api

package
v1.0.0 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jul 29, 2019 License: BSD-3-Clause Imports: 18 Imported by: 2

Documentation

Index

Constants

View Source 
const (
	ACMChipsetTypeBios       uint8  = 0x00
	ACMChipsetTypeSinit      uint8  = 0x01
	ACMChipsetTypeBiosRevoc  uint8  = 0x08
	ACMChipsetTypeSinitRevoc uint8  = 0x09
	ACMTypeChipset           uint16 = 0x02
	ACMSubTypeReset          uint16 = 0x01
	ACMVendorIntel           uint32 = 0x8086
	TPMExtPolicyIllegal      uint8  = 0x00
	TPMExtPolicyAlgAgile     uint8  = 0x01
	TPMExtPolicyEmbeddedAlgs uint8  = 0x10
	TPMExtPolicyBoth         uint8  = 0x11
	TPMFamilyIllegal         uint16 = 0x0000
	TPMFamilyDTPM12          uint16 = 0x0001
	TPMFamilyDTPM20          uint16 = 0x0010
	TPMFamilyDTPMBoth        uint16 = 0x0011
	TPMFamilyPTT20           uint16 = 0x1000
	ACMUUIDV3                string = "7fc03aaa-46a7-18db-ac2e-698f8d417f5a"
	ACMSizeOffset            int64  = 24
	TPMAlgoSHA1              uint16 = 0x0004
	TPMAlgoSHA256            uint16 = 0x000b
	TPMAlgoSHA384            uint16 = 0x000c
	TPMAlgoSHA512            uint16 = 0x000d
	TPMAlgoNULL              uint16 = 0x0010
	TPMAlgoSM3_256           uint16 = 0x0012
	TPMAlgoRSASSA            uint16 = 0x0014
	TPMAlgoECDSA             uint16 = 0x0018
	TPMAlgoSM2               uint16 = 0x001B
)
View Source 
const (
	LCPMaxLists              uint   = 8
	SHA1DigestSize           uint   = 20
	SHA256DigestSize         uint   = 32
	SHA384DigestSize         uint   = 48
	SHA512DigestSize         uint   = 64
	SM3DigestSize            uint   = 32
	LCPDataFileSignature     string = "Intel(R) TXT LCP_POLICY_DATA\x00\x00\x00\x00"
	LCPSignatureAlgNone      uint8  = 0
	LCPSignatureAlgRSAPKCS15 uint8  = 1
	LCPPolicyElementMLE      uint32 = 0
	LCPPolicyElementPCONF    uint32 = 1
	LCPPolicyElementSBIOS    uint32 = 2
	LCPPolicyElementCustom   uint32 = 3
	LCPPolicyElementMLE2     uint32 = 0x10
	LCPPolicyElementPCONF2   uint32 = 0x11
	LCPPolicyElementSBIOS2   uint32 = 0x12
	LCPPolicyElementSTM2     uint32 = 0x14
	LCPPolHAlgSHA1           uint8  = 0
)
View Source 
const (
	FourGiB uint64 = 0x100000000
)

Variables

This section is empty.

Functions

func AddressRangesIsDMAProtected 

func AddressRangesIsDMAProtected(first, end uint64) (bool, error)

func AllowsVMXInSMX 

func AllowsVMXInSMX() (bool, error)

func ArchitectureTXTSupport 

func ArchitectureTXTSupport() (bool, error)

ArchitectureTXTSupport

func CPUSignature 

func CPUSignature() uint32

func GetFitPointer 

func GetFitPointer(data []byte) (uint64, error)

getFitPointer returns the ROM-Address of FitPointer

func HasMTRR 

func HasMTRR() bool

func HasSMRR 

func HasSMRR() (bool, error)

func HasSMX 

func HasSMX() bool

func HasVMX 

func HasVMX() bool

func IA32FeatureControlIsLocked 

func IA32FeatureControlIsLocked() (bool, error)

func IA32PlatformID 

func IA32PlatformID() (uint64, error)

func IsReservedInE810 

func IsReservedInE810(start uint64, end uint64) (bool, error)

Reads the e820 table exported via /sys/firmware/memmap and checks whether the range [start; end] is marked as reserved. Returns true if it is reserved, false if not.

