# TcgPlatformSetupPolicy ## Function Table | Address | Name | Description | |---------|------|-------------| | | **ReportAssert** | | | | **CompareGuid** | | | | **ReadUnaligned64** | | | | **TpmBootPathCmosCheck** | | | | **TcgPlatformInitPolicyFromSetup** | | | | **TcgPlatformSetPolicyData** | | | | **TcgPlatformSetupPolicyNotify** | | | | **TcgPlatformSetupPolicyDxeEntryPoint** | | | GUID | **Definitions** | | | TCG | **Platform Setup Policy Protocol GUID:** | | | EFI_GUID | **gTcgPlatformSetupPolicyProtocolGuid = TCG_PLATFORM_SETUP_POLICY_PROTOCOL_GUID;** | | | TCG | **Internal Sync Flag variable GUID:** | | | EFI_GUID | **gTcgInternalSyncFlagGuid = TCG_INTERNAL_SYNC_FLAG_GUID;** | | | Setup | **variable GUID:** | | | EFI_GUID | **gSetupVariableGuid = SETUP_VARIABLE_GUID;** | | | EFI_GUID | **gPcrBitmapVariableGuid = PCR_BITMAP_VARIABLE_GUID;** | | | Global | **Variables** | .data section (0x1410..0x1467) | | mTcgPolicyBuffer | **-- qword_1410** | | | The | **allocated protocol interface buffer (40 bytes allocated, 32 used).** | | | byte | **[0] = Revision (3)** | | | bytes | **[1..27] = TCG_PLATFORM_SETUP_POLICY data** | | | TCG_PLATFORM_SETUP_POLICY_PROTOCOL | ***mTcgPolicyProtocol = NULL;** | | | mHobList | **-- qword_1440** | | | Cached | **pointer to the HOB list, located from the system configuration table.** | | | VOID | ***mHobList = NULL;** | | | mDebugProtocol | **-- qword_1438** | | | Cached | **pointer to the debug/assert protocol interface.** | | | Located | **(under TPL protection) and cached on first use.** | | | Protocol | **interface has a function pointer at offset +8 for assert.** | | | VOID | ***mDebugProtocol = NULL;** | | | mVariableAttributes | **-- n3 at 0x1448** | | | Attributes | **used for GetVariable/SetVariable calls.** | | | Set | **to 3 (EFI_VARIABLE_NON_VOLATILE | EFI_VARIABLE_BOOTSERVICE_ACCESS).** | | | UINT32 | **mVariableAttributes = 3;** | | | Shadow | **copies of policy bytes** | byte_1450..byte_1466 | | These | **are populated by the entry point and can be read by external** | | | debug | **tools or other firmware components via direct memory access.** | | | UINT8 | **mTpm1Enable = 0; // byte_1450** | Policy[0]: TPM 1.2 Enable | | byte_1451 | **-- Policy[1]: TPM Operation** | | | byte_1452 | **-- Policy[2]: TPM 2.0 Enable** | | | byte_1453 | **-- Policy[3]: TPM Select** | | | byte_1454 | **-- (not set by entry point)** | | | byte_1455 | **-- Policy[5]: PCR Bank TPM2** | | | byte_1456 | **-- Policy[6]: PCR Bank TPM1.2** | | | byte_1458 | **-- Policy[8]: TPM 1.2 Support** | | | byte_1459 | **-- Policy[9]: TPM 2.0 Support** | | | byte_145A | **-- Policy[10]: TPM Existence** | | | byte_145D | **-- Policy[13]: TPM Policy** | | | byte_145E | **-- Policy[15]: TPM Physical Presence** | | | byte_145F | **-- Policy[16]: (reserved / extra)** | | | byte_1460 | **-- (not set)** | | | byte_1463 | **(actually at 0x1462 in IDA, but Policy[19])** | | | byte_1464 | **-- Policy[20]** | | | byte_1465 | **-- Policy[21]** | | | byte_1466 | **-- Policy[22]** | | | dword_1467 | **-- Policy[23..26]** | | | Library | **Helpers** | | | Raise | **TPL to TPL_HIGH_LEVEL (31) to guard against re-entrancy.