONCE *NonceTPM, + IN TPM2B_DIGEST *CpHashA, + IN TPM2B_NONCE *PolicyRef, + IN INT32 Expiration, + OUT TPM2B_TIMEOUT *Timeout, + OUT TPMT_TK_AUTH *PolicyTicket + ); + +/** + This command allows options in authorizations without requiring that the TPM evaluate all of the options. + If a policy may be satisfied by different sets of conditions, the TPM need only evaluate one set that + satisfies the policy. This command will indicate that one of the required sets of conditions has been + satisfied. + + @param[in] PolicySession Handle for the policy session being extended. + @param[in] HashList the list of hashes to check for a match. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PolicyOR ( + IN TPMI_SH_POLICY PolicySession, + IN TPML_DIGEST *HashList + ); + +/** + This command indicates that the authorization will be limited to a specific command code. + + @param[in] PolicySession Handle for the policy session being extended. + @param[in] Code The allowed commandCode. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PolicyCommandCode ( + IN TPMI_SH_POLICY PolicySession, + IN TPM_CC Code + ); + +/** + This command returns the current policyDigest of the session. This command allows the TPM + to be used to perform the actions required to precompute the authPolicy for an object. + + @param[in] PolicySession Handle for the policy session. + @param[out] PolicyHash the current value of the policyHash of policySession. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR The command was unsuccessful. +**/ +EFI_STATUS +EFIAPI +Tpm2PolicyGetDigest ( + IN TPMI_SH_POLICY PolicySession, + OUT TPM2B_DIGEST *PolicyHash + ); + +/** + This command allows access to the public area of a loaded object. + + @param[in] ObjectHandle TPM handle of an object + @param[out] OutPublic Structure containing the public area of an object + @param[out] Name Name of the object + @param[out] QualifiedName The Qualified Name of the object + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2ReadPublic ( + IN TPMI_DH_OBJECT ObjectHandle, + OUT TPM2B_PUBLIC *OutPublic, + OUT TPM2B_NAME *Name, + OUT TPM2B_NAME *QualifiedName + ); + +// +// Help function +// + +/** + Copy AuthSessionIn to TPM2 command buffer. + + @param [in] AuthSessionIn Input AuthSession data + @param [out] AuthSessionOut Output AuthSession data in TPM2 command buffer + + @return AuthSession size +**/ +UINT32 +EFIAPI +CopyAuthSessionCommand ( + IN TPMS_AUTH_COMMAND *AuthSessionIn, OPTIONAL + OUT UINT8 *AuthSessionOut + ); + +/** + Copy AuthSessionIn from TPM2 response buffer. + + @param [in] AuthSessionIn Input AuthSession data in TPM2 response buffer + @param [out] AuthSessionOut Output AuthSession data + + @return AuthSession size +**/ +UINT32 +EFIAPI +CopyAuthSessionResponse ( + IN UINT8 *AuthSessionIn, + OUT TPMS_AUTH_RESPONSE *AuthSessionOut OPTIONAL + ); + +/** + Return size of digest. + + @param[in] HashAlgo Hash algorithm + + @return size of digest +**/ +UINT16 +EFIAPI +GetHashSizeFromAlgo ( + IN TPMI_ALG_HASH HashAlgo + ); + +/** + Get hash mask from algorithm. + + @param[in] HashAlgo Hash algorithm + + @return Hash mask +**/ +UINT32 +EFIAPI +GetHashMaskFromAlgo ( + IN TPMI_ALG_HASH HashAlgo + ); + +/** + Return if hash alg is supported in HashAlgorithmMask. + + @param HashAlg Hash algorithm to be checked. + @param HashAlgorithmMask Bitfield of allowed hash algorithms. + + @retval TRUE Hash algorithm is supported. + @retval FALSE Hash algorithm is not supported. +**/ +BOOLEAN +EFIAPI +IsHashAlgSupportedInHashAlgorithmMask( + IN TPMI_ALG_HASH HashAlg, + IN UINT32 HashAlgorithmMask + ); + +/** + Copy TPML_DIGEST_VALUES into a buffer + + @param[in,out] Buffer Buffer to hold copied TPML_DIGEST_VALUES compact binary. + @param[in] DigestList TPML_DIGEST_VALUES to be copied. + @param[in] HashAlgorithmMask