sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
1abfa4ce4835639c66ae82cc0d72cffcf3f28b6b
system76-edk2/SecurityPkg/Tcg/Tcg2Config/Tcg2Config.vfr
Yao, Jiewen 1abfa4ce48 Add TPM2 support defined in trusted computing group. 
TCG EFI Protocol Specification for TPM Family 2.0 Revision 1.0 Version 9 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification
TCG Physical Presence Interface Specification Version 1.30, Revision 00.52 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification

Add Tcg2XXX, similar file/directory as TrEEXXX. Old TrEE driver/library can be deprecated.
1) Add Tcg2Pei/Dxe/Smm driver to log event and provide services.
2) Add Dxe/Pei/SmmTcg2PhysicalPresenceLib to support TCG PP.
3) Update Tpm2 library to use TCG2 protocol instead of TrEE protocol.

Test Win8/Win10 with SecureBoot enabled, PCR7 shows bound.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: "Yao, Jiewen" <Jiewen.Yao@intel.com>
Reviewed-by: "Zhang, Chao B" <chao.b.zhang@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@18219 6f19259b-4bc3-4df7-8a09-765794883524
2015-08-13 08:24:17 +00:00

168 lines
7.4 KiB
Plaintext
Raw Blame History

/** @file
VFR file used by the TCG2 configuration component.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
http://opensource.org/licenses/bsd-license.php
THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
**/
#include "Tcg2ConfigNvData.h"
formset
guid = TCG2_CONFIG_FORM_SET_GUID,
title = STRING_TOKEN(STR_TCG2_TITLE),
help = STRING_TOKEN(STR_TCG2_HELP),
classguid = EFI_HII_PLATFORM_SETUP_FORMSET_GUID,
efivarstore TCG2_CONFIGURATION,
varid = TCG2_CONFIGURATION_VARSTORE_ID,
attribute = 0x03, // EFI variable attribures EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_NON_VOLATILE
name = TCG2_CONFIGURATION,
guid = TCG2_CONFIG_FORM_SET_GUID;
form formid = TCG2_CONFIGURATION_FORM_ID,
title = STRING_TOKEN(STR_TCG2_TITLE);
subtitle text = STRING_TOKEN(STR_NULL);
text
help = STRING_TOKEN(STR_TCG2_DEVICE_STATE_HELP),
text = STRING_TOKEN(STR_TCG2_DEVICE_STATE_PROMPT),
text = STRING_TOKEN(STR_TCG2_DEVICE_STATE_CONTENT);
oneof varid = TCG2_CONFIGURATION.TpmDevice,
questionid = KEY_TPM_DEVICE,
prompt = STRING_TOKEN(STR_TCG2_DEVICE_PROMPT),
help = STRING_TOKEN(STR_TCG2_DEVICE_HELP),
flags = INTERACTIVE,
option text = STRING_TOKEN(STR_TCG2_TPM_1_2), value = TPM_DEVICE_1_2, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_TPM_2_0_DTPM), value = TPM_DEVICE_2_0_DTPM, flags = RESET_REQUIRED;
endoneof;
subtitle text = STRING_TOKEN(STR_NULL);
suppressif ideqvallist TCG2_CONFIGURATION.TpmDevice == TPM_DEVICE_NULL TPM_DEVICE_1_2;
text
help = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO),
text = STRING_TOKEN(STR_TPM2_ACTIVE_HASH_ALGO_CONTENT);
text
help = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO),
text = STRING_TOKEN(STR_TPM2_SUPPORTED_HASH_ALGO_CONTENT);
text
help = STRING_TOKEN(STR_BIOS_HASH_ALGO_HELP),
text = STRING_TOKEN(STR_BIOS_HASH_ALGO),
text = STRING_TOKEN(STR_BIOS_HASH_ALGO_CONTENT);
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_TCG2_PP_OPERATION);
oneof name = Tpm2Operation,
questionid = KEY_TPM2_OPERATION,
prompt = STRING_TOKEN(STR_TCG2_OPERATION),
help = STRING_TOKEN(STR_TCG2_OPERATION_HELP),
flags = INTERACTIVE | NUMERIC_SIZE_1,
option text = STRING_TOKEN(STR_TCG2_NO_ACTION), value = TCG2_PHYSICAL_PRESENCE_NO_ACTION, flags = DEFAULT | MANUFACTURING | RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_ENABLE), value = TCG2_PHYSICAL_PRESENCE_ENABLE, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE), value = TCG2_PHYSICAL_PRESENCE_DISABLE, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_CLEAR), value = TCG2_PHYSICAL_PRESENCE_CLEAR, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_SET_PCD_BANKS), value = TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_CHANGE_EPS), value = TCG2_PHYSICAL_PRESENCE_CHANGE_EPS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_LOG_ALL_DIGESTS), value = TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY), value = TCG2_PHYSICAL_PRESENCE_DISABLE_ENDORSEMENT_ENABLE_STORAGE_HIERARCHY, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_ENABLE_BLOCK_SID), value = TCG2_PHYSICAL_PRESENCE_ENABLE_BLOCK_SID, flags = RESET_REQUIRED;
option text = STRING_TOKEN(STR_TCG2_DISABLE_BLOCK_SID), value = TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID, flags = RESET_REQUIRED;
endoneof;
suppressif NOT questionref(Tpm2Operation) == TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS;
numeric name = Tpm2OperationParameter,
questionid = KEY_TPM2_OPERATION_PARAMETER,
prompt = STRING_TOKEN(STR_TCG2_OPERATION_PARAMETER),
help = STRING_TOKEN(STR_TCG2_OPERATION_PARAMETER_HELP),
flags = DISPLAY_UINT_HEX | INTERACTIVE | NUMERIC_SIZE_4,
minimum = 0,
maximum = 0xFFFFFFFF,
step = 0,
default = 0,
endnumeric;
endif;
subtitle text = STRING_TOKEN(STR_NULL);
subtitle text = STRING_TOKEN(STR_TCG2_CONFIGURATION);
text
help = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT_HELP),
text = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT),
text = STRING_TOKEN(STR_TCG2_SUPPORTED_EVENT_LOG_FORMAT_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP_HELP),
text = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP),
text = STRING_TOKEN(STR_TCG2_HASH_ALGO_BITMAP_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS_HELP),
text = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS),
text = STRING_TOKEN(STR_TCG2_NUMBER_OF_PCR_BANKS_CONTENT);
text
help = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS_HELP),
text = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS),
text = STRING_TOKEN(STR_TCG2_ACTIVE_PCR_BANKS_CONTENT);
subtitle text = STRING_TOKEN(STR_NULL);
checkbox name = TCG2ActivatePCRBank0,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_0,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA1),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA1_HELP),
flags = INTERACTIVE,
default = 1,
endcheckbox;
checkbox name = TCG2ActivatePCRBank1,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_1,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA256),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA256_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank2,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_2,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA384),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA384_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank3,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_3,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA512),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SHA512_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
checkbox name = TCG2ActivatePCRBank4,
questionid = KEY_TPM2_PCR_BANKS_REQUEST_4,
prompt = STRING_TOKEN(STR_TCG2_PCR_BANK_SM3_256),
help = STRING_TOKEN(STR_TCG2_PCR_BANK_SM3_256_HELP),
flags = INTERACTIVE,
default = 0,
endcheckbox;
endif;
endform;
endformset;
Reference in New Issue View Git Blame Copy Permalink