# Tpm20PlatformDxe

## Function Table

| Address | Name | Description |
|---------|------|-------------|
|  | **ModuleEntryPoint** |  |
|  | **InitUefiServices** |  |
|  | **Tpm20PlatformDriverEntry** |  |
|  | **CompleteTpm20PlatformInit** |  |
|  | **GetTpmPpiRequest** |  |
|  | **Tpm20PpiCallback** |  |
|  | **InstallTpm20HiiPackage** |  |
|  | **Tpm20OnVariableLock** |  |
|  | **SidPpiCallback** |  |
|  | **CreateReadyToBootEvent** |  |
|  | **MeasureSecureBootVariables** |  |
|  | **MeasureVariable** |  |
|  | **MeasureGpt** |  |
|  | **Sha256Init** |  |
|  | **Sha256Update** |  |
|  | **Sha256Final** |  |
|  | **Sm3Hash** |  |
|  | **Sha512Init** |  |
|  | **Sha512Update** |  |
|  | **Sha384Final** |  |
|  | **Sha512Final** |  |
|  | **MeasureFirmwareImage** |  |
|  | **Tpm2HashSequenceSha256** |  |
|  | **UnicodeSPrint** |  |
|  | **Sha512MessageSchedule** |  |
|  | **InitializeAmiTcgPpiVar** |  |
|  | **AmiSetVariable** |  |
| Global | **Data** |  |
| UINT64 | **gImageHandle;           // qword_12A48** |  |
| qword_12A38 | **UINT64  gBS;                    // qword_12A40** |  |
| qword_12A50 | **UINT64  gTcg2Protocol;          // qword_12A78** |  |
| qword_129E8 | **(unk_129E8)** |  |
| qword_12A00 | **UINT64  gTpm20Ppi;              // qword_12A28** |  |
| qword_12A30 | **UINT8   gTpmPerBiosFlags;       // byte_12AD8** |  |
| byte_12AD9 | **UINT8   gTpmPerBiosFlags3;      // byte_12ADA** |  |
| byte_12AD4 | **(n0x80)** |  |
| word_12ADC | **UINT32  gAmiTcgPpiVar[6];      // dword_12AD0** |  |
| qword_12A20 | **//** |  |
| Module | **Entry Point** |  |
| Internal | **Initialization** |  |
| Initialize | **global data structures** |  |
| Locate | **and initialize TCG platform protocol** |  |
| Enable | **write protection if not already enabled** |  |
| Check | **if Local APIC is enabled for delay calibration** |  |
| Locate | **HII Database protocol** |  |
| Main | **Driver Entry** |  |
| Step | **1: Read TPMPERBIOSFLAGS variable** |  |
| DataSize | **= 6;** |  |
| Variable | **not found - set defaults** |  |
| gTpmPerBiosFlags | **= 1;** |  |
| Step | **2: Determine PPI request from AMI TCG PPI variable** |  |
| gPpiRequest | **= GetTpmPpiRequest (&gAmiTcgPpiVar[0]);** |  |
| Step | **3: If PPI request is active, install HII + PPI protocol** |  |
| if | **(gPpiRequest && gPpiRequest <= 0x80) {** |  |
| No | **PPI request - install variable lock callback** |  |
| if | **((*(UINT64 (__fastcall **)(UINT64, UINT64, UINT64 (__fastcall *)(), UINT64, UINT64 *))(gBS + 80))(** |  |
| Step | **4: Locate TCG2 protocol for TPM measurements** |  |
| Status | **= (*(UINT64 (__fastcall **)(VOID *, UINT64, UINT64 *))(gBS + 320))(** |  |
| Complete | **TPM 2.0 Platform Initialization** |  |
| Step | **1: Measure Secure Boot variables** |  |
| Status | **= PrepareSecureBootMeasurement ();** |  |
| Step | **2: Measure SID (Storage ID) via PPI** |  |
