|
|
f6e916 |
From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
|
|
|
f6e916 |
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
|
f6e916 |
Date: Fri, 11 Feb 2022 16:34:23 -0500
|
|
|
f6e916 |
Subject: [PATCH] ibmvtpm: Backport ibmvtpm support to grub 2.02
|
|
|
f6e916 |
|
|
|
f6e916 |
Backport ibmvtpm support to grub 2.02 by making as few changes to the
|
|
|
f6e916 |
source as possible and building it into the core.
|
|
|
f6e916 |
|
|
|
f6e916 |
Since ibmvtpm support is built into grub 2.02 do not print the error
|
|
|
f6e916 |
message we would typically print if it was a module and the user had
|
|
|
f6e916 |
a choice to not use vTPM support if there was no vTPM by avoiding
|
|
|
f6e916 |
to use the module.
|
|
|
f6e916 |
|
|
|
f6e916 |
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
|
f6e916 |
---
|
|
|
f6e916 |
grub-core/Makefile.core.def | 8 +-------
|
|
|
f6e916 |
grub-core/commands/ieee1275/ibmvtpm.c | 13 ++++++++++---
|
|
|
f6e916 |
include/grub/tpm.h | 2 +-
|
|
|
f6e916 |
3 files changed, 12 insertions(+), 11 deletions(-)
|
|
|
f6e916 |
|
|
|
f6e916 |
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
|
|
|
f6e916 |
index b11f74e6b2..637d7203e3 100644
|
|
|
f6e916 |
--- a/grub-core/Makefile.core.def
|
|
|
f6e916 |
+++ b/grub-core/Makefile.core.def
|
|
|
f6e916 |
@@ -298,6 +298,7 @@ kernel = {
|
|
|
f6e916 |
powerpc_ieee1275 = kern/powerpc/cache.S;
|
|
|
f6e916 |
powerpc_ieee1275 = kern/powerpc/dl.c;
|
|
|
f6e916 |
powerpc_ieee1275 = kern/powerpc/compiler-rt.S;
|
|
|
f6e916 |
+ powerpc_ieee1275 = commands/ieee1275/ibmvtpm.c;
|
|
|
f6e916 |
|
|
|
f6e916 |
sparc64_ieee1275 = kern/sparc64/cache.S;
|
|
|
f6e916 |
sparc64_ieee1275 = kern/sparc64/dl.c;
|
|
|
f6e916 |
@@ -1104,13 +1105,6 @@ module = {
|
|
|
f6e916 |
enable = powerpc_ieee1275;
|
|
|
f6e916 |
};
|
|
|
f6e916 |
|
|
|
f6e916 |
-module = {
|
|
|
f6e916 |
- name = tpm;
|
|
|
f6e916 |
- common = commands/tpm.c;
|
|
|
f6e916 |
- ieee1275 = commands/ieee1275/ibmvtpm.c;
|
|
|
f6e916 |
- enable = powerpc_ieee1275;
|
|
|
f6e916 |
-};
|
|
|
f6e916 |
-
|
|
|
f6e916 |
module = {
|
|
|
f6e916 |
name = terminal;
|
|
|
f6e916 |
common = commands/terminal.c;
|
|
|
f6e916 |
diff --git a/grub-core/commands/ieee1275/ibmvtpm.c b/grub-core/commands/ieee1275/ibmvtpm.c
|
|
|
f6e916 |
index e68b8448bc..728b2cbdcd 100644
|
|
|
f6e916 |
--- a/grub-core/commands/ieee1275/ibmvtpm.c
|
|
|
f6e916 |
+++ b/grub-core/commands/ieee1275/ibmvtpm.c
|
|
|
f6e916 |
@@ -115,7 +115,8 @@ tpm2_log_event (unsigned char *buf,
|
|
|
f6e916 |
grub_size_t size, grub_uint8_t pcr,
|
|
|
f6e916 |
const char *description)
|
|
|
f6e916 |
{
|
|
|
f6e916 |
- static int error_displayed = 0;
|
|
|
f6e916 |
+ /* Do not print error since vTPM support is built-in */
|
|
|
f6e916 |
+ static int error_displayed = 1;
|
|
|
f6e916 |
int err;
|
|
|
f6e916 |
|
|
|
f6e916 |
err = ibmvtpm_2hash_ext_log (pcr, EV_IPL,
|
|
|
f6e916 |
@@ -132,8 +133,8 @@ tpm2_log_event (unsigned char *buf,
|
|
|
f6e916 |
return GRUB_ERR_NONE;
|
|
|
f6e916 |
}
|
|
|
f6e916 |
|
|
|
f6e916 |
-grub_err_t
|
|
|
f6e916 |
-grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
|
|
f6e916 |
+static grub_err_t
|
|
|
f6e916 |
+_grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
|
|
f6e916 |
const char *description)
|
|
|
f6e916 |
{
|
|
|
f6e916 |
grub_err_t err = tpm_init();
|
|
|
f6e916 |
@@ -150,3 +151,9 @@ grub_tpm_measure (unsigned char *buf, grub_size_t size, grub_uint8_t pcr,
|
|
|
f6e916 |
|
|
|
f6e916 |
return GRUB_ERR_NONE;
|
|
|
f6e916 |
}
|
|
|
f6e916 |
+
|
|
|
f6e916 |
+grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,
|
|
|
f6e916 |
+ grub_uint8_t pcr, const char *description)
|
|
|
f6e916 |
+{
|
|
|
f6e916 |
+ return _grub_tpm_measure(buf, size, pcr, description);
|
|
|
f6e916 |
+}
|
|
|
f6e916 |
diff --git a/include/grub/tpm.h b/include/grub/tpm.h
|
|
|
f6e916 |
index ce52be4ff7..52af2b8448 100644
|
|
|
f6e916 |
--- a/include/grub/tpm.h
|
|
|
f6e916 |
+++ b/include/grub/tpm.h
|
|
|
f6e916 |
@@ -69,7 +69,7 @@ typedef struct {
|
|
|
f6e916 |
grub_err_t EXPORT_FUNC(grub_tpm_measure) (unsigned char *buf, grub_size_t size,
|
|
|
f6e916 |
grub_uint8_t pcr, const char *kind,
|
|
|
f6e916 |
const char *description);
|
|
|
f6e916 |
-#if defined (GRUB_MACHINE_EFI)
|
|
|
f6e916 |
+#if defined (GRUB_MACHINE_EFI) || defined (GRUB_MACHINE_IEEE1275)
|
|
|
f6e916 |
grub_err_t grub_tpm_execute(PassThroughToTPM_InputParamBlock *inbuf,
|
|
|
f6e916 |
PassThroughToTPM_OutputParamBlock *outbuf);
|
|
|
f6e916 |
grub_err_t grub_tpm_log_event(unsigned char *buf, grub_size_t size,
|