Hi Ilias,
On Wed, 4 Nov 2020 at 06:48, Ilias Apalodimas ilias.apalodimas@linaro.org wrote:
Since U-boot EFI implementation is getting richer it makes sense to add support for EFI_TCG2_PROTOCOL taking advantage of any hardware TPM available on the device.
This is the initial implementation of the protocol which only adds support for GetCapability(). It's limited in the newer and safer TPMv2 devices.
Signed-off-by: Ilias Apalodimas ilias.apalodimas@linaro.org
The protocol requires mode that GetCapability to be usable. I intend to add support for GetEventLog() and HashLogExtendEvent() once this gets reviewed/merged include/efi_loader.h | 2 + include/efi_tcg2.h | 91 ++++++++ include/tpm-v2.h | 48 ++++ lib/efi_loader/Kconfig | 8 + lib/efi_loader/Makefile | 1 + lib/efi_loader/efi_setup.c | 7 + lib/efi_loader/efi_tcg2.c | 460 +++++++++++++++++++++++++++++++++++++ 7 files changed, 617 insertions(+) create mode 100644 include/efi_tcg2.h create mode 100644 lib/efi_loader/efi_tcg2.c
How can we add tests for this? We have a basic TPM emulator available so perhaps it could be used to create a sandbox test?
Regards, Simon