Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/sys/contrib/edk2/Include/IndustryStandard/UefiTcgPlatform.h
96339 views
1
/** @file

2
  TCG EFI Platform Definition in TCG_EFI_Platform_1_20_Final and

3
  TCG PC Client Platform Firmware Profile Specification, Revision 1.06

4


5
  Copyright (c) 2006 - 2024, Intel Corporation. All rights reserved.<BR>

6
  SPDX-License-Identifier: BSD-2-Clause-Patent

7


8
**/

9


10
#ifndef __UEFI_TCG_PLATFORM_H__

11
#define __UEFI_TCG_PLATFORM_H__

12


13
#include <IndustryStandard/Tpm12.h>

14
#include <IndustryStandard/Tpm20.h>

15
#include <Uefi.h>

16


17
//

18
// Standard event types

19
//

20
#define EV_PREBOOT_CERT             ((TCG_EVENTTYPE) 0x00000000)

21
#define EV_POST_CODE                ((TCG_EVENTTYPE) 0x00000001)

22
#define EV_NO_ACTION                ((TCG_EVENTTYPE) 0x00000003)

23
#define EV_SEPARATOR                ((TCG_EVENTTYPE) 0x00000004)

24
#define EV_ACTION                   ((TCG_EVENTTYPE) 0x00000005)

25
#define EV_EVENT_TAG                ((TCG_EVENTTYPE) 0x00000006)

26
#define EV_S_CRTM_CONTENTS          ((TCG_EVENTTYPE) 0x00000007)

27
#define EV_S_CRTM_VERSION           ((TCG_EVENTTYPE) 0x00000008)

28
#define EV_CPU_MICROCODE            ((TCG_EVENTTYPE) 0x00000009)

29
#define EV_PLATFORM_CONFIG_FLAGS    ((TCG_EVENTTYPE) 0x0000000A)

30
#define EV_TABLE_OF_DEVICES         ((TCG_EVENTTYPE) 0x0000000B)

31
#define EV_COMPACT_HASH             ((TCG_EVENTTYPE) 0x0000000C)

32
#define EV_NONHOST_CODE             ((TCG_EVENTTYPE) 0x0000000F)

33
#define EV_NONHOST_CONFIG           ((TCG_EVENTTYPE) 0x00000010)

34
#define EV_NONHOST_INFO             ((TCG_EVENTTYPE) 0x00000011)

35
#define EV_OMIT_BOOT_DEVICE_EVENTS  ((TCG_EVENTTYPE) 0x00000012)

36


37
//

38
// EFI specific event types

39
//

40
#define EV_EFI_EVENT_BASE                 ((TCG_EVENTTYPE) 0x80000000)

41
#define EV_EFI_VARIABLE_DRIVER_CONFIG     (EV_EFI_EVENT_BASE + 1)

42
#define EV_EFI_VARIABLE_BOOT              (EV_EFI_EVENT_BASE + 2)

43
#define EV_EFI_BOOT_SERVICES_APPLICATION  (EV_EFI_EVENT_BASE + 3)

44
#define EV_EFI_BOOT_SERVICES_DRIVER       (EV_EFI_EVENT_BASE + 4)

45
#define EV_EFI_RUNTIME_SERVICES_DRIVER    (EV_EFI_EVENT_BASE + 5)

46
#define EV_EFI_GPT_EVENT                  (EV_EFI_EVENT_BASE + 6)

47
#define EV_EFI_ACTION                     (EV_EFI_EVENT_BASE + 7)

48
#define EV_EFI_PLATFORM_FIRMWARE_BLOB     (EV_EFI_EVENT_BASE + 8)

49
#define EV_EFI_HANDOFF_TABLES             (EV_EFI_EVENT_BASE + 9)

50
#define EV_EFI_PLATFORM_FIRMWARE_BLOB2    (EV_EFI_EVENT_BASE + 0xA)

51
#define EV_EFI_HANDOFF_TABLES2            (EV_EFI_EVENT_BASE + 0xB)

52
#define EV_EFI_HCRTM_EVENT                (EV_EFI_EVENT_BASE + 0x10)

53
#define EV_EFI_VARIABLE_AUTHORITY         (EV_EFI_EVENT_BASE + 0xE0)

54
#define EV_EFI_SPDM_FIRMWARE_BLOB         (EV_EFI_EVENT_BASE + 0xE1)

55
#define EV_EFI_SPDM_FIRMWARE_CONFIG       (EV_EFI_EVENT_BASE + 0xE2)

56
#define EV_EFI_SPDM_DEVICE_BLOB           EV_EFI_SPDM_FIRMWARE_BLOB

57
#define EV_EFI_SPDM_DEVICE_CONFIG         EV_EFI_SPDM_FIRMWARE_CONFIG

58
//

59
// The SPDM policy database for SPDM verification.

