Home | History | Annotate | Download | only in DxeTrEEPhysicalPresenceLibNull 
      1 /** @file
      2   Execute pending TPM2 requests from OS or BIOS.
      3 
      4   Caution: This module requires additional review when modified.
      5   This driver will have external input - variable.
      6   This external input must be validated carefully to avoid security issue.
      7 
      8   TrEEExecutePendingTpmRequest() will receive untrusted input and do validation.
      9 
     10 Copyright (c) 2013 - 2015, Intel Corporation. All rights reserved.<BR>
     11 This program and the accompanying materials
     12 are licensed and made available under the terms and conditions of the BSD License
     13 which accompanies this distribution.  The full text of the license may be found at
     14 http://opensource.org/licenses/bsd-license.php
     15 
     16 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
     17 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
     18 
     19 **/
     20 
     21 #include <PiDxe.h>
     22 
     23 #include <Protocol/TrEEProtocol.h>
     24 #include <Protocol/VariableLock.h>
     25 #include <Library/DebugLib.h>
     26 #include <Library/BaseMemoryLib.h>
     27 #include <Library/UefiRuntimeServicesTableLib.h>
     28 #include <Library/UefiDriverEntryPoint.h>
     29 #include <Library/UefiBootServicesTableLib.h>
     30 #include <Library/UefiLib.h>
     31 #include <Library/MemoryAllocationLib.h>
     32 #include <Library/PrintLib.h>
     33 #include <Library/HiiLib.h>
     34 #include <Guid/EventGroup.h>
     35 #include <Guid/TrEEPhysicalPresenceData.h>
     36 #include <Library/Tpm2CommandLib.h>
     37 #include <Library/TrEEPpVendorLib.h>
     38 
     39 
     40 /**
     41   Get string by string id from HII Interface.
     42 
     43   @param[in] Id          String ID.
     44 
     45   @retval    CHAR16 *    String from ID.
     46   @retval    NULL        If error occurs.
     47 
     48 **/
     49 CHAR16 *
     50 TrEEPhysicalPresenceGetStringById (
     51   IN  EFI_STRING_ID   Id
     52   )
     53 {
     54   return NULL;
     55 }
     56 
     57 /**
     58   Send ClearControl and Clear command to TPM.
     59 
     60   @param[in]  PlatformAuth      platform auth value. NULL means no platform auth change.
     61 
     62   @retval EFI_SUCCESS           Operation completed successfully.
     63   @retval EFI_TIMEOUT           The register can't run into the expected status in time.
     64   @retval EFI_BUFFER_TOO_SMALL  Response data buffer is too small.
     65   @retval EFI_DEVICE_ERROR      Unexpected device behavior.
     66 
     67 **/
     68 EFI_STATUS
     69 EFIAPI
     70 TpmCommandClear (
     71   IN TPM2B_AUTH                *PlatformAuth  OPTIONAL
     72   )
     73 {
     74   return EFI_SUCCESS;
     75 }
     76 
     77 /**
     78   Execute physical presence operation requested by the OS.
     79 
     80   @param[in]      PlatformAuth        platform auth value. NULL means no platform auth change.
     81   @param[in]      CommandCode         Physical presence operation value.
     82   @param[in, out] PpiFlags            The physical presence interface flags.
     83 
     84   @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Unknown physical presence operation.
     85   @retval TREE_PP_OPERATION_RESPONSE_BIOS_FAILURE  Error occurred during sending command to TPM or
     86                                                    receiving response from TPM.
     87   @retval Others                                   Return code from the TPM device after command execution.
     88 **/
     89 UINT32
     90 TrEEExecutePhysicalPresence (
     91   IN      TPM2B_AUTH                       *PlatformAuth,  OPTIONAL
     92   IN      UINT32                           CommandCode,
     93   IN OUT  EFI_TREE_PHYSICAL_PRESENCE_FLAGS *PpiFlags
     94   )
     95 {
     96   return 0;
     97 }
     98 
     99 
    100 /**
    101   Read the specified key for user confirmation.
    102 
    103   @param[in]  CautionKey  If true,  F12 is used as confirm key;
    104                           If false, F10 is used as confirm key.
    105 
    106   @retval     TRUE        User confirmed the changes by input.
    107   @retval     FALSE       User discarded the changes.
    108 **/
    109 BOOLEAN
    110 TrEEReadUserKey (
    111   IN     BOOLEAN                    CautionKey
    112   )
    113 {
    114   return FALSE;
    115 }
    116 
    117 /**
    118   The constructor function register UNI strings into imageHandle.
    119 
    120   It will ASSERT() if that operation fails and it will always return EFI_SUCCESS.
    121 
    122   @param  ImageHandle   The firmware allocated handle for the EFI image.
