# AmiTcgPlatformDxe

## Function Table

| Address | Name | Description |
|---------|------|-------------|
|  | **sub_46C0** |  |
|  | **sub_4748** |  |
|  | **sub_4860** |  |
|  | **sub_4A10** |  |
|  | **ModuleEntryPoint** |  |
|  | **sub_430** |  |
|  | **sub_69C** |  |
|  | **sub_810** |  |
|  | **sub_A28** |  |
|  | **sub_2060** |  |
|  | **sub_406C** |  |
|  | **sub_306C** |  |
|  | **sub_1300** |  |
|  | **sub_11CC** |  |
|  | **sub_1440** |  |
|  | **sub_16C0** |  |
|  | **sub_17D4** |  |
|  | **sub_1A2C** |  |
|  | **sub_1C88** |  |
|  | **sub_2248** |  |
|  | **sub_6644** |  |
|  | **sub_5F28** |  |
|  | **sub_D74** |  |
|  | **sub_10E8** |  |
|  | **sub_2428** |  |
|  | **sub_3F84** |  |
|  | **sub_3BA0** |  |
|  | **sub_2E70** |  |
| Global | **Variable Definitions** |  |
| Standard | **UEFI global variables from library constructors** |  |
| EFI_HANDLE | **ImageHandle      = NULL;** |  |
| UINT8 | **byte_8D18;                    // SecureBoot status shadow** |  |
| TPM | **platform type shadow** |  |
| Saved | **protocol handle** |  |
| Cached | **HOB list pointer** |  |
| Image | **handle cache** |  |
| HII | **Database Protocol** |  |
| Protocol | **instance slots** |  |
| HII | **Handle** |  |
| Registered | **ready-to-boot event** |  |
| Reset | **type parameter** |  |
| TPM | **presence flag (non-zero = 2.0)** |  |
| GUID | **Definitions** |  |
| Protocol | **notify registrations** |  |
| VOID | ***off_8CB0;** |  |
| GUID | **constants for known algorithm identifiers** |  |
| CONST | **UINT64  xmmword_6B40[2] = { 0, 0 };  // SHA-1 algorithm GUID** |  |
| Default | **algorithm GUID** |  |
| Local | **Helper Functions** |  |
| EFI | **Module Entry Point** |  |
| Save | **UEFI table pointers and locate HII protocols.** |  |
| sub_430 | **(ImageHandle, SystemTable);** |  |
| Register | **HII package list, measure secure variables, and register** |  |
| the | **reset notification callback.** |  |
| return | **sub_69C (ImageHandle);** |  |
| Driver | **Initialization** |  |
| Save | **the image handle and system table.** |  |
| Save | **the boot services and runtime services pointers.** |  |
| BootServices | **= SystemTable->BootServices;** |  |
| Initialize | **the HOB list pointer.** |  |
| sub_5F28 | **();** |  |
| Save | **the image handle for protocol lookups.** |  |
| qword_8D68 | **= sub_4BC4 ();** |  |
| Detect | **TPM type (enable TPM 2.0 path if applicable).** |  |
| if | **(*(CHAR8 *)sub_6000 (1024068) >= 0) {** |  |
| Wait | **for TPM interface to become ready.** |  |
| Locate | **HII protocols.** |  |
| Status | **= BootServices->LocateProtocol (&unk_8BE0, NULL, &qword_8D70);** |  |
| HII | **Package List and Measurement Registration** |  |
| Install | **the HII Package List protocol on our image handle.** |  |
| Locate | **the HII Database protocol and register the package list.** |  |
| Status | **= sub_5E18 ();** |  |
| Locate | **HII Database protocol and register the new package list.** |  |
| Status | **= BootServices->LocateProtocol (&unk_8BD0, NULL, &HiiDatabase);** |  |
| Measure | **secure boot variables (PK, KEK, db, dbx).** |  |
| if | **(EFI_ERROR (sub_1A2C ())) {** |  |
| Write | **a TCG reset-short event and return.** |  |
| sub_D74 | **(7);** |  |
| TCG | **Hash/Extend Event Functions** |  |
| Locate | **the TCG protocol.** |  |
| Status | **= BootServices->LocateProtocol (** |  |
| Allocate | **the TCG event descriptor buffer.** |  |
| Status | **= BootServices->AllocatePages (** |  |
| Allocate | **the event log data buffer.** |  |
| Call | **TcgHashLogExtendEvent.** |  |
| Status | **= TcgProtocol->HashLogExtendEvent (** |  |
| Locate | **the TCG2 protocol.** |  |
| Allocate | **the TCG2 event descriptor (44 extra bytes).** |  |
| Call | **Tcg2HashLogExtendEvent.** |  |
| Status | **= Tcg2Protocol->HashLogExtendEvent (** |  |
| Locate | **TCG2 protocol.** |  |
| Locate | **TCG1.2 protocol for measuring during boot.** |  |
| Check | **if we have already entered this callback.** |  |