HASH bits corresponding to the desired digests to copy. + + @return The end of buffer to hold TPML_DIGEST_VALUES. +**/ +VOID * +EFIAPI +CopyDigestListToBuffer( + IN OUT VOID *Buffer, + IN TPML_DIGEST_VALUES *DigestList, + IN UINT32 HashAlgorithmMask + ); + +/** + Get TPML_DIGEST_VALUES data size. + + @param[in] DigestList TPML_DIGEST_VALUES data. + + @return TPML_DIGEST_VALUES data size. +**/ +UINT32 +EFIAPI +GetDigestListSize( + IN TPML_DIGEST_VALUES *DigestList + ); + +/** + This function get digest from digest list. + + @param[in] HashAlg Digest algorithm + @param[in] DigestList Digest list + @param[out] Digest Digest + + @retval EFI_SUCCESS Digest is found and returned. + @retval EFI_NOT_FOUND Digest is not found. +**/ +EFI_STATUS +EFIAPI +GetDigestFromDigestList( + IN TPMI_ALG_HASH HashAlg, + IN TPML_DIGEST_VALUES *DigestList, + OUT VOID *Digest + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2DeviceLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2DeviceLib.h new file mode 100644 index 00000000..ccf0ada6 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/Tpm2DeviceLib.h @@ -0,0 +1,113 @@ +/** @file + This library abstract how to access TPM2 hardware device. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved. <BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM2_DEVICE_LIB_H_ +#define _TPM2_DEVICE_LIB_H_ + +#include <Uefi.h> + +// +// Used in PcdActiveTpmInterfaceType to identify TPM interface type +// +typedef enum { + Tpm2PtpInterfaceTis, + Tpm2PtpInterfaceFifo, + Tpm2PtpInterfaceCrb, + Tpm2PtpInterfaceMax, +} TPM2_PTP_INTERFACE_TYPE; + +/** + This service enables the sending of commands to the TPM2. + + @param[in] InputParameterBlockSize Size of the TPM2 input parameter block. + @param[in] InputParameterBlock Pointer to the TPM2 input parameter block. + @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block. + @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block. + + @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received. + @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device. + @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. +**/ +EFI_STATUS +EFIAPI +Tpm2SubmitCommand ( + IN UINT32 InputParameterBlockSize, + IN UINT8 *InputParameterBlock, + IN OUT UINT32 *OutputParameterBlockSize, + IN UINT8 *OutputParameterBlock + ); + +/** + This service requests use TPM2. + + @retval EFI_SUCCESS Get the control of TPM2 chip. + @retval EFI_NOT_FOUND TPM2 not found. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +EFI_STATUS +EFIAPI +Tpm2RequestUseTpm ( + VOID + ); + +/** + This service enables the sending of commands to the TPM2. + + @param[in] InputParameterBlockSize Size of the TPM2 input parameter block. + @param[in] InputParameterBlock Pointer to the TPM2 input parameter block. + @param[in,out] OutputParameterBlockSize Size of the TPM2 output parameter block. + @param[in] OutputParameterBlock Pointer to the TPM2 output parameter block. + + @retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received. + @retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device. + @retval EFI_BUFFER_TOO_SMALL The output parameter block is too small. +**/ +typedef +EFI_STATUS +(EFIAPI *TPM2_SUBMIT_COMMAND) ( + IN UINT32 InputParameterBlockSize, + IN UINT8 *InputParameterBlock, + IN OUT UINT32 *OutputParameterBlockSize, + IN UINT8 *OutputParameterBlock + ); + +/** + This service requests use TPM2. + + @retval EFI_SUCCESS Get the control of TPM2 chip. + @retval EFI_NOT_FOUND TPM2 not found. + @retval EFI_DEVICE_ERROR Unexpected device behavior. +**/ +typedef +EFI_STATUS +(EFIAPI *TPM2_REQUEST_USE_TPM) ( + VOID + ); + +typedef struct { + EFI_GUID ProviderGuid; + TPM2_SUBMIT_COMMAND Tpm2SubmitCommand; + TPM2_REQUEST_USE_TPM Tpm2RequestUseTpm; +} TPM2_DEVICE_INTERFACE; + +/** + This service register TPM2 