summaryrefslogtreecommitdiff
path: root/src/security
diff options
context:
space:
mode:
authorFurquan Shaikh <furquan@google.com>2018-07-31 14:26:39 -0700
committerPhilipp Deppenwiese <zaolin.daisuki@gmail.com>2018-07-31 21:58:43 +0000
commit38f3ffad3fa05cf37ec44eda053006235c8d8d43 (patch)
treeca3f1458a634431e34912d703012d7fcfa77bd97 /src/security
parent44a1ab2d05de05dbeb849dfcb4b359ce1212ca9b (diff)
downloadcoreboot-38f3ffad3fa05cf37ec44eda053006235c8d8d43.tar.xz
security/tpm/tspi: Set return type of tcpa_log_add_table_entry as void
Change f849972 (security/vboot: Enable TCPA log extension) enabled support for adding TCPA log to CBMEM. However, if CBMEM is not online, this function doesn't do anything and returns early. This condition is not really a valid error condition as it depends on when the call to tcpa_log_add_table_entry is made. Since tcpa_log_add_table_entry returns -1 when cbmem is not online, tpm_extend_pcr prints an error message with prefix "ERROR:". This can confuse any scripts trying to catch errors in boot flow. This CL makes the following changes: 1. Removes the print in tpm_extend_pcr since tcpa_log_add_table_entry already prints out appropriate ERROR messages in case of failure to add log entry. 2. Since the return value of tcpa_log_add_table_entry is not used anymore, return type for tcpa_log_add_table_entry is changed to void. BUG=b:112030232 Change-Id: I32d313609a3e57845e67059b3747b81b5c8adb2a Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://review.coreboot.org/27757 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Philipp Deppenwiese <zaolin.daisuki@gmail.com> Reviewed-by: Justin TerAvest <teravest@chromium.org>
Diffstat (limited to 'src/security')
-rw-r--r--src/security/tpm/tspi.h5
-rw-r--r--src/security/tpm/tspi/log.c12
-rw-r--r--src/security/tpm/tspi/tspi.c6
3 files changed, 10 insertions, 13 deletions
diff --git a/src/security/tpm/tspi.h b/src/security/tpm/tspi.h
index 43254c13d1..94b53b054a 100644
--- a/src/security/tpm/tspi.h
+++ b/src/security/tpm/tspi.h
@@ -28,8 +28,9 @@ void tcpa_log_init(void);
/**
* Add table entry for cbmem TCPA log.
*/
-int tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
- const uint8_t *digest, const size_t digest_length);
+void tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
+ const uint8_t *digest,
+ const size_t digest_length);
/**
* Ask vboot for a digest and extend a TPM PCR with it.
diff --git a/src/security/tpm/tspi/log.c b/src/security/tpm/tspi/log.c
index 6091dfe5b9..8ec4c6d49d 100644
--- a/src/security/tpm/tspi/log.c
+++ b/src/security/tpm/tspi/log.c
@@ -44,24 +44,24 @@ void tcpa_log_init(void)
printk(BIOS_DEBUG, "TCPA log created at %p\n", tclt);
}
-int tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
- const uint8_t *digest, const size_t digest_length)
+void tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
+ const uint8_t *digest, const size_t digest_length)
{
MAYBE_STATIC struct tcpa_table *tclt = NULL;
struct tcpa_entry *tce;
if (!cbmem_possibly_online())
- return -1;
+ return;
tclt = cbmem_find(CBMEM_ID_TCPA_LOG);
if (!tclt) {
printk(BIOS_ERR, "ERROR: No TCPA log table found\n");
- return -1;
+ return;
}
if (tclt->num_entries == tclt->max_entries) {
printk(BIOS_WARNING, "ERROR: TCPA log table is full\n");
- return -1;
+ return;
}
tce = &tclt->entries[tclt->num_entries++];
@@ -70,6 +70,4 @@ int tcpa_log_add_table_entry(const char *name, const uint32_t pcr,
tce->pcr = pcr;
memcpy(tce->digest, digest, digest_length);
tce->digest_length = digest_length;
-
- return 0;
}
diff --git a/src/security/tpm/tspi/tspi.c b/src/security/tpm/tspi/tspi.c
index 48b6219547..950e930133 100644
--- a/src/security/tpm/tspi/tspi.c
+++ b/src/security/tpm/tspi/tspi.c
@@ -190,9 +190,7 @@ uint32_t tpm_extend_pcr(int pcr, uint8_t *digest,
if (result != TPM_SUCCESS)
return result;
- result = tcpa_log_add_table_entry(name, pcr, digest, digest_len);
- if (result != 0)
- printk(BIOS_ERR, "ERROR: Couldn't create TCPA log entry\n");
+ tcpa_log_add_table_entry(name, pcr, digest, digest_len);
- return 0;
+ return TPM_SUCCESS;
}