coreboot
coreboot is an Open Source project aimed at replacing the proprietary BIOS found in most computers.
txt_register.h
Go to the documentation of this file.
1 /* SPDX-License-Identifier: GPL-2.0-only */
2 
3 #ifndef SECURITY_INTEL_TXT_REGISTER_H_
4 #define SECURITY_INTEL_TXT_REGISTER_H_
5 
6 #include <types.h>
7 
8 /*
9  * Document: 315168-016
10  * Intel Trusted Execution Technology (Intel TXT)
11  * Software Development Guide
12  * Chapter B
13  */
14 #define TXT_BASE 0xfed30000UL
15 
16 #define TXT_STS (TXT_BASE + 0)
17 #define TXT_ESTS (TXT_BASE + 8)
18 #define TXT_ESTS_TXT_RESET_STS (1 << 0)
19 /*
20  * Chapter 6
21  * Intel Trusted Execution Technology Lab Handout
22  */
23 #define TXT_ESTS_WAKE_ERROR_STS (1 << 6)
24 
25 #define TXT_ERROR (TXT_BASE + 0x30)
26 #define ACMERROR_TXT_VALID (1ul << 31)
27 #define ACMERROR_TXT_EXTERNAL (1ul << 30)
28 
29 #define ACMERROR_TXT_PROGRESS_SHIFT 16
30 #define ACMERROR_TXT_MINOR_SHIFT 15
31 #define ACMERROR_TXT_MAJOR_SHIFT 10
32 #define ACMERROR_TXT_CLASS_SHIFT 4
33 #define ACMERROR_TXT_TYPE_SHIFT 0
34 
35 #define ACMERROR_TXT_PROGRESS_CODE (0xffull << ACMERROR_TXT_PROGRESS_SHIFT)
36 #define ACMERROR_TXT_MINOR_CODE (0x01ull << ACMERROR_TXT_MINOR_SHIFT)
37 #define ACMERROR_TXT_MAJOR_CODE (0x1full << ACMERROR_TXT_MAJOR_SHIFT)
38 #define ACMERROR_TXT_CLASS_CODE (0x3full << ACMERROR_TXT_CLASS_SHIFT)
39 #define ACMERROR_TXT_TYPE_CODE (0x0full << ACMERROR_TXT_TYPE_SHIFT)
40 
41 #define ACMERROR_TXT_AC_MODULE_TYPE_BIOS 0
42 #define ACMERROR_TXT_AC_MODULE_TYPE_SINIT 1
43 
44 #define TXT_ERROR_MASK (0x3ff << 0)
45 
46 #define TXT_CMD_RESET (TXT_BASE + 0x38)
47 #define TXT_CMD_CLOSE_PRIVATE (TXT_BASE + 0x48)
48 
49 /* Present in Document Number: 315168-016. */
50 #define TXT_SPAD (TXT_BASE + 0xa0)
51 #define ACMSTS_IBB_MEASURED (1ull << 63)
52 #define ACMSTS_VERIFICATION_ERROR (1ull << 62)
53 #define ACMSTS_BG_STARTUP_ERROR (1ull << 61) /* CBnT platforms only */
54 #define ACMSTS_TXT_DISABLED (1ull << 60) /* disabled by FIT type 0xA record */
55 #define ACMSTS_BIOS_TRUSTED (1ull << 59)
56 #define ACMSTS_MEM_CLEAR_POWER_DOWN (1ull << 47)
57 #define ACMSTS_TXT_STARTUP_SUCCESS (1ull << 30)
