From 45500265b3fbb05d98766b82af98f8642a8e5eba Mon Sep 17 00:00:00 2001 From: Michael Kinney Date: Thu, 21 Jan 2016 19:30:14 +0000 Subject: SecurityPkg/TcgPei: Use updated Tpm12CommandLib APIs Use the following new APIs in Tpm12CommandLib and remove duplicate code from TcgPei and TcgDxe: Tpm12Extend() Tpm12PhysicalPresence() Tpm12ContinueSelfTest() Tpm12GetCapabilityFlagPermanent() Tpm12GetCapabilityFlagVolatile() Cc: Chao Zhang Cc: Jiewen Yao Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Michael Kinney Reviewed-by: Chao Zhang Reviewed-by: Jiewen Yao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19728 6f19259b-4bc3-4df7-8a09-765794883524 --- SecurityPkg/Tcg/TcgPei/TcgPei.c | 87 ++++++++---- SecurityPkg/Tcg/TcgPei/TcgPei.inf | 3 +- SecurityPkg/Tcg/TcgPei/TpmComm.c | 272 -------------------------------------- SecurityPkg/Tcg/TcgPei/TpmComm.h | 176 ------------------------ 4 files changed, 61 insertions(+), 477 deletions(-) delete mode 100644 SecurityPkg/Tcg/TcgPei/TpmComm.c delete mode 100644 SecurityPkg/Tcg/TcgPei/TpmComm.h (limited to 'SecurityPkg/Tcg/TcgPei') diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.c b/SecurityPkg/Tcg/TcgPei/TcgPei.c index b3ca64273d..25724a6812 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.c +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.c @@ -38,8 +38,9 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include #include #include - -#include "TpmComm.h" +#include +#include +#include BOOLEAN mImageInMemory = FALSE; @@ -197,6 +198,40 @@ EndofPeiSignalNotifyCallBack ( return EFI_SUCCESS; } +/** +Single function calculates SHA1 digest value for all raw data. It +combines Sha1Init(), Sha1Update() and Sha1Final(). + +@param[in] Data Raw data to be digested. +@param[in] DataLen Size of the raw data. +@param[out] Digest Pointer to a buffer that stores the final digest. + +@retval EFI_SUCCESS Always successfully calculate the final digest. +**/ +EFI_STATUS +EFIAPI +TpmCommHashAll ( + IN CONST UINT8 *Data, + IN UINTN DataLen, + OUT TPM_DIGEST *Digest + ) +{ + VOID *Sha1Ctx; + UINTN CtxSize; + + CtxSize = Sha1GetContextSize (); + Sha1Ctx = AllocatePool (CtxSize); + ASSERT (Sha1Ctx != NULL); + + Sha1Init (Sha1Ctx); + Sha1Update (Sha1Ctx, Data, DataLen); + Sha1Final (Sha1Ctx, (UINT8 *)Digest); + + FreePool (Sha1Ctx); + + return EFI_SUCCESS; +} + /** Do a hash operation on a data buffer, extend a specific TPM PCR with the hash result, and build a GUIDed HOB recording the event which will be passed to the DXE phase and @@ -242,8 +277,7 @@ HashLogExtendEvent ( } } - Status = TpmCommExtend ( - PeiServices, + Status = Tpm12Extend ( &NewEventHdr->Digest, NewEventHdr->PCRIndex, NULL @@ -540,12 +574,11 @@ PhysicalPresencePpiNotifyCallback ( ) { EFI_STATUS Status; + TPM_PERMANENT_FLAGS TpmPermanentFlags; PEI_LOCK_PHYSICAL_PRESENCE_PPI *LockPhysicalPresencePpi; - BOOLEAN LifetimeLock; - BOOLEAN CmdEnable; TPM_PHYSICAL_PRESENCE PhysicalPresenceValue; - Status = TpmCommGetCapability (PeiServices, NULL, &LifetimeLock, &CmdEnable); + Status = Tpm12GetCapabilityFlagPermanent (&TpmPermanentFlags); if (EFI_ERROR (Status)) { return Status; } @@ -553,7 +586,7 @@ PhysicalPresencePpiNotifyCallback ( // // 1. Set physicalPresenceLifetimeLock, physicalPresenceHWEnable and physicalPresenceCMDEnable bit by PCDs. // - if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !LifetimeLock) { + if (PcdGetBool (PcdPhysicalPresenceLifetimeLock) && !TpmPermanentFlags.physicalPresenceLifetimeLock) { // // Lock