Google Git
Sign in
qemu / SLOF / refs/tags/qemu-slof-20220719 / . / lib / libtpm / tcgbios_int.h
blob: cc38455850f215ecdb1f7909751735beddc4dc43 [file] [log] [blame]
/*****************************************************************************
* Copyright (c) 2015-2020 IBM Corporation
* All rights reserved.
* This program and the accompanying materials
* are made available under the terms of the BSD License
* which accompanies this distribution, and is available at
* http://www.opensource.org/licenses/bsd-license.php
*
* Contributors:
* IBM Corporation - initial implementation
*****************************************************************************/
#ifndef TCGBIOS_INT_H
#define TCGBIOS_INT_H
#include <stdint.h>
/* internal error codes */
#define TCGBIOS_OK 0x0
#define TCGBIOS_LOGOVERFLOW 0x1
#define TCGBIOS_GENERAL_ERROR 0x2
#define TCGBIOS_FIRMWARE_ERROR 0x3
#define TCGBIOS_FATAL_COM_ERROR 0x4
#define TCGBIOS_INVALID_INPUT_PARA 0x5
#define TCGBIOS_COMMAND_ERROR 0x6
#define TCGBIOS_INTERFACE_SHUTDOWN 0x7
/*
* event types from spec:
* TCG PC Client Specific Implementation Specification
* for Conventional BIOS
*/
#define EV_POST_CODE 1
#define EV_NO_ACTION 3
#define EV_SEPARATOR 4
#define EV_ACTION 5
#define EV_EVENT_TAG 6
#define EV_S_CRTM_CONTENTS 7
#define EV_S_CRTM_VERSION 8
#define EV_IPL 13
#define EV_IPL_PARTITION_DATA 14
#define EV_EFI_EVENT_BASE 0x80000000
#define EV_EFI_GPT_EVENT (EV_EFI_EVENT_BASE + 0x6)
#define BCV_DEVICE_HDD 0x80
/* hash sizes */
#define SHA1_BUFSIZE 20
#define SHA256_BUFSIZE 32
#define SHA384_BUFSIZE 48
#define SHA512_BUFSIZE 64
#define SM3_256_BUFSIZE 32
#define SHA3_256_BUFSIZE 32
#define SHA3_384_BUFSIZE 48
#define SHA3_512_BUFSIZE 64
/*
* Logging for TPM 2 is specified in TCG spec "TCG PC Client Platform
* Firmware Profile Specification" in section "Event Logging" and sub-
* section "TCG_PCR_EVENT2 structure"
*
* Each entry in the TPM log contains: a TCG_PCR_EVENT2_Header, a variable
* length digest, a TCG_PCR_EVENT2_Trailer, and a variable length event.
* The 'digest' matches what is sent to the TPM hardware via the Extend
* command. On TPM2.0 the digest contains a TPML_DIGEST_VALUES struct
* followed by a variable number of TPMT_HA structs (as specified by the
* hardware via the TPM2_CAP_PCRS request).
*/
typedef struct tdTCG_PCR_EVENT2_Header {
uint32_t pcrindex;
uint32_t eventtype;
uint8_t digests[0];
} __attribute__((packed)) TCG_PCR_EVENT2_Header;
typedef struct tdTCG_PCR_EVENT2_Trailer {
uint32_t eventdatasize;
uint8_t event[0];
} __attribute__((packed)) TCG_PCR_EVENT2_Trailer;
struct TCG_EfiSpecIdEventStruct {
uint8_t signature[16];
uint32_t platformClass;
#define TPM_TCPA_ACPI_CLASS_CLIENT 0
uint8_t specVersionMinor;
uint8_t specVersionMajor;
uint8_t specErrata;
uint8_t uintnSize;
uint32_t numberOfAlgorithms;
struct TCG_EfiSpecIdEventAlgorithmSize {
uint16_t algorithmId;
uint16_t digestSize;
} digestSizes[];
/*
uint8_t vendorInfoSize;
uint8_t vendorInfo[0];
*/
} __attribute__((packed));
/* EFI related data structures for logging */
typedef struct {
uint64_t signature;
uint32_t revision;
uint32_t size;
uint32_t crc32;
uint8_t reserved[4];
} __attribute__((packed)) UEFI_TABLE_HEADER;
typedef struct {
UEFI_TABLE_HEADER header;
uint64_t currentLba;
uint64_t backupLba;
uint64_t firstLba;
uint64_t lastLba;
uint8_t diskGuid[16];
uint64_t partEntryLba;
uint32_t numPartEntry;
uint32_t partEntrySize;
uint32_t partArrayCrc32;
uint8_t reserved[420];
} __attribute__((packed)) UEFI_PARTITION_TABLE_HEADER;
typedef struct {
uint8_t partTypeGuid[16];
uint8_t partGuid[16];
uint64_t firstLba;
uint64_t lastLba;
uint64_t attribute;
uint8_t partName[72];
} __attribute__((packed)) UEFI_PARTITION_ENTRY;
typedef struct {
UEFI_PARTITION_TABLE_HEADER EfiPartitionHeader;
uint64_t NumberOfPartitions;
UEFI_PARTITION_ENTRY Partitions[0];
} __attribute__((packed)) UEFI_GPT_DATA;
/* Input and Output headers for all TPM commands */
struct tpm_req_header {
uint16_t tag;
uint32_t totlen;
uint32_t ordinal;
} __attribute__((packed));
struct tpm_rsp_header {
uint16_t tag;
uint32_t totlen;
uint32_t errcode;
