Hi Eddie, This has a few failures on the CI [0]. Please have a look and let me know if you can't understand the failures
[0] https://source.denx.de/u-boot/custodians/u-boot-tpm/-/pipelines/15471 Regards /Ilias On Fri, Mar 03, 2023 at 01:25:00PM -0600, Eddie James wrote: > This series adds support for measuring the boot images more generically > than the existing EFI support. Several EFI functions have been moved to > the TPM layer. The series includes optional measurement from the bootm > command. > A new test case has been added for the bootm measurement to test the new > path, and the sandbox TPM2 driver has been updated to support this use > case. > This series is based on Ilias' auto-startup series and Simon's additions. > > Changes since v7: > - Change name of tcg2_init_log and add more documentation > - Add a check, when parsing the event log header, to ensure that the > previous stage bootloader used all the active PCRs. > - Change name of tcg2_log_find_end > - Fix the greater than or equal to check to exit the log parsing > - Make sure log_position is 0 if there is any error discovering the log > - Return errors parsing the log if the data is corrupt so that we don't > end up with half a log > > Changes since v6: > - Added comment for bootm_measure > - Fixed line length in bootm_measure > - Added Linaro copyright for all the EFI moved code > - Changed tcg2_init_log (and by extension, tcg2_measurement_init) to > copy any discovered event log to the user's log if passed in. > > Changes since v5: > - Re-ordered the patches to put the sandbox TPM driver patch second > - Remove unused platform_get_eventlog in efi_tcg2.c > - First look for tpm_event_log_* properties instead of linux,sml-* > - Fix efi_tcg2.c compilation > - Select SHA* configs > - Remove the !SANDBOX dependency for EFI TCG2 > - Only compile in the measurement u-boot command when CONFIG_MEASURED_BOOT > is enabled > > Changes since v4: > - Remove tcg2_measure_event function and check for NULL data in > tcg2_measure_data > - Use tpm_auto_startup > - Fix efi_tcg2.c compilation for removing tcg2_pcr_read function > - Change PCR indexes for initrd and dtb > - Drop u8 casting in measurement test > - Use bullets in documentation > > Changes since v3: > - Reordered headers > - Refactored more of EFI code into common code > Removed digest_info structure and instead used the common alg_to_mask > and alg_to_len > Improved event log parsing in common code to get it equivalent to EFI > Common code now extends PCR if previous bootloader stage couldn't > No need to allocate memory in the common code, so EFI copies the > discovered buffer like it did before > Rename efi measure_event function > > Changes since v2: > - Add documentation. > - Changed reserved memory address to the top of the RAM for sandbox dts. > - Add measure state to booti and bootz. > - Skip measurement for EFI images that should be measured > > Changes since v1: > - Refactor TPM layer functions to allow EFI system to use them, and > remove duplicate EFI functions. > - Add test case > - Drop #ifdefs for bootm > - Add devicetree measurement config option > - Update sandbox TPM driver > > Eddie James (6): > tpm: Fix spelling for tpmu_ha union > tpm: sandbox: Update for needed TPM2 capabilities > tpm: Support boot measurements > bootm: Support boot measurement > test: Add sandbox TPM boot measurement > doc: Add measured boot documentation > > arch/sandbox/dts/sandbox.dtsi | 13 + > arch/sandbox/dts/test.dts | 13 + > boot/Kconfig | 23 + > boot/bootm.c | 72 +++ > cmd/booti.c | 1 + > cmd/bootm.c | 2 + > cmd/bootz.c | 1 + > configs/sandbox_defconfig | 1 + > doc/usage/index.rst | 1 + > doc/usage/measured_boot.rst | 23 + > drivers/tpm/tpm2_tis_sandbox.c | 100 ++- > include/bootm.h | 11 + > include/efi_tcg2.h | 44 -- > include/image.h | 1 + > include/test/suites.h | 1 + > include/tpm-v2.h | 255 +++++++- > lib/Kconfig | 4 + > lib/efi_loader/Kconfig | 2 - > lib/efi_loader/efi_tcg2.c | 1054 +++----------------------------- > lib/tpm-v2.c | 815 ++++++++++++++++++++++++ > test/boot/Makefile | 1 + > test/boot/measurement.c | 66 ++ > test/cmd_ut.c | 4 + > 23 files changed, 1455 insertions(+), 1053 deletions(-) > create mode 100644 doc/usage/measured_boot.rst > create mode 100644 test/boot/measurement.c > > -- > 2.31.1 >
