tpm2_eventlog: add H-CRTM event support.

Signed-off-by: mayuanchen <[email protected]>
JuergenReppSIT · Jul 20, 2023 · 2c407c1 · 2c407c1
1 parent dffed8e
commit 2c407c1
Show file tree

Hide file tree

Showing 2 changed files with 34 additions and 2 deletions.
diff --git a/lib/tpm2_eventlog.c b/lib/tpm2_eventlog.c
@@ -81,8 +81,11 @@ bool foreach_digest2(tpm2_eventlog_context *ctx, UINT32 eventType, unsigned pcr_
  LOG_WARN("PCR%d algorithm %d unsupported", pcr_index, alg);
  }
 
- if (eventType == EV_NO_ACTION && pcr && pcr_index == 0 && locality > 0 ) {
- pcr[alg_size -1] = locality;
+ if (eventType == EV_EFI_HCRTM_EVENT && pcr && pcr_index == 0) {
+ /* Trusted Platform Module Library Part 1 section 34.3 */
+ pcr[alg_size - 1] = 0x04;
+ } else if (eventType == EV_NO_ACTION && pcr && pcr_index == 0 && locality > 0 ) {
+ pcr[alg_size - 1] = locality;
  }
 
  if (eventType != EV_NO_ACTION && pcr &&
@@ -162,6 +165,19 @@ bool parse_event2body(TCG_EVENT2 const *event, UINT32 type) {
  /* what about the device path? */
  }
  break;
+ /* TCG PC Client Platform Firmware Profile Specification Level 00 Version 1.05 Revision 23 section 10.4.1 */
+ case EV_EFI_HCRTM_EVENT:
+ {
+ const char hcrtm_data[] = "HCRTM";
+ size_t len = strlen(hcrtm_data);
+ BYTE *data = (BYTE *)event->Event;
+ if (event->EventSize != len ||
+ strncmp((const char *)data, hcrtm_data, len)) {
+ LOG_ERR("HCRTM Event Data MUST be the string: \"%s\"", hcrtm_data);
+ return false;
+ }
+ }
+ break;
  }
 
  return true;

diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
@@ -116,6 +116,8 @@ char const *eventtype_to_string (UINT32 event_type) {
  return "EV_EFI_HANDOFF_TABLES2";
  case EV_EFI_VARIABLE_BOOT2:
  return "EV_EFI_VARIABLE_BOOT2";
+ case EV_EFI_HCRTM_EVENT:
+ return "EV_EFI_HCRTM_EVENT";
  case EV_EFI_VARIABLE_AUTHORITY:
  return "EV_EFI_VARIABLE_AUTHORITY";
  default:
@@ -255,6 +257,18 @@ static bool yaml_uefi_post_code(const TCG_EVENT2* const event) {
  }
  return true;
 }
+
+static bool yaml_uefi_hcrtm(const TCG_EVENT2* const event) {
+
+ const size_t len = event->EventSize;
+
+ const char* const data = (const char *) event->Event;
+ tpm2_tool_output(" Event: |-\n"
+ " %.*s\n", (int) len, data);
+
+ return true;
+}
+
 /*
  * Parses Device Path field using the efivar library if present, otherwise,
  * print the field in raw byte format
@@ -961,6 +975,8 @@ bool yaml_event2data(TCG_EVENT2 const *event, UINT32 type, uint32_t eventlog_ver
  event->EventSize, eventlog_version);
  case EV_NO_ACTION:
  return yaml_no_action((EV_NO_ACTION_STRUCT*)event->Event, event->EventSize, eventlog_version);
+ case EV_EFI_HCRTM_EVENT:
+ return yaml_uefi_hcrtm(event);
  default:
  bytes_to_str(event->Event, event->EventSize, hexstr, sizeof(hexstr));
  tpm2_tool_output(" Event: \"%s\"\n", hexstr);