# AmiTpm20PlatformPei - TPM 2.0 Platform PEIM

## Binary Information
- **File**: AmiTpm20PlatformPei.efi
- **MD5**: 25c2ce5883bbe0ec3af8f070073ce99d
- **SHA256**: 60bd49067898d0f6639b2b05218a81ff22c875670fc5bf5189d724fdbd1cf39b
- **Architecture**: IA32 (32-bit)
- **Base Address**: 0xffe21a14
- **Image Size**: 0xafc0 (45,504 bytes)
- **Index**: 0392

## Source Files
- `AmiModulePkg/TCG2/Common/AmiTcgPlatformPei/AmiTpm20PlatformPei.c` - Main platform PEIM
- `PurleyPlatPkg/BootGuard/BootGuardTCG2/BootGuardTCG2.c` - Boot Guard TCG2 support

## Module Statistics
- Total Functions: 100
- Total Strings: 197
- Total Segments: 6 (.text, .rdata, .data, .reloc, HEADER, GAP)
- Entry Point: `_ModuleEntryPoint` at 0xffe21e04
- Main Entry: `AmiTpm20PlatformPeiEntry` at 0xffe2361b

## All Functions (sorted by address)

| Address | Name | Description |
|---------|------|-------------|
| 0xffe21c74 | `RdRand16` | RDRAND instruction wrapper |
| 0xffe21cc4 | `BaseCopyMem` | Overlap-safe memory copy |
| 0xffe21d04 | `BaseSetMem8` | Fill memory region with byte value |
| 0xffe21d44 | `BaseDivU64x32Remainder` | 64/32-bit division with remainder |
| 0xffe21d64 | `BaseSetMem32` | Fill memory with 32-bit values |
| 0xffe21e04 | `_ModuleEntryPoint` | PEI module entry point |
| 0xffe21e34 | `AmiTpm20GetPpiPointer` | Get PPI pointer from PEI services |
| 0xffe21efd | `AmiTpm20GetTrEEProtocol` | Obtain TrEE protocol instance |
| 0xffe21f2d | `AmiTpm20SubmitCommand` | Submit raw TPM command via protocol/SubmitCommand |
| 0xffe22064 | `AmiTpm20CreateTpmHob` | Create TCG/TPM GUID HOB |
| 0xffe220ba | `MeasureLogDxeFwVol` | Measure and log DXE firmware volumes into TPM |
| 0xffe2240f | `Tpm2GetCapability` | Send TPM2_GetCapability command |
| 0xffe224e1 | `Tpm2GetFwVersion` | Read TPM firmware version info |
| 0xffe22590 | `Tpm2SelfTest` | Send TPM2_SelfTest command |
| 0xffe22726 | `Tpm2HierarchyChangeAuth` | TPM2_HierarchyChangeAuth command |
| 0xffe22873 | `Tpm2GetRandom` | TPM2_GetRandom with error handling |
| 0xffe229f5 | `Tpm2SetPhRandomization` | Set TPM physical randomization |
| 0xffe22ac0 | `AmiTpm20PlatformPeiCheckError` | ASSERT_EFI_ERROR wrapper |
| 0xffe22c52 | `AmiTpm20HandleTpmResume` | Handle TPM resume failure scenario |
| 0xffe22d3f | `Tpm2Startup` | Send TPM2_Startup command, check response |
| 0xffe230d5 | `AmiTpm20IsFirstBoot` | Check first-boot scenario via monotonic counter |
| 0xffe23163 | `MeasureTcgPcClientSpecId` | Measure TCG_PCClientSpecID event |
| 0xffe23392 | `AmiTpm20GetTpmFwVolHobFromGuid` | Get TPM FW Vol HOB matching GUID |
| 0xffe233d0 | `AmiTpm20InstallTpmFwVolHobs` | Install TPM FW Vol HOBs from BootGuard/ROM areas |
| 0xffe2361b | `AmiTpm20PlatformPeiEntry` | Main platform PEIM entry function |
| 0xffe23796 | `AsciiStrnCpy_s` | Safe ASCII string copy |
| 0xffe237f1 | `SwapBytes16` | 16-bit byte swap |
| 0xffe2380a | `WriteUnaligned16` | Unaligned 16-bit write |
| 0xffe23839 | `ReadUnaligned32` | Unaligned 32-bit read |
| 0xffe23868 | `ReadUnaligned64` | Unaligned 64-bit read |
| 0xffe23894 | `WriteUnaligned32` | Unaligned 32-bit write |
| 0xffe238c8 | `CopyMem` | Copy memory with source/dest overlap assertions |
| 0xffe23937 | `SetMem` | Set memory with assertion guards |
| 0xffe23975 | `BaseIsEqualMemGuid` | Compare two GUIDs for equality |
| 0xffe239a6 | `BaseIsZeroGuid` | Check if GUID is zero |
| 0xffe23a05 | `InternalGetBestGuid` | Find best matching GUID |
| 0xffe23a23 | `IoRead32` | I/O port 32-bit read |
| 0xffe23a4f | `IoWrite32` | I/O port 32-bit write |
| 0xffe23a81 | `BaseReadMsr64` | RDMSR wrapper |
| 0xffe23aa9 | `DebugPrint` | Debug output via PEI debug protocol |
| 0xffe23ad3 | `AmiTpm20LocatePpi` | Locate PPI by GUID |
| 0xffe23af1 | `GetGuidHobDataSize` | Get data size from GUID HOB |
| 0xffe23b37 | `Tpm20MeasureDigest` | TPM 2.0 digest/hash computation core |
| 0xffe24d71 | `InitHashContext` | Initialize hash context structure |
