[PATCH v6 3/3] tpm: get tpm event log from bloblist

Ilias Apalodimas ilias.apalodimas at linaro.org
Thu Jan 23 16:54:22 CET 2025 

On Thu, 23 Jan 2025 at 17:51, Raymond Mao <raymond.mao at linaro.org> wrote:
>
> Hi Ilias,
>
> On Thu, 23 Jan 2025 at 02:00, Ilias Apalodimas <ilias.apalodimas at linaro.org> wrote:
>>
>> Hi Raymond
>>
>> On Fri, 17 Jan 2025 at 18:36, Raymond Mao <raymond.mao at linaro.org> wrote:
>> >
>> > Get tpm event log from bloblist instead of FDT when bloblist is
>> > enabled and valid from previous boot stage.
>> >
>> > Signed-off-by: Raymond Mao <raymond.mao at linaro.org>
>> > ---
>> > Changes in v2
>> > - Remove patch dependency.
>> > - Remove the fallback to FDT when BLOBLIST is selected.
>> > Changes in v3
>> > - Malloc an 8KB buffer when user eventlog buffer does not exist.
>> > Changes in v4
>> > - Replace the default eventlog size with TPM2_EVENT_LOG_SIZE.
>> > Changes in v5
>> > - Replace TPM2_EVENT_LOG_SIZE with CONFIG_TPM2_EVENT_LOG_SIZE.
>> > - Add an inline TODO comment.
>> > Changes in v6
>> > - Remove the malloc and keep the buffer pointed by "sml" for the fallback
>> >   as it is the right place for linux to discover the eventlog.
>> >
>> >  lib/tpm_tcg2.c | 58 +++++++++++++++++++++++++++++++++-----------------
>> >  1 file changed, 38 insertions(+), 20 deletions(-)
>> >
>> > diff --git a/lib/tpm_tcg2.c b/lib/tpm_tcg2.c
>> > index 4134d93a35..6425bf143a 100644
>> > --- a/lib/tpm_tcg2.c
>> > +++ b/lib/tpm_tcg2.c
>> > @@ -5,6 +5,7 @@
>> >
>> >  #include <dm.h>
>> >  #include <dm/of_access.h>
>> > +#include <malloc.h>
>>
>> This is probably a leftover from your V2
>>
>
> Yes, I will remove it.
>
>>
>> >  #include <tpm_api.h>
>> >  #include <tpm-common.h>
>> >  #include <tpm-v2.h>
>> > @@ -19,6 +20,7 @@
>> >  #include <linux/unaligned/generic.h>
>> >  #include <linux/unaligned/le_byteshift.h>
>> >  #include "tpm-utils.h"
>> > +#include <bloblist.h>
>> >
>> >  int tcg2_get_pcr_info(struct udevice *dev, u32 *supported_bank, u32 *active_bank,
>> >                       u32 *bank_num)
>> > @@ -672,21 +674,40 @@ void tcg2_measurement_term(struct udevice *dev, struct tcg2_event_log *elog,
>> >
>> >  __weak int tcg2_platform_get_log(struct udevice *dev, void **addr, u32 *size)
>> >  {
>> > -       const __be32 *addr_prop;
>> > -       const __be32 *size_prop;
>> > +       const __be32 *addr_prop = NULL;
>> > +       const __be32 *size_prop = NULL;
>> >         int asize;
>> >         int ssize;
>> > +       struct ofnode_phandle_args args;
>> > +       phys_addr_t a;
>> > +       fdt_size_t s;
>> >
>> >         *addr = NULL;
>> >         *size = 0;
>> >
>> > -       addr_prop = dev_read_prop(dev, "tpm_event_log_addr", &asize);
>> > -       if (!addr_prop)
>> > -               addr_prop = dev_read_prop(dev, "linux,sml-base", &asize);
>> > +       *addr = bloblist_get_blob(BLOBLISTT_TPM_EVLOG, size);
>> > +       if (*addr && *size)
>>
>> Don't we need map_physmem here as well?
>>
>
> I don't think so. Unlike the ones from dt, bloblist_get_blob() returns a virtual address.

It can if it runs on sandbox.


>
> Regards,
> Raymond
>
>>
>> Thanks
>> /Ilias
>> > +               return 0;
>> >
>> > -       size_prop = dev_read_prop(dev, "tpm_event_log_size", &ssize);
>> > -       if (!size_prop)
>> > +       /*
>> > +        * TODO:
>> > +        * Replace BLOBLIST with a new kconfig for handoff all components
>> > +        * (fdt, tpm event log, etc...) from previous boot stage via bloblist
>> > +        * mandatorily following Firmware Handoff spec.
>> > +        */
>> > +       if (!CONFIG_IS_ENABLED(BLOBLIST)) {
>> > +               addr_prop = dev_read_prop(dev, "tpm_event_log_addr", &asize);
>> > +               size_prop = dev_read_prop(dev, "tpm_event_log_size", &ssize);
>> > +       }
>> > +
>> > +       /*
>> > +        * If no eventlog was observed, a sml buffer is required for the kernel
>> > +        * to discover the eventlog.
>> > +        */
>> > +       if (!addr_prop || !size_prop) {
>> > +               addr_prop = dev_read_prop(dev, "linux,sml-base", &asize);
>> >                 size_prop = dev_read_prop(dev, "linux,sml-size", &ssize);
>> > +       }
>> >
>> >         if (addr_prop && size_prop) {
>> >                 u64 a = of_read_number(addr_prop, asize / sizeof(__be32));
>> > @@ -694,22 +715,19 @@ __weak int tcg2_platform_get_log(struct udevice *dev, void **addr, u32 *size)
>> >
>> >                 *addr = map_physmem(a, s, MAP_NOCACHE);
>> >                 *size = (u32)s;
>> > -       } else {
>> > -               struct ofnode_phandle_args args;
>> > -               phys_addr_t a;
>> > -               fdt_size_t s;
>> >
>> > -               if (dev_read_phandle_with_args(dev, "memory-region", NULL, 0,
>> > -                                              0, &args))
>> > -                       return -ENODEV;
>> > +               return 0;
>> > +       }
>> > +
>> > +       if (dev_read_phandle_with_args(dev, "memory-region", NULL, 0, 0, &args))
>> > +               return -ENODEV;
>> >
>> > -               a = ofnode_get_addr_size(args.node, "reg", &s);
>> > -               if (a == FDT_ADDR_T_NONE)
>> > -                       return -ENOMEM;
>> > +       a = ofnode_get_addr_size(args.node, "reg", &s);
>> > +       if (a == FDT_ADDR_T_NONE)
>> > +               return -ENOMEM;
>> >
>> > -               *addr = map_physmem(a, s, MAP_NOCACHE);
>> > -               *size = (u32)s;
>> > -       }
>> > +       *addr = map_physmem(a, s, MAP_NOCACHE);
>> > +       *size = (u32)s;
>> >
>> >         return 0;
>> >  }
>> > --
>> > 2.25.1
>> >

More information about the U-Boot mailing list