** | | | OldTpl | **= gBS->RaiseTPL (TPL_HIGH_LEVEL);** | | | Only | **proceed if the system was at TPL_NOTIFY or below.** | | | if | **(OldTpl <= TPL_NOTIFY) {** | | | Locate | **the debug protocol via its custom GUID.** | | | The | **actual GUID is proprietary to Lenovo.** | | | The | **function pointer is at offset +8 in the protocol interface.** | | | AssertFunc | **= (VOID (*)(CONST CHAR8 *, UINTN, CONST CHAR8 *))** | | | HOB | **list not found** | assert (this is a fatal firmware error). | | ReportAssert | **(** | | | Write | **CMOS address 0x4B to port 0x70 (preserving NMI disable bit 7).** | | | IoWrite8 | **(0x70, (IoRead8 (0x70) & 0x80) | 0x4B);** | | | Read | **the TPM boot path value from CMOS port 0x71.** | | | CmosValue | **= IoRead8 (0x71);** | | | Read | **the platform type register at MMIO 0xFDAF0490.** | | | CmosValue | **= (IoRead8 (0xFDAF0490) & 2) | 1;** | | | Translate | **CMOS value:** | | | CmosValue | **== 1 -> TPM boot is disabled** | | | CmosValue | **== 2 -> TPM1 boot path** | | | CmosValue | **== 3 -> TPM2 boot path** | | | if | **(CmosValue == 1) {** | | | Feature | **0x8000000C (debug print) is active.** | | | ExecuteFunc | **= (UINT64 (*)(UINT32, UINT64, ...))** | | | Features | **0x80000004-0x8000000C may be active.** | | | return | **(BOOLEAN)((FeatureMask & TCG_BOOT_PATH_ENABLE) != 0);** | | | Core | **Driver Functions** | | | Zero | **the entire 27-byte policy structure.** | | | ZeroMem | **(Bytes, TCG_PLATFORM_SETUP_POLICY_DATA_SIZE);** | | | Map | **each Setup field to the corresponding policy byte.** | | | TPM1 | **Enable** | | | TPM | **Operation** | | | TPM | **Select** | | | PCR | **Bank TPM2** | | | PCR | **Bank TPM1.2** | | | TPM1 | **Support** | | | TPM | **Existence** | | | TPM | **Policy** | | | TPM | **Physical Presence** | | | TPM | **Firmware Update** | | | TPM | **Supplier Config** | | | TPM | **Supplier** | | | TPM | **Device** | | | PCR | **Bitmap: DWORD at Setup offsets 38-41.** | | | PcrBitmapValue | **= SetupBuffer[38];** | | | Update | **shadow global variables from the policy data.** | | | mTpm1Enable | **= Bytes[ 0];** | | | Read | **the current Setup variable.** | | | Attributes | **= mVariableAttributes;** | | | Write | **back all policy fields at their respective Setup offsets.** | | | PCR | **Bitmap DWORD at offsets 38-41.** | | | PcrBitmapCopy | **= *(UINT32 *)(Bytes + 23);** | | | Write | **the modified Setup variable.** | | | Status | **= gRT->SetVariable (** | | | Apply | **PCR variable flags (bits 0-4 -> SHA1/SHA256/SHA384/SHA512/SM3).** | | | Read | **the PCRBitmap variable.** | | | PcrBitmapSize | **= sizeof (PcrBitmapArray);** | | | Apply | **PCR enable bits to policy.** | | | Bit | **0 -> Bytes[4] = 1 (SHA1 enable** | v12 in dec) | | Bit | **1 -> Bytes[5] = 1 (SHA256 enable** | v13 in dec) | | Bit | **2 -> Bytes[6] = 1 (SHA384 enable** | v14 in dec) | | Bit | **3 -> Bytes[7] = 1 (SHA512 enable** | v15 in dec) | | Bit | **4 -> Bytes[8] = 1 (SM3 enable** | v16 in dec) | | if | **(PcrBitmapArray[0] & 1) Bytes[4] = 1;** | | | Write | **TcgInternalSyncFlag to 1 to signal sync completion.** | | | Set | **the sync flag in policy** | | | Variable | **does not exist yet; create it.** | | | Notification | **Callback** | | | Locate | **our protocol interface.