device. + + @param Tpm2Device TPM2 device + + @retval EFI_SUCCESS This TPM2 device is registered successfully. + @retval EFI_UNSUPPORTED System does not support register this TPM2 device. + @retval EFI_ALREADY_STARTED System already register this TPM2 device. +**/ +EFI_STATUS +EFIAPI +Tpm2RegisterTpm2DeviceLib ( + IN TPM2_DEVICE_INTERFACE *Tpm2Device + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TpmCommLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TpmCommLib.h new file mode 100644 index 00000000..ba18075f --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/TpmCommLib.h @@ -0,0 +1,281 @@ +/** @file + This library is only intended to be used by TPM modules. + It provides basic TPM Interface Specification (TIS) and Command functions. + +Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TPM_COMM_LIB_H_ +#define _TPM_COMM_LIB_H_ + +#include <IndustryStandard/Tpm12.h> + +typedef EFI_HANDLE TIS_TPM_HANDLE; + +/// +/// TPM register base address. +/// +#define TPM_BASE_ADDRESS 0xfed40000 + +// +// Set structure alignment to 1-byte +// +#pragma pack (1) + +// +// Register set map as specified in TIS specification Chapter 10 +// +typedef struct { + /// + /// Used to gain ownership for this particular port. + /// + UINT8 Access; // 0 + UINT8 Reserved1[7]; // 1 + /// + /// Controls interrupts. + /// + UINT32 IntEnable; // 8 + /// + /// SIRQ vector to be used by the TPM. + /// + UINT8 IntVector; // 0ch + UINT8 Reserved2[3]; // 0dh + /// + /// What caused interrupt. + /// + UINT32 IntSts; // 10h + /// + /// Shows which interrupts are supported by that particular TPM. + /// + UINT32 IntfCapability; // 14h + /// + /// Status Register. Provides status of the TPM. + /// + UINT8 Status; // 18h + /// + /// Number of consecutive writes that can be done to the TPM. + /// + UINT16 BurstCount; // 19h + UINT8 Reserved3[9]; + /// + /// Read or write FIFO, depending on transaction. + /// + UINT32 DataFifo; // 24 + UINT8 Reserved4[0xed8]; // 28h + /// + /// Vendor ID + /// + UINT16 Vid; // 0f00h + /// + /// Device ID + /// + UINT16 Did; // 0f02h + /// + /// Revision ID + /// + UINT8 Rid; // 0f04h + /// + /// TCG defined configuration registers. + /// + UINT8 TcgDefined[0x7b]; // 0f05h + /// + /// Alias to I/O legacy space. + /// + UINT32 LegacyAddress1; // 0f80h + /// + /// Additional 8 bits for I/O legacy space extension. + /// + UINT32 LegacyAddress1Ex; // 0f84h + /// + /// Alias to second I/O legacy space. + /// + UINT32 LegacyAddress2; // 0f88h + /// + /// Additional 8 bits for second I/O legacy space extension. + /// + UINT32 LegacyAddress2Ex; // 0f8ch + /// + /// Vendor-defined configuration registers. + /// + UINT8 VendorDefined[0x70];// 0f90h +} TIS_PC_REGISTERS; + +// +// Restore original structure alignment +// +#pragma pack () + +// +// Define pointer types used to access TIS registers on PC +// +typedef TIS_PC_REGISTERS *TIS_PC_REGISTERS_PTR; + +// +// TCG Platform Type based on TCG ACPI Specification Version 1.00 +// +#define TCG_PLATFORM_TYPE_CLIENT 0 +#define TCG_PLATFORM_TYPE_SERVER 1 + +// +// Define bits of ACCESS and STATUS registers +// + +/// +/// This bit is a 1 to indicate that the other bits in this register are valid. +/// +#define TIS_PC_VALID BIT7 +/// +/// Indicate that this locality is active. +/// +#define TIS_PC_ACC_ACTIVE BIT5 +/// +/// Set to 1 to indicate that this locality had the TPM taken away while +/// this locality had the TIS_PC_ACC_ACTIVE bit set. +/// +#define TIS_PC_ACC_SEIZED BIT4 +/// +/// Set to 1 to indicate that TPM MUST reset the +/// TIS_PC_ACC_ACTIVE bit and remove ownership for localities less than the +/// locality that is writing this bit. +/// +#define TIS_PC_ACC_SEIZE BIT3 +/// +/// When this bit is 1, another locality is requesting usage of the TPM. +/// +#define TIS_PC_ACC_PENDIND BIT2 +/// +/// Set