1 /** @file 2 TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final and 3 TCG PC Client Platform Firmware Profile Specification, Revision 1.05 4 5 Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.<BR> 6 SPDX-License-Identifier: BSD-2-Clause-Patent 7 8 **/ 9 10 #ifndef __UEFI_TCG_PLATFORM_H__ 11 #define __UEFI_TCG_PLATFORM_H__ 12 13 #include <IndustryStandard/Tpm12.h> 14 #include <IndustryStandard/Tpm20.h> 15 #include <Uefi.h> 16 17 // 18 // Standard event types 19 // 20 #define EV_PREBOOT_CERT ((TCG_EVENTTYPE) 0x00000000) 21 #define EV_POST_CODE ((TCG_EVENTTYPE) 0x00000001) 22 #define EV_NO_ACTION ((TCG_EVENTTYPE) 0x00000003) 23 #define EV_SEPARATOR ((TCG_EVENTTYPE) 0x00000004) 24 #define EV_ACTION ((TCG_EVENTTYPE) 0x00000005) 25 #define EV_EVENT_TAG ((TCG_EVENTTYPE) 0x00000006) 26 #define EV_S_CRTM_CONTENTS ((TCG_EVENTTYPE) 0x00000007) 27 #define EV_S_CRTM_VERSION ((TCG_EVENTTYPE) 0x00000008) 28 #define EV_CPU_MICROCODE ((TCG_EVENTTYPE) 0x00000009) 29 #define EV_PLATFORM_CONFIG_FLAGS ((TCG_EVENTTYPE) 0x0000000A) 30 #define EV_TABLE_OF_DEVICES ((TCG_EVENTTYPE) 0x0000000B) 31 #define EV_COMPACT_HASH ((TCG_EVENTTYPE) 0x0000000C) 32 #define EV_NONHOST_CODE ((TCG_EVENTTYPE) 0x0000000F) 33 #define EV_NONHOST_CONFIG ((TCG_EVENTTYPE) 0x00000010) 34 #define EV_NONHOST_INFO ((TCG_EVENTTYPE) 0x00000011) 35 #define EV_OMIT_BOOT_DEVICE_EVENTS ((TCG_EVENTTYPE) 0x00000012) 36 37 // 38 // EFI specific event types 39 // 40 #define EV_EFI_EVENT_BASE ((TCG_EVENTTYPE) 0x80000000) 41 #define EV_EFI_VARIABLE_DRIVER_CONFIG (EV_EFI_EVENT_BASE + 1) 42 #define EV_EFI_VARIABLE_BOOT (EV_EFI_EVENT_BASE + 2) 43 #define EV_EFI_BOOT_SERVICES_APPLICATION (EV_EFI_EVENT_BASE + 3) 44 #define EV_EFI_BOOT_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 4) 45 #define EV_EFI_RUNTIME_SERVICES_DRIVER (EV_EFI_EVENT_BASE + 5) 46 #define EV_EFI_GPT_EVENT (EV_EFI_EVENT_BASE + 6) 47 #define EV_EFI_ACTION (EV_EFI_EVENT_BASE + 7) 48 #define EV_EFI_PLATFORM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 8) 49 #define EV_EFI_HANDOFF_TABLES (EV_EFI_EVENT_BASE + 9) 50 #define EV_EFI_PLATFORM_FIRMWARE_BLOB2 (EV_EFI_EVENT_BASE + 0xA) 51 #define EV_EFI_HANDOFF_TABLES2 (EV_EFI_EVENT_BASE + 0xB) 52 #define EV_EFI_HCRTM_EVENT (EV_EFI_EVENT_BASE + 0x10) 53 #define EV_EFI_VARIABLE_AUTHORITY (EV_EFI_EVENT_BASE + 0xE0) 54 #define EV_EFI_SPDM_FIRMWARE_BLOB (EV_EFI_EVENT_BASE + 0xE1) 55 #define EV_EFI_SPDM_FIRMWARE_CONFIG (EV_EFI_EVENT_BASE + 0xE2) 56 57 #define EFI_CALLING_EFI_APPLICATION \ 58 "Calling EFI Application from Boot Option" 59 #define EFI_RETURNING_FROM_EFI_APPLICATION \ 60 "Returning from EFI Application from Boot Option" 61 #define EFI_EXIT_BOOT_SERVICES_INVOCATION \ 62 "Exit Boot Services Invocation" 63 #define EFI_EXIT_BOOT_SERVICES_FAILED \ 64 "Exit Boot Services Returned with Failure" 65 #define EFI_EXIT_BOOT_SERVICES_SUCCEEDED \ 66 "Exit Boot Services Returned with Success" 67 68 #define EV_POSTCODE_INFO_POST_CODE "POST CODE" 69 #define POST_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_POST_CODE) - 1) 70 71 #define EV_POSTCODE_INFO_SMM_CODE "SMM CODE" 72 #define SMM_CODE_STR_LEN (sizeof(EV_POSTCODE_INFO_SMM_CODE) - 1) 73 74 #define EV_POSTCODE_INFO_ACPI_DATA "ACPI DATA" 75 #define ACPI_DATA_LEN (sizeof(EV_POSTCODE_INFO_ACPI_DATA) - 1) 76 77 #define EV_POSTCODE_INFO_BIS_CODE "BIS CODE" 78 #define BIS_CODE_LEN (sizeof(EV_POSTCODE_INFO_BIS_CODE) - 1) 79 80 #define EV_POSTCODE_INFO_UEFI_PI "UEFI PI" 81 #define UEFI_PI_LEN (sizeof(EV_POSTCODE_INFO_UEFI_PI) - 1) 82 83 #define EV_POSTCODE_INFO_OPROM "Embedded Option ROM" 84 #define OPROM_LEN (sizeof(EV_POSTCODE_INFO_OPROM) - 1) 85 86 #define EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER "Embedded UEFI Driver" 87 #define EMBEDDED_UEFI_DRIVER_LEN (sizeof(EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER) - 1) 88 89 #define FIRMWARE_DEBUGGER_EVENT_STRING "UEFI Debug Mode" 90 #define FIRMWARE_DEBUGGER_EVENT_STRING_LEN (sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1) 91 92 // 93 // Set structure alignment to 1-byte 94 // 95 #pragma pack (1) 96 97 typedef UINT32 TCG_EVENTTYPE; 98 typedef TPM_PCRINDEX TCG_PCRINDEX; 99 typedef TPM_DIGEST TCG_DIGEST; 100 /// 101 /// Event Log Entry Structure Definition 102 /// 103 typedef struct tdTCG_PCR_EVENT { 104 TCG_PCRINDEX PCRIndex; ///< PCRIndex event extended to 105 TCG_EVENTTYPE EventType; ///< TCG EFI event type 106 TCG_DIGEST Digest; ///< Value extended into PCRIndex 107 UINT32 EventSize; ///< Size of the event data 108 UINT8 Event[1]; ///< The event data 109 } TCG_PCR_EVENT; 110 111 #define TSS_EVENT_DATA_MAX_SIZE 256 112 113 /// 114 /// TCG_PCR_EVENT_HDR 115 /// 116 typedef struct tdTCG_PCR_EVENT_HDR { 117 TCG_PCRINDEX PCRIndex; 118 TCG_EVENTTYPE EventType; 119 TCG_DIGEST Digest; 120 UINT32 EventSize; 121 } TCG_PCR_EVENT_HDR; 122 123 /// 124 /// EFI_PLATFORM_FIRMWARE_BLOB 125 /// 126 /// BlobLength should be of type UINTN but we use UINT64 here 127 /// because PEI is 32-bit while DXE is 64-bit on x64 platforms 128 /// 129 typedef struct tdEFI_PLATFORM_FIRMWARE_BLOB { 130 EFI_PHYSICAL_ADDRESS BlobBase; 131 UINT64 BlobLength; 132 } EFI_PLATFORM_FIRMWARE_BLOB; 133 134 /// 135 /// UEFI_PLATFORM_FIRMWARE_BLOB 136 /// 137 /// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB 138 /// event to facilitate the measurement of firmware volume. 139 /// 140 typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB { 141 EFI_PHYSICAL_ADDRESS BlobBase; 142 UINT64 BlobLength; 143 } UEFI_PLATFORM_FIRMWARE_BLOB; 144 145 /// 146 /// UEFI_PLATFORM_FIRMWARE_BLOB2 147 /// 148 /// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB2 149 /// event to facilitate the measurement of firmware volume. 150 /// 151 typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB2 { 152 UINT8 BlobDescriptionSize; 153 // UINT8 BlobDescription[BlobDescriptionSize]; 154 // EFI_PHYSICAL_ADDRESS BlobBase; 155 // UINT64 BlobLength; 156 } UEFI_PLATFORM_FIRMWARE_BLOB2; 157 158 /// 159 /// EFI_IMAGE_LOAD_EVENT 160 /// 161 /// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION, 162 /// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER 163 /// 164 typedef struct tdEFI_IMAGE_LOAD_EVENT { 165 EFI_PHYSICAL_ADDRESS ImageLocationInMemory; 166 UINTN ImageLengthInMemory; 167 UINTN ImageLinkTimeAddress; 168 UINTN LengthOfDevicePath; 169 EFI_DEVICE_PATH_PROTOCOL DevicePath[1]; 170 } EFI_IMAGE_LOAD_EVENT; 171 172 /// 173 /// UEFI_IMAGE_LOAD_EVENT 174 /// 175 /// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION, 176 /// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER 177 /// 178 typedef struct tdUEFI_IMAGE_LOAD_EVENT { 179 EFI_PHYSICAL_ADDRESS ImageLocationInMemory; 180 UINT64 ImageLengthInMemory; 181 UINT64 ImageLinkTimeAddress; 182 UINT64 LengthOfDevicePath; 183 EFI_DEVICE_PATH_PROTOCOL DevicePath[1]; 184 } UEFI_IMAGE_LOAD_EVENT; 185 186 /// 187 /// EFI_HANDOFF_TABLE_POINTERS 188 /// 189 /// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate 190 /// the measurement of given configuration tables. 