| 0xffe24d9c | `HashUpdateSha256` | SHA-256 hash update |
| 0xffe24e32 | `HashUpdateSha1` | SHA-1 hash update |
| 0xffe24ef3 | `HashUpdateSha384` | SHA-384 hash update |
| 0xffe24f44 | `Tpm20HashAll` | Multi-algorithm hash all (SHA1/256/384/512) |
| 0xffe27758 | `InitHashContextSm3` | Initialize SM3 hash context |
| 0xffe2779b | `HashUpdateSm3` | SM3 (Chinese national crypto) hash update |
| 0xffe2783b | `HashUpdateSha512` | SHA-512 hash update |
| 0xffe279ca | `Tpm12HashAll` | TPM 1.2 hash all |
| 0xffe27a4d | `Tpm12HashExport` | TPM 1.2 hash export |
| 0xffe27a88 | `Tpm20HashDigestExtend` | Hash digest extend across PCR banks |
| 0xffe28807 | `Tpm20MettleHashAll` | Alternate hash-all for mettle/policy |
| 0xffe2888a | `Tpm20MettleHashUpdate` | Alternate hash update |
| 0xffe2892a | `Tpm20MettleHashComplete` | Alternate hash complete/finalize |
| 0xffe28a34 | `BootGuardIsTpmPresent` | Check TPM presence at MMIO 0xFED40030 |
| 0xffe28a68 | `BootGuardGetTpmType` | Get TPM type from MMIO register |
| 0xffe28abd | `BootGuardFindFitEntry` | Find FIT (Firmware Interface Table) entry pointer |
| 0xffe28bb7 | `BootGuardIsAcmPostSuccess` | Check if ACM POST was successful |
| 0xffe28bda | `BootGuardGetFitEntryCount` | Count FIT entries |
| 0xffe28c1b | `BootGuardInitialize` | Initialize Boot Guard subsystem |
| 0xffe28c36 | `BootGuardCheckCapability` | Check Boot Guard capability (MSR 0x13A) |
| 0xffe28c88 | `BootGuardPrintHexBuffer` | Print hex dump for debug |
| 0xffe28cd2 | `BootGuardPrintStructId` | Print structure identifier |
| 0xffe28d17 | `BootGuardCheckMsrBootState` | Check NEM/MeasureBoot/TPM state in MSR 0x13A |
| 0xffe28da0 | `BootGuardReadFitPointer` | Read FIT pointer register |
| 0xffe28df9 | `BootGuardReadBpmMsr` | Read BPM MSR |
| 0xffe28e44 | `BootGuardGetTcgHob` | Get TCG HOB for event logs |
| 0xffe28eef | `CreateBootGuardTpm12Event` | Create TPM 1.2 Boot Guard event |
| 0xffe28fa4 | `LogBootGuardTpm20Event` | Log TPM 2.0 Boot Guard event |
| 0xffe2912c | `CreateBootGuardTpm20Event` | Create TPM 2.0 Boot Guard event |
| 0xffe2927e | `BootGuardFindBpmStruct` | Locate BPM (Boot Policy Manifest) structure |
| 0xffe29315 | `BootGuardCheckAmiTreePpi` | Check for AMI TrEE PPI presence |
| 0xffe293e0 | `BootGuardDetectTpmDevice` | Detect TPM device type (1.2, 2.0, PTT) |
| 0xffe2950d | `BootGuardFindFitEntryInTable` | Find specific entry in FIT table |
| 0xffe2956f | `LogTpm20LocalityStartup` | Log TPM 2.0 locality startup event |
| 0xffe295da | `BootGuardSkipLogAuthority` | Skip logging authority event |
| 0xffe29650 | `LogAuthorityPcrEvent` | Log authority PCR event with BP data |
| 0xffe29805 | `LogDetailPcrEvent` | Log detailed PCR event (MSRs, ACM_STATUS, KM/BPM structures) |
| 0xffe29ade | `LogTxtTpm12CrtmEvent` | Log TXT TPM 1.2 CRTM event via FIT table |
| 0xffe29d13 | `LogTxtTpm20CrtmEvent` | Log TXT TPM 2.0 CRTM event via FIT table |
| 0xffe29fcd | `BootGuardTcg2MeasureCrtm` | Boot Guard CRTM measurement (main orchestrator) |
| 0xffe2a1f0 | `BootGuardFitGetEntryType` | Get FIT entry type |
| 0xffe2a23f | `PeiServicesGetPointer` | Get PEI Services pointer |
| 0xffe2a271 | `BaseReadIdtr` | Read IDT register |
| 0xffe2a2b1 | `InternalGetHobList` | Get HOB list pointer |
| 0xffe2a31f | `GetFirstHob` | Get first HOB from list |
| 0xffe2a364 | `GetNextHob` | Get next HOB from list |
| 0xffe2a390 | `GetFirstGuidHob` | Get first GUID-type HOB |
| 0xffe2a3a4 | `GetNextGuidHob` | Get next GUID-type HOB |
| 0xffe2a3f4 | `BuildGuidHob` | Build GUID HOB |
| 0xffe2a43a | `IoWrite8` | I/O port 8-bit write |
| 0xffe2a498 | `BootGuardGetPcdPttSkip` | Get PCD for PTT skip (returns 0) |
| 0xffe2a49b | `BootGuardPcdGetFunc` | Boot Guard PCD get function |
| 0xffe2a4df | `LibPcdGet32` | PCD 32-bit value getter |
| 0xffe2a4eb | `LibPcdSet32` | PCD 32-bit value setter with bitwise OR |
| 0xffe2a4fc | `LibPcdGetPtr` | PCD pointer getter |
| 0xffe2a6b8 | `LShiftU64` | 64-bit left shift |