58 
59 #define TXT_VER_FSBIF (TXT_BASE + 0x100)
60 #define TXT_VER_PRODUCTION_FUSED (1ull << 31)
61 
62 #define TXT_DIDVID (TXT_BASE + 0x110)
63 
64 /*
65  * Chapter 6
66  * Intel Trusted Execution Technology Lab Handout
67  */
68 #define TXT_CAPABILITIES (TXT_BASE + 0x200)
69 #define TXT_CAPABILITIES_DPR (1ull << 26)
70 #define TXT_CAPABILITIES_PMRC (1ull << 19)
71 
72 #define TXT_VER_QPIIF (TXT_BASE + 0x200)
73 
74 #define TXT_SINIT_BASE (TXT_BASE + 0x270)
75 #define TXT_SINIT_SIZE (TXT_BASE + 0x278)
76 #define TXT_MLE_JOIN (TXT_BASE + 0x290)
77 
78 #define TXT_HEAP_BASE (TXT_BASE + 0x300)
79 #define TXT_HEAP_SIZE (TXT_BASE + 0x308)
80 /*
81  * Chapter 6
82  * Intel Trusted Execution Technology Lab Handout
83  */
84 #define TXT_MSEG_BASE (TXT_BASE + 0x310)
85 #define TXT_MSEG_SIZE (TXT_BASE + 0x318)
86 
87 /*
88  * Chapter 5.4.2.1
89  * Intel Trusted Execution Technology Lab Handout
90  */
91 #define TXT_BIOSACM_ERRORCODE (TXT_BASE + 0x328)
92 
93 #define TXT_DPR (TXT_BASE + 0x330)
94 
95 #define TXT_ACM_KEY_HASH (TXT_BASE + 0x400)
96 #define TXT_ACM_KEY_HASH_LEN 0x4
97 
98 #define TXT_E2STS (TXT_BASE + 0x8f0)
99 #define TXT_E2STS_SECRET_STS (1ull << 1)
100 
101 /*
102  * TCG PC Client Platform TPM Profile (PTP) Specification
103  *
104  * Note: Only locality 0 registers are publicly accessible.
105  */
106 
107 #define TPM_BASE 0xfed40000UL
108 
109 #define TPM_ACCESS_REG (TPM_BASE + 0x00)
110 
111 /*
112  * TXT Memory regions
113  * Chapter 5.3
114  * Intel Trusted Execution Technology Lab Handout
115  */
116 #define TXT_PRIVATE_SPACE 0xfed20000UL
117 #define TXT_PUBLIC_SPACE 0xfed30000UL
118 #define TXT_TPM_DECODE_AREA 0xfed40000UL
119 #define TXT_RESERVED_SPACE 0xfed50000UL
120 
121 #define TXT_RESERVED_SPACE_SIZE 0x3ffff
122 
123 /* ESI flags for GETSEC[ENTERACCS] see Reference Number: 323372-017 */
124 #define ACMINPUT_SCLEAN 0
125 #define ACMINPUT_RESET_TPM_AUXILIARY_INDICIES 2
126 #define ACMINPUT_NOP 3
127 #define ACMINPUT_SCHECK 4
128 #define ACMINPUT_CLEAR_SECRETS 5
129 #define ACMINPUT_LOCK_CONFIG 6
130 
131 /*
132  * GetSec EAX value.
133  * SAFER MODE EXTENSIONS REFERENCE.
