Hi Simon,
On Wed, Jul 07, 2021 at 11:37:01AM -0600, Simon Glass wrote:
Hi Masahisa,
On Wed, 7 Jul 2021 at 07:36, Masahisa Kojima masahisa.kojima@linaro.org wrote:
TCG PC Client PFP spec requires to measure the secure boot policy before validating the UEFI image. This commit adds the secure boot variable measurement of "SecureBoot", "PK", "KEK", "db" and "dbx".
Note that this implementation assumes that secure boot variables are pre-configured and not be set/updated in runtime.
Signed-off-by: Masahisa Kojima masahisa.kojima@linaro.org
include/efi_tcg2.h | 20 ++++++ lib/efi_loader/efi_tcg2.c | 135 ++++++++++++++++++++++++++++++++++++++ 2 files changed, 155 insertions(+)
Where are the tests for this code, please?
As we discussed in the past, the EFI TCG code can't be tested with the asndbox as-is. I'll have a look on your sandbox patches in case we can now use those, but in any case, I've sent a TPM mmio based driver. Even if the sandbox is still not enough we can add tests once the mmio TPM driver gets merged
Cheers /Ilias
Regards, Simon