Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.3:Update
tpm2.0-tools
0001-tpm2_listpcrs-use-TPM2_GetCapability-to-de...
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File 0001-tpm2_listpcrs-use-TPM2_GetCapability-to-determine-PC.patch of Package tpm2.0-tools
From c2586d4116b29436baa6608c5c3a222aae8bf193 Mon Sep 17 00:00:00 2001 From: Jerry Snitselaar <jsnitsel@redhat.com> Date: Mon, 15 May 2017 14:01:24 -0700 Subject: [PATCH] tpm2_listpcrs: use TPM2_GetCapability to determine PCRs to read Allow TPM to tell us PCRs that are available to be read in a bank instead of assuming there will be 24. This resolves an issue on a system where in the bios you can choose between hash functions (sha1 and sha256 in this case). Both will show up as supported, but when it tries reading the bank that isn't selected in the bios it makes no progress, and then fails saying that there are too many PCRs to read. This consolidates the pcr_selections init code into one function. Also a minor change to show_pcr_values to use sizeofSelect to determine loop iteration instead of hardcoding 24. Signed-off-by: Jerry Snitselaar <jsnitsel@redhat.com> --- tools/tpm2_listpcrs.c | 55 +++++++++++++++++++++++++-------------------------- 1 file changed, 27 insertions(+), 28 deletions(-) diff --git a/tools/tpm2_listpcrs.c b/tools/tpm2_listpcrs.c index f50c200..42bb8c6 100644 --- a/tools/tpm2_listpcrs.c +++ b/tools/tpm2_listpcrs.c @@ -173,38 +173,35 @@ static bool read_pcr_values(listpcr_context *context) { return true; } -static void init_pcr_selection_from_algorithm(TPMI_ALG_HASH alg_id, - TPML_PCR_SELECTION *pcr_selections) { +static bool init_pcr_selection(TPMI_ALG_HASH alg_id, listpcr_context *context) { - pcr_selections->count = 1; - pcr_selections->pcrSelections[0].hash = alg_id; - set_pcr_select_size(&pcr_selections->pcrSelections[0], 3); - clear_pcr_select_bits(&pcr_selections->pcrSelections[0]); + TPMI_YES_NO moreData; + TPMS_CAPABILITY_DATA cap_data; + TPML_PCR_SELECTION *pcr_sel = &context->pcr_selections; + UINT32 rval, i, j; - UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { - set_pcr_select_bit(&pcr_selections->pcrSelections[0], pcr_id); + rval = Tss2_Sys_GetCapability(context->sapi_context, 0, TPM_CAP_PCRS, 0, 1, &moreData, &cap_data, 0); + if (rval != TPM_RC_SUCCESS) { + LOG_ERR("GetCapability: Get PCR allocation status Error. TPM Error:0x%x......\n", rval); + return false; } -} -/* XXX Could this internally call init_pcr_selection_from_algorithm to reduce duplicate code? */ -static void init_pcr_selection_all(tpm2_algorithm *algorithm, - TPML_PCR_SELECTION *pcr_selections) { + pcr_sel->count = 0; - pcr_selections->count = 0; + for (i = 0; i < cap_data.data.assignedPCR.count; i++) { + if (alg_id && (cap_data.data.assignedPCR.pcrSelections[i].hash != alg_id)) + continue; + pcr_sel->pcrSelections[pcr_sel->count].hash = cap_data.data.assignedPCR.pcrSelections[i].hash; + set_pcr_select_size(&pcr_sel->pcrSelections[pcr_sel->count], cap_data.data.assignedPCR.pcrSelections[i].sizeofSelect); + for (j = 0; j < pcr_sel->pcrSelections[pcr_sel->count].sizeofSelect; j++) + pcr_sel->pcrSelections[pcr_sel->count].pcrSelect[j] = cap_data.data.assignedPCR.pcrSelections[i].pcrSelect[j]; + pcr_sel->count++; + } - int i; - for (i = 0; i < algorithm->count; i++) { - pcr_selections->pcrSelections[i].hash = algorithm->alg[i]; - set_pcr_select_size(&pcr_selections->pcrSelections[i], 3); - clear_pcr_select_bits(&pcr_selections->pcrSelections[i]); + if (pcr_sel->count == 0) + return false; - UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { - set_pcr_select_bit(&pcr_selections->pcrSelections[i], pcr_id); - } - pcr_selections->count++; - } + return true; } // show all PCR banks according to g_pcrSelection & g_pcrs-> @@ -220,7 +217,7 @@ static bool show_pcr_values(listpcr_context *context) { context->pcr_selections.pcrSelections[i].hash); UINT32 pcr_id; - for (pcr_id = 0; pcr_id < 24; pcr_id++) { + for (pcr_id = 0; pcr_id < context->pcr_selections.pcrSelections[i].sizeofSelect * 8; pcr_id++) { if (!is_pcr_select_bit_set(&context->pcr_selections.pcrSelections[i], pcr_id)) { continue; @@ -271,14 +268,16 @@ static bool show_selected_pcr_values(listpcr_context *context) { static bool show_all_pcr_values(listpcr_context *context) { - init_pcr_selection_all(&context->algs, &context->pcr_selections); + if (!init_pcr_selection(0, context)) + return false; return show_selected_pcr_values(context); } static bool show_alg_pcr_values(listpcr_context *context, TPMI_ALG_HASH alg_id) { - init_pcr_selection_from_algorithm(alg_id, &context->pcr_selections); + if (!init_pcr_selection(alg_id, context)) + return false; return show_selected_pcr_values(context); } -- 2.12.3
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor