[PATCH v2] efi_loader: tcg2: Return success even when TPM device is not found

Michal Simek michal.simek at xilinx.com
Mon Nov 29 15:26:03 CET 2021


For systems which have TPM support enabled but actual device is missing
there is no reason to show a message that measurement failed in
efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for
cases where TPM device is not found.
The reason is that other parts of the code return also EFI_NOT_FOUND in
tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error
code can't be checked but still it needs to be reported.

The same logic is also used in efi_tcg2_get_eventlog() added by
commit c8d0fd582576 ("efi_loader: Introduce eventlog support for
TCG2_PROTOCOL").

Signed-off-by: Michal Simek <michal.simek at xilinx.com>
---

Changes in v2:
- Change subject and description
- Change logic in different location
- Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.1638191161.git.michal.simek@xilinx.com

 lib/efi_loader/efi_tcg2.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
index 8c1f22e3377b..db785f4d8c27 100644
--- a/lib/efi_loader/efi_tcg2.c
+++ b/lib/efi_loader/efi_tcg2.c
@@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
 
 	ret = platform_get_tpm2_device(&dev);
 	if (ret != EFI_SUCCESS)
-		return ret;
+		/* don't fail when TPM is not found */
+		return EFI_SUCCESS;
 
 	switch (handle->image_type) {
 	case IMAGE_SUBSYSTEM_EFI_APPLICATION:
-- 
2.33.1



More information about the U-Boot mailing list