1 // SPDX-License-Identifier: GPL-2.0+
2 /*
3 * Defines APIs that allow an OS to interact with UEFI firmware to query
4 * information about the device.
5 * https://trustedcomputinggroup.org/resource/tcg-efi-protocol-specification/
6 *
7 * Copyright (c) 2020, Linaro Limited
8 */
9
10 #define LOG_CATEGORY LOGC_EFI
11 #include <common.h>
12 #include <dm.h>
13 #include <efi_loader.h>
14 #include <efi_tcg2.h>
15 #include <log.h>
16 #include <malloc.h>
17 #include <version.h>
18 #include <tpm-v2.h>
19 #include <u-boot/hash-checksum.h>
20 #include <u-boot/sha1.h>
21 #include <u-boot/sha256.h>
22 #include <u-boot/sha512.h>
23 #include <linux/unaligned/access_ok.h>
24 #include <linux/unaligned/generic.h>
25 #include <hexdump.h>
26
27 struct event_log_buffer {
28 void *buffer;
29 void *final_buffer;
30 size_t pos; /* eventlog position */
31 size_t final_pos; /* final events config table position */
32 size_t last_event_size;
33 bool get_event_called;
34 bool truncated;
35 };
36
37 static struct event_log_buffer event_log;
38 /*
39 * When requesting TPM2_CAP_TPM_PROPERTIES the value is on a standard offset.
40 * Since the current tpm2_get_capability() response buffers starts at
41 * 'union tpmu_capabilities data' of 'struct tpms_capability_data', calculate
42 * the response size and offset once for all consumers
43 */
44 #define TPM2_RESPONSE_BUFFER_SIZE (sizeof(struct tpms_capability_data) - \
45 offsetof(struct tpms_capability_data, data))
46 #define properties_offset (offsetof(struct tpml_tagged_tpm_property, tpm_property) + \
47 offsetof(struct tpms_tagged_property, value))
48
49 static const efi_guid_t efi_guid_tcg2_protocol = EFI_TCG2_PROTOCOL_GUID;
50 static const efi_guid_t efi_guid_final_events = EFI_TCG2_FINAL_EVENTS_TABLE_GUID;
51
52 struct digest_info {
53 u16 hash_alg;
54 u32 hash_mask;
55 u16 hash_len;
56 };
57
58 static const struct digest_info hash_algo_list[] = {
59 {
60 TPM2_ALG_SHA1,
61 EFI_TCG2_BOOT_HASH_ALG_SHA1,
62 TPM2_SHA1_DIGEST_SIZE,
63 },
64 {
65 TPM2_ALG_SHA256,
66 EFI_TCG2_BOOT_HASH_ALG_SHA256,
67 TPM2_SHA256_DIGEST_SIZE,
68 },
69 {
70 TPM2_ALG_SHA384,
71 EFI_TCG2_BOOT_HASH_ALG_SHA384,
72 TPM2_SHA384_DIGEST_SIZE,
73 },
74 {
75 TPM2_ALG_SHA512,
76 EFI_TCG2_BOOT_HASH_ALG_SHA512,
77 TPM2_SHA512_DIGEST_SIZE,
78 },
79 };
80
81 #define MAX_HASH_COUNT ARRAY_SIZE(hash_algo_list)
82
83 /**
84 * alg_to_mask - Get a TCG hash mask for algorithms
85 *
86 * @hash_alg: TCG defined algorithm
87 *
88 * @Return: TCG hashing algorithm bitmaps, 0 if the algorithm is not supported
89 */
alg_to_mask(u16 hash_alg)90 static u32 alg_to_mask(u16 hash_alg)
91 {
92 size_t i;
93
94 for (i = 0; i < MAX_HASH_COUNT; i++) {
95 if (hash_algo_list[i].hash_alg == hash_alg)
96 return hash_algo_list[i].hash_mask;
97 }
98
99 return 0;
100 }
101
102 /**
103 * alg_to_len - Get a TCG hash len for algorithms
104 *
105 * @hash_alg: TCG defined algorithm
106 *
107 * @Return: len of chosen algorithm, 0 if the algorithm is not supported
108 */
alg_to_len(u16 hash_alg)109 static u16 alg_to_len(u16 hash_alg)
110 {
111 size_t i;
112
113 for (i = 0; i < MAX_HASH_COUNT; i++) {
114 if (hash_algo_list[i].hash_alg == hash_alg)
115 return hash_algo_list[i].hash_len;
116 }
117
118 return 0;
119 }
120
tcg_event_final_size(struct tpml_digest_values * digest_list)121 static u32 tcg_event_final_size(struct tpml_digest_values *digest_list)
122 {
123 u32 len;
124 size_t i;
125
126 len = offsetof(struct tcg_pcr_event2, digests);
127 len += offsetof(struct tpml_digest_values, digests);
128 for (i = 0; i < digest_list->count; i++) {
129 u16 hash_alg = digest_list->digests[i].hash_alg;
130
131 len += offsetof(struct tpmt_ha, digest);
132 len += alg_to_len(hash_alg);
133 }
134 len += sizeof(u32); /* tcg_pcr_event2 event_size*/
135
136 return len;
137 }
138
139 /* tcg2_pcr_extend - Extend PCRs for a TPM2 device for a given tpml_digest_values
140 *
141 * @dev: device
142 * @digest_list: list of digest algorithms to extend
143 *
144 * @Return: status code
145 */
tcg2_pcr_extend(struct udevice * dev,u32 pcr_index,struct tpml_digest_values * digest_list)146 static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index,
147 struct tpml_digest_values *digest_list)
148 {
149 u32 rc;
150 size_t i;
151
152 for (i = 0; i < digest_list->count; i++) {
153 u32 alg = digest_list->digests[i].hash_alg;
154
155 rc = tpm2_pcr_extend(dev, pcr_index, alg,
156 (u8 *)&digest_list->digests[i].digest,
157 alg_to_len(alg));
158 if (rc) {
159 EFI_PRINT("Failed to extend PCR\n");
160 return EFI_DEVICE_ERROR;
161 }
162 }
163
164 return EFI_SUCCESS;
165 }
166
167 /* tcg2_agile_log_append - Append an agile event to out eventlog
168 *
169 * @pcr_index: PCR index
170 * @event_type: type of event added
171 * @digest_list: list of digest algorithms to add
172 * @size: size of event
173 * @event: event to add
174 *
175 * @Return: status code
176 */
tcg2_agile_log_append(u32 pcr_index,u32 event_type,struct tpml_digest_values * digest_list,u32 size,u8 event[])177 static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
178 struct tpml_digest_values *digest_list,
179 u32 size, u8 event[])
180 {
181 void *log = (void *)((uintptr_t)event_log.buffer + event_log.pos);
