| 1 | /** @file
|
|---|
| 2 |
|
|---|
| 3 | Extends one of the RTMR measurement registers in TDCS with the provided
|
|---|
| 4 | extension data in memory.
|
|---|
| 5 |
|
|---|
| 6 | Copyright (c) 2020 - 2021, Intel Corporation. All rights reserved.<BR>
|
|---|
| 7 | SPDX-License-Identifier: BSD-2-Clause-Patent
|
|---|
| 8 |
|
|---|
| 9 | **/
|
|---|
| 10 |
|
|---|
| 11 | #include <Library/BaseLib.h>
|
|---|
| 12 | #include <Library/DebugLib.h>
|
|---|
| 13 | #include <Uefi/UefiBaseType.h>
|
|---|
| 14 | #include <Library/TdxLib.h>
|
|---|
| 15 | #include <Library/BaseMemoryLib.h>
|
|---|
| 16 | #include <IndustryStandard/Tpm20.h>
|
|---|
| 17 | #include <IndustryStandard/Tdx.h>
|
|---|
| 18 |
|
|---|
| 19 | #define RTMR_COUNT 4
|
|---|
| 20 | #define TD_EXTEND_BUFFER_LEN (64 + 48)
|
|---|
| 21 |
|
|---|
| 22 | UINT8 mExtendBuffer[TD_EXTEND_BUFFER_LEN];
|
|---|
| 23 |
|
|---|
| 24 | /**
|
|---|
| 25 | This function extends one of the RTMR measurement register
|
|---|
| 26 | in TDCS with the provided extension data in memory.
|
|---|
| 27 | RTMR extending supports SHA384 which length is 48 bytes.
|
|---|
| 28 |
|
|---|
| 29 | @param[in] Data Point to the data to be extended
|
|---|
| 30 | @param[in] DataLen Length of the data. Must be 48
|
|---|
| 31 | @param[in] Index RTMR index
|
|---|
| 32 |
|
|---|
| 33 | @return EFI_SUCCESS
|
|---|
| 34 | @return EFI_INVALID_PARAMETER
|
|---|
| 35 | @return EFI_DEVICE_ERROR
|
|---|
| 36 |
|
|---|
| 37 | **/
|
|---|
| 38 | EFI_STATUS
|
|---|
| 39 | EFIAPI
|
|---|
| 40 | TdExtendRtmr (
|
|---|
| 41 | IN UINT32 *Data,
|
|---|
| 42 | IN UINT32 DataLen,
|
|---|
| 43 | IN UINT8 Index
|
|---|
| 44 | )
|
|---|
| 45 | {
|
|---|
| 46 | EFI_STATUS Status;
|
|---|
| 47 | UINT64 TdCallStatus;
|
|---|
| 48 | UINT8 *ExtendBuffer;
|
|---|
| 49 |
|
|---|
| 50 | Status = EFI_SUCCESS;
|
|---|
| 51 |
|
|---|
| 52 | ASSERT (Data != NULL);
|
|---|
| 53 | ASSERT (DataLen == SHA384_DIGEST_SIZE);
|
|---|
| 54 | ASSERT (Index < RTMR_COUNT);
|
|---|
| 55 |
|
|---|
| 56 | if ((Data == NULL) || (DataLen != SHA384_DIGEST_SIZE) || (Index >= RTMR_COUNT)) {
|
|---|
| 57 | return EFI_INVALID_PARAMETER;
|
|---|
| 58 | }
|
|---|
| 59 |
|
|---|
| 60 | // TD.RTMR.EXTEND requires 64B-aligned guest physical address of
|
|---|
| 61 | // 48B-extension data. We use ALIGN_POINTER(Pointer, 64) to get
|
|---|
| 62 | // the 64B-aligned guest physical address.
|
|---|
| 63 | ExtendBuffer = ALIGN_POINTER (mExtendBuffer, 64);
|
|---|
| 64 | ASSERT (((UINTN)ExtendBuffer & 0x3f) == 0);
|
|---|
| 65 |
|
|---|
| 66 | ZeroMem (ExtendBuffer, SHA384_DIGEST_SIZE);
|
|---|
| 67 | CopyMem (ExtendBuffer, Data, SHA384_DIGEST_SIZE);
|
|---|
| 68 |
|
|---|
| 69 | TdCallStatus = TdCall (TDCALL_TDEXTENDRTMR, (UINT64)(UINTN)ExtendBuffer, Index, 0, 0);
|
|---|
| 70 |
|
|---|
| 71 | if (TdCallStatus == TDX_EXIT_REASON_SUCCESS) {
|
|---|
| 72 | Status = EFI_SUCCESS;
|
|---|
| 73 | } else if (TdCallStatus == TDX_EXIT_REASON_OPERAND_INVALID) {
|
|---|
| 74 | Status = EFI_INVALID_PARAMETER;
|
|---|
| 75 | } else {
|
|---|
| 76 | Status = EFI_DEVICE_ERROR;
|
|---|
| 77 | }
|
|---|
| 78 |
|
|---|
| 79 | if (Status != EFI_SUCCESS) {
|
|---|
| 80 | DEBUG ((DEBUG_ERROR, "Error returned from TdExtendRtmr call - 0x%lx\n", TdCallStatus));
|
|---|
| 81 | }
|
|---|
| 82 |
|
|---|
| 83 | return Status;
|
|---|
| 84 | }
|
|---|
