[SeaBIOS] [PATCH v2 2/6] tpm: Restructure tpm20_extend to use buffer and take hash as parameter
Stefan Berger
stefanb at linux.vnet.ibm.com
Tue Jul 26 17:19:49 CEST 2016
Restructure the tpm20_extend function to use a buffer for the
command to send to the TPM. The size of the buffer is calculated
from the size of tpm2_req_extend structure and the appended SHA1
hash.
Add the hash algorithm that's being used as a parameter to this
function.
Signed-off-by: Stefan Berger <stefanb at linux.vnet.ibm.com>
---
src/std/tcg.h | 2 +-
src/tcgbios.c | 31 +++++++++++++++++--------------
2 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/src/std/tcg.h b/src/std/tcg.h
index d60ee09..1644684 100644
--- a/src/std/tcg.h
+++ b/src/std/tcg.h
@@ -442,7 +442,6 @@ struct tpm2_req_hierarchychangeauth {
} PACKED;
struct tpm2_digest_value {
- u32 count; /* 1 entry only */
u16 hashalg; /* TPM2_ALG_SHA1 */
u8 sha1[SHA1_BUFSIZE];
} PACKED;
@@ -452,6 +451,7 @@ struct tpm2_req_extend {
u32 pcrindex;
u32 authblocksize;
struct tpm2_authblock authblock;
+ u32 count;
struct tpm2_digest_value digest;
} PACKED;
diff --git a/src/tcgbios.c b/src/tcgbios.c
index 8aa6942..204f5ad 100644
--- a/src/tcgbios.c
+++ b/src/tcgbios.c
@@ -497,30 +497,33 @@ tpm12_extend(u32 pcrindex, const u8 *digest)
return 0;
}
-static int tpm20_extend(u32 pcrindex, const u8 *digest)
+static int tpm20_extend(u32 pcrindex, const u8 *digest, u16 hashAlg)
{
- struct tpm2_req_extend tre = {
+ struct tpm2_req_extend tmp_tre = {
.hdr.tag = cpu_to_be16(TPM2_ST_SESSIONS),
- .hdr.totlen = cpu_to_be32(sizeof(tre)),
+ .hdr.totlen = cpu_to_be32(sizeof(tmp_tre)),
.hdr.ordinal = cpu_to_be32(TPM2_CC_PCR_Extend),
.pcrindex = cpu_to_be32(pcrindex),
- .authblocksize = cpu_to_be32(sizeof(tre.authblock)),
+ .authblocksize = cpu_to_be32(sizeof(tmp_tre.authblock)),
.authblock = {
.handle = cpu_to_be32(TPM2_RS_PW),
.noncesize = cpu_to_be16(0),
.contsession = TPM2_YES,
.pwdsize = cpu_to_be16(0),
},
- .digest = {
- .count = cpu_to_be32(1),
- .hashalg = cpu_to_be16(TPM2_ALG_SHA1),
- },
};
- memcpy(tre.digest.sha1, digest, sizeof(tre.digest.sha1));
+ u32 count = 1;
+ u8 buffer[sizeof(tmp_tre) + sizeof(struct tpm2_digest_value)];
+ struct tpm2_req_extend *tre = (struct tpm2_req_extend *)buffer;
+
+ memcpy(tre, &tmp_tre, sizeof(tmp_tre));
+ tre->count = cpu_to_be32(count);
+ tre->digest.hashalg = cpu_to_be16(hashAlg);
+ memcpy(tre->digest.sha1, digest, sizeof(tmp_tre.digest.sha1));
struct tpm_rsp_header rsp;
u32 resp_length = sizeof(rsp);
- int ret = tpmhw_transmit(0, &tre.hdr, &rsp, &resp_length,
+ int ret = tpmhw_transmit(0, &tre->hdr, &rsp, &resp_length,
TPM_DURATION_TYPE_SHORT);
if (ret || resp_length != sizeof(rsp) || rsp.errcode)
return -1;
@@ -529,13 +532,13 @@ static int tpm20_extend(u32 pcrindex, const u8 *digest)
}
static int
-tpm_extend(u32 pcrindex, const u8 *digest)
+tpm_extend(u32 pcrindex, const u8 *digest, u16 hashAlg)
{
switch (TPM_version) {
case TPM_VERSION_1_2:
return tpm12_extend(pcrindex, digest);
case TPM_VERSION_2:
- return tpm20_extend(pcrindex, digest);
+ return tpm20_extend(pcrindex, digest, hashAlg);
}
return -1;
}
@@ -568,7 +571,7 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
.digests[0].hashtype = TPM2_ALG_SHA1,
};
sha1(hashdata, hashdata_length, entry.digests[0].sha1);
- int ret = tpm_extend(entry.pcrindex, entry.digests[0].sha1);
+ int ret = tpm_extend(entry.pcrindex, entry.digests[0].sha1, TPM2_ALG_SHA1);
if (ret) {
tpm_set_failure();
return;
@@ -1099,7 +1102,7 @@ hash_log_extend(struct pcpes *pcpes, const void *hashdata, u32 hashdata_length
if (hashdata)
sha1(hashdata, hashdata_length, pcpes->digest);
if (extend) {
- int ret = tpm_extend(pcpes->pcrindex, pcpes->digest);
+ int ret = tpm_extend(pcpes->pcrindex, pcpes->digest, TPM2_ALG_SHA1);
if (ret)
return TCG_TCG_COMMAND_ERROR;
}
--
2.5.5
More information about the SeaBIOS
mailing list