• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 /** @file
2   This library is intended to be used by BDS modules.
3   This library will execute TPM2 request.
4 
5 Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>
6 This program and the accompanying materials
7 are licensed and made available under the terms and conditions of the BSD License
8 which accompanies this distribution.  The full text of the license may be found at
9 http://opensource.org/licenses/bsd-license.php
10 
11 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
12 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
13 
14 **/
15 
16 #ifndef _TCG2_PHYSICAL_PRESENCE_LIB_H_
17 #define _TCG2_PHYSICAL_PRESENCE_LIB_H_
18 
19 #include <IndustryStandard/Tpm20.h>
20 #include <IndustryStandard/TcgPhysicalPresence.h>
21 #include <Protocol/Tcg2Protocol.h>
22 
23 //
24 // UEFI TCG2 library definition bit of the BIOS TPM Management Flags
25 //
26 // BIT0 is reserved
27 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR               BIT1
28 // BIT2 is reserved
29 #define TCG2_LIB_PP_FLAG_RESET_TRACK                                      BIT3
30 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_ON             BIT4
31 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF            BIT5
32 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS          BIT6
33 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS         BIT7
34 
35 //
36 // UEFI TCG2 library definition bit of the BIOS Information Flags
37 //
38 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_STORAGE_DISABLE      BIT8
39 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_ENDORSEMENT_DISABLE  BIT9
40 
41 //
42 // UEFI TCG2 library definition bit of the BIOS Storage Management Flags
43 //
44 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID   BIT16
45 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID  BIT17
46 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID                   BIT18
47 
48 //
49 // Default value
50 //
51 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT  (TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF | \
52                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR | \
53                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS | \
54                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS)
55 
56 //
57 // Default value
58 //
59 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT (TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID | \
60                                                    TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID)
61 
62 /**
63   Check and execute the pending TPM request.
64 
65   The TPM request may come from OS or BIOS. This API will display request information and wait
66   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
67   the TPM request is confirmed, and one or more reset may be required to make TPM request to
68   take effect.
69 
70   This API should be invoked after console in and console out are all ready as they are required
71   to display request information and get user input to confirm the request.
72 
73   @param  PlatformAuth                   platform auth value. NULL means no platform auth change.
74 **/
75 VOID
76 EFIAPI
77 Tcg2PhysicalPresenceLibProcessRequest (
78   IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL
79   );
80 
81 /**
82   Check if the pending TPM request needs user input to confirm.
83 
84   The TPM request may come from OS. This API will check if TPM request exists and need user
85   input to confirmation.
86 
87   @retval    TRUE        TPM needs input to confirm user physical presence.
88   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
89 
90 **/
91 BOOLEAN
92 EFIAPI
93 Tcg2PhysicalPresenceLibNeedUserConfirm (
94   VOID
95   );
96 
97 /**
98   Return TPM2 ManagementFlags set by PP interface.
99 
100   @retval    ManagementFlags    TPM2 Management Flags.
101 **/
102 UINT32
103 EFIAPI
104 Tcg2PhysicalPresenceLibGetManagementFlags (
105   VOID
106   );
107 
108 /**
109   The handler for TPM physical presence function:
110   Return TPM Operation Response to OS Environment.
111 
112   This API should be invoked in OS runtime phase to interface with ACPI method.
113 
114   @param[out]     MostRecentRequest Most recent operation request.
115   @param[out]     Response          Response to the most recent operation request.
116 
117   @return Return Code for Return TPM Operation Response to OS Environment.
118 **/
119 UINT32
120 EFIAPI
121 Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
122   OUT UINT32                *MostRecentRequest,
123   OUT UINT32                *Response
124   );
125 
126 /**
127   The handler for TPM physical presence function:
128   Submit TPM Operation Request to Pre-OS Environment and
129   Submit TPM Operation Request to Pre-OS Environment 2.
130 
131   This API should be invoked in OS runtime phase to interface with ACPI method.
132 
133   Caution: This function may receive untrusted input.
134 
135   @param[in, out]  Pointer to OperationRequest TPM physical presence operation request.
136   @param[in, out]  Pointer to RequestParameter TPM physical presence operation request parameter.
137 
138   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
139         Submit TPM Operation Request to Pre-OS Environment 2.
140   **/
141 UINT32
142 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
143   IN OUT UINT32               *OperationRequest,
144   IN OUT UINT32               *RequestParameter
145   );
146 
147 /**
148   The handler for TPM physical presence function:
149   Submit TPM Operation Request to Pre-OS Environment and
150   Submit TPM Operation Request to Pre-OS Environment 2.
151 
152   This API should be invoked in OS runtime phase to interface with ACPI method.
153 
154   Caution: This function may receive untrusted input.
155 
156   @param[in]      OperationRequest TPM physical presence operation request.
157   @param[in]      RequestParameter TPM physical presence operation request parameter.
158 
159   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
160           Submit TPM Operation Request to Pre-OS Environment 2.
161 **/
162 UINT32
163 EFIAPI
164 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
165   IN UINT32                 OperationRequest,
166   IN UINT32                 RequestParameter
167   );
168 
169 /**
170   The handler for TPM physical presence function:
171   Get User Confirmation Status for Operation.
172 
173   This API should be invoked in OS runtime phase to interface with ACPI method.
174 
175   Caution: This function may receive untrusted input.
176 
177   @param[in]      OperationRequest TPM physical presence operation request.
178 
179   @return Return Code for Get User Confirmation Status for Operation.
180 **/
181 UINT32
182 EFIAPI
183 Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
184   IN UINT32                 OperationRequest
185   );
186 
187 #endif
188