efi_loader: add boot variable measurement
TCG PC Client PFP spec requires to measure "Boot####" and "BootOrder" variables, EV_SEPARATOR event prior to the Ready to Boot invocation. Since u-boot does not implement Ready to Boot event, these measurements are performed when efi_start_image() is called. TCG spec also requires to measure "Calling EFI Application from Boot Option" for each boot attempt, and "Returning from EFI Application from Boot Option" if a boot device returns control back to the Boot Manager. Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
This commit is contained in:
Masahisa Kojima
committed by
Heinrich Schuchardt
Heinrich Schuchardt
parent
cfbcf054a3
commit
8fc4e0b427
@@ -499,6 +499,10 @@ efi_status_t efi_run_image(void *source_buffer, efi_uintn_t source_size);
|
||||
efi_status_t efi_init_variables(void);
|
||||
/* Notify ExitBootServices() is called */
|
||||
void efi_variables_boot_exit_notify(void);
|
||||
/* Measure efi application invocation */
|
||||
efi_status_t efi_tcg2_measure_efi_app_invocation(void);
|
||||
/* Measure efi application exit */
|
||||
efi_status_t efi_tcg2_measure_efi_app_exit(void);
|
||||
/* Called by bootefi to initialize root node */
|
||||
efi_status_t efi_root_node_register(void);
|
||||
/* Called by bootefi to initialize runtime */
|
||||
|
||||
@@ -75,7 +75,7 @@ struct udevice;
|
||||
/*
|
||||
* event types, cf.
|
||||
* "TCG PC Client Platform Firmware Profile Specification", Family "2.0"
|
||||
* rev 1.04, June 3, 2019
|
||||
* Level 00 Version 1.05 Revision 23, May 7, 2021
|
||||
*/
|
||||
#define EV_EFI_EVENT_BASE ((u32)0x80000000)
|
||||
#define EV_EFI_VARIABLE_DRIVER_CONFIG ((u32)0x80000001)
|
||||
@@ -87,8 +87,24 @@ struct udevice;
|
||||
#define EV_EFI_ACTION ((u32)0x80000007)
|
||||
#define EV_EFI_PLATFORM_FIRMWARE_BLOB ((u32)0x80000008)
|
||||
#define EV_EFI_HANDOFF_TABLES ((u32)0x80000009)
|
||||
#define EV_EFI_PLATFORM_FIRMWARE_BLOB2 ((u32)0x8000000A)
|
||||
#define EV_EFI_HANDOFF_TABLES2 ((u32)0x8000000B)
|
||||
#define EV_EFI_VARIABLE_BOOT2 ((u32)0x8000000C)
|
||||
#define EV_EFI_HCRTM_EVENT ((u32)0x80000010)
|
||||
#define EV_EFI_VARIABLE_AUTHORITY ((u32)0x800000E0)
|
||||
#define EV_EFI_SPDM_FIRMWARE_BLOB ((u32)0x800000E1)
|
||||
#define EV_EFI_SPDM_FIRMWARE_CONFIG ((u32)0x800000E2)
|
||||
|
||||
#define EFI_CALLING_EFI_APPLICATION \
|
||||
"Calling EFI Application from Boot Option"
|
||||
#define EFI_RETURNING_FROM_EFI_APPLICATION \
|
||||
"Returning from EFI Application from Boot Option"
|
||||
#define EFI_EXIT_BOOT_SERVICES_INVOCATION \
|
||||
"Exit Boot Services Invocation"
|
||||
#define EFI_EXIT_BOOT_SERVICES_FAILED \
|
||||
"Exit Boot Services Returned with Failure"
|
||||
#define EFI_EXIT_BOOT_SERVICES_SUCCEEDED \
|
||||
"Exit Boot Services Returned with Success"
|
||||
|
||||
/* TPMS_TAGGED_PROPERTY Structure */
|
||||
struct tpms_tagged_property {
|
||||
|
||||
Reference in New Issue
Block a user