1 /* SPDX-License-Identifier: GPL-2.0+ */
2 /*
3  * Defines APIs and structures that adhere to
4  * https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification/
5  * https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/
6  *
7  * Copyright (c) 2020 Linaro Limited
8  */
9 
10 #ifndef __TPM_TCG_V2_H
11 #define __TPM_TCG_V2_H
12 
13 #include <tpm-v2.h>
14 
15 /*
16  * event types, cf.
17  * "TCG Server Management Domain Firmware Profile Specification",
18  * rev 1.00, 2020-05-01
19  */
20 #define EV_POST_CODE			((u32)0x00000001)
21 #define EV_NO_ACTION			((u32)0x00000003)
22 #define EV_SEPARATOR			((u32)0x00000004)
23 #define EV_ACTION			((u32)0x00000005)
24 #define EV_TAG				((u32)0x00000006)
25 #define EV_S_CRTM_CONTENTS		((u32)0x00000007)
26 #define EV_S_CRTM_VERSION		((u32)0x00000008)
27 #define EV_CPU_MICROCODE		((u32)0x00000009)
28 #define EV_PLATFORM_CONFIG_FLAGS	((u32)0x0000000A)
29 #define EV_TABLE_OF_DEVICES		((u32)0x0000000B)
30 #define EV_COMPACT_HASH			((u32)0x0000000C)
31 
32 /*
33  * event types, cf.
34  * "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
35  * Level 00 Version 1.05 Revision 23, May 7, 2021
36  */
37 #define EV_EFI_EVENT_BASE			((u32)0x80000000)
38 #define EV_EFI_VARIABLE_DRIVER_CONFIG		((u32)0x80000001)
39 #define EV_EFI_VARIABLE_BOOT			((u32)0x80000002)
40 #define EV_EFI_BOOT_SERVICES_APPLICATION	((u32)0x80000003)
41 #define EV_EFI_BOOT_SERVICES_DRIVER		((u32)0x80000004)
42 #define EV_EFI_RUNTIME_SERVICES_DRIVER		((u32)0x80000005)
43 #define EV_EFI_GPT_EVENT			((u32)0x80000006)
44 #define EV_EFI_ACTION				((u32)0x80000007)
45 #define EV_EFI_PLATFORM_FIRMWARE_BLOB		((u32)0x80000008)
46 #define EV_EFI_HANDOFF_TABLES			((u32)0x80000009)
47 #define EV_EFI_PLATFORM_FIRMWARE_BLOB2		((u32)0x8000000A)
48 #define EV_EFI_HANDOFF_TABLES2			((u32)0x8000000B)
49 #define EV_EFI_VARIABLE_BOOT2			((u32)0x8000000C)
50 #define EV_EFI_HCRTM_EVENT			((u32)0x80000010)
51 #define EV_EFI_VARIABLE_AUTHORITY		((u32)0x800000E0)
52 #define EV_EFI_SPDM_FIRMWARE_BLOB		((u32)0x800000E1)
53 #define EV_EFI_SPDM_FIRMWARE_CONFIG		((u32)0x800000E2)
54 
55 #define EFI_CALLING_EFI_APPLICATION         \
56 	"Calling EFI Application from Boot Option"
57 #define EFI_RETURNING_FROM_EFI_APPLICATION  \
58 	"Returning from EFI Application from Boot Option"
59 #define EFI_EXIT_BOOT_SERVICES_INVOCATION   \
60 	"Exit Boot Services Invocation"
61 #define EFI_EXIT_BOOT_SERVICES_FAILED       \
62 	"Exit Boot Services Returned with Failure"
63 #define EFI_EXIT_BOOT_SERVICES_SUCCEEDED    \
64 	"Exit Boot Services Returned with Success"
65 #define EFI_DTB_EVENT_STRING \
66 	"DTB DATA"
67 
68 /**
69  *  struct TCG_EfiSpecIdEventAlgorithmSize - hashing algorithm information
70  *
71  *  @algorithm_id:	algorithm defined in enum tpm2_algorithms
72  *  @digest_size:	size of the algorithm
73  */
74 struct tcg_efi_spec_id_event_algorithm_size {
75 	u16      algorithm_id;
76 	u16      digest_size;
77 } __packed;
78 
79 /**
80  * SHA1 Event Log Entry Format
81  *
82  * @pcr_index:	PCRIndex event extended to
83  * @event_type:	Type of event (see EFI specs)
84  * @digest:	Value extended into PCR index
85  * @event_size:	Size of event
86  * @event:	Event data
87  */
88 struct tcg_pcr_event {
89 	u32 pcr_index;
90 	u32 event_type;
91 	u8 digest[TPM2_SHA1_DIGEST_SIZE];
92 	u32 event_size;
93 	u8 event[];
94 } __packed;
95 
96 /**
97  * tcg2_get_pcr_info() - get the supported, active banks and number of banks
98  *
99  * @dev:		TPM device
100  * @supported_bank:	bitmask with the algorithms supported
101  * @active_bank:	bitmask with the active algorithms
102  * @bank_num:		number of PCR banks
103  *
104  * @return 0 on success, code of operation or negative errno on failure
105  */
106 int tcg2_get_pcr_info(struct udevice *dev, u32 *supported_bank, u32 *active_bank,
107 		      u32 *bank_num);
108 
109 /**
110  * Crypto Agile Log Entry Format
111  *
112  * @pcr_index:	PCRIndex event extended to
113  * @event_type:	Type of event
114  * @digests:	List of digestsextended to PCR index
115  * @event_size: Size of the event data
116  * @event:	Event data
117  */