182 size_t pos;
183 size_t i;
184 u32 event_size;
185
186 if (event_log.get_event_called)
187 log = (void *)((uintptr_t)event_log.final_buffer +
188 event_log.final_pos);
189
190 /*
191 * size refers to the length of event[] only, we need to check against
192 * the final tcg_pcr_event2 size
193 */
194 event_size = size + tcg_event_final_size(digest_list);
195 if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE ||
196 event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) {
197 event_log.truncated = true;
198 return EFI_VOLUME_FULL;
199 }
200
201 put_unaligned_le32(pcr_index, log);
202 pos = offsetof(struct tcg_pcr_event2, event_type);
203 put_unaligned_le32(event_type, (void *)((uintptr_t)log + pos));
204 pos = offsetof(struct tcg_pcr_event2, digests); /* count */
205 put_unaligned_le32(digest_list->count, (void *)((uintptr_t)log + pos));
206
207 pos += offsetof(struct tpml_digest_values, digests);
208 for (i = 0; i < digest_list->count; i++) {
209 u16 hash_alg = digest_list->digests[i].hash_alg;
210 u8 *digest = (u8 *)&digest_list->digests[i].digest;
211
212 put_unaligned_le16(hash_alg, (void *)((uintptr_t)log + pos));
213 pos += offsetof(struct tpmt_ha, digest);
214 memcpy((void *)((uintptr_t)log + pos), digest, alg_to_len(hash_alg));
215 pos += alg_to_len(hash_alg);
216 }
217
218 put_unaligned_le32(size, (void *)((uintptr_t)log + pos));
219 pos += sizeof(u32); /* tcg_pcr_event2 event_size*/
220 memcpy((void *)((uintptr_t)log + pos), event, size);
221 pos += size;
222
223 /* make sure the calculated buffer is what we checked against */
224 if (pos != event_size)
225 return EFI_INVALID_PARAMETER;
226
227 /* if GetEventLog hasn't been called update the normal log */
228 if (!event_log.get_event_called) {
229 event_log.pos += pos;
230 event_log.last_event_size = pos;
231 } else {
232 /* if GetEventLog has been called update config table log */
233 struct efi_tcg2_final_events_table *final_event;
234
235 final_event =
236 (struct efi_tcg2_final_events_table *)(event_log.final_buffer);
237 final_event->number_of_events++;
238 event_log.final_pos += pos;
239 }
240
241 return EFI_SUCCESS;
242 }
243
244 /**
245 * platform_get_tpm_device() - retrieve TPM device
246 *
247 * This function retrieves the udevice implementing a TPM
248 *
249 * This function may be overridden if special initialization is needed.
250 *
251 * @dev: udevice
252 * Return: status code
253 */
platform_get_tpm2_device(struct udevice ** dev)254 __weak efi_status_t platform_get_tpm2_device(struct udevice **dev)
255 {
256 for_each_tpm_device(*dev) {
257 /* Only support TPMv2 devices */
258 if (tpm_get_version(*dev) == TPM_V2)
259 return EFI_SUCCESS;
260 }
261
262 return EFI_NOT_FOUND;
263 }
264
265 /**
266 * tpm2_get_max_command_size() - get the supported max command size
267 *
268 * @dev: TPM device
269 * @max_command_size: output buffer for the size
270 *
271 * Return: 0 on success, -1 on error
272 */
tpm2_get_max_command_size(struct udevice * dev,u16 * max_command_size)273 static int tpm2_get_max_command_size(struct udevice *dev, u16 *max_command_size)
274 {
275 u8 response[TPM2_RESPONSE_BUFFER_SIZE];
276 u32 ret;
277
278 memset(response, 0, sizeof(response));
279 ret = tpm2_get_capability(dev, TPM2_CAP_TPM_PROPERTIES,
280 TPM2_PT_MAX_COMMAND_SIZE, response, 1);
281 if (ret)
282 return -1;
283
284 *max_command_size = (uint16_t)get_unaligned_be32(response +
285 properties_offset);
286
287 return 0;
288 }
289
290 /**
291 * tpm2_get_max_response_size() - get the supported max response size
292 *
293 * @dev: TPM device
294 * @max_response_size: output buffer for the size
295 *
296 * Return: 0 on success, -1 on error
297 */
tpm2_get_max_response_size(struct udevice * dev,u16 * max_response_size)298 static int tpm2_get_max_response_size(struct udevice *dev,
299 u16 *max_response_size)
300 {
301 u8 response[TPM2_RESPONSE_BUFFER_SIZE];
302 u32 ret;
303
304 memset(response, 0, sizeof(response));
305 ret = tpm2_get_capability(dev, TPM2_CAP_TPM_PROPERTIES,
306 TPM2_PT_MAX_RESPONSE_SIZE, response, 1);
307 if (ret)
308 return -1;
309
310 *max_response_size = (uint16_t)get_unaligned_be32(response +
311 properties_offset);
312
313 return 0;
314 }
315
316 /**
317 * tpm2_get_manufacturer_id() - get the manufacturer ID
318 *
319 * @dev: TPM device
320 * @manufacturer_id: output buffer for the id
321 *
322 * Return: 0 on success, -1 on error
323 */
tpm2_get_manufacturer_id(struct udevice * dev,u32 * manufacturer_id)324 static int tpm2_get_manufacturer_id(struct udevice *dev, u32 *manufacturer_id)
325 {
326 u8 response[TPM2_RESPONSE_BUFFER_SIZE];
327 u32 ret;
328
329 memset(response, 0, sizeof(response));
330 ret = tpm2_get_capability(dev, TPM2_CAP_TPM_PROPERTIES,
331 TPM2_PT_MANUFACTURER, response, 1);
332 if (ret)
333 return -1;
334
335 *manufacturer_id = get_unaligned_be32(response + properties_offset);
336
337 return 0;
338 }
339
340 /**
341 * tpm2_get_num_pcr() - get the number of PCRs
342 *
343 * @dev: TPM device
344 * @manufacturer_id: output buffer for the number
345 *
346 * Return: 0 on success, -1 on error
347 */
tpm2_get_num_pcr(struct udevice * dev,u32 * num_pcr)348 static int tpm2_get_num_pcr(struct udevice *dev, u32 *num_pcr)
