[PATCH 2/2] efi: Add basic EFI_TCG2_PROTOCOL support
Simon Glass
sjg at chromium.org
Wed Nov 4 19:08:42 CET 2020
Hi Ilias,
On Wed, 4 Nov 2020 at 06:48, Ilias Apalodimas
<ilias.apalodimas at linaro.org> wrote:
>
> Since U-boot EFI implementation is getting richer it makes sense to
> add support for EFI_TCG2_PROTOCOL taking advantage of any hardware TPM
> available on the device.
>
> This is the initial implementation of the protocol which only adds
> support for GetCapability(). It's limited in the newer and safer
> TPMv2 devices.
>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
> The protocol requires mode that GetCapability to be usable.
> I intend to add support for GetEventLog() and HashLogExtendEvent() once
> this gets reviewed/merged
> include/efi_loader.h | 2 +
> include/efi_tcg2.h | 91 ++++++++
> include/tpm-v2.h | 48 ++++
> lib/efi_loader/Kconfig | 8 +
> lib/efi_loader/Makefile | 1 +
> lib/efi_loader/efi_setup.c | 7 +
> lib/efi_loader/efi_tcg2.c | 460 +++++++++++++++++++++++++++++++++++++
> 7 files changed, 617 insertions(+)
> create mode 100644 include/efi_tcg2.h
> create mode 100644 lib/efi_loader/efi_tcg2.c
How can we add tests for this? We have a basic TPM emulator available
so perhaps it could be used to create a sandbox test?
Regards,
Simon
More information about the U-Boot
mailing list