From patchwork Mon Oct 24 04:48:03 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masahisa Kojima X-Patchwork-Id: 617836 Delivered-To: patch@linaro.org Received: by 2002:a17:522:c983:b0:460:3032:e3c4 with SMTP id kr3csp2483348pvb; Sun, 23 Oct 2022 21:48:54 -0700 (PDT) X-Google-Smtp-Source: AMsMyM4Y+ZxjOe1V+EOdnl0Mv027rxSU3KImaGbJpJby1K9qJSPj5jUtVYN1BCZjVtWpVy0yh1Wn X-Received: by 2002:a17:906:8473:b0:77b:efa8:50e4 with SMTP id hx19-20020a170906847300b0077befa850e4mr25530442ejc.250.1666586933999; Sun, 23 Oct 2022 21:48:53 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1666586933; cv=none; d=google.com; s=arc-20160816; b=hbaZuYLjobNLuuf6tz3hgI2W/fGYj8IJ9DI/RkqFPA6FpgzggoFTWE2vbG2cRzaKYN AAPhvXplx7KYL8pdrD8Jp9V19Nc5UMQQ1fYV6vr4D8GDgZIt4/5kEQEl87N3LdtX9B6a xioQDeCuqRmkyAQNGBdJpjNwXDj9jaq8T1zmaIf69D2YXSdl/ef9j3xfoDQqtxtVBaGg bk9d6OpwBVEL0qTBYMOnHHUd7B8Wvh6/OZjXdXfLv+682MmhI0x1qJ0QIMKvNX7aSUAf AIYPESIfIusxbT4ce4b2GJO7zArJzFs/+ARWYUjKhrt4E4n/E8VQbp3+nA6se+THM5ok A9pQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:references:in-reply-to :message-id:date:subject:cc:to:from:dkim-signature; bh=CRPt9IN85H648RSFMEnZhx++mZqyjCtw5Qf8WTOUQbw=; b=EaQ1OwBSSlZb4ftvZz5uuVQsuLxic8c1z8PD9tCp+35gcioFgAY/qLhYvY8zHrYJ/U 4m0T5ypt/vAPcY/BZc/Raq1bQzihWijuIkDa4pvWnEcEE88LJD1Rvo2Yv1DX1uxgxHdE v8o4ZRL8hqauCVCEKnHmG6wCDG5lKpyuYoN4m6h2K6s+MhMFrzM7hEOuP/ITgm+8YrRP 8TaK2QwRqo7LGY4BCP4gjL5Gc3GsHXFLLIC+Yn//vnO+as5wxAaheHGMVNXohy8fUmEB 9zdsEBhWmfHCBZV40jo/5Uu6/fhC6dUCuawN6DW/XpD1226k4wbCQBAhUS2883FKqVjF vwRg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=k1QoWcv1; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id dz16-20020a0564021d5000b00461c74a07c8si2003628edb.343.2022.10.23.21.48.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Oct 2022 21:48:53 -0700 (PDT) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=k1QoWcv1; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id B590B84F49; Mon, 24 Oct 2022 06:48:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="k1QoWcv1"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 0D08F84F61; Mon, 24 Oct 2022 06:48:04 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pg1-x535.google.com (mail-pg1-x535.google.com [IPv6:2607:f8b0:4864:20::535]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 49C7C84F48 for ; Mon, 24 Oct 2022 06:47:54 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=masahisa.kojima@linaro.org Received: by mail-pg1-x535.google.com with SMTP id h185so7757878pgc.10 for ; Sun, 23 Oct 2022 21:47:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=references:in-reply-to:message-id:date:subject:cc:to:from:from:to :cc:subject:date:message-id:reply-to; bh=CRPt9IN85H648RSFMEnZhx++mZqyjCtw5Qf8WTOUQbw=; b=k1QoWcv1jktL87x0CFHxuNatWwAIaJ9k9qUtxjzCJR4vKE/lvDjpnR0TygFZpKCSgi St08QIFzWRDN6WvFRazohioai5am3AGtcGPbKOPUXRAKwF/hFhKbilxt3IzVp/zimvgZ R1uXdZi9/DCReSwiklLBktEHDRPecoAKko7V3RKw+LL2gGTIv8/gZN/XYdhO58pgTRva OFLhodGCucctC8iejcGg1wOBGyaECHsAciTftH2WFioDiKWJL9IPP5wqaCUKOzjfuLar LBYf+KVRK7sz66gZkTO0/mr+/iwveW/q7hNiDfIjK6w/dqtx1jmG5403uKK4wUT8OsmZ 1niw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=references:in-reply-to:message-id:date:subject:cc:to:from :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=CRPt9IN85H648RSFMEnZhx++mZqyjCtw5Qf8WTOUQbw=; b=pc9pmOGJmvLP1XJtCwdTaNOafSWGGVS/I8QFVYC7GY5XYdY23whuO8QUrQaQGmnzmh