efi_loader: efi_tcg2_register returns appropriate error

This commit modify efi_tcg2_register() to return the appropriate error. With this fix, sandbox will not boot because efi_tcg2_register() fails due to some missing feature in GetCapabilities. So disable sandbox if EFI_TCG2_PROTOCOL is enabled. UEFI secure boot variable measurement is not directly related to TCG2 protocol installation, tcg2_measure_secure_boot_variable() is moved to the separate function. Signed-off-by: Masahisa Kojima <[email protected]> Reviewed-by: Ilias Apalodimas <[email protected]>
author: Masahisa Kojima <[email protected]> 2021-12-07 14:15:31 +0900
committer: Heinrich Schuchardt <[email protected]> 2021-12-09 11:43:25 -0800
commit: 54bec17f6b0326bbc22f993d28170d4c4df4ceed (patch)
tree: 8abef9e20ff7c5496c62ee7f730590733b77c6e3 /include/efi_loader.h
parent: 446266b024c971a6afa4eb256b2995a245d4eb49 (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/include/efi_loader.h b/include/efi_loader.h
index 67c40ca57a7..f4860e87fc1 100644
--- a/include/efi_loader.h
+++ b/include/efi_loader.h
@@ -525,6 +525,8 @@ efi_status_t efi_disk_register(void);
 efi_status_t efi_rng_register(void);
 /* Called by efi_init_obj_list() to install EFI_TCG2_PROTOCOL */
 efi_status_t efi_tcg2_register(void);
+/* Called by efi_init_obj_list() to do initial measurement */
+efi_status_t efi_tcg2_do_initial_measurement(void);
 /* measure the pe-coff image, extend PCR and add Event Log */
 efi_status_t tcg2_measure_pe_image(void *efi, u64 efi_size,
 				   struct efi_loaded_image_obj *handle,
author	Masahisa Kojima <[email protected]>	2021-12-07 14:15:31 +0900
committer	Heinrich Schuchardt <[email protected]>	2021-12-09 11:43:25 -0800
commit	54bec17f6b0326bbc22f993d28170d4c4df4ceed (patch)
tree	8abef9e20ff7c5496c62ee7f730590733b77c6e3 /include/efi_loader.h
parent	446266b024c971a6afa4eb256b2995a245d4eb49 (diff)