349 {
350 u8 response[TPM2_RESPONSE_BUFFER_SIZE];
351 u32 ret;
352
353 memset(response, 0, sizeof(response));
354 ret = tpm2_get_capability(dev, TPM2_CAP_TPM_PROPERTIES,
355 TPM2_PT_PCR_COUNT, response, 1);
356 if (ret)
357 return -1;
358
359 *num_pcr = get_unaligned_be32(response + properties_offset);
360 if (*num_pcr > TPM2_MAX_PCRS)
361 return -1;
362
363 return 0;
364 }
365
366 /**
367 * is_active_pcr() - Check if a supported algorithm is active
368 *
369 * @dev: TPM device
370 * @selection: struct of PCR information
371 *
372 * Return: true if PCR is active
373 */
is_active_pcr(struct tpms_pcr_selection * selection)374 static bool is_active_pcr(struct tpms_pcr_selection *selection)
375 {
376 int i;
377 /*
378 * check the pcr_select. If at least one of the PCRs supports the
379 * algorithm add it on the active ones
380 */
381 for (i = 0; i < selection->size_of_select; i++) {
382 if (selection->pcr_select[i])
383 return true;
384 }
385
386 return false;
387 }
388
389 /**
390 * tpm2_get_pcr_info() - get the supported, active PCRs and number of banks
391 *
392 * @dev: TPM device
393 * @supported_pcr: bitmask with the algorithms supported
394 * @active_pcr: bitmask with the active algorithms
395 * @pcr_banks: number of PCR banks
396 *
397 * Return: 0 on success, -1 on error
398 */
tpm2_get_pcr_info(struct udevice * dev,u32 * supported_pcr,u32 * active_pcr,u32 * pcr_banks)399 static int tpm2_get_pcr_info(struct udevice *dev, u32 *supported_pcr,
400 u32 *active_pcr, u32 *pcr_banks)
401 {
402 u8 response[TPM2_RESPONSE_BUFFER_SIZE];
403 struct tpml_pcr_selection pcrs;
404 u32 ret, num_pcr;
405 size_t i;
406 int tpm_ret;
407
408 *supported_pcr = 0;
409 *active_pcr = 0;
410 *pcr_banks = 0;
411 memset(response, 0, sizeof(response));
412 ret = tpm2_get_capability(dev, TPM2_CAP_PCRS, 0, response, 1);
413 if (ret)
414 goto out;
415
416 pcrs.count = get_unaligned_be32(response);
417 /*
418 * We only support 5 algorithms for now so check against that
419 * instead of TPM2_NUM_PCR_BANKS
420 */
421 if (pcrs.count > MAX_HASH_COUNT || pcrs.count < 1)
422 goto out;
423
424 tpm_ret = tpm2_get_num_pcr(dev, &num_pcr);
425 if (tpm_ret)
426 goto out;
427
428 for (i = 0; i < pcrs.count; i++) {
429 /*
430 * Definition of TPMS_PCR_SELECTION Structure
431 * hash: u16
432 * size_of_select: u8
433 * pcr_select: u8 array
434 *
435 * The offsets depend on the number of the device PCRs
436 * so we have to calculate them based on that
437 */
438 u32 hash_offset = offsetof(struct tpml_pcr_selection, selection) +
439 i * offsetof(struct tpms_pcr_selection, pcr_select) +
440 i * ((num_pcr + 7) / 8);
441 u32 size_select_offset =
442 hash_offset + offsetof(struct tpms_pcr_selection,
443 size_of_select);
444 u32 pcr_select_offset =
445 hash_offset + offsetof(struct tpms_pcr_selection,
446 pcr_select);
447
448 pcrs.selection[i].hash =
449 get_unaligned_be16(response + hash_offset);
450 pcrs.selection[i].size_of_select =
451 __get_unaligned_be(response + size_select_offset);
452 if (pcrs.selection[i].size_of_select > TPM2_PCR_SELECT_MAX)
453 goto out;
454 /* copy the array of pcr_select */
455 memcpy(pcrs.selection[i].pcr_select, response + pcr_select_offset,
456 pcrs.selection[i].size_of_select);
457 }
458
459 for (i = 0; i < pcrs.count; i++) {
460 u32 hash_mask = alg_to_mask(pcrs.selection[i].hash);
461
462 if (hash_mask) {
463 *supported_pcr |= hash_mask;
464 if (is_active_pcr(&pcrs.selection[i]))
465 *active_pcr |= hash_mask;
466 } else {
467 EFI_PRINT("Unknown algorithm %x\n", pcrs.selection[i].hash);
468 }
469 }
470
471 *pcr_banks = pcrs.count;
472
473 return 0;
474 out:
475 return -1;
476 }
477
478 /**
479 * __get_active_pcr_banks() - returns the currently active PCR banks
480 *
481 * @active_pcr_banks: pointer for receiving the bitmap of currently
482 * active PCR banks
483 *
484 * Return: status code
485 */
__get_active_pcr_banks(u32 * active_pcr_banks)486 static efi_status_t __get_active_pcr_banks(u32 *active_pcr_banks)
487 {
488 struct udevice *dev;
489 u32 active = 0, supported = 0, pcr_banks = 0;
490 efi_status_t ret;
491 int err;
492
493 ret = platform_get_tpm2_device(&dev);
494 if (ret != EFI_SUCCESS)
495 goto out;
496
497 err = tpm2_get_pcr_info(dev, &supported, &active, &pcr_banks);
498 if (err) {
499 ret = EFI_DEVICE_ERROR;
500 goto out;
501 }
502
503 *active_pcr_banks = active;
504
505 out:
506 return ret;
507 }
508
509 /* tcg2_create_digest - create a list of digests of the supported PCR banks
510 * for a given memory range
511 *
512 * @input: input memory
513 * @length: length of buffer to calculate the digest
514 * @digest_list: list of digests to fill in
515 *
516 * Return: status code
517 */
tcg2_create_digest(const u8 * input,u32 length,struct tpml_digest_values * digest_list)518 static efi_status_t tcg2_create_digest(const u8 *input, u32 length,
519 struct tpml_digest_values *digest_list)
520 {
521 sha1_context ctx;
522 sha256_context ctx_256;
523 sha512_context ctx_512;
524 u8 final[TPM2_SHA512_DIGEST_SIZE];
525 efi_status_t ret;
526 u32 active;
527 size_t i;
528
529 ret = __get_active_pcr_banks(&active);
530 if (ret != EFI_SUCCESS)
531 return ret;
532