## Key Functions Details

### AmiTpm20PlatformPeiEntry (0xffe2361b)
Main entry function of the PEIM. It performs:
1. Locates TrEE protocols and PPIs
2. Calls Tpm2Startup() to initialize the TPM
3. On first boot, disables EH (Error Handling) and SH (Session Handling)
4. If TPM 2.0 device found, calls MeasureTcgPcClientSpecId() to measure Spec ID Event
5. Calls BootGuardTcg2MeasureCrtm() for Boot Guard CRTM measurement
6. Calls AmiTpm20InstallTpmFwVolHobs() to install firmware volume HOBs

### BootGuardTcg2MeasureCrtm (0xffe29fcd)
Main Boot Guard measurement function. It:
1. Reads FIT pointer from MMIO 0xFED300A0
2. Checks Boot Guard capability (MSR 0x13A)
3. Iterates FIT entries to find Measured S-CRTM entries
4. Logs detailed PCR events for each measured component
5. Creates TXT TPM 1.2/2.0 CRTM events

## Decompilation Output
- `AmiTpm20PlatformPei_decompiled.c` - Full decompiled C source (100 functions, 5232 lines)
- `AmiTpm20PlatformPei.h` - Function prototypes header
- `AmiTpm20PlatformPei_report.md` - This report
- IDB saved to: `0392_AmiTpm20PlatformPei.../AmiTpm20PlatformPei.efi.i64`