tss2: Implement grub_tcg2_cap_pcr() for ieee1275

author Gary Lin <glin@suse.com>

Fri, 3 Oct 2025 03:22:05 +0000 (11:22 +0800)

committer Daniel Kiper <daniel.kiper@oracle.com>

Sat, 11 Oct 2025 13:43:58 +0000 (15:43 +0200)
author Gary Lin <glin@suse.com>
Fri, 3 Oct 2025 03:22:05 +0000 (11:22 +0800)
committer Daniel Kiper <daniel.kiper@oracle.com>
Sat, 11 Oct 2025 13:43:58 +0000 (15:43 +0200)
diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c

index 4958b04a920281f070c0c2eee53cf9e7ba91f793..665d90931d0fc8dc8a74b1670782ccd6c79dae4b 100644 (file)
--- a/grub-core/commands/ieee1275/ibmvtpm.c
+++ b/grub-core/commands/ieee1275/ibmvtpm.c
@@ -27,67 +27,20 @@
  #include <grub/mm.h>
  #include <grub/misc.h>
  
-static int
-ibmvtpm_2hash_ext_log (grub_uint8_t pcrindex,
-                      grub_uint32_t eventtype,
-                      const char *description,
-                      grub_size_t description_size,
-                      void *buf, grub_size_t size)
-{
-  struct tpm_2hash_ext_log
-  {
-    struct grub_ieee1275_common_hdr common;
-    grub_ieee1275_cell_t method;
-    grub_ieee1275_cell_t ihandle;
-    grub_ieee1275_cell_t size;
-    grub_ieee1275_cell_t buf;
-    grub_ieee1275_cell_t description_size;
-    grub_ieee1275_cell_t description;
-    grub_ieee1275_cell_t eventtype;
-    grub_ieee1275_cell_t pcrindex;
-    grub_ieee1275_cell_t catch_result;
-    grub_ieee1275_cell_t rc;
-  };
-  struct tpm_2hash_ext_log args;
-
-  INIT_IEEE1275_COMMON (&args.common, "call-method", 8, 2);
-  args.method = (grub_ieee1275_cell_t) "2hash-ext-log";
-  args.ihandle = grub_ieee1275_tpm_ihandle;
-  args.pcrindex = pcrindex;
-  args.eventtype = eventtype;
-  args.description = (grub_ieee1275_cell_t) description;
-  args.description_size = description_size;
-  args.buf = (grub_ieee1275_cell_t) buf;
-  args.size = (grub_ieee1275_cell_t) size;
-
-  if (IEEE1275_CALL_ENTRY_FN (&args) == -1)
-    return -1;
-
-  /*
-   * catch_result is set if firmware does not support 2hash-ext-log
-   * rc is GRUB_IEEE1275_CELL_FALSE (0) on failure
-   */
-  if ((args.catch_result) || args.rc == GRUB_IEEE1275_CELL_FALSE)
-    return -1;
-
-  return 0;
-}
-
  static grub_err_t
  tpm2_log_event (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
                 const char *description)
  {
    static int error_displayed = 0;
-  int rc;
+  grub_err_t err;
  
-  rc = ibmvtpm_2hash_ext_log (pcr, EV_IPL,
-                             description, grub_strlen(description) + 1,
-                             buf, size);
-  if (rc && !error_displayed)
+  err = grub_ieee1275_ibmvtpm_2hash_ext_log (pcr, EV_IPL,
+                                            description, grub_strlen(description) + 1,
+                                            buf, size);
+  if (err != GRUB_ERR_NONE && !error_displayed)
      {
        error_displayed++;
-      return grub_error (GRUB_ERR_BAD_DEVICE,
-                        "2HASH-EXT-LOG failed: Firmware is likely too old.\n");
+      return err;
      }
  
    return GRUB_ERR_NONE;
diff --git a/grub-core/lib/ieee1275/tcg2.c b/grub-core/lib/ieee1275/tcg2.c

index 40161c2f92d0882bbdfec8adb3693af29791340e..28e7db2258a3ac6f4f2e7e6802c19fa3921ce372 100644 (file)
--- a/grub-core/lib/ieee1275/tcg2.c
+++ b/grub-core/lib/ieee1275/tcg2.c
@@ -56,6 +56,52 @@ grub_ieee1275_tpm_init (void)
    return GRUB_ERR_NONE;
  }
  
