[PATCH 00/11] Tpm exit with error when algorithm dismatches

Tue Dec 24 08:10:49 CET 2024

Hi Raymond,

Overall this looks good. I could apply patch #4 manually but git am
failed for -master or -next. Can you send a v2 and fix that?

Thanks
/Ilias

On Mon, 23 Dec 2024 at 16:47, Raymond Mao <raymond.mao at linaro.org> wrote:
>
> This patch series add the logic to report errors when:
> 1. An eventlog is handed over from the previous boot stage but TPM device
>    was configurated with an algorithm that does not exist in the eventlog.
> 2. TPM device was configurated with an algorithm that is not supported by
>    U-Boot.
> 3. Failures observed when parsing the eventlog.
>
> In all above cases, tpm_tcg2 should exit with error and prompt logs.
>
> Moveover, this series include miscellaneous fixes and refactoring to
> simplify the logics in tpm and tpm_tcg2.
>
> Ilias Apalodimas (8):
>   efi_loader: Don't warn if the TCG2 FinalEvents table is not installed
>   tpm: Rename tpm2_is_active_pcr()
>   tpm: Rename tpm2_allow_extend()
>   tpm: Don't create an EventLog if algorithms are misconfigured
>   tpm: Keep the active PCRs in the chip private data
>   tpm: Simplify tcg2_create_digest()
>   tpm: Simplify tcg2_log_init()
>   tpm: Don't replay an EventLog if tcg2_log_parse() fails
>
> Raymond Mao (3):
>   tpm: refactor tcg2_get_pcr_info()
>   tpm: add flag in hash_algo_list and API to check if algorithm is
>     supported
>   tpm: add kconfig control in tcg2_create_digest()
>
>  include/tpm-common.h      |  18 +++-
>  include/tpm-v2.h          |  65 ++++++++-----
>  include/tpm_tcg2.h        |  12 +--
>  lib/efi_loader/efi_tcg2.c |   2 +-
>  lib/tpm-v2.c              |  72 +++++++++++++--
>  lib/tpm_tcg2.c            | 190 ++++++++++++++++++++------------------
>  6 files changed, 230 insertions(+), 129 deletions(-)
>
> --
> 2.25.1
>