From patchwork Wed Nov 24 15:08:56 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruchika Gupta X-Patchwork-Id: 519350 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp10528585imj; Wed, 24 Nov 2021 07:09:28 -0800 (PST) X-Google-Smtp-Source: ABdhPJxQDFRKwxU5EcwfhEayGfSzR/U/otLCaHQoKQ8S1VrV88wKc62mS/c4MoESYKfwJfFSLWbj X-Received: by 2002:a05:6402:5194:: with SMTP id q20mr26075682edd.250.1637766568061; Wed, 24 Nov 2021 07:09:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637766568; cv=none; d=google.com; s=arc-20160816; b=xYGxN5ETwfY0v6AGqNc5csJZ3adz1jFi1L/M+PlVpSQWvOWJWELUWra4GZYdBfT7Rd n2j/D7g9Vg/pBvv5HIRQxFMLNyGprGxhYjycNp5qUApfUQwLB9tjZ4BBwr4KrI0EjUcW aSWYNRSUoDeZxUO1LmkmknaCGG6QNur3oZUdQ8aPwETcA6tFcWEJKJyo0JyPsU9kwdt2 yFSdbulfVvlY530ltTUwiY0JNJwF+0uL8yVfZqcPPWyD/vsoAHh+MVCi1mX/TeX/bQUf uWMATbw+t3j6yf7lNdcDTy0aogOc1N73PcN7CTHO8NSNVo6pGBFeqJCtJ+iRc8Tt6H7I 2S9w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:message-id:date:subject:cc:to:from:dkim-signature; bh=lffyGzhS3w2kQLIN0ufWC1cF6MmHv0GNbKe/cM1y11Q=; b=yaG44sZl1j4QfHpwjQc07HQR7+R/bXdC1AMVBw1We53wEl6yUKqrTmQtpMAX2Qb58R /CAycWYQXwjtexvJU1CBxbK7n/cTL0odYNwTvadUC9zYRXCLuu6Egf+/Z425T+X4vQma mm1do1LbNSxk7wuO1Hr5hiS1RyIUbpsQe4ipZewR5nep+PyyTY/jErrkmt48D6C24vnI fuOr1G0jp2HSb9AQcqAMYyFZc22sMJVU/RIYOI1xhUqh7QLVtiWNdPdiuG6BessrSE2f B1MouhfTAqOPTouL582QM4iraNTwezv8h39/UolDaV7WFpw0ZYCxy6pgjEbjJDy4IaaA 0L+A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SbVH4FPF; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id gk1si231117ejc.48.2021.11.24.07.09.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:28 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=SbVH4FPF; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 3B7D38365E; Wed, 24 Nov 2021 16:09:23 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="SbVH4FPF"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 2AC9281DB4; Wed, 24 Nov 2021 16:09:21 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pj1-x1033.google.com (mail-pj1-x1033.google.com [IPv6:2607:f8b0:4864:20::1033]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 9CA4780FAE for ; Wed, 24 Nov 2021 16:09:08 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ruchika.gupta@linaro.org Received: by mail-pj1-x1033.google.com with SMTP id v23so2775419pjr.5 for ; Wed, 24 Nov 2021 07:09:08 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=lffyGzhS3w2kQLIN0ufWC1cF6MmHv0GNbKe/cM1y11Q=; b=SbVH4FPFqt39wIgmHs+ed/n3RqCsC5RxYpdk/4R4TsUyo62mTzfENU8M3+ouFYQRzS NRUSJgwWZIcGZ6dbz6c5mujkhVtM5IZToFGmMhrZZPdYK0Et17j0BG+YBjTKoCZ9HeEu I43cnIzIeadqoRVI5FJ/EtdU8lhtpOJAL1GtcMKVNfYXEv9SsslQyh1r9+L0UEIJRO1+ cAVHTQfYLa/jO8EfmQSkJ0STHlYDiW4TKNfou4zUt5u9m31vdsjGmJ81SfrwvU32cdWP xii6Bx+/2A8YNoaOOILABKm6nsWQW5XJXKhDtA//BP614mpRftIIHVSvGdEVPFB9airr 8eIA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=lffyGzhS3w2kQLIN0ufWC1cF6MmHv0GNbKe/cM1y11Q=; b=4JozgO2iBXgH7la2eu3Lw10h0qSwyyMAC14+5E+WNT4EM24H5i3hU53ALLfnP5/a+W +akG3cHu3SXVhDli1tMF+dwpnPyLKk4rz2RGpxysoa1JJSw9myDTBRed/3Bgifztd2Hk 8c9E8N4vmEQs7hRsqilHIAHxD9eySQeoCa8MfAWVY/xBGN7qAVnGg2YQzEGrRKMoUEiU IextG2XInLauHwrIkxSoLX3TRJaKVFjxjwXszinzkwfF036+I64h2y0gcYrMeLM9wyTB UhPuR/tczc8+Y3uolCx+SnWnCUXCpvhjW+pCyHBlwENTTjZVydvRC9NGh+1x06jyjz9b Wgng== X-Gm-Message-State: AOAM533Zc1UAw9KPOBGaKMX4DYhTLqc17OPRyBT42yQfTGo8FOkukHlV 5X6MCCvH0DnxMIRrOrKTU5NFAFBONF9wgg== X-Received: by 2002:a17:902:b716:b0:141:d36c:78fc with SMTP id d22-20020a170902b71600b00141d36c78fcmr19401828pls.59.1637766546047; Wed, 24 Nov 2021 07:09:06 -0800 (PST) Received: from localhost.localdomain ([106.215.91.18]) by smtp.gmail.com with ESMTPSA id t67sm60967pfd.24.2021.11.24.07.09.03 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:05 -0800 (PST) From: Ruchika Gupta To: u-boot@lists.denx.de, ilias.apalodimas@linaro.org, xypron.glpk@gmx.de, agraf@csgraf.de, masahisa.kojima@linaro.org Cc: Ruchika Gupta Subject: [PATCH v5 1/3] efi_loader: Add check for event log passed from firmware Date: Wed, 24 Nov 2021 20:38:56 +0530 Message-Id: <20211124150858.496805-1-ruchika.gupta@linaro.org> X-Mailer: git-send-email 2.25.1 MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.37 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Platforms may have support to measure their initial firmware components and pass the event log to