sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

SecurityPkg: Clean up source files

Browse Source 
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
This commit is contained in:
Liming Gao
2018-06-27 21:13:09 +08:00
parent 5a702acd3d
commit b3548d32dd
224 changed files with 3246 additions and 3246 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.c
View File

@@ -1,17 +1,17 @@
/** @file
TCG MOR (Memory Overwrite Request) Control Driver.
This driver initilize MemoryOverwriteRequestControl variable. It
This driver initilize MemoryOverwriteRequestControl variable. It
will clear MOR_CLEAR_MEMORY_BIT bit if it is set. It will also do TPer Reset for
those encrypted drives through EFI_STORAGE_SECURITY_COMMAND_PROTOCOL at EndOfDxe.
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -36,7 +36,7 @@ OnReadyToBoot (
{
EFI_STATUS Status;
UINTN DataSize;
if (MOR_CLEAR_MEMORY_VALUE (mMorControl) == 0x0) {
//
// MorControl is expected, directly return to avoid unnecessary variable operation
@@ -47,14 +47,14 @@ OnReadyToBoot (
// Clear MOR_CLEAR_MEMORY_BIT
//
DEBUG ((EFI_D_INFO, "TcgMor: Clear MorClearMemory bit\n"));
mMorControl &= 0xFE;
mMorControl &= 0xFE;
DataSize = sizeof (mMorControl);
Status = gRT->SetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
DataSize,
DataSize,
&mMorControl
);
if (EFI_ERROR (Status)) {
@@ -304,7 +304,7 @@ TPerResetAtEndOfDxe (
@param[in] ImageHandle Image handle of this driver.
@param[in] SystemTable A Pointer to the EFI System Table.
@retval EFI_SUCEESS
@retval EFI_SUCEESS
@return Others Some error occurs.
**/
EFI_STATUS
@@ -324,10 +324,10 @@ MorDriverEntryPoint (
DataSize = sizeof (mMorControl);
Status = gRT->GetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
NULL,
&DataSize,
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
NULL,
&DataSize,
&mMorControl
);
if (EFI_ERROR (Status)) {
@@ -336,10 +336,10 @@ MorDriverEntryPoint (
//
mMorControl = 0;
Status = gRT->SetVariable (
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
MEMORY_OVERWRITE_REQUEST_VARIABLE_NAME,
&gEfiMemoryOverwriteControlDataGuid,
EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
DataSize,
DataSize,
&mMorControl
);
DEBUG ((EFI_D_INFO, "TcgMor: Create MOR variable! Status = %r\n", Status));

10
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMor.h
View File

@@ -1,13 +1,13 @@
/** @file
The header file for TcgMor.
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

6
SecurityPkg/Tcg/MemoryOverwriteControl/TcgMorExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgMor Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) MOR"

18
SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.c
View File

@@ -4,13 +4,13 @@
This driver initilize MemoryOverwriteRequestControlLock variable.
This module will add Variable Hook and allow MemoryOverwriteRequestControlLock variable set only once.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -51,7 +51,7 @@ IsAnyMorVariable (
UINTN Index;
for (Index = 0; Index < sizeof(mMorVariableType)/sizeof(mMorVariableType[0]); Index++) {
if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) &&
if ((StrCmp (VariableName, mMorVariableType[Index].VariableName) == 0) &&
(CompareGuid (VendorGuid, mMorVariableType[Index].VendorGuid))) {
return TRUE;
}
@@ -74,7 +74,7 @@ IsMorLockVariable (
IN EFI_GUID *VendorGuid
)
{
if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) &&
if ((StrCmp (VariableName, MEMORY_OVERWRITE_REQUEST_CONTROL_LOCK_NAME) == 0) &&
(CompareGuid (VendorGuid, &gEfiMemoryOverwriteRequestControlLockGuid))) {
return TRUE;
}
@@ -142,7 +142,7 @@ SetVariableCheckHandlerMor (
//
return EFI_INVALID_PARAMETER;
}
//
// Delete not OK
//
@@ -173,7 +173,7 @@ SetVariableCheckHandlerMor (
@param[in] ImageHandle Image handle of this driver.
@param[in] SystemTable A Pointer to the EFI System Table.
@retval EFI_SUCEESS
@retval EFI_SUCEESS
@return Others Some error occurs.
**/
EFI_STATUS

14
SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLock.h
View File

@@ -1,13 +1,13 @@
/** @file
TCG MOR (Memory Overwrite Request) Lock Control Driver header file.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -125,7 +125,7 @@ SetVariableCheckHandlerMor (
@param[in] ImageHandle Image handle of this driver.
@param[in] SystemTable A Pointer to the EFI System Table.
@retval EFI_SUCEESS
@retval EFI_SUCEESS
@return Others Some error occurs.
**/
EFI_STATUS

6
SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgMorLock Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) MOR Lock"

14
SecurityPkg/Tcg/MemoryOverwriteRequestControlLock/TcgMorLockSmm.c
View File

@@ -1,13 +1,13 @@
/** @file
TCG MOR (Memory Overwrite Request) Lock Control Driver SMM wrapper.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -130,7 +130,7 @@ MorLockDriverEntryPointSmm (
// This driver link to Smm Variable driver
//
DEBUG ((EFI_D_INFO, "MorLockDriverEntryPointSmm\n"));
Status = gSmst->SmmLocateProtocol (
&gEfiSmmVariableProtocolGuid,
NULL,

4
SecurityPkg/Tcg/Opal/OpalPassword/OpalAhciMode.h
View File

@@ -369,7 +369,7 @@ typedef struct _EFI_ATA_COMMAND_BLOCK {
UINT8 AtaDeviceHead;
UINT8 AtaSectorNumberExp;
UINT8 AtaCylinderLowExp;
UINT8 AtaCylinderHighExp;
UINT8 AtaCylinderHighExp;
UINT8 AtaFeaturesExp;
UINT8 AtaSectorCount;
UINT8 AtaSectorCountExp;
@@ -386,7 +386,7 @@ typedef struct _EFI_ATA_STATUS_BLOCK {
UINT8 AtaDeviceHead;
UINT8 AtaSectorNumberExp;
UINT8 AtaCylinderLowExp;
UINT8 AtaCylinderHighExp;
UINT8 AtaCylinderHighExp;
UINT8 Reserved2;
UINT8 AtaSectorCount;
UINT8 AtaSectorCountExp;

4
SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.h
View File

@@ -77,7 +77,7 @@ extern EFI_COMPONENT_NAME2_PROTOCOL gOpalComponentName2;
//
// The max timeout value assume the user can wait for the revert action. The unit of this macro is second.
// If the revert time value bigger than this one, driver needs to popup a dialog to let user confirm the
// If the revert time value bigger than this one, driver needs to popup a dialog to let user confirm the
// revert action.
//
#define MAX_ACCEPTABLE_REVERTING_TIME 10
@@ -258,7 +258,7 @@ OpalSupportGetAvailableActions(
@param[in] Msid Msid
@param[in] MsidLength Msid Length
@param[in] Password Admin password
@param[in] PassLength Length of password in bytes
@param[in] PassLength Length of password in bytes
**/
TCG_RESULT

2
SecurityPkg/Tcg/Opal/OpalPassword/OpalHii.c
View File

@@ -728,7 +728,7 @@ DriverCallback(
}
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_FORM_APPLY;
return EFI_SUCCESS;
case HII_KEY_ID_REVERT:
DEBUG ((DEBUG_INFO, "HII_KEY_ID_REVERT\n"));
gHiiConfiguration.OpalRequest.Revert = Value->b;

30
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.c
View File

@@ -1,15 +1,15 @@
/** @file
This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate
whether TPM need be locked or not. It can be replaced by a platform
This driver produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate
whether TPM need be locked or not. It can be replaced by a platform
specific driver.
Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -70,18 +70,18 @@ LockTpmPhysicalPresence (
EFI_PHYSICAL_PRESENCE TcgPpData;
//
// The CRTM has sensed the physical presence assertion of the user. For example,
// the user has pressed the startup button or inserted a USB dongle. The details
// The CRTM has sensed the physical presence assertion of the user. For example,
// the user has pressed the startup button or inserted a USB dongle. The details
// of the implementation are vendor-specific. Here we read a PCD value to indicate
// whether operator physical presence.
//
//
if (!PcdGetBool (PcdTpmPhysicalPresence)) {
return TRUE;
}
//
// Check the pending TPM requests. Lock TPM physical presence if there is no TPM
// request.
// Check the pending TPM requests. Lock TPM physical presence if there is no TPM
// request.
//
Status = PeiServicesLocatePpi (
&gEfiPeiReadOnlyVariable2PpiGuid,
@@ -91,8 +91,8 @@ LockTpmPhysicalPresence (
);
if (!EFI_ERROR (Status)) {
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
Status = Variable->GetVariable (
Variable,
Status = Variable->GetVariable (
Variable,
PHYSICAL_PRESENCE_VARIABLE,
&gEfiPhysicalPresenceGuid,
NULL,
@@ -115,7 +115,7 @@ LockTpmPhysicalPresence (
/**
Entry point of this module.
It installs lock physical presence PPI.
It installs lock physical presence PPI.
@param[in] FileHandle Handle of the file being invoked.
@param[in] PeiServices Describes the list of possible PEI Services.

