Re: [PATCH] tpm: Export the function to set up the TPM log

Sat, 24 May 2025 11:00:52 -0700 

Thanks Tom

On Sat, 24 May 2025 at 17:26, Tom Rini <tr...@konsulko.com> wrote:
>
> On Sat, May 24, 2025 at 08:13:46AM -0600, Simon Glass wrote:
>
> > In some cases, we may wish to set up the TPM log under full control of
> > a driver in U-Boot. Export the required function to make this possible.
> >
> > This avoids calling the weak function tcg2_platform_get_log() when the
> > caller already knows where the log is.

This doesn't make too much sense to me. If the caller knows where the
log is, he needs to replay it in hardware.  Which also means you need
to check the logs vs the active PCR banks.

This has all been abstracted in tcg2_measurement_init().
The UEFI subsystem calls tcg2_log_prepare_buffer(), but that's a
remnant from when measured boot was only supported in EFI. I was
planning to get rid of it and call tcg2_measurement_init() from EFI as
well.

Is there a reason you can't use that? Is it slowing down the boot time
significantly?

Thanks
/Ilias
> >
> > Signed-off-by: Simon Glass <s...@chromium.org>
> > ---
> >
> >  include/tpm_tcg2.h | 9 +++++++++
> >  lib/tpm_tcg2.c     | 2 +-
> >  2 files changed, 10 insertions(+), 1 deletion(-)
> >
> > diff --git a/include/tpm_tcg2.h b/include/tpm_tcg2.h
> > index eb6afe49e77..189a93ee840 100644
> > --- a/include/tpm_tcg2.h
> > +++ b/include/tpm_tcg2.h
> > @@ -345,4 +345,13 @@ void tcg2_platform_startup_error(struct udevice *dev, 
> > int rc);
> >   */
> >  u32 tcg2_algorithm_to_mask(enum tpm2_algorithms);
> >
> > +/**
> > + * tcg2_log_init() - Set up the elog
> > + *
> > + * @dev: TPM device, used to find the number of PCRs
> > + * @elog     Platform event log
> > + * Return: zero on success, negative errno otherwise
> > + */
> > +int tcg2_log_init(struct udevice *dev, struct tcg2_event_log *elog);
> > +
> >  #endif /* __TPM_TCG_V2_H */
> > diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c
> > index c314b401d0b..9909d9e14d5 100644
> > --- a/lib/tpm_tcg2.c
> > +++ b/lib/tpm_tcg2.c
> > @@ -220,7 +220,7 @@ static int tcg2_log_append_check(struct tcg2_event_log 
> > *elog, u32 pcr_index,
> >       return 0;
> >  }
> >
> > -static int tcg2_log_init(struct udevice *dev, struct tcg2_event_log *elog)
> > +int tcg2_log_init(struct udevice *dev, struct tcg2_event_log *elog)
> >  {
> >       struct tpm_chip_priv *priv = dev_get_uclass_priv(dev);
> >       struct tcg_efi_spec_id_event *ev;
> > --
> > 2.43.0
> >
> > base-commit: bab54f5942c428be698216224fd10b91d974d4da
> > branch: tpma
>
> This is based on mainline, but you forgot to CC the TPM maintainer.
>
> --
> Tom

Reply via email to