Hi Michal,
On Mon, 29 Nov 2021 at 15:06, Michal Simek <michal.si...@xilinx.com> wrote:
>
> For systems which have TPM support enabled but actual device is missing
> there is no reason to show a message that measurement failed.
> That's why properly check error code which is returned.
>
> Signed-off-by: Michal Simek <michal.si...@xilinx.com>
> ---
>
> lib/efi_loader/efi_image_loader.c | 5 +++--
> 1 file changed, 3 insertions(+), 2 deletions(-)
>
> diff --git a/lib/efi_loader/efi_image_loader.c
> b/lib/efi_loader/efi_image_loader.c
> index eb95580538cc..c6a254dc25dd 100644
> --- a/lib/efi_loader/efi_image_loader.c
> +++ b/lib/efi_loader/efi_image_loader.c
> @@ -934,8 +934,9 @@ efi_status_t efi_load_pe(struct efi_loaded_image_obj
> *handle,
>
> #if CONFIG_IS_ENABLED(EFI_TCG2_PROTOCOL)
> /* Measure an PE/COFF image */
> - if (tcg2_measure_pe_image(efi, efi_size, handle,
> - loaded_image_info))
> + ret = tcg2_measure_pe_image(efi, efi_size, handle,
> + loaded_image_info);
> + if (ret && ret != EFI_NOT_FOUND)
> log_err("PE image measurement failed\n");
> #endif
Indeed that's needed. Looking at it again though maybe it's better to
add an identical check in tcg2_measure_pe_image() and return
EFI_SUCCESS if platform_get_tpm2_device() returned EFI_NOT_FOUND. The
reason is that other parts of the code return EFI_NOT_FOUND in that
function (e.g efi_search_protocol). So we need to make sure we report
the error in that case.
>
> --
> 2.33.1
>
Thanks
/Ilias
