File 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-de... of Package tpm2.0-tools

Overview Repositories Revisions Requests Users Attributes Meta

File 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch of Package tpm2.0-tools

From c2586d4116b29436baa6608c5c3a222aae8bf193 Mon Sep 17 00:00:00 2001
From: Jerry Snitselaar <jsnitsel@redhat.com>
Date: Mon, 15 May 2017 14:01:24 -0700
Subject: [PATCH] tpm2_listpcrs: use TPM2_GetCapability to determine PCRs to
 read

Allow TPM to tell us PCRs that are available to be read in a bank
instead of assuming there will be 24. This resolves an issue on
a system where in the bios you can choose between hash functions
(sha1 and sha256 in this case). Both will show up as supported,
but when it tries reading the bank that isn't selected in the bios
it makes no progress, and then fails saying that there are too many
PCRs to read.

This consolidates the pcr_selections init code into one function.

Also a minor change to show_pcr_values to use sizeofSelect to
determine loop iteration instead of hardcoding 24.

Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com>
---
 tools/tpm2_listpcrs.c | 55 +++++++++++++++++++++++++--------------------------
 1 file changed, 27 insertions(+), 28 deletions(-)

diff --git a/tools/tpm2_listpcrs.c b/tools/tpm2_listpcrs.c
index f50c200..42bb8c6 100644
--- a/tools/tpm2_listpcrs.c
+++ b/tools/tpm2_listpcrs.c
@@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_context *context) {
     return true;
 }
 
-static void init_pcr_selection_from_algorithm(TPMI_ALG_HASH alg_id,
-        TPML_PCR_SELECTION *pcr_selections) {
+static bool init_pcr_selection(TPMI_ALG_HASH alg_id, listpcr_context *context) {
 
-    pcr_selections->count = 1;
-    pcr_selections->pcrSelections[0].hash = alg_id;
-    set_pcr_select_size(&pcr_selections->pcrSelections[0], 3);
-    clear_pcr_select_bits(&pcr_selections->pcrSelections[0]);
+    TPMI_YES_NO moreData;
+    TPMS_CAPABILITY_DATA cap_data;
+    TPML_PCR_SELECTION *pcr_sel = &context->pcr_selections;
+    UINT32 rval, i, j;
 
-    UINT32 pcr_id;
-    for (pcr_id = 0; pcr_id < 24; pcr_id++) {
-        set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id);
+    rval = Tss2_Sys_GetCapability(context->sapi_context, 0, TPM_CAP_PCRS, 0, 1, &moreData, &cap_data, 0);
+    if (rval != TPM_RC_SUCCESS) {
+        LOG_ERR("GetCapability: Get PCR allocation status Error. TPM Error:0x%x......\n", rval);
+        return false;
     }
-}
 
-/* XXX Could this internally call init_pcr_selection_from_algorithm to reduce duplicate code? */
-static void init_pcr_selection_all(tpm2_algorithm *algorithm,
-        TPML_PCR_SELECTION *pcr_selections) {
+    pcr_sel->count = 0;
 
-    pcr_selections->count = 0;
+    for (i = 0; i < cap_data.data.assignedPCR.count; i++) {
+        if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != alg_id))
+            continue;
+        pcr_sel->pcrSelections[pcr_sel->count].hash = cap_data.data.assignedPCR.pcrSelections[i].hash;
+        set_pcr_select_size(&pcr_sel->pcrSelections[pcr_sel->count], cap_data.data.assignedPCR.pcrSelections[i].sizeofSelect);
+        for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; j++)
+            pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j];
+        pcr_sel->count++;
+    }
 
-    int i;
-    for (i = 0; i < algorithm->count; i++) {
-        pcr_selections->pcrSelections[i].hash = algorithm->alg[i];
-        set_pcr_select_size(&pcr_selections->pcrSelections[i], 3);
-        clear_pcr_select_bits(&pcr_selections->pcrSelections[i]);
+    if (pcr_sel->count == 0)
+        return false;
 
-        UINT32 pcr_id;
-        for (pcr_id = 0; pcr_id < 24; pcr_id++) {
-            set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id);
-        }
-        pcr_selections->count++;
-    }
+    return true;
 }
 
 // show all PCR banks according to g_pcrSelection & g_pcrs->
@@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_context *context) {
                 context->pcr_selections.pcrSelections[i].hash);
 
         UINT32 pcr_id;
-        for (pcr_id = 0; pcr_id < 24; pcr_id++) {
+        for (pcr_id = 0; pcr_id < context->pcr_selections.pcrSelections[i].sizeofSelect * 8; pcr_id++) {
             if (!is_pcr_select_bit_set(&context->pcr_selections.pcrSelections[i],
                     pcr_id)) {
                 continue;
@@ -271,14 +268,16 @@ static bool show_selected_pcr_values(listpcr_context *context) {
 
 static bool show_all_pcr_values(listpcr_context *context) {
 
-    init_pcr_selection_all(&context->algs, &context->pcr_selections);
+    if (!init_pcr_selection(0, context))
+        return false;
 
     return show_selected_pcr_values(context);
 }
 
 static bool show_alg_pcr_values(listpcr_context *context, TPMI_ALG_HASH alg_id) {
 
-    init_pcr_selection_from_algorithm(alg_id, &context->pcr_selections);
+    if (!init_pcr_selection(alg_id, context))
+        return false;
 
     return show_selected_pcr_values(context);
 }
-- 
2.12.3

Places

File 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch of Package tpm2.0-tools

Places