From d716a1940ac08db60b8d1f42e81c23ce6770cac5 Mon Sep 17 00:00:00 2001 From: Daniel Neus Date: Wed, 6 May 2015 16:42:09 +0200 Subject: [PATCH] treat errors in tpm functionality as fatal errors --- grub-core/kern/i386/pc/tpm/tpm_kern.c | 97 +++---- grub-core/loader/i386/pc/chainloader.c | 10 +- grub-core/loader/i386/pc/ntldr.c | 12 +- grub-core/normal/main.c | 2 +- grub-core/tpm/i386/pc/tpm.c | 337 ++++++++----------------- include/grub/i386/pc/tpm.h | 14 +- 6 files changed, 145 insertions(+), 327 deletions(-) diff --git a/grub-core/kern/i386/pc/tpm/tpm_kern.c b/grub-core/kern/i386/pc/tpm/tpm_kern.c index 0d00b876e..d681b72c9 100644 --- a/grub-core/kern/i386/pc/tpm/tpm_kern.c +++ b/grub-core/kern/i386/pc/tpm/tpm_kern.c @@ -136,11 +136,11 @@ tcg_statusCheck( grub_uint32_t* returnCode, grub_uint8_t* major, grub_uint8_t* m *returnCode = args.out_eax; if( *returnCode != TCG_PC_OK ) { - return grub_error( GRUB_ERR_TPM, N_( "tcg_statusCheck: asm_tcg_statusCheck failed: %x" ), *returnCode ); + return grub_error( GRUB_ERR_TPM, N_( "tcg_statusCheck: asm_tcg_statusCheck failed: %x" ), *returnCode ); } if( args.out_ebx != TCPA ) { - return grub_error( GRUB_ERR_TPM, N_( "tcg_statusCheck: asm_tcg_statusCheck failed: args.out_ebx != TCPA" ) ); + grub_fatal( "tcg_statusCheck: asm_tcg_statusCheck failed: args.out_ebx != TCPA" ); } *major = (grub_uint8_t) (args.out_ecx >> 8); @@ -154,22 +154,21 @@ tcg_statusCheck( grub_uint32_t* returnCode, grub_uint8_t* major, grub_uint8_t* m /* Invokes assembler function asm_tcg_passThroughToTPM() - Return value = 1 if function successfully completes - On error see returncode; + grub_fatal() on error Page 112 TCG_PCClientImplementation_1-21_1_00 */ -grub_err_t -tcg_passThroughToTPM( const PassThroughToTPM_InputParamBlock* input, PassThroughToTPM_OutputParamBlock* output, grub_uint32_t* returnCode ) { +void +tcg_passThroughToTPM( const PassThroughToTPM_InputParamBlock* input, PassThroughToTPM_OutputParamBlock* output ) { CHECK_FOR_NULL_ARGUMENT( input ); CHECK_FOR_NULL_ARGUMENT( output ); if( ! grub_TPM_isAvailable() ) { - return GRUB_ERR_NO_TPM; + grub_fatal( "tpm not available" ); } if ( ! input->IPBLength || ! input->OPBLength ) { - return grub_error (GRUB_ERR_TPM, N_("tcg_passThroughToTPM: ! input->IPBLength || ! input->OPBLength")); + grub_fatal( "tcg_passThroughToTPM: ! input->IPBLength || ! input->OPBLength" ); } /* copy input buffer */ @@ -190,10 +189,8 @@ tcg_passThroughToTPM( const PassThroughToTPM_InputParamBlock* input, PassThrough asm_tcg_passThroughToTPM( &args ); - *returnCode = args.out_eax; - - if ( *returnCode != TCG_PC_OK ) { - return grub_error( GRUB_ERR_TPM, N_( "tcg_passThroughToTPM: asm_tcg_passThroughToTPM failed: %x" ), *returnCode ); + if ( args.out_eax != TCG_PC_OK ) { + grub_fatal( "tcg_passThroughToTPM: asm_tcg_passThroughToTPM failed: %x", args.out_eax ); } /* copy output_buffer */ @@ -207,17 +204,16 @@ tcg_passThroughToTPM( const PassThroughToTPM_InputParamBlock* input, PassThrough output->OPBLength should be the same as input->OPBLength But they are not ?! output->Reserved has to be zero. But it is not. */ - - return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_measure( const grub_uint8_t* inDigest, const unsigned long index ) { CHECK_FOR_NULL_ARGUMENT( inDigest ); if( ! grub_TPM_isAvailable() ) { - return GRUB_ERR_NO_TPM; + grub_fatal( "tpm not available" ); } ExtendIncoming* extendInput; @@ -231,7 +227,7 @@ grub_TPM_measure( const grub_uint8_t* inDigest, const unsigned long index ) { passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_measure: memory allocation failed" ) ); + grub_fatal( "grub_TPM_measure: memory allocation failed" ); } passThroughInput->IPBLength = inputlen; @@ -248,17 +244,10 @@ grub_TPM_measure( const grub_uint8_t* inDigest, const unsigned long index ) { passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_measure: memory allocation failed" ) ); + grub_fatal( "grub_TPM_measure: memory allocation failed" ); } - grub_uint32_t passThrough_TPM_ReturnCode; - grub_err_t err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThrough_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - return err; - } + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); grub_free( passThroughInput ); extendOutput = (void *)passThroughOutput->TPMOperandOut; @@ -268,9 +257,9 @@ grub_TPM_measure( const grub_uint8_t* inDigest, const unsigned long index ) { grub_free( passThroughOutput ); if( tpmExtendReturnCode == TPM_BADINDEX ) { - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_measure: bad pcr index" ) ); + grub_fatal( "grub_TPM_measure: