From 66f9a09916368bfab09da42ef0beed84a4bb7206 Mon Sep 17 00:00:00 2001 From: Philipp Deppenwiese Date: Thu, 8 Nov 2018 10:59:40 +0100 Subject: security/vboot: Add measured boot mode * Introduce a measured boot mode into vboot. * Add hook for stage measurements in prog_loader and cbfs. * Implement and hook-up CRTM in vboot and check for suspend. Change-Id: I339a2f1051e44f36aba9f99828f130592a09355e Signed-off-by: Philipp Deppenwiese Signed-off-by: Werner Zeh Reviewed-on: https://review.coreboot.org/c/29547 Tested-by: build bot (Jenkins) --- src/security/tpm/tspi/tspi.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'src/security/tpm/tspi') diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c index 285f18dde2..b8ebf7b809 100644 --- a/src/security/tpm/tspi/tspi.c +++ b/src/security/tpm/tspi/tspi.c @@ -90,7 +90,6 @@ static uint32_t tpm_setup_s3_helper(void) default: printk(BIOS_ERR, "TPM: Resume failed (%#x).\n", result); break; - } return result; @@ -215,8 +214,6 @@ uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, if (result != TPM_SUCCESS) return result; - tcpa_log_add_table_entry(name, pcr, digest, digest_len); - return TPM_SUCCESS; } @@ -240,7 +237,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, } if (IS_ENABLED(CONFIG_TPM1)) hash_alg = VB2_HASH_SHA1; - else /* CONFIG_TPM2 */ + else /* CONFIG_TPM2 */ hash_alg = VB2_HASH_SHA256; digest_len = vb2_digest_size(hash_alg); @@ -258,7 +255,7 @@ uint32_t tpm_measure_region(const struct region_device *rdev, uint8_t pcr, len = MIN(sizeof(buf), region_device_sz(rdev) - offset); if (rdev_readat(rdev, buf, offset, len) < 0) { printk(BIOS_ERR, "TPM: Not able to read region %s.\n", - rname); + rname); return TPM_E_READ_FAILURE; } if (vb2_digest_extend(&ctx, buf, len)) { -- cgit v1.2.3