> On 15 Jul 2025, at 11:06 AM, Gary Lin <g...@suse.com> wrote:
>
> Since there is no system firmware for grub-emu, the TPM2_PCR_Event
> command becomes the only choice to implement grub_tcg2_cap_pcr().
>
> Signed-off-by: Gary Lin <g...@suse.com>
> Reviewed-by: Stefan Berger <stef...@linux.ibm.com>
Reviewed-by: Sudhakar Kuppusamy <sudha...@linux.ibm.com>
> ---
> grub-core/lib/tss2/tcg2_emu.c | 20 ++++++++++++++++++++
> 1 file changed, 20 insertions(+)
>
> diff --git a/grub-core/lib/tss2/tcg2_emu.c b/grub-core/lib/tss2/tcg2_emu.c
> index cab930d2b..3713190ac 100644
> --- a/grub-core/lib/tss2/tcg2_emu.c
> +++ b/grub-core/lib/tss2/tcg2_emu.c
> @@ -22,6 +22,7 @@
>
> #include <tss2_buffer.h>
> #include <tss2_structs.h>
> +#include <tpm2_cmd.h>
> #include <tcg2.h>
>
> grub_err_t
> @@ -47,3 +48,22 @@ grub_tcg2_submit_command (grub_size_t input_size,
> grub_uint8_t *input,
>
> return GRUB_ERR_NONE;
> }
> +
> +grub_err_t
> +grub_tcg2_cap_pcr (grub_uint8_t pcr)
> +{
> + TPMS_AUTH_COMMAND_t authCmd = {
> + .sessionHandle = TPM_RS_PW,
> + };
> + TPM2B_EVENT_t data = {
> + .size = 4,
> + };
> + TPM_RC_t rc;
> +
> + /* Submit an EV_SEPARATOR event, i.e. an event with 4 zero-bytes */
> + rc = grub_tpm2_pcr_event (pcr, &authCmd, &data, NULL, NULL);
> + if (rc != TPM_RC_SUCCESS)
> + return grub_error (GRUB_ERR_BAD_DEVICE, N_("cannot cap PCR %u"), pcr);
> +
> + return GRUB_ERR_NONE;
> +}
> --
> 2.43.0
>
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