8
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePei.inf
View File

@@ -2,10 +2,10 @@
# Produces a PPI to indicate whether to lock TPM in PEI phase
#
# This module produces PEI_LOCK_PHYSICAL_PRESENCE_PPI to indicate whether
# TPM physical presence needs to be locked. It can be replaced by a
# TPM physical presence needs to be locked. It can be replaced by a
# platform specific module.
#
# Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -54,11 +54,11 @@
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPhysicalPresence ## SOMETIMES_CONSUMES
[Depex]
[Depex]
gEfiPeiMemoryDiscoveredPpiGuid AND
gEfiPeiReadOnlyVariable2PpiGuid AND
gPeiTpmInitializedPpiGuid
[UserExtensions.TianoCore."ExtraFiles"]
PhysicalPresencePeiExtra.uni

6
SecurityPkg/Tcg/PhysicalPresencePei/PhysicalPresencePeiExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// PhysicalPresencePei Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"Physical Presence PEI"

14
SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
View File

@@ -1,13 +1,13 @@
/** @file
VFR file used by the TCG2 configuration component.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -19,7 +19,7 @@ formset
title = STRING_TOKEN(STR_TCG2_TITLE),
help = STRING_TOKEN(STR_TCG2_HELP),
classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
efivarstore TCG2_CONFIGURATION_INFO,
varid = TCG2_CONFIGURATION_INFO_VARSTORE_ID,
attribute = 0x02, // EFI variable attribures EFI_VARIABLE_BOOTSERVICE_ACCESS
@@ -154,7 +154,7 @@ formset
option text = STRING_TOKEN(STR_TCG2_LOG_ALL_DIGESTS), value = TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY), value = TCG2_PHYSICAL_PRESENCE_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY, flags = RESET_REQUIRED;
endoneof;
suppressif NOT questionref(Tpm2Operation) == TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS;
numeric name = Tpm2OperationParameter,
questionid = KEY_TPM2_OPERATION_PARAMETER,

28
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDriver.c
View File

@@ -1,13 +1,13 @@
/** @file
The module entry point for Tcg2 configuration module.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -277,7 +277,7 @@ Tcg2ConfigDriverEntryPoint (
if (!EFI_ERROR (Status)) {
return EFI_ALREADY_STARTED;
}
//
// Create a private data structure.
//
@@ -286,7 +286,7 @@ Tcg2ConfigDriverEntryPoint (
mTcg2ConfigPrivateDate = PrivateData;
//
// Install private GUID.
//
//
Status = gBS->InstallMultipleProtocolInterfaces (
&ImageHandle,
&gEfiCallerIdGuid,
@@ -398,7 +398,7 @@ Tcg2ConfigDriverEntryPoint (
);
ASSERT_EFI_ERROR (Status);
}
//
// Install Tcg2 configuration form
//
@@ -414,8 +414,8 @@ Tcg2ConfigDriverEntryPoint (
ErrorExit:
if (PrivateData != NULL) {
UninstallTcg2ConfigForm (PrivateData);
}
}
return Status;
}
@@ -441,11 +441,11 @@ Tcg2ConfigDriverUnload (
ImageHandle,
&gEfiCallerIdGuid,
(VOID **) &PrivateData
);
);
if (EFI_ERROR (Status)) {
return Status;
return Status;
}
ASSERT (PrivateData->Signature == TCG2_CONFIG_PRIVATE_DATA_SIGNATURE);
gBS->UninstallMultipleProtocolInterfaces (
@@ -454,7 +454,7 @@ Tcg2ConfigDriverUnload (
PrivateData,
NULL
);
UninstallTcg2ConfigForm (PrivateData);
return EFI_SUCCESS;

4
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxe.inf
View File

@@ -1,6 +1,6 @@
## @file
# TPM device configuration for TPM 2.0
#
#
# By this module, user may select TPM device, clear TPM state, etc.
# NOTE: This module is only for reference only, each platform should have its own setup page.
#
@@ -87,6 +87,6 @@
gEfiHiiDatabaseProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2ConfigDxeExtra.uni

6
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigDxeExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// Tcg2ConfigDxe Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG2 (Trusted Computing Group) Configuration DXE"

28
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.c
View File

@@ -4,12 +4,12 @@
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2018 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -53,7 +53,7 @@ HII_VENDOR_DEVICE_PATH mTcg2HiiVendorDevicePath = {
{
END_DEVICE_PATH_TYPE,
END_ENTIRE_DEVICE_PATH_SUBTYPE,
{
{
(UINT8) (END_DEVICE_PATH_LENGTH),
(UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
}
@@ -66,7 +66,7 @@ UINT8 mCurrentPpRequest;
Return if PTP CRB is supported.
@param[in] Register Pointer to PTP register.
@retval TRUE PTP CRB is supported.
@retval FALSE PTP CRB is unsupported.
**/
@@ -94,7 +94,7 @@ IsPtpCrbSupported (
Return if PTP FIFO is supported.
@param[in] Register Pointer to PTP register.
@retval TRUE PTP FIFO is supported.
@retval FALSE PTP FIFO is unsupported.
**/
@@ -124,7 +124,7 @@ IsPtpFifoSupported (
@param[in] Register Pointer to PTP register.
@param[in] PtpInterface PTP interface type.
@retval EFI_SUCCESS PTP interface type is set.
@retval EFI_INVALID_PARAMETER PTP interface type is invalid.
@retval EFI_UNSUPPORTED PTP interface type is unsupported.
@@ -299,7 +299,7 @@ SaveTcg2PCRBanksRequest (
} else {
mTcg2ConfigPrivateDate->PCRBanksDesired &= ~(0x1 << PCRBankIndex);
}
ReturnCode = Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, mTcg2ConfigPrivateDate->PCRBanksDesired);
if (ReturnCode == TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
Status = EFI_SUCCESS;
@@ -580,7 +580,7 @@ Tcg2Callback (
}
}
}
if (Action == EFI_BROWSER_ACTION_CHANGED) {
if (QuestionId == KEY_TPM_DEVICE) {
return EFI_SUCCESS;
@@ -829,11 +829,11 @@ InstallTcg2ConfigForm (
&gEfiHiiConfigAccessProtocolGuid,
ConfigAccess,
NULL
);
);
return EFI_OUT_OF_RESOURCES;
}
PrivateData->HiiHandle = HiiHandle;
//
@@ -962,7 +962,7 @@ InstallTcg2ConfigForm (
DEBUG ((EFI_D_ERROR, "Tcg2ConfigDriver: Fail to set TCG2_STORAGE_INFO_NAME\n"));
}
return EFI_SUCCESS;
return EFI_SUCCESS;
}
/**
@@ -998,6 +998,6 @@ UninstallTcg2ConfigForm (
);
PrivateData->DriverHandle = NULL;
}
FreePool (PrivateData);
}

12
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigImpl.h
View File

@@ -2,13 +2,13 @@
The header file of HII Config Access protocol implementation of TCG2
configuration module.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -62,7 +62,7 @@ typedef struct {
EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
EFI_HII_HANDLE HiiHandle;
EFI_HANDLE DriverHandle;
EFI_HANDLE DriverHandle;
UINT8 TpmDeviceDetected;
EFI_TCG2_PROTOCOL *Tcg2Protocol;

12
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigNvData.h
View File

@@ -1,13 +1,13 @@
/** @file
Header file for NV data structure definition.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -65,7 +65,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#define EFI_TCG2_EVENT_LOG_FORMAT_DEFAULT EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2
#define TCG2_PPI_VERSION_1_2 0x322E31 // "1.2"
#define TCG2_PPI_VERSION_1_3 0x332E31 // "1.3"
#define TCG2_PPI_VERSION_1_3 0x332E31 // "1.3"
//
// Nv Data structure referenced by IFR, TPM device user desired

6
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPei.inf
View File

@@ -4,7 +4,7 @@
# This module initializes TPM device type based on variable and detection.
# NOTE: This module is only for reference only, each platform should have its own setup page.
#
# Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -66,12 +66,12 @@
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInitializationPolicy ## PRODUCES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmAutoDetection ## CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmBaseAddress ## SOMETIMES_CONSUMES
[Depex]
gEfiPeiMasterBootModePpiGuid AND
gEfiPeiReadOnlyVariable2PpiGuid
[UserExtensions.TianoCore."ExtraFiles"]
Tcg2ConfigPeiExtra.uni

6
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeiExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// Tcg2ConfigDxe Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG2 (Trusted Computing Group) Configuration DXE"

10
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigPeim.c
View File

@@ -1,13 +1,13 @@
/** @file
The module entry point for Tcg2 configuration module.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

10
SecurityPkg/Tcg/Tcg2Config/Tcg2ConfigStrings.uni
View File

@@ -1,13 +1,13 @@
/** @file
String definitions for TCG2 configuration form.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

10
SecurityPkg/Tcg/Tcg2Config/TpmDetection.c
View File

@@ -1,13 +1,13 @@
/** @file
TPM1.2/dTPM2.0 auto detection.
Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

26
SecurityPkg/Tcg/Tcg2Dxe/MeasureBootPeCoff.c
View File

@@ -1,18 +1,18 @@
/** @file
This module implements measuring PeCoff image for Tcg2 Protocol.
Caution: This file requires additional review when modified.
This driver will have external input - PE/COFF image.
This external input must be validated carefully to avoid security issue like
buffer overflow, integer overflow.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -183,8 +183,8 @@ MeasurePeImageAndExtend (
//
if (Hdr.Pe32->FileHeader.Machine == IMAGE_FILE_MACHINE_IA64 && Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
// in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
// NOTE: Some versions of Linux ELILO for Itanium have an incorrect magic value
// in the PE/COFF Header. If the MachineType is Itanium(IA64) and the
// Magic value in the OptionalHeader is EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC
// then override the magic value to EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC
//
@@ -195,7 +195,7 @@ MeasurePeImageAndExtend (
//
Magic = Hdr.Pe32->OptionalHeader.Magic;
}
//
// 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
@@ -218,7 +218,7 @@ MeasurePeImageAndExtend (
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {
goto Finish;
}
}
//
// 5. Skip over the image checksum (it occupies a single ULONG).
@@ -247,7 +247,7 @@ MeasurePeImageAndExtend (
if (EFI_ERROR (Status)) {
goto Finish;
}
}
}
} else {
//
// 7. Hash everything from the end of the checksum to the start of the Cert Directory.
@@ -261,7 +261,7 @@ MeasurePeImageAndExtend (
} else {
//
// Use PE32+ offset
//
//
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
}
@@ -290,7 +290,7 @@ MeasurePeImageAndExtend (
HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
}
if (HashSize != 0) {
Status = HashUpdate (HashHandle, HashBase, HashSize);
if (EFI_ERROR (Status)) {

