1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3  * Defines data structures and APIs that allow an OS to interact with UEFI
4  * firmware to query information about the device
5  *
6  * This file refers the following TCG specification.
7  *  - TCG PC Client Platform Firmware Profile Specification
8  *    https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/
9  *
10  *  - TCG EFI Protocol Specification
11  *    https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/
12  *
13  * Copyright (c) 2020, Linaro Limited
14  */
15 
16 #if !defined _EFI_TCG2_PROTOCOL_H_
17 #define _EFI_TCG2_PROTOCOL_H_
18 
19 #include <efi_api.h>
20 #include <tpm-v2.h>
21 
22 /* TPMV2 only */
23 #define TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002
24 #define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
25 #define PE_COFF_IMAGE 0x0000000000000010
26 
27 #define EFI_TCG2_MAX_PCR_INDEX 23
28 
29 /* Algorithm Registry */
30 #define EFI_TCG2_BOOT_HASH_ALG_SHA1    0x00000001
31 #define EFI_TCG2_BOOT_HASH_ALG_SHA256  0x00000002
32 #define EFI_TCG2_BOOT_HASH_ALG_SHA384  0x00000004
33 #define EFI_TCG2_BOOT_HASH_ALG_SHA512  0x00000008
34 #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
35 
36 #define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1
37 
38 #define TPM2_EVENT_LOG_SIZE CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
39 
40 typedef u32 efi_tcg_event_log_bitmap;
41 typedef u32 efi_tcg_event_log_format;
42 typedef u32 efi_tcg_event_algorithm_bitmap;
43 
44 /**
45  * struct tdEFI_TCG2_VERSION - structure of EFI TCG2 version
46  * @major:	major version
47  * @minor:	minor version
48  */
49 struct efi_tcg2_version {
50 	u8 major;
51 	u8 minor;
52 };
53 
54 /**
55  * struct tdEFI_TCG2_EVENT_HEADER - structure of EFI TCG2 event header
56  * @header_size:	size of the event header
57  * @header_version:	header version
58  * @pcr_index:		index of the PCR that is extended
59  * @event_type:		type of the event that is extended
60  */
61 struct efi_tcg2_event_header {
62 	u32 header_size;
63 	u16 header_version;
64 	u32 pcr_index;
65 	u32 event_type;
66 } __packed;
67 
68 /**
69  * struct tdEFI_TCG2_EVENT - structure of EFI TCG2 event
70  * @size:	total size of the event including the size component, the header
71  *		and the event data
72  * @header:	event header
73  * @event:	event to add
74  */
75 struct efi_tcg2_event {
76 	u32 size;
77 	struct efi_tcg2_event_header header;
78 	u8 event[];
79 } __packed;
80 
81 /**
82  * struct tdUEFI_IMAGE_LOAD_EVENT - structure of PE/COFF image measurement
83  * @image_location_in_memory:	image address
84  * @image_length_in_memory:	image size
85  * @image_link_time_address:	image link time address
86  * @length_of_device_path:	devive path size
87  * @device_path:		device path
88  */
89 struct uefi_image_load_event {
90 	efi_physical_addr_t image_location_in_memory;
91 	u64 image_length_in_memory;
92 	u64 image_link_time_address;
93 	u64 length_of_device_path;
94 	struct efi_device_path device_path[];
95 };
96 
97 /**
98  * struct tdEFI_TCG2_BOOT_SERVICE_CAPABILITY - protocol capability information
99  * @size:			allocated size of the structure
100  * @structure_version:		version of this structure
101  * @protocol_version:		version of the EFI TCG2 protocol.
102  * @hash_algorithm_bitmap:	supported hash algorithms
103  * @supported_event_logs:	bitmap of supported event log formats
104  * @tpm_present_flag:		false = TPM not present
105  * @max_command_size:		max size (in bytes) of a command
106  *				that can be sent to the TPM
107  * @max_response_size:		max size (in bytes) of a response that
108  *				can be provided by the TPM
109  * @manufacturer_id:		4-byte Vendor ID
110  * @number_of_pcr_banks:	maximum number of PCR banks
111  * @active_pcr_banks:		bitmap of currently active
112  *				PCR banks (hashing algorithms).
113  */
114 struct efi_tcg2_boot_service_capability {
115 	u8 size;
116 	struct efi_tcg2_version structure_version;
117 	struct efi_tcg2_version protocol_version;
118 	efi_tcg_event_algorithm_bitmap hash_algorithm_bitmap;
119 	efi_tcg_event_log_bitmap supported_event_logs;
120 	u8 tpm_present_flag;
121 	u16 max_command_size;
122 	u16 max_response_size;
123 	u32 manufacturer_id;
124 	u32 number_of_pcr_banks;
125 	efi_tcg_event_algorithm_bitmap active_pcr_banks;
126 };
127 
128 /* up to and including the vendor ID (manufacturer_id) field */
129 #define BOOT_SERVICE_CAPABILITY_MIN \
130 	offsetof(struct efi_tcg2_boot_service_capability, number_of_pcr_banks)
131 
132 #define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
133 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2 2
134 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 0
135 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2 2
136 
137 /**
138  *  struct TCG_EfiSpecIdEventAlgorithmSize - hashing algorithm information
139  *
140  *  @algorithm_id:	algorithm defined in enum tpm2_algorithms
141  *  @digest_size:	size of the algorithm
142  */
143 struct tcg_efi_spec_id_event_algorithm_size {
144 	u16      algorithm_id;
145 	u16      digest_size;
146 } __packed;
147 
148 /**
149  * struct TCG_EfiSpecIDEventStruct - content of the event log header
150  *
151  * @signature:			signature, set to Spec ID Event03
152  * @platform_class:		class defined in TCG ACPI Specification
153  *				Client  Common Header.
