[PATCH 2/5] efi_loader: add secure boot variable measurement
Simon Glass
sjg at chromium.org
Wed Jul 7 19:37:01 CEST 2021
Hi Masahisa,
On Wed, 7 Jul 2021 at 07:36, Masahisa Kojima <masahisa.kojima at linaro.org> wrote:
>
> TCG PC Client PFP spec requires to measure the secure
> boot policy before validating the UEFI image.
> This commit adds the secure boot variable measurement
> of "SecureBoot", "PK", "KEK", "db" and "dbx".
>
> Note that this implementation assumes that secure boot
> variables are pre-configured and not be set/updated in runtime.
>
> Signed-off-by: Masahisa Kojima <masahisa.kojima at linaro.org>
> ---
> include/efi_tcg2.h | 20 ++++++
> lib/efi_loader/efi_tcg2.c | 135 ++++++++++++++++++++++++++++++++++++++
> 2 files changed, 155 insertions(+)
Where are the tests for this code, please?
Regards,
Simon
More information about the U-Boot
mailing list