+grub_err_t
+grub_ieee1275_ibmvtpm_2hash_ext_log (grub_uint8_t pcrindex,
+                                    grub_uint32_t eventtype,
+                                    const char *description,
+                                    grub_size_t description_size,
+                                    void *buf, grub_size_t size)
+{
+  struct tpm_2hash_ext_log
+  {
+    struct grub_ieee1275_common_hdr common;
+    grub_ieee1275_cell_t method;
+    grub_ieee1275_cell_t ihandle;
+    grub_ieee1275_cell_t size;
+    grub_ieee1275_cell_t buf;
+    grub_ieee1275_cell_t description_size;
+    grub_ieee1275_cell_t description;
+    grub_ieee1275_cell_t eventtype;
+    grub_ieee1275_cell_t pcrindex;
+    grub_ieee1275_cell_t catch_result;
+    grub_ieee1275_cell_t rc;
+  };
+  struct tpm_2hash_ext_log args;
+
+  INIT_IEEE1275_COMMON (&args.common, "call-method", 8, 2);
+  args.method = (grub_ieee1275_cell_t) "2hash-ext-log";
+  args.ihandle = grub_ieee1275_tpm_ihandle;
+  args.pcrindex = pcrindex;
+  args.eventtype = eventtype;
+  args.description = (grub_ieee1275_cell_t) description;
+  args.description_size = description_size;
+  args.buf = (grub_ieee1275_cell_t) buf;
+  args.size = (grub_ieee1275_cell_t) size;
+
+  if (IEEE1275_CALL_ENTRY_FN (&args) == -1)
+    return grub_error (GRUB_ERR_BAD_DEVICE, "2HASH-EXT-LOG failed: Firmware is likely too old.\n");
+
+  /*
+   * catch_result is set if firmware does not support 2hash-ext-log
+   * rc is GRUB_IEEE1275_CELL_FALSE (0) on failure
+   */
+  if ((args.catch_result) || args.rc == GRUB_IEEE1275_CELL_FALSE)
+    return grub_error (GRUB_ERR_BAD_DEVICE, "2HASH-EXT-LOG failed: Firmware is likely too old.\n");
+
+  return GRUB_ERR_NONE;
+}
+
  grub_err_t
  grub_tcg2_get_max_output_size (grub_size_t *size)
  {
@@ -155,3 +201,22 @@ grub_tcg2_submit_command (grub_size_t input_size,
  
    return GRUB_ERR_NONE;
  }
+
+grub_err_t
+grub_tcg2_cap_pcr (grub_uint8_t pcr)
+{
+  char separator[4] = {0};
+  static int error_displayed = 0;
+  grub_err_t err;
+
+  err = grub_ieee1275_ibmvtpm_2hash_ext_log (pcr, GRUB_EV_SEPARATOR,
+                                            separator, sizeof (separator),
+                                            separator, sizeof (separator));
+  if (err != GRUB_ERR_NONE && !error_displayed)
+    {
+      error_displayed++;
+      return err;
+    }
+
+  return GRUB_ERR_NONE;
+}
diff --git a/include/grub/ieee1275/tpm.h b/include/grub/ieee1275/tpm.h

index fe5cb47139d55c12aa319173d9ed89233811a21c..c34e8edc0edfd63ebd384b12ee473dcb29fb1f18 100644 (file)
--- a/include/grub/ieee1275/tpm.h
+++ b/include/grub/ieee1275/tpm.h
@@ -27,4 +27,9 @@ extern grub_ieee1275_ihandle_t grub_ieee1275_tpm_ihandle;
  
  extern grub_err_t grub_ieee1275_tpm_init (void);
  
+extern grub_err_t grub_ieee1275_ibmvtpm_2hash_ext_log (grub_uint8_t pcrindex,
+                                                      grub_uint32_t eventtype,
+                                                      const char *description,
+                                                      grub_size_t description_size,
+                                                      void *buf, grub_size_t size);
  #endif
author	Gary Lin <glin@suse.com>
	Fri, 3 Oct 2025 03:22:05 +0000 (11:22 +0800)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Sat, 11 Oct 2025 13:43:58 +0000 (15:43 +0200)
grub-core/commands/ieee1275/ibmvtpm.c		patch \| blob \| blame \| history
grub-core/lib/ieee1275/tcg2.c		patch \| blob \| blame \| history
include/grub/ieee1275/tpm.h		patch \| blob \| blame \| history