[PATCH 2/3 v2] efi_loader: Introduce eventlog support for TCG2_PROTOCOL
Heinrich Schuchardt
xypron.glpk at gmx.de
Wed Dec 2 16:29:22 CET 2020
On 11/30/20 10:47 AM, Ilias Apalodimas wrote:
> In the previous patches we only introduced a minimal subset of the
> EFI_TCG2_PROTOCOL protocol implementing GetCapability().
> So let's continue adding features to it, introducing the
> GetEventLog() and HashLogExtendEvent() functions.
>
> In order to do that we first need to construct the eventlog in memory,
> specifically in EFI_BOOT_SERVICES_DATA memory and a configuration table
> from EFI_ACPI_MEMORY_NVS.
> U-Boot won't currently add any events to the log or measure any
> components, but will expose the necessary EFI APIs for applications
> to do so.
>
> Signed-off-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
> ---
> include/efi_api.h | 4 +
> include/efi_tcg2.h | 71 ++++-
> lib/efi_loader/Kconfig | 9 +
> lib/efi_loader/efi_setup.c | 12 +-
> lib/efi_loader/efi_tcg2.c | 553 +++++++++++++++++++++++++++++++++++--
> 5 files changed, 625 insertions(+), 24 deletions(-)
>
> diff --git a/include/efi_api.h b/include/efi_api.h
> index 5744f6aed86d..364c578a3b1b 100644
> --- a/include/efi_api.h
> +++ b/include/efi_api.h
> @@ -356,6 +356,10 @@ struct efi_runtime_services {
> EFI_GUID(0x4006c0c1, 0xfcb3, 0x403e, \
> 0x99, 0x6d, 0x4a, 0x6c, 0x87, 0x24, 0xe0, 0x6d)
>
> +#define EFI_TCG2_FINAL_EVENTS_TABLE_GUID \
> + EFI_GUID(0x1e2ed096, 0x30e2, 0x4254, 0xbd, \
> + 0x89, 0x86, 0x3b, 0xbe, 0xf8, 0x23, 0x25)
> +
> struct efi_configuration_table {
> efi_guid_t guid;
> void *table;
> diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> index 86b8fe4c01af..40e241ce315c 100644
> --- a/include/efi_tcg2.h
> +++ b/include/efi_tcg2.h
> @@ -17,6 +17,8 @@
>
> /* TPMV2 only */
> #define TCG2_EVENT_LOG_FORMAT_TCG_2 0x00000002
> +#define EFI_TCG2_EXTEND_ONLY 0x0000000000000001
> +#define PE_COFF_IMAGE 0x0000000000000010
>
> /* Algorithm Registry */
> #define EFI_TCG2_BOOT_HASH_ALG_SHA1 0x00000001
> @@ -25,6 +27,10 @@
> #define EFI_TCG2_BOOT_HASH_ALG_SHA512 0x00000008
> #define EFI_TCG2_BOOT_HASH_ALG_SM3_256 0x00000010
>
> +#define EFI_TCG2_FINAL_EVENTS_TABLE_VERSION 1
> +
> +#define TPM2_EVENT_LOG_SIZE CONFIG_EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
> +
> typedef u32 efi_tcg_event_log_bitmap;
> typedef u32 efi_tcg_event_log_format;
> typedef u32 efi_tcg_event_algorithm_bitmap;
> @@ -65,6 +71,68 @@ struct efi_tcg2_boot_service_capability {
> sizeof(struct efi_tcg2_boot_service_capability) - \
> offsetof(struct efi_tcg2_boot_service_capability, number_of_pcr_banks)
>
> +#define TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03 "Spec ID Event03"
> +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2 2
> +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2 0
> +#define TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2 2
> +
> +/**
> + * struct TCG_EfiSpecIdEventAlgorithmSize
> + *
> + * @algorithm_id: algorithm defined in enum tpm2_algorithms
> + * @digest_size: size of the algorithm
> + */
> +struct tcg_efi_spec_id_event_algorithm_size {
> + u16 algorithm_id;
> + u16 digest_size;
> +} __packed;
> +
> +/**
> + * struct TCG_EfiSpecIDEventStruct
> + *
> + * @signature: signature, set to Spec ID Event03
> + * @platform_class: class defined in TCG ACPI Specification
> + * Client Common Header.
