|
| From: | Stefan Berger |
| Subject: | Re: [PATCH v2 6/6] ibmvtpm: Add support for trusted boot using a vTPM 2.0 |
| Date: | Tue, 13 Dec 2022 13:18:34 -0500 |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.5.1 |
On 12/13/22 11:35, Daniel Kiper wrote:
On Thu, Dec 01, 2022 at 04:12:01PM -0500, Stefan Berger wrote:Add support for trusted boot using a vTPM 2.0 on the IBM IEEE1275 PowerPC platform. With this patch grub now measures text and binary data into the TPM's PCRs 8 and 9 in the same way as the x86_64 platform does.
+} + +grub_err_t +grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr, + const char *description) +{ + grub_err_t err = tpm_init ();This should happen on module load. Then code in tpm_init() and here should be much simpler.
I tried moving this into GRUB_MOD_INIT() but at that point it doesn't succeed
to find the device it seems. I have to repeat the tpm_init () call then later
on in this function here when an actual measurement is to be done and then it
is able to find the device. I'd rather leave it as-is now.
It looked like this:
GRUB_MOD_INIT (ibmvtpm)
{
init_success = tpm_init ();
}
GRUB_MOD_FINI (ibmvtpm)
{
if (tpm_ihandle != IEEE1275_IHANDLE_INVALID)
grub_ieee1275_close (tpm_ihandle);
}
Stefan
+ /* Absence of a TPM isn't a failure. */ + if (err != GRUB_ERR_NONE) + return GRUB_ERR_NONE; + + grub_dprintf ("tpm", "log_event, pcr = %d, size = 0x%" PRIxGRUB_SIZE ", %s\n", + pcr, size, description); + + if (tpm_version == 2) + return tpm2_log_event (buf, size, pcr, description); + + return GRUB_ERR_NONE; +}Daniel
| [Prev in Thread] | Current Thread | [Next in Thread] |