aboutsummaryrefslogtreecommitdiff
path: root/include/drivers/measured_boot/tcg.h
blob: ab27a0844f79f46a347591fc51f1c6433f9e7f5b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
/*
 * Copyright (c) 2020, Arm Limited. All rights reserved.
 *
 * SPDX-License-Identifier: BSD-3-Clause
 */

#ifndef TCG_H
#define TCG_H

#include <stdint.h>

#define TCG_ID_EVENT_SIGNATURE_03	"Spec ID Event03"
#define TCG_STARTUP_LOCALITY_SIGNATURE	"StartupLocality"

#define TCG_SPEC_VERSION_MAJOR_TPM2   2
#define TCG_SPEC_VERSION_MINOR_TPM2   0
#define TCG_SPEC_ERRATA_TPM2          2

/*
 * Event types
 * Ref. Table 9 Events
 * TCG PC Client Platform Firmware Profile Specification.
 */
#define EV_PREBOOT_CERT				U(0x00000000)
#define EV_POST_CODE				U(0x00000001)
#define	EV_UNUSED				U(0x00000002)
#define EV_NO_ACTION				U(0x00000003)
#define EV_SEPARATOR				U(0x00000004)
#define EV_ACTION				U(0x00000005)
#define	EV_EVENT_TAG				U(0x00000006)
#define EV_S_CRTM_CONTENTS			U(0x00000007)
#define EV_S_CRTM_VERSION			U(0x00000008)
#define EV_CPU_MICROCODE			U(0x00000009)
#define EV_PLATFORM_CONFIG_FLAGS		U(0x0000000A)
#define EV_TABLE_OF_DEVICES			U(0x0000000B)
#define EV_COMPACT_HASH				U(0x0000000C)
#define	EV_IPL					U(0x0000000D)
#define	EV_IPL_PARTITION_DATA			U(0x0000000E)
#define EV_NONHOST_CODE				U(0x0000000F)
#define EV_NONHOST_CONFIG			U(0x00000010)
#define EV_NONHOST_INFO				U(0x00000011)
#define EV_OMIT_BOOT_DEVICE_EVENTS		U(0x00000012)
#define	EV_EFI_EVENT_BASE			U(0x80000000)
#define	EV_EFI_VARIABLE_DRIVER_CONFIG		U(0x80000001)
#define EV_EFI_VARIABLE_BOOT			U(0x80000002)
#define	EV_EFI_BOOT_SERVICES_APPLICATION	U(0x80000003)
#define	EV_EFI_BOOT_SERVICES_DRIVER		U(0x80000004)
#define	EV_EFI_RUNTIME_SERVICES_DRIVER		U(0x80000005)
#define	EV_EFI_GPT_EVENT			U(0x80000006)
#define	EV_EFI_ACTION				U(0x80000007)
#define	EV_EFI_PLATFORM_FIRMWARE_BLOB		U(0x80000008)
#define	EV_EFI_HANDOFF_TABLES			U(0x80000009)
#define	EV_EFI_HCRTM_EVENT			U(0x80000010)
#define	EV_EFI_VARIABLE_AUTHORITY		U(0x800000E0)

/*
 * TPM_ALG_ID constants.
 * Ref. Table 9 - Definition of (UINT16) TPM_ALG_ID Constants
 * Trusted Platform Module Library. Part 2: Structures
 */
#define TPM_ALG_SHA256		0x000B
#define TPM_ALG_SHA384		0x000C
#define TPM_ALG_SHA512		0x000D

/* TCG Platform Type */
#define PLATFORM_CLASS_CLIENT   0
#define PLATFORM_CLASS_SERVER   1

/* SHA digest sizes in bytes */
#define SHA1_DIGEST_SIZE	20
#define SHA256_DIGEST_SIZE	32
#define SHA384_DIGEST_SIZE	48
#define SHA512_DIGEST_SIZE	64

enum {
	/*
	 * SRTM, BIOS, Host Platform Extensions, Embedded
	 * Option ROMs and PI Drivers
	 */
	PCR_0 = 0,
	/* Host Platform Configuration */
	PCR_1,
	/* UEFI driver and application Code */
	PCR_2,
	/* UEFI driver and application Configuration and Data */
	PCR_3,
	/* UEFI Boot Manager Code (usually the MBR) and Boot Attempts */
	PCR_4,
	/*
	 * Boot Manager Code Configuration and Data (for use
	 * by the Boot Manager Code) and GPT/Partition Table
	 */
	PCR_5,
	/* Host Platform Manufacturer Specific */
	PCR_6,
	/* Secure Boot Policy */
	PCR_7,
	/* 8-15: Defined for use by the Static OS */
	PCR_8,
	/* Debug */
	PCR_16 = 16
};

#pragma pack(push, 1)

/*
 * PCR Event Header
 * TCG EFI Protocol Specification
 * 5.3 Event Log Header
 */
typedef struct {
	/* PCRIndex:
	 * The PCR Index to which this event is extended
	 */
	uint32_t	pcr_index;

	/* EventType:
	 * SHALL be an EV_NO_ACTION event
	 */
	uint32_t	event_type;

	/* SHALL be 20 Bytes of 0x00 */
	uint8_t		digest[SHA1_DIGEST_SIZE];

	/* The size of the event */
	uint32_t	event_size;

	/* SHALL be a TCG_EfiSpecIdEvent */
	uint8_t		event[];	/* [event_data_size] */
} tcg_pcr_event_t;