bad pcr index" ); } - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_measure: tpmExtendReturnCode: %x" ), tpmExtendReturnCode ); + grub_fatal( "grub_TPM_measure: tpmExtendReturnCode: %x", tpmExtendReturnCode ); } #ifdef TGRUB_DEBUG @@ -280,7 +269,6 @@ grub_TPM_measure( const grub_uint8_t* inDigest, const unsigned long index ) { #endif grub_free( passThroughOutput ); - return GRUB_ERR_NONE; } static unsigned int grubTPM_AvailabilityAlreadyChecked = 0; @@ -312,14 +300,14 @@ grub_TPM_isAvailable( void ) { return grubTPM_isAvailable; } -/* Returns 0 on error. */ -grub_err_t +/* grub_fatal() on error */ +void grub_TPM_measureString( const char* string ) { CHECK_FOR_NULL_ARGUMENT( string ) if( ! grub_TPM_isAvailable() ) { - return GRUB_ERR_NO_TPM; + grub_fatal( "tpm not available" ); } /* hash string */ @@ -328,7 +316,7 @@ grub_TPM_measureString( const char* string ) { grub_err_t err = sha1_hash_string( string, result ); if( err != GRUB_ERR_NONE ) { - return err; + grub_fatal( "grub_TPM_measureString: sha1_hash_string failed." ); } /* convert from uint32_t to uint8_t */ @@ -349,28 +337,24 @@ grub_TPM_measureString( const char* string ) { #endif /* measure */ - err = grub_TPM_measure( convertedResult, TPM_COMMAND_MEASUREMENT_PCR ); - - if( err != GRUB_ERR_NONE ) { - return err; - } - - return GRUB_ERR_NONE; + grub_TPM_measure( convertedResult, TPM_COMMAND_MEASUREMENT_PCR ); } -grub_err_t +/* grub_fatal() on error */ +void grub_TPM_measureFile( const char* filename, const unsigned long index ) { CHECK_FOR_NULL_ARGUMENT( filename ) if( ! grub_TPM_isAvailable() ) { - return GRUB_ERR_NO_TPM; + grub_fatal( "tpm not available." ); } /* open file */ grub_file_t file = grub_file_open( filename ); if( ! file ) { - return grub_errno; + grub_print_error(); + grub_fatal( "grub_TPM_measureFile: grub_file_open failed." ); } /* hash file */ @@ -378,13 +362,13 @@ grub_TPM_measureFile( const char* filename, const unsigned long index ) { grub_err_t err = sha1_hash_file( file, result ); if( err != GRUB_ERR_NONE ) { - return err; + grub_fatal( "grub_TPM_measureFile: sha1_hash_file failed." ); } grub_file_close( file ); if ( grub_errno ) { - return grub_errno; + grub_fatal( "grub_TPM_measureFile: grub_file_close failed." ); } /* convert from uint32_t to uint8_t */ @@ -403,22 +387,16 @@ grub_TPM_measureFile( const char* filename, const unsigned long index ) { #endif /* measure */ - err = grub_TPM_measure( convertedResult, index ); - - if( err != GRUB_ERR_NONE ) { - return err; - } - - return GRUB_ERR_NONE; + grub_TPM_measure( convertedResult, index ); } -grub_err_t +void grub_TPM_measureBuffer( const void* buffer, const grub_uint32_t bufferLen, const unsigned long index ) { CHECK_FOR_NULL_ARGUMENT( buffer ) if( ! grub_TPM_isAvailable() ) { - return GRUB_ERR_NO_TPM; + grub_fatal( "tpm not available." ); } /* hash buffer */ @@ -426,7 +404,7 @@ grub_TPM_measureBuffer( const void* buffer, const grub_uint32_t bufferLen, const grub_err_t err = sha1_hash_buffer( buffer, bufferLen, result ); if( err != GRUB_ERR_NONE ) { - return err; + grub_fatal( "grub_TPM_measureBuffer: sha1_hash_buffer failed." ); } /* convert from uint32_t to uint8_t */ @@ -445,13 +423,6 @@ grub_TPM_measureBuffer( const void* buffer, const grub_uint32_t bufferLen, const #endif /* measure */ - err = grub_TPM_measure( convertedResult, index ); - - if( err != GRUB_ERR_NONE ) { - return err; - } - - return GRUB_ERR_NONE; + grub_TPM_measure( convertedResult, index ); } - /* End TCG Extension */ diff --git a/grub-core/loader/i386/pc/chainloader.c b/grub-core/loader/i386/pc/chainloader.c index ca3464884..60dc8ffb9 100644 --- a/grub-core/loader/i386/pc/chainloader.c +++ b/grub-core/loader/i386/pc/chainloader.c @@ -242,16 +242,8 @@ grub_chainloader_cmd (const char *filename, grub_chainloader_flags_t flags) grub_loader_set (grub_chainloader_boot, grub_chainloader_unload, 1); /* Begin TCG Extension */ - grub_err_t err = grub_TPM_measureFile( (char*)filename, TPM_LOADED_FILES_PCR ); + grub_TPM_measureFile( (char*)filename, TPM_LOADED_FILES_PCR ); - // TrustedGRUB2 should work without TPM too, so ignore TPM error here - if( err == GRUB_ERR_NO_TPM ) { - err = GRUB_ERR_NONE; - } - - if( err != GRUB_ERR_NONE ) { - goto fail; - } /* End TCG Extension */ return; diff --git a/grub-core/loader/i386/pc/ntldr.c b/grub-core/loader/i386/pc/ntldr.c index 8ab37dfc7..3f066c1c1 100644 --- a/grub-core/loader/i386/pc/ntldr.c +++ b/grub-core/loader/i386/pc/ntldr.c @@ -139,17 +139,7 @@ grub_cmd_ntldr (grub_command_t cmd __attribute__ ((unused)), grub_loader_set (grub_ntldr_boot, grub_ntldr_unload, 1); /* Begin TCG Extension */ - err = grub_TPM_measureFile( argv[0], TPM_LOADED_FILES_PCR ); - - // TrustedGRUB2 should work without TPM too, so ignore TPM error here - if( err == GRUB_ERR_NO_TPM ) { - err = GRUB_ERR_NONE; - } - - if( err != GRUB_ERR_NONE ) { - goto fail; - } - + grub_TPM_measureFile( argv[0], TPM_LOADED_FILES_PCR ); /* End TCG Extension */ return GRUB_ERR_NONE; diff --git a/grub-core/normal/main.c b/grub-core/normal/main.c index 3b90e920d..01c87bfe4 100644 --- a/grub-core/normal/main.c +++ b/grub-core/normal/main.c @@ -36,7 +36,7 @@ /* BEGIN TCG EXTENSION */ #include -#define TGRUB_VERSION "1.00" +#define TGRUB_VERSION "1.01" /* END TCG EXTENSION */ diff --git a/grub-core/tpm/i386/pc/tpm.c b/grub-core/tpm/i386/pc/tpm.c index f779c24f6..8314cb87e 100644 --- a/grub-core/tpm/i386/pc/tpm.c +++ b/grub-core/tpm/i386/pc/tpm.c @@ -131,14 +131,14 @@ typedef struct tdTCG_PCClientPCREventStruc { grub_uint8_t event[1]; } __attribute__ ((packed)) TCG_PCClientPCREvent; - -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_readpcr( const unsigned long index, grub_uint8_t* result ) { CHECK_FOR_NULL_ARGUMENT( result ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } PassThroughToTPM_InputParamBlock *passThroughInput; @@ -152,7 +152,7 @@ grub_TPM_readpcr( const unsigned long index, grub_uint8_t* result ) { passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "readpcr: memory allocation failed" ) ); + grub_fatal( "readpcr: memory allocation failed" ); } passThroughInput->IPBLength = inputlen; @@ -167,17 +167,10 @@ grub_TPM_readpcr( const unsigned long index, grub_uint8_t* result ) { passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "readpcr: memory allocation failed" ) ); + grub_fatal( "readpcr: memory allocation failed" ); } - grub_uint32_t passThroughTo_TPM_ReturnCode; - grub_err_t err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThroughTo_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - return err; - } + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); grub_free( passThroughInput ); pcrReadOutgoing = (void *)passThroughOutput->TPMOperandOut; @@ -187,46 +180,41 @@ grub_TPM_readpcr( const unsigned long index, grub_uint8_t* result ) { grub_free( passThroughOutput ); if( tpm_PCRreadReturnCode == TPM_BADINDEX ) { - return grub_error( GRUB_ERR_TPM, N_( "readpcr: bad pcr index" ) ); + grub_fatal( "readpcr: bad pcr index" ); } - return grub_error( GRUB_ERR_TPM, N_( "readpcr: tpm_PCRreadReturnCode: %x" ), tpm_PCRreadReturnCode ); + grub_fatal( "readpcr: tpm_PCRreadReturnCode: %x", tpm_PCRreadReturnCode ); } grub_memcpy( result, pcrReadOutgoing->pcr_value, SHA1_DIGEST_SIZE ); - grub_free( passThroughOutput ); - return GRUB_ERR_NONE; } +/* grub_fatal() on error */ static grub_err_t grub_cmd_readpcr( grub_command_t cmd __attribute__ ((unused)), int argc, char **args) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } if ( argc == 0 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "index expected" ) ); + grub_fatal( "grub_cmd_readpcr: index expected" ); } if ( argc > 1 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "Too many arguments" ) ); + grub_fatal( "grub_cmd_readpcr: Too many arguments" ); } unsigned long index = grub_strtoul( args[0], NULL, 10 ); /* if index is invalid */ if( grub_errno != GRUB_ERR_NONE ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "invalid format for index" ) ); + grub_fatal( "grub_cmd_readpcr: invalid format for index" ); } grub_uint8_t result[SHA1_DIGEST_SIZE]; - grub_err_t err = grub_TPM_readpcr( index, &result[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_readpcr( index, &result[0] ); grub_printf( "PCR[%lu]=", index ); print_sha1( result ); @@ -235,11 +223,12 @@ grub_cmd_readpcr( grub_command_t cmd __attribute__ ((unused)), int argc, char ** return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_read_tcglog( const unsigned long index ) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } grub_uint32_t returnCode, featureFlags, eventLog = 0, logAddr = 0, edi = 0; @@ -249,12 +238,12 @@ grub_TPM_read_tcglog( const unsigned long index ) { grub_err_t err = tcg_statusCheck( &returnCode, &major, &minor, &featureFlags, &eventLog, &edi ); if( err != GRUB_ERR_NONE ) { - return err; + grub_fatal( "grub_TPM_read_tcglog: tcg_statusCheck failed" ); } /* edi = 0 means event log is empty */ if( edi == 0 ) { - return grub_error (GRUB_ERR_TPM, N_("Event log is empty")); + grub_fatal( "Event log is empty" ); } logAddr = eventLog; @@ -300,7 +289,7 @@ grub_TPM_read_tcglog( const unsigned long index ) { logAddr += TCG_PCR_EVENT_SIZE + event->eventDataSize; if( logAddr > edi ) { /* index not valid. */ - return grub_error (GRUB_ERR_TPM, N_("No entry at specified index")); + grub_fatal( "No entry at specified index" ); } } @@ -311,81 +300,72 @@ grub_TPM_read_tcglog( const unsigned long index ) { print_sha1( event->digest ); grub_printf( "\n\n" ); } - - return GRUB_ERR_NONE; } +/* grub_fatal() on error */ static grub_err_t grub_cmd_tcglog( grub_command_t cmd __attribute__ ((unused)), int argc, char **args) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } if ( argc == 0 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "index expected" ) ); + grub_fatal( "grub_cmd_tcglog: index expected" ); } if ( argc > 1 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "Too many arguments" ) ); + grub_fatal( "grub_cmd_tcglog: Too many arguments" ); } unsigned long index = grub_strtoul( args[0], NULL, 10 ); /* if index is invalid */ if( grub_errno != GRUB_ERR_NONE ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "invalid format for index" ) ); + grub_fatal( "grub_cmd_tcglog: invalid format for index" ); } - grub_err_t err = grub_TPM_read_tcglog( index ) ; - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_read_tcglog( index ) ; return GRUB_ERR_NONE; } +/* grub_fatal() on error */ static grub_err_t grub_cmd_measure( grub_command_t cmd __attribute__ ((unused)), int argc, char **args) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } if ( argc != 2 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "Wrong number of arguments" ) ); + grub_fatal( "Wrong number of arguments" ); } unsigned long index = grub_strtoul( args[1], NULL, 10 ); /* if index is invalid */ if( grub_errno != GRUB_ERR_NONE ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "invalid format for index" ) ); + grub_fatal( "invalid format for index" ); } - grub_err_t err = grub_TPM_measureFile( args[0], index ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_measureFile( args[0], index ); - return GRUB_ERR_NONE; + return GRUB_ERR_NONE; } /* Invokes assembler function asm_tcg_SetMemoryOverwriteRequestBit() - Return value = 1 if function successfully completes - On error see returncode; + grub_fatal() on error Page 12 TCG Platform Reset Attack Mitigation Specification V 1.0.0 */ -static grub_err_t +static void tcg_SetMemoryOverwriteRequestBit( const SetMemoryOverwriteRequestBitInputParamBlock* input ) { CHECK_FOR_NULL_ARGUMENT( input ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } /* copy input buffer */ @@ -405,18 +385,17 @@ tcg_SetMemoryOverwriteRequestBit( const SetMemoryOverwriteRequestBitInputParamBl asm_tcg_SetMemoryOverwriteRequestBit( &args ); if ( args.out_eax != TCG_PC_OK ) { - return grub_error( GRUB_ERR_TPM, N_( "tcg_SetMemoryOverwriteRequestBit: asm_tcg_SetMemoryOverwriteRequestBit failed: %x" ), args.out_eax ); + grub_fatal( "tcg_SetMemoryOverwriteRequestBit: asm_tcg_SetMemoryOverwriteRequestBit failed: %x", args.out_eax ); } - - return GRUB_ERR_NONE; } /* Sets Memory Overwrite Request bit */ -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_SetMOR_Bit( const unsigned long disableAutoDetect ) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } SetMemoryOverwriteRequestBitInputParamBlock input; @@ -436,58 +415,49 @@ grub_TPM_SetMOR_Bit( const unsigned long disableAutoDetect ) { input.memoryOverwriteActionBitValue = 0x01; } - grub_err_t err = tcg_SetMemoryOverwriteRequestBit( &input ); - - if( err != GRUB_ERR_NONE ) { - return err; - } - - return GRUB_ERR_NONE; + tcg_SetMemoryOverwriteRequestBit( &input ); } +/* grub_fatal() on error */ static grub_err_t grub_cmd_setMOR( grub_command_t cmd __attribute__ ((unused)), int argc, char **args) { if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } if ( argc == 0 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "value expected" ) ); + grub_fatal( "setMOR: BAD_ARGUMENT: value expected" ); } if ( argc > 1 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "Too many arguments" ) ); + grub_fatal( "setMOR: Too many arguments" ); } unsigned long disableAutoDetect = grub_strtoul( args[0], NULL, 10 ); /* if disableAutoDetect is invalid */ if( grub_errno != GRUB_ERR_NONE ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "invalid format for 'disableAutoDetect' " ) ); + grub_fatal( "setMOR: BAD_ARGUMENT: invalid format for 'disableAutoDetect' " ); } if( disableAutoDetect > 1 ) { - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "Value must be 0 or 1" ) ); - } - - grub_err_t err = grub_TPM_SetMOR_Bit( disableAutoDetect ); - - if( err != GRUB_ERR_NONE ) { - return err; + grub_fatal( "setMOR: BAD_ARGUMENT: Value must be 0 or 1" ); } + grub_TPM_SetMOR_Bit( disableAutoDetect ); return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_getRandom( const unsigned long randomBytesRequested, grub_uint8_t* result ) { CHECK_FOR_NULL_ARGUMENT( result ) CHECK_FOR_NULL_ARGUMENT( randomBytesRequested ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } GetRandomIncoming* getRandomInput; @@ -510,7 +480,7 @@ grub_TPM_getRandom( const unsigned long randomBytesRequested, grub_uint8_t* resu passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_getRandom: memory allocation failed" ) ); + grub_fatal( "grub_TPM_getRandom: memory allocation failed" ); } passThroughInput->IPBLength = inputlen; @@ -525,20 +495,11 @@ grub_TPM_getRandom( const unsigned long randomBytesRequested, grub_uint8_t* resu passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_getRandom: memory allocation failed" ) ); - } - - grub_uint32_t passThroughTo_TPM_ReturnCode; - grub_err_t err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThroughTo_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - - return err; + grub_fatal( "grub_TPM_getRandom: memory allocation failed" ); } - grub_free( passThroughInput ); + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); + grub_free( passThroughInput ); getRandomOutput = (void *)passThroughOutput->TPMOperandOut; grub_uint32_t tpm_getRandomReturnCode = swap32( getRandomOutput->returnCode ); @@ -546,7 +507,7 @@ grub_TPM_getRandom( const unsigned long randomBytesRequested, grub_uint8_t* resu if( tpm_getRandomReturnCode != TPM_SUCCESS ) { grub_free( passThroughOutput ); - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_getRandom: tpm_getRandomReturnCode: %x" ), tpm_getRandomReturnCode ); + grub_fatal( "grub_TPM_getRandom: tpm_getRandomReturnCode: %x", tpm_getRandomReturnCode ); } if( swap32( getRandomOutput->randomBytesSize ) != randomBytesRequested ) { @@ -554,23 +515,23 @@ grub_TPM_getRandom( const unsigned long randomBytesRequested, grub_uint8_t* resu DEBUG_PRINT( ( "tpmOutput->randomBytesSize != randomBytesRequested\n" ) ); DEBUG_PRINT( ( "tpmOutput->randomBytesSize = %x \n", swap32( getRandomOutput->randomBytesSize ) ) ); DEBUG_PRINT( ( "randomBytesRequested = %lu \n", randomBytesRequested ) ); - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_getRandom: tpmOutput->randomBytesSize != randomBytesRequested" ) ); + grub_fatal( "grub_TPM_getRandom: tpmOutput->randomBytesSize != randomBytesRequested" ); } grub_memcpy( result, getRandomOutput->randomBytes, (grub_uint32_t) randomBytesRequested ); grub_free( passThroughOutput ); - return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_openOIAP_Session( grub_uint32_t* authHandle, grub_uint8_t* nonceEven ) { CHECK_FOR_NULL_ARGUMENT( authHandle ) CHECK_FOR_NULL_ARGUMENT( nonceEven ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } OIAP_Incoming* oiapInput; @@ -584,7 +545,7 @@ grub_TPM_openOIAP_Session( grub_uint32_t* authHandle, grub_uint8_t* nonceEven ) passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_openOIAP_Session: memory allocation failed" ) ); + grub_fatal( "grub_TPM_openOIAP_Session: memory allocation failed"); } passThroughInput->IPBLength = inputlen; @@ -598,19 +559,10 @@ grub_TPM_openOIAP_Session( grub_uint32_t* authHandle, grub_uint8_t* nonceEven ) passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughOutput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_openOIAP_Session: memory allocation failed" ) ); - } - - grub_uint32_t passThroughTo_TPM_ReturnCode; - grub_err_t err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThroughTo_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - - return err; + grub_fatal( "grub_TPM_openOIAP_Session: memory allocation failed"); } + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); grub_free( passThroughInput ); oiapOutput = (void *)passThroughOutput->TPMOperandOut; @@ -618,8 +570,7 @@ grub_TPM_openOIAP_Session( grub_uint32_t* authHandle, grub_uint8_t* nonceEven ) if( tpm_OIAP_ReturnCode != TPM_SUCCESS ) { grub_free( passThroughOutput ); - - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_openOIAP_Session: tpm_OIAP_ReturnCode: %x" ), tpm_OIAP_ReturnCode ); + grub_fatal( "grub_TPM_openOIAP_Session: tpm_OIAP_ReturnCode: %x", tpm_OIAP_ReturnCode ); } *authHandle = swap32( oiapOutput->authHandle ); @@ -627,10 +578,10 @@ grub_TPM_openOIAP_Session( grub_uint32_t* authHandle, grub_uint8_t* nonceEven ) grub_memcpy( nonceEven, oiapOutput->nonceEven, TPM_NONCE_SIZE ); grub_free( passThroughOutput ); - return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t entityValue, const grub_uint8_t* nonceOddOSAP, grub_uint32_t* authHandle, grub_uint8_t* nonceEven, grub_uint8_t* nonceEvenOSAP ) { @@ -639,7 +590,7 @@ grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t e CHECK_FOR_NULL_ARGUMENT( nonceEvenOSAP ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } OSAP_Incoming* osapInput; @@ -653,7 +604,7 @@ grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t e passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_openOSAP_Session: memory allocation failed" ) ); + grub_fatal( "grub_TPM_openOSAP_Session: memory allocation failed" ); } passThroughInput->IPBLength = inputlen; @@ -671,19 +622,10 @@ grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t e passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_openOSAP_Session: memory allocation failed" ) ); - } - - grub_uint32_t passThroughTo_TPM_ReturnCode; - grub_err_t err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThroughTo_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - - return err; + grub_fatal( "grub_TPM_openOSAP_Session: memory allocation failed" ); } + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); grub_free( passThroughInput ); osapOutput = (void *)passThroughOutput->TPMOperandOut; @@ -691,8 +633,7 @@ grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t e if( tpm_OSAP_ReturnCode != TPM_SUCCESS ) { grub_free( passThroughOutput ); - - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_openOSAP_Session: tpm_OSAP_ReturnCode: %x" ), tpm_OSAP_ReturnCode ); + grub_fatal( "grub_TPM_openOSAP_Session: tpm_OSAP_ReturnCode: %x", tpm_OSAP_ReturnCode ); } *authHandle = swap32( osapOutput->authHandle ); @@ -701,12 +642,11 @@ grub_TPM_openOSAP_Session( const grub_uint32_t entityType, const grub_uint16_t e grub_memcpy( nonceEvenOSAP, osapOutput->nonceEvenOSAP, TPM_NONCE_SIZE ); grub_free( passThroughOutput ); - - return GRUB_ERR_NONE; } /* calculate shared-secret = HMAC( srkAuthData, nonceEvenOSAP || nonceOddOSAP ) */ -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_calculate_osap_sharedSecret( const grub_uint8_t* nonceEvenOSAP, const grub_uint8_t* nonceOddOSAP, grub_uint8_t* result ) { CHECK_FOR_NULL_ARGUMENT( nonceEvenOSAP ) @@ -714,7 +654,7 @@ grub_TPM_calculate_osap_sharedSecret( const grub_uint8_t* nonceEvenOSAP, const g CHECK_FOR_NULL_ARGUMENT( result ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } grub_size_t dataSize = TPM_NONCE_SIZE * 2; @@ -732,13 +672,12 @@ grub_TPM_calculate_osap_sharedSecret( const grub_uint8_t* nonceEvenOSAP, const g dataSize, result ); if( hmacErrorCode ) { - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_calculate_osap_sharedSecre failedt: hmacErrorCode: %x" ), hmacErrorCode ); + grub_fatal( "grub_TPM_calculate_osap_sharedSecre failed: hmacErrorCode: %x", hmacErrorCode ); } - - return GRUB_ERR_NONE; } -static grub_err_t +/* grub_fatal() on error */ +static void grub_TPM_calculate_Auth( const grub_uint8_t* sharedSecret, const grub_uint8_t* digest, const grub_uint8_t* nonceEven, const grub_uint8_t* nonceOdd, const grub_uint8_t continueSession, grub_uint8_t* result ) { @@ -749,7 +688,7 @@ grub_TPM_calculate_Auth( const grub_uint8_t* sharedSecret, const grub_uint8_t* d CHECK_FOR_NULL_ARGUMENT( result ) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } grub_size_t dataSize = SHA1_DIGEST_SIZE /* hashed ordinal and inData */ + @@ -778,20 +717,19 @@ grub_TPM_calculate_Auth( const grub_uint8_t* sharedSecret, const grub_uint8_t* d dataSize, result ); if( hmacErrorCode ) { - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_calculate_Auth failedt: hmacErrorCode: %x" ), hmacErrorCode ); + grub_fatal( "grub_TPM_calculate_Auth failed: hmacErrorCode: %x", hmacErrorCode ); } - - return GRUB_ERR_NONE; } -grub_err_t +/* grub_fatal() on error */ +void grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, grub_uint8_t** result, grub_size_t* resultSize ) { CHECK_FOR_NULL_ARGUMENT( sealedBuffer ) CHECK_FOR_NULL_ARGUMENT( resultSize) if( ! grub_TPM_isAvailable() ) { - return grub_error (GRUB_ERR_NO_TPM, N_("TPM not available")); + grub_fatal( "TPM not available" ); } /* TPM_UNSEAL Incoming Operand */ @@ -835,7 +773,7 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, passThroughInput = grub_zalloc( inputlen ); if( ! passThroughInput ) { - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_unseal: memory allocation failed" ) ); + grub_fatal( "grub_TPM_unseal: memory allocation failed" ); } passThroughInput->IPBLength = inputlen; @@ -853,41 +791,22 