> + * @spec_version_minor: minor version
> + * @spec_version_major: major version
> + * @spec_version_errata: major version
> + * @uintn_size: size of the efi_uintn_t fields used in various
> + * data structures used in this specification.
> + * 0x01 indicates u32 and 0x02 indicates u64
> + * @number_of_algorithms: hashing algorithms used in this event log
> + * @digest_sizes: array of number_of_algorithms pairs
> + * 1st member defines the algorithm id
> + * 2nd member defines the algorithm size
> + * @vendor_info_size: size in bytes for vendor specific info
> + * @vendor_info: vendor specific info
> + */
> +struct tcg_efi_spec_id_event {
> + u8 signature[16];
> + u32 platform_class;
> + u8 spec_version_minor;
> + u8 spec_version_major;
> + u8 spec_errata;
> + u8 uintn_size;
> + u32 number_of_algorithms;
> + struct tcg_efi_spec_id_event_algorithm_size digest_sizes[TPM2_NUM_PCR_BANKS];
> + u8 vendor_info_size;
> + /* U-Boot does not provide any vendor info */
> + u8 vendor_info[];
> +} __packed;
> +
> +/**
> + * struct tdEFI_TCG2_FINAL_EVENTS_TABLE
> + * @version: version number for this structure
> + * @number_of_events: number of events recorded after invocation of
> + * GetEventLog()
> + * @event: List of events of type tcg_pcr_event2
> + */
> +struct efi_tcg2_final_events_table {
> + u64 version;
> + u64 number_of_events;
> + struct tcg_pcr_event2 event[];
> +};
> +
> struct efi_tcg2_protocol {
> efi_status_t (EFIAPI * get_capability)(struct efi_tcg2_protocol *this,
> struct efi_tcg2_boot_service_capability *capability);
> @@ -73,7 +141,8 @@ struct efi_tcg2_protocol {
> u64 *event_log_location, u64 *event_log_last_entry,
> bool *event_log_truncated);
> efi_status_t (EFIAPI * hash_log_extend_event)(struct efi_tcg2_protocol *this,
> - u64 flags, u64 data_to_hash,
> + u64 flags,
> + efi_physical_addr_t data_to_hash,
> u64 data_to_hash_len,
> struct efi_tcg2_event *efi_tcg_event);
> efi_status_t (EFIAPI * submit_command)(struct efi_tcg2_protocol *this,
> diff --git a/lib/efi_loader/Kconfig b/lib/efi_loader/Kconfig
> index 29ea14b2ee2a..42970b652641 100644
> --- a/lib/efi_loader/Kconfig
> +++ b/lib/efi_loader/Kconfig
> @@ -191,6 +191,15 @@ config EFI_TCG2_PROTOCOL
> Provide a EFI_TCG2_PROTOCOL implementation using the TPM hardware
> of the platform.
>
> +config EFI_TCG2_PROTOCOL_EVENTLOG_SIZE
> + int "EFI_TCG2_PROTOCOL EventLog size"
> + depends on EFI_TCG2_PROTOCOL
> + default 4096
> + help
> + Define the size of the EventLog for EFI_TCG2_PROTOCOL. Note that
> + this is going to be allocated twice. One for the eventlog it self
> + and one for the configuration table that is required from the spec
> +
> config EFI_LOAD_FILE2_INITRD
> bool "EFI_FILE_LOAD2_PROTOCOL for Linux initial ramdisk"
> default n
> diff --git a/lib/efi_loader/efi_setup.c b/lib/efi_loader/efi_setup.c
> index e206b60bb82c..2bb2c3c7aafa 100644
> --- a/lib/efi_loader/efi_setup.c
> +++ b/lib/efi_loader/efi_setup.c
> @@ -157,12 +157,6 @@ efi_status_t efi_init_obj_list(void)
> goto out;
> }
>
> - if (IS_ENABLED(CONFIG_EFI_TCG2_PROTOCOL)) {
> - ret = efi_tcg2_register();
> - if (ret != EFI_SUCCESS)
> - goto out;
> - }
> -
> /* Initialize variable services */
> ret = efi_init_variables();
> if (ret != EFI_SUCCESS)
> @@ -189,6 +183,12 @@ efi_status_t efi_init_obj_list(void)
> if (ret != EFI_SUCCESS)
> goto out;
>
> + if (IS_ENABLED(CONFIG_EFI_TCG2_PROTOCOL)) {
> + ret = efi_tcg2_register();
> + if (ret != EFI_SUCCESS)