| MeasureSidPpi | **(7);** |  |
| Step | **3: Register BDS TCG TPM2 ready-to-boostrap callback** |  |
| Status | **= CreateReadyToBootEvent (8, SidPpiCallback2, 0, &Registration);** |  |
| Step | **4: Initialize TPM platform hardware** |  |
| Status2 | **= InitializeTpmPlatformHardware ();** |  |
| Step | **5: Register TPM platform hardware init callback** |  |
| Status | **= (*(UINT64 (__fastcall **)(UINT64, UINT64, UINT64 (__fastcall *)(), UINT64, UINT8 *))(gBS + 80))(** |  |
| Step | **6: Register TPM platform ready-to-boot callback** |  |
| Status2 | **= RegisterTpmPlatformReadyBoot (16, Tpm20PlatformReadyBoot, 0, &gEfiTpm20PlatformProtocolGuid);** |  |
| TPM | **PPI Request Handler** |  |
| Attempt | **to read AMITCGPPIVAR** |  |
| if | **((*(INT64 (__fastcall **)(const UINT16 *, VOID *, INT32 *, UINT64 *, INT32 *))(gRT + 72))(** |  |
| Variable | **not found - initialize to zero** |  |
| PpiState | **= 0;** |  |
| Variable | **exists - check if we need to migrate from AMITCGPPIVAR2** |  |
| if | **(!PpiState &&** |  |
| Migrate | **AMITCGPPIVAR2 (version 23) to AMITCGPPIVAR** |  |
| TPM | **PPI Handler (called via event notification)** |  |
| Process | **TPM PPI request** |  |
| This | **function handles TPM enable/disable/clear operations** |  |
| based | **on the gPpiRequest value** |  |
| return | **HandleTpm20PpiRequest ();** |  |
| Install | **HII Package List for TPM PPI** |  |
| Install | **HII package list protocol on ImageHandle** |  |
| Status | **= (*(INT64 (__fastcall **)(EFI_HANDLE, VOID *, UINT64 *, EFI_HANDLE, UINT64, INT32))(gBS + 280))(** |  |
| Call | **HiiDatabase->NewPackageList to register the HII package** |  |
| NewPackageList | **= (*(UINT64 (__fastcall **)(UINT64, UINT64, UINT64, UINT64))HiiDatabase)(** |  |
| Variable | **Lock Callback** |  |
| SID | **PPI Callback** |  |
| Read | **TcgSIDVariable** |  |
| Status | **= (*(INT64 (__fastcall **)(const UINT16 *, VOID *, INT32 *, UINT64 *, UINT64 *))(gRT + 72))(** |  |
| Check | **UEFI spec version (>= 2.0 supports CreateEventEx)** |  |
| if | **(*(UINT32 *)(gST + 8) >= 0x20000) {** |  |
| ReadyToBoot | **GUID** |  |
| Secure | **Boot Measurement** |  |
| 0x80000001 | **(EFI_GLOBAL_VARIABLE)** |  |
| Read | **SecureBoot variable** |  |
| VarSize | **= 23;** |  |
| Zero | **the buffer** |  |
| Read | **and measure SecureBoot** |  |
| VarName | **= L"SecureBoot";** |  |
| Read | **and measure PK** |  |
| VarSize | **= DataSize;** |  |
| Read | **and measure KEK** |  |
| Read | **and measure db** |  |
| Read | **and measure dbx** |  |
| Finalize | **measurement** |  |
| Tpm2PcrExtend | **(1, 50694677);** |  |
| Free | **allocated buffer** |  |
| Measure | **variable into TPM** |  |
| TCG | **PC Client Platform Firmware Profile Specification** |  |
| Measure | **variable Name + VendorGuid + Data into PCR** |  |
