github.com/linuxboot/fiano@v1.2.0/pkg/intel/metadata/cbnt/cbntbootpolicy/se.go (about) 1 // Copyright 2017-2021 the LinuxBoot Authors. All rights reserved 2 // Use of this source code is governed by a BSD-style 3 // license that can be found in the LICENSE file. 4 5 //go:generate manifestcodegen 6 7 package cbntbootpolicy 8 9 import ( 10 "fmt" 11 "math" 12 "time" 13 14 "github.com/linuxboot/fiano/pkg/intel/metadata/cbnt" 15 ) 16 17 // SE is an IBB segments element 18 // 19 // PrettyString: IBB Segments Element 20 type SE struct { 21 StructInfo `id:"__IBBS__" version:"0x20" var0:"0" var1:"uint16(s.TotalSize())"` 22 Reserved0 [1]byte `require:"0" json:"seReserved0,omitempty"` 23 SetNumber uint8 `require:"0" json:"seSetNumber,omitempty"` 24 Reserved1 [1]byte `require:"0" json:"seReserved1,omitempty"` 25 PBETValue PBETValue `json:"sePBETValue"` 26 Flags SEFlags `json:"seFlags"` 27 28 // IBBMCHBAR <TO BE DOCUMENTED> 29 // PrettyString: IBB MCHBAR 30 IBBMCHBAR uint64 `json:"seIBBMCHBAR"` 31 32 // VTdBAR <TO BE DOCUMENTED> 33 // PrettyString: VT-d BAR 34 VTdBAR uint64 `json:"seVTdBAR"` 35 36 // DMAProtBase0 <TO BE DOCUMENTED> 37 // PrettyString: DMA Protection 0 Base Address 38 DMAProtBase0 uint32 `json:"seDMAProtBase0"` 39 40 // DMAProtLimit0 <TO BE DOCUMENTED> 41 // PrettyString: DMA Protection 0 Limit Address 42 DMAProtLimit0 uint32 `json:"seDMAProtLimit0"` 43 44 // DMAProtBase1 <TO BE DOCUMENTED> 45 // PrettyString: DMA Protection 1 Base Address 46 DMAProtBase1 uint64 `json:"seDMAProtBase1"` 47 48 // DMAProtLimit1 <TO BE DOCUMENTED> 49 // PrettyString: DMA Protection 2 Limit Address 50 DMAProtLimit1 uint64 `json:"seDMAProtLimit1"` 51 52 PostIBBHash cbnt.HashStructure `json:"sePostIBBHash"` 53 54 IBBEntryPoint uint32 `json:"seIBBEntry"` 55 56 DigestList cbnt.HashList `json:"seDigestList"` 57 58 OBBHash cbnt.HashStructure `json:"seOBBHash"` 59 60 Reserved2 [3]byte `require:"0" json:"seReserved2,omitempty"` 61 62 IBBSegments []IBBSegment `countType:"uint8" json:"seIBBSegments,omitempty"` 63 } 64 65 // PBETValue <TO BE DOCUMENTED> 66 type PBETValue uint8 67 68 // PBETValue returns the raw value of the timer setting. 69 func (pbet PBETValue) PBETValue() uint8 { 70 return uint8(pbet) & 0x0f 71 } 72 73 // Duration returns the value as time.Duration. 74 func (pbet PBETValue) Duration() time.Duration { 75 v := pbet.PBETValue() 76 if v == 0 { 77 return math.MaxInt64 78 } 79 return time.Second * time.Duration(5+v) 80 } 81 82 // SetDuration sets the value using standard time.Duration as the input. 83 func (pbet *PBETValue) SetDuration(duration time.Duration) time.Duration { 84 v := duration.Nanoseconds()/time.Second.Nanoseconds() - 5 85 if v <= 0 { 86 v = 1 87 } 88 if v >= 16 { 89 v = 0 90 } 91 *pbet = PBETValue(v) 92 93 return pbet.Duration() 94 } 95 96 // SEFlags <TO BE DOCUMENTED> 97 type SEFlags uint32 98 99 // Reserved0 <TO BE DOCUMENTED> 100 func (flags SEFlags) Reserved0() uint32 { 101 return uint32(flags & 0xffffffe0) 102 } 103 104 // SupportsTopSwapRemediation <TO BE DOCUMENTED> 105 // 106 // PrettyString-true: BIOS supports Top Swap remediation action 107 // PrettyString-false: BIOS does not support Top Swap remediation action 108 func (flags SEFlags) SupportsTopSwapRemediation() bool { 109 return flags&0x10 != 0 110 } 111 112 // TPMFailureLeavesHierarchiesEnabled <TO BE DOCUMENTED> 113 // 114 // PrettyString-true: Leave Hierarchies enabled. Cap all PCRs on failure. 115 // PrettyString-false: Do not leave enabled. Disable all Hierarchies or deactivate on failure. 116 func (flags SEFlags) TPMFailureLeavesHierarchiesEnabled() bool { 117 return flags&0x08 != 0 118 } 119 120 // AuthorityMeasure <TO BE DOCUMENTED> 121 // 122 // PrettyString-true: Extend Authority Measurements into the Authority PCR 7 123 // PrettyString-false: Do not extend into the Authority PCR 7 124 func (flags SEFlags) AuthorityMeasure() bool { 125 return flags&0x04 != 0 126 } 127 128 // Locality3Startup <TO BE DOCUMENTED> 129 // 130 // PrettyString-true: Issue TPM Start-up from Locality 3 131 // PrettyString-false: Disabled 132 func (flags SEFlags) Locality3Startup() bool { 133 return flags&0x02 != 0 134 } 135 136 // DMAProtection <TO BE DOCUMENTED> 137 // 138 // PrettyString-true: Enable DMA Protection 139 // PrettyString-false: Disable DMA Protection 140 func (flags SEFlags) DMAProtection() bool { 141 return flags&0x01 != 0 142 } 143 144 // IBBSegment defines a single IBB segment 145 type IBBSegment struct { 146 Reserved [2]byte `require:"0" json:"ibbSegReserved"` 147 Flags uint16 `json:"ibbSegFlags"` 148 Base uint32 `json:"ibbSegBase"` 149 Size uint32 `json:"ibbSegSize"` 150 } 151 152 // CachingType <TO BE DOCUMENTED> 153 type CachingType uint8 154 155 // <TO BE DOCUMENTED> 156 const ( 157 CachingTypeWriteProtect = CachingType(iota) 158 CachingTypeWriteBack 159 CachingTypeReserved0 160 CachingTypeReserved1 161 ) 162 163 // String implements fmt.Stringer. 164 func (c CachingType) String() string { 165 switch c { 166 case CachingTypeWriteProtect: 167 return "write_protect" 168 case CachingTypeWriteBack: 169 return "write_back" 170 case CachingTypeReserved0: 171 return "value_0x02" 172 case CachingTypeReserved1: 173 return "value_0x03" 174 } 175 return fmt.Sprintf("unexpected_value_0x%02X", uint8(c)) 176 }