Re: [edk2] [patch 1/2] Add TPM2 definition in trusted computing group.
Hi Jiewen: Comments for ManufacturerID in tdEFI_TCG2_BOOT_SERVICE_CAPABILITY from Tcg2Protocol.h have unreadable character. Others are good to me. Reviewed-by: Chao Zhang chao.b.zh...@intel.com Thanks Best regards Chao Zhang -Original Message- From: Yao, Jiewen Sent: Tuesday, August 11, 2015 8:09 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen; Zhang, Chao B Subject: [patch 1/2] Add TPM2 definition in trusted computing group. 1) TCG Physical Presence Interface Specification 1.30 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification 2) TCG EFI Protocol Specification for TPM 2.0 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification 3) Update TPM2.0 header file to include Hash Algo definition. 4) Update UEFI TCG platform header file to include more TCG event structure. Test Win8/Win10 with secure boot enabled, PCR7 shows bound. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yao, Jiewen jiewen@intel.com CC: Zhang, Chao B chao.b.zh...@intel.com --- .../Include/IndustryStandard/TcgPhysicalPresence.h | 129 MdePkg/Include/IndustryStandard/Tpm20.h| 11 +- MdePkg/Include/IndustryStandard/UefiTcgPlatform.h | 110 ++- MdePkg/Include/Protocol/Tcg2Protocol.h | 341 + MdePkg/Include/Protocol/TrEEProtocol.h | 18 +- MdePkg/MdePkg.dec | 4 + 6 files changed, 594 insertions(+), 19 deletions(-) create mode 100644 MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h create mode 100644 MdePkg/Include/Protocol/Tcg2Protocol.h diff --git a/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h b/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h new file mode 100644 index 000..80ae7d3 --- /dev/null +++ b/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h @@ -0,0 +1,129 @@ +/** @file + TCG Physical Presence definition. + +Copyright (c) 2015, Intel Corporation. All rights reserved.BR This +program and the accompanying materials are licensed and made available +under the terms and conditions of the BSD License which accompanies +this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN AS IS BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _TCG_PHYSICAL_PRESENCE_H_ +#define _TCG_PHYSICAL_PRESENCE_H_ + +// +// TCG PP definition for physical presence ACPI function // +#define TCG_ACPI_FUNCTION_GET_PHYSICAL_PRESENCE_INTERFACE_VERSION 1 +#define TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS 2 +#define TCG_ACPI_FUNCTION_GET_PENDING_REQUEST_BY_OS3 +#define TCG_ACPI_FUNCTION_GET_PLATFORM_ACTION_TO_TRANSITION_TO_BIOS4 +#define TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS5 +#define TCG_ACPI_FUNCTION_SUBMIT_PREFERRED_USER_LANGUAGE 6 +#define TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2 7 +#define TCG_ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST 8 + +// +// TCG PP definition for TPM Operation Response to OS Environment // +#define TCG_PP_OPERATION_RESPONSE_SUCCESS 0x0 +#define TCG_PP_OPERATION_RESPONSE_USER_ABORT 0xFFF0 +#define TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE 0xFFF1 + +// +// TCG PP definition of return code for Return TPM Operation Response +to OS Environment // +#define TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS 0 +#define TCG_PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE 1 + +// +// TCG PP definition of return code for Sumbit TPM Request to Pre-OS +Environment // and Sumbit TPM Request to Pre-OS Environment 2 // +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS 0 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED 1 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE 2 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS 3 + +// +// TCG PP definition of return code for Get User Confirmation Status +for Operation // +#define TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED 0 +#define TCG_PP_GET_USER_CONFIRMATION_BIOS_ONLY 1 +#define TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION 2 +#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED 3 +#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_NOT_REQUIRED 4 + +// +// TCG PP definition of physical presence operation actions for TPM12 +// +#define TCG_PHYSICAL_PRESENCE_NO_ACTION 0 +#define TCG_PHYSICAL_PRESENCE_ENABLE 1 +#define TCG_PHYSICAL_PRESENCE_DISABLE
Re: [edk2] [patch 1/2] Add TPM2 definition in trusted computing group.