u-boot. The event log address can be passed in property tpm_event_log_addr and tpm_event_log_size of the tpm node. Platforms may choose their own specific mechanism to do so. A weak function is added to check if even log has been passed to u-boot from earlier firmware components. If available, the eventlog is parsed to check for its correctness and further event logs are appended to the passed log. Signed-off-by: Ruchika Gupta Tested-by: Ilias Apalodimas Reviewed-by: Ilias Apalodimas Tested-by: Ilias Apalodimas Reviewed-by: Ilias Apalodimas --- v5: Shift the efi_init_event_log() to a different location in the file. This help fixes compilation issue introduced by calling efi_append_scrtm_version() from it. v4: Add SCRTM version to log only if previous firmware doesn't pass the eventlog v3: Return as soon as you detect error v2: Moved firmware eventlog code parsing to tcg2_get_fw_eventlog() lib/efi_loader/efi_tcg2.c | 438 ++++++++++++++++++++++++++++++++------ 1 file changed, 369 insertions(+), 69 deletions(-) diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index 8c1f22e337..a789c44660 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -324,6 +324,45 @@ __weak efi_status_t platform_get_tpm2_device(struct udevice **dev) return EFI_NOT_FOUND; } +/** + * platform_get_eventlog() - retrieve the eventlog address and size + * + * This function retrieves the eventlog address and size if the underlying + * firmware has done some measurements and passed them. + * + * This function may be overridden based on platform specific method of + * passing the eventlog address and size. + * + * @dev: udevice + * @addr: eventlog address + * @sz: eventlog size + * Return: status code + */ +__weak efi_status_t platform_get_eventlog(struct udevice *dev, u64 *addr, + u32 *sz) +{ + const u64 *basep; + const u32 *sizep; + + basep = dev_read_prop(dev, "tpm_event_log_addr", NULL); + if (!basep) + return EFI_NOT_FOUND; + + *addr = be64_to_cpup((__force __be64 *)basep); + + sizep = dev_read_prop(dev, "tpm_event_log_size", NULL); + if (!sizep) + return EFI_NOT_FOUND; + + *sz = be32_to_cpup((__force __be32 *)sizep); + if (*sz == 0) { + log_debug("event log empty\n"); + return EFI_NOT_FOUND; + } + + return EFI_SUCCESS; +} + /** * tpm2_get_max_command_size() - get the supported max command size * @@ -1181,6 +1220,250 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol = { .get_result_of_set_active_pcr_banks = efi_tcg2_get_result_of_set_active_pcr_banks, }; +/** + * parse_event_log_header() - Parse and verify the event log header fields + * + * @buffer: Pointer to the event header + * @size: Size of the eventlog + * @pos: Position in buffer after event log header + * + * Return: status code + */ +efi_status_t parse_event_log_header(void *buffer, u32 size, u32 *pos) +{ + struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer; + int i = 0; + + if (size < sizeof(*event_header)) + return EFI_COMPROMISED_DATA; + + if (get_unaligned_le32(&event_header->pcr_index) != 0 || + get_unaligned_le32(&event_header->event_type) != EV_NO_ACTION) + return EFI_COMPROMISED_DATA; + + for (i = 0; i < sizeof(event_header->digest); i++) { + if (event_header->digest[i] != 0) + return EFI_COMPROMISED_DATA; + } + + *pos += sizeof(*event_header); + + return EFI_SUCCESS; +} + +/** + * parse_specid_event() - Parse and verify the specID Event in the eventlog + * + * @dev: udevice + * @buffer: Pointer to the start of the eventlog + * @log_size: Size of the eventlog + * @pos: Offset in the evenlog where specID event starts + * + * Return: status code + * @pos Offset in the eventlog where the specID event ends + * @digest_list: list of digests in the event + */ +efi_status_t parse_specid_event(struct udevice *dev, void *buffer, u32 log_size, + u32 *pos, + struct tpml_digest_values *digest_list) +{ + struct tcg_efi_spec_id_event *spec_event; + struct tcg_pcr_event *event_header = (struct tcg_pcr_event *)buffer; + size_t spec_event_size; + u32 active = 0, supported = 0, pcr_count = 0, alg_count = 0; + u32 spec_active = 0; + u16 hash_alg, hash_sz; + u8 vendor_sz; + int err, i; + + /* Check specID event data */ + spec_event = (struct tcg_efi_spec_id_event *)((uintptr_t)buffer + *pos); + /* Check for signature */ + if (memcmp(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03, + sizeof(TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03))) { + log_err("specID Event: Signature mismatch\n"); + return EFI_COMPROMISED_DATA; + } + + if (spec_event->spec_version_minor != + TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 || + spec_event->spec_version_major != + TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2) + return EFI_COMPROMISED_DATA; + + if (spec_event->number_of_algorithms > MAX_HASH_COUNT || + spec_event->number_of_algorithms < 1) { + log_err("specID Event: Number of algorithms incorrect\n"); + return EFI_COMPROMISED_DATA; + } + + alg_count = spec_event->number_of_algorithms; + + err = tpm2_get_pcr_info(dev, &supported, &active, &pcr_count); + if (err) + return EFI_DEVICE_ERROR; + + digest_list->count = 0; + /* + * We may need to worry about the order of algs in this structure as + * subsequent entries in event should be in same order + */ + for (i = 0; i < alg_count; i++) { + hash_alg = + get_unaligned_le16(&spec_event->digest_sizes[i].algorithm_id); + hash_sz = + get_unaligned_le16(&spec_event->digest_sizes[i].digest_size); + + if (!(supported & alg_to_mask(hash_alg))) { + log_err("specID Event: Unsupported algorithm\n"); + return EFI_COMPROMISED_DATA; + } + digest_list->digests[digest_list->count++].hash_alg = hash_alg; + + spec_active |= alg_to_mask(hash_alg); + } + + /* TCG spec expects the event log to have hashes for all active PCR's */ + if (spec_active != active) { + /* + * Previous stage bootloader should know all the active PCR's + * and use them in the Eventlog. + */ + log_err("specID Event: All active hash alg not present\n"); + return EFI_COMPROMISED_DATA; + } + + /* + * the size of the spec event and placement of vendor_info_size + * depends on supported algoriths + */ + spec_event_size = + offsetof(struct tcg_efi_spec_id_event, digest_sizes) + + alg_count * sizeof(spec_event->digest_sizes[0]); + + vendor_sz = *(uint8_t *)((uintptr_t)buffer + *pos + spec_event_size); + + spec_event_size += sizeof(vendor_sz) + vendor_sz; + *pos += spec_event_size; + + if (get_unaligned_le32(&event_header->event_size) != spec_event_size) { + log_err("specID event: header event size mismatch\n"); + /* Right way to handle this can be to call SetActive PCR's */ + return EFI_COMPROMISED_DATA; + } + + return EFI_SUCCESS; +} + +efi_status_t tcg2_parse_event(struct udevice *dev, void *buffer, u32 log_size, + u32 *offset, struct tpml_digest_values *digest_list, + u32 *pcr) +{ + struct tcg_pcr_event2 *event = NULL; + u32 event_type, count, size, event_size; + size_t pos; + + if (*offset > log_size) + return EFI_COMPROMISED_DATA; + + event = (struct tcg_pcr_event2 *)((uintptr_t)buffer + *offset); + + *pcr = get_unaligned_le32(&event->pcr_index); + + event_size = tcg_event_final_size(digest_list); + + if (*offset + event_size > log_size) { + log_err("Event exceeds log size\n"); + return EFI_COMPROMISED_DATA; + } + + event_type = get_unaligned_le32(&event->event_type); + + /* get the count */ + count = get_unaligned_le32(&event->digests.count); + if (count != digest_list->count) + return EFI_COMPROMISED_DATA; + + pos = offsetof(struct tcg_pcr_event2, digests); + pos += offsetof(struct tpml_digest_values, digests); + + for (int i = 0; i < digest_list->count; i++) { + u16 alg; + u16 hash_alg = digest_list->digests[i].hash_alg; + u8 *digest = (u8 *)&digest_list->digests[i].digest; + + alg = get_unaligned_le16((void *)((uintptr_t)event + pos)); + + if (alg != hash_alg) + return EFI_COMPROMISED_DATA; + + pos += offsetof(struct tpmt_ha, digest); + memcpy(digest, (void *)((uintptr_t)event + pos), alg_to_len(hash_alg)); + pos += alg_to_len(hash_alg); + } + + size = get_unaligned_le32((void *)((uintptr_t)event + pos)); + event_size += size; + pos += sizeof(u32); /* tcg_pcr_event2 event_size*/ + pos += size; + + /* make sure the calculated buffer is what we checked against */ + if (pos != event_size) + return EFI_COMPROMISED_DATA; + + if (pos > log_size) + return EFI_COMPROMISED_DATA; + + *offset += pos; + + return EFI_SUCCESS; +} + +efi_status_t tcg2_get_fw_eventlog(struct udevice *dev, void *log_buffer, + size_t *log_sz) +{ + struct tpml_digest_values digest_list; + void *buffer; + efi_status_t ret; + u32 pcr, pos; + u64 base; + u32 sz; + + ret = platform_get_eventlog(dev, &base, &sz); + if (ret != EFI_SUCCESS) + return ret; + + if (sz > TPM2_EVENT_LOG_SIZE) + return EFI_VOLUME_FULL; + + buffer = (void *)base; + pos = 0; + /* Parse the eventlog to check for its validity */ + ret = parse_event_log_header(buffer, sz, &pos); + if (ret || pos > sz) + return EFI_COMPROMISED_DATA; + + ret = parse_specid_event(dev, buffer, sz, &pos, &digest_list); + if (ret || pos > sz) { + log_err("Error parsing SPEC ID Event\n"); + return EFI_COMPROMISED_DATA; + } + + while (pos < sz) { + ret = tcg2_parse_event(dev, buffer, sz, &pos, &digest_list, + &pcr); + if (ret) { + log_err("Error parsing event\n"); + return ret; + } + } + + memcpy(log_buffer, buffer, sz); + *log_sz = sz; + + return ret; +} + /** * create_specid_event() - Create the first event in the eventlog * @@ -1312,69 +1595,6 @@ out: return ret; } -/** - * efi_init_event_log() - initialize an eventlog - */ -static efi_status_t efi_init_event_log(void) -{ - /* - * vendor_info_size is currently set to 0, we need to change the length - * and allocate the flexible array member if this changes - */ - struct tcg_pcr_event *event_header = NULL; - struct udevice *dev; - size_t spec_event_size; - efi_status_t ret; - - ret = platform_get_tpm2_device(&dev); - if (ret != EFI_SUCCESS) - goto out; - - ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, TPM2_EVENT_LOG_SIZE, - (void **)&event_log.buffer); - if (ret != EFI_SUCCESS) - goto out; - - /* - * initialize log area as 0xff so the OS can easily figure out the - * last log entry - */ - memset(event_log.buffer, 0xff, TPM2_EVENT_LOG_SIZE); - event_log.pos = 0; - event_log.last_event_size = 0; - event_log.get_event_called = false; - event_log.ebs_called = false; - event_log.truncated = false; - - /* - * The log header is defined to be in SHA1 event log entry format. - * Setup event header - */ - event_header = (struct tcg_pcr_event *)event_log.buffer; - put_unaligned_le32(0, &event_header->pcr_index); - put_unaligned_le32(EV_NO_ACTION, &event_header->event_type); - memset(&event_header->digest, 0, sizeof(event_header->digest)); - ret = create_specid_event(dev, (void *)((uintptr_t)event_log.buffer + sizeof(*event_header)), - &spec_event_size); - if (ret != EFI_SUCCESS) - goto free_pool; - put_unaligned_le32(spec_event_size, &event_header->event_size); - event_log.pos = spec_event_size + sizeof(*event_header); - event_log.last_event_size = event_log.pos; - - ret = create_final_event(); - if (ret != EFI_SUCCESS) - goto free_pool; - -out: - return ret; - -free_pool: - efi_free_pool(event_log.buffer); - event_log.buffer = NULL; - return ret; -} - /** * tcg2_measure_event() - common function to add event log and extend PCR * @@ -1427,6 +1647,92 @@ static efi_status_t efi_append_scrtm_version(struct udevice *dev) return ret; } +/** + * efi_init_event_log() - initialize an eventlog + */ +static efi_status_t efi_init_event_log(void) +{ + /* + * vendor_info_size is currently set to 0, we need to change the length + * and allocate the flexible array member if this changes + */ + struct tcg_pcr_event *event_header = NULL; + struct udevice *dev; + size_t spec_event_size; + efi_status_t ret; + + ret = platform_get_tpm2_device(&dev); + if (ret != EFI_SUCCESS) + goto out; + + ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, TPM2_EVENT_LOG_SIZE, + (void **)&event_log.buffer); + if (ret != EFI_SUCCESS) + goto out; + + /* + * initialize log area as 0xff so the OS can easily figure out the + * last log entry + */ + memset(event_log.buffer, 0xff, TPM2_EVENT_LOG_SIZE); + + /* + * The log header is defined to be in SHA1 event log entry format. + * Setup event header + */ + event_header = (struct tcg_pcr_event *)event_log.buffer; + event_log.pos = 0; + event_log.last_event_size = 0; + event_log.get_event_called = false; + event_log.ebs_called = false; + event_log.truncated = false; + + /* + * Check if earlier firmware have passed any eventlog. Different + * platforms can use different ways to do so + */ + ret = tcg2_get_fw_eventlog(dev, event_log.buffer, &event_log.pos); + /* + * If earlier firmware hasn't passed any eventlog, go ahead and + * create the eventlog header + */ + if (ret == EFI_NOT_FOUND) { + put_unaligned_le32(0, &event_header->pcr_index); + put_unaligned_le32(EV_NO_ACTION, &event_header->event_type); + memset(&event_header->digest, 