118 struct tcg_pcr_event2 {
119 	u32 pcr_index;
120 	u32 event_type;
121 	struct tpml_digest_values digests;
122 	u32 event_size;
123 	u8 event[];
124 } __packed;
125 
126 /**
127  * struct TCG_EfiSpecIDEventStruct - content of the event log header
128  *
129  * @signature:			signature, set to Spec ID Event03
130  * @platform_class:		class defined in TCG ACPI Specification
131  *				Client  Common Header.
132  * @spec_version_minor:		minor version
133  * @spec_version_major:		major version
134  * @spec_version_errata:	major version
135  * @uintn_size:			size of the efi_uintn_t fields used in various
136  *				data structures used in this specification.
137  *				0x01 indicates u32  and 0x02  indicates u64
138  * @number_of_algorithms:	hashing algorithms used in this event log
139  * @digest_sizes:		array of number_of_algorithms pairs
140  *				1st member defines the algorithm id
141  *				2nd member defines the algorithm size
142  */
143 struct tcg_efi_spec_id_event {
144 	u8 signature[16];
145 	u32 platform_class;
146 	u8 spec_version_minor;
147 	u8 spec_version_major;
148 	u8 spec_errata;
149 	u8 uintn_size;
150 	u32 number_of_algorithms;
151 	struct tcg_efi_spec_id_event_algorithm_size digest_sizes[];
152 } __packed;
153 
154 #define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
155 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2 2
156 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 0
157 #define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2 2
158 /**
159  * struct tcg2_event_log - Container for managing the platform event log
160  *
161  * @log:		Address of the log
162  * @log_position:	Current entry position
163  * @log_size:		Log space available
164  * @found:		Boolean indicating if an existing log was discovered
165  */
166 struct tcg2_event_log {
167 	u8 *log;
168 	u32 log_position;
169 	u32 log_size;
170 	bool found;
171 };
172 
173 /**
174  * Create a list of digests of the supported PCR banks for a given input data
175  *
176  * @dev		TPM device
177  * @input	Data
178  * @length	Length of the data to calculate the digest
179  * @digest_list	List of digests to fill in
180  *
181  * Return: zero on success, negative errno otherwise
182  */
183 int tcg2_create_digest(struct udevice *dev, const u8 *input, u32 length,
184 		       struct tpml_digest_values *digest_list);
185 
186 /**
187  * Get the event size of the specified digests
188  *
189  * @digest_list	List of digests for the event
190  *
191  * Return: Size in bytes of the event
192  */
193 u32 tcg2_event_get_size(struct tpml_digest_values *digest_list);
194 
195 /**
196  * tcg2_get_active_pcr_banks
197  *
198  * @dev			TPM device
199  * @active_pcr_banks	Bitmask of PCR algorithms supported
200  *
201  * Return: zero on success, negative errno otherwise
202  */
203 int tcg2_get_active_pcr_banks(struct udevice *dev, u32 *active_pcr_banks);
204 
205 /**
206  * tcg2_log_append - Append an event to an event log
207  *
208  * @pcr_index	Index of the PCR
209  * @event_type	Type of event
210  * @digest_list List of digests to add
211  * @size	Size of event
212  * @event	Event data
213  * @log		Log buffer to append the event to
214  */
215 void tcg2_log_append(u32 pcr_index, u32 event_type,
216 		     struct tpml_digest_values *digest_list, u32 size,
217 		     const u8 *event, u8 *log);
218 
219 /**
220  * Extend the PCR with specified digests
221  *
222  * @dev		TPM device
223  * @pcr_index	Index of the PCR
224  * @digest_list	List of digests to extend
225  *
226  * Return: zero on success, negative errno otherwise
227  */
228 int tcg2_pcr_extend(struct udevice *dev, u32 pcr_index,
229 		    struct tpml_digest_values *digest_list);
230 
231 /**
232  * Read the PCR into a list of digests
233  *
234  * @dev		TPM device
235  * @pcr_index	Index of the PCR
236  * @digest_list	List of digests to extend
237  *
238  * Return: zero on success, negative errno otherwise
239  */
240 int tcg2_pcr_read(struct udevice *dev, u32 pcr_index,
241 		  struct tpml_digest_values *digest_list);
242 
243 /**
244  * Measure data into the TPM PCRs and the platform event log.