> + goto out;
> + }
> +
> /* Secure boot */
> ret = efi_init_secure_boot();
> if (ret != EFI_SUCCESS)
> diff --git a/lib/efi_loader/efi_tcg2.c b/lib/efi_loader/efi_tcg2.c
> index 62f2f9427b6e..b0ed76f6653d 100644
> --- a/lib/efi_loader/efi_tcg2.c
> +++ b/lib/efi_loader/efi_tcg2.c
> @@ -14,11 +14,24 @@
> #include <efi_tcg2.h>
> #include <log.h>
> #include <tpm-v2.h>
> +#include <u-boot/sha1.h>
> +#include <u-boot/sha256.h>
> +#include <u-boot/sha512.h>
> #include <linux/unaligned/access_ok.h>
> #include <linux/unaligned/generic.h>
> +#include <hexdump.h>
> +
> +struct event_log_buffer {
> + void *buffer;
> + void *final_buffer;
> + size_t pos; /* eventlog position */
> + size_t final_pos; /* final events config table position */
> + size_t last_event_size;
> + bool get_event_called;
> + bool truncated;
> +};
>
> -DECLARE_GLOBAL_DATA_PTR;
> -
> +static struct event_log_buffer event_log;
> /*
> * When requesting TPM2_CAP_TPM_PROPERTIES the value is on a standard offset.
> * Since the current tpm2_get_capability() response buffers starts at
> @@ -30,33 +43,40 @@ DECLARE_GLOBAL_DATA_PTR;
> #define properties_offset (offsetof(struct tpml_tagged_tpm_property, tpm_property) + \
> offsetof(struct tpms_tagged_property, value))
>
> -struct {
> +static const efi_guid_t efi_guid_tcg2_protocol = EFI_TCG2_PROTOCOL_GUID;
> +static const efi_guid_t efi_guid_final_events = EFI_TCG2_FINAL_EVENTS_TABLE_GUID;
> +
> +struct digest_info {
> u16 hash_alg;
> u32 hash_mask;
> -} hash_algo_list[] = {
> + u16 hash_len;
> +};
> +
> +const static struct digest_info hash_algo_list[] = {
> {
> TPM2_ALG_SHA1,
> EFI_TCG2_BOOT_HASH_ALG_SHA1,
> + TPM2_SHA1_DIGEST_SIZE,
> },
> {
> TPM2_ALG_SHA256,
> EFI_TCG2_BOOT_HASH_ALG_SHA256,
> + TPM2_SHA256_DIGEST_SIZE,
> },
> {
> TPM2_ALG_SHA384,
> EFI_TCG2_BOOT_HASH_ALG_SHA384,
> + TPM2_SHA384_DIGEST_SIZE,
> },
> {
> TPM2_ALG_SHA512,
> EFI_TCG2_BOOT_HASH_ALG_SHA512,
> - },
> - {
> - TPM2_ALG_SM3_256,
> - EFI_TCG2_BOOT_HASH_ALG_SM3_256,
> + TPM2_SHA512_DIGEST_SIZE,
> },
> };
>
> #define MAX_HASH_COUNT ARRAY_SIZE(hash_algo_list)
> +
> /**
> * alg_to_mask - Get a TCG hash mask for algorithms
> *
> @@ -76,7 +96,146 @@ static u32 alg_to_mask(u16 hash_alg)
> return 0;
> }
>
> -const efi_guid_t efi_guid_tcg2_protocol = EFI_TCG2_PROTOCOL_GUID;
> +/**
> + * alg_to_len - Get a TCG hash len for algorithms
> + *
> + * @hash_alg: TCG defined algorithm
> + *
> + * @Return: len of chosen algorithm, 0 if the algorithm is not supported
> + */
> +static u16 alg_to_len(u16 hash_alg)
> +{
> + int i;
> +
> + for (i = 0; i < MAX_HASH_COUNT; i++) {
> + if (hash_algo_list[i].hash_alg == hash_alg)
> + return hash_algo_list[i].hash_len;
> + }
> +
> + return 0;
> +}
> +
> +static u32 tcg_event_final_size(struct tpml_digest_values *digest_list)
> +{
> + u32 len;
> + int i;
> +
> + len = offsetof(struct tcg_pcr_event2, digests);
> + len += offsetof(struct tpml_digest_values, digests);
> + for (i = 0; i < digest_list->count; i++) {
> + u16 hash_alg = digest_list->digests[i].hash_alg;
> +
> + len += offsetof(struct tpmt_ha, digest);
> + len += alg_to_len(hash_alg);
> + }
> + len += sizeof(u32); /* tcg_pcr_event2 event_size*/
> +
> + return len;
> +}
> +
> +/* tcg2_pcr_extend - Extend PCRs for a TPM2 device for a given tpml_digest_values
> + *
> + * @dev: device
> + * @digest_list: list of digest algorithms to extend
> + *
> + * @Return: status code
> + */
