TCG PC Client Specific TIS - Trusted Computing Group
2y ago
54 Views
1 Downloads
1.61 MB
123 Pages
Report/dmca
Download PDF

Transcription

TCG PC Client Platform Firmware ProfileSpecificationFamily “2.0”Level 00 Revision 1.04June 3, 2019PublishedContact: admin@trustedcomputinggroup.orgTCG PublishedCopyright TCG 2003 - 2019TCG

TCG PC Client Platform Firmware ProfileSpecificationDisclaimers, Notices, and License TermsTHIS SPECIFICATION IS PROVIDED "AS IS" WITH NO WARRANTIES WHATSOEVER,INCLUDING ANY WARRANTY OF MERCHANTABILITY, NONINFRINGEMENT, FITNESSFOR ANY PARTICULAR PURPOSE, OR ANY WARRANTY OTHERWISE ARISING OUT OFANY PROPOSAL, SPECIFICATION OR SAMPLE.Without limitation, TCG disclaims all liability, including liability for infringement of anyproprietary rights, relating to use of information in this specification and to theimplementation of this specification, and TCG disclaims all liability for cost ofprocurement of substitute goods or services, lost profits, loss of use, loss of data or anyincidental, consequential, direct, indirect, or special damages, whether under contract,tort, warranty or otherwise, arising in any way out of use or reliance upon thisspecification or any information herein.This document is copyrighted by Trusted Computing Group (TCG), and no license,express or implied, is granted herein other than as follows: You may not copy orreproduce the document or distribute it to others without written permission from TCG,except that you may freely do so for the purposes of (a) examining or implementing TCGspecifications or (b) developing, testing, or promoting information technology standardsand best practices, so long as you distribute the document with these disclaimers,notices, and license terms.Contact the Trusted Computing Group at www.trustedcomputinggroup.org forinformation on specification licensing through membership agreements.Any marks and brands contained herein are the property of their respective owners.Family “2.0”Level 00 Revision 1.04TCG PublishedCopyright TCG 2003 - 2019Page iiJune 3, 2019

TCG PC Client Platform Firmware ProfileSpecificationChange HistoryRevisionDateDescription1.00 21March 30, 2016Initial Release1.03 51March 20, 2017Published Update1.04April 2, 2018Incorporated Errata, member feedback, typos, andadded Section 8.3 and Annex AFamily “2.0”Level 00 Revision 1.04TCG PublishedCopyright TCG 2003 - 2019Page iiiJune 3, 2019

SpecificationTCG PC Client Platform Firmware ProfileAcknowledgementsThe writing of a specification, particularly a security specification, takes manyhours for both development and review. The TCG would like to acknowledge thecontribution of those individuals (listed below) and the companies who allowedthem to volunteer their time to the development of this specification.Special thanks are due to Amy Nelson and Rob Spiger, who served as Chairs of thePC Client Working Group during the development of this specification.The TCG would also like to give special thanks to Amy Nelson who served as theeditor of this specification.ContributorsGary Simpson, AMDAmy Nelson, Dell, IncShiva Dasari, Hewlett Packard EnterpriseKen Goldman, IBMNayna Jain, IBMJiewen Yao, IntelQin Long, IntelRobert Hart, Johns Hopkins University, Applied Physics LabRonald Aigner, MicrosoftDick Wilkins, PhoenixPage ivJune 3, 2019TCG PublishedCopyright TCG 2003 - 2019Family “2.0”Level 00 Revision 1.04

TCG PC Client Platform Firmware ProfileSpecificationContents1Introduction and Concepts. 11.11.2PC Client Specific Architecture . 2PC Client Concepts . 101.2.111.2.121.2.131.2.141.2.151.3Overview of the Measurement Process . 131.3.11.41.52Division of Documentation . 15“This” Specification . 15Platform TPM Profile (PTP) . 15TPM Library Specification. 15TCG ACPI Specification . 15TCG Physical Presence Specification . 16TCG Platform Reset Attack Mitigation Specification . 16TCG EFI Protocol Specification . 16External Specifications . 16Specification Conventions . 17Host Platform Roots of Trust Requirements . 182.1Locality Support Requirements . 182.1.12.1.22.22.3Pre-OS Environment . 18OS Environment . 18SRTM . 182.2.12.2.22.2.32.2.4Introduction of Concepts. 18Initial TBB Control and Host Platform Reset . 19Static Root of Trust for Measurement (SRTM) . 19Transfer of Control from SRTM . 19Integrity Collection and Reporting . 192.3.12.3.22.3.32.3.42.3.53Usage and Optimization of Hash Functions . 14Terminology . 14TCG Specification Dependency and Naming . st Platform TPM . 4Trusted Building Block (TBB) . 4Roots of Trust . 4Host Platform . 5Non-Host Platforms . 5System . 6Host Platform and TPM Reset . 6PCI Option ROM Request for Reset . 7Trusted Process . 7TPM Control Surface . 7Boot State Transition . 9Establishing the Chain of Trust. 9Locality. 9System and TPM Power States. 12General Host Platform Power Requirements . 13Collection and Reporting of Measurements . 20Error Conditions . 21Boot Event and PCR Usage Model . 23PCR Usage . 27Localities assigned to RTM’s . 50Non-Volatile Storage . 52Family “2.0”Level 00 Revision 1.04TCG PublishedCopyright TCG 2003 - 2019Page vJune 3, 2019

