diff options
| author | Michael Kubacki <michael.kubacki@microsoft.com> | 2021-12-05 14:54:12 -0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2021-12-07 17:24:28 +0000 |
| commit | c411b485b63a671a1e276700cff025c73997233c (patch) | |
| tree | e7a57ca51b659161ab4bc9da95e988760ec57e7a /SecurityPkg/Library | |
| parent | 39de741e2dcb8f11e9b4438e37224797643d8451 (diff) | |
| download | edk2-c411b485b63a671a1e276700cff025c73997233c.tar.gz edk2-c411b485b63a671a1e276700cff025c73997233c.tar.bz2 edk2-c411b485b63a671a1e276700cff025c73997233c.zip | |
SecurityPkg: Apply uncrustify changes
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
Apply uncrustify changes to .c/.h files in the SecurityPkg package
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Diffstat (limited to 'SecurityPkg/Library')
78 files changed, 7691 insertions, 7185 deletions
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthService.c b/SecurityPkg/Library/AuthVariableLib/AuthService.c index 3059e5d256..054ee4d1d9 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthService.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthService.c @@ -32,28 +32,28 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //
// Public Exponent of RSA Key.
//
-CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
+CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
-CONST UINT8 mSha256OidValue[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 };
+CONST UINT8 mSha256OidValue[] = { 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01 };
//
// Requirement for different signature type which have been defined in UEFI spec.
// These data are used to perform SignatureList format check while setting PK/KEK variable.
//
-EFI_SIGNATURE_ITEM mSupportSigItem[] = {
-//{SigType, SigHeaderSize, SigDataSize }
- {EFI_CERT_SHA256_GUID, 0, 32 },
- {EFI_CERT_RSA2048_GUID, 0, 256 },
- {EFI_CERT_RSA2048_SHA256_GUID, 0, 256 },
- {EFI_CERT_SHA1_GUID, 0, 20 },
- {EFI_CERT_RSA2048_SHA1_GUID, 0, 256 },
- {EFI_CERT_X509_GUID, 0, ((UINT32) ~0)},
- {EFI_CERT_SHA224_GUID, 0, 28 },
- {EFI_CERT_SHA384_GUID, 0, 48 },
- {EFI_CERT_SHA512_GUID, 0, 64 },
- {EFI_CERT_X509_SHA256_GUID, 0, 48 },
- {EFI_CERT_X509_SHA384_GUID, 0, 64 },
- {EFI_CERT_X509_SHA512_GUID, 0, 80 }
+EFI_SIGNATURE_ITEM mSupportSigItem[] = {
+ // {SigType, SigHeaderSize, SigDataSize }
+ { EFI_CERT_SHA256_GUID, 0, 32 },
+ { EFI_CERT_RSA2048_GUID, 0, 256 },
+ { EFI_CERT_RSA2048_SHA256_GUID, 0, 256 },
+ { EFI_CERT_SHA1_GUID, 0, 20 },
+ { EFI_CERT_RSA2048_SHA1_GUID, 0, 256 },
+ { EFI_CERT_X509_GUID, 0, ((UINT32) ~0) },
+ { EFI_CERT_SHA224_GUID, 0, 28 },
+ { EFI_CERT_SHA384_GUID, 0, 48 },
+ { EFI_CERT_SHA512_GUID, 0, 64 },
+ { EFI_CERT_X509_SHA256_GUID, 0, 48 },
+ { EFI_CERT_X509_SHA384_GUID, 0, 64 },
+ { EFI_CERT_X509_SHA512_GUID, 0, 80 }
};
/**
@@ -76,22 +76,22 @@ EFI_SIGNATURE_ITEM mSupportSigItem[] = { **/
EFI_STATUS
AuthServiceInternalFindVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- OUT VOID **Data,
- OUT UINTN *DataSize
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ OUT VOID **Data,
+ OUT UINTN *DataSize
)
{
- EFI_STATUS Status;
- AUTH_VARIABLE_INFO AuthVariableInfo;
+ EFI_STATUS Status;
+ AUTH_VARIABLE_INFO AuthVariableInfo;
ZeroMem (&AuthVariableInfo, sizeof (AuthVariableInfo));
Status = mAuthVarLibContextIn->FindVariable (
- VariableName,
- VendorGuid,
- &AuthVariableInfo
- );
- *Data = AuthVariableInfo.Data;
+ VariableName,
+ VendorGuid,
+ &AuthVariableInfo
+ );
+ *Data = AuthVariableInfo.Data;
*DataSize = AuthVariableInfo.DataSize;
return Status;
}
@@ -113,25 +113,25 @@ AuthServiceInternalFindVariable ( **/
EFI_STATUS
AuthServiceInternalUpdateVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
)
{
- AUTH_VARIABLE_INFO AuthVariableInfo;
+ AUTH_VARIABLE_INFO AuthVariableInfo;
ZeroMem (&AuthVariableInfo, sizeof (AuthVariableInfo));
AuthVariableInfo.VariableName = VariableName;
- AuthVariableInfo.VendorGuid = VendorGuid;
- AuthVariableInfo.Data = Data;
- AuthVariableInfo.DataSize = DataSize;
- AuthVariableInfo.Attributes = Attributes;
+ AuthVariableInfo.VendorGuid = VendorGuid;
+ AuthVariableInfo.Data = Data;
+ AuthVariableInfo.DataSize = DataSize;
+ AuthVariableInfo.Attributes = Attributes;
return mAuthVarLibContextIn->UpdateVariable (
- &AuthVariableInfo
- );
+ &AuthVariableInfo
+ );
}
/**
@@ -152,18 +152,18 @@ AuthServiceInternalUpdateVariable ( **/
EFI_STATUS
AuthServiceInternalUpdateVariableWithTimeStamp (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN EFI_TIME *TimeStamp
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes,
+ IN EFI_TIME *TimeStamp
)
{
- EFI_STATUS FindStatus;
- VOID *OrgData;
- UINTN OrgDataSize;
- AUTH_VARIABLE_INFO AuthVariableInfo;
+ EFI_STATUS FindStatus;
+ VOID *OrgData;
+ UINTN OrgDataSize;
+ AUTH_VARIABLE_INFO AuthVariableInfo;
FindStatus = AuthServiceInternalFindVariable (
VariableName,
@@ -177,9 +177,10 @@ AuthServiceInternalUpdateVariableWithTimeStamp ( //
if (!EFI_ERROR (FindStatus) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) != 0)) {
if ((CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
- ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||
- (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0))) ||
- (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0))) {
+ ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||
+ (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0))) ||
+ (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)))
+ {
//
// For variables with formatted as EFI_SIGNATURE_LIST, the driver shall not perform an append of
// EFI_SIGNATURE_DATA values that are already part of the existing variable value.
@@ -195,14 +196,14 @@ AuthServiceInternalUpdateVariableWithTimeStamp ( ZeroMem (&AuthVariableInfo, sizeof (AuthVariableInfo));
AuthVariableInfo.VariableName = VariableName;
- AuthVariableInfo.VendorGuid = VendorGuid;
- AuthVariableInfo.Data = Data;
- AuthVariableInfo.DataSize = DataSize;
- AuthVariableInfo.Attributes = Attributes;
- AuthVariableInfo.TimeStamp = TimeStamp;
+ AuthVariableInfo.VendorGuid = VendorGuid;
+ AuthVariableInfo.Data = Data;
+ AuthVariableInfo.DataSize = DataSize;
+ AuthVariableInfo.Attributes = Attributes;
+ AuthVariableInfo.TimeStamp = TimeStamp;
return mAuthVarLibContextIn->UpdateVariable (
- &AuthVariableInfo
- );
+ &AuthVariableInfo
+ );
}
/**
@@ -216,15 +217,16 @@ AuthServiceInternalUpdateVariableWithTimeStamp ( **/
BOOLEAN
-NeedPhysicallyPresent(
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid
+NeedPhysicallyPresent (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
)
{
// If the VariablePolicy engine is disabled, allow deletion of any authenticated variables.
- if (IsVariablePolicyEnabled()) {
- if ((CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) == 0))
- || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (VariableName, EFI_CUSTOM_MODE_NAME) == 0))) {
+ if (IsVariablePolicyEnabled ()) {
+ if ( (CompareGuid (VendorGuid, &gEfiSecureBootEnableDisableGuid) && (StrCmp (VariableName, EFI_SECURE_BOOT_ENABLE_NAME) == 0))
+ || (CompareGuid (VendorGuid, &gEfiCustomModeEnableGuid) && (StrCmp (VariableName, EFI_CUSTOM_MODE_NAME) == 0)))
+ {
return TRUE;
}
}
@@ -244,12 +246,12 @@ InCustomMode ( VOID
)
{
- EFI_STATUS Status;
- VOID *Data;
- UINTN DataSize;
+ EFI_STATUS Status;
+ VOID *Data;
+ UINTN DataSize;
Status = AuthServiceInternalFindVariable (EFI_CUSTOM_MODE_NAME, &gEfiCustomModeEnableGuid, &Data, &DataSize);
- if (!EFI_ERROR (Status) && (*(UINT8 *) Data == CUSTOM_SECURE_BOOT_MODE)) {
+ if (!EFI_ERROR (Status) && (*(UINT8 *)Data == CUSTOM_SECURE_BOOT_MODE)) {
return TRUE;
}
@@ -267,15 +269,15 @@ InCustomMode ( **/
EFI_STATUS
UpdatePlatformMode (
- IN UINT32 Mode
+ IN UINT32 Mode
)
{
- EFI_STATUS Status;
- VOID *Data;
- UINTN DataSize;
- UINT8 SecureBootMode;
- UINT8 SecureBootEnable;
- UINTN VariableDataSize;
+ EFI_STATUS Status;
+ VOID *Data;
+ UINTN DataSize;
+ UINT8 SecureBootMode;
+ UINT8 SecureBootEnable;
+ UINTN VariableDataSize;
Status = AuthServiceInternalFindVariable (
EFI_SETUP_MODE_NAME,
@@ -291,8 +293,8 @@ UpdatePlatformMode ( // Update the value of SetupMode variable by a simple mem copy, this could avoid possible
// variable storage reclaim at runtime.
//
- mPlatformMode = (UINT8) Mode;
- CopyMem (Data, &mPlatformMode, sizeof(UINT8));
+ mPlatformMode = (UINT8)Mode;
+ CopyMem (Data, &mPlatformMode, sizeof (UINT8));
if (mAuthVarLibContextIn->AtRuntime ()) {
//
@@ -331,13 +333,13 @@ UpdatePlatformMode ( }
}
- Status = AuthServiceInternalUpdateVariable (
- EFI_SECURE_BOOT_MODE_NAME,
- &gEfiGlobalVariableGuid,
- &SecureBootMode,
- sizeof(UINT8),
- EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
- );
+ Status = AuthServiceInternalUpdateVariable (
+ EFI_SECURE_BOOT_MODE_NAME,
+ &gEfiGlobalVariableGuid,
+ &SecureBootMode,
+ sizeof (UINT8),
+ EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS
+ );
if (EFI_ERROR (Status)) {
return Status;
}
@@ -366,6 +368,7 @@ UpdatePlatformMode ( if (EFI_ERROR (Status)) {
return EFI_SUCCESS;
}
+
SecureBootEnable = SECURE_BOOT_DISABLE;
VariableDataSize = 0;
}
@@ -393,21 +396,21 @@ UpdatePlatformMode ( **/
EFI_STATUS
-CheckSignatureListFormat(
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize
+CheckSignatureListFormat (
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize
)
{
- EFI_SIGNATURE_LIST *SigList;
- UINTN SigDataSize;
- UINT32 Index;
- UINT32 SigCount;
- BOOLEAN IsPk;
- VOID *RsaContext;
- EFI_SIGNATURE_DATA *CertData;
- UINTN CertLen;
+ EFI_SIGNATURE_LIST *SigList;
+ UINTN SigDataSize;
+ UINT32 Index;
+ UINT32 SigCount;
+ BOOLEAN IsPk;
+ VOID *RsaContext;
+ EFI_SIGNATURE_DATA *CertData;
+ UINTN CertLen;
if (DataSize == 0) {
return EFI_SUCCESS;
@@ -415,21 +418,22 @@ CheckSignatureListFormat( ASSERT (VariableName != NULL && VendorGuid != NULL && Data != NULL);
- if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)){
+ if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)) {
IsPk = TRUE;
} else if ((CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) ||
(CompareGuid (VendorGuid, &gEfiImageSecurityDatabaseGuid) &&
- ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||
- (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0)))) {
+ ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) || (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||
+ (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0))))
+ {
IsPk = FALSE;
} else {
return EFI_SUCCESS;
}
- SigCount = 0;
- SigList = (EFI_SIGNATURE_LIST *) Data;
- SigDataSize = DataSize;
- RsaContext = NULL;
+ SigCount = 0;
+ SigList = (EFI_SIGNATURE_LIST *)Data;
+ SigDataSize = DataSize;
+ RsaContext = NULL;
//
// Walk through the input signature list and check the data format.
@@ -442,14 +446,18 @@ CheckSignatureListFormat( // The value of SignatureSize should always be 16 (size of SignatureOwner
// component) add the data length according to signature type.
//
- if (mSupportSigItem[Index].SigDataSize != ((UINT32) ~0) &&
- (SigList->SignatureSize - sizeof (EFI_GUID)) != mSupportSigItem[Index].SigDataSize) {
+ if ((mSupportSigItem[Index].SigDataSize != ((UINT32) ~0)) &&
+ ((SigList->SignatureSize - sizeof (EFI_GUID)) != mSupportSigItem[Index].SigDataSize))
+ {
return EFI_INVALID_PARAMETER;
}
- if (mSupportSigItem[Index].SigHeaderSize != ((UINT32) ~0) &&
- SigList->SignatureHeaderSize != mSupportSigItem[Index].SigHeaderSize) {
+
+ if ((mSupportSigItem[Index].SigHeaderSize != ((UINT32) ~0)) &&
+ (SigList->SignatureHeaderSize != mSupportSigItem[Index].SigHeaderSize))
+ {
return EFI_INVALID_PARAMETER;
}
+
break;
}
}
@@ -470,29 +478,32 @@ CheckSignatureListFormat( if (RsaContext == NULL) {
return EFI_INVALID_PARAMETER;
}
- CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) SigList + sizeof (EFI_SIGNATURE_LIST) + SigList->SignatureHeaderSize);
- CertLen = SigList->SignatureSize - sizeof (EFI_GUID);
+
+ CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)SigList + sizeof (EFI_SIGNATURE_LIST) + SigList->SignatureHeaderSize);
+ CertLen = SigList->SignatureSize - sizeof (EFI_GUID);
if (!RsaGetPublicKeyFromX509 (CertData->SignatureData, CertLen, &RsaContext)) {
RsaFree (RsaContext);
return EFI_INVALID_PARAMETER;
}
+
RsaFree (RsaContext);
}
if ((SigList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - SigList->SignatureHeaderSize) % SigList->SignatureSize != 0) {
return EFI_INVALID_PARAMETER;
}
+
SigCount += (SigList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - SigList->SignatureHeaderSize) / SigList->SignatureSize;
SigDataSize -= SigList->SignatureListSize;
- SigList = (EFI_SIGNATURE_LIST *) ((UINT8 *) SigList + SigList->SignatureListSize);
+ SigList = (EFI_SIGNATURE_LIST *)((UINT8 *)SigList + SigList->SignatureListSize);
}
- if (((UINTN) SigList - (UINTN) Data) != DataSize) {
+ if (((UINTN)SigList - (UINTN)Data) != DataSize) {
return EFI_INVALID_PARAMETER;
}
- if (IsPk && SigCount > 1) {
+ if (IsPk && (SigCount > 1)) {
return EFI_INVALID_PARAMETER;
}
@@ -511,11 +522,12 @@ VendorKeyIsModified ( VOID
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (mVendorKeyState == VENDOR_KEYS_MODIFIED) {
return EFI_SUCCESS;
}
+
mVendorKeyState = VENDOR_KEYS_MODIFIED;
Status = AuthServiceInternalUpdateVariable (
@@ -564,21 +576,22 @@ VendorKeyIsModified ( **/
EFI_STATUS
ProcessVarWithPk (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes OPTIONAL,
- IN BOOLEAN IsPk
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes OPTIONAL,
+ IN BOOLEAN IsPk
)
{
- EFI_STATUS Status;
- BOOLEAN Del;
- UINT8 *Payload;
- UINTN PayloadSize;
+ EFI_STATUS Status;
+ BOOLEAN Del;
+ UINT8 *Payload;
+ UINTN PayloadSize;
- if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0 ||
- (Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0) {
+ if (((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) ||
+ ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0))
+ {
//
// PK, KEK and db/dbx/dbt should set EFI_VARIABLE_NON_VOLATILE attribute and should be a time-based
// authenticated variable.
@@ -590,14 +603,14 @@ ProcessVarWithPk ( // Init state of Del. State may change due to secure check
//
Del = FALSE;
- if ((InCustomMode() && UserPhysicalPresent()) || (mPlatformMode == SETUP_MODE && !IsPk)) {
- Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
+ if ((InCustomMode () && UserPhysicalPresent ()) || ((mPlatformMode == SETUP_MODE) && !IsPk)) {
+ Payload = (UINT8 *)Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
if (PayloadSize == 0) {
Del = TRUE;
}
- Status = CheckSignatureListFormat(VariableName, VendorGuid, Payload, PayloadSize);
+ Status = CheckSignatureListFormat (VariableName, VendorGuid, Payload, PayloadSize);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -608,9 +621,9 @@ ProcessVarWithPk ( Payload,
PayloadSize,
Attributes,
- &((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->TimeStamp
+ &((EFI_VARIABLE_AUTHENTICATION_2 *)Data)->TimeStamp
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return Status;
}
@@ -645,13 +658,13 @@ ProcessVarWithPk ( );
}
- if (!EFI_ERROR(Status) && IsPk) {
- if (mPlatformMode == SETUP_MODE && !Del) {
+ if (!EFI_ERROR (Status) && IsPk) {
+ if ((mPlatformMode == SETUP_MODE) && !Del) {
//
// If enroll PK in setup mode, need change to user mode.
//
Status = UpdatePlatformMode (USER_MODE);
- } else if (mPlatformMode == USER_MODE && Del){
+ } else if ((mPlatformMode == USER_MODE) && Del) {
//
// If delete PK in user mode, need change to setup mode.
//
@@ -687,19 +700,20 @@ ProcessVarWithPk ( **/
EFI_STATUS
ProcessVarWithKek (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes OPTIONAL
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes OPTIONAL
)
{
- EFI_STATUS Status;
- UINT8 *Payload;
- UINTN PayloadSize;
+ EFI_STATUS Status;
+ UINT8 *Payload;
+ UINTN PayloadSize;
- if ((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0 ||
- (Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0) {
+ if (((Attributes & EFI_VARIABLE_NON_VOLATILE) == 0) ||
+ ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0))
+ {
//
// DB, DBX and DBT should set EFI_VARIABLE_NON_VOLATILE attribute and should be a time-based
// authenticated variable.
@@ -708,7 +722,7 @@ ProcessVarWithKek ( }
Status = EFI_SUCCESS;
- if (mPlatformMode == USER_MODE && !(InCustomMode() && UserPhysicalPresent())) {
+ if ((mPlatformMode == USER_MODE) && !(InCustomMode () && UserPhysicalPresent ())) {
//
// Time-based, verify against X509 Cert KEK.
//
@@ -725,10 +739,10 @@ ProcessVarWithKek ( //
// If in setup mode or custom secure boot mode, no authentication needed.
//
- Payload = (UINT8 *) Data + AUTHINFO2_SIZE (Data);
+ Payload = (UINT8 *)Data + AUTHINFO2_SIZE (Data);
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
- Status = CheckSignatureListFormat(VariableName, VendorGuid, Payload, PayloadSize);
+ Status = CheckSignatureListFormat (VariableName, VendorGuid, Payload, PayloadSize);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -739,7 +753,7 @@ ProcessVarWithKek ( Payload,
PayloadSize,
Attributes,
- &((EFI_VARIABLE_AUTHENTICATION_2 *) Data)->TimeStamp
+ &((EFI_VARIABLE_AUTHENTICATION_2 *)Data)->TimeStamp
);
if (EFI_ERROR (Status)) {
return Status;
@@ -767,14 +781,14 @@ ProcessVarWithKek ( **/
BOOLEAN
IsDeleteAuthVariable (
- IN UINT32 OrgAttributes,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN UINT32 OrgAttributes,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
)
{
- BOOLEAN Del;
- UINTN PayloadSize;
+ BOOLEAN Del;
+ UINTN PayloadSize;
Del = FALSE;
@@ -785,7 +799,8 @@ IsDeleteAuthVariable ( // and the DataSize set to the size of the AuthInfo descriptor.
//
if ((Attributes == OrgAttributes) &&
- ((Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)) {
+ ((Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0))
+ {
if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
PayloadSize = DataSize - AUTHINFO2_SIZE (Data);
if (PayloadSize == 0) {
@@ -830,37 +845,37 @@ IsDeleteAuthVariable ( **/
EFI_STATUS
ProcessVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
)
{
- EFI_STATUS Status;
- AUTH_VARIABLE_INFO OrgVariableInfo;
+ EFI_STATUS Status;
+ AUTH_VARIABLE_INFO OrgVariableInfo;
- Status = EFI_SUCCESS;
+ Status = EFI_SUCCESS;
ZeroMem (&OrgVariableInfo, sizeof (OrgVariableInfo));
Status = mAuthVarLibContextIn->FindVariable (
- VariableName,
- VendorGuid,
- &OrgVariableInfo
- );
+ VariableName,
+ VendorGuid,
+ &OrgVariableInfo
+ );
// If the VariablePolicy engine is disabled, allow deletion of any authenticated variables.
- if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && (UserPhysicalPresent() || !IsVariablePolicyEnabled())) {
+ if ((!EFI_ERROR (Status)) && IsDeleteAuthVariable (OrgVariableInfo.Attributes, Data, DataSize, Attributes) && (UserPhysicalPresent () || !IsVariablePolicyEnabled ())) {
//
// Allow the delete operation of common authenticated variable(AT or AW) at user physical presence.
//
Status = AuthServiceInternalUpdateVariable (
- VariableName,
- VendorGuid,
- NULL,
- 0,
- 0
- );
+ VariableName,
+ VendorGuid,
+ NULL,
+ 0,
+ 0
+ );
if (!EFI_ERROR (Status) && ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0)) {
Status = DeleteCertsFromDb (VariableName, VendorGuid, Attributes);
}
@@ -868,7 +883,7 @@ ProcessVariable ( return Status;
}
- if (NeedPhysicallyPresent (VariableName, VendorGuid) && !UserPhysicalPresent()) {
+ if (NeedPhysicallyPresent (VariableName, VendorGuid) && !UserPhysicalPresent ()) {
//
// This variable is protected, only physical present user could modify its value.
//
@@ -897,7 +912,8 @@ ProcessVariable ( }
if ((OrgVariableInfo.Data != NULL) &&
- ((OrgVariableInfo.Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0)) {
+ ((OrgVariableInfo.Attributes & (EFI_VARIABLE_AUTHENTICATED_WRITE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS)) != 0))
+ {
//
// If the variable is already write-protected, it always needs authentication before update.
//
@@ -909,7 +925,6 @@ ProcessVariable ( //
Status = AuthServiceInternalUpdateVariable (VariableName, VendorGuid, Data, DataSize, Attributes);
return Status;
-
}
/**
@@ -923,56 +938,57 @@ ProcessVariable ( **/
EFI_STATUS
FilterSignatureList (
- IN VOID *Data,
- IN UINTN DataSize,
- IN OUT VOID *NewData,
- IN OUT UINTN *NewDataSize
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN OUT VOID *NewData,
+ IN OUT UINTN *NewDataSize
)
{
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *Cert;
- UINTN CertCount;
- EFI_SIGNATURE_LIST *NewCertList;
- EFI_SIGNATURE_DATA *NewCert;
- UINTN NewCertCount;
- UINTN Index;
- UINTN Index2;
- UINTN Size;
- UINT8 *Tail;
- UINTN CopiedCount;
- UINTN SignatureListSize;
- BOOLEAN IsNewCert;
- UINT8 *TempData;
- UINTN TempDataSize;
- EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINTN CertCount;
+ EFI_SIGNATURE_LIST *NewCertList;
+ EFI_SIGNATURE_DATA *NewCert;
+ UINTN NewCertCount;
+ UINTN Index;
+ UINTN Index2;
+ UINTN Size;
+ UINT8 *Tail;
+ UINTN CopiedCount;
+ UINTN SignatureListSize;
+ BOOLEAN IsNewCert;
+ UINT8 *TempData;
+ UINTN TempDataSize;
+ EFI_STATUS Status;
if (*NewDataSize == 0) {
return EFI_SUCCESS;
}
TempDataSize = *NewDataSize;
- Status = mAuthVarLibContextIn->GetScratchBuffer (&TempDataSize, (VOID **) &TempData);
+ Status = mAuthVarLibContextIn->GetScratchBuffer (&TempDataSize, (VOID **)&TempData);
if (EFI_ERROR (Status)) {
return EFI_OUT_OF_RESOURCES;
}
Tail = TempData;
- NewCertList = (EFI_SIGNATURE_LIST *) NewData;
+ NewCertList = (EFI_SIGNATURE_LIST *)NewData;
while ((*NewDataSize > 0) && (*NewDataSize >= NewCertList->SignatureListSize)) {
- NewCert = (EFI_SIGNATURE_DATA *) ((UINT8 *) NewCertList + sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize);
+ NewCert = (EFI_SIGNATURE_DATA *)((UINT8 *)NewCertList + sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize);
NewCertCount = (NewCertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - NewCertList->SignatureHeaderSize) / NewCertList->SignatureSize;
CopiedCount = 0;
for (Index = 0; Index < NewCertCount; Index++) {
IsNewCert = TRUE;
- Size = DataSize;
- CertList = (EFI_SIGNATURE_LIST *) Data;
+ Size = DataSize;
+ CertList = (EFI_SIGNATURE_LIST *)Data;
while ((Size > 0) && (Size >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &NewCertList->SignatureType) &&
- (CertList->SignatureSize == NewCertList->SignatureSize)) {
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ (CertList->SignatureSize == NewCertList->SignatureSize))
+ {
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index2 = 0; Index2 < CertCount; Index2++) {
//
@@ -982,15 +998,17 @@ FilterSignatureList ( IsNewCert = FALSE;
break;
}
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);
}
}
if (!IsNewCert) {
break;
}
- Size -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+
+ Size -= CertList->SignatureListSize;
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
if (IsNewCert) {
@@ -1010,23 +1028,23 @@ FilterSignatureList ( CopiedCount++;
}
- NewCert = (EFI_SIGNATURE_DATA *) ((UINT8 *) NewCert + NewCertList->SignatureSize);
+ NewCert = (EFI_SIGNATURE_DATA *)((UINT8 *)NewCert + NewCertList->SignatureSize);
}
//
// Update SignatureListSize in the kept EFI_SIGNATURE_LIST.
//
if (CopiedCount != 0) {
- SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize + (CopiedCount * NewCertList->SignatureSize);
- CertList = (EFI_SIGNATURE_LIST *) (Tail - SignatureListSize);
- CertList->SignatureListSize = (UINT32) SignatureListSize;
+ SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + NewCertList->SignatureHeaderSize + (CopiedCount * NewCertList->SignatureSize);
+ CertList = (EFI_SIGNATURE_LIST *)(Tail - SignatureListSize);
+ CertList->SignatureListSize = (UINT32)SignatureListSize;
}
*NewDataSize -= NewCertList->SignatureListSize;
- NewCertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) NewCertList + NewCertList->SignatureListSize);
+ NewCertList = (EFI_SIGNATURE_LIST *)((UINT8 *)NewCertList + NewCertList->SignatureListSize);
}
- TempDataSize = (Tail - (UINT8 *) TempData);
+ TempDataSize = (Tail - (UINT8 *)TempData);
CopyMem (NewData, TempData, TempDataSize);
*NewDataSize = TempDataSize;
@@ -1047,23 +1065,23 @@ FilterSignatureList ( **/
BOOLEAN
AuthServiceInternalCompareTimeStamp (
- IN EFI_TIME *FirstTime,
- IN EFI_TIME *SecondTime
+ IN EFI_TIME *FirstTime,
+ IN EFI_TIME *SecondTime
)
{
if (FirstTime->Year != SecondTime->Year) {
- return (BOOLEAN) (FirstTime->Year < SecondTime->Year);
+ return (BOOLEAN)(FirstTime->Year < SecondTime->Year);
} else if (FirstTime->Month != SecondTime->Month) {
- return (BOOLEAN) (FirstTime->Month < SecondTime->Month);
+ return (BOOLEAN)(FirstTime->Month < SecondTime->Month);
} else if (FirstTime->Day != SecondTime->Day) {
- return (BOOLEAN) (FirstTime->Day < SecondTime->Day);
+ return (BOOLEAN)(FirstTime->Day < SecondTime->Day);
} else if (FirstTime->Hour != SecondTime->Hour) {
- return (BOOLEAN) (FirstTime->Hour < SecondTime->Hour);
+ return (BOOLEAN)(FirstTime->Hour < SecondTime->Hour);
} else if (FirstTime->Minute != SecondTime->Minute) {
- return (BOOLEAN) (FirstTime->Minute < SecondTime->Minute);
+ return (BOOLEAN)(FirstTime->Minute < SecondTime->Minute);
}
- return (BOOLEAN) (FirstTime->Second <= SecondTime->Second);
+ return (BOOLEAN)(FirstTime->Second <= SecondTime->Second);
}
/**
@@ -1081,37 +1099,37 @@ AuthServiceInternalCompareTimeStamp ( **/
EFI_STATUS
-CalculatePrivAuthVarSignChainSHA256Digest(
- IN UINT8 *SignerCert,
- IN UINTN SignerCertSize,
- IN UINT8 *TopLevelCert,
- IN UINTN TopLevelCertSize,
- OUT UINT8 *Sha256Digest
+CalculatePrivAuthVarSignChainSHA256Digest (
+ IN UINT8 *SignerCert,
+ IN UINTN SignerCertSize,
+ IN UINT8 *TopLevelCert,
+ IN UINTN TopLevelCertSize,
+ OUT UINT8 *Sha256Digest
)
{
- UINT8 *TbsCert;
- UINTN TbsCertSize;
- CHAR8 CertCommonName[128];
- UINTN CertCommonNameSize;
- BOOLEAN CryptoStatus;
- EFI_STATUS Status;
+ UINT8 *TbsCert;
+ UINTN TbsCertSize;
+ CHAR8 CertCommonName[128];
+ UINTN CertCommonNameSize;
+ BOOLEAN CryptoStatus;
+ EFI_STATUS Status;
- CertCommonNameSize = sizeof(CertCommonName);
+ CertCommonNameSize = sizeof (CertCommonName);
//
// Get SignerCert CommonName
//
- Status = X509GetCommonName(SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize);
- if (EFI_ERROR(Status)) {
- DEBUG((DEBUG_INFO, "%a Get SignerCert CommonName failed with status %x\n", __FUNCTION__, Status));
+ Status = X509GetCommonName (SignerCert, SignerCertSize, CertCommonName, &CertCommonNameSize);
+ if (EFI_ERROR (Status)) {
+ DEBUG ((DEBUG_INFO, "%a Get SignerCert CommonName failed with status %x\n", __FUNCTION__, Status));
return EFI_ABORTED;
}
//
// Get TopLevelCert tbsCertificate
//
- if (!X509GetTBSCert(TopLevelCert, TopLevelCertSize, &TbsCert, &TbsCertSize)) {
- DEBUG((DEBUG_INFO, "%a Get Top-level Cert tbsCertificate failed!\n", __FUNCTION__));
+ if (!X509GetTBSCert (TopLevelCert, TopLevelCertSize, &TbsCert, &TbsCertSize)) {
+ DEBUG ((DEBUG_INFO, "%a Get Top-level Cert tbsCertificate failed!\n", __FUNCTION__));
return EFI_ABORTED;
}
@@ -1141,7 +1159,7 @@ CalculatePrivAuthVarSignChainSHA256Digest( return EFI_ABORTED;
}
- CryptoStatus = Sha256Final (mHashCtx, Sha256Digest);
+ CryptoStatus = Sha256Final (mHashCtx, Sha256Digest);
if (!CryptoStatus) {
return EFI_ABORTED;
}
@@ -1179,22 +1197,22 @@ CalculatePrivAuthVarSignChainSHA256Digest( **/
EFI_STATUS
FindCertsFromDb (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT8 *Data,
- IN UINTN DataSize,
- OUT UINT32 *CertOffset OPTIONAL,
- OUT UINT32 *CertDataSize OPTIONAL,
- OUT UINT32 *CertNodeOffset OPTIONAL,
- OUT UINT32 *CertNodeSize OPTIONAL
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT8 *Data,
+ IN UINTN DataSize,
+ OUT UINT32 *CertOffset OPTIONAL,
+ OUT UINT32 *CertDataSize OPTIONAL,
+ OUT UINT32 *CertNodeOffset OPTIONAL,
+ OUT UINT32 *CertNodeSize OPTIONAL
)
{
- UINT32 Offset;
- AUTH_CERT_DB_DATA *Ptr;
- UINT32 CertSize;
- UINT32 NameSize;
- UINT32 NodeSize;
- UINT32 CertDbListSize;
+ UINT32 Offset;
+ AUTH_CERT_DB_DATA *Ptr;
+ UINT32 CertSize;
+ UINT32 NameSize;
+ UINT32 NodeSize;
+ UINT32 CertDbListSize;
if ((VariableName == NULL) || (VendorGuid == NULL) || (Data == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -1207,9 +1225,9 @@ FindCertsFromDb ( return EFI_INVALID_PARAMETER;
}
- CertDbListSize = ReadUnaligned32 ((UINT32 *) Data);
+ CertDbListSize = ReadUnaligned32 ((UINT32 *)Data);
- if (CertDbListSize != (UINT32) DataSize) {
+ if (CertDbListSize != (UINT32)DataSize) {
return EFI_INVALID_PARAMETER;
}
@@ -1218,8 +1236,8 @@ FindCertsFromDb ( //
// Get corresponding certificates by VendorGuid and VariableName.
//
- while (Offset < (UINT32) DataSize) {
- Ptr = (AUTH_CERT_DB_DATA *) (Data + Offset);
+ while (Offset < (UINT32)DataSize) {
+ Ptr = (AUTH_CERT_DB_DATA *)(Data + Offset);
//
// Check whether VendorGuid matches.
//
@@ -1229,7 +1247,8 @@ FindCertsFromDb ( CertSize = ReadUnaligned32 (&Ptr->CertDataSize);
if (NodeSize != sizeof (EFI_GUID) + sizeof (UINT32) * 3 + CertSize +
- sizeof (CHAR16) * NameSize) {
+ sizeof (CHAR16) * NameSize)
+ {
return EFI_INVALID_PARAMETER;
}
@@ -1238,7 +1257,8 @@ FindCertsFromDb ( // Check whether VariableName matches.
//
if ((NameSize == StrLen (VariableName)) &&
- (CompareMem (Data + Offset, VariableName, NameSize * sizeof (CHAR16)) == 0)) {
+ (CompareMem (Data + Offset, VariableName, NameSize * sizeof (CHAR16)) == 0))
+ {
Offset = Offset + NameSize * sizeof (CHAR16);
if (CertOffset != NULL) {
@@ -1250,7 +1270,7 @@ FindCertsFromDb ( }
if (CertNodeOffset != NULL) {
- *CertNodeOffset = (UINT32) ((UINT8 *) Ptr - Data);
+ *CertNodeOffset = (UINT32)((UINT8 *)Ptr - Data);
}
if (CertNodeSize != NULL) {
@@ -1288,24 +1308,23 @@ FindCertsFromDb ( **/
EFI_STATUS
GetCertsFromDb (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT32 Attributes,
- OUT UINT8 **CertData,
- OUT UINT32 *CertDataSize
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT32 Attributes,
+ OUT UINT8 **CertData,
+ OUT UINT32 *CertDataSize
)
{
- EFI_STATUS Status;
- UINT8 *Data;
- UINTN DataSize;
- UINT32 CertOffset;
- CHAR16 *DbName;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINT32 CertOffset;
+ CHAR16 *DbName;
if ((VariableName == NULL) || (VendorGuid == NULL) || (CertData == NULL) || (CertDataSize == NULL)) {
return EFI_INVALID_PARAMETER;
}
-
if ((Attributes & EFI_VARIABLE_NON_VOLATILE) != 0) {
//
// Get variable "certdb".
@@ -1324,7 +1343,7 @@ GetCertsFromDb ( Status = AuthServiceInternalFindVariable (
DbName,
&gEfiCertDbGuid,
- (VOID **) &Data,
+ (VOID **)&Data,
&DataSize
);
if (EFI_ERROR (Status)) {
@@ -1372,20 +1391,20 @@ GetCertsFromDb ( **/
EFI_STATUS
DeleteCertsFromDb (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT32 Attributes
)
{
- EFI_STATUS Status;
- UINT8 *Data;
- UINTN DataSize;
- UINT32 VarAttr;
- UINT32 CertNodeOffset;
- UINT32 CertNodeSize;
- UINT8 *NewCertDb;
- UINT32 NewCertDbSize;
- CHAR16 *DbName;
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINT32 VarAttr;
+ UINT32 CertNodeOffset;
+ UINT32 CertNodeSize;
+ UINT8 *NewCertDb;
+ UINT32 NewCertDbSize;
+ CHAR16 *DbName;
if ((VariableName == NULL) || (VendorGuid == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -1395,20 +1414,20 @@ DeleteCertsFromDb ( //
// Get variable "certdb".
//
- DbName = EFI_CERT_DB_NAME;
- VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+ DbName = EFI_CERT_DB_NAME;
+ VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
} else {
//
// Get variable "certdbv".
//
- DbName = EFI_CERT_DB_VOLATILE_NAME;
+ DbName = EFI_CERT_DB_VOLATILE_NAME;
VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
}
Status = AuthServiceInternalFindVariable (
DbName,
&gEfiCertDbGuid,
- (VOID **) &Data,
+ (VOID **)&Data,
&DataSize
);
@@ -1453,8 +1472,8 @@ DeleteCertsFromDb ( //
// Construct new data content of variable "certdb" or "certdbv".
//
- NewCertDbSize = (UINT32) DataSize - CertNodeSize;
- NewCertDb = (UINT8*) mCertDbStore;
+ NewCertDbSize = (UINT32)DataSize - CertNodeSize;
+ NewCertDb = (UINT8 *)mCertDbStore;
//
// Copy the DB entries before deleting node.
@@ -1478,13 +1497,13 @@ DeleteCertsFromDb ( //
// Set "certdb" or "certdbv".
//
- Status = AuthServiceInternalUpdateVariable (
- DbName,
- &gEfiCertDbGuid,
- NewCertDb,
- NewCertDbSize,
- VarAttr
- );
+ Status = AuthServiceInternalUpdateVariable (
+ DbName,
+ &gEfiCertDbGuid,
+ NewCertDb,
+ NewCertDbSize,
+ VarAttr
+ );
return Status;
}
@@ -1512,29 +1531,29 @@ DeleteCertsFromDb ( **/
EFI_STATUS
InsertCertsToDb (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT32 Attributes,
- IN UINT8 *SignerCert,
- IN UINTN SignerCertSize,
- IN UINT8 *TopLevelCert,
- IN UINTN TopLevelCertSize
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT32 Attributes,
+ IN UINT8 *SignerCert,
+ IN UINTN SignerCertSize,
+ IN UINT8 *TopLevelCert,
+ IN UINTN TopLevelCertSize
)
{
- EFI_STATUS Status;
- UINT8 *Data;
- UINTN DataSize;
- UINT32 VarAttr;
- UINT8 *NewCertDb;
- UINT32 NewCertDbSize;
- UINT32 CertNodeSize;
- UINT32 NameSize;
- UINT32 CertDataSize;
- AUTH_CERT_DB_DATA *Ptr;
- CHAR16 *DbName;
- UINT8 Sha256Digest[SHA256_DIGEST_SIZE];
-
- if ((VariableName == NULL) || (VendorGuid == NULL) || (SignerCert == NULL) ||(TopLevelCert == NULL)) {
+ EFI_STATUS Status;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINT32 VarAttr;
+ UINT8 *NewCertDb;
+ UINT32 NewCertDbSize;
+ UINT32 CertNodeSize;
+ UINT32 NameSize;
+ UINT32 CertDataSize;
+ AUTH_CERT_DB_DATA *Ptr;
+ CHAR16 *DbName;
+ UINT8 Sha256Digest[SHA256_DIGEST_SIZE];
+
+ if ((VariableName == NULL) || (VendorGuid == NULL) || (SignerCert == NULL) || (TopLevelCert == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -1542,13 +1561,13 @@ InsertCertsToDb ( //
// Get variable "certdb".
//
- DbName = EFI_CERT_DB_NAME;
- VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
+ DbName = EFI_CERT_DB_NAME;
+ VarAttr = EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
} else {
//
// Get variable "certdbv".
//
- DbName = EFI_CERT_DB_VOLATILE_NAME;
+ DbName = EFI_CERT_DB_VOLATILE_NAME;
VarAttr = EFI_VARIABLE_RUNTIME_ACCESS | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS;
}
@@ -1558,7 +1577,7 @@ InsertCertsToDb ( Status = AuthServiceInternalFindVariable (
DbName,
&gEfiCertDbGuid,
- (VOID **) &Data,
+ (VOID **)&Data,
&DataSize
);
if (EFI_ERROR (Status)) {
@@ -1593,15 +1612,15 @@ InsertCertsToDb ( //
// Construct new data content of variable "certdb" or "certdbv".
//
- NameSize = (UINT32) StrLen (VariableName);
- CertDataSize = sizeof(Sha256Digest);
- CertNodeSize = sizeof (AUTH_CERT_DB_DATA) + (UINT32) CertDataSize + NameSize * sizeof (CHAR16);
- NewCertDbSize = (UINT32) DataSize + CertNodeSize;
+ NameSize = (UINT32)StrLen (VariableName);
+ CertDataSize = sizeof (Sha256Digest);
+ CertNodeSize = sizeof (AUTH_CERT_DB_DATA) + (UINT32)CertDataSize + NameSize * sizeof (CHAR16);
+ NewCertDbSize = (UINT32)DataSize + CertNodeSize;
if (NewCertDbSize > mMaxCertDbSize) {
return EFI_OUT_OF_RESOURCES;
}
- Status = CalculatePrivAuthVarSignChainSHA256Digest(
+ Status = CalculatePrivAuthVarSignChainSHA256Digest (
SignerCert,
SignerCertSize,
TopLevelCert,
@@ -1612,7 +1631,7 @@ InsertCertsToDb ( return Status;
}
- NewCertDb = (UINT8*) mCertDbStore;
+ NewCertDb = (UINT8 *)mCertDbStore;
//
// Copy the DB entries before inserting node.
@@ -1625,20 +1644,20 @@ InsertCertsToDb ( //
// Construct new cert node.
//
- Ptr = (AUTH_CERT_DB_DATA *) (NewCertDb + DataSize);
+ Ptr = (AUTH_CERT_DB_DATA *)(NewCertDb + DataSize);
CopyGuid (&Ptr->VendorGuid, VendorGuid);
CopyMem (&Ptr->CertNodeSize, &CertNodeSize, sizeof (UINT32));
CopyMem (&Ptr->NameSize, &NameSize, sizeof (UINT32));
CopyMem (&Ptr->CertDataSize, &CertDataSize, sizeof (UINT32));
CopyMem (
- (UINT8 *) Ptr + sizeof (AUTH_CERT_DB_DATA),
+ (UINT8 *)Ptr + sizeof (AUTH_CERT_DB_DATA),
VariableName,
NameSize * sizeof (CHAR16)
);
CopyMem (
- (UINT8 *) Ptr + sizeof (AUTH_CERT_DB_DATA) + NameSize * sizeof (CHAR16),
+ (UINT8 *)Ptr + sizeof (AUTH_CERT_DB_DATA) + NameSize * sizeof (CHAR16),
Sha256Digest,
CertDataSize
);
@@ -1646,13 +1665,13 @@ InsertCertsToDb ( //
// Set "certdb" or "certdbv".
//
- Status = AuthServiceInternalUpdateVariable (
- DbName,
- &gEfiCertDbGuid,
- NewCertDb,
- NewCertDbSize,
- VarAttr
- );
+ Status = AuthServiceInternalUpdateVariable (
+ DbName,
+ &gEfiCertDbGuid,
+ NewCertDb,
+ NewCertDbSize,
+ VarAttr
+ );
return Status;
}
@@ -1674,17 +1693,17 @@ CleanCertsFromDb ( VOID
)
{
- UINT32 Offset;
- AUTH_CERT_DB_DATA *Ptr;
- UINT32 NameSize;
- UINT32 NodeSize;
- CHAR16 *VariableName;
- EFI_STATUS Status;
- BOOLEAN CertCleaned;
- UINT8 *Data;
- UINTN DataSize;
- EFI_GUID AuthVarGuid;
- AUTH_VARIABLE_INFO AuthVariableInfo;
+ UINT32 Offset;
+ AUTH_CERT_DB_DATA *Ptr;
+ UINT32 NameSize;
+ UINT32 NodeSize;
+ CHAR16 *VariableName;
+ EFI_STATUS Status;
+ BOOLEAN CertCleaned;
+ UINT8 *Data;
+ UINTN DataSize;
+ EFI_GUID AuthVarGuid;
+ AUTH_VARIABLE_INFO AuthVariableInfo;
Status = EFI_SUCCESS;
@@ -1700,7 +1719,7 @@ CleanCertsFromDb ( Status = AuthServiceInternalFindVariable (
EFI_CERT_DB_NAME,
&gEfiCertDbGuid,
- (VOID **) &Data,
+ (VOID **)&Data,
&DataSize
);
if (EFI_ERROR (Status)) {
@@ -1714,23 +1733,24 @@ CleanCertsFromDb ( Offset = sizeof (UINT32);
- while (Offset < (UINT32) DataSize) {
- Ptr = (AUTH_CERT_DB_DATA *) (Data + Offset);
+ while (Offset < (UINT32)DataSize) {
+ Ptr = (AUTH_CERT_DB_DATA *)(Data + Offset);
NodeSize = ReadUnaligned32 (&Ptr->CertNodeSize);
NameSize = ReadUnaligned32 (&Ptr->NameSize);
//
// Get VarName tailed with '\0'
//
- VariableName = AllocateZeroPool((NameSize + 1) * sizeof(CHAR16));
+ VariableName = AllocateZeroPool ((NameSize + 1) * sizeof (CHAR16));
if (VariableName == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- CopyMem (VariableName, (UINT8 *) Ptr + sizeof (AUTH_CERT_DB_DATA), NameSize * sizeof(CHAR16));
+
+ CopyMem (VariableName, (UINT8 *)Ptr + sizeof (AUTH_CERT_DB_DATA), NameSize * sizeof (CHAR16));
//
// Keep VarGuid aligned
//
- CopyMem (&AuthVarGuid, &Ptr->VendorGuid, sizeof(EFI_GUID));
+ CopyMem (&AuthVarGuid, &Ptr->VendorGuid, sizeof (EFI_GUID));
//
// Find corresponding time auth variable
@@ -1742,22 +1762,22 @@ CleanCertsFromDb ( &AuthVariableInfo
);
- if (EFI_ERROR(Status) || (AuthVariableInfo.Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0) {
+ if (EFI_ERROR (Status) || ((AuthVariableInfo.Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) == 0)) {
//
// While cleaning certdb, always delete the variable in certdb regardless of it attributes.
//
- Status = DeleteCertsFromDb(
- VariableName,
- &AuthVarGuid,
- AuthVariableInfo.Attributes | EFI_VARIABLE_NON_VOLATILE
- );
+ Status = DeleteCertsFromDb (
+ VariableName,
+ &AuthVarGuid,
+ AuthVariableInfo.Attributes | EFI_VARIABLE_NON_VOLATILE
+ );
CertCleaned = TRUE;
- DEBUG((DEBUG_INFO, "Recovery!! Cert for Auth Variable %s Guid %g is removed for consistency\n", VariableName, &AuthVarGuid));
- FreePool(VariableName);
+ DEBUG ((DEBUG_INFO, "Recovery!! Cert for Auth Variable %s Guid %g is removed for consistency\n", VariableName, &AuthVarGuid));
+ FreePool (VariableName);
break;
}
- FreePool(VariableName);
+ FreePool (VariableName);
Offset = Offset + NodeSize;
}
} while (CertCleaned);
@@ -1796,58 +1816,58 @@ CleanCertsFromDb ( **/
EFI_STATUS
VerifyTimeBasedPayload (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN AUTHVAR_TYPE AuthVarType,
- IN EFI_TIME *OrgTimeStamp,
- OUT UINT8 **VarPayloadPtr,
- OUT UINTN *VarPayloadSize
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes,
+ IN AUTHVAR_TYPE AuthVarType,
+ IN EFI_TIME *OrgTimeStamp,
+ OUT UINT8 **VarPayloadPtr,
+ OUT UINTN *VarPayloadSize
)
{
- EFI_VARIABLE_AUTHENTICATION_2 *CertData;
- UINT8 *SigData;
- UINT32 SigDataSize;
- UINT8 *PayloadPtr;
- UINTN PayloadSize;
- UINT32 Attr;
- BOOLEAN VerifyStatus;
- EFI_STATUS Status;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *Cert;
- UINTN Index;
- UINTN CertCount;
- UINT32 KekDataSize;
- UINT8 *NewData;
- UINTN NewDataSize;
- UINT8 *Buffer;
- UINTN Length;
- UINT8 *TopLevelCert;
- UINTN TopLevelCertSize;
- UINT8 *TrustedCert;
- UINTN TrustedCertSize;
- UINT8 *SignerCerts;
- UINTN CertStackSize;
- UINT8 *CertsInCertDb;
- UINT32 CertsSizeinDb;
- UINT8 Sha256Digest[SHA256_DIGEST_SIZE];
- EFI_CERT_DATA *CertDataPtr;
+ EFI_VARIABLE_AUTHENTICATION_2 *CertData;
+ UINT8 *SigData;
+ UINT32 SigDataSize;
+ UINT8 *PayloadPtr;
+ UINTN PayloadSize;
+ UINT32 Attr;
+ BOOLEAN VerifyStatus;
+ EFI_STATUS Status;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINTN Index;
+ UINTN CertCount;
+ UINT32 KekDataSize;
+ UINT8 *NewData;
+ UINTN NewDataSize;
+ UINT8 *Buffer;
+ UINTN Length;
+ UINT8 *TopLevelCert;
+ UINTN TopLevelCertSize;
+ UINT8 *TrustedCert;
+ UINTN TrustedCertSize;
+ UINT8 *SignerCerts;
+ UINTN CertStackSize;
+ UINT8 *CertsInCertDb;
+ UINT32 CertsSizeinDb;
+ UINT8 Sha256Digest[SHA256_DIGEST_SIZE];
+ EFI_CERT_DATA *CertDataPtr;
//
// 1. TopLevelCert is the top-level issuer certificate in signature Signer Cert Chain
// 2. TrustedCert is the certificate which firmware trusts. It could be saved in protected
// storage or PK payload on PK init
//
- VerifyStatus = FALSE;
- CertData = NULL;
- NewData = NULL;
- Attr = Attributes;
- SignerCerts = NULL;
- TopLevelCert = NULL;
- CertsInCertDb = NULL;
- CertDataPtr = NULL;
+ VerifyStatus = FALSE;
+ CertData = NULL;
+ NewData = NULL;
+ Attr = Attributes;
+ SignerCerts = NULL;
+ TopLevelCert = NULL;
+ CertsInCertDb = NULL;
+ CertDataPtr = NULL;
//
// When the attribute EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS is
@@ -1857,7 +1877,7 @@ VerifyTimeBasedPayload ( // variable value. The authentication descriptor is not part of the variable data and is not
// returned by subsequent calls to GetVariable().
//
- CertData = (EFI_VARIABLE_AUTHENTICATION_2 *) Data;
+ CertData = (EFI_VARIABLE_AUTHENTICATION_2 *)Data;
//
// Verify that Pad1, Nanosecond, TimeZone, Daylight and Pad2 components of the
@@ -1867,7 +1887,8 @@ VerifyTimeBasedPayload ( (CertData->TimeStamp.Nanosecond != 0) ||
(CertData->TimeStamp.TimeZone != 0) ||
(CertData->TimeStamp.Daylight != 0) ||
- (CertData->TimeStamp.Pad2 != 0)) {
+ (CertData->TimeStamp.Pad2 != 0))
+ {
return EFI_SECURITY_VIOLATION;
}
@@ -1885,7 +1906,8 @@ VerifyTimeBasedPayload ( // Cert type should be EFI_CERT_TYPE_PKCS7_GUID.
//
if ((CertData->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) ||
- !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertPkcs7Guid)) {
+ !CompareGuid (&CertData->AuthInfo.CertType, &gEfiCertPkcs7Guid))
+ {
//
// Invalid AuthInfo type, return EFI_SECURITY_VIOLATION.
//
@@ -1896,8 +1918,8 @@ VerifyTimeBasedPayload ( // Find out Pkcs7 SignedData which follows the EFI_VARIABLE_AUTHENTICATION_2 descriptor.
// AuthInfo.Hdr.dwLength is the length of the entire certificate, including the length of the header.
//
- SigData = CertData->AuthInfo.CertData;
- SigDataSize = CertData->AuthInfo.Hdr.dwLength - (UINT32) (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));
+ SigData = CertData->AuthInfo.CertData;
+ SigDataSize = CertData->AuthInfo.Hdr.dwLength - (UINT32)(OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));
//
// SignedData.digestAlgorithms shall contain the digest algorithm used when preparing the
@@ -1916,20 +1938,21 @@ VerifyTimeBasedPayload ( if ((Attributes & EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS) != 0) {
if (SigDataSize >= (13 + sizeof (mSha256OidValue))) {
if (((*(SigData + 1) & TWO_BYTE_ENCODE) != TWO_BYTE_ENCODE) ||
- (CompareMem (SigData + 13, &mSha256OidValue, sizeof (mSha256OidValue)) != 0)) {
- return EFI_SECURITY_VIOLATION;
- }
+ (CompareMem (SigData + 13, &mSha256OidValue, sizeof (mSha256OidValue)) != 0))
+ {
+ return EFI_SECURITY_VIOLATION;
+ }
}
}
//
// Find out the new data payload which follows Pkcs7 SignedData directly.
//
- PayloadPtr = SigData + SigDataSize;
- PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN) SigDataSize;
+ PayloadPtr = SigData + SigDataSize;
+ PayloadSize = DataSize - OFFSET_OF_AUTHINFO2_CERT_DATA - (UINTN)SigDataSize;
// If the VariablePolicy engine is disabled, allow deletion of any authenticated variables.
- if (PayloadSize == 0 && (Attributes & EFI_VARIABLE_APPEND_WRITE) == 0 && !IsVariablePolicyEnabled()) {
+ if ((PayloadSize == 0) && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0) && !IsVariablePolicyEnabled ()) {
VerifyStatus = TRUE;
goto Exit;
}
@@ -1950,7 +1973,7 @@ VerifyTimeBasedPayload ( // because it is only used at here to do verification temporarily first
// and then used in UpdateVariable() for a time based auth variable set.
//
- Status = mAuthVarLibContextIn->GetScratchBuffer (&NewDataSize, (VOID **) &NewData);
+ Status = mAuthVarLibContextIn->GetScratchBuffer (&NewDataSize, (VOID **)&NewData);
if (EFI_ERROR (Status)) {
return EFI_OUT_OF_RESOURCES;
}
@@ -2005,10 +2028,12 @@ VerifyTimeBasedPayload ( VerifyStatus = FALSE;
goto Exit;
}
- CertList = (EFI_SIGNATURE_LIST *) Data;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+
+ CertList = (EFI_SIGNATURE_LIST *)Data;
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
if ((TopLevelCertSize != (CertList->SignatureSize - (sizeof (EFI_SIGNATURE_DATA) - 1))) ||
- (CompareMem (Cert->SignatureData, TopLevelCert, TopLevelCertSize) != 0)) {
+ (CompareMem (Cert->SignatureData, TopLevelCert, TopLevelCertSize) != 0))
+ {
VerifyStatus = FALSE;
goto Exit;
}
@@ -2024,9 +2049,7 @@ VerifyTimeBasedPayload ( NewData,
NewDataSize
);
-
} else if (AuthVarType == AuthVarTypeKek) {
-
//
// Get KEK database from variable.
//
@@ -2043,18 +2066,18 @@ VerifyTimeBasedPayload ( //
// Ready to verify Pkcs7 SignedData. Go through KEK Signature Database to find out X.509 CertList.
//
- KekDataSize = (UINT32) DataSize;
- CertList = (EFI_SIGNATURE_LIST *) Data;
+ KekDataSize = (UINT32)DataSize;
+ CertList = (EFI_SIGNATURE_LIST *)Data;
while ((KekDataSize > 0) && (KekDataSize >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index = 0; Index < CertCount; Index++) {
//
// Iterate each Signature Data Node within this CertList for a verify
//
- TrustedCert = Cert->SignatureData;
- TrustedCertSize = CertList->SignatureSize - (sizeof (EFI_SIGNATURE_DATA) - 1);
+ TrustedCert = Cert->SignatureData;
+ TrustedCertSize = CertList->SignatureSize - (sizeof (EFI_SIGNATURE_DATA) - 1);
//
// Verify Pkcs7 SignedData via Pkcs7Verify library.
@@ -2070,14 +2093,15 @@ VerifyTimeBasedPayload ( if (VerifyStatus) {
goto Exit;
}
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);
}
}
+
KekDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
} else if (AuthVarType == AuthVarTypePriv) {
-
//
// Process common authenticated variable except PK/KEK/DB/DBX/DBT.
// Get signer's certificates from SignedData.
@@ -2112,24 +2136,25 @@ VerifyTimeBasedPayload ( // Check hash of signer cert CommonName + Top-level issuer tbsCertificate against data in CertDb
//
CertDataPtr = (EFI_CERT_DATA *)(SignerCerts + 1);
- Status = CalculatePrivAuthVarSignChainSHA256Digest(
- CertDataPtr->CertDataBuffer,
- ReadUnaligned32 ((UINT32 *)&(CertDataPtr->CertDataLength)),
- TopLevelCert,
- TopLevelCertSize,
- Sha256Digest
- );
- if (EFI_ERROR(Status) || CompareMem (Sha256Digest, CertsInCertDb, CertsSizeinDb) != 0){
+ Status = CalculatePrivAuthVarSignChainSHA256Digest (
+ CertDataPtr->CertDataBuffer,
+ ReadUnaligned32 ((UINT32 *)&(CertDataPtr->CertDataLength)),
+ TopLevelCert,
+ TopLevelCertSize,
+ Sha256Digest
+ );
+ if (EFI_ERROR (Status) || (CompareMem (Sha256Digest, CertsInCertDb, CertsSizeinDb) != 0)) {
goto Exit;
}
} else {
- //
- // Keep backward compatible with previous solution which saves whole signer certs stack in CertDb
- //
- if ((CertStackSize != CertsSizeinDb) ||
- (CompareMem (SignerCerts, CertsInCertDb, CertsSizeinDb) != 0)) {
- goto Exit;
- }
+ //
+ // Keep backward compatible with previous solution which saves whole signer certs stack in CertDb
+ //
+ if ((CertStackSize != CertsSizeinDb) ||
+ (CompareMem (SignerCerts, CertsInCertDb, CertsSizeinDb) != 0))
+ {
+ goto Exit;
+ }
}
}
@@ -2150,23 +2175,23 @@ VerifyTimeBasedPayload ( // When adding a new common authenticated variable, always save Hash of cn of signer cert + tbsCertificate of Top-level issuer
//
CertDataPtr = (EFI_CERT_DATA *)(SignerCerts + 1);
- Status = InsertCertsToDb (
- VariableName,
- VendorGuid,
- Attributes,
- CertDataPtr->CertDataBuffer,
- ReadUnaligned32 ((UINT32 *)&(CertDataPtr->CertDataLength)),
- TopLevelCert,
- TopLevelCertSize
- );
+ Status = InsertCertsToDb (
+ VariableName,
+ VendorGuid,
+ Attributes,
+ CertDataPtr->CertDataBuffer,
+ ReadUnaligned32 ((UINT32 *)&(CertDataPtr->CertDataLength)),
+ TopLevelCert,
+ TopLevelCertSize
+ );
if (EFI_ERROR (Status)) {
VerifyStatus = FALSE;
goto Exit;
}
}
} else if (AuthVarType == AuthVarTypePayload) {
- CertList = (EFI_SIGNATURE_LIST *) PayloadPtr;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertList = (EFI_SIGNATURE_LIST *)PayloadPtr;
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
TrustedCert = Cert->SignatureData;
TrustedCertSize = CertList->SignatureSize - (sizeof (EFI_SIGNATURE_DATA) - 1);
//
@@ -2186,12 +2211,13 @@ VerifyTimeBasedPayload ( Exit:
- if (AuthVarType == AuthVarTypePk || AuthVarType == AuthVarTypePriv) {
+ if ((AuthVarType == AuthVarTypePk) || (AuthVarType == AuthVarTypePriv)) {
if (TopLevelCert != NULL) {
- Pkcs7FreeSigners (TopLevelCert);
+ Pkcs7FreeSigners (TopLevelCert);
}
+
if (SignerCerts != NULL) {
- Pkcs7FreeSigners (SignerCerts);
+ Pkcs7FreeSigners (SignerCerts);
}
}
@@ -2199,12 +2225,12 @@ Exit: return EFI_SECURITY_VIOLATION;
}
- Status = CheckSignatureListFormat(VariableName, VendorGuid, PayloadPtr, PayloadSize);
+ Status = CheckSignatureListFormat (VariableName, VendorGuid, PayloadPtr, PayloadSize);
if (EFI_ERROR (Status)) {
return Status;
}
- *VarPayloadPtr = PayloadPtr;
+ *VarPayloadPtr = PayloadPtr;
*VarPayloadSize = PayloadSize;
return EFI_SUCCESS;
@@ -2238,29 +2264,29 @@ Exit: **/
EFI_STATUS
VerifyTimeBasedPayloadAndUpdate (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN AUTHVAR_TYPE AuthVarType,
- OUT BOOLEAN *VarDel
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes,
+ IN AUTHVAR_TYPE AuthVarType,
+ OUT BOOLEAN *VarDel
)
{
- EFI_STATUS Status;
- EFI_STATUS FindStatus;
- UINT8 *PayloadPtr;
- UINTN PayloadSize;
- EFI_VARIABLE_AUTHENTICATION_2 *CertData;
- AUTH_VARIABLE_INFO OrgVariableInfo;
- BOOLEAN IsDel;
+ EFI_STATUS Status;
+ EFI_STATUS FindStatus;
+ UINT8 *PayloadPtr;
+ UINTN PayloadSize;
+ EFI_VARIABLE_AUTHENTICATION_2 *CertData;
+ AUTH_VARIABLE_INFO OrgVariableInfo;
+ BOOLEAN IsDel;
ZeroMem (&OrgVariableInfo, sizeof (OrgVariableInfo));
FindStatus = mAuthVarLibContextIn->FindVariable (
- VariableName,
- VendorGuid,
- &OrgVariableInfo
- );
+ VariableName,
+ VendorGuid,
+ &OrgVariableInfo
+ );
Status = VerifyTimeBasedPayload (
VariableName,
@@ -2277,15 +2303,16 @@ VerifyTimeBasedPayloadAndUpdate ( return Status;
}
- if (!EFI_ERROR(FindStatus)
- && (PayloadSize == 0)
- && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0)) {
+ if ( !EFI_ERROR (FindStatus)
+ && (PayloadSize == 0)
+ && ((Attributes & EFI_VARIABLE_APPEND_WRITE) == 0))
+ {
IsDel = TRUE;
} else {
IsDel = FALSE;
}
- CertData = (EFI_VARIABLE_AUTHENTICATION_2 *) Data;
+ CertData = (EFI_VARIABLE_AUTHENTICATION_2 *)Data;
//
// Final step: Update/Append Variable if it pass Pkcs7Verify
@@ -2302,12 +2329,12 @@ VerifyTimeBasedPayloadAndUpdate ( //
// Delete signer's certificates when delete the common authenticated variable.
//
- if (IsDel && AuthVarType == AuthVarTypePriv && !EFI_ERROR(Status) ) {
+ if (IsDel && (AuthVarType == AuthVarTypePriv) && !EFI_ERROR (Status)) {
Status = DeleteCertsFromDb (VariableName, VendorGuid, Attributes);
}
if (VarDel != NULL) {
- if (IsDel && !EFI_ERROR(Status)) {
+ if (IsDel && !EFI_ERROR (Status)) {
*VarDel = TRUE;
} else {
*VarDel = FALSE;
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h index 2bec637f75..b202e613bc 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h +++ b/SecurityPkg/Library/AuthVariableLib/AuthServiceInternal.h @@ -31,7 +31,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Guid/AuthenticatedVariableFormat.h>
#include <Guid/ImageAuthentication.h>
-#define TWO_BYTE_ENCODE 0x82
+#define TWO_BYTE_ENCODE 0x82
///
/// Struct to record signature requirement defined by UEFI spec.
@@ -73,8 +73,8 @@ typedef enum { /// | AUTH_CERT_DB_DATA | <-- Last CERT
/// +----------------------------+
///
-#define EFI_CERT_DB_NAME L"certdb"
-#define EFI_CERT_DB_VOLATILE_NAME L"certdbv"
+#define EFI_CERT_DB_NAME L"certdb"
+#define EFI_CERT_DB_VOLATILE_NAME L"certdbv"
#pragma pack(1)
typedef struct {
@@ -87,15 +87,14 @@ typedef struct { } AUTH_CERT_DB_DATA;
#pragma pack()
-extern UINT8 *mCertDbStore;
-extern UINT32 mMaxCertDbSize;
-extern UINT32 mPlatformMode;
-extern UINT8 mVendorKeyState;
+extern UINT8 *mCertDbStore;
+extern UINT32 mMaxCertDbSize;
+extern UINT32 mPlatformMode;
+extern UINT8 mVendorKeyState;
-extern VOID *mHashCtx;
-
-extern AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn;
+extern VOID *mHashCtx;
+extern AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn;
/**
Process variable with EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS set
@@ -125,13 +124,13 @@ extern AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn; **/
EFI_STATUS
VerifyTimeBasedPayloadAndUpdate (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN AUTHVAR_TYPE AuthVarType,
- OUT BOOLEAN *VarDel
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes,
+ IN AUTHVAR_TYPE AuthVarType,
+ OUT BOOLEAN *VarDel
);
/**
@@ -151,9 +150,9 @@ VerifyTimeBasedPayloadAndUpdate ( **/
EFI_STATUS
DeleteCertsFromDb (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINT32 Attributes
);
/**
@@ -183,10 +182,10 @@ CleanCertsFromDb ( **/
EFI_STATUS
FilterSignatureList (
- IN VOID *Data,
- IN UINTN DataSize,
- IN OUT VOID *NewData,
- IN OUT UINTN *NewDataSize
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN OUT VOID *NewData,
+ IN OUT UINTN *NewDataSize
);
/**
@@ -215,12 +214,12 @@ FilterSignatureList ( **/
EFI_STATUS
ProcessVarWithPk (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes OPTIONAL,
- IN BOOLEAN IsPk
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes OPTIONAL,
+ IN BOOLEAN IsPk
);
/**
@@ -248,11 +247,11 @@ ProcessVarWithPk ( **/
EFI_STATUS
ProcessVarWithKek (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes OPTIONAL
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes OPTIONAL
);
/**
@@ -283,11 +282,11 @@ ProcessVarWithKek ( **/
EFI_STATUS
ProcessVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
);
/**
@@ -310,10 +309,10 @@ ProcessVariable ( **/
EFI_STATUS
AuthServiceInternalFindVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- OUT VOID **Data,
- OUT UINTN *DataSize
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ OUT VOID **Data,
+ OUT UINTN *DataSize
);
/**
@@ -333,11 +332,11 @@ AuthServiceInternalFindVariable ( **/
EFI_STATUS
AuthServiceInternalUpdateVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
);
/**
@@ -358,12 +357,12 @@ AuthServiceInternalUpdateVariable ( **/
EFI_STATUS
AuthServiceInternalUpdateVariableWithTimeStamp (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes,
- IN EFI_TIME *TimeStamp
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes,
+ IN EFI_TIME *TimeStamp
);
#endif
diff --git a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c index 7f31458edb..dc61ae840c 100644 --- a/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c +++ b/SecurityPkg/Library/AuthVariableLib/AuthVariableLib.c @@ -21,19 +21,19 @@ SPDX-License-Identifier: BSD-2-Clause-Patent ///
/// Global database array for scratch
///
-UINT8 *mCertDbStore;
-UINT32 mMaxCertDbSize;
-UINT32 mPlatformMode;
-UINT8 mVendorKeyState;
+UINT8 *mCertDbStore;
+UINT32 mMaxCertDbSize;
+UINT32 mPlatformMode;
+UINT8 mVendorKeyState;
-EFI_GUID mSignatureSupport[] = {EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID};
+EFI_GUID mSignatureSupport[] = { EFI_CERT_SHA1_GUID, EFI_CERT_SHA256_GUID, EFI_CERT_RSA2048_GUID, EFI_CERT_X509_GUID };
//
// Hash context pointer
//
VOID *mHashCtx = NULL;
-VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = {
+VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = {
{
&gEfiSecureBootEnableDisableGuid,
EFI_SECURE_BOOT_ENABLE_NAME,
@@ -91,9 +91,9 @@ VARIABLE_ENTRY_PROPERTY mAuthVarEntry[] = { },
};
-VOID **mAuthVarAddressPointer[9];
+VOID **mAuthVarAddressPointer[9];
-AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn = NULL;
+AUTH_VAR_LIB_CONTEXT_IN *mAuthVarLibContextIn = NULL;
/**
Initialization for authenticated variable services.
@@ -116,15 +116,15 @@ AuthVariableLibInitialize ( OUT AUTH_VAR_LIB_CONTEXT_OUT *AuthVarLibContextOut
)
{
- EFI_STATUS Status;
- UINT32 VarAttr;
- UINT8 *Data;
- UINTN DataSize;
- UINTN CtxSize;
- UINT8 SecureBootMode;
- UINT8 SecureBootEnable;
- UINT8 CustomMode;
- UINT32 ListSize;
+ EFI_STATUS Status;
+ UINT32 VarAttr;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINTN CtxSize;
+ UINT8 SecureBootMode;
+ UINT8 SecureBootEnable;
+ UINT8 CustomMode;
+ UINT32 ListSize;
if ((AuthVarLibContextIn == NULL) || (AuthVarLibContextOut == NULL)) {
return EFI_INVALID_PARAMETER;
@@ -135,8 +135,8 @@ AuthVariableLibInitialize ( //
// Initialize hash context.
//
- CtxSize = Sha256GetContextSize ();
- mHashCtx = AllocateRuntimePool (CtxSize);
+ CtxSize = Sha256GetContextSize ();
+ mHashCtx = AllocateRuntimePool (CtxSize);
if (mHashCtx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -145,13 +145,13 @@ AuthVariableLibInitialize ( // Reserve runtime buffer for certificate database. The size excludes variable header and name size.
// Use EFI_CERT_DB_VOLATILE_NAME size since it is longer.
//
- mMaxCertDbSize = (UINT32) (mAuthVarLibContextIn->MaxAuthVariableSize - sizeof (EFI_CERT_DB_VOLATILE_NAME));
+ mMaxCertDbSize = (UINT32)(mAuthVarLibContextIn->MaxAuthVariableSize - sizeof (EFI_CERT_DB_VOLATILE_NAME));
mCertDbStore = AllocateRuntimePool (mMaxCertDbSize);
if (mCertDbStore == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = AuthServiceInternalFindVariable (EFI_PLATFORM_KEY_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_INFO, "Variable %s does not exist.\n", EFI_PLATFORM_KEY_NAME));
} else {
@@ -166,11 +166,12 @@ AuthVariableLibInitialize ( } else {
mPlatformMode = USER_MODE;
}
+
Status = AuthServiceInternalUpdateVariable (
EFI_SETUP_MODE_NAME,
&gEfiGlobalVariableGuid,
&mPlatformMode,
- sizeof(UINT8),
+ sizeof (UINT8),
EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS
);
if (EFI_ERROR (Status)) {
@@ -180,13 +181,13 @@ AuthVariableLibInitialize ( //
// Create "SignatureSupport" variable with BS+RT attribute set.
//
- Status = AuthServiceInternalUpdateVariable (
- EFI_SIGNATURE_SUPPORT_NAME,
- &gEfiGlobalVariableGuid,
- mSignatureSupport,
- sizeof(mSignatureSupport),
- EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS
- );
+ Status = AuthServiceInternalUpdateVariable (
+ EFI_SIGNATURE_SUPPORT_NAME,
+ &gEfiGlobalVariableGuid,
+ mSignatureSupport,
+ sizeof (mSignatureSupport),
+ EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS
+ );
if (EFI_ERROR (Status)) {
return Status;
}
@@ -197,23 +198,23 @@ AuthVariableLibInitialize ( // If "SecureBootEnable" variable is SECURE_BOOT_DISABLE, Set "SecureBoot" variable to SECURE_BOOT_MODE_DISABLE.
//
SecureBootEnable = SECURE_BOOT_DISABLE;
- Status = AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID **) &Data, &DataSize);
+ Status = AuthServiceInternalFindVariable (EFI_SECURE_BOOT_ENABLE_NAME, &gEfiSecureBootEnableDisableGuid, (VOID **)&Data, &DataSize);
if (!EFI_ERROR (Status)) {
- if (mPlatformMode == USER_MODE){
- SecureBootEnable = *(UINT8 *) Data;
+ if (mPlatformMode == USER_MODE) {
+ SecureBootEnable = *(UINT8 *)Data;
}
} else if (mPlatformMode == USER_MODE) {
//
// "SecureBootEnable" not exist, initialize it in USER_MODE.
//
SecureBootEnable = SECURE_BOOT_ENABLE;
- Status = AuthServiceInternalUpdateVariable (
- EFI_SECURE_BOOT_ENABLE_NAME,
- &gEfiSecureBootEnableDisableGuid,
- &SecureBootEnable,
- sizeof (UINT8),
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
- );
+ Status = AuthServiceInternalUpdateVariable (
+ EFI_SECURE_BOOT_ENABLE_NAME,
+ &gEfiSecureBootEnableDisableGuid,
+ &SecureBootEnable,
+ sizeof (UINT8),
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
+ );
if (EFI_ERROR (Status)) {
return Status;
}
@@ -222,11 +223,12 @@ AuthVariableLibInitialize ( //
// Create "SecureBoot" variable with BS+RT attribute set.
//
- if (SecureBootEnable == SECURE_BOOT_ENABLE && mPlatformMode == USER_MODE) {
+ if ((SecureBootEnable == SECURE_BOOT_ENABLE) && (mPlatformMode == USER_MODE)) {
SecureBootMode = SECURE_BOOT_MODE_ENABLE;
} else {
SecureBootMode = SECURE_BOOT_MODE_DISABLE;
}
+
Status = AuthServiceInternalUpdateVariable (
EFI_SECURE_BOOT_MODE_NAME,
&gEfiGlobalVariableGuid,
@@ -246,13 +248,13 @@ AuthVariableLibInitialize ( // Initialize "CustomMode" in STANDARD_SECURE_BOOT_MODE state.
//
CustomMode = STANDARD_SECURE_BOOT_MODE;
- Status = AuthServiceInternalUpdateVariable (
- EFI_CUSTOM_MODE_NAME,
- &gEfiCustomModeEnableGuid,
- &CustomMode,
- sizeof (UINT8),
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
- );
+ Status = AuthServiceInternalUpdateVariable (
+ EFI_CUSTOM_MODE_NAME,
+ &gEfiCustomModeEnableGuid,
+ &CustomMode,
+ sizeof (UINT8),
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS
+ );
if (EFI_ERROR (Status)) {
return Status;
}
@@ -267,7 +269,7 @@ AuthVariableLibInitialize ( Status = AuthServiceInternalFindVariable (
EFI_CERT_DB_NAME,
&gEfiCertDbGuid,
- (VOID **) &Data,
+ (VOID **)&Data,
&DataSize
);
if (EFI_ERROR (Status)) {
@@ -287,7 +289,7 @@ AuthVariableLibInitialize ( //
// Clean up Certs to make certDB & Time based auth variable consistent
//
- Status = CleanCertsFromDb();
+ Status = CleanCertsFromDb ();
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "Clean up CertDB fail! Status %x\n", Status));
return Status;
@@ -313,7 +315,7 @@ AuthVariableLibInitialize ( //
// Check "VendorKeysNv" variable's existence and create "VendorKeys" variable accordingly.
//
- Status = AuthServiceInternalFindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME, &gEfiVendorKeysNvGuid, (VOID **) &Data, &DataSize);
+ Status = AuthServiceInternalFindVariable (EFI_VENDOR_KEYS_NV_VARIABLE_NAME, &gEfiVendorKeysNvGuid, (VOID **)&Data, &DataSize);
if (!EFI_ERROR (Status)) {
mVendorKeyState = *(UINT8 *)Data;
} else {
@@ -321,13 +323,13 @@ AuthVariableLibInitialize ( // "VendorKeysNv" not exist, initialize it in VENDOR_KEYS_VALID state.
//
mVendorKeyState = VENDOR_KEYS_VALID;
- Status = AuthServiceInternalUpdateVariable (
- EFI_VENDOR_KEYS_NV_VARIABLE_NAME,
- &gEfiVendorKeysNvGuid,
- &mVendorKeyState,
- sizeof (UINT8),
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
- );
+ Status = AuthServiceInternalUpdateVariable (
+ EFI_VENDOR_KEYS_NV_VARIABLE_NAME,
+ &gEfiVendorKeysNvGuid,
+ &mVendorKeyState,
+ sizeof (UINT8),
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS
+ );
if (EFI_ERROR (Status)) {
return Status;
}
@@ -349,20 +351,20 @@ AuthVariableLibInitialize ( DEBUG ((DEBUG_INFO, "Variable %s is %x\n", EFI_VENDOR_KEYS_VARIABLE_NAME, mVendorKeyState));
- AuthVarLibContextOut->StructVersion = AUTH_VAR_LIB_CONTEXT_OUT_STRUCT_VERSION;
- AuthVarLibContextOut->StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_OUT);
- AuthVarLibContextOut->AuthVarEntry = mAuthVarEntry;
- AuthVarLibContextOut->AuthVarEntryCount = ARRAY_SIZE (mAuthVarEntry);
- mAuthVarAddressPointer[0] = (VOID **) &mCertDbStore;
- mAuthVarAddressPointer[1] = (VOID **) &mHashCtx;
- mAuthVarAddressPointer[2] = (VOID **) &mAuthVarLibContextIn;
- mAuthVarAddressPointer[3] = (VOID **) &(mAuthVarLibContextIn->FindVariable),
- mAuthVarAddressPointer[4] = (VOID **) &(mAuthVarLibContextIn->FindNextVariable),
- mAuthVarAddressPointer[5] = (VOID **) &(mAuthVarLibContextIn->UpdateVariable),
- mAuthVarAddressPointer[6] = (VOID **) &(mAuthVarLibContextIn->GetScratchBuffer),
- mAuthVarAddressPointer[7] = (VOID **) &(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),
- mAuthVarAddressPointer[8] = (VOID **) &(mAuthVarLibContextIn->AtRuntime),
- AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;
+ AuthVarLibContextOut->StructVersion = AUTH_VAR_LIB_CONTEXT_OUT_STRUCT_VERSION;
+ AuthVarLibContextOut->StructSize = sizeof (AUTH_VAR_LIB_CONTEXT_OUT);
+ AuthVarLibContextOut->AuthVarEntry = mAuthVarEntry;
+ AuthVarLibContextOut->AuthVarEntryCount = ARRAY_SIZE (mAuthVarEntry);
+ mAuthVarAddressPointer[0] = (VOID **)&mCertDbStore;
+ mAuthVarAddressPointer[1] = (VOID **)&mHashCtx;
+ mAuthVarAddressPointer[2] = (VOID **)&mAuthVarLibContextIn;
+ mAuthVarAddressPointer[3] = (VOID **)&(mAuthVarLibContextIn->FindVariable),
+ mAuthVarAddressPointer[4] = (VOID **)&(mAuthVarLibContextIn->FindNextVariable),
+ mAuthVarAddressPointer[5] = (VOID **)&(mAuthVarLibContextIn->UpdateVariable),
+ mAuthVarAddressPointer[6] = (VOID **)&(mAuthVarLibContextIn->GetScratchBuffer),
+ mAuthVarAddressPointer[7] = (VOID **)&(mAuthVarLibContextIn->CheckRemainingSpaceForConsistency),
+ mAuthVarAddressPointer[8] = (VOID **)&(mAuthVarLibContextIn->AtRuntime),
+ AuthVarLibContextOut->AddressPointer = mAuthVarAddressPointer;
AuthVarLibContextOut->AddressPointerCount = ARRAY_SIZE (mAuthVarAddressPointer);
return Status;
@@ -391,16 +393,16 @@ AuthVariableLibInitialize ( EFI_STATUS
EFIAPI
AuthVariableLibProcessVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN DataSize,
- IN UINT32 Attributes
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN DataSize,
+ IN UINT32 Attributes
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
- if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)){
+ if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_PLATFORM_KEY_NAME) == 0)) {
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, TRUE);
} else if (CompareGuid (VendorGuid, &gEfiGlobalVariableGuid) && (StrCmp (VariableName, EFI_KEY_EXCHANGE_KEY_NAME) == 0)) {
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, FALSE);
@@ -408,7 +410,8 @@ AuthVariableLibProcessVariable ( ((StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) ||
(StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE1) == 0) ||
(StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE2) == 0)
- )) {
+ ))
+ {
Status = ProcessVarWithPk (VariableName, VendorGuid, Data, DataSize, Attributes, FALSE);
if (EFI_ERROR (Status)) {
Status = ProcessVarWithKek (VariableName, VendorGuid, Data, DataSize, Attributes);
diff --git a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c index 9acff2ae7d..7d1993ec87 100644 --- a/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c +++ b/SecurityPkg/Library/DxeImageAuthenticationStatusLib/DxeImageAuthenticationStatusLib.c @@ -9,7 +9,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <PiDxe.h>
#include <Library/SecurityManagementLib.h>
-
/**
Check image authentication status returned from Section Extraction Protocol
@@ -31,11 +30,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent EFI_STATUS
EFIAPI
DxeImageAuthenticationStatusHandler (
- IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
- IN VOID *FileBuffer,
- IN UINTN FileSize,
- IN BOOLEAN BootPolicy
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
+ IN VOID *FileBuffer,
+ IN UINTN FileSize,
+ IN BOOLEAN BootPolicy
)
{
if ((AuthenticationStatus & EFI_AUTH_STATUS_IMAGE_SIGNED) != 0) {
@@ -47,7 +46,6 @@ DxeImageAuthenticationStatusHandler ( return EFI_SUCCESS;
}
-
/**
Register image authentication status check handler.
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c index 77b0e764a5..66e2f5eaa3 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.c @@ -24,17 +24,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // Caution: This is used by a function which may receive untrusted input.
// These global variables hold PE/COFF image data, and they should be validated before use.
//
-EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;
-UINT32 mPeCoffHeaderOffset;
-EFI_GUID mCertType;
+EFI_IMAGE_OPTIONAL_HEADER_PTR_UNION mNtHeader;
+UINT32 mPeCoffHeaderOffset;
+EFI_GUID mCertType;
//
// Information on current PE/COFF image
//
-UINTN mImageSize;
-UINT8 *mImageBase = NULL;
-UINT8 mImageDigest[MAX_DIGEST_SIZE];
-UINTN mImageDigestSize;
+UINTN mImageSize;
+UINT8 *mImageBase = NULL;
+UINT8 mImageDigest[MAX_DIGEST_SIZE];
+UINTN mImageDigestSize;
//
// Notify string for authorization UI.
@@ -44,33 +44,32 @@ CHAR16 mNotifyString2[MAX_NOTIFY_STRING_LEN] = L"Launch this image anyway? (Yes //
// Public Exponent of RSA Key.
//
-CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
-
+CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
//
// OID ASN.1 Value for Hash Algorithms
//
-UINT8 mHashOidValue[] = {
- 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384
- 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512
- };
-
-HASH_TABLE mHash[] = {
-#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
- { L"SHA1", 20, &mHashOidValue[0], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },
-#else
- { L"SHA1", 20, &mHashOidValue[0], 5, NULL, NULL, NULL, NULL },
-#endif
- { L"SHA224", 28, &mHashOidValue[5], 9, NULL, NULL, NULL, NULL },
- { L"SHA256", 32, &mHashOidValue[14], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final},
- { L"SHA384", 48, &mHashOidValue[23], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final},
- { L"SHA512", 64, &mHashOidValue[32], 9, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final}
+UINT8 mHashOidValue[] = {
+ 0x2B, 0x0E, 0x03, 0x02, 0x1A, // OBJ_sha1
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x04, // OBJ_sha224
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x01, // OBJ_sha256
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x02, // OBJ_sha384
+ 0x60, 0x86, 0x48, 0x01, 0x65, 0x03, 0x04, 0x02, 0x03, // OBJ_sha512
+};
+
+HASH_TABLE mHash[] = {
+ #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
+ { L"SHA1", 20, &mHashOidValue[0], 5, Sha1GetContextSize, Sha1Init, Sha1Update, Sha1Final },
+ #else
+ { L"SHA1", 20, &mHashOidValue[0], 5, NULL, NULL, NULL, NULL },
+ #endif
+ { L"SHA224", 28, &mHashOidValue[5], 9, NULL, NULL, NULL, NULL },
+ { L"SHA256", 32, &mHashOidValue[14], 9, Sha256GetContextSize, Sha256Init, Sha256Update, Sha256Final },
+ { L"SHA384", 48, &mHashOidValue[23], 9, Sha384GetContextSize, Sha384Init, Sha384Update, Sha384Final },
+ { L"SHA512", 64, &mHashOidValue[32], 9, Sha512GetContextSize, Sha512Init, Sha512Update, Sha512Final }
};
-EFI_STRING mHashTypeStr;
+EFI_STRING mHashTypeStr;
/**
SecureBoot Hook for processing image verification.
@@ -85,10 +84,10 @@ EFI_STRING mHashTypeStr; VOID
EFIAPI
SecureBootHook (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINTN DataSize,
- IN VOID *Data
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINTN DataSize,
+ IN VOID *Data
);
/**
@@ -109,15 +108,15 @@ SecureBootHook ( EFI_STATUS
EFIAPI
DxeImageVerificationLibImageRead (
- IN VOID *FileHandle,
- IN UINTN FileOffset,
- IN OUT UINTN *ReadSize,
- OUT VOID *Buffer
+ IN VOID *FileHandle,
+ IN UINTN FileOffset,
+ IN OUT UINTN *ReadSize,
+ OUT VOID *Buffer
)
{
- UINTN EndPosition;
+ UINTN EndPosition;
- if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ if ((FileHandle == NULL) || (ReadSize == NULL) || (Buffer == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -134,12 +133,11 @@ DxeImageVerificationLibImageRead ( *ReadSize = 0;
}
- CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
+ CopyMem (Buffer, (UINT8 *)((UINTN)FileHandle + FileOffset), *ReadSize);
return EFI_SUCCESS;
}
-
/**
Get the image type.
@@ -151,13 +149,13 @@ DxeImageVerificationLibImageRead ( **/
UINT32
GetImageType (
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File
)
{
- EFI_STATUS Status;
- EFI_HANDLE DeviceHandle;
- EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ EFI_STATUS Status;
+ EFI_HANDLE DeviceHandle;
+ EFI_DEVICE_PATH_PROTOCOL *TempDevicePath;
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
if (File == NULL) {
return IMAGE_UNKNOWN;
@@ -166,13 +164,13 @@ GetImageType ( //
// First check to see if File is from a Firmware Volume
//
- DeviceHandle = NULL;
- TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) File;
- Status = gBS->LocateDevicePath (
- &gEfiFirmwareVolume2ProtocolGuid,
- &TempDevicePath,
- &DeviceHandle
- );
+ DeviceHandle = NULL;
+ TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
+ Status = gBS->LocateDevicePath (
+ &gEfiFirmwareVolume2ProtocolGuid,
+ &TempDevicePath,
+ &DeviceHandle
+ );
if (!EFI_ERROR (Status)) {
Status = gBS->OpenProtocol (
DeviceHandle,
@@ -191,23 +189,23 @@ GetImageType ( // Next check to see if File is from a Block I/O device
//
DeviceHandle = NULL;
- TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) File;
- Status = gBS->LocateDevicePath (
- &gEfiBlockIoProtocolGuid,
- &TempDevicePath,
- &DeviceHandle
- );
+ TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
+ Status = gBS->LocateDevicePath (
+ &gEfiBlockIoProtocolGuid,
+ &TempDevicePath,
+ &DeviceHandle
+ );
if (!EFI_ERROR (Status)) {
BlockIo = NULL;
- Status = gBS->OpenProtocol (
- DeviceHandle,
- &gEfiBlockIoProtocolGuid,
- (VOID **) &BlockIo,
- NULL,
- NULL,
- EFI_OPEN_PROTOCOL_GET_PROTOCOL
- );
- if (!EFI_ERROR (Status) && BlockIo != NULL) {
+ Status = gBS->OpenProtocol (
+ DeviceHandle,
+ &gEfiBlockIoProtocolGuid,
+ (VOID **)&BlockIo,
+ NULL,
+ NULL,
+ EFI_OPEN_PROTOCOL_GET_PROTOCOL
+ );
+ if (!EFI_ERROR (Status) && (BlockIo != NULL)) {
if (BlockIo->Media != NULL) {
if (BlockIo->Media->RemovableMedia) {
//
@@ -229,12 +227,12 @@ GetImageType ( // the device path supports the Simple File System Protocol.
//
DeviceHandle = NULL;
- TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) File;
- Status = gBS->LocateDevicePath (
- &gEfiSimpleFileSystemProtocolGuid,
- &TempDevicePath,
- &DeviceHandle
- );
+ TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
+ Status = gBS->LocateDevicePath (
+ &gEfiSimpleFileSystemProtocolGuid,
+ &TempDevicePath,
+ &DeviceHandle
+ );
if (!EFI_ERROR (Status)) {
//
// Simple File System is present without Block I/O, so assume media is fixed.
@@ -246,27 +244,30 @@ GetImageType ( // File is not from an FV, Block I/O or Simple File System, so the only options
// left are a PCI Option ROM and a Load File Protocol such as a PXE Boot from a NIC.
//
- TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *) File;
+ TempDevicePath = (EFI_DEVICE_PATH_PROTOCOL *)File;
while (!IsDevicePathEndType (TempDevicePath)) {
switch (DevicePathType (TempDevicePath)) {
+ case MEDIA_DEVICE_PATH:
+ if (DevicePathSubType (TempDevicePath) == MEDIA_RELATIVE_OFFSET_RANGE_DP) {
+ return IMAGE_FROM_OPTION_ROM;
+ }
- case MEDIA_DEVICE_PATH:
- if (DevicePathSubType (TempDevicePath) == MEDIA_RELATIVE_OFFSET_RANGE_DP) {
- return IMAGE_FROM_OPTION_ROM;
- }
- break;
+ break;
- case MESSAGING_DEVICE_PATH:
- if (DevicePathSubType(TempDevicePath) == MSG_MAC_ADDR_DP) {
- return IMAGE_FROM_REMOVABLE_MEDIA;
- }
- break;
+ case MESSAGING_DEVICE_PATH:
+ if (DevicePathSubType (TempDevicePath) == MSG_MAC_ADDR_DP) {
+ return IMAGE_FROM_REMOVABLE_MEDIA;
+ }
- default:
- break;
+ break;
+
+ default:
+ break;
}
+
TempDevicePath = NextDevicePathNode (TempDevicePath);
}
+
return IMAGE_UNKNOWN;
}
@@ -289,7 +290,7 @@ GetImageType ( **/
BOOLEAN
HashPeImage (
- IN UINT32 HashAlg
+ IN UINT32 HashAlg
)
{
BOOLEAN Status;
@@ -319,34 +320,34 @@ HashPeImage ( ZeroMem (mImageDigest, MAX_DIGEST_SIZE);
switch (HashAlg) {
-#ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
- case HASHALG_SHA1:
- mImageDigestSize = SHA1_DIGEST_SIZE;
- mCertType = gEfiCertSha1Guid;
- break;
-#endif
-
- case HASHALG_SHA256:
- mImageDigestSize = SHA256_DIGEST_SIZE;
- mCertType = gEfiCertSha256Guid;
- break;
-
- case HASHALG_SHA384:
- mImageDigestSize = SHA384_DIGEST_SIZE;
- mCertType = gEfiCertSha384Guid;
- break;
-
- case HASHALG_SHA512:
- mImageDigestSize = SHA512_DIGEST_SIZE;
- mCertType = gEfiCertSha512Guid;
- break;
-
- default:
- return FALSE;
+ #ifndef DISABLE_SHA1_DEPRECATED_INTERFACES
+ case HASHALG_SHA1:
+ mImageDigestSize = SHA1_DIGEST_SIZE;
+ mCertType = gEfiCertSha1Guid;
+ break;
+ #endif
+
+ case HASHALG_SHA256:
+ mImageDigestSize = SHA256_DIGEST_SIZE;
+ mCertType = gEfiCertSha256Guid;
+ break;
+
+ case HASHALG_SHA384:
+ mImageDigestSize = SHA384_DIGEST_SIZE;
+ mCertType = gEfiCertSha384Guid;
+ break;
+
+ case HASHALG_SHA512:
+ mImageDigestSize = SHA512_DIGEST_SIZE;
+ mCertType = gEfiCertSha512Guid;
+ break;
+
+ default:
+ return FALSE;
}
mHashTypeStr = mHash[HashAlg].Name;
- CtxSize = mHash[HashAlg].GetContextSize();
+ CtxSize = mHash[HashAlg].GetContextSize ();
HashCtx = AllocatePool (CtxSize);
if (HashCtx == NULL) {
@@ -356,7 +357,7 @@ HashPeImage ( // 1. Load the image header into memory.
// 2. Initialize a SHA hash context.
- Status = mHash[HashAlg].HashInit(HashCtx);
+ Status = mHash[HashAlg].HashInit (HashCtx);
if (!Status) {
goto Done;
@@ -376,13 +377,13 @@ HashPeImage ( //
// Use PE32 offset.
//
- HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ HashSize = (UINTN)(&mNtHeader.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;
NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes;
} else if (mNtHeader.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
//
// Use PE32+ offset.
//
- HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ HashSize = (UINTN)(&mNtHeader.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;
NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
} else {
//
@@ -392,7 +393,7 @@ HashPeImage ( goto Done;
}
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -409,18 +410,18 @@ HashPeImage ( //
// Use PE32 offset.
//
- HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN) HashBase - (UINTN) mImageBase);
+ HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);
} else {
//
// Use PE32+ offset.
//
- HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN) HashBase - (UINTN) mImageBase);
+ HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);
}
if (HashSize != 0) {
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -433,18 +434,18 @@ HashPeImage ( //
// Use PE32 offset.
//
- HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) (&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN)(&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
} else {
//
// Use PE32+ offset.
//
- HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) (&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN)(&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
}
if (HashSize != 0) {
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -458,18 +459,18 @@ HashPeImage ( //
// Use PE32 offset
//
- HashBase = (UINT8 *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN) HashBase - (UINTN) mImageBase);
+ HashBase = (UINT8 *)&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = mNtHeader.Pe32->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);
} else {
//
// Use PE32+ offset.
