[SeaBIOS] [PATCH 0/3] tpm: Extend PCRs in all available PCR banks
Stefan Berger
stefanb at linux.vnet.ibm.com
Tue Jul 19 19:41:53 CEST 2016
This series of patches extends the TPM2 code to extend the BIOS related
PCRs 0-7 in all available banks. This prevents that these PCRs remain
untouched and filled with bogus values by applications. For example, the
SHA1 hash is extended into the SHA256 bank. The value that is extended
into this bank is essentially a SHA1 with zero bytes used for filling it to
the size of a sha256 hash. This is done for all PCR banks of the TPM2
where these PCRs are available.
Regards,
Stefan
Stefan Berger (3):
tpm: Retrieve the PCR Bank configuration
tpm: Restructure tpm20_extend to use buffer and take hash as parameter
tpm: Extend tpm20_extend to support extending to multiple PCR banks
src/std/tcg.h | 45 +++++++++++++--
src/tcgbios.c | 175 +++++++++++++++++++++++++++++++++++++++++++++++++++++-----
2 files changed, 201 insertions(+), 19 deletions(-)
--
2.5.5
More information about the SeaBIOS
mailing list