func LookupIOAddress 

func LookupIOAddress(addr uint64, regs VTdRegisters) ([]uint64, error)

func LookupSize 

func LookupSize(header []byte) (int64, error)

func NVReadAll 

func NVReadAll(conn io.ReadWriteCloser, index uint32) []byte

func ParseACM 

func ParseACM(data []byte) (*ACM, *Chipsets, *Processors, *TPMs, error)

ParseACM

func ProcessorBrandName 

func ProcessorBrandName() string

func ReadPhys 

func ReadPhys(addr int64, data UintN) error

Read reads data from physical memory at address addr. On x86 platforms, this uses the seek+read syscalls. On arm platforms, this uses mmap.

func ReadPhysBuf 

func ReadPhysBuf(addr int64, buf []byte) error

func TXTLeavesAreEnabled 

func TXTLeavesAreEnabled() (bool, error)

func VersionString 

func VersionString() string

func WritePhys 

func WritePhys(addr int64, data UintN) error

Write writes data to physical memory at address addr. On x86 platforms, this uses the seek+read syscalls. On arm platforms, this uses mmap.

Types

type ACM 

type ACM struct {
	ModuleType      uint16
	ModuleSubType   uint16
	HeaderLen       uint32
	HeaderVersion   uint32
	ChipsetID       uint16
	Flags           uint16
	ModuleVendor    uint32
	Date            uint32
	Size            uint32
	TxtSVN          uint16
	SeSVN           uint16
	CodeControl     uint32
	ErrorEntryPoint uint32
	GDTLimit        uint32
	GDTBase         uint32
	SegSel          uint32
	EntryPoint      uint32
	Reserved2       [64]uint8
	KeySize         uint32
	ScratchSize     uint32
	PubKey          [256]uint8
	PubExp          uint32
	Signatur        [256]uint8
	Scratch         [143]uint32
	Info            ACMInfo
}

func (*ACM) PrettyPrint 

func (a *ACM) PrettyPrint()

type ACMInfo 

type ACMInfo struct {
	Uuid                UUID
	ChipsetACMType      uint8
	Version             uint8
	Length              uint16
	ChipsetIDList       uint32
	OSSinitDataVersion  uint32
	MinMleHeaderVersion uint32
	TxtCaps             uint32
	ACMVersion          uint8
	Reserved            [3]uint8
	ProcessorIDList     uint32
	TPMInfoList         uint32
}

type ACMStatus 

type ACMStatus struct {
	Valid          bool
	MinorErrorCode uint16
	ACMStarted     bool
	MajorErrorCode uint8
	ClassCode      uint8
	ModuleType     uint8
}

func ReadACMStatus 

func ReadACMStatus() (ACMStatus, error)

type ChipsetID 

type ChipsetID struct {
	Flags      uint32
	VendorID   uint16
	DeviceID   uint16
	RevisionID uint16
	Reserved   uint16
	ExtendedID uint16
}

type Chipsets 

type Chipsets struct {
	Count  uint32
	IDList []ChipsetID
}

func (*Chipsets) PrettyPrint 

func (c *Chipsets) PrettyPrint()

type DMAProtectedRange 

type DMAProtectedRange struct {
	Lock bool
	// Reserved 1-3
	Size uint8
	// Reserved 12-19
	Top uint16
}

type FitEntry 

type FitEntry struct {
	Address  uint64
	OrigSize [3]uint8

	Version  uint16
	CVType   uint8
	CheckSum uint8
	// contains filtered or unexported fields
}

FitEntry defines the structure of FitEntries in the Firmware Interface Table

func ExtractFit 

func ExtractFit(data []byte) ([]FitEntry, error)

ExtractFit Gets the bios file blob and extracts the FIT-Part

func GetFitHeader 

func GetFitHeader(data []byte) (FitEntry, error)

func (*FitEntry) CheckSumValid 

func (fit *FitEntry) CheckSumValid() bool

func (*FitEntry) FancyPrint 

func (fit *FitEntry) FancyPrint()