//
- HashBase = (UINT8 *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN) HashBase - (UINTN) mImageBase);
+ HashBase = (UINT8 *)&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders - ((UINTN)HashBase - (UINTN)mImageBase);
}
if (HashSize != 0) {
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -491,14 +492,13 @@ HashPeImage ( SumOfBytesHashed = mNtHeader.Pe32Plus->OptionalHeader.SizeOfHeaders;
}
-
- Section = (EFI_IMAGE_SECTION_HEADER *) (
- mImageBase +
- mPeCoffHeaderOffset +
- sizeof (UINT32) +
- sizeof (EFI_IMAGE_FILE_HEADER) +
- mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader
- );
+ Section = (EFI_IMAGE_SECTION_HEADER *)(
+ mImageBase +
+ mPeCoffHeaderOffset +
+ sizeof (UINT32) +
+ sizeof (EFI_IMAGE_FILE_HEADER) +
+ mNtHeader.Pe32->FileHeader.SizeOfOptionalHeader
+ );
//
// 11. Build a temporary table of pointers to all the IMAGE_SECTION_HEADER
@@ -506,11 +506,12 @@ HashPeImage ( // header indicates how big the table should be. Do not include any
// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
//
- SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);
+ SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * mNtHeader.Pe32->FileHeader.NumberOfSections);
if (SectionHeader == NULL) {
Status = FALSE;
goto Done;
}
+
//
// 12. Using the 'PointerToRawData' in the referenced section headers as
// a key, arrange the elements in the table in ascending order. In other
@@ -523,6 +524,7 @@ HashPeImage ( CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
Pos--;
}
+
CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));
Section += 1;
}
@@ -539,10 +541,11 @@ HashPeImage ( if (Section->SizeOfRawData == 0) {
continue;
}
- HashBase = mImageBase + Section->PointerToRawData;
- HashSize = (UINTN) Section->SizeOfRawData;
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ HashBase = mImageBase + Section->PointerToRawData;
+ HashSize = (UINTN)Section->SizeOfRawData;
+
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -576,9 +579,9 @@ HashPeImage ( }
if (mImageSize > CertSize + SumOfBytesHashed) {
- HashSize = (UINTN) (mImageSize - CertSize - SumOfBytesHashed);
+ HashSize = (UINTN)(mImageSize - CertSize - SumOfBytesHashed);
- Status = mHash[HashAlg].HashUpdate(HashCtx, HashBase, HashSize);
+ Status = mHash[HashAlg].HashUpdate (HashCtx, HashBase, HashSize);
if (!Status) {
goto Done;
}
@@ -588,15 +591,17 @@ HashPeImage ( }
}
- Status = mHash[HashAlg].HashFinal(HashCtx, mImageDigest);
+ Status = mHash[HashAlg].HashFinal (HashCtx, mImageDigest);
Done:
if (HashCtx != NULL) {
FreePool (HashCtx);
}
+
if (SectionHeader != NULL) {
FreePool (SectionHeader);
}
+
return Status;
}
@@ -618,11 +623,11 @@ Done: **/
EFI_STATUS
HashPeImageByType (
- IN UINT8 *AuthData,
- IN UINTN AuthDataSize
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize
)
{
- UINT8 Index;
+ UINT8 Index;
for (Index = 0; Index < HASHALG_MAX; Index++) {
//
@@ -660,14 +665,13 @@ HashPeImageByType ( //
// HASH PE Image based on Hash algorithm in PE/COFF Authenticode.
//
- if (!HashPeImage(Index)) {
+ if (!HashPeImage (Index)) {
return EFI_UNSUPPORTED;
}
return EFI_SUCCESS;
}
-
/**
Returns the size of a given image execution info table in bytes.
@@ -682,7 +686,7 @@ HashPeImageByType ( **/
UINTN
GetImageExeInfoTableSize (
- EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable
+ EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable
)
{
UINTN Index;
@@ -693,11 +697,11 @@ GetImageExeInfoTableSize ( return 0;
}
- ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *) ((UINT8 *) ImageExeInfoTable + sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE));
- TotalSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);
+ ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)ImageExeInfoTable + sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE));
+ TotalSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);
for (Index = 0; Index < ImageExeInfoTable->NumberOfImages; Index++) {
- TotalSize += ReadUnaligned32 ((UINT32 *) &ImageExeInfoItem->InfoSize);
- ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *) ((UINT8 *) ImageExeInfoItem + ReadUnaligned32 ((UINT32 *) &ImageExeInfoItem->InfoSize));
+ TotalSize += ReadUnaligned32 ((UINT32 *)&ImageExeInfoItem->InfoSize);
+ ImageExeInfoItem = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)ImageExeInfoItem + ReadUnaligned32 ((UINT32 *)&ImageExeInfoItem->InfoSize));
}
return TotalSize;
@@ -715,11 +719,11 @@ GetImageExeInfoTableSize ( **/
VOID
AddImageExeInfo (
- IN EFI_IMAGE_EXECUTION_ACTION Action,
- IN CHAR16 *Name OPTIONAL,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,
- IN EFI_SIGNATURE_LIST *Signature OPTIONAL,
- IN UINTN SignatureSize
+ IN EFI_IMAGE_EXECUTION_ACTION Action,
+ IN CHAR16 *Name OPTIONAL,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath,
+ IN EFI_SIGNATURE_LIST *Signature OPTIONAL,
+ IN UINTN SignatureSize
)
{
EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable;
@@ -731,14 +735,14 @@ AddImageExeInfo ( UINTN DevicePathSize;
CHAR16 *NameStr;
- ImageExeInfoTable = NULL;
- NewImageExeInfoTable = NULL;
- ImageExeInfoEntry = NULL;
- NameStringLen = 0;
- NameStr = NULL;
+ ImageExeInfoTable = NULL;
+ NewImageExeInfoTable = NULL;
+ ImageExeInfoEntry = NULL;
+ NameStringLen = 0;
+ NameStr = NULL;
if (DevicePath == NULL) {
- return ;
+ return;
}
if (Name != NULL) {
@@ -747,7 +751,7 @@ AddImageExeInfo ( NameStringLen = sizeof (CHAR16);
}
- EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **) &ImageExeInfoTable);
+ EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **)&ImageExeInfoTable);
if (ImageExeInfoTable != NULL) {
//
// The table has been found!
@@ -762,7 +766,7 @@ AddImageExeInfo ( ImageExeInfoTableSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);
}
- DevicePathSize = GetDevicePathSize (DevicePath);
+ DevicePathSize = GetDevicePathSize (DevicePath);
//
// Signature size can be odd. Pad after signature to ensure next EXECUTION_INFO entry align
@@ -770,9 +774,9 @@ AddImageExeInfo ( ASSERT (Signature != NULL || SignatureSize == 0);
NewImageExeInfoEntrySize = sizeof (EFI_IMAGE_EXECUTION_INFO) + NameStringLen + DevicePathSize + SignatureSize;
- NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
+ NewImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *)AllocateRuntimePool (ImageExeInfoTableSize + NewImageExeInfoEntrySize);
if (NewImageExeInfoTable == NULL) {
- return ;
+ return;
}
if (ImageExeInfoTable != NULL) {
@@ -780,37 +784,39 @@ AddImageExeInfo ( } else {
NewImageExeInfoTable->NumberOfImages = 0;
}
+
NewImageExeInfoTable->NumberOfImages++;
- ImageExeInfoEntry = (EFI_IMAGE_EXECUTION_INFO *) ((UINT8 *) NewImageExeInfoTable + ImageExeInfoTableSize);
+ ImageExeInfoEntry = (EFI_IMAGE_EXECUTION_INFO *)((UINT8 *)NewImageExeInfoTable + ImageExeInfoTableSize);
//
// Update new item's information.
//
- WriteUnaligned32 ((UINT32 *) ImageExeInfoEntry, Action);
- WriteUnaligned32 ((UINT32 *) ((UINT8 *) ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION)), (UINT32) NewImageExeInfoEntrySize);
+ WriteUnaligned32 ((UINT32 *)ImageExeInfoEntry, Action);
+ WriteUnaligned32 ((UINT32 *)((UINT8 *)ImageExeInfoEntry + sizeof (EFI_IMAGE_EXECUTION_ACTION)), (UINT32)NewImageExeInfoEntrySize);
NameStr = (CHAR16 *)(ImageExeInfoEntry + 1);
if (Name != NULL) {
- CopyMem ((UINT8 *) NameStr, Name, NameStringLen);
+ CopyMem ((UINT8 *)NameStr, Name, NameStringLen);
} else {
- ZeroMem ((UINT8 *) NameStr, sizeof (CHAR16));
+ ZeroMem ((UINT8 *)NameStr, sizeof (CHAR16));
}
CopyMem (
- (UINT8 *) NameStr + NameStringLen,
+ (UINT8 *)NameStr + NameStringLen,
DevicePath,
DevicePathSize
);
if (Signature != NULL) {
CopyMem (
- (UINT8 *) NameStr + NameStringLen + DevicePathSize,
+ (UINT8 *)NameStr + NameStringLen + DevicePathSize,
Signature,
SignatureSize
);
}
+
//
// Update/replace the image execution table.
//
- gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *) NewImageExeInfoTable);
+ gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *)NewImageExeInfoTable);
//
// Free Old table data!
@@ -888,7 +894,7 @@ IsCertHashFoundInDbx ( HashAlg = HASHALG_SHA512;
} else {
DbxSize -= DbxList->SignatureListSize;
- DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
+ DbxList = (EFI_SIGNATURE_LIST *)((UINT8 *)DbxList + DbxList->SignatureListSize);
continue;
}
@@ -898,17 +904,21 @@ IsCertHashFoundInDbx ( if (mHash[HashAlg].GetContextSize == NULL) {
goto Done;
}
+
ZeroMem (CertDigest, MAX_DIGEST_SIZE);
HashCtx = AllocatePool (mHash[HashAlg].GetContextSize ());
if (HashCtx == NULL) {
goto Done;
}
+
if (!mHash[HashAlg].HashInit (HashCtx)) {
goto Done;
}
+
if (!mHash[HashAlg].HashUpdate (HashCtx, TBSCert, TBSCertSize)) {
goto Done;
}
+
if (!mHash[HashAlg].HashFinal (HashCtx, CertDigest)) {
goto Done;
}
@@ -917,7 +927,7 @@ IsCertHashFoundInDbx ( HashCtx = NULL;
SiglistHeaderSize = sizeof (EFI_SIGNATURE_LIST) + DbxList->SignatureHeaderSize;
- CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) DbxList + SiglistHeaderSize);
+ CertHash = (EFI_SIGNATURE_DATA *)((UINT8 *)DbxList + SiglistHeaderSize);
CertHashCount = (DbxList->SignatureListSize - SiglistHeaderSize) / DbxList->SignatureSize;
for (Index = 0; Index < CertHashCount; Index++) {
//
@@ -937,11 +947,12 @@ IsCertHashFoundInDbx ( CopyMem (RevocationTime, (EFI_TIME *)(DbxCertHash + mHash[HashAlg].DigestLength), sizeof (EFI_TIME));
goto Done;
}
- CertHash = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertHash + DbxList->SignatureSize);
+
+ CertHash = (EFI_SIGNATURE_DATA *)((UINT8 *)CertHash + DbxList->SignatureSize);
}
DbxSize -= DbxList->SignatureListSize;
- DbxList = (EFI_SIGNATURE_LIST *) ((UINT8 *) DbxList + DbxList->SignatureListSize);
+ DbxList = (EFI_SIGNATURE_LIST *)((UINT8 *)DbxList + DbxList->SignatureListSize);
}
Status = EFI_SUCCESS;
@@ -969,11 +980,11 @@ Done: **/
EFI_STATUS
IsSignatureFoundInDatabase (
- IN CHAR16 *VariableName,
- IN UINT8 *Signature,
- IN EFI_GUID *CertType,
- IN UINTN SignatureSize,
- OUT BOOLEAN *IsFound
+ IN CHAR16 *VariableName,
+ IN UINT8 *Signature,
+ IN EFI_GUID *CertType,
+ IN UINTN SignatureSize,
+ OUT BOOLEAN *IsFound
)
{
EFI_STATUS Status;
@@ -987,10 +998,10 @@ IsSignatureFoundInDatabase ( //
// Read signature database variable.
//
- *IsFound = FALSE;
- Data = NULL;
- DataSize = 0;
- Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
+ *IsFound = FALSE;
+ Data = NULL;
+ DataSize = 0;
+ Status = gRT->GetVariable (VariableName, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, NULL);
if (Status != EFI_BUFFER_TOO_SMALL) {
if (Status == EFI_NOT_FOUND) {
//
@@ -1002,7 +1013,7 @@ IsSignatureFoundInDatabase ( return Status;
}
- Data = (UINT8 *) AllocateZeroPool (DataSize);
+ Data = (UINT8 *)AllocateZeroPool (DataSize);
if (Data == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -1011,14 +1022,15 @@ IsSignatureFoundInDatabase ( if (EFI_ERROR (Status)) {
goto Done;
}
+
//
// Enumerate all signature data in SigDB to check if signature exists for executable.
//
- CertList = (EFI_SIGNATURE_LIST *) Data;
+ CertList = (EFI_SIGNATURE_LIST *)Data;
while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {
CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
- if ((CertList->SignatureSize == sizeof(EFI_SIGNATURE_DATA) - 1 + SignatureSize) && (CompareGuid(&CertList->SignatureType, CertType))) {
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ if ((CertList->SignatureSize == sizeof (EFI_SIGNATURE_DATA) - 1 + SignatureSize) && (CompareGuid (&CertList->SignatureType, CertType))) {
for (Index = 0; Index < CertCount; Index++) {
if (CompareMem (Cert->SignatureData, Signature, SignatureSize) == 0) {
//
@@ -1028,13 +1040,14 @@ IsSignatureFoundInDatabase ( //
// Entries in UEFI_IMAGE_SECURITY_DATABASE that are used to validate image should be measured
//
- if (StrCmp(VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) {
+ if (StrCmp (VariableName, EFI_IMAGE_SECURITY_DATABASE) == 0) {
SecureBootHook (VariableName, &gEfiImageSecurityDatabaseGuid, CertList->SignatureSize, Cert);
}
+
break;
}
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);
}
if (*IsFound) {
@@ -1043,7 +1056,7 @@ IsSignatureFoundInDatabase ( }
DataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
Done:
@@ -1066,23 +1079,23 @@ Done: **/
BOOLEAN
IsValidSignatureByTimestamp (
- IN EFI_TIME *SigningTime,
- IN EFI_TIME *RevocationTime
+ IN EFI_TIME *SigningTime,
+ IN EFI_TIME *RevocationTime
)
{
if (SigningTime->Year != RevocationTime->Year) {
- return (BOOLEAN) (SigningTime->Year < RevocationTime->Year);
+ return (BOOLEAN)(SigningTime->Year < RevocationTime->Year);
} else if (SigningTime->Month != RevocationTime->Month) {
- return (BOOLEAN) (SigningTime->Month < RevocationTime->Month);
+ return (BOOLEAN)(SigningTime->Month < RevocationTime->Month);
} else if (SigningTime->Day != RevocationTime->Day) {
- return (BOOLEAN) (SigningTime->Day < RevocationTime->Day);
+ return (BOOLEAN)(SigningTime->Day < RevocationTime->Day);
} else if (SigningTime->Hour != RevocationTime->Hour) {
- return (BOOLEAN) (SigningTime->Hour < RevocationTime->Hour);
+ return (BOOLEAN)(SigningTime->Hour < RevocationTime->Hour);
} else if (SigningTime->Minute != RevocationTime->Minute) {
- return (BOOLEAN) (SigningTime->Minute < RevocationTime->Minute);
+ return (BOOLEAN)(SigningTime->Minute < RevocationTime->Minute);
}
- return (BOOLEAN) (SigningTime->Second <= RevocationTime->Second);
+ return (BOOLEAN)(SigningTime->Second <= RevocationTime->Second);
}
/**
@@ -1096,11 +1109,12 @@ IsValidSignatureByTimestamp ( **/
BOOLEAN
IsTimeZero (
- IN EFI_TIME *Time
+ IN EFI_TIME *Time
)
{
if ((Time->Year == 0) && (Time->Month == 0) && (Time->Day == 0) &&
- (Time->Hour == 0) && (Time->Minute == 0) && (Time->Second == 0)) {
+ (Time->Hour == 0) && (Time->Minute == 0) && (Time->Second == 0))
+ {
return TRUE;
}
@@ -1123,32 +1137,32 @@ IsTimeZero ( **/
BOOLEAN
PassTimestampCheck (
- IN UINT8 *AuthData,
- IN UINTN AuthDataSize,
- IN EFI_TIME *RevocationTime
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize,
+ IN EFI_TIME *RevocationTime
)
{
- EFI_STATUS Status;
- BOOLEAN VerifyStatus;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *Cert;
- UINT8 *DbtData;
- UINTN DbtDataSize;
- UINT8 *RootCert;
- UINTN RootCertSize;
- UINTN Index;
- UINTN CertCount;
- EFI_TIME SigningTime;
+ EFI_STATUS Status;
+ BOOLEAN VerifyStatus;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *Cert;
+ UINT8 *DbtData;
+ UINTN DbtDataSize;
+ UINT8 *RootCert;
+ UINTN RootCertSize;
+ UINTN Index;
+ UINTN CertCount;
+ EFI_TIME SigningTime;
//
// Variable Initialization
//
- VerifyStatus = FALSE;
- DbtData = NULL;
- CertList = NULL;
- Cert = NULL;
- RootCert = NULL;
- RootCertSize = 0;
+ VerifyStatus = FALSE;
+ DbtData = NULL;
+ CertList = NULL;
+ Cert = NULL;
+ RootCert = NULL;
+ RootCertSize = 0;
//
// If RevocationTime is zero, the certificate shall be considered to always be revoked.
@@ -1162,23 +1176,25 @@ PassTimestampCheck ( // Using the dbt to get the trusted TSA certificates.
//
DbtDataSize = 0;
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL);
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, NULL);
if (Status != EFI_BUFFER_TOO_SMALL) {
goto Done;
}
- DbtData = (UINT8 *) AllocateZeroPool (DbtDataSize);
+
+ DbtData = (UINT8 *)AllocateZeroPool (DbtDataSize);
if (DbtData == NULL) {
goto Done;
}
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *) DbtData);
+
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE2, &gEfiImageSecurityDatabaseGuid, NULL, &DbtDataSize, (VOID *)DbtData);
if (EFI_ERROR (Status)) {
goto Done;
}
- CertList = (EFI_SIGNATURE_LIST *) DbtData;
+ CertList = (EFI_SIGNATURE_LIST *)DbtData;
while ((DbtDataSize > 0) && (DbtDataSize >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index = 0; Index < CertCount; Index++) {
//
@@ -1198,11 +1214,13 @@ PassTimestampCheck ( goto Done;
}
}
- Cert = (EFI_SIGNATURE_DATA *) ((UINT8 *) Cert + CertList->SignatureSize);
+
+ Cert = (EFI_SIGNATURE_DATA *)((UINT8 *)Cert + CertList->SignatureSize);
}
}
+
DbtDataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
Done:
@@ -1226,31 +1244,32 @@ Done: **/
BOOLEAN
IsForbiddenByDbx (
- IN UINT8 *AuthData,
- IN UINTN AuthDataSize
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize
)
{
- EFI_STATUS Status;
- BOOLEAN IsForbidden;
- BOOLEAN IsFound;
- UINT8 *Data;
- UINTN DataSize;
- EFI_SIGNATURE_LIST *CertList;
- UINTN CertListSize;
- EFI_SIGNATURE_DATA *CertData;
- UINT8 *RootCert;
- UINTN RootCertSize;
- UINTN CertCount;
- UINTN Index;
- UINT8 *CertBuffer;
- UINTN BufferLength;
- UINT8 *TrustedCert;
- UINTN TrustedCertLength;
- UINT8 CertNumber;
- UINT8 *CertPtr;
- UINT8 *Cert;
- UINTN CertSize;
- EFI_TIME RevocationTime;
+ EFI_STATUS Status;
+ BOOLEAN IsForbidden;
+ BOOLEAN IsFound;
+ UINT8 *Data;
+ UINTN DataSize;
+ EFI_SIGNATURE_LIST *CertList;
+ UINTN CertListSize;
+ EFI_SIGNATURE_DATA *CertData;
+ UINT8 *RootCert;
+ UINTN RootCertSize;
+ UINTN CertCount;
+ UINTN Index;
+ UINT8 *CertBuffer;
+ UINTN BufferLength;
+ UINT8 *TrustedCert;
+ UINTN TrustedCertLength;
+ UINT8 CertNumber;
+ UINT8 *CertPtr;
+ UINT8 *Cert;
+ UINTN CertSize;
+ EFI_TIME RevocationTime;
+
//
// Variable Initialization
//
@@ -1279,14 +1298,16 @@ IsForbiddenByDbx ( //
IsForbidden = FALSE;
}
+
return IsForbidden;
}
- Data = (UINT8 *) AllocateZeroPool (DataSize);
+
+ Data = (UINT8 *)AllocateZeroPool (DataSize);
if (Data == NULL) {
return IsForbidden;
}
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *)Data);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -1295,11 +1316,11 @@ IsForbiddenByDbx ( // Verify image signature with RAW X509 certificates in DBX database.
// If passed, the image will be forbidden.
//
- CertList = (EFI_SIGNATURE_LIST *) Data;
+ CertList = (EFI_SIGNATURE_LIST *)Data;
CertListSize = DataSize;
while ((CertListSize > 0) && (CertListSize >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index = 0; Index < CertCount; Index++) {
@@ -1325,12 +1346,12 @@ IsForbiddenByDbx ( goto Done;
}
- CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertData + CertList->SignatureSize);
+ CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertData + CertList->SignatureSize);
}
}
CertListSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
//
@@ -1350,7 +1371,7 @@ IsForbiddenByDbx ( // UINT8 Certn[];
//
Pkcs7GetSigners (AuthData, AuthDataSize, &CertBuffer, &BufferLength, &TrustedCert, &TrustedCertLength);
- if ((BufferLength == 0) || (CertBuffer == NULL) || (*CertBuffer) == 0) {
+ if ((BufferLength == 0) || (CertBuffer == NULL) || ((*CertBuffer) == 0)) {
IsForbidden = TRUE;
goto Done;
}
@@ -1358,10 +1379,10 @@ IsForbiddenByDbx ( //
// Check if any hash of certificates embedded in AuthData is in the forbidden database.
//
- CertNumber = (UINT8) (*CertBuffer);
+ CertNumber = (UINT8)(*CertBuffer);
CertPtr = CertBuffer + 1;
for (Index = 0; Index < CertNumber; Index++) {
- CertSize = (UINTN) ReadUnaligned32 ((UINT32 *)CertPtr);
+ CertSize = (UINTN)ReadUnaligned32 ((UINT32 *)CertPtr);
Cert = (UINT8 *)CertPtr + sizeof (UINT32);
//
// Advance CertPtr to the next cert in image signer's cert list
@@ -1392,7 +1413,6 @@ IsForbiddenByDbx ( goto Done;
}
}
-
}
IsForbidden = FALSE;
@@ -1408,7 +1428,6 @@ Done: return IsForbidden;
}
-
/**
Check whether the image signature can be verified by the trusted certificates in DB database.
@@ -1421,32 +1440,32 @@ Done: **/
BOOLEAN
IsAllowedByDb (
- IN UINT8 *AuthData,
- IN UINTN AuthDataSize
+ IN UINT8 *AuthData,
+ IN UINTN AuthDataSize
)
{
- EFI_STATUS Status;
- BOOLEAN VerifyStatus;
- BOOLEAN IsFound;
- EFI_SIGNATURE_LIST *CertList;
- EFI_SIGNATURE_DATA *CertData;
- UINTN DataSize;
- UINT8 *Data;
- UINT8 *RootCert;
- UINTN RootCertSize;
- UINTN Index;
- UINTN CertCount;
- UINTN DbxDataSize;
- UINT8 *DbxData;
- EFI_TIME RevocationTime;
+ EFI_STATUS Status;
+ BOOLEAN VerifyStatus;
+ BOOLEAN IsFound;
+ EFI_SIGNATURE_LIST *CertList;
+ EFI_SIGNATURE_DATA *CertData;
+ UINTN DataSize;
+ UINT8 *Data;
+ UINT8 *RootCert;
+ UINTN RootCertSize;
+ UINTN Index;
+ UINTN CertCount;
+ UINTN DbxDataSize;
+ UINT8 *DbxData;
+ EFI_TIME RevocationTime;
- Data = NULL;
- CertList = NULL;
- CertData = NULL;
- RootCert = NULL;
- DbxData = NULL;
- RootCertSize = 0;
- VerifyStatus = FALSE;
+ Data = NULL;
+ CertList = NULL;
+ CertData = NULL;
+ RootCert = NULL;
+ DbxData = NULL;
+ RootCertSize = 0;
+ VerifyStatus = FALSE;
//
// Fetch 'db' content. If 'db' doesn't exist or encounters problem to get the
@@ -1459,12 +1478,12 @@ IsAllowedByDb ( return VerifyStatus;
}
- Data = (UINT8 *) AllocateZeroPool (DataSize);
+ Data = (UINT8 *)AllocateZeroPool (DataSize);
if (Data == NULL) {
return VerifyStatus;
}
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *) Data);
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid, NULL, &DataSize, (VOID *)Data);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -1481,6 +1500,7 @@ IsAllowedByDb ( if (Status != EFI_NOT_FOUND) {
goto Done;
}
+
//
// 'dbx' does not exist. Continue to check 'db'.
//
@@ -1488,12 +1508,12 @@ IsAllowedByDb ( //
// 'dbx' exists. Get its content.
//
- DbxData = (UINT8 *) AllocateZeroPool (DbxDataSize);
+ DbxData = (UINT8 *)AllocateZeroPool (DbxDataSize);
if (DbxData == NULL) {
goto Done;
}
- Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DbxDataSize, (VOID *) DbxData);
+ Status = gRT->GetVariable (EFI_IMAGE_SECURITY_DATABASE1, &gEfiImageSecurityDatabaseGuid, NULL, &DbxDataSize, (VOID *)DbxData);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -1502,10 +1522,10 @@ IsAllowedByDb ( //
// Find X509 certificate in Signature List to verify the signature in pkcs7 signed data.
//
- CertList = (EFI_SIGNATURE_LIST *) Data;
+ CertList = (EFI_SIGNATURE_LIST *)Data;
while ((DataSize > 0) && (DataSize >= CertList->SignatureListSize)) {
if (CompareGuid (&CertList->SignatureType, &gEfiCertX509Guid)) {
- CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
+ CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertList + sizeof (EFI_SIGNATURE_LIST) + CertList->SignatureHeaderSize);
CertCount = (CertList->SignatureListSize - sizeof (EFI_SIGNATURE_LIST) - CertList->SignatureHeaderSize) / CertList->SignatureSize;
for (Index = 0; Index < CertCount; Index++) {
@@ -1561,12 +1581,12 @@ IsAllowedByDb ( goto Done;
}
- CertData = (EFI_SIGNATURE_DATA *) ((UINT8 *) CertData + CertList->SignatureSize);
+ CertData = (EFI_SIGNATURE_DATA *)((UINT8 *)CertData + CertList->SignatureSize);
}
}
DataSize -= CertList->SignatureListSize;
- CertList = (EFI_SIGNATURE_LIST *) ((UINT8 *) CertList + CertList->SignatureListSize);
+ CertList = (EFI_SIGNATURE_LIST *)((UINT8 *)CertList + CertList->SignatureListSize);
}
Done:
@@ -1578,6 +1598,7 @@ Done: if (Data != NULL) {
FreePool (Data);
}
+
if (DbxData != NULL) {
FreePool (DbxData);
}
@@ -1635,37 +1656,37 @@ Done: EFI_STATUS
EFIAPI
DxeImageVerificationHandler (
- IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
- IN VOID *FileBuffer,
- IN UINTN FileSize,
- IN BOOLEAN BootPolicy
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
+ IN VOID *FileBuffer,
+ IN UINTN FileSize,
+ IN BOOLEAN BootPolicy
)
{
- EFI_IMAGE_DOS_HEADER *DosHdr;
- BOOLEAN IsVerified;
- EFI_SIGNATURE_LIST *SignatureList;
- UINTN SignatureListSize;
- EFI_SIGNATURE_DATA *Signature;
- EFI_IMAGE_EXECUTION_ACTION Action;
- WIN_CERTIFICATE *WinCertificate;
- UINT32 Policy;
- UINT8 *SecureBoot;
- PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
- UINT32 NumberOfRvaAndSizes;
- WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
- WIN_CERTIFICATE_UEFI_GUID *WinCertUefiGuid;
- UINT8 *AuthData;
- UINTN AuthDataSize;
- EFI_IMAGE_DATA_DIRECTORY *SecDataDir;
- UINT32 SecDataDirEnd;
- UINT32 SecDataDirLeft;
- UINT32 OffSet;
- CHAR16 *NameStr;
- RETURN_STATUS PeCoffStatus;
- EFI_STATUS HashStatus;
- EFI_STATUS DbStatus;
- BOOLEAN IsFound;
+ EFI_IMAGE_DOS_HEADER *DosHdr;
+ BOOLEAN IsVerified;
+ EFI_SIGNATURE_LIST *SignatureList;
+ UINTN SignatureListSize;
+ EFI_SIGNATURE_DATA *Signature;
+ EFI_IMAGE_EXECUTION_ACTION Action;
+ WIN_CERTIFICATE *WinCertificate;
+ UINT32 Policy;
+ UINT8 *SecureBoot;
+ PE_COFF_LOADER_IMAGE_CONTEXT ImageContext;
+ UINT32 NumberOfRvaAndSizes;
+ WIN_CERTIFICATE_EFI_PKCS *PkcsCertData;
+ WIN_CERTIFICATE_UEFI_GUID *WinCertUefiGuid;
+ UINT8 *AuthData;
+ UINTN AuthDataSize;
+ EFI_IMAGE_DATA_DIRECTORY *SecDataDir;
+ UINT32 SecDataDirEnd;
+ UINT32 SecDataDirLeft;
+ UINT32 OffSet;
+ CHAR16 *NameStr;
+ RETURN_STATUS PeCoffStatus;
+ EFI_STATUS HashStatus;
+ EFI_STATUS DbStatus;
+ BOOLEAN IsFound;
SignatureList = NULL;
SignatureListSize = 0;
@@ -1680,33 +1701,34 @@ DxeImageVerificationHandler ( // Check the image type and get policy setting.
//
switch (GetImageType (File)) {
+ case IMAGE_FROM_FV:
+ Policy = ALWAYS_EXECUTE;
+ break;
- case IMAGE_FROM_FV:
- Policy = ALWAYS_EXECUTE;
- break;
-
- case IMAGE_FROM_OPTION_ROM:
- Policy = PcdGet32 (PcdOptionRomImageVerificationPolicy);
- break;
+ case IMAGE_FROM_OPTION_ROM:
+ Policy = PcdGet32 (PcdOptionRomImageVerificationPolicy);
+ break;
- case IMAGE_FROM_REMOVABLE_MEDIA:
- Policy = PcdGet32 (PcdRemovableMediaImageVerificationPolicy);
- break;
+ case IMAGE_FROM_REMOVABLE_MEDIA:
+ Policy = PcdGet32 (PcdRemovableMediaImageVerificationPolicy);
+ break;
- case IMAGE_FROM_FIXED_MEDIA:
- Policy = PcdGet32 (PcdFixedMediaImageVerificationPolicy);
- break;
+ case IMAGE_FROM_FIXED_MEDIA:
+ Policy = PcdGet32 (PcdFixedMediaImageVerificationPolicy);
+ break;
- default:
- Policy = DENY_EXECUTE_ON_SECURITY_VIOLATION;
- break;
+ default:
+ Policy = DENY_EXECUTE_ON_SECURITY_VIOLATION;
+ break;
}
+
//
// If policy is always/never execute, return directly.
//
if (Policy == ALWAYS_EXECUTE) {
return EFI_SUCCESS;
}
+
if (Policy == NEVER_EXECUTE) {
return EFI_ACCESS_DENIED;
}
@@ -1716,11 +1738,11 @@ DxeImageVerificationHandler ( // violates the UEFI spec and has been removed.
//
ASSERT (Policy != QUERY_USER_ON_SECURITY_VIOLATION && Policy != ALLOW_EXECUTE_ON_SECURITY_VIOLATION);
- if (Policy == QUERY_USER_ON_SECURITY_VIOLATION || Policy == ALLOW_EXECUTE_ON_SECURITY_VIOLATION) {
+ if ((Policy == QUERY_USER_ON_SECURITY_VIOLATION) || (Policy == ALLOW_EXECUTE_ON_SECURITY_VIOLATION)) {
CpuDeadLoop ();
}
- GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID**)&SecureBoot, NULL);
+ GetEfiGlobalVariable2 (EFI_SECURE_BOOT_MODE_NAME, (VOID **)&SecureBoot, NULL);
//
// Skip verification if SecureBoot variable doesn't exist.
//
@@ -1735,6 +1757,7 @@ DxeImageVerificationHandler ( FreePool (SecureBoot);
return EFI_SUCCESS;
}
+
FreePool (SecureBoot);
//
@@ -1744,12 +1767,12 @@ DxeImageVerificationHandler ( return EFI_ACCESS_DENIED;
}
- mImageBase = (UINT8 *) FileBuffer;
- mImageSize = FileSize;
+ mImageBase = (UINT8 *)FileBuffer;
+ mImageSize = FileSize;
ZeroMem (&ImageContext, sizeof (ImageContext));
- ImageContext.Handle = (VOID *) FileBuffer;
- ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) DxeImageVerificationLibImageRead;
+ ImageContext.Handle = (VOID *)FileBuffer;
+ ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)DxeImageVerificationLibImageRead;
//
// Get information about the image being loaded
@@ -1763,7 +1786,7 @@ DxeImageVerificationHandler ( goto Failed;
}
- DosHdr = (EFI_IMAGE_DOS_HEADER *) mImageBase;
+ DosHdr = (EFI_IMAGE_DOS_HEADER *)mImageBase;
if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {
//
// DOS image header is present,
@@ -1773,10 +1796,11 @@ DxeImageVerificationHandler ( } else {
mPeCoffHeaderOffset = 0;
}
+
//
// Check PE/COFF image.
//
- mNtHeader.Pe32 = (EFI_IMAGE_NT_HEADERS32 *) (mImageBase + mPeCoffHeaderOffset);
+ mNtHeader.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)(mImageBase + mPeCoffHeaderOffset);
if (mNtHeader.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {
//
// It is not a valid Pe/Coff file.
@@ -1791,7 +1815,7 @@ DxeImageVerificationHandler ( //
NumberOfRvaAndSizes = mNtHeader.Pe32->OptionalHeader.NumberOfRvaAndSizes;
if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
- SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
+ SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *)&mNtHeader.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
}
} else {
//
@@ -1799,14 +1823,14 @@ DxeImageVerificationHandler ( //
NumberOfRvaAndSizes = mNtHeader.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
if (NumberOfRvaAndSizes > EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
- SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *) &mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
+ SecDataDir = (EFI_IMAGE_DATA_DIRECTORY *)&mNtHeader.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY];
}
}
//
// Start Image Validation.
//
- if (SecDataDir == NULL || SecDataDir->Size == 0) {
+ if ((SecDataDir == NULL) || (SecDataDir->Size == 0)) {
//
// This image is not signed. The SHA256 hash value of the image must match a record in the security database "db",
// and not be reflected in the security data base "dbx".
@@ -1860,15 +1884,18 @@ DxeImageVerificationHandler ( SecDataDirEnd = SecDataDir->VirtualAddress + SecDataDir->Size;
for (OffSet = SecDataDir->VirtualAddress;
OffSet < SecDataDirEnd;
- OffSet += (WinCertificate->dwLength + ALIGN_SIZE (WinCertificate->dwLength))) {
+ OffSet += (WinCertificate->dwLength + ALIGN_SIZE (WinCertificate->dwLength)))
+ {
SecDataDirLeft = SecDataDirEnd - OffSet;
if (SecDataDirLeft <= sizeof (WIN_CERTIFICATE)) {
break;
}
- WinCertificate = (WIN_CERTIFICATE *) (mImageBase + OffSet);
- if (SecDataDirLeft < WinCertificate->dwLength ||
+
+ WinCertificate = (WIN_CERTIFICATE *)(mImageBase + OffSet);
+ if ((SecDataDirLeft < WinCertificate->dwLength) ||
(SecDataDirLeft - WinCertificate->dwLength <
- ALIGN_SIZE (WinCertificate->dwLength))) {
+ ALIGN_SIZE (WinCertificate->dwLength)))
+ {
break;
}
@@ -1880,29 +1907,33 @@ DxeImageVerificationHandler ( // The certificate is formatted as WIN_CERTIFICATE_EFI_PKCS which is described in the
// Authenticode specification.
//
- PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *) WinCertificate;
+ PkcsCertData = (WIN_CERTIFICATE_EFI_PKCS *)WinCertificate;
if (PkcsCertData->Hdr.dwLength <= sizeof (PkcsCertData->Hdr)) {
break;
}
- AuthData = PkcsCertData->CertData;
- AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof(PkcsCertData->Hdr);
+
+ AuthData = PkcsCertData->CertData;
+ AuthDataSize = PkcsCertData->Hdr.dwLength - sizeof (PkcsCertData->Hdr);
} else if (WinCertificate->wCertificateType == WIN_CERT_TYPE_EFI_GUID) {
//
// The certificate is formatted as WIN_CERTIFICATE_UEFI_GUID which is described in UEFI Spec.
//
- WinCertUefiGuid = (WIN_CERTIFICATE_UEFI_GUID *) WinCertificate;
- if (WinCertUefiGuid->Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)) {
+ WinCertUefiGuid = (WIN_CERTIFICATE_UEFI_GUID *)WinCertificate;
+ if (WinCertUefiGuid->Hdr.dwLength <= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
break;
}
+
if (!CompareGuid (&WinCertUefiGuid->CertType, &gEfiCertPkcs7Guid)) {
continue;
}
- AuthData = WinCertUefiGuid->CertData;
- AuthDataSize = WinCertUefiGuid->Hdr.dwLength - OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData);
+
+ AuthData = WinCertUefiGuid->CertData;
+ AuthDataSize = WinCertUefiGuid->Hdr.dwLength - OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
} else {
if (WinCertificate->dwLength < sizeof (WIN_CERTIFICATE)) {
break;
}
+
continue;
}
@@ -1915,7 +1946,7 @@ DxeImageVerificationHandler ( // Check the digital signature against the revoked certificate in forbidden database (dbx).
//
if (IsForbiddenByDbx (AuthData, AuthDataSize)) {
- Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED;
+ Action = EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED;
IsVerified = FALSE;
break;
}
@@ -1972,21 +2003,23 @@ DxeImageVerificationHandler ( if (IsVerified) {
return EFI_SUCCESS;
}
- if (Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED || Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND) {
+
+ if ((Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FAILED) || (Action == EFI_IMAGE_EXECUTION_AUTH_SIG_FOUND)) {
//
// Get image hash value as signature of executable.
//
SignatureListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize;
- SignatureList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SignatureListSize);
+ SignatureList = (EFI_SIGNATURE_LIST *)AllocateZeroPool (SignatureListSize);
if (SignatureList == NULL) {
SignatureListSize = 0;
goto Failed;
}
- SignatureList->SignatureHeaderSize = 0;
- SignatureList->SignatureListSize = (UINT32) SignatureListSize;
- SignatureList->SignatureSize = (UINT32) (sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize);
+
+ SignatureList->SignatureHeaderSize = 0;
+ SignatureList->SignatureListSize = (UINT32)SignatureListSize;
+ SignatureList->SignatureSize = (UINT32)(sizeof (EFI_SIGNATURE_DATA) - 1 + mImageDigestSize);
CopyMem (&SignatureList->SignatureType, &mCertType, sizeof (EFI_GUID));
- Signature = (EFI_SIGNATURE_DATA *) ((UINT8 *) SignatureList + sizeof (EFI_SIGNATURE_LIST));
+ Signature = (EFI_SIGNATURE_DATA *)((UINT8 *)SignatureList + sizeof (EFI_SIGNATURE_LIST));
CopyMem (Signature->SignatureData, mImageDigest, mImageDigestSize);
}
@@ -1999,7 +2032,7 @@ Failed: AddImageExeInfo (Action, NameStr, File, SignatureList, SignatureListSize);
if (NameStr != NULL) {
DEBUG ((DEBUG_INFO, "The image doesn't pass verification: %s\n", NameStr));
- FreePool(NameStr);
+ FreePool (NameStr);
}
if (SignatureList != NULL) {
@@ -2009,6 +2042,7 @@ Failed: if (Policy == DEFER_EXECUTE_ON_SECURITY_VIOLATION) {
return EFI_SECURITY_VIOLATION;
}
+
return EFI_ACCESS_DENIED;
}
@@ -2024,27 +2058,26 @@ Failed: VOID
EFIAPI
OnReadyToBoot (
- IN EFI_EVENT Event,
- IN VOID *Context
+ IN EFI_EVENT Event,
+ IN VOID *Context
)
{
EFI_IMAGE_EXECUTION_INFO_TABLE *ImageExeInfoTable;
UINTN ImageExeInfoTableSize;
- EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **) &ImageExeInfoTable);
+ EfiGetSystemConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID **)&ImageExeInfoTable);
if (ImageExeInfoTable != NULL) {
return;
}
ImageExeInfoTableSize = sizeof (EFI_IMAGE_EXECUTION_INFO_TABLE);
- ImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *) AllocateRuntimePool (ImageExeInfoTableSize);
+ ImageExeInfoTable = (EFI_IMAGE_EXECUTION_INFO_TABLE *)AllocateRuntimePool (ImageExeInfoTableSize);
if (ImageExeInfoTable == NULL) {
- return ;
+ return;
}
ImageExeInfoTable->NumberOfImages = 0;
- gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *) ImageExeInfoTable);
-
+ gBS->InstallConfigurationTable (&gEfiImageSecurityDatabaseGuid, (VOID *)ImageExeInfoTable);
}
/**
@@ -2062,7 +2095,7 @@ DxeImageVerificationLibConstructor ( IN EFI_SYSTEM_TABLE *SystemTable
)
{
- EFI_EVENT Event;
+ EFI_EVENT Event;
//
// Register the event to publish the image execution table.
@@ -2075,7 +2108,7 @@ DxeImageVerificationLibConstructor ( );
return RegisterSecurity2Handler (
- DxeImageVerificationHandler,
- EFI_AUTH_OPERATION_VERIFY_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
- );
+ DxeImageVerificationHandler,
+ EFI_AUTH_OPERATION_VERIFY_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
+ );
}
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h index 17955ff977..53fe34358c 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h +++ b/SecurityPkg/Library/DxeImageVerificationLib/DxeImageVerificationLib.h @@ -32,57 +32,56 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Guid/AuthenticatedVariableFormat.h>
#include <IndustryStandard/PeImage.h>
-#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
-#define EFI_CERT_TYPE_RSA2048_SIZE 256
-#define MAX_NOTIFY_STRING_LEN 64
-#define TWO_BYTE_ENCODE 0x82
+#define EFI_CERT_TYPE_RSA2048_SHA256_SIZE 256
+#define EFI_CERT_TYPE_RSA2048_SIZE 256
+#define MAX_NOTIFY_STRING_LEN 64
+#define TWO_BYTE_ENCODE 0x82
-#define ALIGNMENT_SIZE 8
-#define ALIGN_SIZE(a) (((a) % ALIGNMENT_SIZE) ? ALIGNMENT_SIZE - ((a) % ALIGNMENT_SIZE) : 0)
+#define ALIGNMENT_SIZE 8
+#define ALIGN_SIZE(a) (((a) % ALIGNMENT_SIZE) ? ALIGNMENT_SIZE - ((a) % ALIGNMENT_SIZE) : 0)
//
// Image type definitions
//
-#define IMAGE_UNKNOWN 0x00000000
-#define IMAGE_FROM_FV 0x00000001
-#define IMAGE_FROM_OPTION_ROM 0x00000002
-#define IMAGE_FROM_REMOVABLE_MEDIA 0x00000003
-#define IMAGE_FROM_FIXED_MEDIA 0x00000004
+#define IMAGE_UNKNOWN 0x00000000
+#define IMAGE_FROM_FV 0x00000001
+#define IMAGE_FROM_OPTION_ROM 0x00000002
+#define IMAGE_FROM_REMOVABLE_MEDIA 0x00000003
+#define IMAGE_FROM_FIXED_MEDIA 0x00000004
//
// Authorization policy bit definition
//
-#define ALWAYS_EXECUTE 0x00000000
-#define NEVER_EXECUTE 0x00000001
-#define ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002
-#define DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
-#define DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
-#define QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
+#define ALWAYS_EXECUTE 0x00000000
+#define NEVER_EXECUTE 0x00000001
+#define ALLOW_EXECUTE_ON_SECURITY_VIOLATION 0x00000002
+#define DEFER_EXECUTE_ON_SECURITY_VIOLATION 0x00000003
+#define DENY_EXECUTE_ON_SECURITY_VIOLATION 0x00000004
+#define QUERY_USER_ON_SECURITY_VIOLATION 0x00000005
//
// Support hash types
//
-#define HASHALG_SHA1 0x00000000
-#define HASHALG_SHA224 0x00000001
-#define HASHALG_SHA256 0x00000002
-#define HASHALG_SHA384 0x00000003
-#define HASHALG_SHA512 0x00000004
-#define HASHALG_MAX 0x00000005
+#define HASHALG_SHA1 0x00000000
+#define HASHALG_SHA224 0x00000001
+#define HASHALG_SHA256 0x00000002
+#define HASHALG_SHA384 0x00000003
+#define HASHALG_SHA512 0x00000004
+#define HASHALG_MAX 0x00000005
//
// Set max digest size as SHA512 Output (64 bytes) by far
//
-#define MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
+#define MAX_DIGEST_SIZE SHA512_DIGEST_SIZE
//
//
// PKCS7 Certificate definition
//
typedef struct {
- WIN_CERTIFICATE Hdr;
- UINT8 CertData[1];
+ WIN_CERTIFICATE Hdr;
+ UINT8 CertData[1];
} WIN_CERTIFICATE_EFI_PKCS;
-
/**
Retrieves the size, in bytes, of the context buffer required for hash operations.
@@ -113,7 +112,6 @@ BOOLEAN IN OUT VOID *HashContext
);
-
/**
Performs digest on a data buffer of the specified length. This function can
be called multiple times to compute the digest of long or discontinuous data streams.
@@ -159,7 +157,6 @@ BOOLEAN OUT UINT8 *HashValue
);
-
//
// Hash Algorithm Table
//
diff --git a/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c b/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c index 351107785d..805b1d7872 100644 --- a/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c +++ b/SecurityPkg/Library/DxeImageVerificationLib/Measurement.c @@ -19,15 +19,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/TpmMeasurementLib.h>
typedef struct {
- CHAR16 *VariableName;
- EFI_GUID *VendorGuid;
+ CHAR16 *VariableName;
+ EFI_GUID *VendorGuid;
} VARIABLE_TYPE;
typedef struct {
- CHAR16 *VariableName;
- EFI_GUID *VendorGuid;
- VOID *Data;
- UINTN Size;
+ CHAR16 *VariableName;
+ EFI_GUID *VendorGuid;
+ VOID *Data;
+ UINTN Size;
} VARIABLE_RECORD;
#define MEASURED_AUTHORITY_COUNT_MAX 0x100
@@ -37,7 +37,7 @@ UINTN mMeasuredAuthorityCountMax = 0; VARIABLE_RECORD *mMeasuredAuthorityList = NULL;
VARIABLE_TYPE mVariableType[] = {
- {EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid},
+ { EFI_IMAGE_SECURITY_DATABASE, &gEfiImageSecurityDatabaseGuid },
};
/**
@@ -49,12 +49,12 @@ VARIABLE_TYPE mVariableType[] = { **/
CHAR16 *
AssignVarName (
- IN CHAR16 *VarName
+ IN CHAR16 *VarName
)
{
UINTN Index;
- for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
+ for (Index = 0; Index < sizeof (mVariableType)/sizeof (mVariableType[0]); Index++) {
if (StrCmp (VarName, mVariableType[Index].VariableName) == 0) {
return mVariableType[Index].VariableName;
}
@@ -72,12 +72,12 @@ AssignVarName ( **/
EFI_GUID *
AssignVendorGuid (
- IN EFI_GUID *VendorGuid
+ IN EFI_GUID *VendorGuid
)
{
UINTN Index;
- for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
+ for (Index = 0; Index < sizeof (mVariableType)/sizeof (mVariableType[0]); Index++) {
if (CompareGuid (VendorGuid, mVariableType[Index].VendorGuid)) {
return mVariableType[Index].VendorGuid;
}
@@ -99,10 +99,10 @@ AssignVendorGuid ( **/
EFI_STATUS
AddDataMeasured (
- IN CHAR16 *VarName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN Size
+ IN CHAR16 *VarName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN Size
)
{
VARIABLE_RECORD *NewMeasuredAuthorityList;
@@ -112,15 +112,17 @@ AddDataMeasured ( //
// Need enlarge
//
- NewMeasuredAuthorityList = AllocateZeroPool (sizeof(VARIABLE_RECORD) * (mMeasuredAuthorityCountMax + MEASURED_AUTHORITY_COUNT_MAX));
+ NewMeasuredAuthorityList = AllocateZeroPool (sizeof (VARIABLE_RECORD) * (mMeasuredAuthorityCountMax + MEASURED_AUTHORITY_COUNT_MAX));
if (NewMeasuredAuthorityList == NULL) {
return EFI_OUT_OF_RESOURCES;
}
+
if (mMeasuredAuthorityList != NULL) {
- CopyMem (NewMeasuredAuthorityList, mMeasuredAuthorityList, sizeof(VARIABLE_RECORD) * mMeasuredAuthorityCount);
+ CopyMem (NewMeasuredAuthorityList, mMeasuredAuthorityList, sizeof (VARIABLE_RECORD) * mMeasuredAuthorityCount);
FreePool (mMeasuredAuthorityList);
}
- mMeasuredAuthorityList = NewMeasuredAuthorityList;
+
+ mMeasuredAuthorityList = NewMeasuredAuthorityList;
mMeasuredAuthorityCountMax += MEASURED_AUTHORITY_COUNT_MAX;
}
@@ -134,6 +136,7 @@ AddDataMeasured ( if (mMeasuredAuthorityList[mMeasuredAuthorityCount].Data == NULL) {
return EFI_OUT_OF_RESOURCES;
}
+
CopyMem (mMeasuredAuthorityList[mMeasuredAuthorityCount].Data, Data, Size);
mMeasuredAuthorityCount++;
@@ -153,10 +156,10 @@ AddDataMeasured ( **/
BOOLEAN
IsDataMeasured (
- IN CHAR16 *VarName,
- IN EFI_GUID *VendorGuid,
- IN VOID *Data,
- IN UINTN Size
+ IN CHAR16 *VarName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *Data,
+ IN UINTN Size
)
{
UINTN Index;
@@ -165,7 +168,8 @@ IsDataMeasured ( if ((StrCmp (VarName, mMeasuredAuthorityList[Index].VariableName) == 0) &&
(CompareGuid (VendorGuid, mMeasuredAuthorityList[Index].VendorGuid)) &&
(CompareMem (Data, mMeasuredAuthorityList[Index].Data, Size) == 0) &&
- (Size == mMeasuredAuthorityList[Index].Size)) {
+ (Size == mMeasuredAuthorityList[Index].Size))
+ {
return TRUE;
}
}
@@ -184,18 +188,20 @@ IsDataMeasured ( **/
BOOLEAN
IsSecureAuthorityVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
)
{
- UINTN Index;
+ UINTN Index;
- for (Index = 0; Index < sizeof(mVariableType)/sizeof(mVariableType[0]); Index++) {
+ for (Index = 0; Index < sizeof (mVariableType)/sizeof (mVariableType[0]); Index++) {
if ((StrCmp (VariableName, mVariableType[Index].VariableName) == 0) &&
- (CompareGuid (VendorGuid, mVariableType[Index].VendorGuid))) {
+ (CompareGuid (VendorGuid, mVariableType[Index].VendorGuid)))
+ {
return TRUE;
}
}
+
return FALSE;
}
@@ -215,43 +221,43 @@ IsSecureAuthorityVariable ( EFI_STATUS
EFIAPI
MeasureVariable (
- IN CHAR16 *VarName,
- IN EFI_GUID *VendorGuid,
- IN VOID *VarData,
- IN UINTN VarSize
+ IN CHAR16 *VarName,
+ IN EFI_GUID *VendorGuid,
+ IN VOID *VarData,
+ IN UINTN VarSize
)
{
- EFI_STATUS Status;
- UINTN VarNameLength;
- UEFI_VARIABLE_DATA *VarLog;
- UINT32 VarLogSize;
+ EFI_STATUS Status;
+ UINTN VarNameLength;
+ UEFI_VARIABLE_DATA *VarLog;
+ UINT32 VarLogSize;
//
// The UEFI_VARIABLE_DATA.VariableData value shall be the EFI_SIGNATURE_DATA value
// from the EFI_SIGNATURE_LIST that contained the authority that was used to validate the image
//
- VarNameLength = StrLen (VarName);
- VarLogSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
- - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
+ VarNameLength = StrLen (VarName);
+ VarLogSize = (UINT32)(sizeof (*VarLog) + VarNameLength * sizeof (*VarName) + VarSize
+ - sizeof (VarLog->UnicodeName) - sizeof (VarLog->VariableData));
- VarLog = (UEFI_VARIABLE_DATA *) AllocateZeroPool (VarLogSize);
+ VarLog = (UEFI_VARIABLE_DATA *)AllocateZeroPool (VarLogSize);
if (VarLog == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- CopyMem (&VarLog->VariableName, VendorGuid, sizeof(VarLog->VariableName));
+ CopyMem (&VarLog->VariableName, VendorGuid, sizeof (VarLog->VariableName));
VarLog->UnicodeNameLength = VarNameLength;
VarLog->VariableDataLength = VarSize;
CopyMem (
- VarLog->UnicodeName,
- VarName,
- VarNameLength * sizeof (*VarName)
- );
+ VarLog->UnicodeName,
+ VarName,
+ VarNameLength * sizeof (*VarName)
+ );
CopyMem (
- (CHAR16 *)VarLog->UnicodeName + VarNameLength,
- VarData,
- VarSize
- );
+ (CHAR16 *)VarLog->UnicodeName + VarNameLength,
+ VarData,
+ VarSize
+ );
DEBUG ((DEBUG_INFO, "DxeImageVerification: MeasureVariable (Pcr - %x, EventType - %x, ", (UINTN)7, (UINTN)EV_EFI_VARIABLE_AUTHORITY));
DEBUG ((DEBUG_INFO, "VariableName - %s, VendorGuid - %g)\n", VarName, VendorGuid));
@@ -282,21 +288,21 @@ MeasureVariable ( VOID
EFIAPI
SecureBootHook (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid,
- IN UINTN DataSize,
- IN VOID *Data
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid,
+ IN UINTN DataSize,
+ IN VOID *Data
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (!IsSecureAuthorityVariable (VariableName, VendorGuid)) {
- return ;
+ return;
}
if (IsDataMeasured (VariableName, VendorGuid, Data, DataSize)) {
DEBUG ((DEBUG_ERROR, "MeasureSecureAuthorityVariable - IsDataMeasured\n"));
- return ;
+ return;
}
Status = MeasureVariable (
@@ -311,5 +317,5 @@ SecureBootHook ( AddDataMeasured (VariableName, VendorGuid, Data, DataSize);
}
- return ;
+ return;
}
diff --git a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c index 5124b884c9..ad95fc1ffd 100644 --- a/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/DxeRsa2048Sha256GuidedSectionExtractLib/DxeRsa2048Sha256GuidedSectionExtractLib.c @@ -27,19 +27,19 @@ SPDX-License-Identifier: BSD-2-Clause-Patent /// RSA 2048 SHA 256 Guided Section header
///
typedef struct {
- EFI_GUID_DEFINED_SECTION GuidedSectionHeader; ///< EFI guided section header
- EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
+ EFI_GUID_DEFINED_SECTION GuidedSectionHeader; ///< EFI guided section header
+ EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
} RSA_2048_SHA_256_SECTION_HEADER;
typedef struct {
- EFI_GUID_DEFINED_SECTION2 GuidedSectionHeader; ///< EFI guided section header
- EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
+ EFI_GUID_DEFINED_SECTION2 GuidedSectionHeader; ///< EFI guided section header
+ EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
} RSA_2048_SHA_256_SECTION2_HEADER;
///
/// Public Exponent of RSA Key.
///
-CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
+CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
/**
@@ -71,31 +71,37 @@ Rsa2048Sha256GuidedSectionGetInfo ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION2 *) InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
+
//
// Retrieve the size and attribute of the input section data.
//
- *SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
+ *SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *)InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION2_HEADER);
+ *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
} else {
//
// Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION *) InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
+
//
// Retrieve the size and attribute of the input section data.
//
- *SectionAttribute = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
+ *SectionAttribute = ((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION_HEADER);
+ *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION_HEADER);
}
return EFI_SUCCESS;
@@ -146,15 +152,17 @@ Rsa2048Sha256GuidedSectionHandler ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
//
// Get the RSA 2048 SHA 256 information.
//
- CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *) InputSection)->CertBlockRsa2048Sha256;
+ CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *)InputSection)->CertBlockRsa2048Sha256;
OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
PERF_INMODULE_BEGIN ("DxeRsaCopy");
@@ -174,8 +182,10 @@ Rsa2048Sha256GuidedSectionHandler ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
@@ -195,7 +205,7 @@ Rsa2048Sha256GuidedSectionHandler ( //
// Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
//
- ASSERT ((((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
+ ASSERT ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
*AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
}
@@ -246,13 +256,15 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+
+ CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: Sha256Update() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: Sha256Final() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -275,9 +287,11 @@ Rsa2048Sha256GuidedSectionHandler ( CryptoStatus = TRUE;
break;
}
- PublicKey = PublicKey + SHA256_DIGEST_SIZE;
+
+ PublicKey = PublicKey + SHA256_DIGEST_SIZE;
PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
}
+
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: Public key in section is not supported\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -298,12 +312,13 @@ Rsa2048Sha256GuidedSectionHandler ( // Set RSA Key Components.
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
//
- CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+ CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
+
CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
@@ -321,6 +336,7 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
+
PERF_INMODULE_BEGIN ("DxeRsaShaData");
CryptoStatus = Sha256Update (HashContext, *OutputBuffer, OutputBufferSize);
PERF_INMODULE_END ("DxeRsaShaData");
@@ -329,7 +345,8 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "DxeRsa2048Sha256: Sha256Final() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -363,6 +380,7 @@ Done: if (Rsa != NULL) {
RsaFree (Rsa);
}
+
if (HashContext != NULL) {
FreePool (HashContext);
}
diff --git a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c index d92658f80d..de4f5e583d 100644 --- a/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcg2PhysicalPresenceLib/DxeTcg2PhysicalPresenceLib.c @@ -32,9 +32,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/Tcg2PhysicalPresenceLib.h>
#include <Library/Tcg2PpVendorLib.h>
-#define CONFIRM_BUFFER_SIZE 4096
+#define CONFIRM_BUFFER_SIZE 4096
-EFI_HII_HANDLE mTcg2PpStringPackHandle;
+EFI_HII_HANDLE mTcg2PpStringPackHandle;
/**
Get string by string id from HII Interface.
@@ -47,7 +47,7 @@ EFI_HII_HANDLE mTcg2PpStringPackHandle; **/
CHAR16 *
Tcg2PhysicalPresenceGetStringById (
- IN EFI_STRING_ID Id
+ IN EFI_STRING_ID Id
)
{
return HiiGetString (mTcg2PpStringPackHandle, Id, NULL);
@@ -67,20 +67,20 @@ Tcg2PhysicalPresenceGetStringById ( EFI_STATUS
EFIAPI
Tpm2CommandClear (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL
)
{
- EFI_STATUS Status;
- TPMS_AUTH_COMMAND *AuthSession;
- TPMS_AUTH_COMMAND LocalAuthSession;
+ EFI_STATUS Status;
+ TPMS_AUTH_COMMAND *AuthSession;
+ TPMS_AUTH_COMMAND LocalAuthSession;
if (PlatformAuth == NULL) {
AuthSession = NULL;
} else {
AuthSession = &LocalAuthSession;
- ZeroMem (&LocalAuthSession, sizeof(LocalAuthSession));
+ ZeroMem (&LocalAuthSession, sizeof (LocalAuthSession));
LocalAuthSession.sessionHandle = TPM_RS_PW;
- LocalAuthSession.hmac.size = PlatformAuth->size;
+ LocalAuthSession.hmac.size = PlatformAuth->size;
CopyMem (LocalAuthSession.hmac.buffer, PlatformAuth->buffer, PlatformAuth->size);
}
@@ -90,12 +90,13 @@ Tpm2CommandClear ( if (EFI_ERROR (Status)) {
goto Done;
}
+
DEBUG ((DEBUG_INFO, "Tpm2Clear ... \n"));
Status = Tpm2Clear (TPM_RH_PLATFORM, AuthSession);
DEBUG ((DEBUG_INFO, "Tpm2Clear - %r\n", Status));
Done:
- ZeroMem (&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
+ ZeroMem (&LocalAuthSession.hmac, sizeof (LocalAuthSession.hmac));
return Status;
}
@@ -108,27 +109,27 @@ Done: **/
EFI_STATUS
Tpm2CommandChangeEps (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL
)
{
- EFI_STATUS Status;
- TPMS_AUTH_COMMAND *AuthSession;
- TPMS_AUTH_COMMAND LocalAuthSession;
+ EFI_STATUS Status;
+ TPMS_AUTH_COMMAND *AuthSession;
+ TPMS_AUTH_COMMAND LocalAuthSession;
if (PlatformAuth == NULL) {
AuthSession = NULL;
} else {
AuthSession = &LocalAuthSession;
- ZeroMem (&LocalAuthSession, sizeof(LocalAuthSession));
+ ZeroMem (&LocalAuthSession, sizeof (LocalAuthSession));
LocalAuthSession.sessionHandle = TPM_RS_PW;
- LocalAuthSession.hmac.size = PlatformAuth->size;
+ LocalAuthSession.hmac.size = PlatformAuth->size;
CopyMem (LocalAuthSession.hmac.buffer, PlatformAuth->buffer, PlatformAuth->size);
}
Status = Tpm2ChangeEPS (TPM_RH_PLATFORM, AuthSession);
DEBUG ((DEBUG_INFO, "Tpm2ChangeEPS - %r\n", Status));
- ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
+ ZeroMem (&LocalAuthSession.hmac, sizeof (LocalAuthSession.hmac));
return Status;
}
@@ -147,15 +148,15 @@ Tpm2CommandChangeEps ( **/
UINT32
Tcg2ExecutePhysicalPresence (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL,
- IN UINT32 CommandCode,
- IN UINT32 CommandParameter,
- IN OUT EFI_TCG2_PHYSICAL_PRESENCE_FLAGS *PpiFlags
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL,
+ IN UINT32 CommandCode,
+ IN UINT32 CommandParameter,
+ IN OUT EFI_TCG2_PHYSICAL_PRESENCE_FLAGS *PpiFlags
)
{
- EFI_STATUS Status;
- EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;
- UINT32 ActivePcrBanks;
+ EFI_STATUS Status;
+ EFI_TCG2_EVENT_ALGORITHM_BITMAP TpmHashAlgorithmBitmap;
+ UINT32 ActivePcrBanks;
switch (CommandCode) {
case TCG2_PHYSICAL_PRESENCE_CLEAR:
@@ -187,8 +188,8 @@ Tcg2ExecutePhysicalPresence ( // Firmware has to ensure that at least one PCR banks is active.
// If not, an error is returned and no action is taken.
//
- if (CommandParameter == 0 || (CommandParameter & (~TpmHashAlgorithmBitmap)) != 0) {
- DEBUG((DEBUG_ERROR, "PCR banks %x to allocate are not supported by TPM. Skip operation\n", CommandParameter));
+ if ((CommandParameter == 0) || ((CommandParameter & (~TpmHashAlgorithmBitmap)) != 0)) {
+ DEBUG ((DEBUG_ERROR, "PCR banks %x to allocate are not supported by TPM. Skip operation\n", CommandParameter));
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
@@ -250,7 +251,6 @@ Tcg2ExecutePhysicalPresence ( }
}
-
/**
Read the specified key for user confirmation.
@@ -262,12 +262,12 @@ Tcg2ExecutePhysicalPresence ( **/
BOOLEAN
Tcg2ReadUserKey (
- IN BOOLEAN CautionKey
+ IN BOOLEAN CautionKey
)
{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- UINT16 InputKey;
+ EFI_STATUS Status;
+ EFI_INPUT_KEY Key;
+ UINT16 InputKey;
InputKey = 0;
do {
@@ -277,9 +277,11 @@ Tcg2ReadUserKey ( if (Key.ScanCode == SCAN_ESC) {
InputKey = Key.ScanCode;
}
+
if ((Key.ScanCode == SCAN_F10) && !CautionKey) {
InputKey = Key.ScanCode;
}
+
if ((Key.ScanCode == SCAN_F12) && CautionKey) {
InputKey = Key.ScanCode;
}
@@ -313,30 +315,39 @@ Tcg2FillBufferWithBootHashAlg ( if (Buffer[0] != 0) {
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L"SHA1", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA256) != 0) {
if (Buffer[0] != 0) {
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L"SHA256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA384) != 0) {
if (Buffer[0] != 0) {
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L"SHA384", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SHA512) != 0) {
if (Buffer[0] != 0) {
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L"SHA512", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
if ((BootHashAlg & EFI_TCG2_BOOT_HASH_ALG_SM3_256) != 0) {
if (Buffer[0] != 0) {
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L", ", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
+
StrnCatS (Buffer, BufferSize / sizeof (CHAR16), L"SM3_256", (BufferSize / sizeof (CHAR16)) - StrLen (Buffer) - 1);
}
}
@@ -352,8 +363,8 @@ Tcg2FillBufferWithBootHashAlg ( **/
BOOLEAN
Tcg2UserConfirm (
- IN UINT32 TpmPpCommand,
- IN UINT32 TpmPpCommandParameter
+ IN UINT32 TpmPpCommand,
+ IN UINT32 TpmPpCommandParameter
)
{
CHAR16 *ConfirmText;
@@ -382,13 +393,12 @@ Tcg2UserConfirm ( ASSERT (mTcg2PpStringPackHandle != NULL);
switch (TpmPpCommand) {
-
case TCG2_PHYSICAL_PRESENCE_CLEAR:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR_2:
case TCG2_PHYSICAL_PRESENCE_ENABLE_CLEAR_3:
CautionKey = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -404,7 +414,7 @@ Tcg2UserConfirm ( case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CLEAR_FALSE:
CautionKey = TRUE;
NoPpiInfo = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -422,14 +432,14 @@ Tcg2UserConfirm ( break;
case TCG2_PHYSICAL_PRESENCE_SET_PCR_BANKS:
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&Tcg2Protocol);
ASSERT_EFI_ERROR (Status);
- ProtocolCapability.Size = sizeof(ProtocolCapability);
- Status = Tcg2Protocol->GetCapability (
- Tcg2Protocol,
- &ProtocolCapability
- );
+ ProtocolCapability.Size = sizeof (ProtocolCapability);
+ Status = Tcg2Protocol->GetCapability (
+ Tcg2Protocol,
+ &ProtocolCapability
+ );
ASSERT_EFI_ERROR (Status);
Status = Tcg2Protocol->GetActivePcrBanks (
@@ -439,7 +449,7 @@ Tcg2UserConfirm ( ASSERT_EFI_ERROR (Status);
CautionKey = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_SET_PCR_BANKS));
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_SET_PCR_BANKS));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -453,8 +463,8 @@ Tcg2UserConfirm ( StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
- Tcg2FillBufferWithBootHashAlg (TempBuffer, sizeof(TempBuffer), TpmPpCommandParameter);
- Tcg2FillBufferWithBootHashAlg (TempBuffer2, sizeof(TempBuffer2), CurrentPCRBanks);
+ Tcg2FillBufferWithBootHashAlg (TempBuffer, sizeof (TempBuffer), TpmPpCommandParameter);
+ Tcg2FillBufferWithBootHashAlg (TempBuffer2, sizeof (TempBuffer2), CurrentPCRBanks);
TmpStr1 = AllocateZeroPool (BufSize);
ASSERT (TmpStr1 != NULL);
@@ -468,7 +478,7 @@ Tcg2UserConfirm ( case TCG2_PHYSICAL_PRESENCE_CHANGE_EPS:
CautionKey = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CHANGE_EPS));
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CHANGE_EPS));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -501,8 +511,8 @@ Tcg2UserConfirm ( break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_FALSE:
- NoPpiInfo = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PP_ENABLE_BLOCK_SID));
+ NoPpiInfo = TRUE;
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PP_ENABLE_BLOCK_SID));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -510,8 +520,8 @@ Tcg2UserConfirm ( break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_DISABLE_BLOCK_SID_FUNC_FALSE:
- NoPpiInfo = TRUE;
- TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PP_DISABLE_BLOCK_SID));
+ NoPpiInfo = TRUE;
+ TmpStr2 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PP_DISABLE_BLOCK_SID));
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -533,6 +543,7 @@ Tcg2UserConfirm ( } else {
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
}
+
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
@@ -549,6 +560,7 @@ Tcg2UserConfirm ( } else {
TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_ACCEPT_KEY));
}
+
StrnCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen (ConfirmText) - 1);
FreePool (TmpStr1);
@@ -560,6 +572,7 @@ Tcg2UserConfirm ( TmpStr1 = Tcg2PhysicalPresenceGetStringById (STRING_TOKEN (TCG_STORAGE_REJECT_KEY));
}
+
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);
@@ -598,14 +611,14 @@ Tcg2UserConfirm ( **/
BOOLEAN
Tcg2HaveValidTpmRequest (
- IN EFI_TCG2_PHYSICAL_PRESENCE *TcgPpData,
- IN EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags,
- OUT BOOLEAN *RequestConfirmed
+ IN EFI_TCG2_PHYSICAL_PRESENCE *TcgPpData,
+ IN EFI_TCG2_PHYSICAL_PRESENCE_FLAGS Flags,
+ OUT BOOLEAN *RequestConfirmed
)
{
- EFI_TCG2_PROTOCOL *Tcg2Protocol;
- EFI_STATUS Status;
- BOOLEAN IsRequestValid;
+ EFI_TCG2_PROTOCOL *Tcg2Protocol;
+ EFI_STATUS Status;
+ BOOLEAN IsRequestValid;
*RequestConfirmed = FALSE;
@@ -613,7 +626,7 @@ Tcg2HaveValidTpmRequest ( //
// Need TCG2 protocol.
//
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&Tcg2Protocol);
if (EFI_ERROR (Status)) {
return FALSE;
}
@@ -631,6 +644,7 @@ Tcg2HaveValidTpmRequest ( if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR) == 0) {
*RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_CLEAR_TRUE:
@@ -644,12 +658,14 @@ Tcg2HaveValidTpmRequest ( if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS) == 0) {
*RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_CHANGE_EPS:
if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS) == 0) {
*RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
@@ -660,12 +676,14 @@ Tcg2HaveValidTpmRequest ( if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
*RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID:
if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
*RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE:
@@ -706,7 +724,6 @@ Tcg2HaveValidTpmRequest ( return TRUE;
}
-
/**
Check and execute the requested physical presence command.
@@ -720,9 +737,9 @@ Tcg2HaveValidTpmRequest ( **/
VOID
Tcg2ExecutePendingTpmRequest (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL,
- IN OUT EFI_TCG2_PHYSICAL_PRESENCE *TcgPpData,
- IN OUT EFI_TCG2_PHYSICAL_PRESENCE_FLAGS *Flags
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL,
+ IN OUT EFI_TCG2_PHYSICAL_PRESENCE *TcgPpData,
+ IN OUT EFI_TCG2_PHYSICAL_PRESENCE_FLAGS *Flags
)
{
EFI_STATUS Status;
@@ -739,7 +756,7 @@ Tcg2ExecutePendingTpmRequest ( return;
}
- if (!Tcg2HaveValidTpmRequest(TcgPpData, *Flags, &RequestConfirmed)) {
+ if (!Tcg2HaveValidTpmRequest (TcgPpData, *Flags, &RequestConfirmed)) {
//
// Invalid operation request.
//
@@ -748,27 +765,28 @@ Tcg2ExecutePendingTpmRequest ( } else {
TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
- TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
+
+ TcgPpData->LastPPRequest = TcgPpData->PPRequest;
+ TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
TcgPpData->PPRequestParameter = 0;
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
+ Status = gRT->SetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ TcgPpData
+ );
return;
}
ResetRequired = FALSE;
if (TcgPpData->PPRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- NewFlags = *Flags;
- NewPPFlags = NewFlags.PPFlags;
+ NewFlags = *Flags;
+ NewPPFlags = NewFlags.PPFlags;
TcgPpData->PPResponse = Tcg2PpVendorLibExecutePendingRequest (PlatformAuth, TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);
- NewFlags.PPFlags = NewPPFlags;
+ NewFlags.PPFlags = NewPPFlags;
} else {
if (!RequestConfirmed) {
//
@@ -781,7 +799,7 @@ Tcg2ExecutePendingTpmRequest ( // Execute requested physical presence command
//
TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_USER_ABORT;
- NewFlags = *Flags;
+ NewFlags = *Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = Tcg2ExecutePhysicalPresence (
PlatformAuth,
@@ -795,23 +813,23 @@ Tcg2ExecutePendingTpmRequest ( //
// Save the flags if it is updated.
//
- if (CompareMem (Flags, &NewFlags, sizeof(EFI_TCG2_PHYSICAL_PRESENCE_FLAGS)) != 0) {
+ if (CompareMem (Flags, &NewFlags, sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS)) != 0) {
*Flags = NewFlags;
- Status = gRT->SetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS),
- &NewFlags
- );
+ Status = gRT->SetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS),
+ &NewFlags
+ );
}
//
// Clear request
//
if ((NewFlags.PPFlags & TCG2_LIB_PP_FLAG_RESET_TRACK) == 0) {
- TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
+ TcgPpData->LastPPRequest = TcgPpData->PPRequest;
+ TcgPpData->PPRequest = TCG2_PHYSICAL_PRESENCE_NO_ACTION;
TcgPpData->PPRequestParameter = 0;
}
@@ -819,13 +837,13 @@ Tcg2ExecutePendingTpmRequest ( // Save changes
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
+ Status = gRT->SetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ TcgPpData
+ );
if (EFI_ERROR (Status)) {
return;
}
@@ -862,12 +880,14 @@ Tcg2ExecutePendingTpmRequest ( if (ResetRequired) {
break;
} else {
- return ;
+ return;
}
}
+
if (TcgPpData->PPRequest != TCG2_PHYSICAL_PRESENCE_NO_ACTION) {
break;
}
+
return;
}
@@ -892,7 +912,7 @@ Tcg2ExecutePendingTpmRequest ( VOID
EFIAPI
Tcg2PhysicalPresenceLibProcessRequest (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL
)
{
EFI_STATUS Status;
@@ -923,49 +943,50 @@ Tcg2PhysicalPresenceLibProcessRequest ( //
if (GetBootModeHob () == BOOT_ON_S4_RESUME) {
DEBUG ((DEBUG_INFO, "S4 Resume, Skip TPM PP process!\n"));
- return ;
+ return;
}
//
// Initialize physical presence flags.
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
- PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
- Status = gRT->SetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS),
- &PpiFlags
- );
+ PpiFlags.PPFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
+ Status = gRT->SetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS),
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Set physical presence flag failed, Status = %r\n", Status));
- return ;
+ return;
}
- DEBUG((DEBUG_INFO, "[TPM2] Initial physical presence flags value is 0x%x\n", PpiFlags.PPFlags));
+
+ DEBUG ((DEBUG_INFO, "[TPM2] Initial physical presence flags value is 0x%x\n", PpiFlags.PPFlags));
}
//
// Initialize physical presence variable.
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &TcgPpData
+ );
if (EFI_ERROR (Status)) {
- ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
+ ZeroMem ((VOID *)&TcgPpData, sizeof (TcgPpData));
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
Status = gRT->SetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
@@ -976,7 +997,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Set physical presence variable failed, Status = %r\n", Status));
- return ;
+ return;
}
}
@@ -987,7 +1008,6 @@ Tcg2PhysicalPresenceLibProcessRequest ( //
Tcg2ExecutePendingTpmRequest (PlatformAuth, &TcgPpData, &PpiFlags);
DEBUG ((DEBUG_INFO, "[TPM2] PPResponse = %x (LastPPRequest=%x, Flags=%x)\n", TcgPpData.PPResponse, TcgPpData.LastPPRequest, PpiFlags.PPFlags));
-
}
/**
@@ -1002,7 +1022,7 @@ Tcg2PhysicalPresenceLibProcessRequest ( **/
BOOLEAN
EFIAPI
-Tcg2PhysicalPresenceLibNeedUserConfirm(
+Tcg2PhysicalPresenceLibNeedUserConfirm (
VOID
)
{
@@ -1024,25 +1044,25 @@ Tcg2PhysicalPresenceLibNeedUserConfirm( // Check Tpm requests
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &TcgPpData
+ );
if (EFI_ERROR (Status)) {
return FALSE;
}
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
return FALSE;
}
@@ -1054,7 +1074,7 @@ Tcg2PhysicalPresenceLibNeedUserConfirm( return FALSE;
}
- if (!Tcg2HaveValidTpmRequest(&TcgPpData, PpiFlags, &RequestConfirmed)) {
+ if (!Tcg2HaveValidTpmRequest (&TcgPpData, PpiFlags, &RequestConfirmed)) {
//
// Invalid operation request.
//
@@ -1071,7 +1091,6 @@ Tcg2PhysicalPresenceLibNeedUserConfirm( return FALSE;
}
-
/**
The handler for TPM physical presence function:
Return TPM Operation Response to OS Environment.
@@ -1084,13 +1103,13 @@ Tcg2PhysicalPresenceLibNeedUserConfirm( UINT32
EFIAPI
Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
- OUT UINT32 *MostRecentRequest,
- OUT UINT32 *Response
+ OUT UINT32 *MostRecentRequest,
+ OUT UINT32 *Response
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- EFI_TCG2_PHYSICAL_PRESENCE PpData;
+ EFI_STATUS Status;
+ UINTN DataSize;
+ EFI_TCG2_PHYSICAL_PRESENCE PpData;
DEBUG ((DEBUG_INFO, "[TPM2] ReturnOperationResponseToOsFunction\n"));
@@ -1098,13 +1117,13 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( // Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
*MostRecentRequest = 0;
*Response = 0;
@@ -1134,8 +1153,8 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( UINT32
EFIAPI
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
- IN UINT32 OperationRequest,
- IN UINT32 RequestParameter
+ IN UINT32 OperationRequest,
+ IN UINT32 RequestParameter
)
{
EFI_STATUS Status;
@@ -1149,35 +1168,37 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( // Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
}
if ((OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
- (OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN) ) {
+ (OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))
+ {
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
}
if ((PpData.PPRequest != OperationRequest) ||
- (PpData.PPRequestParameter != RequestParameter)) {
- PpData.PPRequest = (UINT8)OperationRequest;
+ (PpData.PPRequestParameter != RequestParameter))
+ {
+ PpData.PPRequest = (UINT8)OperationRequest;
PpData.PPRequestParameter = RequestParameter;
- DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &PpData
- );
+ DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
+ Status = gRT->SetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
return TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
@@ -1186,16 +1207,17 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( if (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &Flags
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &Flags
+ );
if (EFI_ERROR (Status)) {
- Flags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
+ Flags.PPFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
}
+
return Tcg2PpVendorLibSubmitRequestToPreOSFunction (OperationRequest, Flags.PPFlags, RequestParameter);
}
@@ -1220,15 +1242,16 @@ Tcg2PhysicalPresenceLibGetManagementFlags ( DEBUG ((DEBUG_INFO, "[TPM2] GetManagementFlags\n"));
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = gRT->GetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
- PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
+ PpiFlags.PPFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
}
+
return PpiFlags.PPFlags;
}
diff --git a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c index ab7f664c7a..597ce77b4b 100644 --- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c +++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c @@ -30,9 +30,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Guid/PhysicalPresenceData.h>
#include <Library/TcgPpVendorLib.h>
-#define CONFIRM_BUFFER_SIZE 4096
+#define CONFIRM_BUFFER_SIZE 4096
-EFI_HII_HANDLE mPpStringPackHandle;
+EFI_HII_HANDLE mPpStringPackHandle;
/**
Get string by string id from HII Interface.
@@ -45,7 +45,7 @@ EFI_HII_HANDLE mPpStringPackHandle; **/
CHAR16 *
PhysicalPresenceGetStringById (
- IN EFI_STRING_ID Id
+ IN EFI_STRING_ID Id
)
{
return HiiGetString (mPpStringPackHandle, Id, NULL);
@@ -64,24 +64,24 @@ PhysicalPresenceGetStringById ( **/
EFI_STATUS
GetTpmCapability (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- OUT BOOLEAN *LifetimeLock,
- OUT BOOLEAN *CmdEnable
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ OUT BOOLEAN *LifetimeLock,
+ OUT BOOLEAN *CmdEnable
)
{
- EFI_STATUS Status;
- TPM_RQU_COMMAND_HDR *TpmRqu;
- TPM_RSP_COMMAND_HDR *TpmRsp;
- UINT32 *SendBufPtr;
- UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];
- TPM_PERMANENT_FLAGS *TpmPermanentFlags;
- UINT8 RecvBuffer[40];
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR *TpmRqu;
+ TPM_RSP_COMMAND_HDR *TpmRsp;
+ UINT32 *SendBufPtr;
+ UINT8 SendBuffer[sizeof (*TpmRqu) + sizeof (UINT32) * 3];
+ TPM_PERMANENT_FLAGS *TpmPermanentFlags;
+ UINT8 RecvBuffer[40];
//
// Fill request header
//
- TpmRsp = (TPM_RSP_COMMAND_HDR*)RecvBuffer;
- TpmRqu = (TPM_RQU_COMMAND_HDR*)SendBuffer;
+ TpmRsp = (TPM_RSP_COMMAND_HDR *)RecvBuffer;
+ TpmRqu = (TPM_RQU_COMMAND_HDR *)SendBuffer;
TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
TpmRqu->paramSize = SwapBytes32 (sizeof (SendBuffer));
@@ -90,7 +90,7 @@ GetTpmCapability ( //
// Set request parameter
//
- SendBufPtr = (UINT32*)(TpmRqu + 1);
+ SendBufPtr = (UINT32 *)(TpmRqu + 1);
WriteUnaligned32 (SendBufPtr++, SwapBytes32 (TPM_CAP_FLAG));
WriteUnaligned32 (SendBufPtr++, SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)));
WriteUnaligned32 (SendBufPtr, SwapBytes32 (TPM_CAP_FLAG_PERMANENT));
@@ -98,9 +98,9 @@ GetTpmCapability ( Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
sizeof (SendBuffer),
- (UINT8*)TpmRqu,
+ (UINT8 *)TpmRqu,
sizeof (RecvBuffer),
- (UINT8*)&RecvBuffer
+ (UINT8 *)&RecvBuffer
);
if (EFI_ERROR (Status)) {
return Status;
@@ -136,30 +136,30 @@ GetTpmCapability ( **/
EFI_STATUS
TpmPhysicalPresence (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN TPM_PHYSICAL_PRESENCE PhysicalPresence
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ IN TPM_PHYSICAL_PRESENCE PhysicalPresence
)
{
- EFI_STATUS Status;
- TPM_RQU_COMMAND_HDR *TpmRqu;
- TPM_PHYSICAL_PRESENCE *TpmPp;
- TPM_RSP_COMMAND_HDR TpmRsp;
- UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR *TpmRqu;
+ TPM_PHYSICAL_PRESENCE *TpmPp;
+ TPM_RSP_COMMAND_HDR TpmRsp;
+ UINT8 Buffer[sizeof (*TpmRqu) + sizeof (*TpmPp)];
- TpmRqu = (TPM_RQU_COMMAND_HDR*)Buffer;
- TpmPp = (TPM_PHYSICAL_PRESENCE*)(TpmRqu + 1);
+ TpmRqu = (TPM_RQU_COMMAND_HDR *)Buffer;
+ TpmPp = (TPM_PHYSICAL_PRESENCE *)(TpmRqu + 1);
TpmRqu->tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
TpmRqu->paramSize = SwapBytes32 (sizeof (Buffer));
TpmRqu->ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);
- WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE) SwapBytes16 (PhysicalPresence));
+ WriteUnaligned16 (TpmPp, (TPM_PHYSICAL_PRESENCE)SwapBytes16 (PhysicalPresence));
Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
sizeof (Buffer),
- (UINT8*)TpmRqu,
+ (UINT8 *)TpmRqu,
sizeof (TpmRsp),
- (UINT8*)&TpmRsp
+ (UINT8 *)&TpmRsp
);
if (EFI_ERROR (Status)) {
return Status;
@@ -194,18 +194,18 @@ TpmPhysicalPresence ( **/
UINT32
TpmCommandNoReturnData (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN TPM_COMMAND_CODE Ordinal,
- IN UINTN AdditionalParameterSize,
- IN VOID *AdditionalParameters
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ IN TPM_COMMAND_CODE Ordinal,
+ IN UINTN AdditionalParameterSize,
+ IN VOID *AdditionalParameters
)
{
- EFI_STATUS Status;
- TPM_RQU_COMMAND_HDR *TpmRqu;
- TPM_RSP_COMMAND_HDR TpmRsp;
- UINT32 Size;
+ EFI_STATUS Status;
+ TPM_RQU_COMMAND_HDR *TpmRqu;
+ TPM_RSP_COMMAND_HDR TpmRsp;
+ UINT32 Size;
- TpmRqu = (TPM_RQU_COMMAND_HDR*) AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);
+ TpmRqu = (TPM_RQU_COMMAND_HDR *)AllocatePool (sizeof (*TpmRqu) + AdditionalParameterSize);
if (TpmRqu == NULL) {
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
@@ -219,14 +219,15 @@ TpmCommandNoReturnData ( Status = TcgProtocol->PassThroughToTpm (
TcgProtocol,
Size,
- (UINT8*)TpmRqu,
+ (UINT8 *)TpmRqu,
(UINT32)sizeof (TpmRsp),
- (UINT8*)&TpmRsp
+ (UINT8 *)&TpmRsp
);
FreePool (TpmRqu);
if (EFI_ERROR (Status) || (TpmRsp.tag != SwapBytes16 (TPM_TAG_RSP_COMMAND))) {
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
+
return SwapBytes32 (TpmRsp.returnCode);
}
@@ -245,14 +246,14 @@ TpmCommandNoReturnData ( **/
UINT32
ExecutePhysicalPresence (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN UINT32 CommandCode,
- IN OUT EFI_PHYSICAL_PRESENCE_FLAGS *PpiFlags
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ IN UINT32 CommandCode,
+ IN OUT EFI_PHYSICAL_PRESENCE_FLAGS *PpiFlags
)
{
- BOOLEAN BoolVal;
- UINT32 TpmResponse;
- UINT32 InData[5];
+ BOOLEAN BoolVal;
+ UINT32 TpmResponse;
+ UINT32 InData[5];
switch (CommandCode) {
case PHYSICAL_PRESENCE_ENABLE:
@@ -302,6 +303,7 @@ ExecutePhysicalPresence ( if (TpmResponse == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ACTIVATE, PpiFlags);
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
@@ -309,6 +311,7 @@ ExecutePhysicalPresence ( if (TpmResponse == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DISABLE, PpiFlags);
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
@@ -335,12 +338,13 @@ ExecutePhysicalPresence ( // PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE will be executed after reboot
//
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE, PpiFlags);
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
@@ -348,13 +352,14 @@ ExecutePhysicalPresence ( if (TpmResponse == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_DEACTIVATE_DISABLE, PpiFlags);
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
InData[0] = SwapBytes32 (TPM_SET_STCLEAR_DATA); // CapabilityArea
- InData[1] = SwapBytes32 (sizeof(UINT32)); // SubCapSize
+ InData[1] = SwapBytes32 (sizeof (UINT32)); // SubCapSize
InData[2] = SwapBytes32 (TPM_SD_DEFERREDPHYSICALPRESENCE); // SubCap
- InData[3] = SwapBytes32 (sizeof(UINT32)); // SetValueSize
+ InData[3] = SwapBytes32 (sizeof (UINT32)); // SetValueSize
InData[4] = SwapBytes32 (1); // UnownedFieldUpgrade; bit0
return TpmCommandNoReturnData (
TcgProtocol,
@@ -376,6 +381,7 @@ ExecutePhysicalPresence ( if (TpmResponse == 0) {
TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
@@ -408,12 +414,13 @@ ExecutePhysicalPresence ( // PHYSICAL_PRESENCE_CLEAR will be executed after reboot.
//
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR, PpiFlags);
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
+
return TpmResponse;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
@@ -422,21 +429,22 @@ ExecutePhysicalPresence ( // PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE will be executed after reboot.
//
if ((PpiFlags->PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_ENABLE_ACTIVATE, PpiFlags);
PpiFlags->PPFlags |= TCG_VENDOR_LIB_FLAG_RESET_TRACK;
} else {
- TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);
+ TpmResponse = ExecutePhysicalPresence (TcgProtocol, PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE, PpiFlags);
PpiFlags->PPFlags &= ~TCG_VENDOR_LIB_FLAG_RESET_TRACK;
}
+
return TpmResponse;
default:
;
}
+
return TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
}
-
/**
Read the specified key for user confirmation.
@@ -449,13 +457,13 @@ ExecutePhysicalPresence ( **/
BOOLEAN
ReadUserKey (
- IN BOOLEAN CautionKey
+ IN BOOLEAN CautionKey
)
{
- EFI_STATUS Status;
- EFI_INPUT_KEY Key;
- UINT16 InputKey;
- UINTN Index;
+ EFI_STATUS Status;
+ EFI_INPUT_KEY Key;
+ UINT16 InputKey;
+ UINTN Index;
InputKey = 0;
do {
@@ -472,9 +480,11 @@ ReadUserKey ( if (Key.ScanCode == SCAN_ESC) {
InputKey = Key.ScanCode;
}
+
if ((Key.ScanCode == SCAN_F10) && !CautionKey) {
InputKey = Key.ScanCode;
}
+
if ((Key.ScanCode == SCAN_F12) && CautionKey) {
InputKey = Key.ScanCode;
}
@@ -522,16 +532,16 @@ TcgPhysicalPresenceLibConstructor ( **/
BOOLEAN
UserConfirm (
- IN UINT32 TpmPpCommand
+ IN UINT32 TpmPpCommand
)
{
- CHAR16 *ConfirmText;
- CHAR16 *TmpStr1;
- CHAR16 *TmpStr2;
- UINTN BufSize;
- BOOLEAN CautionKey;
- UINT16 Index;
- CHAR16 DstStr[81];
+ CHAR16 *ConfirmText;
+ CHAR16 *TmpStr1;
+ CHAR16 *TmpStr2;
+ UINTN BufSize;
+ BOOLEAN CautionKey;
+ UINT16 Index;
+ CHAR16 DstStr[81];
TmpStr2 = NULL;
CautionKey = FALSE;
@@ -598,7 +608,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_CLEAR:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -712,7 +722,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UNOWNED_FIELD_UPGRADE));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_UPGRADE_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -737,7 +747,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR_TURN_ON));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -778,7 +788,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CLEAR));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -804,7 +814,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_MAINTAIN));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -825,7 +835,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -843,7 +853,7 @@ UserConfirm ( case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
CautionKey = TRUE;
- TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));
+ TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE));
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
@@ -875,13 +885,13 @@ UserConfirm ( return FALSE;
}
- TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));
+ TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_REJECT_KEY));
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1, TmpStr2);
DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpyS(DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
+ StrnCpyS (DstStr, sizeof (DstStr) / sizeof (CHAR16), ConfirmText + Index, sizeof (DstStr) / sizeof (CHAR16) - 1);
Print (DstStr);
}
@@ -913,9 +923,9 @@ UserConfirm ( **/
BOOLEAN
HaveValidTpmRequest (
- IN EFI_PHYSICAL_PRESENCE *TcgPpData,
- IN EFI_PHYSICAL_PRESENCE_FLAGS Flags,
- OUT BOOLEAN *RequestConfirmed
+ IN EFI_PHYSICAL_PRESENCE *TcgPpData,
+ IN EFI_PHYSICAL_PRESENCE_FLAGS Flags,
+ OUT BOOLEAN *RequestConfirmed
)
{
BOOLEAN IsRequestValid;
@@ -940,6 +950,7 @@ HaveValidTpmRequest ( if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
*RequestConfirmed = TRUE;
}
+
break;
case PHYSICAL_PRESENCE_CLEAR:
@@ -947,19 +958,22 @@ HaveValidTpmRequest ( if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) {
*RequestConfirmed = TRUE;
}
+
break;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_MAINTENANCE) != 0) {
*RequestConfirmed = TRUE;
}
+
break;
case PHYSICAL_PRESENCE_CLEAR_ENABLE_ACTIVATE:
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
- if ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0 && (Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0) {
+ if (((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_CLEAR) != 0) && ((Flags.PPFlags & TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION) != 0)) {
*RequestConfirmed = TRUE;
}
+
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_FALSE:
@@ -1002,7 +1016,6 @@ HaveValidTpmRequest ( return TRUE;
}
-
/**
Check and execute the requested physical presence command.
@@ -1017,42 +1030,42 @@ HaveValidTpmRequest ( **/
VOID
ExecutePendingTpmRequest (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN EFI_PHYSICAL_PRESENCE *TcgPpData,
- IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ IN EFI_PHYSICAL_PRESENCE *TcgPpData,
+ IN EFI_PHYSICAL_PRESENCE_FLAGS Flags
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- BOOLEAN RequestConfirmed;
- EFI_PHYSICAL_PRESENCE_FLAGS NewFlags;
- BOOLEAN ResetRequired;
- UINT32 NewPPFlags;
-
- if (!HaveValidTpmRequest(TcgPpData, Flags, &RequestConfirmed)) {
+ EFI_STATUS Status;
+ UINTN DataSize;
+ BOOLEAN RequestConfirmed;
+ EFI_PHYSICAL_PRESENCE_FLAGS NewFlags;
+ BOOLEAN ResetRequired;
+ UINT32 NewPPFlags;
+
+ if (!HaveValidTpmRequest (TcgPpData, Flags, &RequestConfirmed)) {
//
// Invalid operation request.
//
- TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
+ TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE;
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
- DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
+ TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+ DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ TcgPpData
+ );
return;
}
ResetRequired = FALSE;
if (TcgPpData->PPRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- NewFlags = Flags;
- NewPPFlags = NewFlags.PPFlags;
+ NewFlags = Flags;
+ NewPPFlags = NewFlags.PPFlags;
TcgPpData->PPResponse = TcgPpVendorLibExecutePendingRequest (TcgPpData->PPRequest, &NewPPFlags, &ResetRequired);
- NewFlags.PPFlags = (UINT8)NewPPFlags;
+ NewFlags.PPFlags = (UINT8)NewPPFlags;
} else {
if (!RequestConfirmed) {
//
@@ -1065,7 +1078,7 @@ ExecutePendingTpmRequest ( // Execute requested physical presence command
//
TcgPpData->PPResponse = TCG_PP_OPERATION_RESPONSE_USER_ABORT;
- NewFlags = Flags;
+ NewFlags = Flags;
if (RequestConfirmed) {
TcgPpData->PPResponse = ExecutePhysicalPresence (TcgProtocol, TcgPpData->PPRequest, &NewFlags);
}
@@ -1074,14 +1087,14 @@ ExecutePendingTpmRequest ( //
// Save the flags if it is updated.
//
- if (CompareMem (&Flags, &NewFlags, sizeof(EFI_PHYSICAL_PRESENCE_FLAGS)) != 0) {
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
- &NewFlags
- );
+ if (CompareMem (&Flags, &NewFlags, sizeof (EFI_PHYSICAL_PRESENCE_FLAGS)) != 0) {
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
+ &NewFlags
+ );
if (EFI_ERROR (Status)) {
return;
}
@@ -1092,20 +1105,20 @@ ExecutePendingTpmRequest ( //
if ((NewFlags.PPFlags & TCG_VENDOR_LIB_FLAG_RESET_TRACK) == 0) {
TcgPpData->LastPPRequest = TcgPpData->PPRequest;
- TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
+ TcgPpData->PPRequest = PHYSICAL_PRESENCE_NO_ACTION;
}
//
// Save changes
//
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- TcgPpData
- );
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ TcgPpData
+ );
if (EFI_ERROR (Status)) {
return;
}
@@ -1135,12 +1148,14 @@ ExecutePendingTpmRequest ( if (ResetRequired) {
break;
} else {
- return ;
+ return;
}
}
+
if (TcgPpData->PPRequest != PHYSICAL_PRESENCE_NO_ACTION) {
break;
}
+
return;
}
@@ -1168,45 +1183,46 @@ TcgPhysicalPresenceLibProcessRequest ( VOID
)
{
- EFI_STATUS Status;
- BOOLEAN LifetimeLock;
- BOOLEAN CmdEnable;
- UINTN DataSize;
- EFI_PHYSICAL_PRESENCE TcgPpData;
- EFI_TCG_PROTOCOL *TcgProtocol;
- EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
- EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
+ EFI_STATUS Status;
+ BOOLEAN LifetimeLock;
+ BOOLEAN CmdEnable;
+ UINTN DataSize;
+ EFI_PHYSICAL_PRESENCE TcgPpData;
+ EFI_TCG_PROTOCOL *TcgProtocol;
+ EDKII_VARIABLE_LOCK_PROTOCOL *VariableLockProtocol;
+ EFI_PHYSICAL_PRESENCE_FLAGS PpiFlags;
Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
- return ;
+ return;
}
//
// Initialize physical presence flags.