| return | **Tpm2MeasureVariable (PcrIndex, EventType, VarName, VendorGuid, Data, DataSize);** |  |
| GPT | **Measurement** |  |
| Initialize | **local variables** |  |
| Check | **if GPT already measured** |  |
| if | **(gGptMeasurementCount > 0) {** |  |
| Locate | **Block I/O protocol and Disk I/O protocol** |  |
| if | **((*(INT64 (__fastcall **)(UINT64, VOID *, UINT64 *))(gBS + 152))(** |  |
| Allocate | **buffer for partition table header** |  |
| Status | **= (*(INT64 (__fastcall **)(UINT64, UINT64, UINT64 *))(gBS + 64))(** |  |
| Read | **partition table header** |  |
| Look | **for GPT protective MBR signature (0xEE)** |  |
| Read | **GPT header** |  |
| Allocate | **buffer for partition entries** |  |
| Read | **partition entries** |  |
| Status | **= (*(INT64 (__fastcall **)(UINT64, UINT64, UINT64, UINT64, UINT64))(DiskIo + 8))(** |  |
| Count | **valid partition entries** |  |
| GptHeader | **= GptBlockIo;** |  |
| Allocate | **buffer for combined GPT data** |  |
| BufferSize | **= GptValidEntries * *(UINT32 *)(GptBlockIo + 84) + 100;** |  |
| Zero | **and populate GPT data buffer** |  |
| EV_EFI_GPT_EVENT | ***(UINT32 *)((UINT8 *)Action + 342) = BufferSize;** |  |
| Copy | **GPT header to buffer** |  |
| GptEntry | **= GptDiskIo;** |  |
| Extend | **GPT measurement into TPM** |  |
| if | **(ValidIndex) {** |  |
| TPM | **2.0 Hash Algorithm Implementations** |  |
| It | **implements the SHA-256 message schedule and compression loop** |  |
| It | **implements the SHA-512 message schedule and compression loop** |  |
| It | **processes TPM PPI requests (enable/disable/clear).** |  |
| It | **prepares the 80 64-bit words for the SHA-512 compression loop.** |  |
| It | **handles SID (Storage ID) PPI UI interactions.** |  |
| Initialize | **SHA-256 context with initial hash values (H0-H7)** |  |
| H0 | **= 0x6a09e667, H1 = 0xbb67ae85, H2 = 0x3c6ef372, H3 = 0xa54ff53a** |  |
| H4 | **= 0x510e527f, H5 = 0x9b05688c, H6 = 0x1f83d9ab, H7 = 0x5be0cd19** |  |
| sub_B6EC | **(Context);** |  |
| Firmware | **Image Measurement** |  |
| Validate | **parameters** |  |
| if | **(DebugEnabled (64) && DebugLevelEnabled (64)) {** |  |
| Locate | **TCG2 protocol if not already available** |  |
| if | **(!gTpm20PpiContext) {** |  |
| Locate | **TPM platform protocol** |  |
| Build | **PPI action structure** |  |
| Number | **of events** |  |
| EV_EFI_BOOT_SERVICES_APPLICATION | **AlgCount          = 16;** |  |
| Determine | **active PCR banks and iterate** |  |
| ActivePcrBanks | **= *(UINT8 *)(Tcg2Protocol + 6);** |  |
| Sha256Init | **(Sha256Context);** |  |
| if | **((*(UINT32 *)(Tcg2Protocol + 24) & 1) != 0) {** |  |
| TPM2_ALG_SHA256 | **Sha256Final (Sha256Context, (UINT8 *)&HashAlg);** |  |
| TPM2_ALG_SM3_256 | **Sm3Hash (Sm3Context, &HashAlg);** |  |
| TPM2_ALG_SHA384 | **Sha384Final (Sm3Context, &HashAlg);** |  |