126
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c
View File

@@ -1,14 +1,14 @@
/** @file
This module implements Tcg2 Protocol.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -372,11 +372,11 @@ GetProcessorsCpuLocation (
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
The ProtocolCapability variable will not be populated.
The ProtocolCapability variable will not be populated.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
The ProtocolCapability variable will not be populated.
@retval EFI_BUFFER_TOO_SMALL The ProtocolCapability variable is too small to hold the full response.
It will be partially populated (required Size field will be set).
It will be partially populated (required Size field will be set).
**/
EFI_STATUS
EFIAPI
@@ -390,7 +390,7 @@ Tcg2GetCapability (
if ((This == NULL) || (ProtocolCapability == NULL)) {
return EFI_INVALID_PARAMETER;
}
DEBUG ((DEBUG_VERBOSE, "Size - 0x%x\n", ProtocolCapability->Size));
DEBUG ((DEBUG_VERBOSE, " 1.1 - 0x%x, 1.0 - 0x%x\n", sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY), sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)));
@@ -398,7 +398,7 @@ Tcg2GetCapability (
//
// Handle the case that firmware support 1.1 but OS only support 1.0.
//
if ((mTcgDxeData.BsCap.ProtocolVersion.Major > 0x01) ||
if ((mTcgDxeData.BsCap.ProtocolVersion.Major > 0x01) ||
((mTcgDxeData.BsCap.ProtocolVersion.Major == 0x01) && ((mTcgDxeData.BsCap.ProtocolVersion.Minor > 0x00)))) {
if (ProtocolCapability->Size >= sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0)) {
CopyMem (ProtocolCapability, &mTcgDxeData.BsCap, sizeof(TREE_BOOT_SERVICE_CAPABILITY_1_0));
@@ -563,7 +563,7 @@ DumpEvent2 (
/**
This function returns size of TCG PCR event 2.
@param[in] TcgPcrEvent2 TCG PCR event 2 structure.
@return size of TCG PCR event 2.
@@ -623,7 +623,7 @@ DumpEventLog (
UINTN NumberOfEvents;
DEBUG ((EFI_D_INFO, "EventLogFormat: (0x%x)\n", EventLogFormat));
switch (EventLogFormat) {
case EFI_TCG2_EVENT_LOG_FORMAT_TCG_1_2:
EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
@@ -647,7 +647,7 @@ DumpEventLog (
break;
case EFI_TCG2_EVENT_LOG_FORMAT_TCG_2:
//
// Dump first event
// Dump first event
//
EventHdr = (TCG_PCR_EVENT_HDR *)(UINTN)EventLogLocation;
DumpEvent (EventHdr);
@@ -682,7 +682,7 @@ DumpEventLog (
/**
The EFI_TCG2_PROTOCOL Get Event Log function call allows a caller to
retrieve the address of a given event log and its last entry.
retrieve the address of a given event log and its last entry.
@param[in] This Indicates the calling context
@param[in] EventLogFormat The type of the event log for which the information is requested.
@@ -780,14 +780,14 @@ Tcg2GetEventLog (
/**
Add a new entry to the Event Log.
@param[in, out] EventLogPtr Pointer to the Event Log data.
@param[in, out] LogSize Size of the Event Log.
@param[in, out] EventLogPtr Pointer to the Event Log data.
@param[in, out] LogSize Size of the Event Log.
@param[in] MaxSize Maximum size of the Event Log.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
@param[in] NewEventHdrSize New event header size.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventSize New event data size.
@retval EFI_SUCCESS The new event log entry was added.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -838,9 +838,9 @@ TcgCommLogEvent (
Add a new entry to the Event Log.
@param[in] EventLogFormat The type of the event log for which the information is requested.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR/TCG_PCR_EVENT_EX data structure.
@param[in] NewEventHdrSize New event header size.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventSize New event data size.
@retval EFI_SUCCESS The new event log entry was added.
@@ -859,7 +859,7 @@ TcgDxeLogEvent (
EFI_STATUS Status;
UINTN Index;
TCG_EVENT_LOG_AREA_STRUCT *EventLogAreaStruct;
for (Index = 0; Index < sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]); Index++) {
if (EventLogFormat == mTcg2EventInfo[Index].LogFormat) {
break;
@@ -889,7 +889,7 @@ TcgDxeLogEvent (
NewEventData,
NewEventSize
);
if (Status == EFI_OUT_OF_RESOURCES) {
EventLogAreaStruct->EventLogTruncated = TRUE;
return EFI_VOLUME_FULL;
@@ -1122,11 +1122,11 @@ TcgDxeLogHashEvent (
and add an entry to the Event Log.
@param[in] Flags Bitmap providing additional information.
@param[in] HashData Physical address of the start of the data buffer
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
@param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -1176,13 +1176,13 @@ TcgDxeHashLogExtendEvent (
/**
The EFI_TCG2_PROTOCOL HashLogExtendEvent function call provides callers with
an opportunity to extend and optionally log events without requiring
knowledge of actual TPM commands.
knowledge of actual TPM commands.
The extend operation will occur even if this function cannot create an event
log entry (e.g. due to the event log being full).
log entry (e.g. due to the event log being full).
@param[in] This Indicates the calling context
@param[in] Flags Bitmap providing additional information.
@param[in] DataToHash Physical address of the start of the data buffer to be hashed.
@param[in] DataToHash Physical address of the start of the data buffer to be hashed.
@param[in] DataToHashLen The length in bytes of the buffer referenced by DataToHash.
@param[in] Event Pointer to data buffer containing information about the event.
@@ -1272,7 +1272,7 @@ Tcg2HashLogExtendEvent (
@retval EFI_SUCCESS The command byte stream was successfully sent to the device and a response was successfully received.
@retval EFI_DEVICE_ERROR The command was not successfully sent to the device or a response was not successfully received from the device.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
@retval EFI_BUFFER_TOO_SMALL The output parameter block is too small.
**/
EFI_STATUS
EFIAPI
@@ -1322,7 +1322,7 @@ Tcg2SubmitCommand (
@param[out] ActivePcrBanks Pointer to the variable receiving the bitmap of currently active PCR banks.
@retval EFI_SUCCESS The bitmap of active PCR banks was stored in the ActivePcrBanks parameter.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
@retval EFI_INVALID_PARAMETER One or more of the parameters are incorrect.
**/
EFI_STATUS
EFIAPI
@@ -1412,7 +1412,7 @@ Tcg2GetResultOfSetActivePcrBanks (
if ((OperationPresent == NULL) || (Response == NULL)) {
return EFI_INVALID_PARAMETER;
}
ReturnCode = Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (OperationPresent, Response);
if (ReturnCode == TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS) {
return EFI_SUCCESS;
@@ -1485,7 +1485,7 @@ SetupEventLog (
mTcgDxeData.EventLogAreaStruct[Index].Lasa = Lasa;
mTcgDxeData.EventLogAreaStruct[Index].Laml = PcdGet32 (PcdTcgLogAreaMinLen);
//
// To initialize them as 0xFF is recommended
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
SetMem ((VOID *)(UINTN)Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
@@ -1631,7 +1631,7 @@ SetupEventLog (
mTcgDxeData.FinalEventLogAreaStruct[Index].EventLogTruncated = FALSE;
//
// Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2
// Install to configuration table for EFI_TCG2_EVENT_LOG_FORMAT_TCG_2
//
Status = gBS->InstallConfigurationTable (&gEfiTcg2FinalEventsTableGuid, (VOID *)mTcgDxeData.FinalEventsTable[Index]);
if (EFI_ERROR (Status)) {
@@ -1652,7 +1652,7 @@ SetupEventLog (
}
}
}
//
// 3. Sync data from PEI to DXE
//
@@ -1661,7 +1661,7 @@ SetupEventLog (
if ((mTcgDxeData.BsCap.SupportedEventLogs & mTcg2EventInfo[Index].LogFormat) != 0) {
GuidHob.Raw = GetHobList ();
Status = EFI_SUCCESS;
while (!EFI_ERROR (Status) &&
while (!EFI_ERROR (Status) &&
(GuidHob.Raw = GetNextGuidHob (mTcg2EventInfo[Index].EventGuid, GuidHob.Raw)) != NULL) {
TcgEvent = AllocateCopyPool (GET_GUID_HOB_DATA_SIZE (GuidHob.Guid), GET_GUID_HOB_DATA (GuidHob.Guid));
ASSERT (TcgEvent != NULL);
@@ -1729,8 +1729,8 @@ SetupEventLog (
Measure and log an action string, and extend the measurement result into PCR[PCRIndex].
@param[in] PCRIndex PCRIndex to extend
@param[in] String A specific string that indicates an Action event.
@param[in] String A specific string that indicates an Action event.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1778,7 +1778,7 @@ MeasureHandoffTables (
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
//
// Tcg Server spec.
// Tcg Server spec.
// Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
//
Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);
@@ -1810,7 +1810,7 @@ MeasureHandoffTables (
/**
Measure and log Separator event, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR index.
@param[in] PCRIndex PCR index.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1842,13 +1842,13 @@ MeasureSeparatorEvent (
/**
Measure and log an EFI variable, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[in] VarData The content of the variable data.
@param[in] VarSize The size of the variable data.
@param[in] VarData The content of the variable data.
@param[in] VarSize The size of the variable data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1928,13 +1928,13 @@ MeasureVariable (
/**
Read then Measure and log an EFI variable, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1987,9 +1987,9 @@ according to TCG PC Client PFP spec 0021 Section 2.4.4.2
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -2018,9 +2018,9 @@ ReadAndMeasureBootVariable (
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -2477,7 +2477,7 @@ OnResetNotificationInstall (
/**
The function install Tcg2 protocol.
@retval EFI_SUCCESS Tcg2 protocol is installed.
@retval other Some error occurs.
**/
@@ -2502,9 +2502,9 @@ InstallTcg2 (
/**
The driver's entry point. It publishes EFI Tcg2 Protocol.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval other Some error occurs when executing this entry point.
**/
@@ -2537,18 +2537,18 @@ DriverEntry (
DEBUG ((EFI_D_ERROR, "TPM2 error!\n"));
return EFI_DEVICE_ERROR;
}
Status = Tpm2RequestUseTpm ();
if (EFI_ERROR (Status)) {
DEBUG ((EFI_D_ERROR, "TPM2 not detected!\n"));
return Status;
}
//
// Fill information
//
ASSERT (TCG_EVENT_LOG_AREA_COUNT_MAX == sizeof(mTcg2EventInfo)/sizeof(mTcg2EventInfo[0]));
mTcgDxeData.BsCap.Size = sizeof(EFI_TCG2_BOOT_SERVICE_CAPABILITY);
mTcgDxeData.BsCap.ProtocolVersion.Major = 1;
mTcgDxeData.BsCap.ProtocolVersion.Minor = 1;
@@ -2655,7 +2655,7 @@ DriverEntry (
);
//
// Measure Exit Boot Service failed
// Measure Exit Boot Service failed
//
Status = gBS->CreateEventEx (
EVT_NOTIFY_SIGNAL,

4
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.inf
View File

@@ -14,7 +14,7 @@
# This external input must be validated carefully to avoid security issue like
# buffer overflow, integer overflow.
#
# Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -78,7 +78,7 @@
## SOMETIMES_CONSUMES ## Variable:L"db"
## SOMETIMES_CONSUMES ## Variable:L"dbx"
gEfiImageSecurityDatabaseGuid
gTcgEventEntryHobGuid ## SOMETIMES_CONSUMES ## HOB
gTpmErrorHobGuid ## SOMETIMES_CONSUMES ## HOB
gEfiEventExitBootServicesGuid ## CONSUMES ## Event

