Re: [PATCH v2] efi_loader: add EFI_TCG2_PROTOCOL.SubmitCommand

[Ilias Apalodimas <ilias.apalodimas@linaro.org>]

On Tue, Nov 02, 2021 at 02:48:52PM +0900, Masahisa Kojima wrote:
> This commit adds the EFI_TCG2_PROTOCOL.SubmitCommand
> required in the TCG PC Client PFP spec.
> SubmitCommand enables to send the raw command to the TPM device.
> 
> To implement this api, tpm2_submit_command() is added
> into tpm-v2.c.
> 
> Signed-off-by: Masahisa Kojima <masahisa.kojima@linaro.org>
> ---
> Changes in v2:
> - return EFI_OUT_OF_RESOURCES if the recv buffer is small
> - remove unused argument of tpm2_submit_command()
> 
>  include/tpm-v2.h          | 14 +++++++++++++
>  lib/efi_loader/efi_tcg2.c | 41 +++++++++++++++++++++++++++++++++------
>  lib/tpm-v2.c              |  6 ++++++
>  3 files changed, 55 insertions(+), 6 deletions(-)
> 
> diff --git a/include/tpm-v2.h b/include/tpm-v2.h
> index e6b68769f3..39c8c0897b 100644
> --- a/include/tpm-v2.h
> +++ b/include/tpm-v2.h
> @@ -642,4 +642,18 @@ u32 tpm2_write_lock(struct udevice *dev, u32 index);
>   */
>  u32 tpm2_disable_platform_hierarchy(struct udevice *dev);
>  
> +/**
> + * submit user specified data to the TPM and get response
> + *
> + * @dev		TPM device
> + * @sendbuf:	Buffer of the data to send
> + * @recvbuf:	Buffer to save the response to
> + * @recv_size:	Pointer to the size of the response buffer
> + *
> + * Returns 0 on success (and places the number of response bytes at
> + * recv_size) or -ve on failure.
> + */
> +u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
> +			u8 *recvbuf, size_t *recv_size);
> +
>  #endif /* __TPM_V2_H */
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index ec20530b6b..cb67006b14 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -1033,13 +1033,42 @@ out:
>   * Return:	status code
>   */
>  static efi_status_t EFIAPI
> -efi_tcg2_submit_command(__maybe_unused struct efi_tcg2_protocol *this,
> -			u32 __maybe_unused input_param_block_size,
> -			u8 __maybe_unused *input_param_block,
> -			u32 __maybe_unused output_param_block_size,
> -			u8 __maybe_unused *output_param_block)
> +efi_tcg2_submit_command(struct efi_tcg2_protocol *this,
> +			u32 input_param_block_size,
> +			u8 *input_param_block,
> +			u32 output_param_block_size,
> +			u8 *output_param_block)
>  {
> -	return EFI_UNSUPPORTED;
> +	struct udevice *dev;
> +	efi_status_t ret;
> +	u32 rc;
> +	size_t resp_buf_size = output_param_block_size;
> +
> +	EFI_ENTRY("%p, %u, %p, %u, %p", this, input_param_block_size,
> +		  input_param_block, output_param_block_size, output_param_block);
> +
> +	if (!this || !input_param_block || !input_param_block_size) {
> +		ret = EFI_INVALID_PARAMETER;
> +		goto out;
> +	}
> +
> +	ret = platform_get_tpm2_device(&dev);
> +	if (ret != EFI_SUCCESS)
> +		goto out;
> +
> +	rc = tpm2_submit_command(dev, input_param_block,
> +				 output_param_block, &resp_buf_size);
> +	if (rc) {

nit pick but can you send a new version with and replace this with a
ternary operation?

if (rc) {
	ret = (rc == -ENOSPC) ? EFI_OUT_OF_RESOURCES : EFI_DEVICE_ERROR;
	
	goto out;
}

> +		if (rc == -ENOSPC)
> +			ret = EFI_OUT_OF_RESOURCES;
> +		else
> +			ret = EFI_DEVICE_ERROR;
> +
> +		goto out;
> +	}
> +
> +out:
> +	return EFI_EXIT(ret);
>  }
>  
>  /**
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 235f8c20d4..2e7b27bd6b 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -659,3 +659,9 @@ u32 tpm2_disable_platform_hierarchy(struct udevice *dev)
>  
>  	return 0;
>  }
> +
> +u32 tpm2_submit_command(struct udevice *dev, const u8 *sendbuf,
> +			u8 *recvbuf, size_t *recv_size)
> +{
> +	return tpm_sendrecv_command(dev, sendbuf, recvbuf, recv_size);
> +}
> -- 
> 2.17.1
> 

Other than that 
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>