//
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = gRT->GetVariable (
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
PpiFlags.PPFlags = TCG_BIOS_TPM_MANAGEMENT_FLAG_NO_PPI_PROVISION;
- Status = gRT->SetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
- &PpiFlags
- );
+ Status = gRT->SetVariable (
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ sizeof (EFI_PHYSICAL_PRESENCE_FLAGS),
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM] Set physical presence flag failed, Status = %r\n", Status));
- return ;
+ return;
}
}
+
DEBUG ((DEBUG_INFO, "[TPM] PpiFlags = %x\n", PpiFlags.PPFlags));
//
@@ -1230,15 +1246,15 @@ TcgPhysicalPresenceLibProcessRequest ( // Initialize physical presence variable.
//
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
+ Status = gRT->GetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &TcgPpData
+ );
if (EFI_ERROR (Status)) {
- ZeroMem ((VOID*)&TcgPpData, sizeof (TcgPpData));
+ ZeroMem ((VOID *)&TcgPpData, sizeof (TcgPpData));
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
Status = gRT->SetVariable (
PHYSICAL_PRESENCE_VARIABLE,
@@ -1264,7 +1280,7 @@ TcgPhysicalPresenceLibProcessRequest ( Status = GetTpmCapability (TcgProtocol, &LifetimeLock, &CmdEnable);
if (EFI_ERROR (Status)) {
- return ;
+ return;
}
if (!CmdEnable) {
@@ -1272,11 +1288,12 @@ TcgPhysicalPresenceLibProcessRequest ( //
// physicalPresenceCMDEnable is locked, can't execute physical presence command.
//
- return ;
+ return;
}
+
Status = TpmPhysicalPresence (TcgProtocol, TPM_PHYSICAL_PRESENCE_CMD_ENABLE);
if (EFI_ERROR (Status)) {
- return ;
+ return;
}
}
@@ -1312,7 +1329,7 @@ TcgPhysicalPresenceLibProcessRequest ( **/
BOOLEAN
EFIAPI
-TcgPhysicalPresenceLibNeedUserConfirm(
+TcgPhysicalPresenceLibNeedUserConfirm (
VOID
)
{
@@ -1334,25 +1351,25 @@ TcgPhysicalPresenceLibNeedUserConfirm( // Check Tpm requests
//
DataSize = sizeof (EFI_PHYSICAL_PRESENCE);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &TcgPpData
- );
+ Status = gRT->GetVariable (
+ PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &TcgPpData
+ );
if (EFI_ERROR (Status)) {
return FALSE;
}
DataSize = sizeof (EFI_PHYSICAL_PRESENCE_FLAGS);
- Status = gRT->GetVariable (
- PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiPhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = gRT->GetVariable (
+ PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiPhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
return FALSE;
}
@@ -1364,7 +1381,7 @@ TcgPhysicalPresenceLibNeedUserConfirm( return FALSE;
}
- if (!HaveValidTpmRequest(&TcgPpData, PpiFlags, &RequestConfirmed)) {
+ if (!HaveValidTpmRequest (&TcgPpData, PpiFlags, &RequestConfirmed)) {
//
// Invalid operation request.
//
diff --git a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c index 95682ac567..f73b43aa60 100644 --- a/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpm2MeasureBootLib/DxeTpm2MeasureBootLib.c @@ -45,15 +45,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //
// Flag to check GPT partition. It only need be measured once.
//
-BOOLEAN mTcg2MeasureGptTableFlag = FALSE;
-UINTN mTcg2MeasureGptCount = 0;
-VOID *mTcg2FileBuffer;
-UINTN mTcg2ImageSize;
+BOOLEAN mTcg2MeasureGptTableFlag = FALSE;
+UINTN mTcg2MeasureGptCount = 0;
+VOID *mTcg2FileBuffer;
+UINTN mTcg2ImageSize;
//
// Measured FV handle cache
//
-EFI_HANDLE mTcg2CacheMeasuredHandle = NULL;
-MEASURED_HOB_DATA *mTcg2MeasuredHobData = NULL;
+EFI_HANDLE mTcg2CacheMeasuredHandle = NULL;
+MEASURED_HOB_DATA *mTcg2MeasuredHobData = NULL;
/**
Reads contents of a PE/COFF image in memory buffer.
@@ -73,15 +73,15 @@ MEASURED_HOB_DATA *mTcg2MeasuredHobData = NULL; EFI_STATUS
EFIAPI
DxeTpm2MeasureBootLibImageRead (
- IN VOID *FileHandle,
- IN UINTN FileOffset,
- IN OUT UINTN *ReadSize,
- OUT VOID *Buffer
+ IN VOID *FileHandle,
+ IN UINTN FileOffset,
+ IN OUT UINTN *ReadSize,
+ OUT VOID *Buffer
)
{
- UINTN EndPosition;
+ UINTN EndPosition;
- if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ if ((FileHandle == NULL) || (ReadSize == NULL) || (Buffer == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -98,7 +98,7 @@ DxeTpm2MeasureBootLibImageRead ( *ReadSize = 0;
}
- CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
+ CopyMem (Buffer, (UINT8 *)((UINTN)FileHandle + FileOffset), *ReadSize);
return EFI_SUCCESS;
}
@@ -125,37 +125,40 @@ Tcg2MeasureGptTable ( IN EFI_HANDLE GptHandle
)
{
- EFI_STATUS Status;
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
- EFI_DISK_IO_PROTOCOL *DiskIo;
- EFI_PARTITION_TABLE_HEADER *PrimaryHeader;
- EFI_PARTITION_ENTRY *PartitionEntry;
- UINT8 *EntryPtr;
- UINTN NumberOfPartition;
- UINT32 Index;
- EFI_TCG2_EVENT *Tcg2Event;
- EFI_GPT_DATA *GptData;
- UINT32 EventSize;
+ EFI_STATUS Status;
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ EFI_DISK_IO_PROTOCOL *DiskIo;
+ EFI_PARTITION_TABLE_HEADER *PrimaryHeader;
+ EFI_PARTITION_ENTRY *PartitionEntry;
+ UINT8 *EntryPtr;
+ UINTN NumberOfPartition;
+ UINT32 Index;
+ EFI_TCG2_EVENT *Tcg2Event;
+ EFI_GPT_DATA *GptData;
+ UINT32 EventSize;
if (mTcg2MeasureGptCount > 0) {
return EFI_SUCCESS;
}
- Status = gBS->HandleProtocol (GptHandle, &gEfiBlockIoProtocolGuid, (VOID**)&BlockIo);
+ Status = gBS->HandleProtocol (GptHandle, &gEfiBlockIoProtocolGuid, (VOID **)&BlockIo);
if (EFI_ERROR (Status)) {
return EFI_UNSUPPORTED;
}
- Status = gBS->HandleProtocol (GptHandle, &gEfiDiskIoProtocolGuid, (VOID**)&DiskIo);
+
+ Status = gBS->HandleProtocol (GptHandle, &gEfiDiskIoProtocolGuid, (VOID **)&DiskIo);
if (EFI_ERROR (Status)) {
return EFI_UNSUPPORTED;
}
+
//
// Read the EFI Partition Table Header
//
- PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
+ PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *)AllocatePool (BlockIo->Media->BlockSize);
if (PrimaryHeader == NULL) {
return EFI_OUT_OF_RESOURCES;
}
+
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
@@ -168,6 +171,7 @@ Tcg2MeasureGptTable ( FreePool (PrimaryHeader);
return EFI_DEVICE_ERROR;
}
+
//
// Read the partition entry.
//
@@ -176,10 +180,11 @@ Tcg2MeasureGptTable ( FreePool (PrimaryHeader);
return EFI_OUT_OF_RESOURCES;
}
+
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
- MultU64x32(PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize),
+ MultU64x32 (PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize),
PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry,
EntryPtr
);
@@ -198,6 +203,7 @@ Tcg2MeasureGptTable ( if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
NumberOfPartition++;
}
+
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
@@ -205,30 +211,30 @@ Tcg2MeasureGptTable ( // Prepare Data for Measurement
//
EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
- + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
- Tcg2Event = (EFI_TCG2_EVENT *) AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event));
+ + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
+ Tcg2Event = (EFI_TCG2_EVENT *)AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event));
if (Tcg2Event == NULL) {
FreePool (PrimaryHeader);
FreePool (EntryPtr);
return EFI_OUT_OF_RESOURCES;
}
- Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
- Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
+ Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event);
+ Tcg2Event->Header.HeaderSize = sizeof (EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
Tcg2Event->Header.PCRIndex = 5;
Tcg2Event->Header.EventType = EV_EFI_GPT_EVENT;
- GptData = (EFI_GPT_DATA *) Tcg2Event->Event;
+ GptData = (EFI_GPT_DATA *)Tcg2Event->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
//
- CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
+ CopyMem ((UINT8 *)GptData, (UINT8 *)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
GptData->NumberOfPartitions = NumberOfPartition;
//
// Copy the valid partition entry
//
- PartitionEntry = (EFI_PARTITION_ENTRY*)EntryPtr;
+ PartitionEntry = (EFI_PARTITION_ENTRY *)EntryPtr;
NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
@@ -239,19 +245,20 @@ Tcg2MeasureGptTable ( );
NumberOfPartition++;
}
- PartitionEntry =(EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
+
+ PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
//
// Measure the GPT data
//
Status = Tcg2Protocol->HashLogExtendEvent (
- Tcg2Protocol,
- 0,
- (EFI_PHYSICAL_ADDRESS) (UINTN) (VOID *) GptData,
- (UINT64) EventSize,
- Tcg2Event
- );
+ Tcg2Protocol,
+ 0,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)(VOID *)GptData,
+ (UINT64)EventSize,
+ Tcg2Event
+ );
if (!EFI_ERROR (Status)) {
mTcg2MeasureGptCount++;
}
@@ -295,29 +302,29 @@ Tcg2MeasurePeImage ( IN EFI_DEVICE_PATH_PROTOCOL *FilePath
)
{
- EFI_STATUS Status;
- EFI_TCG2_EVENT *Tcg2Event;
- EFI_IMAGE_LOAD_EVENT *ImageLoad;
- UINT32 FilePathSize;
- UINT32 EventSize;
+ EFI_STATUS Status;
+ EFI_TCG2_EVENT *Tcg2Event;
+ EFI_IMAGE_LOAD_EVENT *ImageLoad;
+ UINT32 FilePathSize;
+ UINT32 EventSize;
- Status = EFI_UNSUPPORTED;
- ImageLoad = NULL;
- FilePathSize = (UINT32) GetDevicePathSize (FilePath);
+ Status = EFI_UNSUPPORTED;
+ ImageLoad = NULL;
+ FilePathSize = (UINT32)GetDevicePathSize (FilePath);
//
// Determine destination PCR by BootPolicy
//
EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
- Tcg2Event = AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event));
+ Tcg2Event = AllocateZeroPool (EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event));
if (Tcg2Event == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
- Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
+ Tcg2Event->Size = EventSize + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event);
+ Tcg2Event->Header.HeaderSize = sizeof (EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
- ImageLoad = (EFI_IMAGE_LOAD_EVENT *) Tcg2Event->Event;
+ ImageLoad = (EFI_IMAGE_LOAD_EVENT *)Tcg2Event->Event;
switch (ImageType) {
case EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION:
@@ -353,12 +360,12 @@ Tcg2MeasurePeImage ( // Log the PE data
//
Status = Tcg2Protocol->HashLogExtendEvent (
- Tcg2Protocol,
- PE_COFF_IMAGE,
- ImageAddress,
- ImageSize,
- Tcg2Event
- );
+ Tcg2Protocol,
+ PE_COFF_IMAGE,
+ ImageAddress,
+ ImageSize,
+ Tcg2Event
+ );
if (Status == EFI_VOLUME_FULL) {
//
// Volume full here means the image is hashed and its result is extended to PCR.
@@ -415,11 +422,11 @@ Finish: EFI_STATUS
EFIAPI
DxeTpm2MeasureBootHandler (
- IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
- IN VOID *FileBuffer,
- IN UINTN FileSize,
- IN BOOLEAN BootPolicy
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
+ IN VOID *FileBuffer,
+ IN UINTN FileSize,
+ IN BOOLEAN BootPolicy
)
{
EFI_TCG2_PROTOCOL *Tcg2Protocol;
@@ -435,7 +442,7 @@ DxeTpm2MeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;
UINT32 Index;
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&Tcg2Protocol);
if (EFI_ERROR (Status)) {
//
// Tcg2 protocol is not installed. So, TPM2 is not present.
@@ -445,11 +452,11 @@ DxeTpm2MeasureBootHandler ( return EFI_SUCCESS;
}
- ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
- Status = Tcg2Protocol->GetCapability (
- Tcg2Protocol,
- &ProtocolCapability
- );
+ ProtocolCapability.Size = (UINT8)sizeof (ProtocolCapability);
+ Status = Tcg2Protocol->GetCapability (
+ Tcg2Protocol,
+ &ProtocolCapability
+ );
if (EFI_ERROR (Status) || (!ProtocolCapability.TPMPresentFlag)) {
//
// TPM device doesn't work or activate.
@@ -468,7 +475,7 @@ DxeTpm2MeasureBootHandler ( // Is so, this device path may be a GPT device path.
//
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePathNode, &Handle);
+ Status = gBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePathNode, &Handle);
if (!EFI_ERROR (Status) && !mTcg2MeasureGptTableFlag) {
//
// Find the gpt partition on the given devicepath
@@ -479,25 +486,26 @@ DxeTpm2MeasureBootHandler ( //
// Find the Gpt partition
//
- if (DevicePathType (DevicePathNode) == MEDIA_DEVICE_PATH &&
- DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP) {
+ if ((DevicePathType (DevicePathNode) == MEDIA_DEVICE_PATH) &&
+ (DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP))
+ {
//
// Check whether it is a gpt partition or not
//
- if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
- ((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
-
+ if ((((HARDDRIVE_DEVICE_PATH *)DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER) &&
+ (((HARDDRIVE_DEVICE_PATH *)DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID))
+ {
//
// Change the partition device path to its parent device path (disk) and get the handle.
//
DevicePathNode->Type = END_DEVICE_PATH_TYPE;
DevicePathNode->SubType = END_ENTIRE_DEVICE_PATH_SUBTYPE;
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (
- &gEfiDiskIoProtocolGuid,
- &DevicePathNode,
- &Handle
- );
+ Status = gBS->LocateDevicePath (
+ &gEfiDiskIoProtocolGuid,
+ &DevicePathNode,
+ &Handle
+ );
if (!EFI_ERROR (Status)) {
//
// Measure GPT disk.
@@ -511,13 +519,15 @@ DxeTpm2MeasureBootHandler ( mTcg2MeasureGptTableFlag = TRUE;
}
}
+
FreePool (OrigDevicePathNode);
OrigDevicePathNode = DuplicateDevicePath (File);
ASSERT (OrigDevicePathNode != NULL);
break;
}
}
- DevicePathNode = NextDevicePathNode (DevicePathNode);
+
+ DevicePathNode = NextDevicePathNode (DevicePathNode);
}
}
@@ -530,7 +540,7 @@ DxeTpm2MeasureBootHandler ( // Check whether this device path support FVB protocol.
//
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (&gEfiFirmwareVolumeBlockProtocolGuid, &DevicePathNode, &Handle);
+ Status = gBS->LocateDevicePath (&gEfiFirmwareVolumeBlockProtocolGuid, &DevicePathNode, &Handle);
if (!EFI_ERROR (Status)) {
//
// Don't check FV image, and directly return EFI_SUCCESS.
@@ -539,6 +549,7 @@ DxeTpm2MeasureBootHandler ( if (IsDevicePathEnd (DevicePathNode)) {
return EFI_SUCCESS;
}
+
//
// The PE image from unmeasured Firmware volume need be measured
// The PE image from measured Firmware volume will be measured according to policy below.
@@ -547,37 +558,37 @@ DxeTpm2MeasureBootHandler ( //
ApplicationRequired = TRUE;
- if (mTcg2CacheMeasuredHandle != Handle && mTcg2MeasuredHobData != NULL) {
+ if ((mTcg2CacheMeasuredHandle != Handle) && (mTcg2MeasuredHobData != NULL)) {
//
// Search for Root FV of this PE image
//
TempHandle = Handle;
do {
- Status = gBS->HandleProtocol(
+ Status = gBS->HandleProtocol (
TempHandle,
&gEfiFirmwareVolumeBlockProtocolGuid,
- (VOID**)&FvbProtocol
+ (VOID **)&FvbProtocol
);
TempHandle = FvbProtocol->ParentHandle;
- } while (!EFI_ERROR(Status) && FvbProtocol->ParentHandle != NULL);
+ } while (!EFI_ERROR (Status) && FvbProtocol->ParentHandle != NULL);
//
// Search in measured FV Hob
//
- Status = FvbProtocol->GetPhysicalAddress(FvbProtocol, &FvAddress);
- if (EFI_ERROR(Status)){
+ Status = FvbProtocol->GetPhysicalAddress (FvbProtocol, &FvAddress);
+ if (EFI_ERROR (Status)) {
return Status;
}
ApplicationRequired = FALSE;
for (Index = 0; Index < mTcg2MeasuredHobData->Num; Index++) {
- if(mTcg2MeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
+ if (mTcg2MeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
//
// Cache measured FV for next measurement
//
mTcg2CacheMeasuredHandle = Handle;
- ApplicationRequired = TRUE;
+ ApplicationRequired = TRUE;
break;
}
}
@@ -600,8 +611,8 @@ DxeTpm2MeasureBootHandler ( //
DevicePathNode = OrigDevicePathNode;
ZeroMem (&ImageContext, sizeof (ImageContext));
- ImageContext.Handle = (VOID *) FileBuffer;
- ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) DxeTpm2MeasureBootLibImageRead;
+ ImageContext.Handle = (VOID *)FileBuffer;
+ ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)DxeTpm2MeasureBootLibImageRead;
//
// Get information about the image being loaded
@@ -626,21 +637,23 @@ DxeTpm2MeasureBootHandler ( // Measure drivers and applications if Application flag is not set
//
if ((!ApplicationRequired) ||
- (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+ (ApplicationRequired && (ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)))
+ {
//
// Print the image path to be measured.
//
DEBUG_CODE_BEGIN ();
- CHAR16 *ToText;
- ToText = ConvertDevicePathToText (
- DevicePathNode,
- FALSE,
- TRUE
- );
- if (ToText != NULL) {
- DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
- FreePool (ToText);
- }
+ CHAR16 *ToText;
+ ToText = ConvertDevicePathToText (
+ DevicePathNode,
+ FALSE,
+ TRUE
+ );
+ if (ToText != NULL) {
+ DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
+ FreePool (ToText);
+ }
+
DEBUG_CODE_END ();
//
@@ -648,9 +661,9 @@ DxeTpm2MeasureBootHandler ( //
Status = Tcg2MeasurePeImage (
Tcg2Protocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)FileBuffer,
FileSize,
- (UINTN) ImageContext.ImageAddress,
+ (UINTN)ImageContext.ImageAddress,
ImageContext.ImageType,
DevicePathNode
);
@@ -697,7 +710,7 @@ DxeTpm2MeasureBootLibConstructor ( }
return RegisterSecurity2Handler (
- DxeTpm2MeasureBootHandler,
- EFI_AUTH_OPERATION_MEASURE_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
- );
+ DxeTpm2MeasureBootHandler,
+ EFI_AUTH_OPERATION_MEASURE_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
+ );
}
diff --git a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c index 27c0ea48ca..220393dd2b 100644 --- a/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c +++ b/SecurityPkg/Library/DxeTpmMeasureBootLib/DxeTpmMeasureBootLib.c @@ -43,15 +43,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent //
// Flag to check GPT partition. It only need be measured once.
//
-BOOLEAN mMeasureGptTableFlag = FALSE;
-UINTN mMeasureGptCount = 0;
-VOID *mFileBuffer;
-UINTN mTpmImageSize;
+BOOLEAN mMeasureGptTableFlag = FALSE;
+UINTN mMeasureGptCount = 0;
+VOID *mFileBuffer;
+UINTN mTpmImageSize;
//
// Measured FV handle cache
//
-EFI_HANDLE mCacheMeasuredHandle = NULL;
-MEASURED_HOB_DATA *mMeasuredHobData = NULL;
+EFI_HANDLE mCacheMeasuredHandle = NULL;
+MEASURED_HOB_DATA *mMeasuredHobData = NULL;
/**
Reads contents of a PE/COFF image in memory buffer.
@@ -71,15 +71,15 @@ MEASURED_HOB_DATA *mMeasuredHobData = NULL; EFI_STATUS
EFIAPI
DxeTpmMeasureBootLibImageRead (
- IN VOID *FileHandle,
- IN UINTN FileOffset,
- IN OUT UINTN *ReadSize,
- OUT VOID *Buffer
+ IN VOID *FileHandle,
+ IN UINTN FileOffset,
+ IN OUT UINTN *ReadSize,
+ OUT VOID *Buffer
)
{
- UINTN EndPosition;
+ UINTN EndPosition;
- if (FileHandle == NULL || ReadSize == NULL || Buffer == NULL) {
+ if ((FileHandle == NULL) || (ReadSize == NULL) || (Buffer == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -96,7 +96,7 @@ DxeTpmMeasureBootLibImageRead ( *ReadSize = 0;
}
- CopyMem (Buffer, (UINT8 *)((UINTN) FileHandle + FileOffset), *ReadSize);
+ CopyMem (Buffer, (UINT8 *)((UINTN)FileHandle + FileOffset), *ReadSize);
return EFI_SUCCESS;
}
@@ -119,43 +119,46 @@ DxeTpmMeasureBootLibImageRead ( EFI_STATUS
EFIAPI
TcgMeasureGptTable (
- IN EFI_TCG_PROTOCOL *TcgProtocol,
- IN EFI_HANDLE GptHandle
+ IN EFI_TCG_PROTOCOL *TcgProtocol,
+ IN EFI_HANDLE GptHandle
)
{
- EFI_STATUS Status;
- EFI_BLOCK_IO_PROTOCOL *BlockIo;
- EFI_DISK_IO_PROTOCOL *DiskIo;
- EFI_PARTITION_TABLE_HEADER *PrimaryHeader;
- EFI_PARTITION_ENTRY *PartitionEntry;
- UINT8 *EntryPtr;
- UINTN NumberOfPartition;
- UINT32 Index;
- TCG_PCR_EVENT *TcgEvent;
- EFI_GPT_DATA *GptData;
- UINT32 EventSize;
- UINT32 EventNumber;
- EFI_PHYSICAL_ADDRESS EventLogLastEntry;
+ EFI_STATUS Status;
+ EFI_BLOCK_IO_PROTOCOL *BlockIo;
+ EFI_DISK_IO_PROTOCOL *DiskIo;
+ EFI_PARTITION_TABLE_HEADER *PrimaryHeader;
+ EFI_PARTITION_ENTRY *PartitionEntry;
+ UINT8 *EntryPtr;
+ UINTN NumberOfPartition;
+ UINT32 Index;
+ TCG_PCR_EVENT *TcgEvent;
+ EFI_GPT_DATA *GptData;
+ UINT32 EventSize;
+ UINT32 EventNumber;
+ EFI_PHYSICAL_ADDRESS EventLogLastEntry;
if (mMeasureGptCount > 0) {
return EFI_SUCCESS;
}
- Status = gBS->HandleProtocol (GptHandle, &gEfiBlockIoProtocolGuid, (VOID**)&BlockIo);
+ Status = gBS->HandleProtocol (GptHandle, &gEfiBlockIoProtocolGuid, (VOID **)&BlockIo);
if (EFI_ERROR (Status)) {
return EFI_UNSUPPORTED;
}
- Status = gBS->HandleProtocol (GptHandle, &gEfiDiskIoProtocolGuid, (VOID**)&DiskIo);
+
+ Status = gBS->HandleProtocol (GptHandle, &gEfiDiskIoProtocolGuid, (VOID **)&DiskIo);
if (EFI_ERROR (Status)) {
return EFI_UNSUPPORTED;
}
+
//
// Read the EFI Partition Table Header
//
- PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *) AllocatePool (BlockIo->Media->BlockSize);
+ PrimaryHeader = (EFI_PARTITION_TABLE_HEADER *)AllocatePool (BlockIo->Media->BlockSize);
if (PrimaryHeader == NULL) {
return EFI_OUT_OF_RESOURCES;
}
+
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
@@ -168,6 +171,7 @@ TcgMeasureGptTable ( FreePool (PrimaryHeader);
return EFI_DEVICE_ERROR;
}
+
//
// Read the partition entry.
//
@@ -176,10 +180,11 @@ TcgMeasureGptTable ( FreePool (PrimaryHeader);
return EFI_OUT_OF_RESOURCES;
}
+
Status = DiskIo->ReadDisk (
DiskIo,
BlockIo->Media->MediaId,
- MultU64x32(PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize),
+ MultU64x32 (PrimaryHeader->PartitionEntryLBA, BlockIo->Media->BlockSize),
PrimaryHeader->NumberOfPartitionEntries * PrimaryHeader->SizeOfPartitionEntry,
EntryPtr
);
@@ -198,6 +203,7 @@ TcgMeasureGptTable ( if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
NumberOfPartition++;
}
+
PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
@@ -205,28 +211,28 @@ TcgMeasureGptTable ( // Prepare Data for Measurement
//
EventSize = (UINT32)(sizeof (EFI_GPT_DATA) - sizeof (GptData->Partitions)
- + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
- TcgEvent = (TCG_PCR_EVENT *) AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
+ + NumberOfPartition * PrimaryHeader->SizeOfPartitionEntry);
+ TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT_HDR));
if (TcgEvent == NULL) {
FreePool (PrimaryHeader);
FreePool (EntryPtr);
return EFI_OUT_OF_RESOURCES;
}
- TcgEvent->PCRIndex = 5;
- TcgEvent->EventType = EV_EFI_GPT_EVENT;
- TcgEvent->EventSize = EventSize;
- GptData = (EFI_GPT_DATA *) TcgEvent->Event;
+ TcgEvent->PCRIndex = 5;
+ TcgEvent->EventType = EV_EFI_GPT_EVENT;
+ TcgEvent->EventSize = EventSize;
+ GptData = (EFI_GPT_DATA *)TcgEvent->Event;
//
// Copy the EFI_PARTITION_TABLE_HEADER and NumberOfPartition
//
- CopyMem ((UINT8 *)GptData, (UINT8*)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
+ CopyMem ((UINT8 *)GptData, (UINT8 *)PrimaryHeader, sizeof (EFI_PARTITION_TABLE_HEADER));
GptData->NumberOfPartitions = NumberOfPartition;
//
// Copy the valid partition entry
//
- PartitionEntry = (EFI_PARTITION_ENTRY*)EntryPtr;
+ PartitionEntry = (EFI_PARTITION_ENTRY *)EntryPtr;
NumberOfPartition = 0;
for (Index = 0; Index < PrimaryHeader->NumberOfPartitionEntries; Index++) {
if (!IsZeroGuid (&PartitionEntry->PartitionTypeGUID)) {
@@ -237,22 +243,23 @@ TcgMeasureGptTable ( );
NumberOfPartition++;
}
- PartitionEntry =(EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
+
+ PartitionEntry = (EFI_PARTITION_ENTRY *)((UINT8 *)PartitionEntry + PrimaryHeader->SizeOfPartitionEntry);
}
//
// Measure the GPT data
//
EventNumber = 1;
- Status = TcgProtocol->HashLogExtendEvent (
- TcgProtocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) (VOID *) GptData,
- (UINT64) TcgEvent->EventSize,
- TPM_ALG_SHA,
- TcgEvent,
- &EventNumber,
- &EventLogLastEntry
- );
+ Status = TcgProtocol->HashLogExtendEvent (
+ TcgProtocol,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)(VOID *)GptData,
+ (UINT64)TcgEvent->EventSize,
+ TPM_ALG_SHA,
+ TcgEvent,
+ &EventNumber,
+ &EventLogLastEntry
+ );
if (!EFI_ERROR (Status)) {
mMeasureGptCount++;
}
@@ -326,19 +333,19 @@ TcgMeasurePeImage ( ImageLoad = NULL;
SectionHeader = NULL;
Sha1Ctx = NULL;
- FilePathSize = (UINT32) GetDevicePathSize (FilePath);
+ FilePathSize = (UINT32)GetDevicePathSize (FilePath);
//
// Determine destination PCR by BootPolicy
//
EventSize = sizeof (*ImageLoad) - sizeof (ImageLoad->DevicePath) + FilePathSize;
- TcgEvent = AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT));
+ TcgEvent = AllocateZeroPool (EventSize + sizeof (TCG_PCR_EVENT));
if (TcgEvent == NULL) {
return EFI_OUT_OF_RESOURCES;
}
TcgEvent->EventSize = EventSize;
- ImageLoad = (EFI_IMAGE_LOAD_EVENT *) TcgEvent->Event;
+ ImageLoad = (EFI_IMAGE_LOAD_EVENT *)TcgEvent->Event;
switch (ImageType) {
case EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION:
@@ -373,13 +380,13 @@ TcgMeasurePeImage ( //
// Check PE/COFF image
//
- DosHdr = (EFI_IMAGE_DOS_HEADER *) (UINTN) ImageAddress;
+ DosHdr = (EFI_IMAGE_DOS_HEADER *)(UINTN)ImageAddress;
PeCoffHeaderOffset = 0;
if (DosHdr->e_magic == EFI_IMAGE_DOS_SIGNATURE) {
PeCoffHeaderOffset = DosHdr->e_lfanew;
}
- Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *) (UINTN) ImageAddress + PeCoffHeaderOffset);
+ Hdr.Pe32 = (EFI_IMAGE_NT_HEADERS32 *)((UINT8 *)(UINTN)ImageAddress + PeCoffHeaderOffset);
if (Hdr.Pe32->Signature != EFI_IMAGE_NT_SIGNATURE) {
goto Finish;
}
@@ -416,19 +423,19 @@ TcgMeasurePeImage ( // 3. Calculate the distance from the base of the image header to the image checksum address.
// 4. Hash the image header from its base to beginning of the image checksum.
//
- HashBase = (UINT8 *) (UINTN) ImageAddress;
+ HashBase = (UINT8 *)(UINTN)ImageAddress;
if (Hdr.Pe32->OptionalHeader.Magic == EFI_IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
//
// Use PE32 offset
//
NumberOfRvaAndSizes = Hdr.Pe32->OptionalHeader.NumberOfRvaAndSizes;
- HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.CheckSum) - (UINTN)HashBase;
} else {
//
// Use PE32+ offset
//
NumberOfRvaAndSizes = Hdr.Pe32Plus->OptionalHeader.NumberOfRvaAndSizes;
- HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN) HashBase;
+ HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.CheckSum) - (UINTN)HashBase;
}
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
@@ -448,18 +455,18 @@ TcgMeasurePeImage ( //
// Use PE32 offset.
//
- HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+ HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
} else {
//
// Use PE32+ offset.
//
- HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+ HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
}
if (HashSize != 0) {
- HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
+ HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
goto Finish;
}
@@ -472,18 +479,18 @@ TcgMeasurePeImage ( //
// Use PE32 offset
//
- HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) (&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN)(&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
} else {
//
// Use PE32+ offset
//
- HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
- HashSize = (UINTN) (&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN) HashBase;
+ HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.CheckSum + sizeof (UINT32);
+ HashSize = (UINTN)(&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY]) - (UINTN)HashBase;
}
if (HashSize != 0) {
- HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
+ HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
goto Finish;
}
@@ -497,18 +504,18 @@ TcgMeasurePeImage ( //
// Use PE32 offset
//
- HashBase = (UINT8 *) &Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+ HashBase = (UINT8 *)&Hdr.Pe32->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = Hdr.Pe32->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
} else {
//
// Use PE32+ offset
//
- HashBase = (UINT8 *) &Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
- HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN) (HashBase - ImageAddress);
+ HashBase = (UINT8 *)&Hdr.Pe32Plus->OptionalHeader.DataDirectory[EFI_IMAGE_DIRECTORY_ENTRY_SECURITY + 1];
+ HashSize = Hdr.Pe32Plus->OptionalHeader.SizeOfHeaders - (UINTN)(HashBase - ImageAddress);
}
if (HashSize != 0) {
- HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
+ HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
goto Finish;
}
@@ -536,7 +543,7 @@ TcgMeasurePeImage ( // header indicates how big the table should be. Do not include any
// IMAGE_SECTION_HEADERs in the table whose 'SizeOfRawData' field is zero.
//
- SectionHeader = (EFI_IMAGE_SECTION_HEADER *) AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);
+ SectionHeader = (EFI_IMAGE_SECTION_HEADER *)AllocateZeroPool (sizeof (EFI_IMAGE_SECTION_HEADER) * Hdr.Pe32->FileHeader.NumberOfSections);
if (SectionHeader == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Finish;
@@ -548,20 +555,21 @@ TcgMeasurePeImage ( // words, sort the section headers according to the disk-file offset of
// the section.
//
- Section = (EFI_IMAGE_SECTION_HEADER *) (
- (UINT8 *) (UINTN) ImageAddress +
- PeCoffHeaderOffset +
- sizeof(UINT32) +
- sizeof(EFI_IMAGE_FILE_HEADER) +
- Hdr.Pe32->FileHeader.SizeOfOptionalHeader
- );
+ Section = (EFI_IMAGE_SECTION_HEADER *)(
+ (UINT8 *)(UINTN)ImageAddress +
+ PeCoffHeaderOffset +
+ sizeof (UINT32) +
+ sizeof (EFI_IMAGE_FILE_HEADER) +
+ Hdr.Pe32->FileHeader.SizeOfOptionalHeader
+ );
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
Pos = Index;
while ((Pos > 0) && (Section->PointerToRawData < SectionHeader[Pos - 1].PointerToRawData)) {
- CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof(EFI_IMAGE_SECTION_HEADER));
+ CopyMem (&SectionHeader[Pos], &SectionHeader[Pos - 1], sizeof (EFI_IMAGE_SECTION_HEADER));
Pos--;
}
- CopyMem (&SectionHeader[Pos], Section, sizeof(EFI_IMAGE_SECTION_HEADER));
+
+ CopyMem (&SectionHeader[Pos], Section, sizeof (EFI_IMAGE_SECTION_HEADER));
Section += 1;
}
@@ -573,12 +581,13 @@ TcgMeasurePeImage ( // 15. Repeat steps 13 and 14 for all the sections in the sorted table.
//
for (Index = 0; Index < Hdr.Pe32->FileHeader.NumberOfSections; Index++) {
- Section = (EFI_IMAGE_SECTION_HEADER *) &SectionHeader[Index];
+ Section = (EFI_IMAGE_SECTION_HEADER *)&SectionHeader[Index];
if (Section->SizeOfRawData == 0) {
continue;
}
- HashBase = (UINT8 *) (UINTN) ImageAddress + Section->PointerToRawData;
- HashSize = (UINTN) Section->SizeOfRawData;
+
+ HashBase = (UINT8 *)(UINTN)ImageAddress + Section->PointerToRawData;
+ HashSize = (UINTN)Section->SizeOfRawData;
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
@@ -595,7 +604,7 @@ TcgMeasurePeImage ( // FileSize - (CertDirectory->Size)
//
if (ImageSize > SumOfBytesHashed) {
- HashBase = (UINT8 *) (UINTN) ImageAddress + SumOfBytesHashed;
+ HashBase = (UINT8 *)(UINTN)ImageAddress + SumOfBytesHashed;
if (NumberOfRvaAndSizes <= EFI_IMAGE_DIRECTORY_ENTRY_SECURITY) {
CertSize = 0;
@@ -614,7 +623,7 @@ TcgMeasurePeImage ( }
if (ImageSize > CertSize + SumOfBytesHashed) {
- HashSize = (UINTN) (ImageSize - CertSize - SumOfBytesHashed);
+ HashSize = (UINTN)(ImageSize - CertSize - SumOfBytesHashed);
HashStatus = Sha1Update (Sha1Ctx, HashBase, HashSize);
if (!HashStatus) {
@@ -628,7 +637,7 @@ TcgMeasurePeImage ( //
// 17. Finalize the SHA hash.
//
- HashStatus = Sha1Final (Sha1Ctx, (UINT8 *) &TcgEvent->Digest);
+ HashStatus = Sha1Final (Sha1Ctx, (UINT8 *)&TcgEvent->Digest);
if (!HashStatus) {
goto Finish;
}
@@ -637,15 +646,15 @@ TcgMeasurePeImage ( // Log the PE data
//
EventNumber = 1;
- Status = TcgProtocol->HashLogExtendEvent (
- TcgProtocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) (VOID *) NULL,
- 0,
- TPM_ALG_SHA,
- TcgEvent,
- &EventNumber,
- &EventLogLastEntry
- );
+ Status = TcgProtocol->HashLogExtendEvent (
+ TcgProtocol,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)(VOID *)NULL,
+ 0,
+ TPM_ALG_SHA,
+ TcgEvent,
+ &EventNumber,
+ &EventLogLastEntry
+ );
if (Status == EFI_OUT_OF_RESOURCES) {
//
// Out of resource here means the image is hashed and its result is extended to PCR.
@@ -665,6 +674,7 @@ Finish: if (Sha1Ctx != NULL ) {
FreePool (Sha1Ctx);
}
+
return Status;
}
@@ -709,11 +719,11 @@ Finish: EFI_STATUS
EFIAPI
DxeTpmMeasureBootHandler (
- IN UINT32 AuthenticationStatus,
- IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
- IN VOID *FileBuffer,
- IN UINTN FileSize,
- IN BOOLEAN BootPolicy
+ IN UINT32 AuthenticationStatus,
+ IN CONST EFI_DEVICE_PATH_PROTOCOL *File OPTIONAL,
+ IN VOID *FileBuffer,
+ IN UINTN FileSize,
+ IN BOOLEAN BootPolicy
)
{
EFI_TCG_PROTOCOL *TcgProtocol;
@@ -732,7 +742,7 @@ DxeTpmMeasureBootHandler ( EFI_PHYSICAL_ADDRESS FvAddress;
UINT32 Index;
- Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol);
+ Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
if (EFI_ERROR (Status)) {
//
// TCG protocol is not installed. So, TPM is not present.
@@ -741,14 +751,14 @@ DxeTpmMeasureBootHandler ( return EFI_SUCCESS;
}
- ProtocolCapability.Size = (UINT8) sizeof (ProtocolCapability);
- Status = TcgProtocol->StatusCheck (
- TcgProtocol,
- &ProtocolCapability,
- &TCGFeatureFlags,
- &EventLogLocation,
- &EventLogLastEntry
- );
+ ProtocolCapability.Size = (UINT8)sizeof (ProtocolCapability);
+ Status = TcgProtocol->StatusCheck (
+ TcgProtocol,
+ &ProtocolCapability,
+ &TCGFeatureFlags,
+ &EventLogLocation,
+ &EventLogLastEntry
+ );
if (EFI_ERROR (Status) || ProtocolCapability.TPMDeactivatedFlag || (!ProtocolCapability.TPMPresentFlag)) {
//
// TPM device doesn't work or activate.
@@ -766,7 +776,7 @@ DxeTpmMeasureBootHandler ( // Is so, this device path may be a GPT device path.
//
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePathNode, &Handle);
+ Status = gBS->LocateDevicePath (&gEfiBlockIoProtocolGuid, &DevicePathNode, &Handle);
if (!EFI_ERROR (Status) && !mMeasureGptTableFlag) {
//
// Find the gpt partition on the given devicepath
@@ -777,25 +787,26 @@ DxeTpmMeasureBootHandler ( //
// Find the Gpt partition
//
- if (DevicePathType (DevicePathNode) == MEDIA_DEVICE_PATH &&
- DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP) {
+ if ((DevicePathType (DevicePathNode) == MEDIA_DEVICE_PATH) &&
+ (DevicePathSubType (DevicePathNode) == MEDIA_HARDDRIVE_DP))
+ {
//
// Check whether it is a gpt partition or not
//
- if (((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER &&
- ((HARDDRIVE_DEVICE_PATH *) DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID) {
-
+ if ((((HARDDRIVE_DEVICE_PATH *)DevicePathNode)->MBRType == MBR_TYPE_EFI_PARTITION_TABLE_HEADER) &&
+ (((HARDDRIVE_DEVICE_PATH *)DevicePathNode)->SignatureType == SIGNATURE_TYPE_GUID))
+ {
//
// Change the partition device path to its parent device path (disk) and get the handle.
//
DevicePathNode->Type = END_DEVICE_PATH_TYPE;
DevicePathNode->SubType = END_ENTIRE_DEVICE_PATH_SUBTYPE;
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (
- &gEfiDiskIoProtocolGuid,
- &DevicePathNode,
- &Handle
- );
+ Status = gBS->LocateDevicePath (
+ &gEfiDiskIoProtocolGuid,
+ &DevicePathNode,
+ &Handle
+ );
if (!EFI_ERROR (Status)) {
//
// Measure GPT disk.
@@ -808,13 +819,15 @@ DxeTpmMeasureBootHandler ( mMeasureGptTableFlag = TRUE;
}
}
+
FreePool (OrigDevicePathNode);
OrigDevicePathNode = DuplicateDevicePath (File);
ASSERT (OrigDevicePathNode != NULL);
break;
}
}
- DevicePathNode = NextDevicePathNode (DevicePathNode);
+
+ DevicePathNode = NextDevicePathNode (DevicePathNode);
}
}
@@ -827,7 +840,7 @@ DxeTpmMeasureBootHandler ( // Check whether this device path support FVB protocol.
//
DevicePathNode = OrigDevicePathNode;
- Status = gBS->LocateDevicePath (&gEfiFirmwareVolumeBlockProtocolGuid, &DevicePathNode, &Handle);
+ Status = gBS->LocateDevicePath (&gEfiFirmwareVolumeBlockProtocolGuid, &DevicePathNode, &Handle);
if (!EFI_ERROR (Status)) {
//
// Don't check FV image, and directly return EFI_SUCCESS.
@@ -836,6 +849,7 @@ DxeTpmMeasureBootHandler ( if (IsDevicePathEnd (DevicePathNode)) {
return EFI_SUCCESS;
}
+
//
// The PE image from unmeasured Firmware volume need be measured
// The PE image from measured Firmware volume will be measured according to policy below.
@@ -844,32 +858,32 @@ DxeTpmMeasureBootHandler ( //
ApplicationRequired = TRUE;
- if (mCacheMeasuredHandle != Handle && mMeasuredHobData != NULL) {
+ if ((mCacheMeasuredHandle != Handle) && (mMeasuredHobData != NULL)) {
//
// Search for Root FV of this PE image
//
TempHandle = Handle;
do {
- Status = gBS->HandleProtocol(
+ Status = gBS->HandleProtocol (
TempHandle,
&gEfiFirmwareVolumeBlockProtocolGuid,
- (VOID**)&FvbProtocol
+ (VOID **)&FvbProtocol
);
TempHandle = FvbProtocol->ParentHandle;
- } while (!EFI_ERROR(Status) && FvbProtocol->ParentHandle != NULL);
+ } while (!EFI_ERROR (Status) && FvbProtocol->ParentHandle != NULL);
//
// Search in measured FV Hob
//
- Status = FvbProtocol->GetPhysicalAddress(FvbProtocol, &FvAddress);
- if (EFI_ERROR(Status)){
+ Status = FvbProtocol->GetPhysicalAddress (FvbProtocol, &FvAddress);
+ if (EFI_ERROR (Status)) {
return Status;
}
ApplicationRequired = FALSE;
for (Index = 0; Index < mMeasuredHobData->Num; Index++) {
- if(mMeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
+ if (mMeasuredHobData->MeasuredFvBuf[Index].BlobBase == FvAddress) {
//
// Cache measured FV for next measurement
//
@@ -889,16 +903,16 @@ DxeTpmMeasureBootHandler ( goto Finish;
}
- mTpmImageSize = FileSize;
- mFileBuffer = FileBuffer;
+ mTpmImageSize = FileSize;
+ mFileBuffer = FileBuffer;
//
// Measure PE Image
//
DevicePathNode = OrigDevicePathNode;
ZeroMem (&ImageContext, sizeof (ImageContext));
- ImageContext.Handle = (VOID *) FileBuffer;
- ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE) DxeTpmMeasureBootLibImageRead;
+ ImageContext.Handle = (VOID *)FileBuffer;
+ ImageContext.ImageRead = (PE_COFF_LOADER_READ_FILE)DxeTpmMeasureBootLibImageRead;
//
// Get information about the image being loaded
@@ -923,21 +937,23 @@ DxeTpmMeasureBootHandler ( // Measure drivers and applications if Application flag is not set
//
if ((!ApplicationRequired) ||
- (ApplicationRequired && ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)) {
+ (ApplicationRequired && (ImageContext.ImageType == EFI_IMAGE_SUBSYSTEM_EFI_APPLICATION)))
+ {
//
// Print the image path to be measured.
//
DEBUG_CODE_BEGIN ();
- CHAR16 *ToText;
- ToText = ConvertDevicePathToText (
- DevicePathNode,
- FALSE,
- TRUE
- );
- if (ToText != NULL) {
- DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
- FreePool (ToText);
- }
+ CHAR16 *ToText;
+ ToText = ConvertDevicePathToText (
+ DevicePathNode,
+ FALSE,
+ TRUE
+ );
+ if (ToText != NULL) {
+ DEBUG ((DEBUG_INFO, "The measured image path is %s.\n", ToText));
+ FreePool (ToText);
+ }
+
DEBUG_CODE_END ();
//
@@ -945,9 +961,9 @@ DxeTpmMeasureBootHandler ( //
Status = TcgMeasurePeImage (
TcgProtocol,
- (EFI_PHYSICAL_ADDRESS) (UINTN) FileBuffer,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)FileBuffer,
FileSize,
- (UINTN) ImageContext.ImageAddress,
+ (UINTN)ImageContext.ImageAddress,
ImageContext.ImageType,
DevicePathNode
);
@@ -991,7 +1007,7 @@ DxeTpmMeasureBootLibConstructor ( }
return RegisterSecurity2Handler (
- DxeTpmMeasureBootHandler,
- EFI_AUTH_OPERATION_MEASURE_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
- );
+ DxeTpmMeasureBootHandler,
+ EFI_AUTH_OPERATION_MEASURE_IMAGE | EFI_AUTH_OPERATION_IMAGE_REQUIRED
+ );
}
diff --git a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c index 061136ee78..d014ea4aec 100644 --- a/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c +++ b/SecurityPkg/Library/DxeTpmMeasurementLib/DxeTpmMeasurementLib.c @@ -20,8 +20,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Guid/Acpi.h>
#include <IndustryStandard/Acpi.h>
-
-
/**
Tpm12 measure and log data, and extend the measurement result into a specific PCR.
@@ -39,32 +37,32 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
EFI_STATUS
Tpm12MeasureAndLogData (
- IN UINT32 PcrIndex,
- IN UINT32 EventType,
- IN VOID *EventLog,
- IN UINT32 LogLen,
- IN VOID *HashData,
- IN UINT64 HashDataLen
+ IN UINT32 PcrIndex,
+ IN UINT32 EventType,
+ IN VOID *EventLog,
+ IN UINT32 LogLen,
+ IN VOID *HashData,
+ IN UINT64 HashDataLen
)
{
- EFI_STATUS Status;
- EFI_TCG_PROTOCOL *TcgProtocol;
- TCG_PCR_EVENT *TcgEvent;
- EFI_PHYSICAL_ADDRESS EventLogLastEntry;
- UINT32 EventNumber;
+ EFI_STATUS Status;
+ EFI_TCG_PROTOCOL *TcgProtocol;
+ TCG_PCR_EVENT *TcgEvent;
+ EFI_PHYSICAL_ADDRESS EventLogLastEntry;
+ UINT32 EventNumber;
TcgEvent = NULL;
//
// Tpm activation state is checked in HashLogExtendEvent
//
- Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &TcgProtocol);
- if (EFI_ERROR(Status)){
+ Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&TcgProtocol);
+ if (EFI_ERROR (Status)) {
return Status;
}
TcgEvent = (TCG_PCR_EVENT *)AllocateZeroPool (sizeof (TCG_PCR_EVENT_HDR) + LogLen);
- if(TcgEvent == NULL) {
+ if (TcgEvent == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -73,15 +71,15 @@ Tpm12MeasureAndLogData ( TcgEvent->EventSize = LogLen;
CopyMem (&TcgEvent->Event[0], EventLog, LogLen);
EventNumber = 1;
- Status = TcgProtocol->HashLogExtendEvent (
- TcgProtocol,
- (EFI_PHYSICAL_ADDRESS)(UINTN)HashData,
- HashDataLen,
- TPM_ALG_SHA,
- TcgEvent,
- &EventNumber,
- &EventLogLastEntry
- );
+ Status = TcgProtocol->HashLogExtendEvent (
+ TcgProtocol,
+ (EFI_PHYSICAL_ADDRESS)(UINTN)HashData,
+ HashDataLen,
+ TPM_ALG_SHA,
+ TcgEvent,
+ &EventNumber,
+ &EventLogLastEntry
+ );
FreePool (TcgEvent);
@@ -105,33 +103,33 @@ Tpm12MeasureAndLogData ( **/
EFI_STATUS
Tpm20MeasureAndLogData (
- IN UINT32 PcrIndex,
- IN UINT32 EventType,
- IN VOID *EventLog,
- IN UINT32 LogLen,
- IN VOID *HashData,
- IN UINT64 HashDataLen
+ IN UINT32 PcrIndex,
+ IN UINT32 EventType,
+ IN VOID *EventLog,
+ IN UINT32 LogLen,
+ IN VOID *HashData,
+ IN UINT64 HashDataLen
)
{
- EFI_STATUS Status;
- EFI_TCG2_PROTOCOL *Tcg2Protocol;
- EFI_TCG2_EVENT *Tcg2Event;
+ EFI_STATUS Status;
+ EFI_TCG2_PROTOCOL *Tcg2Protocol;
+ EFI_TCG2_EVENT *Tcg2Event;
//
// TPMPresentFlag is checked in HashLogExtendEvent
//
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &Tcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&Tcg2Protocol);
if (EFI_ERROR (Status)) {
return Status;
}
- Tcg2Event = (EFI_TCG2_EVENT *) AllocateZeroPool (LogLen + sizeof (EFI_TCG2_EVENT));
- if(Tcg2Event == NULL) {
+ Tcg2Event = (EFI_TCG2_EVENT *)AllocateZeroPool (LogLen + sizeof (EFI_TCG2_EVENT));
+ if (Tcg2Event == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- Tcg2Event->Size = (UINT32)LogLen + sizeof (EFI_TCG2_EVENT) - sizeof(Tcg2Event->Event);
- Tcg2Event->Header.HeaderSize = sizeof(EFI_TCG2_EVENT_HEADER);
+ Tcg2Event->Size = (UINT32)LogLen + sizeof (EFI_TCG2_EVENT) - sizeof (Tcg2Event->Event);
+ Tcg2Event->Header.HeaderSize = sizeof (EFI_TCG2_EVENT_HEADER);
Tcg2Event->Header.HeaderVersion = EFI_TCG2_EVENT_HEADER_VERSION;
Tcg2Event->Header.PCRIndex = PcrIndex;
Tcg2Event->Header.EventType = EventType;
@@ -167,12 +165,12 @@ Tpm20MeasureAndLogData ( EFI_STATUS
EFIAPI
TpmMeasureAndLogData (
- IN UINT32 PcrIndex,
- IN UINT32 EventType,
- IN VOID *EventLog,
- IN UINT32 LogLen,
- IN VOID *HashData,
- IN UINT64 HashDataLen
+ IN UINT32 PcrIndex,
+ IN UINT32 EventType,
+ IN VOID *EventLog,
+ IN UINT32 LogLen,
+ IN VOID *HashData,
+ IN UINT64 HashDataLen
)
{
EFI_STATUS Status;
@@ -180,7 +178,7 @@ TpmMeasureAndLogData ( //
// Try to measure using Tpm20 protocol
//
- Status = Tpm20MeasureAndLogData(
+ Status = Tpm20MeasureAndLogData (
PcrIndex,
EventType,
EventLog,
@@ -193,7 +191,7 @@ TpmMeasureAndLogData ( //
// Try to measure using Tpm1.2 protocol
//
- Status = Tpm12MeasureAndLogData(
+ Status = Tpm12MeasureAndLogData (
PcrIndex,
EventType,
EventLog,
diff --git a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c index effe165885..9179f000fa 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c +++ b/SecurityPkg/Library/FmpAuthenticationLibPkcs7/FmpAuthenticationLibPkcs7.c @@ -62,36 +62,36 @@ FmpAuthenticatedHandlerPkcs7 ( IN UINTN PublicKeyDataLength
)
{
- RETURN_STATUS Status;
- BOOLEAN CryptoStatus;
- VOID *P7Data;
- UINTN P7Length;
- VOID *TempBuffer;
+ RETURN_STATUS Status;
+ BOOLEAN CryptoStatus;
+ VOID *P7Data;
+ UINTN P7Length;
+ VOID *TempBuffer;
- DEBUG((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
+ DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
- P7Length = Image->AuthInfo.Hdr.dwLength - (OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData));
- P7Data = Image->AuthInfo.CertData;
+ P7Length = Image->AuthInfo.Hdr.dwLength - (OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData));
+ P7Data = Image->AuthInfo.CertData;
// It is a signature across the variable data and the Monotonic Count value.
- TempBuffer = AllocatePool(ImageSize - Image->AuthInfo.Hdr.dwLength);
+ TempBuffer = AllocatePool (ImageSize - Image->AuthInfo.Hdr.dwLength);
if (TempBuffer == NULL) {
- DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: TempBuffer == NULL\n"));
+ DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: TempBuffer == NULL\n"));
Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
- CopyMem(
+ CopyMem (
TempBuffer,
- (UINT8 *)Image + sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
- ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
+ (UINT8 *)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
+ ImageSize - sizeof (Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
);
- CopyMem(
- (UINT8 *)TempBuffer + ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength,
+ CopyMem (
+ (UINT8 *)TempBuffer + ImageSize - sizeof (Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength,
&Image->MonotonicCount,
- sizeof(Image->MonotonicCount)
+ sizeof (Image->MonotonicCount)
);
- CryptoStatus = Pkcs7Verify(
+ CryptoStatus = Pkcs7Verify (
P7Data,
P7Length,
PublicKeyData,
@@ -99,16 +99,17 @@ FmpAuthenticatedHandlerPkcs7 ( (UINT8 *)TempBuffer,
ImageSize - Image->AuthInfo.Hdr.dwLength
);
- FreePool(TempBuffer);
+ FreePool (TempBuffer);
if (!CryptoStatus) {
//
// If PKCS7 signature verification fails, AUTH tested failed bit is set.
//
- DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: Pkcs7Verify() failed\n"));
+ DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerPkcs7: Pkcs7Verify() failed\n"));
Status = RETURN_SECURITY_VIOLATION;
goto Done;
}
- DEBUG((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7: PASS verification\n"));
+
+ DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerPkcs7: PASS verification\n"));
Status = RETURN_SUCCESS;
@@ -160,40 +161,45 @@ AuthenticateFmpImage ( IN UINTN PublicKeyDataLength
)
{
- GUID *CertType;
- EFI_STATUS Status;
+ GUID *CertType;
+ EFI_STATUS Status;
if ((Image == NULL) || (ImageSize == 0)) {
return RETURN_UNSUPPORTED;
}
- if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+ if (ImageSize < sizeof (EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;
}
- if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
+
+ if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
return RETURN_INVALID_PARAMETER;
}
- if ((UINTN) Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
+
+ if ((UINTN)Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof (UINT64)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
return RETURN_INVALID_PARAMETER;
}
- if (ImageSize <= sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+
+ if (ImageSize <= sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;
}
+
if (Image->AuthInfo.Hdr.wRevision != 0x0200) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
return RETURN_INVALID_PARAMETER;
}
+
if (Image->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
return RETURN_INVALID_PARAMETER;
}
CertType = &Image->AuthInfo.CertType;
- DEBUG((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
+ DEBUG ((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
if (CompareGuid (&gEfiCertPkcs7Guid, CertType)) {
//
@@ -213,4 +219,3 @@ AuthenticateFmpImage ( //
return RETURN_UNSUPPORTED;
}
-
diff --git a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c index 41fb67efaf..248b1841ab 100644 --- a/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c +++ b/SecurityPkg/Library/FmpAuthenticationLibRsa2048Sha256/FmpAuthenticationLibRsa2048Sha256.c @@ -34,7 +34,7 @@ ///
/// Public Exponent of RSA Key.
///
-STATIC CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
+STATIC CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
/**
The handler is used to do the authentication for FMP capsule based upon
@@ -67,30 +67,30 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( IN UINTN PublicKeyDataLength
)
{
- RETURN_STATUS Status;
- EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlockRsa2048Sha256;
- BOOLEAN CryptoStatus;
- UINT8 Digest[SHA256_DIGEST_SIZE];
- UINT8 *PublicKey;
- UINTN PublicKeyBufferSize;
- VOID *HashContext;
- VOID *Rsa;
+ RETURN_STATUS Status;
+ EFI_CERT_BLOCK_RSA_2048_SHA256 *CertBlockRsa2048Sha256;
+ BOOLEAN CryptoStatus;
+ UINT8 Digest[SHA256_DIGEST_SIZE];
+ UINT8 *PublicKey;
+ UINTN PublicKeyBufferSize;
+ VOID *HashContext;
+ VOID *Rsa;
DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256 - Image: 0x%08x - 0x%08x\n", (UINTN)Image, (UINTN)ImageSize));
- if (Image->AuthInfo.Hdr.dwLength != OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256)) {
- DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN)Image->AuthInfo.Hdr.dwLength, (UINTN)OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof(EFI_CERT_BLOCK_RSA_2048_SHA256)));
+ if (Image->AuthInfo.Hdr.dwLength != OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256)) {
+ DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - dwLength: 0x%04x, dwLength - 0x%04x\n", (UINTN)Image->AuthInfo.Hdr.dwLength, (UINTN)OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData) + sizeof (EFI_CERT_BLOCK_RSA_2048_SHA256)));
return RETURN_INVALID_PARAMETER;
}
CertBlockRsa2048Sha256 = (EFI_CERT_BLOCK_RSA_2048_SHA256 *)Image->AuthInfo.CertData;
- if (!CompareGuid(&CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid)) {
- DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid));
+ if (!CompareGuid (&CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid)) {
+ DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256 - HashType: %g, expect - %g\n", &CertBlockRsa2048Sha256->HashType, &gEfiHashAlgorithmSha256Guid));
return RETURN_INVALID_PARAMETER;
}
HashContext = NULL;
- Rsa = NULL;
+ Rsa = NULL;
//
// Allocate hash context buffer required for SHA 256
@@ -113,13 +113,15 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
- CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+
+ CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
@@ -129,17 +131,19 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( //
// Fail if the PublicKey is not one of the public keys in the input PublicKeyData.
//
- PublicKey = (VOID *)PublicKeyData;
+ PublicKey = (VOID *)PublicKeyData;
PublicKeyBufferSize = PublicKeyDataLength;
- CryptoStatus = FALSE;
+ CryptoStatus = FALSE;
while (PublicKeyBufferSize != 0) {
if (CompareMem (Digest, PublicKey, SHA256_DIGEST_SIZE) == 0) {
CryptoStatus = TRUE;
break;
}
- PublicKey = PublicKey + SHA256_DIGEST_SIZE;
+
+ PublicKey = PublicKey + SHA256_DIGEST_SIZE;
PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
}
+
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Public key in section is not supported\n"));
Status = RETURN_SECURITY_VIOLATION;
@@ -161,12 +165,13 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( // Set RSA Key Components.
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
//
- CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+ CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
+
CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
@@ -188,25 +193,27 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( // It is a signature across the variable data and the Monotonic Count value.
CryptoStatus = Sha256Update (
HashContext,
- (UINT8 *)Image + sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
- ImageSize - sizeof(Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
+ (UINT8 *)Image + sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength,
+ ImageSize - sizeof (Image->MonotonicCount) - Image->AuthInfo.Hdr.dwLength
);
if (!CryptoStatus) {
- DEBUG((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
+ DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
+
CryptoStatus = Sha256Update (
HashContext,
(UINT8 *)&Image->MonotonicCount,
- sizeof(Image->MonotonicCount)
+ sizeof (Image->MonotonicCount)
);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Update() failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "FmpAuthenticatedHandlerRsa2048Sha256: Sha256Final() failed\n"));
Status = RETURN_OUT_OF_RESOURCES;
@@ -231,6 +238,7 @@ FmpAuthenticatedHandlerRsa2048Sha256 ( Status = RETURN_SECURITY_VIOLATION;
goto Done;
}
+
DEBUG ((DEBUG_INFO, "FmpAuthenticatedHandlerRsa2048Sha256: PASS verification\n"));
Status = RETURN_SUCCESS;
@@ -242,6 +250,7 @@ Done: if (Rsa != NULL) {
RsaFree (Rsa);
}
+
if (HashContext != NULL) {
FreePool (HashContext);
}
@@ -293,8 +302,8 @@ AuthenticateFmpImage ( IN UINTN PublicKeyDataLength
)
{
- GUID *CertType;
- EFI_STATUS Status;
+ GUID *CertType;
+ EFI_STATUS Status;
if ((Image == NULL) || (ImageSize == 0)) {
return RETURN_UNSUPPORTED;
@@ -305,33 +314,38 @@ AuthenticateFmpImage ( return RETURN_UNSUPPORTED;
}
- if (ImageSize < sizeof(EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+ if (ImageSize < sizeof (EFI_FIRMWARE_IMAGE_AUTHENTICATION)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;
}
- if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF(WIN_CERTIFICATE_UEFI_GUID, CertData)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
+
+ if (Image->AuthInfo.Hdr.dwLength <= OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too small\n"));
return RETURN_INVALID_PARAMETER;
}
- if ((UINTN) Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof(UINT64)) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
+
+ if ((UINTN)Image->AuthInfo.Hdr.dwLength > MAX_UINTN - sizeof (UINT64)) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - dwLength too big\n"));
return RETURN_INVALID_PARAMETER;
}
- if (ImageSize <= sizeof(Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
+
+ if (ImageSize <= sizeof (Image->MonotonicCount) + Image->AuthInfo.Hdr.dwLength) {
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - ImageSize too small\n"));
return RETURN_INVALID_PARAMETER;
}
+
if (Image->AuthInfo.Hdr.wRevision != 0x0200) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wRevision: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wRevision, (UINTN)0x0200));
return RETURN_INVALID_PARAMETER;
}
+
if (Image->AuthInfo.Hdr.wCertificateType != WIN_CERT_TYPE_EFI_GUID) {
- DEBUG((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
+ DEBUG ((DEBUG_ERROR, "AuthenticateFmpImage - wCertificateType: 0x%02x, expect - 0x%02x\n", (UINTN)Image->AuthInfo.Hdr.wCertificateType, (UINTN)WIN_CERT_TYPE_EFI_GUID));
return RETURN_INVALID_PARAMETER;
}
CertType = &Image->AuthInfo.CertType;
- DEBUG((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
+ DEBUG ((DEBUG_INFO, "AuthenticateFmpImage - CertType: %g\n", CertType));
if (CompareGuid (&gEfiCertTypeRsa2048Sha256Guid, CertType)) {
//
@@ -351,4 +365,3 @@ AuthenticateFmpImage ( //
return RETURN_UNSUPPORTED;
}
-
diff --git a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c index 52521b6444..c786c2189c 100644 --- a/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c +++ b/SecurityPkg/Library/HashInstanceLibSha1/HashInstanceLibSha1.c @@ -24,11 +24,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID
Tpm2SetSha1ToDigestList (
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT8 *Sha1Digest
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT8 *Sha1Digest
)
{
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = TPM_ALG_SHA1;
CopyMem (
DigestList->digests[0].digest.sha1,
@@ -48,11 +48,11 @@ Tpm2SetSha1ToDigestList ( EFI_STATUS
EFIAPI
Sha1HashInit (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- VOID *Sha1Ctx;
- UINTN CtxSize;
+ VOID *Sha1Ctx;
+ UINTN CtxSize;
CtxSize = Sha1GetContextSize ();
Sha1Ctx = AllocatePool (CtxSize);
@@ -77,12 +77,12 @@ Sha1HashInit ( EFI_STATUS
EFIAPI
Sha1HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- VOID *Sha1Ctx;
+ VOID *Sha1Ctx;
Sha1Ctx = (VOID *)HashHandle;
Sha1Update (Sha1Ctx, DataToHash, DataToHashLen);
@@ -101,12 +101,12 @@ Sha1HashUpdate ( EFI_STATUS
EFIAPI
Sha1HashFinal (
- IN HASH_HANDLE HashHandle,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 Digest[SHA1_DIGEST_SIZE];
- VOID *Sha1Ctx;
+ UINT8 Digest[SHA1_DIGEST_SIZE];
+ VOID *Sha1Ctx;
Sha1Ctx = (VOID *)HashHandle;
Sha1Final (Sha1Ctx, Digest);
@@ -145,5 +145,6 @@ HashInstanceLibSha1Constructor ( //
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c index 760e20bae0..4387740001 100644 --- a/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c +++ b/SecurityPkg/Library/HashInstanceLibSha256/HashInstanceLibSha256.c @@ -24,11 +24,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID
Tpm2SetSha256ToDigestList (
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT8 *Sha256Digest
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT8 *Sha256Digest
)
{
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = TPM_ALG_SHA256;
CopyMem (
DigestList->digests[0].digest.sha256,
@@ -48,13 +48,13 @@ Tpm2SetSha256ToDigestList ( EFI_STATUS
EFIAPI
Sha256HashInit (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- VOID *Sha256Ctx;
- UINTN CtxSize;
+ VOID *Sha256Ctx;
+ UINTN CtxSize;
- CtxSize = Sha256GetContextSize ();
+ CtxSize = Sha256GetContextSize ();
Sha256Ctx = AllocatePool (CtxSize);
ASSERT (Sha256Ctx != NULL);
@@ -77,12 +77,12 @@ Sha256HashInit ( EFI_STATUS
EFIAPI
Sha256HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- VOID *Sha256Ctx;
+ VOID *Sha256Ctx;
Sha256Ctx = (VOID *)HashHandle;
Sha256Update (Sha256Ctx, DataToHash, DataToHashLen);
@@ -101,12 +101,12 @@ Sha256HashUpdate ( EFI_STATUS
EFIAPI
Sha256HashFinal (
- IN HASH_HANDLE HashHandle,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 Digest[SHA256_DIGEST_SIZE];
- VOID *Sha256Ctx;
+ UINT8 Digest[SHA256_DIGEST_SIZE];
+ VOID *Sha256Ctx;
Sha256Ctx = (VOID *)HashHandle;
Sha256Final (Sha256Ctx, Digest);
@@ -145,5 +145,6 @@ HashInstanceLibSha256Constructor ( //
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c index 99e2416a8e..1f21483e16 100644 --- a/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c +++ b/SecurityPkg/Library/HashInstanceLibSha384/HashInstanceLibSha384.c @@ -24,11 +24,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID
Tpm2SetSha384ToDigestList (
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT8 *Sha384Digest
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT8 *Sha384Digest
)
{
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = TPM_ALG_SHA384;
CopyMem (
DigestList->digests[0].digest.sha384,
@@ -48,13 +48,13 @@ Tpm2SetSha384ToDigestList ( EFI_STATUS
EFIAPI
Sha384HashInit (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- VOID *Sha384Ctx;
- UINTN CtxSize;
+ VOID *Sha384Ctx;
+ UINTN CtxSize;
- CtxSize = Sha384GetContextSize ();
+ CtxSize = Sha384GetContextSize ();
Sha384Ctx = AllocatePool (CtxSize);
ASSERT (Sha384Ctx != NULL);
@@ -77,12 +77,12 @@ Sha384HashInit ( EFI_STATUS
EFIAPI
Sha384HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- VOID *Sha384Ctx;
+ VOID *Sha384Ctx;
Sha384Ctx = (VOID *)HashHandle;
Sha384Update (Sha384Ctx, DataToHash, DataToHashLen);
@@ -101,12 +101,12 @@ Sha384HashUpdate ( EFI_STATUS
EFIAPI
Sha384HashFinal (
- IN HASH_HANDLE HashHandle,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 Digest[SHA384_DIGEST_SIZE];
- VOID *Sha384Ctx;
+ UINT8 Digest[SHA384_DIGEST_SIZE];
+ VOID *Sha384Ctx;
Sha384Ctx = (VOID *)HashHandle;
Sha384Final (Sha384Ctx, Digest);
@@ -145,5 +145,6 @@ HashInstanceLibSha384Constructor ( //
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c b/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c index b047791e02..e25ecb9ed6 100644 --- a/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c +++ b/SecurityPkg/Library/HashInstanceLibSha512/HashInstanceLibSha512.c @@ -23,11 +23,11 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID
Tpm2SetSha512ToDigestList (
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT8 *Sha512Digest
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT8 *Sha512Digest
)
{
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = TPM_ALG_SHA512;
CopyMem (
DigestList->digests[0].digest.sha512,
@@ -47,13 +47,13 @@ Tpm2SetSha512ToDigestList ( EFI_STATUS
EFIAPI
Sha512HashInit (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- VOID *Sha512Ctx;
- UINTN CtxSize;
+ VOID *Sha512Ctx;
+ UINTN CtxSize;
- CtxSize = Sha512GetContextSize ();
+ CtxSize = Sha512GetContextSize ();
Sha512Ctx = AllocatePool (CtxSize);
ASSERT (Sha512Ctx != NULL);
@@ -76,12 +76,12 @@ Sha512HashInit ( EFI_STATUS
EFIAPI
Sha512HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- VOID *Sha512Ctx;
+ VOID *Sha512Ctx;
Sha512Ctx = (VOID *)HashHandle;
Sha512Update (Sha512Ctx, DataToHash, DataToHashLen);
@@ -100,12 +100,12 @@ Sha512HashUpdate ( EFI_STATUS
EFIAPI
Sha512HashFinal (
- IN HASH_HANDLE HashHandle,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 Digest[SHA512_DIGEST_SIZE];
- VOID *Sha512Ctx;
+ UINT8 Digest[SHA512_DIGEST_SIZE];
+ VOID *Sha512Ctx;
Sha512Ctx = (VOID *)HashHandle;
Sha512Final (Sha512Ctx, Digest);
@@ -144,5 +144,6 @@ HashInstanceLibSha512Constructor ( //
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c index 8fd9516211..635ca1ebfb 100644 --- a/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c +++ b/SecurityPkg/Library/HashInstanceLibSm3/HashInstanceLibSm3.c @@ -23,11 +23,11 @@ **/
VOID
Tpm2SetSm3ToDigestList (
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT8 *Sm3Digest
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT8 *Sm3Digest
)
{
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = TPM_ALG_SM3_256;
CopyMem (
DigestList->digests[0].digest.sm3_256,
@@ -47,14 +47,14 @@ Tpm2SetSm3ToDigestList ( EFI_STATUS
EFIAPI
Sm3HashInit (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- VOID *Sm3Ctx;
- UINTN CtxSize;
+ VOID *Sm3Ctx;
+ UINTN CtxSize;
CtxSize = Sm3GetContextSize ();
- Sm3Ctx = AllocatePool (CtxSize);
+ Sm3Ctx = AllocatePool (CtxSize);
if (Sm3Ctx == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -78,12 +78,12 @@ Sm3HashInit ( EFI_STATUS
EFIAPI
Sm3HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- VOID *Sm3Ctx;
+ VOID *Sm3Ctx;
Sm3Ctx = (VOID *)HashHandle;
Sm3Update (Sm3Ctx, DataToHash, DataToHashLen);
@@ -102,12 +102,12 @@ Sm3HashUpdate ( EFI_STATUS
EFIAPI
Sm3HashFinal (
- IN HASH_HANDLE HashHandle,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 Digest[SM3_256_DIGEST_SIZE];
- VOID *Sm3Ctx;
+ UINT8 Digest[SM3_256_DIGEST_SIZE];
+ VOID *Sm3Ctx;
Sm3Ctx = (VOID *)HashHandle;
Sm3Final (Sm3Ctx, Digest);
@@ -146,5 +146,6 @@ HashInstanceLibSm3Constructor ( //
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.c index aec874a9e0..1013380844 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.c @@ -16,16 +16,16 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Protocol/Tcg2Protocol.h>
typedef struct {
- EFI_GUID Guid;
- UINT32 Mask;
+ EFI_GUID Guid;
+ UINT32 Mask;
} TPM2_HASH_MASK;
-TPM2_HASH_MASK mTpm2HashMask[] = {
- {HASH_ALGORITHM_SHA1_GUID, HASH_ALG_SHA1},
- {HASH_ALGORITHM_SHA256_GUID, HASH_ALG_SHA256},
- {HASH_ALGORITHM_SHA384_GUID, HASH_ALG_SHA384},
- {HASH_ALGORITHM_SHA512_GUID, HASH_ALG_SHA512},
- {HASH_ALGORITHM_SM3_256_GUID, HASH_ALG_SM3_256},
+TPM2_HASH_MASK mTpm2HashMask[] = {
+ { HASH_ALGORITHM_SHA1_GUID, HASH_ALG_SHA1 },
+ { HASH_ALGORITHM_SHA256_GUID, HASH_ALG_SHA256 },
+ { HASH_ALGORITHM_SHA384_GUID, HASH_ALG_SHA384 },
+ { HASH_ALGORITHM_SHA512_GUID, HASH_ALG_SHA512 },
+ { HASH_ALGORITHM_SM3_256_GUID, HASH_ALG_SM3_256 },
};
/**
@@ -42,11 +42,13 @@ Tpm2GetHashMaskFromAlgo ( )
{
UINTN Index;
- for (Index = 0; Index < sizeof(mTpm2HashMask)/sizeof(mTpm2HashMask[0]); Index++) {
+
+ for (Index = 0; Index < sizeof (mTpm2HashMask)/sizeof (mTpm2HashMask[0]); Index++) {
if (CompareGuid (HashGuid, &mTpm2HashMask[Index].Guid)) {
return mTpm2HashMask[Index].Mask;
}
}
+
return 0;
}
@@ -59,14 +61,14 @@ Tpm2GetHashMaskFromAlgo ( VOID
EFIAPI
Tpm2SetHashToDigestList (
- IN OUT TPML_DIGEST_VALUES *DigestList,
- IN TPML_DIGEST_VALUES *Digest
+ IN OUT TPML_DIGEST_VALUES *DigestList,
+ IN TPML_DIGEST_VALUES *Digest
)
{
CopyMem (
&DigestList->digests[DigestList->count],
&Digest->digests[0],
- sizeof(Digest->digests[0])
+ sizeof (Digest->digests[0])
);
- DigestList->count ++;
+ DigestList->count++;
}
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.h b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.h index 0736358da8..987d794028 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.h +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterCommon.h @@ -31,8 +31,8 @@ Tpm2GetHashMaskFromAlgo ( VOID
EFIAPI
Tpm2SetHashToDigestList (
- IN OUT TPML_DIGEST_VALUES *DigestList,
- IN TPML_DIGEST_VALUES *Digest
+ IN OUT TPML_DIGEST_VALUES *DigestList,
+ IN TPML_DIGEST_VALUES *Digest
);
#endif
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c index 7a0f61efbb..59639d0538 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterDxe.c @@ -19,11 +19,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include "HashLibBaseCryptoRouterCommon.h"
-HASH_INTERFACE mHashInterface[HASH_COUNT] = {{{0}, NULL, NULL, NULL}};
-UINTN mHashInterfaceCount = 0;
+HASH_INTERFACE mHashInterface[HASH_COUNT] = {
+ {
+ { 0 }, NULL, NULL, NULL
+ }
+};
+UINTN mHashInterfaceCount = 0;
-UINT32 mSupportedHashMaskLast = 0;
-UINT32 mSupportedHashMaskCurrent = 0;
+UINT32 mSupportedHashMaskLast = 0;
+UINT32 mSupportedHashMaskCurrent = 0;
/**
Check mismatch of supported HashMask between modules
@@ -57,7 +61,7 @@ CheckSupportedHashMaskMismatch ( EFI_STATUS
EFIAPI
HashStart (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
HASH_HANDLE *HashCtx;
@@ -70,7 +74,7 @@ HashStart ( CheckSupportedHashMaskMismatch ();
- HashCtx = AllocatePool (sizeof(*HashCtx) * mHashInterfaceCount);
+ HashCtx = AllocatePool (sizeof (*HashCtx) * mHashInterfaceCount);
ASSERT (HashCtx != NULL);
for (Index = 0; Index < mHashInterfaceCount; Index++) {
@@ -97,9 +101,9 @@ HashStart ( EFI_STATUS
EFIAPI
HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
HASH_HANDLE *HashCtx;
@@ -138,18 +142,18 @@ HashUpdate ( EFI_STATUS
EFIAPI
HashCompleteAndExtend (
- IN HASH_HANDLE HashHandle,
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- TPML_DIGEST_VALUES Digest;
- HASH_HANDLE *HashCtx;
- UINTN Index;
- EFI_STATUS Status;
- UINT32 HashMask;
+ TPML_DIGEST_VALUES Digest;
+ HASH_HANDLE *HashCtx;
+ UINTN Index;
+ EFI_STATUS Status;
+ UINT32 HashMask;
if (mHashInterfaceCount == 0) {
return EFI_UNSUPPORTED;
@@ -158,7 +162,7 @@ HashCompleteAndExtend ( CheckSupportedHashMaskMismatch ();
HashCtx = (HASH_HANDLE *)HashHandle;
- ZeroMem (DigestList, sizeof(*DigestList));
+ ZeroMem (DigestList, sizeof (*DigestList));
for (Index = 0; Index < mHashInterfaceCount; Index++) {
HashMask = Tpm2GetHashMaskFromAlgo (&mHashInterface[Index].HashGuid);
@@ -191,14 +195,14 @@ HashCompleteAndExtend ( EFI_STATUS
EFIAPI
HashAndExtend (
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- HASH_HANDLE HashHandle;
- EFI_STATUS Status;
+ HASH_HANDLE HashHandle;
+ EFI_STATUS Status;
if (mHashInterfaceCount == 0) {
return EFI_UNSUPPORTED;
@@ -225,12 +229,12 @@ HashAndExtend ( EFI_STATUS
EFIAPI
RegisterHashInterfaceLib (
- IN HASH_INTERFACE *HashInterface
+ IN HASH_INTERFACE *HashInterface
)
{
- UINTN Index;
- UINT32 HashMask;
- EFI_STATUS Status;
+ UINTN Index;
+ UINT32 HashMask;
+ EFI_STATUS Status;
//
// Check allow
@@ -240,7 +244,7 @@ RegisterHashInterfaceLib ( return EFI_UNSUPPORTED;
}
- if (mHashInterfaceCount >= sizeof(mHashInterface)/sizeof(mHashInterface[0])) {
+ if (mHashInterfaceCount >= sizeof (mHashInterface)/sizeof (mHashInterface[0])) {
return EFI_OUT_OF_RESOURCES;
}
@@ -258,11 +262,11 @@ RegisterHashInterfaceLib ( // Record hash algorithm bitmap of CURRENT module which consumes HashLib.
//
mSupportedHashMaskCurrent = PcdGet32 (PcdTcg2HashAlgorithmBitmap) | HashMask;
- Status = PcdSet32S (PcdTcg2HashAlgorithmBitmap, mSupportedHashMaskCurrent);
+ Status = PcdSet32S (PcdTcg2HashAlgorithmBitmap, mSupportedHashMaskCurrent);
ASSERT_EFI_ERROR (Status);
- CopyMem (&mHashInterface[mHashInterfaceCount], HashInterface, sizeof(*HashInterface));
- mHashInterfaceCount ++;
+ CopyMem (&mHashInterface[mHashInterfaceCount], HashInterface, sizeof (*HashInterface));
+ mHashInterfaceCount++;
return EFI_SUCCESS;
}
@@ -283,7 +287,7 @@ HashLibBaseCryptoRouterDxeConstructor ( IN EFI_SYSTEM_TABLE *SystemTable
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
//
// Record hash algorithm bitmap of LAST module which also consumes HashLib.
diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c index 42cb562f67..e21103d371 100644 --- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c +++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c @@ -24,7 +24,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #define HASH_LIB_PEI_ROUTER_GUID \
{ 0x84681c08, 0x6873, 0x46f3, { 0x8b, 0xb7, 0xab, 0x66, 0x18, 0x95, 0xa1, 0xb3 } }
-EFI_GUID mHashLibPeiRouterGuid = HASH_LIB_PEI_ROUTER_GUID;
+EFI_GUID mHashLibPeiRouterGuid = HASH_LIB_PEI_ROUTER_GUID;
typedef struct {
//
@@ -34,10 +34,10 @@ typedef struct { // If gEfiCallerIdGuid, HashInterfaceCount, HashInterface and SupportedHashMask
// are the hash interface information of CURRENT module which consumes HashLib.
//
- EFI_GUID Identifier;
- UINTN HashInterfaceCount;
- HASH_INTERFACE HashInterface[HASH_COUNT];
- UINT32 SupportedHashMask;
+ EFI_GUID Identifier;
+ UINTN HashInterfaceCount;
+ HASH_INTERFACE HashInterface[HASH_COUNT];
+ UINT32 SupportedHashMask;
} HASH_INTERFACE_HOB;
/**
@@ -49,7 +49,7 @@ typedef struct { **/
HASH_INTERFACE_HOB *
InternalGetHashInterfaceHob (
- EFI_GUID *Identifier
+ EFI_GUID *Identifier
)
{
EFI_PEI_HOB_POINTERS Hob;
@@ -64,9 +64,11 @@ InternalGetHashInterfaceHob ( //
return HashInterfaceHob;
}
+
Hob.Raw = GET_NEXT_HOB (Hob);
Hob.Raw = GetNextGuidHob (&mHashLibPeiRouterGuid, Hob.Raw);
}
+
return NULL;
}
@@ -79,14 +81,14 @@ InternalGetHashInterfaceHob ( **/
HASH_INTERFACE_HOB *
InternalCreateHashInterfaceHob (
- EFI_GUID *Identifier
+ EFI_GUID *Identifier
)
{
- HASH_INTERFACE_HOB LocalHashInterfaceHob;
+ HASH_INTERFACE_HOB LocalHashInterfaceHob;
- ZeroMem (&LocalHashInterfaceHob, sizeof(LocalHashInterfaceHob));
+ ZeroMem (&LocalHashInterfaceHob, sizeof (LocalHashInterfaceHob));
CopyGuid (&LocalHashInterfaceHob.Identifier, Identifier);
- return BuildGuidDataHob (&mHashLibPeiRouterGuid, &LocalHashInterfaceHob, sizeof(LocalHashInterfaceHob));
+ return BuildGuidDataHob (&mHashLibPeiRouterGuid, &LocalHashInterfaceHob, sizeof (LocalHashInterfaceHob));
}
/**
@@ -98,16 +100,17 @@ InternalCreateHashInterfaceHob ( **/
VOID
CheckSupportedHashMaskMismatch (
- IN HASH_INTERFACE_HOB *HashInterfaceHobCurrent
+ IN HASH_INTERFACE_HOB *HashInterfaceHobCurrent
)
{
- HASH_INTERFACE_HOB *HashInterfaceHobLast;
+ HASH_INTERFACE_HOB *HashInterfaceHobLast;
HashInterfaceHobLast = InternalGetHashInterfaceHob (&gZeroGuid);
ASSERT (HashInterfaceHobLast != NULL);
if ((HashInterfaceHobLast->SupportedHashMask != 0) &&
- (HashInterfaceHobCurrent->SupportedHashMask != HashInterfaceHobLast->SupportedHashMask)) {
+ (HashInterfaceHobCurrent->SupportedHashMask != HashInterfaceHobLast->SupportedHashMask))
+ {
DEBUG ((
DEBUG_WARN,
"WARNING: There is mismatch of supported HashMask (0x%x - 0x%x) between modules\n",
@@ -129,13 +132,13 @@ CheckSupportedHashMaskMismatch ( EFI_STATUS
EFIAPI
HashStart (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- HASH_INTERFACE_HOB *HashInterfaceHob;
- HASH_HANDLE *HashCtx;
- UINTN Index;
- UINT32 HashMask;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
+ HASH_HANDLE *HashCtx;
+ UINTN Index;
+ UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterfaceHob (&gEfiCallerIdGuid);
if (HashInterfaceHob == NULL) {
@@ -148,7 +151,7 @@ HashStart ( CheckSupportedHashMaskMismatch (HashInterfaceHob);
- HashCtx = AllocatePool (sizeof(*HashCtx) * HashInterfaceHob->HashInterfaceCount);
+ HashCtx = AllocatePool (sizeof (*HashCtx) * HashInterfaceHob->HashInterfaceCount);
ASSERT (HashCtx != NULL);
for (Index = 0; Index < HashInterfaceHob->HashInterfaceCount; Index++) {
@@ -175,15 +178,15 @@ HashStart ( EFI_STATUS
EFIAPI
HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- HASH_INTERFACE_HOB *HashInterfaceHob;
- HASH_HANDLE *HashCtx;
- UINTN Index;
- UINT32 HashMask;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
+ HASH_HANDLE *HashCtx;
+ UINTN Index;
+ UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterfaceHob (&gEfiCallerIdGuid);
if (HashInterfaceHob == NULL) {
@@ -222,19 +225,19 @@ HashUpdate ( EFI_STATUS
EFIAPI
HashCompleteAndExtend (
- IN HASH_HANDLE HashHandle,
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- TPML_DIGEST_VALUES Digest;
- HASH_INTERFACE_HOB *HashInterfaceHob;
- HASH_HANDLE *HashCtx;
- UINTN Index;
- EFI_STATUS Status;
- UINT32 HashMask;
+ TPML_DIGEST_VALUES Digest;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
+ HASH_HANDLE *HashCtx;
+ UINTN Index;
+ EFI_STATUS Status;
+ UINT32 HashMask;
HashInterfaceHob = InternalGetHashInterfaceHob (&gEfiCallerIdGuid);
if (HashInterfaceHob == NULL) {
@@ -248,7 +251,7 @@ HashCompleteAndExtend ( CheckSupportedHashMaskMismatch (HashInterfaceHob);
HashCtx = (HASH_HANDLE *)HashHandle;
- ZeroMem (DigestList, sizeof(*DigestList));
+ ZeroMem (DigestList, sizeof (*DigestList));
for (Index = 0; Index < HashInterfaceHob->HashInterfaceCount; Index++) {
HashMask = Tpm2GetHashMaskFromAlgo (&HashInterfaceHob->HashInterface[Index].HashGuid);
@@ -281,15 +284,15 @@ HashCompleteAndExtend ( EFI_STATUS
EFIAPI
HashAndExtend (
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- HASH_INTERFACE_HOB *HashInterfaceHob;
- HASH_HANDLE HashHandle;
- EFI_STATUS Status;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
+ HASH_HANDLE HashHandle;
+ EFI_STATUS Status;
HashInterfaceHob = InternalGetHashInterfaceHob (&gEfiCallerIdGuid);
if (HashInterfaceHob == NULL) {
@@ -321,13 +324,13 @@ HashAndExtend ( EFI_STATUS
EFIAPI
RegisterHashInterfaceLib (
- IN HASH_INTERFACE *HashInterface
+ IN HASH_INTERFACE *HashInterface
)
{
- UINTN Index;
- HASH_INTERFACE_HOB *HashInterfaceHob;
- UINT32 HashMask;
- EFI_STATUS Status;
+ UINTN Index;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
+ UINT32 HashMask;
+ EFI_STATUS Status;
//
// Check allow
@@ -363,11 +366,11 @@ RegisterHashInterfaceLib ( // Record hash algorithm bitmap of CURRENT module which consumes HashLib.
//
HashInterfaceHob->SupportedHashMask = PcdGet32 (PcdTcg2HashAlgorithmBitmap) | HashMask;
- Status = PcdSet32S (PcdTcg2HashAlgorithmBitmap, HashInterfaceHob->SupportedHashMask);
+ Status = PcdSet32S (PcdTcg2HashAlgorithmBitmap, HashInterfaceHob->SupportedHashMask);
ASSERT_EFI_ERROR (Status);
- CopyMem (&HashInterfaceHob->HashInterface[HashInterfaceHob->HashInterfaceCount], HashInterface, sizeof(*HashInterface));
- HashInterfaceHob->HashInterfaceCount ++;
+ CopyMem (&HashInterfaceHob->HashInterface[HashInterfaceHob->HashInterfaceCount], HashInterface, sizeof (*HashInterface));
+ HashInterfaceHob->HashInterfaceCount++;
return EFI_SUCCESS;
}
@@ -385,12 +388,12 @@ RegisterHashInterfaceLib ( EFI_STATUS
EFIAPI
HashLibBaseCryptoRouterPeiConstructor (
- IN EFI_PEI_FILE_HANDLE FileHandle,
- IN CONST EFI_PEI_SERVICES **PeiServices
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
)
{
- EFI_STATUS Status;
- HASH_INTERFACE_HOB *HashInterfaceHob;
+ EFI_STATUS Status;
+ HASH_INTERFACE_HOB *HashInterfaceHob;
HashInterfaceHob = InternalGetHashInterfaceHob (&gZeroGuid);
if (HashInterfaceHob == NULL) {
@@ -420,7 +423,7 @@ HashLibBaseCryptoRouterPeiConstructor ( //
ZeroMem (&HashInterfaceHob->HashInterface, sizeof (HashInterfaceHob->HashInterface));
HashInterfaceHob->HashInterfaceCount = 0;
- HashInterfaceHob->SupportedHashMask = 0;
+ HashInterfaceHob->SupportedHashMask = 0;
}
//
diff --git a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c index 876b15fad4..00ba80b884 100644 --- a/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c +++ b/SecurityPkg/Library/HashLibTpm2/HashLibTpm2.c @@ -17,15 +17,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/PcdLib.h>
typedef struct {
- TPM_ALG_ID AlgoId;
- UINT32 Mask;
+ TPM_ALG_ID AlgoId;
+ UINT32 Mask;
} TPM2_HASH_MASK;
-TPM2_HASH_MASK mTpm2HashMask[] = {
- {TPM_ALG_SHA1, HASH_ALG_SHA1},
- {TPM_ALG_SHA256, HASH_ALG_SHA256},
- {TPM_ALG_SHA384, HASH_ALG_SHA384},
- {TPM_ALG_SHA512, HASH_ALG_SHA512},
+TPM2_HASH_MASK mTpm2HashMask[] = {
+ { TPM_ALG_SHA1, HASH_ALG_SHA1 },
+ { TPM_ALG_SHA256, HASH_ALG_SHA256 },
+ { TPM_ALG_SHA384, HASH_ALG_SHA384 },
+ { TPM_ALG_SHA512, HASH_ALG_SHA512 },
};
/**
@@ -38,11 +38,11 @@ Tpm2GetAlgoFromHashMask ( VOID
)
{
- UINT32 HashMask;
- UINTN Index;
+ UINT32 HashMask;
+ UINTN Index;
HashMask = PcdGet32 (PcdTpm2HashMask);
- for (Index = 0; Index < sizeof(mTpm2HashMask)/sizeof(mTpm2HashMask[0]); Index++) {
+ for (Index = 0; Index < sizeof (mTpm2HashMask)/sizeof (mTpm2HashMask[0]); Index++) {
if (mTpm2HashMask[Index].Mask == HashMask) {
return mTpm2HashMask[Index].AlgoId;
}
@@ -62,12 +62,12 @@ Tpm2GetAlgoFromHashMask ( EFI_STATUS
EFIAPI
HashStart (
- OUT HASH_HANDLE *HashHandle
+ OUT HASH_HANDLE *HashHandle
)
{
- TPMI_DH_OBJECT SequenceHandle;
- EFI_STATUS Status;
- TPM_ALG_ID AlgoId;
+ TPMI_DH_OBJECT SequenceHandle;
+ EFI_STATUS Status;
+ TPM_ALG_ID AlgoId;
AlgoId = Tpm2GetAlgoFromHashMask ();
@@ -75,6 +75,7 @@ HashStart ( if (!EFI_ERROR (Status)) {
*HashHandle = (HASH_HANDLE)SequenceHandle;
}
+
return Status;
}
@@ -90,25 +91,24 @@ HashStart ( EFI_STATUS
EFIAPI
HashUpdate (
- IN HASH_HANDLE HashHandle,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen
+ IN HASH_HANDLE HashHandle,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen
)
{
- UINT8 *Buffer;
- UINT64 HashLen;
- TPM2B_MAX_BUFFER HashBuffer;
- EFI_STATUS Status;
+ UINT8 *Buffer;
+ UINT64 HashLen;
+ TPM2B_MAX_BUFFER HashBuffer;
+ EFI_STATUS Status;
Buffer = (UINT8 *)(UINTN)DataToHash;
- for (HashLen = DataToHashLen; HashLen > sizeof(HashBuffer.buffer); HashLen -= sizeof(HashBuffer.buffer)) {
-
- HashBuffer.size = sizeof(HashBuffer.buffer);
- CopyMem(HashBuffer.buffer, Buffer, sizeof(HashBuffer.buffer));
- Buffer += sizeof(HashBuffer.buffer);
+ for (HashLen = DataToHashLen; HashLen > sizeof (HashBuffer.buffer); HashLen -= sizeof (HashBuffer.buffer)) {
+ HashBuffer.size = sizeof (HashBuffer.buffer);
+ CopyMem (HashBuffer.buffer, Buffer, sizeof (HashBuffer.buffer));
+ Buffer += sizeof (HashBuffer.buffer);
- Status = Tpm2SequenceUpdate((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
- if (EFI_ERROR(Status)) {
+ Status = Tpm2SequenceUpdate ((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
}
@@ -117,9 +117,9 @@ HashUpdate ( // Last one
//
HashBuffer.size = (UINT16)HashLen;
- CopyMem(HashBuffer.buffer, Buffer, (UINTN)HashLen);
- Status = Tpm2SequenceUpdate((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
- if (EFI_ERROR(Status)) {
+ CopyMem (HashBuffer.buffer, Buffer, (UINTN)HashLen);
+ Status = Tpm2SequenceUpdate ((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
@@ -140,31 +140,30 @@ HashUpdate ( EFI_STATUS
EFIAPI
HashCompleteAndExtend (
- IN HASH_HANDLE HashHandle,
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN HASH_HANDLE HashHandle,
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- UINT8 *Buffer;
- UINT64 HashLen;
- TPM2B_MAX_BUFFER HashBuffer;
- EFI_STATUS Status;
- TPM_ALG_ID AlgoId;
- TPM2B_DIGEST Result;
+ UINT8 *Buffer;
+ UINT64 HashLen;
+ TPM2B_MAX_BUFFER HashBuffer;
+ EFI_STATUS Status;
+ TPM_ALG_ID AlgoId;
+ TPM2B_DIGEST Result;
AlgoId = Tpm2GetAlgoFromHashMask ();
Buffer = (UINT8 *)(UINTN)DataToHash;
- for (HashLen = DataToHashLen; HashLen > sizeof(HashBuffer.buffer); HashLen -= sizeof(HashBuffer.buffer)) {
+ for (HashLen = DataToHashLen; HashLen > sizeof (HashBuffer.buffer); HashLen -= sizeof (HashBuffer.buffer)) {
+ HashBuffer.size = sizeof (HashBuffer.buffer);
+ CopyMem (HashBuffer.buffer, Buffer, sizeof (HashBuffer.buffer));
+ Buffer += sizeof (HashBuffer.buffer);
- HashBuffer.size = sizeof(HashBuffer.buffer);
- CopyMem(HashBuffer.buffer, Buffer, sizeof(HashBuffer.buffer));
- Buffer += sizeof(HashBuffer.buffer);
-
- Status = Tpm2SequenceUpdate((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
- if (EFI_ERROR(Status)) {
+ Status = Tpm2SequenceUpdate ((TPMI_DH_OBJECT)HashHandle, &HashBuffer);
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
}
@@ -173,9 +172,9 @@ HashCompleteAndExtend ( // Last one
//
HashBuffer.size = (UINT16)HashLen;
- CopyMem(HashBuffer.buffer, Buffer, (UINTN)HashLen);
+ CopyMem (HashBuffer.buffer, Buffer, (UINTN)HashLen);
- ZeroMem(DigestList, sizeof(*DigestList));
+ ZeroMem (DigestList, sizeof (*DigestList));
DigestList->count = HASH_COUNT;
if (AlgoId == TPM_ALG_NULL) {
@@ -191,11 +190,11 @@ HashCompleteAndExtend ( &HashBuffer,
&Result
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
- DigestList->count = 1;
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = AlgoId;
CopyMem (&DigestList->digests[0].digest, Result.buffer, Result.size);
Status = Tpm2PcrExtend (
@@ -203,9 +202,11 @@ HashCompleteAndExtend ( DigestList
);
}
- if (EFI_ERROR(Status)) {
+
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
+
return EFI_SUCCESS;
}
@@ -222,61 +223,63 @@ HashCompleteAndExtend ( EFI_STATUS
EFIAPI
HashAndExtend (
- IN TPMI_DH_PCR PcrIndex,
- IN VOID *DataToHash,
- IN UINTN DataToHashLen,
- OUT TPML_DIGEST_VALUES *DigestList
+ IN TPMI_DH_PCR PcrIndex,
+ IN VOID *DataToHash,
+ IN UINTN DataToHashLen,
+ OUT TPML_DIGEST_VALUES *DigestList
)
{
- EFI_STATUS Status;
- UINT8 *Buffer;
- UINT64 HashLen;
- TPMI_DH_OBJECT SequenceHandle;
- TPM2B_MAX_BUFFER HashBuffer;
- TPM_ALG_ID AlgoId;
- TPM2B_EVENT EventData;
- TPM2B_DIGEST Result;
+ EFI_STATUS Status;
+ UINT8 *Buffer;
+ UINT64 HashLen;
+ TPMI_DH_OBJECT SequenceHandle;
+ TPM2B_MAX_BUFFER HashBuffer;
+ TPM_ALG_ID AlgoId;
+ TPM2B_EVENT EventData;
+ TPM2B_DIGEST Result;
- DEBUG((DEBUG_VERBOSE, "\n HashAndExtend Entry \n"));
+ DEBUG ((DEBUG_VERBOSE, "\n HashAndExtend Entry \n"));
SequenceHandle = 0xFFFFFFFF; // Know bad value
AlgoId = Tpm2GetAlgoFromHashMask ();
- if ((AlgoId == TPM_ALG_NULL) && (DataToHashLen <= sizeof(EventData.buffer))) {
+ if ((AlgoId == TPM_ALG_NULL) && (DataToHashLen <= sizeof (EventData.buffer))) {
EventData.size = (UINT16)DataToHashLen;
CopyMem (EventData.buffer, DataToHash, DataToHashLen);
Status = Tpm2PcrEvent (PcrIndex, &EventData, DigestList);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
+
return EFI_SUCCESS;
}
- Status = Tpm2HashSequenceStart(AlgoId, &SequenceHandle);
- if (EFI_ERROR(Status)) {
+ Status = Tpm2HashSequenceStart (AlgoId, &SequenceHandle);
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
- DEBUG((DEBUG_VERBOSE, "\n Tpm2HashSequenceStart Success \n"));
- Buffer = (UINT8 *)(UINTN)DataToHash;
- for (HashLen = DataToHashLen; HashLen > sizeof(HashBuffer.buffer); HashLen -= sizeof(HashBuffer.buffer)) {
+ DEBUG ((DEBUG_VERBOSE, "\n Tpm2HashSequenceStart Success \n"));
- HashBuffer.size = sizeof(HashBuffer.buffer);
- CopyMem(HashBuffer.buffer, Buffer, sizeof(HashBuffer.buffer));
- Buffer += sizeof(HashBuffer.buffer);
+ Buffer = (UINT8 *)(UINTN)DataToHash;
+ for (HashLen = DataToHashLen; HashLen > sizeof (HashBuffer.buffer); HashLen -= sizeof (HashBuffer.buffer)) {
+ HashBuffer.size = sizeof (HashBuffer.buffer);
+ CopyMem (HashBuffer.buffer, Buffer, sizeof (HashBuffer.buffer));
+ Buffer += sizeof (HashBuffer.buffer);
- Status = Tpm2SequenceUpdate(SequenceHandle, &HashBuffer);
- if (EFI_ERROR(Status)) {
+ Status = Tpm2SequenceUpdate (SequenceHandle, &HashBuffer);
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
}
- DEBUG((DEBUG_VERBOSE, "\n Tpm2SequenceUpdate Success \n"));
+
+ DEBUG ((DEBUG_VERBOSE, "\n Tpm2SequenceUpdate Success \n"));
HashBuffer.size = (UINT16)HashLen;
- CopyMem(HashBuffer.buffer, Buffer, (UINTN)HashLen);
+ CopyMem (HashBuffer.buffer, Buffer, (UINTN)HashLen);
- ZeroMem(DigestList, sizeof(*DigestList));
+ ZeroMem (DigestList, sizeof (*DigestList));
DigestList->count = HASH_COUNT;
if (AlgoId == TPM_ALG_NULL) {
@@ -286,32 +289,35 @@ HashAndExtend ( &HashBuffer,
DigestList
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
- DEBUG((DEBUG_VERBOSE, "\n Tpm2EventSequenceComplete Success \n"));
+
+ DEBUG ((DEBUG_VERBOSE, "\n Tpm2EventSequenceComplete Success \n"));
} else {
Status = Tpm2SequenceComplete (
SequenceHandle,
&HashBuffer,
&Result
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
- DEBUG((DEBUG_VERBOSE, "\n Tpm2SequenceComplete Success \n"));
- DigestList->count = 1;
+ DEBUG ((DEBUG_VERBOSE, "\n Tpm2SequenceComplete Success \n"));
+
+ DigestList->count = 1;
DigestList->digests[0].hashAlg = AlgoId;
CopyMem (&DigestList->digests[0].digest, Result.buffer, Result.size);
Status = Tpm2PcrExtend (
PcrIndex,
DigestList
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return EFI_DEVICE_ERROR;
}
- DEBUG((DEBUG_VERBOSE, "\n Tpm2PcrExtend Success \n"));
+
+ DEBUG ((DEBUG_VERBOSE, "\n Tpm2PcrExtend Success \n"));
}
return EFI_SUCCESS;
@@ -329,7 +335,7 @@ HashAndExtend ( EFI_STATUS
EFIAPI
RegisterHashInterfaceLib (
- IN HASH_INTERFACE *HashInterface
+ IN HASH_INTERFACE *HashInterface
)
{
return EFI_UNSUPPORTED;
diff --git a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c index 0bb04a20fc..b8838766bc 100644 --- a/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c +++ b/SecurityPkg/Library/PeiDxeTpmPlatformHierarchyLib/PeiDxeTpmPlatformHierarchyLib.c @@ -27,7 +27,7 @@ // algorithm used for context integrity.
