From patchwork Tue Dec 24 16:01:03 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853198 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982135wrq; Tue, 24 Dec 2024 08:01:45 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCX7GK19ofcKZWmeDek9DI0ibbOXNFccN3ry8XhMbiTQgGiOdKIGDgRRX+l1rz+RkGB7QbLS9g==@linaro.org X-Google-Smtp-Source: AGHT+IHjmSf3bis+1BRjZ5uHcj+AQTzQ95ZB+YMKQ+yN+ti/eQPwGQygsn0BWP/QqVAqFcQmswrh X-Received: by 2002:a17:907:da4:b0:aa6:8bb4:5030 with SMTP id a640c23a62f3a-aac269598damr1628137466b.0.1735056105405; Tue, 24 Dec 2024 08:01:45 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056105; cv=none; d=google.com; s=arc-20240605; b=ICEmWl5gV3qCINQcm1oaOoO3O8aqqq98hfBj6NeL9hTIjAPd/OrUyjVczIwe6o4Khj kaw+e0WHeN/T9BGwOIn7eY1SLgoRRXy/DwyK325ylZtBDSZi9oiRg6fF9Yoy0w/nYb97 E6A7RniFvAAfzt99Qys5WCqfqJVXTaIgXOEwxv9MywtlCNtwW0HIi/RJonkRJoNYHaV1 7QLhQSGvdgy0rOJtY2/iosS4awFsDlIoOnY2oAbOPt0sWcQrEkPWQlolhnI6nFBdgvrB EFkOOnpxvi5reEFJVqeI5Y9/nSVbX47oqxThO2R25eL9PH/fIuwXXbufZCqbHyv3fUEM ED7g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=yBkE5FBBkp1ejnZqi2Ryy2HwJLGOAxz8NcBPmAsmVzs=; fh=aFRKT+FLsSpu5kjcugaqwnecmru2euGLzBWAk8anK2k=; b=CUtjlOe3LYsNftYc7ClJdZ5GMS9t7GeQFYcDybv5AipFIu5hLSXhKXUizFEPUAFXBi 3UZFSLTjfS5UZwxOsbrTxnA6uxOcwHMwG6PGo4dOMDBEde2JP0oh3k+ipV8wlqIzK7QD dLMsvS5UbCnDDGVMncX2gy/aP6p/YLDeJpOTXnlgVaviz6+gdrOrxcTr3/e2dda+BIyx ejmJr005/ah/dZ7DOZ3zfF3DHupAAbbxzYz0IqPbFCcgJorARtY7rOunuys5dkvOfchu eLamWqj6lUFeOKMgdaNEh7dABMksXF+0S1pY1XRlOualR8SVrkt09RXmKgyzZlHW4D+k Hkwg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=CmJ292WD; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-5d80703068csi7201694a12.539.2024.12.24.08.01.44 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:01:45 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=CmJ292WD; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 9AC2A807EA; Tue, 24 Dec 2024 17:01:41 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="CmJ292WD"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 630E9807E4; Tue, 24 Dec 2024 17:01:40 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf2b.google.com (mail-qv1-xf2b.google.com [IPv6:2607:f8b0:4864:20::f2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 39708801F5 for ; Tue, 24 Dec 2024 17:01:38 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf2b.google.com with SMTP id 6a1803df08f44-6d8edad9932so35055776d6.0 for ; Tue, 24 Dec 2024 08:01:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056097; x=1735660897; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=yBkE5FBBkp1ejnZqi2Ryy2HwJLGOAxz8NcBPmAsmVzs=; b=CmJ292WDOBTI1p7rcR1cXsdFHzNK3iGap4tgGH2VrSWbfXyMW4Gr9gaZkzgy9N1a3h F8vpuOldpyhsE1rQcUQw/2fSMtMua/MCKnF6kzdUYFPicYKdQiokluUu3HXj0riOVth8 yCXRrlwK3AoxiI+XNNzdNhs+I43c0c3ljKrn5DfrNvGrcZyXcxh3dx3YZfqmIKgXXuiU 9qem6EfXjQrmzLzj0tbJ0NZxqTx0n+l7+FJ5Efm29Korm7vuzFhdcmIYSvirzN27QpfB YcdAXo7rI14zNMS1+vYCU1mASv8GozTeCKRFYvZYf85+F67YTSQ/noOUW5GfsYcJ1w0I Gujw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056097; x=1735660897; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=yBkE5FBBkp1ejnZqi2Ryy2HwJLGOAxz8NcBPmAsmVzs=; b=ELabxTW/H3vDS0BhIloa3LJMGYpL10yx9ORL3xekMQsyDDXn35iug7ctovvK/7hy/K lWFJOt9GaQg8kiKBd9I1rfFBRcxxzVY26XxTWWV7a0WRe0nc+R6GRjyRY84qe61TiLxV uWNvHmUGX6lDVEl8nL0xmejyd2HNGCFQx7l8TU5KSVb6Je4Zvi1UYCTTCuAqfRYSNXJR U6zZt04JNM8z0++sWQNBhrsaJuB3n4NaTcmtUOm33uDUiwmnTqydpHPRrppZvQA9DTgf 7g2QEsSwSHjJJevq0joifQFcUBHSTRwQtONT9b7OYHHuTs+d3aAbKWKJpKASeCxjtZv5 0ppQ== X-Gm-Message-State: AOJu0YxmUfqvrDLOR4PMSi1q13t37cnROpU1TA94oWAXPLdKa6zKi/t3 s0F/WqZq0RXhL4g0wl54svlGSHpWDagzCas13mtvJxPl9H129mDMFHuXDo2oTnR336aVNXjK4OU J X-Gm-Gg: ASbGncuwMjJfOFmpJVVYRExo0xmmQapSexKZcdQtpcbuiZQWyEhJtUDbSNen8UjArnr Uqkrq/gHJniA27SmC2AMo+hRnWWW5BupMSxDatzA6wtJ4Rkr6zk/drDMMtR3Rj/6D86HGex9Rts nVpAmJm/7A2HvJEWRICjOFPorhPM3HTKyi3YDN4Bq/3p7ghF7QpHvxHhNVA9cqdkVCyzk4r7usw O24iNQsz5H60Cj8fcJiwiGq2LyoX931KL1tCwNIVOw7fS3Y+h7fl8H6+J2UYMoy29y/YGu5PkyP G6dkSsf6Th4fx8/eRjKheaM+45nXwa7veAHUSR8Mh36r8KEz3aBzUtY= X-Received: by 2002:ad4:5ce9:0:b0:6d8:9c92:654a with SMTP id 6a1803df08f44-6dd2331e946mr290512796d6.10.1735056095176; Tue, 24 Dec 2024 08:01:35 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.01.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:01:34 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Tim Harvey , Simon Glass , Masahisa Kojima , Eddie James Subject: [PATCH v2 01/11] efi_loader: Don't warn if the TCG2 FinalEvents table is not installed Date: Tue, 24 Dec 2024 08:01:03 -0800 Message-Id: <20241224160118.675977-2-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas When the TCG2 protocol installation fails, we are trying to remove all the objects we created in tcg2_uninit(). However, there are cases when this function runs before the config table was installed. So instead of printing an error unconditionally check against EFI_NOT_FOUND and don't print anything if the table wasn't installed to begin with. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. lib/efi_loader/efi_tcg2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 572c6b5bf6..a15c73162e 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -791,7 +791,7 @@ static void tcg2_uninit(void) efi_status_t ret; ret = efi_install_configuration_table(&efi_guid_final_events, NULL); - if (ret != EFI_SUCCESS) + if (ret != EFI_SUCCESS && ret != EFI_NOT_FOUND) log_err("Failed to delete final events config table\n"); efi_free_pool(event_log.buffer); From patchwork Tue Dec 24 16:01:04 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853199 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982232wrq; Tue, 24 Dec 2024 08:01:54 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCWJb9D/5dric+rgDSCbNxi7Xh+KP04ryvR3zoGu/o7a+NKBklTIIXU3i1qw1EQZHW703h0z8A==@linaro.org X-Google-Smtp-Source: AGHT+IGZdwuh2Bk+KkAdOdfIAl9a7ky0d7m7X1mardrJ5IuXbYVe1J1rzeUSfDzOXtBQF9b4KTvP X-Received: by 2002:a17:907:1c85:b0:aa6:29dc:11b with SMTP id a640c23a62f3a-aac3342c7f4mr1730729266b.16.1735056114116; Tue, 24 Dec 2024 08:01:54 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056114; cv=none; d=google.com; s=arc-20240605; b=Xl1zaRzH66xGq6gFmFSMpyAP/P64Z+6Oz4MwKPMbjb+Rau27IJjOc4f8cp8n5BONm8 yDgRLH3H4CyHdPEZf+f8IUvCF9Q90GGKCF5+sKOiSJ8XdKla7Z4NFhRcxKAN0yxObFRo 4A1LQ1Db2v+1ADNQ6scOfbRn4EU4c2EyS6YZi3E7E9KqwaDh3pCKqll/GJh2nIo1YpM/ A2I89H8ZJWs/1hx77PPLBWmfJ/kqfFm/DvgfaTm19Y3G//ebVP63g6o3ONNvKQcWvs1D m3NoR1C7bKHreifMnxlu/8b1WKBvWXFJaH9bzNs/YSimWIfsjMOgOkPR5cwQceHyCxkt BbQQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=MMB/fCH/nFRLbnvFwEAo1abjqNq75/1uJY+UdEeSwAM=; fh=JwI1T3Njxx0vlNnAg5N5jQGYex21sQ2C4f5jT2UIKcY=; b=G1MuY9bZb9o/r0brXonpDPYURzJ46PD8n9Dj0HUIoNWlUg0iQDMzmswep2W9hYCRUv 7SphAMIWSsHp7wH9fokT9+cfPqA7rpvjctj1eniZ8CsgyRYREZOIE8mCGtFuk3Yg9IP+ 908qh4UPYPnpdzyz5QpZxKRzB9PcYQbQPykFz5PrtF2xi881zttDChniB4rhHyEvL6n2 8KplYnW8UjVQ2mK3mdbttJhqxgzvzRGo031g0lOFflrjYGdZ0xw/XLb4PSOkV/pHUihm gqbZBRqRRAmWKa+8r06R+80ncRFbDLxiERzoombjzcBL0YLD+NzxXRzQA7utUigxL/tH uM2Q==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=O99Fc+qC; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a640c23a62f3a-aac0f0c8aa8si716211466b.831.2024.12.24.08.01.