From: Hernan Gatta <hegatta@linux.microsoft.com>
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose, submit, and parse TPM commands and responses.
A limited number of TPM commands may be accessed via the EFI TCG2
protocol. This protocol exposes functionality that is primarily geared
toward TPM usage within the context of Secure Boot. For all other TPM
commands, however, such as sealing and unsealing, this protocol does not
provide any help, with the exception of passthrough command submission.
The SubmitCommand method allows a caller to send raw commands to the
system's TPM and to receive the corresponding response. These
command/response pairs are formatted using the TPM wire protocol. To
construct commands in this way, and to parse the TPM's response, it is
necessary to, first, possess knowledge of the various TPM structures, and,
second, of the TPM wire protocol itself.
As such, this patch includes a set of header files that define the
necessary TPM structures and TSS functions, implementations of various
TPM2_* functions (inventoried below), and logic to write and read command
and response buffers, respectively, using the TPM wire protocol.
Functions: TPM2_Create, TPM2_CreatePrimary, TPM2_EvictControl,
TPM2_FlushContext, TPM2_Load, TPM2_PCR_Read, TPM2_PolicyGetDigest,
TPM2_PolicyPCR, TPM2_ReadPublic, TPM2_StartAuthSession, TPM2_Unseal,
TPM2_LoadExternal, TPM2_HashSequenceStart, TPM2_SequenceUpdate,
TPM2_SequenceComplete, TPM2_Hash, TPM2_VerifySignature,
TPM2_PolicyAuthorize, TPM2_TestParms
Signed-off-by: Hernan Gatta <hegatta@linux.microsoft.com>
Signed-off-by: Gary Lin <glin@suse.com>
---
grub-core/tpm2/buffer.c | 145 +++
grub-core/tpm2/mu.c | 1150 ++++++++++++++++++++++
grub-core/tpm2/tcg2.c | 143 +++
grub-core/tpm2/tpm2.c | 1221 ++++++++++++++++++++++++