60
// It goes to PCR7

61
//

62
#define EV_EFI_SPDM_DEVICE_POLICY  (EV_EFI_EVENT_BASE + 0xE3)

63
//

64
// The SPDM policy authority for SPDM verification for the signature

65
// of GET_MEASUREMENT or CHALLENGE_AUTH. It goes to PCR7.

66
//

67
#define EV_EFI_SPDM_DEVICE_AUTHORITY  (EV_EFI_EVENT_BASE + 0xE4)

68


69
#define EFI_CALLING_EFI_APPLICATION         \

70
  "Calling EFI Application from Boot Option"

71
#define EFI_RETURNING_FROM_EFI_APPLICATION  \

72
  "Returning from EFI Application from Boot Option"

73
#define EFI_EXIT_BOOT_SERVICES_INVOCATION   \

74
  "Exit Boot Services Invocation"

75
#define EFI_EXIT_BOOT_SERVICES_FAILED       \

76
  "Exit Boot Services Returned with Failure"

77
#define EFI_EXIT_BOOT_SERVICES_SUCCEEDED    \

78
  "Exit Boot Services Returned with Success"

79


80
#define EV_POSTCODE_INFO_POST_CODE  "POST CODE"

81
#define POST_CODE_STR_LEN           (sizeof(EV_POSTCODE_INFO_POST_CODE) - 1)

82


83
#define EV_POSTCODE_INFO_SMM_CODE  "SMM CODE"

84
#define SMM_CODE_STR_LEN           (sizeof(EV_POSTCODE_INFO_SMM_CODE) - 1)

85


86
#define EV_POSTCODE_INFO_ACPI_DATA  "ACPI DATA"

87
#define ACPI_DATA_LEN               (sizeof(EV_POSTCODE_INFO_ACPI_DATA) - 1)

88


89
#define EV_POSTCODE_INFO_BIS_CODE  "BIS CODE"

90
#define BIS_CODE_LEN               (sizeof(EV_POSTCODE_INFO_BIS_CODE) - 1)

91


92
#define EV_POSTCODE_INFO_UEFI_PI  "UEFI PI"

93
#define UEFI_PI_LEN               (sizeof(EV_POSTCODE_INFO_UEFI_PI) - 1)

94


95
#define EV_POSTCODE_INFO_OPROM  "Embedded Option ROM"

96
#define OPROM_LEN               (sizeof(EV_POSTCODE_INFO_OPROM) - 1)

97


98
#define EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER  "Embedded UEFI Driver"

99
#define EMBEDDED_UEFI_DRIVER_LEN               (sizeof(EV_POSTCODE_INFO_EMBEDDED_UEFI_DRIVER) - 1)

100


101
#define FIRMWARE_DEBUGGER_EVENT_STRING      "UEFI Debug Mode"

102
#define FIRMWARE_DEBUGGER_EVENT_STRING_LEN  (sizeof(FIRMWARE_DEBUGGER_EVENT_STRING) - 1)

103


104
//

105
// Set structure alignment to 1-byte

106
//

107
#pragma pack (1)

108


109
typedef UINT32        TCG_EVENTTYPE;

110
typedef TPM_PCRINDEX  TCG_PCRINDEX;

111
typedef TPM_DIGEST    TCG_DIGEST;

112
///

113
/// Event Log Entry Structure Definition

114
///

115
typedef struct tdTCG_PCR_EVENT {

116
  TCG_PCRINDEX     PCRIndex;                   ///< PCRIndex event extended to

117
  TCG_EVENTTYPE    EventType;                  ///< TCG EFI event type

118
  TCG_DIGEST       Digest;                     ///< Value extended into PCRIndex

119
  UINT32           EventSize;                  ///< Size of the event data

120
  UINT8            Event[1];                   ///< The event data

121
} TCG_PCR_EVENT;

122


123
#define TSS_EVENT_DATA_MAX_SIZE  256

124


125
///

126
/// TCG_PCR_EVENT_HDR

127
///

128
typedef struct tdTCG_PCR_EVENT_HDR {

129
  TCG_PCRINDEX     PCRIndex;

130
  TCG_EVENTTYPE    EventType;

131
  TCG_DIGEST       Digest;

132
  UINT32           EventSize;

133
} TCG_PCR_EVENT_HDR;

