1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3  * Defines data structures and APIs that allow an OS to interact with UEFI
4  * firmware to query information about the device
5  *
6  * This file refers the following TCG specification.
7  *  - TCG PC Client Platform Firmware Profile Specification
8  *    https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/
9  *
10  *  - TCG EFI Protocol Specification
11  *    https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/
12  *
13  * Copyright (c) 2020, Linaro Limited
14  */
15 
16 #if !defined _EFI_TCG2_PROTOCOL_H_
17 #define _EFI_TCG2_PROTOCOL_H_
18 
19 #include <efi_api.h>
20 #include <tpm-v2.h>
21 
22 #define EFI_TCG2_PROTOCOL_GUID \
23 	EFI_GUID(0x607f766c, 0x7455, 0x42be, 0x93, \
24 		 0x0b, 0xe4, 0xd7, 0x6d, 0xb2, 0x72, 0x0f)
25 
26 /* TPMV2 only */
27 #define TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002
28 #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
29 #define PE_COFF_IMAGE 0x0000000000000010
30 
31 #define EFI_TCG2_MAX_PCR_INDEX 23
32 
33 /* Algorithm Registry */
34 #define EFI_TCG2_BOOT_HASH_ALG_SHA1    0x00000001
35 #define EFI_TCG2_BOOT_HASH_ALG_SHA256  0x00000002
36 #define EFI_TCG2_BOOT_HASH_ALG_SHA384  0x00000004
37 #define EFI_TCG2_BOOT_HASH_ALG_SHA512  0x00000008
38 #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
39 
40 #define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1
41 
42 #define TPM2_EVENT_LOG_SIZE CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
43 
44 typedef u32 efi_tcg_event_log_bitmap;
45 typedef u32 efi_tcg_event_log_format;
46 typedef u32 efi_tcg_event_algorithm_bitmap;
47 
48 /**
49  * struct tdEFI_TCG2_VERSION - structure of EFI TCG2 version
50  * @major:	major version
51  * @minor:	minor version
52  */
53 struct efi_tcg2_version {
54 	u8 major;
55 	u8 minor;
56 };
57 
58 /**
59  * struct tdEFI_TCG2_EVENT_HEADER - structure of EFI TCG2 event header
60  * @header_size:	size of the event header
61  * @header_version:	header version
62  * @pcr_index:		index of the PCR that is extended
63  * @event_type:		type of the event that is extended
64  */
65 struct efi_tcg2_event_header {
66 	u32 header_size;
67 	u16 header_version;
68 	u32 pcr_index;
69 	u32 event_type;
70 } __packed;
71 
72 /**
73  * struct tdEFI_TCG2_EVENT - structure of EFI TCG2 event
74  * @size:	total size of the event including the size component, the header
75  *		and the event data
76  * @header:	event header
77  * @event:	event to add
78  */
79 struct efi_tcg2_event {
80 	u32 size;
81 	struct efi_tcg2_event_header header;
82 	u8 event[];
83 } __packed;
84 
85 /**
86  * struct tdUEFI_IMAGE_LOAD_EVENT - structure of PE/COFF image measurement
87  * @image_location_in_memory:	image address
88  * @image_length_in_memory:	image size
89  * @image_link_time_address:	image link time address
90  * @length_of_device_path:	devive path size
91  * @device_path:		device path
92  */
93 struct uefi_image_load_event {
94 	efi_physical_addr_t image_location_in_memory;
95 	u64 image_length_in_memory;
96 	u64 image_link_time_address;
97 	u64 length_of_device_path;
98 	struct efi_device_path device_path[];
99 };
100 
101 /**
102  * struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY - protocol capability information
103  * @size:			allocated size of the structure
104  * @structure_version:		version of this structure
105  * @protocol_version:		version of the EFI TCG2 protocol.
106  * @hash_algorithm_bitmap:	supported hash algorithms
107  * @supported_event_logs:	bitmap of supported event log formats
108  * @tpm_present_flag:		false = TPM not present
109  * @max_command_size:		max size (in bytes) of a command
110  *				that can be sent to the TPM
111  * @max_response_size:		max size (in bytes) of a response that
112  *				can be provided by the TPM
113  * @manufacturer_id:		4-byte Vendor ID
114  * @number_of_pcr_banks:	maximum number of PCR banks
115  * @active_pcr_banks:		bitmap of currently active
116  *				PCR banks (hashing algorithms).
117  */
118 struct efi_tcg2_boot_service_capability {
119 	u8 size;
120 	struct efi_tcg2_version structure_version;
121 	struct efi_tcg2_version protocol_version;
122 	efi_tcg_event_algorithm_bitmap hash_algorithm_bitmap;
123 	efi_tcg_event_log_bitmap supported_event_logs;
124 	u8 tpm_present_flag;
125 	u16 max_command_size;
126 	u16 max_response_size;
127 	u32 manufacturer_id;
128 	u32 number_of_pcr_banks;
129 	efi_tcg_event_algorithm_bitmap active_pcr_banks;
130 };
131 
132 /* up to and including the vendor ID (manufacturer_id) field */
133 #define BOOT_SERVICE_CAPABILITY_MIN \
134 	offsetof(struct efi_tcg2_boot_service_capability, number_of_pcr_banks)
135 
136 #define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
137 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2 2
138 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 0
139 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2 2
140 
141 /**
142  *  struct TCG_EfiSpecIdEventAlgorithmSize - hashing algorithm information
143  *
144  *  @algorithm_id:	algorithm defined in enum tpm2_algorithms
145  *  @digest_size:	size of the algorithm
146  */
147 struct tcg_efi_spec_id_event_algorithm_size {
148 	u16      algorithm_id;
149 	u16      digest_size;
150 } __packed;
151 
152 /**
153  * struct TCG_EfiSpecIDEventStruct - content of the event log header
154  *
155  * @signature:			signature, set to Spec ID Event03
156  * @platform_class:		class defined in TCG ACPI Specification
157  *				Client  Common Header.
