blob: 2137715edb19ec317dfacce84fdc070d2b35558d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
/* SPDX-License-Identifier: GPL-2.0-only */
#ifndef SECURITY_INTEL_TXT_REGISTER_H_
#define SECURITY_INTEL_TXT_REGISTER_H_
#include <types.h>
/*
* Document: 315168-016
* Intel Trusted Execution Technology (Intel TXT)
* Software Development Guide
* Chapter B
*/
#define TXT_BASE 0xfed30000UL
#define TXT_STS (TXT_BASE + 0)
#define TXT_ESTS (TXT_BASE + 8)
#define TXT_ESTS_TXT_RESET_STS (1 << 0)
/*
* Chapter 6
* Intel Trusted Execution Technology Lab Handout
*/
#define TXT_ESTS_WAKE_ERROR_STS (1 << 6)
#define TXT_ERROR (TXT_BASE + 0x30)
#define ACMERROR_TXT_VALID (1ul << 31)
#define ACMERROR_TXT_EXTERNAL (1ul << 30)
#define ACMERROR_TXT_PROGRESS_SHIFT 16
#define ACMERROR_TXT_MINOR_SHIFT 15
#define ACMERROR_TXT_MAJOR_SHIFT 10
#define ACMERROR_TXT_CLASS_SHIFT 4
#define ACMERROR_TXT_TYPE_SHIFT 0
#define ACMERROR_TXT_PROGRESS_CODE (0xffull << ACMERROR_TXT_PROGRESS_SHIFT)
#define ACMERROR_TXT_MINOR_CODE (0x01ull << ACMERROR_TXT_MINOR_SHIFT)
#define ACMERROR_TXT_MAJOR_CODE (0x1full << ACMERROR_TXT_MAJOR_SHIFT)
#define ACMERROR_TXT_CLASS_CODE (0x3full << ACMERROR_TXT_CLASS_SHIFT)
#define ACMERROR_TXT_TYPE_CODE (0x0full << ACMERROR_TXT_TYPE_SHIFT)
#define ACMERROR_TXT_AC_MODULE_TYPE_BIOS 0
#define ACMERROR_TXT_AC_MODULE_TYPE_SINIT 1
#define TXT_ERROR_MASK (0x3ff << 0)
#define TXT_CMD_RESET (TXT_BASE + 0x38)
#define TXT_CMD_CLOSE_PRIVATE (TXT_BASE + 0x48)
/* Present in Document Number: 315168-016. */
#define TXT_SPAD (TXT_BASE + 0xa0)
#define ACMSTS_IBB_MEASURED (1ull << 63)
#define ACMSTS_VERIFICATION_ERROR (1ull << 62)
#define ACMSTS_BG_STARTUP_ERROR (1ull << 61) /* CBnT platforms only */
#define ACMSTS_TXT_DISABLED (1ull << 60) /* disabled by FIT type 0xA record */
#define ACMSTS_BIOS_TRUSTED (1ull << 59)
#define ACMSTS_MEM_CLEAR_POWER_DOWN (1ull << 47)
#define ACMSTS_TXT_STARTUP_SUCCESS (1ull << 30)
#define TXT_VER_FSBIF (TXT_BASE + 0x100)
#define TXT_VER_PRODUCTION_FUSED (1ull << 31)
#define TXT_DIDVID (TXT_BASE + 0x110)
/*
* Chapter 6
* Intel Trusted Execution Technology Lab Handout
*/
#define TXT_CAPABILITIES (TXT_BASE + 0x200)
#define TXT_CAPABILITIES_DPR (1ull << 26)
#define TXT_CAPABILITIES_PMRC (1ull << 19)
#define TXT_VER_QPIIF (TXT_BASE + 0x200)
#define TXT_SINIT_BASE (TXT_BASE + 0x270)
#define TXT_SINIT_SIZE (TXT_BASE + 0x278)
#define TXT_MLE_JOIN (TXT_BASE + 0x290)
#define TXT_HEAP_BASE (TXT_BASE + 0x300)
#define TXT_HEAP_SIZE (TXT_BASE + 0x308)
/*
* Chapter 6
* Intel Trusted Execution Technology Lab Handout
*/
#define TXT_MSEG_BASE (TXT_BASE + 0x310)
#define TXT_MSEG_SIZE (TXT_BASE + 0x318)
/*
* Chapter 5.4.2.1
* Intel Trusted Execution Technology Lab Handout
*/
#define TXT_BIOSACM_ERRORCODE (TXT_BASE + 0x328)
#define TXT_DPR (TXT_BASE + 0x330)
#define TXT_ACM_KEY_HASH (TXT_BASE + 0x400)
#define TXT_ACM_KEY_HASH_LEN 0x4
#define TXT_E2STS (TXT_BASE + 0x8f0)
#define TXT_E2STS_SECRET_STS (1ull << 1)
/*
* TCG PC Client Platform TPM Profile (PTP) Specification
*
* Note: Only locality 0 registers are publicly accessible.
*/
#define TPM_BASE 0xfed40000UL
#define TPM_ACCESS_REG (TPM_BASE + 0x00)
/*
* TXT Memory regions
* Chapter 5.3
* Intel Trusted Execution Technology Lab Handout
*/
#define TXT_PRIVATE_SPACE 0xfed20000UL
#define TXT_PUBLIC_SPACE 0xfed30000UL
#define TXT_TPM_DECODE_AREA 0xfed40000UL
#define TXT_RESERVED_SPACE 0xfed50000UL
#define TXT_RESERVED_SPACE_SIZE 0x3ffff
/* ESI flags for GETSEC[ENTERACCS] see Reference Number: 323372-017 */
#define ACMINPUT_SCLEAN 0
#define ACMINPUT_RESET_TPM_AUXILIARY_INDICIES 2
#define ACMINPUT_NOP 3
#define ACMINPUT_SCHECK 4
#define ACMINPUT_CLEAR_SECRETS 5
#define ACMINPUT_LOCK_CONFIG 6
/*
* GetSec EAX value.
