1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
/** @file
Set TPM device type
In SecurityPkg, this module initializes the TPM device type based on a UEFI
variable and/or hardware detection. In OvmfPkg, the module only performs TPM2
hardware detection.
Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
Copyright (C) 2018, Red Hat, Inc.
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
#include <PiPei.h>
#include <Guid/TpmInstance.h>
#include <Library/BaseLib.h>
#include <Library/DebugLib.h>
#include <Library/PeiServicesLib.h>
#include <Library/Tpm2DeviceLib.h>
#include <Library/Tpm12DeviceLib.h>
#include <Ppi/TpmInitialized.h>
STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpmSelectedPpi = {
(EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST),
&gEfiTpmDeviceSelectedGuid,
NULL
};
STATIC CONST EFI_PEI_PPI_DESCRIPTOR mTpmInitializationDonePpiList = {
EFI_PEI_PPI_DESCRIPTOR_PPI | EFI_PEI_PPI_DESCRIPTOR_TERMINATE_LIST,
&gPeiTpmInitializationDonePpiGuid,
NULL
};
#pragma pack (1)
typedef struct {
TPM_RSP_COMMAND_HDR Hdr;
TPM_CURRENT_TICKS CurrentTicks;
} TPM_RSP_GET_TICKS;
#pragma pack ()
/**
Probe for the TPM for 1.2 version, by sending TPM1.2 GetTicks
Sending a TPM1.2 command to a TPM2 should return a TPM1.2
header (tag = 0xc4) and error code (TPM_BADTAG = 0x1e)
**/
static
EFI_STATUS
TestTpm12 (
)
{
EFI_STATUS Status;
TPM_RQU_COMMAND_HDR Command;
TPM_RSP_GET_TICKS Response;
UINT32 Length;
Command.tag = SwapBytes16 (TPM_TAG_RQU_COMMAND);
Command.paramSize = SwapBytes32 (sizeof (Command));
Command.ordinal = SwapBytes32 (TPM_ORD_GetTicks);
Length = sizeof (Response);
Status = Tpm12SubmitCommand (sizeof (Command), (UINT8 *)&Command, &Length, (UINT8 *)&Response);
if (EFI_ERROR (Status)) {
return Status;
}
return EFI_SUCCESS;
}
/**
The entry point for Tcg2 configuration driver.
@param FileHandle Handle of the file being invoked.
@param PeiServices Describes the list of possible PEI Services.
**/
EFI_STATUS
EFIAPI
Tcg2ConfigPeimEntryPoint (
IN EFI_PEI_FILE_HANDLE FileHandle,
IN CONST EFI_PEI_SERVICES **PeiServices
)
{
UINTN Size;
EFI_STATUS Status;
DEBUG ((DEBUG_INFO, "%a\n", __FUNCTION__));
Status = Tpm12RequestUseTpm ();
if (!EFI_ERROR (Status) && !EFI_ERROR (TestTpm12 ())) {
DEBUG ((DEBUG_INFO, "%a: TPM1.2 detected\n", __FUNCTION__));
Size = sizeof (gEfiTpmDeviceInstanceTpm12Guid);
Status = PcdSetPtrS (
PcdTpmInstanceGuid,
&Size,
&gEfiTpmDeviceInstanceTpm12Guid
);
ASSERT_EFI_ERROR (Status);
} else {
Status = Tpm2RequestUseTpm ();
if (!EFI_ERROR (Status)) {
DEBUG ((DEBUG_INFO, "%a: TPM2 detected\n", __FUNCTION__));
Size = sizeof (gEfiTpmDeviceInstanceTpm20DtpmGuid);
Status = PcdSetPtrS (
PcdTpmInstanceGuid,
&Size,
&gEfiTpmDeviceInstanceTpm20DtpmGuid
);
ASSERT_EFI_ERROR (Status);
} else {
DEBUG ((DEBUG_INFO, "%a: no TPM detected\n", __FUNCTION__));
//
// If no TPM2 was detected, we still need to install
// TpmInitializationDonePpi. Namely, Tcg2Pei will exit early upon seeing
// the default (all-bits-zero) contents of PcdTpmInstanceGuid, thus we have
// to install the PPI in its place, in order to unblock any dependent
// PEIMs.
//
Status = PeiServicesInstallPpi (&mTpmInitializationDonePpiList);
ASSERT_EFI_ERROR (Status);
}
}
//
// Selection done
//
Status = PeiServicesInstallPpi (&mTpmSelectedPpi);
ASSERT_EFI_ERROR (Status);
return Status;
}
|