158  * @spec_version_minor:		minor version
159  * @spec_version_major:		major version
160  * @spec_version_errata:	major version
161  * @uintn_size:			size of the efi_uintn_t fields used in various
162  *				data structures used in this specification.
163  *				0x01 indicates u32  and 0x02  indicates u64
164  * @number_of_algorithms:	hashing algorithms used in this event log
165  * @digest_sizes:		array of number_of_algorithms pairs
166  *				1st member defines the algorithm id
167  *				2nd member defines the algorithm size
168  */
169 struct tcg_efi_spec_id_event {
170 	u8 signature[16];
171 	u32 platform_class;
172 	u8 spec_version_minor;
173 	u8 spec_version_major;
174 	u8 spec_errata;
175 	u8 uintn_size;
176 	u32 number_of_algorithms;
177 	struct tcg_efi_spec_id_event_algorithm_size digest_sizes[];
178 } __packed;
179 
180 /**
181  * struct tdEFI_TCG2_FINAL_EVENTS_TABLE - log entries after Get Event Log
182  * @version:		version number for this structure
183  * @number_of_events:	number of events recorded after invocation of
184  *			GetEventLog()
185  * @event:		List of events of type tcg_pcr_event2
186  */
187 struct efi_tcg2_final_events_table {
188 	u64 version;
189 	u64 number_of_events;
190 	struct tcg_pcr_event2 event[];
191 };
192 
193 /**
194  * struct tdUEFI_VARIABLE_DATA - event log structure of UEFI variable
195  * @variable_name:		The vendorGUID parameter in the
196  *				GetVariable() API.
197  * @unicode_name_length:	The length in CHAR16 of the Unicode name of
198  *				the variable.
199  * @variable_data_length:	The size of the variable data.
200  * @unicode_name:		The CHAR16 unicode name of the variable
201  *				without NULL-terminator.
202  * @variable_data:		The data parameter of the efi variable
203  *				in the GetVariable() API.
204  */
205 struct efi_tcg2_uefi_variable_data {
206 	efi_guid_t variable_name;
207 	u64 unicode_name_length;
208 	u64 variable_data_length;
209 	u16 unicode_name[1];
210 	u8 variable_data[1];
211 };
212 
213 /**
214  * struct tdUEFI_HANDOFF_TABLE_POINTERS2 - event log structure of SMBOIS tables
215  * @table_description_size:	size of table description
216  * @table_description:		table description
217  * @number_of_tables:		number of uefi configuration table
218  * @table_entry:		uefi configuration table entry
219  */
220 #define SMBIOS_HANDOFF_TABLE_DESC  "SmbiosTable"
221 struct smbios_handoff_table_pointers2 {
222 	u8 table_description_size;
223 	u8 table_description[sizeof(SMBIOS_HANDOFF_TABLE_DESC)];
224 	u64 number_of_tables;
225 	struct efi_configuration_table table_entry[];
226 } __packed;
227 
228 /**
229  * struct tdUEFI_GPT_DATA - event log structure of industry standard tables
230  * @uefi_partition_header:	gpt partition header
231  * @number_of_partitions:	the number of partition
232  * @partitions:			partition entries
233  */
234 struct efi_gpt_data {
235 	gpt_header uefi_partition_header;
236 	u64 number_of_partitions;
237 	gpt_entry partitions[];
238 } __packed;
239 
240 struct efi_tcg2_protocol {
241 	efi_status_t (EFIAPI * get_capability)(struct efi_tcg2_protocol *this,
242 					       struct efi_tcg2_boot_service_capability *capability);
243 	efi_status_t (EFIAPI * get_eventlog)(struct efi_tcg2_protocol *this,
244 					     efi_tcg_event_log_format log_format,
245 					     u64 *event_log_location, u64 *event_log_last_entry,
246 					     bool *event_log_truncated);
247 	efi_status_t (EFIAPI * hash_log_extend_event)(struct efi_tcg2_protocol *this,
248 						      u64 flags,
249 						      efi_physical_addr_t data_to_hash,
250 						      u64 data_to_hash_len,
251 						      struct efi_tcg2_event *efi_tcg_event);
252 	efi_status_t (EFIAPI * submit_command)(struct efi_tcg2_protocol *this,
253 					       u32 input_parameter_block_size,
254 					       u8 *input_parameter_block,
255 					       u32 output_parameter_block_size,
256 					       u8 *output_parameter_block);
257 	efi_status_t (EFIAPI * get_active_pcr_banks)(struct efi_tcg2_protocol *this,
258 						     u32 *active_pcr_banks);
259 	efi_status_t (EFIAPI * set_active_pcr_banks)(struct efi_tcg2_protocol *this,
260 						     u32 active_pcr_banks);
261 	efi_status_t (EFIAPI * get_result_of_set_active_pcr_banks)(struct efi_tcg2_protocol *this,
262 								   u32 *operation_present,
263 								   u32 *response);
264 };
265 #endif
266