diff options
author | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2018-11-10 00:35:02 +0100 |
---|---|---|
committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2019-03-07 12:47:01 +0000 |
commit | c9b7d1fb57787d7037a5bce031a1300d13f5df40 (patch) | |
tree | 57788b70b069229693dae5727cb8acc54eee3c14 /src/security/tpm/tspi/tspi.c | |
parent | 7a732b4781e7b83abda3230055d7110e1db730f3 (diff) |
security/tpm: Fix TCPA log feature
Until now the TCPA log wasn't working correctly.
* Refactor TCPA log code.
* Add TCPA log dump fucntion.
* Make TCPA log available in bootblock.
* Fix TCPA log formatting.
* Add x86 and Cavium memory for early log.
Change-Id: Ic93133531b84318f48940d34bded48cbae739c44
Signed-off-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com>
Reviewed-on: https://review.coreboot.org/c/coreboot/+/29563
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Diffstat (limited to 'src/security/tpm/tspi/tspi.c')
-rw-r--r-- | src/security/tpm/tspi/tspi.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index b8ebf7b809..f1b72fbff3 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -202,8 +202,8 @@ uint32_t tpm_clear_and_reenable(void) return TPM_SUCCESS; } -uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, - size_t digest_len, const char *name) +uint32_t tpm_extend_pcr(int pcr, enum vb2_hash_algorithm digest_algo, + uint8_t *digest, size_t digest_len, const char *name) { uint32_t result; @@ -214,6 +214,10 @@ uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, if (result != TPM_SUCCESS) return result; + if (IS_ENABLED(CONFIG_VBOOT_MEASURED_BOOT)) + tcpa_log_add_table_entry(name, pcr, digest_algo, + digest, digest_len); + return TPM_SUCCESS; } @@ -235,10 +239,11 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, printk(BIOS_ERR, "TPM: Can't initialize library.\n"); return result; } - if (IS_ENABLED(CONFIG_TPM1)) + if (IS_ENABLED(CONFIG_TPM1)) { hash_alg = VB2_HASH_SHA1; - else /* CONFIG_TPM2 */ + } else { /* CONFIG_TPM2 */ hash_alg = VB2_HASH_SHA256; + } digest_len = vb2_digest_size(hash_alg); assert(digest_len <= sizeof(digest)); @@ -267,7 +272,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, printk(BIOS_ERR, "TPM: Error finalizing hash.\n"); return TPM_E_HASH_ERROR; } - result = tpm_extend_pcr(pcr, digest, digest_len, rname); + result = tpm_extend_pcr(pcr, hash_alg, digest, digest_len, rname); if (result != TPM_SUCCESS) { printk(BIOS_ERR, "TPM: Extending hash into PCR failed.\n"); return result; |