134


135
///

136
/// EFI_PLATFORM_FIRMWARE_BLOB

137
///

138
/// BlobLength should be of type UINTN but we use UINT64 here

139
/// because PEI is 32-bit while DXE is 64-bit on x64 platforms

140
///

141
typedef struct tdEFI_PLATFORM_FIRMWARE_BLOB {

142
  EFI_PHYSICAL_ADDRESS    BlobBase;

143
  UINT64                  BlobLength;

144
} EFI_PLATFORM_FIRMWARE_BLOB;

145


146
///

147
/// UEFI_PLATFORM_FIRMWARE_BLOB

148
///

149
/// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB

150
/// event to facilitate the measurement of firmware volume.

151
///

152
typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB {

153
  EFI_PHYSICAL_ADDRESS    BlobBase;

154
  UINT64                  BlobLength;

155
} UEFI_PLATFORM_FIRMWARE_BLOB;

156


157
///

158
/// UEFI_PLATFORM_FIRMWARE_BLOB2

159
///

160
/// This structure is used in EV_EFI_PLATFORM_FIRMWARE_BLOB2

161
/// event to facilitate the measurement of firmware volume.

162
///

163
typedef struct tdUEFI_PLATFORM_FIRMWARE_BLOB2 {

164
  UINT8    BlobDescriptionSize;

165
  // UINT8                             BlobDescription[BlobDescriptionSize];

166
  // EFI_PHYSICAL_ADDRESS              BlobBase;

167
  // UINT64                            BlobLength;

168
} UEFI_PLATFORM_FIRMWARE_BLOB2;

169


170
///

171
/// EFI_IMAGE_LOAD_EVENT

172
///

173
/// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION,

174
/// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER

175
///

176
typedef struct tdEFI_IMAGE_LOAD_EVENT {

177
  EFI_PHYSICAL_ADDRESS        ImageLocationInMemory;

178
  UINTN                       ImageLengthInMemory;

179
  UINTN                       ImageLinkTimeAddress;

180
  UINTN                       LengthOfDevicePath;

181
  EFI_DEVICE_PATH_PROTOCOL    DevicePath[1];

182
} EFI_IMAGE_LOAD_EVENT;

183


184
///

185
/// UEFI_IMAGE_LOAD_EVENT

186
///

187
/// This structure is used in EV_EFI_BOOT_SERVICES_APPLICATION,

188
/// EV_EFI_BOOT_SERVICES_DRIVER and EV_EFI_RUNTIME_SERVICES_DRIVER

189
///

190
typedef struct tdUEFI_IMAGE_LOAD_EVENT {

191
  EFI_PHYSICAL_ADDRESS        ImageLocationInMemory;

192
  UINT64                      ImageLengthInMemory;

193
  UINT64                      ImageLinkTimeAddress;

194
  UINT64                      LengthOfDevicePath;

195
  EFI_DEVICE_PATH_PROTOCOL    DevicePath[1];

196
} UEFI_IMAGE_LOAD_EVENT;

197


198
///

199
/// EFI_HANDOFF_TABLE_POINTERS

200
///

201
/// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate

202
/// the measurement of given configuration tables.

203
///

204
typedef struct tdEFI_HANDOFF_TABLE_POINTERS {

205
  UINTN                      NumberOfTables;

206
  EFI_CONFIGURATION_TABLE    TableEntry[1];

207
} EFI_HANDOFF_TABLE_POINTERS;

208


209
///

210
/// UEFI_HANDOFF_TABLE_POINTERS

211
///

212
/// This structure is used in EV_EFI_HANDOFF_TABLES event to facilitate

213
/// the measurement of given configuration tables.

214
///

215
typedef struct tdUEFI_HANDOFF_TABLE_POINTERS {

216
  UINT64                     NumberOfTables;

217
  EFI_CONFIGURATION_TABLE    TableEntry[1];

218
} UEFI_HANDOFF_TABLE_POINTERS;

219


220
///

221
/// UEFI_HANDOFF_TABLE_POINTERS2

222
///

223
/// This structure is used in EV_EFI_HANDOFF_TABLES2 event to facilitate

224
/// the measurement of given configuration tables.

