Skip to content

Commit

Permalink
FAPI: Add event logging for firmware and IMA events.
Browse files Browse the repository at this point in the history 
 Add serialization and deserialization for firmware events:

 * Serialization and deserialization of firmware events specified in the
   TCG PC Client Platform Firmware Profile was added.
 * Also for the firmare legacy format (sha1) the serialization and deserialization
   was added.

 Add serialization and deserialization for IMA events:

 * Serialization of IMA events as described on: https://sourceforge.net/p/linux-ima/wiki/Home/
   was added. The templates ima, img-sig, ima-ng, and ima-sig are supported.
 * Tests in fapi-jons.c were adapted.

 Integrate firmware and IMA eventlog:

 * Since fapi logging of IMA and firmware events is only a preview version this functionality
   has to be explicitly activated with a configure switch.
 * The IMA event logging was integrated.
 * The PC-Client firmware logging was integrated.

CEL Events:

* The cel_version event was added as first event for the event log of PCR 0.
* The firmware_end event was added behind the last firmware event.
* Serialization and deserialization of CEL events was added.

Event logging:

* For invalid digests an error will only produced for quote verification.
  In other cases only a warning will be displayed.
* rename "type" to "content_type".
* rename "sub_event" to "content".

Tests for event logging for firmware and IMA events:

* An Unit test for several binary examples was added.
* Tests in fapi-jons.c were adapted.
* Copied functions were removed from unit test fapi-json.c
* An Integration test for The PC-Client firmware logging was added.
* An Integration test for The PC-Client firmware logging in the
  legacy format was added.