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:01:54 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=O99Fc+qC; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1D3B6807A7; Tue, 24 Dec 2024 17:01:47 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="O99Fc+qC"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 6617A807DE; Tue, 24 Dec 2024 17:01:45 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf32.google.com (mail-qv1-xf32.google.com [IPv6:2607:f8b0:4864:20::f32]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 2FBBB801F5 for ; Tue, 24 Dec 2024 17:01:43 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf32.google.com with SMTP id 6a1803df08f44-6d8edad9932so35056616d6.0 for ; Tue, 24 Dec 2024 08:01:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056102; x=1735660902; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=MMB/fCH/nFRLbnvFwEAo1abjqNq75/1uJY+UdEeSwAM=; b=O99Fc+qCfAnSkwnZOl4QxpKHXcn/r17+OnWy9sYowtR18qNUQ3iM5oOT+MVbL8hs3g Vo/bD6Z6mgz7FXnQtTDtOzZwcvWZF6Y0xqnJ/huMeKzrWvOTsD8xYnHroz5lWC4+ExmJ 10+PcflVVxmc34NvhC8N7549lRu+RJt2zH6tfD6wihYle0gSmaHj4vYmuI1aa4UooBBZ B/SLucI7Ruq8jkcYwCze0Ms+k13ag9zpp60Blu0PE+bdCs89CkxVWVqDzj9LXWJxMiNQ 3l+g3RKGRCQ/JDlztlkVwJdq1VixW5F0e44PoBf1FlsXddUBA1t954+iHVbOspW3mosF yHLw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056102; x=1735660902; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MMB/fCH/nFRLbnvFwEAo1abjqNq75/1uJY+UdEeSwAM=; b=WaH1nn3Fwb9ZoiPCtMLosN8AQmqVaTf+44QuhTHzZdzISAy2sFAoDuCPgii2uh+n2p wmBv4vNN1p0wceUxlbTPagMQbe7qWV0YTIkRbilOs4kMJHuv9fXUUHtMMFD+qp79xQkW r/7NUETTN/X5X2Nm3elmjw1PGgqr7+NY19cM5RPSnRw6P+59Z96pxE1HYOcKxJMV69f6 W7Q0Ie5yjt8adTGsudeus0kNI6oFuHAsF/xxzNF0JgIPsIdHJHZCIfbw6Eb3Gubfo6gZ td5G30lyEKzhcOohS8BuOUCbs2kesG8vNii4IDDDKrWkRvRgvjjoe7vDya+oXFiX+3Ts latA== X-Gm-Message-State: AOJu0YwjmpD/xiokwsSnVXzRG7XOvfIwy1U5VGzLXRYF9LSHL7845wXD +d1Efw/0Q/K92UWPTHOWfu/b7sdEaAaai1X3ZL7aZCWsilTkM873lv2mw6e5NZzHzDu4ogh5Ism 5 X-Gm-Gg: ASbGncsCXgu9v4hDPv9Hw++P47IwEUorOLgav1BSicD/RkdPtMWSCisXAGksUzwTl6C g+k2vw1+JoFpph5yZUZn/6TYATw+ChjUY6BmZkp30bkFQFUj27I63yZ87U7kiRq3l4nsLpRyDQS fHavzV9643q05Vzx/F27nPSVXS2I/qyYr65mnGQOFX1mir9bztLGrwBm8+G/Ns/AM/Phf1P2T0n /aveOE+kiK1QQDAkmJCLR1UP8MBdf2R9XRVrax82vYJpNySlUbpagJlnihERlwW4BueRbLQceZ6 Vl/Mvr4VjgsmDiyIkk1aKA0eWwDBS8q01xC+PtJv0korYayD4D2Lu9w= X-Received: by 2002:a05:6214:767:b0:6d8:96a6:ec22 with SMTP id 6a1803df08f44-6dd2335741dmr305361346d6.23.1735056101803; Tue, 24 Dec 2024 08:01:41 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.01.40 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:01:41 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Tim Harvey , Simon Glass , Eddie James , Masahisa Kojima Subject: [PATCH v2 02/11] tpm: Rename tpm2_is_active_pcr() Date: Tue, 24 Dec 2024 08:01:04 -0800 Message-Id: <20241224160118.675977-3-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas This function is checking for active PCR banks, so rename it to something that's easier to read and closer to what the function does. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. include/tpm-v2.h | 6 +++--- lib/tpm-v2.c | 4 ++-- lib/tpm_tcg2.c | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 4fd19c52fd..8c43f4fd9b 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -740,12 +740,12 @@ u16 tpm2_algorithm_to_len(enum tpm2_algorithms algo); bool tpm2_allow_extend(struct udevice *dev); /** - * tpm2_is_active_pcr() - check the pcr_select. If at least one of the PCRs - * supports the algorithm add it on the active ones + * tpm2_is_active_bank() - check the pcr_select. If at least one of the PCRs + * supports the algorithm add it on the active ones * * @selection: PCR selection structure * Return: True if the algorithm is active */ -bool tpm2_is_active_pcr(struct tpms_pcr_selection *selection); +bool tpm2_is_active_bank(struct tpms_pcr_selection *selection); #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index ad2b5ab0c3..cb636414de 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -847,7 +847,7 @@ u32 tpm2_enable_nvcommits(struct udevice *dev, uint vendor_cmd, return 0; } -bool tpm2_is_active_pcr(struct tpms_pcr_selection *selection) +bool tpm2_is_active_bank(struct tpms_pcr_selection *selection) { int i; @@ -907,7 +907,7 @@ bool tpm2_allow_extend(struct udevice *dev) return false; for (i = 0; i < pcrs.count; i++) { - if (tpm2_is_active_pcr(&pcrs.selection[i]) && + if (tpm2_is_active_bank(&pcrs.selection[i]) && !tpm2_algorithm_to_len(pcrs.selection[i].hash)) return false; } diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c index 7f868cc883..edbe5f3aaf 100644 --- a/lib/tpm_tcg2.c +++ b/lib/tpm_tcg2.c @@ -43,7 +43,7 @@ int tcg2_get_pcr_info(struct udevice *dev, u32 *supported_pcr, u32 *active_pcr, if (hash_mask) { *supported_pcr |= hash_mask; - if (tpm2_is_active_pcr(&pcrs.selection[i])) + if (tpm2_is_active_bank(&pcrs.selection[i])) *active_pcr |= hash_mask; } else { printf("%s: unknown algorithm %x\n", __func__, From patchwork Tue Dec 24 16:01:05 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853200 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982343wrq; Tue, 24 Dec 2024 08:02:04 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXw7rwAcZAOn9Q0Y8Litf8GBh8fFPx+Gkg5fHaGRTYwMFyEudPaM3efRNhA2L8lmJyiFMphIQ==@linaro.org X-Google-Smtp-Source: AGHT+IFkF76pT1KWT04M9bqvsmmu5sCM+4fvgcLW80KORJCCnBtKVOGw+slWN3JzC2/JYL57uUHi X-Received: by 2002:a17:907:1c21:b0:aa6:88b3:ba4e with SMTP id a640c23a62f3a-aac33415dd6mr1826605666b.36.1735056124385; Tue, 24 Dec 2024 08:02:04 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056124; cv=none; d=google.com; s=arc-20240605; b=U9VM0fKA0zsqYyqrT84ywtFk9rkvA1tc3C+/VlK/v8OD59ftnQmJMmWW7ah2AVvM5g n/uW8HL2AJcGb4Nq+5JbXP1gcrIeHi3RDCwhLtIBpHaeih8dKNCUctwNSvm7pSbopegX owr8b9BSjniQXlFdbgK6oUa+t7T+t2pf5bT/l1XiGQID0dWGB57RRpNHqu+Gf6V5RJFc yFUTjE7zpXs9nvXN04RqpRT4wBqyYo/6xNZvxMmNXGp9JN+rKFStKq0bJ14LNwTPLoZL 7dw0y/DnMDbvzVkXnmcOTTxEICnIB8jcIHnUIDtY9I4+Bb6644eeaI38G8yxa1ASWP8l QukQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=2v44yJMOddWJK/ZNBTpR7f3UP3dJnUL4WcwKStHPLvI=; fh=FbKFTC1qYMAD+RQvZ2xhe3F2GCUPpkB6HLUJw8ZR8RU=; b=NhQ7tPqXfvYfbIpjyl+hzPAvCgUjPpsu9UcK7kfOBHM6RyhGq5rIoS9OG5ZCieR3GU DoXg0ewvlY2eJqNhd1K1gN0ho+f1N2wlcusatOW1d1EHkDilQePQcjCzbcXffCQwsgcw M/TEGC5oRDIh3C+b9BCjx+ByVQ3dZUxVXuOAXfsgBi++vDjRuXi69WkKfrZlo6p6b2la 5Ex5zPe1WVk53gNcvlGklUxvAMLPUQUGjbtqhCsMi6v+eu+ERwKM0s1BEgiLzlKau3MV 41Z1iLB7pmy1BSQenDq6/UVpCca2XlqewNH2GvXa2PwVthxQrRHhTYdqjqgTcHb9Ubs7 WgpQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zb3mkwJO; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a640c23a62f3a-aac0f082545si688848266b.653.2024.12.24.08.02.04 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:04 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=zb3mkwJO; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 760C2807DE; Tue, 24 Dec 2024 17:01:53 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="zb3mkwJO"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id DA5D5807DE; Tue, 