TPM LifetimeLock is required, and LifetimeLock is not locked yet. // @@ -561,10 +594,10 @@ PhysicalPresencePpiNotifyCallback ( if (PcdGetBool (PcdPhysicalPresenceCmdEnable)) { PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_ENABLE; - CmdEnable = TRUE; + TpmPermanentFlags.physicalPresenceCMDEnable = TRUE; } else { PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_CMD_DISABLE; - CmdEnable = FALSE; + TpmPermanentFlags.physicalPresenceCMDEnable = FALSE; } if (PcdGetBool (PcdPhysicalPresenceHwEnable)) { @@ -573,8 +606,7 @@ PhysicalPresencePpiNotifyCallback ( PhysicalPresenceValue |= TPM_PHYSICAL_PRESENCE_HW_DISABLE; } - Status = TpmCommPhysicalPresence ( - PeiServices, + Status = Tpm12PhysicalPresence ( PhysicalPresenceValue ); if (EFI_ERROR (Status)) { @@ -590,8 +622,8 @@ PhysicalPresencePpiNotifyCallback ( return EFI_SUCCESS; } - if (!CmdEnable) { - if (LifetimeLock) { + if (!TpmPermanentFlags.physicalPresenceCMDEnable) { + if (TpmPermanentFlags.physicalPresenceLifetimeLock) { // // physicalPresenceCMDEnable is locked, can't change. // @@ -602,8 +634,7 @@ PhysicalPresencePpiNotifyCallback ( // Enable physical presence command // It is necessary in order to lock physical presence // - Status = TpmCommPhysicalPresence ( - PeiServices, + Status = Tpm12PhysicalPresence ( TPM_PHYSICAL_PRESENCE_CMD_ENABLE ); if (EFI_ERROR (Status)) { @@ -614,8 +645,7 @@ PhysicalPresencePpiNotifyCallback ( // // Lock physical presence // - Status = TpmCommPhysicalPresence ( - PeiServices, + Status = Tpm12PhysicalPresence ( TPM_PHYSICAL_PRESENCE_LOCK ); return Status; @@ -631,19 +661,18 @@ PhysicalPresencePpiNotifyCallback ( **/ BOOLEAN -EFIAPI IsTpmUsable ( - IN EFI_PEI_SERVICES **PeiServices + VOID ) { - EFI_STATUS Status; - BOOLEAN Deactivated; + EFI_STATUS Status; + TPM_PERMANENT_FLAGS TpmPermanentFlags; - Status = TpmCommGetCapability (PeiServices, &Deactivated, NULL, NULL); + Status = Tpm12GetCapabilityFlagPermanent (&TpmPermanentFlags); if (EFI_ERROR (Status)) { return FALSE; } - return (BOOLEAN)(!Deactivated); + return (BOOLEAN)(!TpmPermanentFlags.deactivated); } /** @@ -682,7 +711,7 @@ PeimEntryMP ( return Status; } - if (IsTpmUsable (PeiServices)) { + if (IsTpmUsable ()) { if (PcdGet8 (PcdTpmScrtmPolicy) == 1) { Status = MeasureCRTMVersion (PeiServices); } @@ -759,7 +788,11 @@ PeimEntryMA ( } if (PcdGet8 (PcdTpmInitializationPolicy) == 1) { - Status = TpmCommStartup ((EFI_PEI_SERVICES**)PeiServices, BootMode); + if (BootMode == BOOT_ON_S3_RESUME) { + Status = Tpm12Startup (TPM_ST_STATE); + } else { + Status = Tpm12Startup (TPM_ST_CLEAR); + } if (EFI_ERROR (Status) ) { goto Done; } @@ -769,7 +802,7 @@ PeimEntryMA ( // TpmSelfTest is optional on S3 path, skip it to save S3 time // if (BootMode != BOOT_ON_S3_RESUME) { - Status = TpmCommContinueSelfTest ((EFI_PEI_SERVICES**)PeiServices); + Status = Tpm12ContinueSelfTest (); if (EFI_ERROR (Status)) { goto Done; } diff --git a/SecurityPkg/Tcg/TcgPei/TcgPei.inf b/SecurityPkg/Tcg/TcgPei/TcgPei.inf index cdee0ab2ec..9a44d8fbda 100644 --- a/SecurityPkg/Tcg/TcgPei/TcgPei.inf +++ b/SecurityPkg/Tcg/TcgPei/TcgPei.inf @@ -34,8 +34,6 @@ [Sources] TcgPei.c - TpmComm.c - TpmComm.h [Packages] MdePkg/MdePkg.dec @@ -57,6 +55,7 @@ PcdLib MemoryAllocationLib ReportStatusCodeLib + Tpm12CommandLib [Guids] gTcgEventEntryHobGuid ## PRODUCES ## HOB diff --git a/SecurityPkg/Tcg/TcgPei/TpmComm.c b/SecurityPkg/Tcg/TcgPei/TpmComm.c deleted file mode 100644 index 1a2156c6eb..0000000000 --- a/SecurityPkg/Tcg/TcgPei/TpmComm.c +++ /dev/null @@ -1,272 +0,0 @@ -/** @file - Utility functions used by TPM PEI driver. - -Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#include "TpmComm.h" - -/** - Send TPM_Startup command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] BootMode Boot mode. