[SLOF] [PATCH] tpm: Add firmware API call 2HASH-EXT-LOG
Alexey Kardashevskiy
aik at ozlabs.ru
Mon Jul 12 13:19:22 AEST 2021
On 09/07/2021 07:36, Stefan Berger wrote:
> From: Stefan Berger <stefanb at linux.ibm.com>
>
> Add a new firmware API call with the name 2HASH-EXT-LOG that will be used
> by trusted grub for measuring, logging, and extending TPM PCRs.
>
> Signed-off-by: Stefan Berger <stefanb at linux.ibm.com>
Applied this one too, thanks.
> ---
> board-qemu/slof/vio-vtpm-cdriver.fs | 11 +++++++++++
> lib/libtpm/tcgbios.c | 15 +++++++++++++++
> lib/libtpm/tcgbios.h | 4 ++++
> lib/libtpm/tpm.code | 18 ++++++++++++++++++
> lib/libtpm/tpm.in | 1 +
> 5 files changed, 49 insertions(+)
>
> diff --git a/board-qemu/slof/vio-vtpm-cdriver.fs b/board-qemu/slof/vio-vtpm-cdriver.fs
> index 51b3b9f..df966a2 100644
> --- a/board-qemu/slof/vio-vtpm-cdriver.fs
> +++ b/board-qemu/slof/vio-vtpm-cdriver.fs
> @@ -46,6 +46,17 @@ LOG-SIZE BUFFER: log-base
> tpm-driver-get-failure-reason ( reason )
> ;
>
> +\ firmware API call
> +: 2hash-ext-log ( pcr eventtype info info-len data data-len -- success?)
> + vtpm-debug? IF
> + ." Call to 2hash-ext-log" cr
> + THEN
> + tpm-2hash-ext-log ( success? )
> + dup 0= IF
> + ." VTPM: tpm-2hash-ext-log failed: " dup . cr
> + THEN
> +;
> +
> 0 0 s" ibm,sml-efi-reformat-supported" property
>
> \ firmware API call
> diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
> index d3deccb..d611576 100644
> --- a/lib/libtpm/tcgbios.c
> +++ b/lib/libtpm/tcgbios.c
> @@ -929,6 +929,21 @@ uint32_t tpm_hash_log_extend_event_buffer(uint32_t pcrindex, uint32_t eventtype,
> data, datalen);
> }
>
> +uint32_t tpm_2hash_ext_log(uint32_t pcrindex,
> + uint32_t eventtype,
> + const char *info, uint32_t infolen,
> + const void *data, uint64_t datalen)
> +{
> + uint32_t ret;
> +
> + ret = tpm_add_measurement_to_log(pcrindex, eventtype,
> + info, infolen,
> + data, datalen);
> + if (!ret)
> + return (uint32_t)-1; // TRUE
> + return 0; // FALSE
> +}
> +
> /*
> * Add an EV_ACTION measurement to the list of measurements
> */
> diff --git a/lib/libtpm/tcgbios.h b/lib/libtpm/tcgbios.h
> index 0e7fb8c..021e219 100644
> --- a/lib/libtpm/tcgbios.h
> +++ b/lib/libtpm/tcgbios.h
> @@ -37,5 +37,9 @@ uint32_t tpm_hash_log_extend_event_buffer(uint32_t pcrindex,
> const void *data, uint64_t datalen,
> const char *desc, uint32_t desclen,
> bool is_elf);
> +uint32_t tpm_2hash_ext_log(uint32_t pcrindex,
> + uint32_t eventtype,
> + const char *info, uint32_t infolen,
> + const void *data, uint64_t datalen);
>
> #endif /* TCGBIOS_H */
> diff --git a/lib/libtpm/tpm.code b/lib/libtpm/tpm.code
> index d67d2c3..f5e1d39 100644
> --- a/lib/libtpm/tpm.code
> +++ b/lib/libtpm/tpm.code
> @@ -188,3 +188,21 @@ PRIM(tpm_X2d_hash_X2d_log_X2d_extend_X2d_event_X2d_buffer)
> data, datalen,
> desc, desclen, is_elf);
> MIRP
> +
> +/****************************************************************************************/
> +/* Firmware API */
> +/* SLOF: tpm-2hash-ext-log ( pcr event-type info info-len data data-len -- success? ) */
> +/* LIBTPM: success = tpm-2hash-ext-log */
> +/****************************************************************************************/
> +PRIM(tpm_X2d_2hash_X2d_ext_X2d_log)
> + uint32_t datalen = TOS.u; POP;
> + const void *data = TOS.a; POP;
> + uint64_t infolen = TOS.u; POP;
> + const char *info = TOS.a; POP;
> + uint32_t eventtype = TOS.u; POP;
> + uint32_t pcrindex = TOS.u;
> +
> + TOS.u = tpm_2hash_ext_log(pcrindex, eventtype,
> + info, infolen,
> + data, datalen);
> +MIRP
> diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
> index fb54754..2f80624 100644
> --- a/lib/libtpm/tpm.in
> +++ b/lib/libtpm/tpm.in
> @@ -29,3 +29,4 @@ cod(tpm-gpt-set-lba1)
> cod(tpm-gpt-add-entry)
> cod(tpm-measure-gpt)
> cod(tpm-hash-log-extend-event-buffer)
> +cod(tpm-2hash-ext-log)
>
--
Alexey
More information about the SLOF
mailing list