tpm.h 2.3 KB raw

#ifndef LIB__TPM_H__
#define LIB__TPM_H__
​
#include <stdint.h>
#include <stddef.h>
#include <stdbool.h>
​
// PCR allocation, following the GRUB convention:
//   PCR 8: kernel command line and other authoritative strings
//   PCR 9: kernel image, initrd, devicetree, and other binary blobs
#define TPM_PCR_BOOT_AUTH       8
#define TPM_PCR_LOADED_IMAGES   9
​
// TCG PC Client Platform Firmware Profile event types
#define TPM_EV_IPL              0x0000000d
​
#if defined (UEFI)
​
void tpm_init(void);
​
// True if a TCG2 or CC measurement protocol is available.
bool tpm_present(void);
​
void tpm_measure(uint32_t pcr, uint32_t event_type,
                 const void *data, size_t data_size,
                 const char *desc_prefix, const char *desc_value);
​
// Measure a config-supplied URI string into the given PCR with any trailing
// `#<hash>` suffix stripped, so the digest captures only the policy-stable
// portion (resource, root, path, and any `$` decompression marker). The
// event description shows the same stripped string.
void tpm_measure_path(uint32_t pcr, uint32_t event_type,
                      const char *desc_prefix, const char *path);
​
// Capture the firmware TCG2 event log into bootloader-reclaimable memory
// and expose the raw event stream. `format` receives the TCG event log
// format identifier (1 = TCG 1.2, 2 = TCG 2.0 crypto-agile). Returns false
// if no TPM is present or capture failed.
bool tpm_get_event_log(uint32_t *format, void **address, size_t *size);
​
// Free the captured event log buffer. Subsequent tpm_get_event_log() calls
// return false.
void tpm_release_event_log(void);
​
// Compute the in-memory size of one TCG 2.0 crypto-agile event entry.
// `header` must point to the spec-ID event at the start of the log; it
// carries the per-algorithm digest sizes needed to walk variable-length
// digest lists. Returns 0 on malformed input.
uint32_t tpm_calc_event_size(const void *event, const void *header);
​
// Locate the firmware's final-events table for the active measurement
// protocol (EFI_TCG2_FINAL_EVENTS_TABLE_GUID for TCG2, or
// EFI_CC_FINAL_EVENTS_TABLE_GUID for CC). Both tables share the same
// {Version, NumberOfEvents, Events[]} layout. Returns NULL if no TPM/CC
// interface is active or the table isn't present.
void *tpm_get_final_events_table(void);
​
#endif
​
#endif

tab: 2 4 8 wrap: off on

1	#ifndef LIB__TPM_H__
2	#define LIB__TPM_H__
3
4	#include <stdint.h>
5	#include <stddef.h>
6	#include <stdbool.h>
7
8	// PCR allocation, following the GRUB convention:
9	// PCR 8: kernel command line and other authoritative strings
10	// PCR 9: kernel image, initrd, devicetree, and other binary blobs
11	#define TPM_PCR_BOOT_AUTH 8
12	#define TPM_PCR_LOADED_IMAGES 9
13
14	// TCG PC Client Platform Firmware Profile event types
15	#define TPM_EV_IPL 0x0000000d
16
17	#if defined (UEFI)
18
19	void tpm_init(void);
20
21	// True if a TCG2 or CC measurement protocol is available.
22	bool tpm_present(void);
23
24	void tpm_measure(uint32_t pcr, uint32_t event_type,
25	const void *data, size_t data_size,
26	const char desc_prefix, const char desc_value);
27
28	// Measure a config-supplied URI string into the given PCR with any trailing
29	// `#<hash>` suffix stripped, so the digest captures only the policy-stable
30	// portion (resource, root, path, and any `$` decompression marker). The
31	// event description shows the same stripped string.
32	void tpm_measure_path(uint32_t pcr, uint32_t event_type,
33	const char desc_prefix, const char path);
34
35	// Capture the firmware TCG2 event log into bootloader-reclaimable memory
36	// and expose the raw event stream. `format` receives the TCG event log
37	// format identifier (1 = TCG 1.2, 2 = TCG 2.0 crypto-agile). Returns false
38	// if no TPM is present or capture failed.
39	bool tpm_get_event_log(uint32_t format, void address, size_t size);
40
41	// Free the captured event log buffer. Subsequent tpm_get_event_log() calls
42	// return false.
43	void tpm_release_event_log(void);
44
45	// Compute the in-memory size of one TCG 2.0 crypto-agile event entry.
46	// `header` must point to the spec-ID event at the start of the log; it
47	// carries the per-algorithm digest sizes needed to walk variable-length
48	// digest lists. Returns 0 on malformed input.
49	uint32_t tpm_calc_event_size(const void event, const void header);
50
51	// Locate the firmware's final-events table for the active measurement
52	// protocol (EFI_TCG2_FINAL_EVENTS_TABLE_GUID for TCG2, or
53	// EFI_CC_FINAL_EVENTS_TABLE_GUID for CC). Both tables share the same
54	// {Version, NumberOfEvents, Events[]} layout. Returns NULL if no TPM/CC
55	// interface is active or the table isn't present.
56	void *tpm_get_final_events_table(void);
57
58	#endif
59
60	#endif