4
SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.uni
View File

@@ -2,13 +2,13 @@
// Produces TCG2 protocol and measure boot environment
//
// This module will produce TCG2 protocol and measure boot environment.
//
//
// Caution: This module requires additional review when modified.
// This driver will have external input - PE/COFF image.
// This external input must be validated carefully to avoid security issue like
// buffer overflow, integer overflow.
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License

6
SecurityPkg/Tcg/Tcg2Dxe/Tcg2DxeExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// Tcg2Dxe Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,6 +12,6 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG2 (Trusted Computing Group) DXE"

48
SecurityPkg/Tcg/Tcg2Pei/Tcg2Pei.c
View File

@@ -1,14 +1,14 @@
/** @file
Initialize TPM2 device and measure FVs before handing off control to DXE.
Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -119,12 +119,12 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfoPpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
FirmwareVolmeInfoPpiNotifyCallback
},
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfo2PpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
FirmwareVolmeInfoPpiNotifyCallback
},
{
(EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
@@ -136,7 +136,7 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
/**
Record all measured Firmware Volum Information into a Guid Hob
Guid Hob payload layout is
Guid Hob payload layout is
UINT32 *************************** FIRMWARE_BLOB number
EFI_PLATFORM_FIRMWARE_BLOB******** BLOB Array
@@ -156,13 +156,13 @@ EndofPeiSignalNotifyCallBack (
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
)
{
{
MEASURED_HOB_DATA *MeasuredHobData;
MeasuredHobData = NULL;
//
// Create a Guid hob to save all measured Fv
// Create a Guid hob to save all measured Fv
//
MeasuredHobData = BuildGuidHob(
&gMeasuredFvHobGuid,
@@ -358,11 +358,11 @@ LogHashEvent (
added into the Event Log.
@param[in] Flags Bitmap providing additional information.
@param[in] HashData Physical address of the start of the data buffer
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -396,7 +396,7 @@ HashLogExtendEvent (
Status = LogHashEvent (&DigestList, NewEventHdr, NewEventData);
}
}
if (Status == EFI_DEVICE_ERROR) {
DEBUG ((EFI_D_ERROR, "HashLogExtendEvent - %r. Disable TPM.\n", Status));
BuildGuidHob (&gTpmErrorHobGuid,0);
@@ -443,13 +443,13 @@ MeasureCRTMVersion (
}
/**
Measure FV image.
Add it into the measured FV list after the FV is measured successfully.
Measure FV image.
Add it into the measured FV list after the FV is measured successfully.
@param[in] FvBase Base address of FV image.
@param[in] FvLength Length of FV image.
@retval EFI_SUCCESS Fv image is measured successfully
@retval EFI_SUCCESS Fv image is measured successfully
or it has been already measured.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@@ -705,21 +705,21 @@ FirmwareVolmeInfoPpiNotifyCallback (
// The PEI Core can not dispatch or load files from memory mapped FVs that do not support FvPpi.
//
Status = PeiServicesLocatePpi (
&Fv->FvFormat,
0,
&Fv->FvFormat,
0,
NULL,
(VOID**)&FvPpi
);
if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
//
// This is an FV from an FFS file, and the parent FV must have already been measured,
// No need to measure twice, so just record the FV and return
//
if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
ASSERT (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) {
//
@@ -761,7 +761,7 @@ PeimEntryMP (
ASSERT (mMeasuredBaseFvInfo != NULL);
mMeasuredChildFvInfo = (EFI_PLATFORM_FIRMWARE_BLOB *) AllocateZeroPool (sizeof (EFI_PLATFORM_FIRMWARE_BLOB) * PcdGet32 (PcdPeiCoreMaxFvSupported));
ASSERT (mMeasuredChildFvInfo != NULL);
if (PcdGet8 (PcdTpm2ScrtmPolicy) == 1) {
Status = MeasureCRTMVersion ();
}
@@ -785,7 +785,7 @@ PeimEntryMP (
/**
Measure and log Separator event with error, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR index.
@param[in] PCRIndex PCR index.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -885,7 +885,7 @@ PeimEntryMA (
goto Done;
}
}
//
// Update Tpm2HashMask according to PCR bank.
//

6
SecurityPkg/Tcg/Tcg2Pei/Tcg2PeiExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// Tcg2Pei Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG2 (Trusted Computing Group) PEI"

30
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.c
View File

@@ -10,12 +10,12 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -82,7 +82,7 @@ PhysicalPresenceCallback (
mTcgNvs->PhysicalPresence.LastRequest = MostRecentRequest;
mTcgNvs->PhysicalPresence.Response = Response;
return EFI_SUCCESS;
} else if ((mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
} else if ((mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
|| (mTcgNvs->PhysicalPresence.Parameter == TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
OperationRequest = mTcgNvs->PhysicalPresence.Request;
@@ -163,7 +163,7 @@ MemoryClearCallback (
DataSize,
&MorControl
);
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
}
@@ -201,7 +201,7 @@ AssignOpRegion (
for (OpRegion = (AML_OP_REGION_32_8 *) (Table + 1);
OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
OpRegion = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&
if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&
(OpRegion->NameString == Name) &&
(OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
(OpRegion->BytePrefix == AML_BYTE_PREFIX)) {
@@ -219,7 +219,7 @@ AssignOpRegion (
}
/**
Patch version string of Physical Presence interface supported by platform. The initial string tag in TPM
Patch version string of Physical Presence interface supported by platform. The initial string tag in TPM
ACPI table is "$PV".
@param[in, out] Table The TPM item in ACPI table.
@@ -536,7 +536,7 @@ UpdateHID (
if (!EFI_ERROR(Status)) {
DEBUG((EFI_D_INFO, "TPM_PT_MANUFACTURER 0x%08x\n", ManufacturerID));
//
// ManufacturerID defined in TCG Vendor ID Registry
// ManufacturerID defined in TCG Vendor ID Registry
// may tailed with 0x00 or 0x20
//
if ((ManufacturerID >> 24) == 0x00 || ((ManufacturerID >> 24) == 0x20)) {
@@ -571,7 +571,7 @@ UpdateHID (
} else {
AsciiSPrint(Hid + 4, TPM_HID_ACPI_SIZE - 4, "%02d%02d", ((FirmwareVersion1 & 0xFFFF0000) >> 16), (FirmwareVersion1 & 0x0000FFFF));
}
} else {
DEBUG ((EFI_D_ERROR, "Get TPM_PT_FIRMWARE_VERSION_X failed %x!\n", Status));
ASSERT(FALSE);
@@ -742,7 +742,7 @@ PublishTpm2 (
//
// PlatformClass is only valid for version 4 and above
// BIT0~15: PlatformClass
// BIT0~15: PlatformClass
// BIT16~31: Reserved
//
if (mTpm2AcpiTemplate.Header.Revision >= EFI_TPM2_ACPI_TABLE_REVISION_4) {
@@ -808,12 +808,12 @@ PublishTpm2 (
/**
The driver's entry point.
It install callbacks for TPM physical presence and MemoryClear, and locate
It install callbacks for TPM physical presence and MemoryClear, and locate
SMM variable to be used in the callback function.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval Others Some error occurs when executing this entry point.
@@ -858,7 +858,7 @@ InitializeTcgSmm (
return Status;
}
mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
//
// Locate SmmVariableProtocol.
//

10
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.h
View File

@@ -1,13 +1,13 @@
/** @file
The header file for Tcg2 SMM driver.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

8
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.inf
View File

@@ -8,8 +8,8 @@
# TPM2.0 ACPI device object
# "TCG PC Client Platform Firmware Profile Specification for TPM Family 2.0 Level 00 Revision 00.21"
#
# This driver implements TPM 2.0 definition block in ACPI table and
# registers SMI callback functions for Tcg2 physical presence and
# This driver implements TPM 2.0 definition block in ACPI table and
# registers SMI callback functions for Tcg2 physical presence and
# MemoryClear to handle the requests from ACPI method.
#
# Caution: This module requires additional review when modified.
@@ -62,9 +62,9 @@
[Guids]
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
gEfiMemoryOverwriteControlDataGuid
gEfiTpmDeviceInstanceTpm20DtpmGuid ## PRODUCES ## GUID # TPM device identifier
[Protocols]

4
SecurityPkg/Tcg/Tcg2Smm/Tcg2Smm.uni
View File

@@ -4,12 +4,12 @@
// This driver implements TPM 2.0 definition block in ACPI table and
// registers SMI callback functions for TCG2 physical presence and
// MemoryClear to handle the requests from ACPI method.
//
//
// Caution: This module requires additional review when modified.
// This driver will have external input - variable and ACPINvs data in SMM mode.
// This external input must be validated carefully to avoid security issue.
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License

6
SecurityPkg/Tcg/Tcg2Smm/Tcg2SmmExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// Tcg2Smm Localized Strings and Content
//
// Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG2 (Trusted Computing Group) SMM"