225
///

226
typedef struct tdUEFI_HANDOFF_TABLE_POINTERS2 {

227
  UINT8    TableDescriptionSize;

228
  // UINT8                             TableDescription[TableDescriptionSize];

229
  // UINT64                            NumberOfTables;

230
  // EFI_CONFIGURATION_TABLE           TableEntry[1];

231
} UEFI_HANDOFF_TABLE_POINTERS2;

232


233
///

234
/// EFI_VARIABLE_DATA

235
///

236
/// This structure serves as the header for measuring variables. The name of the

237
/// variable (in Unicode format) should immediately follow, then the variable

238
/// data.

239
/// This is defined in TCG EFI Platform Spec for TPM1.1 or 1.2 V1.22

240
///

241
typedef struct tdEFI_VARIABLE_DATA {

242
  EFI_GUID    VariableName;

243
  UINTN       UnicodeNameLength;

244
  UINTN       VariableDataLength;

245
  CHAR16      UnicodeName[1];

246
  INT8        VariableData[1];                        ///< Driver or platform-specific data

247
} EFI_VARIABLE_DATA;

248


249
///

250
/// UEFI_VARIABLE_DATA

251
///

252
/// This structure serves as the header for measuring variables. The name of the

253
/// variable (in Unicode format) should immediately follow, then the variable

254
/// data.

255
/// This is defined in TCG PC Client Firmware Profile Spec 00.21

256
///

257
typedef struct tdUEFI_VARIABLE_DATA {

258
  EFI_GUID    VariableName;

259
  UINT64      UnicodeNameLength;

260
  UINT64      VariableDataLength;

261
  CHAR16      UnicodeName[1];

262
  INT8        VariableData[1];                        ///< Driver or platform-specific data

263
} UEFI_VARIABLE_DATA;

264


265
//

266
// For TrEE1.0 compatibility

267
//

268
typedef struct {

269
  EFI_GUID    VariableName;

270
  UINT64      UnicodeNameLength;                         // The TCG Definition used UINTN

271
  UINT64      VariableDataLength;                        // The TCG Definition used UINTN

272
  CHAR16      UnicodeName[1];

273
  INT8        VariableData[1];

274
} EFI_VARIABLE_DATA_TREE;

275


276
typedef struct tdEFI_GPT_DATA {

277
  EFI_PARTITION_TABLE_HEADER    EfiPartitionHeader;

278
  UINTN                         NumberOfPartitions;

279
  EFI_PARTITION_ENTRY           Partitions[1];

280
} EFI_GPT_DATA;

281


282
typedef struct tdUEFI_GPT_DATA {

283
  EFI_PARTITION_TABLE_HEADER    EfiPartitionHeader;

284
  UINT64                        NumberOfPartitions;

285
  EFI_PARTITION_ENTRY           Partitions[1];

286
} UEFI_GPT_DATA;

287


288
#define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE  "SPDM Device Sec"

289
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION    1

290


291
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_NULL  0

292
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_PCI   1

293
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_TYPE_USB   2

294


295
///

296
/// TCG_DEVICE_SECURITY_EVENT_DATA_HEADER

297
/// This is the header of TCG_DEVICE_SECURITY_EVENT_DATA, which is

298
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.

299
///

300
typedef struct {

301
  UINT8     Signature[16];

302
  UINT16    Version;

303
  UINT16    Length;

304
  UINT32    SpdmHashAlgo;

305
  UINT32    DeviceType;

306
  // SPDM_MEASUREMENT_BLOCK         SpdmMeasurementBlock;

307
} TCG_DEVICE_SECURITY_EVENT_DATA_HEADER;

308


309
#define TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT_VERSION  0

310


311
///

312
/// TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT

313
/// This is the PCI context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is

314
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.

315
///

316
typedef struct {

317
  UINT16    Version;

318
  UINT16    Length;

319
  UINT16    VendorId;

320
  UINT16    DeviceId;

321
  UINT8     RevisionID;

322
  UINT8     ClassCode[3];

323
  UINT16    SubsystemVendorID;

324
  UINT16    SubsystemID;

325
} TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT;

326


327
#define TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT_VERSION  0

328


329
///

330
/// TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT

331
/// This is the USB context data of TCG_DEVICE_SECURITY_EVENT_DATA, which is

332
/// used in EV_EFI_SPDM_FIRMWARE_BLOB and EV_EFI_SPDM_FIRMWARE_CONFIG.