//
-UINT16 mAuthSize;
+UINT16 mAuthSize;
/**
Generate high-quality entropy source through RDRAND.
@@ -42,8 +42,8 @@ UINT16 mAuthSize; EFI_STATUS
EFIAPI
RdRandGenerateEntropy (
- IN UINTN Length,
- OUT UINT8 *Entropy
+ IN UINTN Length,
+ OUT UINT8 *Entropy
)
{
EFI_STATUS Status;
@@ -51,9 +51,9 @@ RdRandGenerateEntropy ( UINT64 Seed[2];
UINT8 *Ptr;
- Status = EFI_NOT_READY;
- BlockCount = Length / sizeof(Seed);
- Ptr = (UINT8 *)Entropy;
+ Status = EFI_NOT_READY;
+ BlockCount = Length / sizeof (Seed);
+ Ptr = (UINT8 *)Entropy;
//
// Generate high-quality seed for DRBG Entropy
@@ -63,10 +63,11 @@ RdRandGenerateEntropy ( if (EFI_ERROR (Status)) {
return Status;
}
- CopyMem (Ptr, Seed, sizeof(Seed));
+
+ CopyMem (Ptr, Seed, sizeof (Seed));
BlockCount--;
- Ptr = Ptr + sizeof(Seed);
+ Ptr = Ptr + sizeof (Seed);
}
//
@@ -76,7 +77,8 @@ RdRandGenerateEntropy ( if (EFI_ERROR (Status)) {
return Status;
}
- CopyMem (Ptr, Seed, (Length % sizeof(Seed)));
+
+ CopyMem (Ptr, Seed, (Length % sizeof (Seed)));
return Status;
}
@@ -94,18 +96,17 @@ RdRandGenerateEntropy ( EFI_STATUS
EFIAPI
GetAuthSize (
- OUT UINT16 *AuthSize
+ OUT UINT16 *AuthSize
)
{
- EFI_STATUS Status;
- TPML_PCR_SELECTION Pcrs;
- UINTN Index;
- UINT16 DigestSize;
+ EFI_STATUS Status;
+ TPML_PCR_SELECTION Pcrs;
+ UINTN Index;
+ UINT16 DigestSize;
Status = EFI_SUCCESS;
while (mAuthSize == 0) {
-
mAuthSize = SHA1_DIGEST_SIZE;
ZeroMem (&Pcrs, sizeof (TPML_PCR_SELECTION));
Status = Tpm2GetCapabilityPcrs (&Pcrs);
@@ -121,30 +122,31 @@ GetAuthSize ( DEBUG ((DEBUG_ERROR, "alg - %x\n", Pcrs.pcrSelections[Index].hash));
switch (Pcrs.pcrSelections[Index].hash) {
- case TPM_ALG_SHA1:
- DigestSize = SHA1_DIGEST_SIZE;
- break;
- case TPM_ALG_SHA256:
- DigestSize = SHA256_DIGEST_SIZE;
- break;
- case TPM_ALG_SHA384:
- DigestSize = SHA384_DIGEST_SIZE;
- break;
- case TPM_ALG_SHA512:
- DigestSize = SHA512_DIGEST_SIZE;
- break;
- case TPM_ALG_SM3_256:
- DigestSize = SM3_256_DIGEST_SIZE;
- break;
- default:
- DigestSize = SHA1_DIGEST_SIZE;
- break;
+ case TPM_ALG_SHA1:
+ DigestSize = SHA1_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA256:
+ DigestSize = SHA256_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA384:
+ DigestSize = SHA384_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SHA512:
+ DigestSize = SHA512_DIGEST_SIZE;
+ break;
+ case TPM_ALG_SM3_256:
+ DigestSize = SM3_256_DIGEST_SIZE;
+ break;
+ default:
+ DigestSize = SHA1_DIGEST_SIZE;
+ break;
}
if (DigestSize > mAuthSize) {
mAuthSize = DigestSize;
}
}
+
break;
}
@@ -160,9 +162,9 @@ RandomizePlatformAuth ( VOID
)
{
- EFI_STATUS Status;
- UINT16 AuthSize;
- TPM2B_AUTH NewPlatformAuth;
+ EFI_STATUS Status;
+ UINT16 AuthSize;
+ TPM2B_AUTH NewPlatformAuth;
//
// Send Tpm2HierarchyChange Auth with random value to avoid PlatformAuth being null
diff --git a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c index 96638e26aa..f7ecc9afd8 100644 --- a/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c +++ b/SecurityPkg/Library/PeiRsa2048Sha256GuidedSectionExtractLib/PeiRsa2048Sha256GuidedSectionExtractLib.c @@ -25,19 +25,19 @@ SPDX-License-Identifier: BSD-2-Clause-Patent /// RSA 2048 SHA 256 Guided Section header
///
typedef struct {
- EFI_GUID_DEFINED_SECTION GuidedSectionHeader; ///< EFI guided section header
- EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
+ EFI_GUID_DEFINED_SECTION GuidedSectionHeader; ///< EFI guided section header
+ EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
} RSA_2048_SHA_256_SECTION_HEADER;
typedef struct {
- EFI_GUID_DEFINED_SECTION2 GuidedSectionHeader; ///< EFI guided section header
- EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
+ EFI_GUID_DEFINED_SECTION2 GuidedSectionHeader; ///< EFI guided section header
+ EFI_CERT_BLOCK_RSA_2048_SHA256 CertBlockRsa2048Sha256; ///< RSA 2048-bit Signature
} RSA_2048_SHA_256_SECTION2_HEADER;
///
/// Public Exponent of RSA Key.
///
-CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
+CONST UINT8 mRsaE[] = { 0x01, 0x00, 0x01 };
/**
@@ -69,31 +69,37 @@ Rsa2048Sha256GuidedSectionGetInfo ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION2 *) InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
+
//
// Retrieve the size and attribute of the input section data.
//
- *SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *) InputSection)->Attributes;
+ *SectionAttribute = ((EFI_GUID_DEFINED_SECTION2 *)InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION2_HEADER);
+ *OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
} else {
//
// Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION *) InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
+
//
// Retrieve the size and attribute of the input section data.
//
- *SectionAttribute = ((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes;
+ *SectionAttribute = ((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes;
*ScratchBufferSize = 0;
- *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof(RSA_2048_SHA_256_SECTION_HEADER);
+ *OutputBufferSize = SECTION_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION_HEADER);
}
return EFI_SUCCESS;
@@ -143,15 +149,17 @@ Rsa2048Sha256GuidedSectionHandler ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION2 *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
//
// Get the RSA 2048 SHA 256 information.
//
- CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *) InputSection)->CertBlockRsa2048Sha256;
+ CertBlockRsa2048Sha256 = &((RSA_2048_SHA_256_SECTION2_HEADER *)InputSection)->CertBlockRsa2048Sha256;
OutputBufferSize = SECTION2_SIZE (InputSection) - sizeof (RSA_2048_SHA_256_SECTION2_HEADER);
if ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_PROCESSING_REQUIRED) != 0) {
PERF_INMODULE_BEGIN ("PeiRsaCopy");
@@ -171,8 +179,10 @@ Rsa2048Sha256GuidedSectionHandler ( // Check whether the input guid section is recognized.
//
if (!CompareGuid (
- &gEfiCertTypeRsa2048Sha256Guid,
- &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid))) {
+ &gEfiCertTypeRsa2048Sha256Guid,
+ &(((EFI_GUID_DEFINED_SECTION *)InputSection)->SectionDefinitionGuid)
+ ))
+ {
return EFI_INVALID_PARAMETER;
}
@@ -192,7 +202,7 @@ Rsa2048Sha256GuidedSectionHandler ( //
// Implicitly RSA 2048 SHA 256 GUIDed section should have STATUS_VALID bit set
//
- ASSERT ((((EFI_GUID_DEFINED_SECTION *) InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
+ ASSERT ((((EFI_GUID_DEFINED_SECTION *)InputSection)->Attributes & EFI_GUIDED_SECTION_AUTH_STATUS_VALID) != 0);
*AuthenticationStatus = EFI_AUTH_STATUS_IMAGE_SIGNED;
}
@@ -230,13 +240,15 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+
+ CryptoStatus = Sha256Update (HashContext, &CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Update() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -259,9 +271,11 @@ Rsa2048Sha256GuidedSectionHandler ( CryptoStatus = TRUE;
break;
}
- PublicKey = PublicKey + SHA256_DIGEST_SIZE;
+
+ PublicKey = PublicKey + SHA256_DIGEST_SIZE;
PublicKeyBufferSize = PublicKeyBufferSize - SHA256_DIGEST_SIZE;
}
+
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Public key in section is not supported\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -282,12 +296,13 @@ Rsa2048Sha256GuidedSectionHandler ( // Set RSA Key Components.
// NOTE: Only N and E are needed to be set as RSA public key for signature verification.
//
- CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof(CertBlockRsa2048Sha256->PublicKey));
+ CryptoStatus = RsaSetKey (Rsa, RsaKeyN, CertBlockRsa2048Sha256->PublicKey, sizeof (CertBlockRsa2048Sha256->PublicKey));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyN) failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
+
CryptoStatus = RsaSetKey (Rsa, RsaKeyE, mRsaE, sizeof (mRsaE));
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: RsaSetKey(RsaKeyE) failed\n"));
@@ -305,6 +320,7 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
+
PERF_INMODULE_BEGIN ("PeiRsaShaData");
CryptoStatus = Sha256Update (HashContext, *OutputBuffer, OutputBufferSize);
PERF_INMODULE_END ("PeiRsaShaData");
@@ -313,7 +329,8 @@ Rsa2048Sha256GuidedSectionHandler ( *AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
goto Done;
}
- CryptoStatus = Sha256Final (HashContext, Digest);
+
+ CryptoStatus = Sha256Final (HashContext, Digest);
if (!CryptoStatus) {
DEBUG ((DEBUG_ERROR, "PeiRsa2048Sha256: Sha256Final() failed\n"));
*AuthenticationStatus |= EFI_AUTH_STATUS_TEST_FAILED;
@@ -347,6 +364,7 @@ Done: if (Rsa != NULL) {
RsaFree (Rsa);
}
+
if (HashContext != NULL) {
FreePool (HashContext);
}
@@ -369,8 +387,8 @@ Done: EFI_STATUS
EFIAPI
PeiRsa2048Sha256GuidedSectionExtractLibConstructor (
- IN EFI_PEI_FILE_HANDLE FileHandle,
- IN CONST EFI_PEI_SERVICES **PeiServices
+ IN EFI_PEI_FILE_HANDLE FileHandle,
+ IN CONST EFI_PEI_SERVICES **PeiServices
)
{
return ExtractGuidedSectionRegisterHandlers (
diff --git a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c index b80129bf7f..7977382f75 100644 --- a/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c +++ b/SecurityPkg/Library/PeiTcg2PhysicalPresenceLib/PeiTcg2PhysicalPresenceLib.c @@ -34,20 +34,21 @@ Tcg2PhysicalPresenceLibGetManagementFlags ( EFI_TCG2_PHYSICAL_PRESENCE_FLAGS PpiFlags;
UINTN DataSize;
- Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **) &VariablePpi);
+ Status = PeiServicesLocatePpi (&gEfiPeiReadOnlyVariable2PpiGuid, 0, NULL, (VOID **)&VariablePpi);
ASSERT_EFI_ERROR (Status);
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = VariablePpi->GetVariable (
- VariablePpi,
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpiFlags
- );
+ Status = VariablePpi->GetVariable (
+ VariablePpi,
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpiFlags
+ );
if (EFI_ERROR (Status)) {
- PpiFlags.PPFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
+ PpiFlags.PPFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
}
+
return PpiFlags.PPFlags;
}
diff --git a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c index 200e15a294..0e84fd661a 100644 --- a/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c +++ b/SecurityPkg/Library/PeiTpmMeasurementLib/PeiTpmMeasurementLib.c @@ -36,25 +36,25 @@ SPDX-License-Identifier: BSD-2-Clause-Patent EFI_STATUS
EFIAPI
TpmMeasureAndLogData (
- IN UINT32 PcrIndex,
- IN UINT32 EventType,
- IN VOID *EventLog,
- IN UINT32 LogLen,
- IN VOID *HashData,
- IN UINT64 HashDataLen
+ IN UINT32 PcrIndex,
+ IN UINT32 EventType,
+ IN VOID *EventLog,
+ IN UINT32 LogLen,
+ IN VOID *HashData,
+ IN UINT64 HashDataLen
)
{
- EFI_STATUS Status;
- EDKII_TCG_PPI *TcgPpi;
- TCG_PCR_EVENT_HDR TcgEventHdr;
+ EFI_STATUS Status;
+ EDKII_TCG_PPI *TcgPpi;
+ TCG_PCR_EVENT_HDR TcgEventHdr;
Status = PeiServicesLocatePpi (
&gEdkiiTcgPpiGuid,
0,
NULL,
- (VOID**)&TcgPpi
+ (VOID **)&TcgPpi
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
return Status;
}
diff --git a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c index c5a9d676c4..b350b04ebd 100644 --- a/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c +++ b/SecurityPkg/Library/PlatformSecureLibNull/PlatformSecureLibNull.c @@ -11,7 +11,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Uefi/UefiBaseType.h>
-BOOLEAN mUserPhysicalPresence = FALSE;
+BOOLEAN mUserPhysicalPresence = FALSE;
/**
@@ -39,7 +39,6 @@ UserPhysicalPresent ( return mUserPhysicalPresence;
}
-
/**
Save user physical presence state from a PCD to mUserPhysicalPresence.
@@ -52,8 +51,7 @@ PlatformSecureLibNullConstructor ( VOID
)
{
-
- mUserPhysicalPresence = PcdGetBool(PcdUserPhysicalPresence);
+ mUserPhysicalPresence = PcdGetBool (PcdUserPhysicalPresence);
return RETURN_SUCCESS;
}
diff --git a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c index e1dd09eb10..792e48250e 100644 --- a/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c +++ b/SecurityPkg/Library/RpmcLibNull/RpmcLibNull.c @@ -44,4 +44,3 @@ IncrementMonotonicCounter ( ASSERT (FALSE);
return EFI_UNSUPPORTED;
}
-
diff --git a/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c index ff65184713..e0d137666e 100644 --- a/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c +++ b/SecurityPkg/Library/SecureBootVariableLib/SecureBootVariableLib.c @@ -33,20 +33,20 @@ STATIC
EFI_STATUS
CreateSigList (
- IN VOID *Data,
- IN UINTN Size,
- OUT EFI_SIGNATURE_LIST **SigList
+ IN VOID *Data,
+ IN UINTN Size,
+ OUT EFI_SIGNATURE_LIST **SigList
)
{
- UINTN SigListSize;
- EFI_SIGNATURE_LIST *TmpSigList;
- EFI_SIGNATURE_DATA *SigData;
+ UINTN SigListSize;
+ EFI_SIGNATURE_LIST *TmpSigList;
+ EFI_SIGNATURE_DATA *SigData;
//
// Allocate data for Signature Database
//
SigListSize = sizeof (EFI_SIGNATURE_LIST) + sizeof (EFI_SIGNATURE_DATA) - 1 + Size;
- TmpSigList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (SigListSize);
+ TmpSigList = (EFI_SIGNATURE_LIST *)AllocateZeroPool (SigListSize);
if (TmpSigList == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -54,15 +54,15 @@ CreateSigList ( //
// Only gEfiCertX509Guid type is supported
//
- TmpSigList->SignatureListSize = (UINT32)SigListSize;
- TmpSigList->SignatureSize = (UINT32) (sizeof (EFI_SIGNATURE_DATA) - 1 + Size);
+ TmpSigList->SignatureListSize = (UINT32)SigListSize;
+ TmpSigList->SignatureSize = (UINT32)(sizeof (EFI_SIGNATURE_DATA) - 1 + Size);
TmpSigList->SignatureHeaderSize = 0;
CopyGuid (&TmpSigList->SignatureType, &gEfiCertX509Guid);
//
// Copy key data
//
- SigData = (EFI_SIGNATURE_DATA *) (TmpSigList + 1);
+ SigData = (EFI_SIGNATURE_DATA *)(TmpSigList + 1);
CopyGuid (&SigData->SignatureOwner, &gEfiGlobalVariableGuid);
CopyMem (&SigData->SignatureData[0], Data, Size);
@@ -84,31 +84,31 @@ CreateSigList ( STATIC
EFI_STATUS
ConcatenateSigList (
- IN EFI_SIGNATURE_LIST *SigLists,
- IN EFI_SIGNATURE_LIST *SigListAppend,
- OUT EFI_SIGNATURE_LIST **SigListOut,
- IN OUT UINTN *SigListsSize
-)
+ IN EFI_SIGNATURE_LIST *SigLists,
+ IN EFI_SIGNATURE_LIST *SigListAppend,
+ OUT EFI_SIGNATURE_LIST **SigListOut,
+ IN OUT UINTN *SigListsSize
+ )
{
- EFI_SIGNATURE_LIST *TmpSigList;
- UINT8 *Offset;
- UINTN NewSigListsSize;
+ EFI_SIGNATURE_LIST *TmpSigList;
+ UINT8 *Offset;
+ UINTN NewSigListsSize;
NewSigListsSize = *SigListsSize + SigListAppend->SignatureListSize;
- TmpSigList = (EFI_SIGNATURE_LIST *) AllocateZeroPool (NewSigListsSize);
+ TmpSigList = (EFI_SIGNATURE_LIST *)AllocateZeroPool (NewSigListsSize);
if (TmpSigList == NULL) {
return EFI_OUT_OF_RESOURCES;
}
CopyMem (TmpSigList, SigLists, *SigListsSize);
- Offset = (UINT8 *)TmpSigList;
+ Offset = (UINT8 *)TmpSigList;
Offset += *SigListsSize;
CopyMem ((VOID *)Offset, SigListAppend, SigListAppend->SignatureListSize);
*SigListsSize = NewSigListsSize;
- *SigListOut = TmpSigList;
+ *SigListOut = TmpSigList;
return EFI_SUCCESS;
}
@@ -128,23 +128,22 @@ ConcatenateSigList ( **/
EFI_STATUS
SecureBootFetchData (
- IN EFI_GUID *KeyFileGuid,
- OUT UINTN *SigListsSize,
- OUT EFI_SIGNATURE_LIST **SigListOut
-)
+ IN EFI_GUID *KeyFileGuid,
+ OUT UINTN *SigListsSize,
+ OUT EFI_SIGNATURE_LIST **SigListOut
+ )
{
- EFI_SIGNATURE_LIST *EfiSig;
- EFI_SIGNATURE_LIST *TmpEfiSig;
- EFI_SIGNATURE_LIST *TmpEfiSig2;
- EFI_STATUS Status;
- VOID *Buffer;
- VOID *RsaPubKey;
+ EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *TmpEfiSig;
+ EFI_SIGNATURE_LIST *TmpEfiSig2;
+ EFI_STATUS Status;
+ VOID *Buffer;
+ VOID *RsaPubKey;
UINTN Size;
UINTN KeyIndex;
-
- KeyIndex = 0;
- EfiSig = NULL;
+ KeyIndex = 0;
+ EfiSig = NULL;
*SigListsSize = 0;
while (1) {
Status = GetSectionFromAnyFv (
@@ -160,9 +159,10 @@ SecureBootFetchData ( if (RsaGetPublicKeyFromX509 (Buffer, Size, &RsaPubKey) == FALSE) {
DEBUG ((DEBUG_ERROR, "%a: Invalid key format: %d\n", __FUNCTION__, KeyIndex));
if (EfiSig != NULL) {
- FreePool(EfiSig);
+ FreePool (EfiSig);
}
- FreePool(Buffer);
+
+ FreePool (Buffer);
return EFI_INVALID_PARAMETER;
}
@@ -172,7 +172,7 @@ SecureBootFetchData ( // Concatenate lists if more than one section found
//
if (KeyIndex == 0) {
- EfiSig = TmpEfiSig;
+ EfiSig = TmpEfiSig;
*SigListsSize = TmpEfiSig->SignatureListSize;
} else {
ConcatenateSigList (EfiSig, TmpEfiSig, &TmpEfiSig2, SigListsSize);
@@ -183,10 +183,12 @@ SecureBootFetchData ( KeyIndex++;
FreePool (Buffer);
- } if (Status == EFI_NOT_FOUND) {
+ }
+
+ if (Status == EFI_NOT_FOUND) {
break;
}
- };
+ }
if (KeyIndex == 0) {
return EFI_NOT_FOUND;
@@ -217,19 +219,19 @@ SecureBootFetchData ( **/
EFI_STATUS
CreateTimeBasedPayload (
- IN OUT UINTN *DataSize,
- IN OUT UINT8 **Data
+ IN OUT UINTN *DataSize,
+ IN OUT UINT8 **Data
)
{
- EFI_STATUS Status;
- UINT8 *NewData;
- UINT8 *Payload;
- UINTN PayloadSize;
- EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
- UINTN DescriptorSize;
- EFI_TIME Time;
-
- if (Data == NULL || DataSize == NULL) {
+ EFI_STATUS Status;
+ UINT8 *NewData;
+ UINT8 *Payload;
+ UINTN PayloadSize;
+ EFI_VARIABLE_AUTHENTICATION_2 *DescriptorData;
+ UINTN DescriptorSize;
+ EFI_TIME Time;
+
+ if ((Data == NULL) || (DataSize == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -242,8 +244,8 @@ CreateTimeBasedPayload ( Payload = *Data;
PayloadSize = *DataSize;
- DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
- NewData = (UINT8*) AllocateZeroPool (DescriptorSize + PayloadSize);
+ DescriptorSize = OFFSET_OF (EFI_VARIABLE_AUTHENTICATION_2, AuthInfo) + OFFSET_OF (WIN_CERTIFICATE_UEFI_GUID, CertData);
+ NewData = (UINT8 *)AllocateZeroPool (DescriptorSize + PayloadSize);
if (NewData == NULL) {
return EFI_OUT_OF_RESOURCES;
}
@@ -252,14 +254,15 @@ CreateTimeBasedPayload ( CopyMem (NewData + DescriptorSize, Payload, PayloadSize);
}
- DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *) (NewData);
+ DescriptorData = (EFI_VARIABLE_AUTHENTICATION_2 *)(NewData);
ZeroMem (&Time, sizeof (EFI_TIME));
Status = gRT->GetTime (&Time, NULL);
if (EFI_ERROR (Status)) {
- FreePool(NewData);
+ FreePool (NewData);
return Status;
}
+
Time.Pad1 = 0;
Time.Nanosecond = 0;
Time.TimeZone = 0;
@@ -273,7 +276,7 @@ CreateTimeBasedPayload ( CopyGuid (&DescriptorData->AuthInfo.CertType, &gEfiCertPkcs7Guid);
if (Payload != NULL) {
- FreePool(Payload);
+ FreePool (Payload);
}
*DataSize = DescriptorSize + PayloadSize;
@@ -294,20 +297,21 @@ CreateTimeBasedPayload ( **/
EFI_STATUS
DeleteVariable (
- IN CHAR16 *VariableName,
- IN EFI_GUID *VendorGuid
+ IN CHAR16 *VariableName,
+ IN EFI_GUID *VendorGuid
)
{
- EFI_STATUS Status;
- VOID* Variable;
- UINT8 *Data;
- UINTN DataSize;
- UINT32 Attr;
+ EFI_STATUS Status;
+ VOID *Variable;
+ UINT8 *Data;
+ UINTN DataSize;
+ UINT32 Attr;
GetVariable2 (VariableName, VendorGuid, &Variable, NULL);
if (Variable == NULL) {
return EFI_SUCCESS;
}
+
FreePool (Variable);
Data = NULL;
@@ -331,6 +335,7 @@ DeleteVariable ( if (Data != NULL) {
FreePool (Data);
}
+
return Status;
}
@@ -369,13 +374,13 @@ SetSecureBootMode ( EFI_STATUS
EFIAPI
GetSetupMode (
- OUT UINT8 *SetupMode
-)
+ OUT UINT8 *SetupMode
+ )
{
- UINTN Size;
- EFI_STATUS Status;
+ UINTN Size;
+ EFI_STATUS Status;
- Size = sizeof (*SetupMode);
+ Size = sizeof (*SetupMode);
Status = gRT->GetVariable (
EFI_SETUP_MODE_NAME,
&gEfiGlobalVariableGuid,
@@ -401,9 +406,9 @@ EFI_STATUS EFIAPI
DeleteDb (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = DeleteVariable (
EFI_IMAGE_SECURITY_DATABASE,
@@ -424,9 +429,9 @@ EFI_STATUS EFIAPI
DeleteDbx (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = DeleteVariable (
EFI_IMAGE_SECURITY_DATABASE1,
@@ -447,9 +452,9 @@ EFI_STATUS EFIAPI
DeleteDbt (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = DeleteVariable (
EFI_IMAGE_SECURITY_DATABASE2,
@@ -470,9 +475,9 @@ EFI_STATUS EFIAPI
DeleteKEK (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = DeleteVariable (
EFI_KEY_EXCHANGE_KEY_NAME,
@@ -493,11 +498,11 @@ EFI_STATUS EFIAPI
DeletePlatformKey (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
- Status = SetSecureBootMode(CUSTOM_SECURE_BOOT_MODE);
+ Status = SetSecureBootMode (CUSTOM_SECURE_BOOT_MODE);
if (EFI_ERROR (Status)) {
return Status;
}
diff --git a/SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.c b/SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.c index 848f7ce929..536b0f3699 100644 --- a/SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.c +++ b/SecurityPkg/Library/SecureBootVariableProvisionLib/SecureBootVariableProvisionLib.c @@ -34,22 +34,22 @@ STATIC
EFI_STATUS
EnrollFromDefault (
- IN CHAR16 *VariableName,
- IN CHAR16 *DefaultName,
- IN EFI_GUID *VendorGuid
+ IN CHAR16 *VariableName,
+ IN CHAR16 *DefaultName,
+ IN EFI_GUID *VendorGuid
)
{
- VOID *Data;
+ VOID *Data;
UINTN DataSize;
EFI_STATUS Status;
Status = EFI_SUCCESS;
DataSize = 0;
- Status = GetVariable2 (DefaultName, &gEfiGlobalVariableGuid, &Data, &DataSize);
+ Status = GetVariable2 (DefaultName, &gEfiGlobalVariableGuid, &Data, &DataSize);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "error: GetVariable (\"%s): %r\n", DefaultName, Status));
- return Status;
+ DEBUG ((DEBUG_ERROR, "error: GetVariable (\"%s): %r\n", DefaultName, Status));
+ return Status;
}
CreateTimeBasedPayload (&DataSize, (UINT8 **)&Data);
@@ -73,8 +73,14 @@ EnrollFromDefault ( );
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_ERROR, "error: %a (\"%s\", %g): %r\n", __FUNCTION__, VariableName,
- VendorGuid, Status));
+ DEBUG ((
+ DEBUG_ERROR,
+ "error: %a (\"%s\", %g): %r\n",
+ __FUNCTION__,
+ VariableName,
+ VendorGuid,
+ Status
+ ));
}
if (Data != NULL) {
@@ -94,7 +100,7 @@ SecureBootInitPKDefault ( IN VOID
)
{
- EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *EfiSig;
UINTN SigListsSize;
EFI_STATUS Status;
UINT8 *Data;
@@ -103,7 +109,7 @@ SecureBootInitPKDefault ( //
// Check if variable exists, if so do not change it
//
- Status = GetVariable2 (EFI_PK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = GetVariable2 (EFI_PK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (Status == EFI_SUCCESS) {
DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_PK_DEFAULT_VARIABLE_NAME));
FreePool (Data);
@@ -151,16 +157,16 @@ SecureBootInitKEKDefault ( IN VOID
)
{
- EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *EfiSig;
UINTN SigListsSize;
EFI_STATUS Status;
- UINT8 *Data;
+ UINT8 *Data;
UINTN DataSize;
//
// Check if variable exists, if so do not change it
//
- Status = GetVariable2 (EFI_KEK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = GetVariable2 (EFI_KEK_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (Status == EFI_SUCCESS) {
DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_KEK_DEFAULT_VARIABLE_NAME));
FreePool (Data);
@@ -182,7 +188,6 @@ SecureBootInitKEKDefault ( return Status;
}
-
Status = gRT->SetVariable (
EFI_KEK_DEFAULT_VARIABLE_NAME,
&gEfiGlobalVariableGuid,
@@ -209,13 +214,13 @@ SecureBootInitDbDefault ( IN VOID
)
{
- EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *EfiSig;
UINTN SigListsSize;
EFI_STATUS Status;
- UINT8 *Data;
+ UINT8 *Data;
UINTN DataSize;
- Status = GetVariable2 (EFI_DB_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = GetVariable2 (EFI_DB_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (Status == EFI_SUCCESS) {
DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DB_DEFAULT_VARIABLE_NAME));
FreePool (Data);
@@ -230,7 +235,7 @@ SecureBootInitDbDefault ( Status = SecureBootFetchData (&gDefaultdbFileGuid, &SigListsSize, &EfiSig);
if (EFI_ERROR (Status)) {
- return Status;
+ return Status;
}
Status = gRT->SetVariable (
@@ -241,7 +246,7 @@ SecureBootInitDbDefault ( (VOID *)EfiSig
);
if (EFI_ERROR (Status)) {
- DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DB_DEFAULT_VARIABLE_NAME));
+ DEBUG ((DEBUG_INFO, "Failed to set %s\n", EFI_DB_DEFAULT_VARIABLE_NAME));
}
FreePool (EfiSig);
@@ -259,16 +264,16 @@ SecureBootInitDbxDefault ( IN VOID
)
{
- EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *EfiSig;
UINTN SigListsSize;
EFI_STATUS Status;
- UINT8 *Data;
+ UINT8 *Data;
UINTN DataSize;
//
// Check if variable exists, if so do not change it
//
- Status = GetVariable2 (EFI_DBX_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = GetVariable2 (EFI_DBX_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (Status == EFI_SUCCESS) {
DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DBX_DEFAULT_VARIABLE_NAME));
FreePool (Data);
@@ -316,16 +321,16 @@ SecureBootInitDbtDefault ( IN VOID
)
{
- EFI_SIGNATURE_LIST *EfiSig;
+ EFI_SIGNATURE_LIST *EfiSig;
UINTN SigListsSize;
EFI_STATUS Status;
- UINT8 *Data;
+ UINT8 *Data;
UINTN DataSize;
//
// Check if variable exists, if so do not change it
//
- Status = GetVariable2 (EFI_DBT_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **) &Data, &DataSize);
+ Status = GetVariable2 (EFI_DBT_DEFAULT_VARIABLE_NAME, &gEfiGlobalVariableGuid, (VOID **)&Data, &DataSize);
if (Status == EFI_SUCCESS) {
DEBUG ((DEBUG_INFO, "Variable %s exists. Old value is preserved\n", EFI_DBT_DEFAULT_VARIABLE_NAME));
FreePool (Data);
@@ -343,7 +348,7 @@ SecureBootInitDbtDefault ( Status = SecureBootFetchData (&gDefaultdbtFileGuid, &SigListsSize, &EfiSig);
if (EFI_ERROR (Status)) {
- return Status;
+ return Status;
}
Status = gRT->SetVariable (
@@ -373,9 +378,9 @@ EFI_STATUS EFIAPI
EnrollDbFromDefault (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = EnrollFromDefault (
EFI_IMAGE_SECURITY_DATABASE,
@@ -397,9 +402,9 @@ EFI_STATUS EFIAPI
EnrollDbxFromDefault (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = EnrollFromDefault (
EFI_IMAGE_SECURITY_DATABASE1,
@@ -421,14 +426,15 @@ EFI_STATUS EFIAPI
EnrollDbtFromDefault (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = EnrollFromDefault (
EFI_IMAGE_SECURITY_DATABASE2,
EFI_DBT_DEFAULT_VARIABLE_NAME,
- &gEfiImageSecurityDatabaseGuid);
+ &gEfiImageSecurityDatabaseGuid
+ );
return Status;
}
@@ -444,9 +450,9 @@ EFI_STATUS EFIAPI
EnrollKEKFromDefault (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = EnrollFromDefault (
EFI_KEY_EXCHANGE_KEY_NAME,
@@ -468,9 +474,9 @@ EFI_STATUS EFIAPI
EnrollPKFromDefault (
VOID
-)
+ )
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = EnrollFromDefault (
EFI_PLATFORM_KEY_NAME,
diff --git a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/MmTcg2PhysicalPresenceLibCommon.c b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/MmTcg2PhysicalPresenceLibCommon.c index 3788537db3..1fbfc00547 100644 --- a/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/MmTcg2PhysicalPresenceLibCommon.c +++ b/SecurityPkg/Library/SmmTcg2PhysicalPresenceLib/MmTcg2PhysicalPresenceLibCommon.c @@ -27,7 +27,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/Tcg2PpVendorLib.h>
#include <Library/MmServicesTableLib.h>
-#define PP_INF_VERSION_1_2 "1.2"
+#define PP_INF_VERSION_1_2 "1.2"
EFI_SMM_VARIABLE_PROTOCOL *mTcg2PpSmmVariable;
BOOLEAN mIsTcg2PPVerLowerThan_1_3 = FALSE;
@@ -47,13 +47,13 @@ UINT32 mTcg2PhysicalPresenceFlags; UINT32
EFIAPI
Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
- OUT UINT32 *MostRecentRequest,
- OUT UINT32 *Response
+ OUT UINT32 *MostRecentRequest,
+ OUT UINT32 *Response
)
{
- EFI_STATUS Status;
- UINTN DataSize;
- EFI_TCG2_PHYSICAL_PRESENCE PpData;
+ EFI_STATUS Status;
+ UINTN DataSize;
+ EFI_TCG2_PHYSICAL_PRESENCE PpData;
DEBUG ((DEBUG_INFO, "[TPM2] ReturnOperationResponseToOsFunction\n"));
@@ -61,13 +61,13 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( // Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = mTcg2PpSmmVariable->SmmGetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = mTcg2PpSmmVariable->SmmGetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
*MostRecentRequest = 0;
*Response = 0;
@@ -98,8 +98,8 @@ Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction ( **/
UINT32
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
- IN OUT UINT32 *OperationRequest,
- IN OUT UINT32 *RequestParameter
+ IN OUT UINT32 *OperationRequest,
+ IN OUT UINT32 *RequestParameter
)
{
EFI_STATUS Status;
@@ -115,13 +115,13 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( // Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = mTcg2PpSmmVariable->SmmGetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = mTcg2PpSmmVariable->SmmGetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
@@ -129,23 +129,25 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( }
if ((*OperationRequest > TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) &&
- (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN) ) {
+ (*OperationRequest < TCG2_PHYSICAL_PRESENCE_STORAGE_MANAGEMENT_BEGIN))
+ {
ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED;
goto EXIT;
}
if ((PpData.PPRequest != *OperationRequest) ||
- (PpData.PPRequestParameter != *RequestParameter)) {
- PpData.PPRequest = (UINT8)*OperationRequest;
+ (PpData.PPRequestParameter != *RequestParameter))
+ {
+ PpData.PPRequest = (UINT8)*OperationRequest;
PpData.PPRequestParameter = *RequestParameter;
- DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = mTcg2PpSmmVariable->SmmSetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
- DataSize,
- &PpData
- );
+ DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
+ Status = mTcg2PpSmmVariable->SmmSetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS | EFI_VARIABLE_RUNTIME_ACCESS,
+ DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Set PP variable failure! Status = %r\n", Status));
ReturnCode = TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE;
@@ -155,16 +157,17 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx ( if (*OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = mTcg2PpSmmVariable->SmmGetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &Flags
- );
+ Status = mTcg2PpSmmVariable->SmmGetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &Flags
+ );
if (EFI_ERROR (Status)) {
Flags.PPFlags = mTcg2PhysicalPresenceFlags;
}
+
ReturnCode = Tcg2PpVendorLibSubmitRequestToPreOSFunction (*OperationRequest, Flags.PPFlags, *RequestParameter);
}
@@ -175,7 +178,7 @@ EXIT: if (ReturnCode != TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS) {
DEBUG ((DEBUG_ERROR, "[TPM2] Submit PP Request failure! Sync PPRQ/PPRM with PP variable.\n", Status));
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- ZeroMem(&PpData, DataSize);
+ ZeroMem (&PpData, DataSize);
Status = mTcg2PpSmmVariable->SmmGetVariable (
TCG2_PHYSICAL_PRESENCE_VARIABLE,
&gEfiTcg2PhysicalPresenceGuid,
@@ -208,17 +211,17 @@ EXIT: UINT32
EFIAPI
Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
- IN UINT32 OperationRequest,
- IN UINT32 RequestParameter
+ IN UINT32 OperationRequest,
+ IN UINT32 RequestParameter
)
{
- UINT32 TempOperationRequest;
- UINT32 TempRequestParameter;
+ UINT32 TempOperationRequest;
+ UINT32 TempRequestParameter;
TempOperationRequest = OperationRequest;
TempRequestParameter = RequestParameter;
- return Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx(&TempOperationRequest, &TempRequestParameter);
+ return Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (&TempOperationRequest, &TempRequestParameter);
}
/**
@@ -236,7 +239,7 @@ Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction ( UINT32
EFIAPI
Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
- IN UINT32 OperationRequest
+ IN UINT32 OperationRequest
)
{
EFI_STATUS Status;
@@ -251,28 +254,29 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( // Get the Physical Presence variable
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE);
- Status = mTcg2PpSmmVariable->SmmGetVariable (
- TCG2_PHYSICAL_PRESENCE_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &PpData
- );
+ Status = mTcg2PpSmmVariable->SmmGetVariable (
+ TCG2_PHYSICAL_PRESENCE_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &PpData
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Get PP variable failure! Status = %r\n", Status));
return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
}
+
//
// Get the Physical Presence flags
//
DataSize = sizeof (EFI_TCG2_PHYSICAL_PRESENCE_FLAGS);
- Status = mTcg2PpSmmVariable->SmmGetVariable (
- TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
- &gEfiTcg2PhysicalPresenceGuid,
- NULL,
- &DataSize,
- &Flags
- );
+ Status = mTcg2PpSmmVariable->SmmGetVariable (
+ TCG2_PHYSICAL_PRESENCE_FLAGS_VARIABLE,
+ &gEfiTcg2PhysicalPresenceGuid,
+ NULL,
+ &DataSize,
+ &Flags
+ );
if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "[TPM2] Get PP flags failure! Status = %r\n", Status));
return TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION;
@@ -288,6 +292,7 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR) == 0) {
RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_NO_ACTION:
@@ -302,12 +307,14 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS) == 0) {
RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_CHANGE_EPS:
if ((Flags.PPFlags & TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS) == 0) {
RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_LOG_ALL_DIGESTS:
@@ -318,12 +325,14 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID) == 0) {
RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_DISABLE_BLOCK_SID:
if ((Flags.PPFlags & TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID) == 0) {
RequestConfirmed = TRUE;
}
+
break;
case TCG2_PHYSICAL_PRESENCE_SET_PP_REQUIRED_FOR_ENABLE_BLOCK_SID_FUNC_TRUE:
@@ -344,15 +353,16 @@ Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction ( return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
}
} else {
- //
- // TCG PP lower than 1.3. (1.0, 1.1, 1.2)
- //
- if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
- RequestConfirmed = TRUE;
- } else if (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
- return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
- }
+ //
+ // TCG PP lower than 1.3. (1.0, 1.1, 1.2)
+ //
+ if (OperationRequest <= TCG2_PHYSICAL_PRESENCE_NO_ACTION_MAX) {
+ RequestConfirmed = TRUE;
+ } else if (OperationRequest < TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION) {
+ return TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED;
+ }
}
+
break;
}
@@ -382,17 +392,17 @@ Tcg2PhysicalPresenceLibCommonConstructor ( {
EFI_STATUS Status;
- if (AsciiStrnCmp(PP_INF_VERSION_1_2, (CHAR8 *)PcdGetPtr(PcdTcgPhysicalPresenceInterfaceVer), sizeof(PP_INF_VERSION_1_2) - 1) >= 0) {
+ if (AsciiStrnCmp (PP_INF_VERSION_1_2, (CHAR8 *)PcdGetPtr (PcdTcgPhysicalPresenceInterfaceVer), sizeof (PP_INF_VERSION_1_2) - 1) >= 0) {
mIsTcg2PPVerLowerThan_1_3 = TRUE;
}
//
// Locate SmmVariableProtocol.
//
- Status = gMmst->MmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID**)&mTcg2PpSmmVariable);
+ Status = gMmst->MmLocateProtocol (&gEfiSmmVariableProtocolGuid, NULL, (VOID **)&mTcg2PpSmmVariable);
ASSERT_EFI_ERROR (Status);
- mTcg2PhysicalPresenceFlags = PcdGet32(PcdTcg2PhysicalPresenceFlags);
+ mTcg2PhysicalPresenceFlags = PcdGet32 (PcdTcg2PhysicalPresenceFlags);
return EFI_SUCCESS;
}
diff --git a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c index aa3dcb6beb..89ef26e2fd 100644 --- a/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c +++ b/SecurityPkg/Library/Tcg2PpVendorLibNull/Tcg2PpVendorLibNull.c @@ -30,10 +30,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent UINT32
EFIAPI
Tcg2PpVendorLibExecutePendingRequest (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL,
- IN UINT32 OperationRequest,
- IN OUT UINT32 *ManagementFlags,
- OUT BOOLEAN *ResetRequired
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL,
+ IN UINT32 OperationRequest,
+ IN OUT UINT32 *ManagementFlags,
+ OUT BOOLEAN *ResetRequired
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -61,9 +61,9 @@ Tcg2PpVendorLibExecutePendingRequest ( BOOLEAN
EFIAPI
Tcg2PpVendorLibHasValidRequest (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags,
- OUT BOOLEAN *RequestConfirmed
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags,
+ OUT BOOLEAN *RequestConfirmed
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -91,9 +91,9 @@ Tcg2PpVendorLibHasValidRequest ( UINT32
EFIAPI
Tcg2PpVendorLibSubmitRequestToPreOSFunction (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags,
- IN UINT32 RequestParameter
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags,
+ IN UINT32 RequestParameter
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -118,8 +118,8 @@ Tcg2PpVendorLibSubmitRequestToPreOSFunction ( UINT32
EFIAPI
Tcg2PpVendorLibGetUserConfirmationStatusFunction (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG2_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
diff --git a/SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c b/SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c index e8a53fca0d..e1e0f990d3 100644 --- a/SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c +++ b/SecurityPkg/Library/TcgEventLogRecordLib/TcgEventLogRecordLib.c @@ -32,8 +32,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID *
TpmMeasurementGetFvName (
- IN EFI_PHYSICAL_ADDRESS FvBase,
- IN UINT64 FvLength
+ IN EFI_PHYSICAL_ADDRESS FvBase,
+ IN UINT64 FvLength
)
{
EFI_FIRMWARE_VOLUME_HEADER *FvHeader;
@@ -42,10 +42,12 @@ TpmMeasurementGetFvName ( if (FvBase >= MAX_ADDRESS) {
return NULL;
}
+
if (FvLength >= MAX_ADDRESS - FvBase) {
return NULL;
}
- if (FvLength < sizeof(EFI_FIRMWARE_VOLUME_HEADER)) {
+
+ if (FvLength < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
return NULL;
}
@@ -53,12 +55,15 @@ TpmMeasurementGetFvName ( if (FvHeader->Signature != EFI_FVH_SIGNATURE) {
return NULL;
}
- if (FvHeader->ExtHeaderOffset < sizeof(EFI_FIRMWARE_VOLUME_HEADER)) {
+
+ if (FvHeader->ExtHeaderOffset < sizeof (EFI_FIRMWARE_VOLUME_HEADER)) {
return NULL;
}
- if (FvHeader->ExtHeaderOffset + sizeof(EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
+
+ if (FvHeader->ExtHeaderOffset + sizeof (EFI_FIRMWARE_VOLUME_EXT_HEADER) > FvLength) {
return NULL;
}
+
FvExtHeader = (EFI_FIRMWARE_VOLUME_EXT_HEADER *)(UINTN)(FvBase + FvHeader->ExtHeaderOffset);
return &FvExtHeader->FvName;
@@ -80,44 +85,45 @@ TpmMeasurementGetFvName ( EFI_STATUS
EFIAPI
MeasureFirmwareBlob (
- IN UINT32 PcrIndex,
- IN CHAR8 *Description OPTIONAL,
- IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase,
- IN UINT64 FirmwareBlobLength
+ IN UINT32 PcrIndex,
+ IN CHAR8 *Description OPTIONAL,
+ IN EFI_PHYSICAL_ADDRESS FirmwareBlobBase,
+ IN UINT64 FirmwareBlobLength
)
{
- EFI_PLATFORM_FIRMWARE_BLOB FvBlob;
- PLATFORM_FIRMWARE_BLOB2_STRUCT FvBlob2;
- VOID *FvName;
- UINT32 EventType;
- VOID *EventLog;
- UINT32 EventLogSize;
- EFI_STATUS Status;
+ EFI_PLATFORM_FIRMWARE_BLOB FvBlob;
+ PLATFORM_FIRMWARE_BLOB2_STRUCT FvBlob2;
+ VOID *FvName;
+ UINT32 EventType;
+ VOID *EventLog;
+ UINT32 EventLogSize;
+ EFI_STATUS Status;
FvName = TpmMeasurementGetFvName (FirmwareBlobBase, FirmwareBlobLength);
if (((Description != NULL) || (FvName != NULL)) &&
- (PcdGet32(PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105)) {
+ (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))
+ {
if (Description != NULL) {
- AsciiSPrint((CHAR8*)FvBlob2.BlobDescription, sizeof(FvBlob2.BlobDescription), "%a", Description);
+ AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "%a", Description);
} else {
- AsciiSPrint((CHAR8*)FvBlob2.BlobDescription, sizeof(FvBlob2.BlobDescription), "Fv(%g)", FvName);
+ AsciiSPrint ((CHAR8 *)FvBlob2.BlobDescription, sizeof (FvBlob2.BlobDescription), "Fv(%g)", FvName);
}
- FvBlob2.BlobDescriptionSize = sizeof(FvBlob2.BlobDescription);
- FvBlob2.BlobBase = FirmwareBlobBase;
- FvBlob2.BlobLength = FirmwareBlobLength;
+ FvBlob2.BlobDescriptionSize = sizeof (FvBlob2.BlobDescription);
+ FvBlob2.BlobBase = FirmwareBlobBase;
+ FvBlob2.BlobLength = FirmwareBlobLength;
- EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB2;
- EventLog = &FvBlob2;
- EventLogSize = sizeof(FvBlob2);
+ EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB2;
+ EventLog = &FvBlob2;
+ EventLogSize = sizeof (FvBlob2);
} else {
- FvBlob.BlobBase = FirmwareBlobBase;
+ FvBlob.BlobBase = FirmwareBlobBase;
FvBlob.BlobLength = FirmwareBlobLength;
- EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB;
- EventLog = &FvBlob;
- EventLogSize = sizeof(FvBlob);
+ EventType = EV_EFI_PLATFORM_FIRMWARE_BLOB;
+ EventLog = &FvBlob;
+ EventLogSize = sizeof (FvBlob);
}
Status = TpmMeasureAndLogData (
@@ -125,7 +131,7 @@ MeasureFirmwareBlob ( EventType,
EventLog,
EventLogSize,
- (VOID*)(UINTN)FirmwareBlobBase,
+ (VOID *)(UINTN)FirmwareBlobBase,
FirmwareBlobLength
);
@@ -149,40 +155,41 @@ MeasureFirmwareBlob ( EFI_STATUS
EFIAPI
MeasureHandoffTable (
- IN UINT32 PcrIndex,
- IN CHAR8 *Description OPTIONAL,
- IN EFI_GUID *TableGuid,
- IN VOID *TableAddress,
- IN UINTN TableLength
+ IN UINT32 PcrIndex,
+ IN CHAR8 *Description OPTIONAL,
+ IN EFI_GUID *TableGuid,
+ IN VOID *TableAddress,
+ IN UINTN TableLength
)
{
- EFI_HANDOFF_TABLE_POINTERS HandoffTables;
- HANDOFF_TABLE_POINTERS2_STRUCT HandoffTables2;
- UINT32 EventType;
- VOID *EventLog;
- UINT32 EventLogSize;
- EFI_STATUS Status;
+ EFI_HANDOFF_TABLE_POINTERS HandoffTables;
+ HANDOFF_TABLE_POINTERS2_STRUCT HandoffTables2;
+ UINT32 EventType;
+ VOID *EventLog;
+ UINT32 EventLogSize;
+ EFI_STATUS Status;
if ((Description != NULL) &&
- (PcdGet32(PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105)) {
- AsciiSPrint((CHAR8*)HandoffTables2.TableDescription, sizeof(HandoffTables2.TableDescription), "%a", Description);
+ (PcdGet32 (PcdTcgPfpMeasurementRevision) >= TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105))
+ {
+ AsciiSPrint ((CHAR8 *)HandoffTables2.TableDescription, sizeof (HandoffTables2.TableDescription), "%a", Description);
- HandoffTables2.TableDescriptionSize = sizeof(HandoffTables2.TableDescription);
- HandoffTables2.NumberOfTables = 1;
+ HandoffTables2.TableDescriptionSize = sizeof (HandoffTables2.TableDescription);
+ HandoffTables2.NumberOfTables = 1;
CopyGuid (&(HandoffTables2.TableEntry[0].VendorGuid), TableGuid);
HandoffTables2.TableEntry[0].VendorTable = TableAddress;
- EventType = EV_EFI_HANDOFF_TABLES2;
- EventLog = &HandoffTables2;
- EventLogSize = sizeof(HandoffTables2);
+ EventType = EV_EFI_HANDOFF_TABLES2;
+ EventLog = &HandoffTables2;
+ EventLogSize = sizeof (HandoffTables2);
} else {
HandoffTables.NumberOfTables = 1;
CopyGuid (&(HandoffTables.TableEntry[0].VendorGuid), TableGuid);
HandoffTables.TableEntry[0].VendorTable = TableAddress;
- EventType = EV_EFI_HANDOFF_TABLES;
- EventLog = &HandoffTables;
- EventLogSize = sizeof(HandoffTables);
+ EventType = EV_EFI_HANDOFF_TABLES;
+ EventLog = &HandoffTables;
+ EventLogSize = sizeof (HandoffTables);
}
Status = TpmMeasureAndLogData (
diff --git a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c index c07d1c4833..a73e975186 100644 --- a/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c +++ b/SecurityPkg/Library/TcgPpVendorLibNull/TcgPpVendorLibNull.c @@ -29,9 +29,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent UINT32
EFIAPI
TcgPpVendorLibExecutePendingRequest (
- IN UINT32 OperationRequest,
- IN OUT UINT32 *ManagementFlags,
- OUT BOOLEAN *ResetRequired
+ IN UINT32 OperationRequest,
+ IN OUT UINT32 *ManagementFlags,
+ OUT BOOLEAN *ResetRequired
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -59,9 +59,9 @@ TcgPpVendorLibExecutePendingRequest ( BOOLEAN
EFIAPI
TcgPpVendorLibHasValidRequest (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags,
- OUT BOOLEAN *RequestConfirmed
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags,
+ OUT BOOLEAN *RequestConfirmed
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -88,8 +88,8 @@ TcgPpVendorLibHasValidRequest ( UINT32
EFIAPI
TcgPpVendorLibSubmitRequestToPreOSFunction (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
@@ -114,8 +114,8 @@ TcgPpVendorLibSubmitRequestToPreOSFunction ( UINT32
EFIAPI
TcgPpVendorLibGetUserConfirmationStatusFunction (
- IN UINT32 OperationRequest,
- IN UINT32 ManagementFlags
+ IN UINT32 OperationRequest,
+ IN UINT32 ManagementFlags
)
{
ASSERT (OperationRequest >= TCG_PHYSICAL_PRESENCE_VENDOR_SPECIFIC_OPERATION);
diff --git a/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCore.c b/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCore.c index 660f79effd..a9946c76f4 100644 --- a/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCore.c +++ b/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageCore.c @@ -11,7 +11,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/BaseLib.h>
#include <Library/BaseMemoryLib.h>
#include <Library/DebugLib.h>
-//#include <Library/PrintLib.h>
+// #include <Library/PrintLib.h>
/**
Required to be called before calling any other Tcg functions with the TCG_CREATE_STRUCT.
@@ -25,25 +25,25 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
TCG_RESULT
EFIAPI
-TcgInitTcgCreateStruct(
- TCG_CREATE_STRUCT *CreateStruct,
- VOID *Buffer,
- UINT32 BufferSize
+TcgInitTcgCreateStruct (
+ TCG_CREATE_STRUCT *CreateStruct,
+ VOID *Buffer,
+ UINT32 BufferSize
)
{
- NULL_CHECK(CreateStruct);
- NULL_CHECK(Buffer);
+ NULL_CHECK (CreateStruct);
+ NULL_CHECK (Buffer);
if (BufferSize == 0) {
DEBUG ((DEBUG_INFO, "BufferSize=0\n"));
return (TcgResultFailureZeroSize);
}
- ZeroMem(Buffer, BufferSize);
- CreateStruct->BufferSize = BufferSize;
- CreateStruct->Buffer = Buffer;
- CreateStruct->ComPacket = NULL;
- CreateStruct->CurPacket = NULL;
+ ZeroMem (Buffer, BufferSize);
+ CreateStruct->BufferSize = BufferSize;
+ CreateStruct->Buffer = Buffer;
+ CreateStruct->ComPacket = NULL;
+ CreateStruct->CurPacket = NULL;
CreateStruct->CurSubPacket = NULL;
return (TcgResultSuccess);
@@ -60,31 +60,37 @@ TcgInitTcgCreateStruct( **/
TCG_RESULT
EFIAPI
-TcgStartComPacket(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT16 ComId,
- UINT16 ComIdExtension
+TcgStartComPacket (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT16 ComId,
+ UINT16 ComIdExtension
)
{
- NULL_CHECK(CreateStruct);
-
- if (CreateStruct->ComPacket != NULL ||
- CreateStruct->CurPacket != NULL ||
- CreateStruct->CurSubPacket != NULL
- ) {
- DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket,
- CreateStruct->CurSubPacket));
+ NULL_CHECK (CreateStruct);
+
+ if ((CreateStruct->ComPacket != NULL) ||
+ (CreateStruct->CurPacket != NULL) ||
+ (CreateStruct->CurSubPacket != NULL)
+ )
+ {
+ DEBUG ((
+ DEBUG_INFO,
+ "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n",
+ CreateStruct->ComPacket,
+ CreateStruct->CurPacket,
+ CreateStruct->CurSubPacket
+ ));
return (TcgResultFailureInvalidAction);
}
- if (sizeof(TCG_COM_PACKET) > CreateStruct->BufferSize) {
+ if (sizeof (TCG_COM_PACKET) > CreateStruct->BufferSize) {
DEBUG ((DEBUG_INFO, "BufferSize=0x%X\n", CreateStruct->BufferSize));
return (TcgResultFailureBufferTooSmall);
}
- CreateStruct->ComPacket = (TCG_COM_PACKET*)CreateStruct->Buffer;
- CreateStruct->ComPacket->ComIDBE = SwapBytes16(ComId);
- CreateStruct->ComPacket->ComIDExtensionBE = SwapBytes16(ComIdExtension);
+ CreateStruct->ComPacket = (TCG_COM_PACKET *)CreateStruct->Buffer;
+ CreateStruct->ComPacket->ComIDBE = SwapBytes16 (ComId);
+ CreateStruct->ComPacket->ComIDExtensionBE = SwapBytes16 (ComIdExtension);
return (TcgResultSuccess);
}
@@ -103,48 +109,50 @@ TcgStartComPacket( **/
TCG_RESULT
EFIAPI
-TcgStartPacket(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 Tsn,
- UINT32 Hsn,
- UINT32 SeqNumber,
- UINT16 AckType,
- UINT32 Ack
+TcgStartPacket (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 Tsn,
+ UINT32 Hsn,
+ UINT32 SeqNumber,
+ UINT16 AckType,
+ UINT32 Ack
)
{
- UINT32 AddedSize;
- NULL_CHECK(CreateStruct);
+ UINT32 AddedSize;
+
+ NULL_CHECK (CreateStruct);
AddedSize = 0;
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket != NULL ||
- CreateStruct->CurSubPacket != NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket != NULL) ||
+ (CreateStruct->CurSubPacket != NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
// update TCG_COM_PACKET and packet lengths
- AddedSize = sizeof(TCG_PACKET);
+ AddedSize = sizeof (TCG_PACKET);
- if ((SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
+ if ((SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
DEBUG ((DEBUG_INFO, "BufferSize=0x%X\n", CreateStruct->BufferSize));
return (TcgResultFailureBufferTooSmall);
}
- CreateStruct->CurPacket = (TCG_PACKET*)(CreateStruct->ComPacket->Payload + SwapBytes32(CreateStruct->ComPacket->LengthBE));
+ CreateStruct->CurPacket = (TCG_PACKET *)(CreateStruct->ComPacket->Payload + SwapBytes32 (CreateStruct->ComPacket->LengthBE));
- CreateStruct->CurPacket->TperSessionNumberBE = SwapBytes32( Tsn );
- CreateStruct->CurPacket->HostSessionNumberBE = SwapBytes32( Hsn );
- CreateStruct->CurPacket->SequenceNumberBE = SwapBytes32( SeqNumber );
- CreateStruct->CurPacket->AckTypeBE = SwapBytes16( AckType );
- CreateStruct->CurPacket->AcknowledgementBE = SwapBytes32( Ack );
+ CreateStruct->CurPacket->TperSessionNumberBE = SwapBytes32 (Tsn);
+ CreateStruct->CurPacket->HostSessionNumberBE = SwapBytes32 (Hsn);
+ CreateStruct->CurPacket->SequenceNumberBE = SwapBytes32 (SeqNumber);
+ CreateStruct->CurPacket->AckTypeBE = SwapBytes16 (AckType);
+ CreateStruct->CurPacket->AcknowledgementBE = SwapBytes32 (Ack);
CreateStruct->CurPacket->LengthBE = 0;
// update TCG_COM_PACKET Length for next pointer
- CreateStruct->ComPacket->LengthBE = SwapBytes32( SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize );
+ CreateStruct->ComPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize);
return (TcgResultSuccess);
}
@@ -159,41 +167,42 @@ TcgStartPacket( **/
TCG_RESULT
EFIAPI
-TcgStartSubPacket(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT16 Kind
+TcgStartSubPacket (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT16 Kind
)
{
- UINT32 AddedSize;
+ UINT32 AddedSize;
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
AddedSize = 0;
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket != NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket != NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- AddedSize = sizeof(TCG_SUB_PACKET);
+ AddedSize = sizeof (TCG_SUB_PACKET);
- if ((SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
+ if ((SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
DEBUG ((DEBUG_INFO, "BufferSize=0x%X\n", CreateStruct->BufferSize));
return (TcgResultFailureBufferTooSmall);
}
- CreateStruct->CurSubPacket = (TCG_SUB_PACKET*)(CreateStruct->CurPacket->Payload + SwapBytes32(CreateStruct->CurPacket->LengthBE));
- CreateStruct->CurSubPacket->KindBE = SwapBytes16(Kind);
+ CreateStruct->CurSubPacket = (TCG_SUB_PACKET *)(CreateStruct->CurPacket->Payload + SwapBytes32 (CreateStruct->CurPacket->LengthBE));
+ CreateStruct->CurSubPacket->KindBE = SwapBytes16 (Kind);
// update lengths
CreateStruct->CurSubPacket->LengthBE = 0;
// update TCG_COM_PACKET and packet lengths
- CreateStruct->ComPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize);
- CreateStruct->CurPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->CurPacket->LengthBE) + AddedSize);
+ CreateStruct->ComPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize);
+ CreateStruct->CurPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->CurPacket->LengthBE) + AddedSize);
return (TcgResultSuccess);
}
@@ -208,39 +217,40 @@ TcgStartSubPacket( **/
TCG_RESULT
EFIAPI
-TcgEndSubPacket(
- TCG_CREATE_STRUCT *CreateStruct
+TcgEndSubPacket (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- UINT32 PadSize;
+ UINT32 PadSize;
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
PadSize = 0;
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
// align to 4-byte boundaries, so shift padding
// pad Size does not apply to subpacket Length
- PadSize = TCG_SUBPACKET_ALIGNMENT - (SwapBytes32(CreateStruct->CurSubPacket->LengthBE) & (TCG_SUBPACKET_ALIGNMENT - 1));
+ PadSize = TCG_SUBPACKET_ALIGNMENT - (SwapBytes32 (CreateStruct->CurSubPacket->LengthBE) & (TCG_SUBPACKET_ALIGNMENT - 1));
if (PadSize == TCG_SUBPACKET_ALIGNMENT) {
PadSize = 0;
}
- if ((SwapBytes32(CreateStruct->ComPacket->LengthBE) + PadSize) > CreateStruct->BufferSize) {
+ if ((SwapBytes32 (CreateStruct->ComPacket->LengthBE) + PadSize) > CreateStruct->BufferSize) {
DEBUG ((DEBUG_INFO, "BufferSize=0x%X\n", CreateStruct->BufferSize));
return (TcgResultFailureBufferTooSmall);
}
- CreateStruct->CurPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->CurPacket->LengthBE) + PadSize);
- CreateStruct->ComPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->ComPacket->LengthBE) + PadSize);
+ CreateStruct->CurPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->CurPacket->LengthBE) + PadSize);
+ CreateStruct->ComPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->ComPacket->LengthBE) + PadSize);
CreateStruct->CurSubPacket = NULL;
@@ -256,16 +266,17 @@ TcgEndSubPacket( **/
TCG_RESULT
EFIAPI
-TcgEndPacket(
- TCG_CREATE_STRUCT *CreateStruct
+TcgEndPacket (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket != NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket != NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
@@ -285,23 +296,24 @@ TcgEndPacket( **/
TCG_RESULT
EFIAPI
-TcgEndComPacket(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size
+TcgEndComPacket (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size
)
{
- NULL_CHECK(CreateStruct);
- NULL_CHECK(Size);
-
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket != NULL ||
- CreateStruct->CurSubPacket != NULL
- ) {
+ NULL_CHECK (CreateStruct);
+ NULL_CHECK (Size);
+
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket != NULL) ||
+ (CreateStruct->CurSubPacket != NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- *Size = SwapBytes32(CreateStruct->ComPacket->LengthBE) + sizeof(*CreateStruct->ComPacket);
+ *Size = SwapBytes32 (CreateStruct->ComPacket->LengthBE) + sizeof (*CreateStruct->ComPacket);
CreateStruct->ComPacket = NULL;
return (TcgResultSuccess);
@@ -319,55 +331,57 @@ TcgEndComPacket( **/
TCG_RESULT
-TcgAddRawTokenData(
- TCG_CREATE_STRUCT *CreateStruct,
- const VOID *Header,
- UINT8 HeaderSize,
- const VOID *Data,
- UINT32 DataSize,
- BOOLEAN ByteSwapData
+TcgAddRawTokenData (
+ TCG_CREATE_STRUCT *CreateStruct,
+ const VOID *Header,
+ UINT8 HeaderSize,
+ const VOID *Data,
+ UINT32 DataSize,
+ BOOLEAN ByteSwapData
)
{
- UINT32 AddedSize;
- UINT8* Dest;
- const UINT8* DataBytes;
- UINT32 Index;
+ UINT32 AddedSize;
+ UINT8 *Dest;
+ const UINT8 *DataBytes;
+ UINT32 Index;
AddedSize = 0;
- Index = 0;
- Dest = NULL;
+ Index = 0;
+ Dest = NULL;
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if ((HeaderSize != 0 && Header == NULL) ||
- (DataSize != 0 && Data == NULL)
- ) {
+ if (((HeaderSize != 0) && (Header == NULL)) ||
+ ((DataSize != 0) && (Data == NULL))
+ )
+ {
DEBUG ((DEBUG_INFO, "HeaderSize=0x%X Header=%p DataSize=0x%X Data=%p\n", HeaderSize, Header, DataSize, Data));
return (TcgResultFailureNullPointer);
}
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
// verify there is enough Buffer Size
AddedSize = HeaderSize + DataSize;
- if ((SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
+ if ((SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize) > CreateStruct->BufferSize) {
return (TcgResultFailureBufferTooSmall);
}
// Get a pointer to where the new bytes should go
- Dest = CreateStruct->ComPacket->Payload + SwapBytes32(CreateStruct->ComPacket->LengthBE);
+ Dest = CreateStruct->ComPacket->Payload + SwapBytes32 (CreateStruct->ComPacket->LengthBE);
switch (HeaderSize) {
- case sizeof(TCG_SIMPLE_TOKEN_SHORT_ATOM):
- case sizeof(TCG_SIMPLE_TOKEN_MEDIUM_ATOM):
- case sizeof(TCG_SIMPLE_TOKEN_LONG_ATOM):
- CopyMem(Dest, Header, HeaderSize);
+ case sizeof (TCG_SIMPLE_TOKEN_SHORT_ATOM):
+ case sizeof (TCG_SIMPLE_TOKEN_MEDIUM_ATOM):
+ case sizeof (TCG_SIMPLE_TOKEN_LONG_ATOM):
+ CopyMem (Dest, Header, HeaderSize);
Dest += HeaderSize;
case 0: // no Header is valid
break;
@@ -379,18 +393,18 @@ TcgAddRawTokenData( // copy the Data bytes
if (ByteSwapData) {
- DataBytes = (const UINT8*)Data;
+ DataBytes = (const UINT8 *)Data;
for (Index = 0; Index < DataSize; Index++) {
Dest[Index] = DataBytes[DataSize - 1 - Index];
}
} else {
- CopyMem(Dest, Data, DataSize);
+ CopyMem (Dest, Data, DataSize);
}
// Update all the packet sizes
- CreateStruct->ComPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->ComPacket->LengthBE) + AddedSize);
- CreateStruct->CurPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->CurPacket->LengthBE) + AddedSize);
- CreateStruct->CurSubPacket->LengthBE = SwapBytes32(SwapBytes32(CreateStruct->CurSubPacket->LengthBE) + AddedSize);
+ CreateStruct->ComPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->ComPacket->LengthBE) + AddedSize);
+ CreateStruct->CurPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->CurPacket->LengthBE) + AddedSize);
+ CreateStruct->CurSubPacket->LengthBE = SwapBytes32 (SwapBytes32 (CreateStruct->CurSubPacket->LengthBE) + AddedSize);
return (TcgResultSuccess);
}
@@ -405,15 +419,14 @@ TcgAddRawTokenData( **/
TCG_RESULT
EFIAPI
-TcgAddRawByte(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT8 Byte
+TcgAddRawByte (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT8 Byte
)
{
- return TcgAddRawTokenData(CreateStruct, NULL, 0, &Byte, 1, FALSE);
+ return TcgAddRawTokenData (CreateStruct, NULL, 0, &Byte, 1, FALSE);
}
-
/**
simple tokens - atoms: tiny, short, medium, long and empty atoms.
tiny atom can be a signed or unsigned integer.
@@ -428,21 +441,21 @@ TcgAddRawByte( **/
TCG_RESULT
-TcgAddAtom(
- TCG_CREATE_STRUCT *CreateStruct,
- const VOID *Data,
- UINT32 DataSize,
- UINT8 ByteOrInt,
- UINT8 SignOrCont
+TcgAddAtom (
+ TCG_CREATE_STRUCT *CreateStruct,
+ const VOID *Data,
+ UINT32 DataSize,
+ UINT8 ByteOrInt,
+ UINT8 SignOrCont
)
{
- const UINT8* DataBytes;
- TCG_SIMPLE_TOKEN_TINY_ATOM TinyAtom;
- TCG_SIMPLE_TOKEN_SHORT_ATOM ShortAtom;
- TCG_SIMPLE_TOKEN_MEDIUM_ATOM MediumAtom;
- TCG_SIMPLE_TOKEN_LONG_ATOM LongAtom;
+ const UINT8 *DataBytes;
+ TCG_SIMPLE_TOKEN_TINY_ATOM TinyAtom;
+ TCG_SIMPLE_TOKEN_SHORT_ATOM ShortAtom;
+ TCG_SIMPLE_TOKEN_MEDIUM_ATOM MediumAtom;
+ TCG_SIMPLE_TOKEN_LONG_ATOM LongAtom;
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
if (DataSize == 0) {
if (ByteOrInt == TCG_ATOM_TYPE_INTEGER) {
@@ -451,52 +464,53 @@ TcgAddAtom( }
} else {
// if DataSize != 0, Data must be valid
- NULL_CHECK(Data);
+ NULL_CHECK (Data);
}
// encode Data using the shortest possible atom
- DataBytes = (const UINT8*)Data;
+ DataBytes = (const UINT8 *)Data;
if ((DataSize == 1) &&
(ByteOrInt == TCG_ATOM_TYPE_INTEGER) &&
- ((SignOrCont != 0 && ((TCG_TOKEN_TINYATOM_SIGNED_MIN_VALUE <= *(INT8*)Data) && (*(INT8*)Data <= TCG_TOKEN_TINYATOM_SIGNED_MAX_VALUE))) ||
- (SignOrCont == 0 && ((*DataBytes <= TCG_TOKEN_TINYATOM_UNSIGNED_MAX_VALUE))))
- ) {
+ (((SignOrCont != 0) && ((TCG_TOKEN_TINYATOM_SIGNED_MIN_VALUE <= *(INT8 *)Data) && (*(INT8 *)Data <= TCG_TOKEN_TINYATOM_SIGNED_MAX_VALUE))) ||
+ ((SignOrCont == 0) && ((*DataBytes <= TCG_TOKEN_TINYATOM_UNSIGNED_MAX_VALUE))))
+ )
+ {
TinyAtom.TinyAtomBits.IsZero = 0;
- TinyAtom.TinyAtomBits.Sign = SignOrCont;
- TinyAtom.TinyAtomBits.Data = *DataBytes & TCG_TOKEN_TINYATOM_UNSIGNED_MAX_VALUE;
- return TcgAddRawTokenData(CreateStruct, NULL, 0, (UINT8*)&TinyAtom, sizeof(TCG_SIMPLE_TOKEN_TINY_ATOM), FALSE);
+ TinyAtom.TinyAtomBits.Sign = SignOrCont;
+ TinyAtom.TinyAtomBits.Data = *DataBytes & TCG_TOKEN_TINYATOM_UNSIGNED_MAX_VALUE;
+ return TcgAddRawTokenData (CreateStruct, NULL, 0, (UINT8 *)&TinyAtom, sizeof (TCG_SIMPLE_TOKEN_TINY_ATOM), FALSE);
}
if (DataSize <= TCG_TOKEN_SHORTATOM_MAX_BYTE_SIZE) {
- ShortAtom.ShortAtomBits.IsOne = 1;
- ShortAtom.ShortAtomBits.IsZero = 0;
- ShortAtom.ShortAtomBits.ByteOrInt = ByteOrInt;
+ ShortAtom.ShortAtomBits.IsOne = 1;
+ ShortAtom.ShortAtomBits.IsZero = 0;
+ ShortAtom.ShortAtomBits.ByteOrInt = ByteOrInt;
ShortAtom.ShortAtomBits.SignOrCont = SignOrCont;
- ShortAtom.ShortAtomBits.Length = DataSize & 0x0F;
- return TcgAddRawTokenData(CreateStruct, &ShortAtom, sizeof(TCG_SIMPLE_TOKEN_SHORT_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
+ ShortAtom.ShortAtomBits.Length = DataSize & 0x0F;
+ return TcgAddRawTokenData (CreateStruct, &ShortAtom, sizeof (TCG_SIMPLE_TOKEN_SHORT_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
}
if (DataSize <= TCG_TOKEN_MEDIUMATOM_MAX_BYTE_SIZE) {
- MediumAtom.MediumAtomBits.IsOne1 = 1;
- MediumAtom.MediumAtomBits.IsOne2 = 1;
- MediumAtom.MediumAtomBits.IsZero = 0;
- MediumAtom.MediumAtomBits.ByteOrInt = ByteOrInt;
+ MediumAtom.MediumAtomBits.IsOne1 = 1;
+ MediumAtom.MediumAtomBits.IsOne2 = 1;
+ MediumAtom.MediumAtomBits.IsZero = 0;
+ MediumAtom.MediumAtomBits.ByteOrInt = ByteOrInt;
MediumAtom.MediumAtomBits.SignOrCont = SignOrCont;
- MediumAtom.MediumAtomBits.LengthLow = DataSize & 0xFF;
+ MediumAtom.MediumAtomBits.LengthLow = DataSize & 0xFF;
MediumAtom.MediumAtomBits.LengthHigh = (DataSize >> TCG_MEDIUM_ATOM_LENGTH_HIGH_SHIFT) & TCG_MEDIUM_ATOM_LENGTH_HIGH_MASK;
- return TcgAddRawTokenData(CreateStruct, &MediumAtom, sizeof(TCG_SIMPLE_TOKEN_MEDIUM_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
+ return TcgAddRawTokenData (CreateStruct, &MediumAtom, sizeof (TCG_SIMPLE_TOKEN_MEDIUM_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
}
- LongAtom.LongAtomBits.IsOne1 = 1;
- LongAtom.LongAtomBits.IsOne2 = 1;
- LongAtom.LongAtomBits.IsOne3 = 1;
- LongAtom.LongAtomBits.IsZero = 0;
- LongAtom.LongAtomBits.ByteOrInt = ByteOrInt;
+ LongAtom.LongAtomBits.IsOne1 = 1;
+ LongAtom.LongAtomBits.IsOne2 = 1;
+ LongAtom.LongAtomBits.IsOne3 = 1;
+ LongAtom.LongAtomBits.IsZero = 0;
+ LongAtom.LongAtomBits.ByteOrInt = ByteOrInt;
LongAtom.LongAtomBits.SignOrCont = SignOrCont;
- LongAtom.LongAtomBits.LengthLow = DataSize & 0xFF;
- LongAtom.LongAtomBits.LengthMid = (DataSize >> TCG_LONG_ATOM_LENGTH_MID_SHIFT) & 0xFF;
+ LongAtom.LongAtomBits.LengthLow = DataSize & 0xFF;
+ LongAtom.LongAtomBits.LengthMid = (DataSize >> TCG_LONG_ATOM_LENGTH_MID_SHIFT) & 0xFF;
LongAtom.LongAtomBits.LengthHigh = (DataSize >> TCG_LONG_ATOM_LENGTH_HIGH_SHIFT) & 0xFF;
- return TcgAddRawTokenData(CreateStruct, &LongAtom, sizeof(TCG_SIMPLE_TOKEN_LONG_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
+ return TcgAddRawTokenData (CreateStruct, &LongAtom, sizeof (TCG_SIMPLE_TOKEN_LONG_ATOM), Data, DataSize, ByteOrInt == TCG_ATOM_TYPE_INTEGER);
}
/**
@@ -512,14 +526,14 @@ TcgAddAtom( **/
TCG_RESULT
EFIAPI
-TcgAddByteSequence(
- TCG_CREATE_STRUCT *CreateStruct,
- const VOID *Data,
- UINT32 DataSize,
- BOOLEAN Continued
+TcgAddByteSequence (
+ TCG_CREATE_STRUCT *CreateStruct,
+ const VOID *Data,
+ UINT32 DataSize,
+ BOOLEAN Continued
)
{
- return TcgAddAtom(CreateStruct, Data, DataSize, TCG_ATOM_TYPE_BYTE, Continued ? 1 : 0);
+ return TcgAddAtom (CreateStruct, Data, DataSize, TCG_ATOM_TYPE_BYTE, Continued ? 1 : 0);
}
/**
@@ -535,30 +549,30 @@ TcgAddByteSequence( **/
TCG_RESULT
EFIAPI
-TcgAddInteger(
+TcgAddInteger (
TCG_CREATE_STRUCT *CreateStruct,
const VOID *Data,
UINT32 DataSize,
BOOLEAN SignedInteger
)
{
- const UINT8* DataBytes;
- UINT32 ActualDataSize;
- BOOLEAN ValueIsNegative;
+ const UINT8 *DataBytes;
+ UINT32 ActualDataSize;
+ BOOLEAN ValueIsNegative;
- NULL_CHECK(CreateStruct);
- NULL_CHECK(Data);
+ NULL_CHECK (CreateStruct);
+ NULL_CHECK (Data);
if (DataSize == 0) {
DEBUG ((DEBUG_INFO, "invalid DataSize=0\n"));
return TcgResultFailure;
}
- DataBytes = (const UINT8*)Data;
+ DataBytes = (const UINT8 *)Data;
// integer should be represented by smallest atom possible
// so calculate real Data Size
- ValueIsNegative = SignedInteger && DataBytes[ DataSize - 1 ] & 0x80;
+ ValueIsNegative = SignedInteger && DataBytes[DataSize - 1] & 0x80;
// assumes native Data is little endian
// shorten Data to smallest byte representation
@@ -572,7 +586,7 @@ TcgAddInteger( }
}
- return TcgAddAtom(CreateStruct, Data, ActualDataSize, TCG_ATOM_TYPE_INTEGER, SignedInteger ? 1 : 0);
+ return TcgAddAtom (CreateStruct, Data, ActualDataSize, TCG_ATOM_TYPE_INTEGER, SignedInteger ? 1 : 0);
}
/**
@@ -584,12 +598,12 @@ TcgAddInteger( **/
TCG_RESULT
EFIAPI
-TcgAddUINT8(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT8 Value
+TcgAddUINT8 (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT8 Value
)
{
- return TcgAddInteger(CreateStruct, &Value, sizeof(Value), FALSE);
+ return TcgAddInteger (CreateStruct, &Value, sizeof (Value), FALSE);
}
/**
@@ -603,11 +617,11 @@ TcgAddUINT8( TCG_RESULT
EFIAPI
TcgAddUINT16 (
- TCG_CREATE_STRUCT *CreateStruct,
- UINT16 Value
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT16 Value
)
{
- return TcgAddInteger(CreateStruct, &Value, sizeof(Value), FALSE);
+ return TcgAddInteger (CreateStruct, &Value, sizeof (Value), FALSE);
}
/**
@@ -620,15 +634,14 @@ TcgAddUINT16 ( **/
TCG_RESULT
EFIAPI
-TcgAddUINT32(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 Value
+TcgAddUINT32 (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 Value
)
{
- return TcgAddInteger(CreateStruct, &Value, sizeof(Value), FALSE);
+ return TcgAddInteger (CreateStruct, &Value, sizeof (Value), FALSE);
}
-
/**
Adds a 64-bit unsigned integer to the Data structure.
@@ -639,12 +652,12 @@ TcgAddUINT32( **/
TCG_RESULT
EFIAPI
-TcgAddUINT64(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT64 Value
+TcgAddUINT64 (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT64 Value
)
{
- return TcgAddInteger(CreateStruct, &Value, sizeof(Value), FALSE);
+ return TcgAddInteger (CreateStruct, &Value, sizeof (Value), FALSE);
}
/**
@@ -656,12 +669,12 @@ TcgAddUINT64( **/
TCG_RESULT
EFIAPI
-TcgAddBOOLEAN(
- TCG_CREATE_STRUCT *CreateStruct,
- BOOLEAN Value
+TcgAddBOOLEAN (
+ TCG_CREATE_STRUCT *CreateStruct,
+ BOOLEAN Value
)
{
- return TcgAddInteger(CreateStruct, &Value, sizeof(Value), FALSE);
+ return TcgAddInteger (CreateStruct, &Value, sizeof (Value), FALSE);
}
/**
@@ -675,12 +688,12 @@ TcgAddBOOLEAN( **/
TCG_RESULT
EFIAPI
-TcgAddTcgUid(
- TCG_CREATE_STRUCT *CreateStruct,
- TCG_UID Uid
+TcgAddTcgUid (
+ TCG_CREATE_STRUCT *CreateStruct,
+ TCG_UID Uid
)
{
- return TcgAddByteSequence(CreateStruct, &Uid, sizeof(TCG_UID), FALSE);
+ return TcgAddByteSequence (CreateStruct, &Uid, sizeof (TCG_UID), FALSE);
}
/**
@@ -693,11 +706,11 @@ TcgAddTcgUid( **/
TCG_RESULT
EFIAPI
-TcgAddStartList(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddStartList (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_STARTLIST);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_STARTLIST);
}
/**
@@ -710,11 +723,11 @@ TcgAddStartList( **/
TCG_RESULT
EFIAPI
-TcgAddEndList(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddEndList (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_ENDLIST);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_ENDLIST);
}
/**
@@ -727,11 +740,11 @@ TcgAddEndList( **/
TCG_RESULT
EFIAPI
-TcgAddStartName(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddStartName (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_STARTNAME);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_STARTNAME);
}
/**
@@ -744,11 +757,11 @@ TcgAddStartName( **/
TCG_RESULT
EFIAPI
-TcgAddEndName(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddEndName (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_ENDNAME);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_ENDNAME);
}
/**
@@ -761,11 +774,11 @@ TcgAddEndName( **/
TCG_RESULT
EFIAPI
-TcgAddCall(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddCall (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_CALL);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_CALL);
}
/**
@@ -778,11 +791,11 @@ TcgAddCall( **/
TCG_RESULT
EFIAPI
-TcgAddEndOfData(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddEndOfData (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_ENDDATA);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_ENDDATA);
}
/**
@@ -795,11 +808,11 @@ TcgAddEndOfData( **/
TCG_RESULT
EFIAPI
-TcgAddEndOfSession(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddEndOfSession (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_ENDSESSION);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_ENDSESSION);
}
/**
@@ -812,11 +825,11 @@ TcgAddEndOfSession( **/
TCG_RESULT
EFIAPI
-TcgAddStartTransaction(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddStartTransaction (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_STARTTRANSACTION);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_STARTTRANSACTION);
}
/**
@@ -829,11 +842,11 @@ TcgAddStartTransaction( **/
TCG_RESULT
EFIAPI
-TcgAddEndTransaction(
- TCG_CREATE_STRUCT *CreateStruct
+TcgAddEndTransaction (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- return TcgAddRawByte(CreateStruct, TCG_TOKEN_ENDTRANSACTION);
+ return TcgAddRawByte (CreateStruct, TCG_TOKEN_ENDTRANSACTION);
}
/**
@@ -848,59 +861,60 @@ TcgAddEndTransaction( **/
TCG_RESULT
EFIAPI
-TcgInitTcgParseStruct(
- TCG_PARSE_STRUCT *ParseStruct,
- const VOID *Buffer,
- UINT32 BufferSize
+TcgInitTcgParseStruct (
+ TCG_PARSE_STRUCT *ParseStruct,
+ const VOID *Buffer,
+ UINT32 BufferSize
)
{
- UINT32 ComPacketLength;
- UINT32 PacketLength;
+ UINT32 ComPacketLength;
+ UINT32 PacketLength;
- NULL_CHECK(ParseStruct);
- NULL_CHECK(Buffer);
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (Buffer);
- if (BufferSize < sizeof(TCG_COM_PACKET)) {
+ if (BufferSize < sizeof (TCG_COM_PACKET)) {
return (TcgResultFailureBufferTooSmall);
}
- ParseStruct->ComPacket = (TCG_COM_PACKET*)Buffer;
+ ParseStruct->ComPacket = (TCG_COM_PACKET *)Buffer;
- ComPacketLength = SwapBytes32(ParseStruct->ComPacket->LengthBE);
+ ComPacketLength = SwapBytes32 (ParseStruct->ComPacket->LengthBE);
- if ((BufferSize - sizeof(TCG_COM_PACKET)) < ComPacketLength) {
+ if ((BufferSize - sizeof (TCG_COM_PACKET)) < ComPacketLength) {
DEBUG ((DEBUG_INFO, "Buffer %u too small for ComPacket %u\n", BufferSize, ComPacketLength));
return (TcgResultFailureBufferTooSmall);
}
ParseStruct->BufferSize = BufferSize;
- ParseStruct->Buffer = Buffer;
+ ParseStruct->Buffer = Buffer;
- ParseStruct->CurPacket = NULL;
+ ParseStruct->CurPacket = NULL;
ParseStruct->CurSubPacket = NULL;
- ParseStruct->CurPtr = NULL;
+ ParseStruct->CurPtr = NULL;
// if payload > 0, then must have a packet
if (ComPacketLength != 0) {
- if (ComPacketLength < sizeof(TCG_PACKET)) {
+ if (ComPacketLength < sizeof (TCG_PACKET)) {
DEBUG ((DEBUG_INFO, "ComPacket too small for Packet\n"));
return (TcgResultFailureBufferTooSmall);
}
- ParseStruct->CurPacket = (TCG_PACKET*)ParseStruct->ComPacket->Payload;
- PacketLength = SwapBytes32(ParseStruct->CurPacket->LengthBE);
+ ParseStruct->CurPacket = (TCG_PACKET *)ParseStruct->ComPacket->Payload;
+
+ PacketLength = SwapBytes32 (ParseStruct->CurPacket->LengthBE);
if (PacketLength > 0) {
- if (PacketLength < sizeof(TCG_SUB_PACKET)) {
- DEBUG ((DEBUG_INFO, "Packet too small for SubPacket\n"));
- return (TcgResultFailureBufferTooSmall);
+ if (PacketLength < sizeof (TCG_SUB_PACKET)) {
+ DEBUG ((DEBUG_INFO, "Packet too small for SubPacket\n"));
+ return (TcgResultFailureBufferTooSmall);
}
- ParseStruct->CurSubPacket = (TCG_SUB_PACKET*)ParseStruct->CurPacket->Payload;
+ ParseStruct->CurSubPacket = (TCG_SUB_PACKET *)ParseStruct->CurPacket->Payload;
}
}
- //TODO should check for method status list at this point?
