1 /** @file 2 TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final and 3 TCG PC Client Platform Firmware Profile Specification, Revision 1.06 4 5 Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.<BR> 6 SPDX-License-Identifier: BSD-2-Clause-Patent 7 8 **/ 9 10 #ifndef __UEFI_TCG_PLATFORM_H__ 11 #define __UEFI_TCG_PLATFORM_H__ 12 13 #include <IndustryStandard/Tpm12.h> 14 #include <IndustryStandard/Tpm20.h> 15 #include <Uefi.h> 16 17 // 18 // Standard event types 19 // 20 #define EV_PREBOOT_CERT ((TCG_EVENTTYPE) 0x00000000) 21 #define EV_POST_CODE ((TCG_EVENTTYPE) 0x00000001) 22 #define EV_NO_ACTION ((TCG_EVENTTYPE) 0x00000003) 23 #define EV_SEPARATOR ((TCG_EVENTTYPE) 0x00000004) 24 #define EV_ACTION ((TCG_EVENTTYPE) 0x00000005) 25 #define EV_EVENT_TAG ((TCG_EVENTTYPE) 0x00000006) 26 #define EV_S_CRTM_CONTENTS ((TCG_EVENTTYPE) 0x00000007) 27 #define EV_S_CRTM_VERSION ((TCG_EVENTTYPE) 0x00000008) 28 #define EV_CPU_MICROCODE ((TCG_EVENTTYPE) 0x00000009) 29 #define EV_PLATFORM_CONFIG_FLAGS ((TCG_EVENTTYPE) 0x0000000A) 30 #define EV_TABLE_OF_DEVICES ((TCG_EVENTTYPE) 0x0000000B) 31 #define EV_COMPACT_HASH ((TCG_EVENTTYPE) 0x0000000C) 32 #define EV_NONHOST_CODE ((TCG_EVENTTYPE) 0x0000000F) 33 #define EV_NONHOST_CONFIG ((TCG_EVENTTYPE) 0x00000010) 34 #define EV_NONHOST_INFO ((TCG_EVENTTYPE) 0x00000011) 35 #define EV_OMIT_BOOT_DEVICE_EVENTS ((TCG_EVENTTYPE) 0x00000012) 36 37 // 38 // EFI specific event types 39 // 40 #define EV_EFI_EVENT_BASE ((TCG_EVENTTYPE) 0x80000000) 41 #define EV_EFI_VARIABLE_DRIVER_CONFIG (EV_EFI_EVENT_BASE + 1) 42 #define EV_EFI_VARIABLE_BOOT (EV_EFI_EVENT_BASE + 2) 43 #define EV_EFI_BOOT_SERVICES_APPLICATION (EV_EFI_EVENT_BASE + 3) 44 #define EV_EFI_BOOT_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 4) 45 #define EV_EFI_RUNTIME_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 5) 46 #define EV_EFI_GPT_EVENT (EV_EFI_EVENT_BASE + 6) 47 #define EV_EFI_ACTION (EV_EFI_EVENT_BASE + 7) 48 #define EV_EFI_PLATFORM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 8) 49 #define EV_EFI_HANDOFF_TABLES (EV_EFI_EVENT_BASE + 9) 50 #define EV_EFI_PLATFORM_FIRMWARE_BLOB2 (EV_EFI_EVENT_BASE + 0xA) 51 #define EV_EFI_HANDOFF_TABLES2 (EV_EFI_EVENT_BASE + 0xB) 52 #define EV_EFI_HCRTM_EVENT (EV_EFI_EVENT_BASE + 0x10) 53 #define EV_EFI_VARIABLE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE0) 54 #define EV_EFI_SPDM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 0xE1) 55 #define EV_EFI_SPDM_FIRMWARE_CONFIG (EV_EFI_EVENT_BASE + 0xE2) 56 #define EV_EFI_SPDM_DEVICE_BLOB EV_EFI_SPDM_FIRMWARE_BLOB 57 #define EV_EFI_SPDM_DEVICE_CONFIG EV_EFI_SPDM_FIRMWARE_CONFIG 58 // 59 // The SPDM policy database for SPDM verification. 60 // It goes to PCR7 61 // 62 #define EV_EFI_SPDM_DEVICE_POLICY (EV_EFI_EVENT_BASE + 0xE3) 63 // 64 // The SPDM policy authority for SPDM verification for the signature 65 // of GET_MEASUREMENT or CHALLENGE_AUTH. It goes to PCR7. 