** | | | Status | **= gBS->LocateProtocol (** | | | Copy | **the 27-byte policy data from the protocol interface (offset 1).** | | | Call | **the SetPolicy function (at offset 32 in the protocol interface).** | | | Close | **the notification event.** | | | Driver | **Entry Point** | | | The | **UEFI core initializes gImageHandle, gST, gBS, gRT in the** | | | library | **constructors. sub_DD8 (GetHobList) is called here in the** | | | original | **decompilation.** | | | GetHobList | **();** | | | Allocate | **runtime pool for the protocol interface (40 bytes).** | | | Status | **= gBS->AllocatePool (** | | | Read | **the TcgInternalSyncFlag to check for pending sync.** | | | SyncFlagSize | **= 1;** | | | Read | **the Setup variable.** | | | Initialize | **policy from Setup.** | | | Propagate | **TcgInternalSyncFlag.** | | | if | **(SyncFlagSize == 1) {** | | | Read | **PCRBitmap variable and apply PCR enable bits.** | | | Apply | **PCR bits to the policy structure (v12..v16 fields).** | | | UINT8 | ***PolicyBytes = (UINT8 *)&mTcgPolicyProtocol->PolicyData;** | | | v12 | **if (PcrBitmapArray[0] & 1) PolicyBytes[ 4] = 1; // SHA1** | | | SHA256 | **(actually** | | | already | **set from** | | | Setup | **variable not found; policy was zeroed by ZeroMem.** | | | Cache | **all policy fields to shadow global variables.** | | | byte_1450 | **mTpmOperation = Bytes[ 1]; // byte_1451** | | | byte_1452 | **mTpmSelect = Bytes[ 3]; // byte_1453** | | | byte_1454 | **-- NOT saved to global!** | | | byte_1455 | **mPcrBankTpm12 = Bytes[ 6]; // byte_1456** | | | byte_1458 | **mTpm2Support = Bytes[ 9]; // byte_1459** | | | byte_145A | **// Bytes[11]; // byte_145B** | NOT saved to global! | | byte_145D | **mTpmPhysicalPresence = Bytes[15]; // byte_145E** | | | byte_145F | **// Bytes[17]; // byte_1460** | NOT saved to global! | | byte_1462 | **mTpmSupplierConfig = Bytes[20]; // byte_1463** | | | byte_1464 | **mTpmDevice = Bytes[22]; // byte_1465** | | | dword_1467 | **}** | | | Install | **the protocol on ImageHandle.** | | | Type | **= EVT_NOTIFY_SIGNAL (512), NotifyTpl = TPL_CALLBACK (8)** | | | NotifyFunction | **= TcgPlatformSetupPolicyNotify** | | | notification | **event fails.** | | | Function | **Summary for Reference** | | | Address | **Name Size Role** | | | 0x280 | **ZeroBuffer 17 memset(buf, val, size)** | | | 0x350 | **_ModuleEntryPoint 184 UEFI entry, calls sub_DD8 + sub_860** | | | 0x408 | **TcgPlatformSetPolicyData 1002 Read Setup, merge policy, write NV** | | | 0x7F4 | **TcgPlatformSetupPolicyNotify 107 Locate protocol, copy policy, call SetPolicy** | | | 0x860 | **TcgPlatformSetupPolicyDxe.. 990 Main entry: alloc, init, install protocol** | | | 0xC40 | **ZeroMem/SetMem 80 Wrapper for ZeroBuffer** | | | 0xC90 | **LocateDebugProtocol 127 RaiseTPL, LocateProtocol, cache result** | | | 0xD10 | **TpmBootPathCmosCheck 136 Read CMOS 0x4B for TPM boot path** | | | 0xD98 | **ReportAssert 62 Call assert via debug protocol offset+8** | | | 0xDD8 | **GetHobList 214 Search config table for gEfiHobListGuid** | | | 0xEB0 | **ReadUnaligned64 47 64-bit unaligned read with NULL check** | | | 0xEE0 | **CompareGuid 110 Compare two GUIDs via 64-bit halves** | | --- *Generated by HR650X BIOS Decompilation Project*