24 Dec 2024 17:01:52 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf35.google.com (mail-qv1-xf35.google.com [IPv6:2607:f8b0:4864:20::f35]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 88666801F5 for ; Tue, 24 Dec 2024 17:01:50 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf35.google.com with SMTP id 6a1803df08f44-6d8e8cb8605so27455176d6.0 for ; Tue, 24 Dec 2024 08:01:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056109; x=1735660909; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=2v44yJMOddWJK/ZNBTpR7f3UP3dJnUL4WcwKStHPLvI=; b=zb3mkwJOLCCGYXppjhKTr/WSCp8PiMfqwhG2aNXqsqo2gy96YsD2hCJkFQjVTm5iV+ 61TOdJmdAnN0GQUAnRuC2uV8TjL3m84HixHLOfMUxxA2WgNybLgeQkewvnh4Hv15mthl P6Q9HYkBK2NlWym01Zl5j3sp7ZH47tMlPhcA3+2OEVLmgvO+hJSntnpL+DkFqLc75uGe rchBISHZHBPP7KZ6Mf79bQsHitKxFbxSxclcHqGOLg+JQju5h04gMlVlhIFk3Y2nboxh ax14NdtSiZWIslJZoKBw+nHXMZ+m0YHFzSoFOtHgMy43TvvHoXR2KNcnjKDxpJEtFWdk Dnig== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056109; x=1735660909; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=2v44yJMOddWJK/ZNBTpR7f3UP3dJnUL4WcwKStHPLvI=; b=edZ84bnHmJ77PUx36kWUnvwMr6n+5L38AYiru5qch7c70dZEdR/x+RSe/KjkWw3b6B cAlxmCJRagZfmghbyR40dnHgQi675dRRmduCeI3sTFBfXa0XBg2ft9pHSaYYtPsSX4+z GJ6hxJhx8747wf3Q2Sot7RvuA2rR97728rd1wETUkU8ikJWiXuUcsA+ZT6NeYstAy4QP sjJfMkWITaqCNsD47hpGAZ4eqzmsSj0nNhEjPMY0Y0vApFBwBj65Pwm9YYMIX1QT0Z0g GRzjXhZs07INyCAkcQ1eUtCoQhL7CP/MSXJxq0Kiy0jb9eI8ovvYp/T6zZd6Ehfn2amc 3h2Q== X-Gm-Message-State: AOJu0YwyWMKqXTjIRMtOguZp4uuTVtFA/3/MZgdz81blX7tZJnfzup/+ txMxriIFLGVsO3up1D+0u/7U/3H17CqXtczf2ZBi+5KsKcmSAPuGHZPDHIB41EG3jtkMk/Nj0dM b X-Gm-Gg: ASbGncvIBx9CJ6KikdcTrV5LvPBDC3GpPCVcnIb4JNONa/UUzSsJlxXXhOtCDfB0YqA UZTHHjt95XIAEdY9jHqsKh1BmoOzBVwXph6rrx7ppGbjQCC1u6q0I7Oq9SwHtcW/EpyOk7UKWcQ kbC45lZqmuS8VBXdQLgxGWPzSPKcP6KJ7XR0yaUE0e/O3CficLVFE7Qy8no6177CEzj29lTXudc EJiAGPX89WfTwVltedAHmcY8TgF/a75LCyyoFVVXjGqPlXAtWgE82/yccVR4c+RApH6M1yh7wLK 6JkO83T6i7FTHcO1bGHA++OpRigqmUloLTgCjB2Xr5BxHHs0v14KPE4= X-Received: by 2002:a05:6214:4290:b0:6d4:1a42:8efa with SMTP id 6a1803df08f44-6dd230cbcabmr271865426d6.0.1735056109284; Tue, 24 Dec 2024 08:01:49 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.01.47 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:01:48 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Tim Harvey , Simon Glass , Masahisa Kojima Subject: [PATCH v2 03/11] tpm: Rename tpm2_allow_extend() Date: Tue, 24 Dec 2024 08:01:05 -0800 Message-Id: <20241224160118.675977-4-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas When that function was introduced we were only using it to check if extending a PCR was allowed, so the name made sense. A few patches ago we used that function to reason about the EventLog creation and general usage of PCRs , so let's rename it to something more generic that makes more sense in all contexts. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. include/tpm-v2.h | 5 +++-- lib/tpm-v2.c | 4 ++-- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 8c43f4fd9b..87b2c614ad 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -732,12 +732,13 @@ u16 tpm2_algorithm_to_len(enum tpm2_algorithms algo); */ /** - * tpm2_allow_extend() - Check if extending PCRs is allowed and safe + * tpm2_check_active_banks() - Check if the active PCR banks are supported by + * our configuration * * @dev: TPM device * Return: true if allowed */ -bool tpm2_allow_extend(struct udevice *dev); +bool tpm2_check_active_banks(struct udevice *dev); /** * tpm2_is_active_bank() - check the pcr_select. If at least one of the PCRs diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index cb636414de..0edb0aa90c 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -197,7 +197,7 @@ u32 tpm2_pcr_extend(struct udevice *dev, u32 index, u32 algorithm, if (!digest) return -EINVAL; - if (!tpm2_allow_extend(dev)) { + if (!tpm2_check_active_banks(dev)) { log_err("Cannot extend PCRs if all the TPM enabled algorithms are not supported\n"); return -EINVAL; } @@ -896,7 +896,7 @@ u16 tpm2_algorithm_to_len(enum tpm2_algorithms algo) return 0; } -bool tpm2_allow_extend(struct udevice *dev) +bool tpm2_check_active_banks(struct udevice *dev) { struct tpml_pcr_selection pcrs; size_t i; From patchwork Tue Dec 24 16:01:08 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853201 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982730wrq; Tue, 24 Dec 2024 08:02:31 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCViWktzh8VvoO7U+DLjK7ZMJGfh+0N/vkvgVYB6TwXOGlsW/B42fnz2y+W4eD2TVeCP2haQ/Q==@linaro.org X-Google-Smtp-Source: AGHT+IHzUTyqt5X5EqmRcgwbq8m6ZsEyaD3/UilVZRpCTSFBSq1qNwETebIJtVCh45fVtqiR/T9c X-Received: by 2002:a17:907:60d6:b0:aab:daf9:972 with SMTP id a640c23a62f3a-aac334c0ba9mr1762496366b.28.1735056151229; Tue, 24 Dec 2024 08:02:31 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056151; cv=none; d=google.com; s=arc-20240605; b=QnwCwnYVB1p0vMND4A1IQ9lUjLWUvJt/q76RWUQ0hmBHZpopAFDkiiX9fGS7et8twX qVL7uf3Xzx36RvT/hk1RGb4o5ziD6L57sHU6Qfgg2iEwYb9h7GmVkGXn62lescbPUFD6 EscuIQoOmh/F3MMdDfKuD3OlIH265a9RmvUi1wkdYeRrpTpCGbHcxcBpX3aNIeH1Ow2K sKOUTItDVeCzWFSipfLSE3aaJMWOcPT8fsLwd5aiCHEzCc3Ay3JpEiT0tL1caIA86/QW Jp0aWE4dU3qCJbR1TqqjwUMp74FDEs8SADKiZSrMjMGo2ugb9g+qIrIGOOzvG0vnQ59A Z2cg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=wuO4ssy8cSq34X/hITvl0QT65bRxCl3Upur/XNNIJOE=; fh=MXFne/3XAK7RUtsOf/Btx/lXhXwtjQKdDpJclDZA50k=; b=NWvLqRR8hcr2JaN1IGPBUiRRPnWqu4ZB/R7FRm7F+Pja7N5YIQXymUcuLX2o1ap4In v4sFWDZJ9i1RA61mFfDGsvNKuJVbOljlx7i65MYd1LzoQ1LkRRET0UhO9DdKIRAXF5EE 1RQHgzNYEYT+Jm1uDBTXL3FicApWmdBGEKk8AAoF7GDAXQRtrvAJ8tN31ooF6PBIASjY 13IB4yjeJsiBcBCAyFKJHN4KD1sqaK9Aa4t7XbQ97vi1H2UD2WC+CnV7EGnx6B0oePKc ZfOIboa7KXCa+ohT7h8fxRO2oKyR56YErZQSTucxaXubfXdoe+XJIRMc2jalh11nTaJr bNZQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=isKcK670; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id a640c23a62f3a-aac0f081d25si738306766b.674.2024.12.24.08.02.30 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:31 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=isKcK670; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 2A1FC80352; Tue, 24 Dec 2024 17:02:16 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="isKcK670"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 3C3F680352; Tue, 24 Dec 2024 17:02:15 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf36.google.com (mail-qv1-xf36.google.com [IPv6:2607:f8b0:4864:20::f36]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 07A06801F5 for ; Tue, 24 Dec 2024 17:02:13 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf36.google.com with SMTP id 6a1803df08f44-6d88cb85987so43222856d6.1 for ; Tue, 24 Dec 2024 08:02:12 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056131; x=1735660931; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=wuO4ssy8cSq34X/hITvl0QT65bRxCl3Upur/XNNIJOE=; b=isKcK670Hmh0V4zHCwsFojhunlOT7ENpPMQUgyqq4cbheMXfJhQaCa1m1kAzekAYda hpAHHmsoIF/pYxFqRJTAlsKd/7JbRYHbjbTQHkQq7p4xZkDQ8spgeSZEASeJd1z7KvqF bj6y2F09QS+S81rG7z+BwUDO1zLdPDA/HC6O0GHgP/TA3PTxjGDoeguHPWJvPJptEAWQ CsbTm2xYFO7h7EDwuVIGiGaCnWccy4TnyHMFFj1dqGUBnMnl2apNWcBcoAIoPTFTWHaT