grub-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v10 10/20] tpm2: Add TPM Software Stack (TSS)

From: Gary Lin
Subject: Re: [PATCH v10 10/20] tpm2: Add TPM Software Stack (TSS)
Date: Wed, 10 Apr 2024 14:44:27 +0800 
On Tue, Apr 09, 2024 at 11:32:44AM -0400, Stefan Berger wrote:
> 
> 
> On 4/9/24 04:30, Gary Lin via Grub-devel wrote:
> > From: Hernan Gatta <hegatta@linux.microsoft.com>
> > 
> > A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
> > compose, submit, and parse TPM commands and responses.
> > 
> > A limited number of TPM commands may be accessed via the EFI TCG2
> > protocol. This protocol exposes functionality that is primarily geared
> > toward TPM usage within the context of Secure Boot. For all other TPM
> > commands, however, such as sealing and unsealing, this protocol does not
> > provide any help, with the exception of passthrough command submission.
> > 
> > The SubmitCommand method allows a caller to send raw commands to the
> > system's TPM and to receive the corresponding response. These
> > command/response pairs are formatted using the TPM wire protocol. To
> > construct commands in this way, and to parse the TPM's response, it is
> > necessary to, first, possess knowledge of the various TPM structures, and,
> > second, of the TPM wire protocol itself.
> > 
> > As such, this patch includes a set of header files that define the
> > necessary TPM structures and TSS functions, implementations of various
> > TPM2_* functions (inventoried below), and logic to write and read command
> > and response buffers, respectively, using the TPM wire protocol.
> > 
> > Functions: TPM2_Create, TPM2_CreatePrimary, TPM2_EvictControl,
> > TPM2_FlushContext, TPM2_Load, TPM2_PCR_Read, TPM2_PolicyGetDigest,
> > TPM2_PolicyPCR, TPM2_ReadPublic, TPM2_StartAuthSession, TPM2_Unseal,
> > TPM2_LoadExternal, TPM2_HashSequenceStart, TPM2_SequenceUpdate,
> > TPM2_SequenceComplete, TPM2_Hash, TPM2_VerifySignature,
> > TPM2_PolicyAuthorize, TPM2_TestParms
> > 
> > Signed-off-by: Hernan Gatta <hegatta@linux.microsoft.com>
> > Signed-off-by: Gary Lin <glin@suse.com>
> > ---
> >   grub-core/tpm2/buffer.c                |  145 +++
> >   grub-core/tpm2/mu.c                    | 1150 ++++++++++++++++++++++
> >   grub-core/tpm2/tcg2.c                  |  143 +++
> >   grub-core/tpm2/tpm2.c                  | 1221 ++++++++++++++++++++++++
> 
> Apart from that this is 'a lot' (and maybe more complete than it needs to
> be)
There are some commands added in the early development stage but ended up not
used. I kept those commands since they are already there and may be
useful in some day.

> the only thing that cought my attention was that most times you have a
> default: handler in a case statements, occasionally it's missing. Maybe you
> should add some missing default: handlers.
> 
Oops, thanks for spotting that. I'll add those missing default:
handlers.

> Also, Synopsis should extend Coverity to provide Reviewed-by's :-).
> 
That could be a nice feature :)

Thanks,

Gary Lin
reply via email to
[Prev in Thread] Current Thread [Next in Thread]