diff options
| author | Stefan Berger <stefanb@linux.ibm.com> | 2020-03-30 08:10:27 -0400 |
|---|---|---|
| committer | Alexey Kardashevskiy <aik@ozlabs.ru> | 2020-05-13 11:25:23 +1000 |
| commit | 753e473813bfa2f2a7c64ccfc4690b978e557d64 (patch) | |
| tree | 61274080eed14d509d2442d21151d169c2f2896f | |
| parent | 283d88c46c1d4d2ae65f0a3eaf582d0c124d37db (diff) | |
| download | SLOF-753e473813bfa2f2a7c64ccfc4690b978e557d64.zip SLOF-753e473813bfa2f2a7c64ccfc4690b978e557d64.tar.gz SLOF-753e473813bfa2f2a7c64ccfc4690b978e557d64.tar.bz2 | |
tcgbios: Only write logs for PCRs that are allocated
Only write the logs for those PCRs that are allocated in
banks.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>
| -rw-r--r-- | lib/libtpm/tcgbios.c | 35 |
1 files changed, 25 insertions, 10 deletions
diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c index be6c3d1..34b792b 100644 --- a/lib/libtpm/tcgbios.c +++ b/lib/libtpm/tcgbios.c @@ -236,7 +236,7 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256, struct tpms_pcr_selection *sel; void *nsel, *end; void *dest = le->hdr.digests + sizeof(struct TPML_DIGEST_VALUES); - uint32_t count; + uint32_t count, numAlgs; struct TPMT_HA *v; struct TPML_DIGEST_VALUES *vs; @@ -244,7 +244,7 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256, end = (void *)tpm_state.tpm20_pcr_selection + tpm_state.tpm20_pcr_selection_size; - for (count = 0; + for (count = 0, numAlgs = 0; count < be32_to_cpu(tpm_state.tpm20_pcr_selection->count); count++) { int hsize; @@ -254,6 +254,12 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256, if (nsel > end) break; + /* PCR 0-7 unused ? -- skip */ + if (!sizeOfSelect || sel->pcrSelect[0] == 0) { + sel = nsel; + continue; + } + hsize = tpm20_get_hash_buffersize(be16_to_cpu(sel->hashAlg)); if (hsize < 0) { dprintf("TPM is using an unsupported hash: %d\n", @@ -279,6 +285,8 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256, dest += sizeof(*v) + hsize; sel = nsel; + + numAlgs++; } if (sel != end) { @@ -288,9 +296,9 @@ static int tpm20_build_digest(struct tpm_log_entry *le, const uint8_t *sha256, vs = (void*)le->hdr.digests; if (bigEndian) - vs->count = cpu_to_be32(count); + vs->count = cpu_to_be32(numAlgs); else - vs->count = cpu_to_le32(count); + vs->count = cpu_to_le32(numAlgs); return dest - (void*)le->hdr.digests; } @@ -642,13 +650,13 @@ static int tpm20_write_EfiSpecIdEventStruct(void) struct tpm_log_entry le = { .hdr.eventtype = cpu_to_log32(EV_NO_ACTION), }; - uint32_t count; + uint32_t count, numAlgs; sel = tpm_state.tpm20_pcr_selection->selections; end = (void*)tpm_state.tpm20_pcr_selection + tpm_state.tpm20_pcr_selection_size; - for (count = 0; + for (count = 0, numAlgs = 0; count < be32_to_cpu(tpm_state.tpm20_pcr_selection->count); count++) { int hsize; @@ -658,6 +666,12 @@ static int tpm20_write_EfiSpecIdEventStruct(void) if (nsel > end) break; + /* PCR 0-7 unused ? -- skip */ + if (!sizeOfSelect || sel->pcrSelect[0] == 0) { + sel = nsel; + continue; + } + hsize = tpm20_get_hash_buffersize(be16_to_cpu(sel->hashAlg)); if (hsize < 0) { dprintf("TPM is using an unsupported hash: %d\n", @@ -672,9 +686,10 @@ static int tpm20_write_EfiSpecIdEventStruct(void) return -1; } - event.hdr.digestSizes[count].algorithmId = + event.hdr.digestSizes[numAlgs].algorithmId = cpu_to_log16(be16_to_cpu(sel->hashAlg)); - event.hdr.digestSizes[count].digestSize = cpu_to_log16(hsize); + event.hdr.digestSizes[numAlgs].digestSize = cpu_to_log16(hsize); + numAlgs++; sel = nsel; } @@ -684,9 +699,9 @@ static int tpm20_write_EfiSpecIdEventStruct(void) return -1; } - event.hdr.numberOfAlgorithms = cpu_to_log32(count); + event.hdr.numberOfAlgorithms = cpu_to_log32(numAlgs); event_size = offset_of(struct TCG_EfiSpecIdEventStruct, - digestSizes[count]); + digestSizes[numAlgs]); vendorInfoSize = (void*)&event + event_size; *vendorInfoSize = 0; event_size += sizeof(*vendorInfoSize); |