UgQ42xslEyWJhlSrF1Oxx+0DZ+twWAZDkRSdXRoo6MqaH1g8h1uK2rgdxtbZg60IHW3U kmeA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056131; x=1735660931; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=wuO4ssy8cSq34X/hITvl0QT65bRxCl3Upur/XNNIJOE=; b=ttTc5tDL5DmFgXfF6+l51+Hc088X+UjUeJYZfr2oFtsdVM5V4DrmppaRWEoaavyJmo b21dR/tHxsI+zp0bDBTpPF/3eBJfXalv/R2TBJ8NEvQQy1dsGJ0ZV2lQrcsCGuwwqb4B KtYBvDE2cQDl+yhQuxy989/aJVLXCYeASS0wCvbICYwyY7W3I/jhVc1CizJp/uX1z8mo qBPpfK1i9rwP6RdkPhNNPA2cUYQLXCLM+tLeyQ5n4MsWruDFP77lmycRG9isF0FKFTx8 N76raUlcPp+u78VDIhtPIlHzsEziGD3kekMGAIzsKhVds3ILtrDcHpqnvFkWZl6UwXkI 7ynQ== X-Gm-Message-State: AOJu0Yz3smvGcCxsZRgbUUoe3b17eiygra2KDUjC3fGQK5TXWsYI+tW3 t6RFGs5ztGeNI1ErDudD6NQgyYutQ2G880Ycp326Ib+rH059tjedv1Db9cTEt48JxHsoKA9AvOB h X-Gm-Gg: ASbGnctPvMGWykHme9PM4tsazzDjt7mOPh5G7x5fRD4fudi7OQl1kIWKrAMqhmn1WN7 PpoAm7JtI7NM3ymSQKlz7mcz8Lwsi/BJGJi24RAH/3J4mQxBuBG7Nfi6PmNMKsmb+zcYxIBE0Mk puowBO3ApOj+yEkB62UZzrz8igQ0bYNCWGJS2RyOOeLBBJ44mF13NWoU86FdcWmOXrebkyUsvvh W9NVX+7zmCSBSmvuEfFIWdakIwURzsrcqAULasDXGhe71x4dyzH4KtgrDl5c6g7nNtl71qWOjca SFCzI84Og4bPaUGw8+tH/da33BUt84kZJF1UnbcaclI2QAH7CiPEU/I= X-Received: by 2002:a05:6214:460a:b0:6d8:88c2:af5f with SMTP id 6a1803df08f44-6dd23580fd0mr275672856d6.1.1735056131288; Tue, 24 Dec 2024 08:02:11 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.02.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:10 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Simon Glass , Tim Harvey , Eddie James , Masahisa Kojima Subject: [PATCH v2 06/11] tpm: Don't create an EventLog if algorithms are misconfigured Date: Tue, 24 Dec 2024 08:01:08 -0800 Message-Id: <20241224160118.675977-7-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas We already check the active banks vs what U-Boot was compiled with when trying to extend a PCR and we refuse to do so if the TPM active ones don't match the ones U-Boot supports. Do the same thing for the EventLog creation since extending will fail anyway and print a message so the user can figure out the missing algorithms. Signed-off-by: Ilias Apalodimas Co-developed-by: Raymond Mao Signed-off-by: Raymond Mao --- Changes in v2 - None. include/tpm-v2.h | 7 +++++++ lib/tpm-v2.c | 23 +++++++++++++++++++++++ lib/tpm_tcg2.c | 27 ++++++++++++++++++++++++++- 3 files changed, 56 insertions(+), 1 deletion(-) diff --git a/include/tpm-v2.h b/include/tpm-v2.h index c49eadda26..6b3f2175b7 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -770,4 +770,11 @@ bool tpm2_check_active_banks(struct udevice *dev); */ bool tpm2_is_active_bank(struct tpms_pcr_selection *selection); +/** + * tpm2_print_active_banks() - Print the active TPM PCRs + * + * @dev: TPM device + */ +void tpm2_print_active_banks(struct udevice *dev); + #endif /* __TPM_V2_H */ diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 96c164f2a5..bac6fd9101 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -926,3 +926,26 @@ bool tpm2_check_active_banks(struct udevice *dev) return true; } + +void tpm2_print_active_banks(struct udevice *dev) +{ + struct tpml_pcr_selection pcrs; + size_t i; + int rc; + + rc = tpm2_get_pcr_info(dev, &pcrs); + if (rc) { + log_err("Can't retrieve active PCRs\n"); + return; + } + + for (i = 0; i < pcrs.count; i++) { + if (tpm2_is_active_bank(&pcrs.selection[i])) { + const char *str; + + str = tpm2_algorithm_name(pcrs.selection[i].hash); + if (str) + log_info("%s\n", str); + } + } +} diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c index 99671804e3..e77a904129 100644 --- a/lib/tpm_tcg2.c +++ b/lib/tpm_tcg2.c @@ -567,11 +567,36 @@ int tcg2_log_prepare_buffer(struct udevice *dev, struct tcg2_event_log *elog, bool ignore_existing_log) { struct tcg2_event_log log; - int rc; + int rc, i; elog->log_position = 0; elog->found = false; + /* + * Make sure U-Boot is compiled with all the active PCRs + * since we are about to create an EventLog and we won't + * measure anything if the PCR banks don't match + */ + if (!tpm2_check_active_banks(dev)) { + log_err("Cannot create EventLog\n"); + log_err("Mismatch between U-Boot and TPM hash algos\n"); + log_info("TPM:\n"); + tpm2_print_active_banks(dev); + log_info("U-Boot:\n"); + for (i = 0; i < ARRAY_SIZE(hash_algo_list); i++) { + const struct digest_info *algo = &hash_algo_list[i]; + const char *str; + + if (!algo->supported) + continue; + + str = tpm2_algorithm_name(algo->hash_alg); + if (str) + log_info("%s\n", str); + } + return -EINVAL; + } + rc = tcg2_platform_get_log(dev, (void **)&log.log, &log.log_size); if (!rc) { log.log_position = 0; From patchwork Tue Dec 24 16:01:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853202 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982835wrq; Tue, 24 Dec 2024 08:02:40 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCU9yA3ofAClmHsOsbhXxly091bcxHO4NcqChe1w6u0ZeUp7VT2wlJG72cMJa20CDIpvc6TyWA==@linaro.org X-Google-Smtp-Source: AGHT+IESKHShFn0ajKn6cnJUwkUtyVgAdvwgulfLQsJENqMxn6aV1hBp92qF0syitNX1k3zKDiJr X-Received: by 2002:a17:907:3f98:b0:aa6:ab70:4a7d with SMTP id a640c23a62f3a-aac33690749mr1610661566b.58.1735056160210; Tue, 24 Dec 2024 08:02:40 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056160; cv=none; d=google.com; s=arc-20240605; b=Cbaeuesy8eH1VSKIOFA3aFyOzLHnFv8MbwGBK4n6DZxGpGoTF51jf0Rg0dw9q5gpOU eh61ffeJcj/4QMeaKbe5PvjeiuTQ6Ejb+2yCgI9xSHANW0hlzQwuKn4PNMfAax2tg/kD iQuAdR6XqJPJ8/mo9kxFi6HzPf2EBDf0tEHREtsp0+JX3Ro6xNtryRE5XpyjdTDw+a6u 60S/fRANaW0G9LCDN5ajZxQajuLHg1bJ5FNVvWyF/lFeUFaGhrIBJiy8aX4W2OYkfgXq u1L2CHiKP2zVdfrKBdxW6iBqvz1Kbh7RmllKN7cYpvB4ukRj1pi3+zXc7EJMilHXnEg0 CBFw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ZcuFJ3C0FCZShICHFRCfLX+tWEm7s4USjIYNvz4fkGw=; fh=GxVV1jPPRLga+oPsj1uHhvLGyASOoboRHaEc9n8kBQg=; b=FzaSn4p0Dl0pY68MFax/5zcFCqwO2i1eDB08k9WVeWEdGWkNZV5Imj8dfgrcF9nbRv CkzF7QlVj/wvFqF08lxuKKjGuG1B4DqZJqpF9rk50iLUJpK7XgiqGpfgD0KvbpJxa8zq gdKaSQOjOw6kWUYERwMkHo969hXWvQOaQhQYcvHM7lElCoFbAYVXqpfoSpAlHjHlw/j3 y80xUPxRMM7JGQiGj1p1oxZ9mDNU89nmsQ2Ft7l0WpmggshV/LZ8GFt5l9truVizzV3J LCxRaWJwqoAmTKXkaGQQl5/nLKqszVYN/shPXIkGjUkewLrnZ78UA140tc9scXDlx4/l VUjg==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EKT5Wy7I; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id a640c23a62f3a-aac0eff245bsi737327766b.384.2024.12.24.08.02.