I am trying to use the functions in Tpm2CommandLib to write data to TPM2 in EDK2. I have defined the index that I am going to write data to, using the DefineSpace function. Whenever I am trying to use the Tpm2NvWrite function, I keep getting EFI_DEVICE_ERROR with a response code 0x1D5. Is there anything to do before Tpm2NvWrite that I don't know or do I use the wrong parameters?
I tried to change the AuthSession parameters but nothing has changed. I changed Offset just to be sure if everything is alright at that side of the code.
EFI_STATUS
EFIAPI
DefineSpaceTPM2(
)
{
EFI_STATUS Status;
UINT32 authSize;
ORIG_AUTH_AREA authArea;
TPM2_NV_DEFINE_SPACE_COMMAND CmdBuffer;
UINT32 CmdBufferSize;
TPM2_NV_DEFINESPACE_RESPONSE RecvBuffer;
UINT32 RecvBufferSize;
ORIG_NV_PUBLIC publicInfo;
// Auth Area
authArea.sessionHandle = SwapBytes32(TPM_RS_PW);
authArea.nonceSizeZero = SwapBytes16(0);
authArea.sessionAttributes.continueSession = 0;
authArea.sessionAttributes.auditExclusive = 0;
authArea.sessionAttributes.auditReset = 0;
authArea.sessionAttributes.reserved3_4 = 0;
authArea.sessionAttributes.decrypt = 0;
authArea.sessionAttributes.encrypt = 0;
authArea.sessionAttributes.audit = 0;
authArea.hmacSizeZero = SwapBytes16(0);
authSize = sizeof(authArea);
// publicInfo area
publicInfo.nvIndex = SwapBytes32(NV_INDEX_FIRST + 0x10);
publicInfo.nameAlg = SwapBytes16(TPM_ALG_SHA256);
publicInfo.attributes = SwapBytes32(0x20f500f);
publicInfo.authPolicySizeZero = SwapBytes16(0);
publicInfo.dataSize = SwapBytes16(16);
publicInfo.size = SwapBytes16(sizeof(publicInfo) - sizeof(publicInfo.size));
// set parameters
CmdBuffer.Header.tag = SwapBytes16(TPM_ST_SESSIONS);
CmdBuffer.Header.commandCode = SwapBytes32(TPM_CC_NV_DefineSpace);
CmdBuffer.authHandle = SwapBytes32(TPM_RH_OWNER);
CmdBuffer.authSize = SwapBytes32(authSize);
CmdBuffer.authArea = authArea;
CmdBuffer.authSizeZero = SwapBytes16(0);
CmdBuffer.publicInfo = publicInfo;
CmdBufferSize = sizeof(CmdBuffer.Header) + sizeof(CmdBuffer.authHandle) + sizeof(CmdBuffer.authSize) +
sizeof(CmdBuffer.authArea) + sizeof(CmdBuffer.authSizeZero) + sizeof(CmdBuffer.publicInfo);
CmdBuffer.Header.paramSize = SwapBytes32(CmdBufferSize);
// send TPM command
DEBUG((DEBUG_INFO, "DefineSpaceTPM2 Sending..\n"));
RecvBufferSize = sizeof(RecvBuffer);
Status = Tpm2SubmitCommand (CmdBufferSize, (UINT8*)&CmdBuffer, &RecvBufferSize, (UINT8*)&RecvBuffer);
if (Status != EFI_SUCCESS) {
DEBUG((DEBUG_INFO, "Code couldn't be submitted\n"));
return Status;
}
UINT32 res = SwapBytes32(RecvBuffer.Header.responseCode);
if (res != TPM_RC_SUCCESS) {
DEBUG ((EFI_D_ERROR, "DefineSpaceTPM2 - responseCode - %x\n", res));
}
return Status;
}
EFI_STATUS
EFIAPI
WriteToDefinedSpace(
)
{
EFI_STATUS Status;
TPMI_RH_NV_AUTH AuthHandle;
TPMS_AUTH_COMMAND *AuthSession;
TPM2B_MAX_BUFFER *InData,
UINT16 Offset
AuthSession = (TPMS_AUTH_COMMAND*) AllocateZeroPool (sizeof(TPMS_AUTH_COMMAND));
OutData = (TPM2B_MAX_BUFFER *) AllocateZeroPool (sizeof(TPM2B_MAX_BUFFER));
InData = (TPM2B_MAX_BUFFER *) AllocateZeroPool (sizeof(TPM2B_MAX_BUFFER));
//MAX_DIGEST_BUFFER is default and the value is 1024
OutData->size = MAX_DIGEST_BUFFER * sizeof(BYTE);
InData->size = MAX_DIGEST_BUFFER * sizeof(BYTE);
Size = 0x2;
Offset = 0x0;
InData->buffer[0] = 0xC;
InData->buffer[1] = 0xC;
AuthSession->sessionHandle = TPM_RS_PW;
AuthSession->nonce.size = 0;
CopyMem (AuthSession->nonce.buffer, NULL, 64 * sizeof(BYTE));
AuthSession->sessionAttributes.continueSession = 0;
AuthSession->sessionAttributes.auditExclusive = 0;
AuthSession->sessionAttributes.auditReset = 0;
AuthSession->sessionAttributes.reserved3_4 = 0;
AuthSession->sessionAttributes.decrypt = 0;
AuthSession->sessionAttributes.encrypt = 0;
AuthSession->sessionAttributes.audit = 0;
AuthSession->hmac.size = 0;
CopyMem (AuthSession->hmac.buffer, NULL, 64 * sizeof(BYTE));
AuthHandle = TPM_RH_OWNER;
Status = Tpm2NvWrite (AuthHandle, NV_INDEX_FIRST + 0x10, AuthSession, InData, Offset);
if (Status != EFI_SUCCESS){
DEBUG((DEBUG_INFO, "Tpm2NvWrite Status at WriteToDefinedSpace Tpm: %r\n", Status));
}
return Status;
}