| TPM2_ALG_SHA512 | **Sha512Final (AlignedBuffer, &HashAlg);** |  |
| TPM2_HMAC | **session approach for SHA-256 (via TCG protocol)** |  |
| Hash | **sequence start** |  |
| DataSize | **= 4;** |  |
| Hash | **sequence update** |  |
| Hash | **sequence complete** |  |
| SequenceResult | **= 64;** |  |
| TPM2_ALG_SHA256 | **(HMAC)** |  |
| Open | **hash sequence** |  |
| Hash | **the data** |  |
| Complete | **hash sequence and get result** |  |
| UEFI | **String Print Library (Unicode SPrint wrapper)** |  |
| IDA | **pseudocode reference: sub_8FB8** |  |
| Implements | **assertion checks for Buffer, Format, and BufferSize limits.** |  |
| Wraps | **the internal BasePrintLib SPrint function.** |  |
| Buffer | **!= NULL** |  |
| BufferSize | **<= PcdMaximumUnicodeStringLength** |  |
| return | **0;** |  |
| IDA | **pseudocode reference: sub_E220** |  |
| This | **function:** |  |
| AMI | **TCG PPI Variable Initialization** |  |
| AMI | **Set Variable (wrapper for gRT->SetVariable)** |  |
| Stub | **Forward Declarations (to be resolved with renamed functions)** |  |
| sub_17F8 | **-> PrepareSecureBootMeasurement** |  |
| sub_6AC | **-> MeasureSidPpi** |  |
| sub_7A80 | **-> InitializeTpmPlatformHardware** |  |
| sub_7C84 | **-> FinalizeTpm20PlatformInit** |  |
| sub_1EA4 | **-> SendEnableBlockSidCommand** |  |
| sub_2210 | **-> SidPpiCallback2 (SID callback variant)** |  |
| sub_2544 | **-> Tpm2BdsCallback** |  |
| sub_6F14 | **-> TpmPlatformHardwareInit** |  |
| sub_70E8 | **-> Tpm20PlatformReadyBoot** |  |
| sub_7D0C | **-> HandleTpm20PpiRequest** |  |
| sub_8C64 | **-> LocateTcgPlatformProtocol** |  |
| sub_8D8C | **-> DebugPrint** |  |
| sub_8E14 | **-> AssertHandler** |  |
| sub_8E54 | **-> DebugEnabled** |  |
| sub_8E58 | **-> DebugLevelEnabled** |  |
| sub_8A5C | **-> CompareMemory** |  |
| sub_A24C | **-> RegisterTpmPlatformReadyBoot** |  |
| sub_A3EC | **-> InitializeAmiTcgPpiVar** |  |
| sub_A470 | **-> GetMemoryConfig** |  |
| sub_B4C | **-> Tpm2MeasureVariable** |  |
| sub_B6EC | **-> Sha256InitCore** |  |
| sub_B718 | **-> Sha256UpdateCore** |  |
| sub_B7E4 | **-> Sha256FinalCore** |  |
| sub_CCC | **-> MeasureGpt** |  |
| sub_DEB8 | **-> Sm3Init** |  |
| sub_DEFC | **-> Sm3Update** |  |
| sub_DFCC | **-> Sm3Final** |  |
| sub_E154 | **-> Sha512InitCore** |  |
| sub_E1D8 | **-> Sha384FinalCore** |  |
| sub_E774 | **-> Sha512Sm3Init** |  |
| sub_E7F8 | **-> Sha512Sm3Update** |  |
| sub_E8D0 | **-> Sha512FinalCore** |  |
| sub_EEE8 | **-> AmiSetVariable** |  |
| sub_EEC4 | **-> Tpm2PcrExtend** |  |
| sub_F900 | **-> EnableWriteProtection** |  |
| sub_F934 | **-> ReadTimeStampCounter** |  |
| sub_3D0 | **-> CpuPause** |  |
| sub_3E0 | **-> EnableInterruptFlag** |  |
| sub_3F0 | **-> SetInterruptFlag** |  |
| sub_400 | **-> ClearInterruptFlag** |  |
| sub_410 | **-> ReadControlRegister** |  |

---
*Generated by HR650X BIOS Decompilation Project*