+ // TODO should check for method status list at this point?
return (TcgResultSuccess);
}
@@ -916,25 +930,26 @@ TcgInitTcgParseStruct( **/
TCG_RESULT
EFIAPI
-TcgGetNextToken(
- TCG_PARSE_STRUCT *ParseStruct,
- TCG_TOKEN *TcgToken
+TcgGetNextToken (
+ TCG_PARSE_STRUCT *ParseStruct,
+ TCG_TOKEN *TcgToken
)
{
- const UINT8* EndOfSubPacket;
- UINT8* TokenEnd;
- UINT8 Hdr;
- TCG_SIMPLE_TOKEN_SHORT_ATOM* TmpShort;
- const TCG_SIMPLE_TOKEN_MEDIUM_ATOM* TmpMed;
- const TCG_SIMPLE_TOKEN_LONG_ATOM* TmpLong;
-
- NULL_CHECK(ParseStruct);
- NULL_CHECK(TcgToken);
-
- if (ParseStruct->ComPacket == NULL ||
- ParseStruct->CurPacket == NULL ||
- ParseStruct->CurSubPacket == NULL
- ) {
+ const UINT8 *EndOfSubPacket;
+ UINT8 *TokenEnd;
+ UINT8 Hdr;
+ TCG_SIMPLE_TOKEN_SHORT_ATOM *TmpShort;
+ const TCG_SIMPLE_TOKEN_MEDIUM_ATOM *TmpMed;
+ const TCG_SIMPLE_TOKEN_LONG_ATOM *TmpLong;
+
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (TcgToken);
+
+ if ((ParseStruct->ComPacket == NULL) ||
+ (ParseStruct->CurPacket == NULL) ||
+ (ParseStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", ParseStruct->ComPacket, ParseStruct->CurPacket, ParseStruct->CurSubPacket));
return TcgResultFailureInvalidAction;
}
@@ -944,8 +959,8 @@ TcgGetNextToken( ParseStruct->CurPtr = ParseStruct->CurSubPacket->Payload;
}
- EndOfSubPacket = ParseStruct->CurSubPacket->Payload + SwapBytes32(ParseStruct->CurSubPacket->LengthBE);
- TokenEnd = NULL;
+ EndOfSubPacket = ParseStruct->CurSubPacket->Payload + SwapBytes32 (ParseStruct->CurSubPacket->LengthBE);
+ TokenEnd = NULL;
// confirmed that subpacket Length falls within end of Buffer and TCG_COM_PACKET,
// so simply need to verify the loop stays within current subpacket
@@ -954,7 +969,7 @@ TcgGetNextToken( return (TcgResultFailureEndBuffer);
}
- Hdr = *ParseStruct->CurPtr;
+ Hdr = *ParseStruct->CurPtr;
TcgToken->HdrStart = ParseStruct->CurPtr;
// Tiny Atom range
@@ -962,7 +977,7 @@ TcgGetNextToken( // tiny atom Header is only 1 byte, so don't need to verify Size before cast and access
TcgToken->Type = TcgTokenTypeTinyAtom;
- TokenEnd = TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_TINY_ATOM);
+ TokenEnd = TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_TINY_ATOM);
// verify caller will have enough Size to reference token
if (TokenEnd >= EndOfSubPacket) {
@@ -971,12 +986,12 @@ TcgGetNextToken( }
}
// Short Atom Range
- else if (0x80 <= Hdr && Hdr <= 0xBF) {
+ else if ((0x80 <= Hdr) && (Hdr <= 0xBF)) {
// short atom Header is only 1 byte, so don't need to verify Size before cast and access
- TmpShort = (TCG_SIMPLE_TOKEN_SHORT_ATOM*)(ParseStruct->CurPtr);
+ TmpShort = (TCG_SIMPLE_TOKEN_SHORT_ATOM *)(ParseStruct->CurPtr);
TcgToken->Type = TcgTokenTypeShortAtom;
- TokenEnd = (TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_SHORT_ATOM) + TmpShort->ShortAtomBits.Length);
+ TokenEnd = (TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_SHORT_ATOM) + TmpShort->ShortAtomBits.Length);
// verify caller will have enough Size to reference token
if (TokenEnd >= EndOfSubPacket) {
@@ -985,15 +1000,16 @@ TcgGetNextToken( }
}
// Medium Atom Range
- else if (0xC0 <= Hdr && Hdr <= 0xDF) {
- if (TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_MEDIUM_ATOM) >= EndOfSubPacket) {
+ else if ((0xC0 <= Hdr) && (Hdr <= 0xDF)) {
+ if (TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_MEDIUM_ATOM) >= EndOfSubPacket) {
return (TcgResultFailureEndBuffer);
}
- TmpMed = (const TCG_SIMPLE_TOKEN_MEDIUM_ATOM*)ParseStruct->CurPtr;
+
+ TmpMed = (const TCG_SIMPLE_TOKEN_MEDIUM_ATOM *)ParseStruct->CurPtr;
TcgToken->Type = TcgTokenTypeMediumAtom;
- TokenEnd = TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_MEDIUM_ATOM) +
- ((TmpMed->MediumAtomBits.LengthHigh << TCG_MEDIUM_ATOM_LENGTH_HIGH_SHIFT) |
- TmpMed->MediumAtomBits.LengthLow);
+ TokenEnd = TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_MEDIUM_ATOM) +
+ ((TmpMed->MediumAtomBits.LengthHigh << TCG_MEDIUM_ATOM_LENGTH_HIGH_SHIFT) |
+ TmpMed->MediumAtomBits.LengthLow);
// verify caller will have enough Size to reference token
if (TokenEnd >= EndOfSubPacket) {
@@ -1002,14 +1018,15 @@ TcgGetNextToken( }
}
// Long Atom Range
- else if (0xE0 <= Hdr && Hdr <= 0xE3) {
- if (TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_LONG_ATOM) >= EndOfSubPacket) {
+ else if ((0xE0 <= Hdr) && (Hdr <= 0xE3)) {
+ if (TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_LONG_ATOM) >= EndOfSubPacket) {
return (TcgResultFailureEndBuffer);
}
- TmpLong = (const TCG_SIMPLE_TOKEN_LONG_ATOM*)ParseStruct->CurPtr;
+
+ TmpLong = (const TCG_SIMPLE_TOKEN_LONG_ATOM *)ParseStruct->CurPtr;
TcgToken->Type = TcgTokenTypeLongAtom;
- TokenEnd = TcgToken->HdrStart + sizeof(TCG_SIMPLE_TOKEN_LONG_ATOM) +
+ TokenEnd = TcgToken->HdrStart + sizeof (TCG_SIMPLE_TOKEN_LONG_ATOM) +
((TmpLong->LongAtomBits.LengthHigh << TCG_LONG_ATOM_LENGTH_HIGH_SHIFT) |
(TmpLong->LongAtomBits.LengthMid << TCG_LONG_ATOM_LENGTH_MID_SHIFT) |
TmpLong->LongAtomBits.LengthLow);
@@ -1023,40 +1040,41 @@ TcgGetNextToken( // single byte tokens
switch (Hdr) {
case TCG_TOKEN_STARTLIST:
- TcgToken->Type = TcgTokenTypeStartList;
- break;
+ TcgToken->Type = TcgTokenTypeStartList;
+ break;
case TCG_TOKEN_ENDLIST:
- TcgToken->Type = TcgTokenTypeEndList;
- break;
+ TcgToken->Type = TcgTokenTypeEndList;
+ break;
case TCG_TOKEN_STARTNAME:
- TcgToken->Type = TcgTokenTypeStartName;
- break;
+ TcgToken->Type = TcgTokenTypeStartName;
+ break;
case TCG_TOKEN_ENDNAME:
- TcgToken->Type = TcgTokenTypeEndName;
- break;
+ TcgToken->Type = TcgTokenTypeEndName;
+ break;
case TCG_TOKEN_CALL:
- TcgToken->Type = TcgTokenTypeCall;
- break;
+ TcgToken->Type = TcgTokenTypeCall;
+ break;
case TCG_TOKEN_ENDDATA:
- TcgToken->Type = TcgTokenTypeEndOfData;
- break;
+ TcgToken->Type = TcgTokenTypeEndOfData;
+ break;
case TCG_TOKEN_ENDSESSION:
- TcgToken->Type = TcgTokenTypeEndOfSession;
- break;
+ TcgToken->Type = TcgTokenTypeEndOfSession;
+ break;
case TCG_TOKEN_STARTTRANSACTION:
- TcgToken->Type = TcgTokenTypeStartTransaction;
- break;
+ TcgToken->Type = TcgTokenTypeStartTransaction;
+ break;
case TCG_TOKEN_ENDTRANSACTION:
- TcgToken->Type = TcgTokenTypeEndTransaction;
- break;
+ TcgToken->Type = TcgTokenTypeEndTransaction;
+ break;
case TCG_TOKEN_EMPTY:
- TcgToken->Type = TcgTokenTypeEmptyAtom;
- break;
+ TcgToken->Type = TcgTokenTypeEmptyAtom;
+ break;
default:
- DEBUG ((DEBUG_INFO, "WARNING: reserved token Type 0x%02X\n", Hdr));
- TcgToken->Type = TcgTokenTypeReserved;
- break;
+ DEBUG ((DEBUG_INFO, "WARNING: reserved token Type 0x%02X\n", Hdr));
+ TcgToken->Type = TcgTokenTypeReserved;
+ break;
}
+
ParseStruct->CurPtr++;
TokenEnd = TcgToken->HdrStart + 1;
}
@@ -1080,61 +1098,65 @@ TcgGetNextToken( **/
TCG_RESULT
EFIAPI
-TcgGetAtomInfo(
- const TCG_TOKEN *TcgToken,
- UINT32 *HeaderLength,
- UINT32 *DataLength,
- UINT8 *ByteOrInt,
- UINT8 *SignOrCont
+TcgGetAtomInfo (
+ const TCG_TOKEN *TcgToken,
+ UINT32 *HeaderLength,
+ UINT32 *DataLength,
+ UINT8 *ByteOrInt,
+ UINT8 *SignOrCont
)
{
- TCG_SIMPLE_TOKEN_TINY_ATOM* TinyAtom;
- TCG_SIMPLE_TOKEN_SHORT_ATOM* ShortAtom;
- TCG_SIMPLE_TOKEN_MEDIUM_ATOM* MediumAtom;
- TCG_SIMPLE_TOKEN_LONG_ATOM* LongAtom;
+ TCG_SIMPLE_TOKEN_TINY_ATOM *TinyAtom;
+ TCG_SIMPLE_TOKEN_SHORT_ATOM *ShortAtom;
+ TCG_SIMPLE_TOKEN_MEDIUM_ATOM *MediumAtom;
+ TCG_SIMPLE_TOKEN_LONG_ATOM *LongAtom;
- NULL_CHECK(TcgToken);
- NULL_CHECK(HeaderLength);
- NULL_CHECK(DataLength);
- NULL_CHECK(ByteOrInt);
- NULL_CHECK(SignOrCont);
+ NULL_CHECK (TcgToken);
+ NULL_CHECK (HeaderLength);
+ NULL_CHECK (DataLength);
+ NULL_CHECK (ByteOrInt);
+ NULL_CHECK (SignOrCont);
switch (TcgToken->Type) {
- case TcgTokenTypeTinyAtom: {
- TinyAtom = (TCG_SIMPLE_TOKEN_TINY_ATOM*)TcgToken->HdrStart;
- *ByteOrInt = TCG_ATOM_TYPE_INTEGER;
- *SignOrCont = TinyAtom->TinyAtomBits.Sign;
- *HeaderLength = 0;
- *DataLength = 0; // tiny atom must be handled as a special case - Header and Data in the same byte
+ case TcgTokenTypeTinyAtom:
+ {
+ TinyAtom = (TCG_SIMPLE_TOKEN_TINY_ATOM *)TcgToken->HdrStart;
+ *ByteOrInt = TCG_ATOM_TYPE_INTEGER;
+ *SignOrCont = TinyAtom->TinyAtomBits.Sign;
+ *HeaderLength = 0;
+ *DataLength = 0; // tiny atom must be handled as a special case - Header and Data in the same byte
return TcgResultSuccess;
}
- case TcgTokenTypeShortAtom: {
- ShortAtom = (TCG_SIMPLE_TOKEN_SHORT_ATOM*)TcgToken->HdrStart;
- *ByteOrInt = ShortAtom->ShortAtomBits.ByteOrInt;
- *SignOrCont = ShortAtom->ShortAtomBits.SignOrCont;
- *HeaderLength = sizeof(TCG_SIMPLE_TOKEN_SHORT_ATOM);
- *DataLength = ShortAtom->ShortAtomBits.Length;
+ case TcgTokenTypeShortAtom:
+ {
+ ShortAtom = (TCG_SIMPLE_TOKEN_SHORT_ATOM *)TcgToken->HdrStart;
+ *ByteOrInt = ShortAtom->ShortAtomBits.ByteOrInt;
+ *SignOrCont = ShortAtom->ShortAtomBits.SignOrCont;
+ *HeaderLength = sizeof (TCG_SIMPLE_TOKEN_SHORT_ATOM);
+ *DataLength = ShortAtom->ShortAtomBits.Length;
return TcgResultSuccess;
}
- case TcgTokenTypeMediumAtom: {
- MediumAtom = (TCG_SIMPLE_TOKEN_MEDIUM_ATOM*)TcgToken->HdrStart;
- *ByteOrInt = MediumAtom->MediumAtomBits.ByteOrInt;
- *SignOrCont = MediumAtom->MediumAtomBits.SignOrCont;
- *HeaderLength = sizeof(TCG_SIMPLE_TOKEN_MEDIUM_ATOM);
- *DataLength = (MediumAtom->MediumAtomBits.LengthHigh << TCG_MEDIUM_ATOM_LENGTH_HIGH_SHIFT) | MediumAtom->MediumAtomBits.LengthLow;
+ case TcgTokenTypeMediumAtom:
+ {
+ MediumAtom = (TCG_SIMPLE_TOKEN_MEDIUM_ATOM *)TcgToken->HdrStart;
+ *ByteOrInt = MediumAtom->MediumAtomBits.ByteOrInt;
+ *SignOrCont = MediumAtom->MediumAtomBits.SignOrCont;
+ *HeaderLength = sizeof (TCG_SIMPLE_TOKEN_MEDIUM_ATOM);
+ *DataLength = (MediumAtom->MediumAtomBits.LengthHigh << TCG_MEDIUM_ATOM_LENGTH_HIGH_SHIFT) | MediumAtom->MediumAtomBits.LengthLow;
return TcgResultSuccess;
}
- case TcgTokenTypeLongAtom: {
- LongAtom = (TCG_SIMPLE_TOKEN_LONG_ATOM*)TcgToken->HdrStart;
- *ByteOrInt = LongAtom->LongAtomBits.ByteOrInt;
- *SignOrCont = LongAtom->LongAtomBits.SignOrCont;
- *HeaderLength = sizeof(TCG_SIMPLE_TOKEN_LONG_ATOM);
- *DataLength = (LongAtom->LongAtomBits.LengthHigh << TCG_LONG_ATOM_LENGTH_HIGH_SHIFT) |
- (LongAtom->LongAtomBits.LengthMid << TCG_LONG_ATOM_LENGTH_MID_SHIFT) |
- LongAtom->LongAtomBits.LengthLow;
+ case TcgTokenTypeLongAtom:
+ {
+ LongAtom = (TCG_SIMPLE_TOKEN_LONG_ATOM *)TcgToken->HdrStart;
+ *ByteOrInt = LongAtom->LongAtomBits.ByteOrInt;
+ *SignOrCont = LongAtom->LongAtomBits.SignOrCont;
+ *HeaderLength = sizeof (TCG_SIMPLE_TOKEN_LONG_ATOM);
+ *DataLength = (LongAtom->LongAtomBits.LengthHigh << TCG_LONG_ATOM_LENGTH_HIGH_SHIFT) |
+ (LongAtom->LongAtomBits.LengthMid << TCG_LONG_ATOM_LENGTH_MID_SHIFT) |
+ LongAtom->LongAtomBits.LengthLow;
return TcgResultSuccess;
}
@@ -1155,25 +1177,25 @@ TcgGetAtomInfo( **/
TCG_RESULT
EFIAPI
-TcgGetTokenUINT64(
- const TCG_TOKEN *TcgToken,
- UINT64 *Value
+TcgGetTokenUINT64 (
+ const TCG_TOKEN *TcgToken,
+ UINT64 *Value
)
{
- UINT32 HdrLength;
- UINT32 DataLength;
- UINT8 ByteOrInt;
- UINT8 IsSigned;
- TCG_SIMPLE_TOKEN_TINY_ATOM* TmpTiny;
- const UINT8* Data;
- UINT32 Index;
-
- NULL_CHECK(TcgToken);
- NULL_CHECK(Value);
-
- Index = 0;
+ UINT32 HdrLength;
+ UINT32 DataLength;
+ UINT8 ByteOrInt;
+ UINT8 IsSigned;
+ TCG_SIMPLE_TOKEN_TINY_ATOM *TmpTiny;
+ const UINT8 *Data;
+ UINT32 Index;
+
+ NULL_CHECK (TcgToken);
+ NULL_CHECK (Value);
+
+ Index = 0;
*Value = 0;
- ERROR_CHECK(TcgGetAtomInfo(TcgToken, &HdrLength, &DataLength, &ByteOrInt, &IsSigned));
+ ERROR_CHECK (TcgGetAtomInfo (TcgToken, &HdrLength, &DataLength, &ByteOrInt, &IsSigned));
if (ByteOrInt != TCG_ATOM_TYPE_INTEGER) {
DEBUG ((DEBUG_INFO, "Invalid Type, expected integer not byte sequence\n"));
@@ -1188,12 +1210,12 @@ TcgGetTokenUINT64( // special case for tiny atom
// Header and Data are in one byte, so extract only the Data bitfield
if (TcgToken->Type == TcgTokenTypeTinyAtom) {
- TmpTiny = (TCG_SIMPLE_TOKEN_TINY_ATOM*)TcgToken->HdrStart;
- *Value = TmpTiny->TinyAtomBits.Data;
+ TmpTiny = (TCG_SIMPLE_TOKEN_TINY_ATOM *)TcgToken->HdrStart;
+ *Value = TmpTiny->TinyAtomBits.Data;
return TcgResultSuccess;
}
- if (DataLength > sizeof(UINT64)) {
+ if (DataLength > sizeof (UINT64)) {
DEBUG ((DEBUG_INFO, "Length %d is greater than Size of UINT64\n", DataLength));
return TcgResultFailureBufferTooSmall;
}
@@ -1201,7 +1223,7 @@ TcgGetTokenUINT64( // read big-endian integer
Data = TcgToken->HdrStart + HdrLength;
for (Index = 0; Index < DataLength; Index++) {
- *Value = LShiftU64(*Value, 8) | Data[Index];
+ *Value = LShiftU64 (*Value, 8) | Data[Index];
}
return TcgResultSuccess;
@@ -1216,23 +1238,23 @@ TcgGetTokenUINT64( @retval Return the value data.
**/
-UINT8*
+UINT8 *
EFIAPI
-TcgGetTokenByteSequence(
- const TCG_TOKEN *TcgToken,
- UINT32 *Length
+TcgGetTokenByteSequence (
+ const TCG_TOKEN *TcgToken,
+ UINT32 *Length
)
{
- UINT32 HdrLength;
- UINT8 ByteOrInt;
- UINT8 SignOrCont;
+ UINT32 HdrLength;
+ UINT8 ByteOrInt;
+ UINT8 SignOrCont;
- if (TcgToken == NULL || Length == NULL) {
+ if ((TcgToken == NULL) || (Length == NULL)) {
return NULL;
}
*Length = 0;
- if (TcgGetAtomInfo(TcgToken, &HdrLength, Length, &ByteOrInt, &SignOrCont) != TcgResultSuccess) {
+ if (TcgGetAtomInfo (TcgToken, &HdrLength, Length, &ByteOrInt, &SignOrCont) != TcgResultSuccess) {
DEBUG ((DEBUG_INFO, "Failed to get simple token info\n"));
return NULL;
}
@@ -1256,18 +1278,18 @@ TcgGetTokenByteSequence( **/
TCG_RESULT
EFIAPI
-TcgGetNextUINT8(
- TCG_PARSE_STRUCT *ParseStruct,
- UINT8 *Value
+TcgGetNextUINT8 (
+ TCG_PARSE_STRUCT *ParseStruct,
+ UINT8 *Value
)
{
- UINT64 Value64;
- TCG_TOKEN Tok;
+ UINT64 Value64;
+ TCG_TOKEN Tok;
- NULL_CHECK(Value);
+ NULL_CHECK (Value);
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ERROR_CHECK(TcgGetTokenUINT64(&Tok, &Value64));
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ERROR_CHECK (TcgGetTokenUINT64 (&Tok, &Value64));
if (Value64 > MAX_UINT8) {
return TcgResultFailure;
@@ -1289,18 +1311,18 @@ TcgGetNextUINT8( **/
TCG_RESULT
EFIAPI
-TcgGetNextUINT16(
- TCG_PARSE_STRUCT *ParseStruct,
- UINT16 *Value
+TcgGetNextUINT16 (
+ TCG_PARSE_STRUCT *ParseStruct,
+ UINT16 *Value
)
{
- UINT64 Value64;
- TCG_TOKEN Tok;
+ UINT64 Value64;
+ TCG_TOKEN Tok;
- NULL_CHECK(Value);
+ NULL_CHECK (Value);
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ERROR_CHECK(TcgGetTokenUINT64(&Tok, &Value64));
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ERROR_CHECK (TcgGetTokenUINT64 (&Tok, &Value64));
if (Value64 > MAX_UINT16) {
return TcgResultFailure;
@@ -1322,18 +1344,18 @@ TcgGetNextUINT16( **/
TCG_RESULT
EFIAPI
-TcgGetNextUINT32(
- TCG_PARSE_STRUCT *ParseStruct,
- UINT32 *Value
+TcgGetNextUINT32 (
+ TCG_PARSE_STRUCT *ParseStruct,
+ UINT32 *Value
)
{
- UINT64 Value64;
- TCG_TOKEN Tok;
+ UINT64 Value64;
+ TCG_TOKEN Tok;
- NULL_CHECK(Value);
+ NULL_CHECK (Value);
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ERROR_CHECK(TcgGetTokenUINT64(&Tok, &Value64));
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ERROR_CHECK (TcgGetTokenUINT64 (&Tok, &Value64));
if (Value64 > MAX_UINT32) {
return TcgResultFailure;
@@ -1355,14 +1377,15 @@ TcgGetNextUINT32( **/
TCG_RESULT
EFIAPI
-TcgGetNextUINT64(
- TCG_PARSE_STRUCT *ParseStruct,
- UINT64 *Value
+TcgGetNextUINT64 (
+ TCG_PARSE_STRUCT *ParseStruct,
+ UINT64 *Value
)
{
- TCG_TOKEN Tok;
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ERROR_CHECK(TcgGetTokenUINT64(&Tok, Value));
+ TCG_TOKEN Tok;
+
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ERROR_CHECK (TcgGetTokenUINT64 (&Tok, Value));
return TcgResultSuccess;
}
@@ -1377,18 +1400,18 @@ TcgGetNextUINT64( **/
TCG_RESULT
EFIAPI
-TcgGetNextBOOLEAN(
- TCG_PARSE_STRUCT *ParseStruct,
- BOOLEAN *Value
+TcgGetNextBOOLEAN (
+ TCG_PARSE_STRUCT *ParseStruct,
+ BOOLEAN *Value
)
{
- UINT64 Value64;
- TCG_TOKEN Tok;
+ UINT64 Value64;
+ TCG_TOKEN Tok;
- NULL_CHECK(Value);
+ NULL_CHECK (Value);
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ERROR_CHECK(TcgGetTokenUINT64(&Tok, &Value64));
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ERROR_CHECK (TcgGetTokenUINT64 (&Tok, &Value64));
if (Value64 > 1) {
return TcgResultFailure;
@@ -1410,28 +1433,28 @@ TcgGetNextBOOLEAN( **/
TCG_RESULT
EFIAPI
-TcgGetNextTcgUid(
- TCG_PARSE_STRUCT *ParseStruct,
- TCG_UID *Uid
+TcgGetNextTcgUid (
+ TCG_PARSE_STRUCT *ParseStruct,
+ TCG_UID *Uid
)
{
- TCG_TOKEN Tok;
- UINT32 Length;
- const UINT8* ByteSeq;
+ TCG_TOKEN Tok;
+ UINT32 Length;
+ const UINT8 *ByteSeq;
- NULL_CHECK(Uid);
+ NULL_CHECK (Uid);
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- ByteSeq = TcgGetTokenByteSequence(&Tok, &Length);
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ ByteSeq = TcgGetTokenByteSequence (&Tok, &Length);
- if (Length != sizeof(TCG_UID)) {
- DEBUG ((DEBUG_INFO, "Token Length %u != TCG_UID Size %u\n", Length, (UINT32)sizeof(TCG_UID)));
+ if (Length != sizeof (TCG_UID)) {
+ DEBUG ((DEBUG_INFO, "Token Length %u != TCG_UID Size %u\n", Length, (UINT32)sizeof (TCG_UID)));
return TcgResultFailure;
}
ASSERT (ByteSeq != NULL);
- CopyMem(Uid, ByteSeq, sizeof(TCG_UID));
+ CopyMem (Uid, ByteSeq, sizeof (TCG_UID));
return TcgResultSuccess;
}
@@ -1448,21 +1471,22 @@ TcgGetNextTcgUid( **/
TCG_RESULT
EFIAPI
-TcgGetNextByteSequence(
- TCG_PARSE_STRUCT *ParseStruct,
- const VOID **Data,
- UINT32 *Length
+TcgGetNextByteSequence (
+ TCG_PARSE_STRUCT *ParseStruct,
+ const VOID **Data,
+ UINT32 *Length
)
{
- TCG_TOKEN Tok;
- const UINT8* Bs;
+ TCG_TOKEN Tok;
+ const UINT8 *Bs;
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
- Bs = TcgGetTokenByteSequence(&Tok, Length);
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
+ Bs = TcgGetTokenByteSequence (&Tok, Length);
if (Bs == NULL) {
return TcgResultFailure;
}
+
*Data = Bs;
return TcgResultSuccess;
}
@@ -1478,17 +1502,19 @@ TcgGetNextByteSequence( **/
TCG_RESULT
EFIAPI
-TcgGetNextTokenType(
- TCG_PARSE_STRUCT *ParseStruct,
- TCG_TOKEN_TYPE Type
+TcgGetNextTokenType (
+ TCG_PARSE_STRUCT *ParseStruct,
+ TCG_TOKEN_TYPE Type
)
{
- TCG_TOKEN Tok;
- ERROR_CHECK(TcgGetNextToken(ParseStruct, &Tok));
+ TCG_TOKEN Tok;
+
+ ERROR_CHECK (TcgGetNextToken (ParseStruct, &Tok));
if (Tok.Type != Type) {
DEBUG ((DEBUG_INFO, "expected Type %u, got Type %u\n", Type, Tok.Type));
return TcgResultFailure;
}
+
return TcgResultSuccess;
}
@@ -1502,11 +1528,11 @@ TcgGetNextTokenType( **/
TCG_RESULT
EFIAPI
-TcgGetNextStartList(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextStartList (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeStartList);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeStartList);
}
/**
@@ -1519,11 +1545,11 @@ TcgGetNextStartList( **/
TCG_RESULT
EFIAPI
-TcgGetNextEndList(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextEndList (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeEndList);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeEndList);
}
/**
@@ -1536,11 +1562,11 @@ TcgGetNextEndList( **/
TCG_RESULT
EFIAPI
-TcgGetNextStartName(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextStartName (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeStartName);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeStartName);
}
/**
@@ -1553,11 +1579,11 @@ TcgGetNextStartName( **/
TCG_RESULT
EFIAPI
-TcgGetNextEndName(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextEndName (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeEndName);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeEndName);
}
/**
@@ -1570,11 +1596,11 @@ TcgGetNextEndName( **/
TCG_RESULT
EFIAPI
-TcgGetNextCall(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextCall (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeCall);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeCall);
}
/**
@@ -1587,11 +1613,11 @@ TcgGetNextCall( **/
TCG_RESULT
EFIAPI
-TcgGetNextEndOfData(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextEndOfData (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeEndOfData);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeEndOfData);
}
/**
@@ -1604,11 +1630,11 @@ TcgGetNextEndOfData( **/
TCG_RESULT
EFIAPI
-TcgGetNextEndOfSession(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextEndOfSession (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeEndOfSession);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeEndOfSession);
}
/**
@@ -1621,11 +1647,11 @@ TcgGetNextEndOfSession( **/
TCG_RESULT
EFIAPI
-TcgGetNextStartTransaction(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextStartTransaction (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeStartTransaction);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeStartTransaction);
}
/**
@@ -1638,9 +1664,9 @@ TcgGetNextStartTransaction( **/
TCG_RESULT
EFIAPI
-TcgGetNextEndTransaction(
- TCG_PARSE_STRUCT *ParseStruct
+TcgGetNextEndTransaction (
+ TCG_PARSE_STRUCT *ParseStruct
)
{
- return TcgGetNextTokenType(ParseStruct, TcgTokenTypeEndTransaction);
+ return TcgGetNextTokenType (ParseStruct, TcgTokenTypeEndTransaction);
}
diff --git a/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageUtil.c b/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageUtil.c index ff331bfc8a..48f1e6e7bd 100644 --- a/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageUtil.c +++ b/SecurityPkg/Library/TcgStorageCoreLib/TcgStorageUtil.c @@ -13,9 +13,9 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/DebugLib.h>
typedef struct {
- UINT16 FeatureCode;
- TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feature;
- UINTN FeatureSize;
+ UINT16 FeatureCode;
+ TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feature;
+ UINTN FeatureSize;
} TCG_FIND_FEATURE_CTX;
/**
@@ -26,39 +26,39 @@ typedef struct { @retval return the string info.
**/
-CHAR8*
+CHAR8 *
EFIAPI
-TcgMethodStatusString(
- UINT8 MethodStatus
+TcgMethodStatusString (
+ UINT8 MethodStatus
)
{
switch (MethodStatus) {
- #define C(status) case TCG_METHOD_STATUS_CODE_ ## status: return #status
- C(SUCCESS);
- C(NOT_AUTHORIZED);
- C(OBSOLETE);
- C(SP_BUSY);
- C(SP_FAILED);
- C(SP_DISABLED);
- C(SP_FROZEN);
- C(NO_SESSIONS_AVAILABLE);
- C(UNIQUENESS_CONFLICT);
- C(INSUFFICIENT_SPACE);
- C(INSUFFICIENT_ROWS);
- C(INVALID_PARAMETER);
- C(OBSOLETE2);
- C(OBSOLETE3);
- C(TPER_MALFUNCTION);
- C(TRANSACTION_FAILURE);
- C(RESPONSE_OVERFLOW);
- C(AUTHORITY_LOCKED_OUT);
- C(FAIL);
+ #define C(status) case TCG_METHOD_STATUS_CODE_ ## status: return #status
+ C (SUCCESS);
+ C (NOT_AUTHORIZED);
+ C (OBSOLETE);
+ C (SP_BUSY);
+ C (SP_FAILED);
+ C (SP_DISABLED);
+ C (SP_FROZEN);
+ C (NO_SESSIONS_AVAILABLE);
+ C (UNIQUENESS_CONFLICT);
+ C (INSUFFICIENT_SPACE);
+ C (INSUFFICIENT_ROWS);
+ C (INVALID_PARAMETER);
+ C (OBSOLETE2);
+ C (OBSOLETE3);
+ C (TPER_MALFUNCTION);
+ C (TRANSACTION_FAILURE);
+ C (RESPONSE_OVERFLOW);
+ C (AUTHORITY_LOCKED_OUT);
+ C (FAIL);
#undef C
}
+
return "unknown";
}
-
/**
adds call token and method Header (invoking id, and method id).
@@ -69,25 +69,26 @@ TcgMethodStatusString( **/
TCG_RESULT
EFIAPI
-TcgStartMethodCall(
- TCG_CREATE_STRUCT *CreateStruct,
- TCG_UID InvokingId,
- TCG_UID MethodId
+TcgStartMethodCall (
+ TCG_CREATE_STRUCT *CreateStruct,
+ TCG_UID InvokingId,
+ TCG_UID MethodId
)
{
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- ERROR_CHECK(TcgAddCall(CreateStruct));
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, InvokingId));
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, MethodId));
+ ERROR_CHECK (TcgAddCall (CreateStruct));
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, InvokingId));
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, MethodId));
return TcgResultSuccess;
}
@@ -100,21 +101,22 @@ TcgStartMethodCall( **/
TCG_RESULT
EFIAPI
-TcgStartParameters(
- TCG_CREATE_STRUCT *CreateStruct
+TcgStartParameters (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- return TcgAddStartList(CreateStruct);
+ return TcgAddStartList (CreateStruct);
}
/**
@@ -125,21 +127,22 @@ TcgStartParameters( **/
TCG_RESULT
EFIAPI
-TcgEndParameters(
- TCG_CREATE_STRUCT *CreateStruct
+TcgEndParameters (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- return TcgAddEndList(CreateStruct);
+ return TcgAddEndList (CreateStruct);
}
/**
@@ -150,27 +153,28 @@ TcgEndParameters( **/
TCG_RESULT
EFIAPI
-TcgEndMethodCall(
- TCG_CREATE_STRUCT *CreateStruct
+TcgEndMethodCall (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- NULL_CHECK(CreateStruct);
+ NULL_CHECK (CreateStruct);
- if (CreateStruct->ComPacket == NULL ||
- CreateStruct->CurPacket == NULL ||
- CreateStruct->CurSubPacket == NULL
- ) {
+ if ((CreateStruct->ComPacket == NULL) ||
+ (CreateStruct->CurPacket == NULL) ||
+ (CreateStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", CreateStruct->ComPacket, CreateStruct->CurPacket, CreateStruct->CurSubPacket));
return (TcgResultFailureInvalidAction);
}
- ERROR_CHECK(TcgAddEndOfData(CreateStruct));
+ ERROR_CHECK (TcgAddEndOfData (CreateStruct));
- ERROR_CHECK(TcgAddStartList(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x00)); // expected to complete properly
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x00)); // reserved
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x00)); // reserved
- ERROR_CHECK(TcgAddEndList(CreateStruct));
+ ERROR_CHECK (TcgAddStartList (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x00)); // expected to complete properly
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x00)); // reserved
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x00)); // reserved
+ ERROR_CHECK (TcgAddEndList (CreateStruct));
return TcgResultSuccess;
}
@@ -186,23 +190,23 @@ TcgEndMethodCall( **/
TCG_RESULT
EFIAPI
-TcgGetComIds(
- const TCG_PARSE_STRUCT *ParseStruct,
- UINT16 *ComId,
- UINT16 *ComIdExtension
+TcgGetComIds (
+ const TCG_PARSE_STRUCT *ParseStruct,
+ UINT16 *ComId,
+ UINT16 *ComIdExtension
)
{
- NULL_CHECK(ParseStruct);
- NULL_CHECK(ComId);
- NULL_CHECK(ComIdExtension);
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (ComId);
+ NULL_CHECK (ComIdExtension);
if (ParseStruct->ComPacket == NULL) {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p\n", ParseStruct->ComPacket));
return TcgResultFailureInvalidAction;
}
- *ComId = SwapBytes16(ParseStruct->ComPacket->ComIDBE);
- *ComIdExtension = SwapBytes16(ParseStruct->ComPacket->ComIDExtensionBE);
+ *ComId = SwapBytes16 (ParseStruct->ComPacket->ComIDBE);
+ *ComIdExtension = SwapBytes16 (ParseStruct->ComPacket->ComIDExtensionBE);
return TcgResultSuccess;
}
@@ -217,21 +221,22 @@ TcgGetComIds( **/
TCG_RESULT
EFIAPI
-TcgCheckComIds(
- const TCG_PARSE_STRUCT *ParseStruct,
- UINT16 ExpectedComId,
- UINT16 ExpectedComIdExtension
+TcgCheckComIds (
+ const TCG_PARSE_STRUCT *ParseStruct,
+ UINT16 ExpectedComId,
+ UINT16 ExpectedComIdExtension
)
{
- UINT16 ParseComId;
- UINT16 ParseComIdExtension;
+ UINT16 ParseComId;
+ UINT16 ParseComIdExtension;
- ERROR_CHECK(TcgGetComIds(ParseStruct, &ParseComId, &ParseComIdExtension));
- if (ParseComId != ExpectedComId || ParseComIdExtension != ExpectedComIdExtension) {
+ ERROR_CHECK (TcgGetComIds (ParseStruct, &ParseComId, &ParseComIdExtension));
+ if ((ParseComId != ExpectedComId) || (ParseComIdExtension != ExpectedComIdExtension)) {
DEBUG ((DEBUG_INFO, "Com ID: Actual 0x%02X Expected 0x%02X\n", ParseComId, ExpectedComId));
DEBUG ((DEBUG_INFO, "Extended Com ID: 0x%02X Expected 0x%02X\n", ParseComIdExtension, ExpectedComIdExtension));
return TcgResultFailure;
}
+
return TcgResultSuccess;
}
@@ -245,42 +250,43 @@ TcgCheckComIds( **/
TCG_RESULT
EFIAPI
-TcgGetMethodStatus(
- const TCG_PARSE_STRUCT *ParseStruct,
- UINT8 *MethodStatus
+TcgGetMethodStatus (
+ const TCG_PARSE_STRUCT *ParseStruct,
+ UINT8 *MethodStatus
)
{
- TCG_PARSE_STRUCT TmpParseStruct;
- TCG_TOKEN TcgToken;
- UINT8 Reserved1, Reserved2;
-
- NULL_CHECK(ParseStruct);
- NULL_CHECK(MethodStatus);
-
- if (ParseStruct->ComPacket == NULL ||
- ParseStruct->CurPacket == NULL ||
- ParseStruct->CurSubPacket == NULL
- ) {
+ TCG_PARSE_STRUCT TmpParseStruct;
+ TCG_TOKEN TcgToken;
+ UINT8 Reserved1, Reserved2;
+
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (MethodStatus);
+
+ if ((ParseStruct->ComPacket == NULL) ||
+ (ParseStruct->CurPacket == NULL) ||
+ (ParseStruct->CurSubPacket == NULL)
+ )
+ {
DEBUG ((DEBUG_INFO, "unexpected state: ComPacket=%p CurPacket=%p CurSubPacket=%p\n", ParseStruct->ComPacket, ParseStruct->CurPacket, ParseStruct->CurSubPacket));
return TcgResultFailureInvalidAction;
}
// duplicate ParseStruct, then don't need to "reset" location cur ptr
- CopyMem (&TmpParseStruct, ParseStruct, sizeof(TCG_PARSE_STRUCT));
+ CopyMem (&TmpParseStruct, ParseStruct, sizeof (TCG_PARSE_STRUCT));
// method status list exists after the end method call in the subpacket
// skip tokens until ENDDATA is found
do {
- ERROR_CHECK(TcgGetNextToken(&TmpParseStruct, &TcgToken));
+ ERROR_CHECK (TcgGetNextToken (&TmpParseStruct, &TcgToken));
} while (TcgToken.Type != TcgTokenTypeEndOfData);
// only reach here if enddata is found
// at this point, the curptr is pointing at method status list beginning
- ERROR_CHECK(TcgGetNextStartList(&TmpParseStruct));
- ERROR_CHECK(TcgGetNextUINT8(&TmpParseStruct, MethodStatus));
- ERROR_CHECK(TcgGetNextUINT8(&TmpParseStruct, &Reserved1));
- ERROR_CHECK(TcgGetNextUINT8(&TmpParseStruct, &Reserved2));
- ERROR_CHECK(TcgGetNextEndList(&TmpParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&TmpParseStruct));
+ ERROR_CHECK (TcgGetNextUINT8 (&TmpParseStruct, MethodStatus));
+ ERROR_CHECK (TcgGetNextUINT8 (&TmpParseStruct, &Reserved1));
+ ERROR_CHECK (TcgGetNextUINT8 (&TmpParseStruct, &Reserved2));
+ ERROR_CHECK (TcgGetNextEndList (&TmpParseStruct));
if (Reserved1 != 0) {
DEBUG ((DEBUG_INFO, "Method status reserved1 = 0x%02X (expected 0)\n", Reserved1));
@@ -303,9 +309,9 @@ TcgGetMethodStatus( @retval Return the string for this type.
**/
-CHAR8*
+CHAR8 *
EFIAPI
-TcgTokenTypeString(
+TcgTokenTypeString (
TCG_TOKEN_TYPE Type
)
{
@@ -326,10 +332,10 @@ TcgTokenTypeString( case TcgTokenTypeEndTransaction: return "End Transaction";
case TcgTokenTypeEmptyAtom: return "Empty atom";
}
+
return "Unknown";
}
-
/**
Adds Start Session call to the data structure. This creates the entire ComPacket structure and
@@ -349,48 +355,49 @@ TcgTokenTypeString( **/
TCG_RESULT
EFIAPI
-TcgCreateStartSession(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size,
- UINT16 ComId,
- UINT16 ComIdExtension,
- UINT32 HostSessionId,
- TCG_UID SpId,
- BOOLEAN Write,
- UINT32 HostChallengeLength,
- const VOID *HostChallenge,
- TCG_UID HostSigningAuthority
+TcgCreateStartSession (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size,
+ UINT16 ComId,
+ UINT16 ComIdExtension,
+ UINT32 HostSessionId,
+ TCG_UID SpId,
+ BOOLEAN Write,
+ UINT32 HostChallengeLength,
+ const VOID *HostChallenge,
+ TCG_UID HostSigningAuthority
)
{
- ERROR_CHECK(TcgStartComPacket(CreateStruct, ComId, ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, 0x0, 0x0, 0x0, 0x0, 0x0)) ;
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(CreateStruct, TCG_UID_SMUID, TCG_UID_SM_START_SESSION));
- ERROR_CHECK(TcgStartParameters(CreateStruct));
- ERROR_CHECK(TcgAddUINT32(CreateStruct, HostSessionId));
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, SpId));
- ERROR_CHECK(TcgAddBOOLEAN(CreateStruct, Write));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, ComId, ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, 0x0, 0x0, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (CreateStruct, TCG_UID_SMUID, TCG_UID_SM_START_SESSION));
+ ERROR_CHECK (TcgStartParameters (CreateStruct));
+ ERROR_CHECK (TcgAddUINT32 (CreateStruct, HostSessionId));
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, SpId));
+ ERROR_CHECK (TcgAddBOOLEAN (CreateStruct, Write));
// optional parameters
- if (HostChallenge != NULL && HostChallengeLength != 0) {
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x00)); //TODO Create Enum for Method Optional Parameters?
- ERROR_CHECK(TcgAddByteSequence(CreateStruct, HostChallenge, HostChallengeLength, FALSE));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
+ if ((HostChallenge != NULL) && (HostChallengeLength != 0)) {
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x00)); // TODO Create Enum for Method Optional Parameters?
+ ERROR_CHECK (TcgAddByteSequence (CreateStruct, HostChallenge, HostChallengeLength, FALSE));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
}
+
// optional parameters
if (HostSigningAuthority != 0) {
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x03)); //TODO Create Enum for Method Optional Parameters?
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, HostSigningAuthority));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x03)); // TODO Create Enum for Method Optional Parameters?
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, HostSigningAuthority));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
}
- ERROR_CHECK(TcgEndParameters(CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgEndParameters (CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -408,7 +415,7 @@ TcgCreateStartSession( **/
TCG_RESULT
EFIAPI
-TcgParseSyncSession(
+TcgParseSyncSession (
const TCG_PARSE_STRUCT *ParseStruct,
UINT16 ComId,
UINT16 ComIdExtension,
@@ -416,38 +423,39 @@ TcgParseSyncSession( UINT32 *TperSessionId
)
{
- UINT8 MethodStatus;
- TCG_PARSE_STRUCT TmpParseStruct;
- UINT16 ParseComId;
- UINT16 ParseExtComId;
- TCG_UID InvokingUID;
- TCG_UID MethodUID;
- UINT32 RecvHostSessionId;
+ UINT8 MethodStatus;
+ TCG_PARSE_STRUCT TmpParseStruct;
+ UINT16 ParseComId;
+ UINT16 ParseExtComId;
+ TCG_UID InvokingUID;
+ TCG_UID MethodUID;
+ UINT32 RecvHostSessionId;
- NULL_CHECK(ParseStruct);
- NULL_CHECK(TperSessionId);
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (TperSessionId);
- CopyMem (&TmpParseStruct, ParseStruct, sizeof(TCG_PARSE_STRUCT));
+ CopyMem (&TmpParseStruct, ParseStruct, sizeof (TCG_PARSE_STRUCT));
// verify method status is good
- ERROR_CHECK(TcgGetMethodStatus(&TmpParseStruct, &MethodStatus));
+ ERROR_CHECK (TcgGetMethodStatus (&TmpParseStruct, &MethodStatus));
METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
// verify comids
- ERROR_CHECK(TcgGetComIds(&TmpParseStruct, &ParseComId, &ParseExtComId));
+ ERROR_CHECK (TcgGetComIds (&TmpParseStruct, &ParseComId, &ParseExtComId));
if ((ComId != ParseComId) || (ComIdExtension != ParseExtComId)) {
DEBUG ((DEBUG_INFO, "unmatched comid (exp: 0x%X recv: 0x%X) or comid extension (exp: 0x%X recv: 0x%X)\n", ComId, ParseComId, ComIdExtension, ParseExtComId));
return TcgResultFailure;
}
- ERROR_CHECK(TcgGetNextCall(&TmpParseStruct));
- ERROR_CHECK(TcgGetNextTcgUid(&TmpParseStruct, &InvokingUID));
- ERROR_CHECK(TcgGetNextTcgUid(&TmpParseStruct, &MethodUID));
- ERROR_CHECK(TcgGetNextStartList(&TmpParseStruct));
- ERROR_CHECK(TcgGetNextUINT32(&TmpParseStruct, &RecvHostSessionId));
- ERROR_CHECK(TcgGetNextUINT32(&TmpParseStruct, TperSessionId));
- ERROR_CHECK(TcgGetNextEndList(&TmpParseStruct));
- ERROR_CHECK(TcgGetNextEndOfData(&TmpParseStruct));
+
+ ERROR_CHECK (TcgGetNextCall (&TmpParseStruct));
+ ERROR_CHECK (TcgGetNextTcgUid (&TmpParseStruct, &InvokingUID));
+ ERROR_CHECK (TcgGetNextTcgUid (&TmpParseStruct, &MethodUID));
+ ERROR_CHECK (TcgGetNextStartList (&TmpParseStruct));
+ ERROR_CHECK (TcgGetNextUINT32 (&TmpParseStruct, &RecvHostSessionId));
+ ERROR_CHECK (TcgGetNextUINT32 (&TmpParseStruct, TperSessionId));
+ ERROR_CHECK (TcgGetNextEndList (&TmpParseStruct));
+ ERROR_CHECK (TcgGetNextEndOfData (&TmpParseStruct));
if (InvokingUID != TCG_UID_SMUID) {
DEBUG ((DEBUG_INFO, "Invoking UID did not match UID_SMUID\n"));
@@ -482,22 +490,22 @@ TcgParseSyncSession( **/
TCG_RESULT
EFIAPI
-TcgCreateEndSession(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size,
- UINT16 ComId,
- UINT16 ComIdExtension,
- UINT32 HostSessionId,
- UINT32 TpSessionId
+TcgCreateEndSession (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size,
+ UINT16 ComId,
+ UINT16 ComIdExtension,
+ UINT32 HostSessionId,
+ UINT32 TpSessionId
)
{
- ERROR_CHECK(TcgStartComPacket(CreateStruct, ComId, ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, TpSessionId, HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgAddEndOfSession(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, ComId, ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, TpSessionId, HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgAddEndOfSession (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -512,19 +520,19 @@ TcgCreateEndSession( **/
TCG_RESULT
EFIAPI
-TcgStartMethodSet(
- TCG_CREATE_STRUCT *CreateStruct,
- TCG_UID Row,
- UINT32 ColumnNumber
+TcgStartMethodSet (
+ TCG_CREATE_STRUCT *CreateStruct,
+ TCG_UID Row,
+ UINT32 ColumnNumber
)
{
- ERROR_CHECK(TcgStartMethodCall(CreateStruct, Row, TCG_UID_METHOD_SET));
- ERROR_CHECK(TcgStartParameters(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x01)); // "Values"
- ERROR_CHECK(TcgAddStartList(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT32(CreateStruct, ColumnNumber));
+ ERROR_CHECK (TcgStartMethodCall (CreateStruct, Row, TCG_UID_METHOD_SET));
+ ERROR_CHECK (TcgStartParameters (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x01)); // "Values"
+ ERROR_CHECK (TcgAddStartList (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT32 (CreateStruct, ColumnNumber));
return TcgResultSuccess;
}
@@ -536,15 +544,15 @@ TcgStartMethodSet( **/
TCG_RESULT
EFIAPI
-TcgEndMethodSet(
- TCG_CREATE_STRUCT *CreateStruct
+TcgEndMethodSet (
+ TCG_CREATE_STRUCT *CreateStruct
)
{
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgAddEndList(CreateStruct));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgEndParameters(CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(CreateStruct));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgAddEndList (CreateStruct));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgEndParameters (CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (CreateStruct));
return TcgResultSuccess;
}
@@ -565,28 +573,28 @@ TcgEndMethodSet( **/
TCG_RESULT
EFIAPI
-TcgCreateSetCPin(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size,
- UINT16 ComId,
- UINT16 ComIdExtension,
- UINT32 TperSession,
- UINT32 HostSession,
- TCG_UID SidRow,
- const VOID *Password,
- UINT32 PasswordSize
+TcgCreateSetCPin (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size,
+ UINT16 ComId,
+ UINT16 ComIdExtension,
+ UINT32 TperSession,
+ UINT32 HostSession,
+ TCG_UID SidRow,
+ const VOID *Password,
+ UINT32 PasswordSize
)
{
// set new SID Password
- ERROR_CHECK(TcgStartComPacket(CreateStruct, ComId, ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodSet(CreateStruct, SidRow, 0x03)); // "PIN"
- ERROR_CHECK(TcgAddByteSequence(CreateStruct, Password, PasswordSize, FALSE));
- ERROR_CHECK(TcgEndMethodSet(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, ComId, ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodSet (CreateStruct, SidRow, 0x03)); // "PIN"
+ ERROR_CHECK (TcgAddByteSequence (CreateStruct, Password, PasswordSize, FALSE));
+ ERROR_CHECK (TcgEndMethodSet (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -606,26 +614,26 @@ TcgCreateSetCPin( **/
TCG_RESULT
EFIAPI
-TcgSetAuthorityEnabled(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size,
- UINT16 ComId,
- UINT16 ComIdExtension,
- UINT32 TperSession,
- UINT32 HostSession,
- TCG_UID AuthorityUid,
- BOOLEAN Enabled
+TcgSetAuthorityEnabled (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size,
+ UINT16 ComId,
+ UINT16 ComIdExtension,
+ UINT32 TperSession,
+ UINT32 HostSession,
+ TCG_UID AuthorityUid,
+ BOOLEAN Enabled
)
{
- ERROR_CHECK(TcgStartComPacket(CreateStruct, ComId, ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodSet(CreateStruct, AuthorityUid, 0x05)); // "Enabled"
- ERROR_CHECK(TcgAddBOOLEAN(CreateStruct, Enabled));
- ERROR_CHECK(TcgEndMethodSet(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, ComId, ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodSet (CreateStruct, AuthorityUid, 0x05)); // "Enabled"
+ ERROR_CHECK (TcgAddBOOLEAN (CreateStruct, Enabled));
+ ERROR_CHECK (TcgEndMethodSet (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -648,21 +656,21 @@ TcgSetAuthorityEnabled( **/
TCG_RESULT
EFIAPI
-TcgCreateSetAce(
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size,
- UINT16 ComId,
- UINT16 ComIdExtension,
- UINT32 TperSession,
- UINT32 HostSession,
- TCG_UID AceRow,
- TCG_UID Authority1,
- BOOLEAN LogicalOperator,
- TCG_UID Authority2
+TcgCreateSetAce (
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size,
+ UINT16 ComId,
+ UINT16 ComIdExtension,
+ UINT32 TperSession,
+ UINT32 HostSession,
+ TCG_UID AceRow,
+ TCG_UID Authority1,
+ BOOLEAN LogicalOperator,
+ TCG_UID Authority2
)
{
- UINT8 HalfUidAuthorityObjectRef[4];
- UINT8 HalfUidBooleanAce[4];
+ UINT8 HalfUidAuthorityObjectRef[4];
+ UINT8 HalfUidBooleanAce[4];
HalfUidAuthorityObjectRef[0] = 0x0;
HalfUidAuthorityObjectRef[1] = 0x0;
@@ -674,29 +682,29 @@ TcgCreateSetAce( HalfUidBooleanAce[2] = 0x4;
HalfUidBooleanAce[3] = 0xE;
- ERROR_CHECK(TcgStartComPacket(CreateStruct, ComId, ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodSet(CreateStruct, AceRow, 0x03)); // "BooleanExpr"
- ERROR_CHECK(TcgAddStartList(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddByteSequence(CreateStruct, HalfUidAuthorityObjectRef, sizeof(HalfUidAuthorityObjectRef), FALSE));
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, Authority1));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddByteSequence(CreateStruct, HalfUidAuthorityObjectRef, sizeof(HalfUidAuthorityObjectRef), FALSE));
- ERROR_CHECK(TcgAddTcgUid(CreateStruct, Authority2));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddByteSequence(CreateStruct, HalfUidBooleanAce, sizeof(HalfUidBooleanAce), FALSE));
- ERROR_CHECK(TcgAddBOOLEAN(CreateStruct, LogicalOperator));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgAddEndList(CreateStruct));
- ERROR_CHECK(TcgEndMethodSet(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, ComId, ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, TperSession, HostSession, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodSet (CreateStruct, AceRow, 0x03)); // "BooleanExpr"
+ ERROR_CHECK (TcgAddStartList (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddByteSequence (CreateStruct, HalfUidAuthorityObjectRef, sizeof (HalfUidAuthorityObjectRef), FALSE));
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, Authority1));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddByteSequence (CreateStruct, HalfUidAuthorityObjectRef, sizeof (HalfUidAuthorityObjectRef), FALSE));
+ ERROR_CHECK (TcgAddTcgUid (CreateStruct, Authority2));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddByteSequence (CreateStruct, HalfUidBooleanAce, sizeof (HalfUidBooleanAce), FALSE));
+ ERROR_CHECK (TcgAddBOOLEAN (CreateStruct, LogicalOperator));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgAddEndList (CreateStruct));
+ ERROR_CHECK (TcgEndMethodSet (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -712,21 +720,21 @@ TcgCreateSetAce( **/
BOOLEAN
EFIAPI
-TcgEnumLevel0Discovery(
+TcgEnumLevel0Discovery (
const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader,
TCG_LEVEL0_ENUM_CALLBACK Callback,
VOID *Context
)
{
- UINT32 BytesLeft;
- const UINT8 *DiscoveryBufferPtr;
- UINT32 FeatLength;
- TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feat;
+ UINT32 BytesLeft;
+ const UINT8 *DiscoveryBufferPtr;
+ UINT32 FeatLength;
+ TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feat;
//
// Total bytes including descriptors but not including the Length field
//
- BytesLeft = SwapBytes32(DiscoveryHeader->LengthBE);
+ BytesLeft = SwapBytes32 (DiscoveryHeader->LengthBE);
//
// If discovery Header is not valid, exit
@@ -738,20 +746,20 @@ TcgEnumLevel0Discovery( //
// Subtract the Length of the Header, except the Length field, which is not included
//
- BytesLeft -= (sizeof(TCG_LEVEL0_DISCOVERY_HEADER) - sizeof(DiscoveryHeader->LengthBE));
+ BytesLeft -= (sizeof (TCG_LEVEL0_DISCOVERY_HEADER) - sizeof (DiscoveryHeader->LengthBE));
//
// Move ptr to first descriptor
//
- DiscoveryBufferPtr = (const UINT8*)DiscoveryHeader + sizeof(TCG_LEVEL0_DISCOVERY_HEADER);
+ DiscoveryBufferPtr = (const UINT8 *)DiscoveryHeader + sizeof (TCG_LEVEL0_DISCOVERY_HEADER);
- while (BytesLeft > sizeof(TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER)) {
+ while (BytesLeft > sizeof (TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER)) {
//
// Pointer to beginning of descriptor (including common Header)
//
- Feat = (TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER*)DiscoveryBufferPtr;
+ Feat = (TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *)DiscoveryBufferPtr;
- FeatLength = Feat->Length + sizeof(TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER);
+ FeatLength = Feat->Length + sizeof (TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER);
//
// Not enough bytes left for Feature descriptor
@@ -763,14 +771,14 @@ TcgEnumLevel0Discovery( //
// Report the Feature to the callback
//
- if (Callback(DiscoveryHeader, Feat, FeatLength, Context)) {
+ if (Callback (DiscoveryHeader, Feat, FeatLength, Context)) {
return TRUE;
}
//
// Descriptor Length only describes Data after common Header
//
- BytesLeft -= FeatLength;
+ BytesLeft -= FeatLength;
DiscoveryBufferPtr += FeatLength;
}
@@ -788,21 +796,22 @@ TcgEnumLevel0Discovery( **/
BOOLEAN
EFIAPI
-TcgFindFeatureCallback(
- const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader,
- TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feature,
- UINTN FeatureSize,
- VOID *Context
+TcgFindFeatureCallback (
+ const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader,
+ TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *Feature,
+ UINTN FeatureSize,
+ VOID *Context
)
{
- TCG_FIND_FEATURE_CTX* FindCtx;
+ TCG_FIND_FEATURE_CTX *FindCtx;
- FindCtx = (TCG_FIND_FEATURE_CTX*)Context;
- if ( SwapBytes16( Feature->FeatureCode_BE ) == FindCtx->FeatureCode ) {
- FindCtx->Feature = Feature;
+ FindCtx = (TCG_FIND_FEATURE_CTX *)Context;
+ if ( SwapBytes16 (Feature->FeatureCode_BE) == FindCtx->FeatureCode ) {
+ FindCtx->Feature = Feature;
FindCtx->FeatureSize = FeatureSize;
return TRUE; // done enumerating features
}
+
return FALSE; // continue enumerating
}
@@ -815,24 +824,25 @@ TcgFindFeatureCallback( @retval return the Feature code data.
**/
-TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER*
+TCG_LEVEL0_FEATURE_DESCRIPTOR_HEADER *
EFIAPI
-TcgGetFeature(
+TcgGetFeature (
const TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader,
UINT16 FeatureCode,
UINTN *FeatureSize
)
{
- TCG_FIND_FEATURE_CTX FindCtx;
+ TCG_FIND_FEATURE_CTX FindCtx;
FindCtx.FeatureCode = FeatureCode;
- FindCtx.Feature = NULL;
+ FindCtx.Feature = NULL;
FindCtx.FeatureSize = 0;
- TcgEnumLevel0Discovery(DiscoveryHeader, TcgFindFeatureCallback, &FindCtx);
+ TcgEnumLevel0Discovery (DiscoveryHeader, TcgFindFeatureCallback, &FindCtx);
if (FeatureSize != NULL) {
*FeatureSize = FindCtx.FeatureSize;
}
+
return FindCtx.Feature;
}
@@ -846,19 +856,19 @@ TcgGetFeature( **/
BOOLEAN
EFIAPI
-TcgIsProtocolSupported(
- const TCG_SUPPORTED_SECURITY_PROTOCOLS *ProtocolList,
- UINT16 Protocol
+TcgIsProtocolSupported (
+ const TCG_SUPPORTED_SECURITY_PROTOCOLS *ProtocolList,
+ UINT16 Protocol
)
{
- UINT16 Index;
- UINT16 ListLength;
+ UINT16 Index;
+ UINT16 ListLength;
- ListLength = SwapBytes16(ProtocolList->ListLength_BE);
+ ListLength = SwapBytes16 (ProtocolList->ListLength_BE);
- if (ListLength > sizeof(ProtocolList->List)) {
+ if (ListLength > sizeof (ProtocolList->List)) {
DEBUG ((DEBUG_INFO, "WARNING: list Length is larger than max allowed Value; truncating\n"));
- ListLength = sizeof(ProtocolList->List);
+ ListLength = sizeof (ProtocolList->List);
}
for (Index = 0; Index < ListLength; Index++) {
@@ -879,17 +889,17 @@ TcgIsProtocolSupported( **/
BOOLEAN
EFIAPI
-TcgIsLocked(
- const TCG_LEVEL0_DISCOVERY_HEADER *Discovery
+TcgIsLocked (
+ const TCG_LEVEL0_DISCOVERY_HEADER *Discovery
)
{
- UINTN Size;
- TCG_LOCKING_FEATURE_DESCRIPTOR *LockDescriptor;
+ UINTN Size;
+ TCG_LOCKING_FEATURE_DESCRIPTOR *LockDescriptor;
- Size = 0;
- LockDescriptor =(TCG_LOCKING_FEATURE_DESCRIPTOR*) TcgGetFeature (Discovery, TCG_FEATURE_LOCKING, &Size);
+ Size = 0;
+ LockDescriptor = (TCG_LOCKING_FEATURE_DESCRIPTOR *)TcgGetFeature (Discovery, TCG_FEATURE_LOCKING, &Size);
- if (LockDescriptor != NULL && Size >= sizeof(*LockDescriptor)) {
+ if ((LockDescriptor != NULL) && (Size >= sizeof (*LockDescriptor))) {
DEBUG ((DEBUG_INFO, "locked: %d\n", LockDescriptor->Locked));
return LockDescriptor->Locked;
}
diff --git a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c index c840590e8e..e59438c993 100644 --- a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c +++ b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalCore.c @@ -17,13 +17,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- UINT8 HardwareReset : 1;
- UINT8 Reserved : 7;
+ UINT8 HardwareReset : 1;
+ UINT8 Reserved : 7;
} TCG_BLOCK_SID_CLEAR_EVENTS;
#pragma pack()
-#define TRUSTED_COMMAND_TIMEOUT_NS ((UINT64) 5 * ((UINT64)(1000000)) * 1000) // 5 seconds
-#define BUFFER_SIZE 512
+#define TRUSTED_COMMAND_TIMEOUT_NS ((UINT64) 5 * ((UINT64)(1000000)) * 1000) // 5 seconds
+#define BUFFER_SIZE 512
/**
The function performs a Trusted Send of a Buffer containing a TCG_COM_PACKET.
@@ -38,7 +38,7 @@ typedef struct { **/
TCG_RESULT
-OpalTrustedSend(
+OpalTrustedSend (
EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp,
UINT32 MediaId,
UINT8 SecurityProtocol,
@@ -60,17 +60,17 @@ OpalTrustedSend( return TcgResultFailureBufferTooSmall;
}
- ZeroMem((UINT8*)Buffer + TransferLength, TransferLength512 - TransferLength);
+ ZeroMem ((UINT8 *)Buffer + TransferLength, TransferLength512 - TransferLength);
- Status = Sscp->SendData(
- Sscp,
- MediaId,
- TRUSTED_COMMAND_TIMEOUT_NS,
- SecurityProtocol,
- SwapBytes16(SpSpecific),
- TransferLength512,
- Buffer
- );
+ Status = Sscp->SendData (
+ Sscp,
+ MediaId,
+ TRUSTED_COMMAND_TIMEOUT_NS,
+ SecurityProtocol,
+ SwapBytes16 (SpSpecific),
+ TransferLength512,
+ Buffer
+ );
return Status == EFI_SUCCESS ? TcgResultSuccess : TcgResultFailure;
}
@@ -89,7 +89,7 @@ OpalTrustedSend( **/
TCG_RESULT
-OpalTrustedRecv(
+OpalTrustedRecv (
EFI_STORAGE_SECURITY_COMMAND_PROTOCOL *Sscp,
UINT32 MediaId,
UINT8 SecurityProtocol,
@@ -111,12 +111,12 @@ OpalTrustedRecv( // Round Buffer Size down to a 512-byte multiple
//
TransferLength512 = BufferSize & ~(UINTN)511;
- Tries = 0;
- ComPacket = NULL;
- Length = 0;
- OutstandingData = 0;
+ Tries = 0;
+ ComPacket = NULL;
+ Length = 0;
+ OutstandingData = 0;
- if (TransferLength512 < sizeof(TCG_COM_PACKET)) {
+ if (TransferLength512 < sizeof (TCG_COM_PACKET)) {
DEBUG ((DEBUG_INFO, "transferLength %u too small for ComPacket\n", TransferLength512));
return TcgResultFailureBufferTooSmall;
}
@@ -135,25 +135,26 @@ OpalTrustedRecv( } else {
Tries = 5000;
}
+
while ((Tries--) > 0) {
- ZeroMem( Buffer, BufferSize );
+ ZeroMem (Buffer, BufferSize);
TransferSize = 0;
- Status = Sscp->ReceiveData(
- Sscp,
- MediaId,
- TRUSTED_COMMAND_TIMEOUT_NS,
- SecurityProtocol,
- SwapBytes16(SpSpecific),
- TransferLength512,
- Buffer,
- &TransferSize
- );
+ Status = Sscp->ReceiveData (
+ Sscp,
+ MediaId,
+ TRUSTED_COMMAND_TIMEOUT_NS,
+ SecurityProtocol,
+ SwapBytes16 (SpSpecific),
+ TransferLength512,
+ Buffer,
+ &TransferSize
+ );
if (EFI_ERROR (Status)) {
return TcgResultFailure;
}
- if (SecurityProtocol != TCG_OPAL_SECURITY_PROTOCOL_1 && SecurityProtocol != TCG_OPAL_SECURITY_PROTOCOL_2) {
+ if ((SecurityProtocol != TCG_OPAL_SECURITY_PROTOCOL_1) && (SecurityProtocol != TCG_OPAL_SECURITY_PROTOCOL_2)) {
return TcgResultSuccess;
}
@@ -161,11 +162,11 @@ OpalTrustedRecv( return TcgResultSuccess;
}
- ComPacket = (TCG_COM_PACKET*) Buffer;
- Length = SwapBytes32(ComPacket->LengthBE);
- OutstandingData = SwapBytes32( ComPacket->OutstandingDataBE );
+ ComPacket = (TCG_COM_PACKET *)Buffer;
+ Length = SwapBytes32 (ComPacket->LengthBE);
+ OutstandingData = SwapBytes32 (ComPacket->OutstandingDataBE);
- if (Length != 0 && OutstandingData == 0) {
+ if ((Length != 0) && (OutstandingData == 0)) {
return TcgResultSuccess;
}
@@ -192,41 +193,45 @@ OpalTrustedRecv( TCG_RESULT
EFIAPI
OpalPerformMethod (
- OPAL_SESSION *Session,
- UINT32 SendSize,
- VOID *Buffer,
- UINT32 BufferSize,
- TCG_PARSE_STRUCT *ParseStruct,
- UINT8 *MethodStatus,
- UINT32 EstimateTimeCost
+ OPAL_SESSION *Session,
+ UINT32 SendSize,
+ VOID *Buffer,
+ UINT32 BufferSize,
+ TCG_PARSE_STRUCT *ParseStruct,
+ UINT8 *MethodStatus,
+ UINT32 EstimateTimeCost
)
{
- NULL_CHECK(Session);
- NULL_CHECK(MethodStatus);
-
- ERROR_CHECK(OpalTrustedSend(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_1,
- Session->OpalBaseComId,
- SendSize,
- Buffer,
- BufferSize
- ));
-
- ERROR_CHECK(OpalTrustedRecv(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_1,
- Session->OpalBaseComId,
- Buffer,
- BufferSize,
- EstimateTimeCost
- ));
-
- ERROR_CHECK(TcgInitTcgParseStruct(ParseStruct, Buffer, BufferSize));
- ERROR_CHECK(TcgCheckComIds(ParseStruct, Session->OpalBaseComId, Session->ComIdExtension));
- ERROR_CHECK(TcgGetMethodStatus(ParseStruct, MethodStatus));
+ NULL_CHECK (Session);
+ NULL_CHECK (MethodStatus);
+
+ ERROR_CHECK (
+ OpalTrustedSend (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_1,
+ Session->OpalBaseComId,
+ SendSize,
+ Buffer,
+ BufferSize
+ )
+ );
+
+ ERROR_CHECK (
+ OpalTrustedRecv (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_1,
+ Session->OpalBaseComId,
+ Buffer,
+ BufferSize,
+ EstimateTimeCost
+ )
+ );
+
+ ERROR_CHECK (TcgInitTcgParseStruct (ParseStruct, Buffer, BufferSize));
+ ERROR_CHECK (TcgCheckComIds (ParseStruct, Session->OpalBaseComId, Session->ComIdExtension));
+ ERROR_CHECK (TcgGetMethodStatus (ParseStruct, MethodStatus));
return TcgResultSuccess;
}
@@ -240,33 +245,33 @@ OpalPerformMethod ( **/
TCG_RESULT
EFIAPI
-OpalBlockSid(
- OPAL_SESSION *Session,
- BOOLEAN HardwareReset
+OpalBlockSid (
+ OPAL_SESSION *Session,
+ BOOLEAN HardwareReset
)
{
- UINT8 Buffer[BUFFER_SIZE];
- TCG_BLOCK_SID_CLEAR_EVENTS *ClearEvents;
+ UINT8 Buffer[BUFFER_SIZE];
+ TCG_BLOCK_SID_CLEAR_EVENTS *ClearEvents;
- NULL_CHECK(Session);
+ NULL_CHECK (Session);
//
// Set Hardware Reset bit
//
- ClearEvents = (TCG_BLOCK_SID_CLEAR_EVENTS *) &Buffer[0];
+ ClearEvents = (TCG_BLOCK_SID_CLEAR_EVENTS *)&Buffer[0];
- ClearEvents->Reserved = 0;
+ ClearEvents->Reserved = 0;
ClearEvents->HardwareReset = HardwareReset;
- return(OpalTrustedSend(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_2,
- TCG_BLOCKSID_COMID, // hardcode ComID 0x0005
- 1,
- Buffer,
- BUFFER_SIZE
- ));
+ return (OpalTrustedSend (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_2,
+ TCG_BLOCKSID_COMID, // hardcode ComID 0x0005
+ 1,
+ Buffer,
+ BUFFER_SIZE
+ ));
}
/**
@@ -278,8 +283,8 @@ OpalBlockSid( **/
TCG_RESULT
EFIAPI
-OpalPsidRevert(
- OPAL_SESSION *AdminSpSession
+OpalPsidRevert (
+ OPAL_SESSION *AdminSpSession
)
{
//
@@ -293,28 +298,28 @@ OpalPsidRevert( UINT8 Buffer[BUFFER_SIZE];
UINT8 MethodStatus;
- NULL_CHECK(AdminSpSession);
+ NULL_CHECK (AdminSpSession);
//
// Send Revert action on Admin SP
//
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buffer, BUFFER_SIZE));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_UID_ADMIN_SP, OPAL_ADMIN_SP_REVERT_METHOD));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buffer, BUFFER_SIZE));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_UID_ADMIN_SP, OPAL_ADMIN_SP_REVERT_METHOD));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send Revert Method Call
//
- ERROR_CHECK(OpalPerformMethod(AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(MethodStatus, TcgResultFailure);
+ ERROR_CHECK (OpalPerformMethod (AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
return TcgResultSuccess;
}
@@ -328,9 +333,9 @@ OpalPsidRevert( **/
TCG_RESULT
-OpalPyrite2PsidRevert(
- OPAL_SESSION *AdminSpSession,
- UINT32 EstimateTimeCost
+OpalPyrite2PsidRevert (
+ OPAL_SESSION *AdminSpSession,
+ UINT32 EstimateTimeCost
)
{
//
@@ -344,29 +349,28 @@ OpalPyrite2PsidRevert( UINT8 Buffer[BUFFER_SIZE];
UINT8 MethodStatus;
-
- NULL_CHECK(AdminSpSession);
+ NULL_CHECK (AdminSpSession);
//
// Send Revert action on Admin SP
//
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buffer, BUFFER_SIZE));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_UID_ADMIN_SP, OPAL_ADMIN_SP_REVERT_METHOD));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buffer, BUFFER_SIZE));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_UID_ADMIN_SP, OPAL_ADMIN_SP_REVERT_METHOD));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send Revert Method Call
//
- ERROR_CHECK(OpalPerformMethod(AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, EstimateTimeCost));
- METHOD_STATUS_ERROR_CHECK(MethodStatus, TcgResultFailure);
+ ERROR_CHECK (OpalPerformMethod (AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, EstimateTimeCost));
+ METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
return TcgResultSuccess;
}
@@ -383,20 +387,20 @@ OpalPyrite2PsidRevert( **/
TCG_RESULT
EFIAPI
-OpalRetrieveLevel0DiscoveryHeader(
- OPAL_SESSION *Session,
- UINTN BufferSize,
- VOID *BuffAddress
+OpalRetrieveLevel0DiscoveryHeader (
+ OPAL_SESSION *Session,
+ UINTN BufferSize,
+ VOID *BuffAddress
)
{
- return (OpalTrustedRecv(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_1, // SP
- TCG_SP_SPECIFIC_PROTOCOL_LEVEL0_DISCOVERY, // SP_Specific
- BuffAddress,
- BufferSize,
- 0
+ return (OpalTrustedRecv (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_1, // SP
+ TCG_SP_SPECIFIC_PROTOCOL_LEVEL0_DISCOVERY, // SP_Specific
+ BuffAddress,
+ BufferSize,
+ 0
));
}
@@ -412,21 +416,21 @@ OpalRetrieveLevel0DiscoveryHeader( **/
TCG_RESULT
EFIAPI
-OpalRetrieveSupportedProtocolList(
- OPAL_SESSION *Session,
- UINTN BufferSize,
- VOID *BuffAddress
+OpalRetrieveSupportedProtocolList (
+ OPAL_SESSION *Session,
+ UINTN BufferSize,
+ VOID *BuffAddress
)
{
- return (OpalTrustedRecv(
- Session->Sscp,
- Session->MediaId,
- TCG_SECURITY_PROTOCOL_INFO, // SP
- TCG_SP_SPECIFIC_PROTOCOL_LIST, // SP_Specific
- BuffAddress,
- BufferSize,
- 0
- ));
+ return (OpalTrustedRecv (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_SECURITY_PROTOCOL_INFO, // SP
+ TCG_SP_SPECIFIC_PROTOCOL_LIST, // SP_Specific
+ BuffAddress,
+ BufferSize,
+ 0
+ ));
}
/**
@@ -449,52 +453,54 @@ OpalRetrieveSupportedProtocolList( **/
TCG_RESULT
EFIAPI
-OpalStartSession(
- OPAL_SESSION *Session,
- TCG_UID SpId,
- BOOLEAN Write,
- UINT32 HostChallengeLength,
- const VOID *HostChallenge,
- TCG_UID HostSigningAuthority,
- UINT8 *MethodStatus
+OpalStartSession (
+ OPAL_SESSION *Session,
+ TCG_UID SpId,
+ BOOLEAN Write,
+ UINT32 HostChallengeLength,
+ const VOID *HostChallenge,
+ TCG_UID HostSigningAuthority,
+ UINT8 *MethodStatus
)
{
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- UINT8 Buf[BUFFER_SIZE];
- UINT16 ComIdExtension;
- UINT32 HostSessionId;
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ UINT8 Buf[BUFFER_SIZE];
+ UINT16 ComIdExtension;
+ UINT32 HostSessionId;
ComIdExtension = 0;
HostSessionId = 1;
- NULL_CHECK(Session);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (Session);
+ NULL_CHECK (MethodStatus);
Session->ComIdExtension = ComIdExtension;
- Session->HostSessionId = HostSessionId;
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateStartSession(
- &CreateStruct,
- &Size,
- Session->OpalBaseComId,
- ComIdExtension,
- HostSessionId,
- SpId,
- Write,
- HostChallengeLength,
- HostChallenge,
- HostSigningAuthority
- ));
- ERROR_CHECK(OpalPerformMethod(Session, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ Session->HostSessionId = HostSessionId;
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateStartSession (
+ &CreateStruct,
+ &Size,
+ Session->OpalBaseComId,
+ ComIdExtension,
+ HostSessionId,
+ SpId,
+ Write,
+ HostChallengeLength,
+ HostChallenge,
+ HostSigningAuthority
+ )
+ );
+ ERROR_CHECK (OpalPerformMethod (Session, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
return TcgResultSuccess; // return early if method failed - user must check MethodStatus
}
- if (TcgParseSyncSession(&ParseStruct, Session->OpalBaseComId, ComIdExtension, HostSessionId, &Session->TperSessionId) != TcgResultSuccess) {
- OpalEndSession(Session);
+ if (TcgParseSyncSession (&ParseStruct, Session->OpalBaseComId, ComIdExtension, HostSessionId, &Session->TperSessionId) != TcgResultSuccess) {
+ OpalEndSession (Session);
return TcgResultFailure;
}
@@ -509,50 +515,56 @@ OpalStartSession( **/
TCG_RESULT
EFIAPI
-OpalEndSession(
- OPAL_SESSION *Session
+OpalEndSession (
+ OPAL_SESSION *Session
)
{
- UINT8 Buffer[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- UINT32 Size;
- TCG_PARSE_STRUCT ParseStruct;
-
- NULL_CHECK(Session);
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buffer, sizeof(Buffer)));
- ERROR_CHECK(TcgCreateEndSession(
- &CreateStruct,
- &Size,
- Session->OpalBaseComId,
- Session->ComIdExtension,
- Session->HostSessionId,
- Session->TperSessionId
- ));
-
- ERROR_CHECK(OpalTrustedSend(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_1,
- Session->OpalBaseComId,
- Size,
- Buffer,
- sizeof(Buffer)
- ));
-
- ERROR_CHECK(OpalTrustedRecv(
- Session->Sscp,
- Session->MediaId,
- TCG_OPAL_SECURITY_PROTOCOL_1,
- Session->OpalBaseComId,
- Buffer,
- sizeof(Buffer),
- 0
- ));
-
- ERROR_CHECK(TcgInitTcgParseStruct(&ParseStruct, Buffer, sizeof(Buffer)));
- ERROR_CHECK(TcgCheckComIds(&ParseStruct, Session->OpalBaseComId, Session->ComIdExtension));
-
- ERROR_CHECK(TcgGetNextEndOfSession(&ParseStruct));
+ UINT8 Buffer[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ UINT32 Size;
+ TCG_PARSE_STRUCT ParseStruct;
+
+ NULL_CHECK (Session);
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buffer, sizeof (Buffer)));
+ ERROR_CHECK (
+ TcgCreateEndSession (
+ &CreateStruct,
+ &Size,
+ Session->OpalBaseComId,
+ Session->ComIdExtension,
+ Session->HostSessionId,
+ Session->TperSessionId
+ )
+ );
+
+ ERROR_CHECK (
+ OpalTrustedSend (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_1,
+ Session->OpalBaseComId,
+ Size,
+ Buffer,
+ sizeof (Buffer)
+ )
+ );
+
+ ERROR_CHECK (
+ OpalTrustedRecv (
+ Session->Sscp,
+ Session->MediaId,
+ TCG_OPAL_SECURITY_PROTOCOL_1,
+ Session->OpalBaseComId,
+ Buffer,
+ sizeof (Buffer),
+ 0
+ )
+ );
+
+ ERROR_CHECK (TcgInitTcgParseStruct (&ParseStruct, Buffer, sizeof (Buffer)));
+ ERROR_CHECK (TcgCheckComIds (&ParseStruct, Session->OpalBaseComId, Session->ComIdExtension));
+
+ ERROR_CHECK (TcgGetNextEndOfSession (&ParseStruct));
return TcgResultSuccess;
}
@@ -568,11 +580,11 @@ OpalEndSession( **/
TCG_RESULT
EFIAPI
-OpalGetMsid(
- OPAL_SESSION *AdminSpSession,
- UINT32 MsidBufferSize,
- UINT8 *Msid,
- UINT32 *MsidLength
+OpalGetMsid (
+ OPAL_SESSION *AdminSpSession,
+ UINT32 MsidBufferSize,
+ UINT8 *Msid,
+ UINT32 *MsidLength
)
{
//
@@ -580,55 +592,55 @@ OpalGetMsid( // we'll attempt to start Session as PSID authority
// verify PSID Authority is defined in ADMIN SP authority table... is this possible?
//
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- UINT8 MethodStatus;
- UINT32 Col;
- const VOID *RecvMsid;
- UINT8 Buffer[BUFFER_SIZE];
-
- NULL_CHECK(AdminSpSession);
- NULL_CHECK(Msid);
- NULL_CHECK(MsidLength);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buffer, BUFFER_SIZE));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_UID_ADMIN_SP_C_PIN_MSID, TCG_UID_METHOD_GET));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgAddStartList(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_ADMIN_SP_PIN_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_ADMIN_SP_PIN_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddEndList(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ UINT8 MethodStatus;
+ UINT32 Col;
+ const VOID *RecvMsid;
+ UINT8 Buffer[BUFFER_SIZE];
+
+ NULL_CHECK (AdminSpSession);
+ NULL_CHECK (Msid);
+ NULL_CHECK (MsidLength);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buffer, BUFFER_SIZE));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_UID_ADMIN_SP_C_PIN_MSID, TCG_UID_METHOD_GET));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgAddStartList (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_ADMIN_SP_PIN_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_ADMIN_SP_PIN_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddEndList (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send MSID Method Call
//
- ERROR_CHECK(OpalPerformMethod(AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(MethodStatus, TcgResultFailure);
+ ERROR_CHECK (OpalPerformMethod (AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartName(&ParseStruct));
- ERROR_CHECK(TcgGetNextUINT32(&ParseStruct, &Col));
- ERROR_CHECK(TcgGetNextByteSequence(&ParseStruct, &RecvMsid, MsidLength));
- ERROR_CHECK(TcgGetNextEndName(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndOfData(&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextUINT32 (&ParseStruct, &Col));
+ ERROR_CHECK (TcgGetNextByteSequence (&ParseStruct, &RecvMsid, MsidLength));
+ ERROR_CHECK (TcgGetNextEndName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndOfData (&ParseStruct));
if (Col != OPAL_ADMIN_SP_PIN_COL) {
DEBUG ((DEBUG_INFO, "ERROR: got col %u, expected %u\n", Col, OPAL_ADMIN_SP_PIN_COL));
@@ -647,7 +659,7 @@ OpalGetMsid( //
// copy msid into Buffer
//
- CopyMem(Msid, RecvMsid, *MsidLength);
+ CopyMem (Msid, RecvMsid, *MsidLength);
return TcgResultSuccess;
}
@@ -661,58 +673,58 @@ OpalGetMsid( **/
TCG_RESULT
OpalPyrite2GetActiveDataRemovalMechanism (
- IN OPAL_SESSION *AdminSpSession,
- OUT UINT8 *ActiveDataRemovalMechanism
+ IN OPAL_SESSION *AdminSpSession,
+ OUT UINT8 *ActiveDataRemovalMechanism
)
{
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- UINT8 MethodStatus;
- UINT32 Col;
- UINT8 RecvActiveDataRemovalMechanism;
- UINT8 Buffer[BUFFER_SIZE];
-
- NULL_CHECK(AdminSpSession);
- NULL_CHECK(ActiveDataRemovalMechanism);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buffer, BUFFER_SIZE));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_UID_ADMIN_SP_DATA_REMOVAL_MECHANISM, TCG_UID_METHOD_GET));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgAddStartList(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddEndList(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ UINT8 MethodStatus;
+ UINT32 Col;
+ UINT8 RecvActiveDataRemovalMechanism;
+ UINT8 Buffer[BUFFER_SIZE];
+
+ NULL_CHECK (AdminSpSession);
+ NULL_CHECK (ActiveDataRemovalMechanism);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buffer, BUFFER_SIZE));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_UID_ADMIN_SP_DATA_REMOVAL_MECHANISM, TCG_UID_METHOD_GET));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgAddStartList (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddEndList (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send Get Active Data Removal Mechanism Method Call
//
- ERROR_CHECK(OpalPerformMethod(AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(MethodStatus, TcgResultFailure);
+ ERROR_CHECK (OpalPerformMethod (AdminSpSession, Size, Buffer, BUFFER_SIZE, &ParseStruct, &MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartName(&ParseStruct));
- ERROR_CHECK(TcgGetNextUINT32(&ParseStruct, &Col));
- ERROR_CHECK(TcgGetNextUINT8(&ParseStruct, &RecvActiveDataRemovalMechanism));
- ERROR_CHECK(TcgGetNextEndName(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndOfData(&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextUINT32 (&ParseStruct, &Col));
+ ERROR_CHECK (TcgGetNextUINT8 (&ParseStruct, &RecvActiveDataRemovalMechanism));
+ ERROR_CHECK (TcgGetNextEndName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndOfData (&ParseStruct));
if (Col != OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL) {
DEBUG ((DEBUG_INFO, "ERROR: got col %u, expected %u\n", Col, OPAL_ADMIN_SP_ACTIVE_DATA_REMOVAL_MECHANISM_COL));
@@ -726,7 +738,7 @@ OpalPyrite2GetActiveDataRemovalMechanism ( //
// Copy active data removal mechanism into Buffer
//
- CopyMem(ActiveDataRemovalMechanism, &RecvActiveDataRemovalMechanism, sizeof(RecvActiveDataRemovalMechanism));
+ CopyMem (ActiveDataRemovalMechanism, &RecvActiveDataRemovalMechanism, sizeof (RecvActiveDataRemovalMechanism));
return TcgResultSuccess;
}
@@ -742,20 +754,20 @@ OpalPyrite2GetActiveDataRemovalMechanism ( **/
TCG_RESULT
EFIAPI
-OpalAdminRevert(
- OPAL_SESSION *LockingSpSession,
- BOOLEAN KeepUserData,
- UINT8 *MethodStatus
+OpalAdminRevert (
+ OPAL_SESSION *LockingSpSession,
+ BOOLEAN KeepUserData,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- UINT32 Size;
- TCG_PARSE_STRUCT ParseStruct;
- TCG_RESULT Ret;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ UINT32 Size;
+ TCG_PARSE_STRUCT ParseStruct;
+ TCG_RESULT Ret;
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
//
// ReadLocked or WriteLocked must be False (per Opal spec) to guarantee revertSP can keep user Data
@@ -764,13 +776,14 @@ OpalAdminRevert( //
// set readlocked and writelocked to false
//
- Ret = OpalUpdateGlobalLockingRange(
- LockingSpSession,
- FALSE,
- FALSE,
- MethodStatus);
-
- if (Ret != TcgResultSuccess || *MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalUpdateGlobalLockingRange (
+ LockingSpSession,
+ FALSE,
+ FALSE,
+ MethodStatus
+ );
+
+ if ((Ret != TcgResultSuccess) || (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
//
// bail out
//
@@ -778,33 +791,33 @@ OpalAdminRevert( }
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, TCG_UID_THIS_SP, OPAL_LOCKING_SP_REVERTSP_METHOD));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, TCG_UID_THIS_SP, OPAL_LOCKING_SP_REVERTSP_METHOD));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
if (KeepUserData) {
//
// optional parameter to keep Data after revert
//
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT32(&CreateStruct, 0x060000)); // weird Value but that's what spec says
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, KeepUserData));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT32 (&CreateStruct, 0x060000)); // weird Value but that's what spec says
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, KeepUserData));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
}
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send RevertSP method call
//
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
//
// Session is immediately ended by device after successful revertsp, so no need to end Session
@@ -818,13 +831,12 @@ OpalAdminRevert( //
// End Session
//
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
}
return TcgResultSuccess;
}
-
/**
The function calls the Admin SP RevertSP method on the Locking SP. If KeepUserData is True, then the optional parameter
@@ -837,21 +849,21 @@ OpalAdminRevert( **/
TCG_RESULT
-OpalPyrite2AdminRevert(
- OPAL_SESSION *LockingSpSession,
- BOOLEAN KeepUserData,
- UINT8 *MethodStatus,
- UINT32 EstimateTimeCost
+OpalPyrite2AdminRevert (
+ OPAL_SESSION *LockingSpSession,
+ BOOLEAN KeepUserData,
+ UINT8 *MethodStatus,
+ UINT32 EstimateTimeCost
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- UINT32 Size;
- TCG_PARSE_STRUCT ParseStruct;
- TCG_RESULT Ret;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ UINT32 Size;
+ TCG_PARSE_STRUCT ParseStruct;
+ TCG_RESULT Ret;
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
//
// ReadLocked or WriteLocked must be False (per Opal spec) to guarantee revertSP can keep user Data
@@ -860,13 +872,14 @@ OpalPyrite2AdminRevert( //
// set readlocked and writelocked to false
//
- Ret = OpalUpdateGlobalLockingRange(
- LockingSpSession,
- FALSE,
- FALSE,
- MethodStatus);
-
- if (Ret != TcgResultSuccess || *MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalUpdateGlobalLockingRange (
+ LockingSpSession,
+ FALSE,
+ FALSE,
+ MethodStatus
+ );
+
+ if ((Ret != TcgResultSuccess) || (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
//
// bail out
//
@@ -874,33 +887,33 @@ OpalPyrite2AdminRevert( }
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, TCG_UID_THIS_SP, OPAL_LOCKING_SP_REVERTSP_METHOD));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, TCG_UID_THIS_SP, OPAL_LOCKING_SP_REVERTSP_METHOD));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
if (KeepUserData) {
//
// optional parameter to keep Data after revert
//
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT32(&CreateStruct, 0x060000)); // weird Value but that's what spec says
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, KeepUserData));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT32 (&CreateStruct, 0x060000)); // weird Value but that's what spec says
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, KeepUserData));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
}
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send RevertSP method call
//
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, EstimateTimeCost));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, EstimateTimeCost));
//
// Session is immediately ended by device after successful revertsp, so no need to end Session
@@ -914,7 +927,7 @@ OpalPyrite2AdminRevert( //
// End Session
//
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
}
return TcgResultSuccess;
@@ -932,39 +945,39 @@ OpalPyrite2AdminRevert( **/
TCG_RESULT
EFIAPI
-OpalActivateLockingSp(
- OPAL_SESSION *AdminSpSession,
- UINT8 *MethodStatus
+OpalActivateLockingSp (
+ OPAL_SESSION *AdminSpSession,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- UINT32 Size;
- TCG_PARSE_STRUCT ParseStruct;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ UINT32 Size;
+ TCG_PARSE_STRUCT ParseStruct;
- NULL_CHECK(AdminSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (AdminSpSession);
+ NULL_CHECK (MethodStatus);
//
// Call Activate method on Locking SP
//
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_UID_LOCKING_SP, OPAL_ADMIN_SP_ACTIVATE_METHOD));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, AdminSpSession->OpalBaseComId, AdminSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, AdminSpSession->TperSessionId, AdminSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_UID_LOCKING_SP, OPAL_ADMIN_SP_ACTIVATE_METHOD));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
//
// Send Activate method call
//
- ERROR_CHECK(OpalPerformMethod(AdminSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
+ ERROR_CHECK (OpalPerformMethod (AdminSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess); // exit with success on method failure - user must inspect MethodStatus
return TcgResultSuccess;
}
@@ -982,39 +995,41 @@ OpalActivateLockingSp( **/
TCG_RESULT
EFIAPI
-OpalSetPassword(
- OPAL_SESSION *Session,
- TCG_UID CpinRowUid,
- const VOID *NewPin,
- UINT32 NewPinLength,
- UINT8 *MethodStatus
+OpalSetPassword (
+ OPAL_SESSION *Session,
+ TCG_UID CpinRowUid,
+ const VOID *NewPin,
+ UINT32 NewPinLength,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
-
- NULL_CHECK(Session);
- NULL_CHECK(NewPin);
- NULL_CHECK(MethodStatus);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateSetCPin(
- &CreateStruct,
- &Size,
- Session->OpalBaseComId,
- Session->ComIdExtension,
- Session->TperSessionId,
- Session->HostSessionId,
- CpinRowUid,
- NewPin,
- NewPinLength
- ));
-
- ERROR_CHECK(OpalPerformMethod(Session, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (NewPin);
+ NULL_CHECK (MethodStatus);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateSetCPin (
+ &CreateStruct,
+ &Size,
+ Session->OpalBaseComId,
+ Session->ComIdExtension,
+ Session->TperSessionId,
+ Session->HostSessionId,
+ CpinRowUid,
+ NewPin,
+ NewPinLength
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (Session, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
// exit with success on method failure - user must inspect MethodStatus
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess);
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess);
return TcgResultSuccess;
}
@@ -1034,129 +1049,141 @@ OpalSetPassword( **/
TCG_RESULT
EFIAPI
-OpalSetLockingSpAuthorityEnabledAndPin(
- OPAL_SESSION *LockingSpSession,
- TCG_UID CpinRowUid,
- TCG_UID AuthorityUid,
- const VOID *NewPin,
- UINT32 NewPinLength,
- UINT8 *MethodStatus
+OpalSetLockingSpAuthorityEnabledAndPin (
+ OPAL_SESSION *LockingSpSession,
+ TCG_UID CpinRowUid,
+ TCG_UID AuthorityUid,
+ const VOID *NewPin,
+ UINT32 NewPinLength,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- TCG_UID ActiveKey;
- TCG_RESULT Ret;
-
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(NewPin);
- NULL_CHECK(MethodStatus);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgSetAuthorityEnabled(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- AuthorityUid,
- TRUE));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ TCG_UID ActiveKey;
+ TCG_RESULT Ret;
+
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (NewPin);
+ NULL_CHECK (MethodStatus);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgSetAuthorityEnabled (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ AuthorityUid,
+ TRUE
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
DEBUG ((DEBUG_INFO, "Send Set Authority error\n"));
return TcgResultFailure;
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
- ERROR_CHECK(TcgCreateSetCPin(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- CpinRowUid,
- NewPin,
- NewPinLength));
+ ERROR_CHECK (
+ TcgCreateSetCPin (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ CpinRowUid,
+ NewPin,
+ NewPinLength
+ )
+ );
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
//
// allow user1 to set global range to unlocked/locked by modifying ACE_Locking_GlobalRange_SetRdLocked/SetWrLocked
//
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateSetAce(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_SET_RDLOCKED,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- TCG_ACE_EXPRESSION_OR,
- OPAL_LOCKING_SP_ADMINS_AUTHORITY
- ));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateSetAce (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_SET_RDLOCKED,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ TCG_ACE_EXPRESSION_OR,
+ OPAL_LOCKING_SP_ADMINS_AUTHORITY
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
DEBUG ((DEBUG_INFO, "Update ACE for RDLOCKED failed\n"));
return TcgResultFailure;
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateSetAce(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_SET_WRLOCKED,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- TCG_ACE_EXPRESSION_OR,
- OPAL_LOCKING_SP_ADMINS_AUTHORITY
- ));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateSetAce (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_SET_WRLOCKED,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ TCG_ACE_EXPRESSION_OR,
+ OPAL_LOCKING_SP_ADMINS_AUTHORITY
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
DEBUG ((DEBUG_INFO, "Update ACE for WRLOCKED failed\n"));
return TcgResultFailure;
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(OpalCreateRetrieveGlobalLockingRangeActiveKey(LockingSpSession, &CreateStruct, &Size));
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (OpalCreateRetrieveGlobalLockingRangeActiveKey (LockingSpSession, &CreateStruct, &Size));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
//
// For Pyrite type SSC, it not supports Active Key.
// So here add check logic before enable it.
