TCG EFI Protocol Specification
The purpose of this document is to define a standard interface to the TPM on an UEFI platform. It defines data structures and APIs that allow an OS to interact with UEFI firmware to query information important in an early OS boot stage. Such information include: is a TPM present, which PCR banks are active, change active PCR banks, obtain the TCG boot log, extend hashes to PCRs, and append events to the TCG boot log.
The latest revision of this specification is written with platforms with TPM 2.0 devices in mind, but nothing in this specification prevents the use with platforms with TPM 1.2 devices.
TCG EFI Protocol and Platform Specification Version 1.22 for TPM 1.2 FAQ
January 2014
Why was this update needed?
These specifications were last updated in 2006. Since then, a number of errata and issues were identified and several new measurements were requested. There was confusion due to overlaps and inconsistencies between the EFI and Conventional Bios specifications.
What changed in the TCG EFI Protocol Spec?
- Incorrect return codes were fixed
- Unnecessary typedefs were removed
- Numerous typos and formatting issues were corrected
What changed in the TCG EFI Platform Spec?
- Duplications between the Conventional Bios Spec and the EFI Platform Specification were removed and the EFI Platform Specifications dependence on the Conventional Bios Specification was clarified.
- Several measurements were moved to different PCR’s to be consistent with the Conventional Bios Specification. The GPT measurement is now optional.
- Support for UEFI Secure Boot policy measurements was added.
- Optional support for NIST Special Publication 800-155 was added.
- An EFI SpecID event, based on the Conventional Bios SpecID event was added to indicate if this update is being supported.
- Numerous typos and formatting issues were corrected.