533 digest_list->count = 0;
534 for (i = 0; i < MAX_HASH_COUNT; i++) {
535 u16 hash_alg = hash_algo_list[i].hash_alg;
536
537 if (!(active & alg_to_mask(hash_alg)))
538 continue;
539 switch (hash_alg) {
540 case TPM2_ALG_SHA1:
541 sha1_starts(&ctx);
542 sha1_update(&ctx, input, length);
543 sha1_finish(&ctx, final);
544 break;
545 case TPM2_ALG_SHA256:
546 sha256_starts(&ctx_256);
547 sha256_update(&ctx_256, input, length);
548 sha256_finish(&ctx_256, final);
549 break;
550 case TPM2_ALG_SHA384:
551 sha384_starts(&ctx_512);
552 sha384_update(&ctx_512, input, length);
553 sha384_finish(&ctx_512, final);
554 break;
555 case TPM2_ALG_SHA512:
556 sha512_starts(&ctx_512);
557 sha512_update(&ctx_512, input, length);
558 sha512_finish(&ctx_512, final);
559 break;
560 default:
561 EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
562 return EFI_INVALID_PARAMETER;
563 }
564 digest_list->count++;
565 digest_list->digests[i].hash_alg = hash_alg;
566 memcpy(&digest_list->digests[i].digest, final, (u32)alg_to_len(hash_alg));
567 }
568
569 return EFI_SUCCESS;
570 }
571
572 /**
573 * efi_tcg2_get_capability() - protocol capability information and state information
574 *
575 * @this: TCG2 protocol instance
576 * @capability: caller allocated memory with size field to the size of
577 * the structure allocated
578
579 * Return: status code
580 */
581 static efi_status_t EFIAPI
efi_tcg2_get_capability(struct efi_tcg2_protocol * this,struct efi_tcg2_boot_service_capability * capability)582 efi_tcg2_get_capability(struct efi_tcg2_protocol *this,
583 struct efi_tcg2_boot_service_capability *capability)
584 {
585 struct udevice *dev;
586 efi_status_t efi_ret;
587 int ret;
588
589 EFI_ENTRY("%p, %p", this, capability);
590
591 if (!this || !capability) {
592 efi_ret = EFI_INVALID_PARAMETER;
593 goto out;
594 }
595
596 if (capability->size < boot_service_capability_min) {
597 capability->size = boot_service_capability_min;
598 efi_ret = EFI_BUFFER_TOO_SMALL;
599 goto out;
600 }
601
602 if (capability->size < sizeof(*capability)) {
603 capability->size = sizeof(*capability);
604 efi_ret = EFI_BUFFER_TOO_SMALL;
605 goto out;
606 }
607
608 capability->structure_version.major = 1;
609 capability->structure_version.minor = 1;
610 capability->protocol_version.major = 1;
611 capability->protocol_version.minor = 1;
612
613 efi_ret = platform_get_tpm2_device(&dev);
614 if (efi_ret != EFI_SUCCESS) {
615 capability->supported_event_logs = 0;
616 capability->hash_algorithm_bitmap = 0;
617 capability->tpm_present_flag = false;
618 capability->max_command_size = 0;
619 capability->max_response_size = 0;
620 capability->manufacturer_id = 0;
621 capability->number_of_pcr_banks = 0;
622 capability->active_pcr_banks = 0;
623
624 efi_ret = EFI_SUCCESS;
625 goto out;
626 }
627
628 /* We only allow a TPMv2 device to register the EFI protocol */
629 capability->supported_event_logs = TCG2_EVENT_LOG_FORMAT_TCG_2;
630
631 capability->tpm_present_flag = true;
632
633 /* Supported and active PCRs */
634 capability->hash_algorithm_bitmap = 0;
635 capability->active_pcr_banks = 0;
636 ret = tpm2_get_pcr_info(dev, &capability->hash_algorithm_bitmap,
637 &capability->active_pcr_banks,
638 &capability->number_of_pcr_banks);
639 if (ret) {
640 efi_ret = EFI_DEVICE_ERROR;
641 goto out;
642 }
643
644 /* Max command size */
645 ret = tpm2_get_max_command_size(dev, &capability->max_command_size);
646 if (ret) {
647 efi_ret = EFI_DEVICE_ERROR;
648 goto out;
649 }
650
651 /* Max response size */
652 ret = tpm2_get_max_response_size(dev, &capability->max_response_size);
653 if (ret) {
654 efi_ret = EFI_DEVICE_ERROR;
655 goto out;
656 }
657
658 /* Manufacturer ID */
659 ret = tpm2_get_manufacturer_id(dev, &capability->manufacturer_id);
660 if (ret) {
661 efi_ret = EFI_DEVICE_ERROR;
662 goto out;
663 }
664
665 return EFI_EXIT(EFI_SUCCESS);
666 out:
667 return EFI_EXIT(efi_ret);
668 }
669
670 /**
671 * efi_tcg2_get_eventlog() - retrieve the the address of an event log and its
672 * last entry
673 *
674 * @this: TCG2 protocol instance
675 * @log_format: type of event log format
676 * @event_log_location: pointer to the memory address of the event log
677 * @event_log_last_entry: pointer to the address of the start of the last
678 * entry in the event log in memory, if log contains
679 * more than 1 entry
680 * @event_log_truncated: set to true, if the Event Log is missing at i
681 * least one entry
682 *
683 * Return: status code
684 */
685 static efi_status_t EFIAPI
efi_tcg2_get_eventlog(struct efi_tcg2_protocol * this,efi_tcg_event_log_format log_format,u64 * event_log_location,u64 * event_log_last_entry,bool * event_log_truncated)686 efi_tcg2_get_eventlog(struct efi_tcg2_protocol *this,
687 efi_tcg_event_log_format log_format,
688 u64 *event_log_location, u64 *event_log_last_entry,
689 bool *event_log_truncated)
690 {
691 efi_status_t ret = EFI_SUCCESS;
692 struct udevice *dev;
693
694 EFI_ENTRY("%p, %u, %p, %p, %p", this, log_format, event_log_location,
695 event_log_last_entry, event_log_truncated);
696
697 ret = platform_get_tpm2_device(&dev);
698 if (ret != EFI_SUCCESS) {
699 event_log_location = NULL;
700 event_log_last_entry = NULL;