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommStartup ( - IN EFI_PEI_SERVICES **PeiServices, - IN EFI_BOOT_MODE BootMode - ) -{ - EFI_STATUS Status; - TPM_STARTUP_TYPE TpmSt; - UINT32 TpmRecvSize; - UINT32 TpmSendSize; - TPM_CMD_START_UP SendBuffer; - UINT8 RecvBuffer[20]; - - TpmSt = TPM_ST_CLEAR; - if (BootMode == BOOT_ON_S3_RESUME) { - TpmSt = TPM_ST_STATE; - } - // - // send Tpm command TPM_ORD_Startup - // - TpmRecvSize = 20; - TpmSendSize = sizeof (TPM_CMD_START_UP); - SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND); - SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize); - SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_Startup); - SendBuffer.TpmSt = SwapBytes16 (TpmSt); - Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer); - return Status; -} - -/** - Send TPM_ContinueSelfTest command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommContinueSelfTest ( - IN EFI_PEI_SERVICES **PeiServices - ) -{ - EFI_STATUS Status; - UINT32 TpmRecvSize; - UINT32 TpmSendSize; - TPM_CMD_SELF_TEST SendBuffer; - UINT8 RecvBuffer[20]; - - // - // send Tpm command TPM_ORD_ContinueSelfTest - // - TpmRecvSize = 20; - TpmSendSize = sizeof (TPM_CMD_SELF_TEST); - SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND); - SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize); - SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_ContinueSelfTest); - Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer); - return Status; -} - -/** - Get TPM capability flags. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[out] Deactivated Returns deactivated flag. - @param[out] LifetimeLock Returns physicalPresenceLifetimeLock permanent flag. - @param[out] CmdEnable Returns physicalPresenceCMDEnable permanent flag. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommGetCapability ( - IN EFI_PEI_SERVICES **PeiServices, - OUT BOOLEAN *Deactivated, OPTIONAL - OUT BOOLEAN *LifetimeLock, OPTIONAL - OUT BOOLEAN *CmdEnable OPTIONAL - ) -{ - EFI_STATUS Status; - UINT32 TpmRecvSize; - UINT32 TpmSendSize; - TPM_CMD_GET_CAPABILITY SendBuffer; - UINT8 RecvBuffer[40]; - TPM_PERMANENT_FLAGS *TpmPermanentFlags; - - // - // send Tpm command TPM_ORD_GetCapability - // - TpmRecvSize = 40; - TpmSendSize = sizeof (TPM_CMD_GET_CAPABILITY); - SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND); - SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize); - SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_GetCapability); - SendBuffer.Capability = SwapBytes32 (TPM_CAP_FLAG); - SendBuffer.CapabilityFlagSize = SwapBytes32 (sizeof (TPM_CAP_FLAG_PERMANENT)); - SendBuffer.CapabilityFlag = SwapBytes32 (TPM_CAP_FLAG_PERMANENT); - Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer); - if (EFI_ERROR (Status)) { - return Status; - } - TpmPermanentFlags = (TPM_PERMANENT_FLAGS *)&RecvBuffer[sizeof (TPM_RSP_COMMAND_HDR) + sizeof (UINT32)]; - if (Deactivated != NULL) { - *Deactivated = TpmPermanentFlags->deactivated; - } - - if (LifetimeLock != NULL) { - *LifetimeLock = TpmPermanentFlags->physicalPresenceLifetimeLock; - } - - if (CmdEnable != NULL) { - *CmdEnable = TpmPermanentFlags->physicalPresenceCMDEnable; - } - return Status; -} - -/** - Extend a TPM PCR. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] DigestToExtend The 160 bit value representing the event to be recorded. - @param[in] PcrIndex The PCR to be updated. - @param[out] NewPcrValue New PCR value after extend. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommExtend ( - IN EFI_PEI_SERVICES **PeiServices, - IN TPM_DIGEST *DigestToExtend, - IN TPM_PCRINDEX PcrIndex, - OUT TPM_DIGEST *NewPcrValue - ) -{ - EFI_STATUS Status; - UINT32 TpmSendSize; - UINT32 TpmRecvSize; - TPM_CMD_EXTEND SendBuffer; - UINT8 RecvBuffer[10 + sizeof(TPM_DIGEST)]; - - // - // send Tpm command TPM_ORD_Extend - // - TpmRecvSize = sizeof (TPM_RSP_COMMAND_HDR) + sizeof (TPM_DIGEST); - TpmSendSize = sizeof (TPM_CMD_EXTEND); - SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND); - SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize); - SendBuffer.Hdr.ordinal = SwapBytes32 (TPM_ORD_Extend); - SendBuffer.PcrIndex = SwapBytes32 (PcrIndex); - CopyMem (&SendBuffer.TpmDigest, (UINT8 *)DigestToExtend, sizeof (TPM_DIGEST)); - Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer); - if (EFI_ERROR (Status)) { - return Status; - } - - if(NewPcrValue != NULL) { - CopyMem ((UINT8*)NewPcrValue, &RecvBuffer[10], sizeof (TPM_DIGEST)); - } - - return Status; -} - - -/** - Send TSC_PhysicalPresence command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] PhysicalPresence The state to set the TPMs Physical Presence flags. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommPhysicalPresence ( - IN EFI_PEI_SERVICES **PeiServices, - IN TPM_PHYSICAL_PRESENCE PhysicalPresence - ) -{ - EFI_STATUS Status; - UINT32 TpmSendSize; - UINT32 TpmRecvSize; - TPM_CMD_PHYSICAL_PRESENCE SendBuffer; - UINT8 RecvBuffer[10]; - - // - // send Tpm command TSC_ORD_PhysicalPresence - // - TpmRecvSize = 10; - TpmSendSize = sizeof (TPM_CMD_PHYSICAL_PRESENCE); - SendBuffer.Hdr.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND); - SendBuffer.Hdr.paramSize = SwapBytes32 (TpmSendSize); - SendBuffer.Hdr.ordinal = SwapBytes32 (TSC_ORD_PhysicalPresence); - SendBuffer.PhysicalPresence = SwapBytes16 (PhysicalPresence); - Status = Tpm12SubmitCommand (TpmSendSize, (UINT8 *)&SendBuffer, &TpmRecvSize, RecvBuffer); - return Status; -} - -/** - Single function calculates SHA1 digest value for all raw data. It - combines Sha1Init(), Sha1Update() and Sha1Final(). - - @param[in] Data Raw data to be digested. - @param[in] DataLen Size of the raw data. - @param[out] Digest Pointer to a buffer that stores the final digest. - - @retval EFI_SUCCESS Always successfully calculate the final digest. -**/ -EFI_STATUS -EFIAPI -TpmCommHashAll ( - IN CONST UINT8 *Data, - IN UINTN DataLen, - OUT TPM_DIGEST *Digest - ) -{ - VOID *Sha1Ctx; - UINTN CtxSize; - - CtxSize = Sha1GetContextSize (); - Sha1Ctx = AllocatePool (CtxSize); - ASSERT (Sha1Ctx != NULL); - - Sha1Init (Sha1Ctx); - Sha1Update (Sha1Ctx, Data, DataLen); - Sha1Final (Sha1Ctx, (UINT8 *)Digest); - - FreePool (Sha1Ctx); - - return EFI_SUCCESS; -} diff --git a/SecurityPkg/Tcg/TcgPei/TpmComm.h b/SecurityPkg/Tcg/TcgPei/TpmComm.h deleted file mode 100644 index 06eefe1410..0000000000 --- a/SecurityPkg/Tcg/TcgPei/TpmComm.h +++ /dev/null @@ -1,176 +0,0 @@ -/** @file - The header file for TPM PEI driver. - -Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.