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, /* get random for nonceOddOSAP */ grub_uint8_t nonceOddOSAP[TPM_NONCE_SIZE]; - grub_err_t err = grub_TPM_getRandom( TPM_NONCE_SIZE, &nonceOddOSAP[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_getRandom( TPM_NONCE_SIZE, &nonceOddOSAP[0] ); grub_uint32_t authHandle = 0; grub_uint8_t authLastNonceEven[TPM_NONCE_SIZE]; grub_uint8_t nonceEvenOSAP[TPM_NONCE_SIZE]; - err = grub_TPM_openOSAP_Session( TPM_ET_SRK, TPM_KH_SRK, &nonceOddOSAP[0], &authHandle, &authLastNonceEven[0], &nonceEvenOSAP[0] ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_openOSAP_Session( TPM_ET_SRK, TPM_KH_SRK, &nonceOddOSAP[0], &authHandle, &authLastNonceEven[0], &nonceEvenOSAP[0] ); unsealInput->authHandle = swap32( authHandle ); grub_uint8_t sharedSecret[SHA1_DIGEST_SIZE]; - err = grub_TPM_calculate_osap_sharedSecret( &nonceEvenOSAP[0], &nonceOddOSAP[0], &sharedSecret[0] ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_calculate_osap_sharedSecret( &nonceEvenOSAP[0], &nonceOddOSAP[0], &sharedSecret[0] ); /* open OIAP Session */ grub_uint8_t dataLastNonceEven[TPM_NONCE_SIZE]; grub_uint32_t dataAuthHandle = 0; - err = grub_TPM_openOIAP_Session( &dataAuthHandle, &dataLastNonceEven[0] ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_openOIAP_Session( &dataAuthHandle, &dataLastNonceEven[0] ); unsealInput->dataAuthHandle = swap32( dataAuthHandle ); @@ -899,7 +818,7 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, grub_uint8_t* dataToHash = grub_zalloc( dataToHashSize ); if( ! dataToHash ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_unseal: memory allocation failed" ) ); + grub_fatal( "grub_TPM_unseal: memory allocation failed" ); } /* copy ordinal */ @@ -917,54 +836,28 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, /* HMAC( sharedSecret, SHA1( ordinal, inData ) || authLastNonceEven || nonceOdd || continueAuthSession ) */ /* get random for nonceOdd */ - err = grub_TPM_getRandom( TPM_NONCE_SIZE, unsealInput->nonceOdd ); - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_getRandom( TPM_NONCE_SIZE, unsealInput->nonceOdd ); unsealInput->continueAuthSession = 0; - err = grub_TPM_calculate_Auth( &sharedSecret[0], &hashResult[0], &authLastNonceEven[0], unsealInput->nonceOdd, unsealInput->continueAuthSession, unsealInput->parentAuth ); - - if ( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_calculate_Auth( &sharedSecret[0], &hashResult[0], &authLastNonceEven[0], unsealInput->nonceOdd, unsealInput->continueAuthSession, unsealInput->parentAuth ); /* calc dataAuth */ /* HMAC( entity.usageAuth, SHA1( ordinal, inData ) || dataLastNonceEven || dataNonceOdd || continueDataSession ) */ /* get random for dataNonceOdd */ - err = grub_TPM_getRandom( TPM_NONCE_SIZE, unsealInput->dataNonceOdd ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_getRandom( TPM_NONCE_SIZE, unsealInput->dataNonceOdd ); unsealInput->continueDataSession = 0; - err = grub_TPM_calculate_Auth( blobAuthData, &hashResult[0], &dataLastNonceEven[0], unsealInput->dataNonceOdd, unsealInput->continueDataSession, unsealInput->dataAuth ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - return err; - } + grub_TPM_calculate_Auth( blobAuthData, &hashResult[0], &dataLastNonceEven[0], unsealInput->dataNonceOdd, unsealInput->continueDataSession, unsealInput->dataAuth ); passThroughOutput = grub_zalloc( outputlen ); if( ! passThroughOutput ) { grub_free( passThroughInput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_unseal: memory allocation failed" ) ); + grub_fatal( "grub_TPM_unseal: memory allocation failed" ); } - grub_uint32_t passThroughTo_TPM_ReturnCode; - err = tcg_passThroughToTPM( passThroughInput, passThroughOutput, &passThroughTo_TPM_ReturnCode ); - - if( err != GRUB_ERR_NONE ) { - grub_free( passThroughInput ); - grub_free( passThroughOutput ); - return err; - } + tcg_passThroughToTPM( passThroughInput, passThroughOutput ); grub_free( passThroughInput ); unsealOutput = (void *)passThroughOutput->TPMOperandOut; @@ -974,10 +867,10 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, grub_free( passThroughOutput ); if( tpm_UnsealReturnCode == TPM_AUTHFAIL ) { - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_unseal: Authentication failed" ) ); + grub_fatal( "grub_TPM_unseal: Authentication failed" ); } - return grub_error( GRUB_ERR_TPM, N_( "grub_TPM_unseal: Unsealing failed: %x" ), tpm_UnsealReturnCode ); + grub_fatal( "grub_TPM_unseal: Unsealing failed: %x", tpm_UnsealReturnCode ); } /* skip check for returned AuthData */ @@ -988,13 +881,12 @@ grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, if( ! *result ) { grub_free( passThroughOutput ); - return grub_error( GRUB_ERR_OUT_OF_MEMORY, N_( "grub_TPM_unseal: memory allocation failed" ) ); + grub_fatal( "grub_TPM_unseal: memory allocation failed" ); } grub_memcpy( *result, &unsealOutput->unsealedData[0], *resultSize ); grub_free( passThroughOutput ); - return GRUB_ERR_NONE; } #ifdef TGRUB_DEBUG @@ -1044,17 +936,7 @@ grub_cmd_unseal( grub_command_t cmd __attribute__ ((unused)), int argc, char **a grub_uint8_t* result = NULL; grub_size_t resultSize = 0; - grub_err_t err = grub_TPM_unseal( buf, fileSize, &result, &resultSize ); - - if( err != GRUB_ERR_NONE ) { - grub_free( buf ); - - if( result ) { - grub_free( result ); - } - - return err; - } + grub_TPM_unseal( buf, fileSize, &result, &resultSize ); grub_free( buf ); grub_free( result ); @@ -1090,11 +972,7 @@ grub_cmd_getRandom( grub_command_t cmd __attribute__ ((unused)), int argc, char grub_uint8_t random[randomBytesRequested]; - grub_err_t err = grub_TPM_getRandom( randomBytesRequested, &random[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_getRandom( randomBytesRequested, &random[0] ); unsigned int j; for( j = 0; j < randomBytesRequested; ++j ) { @@ -1114,11 +992,7 @@ grub_cmd_openOIAP(grub_command_t cmd __attribute__ ((unused)), int argc __attrib grub_uint32_t authHandle = 0; grub_uint8_t nonceEven[TPM_NONCE_SIZE]; - grub_err_t err = grub_TPM_openOIAP_Session( &authHandle, &nonceEven[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_openOIAP_Session( &authHandle, &nonceEven[0] ); grub_printf( "authHandle: %x \n", authHandle ); @@ -1140,21 +1014,13 @@ grub_cmd_openOSAP(grub_command_t cmd __attribute__ ((unused)), int argc __attrib /* get random for nonceOddOSAP */ grub_uint8_t nonceOddOSAP[TPM_NONCE_SIZE]; - grub_err_t err = grub_TPM_getRandom( TPM_NONCE_SIZE, &nonceOddOSAP[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_getRandom( TPM_NONCE_SIZE, &nonceOddOSAP[0] ); grub_uint32_t authHandle = 0; grub_uint8_t nonceEven[TPM_NONCE_SIZE]; grub_uint8_t nonceEvenOSAP[TPM_NONCE_SIZE]; - err = grub_TPM_openOSAP_Session( TPM_ET_SRK, TPM_KH_SRK, &nonceOddOSAP[0], &authHandle, &nonceEven[0], &nonceEvenOSAP[0] ); - - if( err != GRUB_ERR_NONE ) { - return err; - } + grub_TPM_openOSAP_Session( TPM_ET_SRK, TPM_KH_SRK, &nonceOddOSAP[0], &authHandle, &nonceEven[0], &nonceEvenOSAP[0] ); grub_printf( "authHandle: %x \n", authHandle ); @@ -1222,5 +1088,4 @@ GRUB_MOD_FINI(tpm) #endif } - /* End TCG extension */ diff --git a/include/grub/i386/pc/tpm.h b/include/grub/i386/pc/tpm.h index 73b28c490..0c1bab271 100644 --- a/include/grub/i386/pc/tpm.h +++ b/include/grub/i386/pc/tpm.h @@ -14,7 +14,7 @@ #define CHECK_FOR_NULL_ARGUMENT( argument ) \ if( ! argument ) { \ - return grub_error( GRUB_ERR_BAD_ARGUMENT, N_( "argument is NULL" ) ); \ + grub_fatal( "BAD_ARGUMENT: argument is NULL" ); \ } #define SHA1_DIGEST_SIZE 20 @@ -92,21 +92,21 @@ grub_uint32_t EXPORT_FUNC(swap32) ( grub_uint32_t value ); grub_uint32_t EXPORT_FUNC(grub_TPM_isAvailable) ( void ); /* Measure string */ -grub_err_t EXPORT_FUNC(grub_TPM_measureString) ( const char *string ); +void EXPORT_FUNC(grub_TPM_measureString) ( const char *string ); /* Measure file */ -grub_err_t EXPORT_FUNC(grub_TPM_measureFile) ( const char* filename, const unsigned long index ); +void EXPORT_FUNC(grub_TPM_measureFile) ( const char* filename, const unsigned long index ); /* Measure buffer */ -grub_err_t EXPORT_FUNC(grub_TPM_measureBuffer) ( const void* buffer, grub_uint32_t bufferLen, const unsigned long index ); +void EXPORT_FUNC(grub_TPM_measureBuffer) ( const void* buffer, grub_uint32_t bufferLen, const unsigned long index ); -grub_err_t grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, grub_uint8_t** result, grub_size_t* resultSize ); +void grub_TPM_unseal( const grub_uint8_t* sealedBuffer, const grub_size_t inputSize, grub_uint8_t** result, grub_size_t* resultSize ); /* Invokes assembler function asm_tcg_statusCheck() */ grub_err_t EXPORT_FUNC(tcg_statusCheck)( grub_uint32_t *returnCode, grub_uint8_t *major, grub_uint8_t *minor, grub_uint32_t *featureFlags, grub_uint32_t *eventLog, grub_uint32_t *edi ); /* pass commands to TPM */ -grub_err_t EXPORT_FUNC(tcg_passThroughToTPM) ( const PassThroughToTPM_InputParamBlock* input, - PassThroughToTPM_OutputParamBlock* output, grub_uint32_t* returnCode ); +void EXPORT_FUNC(tcg_passThroughToTPM) ( const PassThroughToTPM_InputParamBlock* input, + PassThroughToTPM_OutputParamBlock* output ); /* Assembler exports: */ grub_uint32_t EXPORT_FUNC(asm_tcg_statusCheck) (StatusCheckArgs* args);