[PATCH 0/2] add selftest for EFI_TCG2_PROTOCOL and Measured Boot

[Masahisa Kojima]

This patch series adds the selftest for the EFI_TCG2_PROTOCOL and
Measured Boot flow.
This selftest is verified on qemu with swtpm.

This covers most of the functionalities, but there are some
limitations and TODO items.

[Limitation]
- tcg2 selftest must run at the beginning of the efi_selftest because
  some measurement occurs in efi_tcg2_register() and boottime->image_load().
  Need to configure the efi_selftest with "setenv efi_selftest tcg2; bootefi selftest"
- Skip ExitBootService measurement test
   - EFI application can not read PCR after calling ExitBootService
- Skip EventLog Validation
   - Measured Boot measures U-Boot version, so EventLog varies every build having
     different commit hash.
- Skip PCR[0] validation
   - PCR[0] include U-Boot version measurement, this value varies every build
     having different commit hash.
- Skip PCR[7] validation
   - Secure Boot Variables can not be updated through efi_selftest.
- The initial PCR value of PCR[17 - 22] is all 0xff, I'm not sure
  it is expected or not.

[TODO]
- GPT measurement test
- Secure Boot Variable test
- Eventlog validation

Masahisa Kojima (2):
  efi_loader: add missing const qualifier
  efi_selftest: add selftest for EFI_TCG2_PROTOCOL and Measured Boot

 include/efi_api.h                             |   2 +-
 lib/efi_loader/efi_boottime.c                 |   5 +-
 lib/efi_selftest/Makefile                     |  10 +
 .../efi_selftest_miniapp_measuredboot.c       |  93 ++
 lib/efi_selftest/efi_selftest_tcg2.c          | 804 +++++++++++++++++-
 5 files changed, 910 insertions(+), 4 deletions(-)
 create mode 100644 lib/efi_selftest/efi_selftest_miniapp_measuredboot.c

-- 
2.17.1