[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH v2 4/5] ieee1275/tcg2: Add TCG2 driver for ieee1275 PowerPC firmw
|
From: |
Stefan Berger |
|
Subject: |
[PATCH v2 4/5] ieee1275/tcg2: Add TCG2 driver for ieee1275 PowerPC firmware |
|
Date: |
Mon, 25 Nov 2024 17:41:41 -0500 |
Follow recent extensions of EFI support providing a TCG2 driver with a
public API for getting the maximum TPM command size and passing a TPM
command through to the TPM 2. Implement this functionality using
ieee1275 PowerPC firmware API calls. Convert the tcg2 driver code now
to a built-in driver.
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
grub-core/Makefile.core.def | 3 +-
grub-core/lib/ieee1275/tcg2.c | 104 ++++++++++++++++++++++++++++++++++
2 files changed, 106 insertions(+), 1 deletion(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index c5fd796d4..8ecedf986 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -1155,7 +1155,6 @@ module = {
name = tpm;
common = commands/tpm.c;
ieee1275 = commands/ieee1275/ibmvtpm.c;
- ieee1275 = lib/ieee1275/tcg2.c;
enable = powerpc_ieee1275;
};
@@ -2576,8 +2575,10 @@ module = {
common = lib/tss2/tss2.c;
efi = lib/efi/tcg2.c;
emu = lib/tss2/tcg2_emu.c;
+ powerpc_ieee1275 = lib/ieee1275/tcg2.c;
enable = efi;
enable = emu;
+ enable = powerpc_ieee1275;
cppflags = '-I$(srcdir)/lib/tss2';
};
diff --git a/grub-core/lib/ieee1275/tcg2.c b/grub-core/lib/ieee1275/tcg2.c
index 8f29b3c1e..63ef34fcd 100644
--- a/grub-core/lib/ieee1275/tcg2.c
+++ b/grub-core/lib/ieee1275/tcg2.c
@@ -23,6 +23,8 @@
#include <grub/mm.h>
#include <grub/misc.h>
+#include <tcg2.h>
+
grub_ieee1275_ihandle_t grub_ieee1275_tpm_ihandle = IEEE1275_IHANDLE_INVALID;
grub_err_t
@@ -50,3 +52,105 @@ grub_ieee1275_tpm_init (void)
return GRUB_ERR_NONE;
}
+
+grub_err_t
+grub_tcg2_get_max_output_size (grub_size_t *size)
+{
+ struct tpm_get_maximum_cmd_size
+ {
+ struct grub_ieee1275_common_hdr common;
+ grub_ieee1275_cell_t method;
+ grub_ieee1275_cell_t ihandle;
+ grub_ieee1275_cell_t catch_result;
+ grub_ieee1275_cell_t size;
+ };
+ struct tpm_get_maximum_cmd_size args;
+ static int error_displayed = 0;
+ grub_err_t err;
+
+ err = grub_ieee1275_tpm_init ();
+ if (err != GRUB_ERR_NONE)
+ return err;
+
+ INIT_IEEE1275_COMMON (&args.common, "call-method", 2, 2);
+ args.method = (grub_ieee1275_cell_t) "get-maximum-cmd-size";
+ args.ihandle = grub_ieee1275_tpm_ihandle;
+
+ if (IEEE1275_CALL_ENTRY_FN (&args) == -1)
+ return GRUB_ERR_INVALID_COMMAND;
+
+ /*
+ * catch_result is set if firmware does not support get-maximum-cmd-size
+ * rc is GRUB_IEEE1275_CELL_FALSE (0) on failure
+ */
+ if (args.catch_result)
+ {
+ if (!error_displayed)
+ {
+ error_displayed++;
+ return grub_error (GRUB_ERR_BAD_DEVICE,
+ "get-maximum-cmd-size failed: Firmware is likely
too old.\n");
+ }
+ return GRUB_ERR_INVALID_COMMAND;
+ }
+
+ *size = args.size;
+
+ return GRUB_ERR_NONE;
+}
+
+grub_err_t
+grub_tcg2_submit_command (grub_size_t input_size,
+ grub_uint8_t *input,
+ grub_size_t output_size,
+ grub_uint8_t *output)
+{
+ struct tpm_pass_through_to_tpm
+ {
+ struct grub_ieee1275_common_hdr common;
+ grub_ieee1275_cell_t method;
+ grub_ieee1275_cell_t ihandle;
+ grub_ieee1275_cell_t buf_size;
+ grub_ieee1275_cell_t buf_addr;
+ grub_ieee1275_cell_t catch_result;
+ grub_ieee1275_cell_t resp_size;
+ };
+ struct tpm_pass_through_to_tpm args;
+ static int error_displayed = 0;
+ grub_err_t err;
+
+ if (input_size == 0 || input == NULL ||
+ output_size == 0 || output == NULL)
+ return GRUB_ERR_BAD_ARGUMENT;
+
+ err = grub_ieee1275_tpm_init ();
+ if (err != GRUB_ERR_NONE)
+ return err;
+
+ INIT_IEEE1275_COMMON (&args.common, "call-method", 4, 2);
+ args.method = (grub_ieee1275_cell_t) "pass-through-to-tpm";
+ args.ihandle = grub_ieee1275_tpm_ihandle;
+ args.buf_size = (grub_ieee1275_cell_t) input_size;
+ args.buf_addr = (grub_ieee1275_cell_t) input;
+
+ if (IEEE1275_CALL_ENTRY_FN (&args) == -1)
+ return GRUB_ERR_INVALID_COMMAND;
+
+ /*
+ * catch_result is set if firmware does not support pass-through-to-tpm
+ */
+ if (args.catch_result)
+ {
+ if (!error_displayed)
+ {
+ error_displayed++;
+ return grub_error (GRUB_ERR_BAD_DEVICE,
+ "pass-through-to-tpm failed: Firmware is likely
too old.\n");
+ }
+ return GRUB_ERR_INVALID_COMMAND;
+ }
+
+ grub_memcpy (output, input, args.resp_size);
+
+ return GRUB_ERR_NONE;
+}
--
2.25.1
- [PATCH v2 0/5] Enable Automatic Disk Unlock with TPM2 on ieee1275, Stefan Berger, 2024/11/25
- [PATCH v2 2/5] ieee1275/ibmvtpm: Move initializaton functions to TCG2 driver, Stefan Berger, 2024/11/25
- [PATCH v2 1/5] tss2: Adjust bit fields for big endian targets, Stefan Berger, 2024/11/25
- [PATCH v2 3/5] ieee1275/tcg2: Refactor grub_ieee1275_tpm_init, Stefan Berger, 2024/11/25
- [PATCH v2 5/5] tpm2_key_protector: Enable build for powerpc_ieee1275, Stefan Berger, 2024/11/25
- [PATCH v2 4/5] ieee1275/tcg2: Add TCG2 driver for ieee1275 PowerPC firmware,
Stefan Berger <=
- Re: [PATCH v2 0/5] Enable Automatic Disk Unlock with TPM2 on ieee1275, Daniel Kiper, 2024/11/26