tpm: Add firmware API call 2HASH-EXT-LOG

Add a new firmware API call with the name 2HASH-EXT-LOG that will be used
by trusted grub for measuring, logging, and extending TPM PCRs.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Alexey Kardashevskiy <aik@ozlabs.ru>

5 files changed, 49 insertions, 0 deletions

diff --git a/board-qemu/slof/vio-vtpm-cdriver.fs b/board-qemu/slof/vio-vtpm-cdriver.fs
index 51b3b9f..df966a2 100644
--- a/board-qemu/slof/vio-vtpm-cdriver.fs
+++ b/board-qemu/slof/vio-vtpm-cdriver.fs
@@ -46,6 +46,17 @@ LOG-SIZE BUFFER: log-base
    tpm-driver-get-failure-reason           ( reason )
 ;
 
+\ firmware API call
+: 2hash-ext-log ( pcr eventtype info info-len data data-len -- success?)
+    vtpm-debug? IF
+        ." Call to 2hash-ext-log" cr
+    THEN
+    tpm-2hash-ext-log                      ( success? )
+    dup 0= IF
+        ." VTPM: tpm-2hash-ext-log failed: " dup . cr
+    THEN
+;
+
 0 0 s" ibm,sml-efi-reformat-supported" property
 
 \ firmware API call
diff --git a/lib/libtpm/tcgbios.c b/lib/libtpm/tcgbios.c
index 2800560..dcf0cc6 100644
--- a/lib/libtpm/tcgbios.c
+++ b/lib/libtpm/tcgbios.c
@@ -929,6 +929,21 @@ uint32_t tpm_hash_log_extend_event_buffer(uint32_t pcrindex, uint32_t eventtype,
 					  data, datalen);
 }
 
+uint32_t tpm_2hash_ext_log(uint32_t pcrindex,
+			   uint32_t eventtype,
+			   const char *info, uint32_t infolen,
+			   const void *data, uint64_t datalen)
+{
+	uint32_t ret;
+
+	ret = tpm_add_measurement_to_log(pcrindex, eventtype,
+					 info, infolen,
+					 data, datalen);
+	if (!ret)
+		return (uint32_t)-1; // TRUE
+	return 0; // FALSE
+}
+
 /*
  * Add an EV_ACTION measurement to the list of measurements
  */
diff --git a/lib/libtpm/tcgbios.h b/lib/libtpm/tcgbios.h
index 0e7fb8c..021e219 100644
--- a/lib/libtpm/tcgbios.h
+++ b/lib/libtpm/tcgbios.h
@@ -37,5 +37,9 @@ uint32_t tpm_hash_log_extend_event_buffer(uint32_t pcrindex,
 					  const void *data, uint64_t datalen,
 					  const char *desc, uint32_t desclen,
 					  bool is_elf);
+uint32_t tpm_2hash_ext_log(uint32_t pcrindex,
+			   uint32_t eventtype,
+			   const char *info, uint32_t infolen,
+			   const void *data, uint64_t datalen);
 
 #endif /* TCGBIOS_H */
diff --git a/lib/libtpm/tpm.code b/lib/libtpm/tpm.code
index d67d2c3..f5e1d39 100644
--- a/lib/libtpm/tpm.code
+++ b/lib/libtpm/tpm.code
@@ -188,3 +188,21 @@ PRIM(tpm_X2d_hash_X2d_log_X2d_extend_X2d_event_X2d_buffer)
 					         data, datalen,
 					         desc, desclen, is_elf);
 MIRP
+
+/****************************************************************************************/
+/* Firmware API                                                                         */
+/* SLOF:   tpm-2hash-ext-log ( pcr event-type info info-len data data-len -- success? ) */
+/* LIBTPM: success = tpm-2hash-ext-log                                                  */
+/****************************************************************************************/
+PRIM(tpm_X2d_2hash_X2d_ext_X2d_log)
+	uint32_t datalen = TOS.u; POP;
+	const void *data = TOS.a; POP;
+	uint64_t infolen = TOS.u; POP;
+	const char *info = TOS.a; POP;
+	uint32_t eventtype = TOS.u; POP;
+	uint32_t pcrindex = TOS.u;
+
+	TOS.u = tpm_2hash_ext_log(pcrindex, eventtype,
+				  info, infolen,
+				  data, datalen);
+MIRP
diff --git a/lib/libtpm/tpm.in b/lib/libtpm/tpm.in
index fb54754..2f80624 100644
--- a/lib/libtpm/tpm.in
+++ b/lib/libtpm/tpm.in
@@ -29,3 +29,4 @@ cod(tpm-gpt-set-lba1)
 cod(tpm-gpt-add-entry)
 cod(tpm-measure-gpt)
 cod(tpm-hash-log-extend-event-buffer)
+cod(tpm-2hash-ext-log)