> +static efi_status_t tcg2_pcr_extend(struct udevice *dev, u32 pcr_index,
> + struct tpml_digest_values *digest_list)
> +{
> + u32 rc;
> + int i;
> +
> + for (i = 0; i < digest_list->count; i++) {
> + u32 alg = digest_list->digests[i].hash_alg;
> +
> + rc = tpm2_pcr_extend(dev, pcr_index, alg,
This does not compile with sandbox_defconfig
lib/efi_loader/efi_tcg2.c: In function ‘tcg2_pcr_extend’:
lib/efi_loader/efi_tcg2.c:152:40: warning: passing argument 3 of
‘tpm2_pcr_extend’ makes pointer from integer without a cast
[-Wint-conversion]
152 | rc = tpm2_pcr_extend(dev, pcr_index, alg,
| ^~~
| |
| u32 {aka unsigned int}
In file included from include/efi_tcg2.h:12,
from lib/efi_loader/efi_tcg2.c:14:
include/tpm-v2.h:398:68: note: expected ‘const uint8_t *’ {aka ‘const
unsigned char *’} but argument is of type ‘u32’ {aka ‘unsigned int’}
398 | u32 tpm2_pcr_extend(struct udevice *dev, u32 index, const
uint8_t *digest);
|
~~~~~~~~~~~~~~~^~~~~~
lib/efi_loader/efi_tcg2.c:152:8: error: too many arguments to function
‘tpm2_pcr_extend’
152 | rc = tpm2_pcr_extend(dev, pcr_index, alg,
| ^~~~~~~~~~~~~~~
In file included from include/efi_tcg2.h:12,
from lib/efi_loader/efi_tcg2.c:14:
include/tpm-v2.h:398:5: note: declared here
398 | u32 tpm2_pcr_extend(struct udevice *dev, u32 index, const
uint8_t *digest);
| ^~~~~~~~~~~~~~~
Best regards
Heinrich
> + (u8 *)&digest_list->digests[i].digest,
> + alg_to_len(alg));
> + if (rc) {
> + EFI_PRINT("Failed to extend PCR\n");
> + return EFI_DEVICE_ERROR;
> + }
> + }
> +
> + return EFI_SUCCESS;
> +}
> +
> +/* tcg2_agile_log_append - Append an agile event to out eventlog
> + *
> + * @pcr_index: PCR index
> + * @event_type: type of event added
> + * @digest_list: list of digest algorithms to add
> + * @size: size of event
> + * @event: event to add
> + *
> + * @Return: status code
> + */
> +static efi_status_t tcg2_agile_log_append(u32 pcr_index, u32 event_type,
> + struct tpml_digest_values *digest_list,
> + u32 size, u8 event[])
> +{
> + void *log = event_log.buffer + event_log.pos;
> + size_t pos;
> + int i;
> + u32 event_size;
> +
> + if (event_log.get_event_called)
> + log = event_log.final_buffer + event_log.final_pos;
> +
> + /*
> + * size refers to the length of event[] only, we need to check against
> + * the final tcg_pcr_event2 size
> + */
> + event_size = size + tcg_event_final_size(digest_list);
> + if (event_log.pos + event_size > TPM2_EVENT_LOG_SIZE ||
> + event_log.final_pos + event_size > TPM2_EVENT_LOG_SIZE) {
> + event_log.truncated = true;
> + return EFI_VOLUME_FULL;
> + }
> +
> + put_unaligned_le32(pcr_index, log);
> + pos = offsetof(struct tcg_pcr_event2, event_type);
> + put_unaligned_le32(event_type, log + pos);
> + pos = offsetof(struct tcg_pcr_event2, digests); /* count */
> + put_unaligned_le32(digest_list->count, log + pos);
> +
> + pos += offsetof(struct tpml_digest_values, digests);
> + for (i = 0; i < digest_list->count; i++) {
> + u16 hash_alg = digest_list->digests[i].hash_alg;
> + u8 *digest = (u8 *)&digest_list->digests[i].digest;
> +
> + put_unaligned_le16(hash_alg, log + pos);
> + pos += offsetof(struct tpmt_ha, digest);
> + memcpy(log + pos, digest, alg_to_len(hash_alg));
> + pos += alg_to_len(hash_alg);
> + }
> +
> + put_unaligned_le32(size, log + pos);
> + pos += sizeof(u32); /* tcg_pcr_event2 event_size*/
> + memcpy(log + pos, event, size);
> + pos += size;
> +
> + /* make sure the calculated buffer is what we checked against */
> + if (pos != event_size)
> + return EFI_INVALID_PARAMETER;
> +
> + /* if GetEventLog hasn't been called update the normal log */
> + if (!event_log.get_event_called) {
> + event_log.pos += pos;
> + event_log.last_event_size = pos;
> + } else {
> + /* if GetEventLog has been called update config table log */
> + struct efi_tcg2_final_events_table *final_event;
> +
> + final_event =
> + (struct efi_tcg2_final_events_table *)(event_log.final_buffer);
> + final_event->number_of_events++;
> + event_log.final_pos += pos;
> + }
> +
> + return EFI_SUCCESS;
> +}
>
> /**
> * platform_get_tpm_device() - retrieve TPM device
> @@ -208,7 +367,7 @@ static int tpm2_get_num_pcr(struct udevice *dev, u32 *num_pcr)
> *
> * Return: true if PCR is active
> */
> -bool is_active_pcr(struct tpms_pcr_selection *selection)
> +static bool is_active_pcr(struct tpms_pcr_selection *selection)
> {
> int i;
> /*
> @@ -308,6 +467,103 @@ out:
> return -1;
> }
>
> +/**
> + * __get_active_pcr_banks() - returns the currently active PCR banks
> + *
> + * @active_pcr_banks: pointer for receiving the bitmap of currently
> + * active PCR banks
> + *
> + * Return: status code
> + */
> +static efi_status_t __get_active_pcr_banks(u32 *active_pcr_banks)
> +{
> + struct udevice *dev;
> + u32 active, supported, pcr_banks;
> + efi_status_t ret;
> + int err;
> +
> + ret = platform_get_tpm2_device(&dev);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + err = tpm2_get_pcr_info(dev, &supported, &active, &pcr_banks);
> + if (err) {
> + ret = EFI_DEVICE_ERROR;
> + goto out;
> + }
> +
> + *active_pcr_banks = active;
> +
> +out:
> + return ret;
> +}
> +
> +/* tcg2_create_digest - create a list of digests of the supported PCR banks
> + * for a given memory range
> + *
> + * @input: input memory
> + * @length: length of buffer to calculate the digest
> + * @digest_list: list of digests to fill in
> + *
> + * Return: status code
> + */
> +static efi_status_t tcg2_create_digest(const u8 *input, u32 length,
> + struct tpml_digest_values *digest_list)
> +{
> + sha1_context ctx;
> + sha256_context ctx_256;
> + sha512_context ctx_512;
> + u8 final[TPM2_ALG_SHA512];
> + efi_status_t ret;
> + u32 active;
> + int i;
> +
> + ret = __get_active_pcr_banks(&active);
> + if (ret != EFI_SUCCESS)
> + return ret;
> +
> + digest_list->count = 0;
> + for (i = 0; i < MAX_HASH_COUNT; i++) {
> + u16 hash_alg = hash_algo_list[i].hash_alg;
> +
> + if (!(active & alg_to_mask(hash_alg)))
> + continue;
> + switch (hash_alg) {
> + case TPM2_ALG_SHA1:
> + sha1_starts(&ctx);
> + sha1_update(&ctx, input, length);
> + sha1_finish(&ctx, final);
> + digest_list->count++;
> + break;
> + case TPM2_ALG_SHA256:
> + sha256_starts(&ctx_256);
> + sha256_update(&ctx_256, input, length);
> + sha256_finish(&ctx_256, final);
> + digest_list->count++;
> + break;
> + case TPM2_ALG_SHA384:
> + sha384_starts(&ctx_512);
> + sha384_update(&ctx_512, input, length);
> + sha384_finish(&ctx_512, final);
> + digest_list->count++;
> + break;
> + case TPM2_ALG_SHA512:
> + sha512_starts(&ctx_512);
> + sha512_update(&ctx_512, input, length);
> + sha512_finish(&ctx_512, final);
> + digest_list->count++;
> + break;
> + default:
> + EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
> + return EFI_INVALID_PARAMETER;
> + }
> + digest_list->digests[i].hash_alg = hash_alg;
> + memcpy(&digest_list->digests[i].digest, final, (u32)alg_to_len(hash_alg));
> + }
> +
> + return EFI_SUCCESS;
> +}
> +
> /**