66 // 67 #define EV_EFI_SPDM_DEVICE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE4) 68 69 #define EFI_CALLING_EFI_APPLICATION \ 70 "Calling EFI Application from Boot Option" 71 #define EFI_RETURNING_FROM_EFI_APPLICATION \ 72 "Returning from EFI Application from Boot Option" 73 #define EFI_EXIT_BOOT_SERVICES_INVOCATION \ 74 "Exit Boot Services Invocation" 75 #define EFI_EXIT_BOOT_SERVICES_FAILED \ 76 "Exit Boot Services Returned with Failure" 77 #define EFI_EXIT_BOOT_SERVICES_SUCCEEDED \ 78 "Exit Boot Services Returned with Success" 79 80 #define EV_POSTCODE_INFO_POST_CODE "POST CODE" 81 #define POST_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_POST_CODE) - 1) 82 83 #define EV_POSTCODE_INFO_SMM_CODE "SMM CODE" 84 #define SMM_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_SMM_CODE) - 1) 85 86 #define EV_POSTCODE_INFO_ACPI_DATA "ACPI DATA" 87 #define ACPI_DATA_LEN (sizeof(EV_POSTCODE_INFO_ACPI_DATA) - 1) 88 89 #define EV_POSTCODE_INFO_BIS_CODE "BIS CODE" 90 #define BIS_CODE_LEN (sizeof(EV_POSTCODE_INFO_BIS_CODE) - 1) 91 92 #define EV_POSTCODE_INFO_UEFI_PI "UEFI PI" 93 #define UEFI_PI_LEN (sizeof(EV_POSTCODE_INFO_UEFI_PI) - 1) 94 95 #define EV_POSTCODE_INFO_OPROM "Embedded Option ROM" 96 #define OPROM_LEN (sizeof(EV_POSTCODE_INFO_OPROM) - 1) 97 98 #define EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER "Embedded UEFI Driver" 99 #define EMBEDDED_UEFI_DRIVER_LEN (sizeof(EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER) - 1) 100 101 #define FIRMWARE_DEBUGGER_EVENT_STRING "UEFI Debug Mode" 102 #define FIRMWARE_DEBUGGER_EVENT_STRING_LEN (sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1) 103 104 // 105 // Set structure alignment to 1-byte 106 // 107 #pragma pack (1) 108 109 typedef UINT32 TCG_EVENTTYPE; 110 typedef TPM_PCRINDEX TCG_PCRINDEX; 111 typedef TPM_DIGEST TCG_DIGEST; 112 /// 113 /// Event Log Entry Structure Definition 114 /// 115 typedef struct tdTCG_PCR_EVENT { 116 TCG_PCRINDEX PCRIndex; ///< PCRIndex event extended to 117 TCG_EVENTTYPE EventType; ///< TCG EFI event type 118 TCG_DIGEST Digest; ///< Value extended into PCRIndex 119 UINT32 EventSize; ///< Size of the event data 120 UINT8 Event[1]; ///< The event data 121 } TCG_PCR_EVENT; 122 123 #define TSS_EVENT_DATA_MAX_SIZE 256 124 125 /// 126 /// TCG_PCR_EVENT_HDR 127 /// 128 typedef struct tdTCG_PCR_EVENT_HDR { 129 TCG_PCRINDEX PCRIndex; 130 TCG_EVENTTYPE EventType; 131 TCG_DIGEST Digest; 132 UINT32 EventSize; 133 } TCG_PCR_EVENT_HDR; 134 135 /// 136 /// EFI_PLATFORM_FIRMWARE_BLOB 137 /// 138 /// BlobLength should be of type UINTN but we use UINT64 here 139 /// because PEI is 32-bit while DXE is 64-bit on x64 platforms 140 /// 141 typedef struct tdEFI_PLATFORM_FIRMWARE_BLOB { 142 EFI_PHYSICAL_ADDRESS BlobBase; 143 UINT64 BlobLength; 144 } EFI_PLATFORM_FIRMWARE_BLOB; 145 146 /// 147 /// UEFI_PLATFORM_FIRMWARE_BLOB 148 /// 149 /// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB 150 /// event to facilitate the measurement of firmware volume. 151 /// 152 typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB { 153 EFI_PHYSICAL_ADDRESS BlobBase; 154 UINT64 BlobLength; 155 } UEFI_PLATFORM_FIRMWARE_BLOB; 156 157 /// 158 /// UEFI_PLATFORM_FIRMWARE_BLOB2 159 /// 160 /// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB2 161 /// event to facilitate the measurement of firmware volume. 162 /// 163 typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB2 { 164 UINT8 BlobDescriptionSize; 165 // UINT8 BlobDescription[BlobDescriptionSize]; 166 // EFI_PHYSICAL_ADDRESS BlobBase; 167 // UINT64 BlobLength; 168 } UEFI_PLATFORM_FIRMWARE_BLOB2; 169 170 /// 171 /// EFI_IMAGE_LOAD_EVENT 172 /// 173 /// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION, 174 /// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER 175 /// 176 typedef struct tdEFI_IMAGE_LOAD_EVENT { 177 EFI_PHYSICAL_ADDRESS ImageLocationInMemory; 178 UINTN ImageLengthInMemory; 