/*
 * Log Header Entry Data
 * Ref. Table 14 TCG_EfiSpecIdEventAlgorithmSize
 * TCG PC Client Platform Firmware Profile 9.4.5.1
 */
typedef struct {
	/* Algorithm ID (hashAlg) of the Hash used by BIOS */
	uint16_t	algorithm_id;

	/* The size of the digest produced by the implemented Hash algorithm */
	uint16_t	digest_size;
} id_event_algorithm_size_t;

/*
 * TCG_EfiSpecIdEvent structure
 * Ref. Table 15 TCG_EfiSpecIdEvent
 * TCG PC Client Platform Firmware Profile 9.4.5.1
 */
typedef struct {
	/*
	 * The NUL-terminated ASCII string "Spec ID Event03".
	 * SHALL be set to {0x53, 0x70, 0x65, 0x63, 0x20, 0x49, 0x44,
	 * 0x20, 0x45, 0x76, 0x65, 0x6e, 0x74, 0x30, 0x33, 0x00}.
	 */
	uint8_t		signature[16];

	/*
	 * The value for the Platform Class.
	 * The enumeration is defined in the TCG ACPI Specification Client
	 * Common Header.
	 */
	uint32_t	platform_class;

	/*
	 * The PC Client Platform Profile Specification minor version number
	 * this BIOS supports.
	 * Any BIOS supporting this version (2.0) MUST set this value to 0x00.
	 */
	uint8_t		spec_version_minor;

	/*
	 * The PC Client Platform Profile Specification major version number
	 * this BIOS supports.
	 * Any BIOS supporting this version (2.0) MUST set this value to 0x02.
	 */
	uint8_t		spec_version_major;

	/*
	 * The PC Client Platform Profile Specification errata version number
	 * this BIOS supports.
	 * Any BIOS supporting this version (2.0) MUST set this value to 0x02.
	 */
	uint8_t		spec_errata;

	/*
	 * Specifies the size of the UINTN fields used in various data
	 * structures used in this specification.
	 * 0x01 indicates UINT32 and 0x02 indicates UINT64.
	 */
	uint8_t		uintn_size;

	/*
	 * The number of Hash algorithms in the digestSizes field.
	 * This field MUST be set to a value of 0x01 or greater.
	 */
	uint32_t	number_of_algorithms;

	/*
	 * Each TCG_EfiSpecIdEventAlgorithmSize SHALL contain an algorithmId
	 * and digestSize for each hash algorithm used in the TCG_PCR_EVENT2
	 * structure, the first of which is a Hash algorithmID and the second
	 * is the size of the respective digest.
	 */
	id_event_algorithm_size_t    digest_size[]; /* number_of_algorithms */
} id_event_struct_header_t;

typedef struct {
	/*
	 * Size in bytes of the VendorInfo field.
	 * Maximum value MUST be FFh bytes.
	 */
	uint8_t		vendor_info_size;

	/*
	 * Provided for use by Platform Firmware implementer. The value might
	 * be used, for example, to provide more detailed information about the
	 * specific BIOS such as BIOS revision numbers, etc. The values within
	 * this field are not standardized and are implementer-specific.
	 * Platform-specific or -unique information MUST NOT be provided in
	 * this field.
	 *
	 */
	uint8_t		vendor_info[];	/* [vendorInfoSize] */
} id_event_struct_data_t;

typedef struct {
	id_event_struct_header_t	struct_header;
	id_event_struct_data_t		struct_data;
} id_event_struct_t;

typedef struct {
	tcg_pcr_event_t			header;
	id_event_struct_header_t	struct_header;
} id_event_headers_t;

/* TPMT_HA Structure */
typedef struct {
	/* Selector of the hash contained in the digest that implies
	 * the size of the digest
	 */
	uint16_t	algorithm_id;	/* AlgorithmId */

	/* Digest, depends on AlgorithmId */
	uint8_t		digest[];	/* Digest[] */
} tpmt_ha;

/*
 * TPML_DIGEST_VALUES Structure
 */
typedef struct {
	/* The number of digests in the list */
	uint32_t	count;			/* Count */

	/* The list of tagged digests, as sent to the TPM as part of a
	 * TPM2_PCR_Extend or as received from a TPM2_PCR_Event command
	 */
	tpmt_ha		digests[];		/* Digests[Count] */
} tpml_digest_values;

/*
 * TCG_PCR_EVENT2 header
 */
typedef struct {
	 /* The PCR Index to which this event was extended */
	uint32_t		pcr_index;	/* PCRIndex */

	/* Type of event */
	uint32_t		event_type;	/* EventType */

	/* Digests:
	 * A counted list of tagged digests, which contain the digest of
	 * the event data (or external data) for all active PCR banks
	 */
	tpml_digest_values	digests;	/* Digests */
} event2_header_t;

typedef struct event2_data {
	/* The size of the event data */
	uint32_t		event_size;	/* EventSize */

	/* The data of the event */
	uint8_t			event[];	/* Event[EventSize] */
} event2_data_t;

/*
 * Startup Locality Event
 * Ref. TCG PC Client Platform Firmware Profile 9.4.5.3
 */
typedef struct {
	/*
	 * The NUL-terminated ASCII string "StartupLocality" SHALL be
	 * set to {0x53 0x74 0x61 0x72 0x74 0x75 0x70 0x4C 0x6F 0x63
	 * 0x61 0x6C 0x69 0x74 0x79 0x00}
	 */
	uint8_t		signature[16];

	/* The Locality Indicator which sent the TPM2_Startup command */
	uint8_t		startup_locality;
} startup_locality_event_t;

#pragma pack(pop)

#endif /* TCG_H */