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:40 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=EKT5Wy7I; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 86B93807E2; Tue, 24 Dec 2024 17:02:23 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="EKT5Wy7I"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D18CB801F5; Tue, 24 Dec 2024 17:02:21 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com [IPv6:2607:f8b0:4864:20::f2a]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 884AC807F9 for ; Tue, 24 Dec 2024 17:02:19 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf2a.google.com with SMTP id 6a1803df08f44-6d8e8cb8605so27459866d6.0 for ; Tue, 24 Dec 2024 08:02:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056138; x=1735660938; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=ZcuFJ3C0FCZShICHFRCfLX+tWEm7s4USjIYNvz4fkGw=; b=EKT5Wy7IzmiOC1IlcHnnEVHbs91NTKjU9cK7sRA2Df52vaRR23ryglgFzc4/bWnG6+ oAhFTQROtKS8ZhONzEF8m7tm4pJnLxDRzr+3g1w7915iuSi6iZYMzNd3EQPSP1VrmobL oWs0SHWuYm7ZLQCoDqmeJ3ULqYOZWH/Qf2L+09cETmL7LXYKKOsQcXF5Oeuqu7qJT4/e MVlavp/bIiNw2DADixDWiIZQR72RyJg1sj64HdpsLPglnC0UzUStjxGcxo5D1bNMiwr+ yzeT5HlE7/PtvbgdQsyQS9sZc8OfbXiu2oDB2mTSBR+kWSIkjOx7y080JklZiK0hH/r2 SQmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056138; x=1735660938; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=ZcuFJ3C0FCZShICHFRCfLX+tWEm7s4USjIYNvz4fkGw=; b=g9x0em92fNJzZHNaqD8w26RitQgDoH+h0UwdOyx/we9UNdE+ls5sPXswp0Qg6p08wy RN6+bmaZ0ZRNFfVExkcbFoiuHu/evlmonZiIiZJE+b/pJHTsmF2iJT/uryHN+AYpx9Sm hLK2GAlmJFrFVuCgFUnpJZa3yi6BaCiI3Nsc6zwuXFhR2la2oK85LFsKzoPqvagXzfTB eENgVOmmeEaaEmNXQjPetOdufDa+AkwPZMD4AoG004LDgeWg9+ua43yPaSJSCdwHxz+e UGgNHt9xoDwbFvFTyQzVw4njnV+12zGDKX8+OPWGc+Evd2HVwUkvAu7rZrAm1coW1SwH 7MUQ== X-Gm-Message-State: AOJu0YzYDWgo09SaVfk2ORpXcXiyrzXGZSQ+jmz8FMcUKfvgH0SEVphd 0DcwkQSlUkAr2XpnRHVkQqMeyZHUYOTiVtj3ZE5qyQCvbBW8nGpOwXOyDcEsphIlAS+NTvPAJXp E X-Gm-Gg: ASbGnctEm9cDp27Q/usYXFx4kyGeh6erI+hBDMZhtFGhwtgPwUwQps6IP1+tNVzomDB FLy1QdF885O8Q75v46pmSY2MHkm4LRSuWbhy3sHO6xyYqwobz+6rLkwXpE76vVJnUfBMYznXZhh jLzWQi8Sek8v0nZWLy0G+T6iYvSRFbJOuuyuoEz4aJnlRQhYIDOxYxVikeCV/kZXem5JlXMBDwq eXp7LRINE/5NldN/RRNeD//fYSm9YvMffd4x0nP4ueeLU7amPrE3Mmsp7SY+gKzaqekinfGRG6z NAoUIYs3OSprWrz1Qd3pM9mFGHOhHDKv1mS5UBcnDBJ6T6ICm8SDQDQ= X-Received: by 2002:a05:6214:3d0d:b0:6d8:e6be:5102 with SMTP id 6a1803df08f44-6dd2334c0b2mr301379616d6.28.1735056137808; Tue, 24 Dec 2024 08:02:17 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.02.16 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:16 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Simon Glass , Tim Harvey , Masahisa Kojima Subject: [PATCH v2 07/11] tpm: Keep the active PCRs in the chip private data Date: Tue, 24 Dec 2024 08:01:09 -0800 Message-Id: <20241224160118.675977-8-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas We have a lot of code trying to reason about the active TPM PCRs when creating an EventLog. Since changing the active banks can't be done on the fly and requires a TPM reset, let's store them in the chip private data instead. Upcoming patches will use this during the EventLog creation. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. include/tpm-common.h | 18 +++++++++++++++++- include/tpm-v2.h | 10 ---------- lib/tpm-v2.c | 27 +++++++++++++++++++++++++-- 3 files changed, 42 insertions(+), 13 deletions(-) diff --git a/include/tpm-common.h b/include/tpm-common.h index 1ba81386ce..fd33cba6ef 100644 --- a/include/tpm-common.h +++ b/include/tpm-common.h @@ -42,12 +42,22 @@ enum tpm_version { TPM_V2, }; +/* + * We deviate from this draft of the specification by increasing the value of + * TPM2_NUM_PCR_BANKS from 3 to 16 to ensure compatibility with TPM2 + * implementations that have enabled a larger than typical number of PCR + * banks. This larger value for TPM2_NUM_PCR_BANKS is expected to be included + * in a future revision of the specification. + */ +#define TPM2_NUM_PCR_BANKS 16 + /** * struct tpm_chip_priv - Information about a TPM, stored by the uclass * - * These values must be set up by the device's probe() method before + * Some of hese values must be set up by the device's probe() method before * communcation is attempted. If the device has an xfer() method, this is * not needed. There is no need to set up @buf. + * The active_banks is only valid for TPMv2 after the device is initialized. * * @version: TPM stack to be used * @duration_ms: Length of each duration type in milliseconds @@ -55,6 +65,8 @@ enum tpm_version { * @buf: Buffer used during the exchanges with the chip * @pcr_count: Number of PCR per bank * @pcr_select_min: Minimum size in bytes of the pcrSelect array + * @active_bank_count: Number of active PCR banks + * @active_banks: Array of active PCRs * @plat_hier_disabled: Platform hierarchy has been disabled (TPM is locked * down until next reboot) */ @@ -68,6 +80,10 @@ struct tpm_chip_priv { /* TPM v2 specific data */ uint pcr_count; uint pcr_select_min; +#if IS_ENABLED(CONFIG_TPM_V2) + u8 active_bank_count; + u32 active_banks[TPM2_NUM_PCR_BANKS]; +#endif bool plat_hier_disabled; }; diff --git a/include/tpm-v2.h b/include/tpm-v2.h index 6b3f2175b7..6e9bc794f9 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -34,16 +34,6 @@ struct udevice; #define TPM2_HDR_LEN 10 -/* - * We deviate from this draft of the specification by increasing the value of - * TPM2_NUM_PCR_BANKS from 3 to 16 to ensure compatibility with TPM2 - * implementations that have enabled a larger than typical number of PCR - * banks. This larger value for TPM2_NUM_PCR_BANKS is expected to be included - * in a future revision of the specification. - */ -#define TPM2_NUM_PCR_BANKS 16 - -/* Definition of (UINT32) TPM2_CAP Constants */ #define TPM2_CAP_PCRS 0x00000005U #define TPM2_CAP_TPM_PROPERTIES 0x00000006U diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index bac6fd9101..bc750b7ca1 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -23,6 +23,27 @@ #include "tpm-utils.h" +static int tpm2_update_active_banks(struct udevice *dev) +{ + struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); + struct tpml_pcr_selection pcrs; + int ret, i; + + ret = tpm2_get_pcr_info(dev, &pcrs); + if (ret) + return ret; + + priv->active_bank_count = 0; + for (i = 0; i < pcrs.count; i++) { + if (!tpm2_is_active_bank(&pcrs.selection[i])) + continue; + priv->active_banks[priv->active_bank_count] = pcrs.selection[i].hash; + priv->active_bank_count++; + } + + return 0; +} + u32 tpm2_startup(struct udevice *dev, enum tpm2_startup_types mode) { const u8 command_v2[12] = { @@ -41,7 +62,7 @@ u32 tpm2_startup(struct udevice *dev, enum tpm2_startup_types mode) if (ret && ret != TPM2_RC_INITIALIZE) return ret; - return 0; + return tpm2_update_active_banks(dev); } u32 tpm2_self_test(struct udevice *dev, enum tpm2_yes_no full_test) @@ -69,8 +90,10 @@ u32 tpm2_auto_start(struct udevice *dev) rc = tpm2_self_test(dev, TPMI_YES); } + if (rc) + return rc; - return rc; + return tpm2_update_active_banks(dev); } u32 tpm2_clear(struct udevice *dev, u32 handle, const char *pw, From patchwork Tue Dec 24 16:01:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853203 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3982959wrq; Tue, 24 Dec 2024 08:02:50 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXZykP3soGr7WD/ThzvNWWksfO0kJC8oAmQOFxs3zwyOFuyHALvvSW493WElhqQzAWUUwSjXQ==@linaro.org X-Google-Smtp-Source: AGHT+IGlCW272W9cyvd0q/zRM0EJnpztWeL90qSD61T05dDl604it37cToIb/N6ov4i/IAZYRCO+ X-Received: by 2002:a05:6402:34ca:b0:5d2:d72a:77e4 with SMTP id 4fb4d7f45d1cf-5d81de38bd2mr17784980a12.28.1735056169501; Tue, 24 Dec 2024 08:02:49 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056169; cv=none; d=google.com; s=arc-20240605; b=OV6rk925eBe3ogfda+FyGA6FJOdyxQgTsihQsxmkt4rxaAdL8W3z7skVPgx5S1wAeO VV450d2w+RCn3AxRv/2kA6/LyD874OK/Kaqn9RN7ddNCZEzrFJ9653sIdZZA6wHt3/zc 9YW1dMh8xXMVhs7suX+YAsB0HIiqm/nkbwGnmOB6MUA37eLbTAToHTuA/eqILwNCR9JS RDb86sR8vfkH55AfS29M1eeOAyO28aczlFnMt0M/Fgx19Z55ufRdFtKgcBCgnWhB6KGx Vyuec9EbQIuAUfT11HfvkN+tiBodIMRok0ISWuHgeqAUIIio8lXCqE27ZRfeGVMaIogs sfCQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=d2VhuhWev08n7KBuwrziMpMb5kDsTDxhBH5Dd01NiOE=; fh=MXFne/3XAK7RUtsOf/Btx/lXhXwtjQKdDpJclDZA50k=; b=OQn34FYyemt0Vcu36NVLjSWkaHdiiiAitC65T+bgDx51v2w1l71KfNb0OIsp1eC21h UveoKdzysSxgVdK1eRI+kq9CdItaRL72bK96cMLX54jJE4W0LyBLt7DWHSopmIUJ/TmQ nL4OLjBtlHtPRPlSVzXxyUjylLdmI2HL90+OFuW1Z/6bX3avROaoqH2ZiEi54RJeFR9G gWnV7OLM8Sta63MFjrxA/xn9Y1X8z+JWTCJQ74Pih8ZXI+hxYODNOawTSKMjnrh9ZhDb y/E6D4KMg2ish1S365BRF1sE3jswwS5EKBiEa8Jk+V78V8I0KHVXSAkx1Seg5xGbzKxx 3RLA==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="EoC/qt75"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-5d807cc4cc2si7141333a12.354.2024.12.24.08.02.