701 *event_log_truncated = false;
702 ret = EFI_SUCCESS;
703 goto out;
704 }
705 *event_log_location = (uintptr_t)event_log.buffer;
706 *event_log_last_entry = (uintptr_t)(event_log.buffer + event_log.pos -
707 event_log.last_event_size);
708 *event_log_truncated = event_log.truncated;
709 event_log.get_event_called = true;
710
711 out:
712 return EFI_EXIT(ret);
713 }
714
715 /**
716 * tcg2_hash_pe_image() - calculate PE/COFF image hash
717 *
718 * @efi: pointer to the EFI binary
719 * @efi_size: size of @efi binary
720 * @digest_list: list of digest algorithms to extend
721 *
722 * Return: status code
723 */
tcg2_hash_pe_image(void * efi,u64 efi_size,struct tpml_digest_values * digest_list)724 static efi_status_t tcg2_hash_pe_image(void *efi, u64 efi_size,
725 struct tpml_digest_values *digest_list)
726 {
727 WIN_CERTIFICATE *wincerts = NULL;
728 size_t wincerts_len;
729 struct efi_image_regions *regs = NULL;
730 void *new_efi = NULL;
731 u8 hash[TPM2_SHA512_DIGEST_SIZE];
732 efi_status_t ret;
733 u32 active;
734 int i;
735
736 new_efi = efi_prepare_aligned_image(efi, &efi_size);
737 if (!new_efi)
738 return EFI_OUT_OF_RESOURCES;
739
740 if (!efi_image_parse(new_efi, efi_size, ®s, &wincerts,
741 &wincerts_len)) {
742 log_err("Parsing PE executable image failed\n");
743 ret = EFI_UNSUPPORTED;
744 goto out;
745 }
746
747 ret = __get_active_pcr_banks(&active);
748 if (ret != EFI_SUCCESS) {
749 goto out;
750 }
751
752 digest_list->count = 0;
753 for (i = 0; i < MAX_HASH_COUNT; i++) {
754 u16 hash_alg = hash_algo_list[i].hash_alg;
755
756 if (!(active & alg_to_mask(hash_alg)))
757 continue;
758 switch (hash_alg) {
759 case TPM2_ALG_SHA1:
760 hash_calculate("sha1", regs->reg, regs->num, hash);
761 break;
762 case TPM2_ALG_SHA256:
763 hash_calculate("sha256", regs->reg, regs->num, hash);
764 break;
765 case TPM2_ALG_SHA384:
766 hash_calculate("sha384", regs->reg, regs->num, hash);
767 break;
768 case TPM2_ALG_SHA512:
769 hash_calculate("sha512", regs->reg, regs->num, hash);
770 break;
771 default:
772 EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
773 return EFI_INVALID_PARAMETER;
774 }
775 digest_list->digests[i].hash_alg = hash_alg;
776 memcpy(&digest_list->digests[i].digest, hash, (u32)alg_to_len(hash_alg));
777 digest_list->count++;
778 }
779
780 out:
781 if (new_efi != efi)
782 free(new_efi);
783 free(regs);
784
785 return ret;
786 }
787
788 /**
789 * tcg2_measure_pe_image() - measure PE/COFF image
790 *
791 * @efi: pointer to the EFI binary
792 * @efi_size: size of @efi binary
793 * @handle: loaded image handle
794 * @loaded_image: loaded image protocol
795 *
796 * Return: status code
797 */
tcg2_measure_pe_image(void * efi,u64 efi_size,struct efi_loaded_image_obj * handle,struct efi_loaded_image * loaded_image)798 efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
799 struct efi_loaded_image_obj *handle,
800 struct efi_loaded_image *loaded_image)
801 {
802 struct tpml_digest_values digest_list;
803 efi_status_t ret;
804 struct udevice *dev;
805 u32 pcr_index, event_type, event_size;
806 struct uefi_image_load_event *image_load_event;
807 struct efi_device_path *device_path;
808 u32 device_path_length;
809 IMAGE_DOS_HEADER *dos;
810 IMAGE_NT_HEADERS32 *nt;
811 struct efi_handler *handler;
812
813 ret = platform_get_tpm2_device(&dev);
814 if (ret != EFI_SUCCESS)
815 return ret;
816
817 switch (handle->image_type) {
818 case IMAGE_SUBSYSTEM_EFI_APPLICATION:
819 pcr_index = 4;
820 event_type = EV_EFI_BOOT_SERVICES_APPLICATION;
821 break;
822 case IMAGE_SUBSYSTEM_EFI_BOOT_SERVICE_DRIVER:
823 pcr_index = 2;
824 event_type = EV_EFI_BOOT_SERVICES_DRIVER;
825 break;
826 case IMAGE_SUBSYSTEM_EFI_RUNTIME_DRIVER:
827 pcr_index = 2;
828 event_type = EV_EFI_RUNTIME_SERVICES_DRIVER;
829 break;
830 default:
831 return EFI_UNSUPPORTED;
832 }
833
834 ret = tcg2_hash_pe_image(efi, efi_size, &digest_list);
835 if (ret != EFI_SUCCESS)
836 return ret;
837
838 ret = tcg2_pcr_extend(dev, pcr_index, &digest_list);
839 if (ret != EFI_SUCCESS)
840 return ret;
841
842 ret = EFI_CALL(efi_search_protocol(&handle->header,
843 &efi_guid_loaded_image_device_path,
844 &handler));
845 if (ret != EFI_SUCCESS)
846 return ret;
847
848 device_path = EFI_CALL(handler->protocol_interface);
849 device_path_length = efi_dp_size(device_path);
850 if (device_path_length > 0) {
851 /* add end node size */
852 device_path_length += sizeof(struct efi_device_path);
853 }
854 event_size = sizeof(struct uefi_image_load_event) + device_path_length;
855 image_load_event = (struct uefi_image_load_event *)malloc(event_size);
856 if (!image_load_event)
857 return EFI_OUT_OF_RESOURCES;
858
859 image_load_event->image_location_in_memory = (uintptr_t)efi;
860 image_load_event->image_length_in_memory = efi_size;
861 image_load_event->length_of_device_path = device_path_length;
862
863 dos = (IMAGE_DOS_HEADER *)efi;
864 nt = (IMAGE_NT_HEADERS32 *)(efi + dos->e_lfanew);
865 if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR64_MAGIC) {
866 IMAGE_NT_HEADERS64 *nt64 = (IMAGE_NT_HEADERS64 *)nt;
867
868 image_load_event->image_link_time_address =
869 nt64->OptionalHeader.ImageBase;