FancyPrint does fancy things

func (*FitEntry) Size 

func (entry *FitEntry) Size() uint32

func (*FitEntry) Type 

func (fit *FitEntry) Type() FitEntryType

type FitEntryType 

type FitEntryType uint16
const (
	FitHeader           FitEntryType = 0x00
	MCUpdate            FitEntryType = 0x01
	StartUpACMod        FitEntryType = 0x02
	BIOSStartUpMod      FitEntryType = 0x07
	TPMPolicyRec        FitEntryType = 0x08
	BIOSPolicyRec       FitEntryType = 0x09
	TXTPolicyRec        FitEntryType = 0x0A
	KeyManifestRec      FitEntryType = 0x0B
	BootPolicyManifest  FitEntryType = 0x0C
	CSESecBoot          FitEntryType = 0x10
	FeaturePolicyDelRec FitEntryType = 0x2D
	JumpDebugPol        FitEntryType = 0x2F
	UnusedEntry         FitEntryType = 0x7F
)

FitEntryTypes for distiction of Entries

type LCPHash 

type LCPHash struct {
	// contains filtered or unexported fields
}

func (*LCPHash) PrettyPrint 

func (p *LCPHash) PrettyPrint() string

type LCPList 

type LCPList struct {
	TPM12PolicyList LCPPolicyList
}

type LCPPolicy 

type LCPPolicy struct {
	Version                uint16 // < 0x0300
	HashAlg                uint8
	PolicyType             uint8
	SINITMinVersion        uint8
	Reserved1              uint8
	DataRevocationCounters [LCPMaxLists]uint16
	PolicyControl          uint32
	MaxSINITMinVersion     uint8 // v2.0
	MaxBIOSACMinVersion    uint8 // v2.0
	Reserved2              uint16
	Reserved3              uint32
	PolicyHash             [20]byte
}

func ParsePolicy 

func ParsePolicy(policy []byte) (*LCPPolicy, error)

func (*LCPPolicy) PrettyPrint 

func (p *LCPPolicy) PrettyPrint()

type LCPPolicyCustom 

type LCPPolicyCustom struct {
	UUID LCPUUID
	Data []byte
}

type LCPPolicyData 

type LCPPolicyData struct {
	FileSignature [32]uint8
	Reserved      [3]uint8
	NumLists      uint8
	PolicyLists   []LCPList
}

func ParsePolicyData 

func ParsePolicyData(policyData []byte) (*LCPPolicyData, error)

func (*LCPPolicyData) PrettyPrint 

func (pd *LCPPolicyData) PrettyPrint()

type LCPPolicyElement 

type LCPPolicyElement struct {
	Size             uint32
	Type             uint32
	PolicyEltControl uint32
	MLE              *LCPPolicyMLE
	SBIOS            *LCPPolicySBIOS
	PCONF            *LCPPolicyPCONF
	Custom           *LCPPolicyCustom
}

type LCPPolicyList 

type LCPPolicyList struct {
	Version           uint16
	Reserved          uint8
	SignaturAlg       uint8
	PolicyElementSize uint32
	PolicyElements    []LCPPolicyElement
	Signature         *LCPSignature
}

type LCPPolicyList2 

type LCPPolicyList2 struct {
	Version           uint16
	SignaturAlg       uint16
	PolicyElementSize uint32
	PolicyElements    []LCPPolicyElement
}

type LCPPolicyMLE 

type LCPPolicyMLE struct {
	SINITMinVersion uint8
	HashAlg         uint8
	NumHashes       uint16
	Hashes          [][20]byte
}

type LCPPolicyPCONF 

type LCPPolicyPCONF struct {
	NumPCRInfos uint16
	PCRInfos    []TPMPCRInfoShort
}

type LCPPolicySBIOS 

type LCPPolicySBIOS struct {
	HashAlg      uint8
	Reserved1    [3]uint8
	FallbackHash LCPHash
	Reserved2    uint16
	NumHashes    uint16
	Hashes       []LCPHash
}

type LCPSignature 

type LCPSignature struct {
	RevocationCounter uint16
	PubkeySize        uint16
	PubkeyValue       []byte
	SigBlock          []byte
}

type LCPUUID 

type LCPUUID struct {
	// contains filtered or unexported fields
}

type ProcessorID 

type ProcessorID struct {
	FMS          uint32
	FMSMask      uint32
	PlatformID   uint64
	PlatformMask uint64
}

type Processors 

type Processors struct {
	Count  uint32
	IDList []ProcessorID
}

func (*Processors) PrettyPrint 

func (p *Processors) PrettyPrint()

type SMRR 

type SMRR struct {
	Active   bool
	PhysBase uint64
	PhysMask uint64
}

MTRR for the SMM code.

