[SeaBIOS] [PATCH v3 4/7] tpm: Extend tpm20_extend to support extending to multiple PCR banks
Kevin O'Connor
kevin at koconnor.net
Tue Aug 9 19:36:12 CEST 2016
On Fri, Aug 05, 2016 at 11:07:11AM -0400, Stefan Berger wrote:
> Extend the tpm20_extend function to support extending a hash to
> multiple PCR banks. The sha1 hash that's being extended into the
> sha256 bank for example, will be filled with zero-bytes to the
> size of a sha256 hash.
[...]
> @@ -573,7 +700,16 @@ tpm_add_measurement_to_log(u32 pcrindex, u32 event_type,
> }
> };
> sha1(hashdata, hashdata_length, entry.digest.sha1);
> - int ret = tpm_extend(entry.pcrindex, entry.digest.sha1);
> +
> + u8 buffer[MAX_TPML_DIGEST_VALUES_SIZE];
> +
> + int tdv_len = tpm_write_tpml_digest_values(buffer, sizeof(buffer),
> + entry.digest.sha1, TPM2_ALG_SHA1);
> + if (tdv_len < 0)
> + return;
> +
> + struct tpml_digest_values *tdv = (struct tpml_digest_values *)buffer;
> + int ret = tpm_extend(pcrindex, tdv, tdv_len);
> if (ret) {
> tpm_set_failure();
> return;
If the code introduced a new struct with the maximum sized log entry
instead of declaring buffers of size MAX_TPML_DIGEST_VALUES_SIZE I
think the code would be a little simpler. That new struct could then
be used for both tpm_extend() and tpm_log_event() making patches 5-7
simpler.
See https://github.com/KevinOConnor/seabios/tree/testing for what I
was thinking.
-Kevin
More information about the SeaBIOS
mailing list