to 1 to indicate that this locality is requesting to use TPM. +/// +#define TIS_PC_ACC_RQUUSE BIT1 +/// +/// A value of 1 indicates that a T/OS has not been established on the platform +/// +#define TIS_PC_ACC_ESTABLISH BIT0 + +/// +/// When this bit is 1, TPM is in the Ready state, +/// indicating it is ready to receive a new command. +/// +#define TIS_PC_STS_READY BIT6 +/// +/// Write a 1 to this bit to cause the TPM to execute that command. +/// +#define TIS_PC_STS_GO BIT5 +/// +/// This bit indicates that the TPM has data available as a response. +/// +#define TIS_PC_STS_DATA BIT4 +/// +/// The TPM sets this bit to a value of 1 when it expects another byte of data for a command. +/// +#define TIS_PC_STS_EXPECT BIT3 +/// +/// Writes a 1 to this bit to force the TPM to re-send the response. +/// +#define TIS_PC_STS_RETRY BIT1 + +// +// Default TimeOut value +// +#define TIS_TIMEOUT_A 750 * 1000 // 750ms +#define TIS_TIMEOUT_B 2000 * 1000 // 2s +#define TIS_TIMEOUT_C 750 * 1000 // 750ms +#define TIS_TIMEOUT_D 750 * 1000 // 750ms + +// +// Max TPM command/response length +// +#define TPMCMDBUFLENGTH 1024 + +/** + Check whether the value of a TPM chip register satisfies the input BIT setting. + + @param[in] Register Address port of register to be checked. + @param[in] BitSet Check these data bits are set. + @param[in] BitClear Check these data bits are clear. + @param[in] TimeOut The max wait time (unit MicroSecond) when checking register. + + @retval EFI_SUCCESS The register satisfies the check bit. + @retval EFI_TIMEOUT The register can't run into the expected status in time. +**/ +EFI_STATUS +EFIAPI +TisPcWaitRegisterBits ( + IN UINT8 *Register, + IN UINT8 BitSet, + IN UINT8 BitClear, + IN UINT32 TimeOut + ); + +/** + Get BurstCount by reading the burstCount field of a TIS register + in the time of default TIS_TIMEOUT_D. + + @param[in] TisReg Pointer to TIS register. + @param[out] BurstCount Pointer to a buffer to store the got BurstCount. + + @retval EFI_SUCCESS Get BurstCount. + @retval EFI_INVALID_PARAMETER TisReg is NULL or BurstCount is NULL. + @retval EFI_TIMEOUT BurstCount can't be got in time. +**/ +EFI_STATUS +EFIAPI +TisPcReadBurstCount ( + IN TIS_PC_REGISTERS_PTR TisReg, + OUT UINT16 *BurstCount + ); + +/** + Set TPM chip to ready state by sending ready command TIS_PC_STS_READY + to Status Register in time. + + @param[in] TisReg Pointer to TIS register. + + @retval EFI_SUCCESS TPM chip enters into ready state. + @retval EFI_INVALID_PARAMETER TisReg is NULL. + @retval EFI_TIMEOUT TPM chip can't be set to ready state in time. +**/ +EFI_STATUS +EFIAPI +TisPcPrepareCommand ( + IN TIS_PC_REGISTERS_PTR TisReg + ); + +/** + Get the control of TPM chip by sending requestUse command TIS_PC_ACC_RQUUSE + to ACCESS Register in the time of default TIS_TIMEOUT_D. + + @param[in] TisReg Pointer to TIS register. + + @retval EFI_SUCCESS Get the control of TPM chip. + @retval EFI_INVALID_PARAMETER TisReg is NULL. + @retval EFI_NOT_FOUND TPM chip doesn't exit. + @retval EFI_TIMEOUT Can't get the TPM control in time. +**/ +EFI_STATUS +EFIAPI +TisPcRequestUseTpm ( + IN TIS_PC_REGISTERS_PTR TisReg + ); + +/** + Single function calculates SHA1 digest value for all raw data. It + combines Sha1Init(), Sha1Update() and Sha1Final(). + + @param[in] Data Raw data to be digested. + @param[in] DataLen Size of the raw data. + @param[out] Digest Pointer to a buffer that stores the final digest. + + @retval EFI_SUCCESS Always successfully calculate the final digest. +**/ +EFI_STATUS +EFIAPI +TpmCommHashAll ( + IN CONST UINT8 *Data, + IN UINTN DataLen, + OUT TPM_DIGEST *Digest + ); + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/VariableKeyLib.