52
SecurityPkg/Tcg/Tcg2Smm/Tpm.asl
View File

@@ -1,16 +1,16 @@
/** @file
The TPM2 definition block in ACPI table for TCG2 physical presence
The TPM2 definition block in ACPI table for TCG2 physical presence
and MemoryClear.
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(c)Copyright 2016 HP Development Company, L.P.<BR>
Copyright (c) 2017, Microsoft Corporation. All rights reserved. <BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -49,7 +49,7 @@ DefinitionBlock (
//
OperationRegion (SMIP, SystemIO, 0xB2, 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
{
IOB2, 8
}
@@ -247,12 +247,12 @@ DefinitionBlock (
}
Method (PTS, 1, Serialized)
{
{
//
// Detect Sx state for MOR, only S4, S5 need to handle
//
If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
{
{
//
// Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
//
@@ -262,7 +262,7 @@ DefinitionBlock (
// Triggle the SMI through ACPI _PTS method.
//
Store (0x02, MCIP)
//
// Triggle the SMI interrupt
//
@@ -270,7 +270,7 @@ DefinitionBlock (
}
}
Return (0)
}
}
Method (_STA, 0)
{
@@ -320,12 +320,12 @@ DefinitionBlock (
}
Name(TPM2, Package (0x02){
Zero,
Zero,
Zero
})
Name(TPM3, Package (0x03){
Zero,
Zero,
Zero,
Zero
})
@@ -334,7 +334,7 @@ DefinitionBlock (
// TCG Physical Presence Interface
//
Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
{
{
//
// Switch by function index
//
@@ -359,11 +359,11 @@ DefinitionBlock (
//
// b) Submit TPM Operation Request to Pre-OS Environment
//
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
Store (0, PPRM)
Store (0x02, PPIP)
//
// Triggle the SMI interrupt
//
@@ -377,7 +377,7 @@ DefinitionBlock (
//
// c) Get Pending TPM Operation Requested By the OS
//
Store (PPRQ, Index (TPM2, 0x01))
Return (TPM2)
}
@@ -394,12 +394,12 @@ DefinitionBlock (
// e) Return TPM Operation Response to OS Environment
//
Store (0x05, PPIP)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -426,11 +426,11 @@ DefinitionBlock (
If (LEqual (PPRQ, 23)) {
Store (DerefOf (Index (Arg2, 0x01)), PPRM)
}
//
// Triggle the SMI interrupt
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Store (PPIN, IOB2)
Return (FRET)
}
Case (8)
@@ -440,12 +440,12 @@ DefinitionBlock (
//
Store (8, PPIP)
Store (DerefOf (Index (Arg2, 0x00)), UCRQ)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Return (FRET)
}
@@ -474,12 +474,12 @@ DefinitionBlock (
// Save the Operation Value of the Request to MORD (reserved memory)
//
Store (DerefOf (Index (Arg2, 0x00)), MORD)
//
// Triggle the SMI through ACPI _DSM method.
//
Store (0x01, MCIP)
//
// Triggle the SMI interrupt
//
@@ -488,7 +488,7 @@ DefinitionBlock (
}
Default {BreakPoint}
}
Return (1)
Return (1)
}
Method (_DSM, 4, Serialized, 0, UnknownObj, {BuffObj, IntObj, IntObj, PkgObj})

14
SecurityPkg/Tcg/TcgConfigDxe/TcgConfig.vfr
View File

@@ -1,13 +1,13 @@
/** @file
VFR file used by the TCG configuration component.
Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -53,7 +53,7 @@ formset
option text = STRING_TOKEN(STR_TPM_DEACTIVATE_DISABLE), value = PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, flags = 0;
endif
//
// Clear (TPM_ORD_ForceClear) command is not available when disabled or deactivated.
// Clear (TPM_ORD_ForceClear) command is not available when disabled or deactivated.
//
suppressif ideqval TCG_CONFIGURATION.TpmEnable == 0 OR
ideqval TCG_CONFIGURATION.TpmActivate == 0;
@@ -62,7 +62,7 @@ formset
endif
option text = STRING_TOKEN(STR_ENABLE), value = PHYSICAL_PRESENCE_ENABLE, flags = DEFAULT;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR, flags = 0;
option text = STRING_TOKEN(STR_TPM_ENABLE_ACTIVATE_CLEAR_E_A), value = PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE, flags = 0;
endoneof;

28
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDriver.c
View File

@@ -1,13 +1,13 @@
/** @file
The module entry point for Tcg configuration module.
Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -53,7 +53,7 @@ TcgConfigDriverEntryPoint (
if (EFI_ERROR (Status)) {
TcgProtocol = NULL;
}
Status = gBS->OpenProtocol (
ImageHandle,
&gEfiCallerIdGuid,
@@ -65,7 +65,7 @@ TcgConfigDriverEntryPoint (
if (!EFI_ERROR (Status)) {
return EFI_ALREADY_STARTED;
}
//
// Create a private data structure.
//
@@ -92,7 +92,7 @@ TcgConfigDriverEntryPoint (
//
// Install private GUID.
//
//
Status = gBS->InstallMultipleProtocolInterfaces (
&ImageHandle,
&gEfiCallerIdGuid,
@@ -109,8 +109,8 @@ TcgConfigDriverEntryPoint (
ErrorExit:
if (PrivateData != NULL) {
UninstallTcgConfigForm (PrivateData);
}
}
return Status;
}
@@ -136,11 +136,11 @@ TcgConfigDriverUnload (
ImageHandle,
&gEfiCallerIdGuid,
(VOID **) &PrivateData
);
);
if (EFI_ERROR (Status)) {
return Status;
return Status;
}
ASSERT (PrivateData->Signature == TCG_CONFIG_PRIVATE_DATA_SIGNATURE);
gBS->UninstallMultipleProtocolInterfaces (
@@ -149,7 +149,7 @@ TcgConfigDriverUnload (
PrivateData,
NULL
);
UninstallTcgConfigForm (PrivateData);
return EFI_SUCCESS;

6
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxe.inf
View File

@@ -2,7 +2,7 @@
# Provides the capability to update TPM state setup browser
# By this module, user may enable/disable/activate/deactivate/clear TPM, etc.
#
# Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -58,7 +58,7 @@
## SOMETIMES_PRODUCES ## Variable:L"PhysicalPresence"
## SOMETIMES_CONSUMES ## Variable:L"PhysicalPresence"
gEfiPhysicalPresenceGuid
gEfiIfrTianoGuid ## SOMETIMES_PRODUCES ## GUID # HII opcode
## PRODUCES ## HII
## CONSUMES ## HII
@@ -78,6 +78,6 @@
gEfiHiiDatabaseProtocolGuid AND
gEfiVariableArchProtocolGuid AND
gEfiVariableWriteArchProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
TcgConfigDxeExtra.uni

6
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigDxeExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgConfigDxe Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) Config DXE"

38
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.c
View File

@@ -1,13 +1,13 @@
/** @file
HII Config Access protocol implementation of TCG configuration module.
Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -40,7 +40,7 @@ HII_VENDOR_DEVICE_PATH mTcgHiiVendorDevicePath = {
{
END_DEVICE_PATH_TYPE,
END_ENTIRE_DEVICE_PATH_SUBTYPE,
{
{
(UINT8) (END_DEVICE_PATH_LENGTH),
(UINT8) ((END_DEVICE_PATH_LENGTH) >> 8)
}
@@ -73,7 +73,7 @@ GetTpmState (
UINT8 CmdBuf[64];
ASSERT (TcgProtocol != NULL);
//
// Get TPM Permanent flags (TpmEnable, TpmActivate)
//
@@ -82,7 +82,7 @@ GetTpmState (
*(UINT16*)&CmdBuf[0] = SwapBytes16 (TPM_TAG_RQU_COMMAND);
*(UINT32*)&CmdBuf[2] = SwapBytes32 (TpmSendSize);
*(UINT32*)&CmdBuf[6] = SwapBytes32 (TPM_ORD_GetCapability);
*(UINT32*)&CmdBuf[10] = SwapBytes32 (TPM_CAP_FLAG);
*(UINT32*)&CmdBuf[14] = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
*(UINT32*)&CmdBuf[18] = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
@@ -93,12 +93,12 @@ GetTpmState (
CmdBuf,
sizeof (CmdBuf),
CmdBuf
);
);
TpmRsp = (TPM_RSP_COMMAND_HDR *) &CmdBuf[0];
if (EFI_ERROR (Status) || (TpmRsp->tag != SwapBytes16 (TPM_TAG_RSP_COMMAND)) || (TpmRsp->returnCode != 0)) {
return EFI_DEVICE_ERROR;
}
TpmPermanentFlags = (TPM_PERMANENT_FLAGS *) &CmdBuf[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)];
if (TpmEnable != NULL) {
@@ -109,8 +109,8 @@ GetTpmState (
*TpmActivate = (BOOLEAN) !TpmPermanentFlags->deactivated;
}
}
return EFI_SUCCESS;
return EFI_SUCCESS;
}
/**
@@ -175,7 +175,7 @@ TcgExtractConfig (
//
// Convert buffer data to <ConfigResp> by helper function BlockToConfig()
//
//
PrivateData->Configuration->TpmOperation = PHYSICAL_PRESENCE_ENABLE;
//
@@ -321,8 +321,8 @@ SavePpRequest (
);
if (EFI_ERROR (Status)) {
return Status;
}
}
PpData.PPRequest = PpRequest;
Status = gRT->SetVariable (
PHYSICAL_PRESENCE_VARIABLE,
@@ -400,7 +400,7 @@ TcgCallback (
SavePpRequest (Value->u8);
*ActionRequest = EFI_BROWSER_ACTION_REQUEST_SUBMIT;
return EFI_SUCCESS;
}
@@ -458,14 +458,14 @@ InstallTcgConfigForm (
&gEfiHiiConfigAccessProtocolGuid,
ConfigAccess,
NULL
);
);
return EFI_OUT_OF_RESOURCES;
}
PrivateData->HiiHandle = HiiHandle;
return EFI_SUCCESS;
return EFI_SUCCESS;
}
/**

12
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigImpl.h
View File

@@ -2,13 +2,13 @@
The header file of HII Config Access protocol implementation of TCG
configuration module.
Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -59,7 +59,7 @@ typedef struct {
EFI_HII_CONFIG_ACCESS_PROTOCOL ConfigAccess;
EFI_HII_HANDLE HiiHandle;
EFI_HANDLE DriverHandle;
EFI_HANDLE DriverHandle;
TCG_CONFIGURATION *Configuration;
EFI_TCG_PROTOCOL *TcgProtocol;

10
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigNvData.h
View File

@@ -1,13 +1,13 @@
/** @file
Header file for NV data structure definition.
Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

12
SecurityPkg/Tcg/TcgConfigDxe/TcgConfigStrings.uni
View File

@@ -1,13 +1,13 @@
/** @file
String definitions for TCG configuration form.
Copyright (c) 2011 - 2012, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -37,4 +37,4 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
#string STR_NULL #language en-US ""
#string STR_HIDE_TPM_PROMPT #language en-US "Hide TPM"
#string STR_HIDE_TPM_HELP #language en-US "Check to hide TPM in OS"
#string STR_HIDE_TPM_HELP #language en-US "Check to hide TPM in OS"