| if | **(qword_8D10 != 0) {** |  |
| First | **invocation: measure boot variables and call OpRomStartEnd.** |  |
| Measure | **"Calling EFI Application from Boot Option" event.** |  |
| if | **(IsTpm20) {** |  |
| Measure | **boot variables.** |  |
| if | **(EFI_ERROR (sub_1BCC ())) {** |  |
| Signal | **that we are done with boot measurements.** |  |
| Check | **for TPM physical presence request.** |  |
| if | **(qword_8D10 == 0) {** |  |
| Try | **to locate the physical presence protocol first.** |  |
| if | **(EFI_ERROR (BootServices->LocateProtocol (** |  |
| No | **PPI protocol: issue TPM reset command directly.** |  |
| ResetData | **= 1024;** |  |
| Physical | **Presence Interface (PPI) Functions** |  |
| Try | **to locate an existing PPI protocol handler.** |  |
| if | **(!EFI_ERROR (BootServices->LocateProtocol (** |  |
| Locate | **the TPM Platform Protocol.** |  |
| Read | **TPM PER BIOS flags via TCG Platform Protocol.** |  |
| PerBiosFlags | **= 0;** |  |
| Read | **TPMPERBIOSFLAGS variable.** |  |
| sub_60EC | **(** |  |
| Read | **or initialize the AMITCGPPIVAR variable.** |  |
| Status | **= RuntimeServices->GetVariable (** |  |
| Read | **the TcgINTPPI variable (PPI request code from OS).** |  |
| TcgFlagsSize | **= 7;** |  |
| Process | **PPI request if one is pending.** |  |
| if | **(PpiFlags != 0) {** |  |
| Initialize | **TPM platform type context.** |  |
| TPM | **2.0 path** |  |
| if | **(PpiFlags == 168) {** |  |
| TPM | **Enable + Activate** |  |
| CommandResult | **= sub_10E8 (TcgProtocol, 113, 1, &SetupValue);** |  |
| TPM | **Disable + Deactivate** |  |
| sub_10E8 | **(TcgProtocol, 93, 0, NULL);** |  |
| TPM | **Clear (owner clear + clear control)** |  |
| CommandResult | **= sub_10E8 (TcgProtocol, 32879, 0, NULL);** |  |
| TPM | **1.2 path** |  |
| TPM | **Clear** |  |
| CommandResult | **= sub_10E8 (TcgProtocol, 111, 0, NULL);** |  |
| After | **PPI processing, check for pending AMI PPI VAR and install** |  |
| the | **appropriate protocol notify handler.** |  |
| if | **(PpiRequestNewValue == 13) {** |  |
| PPI | **setup value "PPI request sync" - install the PPI member protocol.** |  |
| if | **(!EFI_ERROR (BootServices->AllocatePool (** |  |
| PPI | **request in range 1-22: install PPI protocol with the** |  |
| appropriate | **handler (sub_3BA0 for user confirmation flows).** |  |
| return | **BootServices->InstallProtocolInterface (** |  |
| Try | **PPI protocol first (already installed).** |  |
| Locate | **TCG1.2 protocol and TCG2 protocol.** |  |
| Get | **TPM capability information.** |  |
| sub_1440 | **(TcgProtocol, TpmCapData);** |  |
| Read | **"TpmOldvar" UEFI variable (tracks previous TPM state).** |  |
| VarSize | **= 3;** |  |
| Variable | **does not exist yet - create it.** |  |
| TpmOldVar | **= TpmPlatformInfo.Enable;** |  |
| Compare | **old TPM state with current state from setup.** |  |
| if | **(Status == EFI_SUCCESS) {** |  |
| TPM | **state changed: sync required.** |  |
| TpmOldVarNew | **= TpmActive;** |  |
| Save | **the platform type context.** |  |
| byte_8D19 | **= PlatformTypeContext[0];** |  |
| Process | **TPM PER BIOS flags and setup synchronisation.** |  |
| Status | **= sub_647C (&SyncRequired);** |  |
| Register | **a periodic timer callback to retry PER BIOS processing.** |  |
| Status | **= BootServices->SetTimer (** |  |
| Update | **the TPM platform type.** |  |
| Check | **if TPM state needs to change.** |  |
| if | **(TpmOldVarNew == TpmActive) {** |  |
| Enable | **was requested.** |  |
| DEBUG | **((EFI_D_INFO, "\n ENABLE == Setup in setup \n"));** |  |
| TPM | **state mismatch: trigger a TPM enable/disable request.** |  |
| DEBUG | **((EFI_D_INFO, "\n TMP_ENABLE != Setup in setup \n"));** |  |
| Apply | **the new TPM state.** |  |
| TPM | **Reset Functions** |  |
| Attempt | **to clear the "LastBootFailed" flag.** |  |
| Issue | **the system reset.** |  |
| Register | **a DoResetNow callback in case ResetSystem failed.** |  |
