[PATCH v5 3/3] tpm: get tpm event log from bloblist
Simon Glass
sjg at chromium.org
Sat Jan 18 05:31:12 CET 2025
Hi Ilias,
On Thu, 16 Jan 2025 at 07:35, Ilias Apalodimas <ilias.apalodimas at linaro.org>
wrote:
>
> On Wed, 15 Jan 2025 at 03:17, Simon Glass <sjg at chromium.org> wrote:
> >
> > Hi Raymond,
> >
> > On Tue, 14 Jan 2025 at 08:20, Raymond Mao <raymond.mao at linaro.org>
wrote:
> > >
> > > Get tpm event log from bloblist instead of FDT when bloblist is
> > > enabled and valid from previous boot stage.
> > >
> > > As a fallback, when no event log from previous stage is observed
> > > and no user buffer is passed, malloc a default buffer to initialize
> > > the event log.
> > >
> > > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
> > > ---
> > > Changes in v2
> > > - Remove patch dependency.
> > > - Remove the fallback to FDT when BLOBLIST is selected.
> > > Changes in v3
> > > - Malloc an 8KB buffer when user eventlog buffer does not exist.
> > > Changes in v4
> > > - Replace the default eventlog size with TPM2_EVENT_LOG_SIZE.
> > > Changes in v5
> > > - Replace TPM2_EVENT_LOG_SIZE with CONFIG_TPM2_EVENT_LOG_SIZE.
> > > - Add an inline TODO comment.
> > >
> > > lib/tpm_tcg2.c | 61
++++++++++++++++++++++++++++++++++----------------
> > > 1 file changed, 42 insertions(+), 19 deletions(-)
> >
> > Reviewed-by: Simon Glass <sjg at chromium.org>
> >
> > nit in case you respin again: -ENODEV is for driver model, when there
> > is no device. It is actually handling specially by driver model. So
> > -ENOENT is what I try to use for things that don't exist but aren't
> > devices.
> >
>
> +1,
>
>
> > >
> > > diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c
> > > index 4134d93a35..2d9076f091 100644
> > > --- a/lib/tpm_tcg2.c
> > > +++ b/lib/tpm_tcg2.c
> > > @@ -5,6 +5,7 @@
> > >
> > > #include <dm.h>
> > > #include <dm/of_access.h>
> > > +#include <malloc.h>
> > > #include <tpm_api.h>
> > > #include <tpm-common.h>
> > > #include <tpm-v2.h>
> > > @@ -19,6 +20,7 @@
> > > #include <linux/unaligned/generic.h>
> > > #include <linux/unaligned/le_byteshift.h>
> > > #include "tpm-utils.h"
> > > +#include <bloblist.h>
> > >
> > > int tcg2_get_pcr_info(struct udevice *dev, u32 *supported_bank, u32
*active_bank,
> > > u32 *bank_num)
> > > @@ -615,15 +617,24 @@ int tcg2_log_prepare_buffer(struct udevice
*dev, struct tcg2_event_log *elog,
> > > elog->found = log.found;
> > > }
> > >
> > > + if (elog->found)
> > > + return 0;
> > > +
> > > /*
> > > - * Initialize the log buffer if no log was discovered and the
buffer is
> > > - * valid. User's can pass in their own buffer as a fallback
if no
> > > - * memory region is found.
> > > + * Initialize the log buffer if no log was discovered.
> > > + * User can pass in their own buffer as a fallback if no
memory region
> > > + * is found, else malloc a buffer if it does not exist.
> > > */
> > > - if (!elog->found && elog->log_size)
> > > - rc = tcg2_log_init(dev, elog);
> > > + if (!elog->log_size) {
> > > + elog->log = malloc(CONFIG_TPM2_EVENT_LOG_SIZE);
> > > + if (!elog->log)
> > > + return -ENOMEM;
> > > +
> > > + memset(elog->log, 0, CONFIG_TPM2_EVENT_LOG_SIZE);
> > > + elog->log_size = CONFIG_TPM2_EVENT_LOG_SIZE;
>
> Why are you doing this? There are 2 ways to pass an EventLog to the
> kernel. Either via a config table from EFI, or using sml-base and
> sml-size in a DT (which are both required). IOW you will create an
> EventLog no one will discover
My understanding is that it is still added to those tables (e.g. EFI).
Linux does not see the bloblist structure.
Regards,
Simon
More information about the U-Boot
mailing list