func GetSMRRInfo 

func GetSMRRInfo() (SMRR, error)

Returns SMRR config of the platform

type TPMPCRInfoShort 

type TPMPCRInfoShort struct {
	// TPM_PCR_SELECTION
	PCRSelect []int
	// TPM_LOCALITY_SELECTION
	LocalityAtRelease uint8
	// TPM_COMPOSITE_HASH
	DigestAtRelease [20]byte
}

type TPMs 

type TPMs struct {
	Capabilities uint32
	Count        uint16
	AlgID        []uint16
}

func (*TPMs) PrettyPrint 

func (t *TPMs) PrettyPrint()

type TXTBiosData 

type TXTBiosData struct {
	Version       uint32
	BiosSinitSize uint32
	Reserved1     uint64
	Reserved2     uint64
	NumLogProcs   uint32
	SinitFlags    *uint32
	MleFlags      *TXTBiosMLEFlags
}

func ParseBIOSDataRegion 

func ParseBIOSDataRegion(heap []byte) (TXTBiosData, error)

type TXTBiosMLEFlags 

type TXTBiosMLEFlags struct {
	SupportsACPIPPI bool
	IsLegacyState   bool
	IsServerState   bool
	IsClientState   bool
}

type TXTErrorCode 

type TXTErrorCode struct {
	ModuleType        uint8 // 0: BIOS ACM, 1: Intel TXT
	ClassCode         uint8
	MajorErrorCode    uint8
	SoftwareSource    bool // 0: ACM, 1: MLE
	MinorErrorCode    uint16
	Type1Reserved     uint8
	ProcessorSoftware bool
	ValidInvalid      bool
}

type TXTRegisterSpace 

type TXTRegisterSpace struct {
	Sts          TXTStatus    // TXT.STS (0x0)
	TxtReset     bool         // TXT.ESTS (0x8)
	ErrorCode    TXTErrorCode // TXT.ERRORCODE
	ErrorCodeRaw uint32
	AcmStatus    uint64            // TXT.ACMSTATUS
	FsbIf        uint32            // TXT.VER.FSBIF
	Vid          uint16            // TXT.DIDVID.VID
	Did          uint16            // TXT.DIDVID.DID
	Rid          uint16            // TXT.DIDVID.RID
	IdExt        uint16            // TXT.DIDVID.ID-EXT
	QpiIf        uint32            // TXT.VER.QPIIF
	SinitBase    uint32            // TXT.SINIT.BASE
	SinitSize    uint32            // TXT.SINIT.SIZE
	MleJoin      uint32            // TXT.MLE.JOIN
	HeapBase     uint32            // TXT.HEAP.BASE
	HeapSize     uint32            // TXT.HEAP.SIZE
	Dpr          DMAProtectedRange // TXT.DPR
	PublicKey    [4]uint64         // TXT.PUBLIC.KEY
	E2Sts        uint64            // TXT.E2STS
}

func ReadTXTRegs 

func ReadTXTRegs() (TXTRegisterSpace, error)

type TXTStatus 

type TXTStatus struct {
	SenterDone bool // SENTER.DONE.STS (0)
	SexitDone  bool // SEXIT.DONE.STS (1)
	// Reserved (2-5)
	MemConfigLock bool // MEM-CONFIG-LOCK (6)
	PrivateOpen   bool // PRIVATE-OPEN.STS (7)
	// Reserved (8-14)
	Locality1Open bool // TXT.LOCALITY1.OPEN.STS (15)
	Locality2Open bool // TXT.LOCALITY1.OPEN.STS (16)

}

type UUID 

type UUID struct {
	Field1 uint32
	Field2 uint16
	Field3 uint16
	Field4 uint16
	Field5 [6]uint8
}

type Uint16 

type Uint16 uint16

Uint16 is a wrapper around uint16.

func (*Uint16) Size 

func (u *Uint16) Size() int64

Size of uint16 is 2.

func (*Uint16) String 

func (u *Uint16) String() string

String formats a uint16 in hex.

