summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/security/tpm/Kconfig2
-rw-r--r--src/security/tpm/tspi/crtm.c9
2 files changed, 6 insertions, 5 deletions
diff --git a/src/security/tpm/Kconfig b/src/security/tpm/Kconfig
index 6741614bb0..b6a7781d9a 100644
--- a/src/security/tpm/Kconfig
+++ b/src/security/tpm/Kconfig
@@ -112,6 +112,6 @@ config TPM_MEASURED_BOOT_RUNTIME_DATA
depends on TPM_MEASURED_BOOT
help
Runtime data whitelist of cbfs filenames. Needs to be a
- comma separated list
+ space delimited list
endmenu # Trusted Platform Module (tpm)
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index 8bcc01bcbb..49daeb009b 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -88,17 +88,18 @@ static bool is_runtime_data(const char *name)
const char *whitelist = CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA;
size_t whitelist_len = sizeof(CONFIG_TPM_MEASURED_BOOT_RUNTIME_DATA) - 1;
size_t name_len = strlen(name);
- int i;
+ const char *end;
if (!whitelist_len || !name_len)
return false;
- for (i = 0; (i + name_len) <= whitelist_len; i++) {
- if (!strcmp(whitelist + i, name))
+ while ((end = strchr(whitelist, ' '))) {
+ if (end - whitelist == name_len && !strncmp(whitelist, name, name_len))
return true;
+ whitelist = end + 1;
}
- return false;
+ return !strcmp(whitelist, name);
}
uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name)