From: Matthew Garrett <matthewgarrett@google.com>
To: linux-integrity@vger.kernel.org
Cc: peterhuewe@gmx.de, jarkko.sakkinen@linux.intel.com, jgg@ziepe.ca
Subject: Add support for the TCG2 event log on UEFI systems
Date: Tue, 8 Jan 2019 17:48:42 -0800 [thread overview]
Message-ID: <20190109014847.39980-1-matthewgarrett@google.com> (raw)
There are several complexities associated with handling the crypto-agile
log format from TPM2 systems on UEFI platforms. The first is that each
log entry may be of variable length, necessitating parsing the log
in-kernel to determine its length. The second is that the log is kept in
boot services memory (which is reclaimed by the OS after
ExitBootServices() is called), but ExitBootServices() may introduce
additional log entries. These additional log entries are added to a
separate log which should then be merged into the initial log.
This patchset makes the existing support for calculating TPM events more
general (in order to allow it to be used from the EFI boot stub), adds
support for copying up crypto agile logs from the boot environment to
the running kernel and adds support for merging the final events log
into the initial events log.
next reply other threads:[~2019-01-09 1:48 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-09 1:48 Matthew Garrett [this message]
2019-01-09 1:48 ` [PATCH 1/5] tpm: Abstract crypto agile event size calculations Matthew Garrett
2019-01-16 18:47 ` Jarkko Sakkinen
2019-01-09 1:48 ` [PATCH 2/5] tpm: Fix event log types for TPM2 Matthew Garrett
2019-01-16 21:42 ` Jarkko Sakkinen
2019-01-17 7:53 ` Roberto Sassu
2019-01-18 15:15 ` Jarkko Sakkinen
2019-01-09 1:48 ` [PATCH 3/5] tpm: Reserve the TPM final events table Matthew Garrett
2019-01-09 1:48 ` [PATCH 4/5] tpm: Append the final event log to the TPM event log Matthew Garrett
2019-01-09 1:48 ` [PATCH 5/5] efi: Attempt to get the TCG2 event log in the boot stub Matthew Garrett
2019-01-10 17:40 ` Add support for the TCG2 event log on UEFI systems Jarkko Sakkinen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190109014847.39980-1-matthewgarrett@google.com \
--to=matthewgarrett@google.com \
--cc=jarkko.sakkinen@linux.intel.com \
--cc=jgg@ziepe.ca \
--cc=linux-integrity@vger.kernel.org \
--cc=peterhuewe@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).