[PATCH 00/11] Tpm exit with error when algorithm dismatches
Raymond Mao
raymond.mao at linaro.org
Mon Dec 23 15:47:22 CET 2024
This patch series add the logic to report errors when:
1. An eventlog is handed over from the previous boot stage but TPM device
was configurated with an algorithm that does not exist in the eventlog.
2. TPM device was configurated with an algorithm that is not supported by
U-Boot.
3. Failures observed when parsing the eventlog.
In all above cases, tpm_tcg2 should exit with error and prompt logs.
Moveover, this series include miscellaneous fixes and refactoring to
simplify the logics in tpm and tpm_tcg2.
Ilias Apalodimas (8):
efi_loader: Don't warn if the TCG2 FinalEvents table is not installed
tpm: Rename tpm2_is_active_pcr()
tpm: Rename tpm2_allow_extend()
tpm: Don't create an EventLog if algorithms are misconfigured
tpm: Keep the active PCRs in the chip private data
tpm: Simplify tcg2_create_digest()
tpm: Simplify tcg2_log_init()
tpm: Don't replay an EventLog if tcg2_log_parse() fails
Raymond Mao (3):
tpm: refactor tcg2_get_pcr_info()
tpm: add flag in hash_algo_list and API to check if algorithm is
supported
tpm: add kconfig control in tcg2_create_digest()
include/tpm-common.h | 18 +++-
include/tpm-v2.h | 65 ++++++++-----
include/tpm_tcg2.h | 12 +--
lib/efi_loader/efi_tcg2.c | 2 +-
lib/tpm-v2.c | 72 +++++++++++++--
lib/tpm_tcg2.c | 190 ++++++++++++++++++++------------------
6 files changed, 230 insertions(+), 129 deletions(-)
--
2.25.1
More information about the U-Boot
mailing list