Signed-off-by: Juergen Repp <juergen.repp@sit.fraunhofer.de>
  • Loading branch information
@JuergenReppSIT
JuergenReppSIT committed Apr 5, 2022
1 parent 57869f5 commit 7cb07d8
Show file tree
Hide file tree
Showing 56 changed files with 6,056 additions and 299 deletions.
2 changes: 1 addition & 1 deletion .cirrus.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,7 @@ task:
- pkg update -f
- pkg upgrade -y
- pkg install -y bash gmake coreutils libtool pkgconf autoconf autoconf-archive
- pkg install -y automake openssl json-c cmocka uthash wget curl git
- pkg install -y automake openssl json-c cmocka uthash wget curl git util-linux
- wget --quiet --show-progress --progress=dot:giga "https://downloads.sourceforge.net/project/ibmswtpm2/$ibmtpm_name.tar.gz"
- shasum -a256 $ibmtpm_name.tar.gz | grep ^dd3a4c3f7724243bc9ebcd5c39bbf87b82c696d1c1241cb8e5883534f6e2e327
- mkdir -p $ibmtpm_name
Expand Down
1 change: 1 addition & 0 deletions INSTALL.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -54,6 +54,7 @@ $ sudo apt -y install \
libjson-c-dev \
libini-config-dev \
libcurl4-openssl-dev \
libuuid-dev \
libltdl-dev
```
Note: In some Ubuntu versions, the lcov and autoconf-archive packages are incompatible with each other. It is recommended to download autoconf-archive directly from upstream and copy `ax_code_coverage.m4` and `ax_prog_doxygen.m4` to the `m4/` subdirectory of your tpm2-tss directory.
Expand Down
127 changes: 121 additions & 6 deletions Makefile-test.am
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,6 +144,14 @@ TESTS_UNIT += \
test/unit/fapi-profiles \
test/unit/fapi-config \
test/unit/fapi-get-intl-cert

if FAPI_EVENTLOG_PREVIEW
TESTS_UNIT += \
test/unit/fapi-eventlog \
test/unit/fapi-ima-eventlog \
test/unit/fapi-check-ima-log
endif

endif FAPI
endif #UNIT

Expand Down Expand Up @@ -376,6 +384,11 @@ if DEVICEDESTRUCTIVE
FAPI_TESTS_INTEGRATION += \
test/integration/fapi-key-create-sign-policy-provision.fint \
test/integration/fapi-quote-destructive.fint
if FAPI_EVENTLOG_PREVIEW
FAPI_TESTS_INTEGRATION += \
test/integration/fapi-quote-destructive-eventlog.fint \
test/integration/fapi-quote-destructive-eventlog-pc-client.fint
endif
endif #PTPMDESTRUCTIVE
endif TESTDEVICE

Expand All @@ -387,6 +400,11 @@ FAPI_TESTS_INTEGRATION += \
test/integration/fapi-provision-fingerprint_ecc.fint \
test/integration/fapi-provision-certificate_ecc.fint \
test/integration/fapi-quote-destructive.fint
if FAPI_EVENTLOG_PREVIEW
FAPI_TESTS_INTEGRATION += \
test/integration/fapi-quote-destructive-eventlog.fint \
test/integration/fapi-quote-destructive-eventlog-pc-client.fint
endif
endif #!TESTDEVICE

TESTS_INTEGRATION += $(FAPI_TESTS_INTEGRATION)
Expand Down Expand Up @@ -664,10 +682,13 @@ if FAPI

test_unit_fapi_json_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_json_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_json_LDFLAGS = $(TESTS_LDFLAGS) $(CURL_LIBS) $(JSONC_LIBS)
test_unit_fapi_json_LDFLAGS = $(TESTS_LDFLAGS) $(CURL_LIBS) $(JSONC_LIBS) $(UUID_LIBS)
test_unit_fapi_json_SOURCES = test/unit/fapi-json.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -680,12 +701,15 @@ test_unit_fapi_json_SOURCES = test/unit/fapi-json.c \

test_unit_fapi_helpers_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_helpers_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_helpers_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_helpers_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS) \
-Wl,--wrap=ifapi_crypto_hash_update \
-Wl,--wrap=ifapi_crypto_hash_finish
test_unit_fapi_helpers_SOURCES = test/unit/fapi-helpers.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -698,7 +722,7 @@ test_unit_fapi_helpers_SOURCES = test/unit/fapi-helpers.c \