191 /// 192 typedef struct tdEFI_HANDOFF_TABLE_POINTERS { 193 UINTN NumberOfTables; 194 EFI_CONFIGURATION_TABLE TableEntry[1]; 195 } EFI_HANDOFF_TABLE_POINTERS; 196 197 /// 198 /// UEFI_HANDOFF_TABLE_POINTERS 199 /// 200 /// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate 201 /// the measurement of given configuration tables. 202 /// 203 typedef struct tdUEFI_HANDOFF_TABLE_POINTERS { 204 UINT64 NumberOfTables; 205 EFI_CONFIGURATION_TABLE TableEntry[1]; 206 } UEFI_HANDOFF_TABLE_POINTERS; 207 208 /// 209 /// UEFI_HANDOFF_TABLE_POINTERS2 210 /// 211 /// This structure is used in EV_EFI_HANDOFF_TABLES2 event to facilitate 212 /// the measurement of given configuration tables. 213 /// 214 typedef struct tdUEFI_HANDOFF_TABLE_POINTERS2 { 215 UINT8 TableDescriptionSize; 216 // UINT8 TableDescription[TableDescriptionSize]; 217 // UINT64 NumberOfTables; 218 // EFI_CONFIGURATION_TABLE TableEntry[1]; 219 } UEFI_HANDOFF_TABLE_POINTERS2; 220 221 /// 222 /// EFI_VARIABLE_DATA 223 /// 224 /// This structure serves as the header for measuring variables. The name of the 225 /// variable (in Unicode format) should immediately follow, then the variable 226 /// data. 227 /// This is defined in TCG EFI Platform Spec for TPM1.1 or 1.2 V1.22 228 /// 229 typedef struct tdEFI_VARIABLE_DATA { 230 EFI_GUID VariableName; 231 UINTN UnicodeNameLength; 232 UINTN VariableDataLength; 233 CHAR16 UnicodeName[1]; 234 INT8 VariableData[1]; ///< Driver or platform-specific data 235 } EFI_VARIABLE_DATA; 236 237 /// 238 /// UEFI_VARIABLE_DATA 239 /// 240 /// This structure serves as the header for measuring variables. The name of the 241 /// variable (in Unicode format) should immediately follow, then the variable 242 /// data. 243 /// This is defined in TCG PC Client Firmware Profile Spec 00.21 244 /// 245 typedef struct tdUEFI_VARIABLE_DATA { 246 EFI_GUID VariableName; 247 UINT64 UnicodeNameLength; 248 UINT64 VariableDataLength; 249 CHAR16 UnicodeName[1]; 250 INT8 VariableData[1]; ///< Driver or platform-specific data 251 } UEFI_VARIABLE_DATA; 252 253 // 254 // For TrEE1.0 compatibility 255 // 256 typedef struct { 257 EFI_GUID VariableName; 258 UINT64 UnicodeNameLength; // The TCG Definition used UINTN 259 UINT64 VariableDataLength; // The TCG Definition used UINTN 260 CHAR16 UnicodeName[1]; 261 INT8 VariableData[1]; 262 } EFI_VARIABLE_DATA_TREE; 263 264 typedef struct tdEFI_GPT_DATA { 265 EFI_PARTITION_TABLE_HEADER EfiPartitionHeader; 266 UINTN NumberOfPartitions; 267 EFI_PARTITION_ENTRY Partitions[1]; 268 } EFI_GPT_DATA; 269 270 typedef struct tdUEFI_GPT_DATA { 271 EFI_PARTITION_TABLE_HEADER EfiPartitionHeader; 272 UINT64 NumberOfPartitions; 273 EFI_PARTITION_ENTRY Partitions[1]; 274 } UEFI_GPT_DATA; 275 276 #define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE "SPDM Device Sec" 277 #define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION 1 278 279 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL 0 280 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI 1 281 #define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB 2 282 283 /// 284 /// TCG_DEVICE_SECURITY_EVENT_DATA_HEADER 285 /// This is the header of TCG_DEVICE_SECURITY_EVENT_DATA, which is 286 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 287 /// 288 typedef struct { 289 UINT8 Signature[16]; 290 UINT16 Version; 291 UINT16 Length; 292 UINT32 SpdmHashAlgo; 293 UINT32 DeviceType; 294 // SPDM_MEASUREMENT_BLOCK SpdmMeasurementBlock; 295 } TCG_DEVICE_SECURITY_EVENT_DATA_HEADER; 296 297 #define TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION 0 298 299 /// 300 /// TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT 301 /// This is the PCI context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is 302 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 303 /// 304 typedef struct { 305 UINT16 Version; 306 UINT16 Length; 307 UINT16 VendorId; 308 UINT16 DeviceId; 309 UINT8 RevisionID; 310 UINT8 ClassCode[3]; 311 UINT16 SubsystemVendorID; 312 UINT16 SubsystemID; 313 } TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT; 314 315 #define TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT_VERSION 0 316 317 /// 318 /// TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT 319 /// This is the USB context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is 320 /// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG. 321 /// 322 typedef struct { 323 UINT16 Version; 324 UINT16 Length; 325 // UINT8 DeviceDescriptor[DescLen]; 326 // UINT8 BodDescriptor[DescLen]; 327 // UINT8 ConfigurationDescriptor[DescLen][NumOfConfiguration]; 328 } TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT; 329 330 // 331 // Crypto Agile Log Entry Format 332 // 333 typedef struct tdTCG_PCR_EVENT2 { 334 TCG_PCRINDEX PCRIndex; 335 TCG_EVENTTYPE EventType; 336 TPML_DIGEST_VALUES Digest; 337 UINT32 EventSize; 338 UINT8 Event[1]; 339 } TCG_PCR_EVENT2; 340 341 // 342 // TCG PCR Event2 Header 343 // Follow TCG EFI Protocol Spec 5.2 Crypto Agile Log Entry Format 344 // 345 typedef struct tdTCG_PCR_EVENT2_HDR { 346 TCG_PCRINDEX PCRIndex; 347 TCG_EVENTTYPE EventType; 348 TPML_DIGEST_VALUES Digests; 349 UINT32 EventSize; 350 } TCG_PCR_EVENT2_HDR; 351 352 // 353 // Log Header Entry Data 354 // 355 typedef struct { 356 // 357 // TCG defined hashing algorithm ID. 358 // 359 UINT16 algorithmId; 360 // 361 // The size of the digest for the respective hashing algorithm. 362 // 363 UINT16 digestSize; 364 } TCG_EfiSpecIdEventAlgorithmSize; 365 366 #define TCG_EfiSpecIDEventStruct_SIGNATURE_02 "Spec ID Event02" 367 #define TCG_EfiSpecIDEventStruct_SIGNATURE_03 "Spec ID Event03" 368 369 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM12 1 370 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM12 2 371 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM12 2 372 373 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2 2 374 #define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2 0 375 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2 0 376 #define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105 105 377 378 typedef struct { 379 UINT8 signature[16]; 380 // 381 // The value for the Platform Class. 382 // The enumeration is defined in the TCG ACPI Specification Client Common Header. 383 // 384 UINT32 platformClass; 385 // 386 // The TCG EFI Platform Specification minor version number this BIOS supports. 387 // Any BIOS supporting version (1.22) MUST set this value to 02h. 388 // Any BIOS supporting version (2.0) SHALL set this value to 0x00. 389 // 390 UINT8 specVersionMinor; 391 // 392 // The TCG EFI Platform Specification major version number this BIOS supports. 393 // Any BIOS supporting version (1.22) MUST set this value to 01h. 394 // Any BIOS supporting version (2.0) SHALL set this value to 0x02. 395 // 396 UINT8 specVersionMajor; 397 // 398 // The TCG EFI Platform Specification errata for this specification this BIOS supports. 