-This program and the accompanying materials -are licensed and made available under the terms and conditions of the BSD License -which accompanies this distribution. The full text of the license may be found at -http://opensource.org/licenses/bsd-license.php - -THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS, -WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. - -**/ - -#ifndef _TPM_COMM_H_ -#define _TPM_COMM_H_ - -#include -#include -#include -#include -#include -#include -#include -#include - -#pragma pack(1) - -typedef struct { - TPM_RQU_COMMAND_HDR Hdr; - TPM_STARTUP_TYPE TpmSt; -} TPM_CMD_START_UP; - -typedef struct { - TPM_RQU_COMMAND_HDR Hdr; -} TPM_CMD_SELF_TEST; - -typedef struct { - TPM_RQU_COMMAND_HDR Hdr; - UINT32 Capability; - UINT32 CapabilityFlagSize; - UINT32 CapabilityFlag; -} TPM_CMD_GET_CAPABILITY; - -typedef struct { - TPM_RQU_COMMAND_HDR Hdr; - TPM_PCRINDEX PcrIndex; - TPM_DIGEST TpmDigest; -} TPM_CMD_EXTEND; - -typedef struct { - TPM_RQU_COMMAND_HDR Hdr; - TPM_PHYSICAL_PRESENCE PhysicalPresence; -} TPM_CMD_PHYSICAL_PRESENCE; - -#pragma pack() - -/** - Send TPM_Startup command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] BootMode Boot mode. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommStartup ( - IN EFI_PEI_SERVICES **PeiServices, - IN EFI_BOOT_MODE BootMode - ); - -/** - Send TPM_ContinueSelfTest command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommContinueSelfTest ( - IN EFI_PEI_SERVICES **PeiServices - ); - -/** - Get TPM capability flags. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] TpmHandle TPM handle. - @param[out] Deactivated Returns deactivated flag. - @param[out] LifetimeLock Returns physicalPresenceLifetimeLock permanent flag. - @param[out] CmdEnable Returns physicalPresenceCMDEnable permanent flag. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommGetCapability ( - IN EFI_PEI_SERVICES **PeiServices, - OUT BOOLEAN *Deactivated, OPTIONAL - OUT BOOLEAN *LifetimeLock, OPTIONAL - OUT BOOLEAN *CmdEnable OPTIONAL - ); - -/** - Extend a TPM PCR. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] TpmHandle TPM handle. - @param[in] DigestToExtend The 160 bit value representing the event to be recorded. - @param[in] PcrIndex The PCR to be updated. - @param[out] NewPcrValue New PCR value after extend. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommExtend ( - IN EFI_PEI_SERVICES **PeiServices, - IN TPM_DIGEST *DigestToExtend, - IN TPM_PCRINDEX PcrIndex, - OUT TPM_DIGEST *NewPcrValue - ); - - -/** - Send TSC_PhysicalPresence command to TPM. - - @param[in] PeiServices Describes the list of possible PEI Services. - @param[in] TpmHandle TPM handle. - @param[in] PhysicalPresence The state to set the TPMs Physical Presence flags. - - @retval EFI_SUCCESS Operation completed successfully. - @retval EFI_TIMEOUT The register can't run into the expected status in time. - @retval EFI_BUFFER_TOO_SMALL Response data buffer is too small. - @retval EFI_DEVICE_ERROR Unexpected device behavior. - -**/ -EFI_STATUS -TpmCommPhysicalPresence ( - IN EFI_PEI_SERVICES **PeiServices, - IN TPM_PHYSICAL_PRESENCE PhysicalPresence - ); - -/** - Single function calculates SHA1 digest value for all raw data. It - combines Sha1Init(), Sha1Update() and Sha1Final(). - - @param[in] Data Raw data to be digested. - @param[in] DataLen Size of the raw data. - @param[out] Digest Pointer to a buffer that stores the final digest. - - @retval EFI_SUCCESS Always successfully calculate the final digest. -**/ -EFI_STATUS -EFIAPI -TpmCommHashAll ( - IN CONST UINT8 *Data, - IN UINTN DataLen, - OUT TPM_DIGEST *Digest - ); - -#endif // _TPM_COMM_H_ -- cgit v1.2.3