[PATCH v2] efi_loader: tcg2: Return success even when TPM device is not found
Ilias Apalodimas
ilias.apalodimas at linaro.org
Mon Nov 29 15:55:48 CET 2021
On Mon, 29 Nov 2021 at 16:26, Michal Simek <michal.simek at xilinx.com> wrote:
>
> For systems which have TPM support enabled but actual device is missing
> there is no reason to show a message that measurement failed in
> efi_load_pe(). To ensure that the patch is returning EFI_SUCCESS even for
> cases where TPM device is not found.
> The reason is that other parts of the code return also EFI_NOT_FOUND in
> tcg2_measure_pe_image() (e.g efi_search_protocol) that's why this error
> code can't be checked but still it needs to be reported.
>
> The same logic is also used in efi_tcg2_get_eventlog() added by
> commit c8d0fd582576 ("efi_loader: Introduce eventlog support for
> TCG2_PROTOCOL").
>
> Signed-off-by: Michal Simek <michal.simek at xilinx.com>
> ---
>
> Changes in v2:
> - Change subject and description
> - Change logic in different location
> - Origin thread was https://lore.kernel.org/r/657a869c04e9b09e3bd2e6fd74ff94320b7fbe9b.1638191161.git.michal.simek@xilinx.com
>
> lib/efi_loader/efi_tcg2.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 8c1f22e3377b..db785f4d8c27 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -888,7 +888,8 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
>
> ret = platform_get_tpm2_device(&dev);
> if (ret != EFI_SUCCESS)
> - return ret;
> + /* don't fail when TPM is not found */
> + return EFI_SUCCESS;
>
> switch (handle->image_type) {
> case IMAGE_SUBSYSTEM_EFI_APPLICATION:
> --
> 2.33.1
>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
More information about the U-Boot
mailing list