test_unit_fapi_io_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_io_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_io_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_io_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS) \
-Wl,--wrap=fopen \
-Wl,--wrap=fseek \
-Wl,--wrap=ftell \
Expand All @@ -712,6 +736,9 @@ test_unit_fapi_io_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_io_SOURCES = test/unit/fapi-io.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -724,12 +751,15 @@ test_unit_fapi_io_SOURCES = test/unit/fapi-io.c \

test_unit_fapi_profiles_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_profiles_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_profiles_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_profiles_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS) \
-Wl,--wrap=ifapi_io_read_finish
test_unit_fapi_profiles_SOURCES = test/unit/fapi-profiles.c \
src/tss2-fapi/ifapi_profiles.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -742,12 +772,15 @@ test_unit_fapi_profiles_SOURCES = test/unit/fapi-profiles.c \

test_unit_fapi_config_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_config_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_config_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_config_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS) \
-Wl,--wrap=ifapi_io_read_finish
test_unit_fapi_config_SOURCES = test/unit/fapi-config.c \
src/tss2-fapi/ifapi_config.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -760,13 +793,16 @@ test_unit_fapi_config_SOURCES = test/unit/fapi-config.c \

test_unit_fapi_get_intl_cert_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_get_intl_cert_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_get_intl_cert_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) \
test_unit_fapi_get_intl_cert_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS) \
-Wl,--wrap=ifapi_get_curl_buffer \
-Wl,--wrap=EVP_DigestUpdate
test_unit_fapi_get_intl_cert_SOURCES = test/unit/fapi-get-intl-cert.c \
src/tss2-fapi/ifapi_get_intl_cert.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
Expand All @@ -776,7 +812,63 @@ test_unit_fapi_get_intl_cert_SOURCES = test/unit/fapi-get-intl-cert.c \
src/tss2-fapi/ifapi_helpers.c \
src/tss2-fapi/ifapi_keystore.c \
src/tss2-fapi/ifapi_io.c
test_unit_fapi_eventlog_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_eventlog_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_eventlog_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS)
test_unit_fapi_eventlog_SOURCES = test/unit/fapi-eventlog.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/ifapi_json_eventlog_deserialize.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_eventlog_system.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
src/tss2-fapi/tpm_json_serialize.c \
src/tss2-fapi/fapi_crypto.c \
src/tss2-fapi/ifapi_eventlog.c \
src/tss2-fapi/ifapi_helpers.c\
src/tss2-fapi/ifapi_keystore.c \
src/tss2-fapi/ifapi_io.c


test_unit_fapi_ima_eventlog_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_ima_eventlog_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_ima_eventlog_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS)
test_unit_fapi_ima_eventlog_SOURCES = test/unit/fapi-ima-eventlog.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
src/tss2-fapi/tpm_json_serialize.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/fapi_crypto.c \
src/tss2-fapi/ifapi_eventlog.c \
src/tss2-fapi/ifapi_helpers.c \
src/tss2-fapi/ifapi_eventlog_system.c\
src/tss2-fapi/ifapi_keystore.c \
src/tss2-fapi/ifapi_io.c
test_unit_fapi_check_ima_log_CFLAGS = $(CMOCKA_CFLAGS) $(TESTS_CFLAGS)
test_unit_fapi_check_ima_log_LDADD = $(CMOCKA_LIBS) $(TESTS_LDADD)
