1 /* SPDX-License-Identifier: GPL-2.0-only */
3 #ifndef __SECURITY_TSPI_CRTM_H__
4 #define __SECURITY_TSPI_CRTM_H__
6 #include <program_loading.h>
7 #include <security/tpm/tspi.h>
8 #include <security/tpm/tss_errors.h>
12 #if CONFIG(TPM_LOG_CB)
13 # define TPM_MEASURE_ALGO (tlcl_get_family() == TPM_1 ? VB2_HASH_SHA1 : VB2_HASH_SHA256)
14 #elif CONFIG(TPM_LOG_TPM1)
15 # define TPM_MEASURE_ALGO VB2_HASH_SHA1
16 #elif CONFIG(TPM_LOG_TPM2)
17 # if CONFIG(TPM_HASH_SHA1)
18 # define TPM_MEASURE_ALGO VB2_HASH_SHA1
20 # if CONFIG(TPM_HASH_SHA256)
21 # define TPM_MEASURE_ALGO VB2_HASH_SHA256
23 # if CONFIG(TPM_HASH_SHA384)
24 # define TPM_MEASURE_ALGO VB2_HASH_SHA384
26 # if CONFIG(TPM_HASH_SHA512)
27 # define TPM_MEASURE_ALGO VB2_HASH_SHA512
31 #if !defined(TPM_MEASURE_ALGO)
32 # if !CONFIG(TPM_MEASURED_BOOT)
33 # define TPM_MEASURE_ALGO VB2_HASH_INVALID
35 # error "Misconfiguration: failed to determine TPM hashing algorithm"
40 * Measure digests cached in TPM log entries into PCRs
42 tpm_result_t
tspi_measure_cache_to_pcr(void);
45 * Extend a measurement hash taken for a CBFS file into the appropriate PCR.
47 tpm_result_t
tspi_cbfs_measurement(const char *name
, uint32_t type
, const struct vb2_hash
*hash
);
50 * Provide a function on SoC level to measure the bootblock for cases where bootblock is
51 * neither in FMAP nor in CBFS (e.g. in IFWI).
53 int tspi_soc_measure_bootblock(int pcr_index
);
55 #endif /* __SECURITY_TSPI_CRTM_H__ */