Re: [PATCH v2 0/3] Call GetEventLog before ExitBootServices
From: Jarkko Sakkinen
Date: Wed Sep 13 2017 - 15:00:20 EST
On Mon, Sep 11, 2017 at 12:00:19PM +0200, Thiebaud Weksteen wrote:
> With TPM 1.2, the ACPI table ("TCPA") has two fields to recover the Event Log
> Area (LAML and LASA). These logs are useful to understand and rebuild the
> final values of PCRs.
>
> With TPM 2.0, the ACPI table ("TPM2") does not contain these fields anymore.
> The recommended method is now to call the GetEventLog EFI protocol before
> ExitBootServices.
>
> Implement this method within the EFI stub and create copy of the logs for the
> TPM device. This will create /sys/kernel/security/tpm0/binary_bios_measurements
> for TPM 2.0 devices (similarly to the current behaviour for TPM 1.2 devices).
>
> -------------------------------------------------------------------------------
>
> Patchset Changelog:
>
> Version 2:
> - Move tpm_eventlog.h to top include directory, add commit for this.
> - Use EFI_LOADER_DATA to store the configuration table
> - Whitespace and new lines fixes
>
>
> Thiebaud Weksteen (3):
> tpm: move tpm_eventlog.h outside of drivers folder
> efi: call get_event_log before ExitBootServices
> tpm: parse TPM event logs based on EFI table
>
> arch/x86/boot/compressed/eboot.c | 1 +
> drivers/char/tpm/Makefile | 2 +-
> drivers/char/tpm/tpm-chip.c | 3 +-
> drivers/char/tpm/tpm-interface.c | 2 +-
> drivers/char/tpm/tpm.h | 35 ++++++++--
> drivers/char/tpm/tpm1_eventlog.c | 17 +++--
> drivers/char/tpm/tpm2_eventlog.c | 2 +-
> drivers/char/tpm/tpm_acpi.c | 2 +-
> drivers/char/tpm/tpm_efi.c | 66 ++++++++++++++++++
> drivers/char/tpm/tpm_of.c | 2 +-
I think these filenames are just awful. Now that you are introducing
completely a new file, it would make sense rename these as
* tpm_eventlog_acpi.c
* tpm_eventlog_efi.c
* tpm_eventlog_of.c
Please wait for further review comments before sending a refined patch
set. Please have renames for tpm_acpi.c and tpm_of.c in its own commit
before introducing other changes.
/Jarkko