[PATCH 2/3] tpm: remove check on pcr bank count

Benjamin BARATTE benjamin.baratte at st.com
Mon Jul 15 15:33:18 CEST 2024


The number of PCR banks return by the tpm2_get_pcr_info() is related to
TPM supported list of hash algorithm that could be greater than thus
supported by U-Boot. This is not an issue as long as the PCR active bank
hash an hash algorithm supported by U-Boot.
Therefore, checking the number of PCR bank supported by the dTPM and
thus supported by U-Boot doesn't make sense.
This test shall be removed or shall reflect the maximum hash algorithm
defined by the TPM2.0 spec 1.59 which is 8 hash algorithms.

Signed-off-by: Benjamin BARATTE <benjamin.baratte at st.com>
---

 lib/tpm-v2.c | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
index 59e6cbafaf..64a2f15fee 100644
--- a/lib/tpm-v2.c
+++ b/lib/tpm-v2.c
@@ -413,14 +413,6 @@ int tpm2_get_pcr_info(struct udevice *dev, struct tpml_pcr_selection *pcrs)
                return ret;

        pcrs->count = get_unaligned_be32(response);
-       /*
-        * We only support 4 algorithms for now so check against that
-        * instead of TPM2_NUM_PCR_BANKS
-        */
-       if (pcrs->count > 4 || pcrs->count < 1) {
-               printf("%s: too many pcrs: %u\n", __func__, pcrs->count);
-               return -EMSGSIZE;
-       }

        ret = tpm2_get_num_pcr(dev, &num_pcr);
        if (ret)
--
2.34.1

ST Restricted


More information about the U-Boot mailing list