0, sizeof(event_header->digest)); + ret = create_specid_event(dev, + (void *)((uintptr_t)event_log.buffer + + sizeof(*event_header)), + &spec_event_size); + if (ret != EFI_SUCCESS) + goto free_pool; + put_unaligned_le32(spec_event_size, &event_header->event_size); + event_log.pos = spec_event_size + sizeof(*event_header); + event_log.last_event_size = event_log.pos; + + /* + * Add SCRTM version to the log if previous firmmware + * doesn't pass an eventlog + */ + ret = efi_append_scrtm_version(dev); + } + + if (ret != EFI_SUCCESS) + goto free_pool; + + ret = create_final_event(); + if (ret != EFI_SUCCESS) + goto free_pool; + +out: + return ret; + +free_pool: + efi_free_pool(event_log.buffer); + event_log.buffer = NULL; + return ret; +} + /** * tcg2_measure_variable() - add variable event log and extend PCR * @@ -1963,12 +2269,6 @@ efi_status_t efi_tcg2_register(void) if (ret != EFI_SUCCESS) goto fail; - ret = efi_append_scrtm_version(dev); - if (ret != EFI_SUCCESS) { - tcg2_uninit(); - goto fail; - } - ret = efi_add_protocol(efi_root, &efi_guid_tcg2_protocol, (void *)&efi_tcg2_protocol); if (ret != EFI_SUCCESS) { From patchwork Wed Nov 24 15:08:57 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruchika Gupta X-Patchwork-Id: 519352 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp10529195imj; Wed, 24 Nov 2021 07:09:50 -0800 (PST) X-Google-Smtp-Source: ABdhPJyImErtmSwy7x27zmhzXWIwcG7+VzR3IJwmvEJOj0g53TzAvBvK7SRac/b/XY4BJ21LU+8y X-Received: by 2002:a17:907:7294:: with SMTP id dt20mr21167582ejc.321.1637766590602; Wed, 24 Nov 2021 07:09:50 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637766590; cv=none; d=google.com; s=arc-20160816; b=ecjUxDM4d8fzmbBxEGlPUecn3IEeCjzoRfB1dYfA4AmCxR7JHXGxDbh655ztkSDGJj DTgEFnB4gwr8mtMKSi8oX8scy9cEnyJusZuWDuI30aUPmX62AxKcppl+fgRwVroQHu1P pYw5owznzWNCtZldYMWAhB8+hITt00swuY0fm3yxASJ9hYJUk6P9U+8eu1WHD/9vaG6c jjgwcd0AON3zuDD4hScuNbXJhocp9a4P6hahjn3IDcFvgQU7w6EPynREHPRqe4aYSsiF x3C4Ps/qrZYDc30f7ijBn1h3QA8UYvr7Ad+L2jdnmQn0bU4abtmao4O8XR3XL4Ysrd3Q koyQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=7hpHJ4VcDsvw8pbnUM8NzFpxQqGHjRB1yoXbjdxNuNE=; b=tOlGucdxnJtYlmVQDYIA4EYt/xrWEMzbFe/BLMHGNsaMWYaUihlwUr0PjsBYAX008u xZVYi9pYEBVIkzODDICvQzb6LYRuav4jtSCDf80VwyZDfCGa9NdiD6KQ+v4qsvA0W7i5 KeDljoeMRh6Ctg5aQEFQ7/YhkMizGFPSqmi3O9j1lHxJoB/6wFdhC38rb9WRMEctYLa/ KAtSpqPLOEnoxsj8M6F6KK5GmtoBK3LVeolkXoS3TBZMmqeWbrYWk6Cems3o1wtKkCq+ GsN6onISPNp8wvJ2Sowe7P81cFHLV5NTM2mD+dElXcXyT25slbH0rgAclsmdrER/iHSE FHvQ== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ECWx3fQy; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [2a01:238:438b:c500:173d:9f52:ddab:ee01]) by mx.google.com with ESMTPS id d2si271321edm.64.2021.11.24.07.09.49 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:50 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) client-ip=2a01:238:438b:c500:173d:9f52:ddab:ee01; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=ECWx3fQy; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 2a01:238:438b:c500:173d:9f52:ddab:ee01 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 4151F82FA8; Wed, 24 Nov 2021 16:09:42 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="ECWx3fQy"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id D4C4C82FC9; Wed, 24 Nov 2021 16:09:25 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pl1-x62f.google.com (mail-pl1-x62f.google.com [IPv6:2607:f8b0:4864:20::62f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 5EAC682FA8 for ; Wed, 24 Nov 2021 16:09:14 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ruchika.gupta@linaro.org Received: by mail-pl1-x62f.google.com with SMTP id y8so2107057plg.1 for ; Wed, 24 Nov 2021 07:09:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=7hpHJ4VcDsvw8pbnUM8NzFpxQqGHjRB1yoXbjdxNuNE=; b=ECWx3fQyCuSVhDwniy0o2AMNKX/Pmif/EO8ao1XoWrczjy9A1I+lj1zYsTmrZmYRcC AYsJxV/lXaf/u4Ljc1LGp3YIYc1lUV8YTFguAJhynJCIeEFaIZfKJjDXCu/6SQrGbS4k 6c/vg9eobjQDSpuo9oJEmTRaI7vIfds+bbGzFeJAmURcRZ1QSvPAc9WagVWHAyWq8ENA Zdk/FF03lQ/f0t4yS9pWL82TOUbQEq/DlrmTz5E38O1xR+gaL9MQwE2u3grx4l8yXZ64 vqAkEsnKAcJ6j5GKgIMejFBlut1w2yAXXgWS455/0oL/JpCkj3u7eceWcE5mM12NtTxe ntZg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=7hpHJ4VcDsvw8pbnUM8NzFpxQqGHjRB1yoXbjdxNuNE=; b=lSxL298U6E5sSTXy1eE8JeaDwh1OMN1TfOg8yTkUVMOleuyJNZwO+/uLwnVHIcZJxF