summaryrefslogtreecommitdiff
path: root/src/security/tpm
diff options
context:
space:
mode:
authorPhilipp Deppenwiese <zaolin@das-labor.org>2018-07-30 01:27:47 +0200
committerPhilipp Deppenwiese <zaolin.daisuki@gmail.com>2018-07-30 15:46:11 +0000
commitf849972f65954a5ae86f381406fe77be2b09d978 (patch)
tree4222446640c86a1dc6050e0ff198be2a3a8d9a38 /src/security/tpm
parent405a0f5230fed414d6fab5791b4efac12a6c3993 (diff)
security/vboot: Enable TCPA log extension
* Implement TCPA log for tspi extend function. * Hook tcpa_log_init into vboot tpm_setup function. * Add TCPA log output for vboot GBB flags and HWID Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org> Reviewed-on: https://review.coreboot.org/27727 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Diffstat (limited to 'src/security/tpm')
-rw-r--r--src/security/tpm/tspi.h6
-rw-r--r--src/security/tpm/tspi/tspi.c16
2 files changed, 16 insertions, 6 deletions
diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h
index 01b2984599..43254c13d1 100644
--- a/src/security/tpm/tspi.h
+++ b/src/security/tpm/tspi.h
@@ -35,10 +35,12 @@ int tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
* Ask vboot for a digest and extend a TPM PCR with it.
* @param pcr sets the pcr index
* @param digest sets the hash to extend into the tpm
- * @param out_digest get extended hash
+ * @param digest_len the length of the digest
+ * @param name sets additional info where the digest comes from
* @return TPM_SUCCESS on success. If not a tpm error is returned
*/
-uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, uint8_t *out_digest);
+uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, size_t digest_len,
+ const char *name);
/**
* Issue a TPM_Clear and reenable/reactivate the TPM.
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 407e1fa1e0..48b6219547 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -178,13 +178,21 @@ uint32_t tpm_clear_and_reenable(void)
return TPM_SUCCESS;
}
-uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, uint8_t *out_digest)
+uint32_t tpm_extend_pcr(int pcr, uint8_t *digest,
+ size_t digest_len, const char *name)
{
+ uint32_t result;
+
if (!digest)
return TPM_E_IOERROR;
- if (out_digest)
- return tlcl_extend(pcr, digest, out_digest);
+ result = tlcl_extend(pcr, digest, NULL);
+ if (result != TPM_SUCCESS)
+ return result;
+
+ result = tcpa_log_add_table_entry(name, pcr, digest, digest_len);
+ if (result != 0)
+ printk(BIOS_ERR, "ERROR: Couldn't create TCPA log entry\n");
- return tlcl_extend(pcr, digest, NULL);
+ return 0;
}