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/VariableKeyLib.h new file mode 100644 index 00000000..b3d42ea8 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Library/VariableKeyLib.h @@ -0,0 +1,60 @@ +/** @file + Public definitions for Variable Key Library. + +Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _VARIABLE_KEY_LIB_H_ +#define _VARIABLE_KEY_LIB_H_ + +#include <Uefi/UefiBaseType.h> + +/** + Retrieves the key for integrity and/or confidentiality of variables. + + @param[out] VariableKey A pointer to pointer for the variable key buffer. + @param[in,out] VariableKeySize The size in bytes of the variable key. + + @retval EFI_SUCCESS The variable key was returned. + @retval EFI_DEVICE_ERROR An error occurred while attempting to get the variable key. + @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface. + @retval EFI_UNSUPPORTED The variable key is not supported in the current boot configuration. +**/ +EFI_STATUS +EFIAPI +GetVariableKey ( + OUT VOID **VariableKey, + IN OUT UINTN *VariableKeySize + ); + +/** + Regenerates the variable key. + + @retval EFI_SUCCESS The variable key was regenerated successfully. + @retval EFI_DEVICE_ERROR An error occurred while attempting to regenerate the key. + @retval EFI_ACCESS_DENIED The function was invoked after locking the key interface. + @retval EFI_UNSUPPORTED Key regeneration is not supported in the current boot configuration. +**/ +EFI_STATUS +EFIAPI +RegenerateVariableKey ( + VOID + ); + +/** + Locks the regenerate key interface. + + @retval EFI_SUCCESS The key interface was locked successfully. + @retval EFI_UNSUPPORTED Locking the key interface is not supported in the current boot configuration. + @retval Others An error occurred while attempting to lock the key interface. +**/ +EFI_STATUS +EFIAPI +LockVariableKeyInterface ( + VOID + ); + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h new file mode 100644 index 00000000..4e8bf990 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoMeasurementExcluded.h @@ -0,0 +1,31 @@ +/** @file + This PPI means a FV does not need to be extended to PCR by TCG modules. + +Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_H__ +#define __EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_H__ + +#define EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI_GUID \ + { 0x6e056ff9, 0xc695, 0x4364, { 0x9e, 0x2c, 0x61, 0x26, 0xf5, 0xce, 0xea, 0xae } } + +typedef struct { + EFI_PHYSICAL_ADDRESS FvBase; + UINT64 FvLength; +} EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_FV; + +// +// This PPI means a FV does not need to be extended to PCR by TCG modules. +// +typedef struct { + UINT32 Count; + EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_FV Fv[1]; +} EFI_PEI_FIRMWARE_VOLUME_INFO_MEASUREMENT_EXCLUDED_PPI; + +extern EFI_GUID gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h new file mode 100644 index 00000000..c59ef9db --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoPrehashedFV.h @@ -0,0 +1,44 @@ +/** @file +PPI to describe all hash digests for a given FV + +Copyright (c) 2017, Microsoft Corporation +Copyright (c) 2017, Intel Corporation. All rights reserved.<BR> + +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__ +#define __PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_H__ + +#define EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI_GUID \ + { 0x3ce1e631, 0x7008, 0x477c, { 0xad, 0xa7, 0x5d, 0xcf, 0xc7, 0xc1, 0x49, 0x4b } } + +// +// HashAlgoId is TPM_ALG_ID in Tpm20.h +// +typedef struct _HASH_INFO { + UINT16 HashAlgoId; + UINT16 HashSize; + //UINT8 Hash[]; +} HASH_INFO; + +// +// This PPI carries prehashsed data for one FV. Platform should ensure 1:1 mapping between pre-hashed PPI and corresponding FV. +// The Count field in PPI is followed by Count number of FV hash info entries, which can be extended to PCR and logged to TCG event log directly by TCG modules. +// TCG module checks TPM required hash algorithms(PcdTpm2HashMask) with each pre-hashed PPIs +// For each pre-hashed PPI +// If PPI carries hash generated by equivalent or larger algorithm set than TPM required, directly use PPI +// else, drops PPI data and calculate all hash again +// +typedef struct { + UINT32 FvBase; + UINT32 FvLength; + UINT32 Count; + //HASH_INFO HashInfo[]; +} EDKII_PEI_FIRMWARE_VOLUME_INFO_PREHASHED_FV_PPI; + +extern EFI_GUID gEdkiiPeiFirmwareVolumeInfoPrehashedFvPpiGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoStoredHashFv.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoStoredHashFv.h new file mode 100644 index 00000000..511c19b8 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/FirmwareVolumeInfoStoredHashFv.h @@ -0,0 +1,62 @@ +/** @file +PPI to describe stored hash digest for FVs. + +Copyright (c) 2019, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_H__ +#define __PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_H__ + +#include <Ppi/FirmwareVolumeInfoPrehashedFV.h> + +// {7F5E4E31-81B1-47E5-9E21-1E4B5BC2F61D} +#define EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI_GUID \ + {0x7f5e4e31, 0x81b1, 0x47e5, {0x9e, 0x21, 0x1e, 0x4b, 0x5b, 0xc2, 0xf6, 0x1d}} + +// +// Hashed FV flags. +// +#define HASHED_FV_FLAG_REPORT_FV_INFO_PPI 0x0000000000000001 +#define HASHED_FV_FLAG_REPORT_FV_HOB 0x0000000000000002 +#define HASHED_FV_FLAG_VERIFIED_BOOT 0x0000000000000010 +#define HASHED_FV_FLAG_MEASURED_BOOT 0x0000000000000020 +#define HASHED_FV_FLAG_SKIP_ALL 0xFFFFFFFFFFFFFF00 +#define HASHED_FV_FLAG_SKIP_BOOT_MODE(Mode) LShiftU64 (0x100, (Mode)) + +// +// FV hash flags +// +#define FV_HASH_FLAG_BOOT_MODE(Mode) LShiftU64 (0x100, (Mode)) + +typedef struct _EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI + EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI; + +typedef struct _HASHED_FV_INFO { + UINT64 Base; + UINT64 Length; + UINT64 Flag; +} HASHED_FV_INFO; + +typedef struct _FV_HASH_INFO { + UINT64 HashFlag; + UINT16 HashAlgoId; + UINT16 HashSize; + UINT8 Hash[64]; +} FV_HASH_INFO; + +// +// PPI used to convey FVs and hash information of a specific platform. Only one +// instance of this PPI is allowed in the platform. +// +struct _EDKII_PEI_FIRMWARE_VOLUME_INFO_STORED_HASH_FV_PPI { + FV_HASH_INFO HashInfo; + UINTN FvNumber; + HASHED_FV_INFO FvInfo[1]; +}; + +extern EFI_GUID gEdkiiPeiFirmwareVolumeInfoStoredHashFvPpiGuid; + +#endif + diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/LockPhysicalPresence.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/LockPhysicalPresence.h new file mode 100644 index 00000000..a5e2199d --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/LockPhysicalPresence.h @@ -0,0 +1,54 @@ +/** @file + This file defines the lock physical Presence PPI. This PPI is + produced by a platform specific PEIM and consumed by the TPM + PEIM. + +Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef __PEI_LOCK_PHYSICAL_PRESENCE_H__ +#define __PEI_LOCK_PHYSICAL_PRESENCE_H__ + +/// +/// Global ID for the PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID. +/// +#define PEI_LOCK_PHYSICAL_PRESENCE_PPI_GUID \ + { \ + 0xef9aefe5, 0x2bd3, 0x4031, { 0xaf, 0x7d, 0x5e, 0xfe, 0x5a, 0xbb, 0x9a, 0xd } \ + } + +/// +/// Forward declaration for the PEI_LOCK_PHYSICAL_PRESENCE_PPI +/// +typedef struct _PEI_LOCK_PHYSICAL_PRESENCE_PPI PEI_LOCK_PHYSICAL_PRESENCE_PPI; + +/** + This interface returns whether TPM physical presence needs be locked. + + @param[in] PeiServices The pointer to the PEI Services Table. + + @retval TRUE The TPM physical presence should be locked. + @retval FALSE The TPM physical presence cannot be locked. + +**/ +typedef +BOOLEAN +(EFIAPI *PEI_LOCK_PHYSICAL_PRESENCE)( + IN CONST EFI_PEI_SERVICES **PeiServices +); + +/// +/// This service abstracts TPM physical presence lock interface. It is necessary for +/// safety to convey this information to the TPM driver so that TPM physical presence +/// can be locked as early as possible. This PPI is produced by a platform specific +/// PEIM and consumed by the TPM PEIM. +/// +struct _PEI_LOCK_PHYSICAL_PRESENCE_PPI { + PEI_LOCK_PHYSICAL_PRESENCE LockPhysicalPresence; +}; + +extern EFI_GUID gPeiLockPhysicalPresencePpiGuid; + +#endif // __PEI_LOCK_PHYSICAL_PRESENCE_H__ diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/Tcg.