179 UINTN ImageLinkTimeAddress; 180 UINTN LengthOfDevicePath; 181 EFI_DEVICE_PATH_PROTOCOL DevicePath[1]; 182 } EFI_IMAGE_LOAD_EVENT; 183 184 /// 185 /// UEFI_IMAGE_LOAD_EVENT 186 /// 187 /// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION, 188 /// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER 189 /// 190 typedef struct tdUEFI_IMAGE_LOAD_EVENT { 191 EFI_PHYSICAL_ADDRESS ImageLocationInMemory; 192 UINT64 ImageLengthInMemory; 193 UINT64 ImageLinkTimeAddress; 194 UINT64 LengthOfDevicePath; 195 EFI_DEVICE_PATH_PROTOCOL DevicePath[1]; 196 } UEFI_IMAGE_LOAD_EVENT; 197 198 /// 199 /// EFI_HANDOFF_TABLE_POINTERS 200 /// 201 /// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate 202 /// the measurement of given configuration tables. 203 /// 204 typedef struct tdEFI_HANDOFF_TABLE_POINTERS { 205 UINTN NumberOfTables; 206 EFI_CONFIGURATION_TABLE TableEntry[1]; 207 } EFI_HANDOFF_TABLE_POINTERS; 208 209 /// 210 /// UEFI_HANDOFF_TABLE_POINTERS 211 /// 212 /// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate 213 /// the measurement of given configuration tables. 214 /// 215 typedef struct tdUEFI_HANDOFF_TABLE_POINTERS { 216 UINT64 NumberOfTables; 217 EFI_CONFIGURATION_TABLE TableEntry[1]; 218 } UEFI_HANDOFF_TABLE_POINTERS; 219 220 /// 221 /// UEFI_HANDOFF_TABLE_POINTERS2 222 /// 223 /// This structure is used in EV_EFI_HANDOFF_TABLES2 event to facilitate 224 /// the measurement of given configuration tables. 225 /// 226 typedef struct tdUEFI_HANDOFF_TABLE_POINTERS2 { 227 UINT8 TableDescriptionSize; 228 // UINT8 TableDescription[TableDescriptionSize]; 229 // UINT64 NumberOfTables; 230 // EFI_CONFIGURATION_TABLE TableEntry[1]; 231 } UEFI_HANDOFF_TABLE_POINTERS2; 232 233 /// 234 /// EFI_VARIABLE_DATA 235 /// 236 /// This structure serves as the header for measuring variables. The name of the 237 /// variable (in Unicode format) should immediately follow, then the variable 238 /// data. 239 /// This is defined in TCG EFI Platform Spec for TPM1.1 or 1.2 V1.22 240 /// 241 typedef struct tdEFI_VARIABLE_DATA { 242 EFI_GUID VariableName; 243 UINTN UnicodeNameLength; 244 UINTN VariableDataLength; 245 CHAR16 UnicodeName[1]; 246 INT8 VariableData[1]; ///< Driver or platform-specific data 247 } EFI_VARIABLE_DATA; 248 249 /// 250 /// UEFI_VARIABLE_DATA 251 /// 252 /// This structure serves as the header for measuring variables. The name of the 253 /// variable (in Unicode format) should immediately follow, then the variable 254 /// data. 255 /// This is defined in TCG PC Client Firmware Profile Spec 00.21 256 /// 257 typedef struct tdUEFI_VARIABLE_DATA { 258 EFI_GUID VariableName; 259 UINT64 UnicodeNameLength; 260 UINT64 VariableDataLength; 261 CHAR16 UnicodeName[1]; 262 INT8 VariableData[1]; ///< Driver or platform-specific data 263 } UEFI_VARIABLE_DATA; 264 265 // 266 // For TrEE1.0 compatibility 267 // 268 typedef struct { 269 EFI_GUID VariableName; 270 UINT64 UnicodeNameLength; // The TCG Definition used UINTN 271 UINT64 VariableDataLength; // The TCG Definition used UINTN 272 CHAR16 UnicodeName[1]; 273 INT8 VariableData[1]; 274 } EFI_VARIABLE_DATA_TREE; 275 276 typedef struct tdEFI_GPT_DATA { 277 EFI_PARTITION_TABLE_HEADER EfiPartitionHeader; 278 UINTN NumberOfPartitions; 279 EFI_PARTITION_ENTRY Partitions[1]; 280 } EFI_GPT_DATA; 281 282 typedef struct tdUEFI_GPT_DATA { 283 EFI_PARTITION_TABLE_HEADER EfiPartitionHeader; 284 UINT64 NumberOfPartitions; 