test_unit_fapi_check_ima_log_LDFLAGS = $(TESTS_LDFLAGS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS)
test_unit_fapi_check_ima_log_SOURCES = test/unit/fapi-check-ima-log.c \
src/tss2-fapi/ifapi_ima_eventlog.c \
src/tss2-fapi/ifapi_json_deserialize.c \
src/tss2-fapi/ifapi_json_serialize.c \
src/tss2-fapi/ifapi_policy_json_deserialize.c \
src/tss2-fapi/ifapi_policy_json_serialize.c \
src/tss2-fapi/tpm_json_deserialize.c \
src/tss2-fapi/tpm_json_serialize.c \
src/tss2-fapi/ifapi_json_eventlog_serialize.c \
src/tss2-fapi/fapi_crypto.c \
src/tss2-fapi/ifapi_eventlog.c \
src/tss2-fapi/ifapi_helpers.c \
src/tss2-fapi/ifapi_eventlog_system.c\
src/tss2-fapi/ifapi_keystore.c \
src/tss2-fapi/ifapi_io.c
endif # FAPI
endif # UNIT

Expand Down Expand Up @@ -2174,6 +2266,29 @@ test_integration_fapi_quote_destructive_fint_SOURCES = \
test/integration/fapi-quote-destructive.int.c \
test/integration/main-fapi.c test/integration/test-fapi.h

if FAPI_EVENTLOG_PREVIEW
test_integration_fapi_quote_destructive_eventlog_fint_CFLAGS = $(TESTS_CFLAGS) \
-DFAPI_PROFILE=\"P_ECC_system\" \
-D FAPI_TEST_FIRMWARE_LOG_FILE=\"test/data/fapi/eventlog/binary_measurements_nuc.bin\" \
-D FAPI_TEST_IMA_LOG_FILE=\"test/data/fapi/eventlog/sml-ima-ng-sha1.bin\"
test_integration_fapi_quote_destructive_eventlog_fint_LDADD = $(TESTS_LDADD)
test_integration_fapi_quote_destructive_eventlog_fint_LDFLAGS = $(TESTS_LDFLAGS)
test_integration_fapi_quote_destructive_eventlog_fint_SOURCES = \
test/integration/fapi-quote-destructive-eventlog.int.c \
test/integration/main-fapi.c test/integration/test-fapi.h

test_integration_fapi_quote_destructive_eventlog_pc_client_fint_CFLAGS = $(TESTS_CFLAGS) \
-DFAPI_PROFILE=\"P_ECC_system\" \
-D FAPI_TEST_FIRMWARE_PC_CLIENT \
-D FAPI_TEST_FIRMWARE_LOG_FILE=\"test/data/fapi/eventlog/binary_measurements_pc_client.bin\" \
-D FAPI_TEST_IMA_LOG_FILE=\"test/data/fapi/eventlog/sml-ima-ng-sha1.bin\"
test_integration_fapi_quote_destructive_eventlog_pc_client_fint_LDADD = $(TESTS_LDADD)
test_integration_fapi_quote_destructive_eventlog_pc_client_fint_LDFLAGS = $(TESTS_LDFLAGS)
test_integration_fapi_quote_destructive_eventlog_pc_client_fint_SOURCES = \
test/integration/fapi-quote-destructive-eventlog.int.c \
test/integration/main-fapi.c test/integration/test-fapi.h
endif # FAPI_EVENTLOG_PREVIEW]


endif #FAPI
endif #ENABLE_INTEGRATION
Expand Down
20 changes: 18 additions & 2 deletions Makefile.am
View file
Original file line number Diff line number Diff line change
Expand Up @@ -533,6 +533,7 @@ EXTRA_DIST += \
test/data/fapi/P_RSA_sh_policy.json \
test/data/fapi/P_RSA256.json \
test/data/fapi/P_ECC.json \
test/data/fapi/P_ECC_system.json \
test/data/fapi/policy/pol_pcr16_0.json \
test/data/fapi/policy/pol_pcr16_0_rsa_authorized.json \
test/data/fapi/policy/pol_pcr16_0_ecc_authorized.json \
Expand Down Expand Up @@ -562,14 +563,29 @@ EXTRA_DIST += \
test/data/fapi/policy/pol_pcr16_read.json \
test/data/fapi/policy/pol_action.json \
test/data/fapi/policy/pol_cphash.json \
test/data/fapi/policy/pol_or_read_write_secret.json
test/data/fapi/policy/pol_or_read_write_secret.json \
test/data/fapi/eventlog/binary_measurements_nuc.bin \
test/data/fapi/eventlog/binary_measurements_pc_client.bin \
test/data/fapi/eventlog/event.bin \
test/data/fapi/eventlog/event-uefiaction.bin \
test/data/fapi/eventlog/event-uefiservices.bin \
test/data/fapi/eventlog/event-uefivar.bin \
test/data/fapi/eventlog/specid-vendordata.bin \
test/data/fapi/eventlog/sml-ima-ng-sha1.bin \
test/data/fapi/eventlog/sml-ima-sha1.bin \
test/data/fapi/eventlog/sml-ima-sig-sha256.bin \
test/data/fapi/eventlog/sml-ima-ng-sha1-invalidated.bin \
test/data/fapi/eventlog/sml-ima-ng-sha1-invalidated.bin \
