/* SPDX-License-Identifier: GPL-2.0-only */ #ifndef SECURITY_INTEL_TXT_REGISTER_H_ #define SECURITY_INTEL_TXT_REGISTER_H_ #include <types.h> /* * Document: 315168-016 * Intel Trusted Execution Technology (Intel TXT) * Software Development Guide * Chapter B */ #define TXT_BASE 0xfed30000UL #define TXT_STS (TXT_BASE + 0) #define TXT_ESTS (TXT_BASE + 8) #define TXT_ESTS_TXT_RESET_STS (1 << 0) /* * Chapter 6 * Intel Trusted Execution Technology Lab Handout */ #define TXT_ESTS_WAKE_ERROR_STS (1 << 6) #define TXT_ERROR (TXT_BASE + 0x30) #define ACMERROR_TXT_VALID (1ul << 31) #define ACMERROR_TXT_EXTERNAL (1ul << 30) #define ACMERROR_TXT_PROGRESS_SHIFT 16 #define ACMERROR_TXT_MINOR_SHIFT 15 #define ACMERROR_TXT_MAJOR_SHIFT 10 #define ACMERROR_TXT_CLASS_SHIFT 4 #define ACMERROR_TXT_TYPE_SHIFT 0 #define ACMERROR_TXT_PROGRESS_CODE (0xffull << ACMERROR_TXT_PROGRESS_SHIFT) #define ACMERROR_TXT_MINOR_CODE (0x01ull << ACMERROR_TXT_MINOR_SHIFT) #define ACMERROR_TXT_MAJOR_CODE (0x1full << ACMERROR_TXT_MAJOR_SHIFT) #define ACMERROR_TXT_CLASS_CODE (0x3full << ACMERROR_TXT_CLASS_SHIFT) #define ACMERROR_TXT_TYPE_CODE (0x0full << ACMERROR_TXT_TYPE_SHIFT) #define ACMERROR_TXT_AC_MODULE_TYPE_BIOS 0 #define ACMERROR_TXT_AC_MODULE_TYPE_SINIT 1 #define TXT_ERROR_MASK (0x3ff << 0) #define TXT_CMD_RESET (TXT_BASE + 0x38) #define TXT_CMD_CLOSE_PRIVATE (TXT_BASE + 0x48) /* Present in Document Number: 315168-016. */ #define TXT_SPAD (TXT_BASE + 0xa0) #define ACMSTS_IBB_MEASURED (1ull << 63) #define ACMSTS_VERIFICATION_ERROR (1ull << 62) #define ACMSTS_BG_STARTUP_ERROR (1ull << 61) /* CBnT platforms only */ #define ACMSTS_TXT_DISABLED (1ull << 60) /* disabled by FIT type 0xA record */ #define ACMSTS_BIOS_TRUSTED (1ull << 59) #define ACMSTS_MEM_CLEAR_POWER_DOWN (1ull << 47) #define ACMSTS_TXT_STARTUP_SUCCESS (1ull << 30) #define TXT_VER_FSBIF (TXT_BASE + 0x100) #define TXT_VER_PRODUCTION_FUSED (1ull << 31) #define TXT_DIDVID (TXT_BASE + 0x110) /* * Chapter 6 * Intel Trusted Execution Technology Lab Handout */ #define TXT_CAPABILITIES (TXT_BASE + 0x200) #define TXT_CAPABILITIES_DPR (1ull << 26) #define TXT_CAPABILITIES_PMRC (1ull << 19) #define TXT_VER_QPIIF (TXT_BASE + 0x200) #define TXT_SINIT_BASE (TXT_BASE + 0x270) #define TXT_SINIT_SIZE (TXT_BASE + 0x278) #define TXT_MLE_JOIN (TXT_BASE + 0x290) #define TXT_HEAP_BASE (TXT_BASE + 0x300) #define TXT_HEAP_SIZE (TXT_BASE + 0x308) /* * Chapter 6 * Intel Trusted Execution Technology Lab Handout */ #define TXT_MSEG_BASE (TXT_BASE + 0x310) #define TXT_MSEG_SIZE (TXT_BASE + 0x318) /* * Chapter 5.4.2.1 * Intel Trusted Execution Technology Lab Handout */ #define TXT_BIOSACM_ERRORCODE (TXT_BASE + 0x328) #define TXT_DPR (TXT_BASE + 0x330) #define TXT_ACM_KEY_HASH (TXT_BASE + 0x400) #define TXT_ACM_KEY_HASH_LEN 0x4 #define TXT_STS_FTIF (TXT_BASE + 0x800) #define TXT_LPC_TPM_PRESENT 0x10000 /* Location of TPM: 001b - LPC TPM */ #define TXT_SPI_TPM_PRESENT 0x50000 /* Location of TPM: 101b - SPI TPM */ #define TXT_PTT_PRESENT 0x70000 /* Location of TPM: 111b - PTT present and active */ #define TXT_E2STS (TXT_BASE + 0x8f0) #define TXT_E2STS_SECRET_STS (1ull << 1) /* * TCG PC Client Platform TPM Profile (PTP) Specification * * Note: Only locality 0 registers are publicly accessible. */ #define TPM_BASE_ADDR 0xfed40000UL #define TPM_ACCESS_REG (TPM_BASE_ADDR + 0x00) /* * TXT Memory regions * Chapter 5.3 * Intel Trusted Execution Technology Lab Handout */ #define TXT_PRIVATE_SPACE 0xfed20000UL #define TXT_PUBLIC_SPACE 0xfed30000UL #define TXT_TPM_DECODE_AREA 0xfed40000UL #define TXT_RESERVED_SPACE 0xfed50000UL #define TXT_RESERVED_SPACE_SIZE 0x3ffff /* ESI flags for GETSEC[ENTERACCS] see Reference Number: 323372-017 */ #define ACMINPUT_SCLEAN 0 #define ACMINPUT_RESET_TPM_AUXILIARY_INDICIES 2 #define ACMINPUT_NOP 3 #define ACMINPUT_SCHECK 4 #define ACMINPUT_CLEAR_SECRETS 5 #define ACMINPUT_LOCK_CONFIG 6 /* * GetSec EAX