285 EFI_PARTITION_ENTRY Partitions[1]; 286 } UEFI_GPT_DATA; 287 288 #define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE "SPDM Device Sec" 289 #define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION 1 290 291 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL 0 292 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI 1 293 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB 2 294 295 /// 296 /// TCG_DEVICE_SECURITY_EVENT_DATA_HEADER 297 /// This is the header of TCG_DEVICE_SECURITY_EVENT_DATA, which is 298 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 299 /// 300 typedef struct { 301 UINT8 Signature[16]; 302 UINT16 Version; 303 UINT16 Length; 304 UINT32 SpdmHashAlgo; 305 UINT32 DeviceType; 306 // SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock; 307 } TCG_DEVICE_SECURITY_EVENT_DATA_HEADER; 308 309 #define TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION 0 310 311 /// 312 /// TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT 313 /// This is the PCI context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is 314 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 315 /// 316 typedef struct { 317 UINT16 Version; 318 UINT16 Length; 319 UINT16 VendorId; 320 UINT16 DeviceId; 321 UINT8 RevisionID; 322 UINT8 ClassCode[3]; 323 UINT16 SubsystemVendorID; 324 UINT16 SubsystemID; 325 } TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT; 326 327 #define TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT_VERSION 0 328 329 /// 330 /// TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT 331 /// This is the USB context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is 332 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 333 /// 334 typedef struct { 335 UINT16 Version; 336 UINT16 Length; 337 // UINT8 DeviceDescriptor[DescLen]; 338 // UINT8 BodDescriptor[DescLen]; 339 // UINT8 ConfigurationDescriptor[DescLen][NumOfConfiguration]; 340 } TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT; 341 342 // 343 // Crypto Agile Log Entry Format 344 // 345 typedef struct tdTCG_PCR_EVENT2 { 346 TCG_PCRINDEX PCRIndex; 347 TCG_EVENTTYPE EventType; 348 TPML_DIGEST_VALUES Digest; 349 UINT32 EventSize; 350 UINT8 Event[1]; 351 } TCG_PCR_EVENT2; 352 353 // 354 // TCG PCR Event2 Header 355 // Follow TCG EFI Protocol Spec 5.2 Crypto Agile Log Entry Format 356 // 357 typedef struct tdTCG_PCR_EVENT2_HDR { 358 TCG_PCRINDEX PCRIndex; 359 TCG_EVENTTYPE EventType; 360 TPML_DIGEST_VALUES Digests; 361 UINT32 EventSize; 362 } TCG_PCR_EVENT2_HDR; 363 364 // 365 // Log Header Entry Data 366 // 367 typedef struct { 368 // 369 // TCG defined hashing algorithm ID. 370 // 371 UINT16 algorithmId; 372 // 373 // The size of the digest for the respective hashing algorithm. 374 // 375 UINT16 digestSize; 376 } TCG_EfiSpecIdEventAlgorithmSize; 377 378 #define TCG_EfiSpecIDEventStruct_SIGNATURE_02 "Spec ID Event02" 379 #define TCG_EfiSpecIDEventStruct_SIGNATURE_03 "Spec ID Event03" 380 381 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM12 1 382 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM12 2 383 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM12 2 384 385 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2 2 386 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2 0 387 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2 0 388 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105 105 389 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_106 106 390 391 typedef struct { 392 UINT8 signature[16]; 393 // 394 // The value for the Platform Class. 