test/data/fapi/eventlog/sml-ima-sig-sha256-invalidated.bin \
test/data/fapi/eventlog/sml-ima-sha1-invalidated.bin


src_tss2_fapi_libtss2_fapi_la_LIBADD = $(libtss2_sys) $(libtss2_mu) $(libtss2_esys) \
$(libutil) $(libtss2_tctildr)

src_tss2_fapi_libtss2_fapi_la_SOURCES = $(TSS2_FAPI_SRC)
src_tss2_fapi_libtss2_fapi_la_CFLAGS = $(AM_CFLAGS) -I$(srcdir)/src/tss2-fapi $(CRYPTO_CFLAGS) $(JSONC_CFLAGS) $(CURL_CFLAGS)
src_tss2_fapi_libtss2_fapi_la_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LIBS) $(JSONC_LIBS) $(CURL_LIBS)
src_tss2_fapi_libtss2_fapi_la_LDFLAGS = $(AM_LDFLAGS) $(CRYPTO_LIBS) $(JSONC_LIBS) $(CURL_LIBS) $(UUID_LIBS)
if HAVE_LD_VERSION_SCRIPT
src_tss2_fapi_libtss2_fapi_la_LDFLAGS += -Wl,--version-script=$(srcdir)/lib/tss2-fapi.map
endif # HAVE_LD_VERSION_SCRIPT
Expand Down
13 changes: 13 additions & 0 deletions configure.ac
View file
Original file line number Diff line number Diff line change
Expand Up @@ -115,6 +115,16 @@ AC_ARG_ENABLE([fapi],

AM_CONDITIONAL(FAPI, test "x$enable_fapi" = "xyes")

AC_ARG_ENABLE([fapi-eventlog-preview],
[AS_HELP_STRING([--enable-fapi-eventlog-preview],
[Enable IMA and firmware eventlog processing. (PREVIEW VERSION!)])],,
[enable_fapi_eventlog_preview=yes])
AM_CONDITIONAL([FAPI_EVENTLOG_PREVIEW], [test "x$enable_fapi_eventlog_preview" != xno])
AS_IF([test "x$enable_fapi_eventlog_preview" != xno],
AC_DEFINE(FAPI_EVENTLOG_PREVIEW, 1, [FAPI IMA and firmware event logging]))
AS_IF([test "x$enable_fapi_eventlog_preview" != "xno"],
AC_MSG_WARN("FAPI compiled with IMA and firmware event logging. PREVIEW VERSION!"))

AC_ARG_ENABLE([fapi-async-tests],
AS_HELP_STRING([--enable-fapi-async-tests],
[Force fapi to spin asynchronously. (NOT FOR PRODUCTION!)]),,
Expand Down Expand Up @@ -166,6 +176,9 @@ AS_IF([test "x$enable_fapi" = xyes ],
AS_IF([test "x$enable_fapi" = xyes ],
[PKG_CHECK_MODULES([CURL], [libcurl])])

AS_IF([test "x$enable_fapi" = xyes ],
[PKG_CHECK_MODULES([UUID], [uuid])])

AC_ARG_WITH([tctidefaultmodule],
[AS_HELP_STRING([--with-tctidefaultmodule],
[The default TCTI module for ESYS. (Default: libtss2-tcti-default.so)])],
Expand Down
2 changes: 1 addition & 1 deletion lib/tss2-fapi.pc.in
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,6 @@ Name: tss2-fapi
Description: TPM2 Feature API library.
URL: https://github.com/tpm2-software/tpm2-tss
Version: @VERSION@
Requires.private: tss2-mu tss2-esys tss2-tctildr libcurl libcrypto json-c
Requires.private: tss2-mu tss2-esys tss2-tctildr libcurl libcrypto json-c uuid
Cflags: -I${includedir} -I${includedir}/tss2
Libs: -ltss2-fapi -L${libdir}
2 changes: 2 additions & 0 deletions src/tss2-fapi/api/Fapi_Finalize.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,6 +81,8 @@ Fapi_Finalize(
SAFE_FREE((*context)->config.log_dir);
SAFE_FREE((*context)->config.ek_cert_file);
SAFE_FREE((*context)->config.intel_cert_service);
SAFE_FREE((*context)->config.firmware_log_file);
SAFE_FREE((*context)->config.ima_log_file);

/* Finalize the eventlog module. */
SAFE_FREE((*context)->eventlog.log_dir);
Expand Down
5 changes: 4 additions & 1 deletion src/tss2-fapi/api/Fapi_Initialize.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -198,7 +198,10 @@ Fapi_Initialize_Finish(
goto_if_error(r, "Could not finish initialization", cleanup_return);

/* Initialize the event log module. */
r = ifapi_eventlog_initialize(&((*context)->eventlog), (*context)->config.log_dir);
r = ifapi_eventlog_initialize(&((*context)->eventlog),
(*context)->config.log_dir,
(*context)->config.firmware_log_file,
(*context)->config.ima_log_file);
goto_if_error(r, "Initializing eventlog module", cleanup_return);

/* Initialize the keystore. */
Expand Down
Loading

0 comments on commit 7cb07d8

Please sign in to comment.