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:49 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b="EoC/qt75"; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id DBD2C807F3; Tue, 24 Dec 2024 17:02:28 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="EoC/qt75"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 97374807F3; Tue, 24 Dec 2024 17:02:27 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf34.google.com (mail-qv1-xf34.google.com [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 6B18D807A7 for ; Tue, 24 Dec 2024 17:02:25 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf34.google.com with SMTP id 6a1803df08f44-6dd15d03eacso47435166d6.0 for ; Tue, 24 Dec 2024 08:02:25 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056144; x=1735660944; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=d2VhuhWev08n7KBuwrziMpMb5kDsTDxhBH5Dd01NiOE=; b=EoC/qt75n9dN5UJAxiISVXrXquMkZXGKQYJCdq6cC/R2+cIa/rGwHwmqJMabgICuIs GpmzjSMtSqnLEAMfb8nlCO6XVntWsS7qL6B1CmMK+ZgCKazNv7c4JcEjoRqIMz02a33o tjLEHn1Sg4D7f7eEq2QutSu+sxoiIC1UCIV8HXZj13+Tu5GDxgBYo956bMrpFwGn71k8 VM05uVRFzGaX7d/c6uPjo1jbhabBb0ozPGoeVF7+RtUA3lExeXaPzOr/7inK6gCAEdhx hbCE9GN2wZaGeMmSTI8UVeHq7+iHEs7tqx3kG3Fa53D61ZG+JNOXXYg3IAKjZ3ShYp4V 2HAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056144; x=1735660944; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=d2VhuhWev08n7KBuwrziMpMb5kDsTDxhBH5Dd01NiOE=; b=qBjHi6nYZO/K8wlkrkC+QaOZw4OoVjw1OSjjHG+qnstwJkeJFUDbT/OstDX+62nkjK wZXL/2/4eVPPDn6rOvH5cDeygbpCPwrFD1ZhA3uyxtsXGKf1iKLhUr7fSWMLa55nL/et g3dW0dVbETuxj9jJviXf7iasDuge7H2RAl3jhvOa/TTR0psEPrDJOpKdr7pRRrV4HTh6 GBlyGibDYMc1XyR9z2vlmStDAYID177pSijJLzml4W3N2xix1pOi85NvCBuAxxa7yF5h ekfJ7bKeIpoyHdm09MyPn3B2L7ioyCjhngUXSDQuzMqP/Bq0C8yaCH3UA38jOCQaFtQo xqBA== X-Gm-Message-State: AOJu0YxideLZiBEAiTYGFsUIEFBVsg4x2tFzUWYtL7iCRTKb20k+OI40 +MSLL6o2mMJi1nITfK0/SLJLUe6EtjSp91Y/2PZO65Dp3PM2kEv3o5nfr4wIMWMGiLtdZo9wGsk j X-Gm-Gg: ASbGncu/4lYx21JgXhNPpUXa7JrdfdnPhcVCYQNo7i/zhtSfVN3Vgc0pUyUhqVbKJG1 8meWcCoJ8GEo87BWCHRG2V983epzKIA4cxl0VwuAgE8/Q8uts5S51tsJdaZ18dzxc9FalzVgA0I T9ILf0b8kO6DRDNbQYyNuPu/kqpY7RJtts0lJdlwmsPQ3uyAbl+XOG8ysQlPdOJgd36lGArhQCe 5I3PZ47GaF8sqHCZcJKozXEBxsxGxH79n8uCEKlR9B/tZ90W0xxLHEgLtUuenE12dhRokEAWAvN F6XC5sAPkW2XwN+bksQz4RUw+xRxiUbjSKO9NqIc79ZnuBBTub+Qy08= X-Received: by 2002:a05:6214:5199:b0:6d4:ac4:c1cd with SMTP id 6a1803df08f44-6dd235aa23cmr267719436d6.8.1735056144217; Tue, 24 Dec 2024 08:02:24 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.02.23 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:23 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Simon Glass , Tim Harvey , Eddie James , Masahisa Kojima Subject: [PATCH v2 08/11] tpm: Simplify tcg2_create_digest() Date: Tue, 24 Dec 2024 08:01:10 -0800 Message-Id: <20241224160118.675977-9-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas A previous patch is storing the active PCR banks on the TPM private data. Instead of parsing them on the fly use the stored values. This allows us to simplify our checks during the log creation and parsing. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. lib/tpm_tcg2.c | 17 +++++------------ 1 file changed, 5 insertions(+), 12 deletions(-) diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c index e77a904129..9e63204f24 100644 --- a/lib/tpm_tcg2.c +++ b/lib/tpm_tcg2.c @@ -93,25 +93,18 @@ u32 tcg2_event_get_size(struct tpml_digest_values *digest_list) int tcg2_create_digest(struct udevice *dev, const u8 *input, u32 length, struct tpml_digest_values *digest_list) { + struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); u8 final[sizeof(union tpmu_ha)]; sha256_context ctx_256; sha512_context ctx_512; sha1_context ctx; - u32 active; size_t i; u32 len; - int rc; - - rc = tcg2_get_active_pcr_banks(dev, &active); - if (rc) - return rc; digest_list->count = 0; - for (i = 0; i < ARRAY_SIZE(hash_algo_list); ++i) { - if (!(active & hash_algo_list[i].hash_mask)) - continue; + for (i = 0; i < priv->active_bank_count; i++) { - switch (hash_algo_list[i].hash_alg) { + switch (priv->active_banks[i]) { case TPM2_ALG_SHA1: sha1_starts(&ctx); sha1_update(&ctx, input, length); @@ -138,12 +131,12 @@ int tcg2_create_digest(struct udevice *dev, const u8 *input, u32 length, break; default: printf("%s: unsupported algorithm %x\n", __func__, - hash_algo_list[i].hash_alg); + priv->active_banks[i]); continue; } digest_list->digests[digest_list->count].hash_alg = - hash_algo_list[i].hash_alg; + priv->active_banks[i]; memcpy(&digest_list->digests[digest_list->count].digest, final, len); digest_list->count++; From patchwork Tue Dec 24 16:01:11 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853204 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3983061wrq; Tue, 24 Dec 2024 08:02:58 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCXJ7iryulPE9ri2U4rMPs6bVoKrPpYJtGIt5IPqI4EZbahlUCoUfXu/il4aq3sZSDkSOBxCbA==@linaro.org X-Google-Smtp-Source: AGHT+IF/h+MNNo0o5guMiFYX0YN2K8MJxhXS9jWk+ISsshn3xqwJyqbmkPq0FWllYQfLuJ5CkEtE X-Received: by 2002:a17:907:2d93:b0:aa6:7c8e:808c with SMTP id a640c23a62f3a-aac3367569dmr1724487066b.17.1735056178091; Tue, 24 Dec 2024 08:02:58 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056178; cv=none; d=google.com; s=arc-20240605; b=X0HahkEs7v7Itx0wRi4QZmVyWIzAk3WD+ElfdhQW1SM/Yuv3rWGpQvz4vJfscRiwcV zNq96Bbw3+IynHkywS5oq/4/pCSCEytlecVzAO+LfwWEj0UvrMVY4GSg5CoVjVz71sPO eMWY3LFdBRrmMic185LTjASYgzfZLb4q/TKEdexL4pwGYkJErd6PLRozF1bYn8lUWt+F t78Xt25+IeWVHw9I49hHM/mvq4h6gvWGzcD9OzyIjjZ92rA0LaSyJnP+SA6dHNdnae1c w/thMF6ylUyl4lG+wvD+COGeUPDmnw9KRcwNczfB8ka0VQA1X00U3EijSjVHCkHI/d+V n9Ng== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=6f+1zk888DmInzSB52Q94w0za4Cy2rrga3HxC6WEDSU=; fh=2PQn9VYLpJKxCZvO/7KmIPfD9OVQ1hnJ0DtzeHBMtNQ=; b=cigqLGtKP0e+2OJrZcK6FD+CeTdohJpG5JCtDagWtronma32Cf4p7ZsfwfC3zeoHfx QC4JaYjDqwuVKG6JhIj9cYLiXx/4ZflogatEcxX3dpKoo073hHrTgBZ5nkWTRVSBoBoQ E6pIPhRi/KxpYuIVbi7uhstHvo+mQByhUttuikZVoc1DcIQulENg836ahEmZbqLTI5dr MxRm0AsY4lRigkANJJ1vzyc5eQLJzoj6NsTMsfGPSJlEu6+Vm8ZclmhIzpTkIDha822s 0vsiVpQmKv7OeLUFKcdqqEtwlyDxy6Aoy97CgvX0THnNYWLJisWIigfjM1+4is5zg+X7 lEcQ==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KN8L4Ni1; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id a640c23a62f3a-aac0e7f1101si729751466b.37.2024.12.24.08.02.