395 // The enumeration is defined in the TCG ACPI Specification Client Common Header. 396 // 397 UINT32 platformClass; 398 // 399 // The TCG EFI Platform Specification minor version number this BIOS supports. 400 // Any BIOS supporting version (1.22) MUST set this value to 02h. 401 // Any BIOS supporting version (2.0) SHALL set this value to 0x00. 402 // 403 UINT8 specVersionMinor; 404 // 405 // The TCG EFI Platform Specification major version number this BIOS supports. 406 // Any BIOS supporting version (1.22) MUST set this value to 01h. 407 // Any BIOS supporting version (2.0) SHALL set this value to 0x02. 408 // 409 UINT8 specVersionMajor; 410 // 411 // The TCG EFI Platform Specification errata for this specification this BIOS supports. 412 // Any BIOS supporting version and errata (1.22) MUST set this value to 02h. 413 // Any BIOS supporting version and errata (2.0) SHALL set this value to 0x00. 414 // 415 UINT8 specErrata; 416 // 417 // Specifies the size of the UINTN fields used in various data structures used in this specification. 418 // 0x01 indicates UINT32 and 0x02 indicates UINT64. 419 // 420 UINT8 uintnSize; 421 // 422 // This field is added in "Spec ID Event03". 423 // The number of hashing algorithms used in this event log (except the first event). 424 // All events in this event log use all hashing algorithms defined here. 425 // 426 UINT32 numberOfAlgorithms; 427 // 428 // This field is added in "Spec ID Event03". 429 // An array of size numberOfAlgorithms of value pairs. 430 // 431 //TCG_EfiSpecIdEventAlgorithmSize digestSize[numberOfAlgorithms]; 432 TCG_EfiSpecIdEventAlgorithmSize digestSize[]; 433 // 434 // Size in bytes of the VendorInfo field. 435 // Maximum value SHALL be FFh bytes. 436 // 437 //UINT8 vendorInfoSize; 438 // 439 // Provided for use by the BIOS implementer. 440 // The value might be used, for example, to provide more detailed information about the specific BIOS such as BIOS revision numbers, etc. 441 // The values within this field are not standardized and are implementer-specific. 442 // Platform-specific or -unique information SHALL NOT be provided in this field. 443 // 444 //UINT8 vendorInfo[vendorInfoSize]; 445 } TCG_EfiSpecIDEventStruct; 446 447 typedef struct tdTCG_PCClientTaggedEvent { 448 UINT32 taggedEventID; 449 UINT32 taggedEventDataSize; 450 // UINT8 taggedEventData[taggedEventDataSize]; 451 } TCG_PCClientTaggedEvent; 452 453 #define TCG_Sp800_155_PlatformId_Event_SIGNATURE "SP800-155 Event" 454 #define TCG_Sp800_155_PlatformId_Event2_SIGNATURE "SP800-155 Event2" 455 #define TCG_Sp800_155_PlatformId_Event3_SIGNATURE "SP800-155 Event3" 456 457 typedef struct tdTCG_Sp800_155_PlatformId_Event2 { 458 UINT8 Signature[16]; 459 // 460 // Where Vendor ID is an integer defined 461 // at http://www.iana.org/assignments/enterprisenumbers 462 // 463 UINT32 VendorId; 464 // 465 // 16-byte identifier of a given platform's static configuration of code 466 // 467 EFI_GUID ReferenceManifestGuid; 468 // 469 // Below structure is newly added in TCG_Sp800_155_PlatformId_Event2. 