From 0d9072b1a196627755164288a9f334ef844628f5 Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Thu, 5 Mar 2020 12:51:08 -0800 Subject: cbfs: Move more stuff into cbfs_boot_lookup() cbfs_boot_locate() is supposed to be deprecated eventually, after slowly migrating all APIs to bypass it. That means common features (like RO-fallback or measurement) need to be moved to the new cbfs_boot_lookup(). Also export the function externally. Since it is a low-level API and most code should use the higher-level loading or mapping functions instead, put it into a new to raise the mental barrier for using this API (this will make more sense once cbfs_boot_locate() is removed from ). Signed-off-by: Julius Werner Change-Id: I4bc9b7cbc42a4211d806a3e3389abab7f589a25a Reviewed-on: https://review.coreboot.org/c/coreboot/+/39327 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin --- src/security/tpm/tspi/crtm.c | 12 ++++-------- src/security/tpm/tspi/crtm.h | 8 ++++---- 2 files changed, 8 insertions(+), 12 deletions(-) (limited to 'src/security') diff --git a/src/security/tpm/tspi/crtm.c b/src/security/tpm/tspi/crtm.c index eb0744209c..80483d575e 100644 --- a/src/security/tpm/tspi/crtm.c +++ b/src/security/tpm/tspi/crtm.c @@ -102,11 +102,10 @@ static bool is_runtime_data(const char *name) return !strcmp(allowlist, name); } -uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name) +uint32_t tspi_measure_cbfs_hook(const struct region_device *rdev, const char *name, + uint32_t cbfs_type) { uint32_t pcr_index; - uint32_t cbfs_type; - struct region_device rdev; char tcpa_metadata[TCPA_PCR_HASH_NAME]; if (!tcpa_log_available()) { @@ -118,9 +117,6 @@ uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name) printk(BIOS_DEBUG, "CRTM initialized.\n"); } - cbfsf_file_type(fh, &cbfs_type); - cbfs_file_data(&rdev, fh); - switch (cbfs_type) { case CBFS_TYPE_MRC_CACHE: pcr_index = TPM_RUNTIME_DATA_PCR; @@ -143,10 +139,10 @@ uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name) break; } - if (create_tcpa_metadata(&rdev, name, tcpa_metadata) < 0) + if (create_tcpa_metadata(rdev, name, tcpa_metadata) < 0) return VB2_ERROR_UNKNOWN; - return tpm_measure_region(&rdev, pcr_index, tcpa_metadata); + return tpm_measure_region(rdev, pcr_index, tcpa_metadata); } int tspi_measure_cache_to_pcr(void) diff --git a/src/security/tpm/tspi/crtm.h b/src/security/tpm/tspi/crtm.h index 1b29854efb..f3678ef033 100644 --- a/src/security/tpm/tspi/crtm.h +++ b/src/security/tpm/tspi/crtm.h @@ -41,13 +41,13 @@ int tspi_measure_cache_to_pcr(void); #if !ENV_SMM && CONFIG(TPM_MEASURED_BOOT) /* * Measures cbfs data via hook (cbfs) - * fh is the cbfs file handle to measure + * rdev covers the file data (not metadata) * return 0 if successful, else an error */ -uint32_t tspi_measure_cbfs_hook(struct cbfsf *fh, const char *name); - +uint32_t tspi_measure_cbfs_hook(const struct region_device *rdev, + const char *name, uint32_t cbfs_type); #else -#define tspi_measure_cbfs_hook(fh, name) 0 +#define tspi_measure_cbfs_hook(rdev, name, cbfs_type) 0 #endif #endif /* __SECURITY_TSPI_CRTM_H__ */ -- cgit v1.2.3