870 } else if (nt->OptionalHeader.Magic == IMAGE_NT_OPTIONAL_HDR32_MAGIC) {
871 image_load_event->image_link_time_address =
872 nt->OptionalHeader.ImageBase;
873 } else {
874 ret = EFI_INVALID_PARAMETER;
875 goto out;
876 }
877
878 if (device_path_length > 0) {
879 memcpy(image_load_event->device_path, device_path,
880 device_path_length);
881 }
882
883 ret = tcg2_agile_log_append(pcr_index, event_type, &digest_list,
884 event_size, (u8 *)image_load_event);
885
886 out:
887 free(image_load_event);
888
889 return ret;
890 }
891
892 /**
893 * efi_tcg2_hash_log_extend_event() - extend and optionally log events
894 *
895 * @this: TCG2 protocol instance
896 * @flags: bitmap providing additional information on the
897 * operation
898 * @data_to_hash: physical address of the start of the data buffer
899 * to be hashed
900 * @data_to_hash_len: the length in bytes of the buffer referenced by
901 * data_to_hash
902 * @efi_tcg_event: pointer to data buffer containing information
903 * about the event
904 *
905 * Return: status code
906 */
907 static efi_status_t EFIAPI
efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol * this,u64 flags,u64 data_to_hash,u64 data_to_hash_len,struct efi_tcg2_event * efi_tcg_event)908 efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
909 u64 data_to_hash, u64 data_to_hash_len,
910 struct efi_tcg2_event *efi_tcg_event)
911 {
912 struct udevice *dev;
913 efi_status_t ret;
914 u32 event_type, pcr_index, event_size;
915 struct tpml_digest_values digest_list;
916
917 EFI_ENTRY("%p, %llu, %llu, %llu, %p", this, flags, data_to_hash,
918 data_to_hash_len, efi_tcg_event);
919
920 if (!this || !data_to_hash || !efi_tcg_event) {
921 ret = EFI_INVALID_PARAMETER;
922 goto out;
923 }
924
925 ret = platform_get_tpm2_device(&dev);
926 if (ret != EFI_SUCCESS)
927 goto out;
928
929 if (efi_tcg_event->size < efi_tcg_event->header.header_size +
930 sizeof(u32)) {
931 ret = EFI_INVALID_PARAMETER;
932 goto out;
933 }
934
935 if (efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) {
936 ret = EFI_INVALID_PARAMETER;
937 goto out;
938 }
939
940 /*
941 * if PE_COFF_IMAGE is set we need to make sure the image is not
942 * corrupted, verify it and hash the PE/COFF image in accordance with
943 * the procedure specified in "Calculating the PE Image Hash"
944 * section of the "Windows Authenticode Portable Executable Signature
945 * Format"
946 */
947 if (flags & PE_COFF_IMAGE) {
948 IMAGE_NT_HEADERS32 *nt;
949
950 ret = efi_check_pe((void *)(uintptr_t)data_to_hash,
951 data_to_hash_len, (void **)&nt);
952 if (ret != EFI_SUCCESS) {
953 log_err("Not a valid PE-COFF file\n");
954 goto out;
955 }
956 ret = tcg2_hash_pe_image((void *)(uintptr_t)data_to_hash,
957 data_to_hash_len, &digest_list);
958 } else {
959 ret = tcg2_create_digest((u8 *)(uintptr_t)data_to_hash,
960 data_to_hash_len, &digest_list);
961 }
962
963 if (ret != EFI_SUCCESS)
964 goto out;
965
966 pcr_index = efi_tcg_event->header.pcr_index;
967 event_type = efi_tcg_event->header.event_type;
968
969 ret = tcg2_pcr_extend(dev, pcr_index, &digest_list);
970 if (ret != EFI_SUCCESS)
971 goto out;
972
973 if (flags & EFI_TCG2_EXTEND_ONLY) {
974 if (event_log.truncated)
975 ret = EFI_VOLUME_FULL;
976 goto out;
977 }
978
979 /*
980 * The efi_tcg_event size includes the size component and the
981 * headersize
982 */
983 event_size = efi_tcg_event->size - sizeof(efi_tcg_event->size) -
984 efi_tcg_event->header.header_size;
985 ret = tcg2_agile_log_append(pcr_index, event_type, &digest_list,
986 event_size, efi_tcg_event->event);
987 out:
988 return EFI_EXIT(ret);
989 }
990
991 /**
992 * efi_tcg2_submit_command() - Send command to the TPM
993 *
994 * @this: TCG2 protocol instance
995 * @input_param_block_size: size of the TPM input parameter block
996 * @input_param_block: pointer to the TPM input parameter block
997 * @output_param_block_size: size of the TPM output parameter block
998 * @output_param_block: pointer to the TPM output parameter block
999 *
1000 * Return: status code
1001 */
1002 static efi_status_t EFIAPI
efi_tcg2_submit_command(__maybe_unused struct efi_tcg2_protocol * this,u32 __maybe_unused input_param_block_size,u8 __maybe_unused * input_param_block,u32 __maybe_unused output_param_block_size,u8 __maybe_unused * output_param_block)1003 efi_tcg2_submit_command(__maybe_unused struct efi_tcg2_protocol *this,
1004 u32 __maybe_unused input_param_block_size,
1005 u8 __maybe_unused *input_param_block,
1006 u32 __maybe_unused output_param_block_size,
1007 u8 __maybe_unused *output_param_block)
1008 {
1009 return EFI_UNSUPPORTED;
1010 }
1011
1012 /**
1013 * efi_tcg2_get_active_pcr_banks() - returns the currently active PCR banks
1014 *
1015 * @this: TCG2 protocol instance
1016 * @active_pcr_banks: pointer for receiving the bitmap of currently
1017 * active PCR banks
1018 *
1019 * Return: status code
1020 */
1021 static efi_status_t EFIAPI
efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol * this,u32 * active_pcr_banks)1022 efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol *this,
1023 u32 *active_pcr_banks)
1024 {
1025 efi_status_t ret;
1026
1027 EFI_ENTRY("%p, %p", this, active_pcr_banks);
1028 ret = __get_active_pcr_banks(active_pcr_banks);
