Message ID | 20211207051533.5597-3-masahisa.kojima@linaro.org |
---|---|
State | New |
Headers | show |
Series | fix TCG2 error handling | expand |
On Tue, 7 Dec 2021 at 07:11, Masahisa Kojima <masahisa.kojima@linaro.org> wrote: > > There are functions that calls tcg2_agile_log_append() outside > of the TCG protocol invocation (e.g tcg2_measure_pe_image). > These functions must to check that TCG2 protocol is installed. > If not, measurement shall be skipped. > > Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> > --- > > No update since v1 > > lib/efi_loader/efi_tcg2.c | 18 ++++++++++++++++++ > 1 file changed, 18 insertions(+) > > diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c > index bdfd9a37b5..59bce85028 100644 > --- a/lib/efi_loader/efi_tcg2.c > +++ b/lib/efi_loader/efi_tcg2.c > @@ -972,6 +972,9 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size, > IMAGE_NT_HEADERS32 *nt; > struct efi_handler *handler; > > + if (!is_tcg2_protocol_installed()) > + return EFI_SUCCESS; > + > ret = platform_get_tpm2_device(&dev); > if (ret != EFI_SUCCESS) > return ret; > @@ -2189,6 +2192,9 @@ efi_status_t efi_tcg2_measure_efi_app_invocation(struct efi_loaded_image_obj *ha > u32 event = 0; > struct smbios_entry *entry; > > + if (!is_tcg2_protocol_installed()) > + return EFI_SUCCESS; > + > if (tcg2_efi_app_invoked) > return EFI_SUCCESS; > > @@ -2239,6 +2245,9 @@ efi_status_t efi_tcg2_measure_efi_app_exit(void) > efi_status_t ret; > struct udevice *dev; > > + if (!is_tcg2_protocol_installed()) > + return EFI_SUCCESS; > + > ret = platform_get_tpm2_device(&dev); > if (ret != EFI_SUCCESS) > return ret; > @@ -2264,6 +2273,12 @@ efi_tcg2_notify_exit_boot_services(struct efi_event *event, void *context) > EFI_ENTRY("%p, %p", event, context); > > event_log.ebs_called = true; > + > + if (!is_tcg2_protocol_installed()) { > + ret = EFI_SUCCESS; > + goto out; > + } > + > ret = platform_get_tpm2_device(&dev); > if (ret != EFI_SUCCESS) > goto out; > @@ -2293,6 +2308,9 @@ efi_status_t efi_tcg2_notify_exit_boot_services_failed(void) > struct udevice *dev; > efi_status_t ret; > > + if (!is_tcg2_protocol_installed()) > + return EFI_SUCCESS; > + > ret = platform_get_tpm2_device(&dev); > if (ret != EFI_SUCCESS) > goto out; > -- > 2.17.1 > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index bdfd9a37b5..59bce85028 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -972,6 +972,9 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size, IMAGE_NT_HEADERS32 *nt; struct efi_handler *handler; + if (!is_tcg2_protocol_installed()) + return EFI_SUCCESS; + ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) return ret; @@ -2189,6 +2192,9 @@ efi_status_t efi_tcg2_measure_efi_app_invocation(struct efi_loaded_image_obj *ha u32 event = 0; struct smbios_entry *entry; + if (!is_tcg2_protocol_installed()) + return EFI_SUCCESS; + if (tcg2_efi_app_invoked) return EFI_SUCCESS; @@ -2239,6 +2245,9 @@ efi_status_t efi_tcg2_measure_efi_app_exit(void) efi_status_t ret; struct udevice *dev; + if (!is_tcg2_protocol_installed()) + return EFI_SUCCESS; + ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) return ret; @@ -2264,6 +2273,12 @@ efi_tcg2_notify_exit_boot_services(struct efi_event *event, void *context) EFI_ENTRY("%p, %p", event, context); event_log.ebs_called = true; + + if (!is_tcg2_protocol_installed()) { + ret = EFI_SUCCESS; + goto out; + } + ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) goto out; @@ -2293,6 +2308,9 @@ efi_status_t efi_tcg2_notify_exit_boot_services_failed(void) struct udevice *dev; efi_status_t ret; + if (!is_tcg2_protocol_installed()) + return EFI_SUCCESS; + ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) goto out;
There are functions that calls tcg2_agile_log_append() outside of the TCG protocol invocation (e.g tcg2_measure_pe_image). These functions must to check that TCG2 protocol is installed. If not, measurement shall be skipped. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org> --- No update since v1 lib/efi_loader/efi_tcg2.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+)