| Status | **= BootServices->CreateEvent (** |  |
| TCG | **GetCapability** |  |
| Build | **the TPM GetCapability command buffer.** |  |
| TcgCapCmd | **= TPM_ST_NO_SESSIONS;** |  |
| TPM_CC_GetCapability | ***(UINT32 *)((UINT8 *)&TcgCapCmd + 6) = 0x4000000;** |  |
| TPM2_GetCapability | **via the TCG2 protocol.** |  |
| Status | **= ((EFI_STATUS (*)(VOID *, UINT32, VOID *, UINT32, VOID *))(** |  |
| Copy | **capability response to the caller's buffer.** |  |
| CopyMem | **(a2, ResponseBuffer, 36);** |  |
| Decode | **and log capability response fields (byte-order swap).** |  |
| CapDataBytes | **= ((*(UINT32 *)((UINT8 *)a2 + 16) & 0xFF00 |** |  |
| TCG | **Measurement Event Helpers** |  |
| Locate | **TCG protocol.** |  |
| Calculate | **event size and allocate buffer.** |  |
| EventSize | **= sub_4A10 (String);** |  |
| Copy | **event data into the buffer.** |  |
| CopyMem | **(TcgEvent + 1, String, EventSize);** |  |
| Submit | **the measurement.** |  |
| Calculate | **event size and allocate buffer (44 extra bytes for TCG2 header).** |  |
| Copy | **event data after the header (offset 44 for TCG2).** |  |
| CopyMem | **((UINT8 *)TcgEvent + 44, String, EventSize);** |  |
| Secure | **Boot Variable Measurement** |  |
| Initialize | **variable name and event type tables.** |  |
| Select | **the algorithm GUID.** |  |
| if | **((Index >= 3) && (Index <= 4)) {** |  |
| Read | **the UEFI variable.** |  |
| Status | **= sub_18E8 (VariableNames[Index], &Guid, &VariableSize);** |  |
| Check | **if this is the SecureBoot variable.** |  |
| if | **(Index == 0) {** |  |
| Option | **ROM Measurement** |  |
| TPM | **2.0 measurement path.** |  |
| TPM | **1.2 measurement path.** |  |
| PCI | **I/O Protocol Notify and OpROM Measurement** |  |
| Locate | **all handles that support the OpRomStartEnd protocol.** |  |
| Status | **= BootServices->LocateHandle (** |  |
| Open | **the OpRomStartEnd protocol on each handle.** |  |
| if | **(!EFI_ERROR (Status)) {** |  |
| Determine | **PFA from the PCI I/O protocol.** |  |
| Pfa | **= sub_1234 (OpRomStartEnd);** |  |
| Measure | **the option ROM image.** |  |
| sub_1C88 | **(RomImage, (UINT32)RomSize, Pfa);** |  |
| TPM | **PER BIOS Flag Processing** |  |
| Compute | **the TPM tag ("TPM_" = 0x5F504D54 as an integer** |  |
| written | **into the buffer).** |  |
| TpmTag | **= 1600085855;  // Magic constant for tag search** |  |
| Search | **for the tag in the buffer.** |  |
| FieldOffset | **= -1;** |  |
| Check | **if the preceding byte is a valid continuation indicator.** |  |
| if | **(((*(BytePtr - 1) - 92) & 0xFD) == 0) {** |  |
| Determine | **the value type and update accordingly.** |  |
| if | **(*(BytePtr - 1) == 8) {** |  |
| Found | **a valid field - examine its type.** |  |
| switch | **(*(BytePtr + 4)) {** |  |
| UINT8 | **- only update if the new value fits.** |  |
| if | **(NewValue >= 2) {** |  |
| HOB | **List Initialization** |  |
| HII | **String Retrieval** |  |
| Validate | **HII handle.** |  |
| ASSERT | **(qword_9420 != NULL);** |  |
| Get | **the HII package list for the given handle.** |  |
| PackageList | **= sub_63D8 (qword_9420);** |  |
| Try | **to get the string via HII String Protocol.** |  |
| if | **(((EFI_STATUS (*)(VOID *, UINT16 *, UINT64, UINT16** |  |
| Allocate | **a temporary buffer for the string.** |  |
| StringPtr | **= sub_69E0 (StringSize);** |  |
| Write | **TCG Reset-Short Event** |  |
| Build | **the TCG_PCR_EVENT structure.** |  |
| Call | **HashLogExtendEvent.** |  |
| return | **((EFI_STATUS (*)(VOID *, INT32 *, UINT32, UINT32** |  |
| TCG | **Command Submission** |  |
| Build | **the TPM command buffer and call SubmitCommand via** |  |
| the | **protocol interface (offset +24 from protocol base).** |  |
| The | **exact buffer format depends on the TPM command type** |  |
| and | **the TCG/TCG2 protocol version.** |  |
| return | **((UINT32 (*)(VOID *, UINT32, UINT32, UINT32, UINT32))(** |  |

---
*Generated by HR650X BIOS Decompilation Project*