333
///

334
typedef struct {

335
  UINT16    Version;

336
  UINT16    Length;

337
  // UINT8   DeviceDescriptor[DescLen];

338
  // UINT8   BodDescriptor[DescLen];

339
  // UINT8   ConfigurationDescriptor[DescLen][NumOfConfiguration];

340
} TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT;

341


342
//

343
// Crypto Agile Log Entry Format

344
//

345
typedef struct tdTCG_PCR_EVENT2 {

346
  TCG_PCRINDEX          PCRIndex;

347
  TCG_EVENTTYPE         EventType;

348
  TPML_DIGEST_VALUES    Digest;

349
  UINT32                EventSize;

350
  UINT8                 Event[1];

351
} TCG_PCR_EVENT2;

352


353
//

354
// TCG PCR Event2 Header

355
// Follow TCG EFI Protocol Spec 5.2 Crypto Agile Log Entry Format

356
//

357
typedef struct tdTCG_PCR_EVENT2_HDR {

358
  TCG_PCRINDEX          PCRIndex;

359
  TCG_EVENTTYPE         EventType;

360
  TPML_DIGEST_VALUES    Digests;

361
  UINT32                EventSize;

362
} TCG_PCR_EVENT2_HDR;

363


364
//

365
// Log Header Entry Data

366
//

367
typedef struct {

368
  //

369
  // TCG defined hashing algorithm ID.

370
  //

371
  UINT16    algorithmId;

372
  //

373
  // The size of the digest for the respective hashing algorithm.

374
  //

375
  UINT16    digestSize;

376
} TCG_EfiSpecIdEventAlgorithmSize;

377


378
#define TCG_EfiSpecIDEventStruct_SIGNATURE_02  "Spec ID Event02"

379
#define TCG_EfiSpecIDEventStruct_SIGNATURE_03  "Spec ID Event03"

380


381
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM12  1

382
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM12  2

383
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM12         2

384


385
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MAJOR_TPM2   2

386
#define TCG_EfiSpecIDEventStruct_SPEC_VERSION_MINOR_TPM2   0

387
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2          0

388
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_105  105

389
#define TCG_EfiSpecIDEventStruct_SPEC_ERRATA_TPM2_REV_106  106

390


391
typedef struct {

392
  UINT8     signature[16];

393
  //

394
  // The value for the Platform Class.

395
  // The enumeration is defined in the TCG ACPI Specification Client Common Header.

396
  //

397
  UINT32    platformClass;

398
  //

399
  // The TCG EFI Platform Specification minor version number this BIOS supports.

400
  // Any BIOS supporting version (1.22) MUST set this value to 02h.

401
  // Any BIOS supporting version (2.0) SHALL set this value to 0x00.

402
  //

403
  UINT8     specVersionMinor;

404
  //

405
  // The TCG EFI Platform Specification major version number this BIOS supports.

406
  // Any BIOS supporting version (1.22) MUST set this value to 01h.

407
  // Any BIOS supporting version (2.0) SHALL set this value to 0x02.

408
  //

409
  UINT8     specVersionMajor;

410
  //

411
  // The TCG EFI Platform Specification errata for this specification this BIOS supports.

412
  // Any BIOS supporting version and errata (1.22) MUST set this value to 02h.

413
  // Any BIOS supporting version and errata (2.0) SHALL set this value to 0x00.

414
  //

415
  UINT8     specErrata;

416
  //

417
  // Specifies the size of the UINTN fields used in various data structures used in this specification.

418
  // 0x01 indicates UINT32 and 0x02 indicates UINT64.

419
  //

420
  UINT8     uintnSize;

421
  //

422
  // This field is added in "Spec ID Event03".

423
  // The number of hashing algorithms used in this event log (except the first event).

424
  // All events in this event log use all hashing algorithms defined here.

425
  //

426
  UINT32              numberOfAlgorithms;

427
  //

428
  // This field is added in "Spec ID Event03".

429
  // An array of size numberOfAlgorithms of value pairs.

430
  //

431
  //TCG_EfiSpecIdEventAlgorithmSize digestSize[numberOfAlgorithms];

432
  TCG_EfiSpecIdEventAlgorithmSize digestSize[];

433
  //

434
  // Size in bytes of the VendorInfo field.

435
  // Maximum value SHALL be FFh bytes.

436
  //

437
  //UINT8               vendorInfoSize;

438
  //

439
  // Provided for use by the BIOS implementer.

440
  // The value might be used, for example, to provide more detailed information about the specific BIOS such as BIOS revision numbers, etc.

441
  // The values within this field are not standardized and are implementer-specific.

442
  // Platform-specific or -unique information SHALL NOT be provided in this field.

