On Tue, Apr 09, 2024 at 11:32:44AM -0400, Stefan Berger wrote: > > > On 4/9/24 04:30, Gary Lin via Grub-devel wrote: > > From: Hernan Gatta <[email protected]> > > > > A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to > > compose, submit, and parse TPM commands and responses. > > > > A limited number of TPM commands may be accessed via the EFI TCG2 > > protocol. This protocol exposes functionality that is primarily geared > > toward TPM usage within the context of Secure Boot. For all other TPM > > commands, however, such as sealing and unsealing, this protocol does not > > provide any help, with the exception of passthrough command submission. > > > > The SubmitCommand method allows a caller to send raw commands to the > > system's TPM and to receive the corresponding response. These > > command/response pairs are formatted using the TPM wire protocol. To > > construct commands in this way, and to parse the TPM's response, it is > > necessary to, first, possess knowledge of the various TPM structures, and, > > second, of the TPM wire protocol itself. > > > > As such, this patch includes a set of header files that define the > > necessary TPM structures and TSS functions, implementations of various > > TPM2_* functions (inventoried below), and logic to write and read command > > and response buffers, respectively, using the TPM wire protocol. > > > > Functions: TPM2_Create, TPM2_CreatePrimary, TPM2_EvictControl, > > TPM2_FlushContext, TPM2_Load, TPM2_PCR_Read, TPM2_PolicyGetDigest, > > TPM2_PolicyPCR, TPM2_ReadPublic, TPM2_StartAuthSession, TPM2_Unseal, > > TPM2_LoadExternal, TPM2_HashSequenceStart, TPM2_SequenceUpdate, > > TPM2_SequenceComplete, TPM2_Hash, TPM2_VerifySignature, > > TPM2_PolicyAuthorize, TPM2_TestParms > > > > Signed-off-by: Hernan Gatta <[email protected]> > > Signed-off-by: Gary Lin <[email protected]> > > --- > > grub-core/tpm2/buffer.c | 145 +++ > > grub-core/tpm2/mu.c | 1150 ++++++++++++++++++++++ > > grub-core/tpm2/tcg2.c | 143 +++ > > grub-core/tpm2/tpm2.c | 1221 ++++++++++++++++++++++++ > > Apart from that this is 'a lot' (and maybe more complete than it needs to > be) There are some commands added in the early development stage but ended up not used. I kept those commands since they are already there and may be useful in some day.
> the only thing that cought my attention was that most times you have a > default: handler in a case statements, occasionally it's missing. Maybe you > should add some missing default: handlers. > Oops, thanks for spotting that. I'll add those missing default: handlers. > Also, Synopsis should extend Coverity to provide Reviewed-by's :-). > That could be a nice feature :) Thanks, Gary Lin _______________________________________________ Grub-devel mailing list [email protected] https://lists.gnu.org/mailman/listinfo/grub-devel