> * efi_tcg2_get_capability() - protocol capability information and state information
> *
> @@ -427,7 +683,28 @@ efi_tcg2_get_eventlog(struct efi_tcg2_protocol *this,
> u64 *event_log_location, u64 *event_log_last_entry,
> bool *event_log_truncated)
> {
> - return EFI_UNSUPPORTED;
> + efi_status_t ret = EFI_SUCCESS;
> + struct udevice *dev;
> +
> + EFI_ENTRY("%p, %u, %p, %p, %p", this, log_format, event_log_location,
> + event_log_last_entry, event_log_truncated);
> +
> + ret = platform_get_tpm2_device(&dev);
> + if (ret != EFI_SUCCESS) {
> + event_log_location = NULL;
> + event_log_last_entry = NULL;
> + *event_log_truncated = false;
> + ret = EFI_SUCCESS;
> + goto out;
> + }
> + *event_log_location = (uintptr_t)event_log.buffer;
> + *event_log_last_entry = (uintptr_t)(event_log.buffer + event_log.pos -
> + event_log.last_event_size);
> + *event_log_truncated = event_log.truncated;
> + event_log.get_event_called = true;
> +
> +out:
> + return EFI_EXIT(ret);
> }
>
> /**
> @@ -450,7 +727,76 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
> u64 data_to_hash, u64 data_to_hash_len,
> struct efi_tcg2_event *efi_tcg_event)
> {
> - return EFI_UNSUPPORTED;
> + struct udevice *dev;
> + efi_status_t ret;
> + u32 event_type, pcr_index, event_size;
> + struct tpml_digest_values digest_list;
> +
> + EFI_ENTRY("%p, %llu, %llu, %llu, %p", this, flags, data_to_hash,
> + data_to_hash_len, efi_tcg_event);
> +
> + if (!this || !data_to_hash || !efi_tcg_event) {
> + ret = EFI_INVALID_PARAMETER;
> + goto out;
> + }
> +
> + ret = platform_get_tpm2_device(&dev);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + if (efi_tcg_event->size < efi_tcg_event->header.header_size +
> + sizeof(u32)) {
> + ret = EFI_INVALID_PARAMETER;
> + goto out;
> + }
> +
> + if (efi_tcg_event->header.pcr_index < 0 ||
> + efi_tcg_event->header.pcr_index > TPM2_MAX_PCRS) {
> + ret = EFI_INVALID_PARAMETER;
> + goto out;
> + }
> +
> + /*
> + * if PE_COFF_IMAGE is set we need to make sure the image is not
> + * corrupted, verify it and hash the PE/COFF image in accordance with
> + * the procedure specified in "Calculating the PE Image Hash"
> + * section of the "Windows Authenticode Portable Executable Signature
> + * Format"
> + * Not supported for now
> + */
> + if (flags & PE_COFF_IMAGE) {
> + ret = EFI_UNSUPPORTED;
> + goto out;
> + }
> +
> + pcr_index = efi_tcg_event->header.pcr_index;
> + event_type = efi_tcg_event->header.event_type;
> +
> + ret = tcg2_create_digest((u8 *)data_to_hash, data_to_hash_len,
> + &digest_list);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + ret = tcg2_pcr_extend(dev, pcr_index, &digest_list);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + if (flags & EFI_TCG2_EXTEND_ONLY) {
> + if (event_log.truncated)
> + ret = EFI_VOLUME_FULL;
> + goto out;
> + }
> +
> + /*
> + * The efi_tcg_event size includes the size component and the
> + * headersize
> + */
> + event_size = efi_tcg_event->size - sizeof(efi_tcg_event->size) -
> + efi_tcg_event->header.header_size;
> + ret = tcg2_agile_log_append(pcr_index, event_type, &digest_list,
> + event_size, efi_tcg_event->event);
> +out:
> + return EFI_EXIT(ret);
> }
>
> /**
> @@ -464,7 +810,7 @@ efi_tcg2_hash_log_extend_event(struct efi_tcg2_protocol *this, u64 flags,
> *
> * Return: status code
> */
> -efi_status_t EFIAPI
> +static efi_status_t EFIAPI
> efi_tcg2_submit_command(struct efi_tcg2_protocol *this,