166
SecurityPkg/Tcg/TcgDxe/TcgDxe.c
View File

@@ -1,6 +1,6 @@
/** @file
/** @file
This module implements TCG EFI Protocol.
Caution: This module requires additional review when modified.
This driver will have external input - TcgDxePassThroughToTpm
This external input must be validated carefully to avoid security issue like
@@ -8,14 +8,14 @@ buffer overflow, integer overflow.
TcgDxePassThroughToTpm() will receive untrusted input and do basic validation.
Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -86,8 +86,8 @@ EFI_TCG_CLIENT_ACPI_TABLE mTcgClientAcpiTemplate = {
//
// The following EFI_TCG_SERVER_ACPI_TABLE default setting is just one example,
// the TPM device connectes to LPC, and also defined the ACPI _UID as 0xFF,
// this _UID can be changed and should match with the _UID setting of the TPM
// ACPI device object
// this _UID can be changed and should match with the _UID setting of the TPM
// ACPI device object
//
EFI_TCG_SERVER_ACPI_TABLE mTcgServerAcpiTemplate = {
{
@@ -209,26 +209,26 @@ GetProcessorsCpuLocation (
}
/**
This service provides EFI protocol capability information, state information
This service provides EFI protocol capability information, state information
about the TPM, and Event Log state information.
@param[in] This Indicates the calling context
@param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
structure and fills in the fields with the EFI protocol
@param[out] ProtocolCapability The callee allocates memory for a TCG_BOOT_SERVICE_CAPABILITY
structure and fills in the fields with the EFI protocol
capability information and the current TPM state information.
@param[out] TCGFeatureFlags This is a pointer to the feature flags. No feature
flags are currently defined so this parameter
MUST be set to 0. However, in the future,
feature flags may be defined that, for example,
@param[out] TCGFeatureFlags This is a pointer to the feature flags. No feature
flags are currently defined so this parameter
MUST be set to 0. However, in the future,
feature flags may be defined that, for example,
enable hash algorithm agility.
@param[out] EventLogLocation This is a pointer to the address of the event log in memory.
@param[out] EventLogLastEntry If the Event Log contains more than one entry,
this is a pointer to the address of the start of
the last entry in the event log in memory.
@param[out] EventLogLastEntry If the Event Log contains more than one entry,
this is a pointer to the address of the start of
the last entry in the event log in memory.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_INVALID_PARAMETER ProtocolCapability does not match TCG capability.
**/
EFI_STATUS
EFIAPI
@@ -307,21 +307,21 @@ TpmCommHashAll (
/**
This service abstracts the capability to do a hash operation on a data buffer.
@param[in] This Indicates the calling context
@param[in] HashData Pointer to the data buffer to be hashed
@param[in] HashDataLen Length of the data buffer to be hashed
@param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
@param[in, out] HashedDataLen Resultant length of the hashed data
@param[in, out] HashedDataResult Resultant buffer of the hashed data
@param[in, out] HashedDataResult Resultant buffer of the hashed data
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_INVALID_PARAMETER HashDataLen is NULL.
@retval EFI_INVALID_PARAMETER HashDataLenResult is NULL.
@retval EFI_OUT_OF_RESOURCES Cannot allocate buffer of size *HashedDataLen.
@retval EFI_UNSUPPORTED AlgorithmId not supported.
@retval EFI_BUFFER_TOO_SMALL *HashedDataLen < sizeof (TCG_DIGEST).
**/
EFI_STATUS
EFIAPI
@@ -356,7 +356,7 @@ TcgDxeHashAll (
if (*HashedDataResult == NULL) {
*HashedDataResult = AllocatePool ((UINTN) *HashedDataLen);
}
}
return TpmCommHashAll (
HashData,
@@ -419,9 +419,9 @@ TpmCommLogEvent (
Add a new entry to the Event Log.
@param[in] TcgData TCG_DXE_DATA structure.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS The new event log entry was added.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -459,18 +459,18 @@ TcgDxeLogEventI (
This service abstracts the capability to add an entry to the Event Log.
@param[in] This Indicates the calling context
@param[in] TCGLogData Pointer to the start of the data buffer containing
the TCG_PCR_EVENT data structure. All fields in
@param[in] TCGLogData Pointer to the start of the data buffer containing
the TCG_PCR_EVENT data structure. All fields in
this structure are properly filled by the caller.
@param[in, out] EventNumber The event number of the event just logged
@param[in] Flags Indicate additional flags. Only one flag has been
defined at this time, which is 0x01 and means the
extend operation should not be performed. All
other bits are reserved.
@param[in] Flags Indicate additional flags. Only one flag has been
defined at this time, which is 0x01 and means the
extend operation should not be performed. All
other bits are reserved.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Insufficient memory in the event log to complete this action.
**/
EFI_STATUS
EFIAPI
@@ -488,7 +488,7 @@ TcgDxeLogEvent (
}
TcgData = TCG_DXE_DATA_FROM_THIS (This);
if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
return EFI_DEVICE_ERROR;
}
@@ -512,7 +512,7 @@ TcgDxeLogEvent (
@retval EFI_INVALID_PARAMETER Invalid ordinal.
@retval EFI_UNSUPPORTED Current Task Priority Level >= EFI_TPL_CALLBACK.
@retval EFI_TIMEOUT The TIS timed-out.
**/
EFI_STATUS
EFIAPI
@@ -524,8 +524,8 @@ TcgDxePassThroughToTpm (
IN UINT8 *TpmOutputParameterBlock
)
{
if (TpmInputParameterBlock == NULL ||
TpmOutputParameterBlock == NULL ||
if (TpmInputParameterBlock == NULL ||
TpmOutputParameterBlock == NULL ||
TpmInputParameterBlockSize == 0 ||
TpmOutputParameterBlockSize == 0) {
return EFI_INVALID_PARAMETER;
@@ -544,11 +544,11 @@ TcgDxePassThroughToTpm (
and add an entry to the Event Log.
@param[in] TcgData TCG_DXE_DATA structure.
@param[in] HashData Physical address of the start of the data buffer
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
@param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@param[in, out] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -611,24 +611,24 @@ Done:
extend a specific TPM PCR with the hash result, and add an entry to the Event Log
@param[in] This Indicates the calling context
@param[in] HashData Physical address of the start of the data buffer
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData
@param[in] AlgorithmId Identification of the Algorithm to use for the hashing operation
@param[in, out] TCGLogData The physical address of the start of the data
@param[in, out] TCGLogData The physical address of the start of the data
buffer containing the TCG_PCR_EVENT data structure.
@param[in, out] EventNumber The event number of the event just logged.
@param[out] EventLogLastEntry Physical address of the first byte of the entry
just placed in the Event Log. If the Event Log was
empty when this function was called then this physical
address will be the same as the physical address of
@param[out] EventLogLastEntry Physical address of the first byte of the entry
just placed in the Event Log. If the Event Log was
empty when this function was called then this physical
address will be the same as the physical address of
the start of the Event Log.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_UNSUPPORTED AlgorithmId != TPM_ALG_SHA.
@retval EFI_UNSUPPORTED Current TPL >= EFI_TPL_CALLBACK.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
**/
EFI_STATUS
EFIAPI
@@ -650,15 +650,15 @@ TcgDxeHashLogExtendEvent (
}
TcgData = TCG_DXE_DATA_FROM_THIS (This);
if (TcgData->BsCap.TPMDeactivatedFlag || (!TcgData->BsCap.TPMPresentFlag)) {
return EFI_DEVICE_ERROR;
}
if (AlgorithmId != TPM_ALG_SHA) {
return EFI_UNSUPPORTED;
}
if (HashData == 0 && HashDataLen > 0) {
return EFI_INVALID_PARAMETER;
}
@@ -717,10 +717,10 @@ SetupEventLog (
TCG_PCR_EVENT *TcgEvent;
EFI_PEI_HOB_POINTERS GuidHob;
EFI_PHYSICAL_ADDRESS Lasa;
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_CLIENT) {
Lasa = mTcgClientAcpiTemplate.Lasa;
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
@@ -732,15 +732,15 @@ SetupEventLog (
}
mTcgClientAcpiTemplate.Lasa = Lasa;
//
// To initialize them as 0xFF is recommended
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
SetMem ((VOID *)(UINTN)mTcgClientAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
mTcgClientAcpiTemplate.Laml = PcdGet32 (PcdTcgLogAreaMinLen);
} else {
Lasa = mTcgServerAcpiTemplate.Lasa;
Status = gBS->AllocatePages (
AllocateMaxAddress,
EfiACPIMemoryNVS,
@@ -752,7 +752,7 @@ SetupEventLog (
}
mTcgServerAcpiTemplate.Lasa = Lasa;
//
// To initialize them as 0xFF is recommended
// To initialize them as 0xFF is recommended
// because the OS can know the last entry for that.
//
SetMem ((VOID *)(UINTN)mTcgServerAcpiTemplate.Lasa, PcdGet32 (PcdTcgLogAreaMinLen), 0xFF);
@@ -760,7 +760,7 @@ SetupEventLog (
}
GuidHob.Raw = GetHobList ();
while (!EFI_ERROR (Status) &&
while (!EFI_ERROR (Status) &&
(GuidHob.Raw = GetNextGuidHob (&gTcgEventEntryHobGuid, GuidHob.Raw)) != NULL) {
TcgEvent = GET_GUID_HOB_DATA (GuidHob.Guid);
GuidHob.Raw = GET_NEXT_HOB (GuidHob);
@@ -777,8 +777,8 @@ SetupEventLog (
/**
Measure and log an action string, and extend the measurement result into PCR[5].
@param[in] String A specific string that indicates an Action event.
@param[in] String A specific string that indicates an Action event.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -827,7 +827,7 @@ MeasureHandoffTables (
if (PcdGet8 (PcdTpmPlatformClass) == TCG_PLATFORM_TYPE_SERVER) {
//
// Tcg Server spec.
// Tcg Server spec.
// Measure each processor EFI_CPU_PHYSICAL_LOCATION with EV_TABLE_OF_DEVICES to PCR[1]
//
Status = GetProcessorsCpuLocation(&ProcessorLocBuf, &ProcessorNum);
@@ -859,7 +859,7 @@ MeasureHandoffTables (
/**
Measure and log Separator event, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR index.
@param[in] PCRIndex PCR index.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -895,7 +895,7 @@ MeasureSeparatorEvent (
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[out] VarSize The size of the variable data.
@param[out] VarSize The size of the variable data.
@return A pointer to the buffer to return the contents of the variable.Otherwise NULL.
@@ -944,13 +944,13 @@ ReadVariable (
/**
Measure and log an EFI variable, and extend the measurement result into a specific PCR.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] PCRIndex PCR Index.
@param[in] EventType Event type.
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[in] VarData The content of the variable data.
@param[in] VarSize The size of the variable data.
@param[in] VarData The content of the variable data.
@param[in] VarSize The size of the variable data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1013,9 +1013,9 @@ MeasureVariable (
@param[in] VarName A Null-terminated string that is the name of the vendor's variable.
@param[in] VendorGuid A unique identifier for the vendor.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@param[out] VarSize The size of the variable data.
@param[out] VarData Pointer to the content of the variable.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES Out of memory.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1197,9 +1197,9 @@ OnReadyToBoot (
/**
Install TCG ACPI Table when ACPI Table Protocol is available.
A system's firmware uses an ACPI table to identify the system's TCG capabilities
to the Post-Boot environment. The information in this ACPI table is not guaranteed
to be valid until the Host Platform transitions from pre-boot state to post-boot state.
A system's firmware uses an ACPI table to identify the system's TCG capabilities
to the Post-Boot environment. The information in this ACPI table is not guaranteed
to be valid until the Host Platform transitions from pre-boot state to post-boot state.
@param[in] Event Event whose notification function is being invoked
@param[in] Context Pointer to the notification function's context
@@ -1230,7 +1230,7 @@ InstallAcpiTable (
mTcgClientAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId);
mTcgClientAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision);
//
// The ACPI table must be checksumed before calling the InstallAcpiTable()
// The ACPI table must be checksumed before calling the InstallAcpiTable()
// service of the ACPI table protocol to install it.
//
Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgClientAcpiTemplate, sizeof (mTcgClientAcpiTemplate));
@@ -1250,7 +1250,7 @@ InstallAcpiTable (
mTcgServerAcpiTemplate.Header.CreatorId = PcdGet32 (PcdAcpiDefaultCreatorId);
mTcgServerAcpiTemplate.Header.CreatorRevision = PcdGet32 (PcdAcpiDefaultCreatorRevision);
//
// The ACPI table must be checksumed before calling the InstallAcpiTable()
// The ACPI table must be checksumed before calling the InstallAcpiTable()
// service of the ACPI table protocol to install it.
//
Checksum = CalculateCheckSum8 ((UINT8 *)&mTcgServerAcpiTemplate, sizeof (mTcgServerAcpiTemplate));
@@ -1341,7 +1341,7 @@ OnExitBootServicesFailed (
/**
Get TPM Deactivated state.
@param[out] TPMDeactivatedFlag Returns TPM Deactivated state.
@param[out] TPMDeactivatedFlag Returns TPM Deactivated state.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_DEVICE_ERROR The operation was unsuccessful.
@@ -1368,9 +1368,9 @@ GetTpmStatus (
It publishes EFI TCG Protocol.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval other Some error occurs when executing this entry point.
@@ -1444,7 +1444,7 @@ DriverEntry (
);
//
// Measure Exit Boot Service failed
// Measure Exit Boot Service failed
//
Status = gBS->CreateEventEx (
EVT_NOTIFY_SIGNAL,
@@ -1460,6 +1460,6 @@ DriverEntry (
// Install ACPI Table
//
EfiCreateProtocolNotifyEvent (&gEfiAcpiTableProtocolGuid, TPL_CALLBACK, InstallAcpiTable, NULL, &Registration);
return Status;
}