} __attribute__((packed));
/****************************************************************
* TPM v2.0 hardware commands
*
* Relevant specs for #defines and commonly used structures:
* - Trusted Platform Module Library; Part 2: Structures
* Relevant specs for command structures:
* - Trusted Platform Module Library; Part 3: Commands
****************************************************************/
#define TPM2_NO 0
#define TPM2_YES 1
#define TPM2_SU_CLEAR 0x0000
#define TPM2_SU_STATE 0x0001
#define TPM2_RH_OWNER 0x40000001
#define TPM2_RS_PW 0x40000009
#define TPM2_RH_ENDORSEMENT 0x4000000b
#define TPM2_RH_PLATFORM 0x4000000c
#define TPM2_ALG_SHA1 0x0004
#define TPM2_ALG_SHA256 0x000b
#define TPM2_ALG_SHA384 0x000c
#define TPM2_ALG_SHA512 0x000d
#define TPM2_ALG_SM3_256 0x0012
#define TPM2_ALG_SHA3_256 0x0027
#define TPM2_ALG_SHA3_384 0x0028
#define TPM2_ALG_SHA3_512 0x0029
/* TPM 2 command tags */
#define TPM2_ST_NO_SESSIONS 0x8001
#define TPM2_ST_SESSIONS 0x8002
/* TPM 2 commands */
#define TPM2_CC_HierarchyControl 0x121
#define TPM2_CC_Clear 0x126
#define TPM2_CC_ClearControl 0x127
#define TPM2_CC_HierarchyChangeAuth 0x129
#define TPM2_CC_PCR_Allocate 0x12b
#define TPM2_CC_SelfTest 0x143
#define TPM2_CC_Startup 0x144
#define TPM2_CC_Shutdown 0x145
#define TPM2_CC_StirRandom 0x146
#define TPM2_CC_GetCapability 0x17a
#define TPM2_CC_GetRandom 0x17b
#define TPM2_CC_PCR_Extend 0x182
/* TPM 2 Capabilities */
#define TPM2_CAP_PCRS 0x00000005
/* TPM 2 data structures */
struct TPMT_HA {
uint16_t hashAlg;
uint8_t hash[0]; /* size depends on hashAlg */
} __attribute__((packed));
struct TPML_DIGEST_VALUES {
uint32_t count;
struct TPMT_HA digest[0]; /* variable number of entries */
} __attribute__((packed));
struct tpm2_req_stirrandom {
struct tpm_req_header hdr;
uint16_t size;
uint64_t stir;
} __attribute__((packed));
struct tpm2_req_getrandom {
struct tpm_req_header hdr;
uint16_t bytesRequested;
} __attribute__((packed));
struct tpm2b_20 {
uint16_t size;
uint8_t buffer[20];
} __attribute__((packed));
struct tpm2_res_getrandom {
struct tpm_rsp_header hdr;
struct tpm2b_20 rnd;
} __attribute__((packed));
/*
* tpm2_authblock is used in TPM 2 commands using 'Auth. Handle'
*/
struct tpm2_authblock {
uint32_t handle;
uint16_t noncesize; /* always 0 */
uint8_t contsession; /* always TPM2_YES */
uint16_t pwdsize; /* always 0 */
} __attribute__((packed));
struct tpm2_req_hierarchychangeauth {
struct tpm_req_header hdr;
uint32_t authhandle;
uint32_t authblocksize;
struct tpm2_authblock authblock;
struct tpm2b_20 newAuth;
} __attribute__((packed));
struct tpm2_req_extend {
struct tpm_req_header hdr;
uint32_t pcrindex;
uint32_t authblocksize;
struct tpm2_authblock authblock;
uint8_t digest[0];
} __attribute__((packed));
struct tpm2_req_clearcontrol {
struct tpm_req_header hdr;
uint32_t authhandle;
uint32_t authblocksize;
struct tpm2_authblock authblock;
uint8_t disable;
} __attribute__((packed));
struct tpm2_req_clear {
struct tpm_req_header hdr;
uint32_t authhandle;
uint32_t authblocksize;
struct tpm2_authblock authblock;
} __attribute__((packed));
struct tpm2_req_hierarchycontrol {
struct tpm_req_header hdr;
uint32_t authhandle;
uint32_t authblocksize;
struct tpm2_authblock authblock;
uint32_t enable;
uint8_t state;
} __attribute__((packed));
struct tpm2_req_getcapability {
struct tpm_req_header hdr;
uint32_t capability;
uint32_t property;
uint32_t propertycount;
} __attribute__((packed));
struct tpm2_res_getcapability {
struct tpm_rsp_header hdr;
uint8_t moreData;
uint32_t capability;
uint8_t data[0]; /* capability dependent data */
} __attribute__((packed));
struct tpm2_req_pcr_allocate {
struct tpm_req_header hdr;
uint32_t authhandle;
uint32_t authblocksize;
struct tpm2_authblock authblock;
uint32_t count;
uint8_t tpms_pcr_selections[4];
} __attribute__((packed));
struct tpms_pcr_selection {
uint16_t hashAlg;
uint8_t sizeOfSelect;
uint8_t pcrSelect[0];
} __attribute__((packed));
struct tpml_pcr_selection {
uint32_t count;
struct tpms_pcr_selection selections[0];
} __attribute__((packed));
#endif /* TCGBIOS_INT_H */