//
- Ret = OpalParseRetrieveGlobalLockingRangeActiveKey(&ParseStruct, &ActiveKey);
+ Ret = OpalParseRetrieveGlobalLockingRangeActiveKey (&ParseStruct, &ActiveKey);
if (Ret == TcgResultSuccess) {
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateSetAce(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- (ActiveKey == OPAL_LOCKING_SP_K_AES_256_GLOBALRANGE_KEY) ? OPAL_LOCKING_SP_ACE_K_AES_256_GLOBALRANGE_GENKEY : OPAL_LOCKING_SP_ACE_K_AES_128_GLOBALRANGE_GENKEY,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- TCG_ACE_EXPRESSION_OR,
- OPAL_LOCKING_SP_ADMINS_AUTHORITY
- ));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateSetAce (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ (ActiveKey == OPAL_LOCKING_SP_K_AES_256_GLOBALRANGE_KEY) ? OPAL_LOCKING_SP_ACE_K_AES_256_GLOBALRANGE_GENKEY : OPAL_LOCKING_SP_ACE_K_AES_128_GLOBALRANGE_GENKEY,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ TCG_ACE_EXPRESSION_OR,
+ OPAL_LOCKING_SP_ADMINS_AUTHORITY
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
DEBUG ((DEBUG_INFO, "Update ACE for GLOBALRANGE_GENKEY failed\n"));
@@ -1167,21 +1194,23 @@ OpalSetLockingSpAuthorityEnabledAndPin( }
}
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgCreateSetAce(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_GET_ALL,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- TCG_ACE_EXPRESSION_OR,
- OPAL_LOCKING_SP_ADMINS_AUTHORITY
- ));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgCreateSetAce (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_GET_ALL,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ TCG_ACE_EXPRESSION_OR,
+ OPAL_LOCKING_SP_ADMINS_AUTHORITY
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
if (*MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
DEBUG ((DEBUG_INFO, "Update ACE for OPAL_LOCKING_SP_ACE_LOCKING_GLOBALRANGE_GET_ALL failed\n"));
@@ -1201,31 +1230,34 @@ OpalSetLockingSpAuthorityEnabledAndPin( **/
TCG_RESULT
EFIAPI
-OpalDisableUser(
- OPAL_SESSION *LockingSpSession,
- UINT8 *MethodStatus
+OpalDisableUser (
+ OPAL_SESSION *LockingSpSession,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
-
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgSetAuthorityEnabled(
- &CreateStruct,
- &Size,
- LockingSpSession->OpalBaseComId,
- LockingSpSession->ComIdExtension,
- LockingSpSession->TperSessionId,
- LockingSpSession->HostSessionId,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- FALSE));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (
+ TcgSetAuthorityEnabled (
+ &CreateStruct,
+ &Size,
+ LockingSpSession->OpalBaseComId,
+ LockingSpSession->ComIdExtension,
+ LockingSpSession->TperSessionId,
+ LockingSpSession->HostSessionId,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ FALSE
+ )
+ );
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
return TcgResultSuccess;
}
@@ -1241,47 +1273,47 @@ OpalDisableUser( **/
TCG_RESULT
EFIAPI
-OpalGlobalLockingRangeGenKey(
- OPAL_SESSION *LockingSpSession,
- UINT8 *MethodStatus
+OpalGlobalLockingRangeGenKey (
+ OPAL_SESSION *LockingSpSession,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- TCG_UID ActiveKey;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ TCG_UID ActiveKey;
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
//
// retrieve the activekey in order to know which globalrange key to generate
//
- ERROR_CHECK(OpalCreateRetrieveGlobalLockingRangeActiveKey(LockingSpSession, &CreateStruct, &Size));
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (OpalCreateRetrieveGlobalLockingRangeActiveKey (LockingSpSession, &CreateStruct, &Size));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess);
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess);
- ERROR_CHECK(OpalParseRetrieveGlobalLockingRangeActiveKey(&ParseStruct, &ActiveKey));
+ ERROR_CHECK (OpalParseRetrieveGlobalLockingRangeActiveKey (&ParseStruct, &ActiveKey));
//
// call genkey on ActiveKey UID
//
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, ActiveKey, TCG_UID_METHOD_GEN_KEY));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, ActiveKey, TCG_UID_METHOD_GEN_KEY));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
return TcgResultSuccess;
}
@@ -1300,55 +1332,55 @@ OpalGlobalLockingRangeGenKey( **/
TCG_RESULT
EFIAPI
-OpalUpdateGlobalLockingRange(
- OPAL_SESSION *LockingSpSession,
- BOOLEAN ReadLocked,
- BOOLEAN WriteLocked,
- UINT8 *MethodStatus
+OpalUpdateGlobalLockingRange (
+ OPAL_SESSION *LockingSpSession,
+ BOOLEAN ReadLocked,
+ BOOLEAN WriteLocked,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
//
// set global locking range values
//
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, OPAL_LOCKING_SP_LOCKING_GLOBALRANGE, TCG_UID_METHOD_SET));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x01)); // "Values"
- ERROR_CHECK(TcgAddStartList(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x07)); // "ReadLocked"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, ReadLocked));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x08)); // "WriteLocked"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, WriteLocked));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddEndList(&CreateStruct));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess);
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, OPAL_LOCKING_SP_LOCKING_GLOBALRANGE, TCG_UID_METHOD_SET));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x01)); // "Values"
+ ERROR_CHECK (TcgAddStartList (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x07)); // "ReadLocked"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, ReadLocked));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x08)); // "WriteLocked"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, WriteLocked));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddEndList (&CreateStruct));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess);
return TcgResultSuccess;
}
@@ -1371,86 +1403,86 @@ OpalUpdateGlobalLockingRange( **/
TCG_RESULT
EFIAPI
-OpalSetLockingRange(
- OPAL_SESSION *LockingSpSession,
- TCG_UID LockingRangeUid,
- UINT64 RangeStart,
- UINT64 RangeLength,
- BOOLEAN ReadLockEnabled,
- BOOLEAN WriteLockEnabled,
- BOOLEAN ReadLocked,
- BOOLEAN WriteLocked,
- UINT8 *MethodStatus
+OpalSetLockingRange (
+ OPAL_SESSION *LockingSpSession,
+ TCG_UID LockingRangeUid,
+ UINT64 RangeStart,
+ UINT64 RangeLength,
+ BOOLEAN ReadLockEnabled,
+ BOOLEAN WriteLockEnabled,
+ BOOLEAN ReadLocked,
+ BOOLEAN WriteLocked,
+ UINT8 *MethodStatus
)
{
- UINT8 Buf[BUFFER_SIZE];
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
+ UINT8 Buf[BUFFER_SIZE];
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(MethodStatus);
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (MethodStatus);
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
//
// set locking range values
//
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, LockingRangeUid, TCG_UID_METHOD_SET));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x01)); // "Values"
- ERROR_CHECK(TcgAddStartList(&CreateStruct));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, LockingRangeUid, TCG_UID_METHOD_SET));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x01)); // "Values"
+ ERROR_CHECK (TcgAddStartList (&CreateStruct));
//
// range start and range Length only apply to non-global locking ranges
//
if (LockingRangeUid != OPAL_LOCKING_SP_LOCKING_GLOBALRANGE) {
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x03)); // "RangeStart"
- ERROR_CHECK(TcgAddUINT64(&CreateStruct, RangeStart));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x04)); // "RangeLength"
- ERROR_CHECK(TcgAddUINT64(&CreateStruct, RangeLength));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x03)); // "RangeStart"
+ ERROR_CHECK (TcgAddUINT64 (&CreateStruct, RangeStart));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x04)); // "RangeLength"
+ ERROR_CHECK (TcgAddUINT64 (&CreateStruct, RangeLength));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
}
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x05)); // "ReadLockEnabled"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, ReadLockEnabled));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x06)); // "WriteLockEnabled"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, WriteLockEnabled));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x07)); // "ReadLocked"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, ReadLocked));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, 0x08)); // "WriteLocked"
- ERROR_CHECK(TcgAddBOOLEAN(&CreateStruct, WriteLocked));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
-
- ERROR_CHECK(TcgAddEndList(&CreateStruct));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, MethodStatus, 0));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x05)); // "ReadLockEnabled"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, ReadLockEnabled));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x06)); // "WriteLockEnabled"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, WriteLockEnabled));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x07)); // "ReadLocked"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, ReadLocked));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, 0x08)); // "WriteLocked"
+ ERROR_CHECK (TcgAddBOOLEAN (&CreateStruct, WriteLocked));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+
+ ERROR_CHECK (TcgAddEndList (&CreateStruct));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, MethodStatus, 0));
// Exit with success on method failure - user must inspect MethodStatus
- METHOD_STATUS_ERROR_CHECK(*MethodStatus, TcgResultSuccess);
+ METHOD_STATUS_ERROR_CHECK (*MethodStatus, TcgResultSuccess);
return TcgResultSuccess;
}
@@ -1468,37 +1500,37 @@ OpalSetLockingRange( **/
TCG_RESULT
EFIAPI
-OpalCreateRetrieveGlobalLockingRangeActiveKey(
- const OPAL_SESSION *Session,
- TCG_CREATE_STRUCT *CreateStruct,
- UINT32 *Size
+OpalCreateRetrieveGlobalLockingRangeActiveKey (
+ const OPAL_SESSION *Session,
+ TCG_CREATE_STRUCT *CreateStruct,
+ UINT32 *Size
)
{
- NULL_CHECK(Session);
- NULL_CHECK(CreateStruct);
- NULL_CHECK(Size);
+ NULL_CHECK (Session);
+ NULL_CHECK (CreateStruct);
+ NULL_CHECK (Size);
// Retrieve the activekey in order to know which globalrange key to generate
- ERROR_CHECK(TcgStartComPacket(CreateStruct, Session->OpalBaseComId, Session->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(CreateStruct, Session->TperSessionId, Session->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(CreateStruct, OPAL_LOCKING_SP_LOCKING_GLOBALRANGE, TCG_UID_METHOD_GET));
- ERROR_CHECK(TcgStartParameters(CreateStruct));
- ERROR_CHECK(TcgAddStartList(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x0A)); // ActiveKey
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgAddStartName(CreateStruct));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(CreateStruct, 0x0A));
- ERROR_CHECK(TcgAddEndName(CreateStruct));
- ERROR_CHECK(TcgAddEndList(CreateStruct));
- ERROR_CHECK(TcgEndParameters(CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(CreateStruct));
- ERROR_CHECK(TcgEndPacket(CreateStruct));
- ERROR_CHECK(TcgEndComPacket(CreateStruct, Size));
+ ERROR_CHECK (TcgStartComPacket (CreateStruct, Session->OpalBaseComId, Session->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (CreateStruct, Session->TperSessionId, Session->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (CreateStruct, OPAL_LOCKING_SP_LOCKING_GLOBALRANGE, TCG_UID_METHOD_GET));
+ ERROR_CHECK (TcgStartParameters (CreateStruct));
+ ERROR_CHECK (TcgAddStartList (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x0A)); // ActiveKey
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgAddStartName (CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (CreateStruct, 0x0A));
+ ERROR_CHECK (TcgAddEndName (CreateStruct));
+ ERROR_CHECK (TcgAddEndList (CreateStruct));
+ ERROR_CHECK (TcgEndParameters (CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (CreateStruct));
+ ERROR_CHECK (TcgEndPacket (CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (CreateStruct, Size));
return TcgResultSuccess;
}
@@ -1513,33 +1545,33 @@ OpalCreateRetrieveGlobalLockingRangeActiveKey( **/
TCG_RESULT
EFIAPI
-OpalParseRetrieveGlobalLockingRangeActiveKey(
+OpalParseRetrieveGlobalLockingRangeActiveKey (
TCG_PARSE_STRUCT *ParseStruct,
TCG_UID *ActiveKey
)
{
- UINT32 ColumnName;
+ UINT32 ColumnName;
- NULL_CHECK(ParseStruct);
- NULL_CHECK(ActiveKey);
+ NULL_CHECK (ParseStruct);
+ NULL_CHECK (ActiveKey);
// parse response
- ERROR_CHECK(TcgGetNextStartList(ParseStruct));
- ERROR_CHECK(TcgGetNextStartList(ParseStruct));
- ERROR_CHECK(TcgGetNextStartName(ParseStruct));
- ERROR_CHECK(TcgGetNextUINT32(ParseStruct, &ColumnName));
- ERROR_CHECK(TcgGetNextTcgUid(ParseStruct, ActiveKey));
- ERROR_CHECK(TcgGetNextEndName(ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(ParseStruct));
- ERROR_CHECK(TcgGetNextEndOfData(ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (ParseStruct));
+ ERROR_CHECK (TcgGetNextStartName (ParseStruct));
+ ERROR_CHECK (TcgGetNextUINT32 (ParseStruct, &ColumnName));
+ ERROR_CHECK (TcgGetNextTcgUid (ParseStruct, ActiveKey));
+ ERROR_CHECK (TcgGetNextEndName (ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (ParseStruct));
+ ERROR_CHECK (TcgGetNextEndOfData (ParseStruct));
if (ColumnName != 0x0A) {
DEBUG ((DEBUG_INFO, "Unexpected column name %u (exp 0x0A)\n", ColumnName));
return TcgResultFailure;
}
- if (*ActiveKey != OPAL_LOCKING_SP_K_AES_256_GLOBALRANGE_KEY && *ActiveKey != OPAL_LOCKING_SP_K_AES_128_GLOBALRANGE_KEY) {
+ if ((*ActiveKey != OPAL_LOCKING_SP_K_AES_256_GLOBALRANGE_KEY) && (*ActiveKey != OPAL_LOCKING_SP_K_AES_128_GLOBALRANGE_KEY)) {
DEBUG ((DEBUG_INFO, "Unexpected gen key %u (exp %u or %u)\n", *ActiveKey, OPAL_LOCKING_SP_K_AES_256_GLOBALRANGE_KEY, OPAL_LOCKING_SP_K_AES_128_GLOBALRANGE_KEY));
return TcgResultFailure;
}
@@ -1558,56 +1590,56 @@ OpalParseRetrieveGlobalLockingRangeActiveKey( **/
TCG_RESULT
EFIAPI
-OpalGetTryLimit(
- OPAL_SESSION *LockingSpSession,
- TCG_UID RowUid,
- UINT32 *TryLimit
+OpalGetTryLimit (
+ OPAL_SESSION *LockingSpSession,
+ TCG_UID RowUid,
+ UINT32 *TryLimit
)
{
- TCG_CREATE_STRUCT CreateStruct;
- TCG_PARSE_STRUCT ParseStruct;
- UINT32 Size;
- UINT8 MethodStatus;
- UINT8 Buf[BUFFER_SIZE];
- UINT32 Col;
-
- NULL_CHECK(LockingSpSession);
- NULL_CHECK(TryLimit);
-
- ERROR_CHECK(TcgInitTcgCreateStruct(&CreateStruct, Buf, sizeof(Buf)));
- ERROR_CHECK(TcgStartComPacket(&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
- ERROR_CHECK(TcgStartPacket(&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
- ERROR_CHECK(TcgStartSubPacket(&CreateStruct, 0x0));
- ERROR_CHECK(TcgStartMethodCall(&CreateStruct, RowUid, TCG_UID_METHOD_GET));
- ERROR_CHECK(TcgStartParameters(&CreateStruct));
- ERROR_CHECK(TcgAddStartList(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddStartName(&CreateStruct));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
- ERROR_CHECK(TcgAddUINT8(&CreateStruct, OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL));
- ERROR_CHECK(TcgAddEndName(&CreateStruct));
- ERROR_CHECK(TcgAddEndList(&CreateStruct));
- ERROR_CHECK(TcgEndParameters(&CreateStruct));
- ERROR_CHECK(TcgEndMethodCall(&CreateStruct));
- ERROR_CHECK(TcgEndSubPacket(&CreateStruct));
- ERROR_CHECK(TcgEndPacket(&CreateStruct));
- ERROR_CHECK(TcgEndComPacket(&CreateStruct, &Size));
-
- ERROR_CHECK(OpalPerformMethod(LockingSpSession, Size, Buf, sizeof(Buf), &ParseStruct, &MethodStatus, 0));
- METHOD_STATUS_ERROR_CHECK(MethodStatus, TcgResultFailure);
-
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartList(&ParseStruct));
- ERROR_CHECK(TcgGetNextStartName(&ParseStruct));
- ERROR_CHECK(TcgGetNextUINT32(&ParseStruct, &Col));
- ERROR_CHECK(TcgGetNextUINT32(&ParseStruct, TryLimit));
- ERROR_CHECK(TcgGetNextEndName(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndList(&ParseStruct));
- ERROR_CHECK(TcgGetNextEndOfData(&ParseStruct));
+ TCG_CREATE_STRUCT CreateStruct;
+ TCG_PARSE_STRUCT ParseStruct;
+ UINT32 Size;
+ UINT8 MethodStatus;
+ UINT8 Buf[BUFFER_SIZE];
+ UINT32 Col;
+
+ NULL_CHECK (LockingSpSession);
+ NULL_CHECK (TryLimit);
+
+ ERROR_CHECK (TcgInitTcgCreateStruct (&CreateStruct, Buf, sizeof (Buf)));
+ ERROR_CHECK (TcgStartComPacket (&CreateStruct, LockingSpSession->OpalBaseComId, LockingSpSession->ComIdExtension));
+ ERROR_CHECK (TcgStartPacket (&CreateStruct, LockingSpSession->TperSessionId, LockingSpSession->HostSessionId, 0x0, 0x0, 0x0));
+ ERROR_CHECK (TcgStartSubPacket (&CreateStruct, 0x0));
+ ERROR_CHECK (TcgStartMethodCall (&CreateStruct, RowUid, TCG_UID_METHOD_GET));
+ ERROR_CHECK (TcgStartParameters (&CreateStruct));
+ ERROR_CHECK (TcgAddStartList (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_START_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddStartName (&CreateStruct));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, TCG_CELL_BLOCK_END_COLUMN_NAME));
+ ERROR_CHECK (TcgAddUINT8 (&CreateStruct, OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL));
+ ERROR_CHECK (TcgAddEndName (&CreateStruct));
+ ERROR_CHECK (TcgAddEndList (&CreateStruct));
+ ERROR_CHECK (TcgEndParameters (&CreateStruct));
+ ERROR_CHECK (TcgEndMethodCall (&CreateStruct));
+ ERROR_CHECK (TcgEndSubPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndPacket (&CreateStruct));
+ ERROR_CHECK (TcgEndComPacket (&CreateStruct, &Size));
+
+ ERROR_CHECK (OpalPerformMethod (LockingSpSession, Size, Buf, sizeof (Buf), &ParseStruct, &MethodStatus, 0));
+ METHOD_STATUS_ERROR_CHECK (MethodStatus, TcgResultFailure);
+
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextStartName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextUINT32 (&ParseStruct, &Col));
+ ERROR_CHECK (TcgGetNextUINT32 (&ParseStruct, TryLimit));
+ ERROR_CHECK (TcgGetNextEndName (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndList (&ParseStruct));
+ ERROR_CHECK (TcgGetNextEndOfData (&ParseStruct));
if (Col != OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL) {
DEBUG ((DEBUG_INFO, "ERROR: got col %u, expected %u\n", Col, OPAL_LOCKING_SP_C_PIN_TRYLIMIT_COL));
@@ -1628,50 +1660,52 @@ OpalGetTryLimit( **/
TCG_RESULT
EFIAPI
-OpalGetSupportedAttributesInfo(
+OpalGetSupportedAttributesInfo (
IN OPAL_SESSION *Session,
OUT OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
OUT UINT16 *OpalBaseComId
)
{
- UINT8 Buffer[BUFFER_SIZE];
- TCG_SUPPORTED_SECURITY_PROTOCOLS *SupportedProtocols;
- TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
- OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
- OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat2;
- UINTN Size;
- UINTN Size2;
+ UINT8 Buffer[BUFFER_SIZE];
+ TCG_SUPPORTED_SECURITY_PROTOCOLS *SupportedProtocols;
+ TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
+ OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
+ OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat2;
+ UINTN Size;
+ UINTN Size2;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (SupportedAttributes);
+ NULL_CHECK (OpalBaseComId);
- NULL_CHECK(Session);
- NULL_CHECK(SupportedAttributes);
- NULL_CHECK(OpalBaseComId);
-
- ZeroMem(Buffer, BUFFER_SIZE);
- ZeroMem(SupportedAttributes, sizeof(OPAL_DISK_SUPPORT_ATTRIBUTE));
- ASSERT(sizeof(Buffer) >= sizeof(TCG_SUPPORTED_SECURITY_PROTOCOLS));
+ ZeroMem (Buffer, BUFFER_SIZE);
+ ZeroMem (SupportedAttributes, sizeof (OPAL_DISK_SUPPORT_ATTRIBUTE));
+ ASSERT (sizeof (Buffer) >= sizeof (TCG_SUPPORTED_SECURITY_PROTOCOLS));
//
// Retrieve supported protocols verify security protocol 1 is supported
//
- SupportedProtocols = (TCG_SUPPORTED_SECURITY_PROTOCOLS*) Buffer;
+ SupportedProtocols = (TCG_SUPPORTED_SECURITY_PROTOCOLS *)Buffer;
//
// Get list of supported protocols
//
- if (OpalRetrieveSupportedProtocolList (Session, sizeof(TCG_SUPPORTED_SECURITY_PROTOCOLS), SupportedProtocols) == TcgResultFailure) {
+ if (OpalRetrieveSupportedProtocolList (Session, sizeof (TCG_SUPPORTED_SECURITY_PROTOCOLS), SupportedProtocols) == TcgResultFailure) {
DEBUG ((DEBUG_INFO, "OpalRetrieveSupportedProtocolList failed\n"));
return TcgResultFailure;
}
- SupportedAttributes->Sp1 = TcgIsProtocolSupported (SupportedProtocols, TCG_OPAL_SECURITY_PROTOCOL_1);
- SupportedAttributes->Sp2 = TcgIsProtocolSupported (SupportedProtocols, TCG_OPAL_SECURITY_PROTOCOL_2);
+ SupportedAttributes->Sp1 = TcgIsProtocolSupported (SupportedProtocols, TCG_OPAL_SECURITY_PROTOCOL_1);
+ SupportedAttributes->Sp2 = TcgIsProtocolSupported (SupportedProtocols, TCG_OPAL_SECURITY_PROTOCOL_2);
SupportedAttributes->SpIeee1667 = TcgIsProtocolSupported (SupportedProtocols, TCG_SECURITY_PROTOCOL_IEEE_1667);
- DEBUG ((DEBUG_INFO, "Supported Protocols: Sp1 %d Sp2: %d SpIeee1667 %d \n",
- SupportedAttributes->Sp1,
- SupportedAttributes->Sp2,
- SupportedAttributes->SpIeee1667
- ));
+ DEBUG ((
+ DEBUG_INFO,
+ "Supported Protocols: Sp1 %d Sp2: %d SpIeee1667 %d \n",
+ SupportedAttributes->Sp1,
+ SupportedAttributes->Sp2,
+ SupportedAttributes->SpIeee1667
+ ));
//
// Perform level 0 discovery and assign desired feature info to Opal Disk structure
@@ -1685,10 +1719,10 @@ OpalGetSupportedAttributesInfo( //
// Check for required feature descriptors
//
- DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER*) Buffer;
+ DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER *)Buffer;
- Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_V2_0_0, &Size);
+ Size = 0;
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_V2_0_0, &Size);
SupportedAttributes->OpalSsc2 = (Feat != NULL);
*OpalBaseComId = TCG_RESERVED_COMID;
@@ -1696,35 +1730,39 @@ OpalGetSupportedAttributesInfo( //
// Check Opal SCC V2 has valid settings for SID C_PIN on revert
//
- if (SupportedAttributes->OpalSsc2 && Size >= sizeof (OPAL_SSCV2_FEATURE_DESCRIPTOR)) {
+ if (SupportedAttributes->OpalSsc2 && (Size >= sizeof (OPAL_SSCV2_FEATURE_DESCRIPTOR))) {
//
// Want opposite polarity b/c Value is greater than a bit, but we only care about non-zero vs zero
//
SupportedAttributes->InitCpinIndicator = (Feat->OpalSscV2.InitialCPINSIDPIN == 0);
- SupportedAttributes->CpinUponRevert = (Feat->OpalSscV2.CPINSIDPINRevertBehavior == 0);
- DEBUG ((DEBUG_INFO, "Opal SSC V2 InitCpinIndicator %d CpinUponRevert %d \n",
- SupportedAttributes->InitCpinIndicator,
- SupportedAttributes->CpinUponRevert
- ));
+ SupportedAttributes->CpinUponRevert = (Feat->OpalSscV2.CPINSIDPINRevertBehavior == 0);
+ DEBUG ((
+ DEBUG_INFO,
+ "Opal SSC V2 InitCpinIndicator %d CpinUponRevert %d \n",
+ SupportedAttributes->InitCpinIndicator,
+ SupportedAttributes->CpinUponRevert
+ ));
*OpalBaseComId = SwapBytes16 (Feat->OpalSscV2.BaseComdIdBE);
}
- Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_LITE, &Size);
+ Size = 0;
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_LITE, &Size);
SupportedAttributes->OpalSscLite = (Feat != NULL);
- if (Feat != NULL && Size >= sizeof (OPAL_SSCLITE_FEATURE_DESCRIPTOR)) {
+ if ((Feat != NULL) && (Size >= sizeof (OPAL_SSCLITE_FEATURE_DESCRIPTOR))) {
if (*OpalBaseComId == TCG_RESERVED_COMID) {
//
// Pin values used always match up with ComId used
//
- *OpalBaseComId = SwapBytes16 (Feat->OpalSscLite.BaseComdIdBE);
+ *OpalBaseComId = SwapBytes16 (Feat->OpalSscLite.BaseComdIdBE);
SupportedAttributes->InitCpinIndicator = (Feat->OpalSscV2.InitialCPINSIDPIN == 0);
- SupportedAttributes->CpinUponRevert = (Feat->OpalSscV2.CPINSIDPINRevertBehavior == 0);
- DEBUG ((DEBUG_INFO, "Opal SSC Lite InitCpinIndicator %d CpinUponRevert %d \n",
- SupportedAttributes->InitCpinIndicator,
- SupportedAttributes->CpinUponRevert
- ));
+ SupportedAttributes->CpinUponRevert = (Feat->OpalSscV2.CPINSIDPINRevertBehavior == 0);
+ DEBUG ((
+ DEBUG_INFO,
+ "Opal SSC Lite InitCpinIndicator %d CpinUponRevert %d \n",
+ SupportedAttributes->InitCpinIndicator,
+ SupportedAttributes->CpinUponRevert
+ ));
}
}
@@ -1732,55 +1770,59 @@ OpalGetSupportedAttributesInfo( // For some pyrite 2.0 device, it contains both pyrite 1.0 and 2.0 feature data.
// so here try to get data from pyrite 2.0 feature data first.
//
- Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_PYRITE_SSC, &Size);
+ Size = 0;
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_PYRITE_SSC, &Size);
Size2 = 0;
- Feat2 = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_PYRITE_SSC_V2_0_0, &Size2);
- if (Feat2 != NULL && Size2 >= sizeof (PYRITE_SSCV2_FEATURE_DESCRIPTOR)) {
+ Feat2 = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_PYRITE_SSC_V2_0_0, &Size2);
+ if ((Feat2 != NULL) && (Size2 >= sizeof (PYRITE_SSCV2_FEATURE_DESCRIPTOR))) {
SupportedAttributes->PyriteSscV2 = TRUE;
if (*OpalBaseComId == TCG_RESERVED_COMID) {
- *OpalBaseComId = SwapBytes16 (Feat2->PyriteSscV2.BaseComdIdBE);
+ *OpalBaseComId = SwapBytes16 (Feat2->PyriteSscV2.BaseComdIdBE);
SupportedAttributes->InitCpinIndicator = (Feat2->PyriteSscV2.InitialCPINSIDPIN == 0);
- SupportedAttributes->CpinUponRevert = (Feat2->PyriteSscV2.CPINSIDPINRevertBehavior == 0);
- DEBUG ((DEBUG_INFO, "Pyrite SSC V2 InitCpinIndicator %d CpinUponRevert %d \n",
- SupportedAttributes->InitCpinIndicator,
- SupportedAttributes->CpinUponRevert
- ));
+ SupportedAttributes->CpinUponRevert = (Feat2->PyriteSscV2.CPINSIDPINRevertBehavior == 0);
+ DEBUG ((
+ DEBUG_INFO,
+ "Pyrite SSC V2 InitCpinIndicator %d CpinUponRevert %d \n",
+ SupportedAttributes->InitCpinIndicator,
+ SupportedAttributes->CpinUponRevert
+ ));
}
} else {
SupportedAttributes->PyriteSsc = (Feat != NULL);
- if (Feat != NULL && Size >= sizeof (PYRITE_SSC_FEATURE_DESCRIPTOR)) {
+ if ((Feat != NULL) && (Size >= sizeof (PYRITE_SSC_FEATURE_DESCRIPTOR))) {
if (*OpalBaseComId == TCG_RESERVED_COMID) {
- *OpalBaseComId = SwapBytes16 (Feat->PyriteSsc.BaseComdIdBE);
+ *OpalBaseComId = SwapBytes16 (Feat->PyriteSsc.BaseComdIdBE);
SupportedAttributes->InitCpinIndicator = (Feat->PyriteSsc.InitialCPINSIDPIN == 0);
- SupportedAttributes->CpinUponRevert = (Feat->PyriteSsc.CPINSIDPINRevertBehavior == 0);
- DEBUG ((DEBUG_INFO, "Pyrite SSC InitCpinIndicator %d CpinUponRevert %d \n",
- SupportedAttributes->InitCpinIndicator,
- SupportedAttributes->CpinUponRevert
- ));
+ SupportedAttributes->CpinUponRevert = (Feat->PyriteSsc.CPINSIDPINRevertBehavior == 0);
+ DEBUG ((
+ DEBUG_INFO,
+ "Pyrite SSC InitCpinIndicator %d CpinUponRevert %d \n",
+ SupportedAttributes->InitCpinIndicator,
+ SupportedAttributes->CpinUponRevert
+ ));
}
}
}
- Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_V1_0_0, &Size);
+ Size = 0;
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_OPAL_SSC_V1_0_0, &Size);
SupportedAttributes->OpalSsc1 = (Feat != NULL);
- if (Feat != NULL && Size >= sizeof (OPAL_SSCV1_FEATURE_DESCRIPTOR)) {
+ if ((Feat != NULL) && (Size >= sizeof (OPAL_SSCV1_FEATURE_DESCRIPTOR))) {
if (*OpalBaseComId == TCG_RESERVED_COMID) {
*OpalBaseComId = SwapBytes16 (Feat->OpalSscV1.BaseComdIdBE);
}
}
Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_LOCKING, &Size);
- if (Feat != NULL && Size >= sizeof (TCG_LOCKING_FEATURE_DESCRIPTOR)) {
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_LOCKING, &Size);
+ if ((Feat != NULL) && (Size >= sizeof (TCG_LOCKING_FEATURE_DESCRIPTOR))) {
SupportedAttributes->MediaEncryption = Feat->Locking.MediaEncryption;
DEBUG ((DEBUG_INFO, "SupportedAttributes->MediaEncryption 0x%X \n", SupportedAttributes->MediaEncryption));
}
Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_BLOCK_SID, &Size);
- if (Feat != NULL && Size >= sizeof (TCG_BLOCK_SID_FEATURE_DESCRIPTOR)) {
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_BLOCK_SID, &Size);
+ if ((Feat != NULL) && (Size >= sizeof (TCG_BLOCK_SID_FEATURE_DESCRIPTOR))) {
SupportedAttributes->BlockSid = TRUE;
DEBUG ((DEBUG_INFO, "BlockSid Supported!!! Current Status is 0x%X \n", Feat->BlockSid.SIDBlockedState));
} else {
@@ -1788,8 +1830,8 @@ OpalGetSupportedAttributesInfo( }
Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_DATA_REMOVAL, &Size);
- if (Feat != NULL && Size >= sizeof (DATA_REMOVAL_FEATURE_DESCRIPTOR)) {
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_DATA_REMOVAL, &Size);
+ if ((Feat != NULL) && (Size >= sizeof (DATA_REMOVAL_FEATURE_DESCRIPTOR))) {
SupportedAttributes->DataRemoval = TRUE;
DEBUG ((DEBUG_INFO, "DataRemoval Feature Supported!\n"));
DEBUG ((DEBUG_INFO, "Operation Processing = 0x%x\n", Feat->DataRemoval.OperationProcessing));
@@ -1816,31 +1858,32 @@ OpalGetSupportedAttributesInfo( **/
TCG_RESULT
EFIAPI
-OpalGetLockingInfo(
- OPAL_SESSION *Session,
- TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
+OpalGetLockingInfo (
+ OPAL_SESSION *Session,
+ TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
)
{
- UINT8 Buffer[BUFFER_SIZE];
- TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
- OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
- UINTN Size;
+ UINT8 Buffer[BUFFER_SIZE];
+ TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
+ OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
+ UINTN Size;
- NULL_CHECK(Session);
- NULL_CHECK(LockingFeature);
+ NULL_CHECK (Session);
+ NULL_CHECK (LockingFeature);
- ZeroMem(Buffer, BUFFER_SIZE);
- ASSERT(sizeof(Buffer) >= sizeof(TCG_SUPPORTED_SECURITY_PROTOCOLS));
+ ZeroMem (Buffer, BUFFER_SIZE);
+ ASSERT (sizeof (Buffer) >= sizeof (TCG_SUPPORTED_SECURITY_PROTOCOLS));
if (OpalRetrieveLevel0DiscoveryHeader (Session, BUFFER_SIZE, Buffer) == TcgResultFailure) {
DEBUG ((DEBUG_INFO, "OpalRetrieveLevel0DiscoveryHeader failed\n"));
return TcgResultFailure;
}
- DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER*) Buffer;
+
+ DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER *)Buffer;
Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, TCG_FEATURE_LOCKING, &Size);
- if (Feat != NULL && Size >= sizeof (TCG_LOCKING_FEATURE_DESCRIPTOR)) {
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, TCG_FEATURE_LOCKING, &Size);
+ if ((Feat != NULL) && (Size >= sizeof (TCG_LOCKING_FEATURE_DESCRIPTOR))) {
CopyMem (LockingFeature, &Feat->Locking, sizeof (TCG_LOCKING_FEATURE_DESCRIPTOR));
}
@@ -1859,32 +1902,33 @@ OpalGetLockingInfo( **/
TCG_RESULT
OpalGetFeatureDescriptor (
- IN OPAL_SESSION *Session,
- IN UINT16 FeatureCode,
- IN OUT UINTN *DataSize,
- OUT VOID *Data
+ IN OPAL_SESSION *Session,
+ IN UINT16 FeatureCode,
+ IN OUT UINTN *DataSize,
+ OUT VOID *Data
)
{
- UINT8 Buffer[BUFFER_SIZE];
- TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
- OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
- UINTN Size;
+ UINT8 Buffer[BUFFER_SIZE];
+ TCG_LEVEL0_DISCOVERY_HEADER *DiscoveryHeader;
+ OPAL_LEVEL0_FEATURE_DESCRIPTOR *Feat;
+ UINTN Size;
- NULL_CHECK(Session);
- NULL_CHECK(DataSize);
- NULL_CHECK(Data);
+ NULL_CHECK (Session);
+ NULL_CHECK (DataSize);
+ NULL_CHECK (Data);
- ZeroMem(Buffer, BUFFER_SIZE);
- ASSERT(sizeof(Buffer) >= sizeof(TCG_SUPPORTED_SECURITY_PROTOCOLS));
+ ZeroMem (Buffer, BUFFER_SIZE);
+ ASSERT (sizeof (Buffer) >= sizeof (TCG_SUPPORTED_SECURITY_PROTOCOLS));
if (OpalRetrieveLevel0DiscoveryHeader (Session, BUFFER_SIZE, Buffer) == TcgResultFailure) {
DEBUG ((DEBUG_INFO, "OpalRetrieveLevel0DiscoveryHeader failed\n"));
return TcgResultFailure;
}
- DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER*) Buffer;
+
+ DiscoveryHeader = (TCG_LEVEL0_DISCOVERY_HEADER *)Buffer;
Size = 0;
- Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR*) TcgGetFeature (DiscoveryHeader, FeatureCode, &Size);
+ Feat = (OPAL_LEVEL0_FEATURE_DESCRIPTOR *)TcgGetFeature (DiscoveryHeader, FeatureCode, &Size);
if (Feat != NULL) {
if (Size > *DataSize) {
*DataSize = Size;
@@ -1908,22 +1952,23 @@ OpalGetFeatureDescriptor ( **/
BOOLEAN
EFIAPI
-OpalFeatureSupported(
- OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes
+OpalFeatureSupported (
+ OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes
)
{
- NULL_CHECK(SupportedAttributes);
+ NULL_CHECK (SupportedAttributes);
if (SupportedAttributes->Sp1 == 0) {
return FALSE;
}
- if (SupportedAttributes->OpalSscLite == 0 &&
- SupportedAttributes->OpalSsc1 == 0 &&
- SupportedAttributes->OpalSsc2 == 0 &&
- SupportedAttributes->PyriteSsc == 0 &&
- SupportedAttributes->PyriteSscV2 == 0
- ) {
+ if ((SupportedAttributes->OpalSscLite == 0) &&
+ (SupportedAttributes->OpalSsc1 == 0) &&
+ (SupportedAttributes->OpalSsc2 == 0) &&
+ (SupportedAttributes->PyriteSsc == 0) &&
+ (SupportedAttributes->PyriteSscV2 == 0)
+ )
+ {
return FALSE;
}
@@ -1943,13 +1988,13 @@ OpalFeatureSupported( **/
BOOLEAN
EFIAPI
-OpalFeatureEnabled(
- OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
- TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
+OpalFeatureEnabled (
+ OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
+ TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
)
{
- NULL_CHECK(SupportedAttributes);
- NULL_CHECK(LockingFeature);
+ NULL_CHECK (SupportedAttributes);
+ NULL_CHECK (LockingFeature);
if (!OpalFeatureSupported (SupportedAttributes)) {
return FALSE;
@@ -1973,13 +2018,13 @@ OpalFeatureEnabled( **/
BOOLEAN
-OpalDeviceLocked(
- OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
- TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
+OpalDeviceLocked (
+ OPAL_DISK_SUPPORT_ATTRIBUTE *SupportedAttributes,
+ TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
)
{
- NULL_CHECK(SupportedAttributes);
- NULL_CHECK(LockingFeature);
+ NULL_CHECK (SupportedAttributes);
+ NULL_CHECK (LockingFeature);
if (!OpalFeatureEnabled (SupportedAttributes, LockingFeature)) {
return FALSE;
@@ -1987,4 +2032,3 @@ OpalDeviceLocked( return LockingFeature->Locked;
}
-
diff --git a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLibInternal.h b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLibInternal.h index 4f83364852..4c5b1ab0f1 100644 --- a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLibInternal.h +++ b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalLibInternal.h @@ -11,7 +11,6 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/TcgStorageOpalLib.h>
-
/**
The function retrieves the MSID from the device specified
@@ -22,8 +21,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
TCG_RESULT
OpalPyrite2GetActiveDataRemovalMechanism (
- OPAL_SESSION *AdminSpSession,
- UINT8 *ActiveDataRemovalMechanism
+ OPAL_SESSION *AdminSpSession,
+ UINT8 *ActiveDataRemovalMechanism
);
/**
@@ -38,10 +37,10 @@ OpalPyrite2GetActiveDataRemovalMechanism ( **/
TCG_RESULT
OpalGetFeatureDescriptor (
- IN OPAL_SESSION *Session,
- IN UINT16 FeatureCode,
- IN OUT UINTN *DataSize,
- OUT VOID *Data
+ IN OPAL_SESSION *Session,
+ IN UINT16 FeatureCode,
+ IN OUT UINTN *DataSize,
+ OUT VOID *Data
);
/**
@@ -52,7 +51,7 @@ OpalGetFeatureDescriptor ( **/
UINT32
GetRevertTimeOut (
- IN OPAL_SESSION *Session
+ IN OPAL_SESSION *Session
);
/**
@@ -64,9 +63,9 @@ GetRevertTimeOut ( **/
TCG_RESULT
-OpalPyrite2PsidRevert(
- OPAL_SESSION *AdminSpSession,
- UINT32 EstimateTimeCost
+OpalPyrite2PsidRevert (
+ OPAL_SESSION *AdminSpSession,
+ UINT32 EstimateTimeCost
);
/**
@@ -81,11 +80,11 @@ OpalPyrite2PsidRevert( **/
TCG_RESULT
-OpalPyrite2AdminRevert(
- OPAL_SESSION *LockingSpSession,
- BOOLEAN KeepUserData,
- UINT8 *MethodStatus,
- UINT32 EstimateTimeCost
+OpalPyrite2AdminRevert (
+ OPAL_SESSION *LockingSpSession,
+ BOOLEAN KeepUserData,
+ UINT8 *MethodStatus,
+ UINT32 EstimateTimeCost
);
#endif // _OPAL_CORE_H_
diff --git a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalUtil.c b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalUtil.c index b4927a0872..19edcb5d8d 100644 --- a/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalUtil.c +++ b/SecurityPkg/Library/TcgStorageOpalLib/TcgStorageOpalUtil.c @@ -11,7 +11,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/TcgStorageOpalLib.h>
#include "TcgStorageOpalLibInternal.h"
-#define OPAL_MSID_LENGTH 128
+#define OPAL_MSID_LENGTH 128
/**
Creates a session with OPAL_UID_ADMIN_SP as OPAL_ADMIN_SP_PSID_AUTHORITY, then reverts device using Admin SP Revert method.
@@ -23,37 +23,38 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
TCG_RESULT
EFIAPI
-OpalUtilPsidRevert(
- OPAL_SESSION *Session,
- const VOID *Psid,
- UINT32 PsidLength
+OpalUtilPsidRevert (
+ OPAL_SESSION *Session,
+ const VOID *Psid,
+ UINT32 PsidLength
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
- UINT32 RemovalTimeOut;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
+ UINT32 RemovalTimeOut;
- NULL_CHECK(Session);
- NULL_CHECK(Psid);
+ NULL_CHECK (Session);
+ NULL_CHECK (Psid);
RemovalTimeOut = GetRevertTimeOut (Session);
DEBUG ((DEBUG_INFO, "OpalUtilPsidRevert: Timeout value = %d\n", RemovalTimeOut));
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- PsidLength,
- Psid,
- OPAL_ADMIN_SP_PSID_AUTHORITY,
- &MethodStatus);
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- Ret = OpalPyrite2PsidRevert(Session, RemovalTimeOut);
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ PsidLength,
+ Psid,
+ OPAL_ADMIN_SP_PSID_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ Ret = OpalPyrite2PsidRevert (Session, RemovalTimeOut);
if (Ret != TcgResultSuccess) {
//
// If revert was successful, session was already ended by TPer, so only end session on failure
//
- OpalEndSession(Session);
+ OpalEndSession (Session);
}
}
@@ -78,31 +79,31 @@ OpalUtilPsidRevert( **/
TCG_RESULT
EFIAPI
-OpalUtilSetAdminPasswordAsSid(
- OPAL_SESSION *Session,
- const VOID *GeneratedSid,
- UINT32 SidLength,
- const VOID *Password,
- UINT32 PassLength
+OpalUtilSetAdminPasswordAsSid (
+ OPAL_SESSION *Session,
+ const VOID *GeneratedSid,
+ UINT32 SidLength,
+ const VOID *Password,
+ UINT32 PassLength
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
-
- NULL_CHECK(Session);
- NULL_CHECK(GeneratedSid);
- NULL_CHECK(Password);
-
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- SidLength,
- GeneratedSid,
- OPAL_ADMIN_SP_SID_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (GeneratedSid);
+ NULL_CHECK (Password);
+
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ SidLength,
+ GeneratedSid,
+ OPAL_ADMIN_SP_SID_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));
goto done;
}
@@ -110,16 +111,16 @@ OpalUtilSetAdminPasswordAsSid( //
// 1. Update SID = new Password
//
- Ret = OpalSetPassword(
- Session,
- OPAL_UID_ADMIN_SP_C_PIN_SID,
- Password,
- PassLength,
- &MethodStatus
- );
-
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
- OpalEndSession(Session);
+ Ret = OpalSetPassword (
+ Session,
+ OPAL_UID_ADMIN_SP_C_PIN_SID,
+ Password,
+ PassLength,
+ &MethodStatus
+ );
+
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ OpalEndSession (Session);
DEBUG ((DEBUG_INFO, "set Password failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));
goto done;
}
@@ -127,9 +128,9 @@ OpalUtilSetAdminPasswordAsSid( //
// 2. Activate locking SP
//
- Ret = OpalActivateLockingSp(Session, &MethodStatus);
- OpalEndSession(Session);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalActivateLockingSp (Session, &MethodStatus);
+ OpalEndSession (Session);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "activate locking SP failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));
goto done;
}
@@ -138,6 +139,7 @@ done: if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -160,36 +162,37 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilSetOpalLockingRange(
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PassLength,
- TCG_UID LockingRangeUid,
- UINT64 RangeStart,
- UINT64 RangeLength,
- BOOLEAN ReadLockEnabled,
- BOOLEAN WriteLockEnabled,
- BOOLEAN ReadLocked,
- BOOLEAN WriteLocked
+OpalUtilSetOpalLockingRange (
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PassLength,
+ TCG_UID LockingRangeUid,
+ UINT64 RangeStart,
+ UINT64 RangeLength,
+ BOOLEAN ReadLockEnabled,
+ BOOLEAN WriteLockEnabled,
+ BOOLEAN ReadLocked,
+ BOOLEAN WriteLocked
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
- NULL_CHECK(Session);
- NULL_CHECK(Password);
+ NULL_CHECK (Session);
+ NULL_CHECK (Password);
//
// Start session with Locking SP using current admin Password
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PassLength,
- Password,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus);
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PassLength,
+ Password,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "start session with locking SP failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));
goto done;
@@ -198,19 +201,20 @@ OpalUtilSetOpalLockingRange( //
// Enable locking range
//
- Ret = OpalSetLockingRange(
- Session,
- LockingRangeUid,
- RangeStart,
- RangeLength,
- ReadLockEnabled,
- WriteLockEnabled,
- ReadLocked,
- WriteLocked,
- &MethodStatus);
-
- OpalEndSession(Session);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalSetLockingRange (
+ Session,
+ LockingRangeUid,
+ RangeStart,
+ RangeLength,
+ ReadLockEnabled,
+ WriteLockEnabled,
+ ReadLocked,
+ WriteLocked,
+ &MethodStatus
+ );
+
+ OpalEndSession (Session);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "set locking range failed: Ret=%d MethodStatus=0x%x\n", Ret, MethodStatus));
}
@@ -218,6 +222,7 @@ done: if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -235,7 +240,7 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilSetAdminPassword(
+OpalUtilSetAdminPassword (
OPAL_SESSION *Session,
const VOID *OldPassword,
UINT32 OldPasswordLength,
@@ -243,26 +248,26 @@ OpalUtilSetAdminPassword( UINT32 NewPasswordLength
)
{
- TCG_RESULT Ret;
- UINT8 MethodStatus;
+ TCG_RESULT Ret;
+ UINT8 MethodStatus;
- NULL_CHECK(Session);
- NULL_CHECK(OldPassword);
- NULL_CHECK(NewPassword);
+ NULL_CHECK (Session);
+ NULL_CHECK (OldPassword);
+ NULL_CHECK (NewPassword);
//
// Unknown ownership
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- OldPasswordLength,
- OldPassword,
- OPAL_ADMIN_SP_SID_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ OldPasswordLength,
+ OldPassword,
+ OPAL_ADMIN_SP_SID_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "start session with admin SP using old Password failed\n"));
goto done;
}
@@ -270,23 +275,23 @@ OpalUtilSetAdminPassword( //
// Update SID = new pw
//
- Ret = OpalSetPassword(Session, OPAL_UID_ADMIN_SP_C_PIN_SID, NewPassword, NewPasswordLength, &MethodStatus);
- OpalEndSession(Session);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalSetPassword (Session, OPAL_UID_ADMIN_SP_C_PIN_SID, NewPassword, NewPasswordLength, &MethodStatus);
+ OpalEndSession (Session);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "set new admin SP Password failed\n"));
goto done;
}
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- OldPasswordLength,
- OldPassword,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ OldPasswordLength,
+ OldPassword,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "start session with locking SP using old Password failed\n"));
goto done;
}
@@ -294,9 +299,9 @@ OpalUtilSetAdminPassword( //
// Update admin locking SP to new pw
//
- Ret = OpalSetPassword(Session, OPAL_LOCKING_SP_C_PIN_ADMIN1, NewPassword, NewPasswordLength, &MethodStatus);
- OpalEndSession(Session);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalSetPassword (Session, OPAL_LOCKING_SP_C_PIN_ADMIN1, NewPassword, NewPasswordLength, &MethodStatus);
+ OpalEndSession (Session);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "set new locking SP Password failed\n"));
goto done;
}
@@ -305,6 +310,7 @@ done: if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -321,43 +327,43 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilSetUserPassword(
- OPAL_SESSION *Session,
- const VOID *OldPassword,
- UINT32 OldPasswordLength,
- const VOID *NewPassword,
- UINT32 NewPasswordLength
+OpalUtilSetUserPassword (
+ OPAL_SESSION *Session,
+ const VOID *OldPassword,
+ UINT32 OldPasswordLength,
+ const VOID *NewPassword,
+ UINT32 NewPasswordLength
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
- NULL_CHECK(Session);
- NULL_CHECK(OldPassword);
- NULL_CHECK(NewPassword);
+ NULL_CHECK (Session);
+ NULL_CHECK (OldPassword);
+ NULL_CHECK (NewPassword);
//
// See if updating user1 authority
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- OldPasswordLength,
- OldPassword,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- &MethodStatus
- );
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- Ret = OpalSetPassword(
- Session,
- OPAL_LOCKING_SP_C_PIN_USER1,
- NewPassword,
- NewPasswordLength,
- &MethodStatus
- );
- OpalEndSession(Session);
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ OldPasswordLength,
+ OldPassword,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ Ret = OpalSetPassword (
+ Session,
+ OPAL_LOCKING_SP_C_PIN_USER1,
+ NewPassword,
+ NewPasswordLength,
+ &MethodStatus
+ );
+ OpalEndSession (Session);
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
return Ret;
}
}
@@ -369,16 +375,16 @@ OpalUtilSetUserPassword( //
// Start session with Locking SP using current admin Password
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- OldPasswordLength,
- OldPassword,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ OldPasswordLength,
+ OldPassword,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "StartSession with locking SP as admin1 authority failed\n"));
goto done;
}
@@ -386,16 +392,16 @@ OpalUtilSetUserPassword( //
// Enable User1 and set its PIN
//
- Ret = OpalSetLockingSpAuthorityEnabledAndPin(
- Session,
- OPAL_LOCKING_SP_C_PIN_USER1,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- NewPassword,
- NewPasswordLength,
- &MethodStatus
- );
- OpalEndSession(Session);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalSetLockingSpAuthorityEnabledAndPin (
+ Session,
+ OPAL_LOCKING_SP_C_PIN_USER1,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ NewPassword,
+ NewPasswordLength,
+ &MethodStatus
+ );
+ OpalEndSession (Session);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "OpalSetLockingSpAuthorityEnabledAndPin failed\n"));
goto done;
}
@@ -404,6 +410,7 @@ done: if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -419,28 +426,29 @@ done: TCG_RESULT
EFIAPI
OpalUtilVerifyPassword (
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PasswordLength,
- TCG_UID HostSigningAuthority
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ TCG_UID HostSigningAuthority
)
{
- TCG_RESULT Ret;
- UINT8 MethodStatus;
-
- NULL_CHECK(Session);
- NULL_CHECK(Password);
-
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- HostSigningAuthority,
- &MethodStatus);
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- OpalEndSession(Session);
+ TCG_RESULT Ret;
+ UINT8 MethodStatus;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (Password);
+
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ HostSigningAuthority,
+ &MethodStatus
+ );
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ OpalEndSession (Session);
return TcgResultSuccess;
}
@@ -459,55 +467,55 @@ OpalUtilVerifyPassword ( **/
TCG_RESULT
EFIAPI
-OpalUtilSecureErase(
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PasswordLength,
- BOOLEAN *PasswordFailed
+OpalUtilSecureErase (
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ BOOLEAN *PasswordFailed
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
- NULL_CHECK(Session);
- NULL_CHECK(Password);
- NULL_CHECK(PasswordFailed);
+ NULL_CHECK (Session);
+ NULL_CHECK (Password);
+ NULL_CHECK (PasswordFailed);
//
// Try to generate a new key with admin1
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
-
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- Ret = OpalGlobalLockingRangeGenKey(Session, &MethodStatus);
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ Ret = OpalGlobalLockingRangeGenKey (Session, &MethodStatus);
*PasswordFailed = FALSE;
- OpalEndSession(Session);
+ OpalEndSession (Session);
} else {
//
// Try to generate a new key with user1
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- &MethodStatus
- );
-
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- Ret = OpalGlobalLockingRangeGenKey(Session, &MethodStatus);
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ &MethodStatus
+ );
+
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ Ret = OpalGlobalLockingRangeGenKey (Session, &MethodStatus);
*PasswordFailed = FALSE;
- OpalEndSession(Session);
+ OpalEndSession (Session);
} else {
*PasswordFailed = TRUE;
}
@@ -516,6 +524,7 @@ OpalUtilSecureErase( if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -530,46 +539,47 @@ OpalUtilSecureErase( **/
TCG_RESULT
EFIAPI
-OpalUtilDisableUser(
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PasswordLength,
- BOOLEAN *PasswordFailed
+OpalUtilDisableUser (
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ BOOLEAN *PasswordFailed
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
- NULL_CHECK(Session);
- NULL_CHECK(Password);
- NULL_CHECK(PasswordFailed);
+ NULL_CHECK (Session);
+ NULL_CHECK (Password);
+ NULL_CHECK (PasswordFailed);
//
// Start session with Locking SP using current admin Password
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "StartSession with Locking SP as Admin1 failed\n"));
*PasswordFailed = TRUE;
goto done;
}
*PasswordFailed = FALSE;
- Ret = OpalDisableUser(Session, &MethodStatus);
- OpalEndSession(Session);
+ Ret = OpalDisableUser (Session, &MethodStatus);
+ OpalEndSession (Session);
done:
if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -587,39 +597,39 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilRevert(
- OPAL_SESSION *Session,
- BOOLEAN KeepUserData,
- const VOID *Password,
- UINT32 PasswordLength,
- BOOLEAN *PasswordFailed,
- UINT8 *Msid,
- UINT32 MsidLength
+OpalUtilRevert (
+ OPAL_SESSION *Session,
+ BOOLEAN KeepUserData,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ BOOLEAN *PasswordFailed,
+ UINT8 *Msid,
+ UINT32 MsidLength
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
- UINT32 RemovalTimeOut;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
+ UINT32 RemovalTimeOut;
- NULL_CHECK(Session);
- NULL_CHECK(Msid);
- NULL_CHECK(Password);
- NULL_CHECK(PasswordFailed);
+ NULL_CHECK (Session);
+ NULL_CHECK (Msid);
+ NULL_CHECK (Password);
+ NULL_CHECK (PasswordFailed);
RemovalTimeOut = GetRevertTimeOut (Session);
DEBUG ((DEBUG_INFO, "OpalUtilRevert: Timeout value = %d\n", RemovalTimeOut));
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
-
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "error starting session: Ret=%d, MethodStatus=%u\n", Ret, MethodStatus));
*PasswordFailed = TRUE;
goto done;
@@ -629,13 +639,13 @@ OpalUtilRevert( //
// Try to revert with admin1
//
- Ret = OpalPyrite2AdminRevert(Session, KeepUserData, &MethodStatus, RemovalTimeOut);
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalPyrite2AdminRevert (Session, KeepUserData, &MethodStatus, RemovalTimeOut);
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
//
// Device ends the session on successful revert, so only call OpalEndSession when fail.
//
DEBUG ((DEBUG_INFO, "OpalAdminRevert as admin failed\n"));
- OpalEndSession(Session);
+ OpalEndSession (Session);
}
Ret = OpalUtilSetSIDtoMSID (Session, Password, PasswordLength, Msid, MsidLength);
@@ -644,6 +654,7 @@ done: if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
@@ -660,41 +671,41 @@ done: TCG_RESULT
EFIAPI
OpalUtilSetSIDtoMSID (
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PasswordLength,
- UINT8 *Msid,
- UINT32 MsidLength
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ UINT8 *Msid,
+ UINT32 MsidLength
)
{
- TCG_RESULT Ret;
- UINT8 MethodStatus;
+ TCG_RESULT Ret;
+ UINT8 MethodStatus;
- NULL_CHECK(Session);
- NULL_CHECK(Msid);
- NULL_CHECK(Password);
+ NULL_CHECK (Session);
+ NULL_CHECK (Msid);
+ NULL_CHECK (Password);
//
// Start session with admin sp to update SID to MSID
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_ADMIN_SP_SID_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_ADMIN_SP_SID_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
goto done;
}
//
// Update SID pin
//
- Ret = OpalSetPassword(Session, OPAL_UID_ADMIN_SP_C_PIN_SID, Msid, MsidLength, &MethodStatus);
- OpalEndSession(Session);
+ Ret = OpalSetPassword (Session, OPAL_UID_ADMIN_SP_C_PIN_SID, Msid, MsidLength, &MethodStatus);
+ OpalEndSession (Session);
done:
if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
@@ -716,41 +727,41 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilUpdateGlobalLockingRange(
- OPAL_SESSION *Session,
- const VOID *Password,
- UINT32 PasswordLength,
- BOOLEAN ReadLocked,
- BOOLEAN WriteLocked
+OpalUtilUpdateGlobalLockingRange (
+ OPAL_SESSION *Session,
+ const VOID *Password,
+ UINT32 PasswordLength,
+ BOOLEAN ReadLocked,
+ BOOLEAN WriteLocked
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
- NULL_CHECK(Session);
- NULL_CHECK(Password);
+ NULL_CHECK (Session);
+ NULL_CHECK (Password);
//
// Try to start session with Locking SP as admin1 authority
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
- &MethodStatus
- );
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
- Ret = OpalUpdateGlobalLockingRange(
- Session,
- ReadLocked,
- WriteLocked,
- &MethodStatus
- );
- OpalEndSession(Session);
- if (Ret == TcgResultSuccess && MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_ADMIN1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
+ Ret = OpalUpdateGlobalLockingRange (
+ Session,
+ ReadLocked,
+ WriteLocked,
+ &MethodStatus
+ );
+ OpalEndSession (Session);
+ if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
goto done;
}
}
@@ -762,22 +773,22 @@ OpalUtilUpdateGlobalLockingRange( //
// Try user1 authority
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_LOCKING_SP,
- TRUE,
- PasswordLength,
- Password,
- OPAL_LOCKING_SP_USER1_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_LOCKING_SP,
+ TRUE,
+ PasswordLength,
+ Password,
+ OPAL_LOCKING_SP_USER1_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "StartSession with Locking SP as User1 failed\n"));
goto done;
}
- Ret = OpalUpdateGlobalLockingRange(Session, ReadLocked, WriteLocked, &MethodStatus);
- OpalEndSession(Session);
+ Ret = OpalUpdateGlobalLockingRange (Session, ReadLocked, WriteLocked, &MethodStatus);
+ OpalEndSession (Session);
done:
if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
@@ -791,6 +802,7 @@ done: Ret = TcgResultFailure;
}
}
+
return Ret;
}
@@ -805,29 +817,29 @@ done: **/
TCG_RESULT
EFIAPI
-OpalUtilGetMsid(
- OPAL_SESSION *Session,
- UINT8 *Msid,
- UINT32 MsidBufferLength,
- UINT32 *MsidLength
+OpalUtilGetMsid (
+ OPAL_SESSION *Session,
+ UINT8 *Msid,
+ UINT32 MsidBufferLength,
+ UINT32 *MsidLength
)
{
- UINT8 MethodStatus;
- TCG_RESULT Ret;
-
- NULL_CHECK(Session);
- NULL_CHECK(Msid);
- NULL_CHECK(MsidLength);
-
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- 0,
- NULL,
- TCG_UID_NULL,
- &MethodStatus
- );
+ UINT8 MethodStatus;
+ TCG_RESULT Ret;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (Msid);
+ NULL_CHECK (MsidLength);
+
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ 0,
+ NULL,
+ TCG_UID_NULL,
+ &MethodStatus
+ );
if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
Ret = OpalGetMsid (Session, MsidBufferLength, Msid, MsidLength);
OpalEndSession (Session);
@@ -854,10 +866,10 @@ OpalUtilGetMsid( **/
OPAL_OWNER_SHIP
EFIAPI
-OpalUtilDetermineOwnership(
- OPAL_SESSION *Session,
- UINT8 *Msid,
- UINT32 MsidLength
+OpalUtilDetermineOwnership (
+ OPAL_SESSION *Session,
+ UINT8 *Msid,
+ UINT32 MsidLength
)
{
UINT8 MethodStatus;
@@ -872,21 +884,22 @@ OpalUtilDetermineOwnership( //
// Start Session as SID_UID with ADMIN_SP using MSID PIN
//
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- MsidLength,
- Msid,
- OPAL_ADMIN_SP_SID_AUTHORITY,
- &MethodStatus);
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ MsidLength,
+ Msid,
+ OPAL_ADMIN_SP_SID_AUTHORITY,
+ &MethodStatus
+ );
if ((Ret == TcgResultSuccess) && (MethodStatus == TCG_METHOD_STATUS_CODE_SUCCESS)) {
//
// now we know that SID PIN == MSID PIN
//
Owner = OpalOwnershipNobody;
- OpalEndSession(Session);
+ OpalEndSession (Session);
}
return Owner;
@@ -905,12 +918,12 @@ OpalUtilDetermineOwnership( **/
BOOLEAN
EFIAPI
-OpalUtilAdminPasswordExists(
- IN UINT16 OwnerShip,
- IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
+OpalUtilAdminPasswordExists (
+ IN UINT16 OwnerShip,
+ IN TCG_LOCKING_FEATURE_DESCRIPTOR *LockingFeature
)
{
- NULL_CHECK(LockingFeature);
+ NULL_CHECK (LockingFeature);
// if it is Unknown who owns the device
// then someone has set password previously through our UI
@@ -935,46 +948,47 @@ OpalUtilAdminPasswordExists( TCG_RESULT
EFIAPI
OpalUtilGetActiveDataRemovalMechanism (
- OPAL_SESSION *Session,
- const VOID *GeneratedSid,
- UINT32 SidLength,
- UINT8 *ActiveDataRemovalMechanism
+ OPAL_SESSION *Session,
+ const VOID *GeneratedSid,
+ UINT32 SidLength,
+ UINT8 *ActiveDataRemovalMechanism
)
{
- TCG_RESULT Ret;
- UINT8 MethodStatus;
-
- NULL_CHECK(Session);
- NULL_CHECK(GeneratedSid);
- NULL_CHECK(ActiveDataRemovalMechanism);
-
- Ret = OpalStartSession(
- Session,
- OPAL_UID_ADMIN_SP,
- TRUE,
- SidLength,
- GeneratedSid,
- OPAL_ADMIN_SP_ANYBODY_AUTHORITY,
- &MethodStatus
- );
- if (Ret != TcgResultSuccess || MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
+ TCG_RESULT Ret;
+ UINT8 MethodStatus;
+
+ NULL_CHECK (Session);
+ NULL_CHECK (GeneratedSid);
+ NULL_CHECK (ActiveDataRemovalMechanism);
+
+ Ret = OpalStartSession (
+ Session,
+ OPAL_UID_ADMIN_SP,
+ TRUE,
+ SidLength,
+ GeneratedSid,
+ OPAL_ADMIN_SP_ANYBODY_AUTHORITY,
+ &MethodStatus
+ );
+ if ((Ret != TcgResultSuccess) || (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS)) {
DEBUG ((DEBUG_INFO, "Start session with admin SP as SID authority failed: Ret=%d MethodStatus=%u\n", Ret, MethodStatus));
if (MethodStatus != TCG_METHOD_STATUS_CODE_SUCCESS) {
Ret = TcgResultFailure;
}
+
return Ret;
}
Ret = OpalPyrite2GetActiveDataRemovalMechanism (
- Session,
- ActiveDataRemovalMechanism
- );
+ Session,
+ ActiveDataRemovalMechanism
+ );
if (Ret != TcgResultSuccess) {
DEBUG ((DEBUG_INFO, "Pyrite2 Get Active Data Removal Mechanism failed: Ret=%d\n", Ret));
}
- OpalEndSession(Session);
+ OpalEndSession (Session);
return Ret;
}
@@ -988,8 +1002,8 @@ OpalUtilGetActiveDataRemovalMechanism ( **/
UINT32
CalculateDataRemovalTime (
- IN BOOLEAN IsMinute,
- IN UINT16 Time
+ IN BOOLEAN IsMinute,
+ IN UINT16 Time
)
{
if (IsMinute) {
@@ -1013,26 +1027,26 @@ GetDataRemovalTime ( )
{
switch (Index) {
- case OverwriteDataErase:
- return CalculateDataRemovalTime (Descriptor->FormatBit0, SwapBytes16 (Descriptor->TimeBit0));
+ case OverwriteDataErase:
+ return CalculateDataRemovalTime (Descriptor->FormatBit0, SwapBytes16 (Descriptor->TimeBit0));
- case BlockErase:
- return CalculateDataRemovalTime (Descriptor->FormatBit1, SwapBytes16 (Descriptor->TimeBit1));
+ case BlockErase:
+ return CalculateDataRemovalTime (Descriptor->FormatBit1, SwapBytes16 (Descriptor->TimeBit1));
- case CryptoErase:
- return CalculateDataRemovalTime (Descriptor->FormatBit2, SwapBytes16 (Descriptor->TimeBit2));
+ case CryptoErase:
+ return CalculateDataRemovalTime (Descriptor->FormatBit2, SwapBytes16 (Descriptor->TimeBit2));
- case Unmap:
- return CalculateDataRemovalTime (Descriptor->FormatBit3, SwapBytes16 (Descriptor->TimeBit3));
+ case Unmap:
+ return CalculateDataRemovalTime (Descriptor->FormatBit3, SwapBytes16 (Descriptor->TimeBit3));
- case ResetWritePointers:
- return CalculateDataRemovalTime (Descriptor->FormatBit4, SwapBytes16 (Descriptor->TimeBit4));
+ case ResetWritePointers:
+ return CalculateDataRemovalTime (Descriptor->FormatBit4, SwapBytes16 (Descriptor->TimeBit4));
- case VendorSpecificErase:
- return CalculateDataRemovalTime (Descriptor->FormatBit5, SwapBytes16 (Descriptor->TimeBit5));
+ case VendorSpecificErase:
+ return CalculateDataRemovalTime (Descriptor->FormatBit5, SwapBytes16 (Descriptor->TimeBit5));
- default:
- return 0;
+ default:
+ return 0;
}
}
@@ -1046,8 +1060,8 @@ GetDataRemovalTime ( TCG_RESULT
EFIAPI
OpalUtilGetDataRemovalMechanismLists (
- IN OPAL_SESSION *Session,
- OUT UINT32 *RemovalMechanismLists
+ IN OPAL_SESSION *Session,
+ OUT UINT32 *RemovalMechanismLists
)
{
TCG_RESULT Ret;
@@ -1056,19 +1070,19 @@ OpalUtilGetDataRemovalMechanismLists ( UINT8 Index;
UINT8 BitValue;
- NULL_CHECK(Session);
- NULL_CHECK(RemovalMechanismLists);
+ NULL_CHECK (Session);
+ NULL_CHECK (RemovalMechanismLists);
DataSize = sizeof (Descriptor);
- Ret = OpalGetFeatureDescriptor (Session, TCG_FEATURE_DATA_REMOVAL, &DataSize, &Descriptor);
+ Ret = OpalGetFeatureDescriptor (Session, TCG_FEATURE_DATA_REMOVAL, &DataSize, &Descriptor);
if (Ret != TcgResultSuccess) {
return TcgResultFailure;
}
ASSERT (Descriptor.RemovalMechanism != 0);
- for (Index = 0; Index < ResearvedMechanism; Index ++) {
- BitValue = (BOOLEAN) BitFieldRead8 (Descriptor.RemovalMechanism, Index, Index);
+ for (Index = 0; Index < ResearvedMechanism; Index++) {
+ BitValue = (BOOLEAN)BitFieldRead8 (Descriptor.RemovalMechanism, Index, Index);
if (BitValue == 0) {
RemovalMechanismLists[Index] = 0;
@@ -1088,7 +1102,7 @@ OpalUtilGetDataRemovalMechanismLists ( **/
UINT32
GetRevertTimeOut (
- IN OPAL_SESSION *Session
+ IN OPAL_SESSION *Session
)
{
TCG_RESULT TcgResult;
@@ -1100,7 +1114,7 @@ GetRevertTimeOut ( UINT8 ActiveDataRemovalMechanism;
TcgResult = OpalGetSupportedAttributesInfo (Session, &SupportedAttributes, &BaseComId);
- if (TcgResult != TcgResultSuccess || SupportedAttributes.DataRemoval == 0) {
+ if ((TcgResult != TcgResultSuccess) || (SupportedAttributes.DataRemoval == 0)) {
return 0;
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c index 8a10d99908..0c9e2d01f3 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12GetCapability.c @@ -16,22 +16,22 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- UINT32 Capability;
- UINT32 CapabilityFlagSize;
- UINT32 CapabilityFlag;
+ TPM_RQU_COMMAND_HDR Hdr;
+ UINT32 Capability;
+ UINT32 CapabilityFlagSize;
+ UINT32 CapabilityFlag;
} TPM_CMD_GET_CAPABILITY;
typedef struct {
- TPM_RSP_COMMAND_HDR Hdr;
- UINT32 ResponseSize;
- TPM_PERMANENT_FLAGS Flags;
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 ResponseSize;
+ TPM_PERMANENT_FLAGS Flags;
} TPM_RSP_GET_CAPABILITY_PERMANENT_FLAGS;
typedef struct {
- TPM_RSP_COMMAND_HDR Hdr;
- UINT32 ResponseSize;
- TPM_STCLEAR_FLAGS Flags;
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 ResponseSize;
+ TPM_STCLEAR_FLAGS Flags;
} TPM_RSP_GET_CAPABILITY_STCLEAR_FLAGS;
#pragma pack()
@@ -67,8 +67,8 @@ Tpm12GetCapabilityFlagPermanent ( Command.Capability = SwapBytes32 (TPM_CAP_FLAG);
Command.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT));
Command.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_PERMANENT);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -79,7 +79,7 @@ Tpm12GetCapabilityFlagPermanent ( }
ZeroMem (TpmPermanentFlags, sizeof (*TpmPermanentFlags));
- CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof (*TpmPermanentFlags), SwapBytes32(Response.ResponseSize)));
+ CopyMem (TpmPermanentFlags, &Response.Flags, MIN (sizeof (*TpmPermanentFlags), SwapBytes32 (Response.ResponseSize)));
return Status;
}
@@ -113,8 +113,8 @@ Tpm12GetCapabilityFlagVolatile ( Command.Capability = SwapBytes32 (TPM_CAP_FLAG);
Command.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_VOLATILE));
Command.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_VOLATILE);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -125,7 +125,7 @@ Tpm12GetCapabilityFlagVolatile ( }
ZeroMem (VolatileFlags, sizeof (*VolatileFlags));
- CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof (*VolatileFlags), SwapBytes32(Response.ResponseSize)));
+ CopyMem (VolatileFlags, &Response.Flags, MIN (sizeof (*VolatileFlags), SwapBytes32 (Response.ResponseSize)));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c index 8295a1d267..02feb375e1 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12NvStorage.c @@ -22,30 +22,30 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM12_NV_DATA_PUBLIC PubInfo;
- TPM_ENCAUTH EncAuth;
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM12_NV_DATA_PUBLIC PubInfo;
+ TPM_ENCAUTH EncAuth;
} TPM_CMD_NV_DEFINE_SPACE;
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_NV_INDEX NvIndex;
- UINT32 Offset;
- UINT32 DataSize;
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_NV_INDEX NvIndex;
+ UINT32 Offset;
+ UINT32 DataSize;
} TPM_CMD_NV_READ_VALUE;
typedef struct {
- TPM_RSP_COMMAND_HDR Hdr;
- UINT32 DataSize;
- UINT8 Data[TPMNVVALUELENGTH];
+ TPM_RSP_COMMAND_HDR Hdr;
+ UINT32 DataSize;
+ UINT8 Data[TPMNVVALUELENGTH];
} TPM_RSP_NV_READ_VALUE;
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_NV_INDEX NvIndex;
- UINT32 Offset;
- UINT32 DataSize;
- UINT8 Data[TPMNVVALUELENGTH];
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_NV_INDEX NvIndex;
+ UINT32 Offset;
+ UINT32 DataSize;
+ UINT8 Data[TPMNVVALUELENGTH];
} TPM_CMD_NV_WRITE_VALUE;
#pragma pack()
@@ -74,41 +74,42 @@ Tpm12NvDefineSpace ( //
// send Tpm command TPM_ORD_NV_DefineSpace
//
- Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
- Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_DefineSpace);
- Command.PubInfo.tag = SwapBytes16 (PubInfo->tag);
- Command.PubInfo.nvIndex = SwapBytes32 (PubInfo->nvIndex);
- Command.PubInfo.pcrInfoRead.pcrSelection.sizeOfSelect = SwapBytes16 (PubInfo->pcrInfoRead.pcrSelection.sizeOfSelect);
- Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[0] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[0];
- Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[1] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[1];
- Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[2] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[2];
- Command.PubInfo.pcrInfoRead.localityAtRelease = PubInfo->pcrInfoRead.localityAtRelease;
- CopyMem (&Command.PubInfo.pcrInfoRead.digestAtRelease, &PubInfo->pcrInfoRead.digestAtRelease, sizeof(PubInfo->pcrInfoRead.digestAtRelease));
+ Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
+ Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_DefineSpace);
+ Command.PubInfo.tag = SwapBytes16 (PubInfo->tag);
+ Command.PubInfo.nvIndex = SwapBytes32 (PubInfo->nvIndex);
+ Command.PubInfo.pcrInfoRead.pcrSelection.sizeOfSelect = SwapBytes16 (PubInfo->pcrInfoRead.pcrSelection.sizeOfSelect);
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[0] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[0];
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[1] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[1];
+ Command.PubInfo.pcrInfoRead.pcrSelection.pcrSelect[2] = PubInfo->pcrInfoRead.pcrSelection.pcrSelect[2];
+ Command.PubInfo.pcrInfoRead.localityAtRelease = PubInfo->pcrInfoRead.localityAtRelease;
+ CopyMem (&Command.PubInfo.pcrInfoRead.digestAtRelease, &PubInfo->pcrInfoRead.digestAtRelease, sizeof (PubInfo->pcrInfoRead.digestAtRelease));
Command.PubInfo.pcrInfoWrite.pcrSelection.sizeOfSelect = SwapBytes16 (PubInfo->pcrInfoWrite.pcrSelection.sizeOfSelect);
Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[0] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[0];
Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[1] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[1];
Command.PubInfo.pcrInfoWrite.pcrSelection.pcrSelect[2] = PubInfo->pcrInfoWrite.pcrSelection.pcrSelect[2];
Command.PubInfo.pcrInfoWrite.localityAtRelease = PubInfo->pcrInfoWrite.localityAtRelease;
- CopyMem (&Command.PubInfo.pcrInfoWrite.digestAtRelease, &PubInfo->pcrInfoWrite.digestAtRelease, sizeof(PubInfo->pcrInfoWrite.digestAtRelease));
+ CopyMem (&Command.PubInfo.pcrInfoWrite.digestAtRelease, &PubInfo->pcrInfoWrite.digestAtRelease, sizeof (PubInfo->pcrInfoWrite.digestAtRelease));
Command.PubInfo.permission.tag = SwapBytes16 (PubInfo->permission.tag);
Command.PubInfo.permission.attributes = SwapBytes32 (PubInfo->permission.attributes);
Command.PubInfo.bReadSTClear = PubInfo->bReadSTClear;
Command.PubInfo.bWriteSTClear = PubInfo->bWriteSTClear;
Command.PubInfo.bWriteDefine = PubInfo->bWriteDefine;
Command.PubInfo.dataSize = SwapBytes32 (PubInfo->dataSize);
- CopyMem (&Command.EncAuth, EncAuth, sizeof(*EncAuth));
+ CopyMem (&Command.EncAuth, EncAuth, sizeof (*EncAuth));
Length = sizeof (Response);
Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
+
DEBUG ((DEBUG_INFO, "Tpm12NvDefineSpace - ReturnCode = %x\n", SwapBytes32 (Response.returnCode)));
switch (SwapBytes32 (Response.returnCode)) {
- case TPM_SUCCESS:
- return EFI_SUCCESS;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
}
}
@@ -146,17 +147,18 @@ Tpm12NvReadValue ( Command.NvIndex = SwapBytes32 (NvIndex);
Command.Offset = SwapBytes32 (Offset);
Command.DataSize = SwapBytes32 (*DataSize);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
+
DEBUG ((DEBUG_INFO, "Tpm12NvReadValue - ReturnCode = %x\n", SwapBytes32 (Response.Hdr.returnCode)));
switch (SwapBytes32 (Response.Hdr.returnCode)) {
- case TPM_SUCCESS:
- break;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_SUCCESS:
+ break;
+ default:
+ return EFI_DEVICE_ERROR;
}
//
@@ -165,6 +167,7 @@ Tpm12NvReadValue ( if (SwapBytes32 (Response.DataSize) > *DataSize) {
return EFI_BUFFER_TOO_SMALL;
}
+
*DataSize = SwapBytes32 (Response.DataSize);
ZeroMem (Data, *DataSize);
CopyMem (Data, &Response.Data, *DataSize);
@@ -206,7 +209,7 @@ Tpm12NvWriteValue ( // send Tpm command TPM_ORD_NV_WriteValue
//
Command.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- CommandLength = sizeof (Command) - sizeof(Command.Data) + DataSize;
+ CommandLength = sizeof (Command) - sizeof (Command.Data) + DataSize;
Command.Hdr.paramSize = SwapBytes32 (CommandLength);
Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_NV_WriteValue);
Command.NvIndex = SwapBytes32 (NvIndex);
@@ -214,15 +217,16 @@ Tpm12NvWriteValue ( Command.DataSize = SwapBytes32 (DataSize);
CopyMem (Command.Data, Data, DataSize);
ResponseLength = sizeof (Response);
- Status = Tpm12SubmitCommand (CommandLength, (UINT8 *)&Command, &ResponseLength, (UINT8 *)&Response);
+ Status = Tpm12SubmitCommand (CommandLength, (UINT8 *)&Command, &ResponseLength, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
+
DEBUG ((DEBUG_INFO, "Tpm12NvWriteValue - ReturnCode = %x\n", SwapBytes32 (Response.returnCode)));
switch (SwapBytes32 (Response.returnCode)) {
- case TPM_SUCCESS:
- return EFI_SUCCESS;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
}
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c index 382f059fb6..1dae03d17a 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Ownership.c @@ -31,19 +31,20 @@ Tpm12ForceClear ( //
// send Tpm command TPM_ORD_ForceClear
//
- Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- Command.paramSize = SwapBytes32 (sizeof (Command));
- Command.ordinal = SwapBytes32 (TPM_ORD_ForceClear);
- Length = sizeof (Response);
+ Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.paramSize = SwapBytes32 (sizeof (Command));
+ Command.ordinal = SwapBytes32 (TPM_ORD_ForceClear);
+ Length = sizeof (Response);
Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
+
switch (SwapBytes32 (Response.returnCode)) {
- case TPM_SUCCESS:
- return EFI_SUCCESS;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
}
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c index 4fbcb3617c..542c6aed05 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Pcr.c @@ -16,14 +16,14 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_PCRINDEX PcrIndex;
- TPM_DIGEST TpmDigest;
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_PCRINDEX PcrIndex;
+ TPM_DIGEST TpmDigest;
} TPM_CMD_EXTEND;
typedef struct {
- TPM_RSP_COMMAND_HDR Hdr;
- TPM_DIGEST TpmDigest;
+ TPM_RSP_COMMAND_HDR Hdr;
+ TPM_DIGEST TpmDigest;
} TPM_RSP_EXTEND;
#pragma pack()
@@ -68,8 +68,8 @@ Tpm12Extend ( return Status;
}
- if (SwapBytes32(Response.Hdr.returnCode) != TPM_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm12Extend: Response Code error! 0x%08x\r\n", SwapBytes32(Response.Hdr.returnCode)));
+ if (SwapBytes32 (Response.Hdr.returnCode) != TPM_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm12Extend: Response Code error! 0x%08x\r\n", SwapBytes32 (Response.Hdr.returnCode)));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c index 6714d17d8e..034a15cf14 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12PhysicalPresence.c @@ -15,8 +15,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_PHYSICAL_PRESENCE PhysicalPresence;
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_PHYSICAL_PRESENCE PhysicalPresence;
} TPM_CMD_PHYSICAL_PRESENCE;
#pragma pack()
@@ -50,15 +50,15 @@ Tpm12PhysicalPresence ( Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
Command.Hdr.ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence);
Command.PhysicalPresence = SwapBytes16 (PhysicalPresence);
- Length = sizeof (Response);
+ Length = sizeof (Response);
Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
- if (SwapBytes32(Response.returnCode) != TPM_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm12PhysicalPresence: Response Code error! 0x%08x\r\n", SwapBytes32(Response.returnCode)));
+ if (SwapBytes32 (Response.returnCode) != TPM_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm12PhysicalPresence: Response Code error! 0x%08x\r\n", SwapBytes32 (Response.returnCode)));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c index be389a5106..61a2225861 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12SelfTest.c @@ -39,8 +39,8 @@ Tpm12ContinueSelfTest ( Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
Command.paramSize = SwapBytes32 (sizeof (Command));
Command.ordinal = SwapBytes32 (TPM_ORD_ContinueSelfTest);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
diff --git a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c index 49e6a1e304..7811c3f0fb 100644 --- a/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c +++ b/SecurityPkg/Library/Tpm12CommandLib/Tpm12Startup.c @@ -16,8 +16,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM_RQU_COMMAND_HDR Hdr;
- TPM_STARTUP_TYPE TpmSt;
+ TPM_RQU_COMMAND_HDR Hdr;
+ TPM_STARTUP_TYPE TpmSt;
} TPM_CMD_START_UP;
#pragma pack()
@@ -48,21 +48,22 @@ Tpm12Startup ( Command.Hdr.paramSize = SwapBytes32 (sizeof (Command));
Command.Hdr.ordinal = SwapBytes32 (TPM_ORD_Startup);
Command.TpmSt = SwapBytes16 (TpmSt);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
- switch (SwapBytes32(Response.returnCode)) {
- case TPM_SUCCESS:
- DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_SUCCESS\n"));
- return EFI_SUCCESS;
- case TPM_INVALID_POSTINIT:
- // In warm reset, TPM may response TPM_INVALID_POSTINIT
- DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_INVALID_POSTINIT\n"));
- return EFI_SUCCESS;
- default:
- return EFI_DEVICE_ERROR;
+
+ switch (SwapBytes32 (Response.returnCode)) {
+ case TPM_SUCCESS:
+ DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_SUCCESS\n"));
+ return EFI_SUCCESS;
+ case TPM_INVALID_POSTINIT:
+ // In warm reset, TPM may response TPM_INVALID_POSTINIT
+ DEBUG ((DEBUG_INFO, "TPM12Startup: TPM_INVALID_POSTINIT\n"));
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
}
}
@@ -86,18 +87,19 @@ Tpm12SaveState ( //
// send Tpm command TPM_ORD_SaveState
//
- Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
- Command.paramSize = SwapBytes32 (sizeof (Command));
- Command.ordinal = SwapBytes32 (TPM_ORD_SaveState);
- Length = sizeof (Response);
- Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
+ Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
+ Command.paramSize = SwapBytes32 (sizeof (Command));
+ Command.ordinal = SwapBytes32 (TPM_ORD_SaveState);
+ Length = sizeof (Response);
+ Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
+
switch (SwapBytes32 (Response.returnCode)) {
- case TPM_SUCCESS:
- return EFI_SUCCESS;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_SUCCESS:
+ return EFI_SUCCESS;
+ default:
+ return EFI_DEVICE_ERROR;
}
}
diff --git a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c index d9e1ce86ee..51f4359128 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c +++ b/SecurityPkg/Library/Tpm12DeviceLibDTpm/Tpm12Tis.c @@ -30,7 +30,7 @@ typedef enum { //
// Max TPM command/response length
//
-#define TPMCMDBUFLENGTH 1024
+#define TPMCMDBUFLENGTH 1024
/**
Check whether TPM chip exist.
@@ -42,10 +42,10 @@ typedef enum { **/
BOOLEAN
Tpm12TisPcPresenceCheck (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- UINT8 RegRead;
+ UINT8 RegRead;
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
@@ -60,32 +60,37 @@ Tpm12TisPcPresenceCheck ( **/
PTP_INTERFACE_TYPE
Tpm12GetPtpInterface (
- IN VOID *Register
+ IN VOID *Register
)
{
- PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
- PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
+ PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
+ PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
if (!Tpm12TisPcPresenceCheck (Register)) {
return PtpInterfaceMax;
}
+
//
// Check interface id
//
- InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
+ InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) &&
- (InterfaceId.Bits.CapCRB != 0)) {
+ (InterfaceId.Bits.CapCRB != 0))
+ {
return PtpInterfaceCrb;
}
+
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) &&
(InterfaceId.Bits.CapFIFO != 0) &&
- (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) {
+ (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP))
+ {
return PtpInterfaceFifo;
}
+
return PtpInterfaceTis;
}
@@ -102,21 +107,24 @@ Tpm12GetPtpInterface ( **/
EFI_STATUS
Tpm12TisPcWaitRegisterBits (
- IN UINT8 *Register,
- IN UINT8 BitSet,
- IN UINT8 BitClear,
- IN UINT32 TimeOut
+ IN UINT8 *Register,
+ IN UINT8 BitSet,
+ IN UINT8 BitClear,
+ IN UINT32 TimeOut
)
{
- UINT8 RegRead;
- UINT32 WaitTime;
+ UINT8 RegRead;
+ UINT32 WaitTime;
- for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
+ for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30) {
RegRead = MmioRead8 ((UINTN)Register);
- if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0)
+ if (((RegRead & BitSet) == BitSet) && ((RegRead & BitClear) == 0)) {
return EFI_SUCCESS;
+ }
+
MicroSecondDelay (30);
}
+
return EFI_TIMEOUT;
}
@@ -133,15 +141,15 @@ Tpm12TisPcWaitRegisterBits ( **/
EFI_STATUS
Tpm12TisPcReadBurstCount (
- IN TIS_PC_REGISTERS_PTR TisReg,
- OUT UINT16 *BurstCount
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ OUT UINT16 *BurstCount
)
{
- UINT32 WaitTime;
- UINT8 DataByte0;
- UINT8 DataByte1;
+ UINT32 WaitTime;
+ UINT8 DataByte0;
+ UINT8 DataByte1;
- if (BurstCount == NULL || TisReg == NULL) {
+ if ((BurstCount == NULL) || (TisReg == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -157,6 +165,7 @@ Tpm12TisPcReadBurstCount ( if (*BurstCount != 0) {
return EFI_SUCCESS;
}
+
MicroSecondDelay (30);
WaitTime += 30;
} while (WaitTime < TIS_TIMEOUT_D);
@@ -176,16 +185,16 @@ Tpm12TisPcReadBurstCount ( **/
EFI_STATUS
Tpm12TisPcPrepareCommand (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_READY);
Status = Tpm12TisPcWaitRegisterBits (
&TisReg->Status,
TIS_PC_STS_READY,
@@ -208,10 +217,10 @@ Tpm12TisPcPrepareCommand ( **/
EFI_STATUS
Tpm12TisPcRequestUseTpm (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
@@ -221,7 +230,7 @@ Tpm12TisPcRequestUseTpm ( return EFI_NOT_FOUND;
}
- MmioWrite8((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
+ MmioWrite8 ((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
Status = Tpm12TisPcWaitRegisterBits (
&TisReg->Access,
(UINT8)(TIS_PC_ACC_ACTIVE |TIS_PC_VALID),
@@ -248,48 +257,52 @@ Tpm12TisPcRequestUseTpm ( **/
EFI_STATUS
Tpm12TisTpmCommand (
- IN TIS_PC_REGISTERS_PTR TisReg,
- IN UINT8 *BufferIn,
- IN UINT32 SizeIn,
- IN OUT UINT8 *BufferOut,
- IN OUT UINT32 *SizeOut
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ IN UINT8 *BufferIn,
+ IN UINT32 SizeIn,
+ IN OUT UINT8 *BufferOut,
+ IN OUT UINT32 *SizeOut
)
{
- EFI_STATUS Status;
- UINT16 BurstCount;
- UINT32 Index;
- UINT32 TpmOutSize;
- UINT16 Data16;
- UINT32 Data32;
- UINT16 RspTag;
+ EFI_STATUS Status;
+ UINT16 BurstCount;
+ UINT32 Index;
+ UINT32 TpmOutSize;
+ UINT16 Data16;
+ UINT32 Data32;
+ UINT16 RspTag;
DEBUG_CODE_BEGIN ();
- UINTN DebugSize;
+ UINTN DebugSize;
- DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand Send - "));
- if (SizeIn > 0x100) {
- DebugSize = 0x40;
- } else {
- DebugSize = SizeIn;
- }
- for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand Send - "));
+ if (SizeIn > 0x100) {
+ DebugSize = 0x40;
+ } else {
+ DebugSize = SizeIn;
+ }
+
+ for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
+ }
+
+ if (DebugSize != SizeIn) {
+ DEBUG ((DEBUG_VERBOSE, "...... "));
+ for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
}
- if (DebugSize != SizeIn) {
- DEBUG ((DEBUG_VERBOSE, "...... "));
- for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
- }
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
TpmOutSize = 0;
Status = Tpm12TisPcPrepareCommand (TisReg);
- if (EFI_ERROR (Status)){
+ if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "Tpm12 is not ready for command!\n"));
return EFI_DEVICE_ERROR;
}
+
//
// Send the command data to Tpm
//
@@ -300,17 +313,19 @@ Tpm12TisTpmCommand ( Status = EFI_DEVICE_ERROR;
goto Exit;
}
- for (; BurstCount > 0 && Index < SizeIn; BurstCount--) {
- MmioWrite8((UINTN)&TisReg->DataFifo, *(BufferIn + Index));
+
+ for ( ; BurstCount > 0 && Index < SizeIn; BurstCount--) {
+ MmioWrite8 ((UINTN)&TisReg->DataFifo, *(BufferIn + Index));
Index++;
}
}
+
//
// Check the Tpm status STS_EXPECT change from 1 to 0
//
Status = Tpm12TisPcWaitRegisterBits (
&TisReg->Status,
- (UINT8) TIS_PC_VALID,
+ (UINT8)TIS_PC_VALID,
TIS_PC_STS_EXPECT,
TIS_TIMEOUT_C
);
@@ -319,13 +334,14 @@ Tpm12TisTpmCommand ( Status = EFI_BUFFER_TOO_SMALL;
goto Exit;
}
+
//
// Executed the TPM command and waiting for the response data ready
//
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_GO);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_GO);
Status = Tpm12TisPcWaitRegisterBits (
&TisReg->Status,
- (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
+ (UINT8)(TIS_PC_VALID | TIS_PC_STS_DATA),
0,
TIS_TIMEOUT_B
);
@@ -334,10 +350,11 @@ Tpm12TisTpmCommand ( Status = EFI_DEVICE_ERROR;
goto Exit;
}
+
//
// Get response data header
//
- Index = 0;
+ Index = 0;
BurstCount = 0;
while (Index < sizeof (TPM_RSP_COMMAND_HDR)) {
Status = Tpm12TisPcReadBurstCount (TisReg, &BurstCount);
@@ -345,42 +362,48 @@ Tpm12TisTpmCommand ( Status = EFI_DEVICE_ERROR;
goto Exit;
}
- for (; BurstCount > 0; BurstCount--) {
+
+ for ( ; BurstCount > 0; BurstCount--) {
*(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
Index++;
- if (Index == sizeof (TPM_RSP_COMMAND_HDR)) break;
+ if (Index == sizeof (TPM_RSP_COMMAND_HDR)) {
+ break;
+ }
}
}
+
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand ReceiveHeader - "));
- for (Index = 0; Index < sizeof (TPM_RSP_COMMAND_HDR); Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand ReceiveHeader - "));
+ for (Index = 0; Index < sizeof (TPM_RSP_COMMAND_HDR); Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
//
// Check the response data header (tag, parasize and returncode)
//
CopyMem (&Data16, BufferOut, sizeof (UINT16));
RspTag = SwapBytes16 (Data16);
- if (RspTag != TPM_TAG_RSP_COMMAND && RspTag != TPM_TAG_RSP_AUTH1_COMMAND && RspTag != TPM_TAG_RSP_AUTH2_COMMAND) {
+ if ((RspTag != TPM_TAG_RSP_COMMAND) && (RspTag != TPM_TAG_RSP_AUTH1_COMMAND) && (RspTag != TPM_TAG_RSP_AUTH2_COMMAND)) {
DEBUG ((DEBUG_ERROR, "TPM12: Response tag error - current tag value is %x\n", RspTag));
Status = EFI_UNSUPPORTED;
goto Exit;
}
CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
- TpmOutSize = SwapBytes32 (Data32);
+ TpmOutSize = SwapBytes32 (Data32);
if (*SizeOut < TpmOutSize) {
Status = EFI_BUFFER_TOO_SMALL;
goto Exit;
}
+
*SizeOut = TpmOutSize;
//
// Continue reading the remaining data
//
while ( Index < TpmOutSize ) {
- for (; BurstCount > 0; BurstCount--) {
+ for ( ; BurstCount > 0; BurstCount--) {
*(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
Index++;
if (Index == TpmOutSize) {
@@ -388,21 +411,24 @@ Tpm12TisTpmCommand ( goto Exit;
}
}
+
Status = Tpm12TisPcReadBurstCount (TisReg, &BurstCount);
if (EFI_ERROR (Status)) {
Status = EFI_DEVICE_ERROR;
goto Exit;
}
}
+
Exit:
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand Receive - "));
- for (Index = 0; Index < TpmOutSize; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "Tpm12TisTpmCommand Receive - "));
+ for (Index = 0; Index < TpmOutSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_READY);
return Status;
}
@@ -421,10 +447,10 @@ Exit: EFI_STATUS
EFIAPI
Tpm12SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
PTP_INTERFACE_TYPE PtpInterface;
@@ -432,25 +458,24 @@ Tpm12SubmitCommand ( //
// Special handle for TPM1.2 to check PTP too, because PTP/TIS share same register address.
//
- PtpInterface = Tpm12GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ PtpInterface = Tpm12GetPtpInterface ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
switch (PtpInterface) {
- case PtpInterfaceFifo:
- case PtpInterfaceTis:
- return Tpm12TisTpmCommand (
- (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
- InputParameterBlock,
- InputParameterBlockSize,
- OutputParameterBlock,
- OutputParameterBlockSize
- );
- case PtpInterfaceCrb:
+ case PtpInterfaceFifo:
+ case PtpInterfaceTis:
+ return Tpm12TisTpmCommand (
+ (TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress),
+ InputParameterBlock,
+ InputParameterBlockSize,
+ OutputParameterBlock,
+ OutputParameterBlockSize
+ );
+ case PtpInterfaceCrb:
//
// No need to support CRB because it is only accept TPM2 command.
//
- default:
- return EFI_DEVICE_ERROR;
+ default:
+ return EFI_DEVICE_ERROR;
}
-
}
/**
@@ -466,22 +491,24 @@ Tpm12SubmitCommand ( **/
EFI_STATUS
Tpm12PtpCrbWaitRegisterBits (
- IN UINT32 *Register,
- IN UINT32 BitSet,
- IN UINT32 BitClear,
- IN UINT32 TimeOut
+ IN UINT32 *Register,
+ IN UINT32 BitSet,
+ IN UINT32 BitClear,
+ IN UINT32 TimeOut
)
{
- UINT32 RegRead;
- UINT32 WaitTime;
+ UINT32 RegRead;
+ UINT32 WaitTime;
- for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
+ for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30) {
RegRead = MmioRead32 ((UINTN)Register);
- if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0) {
+ if (((RegRead & BitSet) == BitSet) && ((RegRead & BitClear) == 0)) {
return EFI_SUCCESS;
}
+
MicroSecondDelay (30);
}
+
return EFI_TIMEOUT;
}
@@ -497,12 +524,12 @@ Tpm12PtpCrbWaitRegisterBits ( **/
EFI_STATUS
Tpm12PtpCrbRequestUseTpm (
- IN PTP_CRB_REGISTERS_PTR CrbReg
+ IN PTP_CRB_REGISTERS_PTR CrbReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
- MmioWrite32((UINTN)&CrbReg->LocalityControl, PTP_CRB_LOCALITY_CONTROL_REQUEST_ACCESS);
+ MmioWrite32 ((UINTN)&CrbReg->LocalityControl, PTP_CRB_LOCALITY_CONTROL_REQUEST_ACCESS);
Status = Tpm12PtpCrbWaitRegisterBits (
&CrbReg->LocalityStatus,
PTP_CRB_LOCALITY_STATUS_GRANTED,
@@ -531,14 +558,14 @@ Tpm12RequestUseTpm ( // Special handle for TPM1.2 to check PTP too, because PTP/TIS share same register address.
// Some other program might leverage this function to check the existence of TPM chip.
//
- PtpInterface = Tpm12GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ PtpInterface = Tpm12GetPtpInterface ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
switch (PtpInterface) {
- case PtpInterfaceCrb:
- return Tpm12PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- case PtpInterfaceFifo:
- case PtpInterfaceTis:
- return Tpm12TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- default:
- return EFI_NOT_FOUND;
+ case PtpInterfaceCrb:
+ return Tpm12PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ case PtpInterfaceFifo:
+ case PtpInterfaceTis:
+ return Tpm12TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ default:
+ return EFI_NOT_FOUND;
}
}
diff --git a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c index 2869f9ec83..9de6077194 100644 --- a/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c +++ b/SecurityPkg/Library/Tpm12DeviceLibTcg/Tpm12DeviceLibTcg.c @@ -32,17 +32,17 @@ EFI_TCG_PROTOCOL *mTcgProtocol = NULL; EFI_STATUS
EFIAPI
Tpm12SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
- EFI_STATUS Status;
- TPM_RSP_COMMAND_HDR *Header;
+ EFI_STATUS Status;
+ TPM_RSP_COMMAND_HDR *Header;
if (mTcgProtocol == NULL) {
- Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &mTcgProtocol);
+ Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&mTcgProtocol);
if (EFI_ERROR (Status)) {
//
// TCG protocol is not installed. So, TPM12 is not present.
@@ -51,6 +51,7 @@ Tpm12SubmitCommand ( return EFI_NOT_FOUND;
}
}
+
//
// Assume when TCG Protocol is ready, RequestUseTpm already done.
//
@@ -64,7 +65,8 @@ Tpm12SubmitCommand ( if (EFI_ERROR (Status)) {
return Status;
}
- Header = (TPM_RSP_COMMAND_HDR *)OutputParameterBlock;
+
+ Header = (TPM_RSP_COMMAND_HDR *)OutputParameterBlock;
*OutputParameterBlockSize = SwapBytes32 (Header->paramSize);
return EFI_SUCCESS;
@@ -83,10 +85,10 @@ Tpm12RequestUseTpm ( VOID
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (mTcgProtocol == NULL) {
- Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **) &mTcgProtocol);
+ Status = gBS->LocateProtocol (&gEfiTcgProtocolGuid, NULL, (VOID **)&mTcgProtocol);
if (EFI_ERROR (Status)) {
//
// TCG protocol is not installed. So, TPM12 is not present.
@@ -95,6 +97,7 @@ Tpm12RequestUseTpm ( return EFI_NOT_FOUND;
}
}
+
//
// Assume when TCG Protocol is ready, RequestUseTpm already done.