443
  //

444
  //UINT8               vendorInfo[vendorInfoSize];

445
} TCG_EfiSpecIDEventStruct;

446


447
typedef struct tdTCG_PCClientTaggedEvent {

448
  UINT32    taggedEventID;

449
  UINT32    taggedEventDataSize;

450
  // UINT8               taggedEventData[taggedEventDataSize];

451
} TCG_PCClientTaggedEvent;

452


453
#define TCG_Sp800_155_PlatformId_Event_SIGNATURE   "SP800-155 Event"

454
#define TCG_Sp800_155_PlatformId_Event2_SIGNATURE  "SP800-155 Event2"

455
#define TCG_Sp800_155_PlatformId_Event3_SIGNATURE  "SP800-155 Event3"

456


457
typedef struct tdTCG_Sp800_155_PlatformId_Event2 {

458
  UINT8       Signature[16];

459
  //

460
  // Where Vendor ID is an integer defined

461
  // at http://www.iana.org/assignments/enterprisenumbers

462
  //

463
  UINT32      VendorId;

464
  //

465
  // 16-byte identifier of a given platform's static configuration of code

466
  //

467
  EFI_GUID    ReferenceManifestGuid;

468
  //

469
  // Below structure is newly added in TCG_Sp800_155_PlatformId_Event2.

470
  //

471
  // UINT8               PlatformManufacturerStrSize;

472
  // UINT8               PlatformManufacturerStr[PlatformManufacturerStrSize];

473
  // UINT8               PlatformModelSize;

474
  // UINT8               PlatformModel[PlatformModelSize];

475
  // UINT8               PlatformVersionSize;

476
  // UINT8               PlatformVersion[PlatformVersionSize];

477
  // UINT8               FirmwareManufacturerStrSize;

478
  // UINT8               FirmwareManufacturerStr[FirmwareManufacturerStrSize];

479
  // UINT32              FirmwareManufacturerId;

480
  // UINT8               FirmwareVersion;

481
  // UINT8               FirmwareVersion[FirmwareVersionSize];

482
} TCG_Sp800_155_PlatformId_Event2;

483


484
typedef struct tdTCG_Sp800_155_PlatformId_Event3 {

485
  UINT8       Signature[16];

486
  //

487
  // Where Vendor ID is an integer defined

488
  // at http://www.iana.org/assignments/enterprisenumbers

489
  //

490
  UINT32      VendorId;

491
  //

492
  // 16-byte identifier of a given platform's static configuration of code

493
  //

494
  EFI_GUID    ReferenceManifestGuid;

495
  // UINT8               PlatformManufacturerStrSize;

496
  // UINT8               PlatformManufacturerStr[PlatformManufacturerStrSize];

497
  // UINT8               PlatformModelSize;

498
  // UINT8               PlatformModel[PlatformModelSize];

499
  // UINT8               PlatformVersionSize;

500
  // UINT8               PlatformVersion[PlatformVersionSize];

501
  // UINT8               FirmwareManufacturerStrSize;

502
  // UINT8               FirmwareManufacturerStr[FirmwareManufacturerStrSize];

503
  // UINT32              FirmwareManufacturerId;

504
  // UINT8               FirmwareVersion;

505
  // UINT8               FirmwareVersion[FirmwareVersionSize];

506
  //

507
  // Below structure is newly added in TCG_Sp800_155_PlatformId_Event3

508
  //

509
  // UINT32              RimLocatorType;

510
  // UINT32              RimLocatorLength;

511
  // UINT8               RimLocator[RimLocatorLength];

512
  // UINT32              PlatformCertLocatorType;

513
  // UINT32              PlatformCertLocatorLength;

514
  // UINT8               PlatformCertLocator[PlatformCertLocatorLength];

515
} TCG_Sp800_155_PlatformId_Event3;

516


517
/**

518
 * TCG specifies a locator type with the following values

519
 * 0 - Raw data in the locator itself.

520
 * 1 - URI in rtf2396 format.

521
 * 2 - local device path in EFI_DEVICE_PATH_PROTOCOL format.

