1 /** @file
2   This library is intended to be used by BDS modules.
3   This library will execute TPM2 request.
4 
5 Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
6 SPDX-License-Identifier: BSD-2-Clause-Patent
7 
8 **/
9 
10 #ifndef _TCG2_PHYSICAL_PRESENCE_LIB_H_
11 #define _TCG2_PHYSICAL_PRESENCE_LIB_H_
12 
13 #include <IndustryStandard/Tpm20.h>
14 #include <IndustryStandard/TcgPhysicalPresence.h>
15 #include <Protocol/Tcg2Protocol.h>
16 
17 //
18 // UEFI TCG2 library definition bit of the BIOS TPM Management Flags
19 //
20 // BIT0 is reserved
21 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR               BIT1
22 // BIT2 is reserved
23 #define TCG2_LIB_PP_FLAG_RESET_TRACK                                      BIT3
24 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_ON             BIT4
25 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF            BIT5
26 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS          BIT6
27 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS         BIT7
28 
29 //
30 // UEFI TCG2 library definition bit of the BIOS Information Flags
31 //
32 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_STORAGE_DISABLE      BIT8
33 #define TCG2_BIOS_INFORMATION_FLAG_HIERACHY_CONTROL_ENDORSEMENT_DISABLE  BIT9
34 
35 //
36 // UEFI TCG2 library definition bit of the BIOS Storage Management Flags
37 //
38 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID   BIT16
39 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID  BIT17
40 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID                   BIT18
41 
42 //
43 // Default value
44 //
45 #define TCG2_BIOS_TPM_MANAGEMENT_FLAG_DEFAULT  (TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_TURN_OFF | \
46                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CLEAR | \
47                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_EPS | \
48                                                 TCG2_BIOS_TPM_MANAGEMENT_FLAG_PP_REQUIRED_FOR_CHANGE_PCRS)
49 
50 //
51 // Default value
52 //
53 #define TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_DEFAULT (TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_ENABLE_BLOCK_SID | \
54                                                    TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_PP_REQUIRED_FOR_DISABLE_BLOCK_SID |\
55                                                    TCG2_BIOS_STORAGE_MANAGEMENT_FLAG_ENABLE_BLOCK_SID)
56 
57 /**
58   Check and execute the pending TPM request.
59 
60   The TPM request may come from OS or BIOS. This API will display request information and wait
61   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
62   the TPM request is confirmed, and one or more reset may be required to make TPM request to
63   take effect.
64 
65   This API should be invoked after console in and console out are all ready as they are required
66   to display request information and get user input to confirm the request.
67 
68   @param  PlatformAuth                   platform auth value. NULL means no platform auth change.
69 **/
70 VOID
71 EFIAPI
72 Tcg2PhysicalPresenceLibProcessRequest (
73   IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL
74   );
75 
76 /**
77   Check if the pending TPM request needs user input to confirm.
78 
79   The TPM request may come from OS. This API will check if TPM request exists and need user
80   input to confirmation.
81 
82   @retval    TRUE        TPM needs input to confirm user physical presence.
83   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
84 
85 **/
86 BOOLEAN
87 EFIAPI
88 Tcg2PhysicalPresenceLibNeedUserConfirm (
89   VOID
90   );
91 
92 /**
93   Return TPM2 ManagementFlags set by PP interface.
94 
95   @retval    ManagementFlags    TPM2 Management Flags.
96 **/
97 UINT32
98 EFIAPI
99 Tcg2PhysicalPresenceLibGetManagementFlags (
100   VOID
101   );
102 
103 /**
104   The handler for TPM physical presence function:
105   Return TPM Operation Response to OS Environment.
106 
107   This API should be invoked in OS runtime phase to interface with ACPI method.
108 
109   @param[out]     MostRecentRequest Most recent operation request.
110   @param[out]     Response          Response to the most recent operation request.
111 
112   @return Return Code for Return TPM Operation Response to OS Environment.
113 **/
114 UINT32
115 EFIAPI
116 Tcg2PhysicalPresenceLibReturnOperationResponseToOsFunction (
117   OUT UINT32                *MostRecentRequest,
118   OUT UINT32                *Response
119   );
120 
121 /**
122   The handler for TPM physical presence function:
123   Submit TPM Operation Request to Pre-OS Environment and
124   Submit TPM Operation Request to Pre-OS Environment 2.
125 
126   This API should be invoked in OS runtime phase to interface with ACPI method.
127 
128   Caution: This function may receive untrusted input.
129 
130   @param[in, out]  Pointer to OperationRequest TPM physical presence operation request.
131   @param[in, out]  Pointer to RequestParameter TPM physical presence operation request parameter.
132 
133   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
134         Submit TPM Operation Request to Pre-OS Environment 2.
135   **/
136 UINT32
137 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunctionEx (
138   IN OUT UINT32               *OperationRequest,
139   IN OUT UINT32               *RequestParameter
140   );
141 
142 /**
143   The handler for TPM physical presence function:
144   Submit TPM Operation Request to Pre-OS Environment and
145   Submit TPM Operation Request to Pre-OS Environment 2.
146 
147   This API should be invoked in OS runtime phase to interface with ACPI method.
148 
149   Caution: This function may receive untrusted input.
150 
151   @param[in]      OperationRequest TPM physical presence operation request.
152   @param[in]      RequestParameter TPM physical presence operation request parameter.
153 
154   @return Return Code for Submit TPM Operation Request to Pre-OS Environment and
155           Submit TPM Operation Request to Pre-OS Environment 2.
156 **/
157 UINT32
158 EFIAPI
159 Tcg2PhysicalPresenceLibSubmitRequestToPreOSFunction (
160   IN UINT32                 OperationRequest,
161   IN UINT32                 RequestParameter
162   );
163 
164 /**
165   The handler for TPM physical presence function:
166   Get User Confirmation Status for Operation.
167 
168   This API should be invoked in OS runtime phase to interface with ACPI method.
169 
170   Caution: This function may receive untrusted input.
171 
172   @param[in]      OperationRequest TPM physical presence operation request.
173 
174   @return Return Code for Get User Confirmation Status for Operation.
175 **/
176 UINT32
177 EFIAPI
178 Tcg2PhysicalPresenceLibGetUserConfirmationStatusFunction (
179   IN UINT32                 OperationRequest
180   );
181 
182 #endif
183