154  * @spec_version_minor:		minor version
155  * @spec_version_major:		major version
156  * @spec_version_errata:	major version
157  * @uintn_size:			size of the efi_uintn_t fields used in various
158  *				data structures used in this specification.
159  *				0x01 indicates u32  and 0x02  indicates u64
160  * @number_of_algorithms:	hashing algorithms used in this event log
161  * @digest_sizes:		array of number_of_algorithms pairs
162  *				1st member defines the algorithm id
163  *				2nd member defines the algorithm size
164  */
165 struct tcg_efi_spec_id_event {
166 	u8 signature[16];
167 	u32 platform_class;
168 	u8 spec_version_minor;
169 	u8 spec_version_major;
170 	u8 spec_errata;
171 	u8 uintn_size;
172 	u32 number_of_algorithms;
173 	struct tcg_efi_spec_id_event_algorithm_size digest_sizes[];
174 } __packed;
175 
176 /**
177  * struct tdEFI_TCG2_FINAL_EVENTS_TABLE - log entries after Get Event Log
178  * @version:		version number for this structure
179  * @number_of_events:	number of events recorded after invocation of
180  *			GetEventLog()
181  * @event:		List of events of type tcg_pcr_event2
182  */
183 struct efi_tcg2_final_events_table {
184 	u64 version;
185 	u64 number_of_events;
186 	struct tcg_pcr_event2 event[];
187 };
188 
189 /**
190  * struct tdUEFI_VARIABLE_DATA - event log structure of UEFI variable
191  * @variable_name:		The vendorGUID parameter in the
192  *				GetVariable() API.
193  * @unicode_name_length:	The length in CHAR16 of the Unicode name of
194  *				the variable.
195  * @variable_data_length:	The size of the variable data.
196  * @unicode_name:		The CHAR16 unicode name of the variable
197  *				without NULL-terminator.
198  * @variable_data:		The data parameter of the efi variable
199  *				in the GetVariable() API.
200  */
201 struct efi_tcg2_uefi_variable_data {
202 	efi_guid_t variable_name;
203 	u64 unicode_name_length;
204 	u64 variable_data_length;
205 	u16 unicode_name[1];
206 	u8 variable_data[1];
207 };
208 
209 /**
210  * struct tdUEFI_HANDOFF_TABLE_POINTERS2 - event log structure of SMBOIS tables
211  * @table_description_size:	size of table description
212  * @table_description:		table description
213  * @number_of_tables:		number of uefi configuration table
214  * @table_entry:		uefi configuration table entry
215  */
216 #define SMBIOS_HANDOFF_TABLE_DESC  "SmbiosTable"
217 struct smbios_handoff_table_pointers2 {
218 	u8 table_description_size;
219 	u8 table_description[sizeof(SMBIOS_HANDOFF_TABLE_DESC)];
220 	u64 number_of_tables;
221 	struct efi_configuration_table table_entry[];
222 } __packed;
223 
224 /**
225  * struct tdUEFI_GPT_DATA - event log structure of industry standard tables
226  * @uefi_partition_header:	gpt partition header
227  * @number_of_partitions:	the number of partition
228  * @partitions:			partition entries
229  */
230 struct efi_gpt_data {
231 	gpt_header uefi_partition_header;
232 	u64 number_of_partitions;
233 	gpt_entry partitions[];
234 } __packed;
235 
236 /**
237  * struct tdUEFI_PLATFORM_FIRMWARE_BLOB2
238  * @blob_description_size:	Byte size of @data
239  * @data:			Description data
240  */
241 struct uefi_platform_firmware_blob2 {
242 	u8 blob_description_size;
243 	u8 data[];
244 } __packed;
245 
246 struct efi_tcg2_protocol {
247 	efi_status_t (EFIAPI * get_capability)(struct efi_tcg2_protocol *this,
248 					       struct efi_tcg2_boot_service_capability *capability);
249 	efi_status_t (EFIAPI * get_eventlog)(struct efi_tcg2_protocol *this,
250 					     efi_tcg_event_log_format log_format,
251 					     u64 *event_log_location, u64 *event_log_last_entry,
252 					     bool *event_log_truncated);
253 	efi_status_t (EFIAPI * hash_log_extend_event)(struct efi_tcg2_protocol *this,
254 						      u64 flags,
255 						      efi_physical_addr_t data_to_hash,
256 						      u64 data_to_hash_len,
257 						      struct efi_tcg2_event *efi_tcg_event);
258 	efi_status_t (EFIAPI * submit_command)(struct efi_tcg2_protocol *this,
259 					       u32 input_parameter_block_size,
260 					       u8 *input_parameter_block,
261 					       u32 output_parameter_block_size,
262 					       u8 *output_parameter_block);
263 	efi_status_t (EFIAPI * get_active_pcr_banks)(struct efi_tcg2_protocol *this,
264 						     u32 *active_pcr_banks);
265 	efi_status_t (EFIAPI * set_active_pcr_banks)(struct efi_tcg2_protocol *this,
266 						     u32 active_pcr_banks);
267 	efi_status_t (EFIAPI * get_result_of_set_active_pcr_banks)(struct efi_tcg2_protocol *this,
268 								   u32 *operation_present,
269 								   u32 *response);
270 };
271 #endif
272