[PATCH v3 2/2] tpm: get tpm event log from bloblist

Ilias Apalodimas ilias.apalodimas at linaro.org
Fri Jan 10 14:32:06 CET 2025 

On Thu, 9 Jan 2025 at 17:09, Raymond Mao <raymond.mao at linaro.org> wrote:
>
> Get tpm event log from bloblist instead of FDT when bloblist is
> enabled and valid from previous boot stage.
>
> As a fallback, when no event log from previous stage is observed
> and no user buffer is passed, malloc an 8KB buffer to initialize
> the event log.
>
> Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> ---
> Changes in v2
> - Remove patch dependency.
> - Remove the fallback to FDT when BLOBLIST is selected.
> Changes in v3
> - Malloc an 8KB buffer when user eventlog buffer does not exist.
>
>  include/tpm_tcg2.h |  2 ++
>  lib/tpm_tcg2.c     | 55 ++++++++++++++++++++++++++++++----------------
>  2 files changed, 38 insertions(+), 19 deletions(-)
>
> diff --git a/include/tpm_tcg2.h b/include/tpm_tcg2.h
> index 6519004cc4..6ea316888b 100644
> --- a/include/tpm_tcg2.h
> +++ b/include/tpm_tcg2.h
> @@ -65,6 +65,8 @@
>  #define EFI_DTB_EVENT_STRING \
>         "DTB DATA"
>
> +#define EVENT_LOG_DEF_BUF_SIZE 0x2000

That's too small for an eventlog. We have a confog option for the TCG
eventlog size (EFI_TCG2_PROTOCOL_EVENTLOG_SIZE). I'd prefer decoupling
this from EFI only and using that instead.

Cheers
/Ilias
> +
>  /**
>   *  struct TCG_EfiSpecIdEventAlgorithmSize - hashing algorithm information
>   *
> diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c
> index 7f868cc883..d880b14888 100644
> --- a/lib/tpm_tcg2.c
> +++ b/lib/tpm_tcg2.c
> @@ -5,6 +5,7 @@
>
>  #include <dm.h>
>  #include <dm/of_access.h>
> +#include <malloc.h>
>  #include <tpm_api.h>
>  #include <tpm-common.h>
>  #include <tpm-v2.h>
> @@ -19,6 +20,7 @@
>  #include <linux/unaligned/generic.h>
>  #include <linux/unaligned/le_byteshift.h>
>  #include "tpm-utils.h"
> +#include <bloblist.h>
>
>  int tcg2_get_pcr_info(struct udevice *dev, u32 *supported_pcr, u32 *active_pcr,
>                       u32 *pcr_banks)
> @@ -607,15 +609,24 @@ int tcg2_log_prepare_buffer(struct udevice *dev, struct tcg2_event_log *elog,
>                 elog->found = log.found;
>         }
>
> +       if (elog->found)
> +               return 0;
> +
>         /*
> -        * Initialize the log buffer if no log was discovered and the buffer is
> -        * valid. User's can pass in their own buffer as a fallback if no
> -        * memory region is found.
> +        * Initialize the log buffer if no log was discovered.
> +        * User can pass in their own buffer as a fallback if no memory region
> +        * is found, else malloc a buffer if it does not exist.
>          */
> -       if (!elog->found && elog->log_size)
> -               rc = tcg2_log_init(dev, elog);
> +       if (!elog->log_size) {
> +               elog->log = malloc(EVENT_LOG_DEF_BUF_SIZE);
> +               if (!elog->log)
> +                       return -ENOMEM;
> +
> +               memset(elog->log, 0, EVENT_LOG_DEF_BUF_SIZE);
> +               elog->log_size = EVENT_LOG_DEF_BUF_SIZE;
> +       }
>
> -       return rc;
> +       return tcg2_log_init(dev, elog);
>  }
>
>  int tcg2_measurement_init(struct udevice **dev, struct tcg2_event_log *elog,
> @@ -668,10 +679,19 @@ __weak int tcg2_platform_get_log(struct udevice *dev, void **addr, u32 *size)
>         const __be32 *size_prop;
>         int asize;
>         int ssize;
> +       struct ofnode_phandle_args args;
> +       phys_addr_t a;
> +       fdt_size_t s;
>
>         *addr = NULL;
>         *size = 0;
>
> +       *addr = bloblist_get_blob(BLOBLISTT_TPM_EVLOG, size);
> +       if (*addr && *size)
> +               return 0;
> +       else if (CONFIG_IS_ENABLED(BLOBLIST))
> +               return -ENODEV;
> +
>         addr_prop = dev_read_prop(dev, "tpm_event_log_addr", &asize);
>         if (!addr_prop)
>                 addr_prop = dev_read_prop(dev, "linux,sml-base", &asize);
> @@ -686,22 +706,19 @@ __weak int tcg2_platform_get_log(struct udevice *dev, void **addr, u32 *size)
>
>                 *addr = map_physmem(a, s, MAP_NOCACHE);
>                 *size = (u32)s;
> -       } else {
> -               struct ofnode_phandle_args args;
> -               phys_addr_t a;
> -               fdt_size_t s;
>
> -               if (dev_read_phandle_with_args(dev, "memory-region", NULL, 0,
> -                                              0, &args))
> -                       return -ENODEV;
> +               return 0;
> +       }
>
> -               a = ofnode_get_addr_size(args.node, "reg", &s);
> -               if (a == FDT_ADDR_T_NONE)
> -                       return -ENOMEM;
> +       if (dev_read_phandle_with_args(dev, "memory-region", NULL, 0, 0, &args))
> +               return -ENODEV;
>
> -               *addr = map_physmem(a, s, MAP_NOCACHE);
> -               *size = (u32)s;
> -       }
> +       a = ofnode_get_addr_size(args.node, "reg", &s);
> +       if (a == FDT_ADDR_T_NONE)
> +               return -ENOMEM;
> +
> +       *addr = map_physmem(a, s, MAP_NOCACHE);
> +       *size = (u32)s;
>
>         return 0;
>  }
> --
> 2.25.1
>

More information about the U-Boot mailing list