/** @file Header file for Boot Guard Lib implementation. @copyright INTEL CONFIDENTIAL Copyright 2021 Intel Corporation. The source code contained or described herein and all documents related to the source code ("Material") are owned by Intel Corporation or its suppliers or licensors. Title to the Material remains with Intel Corporation or its suppliers and licensors. The Material may contain trade secrets and proprietary and confidential information of Intel Corporation and its suppliers and licensors, and is protected by worldwide copyright and trade secret laws and treaty provisions. No part of the Material may be used, copied, reproduced, modified, published, uploaded, posted, transmitted, distributed, or disclosed in any way without Intel's prior express written permission. No license under any patent, copyright, trade secret or other intellectual property right is granted to or conferred upon you by disclosure or delivery of the Materials, either expressly, by implication, inducement, estoppel or otherwise. Any license under such intellectual property rights must be express and approved by Intel in writing. Unless otherwise agreed by Intel in writing, you may not remove or alter this notice or any other notice embedded in Materials by Intel or Intel's suppliers or licensors in any way. This file contains an 'Intel Peripheral Driver' and is uniquely identified as "Intel Reference Module" and is licensed for Intel CPUs and chipsets under the terms of your license agreement with Intel or your vendor. This file may be modified by the user, subject to additional terms of the license agreement. @par Specification Reference: **/ #ifndef _BOOT_GUARD_LIB_C1SH_ #define _BOOT_GUARD_LIB_C1SH_ /// /// The TPM category, TPM 1.2, TPM 2.0 and PTT are defined. /// typedef enum { TpmNone = 0, ///< 0: No TPM device present on system dTpm12, ///< 1: TPM 1.2 device present on system dTpm20, ///< 2: TPM 2.0 device present on system Ptt, ///< 3: PTT present on system TpmTypeMax ///< 4: Unknown device } TPM_TYPE; /// /// Information related to Boot Guard Configuration. /// typedef struct { BOOLEAN MeasuredBoot; ///< Report Measured Boot setting in Boot Guard profile. 0: Disable; 1: Enable. /** ByPassTpmInit is set to 1 if Boot Guard ACM does TPM initialization successfully. - 0: No TPM initialization happen in Boot Guard ACM. - 1: TPM initialization is done by Boot Guard ACM. **/ BOOLEAN BypassTpmInit; TPM_TYPE TpmType; ///< Report what TPM device is available on system. BOOLEAN BootGuardCapability; ///< Value is set to 1 if chipset is Boot Guard capable. /** Value is set to 1 if microcode failed to load Boot Guard ACM or ENF Shutdown path is taken by ME FW. - 0: BIOS TPM code continue with TPM initization based on MeasuredBoot. - 1: BIOS TPM code is not to do any futher TPM initization and extends. **/ BOOLEAN DisconnectAllTpms; /** It is indicated BIOS TPM code is not to create DetailPCR or AuthorityPCR event log if Sx resume type is S3, Deep-S3, or iFFS Resume. - 0: Create TPM event log if not Sx Resume Type. - 1: Bypass TPM Event Log if Sx Resume Type is identified. **/ BOOLEAN ByPassTpmEventLog; /** This field indicates that the ACM's Tpm2Startup (State) command failed during S3 resume. - 0: Successful Tpm2Startup (State) - 1: Failure during Tpm2Startup (State). BIOS will need to perform a cold reset to handle the error. **/ BOOLEAN TpmStartupFailureOnS3; } BOOT_GUARD_INFO; /** Determine if Boot Guard is supported @retval TRUE - Processor is Boot Guard capable. @retval FALSE - Processor is not Boot Guard capable. **/ BOOLEAN IsBootGuardSupported ( VOID ); /** Handle Tpm2Startup (State) failures reported by ACM. The function checks for the TpmStartupFailureOnS3 flag if TRUE it will request the system to perform a cold reset. @param[in] *BootGuardInfo - Pointer to BootGuardInfo. **/ VOID HandleTpmStartupFailureOnS3( IN BOOT_GUARD_INFO *BootGuardInfo ); /** Report platform specific Boot Guard information. @param[out] *BootGuardInfo - Pointer to BootGuardInfo. **/ VOID GetBootGuardInfo ( OUT BOOT_GUARD_INFO *BootGuardInfo ); #endif