1029
1030 return EFI_EXIT(ret);
1031 }
1032
1033 /**
1034 * efi_tcg2_set_active_pcr_banks() - sets the currently active PCR banks
1035 *
1036 * @this: TCG2 protocol instance
1037 * @active_pcr_banks: bitmap of the requested active PCR banks
1038 *
1039 * Return: status code
1040 */
1041 static efi_status_t EFIAPI
efi_tcg2_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol * this,u32 __maybe_unused active_pcr_banks)1042 efi_tcg2_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol *this,
1043 u32 __maybe_unused active_pcr_banks)
1044 {
1045 return EFI_UNSUPPORTED;
1046 }
1047
1048 /**
1049 * efi_tcg2_get_result_of_set_active_pcr_banks() - retrieve result for previous
1050 * set_active_pcr_banks()
1051 *
1052 * @this: TCG2 protocol instance
1053 * @operation_present: non-zero value to indicate a
1054 * set_active_pcr_banks operation was
1055 * invoked during last boot
1056 * @response: result value could be returned
1057 *
1058 * Return: status code
1059 */
1060 static efi_status_t EFIAPI
efi_tcg2_get_result_of_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol * this,u32 __maybe_unused * operation_present,u32 __maybe_unused * response)1061 efi_tcg2_get_result_of_set_active_pcr_banks(__maybe_unused struct efi_tcg2_protocol *this,
1062 u32 __maybe_unused *operation_present,
1063 u32 __maybe_unused *response)
1064 {
1065 return EFI_UNSUPPORTED;
1066 }
1067
1068 static const struct efi_tcg2_protocol efi_tcg2_protocol = {
1069 .get_capability = efi_tcg2_get_capability,
1070 .get_eventlog = efi_tcg2_get_eventlog,
1071 .hash_log_extend_event = efi_tcg2_hash_log_extend_event,
1072 .submit_command = efi_tcg2_submit_command,
1073 .get_active_pcr_banks = efi_tcg2_get_active_pcr_banks,
1074 .set_active_pcr_banks = efi_tcg2_set_active_pcr_banks,
1075 .get_result_of_set_active_pcr_banks = efi_tcg2_get_result_of_set_active_pcr_banks,
1076 };
1077
1078 /**
1079 * create_specid_event() - Create the first event in the eventlog
1080 *
1081 * @dev: tpm device
1082 * @event_header: Pointer to the final event header
1083 * @event_size: final spec event size
1084 *
1085 * Return: status code
1086 */
create_specid_event(struct udevice * dev,void * buffer,size_t * event_size)1087 static efi_status_t create_specid_event(struct udevice *dev, void *buffer,
1088 size_t *event_size)
1089 {
1090 struct tcg_efi_spec_id_event *spec_event;
1091 size_t spec_event_size;
1092 efi_status_t ret = EFI_DEVICE_ERROR;
1093 u32 active = 0, supported = 0;
1094 int err;
1095 size_t i;
1096
1097 /*
1098 * Create Spec event. This needs to be the first event in the log
1099 * according to the TCG EFI protocol spec
1100 */
1101
1102 /* Setup specID event data */
1103 spec_event = (struct tcg_efi_spec_id_event *)buffer;
1104 memcpy(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
1105 sizeof(spec_event->signature));
1106 put_unaligned_le32(0, &spec_event->platform_class); /* type client */
1107 spec_event->spec_version_minor =
1108 TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2;
1109 spec_event->spec_version_major =
1110 TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2;
1111 spec_event->spec_errata =
1112 TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2;
1113 spec_event->uintn_size = sizeof(efi_uintn_t) / sizeof(u32);
1114
1115 err = tpm2_get_pcr_info(dev, &supported, &active,
1116 &spec_event->number_of_algorithms);
1117 if (err)
1118 goto out;
1119 if (spec_event->number_of_algorithms > MAX_HASH_COUNT ||
1120 spec_event->number_of_algorithms < 1)
1121 goto out;
1122
1123 for (i = 0; i < spec_event->number_of_algorithms; i++) {
1124 u16 hash_alg = hash_algo_list[i].hash_alg;
1125 u16 hash_len = hash_algo_list[i].hash_len;
1126
1127 if (active && alg_to_mask(hash_alg)) {
1128 put_unaligned_le16(hash_alg,
1129 &spec_event->digest_sizes[i].algorithm_id);
1130 put_unaligned_le16(hash_len,
1131 &spec_event->digest_sizes[i].digest_size);
1132 }
1133 }
1134 /*
1135 * the size of the spec event and placement of vendor_info_size
1136 * depends on supported algoriths
1137 */
1138 spec_event_size =
1139 offsetof(struct tcg_efi_spec_id_event, digest_sizes) +
1140 spec_event->number_of_algorithms * sizeof(spec_event->digest_sizes[0]);
1141 /* no vendor info for us */
1142 memset(buffer + spec_event_size, 0,
1143 sizeof(spec_event->vendor_info_size));
1144 spec_event_size += sizeof(spec_event->vendor_info_size);
1145 *event_size = spec_event_size;
1146
1147 return EFI_SUCCESS;
1148
1149 out:
1150 return ret;
1151 }
1152
1153 /**
1154 * tcg2_uninit - remove the final event table and free efi memory on failures
1155 */
tcg2_uninit(void)1156 void tcg2_uninit(void)
1157 {
1158 efi_status_t ret;
1159
1160 ret = efi_install_configuration_table(&efi_guid_final_events, NULL);
1161 if (ret != EFI_SUCCESS)
1162 log_err("Failed to delete final events config table\n");
1163
1164 efi_free_pool(event_log.buffer);
1165 event_log.buffer = NULL;
1166 efi_free_pool(event_log.final_buffer);
1167 event_log.final_buffer = NULL;
1168 }
1169
1170 /**
1171 * create_final_event() - Create the final event and install the config
1172 * defined by the TCG EFI spec
1173 */
