[U-Boot] [PATCH v3 12/25] tpm: add TPM2_PCR_Read command support
Simon Glass
sjg at chromium.org
Thu May 3 02:32:10 UTC 2018
Hi Miquel,
On 2 May 2018 at 02:59, Miquel Raynal <miquel.raynal at bootlin.com> wrote:
> Add support for the TPM2_PCR_Read command.
>
> Change the command file and the help accordingly.
>
> Signed-off-by: Miquel Raynal <miquel.raynal at bootlin.com>
> ---
> cmd/tpm-v2.c | 27 +++++++++++++++++++++++++++
> include/tpm-v2.h | 11 +++++++++++
> lib/tpm-v2.c | 43 +++++++++++++++++++++++++++++++++++++++++++
> 3 files changed, 81 insertions(+)
>
Reviewed-by: Simon Glass <sjg at chromium.org>
nits below
> diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c
> index 6e19adbfe6..a61d751b4a 100644
> --- a/cmd/tpm-v2.c
> +++ b/cmd/tpm-v2.c
> @@ -86,6 +86,28 @@ static int do_tpm2_pcr_extend(cmd_tbl_t *cmdtp, int flag, int argc,
> return report_return_code(tpm2_pcr_extend(index, digest));
> }
>
> +static int do_tpm_pcr_read(cmd_tbl_t *cmdtp, int flag, int argc,
> + char * const argv[])
> +{
> + u32 index, rc;
> + unsigned int updates;
> + void *data;
> +
> + if (argc != 3)
> + return CMD_RET_USAGE;
> +
> + index = simple_strtoul(argv[1], NULL, 0);
> + data = (void *)simple_strtoul(argv[2], NULL, 0);
data = map_sysmem(simple...(), 0);
so that it works on sandbox.
[...]
> +/**
> + * Issue a TPM2_PCR_Read command.
> + *
> + * @param index Index of the PCR
> + * @param data Output buffer for contents of the named PCR
> + * @param updates Optional out parameter: number of updates for this PCR
> + *
> + * @return return code of the operation
For new code we should use
@index: Index of the PCR
@data: Output ...
@updates: Optional ....
@return ..
> + */
> +u32 tpm2_pcr_read(u32 index, void *data, unsigned int *updates);
> +
> #endif /* __TPM_V2_H */
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 2696f8145d..d557b08f8b 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -115,3 +115,46 @@ u32 tpm2_pcr_extend(u32 index, const uint8_t *digest)
>
> return tpm_sendrecv_command(command_v2, NULL, NULL);
> }
> +
> +u32 tpm2_pcr_read(u32 index, void *data, unsigned int *updates)
> +{
> + u8 command_v2[COMMAND_BUFFER_SIZE] = {
> + tpm_u16(TPM2_ST_NO_SESSIONS), /* TAG */
> + tpm_u32(20), /* Length */
> + tpm_u32(TPM2_CC_PCR_READ), /* Command code */
> +
> + /* TPML_PCR_SELECTION */
> + tpm_u32(1), /* Number of selections */
> + tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */
> + 3, /* Array size for selection */
> + /* bitmap(index) Selected PCR bitmap */
> + };
> + size_t response_len = COMMAND_BUFFER_SIZE;
> + u8 response[COMMAND_BUFFER_SIZE];
> + unsigned int counter = 0;
> + u8 pcr_sel[3] = {};
> + int ret;
> +
> + if (index >= 24)
What is 24?
> + return TPM_LIB_ERROR;
> +
> + pcr_sel[index / 8] = BIT(index % 8);
> + if (pack_byte_string(command_v2, COMMAND_BUFFER_SIZE, "bbb",
> + 17, pcr_sel[0], 18, pcr_sel[1], 19, pcr_sel[2]))
> + return TPM_LIB_ERROR;
> +
> + ret = tpm_sendrecv_command(command_v2, response, &response_len);
> + if (ret)
> + return ret;
> +
> + if (unpack_byte_string(response, response_len, "ds",
> + 10, &counter,
> + response_len - TPM2_DIGEST_LEN, data,
> + TPM2_DIGEST_LEN))
> + return TPM_LIB_ERROR;
> +
> + if (updates)
> + *updates = counter;
> +
> + return 0;
> +}
> --
> 2.14.1
>
Regards,
Simon
More information about the U-Boot
mailing list