[SLOF] [PATCH 1/3] tcgbios: Only write logs for PCRs that are allocated
Stefan Berger
stefanb at linux.vnet.ibm.com
Sun Mar 29 06:38:57 AEDT 2020
From: Stefan Berger <stefanb at linux.ibm.com>
Only write the logs for those PCRs that are allocated in
banks.
Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
---
lib/libtpm/tcgbios.c | 35 +++++++++++++++++++++++++----------
1 file changed, 25 insertions(+), 10 deletions(-)
diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index fa2ab2b..aa0ef5a 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -237,7 +237,7 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256,
struct tpms_pcr_selection *sel;
void *nsel, *end;
void *dest = le->hdr.digests + sizeof(struct TPML_DIGEST_VALUES);
- uint32_t count;
+ uint32_t count, numAlgs;
struct TPMT_HA *v;
struct TPML_DIGEST_VALUES *vs;
@@ -245,7 +245,7 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256,
end = (void *)tpm_state.tpm20_pcr_selection +
tpm_state.tpm20_pcr_selection_size;
- for (count = 0;
+ for (count = 0, numAlgs = 0;
count < be32_to_cpu(tpm_state.tpm20_pcr_selection->count);
count++) {
int hsize;
@@ -255,6 +255,12 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256,
if (nsel > end)
break;
+ /* PCR 0-7 unused ? -- skip */
+ if (sel->pcrSelect[0] == 0) {
+ sel = nsel;
+ continue;
+ }
+
hsize = tpm20_get_hash_buffersize(be16_to_cpu(sel->hashAlg));
if (hsize < 0) {
dprintf("TPM is using an unsupported hash: %d\n",
@@ -280,6 +286,8 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256,
dest += sizeof(*v) + hsize;
sel = nsel;
+
+ numAlgs++;
}
if (sel != end) {
@@ -289,9 +297,9 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256,
vs = (void*)le->hdr.digests;
if (bigEndian)
- vs->count = cpu_to_be32(count);
+ vs->count = cpu_to_be32(numAlgs);
else
- vs->count = cpu_to_le32(count);
+ vs->count = cpu_to_le32(numAlgs);
return dest - (void*)le->hdr.digests;
}
@@ -643,13 +651,13 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
struct tpm_log_entry le = {
.hdr.eventtype = cpu_to_log32(EV_NO_ACTION),
};
- uint32_t count;
+ uint32_t count, numAlgs;
sel = tpm_state.tpm20_pcr_selection->selections;
end = (void*)tpm_state.tpm20_pcr_selection +
tpm_state.tpm20_pcr_selection_size;
- for (count = 0;
+ for (count = 0, numAlgs = 0;
count < be32_to_cpu(tpm_state.tpm20_pcr_selection->count);
count++) {
int hsize;
@@ -659,6 +667,12 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
if (nsel > end)
break;
+ /* PCR 0-7 unused ? -- skip */
+ if (sel->pcrSelect[0] == 0) {
+ sel = nsel;
+ continue;
+ }
+
hsize = tpm20_get_hash_buffersize(be16_to_cpu(sel->hashAlg));
if (hsize < 0) {
dprintf("TPM is using an unsupported hash: %d\n",
@@ -673,9 +687,10 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
return -1;
}
- event.hdr.digestSizes[count].algorithmId =
+ event.hdr.digestSizes[numAlgs].algorithmId =
cpu_to_log16(be16_to_cpu(sel->hashAlg));
- event.hdr.digestSizes[count].digestSize = cpu_to_log16(hsize);
+ event.hdr.digestSizes[numAlgs].digestSize = cpu_to_log16(hsize);
+ numAlgs++;
sel = nsel;
}
@@ -685,9 +700,9 @@ static int tpm20_write_EfiSpecIdEventStruct(void)
return -1;
}
- event.hdr.numberOfAlgorithms = cpu_to_log32(count);
+ event.hdr.numberOfAlgorithms = cpu_to_log32(numAlgs);
event_size = offset_of(struct TCG_EfiSpecIdEventStruct,
- digestSizes[count]);
+ digestSizes[numAlgs]);
vendorInfoSize = (void*)&event + event_size;
*vendorInfoSize = 0;
event_size += sizeof(*vendorInfoSize);
--
2.24.1
More information about the SLOF
mailing list