create_final_event(void)1174 static efi_status_t create_final_event(void)
1175 {
1176 struct efi_tcg2_final_events_table *final_event;
1177 efi_status_t ret;
1178
1179 /*
1180 * All events generated after the invocation of
1181 * EFI_TCG2_GET_EVENT_LOGS need to be stored in an instance of an
1182 * EFI_CONFIGURATION_TABLE
1183 */
1184 ret = efi_allocate_pool(EFI_ACPI_MEMORY_NVS, TPM2_EVENT_LOG_SIZE,
1185 &event_log.final_buffer);
1186 if (ret != EFI_SUCCESS)
1187 goto out;
1188
1189 memset(event_log.final_buffer, 0xff, TPM2_EVENT_LOG_SIZE);
1190 final_event = event_log.final_buffer;
1191 final_event->number_of_events = 0;
1192 final_event->version = EFI_TCG2_FINAL_EVENTS_TABLE_VERSION;
1193 event_log.final_pos = sizeof(*final_event);
1194 ret = efi_install_configuration_table(&efi_guid_final_events,
1195 final_event);
1196 if (ret != EFI_SUCCESS) {
1197 efi_free_pool(event_log.final_buffer);
1198 event_log.final_buffer = NULL;
1199 }
1200
1201 out:
1202 return ret;
1203 }
1204
1205 /**
1206 * efi_init_event_log() - initialize an eventlog
1207 */
efi_init_event_log(void)1208 static efi_status_t efi_init_event_log(void)
1209 {
1210 /*
1211 * vendor_info_size is currently set to 0, we need to change the length
1212 * and allocate the flexible array member if this changes
1213 */
1214 struct tcg_pcr_event *event_header = NULL;
1215 struct udevice *dev;
1216 size_t spec_event_size;
1217 efi_status_t ret;
1218
1219 ret = platform_get_tpm2_device(&dev);
1220 if (ret != EFI_SUCCESS)
1221 goto out;
1222
1223 ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, TPM2_EVENT_LOG_SIZE,
1224 (void **)&event_log.buffer);
1225 if (ret != EFI_SUCCESS)
1226 goto out;
1227
1228 /*
1229 * initialize log area as 0xff so the OS can easily figure out the
1230 * last log entry
1231 */
1232 memset(event_log.buffer, 0xff, TPM2_EVENT_LOG_SIZE);
1233 event_log.pos = 0;
1234 event_log.last_event_size = 0;
1235 event_log.get_event_called = false;
1236 event_log.truncated = false;
1237
1238 /*
1239 * The log header is defined to be in SHA1 event log entry format.
1240 * Setup event header
1241 */
1242 event_header = (struct tcg_pcr_event *)event_log.buffer;
1243 put_unaligned_le32(0, &event_header->pcr_index);
1244 put_unaligned_le32(EV_NO_ACTION, &event_header->event_type);
1245 memset(&event_header->digest, 0, sizeof(event_header->digest));
1246 ret = create_specid_event(dev, (void *)((uintptr_t)event_log.buffer + sizeof(*event_header)),
1247 &spec_event_size);
1248 if (ret != EFI_SUCCESS)
1249 goto free_pool;
1250 put_unaligned_le32(spec_event_size, &event_header->event_size);
1251 event_log.pos = spec_event_size + sizeof(*event_header);
1252 event_log.last_event_size = event_log.pos;
1253
1254 ret = create_final_event();
1255 if (ret != EFI_SUCCESS)
1256 goto free_pool;
1257
1258 out:
1259 return ret;
1260
1261 free_pool:
1262 efi_free_pool(event_log.buffer);
1263 event_log.buffer = NULL;
1264 return ret;
1265 }
1266
1267 /**
1268 * efi_append_scrtm_version - Append an S-CRTM EV_S_CRTM_VERSION event on the
1269 * eventlog and extend the PCRs
1270 *
1271 * @dev: TPM device
1272 *
1273 * @Return: status code
1274 */
efi_append_scrtm_version(struct udevice * dev)1275 static efi_status_t efi_append_scrtm_version(struct udevice *dev)
1276 {
1277 struct tpml_digest_values digest_list;
1278 u8 ver[] = U_BOOT_VERSION_STRING;
1279 const int pcr_index = 0;
1280 efi_status_t ret;
1281
1282 ret = tcg2_create_digest(ver, sizeof(ver), &digest_list);
1283 if (ret != EFI_SUCCESS)
1284 goto out;
1285
1286 ret = tcg2_pcr_extend(dev, pcr_index, &digest_list);
1287 if (ret != EFI_SUCCESS)
1288 goto out;
1289
1290 ret = tcg2_agile_log_append(pcr_index, EV_S_CRTM_VERSION, &digest_list,
1291 sizeof(ver), ver);
1292
1293 out:
1294 return ret;
1295 }
1296
1297 /**
1298 * efi_tcg2_register() - register EFI_TCG2_PROTOCOL
1299 *
1300 * If a TPM2 device is available, the TPM TCG2 Protocol is registered
1301 *
1302 * Return: An error status is only returned if adding the protocol fails.
1303 */
efi_tcg2_register(void)1304 efi_status_t efi_tcg2_register(void)
1305 {
1306 efi_status_t ret = EFI_SUCCESS;
1307 struct udevice *dev;
1308
1309 ret = platform_get_tpm2_device(&dev);
1310 if (ret != EFI_SUCCESS) {
1311 log_warning("Unable to find TPMv2 device\n");
1312 return EFI_SUCCESS;
1313 }
1314
1315 ret = efi_init_event_log();
1316 if (ret != EFI_SUCCESS)
1317 goto fail;
1318
1319 ret = efi_append_scrtm_version(dev);
1320 if (ret != EFI_SUCCESS) {
1321 tcg2_uninit();
1322 goto fail;
1323 }
1324
1325 ret = efi_add_protocol(efi_root, &efi_guid_tcg2_protocol,
1326 (void *)&efi_tcg2_protocol);
1327 if (ret != EFI_SUCCESS) {
1328 tcg2_uninit();
1329 goto fail;
1330 }
1331 return ret;
1332
1333 fail:
1334 log_err("Cannot install EFI_TCG2_PROTOCOL\n");
1335 /*
1336 * Return EFI_SUCCESS and don't stop the EFI subsystem.
1337 * That's done for 2 reasons
1338 * - If the protocol is not installed the PCRs won't be extended. So
1339 * someone later in the boot flow will notice that and take the
1340 * necessary actions.
1341 * - The TPM sandbox is limited and we won't be able to run any efi
1342 * related tests with TCG2 enabled
1343 */
1344 return EFI_SUCCESS;
1345 }
1346