//
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c index dcbdf72cac..9db301ec9a 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Capability.c @@ -16,25 +16,25 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPM_CAP Capability;
- UINT32 Property;
- UINT32 PropertyCount;
+ TPM2_COMMAND_HEADER Header;
+ TPM_CAP Capability;
+ UINT32 Property;
+ UINT32 PropertyCount;
} TPM2_GET_CAPABILITY_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPMI_YES_NO MoreData;
- TPMS_CAPABILITY_DATA CapabilityData;
+ TPM2_RESPONSE_HEADER Header;
+ TPMI_YES_NO MoreData;
+ TPMS_CAPABILITY_DATA CapabilityData;
} TPM2_GET_CAPABILITY_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMT_PUBLIC_PARMS Parameters;
+ TPM2_COMMAND_HEADER Header;
+ TPMT_PUBLIC_PARMS Parameters;
} TPM2_TEST_PARMS_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_TEST_PARMS_RESPONSE;
#pragma pack()
@@ -69,37 +69,37 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2GetCapability (
- IN TPM_CAP Capability,
- IN UINT32 Property,
- IN UINT32 PropertyCount,
- OUT TPMI_YES_NO *MoreData,
- OUT TPMS_CAPABILITY_DATA *CapabilityData
+ IN TPM_CAP Capability,
+ IN UINT32 Property,
+ IN UINT32 PropertyCount,
+ OUT TPMI_YES_NO *MoreData,
+ OUT TPMS_CAPABILITY_DATA *CapabilityData
)
{
- EFI_STATUS Status;
- TPM2_GET_CAPABILITY_COMMAND SendBuffer;
- TPM2_GET_CAPABILITY_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
+ EFI_STATUS Status;
+ TPM2_GET_CAPABILITY_COMMAND SendBuffer;
+ TPM2_GET_CAPABILITY_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_GetCapability);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_GetCapability);
- SendBuffer.Capability = SwapBytes32 (Capability);
- SendBuffer.Property = SwapBytes32 (Property);
+ SendBuffer.Capability = SwapBytes32 (Capability);
+ SendBuffer.Property = SwapBytes32 (Property);
SendBuffer.PropertyCount = SwapBytes32 (PropertyCount);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer );
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -111,8 +111,8 @@ Tpm2GetCapability ( //
// Fail if command failed
//
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2GetCapability: Response Code error! 0x%08x\r\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2GetCapability: Response Code error! 0x%08x\r\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -141,12 +141,12 @@ Tpm2GetCapability ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityFamily (
- OUT CHAR8 *Family
+ OUT CHAR8 *Family
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -158,6 +158,7 @@ Tpm2GetCapabilityFamily ( if (EFI_ERROR (Status)) {
return Status;
}
+
CopyMem (Family, &TpmCap.data.tpmProperties.tpmProperty->value, 4);
return EFI_SUCCESS;
@@ -176,12 +177,12 @@ Tpm2GetCapabilityFamily ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityManufactureID (
- OUT UINT32 *ManufactureId
+ OUT UINT32 *ManufactureId
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -193,6 +194,7 @@ Tpm2GetCapabilityManufactureID ( if (EFI_ERROR (Status)) {
return Status;
}
+
*ManufactureId = TpmCap.data.tpmProperties.tpmProperty->value;
return EFI_SUCCESS;
@@ -212,13 +214,13 @@ Tpm2GetCapabilityManufactureID ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityFirmwareVersion (
- OUT UINT32 *FirmwareVersion1,
- OUT UINT32 *FirmwareVersion2
+ OUT UINT32 *FirmwareVersion1,
+ OUT UINT32 *FirmwareVersion2
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -230,6 +232,7 @@ Tpm2GetCapabilityFirmwareVersion ( if (EFI_ERROR (Status)) {
return Status;
}
+
*FirmwareVersion1 = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
Status = Tpm2GetCapability (
@@ -242,6 +245,7 @@ Tpm2GetCapabilityFirmwareVersion ( if (EFI_ERROR (Status)) {
return Status;
}
+
*FirmwareVersion2 = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
return EFI_SUCCESS;
@@ -261,13 +265,13 @@ Tpm2GetCapabilityFirmwareVersion ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityMaxCommandResponseSize (
- OUT UINT32 *MaxCommandSize,
- OUT UINT32 *MaxResponseSize
+ OUT UINT32 *MaxCommandSize,
+ OUT UINT32 *MaxResponseSize
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -311,13 +315,13 @@ Tpm2GetCapabilityMaxCommandResponseSize ( EFI_STATUS
EFIAPI
Tpm2GetCapabilitySupportedAlg (
- OUT TPML_ALG_PROPERTY *AlgList
+ OUT TPML_ALG_PROPERTY *AlgList
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- UINTN Index;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ UINTN Index;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_ALGS,
@@ -359,12 +363,12 @@ Tpm2GetCapabilitySupportedAlg ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityLockoutCounter (
- OUT UINT32 *LockoutCounter
+ OUT UINT32 *LockoutCounter
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -376,6 +380,7 @@ Tpm2GetCapabilityLockoutCounter ( if (EFI_ERROR (Status)) {
return Status;
}
+
*LockoutCounter = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
return EFI_SUCCESS;
@@ -394,12 +399,12 @@ Tpm2GetCapabilityLockoutCounter ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityLockoutInterval (
- OUT UINT32 *LockoutInterval
+ OUT UINT32 *LockoutInterval
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -411,6 +416,7 @@ Tpm2GetCapabilityLockoutInterval ( if (EFI_ERROR (Status)) {
return Status;
}
+
*LockoutInterval = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
return EFI_SUCCESS;
@@ -430,12 +436,12 @@ Tpm2GetCapabilityLockoutInterval ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityInputBufferSize (
- OUT UINT32 *InputBufferSize
+ OUT UINT32 *InputBufferSize
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -447,6 +453,7 @@ Tpm2GetCapabilityInputBufferSize ( if (EFI_ERROR (Status)) {
return Status;
}
+
*InputBufferSize = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
return EFI_SUCCESS;
@@ -465,13 +472,13 @@ Tpm2GetCapabilityInputBufferSize ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityPcrs (
- OUT TPML_PCR_SELECTION *Pcrs
+ OUT TPML_PCR_SELECTION *Pcrs
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
- UINTN Index;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
+ UINTN Index;
Status = Tpm2GetCapability (
TPM_CAP_PCRS,
@@ -491,12 +498,13 @@ Tpm2GetCapabilityPcrs ( }
for (Index = 0; Index < Pcrs->count; Index++) {
- Pcrs->pcrSelections[Index].hash = SwapBytes16 (TpmCap.data.assignedPCR.pcrSelections[Index].hash);
+ Pcrs->pcrSelections[Index].hash = SwapBytes16 (TpmCap.data.assignedPCR.pcrSelections[Index].hash);
Pcrs->pcrSelections[Index].sizeofSelect = TpmCap.data.assignedPCR.pcrSelections[Index].sizeofSelect;
if (Pcrs->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
DEBUG ((DEBUG_ERROR, "Tpm2GetCapabilityPcrs - sizeofSelect error %x\n", Pcrs->pcrSelections[Index].sizeofSelect));
return EFI_DEVICE_ERROR;
}
+
CopyMem (Pcrs->pcrSelections[Index].pcrSelect, TpmCap.data.assignedPCR.pcrSelections[Index].pcrSelect, Pcrs->pcrSelections[Index].sizeofSelect);
}
@@ -517,14 +525,14 @@ Tpm2GetCapabilityPcrs ( EFI_STATUS
EFIAPI
Tpm2GetCapabilitySupportedAndActivePcrs (
- OUT UINT32 *TpmHashAlgorithmBitmap,
- OUT UINT32 *ActivePcrBanks
+ OUT UINT32 *TpmHashAlgorithmBitmap,
+ OUT UINT32 *ActivePcrBanks
)
{
- EFI_STATUS Status;
- TPML_PCR_SELECTION Pcrs;
- UINTN Index;
- UINT8 ActivePcrBankCount;
+ EFI_STATUS Status;
+ TPML_PCR_SELECTION Pcrs;
+ UINTN Index;
+ UINT8 ActivePcrBankCount;
//
// Get supported PCR
@@ -539,7 +547,7 @@ Tpm2GetCapabilitySupportedAndActivePcrs ( DEBUG ((DEBUG_ERROR, "GetSupportedAndActivePcrs - Tpm2GetCapabilityPcrs fail!\n"));
*TpmHashAlgorithmBitmap = HASH_ALG_SHA1;
*ActivePcrBanks = HASH_ALG_SHA1;
- ActivePcrBankCount = 1;
+ ActivePcrBankCount = 1;
}
//
// Otherwise, process the return data to determine what algorithms are supported
@@ -550,55 +558,60 @@ Tpm2GetCapabilitySupportedAndActivePcrs ( *ActivePcrBanks = 0;
for (Index = 0; Index < Pcrs.count; Index++) {
switch (Pcrs.pcrSelections[Index].hash) {
- case TPM_ALG_SHA1:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA1 present.\n"));
- *TpmHashAlgorithmBitmap |= HASH_ALG_SHA1;
- if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA1 active.\n"));
- *ActivePcrBanks |= HASH_ALG_SHA1;
- ActivePcrBankCount++;
- }
- break;
- case TPM_ALG_SHA256:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA256 present.\n"));
- *TpmHashAlgorithmBitmap |= HASH_ALG_SHA256;
- if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA256 active.\n"));
- *ActivePcrBanks |= HASH_ALG_SHA256;
- ActivePcrBankCount++;
- }
- break;
- case TPM_ALG_SHA384:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA384 present.\n"));
- *TpmHashAlgorithmBitmap |= HASH_ALG_SHA384;
- if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA384 active.\n"));
- *ActivePcrBanks |= HASH_ALG_SHA384;
- ActivePcrBankCount++;
- }
- break;
- case TPM_ALG_SHA512:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA512 present.\n"));
- *TpmHashAlgorithmBitmap |= HASH_ALG_SHA512;
- if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA512 active.\n"));
- *ActivePcrBanks |= HASH_ALG_SHA512;
- ActivePcrBankCount++;
- }
- break;
- case TPM_ALG_SM3_256:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SM3_256 present.\n"));
- *TpmHashAlgorithmBitmap |= HASH_ALG_SM3_256;
- if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SM3_256 active.\n"));
- *ActivePcrBanks |= HASH_ALG_SM3_256;
- ActivePcrBankCount++;
- }
- break;
- default:
- DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - Unsupported bank 0x%04x.\n", Pcrs.pcrSelections[Index].hash));
- continue;
- break;
+ case TPM_ALG_SHA1:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA1 present.\n"));
+ *TpmHashAlgorithmBitmap |= HASH_ALG_SHA1;
+ if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA1 active.\n"));
+ *ActivePcrBanks |= HASH_ALG_SHA1;
+ ActivePcrBankCount++;
+ }
+
+ break;
+ case TPM_ALG_SHA256:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA256 present.\n"));
+ *TpmHashAlgorithmBitmap |= HASH_ALG_SHA256;
+ if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA256 active.\n"));
+ *ActivePcrBanks |= HASH_ALG_SHA256;
+ ActivePcrBankCount++;
+ }
+
+ break;
+ case TPM_ALG_SHA384:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA384 present.\n"));
+ *TpmHashAlgorithmBitmap |= HASH_ALG_SHA384;
+ if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA384 active.\n"));
+ *ActivePcrBanks |= HASH_ALG_SHA384;
+ ActivePcrBankCount++;
+ }
+
+ break;
+ case TPM_ALG_SHA512:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA512 present.\n"));
+ *TpmHashAlgorithmBitmap |= HASH_ALG_SHA512;
+ if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SHA512 active.\n"));
+ *ActivePcrBanks |= HASH_ALG_SHA512;
+ ActivePcrBankCount++;
+ }
+
+ break;
+ case TPM_ALG_SM3_256:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SM3_256 present.\n"));
+ *TpmHashAlgorithmBitmap |= HASH_ALG_SM3_256;
+ if (!IsZeroBuffer (Pcrs.pcrSelections[Index].pcrSelect, Pcrs.pcrSelections[Index].sizeofSelect)) {
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - HASH_ALG_SM3_256 active.\n"));
+ *ActivePcrBanks |= HASH_ALG_SM3_256;
+ ActivePcrBankCount++;
+ }
+
+ break;
+ default:
+ DEBUG ((DEBUG_VERBOSE, "GetSupportedAndActivePcrs - Unsupported bank 0x%04x.\n", Pcrs.pcrSelections[Index].hash));
+ continue;
+ break;
}
}
}
@@ -620,12 +633,12 @@ Tpm2GetCapabilitySupportedAndActivePcrs ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityAlgorithmSet (
- OUT UINT32 *AlgorithmSet
+ OUT UINT32 *AlgorithmSet
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
Status = Tpm2GetCapability (
TPM_CAP_TPM_PROPERTIES,
@@ -637,6 +650,7 @@ Tpm2GetCapabilityAlgorithmSet ( if (EFI_ERROR (Status)) {
return Status;
}
+
*AlgorithmSet = SwapBytes32 (TpmCap.data.tpmProperties.tpmProperty->value);
return EFI_SUCCESS;
@@ -654,14 +668,14 @@ Tpm2GetCapabilityAlgorithmSet ( EFI_STATUS
EFIAPI
Tpm2GetCapabilityIsCommandImplemented (
- IN TPM_CC Command,
- OUT BOOLEAN *IsCmdImpl
+ IN TPM_CC Command,
+ OUT BOOLEAN *IsCmdImpl
)
{
- TPMS_CAPABILITY_DATA TpmCap;
- TPMI_YES_NO MoreData;
- EFI_STATUS Status;
- UINT32 Attribute;
+ TPMS_CAPABILITY_DATA TpmCap;
+ TPMI_YES_NO MoreData;
+ EFI_STATUS Status;
+ UINT32 Attribute;
Status = Tpm2GetCapability (
TPM_CAP_COMMANDS,
@@ -675,7 +689,7 @@ Tpm2GetCapabilityIsCommandImplemented ( }
CopyMem (&Attribute, &TpmCap.data.command.commandAttributes[0], sizeof (UINT32));
- *IsCmdImpl = (Command == (SwapBytes32(Attribute) & TPMA_CC_COMMANDINDEX_MASK));
+ *IsCmdImpl = (Command == (SwapBytes32 (Attribute) & TPMA_CC_COMMANDINDEX_MASK));
return EFI_SUCCESS;
}
@@ -691,199 +705,206 @@ Tpm2GetCapabilityIsCommandImplemented ( EFI_STATUS
EFIAPI
Tpm2TestParms (
- IN TPMT_PUBLIC_PARMS *Parameters
+ IN TPMT_PUBLIC_PARMS *Parameters
)
{
- EFI_STATUS Status;
- TPM2_TEST_PARMS_COMMAND SendBuffer;
- TPM2_TEST_PARMS_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
+ EFI_STATUS Status;
+ TPM2_TEST_PARMS_COMMAND SendBuffer;
+ TPM2_TEST_PARMS_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_TestParms);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_TestParms);
Buffer = (UINT8 *)&SendBuffer.Parameters;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->type));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
switch (Parameters->type) {
- case TPM_ALG_KEYEDHASH:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.scheme));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.keyedHashDetail.scheme.scheme) {
- case TPM_ALG_HMAC:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.hmac.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_XOR:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.xor.hashAlg));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.xor.kdf));
- Buffer += sizeof(UINT16);
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- case TPM_ALG_SYMCIPHER:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.algorithm));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.symDetail.algorithm) {
- case TPM_ALG_AES:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.aes));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.mode.aes));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.SM4));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.mode.SM4));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_XOR:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.xor));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- break;
- case TPM_ALG_RSA:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.algorithm));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.rsaDetail.symmetric.algorithm) {
- case TPM_ALG_AES:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.keyBits.aes));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.mode.aes));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.keyBits.SM4));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.mode.SM4));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.scheme));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.rsaDetail.scheme.scheme) {
- case TPM_ALG_RSASSA:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.rsassa.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_RSAPSS:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.rsapss.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_RSAES:
- break;
- case TPM_ALG_OAEP:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.oaep.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.keyBits));
- Buffer += sizeof(UINT16);
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (Parameters->parameters.rsaDetail.exponent));
- Buffer += sizeof(UINT32);
- break;
- case TPM_ALG_ECC:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.algorithm));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.eccDetail.symmetric.algorithm) {
- case TPM_ALG_AES:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.keyBits.aes));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.mode.aes));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.keyBits.SM4));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.mode.SM4));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.scheme));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.eccDetail.scheme.scheme) {
- case TPM_ALG_ECDSA:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecdsa.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_ECDAA:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecdaa.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_ECSCHNORR:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecSchnorr.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_ECDH:
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_INVALID_PARAMETER;
- }
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.curveID));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.scheme));
- Buffer += sizeof(UINT16);
- switch (Parameters->parameters.eccDetail.kdf.scheme) {
- case TPM_ALG_MGF1:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.mgf1.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_KDF1_SP800_108:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf1_sp800_108.hashAlg));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_KDF1_SP800_56a:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf1_SP800_56a.hashAlg));
- Buffer += sizeof(UINT16);
+ case TPM_ALG_KEYEDHASH:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.scheme));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.keyedHashDetail.scheme.scheme) {
+ case TPM_ALG_HMAC:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.hmac.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_XOR:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.xor.hashAlg));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.keyedHashDetail.scheme.details.xor.kdf));
+ Buffer += sizeof (UINT16);
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+ case TPM_ALG_SYMCIPHER:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.algorithm));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.symDetail.algorithm) {
+ case TPM_ALG_AES:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.aes));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.mode.aes));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.SM4));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.mode.SM4));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_XOR:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.symDetail.keyBits.xor));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
break;
- case TPM_ALG_KDF2:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf2.hashAlg));
- Buffer += sizeof(UINT16);
+ case TPM_ALG_RSA:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.algorithm));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.rsaDetail.symmetric.algorithm) {
+ case TPM_ALG_AES:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.keyBits.aes));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.mode.aes));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.keyBits.SM4));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.symmetric.mode.SM4));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.scheme));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.rsaDetail.scheme.scheme) {
+ case TPM_ALG_RSASSA:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.rsassa.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_RSAPSS:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.rsapss.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_RSAES:
+ break;
+ case TPM_ALG_OAEP:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.scheme.details.oaep.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.rsaDetail.keyBits));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (Parameters->parameters.rsaDetail.exponent));
+ Buffer += sizeof (UINT32);
break;
- case TPM_ALG_NULL:
+ case TPM_ALG_ECC:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.algorithm));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.eccDetail.symmetric.algorithm) {
+ case TPM_ALG_AES:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.keyBits.aes));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.mode.aes));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.keyBits.SM4));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.symmetric.mode.SM4));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.scheme));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.eccDetail.scheme.scheme) {
+ case TPM_ALG_ECDSA:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecdsa.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECDAA:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecdaa.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECSCHNORR:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.scheme.details.ecSchnorr.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECDH:
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.curveID));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.scheme));
+ Buffer += sizeof (UINT16);
+ switch (Parameters->parameters.eccDetail.kdf.scheme) {
+ case TPM_ALG_MGF1:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.mgf1.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF1_SP800_108:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf1_sp800_108.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF1_SP800_56a:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf1_SP800_56a.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF2:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Parameters->parameters.eccDetail.kdf.details.kdf2.hashAlg));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_INVALID_PARAMETER;
+ }
+
break;
default:
return EFI_INVALID_PARAMETER;
- }
- break;
- default:
- return EFI_INVALID_PARAMETER;
}
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -892,8 +913,9 @@ Tpm2TestParms ( DEBUG ((DEBUG_ERROR, "Tpm2TestParms - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2TestParms - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2TestParms - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_UNSUPPORTED;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c index f284f8d21a..a961dd126d 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Context.c @@ -16,12 +16,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_CONTEXT FlushHandle;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_CONTEXT FlushHandle;
} TPM2_FLUSH_CONTEXT_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_FLUSH_CONTEXT_RESPONSE;
#pragma pack()
@@ -37,31 +37,31 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2FlushContext (
- IN TPMI_DH_CONTEXT FlushHandle
+ IN TPMI_DH_CONTEXT FlushHandle
)
{
- EFI_STATUS Status;
- TPM2_FLUSH_CONTEXT_COMMAND SendBuffer;
- TPM2_FLUSH_CONTEXT_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
+ EFI_STATUS Status;
+ TPM2_FLUSH_CONTEXT_COMMAND SendBuffer;
+ TPM2_FLUSH_CONTEXT_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_FlushContext);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_FlushContext);
SendBuffer.FlushHandle = SwapBytes32 (FlushHandle);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -70,8 +70,9 @@ Tpm2FlushContext ( DEBUG ((DEBUG_ERROR, "Tpm2FlushContext - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2FlushContext - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2FlushContext - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c index 2f830e0aea..ac8183d9ea 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2DictionaryAttack.c @@ -16,32 +16,32 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_LOCKOUT LockHandle;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_LOCKOUT LockHandle;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_LOCKOUT LockHandle;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- UINT32 NewMaxTries;
- UINT32 NewRecoveryTime;
- UINT32 LockoutRecovery;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_LOCKOUT LockHandle;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ UINT32 NewMaxTries;
+ UINT32 NewRecoveryTime;
+ UINT32 LockoutRecovery;
} TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE;
#pragma pack()
@@ -59,23 +59,23 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2DictionaryAttackLockReset (
- IN TPMI_RH_LOCKOUT LockHandle,
- IN TPMS_AUTH_COMMAND *AuthSession
+ IN TPMI_RH_LOCKOUT LockHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession
)
{
- EFI_STATUS Status;
- TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND SendBuffer;
- TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_DICTIONARY_ATTACK_LOCK_RESET_COMMAND SendBuffer;
+ TPM2_DICTIONARY_ATTACK_LOCK_RESET_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_DictionaryAttackLockReset);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_DictionaryAttackLockReset);
SendBuffer.LockHandle = SwapBytes32 (LockHandle);
@@ -85,18 +85,18 @@ Tpm2DictionaryAttackLockReset ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -106,8 +106,9 @@ Tpm2DictionaryAttackLockReset ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackLockReset - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -116,8 +117,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -137,26 +138,26 @@ Done: EFI_STATUS
EFIAPI
Tpm2DictionaryAttackParameters (
- IN TPMI_RH_LOCKOUT LockHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN UINT32 NewMaxTries,
- IN UINT32 NewRecoveryTime,
- IN UINT32 LockoutRecovery
+ IN TPMI_RH_LOCKOUT LockHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN UINT32 NewMaxTries,
+ IN UINT32 NewRecoveryTime,
+ IN UINT32 LockoutRecovery
)
{
- EFI_STATUS Status;
- TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND SendBuffer;
- TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_DICTIONARY_ATTACK_PARAMETERS_COMMAND SendBuffer;
+ TPM2_DICTIONARY_ATTACK_PARAMETERS_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_DictionaryAttackParameters);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_DictionaryAttackParameters);
SendBuffer.LockHandle = SwapBytes32 (LockHandle);
@@ -166,28 +167,28 @@ Tpm2DictionaryAttackParameters ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// Real data
//
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(NewMaxTries));
- Buffer += sizeof(UINT32);
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(NewRecoveryTime));
- Buffer += sizeof(UINT32);
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(LockoutRecovery));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NewMaxTries));
+ Buffer += sizeof (UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NewRecoveryTime));
+ Buffer += sizeof (UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (LockoutRecovery));
+ Buffer += sizeof (UINT32);
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -197,8 +198,9 @@ Tpm2DictionaryAttackParameters ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2DictionaryAttackParameters - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -207,7 +209,7 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBufferSize, sizeof(SendBufferSize));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBufferSize, sizeof (SendBufferSize));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c index 53983d745b..c63db70336 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2EnhancedAuthorization.c @@ -16,53 +16,53 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_ENTITY AuthHandle;
- TPMI_SH_POLICY PolicySession;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPM2B_NONCE NonceTPM;
- TPM2B_DIGEST CpHashA;
- TPM2B_NONCE PolicyRef;
- INT32 Expiration;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_ENTITY AuthHandle;
+ TPMI_SH_POLICY PolicySession;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPM2B_NONCE NonceTPM;
+ TPM2B_DIGEST CpHashA;
+ TPM2B_NONCE PolicyRef;
+ INT32 Expiration;
} TPM2_POLICY_SECRET_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPM2B_TIMEOUT Timeout;
- TPMT_TK_AUTH PolicyTicket;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPM2B_TIMEOUT Timeout;
+ TPMT_TK_AUTH PolicyTicket;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_POLICY_SECRET_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_SH_POLICY PolicySession;
- TPML_DIGEST HashList;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_SH_POLICY PolicySession;
+ TPML_DIGEST HashList;
} TPM2_POLICY_OR_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_POLICY_OR_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_SH_POLICY PolicySession;
- TPM_CC Code;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_SH_POLICY PolicySession;
+ TPM_CC Code;
} TPM2_POLICY_COMMAND_CODE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_POLICY_COMMAND_CODE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_SH_POLICY PolicySession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_SH_POLICY PolicySession;
} TPM2_POLICY_GET_DIGEST_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPM2B_DIGEST PolicyHash;
+ TPM2_RESPONSE_HEADER Header;
+ TPM2B_DIGEST PolicyHash;
} TPM2_POLICY_GET_DIGEST_RESPONSE;
#pragma pack()
@@ -88,32 +88,32 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2PolicySecret (
- IN TPMI_DH_ENTITY AuthHandle,
- IN TPMI_SH_POLICY PolicySession,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
- IN TPM2B_NONCE *NonceTPM,
- IN TPM2B_DIGEST *CpHashA,
- IN TPM2B_NONCE *PolicyRef,
- IN INT32 Expiration,
- OUT TPM2B_TIMEOUT *Timeout,
- OUT TPMT_TK_AUTH *PolicyTicket
+ IN TPMI_DH_ENTITY AuthHandle,
+ IN TPMI_SH_POLICY PolicySession,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
+ IN TPM2B_NONCE *NonceTPM,
+ IN TPM2B_DIGEST *CpHashA,
+ IN TPM2B_NONCE *PolicyRef,
+ IN INT32 Expiration,
+ OUT TPM2B_TIMEOUT *Timeout,
+ OUT TPMT_TK_AUTH *PolicyTicket
)
{
- EFI_STATUS Status;
- TPM2_POLICY_SECRET_COMMAND SendBuffer;
- TPM2_POLICY_SECRET_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_POLICY_SECRET_COMMAND SendBuffer;
+ TPM2_POLICY_SECRET_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicySecret);
- SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.PolicySession = SwapBytes32 (PolicySession);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_PolicySecret);
+ SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
+ SendBuffer.PolicySession = SwapBytes32 (PolicySession);
//
// Add in Auth session
@@ -121,39 +121,39 @@ Tpm2PolicySecret ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// Real data
//
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(NonceTPM->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NonceTPM->size));
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, NonceTPM->buffer, NonceTPM->size);
Buffer += NonceTPM->size;
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(CpHashA->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (CpHashA->size));
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, CpHashA->buffer, CpHashA->size);
Buffer += CpHashA->size;
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(PolicyRef->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (PolicyRef->size));
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, PolicyRef->buffer, PolicyRef->size);
Buffer += PolicyRef->size;
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32((UINT32)Expiration));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 ((UINT32)Expiration));
+ Buffer += sizeof (UINT32);
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -163,8 +163,9 @@ Tpm2PolicySecret ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -172,24 +173,24 @@ Tpm2PolicySecret ( //
// Return the response
//
- Buffer = (UINT8 *)&RecvBuffer.Timeout;
- Timeout->size = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
- if (Timeout->size > sizeof(UINT64)) {
+ Buffer = (UINT8 *)&RecvBuffer.Timeout;
+ Timeout->size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ if (Timeout->size > sizeof (UINT64)) {
DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - Timeout->size error %x\n", Timeout->size));
Status = EFI_DEVICE_ERROR;
goto Done;
}
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Timeout->buffer, Buffer, Timeout->size);
- PolicyTicket->tag = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- PolicyTicket->hierarchy = SwapBytes32(ReadUnaligned32 ((UINT32 *)Buffer));
- Buffer += sizeof(UINT32);
- PolicyTicket->digest.size = SwapBytes16(ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (PolicyTicket->digest.size > sizeof(TPMU_HA)) {
+ PolicyTicket->tag = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ PolicyTicket->hierarchy = SwapBytes32 (ReadUnaligned32 ((UINT32 *)Buffer));
+ Buffer += sizeof (UINT32);
+ PolicyTicket->digest.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (PolicyTicket->digest.size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2PolicySecret - digest.size error %x\n", PolicyTicket->digest.size));
Status = EFI_DEVICE_ERROR;
goto Done;
@@ -201,8 +202,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -221,43 +222,43 @@ Done: EFI_STATUS
EFIAPI
Tpm2PolicyOR (
- IN TPMI_SH_POLICY PolicySession,
- IN TPML_DIGEST *HashList
+ IN TPMI_SH_POLICY PolicySession,
+ IN TPML_DIGEST *HashList
)
{
- EFI_STATUS Status;
- TPM2_POLICY_OR_COMMAND SendBuffer;
- TPM2_POLICY_OR_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINTN Index;
+ EFI_STATUS Status;
+ TPM2_POLICY_OR_COMMAND SendBuffer;
+ TPM2_POLICY_OR_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINTN Index;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicyOR);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_PolicyOR);
SendBuffer.PolicySession = SwapBytes32 (PolicySession);
- Buffer = (UINT8 *)&SendBuffer.HashList;
+ Buffer = (UINT8 *)&SendBuffer.HashList;
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (HashList->count));
- Buffer += sizeof(UINT32);
+ Buffer += sizeof (UINT32);
for (Index = 0; Index < HashList->count; Index++) {
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (HashList->digests[Index].size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, HashList->digests[Index].buffer, HashList->digests[Index].size);
Buffer += HashList->digests[Index].size;
}
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -266,8 +267,9 @@ Tpm2PolicyOR ( DEBUG ((DEBUG_ERROR, "Tpm2PolicyOR - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PolicyOR - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PolicyOR - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -286,33 +288,33 @@ Tpm2PolicyOR ( EFI_STATUS
EFIAPI
Tpm2PolicyCommandCode (
- IN TPMI_SH_POLICY PolicySession,
- IN TPM_CC Code
+ IN TPMI_SH_POLICY PolicySession,
+ IN TPM_CC Code
)
{
- EFI_STATUS Status;
- TPM2_POLICY_COMMAND_CODE_COMMAND SendBuffer;
- TPM2_POLICY_COMMAND_CODE_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
+ EFI_STATUS Status;
+ TPM2_POLICY_COMMAND_CODE_COMMAND SendBuffer;
+ TPM2_POLICY_COMMAND_CODE_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicyCommandCode);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_PolicyCommandCode);
SendBuffer.PolicySession = SwapBytes32 (PolicySession);
- SendBuffer.Code = SwapBytes32 (Code);
+ SendBuffer.Code = SwapBytes32 (Code);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -321,8 +323,9 @@ Tpm2PolicyCommandCode ( DEBUG ((DEBUG_ERROR, "Tpm2PolicyCommandCode - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PolicyCommandCode - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PolicyCommandCode - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -342,32 +345,32 @@ Tpm2PolicyCommandCode ( EFI_STATUS
EFIAPI
Tpm2PolicyGetDigest (
- IN TPMI_SH_POLICY PolicySession,
- OUT TPM2B_DIGEST *PolicyHash
+ IN TPMI_SH_POLICY PolicySession,
+ OUT TPM2B_DIGEST *PolicyHash
)
{
- EFI_STATUS Status;
- TPM2_POLICY_GET_DIGEST_COMMAND SendBuffer;
- TPM2_POLICY_GET_DIGEST_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
+ EFI_STATUS Status;
+ TPM2_POLICY_GET_DIGEST_COMMAND SendBuffer;
+ TPM2_POLICY_GET_DIGEST_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PolicyGetDigest);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_PolicyGetDigest);
SendBuffer.PolicySession = SwapBytes32 (PolicySession);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -376,8 +379,9 @@ Tpm2PolicyGetDigest ( DEBUG ((DEBUG_ERROR, "Tpm2PolicyGetDigest - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PolicyGetDigest - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PolicyGetDigest - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -385,7 +389,7 @@ Tpm2PolicyGetDigest ( // Return the response
//
PolicyHash->size = SwapBytes16 (RecvBuffer.PolicyHash.size);
- if (PolicyHash->size > sizeof(TPMU_HA)) {
+ if (PolicyHash->size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2PolicyGetDigest - PolicyHash->size error %x\n", PolicyHash->size));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c index 44115cded3..e7f30b673f 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Help.c @@ -14,17 +14,17 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/DebugLib.h>
typedef struct {
- TPMI_ALG_HASH HashAlgo;
- UINT16 HashSize;
- UINT32 HashMask;
+ TPMI_ALG_HASH HashAlgo;
+ UINT16 HashSize;
+ UINT32 HashMask;
} INTERNAL_HASH_INFO;
-STATIC INTERNAL_HASH_INFO mHashInfo[] = {
- {TPM_ALG_SHA1, SHA1_DIGEST_SIZE, HASH_ALG_SHA1},
- {TPM_ALG_SHA256, SHA256_DIGEST_SIZE, HASH_ALG_SHA256},
- {TPM_ALG_SM3_256, SM3_256_DIGEST_SIZE, HASH_ALG_SM3_256},
- {TPM_ALG_SHA384, SHA384_DIGEST_SIZE, HASH_ALG_SHA384},
- {TPM_ALG_SHA512, SHA512_DIGEST_SIZE, HASH_ALG_SHA512},
+STATIC INTERNAL_HASH_INFO mHashInfo[] = {
+ { TPM_ALG_SHA1, SHA1_DIGEST_SIZE, HASH_ALG_SHA1 },
+ { TPM_ALG_SHA256, SHA256_DIGEST_SIZE, HASH_ALG_SHA256 },
+ { TPM_ALG_SM3_256, SM3_256_DIGEST_SIZE, HASH_ALG_SM3_256 },
+ { TPM_ALG_SHA384, SHA384_DIGEST_SIZE, HASH_ALG_SHA384 },
+ { TPM_ALG_SHA512, SHA512_DIGEST_SIZE, HASH_ALG_SHA512 },
};
/**
@@ -37,16 +37,17 @@ STATIC INTERNAL_HASH_INFO mHashInfo[] = { UINT16
EFIAPI
GetHashSizeFromAlgo (
- IN TPMI_ALG_HASH HashAlgo
+ IN TPMI_ALG_HASH HashAlgo
)
{
UINTN Index;
- for (Index = 0; Index < sizeof(mHashInfo)/sizeof(mHashInfo[0]); Index++) {
+ for (Index = 0; Index < sizeof (mHashInfo)/sizeof (mHashInfo[0]); Index++) {
if (mHashInfo[Index].HashAlgo == HashAlgo) {
return mHashInfo[Index].HashSize;
}
}
+
return 0;
}
@@ -60,16 +61,17 @@ GetHashSizeFromAlgo ( UINT32
EFIAPI
GetHashMaskFromAlgo (
- IN TPMI_ALG_HASH HashAlgo
+ IN TPMI_ALG_HASH HashAlgo
)
{
UINTN Index;
- for (Index = 0; Index < sizeof(mHashInfo)/sizeof(mHashInfo[0]); Index++) {
+ for (Index = 0; Index < sizeof (mHashInfo)/sizeof (mHashInfo[0]); Index++) {
if (mHashInfo[Index].HashAlgo == HashAlgo) {
return mHashInfo[Index].HashMask;
}
}
+
return 0;
}
@@ -84,8 +86,8 @@ GetHashMaskFromAlgo ( UINT32
EFIAPI
CopyAuthSessionCommand (
- IN TPMS_AUTH_COMMAND *AuthSessionIn OPTIONAL,
- OUT UINT8 *AuthSessionOut
+ IN TPMS_AUTH_COMMAND *AuthSessionIn OPTIONAL,
+ OUT UINT8 *AuthSessionOut
)
{
UINT8 *Buffer;
@@ -97,12 +99,12 @@ CopyAuthSessionCommand ( //
if (AuthSessionIn != NULL) {
// sessionHandle
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(AuthSessionIn->sessionHandle));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (AuthSessionIn->sessionHandle));
+ Buffer += sizeof (UINT32);
// nonce
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthSessionIn->nonce.size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, AuthSessionIn->nonce.buffer, AuthSessionIn->nonce.size);
Buffer += AuthSessionIn->nonce.size;
@@ -113,26 +115,26 @@ CopyAuthSessionCommand ( // hmac
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthSessionIn->hmac.size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, AuthSessionIn->hmac.buffer, AuthSessionIn->hmac.size);
Buffer += AuthSessionIn->hmac.size;
} else {
// sessionHandle
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(TPM_RS_PW));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (TPM_RS_PW));
+ Buffer += sizeof (UINT32);
// nonce = nullNonce
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(0));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (0));
+ Buffer += sizeof (UINT16);
// sessionAttributes = 0
*(UINT8 *)Buffer = 0x00;
Buffer++;
// hmac = nullAuth
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(0));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (0));
+ Buffer += sizeof (UINT16);
}
return (UINT32)((UINTN)Buffer - (UINTN)AuthSessionOut);
@@ -150,12 +152,12 @@ CopyAuthSessionCommand ( UINT32
EFIAPI
CopyAuthSessionResponse (
- IN UINT8 *AuthSessionIn,
- OUT TPMS_AUTH_RESPONSE *AuthSessionOut OPTIONAL
+ IN UINT8 *AuthSessionIn,
+ OUT TPMS_AUTH_RESPONSE *AuthSessionOut OPTIONAL
)
{
- UINT8 *Buffer;
- TPMS_AUTH_RESPONSE LocalAuthSessionOut;
+ UINT8 *Buffer;
+ TPMS_AUTH_RESPONSE LocalAuthSessionOut;
if (AuthSessionOut == NULL) {
AuthSessionOut = &LocalAuthSessionOut;
@@ -165,8 +167,8 @@ CopyAuthSessionResponse ( // nonce
AuthSessionOut->nonce.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (AuthSessionOut->nonce.size > sizeof(TPMU_HA)) {
+ Buffer += sizeof (UINT16);
+ if (AuthSessionOut->nonce.size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - nonce.size error %x\n", AuthSessionOut->nonce.size));
return 0;
}
@@ -175,13 +177,13 @@ CopyAuthSessionResponse ( Buffer += AuthSessionOut->nonce.size;
// sessionAttributes
- *(UINT8 *)&AuthSessionOut->sessionAttributes = *(UINT8 *)Buffer;
+ *(UINT8 *) &AuthSessionOut->sessionAttributes = *(UINT8 *)Buffer;
Buffer++;
// hmac
AuthSessionOut->hmac.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (AuthSessionOut->hmac.size > sizeof(TPMU_HA)) {
+ Buffer += sizeof (UINT16);
+ if (AuthSessionOut->hmac.size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "CopyAuthSessionResponse - hmac.size error %x\n", AuthSessionOut->hmac.size));
return 0;
}
@@ -203,37 +205,42 @@ CopyAuthSessionResponse ( **/
BOOLEAN
EFIAPI
-IsHashAlgSupportedInHashAlgorithmMask(
+IsHashAlgSupportedInHashAlgorithmMask (
IN TPMI_ALG_HASH HashAlg,
IN UINT32 HashAlgorithmMask
)
{
switch (HashAlg) {
- case TPM_ALG_SHA1:
- if ((HashAlgorithmMask & HASH_ALG_SHA1) != 0) {
- return TRUE;
- }
- break;
- case TPM_ALG_SHA256:
- if ((HashAlgorithmMask & HASH_ALG_SHA256) != 0) {
- return TRUE;
- }
- break;
- case TPM_ALG_SHA384:
- if ((HashAlgorithmMask & HASH_ALG_SHA384) != 0) {
- return TRUE;
- }
- break;
- case TPM_ALG_SHA512:
- if ((HashAlgorithmMask & HASH_ALG_SHA512) != 0) {
- return TRUE;
- }
- break;
- case TPM_ALG_SM3_256:
- if ((HashAlgorithmMask & HASH_ALG_SM3_256) != 0) {
- return TRUE;
- }
- break;
+ case TPM_ALG_SHA1:
+ if ((HashAlgorithmMask & HASH_ALG_SHA1) != 0) {
+ return TRUE;
+ }
+
+ break;
+ case TPM_ALG_SHA256:
+ if ((HashAlgorithmMask & HASH_ALG_SHA256) != 0) {
+ return TRUE;
+ }
+
+ break;
+ case TPM_ALG_SHA384:
+ if ((HashAlgorithmMask & HASH_ALG_SHA384) != 0) {
+ return TRUE;
+ }
+
+ break;
+ case TPM_ALG_SHA512:
+ if ((HashAlgorithmMask & HASH_ALG_SHA512) != 0) {
+ return TRUE;
+ }
+
+ break;
+ case TPM_ALG_SM3_256:
+ if ((HashAlgorithmMask & HASH_ALG_SM3_256) != 0) {
+ return TRUE;
+ }
+
+ break;
}
return FALSE;
@@ -251,31 +258,33 @@ IsHashAlgSupportedInHashAlgorithmMask( VOID *
EFIAPI
CopyDigestListToBuffer (
- IN OUT VOID *Buffer,
- IN TPML_DIGEST_VALUES *DigestList,
- IN UINT32 HashAlgorithmMask
+ IN OUT VOID *Buffer,
+ IN TPML_DIGEST_VALUES *DigestList,
+ IN UINT32 HashAlgorithmMask
)
{
- UINTN Index;
- UINT16 DigestSize;
- UINT32 DigestListCount;
- UINT32 *DigestListCountPtr;
-
- DigestListCountPtr = (UINT32 *) Buffer;
- DigestListCount = 0;
- Buffer = (UINT8 *)Buffer + sizeof(DigestList->count);
+ UINTN Index;
+ UINT16 DigestSize;
+ UINT32 DigestListCount;
+ UINT32 *DigestListCountPtr;
+
+ DigestListCountPtr = (UINT32 *)Buffer;
+ DigestListCount = 0;
+ Buffer = (UINT8 *)Buffer + sizeof (DigestList->count);
for (Index = 0; Index < DigestList->count; Index++) {
- if (!IsHashAlgSupportedInHashAlgorithmMask(DigestList->digests[Index].hashAlg, HashAlgorithmMask)) {
+ if (!IsHashAlgSupportedInHashAlgorithmMask (DigestList->digests[Index].hashAlg, HashAlgorithmMask)) {
DEBUG ((DEBUG_ERROR, "WARNING: TPM2 Event log has HashAlg unsupported by PCR bank (0x%x)\n", DigestList->digests[Index].hashAlg));
continue;
}
- CopyMem (Buffer, &DigestList->digests[Index].hashAlg, sizeof(DigestList->digests[Index].hashAlg));
- Buffer = (UINT8 *)Buffer + sizeof(DigestList->digests[Index].hashAlg);
+
+ CopyMem (Buffer, &DigestList->digests[Index].hashAlg, sizeof (DigestList->digests[Index].hashAlg));
+ Buffer = (UINT8 *)Buffer + sizeof (DigestList->digests[Index].hashAlg);
DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);
CopyMem (Buffer, &DigestList->digests[Index].digest, DigestSize);
Buffer = (UINT8 *)Buffer + DigestSize;
DigestListCount++;
}
+
WriteUnaligned32 (DigestListCountPtr, DigestListCount);
return Buffer;
@@ -291,17 +300,17 @@ CopyDigestListToBuffer ( UINT32
EFIAPI
GetDigestListSize (
- IN TPML_DIGEST_VALUES *DigestList
+ IN TPML_DIGEST_VALUES *DigestList
)
{
- UINTN Index;
- UINT16 DigestSize;
- UINT32 TotalSize;
+ UINTN Index;
+ UINT16 DigestSize;
+ UINT32 TotalSize;
- TotalSize = sizeof(DigestList->count);
+ TotalSize = sizeof (DigestList->count);
for (Index = 0; Index < DigestList->count; Index++) {
DigestSize = GetHashSizeFromAlgo (DigestList->digests[Index].hashAlg);
- TotalSize += sizeof(DigestList->digests[Index].hashAlg) + DigestSize;
+ TotalSize += sizeof (DigestList->digests[Index].hashAlg) + DigestSize;
}
return TotalSize;
@@ -320,13 +329,13 @@ GetDigestListSize ( EFI_STATUS
EFIAPI
GetDigestFromDigestList (
- IN TPMI_ALG_HASH HashAlg,
- IN TPML_DIGEST_VALUES *DigestList,
- OUT VOID *Digest
+ IN TPMI_ALG_HASH HashAlg,
+ IN TPML_DIGEST_VALUES *DigestList,
+ OUT VOID *Digest
)
{
- UINTN Index;
- UINT16 DigestSize;
+ UINTN Index;
+ UINT16 DigestSize;
DigestSize = GetHashSizeFromAlgo (HashAlg);
for (Index = 0; Index < DigestList->count; Index++) {
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c index 957d694431..7144955be1 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Hierarchy.c @@ -25,36 +25,36 @@ typedef struct { } TPM2_SET_PRIMARY_POLICY_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_SET_PRIMARY_POLICY_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_CLEAR AuthHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_CLEAR AuthHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_CLEAR_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_CLEAR_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_CLEAR AuthHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPMI_YES_NO Disable;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_CLEAR AuthHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPMI_YES_NO Disable;
} TPM2_CLEAR_CONTROL_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_CLEAR_CONTROL_RESPONSE;
typedef struct {
@@ -66,50 +66,50 @@ typedef struct { } TPM2_HIERARCHY_CHANGE_AUTH_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_HIERARCHY_CHANGE_AUTH_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PLATFORM AuthHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PLATFORM AuthHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_CHANGE_EPS_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_CHANGE_EPS_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PLATFORM AuthHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PLATFORM AuthHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_CHANGE_PPS_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_CHANGE_PPS_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_HIERARCHY AuthHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPMI_RH_HIERARCHY Hierarchy;
- TPMI_YES_NO State;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_HIERARCHY AuthHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPMI_RH_HIERARCHY Hierarchy;
+ TPMI_YES_NO State;
} TPM2_HIERARCHY_CONTROL_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_HIERARCHY_CONTROL_RESPONSE;
#pragma pack()
@@ -129,25 +129,25 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2SetPrimaryPolicy (
- IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN TPM2B_DIGEST *AuthPolicy,
- IN TPMI_ALG_HASH HashAlg
+ IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN TPM2B_DIGEST *AuthPolicy,
+ IN TPMI_ALG_HASH HashAlg
)
{
- EFI_STATUS Status;
- TPM2_SET_PRIMARY_POLICY_COMMAND SendBuffer;
- TPM2_SET_PRIMARY_POLICY_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_SET_PRIMARY_POLICY_COMMAND SendBuffer;
+ TPM2_SET_PRIMARY_POLICY_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_SetPrimaryPolicy);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_SetPrimaryPolicy);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
@@ -157,28 +157,28 @@ Tpm2SetPrimaryPolicy ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// Real data
//
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(AuthPolicy->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthPolicy->size));
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, AuthPolicy->buffer, AuthPolicy->size);
Buffer += AuthPolicy->size;
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(HashAlg));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (HashAlg));
+ Buffer += sizeof (UINT16);
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -188,8 +188,9 @@ Tpm2SetPrimaryPolicy ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2SetPrimaryPolicy - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -198,8 +199,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -215,22 +216,22 @@ Done: EFI_STATUS
EFIAPI
Tpm2Clear (
- IN TPMI_RH_CLEAR AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
+ IN TPMI_RH_CLEAR AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
)
{
- EFI_STATUS Status;
- TPM2_CLEAR_COMMAND Cmd;
- TPM2_CLEAR_RESPONSE Res;
- UINT32 ResultBufSize;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_CLEAR_COMMAND Cmd;
+ TPM2_CLEAR_RESPONSE Res;
+ UINT32 ResultBufSize;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_Clear);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_Clear);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -238,20 +239,20 @@ Tpm2Clear ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Clear: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -260,8 +261,8 @@ Tpm2Clear ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Clear: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -270,8 +271,8 @@ Tpm2Clear ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Clear: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Clear: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -285,8 +286,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -304,23 +305,23 @@ Done: EFI_STATUS
EFIAPI
Tpm2ClearControl (
- IN TPMI_RH_CLEAR AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
- IN TPMI_YES_NO Disable
+ IN TPMI_RH_CLEAR AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
+ IN TPMI_YES_NO Disable
)
{
- EFI_STATUS Status;
- TPM2_CLEAR_CONTROL_COMMAND Cmd;
- TPM2_CLEAR_CONTROL_RESPONSE Res;
- UINT32 ResultBufSize;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_CLEAR_CONTROL_COMMAND Cmd;
+ TPM2_CLEAR_CONTROL_RESPONSE Res;
+ UINT32 ResultBufSize;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_ClearControl);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_ClearControl);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -328,24 +329,24 @@ Tpm2ClearControl ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
// disable
*(UINT8 *)Buffer = Disable;
Buffer++;
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ClearControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -354,8 +355,8 @@ Tpm2ClearControl ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ClearControl: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -364,8 +365,8 @@ Tpm2ClearControl ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "ClearControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "ClearControl: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -379,8 +380,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -398,9 +399,9 @@ Done: EFI_STATUS
EFIAPI
Tpm2HierarchyChangeAuth (
- IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN TPM2B_AUTH *NewAuth
+ IN TPMI_RH_HIERARCHY_AUTH AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN TPM2B_AUTH *NewAuth
)
{
EFI_STATUS Status;
@@ -416,10 +417,10 @@ Tpm2HierarchyChangeAuth ( //
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_HierarchyChangeAuth);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_HierarchyChangeAuth);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -427,23 +428,23 @@ Tpm2HierarchyChangeAuth ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
// New Authorization size
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(NewAuth->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NewAuth->size));
+ Buffer += sizeof (UINT16);
// New Authorization
- CopyMem(Buffer, NewAuth->buffer, NewAuth->size);
+ CopyMem (Buffer, NewAuth->buffer, NewAuth->size);
Buffer += NewAuth->size;
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBuf = (UINT8 *) &Res;
- ResultBufSize = sizeof(Res);
+ ResultBuf = (UINT8 *)&Res;
+ ResultBufSize = sizeof (Res);
//
// Call the TPM
@@ -454,11 +455,11 @@ Tpm2HierarchyChangeAuth ( &ResultBufSize,
ResultBuf
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HierarchyChangeAuth: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -467,8 +468,8 @@ Tpm2HierarchyChangeAuth ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HierarchyChangeAuth: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -477,8 +478,8 @@ Tpm2HierarchyChangeAuth ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG((DEBUG_ERROR,"HierarchyChangeAuth: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "HierarchyChangeAuth: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -487,8 +488,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -505,8 +506,8 @@ Done: EFI_STATUS
EFIAPI
Tpm2ChangeEPS (
- IN TPMI_RH_PLATFORM AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession
+ IN TPMI_RH_PLATFORM AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession
)
{
EFI_STATUS Status;
@@ -522,10 +523,10 @@ Tpm2ChangeEPS ( //
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_ChangeEPS);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_ChangeEPS);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -533,15 +534,15 @@ Tpm2ChangeEPS ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBuf = (UINT8 *) &Res;
- ResultBufSize = sizeof(Res);
+ ResultBuf = (UINT8 *)&Res;
+ ResultBufSize = sizeof (Res);
//
// Call the TPM
@@ -552,11 +553,11 @@ Tpm2ChangeEPS ( &ResultBufSize,
ResultBuf
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ChangeEPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -565,8 +566,8 @@ Tpm2ChangeEPS ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ChangeEPS: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -575,8 +576,8 @@ Tpm2ChangeEPS ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG((DEBUG_ERROR,"ChangeEPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "ChangeEPS: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -585,8 +586,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -603,8 +604,8 @@ Done: EFI_STATUS
EFIAPI
Tpm2ChangePPS (
- IN TPMI_RH_PLATFORM AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession
+ IN TPMI_RH_PLATFORM AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession
)
{
EFI_STATUS Status;
@@ -620,10 +621,10 @@ Tpm2ChangePPS ( //
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_ChangePPS);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_ChangePPS);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -631,15 +632,15 @@ Tpm2ChangePPS ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBuf = (UINT8 *) &Res;
- ResultBufSize = sizeof(Res);
+ ResultBuf = (UINT8 *)&Res;
+ ResultBufSize = sizeof (Res);
//
// Call the TPM
@@ -650,11 +651,11 @@ Tpm2ChangePPS ( &ResultBufSize,
ResultBuf
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ChangePPS: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -663,8 +664,8 @@ Tpm2ChangePPS ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "ChangePPS: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -673,8 +674,8 @@ Tpm2ChangePPS ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG((DEBUG_ERROR,"ChangePPS: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "ChangePPS: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -683,8 +684,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -703,10 +704,10 @@ Done: EFI_STATUS
EFIAPI
Tpm2HierarchyControl (
- IN TPMI_RH_HIERARCHY AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN TPMI_RH_HIERARCHY Hierarchy,
- IN TPMI_YES_NO State
+ IN TPMI_RH_HIERARCHY AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN TPMI_RH_HIERARCHY Hierarchy,
+ IN TPMI_YES_NO State
)
{
EFI_STATUS Status;
@@ -722,10 +723,10 @@ Tpm2HierarchyControl ( //
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_HierarchyControl);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_HierarchyControl);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -733,21 +734,21 @@ Tpm2HierarchyControl ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Hierarchy));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (Hierarchy));
+ Buffer += sizeof (UINT32);
*(UINT8 *)Buffer = State;
Buffer++;
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBuf = (UINT8 *) &Res;
- ResultBufSize = sizeof(Res);
+ ResultBuf = (UINT8 *)&Res;
+ ResultBufSize = sizeof (Res);
//
// Call the TPM
@@ -758,11 +759,11 @@ Tpm2HierarchyControl ( &ResultBufSize,
ResultBuf
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HierarchyControl: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -771,8 +772,8 @@ Tpm2HierarchyControl ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HierarchyControl: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -781,8 +782,8 @@ Tpm2HierarchyControl ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG((DEBUG_ERROR,"HierarchyControl: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "HierarchyControl: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -791,7 +792,7 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c index d232fe725d..8dde5f34a2 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Integrity.c @@ -16,62 +16,62 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_PCR PcrHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSessionPcr;
- TPML_DIGEST_VALUES DigestValues;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_PCR PcrHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSessionPcr;
+ TPML_DIGEST_VALUES DigestValues;
} TPM2_PCR_EXTEND_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSessionPcr;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSessionPcr;
} TPM2_PCR_EXTEND_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_PCR PcrHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSessionPcr;
- TPM2B_EVENT EventData;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_PCR PcrHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSessionPcr;
+ TPM2B_EVENT EventData;
} TPM2_PCR_EVENT_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPML_DIGEST_VALUES Digests;
- TPMS_AUTH_RESPONSE AuthSessionPcr;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPML_DIGEST_VALUES Digests;
+ TPMS_AUTH_RESPONSE AuthSessionPcr;
} TPM2_PCR_EVENT_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPML_PCR_SELECTION PcrSelectionIn;
+ TPM2_COMMAND_HEADER Header;
+ TPML_PCR_SELECTION PcrSelectionIn;
} TPM2_PCR_READ_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 PcrUpdateCounter;
- TPML_PCR_SELECTION PcrSelectionOut;
- TPML_DIGEST PcrValues;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 PcrUpdateCounter;
+ TPML_PCR_SELECTION PcrSelectionOut;
+ TPML_DIGEST PcrValues;
} TPM2_PCR_READ_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PLATFORM AuthHandle;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPML_PCR_SELECTION PcrAllocation;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PLATFORM AuthHandle;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPML_PCR_SELECTION PcrAllocation;
} TPM2_PCR_ALLOCATE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMI_YES_NO AllocationSuccess;
- UINT32 MaxPCR;
- UINT32 SizeNeeded;
- UINT32 SizeAvailable;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMI_YES_NO AllocationSuccess;
+ UINT32 MaxPCR;
+ UINT32 SizeNeeded;
+ UINT32 SizeAvailable;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_PCR_ALLOCATE_RESPONSE;
#pragma pack()
@@ -90,25 +90,24 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2PcrExtend (
- IN TPMI_DH_PCR PcrHandle,
- IN TPML_DIGEST_VALUES *Digests
+ IN TPMI_DH_PCR PcrHandle,
+ IN TPML_DIGEST_VALUES *Digests
)
{
- EFI_STATUS Status;
- TPM2_PCR_EXTEND_COMMAND Cmd;
- TPM2_PCR_EXTEND_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT32 ResultBufSize;
- UINT8 *Buffer;
- UINTN Index;
- UINT32 SessionInfoSize;
- UINT16 DigestSize;
-
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Extend);
- Cmd.PcrHandle = SwapBytes32(PcrHandle);
+ EFI_STATUS Status;
+ TPM2_PCR_EXTEND_COMMAND Cmd;
+ TPM2_PCR_EXTEND_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT32 ResultBufSize;
+ UINT8 *Buffer;
+ UINTN Index;
+ UINT32 SessionInfoSize;
+ UINT16 DigestSize;
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_PCR_Extend);
+ Cmd.PcrHandle = SwapBytes32 (PcrHandle);
//
// Add in Auth session
@@ -116,24 +115,25 @@ Tpm2PcrExtend ( Buffer = (UINT8 *)&Cmd.AuthSessionPcr;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
- //Digest Count
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(Digests->count));
- Buffer += sizeof(UINT32);
+ // Digest Count
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (Digests->count));
+ Buffer += sizeof (UINT32);
- //Digest
+ // Digest
for (Index = 0; Index < Digests->count; Index++) {
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Digests->digests[Index].hashAlg));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Digests->digests[Index].hashAlg));
+ Buffer += sizeof (UINT16);
DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
if (DigestSize == 0) {
DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
return EFI_DEVICE_ERROR;
}
- CopyMem(
+
+ CopyMem (
Buffer,
&Digests->digests[Index].digest,
DigestSize
@@ -142,15 +142,15 @@ Tpm2PcrExtend ( }
CmdSize = (UINT32)((UINTN)Buffer - (UINTN)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -158,8 +158,8 @@ Tpm2PcrExtend ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -167,8 +167,8 @@ Tpm2PcrExtend ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrExtend: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -199,25 +199,25 @@ Tpm2PcrExtend ( EFI_STATUS
EFIAPI
Tpm2PcrEvent (
- IN TPMI_DH_PCR PcrHandle,
- IN TPM2B_EVENT *EventData,
- OUT TPML_DIGEST_VALUES *Digests
+ IN TPMI_DH_PCR PcrHandle,
+ IN TPM2B_EVENT *EventData,
+ OUT TPML_DIGEST_VALUES *Digests
)
{
- EFI_STATUS Status;
- TPM2_PCR_EVENT_COMMAND Cmd;
- TPM2_PCR_EVENT_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT32 ResultBufSize;
- UINT8 *Buffer;
- UINTN Index;
- UINT32 SessionInfoSize;
- UINT16 DigestSize;
-
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Event);
- Cmd.PcrHandle = SwapBytes32(PcrHandle);
+ EFI_STATUS Status;
+ TPM2_PCR_EVENT_COMMAND Cmd;
+ TPM2_PCR_EVENT_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT32 ResultBufSize;
+ UINT8 *Buffer;
+ UINTN Index;
+ UINT32 SessionInfoSize;
+ UINT16 DigestSize;
+
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_PCR_Event);
+ Cmd.PcrHandle = SwapBytes32 (PcrHandle);
//
// Add in Auth session
@@ -225,27 +225,27 @@ Tpm2PcrEvent ( Buffer = (UINT8 *)&Cmd.AuthSessionPcr;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (NULL, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
// Event
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(EventData->size));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (EventData->size));
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, EventData->buffer, EventData->size);
Buffer += EventData->size;
CmdSize = (UINT32)((UINTN)Buffer - (UINTN)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -253,8 +253,8 @@ Tpm2PcrEvent ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -262,8 +262,8 @@ Tpm2PcrEvent ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrEvent: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -278,16 +278,17 @@ Tpm2PcrEvent ( return EFI_DEVICE_ERROR;
}
- Buffer += sizeof(UINT32);
+ Buffer += sizeof (UINT32);
for (Index = 0; Index < Digests->count; Index++) {
Digests->digests[Index].hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
+ Buffer += sizeof (UINT16);
+ DigestSize = GetHashSizeFromAlgo (Digests->digests[Index].hashAlg);
if (DigestSize == 0) {
DEBUG ((DEBUG_ERROR, "Unknown hash algorithm %d\r\n", Digests->digests[Index].hashAlg));
return EFI_DEVICE_ERROR;
}
- CopyMem(
+
+ CopyMem (
&Digests->digests[Index].digest,
Buffer,
DigestSize
@@ -312,42 +313,42 @@ Tpm2PcrEvent ( EFI_STATUS
EFIAPI
Tpm2PcrRead (
- IN TPML_PCR_SELECTION *PcrSelectionIn,
- OUT UINT32 *PcrUpdateCounter,
- OUT TPML_PCR_SELECTION *PcrSelectionOut,
- OUT TPML_DIGEST *PcrValues
+ IN TPML_PCR_SELECTION *PcrSelectionIn,
+ OUT UINT32 *PcrUpdateCounter,
+ OUT TPML_PCR_SELECTION *PcrSelectionOut,
+ OUT TPML_DIGEST *PcrValues
)
{
- EFI_STATUS Status;
- TPM2_PCR_READ_COMMAND SendBuffer;
- TPM2_PCR_READ_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINTN Index;
- TPML_DIGEST *PcrValuesOut;
- TPM2B_DIGEST *Digests;
+ EFI_STATUS Status;
+ TPM2_PCR_READ_COMMAND SendBuffer;
+ TPM2_PCR_READ_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINTN Index;
+ TPML_DIGEST *PcrValuesOut;
+ TPM2B_DIGEST *Digests;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_PCR_Read);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_PCR_Read);
- SendBuffer.PcrSelectionIn.count = SwapBytes32(PcrSelectionIn->count);
+ SendBuffer.PcrSelectionIn.count = SwapBytes32 (PcrSelectionIn->count);
for (Index = 0; Index < PcrSelectionIn->count; Index++) {
- SendBuffer.PcrSelectionIn.pcrSelections[Index].hash = SwapBytes16(PcrSelectionIn->pcrSelections[Index].hash);
+ SendBuffer.PcrSelectionIn.pcrSelections[Index].hash = SwapBytes16 (PcrSelectionIn->pcrSelections[Index].hash);
SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect = PcrSelectionIn->pcrSelections[Index].sizeofSelect;
CopyMem (&SendBuffer.PcrSelectionIn.pcrSelections[Index].pcrSelect, &PcrSelectionIn->pcrSelections[Index].pcrSelect, SendBuffer.PcrSelectionIn.pcrSelections[Index].sizeofSelect);
}
- SendBufferSize = sizeof(SendBuffer.Header) + sizeof(SendBuffer.PcrSelectionIn.count) + sizeof(SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
+ SendBufferSize = sizeof (SendBuffer.Header) + sizeof (SendBuffer.PcrSelectionIn.count) + sizeof (SendBuffer.PcrSelectionIn.pcrSelections[0]) * PcrSelectionIn->count;
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -356,8 +357,9 @@ Tpm2PcrRead ( DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_NOT_FOUND;
}
@@ -368,43 +370,47 @@ Tpm2PcrRead ( //
// PcrUpdateCounter
//
- if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter)) {
+ if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof (RecvBuffer.PcrUpdateCounter)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- *PcrUpdateCounter = SwapBytes32(RecvBuffer.PcrUpdateCounter);
+
+ *PcrUpdateCounter = SwapBytes32 (RecvBuffer.PcrUpdateCounter);
//
// PcrSelectionOut
//
- if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count)) {
+ if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof (RecvBuffer.PcrUpdateCounter) + sizeof (RecvBuffer.PcrSelectionOut.count)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- PcrSelectionOut->count = SwapBytes32(RecvBuffer.PcrSelectionOut.count);
+
+ PcrSelectionOut->count = SwapBytes32 (RecvBuffer.PcrSelectionOut.count);
if (PcrSelectionOut->count > HASH_COUNT) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrSelectionOut->count error %x\n", PcrSelectionOut->count));
return EFI_DEVICE_ERROR;
}
- if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
+ if (RecvBufferSize < sizeof (TPM2_RESPONSE_HEADER) + sizeof (RecvBuffer.PcrUpdateCounter) + sizeof (RecvBuffer.PcrSelectionOut.count) + sizeof (RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
+
for (Index = 0; Index < PcrSelectionOut->count; Index++) {
- PcrSelectionOut->pcrSelections[Index].hash = SwapBytes16(RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
+ PcrSelectionOut->pcrSelections[Index].hash = SwapBytes16 (RecvBuffer.PcrSelectionOut.pcrSelections[Index].hash);
PcrSelectionOut->pcrSelections[Index].sizeofSelect = RecvBuffer.PcrSelectionOut.pcrSelections[Index].sizeofSelect;
if (PcrSelectionOut->pcrSelections[Index].sizeofSelect > PCR_SELECT_MAX) {
return EFI_DEVICE_ERROR;
}
+
CopyMem (&PcrSelectionOut->pcrSelections[Index].pcrSelect, &RecvBuffer.PcrSelectionOut.pcrSelections[Index].pcrSelect, PcrSelectionOut->pcrSelections[Index].sizeofSelect);
}
//
// PcrValues
//
- PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof(RecvBuffer.PcrUpdateCounter) + sizeof(RecvBuffer.PcrSelectionOut.count) + sizeof(RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
- PcrValues->count = SwapBytes32(PcrValuesOut->count);
+ PcrValuesOut = (TPML_DIGEST *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof (RecvBuffer.PcrUpdateCounter) + sizeof (RecvBuffer.PcrSelectionOut.count) + sizeof (RecvBuffer.PcrSelectionOut.pcrSelections[0]) * PcrSelectionOut->count);
+ PcrValues->count = SwapBytes32 (PcrValuesOut->count);
//
// The number of digests in list is not greater than 8 per TPML_DIGEST definition
//
@@ -412,15 +418,17 @@ Tpm2PcrRead ( DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - PcrValues->count error %x\n", PcrValues->count));
return EFI_DEVICE_ERROR;
}
+
Digests = PcrValuesOut->digests;
for (Index = 0; Index < PcrValues->count; Index++) {
- PcrValues->digests[Index].size = SwapBytes16(Digests->size);
- if (PcrValues->digests[Index].size > sizeof(TPMU_HA)) {
+ PcrValues->digests[Index].size = SwapBytes16 (Digests->size);
+ if (PcrValues->digests[Index].size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrRead - Digest.size error %x\n", PcrValues->digests[Index].size));
return EFI_DEVICE_ERROR;
}
+
CopyMem (&PcrValues->digests[Index].buffer, &Digests->buffer, PcrValues->digests[Index].size);
- Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof(Digests->size) + PcrValues->digests[Index].size);
+ Digests = (TPM2B_DIGEST *)((UINT8 *)Digests + sizeof (Digests->size) + PcrValues->digests[Index].size);
}
return EFI_SUCCESS;
@@ -443,13 +451,13 @@ Tpm2PcrRead ( EFI_STATUS
EFIAPI
Tpm2PcrAllocate (
- IN TPMI_RH_PLATFORM AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN TPML_PCR_SELECTION *PcrAllocation,
- OUT TPMI_YES_NO *AllocationSuccess,
- OUT UINT32 *MaxPCR,
- OUT UINT32 *SizeNeeded,
- OUT UINT32 *SizeAvailable
+ IN TPMI_RH_PLATFORM AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN TPML_PCR_SELECTION *PcrAllocation,
+ OUT TPMI_YES_NO *AllocationSuccess,
+ OUT UINT32 *MaxPCR,
+ OUT UINT32 *SizeNeeded,
+ OUT UINT32 *SizeAvailable
)
{
EFI_STATUS Status;
@@ -466,10 +474,10 @@ Tpm2PcrAllocate ( //
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_PCR_Allocate);
- Cmd.AuthHandle = SwapBytes32(AuthHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_PCR_Allocate);
+ Cmd.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -477,27 +485,27 @@ Tpm2PcrAllocate ( Buffer = (UINT8 *)&Cmd.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- Cmd.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ Cmd.AuthSessionSize = SwapBytes32 (SessionInfoSize);
// Count
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(PcrAllocation->count));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (PcrAllocation->count));
+ Buffer += sizeof (UINT32);
for (Index = 0; Index < PcrAllocation->count; Index++) {
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(PcrAllocation->pcrSelections[Index].hash));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (PcrAllocation->pcrSelections[Index].hash));
+ Buffer += sizeof (UINT16);
*(UINT8 *)Buffer = PcrAllocation->pcrSelections[Index].sizeofSelect;
Buffer++;
CopyMem (Buffer, PcrAllocation->pcrSelections[Index].pcrSelect, PcrAllocation->pcrSelections[Index].sizeofSelect);
Buffer += PcrAllocation->pcrSelections[Index].sizeofSelect;
}
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
- ResultBuf = (UINT8 *) &Res;
- ResultBufSize = sizeof(Res);
+ ResultBuf = (UINT8 *)&Res;
+ ResultBufSize = sizeof (Res);
//
// Call the TPM
@@ -508,11 +516,11 @@ Tpm2PcrAllocate ( &ResultBufSize,
ResultBuf
);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
goto Done;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Failed ExecuteCommand: Buffer Too Small\r\n"));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -521,8 +529,8 @@ Tpm2PcrAllocate ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response size too large! %d\r\n", RespSize));
Status = EFI_BUFFER_TOO_SMALL;
goto Done;
@@ -531,8 +539,8 @@ Tpm2PcrAllocate ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG((DEBUG_ERROR,"Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2PcrAllocate: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -541,16 +549,16 @@ Tpm2PcrAllocate ( // Return the response
//
*AllocationSuccess = Res.AllocationSuccess;
- *MaxPCR = SwapBytes32(Res.MaxPCR);
- *SizeNeeded = SwapBytes32(Res.SizeNeeded);
- *SizeAvailable = SwapBytes32(Res.SizeAvailable);
+ *MaxPCR = SwapBytes32 (Res.MaxPCR);
+ *SizeNeeded = SwapBytes32 (Res.SizeNeeded);
+ *SizeAvailable = SwapBytes32 (Res.SizeAvailable);
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&Cmd, sizeof(Cmd));
- ZeroMem (&Res, sizeof(Res));
+ ZeroMem (&Cmd, sizeof (Cmd));
+ ZeroMem (&Res, sizeof (Res));
return Status;
}
@@ -566,36 +574,36 @@ Done: EFI_STATUS
EFIAPI
Tpm2PcrAllocateBanks (
- IN TPM2B_AUTH *PlatformAuth OPTIONAL,
- IN UINT32 SupportedPCRBanks,
- IN UINT32 PCRBanks
+ IN TPM2B_AUTH *PlatformAuth OPTIONAL,
+ IN UINT32 SupportedPCRBanks,
+ IN UINT32 PCRBanks
)
{
- EFI_STATUS Status;
- TPMS_AUTH_COMMAND *AuthSession;
- TPMS_AUTH_COMMAND LocalAuthSession;
- TPML_PCR_SELECTION PcrAllocation;
- TPMI_YES_NO AllocationSuccess;
- UINT32 MaxPCR;
- UINT32 SizeNeeded;
- UINT32 SizeAvailable;
+ EFI_STATUS Status;
+ TPMS_AUTH_COMMAND *AuthSession;
+ TPMS_AUTH_COMMAND LocalAuthSession;
+ TPML_PCR_SELECTION PcrAllocation;
+ TPMI_YES_NO AllocationSuccess;
+ UINT32 MaxPCR;
+ UINT32 SizeNeeded;
+ UINT32 SizeAvailable;
if (PlatformAuth == NULL) {
AuthSession = NULL;
} else {
AuthSession = &LocalAuthSession;
- ZeroMem (&LocalAuthSession, sizeof(LocalAuthSession));
+ ZeroMem (&LocalAuthSession, sizeof (LocalAuthSession));
LocalAuthSession.sessionHandle = TPM_RS_PW;
- LocalAuthSession.hmac.size = PlatformAuth->size;
+ LocalAuthSession.hmac.size = PlatformAuth->size;
CopyMem (LocalAuthSession.hmac.buffer, PlatformAuth->buffer, PlatformAuth->size);
}
//
// Fill input
//
- ZeroMem (&PcrAllocation, sizeof(PcrAllocation));
+ ZeroMem (&PcrAllocation, sizeof (PcrAllocation));
if ((HASH_ALG_SHA1 & SupportedPCRBanks) != 0) {
- PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA1;
+ PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA1;
PcrAllocation.pcrSelections[PcrAllocation.count].sizeofSelect = PCR_SELECT_MAX;
if ((HASH_ALG_SHA1 & PCRBanks) != 0) {
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[0] = 0xFF;
@@ -606,10 +614,12 @@ Tpm2PcrAllocateBanks ( PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[1] = 0x00;
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[2] = 0x00;
}
+
PcrAllocation.count++;
}
+
if ((HASH_ALG_SHA256 & SupportedPCRBanks) != 0) {
- PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA256;
+ PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA256;
PcrAllocation.pcrSelections[PcrAllocation.count].sizeofSelect = PCR_SELECT_MAX;
if ((HASH_ALG_SHA256 & PCRBanks) != 0) {
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[0] = 0xFF;
@@ -620,10 +630,12 @@ Tpm2PcrAllocateBanks ( PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[1] = 0x00;
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[2] = 0x00;
}
+
PcrAllocation.count++;
}
+
if ((HASH_ALG_SHA384 & SupportedPCRBanks) != 0) {
- PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA384;
+ PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA384;
PcrAllocation.pcrSelections[PcrAllocation.count].sizeofSelect = PCR_SELECT_MAX;
if ((HASH_ALG_SHA384 & PCRBanks) != 0) {
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[0] = 0xFF;
@@ -634,10 +646,12 @@ Tpm2PcrAllocateBanks ( PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[1] = 0x00;
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[2] = 0x00;
}
+
PcrAllocation.count++;
}
+
if ((HASH_ALG_SHA512 & SupportedPCRBanks) != 0) {
- PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA512;
+ PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SHA512;
PcrAllocation.pcrSelections[PcrAllocation.count].sizeofSelect = PCR_SELECT_MAX;
if ((HASH_ALG_SHA512 & PCRBanks) != 0) {
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[0] = 0xFF;
@@ -648,10 +662,12 @@ Tpm2PcrAllocateBanks ( PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[1] = 0x00;
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[2] = 0x00;
}
+
PcrAllocation.count++;
}
+
if ((HASH_ALG_SM3_256 & SupportedPCRBanks) != 0) {
- PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SM3_256;
+ PcrAllocation.pcrSelections[PcrAllocation.count].hash = TPM_ALG_SM3_256;
PcrAllocation.pcrSelections[PcrAllocation.count].sizeofSelect = PCR_SELECT_MAX;
if ((HASH_ALG_SM3_256 & PCRBanks) != 0) {
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[0] = 0xFF;
@@ -662,8 +678,10 @@ Tpm2PcrAllocateBanks ( PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[1] = 0x00;
PcrAllocation.pcrSelections[PcrAllocation.count].pcrSelect[2] = 0x00;
}
+
PcrAllocation.count++;
}
+
Status = Tpm2PcrAllocate (
TPM_RH_PLATFORM,
AuthSession,
@@ -684,6 +702,6 @@ Tpm2PcrAllocateBanks ( DEBUG ((DEBUG_INFO, "SizeAvailable - %08x\n", SizeAvailable));
Done:
- ZeroMem(&LocalAuthSession.hmac, sizeof(LocalAuthSession.hmac));
+ ZeroMem (&LocalAuthSession.hmac, sizeof (LocalAuthSession.hmac));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c index 1afc562998..6f6ac1e2d0 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Miscellaneous.c @@ -24,9 +24,9 @@ typedef struct { } TPM2_SET_ALGORITHM_SET_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_SET_ALGORITHM_SET_RESPONSE;
#pragma pack()
@@ -46,24 +46,24 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2SetAlgorithmSet (
- IN TPMI_RH_PLATFORM AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession,
- IN UINT32 AlgorithmSet
+ IN TPMI_RH_PLATFORM AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession,
+ IN UINT32 AlgorithmSet
)
{
- EFI_STATUS Status;
- TPM2_SET_ALGORITHM_SET_COMMAND SendBuffer;
- TPM2_SET_ALGORITHM_SET_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
+ EFI_STATUS Status;
+ TPM2_SET_ALGORITHM_SET_COMMAND SendBuffer;
+ TPM2_SET_ALGORITHM_SET_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_SetAlgorithmSet);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_SetAlgorithmSet);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
@@ -73,24 +73,24 @@ Tpm2SetAlgorithmSet ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// Real data
//
- WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32(AlgorithmSet));
- Buffer += sizeof(UINT32);
+ WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (AlgorithmSet));
+ Buffer += sizeof (UINT32);
- SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -100,8 +100,9 @@ Tpm2SetAlgorithmSet ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2SetAlgorithmSet - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
Status = EFI_DEVICE_ERROR;
goto Done;
}
@@ -110,7 +111,7 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c index d9171fb9a0..5077ace7c2 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2NVStorage.c @@ -15,137 +15,137 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
-#define RC_NV_ReadPublic_nvIndex (TPM_RC_H + TPM_RC_1)
+#define RC_NV_ReadPublic_nvIndex (TPM_RC_H + TPM_RC_1)
-#define RC_NV_DefineSpace_authHandle (TPM_RC_H + TPM_RC_1)
-#define RC_NV_DefineSpace_auth (TPM_RC_P + TPM_RC_1)
-#define RC_NV_DefineSpace_publicInfo (TPM_RC_P + TPM_RC_2)
+#define RC_NV_DefineSpace_authHandle (TPM_RC_H + TPM_RC_1)
+#define RC_NV_DefineSpace_auth (TPM_RC_P + TPM_RC_1)
+#define RC_NV_DefineSpace_publicInfo (TPM_RC_P + TPM_RC_2)
-#define RC_NV_UndefineSpace_authHandle (TPM_RC_H + TPM_RC_1)
-#define RC_NV_UndefineSpace_nvIndex (TPM_RC_H + TPM_RC_2)
+#define RC_NV_UndefineSpace_authHandle (TPM_RC_H + TPM_RC_1)
+#define RC_NV_UndefineSpace_nvIndex (TPM_RC_H + TPM_RC_2)
-#define RC_NV_Read_authHandle (TPM_RC_H + TPM_RC_1)
-#define RC_NV_Read_nvIndex (TPM_RC_H + TPM_RC_2)
-#define RC_NV_Read_size (TPM_RC_P + TPM_RC_1)
-#define RC_NV_Read_offset (TPM_RC_P + TPM_RC_2)
+#define RC_NV_Read_authHandle (TPM_RC_H + TPM_RC_1)
+#define RC_NV_Read_nvIndex (TPM_RC_H + TPM_RC_2)
+#define RC_NV_Read_size (TPM_RC_P + TPM_RC_1)
+#define RC_NV_Read_offset (TPM_RC_P + TPM_RC_2)
-#define RC_NV_Write_authHandle (TPM_RC_H + TPM_RC_1)
-#define RC_NV_Write_nvIndex (TPM_RC_H + TPM_RC_2)
-#define RC_NV_Write_data (TPM_RC_P + TPM_RC_1)
-#define RC_NV_Write_offset (TPM_RC_P + TPM_RC_2)
+#define RC_NV_Write_authHandle (TPM_RC_H + TPM_RC_1)
+#define RC_NV_Write_nvIndex (TPM_RC_H + TPM_RC_2)
+#define RC_NV_Write_data (TPM_RC_P + TPM_RC_1)
+#define RC_NV_Write_offset (TPM_RC_P + TPM_RC_2)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_NV_INDEX NvIndex;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_NV_INDEX NvIndex;
} TPM2_NV_READPUBLIC_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPM2B_NV_PUBLIC NvPublic;
- TPM2B_NAME NvName;
+ TPM2_RESPONSE_HEADER Header;
+ TPM2B_NV_PUBLIC NvPublic;
+ TPM2B_NAME NvName;
} TPM2_NV_READPUBLIC_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PROVISION AuthHandle;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPM2B_AUTH Auth;
- TPM2B_NV_PUBLIC NvPublic;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PROVISION AuthHandle;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPM2B_AUTH Auth;
+ TPM2B_NV_PUBLIC NvPublic;
} TPM2_NV_DEFINESPACE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_DEFINESPACE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PROVISION AuthHandle;
- TPMI_RH_NV_INDEX NvIndex;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PROVISION AuthHandle;
+ TPMI_RH_NV_INDEX NvIndex;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_NV_UNDEFINESPACE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_UNDEFINESPACE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_NV_AUTH AuthHandle;
- TPMI_RH_NV_INDEX NvIndex;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- UINT16 Size;
- UINT16 Offset;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_NV_AUTH AuthHandle;
+ TPMI_RH_NV_INDEX NvIndex;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ UINT16 Size;
+ UINT16 Offset;
} TPM2_NV_READ_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPM2B_MAX_BUFFER Data;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPM2B_MAX_BUFFER Data;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_READ_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_NV_AUTH AuthHandle;
- TPMI_RH_NV_INDEX NvIndex;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
- TPM2B_MAX_BUFFER Data;
- UINT16 Offset;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_NV_AUTH AuthHandle;
+ TPMI_RH_NV_INDEX NvIndex;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
+ TPM2B_MAX_BUFFER Data;
+ UINT16 Offset;
} TPM2_NV_WRITE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_WRITE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_NV_AUTH AuthHandle;
- TPMI_RH_NV_INDEX NvIndex;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_NV_AUTH AuthHandle;
+ TPMI_RH_NV_INDEX NvIndex;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_NV_READLOCK_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_READLOCK_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_NV_AUTH AuthHandle;
- TPMI_RH_NV_INDEX NvIndex;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_NV_AUTH AuthHandle;
+ TPMI_RH_NV_INDEX NvIndex;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_NV_WRITELOCK_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_WRITELOCK_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_RH_PROVISION AuthHandle;
- UINT32 AuthSessionSize;
- TPMS_AUTH_COMMAND AuthSession;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_RH_PROVISION AuthHandle;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_COMMAND AuthSession;
} TPM2_NV_GLOBALWRITELOCK_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 AuthSessionSize;
- TPMS_AUTH_RESPONSE AuthSession;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 AuthSessionSize;
+ TPMS_AUTH_RESPONSE AuthSession;
} TPM2_NV_GLOBALWRITELOCK_RESPONSE;
#pragma pack()
@@ -164,37 +164,37 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2NvReadPublic (
- IN TPMI_RH_NV_INDEX NvIndex,
- OUT TPM2B_NV_PUBLIC *NvPublic,
- OUT TPM2B_NAME *NvName
+ IN TPMI_RH_NV_INDEX NvIndex,
+ OUT TPM2B_NV_PUBLIC *NvPublic,
+ OUT TPM2B_NAME *NvName
)
{
- EFI_STATUS Status;
- TPM2_NV_READPUBLIC_COMMAND SendBuffer;
- TPM2_NV_READPUBLIC_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT16 NvPublicSize;
- UINT16 NvNameSize;
- UINT8 *Buffer;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_READPUBLIC_COMMAND SendBuffer;
+ TPM2_NV_READPUBLIC_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT16 NvPublicSize;
+ UINT16 NvNameSize;
+ UINT8 *Buffer;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadPublic);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_ReadPublic);
SendBuffer.NvIndex = SwapBytes32 (NvIndex);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -203,23 +203,25 @@ Tpm2NvReadPublic ( DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_HANDLE + RC_NV_ReadPublic_nvIndex: // TPM_RC_NV_DEFINED:
- return EFI_NOT_FOUND;
- case TPM_RC_VALUE + RC_NV_ReadPublic_nvIndex:
- return EFI_INVALID_PARAMETER;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_HANDLE + RC_NV_ReadPublic_nvIndex: // TPM_RC_NV_DEFINED:
+ return EFI_NOT_FOUND;
+ case TPM_RC_VALUE + RC_NV_ReadPublic_nvIndex:
+ return EFI_INVALID_PARAMETER;
+ default:
+ return EFI_DEVICE_ERROR;
}
- if (RecvBufferSize <= sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + sizeof(UINT16)) {
+ if (RecvBufferSize <= sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + sizeof (UINT16)) {
DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_NOT_FOUND;
}
@@ -228,18 +230,18 @@ Tpm2NvReadPublic ( // Basic check
//
NvPublicSize = SwapBytes16 (RecvBuffer.NvPublic.size);
- if (NvPublicSize > sizeof(TPMS_NV_PUBLIC)) {
+ if (NvPublicSize > sizeof (TPMS_NV_PUBLIC)) {
DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - NvPublic.size error %x\n", NvPublicSize));
return EFI_DEVICE_ERROR;
}
- NvNameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize)));
- if (NvNameSize > sizeof(TPMU_NAME)){
+ NvNameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + NvPublicSize)));
+ if (NvNameSize > sizeof (TPMU_NAME)) {
DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - NvNameSize error %x\n", NvNameSize));
return EFI_DEVICE_ERROR;
}
- if (RecvBufferSize != sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16) + NvNameSize) {
+ if (RecvBufferSize != sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + NvPublicSize + sizeof (UINT16) + NvNameSize) {
DEBUG ((DEBUG_ERROR, "Tpm2NvReadPublic - RecvBufferSize Error - NvPublicSize %x\n", RecvBufferSize));
return EFI_NOT_FOUND;
}
@@ -247,17 +249,17 @@ Tpm2NvReadPublic ( //
// Return the response
//
- CopyMem (NvPublic, &RecvBuffer.NvPublic, sizeof(UINT16) + NvPublicSize);
- NvPublic->size = NvPublicSize;
+ CopyMem (NvPublic, &RecvBuffer.NvPublic, sizeof (UINT16) + NvPublicSize);
+ NvPublic->size = NvPublicSize;
NvPublic->nvPublic.nvIndex = SwapBytes32 (NvPublic->nvPublic.nvIndex);
NvPublic->nvPublic.nameAlg = SwapBytes16 (NvPublic->nvPublic.nameAlg);
WriteUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));
NvPublic->nvPublic.authPolicy.size = SwapBytes16 (NvPublic->nvPublic.authPolicy.size);
- Buffer = (UINT8 *)&RecvBuffer.NvPublic.nvPublic.authPolicy;
- Buffer += sizeof(UINT16) + NvPublic->nvPublic.authPolicy.size;
- NvPublic->nvPublic.dataSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer = (UINT8 *)&RecvBuffer.NvPublic.nvPublic.authPolicy;
+ Buffer += sizeof (UINT16) + NvPublic->nvPublic.authPolicy.size;
+ NvPublic->nvPublic.dataSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- CopyMem (NvName->name, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + NvPublicSize + sizeof(UINT16), NvNameSize);
+ CopyMem (NvName->name, (UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + NvPublicSize + sizeof (UINT16), NvNameSize);
NvName->size = NvNameSize;
return EFI_SUCCESS;
@@ -280,28 +282,28 @@ Tpm2NvReadPublic ( EFI_STATUS
EFIAPI
Tpm2NvDefineSpace (
- IN TPMI_RH_PROVISION AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
- IN TPM2B_AUTH *Auth,
- IN TPM2B_NV_PUBLIC *NvPublic
+ IN TPMI_RH_PROVISION AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
+ IN TPM2B_AUTH *Auth,
+ IN TPM2B_NV_PUBLIC *NvPublic
)
{
- EFI_STATUS Status;
- TPM2_NV_DEFINESPACE_COMMAND SendBuffer;
- TPM2_NV_DEFINESPACE_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT16 NvPublicSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_DEFINESPACE_COMMAND SendBuffer;
+ TPM2_NV_DEFINESPACE_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT16 NvPublicSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_DefineSpace);
- SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_DefineSpace);
+ SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
//
// Add in Auth session
@@ -309,16 +311,16 @@ Tpm2NvDefineSpace ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
//
// IndexAuth
//
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(Auth->size));
- Buffer += sizeof(UINT16);
- CopyMem(Buffer, Auth->buffer, Auth->size);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Auth->size));
+ Buffer += sizeof (UINT16);
+ CopyMem (Buffer, Auth->buffer, Auth->size);
Buffer += Auth->size;
//
@@ -327,28 +329,28 @@ Tpm2NvDefineSpace ( NvPublicSize = NvPublic->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublicSize));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (NvPublic->nvPublic.nvIndex));
- Buffer += sizeof(UINT32);
+ Buffer += sizeof (UINT32);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.nameAlg));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
WriteUnaligned32 ((UINT32 *)Buffer, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&NvPublic->nvPublic.attributes)));
- Buffer += sizeof(UINT32);
+ Buffer += sizeof (UINT32);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.authPolicy.size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, NvPublic->nvPublic.authPolicy.buffer, NvPublic->nvPublic.authPolicy.size);
Buffer += NvPublic->nvPublic.authPolicy.size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NvPublic->nvPublic.dataSize));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -359,46 +361,47 @@ Tpm2NvDefineSpace ( goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvDefineSpace - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvDefineSpace - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
- case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
- Status = EFI_BAD_BUFFER_SIZE;
- break;
- case TPM_RC_ATTRIBUTES:
- case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
- Status = EFI_UNSUPPORTED;
- break;
- case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_NV_DEFINED:
- Status = EFI_ALREADY_STARTED;
- break;
- case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
- case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_NV_SPACE:
- Status = EFI_OUT_OF_RESOURCES;
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_SIZE + RC_NV_DefineSpace_publicInfo:
+ case TPM_RC_SIZE + RC_NV_DefineSpace_auth:
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
+ case TPM_RC_ATTRIBUTES:
+ case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_publicInfo:
+ Status = EFI_UNSUPPORTED;
+ break;
+ case TPM_RC_ATTRIBUTES + RC_NV_DefineSpace_authHandle:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_NV_DEFINED:
+ Status = EFI_ALREADY_STARTED;
+ break;
+ case TPM_RC_VALUE + RC_NV_DefineSpace_publicInfo:
+ case TPM_RC_VALUE + RC_NV_DefineSpace_authHandle:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_NV_SPACE:
+ Status = EFI_OUT_OF_RESOURCES;
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -416,28 +419,28 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvUndefineSpace (
- IN TPMI_RH_PROVISION AuthHandle,
- IN TPMI_RH_NV_INDEX NvIndex,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
+ IN TPMI_RH_PROVISION AuthHandle,
+ IN TPMI_RH_NV_INDEX NvIndex,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
)
{
- EFI_STATUS Status;
- TPM2_NV_UNDEFINESPACE_COMMAND SendBuffer;
- TPM2_NV_UNDEFINESPACE_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_UNDEFINESPACE_COMMAND SendBuffer;
+ TPM2_NV_UNDEFINESPACE_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_UndefineSpace);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_UndefineSpace);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.NvIndex = SwapBytes32 (NvIndex);
+ SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
@@ -445,18 +448,18 @@ Tpm2NvUndefineSpace ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -467,42 +470,43 @@ Tpm2NvUndefineSpace ( goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvUndefineSpace - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvUndefineSpace - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_ATTRIBUTES:
- case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:
- Status = EFI_UNSUPPORTED;
- break;
- case TPM_RC_NV_AUTHORIZATION:
- Status = EFI_SECURITY_VIOLATION;
- break;
- case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:
- Status = EFI_NOT_FOUND;
- break;
- case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:
- case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:
- Status = EFI_INVALID_PARAMETER;
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_ATTRIBUTES:
+ case TPM_RC_ATTRIBUTES + RC_NV_UndefineSpace_nvIndex:
+ Status = EFI_UNSUPPORTED;
+ break;
+ case TPM_RC_NV_AUTHORIZATION:
+ Status = EFI_SECURITY_VIOLATION;
+ break;
+ case TPM_RC_HANDLE + RC_NV_UndefineSpace_nvIndex: // TPM_RC_NV_DEFINED:
+ Status = EFI_NOT_FOUND;
+ break;
+ case TPM_RC_HANDLE + RC_NV_UndefineSpace_authHandle: // TPM_RC_NV_DEFINED:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_VALUE + RC_NV_UndefineSpace_authHandle:
+ case TPM_RC_VALUE + RC_NV_UndefineSpace_nvIndex:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -523,31 +527,31 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvRead (
- IN TPMI_RH_NV_AUTH AuthHandle,
- IN TPMI_RH_NV_INDEX NvIndex,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
- IN UINT16 Size,
- IN UINT16 Offset,
- IN OUT TPM2B_MAX_BUFFER *OutData
+ IN TPMI_RH_NV_AUTH AuthHandle,
+ IN TPMI_RH_NV_INDEX NvIndex,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
+ IN UINT16 Size,
+ IN UINT16 Offset,
+ IN OUT TPM2B_MAX_BUFFER *OutData
)
{
- EFI_STATUS Status;
- TPM2_NV_READ_COMMAND SendBuffer;
- TPM2_NV_READ_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_READ_COMMAND SendBuffer;
+ TPM2_NV_READ_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_Read);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_Read);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.NvIndex = SwapBytes32 (NvIndex);
+ SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
@@ -555,23 +559,23 @@ Tpm2NvRead ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Offset));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -581,52 +585,55 @@ Tpm2NvRead ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
DEBUG ((DEBUG_ERROR, "Tpm2NvRead - responseCode - %x\n", ResponseCode));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_NV_AUTHORIZATION:
- Status = EFI_SECURITY_VIOLATION;
- break;
- case TPM_RC_NV_LOCKED:
- Status = EFI_ACCESS_DENIED;
- break;
- case TPM_RC_NV_RANGE:
- Status = EFI_BAD_BUFFER_SIZE;
- break;
- case TPM_RC_NV_UNINITIALIZED:
- Status = EFI_NOT_READY;
- break;
- case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:
- Status = EFI_NOT_FOUND;
- break;
- case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_VALUE + RC_NV_Read_nvIndex:
- case TPM_RC_VALUE + RC_NV_Read_authHandle:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_AUTH_UNAVAILABLE:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
- Status = EFI_UNSUPPORTED;
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_NV_AUTHORIZATION:
+ Status = EFI_SECURITY_VIOLATION;
+ break;
+ case TPM_RC_NV_LOCKED:
+ Status = EFI_ACCESS_DENIED;
+ break;
+ case TPM_RC_NV_RANGE:
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
+ case TPM_RC_NV_UNINITIALIZED:
+ Status = EFI_NOT_READY;
+ break;
+ case TPM_RC_HANDLE + RC_NV_Read_nvIndex: // TPM_RC_NV_DEFINED:
+ Status = EFI_NOT_FOUND;
+ break;
+ case TPM_RC_HANDLE + RC_NV_Read_authHandle: // TPM_RC_NV_DEFINED:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_VALUE + RC_NV_Read_nvIndex:
+ case TPM_RC_VALUE + RC_NV_Read_authHandle:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_BAD_AUTH + RC_NV_Read_authHandle + TPM_RC_S:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_AUTH_UNAVAILABLE:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_AUTH_FAIL + RC_NV_Read_authHandle + TPM_RC_S:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_ATTRIBUTES + RC_NV_Read_authHandle + TPM_RC_S:
+ Status = EFI_UNSUPPORTED;
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
+
if (Status != EFI_SUCCESS) {
goto Done;
}
@@ -647,8 +654,8 @@ Done: //
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -668,30 +675,30 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvWrite (
- IN TPMI_RH_NV_AUTH AuthHandle,
- IN TPMI_RH_NV_INDEX NvIndex,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
- IN TPM2B_MAX_BUFFER *InData,
- IN UINT16 Offset
+ IN TPMI_RH_NV_AUTH AuthHandle,
+ IN TPMI_RH_NV_INDEX NvIndex,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL,
+ IN TPM2B_MAX_BUFFER *InData,
+ IN UINT16 Offset
)
{
- EFI_STATUS Status;
- TPM2_NV_WRITE_COMMAND SendBuffer;
- TPM2_NV_WRITE_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_WRITE_COMMAND SendBuffer;
+ TPM2_NV_WRITE_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_Write);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_Write);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.NvIndex = SwapBytes32 (NvIndex);
+ SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
@@ -699,25 +706,25 @@ Tpm2NvWrite ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (InData->size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, InData->buffer, InData->size);
Buffer += InData->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Offset));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
- SendBufferSize = (UINT32) (Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -727,59 +734,61 @@ Tpm2NvWrite ( Status = EFI_DEVICE_ERROR;
goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
DEBUG ((DEBUG_ERROR, "Tpm2NvWrite - responseCode - %x\n", ResponseCode));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_ATTRIBUTES:
- Status = EFI_UNSUPPORTED;
- break;
- case TPM_RC_NV_AUTHORIZATION:
- Status = EFI_SECURITY_VIOLATION;
- break;
- case TPM_RC_NV_LOCKED:
- Status = EFI_ACCESS_DENIED;
- break;
- case TPM_RC_NV_RANGE:
- Status = EFI_BAD_BUFFER_SIZE;
- break;
- case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:
- Status = EFI_NOT_FOUND;
- break;
- case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_VALUE + RC_NV_Write_nvIndex:
- case TPM_RC_VALUE + RC_NV_Write_authHandle:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_AUTH_UNAVAILABLE:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:
- Status = EFI_INVALID_PARAMETER;
- break;
- case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
- Status = EFI_UNSUPPORTED;
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_ATTRIBUTES:
+ Status = EFI_UNSUPPORTED;
+ break;
+ case TPM_RC_NV_AUTHORIZATION:
+ Status = EFI_SECURITY_VIOLATION;
+ break;
+ case TPM_RC_NV_LOCKED:
+ Status = EFI_ACCESS_DENIED;
+ break;
+ case TPM_RC_NV_RANGE:
+ Status = EFI_BAD_BUFFER_SIZE;
+ break;
+ case TPM_RC_HANDLE + RC_NV_Write_nvIndex: // TPM_RC_NV_DEFINED:
+ Status = EFI_NOT_FOUND;
+ break;
+ case TPM_RC_HANDLE + RC_NV_Write_authHandle: // TPM_RC_NV_DEFINED:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_VALUE + RC_NV_Write_nvIndex:
+ case TPM_RC_VALUE + RC_NV_Write_authHandle:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_BAD_AUTH + RC_NV_Write_authHandle + TPM_RC_S:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_AUTH_UNAVAILABLE:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_AUTH_FAIL + RC_NV_Write_authHandle + TPM_RC_S:
+ Status = EFI_INVALID_PARAMETER;
+ break;
+ case TPM_RC_ATTRIBUTES + RC_NV_Write_authHandle + TPM_RC_S:
+ Status = EFI_UNSUPPORTED;
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -797,28 +806,28 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvReadLock (
- IN TPMI_RH_NV_AUTH AuthHandle,
- IN TPMI_RH_NV_INDEX NvIndex,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
+ IN TPMI_RH_NV_AUTH AuthHandle,
+ IN TPMI_RH_NV_INDEX NvIndex,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
)
{
- EFI_STATUS Status;
- TPM2_NV_READLOCK_COMMAND SendBuffer;
- TPM2_NV_READLOCK_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_READLOCK_COMMAND SendBuffer;
+ TPM2_NV_READLOCK_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_ReadLock);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_ReadLock);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.NvIndex = SwapBytes32 (NvIndex);
+ SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
@@ -826,18 +835,18 @@ Tpm2NvReadLock ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -848,25 +857,26 @@ Tpm2NvReadLock ( goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvReadLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvReadLock - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -884,28 +894,28 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvWriteLock (
- IN TPMI_RH_NV_AUTH AuthHandle,
- IN TPMI_RH_NV_INDEX NvIndex,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
+ IN TPMI_RH_NV_AUTH AuthHandle,
+ IN TPMI_RH_NV_INDEX NvIndex,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
)
{
- EFI_STATUS Status;
- TPM2_NV_WRITELOCK_COMMAND SendBuffer;
- TPM2_NV_WRITELOCK_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- UINT8 *Buffer;
- UINT32 SessionInfoSize;
- TPM_RC ResponseCode;
+ EFI_STATUS Status;
+ TPM2_NV_WRITELOCK_COMMAND SendBuffer;
+ TPM2_NV_WRITELOCK_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ UINT8 *Buffer;
+ UINT32 SessionInfoSize;
+ TPM_RC ResponseCode;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_WriteLock);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_WriteLock);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
- SendBuffer.NvIndex = SwapBytes32 (NvIndex);
+ SendBuffer.NvIndex = SwapBytes32 (NvIndex);
//
// Add in Auth session
@@ -913,18 +923,18 @@ Tpm2NvWriteLock ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -935,25 +945,26 @@ Tpm2NvWriteLock ( goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvWriteLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvWriteLock - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
@@ -970,8 +981,8 @@ Done: EFI_STATUS
EFIAPI
Tpm2NvGlobalWriteLock (
- IN TPMI_RH_PROVISION AuthHandle,
- IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
+ IN TPMI_RH_PROVISION AuthHandle,
+ IN TPMS_AUTH_COMMAND *AuthSession OPTIONAL
)
{
EFI_STATUS Status;
@@ -986,8 +997,8 @@ Tpm2NvGlobalWriteLock ( //
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_GlobalWriteLock);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_NV_GlobalWriteLock);
SendBuffer.AuthHandle = SwapBytes32 (AuthHandle);
@@ -997,18 +1008,18 @@ Tpm2NvGlobalWriteLock ( Buffer = (UINT8 *)&SendBuffer.AuthSession;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
- Buffer += SessionInfoSize;
- SendBuffer.AuthSessionSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (AuthSession, Buffer);
+ Buffer += SessionInfoSize;
+ SendBuffer.AuthSessionSize = SwapBytes32 (SessionInfoSize);
- SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
+ SendBufferSize = (UINT32)(Buffer - (UINT8 *)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
goto Done;
}
@@ -1019,24 +1030,25 @@ Tpm2NvGlobalWriteLock ( goto Done;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2NvGlobalWriteLock - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2NvGlobalWriteLock - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- default:
- Status = EFI_DEVICE_ERROR;
- break;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ default:
+ Status = EFI_DEVICE_ERROR;
+ break;
}
Done:
//
// Clear AuthSession Content
//
- ZeroMem (&SendBuffer, sizeof(SendBuffer));
- ZeroMem (&RecvBuffer, sizeof(RecvBuffer));
+ ZeroMem (&SendBuffer, sizeof (SendBuffer));
+ ZeroMem (&RecvBuffer, sizeof (RecvBuffer));
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Object.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Object.c index f5301f04d8..335957d6ce 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Object.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Object.c @@ -16,15 +16,15 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_OBJECT ObjectHandle;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_OBJECT ObjectHandle;
} TPM2_READ_PUBLIC_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPM2B_PUBLIC OutPublic;
- TPM2B_NAME Name;
- TPM2B_NAME QualifiedName;
+ TPM2_RESPONSE_HEADER Header;
+ TPM2B_PUBLIC OutPublic;
+ TPM2B_NAME Name;
+ TPM2B_NAME QualifiedName;
} TPM2_READ_PUBLIC_RESPONSE;
#pragma pack()
@@ -43,39 +43,39 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2ReadPublic (
- IN TPMI_DH_OBJECT ObjectHandle,
- OUT TPM2B_PUBLIC *OutPublic,
- OUT TPM2B_NAME *Name,
- OUT TPM2B_NAME *QualifiedName
+ IN TPMI_DH_OBJECT ObjectHandle,
+ OUT TPM2B_PUBLIC *OutPublic,
+ OUT TPM2B_NAME *Name,
+ OUT TPM2B_NAME *QualifiedName
)
{
- EFI_STATUS Status;
- TPM2_READ_PUBLIC_COMMAND SendBuffer;
- TPM2_READ_PUBLIC_RESPONSE RecvBuffer;
- UINT32 SendBufferSize;
- UINT32 RecvBufferSize;
- TPM_RC ResponseCode;
- UINT8 *Buffer;
- UINT16 OutPublicSize;
- UINT16 NameSize;
- UINT16 QualifiedNameSize;
+ EFI_STATUS Status;
+ TPM2_READ_PUBLIC_COMMAND SendBuffer;
+ TPM2_READ_PUBLIC_RESPONSE RecvBuffer;
+ UINT32 SendBufferSize;
+ UINT32 RecvBufferSize;
+ TPM_RC ResponseCode;
+ UINT8 *Buffer;
+ UINT16 OutPublicSize;
+ UINT16 NameSize;
+ UINT16 QualifiedNameSize;
//
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_ReadPublic);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_ReadPublic);
SendBuffer.ObjectHandle = SwapBytes32 (ObjectHandle);
- SendBufferSize = (UINT32) sizeof (SendBuffer);
+ SendBufferSize = (UINT32)sizeof (SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -84,46 +84,56 @@ Tpm2ReadPublic ( DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- ResponseCode = SwapBytes32(RecvBuffer.Header.responseCode);
+
+ ResponseCode = SwapBytes32 (RecvBuffer.Header.responseCode);
if (ResponseCode != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
}
+
switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- // return data
- break;
- case TPM_RC_SEQUENCE:
- // objectHandle references a sequence object
- return EFI_INVALID_PARAMETER;
- default:
- return EFI_DEVICE_ERROR;
+ case TPM_RC_SUCCESS:
+ // return data
+ break;
+ case TPM_RC_SEQUENCE:
+ // objectHandle references a sequence object
+ return EFI_INVALID_PARAMETER;
+ default:
+ return EFI_DEVICE_ERROR;
}
//
// Basic check
//
OutPublicSize = SwapBytes16 (RecvBuffer.OutPublic.size);
- if (OutPublicSize > sizeof(TPMT_PUBLIC)) {
+ if (OutPublicSize > sizeof (TPMT_PUBLIC)) {
DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - OutPublicSize error %x\n", OutPublicSize));
return EFI_DEVICE_ERROR;
}
- NameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) +
- sizeof(UINT16) + OutPublicSize)));
- if (NameSize > sizeof(TPMU_NAME)) {
+ NameSize = SwapBytes16 (
+ ReadUnaligned16 (
+ (UINT16 *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) +
+ sizeof (UINT16) + OutPublicSize)
+ )
+ );
+ if (NameSize > sizeof (TPMU_NAME)) {
DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - NameSize error %x\n", NameSize));
return EFI_DEVICE_ERROR;
}
- QualifiedNameSize = SwapBytes16 (ReadUnaligned16 ((UINT16 *)((UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) +
- sizeof(UINT16) + OutPublicSize +
- sizeof(UINT16) + NameSize)));
- if (QualifiedNameSize > sizeof(TPMU_NAME)) {
+ QualifiedNameSize = SwapBytes16 (
+ ReadUnaligned16 (
+ (UINT16 *)((UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) +
+ sizeof (UINT16) + OutPublicSize +
+ sizeof (UINT16) + NameSize)
+ )
+ );
+ if (QualifiedNameSize > sizeof (TPMU_NAME)) {
DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - QualifiedNameSize error %x\n", QualifiedNameSize));
return EFI_DEVICE_ERROR;
}
- if (RecvBufferSize != sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + OutPublicSize + sizeof(UINT16) + NameSize + sizeof(UINT16) + QualifiedNameSize) {
+ if (RecvBufferSize != sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + OutPublicSize + sizeof (UINT16) + NameSize + sizeof (UINT16) + QualifiedNameSize) {
DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - RecvBufferSize %x Error - OutPublicSize %x, NameSize %x, QualifiedNameSize %x\n", RecvBufferSize, OutPublicSize, NameSize, QualifiedNameSize));
return EFI_DEVICE_ERROR;
}
@@ -132,15 +142,15 @@ Tpm2ReadPublic ( // Return the response
//
Buffer = (UINT8 *)&RecvBuffer.OutPublic;
- CopyMem (OutPublic, &RecvBuffer.OutPublic, sizeof(UINT16) + OutPublicSize);
- OutPublic->size = OutPublicSize;
- OutPublic->publicArea.type = SwapBytes16 (OutPublic->publicArea.type);
+ CopyMem (OutPublic, &RecvBuffer.OutPublic, sizeof (UINT16) + OutPublicSize);
+ OutPublic->size = OutPublicSize;
+ OutPublic->publicArea.type = SwapBytes16 (OutPublic->publicArea.type);
OutPublic->publicArea.nameAlg = SwapBytes16 (OutPublic->publicArea.nameAlg);
WriteUnaligned32 ((UINT32 *)&OutPublic->publicArea.objectAttributes, SwapBytes32 (ReadUnaligned32 ((UINT32 *)&OutPublic->publicArea.objectAttributes)));
- Buffer = (UINT8 *)&RecvBuffer.OutPublic.publicArea.authPolicy;
+ Buffer = (UINT8 *)&RecvBuffer.OutPublic.publicArea.authPolicy;
OutPublic->publicArea.authPolicy.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (OutPublic->publicArea.authPolicy.size > sizeof(TPMU_HA)) {
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.authPolicy.size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - authPolicy.size error %x\n", OutPublic->publicArea.authPolicy.size));
return EFI_DEVICE_ERROR;
}
@@ -150,229 +160,241 @@ Tpm2ReadPublic ( // TPMU_PUBLIC_PARMS
switch (OutPublic->publicArea.type) {
- case TPM_ALG_KEYEDHASH:
- OutPublic->publicArea.parameters.keyedHashDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.keyedHashDetail.scheme.scheme) {
- case TPM_ALG_HMAC:
- OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.hmac.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_XOR:
- OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.xor.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.xor.kdf = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- default:
- return EFI_UNSUPPORTED;
- }
- case TPM_ALG_SYMCIPHER:
- OutPublic->publicArea.parameters.symDetail.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.symDetail.algorithm) {
- case TPM_ALG_AES:
- OutPublic->publicArea.parameters.symDetail.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.symDetail.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- OutPublic->publicArea.parameters.symDetail.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.symDetail.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_XOR:
- OutPublic->publicArea.parameters.symDetail.keyBits.xor = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_UNSUPPORTED;
- }
- break;
- case TPM_ALG_RSA:
- OutPublic->publicArea.parameters.rsaDetail.symmetric.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.rsaDetail.symmetric.algorithm) {
- case TPM_ALG_AES:
- OutPublic->publicArea.parameters.rsaDetail.symmetric.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.rsaDetail.symmetric.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- OutPublic->publicArea.parameters.rsaDetail.symmetric.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.rsaDetail.symmetric.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_UNSUPPORTED;
- }
- OutPublic->publicArea.parameters.rsaDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.rsaDetail.scheme.scheme) {
- case TPM_ALG_RSASSA:
- OutPublic->publicArea.parameters.rsaDetail.scheme.details.rsassa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_RSAPSS:
- OutPublic->publicArea.parameters.rsaDetail.scheme.details.rsapss.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_RSAES:
- break;
- case TPM_ALG_OAEP:
- OutPublic->publicArea.parameters.rsaDetail.scheme.details.oaep.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_UNSUPPORTED;
- }
- OutPublic->publicArea.parameters.rsaDetail.keyBits = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.rsaDetail.exponent = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT32);
- break;
- case TPM_ALG_ECC:
- OutPublic->publicArea.parameters.eccDetail.symmetric.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.eccDetail.symmetric.algorithm) {
- case TPM_ALG_AES:
- OutPublic->publicArea.parameters.eccDetail.symmetric.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.eccDetail.symmetric.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- OutPublic->publicArea.parameters.eccDetail.symmetric.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.eccDetail.symmetric.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_NULL:
- break;
- default:
- return EFI_UNSUPPORTED;
- }
- OutPublic->publicArea.parameters.eccDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.eccDetail.scheme.scheme) {
- case TPM_ALG_ECDSA:
- OutPublic->publicArea.parameters.eccDetail.scheme.details.ecdsa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_ECDAA:
- OutPublic->publicArea.parameters.eccDetail.scheme.details.ecdaa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_ECSCHNORR:
- OutPublic->publicArea.parameters.eccDetail.scheme.details.ecSchnorr.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
+ case TPM_ALG_KEYEDHASH:
+ OutPublic->publicArea.parameters.keyedHashDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.keyedHashDetail.scheme.scheme) {
+ case TPM_ALG_HMAC:
+ OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.hmac.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_XOR:
+ OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.xor.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.keyedHashDetail.scheme.details.xor.kdf = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
+ case TPM_ALG_SYMCIPHER:
+ OutPublic->publicArea.parameters.symDetail.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.symDetail.algorithm) {
+ case TPM_ALG_AES:
+ OutPublic->publicArea.parameters.symDetail.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.symDetail.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ OutPublic->publicArea.parameters.symDetail.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.symDetail.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_XOR:
+ OutPublic->publicArea.parameters.symDetail.keyBits.xor = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
break;
- case TPM_ALG_ECDH:
+ case TPM_ALG_RSA:
+ OutPublic->publicArea.parameters.rsaDetail.symmetric.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.rsaDetail.symmetric.algorithm) {
+ case TPM_ALG_AES:
+ OutPublic->publicArea.parameters.rsaDetail.symmetric.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.rsaDetail.symmetric.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ OutPublic->publicArea.parameters.rsaDetail.symmetric.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.rsaDetail.symmetric.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
+ OutPublic->publicArea.parameters.rsaDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.rsaDetail.scheme.scheme) {
+ case TPM_ALG_RSASSA:
+ OutPublic->publicArea.parameters.rsaDetail.scheme.details.rsassa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_RSAPSS:
+ OutPublic->publicArea.parameters.rsaDetail.scheme.details.rsapss.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_RSAES:
+ break;
+ case TPM_ALG_OAEP:
+ OutPublic->publicArea.parameters.rsaDetail.scheme.details.oaep.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
+ OutPublic->publicArea.parameters.rsaDetail.keyBits = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.rsaDetail.exponent = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT32);
break;
- case TPM_ALG_NULL:
+ case TPM_ALG_ECC:
+ OutPublic->publicArea.parameters.eccDetail.symmetric.algorithm = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.eccDetail.symmetric.algorithm) {
+ case TPM_ALG_AES:
+ OutPublic->publicArea.parameters.eccDetail.symmetric.keyBits.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.eccDetail.symmetric.mode.aes = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ OutPublic->publicArea.parameters.eccDetail.symmetric.keyBits.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.eccDetail.symmetric.mode.SM4 = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
+ OutPublic->publicArea.parameters.eccDetail.scheme.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.eccDetail.scheme.scheme) {
+ case TPM_ALG_ECDSA:
+ OutPublic->publicArea.parameters.eccDetail.scheme.details.ecdsa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECDAA:
+ OutPublic->publicArea.parameters.eccDetail.scheme.details.ecdaa.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECSCHNORR:
+ OutPublic->publicArea.parameters.eccDetail.scheme.details.ecSchnorr.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_ECDH:
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
+ OutPublic->publicArea.parameters.eccDetail.curveID = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ OutPublic->publicArea.parameters.eccDetail.kdf.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ switch (OutPublic->publicArea.parameters.eccDetail.kdf.scheme) {
+ case TPM_ALG_MGF1:
+ OutPublic->publicArea.parameters.eccDetail.kdf.details.mgf1.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF1_SP800_108:
+ OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf1_sp800_108.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF1_SP800_56a:
+ OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf1_SP800_56a.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_KDF2:
+ OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf2.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_NULL:
+ break;
+ default:
+ return EFI_UNSUPPORTED;
+ }
+
break;
default:
return EFI_UNSUPPORTED;
- }
- OutPublic->publicArea.parameters.eccDetail.curveID = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- OutPublic->publicArea.parameters.eccDetail.kdf.scheme = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- switch (OutPublic->publicArea.parameters.eccDetail.kdf.scheme) {
- case TPM_ALG_MGF1:
- OutPublic->publicArea.parameters.eccDetail.kdf.details.mgf1.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_KDF1_SP800_108:
- OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf1_sp800_108.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
+ }
+
+ // TPMU_PUBLIC_ID
+ switch (OutPublic->publicArea.type) {
+ case TPM_ALG_KEYEDHASH:
+ OutPublic->publicArea.unique.keyedHash.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.unique.keyedHash.size > sizeof (TPMU_HA)) {
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - keyedHash.size error %x\n", OutPublic->publicArea.unique.keyedHash.size));
+ return EFI_DEVICE_ERROR;
+ }
+
+ CopyMem (OutPublic->publicArea.unique.keyedHash.buffer, Buffer, OutPublic->publicArea.unique.keyedHash.size);
+ Buffer += OutPublic->publicArea.unique.keyedHash.size;
break;
- case TPM_ALG_KDF1_SP800_56a:
- OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf1_SP800_56a.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
+ case TPM_ALG_SYMCIPHER:
+ OutPublic->publicArea.unique.sym.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.unique.sym.size > sizeof (TPMU_HA)) {
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - sym.size error %x\n", OutPublic->publicArea.unique.sym.size));
+ return EFI_DEVICE_ERROR;
+ }
+
+ CopyMem (OutPublic->publicArea.unique.sym.buffer, Buffer, OutPublic->publicArea.unique.sym.size);
+ Buffer += OutPublic->publicArea.unique.sym.size;
break;
- case TPM_ALG_KDF2:
- OutPublic->publicArea.parameters.eccDetail.kdf.details.kdf2.hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
+ case TPM_ALG_RSA:
+ OutPublic->publicArea.unique.rsa.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.unique.rsa.size > MAX_RSA_KEY_BYTES) {
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - rsa.size error %x\n", OutPublic->publicArea.unique.rsa.size));
+ return EFI_DEVICE_ERROR;
+ }
+
+ CopyMem (OutPublic->publicArea.unique.rsa.buffer, Buffer, OutPublic->publicArea.unique.rsa.size);
+ Buffer += OutPublic->publicArea.unique.rsa.size;
break;
- case TPM_ALG_NULL:
+ case TPM_ALG_ECC:
+ OutPublic->publicArea.unique.ecc.x.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.unique.ecc.x.size > MAX_ECC_KEY_BYTES) {
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - ecc.x.size error %x\n", OutPublic->publicArea.unique.ecc.x.size));
+ return EFI_DEVICE_ERROR;
+ }
+
+ CopyMem (OutPublic->publicArea.unique.ecc.x.buffer, Buffer, OutPublic->publicArea.unique.ecc.x.size);
+ Buffer += OutPublic->publicArea.unique.ecc.x.size;
+ OutPublic->publicArea.unique.ecc.y.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
+ Buffer += sizeof (UINT16);
+ if (OutPublic->publicArea.unique.ecc.y.size > MAX_ECC_KEY_BYTES) {
+ DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - ecc.y.size error %x\n", OutPublic->publicArea.unique.ecc.y.size));
+ return EFI_DEVICE_ERROR;
+ }
+
+ CopyMem (OutPublic->publicArea.unique.ecc.y.buffer, Buffer, OutPublic->publicArea.unique.ecc.y.size);
+ Buffer += OutPublic->publicArea.unique.ecc.y.size;
break;
default:
return EFI_UNSUPPORTED;
- }
- break;
- default:
- return EFI_UNSUPPORTED;
- }
-
- // TPMU_PUBLIC_ID
- switch (OutPublic->publicArea.type) {
- case TPM_ALG_KEYEDHASH:
- OutPublic->publicArea.unique.keyedHash.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if(OutPublic->publicArea.unique.keyedHash.size > sizeof(TPMU_HA)) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - keyedHash.size error %x\n", OutPublic->publicArea.unique.keyedHash.size));
- return EFI_DEVICE_ERROR;
- }
- CopyMem (OutPublic->publicArea.unique.keyedHash.buffer, Buffer, OutPublic->publicArea.unique.keyedHash.size);
- Buffer += OutPublic->publicArea.unique.keyedHash.size;
- break;
- case TPM_ALG_SYMCIPHER:
- OutPublic->publicArea.unique.sym.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if(OutPublic->publicArea.unique.sym.size > sizeof(TPMU_HA)) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - sym.size error %x\n", OutPublic->publicArea.unique.sym.size));
- return EFI_DEVICE_ERROR;
- }
- CopyMem (OutPublic->publicArea.unique.sym.buffer, Buffer, OutPublic->publicArea.unique.sym.size);
- Buffer += OutPublic->publicArea.unique.sym.size;
- break;
- case TPM_ALG_RSA:
- OutPublic->publicArea.unique.rsa.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if(OutPublic->publicArea.unique.rsa.size > MAX_RSA_KEY_BYTES) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - rsa.size error %x\n", OutPublic->publicArea.unique.rsa.size));
- return EFI_DEVICE_ERROR;
- }
- CopyMem (OutPublic->publicArea.unique.rsa.buffer, Buffer, OutPublic->publicArea.unique.rsa.size);
- Buffer += OutPublic->publicArea.unique.rsa.size;
- break;
- case TPM_ALG_ECC:
- OutPublic->publicArea.unique.ecc.x.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (OutPublic->publicArea.unique.ecc.x.size > MAX_ECC_KEY_BYTES) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - ecc.x.size error %x\n", OutPublic->publicArea.unique.ecc.x.size));
- return EFI_DEVICE_ERROR;
- }
- CopyMem (OutPublic->publicArea.unique.ecc.x.buffer, Buffer, OutPublic->publicArea.unique.ecc.x.size);
- Buffer += OutPublic->publicArea.unique.ecc.x.size;
- OutPublic->publicArea.unique.ecc.y.size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)Buffer));
- Buffer += sizeof(UINT16);
- if (OutPublic->publicArea.unique.ecc.y.size > MAX_ECC_KEY_BYTES) {
- DEBUG ((DEBUG_ERROR, "Tpm2ReadPublic - ecc.y.size error %x\n", OutPublic->publicArea.unique.ecc.y.size));
- return EFI_DEVICE_ERROR;
- }
- CopyMem (OutPublic->publicArea.unique.ecc.y.buffer, Buffer, OutPublic->publicArea.unique.ecc.y.size);
- Buffer += OutPublic->publicArea.unique.ecc.y.size;
- break;
- default:
- return EFI_UNSUPPORTED;
}
- CopyMem (Name->name, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + OutPublicSize + sizeof(UINT16), NameSize);
+ CopyMem (Name->name, (UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + OutPublicSize + sizeof (UINT16), NameSize);
Name->size = NameSize;
- CopyMem (QualifiedName->name, (UINT8 *)&RecvBuffer + sizeof(TPM2_RESPONSE_HEADER) + sizeof(UINT16) + OutPublicSize + sizeof(UINT16) + NameSize + sizeof(UINT16), QualifiedNameSize);
+ CopyMem (QualifiedName->name, (UINT8 *)&RecvBuffer + sizeof (TPM2_RESPONSE_HEADER) + sizeof (UINT16) + OutPublicSize + sizeof (UINT16) + NameSize + sizeof (UINT16), QualifiedNameSize);
QualifiedName->size = QualifiedNameSize;
return EFI_SUCCESS;
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c index 3d99f0615c..00ae39feb7 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Sequences.c @@ -16,62 +16,62 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPM2B_AUTH Auth;
- TPMI_ALG_HASH HashAlg;
+ TPM2_COMMAND_HEADER Header;
+ TPM2B_AUTH Auth;
+ TPMI_ALG_HASH HashAlg;
} TPM2_HASH_SEQUENCE_START_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPMI_DH_OBJECT SequenceHandle;
+ TPM2_RESPONSE_HEADER Header;
+ TPMI_DH_OBJECT SequenceHandle;
} TPM2_HASH_SEQUENCE_START_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_OBJECT SequenceHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSessionSeq;
- TPM2B_MAX_BUFFER Buffer;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_OBJECT SequenceHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSessionSeq;
+ TPM2B_MAX_BUFFER Buffer;
} TPM2_SEQUENCE_UPDATE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPMS_AUTH_RESPONSE AuthSessionSeq;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPMS_AUTH_RESPONSE AuthSessionSeq;
} TPM2_SEQUENCE_UPDATE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_PCR PcrHandle;
- TPMI_DH_OBJECT SequenceHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSessionPcr;
- TPMS_AUTH_COMMAND AuthSessionSeq;
- TPM2B_MAX_BUFFER Buffer;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_PCR PcrHandle;
+ TPMI_DH_OBJECT SequenceHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSessionPcr;
+ TPMS_AUTH_COMMAND AuthSessionSeq;
+ TPM2B_MAX_BUFFER Buffer;
} TPM2_EVENT_SEQUENCE_COMPLETE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPML_DIGEST_VALUES Results;
- TPMS_AUTH_RESPONSE AuthSessionPcr;
- TPMS_AUTH_RESPONSE AuthSessionSeq;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPML_DIGEST_VALUES Results;
+ TPMS_AUTH_RESPONSE AuthSessionPcr;
+ TPMS_AUTH_RESPONSE AuthSessionSeq;
} TPM2_EVENT_SEQUENCE_COMPLETE_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_DH_OBJECT SequenceHandle;
- UINT32 AuthorizationSize;
- TPMS_AUTH_COMMAND AuthSessionSeq;
- TPM2B_MAX_BUFFER Buffer;
- TPMI_RH_HIERARCHY Hierarchy;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_DH_OBJECT SequenceHandle;
+ UINT32 AuthorizationSize;
+ TPMS_AUTH_COMMAND AuthSessionSeq;
+ TPM2B_MAX_BUFFER Buffer;
+ TPMI_RH_HIERARCHY Hierarchy;
} TPM2_SEQUENCE_COMPLETE_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- UINT32 ParameterSize;
- TPM2B_DIGEST Digest;
- TPMS_AUTH_RESPONSE AuthSessionSeq;
+ TPM2_RESPONSE_HEADER Header;
+ UINT32 ParameterSize;
+ TPM2B_DIGEST Digest;
+ TPMS_AUTH_RESPONSE AuthSessionSeq;
} TPM2_SEQUENCE_COMPLETE_RESPONSE;
#pragma pack()
@@ -91,49 +91,49 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2HashSequenceStart (
- IN TPMI_ALG_HASH HashAlg,
- OUT TPMI_DH_OBJECT *SequenceHandle
+ IN TPMI_ALG_HASH HashAlg,
+ OUT TPMI_DH_OBJECT *SequenceHandle
)
{
- EFI_STATUS Status;
- TPM2_HASH_SEQUENCE_START_COMMAND Cmd;
- TPM2_HASH_SEQUENCE_START_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *Buffer;
- UINT32 ResultBufSize;
+ EFI_STATUS Status;
+ TPM2_HASH_SEQUENCE_START_COMMAND Cmd;
+ TPM2_HASH_SEQUENCE_START_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *Buffer;
+ UINT32 ResultBufSize;
- ZeroMem(&Cmd, sizeof(Cmd));
+ ZeroMem (&Cmd, sizeof (Cmd));
//
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_HashSequenceStart);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_HashSequenceStart);
Buffer = (UINT8 *)&Cmd.Auth;
// auth = nullAuth
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(0));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (0));
+ Buffer += sizeof (UINT16);
// hashAlg
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16(HashAlg));
- Buffer += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (HashAlg));
+ Buffer += sizeof (UINT16);
- CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(Buffer - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
//
// Call the TPM
//
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HashSequenceStart: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -141,8 +141,8 @@ Tpm2HashSequenceStart ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "HashSequenceStart: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -150,8 +150,8 @@ Tpm2HashSequenceStart ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "HashSequenceStart: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "HashSequenceStart: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -160,7 +160,7 @@ Tpm2HashSequenceStart ( //
// sequenceHandle
- *SequenceHandle = SwapBytes32(Res.SequenceHandle);
+ *SequenceHandle = SwapBytes32 (Res.SequenceHandle);
return EFI_SUCCESS;
}
@@ -179,27 +179,27 @@ Tpm2HashSequenceStart ( EFI_STATUS
EFIAPI
Tpm2SequenceUpdate (
- IN TPMI_DH_OBJECT SequenceHandle,
- IN TPM2B_MAX_BUFFER *Buffer
+ IN TPMI_DH_OBJECT SequenceHandle,
+ IN TPM2B_MAX_BUFFER *Buffer
)
{
- EFI_STATUS Status;
- TPM2_SEQUENCE_UPDATE_COMMAND Cmd;
- TPM2_SEQUENCE_UPDATE_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *BufferPtr;
- UINT32 SessionInfoSize;
- UINT32 ResultBufSize;
+ EFI_STATUS Status;
+ TPM2_SEQUENCE_UPDATE_COMMAND Cmd;
+ TPM2_SEQUENCE_UPDATE_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *BufferPtr;
+ UINT32 SessionInfoSize;
+ UINT32 ResultBufSize;
- ZeroMem(&Cmd, sizeof(Cmd));
+ ZeroMem (&Cmd, sizeof (Cmd));
//
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_SequenceUpdate);
- Cmd.SequenceHandle = SwapBytes32(SequenceHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_SequenceUpdate);
+ Cmd.SequenceHandle = SwapBytes32 (SequenceHandle);
//
// Add in Auth session
@@ -207,30 +207,30 @@ Tpm2SequenceUpdate ( BufferPtr = (UINT8 *)&Cmd.AuthSessionSeq;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (NULL, BufferPtr);
- BufferPtr += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (NULL, BufferPtr);
+ BufferPtr += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
// buffer.size
- WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16(Buffer->size));
- BufferPtr += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16 (Buffer->size));
+ BufferPtr += sizeof (UINT16);
- CopyMem(BufferPtr, &Buffer->buffer, Buffer->size);
+ CopyMem (BufferPtr, &Buffer->buffer, Buffer->size);
BufferPtr += Buffer->size;
- CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
//
// Call the TPM
//
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd,&ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "SequenceUpdate: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -238,8 +238,8 @@ Tpm2SequenceUpdate ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "SequenceUpdate: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -247,8 +247,8 @@ Tpm2SequenceUpdate ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "SequenceUpdate: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "SequenceUpdate: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -278,33 +278,33 @@ Tpm2SequenceUpdate ( EFI_STATUS
EFIAPI
Tpm2EventSequenceComplete (
- IN TPMI_DH_PCR PcrHandle,
- IN TPMI_DH_OBJECT SequenceHandle,
- IN TPM2B_MAX_BUFFER *Buffer,
- OUT TPML_DIGEST_VALUES *Results
+ IN TPMI_DH_PCR PcrHandle,
+ IN TPMI_DH_OBJECT SequenceHandle,
+ IN TPM2B_MAX_BUFFER *Buffer,
+ OUT TPML_DIGEST_VALUES *Results
)
{
- EFI_STATUS Status;
- TPM2_EVENT_SEQUENCE_COMPLETE_COMMAND Cmd;
- TPM2_EVENT_SEQUENCE_COMPLETE_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *BufferPtr;
- UINT32 SessionInfoSize;
- UINT32 SessionInfoSize2;
- UINT32 Index;
- UINT32 ResultBufSize;
- UINT16 DigestSize;
+ EFI_STATUS Status;
+ TPM2_EVENT_SEQUENCE_COMPLETE_COMMAND Cmd;
+ TPM2_EVENT_SEQUENCE_COMPLETE_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *BufferPtr;
+ UINT32 SessionInfoSize;
+ UINT32 SessionInfoSize2;
+ UINT32 Index;
+ UINT32 ResultBufSize;
+ UINT16 DigestSize;
- ZeroMem(&Cmd, sizeof(Cmd));
+ ZeroMem (&Cmd, sizeof (Cmd));
//
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_EventSequenceComplete);
- Cmd.PcrHandle = SwapBytes32(PcrHandle);
- Cmd.SequenceHandle = SwapBytes32(SequenceHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_EventSequenceComplete);
+ Cmd.PcrHandle = SwapBytes32 (PcrHandle);
+ Cmd.SequenceHandle = SwapBytes32 (SequenceHandle);
//
// Add in pcrHandle Auth session
@@ -313,33 +313,33 @@ Tpm2EventSequenceComplete ( // sessionInfoSize
SessionInfoSize = CopyAuthSessionCommand (NULL, BufferPtr);
- BufferPtr += SessionInfoSize;
+ BufferPtr += SessionInfoSize;
// sessionInfoSize
- SessionInfoSize2 = CopyAuthSessionCommand (NULL, BufferPtr);
- BufferPtr += SessionInfoSize2;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize + SessionInfoSize2);
+ SessionInfoSize2 = CopyAuthSessionCommand (NULL, BufferPtr);
+ BufferPtr += SessionInfoSize2;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize + SessionInfoSize2);
// buffer.size
- WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16(Buffer->size));
- BufferPtr += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16 (Buffer->size));
+ BufferPtr += sizeof (UINT16);
- CopyMem(BufferPtr, &Buffer->buffer[0], Buffer->size);
+ CopyMem (BufferPtr, &Buffer->buffer[0], Buffer->size);
BufferPtr += Buffer->size;
- CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
//
// Call the TPM
//
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "EventSequenceComplete: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -347,8 +347,8 @@ Tpm2EventSequenceComplete ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "EventSequenceComplete: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -356,8 +356,8 @@ Tpm2EventSequenceComplete ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "EventSequenceComplete: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "EventSequenceComplete: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -368,24 +368,25 @@ Tpm2EventSequenceComplete ( BufferPtr = (UINT8 *)&Res.Results;
// count
- Results->count = SwapBytes32(ReadUnaligned32 ((UINT32 *)BufferPtr));
+ Results->count = SwapBytes32 (ReadUnaligned32 ((UINT32 *)BufferPtr));
if (Results->count > HASH_COUNT) {
DEBUG ((DEBUG_ERROR, "Tpm2EventSequenceComplete - Results->count error %x\n", Results->count));
return EFI_DEVICE_ERROR;
}
- BufferPtr += sizeof(UINT32);
+ BufferPtr += sizeof (UINT32);
for (Index = 0; Index < Results->count; Index++) {
- Results->digests[Index].hashAlg = SwapBytes16(ReadUnaligned16 ((UINT16 *)BufferPtr));
- BufferPtr += sizeof(UINT16);
+ Results->digests[Index].hashAlg = SwapBytes16 (ReadUnaligned16 ((UINT16 *)BufferPtr));
+ BufferPtr += sizeof (UINT16);
DigestSize = GetHashSizeFromAlgo (Results->digests[Index].hashAlg);
if (DigestSize == 0) {
DEBUG ((DEBUG_ERROR, "EventSequenceComplete: Unknown hash algorithm %d\r\n", Results->digests[Index].hashAlg));
return EFI_DEVICE_ERROR;
}
- CopyMem(
+
+ CopyMem (
&Results->digests[Index].digest,
BufferPtr,
DigestSize
@@ -409,28 +410,28 @@ Tpm2EventSequenceComplete ( EFI_STATUS
EFIAPI
Tpm2SequenceComplete (
- IN TPMI_DH_OBJECT SequenceHandle,
- IN TPM2B_MAX_BUFFER *Buffer,
- OUT TPM2B_DIGEST *Result
+ IN TPMI_DH_OBJECT SequenceHandle,
+ IN TPM2B_MAX_BUFFER *Buffer,
+ OUT TPM2B_DIGEST *Result
)
{
- EFI_STATUS Status;
- TPM2_SEQUENCE_COMPLETE_COMMAND Cmd;
- TPM2_SEQUENCE_COMPLETE_RESPONSE Res;
- UINT32 CmdSize;
- UINT32 RespSize;
- UINT8 *BufferPtr;
- UINT32 SessionInfoSize;
- UINT32 ResultBufSize;
+ EFI_STATUS Status;
+ TPM2_SEQUENCE_COMPLETE_COMMAND Cmd;
+ TPM2_SEQUENCE_COMPLETE_RESPONSE Res;
+ UINT32 CmdSize;
+ UINT32 RespSize;
+ UINT8 *BufferPtr;
+ UINT32 SessionInfoSize;
+ UINT32 ResultBufSize;
- ZeroMem(&Cmd, sizeof(Cmd));
+ ZeroMem (&Cmd, sizeof (Cmd));
//
// Construct command
//
- Cmd.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_SequenceComplete);
- Cmd.SequenceHandle = SwapBytes32(SequenceHandle);
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_SESSIONS);
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_SequenceComplete);
+ Cmd.SequenceHandle = SwapBytes32 (SequenceHandle);
//
// Add in Auth session
@@ -438,34 +439,34 @@ Tpm2SequenceComplete ( BufferPtr = (UINT8 *)&Cmd.AuthSessionSeq;
// sessionInfoSize
- SessionInfoSize = CopyAuthSessionCommand (NULL, BufferPtr);
- BufferPtr += SessionInfoSize;
- Cmd.AuthorizationSize = SwapBytes32(SessionInfoSize);
+ SessionInfoSize = CopyAuthSessionCommand (NULL, BufferPtr);
+ BufferPtr += SessionInfoSize;
+ Cmd.AuthorizationSize = SwapBytes32 (SessionInfoSize);
// buffer.size
- WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16(Buffer->size));
- BufferPtr += sizeof(UINT16);
+ WriteUnaligned16 ((UINT16 *)BufferPtr, SwapBytes16 (Buffer->size));
+ BufferPtr += sizeof (UINT16);
- CopyMem(BufferPtr, &Buffer->buffer[0], Buffer->size);
+ CopyMem (BufferPtr, &Buffer->buffer[0], Buffer->size);
BufferPtr += Buffer->size;
// Hierarchy
WriteUnaligned32 ((UINT32 *)BufferPtr, SwapBytes32 (TPM_RH_NULL));
BufferPtr += sizeof (UINT32);
- CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
- Cmd.Header.paramSize = SwapBytes32(CmdSize);
+ CmdSize = (UINT32)(BufferPtr - (UINT8 *)&Cmd);
+ Cmd.Header.paramSize = SwapBytes32 (CmdSize);
//
// Call the TPM
//
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (CmdSize, (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (ResultBufSize > sizeof(Res)) {
+ if (ResultBufSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "SequenceComplete: Failed ExecuteCommand: Buffer Too Small\r\n"));
return EFI_BUFFER_TOO_SMALL;
}
@@ -473,8 +474,8 @@ Tpm2SequenceComplete ( //
// Validate response headers
//
- RespSize = SwapBytes32(Res.Header.paramSize);
- if (RespSize > sizeof(Res)) {
+ RespSize = SwapBytes32 (Res.Header.paramSize);
+ if (RespSize > sizeof (Res)) {
DEBUG ((DEBUG_ERROR, "SequenceComplete: Response size too large! %d\r\n", RespSize));
return EFI_BUFFER_TOO_SMALL;
}
@@ -482,8 +483,8 @@ Tpm2SequenceComplete ( //
// Fail if command failed
//
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "SequenceComplete: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "SequenceComplete: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -494,15 +495,15 @@ Tpm2SequenceComplete ( BufferPtr = (UINT8 *)&Res.Digest;
// digestSize
- Result->size = SwapBytes16(ReadUnaligned16 ((UINT16 *)BufferPtr));
- if (Result->size > sizeof(TPMU_HA)){
+ Result->size = SwapBytes16 (ReadUnaligned16 ((UINT16 *)BufferPtr));
+ if (Result->size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2SequenceComplete - Result->size error %x\n", Result->size));
return EFI_DEVICE_ERROR;
}
- BufferPtr += sizeof(UINT16);
+ BufferPtr += sizeof (UINT16);
- CopyMem(
+ CopyMem (
Result->buffer,
BufferPtr,
Result->size
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c index 4ca616188c..7f247da301 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Session.c @@ -27,9 +27,9 @@ typedef struct { } TPM2_START_AUTH_SESSION_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
- TPMI_SH_AUTH_SESSION SessionHandle;
- TPM2B_NONCE NonceTPM;
+ TPM2_RESPONSE_HEADER Header;
+ TPMI_SH_AUTH_SESSION SessionHandle;
+ TPM2B_NONCE NonceTPM;
} TPM2_START_AUTH_SESSION_RESPONSE;
#pragma pack()
@@ -54,15 +54,15 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2StartAuthSession (
- IN TPMI_DH_OBJECT TpmKey,
- IN TPMI_DH_ENTITY Bind,
- IN TPM2B_NONCE *NonceCaller,
- IN TPM2B_ENCRYPTED_SECRET *Salt,
- IN TPM_SE SessionType,
- IN TPMT_SYM_DEF *Symmetric,
- IN TPMI_ALG_HASH AuthHash,
- OUT TPMI_SH_AUTH_SESSION *SessionHandle,
- OUT TPM2B_NONCE *NonceTPM
+ IN TPMI_DH_OBJECT TpmKey,
+ IN TPMI_DH_ENTITY Bind,
+ IN TPM2B_NONCE *NonceCaller,
+ IN TPM2B_ENCRYPTED_SECRET *Salt,
+ IN TPM_SE SessionType,
+ IN TPMT_SYM_DEF *Symmetric,
+ IN TPMI_ALG_HASH AuthHash,
+ OUT TPMI_SH_AUTH_SESSION *SessionHandle,
+ OUT TPM2B_NONCE *NonceTPM
)
{
EFI_STATUS Status;
@@ -75,20 +75,20 @@ Tpm2StartAuthSession ( //
// Construct command
//
- SendBuffer.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- SendBuffer.Header.commandCode = SwapBytes32(TPM_CC_StartAuthSession);
+ SendBuffer.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ SendBuffer.Header.commandCode = SwapBytes32 (TPM_CC_StartAuthSession);
SendBuffer.TpmKey = SwapBytes32 (TpmKey);
- SendBuffer.Bind = SwapBytes32 (Bind);
- Buffer = (UINT8 *)&SendBuffer.NonceCaller;
+ SendBuffer.Bind = SwapBytes32 (Bind);
+ Buffer = (UINT8 *)&SendBuffer.NonceCaller;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (NonceCaller->size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, NonceCaller->buffer, NonceCaller->size);
Buffer += NonceCaller->size;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Salt->size));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
CopyMem (Buffer, Salt->secret, Salt->size);
Buffer += Salt->size;
@@ -96,49 +96,49 @@ Tpm2StartAuthSession ( Buffer++;
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->algorithm));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
switch (Symmetric->algorithm) {
- case TPM_ALG_NULL:
- break;
- case TPM_ALG_AES:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.aes));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.aes));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SM4:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.SM4));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.SM4));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_SYMCIPHER:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.sym));
- Buffer += sizeof(UINT16);
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.sym));
- Buffer += sizeof(UINT16);
- break;
- case TPM_ALG_XOR:
- WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.xor));
- Buffer += sizeof(UINT16);
- break;
- default:
- ASSERT (FALSE);
- DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - Symmetric->algorithm - %x\n", Symmetric->algorithm));
- return EFI_UNSUPPORTED;
+ case TPM_ALG_NULL:
+ break;
+ case TPM_ALG_AES:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.aes));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.aes));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SM4:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.SM4));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.SM4));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_SYMCIPHER:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.sym));
+ Buffer += sizeof (UINT16);
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->mode.sym));
+ Buffer += sizeof (UINT16);
+ break;
+ case TPM_ALG_XOR:
+ WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (Symmetric->keyBits.xor));
+ Buffer += sizeof (UINT16);
+ break;
+ default:
+ ASSERT (FALSE);
+ DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - Symmetric->algorithm - %x\n", Symmetric->algorithm));
+ return EFI_UNSUPPORTED;
}
WriteUnaligned16 ((UINT16 *)Buffer, SwapBytes16 (AuthHash));
- Buffer += sizeof(UINT16);
+ Buffer += sizeof (UINT16);
- SendBufferSize = (UINT32) ((UINTN)Buffer - (UINTN)&SendBuffer);
+ SendBufferSize = (UINT32)((UINTN)Buffer - (UINTN)&SendBuffer);
SendBuffer.Header.paramSize = SwapBytes32 (SendBufferSize);
//
// send Tpm command
//
RecvBufferSize = sizeof (RecvBuffer);
- Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
+ Status = Tpm2SubmitCommand (SendBufferSize, (UINT8 *)&SendBuffer, &RecvBufferSize, (UINT8 *)&RecvBuffer);
if (EFI_ERROR (Status)) {
return Status;
}
@@ -147,8 +147,9 @@ Tpm2StartAuthSession ( DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - RecvBufferSize Error - %x\n", RecvBufferSize));
return EFI_DEVICE_ERROR;
}
- if (SwapBytes32(RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - responseCode - %x\n", SwapBytes32(RecvBuffer.Header.responseCode)));
+
+ if (SwapBytes32 (RecvBuffer.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - responseCode - %x\n", SwapBytes32 (RecvBuffer.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
@@ -157,7 +158,7 @@ Tpm2StartAuthSession ( //
*SessionHandle = SwapBytes32 (RecvBuffer.SessionHandle);
NonceTPM->size = SwapBytes16 (RecvBuffer.NonceTPM.size);
- if (NonceTPM->size > sizeof(TPMU_HA)) {
+ if (NonceTPM->size > sizeof (TPMU_HA)) {
DEBUG ((DEBUG_ERROR, "Tpm2StartAuthSession - NonceTPM->size error %x\n", NonceTPM->size));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Startup.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Startup.c index 645ac49b87..745c53bc29 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Startup.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Startup.c @@ -17,21 +17,21 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPM_SU StartupType;
+ TPM2_COMMAND_HEADER Header;
+ TPM_SU StartupType;
} TPM2_STARTUP_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_STARTUP_RESPONSE;
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPM_SU ShutdownType;
+ TPM2_COMMAND_HEADER Header;
+ TPM_SU ShutdownType;
} TPM2_SHUTDOWN_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_SHUTDOWN_RESPONSE;
#pragma pack()
@@ -47,38 +47,38 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2Startup (
- IN TPM_SU StartupType
+ IN TPM_SU StartupType
)
{
- EFI_STATUS Status;
- TPM2_STARTUP_COMMAND Cmd;
- TPM2_STARTUP_RESPONSE Res;
- UINT32 ResultBufSize;
- TPM_RC ResponseCode;
-
- Cmd.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_Startup);
- Cmd.StartupType = SwapBytes16(StartupType);
-
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (sizeof(Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ EFI_STATUS Status;
+ TPM2_STARTUP_COMMAND Cmd;
+ TPM2_STARTUP_RESPONSE Res;
+ UINT32 ResultBufSize;
+ TPM_RC ResponseCode;
+
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_Startup);
+ Cmd.StartupType = SwapBytes16 (StartupType);
+
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (sizeof (Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- ResponseCode = SwapBytes32(Res.Header.responseCode);
- switch (ResponseCode) {
- case TPM_RC_SUCCESS:
- DEBUG ((DEBUG_INFO, "TPM2Startup: TPM_RC_SUCCESS\n"));
- return EFI_SUCCESS;
- case TPM_RC_INITIALIZE:
- // TPM_RC_INITIALIZE can be returned if Tpm2Startup is not required.
- DEBUG ((DEBUG_INFO, "TPM2Startup: TPM_RC_INITIALIZE\n"));
- return EFI_SUCCESS;
- default:
- DEBUG ((DEBUG_ERROR, "Tpm2Startup: Response Code error! 0x%08x\r\n", ResponseCode));
- return EFI_DEVICE_ERROR;
+ ResponseCode = SwapBytes32 (Res.Header.responseCode);
+ switch (ResponseCode) {
+ case TPM_RC_SUCCESS:
+ DEBUG ((DEBUG_INFO, "TPM2Startup: TPM_RC_SUCCESS\n"));
+ return EFI_SUCCESS;
+ case TPM_RC_INITIALIZE:
+ // TPM_RC_INITIALIZE can be returned if Tpm2Startup is not required.
+ DEBUG ((DEBUG_INFO, "TPM2Startup: TPM_RC_INITIALIZE\n"));
+ return EFI_SUCCESS;
+ default:
+ DEBUG ((DEBUG_ERROR, "Tpm2Startup: Response Code error! 0x%08x\r\n", ResponseCode));
+ return EFI_DEVICE_ERROR;
}
}
@@ -93,27 +93,27 @@ Tpm2Startup ( EFI_STATUS
EFIAPI
Tpm2Shutdown (
- IN TPM_SU ShutdownType
+ IN TPM_SU ShutdownType
)
{
- EFI_STATUS Status;
- TPM2_SHUTDOWN_COMMAND Cmd;
- TPM2_SHUTDOWN_RESPONSE Res;
- UINT32 ResultBufSize;
-
- Cmd.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_Shutdown);
- Cmd.ShutdownType = SwapBytes16(ShutdownType);
-
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (sizeof(Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
- if (EFI_ERROR(Status)) {
+ EFI_STATUS Status;
+ TPM2_SHUTDOWN_COMMAND Cmd;
+ TPM2_SHUTDOWN_RESPONSE Res;
+ UINT32 ResultBufSize;
+
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_Shutdown);
+ Cmd.ShutdownType = SwapBytes16 (ShutdownType);
+
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (sizeof (Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ if (EFI_ERROR (Status)) {
return Status;
}
- if (SwapBytes32(Res.Header.responseCode) != TPM_RC_SUCCESS) {
- DEBUG ((DEBUG_ERROR, "Tpm2Shutdown: Response Code error! 0x%08x\r\n", SwapBytes32(Res.Header.responseCode)));
+ if (SwapBytes32 (Res.Header.responseCode) != TPM_RC_SUCCESS) {
+ DEBUG ((DEBUG_ERROR, "Tpm2Shutdown: Response Code error! 0x%08x\r\n", SwapBytes32 (Res.Header.responseCode)));
return EFI_DEVICE_ERROR;
}
diff --git a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Test.c b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Test.c index 78f8feba81..070485a7ae 100644 --- a/SecurityPkg/Library/Tpm2CommandLib/Tpm2Test.c +++ b/SecurityPkg/Library/Tpm2CommandLib/Tpm2Test.c @@ -16,12 +16,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #pragma pack(1)
typedef struct {
- TPM2_COMMAND_HEADER Header;
- TPMI_YES_NO FullTest;
+ TPM2_COMMAND_HEADER Header;
+ TPMI_YES_NO FullTest;
} TPM2_SELF_TEST_COMMAND;
typedef struct {
- TPM2_RESPONSE_HEADER Header;
+ TPM2_RESPONSE_HEADER Header;
} TPM2_SELF_TEST_RESPONSE;
#pragma pack()
@@ -40,21 +40,21 @@ typedef struct { EFI_STATUS
EFIAPI
Tpm2SelfTest (
- IN TPMI_YES_NO FullTest
+ IN TPMI_YES_NO FullTest
)
{
- EFI_STATUS Status;
- TPM2_SELF_TEST_COMMAND Cmd;
- TPM2_SELF_TEST_RESPONSE Res;
- UINT32 ResultBufSize;
-
- Cmd.Header.tag = SwapBytes16(TPM_ST_NO_SESSIONS);
- Cmd.Header.paramSize = SwapBytes32(sizeof(Cmd));
- Cmd.Header.commandCode = SwapBytes32(TPM_CC_SelfTest);
+ EFI_STATUS Status;
+ TPM2_SELF_TEST_COMMAND Cmd;
+ TPM2_SELF_TEST_RESPONSE Res;
+ UINT32 ResultBufSize;
+
+ Cmd.Header.tag = SwapBytes16 (TPM_ST_NO_SESSIONS);
+ Cmd.Header.paramSize = SwapBytes32 (sizeof (Cmd));
+ Cmd.Header.commandCode = SwapBytes32 (TPM_CC_SelfTest);
Cmd.FullTest = FullTest;
- ResultBufSize = sizeof(Res);
- Status = Tpm2SubmitCommand (sizeof(Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
+ ResultBufSize = sizeof (Res);
+ Status = Tpm2SubmitCommand (sizeof (Cmd), (UINT8 *)&Cmd, &ResultBufSize, (UINT8 *)&Res);
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c index 238389dbdb..7cc55df436 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.c @@ -30,10 +30,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent EFI_STATUS
EFIAPI
DTpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
);
/**
@@ -64,10 +64,10 @@ DTpm2RequestUseTpm ( EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
return DTpm2SubmitCommand (
@@ -106,7 +106,7 @@ Tpm2RequestUseTpm ( EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
- IN TPM2_DEVICE_INTERFACE *Tpm2Device
+ IN TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
return EFI_UNSUPPORTED;
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h index 9fff989522..d703f15a2f 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpm.h @@ -19,7 +19,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
TPM2_PTP_INTERFACE_TYPE
Tpm2GetPtpInterface (
- IN VOID *Register
+ IN VOID *Register
);
/**
@@ -31,7 +31,7 @@ Tpm2GetPtpInterface ( **/
UINT8
Tpm2GetIdleByPass (
- IN VOID *Register
+ IN VOID *Register
);
/**
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c index bc35e257e1..1207941695 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmBase.c @@ -22,7 +22,7 @@ GetCachedIdleByPass ( VOID
)
{
- return PcdGet8(PcdCRBIdleByPass);
+ return PcdGet8 (PcdCRBIdleByPass);
}
/**
@@ -35,7 +35,7 @@ GetCachedPtpInterface ( VOID
)
{
- return PcdGet8(PcdActiveTpmInterfaceType);
+ return PcdGet8 (PcdActiveTpmInterfaceType);
}
/**
@@ -54,14 +54,14 @@ InternalTpm2DeviceLibDTpmCommonConstructor ( //
// Cache current active TpmInterfaceType only when needed
//
- if (PcdGet8(PcdActiveTpmInterfaceType) == 0xFF) {
- PtpInterface = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- PcdSet8S(PcdActiveTpmInterfaceType, PtpInterface);
+ if (PcdGet8 (PcdActiveTpmInterfaceType) == 0xFF) {
+ PtpInterface = Tpm2GetPtpInterface ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ PcdSet8S (PcdActiveTpmInterfaceType, PtpInterface);
}
- if (PcdGet8(PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb && PcdGet8(PcdCRBIdleByPass) == 0xFF) {
- IdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- PcdSet8S(PcdCRBIdleByPass, IdleByPass);
+ if ((PcdGet8 (PcdActiveTpmInterfaceType) == Tpm2PtpInterfaceCrb) && (PcdGet8 (PcdCRBIdleByPass) == 0xFF)) {
+ IdleByPass = Tpm2GetIdleByPass ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ PcdSet8S (PcdCRBIdleByPass, IdleByPass);
}
return EFI_SUCCESS;
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c index eac866d2a7..f56edc8baf 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2DeviceLibDTpmStandaloneMm.c @@ -51,15 +51,15 @@ InternalTpm2DeviceLibDTpmCommonConstructor ( )
{
mActiveTpmInterfaceType = 0xFF;
- mCRBIdleByPass = 0xFF;
+ mCRBIdleByPass = 0xFF;
//
// Always cache current active TpmInterfaceType for StandaloneMm implementation
//
- mActiveTpmInterfaceType = Tpm2GetPtpInterface ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ mActiveTpmInterfaceType = Tpm2GetPtpInterface ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
if (mActiveTpmInterfaceType == Tpm2PtpInterfaceCrb) {
- mCRBIdleByPass = Tpm2GetIdleByPass((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ mCRBIdleByPass = Tpm2GetIdleByPass ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
}
return EFI_SUCCESS;
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c index 053e597d2e..7d3e4bef86 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2InstanceLibDTpm.c @@ -25,7 +25,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
VOID
DumpPtpInfo (
- IN VOID *Register
+ IN VOID *Register
);
/**
@@ -43,10 +43,10 @@ DumpPtpInfo ( EFI_STATUS
EFIAPI
DTpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
);
/**
@@ -79,7 +79,7 @@ Tpm2InstanceLibDTpmConstructor ( VOID
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
Status = Tpm2RegisterTpm2DeviceLib (&mDTpm2InternalTpm2Device);
if ((Status == EFI_SUCCESS) || (Status == EFI_UNSUPPORTED)) {
@@ -88,9 +88,11 @@ Tpm2InstanceLibDTpmConstructor ( //
if (Status == EFI_SUCCESS) {
Status = InternalTpm2DeviceLibDTpmCommonConstructor ();
- DumpPtpInfo ((VOID *) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ DumpPtpInfo ((VOID *)(UINTN)PcdGet64 (PcdTpmBaseAddress));
}
+
return EFI_SUCCESS;
}
+
return Status;
}
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c index 5ceb6c8466..40ab998004 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Ptp.c @@ -26,12 +26,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent // Execution of the command may take from several seconds to minutes for certain
// commands, such as key generation.
//
-#define PTP_TIMEOUT_MAX (90000 * 1000) // 90s
+#define PTP_TIMEOUT_MAX (90000 * 1000) // 90s
//
// Max TPM command/response length
//
-#define TPMCMDBUFLENGTH 0x500
+#define TPMCMDBUFLENGTH 0x500
/**
Check whether TPM PTP register exist.
@@ -43,10 +43,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
BOOLEAN
Tpm2IsPtpPresence (
- IN VOID *Reg
+ IN VOID *Reg
)
{
- UINT8 RegRead;
+ UINT8 RegRead;
RegRead = MmioRead8 ((UINTN)Reg);
if (RegRead == 0xFF) {
@@ -55,6 +55,7 @@ Tpm2IsPtpPresence ( //
return FALSE;
}
+
return TRUE;
}
@@ -71,22 +72,24 @@ Tpm2IsPtpPresence ( **/
EFI_STATUS
PtpCrbWaitRegisterBits (
- IN UINT32 *Register,
- IN UINT32 BitSet,
- IN UINT32 BitClear,
- IN UINT32 TimeOut
+ IN UINT32 *Register,
+ IN UINT32 BitSet,
+ IN UINT32 BitClear,
+ IN UINT32 TimeOut
)
{
- UINT32 RegRead;
- UINT32 WaitTime;
+ UINT32 RegRead;
+ UINT32 WaitTime;
- for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
+ for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30) {
RegRead = MmioRead32 ((UINTN)Register);
- if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0) {
+ if (((RegRead & BitSet) == BitSet) && ((RegRead & BitClear) == 0)) {
return EFI_SUCCESS;
}
+
MicroSecondDelay (30);
}
+
return EFI_TIMEOUT;
}
@@ -102,16 +105,16 @@ PtpCrbWaitRegisterBits ( **/
EFI_STATUS
PtpCrbRequestUseTpm (
- IN PTP_CRB_REGISTERS_PTR CrbReg
+ IN PTP_CRB_REGISTERS_PTR CrbReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (!Tpm2IsPtpPresence (CrbReg)) {
return EFI_NOT_FOUND;
}
- MmioWrite32((UINTN)&CrbReg->LocalityControl, PTP_CRB_LOCALITY_CONTROL_REQUEST_ACCESS);
+ MmioWrite32 ((UINTN)&CrbReg->LocalityControl, PTP_CRB_LOCALITY_CONTROL_REQUEST_ACCESS);
Status = PtpCrbWaitRegisterBits (
&CrbReg->LocalityStatus,
PTP_CRB_LOCALITY_STATUS_GRANTED,
@@ -138,52 +141,55 @@ PtpCrbRequestUseTpm ( **/
EFI_STATUS
PtpCrbTpmCommand (
- IN PTP_CRB_REGISTERS_PTR CrbReg,
- IN UINT8 *BufferIn,
- IN UINT32 SizeIn,
- IN OUT UINT8 *BufferOut,
- IN OUT UINT32 *SizeOut
+ IN PTP_CRB_REGISTERS_PTR CrbReg,
+ IN UINT8 *BufferIn,
+ IN UINT32 SizeIn,
+ IN OUT UINT8 *BufferOut,
+ IN OUT UINT32 *SizeOut
)
{
- EFI_STATUS Status;
- UINT32 Index;
- UINT32 TpmOutSize;
- UINT16 Data16;
- UINT32 Data32;
+ EFI_STATUS Status;
+ UINT32 Index;
+ UINT32 TpmOutSize;
+ UINT16 Data16;
+ UINT32 Data32;
DEBUG_CODE_BEGIN ();
- UINTN DebugSize;
+ UINTN DebugSize;
- DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand Send - "));
- if (SizeIn > 0x100) {
- DebugSize = 0x40;
- } else {
- DebugSize = SizeIn;
- }
- for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand Send - "));
+ if (SizeIn > 0x100) {
+ DebugSize = 0x40;
+ } else {
+ DebugSize = SizeIn;
+ }
+
+ for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
+ }
+
+ if (DebugSize != SizeIn) {
+ DEBUG ((DEBUG_VERBOSE, "...... "));
+ for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
}
- if (DebugSize != SizeIn) {
- DEBUG ((DEBUG_VERBOSE, "...... "));
- for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
- }
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
- TpmOutSize = 0;
+ TpmOutSize = 0;
//
// STEP 0:
// if CapCRbIdelByPass == 0, enforce Idle state before sending command
//
- if (GetCachedIdleByPass () == 0 && (MmioRead32((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0){
+ if ((GetCachedIdleByPass () == 0) && ((MmioRead32 ((UINTN)&CrbReg->CrbControlStatus) & PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE) == 0)) {
Status = PtpCrbWaitRegisterBits (
- &CrbReg->CrbControlStatus,
- PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
- 0,
- PTP_TIMEOUT_C
- );
+ &CrbReg->CrbControlStatus,
+ PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
+ 0,
+ PTP_TIMEOUT_C
+ );
if (EFI_ERROR (Status)) {
//
// Try to goIdle to recover TPM
@@ -199,7 +205,7 @@ PtpCrbTpmCommand ( // of 1 by software to Request.cmdReady, as indicated by the Status field
// being cleared to 0.
//
- MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlRequest,
0,
@@ -210,6 +216,7 @@ PtpCrbTpmCommand ( Status = EFI_DEVICE_ERROR;
goto GoIdle_Exit;
}
+
Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStatus,
0,
@@ -230,19 +237,20 @@ PtpCrbTpmCommand ( for (Index = 0; Index < SizeIn; Index++) {
MmioWrite8 ((UINTN)&CrbReg->CrbDataBuffer[Index], BufferIn[Index]);
}
+
MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandAddressHigh, (UINT32)RShiftU64 ((UINTN)CrbReg->CrbDataBuffer, 32));
MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandAddressLow, (UINT32)(UINTN)CrbReg->CrbDataBuffer);
- MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandSize, sizeof(CrbReg->CrbDataBuffer));
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlCommandSize, sizeof (CrbReg->CrbDataBuffer));
MmioWrite64 ((UINTN)&CrbReg->CrbControlResponseAddrss, (UINT32)(UINTN)CrbReg->CrbDataBuffer);
- MmioWrite32 ((UINTN)&CrbReg->CrbControlResponseSize, sizeof(CrbReg->CrbDataBuffer));
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlResponseSize, sizeof (CrbReg->CrbDataBuffer));
//
// STEP 3:
// Command Execution occurs after receipt of a 1 to Start and the TPM
// clearing Start to 0.
//
- MmioWrite32((UINTN)&CrbReg->CrbControlStart, PTP_CRB_CONTROL_START);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlStart, PTP_CRB_CONTROL_START);
Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStart,
0,
@@ -254,16 +262,16 @@ PtpCrbTpmCommand ( // Command Completion check timeout. Cancel the currently executing command by writing TPM_CRB_CTRL_CANCEL,
// Expect TPM_RC_CANCELLED or successfully completed response.
//
- MmioWrite32((UINTN)&CrbReg->CrbControlCancel, PTP_CRB_CONTROL_CANCEL);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlCancel, PTP_CRB_CONTROL_CANCEL);
Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStart,
0,
PTP_CRB_CONTROL_START,
PTP_TIMEOUT_B
);
- MmioWrite32((UINTN)&CrbReg->CrbControlCancel, 0);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlCancel, 0);
- if (EFI_ERROR(Status)) {
+ if (EFI_ERROR (Status)) {
//
// Still in Command Execution state. Try to goIdle, the behavior is agnostic.
//
@@ -285,12 +293,14 @@ PtpCrbTpmCommand ( for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
BufferOut[Index] = MmioRead8 ((UINTN)&CrbReg->CrbDataBuffer[Index]);
}
+
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand ReceiveHeader - "));
- for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand ReceiveHeader - "));
+ for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
//
// Check the response data header (tag, parasize and returncode)
@@ -304,7 +314,7 @@ PtpCrbTpmCommand ( }
CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
- TpmOutSize = SwapBytes32 (Data32);
+ TpmOutSize = SwapBytes32 (Data32);
if (*SizeOut < TpmOutSize) {
//
// Command completed, but buffer is not enough
@@ -312,6 +322,7 @@ PtpCrbTpmCommand ( Status = EFI_BUFFER_TOO_SMALL;
goto GoReady_Exit;
}
+
*SizeOut = TpmOutSize;
//
// Continue reading the remaining data
@@ -321,11 +332,12 @@ PtpCrbTpmCommand ( }
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand Receive - "));
- for (Index = 0; Index < TpmOutSize; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "PtpCrbTpmCommand Receive - "));
+ for (Index = 0; Index < TpmOutSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
GoReady_Exit:
@@ -334,7 +346,7 @@ GoReady_Exit: // If not supported. flow down to GoIdle
//
if (GetCachedIdleByPass () == 1) {
- MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_COMMAND_READY);
return Status;
}
@@ -347,13 +359,13 @@ GoIdle_Exit: //
// Return to Idle state by setting TPM_CRB_CTRL_STS_x.Status.goIdle to 1.
//
- MmioWrite32((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_GO_IDLE);
+ MmioWrite32 ((UINTN)&CrbReg->CrbControlRequest, PTP_CRB_CONTROL_AREA_REQUEST_GO_IDLE);
//
// Only enforce Idle state transition if execution fails when CRBIdleBypass==1
// Leave regular Idle delay at the beginning of next command execution
//
- if (GetCachedIdleByPass () == 1){
+ if (GetCachedIdleByPass () == 1) {
Status = PtpCrbWaitRegisterBits (
&CrbReg->CrbControlStatus,
PTP_CRB_CONTROL_AREA_STATUS_TPM_IDLE,
@@ -382,11 +394,11 @@ GoIdle_Exit: **/
EFI_STATUS
Tpm2TisTpmCommand (
- IN TIS_PC_REGISTERS_PTR TisReg,
- IN UINT8 *BufferIn,
- IN UINT32 SizeIn,
- IN OUT UINT8 *BufferOut,
- IN OUT UINT32 *SizeOut
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ IN UINT8 *BufferIn,
+ IN UINT32 SizeIn,
+ IN OUT UINT8 *BufferOut,
+ IN OUT UINT32 *SizeOut
);
/**
@@ -402,7 +414,7 @@ Tpm2TisTpmCommand ( **/
EFI_STATUS
TisPcRequestUseTpm (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
);
/**
@@ -414,32 +426,37 @@ TisPcRequestUseTpm ( **/
TPM2_PTP_INTERFACE_TYPE
Tpm2GetPtpInterface (
- IN VOID *Register
+ IN VOID *Register
)
{
- PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
- PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
+ PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
+ PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
if (!Tpm2IsPtpPresence (Register)) {
return Tpm2PtpInterfaceMax;
}
+
//
// Check interface id
//
- InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
+ InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_CRB) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_CRB) &&
- (InterfaceId.Bits.CapCRB != 0)) {
+ (InterfaceId.Bits.CapCRB != 0))
+ {
return Tpm2PtpInterfaceCrb;
}
+
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO) &&
(InterfaceId.Bits.InterfaceVersion == PTP_INTERFACE_IDENTIFIER_INTERFACE_VERSION_FIFO) &&
(InterfaceId.Bits.CapFIFO != 0) &&
- (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP)) {
+ (InterfaceCapability.Bits.InterfaceVersion == INTERFACE_CAPABILITY_INTERFACE_VERSION_PTP))
+ {
return Tpm2PtpInterfaceFifo;
}
+
return Tpm2PtpInterfaceTis;
}
@@ -452,7 +469,7 @@ Tpm2GetPtpInterface ( **/
UINT8
Tpm2GetIdleByPass (
- IN VOID *Register
+ IN VOID *Register
)
{
PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
@@ -472,24 +489,24 @@ Tpm2GetIdleByPass ( **/
VOID
DumpPtpInfo (
- IN VOID *Register
+ IN VOID *Register
)
{
- PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
- PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
- UINT8 StatusEx;
- UINT16 Vid;
- UINT16 Did;
- UINT8 Rid;
- TPM2_PTP_INTERFACE_TYPE PtpInterface;
+ PTP_CRB_INTERFACE_IDENTIFIER InterfaceId;
+ PTP_FIFO_INTERFACE_CAPABILITY InterfaceCapability;
+ UINT8 StatusEx;
+ UINT16 Vid;
+ UINT16 Did;
+ UINT8 Rid;
+ TPM2_PTP_INTERFACE_TYPE PtpInterface;
if (!Tpm2IsPtpPresence (Register)) {
- return ;
+ return;
}
- InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
+ InterfaceId.Uint32 = MmioRead32 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->InterfaceId);
InterfaceCapability.Uint32 = MmioRead32 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->InterfaceCapability);
- StatusEx = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->StatusEx);
+ StatusEx = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->StatusEx);
//
// Dump InterfaceId Register for PTP
@@ -507,7 +524,8 @@ DumpPtpInfo ( //
DEBUG ((DEBUG_INFO, "InterfaceCapability - 0x%08x\n", InterfaceCapability.Uint32));
if ((InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_TIS) ||
- (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO)) {
+ (InterfaceId.Bits.InterfaceType == PTP_INTERFACE_IDENTIFIER_INTERFACE_TYPE_FIFO))
+ {
DEBUG ((DEBUG_INFO, " InterfaceVersion - 0x%x\n", InterfaceCapability.Bits.InterfaceVersion));
}
@@ -519,26 +537,27 @@ DumpPtpInfo ( DEBUG ((DEBUG_INFO, " TpmFamily - 0x%x\n", (StatusEx & PTP_FIFO_STS_EX_TPM_FAMILY) >> PTP_FIFO_STS_EX_TPM_FAMILY_OFFSET));
}
- Vid = 0xFFFF;
- Did = 0xFFFF;
- Rid = 0xFF;
+ Vid = 0xFFFF;
+ Did = 0xFFFF;
+ Rid = 0xFF;
PtpInterface = GetCachedPtpInterface ();
DEBUG ((DEBUG_INFO, "PtpInterface - %x\n", PtpInterface));
switch (PtpInterface) {
- case Tpm2PtpInterfaceCrb:
- Vid = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Vid);
- Did = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Did);
- Rid = (UINT8)InterfaceId.Bits.Rid;
- break;
- case Tpm2PtpInterfaceFifo:
- case Tpm2PtpInterfaceTis:
- Vid = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Vid);
- Did = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Did);
- Rid = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Rid);
- break;
- default:
- break;
+ case Tpm2PtpInterfaceCrb:
+ Vid = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Vid);
+ Did = MmioRead16 ((UINTN)&((PTP_CRB_REGISTERS *)Register)->Did);
+ Rid = (UINT8)InterfaceId.Bits.Rid;
+ break;
+ case Tpm2PtpInterfaceFifo:
+ case Tpm2PtpInterfaceTis:
+ Vid = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Vid);
+ Did = MmioRead16 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Did);
+ Rid = MmioRead8 ((UINTN)&((PTP_FIFO_REGISTERS *)Register)->Rid);
+ break;
+ default:
+ break;
}
+
DEBUG ((DEBUG_INFO, "VID - 0x%04x\n", Vid));
DEBUG ((DEBUG_INFO, "DID - 0x%04x\n", Did));
DEBUG ((DEBUG_INFO, "RID - 0x%02x\n", Rid));
@@ -559,35 +578,35 @@ DumpPtpInfo ( EFI_STATUS
EFIAPI
DTpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
TPM2_PTP_INTERFACE_TYPE PtpInterface;
PtpInterface = GetCachedPtpInterface ();
switch (PtpInterface) {
- case Tpm2PtpInterfaceCrb:
- return PtpCrbTpmCommand (
- (PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
- InputParameterBlock,
- InputParameterBlockSize,
- OutputParameterBlock,
- OutputParameterBlockSize
- );
- case Tpm2PtpInterfaceFifo:
- case Tpm2PtpInterfaceTis:
- return Tpm2TisTpmCommand (
- (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
- InputParameterBlock,
- InputParameterBlockSize,
- OutputParameterBlock,
- OutputParameterBlockSize
- );
- default:
- return EFI_NOT_FOUND;
+ case Tpm2PtpInterfaceCrb:
+ return PtpCrbTpmCommand (
+ (PTP_CRB_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress),
+ InputParameterBlock,
+ InputParameterBlockSize,
+ OutputParameterBlock,
+ OutputParameterBlockSize
+ );
+ case Tpm2PtpInterfaceFifo:
+ case Tpm2PtpInterfaceTis:
+ return Tpm2TisTpmCommand (
+ (TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress),
+ InputParameterBlock,
+ InputParameterBlockSize,
+ OutputParameterBlock,
+ OutputParameterBlockSize
+ );
+ default:
+ return EFI_NOT_FOUND;
}
}
@@ -608,12 +627,12 @@ DTpm2RequestUseTpm ( PtpInterface = GetCachedPtpInterface ();
switch (PtpInterface) {
- case Tpm2PtpInterfaceCrb:
- return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- case Tpm2PtpInterfaceFifo:
- case Tpm2PtpInterfaceTis:
- return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
- default:
- return EFI_NOT_FOUND;
+ case Tpm2PtpInterfaceCrb:
+ return PtpCrbRequestUseTpm ((PTP_CRB_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ case Tpm2PtpInterfaceFifo:
+ case Tpm2PtpInterfaceTis:
+ return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress));
+ default:
+ return EFI_NOT_FOUND;
}
}
diff --git a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c index a3c84d8ab4..49539b78d8 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c +++ b/SecurityPkg/Library/Tpm2DeviceLibDTpm/Tpm2Tis.c @@ -19,12 +19,12 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <IndustryStandard/TpmTis.h>
-#define TIS_TIMEOUT_MAX (90000 * 1000) // 90s
+#define TIS_TIMEOUT_MAX (90000 * 1000) // 90s
//
// Max TPM command/response length
//
-#define TPMCMDBUFLENGTH 0x500
+#define TPMCMDBUFLENGTH 0x500
/**
Check whether TPM chip exist.
@@ -36,10 +36,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
BOOLEAN
TisPcPresenceCheck (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- UINT8 RegRead;
+ UINT8 RegRead;
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
@@ -58,21 +58,24 @@ TisPcPresenceCheck ( **/
EFI_STATUS
TisPcWaitRegisterBits (
- IN UINT8 *Register,
- IN UINT8 BitSet,
- IN UINT8 BitClear,
- IN UINT32 TimeOut
+ IN UINT8 *Register,
+ IN UINT8 BitSet,
+ IN UINT8 BitClear,
+ IN UINT32 TimeOut
)
{
- UINT8 RegRead;
- UINT32 WaitTime;
+ UINT8 RegRead;
+ UINT32 WaitTime;
- for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
+ for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30) {
RegRead = MmioRead8 ((UINTN)Register);
- if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0)
+ if (((RegRead & BitSet) == BitSet) && ((RegRead & BitClear) == 0)) {
return EFI_SUCCESS;
+ }
+
MicroSecondDelay (30);
}
+
return EFI_TIMEOUT;
}
@@ -89,15 +92,15 @@ TisPcWaitRegisterBits ( **/
EFI_STATUS
TisPcReadBurstCount (
- IN TIS_PC_REGISTERS_PTR TisReg,
- OUT UINT16 *BurstCount
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ OUT UINT16 *BurstCount
)
{
- UINT32 WaitTime;
- UINT8 DataByte0;
- UINT8 DataByte1;
+ UINT32 WaitTime;
+ UINT8 DataByte0;
+ UINT8 DataByte1;
- if (BurstCount == NULL || TisReg == NULL) {
+ if ((BurstCount == NULL) || (TisReg == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -113,6 +116,7 @@ TisPcReadBurstCount ( if (*BurstCount != 0) {
return EFI_SUCCESS;
}
+
MicroSecondDelay (30);
WaitTime += 30;
} while (WaitTime < TIS_TIMEOUT_D);
@@ -132,16 +136,16 @@ TisPcReadBurstCount ( **/
EFI_STATUS
TisPcPrepareCommand (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_READY);
Status = TisPcWaitRegisterBits (
&TisReg->Status,
TIS_PC_STS_READY,
@@ -164,10 +168,10 @@ TisPcPrepareCommand ( **/
EFI_STATUS
TisPcRequestUseTpm (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
@@ -177,7 +181,7 @@ TisPcRequestUseTpm ( return EFI_NOT_FOUND;
}
- MmioWrite8((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
+ MmioWrite8 ((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
Status = TisPcWaitRegisterBits (
&TisReg->Access,
(UINT8)(TIS_PC_ACC_ACTIVE |TIS_PC_VALID),
@@ -204,47 +208,51 @@ TisPcRequestUseTpm ( **/
EFI_STATUS
Tpm2TisTpmCommand (
- IN TIS_PC_REGISTERS_PTR TisReg,
- IN UINT8 *BufferIn,
- IN UINT32 SizeIn,
- IN OUT UINT8 *BufferOut,
- IN OUT UINT32 *SizeOut
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ IN UINT8 *BufferIn,
+ IN UINT32 SizeIn,
+ IN OUT UINT8 *BufferOut,
+ IN OUT UINT32 *SizeOut
)
{
- EFI_STATUS Status;
- UINT16 BurstCount;
- UINT32 Index;
- UINT32 TpmOutSize;
- UINT16 Data16;
- UINT32 Data32;
+ EFI_STATUS Status;
+ UINT16 BurstCount;
+ UINT32 Index;
+ UINT32 TpmOutSize;
+ UINT16 Data16;
+ UINT32 Data32;
DEBUG_CODE_BEGIN ();
- UINTN DebugSize;
+ UINTN DebugSize;
- DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand Send - "));
- if (SizeIn > 0x100) {
- DebugSize = 0x40;
- } else {
- DebugSize = SizeIn;
- }
- for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand Send - "));
+ if (SizeIn > 0x100) {
+ DebugSize = 0x40;
+ } else {
+ DebugSize = SizeIn;
+ }
+
+ for (Index = 0; Index < DebugSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
+ }
+
+ if (DebugSize != SizeIn) {
+ DEBUG ((DEBUG_VERBOSE, "...... "));
+ for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
}
- if (DebugSize != SizeIn) {
- DEBUG ((DEBUG_VERBOSE, "...... "));
- for (Index = SizeIn - 0x20; Index < SizeIn; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferIn[Index]));
- }
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
TpmOutSize = 0;
Status = TisPcPrepareCommand (TisReg);
- if (EFI_ERROR (Status)){
+ if (EFI_ERROR (Status)) {
DEBUG ((DEBUG_ERROR, "Tpm2 is not ready for command!\n"));
return EFI_DEVICE_ERROR;
}
+
//
// Send the command data to Tpm
//
@@ -255,17 +263,19 @@ Tpm2TisTpmCommand ( Status = EFI_DEVICE_ERROR;
goto Exit;
}
- for (; BurstCount > 0 && Index < SizeIn; BurstCount--) {
- MmioWrite8((UINTN)&TisReg->DataFifo, *(BufferIn + Index));
+
+ for ( ; BurstCount > 0 && Index < SizeIn; BurstCount--) {
+ MmioWrite8 ((UINTN)&TisReg->DataFifo, *(BufferIn + Index));
Index++;
}
}
+
//
// Check the Tpm status STS_EXPECT change from 1 to 0
//
Status = TisPcWaitRegisterBits (
&TisReg->Status,
- (UINT8) TIS_PC_VALID,
+ (UINT8)TIS_PC_VALID,
TIS_PC_STS_EXPECT,
TIS_TIMEOUT_C
);
@@ -274,17 +284,18 @@ Tpm2TisTpmCommand ( Status = EFI_BUFFER_TOO_SMALL;
goto Exit;
}
+
//
// Executed the TPM command and waiting for the response data ready
//
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_GO);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_GO);
//
// NOTE: That may take many seconds to minutes for certain commands, such as key generation.
//
Status = TisPcWaitRegisterBits (
&TisReg->Status,
- (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
+ (UINT8)(TIS_PC_VALID | TIS_PC_STS_DATA),
0,
TIS_TIMEOUT_MAX
);
@@ -295,10 +306,10 @@ Tpm2TisTpmCommand ( //
DEBUG ((DEBUG_ERROR, "Wait for Tpm2 response data time out. Trying to cancel the command!!\n"));
- MmioWrite32((UINTN)&TisReg->Status, TIS_PC_STS_CANCEL);
+ MmioWrite32 ((UINTN)&TisReg->Status, TIS_PC_STS_CANCEL);
Status = TisPcWaitRegisterBits (
&TisReg->Status,
- (UINT8) (TIS_PC_VALID | TIS_PC_STS_DATA),
+ (UINT8)(TIS_PC_VALID | TIS_PC_STS_DATA),
0,
TIS_TIMEOUT_B
);
@@ -318,7 +329,7 @@ Tpm2TisTpmCommand ( //
// Get response data header
//
- Index = 0;
+ Index = 0;
BurstCount = 0;
while (Index < sizeof (TPM2_RESPONSE_HEADER)) {
Status = TisPcReadBurstCount (TisReg, &BurstCount);
@@ -326,18 +337,23 @@ Tpm2TisTpmCommand ( Status = EFI_DEVICE_ERROR;
goto Exit;
}
- for (; BurstCount > 0; BurstCount--) {
+
+ for ( ; BurstCount > 0; BurstCount--) {
*(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
Index++;
- if (Index == sizeof (TPM2_RESPONSE_HEADER)) break;
+ if (Index == sizeof (TPM2_RESPONSE_HEADER)) {
+ break;
+ }
}
}
+
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand ReceiveHeader - "));
- for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand ReceiveHeader - "));
+ for (Index = 0; Index < sizeof (TPM2_RESPONSE_HEADER); Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
//
// Check the response data header (tag,parasize and returncode )
@@ -351,17 +367,18 @@ Tpm2TisTpmCommand ( }
CopyMem (&Data32, (BufferOut + 2), sizeof (UINT32));
- TpmOutSize = SwapBytes32 (Data32);
+ TpmOutSize = SwapBytes32 (Data32);
if (*SizeOut < TpmOutSize) {
Status = EFI_BUFFER_TOO_SMALL;
goto Exit;
}
+
*SizeOut = TpmOutSize;
//
// Continue reading the remaining data
//
while ( Index < TpmOutSize ) {
- for (; BurstCount > 0; BurstCount--) {
+ for ( ; BurstCount > 0; BurstCount--) {
*(BufferOut + Index) = MmioRead8 ((UINTN)&TisReg->DataFifo);
Index++;
if (Index == TpmOutSize) {
@@ -369,21 +386,24 @@ Tpm2TisTpmCommand ( goto Exit;
}
}
+
Status = TisPcReadBurstCount (TisReg, &BurstCount);
if (EFI_ERROR (Status)) {
Status = EFI_DEVICE_ERROR;
goto Exit;
}
}
+
Exit:
DEBUG_CODE_BEGIN ();
- DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand Receive - "));
- for (Index = 0; Index < TpmOutSize; Index++) {
- DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
- }
- DEBUG ((DEBUG_VERBOSE, "\n"));
+ DEBUG ((DEBUG_VERBOSE, "Tpm2TisTpmCommand Receive - "));
+ for (Index = 0; Index < TpmOutSize; Index++) {
+ DEBUG ((DEBUG_VERBOSE, "%02x ", BufferOut[Index]));
+ }
+
+ DEBUG ((DEBUG_VERBOSE, "\n"));
DEBUG_CODE_END ();
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_READY);
return Status;
}
@@ -402,14 +422,14 @@ Exit: EFI_STATUS
EFIAPI
DTpm2TisSubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
return Tpm2TisTpmCommand (
- (TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress),
+ (TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress),
InputParameterBlock,
InputParameterBlockSize,
OutputParameterBlock,
@@ -430,5 +450,5 @@ DTpm2TisRequestUseTpm ( VOID
)
{
- return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR) (UINTN) PcdGet64 (PcdTpmBaseAddress));
+ return TisPcRequestUseTpm ((TIS_PC_REGISTERS_PTR)(UINTN)PcdGet64 (PcdTpmBaseAddress));
}
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c index 227aa406bd..de5293ee9e 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterDxe.c @@ -31,15 +31,16 @@ TPM2_DEVICE_INTERFACE mInternalTpm2DeviceInterface; EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
if (mInternalTpm2DeviceInterface.Tpm2SubmitCommand == NULL) {
return EFI_UNSUPPORTED;
}
+
return mInternalTpm2DeviceInterface.Tpm2SubmitCommand (
InputParameterBlockSize,
InputParameterBlock,
@@ -64,6 +65,7 @@ Tpm2RequestUseTpm ( if (mInternalTpm2DeviceInterface.Tpm2RequestUseTpm == NULL) {
return EFI_UNSUPPORTED;
}
+
return mInternalTpm2DeviceInterface.Tpm2RequestUseTpm ();
}
@@ -79,14 +81,14 @@ Tpm2RequestUseTpm ( EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
- IN TPM2_DEVICE_INTERFACE *Tpm2Device
+ IN TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
- if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &Tpm2Device->ProviderGuid)){
+ if (!CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &Tpm2Device->ProviderGuid)) {
DEBUG ((DEBUG_WARN, "WARNING: Tpm2RegisterTpm2DeviceLib - does not support %g registration\n", &Tpm2Device->ProviderGuid));
return EFI_UNSUPPORTED;
}
- CopyMem (&mInternalTpm2DeviceInterface, Tpm2Device, sizeof(mInternalTpm2DeviceInterface));
+ CopyMem (&mInternalTpm2DeviceInterface, Tpm2Device, sizeof (mInternalTpm2DeviceInterface));
return EFI_SUCCESS;
}
diff --git a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c index e24ef08515..1c9f54907f 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c +++ b/SecurityPkg/Library/Tpm2DeviceLibRouter/Tpm2DeviceLibRouterPei.c @@ -15,7 +15,7 @@ SPDX-License-Identifier: BSD-2-Clause-Patent #include <Library/PcdLib.h>
#include <Library/Tpm2DeviceLib.h>
-EFI_GUID mInternalTpm2DeviceInterfaceGuid = {
+EFI_GUID mInternalTpm2DeviceInterfaceGuid = {
0x349cf818, 0xc0ba, 0x4c43, { 0x92, 0x9a, 0xc8, 0xa1, 0xb1, 0xb3, 0xd2, 0x55 }
};
@@ -29,12 +29,13 @@ InternalGetTpm2DeviceInterface ( VOID
)
{
- EFI_HOB_GUID_TYPE *Hob;
+ EFI_HOB_GUID_TYPE *Hob;
Hob = GetFirstGuidHob (&mInternalTpm2DeviceInterfaceGuid);
if (Hob == NULL) {
return NULL;
}
+
return (TPM2_DEVICE_INTERFACE *)(Hob + 1);
}
@@ -53,13 +54,13 @@ InternalGetTpm2DeviceInterface ( EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
- TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
+ TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
Tpm2DeviceInterface = InternalGetTpm2DeviceInterface ();
if (Tpm2DeviceInterface == NULL) {
@@ -87,12 +88,13 @@ Tpm2RequestUseTpm ( VOID
)
{
- TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
+ TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
Tpm2DeviceInterface = InternalGetTpm2DeviceInterface ();
if (Tpm2DeviceInterface == NULL) {
return EFI_UNSUPPORTED;
}
+
return Tpm2DeviceInterface->Tpm2RequestUseTpm ();
}
@@ -108,12 +110,12 @@ Tpm2RequestUseTpm ( EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
- IN TPM2_DEVICE_INTERFACE *Tpm2Device
+ IN TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
- TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
+ TPM2_DEVICE_INTERFACE *Tpm2DeviceInterface;
- if (!CompareGuid (PcdGetPtr(PcdTpmInstanceGuid), &Tpm2Device->ProviderGuid)){
+ if (!CompareGuid (PcdGetPtr (PcdTpmInstanceGuid), &Tpm2Device->ProviderGuid)) {
DEBUG ((DEBUG_WARN, "WARNING: Tpm2RegisterTpm2DeviceLib - does not support %g registration\n", &Tpm2Device->ProviderGuid));
return EFI_UNSUPPORTED;
}
@@ -124,10 +126,10 @@ Tpm2RegisterTpm2DeviceLib ( // In PEI phase, there will be shadow driver dispatched again.
//
DEBUG ((DEBUG_INFO, "Tpm2RegisterTpm2DeviceLib - Override\n"));
- CopyMem (Tpm2DeviceInterface, Tpm2Device, sizeof(*Tpm2Device));
+ CopyMem (Tpm2DeviceInterface, Tpm2Device, sizeof (*Tpm2Device));
return EFI_SUCCESS;
} else {
- Tpm2Device = BuildGuidDataHob (&mInternalTpm2DeviceInterfaceGuid, Tpm2Device, sizeof(*Tpm2Device));
+ Tpm2Device = BuildGuidDataHob (&mInternalTpm2DeviceInterfaceGuid, Tpm2Device, sizeof (*Tpm2Device));
if (Tpm2Device != NULL) {
return EFI_SUCCESS;
} else {
diff --git a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c index 9d12695a62..3c8cf4fa11 100644 --- a/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c +++ b/SecurityPkg/Library/Tpm2DeviceLibTcg2/Tpm2DeviceLibTcg2.c @@ -31,17 +31,17 @@ EFI_TCG2_PROTOCOL *mTcg2Protocol = NULL; EFI_STATUS
EFIAPI
Tpm2SubmitCommand (
- IN UINT32 InputParameterBlockSize,
- IN UINT8 *InputParameterBlock,
- IN OUT UINT32 *OutputParameterBlockSize,
- IN UINT8 *OutputParameterBlock
+ IN UINT32 InputParameterBlockSize,
+ IN UINT8 *InputParameterBlock,
+ IN OUT UINT32 *OutputParameterBlockSize,
+ IN UINT8 *OutputParameterBlock
)
{
- EFI_STATUS Status;
- TPM2_RESPONSE_HEADER *Header;
+ EFI_STATUS Status;
+ TPM2_RESPONSE_HEADER *Header;
if (mTcg2Protocol == NULL) {
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &mTcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&mTcg2Protocol);
if (EFI_ERROR (Status)) {
//
// Tcg2 protocol is not installed. So, TPM2 is not present.
@@ -50,6 +50,7 @@ Tpm2SubmitCommand ( return EFI_NOT_FOUND;
}
}
+
//
// Assume when Tcg2 Protocol is ready, RequestUseTpm already done.
//
@@ -63,7 +64,8 @@ Tpm2SubmitCommand ( if (EFI_ERROR (Status)) {
return Status;
}
- Header = (TPM2_RESPONSE_HEADER *)OutputParameterBlock;
+
+ Header = (TPM2_RESPONSE_HEADER *)OutputParameterBlock;
*OutputParameterBlockSize = SwapBytes32 (Header->paramSize);
return EFI_SUCCESS;
@@ -82,10 +84,10 @@ Tpm2RequestUseTpm ( VOID
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (mTcg2Protocol == NULL) {
- Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **) &mTcg2Protocol);
+ Status = gBS->LocateProtocol (&gEfiTcg2ProtocolGuid, NULL, (VOID **)&mTcg2Protocol);
if (EFI_ERROR (Status)) {
//
// Tcg2 protocol is not installed. So, TPM2 is not present.
@@ -94,6 +96,7 @@ Tpm2RequestUseTpm ( return EFI_NOT_FOUND;
}
}
+
//
// Assume when Tcg2 Protocol is ready, RequestUseTpm already done.
//
@@ -112,7 +115,7 @@ Tpm2RequestUseTpm ( EFI_STATUS
EFIAPI
Tpm2RegisterTpm2DeviceLib (
- IN TPM2_DEVICE_INTERFACE *Tpm2Device
+ IN TPM2_DEVICE_INTERFACE *Tpm2Device
)
{
return EFI_UNSUPPORTED;
diff --git a/SecurityPkg/Library/TpmCommLib/TisPc.c b/SecurityPkg/Library/TpmCommLib/TisPc.c index 533a42e53c..20b5a21b3b 100644 --- a/SecurityPkg/Library/TpmCommLib/TisPc.c +++ b/SecurityPkg/Library/TpmCommLib/TisPc.c @@ -18,10 +18,10 @@ SPDX-License-Identifier: BSD-2-Clause-Patent **/
BOOLEAN
TisPcPresenceCheck (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- UINT8 RegRead;
+ UINT8 RegRead;
RegRead = MmioRead8 ((UINTN)&TisReg->Access);
return (BOOLEAN)(RegRead != (UINT8)-1);
@@ -41,21 +41,24 @@ TisPcPresenceCheck ( EFI_STATUS
EFIAPI
TisPcWaitRegisterBits (
- IN UINT8 *Register,
- IN UINT8 BitSet,
- IN UINT8 BitClear,
- IN UINT32 TimeOut
+ IN UINT8 *Register,
+ IN UINT8 BitSet,
+ IN UINT8 BitClear,
+ IN UINT32 TimeOut
)
{
- UINT8 RegRead;
- UINT32 WaitTime;
+ UINT8 RegRead;
+ UINT32 WaitTime;
- for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30){
+ for (WaitTime = 0; WaitTime < TimeOut; WaitTime += 30) {
RegRead = MmioRead8 ((UINTN)Register);
- if ((RegRead & BitSet) == BitSet && (RegRead & BitClear) == 0)
+ if (((RegRead & BitSet) == BitSet) && ((RegRead & BitClear) == 0)) {
return EFI_SUCCESS;
+ }
+
MicroSecondDelay (30);
}
+
return EFI_TIMEOUT;
}
@@ -73,15 +76,15 @@ TisPcWaitRegisterBits ( EFI_STATUS
EFIAPI
TisPcReadBurstCount (
- IN TIS_PC_REGISTERS_PTR TisReg,
- OUT UINT16 *BurstCount
+ IN TIS_PC_REGISTERS_PTR TisReg,
+ OUT UINT16 *BurstCount
)
{
- UINT32 WaitTime;
- UINT8 DataByte0;
- UINT8 DataByte1;
+ UINT32 WaitTime;
+ UINT8 DataByte0;
+ UINT8 DataByte1;
- if (BurstCount == NULL || TisReg == NULL) {
+ if ((BurstCount == NULL) || (TisReg == NULL)) {
return EFI_INVALID_PARAMETER;
}
@@ -97,6 +100,7 @@ TisPcReadBurstCount ( if (*BurstCount != 0) {
return EFI_SUCCESS;
}
+
MicroSecondDelay (30);
WaitTime += 30;
} while (WaitTime < TIS_TIMEOUT_D);
@@ -117,16 +121,16 @@ TisPcReadBurstCount ( EFI_STATUS
EFIAPI
TisPcPrepareCommand (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
}
- MmioWrite8((UINTN)&TisReg->Status, TIS_PC_STS_READY);
+ MmioWrite8 ((UINTN)&TisReg->Status, TIS_PC_STS_READY);
Status = TisPcWaitRegisterBits (
&TisReg->Status,
TIS_PC_STS_READY,
@@ -150,10 +154,10 @@ TisPcPrepareCommand ( EFI_STATUS
EFIAPI
TisPcRequestUseTpm (
- IN TIS_PC_REGISTERS_PTR TisReg
+ IN TIS_PC_REGISTERS_PTR TisReg
)
{
- EFI_STATUS Status;
+ EFI_STATUS Status;
if (TisReg == NULL) {
return EFI_INVALID_PARAMETER;
@@ -163,7 +167,7 @@ TisPcRequestUseTpm ( return EFI_NOT_FOUND;
}
- MmioWrite8((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
+ MmioWrite8 ((UINTN)&TisReg->Access, TIS_PC_ACC_RQUUSE);
//
// No locality set before, ACCESS_X.activeLocality MUST be valid within TIMEOUT_A
//
diff --git a/SecurityPkg/Library/TpmCommLib/TpmComm.c b/SecurityPkg/Library/TpmCommLib/TpmComm.c index dee64b24ff..5285d72ece 100644 --- a/SecurityPkg/Library/TpmCommLib/TpmComm.c +++ b/SecurityPkg/Library/TpmCommLib/TpmComm.c @@ -21,13 +21,13 @@ SPDX-License-Identifier: BSD-2-Clause-Patent EFI_STATUS
EFIAPI
TpmCommHashAll (
- IN CONST UINT8 *Data,
- IN UINTN DataLen,
- OUT TPM_DIGEST *Digest
+ IN CONST UINT8 *Data,
+ IN UINTN DataLen,
+ OUT TPM_DIGEST *Digest
)
{
- VOID *Sha1Ctx;
- UINTN CtxSize;
+ VOID *Sha1Ctx;
+ UINTN CtxSize;
CtxSize = Sha1GetContextSize ();
Sha1Ctx = AllocatePool (CtxSize);
@@ -41,4 +41,3 @@ TpmCommHashAll ( return EFI_SUCCESS;
}
-
diff --git a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c index 3ddb37cabc..a08def767b 100644 --- a/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c +++ b/SecurityPkg/Library/VariableKeyLibNull/VariableKeyLibNull.c @@ -22,8 +22,8 @@ SPDX-License-Identifier: BSD-2-Clause-Patent EFI_STATUS
EFIAPI
GetVariableKey (
- OUT VOID **VariableKey,
- IN OUT UINTN *VariableKeySize
+ OUT VOID **VariableKey,
+ IN OUT UINTN *VariableKeySize
)
{
ASSERT (FALSE);
@@ -64,4 +64,3 @@ LockVariableKeyInterface ( ASSERT (FALSE);
return EFI_UNSUPPORTED;
}
-
|