FpnpaPP9g52oTxPTPQYbU3V8EkVbrsivM6JzitcglTlCcNVJYn+h3j83/AKk9Vs7Rptq 0JkYRj+MSew4X4UIsD+ajyYLeAvH8+kWtczb1gxLpOFqEALcB1U9RayaSgYjVAQaz1ul M2LFh7LJ1Q7XsS8l4wBILtD2szL33XJJp4c+gcdETV9uThsAmlMY+ciZubs65XLcc186 +/hmMwDmmS+8Ga8NDM5+Ftdohmzw0Yk+CTIpS8zwgRvTVracmOiWOPxVHWSl20vDp8GO jpkw== X-Gm-Message-State: AOAM531nXkYda1gzr8Hl9sBDd1tJjaIRSxltRypsttwgF1wZuKuIHZp9 DpLooePSTUMybCTjaP1xFQJyxHto3M/oGw== X-Received: by 2002:a17:90a:db02:: with SMTP id g2mr16552399pjv.76.1637766552204; Wed, 24 Nov 2021 07:09:12 -0800 (PST) Received: from localhost.localdomain ([106.215.91.18]) by smtp.gmail.com with ESMTPSA id t67sm60967pfd.24.2021.11.24.07.09.09 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:11 -0800 (PST) From: Ruchika Gupta To: u-boot@lists.denx.de, ilias.apalodimas@linaro.org, xypron.glpk@gmx.de, agraf@csgraf.de, masahisa.kojima@linaro.org Cc: Ruchika Gupta Subject: [PATCH v5 2/3] tpm: use more algorithms than sha256 on pcr_read Date: Wed, 24 Nov 2021 20:38:57 +0530 Message-Id: <20211124150858.496805-2-ruchika.gupta@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211124150858.496805-1-ruchika.gupta@linaro.org> References: <20211124150858.496805-1-ruchika.gupta@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.37 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean The current tpm2_pcr_read is hardcoded using SHA256. Make the actual command to TPM configurable to use wider range of algorithms. The current command line is kept as is i.e limited to SHA-256 only. Signed-off-by: Ruchika Gupta Reviewed-by: Ilias Apalodimas --- v5: No change v4: No change v3: No change v2: Change algorithm from u32 to u16 Add parameter description in function declaration cmd/tpm-v2.c | 3 ++- include/tpm-v2.h | 5 ++++- lib/tpm-v2.c | 12 ++++++++---- 3 files changed, 14 insertions(+), 6 deletions(-) diff --git a/cmd/tpm-v2.c b/cmd/tpm-v2.c index daae91100a..4ea5f9f094 100644 --- a/cmd/tpm-v2.c +++ b/cmd/tpm-v2.c @@ -151,7 +151,8 @@ static int do_tpm_pcr_read(struct cmd_tbl *cmdtp, int flag, int argc, data = map_sysmem(simple_strtoul(argv[2], NULL, 0), 0); - rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, data, &updates); + rc = tpm2_pcr_read(dev, index, priv->pcr_select_min, TPM2_ALG_SHA256, + data, TPM2_DIGEST_LEN, &updates); if (!rc) { printf("PCR #%u content (%u known updates):\n", index, updates); print_byte_string(data, TPM2_DIGEST_LEN); diff --git a/include/tpm-v2.h b/include/tpm-v2.h index ceff7d245e..4e9dd52cb6 100644 --- a/include/tpm-v2.h +++ b/include/tpm-v2.h @@ -512,13 +512,16 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index, const void *data, * @dev TPM device * @idx Index of the PCR * @idx_min_sz Minimum size in bytes of the pcrSelect array + * @algorithm Algorithm used, defined in 'enum tpm2_algorithms' * @data Output buffer for contents of the named PCR + * @digest_len len of the data * @updates Optional out parameter: number of updates for this PCR * * @return code of the operation */ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz, - void *data, unsigned int *updates); + u16 algorithm, void *data, u32 digest_len, + unsigned int *updates); /** * Issue a TPM2_GetCapability command. This implementation is limited diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 2e7b27bd6b..1bf627853a 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -254,7 +254,8 @@ u32 tpm2_nv_write_value(struct udevice *dev, u32 index, const void *data, } u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz, - void *data, unsigned int *updates) + u16 algorithm, void *data, u32 digest_len, + unsigned int *updates) { u8 idx_array_sz = max(idx_min_sz, DIV_ROUND_UP(idx, 8)); u8 command_v2[COMMAND_BUFFER_SIZE] = { @@ -264,7 +265,7 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz, /* TPML_PCR_SELECTION */ tpm_u32(1), /* Number of selections */ - tpm_u16(TPM2_ALG_SHA256), /* Algorithm of the hash */ + tpm_u16(algorithm), /* Algorithm of the hash */ idx_array_sz, /* Array size for selection */ /* bitmap(idx) Selected PCR bitmap */ }; @@ -283,10 +284,13 @@ u32 tpm2_pcr_read(struct udevice *dev, u32 idx, unsigned int idx_min_sz, if (ret) return ret; + if (digest_len > response_len) + return TPM_LIB_ERROR; + if (unpack_byte_string(response, response_len, "ds", 