470 // 471 // UINT8 PlatformManufacturerStrSize; 472 // UINT8 PlatformManufacturerStr[PlatformManufacturerStrSize]; 473 // UINT8 PlatformModelSize; 474 // UINT8 PlatformModel[PlatformModelSize]; 475 // UINT8 PlatformVersionSize; 476 // UINT8 PlatformVersion[PlatformVersionSize]; 477 // UINT8 FirmwareManufacturerStrSize; 478 // UINT8 FirmwareManufacturerStr[FirmwareManufacturerStrSize]; 479 // UINT32 FirmwareManufacturerId; 480 // UINT8 FirmwareVersion; 481 // UINT8 FirmwareVersion[FirmwareVersionSize]; 482 } TCG_Sp800_155_PlatformId_Event2; 483 484 typedef struct tdTCG_Sp800_155_PlatformId_Event3 { 485 UINT8 Signature[16]; 486 // 487 // Where Vendor ID is an integer defined 488 // at http://www.iana.org/assignments/enterprisenumbers 489 // 490 UINT32 VendorId; 491 // 492 // 16-byte identifier of a given platform's static configuration of code 493 // 494 EFI_GUID ReferenceManifestGuid; 495 // UINT8 PlatformManufacturerStrSize; 496 // UINT8 PlatformManufacturerStr[PlatformManufacturerStrSize]; 497 // UINT8 PlatformModelSize; 498 // UINT8 PlatformModel[PlatformModelSize]; 499 // UINT8 PlatformVersionSize; 500 // UINT8 PlatformVersion[PlatformVersionSize]; 501 // UINT8 FirmwareManufacturerStrSize; 502 // UINT8 FirmwareManufacturerStr[FirmwareManufacturerStrSize]; 503 // UINT32 FirmwareManufacturerId; 504 // UINT8 FirmwareVersion; 505 // UINT8 FirmwareVersion[FirmwareVersionSize]; 506 // 507 // Below structure is newly added in TCG_Sp800_155_PlatformId_Event3 508 // 509 // UINT32 RimLocatorType; 510 // UINT32 RimLocatorLength; 511 // UINT8 RimLocator[RimLocatorLength]; 512 // UINT32 PlatformCertLocatorType; 513 // UINT32 PlatformCertLocatorLength; 514 // UINT8 PlatformCertLocator[PlatformCertLocatorLength]; 515 } TCG_Sp800_155_PlatformId_Event3; 516 517 /** 518 * TCG specifies a locator type with the following values 519 * 0 - Raw data in the locator itself. 520 * 1 - URI in rtf2396 format. 521 * 2 - local device path in EFI_DEVICE_PATH_PROTOCOL format. 522 * 3 - UEFI variable (16 byte EFI_GUID, then 00-terminated UCS2 string) 523 **/ 524 #define TCG_LOCATOR_TYPE_RAW_DATA 0 525 #define TCG_LOCATOR_TYPE_URI 1 526 #define TCG_LOCATOR_TYPE_DEVICE_PATH 2 527 #define TCG_LOCATOR_TYPE_UEFI_VARIABLE 3 528 529 #define TCG_EfiStartupLocalityEvent_SIGNATURE "StartupLocality" 530 531 // 532 // The Locality Indicator which sent the TPM2_Startup command 533 // 534 #define LOCALITY_0_INDICATOR 0x00 535 #define LOCALITY_3_INDICATOR 0x03 536 537 // 538 // Startup Locality Event 539 // 540 typedef struct tdTCG_EfiStartupLocalityEvent { 541 UINT8 Signature[16]; 542 // 543 // The Locality Indicator which sent the TPM2_Startup command 544 // 545 UINT8 StartupLocality; 546 } TCG_EfiStartupLocalityEvent; 547 548 // 549 // Restore original structure alignment 550 // 551 #pragma pack () 552 553 // 554 // ====================================================================================================================== 555 // Event Type PCR Event Log Usage 556 // ====================================================================================================================== 557 // EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device 558 // EV_EFI_SPDM_DEVICE_CONFIG 3 SPDM_MEASUREMENT_BLOCK (subtype) MEASUREMENT from device 559 // EV_EFI_SPDM_DEVICE_BLOB 2 SPDM_MEASUREMENT_SUMMARY_HASH.TCB (subtype) SUMMARY_HASH from device 560 561 // EV_EFI_SPDM_DEVICE_POLICY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_LIST Provisioned device public cert. 562 // EV_EFI_SPDM_DEVICE_AUTHORITY 7 UEFI_VARIABLE_DATA with EFI_SIGNATURE_DATA CHALLENGE_AUTH signature