399 // Any BIOS supporting version and errata (1.22) MUST set this value to 02h. 400 // Any BIOS supporting version and errata (2.0) SHALL set this value to 0x00. 401 // 402 UINT8 specErrata; 403 // 404 // Specifies the size of the UINTN fields used in various data structures used in this specification. 405 // 0x01 indicates UINT32 and 0x02 indicates UINT64. 406 // 407 UINT8 uintnSize; 408 // 409 // This field is added in "Spec ID Event03". 410 // The number of hashing algorithms used in this event log (except the first event). 411 // All events in this event log use all hashing algorithms defined here. 412 // 413 // UINT32 numberOfAlgorithms; 414 // 415 // This field is added in "Spec ID Event03". 416 // An array of size numberOfAlgorithms of value pairs. 417 // 418 // TCG_EfiSpecIdEventAlgorithmSize digestSize[numberOfAlgorithms]; 419 // 420 // Size in bytes of the VendorInfo field. 421 // Maximum value SHALL be FFh bytes. 422 // 423 // UINT8 vendorInfoSize; 424 // 425 // Provided for use by the BIOS implementer. 426 // The value might be used, for example, to provide more detailed information about the specific BIOS such as BIOS revision numbers, etc. 427 // The values within this field are not standardized and are implementer-specific. 428 // Platform-specific or -unique information SHALL NOT be provided in this field. 429 // 430 // UINT8 vendorInfo[vendorInfoSize]; 431 } TCG_EfiSpecIDEventStruct; 432 433 typedef struct tdTCG_PCClientTaggedEvent { 434 UINT32 taggedEventID; 435 UINT32 taggedEventDataSize; 436 // UINT8 taggedEventData[taggedEventDataSize]; 437 } TCG_PCClientTaggedEvent; 438 439 #define TCG_Sp800_155_PlatformId_Event_SIGNATURE "SP800-155 Event" 440 #define TCG_Sp800_155_PlatformId_Event2_SIGNATURE "SP800-155 Event2" 441 442 typedef struct tdTCG_Sp800_155_PlatformId_Event2 { 443 UINT8 Signature[16]; 444 // 445 // Where Vendor ID is an integer defined 446 // at http://www.iana.org/assignments/enterprisenumbers 447 // 448 UINT32 VendorId; 449 // 450 // 16-byte identifier of a given platform's static configuration of code 451 // 452 EFI_GUID ReferenceManifestGuid; 453 // 454 // Below structure is newly added in TCG_Sp800_155_PlatformId_Event2. 455 // 456 // UINT8 PlatformManufacturerStrSize; 457 // UINT8 PlatformManufacturerStr[PlatformManufacturerStrSize]; 458 // UINT8 PlatformModelSize; 459 // UINT8 PlatformModel[PlatformModelSize]; 460 // UINT8 PlatformVersionSize; 461 // UINT8 PlatformVersion[PlatformVersionSize]; 462 // UINT8 PlatformModelSize; 463 // UINT8 PlatformModel[PlatformModelSize]; 464 // UINT8 FirmwareManufacturerStrSize; 465 // UINT8 FirmwareManufacturerStr[FirmwareManufacturerStrSize]; 466 // UINT32 FirmwareManufacturerId; 467 // UINT8 FirmwareVersion; 468 // UINT8 FirmwareVersion[FirmwareVersionSize]]; 469 } TCG_Sp800_155_PlatformId_Event2; 470 471 #define TCG_EfiStartupLocalityEvent_SIGNATURE "StartupLocality" 472 473 // 474 // The Locality Indicator which sent the TPM2_Startup command 475 // 476 #define LOCALITY_0_INDICATOR 0x00 477 #define LOCALITY_3_INDICATOR 0x03 478 479 // 480 // Startup Locality Event 481 // 482 typedef struct tdTCG_EfiStartupLocalityEvent { 483 UINT8 Signature[16]; 484 // 485 // The Locality Indicator which sent the TPM2_Startup command 486 // 487 UINT8 StartupLocality; 488 } TCG_EfiStartupLocalityEvent; 489 490 // 491 // Restore original structure alignment 492 // 493 #pragma pack () 494 495 #endif 496