]> git.dujemihanovic.xyz Git - u-boot.git/commitdiff
efi_loader: startup the tpm device when installing the protocol
authorIlias Apalodimas <ilias.apalodimas@linaro.org>
Thu, 18 Nov 2021 08:13:42 +0000 (10:13 +0200)
committerHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
Sat, 20 Nov 2021 09:53:01 +0000 (10:53 +0100)
Due to U-Boot's lazy binding mentality the TPM is probed but not properly
initialized.  The user can startup the device from the command line
e.g 'tpm2 startup TPM2_SU_CLEAR'.  However we can initialize the TPM during
the TCG protocol installation,  which is easier to use overall.

Signed-off-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Reviewed-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
lib/efi_loader/efi_tcg2.c

index 6e32f520895184b48c55db977ced758576b78b2c..8c1f22e3377b69384f7d6fabb9245c8f50169754 100644 (file)
@@ -18,6 +18,7 @@
 #include <smbios.h>
 #include <version_string.h>
 #include <tpm-v2.h>
+#include <tpm_api.h>
 #include <u-boot/hash-checksum.h>
 #include <u-boot/sha1.h>
 #include <u-boot/sha256.h>
@@ -1943,6 +1944,7 @@ efi_status_t efi_tcg2_register(void)
        efi_status_t ret = EFI_SUCCESS;
        struct udevice *dev;
        struct efi_event *event;
+       u32 err;
 
        ret = platform_get_tpm2_device(&dev);
        if (ret != EFI_SUCCESS) {
@@ -1950,6 +1952,13 @@ efi_status_t efi_tcg2_register(void)
                return EFI_SUCCESS;
        }
 
+       /* initialize the TPM as early as possible. */
+       err = tpm_startup(dev, TPM_ST_CLEAR);
+       if (err) {
+               log_err("TPM startup failed\n");
+               goto fail;
+       }
+
        ret = efi_init_event_log();
        if (ret != EFI_SUCCESS)
                goto fail;