522
 * 3 - UEFI variable (16 byte EFI_GUID, then 00-terminated UCS2 string)

523
**/

524
#define TCG_LOCATOR_TYPE_RAW_DATA       0

525
#define TCG_LOCATOR_TYPE_URI            1

526
#define TCG_LOCATOR_TYPE_DEVICE_PATH    2

527
#define TCG_LOCATOR_TYPE_UEFI_VARIABLE  3

528


529
#define TCG_EfiStartupLocalityEvent_SIGNATURE  "StartupLocality"

530


531
//

532
// The Locality Indicator which sent the TPM2_Startup command

533
//

534
#define LOCALITY_0_INDICATOR  0x00

535
#define LOCALITY_3_INDICATOR  0x03

536


537
//

538
// Startup Locality Event

539
//

540
typedef struct tdTCG_EfiStartupLocalityEvent {

541
  UINT8    Signature[16];

542
  //

543
  // The Locality Indicator which sent the TPM2_Startup command

544
  //

545
  UINT8    StartupLocality;

546
} TCG_EfiStartupLocalityEvent;

547


548
//

549
// Restore original structure alignment

550
//

551
#pragma pack ()

552


553
//

554
// ======================================================================================================================

555
// Event Type                    PCR  Event Log                                   Usage

556
// ======================================================================================================================

557
// EV_EFI_SPDM_DEVICE_BLOB       2    SPDM_MEASUREMENT_BLOCK (subtype)            MEASUREMENT from device

558
// EV_EFI_SPDM_DEVICE_CONFIG     3    SPDM_MEASUREMENT_BLOCK (subtype)            MEASUREMENT from device

559
// EV_EFI_SPDM_DEVICE_BLOB       2    SPDM_MEASUREMENT_SUMMARY_HASH.TCB (subtype) SUMMARY_HASH from device

560


561
// EV_EFI_SPDM_DEVICE_POLICY     7    UEFI_VARIABLE_DATA with EFI_SIGNATURE_LIST  Provisioned device public cert.

562
// EV_EFI_SPDM_DEVICE_AUTHORITY  7    UEFI_VARIABLE_DATA with EFI_SIGNATURE_DATA  CHALLENGE_AUTH signature verification

563
// ======================================================================================================================

564
//

565


566
#define PCR_INDEX_FOR_SIGNATURE_DB  7

567


568
#pragma pack(1)

569


570
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_1    1

571
#define TCG_DEVICE_SECURITY_EVENT_DATA_VERSION_2    2

572
#define TCG_DEVICE_SECURITY_EVENT_DATA_SIGNATURE_2  "SPDM Device Sec2"

573


574
typedef struct {

575
  UINT8     Signature[16];

576
  UINT16    Version;

577
  UINT8     AuthState;

578
  UINT8     Reserved;

579
  UINT32    Length;                      // Length in bytes for all following structures.

580
  UINT32    DeviceType;

581
  UINT32    SubHeaderType;

582
  UINT32    SubHeaderLength;                      // Length in bytes of the sub header followed by.

583
  UINT64    SubHeaderUID;                         // Universal identifier assigned by the event log creator. It can be used to bind two sub header structure together.

584
  // UINT64                         DevicePathLength;

585
  // UINT8                          DevicePath[DevicePathLength];

586
} TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2;

587


588
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_SUCCESS       0

589
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_AUTH       1

590
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_BINDING    2

591
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_NO_SIG   3

592
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_FAIL_INVALID  4

593
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_AUTH_STATE_NO_SPDM       0xFF

594


595
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_MEASUREMENT_BLOCK  0

596
#define TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_SUB_HEADER_TYPE_SPDM_CERT_CHAIN         1

597


598
typedef struct {

599
  UINT16    SpdmVersion;

600
  UINT8     SpdmMeasurementBlockCount;

601
  UINT8     Reserved;

602
  UINT32    SpdmMeasurementHashAlgo;

603
  // SPDM_MEASUREMENT_BLOCK         SpdmMeasurementBlock;

604
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK;

605


606
typedef struct {

607
  UINT16    SpdmVersion;

608
  UINT8     SpdmSlotId;

609
  UINT8     Reserved;

610
  UINT32    SpdmHashAlgo;

611
  // SPDM_CERT_CHAIN                SpdmCertChain;

612
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN;

613


614
typedef struct {

615
  UINT32    Type;

616
  UINT32    Length;

617
  UINT8     Value[1];

618
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT;

619


620
typedef union {

621
  TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_MEASUREMENT_BLOCK    SpdmMeasurementBlock;

622
  TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_SPDM_CERT_CHAIN           SpdmCertChain;

623
  TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER_OEM_MEASUREMENT           OemMeasurement;

624
} TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER;

625


626
typedef union {

627
  TCG_DEVICE_SECURITY_EVENT_DATA_PCI_CONTEXT    Pci;

628
  TCG_DEVICE_SECURITY_EVENT_DATA_USB_CONTEXT    Usb;

629
} TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT;