> u32 input_param_block_size, u8 *input_param_block,
> u32 output_param_block_size, u8 *output_param_block)
> @@ -481,11 +827,16 @@ efi_tcg2_submit_command(struct efi_tcg2_protocol *this,
> *
> * Return: status code
> */
> -efi_status_t EFIAPI
> +static efi_status_t EFIAPI
> efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol *this,
> u32 *active_pcr_banks)
> {
> - return EFI_UNSUPPORTED;
> + efi_status_t ret;
> +
> + EFI_ENTRY("%p, %p", this, active_pcr_banks);
> + ret = __get_active_pcr_banks(active_pcr_banks);
> +
> + return EFI_EXIT(ret);
> }
>
> /**
> @@ -496,7 +847,7 @@ efi_tcg2_get_active_pcr_banks(struct efi_tcg2_protocol *this,
> *
> * Return: status code
> */
> -efi_status_t EFIAPI
> +static efi_status_t EFIAPI
> efi_tcg2_set_active_pcr_banks(struct efi_tcg2_protocol *this,
> u32 active_pcr_banks)
> {
> @@ -515,7 +866,7 @@ efi_tcg2_set_active_pcr_banks(struct efi_tcg2_protocol *this,
> *
> * Return: status code
> */
> -efi_status_t EFIAPI
> +static efi_status_t EFIAPI
> efi_tcg2_get_result_of_set_active_pcr_banks(struct efi_tcg2_protocol *this,
> u32 *operation_present, u32 *response)
> {
> @@ -532,6 +883,169 @@ static const struct efi_tcg2_protocol efi_tcg2_protocol = {
> .get_result_of_set_active_pcr_banks = efi_tcg2_get_result_of_set_active_pcr_banks,
> };
>
> +/**
> + * create_specid_event() - Create the first event in the eventlog
> + *
> + * @dev: tpm device
> + * @event_header: Pointer to the final event header
> + * @event_size: final spec event size
> + *
> + * Return: status code
> + */
> +static efi_status_t create_specid_event(struct udevice *dev, void *buffer,
> + size_t *event_size)
> +{
> + struct tcg_efi_spec_id_event *spec_event;
> + size_t spec_event_size;
> + efi_status_t ret = EFI_DEVICE_ERROR;
> + u32 active, supported;
> + int err, i;
> +
> + /*
> + * Create Spec event. This needs to be the first event in the log
> + * according to the TCG EFI protocol spec
> + */
> +
> + /* Setup specID event data */
> + spec_event = (struct tcg_efi_spec_id_event *)buffer;
> + memcpy(spec_event->signature, TCG_EFI_SPEC_ID_EVENT_SIGNATURE_03,
> + sizeof(spec_event->signature));
> + put_unaligned_le32(0, &spec_event->platform_class); /* type client */
> + spec_event->spec_version_minor =
> + TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MINOR_TPM2;
> + spec_event->spec_version_major =
> + TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_MAJOR_TPM2;
> + spec_event->spec_errata =
> + TCG_EFI_SPEC_ID_EVENT_SPEC_VERSION_ERRATA_TPM2;
> + spec_event->uintn_size = sizeof(efi_uintn_t) / sizeof(u32);
> +
> + err = tpm2_get_pcr_info(dev, &supported, &active,
> + &spec_event->number_of_algorithms);
> + if (err)
> + goto out;
> + if (spec_event->number_of_algorithms > MAX_HASH_COUNT ||
> + spec_event->number_of_algorithms < 1)
> + goto out;
> +
> + for (i = 0; i < spec_event->number_of_algorithms; i++) {
> + u16 hash_alg = hash_algo_list[i].hash_alg;
> + u16 hash_len = hash_algo_list[i].hash_len;
> +
> + if (active && alg_to_mask(hash_alg)) {
> + put_unaligned_le16(hash_alg,
> + &spec_event->digest_sizes[i].algorithm_id);
> + put_unaligned_le16(hash_len,
> + &spec_event->digest_sizes[i].digest_size);
> + }
> + }
> + /*
> + * the size of the spec event and placement of vendor_info_size
> + * depends on supported algoriths
> + */
> + spec_event_size =
> + offsetof(struct tcg_efi_spec_id_event, digest_sizes) +
> + spec_event->number_of_algorithms * sizeof(spec_event->digest_sizes[0]);