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:58 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KN8L4Ni1; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4803180831; Tue, 24 Dec 2024 17:02:36 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="KN8L4Ni1"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 0BC72807DE; Tue, 24 Dec 2024 17:02:35 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf2c.google.com (mail-qv1-xf2c.google.com [IPv6:2607:f8b0:4864:20::f2c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id D28C0801F5 for ; Tue, 24 Dec 2024 17:02:31 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf2c.google.com with SMTP id 6a1803df08f44-6d91653e9d7so44495236d6.1 for ; Tue, 24 Dec 2024 08:02:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056150; x=1735660950; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=6f+1zk888DmInzSB52Q94w0za4Cy2rrga3HxC6WEDSU=; b=KN8L4Ni1bqIuM0cb7h7XRMrPFyh9X7y2k6Q0/z6dDzyFqR6FMMTzeZA3WgDwm53G4f 6CL6ySUkTxgCEs0Esa1b2i18P8t7xvCE7YDZn18qMmKlkdHQaYZnjp3ZNkYPOv0TH7e1 o16HsxkPe4u/tLmFRGZqYxvGwEP3mrislq1hYJPUjyFxL4PCEglw8NttBqUHLaZWFAwI UXutNWa3Gikr3ymMoi36ZloVqRB/DFk1Wfs2sr1RsmXp8NlU+Lc69qsa0T0JffkLnBEw 7aYgPe1uVuvTl92cVctefRRMD0MhHPnhzYa9O/Ri1JYoNQx2D6qxrSWBRT6Pez/bIGwS aZaw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056150; x=1735660950; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=6f+1zk888DmInzSB52Q94w0za4Cy2rrga3HxC6WEDSU=; b=TJho/kzP/9kUnnpclNbJD28rEWWjQEaX9G0I3GpXOZ3qWIEkrNdgxhPhbGRMESePL6 6GIwYwJNgH7cBgqNksEeRixW7DvKlCWum7AtHJbb+u3gIBEkGP9h2VUFqEzjdOQCQ3ys MBp3wWd0Ka697cGa+AqO21cZHc1MT4nAhRFQLP5q6dkMvkF1UGVghZpwd0DTA1t0mVOC Yt0LXonC8dunQB7bdjjAphuukbO7+hceHY1VjoJvN6aukmDziNQXgqRYejq9rOK1Ht49 siDeceecK/2U6t5gWs3l1pq7Xzw2LI2KmOjrwE2NNd5l8EDAj3zkLiQ0XzXZssco2awd LfwA== X-Gm-Message-State: AOJu0YzF9gVy9GW+vKyxCU/rySqSuihwPpP+rjruDl+IoeWMohm8n1i6 cal09gxsliAMVxFDg0sx9q3cNot6ZSo+3uYtbhkO8Uwg30ZuzTrONn9UfT5INeT/JpinpbAdNqb i X-Gm-Gg: ASbGncvslnC3jHso6JfCW6/NkCChrSCAqpNYfO2LTTZ0OQQMFmhfca1PA1yNAaPnX53 7XPiPBUlc2Irvh6ABv3XTrcwg4WP3UCE4UXgzzNoNuq/sqfWMvOYjNi8DjjGItL6KEHtZES5XtY CxCXf1WM2HZROMj4tkklML6onn/BWlELsS5ipKFSyt0uKm8KB6gAlcY/lngpfSLuOwULKyonyCw +dV5yPKr72g4aQGttgJojLTQkjtw5CpeFtvnGx/8I5qwNcUUvSfAp/JcV7QnVHIeLwfANRaCWau k3lGYDR09sKV4u8vnfg1TkcA7z61cSRXYsa9Cnp2FiatGRuhbFFNBQY= X-Received: by 2002:ad4:5ba5:0:b0:6d8:a84b:b50d with SMTP id 6a1803df08f44-6dd2339ff8cmr236448426d6.33.1735056150363; Tue, 24 Dec 2024 08:02:30 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.02.29 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:02:29 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Simon Glass , Tim Harvey , Masahisa Kojima , Eddie James Subject: [PATCH v2 09/11] tpm: Simplify tcg2_log_init() Date: Tue, 24 Dec 2024 08:01:11 -0800 Message-Id: <20241224160118.675977-10-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas A previous patch is storing the active PCR banks on the TPM private data. Instead of parsing them on the fly use the stored values. This allows us to simplify our checks during the log creation and parsing. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. lib/tpm_tcg2.c | 42 +++++++----------------------------------- 1 file changed, 7 insertions(+), 35 deletions(-) diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c index 9e63204f24..6c72688b80 100644 --- a/lib/tpm_tcg2.c +++ b/lib/tpm_tcg2.c @@ -207,37 +207,17 @@ static int tcg2_log_append_check(struct tcg2_event_log *elog, u32 pcr_index, static int tcg2_log_init(struct udevice *dev, struct tcg2_event_log *elog) { + struct tpm_chip_priv *priv = dev_get_uclass_priv(dev); struct tcg_efi_spec_id_event *ev; struct tcg_pcr_event *log; u32 event_size; u32 count = 0; u32 log_size; - u32 active; size_t i; u16 len; - int rc; - - rc = tcg2_get_active_pcr_banks(dev, &active); - if (rc) - return rc; + count = priv->active_bank_count; event_size = offsetof(struct tcg_efi_spec_id_event, digest_sizes); - for (i = 0; i < ARRAY_SIZE(hash_algo_list); ++i) { - if (!(active & hash_algo_list[i].hash_mask)) - continue; - - switch (hash_algo_list[i].hash_alg) { - case TPM2_ALG_SHA1: - case TPM2_ALG_SHA256: - case TPM2_ALG_SHA384: - case TPM2_ALG_SHA512: - count++; - break; - default: - continue; - } - } - event_size += 1 + (sizeof(struct tcg_efi_spec_id_event_algorithm_size) * count); log_size = offsetof(struct tcg_pcr_event, event) + event_size; @@ -264,19 +244,11 @@ static int tcg2_log_init(struct udevice *dev, struct tcg2_event_log *elog) ev->uintn_size = sizeof(size_t) / sizeof(u32); put_unaligned_le32(count, &ev->number_of_algorithms); - count = 0; - for (i = 0; i < ARRAY_SIZE(hash_algo_list); ++i) { - if (!(active & hash_algo_list[i].hash_mask)) - continue; - - len = hash_algo_list[i].hash_len; - if (!len) - continue; - - put_unaligned_le16(hash_algo_list[i].hash_alg, - &ev->digest_sizes[count].algorithm_id); - put_unaligned_le16(len, &ev->digest_sizes[count].digest_size); - count++; + for (i = 0; i < count; ++i) { + len = tpm2_algorithm_to_len(priv->active_banks[i]); + put_unaligned_le16(priv->active_banks[i], + &ev->digest_sizes[i].algorithm_id); + put_unaligned_le16(len, &ev->digest_sizes[i].digest_size); } *((u8 *)ev + (event_size - 1)) = 0; From patchwork Tue Dec 24 16:01:12 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Raymond Mao X-Patchwork-Id: 853205 Delivered-To: patch@linaro.org Received: by 2002:a5d:4888:0:b0:385:e875:8a9e with SMTP id g8csp3983435wrq; Tue, 24 Dec 2024 08:03:33 -0800 (PST) X-Forwarded-Encrypted: i=2; AJvYcCV9zVccnZSPaudLFVLGuJTVFESJksdtj7wcnduNUtrsnBf3wRhyfc2oH784nVvu7YvNFTpzJA==@linaro.org X-Google-Smtp-Source: AGHT+IHFY5aSdDthDKCgRI74bnHoc7oY9cpORm1hRuvggPENzVQZezrXVZWJh7j9uefB5tmThL60 X-Received: by 2002:a05:6402:26c6:b0:5d0:214b:96b0 with SMTP id 4fb4d7f45d1cf-5d81dd63cb2mr14184364a12.1.1735056213373; Tue, 24 Dec 2024 08:03:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1735056213; cv=none; d=google.com; s=arc-20240605; b=PTtQ/cYrupnFPtMgisoakbK3vgB/OLh9XpfYAO0R3/Qmi4VeTbVvNJW+6P8etBF4Th oMJlfBQ6QBXNKWIqQsigS2kQKbOnvTzDDUOjRR0Hz9T+GtyxKcEy1LQtjNwT4lZ5c+LN 0NHb9SOoBAf5iPSrT2/bi7ALIgDdYbe1s1Bi83QmRddpy6ihx1OzP0Vm1CbBRtQjJTpx VNCmHg6bGdcvQNh3/nzP1c4ijc/+zw5k4SYh3pvqA7hfYGppvy9dSJMnmhwT1+VNArgV ookQq+NH0Zeewd+L1zBD+lhf/dKNS5rPvLx5coV/ADyd/5i/2eEB0+QPRTzUt6EbPJU7 TWDw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=YAvA3mshwMDIE2JTbsGU2Gtir9eGqQna61gDRPthwZs=; fh=JwI1T3Njxx0vlNnAg5N5jQGYex21sQ2C4f5jT2UIKcY=; b=P9dl7mo1iBhyLEJW7mIHPCd2vJE/L4vxiqntaRP5QvmNFrKO9HttJ0vBeGJHkLgp1D y6l/upIqylUWBEOZsHyH7+CYLGuq8KzMHURZ2n0t+IO5or4PJDfHDgxirhF3obT0ko7l MgeOkwnEXXOC3pgUzKDmIWaS3BF9HvEymUATnTg2WPzZuhDgtbWPUORAndVMyFr47hNU /hDWpz1o6lC4N47aray4Lw5zmiNVxan1nL9j/SG5NFBk5/Ofi9U6Z5RJ34ReABf9Bj9U 2qMSMlh82WEFVRQODvaKI6h6sdMZJNgqq29LM/Tns9/iZmO37g8hNl+Nq7JnqP+3e0CH QEuw==; dara=google.com ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KW7gYCoM; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id 4fb4d7f45d1cf-5d80676f178si7418762a12.163.2024.12.24.08.03.