aboutsummaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
Diffstat (limited to 'src/security')
-rw-r--r--src/security/tpm/tspi/crtm.c12
-rw-r--r--src/security/tpm/tspi/crtm.h8
2 files changed, 8 insertions, 12 deletions
diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c
index eb0744209c..80483d575e 100644
--- a/src/security/tpm/tspi/crtm.c
+++ b/src/security/tpm/tspi/crtm.c
@@ -102,11 +102,10 @@ static bool is_runtime_data(const char *name)
return !strcmp(allowlist, name);
}
-uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name)
+uint32_t tspi_measure_cbfs_hook(const struct region_device *rdev, const char *name,
+ uint32_t cbfs_type)
{
uint32_t pcr_index;
- uint32_t cbfs_type;
- struct region_device rdev;
char tcpa_metadata[TCPA_PCR_HASH_NAME];
if (!tcpa_log_available()) {
@@ -118,9 +117,6 @@ uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name)
printk(BIOS_DEBUG, "CRTM initialized.\n");
}
- cbfsf_file_type(fh, &cbfs_type);
- cbfs_file_data(&rdev, fh);
-
switch (cbfs_type) {
case CBFS_TYPE_MRC_CACHE:
pcr_index = TPM_RUNTIME_DATA_PCR;
@@ -143,10 +139,10 @@ uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name)
break;
}
- if (create_tcpa_metadata(&rdev, name, tcpa_metadata) < 0)
+ if (create_tcpa_metadata(rdev, name, tcpa_metadata) < 0)
return VB2_ERROR_UNKNOWN;
- return tpm_measure_region(&rdev, pcr_index, tcpa_metadata);
+ return tpm_measure_region(rdev, pcr_index, tcpa_metadata);
}
int tspi_measure_cache_to_pcr(void)
diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h
index 1b29854efb..f3678ef033 100644
--- a/src/security/tpm/tspi/crtm.h
+++ b/src/security/tpm/tspi/crtm.h
@@ -41,13 +41,13 @@ int tspi_measure_cache_to_pcr(void);
#if !ENV_SMM && CONFIG(TPM_MEASURED_BOOT)
/*
* Measures cbfs data via hook (cbfs)
- * fh is the cbfs file handle to measure
+ * rdev covers the file data (not metadata)
* return 0 if successful, else an error
*/
-uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name);
-
+uint32_t tspi_measure_cbfs_hook(const struct region_device *rdev,
+ const char *name, uint32_t cbfs_type);
#else
-#define tspi_measure_cbfs_hook(fh, name) 0
+#define tspi_measure_cbfs_hook(rdev, name, cbfs_type) 0
#endif
#endif /* __SECURITY_TSPI_CRTM_H__ */
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-02 18:33:52 +0000