security/vboot: Enable TCPA log extension
* Implement TCPA log for tspi extend function.
* Hook tcpa_log_init into vboot tpm_setup function.
* Add TCPA log output for vboot GBB flags and HWID
Change-Id: I22b1aa8da1a95380c39715727615ce5ce4c9443f
Signed-off-by: Philipp Deppenwiese <zaolin@das-labor.org>
Reviewed-on: https://review.coreboot.org/27727
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Patrick Rudolph <siro@das-labor.org>
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 407e1fa..48b6219 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -178,13 +178,21 @@
return TPM_SUCCESS;
}
-uint32_t tpm_extend_pcr(int pcr, uint8_t *digest, uint8_t *out_digest)
+uint32_t tpm_extend_pcr(int pcr, uint8_t *digest,
+ size_t digest_len, const char *name)
{
+ uint32_t result;
+
if (!digest)
return TPM_E_IOERROR;
- if (out_digest)
- return tlcl_extend(pcr, digest, out_digest);
+ result = tlcl_extend(pcr, digest, NULL);
+ if (result != TPM_SUCCESS)
+ return result;
- return tlcl_extend(pcr, digest, NULL);
+ result = tcpa_log_add_table_entry(name, pcr, digest, digest_len);
+ if (result != 0)
+ printk(BIOS_ERR, "ERROR: Couldn't create TCPA log entry\n");
+
+ return 0;
}