diff options
author | Philipp Deppenwiese <zaolin@das-labor.org> | 2018-07-30 01:27:47 +0200 |
---|---|---|
committer | Philipp Deppenwiese <zaolin.daisuki@gmail.com> | 2018-07-30 15:46:11 +0000 |
commit | f849972f65954a5ae86f381406fe77be2b09d978 (patch) | |
tree | 4222446640c86a1dc6050e0ff198be2a3a8d9a38 /src/security/tpm | |
parent | 405a0f5230fed414d6fab5791b4efac12a6c3993 (diff) |
security/vboot: Enable TCPA log extension
* Implement TCPA log for tspi extend function.
* Hook tcpa_log_init into vboot tpm_setup function.
* Add TCPA log output for vboot GBB flags and HWID
Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/27727
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
Diffstat (limited to 'src/security/tpm')
-rw-r--r-- | src/security/tpm/tspi.h | 6 | ||||
-rw-r--r-- | src/security/tpm/tspi/tspi.c | 16 |
2 files changed, 16 insertions, 6 deletions
diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h index 01b2984599..43254c13d1 100644 --- a/src/security/tpm/tspi.h +++ b/src/security/tpm/tspi.h @@ -35,10 +35,12 @@ int tcpa_log_add_table_entry(const char *name, const uint32_t pcr, * Ask vboot for a digest and extend a TPM PCR with it. * @param pcr sets the pcr index * @param digest sets the hash to extend into the tpm - * @param out_digest get extended hash + * @param digest_len the length of the digest + * @param name sets additional info where the digest comes from * @return TPM_SUCCESS on success. If not a tpm error is returned */ -uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, uint8_t *out_digest); +uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, size_t digest_len, + const char *name); /** * Issue a TPM_Clear and reenable/reactivate the TPM. diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 407e1fa1e0..48b6219547 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -178,13 +178,21 @@ uint32_t tpm_clear_and_reenable(void) return TPM_SUCCESS; } -uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, uint8_t *out_digest) +uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, + size_t digest_len, const char *name) { + uint32_t result; + if (!digest) return TPM_E_IOERROR; - if (out_digest) - return tlcl_extend(pcr, digest, out_digest); + result = tlcl_extend(pcr, digest, NULL); + if (result != TPM_SUCCESS) + return result; + + result = tcpa_log_add_table_entry(name, pcr, digest, digest_len); + if (result != 0) + printk(BIOS_ERR, "ERROR: Couldn't create TCPA log entry\n"); - return tlcl_extend(pcr, digest, NULL); + return 0; } |