verification 563 // ====================================================================================================================== 564 // 565 566 #define PCR_INDEX_FOR_SIGNATURE_DB 7 567 568 #pragma pack(1) 569 570 #define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_1 1 571 #define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_2 2 572 #define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE_2 "SPDM Device Sec2" 573 574 typedef struct { 575 UINT8 Signature[16]; 576 UINT16 Version; 577 UINT8 AuthState; 578 UINT8 Reserved; 579 UINT32 Length; // Length in bytes for all following structures. 580 UINT32 DeviceType; 581 UINT32 SubHeaderType; 582 UINT32 SubHeaderLength; // Length in bytes of the sub header followed by. 583 UINT64 SubHeaderUID; // Universal identifier assigned by the event log creator. It can be used to bind two sub header structure together. 584 // UINT64 DevicePathLength; 585 // UINT8 DevicePath[DevicePathLength]; 586 } TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2; 587 588 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_SUCCESS 0 589 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_AUTH 1 590 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_BINDING 2 591 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_NO_SIG 3 592 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_INVALID 4 593 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_SPDM 0xFF 594 595 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_MEASUREMENT_BLOCK 0 596 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_CERT_CHAIN 1 597 598 typedef struct { 599 UINT16 SpdmVersion; 600 UINT8 SpdmMeasurementBlockCount; 601 UINT8 Reserved; 602 UINT32 SpdmMeasurementHashAlgo; 603 // SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock; 604 } TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK; 605 606 typedef struct { 607 UINT16 SpdmVersion; 608 UINT8 SpdmSlotId; 609 UINT8 Reserved; 610 UINT32 SpdmHashAlgo; 611 // SPDM_CERT_CHAIN SpdmCertChain; 612 } TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN; 613 614 typedef struct { 615 UINT32 Type; 616 UINT32 Length; 617 UINT8 Value[1]; 618 } TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT; 619 620 typedef union { 621 TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock; 622 TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN SpdmCertChain; 623 TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT OemMeasurement; 624 } TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER; 625 626 typedef union { 627 TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT Pci; 628 TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT Usb; 629 } TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT; 630 631 typedef struct { 632 TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2 EventDataHeader; 633 TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER EventDataSubHeader; 634 TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT DeviceContext; 635 } TCG_DEVICE_SECURITY_EVENT_DATA2; 636 637 #pragma pack() 638 639 // 640 // EventType:EV_NO_ACTION 641 // ====================================================================================================================== 642 // NVIndex Name PCR/NvIndex Event Log Usage 643 // ====================================================================================================================== 644 // NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200 NV_INDEX_INSTANCE_EVENT_LOG_STRUCT NV Extend Record for instance data (CertChain) 645 // NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201 NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT NV Extend Record for dynamic data (Nonce) 646 647 // EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ExitPmAuth 648 // EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203 EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT Event Log Integrity for ReadyToBoot 649 // ====================================================================================================================== 650 // 651 652 #define TCG_NV_EXTEND_INDEX_FOR_INSTANCE 0x01C40200 653 #define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC 0x01C40201 654 #define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH 0x01C40202 655 #define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT 0x01C40203 656 657 #pragma pack(1) 658 659 #define TCG_NV_EXTEND_INDEX_FOR_INSTANCE_SIGNATURE "NvIndexInstance" 660 #define TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT_VERSION 1 661 662 typedef struct { 663 UINT8 Signature[16]; 664 UINT16 Version; 665 UINT8 Reserved[6]; 666 // TCG_DEVICE_SECURITY_EVENT_DATA2 Data; 667 } TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT; 668 669 #define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC_SIGNATURE "NvIndexDynamic " 670 #define TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_VERSION 1 671 672 #define TCG_SPDM_CHALLENGE_DESCRIPTION "SPDM CHALLENGE" 673 #define TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION "SPDM CHALLENGE_AUTH" 674 #define TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION "SPDM GET_MEASUREMENTS" 675 #define TCG_SPDM_MEASUREMENTS_DESCRIPTION "SPDM MEASUREMENTS" 676 677 typedef struct { 678 UINT8 Signature[16]; 679 UINT16 Version; 680 UINT8 Reserved[6]; 681 UINT64 Uid; 682 // UINT16 DescriptionSize; 683 // UINT8 Description[DescriptionSize]; 684 // UINT16 DataSize; 685 // UINT8 Data[DataSize]; 686 } TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT; 687 688 typedef struct { 689 TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header; 690 UINT16 DescriptionSize; 691 UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_DESCRIPTION)]; 692 UINT16 DataSize; 693 UINT8 Data[32]; 694 } TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE; 695 696 typedef struct { 697 TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header; 698 UINT16 DescriptionSize; 699 UINT8 Description[sizeof (TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION)]; 700 UINT16 DataSize; 701 UINT8 Data[32]; 702 } TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE_AUTH; 703 704 typedef struct { 705 TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header; 706 UINT16 DescriptionSize; 707 UINT8 Description[sizeof (TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION)]; 708 UINT16 DataSize; 709 UINT8 Data[32]; 710 } TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_GET_MEASUREMENTS; 711 712 typedef struct { 713 TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT Header; 714 UINT16 DescriptionSize; 715 UINT8 Description[sizeof (TCG_SPDM_MEASUREMENTS_DESCRIPTION)]; 716 UINT16 DataSize; 717 UINT8 Data[32]; 718 } TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_MEASUREMENTS; 719 720 #pragma pack() 721 722 #endif 723