    123   @param  SystemTable   A pointer to the EFI System Table.
    124 
    125   @retval EFI_SUCCESS   The constructor successfully added string package.
    126   @retval Other value   The constructor can't add string package.
    127 **/
    128 EFI_STATUS
    129 EFIAPI
    130 TrEEPhysicalPresenceLibConstructor (
    131   IN EFI_HANDLE        ImageHandle,
    132   IN EFI_SYSTEM_TABLE  *SystemTable
    133   )
    134 {
    135   return EFI_SUCCESS;
    136 }
    137 
    138 /**
    139   Display the confirm text and get user confirmation.
    140 
    141   @param[in] TpmPpCommand  The requested TPM physical presence command.
    142 
    143   @retval    TRUE          The user has confirmed the changes.
    144   @retval    FALSE         The user doesn't confirm the changes.
    145 **/
    146 BOOLEAN
    147 TrEEUserConfirm (
    148   IN      UINT32                    TpmPpCommand
    149   )
    150 {
    151   return FALSE;
    152 }
    153 
    154 /**
    155   Check if there is a valid physical presence command request. Also updates parameter value
    156   to whether the requested physical presence command already confirmed by user
    157 
    158    @param[in]  TcgPpData                 EFI TrEE Physical Presence request data.
    159    @param[in]  Flags                     The physical presence interface flags.
    160    @param[out] RequestConfirmed            If the physical presence operation command required user confirm from UI.
    161                                              True, it indicates the command doesn't require user confirm, or already confirmed
    162                                                    in last boot cycle by user.
    163                                              False, it indicates the command need user confirm from UI.
    164 
    165    @retval  TRUE        Physical Presence operation command is valid.
    166    @retval  FALSE       Physical Presence operation command is invalid.
    167 
    168 **/
    169 BOOLEAN
    170 TrEEHaveValidTpmRequest  (
    171   IN      EFI_TREE_PHYSICAL_PRESENCE       *TcgPpData,
    172   IN      EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags,
    173   OUT     BOOLEAN                          *RequestConfirmed
    174   )
    175 {
    176   return TRUE;
    177 }
    178 
    179 
    180 /**
    181   Check and execute the requested physical presence command.
    182 
    183   Caution: This function may receive untrusted input.
    184   TcgPpData variable is external input, so this function will validate
    185   its data structure to be valid value.
    186 
    187   @param[in] PlatformAuth         platform auth value. NULL means no platform auth change.
    188   @param[in] TcgPpData            Point to the physical presence NV variable.
    189   @param[in] Flags                The physical presence interface flags.
    190 **/
    191 VOID
    192 TrEEExecutePendingTpmRequest (
    193   IN      TPM2B_AUTH                       *PlatformAuth,  OPTIONAL
    194   IN      EFI_TREE_PHYSICAL_PRESENCE       *TcgPpData,
    195   IN      EFI_TREE_PHYSICAL_PRESENCE_FLAGS Flags
    196   )
    197 {
    198   return;
    199 }
    200 
    201 /**
    202   Check and execute the pending TPM request.
    203 
    204   The TPM request may come from OS or BIOS. This API will display request information and wait
    205   for user confirmation if TPM request exists. The TPM request will be sent to TPM device after
    206   the TPM request is confirmed, and one or more reset may be required to make TPM request to
    207   take effect.
    208 
    209   This API should be invoked after console in and console out are all ready as they are required
    210   to display request information and get user input to confirm the request.
    211 
    212   @param[in]  PlatformAuth                   platform auth value. NULL means no platform auth change.
    213 **/
    214 VOID
    215 EFIAPI
    216 TrEEPhysicalPresenceLibProcessRequest (
    217   IN      TPM2B_AUTH                     *PlatformAuth  OPTIONAL
    218   )
    219 {
    220   return;
    221 }
    222 
    223 /**
    224   Check if the pending TPM request needs user input to confirm.
    225 
    226   The TPM request may come from OS. This API will check if TPM request exists and need user
    227   input to confirmation.
    228 
    229   @retval    TRUE        TPM needs input to confirm user physical presence.
    230   @retval    FALSE       TPM doesn't need input to confirm user physical presence.
    231 
    232 **/
    233 BOOLEAN
    234 EFIAPI
    235 TrEEPhysicalPresenceLibNeedUserConfirm(
    236   VOID
    237   )
    238 {
    239 
    240   return FALSE;
    241 }
    242 
    243