Specification3.14Platform Firmware Recovery Mode . 53Flash Maintenance . 54Firmware Compliance Requirements. 54TCG Certificates and Verification of a Platform for SP800-155 Compliance . 55TPM Discoverability . 576.16.26.37NV RAM Size and Allocation . 52Maintenance . 534.14.24.356TPM Visibility to the OS . 57TPM Visibility to End-Users through BIOS Setup . 59Platform Firmware Setup TPM Control Surface . 59State Transitions . 637.17.2Architecture and Definitions . 63Procedure for Pre-OS to OS-Present Transition . 637.2.17.2.27.2.37.2.47.2.57.3General Host Platform and OS Power Requirements . 66Power State Transitions . 66Off to S0 (Working) . 67S0(Working) to Off . 69S1(Sleep) to S0 Working, S0 to S1 . 69S0 (Working) to S2 (Sleep). 69S2 (Sleep) to S0 (Working). 70S0 (Working) to S3 (Sleep). 71S3 (Sleep) to S0 (Working). 72ACPI . 758.1ACPI Device Object for TPM . 768.1.18.1.28.1.38.28.39Extending PCR[4] . 64Extending PCR[5] . 64Extending PCR[7] . 64Measuring OS Boot Events . 64Passing Control of the TPM from Pre-OS to OS-Present Environments . 65Power States, Transitions, and TPM Initialization . G PC Client Platform Firmware ProfileTPM Visible. 76TPM Hidden but Discoverable . 76TPM Hidden and Not Discoverable . 76ACPI Table Usage . 77TPM Interrupt Support. 79Event Logging . 809.19.2Introduction . 80TCG Defined Structures . 869.2.19.2.29.2.39.2.49.2.59.2.69.39.4TCG PCClientPCREvent Structure . 86TCG PCR EVENT2 Structure . 87UEFI IMAGE LOAD EVENT Structure . 88Measuring Industry Standard Tables and Data Structures . 88UEFI PLATFORM FIRMWARE BLOB Structure Definition . 89Measuring UEFI Variables. 89Measurement Event Entries and Log. 90Event Descriptions . 929.4.19.4.29.4.3Event Types . 92Tagged Event Log Structure. 97EV ACTION Event Types . 98Page viJune 3, 2019TCG PublishedCopyright TCG 2003 - 2019Family “2.0”Level 00 Revision 1.04

TCG PC Client Platform Firmware Profile9.4.49.4.5SpecificationEV EFI ACTION Event Types. 99EV NO ACTION Event Types . 10010 Platform Hierarchy (Physical Presence) . 10511 Predictive Event Logs . 10612 Supporting TCG Opal SSC Block SID enabled devices. 107Annex A: TPM Interrupt ASL Example. 108Family “2.0”Level 00 Revision 1.04TCG PublishedCopyright TCG 2003 - 2019Page viiJune 3, 2019

SpecificationTCG PC Client Platform Firmware ProfileList of FiguresFigure 1 PC Client Platform Architectural Diagram . 3Figure 2 Example of SRTM and DRTM Initialization Sequence . 11Figure 3 SRTM remediation steps when initializing the TPM . 22Figure 4 UEFI Architecture. 24Figure 5 UEFI Platform Boot Process . 25Figure 6 PCR Mapping of UEFI Components . 26Figure 7 Firmware Actions during transitions from Off . 68Figure 8 Firmware Actions for S2 resume . 71Figure 9 Firmware Actions for Resume from S3 . 73Figure 10 ACPI Table points to CRB Control Area . 77Figure 11 ACPI Table with pointer to log area . 78Figure 12 Depiction of Log Formats . 81Page viiiJune 3, 2019TCG PublishedCopyright TCG 2003 - 2019Family “2.0”Level 00 Revision 1.04

TCG PC Client Platform Firmware ProfileSpecificationList of TablesTable 1 PCR Usage . 27Table 2 Example Comparison of TPM Family 1.2 and 2.0 Firmware User Interface . 60Table 3 Crypto Agile Event Log E

ANY PROPOSAL, SPECIFICATION OR SAMPLE. Without limitation, TCG disclaims all liability, including liability for infringement of any proprietary rights, relating to use of information in this specification and to the implementation of this s

Related Books

TCG-4 - Motronica

TCG-4 - Motronica

Escalator Specific: Inspection, Maintenance, and Repair .

Escalator Specific: Inspection, Maintenance, and Repair .

AWS Big Data Specialty specific prefixes. Scientists can .

AWS Big Data Specialty specific prefixes. Scientists can .

There is not a great deal of Oklahoma-specific research .

There is not a great deal of Oklahoma-specific research .

RENAULT GROUPE “Customer-Specific Requirements for use .

RENAULT GROUPE “Customer-Specific Requirements for use .

Soccer Specific Strength & Conditioning

Soccer Specific Strength & Conditioning

27 Soccer Specific Conditioning Drills

27 Soccer Specific Conditioning Drills

A Synthesis Methodology for Application-Specific Logic-in .

A Synthesis Methodology for Application-Specific Logic-in .

Ford Motor Company Customer-Specific Requirements

Ford Motor Company Customer-Specific Requirements

SPECIFIC GRAVITY OF COARSE AGGREGATE AASHTO T 85 - in

SPECIFIC GRAVITY OF COARSE AGGREGATE AASHTO T 85 - in

Are Game Design and User Research Guidelines Specific to .

Are Game Design and User Research Guidelines Specific to .

Versant Aviation English Test: a job-specific test of .

Versant Aviation English Test: a job-specific test of .

PopularTags

Recent Views