p1eF64tJ3G6GS31ut/xeD7kfwuHWx1h8w2UpgVfhBJcL2fp2R5GATLwwaoX09YZJdv+5 cEzba8br8jUB0iPc6HXLVuPVjf65iOQkCxLsXfgLQBoPsdWIx6OsieVdXLb6bgkNjixB 9iUGWgNRdzPRUZQyKn0C3z6Zc4REDvCorbwpJDRSc0hcxx95Ur4k27vYMl+n+3rMEj+C qJbDJTTM+Hxon9h5TECsAWsWjmMQ6VJOOQkXI2YrTT87HXs3Jc69Mp/Go+ZFFyW2CX1d YywA== X-Gm-Message-State: ACrzQf27t4NyXEVkQoRn55gHlrq9fD48r2GM8Rwhs5LepxDAZQ9tAc7o GHzp/dVj7tdxsBsEeNFWONaqkiyy1+pbvg== X-Received: by 2002:aa7:9298:0:b0:56b:b6dc:988a with SMTP id j24-20020aa79298000000b0056bb6dc988amr5554574pfa.5.1666586872152; Sun, 23 Oct 2022 21:47:52 -0700 (PDT) Received: from localhost.localdomain ([240d:1a:cf7:5800:82fa:5bff:fe4b:26b1]) by smtp.gmail.com with ESMTPSA id i72-20020a62874b000000b0056b932f3280sm3213979pfe.103.2022.10.23.21.47.50 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 23 Oct 2022 21:47:51 -0700 (PDT) From: Masahisa Kojima To: u-boot@lists.denx.de Cc: Heinrich Schuchardt , Ilias Apalodimas , Simon Glass , Takahiro Akashi , Masahisa Kojima Subject: [PATCH v4 6/7] eficonfig: add "Show/Delete Signature Database" menu entry Date: Mon, 24 Oct 2022 13:48:03 +0900 Message-Id: <20221024044804.3351-7-masahisa.kojima@linaro.org> X-Mailer: git-send-email 2.17.1 In-Reply-To: <20221024044804.3351-1-masahisa.kojima@linaro.org> References: <20221024044804.3351-1-masahisa.kojima@linaro.org> X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean This commit adds the menu-driven interface to show and delete the signature database. EFI Signature Lists can contain the multiple signature entries, this menu can delete the indivisual entry. If the PK is enrolled and UEFI Secure Boot is in User Mode or Deployed Mode, user can not delete the existing signature lists since the signature lists must be signed by KEK or PK but signing information is not stored in the signature database. To delete PK, user needs to enroll the new key with an empty value and this new key must be signed with the old PK. Signed-off-by: Masahisa Kojima --- No change since v2 Changes in v2: - integrate show and delete signature database menu - add confirmation message before delete - add function comment cmd/eficonfig_sbkey.c | 394 ++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 394 insertions(+) diff --git a/cmd/eficonfig_sbkey.c b/cmd/eficonfig_sbkey.c index 32a39eb7ba..44307ec12b 100644 --- a/cmd/eficonfig_sbkey.c +++ b/cmd/eficonfig_sbkey.c @@ -17,6 +17,14 @@ #include #include +struct eficonfig_sig_data { + struct efi_signature_list *esl; + struct efi_signature_data *esd; + struct list_head list; + struct eficonfig_sig_data **selected; + u16 *varname; +}; + enum efi_sbkey_signature_type { SIG_TYPE_X509 = 0, SIG_TYPE_HASH, @@ -46,6 +54,32 @@ static const struct eficonfig_sigtype_to_str sigtype_to_str[] = { /* {EFI_CERT_SHA512_GUID, "SHA512", SIG_TYPE_HASH}, */ }; +/** + * eficonfig_console_wait_enter() - wait ENTER key press + * + * Return: 1 if ENTER key is pressed, 0 if user selects to quit + */ +static int eficonfig_console_wait_enter(void) +{ + int esc = 0; + enum bootmenu_key key = KEY_NONE; + + puts(ANSI_CURSOR_HIDE); + + while (1) { + bootmenu_loop(NULL, &key, &esc); + + switch (key) { + case KEY_SELECT: + return 1; + case KEY_QUIT: + return 0; + default: + break; + } + } +} + /** * is_secureboot_enabled() - check UEFI Secure Boot is enabled * @@ -270,8 +304,368 @@ out: return ret; } +/** + * delete_selected_signature_data() - delete the signature data from signature list + * + * @db: pointer to the signature database + * @db_size: pointer to the signature database size + * @target: pointer to the signature data to be deleted + * Return: status code + */ +static void delete_selected_signature_data(void *db, efi_uintn_t *db_size, + struct eficonfig_sig_data *target) +{ + u32 remain; + u8 *dest, *start, *end; + efi_uintn_t total_size, esd_size, size; + struct efi_signature_list *esl; + struct efi_signature_data *esd; + + esl = db; + total_size = *db_size; + size = *db_size; + end = (u8 *)db + *db_size; + while (total_size > 0) { + esd = (struct efi_signature_data *)((u8 *)esl + + sizeof(struct efi_signature_list) + esl->signature_header_size); + esd_size = esl->signature_list_size - sizeof(struct efi_signature_list) - + esl->signature_header_size; + for (; esd_size > 0; esd_size -= esl->signature_size) { + if (esl == target->esl && esd == target->esd) { + remain = esl->signature_list_size - + (sizeof(struct efi_signature_list) - + esl->signature_header_size) - + esl->signature_size; + if (remain > 0) { + /* only delete the single signature data */ + esl->signature_list_size -= esl->signature_size; + size -= esl->signature_size; + dest = (u8 *)esd; + start = (u8 *)esd + esl->signature_size; + } else { + /* delete entire signature list */ + dest = (u8 *)esl; + start = (u8 *)esl + esl->signature_list_size; + size -= esl->signature_list_size; + } + memmove(dest, start, (end - start)); + goto out; + } + esd = (struct efi_signature_data *)((u8 *)esd + esl->signature_size); + } + total_size -= esl->signature_list_size; + esl = (struct efi_signature_list *)((u8 *)esl + esl->signature_list_size); + } +out: + *db_size = size; +} + +/** + * display_sigdata_info() - display signature data information + * + * @sg: pointer to the internal signature data structure + * Return: status code + */ +static void display_sigdata_info(struct eficonfig_sig_data *sg) +{ + u32 i; + + puts(ANSI_CURSOR_HIDE); + puts(ANSI_CLEAR_CONSOLE); + printf(ANSI_CURSOR_POSITION, 1, 1); + + *sg->selected = sg; + printf("\n ** Show/Delete Signature Database (%ls) **\n\n" + " Owner GUID:\n" + " %pUL\n", + sg->varname, sg->esd->signature_owner.b); + + for (i = 0; i < ARRAY_SIZE(sigtype_to_str); i++) { + if (!guidcmp(&sg->esl->signature_type, &sigtype_to_str[i].sig_type)) { + printf(" Signature Type:\n" + " %s\n", sigtype_to_str[i].str); + + switch (sigtype_to_str[i].type) { + case SIG_TYPE_X509: + { + struct x509_certificate *cert_tmp; + + cert_tmp = x509_cert_parse(sg->esd->signature_data, + sg->esl->signature_size); + printf(" Subject:\n" + " %s\n" + " Issuer:\n" + " %s\n", + cert_tmp->subject, cert_tmp->issuer); + break; + } + case SIG_TYPE_CRL: + { + u32 hash_size = sg->esl->signature_size - sizeof(efi_guid_t) - + sizeof(struct efi_time); + struct efi_time *time = + (struct efi_time *)((u8 *)sg->esd->signature_data + + hash_size); + + printf(" ToBeSignedHash:\n"); + print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1, + sg->esd->signature_data, hash_size, false); + printf(" TimeOfRevocation:\n" + " %d-%d-%d %02d:%02d:%02d\n", + time->year, time->month, time->day, + time->hour, time->minute, time->second); + break; + } + case SIG_TYPE_HASH: + { + u32 hash_size = sg->esl->signature_size - sizeof(efi_guid_t); + + printf(" Hash:\n"); + print_hex_dump(" ", DUMP_PREFIX_NONE, 16, 1, + sg->esd->signature_data, hash_size, false); + break; + } + default: + eficonfig_print_msg("ERROR! Unsupported format."); + break; + } + } + } +} + +/** + * eficonfig_process_sigdata_delete() - delete signature data + * + * @data: pointer to the data for each entry + * Return: status code + */ +static efi_status_t eficonfig_process_sigdata_delete(void *data) +{ + int delete; + efi_status_t ret; + efi_uintn_t size; + u8 setup_mode = 0; + u8 audit_mode = 0; + + struct eficonfig_sig_data *sg = data; + + display_sigdata_info(sg); + + if (!u16_strcmp(sg->varname, u"PK")) { + while (tstc()) + getchar(); + + printf("\n\n Can not delete PK, Press any key to continue"); + getchar(); + return EFI_NOT_READY; + } + + printf("\n\n Press ENTER to delete, ESC/CTRL+C to quit"); + delete = eficonfig_console_wait_enter(); + if (!delete) + return EFI_NOT_READY; + + size = sizeof(setup_mode); + ret = efi_get_variable_int(u"SetupMode", &efi_global_variable_guid, + NULL, &size, &setup_mode, NULL); + size = sizeof(audit_mode); + ret = efi_get_variable_int(u"AuditMode", &efi_global_variable_guid, + NULL, &size, &audit_mode, NULL); + + if (!setup_mode && !audit_mode) { + eficonfig_print_msg("Not in the SetupMode or AuditMode, can not delete."); + return EFI_NOT_READY; + } + + return EFI_SUCCESS; +} + +/** + * prepare_signature_db_list() - create the signature data menu entry + * + * @efimenu: pointer to the efimenu structure + * @varname: pointer to the variable name + * @db: pointer to the variable raw data + * @db_size: variable data size + * @func: callback of each entry + * @selected: pointer to selected signature data + * Return: status code + */ +static efi_status_t prepare_signature_db_list(struct efimenu *efi_menu, void *varname, + void *db, efi_uintn_t db_size, + eficonfig_entry_func func, + struct eficonfig_sig_data **selected) +{ + u32 num = 0; + efi_uintn_t size; + struct eficonfig_sig_data *sg; + struct efi_signature_list *esl; + struct efi_signature_data *esd; + efi_status_t ret = EFI_SUCCESS; + + INIT_LIST_HEAD(&efi_menu->list); + + esl = db; + size = db_size; + while (size > 0) { + u32 remain; + + esd = (struct efi_signature_data *)((u8 *)esl + + (sizeof(struct efi_signature_list) + + esl->signature_header_size)); + remain = esl->signature_list_size - sizeof(struct efi_signature_list) - + esl->signature_header_size; + for (; remain > 0; remain -= esl->signature_size) { + char buf[40]; + char *title; + + if (num >= EFICONFIG_ENTRY_NUM_MAX - 1) { + ret = EFI_OUT_OF_RESOURCES; + goto out; + } + + sg = calloc(1, sizeof(struct eficonfig_sig_data)); + if (!sg) { + ret = EFI_OUT_OF_RESOURCES; + goto err; + } + + snprintf(buf, sizeof(buf), "%pUL", &esd->signature_owner); + title = calloc(1, (strlen(buf) + 1)); + if (!title) { + free(sg); + ret = EFI_OUT_OF_RESOURCES; + goto err; + } + strlcpy(title, buf, strlen(buf) + 1); + + sg->esl = esl; + sg->esd = esd; + sg->selected = selected; + sg->varname = varname; + ret = eficonfig_append_menu_entry(efi_menu, title, func, sg); + if (ret != EFI_SUCCESS) { + free(sg); + free(title); + goto err; + } + esd = (struct efi_signature_data *)((u8 *)esd + esl->signature_size); + num++; + } + + size -= esl->signature_list_size; + esl = (struct efi_signature_list *)((u8 *)esl + esl->signature_list_size); + } +out: + ret = eficonfig_append_quit_entry(efi_menu); +err: + return ret; +} + +/** + * process_show_signature_db() - display the signature data list + * + * @data: pointer to the data for each entry + * Return: status code + */ +static efi_status_t process_show_signature_db(void *varname) +{ + char buf[50]; + efi_status_t ret; + efi_uintn_t db_size; + void *db, *new_db = NULL; + struct efimenu *efi_menu; + struct list_head *pos, *n; + struct eficonfig_entry *entry; + struct eficonfig_sig_data *selected; + + db = efi_get_var(varname, efi_auth_var_get_guid(varname), &db_size); + if (!db) { + eficonfig_print_msg("There is no entry in the signature database."); + return EFI_NOT_FOUND; + } + + efi_menu = calloc(1, sizeof(struct efimenu)); + if (!efi_menu) { + free(db); + return EFI_OUT_OF_RESOURCES; + } + + ret = prepare_signature_db_list(efi_menu, varname, db, db_size, + eficonfig_process_sigdata_delete, &selected); + if (ret != EFI_SUCCESS) + goto out; + + snprintf(buf, sizeof(buf), " ** Show/Delete Signature Database (%ls) **", + (u16 *)varname); + ret = eficonfig_process_common(efi_menu, buf); + if (ret == EFI_SUCCESS) { + u32 attr; + int delete; + + printf(ANSI_CURSOR_HIDE + "\n\n Are you sure you want to delete this item?\n\n" + " Press ENTER to delete, ESC/CTRL+C to quit"); + delete = eficonfig_console_wait_enter(); + if (!delete) + goto out; + + delete_selected_signature_data(db, &db_size, selected); + + ret = create_time_based_payload(db, &new_db, &db_size); + if (ret != EFI_SUCCESS) { + eficonfig_print_msg("ERROR! Failed to create payload with timestamp."); + goto out; + } + + attr = EFI_VARIABLE_NON_VOLATILE | + EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_RUNTIME_ACCESS | + EFI_VARIABLE_TIME_BASED_AUTHENTICATED_WRITE_ACCESS; + ret = efi_set_variable_int((u16 *)varname, efi_auth_var_get_guid((u16 *)varname), + attr, db_size, new_db, false); + if (ret != EFI_SUCCESS) { + eficonfig_print_msg("ERROR! Failed to delete signature database"); + goto out; + } + } +out: + list_for_each_safe(pos, n, &efi_menu->list) { + entry = list_entry(pos, struct eficonfig_entry, list); + free(entry->data); + } + eficonfig_destroy(efi_menu); + free(new_db); + free(db); + + return ret; +} + +/** + * eficonfig_process_set_secure_boot_key() - display the key configuration menu + * + * @data: pointer to the data for each entry + * Return: status code + */ +static efi_status_t eficonfig_process_show_signature_db(void *data) +{ + efi_status_t ret; + + while (1) { + ret = process_show_signature_db(data); + if (ret != EFI_SUCCESS && ret != EFI_NOT_READY) + break; + } + + /* to stay the parent menu */ + ret = (ret == EFI_ABORTED) ? EFI_NOT_READY : ret; + + return ret; +} + static struct eficonfig_item key_config_menu_items[] = { {"Enroll New Key", eficonfig_process_enroll_key}, + {"Show/Delete Signature Database", eficonfig_process_show_signature_db}, {"Quit", eficonfig_process_quit}, };