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:03:33 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=KW7gYCoM; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org; dara=neutral header.i=@linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C097D80435; Tue, 24 Dec 2024 17:03:32 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="KW7gYCoM"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 5B2B2807A7; Tue, 24 Dec 2024 17:03:31 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED, SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-qv1-xf34.google.com (mail-qv1-xf34.google.com [IPv6:2607:f8b0:4864:20::f34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 14D8D80352 for ; Tue, 24 Dec 2024 17:03:29 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=raymond.mao@linaro.org Received: by mail-qv1-xf34.google.com with SMTP id 6a1803df08f44-6dd01781b56so59343996d6.0 for ; Tue, 24 Dec 2024 08:03:29 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; t=1735056208; x=1735661008; darn=lists.denx.de; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=YAvA3mshwMDIE2JTbsGU2Gtir9eGqQna61gDRPthwZs=; b=KW7gYCoMsB+q91gnUaMgKJQtHyb3rayeL17b2I/I7VKkoPkF94q/YzIStTEDuzLH9O zqOsivDgn4IspTMeOTZIWzjaxewUHzL2lRi0zsVbC9/A1ax+J8xZsjU4m04VrSOaljFb 3ZQLJCPhA3WAwCZDSP4Um4OuutRlu8ufKsexcfWbnNKCM1PkwqQQa9bltC9ZuqiTTVGh OEMaOFJHj+FPvwGMdSN3xqP6Efsps/SIUJfqwXbHnZsycc1vox4jcvSR1gTl0bZKbKWB aIeSohkCkLEQzVWsHYH+Zaqnb7LbjDVvbToyx9w7oSrACX3tud4Fl6lUJ+k7tJZtu67u 5XqQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1735056208; x=1735661008; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=YAvA3mshwMDIE2JTbsGU2Gtir9eGqQna61gDRPthwZs=; b=g+xzX8V3w1MH0xhckxRn+nPaRLwy0hQLifDFR+AccxAJHlcbjvabREUpkFfruGbfjN to87whRSRDwkOGV4LuEDtr5/kcjxxEWUA5fRv4wpRbNa8JSF339d+u1I+z7LmXRl8aaP 53N5KysPSREAcNE4hOQxtGa7Spa1d82Ow/ZigKKXjIIXQFHk9w7JBjf2s5AYKF741Hhz /ngjtxhkZNkf2z4iLxBDWOWI2FnWAXfq+mCaQ1kRrUIGRA3zJ3Sl4e25H9F5l0RX327i PvPs4cceC67PW4ZI+R4hhDXTgwAscrPZxxJ5ZnpJaT8C+ryh3gjB25gAZp74Zu9ou7Fp 1zSA== X-Gm-Message-State: AOJu0Yzn1tzLYsoghVHw36QP8tePoyrBuf20YjDTWbbWoGIULsqJ8Ocz 8E1ucdxRwPsn6K6/JyCVnLoFF2LtwZyJvDcSBr/tnHcLxSiAROWA9ApWSsanvdOmf/U8ob6iWYK G X-Gm-Gg: ASbGncu0MA2Ld1BkF7hOtXU8z1qG87awpURpLiHCAh/ItOo4YmcVAWHpMpETsqGCUpB thLgQexydchTyu9X8M+NQhH4XrMO4jRPIqdX7Li2oQ6hsbSlxtKCBNUhRw+eREoNq6CjsoWj7Su bIjFBtYQIdFxaaJwhbYywUnU7GaolO2WTjk+49W2IaFsazZsgu2ACCW0PNuYlLKv0/O01hYMfV3 YUJfX2976/WbMZ0FpjcLylV1XI8u0Vd6fP9qqBLm4Sb+GmkeBu7RqVu2t22RDIruROdRRHpO8xK K1QSDZC4Cu/CRhc5mgoc8aiPGdn1bH8XKjLaqCl4qMysmrkGEv+s4EY= X-Received: by 2002:a05:6214:401c:b0:6d8:9a85:5b4d with SMTP id 6a1803df08f44-6dd2332ed93mr321298706d6.5.1735056207558; Tue, 24 Dec 2024 08:03:27 -0800 (PST) Received: from ubuntu.localdomain (pool-174-114-184-37.cpe.net.cable.rogers.com. [174.114.184.37]) by smtp.gmail.com with ESMTPSA id 6a1803df08f44-6dd181d432asm53840816d6.110.2024.12.24.08.03.25 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Dec 2024 08:03:26 -0800 (PST) From: Raymond Mao To: u-boot@lists.denx.de Cc: Ilias Apalodimas , Raymond Mao , Tom Rini , Heinrich Schuchardt , Tim Harvey , Simon Glass , Eddie James , Masahisa Kojima Subject: [PATCH v2 10/11] tpm: Don't replay an EventLog if tcg2_log_parse() fails Date: Tue, 24 Dec 2024 08:01:12 -0800 Message-Id: <20241224160118.675977-11-raymond.mao@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241224160118.675977-1-raymond.mao@linaro.org> References: <20241224160118.675977-1-raymond.mao@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.8 at phobos.denx.de X-Virus-Status: Clean From: Ilias Apalodimas We used to stop replaying an EventLog if parsing failed, but that got lost in commit 97707f12fdab ("tpm: Support boot measurements"). When an EventLog is passed yo us from a previous bootloader, we want to validate it as much as we can and make sure the defined PCR banks of the log exist in our TPM and firmware so we can replay it if needed or use it as-in, in case the PCRs are already extended. So let's add the checks back and while at it simplify the logic of rejecting an EventLog. Signed-off-by: Ilias Apalodimas Signed-off-by: Raymond Mao --- Changes in v2 - None. lib/tpm_tcg2.c | 56 ++++++++++++++++++++++++++++---------------------- 1 file changed, 31 insertions(+), 25 deletions(-) diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c index 6c72688b80..37818fcc85 100644 --- a/lib/tpm_tcg2.c +++ b/lib/tpm_tcg2.c @@ -359,7 +359,6 @@ static int tcg2_log_parse(struct udevice *dev, struct tcg2_event_log *elog) u16 len; int rc; u32 i; - u16 j; if (elog->log_size <= offsetof(struct tcg_pcr_event, event)) return 0; @@ -398,40 +397,51 @@ static int tcg2_log_parse(struct udevice *dev, struct tcg2_event_log *elog) if (evsz != calc_size) return 0; - rc = tcg2_get_active_pcr_banks(dev, &active); - if (rc) - return rc; - + /* + * Go through the algorithms the EventLog contains. If the EventLog + * algorithms don't match the active TPM ones exit and report the + * erroneous banks. + * We've already checked that U-Boot supports all the enabled TPM + * algorithms, so just check the EvenLog against the TPM active ones. + */ digest_list.count = 0; log_active = 0; - for (i = 0; i < count; ++i) { algo = get_unaligned_le16(&event->digest_sizes[i].algorithm_id); mask = tcg2_algorithm_to_mask(algo); - if (!(active & mask)) - return 0; - switch (algo) { case TPM2_ALG_SHA1: case TPM2_ALG_SHA256: case TPM2_ALG_SHA384: case TPM2_ALG_SHA512: len = get_unaligned_le16(&event->digest_sizes[i].digest_size); - if (tpm2_algorithm_to_len(algo) != len) - return 0; + if (tpm2_algorithm_to_len(algo) != len) { + log_err("EventLog invalid algorithm length\n"); + return -1; + } digest_list.digests[digest_list.count++].hash_alg = algo; break; default: - return 0; + /* + * We can ignore this if the TPM PCRs is not extended + * by the previous bootloader. But for now just exit + */ + log_err("EventLog has unsupported algorithm 0x%x\n", + algo); + return -1; } - log_active |= mask; } - /* Ensure the previous firmware extended all the PCRs. */ - if (log_active != active) - return 0; + rc = tcg2_get_active_pcr_banks(dev, &active); + if (rc) + return rc; + /* If the EventLog and active algorithms don't match exit */ + if (log_active != active) { + log_err("EventLog doesn't contain all active PCR banks\n"); + return -1; + } /* Read PCR0 to check if previous firmware extended the PCRs or not. */ rc = tcg2_pcr_read(dev, 0, &digest_list); @@ -439,17 +449,13 @@ static int tcg2_log_parse(struct udevice *dev, struct tcg2_event_log *elog) return rc; for (i = 0; i < digest_list.count; ++i) { - len = tpm2_algorithm_to_len(digest_list.digests[i].hash_alg); - for (j = 0; j < len; ++j) { - if (digest_list.digests[i].digest.sha512[j]) - break; - } + u8 hash_buf[TPM2_SHA512_DIGEST_SIZE] = { 0 }; + u16 hash_alg = digest_list.digests[i].hash_alg; - /* PCR is non-zero; it has been extended, so skip extending. */ - if (j != len) { + if (memcmp((u8 *)&digest_list.digests[i].digest, hash_buf, + tpm2_algorithm_to_len(hash_alg))) digest_list.count = 0; - break; - } + } return tcg2_replay_eventlog(elog, dev, &digest_list,