Right. Thanks a lot to catch it. I will fix it before check in. Thank you Yao Jiewen -Original Message- From: Zhang, Chao B Sent: Thursday, August 13, 2015 9:32 AM To: Yao, Jiewen; edk2-devel@lists.01.org Subject: RE: [patch 1/2] Add TPM2 definition in trusted computing group. Hi Jiewen: Comments for ManufacturerID in tdEFI_TCG2_BOOT_SERVICE_CAPABILITY from Tcg2Protocol.h have unreadable character. Others are good to me. Reviewed-by: Chao Zhang chao.b.zh...@intel.com Thanks Best regards Chao Zhang -Original Message- From: Yao, Jiewen Sent: Tuesday, August 11, 2015 8:09 PM To: edk2-devel@lists.01.org Cc: Yao, Jiewen; Zhang, Chao B Subject: [patch 1/2] Add TPM2 definition in trusted computing group. 1) TCG Physical Presence Interface Specification 1.30 at http://www.trustedcomputinggroup.org/resources/tcg_physical_presence_interface_specification 2) TCG EFI Protocol Specification for TPM 2.0 at http://www.trustedcomputinggroup.org/resources/tcg_efi_protocol_specification 3) Update TPM2.0 header file to include Hash Algo definition. 4) Update UEFI TCG platform header file to include more TCG event structure. Test Win8/Win10 with secure boot enabled, PCR7 shows bound. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Yao, Jiewen jiewen@intel.com CC: Zhang, Chao B chao.b.zh...@intel.com --- .../Include/IndustryStandard/TcgPhysicalPresence.h | 129 MdePkg/Include/IndustryStandard/Tpm20.h| 11 +- MdePkg/Include/IndustryStandard/UefiTcgPlatform.h | 110 ++- MdePkg/Include/Protocol/Tcg2Protocol.h | 341 + MdePkg/Include/Protocol/TrEEProtocol.h | 18 +- MdePkg/MdePkg.dec | 4 + 6 files changed, 594 insertions(+), 19 deletions(-) create mode 100644 MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h create mode 100644 MdePkg/Include/Protocol/Tcg2Protocol.h diff --git a/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h b/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h new file mode 100644 index 000..80ae7d3 --- /dev/null +++ b/MdePkg/Include/IndustryStandard/TcgPhysicalPresence.h @@ -0,0 +1,129 @@ +/** @file + TCG Physical Presence definition. + +Copyright (c) 2015, Intel Corporation. All rights reserved.BR This +program and the accompanying materials are licensed and made available +under the terms and conditions of the BSD License which accompanies +this distribution. The full text of the license may be found at +http://opensource.org/licenses/bsd-license.php + +THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN AS IS BASIS, +WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. + +**/ + +#ifndef _TCG_PHYSICAL_PRESENCE_H_ +#define _TCG_PHYSICAL_PRESENCE_H_ + +// +// TCG PP definition for physical presence ACPI function // +#define TCG_ACPI_FUNCTION_GET_PHYSICAL_PRESENCE_INTERFACE_VERSION 1 +#define TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS 2 +#define TCG_ACPI_FUNCTION_GET_PENDING_REQUEST_BY_OS3 +#define TCG_ACPI_FUNCTION_GET_PLATFORM_ACTION_TO_TRANSITION_TO_BIOS4 +#define TCG_ACPI_FUNCTION_RETURN_REQUEST_RESPONSE_TO_OS5 +#define TCG_ACPI_FUNCTION_SUBMIT_PREFERRED_USER_LANGUAGE 6 +#define TCG_ACPI_FUNCTION_SUBMIT_REQUEST_TO_BIOS_2 7 +#define TCG_ACPI_FUNCTION_GET_USER_CONFIRMATION_STATUS_FOR_REQUEST 8 + +// +// TCG PP definition for TPM Operation Response to OS Environment // +#define TCG_PP_OPERATION_RESPONSE_SUCCESS 0x0 +#define TCG_PP_OPERATION_RESPONSE_USER_ABORT 0xFFF0 +#define TCG_PP_OPERATION_RESPONSE_BIOS_FAILURE 0xFFF1 + +// +// TCG PP definition of return code for Return TPM Operation Response +to OS Environment // +#define TCG_PP_RETURN_TPM_OPERATION_RESPONSE_SUCCESS 0 +#define TCG_PP_RETURN_TPM_OPERATION_RESPONSE_FAILURE 1 + +// +// TCG PP definition of return code for Sumbit TPM Request to Pre-OS +Environment // and Sumbit TPM Request to Pre-OS Environment 2 // +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_SUCCESS 0 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_NOT_IMPLEMENTED 1 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_GENERAL_FAILURE 2 +#define TCG_PP_SUBMIT_REQUEST_TO_PREOS_BLOCKED_BY_BIOS_SETTINGS 3 + +// +// TCG PP definition of return code for Get User Confirmation Status +for Operation // +#define TCG_PP_GET_USER_CONFIRMATION_NOT_IMPLEMENTED 0 +#define TCG_PP_GET_USER_CONFIRMATION_BIOS_ONLY 1 +#define TCG_PP_GET_USER_CONFIRMATION_BLOCKED_BY_BIOS_CONFIGURATION 2 +#define TCG_PP_GET_USER_CONFIRMATION_ALLOWED_AND_PPUSER_REQUIRED 3 +#define
