From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id C6D7AC05027 for ; Tue, 7 Feb 2023 00:20:52 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id C0FE885A44; Tue, 7 Feb 2023 01:20:49 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="ZE6KIxDz"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id C201785C38; Tue, 7 Feb 2023 01:20:47 +0100 (CET) Received: from mail-ed1-x52f.google.com (mail-ed1-x52f.google.com [IPv6:2a00:1450:4864:20::52f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 7F50E856D2 for ; Tue, 7 Feb 2023 01:20:44 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sjg@google.com Received: by mail-ed1-x52f.google.com with SMTP id ee13so6830344edb.5 for ; Mon, 06 Feb 2023 16:20:44 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=Xr6bvCjbFZZuyDgKYEtW3cVZQbNUY/lFz0pgLfZRqqI=; b=ZE6KIxDztgBxoSub9e9ih09aCPd/C3bdr1Zca0stNnLmJSxKrMkub6YnJK6OL8Gp2H Cp676z//LYJiGA0YHS1f0oXaZtreSirXm2fpf+fSZU11td8pgfFoq4XpbTOC77yJLxoP dAyUWQvdf4nUIvQ63tnT3NPDTcqq78Y2+mXfc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=Xr6bvCjbFZZuyDgKYEtW3cVZQbNUY/lFz0pgLfZRqqI=; b=cx3xgyQt3s0ujzko0HZavpzWyvZXisRXGXJtnpuSCQwpC1gVd0VYDUBs3TsgJfq4G2 0GkDhdSNhEjELHvCg8OXbe4XTL1XZrxD02OyCwRbMV/U/0U1nwl2zeuqwASIBKrzzU8q LvfF739lDkDVOOulEBqcGlBKHaFCXv5wCEkvsrzjc8ynRj78V4Lkg4edwwEFCL76nQLU /Cuwty5nimt82qS+3wJghOeuBdDuLqZtQX+12qj4F5ogt1sxqe9n/G6QV7kctC7HQmPy ie8UMAsSe96bBH9UM3fBpismHqTUsxTaCci5oZMLew++Z3sqlM0H6/i+DaVwi2XP7f3/ vXaA== X-Gm-Message-State: AO0yUKUk7h5YaJI023a7DDKXv3ETaxNiJItGhsdPDw54Ki52F5fbvCEF mxeCEnuyg53mMj8C7sM3jO1GbpC9XSrbphOqMMpQNA== X-Google-Smtp-Source: AK7set/ULTTW++cSVFWUYXemXK7xDAbxTS3rJ81mJPBYMkScm/GIisyTvKak2q3pPky3PiiNMPCAalFOyE6wMlP2CvU= X-Received: by 2002:a50:950b:0:b0:4a1:c6e2:b6c2 with SMTP id u11-20020a50950b000000b004a1c6e2b6c2mr414375eda.33.1675729243764; Mon, 06 Feb 2023 16:20:43 -0800 (PST) MIME-Version: 1.0 References: <20230125171810.3724530-1-eajames@linux.ibm.com> <20230125171810.3724530-3-eajames@linux.ibm.com> <49134e05-f92c-376b-b712-ab0704435041@linux.ibm.com> In-Reply-To: <49134e05-f92c-376b-b712-ab0704435041@linux.ibm.com> From: Simon Glass Date: Mon, 6 Feb 2023 17:20:32 -0700 Message-ID: Subject: Re: [PATCH v4 2/6] tpm: Support boot measurements To: Eddie James Cc: Ilias Apalodimas , u-boot@lists.denx.de, xypron.glpk@gmx.de Content-Type: text/plain; charset="UTF-8" X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean Hi Eddie, On Thu, 2 Feb 2023 at 10:18, Eddie James wrote: > > > On 2/2/23 11:12, Simon Glass wrote: > > Hi Eddie / Ilias, > > > > On Thu, 2 Feb 2023 at 09:24, Eddie James wrote: > >> > >> On 1/26/23 01:51, Ilias Apalodimas wrote: > >>> Hi Eddie, > >>> > >>> Thanks for the cleanup! Unfortunately this doesn't compile with EFI > >>> selected, but in general it looks pretty good. > >> > >> Thanks, yes I forgot to remove tcg2_pcr_read > >> > >> > >>> On Wed, Jan 25, 2023 at 11:18:06AM -0600, Eddie James wrote: > >>>> Add TPM2 functions to support boot measurement. This includes > >>>> starting up the TPM, initializing/appending the event log, and > >>>> measuring the U-Boot version. Much of the code was used in the > >>>> EFI subsystem, so remove it there and use the common functions. > >>>> > >>>> Signed-off-by: Eddie James > >>>> --- > >>>> include/efi_tcg2.h | 44 -- > >>>> include/tpm-v2.h | 254 ++++++++++ > >>>> lib/efi_loader/efi_tcg2.c | 975 +++----------------------------------- > >>>> lib/tpm-v2.c | 799 +++++++++++++++++++++++++++++++ > >>>> 4 files changed, 1129 insertions(+), 943 deletions(-) > > Can you please point to the spec containing what this implements? I am > > still not sure why the identifiers and filenames have EFI in them. > > > Yes. Primarily implementing this specification: > https://trustedcomputinggroup.org/wp-content/uploads/TCG_ServerManagDomainFWProfile_r1p00_pub.pdf > > > See chapter 9, event logging, which mentions the TCG_EfiSpecIdEvent as > the first event in the event log. OK thank you for the reference. What is the difference between that and TCG_PCClientPCREvent? Regards, Simon