6
SecurityPkg/Tcg/TcgDxe/TcgDxe.inf
View File

@@ -2,7 +2,7 @@
# Produces TCG protocol and measures boot environment
# This module will produce TCG protocol and measure boot environment.
#
# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -65,7 +65,7 @@
gEfiTcgProtocolGuid ## PRODUCES
gEfiAcpiTableProtocolGuid ## NOTIFY
gEfiMpServiceProtocolGuid ## SOMETIMES_CONSUMES
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdTpmPlatformClass ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
@@ -83,4 +83,4 @@
[UserExtensions.TianoCore."ExtraFiles"]
TcgDxeExtra.uni

6
SecurityPkg/Tcg/TcgDxe/TcgDxeExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgDxe Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) DXE"

70
SecurityPkg/Tcg/TcgPei/TcgPei.c
View File

@@ -1,13 +1,13 @@
/** @file
Initialize TPM device and measure FVs before handing off control to DXE.
Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2005 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -129,12 +129,12 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfoPpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
FirmwareVolmeInfoPpiNotifyCallback
},
{
EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK,
&gEfiPeiFirmwareVolumeInfo2PpiGuid,
FirmwareVolmeInfoPpiNotifyCallback
FirmwareVolmeInfoPpiNotifyCallback
},
{
(EFI_PEI_PPI_DESCRIPTOR_NOTIFY_CALLBACK | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
@@ -145,7 +145,7 @@ EFI_PEI_NOTIFY_DESCRIPTOR mNotifyList[] = {
/**
Record all measured Firmware Volum Information into a Guid Hob
Guid Hob payload layout is
Guid Hob payload layout is
UINT32 *************************** FIRMWARE_BLOB number
EFI_PLATFORM_FIRMWARE_BLOB******** BLOB Array
@@ -165,13 +165,13 @@ EndofPeiSignalNotifyCallBack (
IN EFI_PEI_NOTIFY_DESCRIPTOR *NotifyDescriptor,
IN VOID *Ppi
)
{
{
MEASURED_HOB_DATA *MeasuredHobData;
MeasuredHobData = NULL;
//
// Create a Guid hob to save all measured Fv
// Create a Guid hob to save all measured Fv
//
MeasuredHobData = BuildGuidHob(
&gMeasuredFvHobGuid,
@@ -238,11 +238,11 @@ TpmCommHashAll (
added into the Event Log.
@param[in] PeiServices Describes the list of possible PEI Services.
@param[in] HashData Physical address of the start of the data buffer
@param[in] HashData Physical address of the start of the data buffer
to be hashed, extended, and logged.
@param[in] HashDataLen The length, in bytes, of the buffer referenced by HashData.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@param[in] NewEventHdr Pointer to a TCG_PCR_EVENT_HDR data structure.
@param[in] NewEventData Pointer to the new event data.
@retval EFI_SUCCESS Operation completed successfully.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@@ -260,7 +260,7 @@ HashLogExtendEvent (
{
EFI_STATUS Status;
VOID *HobData;
if (GetFirstGuidHob (&gTpmErrorHobGuid) != NULL) {
return EFI_DEVICE_ERROR;
}
@@ -349,13 +349,13 @@ MeasureCRTMVersion (
}
/**
Measure FV image.
Add it into the measured FV list after the FV is measured successfully.
Measure FV image.
Add it into the measured FV list after the FV is measured successfully.
@param[in] FvBase Base address of FV image.
@param[in] FvLength Length of FV image.
@retval EFI_SUCCESS Fv image is measured successfully
@retval EFI_SUCCESS Fv image is measured successfully
or it has been already measured.
@retval EFI_OUT_OF_RESOURCES No enough memory to log the new event.
@retval EFI_DEVICE_ERROR The command was unsuccessful.
@@ -394,7 +394,7 @@ MeasureFvImage (
return EFI_SUCCESS;
}
}
//
// Measure and record the FV to the TPM
//
@@ -450,7 +450,7 @@ MeasureMainBios (
EFI_PEI_FV_HANDLE VolumeHandle;
EFI_FV_INFO VolumeInfo;
EFI_PEI_FIRMWARE_VOLUME_PPI *FvPpi;
FvInstances = 0;
while (TRUE) {
//
@@ -462,7 +462,7 @@ MeasureMainBios (
if (EFI_ERROR (Status)) {
break;
}
//
// Measure and record the firmware volume that is dispatched by PeiCore
//
@@ -472,8 +472,8 @@ MeasureMainBios (
// Locate the corresponding FV_PPI according to founded FV's format guid
//
Status = PeiServicesLocatePpi (
&VolumeInfo.FvFormat,
0,
&VolumeInfo.FvFormat,
0,
NULL,
(VOID**)&FvPpi
);
@@ -517,21 +517,21 @@ FirmwareVolmeInfoPpiNotifyCallback (
// The PEI Core can not dispatch or load files from memory mapped FVs that do not support FvPpi.
//
Status = PeiServicesLocatePpi (
&Fv->FvFormat,
0,
&Fv->FvFormat,
0,
NULL,
(VOID**)&FvPpi
);
if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
//
// This is an FV from an FFS file, and the parent FV must have already been measured,
// No need to measure twice, so just record the FV and return
//
if (Fv->ParentFvName != NULL || Fv->ParentFileName != NULL ) {
ASSERT (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported));
if (mMeasuredChildFvIndex < PcdGet32 (PcdPeiCoreMaxFvSupported)) {
//
@@ -588,7 +588,7 @@ PhysicalPresencePpiNotifyCallback (
//
if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !TpmPermanentFlags.physicalPresenceLifetimeLock) {
//
// Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet.
// Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet.
//
PhysicalPresenceValue = TPM_PHYSICAL_PRESENCE_LIFETIME_LOCK;
TpmPermanentFlags.physicalPresenceLifetimeLock = TRUE;
@@ -605,8 +605,8 @@ PhysicalPresencePpiNotifyCallback (
PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_ENABLE;
} else {
PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE;
}
}
Status = Tpm12PhysicalPresence (
PhysicalPresenceValue
);
@@ -614,7 +614,7 @@ PhysicalPresencePpiNotifyCallback (
return Status;
}
}
//
// 2. Lock physical presence if it is required.
//
@@ -645,7 +645,7 @@ PhysicalPresencePpiNotifyCallback (
//
// Lock physical presence
//
//
Status = Tpm12PhysicalPresence (
TPM_PHYSICAL_PRESENCE_LOCK
);
@@ -695,8 +695,8 @@ PeimEntryMP (
EFI_STATUS Status;
Status = PeiServicesLocatePpi (
&gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
0,
&gEfiPeiFirmwareVolumeInfoMeasurementExcludedPpiGuid,
0,
NULL,
(VOID**)&mMeasurementExcludedFvPpi
);
@@ -718,13 +718,13 @@ PeimEntryMP (
}
Status = MeasureMainBios (PeiServices);
}
}
//
// Post callbacks:
// 1). for the FvInfoPpi services to measure and record
// the additional Fvs to TPM
// 2). for the OperatorPresencePpi service to determine whether to
// 2). for the OperatorPresencePpi service to determine whether to
// lock the TPM
//
Status = PeiServicesNotifyPpi (&mNotifyList[0]);

8
SecurityPkg/Tcg/TcgPei/TcgPei.inf
View File

@@ -4,7 +4,7 @@
# This module will initialize TPM device, measure reported FVs and BIOS version.
# This module may also lock TPM physical presence and physicalPresenceLifetimeLock.
#
# Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -73,8 +73,8 @@
gEfiEndOfPeiSignalPpiGuid ## SOMETIMES_CONSUMES ## NOTIFY
[Pcd]
gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceLifetimeLock ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceCmdEnable ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdPhysicalPresenceHwEnable ## SOMETIMES_CONSUMES
gEfiMdeModulePkgTokenSpaceGuid.PcdFirmwareVersionString ## SOMETIMES_CONSUMES
gEfiSecurityPkgTokenSpaceGuid.PcdTpmInstanceGuid ## CONSUMES
@@ -89,4 +89,4 @@
[UserExtensions.TianoCore."ExtraFiles"]
TcgPeiExtra.uni

