Fork: 0
ajax / AMI-Aptio-BIOS-Reversed
Transfer to URL with SHA Find file
Newer
Older
AMI-Aptio-BIOS-Reversed / TpmClearOnRollbackSmm / README.md
@Ajax Dong Ajax Dong 2 days ago 1 KB Init
Raw Blame History

TpmClearOnRollbackSmm

Field Value
Index 236
Module TpmClearOnRollbackSmm
Size 9,728 bytes
Phase SMM

Overview

TpmClearOnRollbackSmm is an SMM module that monitors firmware version rollback events and triggers TPM clearing when a rollback is detected. This protects TPM-sealed data from being exposed to older firmware versions that may have known security vulnerabilities. The module runs in SMM context, intercepts firmware boot flows, and communicates TPM clear operations via SMM protocols.

Key Functions

  • ModuleEntryPoint: Entry point that initializes the module and registers rollback detection handlers.
  • sub_51C: Rollback detection setup and SMI handler registration.
  • sub_808: Core rollback policy evaluation and TPM clear orchestration.
  • sub_B10: Cleanup and notification path for rollback events.

Dependencies

  • UEFI system table and boot services
  • SMM base protocol
  • TPM hardware interface and TCG protocols
  • Firmware version information HOBs or variables
  • SMM communication protocol

Platform

HR650X server platform, x64 architecture. Runs in SMM context as a security-critical component protecting TPM integrity across firmware version changes.