134  * Intel 64 and IA-32 Architectures Software Developer Manuals Vol 2
135  * Order Number: 325383-060US
136  */
137 #define IA32_GETSEC_CAPABILITIES 0
138 #define IA32_GETSEC_ENTERACCS 2
139 #define IA32_GETSEC_SENTER 4
140 #define IA32_GETSEC_SEXIT 5
141 #define IA32_GETSEC_PARAMETERS 6
142 #define IA32_GETSEC_SMCTRL 7
143 #define IA32_GETSEC_WAKEUP 8
144 
145 #define GETSEC_PARAMS_TXT_EXT_CRTM_SUPPORT (1ul << 5)
146 #define GETSEC_PARAMS_TXT_EXT_MACHINE_CHECK (1ul << 6)
147 
148 /* ACM defines */
149 #define INTEL_ACM_VENDOR 0x00008086
150 
151 #define ACM_FORMAT_FLAGS_PW 0x00000000
152 #define ACM_FORMAT_FLAGS_NPW (1 << 14)
153 #define ACM_FORMAT_FLAGS_DEBUG (1 << 15)
154 
155 /* Old ACMs are power of two aligned, newer ACMs are not */
156 #define ACM_FORMAT_SIZE_64KB (64 * KiB / 4)
157 #define ACM_FORMAT_SIZE_128KB (128 * KiB / 4)
158 #define ACM_FORMAT_SIZE_256KB (256 * KiB / 4)
159 
160 /* MSRs */
161 #define IA32_MCG_STATUS 0x17a
162 
163 /* DPR register layout, either in PCI config space or TXT MMIO space */
164 union dpr_register {
165  struct {
166  uint32_t lock : 1; /* [ 0.. 0] */
167  uint32_t prs : 1; /* [ 1.. 1] and only present on PCI config */
168  uint32_t epm : 1; /* [ 2.. 2] and only present on PCI config */
169  uint32_t : 1;
170  uint32_t size : 8; /* [11.. 4] */
171  uint32_t : 8;
172  uint32_t top : 12; /* [31..20] */
173  };
174  uint32_t raw;
175 };
176 
177 typedef enum {
178  CHIPSET_ACM = 2,
179 } acm_module_type;
180 
181 typedef enum {
182  BIOS = 0,
183  SINIT = 1,
184 } acm_module_sub_type;
185 
186 /*
187  * ACM Header v0.0 without dynamic part
188  * Chapter A.1
189  * Intel TXT Software Development Guide (Document: 315168-015)
190  */
191 struct __packed acm_header_v0 {
192  uint16_t module_type;
193  uint16_t module_sub_type;
194  uint32_t header_len;
195  uint16_t header_version[2];
196  uint16_t chipset_id;
197  uint16_t flags;
198  uint32_t module_vendor;
199  uint32_t date;
200  uint32_t size;
201  uint16_t txt_svn;
202  uint16_t se_svn;
203  uint32_t code_control;
204  uint32_t error_entry_point;
205  uint32_t gdt_limit;
206  uint32_t gdt_ptr;
207  uint32_t seg_sel;
208  uint32_t entry_point;
209  uint8_t reserved2[64];
210  uint32_t key_size;
211  uint32_t scratch_size;
212  uint8_t rsa2048_pubkey[256];
213  uint32_t pub_exp;
214  uint8_t rsa2048_sig[256];
215  uint32_t scratch[143];
216  uint8_t user_area[];
217 };
218 
219 struct __packed acm_info_table {
220  uint8_t uuid[16];
221  uint8_t chipset_acm_type;
222  uint8_t version;
223  uint16_t length;
224  uint32_t chipset_id_list;
225  uint32_t os_sinit_data_ver;
226  uint32_t min_mle_hdr_ver;
227  uint32_t capabilities;
228  uint8_t acm_ver;
229  uint8_t reserved[3];
230 };
231 
232 /*
233  * Extended Data Elements
234  * Chapter C.1
235  * Intel TXT Software Development Guide (Document: 315168-015)
236  */
237 struct __packed txt_extended_data_element_header {
238  uint32_t type;
239  uint32_t size;
240  uint8_t data[0];
241 };
242 
243 #define HEAP_EXTDATA_TYPE_END 0
244 #define HEAP_EXTDATA_TYPE_BIOS_SPEC_VER 1
245 #define HEAP_EXTDATA_TYPE_ACM 2
246 #define HEAP_EXTDATA_TYPE_CUSTOM 4
247 
248 struct __packed txt_bios_spec_ver_element {
249  struct txt_extended_data_element_header header;
250  uint16_t ver_major;
251  uint16_t ver_minor;
252  uint16_t ver_revision;
253 };
254 