10, &counter, - response_len - TPM2_DIGEST_LEN, data, - TPM2_DIGEST_LEN)) + response_len - digest_len, data, + digest_len)) return TPM_LIB_ERROR; if (updates) From patchwork Wed Nov 24 15:08:58 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ruchika Gupta X-Patchwork-Id: 519351 Delivered-To: patch@linaro.org Received: by 2002:ac0:c605:0:0:0:0:0 with SMTP id p5csp10528924imj; Wed, 24 Nov 2021 07:09:40 -0800 (PST) X-Google-Smtp-Source: ABdhPJwCzsKnT2oZprfqNMZi3/aqaleWCcM+QAFibC7G/yUvZdj2bfTQZn0sgecu1ab8EJNRT4WU X-Received: by 2002:a2e:a7ce:: with SMTP id x14mr16648466ljp.390.1637766579992; Wed, 24 Nov 2021 07:09:39 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1637766579; cv=none; d=google.com; s=arc-20160816; b=q2fluFKnkTZ01bqvyB/tTXxoELSfSlCe/ZgR0EclD9pSOjZov4S8VO9uBCu1S/dKzK Od9fu9Me09qe6hEDKS3DF+tZnwzflBpHpmBiQjvkSUD7Q/QbEhbbeQ0Ps/kEcW4SWmWi xeeYKXBaPL8oP3AFZXvvd3jrATjX7rwDPFxYgvnCobGRPqf5tsEo2Q2QTEc5JB2HLTdS 9cSIG1qDEQdapmPngkM+QMkr6T2ShsL40gpj5rPMyi46xALu5oY54GVk47xmgDf3gFtz Gad/0y/02MGeMp/r6nEPVxvrYuF0vqCR9U04epMJiusueYPZshCL6Yh1w9x7Kf9bTJxa mmxA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:cc:to :from:dkim-signature; bh=ElLgIOIrov5tiWzjZSoI2dd1JuB79umXnzrshK3/jHc=; b=f14qA/MWqleDT4knR6rQD8maB9XLsDMyaiIW7lRTc2FhYItPCcRfDd/PklWZzWdWbA Kec6/LN3HdM+ocmZy7bKGqAT1WxEgdsht91w9FnS7U53wRQBMjTokmXeQOwPrVKCZAht +WMSa/M2dJjUPFmh0+LnsVrjMqTSu6+GSlhftI9ZyIPnHr6DS2GojqnWSNb0HsQPqVwX pFdcIyO2NSv9q7K43D0g0O2gyMmnQH/TqYn83G7FHf9JONRsYDqeCSqOkUpZ2C3wx0zy /4ZBmdxWagrIJVNJiW4hrkU1LlBTJFjL6I/06cZN9r1OoxzxywwTAl3ZcGTsH1P9B4VO muUA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PoPx2iv0; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from phobos.denx.de (phobos.denx.de. [85.214.62.61]) by mx.google.com with ESMTPS id dm6si209282ejc.222.2021.11.24.07.09.39 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:39 -0800 (PST) Received-SPF: pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) client-ip=85.214.62.61; Authentication-Results: mx.google.com; dkim=pass header.i=@linaro.org header.s=google header.b=PoPx2iv0; spf=pass (google.com: domain of u-boot-bounces@lists.denx.de designates 85.214.62.61 as permitted sender) smtp.mailfrom=u-boot-bounces@lists.denx.de; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 5C170830E7; Wed, 24 Nov 2021 16:09:35 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.b="PoPx2iv0"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 4090E83679; Wed, 24 Nov 2021 16:09:25 +0100 (CET) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-pl1-x629.google.com (mail-pl1-x629.google.com [IPv6:2607:f8b0:4864:20::629]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 8B82680F7A for ; Wed, 24 Nov 2021 16:09:18 +0100 (CET) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=linaro.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=ruchika.gupta@linaro.org Received: by mail-pl1-x629.google.com with SMTP id u17so2080932plg.9 for ; Wed, 24 Nov 2021 07:09:18 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=ElLgIOIrov5tiWzjZSoI2dd1JuB79umXnzrshK3/jHc=; b=PoPx2iv0MSD2qrdoquD6Yi20deY9o4Z/lPcgwiju4bv4IQzEziCCmMY+L1gOH79VNt cipKtyQIR4lmTIvAfGA4lD8P/u/z44jSd1CtqihNEdg7Jo6umvnJaU77EgntPZka23yb sJjHi0MMKcdeQuidMqDywJBJDGN5uMaAjjJBr+lrA3bxJQTBaIGGRj7WDcmAg9lsErm0 OLOoni8oDRNLm8EKOisP3jg62BZ5QR9RlOyS03TJp4SkMXupBngFjDy0ZxmxjdqhQ9b6 xx8H+HRnuCptLbEtr/Zhz2zi/CkLAZ+9sDHnYIcXMtTkBZb9CmMdnvYZ9UMRDBAXpRC1 xilQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=ElLgIOIrov5tiWzjZSoI2dd1JuB79umXnzrshK3/jHc=; b=SVnOyiX8FDvIEuBE2WmV6wqJTHYB3trWLtg3EFwLW4mQHlMJJlahkRA43GBRL1cEQw HicDn2gqR0+Ya3OsmYtMI+Fkc5DxYiZeDowARBF+oCst9BKGkHnzZWhISBLNpo8bZp4k 72ojt11ez1o7XYQREVvyrHZAbFFXMYlFJ0GlW92ODtdI7K2rgsvgtnKVT70+qIvx9Awl 1OF1Z56ZDreaFqOX9i678i3sgRB5YsvinSB2UyyRHs/mkgqV3xyYg/YqWMkeR1N1SRx4 8Ob63CisyONycvlUR2OCxuYflKfwXEcbecHIE/vPGEQ3PVnYZG/Ojov9zzrF8UZRFARg tDLA== X-Gm-Message-State: AOAM533rrKvjc5B616VhTFZAslskRmHjUHzXM6z3DhjseVeJlQTEJOuI GyAA8Fn40YiyB2YP5J3J+D6jISDmti1Kyg== X-Received: by 2002:a17:902:b615:b0:143:bbf0:aad0 with SMTP id b21-20020a170902b61500b00143bbf0aad0mr19463511pls.12.1637766556642; Wed, 24 Nov 2021 07:09:16 -0800 (PST) Received: from localhost.localdomain ([106.215.91.18]) by smtp.gmail.com with ESMTPSA id t67sm60967pfd.24.2021.11.24.07.09.14 