value. * SAFER MODE EXTENSIONS REFERENCE. * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2 * Order Number: 325383-060US */ #define IA32_GETSEC_CAPABILITIES 0 #define IA32_GETSEC_ENTERACCS 2 #define IA32_GETSEC_SENTER 4 #define IA32_GETSEC_SEXIT 5 #define IA32_GETSEC_PARAMETERS 6 #define IA32_GETSEC_SMCTRL 7 #define IA32_GETSEC_WAKEUP 8 #define GETSEC_PARAMS_TXT_EXT_CRTM_SUPPORT (1ul << 5) #define GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK (1ul << 6) /* ACM defines */ #define INTEL_ACM_VENDOR 0x00008086 #define ACM_FORMAT_FLAGS_PW 0x00000000 #define ACM_FORMAT_FLAGS_NPW (1 << 14) #define ACM_FORMAT_FLAGS_DEBUG (1 << 15) /* Old ACMs are power of two aligned, newer ACMs are not */ #define ACM_FORMAT_SIZE_64KB (64 * KiB / 4) #define ACM_FORMAT_SIZE_128KB (128 * KiB / 4) #define ACM_FORMAT_SIZE_256KB (256 * KiB / 4) /* MSRs */ #define IA32_MCG_STATUS 0x17a /* DPR register layout, either in PCI config space or TXT MMIO space */ union dpr_register { struct { uint32_t lock : 1; /* [ 0.. 0] */ uint32_t prs : 1; /* [ 1.. 1] and only present on PCI config */ uint32_t epm : 1; /* [ 2.. 2] and only present on PCI config */ uint32_t : 1; uint32_t size : 8; /* [11.. 4] */ uint32_t : 8; uint32_t top : 12; /* [31..20] */ }; uint32_t raw; }; typedef enum { CHIPSET_ACM = 2, } acm_module_type; typedef enum { BIOS = 0, SINIT = 1, } acm_module_sub_type; /* * ACM Header v0.0 without dynamic part * Chapter A.1 * Intel TXT Software Development Guide (Document: 315168-015) */ struct __packed acm_header_v0 { uint16_t module_type; uint16_t module_sub_type; uint32_t header_len; uint16_t header_version[2]; uint16_t chipset_id; uint16_t flags; uint32_t module_vendor; uint32_t date; uint32_t size; uint16_t txt_svn; uint16_t se_svn; uint32_t code_control; uint32_t error_entry_point; uint32_t gdt_limit; uint32_t gdt_ptr; uint32_t seg_sel; uint32_t entry_point; uint8_t reserved2[64]; uint32_t key_size; uint32_t scratch_size; uint8_t rsa2048_pubkey[256]; uint32_t pub_exp; uint8_t rsa2048_sig[256]; uint32_t scratch[143]; uint8_t user_area[]; }; struct __packed acm_info_table { uint8_t uuid[16]; uint8_t chipset_acm_type; uint8_t version; uint16_t length; uint32_t chipset_id_list; uint32_t os_sinit_data_ver; uint32_t min_mle_hdr_ver; uint32_t capabilities; uint8_t acm_ver; uint8_t reserved[3]; }; /* * Extended Data Elements * Chapter C.1 * Intel TXT Software Development Guide (Document: 315168-015) */ struct __packed txt_extended_data_element_header { uint32_t type; uint32_t size; uint8_t data[0]; }; #define HEAP_EXTDATA_TYPE_END 0 #define HEAP_EXTDATA_TYPE_BIOS_SPEC_VER 1 #define HEAP_EXTDATA_TYPE_ACM 2 #define HEAP_EXTDATA_TYPE_CUSTOM 4 struct __packed txt_bios_spec_ver_element { struct txt_extended_data_element_header header; uint16_t ver_major; uint16_t ver_minor; uint16_t ver_revision; }; /* Used when only the BIOS ACM is included in CBFS */ struct __packed txt_heap_acm_element1 { struct txt_extended_data_element_header header; uint32_t num_acms; // must greater 0, smaller than 3 uint64_t acm_addrs[1]; }; /* Used when both BIOS and SINIT ACMs are included in CBFS */ struct __packed txt_heap_acm_element2 { struct txt_extended_data_element_header header; uint32_t num_acms; // must greater 0, smaller than 3 uint64_t acm_addrs[2]; }; /* * BIOS Data Format * Chapter C.2 * Intel TXT Software Development Guide (Document: 315168-015) */ struct __packed txt_biosdataregion { uint32_t version; uint32_t bios_sinit_size; uint64_t lcp_pd_base; uint64_t lcp_pd_size; uint32_t no_logical_procs; uint32_t sinit_flags; union { uint32_t mle_flags; struct { uint32_t support_acpi_ppi : 1; uint32_t platform_type : 2; }; }; u8 extended_data_elements[0]; }; void txt_dump_regions(void); void txt_dump_chipset_info(void); void txt_dump_acm_info(const struct acm_header_v0 *acm_header); void txt_dump_getsec_parameters(void); #endif /* SECURITY_INTEL_TXT_REGISTER_H_ */