255 /* Used when only the BIOS ACM is included in CBFS */
256 struct __packed txt_heap_acm_element1 {
257  struct txt_extended_data_element_header header;
258  uint32_t num_acms; // must greater 0, smaller than 3
259  uint64_t acm_addrs[1];
260 };
261 
262 /* Used when both BIOS and SINIT ACMs are included in CBFS */
263 struct __packed txt_heap_acm_element2 {
264  struct txt_extended_data_element_header header;
265  uint32_t num_acms; // must greater 0, smaller than 3
266  uint64_t acm_addrs[2];
267 };
268 
269 /*
270  * BIOS Data Format
271  * Chapter C.2
272  * Intel TXT Software Development Guide (Document: 315168-015)
273  */
274 struct __packed txt_biosdataregion {
275  uint32_t version;
276  uint32_t bios_sinit_size;
277  uint64_t lcp_pd_base;
278  uint64_t lcp_pd_size;
279  uint32_t no_logical_procs;
280  uint32_t sinit_flags;
281  union {
282  uint32_t mle_flags;
283  struct {
284  uint32_t support_acpi_ppi : 1;
285  uint32_t platform_type : 2;
286  };
287  };
288  u8 extended_data_elements[0];
289 };
290 
291 void txt_dump_regions(void);
292 void txt_dump_chipset_info(void);
293 void txt_dump_acm_info(const struct acm_header_v0 *acm_header);
294 void txt_dump_getsec_parameters(void);
295 
296 #endif /* SECURITY_INTEL_TXT_REGISTER_H_ */
scratch
static struct @3 scratch
uint16_t
unsigned short uint16_t
Definition: stdint.h:11
uint32_t
unsigned int uint32_t
Definition: stdint.h:14
uint64_t
unsigned long long uint64_t
Definition: stdint.h:17
u8
uint8_t u8
Definition: stdint.h:45
uint8_t
unsigned char uint8_t
Definition: stdint.h:8
__packed
Definition: x86.c:23
__packed::reserved
char reserved[236]
Definition: x86.c:30
__packed::data
u32 data
Definition: crashlog.h:38
__packed::reserved2
u8 reserved2[4]
Definition: opregion.h:113
__packed::header
opregion_header_t header
Definition: opregion.h:180
acm_header_v0
Definition: txt_register.h:191
acm_header_v0::code_control
uint32_t code_control
Definition: txt_register.h:203
acm_header_v0::key_size
uint32_t key_size
Definition: txt_register.h:210
acm_header_v0::size
uint32_t size
Definition: txt_register.h:200
acm_header_v0::txt_svn
uint16_t txt_svn
Definition: txt_register.h:201
acm_header_v0::gdt_ptr
uint32_t gdt_ptr
Definition: txt_register.h:206
acm_header_v0::error_entry_point
uint32_t error_entry_point
Definition: txt_register.h:204
acm_header_v0::se_svn
uint16_t se_svn
Definition: txt_register.h:202
acm_header_v0::module_type
uint16_t module_type
Definition: txt_register.h:192
acm_header_v0::module_sub_type
uint16_t module_sub_type
Definition: txt_register.h:193
acm_header_v0::scratch_size
uint32_t scratch_size
Definition: txt_register.h:211
acm_header_v0::seg_sel
uint32_t seg_sel
Definition: txt_register.h:207
acm_header_v0::module_vendor
uint32_t module_vendor
Definition: txt_register.h:198
acm_header_v0::entry_point
uint32_t entry_point
Definition: txt_register.h:208
acm_header_v0::flags
uint16_t flags
Definition: txt_register.h:197
acm_header_v0::chipset_id
uint16_t chipset_id
Definition: txt_register.h:196
acm_header_v0::pub_exp
uint32_t pub_exp
Definition: txt_register.h:213
acm_header_v0::date
uint32_t date
Definition: txt_register.h:199
acm_header_v0::header_len
uint32_t header_len
Definition: txt_register.h:194
acm_header_v0::gdt_limit
uint32_t gdt_limit
Definition: txt_register.h:205
acm_info_table
Definition: txt_register.h:219