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 24 Nov 2021 07:09:16 -0800 (PST) From: Ruchika Gupta To: u-boot@lists.denx.de, ilias.apalodimas@linaro.org, xypron.glpk@gmx.de, agraf@csgraf.de, masahisa.kojima@linaro.org Cc: Ruchika Gupta Subject: [PATCH v5 3/3] efi_loader: Extend PCR's for firmware measurements Date: Wed, 24 Nov 2021 20:38:58 +0530 Message-Id: <20211124150858.496805-3-ruchika.gupta@linaro.org> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20211124150858.496805-1-ruchika.gupta@linaro.org> References: <20211124150858.496805-1-ruchika.gupta@linaro.org> MIME-Version: 1.0 X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.37 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.2 at phobos.denx.de X-Virus-Status: Clean Firmwares before U-Boot may be capable of doing tpm measurements and passing them to U-Boot in the form of eventlog. However there may be scenarios where the firmwares don't have TPM driver and are not capable of extending the measurements in the PCRs. Based on TCG spec, if previous firnware has extended PCR's, PCR0 would not be 0. So, read the PCR0 to determine if the PCR's need to be extended as eventlog is parsed or not. Signed-off-by: Ruchika Gupta Reviewed-by: Ilias Apalodimas Tested-by: Ilias Apalodimas --- v5 : No change v4 : No change v3 : Rebase changes on top of changes made in first patch of series v2 : Removed check for PCR0 in eventlog lib/efi_loader/efi_tcg2.c | 75 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 75 insertions(+) diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c index a789c44660..b44eed0ec9 100644 --- a/lib/efi_loader/efi_tcg2.c +++ b/lib/efi_loader/efi_tcg2.c @@ -199,6 +199,43 @@ static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index, return EFI_SUCCESS; } +/* tcg2_pcr_read - Read PCRs for a TPM2 device for a given tpml_digest_values + * + * @dev: device + * @digest_list: list of digest algorithms to extend + * + * @Return: status code + */ +static efi_status_t tcg2_pcr_read(struct udevice *dev, u32 pcr_index, + struct tpml_digest_values *digest_list) +{ + struct tpm_chip_priv *priv; + unsigned int updates, pcr_select_min; + u32 rc; + size_t i; + + priv = dev_get_uclass_priv(dev); + if (!priv) + return EFI_DEVICE_ERROR; + + pcr_select_min = priv->pcr_select_min; + + for (i = 0; i < digest_list->count; i++) { + u16 hash_alg = digest_list->digests[i].hash_alg; + u8 *digest = (u8 *)&digest_list->digests[i].digest; + + rc = tpm2_pcr_read(dev, pcr_index, pcr_select_min, + hash_alg, digest, alg_to_len(hash_alg), + &updates); + if (rc) { + EFI_PRINT("Failed to read PCR\n"); + return EFI_DEVICE_ERROR; + } + } + + return EFI_SUCCESS; +} + /* put_event - Append an agile event to an eventlog * * @pcr_index: PCR index @@ -1428,6 +1465,8 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev, void *log_buffer, u32 pcr, pos; u64 base; u32 sz; + bool extend_pcr = false; + int i; ret = platform_get_eventlog(dev, &base, &sz); if (ret != EFI_SUCCESS) @@ -1449,6 +1488,26 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev, void *log_buffer, return EFI_COMPROMISED_DATA; } + ret = tcg2_pcr_read(dev, 0, &digest_list); + if (ret) { + log_err("Error reading PCR 0\n"); + return ret; + } + + /* + * If PCR0 is 0, previous firmware didn't have the capability + * to extend the PCR. In this scenario, extend the PCR as + * the eventlog is parsed. + */ + for (i = 0; i < digest_list.count; i++) { + u8 buffer[TPM2_DIGEST_LEN] = { 0 }; + u16 hash_alg = digest_list.digests[i].hash_alg; + + if (!memcmp((u8 *)&digest_list.digests[i].digest, buffer, + alg_to_len(hash_alg))) + extend_pcr = true; + } + while (pos < sz) { ret = tcg2_parse_event(dev, buffer, sz, &pos, &digest_list, &pcr); @@ -1456,6 +1515,22 @@ efi_status_t tcg2_get_fw_eventlog(struct udevice *dev, void *log_buffer, log_err("Error parsing event\n"); return ret; } + if (extend_pcr) { + ret = tcg2_pcr_extend(dev, pcr, &digest_list); + if (ret != EFI_SUCCESS) { + log_err("Error in extending PCR\n"); + return ret; + } + + /* Clear the digest for next event */ + for (i = 0; i < digest_list.count; i++) { + u16 hash_alg = digest_list.digests[i].hash_alg; + u8 *digest = + (u8 *)&digest_list.digests[i].digest; + + memset(digest, 0, alg_to_len(hash_alg)); + } + } } memcpy(log_buffer, buffer, sz);