[PATCH] tpm: measure DTB in PCR1 instead of PCR0

Eddie James eajames at linux.ibm.com
Fri Jun 14 23:31:44 CEST 2024 

On 6/14/24 07:09, Ilias Apalodimas wrote:
> The PC client spec [0], doesn't describe measurements for DTBs. It does
> describe what do to for ACPI tables though.
>
> There is a description for ACPI in 3.3.4.1 PCR[0] – SRTM, POST BIOS,
> and Embedded Drivers and they explicitly mention ACPI in there. There's
> no mention of ACPI in 3.3.4.2 PCR[1] – Host Platform Configuration.
>
> However, in Figure 6 --  PCR Mapping of UEFI Components ACPI is shown
> in PCR1. The general description also mentions PCR0 is for code and PCR1
> is for data such as ACPI and SMBIOS.


Thanks, looks correct.

Reviewed-by: Eddie James <eajames at linux.ibm.com>


>
> So let's switch over the DTB measurements to PCR1 which seems a better
> fit.
>
> [0] https://trustedcomputinggroup.org/resource/pc-client-specific-platform-firmware-profile-specification
>
> Reported-by: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
>   boot/bootm.c              | 2 +-
>   lib/efi_loader/efi_tcg2.c | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/boot/bootm.c b/boot/bootm.c
> index 6fa8edab021e..3de87eb185d7 100644
> --- a/boot/bootm.c
> +++ b/boot/bootm.c
> @@ -963,7 +963,7 @@ int bootm_measure(struct bootm_headers *images)
>   			goto unmap_initrd;
>
>   		if (IS_ENABLED(CONFIG_MEASURE_DEVICETREE)) {
> -			ret = tcg2_measure_data(dev, &elog, 0, images->ft_len,
> +			ret = tcg2_measure_data(dev, &elog, 1, images->ft_len,
>   						(u8 *)images->ft_addr,
>   						EV_TABLE_OF_DEVICES,
>   						strlen("dts") + 1,
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 51264c1b998c..a8a54c9f131d 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -1328,7 +1328,7 @@ efi_status_t efi_tcg2_measure_dtb(void *dtb)
>   	sha256_update(&hash_ctx, (u8 *)dtb + fdt_off_mem_rsvmap(dtb), rsvmap_size);
>   	sha256_finish(&hash_ctx, blob->data + blob->blob_description_size);
>
> -	ret = measure_event(dev, 0, EV_POST_CODE, event_size, (u8 *)blob);
> +	ret = measure_event(dev, 1, EV_POST_CODE, event_size, (u8 *)blob);
>
>   	free(blob);
>   	return ret;
> --
> 2.45.1
>

More information about the U-Boot mailing list