* SAFER MODE EXTENSIONS REFERENCE.
* Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2
* Order Number: 325383-060US
*/
#define IA32_GETSEC_CAPABILITIES 0
#define IA32_GETSEC_ENTERACCS 2
#define IA32_GETSEC_SENTER 4
#define IA32_GETSEC_SEXIT 5
#define IA32_GETSEC_PARAMETERS 6
#define IA32_GETSEC_SMCTRL 7
#define IA32_GETSEC_WAKEUP 8
#define GETSEC_PARAMS_TXT_EXT_CRTM_SUPPORT (1ul << 5)
#define GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK (1ul << 6)
/* ACM defines */
#define INTEL_ACM_VENDOR 0x00008086
#define ACM_FORMAT_FLAGS_PW 0x00000000
#define ACM_FORMAT_FLAGS_NPW (1 << 14)
#define ACM_FORMAT_FLAGS_DEBUG (1 << 15)
/* Old ACMs are power of two aligned, newer ACMs are not */
#define ACM_FORMAT_SIZE_64KB (64 * KiB / 4)
#define ACM_FORMAT_SIZE_128KB (128 * KiB / 4)
#define ACM_FORMAT_SIZE_256KB (256 * KiB / 4)
/* MSRs */
#define IA32_MCG_STATUS 0x17a
/* DPR register layout, either in PCI config space or TXT MMIO space */
union dpr_register {
struct {
uint32_t lock : 1; /* [ 0.. 0] */
uint32_t prs : 1; /* [ 1.. 1] and only present on PCI config */
uint32_t epm : 1; /* [ 2.. 2] and only present on PCI config */
uint32_t : 1;
uint32_t size : 8; /* [11.. 4] */
uint32_t : 8;
uint32_t top : 12; /* [31..20] */
};
uint32_t raw;
};
typedef enum {
CHIPSET_ACM = 2,
} acm_module_type;
typedef enum {
BIOS = 0,
SINIT = 1,
} acm_module_sub_type;
/*
* ACM Header v0.0 without dynamic part
* Chapter A.1
* Intel TXT Software Development Guide (Document: 315168-015)
*/
struct __packed acm_header_v0 {
uint16_t module_type;
uint16_t module_sub_type;
uint32_t header_len;
uint16_t header_version[2];
uint16_t chipset_id;
uint16_t flags;
uint32_t module_vendor;
uint32_t date;
uint32_t size;
uint16_t txt_svn;
uint16_t se_svn;
uint32_t code_control;
uint32_t error_entry_point;
uint32_t gdt_limit;
uint32_t gdt_ptr;
uint32_t seg_sel;
uint32_t entry_point;
uint8_t reserved2[64];
uint32_t key_size;
uint32_t scratch_size;
uint8_t rsa2048_pubkey[256];
uint32_t pub_exp;
uint8_t rsa2048_sig[256];
uint32_t scratch[143];
uint8_t user_area[];
};
struct __packed acm_info_table {
uint8_t uuid[16];
uint8_t chipset_acm_type;
uint8_t version;
uint16_t length;
uint32_t chipset_id_list;
uint32_t os_sinit_data_ver;
uint32_t min_mle_hdr_ver;
uint32_t capabilities;
uint8_t acm_ver;
uint8_t reserved[3];
};
/*
* Extended Data Elements
* Chapter C.1
* Intel TXT Software Development Guide (Document: 315168-015)
*/
struct __packed txt_extended_data_element_header {
uint32_t type;
uint32_t size;
uint8_t data[0];
};
#define HEAP_EXTDATA_TYPE_END 0
#define HEAP_EXTDATA_TYPE_BIOS_SPEC_VER 1
#define HEAP_EXTDATA_TYPE_ACM 2
#define HEAP_EXTDATA_TYPE_CUSTOM 4
struct __packed txt_bios_spec_ver_element {
struct txt_extended_data_element_header header;
uint16_t ver_major;
uint16_t ver_minor;
uint16_t ver_revision;
};
/* Used when only the BIOS ACM is included in CBFS */
struct __packed txt_heap_acm_element1 {
struct txt_extended_data_element_header header;
uint32_t num_acms; // must greater 0, smaller than 3
uint64_t acm_addrs[1];
};
/* Used when both BIOS and SINIT ACMs are included in CBFS */
struct __packed txt_heap_acm_element2 {
struct txt_extended_data_element_header header;
uint32_t num_acms; // must greater 0, smaller than 3
uint64_t acm_addrs[2];
};
/*
* BIOS Data Format
* Chapter C.2
* Intel TXT Software Development Guide (Document: 315168-015)
*/
struct __packed txt_biosdataregion {
uint32_t version;
uint32_t bios_sinit_size;
uint64_t lcp_pd_base;
uint64_t lcp_pd_size;
uint32_t no_logical_procs;
uint32_t sinit_flags;
union {
uint32_t mle_flags;
struct {
uint32_t support_acpi_ppi : 1;
uint32_t platform_type : 2;
};
};
u8 extended_data_elements[0];
};
void txt_dump_regions(void);
void txt_dump_chipset_info(void);
void txt_dump_acm_info(const struct acm_header_v0 *acm_header);
void txt_dump_getsec_parameters(void);
#endif /* SECURITY_INTEL_TXT_REGISTER_H_ */
|