Hi, On Wed, 14 Jul 2021 at 06:59, Masahisa Kojima <masahisa.koj...@linaro.org> wrote: > > TCG PC Client PFP spec requires to measure the secure > boot policy before validating the UEFI image. > This commit adds the secure boot variable measurement > of "SecureBoot", "PK", "KEK", "db" and "dbx". > > Note that this implementation assumes that secure boot > variables are pre-configured and not be set/updated in runtime. > > Signed-off-by: Masahisa Kojima <masahisa.koj...@linaro.org> > --- > > Changes in v2: > - missing null check for getting variable data > - some minor fix for readability > > include/efi_tcg2.h | 20 ++++++ > lib/efi_loader/efi_tcg2.c | 139 ++++++++++++++++++++++++++++++++++++++ > 2 files changed, 159 insertions(+)
It looks like this code should be in lib/tpm or similar as much of it is not specific to EFI? Regards, Simon
