On Fri, Aug 05, 2016 at 11:07:11AM -0400, Stefan Berger wrote:
Extend the tpm20_extend function to support extending a hash to multiple PCR banks. The sha1 hash that's being extended into the sha256 bank for example, will be filled with zero-bytes to the size of a sha256 hash.
[...]
@@ -573,7 +700,16 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type, } }; sha1(hashdata, hashdata_length, entry.digest.sha1);
- int ret = tpm_extend(entry.pcrindex, entry.digest.sha1);
- u8 buffer[MAX_TPML_DIGEST_VALUES_SIZE];
- int tdv_len = tpm_write_tpml_digest_values(buffer, sizeof(buffer),
entry.digest.sha1, TPM2_ALG_SHA1);- if (tdv_len < 0)
return;- struct tpml_digest_values *tdv = (struct tpml_digest_values *)buffer;
- int ret = tpm_extend(pcrindex, tdv, tdv_len); if (ret) { tpm_set_failure(); return;
If the code introduced a new struct with the maximum sized log entry instead of declaring buffers of size MAX_TPML_DIGEST_VALUES_SIZE I think the code would be a little simpler. That new struct could then be used for both tpm_extend() and tpm_log_event() making patches 5-7 simpler.
See https://github.com/KevinOConnor/seabios/tree/testing for what I was thinking.
-Kevin