type Uint32 

type Uint32 uint32

Uint32 is a wrapper around uint32.

func (*Uint32) Size 

func (u *Uint32) Size() int64

Size of uint32 is 4.

func (*Uint32) String 

func (u *Uint32) String() string

String formats a uint32 in hex.

type Uint64 

type Uint64 uint64

Uint64 is a wrapper around uint64.

func (*Uint64) Size 

func (u *Uint64) Size() int64

Size of uint64 is 8.

func (*Uint64) String 

func (u *Uint64) String() string

String formats a uint64 in hex.

type Uint8 

type Uint8 uint8

Uint8 is a wrapper around uint8.

func (*Uint8) Size 

func (u *Uint8) Size() int64

Size of uint8 is 1.

func (*Uint8) String 

func (u *Uint8) String() string

String formats a uint8 in hex.

type UintN 

type UintN interface {
	// Return size in bytes.
	Size() int64

	// Return string formatted in hex.
	String() string
	// contains filtered or unexported methods
}

UintN is a wrapper around uint types and provides a few io-related functions.

type VTdRegisters 

type VTdRegisters struct {
	Version                                 uint32 // Architecture version supported by the implementation.
	Reserved1                               uint32 // Reserved
	Capabilities                            uint64 // Hardware reporting of capabilities.
	ExtendedCapabilities                    uint64 // Hardware reporting of extended capabilities.
	GlobalCommand                           uint32 // Register controlling general functions.
	GlobalStatus                            uint32 // Register reporting general status.
	RootTableAddress                        uint64 // Register to set up location of root table.
	ContextCommand                          uint64 // Register to manage context-entry cache.
	Reserved2                               uint32 // Reserved
	FaultStatus                             uint32 // Register to report Fault/Error status
	FaultEventControl                       uint32 // Interrupt control register for fault events.
	FaultEventData                          uint32 // Interrupt message data register for fault events.
	FaultEventAddress                       uint32 // Interrupt message address register for fault event messages.
	FaultEventUpperAddress                  uint32 // Interrupt message upper address register for fault event messages.
	Reserved3                               uint64 // Reserved
	Reserved4                               uint64 // Reserved
	AdvancedFaultLog                        uint64 // Register to configure and manage advanced fault logging.
	Reserved5                               uint32 // Reserved
	ProtectedMemoryEnable                   uint32 // Register to enable DMA-protected memory region(s).
	ProtectedLowMemoryBase                  uint32 // Register pointing to base of DMA-protected low memory region.
	ProtectedLowMemoryLimit                 uint32 // Register pointing to last address (limit) of the DMA-protected low memory region.
	ProtectedHighMemoryBase                 uint64 // Register pointing to base of DMA-protected high memory region.
	ProtectedHighMemoryLimit                uint64 // Register pointing to last address (limit) of the DMA-protected high memory region.
	InvalidationQueueHead                   uint64 // Offset to the invalidation queue entry that will be read next by hardware.
	InvalidationQueueTail                   uint64 // Offset to the invalidation queue entry that will be written next by software.
	InvalidationQueueAddress                uint64 // Base address of memory-resident invalidation queue.
	Reserved6                               uint32 // Reserved
	InvalidationCompletionStatus            uint32 // Register to indicate the completion of an Invalidation Wait Descriptor with IF=1.
	InvalidationCompletionEventControl      uint32 // Register to control Invalidation Queue Events
	InvalidationCompletionEventData         uint32 // Invalidation Queue Event message data register for Invalidation Queue events.
	InvalidationCompletionEventAddress      uint32 // Invalidation Queue Event message address register for Invalidation Queue events.
	InvalidationCompletionEventUpperAddress uint32 // Invalidation Queue Event message upper address register for Invalidation Queue events.
	Reserved7                               uint64 // Reserved.
	InterruptRemappingTableAddress          uint64 // Register indicating Base Address of Interrupt Remapping Table.
	PageRequestQueueHead                    uint64 // Offset to the page request queue entry that will be processed next by software.
	PageRequestQueueTail                    uint64 // Offset to the page request queue entry that will be written next by hardware.
	PageRequestQueueAddress                 uint64 // Base address of memory-resident page request queue.
	Reserved8                               uint32 // Reserved