6
SecurityPkg/Tcg/TcgPei/TcgPeiExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgPei Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) PEI"

34
SecurityPkg/Tcg/TcgSmm/TcgSmm.c
View File

@@ -8,13 +8,13 @@
PhysicalPresenceCallback() and MemoryClearCallback() will receive untrusted input and do some check.
Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -80,7 +80,7 @@ PhysicalPresenceCallback (
mTcgNvs->PhysicalPresence.ReturnCode = PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS;
mTcgNvs->PhysicalPresence.LastRequest = PpData.LastPPRequest;
mTcgNvs->PhysicalPresence.Response = PpData.PPResponse;
} else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
} else if ((mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS)
|| (mTcgNvs->PhysicalPresence.Parameter == ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2)) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
@@ -107,7 +107,7 @@ PhysicalPresenceCallback (
);
}
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status)) {
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
return EFI_SUCCESS;
}
@@ -186,7 +186,7 @@ PhysicalPresenceCallback (
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
RequestConfirmed = TRUE;
}
break;
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_FALSE:
@@ -199,7 +199,7 @@ PhysicalPresenceCallback (
//
// This command requires UI to prompt user for Auth data
//
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
return EFI_SUCCESS;
default:
break;
@@ -209,11 +209,11 @@ PhysicalPresenceCallback (
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED;
} else {
mTcgNvs->PhysicalPresence.ReturnCode = TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED;
}
}
if (mTcgNvs->PhysicalPresence.Request >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
mTcgNvs->PhysicalPresence.ReturnCode = TcgPpVendorLibGetUserConfirmationStatusFunction (mTcgNvs->PhysicalPresence.Request, Flags.PPFlags);
}
}
}
return EFI_SUCCESS;
}
@@ -281,7 +281,7 @@ MemoryClearCallback (
DataSize,
&MorControl
);
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status)) {
mTcgNvs->MemoryClear.ReturnCode = MOR_REQUEST_GENERAL_FAILURE;
DEBUG ((EFI_D_ERROR, "[TPM] Set MOR variable failure! Status = %r\n", Status));
}
@@ -319,7 +319,7 @@ AssignOpRegion (
for (OpRegion = (AML_OP_REGION_32_8 *) (Table + 1);
OpRegion <= (AML_OP_REGION_32_8 *) ((UINT8 *) Table + Table->Length);
OpRegion = (AML_OP_REGION_32_8 *) ((UINT8 *) OpRegion + 1)) {
if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&
if ((OpRegion->OpRegionOp == AML_EXT_REGION_OP) &&
(OpRegion->NameString == Name) &&
(OpRegion->DWordPrefix == AML_DWORD_PREFIX) &&
(OpRegion->BytePrefix == AML_BYTE_PREFIX)) {
@@ -403,12 +403,12 @@ PublishAcpiTable (
/**
The driver's entry point.
It install callbacks for TPM physical presence and MemoryClear, and locate
It install callbacks for TPM physical presence and MemoryClear, and locate
SMM variable to be used in the callback function.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] ImageHandle The firmware allocated handle for the EFI image.
@param[in] SystemTable A pointer to the EFI System Table.
@retval EFI_SUCCESS The entry point is executed successfully.
@retval Others Some error occurs when executing this entry point.
@@ -453,7 +453,7 @@ InitializeTcgSmm (
return Status;
}
mTcgNvs->MemoryClear.SoftwareSmi = (UINT8) SwContext.SwSmiInputValue;
//
// Locate SmmVariableProtocol.
//

12
SecurityPkg/Tcg/TcgSmm/TcgSmm.h
View File

@@ -1,13 +1,13 @@
/** @file
The header file for TCG SMM driver.
Copyright (c) 2012 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2012 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/

12
SecurityPkg/Tcg/TcgSmm/TcgSmm.inf
View File

@@ -1,15 +1,15 @@
## @file
# Implements ACPI metholds for the TCG feature
#
# This driver implements TPM definition block in ACPI table and registers SMI
# callback functions for physical presence and MemoryClear to handle the requests
# This driver implements TPM definition block in ACPI table and registers SMI
# callback functions for physical presence and MemoryClear to handle the requests
# from ACPI method.
#
# Caution: This module requires additional review when modified.
# This driver will have external input - variable and ACPINvs data in SMM mode.
# This external input must be validated carefully to avoid security issue.
#
# Copyright (c) 2011 - 2015, Intel Corporation. All rights reserved.<BR>
# Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
# This program and the accompanying materials
# are licensed and made available under the terms and conditions of the BSD License
# which accompanies this distribution. The full text of the license may be found at
@@ -60,7 +60,7 @@
## SOMETIMES_PRODUCES ## Variable:L"MemoryOverwriteRequestControl"
## SOMETIMES_CONSUMES ## Variable:L"MemoryOverwriteRequestControl"
gEfiMemoryOverwriteControlDataGuid
gEfiTpmDeviceInstanceTpm12Guid ## PRODUCES ## GUID # TPM device identifier
[Protocols]
@@ -77,7 +77,7 @@
gEfiSmmSwDispatch2ProtocolGuid AND
gEfiSmmVariableProtocolGuid AND
gEfiTcgProtocolGuid
[UserExtensions.TianoCore."ExtraFiles"]
TcgSmmExtra.uni

4
SecurityPkg/Tcg/TcgSmm/TcgSmm.uni
View File

@@ -4,12 +4,12 @@
// This driver implements TPM definition block in ACPI table and registers SMI
// callback functions for physical presence and MemoryClear to handle the requests
// from ACPI method.
//
//
// Caution: This module requires additional review when modified.
// This driver will have external input - variable and ACPINvs data in SMM mode.
// This external input must be validated carefully to avoid security issue.
//
// Copyright (c) 2011 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License

6
SecurityPkg/Tcg/TcgSmm/TcgSmmExtra.uni
View File

@@ -1,7 +1,7 @@
// /** @file
// TcgSmm Localized Strings and Content
//
// Copyright (c) 2013 - 2014, Intel Corporation. All rights reserved.<BR>
// Copyright (c) 2013 - 2018, Intel Corporation. All rights reserved.<BR>
//
// This program and the accompanying materials
// are licensed and made available under the terms and conditions of the BSD License
@@ -12,8 +12,8 @@
//
// **/
#string STR_PROPERTIES_MODULE_NAME
#language en-US
#string STR_PROPERTIES_MODULE_NAME
#language en-US
"TCG (Trusted Computing Group) SMM"

56
SecurityPkg/Tcg/TcgSmm/Tpm.asl
View File

@@ -1,14 +1,14 @@
/** @file
The TPM definition block in ACPI table for physical presence
The TPM definition block in ACPI table for physical presence
and MemoryClear.
Copyright (c) 2011 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
Copyright (c) 2011 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
@@ -49,7 +49,7 @@ DefinitionBlock (
//
OperationRegion (SMIP, SystemIO, 0xB2, 1)
Field (SMIP, ByteAcc, NoLock, Preserve)
{
{
IOB2, 8
}
@@ -79,16 +79,16 @@ DefinitionBlock (
MCIP, 32, // Used for save the Mor paramter
MORD, 32, // Memory Overwrite Request Data
MRET, 32, // Memory Overwrite function return code
UCRQ, 32 // Phyical Presence request operation to Get User Confirmation Status
UCRQ, 32 // Phyical Presence request operation to Get User Confirmation Status
}
Method (PTS, 1, Serialized)
{
{
//
// Detect Sx state for MOR, only S4, S5 need to handle
//
If (LAnd (LLess (Arg0, 6), LGreater (Arg0, 3)))
{
{
//
// Bit4 -- DisableAutoDetect. 0 -- Firmware MAY autodetect.
//
@@ -98,7 +98,7 @@ DefinitionBlock (
// Triggle the SMI through ACPI _PTS method.
//
Store (0x02, MCIP)
//
// Triggle the SMI interrupt
//
@@ -106,7 +106,7 @@ DefinitionBlock (
}
}
Return (0)
}
}
Method (_STA, 0)
{
@@ -156,12 +156,12 @@ DefinitionBlock (
}
Name(TPM2, Package (0x02){
Zero,
Zero,
Zero
})
Name(TPM3, Package (0x03){
Zero,
Zero,
Zero,
Zero
})
@@ -170,7 +170,7 @@ DefinitionBlock (
// TCG Physical Presence Interface
//
Method (TPPI, 3, Serialized, 0, {BuffObj, PkgObj, IntObj, StrObj}, {UnknownObj, UnknownObj, UnknownObj}) // IntObj, IntObj, PkgObj
{
{
//
// Switch by function index
//
@@ -195,10 +195,10 @@ DefinitionBlock (
//
// b) Submit TPM Operation Request to Pre-OS Environment
//
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
Store (0x02, PPIP)
//
// Triggle the SMI interrupt
//
@@ -212,7 +212,7 @@ DefinitionBlock (
//
// c) Get Pending TPM Operation Requested By the OS
//
Store (PPRQ, Index (TPM2, 0x01))
Return (TPM2)
}
@@ -229,12 +229,12 @@ DefinitionBlock (
// e) Return TPM Operation Response to OS Environment
//
Store (0x05, PPIP)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Store (LPPR, Index (TPM3, 0x01))
Store (PPRP, Index (TPM3, 0x02))
@@ -257,11 +257,11 @@ DefinitionBlock (
//
Store (7, PPIP)
Store (DerefOf (Index (Arg2, 0x00)), PPRQ)
//
// Triggle the SMI interrupt
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Store (PPIN, IOB2)
Return (FRET)
}
Case (8)
@@ -271,12 +271,12 @@ DefinitionBlock (
//
Store (8, PPIP)
Store (DerefOf (Index (Arg2, 0x00)), UCRQ)
//
// Triggle the SMI interrupt
//
Store (PPIN, IOB2)
Return (FRET)
}
@@ -305,12 +305,12 @@ DefinitionBlock (
// Save the Operation Value of the Request to MORD (reserved memory)
//
Store (DerefOf (Index (Arg2, 0x00)), MORD)
//
// Triggle the SMI through ACPI _DSM method.
//
Store (0x01, MCIP)
//
// Triggle the SMI interrupt
//
@@ -319,7 +319,7 @@ DefinitionBlock (
}
Default {BreakPoint}
}
Return (1)
Return (1)
}
Method (_DSM, 4, Serialized, 0, UnknownObj, {BuffObj, IntObj, IntObj, PkgObj})