245  *
246  * @dev		TPM device
247  * @log		Platform event log
248  * @pcr_index	Index of the PCR
249  * @size	Size of the data or 0 for event only
250  * @data	Pointer to the data or NULL for event only
251  * @event_type	Event log type
252  * @event_size	Size of the event
253  * @event	Pointer to the event
254  *
255  * Return: zero on success, negative errno otherwise
256  */
257 int tcg2_measure_data(struct udevice *dev, struct tcg2_event_log *elog,
258 		      u32 pcr_index, u32 size, const u8 *data, u32 event_type,
259 		      u32 event_size, const u8 *event);
260 
261 #define tcg2_measure_event(dev, elog, pcr_index, event_type, size, event) \
262 	tcg2_measure_data(dev, elog, pcr_index, 0, NULL, event_type, size, \
263 			  event)
264 
265 /**
266  * Prepare the event log buffer. This function tries to discover an existing
267  * event log in memory from a previous bootloader stage. If such a log exists
268  * and the PCRs are not extended, the log is "replayed" to extend the PCRs.
269  * If no log is discovered, create the log header.
270  *
271  * @dev			TPM device
272  * @elog		Platform event log. The log pointer and log_size
273  *			members must be initialized to either 0 or to a valid
274  *			memory region, in which case any existing log
275  *			discovered will be copied to the specified memory
276  *			region.
277  * @ignore_existing_log	Boolean to indicate whether or not to ignore an
278  *			existing platform log in memory
279  *
280  * Return: zero on success, negative errno otherwise
281  */
282 int tcg2_log_prepare_buffer(struct udevice *dev, struct tcg2_event_log *elog,
283 			    bool ignore_existing_log);
284 
285 /**
286  * Begin measurements.
287  *
288  * @dev			TPM device
289  * @elog		Platform event log. The log pointer and log_size
290  *			members must be initialized to either 0 or to a valid
291  *			memory region, in which case any existing log
292  *			discovered will be copied to the specified memory
293  *			region.
294  * @ignore_existing_log Boolean to indicate whether or not to ignore an
295  *			existing platform log in memory
296  *
297  * Return: zero on success, negative errno otherwise
298  */
299 int tcg2_measurement_init(struct udevice **dev, struct tcg2_event_log *elog,
300 			  bool ignore_existing_log);
301 
302 /**
303  * Stop measurements and record separator events.
304  *
305  * @dev		TPM device
306  * @elog	Platform event log
307  * @error	Boolean to indicate whether an error ocurred or not
308  */
309 void tcg2_measurement_term(struct udevice *dev, struct tcg2_event_log *elog,
310 			   bool error);
311 
312 /**
313  * Get the platform event log address and size.
314  *
315  * @dev		TPM device
316  * @addr	Address of the log
317  * @size	Size of the log
318  *
319  * Return: zero on success, negative errno otherwise
320  */
321 int tcg2_platform_get_log(struct udevice *dev, void **addr, u32 *size);
322 
323 /**
324  * Get the first TPM2 device found.
325  *
326  * @dev		TPM device
327  *
328  * Return: zero on success, negative errno otherwise
329  */
330 int tcg2_platform_get_tpm2(struct udevice **dev);
331 
332 /**
333  * Platform-specific function for handling TPM startup errors
334  *
335  * @dev		TPM device
336  * @rc		The TPM response code
337  */
338 void tcg2_platform_startup_error(struct udevice *dev, int rc);
339 
340 /**
341  * tcg2_algorithm_to_mask() - Get a TCG hash mask for algorithm
342  *
343  * @hash_alg: TCG defined algorithm
344  * Return: TCG hashing algorithm bitmaps (or 0 if algo not supported)
345  */
346 u32 tcg2_algorithm_to_mask(enum tpm2_algorithms);
347 
348 #endif /* __TPM_TCG_V2_H */
349