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/Tcg.h new file mode 100644 index 00000000..5ec971f1 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/Tcg.h @@ -0,0 +1,65 @@ +/** @file + TCG PPI services. + +Copyright (c) 2020, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _TCG_PPI_H_ +#define _TCG_PPI_H_ + +#include <IndustryStandard/UefiTcgPlatform.h> + +typedef struct _EDKII_TCG_PPI EDKII_TCG_PPI; + +// +// This bit is shall be set when HashData is the pre-hash digest. +// +#define EDKII_TCG_PRE_HASH 0x0000000000000001 + +// +// This bit is shall be set when HashData is the pre-hash digest and log only. +// +#define EDKII_TCG_PRE_HASH_LOG_ONLY 0x0000000000000002 + +/** + Tpm measure and log data, and extend the measurement result into a specific PCR. + + @param[in] This Indicates the calling context + @param[in] Flags Bitmap providing additional information + @param[in] HashData If BIT0 of Flags is 0, it is physical address of the + start of the data buffer to be hashed, extended, and logged. + If BIT0 of Flags is 1, it is physical address of the + start of the pre-hash data buffter to be extended, and logged. + The pre-hash data format is TPML_DIGEST_VALUES. + @param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData. + @param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure. + @param[in] NewEventData Pointer to the new event data. + + @retval EFI_SUCCESS Operation completed successfully. + @retval EFI_UNSUPPORTED TPM device not available. + @retval EFI_OUT_OF_RESOURCES Out of memory. + @retval EFI_DEVICE_ERROR The operation was unsuccessful. +**/ +typedef +EFI_STATUS +(EFIAPI *EDKII_TCG_HASH_LOG_EXTEND_EVENT)( + IN EDKII_TCG_PPI *This, + IN UINT64 Flags, + IN UINT8 *HashData, + IN UINTN HashDataLen, + IN TCG_PCR_EVENT_HDR *NewEventHdr, + IN UINT8 *NewEventData + ); + +/// +/// The EFI_TCG Protocol abstracts TCG activity. +/// +struct _EDKII_TCG_PPI { + EDKII_TCG_HASH_LOG_EXTEND_EVENT HashLogExtendEvent; +}; + +extern EFI_GUID gEdkiiTcgPpiGuid; + +#endif diff --git a/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/TpmInitialized.h b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/TpmInitialized.h new file mode 100644 index 00000000..938f5774 --- /dev/null +++ b/src/VBox/Devices/EFI/Firmware/SecurityPkg/Include/Ppi/TpmInitialized.h @@ -0,0 +1,34 @@ +/** @file + Tag GUID that must be installed by the TPM PEIM after the TPM hardware is + initialized. PEIMs that must execute after TPM hardware initialization + may use this GUID in their dependency expressions. + +Copyright (c) 2008 - 2018, Intel Corporation. All rights reserved.<BR> +SPDX-License-Identifier: BSD-2-Clause-Patent + +**/ + +#ifndef _PEI_TPM_INITIALIZED_PPI_H_ +#define _PEI_TPM_INITIALIZED_PPI_H_ + +/// +/// Global ID for the PEI_TPM_INITIALIZED_PPI which always uses a NULL interface. +/// +#define PEI_TPM_INITIALIZED_PPI_GUID \ + { \ + 0xe9db0d58, 0xd48d, 0x47f6, 0x9c, 0x6e, 0x6f, 0x40, 0xe8, 0x6c, 0x7b, 0x41 \ + } + +extern EFI_GUID gPeiTpmInitializedPpiGuid; + +/// +/// Global ID for the PEI_TPM_INITIALIZATION_DONE_PPI which always uses a NULL interface. +/// +#define PEI_TPM_INITIALIZATION_DONE_PPI_GUID \ + { \ + 0xa030d115, 0x54dd, 0x447b, { 0x90, 0x64, 0xf2, 0x6, 0x88, 0x3d, 0x7c, 0xcc \ + } + +extern EFI_GUID gPeiTpmInitializationDonePpiGuid; + +#endif |