	PageRequestStatus                       uint32 // Register to indicate one or more pending page requests in page request queue.
	PageRequestEventControl                 uint32 // Register to control page request events.
	PageRequestEventData                    uint32 // Page request event message data register.
	PageRequestEventAddress                 uint32 // Page request event message address register
	PageRequestEventUpperAddress            uint32 // Page request event message upper address register.
	MTRRCapability                          uint64 // Register for MTRR capability reporting.
	MTRRDefaultType                         uint64 // Register to configure MTRR default type.
	FixedRangeMTRR64K_00000                 uint64 // Fixed-range memory type range register for 64K range starting at 00000h.
	FixedRangeMTRR16K_80000                 uint64 // Fixed-range memory type range register for 16K range starting at 80000h.
	FixedRangeMTRR16K_A0000                 uint64 // Fixed-range memory type range register for 16K range starting at A0000h.
	FixedRangeMTRR4K_C0000                  uint64 // Fixed-range memory type range register for 4K range starting at C0000h.
	FixedRangeMTRR4K_C8000                  uint64 // Fixed-range memory type range register for 4K range starting at C8000h.
	FixedRangeMTRR4K_D0000                  uint64 // Fixed-range memory type range register for 4K range starting at D0000h.
	FixedRangeMTRR4K_D8000                  uint64 // Fixed-range memory type range register for 4K range starting at D8000h.
	FixedRangeMTRR4K_E0000                  uint64 // Fixed-range memory type range register for 4K range starting at E0000h.
	FixedRangeMTRR4K_E8000                  uint64 // Fixed-range memory type range register for 4K range starting at E8000h.
	FixedRangeMTRR4K_F0000                  uint64 // Fixed-range memory type range register for 4K range starting at F0000h.
	FixedRangeMTRR4K_F8000                  uint64 // Fixed-range memory type range register for 4K range starting at F8000h.
	VariableRangeMTRRBase0                  uint64 // Variable-range memory type range0 base register.
	VariableRangeMTRRMask0                  uint64 // Variable-range memory type range0 mask register.
	VariableRangeMTRRBase1                  uint64 // Variable-range memory type range1 base register.
	VariableRangeMTRRMask1                  uint64 // Variable-range memory type range1 mask register.
	VariableRangeMTRRBase2                  uint64 // Variable-range memory type range2 base register.
	VariableRangeMTRRMask2                  uint64 // Variable-range memory type range2 mask register.
	VariableRangeMTRRBase3                  uint64 // Variable-range memory type range3 base register.
	VariableRangeMTRRMask3                  uint64 // Variable-range memory type range3 mask register.
	VariableRangeMTRRBase4                  uint64 // Variable-range memory type range4 base register.
	VariableRangeMTRRMask4                  uint64 // Variable-range memory type range4 mask register.
	VariableRangeMTRRBase5                  uint64 // Variable-range memory type range5 base register.
	VariableRangeMTRRMask5                  uint64 // Variable-range memory type range5 mask register.
	VariableRangeMTRRBase6                  uint64 // Variable-range memory type range6 base register.
	VariableRangeMTRRMask6                  uint64 // Variable-range memory type range6 mask register.
	VariableRangeMTRRBase7                  uint64 // Variable-range memory type range7 base register.
	VariableRangeMTRRMask7                  uint64 // Variable-range memory type range7 mask register.
	VariableRangeMTRRBase8                  uint64 // Variable-range memory type range8 base register.
	VariableRangeMTRRMask8                  uint64 // Variable-range memory type range8 mask register.
	VariableRangeMTRRBase9                  uint64 // Variable-range memory type range9 base register.
	VariableRangeMTRRMask9                  uint64 // Variable-range memory type range9 mask register.
	VirtualCommandCapability                uint64 // Hardware reporting of commands supported by virtual-DMA Remapping hardware.
	Reserved10                              uint64 // Reserved for future expansion of Virtual Command Capability Register.
	VirtualCommand                          uint64 // Register to submit commands to virtual DMA Remapping hardware.
	Reserved11                              uint64 // Reserved for future expansion of Virtual Command Register.
	VirtualCommandResponse                  uint64 // Register to receive responses from virtual DMA Remapping hardware.
	Reserved12                              uint64 // Reserved for future expansion of Virtual Command Response Register.
}

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.