Hi Kojima-san,
On Thu, Nov 25, 2021 at 08:36:28PM +0900, Masahisa Kojima wrote:
+/**
[...]
- is_tcg2_protocol_installed - chech whether tcg2 protocol is installed
- @Return: true if tcg2 protocol is installed, false if not
- */
+bool is_tcg2_protocol_installed(void) +{
- struct efi_handler *handler;
- efi_status_t ret;
- ret = efi_search_protocol(efi_root, &efi_guid_tcg2_protocol, &handler);
- return ((ret == EFI_SUCCESS) ? true : false);
+}
return ret == EFI_SUCCESS; is enough here.
static u32 tcg_event_final_size(struct tpml_digest_values *digest_list) { u32 len; @@ -962,6 +976,9 @@ efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size, IMAGE_NT_HEADERS32 *nt; struct efi_handler *handler;
- if (!is_tcg2_protocol_installed())
return EFI_NOT_READY;- ret = platform_get_tpm2_device(&dev); if (ret != EFI_SUCCESS) return ret;
@@ -2140,6 +2157,9 @@ efi_status_t efi_tcg2_measure_efi_app_invocation(struct efi_loaded_image_obj *ha u32 event = 0; struct smbios_entry *entry;
- if (!is_tcg2_protocol_installed())
return EFI_NOT_READY;- if (tcg2_efi_app_invoked) return EFI_SUCCESS;
@@ -2190,6 +2210,9 @@ efi_status_t efi_tcg2_measure_efi_app_exit(void) efi_status_t ret; struct udevice *dev;
- if (!is_tcg2_protocol_installed())
[...]
Heinrich, this whole patch is needed because installing the tcg2 protocol always returns EFI_SUCCESS. The reason is that some sandbox tests with sandbox_tpm used to fail. Do you want to keep this or perhaps just failing the boot now is the protocol fails to install is an option ?
Thanks /Ilias