> + /* no vendor info for us */
> + memset(buffer + spec_event_size, 0,
> + sizeof(spec_event->vendor_info_size));
> + spec_event_size += sizeof(spec_event->vendor_info_size);
> + *event_size = spec_event_size;
> +
> + return EFI_SUCCESS;
> +
> +out:
> + return ret;
> +}
> +
> +/**
> + * create_final_event() - Create the final event and install the config
> + * defined by the TCG EFI spec
> + */
> +static efi_status_t create_final_event(void)
> +{
> + struct efi_tcg2_final_events_table *final_event;
> + efi_status_t ret;
> +
> + /*
> + * All events generated after the invocation of
> + * EFI_TCG2_GET_EVENT_LOGS need to be stored in an instance of an
> + * EFI_CONFIGURATION_TABLE
> + */
> + ret = efi_allocate_pool(EFI_ACPI_MEMORY_NVS, TPM2_EVENT_LOG_SIZE,
> + &event_log.final_buffer);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + memset(event_log.final_buffer, 0xff, TPM2_EVENT_LOG_SIZE);
> + final_event = event_log.final_buffer;
> + final_event->number_of_events = 0;
> + final_event->version = EFI_TCG2_FINAL_EVENTS_TABLE_VERSION;
> + event_log.final_pos = sizeof(*final_event);
> + ret = efi_install_configuration_table(&efi_guid_final_events,
> + final_event);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + return EFI_SUCCESS;
> +out:
> + return ret;
> +}
> +
> +/**
> + * efi_init_event_log() - initialize an eventlog
> + */
> +static efi_status_t efi_init_event_log(void)
> +{
> + /*
> + * vendor_info_size is currently set to 0, we need to change the length
> + * and allocate the flexible array member if this changes
> + */
> + struct tcg_pcr_event *event_header = NULL;
> + struct udevice *dev;
> + size_t spec_event_size;
> + efi_status_t ret;
> +
> + ret = platform_get_tpm2_device(&dev);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + ret = efi_allocate_pool(EFI_BOOT_SERVICES_DATA, TPM2_EVENT_LOG_SIZE,
> + (void **)&event_log.buffer);
> + if (ret != EFI_SUCCESS)
> + goto out;
> +
> + /*
> + * initialize log area as 0xff so the OS can easily figure out the
> + * last log entry
> + */
> + memset(event_log.buffer, 0xff, TPM2_EVENT_LOG_SIZE);
> + event_log.pos = 0;
> + event_log.last_event_size = 0;
> + event_log.get_event_called = false;
> + event_log.truncated = false;
> +
> + /*
> + * The log header is defined to be in SHA1 event log entry format.
> + * Setup event header
> + */
> + event_header = (struct tcg_pcr_event *)event_log.buffer;
> + put_unaligned_le32(0, &event_header->pcr_index);
> + put_unaligned_le32(EV_NO_ACTION, &event_header->event_type);
> + memset(&event_header->digest, 0, sizeof(event_header->digest));
> + ret = create_specid_event(dev, event_log.buffer + sizeof(*event_header),
> + &spec_event_size);
> + if (ret != EFI_SUCCESS)
> + goto out;
> + put_unaligned_le32(spec_event_size, &event_header->event_size);
> + event_log.pos = spec_event_size + sizeof(*event_header);
> + event_log.last_event_size = event_log.pos;
> +
> + ret = create_final_event();
> +
> +out:
> + return ret;
> +}
> +
> /**
> * efi_tcg2_register() - register EFI_TCG2_PROTOCOL
> *
> @@ -549,6 +1063,11 @@ efi_status_t efi_tcg2_register(void)
> log_warning("Unable to find TPMv2 device\n");
> return EFI_SUCCESS;
> }
> +
> + ret = efi_init_event_log();
> + if (ret != EFI_SUCCESS)
> + return ret;
> +
> ret = efi_add_protocol(efi_root, &efi_guid_tcg2_protocol,
> (void *)&efi_tcg2_protocol);
> if (ret != EFI_SUCCESS)
>
More information about the U-Boot
mailing list