630


631
typedef struct {

632
  TCG_DEVICE_SECURITY_EVENT_DATA_HEADER2           EventDataHeader;

633
  TCG_DEVICE_SECURITY_EVENT_DATA_SUB_HEADER        EventDataSubHeader;

634
  TCG_DEVICE_SECURITY_EVENT_DATA_DEVICE_CONTEXT    DeviceContext;

635
} TCG_DEVICE_SECURITY_EVENT_DATA2;

636


637
#pragma pack()

638


639
//

640
// EventType:EV_NO_ACTION

641
// ======================================================================================================================

642
// NVIndex Name                                PCR/NvIndex  Event Log                            Usage

643
// ======================================================================================================================

644
// NV_EXTEND_INDEX_FOR_INSTANCE                0x01C40200   NV_INDEX_INSTANCE_EVENT_LOG_STRUCT   NV Extend Record for instance data (CertChain)

645
// NV_EXTEND_INDEX_FOR_DYNAMIC                 0x01C40201   NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT    NV Extend Record for dynamic data  (Nonce)

646


647
// EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH   0x01C40202   EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT  Event Log Integrity for ExitPmAuth

648
// EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT  0x01C40203   EVENT_LOG_INTEGRITY_NV_INDEX_STRUCT  Event Log Integrity for ReadyToBoot

649
// ======================================================================================================================

650
//

651


652
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE                0x01C40200

653
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC                 0x01C40201

654
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_EXIT_PM_AUTH   0x01C40202

655
#define TCG_EVENT_LOG_INTEGRITY_NV_INDEX_READY_TO_BOOT  0x01C40203

656


657
#pragma pack(1)

658


659
#define TCG_NV_EXTEND_INDEX_FOR_INSTANCE_SIGNATURE      "NvIndexInstance"

660
#define TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT_VERSION  1

661


662
typedef struct {

663
  UINT8     Signature[16];

664
  UINT16    Version;

665
  UINT8     Reserved[6];

666
  // TCG_DEVICE_SECURITY_EVENT_DATA2  Data;

667
} TCG_NV_INDEX_INSTANCE_EVENT_LOG_STRUCT;

668


669
#define TCG_NV_EXTEND_INDEX_FOR_DYNAMIC_SIGNATURE      "NvIndexDynamic "

670
#define TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_VERSION  1

671


672
#define TCG_SPDM_CHALLENGE_DESCRIPTION         "SPDM CHALLENGE"

673
#define TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION    "SPDM CHALLENGE_AUTH"

674
#define TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION  "SPDM GET_MEASUREMENTS"

675
#define TCG_SPDM_MEASUREMENTS_DESCRIPTION      "SPDM MEASUREMENTS"

676


677
typedef struct {

678
  UINT8     Signature[16];

679
  UINT16    Version;

680
  UINT8     Reserved[6];

681
  UINT64    Uid;

682
  // UINT16                           DescriptionSize;

683
  // UINT8                            Description[DescriptionSize];

684
  // UINT16                           DataSize;

685
  // UINT8                            Data[DataSize];

686
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT;

687


688
typedef struct {

689
  TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT    Header;

690
  UINT16                                   DescriptionSize;

691
  UINT8                                    Description[sizeof (TCG_SPDM_CHALLENGE_DESCRIPTION)];

692
  UINT16                                   DataSize;

693
  UINT8                                    Data[32];

694
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE;

695


696
typedef struct {

697
  TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT    Header;

698
  UINT16                                   DescriptionSize;

699
  UINT8                                    Description[sizeof (TCG_SPDM_CHALLENGE_AUTH_DESCRIPTION)];

700
  UINT16                                   DataSize;

701
  UINT8                                    Data[32];

702
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_CHALLENGE_AUTH;

703


704
typedef struct {

705
  TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT    Header;

706
  UINT16                                   DescriptionSize;

707
  UINT8                                    Description[sizeof (TCG_SPDM_GET_MEASUREMENTS_DESCRIPTION)];

708
  UINT16                                   DataSize;

709
  UINT8                                    Data[32];

710
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_GET_MEASUREMENTS;

711


712
typedef struct {

713
  TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT    Header;

714
  UINT16                                   DescriptionSize;

715
  UINT8                                    Description[sizeof (TCG_SPDM_MEASUREMENTS_DESCRIPTION)];

716
  UINT16                                   DataSize;

717
  UINT8                                    Data[32];

718
} TCG_NV_INDEX_DYNAMIC_EVENT_LOG_STRUCT_SPDM_MEASUREMENTS;

719


720
#pragma pack()

721


722
#endif

723


724