]> git.baikalelectronics.ru Git - uboot.git/commit
projects / uboot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1eb95f1) | patch
efi_loader: add secure boot variable measurement
authorMasahisa Kojima <masahisa.kojima@linaro.org>
Fri, 13 Aug 2021 07:12:39 +0000 (16:12 +0900)
committerHeinrich Schuchardt <xypron.glpk@gmx.de>
Sat, 14 Aug 2021 18:54:41 +0000 (20:54 +0200)
commit496bea13032d90913489ebf616821a3e7c4cd0f5
tree109598db349ecabe1bb4264c3fef415ba5da33abtree | snapshot
parent1eb95f1af6c2f1ca74598e397439fff70daa46a3commit | diff
efi_loader: add secure boot variable measurement

TCG PC Client PFP spec requires to measure the secure
boot policy before validating the UEFI image.
This commit adds the secure boot variable measurement
of "SecureBoot", "PK", "KEK", "db", "dbx", "dbt", and "dbr".

Note that this implementation assumes that secure boot
variables are pre-configured and not be set/updated in runtime.

Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
include/efi_tcg2.h diff | blob | history
lib/efi_loader/efi_tcg2.c diff | blob | history
"Das U-Boot" Source Tree.