acm_info_table::chipset_id_list
uint32_t chipset_id_list
Definition: txt_register.h:224
acm_info_table::chipset_acm_type
uint8_t chipset_acm_type
Definition: txt_register.h:221
acm_info_table::length
uint16_t length
Definition: txt_register.h:223
acm_info_table::capabilities
uint32_t capabilities
Definition: txt_register.h:227
acm_info_table::acm_ver
uint8_t acm_ver
Definition: txt_register.h:228
acm_info_table::os_sinit_data_ver
uint32_t os_sinit_data_ver
Definition: txt_register.h:225
acm_info_table::version
uint8_t version
Definition: txt_register.h:222
acm_info_table::min_mle_hdr_ver
uint32_t min_mle_hdr_ver
Definition: txt_register.h:226
txt_bios_spec_ver_element
Definition: txt_register.h:248
txt_bios_spec_ver_element::ver_major
uint16_t ver_major
Definition: txt_register.h:250
txt_bios_spec_ver_element::ver_minor
uint16_t ver_minor
Definition: txt_register.h:251
txt_biosdataregion
Definition: txt_register.h:274
txt_biosdataregion::no_logical_procs
uint32_t no_logical_procs
Definition: txt_register.h:279
txt_biosdataregion::bios_sinit_size
uint32_t bios_sinit_size
Definition: txt_register.h:276
txt_biosdataregion::version
uint32_t version
Definition: txt_register.h:275
txt_biosdataregion::sinit_flags
uint32_t sinit_flags
Definition: txt_register.h:280
txt_biosdataregion::platform_type
uint32_t platform_type
Definition: txt_register.h:285
txt_biosdataregion::lcp_pd_base
uint64_t lcp_pd_base
Definition: txt_register.h:277
txt_biosdataregion::mle_flags
uint32_t mle_flags
Definition: txt_register.h:282
txt_biosdataregion::support_acpi_ppi
uint32_t support_acpi_ppi
Definition: txt_register.h:284
txt_biosdataregion::lcp_pd_size
uint64_t lcp_pd_size
Definition: txt_register.h:278
txt_extended_data_element_header
Definition: txt_register.h:237
txt_extended_data_element_header::size
uint32_t size
Definition: txt_register.h:239
txt_extended_data_element_header::type
uint32_t type
Definition: txt_register.h:238
txt_heap_acm_element1
Definition: txt_register.h:256
txt_heap_acm_element1::num_acms
uint32_t num_acms
Definition: txt_register.h:258
txt_heap_acm_element2
Definition: txt_register.h:263
txt_heap_acm_element2::num_acms
uint32_t num_acms
Definition: txt_register.h:265
txt_dump_regions
void txt_dump_regions(void)
Definition: logging.c:191
acm_module_type
acm_module_type
Definition: txt_register.h:177
CHIPSET_ACM
@ CHIPSET_ACM
Definition: txt_register.h:178
txt_dump_getsec_parameters
void txt_dump_getsec_parameters(void)
Definition: logging.c:225
txt_dump_chipset_info
void txt_dump_chipset_info(void)
Dump information about the chipset's TXT capabilities.
Definition: logging.c:177
txt_dump_acm_info
void txt_dump_acm_info(const struct acm_header_v0 *acm_header)
Dump information about the provided ACM.
Definition: logging.c:94
acm_module_sub_type
acm_module_sub_type
Definition: txt_register.h:181
SINIT
@ SINIT
Definition: txt_register.h:183
BIOS
@ BIOS
Definition: txt_register.h:182
dpr_register
Definition: txt_register.h:164
dpr_register::raw
uint32_t raw
Definition: txt_register.h:174
dpr_register::prs
uint32_t prs
Definition: txt_register.h:167
dpr_register::size
uint32_t size
Definition: txt_register.h:170
dpr_register::top
uint32_t top
Definition: txt_register.h:172
dpr_register::lock
uint32_t lock
Definition: txt_register.h:166
dpr_register::epm
uint32_t epm
Definition: txt_register.h:168